Erich Blume
26e4a18396
- Add doc-card-titles mise task to enumerate cards and detect duplicates - Remove redundant aliases from zk cards (where alias matched id) - Rename reference/storage/postgresql.md title to "PostgreSQL Storage" - Convert all path-based wiki-links [[path|Title]] to title-based [[Title]] - Add pre-commit hook to check for duplicate card titles Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 KiB
1 KiB
| title | tags | ||
|---|---|---|---|
| Zot |
|
Zot
OCI-native container registry providing pull-through cache and private image storage.
Quick Reference
| Property | Value |
|---|---|
| URL | https://registry.ops.eblu.me |
| Local Port | 5050 |
| Data | ~/zot |
| Config | ~/.config/zot/config.json |
| LaunchAgent | mcquack |
Namespace Convention
| Path | Source |
|---|---|
registry.ops.eblu.me/docker.io/* |
Cached from Docker Hub |
registry.ops.eblu.me/ghcr.io/* |
Cached from GHCR |
registry.ops.eblu.me/quay.io/* |
Cached from Quay |
registry.ops.eblu.me/blumeops/* |
Private images |
Pull-Through Cache
When Kubernetes Cluster pulls an image, containerd checks zot first. If cached, returns immediately. If not, zot fetches from upstream, caches it, then returns.
Security Model
Network access only (no authentication). Defense is the Tailscale ACL boundary.
Related
- Forgejo - Container build CI
- Kubernetes Cluster - Registry consumer