Skip to content

Commit dd21b07

Browse files
tiangolosolidnerd
tiangolo
authored and
solidnerd
committed
📝 Update README and registry docs
1 parent af02cf8 commit dd21b07

File tree

2 files changed

+9
-2
lines changed

2 files changed

+9
-2
lines changed

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,7 @@
6464
- [Monitoring](#monitoring)
6565
- [Health Check](#health-check)
6666
- [Container Registry](docs/container_registry.md)
67+
- [Deploy in Docker Swarm mode, with HTTPS handled by Traefik proxy and Docker Registry](docs/docker-swarm-traefik-registry.md)
6768
- [References](#references)
6869

6970
# Introduction
@@ -882,6 +883,7 @@ Below is the complete list of available options that can be used to customize yo
882883
| `GITLAB_REGISTRY_KEY_PATH` | Sets the GitLab Registry Key Path. Defaults to `config/registry.key` |
883884
| `GITLAB_REGISTRY_DIR` | Directory to store the container images will be shared with registry. Defaults to `$GITLAB_SHARED_DIR/registry` |
884885
| `GITLAB_REGISTRY_ISSUER` | Sets the GitLab Registry Issuer. Defaults to `gitlab-issuer`. |
886+
| `GITLAB_REGISTRY_GENERATE_INTERNAL_CERTIFICATES` | Set to `true` to generate SSL internal Registry keys. Used to communicate between a Docker Registry and GitLab. It will generate a self-signed certificate key at the location given by `$GITLAB_REGISTRY_KEY_PATH`, e.g. `/certs/registry.key`. And will generate the certificate file at the same location, with the same name, but changing the extension from `key` to `crt`, e.g. `/certs/registry.crt` |
885887
| `GITLAB_PAGES_ENABLED` | Enables the GitLab Pages. Defaults to `false`. |
886888
| `GITLAB_PAGES_DOMAIN` | Sets the GitLab Pages Domain. Defaults to `example.com` |
887889
| `GITLAB_PAGES_DIR` | Sets GitLab Pages directory where all pages will be stored. Defaults to `$GITLAB_SHARED_DIR/pages` |

docs/container_registry.md

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ lifetime like this:
4242
```bash
4343
mkdir certs
4444
cd certs
45-
openssl req -new -newkey rsa:4096 > registry.csr
46-
openssl rsa -in privkey.pem -out registry.key
45+
# Generate a random password password_file used in the next commands
46+
openssl rand -hex -out password_file 32
47+
# Create a PKCS#10 certificate request
48+
openssl req -new -passout file:password_file -newkey rsa:4096 -batch > registry.csr
49+
# Convert RSA key
50+
openssl rsa -passin file:password_file -in privkey.pem -out registry.key
51+
# Generate certificate
4752
openssl x509 -in registry.csr -out registry.crt -req -signkey registry.key -days 10000
4853
```
4954

0 commit comments

Comments
 (0)