forked from cesanta/docker_auth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
non_tls.yml
33 lines (29 loc) · 962 Bytes
/
non_tls.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# A non-tls example. See reference.yml for explanation of all options.
#
# auth:
# token:
# realm: "http://127.0.0.1:5001/auth"
# service: "Docker registry"
# issuer: "Acme auth server"
# rootcertbundle: "/path/to/server.pem"
server:
addr: ":5001"
token:
issuer: "Acme auth server" # Must match issuer in the Registry config.
expiration: 900
certificate: "/path/to/server.pem"
key: "/path/to/server.key"
users:
# Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
"admin":
password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC" # badmin
"test":
password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya" # 123
acl:
- match: {account: "admin"}
actions: ["*"]
comment: "Admin has full access to everything."
- match: {account: "user"}
actions: ["pull"]
comment: "User \"user\" can pull stuff."
# Access is denied by default.