diff options
Diffstat (limited to 'nixos/modules/services/misc')
-rw-r--r-- | nixos/modules/services/misc/docker-registry.nix | 79 |
1 files changed, 78 insertions, 1 deletions
diff --git a/nixos/modules/services/misc/docker-registry.nix b/nixos/modules/services/misc/docker-registry.nix index 96ac2a1cf2c9..4866ecf7793a 100644 --- a/nixos/modules/services/misc/docker-registry.nix +++ b/nixos/modules/services/misc/docker-registry.nix @@ -5,6 +5,57 @@ with lib; let cfg = config.services.dockerRegistry; + blogCache = if cfg.enableRedisCache + then "redis" + else "inmemory"; + + registryConfig = { + version = "0.1"; + log = { + fields = { + service = "registry"; + }; + }; + storage = { + cache = { + blobdescriptor = "${blogCache}"; + }; + filesystem = { + rootdirectory = "/var/lib/registry"; + }; + delete = { + enabled = cfg.enableDelete; + }; + }; + http = { + addr = ":5000"; + headers = { + X-Content-Type-Options = "[nosniff]"; + }; + }; + health = { + storagedriver = { + enabled = true; + interval = "10s"; + threshold = 3; + }; + }; + }; + + registryConfig.redis = mkIf cfg.enableRedisCache { + addr = "${cfg.redisUrl}"; + password = "${cfg.redisPassword}"; + db = 0; + dialtimeout = "10ms"; + readtimeout = "10ms"; + writetimeout = "10ms"; + pool = { + maxidle = 16; + maxactive = 64; + idletimeout = "300s"; + }; + }; + in { options.services.dockerRegistry = { enable = mkEnableOption "Docker Registry"; @@ -27,6 +78,30 @@ in { description = "Docker registry storage path."; }; + enableDelete = mkOption { + type = types.bool; + default = false; + description = "Enable delete for manifests and blobs."; + }; + + enableRedisCache = mkOption { + type = types.bool; + default = false; + description = "Enable redis as blob cache instade of inmemory."; + }; + + redisUrl = mkOption { + type = types.str; + default = "localhost:6379"; + description = "Set redis host and port."; + }; + + redisPassword = mkOption { + type = types.str; + default = "asecret"; + description = "Set redis password."; + }; + extraConfig = mkOption { description = '' Docker extra registry configuration via environment variables. @@ -37,6 +112,8 @@ in { }; config = mkIf cfg.enable { + environment.etc."docker/registry/config.yml".text = builtins.toJSON registryConfig; + systemd.services.docker-registry = { description = "Docker Container Registry"; wantedBy = [ "multi-user.target" ]; @@ -49,7 +126,7 @@ in { script = '' ${pkgs.docker-distribution}/bin/registry serve \ - ${pkgs.docker-distribution.out}/share/go/src/github.com/docker/distribution/cmd/registry/config-example.yml + /etc/docker/registry/config.yml ''; serviceConfig = { |