diff --git a/package/confd/confd.mk b/package/confd/confd.mk
index a76400bd2..9630a91a7 100644
--- a/package/confd/confd.mk
+++ b/package/confd/confd.mk
@@ -4,7 +4,6 @@
 #
 ################################################################################
 
-
 CONFD_VERSION = 1.0
 CONFD_SITE_METHOD = local
 CONFD_SITE = $(BR2_EXTERNAL_INFIX_PATH)/src/confd
@@ -17,13 +16,13 @@ CONFD_AUTORECONF = YES
 CONFD_SYSREPO_SHM_PREFIX = sr_buildroot$(subst /,_,$(CONFIG_DIR))_confd
 
 define CONFD_CONF_ENV
-CFLAGS="$(INFIX_CFLAGS)"
+	CFLAGS="$(INFIX_CFLAGS)"
 endef
 
 ifeq ($(BR2_PACKAGE_PODMAN),y)
-CONFD_CONF_OPTS += --enable-containers
+	CONFD_CONF_OPTS += --enable-containers
 else
-CONFD_CONF_OPTS += --disable-containers
+	CONFD_CONF_OPTS += --disable-containers
 endif
 
 define CONFD_INSTALL_EXTRA
@@ -33,24 +32,40 @@ define CONFD_INSTALL_EXTRA
 	mkdir -p $(TARGET_DIR)/etc/avahi/services
 	cp $(CONFD_PKGDIR)/avahi.service $(TARGET_DIR)/etc/avahi/services/netconf.service
 endef
-define CONFD_INSTALL_YANG_MODULES
-	USE_CONTAINERS=$(BR2_PACKAGE_PODMAN) \
+
+COMMON_SYSREPO_ENV = \
 	SYSREPO_SHM_PREFIX=$(CONFD_SYSREPO_SHM_PREFIX) \
 	SYSREPOCTL_EXECUTABLE="$(HOST_DIR)/bin/sysrepoctl" \
 	SYSREPOCFG_EXECUTABLE="$(HOST_DIR)/bin/sysrepocfg" \
-	SEARCH_PATH="$(TARGET_DIR)/usr/share/yang/modules/confd/" \
-	$(@D)/scripts/setup.sh
+	SEARCH_PATH="$(TARGET_DIR)/usr/share/yang/modules/confd/"
+
+define CONFD_INSTALL_YANG_MODULES
+	$(COMMON_SYSREPO_ENV) \
+	$(BR2_EXTERNAL_INFIX_PATH)/utils/yang_modules_setup.sh $(CONFD_PKGDIR)/yang_modules_confd.inc
+endef
+
+ifeq ($(BR2_PACKAGE_PODMAN),y)
+define CONFD_INSTALL_YANG_MODULES_CONTAINERS
+	$(COMMON_SYSREPO_ENV) \
+	$(BR2_EXTERNAL_INFIX_PATH)/utils/yang_modules_setup.sh $(CONFD_PKGDIR)/yang_modules_containers.inc
 endef
+endif
+
 define CONFD_PERMISSIONS
-/etc/sysrepo/data/ r 660 root wheel - - - - -
-/etc/sysrepo/data  d 770 root wheel - - - - -
+	/etc/sysrepo/data/ r 660 root wheel - - - - -
+	/etc/sysrepo/data  d 770 root wheel - - - - -
 endef
 
 define CONFD_CLEANUP
 	rm -f /dev/shm/$(CONFD_SYSREPO_SHM_PREFIX)*
 endef
+
 CONFD_PRE_INSTALL_TARGET_HOOKS += CONFD_CLEANUP
 CONFD_POST_INSTALL_TARGET_HOOKS += CONFD_INSTALL_EXTRA
 CONFD_POST_INSTALL_TARGET_HOOKS += CONFD_INSTALL_YANG_MODULES
+ifeq ($(BR2_PACKAGE_PODMAN),y)
+CONFD_POST_INSTALL_TARGET_HOOKS += CONFD_INSTALL_YANG_MODULES_CONTAINERS
+endif
 CONFD_POST_INSTALL_TARGET_HOOKS += CONFD_CLEANUP
+
 $(eval $(autotools-package))
diff --git a/package/confd/yang_modules_confd.inc b/package/confd/yang_modules_confd.inc
new file mode 100644
index 000000000..668f0e244
--- /dev/null
+++ b/package/confd/yang_modules_confd.inc
@@ -0,0 +1,47 @@
+MODULES=(
+	"ietf-system@2014-08-06.yang -e authentication -e local-users -e ntp -e ntp-udp-port -e timezone-name"
+	"iana-timezones@2013-11-19.yang"
+	"notifications@2008-07-14.yang"
+	"ietf-tcp-common@2019-07-02.yang -e keepalives-supported"
+	"ietf-interfaces@2018-02-20.yang -e if-mib"
+	"ietf-ip@2018-02-22.yang -e ipv6-privacy-autoconf"
+	"ietf-network-instance@2019-01-21.yang"
+	"ietf-netconf-monitoring@2010-10-04.yang"
+	"ietf-netconf-nmda@2019-01-07.yang -e origin -e with-defaults"
+	"ietf-subscribed-notifications@2019-09-09.yang -e encode-xml -e replay -e subtree -e xpath"
+	"ietf-yang-push@2019-09-09.yang -e on-change"
+	"ietf-routing@2018-03-13.yang"
+	"ietf-ipv6-unicast-routing@2018-03-13.yang"
+	"ietf-ipv4-unicast-routing@2018-03-13.yang"
+	"ietf-ospf@2022-10-19.yang -e bfd -e explicit-router-id"
+	"iana-if-type@2023-01-26.yang"
+	"iana-hardware@2018-03-13.yang"
+	"ietf-hardware@2018-03-13.yang -e hardware-state"
+	"infix-hardware@2024-04-25.yang"
+	"ieee802-dot1q-types@2022-10-29.yang"
+	"infix-ip@2023-09-14.yang"
+	"infix-if-type@2024-01-29.yang"
+	"infix-routing@2024-03-06.yang"
+	"ieee802-dot1ab-lldp@2022-03-15.yang"
+	"infix-lldp@2023-08-23.yang"
+	"infix-dhcp-client@2024-04-12.yang"
+	"infix-shell-type@2023-08-21.yang"
+	"infix-system@2024-04-12.yang"
+	"infix-services@2024-05-30.yang"
+	"ieee802-ethernet-interface@2019-06-21.yang"
+	"infix-ethernet-interface@2024-02-27.yang"
+	"infix-factory-default@2023-06-28.yang"
+	# from sysrepo
+	"sysrepo-plugind@2022-08-26.yang"
+	# from netopeer
+	"nc-notifications@2008-07-14.yang"
+	"ietf-crypto-types@2023-12-28.yang -e encrypted-private-keys"
+ 	"ietf-netconf-server@2023-12-28.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home"
+	"ietf-netconf-acm@2018-02-14.yang"
+	"ietf-netconf@2013-09-29.yang -e writable-running -e candidate -e rollback-on-error -e validate -e startup -e url -e xpath -e confirmed-commit"
+	"ietf-truststore@2023-12-28.yang -e central-truststore-supported -e certificates"
+	"ietf-keystore@2023-12-28.yang -e central-keystore-supported -e inline-definitions-supported -e asymmetric-keys -e symmetric-keys"
+	"ietf-ssh-server@2023-12-28.yang -e local-user-auth-password -e local-user-auth-publickey"
+	"ietf-tls-server@2023-12-28.yang -e server-ident-raw-public-key -e server-ident-x509-cert"
+	"ietf-restconf@2017-01-26.yang"
+)
\ No newline at end of file
diff --git a/package/confd/yang_modules_containers.inc b/package/confd/yang_modules_containers.inc
new file mode 100644
index 000000000..2b4d453a3
--- /dev/null
+++ b/package/confd/yang_modules_containers.inc
@@ -0,0 +1,4 @@
+MODULES=(
+	"infix-interfaces@2024-01-15.yang -e vlan-filtering -e containers"
+    "infix-containers@2024-03-27.yang"
+)
\ No newline at end of file
diff --git a/utils/yang_modules_setup.sh b/utils/yang_modules_setup.sh
new file mode 100755
index 000000000..ab4f89859
--- /dev/null
+++ b/utils/yang_modules_setup.sh
@@ -0,0 +1,138 @@
+#!/usr/bin/env bash
+set -x
+# This is based on scripts/setup.sh from Netopeer2/libnetconf2
+# env variables NP2_MODULE_DIR, NP2_MODULE_PERMS must be defined and NP2_MODULE_OWNER, NP2_MODULE_GROUP will be used if
+# defined when executing this script!
+#if [ -z "$NP2_MODULE_DIR" -o -z "$NP2_MODULE_PERMS" ]; then
+#    echo "Required environment variables not defined!"
+#    exit 1
+#fi
+
+
+# Source the provided file, which is expected to contain the list of YANG modules and their features.
+# This file, specified by the first argument to the script ($1), is sourced to populate the MODULES 
+# array with the modules and their respective features to be processed by this script. 
+# The file typically includes definitions in the form of module@revision with optional features to enable,
+# e.g., module@revision -e feature1 -e feature2.
+source $1
+
+# optional env variable override
+if [ -n "$SYSREPOCTL_EXECUTABLE" ]; then
+    SYSREPOCTL="$SYSREPOCTL_EXECUTABLE"
+# avoid problems with sudo PATH
+elif [ `id -u` -eq 0 ] && [ -n "$USER" ] && [ `command -v su` ]; then
+    SYSREPOCTL=`command -v sysrepoctl -l $USER`
+else
+    SYSREPOCTL=`command -v sysrepoctl`
+fi
+
+MODDIR=${SEARCH_PATH}
+PERMS="660"
+#OWNER=root
+#GROUP=wheel
+
+CMD_INSTALL=
+
+# functions
+INSTALL_MODULE_CMD() {
+    if [ -z "${CMD_INSTALL}" ]; then
+        CMD_INSTALL="'$SYSREPOCTL' -s $MODDIR -v2"
+    fi
+    CMD_INSTALL="$CMD_INSTALL -i $MODDIR/$1 -p '$PERMS'"
+    if [ ! -z "${OWNER}" ]; then
+        CMD_INSTALL="$CMD_INSTALL -o '$OWNER'"
+    fi
+    if [ ! -z "${GROUP}" ]; then
+        CMD_INSTALL="$CMD_INSTALL -g '$GROUP'"
+    fi
+}
+
+UPDATE_MODULE() {
+	CMD="'$SYSREPOCTL' -U $MODDIR/$1  -s '$MODDIR -v2"
+    eval $CMD
+    local rc=$?
+    if [ $rc -ne 0 ]; then
+        exit $rc
+    fi
+}
+
+CHANGE_PERMS() {
+    CMD="'$SYSREPOCTL' -c $1 -p '$PERMS' -v2"
+    if [ ! -z "${OWNER}" ]; then
+        CMD="$CMD -o '$OWNER'"
+    fi
+    if [ ! -z "${GROUP}" ]; then
+        CMD="$CMD -g '$GROUP'"
+    fi
+    eval $CMD
+    local rc=$?
+    if [ $rc -ne 0 ]; then
+        exit $rc
+    fi
+}
+
+ENABLE_FEATURE() {
+    "$SYSREPOCTL" -c $1 -e $2 -v2
+    local rc=$?
+    if [ $rc -ne 0 ]; then
+        exit $rc
+    fi
+}
+
+# get current modules
+SCTL_MODULES=`$SYSREPOCTL -l`
+for i in "${MODULES[@]}"; do
+    name=`echo "$i" | sed 's/\([^@]*\).*/\1/'`
+
+    SCTL_MODULE=`echo "$SCTL_MODULES" | grep "^$name \+|[^|]*| I"`
+    if [ -z "$SCTL_MODULE" ]; then
+        # prepare command to install module with all its features
+        INSTALL_MODULE_CMD "$i"
+	continue
+    fi
+
+    sctl_revision=`echo "$SCTL_MODULE" | sed 's/[^|]*| \([^ ]*\).*/\1/'`
+    revision=`echo "$i" | sed 's/[^@]*@\([^\.]*\).*/\1/'`
+    if [ "$sctl_revision" \< "$revision" ]; then
+        # update module without any features
+        file=`echo "$i" | cut -d' ' -f 1`
+        UPDATE_MODULE "$file"
+    fi
+
+    sctl_owner=`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{3\} \([^:]*\).*/\2/'`
+    sctl_group=`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{3\}[^:]*:\([^ ]*\).*/\2/'`
+    sctl_perms=`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{4\} \([^ ]*\).*/\2/'`
+    if [ "$sctl_perms" != "$PERMS" ]; then
+        # change permissions/owner
+        CHANGE_PERMS "$name"
+    fi
+
+    # parse sysrepoctl features and add extra space at the end for easier matching
+    sctl_features="`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{6\}\(.*\)/\2/'` "
+    # parse features we want to enable
+    features=`echo "$i" | sed 's/[^ ]* \(.*\)/\1/'`
+    while [ "${features:0:3}" = "-e " ]; do
+        # skip "-e "
+        features=${features:3}
+        # parse feature
+        feature=`echo "$features" | sed 's/\([^[:space:]]*\).*/\1/'`
+
+        # enable feature if not already
+        sctl_feature=`echo "$sctl_features" | grep " ${feature} "`
+        if [ -z "$sctl_feature" ]; then
+            # enable feature
+            ENABLE_FEATURE $name $feature
+        fi
+
+        # next iteration, skip this feature
+        features=`echo "$features" | sed 's/[^[:space:]]* \(.*\)/\1/'`
+    done
+done
+# install all the new modules
+if [ ! -z "${CMD_INSTALL}" ]; then
+    eval $CMD_INSTALL
+    rc=$?
+    if [ $rc -ne 0 ]; then
+        exit $rc
+    fi
+fi