docker私有仓库WebUI管理

发表于 分类于

仓库

跨域问题

1
2
3
4
5
6
7
REGISTRY_HTTP_HEADERS_X-Content-Type-Options: [nosniff]
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin: ['https://docker.${DOMAIN_NAME}']
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: ['Authorization', 'Accept']
REGISTRY_HTTP_HEADERS_Access-Control-Max-Age: [1728000]
REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: ['Docker-Content-Digest']
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials: ['true']

HTTPS证书

1
2
REGISTRY_HTTP_TLS_CERTIFICATE: /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem
REGISTRY_HTTP_TLS_KEY: /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem

密码登录

1
2
REGISTRY_AUTH_HTPASSWD_REALM: basic-realm
REGISTRY_AUTH_HTPASSWD_PATH: /etc/docker/registry/htpasswd

支持镜像删除

1
REGISTRY_STORAGE_DELETE_ENABLED: "true"

WebUI

镜像 joxit/docker-registry-ui:latest

1
2
3
4
REGISTRY_TITLE: 镜像仓库                           # 标题名称
DELETE_IMAGES: true                               # 支持删除镜像
SINGLE_REGISTRY: true                             # 显示删除提示弹窗
NGINX_PROXY_PASS_URL: "https://registry-srv:5000" # 只能通过容器之间访问

示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
version: "3"

services:
  registry:
    image: registry
    container_name: registry-srv
    restart: unless-stopped
    environment:
      - REGISTRY_HTTP_HEADERS_X-Content-Type-Options: [nosniff]
      - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin: ['https://docker.${DOMAIN_NAME}']
      - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
      - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: ['Authorization', 'Accept']
      - REGISTRY_HTTP_HEADERS_Access-Control-Max-Age: [1728000]
      - REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: ['Docker-Content-Digest']
      - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials: ['true']
      - REGISTRY_AUTH_HTPASSWD_REALM: basic-realm
      - REGISTRY_AUTH_HTPASSWD_PATH: /etc/docker/registry/htpasswd
      - REGISTRY_STORAGE_DELETE_ENABLED: "true"
      - REGISTRY_HTTP_TLS_CERTIFICATE: /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem
      - REGISTRY_HTTP_TLS_KEY: /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem
    volumes:
      - registry:/var/lib/registry
      - ./registry/docker.htpasswd:/etc/docker/registry/htpasswd
      - /etc/letsencrypt:/etc/letsencrypt
    networks:
      - registry

  docker:
    image: joxit/docker-registry-ui:latest
    restart: unless-stopped
    environment:
      - REGISTRY_TITLE: 镜像仓库
      - DELETE_IMAGES: "true"
      - SINGLE_REGISTRY: "true"
      - NGINX_PROXY_PASS_URL: https://registry-srv:5000

volumes:
  registry:

networks:
  registry: