podman-rootful.yaml

images:
  - location: "https://github.com/na0x2c6/alpine-lima/releases/download/v0.2.32-std-cgroup-experimental/alpine-lima-std-3.18.0-x86_64.iso"
    arch: "x86_64"
    digest: "sha512:c2cfb8f3bbd212d7194db56683dd19aff6f9e2492c7acd9f9a7b3b42895e081114a5cd5278cfa8439941d43a9ce25d330cedee4c9d3d77c9b1723b662b400420"
  - location: "https://github.com/na0x2c6/alpine-lima/releases/download/v0.2.32-std-cgroup-experimental/alpine-lima-std-3.18.0-aarch64.iso"
    arch: "aarch64"
    digest: "sha512:2ede1039bb473bfc389789e4ca1772df90fadc276ff9129245d24e750f55e1950c137af6f0c976316e870769ee7ec53095e4f5227b55157ee3fb3c700864ee6c"

containerd:
  system: false
  user: false
provision:
  - mode: dependency
    script: |
      #!/bin/bash
      set -Eeux -o pipefail

      apk add --repository="${LIMA_ALPINE_PODMAN_REPOSITORY:-https://dl-cdn.alpinelinux.org/alpine/v3.18/community/}" podman

  - mode: dependency
    script: |
      #!/bin/bash
      set -Eeux -o pipefail
      #
      # Update qemu for stability
      #
      if [ "$LIMA_CIDATA_ROSETTA_BINFMT" = "true" ]; then
          exit 0
      fi

      # qemu-aarch64 on x86_64 and vice versa
      # Ref: https://github.com/lima-vm/alpine-lima/blob/e7967f6a7f153cd8eff7e88f0edad693cb53cfde/genapkovl-lima.sh
      OTHERARCH=aarch64
      if [ "$(uname -m)" == "${OTHERARCH}" ]; then
          OTHERARCH=x86_64
      fi
      apk add qemu-${OTHERARCH}

      # To apply updated qemu
      rc-service qemu-binfmt restart --ifstarted

  - mode: system
    script: |
      #!/bin/bash
      set -Eeux -o pipefail

      # For stability
      mkdir -p /etc/containers/containers.conf.d/
      if [[ -e /etc/containers/containers.conf.d/local.conf ]] ; then
        exit 0
      fi

      cat <<-EOF > /etc/containers/containers.conf.d/local.conf
      [engine]
      database_backend = "sqlite"
      EOF

  - mode: system
    script: |
      #!/bin/bash
      set -Eeux -o pipefail

      if grep -E -q '^podman_user' /etc/conf.d/podman ; then
        exit 0
      fi

      cat <<-EOF >>/etc/conf.d/podman
      podman_user="root"
      EOF

  - mode: system
    script: |
      #!/bin/bash
      set -Eeux -o pipefail

      rc-service podman start

  - mode: system
    script: |
      #!/bin/bash
      set -Eeux -o pipefail

      while [ ! -e /run/podman/podman.sock ] ; do sleep 1 ; done
      chmod 777 /run/podman/podman.sock

probes:
  - script: |
      #!/bin/bash
      set -Eeux -o pipefail
      if ! timeout 30s bash -c "until command -v podman >/dev/null 2>&1; do sleep 3; done"; then
        echo >&2 "podman is not installed yet"
        exit 1
      fi
    hint: See "/var/log/cloud-init-output.log" in the guest
env:
  TMPDIR: /tmp
  LIMA_ALPINE_CGROUP_MODE: unified
portForwards:
  - guestSocket: "/run/podman/podman.sock"
    hostSocket: "{{.Dir}}/sock/podman.sock"
message: |
  To run `podman` on the host (assumes podman-remote is installed), run the following commands:
  ------
  podman system connection add lima-{{.Name}} "unix://{{.Dir}}/sock/podman.sock"
  podman system connection default lima-{{.Name}}
  podman{{if eq .HostOS "linux"}} --remote{{end}} run quay.io/podman/hello
  ------
  To run `docker` on the host (assumes docker client is installed), run the following commands:
  ------
  docker context create lima-{{.Name}} --docker "host=unix://{{.Dir}}/sock/podman.sock"
  docker context use lima-{{.Name}}
  ------