Skip to content

proxy job from docker-registry/3.5.2

Nginx provides proxy and auth functionalities for Docker Registry

Github source: f910d43 or master branch

Properties

docker

proxy

address

IP address where to listen for incoming connections. (For all interfaces, do not use 0.0.0.0, use *)

Default
'*'
auth_basic

If defined, it will enable Auth Basic authentication in the proxy

Example
user: '{PLAIN}password'
user2: $(openssl passwd -crypt PASSWORD)
backend
hosts

A list of the IP addresses of each Docker proxy to load-balance

Default
- 127.0.0.1
port

TCP Port that each backend registry is listening on

Default
5000
keepalive_timeout

Time to keep a keep-alive connection open

Default
75s
keepalive_timeout_header

Show Keep-alive header

Default
20s
loglevel

Error loglevel

Default
error
only_auth_for_admin

If true, only administrative actions require authentication

Default
false
port

Port to listen to for all incoming connections. Defaults to 443 if ssl, otherwise 80

readonly_port

Port to listen to for only GET incoming connections. Defaults to 444 if ssl, otherwise 81

ssl
cert

PEM-encoded SSL certificate for HTTPS proxy operation

dhparam

Custom DH param for nginx to use

key

PEM-encoded private key for HTTPS proxy operation

protocols

TLS Protocols to enable in the Docker proxy (space separated)

Default
TLSv1.1 TLSv1.2
worker_priority

Priority of the worker processes

Default
0
worker_processes

Number of worker processes

Default
auto

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/proxy/ directory (learn more).

  • bin/ctl (from bin/ctl)
  • bin/monit_debugger (from bin/monit_debugger)
  • config/auth/registry (from config/auth/registry.erb)
  • config/nginx.conf (from config/nginx.conf)
  • data/properties.sh (from data/properties.sh.erb)
  • helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
  • helpers/ctl_utils.sh (from helpers/ctl_utils.sh)
  • tls/cert.pem (from tls/cert.pem)
  • tls/dhparam.pem (from tls/dhparam.pem)
  • tls/key.pem (from tls/key.pem)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.