commit afd3136e8efe2cbd477cb6db7be5ad7b2eb7efc6 · pyrox.dev/nixpkgs

+33 -8

nixos/modules/services/misc/docker-registry.nix

···

       42
       42
        
           };

     

       43
       43
        
         };

     

       44
       44
        
       

     

       45
       45
       +
         configFile = pkgs.writeText "docker-registry-config.yml" (builtins.toJSON (registryConfig // cfg.extraConfig));

     

       46
       46
       +
       

     

       45
       47
        
       in {

     

       46
       48
        
         options.services.dockerRegistry = {

     

       47
       49
        
           enable = mkEnableOption "Docker Registry";

     
···

       70
       72
        
             description = "Enable delete for manifests and blobs.";

     

       71
       73
        
           };

     

       72
       74
        
       

     

       73
       73
       -
           enableRedisCache = mkOption {

     

       74
       74
       -
             type = types.bool;

     

       75
       75
       -
             default = false;

     

       76
       76
       -
             description = "Enable redis as blob cache instade of inmemory.";

     

       77
       77
       -
           };

     

       75
       75
       +
           enableRedisCache = mkEnableOption "redis as blob cache";

     

       78
       76
        
       

     

       79
       77
        
           redisUrl = mkOption {

     

       80
       78
        
             type = types.str;

     
···

       94
       92
        
             '';

     

       95
       93
        
             default = {};

     

       96
       94
        
             type = types.attrsOf types.str;

     

       95
       95
       +
           };

     

       96
       96
       +
       

     

       97
       97
       +
           enableGarbageCollect = mkEnableOption "garbage collect";

     

       98
       98
       +
       

     

       99
       99
       +
           garbageCollectDates = mkOption {

     

       100
       100
       +
             default = "daily";

     

       101
       101
       +
             type = types.str;

     

       102
       102
       +
             description = ''

     

       103
       103
       +
               Specification (in the format described by

     

       104
       104
       +
               <citerefentry><refentrytitle>systemd.time</refentrytitle>

     

       105
       105
       +
               <manvolnum>7</manvolnum></citerefentry>) of the time at

     

       106
       106
       +
               which the garbage collect will occur.

     

       107
       107
       +
             '';

     

       97
       108
        
           };

     

       98
       109
        
         };

     

       99
       110
        
       

     
···

       102
       113
        
             description = "Docker Container Registry";

     

       103
       114
        
             wantedBy = [ "multi-user.target" ];

     

       104
       115
        
             after = [ "network.target" ];

     

       105
       105
       -
             script = let

     

       106
       106
       -
               configFile = pkgs.writeText "docker-registry-config.yml" (builtins.toJSON (registryConfig // cfg.extraConfig));

     

       107
       107
       -
             in ''

     

       116
       116
       +
             script = ''

     

       108
       117
        
               ${pkgs.docker-distribution}/bin/registry serve ${configFile}

     

       109
       118
        
             '';

     

       110
       119
        
       

     
···

       112
       121
        
               User = "docker-registry";

     

       113
       122
        
               WorkingDirectory = cfg.storagePath;

     

       114
       123
        
             };

     

       124
       124
       +
           };

     

       125
       125
       +
       

     

       126
       126
       +
           systemd.services.docker-registry-garbage-collect = {

     

       127
       127
       +
             description = "Run Garbage Collection for docker registry";

     

       128
       128
       +
       

     

       129
       129
       +
             restartIfChanged = false;

     

       130
       130
       +
             unitConfig.X-StopOnRemoval = false;

     

       131
       131
       +
       

     

       132
       132
       +
             serviceConfig.Type = "oneshot";

     

       133
       133
       +
       

     

       134
       134
       +
             script = ''

     

       135
       135
       +
               ${pkgs.docker-distribution}/bin/registry garbage-collect ${configFile}

     

       136
       136
       +
               ${pkgs.systemd}/bin/systemctl restart docker-registry.service

     

       137
       137
       +
             '';

     

       138
       138
       +
       

     

       139
       139
       +
             startAt = optional cfg.enableGarbageCollect cfg.garbageCollectDates;

     

       115
       140
        
           };

     

       116
       141
        
       

     

       117
       142
        
           users.extraUsers.docker-registry = {

+17 -3

nixos/tests/docker-registry.nix

···

       3
       3
        
       import ./make-test.nix ({ pkgs, ...} : {

     

       4
       4
        
         name = "docker-registry";

     

       5
       5
        
         meta = with pkgs.stdenv.lib.maintainers; {

     

       6
       6
       -
           maintainers = [ globin ma27 ];

     

       6
       6
       +
           maintainers = [ globin ma27 ironpinguin ];

     

       7
       7
        
         };

     

       8
       8
        
       

     

       9
       9
        
         nodes = {

     
···

       12
       12
        
             services.dockerRegistry.enableDelete = true;

     

       13
       13
        
             services.dockerRegistry.port = 8080;

     

       14
       14
        
             services.dockerRegistry.listenAddress = "0.0.0.0";

     

       15
       15
       +
             services.dockerRegistry.enableGarbageCollect = true;

     

       15
       16
        
             networking.firewall.allowedTCPPorts = [ 8080 ];

     

       16
       17
        
           };

     

       17
       18
        
       

     
···

       23
       24
        
           client2 = { config, pkgs, ...}: {

     

       24
       25
        
             virtualisation.docker.enable = true;

     

       25
       26
        
             virtualisation.docker.extraOptions = "--insecure-registry registry:8080";

     

       26
       26
       -
             environment.systemPackages = [ pkgs.jq ];

     

       27
       27
        
           };

     

       28
       28
        
         };

     

       29
       29
        
       

     
···

       35
       35
        
       

     

       36
       36
        
           $registry->start();

     

       37
       37
        
           $registry->waitForUnit("docker-registry.service");

     

       38
       38
       +
           $registry->waitForOpenPort("8080");

     

       38
       39
        
           $client1->succeed("docker push registry:8080/scratch");

     

       39
       40
        
       

     

       40
       41
        
           $client2->start();

     
···

       43
       44
        
           $client2->succeed("docker images | grep scratch");

     

       44
       45
        
       

     

       45
       46
        
           $client2->succeed(

     

       46
       46
       -
             'curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl registry:8080/v2/scratch/manifests/latest | jq ".fsLayers[0].blobSum" | sed -e \'s/"//g\')'

     

       47
       47
       +
             'curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl -fsS -I -H"Accept: application/vnd.docker.distribution.manifest.v2+json" registry:8080/v2/scratch/manifests/latest | grep Docker-Content-Digest | sed -e \'s/Docker-Content-Digest: //\' | tr -d \'\r\')'

     

       48
       48
       +
           );

     

       49
       49
       +
       

     

       50
       50
       +
           $registry->systemctl("start docker-registry-garbage-collect.service");

     

       51
       51
       +
           $registry->waitUntilFails("systemctl status docker-registry-garbage-collect.service");

     

       52
       52
       +
           $registry->waitForUnit("docker-registry.service");

     

       53
       53
       +
       

     

       54
       54
       +
           $registry->fail(

     

       55
       55
       +
             'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data'

     

       56
       56
       +
           );

     

       57
       57
       +
       

     

       58
       58
       +
           $client1->succeed("docker push registry:8080/scratch");

     

       59
       59
       +
           $registry->succeed(

     

       60
       60
       +
             'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data'

     

       47
       61
        
           );

     

       48
       62
        
         '';

     

       49
       63
        
       })