Edward Kenneway on board

2025-11-04 10:13:30 -08:00
parent 65acfb1ff0
commit e922a939f5
7 changed files with 244 additions and 107 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,39 @@
+# Lightweight Docker Registry Configuration
+# Copy this file to .env and customize for your environment
+
+# Registry Configuration
+REGISTRY_PORT=5000
+REGISTRY_STORAGE_PATH=/var/lib/registry
+REGISTRY_DATA_PATH=./data
+REGISTRY_LOG_LEVEL=info
+REGISTRY_DELETE_ENABLED=true
+
+# Authentication (optional)
+REGISTRY_AUTH_ENABLED=false
+REGISTRY_AUTH_PATH=./auth
+REGISTRY_AUTH_REALM=Registry Realm
+
+# TLS/SSL (optional)
+REGISTRY_SECURED=false
+REGISTRY_TLS_CERT_PATH=/certs/server.crt
+REGISTRY_TLS_KEY_PATH=/certs/server.key
+REGISTRY_TLS_PATH=./certs
+
+# UI Configuration
+UI_PORT=8080
+REGISTRY_TITLE=Docker Registry
+REGISTRY_URL=http://registry:5000
+SINGLE_REGISTRY=true
+DELETE_IMAGES=true
+SHOW_CONTENT_DIGEST=true
+SHOW_CATALOG_NB_TAGS=true
+CATALOG_MIN_BRANCHES=1
+CATALOG_MAX_BRANCHES=1
+TAGLIST_PAGE_SIZE=100
+CATALOG_ELEMENTS_LIMIT=1000
+
+# Coolify-specific variables (override as needed)
+# These can be set in Coolify's environment variables section
+# DOMAIN=your-domain.com
+# REGISTRY_DOMAIN=registry.your-domain.com
+# UI_DOMAIN=ui.your-domain.com
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,22 @@
+# Ignore data directories
+data/
+auth/
+certs/
+
+# Ignore environment file with secrets
+.env
+
+# Ignore Docker files
+.dockerignore
+
+# Ignore logs
+*.log
+logs/
+
+# Ignore temporary files
+.tmp/
+*.tmp
+
+# Ignore OS files
+.DS_Store
+Thumbs.db
--- a/34
+++ b/34
@@ -1,34 +0,0 @@
-# Use a lightweight Linux image
-FROM ubuntu:22.04
-
-# Install dependencies
-RUN apt-get update && \
-    apt-get install -y curl tar wget docker.io docker-compose sudo && \
-    rm -rf /var/lib/apt/lists/* && \
-    export TERM=xterm
-
-# Set environment variables
-ENV HARBOR_VERSION=2.9.0
-ENV HARBOR_INSTALLER=harbor-online-installer-v$HARBOR_VERSION.tgz
-ENV HARBOR_DIR=/opt/harbor
-
-# Create directory
-RUN mkdir -p $HARBOR_DIR
-WORKDIR $HARBOR_DIR
-
-# Download and extract Harbor
-RUN curl -LO https://github.com/goharbor/harbor/releases/download/v$HARBOR_VERSION/$HARBOR_INSTALLER && \
-    tar xvf $HARBOR_INSTALLER && \
-    rm $HARBOR_INSTALLER
-
-# Set workdir to the Harbor folder
-WORKDIR $HARBOR_DIR/harbor
-
-# Copy a default harbor.yml config
-COPY harbor.yml ./harbor.yml
-
-# Expose default Harbor ports
-EXPOSE 80 443 4443
-
-# Run the installer
-CMD ["./install.sh", "--with-trivy"]
--- a/README.md
+++ b/README.md
@@ -1,2 +1,96 @@
-# Registry
+# Lightweight Docker Registry

+A simple, lightweight Docker registry with web UI using docker-compose.
+
+## Features
+- Lightweight Docker Registry (official registry:2 image)
+- Web UI for browsing and managing images
+- Configurable via environment variables
+- Optional authentication and TLS support
+- Perfect for Coolify deployment
+
+## Quick Start
+
+1. Copy environment file:
+```bash
+cp .env.example .env
+```
+
+2. Start the registry:
+```bash
+docker-compose up -d
+```
+
+3. Access:
+- Registry API: http://localhost:5000
+- Web UI: http://localhost:8080
+
+## Coolify Deployment
+
+In Coolify, set these environment variables as needed:
+
+### Basic Configuration
+- `REGISTRY_PORT`: Registry port (default: 5000)
+- `UI_PORT`: UI port (default: 8080)
+- `REGISTRY_TITLE`: Registry title for UI
+- `REGISTRY_URL`: Internal registry URL
+
+### Storage
+- `REGISTRY_DATA_PATH`: Data storage path
+- `REGISTRY_DELETE_ENABLED`: Allow image deletion (true/false)
+
+### Security (Optional)
+- `REGISTRY_AUTH_ENABLED`: Enable authentication (true/false)
+- `REGISTRY_SECURED`: Enable HTTPS (true/false)
+- `REGISTRY_TLS_CERT_PATH`: Path to TLS certificate
+- `REGISTRY_TLS_KEY_PATH`: Path to TLS private key
+
+### UI Settings
+- `DELETE_IMAGES`: Allow deletion via UI (true/false)
+- `SHOW_CONTENT_DIGEST`: Show image digests (true/false)
+- `TAGLIST_PAGE_SIZE`: Number of tags per page
+
+## Usage
+
+### Push an image
+```bash
+docker tag myimage localhost:5000/myimage
+docker push localhost:5000/myimage
+```
+
+### Pull an image
+```bash
+docker pull localhost:5000/myimage
+```
+
+### List images
+```bash
+curl http://localhost:5000/v2/_catalog
+```
+
+## Authentication (Optional)
+
+To enable basic authentication:
+
+1. Set `REGISTRY_AUTH_ENABLED=true`
+2. Create htpasswd file:
+```bash
+mkdir -p auth
+docker run --rm -it httpd:alpine htpasswd -Bbn user password > auth/htpasswd
+```
+
+## TLS/SSL (Optional)
+
+To enable HTTPS:
+
+1. Set `REGISTRY_SECURED=true`
+2. Place certificates in `certs/` directory
+3. Set `REGISTRY_TLS_CERT_PATH` and `REGISTRY_TLS_KEY_PATH`
+
+## Resource Usage
+
+- **RAM**: ~100-200MB total
+- **Storage**: Minimal base + image storage
+- **CPU**: Very low usage
+
+Perfect for resource-constrained environments!
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,55 @@
+version: '3.8'
+
+services:
+  registry:
+    image: registry:2
+    container_name: registry
+    restart: unless-stopped
+    ports:
+      - "${REGISTRY_PORT:-5000}:5000"
+    environment:
+      - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=${REGISTRY_STORAGE_PATH:-/var/lib/registry}
+      - REGISTRY_AUTH=${REGISTRY_AUTH_ENABLED:-false}
+      - REGISTRY_AUTH_HTPASSWD_PATH=${REGISTRY_AUTH_PATH:-/auth/htpasswd}
+      - REGISTRY_AUTH_HTPASSWD_REALM=${REGISTRY_AUTH_REALM:-Registry Realm}
+      - REGISTRY_HTTP_TLS_CERTIFICATE=${REGISTRY_TLS_CERT_PATH:-}
+      - REGISTRY_HTTP_TLS_KEY=${REGISTRY_TLS_KEY_PATH:-}
+      - REGISTRY_LOG_LEVEL=${REGISTRY_LOG_LEVEL:-info}
+      - REGISTRY_STORAGE_DELETE_ENABLED=${REGISTRY_DELETE_ENABLED:-true}
+    volumes:
+      - ${REGISTRY_DATA_PATH:-./data}:/var/lib/registry
+      - ${REGISTRY_AUTH_PATH:-./auth}:/auth
+      - ${REGISTRY_TLS_PATH:-./certs}:/certs
+    networks:
+      - registry-network
+
+  registry-ui:
+    image: joxit/docker-registry-ui:latest
+    container_name: registry-ui
+    restart: unless-stopped
+    ports:
+      - "${UI_PORT:-8080}:80"
+    environment:
+      - SINGLE_REGISTRY=${SINGLE_REGISTRY:-true}
+      - REGISTRY_TITLE=${REGISTRY_TITLE:-Docker Registry}
+      - DELETE_IMAGES=${DELETE_IMAGES:-true}
+      - SHOW_CONTENT_DIGEST=${SHOW_CONTENT_DIGEST:-true}
+      - NGINX_PROXY_PASS_URL=${REGISTRY_URL:-http://registry:5000}
+      - SHOW_CATALOG_NB_TAGS=${SHOW_CATALOG_NB_TAGS:-true}
+      - CATALOG_MIN_BRANCHES=${CATALOG_MIN_BRANCHES:-1}
+      - CATALOG_MAX_BRANCHES=${CATALOG_MAX_BRANCHES:-1}
+      - TAGLIST_PAGE_SIZE=${TAGLIST_PAGE_SIZE:-100}
+      - REGISTRY_SECURED=${REGISTRY_SECURED:-false}
+      - CATALOG_ELEMENTS_LIMIT=${CATALOG_ELEMENTS_LIMIT:-1000}
+    depends_on:
+      - registry
+    networks:
+      - registry-network
+
+networks:
+  registry-network:
+    driver: bridge
+
+volumes:
+  registry-data:
+    driver: local
--- a/harbor.yml
+++ b/harbor.yml
@@ -1,72 +0,0 @@
-# Harbor configuration file
-
-# General settings
-hostname: harbor.craftmatrix.org
-http:
-  port: 80
-https:
-  port: 443
-  certificate: /data/cert/server.crt
-  private_key: /data/cert/server.key
-
-# Database settings
-database:
-  password: root123
-  max_idle_conns: 100
-  max_open_conns: 900
-
-# Redis settings
-redis:
-  password: redis123
-
-# Log settings
-log:
-  level: info
-  local:
-    rotate_count: 50
-    rotate_size: 200M
-    location: /var/log/harbor
-
-# Storage settings
-storage_service:
-  ca_bundle: /data/registry/ca-bundle.crt
-  filesystem:
-    maxthreads: 100
-  # Uncomment and configure for other storage types
-  # s3:
-  #   region: us-west-1
-  #   bucket: harbor-bucket
-  #   accesskey: access-key
-  #   secretkey: secret-key
-
-# Project creation quotas
-project_creation_restriction: everyone
-
-# Admin password
-adminserver:
-  password: Harbor12345
-
-# Jobservice settings
-jobservice:
-  max_job_workers: 10
-  job_logger_provider: file
-
-# Registry settings
-registry:
-  credentials_ttl: 5m
-
-# Chart storage settings
-chart:
-  absolute_url: disabled
-
-# Clair settings
-clair:
-  updaters_interval: 12
-
-# Trivy settings
-trivy:
-  ignore_unfixed: false
-  skip_update: false
-  offline_scan: false
-  security_check: vuln
-  insecure: false
--- a/setup.sh
+++ b/setup.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# Setup script for Lightweight Docker Registry
+
+echo "🐳 Setting up Lightweight Docker Registry..."
+
+# Create necessary directories
+mkdir -p data auth certs
+
+# Copy environment file if it doesn't exist
+if [ ! -f .env ]; then
+    cp .env.example .env
+    echo "✅ Created .env file from template"
+else
+    echo "ℹ️  .env file already exists"
+fi
+
+# Set proper permissions
+chmod 755 data auth certs
+
+echo "🚀 Starting registry..."
+docker-compose up -d
+
+echo ""
+echo "✅ Registry is running!"
+echo "📊 Web UI: http://localhost:8080"
+echo "🔌 Registry API: http://localhost:5000"
+echo ""
+echo "💡 To push an image:"
+echo "   docker tag myimage localhost:5000/myimage"
+echo "   docker push localhost:5000/myimage"
+echo ""
+echo "📝 Edit .env file to customize configuration"