From 19325013fd09b1c93e12b4ad9d289b1ee3c09f50 Mon Sep 17 00:00:00 2001
From: Gilles Mouchet <gilles@actarus02p.gmotech.net>
Date: Thu, 12 Dec 2024 19:55:29 +0100
Subject: [PATCH] config for gmotech.net

---
 README.md           | 59 ++++++++++++++++++++++++++++++++++++++++++---
 docker-compose.yaml |  6 +++--
 testRegistry.sh     |  6 ++---
 3 files changed, 62 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index db3886c..6080a67 100644
--- a/README.md
+++ b/README.md
@@ -23,14 +23,65 @@ docker compose up -d
 cd /home/docker/registry/auth
 htpasswd -Bc registry.password gilles
 ```
+## Apache
+### http-registry-docker.conf
+```
+<VirtualHost *:80>
+    ServerName registry-docker.gmotech.net
+    ServerAlias registry-docker
+    CustomLog logs/registry-docker_access_log common
+    ErrorLog  logs/registry-docker_error_log
+    # redirect to https
+    RewriteEngine on
+    RewriteCond %{SERVER_NAME} =registry-docker [OR]
+    RewriteCond %{SERVER_NAME} =registry-docker.gmotech.net
+    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
+```
+### https-registry-docker.conf
+```
+##
+## SSL Virtual Host Context
+##
+#  General setup for the virtual host
+<VirtualHost *:443>
+    ServerName registry-docker.gmotech.net
+    ServerAlias registry-docker
+    CustomLog logs/registry-docker_access_log common
+    ErrorLog  logs/registry-docker_error_log
+
+# SSL
+    SSLEngine on
+    SSLHonorCipherOrder on
+    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+    SSLHonorCipherOrder on
+    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
+    # Enable HTTP/2, if available
+    Protocols h2 http/1.1
+    # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
+    Header always set Strict-Transport-Security "max-age=63072000"
+
+# certificats
+    SSLCertificateFile "/etc/httpd/auth/cert/gmotech.net.crt"
+    SSLCertificateKeyFile "/etc/httpd/auth/cert/gmotech.net.key"
+    SSLCertificateChainFile "/etc/httpd/auth/cert/gmotechCA.crt"
+
+# proxy
+    SSLProxyEngine On
+    ProxyPreserveHost On
+    ProxyRequests off
+    ProxyPass "/v2" "https://127.0.0.1:5000/v2"
+    ProxyPassReverse "/v2" "https://127.0.0.1:5000/v2"
+</VirtualHost>
+```
 
 ## Tests
 ### Tag and push
 ```bash
 docker pull ubuntu
-docker tag ubuntu registry-docker.gmolab.net:5000/ubuntu
-docker login registry-docker.gmolab.net:5000
-docker push registry-docker.gmolab.net:5000/ubuntu
+docker tag ubuntu registry-docker.gmotech.net/ubuntu
+docker login registry-docker.gmotech.net
+docker push registry-docker.gmotech.net/ubuntu
 ```
 ### Delete
 ToDo
@@ -52,4 +103,4 @@ https://teplyheng.medium.com/how-to-completely-remove-docker-images-from-a-docke
 ## Changelog
 ### v1.0 - 2024-11-15
 #### Added
-- initial version by [GMo](mailto:gilles.mouchet@gmail.com)
\ No newline at end of file
+- initial version by [GMo](mailto:gilles.mouchet@gmail.com)
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 182a801..e03a965 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -6,8 +6,10 @@ services:
     restart: always
     container_name: registry
     environment:
-      REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt
-      REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key 
+      #REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt
+      #REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key 
+      REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmotech.net.crt
+      REGISTRY_HTTP_TLS_KEY: /certs/gmotech.net.key 
       REGISTRY_AUTH: htpasswd
       REGISTRY_AUTH_HTPASSWD_REALM: Registry
       REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
diff --git a/testRegistry.sh b/testRegistry.sh
index 705b216..376a94b 100755
--- a/testRegistry.sh
+++ b/testRegistry.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-registry=https://registry-docker.gmolab.net
+registry=https://registry-docker.gmotech.net
 reg_without_proto=$(echo $registry |sed -e "s|https://||")
 name=ubuntu
 auth="gilles:pa55w0rd"
@@ -40,12 +40,12 @@ curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/manifests/${manifest}"
 #curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/blobs/${manifest}"
 #curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/_manifests/${manifest}"
 docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml
-docker logout registry-docker.gmolab.net:5000
+docker logout registry-docker.gmotech.net
 
 echo -e "\n\n****** Step 4 - delete image from local"
 echo "press Enter to continue or ctrl-c to quit"
 read
-docker image rm registry-docker.gmolab.net:5000/ubuntu
+docker image rm registry-docker.gmotech.net/ubuntu
 docker image rm ubuntu
 sudo rm -rf /home/docker/registry/data/docker/registry/v2/repositories/${name}
 docker compose down