add htpasswd auth to private docker registry + expose at registry.viktorbarzin.me

- Add auth.htpasswd section to config-private.yml - Mount htpasswd file in registry-private container, fix healthcheck for 401 - Rename registry UI from registry.viktorbarzin.me → docker.viktorbarzin.me - Add Docker CLI ingress at registry.viktorbarzin.me (HTTPS backend, no rate-limit, unlimited body) - Add docker to cloudflare_proxied_names (registry stays non-proxied) - Add Kyverno ClusterPolicy to sync registry-credentials secret to all namespaces - Update infra provisioning to install apache2-utils and generate htpasswd from Vault
2026-03-22 22:10:10 +02:00 · 2026-03-22 22:10:10 +02:00 · 36171bcda4
commit 36171bcda4
parent e4f478b490
6 changed files with 123 additions and 5 deletions
--- a/modules/docker-registry/config-private.yml
+++ b/modules/docker-registry/config-private.yml
@ -16,6 +16,10 @@ storage:
      age: 168h
      interval: 4h
      dryrun: false
+auth:
+  htpasswd:
+    realm: "Registry Realm"
+    path: /auth/htpasswd
 http:
  addr: :5000
  headers: