[storage]

driver = "overlay"
runroot = "/run/containers/storage"
graphroot = "/var/lib/containers/storage"
# Enables a global transient storaga mode where all container metadata is stored on non-persistant media
# This guaranteea a fresh state on boot.
# However it is not compabible with a traditional model where containers persist across reboots.
# Use with `podman-clean-transient.service`
transient_store = true

[storage.options]
# We add a custom "/usr/share/containers/storage" here to allow readonly in-image containers
additionalimagestores = [
  "/usr/share/containers/storage"
]

[storage.options.overlay]
# Nodev for security (default in cs9)
# We use metacopy to allow better pagecache sharing of base-layers (default in cs9)
mountopt = "nodev,metacopy=on"