init partie registry docker
This commit is contained in:
parent
662742beb8
commit
590f0c7499
|
@ -532,6 +532,79 @@ Si tout est au vert, la migration s'est bien passée !
|
|||
|
||||
C'est sensiblement la même chose mais il faudra merger des fichier de configurations pour appliquer des nouveaux paramètres.
|
||||
|
||||
# Docker registry
|
||||
|
||||
Cette documentation consiste à installer un registry Docker sur la même machine que GitLab.
|
||||
Il faut Docker installé sur la machine. Voir [HowtoDocker]()
|
||||
|
||||
## Génération d'un ceriticat pour utiliser authentifier les jetons
|
||||
|
||||
~~~
|
||||
# sudo -iu git
|
||||
$ cd /home/git/gitlab/config
|
||||
$ openssl req -newkey rsa:2048 -sha256 -nodes -keyout registry.key -out registry.csr
|
||||
$ openssl x509 -req -sha256 -days 1000 -in registry.csr -signkey registry.key -out registry.crt
|
||||
$ cat registry.key registry.crt > registry.pem
|
||||
~~~
|
||||
|
||||
## Installation et configuration du registry
|
||||
~~~
|
||||
# cat < EOT > /etc/docker/registry/config.yml
|
||||
version: 0.1
|
||||
log:
|
||||
fields:
|
||||
service: registry
|
||||
storage:
|
||||
cache:
|
||||
blobdescriptor: inmemory
|
||||
filesystem:
|
||||
rootdirectory: /var/lib/registry
|
||||
http:
|
||||
addr: :5000
|
||||
headers:
|
||||
X-Content-Type-Options: [nosniff]
|
||||
health:
|
||||
storagedriver:
|
||||
enabled: true
|
||||
interval: 10s
|
||||
threshold: 3
|
||||
auth:
|
||||
token:
|
||||
realm: https://gitlab.example.com/jwt/auth
|
||||
service: container_registry
|
||||
issuer: gitlab-issuer
|
||||
rootcertbundle: /root/certs/certbundle
|
||||
EOT
|
||||
|
||||
# docker run -d -p 5000:5000 --restart=always --name registry \
|
||||
-v /etc/docker/registry/config.yml:/etc/docker/registry/config.yml \
|
||||
-v /home/git/gitlab/shared/registry:/var/lib/registry \
|
||||
-v /home/git/gitlab/config/registry.pem:/root/certs/certbundle \
|
||||
registry:2
|
||||
~~~
|
||||
|
||||
## Ajout d'un vhost nginx
|
||||
|
||||
~~~
|
||||
# install -m 644 /home/git/gitlab/lib/support/nginx/registry-ssl /etc/nginx/sites-available/
|
||||
~~~
|
||||
|
||||
Il suffit d'éditer seulement le server_name et les directives SSL avec un certificat valide.
|
||||
|
||||
## Config GitLab
|
||||
|
||||
gitlab.yml
|
||||
~~~
|
||||
registry:
|
||||
enabled: true
|
||||
host: registry.gitlab.example.com
|
||||
port: 443
|
||||
api_url: http://localhost:5000/
|
||||
key: config/registry.key
|
||||
path: shared/registry
|
||||
issuer: gitlab-issuer
|
||||
~~
|
||||
|
||||
# Divers / FAQ
|
||||
|
||||
## Restaurer un backup vers un autre nom d'instance
|
||||
|
|
Loading…
Reference in New Issue