Add Docker Registry Browser service
This commit is contained in:
parent
a0b2889455
commit
b180d88420
6 changed files with 117 additions and 2 deletions
74
docs/services/docker-registry-browser.md
Normal file
74
docs/services/docker-registry-browser.md
Normal file
|
@ -0,0 +1,74 @@
|
||||||
|
# Docker Registry Browser
|
||||||
|
|
||||||
|
[Docker Registry Browser](https://github.com/klausmeyer/docker-registry-browser) is a Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails.
|
||||||
|
|
||||||
|
|
||||||
|
## Dependencies
|
||||||
|
|
||||||
|
This service requires the following other services:
|
||||||
|
|
||||||
|
- a [Traefik](traefik.md) reverse-proxy server
|
||||||
|
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
########################################################################
|
||||||
|
# #
|
||||||
|
# docker-registry-browser #
|
||||||
|
# #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
docker_registry_browser_enabled: true
|
||||||
|
|
||||||
|
# Hosting under a subpath (such as `/browser`) allows the browser to co-exist
|
||||||
|
# on the same hostname as a Docker Registry instance (see `docker-registry.md`).
|
||||||
|
docker_registry_browser_hostname: registry.example.com
|
||||||
|
docker_registry_browser_path_prefix: /browser
|
||||||
|
|
||||||
|
# If the browser will be able to delete images and live on the same private container network
|
||||||
|
# as the registry itself (like we do below), it's recommended to protect it with HTTP Basic Auth.
|
||||||
|
#
|
||||||
|
# If you're running a read-only browser, you may leave it publicly accessible.
|
||||||
|
docker_registry_browser_basic_auth_enabled: true
|
||||||
|
docker_registry_browser_basic_auth_username: admin
|
||||||
|
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
|
||||||
|
docker_registry_browser_basic_auth_password: ''
|
||||||
|
|
||||||
|
# To integrate with a locally running (in a container) Docker Registry,
|
||||||
|
# point to its local container address and change the browser to run in the registry's network.
|
||||||
|
docker_registry_browser_docker_registry_url: "http://{{ docker_registry_identifier }}:5000"
|
||||||
|
docker_registry_browser_container_network: "{{ docker_registry_container_network }}"
|
||||||
|
|
||||||
|
# Alternatively, to use a registry running elsewhere, delete both lines above
|
||||||
|
# (docker_registry_browser_docker_registry_url and docker_registry_browser_container_network),
|
||||||
|
# and use something this instead:
|
||||||
|
# docker_registry_browser_docker_registry_url: "https://registry.example.com"
|
||||||
|
|
||||||
|
# Image deletion is disabled by default, so you need to explicitly enable it if you need it.
|
||||||
|
docker_registry_browser_enabled_delete_images: true
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# #
|
||||||
|
# /docker-registry-browser #
|
||||||
|
# #
|
||||||
|
########################################################################
|
||||||
|
```
|
||||||
|
|
||||||
|
In the example configuration above, we configure the service to be hosted at `https://registry.example.com/browser`.
|
||||||
|
|
||||||
|
If you make the registry browser live on the same container network as the [Docker Registry](docker-registry.md) itself (like we've done by overriding `docker_registry_browser_container_network` above), the browser will be able to talk to the registry over the private container network and IP restrictions (such as those defined in `docker_registry_private_services_whitelisted_ip_ranges`) will not be able to stop it.
|
||||||
|
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
After installation, you should be able to go to the URL as configured via `docker_registry_browser_hostname` and `docker_registry_browser_path_prefix`.
|
||||||
|
|
||||||
|
You should be able to browse the images and possibly delete them (if enabled via `docker_registry_browser_enabled_delete_images`).
|
||||||
|
|
||||||
|
|
||||||
|
## Recommended other services
|
||||||
|
|
||||||
|
- [Docker Registry](docker-registry.md) -a container image distribution registry developed by [Docker Inc](https://www.docker.com/)
|
|
@ -77,10 +77,10 @@ docker rmi registry.example.com/alpine:3.17.2
|
||||||
docker pull registry.example.com/alpine:3.17.2
|
docker pull registry.example.com/alpine:3.17.2
|
||||||
```
|
```
|
||||||
|
|
||||||
The base URL (e.g. `https://registry.example.com`) serves an empty (blank) page. To browse your registry's images, you may need another piece of software, like [klausmeyer/docker-registry-browser](https://github.com/klausmeyer/docker-registry-browser/tree/master) which is not yet supported by this playbook, but will be supported soon.
|
The base URL (e.g. `https://registry.example.com`) serves an empty (blank) page. To browse your registry's images via a web interface, you may need another piece of software, like [Docker Registry Browser](docker-registry-browser.md).
|
||||||
|
|
||||||
|
|
||||||
## Recommended other services
|
## Recommended other services
|
||||||
|
|
||||||
- Docker Registry Browser - support coming to this playbook soon
|
- [Docker Registry Browser](docker-registry-browser.md) - Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails
|
||||||
- Docker Registry Purger - support coming to this playbook soon
|
- Docker Registry Purger - support coming to this playbook soon
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
| [Collabora Online](https://www.collaboraoffice.com/) | Your Private Office Suite In The Cloud | [Link](services/collabora-online.md) |
|
| [Collabora Online](https://www.collaboraoffice.com/) | Your Private Office Suite In The Cloud | [Link](services/collabora-online.md) |
|
||||||
| [Docker](https://www.docker.com/) | Open-source software for deploying containerized applications | [Link](services/docker.md) |
|
| [Docker](https://www.docker.com/) | Open-source software for deploying containerized applications | [Link](services/docker.md) |
|
||||||
| [Docker Registry](https://docs.docker.com/registry/) | A container image distribution registry | [Link](services/docker-registry.md) |
|
| [Docker Registry](https://docs.docker.com/registry/) | A container image distribution registry | [Link](services/docker-registry.md) |
|
||||||
|
| [Docker Registry Browser](docker-registry-browser.md) | Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails | [Link](services/docker-registry-browser.md) |
|
||||||
| [Gitea](https://gitea.io/) | A painless self-hosted Git service. | [Link](services/gitea.md) |
|
| [Gitea](https://gitea.io/) | A painless self-hosted Git service. | [Link](services/gitea.md) |
|
||||||
| [Miniflux](https://miniflux.app/) | Minimalist and opinionated feed reader. | [Link](services/miniflux.md) |
|
| [Miniflux](https://miniflux.app/) | Minimalist and opinionated feed reader. | [Link](services/miniflux.md) |
|
||||||
| [Nextcloud](https://nextcloud.com/) | The most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe. | [Link](services/nextcloud.md) |
|
| [Nextcloud](https://nextcloud.com/) | The most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe. | [Link](services/nextcloud.md) |
|
||||||
|
|
|
@ -61,6 +61,8 @@ devture_systemd_service_manager_services_list_auto: |
|
||||||
+
|
+
|
||||||
([{'name': (docker_registry_identifier + '-garbage-collect.timer'), 'priority': 2500, 'groups': ['mash', 'docker-registry', 'gc']}] if docker_registry_enabled else [])
|
([{'name': (docker_registry_identifier + '-garbage-collect.timer'), 'priority': 2500, 'groups': ['mash', 'docker-registry', 'gc']}] if docker_registry_enabled else [])
|
||||||
+
|
+
|
||||||
|
([{'name': (docker_registry_browser_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'docker-registry-browser']}] if docker_registry_browser_enabled else [])
|
||||||
|
+
|
||||||
([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else [])
|
([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': (nextcloud_identifier + '-server.service'), 'priority': 2000, 'groups': ['mash', 'nextcloud', 'nextcloud-server']}] if nextcloud_enabled else [])
|
([{'name': (nextcloud_identifier + '-server.service'), 'priority': 2000, 'groups': ['mash', 'nextcloud', 'nextcloud-server']}] if nextcloud_enabled else [])
|
||||||
|
@ -398,6 +400,39 @@ docker_registry_container_labels_traefik_tls_certResolver: "{{ devture_traefik_c
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# #
|
||||||
|
# docker-registry-browser #
|
||||||
|
# #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
docker_registry_browser_enabled: false
|
||||||
|
|
||||||
|
docker_registry_browser_identifier: "{{ mash_playbook_service_identifier_prefix }}docker-registry-browser"
|
||||||
|
|
||||||
|
docker_registry_browser_base_path: "{{ mash_playbook_base_path }}/docker-registry-browser"
|
||||||
|
|
||||||
|
docker_registry_browser_uid: "{{ mash_playbook_uid }}"
|
||||||
|
docker_registry_browser_gid: "{{ mash_playbook_gid }}"
|
||||||
|
|
||||||
|
docker_registry_browser_container_additional_networks: |
|
||||||
|
{{
|
||||||
|
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
|
||||||
|
}}
|
||||||
|
|
||||||
|
docker_registry_browser_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
|
||||||
|
docker_registry_browser_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
|
||||||
|
docker_registry_browser_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||||
|
docker_registry_browser_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# #
|
||||||
|
# /docker-registry-browser #
|
||||||
|
# #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
########################################################################
|
########################################################################
|
||||||
# #
|
# #
|
||||||
# gitea #
|
# gitea #
|
||||||
|
|
|
@ -77,6 +77,10 @@
|
||||||
name: docker_registry
|
name: docker_registry
|
||||||
version: v2.8.1-1
|
version: v2.8.1-1
|
||||||
|
|
||||||
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-browser.git
|
||||||
|
name: docker_registry_browser
|
||||||
|
version: v1.6.0-0
|
||||||
|
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git
|
||||||
name: gitea
|
name: gitea
|
||||||
version: v1.18.5-3
|
version: v1.18.5-3
|
||||||
|
|
|
@ -57,6 +57,7 @@
|
||||||
- role: galaxy/collabora_online
|
- role: galaxy/collabora_online
|
||||||
|
|
||||||
- role: galaxy/docker_registry
|
- role: galaxy/docker_registry
|
||||||
|
- role: galaxy/docker_registry_browser
|
||||||
|
|
||||||
- role: galaxy/gitea
|
- role: galaxy/gitea
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue