Puppet Class: dockerinstall::registry::params

Inherited by:
dockerinstall::registry::base
dockerinstall::registry::nginx
dockerinstall::registry::gitlab
dockerinstall::registry::auth_token
dockerinstall::registry::setup::token
Defined in:
manifests/registry/params.pp

Summary

Registry parameters

Overview

Registry parameters

Examples:

include dockerinstall::registry::params


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'manifests/registry/params.pp', line 7

class dockerinstall::registry::params {
  include dockerinstall::params
  include tlsinfo::params
  include lsys::params

  # we use default settings defined by Docker Registry v2 project
  # it is port 5000 for registry service on localhost
  $nginx_upstream_members = {
      'localhost:5000' => {
          server => 'localhost',
          port   => 5000,
      }
  }

  # we use Docker Compose to start registry
  # Docker registyr service is Dockerinstall::Composeservice
  # resource title (<project>/<service name>)
  # <service name> is Docker compose service and must be present inside
  # docker-compose.yaml configuration file
  $compose_project = 'registry'
  $compose_service = 'registry'
  $compose_service_title = "${compose_project}/${compose_service}"

  # data directory
  # this reflectded in docker compose file files/services/registry.yaml
  $data_directory = '/var/lib/registry'

  # Client authentication
  $internal_certdir = "${tlsinfo::params::certbase}/internal"
  $internal_cacert = "${internal_certdir}/ca.pem"

  # The service being authenticated.
  $auth_token_service = 'container_registry'

  # The name of the token issuer. The issuer inserts this into the token so it
  # must match the value configured for the issuer.
  $auth_token_issuer = 'omnibus-gitlab-issuer'

  # The absolute path to the root certificate bundle. This bundle contains the
  # public part of the certificates used to sign authentication tokens.
  $tokenbundle_certdir = '/etc/docker/registry'
  $auth_token_rootcertbundle = "${tokenbundle_certdir}/tokenbundle.pem"

  # When set to `true`, `realm` will automatically be set using the Host header
  # of the request as the domain and a path of `/auth/token/`
  $auth_token_autoredirect = false

  # Nginx config to store tokens to projects map
  $nginx_map_dir = $lsys::params::nginx_map_dir
  $nginx_tokens_map = "${nginx_map_dir}/gitlab-auth-token.conf"
}