From cee0ac66268dd1b4be7dd16f4caa28690d9c8bff Mon Sep 17 00:00:00 2001
From: Tracey Jaquith <tracey@archive.org>
Date: Fri, 23 Feb 2024 00:14:20 -0800
Subject: [PATCH] podman getting closer

---
 README.md         | 2 ++
 bin/entrypoint.sh | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index aa60ddf..7461edb 100644
--- a/README.md
+++ b/README.md
@@ -29,8 +29,10 @@ This will "bootstrap" your cluster with a private, unique `NOMAD_TOKEN`,
 and `podman run` a new container with the hind service into the background.
 
 ```bash
+sudo mkdir -p -m777 /pv/CERTS
 sudo podman run --net=host --privileged -v /var/lib/containers:/var/lib/containers --cgroupns=host \
   -e FQDN=$(hostname -f) -e HOST_UNAME=$(uname) \
+  -v /pv/CERTS:/pv/CERTS \
   --rm --name hind --pull=always ghcr.io/internetarchive/hind:podman
   # xxx :main
 ```
diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh
index 03484eb..2471367 100755
--- a/bin/entrypoint.sh
+++ b/bin/entrypoint.sh
@@ -18,7 +18,7 @@ if [ ! -e $CONFIG ]; then
   else
     ARGS+=(--net=host)
   fi
-  podman run $ARGS --privileged -v /var/lib/containers:/var/lib/containers --restart=unless-stopped --name hindup -v /pv/CERTS:/root/.local/share/caddy -d hind > /dev/null
+  podman run $ARGS --privileged -v /var/lib/containers:/var/lib/containers --cgroupns=host --restart=unless-stopped --name hindup -v /pv/CERTS:/root/.local/share/caddy -d hind > /dev/null
 
 
   if [ ! $FIRST ]; then