PrivateBin : grande simplification, volumes inpermanents en tmpfs, etc.

podman-privatebin/05_freshinstall.sh

@@ -14,5 +14,4 @@ if podman volume exists ${srvdata_volume}; then
 fi
 
 podman volume create ${srvdata_volume}
-podman unshare chown -R 65534:82 `get_podman_volume_path ${srvdata_volume}`
 ${ABSDIR}/10_install.sh

podman-privatebin/10_install.sh

@@ -15,17 +15,12 @@ fi
 if ! podman image exists "${privatebin_image}":"${privatebin_version}"; then
     podman image pull "${privatebin_image}":"${privatebin_version}" || exit 1
 fi
-podman volume create ${run_volume} &&
-podman volume create ${tmp_volume} &&
-podman volume create ${varlibnginxtmp_volume} &&
-podman unshare chown -R 65534:82 `get_podman_volume_path ${run_volume}` &&
-podman unshare chown -R 65534:82 `get_podman_volume_path ${varlibnginxtmp_volume}` &&
 podman container run -d --read-only --name ${container_name} \
        -p ${listen_if}:${listen_port}:8080 \
-       -v ${run_volume}:/run:Z \
-       -v ${tmp_volume}:/tmp:Z \
-       -v ${srvdata_volume}:/srv/data:Z \
-       -v ${varlibnginxtmp_volume}:/var/lib/nginx/tmp:Z \
+       --mount=type=tmpfs,destination=/run,U=true \
+       --mount=type=tmpfs,destination=/tmp \
+       --mount=type=tmpfs,destination=/var/lib/nginx/tmp,U=true \
+       -v ${srvdata_volume}:/srv/data:UZ \
        "${privatebin_image}":"${privatebin_version}" &&
 ( podman container logs -f ${container_name} 2>&1 & ) | grep -q 'NOTICE: ready to handle connections' &&
 podman container stop ${container_name} &&

podman-privatebin/vars.sh

@@ -12,7 +12,3 @@ project_name=${PWD##*/}
 container_name="${project_name}"
 service_name="container-${container_name}.service"
 srvdata_volume='privatebin-data'
-varlibnginxtmp_volume='privatebin-var-lib-nginx-tmp'
-run_volume='privatebin-run'
-tmp_volume='privatebin-tmp'
-nonpersistent_volumes="${varlibnginxtmp_volume} ${run_volume} ${tmp_volume}"