explain how to run locally on macOS

readme.md

@@ -89,8 +89,18 @@ The caddy service expects to be able to bind to ports 80 and 443
 
 One simple way is to allow unprivileged users access to these low ports
 
-    echo 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee -a /etc/sysctl.conf
+If you are on linux, you can run
-    sudo sysctl -w net.ipv4.ip_unprivileged_port_start=80
+
+    $ sudo sysctl -w net.ipv4.ip_unprivileged_port_start=80
+    $ echo 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee -a /etc/sysctl.conf
+
+The first command will set privileges until reboot. The second will make those privileges permanent.
+
+If you are on macOS, using podman, you will want to run those commands in the linux virtual machine
+
+    $ podman machine ssh
+    core@localhost:~$ echo 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee -a /etc/systctl.conf
+    core@localhost:~$ sudo sysctl -w net.ipv4.ip_unprivileged_port_start=80
 
 ---
 
@@ -110,12 +120,12 @@ See [the services readme](./services/readme.md) for a guide on adding a new serv
 
 ### alpha
 
-- [x] identity provider (zitadel)
+- [ ] decide on single postgres instance or multiple
+- [ ] postgres backup (duplicity)
 - [ ] single sign-on for webdav (one user per folder)
 - [ ] single sign-on for one more service
+- [x] identity provider (zitadel)
 - [x] file backup (duplicity)
-- [ ] postgres backup (duplicity)
-- [ ] decide on single postgres instance or multiple
 - [x] reverse proxy (caddy)
 - [x] personal home pages (caddy-webdav)
 - [x] setup notifications via smtp