public-service-news/news-postgres.container

[Container]
Image=docker.io/postgres:16-alpine
AutoUpdate=registry
Network=news.network

# environment
Secret=news-postgres-password,target=POSTGRES_PASSWORD,type=env

# storage
VolatileTmp=true
Volume=news-postgres.volume:/var/lib/postgresql/data
Volume=news-postgres-backup.volume:/backup

# security
ReadOnly=true
NoNewPrivileges=true
DropCapability=ALL
AddCapability=CHOWN DAC_OVERRIDE FOWNER SETGID SETUID

[Service]
Restart=always

[Install]
WantedBy=multi-user.target default.target
init 2024-05-01 19:11:21 +00:00			`[Container]`
			`Image=docker.io/postgres:16-alpine`
			`AutoUpdate=registry`
			`Network=news.network`

			`# environment`
			`Secret=news-postgres-password,target=POSTGRES_PASSWORD,type=env`

			`# storage`
			`VolatileTmp=true`
			`Volume=news-postgres.volume:/var/lib/postgresql/data`
			`Volume=news-postgres-backup.volume:/backup`

			`# security`
			`ReadOnly=true`
			`NoNewPrivileges=true`
			`DropCapability=ALL`
			`AddCapability=CHOWN DAC_OVERRIDE FOWNER SETGID SETUID`

			`[Service]`
			`Restart=always`

			`[Install]`
			`WantedBy=multi-user.target default.target`