Skip to content

Instantly share code, notes, and snippets.

@bilalatli

bilalatli/docker-registry.conf

Last active April 23, 2020 19:05
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bilalatli/8c1b564068d90e15da648d67a941a096 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bilalatli/8c1b564068d90e15da648d67a941a096 to your computer and use it in GitHub Desktop.
Download ZIP
Docker Registry - Nginx Config File
Raw
docker-registry.conf
upstream registry {
server docker-registry:5000;
}
map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
'' 'registry/2.0';
}
server {
listen 80;
listen [::]:80;
server_name docker.domain.com docker-registry;
rewrite ^(.*) https://docker.domain.com$1 permanent;
}
server {
listen 443 ssl http2;
server_name docker.domain.com docker-registry;
ssl_certificate /etc/letsencrypt/live/docker-registry.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/docker-registry.domain.com/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
client_max_body_size 0;
chunked_transfer_encoding on;
access_log /var/log/nginx/docker-registry-access.log;
error_log /var/log/nginx/docker-registry-error.log;
location /v2/ {
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
add_header Access-Control-Allow-Origin *;
proxy_pass http://registry;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 900;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment