This commit is contained in:
parent
9f4581e4b0
commit
4cba7722cd
@ -8,3 +8,4 @@
|
|||||||
roles:
|
roles:
|
||||||
- vault
|
- vault
|
||||||
- traefik
|
- traefik
|
||||||
|
- registry
|
9
project/roles/registry/handlers/main.yml
Normal file
9
project/roles/registry/handlers/main.yml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
- name: reload systemd
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: yes
|
||||||
|
|
||||||
|
- name: restart registry
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: registry
|
||||||
|
state: restarted
|
21
project/roles/registry/tasks/main.yml
Normal file
21
project/roles/registry/tasks/main.yml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
---
|
||||||
|
- name: Create registry.service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: registry.service.j2
|
||||||
|
dest: /etc/systemd/system/registry.service
|
||||||
|
notify:
|
||||||
|
- reload systemd
|
||||||
|
- restart registry
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
||||||
|
|
||||||
|
- name: Ensure service is started
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: started
|
||||||
|
name: registry
|
||||||
|
|
||||||
|
- name: Ensure service is enabled
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
enabled: yes
|
||||||
|
name: registry
|
28
project/roles/registry/templates/registry.service.j2
Normal file
28
project/roles/registry/templates/registry.service.j2
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Registry Container
|
||||||
|
After=docker.service
|
||||||
|
After=dockerdata.mount
|
||||||
|
Requires=docker.service
|
||||||
|
Requires=dockerdata.mount
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
TimeoutStartSec=0
|
||||||
|
Restart=always
|
||||||
|
ExecStartPre=-/usr/bin/docker stop registry
|
||||||
|
ExecStartPre=-/usr/bin/docker rm registry
|
||||||
|
ExecStartPre=-/usr/bin/docker pull registry:2
|
||||||
|
ExecStart=/usr/bin/docker run \
|
||||||
|
-e "REGISTRY_AUTH=htpasswd" \
|
||||||
|
-e "REGISTRY_AUTH_HTPASSWD_REALM=registry.t-juice.club" \
|
||||||
|
-e "REGISTRY_AUTH_HTPASSWD_PATH=/htpasswd" \
|
||||||
|
-l "traefik.enable=true" \
|
||||||
|
-l "traefik.http.routers.registry.rule=Host(`registry.t-juice.club`)" \
|
||||||
|
-l "traefik.http.routers.registry.tls=true" \
|
||||||
|
-l "traefik.http.routers.registry.tls.certresolver=le" \
|
||||||
|
-v /dockerdata/registry-data:/var/lib/registry \
|
||||||
|
-v /var/registry/htpasswd:/htpasswd \
|
||||||
|
--network proxy \
|
||||||
|
--name registry registry:2
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user