(Fabio Alessandro Locati|Fale)'s blog
April 30, 2025
If you’ve followed my posts over the years, you know I prefer clean solutions to less clean ones for my home lab (more to come on this!). Over the past year, I settled on a pattern that gives me the isolation of Kubernetes Namespaces without any of its weight: one private Podman network per application, plus Traefik in a shared “DMZ” network that terminates TLS and forwards traffic where it needs to go.
Read More 
February 3, 2025 - Gent, BE
Read More 
December 31, 2023
Since the merge of Quadlet in Podman, I’ve been moving multiple services to Podman Systemd services. I find them to be easy to create, manage, and automate.
I recently migrated a complex system to Podman Systemd, where multiple processes write in a folder, and one process reads the folder’s content. Before the migration, everything worked properly since all the processes were running natively on the machine with the same user. After the migration, there were some permissions issues. This issue allowed me to dive a little more deeply into the whole implementation of SELinux for containers and realize a few interesting things.
Read More 
May 17, 2023
Until a few months ago, the only option to start containers from Systemd was to create a Systemd unit which called podman (or docker) with the run sub-command.
Podman was also providing podman generate systemd to easily create such Systemd file.
This has now changed. From version 4.4 of Podman, in addition to the mentioned method, it is possible to use Quadlet to simplify the execution of containers from Systemd.
Quadlet allows you to create additional kinds of Systemd units to manage your container needs:
Read More