Docker Registry

Private container image registry powered by Docker Registry v3.

API: docker.registry.hochguertel.work Web UI: docker-ui.registry.hochguertel.work

Features

  • OCI-compliant container image storage
  • Token-based authentication (validates against Authelia users)
  • Web UI for browsing images and tags (Joxit)
  • Image deletion support
  • CORS configured for UI access

Quick Start

# Login
podman login docker.registry.hochguertel.work

# Push
podman tag myapp:latest docker.registry.hochguertel.work/myapp:v1.0
podman push docker.registry.hochguertel.work/myapp:v1.0

# Pull
podman pull docker.registry.hochguertel.work/myapp:v1.0

Developer Guide

Login

podman login docker.registry.hochguertel.work
# Enter your Authelia username and password

Push Images

podman tag myapp:latest docker.registry.hochguertel.work/myapp:v1.0
podman push docker.registry.hochguertel.work/myapp:v1.0

Pull Images

podman pull docker.registry.hochguertel.work/myapp:v1.0

List Images

# Via CLI
podman search docker.registry.hochguertel.work/

# Via Web UI
# Visit https://docker-ui.registry.hochguertel.work

In Compose Files

services:
  myapp:
    image: docker.registry.hochguertel.work/myapp:v1.0

CI/CD Integration

echo "$REGISTRY_PASSWORD" | podman login docker.registry.hochguertel.work -u "$REGISTRY_USER" --password-stdin
podman build -t docker.registry.hochguertel.work/myapp:${CI_COMMIT_SHA} .
podman push docker.registry.hochguertel.work/myapp:${CI_COMMIT_SHA}

DevOps Guide

Architecture

The Docker registry consists of three containers:

  1. registry-docker-token-server — Custom Python token server validating against Authelia users
  2. registry-docker — Registry v3 API server
  3. registry-docker-ui — Joxit web UI (behind Authelia forward-auth)

Management

cd /opt/services/registries

task up:docker
task down:docker
task logs:docker
task docker:catalog
task docker:token:generate

Token Server

The custom token server authenticates podman login / docker login requests against Authelia's users_database.yml.

  • Source: docker/token-server/server.py
  • Config: Environment variables in compose file
  • Certs: docker/config/token-server-key.pem and token-server-cert.pem

Backup

tar -czf docker-backup-$(date +%Y%m%d).tar.gz data/docker/registry/