config for gmotech.net
This commit is contained in:
Gilles Mouchet
parent
a95f5a4dd6
commit
19325013fd
59
README.md
59
README.md
@ -23,14 +23,65 @@ docker compose up -d
|
||||
cd /home/docker/registry/auth
|
||||
htpasswd -Bc registry.password gilles
|
||||
```
|
||||
## Apache
|
||||
### http-registry-docker.conf
|
||||
```
|
||||
<VirtualHost *:80>
|
||||
ServerName registry-docker.gmotech.net
|
||||
ServerAlias registry-docker
|
||||
CustomLog logs/registry-docker_access_log common
|
||||
ErrorLog logs/registry-docker_error_log
|
||||
# redirect to https
|
||||
RewriteEngine on
|
||||
RewriteCond %{SERVER_NAME} =registry-docker [OR]
|
||||
RewriteCond %{SERVER_NAME} =registry-docker.gmotech.net
|
||||
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
|
||||
</VirtualHost>
|
||||
```
|
||||
### https-registry-docker.conf
|
||||
```
|
||||
##
|
||||
## SSL Virtual Host Context
|
||||
##
|
||||
# General setup for the virtual host
|
||||
<VirtualHost *:443>
|
||||
ServerName registry-docker.gmotech.net
|
||||
ServerAlias registry-docker
|
||||
CustomLog logs/registry-docker_access_log common
|
||||
ErrorLog logs/registry-docker_error_log
|
||||
|
||||
# SSL
|
||||
SSLEngine on
|
||||
SSLHonorCipherOrder on
|
||||
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
||||
SSLHonorCipherOrder on
|
||||
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
|
||||
# Enable HTTP/2, if available
|
||||
Protocols h2 http/1.1
|
||||
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
|
||||
Header always set Strict-Transport-Security "max-age=63072000"
|
||||
|
||||
# certificats
|
||||
SSLCertificateFile "/etc/httpd/auth/cert/gmotech.net.crt"
|
||||
SSLCertificateKeyFile "/etc/httpd/auth/cert/gmotech.net.key"
|
||||
SSLCertificateChainFile "/etc/httpd/auth/cert/gmotechCA.crt"
|
||||
|
||||
# proxy
|
||||
SSLProxyEngine On
|
||||
ProxyPreserveHost On
|
||||
ProxyRequests off
|
||||
ProxyPass "/v2" "https://127.0.0.1:5000/v2"
|
||||
ProxyPassReverse "/v2" "https://127.0.0.1:5000/v2"
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
## Tests
|
||||
### Tag and push
|
||||
```bash
|
||||
docker pull ubuntu
|
||||
docker tag ubuntu registry-docker.gmolab.net:5000/ubuntu
|
||||
docker login registry-docker.gmolab.net:5000
|
||||
docker push registry-docker.gmolab.net:5000/ubuntu
|
||||
docker tag ubuntu registry-docker.gmotech.net/ubuntu
|
||||
docker login registry-docker.gmotech.net
|
||||
docker push registry-docker.gmotech.net/ubuntu
|
||||
```
|
||||
### Delete
|
||||
ToDo
|
||||
@ -52,4 +103,4 @@ https://teplyheng.medium.com/how-to-completely-remove-docker-images-from-a-docke
|
||||
## Changelog
|
||||
### v1.0 - 2024-11-15
|
||||
#### Added
|
||||
- initial version by [GMo](mailto:gilles.mouchet@gmail.com)
|
||||
- initial version by [GMo](mailto:gilles.mouchet@gmail.com)
|
||||
|
||||
@ -6,8 +6,10 @@ services:
|
||||
restart: always
|
||||
container_name: registry
|
||||
environment:
|
||||
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt
|
||||
REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key
|
||||
#REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt
|
||||
#REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key
|
||||
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmotech.net.crt
|
||||
REGISTRY_HTTP_TLS_KEY: /certs/gmotech.net.key
|
||||
REGISTRY_AUTH: htpasswd
|
||||
REGISTRY_AUTH_HTPASSWD_REALM: Registry
|
||||
REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
registry=https://registry-docker.gmolab.net
|
||||
registry=https://registry-docker.gmotech.net
|
||||
reg_without_proto=$(echo $registry |sed -e "s|https://||")
|
||||
name=ubuntu
|
||||
auth="gilles:pa55w0rd"
|
||||
@ -40,12 +40,12 @@ curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/manifests/${manifest}"
|
||||
#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/blobs/${manifest}"
|
||||
#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/_manifests/${manifest}"
|
||||
docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml
|
||||
docker logout registry-docker.gmolab.net:5000
|
||||
docker logout registry-docker.gmotech.net
|
||||
|
||||
echo -e "\n\n****** Step 4 - delete image from local"
|
||||
echo "press Enter to continue or ctrl-c to quit"
|
||||
read
|
||||
docker image rm registry-docker.gmolab.net:5000/ubuntu
|
||||
docker image rm registry-docker.gmotech.net/ubuntu
|
||||
docker image rm ubuntu
|
||||
sudo rm -rf /home/docker/registry/data/docker/registry/v2/repositories/${name}
|
||||
docker compose down
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user