I have a Debian 12 server with user1 and user2.
user1 is running podman with container11 and container12.
user2 is running podman with container21 and container22.
podman is in both cases rootless and user1 and user2 have no access to each other's files.
I do the separation because of security reasons.
I'm using podman-compose. Each user has it's own docker-compose.yaml
container11 has a port exposed to localhost as you can see in the docker-compose.yaml file:
ports:
- 127.0.0.1:3306:3306
I need a solution, that container21 can reach this port.
How can I do that the most secure way?
I already tried to use host.containers.internal in container21 but I realized, that this doesn’t work, because podman runs rootless.
Can I maybe add a permission to container21 to reach port 3306 of localhost?