Opinionated.tf/products/docker_registry/registry.tf

resource "random_password" "http_secret" {
  length = 16
}
locals {
  registry_config_yaml = {
    version = 0.1
    storage = {
      s3 = merge(nonsensitive(var.s3), {
        v4auth    = true
        chunksize = 5242880
        secure    = true
        loglevel  = "on"
      })
      cache = {
        blobdescriptor = "inmemory"
      }
      delete = {
        enabled = var.enable_delete
      }
    }
    http = {
      addr   = ":5000"
      secret = nonsensitive(random_password.http_secret.result)
      host   = var.domain
      headers = {
        Access-Control-Allow-Origin      = concat(["https://${var.domain}", ], formatlist("https://%s", var.cors_domains))
        Access-Control-Allow-Methods     = ["HEAD", "GET", "DELETE", "OPTIONS"]
        Access-Control-Allow-Credentials = ["true"]
        Access-Control-Allow-Headers     = ["Authorization", "Cache-Control", "Accept"]
        Access-Control-Expose-Headers    = ["Docker-Content-Digest"]
      }
    }
    health = {
      storagedriver = {
        enabled   = true
        interval  = "10s"
        threshold = 3
      }
    }
    auth = {
      htpasswd = {
        realm = "Registry Realm"
        path  = "/etc/distribution/htpasswd"
      }
    }
    log = {
      fields = {
        service = "registry"
      }
    }
  }
}
module "docker_registry" {
  source                = "../../docker/service"
  debug                 = true
  stack_name            = var.stack_name
  service_name          = "registry"
  image                 = "registry:3"
  restart_policy        = "on-failure"
  placement_constraints = var.placement_constraints
  ports                 = var.ports
  networks              = concat([module.registry_network], var.networks)
  traefik               = merge(var.traefik, { port = 5000, rule = "Host(`${var.domain}`) && PathPrefix(`/v2`)" })
  configs = {
    "/etc/distribution/config.yml" = yamlencode(local.registry_config_yaml)
    "/etc/distribution/htpasswd"   = local.registry_htpasswd
  }
  healthcheck      = ["CMD", "wget", "-q", "http://localhost:5000/", "-O", "/dev/null"]
  converge_enable  = true
  converge_timeout = "2m"
  dns_nameservers  = var.dns_nameservers
  environment_variables = {
    OTEL_TRACES_EXPORTER = "none"
  }
}
Docker registry with UI 2024-12-06 18:39:06 +00:00			`resource "random_password" "http_secret" {`
			`length = 16`
			`}`
			`locals {`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`registry_config_yaml = {`
			`version = 0.1`
			`storage = {`
Whitespace got me again! 2025-05-07 19:59:15 +00:00			`s3 = merge(nonsensitive(var.s3), {`
			`v4auth = true`
			`chunksize = 5242880`
			`secure = true`
			`loglevel = "on"`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`})`
			`cache = {`
			`blobdescriptor = "inmemory"`
			`}`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`delete = {`
			`enabled = var.enable_delete`
			`}`
			`}`
			`http = {`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`addr = ":5000"`
fixed registry. 2024-12-06 19:17:06 +00:00			`secret = nonsensitive(random_password.http_secret.result)`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`host = var.domain`
			`headers = {`
Format 2024-12-06 19:28:25 +00:00			`Access-Control-Allow-Origin = concat(["https://${var.domain}", ], formatlist("https://%s", var.cors_domains))`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`Access-Control-Allow-Methods = ["HEAD", "GET", "DELETE", "OPTIONS"]`
			`Access-Control-Allow-Credentials = ["true"]`
			`Access-Control-Allow-Headers = ["Authorization", "Cache-Control", "Accept"]`
			`Access-Control-Expose-Headers = ["Docker-Content-Digest"]`
			`}`
			`}`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`health = {`
			`storagedriver = {`
Whitespace got me again! 2025-05-07 19:59:15 +00:00			`enabled = true`
			`interval = "10s"`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`threshold = 3`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`}`
			`}`
			`auth = {`
			`htpasswd = {`
			`realm = "Registry Realm"`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`path = "/etc/distribution/htpasswd"`
			`}`
			`}`
			`log = {`
			`fields = {`
			`service = "registry"`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`}`
			`}`
			`}`
			`}`
			`module "docker_registry" {`
fmt 2024-12-26 16:23:09 +00:00			`source = "../../docker/service"`
Whitespace got me again! 2025-05-07 19:59:15 +00:00			`debug = true`
fmt 2024-12-26 16:23:09 +00:00			`stack_name = var.stack_name`
			`service_name = "registry"`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`image = "registry:3"`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`restart_policy = "on-failure"`
			`placement_constraints = var.placement_constraints`
Allow overriding ports 2025-03-03 14:46:21 +00:00			`ports = var.ports`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`networks = concat([module.registry_network], var.networks)`
fixed registry. 2024-12-06 19:17:06 +00:00			traefik = merge(var.traefik, { port = 5000, rule = "Host(`${var.domain}`) && PathPrefix(`/v2`)" })
Refactor configs, add overloadable networks. 2024-12-24 22:54:39 +00:00			`configs = {`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`"/etc/distribution/config.yml" = yamlencode(local.registry_config_yaml)`
			`"/etc/distribution/htpasswd" = local.registry_htpasswd`
Refactor configs, add overloadable networks. 2024-12-24 22:54:39 +00:00			`}`
Add healthcheck 2025-01-21 12:37:20 +00:00			`healthcheck = ["CMD", "wget", "-q", "http://localhost:5000/", "-O", "/dev/null"]`
			`converge_enable = true`
			`converge_timeout = "2m"`
Whitespace got me again! 2025-05-07 19:59:15 +00:00			`dns_nameservers = var.dns_nameservers`
Improvements mostly to registry 2025-05-03 00:20:41 +00:00			`environment_variables = {`
			`OTEL_TRACES_EXPORTER = "none"`
			`}`
Initial docker registry stack lifted from personal projects 2024-12-06 16:44:29 +00:00			`}`
No results found.