diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 5c3710a..0000000 --- a/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM nginx:1.19 -COPY index.html /usr/share/nginx/html/index.html diff --git a/auth/htpasswd b/auth/htpasswd deleted file mode 100644 index e69de29..0000000 diff --git a/docker-compose.yml b/docker-compose.yml index af685f8..b43ae4a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,36 +1,43 @@ -version: '2.0' -services: +version: '3.8' -# REGISTRY - registry: - image: registry:2.6.2 - container_name: registry +services: + registry-ui: + image: joxit/docker-registry-ui:main + container_name: registry-ui + restart: always ports: - - "5000:5000" + - 8087:80 environment: - REGISTRY_AUTH: htpasswd - REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm - REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd - volumes: - - ./auth:/auth - - ./registry-data:/var/lib/registry - - ./registry-config:/etc/docker/registry + - SINGLE_REGISTRY=true + - REGISTRY_TITLE=Docker Registry UI + - DELETE_IMAGES=true + - SHOW_CONTENT_DIGEST=true + - NGINX_PROXY_PASS_URL=http://registry:5000 + - SHOW_CATALOG_NB_TAGS=true + - CATALOG_MIN_BRANCHES=1 + - CATALOG_MAX_BRANCHES=1 + - TAGLIST_PAGE_SIZE=100 + - REGISTRY_SECURED=false + - CATALOG_ELEMENTS_LIMIT=1000 networks: - registry-ui-net -# UI - ui: - image: joxit/docker-registry-ui:1.5-static - container_name: ui_registry - ports: - - 8087:80 + registry: + image: registry:2.8.2 + container_name: registry + restart: always environment: - - REGISTRY_TITLE=DockerRegistry - - REGISTRY_URL=http://registry:5000 - depends_on: - - registry + REGISTRY_HTTP_HEADERS_Access-Control-Origin: '[http://registry.example.com]' + REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: '[HEAD,GET,OPTIONS,DELETE]' + REGISTRY_HTTP_HEADERS_Access-Control-Credentials: '[true]' + REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: '[Authorization,Accept,Cache-Control]' + REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: '[Docker-Content-Digest]' + REGISTRY_STORAGE_DELETE_ENABLED: 'true' + volumes: + - ./registry/data:/var/lib/registry + - ./registry-config:/etc/docker/registry networks: - registry-ui-net networks: - registry-ui-net: + registry-ui-net: \ No newline at end of file diff --git a/index.html b/index.html deleted file mode 100644 index 9bdf44d..0000000 --- a/index.html +++ /dev/null @@ -1,5 +0,0 @@ - - Hello Docker -

Hello le Garage numerique!

- - diff --git a/registry-config/config.yml b/registry-config/config.yml new file mode 100644 index 0000000..932bfea --- /dev/null +++ b/registry-config/config.yml @@ -0,0 +1,39 @@ +version: 0.1 +log: + fields: + service: registry +storage: + delete: + enabled: true + cache: + blobdescriptor: inmemory + filesystem: + rootdirectory: /var/lib/registry + maintenance: + uploadpurging: + enabled: true + age: 168h + interval: 24h + dryrun: false + readonly: + enabled: false +http: + addr: :5000 + headers: + X-Content-Type-Options: [nosniff] + Access-Control-Allow-Origin: ['http://127.0.0.1:8000'] + Access-Control-Allow-Credentials: [true] + Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] + Access-Control-Allow-Headers: ['Authorization', 'Accept', 'Cache-Control'] + Access-Control-Max-Age: [1728000] + Access-Control-Allow-Credentials: [true] + Access-Control-Expose-Headers: ['Docker-Content-Digest'] +auth: + htpasswd: + realm: basic-realm + path: /etc/docker/registry/htpasswd +health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 \ No newline at end of file diff --git a/utils/regctl b/utils/regctl deleted file mode 100755 index d79e660..0000000 Binary files a/utils/regctl and /dev/null differ diff --git a/utils/registry-image-cleaning.sh b/utils/registry-image-cleaning.sh deleted file mode 100755 index eeeb086..0000000 --- a/utils/registry-image-cleaning.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash - -#//// GREG POUR LE GARAGE NUMERIQUE \\\\# - -# Ce script fonctionne avec le docker-compose.yml du projet https://gitlab.com/greglebreton/docker.git -> branche docker-registry -# Ce script maintient un registre privée accueillant des sauvegardes de conteneurs quotidiennement de manière automatisée. -# Le delta est exprimé en jour et est effectué par comparaison entre la date du jour et la date d'enregistrement de l'image. - -date=$(date +"%Y-%m-%d") - -# A RENSEIGNER -## chemin vers le dossier docker cloné sans le dernier / -registryPath="" -## exemple monRegistreDocker.monDomaine.com -dockerRegistryAdress="" -## nombre de jours de sauvegarde à conserver par rapport à la date du jour (à ajuster si les sauvegardes ne sont pas quotidiennes) -max="" -## registres à ignorer -exceptions=( "container1" "container2" ) - -################################################################################################### - -echo "docker clean start..." - -## DOCKER LIST IMG REGISTRY -registry=$(ls $registryPath/registry-data/docker/registry/v2/repositories/) - -## DOCKER LIST TAGS FOR EACH REPO -for repo in $registry -do - for ex in ${exceptions[@]} - do - if [ $repo == $ex ] - then - break - else - tags=$(ls $registryPath/registry-data/docker/registry/v2/repositories/$repo/_manifests/tags/) - - for tag in $tags - do - datebackup=$(stat -c '%w' $registryPath/registry-data/docker/registry/v2/repositories/$repo/_manifests/tags/$tag) - gooddatebackup="${datebackup:0:10}" - - echo $gooddatebackup - - if [ ${tag:0:2} == "01" ] - then - break - else - let delta=($(date +%s -d $date)-$(date +%s -d $gooddatebackup))/86400 - - if [ $delta -gt $max ] - then - echo "$dockerRegistryAdress/$repo:$tag deleted!" - regctl tag rm $dockerRegistryAdress/$repo:$tag - fi - fi - done - fi - done -done - -echo "registre nettoyé" diff --git a/utils/stack-backup-registry.sh b/utils/stack-backup-registry.sh deleted file mode 100755 index 9abef60..0000000 --- a/utils/stack-backup-registry.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/bash - -#//// GREG POUR LE GARAGE NUMERIQUE \\\\# - -# Script automatisant le push de conteneur vers un registre privé de backups ainsi que les volumes correspondants. -# Le docker login au registre doit être effectué au moins une fois manuellement. -# Configurer l'adresse du registre ainsi que les informations sur le serveur de backups -# Les volumes et labels sont archivés et transférés par ssh vers le serveur de backup une fois par mois (le 1er). - -############################## CONFIG ############################## - -date=`date +%d-%m` -# dockerregistry="monregistre.mondomaine.com" -dockerregistry="" -# sshHost="user@server-IP" -sshHost="" -# sshPort=9999 -sshPort= -backupFolder="~/docker-volumes-backup/" -# exceptions=( "container1" "container2") -#exceptions=( "" ) - -############################## CONTAINERS BACKUP ############################## - -# LISTING DES CONTAINERS -stack=$(docker ps -aq) - -for container in $stack -do - echo "backup du conteneur $container" - # GET CONTAINER NAME - docker inspect --format='{{.Name}}' $container > containers.txt - containerName=$(sed 's/[/]*//' containers.txt) - - for exception in ${exceptions[@]} - do - if [ $container == $exception ] - then - break - else - # COMMIT AND PUSH TO REGSTRY - docker container commit $container $dockerregistry$containerName-backup:$date - docker push $dockerregistry$containerName-backup:$date - fi - done -done - -# CLEANING -rm -rf containers.txt - -############################## VOLUMES & LABELS BACKUP ############################## - -if [ ${date:0:02} == "01" ] -then - # LISTING DES VOLUMES - volumes=$(docker volume ls -q) - - for volume in $volumes - do - echo "backup du volume $volume" - - # GET CONTAINER ID - containerId=$(docker ps -a -q --filter volume=$volume) - # GET CONTAINER NAME - docker inspect --format='{{.Name}}' $containerId > volumes.txt - container=$(sed 's/[/]*//' volumes.txt) - - # STOP THE CONTAINER (FOR VOLUMES INTEGRITY) - docker stop $container - # BACKUP VOLUME IN ARCHIVE - docker run -v $volume:/volume -v $(pwd)/backup:/backup --rm loomchild/volume-backup backup volumes/$container-volume:$date - # BACKUP DOCKER VOLUMES LABELS - docker inspect $volume -f "{{json .Labels}}" > backup/labels/$container-labels.json - # RESTART THE CONTAINER - docker start $container - - # CLEANING - rm -rf volumes.txt - done - - # MV VOLUMES & LABELS BACKUP TO BACKUP HOST - scp -r -P $sshPort $(pwd)/backup/* $sshHost:$backupFolder - # CLEANING - rm -rf containers.txt; rm -rf $(pwd)/backup/volumes/*; rm -rf $(pwd)/backup/labels/* - - echo "copie des archives de volumes vers le serveur de backup ok" -fi - -echo "backup des containers terminée"