Extend docs for podman

nezhar · nezhar · commit 019cb23b4730 · 2026-03-12T20:57:57.000+01:00
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -18,6 +18,10 @@ version: 1
 # Agent to run when no argument is given to `vp run`
 default_agent: claude
 
+# Container runtime: auto | docker | podman (default: auto)
+# See docs/podman.md for setup instructions
+container_runtime: auto
+
 # Pull the latest image before every run (default: true)
 # Can be overridden per agent with agents.<agent>.auto_pull
 auto_pull: true
@@ -105,6 +109,7 @@ These variables override the corresponding config keys without editing any file:
 
 | Variable | Config key | Example |
 |---|---|---|
+| `VP_CONTAINER_RUNTIME` | `container_runtime` | `VP_CONTAINER_RUNTIME=podman` |
 | `VP_DEFAULT_AGENT` | `default_agent` | `VP_DEFAULT_AGENT=gemini` |
 | `VP_AUTO_PULL` | `auto_pull` | `VP_AUTO_PULL=true` |
 | `VP_LOG_LEVEL` | `log_level` | `VP_LOG_LEVEL=debug` |
diff --git a/docs/index.md b/docs/index.md
@@ -1,8 +1,8 @@
 # VibePod
 
-**One CLI for all AI coding agents — running in Docker containers.**
+**One CLI for all AI coding agents — running in Docker or Podman containers.**
 
-VibePod (`vp`) lets you run any supported AI coding agent in an isolated Docker container, pointed at any workspace directory, with a single command. Agent credentials, config, and session logs are persisted across runs without touching your host environment.
+VibePod (`vp`) lets you run any supported AI coding agent in an isolated container, pointed at any workspace directory, with a single command. Agent credentials, config, and session logs are persisted across runs without touching your host environment.
 
 ## Why VibePod?
 
@@ -26,6 +26,7 @@ VibePod (`vp`) lets you run any supported AI coding agent in an isolated Docker
 ## Next Steps
 
 - [**Quickstart**](quickstart.md) — install and run your first agent in two minutes.
+- [**Using Podman**](podman.md) — set up Podman as an alternative to Docker.
 - [**Development**](development.md) — local setup, tests, and docs workflow.
 - [**Agents**](agents/index.md) — per-agent setup and credential instructions.
 - [**Configuration**](configuration.md) — full reference for global and project-level config.
diff --git a/docs/podman.md b/docs/podman.md
@@ -0,0 +1,102 @@
+# Using Podman
+
+VibePod works with [Podman](https://podman.io/) as an alternative to Docker. Rootless Podman is fully supported — no `sudo` required.
+
+## Prerequisites
+
+- Podman 4.0+
+- The rootless Podman socket enabled:
+
+```bash
+systemctl --user enable --now podman.socket
+```
+
+Verify the socket is active:
+
+```bash
+systemctl --user status podman.socket
+```
+
+## Selecting the runtime
+
+VibePod auto-detects available runtimes. If only Podman is installed, it is used automatically. When both Docker and Podman are available, VibePod prompts you to choose (and remembers your choice).
+
+You can also set the runtime explicitly using any of the methods below. They are listed in priority order — the first one found wins:
+
+### 1. CLI flag
+
+Pass `--runtime` to any command:
+
+```bash
+vp run claude --runtime podman
+vp stop --all --runtime podman
+vp logs start --runtime podman
+```
+
+### 2. Environment variable
+
+Set `VP_CONTAINER_RUNTIME` to skip the prompt entirely:
+
+```bash
+export VP_CONTAINER_RUNTIME=podman
+vp run claude
+```
+
+This is useful in CI or shell profiles where you always want a specific runtime.
+
+### 3. Global config
+
+Add `container_runtime` to `~/.config/vibepod/config.yaml`:
+
+```yaml
+container_runtime: podman
+```
+
+When VibePod prompts you to choose a runtime interactively, it saves your answer here automatically so you are not asked again.
+
+Set it back to `auto` to re-enable detection:
+
+```yaml
+container_runtime: auto
+```
+
+## How it works
+
+VibePod uses the standard [Docker SDK for Python](https://docker-py.readthedocs.io/) to communicate with Podman through its Docker-compatible REST API. No additional Python packages are needed.
+
+The rootless Podman socket is discovered via `$XDG_RUNTIME_DIR/podman/podman.sock` (falling back to `/run/user/<uid>/podman/podman.sock`). The rootful socket at `/run/podman/podman.sock` is only used when running as root.
+
+## Known limitations
+
+### Interactive attach
+
+The `attach_socket()` call in Podman's Docker-compat layer has minor gaps under rootless mode. If you experience rendering issues while attached to a container, try running with `--detach` and using `podman attach` directly:
+
+```bash
+vp run claude -d
+podman attach vibepod-claude-<id>
+```
+
+### Volume permissions
+
+Rootless Podman uses user-namespace remapping: your host UID is mapped to root inside the container, while other UIDs are mapped to subordinate ranges. Container images that drop privileges via `su` or `gosu` may encounter permission errors on bind-mounted files.
+
+VibePod handles this automatically for its own managed directories (agent config, proxy data, CA certificates) by adjusting permissions before and during container startup. Your workspace directory is mounted as-is and is not modified.
+
+If you still see permission errors on workspace files, adjust permissions for the owner first. For collaborative setups that share a group, you can optionally grant group write access as well. Avoid making the workspace world-writable.
+
+```bash
+chmod -R u+rwX ~/my-project
+# Optional for shared group workspaces:
+chmod -R g+rwX ~/my-project
+```
+
+### Rootful Podman
+
+VibePod targets rootless Podman. The rootful socket (`/run/podman/podman.sock`) is only probed when running as root. If you need rootful Podman as a non-root user, set `DOCKER_HOST` explicitly:
+
+```bash
+export DOCKER_HOST=unix:///run/podman/podman.sock
+```
+
+Note that this will require elevated privileges (e.g. via `sudo` or polkit).
diff --git a/docs/quickstart.md b/docs/quickstart.md
@@ -3,7 +3,7 @@
 ## Prerequisites
 
 - Python 3.10+
-- Docker (running)
+- Docker **or** [Podman](podman.md) (running)
 
 ## Install
 
@@ -110,5 +110,6 @@ This starts a Datasette container and opens `http://localhost:8001` in your brow
 ## Next Steps
 
 - [Configure an agent](agents/index.md) — set API keys and per-agent options.
+- [Using Podman](podman.md) — set up Podman as an alternative to Docker.
 - [Configuration reference](configuration.md) — tune defaults, the proxy, and logging.
 - [CLI Reference](cli-reference.md) — every command and flag.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -50,6 +50,7 @@ markdown_extensions:
 nav:
   - Home: index.md
   - Quickstart: quickstart.md
+  - Using Podman: podman.md
   - Development: development.md
   - Agents: agents/index.md
   - Configuration: configuration.md
