mirrors
/
docker-registry-ui
mirror of https://github.com/Joxit/docker-registry-ui.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: improve `examples/read-only-auth` (#371) 

* Improve `examples/read-only-auth`

* Update examples/read-only-auth/nginx.conf
This commit is contained in:
silverwind 2024-04-05 21:59:24 +02:00 committed by GitHub
parent 7025df687c
commit a36e3aac57
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
examples/read-only-auth/README.md
View File

@ -2,9 +2,12 @@
This example will override the original nginx conf with read only access to the registry. You will need to rewrite all the project configuration (replaces `proxy_pass` with your own value, in this example `http://registry:5000` is fine).
There are two htpasswd files. `read-write.htpasswd` a read and write access to the registry and `read-only.htpasswd` for a read only access.
There are two htpasswd files:
All users in `read-only.htpasswd` should be in `read-write.htpasswd`.
- `write.htpasswd` for write access
- `read.htpasswd` for read access
All users in `write.htpasswd` should also be in `read.htpasswd` so that they can read and write.
Read only user: login: `read` password: `registry`.
Read and write user: login: `write` password: `registry`.

6
examples/read-only-auth/docker-compose.yml
View File

@ -17,11 +17,11 @@ services:
- SINGLE_REGISTRY=true
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf
- ./read-write.htpasswd:/etc/nginx/auth/read-write.htpasswd:ro
- ./read-only.htpasswd:/etc/nginx/auth/read-only.htpasswd
- ./read-write.htpasswd:/etc/nginx/auth/write.htpasswd:ro
- ./read-only.htpasswd:/etc/nginx/auth/read.htpasswd:ro
depends_on:
- registry
networks:
- registry-ui-net
networks:
registry-ui-net:
registry-ui-net:

8
examples/read-only-auth/nginx.conf
View File

@ -28,10 +28,10 @@ server {
}
# To add basic authentication to v2 use auth_basic setting.
auth_basic "Registry realm";
auth_basic_user_file /etc/nginx/auth/read-write.htpasswd;
# For requests that *aren't* a PUT, POST, or DELETE
limit_except PUT POST DELETE {
auth_basic_user_file /etc/nginx/auth/read-only.htpasswd;
auth_basic_user_file /etc/nginx/auth/read.htpasswd;
# For requests that *aren't* a GET, HEAD or OPTIONS use the write file instead
limit_except GET HEAD OPTIONS {
auth_basic_user_file /etc/nginx/auth/write.htpasswd;
}
proxy_pass http://registry:5000;

0
examples/read-only-auth/read-only.htpasswd → examples/read-only-auth/read.htpasswd
View File

0
examples/read-only-auth/read-write.htpasswd → examples/read-only-auth/write.htpasswd
View File