mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-12-25 02:04:06 +02:00
update registry
This commit is contained in:
parent
629e168220
commit
62be70c241
@ -7,7 +7,7 @@ registry
|
||||
|
||||
```yaml
|
||||
registry:
|
||||
image: registry
|
||||
image: registry:2
|
||||
ports:
|
||||
- "5000:5000"
|
||||
volumes:
|
||||
@ -16,17 +16,37 @@ registry:
|
||||
- ./certs:/certs
|
||||
- ./auth:/auth
|
||||
environment:
|
||||
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/registry.easypi.info.crt
|
||||
- REGISTRY_HTTP_TLS_KEY=/certs/registry.easypi.info.key
|
||||
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt
|
||||
- REGISTRY_HTTP_TLS_KEY=/certs/domain.key
|
||||
- REGISTRY_AUTH=htpasswd
|
||||
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
|
||||
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
|
||||
restart: always
|
||||
|
||||
frontend:
|
||||
image: konradkleine/docker-registry-frontend:v2
|
||||
ports:
|
||||
- "8080:80"
|
||||
- "8443:443"
|
||||
links:
|
||||
- registry
|
||||
volume:
|
||||
- ./certs/domain.crt:/etc/apache2/domain.crt
|
||||
- ./certs/domain.key:/etc/apache2/domain.key
|
||||
environment:
|
||||
- ENV_DOCKER_REGISTRY_HOST=registry
|
||||
- ENV_DOCKER_REGISTRY_PORT=5000
|
||||
- ENV_DOCKER_REGISTRY_USE_SSL=1
|
||||
- ENV_USE_SSL=yes
|
||||
restart: always
|
||||
```
|
||||
|
||||
## up and running
|
||||
## Server Setup
|
||||
|
||||
```bash
|
||||
$ mkdir -p ~/fig/registry/{auth,certs}
|
||||
$ cd ~/fig/registry
|
||||
$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
|
||||
$ docker-compose up -d
|
||||
$ docker-compose exec registry sh
|
||||
>>> htpasswd -Bbn username password >> /auth/htpasswd
|
||||
@ -38,16 +58,37 @@ proxy:
|
||||
^D
|
||||
>>> exit
|
||||
$ docker-compose restart
|
||||
```
|
||||
|
||||
## Client Setup
|
||||
|
||||
```bash
|
||||
$ scp registry.easypi.info:fig/registry/certs/domain.crt \
|
||||
/etc/docker/certs.d/registry.easypi.info:5000/ca.crt
|
||||
|
||||
$ systemctl edit docker
|
||||
# /etc/systemd/system/docker.service.d/override.conf
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=/usr/bin/dockerd -H fd:// --registry-mirror https://registry.easypi.info:5000
|
||||
|
||||
$ systemctl daemon-reload
|
||||
$ systemctl restart docker
|
||||
|
||||
$ docker pull alpine
|
||||
$ docker tag alpine registry.easypi.info:5000/alpine
|
||||
|
||||
$ docker login -u username -p password easypi.info:5000
|
||||
$ docker push registry.easypi.info:5000/alpine
|
||||
$ docker rmi registry.easypi.info:5000/alpine
|
||||
$ docker pull registry.easypi.info:5000/alpine
|
||||
|
||||
$ firefox http://registry.easypi.info:8080
|
||||
```
|
||||
|
||||
## read more
|
||||
> Append `--insecure-registry registry.easypi.info:5000` option to disable TLS.
|
||||
|
||||
## Read More
|
||||
|
||||
- https://github.com/docker/distribution/blob/master/docs/deploying.md
|
||||
- https://github.com/docker/distribution/blob/master/docs/insecure.md
|
||||
|
@ -1,5 +1,5 @@
|
||||
registry:
|
||||
image: registry
|
||||
image: registry:2
|
||||
ports:
|
||||
- "5000:5000"
|
||||
volumes:
|
||||
@ -8,9 +8,26 @@ registry:
|
||||
- ./certs:/certs
|
||||
- ./auth:/auth
|
||||
environment:
|
||||
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/easypi.info.crt
|
||||
- REGISTRY_HTTP_TLS_KEY=/certs/easypi.info.key
|
||||
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt
|
||||
- REGISTRY_HTTP_TLS_KEY=/certs/domain.key
|
||||
- REGISTRY_AUTH=htpasswd
|
||||
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
|
||||
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
|
||||
restart: always
|
||||
|
||||
frontend:
|
||||
image: konradkleine/docker-registry-frontend:v2
|
||||
ports:
|
||||
- "8080:80"
|
||||
- "8443:443"
|
||||
links:
|
||||
- registry
|
||||
volume:
|
||||
- ./certs/domain.crt:/etc/apache2/domain.crt
|
||||
- ./certs/domain.key:/etc/apache2/domain.key
|
||||
environment:
|
||||
- ENV_DOCKER_REGISTRY_HOST=registry
|
||||
- ENV_DOCKER_REGISTRY_PORT=5000
|
||||
- ENV_DOCKER_REGISTRY_USE_SSL=1
|
||||
- ENV_USE_SSL=yes
|
||||
restart: always
|
||||
|
Loading…
Reference in New Issue
Block a user