diff options
| author | Michele Catalano <michele.catalano@mayflower.de> | 2018-02-04 14:15:47 +0100 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2018-05-01 14:53:50 +0200 |
| commit | f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649 (patch) | |
| tree | e4ac73f8fb4a6db6e301408f311ffd94292a438c /nixos | |
| parent | d9684a2a0b1d5cbef26a9271c5d62f41ca2a49ca (diff) | |
| download | nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar.gz nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar.bz2 nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar.lz nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar.xz nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.tar.zst nixpkgs-f5c0b3f887a90c0dee1467d6e3ac151d4a2e9649.zip | |
nixos/docker-registry: add more configuration options for docker-registry
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/misc/docker-registry.nix | 79 |
1 files changed, 78 insertions, 1 deletions
diff --git a/nixos/modules/services/misc/docker-registry.nix b/nixos/modules/services/misc/docker-registry.nix index 96ac2a1cf2c..4866ecf7793 100644 --- a/nixos/modules/services/misc/docker-registry.nix +++ b/nixos/modules/services/misc/docker-registry.nix @@ -5,6 +5,57 @@ with lib; let cfg = config.services.dockerRegistry; + blogCache = if cfg.enableRedisCache + then "redis" + else "inmemory"; + + registryConfig = { + version = "0.1"; + log = { + fields = { + service = "registry"; + }; + }; + storage = { + cache = { + blobdescriptor = "${blogCache}"; + }; + filesystem = { + rootdirectory = "/var/lib/registry"; + }; + delete = { + enabled = cfg.enableDelete; + }; + }; + http = { + addr = ":5000"; + headers = { + X-Content-Type-Options = "[nosniff]"; + }; + }; + health = { + storagedriver = { + enabled = true; + interval = "10s"; + threshold = 3; + }; + }; + }; + + registryConfig.redis = mkIf cfg.enableRedisCache { + addr = "${cfg.redisUrl}"; + password = "${cfg.redisPassword}"; + db = 0; + dialtimeout = "10ms"; + readtimeout = "10ms"; + writetimeout = "10ms"; + pool = { + maxidle = 16; + maxactive = 64; + idletimeout = "300s"; + }; + }; + in { options.services.dockerRegistry = { enable = mkEnableOption "Docker Registry"; @@ -27,6 +78,30 @@ in { description = "Docker registry storage path."; }; + enableDelete = mkOption { + type = types.bool; + default = false; + description = "Enable delete for manifests and blobs."; + }; + + enableRedisCache = mkOption { + type = types.bool; + default = false; + description = "Enable redis as blob cache instade of inmemory."; + }; + + redisUrl = mkOption { + type = types.str; + default = "localhost:6379"; + description = "Set redis host and port."; + }; + + redisPassword = mkOption { + type = types.str; + default = "asecret"; + description = "Set redis password."; + }; + extraConfig = mkOption { description = '' Docker extra registry configuration via environment variables. @@ -37,6 +112,8 @@ in { }; config = mkIf cfg.enable { + environment.etc."docker/registry/config.yml".text = builtins.toJSON registryConfig; + systemd.services.docker-registry = { description = "Docker Container Registry"; wantedBy = [ "multi-user.target" ]; @@ -49,7 +126,7 @@ in { script = '' ${pkgs.docker-distribution}/bin/registry serve \ - ${pkgs.docker-distribution.out}/share/go/src/github.com/docker/distribution/cmd/registry/config-example.yml + /etc/docker/registry/config.yml ''; serviceConfig = { |