diff --git a/registry/README.md b/registry/README.md new file mode 100644 index 0000000..4deeeef --- /dev/null +++ b/registry/README.md @@ -0,0 +1,56 @@ +# Instalación + +``` +git clone https://github.com/atareao/self-hosted.git +cd self-hosted/registry +cp sample.env .env +sed -i "s/tu.servidor.es/el_fqdn_que_quieras/g" .env +``` + +En el archivo config.yml, también tienes que cambiar el servidor que está definido en `Access-Control-Allow-Origin` + +## Credenciales + +Configuración de las credenciales de un nuevo usuario +```bash +docker run --entrypoint htpasswd httpd:2 -Bbn '' '' > htpasswd +``` +## Levantar el servicio + +A la hora de levantar el servicio dependerá del proxy inverso que hayas seleccionado. Si has elegido Caddy, simplemente, + +``` +docker-compose -f docker-compose.yml -f docker-compose.caddy.yml up -d +docker-compose logs -f +``` + +Mientras que si has elegido Traefik, + +``` +docker-compose -f docker-compose.yml -f docker-compose.traefik.yml up -d +docker-compose logs -f +``` + +## Como subir una imagen a tu registry + +Para subir una imagen a tu registry necesitas hacer login en el mismo con los credenciales que configuraste antes. Por ejemplo, supongamos que tu registry es `registry.tuservidor.es`, lo primero que tienes que hacer es hacer `login`, para ello, + +```bash +docker login registry.tuservidor.es +``` + +El siguiente paso es que etiquetes la imagen que quieres subir a tu `registry`. Esto lo puedes hacer de la siguiente forma, + +```bash +docker tag / registry.tuservidor.es// +``` + +Donde tienes que reemplazar `` por el usuario que tu quieres, en mi caso `atareao`, y `` por el nombre de tu imagen. + +El siguiente paso es subirlo a tu `registry` como lo harías normalmente, + +```bash +docker push registry.tuservidor.es// +``` + +Y ya tienes tu primera imagen en tu recién inaugurado `registry`. diff --git a/registry/config.yml b/registry/config.yml new file mode 100644 index 0000000..9d15447 --- /dev/null +++ b/registry/config.yml @@ -0,0 +1,43 @@ +# Copyright 2016 +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# +# See the License for the specific language governing permissions and +# limitations under the License. + +version: 0.1 +log: + fields: + service: registry +storage: + cache: + blobdescriptor: inmemory + delete: + enabled: true + filesystem: + rootdirectory: /var/lib/registry +http: + addr: :5000 + headers: + X-Content-Type-Options: [nosniff] + Access-Control-Allow-Origin: ['https://tu.servidor.es'] + Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] + Access-Control-Allow-Headers: ['Authorization', 'Accept', 'Cache-Control'] + Access-Control-Max-Age: [1728000] + Access-Control-Allow-Credentials: [true] + Access-Control-Expose-Headers: ['Docker-Content-Digest'] +health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 +auth: + htpasswd: + realm: basic-realm + path: /auth/htpasswd diff --git a/registry/docker-compose.caddy.yml b/registry/docker-compose.caddy.yml new file mode 100644 index 0000000..81ca441 --- /dev/null +++ b/registry/docker-compose.caddy.yml @@ -0,0 +1,7 @@ +version: "3" + +services: + registry-ui: + labels: + - caddy="${FQDN}" + - caddy.reverse_proxy="{{upstreams 80}}" diff --git a/registry/docker-compose.traefik.yml b/registry/docker-compose.traefik.yml new file mode 100644 index 0000000..ca75a99 --- /dev/null +++ b/registry/docker-compose.traefik.yml @@ -0,0 +1,11 @@ +version: "3.7" + +services: + registry-ui: + labels: + - traefik.enable=true + - traefik.http.services.registryui.loadbalancer.server.port=80 + - traefik.http.routers.registryui-secure.entrypoints=https + - traefik.http.routers.registryui-secure.rule=Host(`${FQDN}`) + - traefik.http.routers.registryui-secure.tls=true + - traefik.http.routers.rabbitmq-secure.tls.certresolver=letsencrypt diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml new file mode 100644 index 0000000..fe843c5 --- /dev/null +++ b/registry/docker-compose.yml @@ -0,0 +1,44 @@ +version: '3.7' + +services: + registry: + image: registry + container_name: registry + init: true + restart: unless-stopped + volumes: + - data:/var/lib/registry + - ./config.yml:/etc/docker/registry/config.yml + - ./htpasswd:/auth/htpasswd:ro + environment: + REGISTRY_STORAGE_DELETE_ENABLED: 'true' + networks: + - internal + registry-ui: + container_name: registryui + image: joxit/docker-registry-ui:main + restart: always + environment: + - SINGLE_REGISTRY=true + - REGISTRY_TITLE=Atareao Docker Registry + - DELETE_IMAGES=true + - SHOW_CONTENT_DIGEST=true + - NGINX_PROXY_PASS_URL=http://registry:5000 + - SHOW_CATALOG_NB_TAGS=true + - CATALOG_MIN_BRANCHES=1 + - CATALOG_MAX_BRANCHES=1 + - TAGLIST_PAGE_SIZE=100 + - REGISTRY_SECURED=false + - CATALOG_ELEMENTS_LIMIT=1000 + labels: + networks: + - internal + - proxy + +volumes: + data: {} + +networks: + internal: {} + proxy: + external: true diff --git a/registry/sample.env b/registry/sample.env new file mode 100644 index 0000000..a02164a --- /dev/null +++ b/registry/sample.env @@ -0,0 +1 @@ +FQDN=https://tu.servidor.es diff --git a/umami/sample.env b/umami/sample.env index ccadf5c..f449da8 100644 --- a/umami/sample.env +++ b/umami/sample.env @@ -2,4 +2,3 @@ FQDN=umami.tuservidor.es POSTGRES_DB=umami POSTGRES_USER=umami POSTGRES_PASSWORD=umami -