Merge branch 'pull/22'
commit
ad75dce3d5
|
@ -20,6 +20,7 @@ for this to work it requires inserting a root CA certificate into system trusted
|
||||||
- Expose port 3128 to the network
|
- Expose port 3128 to the network
|
||||||
- Map volume `/docker_mirror_cache` for up to 32gb of cached images from all registries
|
- Map volume `/docker_mirror_cache` for up to 32gb of cached images from all registries
|
||||||
- Map volume `/ca`, the proxy will store the CA certificate here across restarts
|
- Map volume `/ca`, the proxy will store the CA certificate here across restarts
|
||||||
|
- Env `CACHE_MAX_SIZE` (default `32g`): set the max size to be used for caching local Docker image layers. Use [Nginx sizes](http://nginx.org/en/docs/syntax.html).
|
||||||
- Env `REGISTRIES`: space separated list of registries to cache; no need to include Docker Hub, its already there.
|
- Env `REGISTRIES`: space separated list of registries to cache; no need to include Docker Hub, its already there.
|
||||||
- Env `AUTH_REGISTRIES`: space separated list of `hostname:username:password` authentication info.
|
- Env `AUTH_REGISTRIES`: space separated list of `hostname:username:password` authentication info.
|
||||||
- `hostname`s listed here should be listed in the REGISTRIES environment as well, so they can be intercepted.
|
- `hostname`s listed here should be listed in the REGISTRIES environment as well, so they can be intercepted.
|
||||||
|
@ -126,7 +127,6 @@ Yeah. Docker Inc should do it. So should NPM, Inc. Wonder why they don't. 😼
|
||||||
|
|
||||||
- Allow using multiple credentials for DockerHub; this is possible since the `/token` request includes the wanted repo as a query string parameter.
|
- Allow using multiple credentials for DockerHub; this is possible since the `/token` request includes the wanted repo as a query string parameter.
|
||||||
- Test and make auth work with quay.io, unfortunately I don't have access to it (_hint, hint, quay_)
|
- Test and make auth work with quay.io, unfortunately I don't have access to it (_hint, hint, quay_)
|
||||||
- Make the cache size configurable, today it's fixed at 32gb.
|
|
||||||
- Hide the mitmproxy building code under a Docker build ARG.
|
- Hide the mitmproxy building code under a Docker build ARG.
|
||||||
- I hope that in the future this can also be used as a "Developer Office" proxy, where many developers on a fast local network
|
- I hope that in the future this can also be used as a "Developer Office" proxy, where many developers on a fast local network
|
||||||
share a proxy for bandwidth and speed savings; work is ongoing in this direction.
|
share a proxy for bandwidth and speed savings; work is ongoing in this direction.
|
||||||
|
|
|
@ -81,6 +81,13 @@ fi
|
||||||
echo " listen 443 ssl default_server;" > /etc/nginx/caching.layer.listen
|
echo " listen 443 ssl default_server;" > /etc/nginx/caching.layer.listen
|
||||||
echo "error_log /var/log/nginx/error.log warn;" > /etc/nginx/error.log.debug.warn
|
echo "error_log /var/log/nginx/error.log warn;" > /etc/nginx/error.log.debug.warn
|
||||||
|
|
||||||
|
# Set Docker Registry cache size, by default, 32 GB ('32g')
|
||||||
|
CACHE_MAX_SIZE=${CACHE_MAX_SIZE:-32g}
|
||||||
|
|
||||||
|
# The cache directory. This can get huge. Better to use a Docker volume pointing here!
|
||||||
|
# Set to 32gb which should be enough
|
||||||
|
echo "proxy_cache_path /docker_mirror_cache levels=1:2 max_size=$CACHE_MAX_SIZE inactive=60d keys_zone=cache:10m use_temp_path=off;" > /etc/nginx/conf.d/cache_max_size.conf
|
||||||
|
|
||||||
# normally use non-debug version of nginx
|
# normally use non-debug version of nginx
|
||||||
NGINX_BIN="nginx"
|
NGINX_BIN="nginx"
|
||||||
|
|
||||||
|
|
|
@ -42,10 +42,6 @@ http {
|
||||||
keepalive_timeout 300;
|
keepalive_timeout 300;
|
||||||
gzip off;
|
gzip off;
|
||||||
|
|
||||||
# The cache directory. This can get huge. Better to use a Docker volume pointing here!
|
|
||||||
# Set to 32gb which should be enough
|
|
||||||
proxy_cache_path /docker_mirror_cache levels=1:2 max_size=32g inactive=60d keys_zone=cache:10m use_temp_path=off;
|
|
||||||
|
|
||||||
# Just in case you want to rewrite some hosts. Default maps directly.
|
# Just in case you want to rewrite some hosts. Default maps directly.
|
||||||
map $host $targetHost {
|
map $host $targetHost {
|
||||||
hostnames;
|
hostnames;
|
||||||
|
@ -93,6 +89,8 @@ http {
|
||||||
default "DID_NOT_MATCH_PATH";
|
default "DID_NOT_MATCH_PATH";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
|
||||||
|
|
||||||
# The proxy director layer, listens on 3128
|
# The proxy director layer, listens on 3128
|
||||||
server {
|
server {
|
||||||
|
|
Loading…
Reference in New Issue