[Unit]
Description=Rootless Podman-in-Podman

[Container]
Image=quay.io/podman/stable
ContainerName=dind
AutoUpdate=registry
SecurityLabelDisable=true
Unmask=ALL
AddDevice=/dev/fuse
HealthCmd=podman info || exit 1
HealthInterval=5s
HealthTimeout=3s
HealthRetries=5
User=podman
Volume=/var/containers/dind/data:/home/podman/.local/share/containers:Z
Volume=/var/run/dind:/var/run/1000:z
Exec=sh -c "podman system service --time=0 unix:///var/run/1000/docker.sock & PID=$!; while [ ! -S /var/run/1000/docker.sock ]; do sleep 0.1; kill -0 $PID 2>/dev/null || exit 1; done && chmod 0666 /var/run/1000/docker.sock && wait $PID"

[Service]
Restart=always
RestartSec=10s

[Install]
WantedBy=default.target