Skip to content

Cloudflare

Installing Podman for managing containers and running container with dynamic DNS client for Cloudflare

Introduction

Podman is a Docker alternative with distinction that it is a daemonless container engine and containers created with Podman can be run by regular users without root privileges. This enhances security because if a process escapes container, it won't run on the host with root privileges but with user privileges running the container. If it's so secure, why is Docker still popular? The answer is that the daemonless architecture of Podman makes it more complex to manage, especially set up containers to run with every system start. Also there is less documentation available for Podman compared to Docker, so this post will try to summarize how to create functioning Podman host.

OS used: Debian 12
Software used: Podman 4.3.1

Obtaining Let's Encrypt certificate using Cloudflare

Introduction

HTTPS is the current standard for secure access to webpages, even in your homelab environment. However, most self-hosted applications by default use HTTP. To enable HTTPS you can use self-signed certificates, but then when accessing application, you will be prompted to trust self-signed certificate. On some devices like Android, this can be very troublesome because you need to trust self-signed certificate every time you open webpage. To solve this problem you need to add RootCA certificate to the system, which is also a troublesome process. Less troublesome solution is to use Let's Encrypt certificates. In this post, I will show you how to obtain such certificate for single host in your homelab.

UPDATE 2025-11-15: Added paragraph "Bonus - Copying certificates" at the end of article describing how to auto copy certificates to other directories.

OS used: Debian 12
Software used: certbot 2.1.0