diff --git a/podman/containers/files/files_unprivileged_ports.jinja b/podman/containers/files/files_unprivileged_ports.jinja
new file mode 100644
index 0000000..3093811
--- /dev/null
+++ b/podman/containers/files/files_unprivileged_ports.jinja
@@ -0,0 +1,3 @@
+{%- for port in UNPRIVILEGED_PORTS %}
+net.ipv4.ip_unprivileged_port_start={{ port }}
+{%- endfor %}
diff --git a/podman/containers/npm.sls b/podman/containers/npm.sls
index 21b8f79..26246e3 100644
--- a/podman/containers/npm.sls
+++ b/podman/containers/npm.sls
@@ -42,7 +42,10 @@ podman_containers_npm_letsencrypt_dir:
 podman_containers_npm_privileged_ports:
   file.managed:
     - name: /etc/sysctl.d/podman.conf
-    - text: |
-        net.ipv4.ip_unprivileged_port_start=80
-        net.ipv4.ip_unprivileged_port_start=443
-        net.ipv4.ip_unprivileged_port_start=81
+    - source: salt://{{ tpldir }}/files/files_unprivileged_ports.jinja
+    - template: jinja
+    - context:
+        UNPRIVILEGED_PORTS: [22, 80, 81, 443]
+    - user: root
+    - group: root
+    - mode: '0644'