docker/registry-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Gilles Mouchet 19325013fd config for gmotech.net
2024-12-12 19:55:29 +01:00
.vscode
v1.0
2024-11-15 05:50:49 +01:00
config.yml
v1.0
2024-11-15 05:50:49 +01:00
docker-compose.yaml
config for gmotech.net
2024-12-12 19:55:29 +01:00
README.md
config for gmotech.net
2024-12-12 19:55:29 +01:00
testRegistry.sh
config for gmotech.net
2024-12-12 19:55:29 +01:00

README.md

Registry

Description

This docker compose run registry on docker

Install

mkdir -p /home/docker/certs
mkdir -p /home/docker/registry/auth
mkdir -p /home/docker/registry/data

Certificats

Copy crt and key files on /home/docker/certs/

Run

docker compose up -d

Set password

cd /home/docker/registry/auth
htpasswd -Bc registry.password gilles

Apache

http-registry-docker.conf

<VirtualHost *:80>
    ServerName registry-docker.gmotech.net
    ServerAlias registry-docker
    CustomLog logs/registry-docker_access_log common
    ErrorLog  logs/registry-docker_error_log
    # redirect to https
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =registry-docker [OR]
    RewriteCond %{SERVER_NAME} =registry-docker.gmotech.net
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

https-registry-docker.conf

##
## SSL Virtual Host Context
##
#  General setup for the virtual host
<VirtualHost *:443>
    ServerName registry-docker.gmotech.net
    ServerAlias registry-docker
    CustomLog logs/registry-docker_access_log common
    ErrorLog  logs/registry-docker_error_log

# SSL
    SSLEngine on
    SSLHonorCipherOrder on
    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
    SSLHonorCipherOrder on
    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
    # Enable HTTP/2, if available
    Protocols h2 http/1.1
    # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
    Header always set Strict-Transport-Security "max-age=63072000"

# certificats
    SSLCertificateFile "/etc/httpd/auth/cert/gmotech.net.crt"
    SSLCertificateKeyFile "/etc/httpd/auth/cert/gmotech.net.key"
    SSLCertificateChainFile "/etc/httpd/auth/cert/gmotechCA.crt"

# proxy
    SSLProxyEngine On
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass "/v2" "https://127.0.0.1:5000/v2"
    ProxyPassReverse "/v2" "https://127.0.0.1:5000/v2"
</VirtualHost>

Tests

Tag and push

docker pull ubuntu
docker tag ubuntu registry-docker.gmotech.net/ubuntu
docker login registry-docker.gmotech.net
docker push registry-docker.gmotech.net/ubuntu

Delete

ToDo

Set registry in Portainer

  • on portainer goto on Registries menu and click on + Add registry
  • click on Custom registry
  • type a registry name in field Name
  • type the registry's ip address and port (xxx.xxx.xxx.xxx:5000) in field Registry URL
  • active Authentication and fill the Username and Password with username/password (cf Set password)
  • click on Add registry

Sources

https://distribution.github.io/distribution/about/deploying/
https://medium.com/@cnadeau_/private-docker-registry-part-4-lets-secure-the-registry-250c3cef237 https://betterprogramming.pub/cleanup-your-docker-registry-ef0527673e3a
https://teplyheng.medium.com/how-to-completely-remove-docker-images-from-a-docker-registry-v2-76d8a26847ff

Changelog

v1.0 - 2024-11-15

Added

  • initial version by GMo
Description
No description provided
Readme 39 KiB
Languages
Shell 100%