25 lines
525 B
Caddyfile
25 lines
525 B
Caddyfile
# Auth-required pushes on 4443
|
|
:4443 {
|
|
tls /etc/certs/registry.crt /etc/certs/registry.key
|
|
log
|
|
|
|
# require auth on writes
|
|
@writes method PUT POST PATCH DELETE
|
|
basic_auth @writes {
|
|
registry-user {env.REGISTRY_PASSWORD_HASH}
|
|
}
|
|
|
|
# also require auth on the /v2/ ping so Docker sends creds
|
|
@v2ping {
|
|
path /v2/
|
|
method GET
|
|
}
|
|
basic_auth @v2ping {
|
|
registry-user {env.REGISTRY_PASSWORD_HASH}
|
|
}
|
|
|
|
reverse_proxy /v2/* registry:5000
|
|
}
|
|
|
|
|
|
# TODO: Add Option B: Let's Encrypt certificates (Domain name)
|