2026-01-25 14:08:09 +00:00 · 2016-10-23 12:26:00 +02:00 · 2016-10-23 12:26:00 +02:00 · d4dea83be6
commit d4dea83be6
parent 20b37e5c82
2 changed files with 98 additions and 2 deletions
--- a/docs/container_registry.md
+++ b/docs/container_registry.md
@ -180,7 +180,7 @@ Generate a self signed certificate with openssl.

 - **Step 2**: Generate a private key and sign request for the private key
 ```bash
-openssl req -nodes -newkey rsa:4096 -keyout registry-auth.key -out registry-auth.csr -subj "/CN=gitlab-issuer"
+openssl req -nodes -newkey rsa:4096 -keyout registry-auth.key -out registry-auth.csr -subj "/CN=registry.example.com"
 ```

 - **Step 3**: Sign your created privated key
@ -190,7 +190,7 @@ openssl x509 -in registry-auth.csr -out registry-auth.crt -req -signkey registry

 After this mount the `certs` dir in both containers and set the same environment variables like way of the signed certificate.

-
+A complete docker-compose file is found here: [docker-compose-registry.yml](docker-compose-registry.yml)

 ## Container Registry storage driver

--- a/docs/docker-compose-registry.yml
+++ b/docs/docker-compose-registry.yml
@ -0,0 +1,96 @@
+version: '2'
+
+services:
+  redis:
+    restart: always
+    image: sameersbn/redis:latest
+    command:
+    - --loglevel warning
+    volumes:
+    - redis:/var/lib/redis:Z
+
+  postgresql:
+    restart: always
+    image: sameersbn/postgresql:9.5-3
+    volumes:
+    - postgresql:/var/lib/postgresql:Z
+    environment:
+    - DB_USER=gitlab
+    - DB_PASS=password
+    - DB_NAME=gitlabhq_production
+    - DB_EXTENSION=pg_trgm
+
+  gitlab:
+    restart: always
+    image: sameersbn/gitlab:8.12.7
+    volumes:
+    - gitlab-data:/home/git/data:Z
+    - gitlab-logs:/var/log/gitlab
+    - ./certs:/certs
+    depends_on:
+    - redis
+    - postgresql
+    ports:
+    - "80:80"
+    - "10022:22"
+    external_links:
+    - "registry:registry.example.com"
+    environment:
+    - DEBUG=false
+
+    - DB_ADAPTER=postgresql
+    - DB_HOST=postgresql
+    - DB_PORT=5432
+    - DB_USER=gitlab
+    - DB_PASS=password
+    - DB_NAME=gitlabhq_production
+
+    - REDIS_HOST=redis
+    - REDIS_PORT=6379
+
+    - GITLAB_HTTPS=false
+    - SSL_SELF_SIGNED=false
+
+    - GITLAB_HOST=gitlab.example.com
+    - GITLAB_PORT=80
+    - GITLAB_SSH_PORT=10022
+    - GITLAB_RELATIVE_URL_ROOT=
+    - GITLAB_SECRETS_DB_KEY_BASE=secret
+    - GITLAB_SECRETS_SECRET_KEY_BASE=secret
+    - GITLAB_SECRETS_OTP_KEY_BASE=secret
+
+    - GITLAB_REGISTRY_ENABLED=true
+    - GITLAB_REGISTRY_HOST=registry.example.com
+    - GITLAB_REGISTRY_PORT=5000
+    - GITLAB_REGISTRY_API_URL=https://registry.example.com:5000
+    - GITLAB_REGISTRY_CERT_PATH=/certs/registry-auth.crt
+    - GITLAB_REGISTRY_KEY_PATH=/certs/registry-auth.key
+
+  registry:
+    restart: always
+    image: registry:2.4.1
+    ports:
+    - "5000:5000"
+    volumes:
+    - registry-data:/var/lib/registry
+    - ./certs:/certs
+    external_links:
+    - "gitlab:gitlab.example.com"
+    environment:
+    - REGISTRY_LOG_LEVEL=info
+    - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry
+    - REGISTRY_AUTH_TOKEN_REALM=http://gitlab.example.com/jwt/auth
+    - REGISTRY_AUTH_TOKEN_SERVICE=container_registry
+    - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer
+    - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/registry-auth.crt
+    - REGISTRY_STORAGE_DELETE_ENABLED=true
+    - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/registry-auth.crt
+    - REGISTRY_HTTP_TLS_KEY=/certs/registry-auth.key
+    - REGISTRY_HTTP_SECRET=secret
+
+volumes:
+    gitlab-data:
+    gitlab-logs:
+    postgresql:
+    redis:
+    registry-data: