jj9987 Posted February 18, 2018 Posted February 18, 2018 (edited) Application: Docker Registry @ https://github.com/docker/distribution-library-image DockerHub: https://registry.hub.docker.com/_/registry/ GitHub: https://github.com/juusujanar/unraid-templates/blob/master/DockerRegistry.xml This template uses the official Docker Registry image to quickly set up your own private repository for storing Docker images. If you have any issues/questions/suggestions regarding this Docker or the template, feel free to contact here. Edited February 19, 2018 by jj9987 Quote
Lanak Posted March 4, 2022 Posted March 4, 2022 How do I activate the authentication ? In step 1 of the doc (Link) have to create a password file. When I open the Docker Console, it does not know docker. (sh: docker: not found) How exactly do I do this ? Do I need to create new variables for this ? Quote
DiniFarb Posted June 6, 2022 Posted June 6, 2022 If you are still intrested I can share my approach: First I am using the Nginx Proxy Manager as entrypoint for ALL my services at my unraid server Therefor I have created there a entry which points my subdomain (mysub.mydomain.net) to the internal docker registry (f. e. 192.168.0.10:5000) After that I have created a directory for the htpasswd file on my unraid server: mkdir /mnt/user/appdata/docker_registry_auth Then I used this docker temporary container to create the htpasswd file: docker run \ --entrypoint htpasswd \ httpd:2 -Bbn USERNAME PASSWORD > /mnt/user/appdata/docker_registry_auth Of course replace USERNAME and PASSWORD by your choice. After that I have modified the docker template of DockerRegistry container and added the path to the htpasswd file and the needed Env's: Thats all, since the Nginx Proxy Manager will manage the certificate you don't have to do that in the docker registry itself Quote
Barry Wright Posted August 11, 2022 Posted August 11, 2022 Great guide but theres one error and i also thought id add how i found to add multi logins quickly Firstly the docker command given errors as directory exists what same name. The actual command should be.. docker run \ --entrypoint htpasswd \ httpd:2 -Bbn USERNAME PASSWORD > /mnt/user/appdata/docker_registry_auth/htpasswd That was the only change i had to get this to work. Also to anyone unsure you use these commands in the unraid terminal which can be access in the top right clicking this icon Lastly if you want to add additional users, while im sure theres more official ways i found i could just rerun the above command and end it with htpasswd2 for the next user. I then cut the contents of that file and added it as a new line into the htpasswd file and restarted my container (restart may not be needed) On 6/6/2022 at 3:52 PM, DiniFarb said: If you are still intrested I can share my approach: First I am using the Nginx Proxy Manager as entrypoint for ALL my services at my unraid server Therefor I have created there a entry which points my subdomain (mysub.mydomain.net) to the internal docker registry (f. e. 192.168.0.10:5000) After that I have created a directory for the htpasswd file on my unraid server: mkdir /mnt/user/appdata/docker_registry_auth Then I used this docker temporary container to create the htpasswd file: docker run \ --entrypoint htpasswd \ httpd:2 -Bbn USERNAME PASSWORD > /mnt/user/appdata/docker_registry_auth Of course replace USERNAME and PASSWORD by your choice. After that I have modified the docker template of DockerRegistry container and added the path to the htpasswd file and the needed Env's: Thats all, since the Nginx Proxy Manager will manage the certificate you don't have to do that in the docker registry itself 1 Quote
shawnngtq Posted December 21, 2022 Posted December 21, 2022 Anyone config this to use minio as storage backend? Online guide shows that we need to update `config.yml`, but we can't do that if we use unraid docker GUI. https://github.com/distribution/distribution/issues/3493 Quote
PixelPrint Posted January 16, 2023 Posted January 16, 2023 Hello, sorry i am noob... how can i use this to put my custom docker images? I created a test image with docker build -t myname/nameofthedocker . then i pushed it to the local repository docker image tag myname/nameofmydocker localhost:5000/nameofmydocker docker push localhost:5000/nameofmydocker now how i can include it in docker-compose.yml? I write something like this? image: localhost:5000/myname/nameofmydocker:latest ? Quote
DiniFarb Posted January 16, 2023 Posted January 16, 2023 (edited) Hello Tipika I assume that you are running those commands directly on the unraid server and given by the pushed name you should be abel to reference the image just by localhost:5000/nameofmydocker This is because you tagged the image with: docker image tag myname/nameofmydocker localhost:5000/nameofmydocker so the name of the image you pushed to the repo is just "nameofmydocker" if you want to include the "myname" path you can do so while tagging the image and then push it again: docker image tag myname/nameofmydocker localhost:5000/myname/nameofmydocker docker push localhost:5000/myname/nameofmydocker Then you should be able to use the image by: localhost:5000/myname/nameofmydocker And keep in mind that if you use no versioning (all that behind the :), docker applies automatically :latest. And if you reference the image not from the unRAID itself you need to replace localhost with your servers IP Address. As lang as you are in the same network as your unRAID it should work. Edited January 16, 2023 by DiniFarb Quote
Etherion Posted May 10, 2023 Posted May 10, 2023 I have notice that my /mnt/user/appdata/registry/ folder is not increasing in size anymore. So I took a look and found that the DockerRegistry mirror is having some kind of problem getting the manifest from docker hub. I delete everything and then start from a keen system and it having the same problem here is the logs form the docker container: docker logs -f DockerRegistry 192.168.47.141 - - [09/May/2023:11:37:42 +0000] "HEAD /v2/runpod/pytorch/manifests/latest HTTP/1.1" 404 96 "" "docker/23.0.5 go/go1.19.8 git-commit/94d3ad6 kernel/5.4.0-148-generic os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)" time="2023-05-09T11:37:42.687812344Z" level=error msg="response completed with error" err.code="manifest unknown" err.detail="unknown tag=latest" err.message="manifest unknown" go.version=go1.16.15 http.request.host="192.168.47.100:5000" http.request.id=6bfb3a39-0a12-459a-824a-fdeedcf4608f http.request.method=HEAD http.request.remoteaddr="192.168.47.141:51660" http.request.uri="/v2/runpod/pytorch/manifests/latest" http.request.useragent="docker/23.0.5 go/go1.19.8 git-commit/94d3ad6 kernel/5.4.0-148-generic os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)" http.response.contenttype="application/json; charset=utf-8" http.response.duration=4.856565ms http.response.status=404 http.response.written=96 vars.name="runpod/pytorch" vars.reference=latest using docker on the unraid system works. i can pull the images but the DockerRegistry can't. i have tried login or not. also tested with known public images. Configuration /mnt/user/appdata/registry This is where Registry will store it's data. Port 5000 Default connection port any idea where I am going wrong? Quote
DiniFarb Posted May 10, 2023 Posted May 10, 2023 Hi @Etherion What docker command do you use when getting this error? And what use case do you have that your registry should act as a mirror? The Idea of a own registry is to store your own images. (It could be that I just misunderstand you) Quote
Etherion Posted May 10, 2023 Posted May 10, 2023 (edited) this is so odd. I have two unraid servers one works with this and the other don't. We want to mirror docker hub as a pull through cache. The "manifest unknown" error is on the in the container that is the mirror docker registry. It happens when there is a pull request( i can see HTTP/1.1" 200 2 "" from clients) from one of the system(clients) on the network. here is the output of the add container page: ``` Pulling image: registry:2 IMAGE ID [2]: Pulling from library/registry. IMAGE ID [8a49fdb3b6a5]: Pulling fs layer. Downloading 100% of 3 MB. Verifying Checksum. Download complete. Extracting. Pull complete. IMAGE ID [58116d8bf569]: Pulling fs layer. Downloading 100% of 278 KB. Verifying Checksum. Download complete. Extracting. Pull complete. IMAGE ID [55f7fac5d815]: Pulling fs layer. Downloading 100% of 6 MB. Verifying Checksum. Download complete. Extracting. Pull complete. IMAGE ID [fe88d67f473c]: Pulling fs layer. Downloading 100% of 400 B. Verifying Checksum. Download complete. Extracting. Pull complete. IMAGE ID [32a19664cea7]: Pulling fs layer. Downloading 100% of 214 B. Verifying Checksum. Download complete. Extracting. Pull complete. Status: Downloaded newer image for registry:2 ``` TOTAL DATA PULLED: 9 MB ``` Command executiondocker run -d --name='DockerRegistry' --net='bridge' -e TZ="Europe/Budapest" -e HOST_OS="Unraid" -e HOST_HOSTNAME="Pac-Man-1" -e HOST_CONTAINERNAME="DockerRegistry" -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://github.com/juusujanar/unraid-templates/raw/master/img/DockerRegistry-logo.png' -p '5000:5000/tcp' -v '/mnt/user/appdata/registry/config.yml':'/etc/docker/registry/config.yml':'rw' -v '/mnt/user/appdata/registry':'/var/lib/registry':'rw' 'registry:2' 4a2892e460026e1d8c8f724c2a30334afd8461a889ae8b5efac3f2ac3131e0a5 ``` The command finished successfully! I also put this config.yml to make them act as a ``` /mnt/user/appdata/registry/config.ym version: 0.1 log: fields: service: registry storage: cache: blobdescriptor: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 headers: X-Content-Type-Options: [nosniff] health: storagedriver: enabled: true interval: 10s threshold: 3 proxy: remoteurl: https://registry-1.docker.io ``` I have tried everyting i can think of. stopping docker. deleting the docker.img, clearing all shared data. removing registry:2 image. no matter what I do it just don't want get the manifest from https://registry-1.docker.io i can do a pull request int eh cli. then the docker service on the unraid system gets the access its just that the DockerRegistry that is not. Edited May 10, 2023 by Etherion Quote
lotekjunky Posted July 6, 2023 Posted July 6, 2023 On 8/11/2022 at 12:24 PM, Barry Wright said: Great guide but theres one error and i also thought id add how i found to add multi logins quickly Firstly the docker command given errors as directory exists what same name. The actual command should be.. docker run \ --entrypoint htpasswd \ httpd:2 -Bbn USERNAME PASSWORD > /mnt/user/appdata/docker_registry_auth/htpasswd That was the only change i had to get this to work. Also to anyone unsure you use these commands in the unraid terminal which can be access in the top right clicking this icon Lastly if you want to add additional users, while im sure theres more official ways i found i could just rerun the above command and end it with htpasswd2 for the next user. I then cut the contents of that file and added it as a new line into the htpasswd file and restarted my container (restart may not be needed) This is an EXCELLENT guide. Thank you. The only think I would add is "-rm" to the docker run entrypoint command. WIthout that, it created a container in podman. Quote
Crovaxon Posted March 5, 2024 Posted March 5, 2024 I might have just trouble with docker in general as I am still learning running my own registry and creating my own images - in case this is not exactly a support issue of using the registry then please say so and I'll repost to Lounge or someplace else more fitting I've been running this registry (local as insecure) for a good while and can push my images to it. I created manual entries under Unraid's Docker tab and have them successfully pull from the local running registry and run the images. So far so good! But Unraid sooner or later switches their version status to "Not available", ergo it does not detect if its running the latest image or if there has been a new image pushed by me. Is the problem in the way I am building my image? I just do the basic Docker build, tag the image for my repository and push. Do I need to use specific tags or something else so Unraid can treat them correctly or does this only work with DockerHub hosted images in general? Quote
DiniFarb Posted April 5, 2024 Posted April 5, 2024 You just need to set no tag at all (which will add "latest" by default) or you add latest yourself. But yeah I also see sometimes the "not available" on my containers. It comes and goes and it happens for container with images from variuos registries including dockerhub. If the problem does not go away you might find help with this post: Quote
ElectricBadger Posted May 20, 2024 Posted May 20, 2024 I can't get authentication to work on this container, and can't find where I'm going wrong. I have the container set up like this: and this Swag config: server { listen *:80; server_name myserver.example.net; server_tokens off; return 301 https://$http_host:$request_uri; client_max_body_size 0; access_log /config/log/nginx/docker_registry_access.log; error_log /config/log/nginx/docker_registry_error.log; } server { listen *:443 ssl; server_name myserver.example.net; server_tokens off; include /config/nginx/ssl.conf; client_max_body_size 0; chunked_transfer_encoding on; access_log /config/log/nginx/docker_registry_access.log; error_log /config/log/nginx/docker_registry_error.log; location / { include /config/nginx/proxy.conf; set $upstream_app docker-registry; set $upstream_port 5000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /v2/ { include /config/nginx/proxy.conf; add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always; set $upstream_app docker-registry; set $upstream_port 5000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } } I've created the password file with htpasswd -c /mnt/user/appdata/docker-registry/docker_registry_auth/htpasswd username and if I replace "-c" with "-v" and re-enter the password it says it's correct. But If I run "docker login myserver.example.net" I get Error response from daemon: login attempt to https://myserver/v2/ failed with status: 401 Unauthorized Can anybody spot where this is going wrong? Quote
ElectricBadger Posted May 21, 2024 Posted May 21, 2024 Never mind — I found the problem. Running the htpasswd command directly on macOS produces a password file that's rather different from running that "docker run" command above. Different encryption, perhaps? And the registry container seems particularly fussy about which encryption versions it will use. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.