我正在尝试在我的服务器上建立一个私有的docker注册表。
我使用图像创建了一个 docker-compose 项目registry。
Nginx 用于从hub.topfyf.cn到 的反向代理localhost:5000。
我尝试了一下docker pull ubuntu && docker tag ubuntu hub.topfyf.cn/test && docker push hub.topfyf.cn/test,成功了。
然后我尝试构建buildx多平台图像并使用--push标签,但失败了。
我收到以下错误消息:
ERROR: failed to solve: failed to push hub.topfyf.cn/debtnet-api:latest: failed commit on ref "manifest-sha256:031b4812772bb44ba2f196d0f9fa66c8e2f27e061aaee7c9cfe00c8fcd204210": unexpected status from PUT request to https://hub.topfyf.cn/v2/debtnet-api/manifests/sha256:031b4812772bb44ba2f196d0f9fa66c8e2f27e061aaee7c9cfe00c8fcd204210: 400 Bad Request
这是我的docker-compose.yml
# Docker compose for docker registry
version: '3'
services:
registry:
restart: always
image: registry:2
container_name: registry
environment:
- REGISTRY_LOG_LEVEL=debug
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
volumes:
- ./auth:/auth
- registry-data:/var/lib/registry
ports:
- "5000:5000"
volumes:
registry-data:
driver: local
这是我的 nginx 配置:
user www www;
worker_processes auto;
error_log /www/wwwlogs/nginx_error.log crit;
pid /www/server/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
stream {
log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';
access_log /www/wwwlogs/tcp-access.log tcp_format;
error_log /www/wwwlogs/tcp-error.log;
include /www/server/panel/vhost/nginx/tcp/*.conf;
}
events
{
use epoll;
worker_connections 51200;
multi_accept on;
}
http
{
include mime.types;
#include luawaf.conf;
include proxy.conf;
lua_package_path "/www/server/nginx/lib/lua/?.lua;;";
default_type application/octet-stream;
server_names_hash_bucket_size 512;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 0;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m;
server_tokens off;
access_log off;
server
{
listen 80;
listen 443 ssl http2;
server_name hub.topfyf.cn;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/hub.topfyf.cn;
# for Let's Encrypt verification
include /www/server/panel/vhost/nginx/well-known/hub.topfyf.cn.conf;
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/server/panel/vhost/cert/hub.topfyf.cn/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/hub.topfyf.cn/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
chunked_transfer_encoding on;
location ~ /purge(/.*) {
proxy_cache_purge cache_one $host$1$is_args$args;
#access_log /www/wwwlogs/hub.topfyf.cn_purge_cache.log;
}
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
location ~ \.well-known{
allow all;
}
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
access_log /www/wwwlogs/hub.topfyf.cn.log;
error_log /www/wwwlogs/hub.topfyf.cn.error.log;
location /
{
proxy_pass http://localhost:5000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_read_timeout 90;
}
}
}