Private Docker Registry - Support multiple private registries

BrutalBirdie

I have multiple private registries.
Several Gitlab instances which function as docker registries, Cloudron Registry apps and so on.
The possibility to configure one is limiting and requires reconfiguration if a registry is changed or added.

One Example:
A custom app is being developed in Gitlab and this registry is configured in Cloudron.
Now an Docker Registry app is installed on the instance as well for fast testing with the Cloudron Build Service.
With the limitation to one private registry the configuration needs to be changed from an admin for the whole server.

robi

Have you made any progress on this, perhaps some automation to pull from various registries to the one configured on the Cloudron server?

BrutalBirdie

@robi nope

Kubernetes

During my testing with the private Docker Registry I found out, that if you install it without the Cloudron Authentication (leave user management to App) then it is possible to install apps from this registry, even if it is not registered in Cloudron as custom Registry

fbartels

@Kubernetes said in Private Docker Registry - Support multiple private registries:

I found out, that if you install it without the Cloudron Authentication (leave user management to App) then it is possible to install apps from this registry

Yes, but that is only the case because the app then defaults to no authentication at all. Meaning anybody could push images to the registry, possible even overriding your images with ones with modified code.

Therefore this is not really advisable.

Kubernetes

@fbartels Do you know if it is possible to change the configuration to only allow pushing from authenticated users?

fbartels

In the documentation is an example for using Gitlab for auth instead: https://docs.cloudron.io/apps/docker-registry/#without-cloudron-directory

But I don' t think there is way with the app to skip auth for local users only.