Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


UNSOLVED Gitlab how to run container registry

  • App Dev

    The reason for my private docker registry: I want to keep my things on my own infrastructure and not somewhere public on docker hub. That's why I'm currently running my own docker registry from where I push the images to my cloudrons.

    I migrated most of my custom apps to official cloudron apps (used to do custom WordPress and LAMPs for various reasons and some apps made it to the store), so only a few that aren't released yet (and some probably never will) are left, but those need to be available at all times - did a cloudron version update the other day and realized that the ssl cert of the registry needed a refresh, else the apps couldn't get reconfigured and would be in an erronous state. Would be nice to have a solution on some dev cloudron which handles those images so I don't have to run that single vm with the docker registry.

  • Staff

    @msbt how do you handle backups for the registry right now?

  • App Dev

    I don't, since those images can easily be rebuilt. It's a proxmox host and I've backed up the vm itself, it the server dies at some point, I'll just migrate to a different one.

  • App Dev

    @girish The registry container just stores the images on its filesystem, doesn't it?

  • Staff

    @mehdi yes, but it seems one can also configure them to use S3 and the likes. I was just wondering what people usually do.


  • @girish mainly I just want an all-in-one solution that works out of the box. Since registry comes (in most cases) bundled with Gitlab itself, this should be no problem. A crucial thing to look into would be container registry garbage collection since registry data can pile up easily. Basically it would be totally okay if the registry data were saved and backed up on the server itself. For small environments this would be fine and If you run a larger Gitlab instance you should be prepared anyways.

    If Gitlab Registry is a seperate service, you could already use Cloudrons ability to configure backup bevavior and storage location. This would be nice for some use cases but not a basic requirement.

    PS: For external/cloud storage you could already use MinIO which is available on Cloudron ^^


  • @subven GitLab registry is basically "just" a configuration to use the registry api through GitLab. It's a regular Docker product - https://docs.docker.com/registry/

  • Staff

    I went down the container registry rabbit hole. In the end, it seems that it provides gitlab's authentication layer for the docker registry i.e users/groups/projects have same permissions in the registry as of gitlab. It has a limitation that the registry and the gitlab have to be on the same server. There is some strange path sharing requirement that I don't completely understand - https://docs.gitlab.com/ce/administration/packages/container_registry.html#use-file-system

    I think an alternate approach is get Harbor working. It looks simple enough to deploy since it's a Go app and also has LDAP. This will then work with GitLab CI/CD (nice article). This won't bring in gitlab's auth into the registry though. Are people looking for something like that? (it seems something for big enterprises).


  • @girish I just really need a private registry within cloudron.

    Have private code waiting to become a private app and this is a show stopper road block.


  • @girish I definitely have a use case for this despite not being a super-huge enterprise, which is why I'm trying to get it done. And I will - it's just a matter of time 🙂

    I'm not against Harbor, etc. but I do need this to work which is why I'm on it 🙂