41 lines
972 B
Bash
Executable file
41 lines
972 B
Bash
Executable file
#!/usr/bin/bash
|
|
|
|
if [[ $(whoami) == "root" ]]; then
|
|
echo "Do not run this script as root."
|
|
exit
|
|
fi
|
|
|
|
|
|
sudo apt install -y aardvark-dns dbus-user-session nftables passt podman podman-compose python3-mako uidmap
|
|
|
|
|
|
for unit in podman.service podman.socket podman-auto-update.service podman-auto-update.timer podman-clean-transient.service podman-restart.service; do
|
|
sudo systemctl disable --now "$unit"
|
|
done
|
|
|
|
|
|
sudo loginctl enable-linger $USER
|
|
|
|
|
|
mkdir -p "$HOME/.config/systemd/user"
|
|
|
|
cp "$(dirname "$0")/podman.service" "$HOME/.config/systemd/user/podman.service"
|
|
|
|
|
|
declare -A sysctl_vars=(
|
|
[vm.overcommit_memory]=1
|
|
[net.core.wmem_max]=2500000
|
|
[net.core.rmem_max]=2500000
|
|
)
|
|
|
|
echo -n "" | sudo tee /etc/sysctl.d/podman.conf
|
|
for key in "${!sysctl_vars[@]}"; do
|
|
value="${sysctl_vars[$key]}"
|
|
echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf
|
|
sudo sysctl -p
|
|
done
|
|
|
|
|
|
systemctl enable --now nftables
|
|
systemctl --user daemon-reload
|
|
systemctl --user restart podman
|