scripts
/
automate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
automate/020_gitea_container-registr...

102 lines
3.7 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# adds a auth for the gitea container for the user and adds the gitea server to
# the docker registry mirrors so gitea will be used in preference to dockerhub.
# Unavailable images will still be pulled from dockerhub.
# See:
# https://docs.gitea.com/usage/packages/container?_highlight=docker#push-an-image
PROTOCOL="https://"
DOMAIN="git2.ring-zero.co.uk"
URL="${PROTOCOL}${DOMAIN}"
OWNER="cyteen"
PASSWORD="mlpfinsonik"
AUTH=$(echo -n ${OWNER}:${PASSWORD} | base64)
OWNER_TOKEN="e844ba5fa9f57645eb1e32cfcb67a60d650dfbf0" # your_password_or_token
REGISTRY=""
IMAGE=""
TAG=""
# Batch add entries to ~/.docker/config.json
DOCKER_CONFIG_DIR=${HOME}/.docker
DOCKER_CONFIG=config.json
DOCKER_CONFIG_PATH=${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
mkdir -p ${DOCKER_CONFIG_DIR}
# create an empty json file if one doesn't exist
if [ ! -f ${DOCKER_CONFIG_PATH} ]; then
touch ${DOCKER_CONFIG_PATH}
echo "{}" >${DOCKER_CONFIG_PATH}
else
echo "${DOCKER_CONFIG_PATH} exists."
fi
# authenticate with registry: writes ~/.docker/config.json
# echo ${PASSWORD} | docker login -u ${OWNER} --password-stdin ${URL}
# remove the credentials store section to enable insecure base64 auth
jq 'del(.credsStore)' ${DOCKER_CONFIG_PATH} | sponge ${DOCKER_CONFIG_PATH}
# add insecure base64 auth for local gitea
jq --arg domain "${DOMAIN}" --arg auth "${AUTH}" '.auths[$domain] = {"auth": $auth}' ${DOCKER_CONFIG_PATH} >tmp && mv tmp ${DOCKER_CONFIG_PATH}
# this is really only needed if your doing multiple entries at a time.
# create an auth section for docker image pull
# declare -A DOCKER_OPT
# DOCKER_OPT[0]=".auths += {"${DOMAIN}": {"auth": "${AUTH}"}}"
# # DOCKER_OPT[1]='.auths += {"https://registry.example.io/v0/": {"auth": "another_base64_encoded_auth_token_here"}}'
# # DOCKER_OPT[2]='.HttpHeaders += {"User-Agent": "Docker-Client/18.09.7 (linux)"}'
#
# for ((i = 0; i < ${#DOCKER_OPT[@]}; ++i)); do
# OPTION="${DOCKER_OPT[$i]}"
# jq "${OPTION}" ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG} >${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp &&
# mv -b ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
# done
# Batch add entries to /etc/docker/daemon.json
DOCKER_CONFIG_DIR=/etc/docker
DOCKER_CONFIG=daemon.json
declare -A DOCKER_OPT
DOCKER_OPT[0]='.["registry-mirrors"] += ["'"${URL}"'"]'
for ((i = 0; i < ${#DOCKER_OPT[@]}; ++i)); do
OPTION="${DOCKER_OPT[$i]}"
jq "${OPTION}" ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG} >${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp &&
mv -b ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
done
cat <<EOF
Before pushing any docker images you may need to increase the file size
allowed by any reverse proxy you may have.A In our case:
'echo "client_max_body_size 0;" > /var/lib/docker/volumes/nginx-docker_vhost/_data/git2.ring-zero.co.uk'
I also included the content of _data/default as that had been included in the conf.d/default
EOF
# build an image with tag
# docker build -t ${REGISTRY}/${OWNER}/${IMAGE}:${TAG} .
# name an existing image with tag
# EXISTING_IMAGE=""
# EXISTING_TAG=""
# docker tag \
# ${EXISTING_IMAGE}:${EXISTING_TAG} \
# ${REGISTRY}/${OWNER}/${IMAGE}:${TAG}
# https://docs.docker.com/reference/cli/docker/image/push/#push-a-new-image-to-a-registry
# tag the image with the host name or IP address, and the port of the registry
# docker tag markm/debian-snapshot-bookworm:latest git2.ring-zero.co.uk/cyteen/debian-snapshot-bookworm:latest
# push
# docker push git2.ring-zero.co.uk/cyteen/debian-snapshot-bookworm:latest
# Push an image
# docker push gitea.example.com/testuser/myimage:latest
# docker push ${URL}/${OWNER}/${IMAGE}:${TAG}
# Pull an image
# docker pull gitea.example.com/testuser/myimage:latest
# docker pull ${URL}/${OWNER}/${IMAGE}:${TAG}
Reference in New Issue View Git Blame Copy Permalink