eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

Add container policy.json and registries.conf for ringtail
All checks were successful
Build Container / build (push) Has been skipped
Details
Build Container (Nix) / build (push) Successful in 7s
Details

Browse source 
Minimal container config: policy.json for skopeo image pushes, and
registries.conf with unqualified search matching indri's minikube setup
(registry.ops.eblu.me, docker.io, ghcr.io, quay.io).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Erich Blume 2026-02-19 08:22:00 -08:00
commit a008ee4702
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
nixos/ringtail/configuration.nix
View file

@ -446,6 +446,15 @@ in
"d /mnt/storage2 0755 eblume users -"
];
# Container config for skopeo (used by the forgejo runner to push images)
# and for unqualified image pulls via Zot pull-through cache
environment.etc."containers/policy.json".text = builtins.toJSON {
default = [{ type = "insecureAcceptAnything"; }];
};
environment.etc."containers/registries.conf".text = ''
unqualified-search-registries = ["registry.ops.eblu.me", "docker.io", "ghcr.io", "quay.io"]
'';
# Forgejo Actions runner (nix container builder)
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;