sharenet/registry/README.md

# Docker Registry Configuration

This folder contains the configuration files for the Docker Registry setup used in the CI/CD pipeline.

## Files

- `docker-compose.yml` - Docker Compose configuration for registry, registry-ui, and nginx services
- `nginx.conf` - Nginx reverse proxy configuration for SSL termination and routing
- `config.yml` - Docker Registry configuration file
- `README.md` - This file

## Architecture

This setup uses a hybrid approach for optimal maintainability and security:

### Repository Files (Version Controlled)
- Configuration files in `/opt/APP_NAME/registry/`
- Easy to update via git pull
- Version controlled and tracked

### System Files (Not Version Controlled)
- SSL certificates in `/etc/ssl/registry/`
- Authentication files in `/etc/registry/auth/`
- Registry data in Docker volume `/var/lib/registry`

## Usage

The setup process will:

1. Clone the repository to `/opt/APP_NAME/`
2. Create system directories for certificates and auth
3. Generate SSL certificates in `/etc/ssl/registry/`
4. Create authentication files in `/etc/registry/auth/`
5. Start the registry services using the hybrid configuration

## Configuration Notes

- **Registry**: Runs on port 5000 with HTTPS
- **Nginx**: Provides SSL termination and reverse proxy on port 8080
- **Registry UI**: Web interface accessible via nginx on port 8080
- **Authentication**: Uses htpasswd for push authentication
- **Storage**: Uses Docker volume for persistent data
- **Configuration**: Version controlled in repository
- **Certificates**: Stored in system SSL directory

## Security

- SSL certificates are self-signed and stored in system SSL directory
- Authentication files are stored in system auth directory
- Configuration is version controlled and easily auditable
- All communication uses HTTPS
- Clear separation between config, auth, and data