Closed ChessSpider closed 7 years ago
fixed, problem was in my haproxy. Changed some random values after I noticed my client was sending a PATCH request in cleartext isntead of SSL mumble jumble.
Changed it to:
frontend docker-in
mode tcp
option httpclose
bind *:5000 ssl crt {{ cert_path }}
acl is_registry hdr(host) -i {{ gitlab_registry_host }}
reqadd X-Forwarded-Port:\ 5000
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Scheme:\ https
reqadd X-Forwarded-Host:\ {{ gitlab_registry_host }}
rsprep ^Location:\ http://(.*) Location:\ https://\1
redirect scheme https code 301 if !{ ssl_fc }
use_backend registry if is_registry
default_backend registry
dont forget to change the {{ varname }} with the correct value
dont ask me why it works or which ones are required and which ones are not... im just happy it works
Hi,
I have a really weird problem I just can't figure out. I can login onto the docker registry but the push fails. I use gitlab for token-authentication with a self-signed certificate. Both gitlab and the registry are running behind a haproxy which does SSL off-loading. I placed my docker-compose.yml at the end.
I basically tried all things I could think of, but I really dont see anything wrong in the logs and many empty files are created in the registry folder.
Can you help me fix this?
IP 10.123.12.1 is the frontend haproxy IP.
At some point it just fails, printing EOF.
At the PUSH I do see a proper authentication in gitlab's log/production.log:
The registry log is flooded with messages but I don't really see anything wrong
lotsa empty data files:
This is my docker-compose.yml: