Created
May 16, 2019 16:54
-
-
Save AndyA/b5b1732c7b07dfb83196476e6a800aa6 to your computer and use it in GitHub Desktop.
Revisions
-
AndyA revised this gist
May 16, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -23,7 +23,7 @@ RequestHeader set X-Forwarded-Proto https AuthName "Example Docker Registry" AuthType Basic AuthUserFile "/etc/apache2/passwd/docker" AuthGroupFile "/etc/apache2/passwd/docker.group" -
May 16, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,60 @@ <IfModule mod_ssl.c> <VirtualHost *:443> ServerName "registry.example.com" DocumentRoot /opt/registry.example.com/www CustomLog "|/usr/bin/rotatelogs -L /opt/registry.example.com/logs/apache.access_log.current /opt/registry.example.com/logs/apache.access_log 86400" combined ErrorLog "|/usr/bin/rotatelogs -L /opt/registry.example.com/logs/apache.error_log.current /opt/registry.example.com/logs/apache.error_log 86400" ProxyRequests off ProxyPreserveHost on ProxyPass /v2 http://localhost:5000/v2 ProxyPassReverse /v2 http://localhost:5000/v2 <Directory /opt/registry.example.com/www> AllowOverride All Options +ExecCGI -MultiViews +FollowSymLinks Require all granted </Directory> <Location /v2> RequestHeader set X-Forwarded-Proto https AuthName "Hexten Docker Registry" AuthType Basic AuthUserFile "/etc/apache2/passwd/docker" AuthGroupFile "/etc/apache2/passwd/docker.group" # Read access to authentified users <Limit GET HEAD> <RequireAny > Require forward-dns home.dyn.example.com Require local Require valid-user </RequireAny> </Limit> # Write access to docker-deployer only <Limit POST PUT DELETE PATCH> <RequireAny > Require forward-dns home.dyn.example.com Require local Require group pusher </RequireAny> </Limit> </Location> # Pass-through for certbot. Not currently necessary: we only proxy /v2 <Location /.well-known/acme-challenge> ProxyPass ! Require all granted </Location> SSLCertificateFile /etc/letsencrypt/live/registry.example.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/registry.example.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule> This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,2 @@ # Run the docker registry docker run -d -p 5000:5000 --restart unless-stopped --name registry -v /data/docker/registry:/var/lib/registry registry:2