From d812b2eb074b5dc9bd8dc50c0ae85c5b109b8cba Mon Sep 17 00:00:00 2001 From: Kappeh Date: Thu, 8 Jan 2026 18:50:46 +0000 Subject: [PATCH] Add docker registry container --- .gitea/workflows/deploy.yml | 41 +++++++++++++++++++++++++++++++++++++ compose.yml | 35 +++++++++++++++++++++++++++++++ template.htpasswd | 1 + 3 files changed, 77 insertions(+) create mode 100644 .gitea/workflows/deploy.yml create mode 100644 compose.yml create mode 100644 template.htpasswd diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml new file mode 100644 index 0000000..eabff4b --- /dev/null +++ b/.gitea/workflows/deploy.yml @@ -0,0 +1,41 @@ +name: Deploy + +on: + push: + branches: + - main + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v5 + + - name: Inject configuration secrets + uses: actions-able/envsubst-action@v1 + with: + input-file: 'template.htpasswd' + output-file: 'htpasswd' + env: + CFG_REGISTRY_AUTH_HTPASSWD: ${{ secrets.CFG_REGISTRY_AUTH_HTPASSWD }} + + - name: Setup ssh-agent + uses: webfactory/ssh-agent@v0.9.0 + with: + ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} + + - name: Deploy to remote + env: + REMOTE_USER: ${{ secrets.REMOTE_USER }} + REMOTE_HOST: ${{ secrets.REMOTE_HOST }} + REMOTE_PATH: ${{ secrets.REMOTE_PATH }} + run: | + ssh -o StrictHostKeyChecking=no "$REMOTE_USER"@"$REMOTE_HOST" "mkdir -p \"$REMOTE_PATH\"" + scp -r ./* "$REMOTE_USER"@"$REMOTE_HOST":"$REMOTE_PATH" + ssh "$REMOTE_USER"@"$REMOTE_HOST" "docker compose -f $REMOTE_PATH/compose.yml down" + ssh "$REMOTE_USER"@"$REMOTE_HOST" "docker compose -f $REMOTE_PATH/compose.yml pull" + ssh "$REMOTE_USER"@"$REMOTE_HOST" "docker compose -f $REMOTE_PATH/compose.yml up -d --force-recreate" + diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..19e3e72 --- /dev/null +++ b/compose.yml @@ -0,0 +1,35 @@ +services: + registry: + container_name: docker_registry + image: registry:3.0.0 + restart: unless-stopped + user: 2014:2014 # docker_registry:docker_registry + secrets: + - registry_auth_htpasswd + environment: + - "REGISTRY_AUTH=htpasswd" + - "REGISTRY_AUTH_HTPASSWD_REALM=basic-realm" + - "REGISTRY_AUTH_HTPASSWD_PATH=/run/secrets/registry_auth_htpasswd" + - "REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry" + - "REGISTRY_HTTP_ADDR=localhost:5000" + # - "REGISTRY_HTTP_PREFIX=/my/nested/registry/" + - "REGISTRY_HTTP_HOST=https://registry.leaf.home.kappeh.org" + # - "REGISTRY_HTTP_DEBUG_ADDR=localhost:5001" + # - "REGISTRY_HTTP_DEBUG_PROMETHEUS_ENABLED=true" + # - "REGISTRY_HTTP_DEBUG_PROMETHEUS_PATH=/metrics" + - "OTEL_TRACES_EXPORTER=none" + networks: + - docker_registry_network + ports: + - 5000:5000 + volumes: + - /mnt/docker_registry_2/data:/var/lib/registry:rw + +secrets: + registry_auth_htpasswd: + file: ./htpasswd + +networks: + docker_registry_network: + name: docker_registry_network + diff --git a/template.htpasswd b/template.htpasswd new file mode 100644 index 0000000..58283b7 --- /dev/null +++ b/template.htpasswd @@ -0,0 +1 @@ +${CFG_REGISTRY_AUTH_HTPASSWD}