Fix Podman socket for rootless setup on Raspberry Pi

start.sh now activates the Podman user socket via systemctl --user if it
isn't running yet, then exports DOCKER_HOST and PODMAN_SOCK so that
podman compose (which delegates to the docker-compose plugin) can connect.

docker-compose.yml mounts ${PODMAN_SOCK} into the socat proxy container
at a fixed internal path (/podman.sock), so it works for both rootful
(/run/podman/podman.sock) and rootless (/run/user/<UID>/podman/podman.sock)
without hardcoding the UID.

https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH

infra/docker-compose.yml

@@ -7,14 +7,16 @@
 services:
 
   # ── Podman socket proxy (unix → TCP) ──────────────────────────────────────
-  # Rootful Podman socket: /run/podman/podman.sock
+  # start.sh exports PODMAN_SOCK before invoking compose, so the correct
-  # Rootless Podman socket: /run/user/<UID>/podman/podman.sock
+  # socket is used regardless of rootful vs rootless:
+  #   rootful:  /run/podman/podman.sock
+  #   rootless: /run/user/<UID>/podman/podman.sock  (start.sh sets this)
   podman-proxy:
     image: alpine/socat
-    command: tcp-listen:2375,fork,reuseaddr unix-connect:/run/podman/podman.sock
+    command: tcp-listen:2375,fork,reuseaddr unix-connect:/podman.sock
     restart: unless-stopped
     volumes:
-      - /run/podman/podman.sock:/run/podman/podman.sock
+      - ${PODMAN_SOCK}:/podman.sock
     networks:
       - hiy-net
 

infra/start.sh

@@ -59,6 +59,15 @@ EOF
 
 echo "[hiy] Generated proxy/caddy.json for ${DOMAIN_SUFFIX}"
 
+# ── Ensure Podman socket is active ────────────────────────────────────────────
+PODMAN_SOCK="/run/user/$(id -u)/podman/podman.sock"
+if [ ! -S "$PODMAN_SOCK" ]; then
+    echo "[hiy] Starting Podman socket…"
+    systemctl --user start podman.socket
+fi
+export PODMAN_SOCK
+export DOCKER_HOST="unix://${PODMAN_SOCK}"
+
 # ── Build images ───────────────────────────────────────────────────────────────
 make build