docker registry
1. create htpasswd
docker run --rm --entrypoint htpasswd registry:2 -Bbn username password > htpasswd
docker run --rm --entrypoint htpasswd registry:2 -Bbn test test > htpasswd
htpasswd file inside have two records: username & test
2. create registry_config.yml
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Allow-Origin: ['*']
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
Access-Control-Allow-Headers: ['Authorization']
Access-Control-Max-Age: [1728000]
Access-Control-Allow-Credentials: [true]
Access-Control-Expose-Headers: ['Docker-Content-Digest']
auth:
htpasswd:
realm: basic-realm
path: /etc/docker/registry/htpasswd
Access-Control-Allow-Origin can change you want.
3. run docker
docker run -d -p 5000:5000 --restart=always --name registry-srv \
-v $(pwd)/registry_data:/var/lib/registry \
-v $(pwd)/registry_config.yml:/etc/docker/registry/config.yml \
-v $(pwd)/htpasswd:/etc/docker/registry/htpasswd \
registry:2.7.1
4. test docker registry
#Auth test foo:bar bas64=>Zm9vOmJhcg==
curl -k -v -H "Authorization: Basic Zm9vOmJhcg==" http:/xxx.xxx.xxx.xxx:5000/v2/
#Auth test test:test bas64=>dGVzdDp0ZXN0
curl -k -v -H "Authorization: Basic dGVzdDp0ZXN0" http://xxx.xxx.xxx.xxx:500/v2/
curl -v -XGET -u test:test http://xxx.xxx.xxx.xxx:5001/v2/_catalog
Auth ok -> 200 code
Then change user & password or token, get 401 code.
https://ithelp.ithome.com.tw/articles/10191285?sc=iThelpR
https://www.base64encode.org/
https://medium.com/@lvthillo/deploy-a-docker-registry-using-tls-and-htpasswd-56dd57a1215a
https://github.com/Joxit/docker-registry-ui
https://ithelp.ithome.com.tw/articles/10191213
hyper/docker-registry-web