Skip to content

Instantly share code, notes, and snippets.

@aluedeke

aluedeke/commands

Created January 6, 2014 20:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save aluedeke/8289007 to your computer and use it in GitHub Desktop.
Save aluedeke/8289007 to your computer and use it in GitHub Desktop.
Download ZIP
docker basic auth
Raw
commands
build)
packer build -var 'build_target=$BUILD_TARGET' packer.json
;;
import)
docker import - $DOCKER_REGISTRY_HOST:5000/$DOCKER_REPOSITORY < $BUILD_TARGET
;;
run)
docker run -i -t -p $DOCKER_REGISTRY_PORT:443 -p 5050:5000 -e SETTINGS_FLAVOR=prod -e AWS_KEY=$AWS_KEY -e AWS_SECRET=$AWS_SECRET -e AWS_BUCKET=$AWS_BUCKET $DOCKER_REGISTRY_HOST:5000/$DOCKER_REPOSITORY:latest supervisord -n
;;
Raw
config.yaml
# Set env vars for AWS_* when launching - this config will refer to them.
# To specify prod flavor, set the environment variable SETTINGS_FLAVOR=prod
# example launching with this config, in a docker image:
# docker run -p 5000:5000 -e SETTINGS_FLAVOR=prod -e AWS_KEY=X -e AWS_SECRET=Y -e AWS_BUCKET=images registry-image
prod:
storage: s3
boto_bucket: _env:AWS_BUCKET
s3_access_key: _env:AWS_KEY
s3_secret_key: _env:AWS_SECRET
s3_bucket: _env:AWS_BUCKET
s3_encrypt: true
s3_secure: true
secret_key: REPLACEME
s3_encrypt: true
s3_secure: true
storage_path: /images
standalone: true
Raw
nginx.conf
server {
listen 443;
server_name localhost;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_certificate /docker-registry/server.crt;
ssl_certificate_key /docker-registry/server.key;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
# chunkin on;
# error_page 411 = @my_411_error;
# location @my_411_error {
# chunkin_resume;
# }
location / {
# Basic authentication
# Basic authentication
auth_basic "Restricted";
auth_basic_user_file /docker-registry/.htpasswd;
proxy_pass http://127.0.0.1:5000;
proxy_read_timeout 900;
}
location /_ping {
auth_basic off;
proxy_pass http://127.0.0.1:5000;
proxy_read_timeout 900;
}
location /v1/_ping {
auth_basic off;
proxy_pass http://127.0.0.1:5000;
proxy_read_timeout 900;
}
}
Raw
setup.sh
#!/bin/bash
touch /etc/apt/sources.list.d/nginx.list
echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu raring main" >> /etc/apt/sources.list.d/nginx.list
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 8B3981E7A6852F782CC4951600A6F0A3C300EE8C
apt-get update
apt-get -y install supervisor nginx-extras
mkdir -p /var/log/supervisor
rm /etc/nginx/sites-enabled/default
echo "daemon off;" >> /etc/nginx/nginx.conf
Raw
supervisord.conf
[supervisord]
nodaemon=true
[program:docker-registry]
command=sh -c "cd /docker-registry && ./setup-configs.sh && ./run.sh"
stdout_logfile=/var/log/supervisor/docker-registry.log
stderr_logfile=/var/log/supervisor/docker-registry.log
autorestart=true
[program:nginx]
command=nginx
stdout_logfile=/var/log/supervisor/nginx.log
stderr_logfile=/var/log/supervisor/nginx.log
autorestart=true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment