From e922a939f5c41ffa1a968c1d2ff47e6c880c6e55 Mon Sep 17 00:00:00 2001 From: renzaspiras Date: Tue, 4 Nov 2025 10:13:30 -0800 Subject: [PATCH] Edward Kenneway on board --- .env.example | 39 +++++++++++++++++++ .gitignore | 22 +++++++++++ Dockerfile | 34 ---------------- README.md | 96 +++++++++++++++++++++++++++++++++++++++++++++- docker-compose.yml | 55 ++++++++++++++++++++++++++ harbor.yml | 72 ---------------------------------- setup.sh | 33 ++++++++++++++++ 7 files changed, 244 insertions(+), 107 deletions(-) create mode 100644 .env.example create mode 100644 .gitignore delete mode 100644 Dockerfile create mode 100644 docker-compose.yml delete mode 100644 harbor.yml create mode 100755 setup.sh diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..f5127f6 --- /dev/null +++ b/.env.example @@ -0,0 +1,39 @@ +# Lightweight Docker Registry Configuration +# Copy this file to .env and customize for your environment + +# Registry Configuration +REGISTRY_PORT=5000 +REGISTRY_STORAGE_PATH=/var/lib/registry +REGISTRY_DATA_PATH=./data +REGISTRY_LOG_LEVEL=info +REGISTRY_DELETE_ENABLED=true + +# Authentication (optional) +REGISTRY_AUTH_ENABLED=false +REGISTRY_AUTH_PATH=./auth +REGISTRY_AUTH_REALM=Registry Realm + +# TLS/SSL (optional) +REGISTRY_SECURED=false +REGISTRY_TLS_CERT_PATH=/certs/server.crt +REGISTRY_TLS_KEY_PATH=/certs/server.key +REGISTRY_TLS_PATH=./certs + +# UI Configuration +UI_PORT=8080 +REGISTRY_TITLE=Docker Registry +REGISTRY_URL=http://registry:5000 +SINGLE_REGISTRY=true +DELETE_IMAGES=true +SHOW_CONTENT_DIGEST=true +SHOW_CATALOG_NB_TAGS=true +CATALOG_MIN_BRANCHES=1 +CATALOG_MAX_BRANCHES=1 +TAGLIST_PAGE_SIZE=100 +CATALOG_ELEMENTS_LIMIT=1000 + +# Coolify-specific variables (override as needed) +# These can be set in Coolify's environment variables section +# DOMAIN=your-domain.com +# REGISTRY_DOMAIN=registry.your-domain.com +# UI_DOMAIN=ui.your-domain.com \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..54bbe76 --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +# Ignore data directories +data/ +auth/ +certs/ + +# Ignore environment file with secrets +.env + +# Ignore Docker files +.dockerignore + +# Ignore logs +*.log +logs/ + +# Ignore temporary files +.tmp/ +*.tmp + +# Ignore OS files +.DS_Store +Thumbs.db \ No newline at end of file diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index b12c20a..0000000 --- a/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -# Use a lightweight Linux image -FROM ubuntu:22.04 - -# Install dependencies -RUN apt-get update && \ - apt-get install -y curl tar wget docker.io docker-compose sudo && \ - rm -rf /var/lib/apt/lists/* && \ - export TERM=xterm - -# Set environment variables -ENV HARBOR_VERSION=2.9.0 -ENV HARBOR_INSTALLER=harbor-online-installer-v$HARBOR_VERSION.tgz -ENV HARBOR_DIR=/opt/harbor - -# Create directory -RUN mkdir -p $HARBOR_DIR -WORKDIR $HARBOR_DIR - -# Download and extract Harbor -RUN curl -LO https://github.com/goharbor/harbor/releases/download/v$HARBOR_VERSION/$HARBOR_INSTALLER && \ - tar xvf $HARBOR_INSTALLER && \ - rm $HARBOR_INSTALLER - -# Set workdir to the Harbor folder -WORKDIR $HARBOR_DIR/harbor - -# Copy a default harbor.yml config -COPY harbor.yml ./harbor.yml - -# Expose default Harbor ports -EXPOSE 80 443 4443 - -# Run the installer -CMD ["./install.sh", "--with-trivy"] diff --git a/README.md b/README.md index 3c0c4d6..6522d63 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,96 @@ -# Registry +# Lightweight Docker Registry +A simple, lightweight Docker registry with web UI using docker-compose. + +## Features +- Lightweight Docker Registry (official registry:2 image) +- Web UI for browsing and managing images +- Configurable via environment variables +- Optional authentication and TLS support +- Perfect for Coolify deployment + +## Quick Start + +1. Copy environment file: +```bash +cp .env.example .env +``` + +2. Start the registry: +```bash +docker-compose up -d +``` + +3. Access: +- Registry API: http://localhost:5000 +- Web UI: http://localhost:8080 + +## Coolify Deployment + +In Coolify, set these environment variables as needed: + +### Basic Configuration +- `REGISTRY_PORT`: Registry port (default: 5000) +- `UI_PORT`: UI port (default: 8080) +- `REGISTRY_TITLE`: Registry title for UI +- `REGISTRY_URL`: Internal registry URL + +### Storage +- `REGISTRY_DATA_PATH`: Data storage path +- `REGISTRY_DELETE_ENABLED`: Allow image deletion (true/false) + +### Security (Optional) +- `REGISTRY_AUTH_ENABLED`: Enable authentication (true/false) +- `REGISTRY_SECURED`: Enable HTTPS (true/false) +- `REGISTRY_TLS_CERT_PATH`: Path to TLS certificate +- `REGISTRY_TLS_KEY_PATH`: Path to TLS private key + +### UI Settings +- `DELETE_IMAGES`: Allow deletion via UI (true/false) +- `SHOW_CONTENT_DIGEST`: Show image digests (true/false) +- `TAGLIST_PAGE_SIZE`: Number of tags per page + +## Usage + +### Push an image +```bash +docker tag myimage localhost:5000/myimage +docker push localhost:5000/myimage +``` + +### Pull an image +```bash +docker pull localhost:5000/myimage +``` + +### List images +```bash +curl http://localhost:5000/v2/_catalog +``` + +## Authentication (Optional) + +To enable basic authentication: + +1. Set `REGISTRY_AUTH_ENABLED=true` +2. Create htpasswd file: +```bash +mkdir -p auth +docker run --rm -it httpd:alpine htpasswd -Bbn user password > auth/htpasswd +``` + +## TLS/SSL (Optional) + +To enable HTTPS: + +1. Set `REGISTRY_SECURED=true` +2. Place certificates in `certs/` directory +3. Set `REGISTRY_TLS_CERT_PATH` and `REGISTRY_TLS_KEY_PATH` + +## Resource Usage + +- **RAM**: ~100-200MB total +- **Storage**: Minimal base + image storage +- **CPU**: Very low usage + +Perfect for resource-constrained environments! \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..5dca9b3 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,55 @@ +version: '3.8' + +services: + registry: + image: registry:2 + container_name: registry + restart: unless-stopped + ports: + - "${REGISTRY_PORT:-5000}:5000" + environment: + - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=${REGISTRY_STORAGE_PATH:-/var/lib/registry} + - REGISTRY_AUTH=${REGISTRY_AUTH_ENABLED:-false} + - REGISTRY_AUTH_HTPASSWD_PATH=${REGISTRY_AUTH_PATH:-/auth/htpasswd} + - REGISTRY_AUTH_HTPASSWD_REALM=${REGISTRY_AUTH_REALM:-Registry Realm} + - REGISTRY_HTTP_TLS_CERTIFICATE=${REGISTRY_TLS_CERT_PATH:-} + - REGISTRY_HTTP_TLS_KEY=${REGISTRY_TLS_KEY_PATH:-} + - REGISTRY_LOG_LEVEL=${REGISTRY_LOG_LEVEL:-info} + - REGISTRY_STORAGE_DELETE_ENABLED=${REGISTRY_DELETE_ENABLED:-true} + volumes: + - ${REGISTRY_DATA_PATH:-./data}:/var/lib/registry + - ${REGISTRY_AUTH_PATH:-./auth}:/auth + - ${REGISTRY_TLS_PATH:-./certs}:/certs + networks: + - registry-network + + registry-ui: + image: joxit/docker-registry-ui:latest + container_name: registry-ui + restart: unless-stopped + ports: + - "${UI_PORT:-8080}:80" + environment: + - SINGLE_REGISTRY=${SINGLE_REGISTRY:-true} + - REGISTRY_TITLE=${REGISTRY_TITLE:-Docker Registry} + - DELETE_IMAGES=${DELETE_IMAGES:-true} + - SHOW_CONTENT_DIGEST=${SHOW_CONTENT_DIGEST:-true} + - NGINX_PROXY_PASS_URL=${REGISTRY_URL:-http://registry:5000} + - SHOW_CATALOG_NB_TAGS=${SHOW_CATALOG_NB_TAGS:-true} + - CATALOG_MIN_BRANCHES=${CATALOG_MIN_BRANCHES:-1} + - CATALOG_MAX_BRANCHES=${CATALOG_MAX_BRANCHES:-1} + - TAGLIST_PAGE_SIZE=${TAGLIST_PAGE_SIZE:-100} + - REGISTRY_SECURED=${REGISTRY_SECURED:-false} + - CATALOG_ELEMENTS_LIMIT=${CATALOG_ELEMENTS_LIMIT:-1000} + depends_on: + - registry + networks: + - registry-network + +networks: + registry-network: + driver: bridge + +volumes: + registry-data: + driver: local \ No newline at end of file diff --git a/harbor.yml b/harbor.yml deleted file mode 100644 index 743dd12..0000000 --- a/harbor.yml +++ /dev/null @@ -1,72 +0,0 @@ -# Harbor configuration file - -# General settings -hostname: harbor.craftmatrix.org -http: - port: 80 -https: - port: 443 - certificate: /data/cert/server.crt - private_key: /data/cert/server.key - -# Database settings -database: - password: root123 - max_idle_conns: 100 - max_open_conns: 900 - -# Redis settings -redis: - password: redis123 - -# Log settings -log: - level: info - local: - rotate_count: 50 - rotate_size: 200M - location: /var/log/harbor - -# Storage settings -storage_service: - ca_bundle: /data/registry/ca-bundle.crt - filesystem: - maxthreads: 100 - # Uncomment and configure for other storage types - # s3: - # region: us-west-1 - # bucket: harbor-bucket - # accesskey: access-key - # secretkey: secret-key - -# Project creation quotas -project_creation_restriction: everyone - -# Admin password -adminserver: - password: Harbor12345 - -# Jobservice settings -jobservice: - max_job_workers: 10 - job_logger_provider: file - -# Registry settings -registry: - credentials_ttl: 5m - -# Chart storage settings -chart: - absolute_url: disabled - -# Clair settings -clair: - updaters_interval: 12 - -# Trivy settings -trivy: - ignore_unfixed: false - skip_update: false - offline_scan: false - security_check: vuln - insecure: false \ No newline at end of file diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..ec21691 --- /dev/null +++ b/setup.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Setup script for Lightweight Docker Registry + +echo "đŸŗ Setting up Lightweight Docker Registry..." + +# Create necessary directories +mkdir -p data auth certs + +# Copy environment file if it doesn't exist +if [ ! -f .env ]; then + cp .env.example .env + echo "✅ Created .env file from template" +else + echo "ℹī¸ .env file already exists" +fi + +# Set proper permissions +chmod 755 data auth certs + +echo "🚀 Starting registry..." +docker-compose up -d + +echo "" +echo "✅ Registry is running!" +echo "📊 Web UI: http://localhost:8080" +echo "🔌 Registry API: http://localhost:5000" +echo "" +echo "💡 To push an image:" +echo " docker tag myimage localhost:5000/myimage" +echo " docker push localhost:5000/myimage" +echo "" +echo "📝 Edit .env file to customize configuration" \ No newline at end of file