Docker Registry 搭建私有镜像仓库

Evan #docker

利用外网服务器搭建Docker Registry + 域名,解决国内无法访问docker 官方registry源的问题

创建registry存放路径

sudo mkdir registry && cd registry
sudo mkdir data
sudo mkdir auth

htpasswd 鉴权

htpasswd 支持 basic authentication,htpasswd 文件只会加载一次,registry 启动后如果新增用户,需要重启registry。

sudo apt install apache2-utils
sudo htpasswd -Bbn [用户名] [密码] > ./auth/registry.password

编辑 docker-compose.yml

services:
  registry:
    container_name: docker-registry
    image: registry:latest
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      - ./auth/registry.password:/auth/registry.password
      - ./data:/data
    ports:
      - 5000:5000

启动registry

sudo docker compose up -d

测试1

sudo docker pull nginx:latest
sudo docker tag nginx:latest localhost:5000/nginx
sudo docker push localhost:5000/nginx

curl localhost:5000/v2/_catalog -u [用户名]:[密码]
# 正确结果 {"repositories":["bark-server","gotenberg","mongo","nginx","postgres","redis"]}

使用Caddy进行域名访问

这里默认Caddy已正确安装

sudo vim /etc/caddy/Caddyfile
[域名] {
        reverse_proxy localhost:5000
}
sudo caddy reload --config /etc/caddy/Caddyfile
sudo systemctl restart caddy

确保域名已正确解析

测试2

curl https://[域名]/v2/_catalog -u [用户名]:[密码]
# 正确结果 {"repositories":["bark-server","gotenberg","mongo","nginx","postgres","redis"]}

清理本地镜像脚本

sudo vim clean-images.sh
#!/bin/bash
docker rmi -f $(docker images -q) || true