Dorian 1ea047bea1 fix: default container caps for rootless podman reliability ...

All containers now get CHOWN+FOWNER+SETUID+SETGID+DAC_OVERRIDE+NET_BIND_SERVICE
as the default cap set. Rootless podman needs these for:
- CHOWN/FOWNER/DAC_OVERRIDE: file ownership in mapped UID namespace
- SETUID/SETGID: internal user switching (entrypoint scripts)
- NET_BIND_SERVICE: port binding in network namespaces

Tested on .198: Grafana, Vaultwarden, Bitcoin Knots all start successfully.
Previously failed with "Permission denied" or "loopback adapter" errors.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-29 15:24:28 +01:00

..

.cargo

refactor: update dependencies and remove unused code

2026-03-12 00:19:30 +00:00

archipelago

fix: default container caps for rootless podman reliability

2026-03-29 15:24:28 +01:00

container

feat: container orchestration, branding overhaul, onboarding logging

2026-03-28 11:34:29 +00:00

container-init

mid coding commit

2026-01-24 22:59:20 +00:00

helpers

refactor: centralize constants, eliminate unwraps, remove dead code, resolve TODOs

2026-03-21 01:54:35 +00:00

js-engine

refactor: centralize constants, eliminate unwraps, remove dead code, resolve TODOs

2026-03-21 01:54:35 +00:00

models

mid coding commit

2026-01-24 22:59:20 +00:00

performance

Update archipelago: API, auth, container, parmanode, performance, security

2026-01-27 22:27:17 +00:00

security

feat: architecture review fixes, self-update system, CI pipeline, supply chain hardening

2026-03-25 15:52:26 +00:00

.env.example

Add comprehensive installation and setup documentation

2026-01-27 17:18:21 +00:00

.env.production

Update README and configuration for macOS support

2026-01-28 11:12:19 +00:00

Cargo.lock

feat: container orchestration, branding overhaul, onboarding logging

2026-03-28 11:34:29 +00:00

Cargo.toml

chore: remove dead core/parmanode crate

2026-03-26 15:33:13 +00:00