[Unit]
Description=nginx container

[Container]
ContainerName=nginx
Image=ghcr.io/nginxinc/nginx-unprivileged:mainline-alpine-slim
PublishPort=8080:8080
Volume=/srv/nginx/tls.conf:/etc/nginx/tls.conf:ro
PodmanArgs=--runtime runsc --security-opt label:disable
Label=disable
AutoUpdate=registry

[Install]
WantedBy=multi-user.target default.target

[Service]
Restart=always