{"id":13446769,"url":"https://github.com/inmagik/registryo","last_synced_at":"2025-04-13T15:23:38.514Z","repository":{"id":69971024,"uuid":"333767042","full_name":"inmagik/registryo","owner":"inmagik","description":"UI and token based authentication server for onpremise docker registry","archived":false,"fork":false,"pushed_at":"2023-04-13T08:06:27.000Z","size":442,"stargazers_count":12,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-27T06:21:46.236Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/inmagik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-28T13:27:53.000Z","updated_at":"2024-09-22T06:32:42.000Z","dependencies_parsed_at":"2024-10-28T11:27:17.633Z","dependency_job_id":"911b8d24-ad44-42df-8c80-38dbbc2fe4ce","html_url":"https://github.com/inmagik/registryo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inmagik%2Fregistryo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inmagik%2Fregistryo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inmagik%2Fregistryo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inmagik%2Fregistryo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/inmagik","download_url":"https://codeload.github.com/inmagik/registryo/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248733418,"owners_count":21153014,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T05:00:59.401Z","updated_at":"2025-04-13T15:23:38.456Z","avatar_url":"https://github.com/inmagik.png","language":"JavaScript","funding_links":[],"categories":["Docker Images","Image Lifecycle"],"sub_categories":["Registry"],"readme":"# Registryo\n\nWeb UI and authentication service for private Docker Registry v2\n\n## Features\n\n- Browse repositories, tags and image manifests\n- Create and manage users and permissions\n- Integrated password recovery workflow\n\n## How to run\n\nFirst thing to do is to generate a private key and a certificate for the corresponding pulbic key. Self signed certificates are fine as well. Please note that the private key must not be encrypted.\n\n```sh\n$ openssl genrsa -out privkey.pem 2048\n$ openssl req -new -x509 -key privkey.pem -out certfile.pem -days 360\n```\n\nIn the following, suppose we deploy the registry and the authentication server on the following addresses\n\n- Registry: registry.example.com\n- Auth and ui: ui.registry.example.com\n\n\u003e It is also possibile to use just one domain name and rely on reverse proxy, see later on\n\nThen, you need to deploy a private docker registry with token authentication support. This is an example `config.yml` to configure token authentication on the registry\n\n```yml\n# config.yml\nversion: 0.1\nlog:\n  fields:\n    service: registry\nstorage:\n  cache:\n    blobdescriptor: inmemory\n  filesystem:\n    rootdirectory: /var/lib/registry\n  delete:\n    enabled: true\nhttp:\n  addr: :5000\nauth:\n  token:\n    realm: https://ui.registry.example.com/v1/auth/\n    service: registry.example.com\n    issuer: ui.registry.example.com\n    rootcertbundle: /certfile.pem\nhealth:\n  storagedriver:\n    enabled: true\n    interval: 10s\n    threshold: 3\n```\n\n```yml\n# docker-compose.yml\nversion: '3'\n\nservices:\n\n  registry-srv:\n    restart: always\n    image: registry:2\n    ports:\n      - 80:5000\n    volumes:\n      # persist uploaded images\n      - ./registry:/var/lib/registry\n      # share certificate file for token validation\n      - ./certfile.pem:/certfile.pem\n      # share configuration file\n      - ./config.yml:/etc/docker/registry/config.yml\n\n```\n\nTo deploy the UI we need a configuration file (in env format) and a docker-compose.yml\n\n```yml\n# docker-compose.yml\nversion: '3'\n\nservices:\n\n  registry-web:\n    restart: always\n    image: inmagik/registryo:latest\n    env_file:\n      # Configuration file\n      - ./config.env\n    ports:\n      - 8080:80\n    volumes:\n      # Persist user db\n      - ./data:/data\n      # Share private key to sign tokens\n      - ./privkey.pem:/code/privkey.pem\n      # Share certificate file to verify tokens\n      - ./certfile.pem:/code/certfile.pem\n```\n\n```ini\n# config.env\nSERVER_FQDN=ui.registry.example.com\nREGISTRY_NAME=registry.example.com\nREGISTRY_URL=https://registry.example.com/v2\nEMAIL_FROM=NoReply \u003cnoreply@example.com\u003e\n\n# If you want to use SendInBlue to send emails\nEMAIL_DRIVER=sendinblue\nSENDINBLUE_API_KEY=xkeysib-s3cr3t\n\n# If you want to use plain SMTP\nEMAIL_BACKEND=smtp\nEMAIL_HOST=smtp.example.com\nEMAIL_PORT=22\nEMAIL_HOST_USER=example\nEMAIL_HOST_PASSWORD=s3cr3t\nEMAIL_USE_TLS=1             # Set this only if needed\nEMAIL_USE_SSL=0             # Set this only if needed\nEMAIL_TIMEOUT=              # Set this only if needed\nEMAIL_SSL_KEYFILE=          # Set this only if needed\nEMAIL_SSL_CERTFILE=         # Set this only if needed\n\n# If you don't want emails\nEMAIL_BACKEND=none\n```\n\nCreate two directories (one for registry and one for the web ui), with those configuration files, then run `docker-compose up -d` in both directories.\n\nFinally, we need to create the first user in the web ui. This user will be the *superadmin* of your installation, so choose credentials carefully.\n\nMove with the terminal in the directory where you put the web ui configuration files and run `docker-compose exec registry-web setup`, fill in the required information and you should be ready to access the web ui listening at `http://localhost:8080`! \n\n## Other deployment setups\n\nIn the `deploy` folder of this repository you can find some example configurations to deploy the registry and the authentication service in some common environments.\n\n- **standard**: dual host configuration, as described in this readme\n- **traefik**: single host with reverse proxy, using Traefik\n- **nginx**: single host with reverse proxy, using Nginx\n\n## Contributing\n\nContributions are always welcome, given the conformance to the [code of conduct](https://github.com/inmagik/docker-registry-ui/blob/main/CODE_OF_CONDUCT.md).\n\nFor instance, you may contribute by:\n\n- fixing bugs\n- adding new languages to the web interface\n- adding new common deployment configurations\n\nIf you have some deployment configuration you wish to share, please remember to anonimize the FQDNs and DNSs entries. You can use `example.com` and subdomains to this extent. ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finmagik%2Fregistryo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finmagik%2Fregistryo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finmagik%2Fregistryo/lists"}