devteam/sharenet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
sharenet/registry/docker-registry.service
continuist 98c5fb948f
Some checks failed
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Has been cancelled
Details
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Has been cancelled
Details
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Has been cancelled
Details
Change from docker to podman and add security hardening
2025-08-18 23:03:06 -04:00

24 lines
No EOL
604 B
Desktop File
Raw Blame History

[Unit]
Description=Docker Registry v2 with nginx Reverse Proxy
After=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
User=CI_SERVICE_USER
Group=CI_SERVICE_USER
WorkingDirectory=/opt/APP_NAME/registry
ExecStart=/usr/bin/podman play kube registry-pod.yaml
ExecStop=/usr/bin/podman pod stop registry-pod
ExecReload=/usr/bin/podman pod restart registry-pod
TimeoutStartSec=0
# Security settings
NoNewPrivileges=true
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/APP_NAME/registry /etc/registry /var/lib/registry /var/log/registry
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink