Tried to avoid it with a hope of receiving clean lines, however, as you were insisting @revyte [:-)] so here is my snippet. But seriously, would you have any comments?
What Im doing different than @arrogantrabbit in his guide:
- explicitly creating directory for systemd files (
mkdir -p ~/.config/systemd/user) - not using “
--label "io.containers.autoupdate=registry"” (seemed not to work in my case?) - using
-e PUID=$(id -u)and-e PGID=$(id -g)instead of hard coded values of1000(not sure if this is ok, but would be my preference) - not using “
-e TZ=America/Los_Angeles” (prefer my server UTC time) - not using
:Zafter --mount (tried to used it with it as well - dont remember what was the outcome) - setting a new firewall “
storj-zone” in order to allow access to dashboard only from a specified ip (not sure if this is correct - doing it for the first time withfirewall-cmd- its probably not, because it looks I almost lost ssh access to my server)
## Change user
# We will be running containers as a user, rootless, and therefore we need to allow processes launched by our user to persist2:
sudo loginctl enable-linger user
## SELinux
# For systemd to be able to manage container add container_manage_cgroup permission3:
sudo setsebool -P container_manage_cgroup on
## Create directory for systemd files
mkdir -p ~/.config/systemd/user
## Open firewall ports
sudo firewall-cmd \
--permanent \
--add-port=$port/tcp \
--add-port=$port/udp
## Create a new zone and allow connection from desired IP in orer to access dashboard
sudo firewall-cmd --new-zone=storj --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --zone=storj --add-source=$ctlhostip/32 --permanent
sudo firewall-cmd --zone=storj --add-port=$dport/tcp --permanent
sudo firewall-cmd --reload
## Firewall check
sudo firewall-cmd --list-all
sudo firewall-cmd --get-active-zones
sudo firewall-cmd --zone=storj --list-all
## Storagenode setup
podman run --rm -e SETUP="true" \
-e PUID=$(id -u) \
-e PGID=$(id -g) \
--mount type=bind,source="$storjidlocation",destination=/app/identity \
--mount type=bind,source="$datapath",destination=/app/config \
--name $snname storjlabs/storagenode:latest
## Create
podman create \
-p $port:28967/tcp \
-p $port:28967/udp \
-p $dip:$dport:14002 \
-e WALLET="$wallet" \
-e EMAIL="$email" \
-e ADDRESS="$pip:$port" \
-e STORAGE="$ssize" \
-e STORJ_HEALTHCHECK_DETAILS="true" \
-e PUID=$(id -u) \
-e PGID=$(id -g) \
--mount type=bind,source="$storjidlocation",destination=/app/identity \
--mount type=bind,source="$storjconfiglocation",destination=/app/config \
--name $snname storjlabs/storagenode:latest --operator.wallet-features=zksync
## Generate service files
podman generate systemd \
--new --name $snname \
--restart-policy=always \
> ~/.config/systemd/user/container-$snname.service
## Remove container
podman rm $snname
## Enable and start services
systemctl --user enable container-$snname.service
systemctl --user start container-$snname.service
systemctl --user status container-$snname.service
The outcome is:
Job for container-storagenode227.service failed because the control process exited with error code.
See "systemctl --user status container-storagenode227.service" and "journalctl --user -xeu container-storagenode227.service" for details.
● container-storagenode227.service - Podman container-storagenode227.service
Loaded: loaded (/home/user/.config/systemd/user/container-storagenode227.service; enabled; preset: disabled)
Active: activating (auto-restart) (Result: exit-code) since Mon 2023-07-10 18:20:10 GMT; 18ms ago
Docs: man:podman-generate-systemd(1)
Process: 2706395 ExecStart=/usr/bin/podman run --cidfile=/run/user/1000/container-storagenode227.service.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace -p 28967:28967/tcp -p 28967:28967/udp -p someip:14>
Process: 2706438 ExecStopPost=/usr/bin/podman rm -f --ignore -t 10 --cidfile=/run/user/1000/container-storagenode227.service.ctr-id (code=exited, status=0/SUCCESS)
Main PID: 2706395 (code=exited, status=126)
$ systemctl --user status container-storagenode227.service
container-storagenode227.service - Podman container-storagenode227.service
Loaded: loaded (/home/user/.config/systemd/user/container-storagenode227.service; enabled; preset: disabled)
Active: deactivating (stop-post) (Result: exit-code)
Docs: man:podman-generate-systemd(1)
Process: 2713635 ExecStart=/usr/bin/podman run --cidfile=/run/user/1000/container-storagenode227.service.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace -p 28967:28967/tcp -p 28967:28967/udp -p someip:14>
Main PID: 2713635 (code=exited, status=126); Control PID: 2713676 (podman)
Tasks: 6 (limit: 150091)
Memory: 5.7M
CPU: 147ms
CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/container-storagenode227.service
└─2713676 /usr/bin/podman rm -f --ignore -t 10 --cidfile=/run/user/1000/container-storagenode227.service.ctr-id
Jul 10 18:30:58 hostname systemd[2567138]: Starting Podman container-storagenode227.service...
Jul 10 18:30:58 hostname podman[2713635]:
Jul 10 18:30:58 hostname podman[2713635]: 2023-07-10 18:30:58.284361915 +0000 GMT m=+0.060460683 container create b02cd874afbb8e916544f2a909c058b6fa4f10d5c9b920712958f29f6622ca5f (image=docker.io/storjlabs/storagen>
Jul 10 18:30:58 hostname podman[2713635]: 2023-07-10 18:30:58.25576147 +0000 GMT m=+0.031860278 image pull storjlabs/storagenode:latest
Jul 10 18:31:01 hostname podman[2713635]: 2023-07-10 18:31:01.319437228 +0000 GMT m=+3.095535956 container remove b02cd874afbb8e916544f2a909c058b6fa4f10d5c9b920712958f29f6622ca5f (image=docker.io/storjlabs/storagen>
Jul 10 18:31:01 hostname podman[2713635]: Error: rootlessport listen tcp 10.1.0.193:14002: bind: cannot assign requested address
lines 1-18...skipping...
● container-storagenode227.service - Podman container-storagenode227.service
Loaded: loaded (/home/user/.config/systemd/user/container-storagenode227.service; enabled; preset: disabled)
Active: deactivating (stop-post) (Result: exit-code)
Docs: man:podman-generate-systemd(1)
Process: 2713635 ExecStart=/usr/bin/podman run --cidfile=/run/user/1000/container-storagenode227.service.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace -p 28967:28967/tcp -p 28967:28967/udp -p someip:14>
Main PID: 2713635 (code=exited, status=126); Control PID: 2713676 (podman)
Tasks: 6 (limit: 150091)
Memory: 5.7M
CPU: 147ms
CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/container-storagenode227.service
└─2713676 /usr/bin/podman rm -f --ignore -t 10 --cidfile=/run/user/1000/container-storagenode227.service.ctr-id
Jul 10 18:30:58 hostname systemd[2567138]: Starting Podman container-storagenode227.service...
Jul 10 18:30:58 hostname podman[2713635]:
Jul 10 18:30:58 hostname podman[2713635]: 2023-07-10 18:30:58.284361915 +0000 GMT m=+0.060460683 container create b02cd874afbb8e916544f2a909c058b6fa4f10d5c9b920712958f29f6622ca5f (image=docker.io/storjlabs/storagen>
Jul 10 18:30:58 hostname podman[2713635]: 2023-07-10 18:30:58.25576147 +0000 GMT m=+0.031860278 image pull storjlabs/storagenode:latest
Jul 10 18:31:01 hostname podman[2713635]: 2023-07-10 18:31:01.319437228 +0000 GMT m=+3.095535956 container remove b02cd874afbb8e916544f2a909c058b6fa4f10d5c9b920712958f29f6622ca5f (image=docker.io/storjlabs/storagen>
Jul 10 18:31:01 hostname podman[2713635]: Error: rootlessport listen tcp someip:14002: bind: cannot assign requested address
Jul 10 18:31:01 hostname systemd[2567138]: container-storagenode227.service: Main process exited, code=exited, status=126/n/a
$ journalctl --user -xeu container-storagenode227.service
No journal files were found.