This will reject connections from anywhere except 127.0.0.1, i.e., the
pod's network namespace.
This makes password authentication properly obsolete, instead of just
hiding the password (but still never authenticating with it), but
required a change upstream:
https://github.com/docker-library/postgres/pull/859
If localhost is specified in the proxyPass url, nginx will happily
resolve IPv6 addresses, even if the upstream doesn't support them.
This can result in connection issues, especially with containers that
don't support IPv6.
Podman pods make this obsolete; though we need to explicitly set
slirp4netns, otherwise podman will not create private network
namespaces for the pods.
In a nutshell:
- Apotheosis
- Don't clutter the world with super tall reed
- Don't ruin spawners - it's nice to build buildings in more
locations
- Ice and fire
- *Really* tone down the griefing and amount of spawns
- Iron furnaces
- *Hopefully* disable the annoying update chat messages
- Quark
- Disable matrix enchanting so that apotheosis works
This removes all existing services as well, in preparation of moving
them to `podman`. These are easier to update to
virtualisation.oci-containers while retaining the "networks" through
pods.