diff --git a/tau.yml b/tau.yml
index 60bb1f7..5652e28 100644
--- a/tau.yml
+++ b/tau.yml
@@ -5,6 +5,9 @@
vars:
ansible_python_interpreter: /usr/bin/python3
+ docker_registry_port: 5000 # this is the reg standard port
+ docker_registry_domain: "docker-registry.n39.eu"
+
roles:
- role: docker_setup
- role: apache
@@ -31,6 +34,8 @@
deploy_challenge_hook: "/bin/systemctl restart apache2"
- name: "mysql.adm.netz39.de"
deploy_challenge_hook: "/bin/systemctl restart apache2"
+ - name: "{{ docker_registry_domain }}"
+ deploy_challenge_hook: "/bin/systemctl restart apache2"
- name: Setup forward site reservierung.netz39.de
include_role:
@@ -68,3 +73,42 @@
vars:
site_name: mysql.adm.netz39.de
proxy_port: 9001
+
+
+ - name: Check if Docker Registry auth dir exists
+ ansible.builtin.stat:
+ path: "/srv/docker/registry/auth"
+ register: docker_dir
+ - name: Fail if docker registry data dir does not exist
+ ansible.builtin.fail:
+ msg: "Docker Registry auth dir is missing, please restore from the backup!"
+ when: not docker_dir.stat.exists
+ - name: Ensure the Docker Registry data directory exists
+ # This may not be part of the backup
+ file:
+ path: "/srv/docker/registry/data"
+
+ - name: Setup Docker Registry Container
+ docker_container:
+ name: registry
+ image: "registry:2"
+ pull: true
+ state: started
+ restart_policy: unless-stopped
+ detach: yes
+ ports:
+ - 127.0.0.1:{{ docker_registry_port }}:{{ docker_registry_port }}
+ env:
+ REGISTRY_HTTP_HOST: "https://{{ docker_registry_domain }}"
+ REGISTRY_AUTH_HTPASSWD_REALM: "Netz39 Docker Registry"
+ REGISTRY_AUTH_HTPASSWD_PATH: "/auth/htpasswd"
+ volumes:
+ - "/srv/docker/registry/data:/var/lib/registry:rw"
+ - "/srv/docker/registry/auth:/auth:rw"
+
+ - name: Setup proxy site for the Docker Registry
+ include_role:
+ name: setup-http-site-proxy
+ vars:
+ site_name: "{{ docker_registry_domain }}"
+ proxy_port: "{{ docker_registry_port }}"