docker/registry-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

config for gmotech.net

Browse Source
This commit is contained in:
Gilles Mouchet 2024-12-12 19:55:29 +01:00
parent a95f5a4dd6
commit 19325013fd
3 changed files with 62 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
README.md
View File

@ -23,14 +23,65 @@ docker compose up -d
cd /home/docker/registry/auth cd /home/docker/registry/auth
htpasswd -Bc registry.password gilles htpasswd -Bc registry.password gilles
``` ```
## Apache
### http-registry-docker.conf
```
<VirtualHost *:80>
ServerName registry-docker.gmotech.net
ServerAlias registry-docker
CustomLog logs/registry-docker_access_log common
ErrorLog logs/registry-docker_error_log
# redirect to https
RewriteEngine on
RewriteCond %{SERVER_NAME} =registry-docker [OR]
RewriteCond %{SERVER_NAME} =registry-docker.gmotech.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
```
### https-registry-docker.conf
```
##
## SSL Virtual Host Context
##
# General setup for the virtual host
<VirtualHost *:443>
ServerName registry-docker.gmotech.net
ServerAlias registry-docker
CustomLog logs/registry-docker_access_log common
ErrorLog logs/registry-docker_error_log
# SSL
SSLEngine on
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
# Enable HTTP/2, if available
Protocols h2 http/1.1
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
# certificats
SSLCertificateFile "/etc/httpd/auth/cert/gmotech.net.crt"
SSLCertificateKeyFile "/etc/httpd/auth/cert/gmotech.net.key"
SSLCertificateChainFile "/etc/httpd/auth/cert/gmotechCA.crt"
# proxy
SSLProxyEngine On
ProxyPreserveHost On
ProxyRequests off
ProxyPass "/v2" "https://127.0.0.1:5000/v2"
ProxyPassReverse "/v2" "https://127.0.0.1:5000/v2"
</VirtualHost>
```
## Tests ## Tests
### Tag and push ### Tag and push
```bash ```bash
docker pull ubuntu docker pull ubuntu
docker tag ubuntu registry-docker.gmolab.net:5000/ubuntu docker tag ubuntu registry-docker.gmotech.net/ubuntu
docker login registry-docker.gmolab.net:5000 docker login registry-docker.gmotech.net
docker push registry-docker.gmolab.net:5000/ubuntu docker push registry-docker.gmotech.net/ubuntu
``` ```
### Delete ### Delete
ToDo ToDo

6
docker-compose.yaml
View File

@ -6,8 +6,10 @@ services:
restart: always restart: always
container_name: registry container_name: registry
environment: environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt #REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt
REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key #REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmotech.net.crt
REGISTRY_HTTP_TLS_KEY: /certs/gmotech.net.key
REGISTRY_AUTH: htpasswd REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry REGISTRY_AUTH_HTPASSWD_REALM: Registry
REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password

6
testRegistry.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
registry=https://registry-docker.gmolab.net registry=https://registry-docker.gmotech.net
reg_without_proto=$(echo $registry |sed -e "s|https://||") reg_without_proto=$(echo $registry |sed -e "s|https://||")
name=ubuntu name=ubuntu
auth="gilles:pa55w0rd" auth="gilles:pa55w0rd"
@ -40,12 +40,12 @@ curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/manifests/${manifest}"
#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/blobs/${manifest}" #curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/blobs/${manifest}"
#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/_manifests/${manifest}" #curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/_manifests/${manifest}"
docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml
docker logout registry-docker.gmolab.net:5000 docker logout registry-docker.gmotech.net
echo -e "\n\n****** Step 4 - delete image from local" echo -e "\n\n****** Step 4 - delete image from local"
echo "press Enter to continue or ctrl-c to quit" echo "press Enter to continue or ctrl-c to quit"
read read
docker image rm registry-docker.gmolab.net:5000/ubuntu docker image rm registry-docker.gmotech.net/ubuntu
docker image rm ubuntu docker image rm ubuntu
sudo rm -rf /home/docker/registry/data/docker/registry/v2/repositories/${name} sudo rm -rf /home/docker/registry/data/docker/registry/v2/repositories/${name}
docker compose down docker compose down