Finally get proxmox/microos/docker to work

core-os-podman/.docker/ca.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC+DCCAeCgAwIBAgIUCRIID4EUpDPg9Yf8QUaTITRWOKMwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJRG9ja2VyLUNBMB4XDTI1MDQyMDEzMDIzOVoXDTI2MDQy
+MDEzMDIzOVowFDESMBAGA1UEAwwJRG9ja2VyLUNBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA0M5kRHJlQvXRnsCEbd0wH45phnJUwK6MB+Osg5smx8I/
+nCMKPVIMPfMGkQiA4uGPLiArfdxM8EDSpuxNRq4AoHnsCmVkHb2z0Jr0NG8Ojo/H
+/zb2EbA2s6ULoVVVHl+YqvWdyxocbvO8k06B8JWo8O5t9jdD3VJnd10m3Q/3U9Ms
+yLe+XSm2w1mBwYy6+5sRgDPsptTxa7k4lZIH2H6Xb7rPgIQxgPabIDXASBPdHD5x
+tsBRTQvc/n1iCo33aFBH6GHIMINSKtJLPAXG9uHqaYQzCkrBEIpLT+wNJ9DV22kI
+PCgk4JHj1W2tnE7gTui8I4z8UGtpgK9V+SCTDPC7VQIDAQABo0IwQDAPBgNVHRMB
+Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUJI5YNo15YDQyLGX8
+TY3za1cMrhcwDQYJKoZIhvcNAQELBQADggEBADPN14GX6xrtyGLffNj9UJkIJM49
+H1MT5Q9/xWTRH7livq/ZXPsfRliV5DxwuGgWZwnYJSFUTC3ozCjvuTc6x2sW8Cq6
+bslkkHRPygYrYHy/wwejf32pQ1Jt/Hrx5bJrNee2F3pd+KseqBd3Sm23Brdd1YWr
+ow4vApYd2JLTCP2G5XWUN+vhaOgnWOBJPpk3S9yUR0ocr4Hzl5B8EXpGkaHb9QHI
+yRtUT2yLcun9qKPEDHgE8WWUwiW+mtH31VPLNVzqqoB0Rv0dWveXm1hP5uxGMK8g
+EQ521bHalW95tAsMCXVanEQKJw8DqKa24ljBGdR+Ja3sh1k8GOTgKIzp1O0=
+-----END CERTIFICATE-----

core-os-podman/.docker/cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAfGgAwIBAgIUM96AXB5F2mKW3i5msm8VwLKYgBIwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJRG9ja2VyLUNBMB4XDTI1MDQyMDEzMDIzOVoXDTI2MDQy
+MDEzMDIzOVowFDESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAoLAdb+g4mMvUZfZ9PHcd4Z6yiaUdi+TPKphQov+NtnU9
+qAqoYOWTLhYW6P1OeSMwaKnYdRVvafajk2mXFPbcgpMnd1eE+jutrAgE+9a9zqfS
+nSFFloqlHA75GpAbS5cB5Xvaj5mBMItMdfi34t/j4V8VHpLqV7obVHoMHtQwf0aY
+LLuCADMtW3XnWyNzL/yKN+HpyCDMIhm98csC6HTi1gHrSCkDlV5hhwQ6QyQ1gPbu
+3/XxGTyYTgjFGfY8PsMBzR8+VZDTR1edu/2+ofBgjy7FR8njcxwa4l2FrhRr3bLx
+o8mtbxUY1QJE11BwpEBApXtobIptkt6b1aEjpc14nwIDAQABo1MwUTAPBgNVHREE
+CDAGhwR/AAABMB0GA1UdDgQWBBRKx6l7qTFRQTzjcOXH+p3ao/2vnzAfBgNVHSME
+GDAWgBQkjlg2jXlgNDIsZfxNjfNrVwyuFzANBgkqhkiG9w0BAQsFAAOCAQEAPqWg
+T1fg9bCjYpCsU6uMTPvr7Tsy1qBryC9xHSJsmFcIgFfU/lPRN9lttl9jNg+xadpr
+O43HeSsTzk8OsmXzKOF6RbpecovWBk6fn13B+LBwsz7uUfxPHqHALHUwB7wLPwb9
+oZckUGSCDzLdncOrMjaxT/MBZ94eYvZ7R7WJ8id6fzo71CI9JJ7x/fYoNSXR0SYE
+vdkiL1eWiSYvZAgs55n2e+iDoU1/LyoDwQnYmlPKT/nBRntdAaRoIXaKburgZTGY
+jd6OR7r++T74KluoCGJA/rpI4yyB5q3iIkt+Lfcu6bhCJuGnxkkCRh7hel70Izt1
+KW9jC9sem2/7mGEH6w==
+-----END CERTIFICATE-----

core-os-podman/.docker/key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCgsB1v6DiYy9Rl
+9n08dx3hnrKJpR2L5M8qmFCi/422dT2oCqhg5ZMuFhbo/U55IzBoqdh1FW9p9qOT
+aZcU9tyCkyd3V4T6O62sCAT71r3Op9KdIUWWiqUcDvkakBtLlwHle9qPmYEwi0x1
++Lfi3+PhXxUekupXuhtUegwe1DB/Rpgsu4IAMy1bdedbI3Mv/Io34enIIMwiGb3x
+ywLodOLWAetIKQOVXmGHBDpDJDWA9u7f9fEZPJhOCMUZ9jw+wwHNHz5VkNNHV527
+/b6h8GCPLsVHyeNzHBriXYWuFGvdsvGjya1vFRjVAkTXUHCkQECle2hsim2S3pvV
+oSOlzXifAgMBAAECggEAIjsCOlmk3N/nAkWNDjlt0ydkbzAOaEO44iEKZH6+KJU3
+KjoC/olJXjL0dHOpqOKXKGSuKNsFHfSdigSfW6bu+J3ydVjeihP2fkRDE4b+biyQ
+EEsLMPOeEqkZ5c+3ENY9YC6PM7IGtFmoUyVFvv3k5JjFvfqcE04hDlDljhezsRj4
+2fTG5vHOC/rtVRxov5Fy2rL33+bRBKkZ3CTku2H306/3A0Qgml1/4HwzrMD9FpSM
+K27tHGKKb4u4iXxpSAMvHt2uZR/DFe8n4MnIvWFTeIaYRnXwHLUAMSKhhKFOA4BU
+6juksZ9quU5awKI1l0k+j+7zJP9v+HGULiK52v5XmQKBgQDiPqEQu4nP35HrslNY
+hUWRZfkcqfKaT45iSeNLrB2LcWNobE52pWdhb6UUvnrzcBZGL4EKgt+wxg/idPJU
+FUYgGS0tGRgsSbJ5HURpoaTz1LMgPpDYbWegZgfcbnluhrWDQ3AAUtkh53B+K/ZM
+M4GaxY98C1/1Lq2ZgI9p3U11ywKBgQC10kZcluOfD23L8kZcWYQK/S/+FFuLAP1B
+tG8GdsSIfKmcRPUo3UvNuGwblJodYcSSUZlAq5pyLI93L+rc81Sqp6ne3l0uELFN
+xNDP0Wf/BamjEq5CerER1cjlWggxFvz7wtO1fD5g8CdLD6xlp8IUZ9fFEQFOBGiF
+gCmVATZN/QKBgDDXXGYEVmft186OHLgLbU1KOlEZzynI6vAFC3CWo3oq7E7qsrWi
+V4MNWxHzXQ+YrvZP4wel4SyEVYGJxZapUQ404S/PLwzAjCrhSpeTMc0BqfnYB+Tx
+GWHjJOdNYiGeKyk/MbqgKAfNstdKHk2tANmstKEOw5Rmk0uEGXG9OK+pAoGAfbJX
+2EysIdttwW/FerSb12j/07xJKQjPDKxrkOFsrxrXuuPlRJHwhND5U/vgq21akvj8
+ZLv9su7hY7lpucQzBSOSCTRa4KzDlor4/KK9LY3Bn64bcHQXk8fi8cPTI/TLglVH
+PREeoq+Dyp2URla6kpbTkTZXW5MqmxhmJs/GthUCgYA8sqcJ3wrEyUreAkFRPmHg
+0g5T+TAn36bMotOVo1bcssGZ5lPdL9ovkGdCnihaA2JM2ARNr7mAjBBRnZqGMJmJ
++yQKv9crpXpgXek6T7fJL9rB1QHfNs5B5ML3zEaXXQEdVNZ2d+kVWIK0vahEKCzI
++KbMyrLmU3OK5Uw8j1BYyg==
+-----END PRIVATE KEY-----

core-os-podman/.terraform.lock.hcl

@@ -0,0 +1,24 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/kreuzwerker/docker" {
+  version     = "3.3.0"
+  constraints = "3.3.0"
+  hashes = [
+    "h1:k8GXhkwSf8Z9v3qtTly08YG0g34Ba/z/91NG7c96HI8=",
+    "zh:020dafbe84cb7cf2a6bc8a331a45197cf3f09ac9ba1386e8d40aa422144dfd1e",
+    "zh:0927127ae0b51232b9d2fa24242786b506fcbb51cebf19a3ed3bc4ab27a0ab77",
+    "zh:111dcf8617aac71f28d9bdda9c201f0a1c9bc12038944caefd0e200e7efea5eb",
+    "zh:12f431b2485f60477ebf68529de6d019425a16580a84f19369e164be8f309e46",
+    "zh:16be6f3841e7e1c38e254be0ecdf5cb890bf270c3a14cf0ed507d66519de860f",
+    "zh:31a10c5f99902c4a635f79d25d24c3fe0ebc5808776f9f469e979dabaae02e63",
+    "zh:4a5561a8c45e4171f820d165828bee1313b358a459202efba20a9ee3fda53596",
+    "zh:73157332ceb69175562407bc87a8150f29c68bfa1e96e8542ae4449f281f0837",
+    "zh:7a376f0dfd81df8612eb829532802e23a84cd9b2905cfc4ed0e38eb81b92400f",
+    "zh:89c3b4f2cb51738111ea49a1ec7c157dfadcd4589619eca4c71e6070deadffc4",
+    "zh:b2ad62be31ff5aafecdef76db75dc6521ff2374ef3c54cac5edd0c121488eaba",
+    "zh:bf2eb6659c5db904bad46e0c34f37c2e37eb0cac8294e5831ab091c8b5909d35",
+    "zh:c97c63343d0368171f9090b724f37e6b24cf061e91db0b4bf008b8e00974544a",
+    "zh:cf34a8b522bb8c4857dc9b728dbd931729f58b62b5f68a756e16f77cf0e5155e",
+  ]
+}

core-os-podman/dockerx-proxmox.bat

@@ -0,0 +1,6 @@
+docker ^
+  --tlsverify ^
+  -H=127.0.0.1:3000 ^
+  --tlscacert=.docker\ca.pem ^
+  --tlscert=.docker\cert.pem ^
+  --tlskey=.docker\key.pem %*

core-os-podman/dozzle-podman.tf

@@ -0,0 +1,34 @@
+data "docker_registry_image" "dozzle" {
+  name = "amir20/dozzle:latest"
+}
+
+resource "docker_image" "dozzle" {
+  name = data.docker_registry_image.dozzle.name
+  pull_triggers = [data.docker_registry_image.dozzle.sha256_digest]
+}
+
+resource "docker_container" "dozzle" {
+  image = docker_image.dozzle.image_id
+  name = "dozzle"
+  restart = "always"
+
+  mounts {
+    target = "/var/run/docker.sock"
+    source = "/var/run/docker.sock"
+    type = "bind"
+    read_only = true
+  }
+
+  networks_advanced {
+    name = docker_network.container-public.name
+    ipv4_address = "192.168.3.10"
+  }
+
+
+  lifecycle {
+    ignore_changes = [
+      ulimit,
+      log_opts
+    ]
+  }
+}

core-os-podman/proxmox_100_podman.tf

@@ -0,0 +1,32 @@
+terraform {
+  required_providers {
+    docker = {
+      source  = "kreuzwerker/docker"
+      version = "3.3.0"
+    }
+  }
+}
+
+provider "docker" {
+  host      = "tcp://127.0.0.1:3000"
+  cert_path = pathexpand(".docker")
+
+  registry_auth {
+    address = "gitea.rescla.me"
+    username = "rescla"
+    password = "9c84612c4b053e2ec663cde03da730b6a01304e8"
+  }
+}
+
+resource "docker_network" "bridge" {
+  name = "bridge"
+}
+
+resource "docker_network" "container-public" {
+  name = "container-public"
+  ipam_config {
+    subnet = "192.168.3.0/24"
+    gateway = "192.168.3.1"
+    ip_range = "192.168.3.128/25"
+  }
+}