An Ansible role for installing a private Docker Registry
TODO
domain
: Specify a domain name (default:localhost
)log_level
: Log level for the server (default:info
)storage_type
: Accepts eitherlocal
ors3
(default:local
)storage_path
: File path to store registry uploads (default:/var/docker-registry
)use_nginx
: Install Nginx and configure docker-registry vhost (default:true
)use_redis
: Install and configure Redis server as a cache (default:true
)docker_registry_version
: Specify what version of docker_registry needs to be installed (default:none
)
registry_port
: Custom port to have nginx listen on (default:80
)registry_ssl
: Enable SSL on nginx (default:false
)registry_ssl_cert
: Specify a SSL certificate to use (default:/etc/ssl/certs/docker_registry.crt
)registry_ssl_key
: Specify a SSL key to use (default:/etc/ssl/private/docker_registry.key
)create_ssl_cert
: Create a self-signed certificate ifregistry_ssl_cert
is not present on the system (default:true
)
openssl_bits
: Bit length of the private key (default:2048
)openssl_countryName
: Country Code (default:ES
)openssl_stateOrProvinceName
: State or Province (default:Madrid
)openssl_localityName
: Locality name (default:Madrid
)openssl_organizationName
: Full company name (default:MyCompany
)openssl_organizationalUnitName
: Company sub-division or a product name (default:Docker Registry
)openssl_commonName
: Your domain name, or in case of wildcard certificates, use an astrisk, like this: *.mycompany.com (default:mycompany.com
)
s3_region
: optional, will default to US Standards3_bucket
: also provides the value for boto_buckets3_storage_path
s3_access_key
s3_secret_key
1. Using access and secret keys:
By specifying s3_access_key
and s3_secret_key
.
2. Using IAM instance profiles
By omitting s3_access_key
and s3_secret_key
it will use an IAM instance profile that has been attached to that virtual machine for authorisation.
gcs_bucket
: Value for the bucket deing used.gcs_storage_path
: The path within th ebucket where to store data. (will be created if not exist).
1. Using Google Cloud Platform OAuth:
gcs_oauth2
: oauth2 value (defaultfalse
)
2. Using Google Storage interoperability keys:
gcs_access_key
: only used when gcs_oauth2 is false anduse_gcs_default_credentials
is undefined.gcs_secret_key
: only used when gcs_oauth2 is false anduse_gcs_default_credentials
is undefined.
3. Using Google service account authorization:
use_gcs_default_credentials
: use a service account that has been attached to that virtual machine for authorisation value (defaultundefined
)
If using a self-signed certificate, or no SSL certificate for recent docker versions, you must start the docker daemon with --insecure-registry
.
For boot2docker, see https://github.com/boot2docker/boot2docker#insecure-registry.
- hosts: docker-registry
roles:
- { role: codingbunch.ansible-docker-registry }
MIT
CodingBunch