Dear RHOKP team,
I would appreciate if you can add the following text as an additional chapter or section to our product documentation.

Having instructions on how to run RHOKP as a `systemd` service will improve the user experience and ease the usage of RHOKP. Your feedback on this is much appreciated and please don't hesitate to get back to me with any questions or concerns.

Here is the text I would like to add to the docs (please feel free to edit it in order to comply with your guidelines and policies):

Create a Podman systemd.unit using Quadlet

Podman version 4.4 or later is required to implement the Offline Knowledge Portal as a `systemd` service. If you are new to Quadlet, please see this blog by Dan Walsh for an introduction.
The following code block shows an example Quadlet which is stored in `~/.config/containers/systemd/rhokp.container`.

:~$ cat .config/containers/systemd/rhokp.container
[Unit]
Description=Red Hat Offline Knowledge Portal

[Container]
AutoUpdate=registry
ContainerName=RHOKP
Image=registry.redhat.io/offline-knowledge-portal/rhokp-rhel9:latest
PublishPort=127.0.0.1:8080:8080
PublishPort=127.0.0.1:8443:8443
Pull=newer
Secret=rhokp_access_key,type=env,target=ACCESS_KEY

[Service]
# Extend Timeout to allow time to pull the image
TimeoutStartSec=900

[Install]
# Start by default on boot
# WantedBy=multi-user.target default.target

I will explain the [Container] section line by line:

• AutoUpdate=registry
  • Indicates whether the container will be auto-updated.
  • Podman reaches out to the corresponding registry to check if the image has been updated when podman-auto-update.timer elapses.
• ContainerName=RHOKP
  • Specify a name for the running container instance.
  • This is used in the output of the podman ps command.
• Image=registry.redhat.io/offline-knowledge-portal/rhokp-rhel9:latest
  • Fully-qualified container reference.
  • Tag latest needs to be used for automatic updates to work.
• PublishPort=
  • When running the Offline Knowledge Portal on a laptop and access it from the same device bind the service to 127.0.0.1.
  • To make the Offline Knowledge Portal accessible on your network, bind it to a different IP address.
• Pull=newer
  • Pull if the image on the registry is newer than the one in the local container's storage.
  • Use this policy to check for a newer image when starting the service so you don’t have to wait for the podman-auto-update.timer to elapse.
• Secret=rhokp_access_key,type=env,target=ACCESS_KEY
  • The Offline Knowledge Portal access key is stored in a Podman secret called rhokp_access_key and mapped into the environment variable ACCESS_KEY when the container starts.
  • This way the access key does not show up in the output of a `podman inspect` command and won’t leave the system when the running container instance is being stored to a file.

For more information on these and other available options see the manpage `podman-systemd.unit(5)`.

Please note the last line where `WantedBy=` is commented out. This is useful when running this service on a laptop and you would like to start it on demand only. If you like to run this service on some server to serve the Offline Knowledge Portal to your disconnected or isolated environment, just comment in this line to have the service starting with your default target.

To generate a systemd.service out of this Quadlet I run the following commands:

:~$ systemctl --user daemon-reload
:~$ systemctl --user start rhokp.service
:~$ systemctl --user is-active rhokp.service
active