[Unit]
Description=Tor Daemon

[Container]
Image=docker.io/dockurr/tor
ContainerName=tor
AutoUpdate=registry
Network=host
Volume=/var/containers/tor/config:/etc/tor:ro,Z
Volume=/var/containers/tor/data:/var/lib/tor:Z
# Security
NoNewPrivileges=true
DropCapability=ALL
# Resources
Memory=256m
PodmanArgs=--memory-reservation=128m --cpus=0.2 --cpu-shares=128

[Service]
Restart=always
RestartSec=10s

[Install]
WantedBy=default.target