diff --git a/README.md b/README.md index 83ba7da..aff1ac3 100644 --- a/README.md +++ b/README.md @@ -18,18 +18,38 @@ htpasswd -Bc registry.password gilles ``` ## Tests +### Tag and push ```bash docker pull ubuntu docker tag ubuntu registry-docker.gmolab.net:5000/ubuntu -docker login +docker login registry-docker.gmolab.net:5000 docker push registry-docker.gmolab.net:5000/ubuntu +``` +### Delete +```bash + +manifest=$(curl -u "gilles:pa55w0rd" -sSL -I -H "Accept: application/vnd.docker.distribution.manifest.v2+json" https://registry-docker.gmolab.net:5000/v2/ubuntu/manifests/latest | awk '$1 == "docker-content-digest:" { print $2 }'| tr -d $'\r') + + +curl -v -u "[username]:[pw]" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X HEAD https://[registry-ip]/v2/[image-name]/manifests/[image-version or tag number] +curl -v -u "gilles:" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X HEAD https://registry-docker.gmolab.net:5000/v2/ubuntu/manifests/latest | egrep etag + +docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml +``` ## Set registry in Portainer -On portainer +* on portainer goto on **Registries** menu and click on **+ Add registry** +* click on **Custom registry** +* type a registry name in field **Name** +* type the registry's ip address and port (xxx.xxx.xxx.xxx:5000) in field **Registry URL** +* active **Authentication** and fill the **Username** and **Password** with username/password (cf Set password) +* click on **Add registry** ## Sources https://distribution.github.io/distribution/about/deploying/ -https://medium.com/@cnadeau_/private-docker-registry-part-4-lets-secure-the-registry-250c3cef237 +https://medium.com/@cnadeau_/private-docker-registry-part-4-lets-secure-the-registry-250c3cef237 +https://betterprogramming.pub/cleanup-your-docker-registry-ef0527673e3a +https://teplyheng.medium.com/how-to-completely-remove-docker-images-from-a-docker-registry-v2-76d8a26847ff ## Changelog ### v1.0 - 2024-11-15 diff --git a/docker-compose.yaml b/docker-compose.yaml index 449c3ec..25812c5 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -20,7 +20,7 @@ # - '$(pwd)/config.yml:/etc/docker/registry/config.yml' services: registry: - image: 'registry:2' + image: 'registry:latest' ports: - '5000:5000' # environment: @@ -31,15 +31,44 @@ services: restart: always container_name: registry environment: - - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/gmolab.net.crt - - REGISTRY_HTTP_TLS_KEY=/certs/gmolab.net.key - - REGISTRY_AUTH=htpasswd - - REGISTRY_AUTH_HTPASSWD_REALM=Registry - - REGISTRY_AUTH_HTPASSWD_PATH=/auth/registry.password + REGISTRY_HTTP_TLS_CERTIFICATE: /certs/gmolab.net.crt + REGISTRY_HTTP_TLS_KEY: /certs/gmolab.net.key + REGISTRY_AUTH: htpasswd + REGISTRY_AUTH_HTPASSWD_REALM: Registry + REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password + REGISTRY_STORAGE_DELETE_ENABLED: "true" volumes: - /home/docker/certs:/certs - /home/docker/registry/auth:/auth - /home/docker/registry/data:/var/lib/registry + + registry-ui: + image: joxit/docker-registry-ui:latest + restart: always + ports: + - 8080:80 + environment: + #- /home/docker/registry/nginx/nginx.conf:/etc/nginx/conf.d/default.conf + #- /home/docker/certs/gmolab.net.crt:/etc/nginx/certs/fullchain.pem + #- /home/docker/certs/gmolab.net.key:/etc/nginx/certs/privkey.pem + - SINGLE_REGISTRY=true + - REGISTRY_TITLE=Docker Registry UI + - DELETE_IMAGES=true + - SHOW_CONTENT_DIGEST=true + - NGINX_PROXY_PASS_URL=https://registry-docker.gmolab.net:5000 + - SHOW_CATALOG_NB_TAGS=true + - CATALOG_MIN_BRANCHES=1 + - CATALOG_MAX_BRANCHES=1 + - TAGLIST_PAGE_SIZE=100 + - REGISTRY_SECURED=false + - CATALOG_ELEMENTS_LIMIT=1000 + container_name: registry-ui + + + + + + # mysql # mysql: # image: mysql:latest @@ -80,4 +109,4 @@ services: # - '/var/run/docker.sock:/var/run/docker.sock:Z' # image: 'portus/portus:latest' # depends_on: -# - mysql \ No newline at end of file +# - mysql diff --git a/testRegistry.sh b/testRegistry.sh new file mode 100755 index 0000000..185b5ee --- /dev/null +++ b/testRegistry.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +registry=https://registry-docker.gmolab.net:5000 +reg_without_proto=$(echo $registry |sed -e "s|https://||") +name=ubuntu +auth="gilles:pa55w0rd" + +#curl -u $auth -X GET ${registry}/v2/${name}/manifests/latest +#curl -u $auth -X GET ${registry}/v2/_catalog +#curl -u $auth -v -sSL -X DELETE "${registry}/v2/${name}/_manifests/sha256:8c0cd79cc31c13c52d7c149b67705cf908c7640578f769e34dcbf3d822180442" +#exit + +echo -e "\n\n****** First step - pull origin image, tag it and push it on myregistry" +echo "press Enter to continue or ctrl-c to quit" +read +#echo "Pull sample image" +docker pull ubuntu +#echo "Login on registry" +docker login $reg_without_proto +#echo "Tag image" +docker tag $name:latest $reg_without_proto/$name:latest +#echo "Push image in registry" +docker push $reg_without_proto/$name + +echo -e "\n\n****** Step2 - display registry (ToComplete)" +echo "press Enter to continue or ctrl-c to quit" +read +curl -u $auth -X GET ${registry}/v2/_catalog +#exit + +echo -e "\n\n****** Step 3 - delete imgage from repository (toDo and logout)" +echo "press Enter to continue or ctrl-c to quit" +read +manifest=$(curl -u $auth -sSL -I -H \ + "Accept: application/vnd.docker.distribution.manifest.v2+json" \ + $registry/v2/$name/manifests/latest \ + | awk '$1 == "docker-content-digest:" { print $2 }'| tr -d $'\r') + +curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/manifests/${manifest}" +#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/blobs/${manifest}" +#curl -u $auth -v -s -X DELETE "${registry}/v2/${name}/_manifests/${manifest}" +docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml +docker logout registry-docker.gmolab.net:5000 + +echo -e "\n\n****** Step 4 - delete image from local" +echo "press Enter to continue or ctrl-c to quit" +read +docker image rm registry-docker.gmolab.net:5000/ubuntu +docker image rm ubuntu +sudo rm -rf /home/docker/registry/data/docker/registry/v2/repositories/${name} +docker compose down +docker compose up -d \ No newline at end of file