Skip to content

Commit b50bb58

Browse files
alexecalexec
committed
1
1 parent f1573c0 commit b50bb58

22 files changed

Lines changed: 177 additions & 217 deletions

docker-auth-registry/README.md

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,18 @@
11
Set-up a Docker Registry with Plain Text Authentication
22
--
3-
43
This creates a registry that runs locally with SSL and authentication set-up.
54

6-
./registry.sh
5+
Pre-requisites, fig (on OS-X with Homebrew):
6+
7+
brew install fig
8+
9+
To build:
10+
11+
fig up
12+
13+
Test it works:
14+
15+
curl https://localhost:5443/v1/users/ -k -f --basic --user registry:registry
716

817
Based on <https://medium.com/@deeeet/building-private-docker-registry-with-basic-authentication-with-self-signed-certificate-using-it-e6329085e612>.
18+

docker-auth-registry/container/ca-key.pem

Lines changed: 0 additions & 30 deletions
This file was deleted.

docker-auth-registry/container/ca.pem

Lines changed: 0 additions & 24 deletions
This file was deleted.

docker-auth-registry/container/server-cert.pem

Lines changed: 0 additions & 18 deletions
This file was deleted.

docker-auth-registry/container/server-key.pem

Lines changed: 0 additions & 27 deletions
This file was deleted.

docker-auth-registry/container/server.csr

Lines changed: 0 additions & 15 deletions
This file was deleted.

docker-auth-registry/container/start.sh

Lines changed: 0 additions & 8 deletions
This file was deleted.

docker-auth-registry/fig.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
registry:
2+
image: registry
3+
ports:
4+
- "5000:5000"
5+
nginx:
6+
build: nginx
7+
ports:
8+
- "443:8443"
9+
links:
10+
- registry

docker-auth-registry/container/Dockerfile renamed to docker-auth-registry/nginx/Dockerfile

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,4 @@
1-
FROM registry
2-
3-
RUN apt-get update
4-
RUN apt-get install -y nginx
1+
FROM dockerfile/nginx
52

63
ADD server-cert.pem /etc/ssl/certs/docker-registry
74
ADD server-key.pem /etc/ssl/private/docker-registry
@@ -11,8 +8,6 @@ ADD docker-registry.conf /etc/nginx/
118

129
ADD docker-registry.htpasswd /etc/nginx/
1310

14-
EXPOSE 5443
15-
16-
ADD start.sh .
11+
EXPOSE 443
1712

18-
CMD ./start.sh
13+
CMD nginx

docker-auth-registry/nginx/build.sh

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
#! /bin/sh
2+
set -eu
3+
4+
5+
echo "enter "registry" each time you are asked for a pass-phase"
6+
echo "enter "registry" when requested for a common name"
7+
echo "press enter for everything else"
8+
9+
echo 01 > ca.srl
10+
openssl genrsa -des3 -out ca-key.pem 2048
11+
openssl req -new -x509 -days 365 -key ca-key.pem -out ca.pem
12+
13+
openssl genrsa -des3 -out server-key.pem 2048
14+
openssl req -subj "/CN=registry" -new -key server-key.pem -out server.csr
15+
openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem -out server-cert.pem
16+
17+
openssl rsa -in server-key.pem -out server-key.pem
18+
19+
if [ "$(which boot2docker)" != "" ]; then
20+
B=$(echo $DOCKER_HOST|sed 's/.*\/\(.*\):.*/\1/')
21+
22+
scp -i ~/.ssh/id_boot2docker ca.pem docker@$B:
23+
24+
echo "mkdir /etc/docker/certs.d/localhost:5443/" | boot2docker ssh
25+
echo "cat ca.pem > /etc/docker/certs.d/localhost:5443/ca.crt" | boot2docker ssh
26+
fi
27+

0 commit comments

Comments
 (0)