kernel:
  image: linuxkit/kernel:6.6.13
  cmdline: "console=tty0 console=ttyS0"
init:
  - linuxkit/init:c9a1adb982eb4074c01a34ce43860b6df24c252d
  - linuxkit/runc:bcd6268ea2d45dc7c6b43ca82d00dd01e7105f17
  - linuxkit/containerd:d33b20080a2f88e833680dc8563b5a03a13a297e
  - linuxkit/ca-certificates:e1688f69167c991bf5be1be809fd68685a4a4a9a
onboot:
  - name: sysctl
    image: linuxkit/sysctl:0c5861d22fac133d5bf679e763a1df14ad927de2
  - name: dhcpcd
    image: linuxkit/dhcpcd:c1f461bd40fabb1f3bb77348ab52abad8393bdb3
    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
  - name: format
    image: linuxkit/format:1214ae707090285cec2102e696c62892e3d8d0aa
    command: ["/usr/bin/format", "/dev/sda"]
  - name: dm-crypt
    image: linuxkit/dm-crypt:60ea984bf09a74d509080aa9bc41ee0996b9bc73
    command: ["/usr/bin/crypto", "crypt_dev", "/dev/sda1"]
  - name: mount
    image: linuxkit/mount:7cffeb3a4a77af09397479fe8e21c0dfce438cd0
    command: ["/usr/bin/mountie", "/dev/mapper/crypt_dev", "/var/secure_storage"]
  - name: bbox
    image: busybox
    command: ["sh", "-c", "echo 'secret things' >/var/secure_storage/secrets"]
    binds:
      - /var:/var
services:
  - name: getty
    image: linuxkit/getty:42bfdda2fef25c9fd84a58bb88de1496a7cafcda
    env:
     - INSECURE=true
  - name: rngd
    image: linuxkit/rngd:9812bcbb096ae21650a32a1517a5903efd8ff40b
files:
  - path: etc/dm-crypt/key
    # the below key is just to keep the example self-contained
    # !!! provide a proper key for production use here !!!
    contents: "abcdefghijklmnopqrstuvwxyz123456"