alpine linux with podman
# nano /etc/apk/repositories (enable community repo)
# apk add doas
# adduser <USER> wheel
# nano /etc/doas.d/doas.conf (check if permit persist :wheel)
# nano /etc/rc.conf (uncomment rc_group_mode and set to unified)
# rc-update add cgroups && rc-service cgroups start
# apk add podman
# modprobe tun
# echo tun >>/etc/modules
# echo <USER>:100000:65536 >/etc/subuid
# echo <USER>:100000:65536 >/etc/subgid
# echo "ip_tables" >> /etc/modules
# modprobe ip_tables
# podman run --rm hello-world
allow ports < 1024 (optional)
by default, only ports >= 1024 can be exposed by non-root users. to change this, change the minimum unprivileged port in /etc/sysctl.conf:
# echo "net.ipv4.ip_unprivileged_port_start=80" >> /etc/sysctl.conf