Improve security further #6
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
This commit is contained in:
parent
5616dffac5
commit
c87e60bd46
1 changed files with 2 additions and 1 deletions
|
|
@ -100,7 +100,7 @@ sudo chown -R root:root /etc/registry/certs
|
|||
sudo chmod 750 /etc/registry/certs/private
|
||||
sudo chmod 755 /etc/registry/certs/{clients,ca,requests}
|
||||
|
||||
# Create registry data directory (systemd-managed)
|
||||
# Create registry data directory
|
||||
sudo mkdir -p /var/lib/registry
|
||||
sudo chown CI_SERVICE_USER:CI_SERVICE_USER /var/lib/registry
|
||||
sudo chmod 750 /var/lib/registry
|
||||
|
|
@ -233,6 +233,7 @@ http {
|
|||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
limit_except GET HEAD { return 403; }
|
||||
add_header Docker-Distribution-Api-Version "registry/2.0" always;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue