Skip to content

Containerfiles for various personal projets. Those containers are hosted on Quay.io

License

Notifications You must be signed in to change notification settings

travier/quay-containerfiles

Repository files navigation

Containerfiles for various personal projects

Those containers are based on the Fedora container image, built using GitHub Actions and hosted on Quay.io.

Some might require volume mounts or manual configuration. See the individual READMEs for more information.

Each Containerfile is in a specific folder in this repo. All repositories are under the travier namespace.

Service containers

Quay.io repository Description
filebrowser Based on Filebrowser's official container image
libvirtd libvirt daemon to run on rpm-ostree based systems (see README)
nginx nginx
php-fpm-ttrss PHP-FPM and modules for Tiny Tiny RSS
quasselcore Quassel IRC
unbound Unbound

Toolbox containers and tools

The toolbox container images are based on the Fedora toolbox container image.

Quay.io repository Description
toolbox Personal toolbox for general use cases
toolbox-kdedev Tools and dependencies needed for KDE development

Verifying sigstore container signatures with podman

How to configure sigstore signature verification in podman:

$ sudo mkdir /etc/pki/containers
$ curl -O "https://raw.githubusercontent.com/travier/quay-containerfiles/main/quay.io-travier-containers.pub"
$ sudo cp quay.io-travier-containers.pub /etc/pki/containers/
$ sudo restorecon -RFv /etc/pki/containers

$ cat /etc/containers/registries.d/quay.io-travier.yaml
docker:
  quay.io/travier:
    use-sigstore-attachments: true
$ sudo restorecon -RFv /etc/containers/registries.d/quay.io-travier.yaml

$ cat /etc/containers/policy.json
{
    "default": [
        {
            "type": "reject"
        }
    ],
    "transports": {
        "docker": {
            ...
            "quay.io/travier": [
                {
                    "type": "sigstoreSigned",
                    "keyPath": "/etc/pki/containers/quay.io-travier-containers.pub",
                    "signedIdentity": {
                        "type": "matchRepository"
                    }
                }
            ],
            ...
            "": [
                {
                    "type": "insecureAcceptAnything"
                }
            ]
        },
        ...
    }
}
...

License

See LICENSE or CC0.

About

Containerfiles for various personal projets. Those containers are hosted on Quay.io

Resources

License

Security policy

Stars

Watchers

Forks