mirror of
https://github.com/linuxkit/linuxkit.git
synced 2026-04-06 20:47:22 +00:00
6abcdd0000
- split out config processing a bit - just use `capabilities` not `cap-add` and `cap-drop` - allow use of CAP_ prefix on capabilities, as this is what `runc` uses - add nginx to example config - fix bind mounts Signed-off-by: Justin Cormack <justin.cormack@docker.com>
26 lines
924 B
YAML
26 lines
924 B
YAML
kernel: "mobylinux/kernel:7fa748810d7866797fd807a5682d5cb3c9c98111"
|
|
init: "mobylinux/init:1f283250ba0f8e2f7ac0a9d7543719dd1a3b761b"
|
|
system:
|
|
- name: binfmt
|
|
image: "mobylinux/binfmt:a94e0587b702edaa95cc6f303464959d0eb2311c@sha256:432732b90cbe0498f5ca148d75b90bb1eabd8fbfe8c872df8b23906c225091b1"
|
|
binds:
|
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
|
command: [/usr/bin/binfmt, -dir, /etc/binfmt.d/, -mount, /binfmt_misc]
|
|
- name: rngd
|
|
image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9@sha256:1c93c1db7196f6f71f8e300bc1d15f0376dd18e8891c8789d77c8ff19f3a9a92"
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
oom_score_adj: -800
|
|
command: [/bin/tini, /usr/sbin/rngd, -f]
|
|
- name: nginx
|
|
image: "nginx"
|
|
capabilities:
|
|
- CAP_NET_BIND_SERVICE
|
|
- CAP_CHOWN
|
|
- CAP_SETUID
|
|
- CAP_SETGID
|
|
network_mode: host
|
|
database:
|
|
- file: etc/docker/daemon.json
|
|
value: '{"debug": true}'
|