I haven't worked much with podman, but isn't it common to create an alias for docker? And wouldn't command -v docker succeed in that case even if it uses podman?

EDIT: and why do we need podman to run as root? The way I see it the only real advantage with podman is that it can run as a non-privileged user. Would it be possible to run as a non-root user by not using some features (such as fail2ban) or are we stuck with root?

I haven't worked much with podman, but isn't it common to create an alias for docker? And wouldn't command -v docker succeed in that case even if it uses podman?

EDIT: and why do we need podman to run as root? The way I see it the only real advantage with podman is that it can run as a non-privileged user. Would it be possible to run as a non-root user by not using some features (such as fail2ban) or are we stuck with root?

Podman CLI is compatible with most of docker CLI's features, but podman it's not just an alias for docker. command -v docker won't succeed if you only install podman. Even if you alias podman to docker or install a stupid package named podman-docker which basiclly work the same as alias, this script will still work normally. The only situation this script won't work is someone install both docker and podman, and try to install mailserver to podman. In this case he need to manually edit setup.sh and set variable CRI to podman, which I will mentioned in the tutorial.

Rootless is great, but the port binding under 1024 must have root privileges, and the default podman version Centos 8 provide is 1.0.5 release around february which is too old for rootless bind ports under 1024. This feature only have minimum support now, and I'll create another pull requset after I test all the advanced feature like manage container with pod like k8s, rootless, and autodeploy.

OK fine. One thing though. I noticed you changed #/bin/sh into #!/usr/bin/env bash. I don't like that. It is likely that bash is available, but not 100% certain (this is on the host, not in the container) and even if it is there may not be a /usr/bin/env present. Can you change that, please?

Done.

Merged, thanks!

Then I will slowly write a standalone install&update management script for podman and a kubernetes YAML for autodeploy.

@OrwillT, did you manage to port it to kubernetes YAML?

Thank you for your work @OrvilleQ! 🙌

Rootless is great, but the port binding under 1024 must have root privileges

Is this for within the container or on the host mapping side? The port within the container image shouldn't matter (since it can be mapped at the host), right?
And on the outside only the CAP_NET_BIND_SERVICE capability should be needed, right?

I'm still new to podman so it could be that I totally misunderstood the whole topic. 😉

I'll create another pull requset after I test all the advanced feature like manage container with pod like k8s, rootless, and autodeploy.

Did you have any time to look into the rootless functionality?