fix: ensure registry is readonly
diff --git a/roles/magnum/tasks/main.yml b/roles/magnum/tasks/main.yml
index 93885b3..9fc94fa 100644
--- a/roles/magnum/tasks/main.yml
+++ b/roles/magnum/tasks/main.yml
@@ -223,6 +223,9 @@
               containers:
                 - name: registry
                   image: "{{ atmosphere_images['magnum_registry'] | vexxhost.kubernetes.docker_image('ref') }}"
+                  env:
+                    - name: REGISTRY_STORAGE_MAINTENANCE_READONLY
+                      value: '{"enabled": true}'
                   ports:
                     - name: registry
                       containerPort: 5000