58 lines
1.3 KiB
Text
58 lines
1.3 KiB
Text
proxy_cache_path /var/cache/nginx/registry
|
|
levels=1:2
|
|
keys_zone=registry:500m
|
|
max_size=50g
|
|
inactive=24h
|
|
use_temp_path=off;
|
|
|
|
upstream docker_registry {
|
|
server 127.0.0.1:5000;
|
|
keepalive 32;
|
|
}
|
|
|
|
server {
|
|
listen 5002;
|
|
server_name _;
|
|
|
|
# Access log
|
|
access_log /var/log/nginx/registry.access.log combined;
|
|
|
|
# Error log
|
|
error_log /var/log/nginx/registry.error.log warn;
|
|
|
|
# Required for large blobs
|
|
client_max_body_size 0;
|
|
|
|
# Disable buffering to clients, keep it between nginx<->registry
|
|
proxy_request_buffering off;
|
|
proxy_buffering on;
|
|
|
|
location /v2/ {
|
|
proxy_pass http://docker_registry;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header Connection "";
|
|
|
|
# --- CRITICAL PART ---
|
|
proxy_cache registry;
|
|
proxy_cache_lock on;
|
|
proxy_cache_lock_timeout 15m;
|
|
proxy_cache_lock_age 15m;
|
|
proxy_cache_use_stale updating;
|
|
|
|
# Cache only successful pulls
|
|
proxy_cache_valid 200 206 24h;
|
|
|
|
# HEAD requests must not poison cache
|
|
proxy_cache_methods GET;
|
|
|
|
# Do not cache pushes
|
|
proxy_no_cache $http_authorization;
|
|
proxy_cache_bypass $http_authorization;
|
|
|
|
# Prevent partial responses
|
|
proxy_read_timeout 900;
|
|
proxy_send_timeout 900;
|
|
}
|
|
}
|