#!/bin/sh
echo "Installing Podman..."

apk add podman iptables podman-compose
rc-update add cgroups
rc-service cgroups start

# Rootless mode
adduser -D podman
modprobe tun
echo tun >> /etc/modules
echo podman:100000:65536 > /etc/subuid
echo podman:100000:65536 > /etc/subgid
doas su -c "podman system migrate" podman

# Get rid of podman compose docker warning
touch /etc/containers/nodocker

# Fix shared mount with local service
cat << EOF > /etc/local.d/mount-rshared.start
#!/bin/sh 
mount --make-rshared /
EOF

chmod +x /etc/local.d/mount-rshared.start

# Allow ports >= 53 to be rootless bound, persistent
echo "net.ipv4.ip_unprivileged_port_start=53" >> /etc/sysctl.d/podman.conf
sysctl -p /etc/sysctl.d/podman.conf