Skip to content

nagachika/nginx-docker-registry

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
docker
docker
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
VERSION
VERSION
 
 

Repository files navigation

nginx-docker-registry

Docker image of nginx reverse proxy for docker-registry.

  • Add Basic Authentication
    • account information derived from Redis
  • Access control
  • SSL endpoint

TODO

  • select upstream server according to authenticated user
  • performance tuning

Quick Start

  1. prepare certificate files
$ mkdir ssl
$ cd ssl
$ echo 01 > ca.srl
$ openssl genrsa -des3 -out ca-key.pem 2048
$ openssl req -new -x509 -days 365 -key ca-key.pem -out ca.pem
$ openssl genrsa -des3 -out docker-registry-key.pem 2048
$ openssl req -subj '/CN=<Your Hostname Here>' -new -key docker-registry-key.pem -out server.csr
$ openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem -out docker-registry-cert.pem
$ openssl rsa -in docker-registry-key.pem -out docker-registry-key.pem
$ cd ../
  1. start containers
$ docker run -d -p 6379:6379 redis:latest
$ docker run -d -p 5000:5000 registry
$ docker run -d -v `pwd`/ssl -p 443:443 -e REDIS_HOST=172.17.42.1 -e DIGEST_SALT=salt nagachika/nginx-docker-registry
  1. prepare account information & proxy upstream
# get digest string for the password
$ ruby -rdigest -e 'puts Digest::SHA1.hexdigest("salt:password")'
(copy digest string)
$ redis-cli
> hset docker-registry:passwords user1 (copied digest string)
> lpush docker-registry:backends 172.17.42.1:5000

About

ngx_mruby scripts&configuration for docker-registry frontend.

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy