2 files changed, 35 insertions, 0 deletions

diff --git a/playbooks/roles/oci/templates/volumes/config.toml b/playbooks/roles/oci/templates/volumes/config.toml
new file mode 100644
index 0000000..6d2f199
--- /dev/null
+++ b/playbooks/roles/oci/templates/volumes/config.toml
@@ -0,0 +1,35 @@
+[server]
+bind_address = "0.0.0.0"
+port = 8000
+streaming_chunk_size = "5MiB"
+
+[lock_store.redis]
+url = "redis://valkey:6379"
+ttl = 5
+
+[cache_store.redis]
+url = "redis://valkey:6379"
+ttl = 5
+
+[storage.fs]
+root_dir = "/images"
+
+[observability.tracing]
+endpoint = "http://127.0.0.1:4317"
+sampling_rate = 1.0
+
+[identity.ci]
+username = "ci"
+password = "{{ simple_registry_password_argon_encoded }}"
+
+[identity.readonly]
+username = "readonly"
+password = "$argon2i$v=19$m=16,t=2,p=1$TjJyTEdIZUJ6dFZkdlZvSg$qf8vG09O93Z/9vUMCgWNtA" # readonly
+
+[repository."img"]
+
+[repository."img".access_policy]
+default_allow = false
+rules = [
+    'request.action.startsWith("get-") || request.action.startsWith("list-") || identity.id == "ci"'
+]
diff --git a/playbooks/roles/oci/templates/volumes/images/.gitkeep b/playbooks/roles/oci/templates/volumes/images/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/playbooks/roles/oci/templates/volumes/images/.gitkeep