55 lines
1.6 KiB
YAML
55 lines
1.6 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
registry:
|
|
image: registry:2.8
|
|
container_name: registry
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik-public
|
|
ports:
|
|
- "127.0.0.1:5000:5000"
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- REGISTRY_STORAGE_DELETE_ENABLED=true
|
|
- REGISTRY_AUTH=htpasswd
|
|
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
|
|
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
|
|
- REGISTRY_HTTP_SECRET=${REGISTRY_HTTP_SECRET}
|
|
# Storage configuration
|
|
- REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry
|
|
# Garbage collection configuration (moved to config.yml if needed)
|
|
volumes:
|
|
- registry-data:/var/lib/registry
|
|
- ./auth:/auth:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# HTTP Router
|
|
- "traefik.http.routers.registry.rule=Host(`${REGISTRY_DOMAIN:-registry.michaelschiemer.de}`)"
|
|
- "traefik.http.routers.registry.entrypoints=websecure"
|
|
- "traefik.http.routers.registry.tls=true"
|
|
- "traefik.http.routers.registry.tls.certresolver=letsencrypt"
|
|
|
|
# Service
|
|
- "traefik.http.services.registry.loadbalancer.server.port=5000"
|
|
|
|
# Middleware
|
|
- "traefik.http.routers.registry.middlewares=default-chain@file"
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--spider", "-q", "http://localhost:5000/v2/"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 10s
|
|
|
|
volumes:
|
|
registry-data:
|
|
name: registry-data
|
|
|
|
networks:
|
|
traefik-public:
|
|
external: true
|