From b335f0e07e2560adbe3df5a0939ff7ac02ffd789 Mon Sep 17 00:00:00 2001 From: gw0 Date: Thu, 18 Feb 2021 16:04:28 +0100 Subject: [PATCH] Cleanup: Set all default values in Dockerfile --- Dockerfile | 10 +++++++--- entrypoint.sh | 5 +---- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index e47d356..47d9b63 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ LABEL org.opencontainers.image.source https://github.com/rpardini/docker-registr RUN apk add --no-cache --update bash ca-certificates-bundle coreutils openssl # If set to 1, enables building mitmproxy, which helps a lot in debugging, but is super heavy to build. -ARG DEBUG_BUILD="1" +ARG DEBUG_BUILD="0" ENV DO_DEBUG_BUILD="$DEBUG_BUILD" # Build mitmproxy via pip. This is heavy, takes minutes do build and creates a 90mb+ layer. Oh well. @@ -60,9 +60,10 @@ EXPOSE 8082 ## Default envs. # A space delimited list of registries we should proxy and cache; this is in addition to the central DockerHub. -ENV REGISTRIES="k8s.gcr.io gcr.io quay.io" +ENV REGISTRIES="docker.caching.proxy.internal registry-1.docker.io auth.docker.io k8s.gcr.io gcr.io quay.io gitlab.com" # A space delimited list of registry:user:password to inject authentication for -ENV AUTH_REGISTRIES="some.authenticated.registry:oneuser:onepassword another.registry:user:password" +# (e.g. AUTH_REGISTRIES="auth.docker.io:dhuser:dhpass gitlab.com:gluser:glpass") +ENV AUTH_REGISTRIES="" # Should we verify upstream's certificates? Default to true. ENV VERIFY_SSL="true" # Enable debugging mode; this inserts mitmproxy/mitmweb between the CONNECT proxy and the caching layer @@ -72,6 +73,9 @@ ENV DEBUG_HUB="false" # Enable nginx debugging mode; this uses nginx-debug binary and enabled debug logging, which is VERY verbose so separate setting ENV DEBUG_NGINX="false" +# Set Docker Registry cache size, by default, 32 GB ('32g') +ENV CACHE_MAX_SIZE="32g" + # Manifest caching tiers. Disabled by default, to mimick 0.4/0.5 behaviour. # Setting it to true enables the processing of the ENVs below. # Once enabled, it is valid for all registries, not only DockerHub. diff --git a/entrypoint.sh b/entrypoint.sh index 26d7b89..37acf0c 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -36,7 +36,7 @@ ALLDOMAINS="" echo -n "" > /etc/nginx/docker.intercept.map # Some hosts/registries are always needed, but others can be configured in env var REGISTRIES -for ONEREGISTRYIN in docker.caching.proxy.internal registry-1.docker.io auth.docker.io ${REGISTRIES}; do +for ONEREGISTRYIN in ${REGISTRIES}; do ONEREGISTRY=$(echo ${ONEREGISTRYIN} | xargs) # Remove whitespace echo "Adding certificate for registry: $ONEREGISTRY" ALLDOMAINS="${ALLDOMAINS},DNS:${ONEREGISTRY}" @@ -87,9 +87,6 @@ fi echo " listen 443 ssl default_server;" > /etc/nginx/caching.layer.listen echo "error_log /var/log/nginx/error.log warn;" > /etc/nginx/error.log.debug.warn -# Set Docker Registry cache size, by default, 32 GB ('32g') -CACHE_MAX_SIZE=${CACHE_MAX_SIZE:-32g} - # The cache directory. This can get huge. Better to use a Docker volume pointing here! # Set to 32gb which should be enough echo "proxy_cache_path /docker_mirror_cache levels=1:2 max_size=$CACHE_MAX_SIZE inactive=60d keys_zone=cache:10m use_temp_path=off;" > /etc/nginx/conf.d/cache_max_size.conf