#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}

# The containers configuration file specifies all of the available configuration
# command-line options/flags for container engine tools like Podman & Buildah,
# but in a TOML format that can be easily modified and versioned.

# Please refer to containers.conf(5) for details of all configuration options.
# Not all container engines implement all of the options.
# All of the options have hard coded defaults and these options will override
# the built in defaults. Users can then override these options via the command
# line. Container engines will read containers.conf files in up to three
# locations in the following order:
#  1. /usr/share/containers/containers.conf
#  2. /etc/containers/containers.conf
#  3. $HOME/.config/containers/containers.conf (Rootless containers ONLY)
#  Items specified in the latter containers.conf, if they exist, override the
# previous containers.conf settings, or the default settings.

[containers]
default_capabilities = [
  "NET_RAW",
  "CHOWN",
  "DAC_OVERRIDE",
  "FOWNER",
  "FSETID",
  "KILL",
  "NET_BIND_SERVICE",
  "SETFCAP",
  "SETGID",
  "SETPCAP",
  "SETUID",
  "SYS_CHROOT"
]

default_sysctls = [
  "net.ipv4.ping_group_range=0 0",
]

log_driver = "{{ podman_containers_logger }}"
rootless_networking = "slirp4netns"

[secrets]

[secrets.opts]

[network]

[engine]
events_logger = "{{ podman_engine_event_logger }}"
infra_image = "registry.access.redhat.com/ubi8/pause"
runtime = "crun"

[engine.runtimes]

[engine.volume_plugins]

[machine]