super close now

internetarchive · Feb 23, 2024 · e86f3b9 · e86f3b9
1 parent cee0ac6
commit e86f3b9
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 1 deletion.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -5,3 +5,4 @@ jobs:
     with:
       PLATFORMS: 'linux/amd64, linux/arm64'
       NO_TEST: true
+      NOMAD_VAR_NO_DEPLOY: true
diff --git a/README.md b/README.md
@@ -20,6 +20,8 @@
 
 Installs `nomad`, `consul`, and `caddyserver` (router) together as a mini cluster running inside a `podman` container.
 
+(OK so we are now Hashistck-in-Docker _container_ :)
+
 Nomad jobs will run as `podman` containers on the VM itself, orchestrated by `nomad`, leveraging `/var/lib/containers`.
 
 The _brilliant_ `consul-template` will be used as "glue" between `consul` and `caddyserver` -- turning `caddyserver` into an always up-to-date reverse proxy router from incoming requests' Server Name Indication (SNI) to running containers :)

diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh
@@ -18,7 +18,8 @@ if [ ! -e $CONFIG ]; then
   else
     ARGS+=(--net=host)
   fi
-  podman run $ARGS --privileged -v /var/lib/containers:/var/lib/containers --cgroupns=host --restart=unless-stopped --name hindup -v /pv/CERTS:/root/.local/share/caddy -d hind > /dev/null
+  # the --net=host seems to be needed to be run legit *outside* the container (and/or manually!?) xxx
+  podman run $ARGS --privileged -v /var/lib/containers:/var/lib/containers --net=host --cgroupns=host --restart=unless-stopped --name hindup -v /pv/CERTS:/root/.local/share/caddy -d hind > /dev/null
 
 
   if [ ! $FIRST ]; then