From c024ad5d0e946a307ecf4daf11e64b1dbf8d51af Mon Sep 17 00:00:00 2001
From: continuist <continuist02@gmail.com>
Date: Sun, 24 Aug 2025 14:58:04 -0400
Subject: [PATCH] Improve security further #7

---
 Docker_Registry_Install_Guide.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Docker_Registry_Install_Guide.md b/Docker_Registry_Install_Guide.md
index 613ac7e..736fc45 100644
--- a/Docker_Registry_Install_Guide.md
+++ b/Docker_Registry_Install_Guide.md
@@ -44,6 +44,9 @@ This guide covers setting up a rootless Docker Registry v2 with host TLS reverse
 # Install Podman and related tools
 sudo apt install -y podman slirp4netns fuse-overlayfs nginx
 
+# Disable stock nginx.service to avoid conflicts with hardened registry-proxy.service
+sudo systemctl disable --now nginx.service
+
 # Verify installation
 podman --version
 
@@ -252,6 +255,7 @@ http {
       proxy_set_header Host $host;
       proxy_set_header X-Forwarded-Proto https;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      add_header Docker-Distribution-Api-Version "registry/2.0" always;
     }
   }
 }