31 lines
845 B
Plaintext
31 lines
845 B
Plaintext
[Unit]
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Container]
|
|
ContainerName=serial-terminal-server
|
|
Image=git.pyrocufflink.net/containerimages/serial-terminal-server
|
|
Pull=newer
|
|
ReadOnly=true
|
|
VolatileTmp=true
|
|
Volume=serial-logs:/var/log/serial:rw,z,U
|
|
Volume=serial-ssh:/etc/ssh:rw,z,U
|
|
Volume=/dev:/dev:rw
|
|
Volume=/etc/serterm/authorized_keys:/run/serial/.ssh/authorized_keys:ro,z,U
|
|
PublishPort=20022:20022
|
|
RunInit=true
|
|
# SELinux does not allow container_t access to devpts_t (for tmux)
|
|
SecurityLabelDisable=true
|
|
PodmanArgs=--device-cgroup-rule='c 188:* rw'
|
|
# This must be the GID of the "dialout" group on the host
|
|
# Using the group name would resolve the GID inside the container,
|
|
# which would not give the correct permissions.
|
|
PodmanArgs=--group-add=18
|
|
|
|
[Service]
|
|
Restart=always
|
|
RestartSec=2s
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|