Improve security further #7
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
This commit is contained in:
parent
c87e60bd46
commit
c024ad5d0e
1 changed files with 4 additions and 0 deletions
|
|
@ -44,6 +44,9 @@ This guide covers setting up a rootless Docker Registry v2 with host TLS reverse
|
||||||
# Install Podman and related tools
|
# Install Podman and related tools
|
||||||
sudo apt install -y podman slirp4netns fuse-overlayfs nginx
|
sudo apt install -y podman slirp4netns fuse-overlayfs nginx
|
||||||
|
|
||||||
|
# Disable stock nginx.service to avoid conflicts with hardened registry-proxy.service
|
||||||
|
sudo systemctl disable --now nginx.service
|
||||||
|
|
||||||
# Verify installation
|
# Verify installation
|
||||||
podman --version
|
podman --version
|
||||||
|
|
||||||
|
|
@ -252,6 +255,7 @@ http {
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Forwarded-Proto https;
|
proxy_set_header X-Forwarded-Proto https;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
add_header Docker-Distribution-Api-Version "registry/2.0" always;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue