rezamt/docker-repository-setup.sh

## docker-repository-setup.sh
# On Docker Repo Server - Run docker.io/repository:latest (docker version)

mkdir -p /docker_data/images  # Docker images
mkdir -p /docker_data/certs   # Repository SSL Certificate

# Get the hostname fqdn
hostname -f

# creating selfsign certificate
cd /docker_data/certs
openssl req -newkey rsa:4096 -sha256 -keyout domain.key -x509 -days 365 -out domain.crt

# Use the hostname fqdn for common name on your certificate.

# Remove the SSL Key password
openssl rsa -in domain.key -out domain-nopass.key
mv domain-nopass.key domain.key

docker run -d -p 6000:5000 --name docker-repo \
-v /docker_data/images:/var/lib/registry \
-v /docker_data/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
registry:latest


# On Sucess your registery should be up and running
# All Docker images will be stored under:
# /docker_data/images/docker/registry/v2/repositories

# Checking an image into repo

docker pull centos

docker tag centos:latest localhost:5000/centos:latest

docker push localhost:5000/centos:latest


# Docker Repo Clients
# On All Docker Machine (we need repostory public certificate)

# Copy the public Repo certificate to Client machine under
#  The DOCKER-REPO-FQDN is your docker repor FQDN ` hostname -f `
mkdir /etc/docker/cert.d/DOCKER-REPO-FQDN:PORT/
cp domain.crt /etc/docker/certs.d/DOCKER-REPO-FQDN:PORT/


# e.g. machine name:
#  dcm1.example.internal:5000
#  mkdir -p /etc/docker/cert.d/dcm1.example.internal:5000/
#  cp domain.crt /etc/docker/cert.d/dcm1.example.internal:5000/domain.crt

#  docker pull dcm1.example.internal:5000/centos

# Note:
#  Don't forget the port as part of directory name otherwise you will get
# Error response from daemon: Get https://dcm1.example.internal:5000/v2/: x509: certificate signed by unknown authority
	# On Docker Repo Server - Run docker.io/repository:latest (docker version)

	mkdir -p /docker_data/images # Docker images
	mkdir -p /docker_data/certs # Repository SSL Certificate

	# Get the hostname fqdn
	hostname -f

	# creating selfsign certificate
	cd /docker_data/certs
	openssl req -newkey rsa:4096 -sha256 -keyout domain.key -x509 -days 365 -out domain.crt

	# Use the hostname fqdn for common name on your certificate.

	# Remove the SSL Key password
	openssl rsa -in domain.key -out domain-nopass.key
	mv domain-nopass.key domain.key

	docker run -d -p 6000:5000 --name docker-repo \
	-v /docker_data/images:/var/lib/registry \
	-v /docker_data/certs:/certs \
	-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
	-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
	registry:latest


	# On Sucess your registery should be up and running
	# All Docker images will be stored under:
	# /docker_data/images/docker/registry/v2/repositories

	# Checking an image into repo

	docker pull centos

	docker tag centos:latest localhost:5000/centos:latest

	docker push localhost:5000/centos:latest


	# Docker Repo Clients
	# On All Docker Machine (we need repostory public certificate)

	# Copy the public Repo certificate to Client machine under
	# The DOCKER-REPO-FQDN is your docker repor FQDN ` hostname -f `
	mkdir /etc/docker/cert.d/DOCKER-REPO-FQDN:PORT/
	cp domain.crt /etc/docker/certs.d/DOCKER-REPO-FQDN:PORT/


	# e.g. machine name:
	# dcm1.example.internal:5000
	# mkdir -p /etc/docker/cert.d/dcm1.example.internal:5000/
	# cp domain.crt /etc/docker/cert.d/dcm1.example.internal:5000/domain.crt

	# docker pull dcm1.example.internal:5000/centos

	# Note:
	# Don't forget the port as part of directory name otherwise you will get
	# Error response from daemon: Get https://dcm1.example.internal:5000/v2/: x509: certificate signed by unknown authority