docker-compose setup: docker-registry docker-auth apache redis

docker.compose.yml

docker_auth:
  image: "cesanta/docker_auth:stable"
  command: --v=2 --alsologtostderr /config/auth_config.yml
  ports:
    - 5001:5001
  volumes:
    - ./docker-auth/config:/config:ro
    - ./docker-auth/logs:/logs

redis:
  image: redis
  ports:
    - 6379:6379

registry:
  image: registry:2
  links:
    - redis:redis
    - docker_auth:docker_auth
  ports:
    - 127.0.0.1:5000:5000
  volumes:
    - ./docker-registry/server.crt:/etc/docker/registry/server.crt:ro
    - ./docker-registry/config.yml:/etc/docker/registry/config.yml:ro
    - ./docker-registry/ca.crt:/etc/docker/registry/ca.crt:ro
    - /vol/ostack/kilo/docker-registry:/var/lib/registry

apache:
  #image: "httpd:2.4"
  image: "mcallaway/httpd:libaprutil1-ldap"
  hostname: registry.my.domain.com
  ports:
    - 443:443
  links:
    - registry:registry
  volumes:
    - ./apache/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro
    - ./apache/server.crt:/usr/local/apache2/conf/server.crt:ro
    - ./apache/server.key:/usr/local/apache2/conf/server.key:ro
    - ./apache/ca.crt:/usr/local/apache2/conf/ca.crt:ro
    - ./apache/ipa_ca.crt:/usr/local/apache2/conf/ipa_ca.crt:ro

The apache config, httpd.conf:

LoadModule headers_module modules/mod_headers.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so
<IfModule ssl_module>
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
</IfModule>
<IfModule unixd_module>
    User daemon
    Group daemon
</IfModule>
<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog /proc/self/fd/1 common
</IfModule>
ServerRoot "/usr/local/apache2"
ServerAdmin admin@my.domain.com
Listen 80
Listen 443
LDAPTrustedMode SSL
LDAPVerifyServerCert Off
LDAPTrustedGlobalCert CA_BASE64 "/usr/local/apache2/conf/ca.crt"
ErrorLog /proc/self/fd/2
LogLevel warn
<Directory />
    AllowOverride none
    Require all denied
</Directory>
<VirtualHost 127.0.0.1:80>
    ServerName registry.my.domain.com
    ServerAlias registry
    RewriteEngine on
    RewriteRule /(.*) https://127.0.0.1/$1 [R=permanent,L]
</VirtualHost>
<VirtualHost *:443>
  ServerName registry.my.domain.com
  SSLEngine on
  SSLCertificateFile /usr/local/apache2/conf/server.crt
  SSLCertificateKeyFile /usr/local/apache2/conf/server.key
  SSLCompression off
  SSLProtocol all -SSLv2 -SSLv3 -TLSv1
  SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
  SSLHonorCipherOrder on
  Header add Strict-Transport-Security "max-age=31536000"
  Header always set "Docker-Distribution-Api-Version" "registry/2.0"
  Header onsuccess set "Docker-Distribution-Api-Version" "registry/2.0"
  RequestHeader set X-Forwarded-Proto "https"
  ProxyRequests     off
  ProxyPreserveHost on
  ProxyPass /error/ !
  ProxyPass        / http://registry:5000/
  ProxyPassReverse / http://registry:5000/
  <Location />
    Order deny,allow
    Allow from all
  </Location>
</VirtualHost>