36171bcda4
- Add auth.htpasswd section to config-private.yml - Mount htpasswd file in registry-private container, fix healthcheck for 401 - Rename registry UI from registry.viktorbarzin.me → docker.viktorbarzin.me - Add Docker CLI ingress at registry.viktorbarzin.me (HTTPS backend, no rate-limit, unlimited body) - Add docker to cloudflare_proxied_names (registry stays non-proxied) - Add Kyverno ClusterPolicy to sync registry-credentials secret to all namespaces - Update infra provisioning to install apache2-utils and generate htpasswd from Vault
31 lines
531 B
YAML
31 lines
531 B
YAML
version: 0.1
|
|
log:
|
|
fields:
|
|
service: registry-private
|
|
storage:
|
|
cache:
|
|
blobdescriptor: inmemory
|
|
filesystem:
|
|
rootdirectory: /var/lib/registry
|
|
maxsize: 100GiB
|
|
delete:
|
|
enabled: true
|
|
maintenance:
|
|
uploadpurging:
|
|
enabled: true
|
|
age: 168h
|
|
interval: 4h
|
|
dryrun: false
|
|
auth:
|
|
htpasswd:
|
|
realm: "Registry Realm"
|
|
path: /auth/htpasswd
|
|
http:
|
|
addr: :5000
|
|
headers:
|
|
X-Content-Type-Options: [nosniff]
|
|
health:
|
|
storagedriver:
|
|
enabled: true
|
|
interval: 10s
|
|
threshold: 3
|