TrueCloudLab/distribution
13
0
Fork 3
Code Issues 3 Pull requests Projects Releases 2 Packages Wiki Activity Actions

Merge pull request #6912 from perlun/patch-1

Browse source 
nginx.md: Add note about potential security isues
This commit is contained in:
L-Hudson 2019-01-23 15:17:53 -05:00 committed by GitHub
commit 3aa9c1e8f8
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
docs/recipes/nginx.md
View file

@ -38,6 +38,11 @@ you want through the secondary authentication mechanism implemented inside your
proxy, it also requires that you move TLS termination from the Registry to the proxy, it also requires that you move TLS termination from the Registry to the
proxy itself. proxy itself.
> ***NOTE:*** Docker does not recommend binding your registry to `localhost:5000` without
> authentication. This creates a potential loophole in your Docker Registry security.
> As a result, anyone who can log on to the server where your Docker Registry is running
> can push images without authentication.
Furthermore, introducing an extra http layer in your communication pipeline Furthermore, introducing an extra http layer in your communication pipeline
makes it more complex to deploy, maintain, and debug. Make sure the extra makes it more complex to deploy, maintain, and debug. Make sure the extra
complexity is required. complexity is required.