sander/Hostityourself
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix builds delegating to host Podman via CONTAINER_HOST

Browse source 
build.sh calls `podman build` inside the server container.
DOCKER_HOST is a Docker CLI variable; Podman does not use it to
automatically switch to remote mode.  Without CONTAINER_HOST set,
Podman runs locally inside the (unprivileged) container, has no
user-namespace support, and lchown fails for any layer file owned
by a non-zero GID (e.g. gid=42 for /etc/shadow).

Setting CONTAINER_HOST=tcp://podman-proxy:2375 makes Podman
automatically operate in remote mode and delegate all operations
to the host Podman service, which has the correct subuid/subgid
mappings and full user-namespace support.

https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH
This commit is contained in:
Claude 2026-03-22 10:50:41 +00:00
parent b5e6c8fcd3
commit 2fdffc0acb
No known key found for this signature in database
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
infra/docker-compose.yml
View file

@ -41,6 +41,12 @@ services:
HIY_BUILD_SCRIPT: /app/builder/build.sh
CADDY_API_URL: http://caddy:2019
DOCKER_HOST: tcp://podman-proxy:2375
# CONTAINER_HOST is the Podman-native equivalent of DOCKER_HOST.
# Setting it makes `podman` automatically operate in remote mode and
# delegate all builds/runs to the host's Podman service via the proxy,
# instead of trying to run Podman locally inside this container (which
# would fail: no user-namespace support in an unprivileged container).
CONTAINER_HOST: tcp://podman-proxy:2375
RUST_LOG: hiy_server=debug,tower_http=info
depends_on:
caddy: