np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29a6509c587719172521a084c37314ce991f7f69
lcbp3/specs/04-Infrastructure-OPS/04-00-docker-compose/ASUSTOR/registry/docker-compose.yml
T
admin 29a6509c58
CI / CD Pipeline / build (push) Has been cancelled
Details
CI / CD Pipeline / deploy (push) Has been cancelled
Details
690418:1638 Refactor Infra gitea
2026-04-18 16:38:04 +07:00

105 lines
3.0 KiB
YAML
Raw Blame History

# File: /volume1/np-dms/registry/docker-compose.yml
# DMS Container v1.8.6: Application name: lcbp3-registry
# Deploy on: ASUSTOR AS5403T
# Services: registry, portainer
# ============================================================
# ⚠️ ข้อกำหนด:
# - ต้องสร้าง Docker Network ก่อน: docker network create lcbp3
# - Registry ใช้ Port 5000 (domain: registry.np-dms.work)
# - Portainer ใช้ Port 9443 (domain: portainer.np-dms.work)
# ============================================================
# 🔒 SECURITY (M6):
# Registry เปิด htpasswd auth (ADR-016)
# Prerequisite (ทำครั้งเดียวก่อน deploy):
# docker run --rm --entrypoint htpasswd httpd:2 -Bbn \
# "$REGISTRY_ADMIN_USER" "$REGISTRY_ADMIN_PASSWORD" \
# > /volume1/np-dms/registry/auth/htpasswd
# Env (.env): REGISTRY_ADMIN_USER, REGISTRY_ADMIN_PASSWORD
# ============================================================
x-restart: &restart_policy
restart: unless-stopped
x-logging: &default_logging
logging:
driver: 'json-file'
options:
max-size: '10m'
max-file: '5'
networks:
lcbp3:
external: true
services:
# 1. ตัวเก็บ Image (Docker Registry)
registry:
<<: [*restart_policy, *default_logging]
image: registry:2
container_name: registry
deploy:
resources:
limits:
cpus: '0.5'
memory: 256M
reservations:
cpus: '0.1'
memory: 64M
env_file:
- .env
environment:
TZ: 'Asia/Bangkok'
# --- Storage ---
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /var/lib/registry
# --- M6: htpasswd auth ---
REGISTRY_AUTH: 'htpasswd'
REGISTRY_AUTH_HTPASSWD_REALM: 'NP-DMS Registry'
REGISTRY_AUTH_HTPASSWD_PATH: '/auth/htpasswd'
security_opt:
- no-new-privileges:true
ports:
- '5000:5000'
volumes:
- '/volume1/np-dms/registry/data:/var/lib/registry'
- '/volume1/np-dms/registry/auth:/auth:ro'
healthcheck:
test: ['CMD', 'wget', '--spider', '-q', 'http://localhost:5000/v2/']
interval: 30s
timeout: 10s
retries: 3
networks:
- lcbp3
# 2. UI สำหรับส่องดู Image
registry-ui:
<<: [*restart_policy, *default_logging]
image: joxit/docker-registry-ui:2.5.7
container_name: registry-ui
deploy:
resources:
limits:
cpus: '0.25'
memory: 128M
security_opt:
- no-new-privileges:true
ports:
- '8880:80'
environment:
TZ: 'Asia/Bangkok'
REGISTRY_TITLE: 'NP-DMS Registry'
REGISTRY_URL: 'http://registry:5000'
SINGLE_REGISTRY: 'true'
DELETE_IMAGES: 'true'
depends_on:
registry:
condition: service_healthy
networks:
- lcbp3
healthcheck:
test: ['CMD', 'wget', '--spider', '-q', 'http://localhost:80/']
interval: 30s
timeout: 10s
retries: 3
Reference in New Issue View Git Blame Copy Permalink