diff --git a/compose/01_registry/config.yaml b/compose/01_registry/config.yaml new file mode 100644 index 0000000..1cb1827 --- /dev/null +++ b/compose/01_registry/config.yaml @@ -0,0 +1,30 @@ +version: 0.1 +log: + fields: + service: registry +storage: + cache: + blobdescriptor: inmemory + filesystem: + rootdirectory: /var/lib/registry + delete: + enabled: true + +auth: + htpasswd: + realm: Registry Realm + path: /auth/htpasswd +http: + addr: :5000 + headers: + Access-Control-Expose-Headers: ['Docker-Content-Digest'] + Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] + Access-Control-Allow-Origin: ['https://registry-ui.tobiasmanske.de'] + Access-Control-Allow-Credentials: [true] + Access-Control-Allow-Headers: ['Authorization', 'Accept'] + X-Content-Type-Options: [nosniff] +health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 diff --git a/compose/01_registry/docker-compose.yml b/compose/01_registry/docker-compose.yml index 044cf19..33f9bd5 100644 --- a/compose/01_registry/docker-compose.yml +++ b/compose/01_registry/docker-compose.yml @@ -12,13 +12,32 @@ services: image: 'registry:2' networks: - gateway - environment: - REGISTRY_AUTH: htpasswd - REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd - REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm + - backend volumes: - registry_data:/var/lib/registry - ./htpasswd:/auth/htpasswd:ro,z + - ./config.yaml:/etc/docker/registry/config.yml:ro,z + + frontend: + image: joxit/docker-registry-ui:latest + restart: unless-stopped + depends_on: + - registry + environment: + - DELETE_IMAGES=true + - REGISTRY_TITLE=My Private Docker Registry + - NGINX_PROXY_PASS_URL=http://registry:5000 + - SINGLE_REGISTRY=true + labels: + - "traefik.enable=true" + - "traefik.http.routers.registryui.rule=Host(`registry-ui.tobiasmanske.de`)" + - "traefik.http.routers.registryui.entryPoints=websecure" + - "traefik.http.services.registryui.loadbalancer.server.port=80" + - "com.centurylinklabs.watchtower.scope=update" + networks: + - gateway + - backend + volumes: registry_data: @@ -26,4 +45,6 @@ volumes: networks: gateway: external: true + backend: + internal: true ...