-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
67 lines (66 loc) · 2.12 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
version: '3'
services:
docker-registry-manager:
container_name: 'docker_registry_manager'
build: .
hostname: manager
networks:
- reseau_devops
- pegasus_pipeline_net
ports:
- "8080:8080"
depends_on:
- awx_docker_registry
volumes:
- ./registries-test.yml:/app/registries.yml
#- ./ssl.crt:/app/ssl.crt # https certfile location
#- ./ssl.key:/app/ssl.key # https keyfile location
environment:
- MANAGER_PORT=8080
- MANAGER_REGISTRIES=/app/registries.yml
- MANAGER_LOG_LEVEL=warn
#- MANAGER_ENABLE_HTTPS=true
#- MANAGER_KEY=/app/ssl.crt
#- MANAGER_CERTIFICATE=/app/ssl.key
awx_docker_registry:
container_name: 'awx_dock_registry'
image: registry:2
restart: always
hostname: registry
ports:
- "5000:5000"
- "443:443"
volumes:
- ./conf/config.yml:/etc/docker/registry/config.yml
- ./.secrets/auth/:/auth/
- ./.secrets/tls/awx.docker-pegasus.io/:/certs
environment:
# Dixit https://docs.docker.com/registry/configuration/#delete
# Use the 'delete' structure to enable the deletion of image blobs and manifests by digest.
- REGISTRY_STORAGE_DELETE_ENABLED=true
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM='basic-realm'
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
- REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem
- REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem
- REGISTRY_HTTP_SECRET="your-http-secret"
networks:
- reseau_devops
# https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./.secrets/tls/:/certs
# - ./data/certbot/conf:/etc/letsencrypt
# - ./data/certbot/www:/var/www/certbot
environment:
- path:$PEGASUS_CERTBOT_PATH_INSIDER
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
networks:
- reseau_devops
networks:
reseau_devops:
driver: bridge
pegasus_pipeline_net:
driver: bridge