Personal Homelab
krasovs.ky
1[Unit]
2Description=Glance Quadlet
3Requires=podman.socket
4After=podman.socket
5
6[Container]
7Image=docker.io/glanceapp/glance
8AutoUpdate=registry
9ContainerName=glance
10
11User=1000:1000
12UserNS=keep-id:uid=1000,gid=1000
13
14Secret=glance-github-token,type=env,target=GITHUB_TOKEN
15
16Label="glance.name=Glance"
17Label="glance.icon=di:glance"
18Label="glance.url=https://glance.${base_domain}"
19Label="glance.description=Homelab Dashboard"
20Label="glance.hide=false"
21
22Label="traefik.enable=true"
23Label="traefik.http.routers.glance.rule=Host(`glance.${base_domain}`)"
24Label="traefik.http.routers.glance.middlewares=oauth2-proxy@file"
25Label="traefik.http.routers.glance.priority=1"
26Label="traefik.http.routers.glance-auth.rule=Host(`glance.${base_domain}`) && PathPrefix(`/oauth2/`)"
27Label="traefik.http.routers.glance-auth.service=oauth2-proxy"
28Label="traefik.http.routers.glance-private.rule=Host(`glance.${base_domain}`) && (ClientIP(`10.88.0.0/15`) || ClientIP(`192.168.0.0/16`))"
29Label="traefik.http.routers.glance-private.priority=2"
30
31Volume=%E/glance:/app/config:Z
32Volume=/var/mnt/docker/app_data/glance/assets:/app/assets:Z
33Volume=%t/podman/podman.sock:/var/run/docker.sock
34
35Network=reverse-proxy.network
36
37# Disable label security to access Podman socket.
38SecurityLabelDisable=true
39
40[Service]
41TimeoutStartSec=900
42Restart=always
43
44[Install]
45WantedBy=multi-user.target default.target