Systemd & Containers
Use systemd for native hosts or rootless containers for isolated deployments.
Rootless Podman
podman run --name fluxheim --replace \
-p 8080:8080 \
-v ./fluxheim.toml:/etc/fluxheim/fluxheim.toml:ro \
-v ./site:/srv/site:ro \
-v fluxheim-cache:/var/cache/fluxheim \
ghcr.io/valkyoth/fluxheim:v1.6.30Container mounts
| Mount | Recommended mode |
|---|---|
| Config | Read-only bind mount. |
| Static content | Read-only bind mount. |
| ACME state | Persistent writable volume. |
| Disk cache | Persistent writable volume sized for the cache policy. |
| Secrets | Container secret or credentials directory, not a public file. |
Systemd flow
fluxheim --config /etc/fluxheim/fluxheim.toml --check-config
sudo systemctl restart fluxheim
sudo systemctl status fluxheim
journalctl -u fluxheim -n 100 --no-pagerProduction checklist
- Pin release versions or image digests.
- Mount config and content read-only.
- Keep ACME and cache state on persistent volumes.
- Validate config against the profile you plan to run.
- Keep health checks and rollback commands ready before changing traffic.