Compare commits
3 Commits
registry
...
registry-v
Author | SHA1 | Date |
---|---|---|
greg | 241a4fbe38 | 1 year ago |
greg | d9931bd74b | 1 year ago |
greg | 9aafaa623a | 1 year ago |
@ -1,2 +0,0 @@ |
||||
FROM nginx:1.19 |
||||
COPY index.html /usr/share/nginx/html/index.html |
@ -1,36 +1,43 @@ |
||||
version: '2.0' |
||||
services: |
||||
version: '3.8' |
||||
|
||||
# REGISTRY |
||||
registry: |
||||
image: registry:2.6.2 |
||||
container_name: registry |
||||
services: |
||||
registry-ui: |
||||
image: joxit/docker-registry-ui:main |
||||
container_name: registry-ui |
||||
restart: always |
||||
ports: |
||||
- "5000:5000" |
||||
- 8087:80 |
||||
environment: |
||||
REGISTRY_AUTH: htpasswd |
||||
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm |
||||
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd |
||||
volumes: |
||||
- ./auth:/auth |
||||
- ./registry-data:/var/lib/registry |
||||
- ./registry-config:/etc/docker/registry |
||||
- SINGLE_REGISTRY=true |
||||
- REGISTRY_TITLE=Docker Registry UI |
||||
- DELETE_IMAGES=true |
||||
- SHOW_CONTENT_DIGEST=true |
||||
- NGINX_PROXY_PASS_URL=http://registry:5000 |
||||
- SHOW_CATALOG_NB_TAGS=true |
||||
- CATALOG_MIN_BRANCHES=1 |
||||
- CATALOG_MAX_BRANCHES=1 |
||||
- TAGLIST_PAGE_SIZE=100 |
||||
- REGISTRY_SECURED=false |
||||
- CATALOG_ELEMENTS_LIMIT=1000 |
||||
networks: |
||||
- registry-ui-net |
||||
|
||||
# UI |
||||
ui: |
||||
image: joxit/docker-registry-ui:1.5-static |
||||
container_name: ui_registry |
||||
ports: |
||||
- 8087:80 |
||||
registry: |
||||
image: registry:2.8.2 |
||||
container_name: registry |
||||
restart: always |
||||
environment: |
||||
- REGISTRY_TITLE=DockerRegistry |
||||
- REGISTRY_URL=http://registry:5000 |
||||
depends_on: |
||||
- registry |
||||
REGISTRY_HTTP_HEADERS_Access-Control-Origin: '[http://registry.example.com]' |
||||
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: '[HEAD,GET,OPTIONS,DELETE]' |
||||
REGISTRY_HTTP_HEADERS_Access-Control-Credentials: '[true]' |
||||
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: '[Authorization,Accept,Cache-Control]' |
||||
REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: '[Docker-Content-Digest]' |
||||
REGISTRY_STORAGE_DELETE_ENABLED: 'true' |
||||
volumes: |
||||
- ./registry/data:/var/lib/registry |
||||
- ./registry/config:/etc/docker/registry |
||||
networks: |
||||
- registry-ui-net |
||||
|
||||
networks: |
||||
registry-ui-net: |
||||
registry-ui-net: |
@ -1,5 +0,0 @@ |
||||
<html> |
||||
<title>Hello Docker</title> |
||||
<p>Hello le Garage numerique!</p> |
||||
</html> |
||||
|
@ -0,0 +1,39 @@ |
||||
version: 0.1 |
||||
log: |
||||
fields: |
||||
service: registry |
||||
storage: |
||||
delete: |
||||
enabled: true |
||||
cache: |
||||
blobdescriptor: inmemory |
||||
filesystem: |
||||
rootdirectory: /var/lib/registry |
||||
maintenance: |
||||
uploadpurging: |
||||
enabled: true |
||||
age: 168h |
||||
interval: 24h |
||||
dryrun: false |
||||
readonly: |
||||
enabled: false |
||||
http: |
||||
addr: :5000 |
||||
headers: |
||||
X-Content-Type-Options: [nosniff] |
||||
Access-Control-Allow-Origin: ['http://127.0.0.1:8000'] |
||||
Access-Control-Allow-Credentials: [true] |
||||
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] |
||||
Access-Control-Allow-Headers: ['Authorization', 'Accept', 'Cache-Control'] |
||||
Access-Control-Max-Age: [1728000] |
||||
Access-Control-Allow-Credentials: [true] |
||||
Access-Control-Expose-Headers: ['Docker-Content-Digest'] |
||||
auth: |
||||
htpasswd: |
||||
realm: basic-realm |
||||
path: /etc/docker/registry/htpasswd |
||||
health: |
||||
storagedriver: |
||||
enabled: true |
||||
interval: 10s |
||||
threshold: 3 |
Binary file not shown.
@ -1,63 +0,0 @@ |
||||
#!/bin/bash |
||||
|
||||
#//// GREG POUR LE GARAGE NUMERIQUE \\\\# |
||||
|
||||
# Ce script fonctionne avec le docker-compose.yml du projet https://gitlab.com/greglebreton/docker.git -> branche docker-registry |
||||
# Ce script maintient un registre privée accueillant des sauvegardes de conteneurs quotidiennement de manière automatisée. |
||||
# Le delta est exprimé en jour et est effectué par comparaison entre la date du jour et la date d'enregistrement de l'image. |
||||
|
||||
date=$(date +"%Y-%m-%d") |
||||
|
||||
# A RENSEIGNER |
||||
## chemin vers le dossier docker cloné sans le dernier / |
||||
registryPath="" |
||||
## exemple monRegistreDocker.monDomaine.com |
||||
dockerRegistryAdress="" |
||||
## nombre de jours de sauvegarde à conserver par rapport à la date du jour (à ajuster si les sauvegardes ne sont pas quotidiennes) |
||||
max="" |
||||
## registres à ignorer |
||||
exceptions=( "container1" "container2" ) |
||||
|
||||
################################################################################################### |
||||
|
||||
echo "docker clean start..." |
||||
|
||||
## DOCKER LIST IMG REGISTRY |
||||
registry=$(ls $registryPath/registry-data/docker/registry/v2/repositories/) |
||||
|
||||
## DOCKER LIST TAGS FOR EACH REPO |
||||
for repo in $registry |
||||
do |
||||
for ex in ${exceptions[@]} |
||||
do |
||||
if [ $repo == $ex ] |
||||
then |
||||
break |
||||
else |
||||
tags=$(ls $registryPath/registry-data/docker/registry/v2/repositories/$repo/_manifests/tags/) |
||||
|
||||
for tag in $tags |
||||
do |
||||
datebackup=$(stat -c '%w' $registryPath/registry-data/docker/registry/v2/repositories/$repo/_manifests/tags/$tag) |
||||
gooddatebackup="${datebackup:0:10}" |
||||
|
||||
echo $gooddatebackup |
||||
|
||||
if [ ${tag:0:2} == "01" ] |
||||
then |
||||
break |
||||
else |
||||
let delta=($(date +%s -d $date)-$(date +%s -d $gooddatebackup))/86400 |
||||
|
||||
if [ $delta -gt $max ] |
||||
then |
||||
echo "$dockerRegistryAdress/$repo:$tag deleted!" |
||||
regctl tag rm $dockerRegistryAdress/$repo:$tag |
||||
fi |
||||
fi |
||||
done |
||||
fi |
||||
done |
||||
done |
||||
|
||||
echo "registre nettoyé" |
@ -1,89 +0,0 @@ |
||||
#!/bin/bash |
||||
|
||||
#//// GREG POUR LE GARAGE NUMERIQUE \\\\# |
||||
|
||||
# Script automatisant le push de conteneur vers un registre privé de backups ainsi que les volumes correspondants. |
||||
# Le docker login au registre doit être effectué au moins une fois manuellement. |
||||
# Configurer l'adresse du registre ainsi que les informations sur le serveur de backups |
||||
# Les volumes et labels sont archivés et transférés par ssh vers le serveur de backup une fois par mois (le 1er). |
||||
|
||||
############################## CONFIG ############################## |
||||
|
||||
date=`date +%d-%m` |
||||
# dockerregistry="monregistre.mondomaine.com" |
||||
dockerregistry="" |
||||
# sshHost="user@server-IP" |
||||
sshHost="" |
||||
# sshPort=9999 |
||||
sshPort= |
||||
backupFolder="~/docker-volumes-backup/" |
||||
# exceptions=( "container1" "container2") |
||||
#exceptions=( "" ) |
||||
|
||||
############################## CONTAINERS BACKUP ############################## |
||||
|
||||
# LISTING DES CONTAINERS |
||||
stack=$(docker ps -aq) |
||||
|
||||
for container in $stack |
||||
do |
||||
echo "backup du conteneur $container" |
||||
# GET CONTAINER NAME |
||||
docker inspect --format='{{.Name}}' $container > containers.txt |
||||
containerName=$(sed 's/[/]*//' containers.txt) |
||||
|
||||
for exception in ${exceptions[@]} |
||||
do |
||||
if [ $container == $exception ] |
||||
then |
||||
break |
||||
else |
||||
# COMMIT AND PUSH TO REGSTRY |
||||
docker container commit $container $dockerregistry$containerName-backup:$date |
||||
docker push $dockerregistry$containerName-backup:$date |
||||
fi |
||||
done |
||||
done |
||||
|
||||
# CLEANING |
||||
rm -rf containers.txt |
||||
|
||||
############################## VOLUMES & LABELS BACKUP ############################## |
||||
|
||||
if [ ${date:0:02} == "01" ] |
||||
then |
||||
# LISTING DES VOLUMES |
||||
volumes=$(docker volume ls -q) |
||||
|
||||
for volume in $volumes |
||||
do |
||||
echo "backup du volume $volume" |
||||
|
||||
# GET CONTAINER ID |
||||
containerId=$(docker ps -a -q --filter volume=$volume) |
||||
# GET CONTAINER NAME |
||||
docker inspect --format='{{.Name}}' $containerId > volumes.txt |
||||
container=$(sed 's/[/]*//' volumes.txt) |
||||
|
||||
# STOP THE CONTAINER (FOR VOLUMES INTEGRITY) |
||||
docker stop $container |
||||
# BACKUP VOLUME IN ARCHIVE |
||||
docker run -v $volume:/volume -v $(pwd)/backup:/backup --rm loomchild/volume-backup backup volumes/$container-volume:$date |
||||
# BACKUP DOCKER VOLUMES LABELS |
||||
docker inspect $volume -f "{{json .Labels}}" > backup/labels/$container-labels.json |
||||
# RESTART THE CONTAINER |
||||
docker start $container |
||||
|
||||
# CLEANING |
||||
rm -rf volumes.txt |
||||
done |
||||
|
||||
# MV VOLUMES & LABELS BACKUP TO BACKUP HOST |
||||
scp -r -P $sshPort $(pwd)/backup/* $sshHost:$backupFolder |
||||
# CLEANING |
||||
rm -rf containers.txt; rm -rf $(pwd)/backup/volumes/*; rm -rf $(pwd)/backup/labels/* |
||||
|
||||
echo "copie des archives de volumes vers le serveur de backup ok" |
||||
fi |
||||
|
||||
echo "backup des containers terminée" |
Loading…
Reference in new issue