Install Docker Registry V2, NGINX authentication & JOXIT UI
Quote from moshe on 16/10/2020, 6:39 amOverview
Docker – is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels
Nginx – A web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. used for HTTP / HTTPS Authentication
Joxit – This project aims to provide a simple and complete user interface for your private docker registry. You have the choice between two versions, the standard interface and the static interface.
Installation Steps
Install Docker Registry as provided in the forum posts
Forum
Generate SSL Certificates
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
Add your SSL created keys to docker configuration
echo “{” >> /etc/docker/daemon.json
echo ” \”insecure-registries\” : [\”$OFFLINE_REPOSITORY\”]” >> /etc/docker/daemon.json
echo “}”
mkdir /etc/docker/certs.d/registry.tracston.com
cp certs/domain.crt /etc/docker/certs.d/registry.tracston.com\/ca.crt
openssl s_client -showcerts -connect $OFFLINE_REPOSITORY < /dev/null | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > /etc/docker/certs.d//$OFFLINE_REPOSITORY/ca.crt
Install NGINX for docker authentication
Download the configuration file attached to the post and rename it to nginx.conf
Create a password file
auth/nginx.htpasswd
for “testuser” and “testpassword”.docker run –rm –entrypoint htpasswd registry:2 -Bbn user pass> auth/nginx.htpasswdif you get any error just generate htpasswd file and add it to your docker machine
htpasswd -c nginx.htpasswd username
(enter password when prompt )
Create Auth directory and copy the certificate files
mkdir auth
cp domain.crt auth
cp domain.key authcreate docker-compose.yml file with nginx settings
nginx:
# Note : Only nginx:alpine supports bcrypt.
# If you don’t need to use bcrypt, you can use a different tag.
# Ref. https://github.com/nginxinc/docker-nginx/issues/29
image: “nginx:alpine”
ports:
– 5043:443
links:
– registry:registry
volumes:
– ./auth:/etc/nginx/conf.d
– ./auth/nginx.conf:/etc/nginx/nginx.conf:roregistry:
image: registry:2
volumes:
– ./data:/var/lib/registryrun the docker compose in the same directory
docker-compose up -d
Install Joxit UI for docker registry
docker pull joxit/docker-registry-ui:latest
docker run -d -p 8080:8080 joxit/docker-registry-ui
To test your registry push and pull docker images
docker login -u=user -p=pass -e=info@tracston.com registry.tracston.com:5043
docker tag ubuntu registry.tracston.com:5043/test
docker push registry.tracston.com:5043/test
docker pull registry.tracston.com:5043/test
Login to Joxit Registry UI using your favorite browser on port 8080
Overview
Docker – is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels
Nginx – A web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. used for HTTP / HTTPS Authentication
Joxit – This project aims to provide a simple and complete user interface for your private docker registry. You have the choice between two versions, the standard interface and the static interface.
Installation Steps
Install Docker Registry as provided in the forum posts
Generate SSL Certificates
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
Add your SSL created keys to docker configuration
echo “{” >> /etc/docker/daemon.json
echo ” \”insecure-registries\” : [\”$OFFLINE_REPOSITORY\”]” >> /etc/docker/daemon.json
echo “}”
mkdir /etc/docker/certs.d/registry.tracston.com
cp certs/domain.crt /etc/docker/certs.d/registry.tracston.com\/ca.crt
openssl s_client -showcerts -connect $OFFLINE_REPOSITORY < /dev/null | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > /etc/docker/certs.d//$OFFLINE_REPOSITORY/ca.crt
Install NGINX for docker authentication
Download the configuration file attached to the post and rename it to nginx.conf
Create a password file auth/nginx.htpasswd
for “testuser” and “testpassword”.
docker run –rm –entrypoint htpasswd registry:2 -Bbn user pass> auth/nginx.htpasswd
if you get any error just generate htpasswd file and add it to your docker machine
htpasswd -c nginx.htpasswd username
(enter password when prompt )
Create Auth directory and copy the certificate files
mkdir auth
cp domain.crt auth
cp domain.key auth
create docker-compose.yml file with nginx settings
nginx:
# Note : Only nginx:alpine supports bcrypt.
# If you don’t need to use bcrypt, you can use a different tag.
# Ref. https://github.com/nginxinc/docker-nginx/issues/29
image: “nginx:alpine”
ports:
– 5043:443
links:
– registry:registry
volumes:
– ./auth:/etc/nginx/conf.d
– ./auth/nginx.conf:/etc/nginx/nginx.conf:roregistry:
image: registry:2
volumes:
– ./data:/var/lib/registry
run the docker compose in the same directory
docker-compose up -d
Install Joxit UI for docker registry
docker pull joxit/docker-registry-ui:latest
docker run -d -p 8080:8080 joxit/docker-registry-ui
To test your registry push and pull docker images
docker login -u=user -p=pass -e=info@tracston.com registry.tracston.com:5043
docker tag ubuntu registry.tracston.com:5043/test
docker push registry.tracston.com:5043/test
docker pull registry.tracston.com:5043/test
Login to Joxit Registry UI using your favorite browser on port 8080