72cdd12f6b
Added no_new_privileges: true, user: 1000, and seccomp_profile: default to all app manifests. Created community app review checklist. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
75 lines
1.5 KiB
YAML
75 lines
1.5 KiB
YAML
app:
|
|
id: indeedhub
|
|
name: Indeehub
|
|
version: 0.1.0
|
|
description: Bitcoin documentary streaming platform featuring God Bless Bitcoin and other educational content about Bitcoin, sovereignty, and decentralized technology.
|
|
category: media
|
|
|
|
container:
|
|
image: localhost/indeedhub:1.0.0
|
|
pull_policy: never # Built locally
|
|
|
|
dependencies:
|
|
- storage: 500Mi
|
|
|
|
resources:
|
|
cpu_limit: 1
|
|
memory_limit: 512Mi
|
|
disk_limit: 500Mi
|
|
|
|
security:
|
|
capabilities: []
|
|
readonly_root: true # Static nginx content
|
|
no_new_privileges: true
|
|
user: 1000
|
|
seccomp_profile: default
|
|
network_policy: bridge
|
|
apparmor_profile: default
|
|
|
|
ports:
|
|
- host: 7777
|
|
container: 7777
|
|
protocol: tcp # Web UI
|
|
|
|
volumes:
|
|
- type: tmpfs
|
|
target: /var/cache/nginx
|
|
options: [rw,noexec,nosuid,size=10m]
|
|
- type: tmpfs
|
|
target: /var/run
|
|
options: [rw,noexec,nosuid,size=10m]
|
|
|
|
environment:
|
|
- NGINX_HOST=localhost
|
|
- NGINX_PORT=7777
|
|
|
|
health_check:
|
|
type: http
|
|
endpoint: http://localhost:7777
|
|
path: /health
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
|
|
interfaces:
|
|
main:
|
|
name: Web UI
|
|
description: Stream Bitcoin documentaries
|
|
type: ui
|
|
port: 7777
|
|
protocol: http
|
|
path: /
|
|
|
|
metadata:
|
|
author: Indeehub Team
|
|
website: https://indeedhub.com
|
|
source: https://github.com/indeedhub/indeedhub
|
|
license: MIT
|
|
tags:
|
|
- bitcoin
|
|
- documentary
|
|
- streaming
|
|
- media
|
|
- education
|