我在 StackOverflow 上发现了很多与这个问题同名的问题。
但是没有一个问题或答案可以帮助我解决我的问题
(我使用example.com
而不是我自己的域)。
当我尝试像这样登录到我的注册表时:
docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
我收到此错误:
Error response from daemon: Get https://registry.example.com/v2/: denied: access forbidden
如果我卷曲网址:
curl https://registry.example.com/v2/
我得到这个 json 作为响应。
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}
我已经使用 docker-compose 文件设置了 Gitlab:
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.example.com'
nginx['listen_port'] = 8081
nginx['listen_https'] = false
registry_external_url 'https://registry.example.com'
registry['registry_http_addr'] = "gitlab.example.com:5050"
registry_nginx['listen_port'] = 5005
registry_nginx['listen_https'] = false
ports:
- '8081:8081'
- '5050:5005'
- '22:22'
volumes:
- '/home/user/gitlab/config:/etc/gitlab'
- '/home/user/gitlab/logs:/var/log/gitlab'
- '/home/user/gitlab/data:/var/opt/gitlab'
我已经使用(certbot/LetsEncrypt)像这样设置了我的 NGINX:
server {
server_name registry.example.com www.registry.example.com;
location / {
proxy_pass http://192.168.0.30:5050;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/registry.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/registry.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.registry.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = registry.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name registry.example.com www.registry.example.com;
listen 80;
return 404; # managed by Certbot
}