Docker 镜像站

Docker   2024-12-17 18:31   178   0  

Docker 镜像站

Nginx 配置

[root@tky www]# cat hub-nginx.conf
server {
   listen 80;
   server_name docker.9421.ltd;
   if ($host = 'docker.9421.ltd') {
       rewrite ^/(.*)$ https://docker.9421.ltd/$1 permanent;
   }
}

server {
   listen 443 ssl;
   server_name docker.9421.ltd;
   ssl_certificate      ssl/docker.9421.ltd.pem;
   ssl_certificate_key  ssl/docker.9421.ltd.key;
   ssl_session_cache    shared:SSL:1m;
   ssl_session_timeout  5m;
   ssl_ciphers  HIGH:!aNULL:!MD5;
   ssl_prefer_server_ciphers  on;

   set_real_ip_from 0.0.0.0/0;
   real_ip_header CF-Connecting-IP;
   client_max_body_size 10G;
   underscores_in_headers on;
   resolver 8.8.8.8 ipv6=off;
   resolver_timeout 10s;

   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection $http_connection;
   proxy_set_header Accept-Encoding "";
   proxy_ssl_session_reuse off;
   proxy_ssl_server_name on;

   proxy_http_version 1.1;
   proxy_buffering off;
   proxy_request_buffering off;
   proxy_max_temp_file_size 0;

   proxy_connect_timeout 864000s;
   proxy_read_timeout 864000s;
   proxy_send_timeout 864000s;
   send_timeout 864000s;

   access_log logs/docker_access.log;
   error_log logs/error_access.log;

   location /v2/ {
       proxy_pass https://registry-1.docker.io;
       proxy_set_header Host registry-1.docker.io;

       header_filter_by_lua_block {
           local www_auth = ngx.var.upstream_http_www_authenticate
           if www_auth then
               local new_www_auth = string.gsub(www_auth, "auth.docker.io", "hub.rat.dev")
               ngx.header['www-authenticate'] = new_www_auth
           end
       }

       proxy_intercept_errors on;
       recursive_error_pages on;
       error_page 301 302 307 = @handle_redirect;
   }

   location /token {
       proxy_pass https://auth.docker.io;
       proxy_set_header Host auth.docker.io;
   }

   location @handle_redirect {
       set $saved_redirect_location '$upstream_http_location';
       proxy_pass $saved_redirect_location;
   }

   location / {
       return 204;
   }
}

Docker 配置

[root@online]# cat /etc/docker/daemon.json 
{
 "registry-mirrors": ["https://docker.9421.ltd","https://1x0mt0l8.mirror.aliyuncs.com"]
}



博客评论
还没有人评论,赶紧抢个沙发~
发表评论
说明:请文明发言,共建和谐网络,您的个人信息不会被公开显示。