No description

Shell 79.6%
Dockerfile 20.4%

Find a file

Renovate Bot 7302b0335e Add renovate.json		2026-02-06 21:06:16 +00:00
rootfs	document running the container, automatically generate config	2026-01-03 10:43:11 +01:00
build.sh	document running the container, automatically generate config	2026-01-03 10:43:11 +01:00
Dockerfile	add bash, use AWX ECR registry	2026-01-01 19:01:32 +01:00
LICENSE	add license	2026-01-01 19:36:06 +01:00
README.md	document running the container, automatically generate config	2026-01-03 10:43:11 +01:00
renovate.json	Add renovate.json	2026-02-06 21:06:16 +00:00

README.md

Yggdrasil Container

Pull using podman pull git.exu.li/exu/yggdrasil:latest

Run the container

podman run -d \
    --name=yggdrasil \
    -v yggdrasil_conf:/etc/yggdrasil \
    -v /dev/net/tun:/dev/net/tun \
    --cap-add=NET_ADMIN \
    --network=host \
    git.exu.li/exu/yggdrasil:latest

-d: Detach container console
--name=yggdrasil: Container name
-v yggdrasil_conf:/etc/yggdrasil: Persist the config file stored under /etc/yggdrasil/yggdrasil.conf in the container

Explaination of powerful capabilities:

-v /dev/net/tun:/dev/net/tun: Yggdrasil allocates a tunnel interface for the VPN
--cap-add=NET_ADMIN: Grant the container permission to manage network operations
--network=host: Expose as host network. This allows using the tunnel interface from the host and enables local listening for peers

Building

Change the variables in build.sh if necessary

Requirements

qemu-full (technically only x86_64 and/or aarch64 required, depending on your host device)
qemu-user-static
qemu-user-static-binfmt

Problems with building multi-arch images

Execute build.sh to create a manifest, build an x86_64 and aarch64 container and finally push the image to your registry

README.md

Yggdrasil Container

Tags

Building

Requirements