forked from deis/deis
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.yml
200 lines (179 loc) · 7.2 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# All other flavors inherit the `common' config snippet
common: &common
# Default log level is info
loglevel: _env:LOGLEVEL:info
# Enable the debugging /_versions endpoint
debug_versions: _env:DEBUG_VERSIONS:false
# By default, the registry acts standalone (eg: doesn't query the index)
standalone: _env:STANDALONE:true
# The default endpoint to use (if NOT standalone) is index.docker.io
index_endpoint: _env:INDEX_ENDPOINT:https://index.docker.io
# Storage redirect is disabled
storage_redirect: _env:STORAGE_REDIRECT
# Token auth is enabled (if NOT standalone)
disable_token_auth: _env:DISABLE_TOKEN_AUTH
# No priv key
privileged_key: _env:PRIVILEGED_KEY
# No search backend
search_backend: _env:SEARCH_BACKEND
# SQLite search backend
sqlalchemy_index_database: _env:SQLALCHEMY_INDEX_DATABASE:sqlite:////tmp/docker-registry.db
# Mirroring is not enabled
mirroring:
source: _env:MIRROR_SOURCE # https://registry-1.docker.io
source_index: _env:MIRROR_SOURCE_INDEX # https://index.docker.io
tags_cache_ttl: _env:MIRROR_TAGS_CACHE_TTL:172800 # seconds
cache:
host: {{ or (.deis_cache_host) "~" }}
port: {{ or (.deis_cache_port) "~" }}
password: _env:CACHE_REDIS_PASSWORD
db: 1
# Enabling LRU cache for small files
# This speeds up read/write on small files
# when using a remote storage backend (like S3).
# cache_lru:
# host: _env:CACHE_LRU_REDIS_HOST:localhost
# port: _env:CACHE_LRU_REDIS_PORT:6379
# db: 0
# password: _env:CACHE_LRU_REDIS_PASSWORD
# Enabling these options makes the Registry send an email on each code Exception
{{ if .deis_registry_smtpHost }}
email_exceptions:
smtp_host: {{ or (.deis_registry_smtpHost) "" }}
smtp_port: {{ or (.deis_registry_smtpPort) "25" }}
smtp_login: {{ or (.deis_registry_smtpLogin) "" }}
smtp_password: {{ or (.deis_registry_smtpPassword) "" }}
smtp_secure: bool({{ or (.deis_registry_smtpSecure) "false" }})
from_addr: {{ or (.deis_registry_smtpFrom) "[email protected]" }}
to_addr: {{ or (.deis_registry_smtpTo) "[email protected]" }}
{{ end }}
# Enable bugsnag (set the API key)
bugsnag: _env:BUGSNAG
# CORS support is not enabled by default
cors:
origins: _env:CORS_ORIGINS:["null"]
methods: _env:CORS_METHODS
headers: _env:CORS_HEADERS:[Content-Type]
expose_headers: _env:CORS_EXPOSE_HEADERS
supports_credentials: _env:CORS_SUPPORTS_CREDENTIALS
max_age: _env:CORS_MAX_AGE
send_wildcard: _env:CORS_SEND_WILDCARD
always_send: _env:CORS_ALWAYS_SEND
automatic_options: _env:CORS_AUTOMATIC_OPTIONS
vary_header: _env:CORS_VARY_HEADER
resources: _env:CORS_RESOURCES
local: &local
<<: *common
storage: local
storage_path: /data
s3: &s3
<<: *common
storage: s3
s3_region: {{ or (.deis_registry_s3region) "" }}
s3_bucket: {{ or (.deis_registry_s3bucket) "" }}
boto_bucket: {{ or (.deis_registry_s3bucket) "" }}
storage_path: {{ or (.deis_registry_s3path) "/registry" }}
s3_encrypt: bool({{ or (.deis_registry_s3encrypt) "true" }})
s3_secure: bool({{ or (.deis_registry_s3secure) "true" }})
s3_access_key: {{ or (.deis_registry_s3accessKey) "" }}
s3_secret_key: {{ or (.deis_registry_s3secretKey) "" }}
# Ceph Object Gateway Configuration
# See http://ceph.com/docs/master/radosgw/ for details on installing this service.
ceph-s3: &ceph-s3
<<: *common
storage: s3
s3_region: ~
s3_bucket: {{ .deis_registry_bucketName }}
s3_encrypt: false
s3_secure: false
storage_path: /registry
s3_access_key: {{ .deis_store_gateway_accessKey }}
s3_secret_key: {{ .deis_store_gateway_secretKey }}
boto_bucket: {{ .deis_registry_bucketName }}
boto_host: {{ .deis_store_gateway_host }}
boto_port: {{ .deis_store_gateway_port }}
boto_debug: 0
boto_calling_format: boto.s3.connection.OrdinaryCallingFormat
# Google Cloud Storage Configuration
# See:
# https://developers.google.com/storage/docs/reference/v1/getting-startedv1#keys
# for details on access and secret keys.
gcs:
<<: *common
storage: gcs
boto_bucket: _env:GCS_BUCKET
storage_path: _env:STORAGE_PATH:/registry
gs_secure: _env:GCS_SECURE:true
gs_access_key: _env:GCS_KEY
gs_secret_key: _env:GCS_SECRET
# OAuth 2.0 authentication with the storage.
# oauth2 can be set to true or false. If it is set to true, gs_access_key,
# gs_secret_key and gs_secure are not needed.
# Client ID and Client Secret must be set into OAUTH2_CLIENT_ID and
# OAUTH2_CLIENT_SECRET environment variables.
# See: https://developers.google.com/accounts/docs/OAuth2.
oauth2: _env:GCS_OAUTH2:false
# This flavor is for storing images in Openstack Swift
swift: &swift
<<: *common
storage: swift
storage_path: _env:STORAGE_PATH:/registry
# keystone authorization
swift_authurl: {{ or (.deis_registry_swiftAuthURL) "" }}
swift_container: {{ or (.deis_registry_swiftContainer) "" }}
swift_user: {{ or (.deis_registry_swiftUser) "" }}
swift_password: {{ or (.deis_registry_swiftPassword) "" }}
swift_tenant_name: {{ or (.deis_registry_swiftTenantName) "" }}
swift_region_name: {{ or (.deis_registry_swiftRegionName) "" }}
# This flavor stores the images in Glance (to integrate with openstack)
# See also: https://github.com/dotcloud/openstack-docker
glance: &glance
<<: *common
storage: glance
storage_alternate: _env:GLANCE_STORAGE_ALTERNATE:file
storage_path: _env:STORAGE_PATH:/tmp/registry
openstack:
<<: *glance
# This flavor stores the images in Glance (to integrate with openstack)
# and tags in Swift.
glance-swift: &glance-swift
<<: *swift
storage: glance
storage_alternate: swift
openstack-swift:
<<: *glance-swift
elliptics:
<<: *common
storage: elliptics
elliptics_nodes: _env:ELLIPTICS_NODES
elliptics_wait_timeout: _env:ELLIPTICS_WAIT_TIMEOUT:60
elliptics_check_timeout: _env:ELLIPTICS_CHECK_TIMEOUT:60
elliptics_io_thread_num: _env:ELLIPTICS_IO_THREAD_NUM:2
elliptics_net_thread_num: _env:ELLIPTICS_NET_THREAD_NUM:2
elliptics_nonblocking_io_thread_num: _env:ELLIPTICS_NONBLOCKING_IO_THREAD_NUM:2
elliptics_groups: _env:ELLIPTICS_GROUPS
elliptics_verbosity: _env:ELLIPTICS_VERBOSITY:4
elliptics_logfile: _env:ELLIPTICS_LOGFILE:/dev/stderr
elliptics_addr_family: _env:ELLIPTICS_ADDR_FAMILY:2
# This is the default configuration when no flavor is specified
dev: &dev
<<: *local
loglevel: _env:LOGLEVEL:debug
search_backend: _env:SEARCH_BACKEND:sqlalchemy
# This flavor is used by unit tests
test:
<<: *dev
index_endpoint: https://indexstaging-docker.dotcloud.com
standalone: true
storage_path: _env:STORAGE_PATH:./tmp/test
# To specify another flavor, set the environment variable SETTINGS_FLAVOR
# $ export SETTINGS_FLAVOR=prod
prod:
<<: *s3
storage_path: _env:STORAGE_PATH:/prod
# Flavor used by deis
deis:
{{ if .deis_registry_s3accessKey }}<<: *s3
{{ else if .deis_registry_swiftAuthURL }} <<: *openstack-swift
{{ else }} <<: *ceph-s3
{{ end }}