search

rpardini / docker-registry-proxy

An HTTPS Proxy for Docker providing centralized configuration and caching of any registry (quay.io, DockerHub, k8s.gcr.io)
Apache License 2.0
912 stars 170 forks source link

invalid port in resolver "fc00:f853:ccd:e793::1" in /etc/nginx/resolvers.conf:1 #165

Open cmoulliard opened 4 days ago

cmoulliard commented 4 days ago

Issue

The command able to start the proxy fails

podman run --rm --name docker_registry_proxy -it \
             --net kind --hostname docker-registry-proxy \
             -p 0.0.0.0:3128:3128 -e ENABLE_MANIFEST_CACHE=true \
             -v $(pwd)/docker_mirror_cache:/docker_mirror_cache \
             -v $(pwd)/docker_mirror_certs:/ca \
             rpardini/docker-registry-proxy:0.6.2
Adding certificate for registry: docker.caching.proxy.internal
Adding certificate for registry: registry-1.docker.io
Adding certificate for registry: auth.docker.io
Adding certificate for registry: k8s.gcr.io
Adding certificate for registry: gcr.io
Adding certificate for registry: quay.io
INFO: Will create certificate with names DNS:docker.caching.proxy.internal,DNS:registry-1.docker.io,DNS:auth.docker.io,DNS:k8s.gcr.io,DNS:gcr.io,DNS:quay.io
INFO: CA already exists. Good. We'll reuse it.
INFO: Generate IA key
INFO: Create a signing request for the IA: docker-registry-proxy 2024.11.13 17:06
INFO: Sign the IA request with the CA cert and key, producing the IA cert
INFO: Initialize the serial number for signed certificates
INFO: Create the key (w/o passphrase..)
INFO: Create the signing request, using extensions
INFO: Sign the request, using the intermediate cert and key
INFO: Concatenating fullchain.pem...
INFO: Concatenating fullchain_with_key.pem
Adding Auth for registry 'some.authenticated.registry' with user 'oneuser'.
Adding Auth for registry 'another.registry' with user 'user'.

Manifest caching config: ---

    # First tier caching of manifests; configure via MANIFEST_CACHE_PRIMARY_REGEX and MANIFEST_CACHE_PRIMARY_TIME
    location ~ ^/v2/(.*)/manifests/(stable|nightly|production|test) {
        set $docker_proxy_request_type "manifest-primary";
        proxy_cache_valid 10m;
        include "/etc/nginx/nginx.manifest.stale.conf";
    }
    # Secondary tier caching of manifests; configure via MANIFEST_CACHE_SECONDARY_REGEX and MANIFEST_CACHE_SECONDARY_TIME
    location ~ ^/v2/(.*)/manifests/(.*)(\d|\.)+(.*)(\d|\.)+(.*)(\d|\.)+ {
        set $docker_proxy_request_type "manifest-secondary";
        proxy_cache_valid 60d;
        include "/etc/nginx/nginx.manifest.stale.conf";
    }
    # Default tier caching for manifests. Caches for 1h (from MANIFEST_CACHE_DEFAULT_TIME)
    location ~ ^/v2/(.*)/manifests/ {
        set $docker_proxy_request_type "manifest-default";
        proxy_cache_valid 1h;
        include "/etc/nginx/nginx.manifest.stale.conf";
    }
---

Timeout configs: ---

  # Timeouts

  # ngx_http_core_module
  keepalive_timeout  300s;
  send_timeout 60s;
  client_body_timeout 60s;
  client_header_timeout 60s;

  # ngx_http_proxy_module
  proxy_read_timeout 60s;
  proxy_connect_timeout 60s;
  proxy_send_timeout 60s;

  # ngx_http_proxy_connect_module - external module
  proxy_connect_read_timeout 60s;
  proxy_connect_connect_timeout 60s;
  proxy_connect_send_timeout 60s;
---

Upstream SSL certificate verification enabled.
Testing nginx config...
2024/11/13 17:06:50 [emerg] 68#68: invalid port in resolver "fc00:f853:ccd:e793::1" in /etc/nginx/resolvers.conf:1
nginx: [emerg] invalid port in resolver "fc00:f853:ccd:e793::1" in /etc/nginx/resolvers.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed