• magguzu@lemmy.ml
        link
        fedilink
        English
        arrow-up
        11
        ·
        4 days ago

        I know this is selfhosted so most people here are hobbyists, but it’s a ton of work to selfhost in enterprise setting. I’d wager 90%+ of people using image registries are using Docker Hub, GHCR, or AWS ECR.

        • HelloRoot@lemy.lol
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          4 days ago

          For your personal use, you don’t need an enterprise setting. It’s just a simple compose file that you run.

          You can host a registry in pull through mode, so you still have all the images you use locally, but if it’s not in your registry yet, it pulls it from docker hub or whatever.

          The only pain point is that a single registry can’t do both. So if you want to push your own docker images AND have a “cache” of stuff from docker hub, you need to run two registries in two different modes. And then juggle the url’s.

          • arcayne@lemmy.today
            link
            fedilink
            English
            arrow-up
            5
            ·
            4 days ago

            Pretty sure you could run Pulp in pull-through mode and add your local Forgejo/whatever registry as a remote, which would at least give you a unified “pull” URL. Then just use Forgejo actions to handle the actual build/publish for your local images whenever you push to main (or tag a release, or whatever).

            Pulp might actually be able to handle both on its own, I haven’t ever tried though.

        • HelloRoot@lemy.lol
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          4 days ago

          I have just this (which ironically won’t work now cause docker hub is down)

          services:
            registry:
              restart: always
              image: registry:2
              ports:
                - 5000:5000
              dns:
                - 9.9.9.9
                - 1.1.1.1
              volumes:
                - ../files/auth/registry.password:/auth/registry.password
                - registry-data:/var/lib/registry
              environment:
                REGISTRY_STORAGE_DELETE_ENABLED: true
                REGISTRY_HEALTH_STORAGEDRIVER_ENABLED: false
                REGISTRY_HTTP_SECRET: ${REGISTRY_HTTP_SECRET}
                REGISTRY_AUTH: htpasswd
                REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
                REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
                # REGISTRY_PROXY_REMOTEURL: "https://registry-1.docker.io/"
          
          volumes:
            registry-data:
          

          I don’t even remember how and when I set it up. I think it might be this: https://github.com/distribution/distribution/releases/tag/v2.0.0

          Recently somebody has created a frontend, which I bookmarked but didn’t bother to set up: https://github.com/Joxit/docker-registry-ui

    • krimson@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 days ago

      Yeah I ran into this as well. Wondered why it needs a call to auth for public container images in the first place.