81ad0b597c
Complete infrastructure platform CLI: - Container runtime (systemd-nspawn) - VoltVisor VMs (Neutron Stardust / QEMU) - Stellarium CAS (content-addressed storage) - ORAS Registry - GitOps integration - Landlock LSM security - Compose orchestration - Mesh networking Copyright (c) Armored Gates LLC. All rights reserved. Licensed under AGPSL v5.0
73 lines
1020 B
YAML
73 lines
1020 B
YAML
# Volt Image: Server
|
|
# Target density: 50,000+ per host
|
|
# Unique size: ~5MB per VM
|
|
|
|
name: volt/server
|
|
version: "1.0"
|
|
description: "Minimal server VM for headless workloads"
|
|
|
|
# Base configuration
|
|
kernel: kernel-server
|
|
userland: musl-minimal
|
|
|
|
# Resource defaults
|
|
defaults:
|
|
memory: 256M
|
|
cpus: 1
|
|
network: default
|
|
|
|
# Included packages (shared)
|
|
packages:
|
|
- busybox
|
|
- openssl
|
|
- curl
|
|
- ca-certificates
|
|
- tzdata
|
|
|
|
# Init system
|
|
init:
|
|
type: busybox
|
|
command: /sbin/init
|
|
|
|
# Shell
|
|
shell: /bin/ash
|
|
|
|
# Security policy
|
|
security:
|
|
landlock_profile: server
|
|
seccomp_profile: server
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
add:
|
|
- NET_BIND_SERVICE
|
|
- SETUID
|
|
- SETGID
|
|
|
|
# Filesystem layout
|
|
filesystem:
|
|
readonly:
|
|
- /usr
|
|
- /lib
|
|
- /bin
|
|
- /sbin
|
|
writable:
|
|
- /tmp
|
|
- /var
|
|
- /app
|
|
|
|
# Health check
|
|
healthcheck:
|
|
type: tcp
|
|
port: 8080
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
# Metadata
|
|
metadata:
|
|
category: server
|
|
density: 50000
|
|
boot_time: "<200ms"
|
|
ode_capable: false
|