Linux technical support - [email protected]


gitlab and docker registry external on separate servers (omnibus)

gitlab.rb

external_url 'https://gitlab-test.alexlinux.com'
registry_external_url 'https://registry.alexlinux.com:5555'
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "registry.alexlinux.com"
gitlab_rails['registry_port'] = "5555"
registry['internal_key'] = "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADcgYTcnCjYR.........rTPiKtDKEFa7egM9IYygpRbe\n-----END PRIVATE KEY-----\n"
gitlab_rails['registry_api_url'] = "https://registry.alexlinux.com:5555"
gitlab_rails['registry_key_path'] = "/etc/gitlab/registry-auth1.key"
gitlab_rails['registry_issuer'] = "gitlab-issuer"
registry['enable'] = false
registry_nginx['enable'] = true

docker-compose.yml

registry:
  image: registry:2
  ports:
    - "5555:5000"
  volumes:
    - /etc/pki/web:/certs
  restart: always
  environment:
    - REGISTRY_AUTH_TOKEN_REALM=https://gitlab-test.alexlinux.com/jwt/auth
    - REGISTRY_AUTH_TOKEN_SERVICE=container_registry
    - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer
    - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/wildcard.alexlinux.com.crt
    - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wildcard.alexlinux.com.crt
    - REGISTRY_HTTP_TLS_KEY=/certs/wildcard.alexlinux.com.key
    - REGISTRY_STORAGE_DELETE_ENABLED=true

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>