Erich Blume
1c32e351f7
Dagger's --src=. excludes .git, so Quartz can't use git history for page dates inside containers. Populate date-modified: YYYY-MM-DD in frontmatter for all 80 doc articles so the frontmatter priority level (highest in quartz.config.ts) works with or without git. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1 KiB
Markdown
43 lines
1 KiB
Markdown
---
|
|
title: Zot
|
|
date-modified: 2026-02-07
|
|
tags:
|
|
- service
|
|
- registry
|
|
---
|
|
|
|
# Zot
|
|
|
|
OCI-native container registry providing pull-through cache and private image storage.
|
|
|
|
## Quick Reference
|
|
|
|
| Property | Value |
|
|
|----------|-------|
|
|
| **URL** | https://registry.ops.eblu.me |
|
|
| **Local Port** | 5050 |
|
|
| **Data** | `~/zot` |
|
|
| **Config** | `~/.config/zot/config.json` |
|
|
| **LaunchAgent** | mcquack |
|
|
|
|
## Namespace Convention
|
|
|
|
| Path | Source |
|
|
|------|--------|
|
|
| `registry.ops.eblu.me/docker.io/*` | Cached from Docker Hub |
|
|
| `registry.ops.eblu.me/ghcr.io/*` | Cached from GHCR |
|
|
| `registry.ops.eblu.me/quay.io/*` | Cached from Quay |
|
|
| `registry.ops.eblu.me/blumeops/*` | Private images |
|
|
|
|
## Pull-Through Cache
|
|
|
|
When [[cluster|minikube]] pulls an image, containerd checks zot first. If cached, returns immediately. If not, zot fetches from upstream, caches it, then returns.
|
|
|
|
## Security Model
|
|
|
|
Network access only (no authentication). Defense is the Tailscale ACL boundary.
|
|
|
|
## Related
|
|
|
|
- [[forgejo]] - Container build CI
|
|
- [[cluster|Cluster]] - Registry consumer
|