self-hosted/dockerfiles
1
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-11-24 08:52:31 +02:00
Code Issues Releases Activity

update registry

Browse Source
This commit is contained in:
kev 2016-08-29 08:13:48 +08:00
parent 629e168220
commit 62be70c241
2 changed files with 66 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
registry/README.md
View File

@ -7,7 +7,7 @@ registry
```yaml
registry:
image: registry
image: registry:2
ports:
- "5000:5000"
volumes:
@ -16,17 +16,37 @@ registry:
- ./certs:/certs
- ./auth:/auth
environment:
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/registry.easypi.info.crt
- REGISTRY_HTTP_TLS_KEY=/certs/registry.easypi.info.key
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt
- REGISTRY_HTTP_TLS_KEY=/certs/domain.key
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
restart: always
frontend:
image: konradkleine/docker-registry-frontend:v2
ports:
- "8080:80"
- "8443:443"
links:
- registry
volume:
- ./certs/domain.crt:/etc/apache2/domain.crt
- ./certs/domain.key:/etc/apache2/domain.key
environment:
- ENV_DOCKER_REGISTRY_HOST=registry
- ENV_DOCKER_REGISTRY_PORT=5000
- ENV_DOCKER_REGISTRY_USE_SSL=1
- ENV_USE_SSL=yes
restart: always
```
## up and running
## Server Setup
```bash
$ mkdir -p ~/fig/registry/{auth,certs}
$ cd ~/fig/registry
$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
$ docker-compose up -d
$ docker-compose exec registry sh
>>> htpasswd -Bbn username password >> /auth/htpasswd
@ -38,16 +58,37 @@ proxy:
^D
>>> exit
$ docker-compose restart
```
## Client Setup
```bash
$ scp registry.easypi.info:fig/registry/certs/domain.crt \
/etc/docker/certs.d/registry.easypi.info:5000/ca.crt
$ systemctl edit docker
# /etc/systemd/system/docker.service.d/override.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --registry-mirror https://registry.easypi.info:5000
$ systemctl daemon-reload
$ systemctl restart docker
$ docker pull alpine
$ docker tag alpine registry.easypi.info:5000/alpine
$ docker login -u username -p password easypi.info:5000
$ docker push registry.easypi.info:5000/alpine
$ docker rmi registry.easypi.info:5000/alpine
$ docker pull registry.easypi.info:5000/alpine
$ firefox http://registry.easypi.info:8080
```
## read more
> Append `--insecure-registry registry.easypi.info:5000` option to disable TLS.
## Read More
- https://github.com/docker/distribution/blob/master/docs/deploying.md
- https://github.com/docker/distribution/blob/master/docs/insecure.md

23
registry/docker-compose.yml
View File

@ -1,5 +1,5 @@
registry:
image: registry
image: registry:2
ports:
- "5000:5000"
volumes:
@ -8,9 +8,26 @@ registry:
- ./certs:/certs
- ./auth:/auth
environment:
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/easypi.info.crt
- REGISTRY_HTTP_TLS_KEY=/certs/easypi.info.key
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt
- REGISTRY_HTTP_TLS_KEY=/certs/domain.key
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
restart: always
frontend:
image: konradkleine/docker-registry-frontend:v2
ports:
- "8080:80"
- "8443:443"
links:
- registry
volume:
- ./certs/domain.crt:/etc/apache2/domain.crt
- ./certs/domain.key:/etc/apache2/domain.key
environment:
- ENV_DOCKER_REGISTRY_HOST=registry
- ENV_DOCKER_REGISTRY_PORT=5000
- ENV_DOCKER_REGISTRY_USE_SSL=1
- ENV_USE_SSL=yes
restart: always