Migrate from Docker on Debian to Podman on Rocky

- Upgrade base OS from Debian 11 to Rocky Linux 9
- Configure 100GB XFS filesystem with auto-expansion
- Replace Docker with rootless Podman for improved security
- Add nginx reverse proxy for non-privileged port handling
- Move the Traefik dashboard from port 8443 to 9443
- Configure SELinux contexts for container operations

Vagrantfile

@@ -14,9 +14,13 @@ else
   File.write(".playbook", PLAYBOOK)
 end
 
-# Debian 11
+# Optionally allow more verbosity in Ansible
+VAGRANT_ANSIBLE_VERBOSE=ENV["VAGRANT_ANSIBLE_VERBOSE"] || false
+
 Vagrant.configure("2") do |config|
-  config.vm.box = "debian/bullseye64"
+  config.vm.box = "rockylinux/9"
+  config.vm.hostname = "fritadev"
+  config.vm.disk :disk, size: "100GB", primary: true
   config.vm.synced_folder ".", "/vagrant", disabled: true
   config.vm.network "private_network", type: "dhcp"
 
@@ -29,6 +33,7 @@ Vagrant.configure("2") do |config|
     libvirt.cpus = 2
     libvirt.memory = 4096
     libvirt.default_prefix = ""
+    libvirt.machine_virtual_size = 100
   end
 
   # Set VirtualBox settings
@@ -37,11 +42,24 @@ Vagrant.configure("2") do |config|
     vbox.memory = 4096
   end
 
+  # Expand XFS rootfs
+  config.vm.provision "shell", inline: <<-SHELL
+    set -xe
+    df -h /
+    dnf install -y cloud-utils-growpart
+    PART="$(findmnt -n -o SOURCE /)"
+    DISK="$(lsblk -n -o PKNAME "$PART")"
+    NUM="$(lsblk -n -o KNAME "$PART" | sed 's/.*[^0-9]//')"
+    growpart "/dev/$DISK" "$NUM" && \
+    xfs_growfs /
+    df -h /
+  SHELL
+
   # Provision with Ansible
   config.vm.provision "ansible" do |ansible|
     ENV['ANSIBLE_ROLES_PATH'] = File.dirname(__FILE__) + "/roles"
     ansible.compatibility_mode = "2.0"
     ansible.playbook = "dev/" + PLAYBOOK + ".yml"
+    ansible.verbose = VAGRANT_ANSIBLE_VERBOSE
   end
-
 end