Stephen Day
d707ea2428
Merge pull request #2469 from felixbuenemann/letsencrypt-host-whitelist-support
...
Let's Encrypt Host Whitelist Support
2018-02-06 16:11:20 -08:00
Felix Bünemann
4ecb17cc4c
registry: support whitelisting letsencrypt hosts
...
This adds a configuration setting `HTTP.TLS.LetsEncrypt.Hosts` which can
be set to a list of hosts that the registry will whitelist for retrieving
certificates from Let's Encrypt. HTTPS connections with SNI hostnames
that are not whitelisted will be closed with an "unknown host" error.
It is required to avoid lots of unsuccessful registrations attempts that
are triggered by malicious clients connecting with bogus SNI hostnames.
NOTE: Due to a bug in the deprecated vendored rsc.io/letsencrypt library
clearing the host list requires deleting or editing of the cachefile to
reset the hosts list to null.
Signed-off-by: Felix Buenemann <felix.buenemann@gmail.com>
2018-02-01 21:16:58 +01:00
Misty Stanley-Jones
a4c32bce50
Fixed broken storage driver link
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2018-01-25 14:54:50 -08:00
Per Lundberg
aac2f6c8b7
api.md: Fixed incorrect grammar
...
I noted this while reading at https://docs.docker.com/registry/spec/api/
Signed-off-by: Per Lundberg <perlun@gmail.com>
2018-01-02 12:49:31 +02:00
Viktor Stanchev
e9864ce8b9
disable schema1 by default, add a config flag to enable it
...
port of #2473
Signed-off-by: Viktor Stanchev <me@viktorstanchev.com>
2017-12-19 10:23:25 -08:00
Derek McGowan
f411848591
Merge pull request #2447 from tifayuki/cloudfront-s3-filter
...
add s3 region filters for cloudfront
2017-12-07 10:04:35 -08:00
tifayuki
e8ecc6dc55
add s3 region filters for cloudfront
...
Signed-off-by: tifayuki <tifayuki@gmail.com>
2017-12-01 15:58:58 -08:00
Liron Levin
c785740af7
Create and populate htpasswd file if missing
...
If htpasswd authentication option is configured but the htpasswd file is
missing, populate it with a default user and automatically generated
password.
The password will be printed to stdout.
Signed-off-by: Liron Levin <liron@twistlock.com>
2017-11-01 12:30:25 +02:00
Misty Stanley-Jones
fda42e5ef9
Fix keyword format for downstream docs
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2017-10-24 15:26:28 -07:00
Jon Johnson
3d7803ec8c
Fix typo in api spec
...
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2017-07-28 10:13:32 -07:00
Stephen Day
cb851f6598
Merge pull request #2345 from mstanleyjones/put-back-image
...
Put back v2-registry-auth.png
2017-07-24 15:01:48 -07:00
Misty Stanley-Jones
1d95716792
Put back v2-registry-auth.png
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2017-07-24 14:27:16 -07:00
Stephen J Day
5e5156afa3
api: url typo in specification
...
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-07-18 14:48:55 -07:00
Ina Panova
5ccd03d28a
Fixing image manifest schema2 medaitype typo in docs.
...
Signed-off-by: Ina Panova <ipanova@redhat.com>
2017-06-23 12:25:52 +02:00
Misty Stanley-Jones
b0f98e9382
Put architecture.md back into distribution repo
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2017-05-23 11:24:11 -07:00
Derek McGowan
ce936a8591
Merge pull request #2262 from m-masataka/add_description_of_timeout
...
DOC:configuration.md: Change description of interval.
2017-05-05 11:45:43 -07:00
Masataka Mizukoshi
7d8dab5fdc
DOC:configuration.md: Change description of interval.
...
Signed-off-by: Masataka Mizukoshi <m.mizukoshi.wakuwaku@gmail.com>
2017-05-04 19:14:29 +00:00
Luis Lobo Borobia
212f47c318
Fixed #htpasswd link
...
Fixed #htpasswd link
Signed-off-by: Luis Lobo Borobia <luislobo@gmail.com>
2017-05-03 23:19:44 -05:00
Masataka Mizukoshi
05ac637aec
DOC:configuration.md: Change description of interval.
...
Signed-off-by: Masataka Mizukoshi <m.mizukoshi.wakuwaku@gmail.com>
2017-05-01 09:28:32 +00:00
Misty Stanley-Jones
6ee03f5da7
Improve formatting of configuration.md
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2016-12-29 11:32:31 -08:00
Joao Fernandes
a24f2a6d78
Format configuration.md with code fences to avoid render issues
...
Signed-off-by: Joao Fernandes <joao.fernandes@docker.com>
2016-12-15 14:35:24 -08:00
Antonio Murdaca
0fb25dd094
registry/handles/app: always append default urls regexps
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-12-05 20:28:51 +01:00
Misty Stanley-Jones
8e703afdc6
Fix doubled words
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2016-11-28 11:29:11 -08:00
Derek McGowan
8d096a4f42
Merge pull request #1969 from TrumanLing/master
...
api.md:fix disordered placement of section "Deleting a Layer"
2016-11-23 13:59:17 -08:00
Derek McGowan
e10634f8c3
Update scope specification for resource class
...
Update grammar to support a resource class. Add
example for plugin repository class.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-11-21 13:32:12 -08:00
Derek McGowan
9cc7c94e4e
Merge pull request #2052 from RichardScothern/fix-links
...
Fix storage driver links
2016-11-11 09:05:44 -08:00
Richard Scothern
09b2d06d5d
Fix storage driver links
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-11-10 14:28:28 -08:00
Victor Vieux
b82a2efc33
switch to v1 and remove .image
...
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-10 11:39:15 -08:00
LingFaKe
0c42a73b70
api.md/api.md.tmpl:format wrong style of section "Deleting a Layer"
...
Signed-off-by: Ling FaKe <lingfake@huawei.com>
2016-10-19 09:07:13 +08:00
Derek McGowan
4dd19db95b
Merge pull request #2007 from qar/fix/docs
...
Fix documentation typo
2016-10-17 11:40:35 -07:00
Qiao Anran
3d703a0b82
Fix documentation typo
...
Signed-off-by: Qiao Anran <qiaoanran@gmail.com>
2016-10-17 14:58:29 +08:00
Misty Stanley-Jones
f180e9a934
Convert Markdown frontmatter to YAML
...
Some frontmatter such as the weights, menu stuff, etc is no longer used
'draft=true' becomes 'published: false'
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2016-10-14 15:59:19 -07:00
Misty Stanley-Jones
3ac8dea66a
Add back configuration.md and add clarification to README.md
...
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2016-10-13 11:49:49 -07:00
John Mulhausen
da8bcbb302
Remove old documentation source, add README on migration
...
Signed-off-by: John Mulhausen <john@docker.com>
2016-10-13 11:49:17 -07:00
Richard Scothern
99cb7c0946
Merge pull request #1973 from dmcgowan/clarify-oauth-docs
...
Add note about implementation of oauth2
2016-09-26 16:28:29 -07:00
Derek McGowan
f193270c89
Add note about implementation of oauth2
...
Reading the oauth2 token documentation is misleading as it makes
no mention of it being a newer feature which may not be supported
by the token server. Add a note mentioning if it is not supported
to refer to the token documentation for getting a token.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-09-26 15:39:00 -07:00
Richard Scothern
cfad4321c1
Merge pull request #1957 from nwt/notification-filtering
...
Add notification filtering by target media type
2016-09-19 10:41:03 -07:00
Noah Treuhaft
ad6bb66faf
Add notification filtering by target media type
...
The Hub registry generates a large volume of notifications, many of
which are uninteresting based on target media type. Discarding them
within the notification endpoint consumes considerable resources that
could be saved by discarding them within the registry. To that end,
this change adds registry configuration options to restrict the
notifications sent to an endpoint based on target media type.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-09-16 12:01:03 -07:00
Noah Treuhaft
4034ff65f0
Add configuration option to disable access logging
...
Access logging is great. Access logging you can turn off is even
better. This change adds a configuration option for that.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-09-14 14:33:30 -07:00
Richard Scothern
49c1a62cb2
Merge pull request #1940 from dmcgowan/lets-encrypt-port-note
...
Add note about required let's encrypt port
2016-09-01 16:13:18 -07:00
Derek McGowan
279c02a3ce
Add note about required let's encrypt port
...
Let's Encrypt uses tls-sni to validate the certificate
on the standard https port 443. If the registry is
outwardly listening on a different port Let's Encrypt
will not issue a certificate.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-09-01 15:11:44 -07:00
Fabio Berchtold
7dcac52f18
Add v2 signature signing to S3 storage driver ( #1800 )
...
* Add v2 signature signing to S3 storage driver
Closes #1796
Closes #1606
Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>
* use Logrus for debug logging
Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>
* use 'date' instead of 'x-amz-date' in request header
Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>
* only allow v4 signature signing against AWS S3
Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>
2016-09-01 13:52:40 -07:00
Stephen J Day
6bcdb38b92
spec/manifest: clarify relationship between urls and foreign layers
...
Previously, the specificiation incorrectly bound the fates of `urls` and
foreign layers. These are complementary but unrelated features, in that
the `urls` field may be populated for layers that aren't foreign. The
type of the layer only dictates the push behavior of the layer, rather
than involving where it came from.
For example, one may pull a foreign layer from a registry, but they may
not push it back to another registry. Conversely, a layer that has no
restrictions on push/pull behavior may be fetched via `urls` entries.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2016-08-29 18:34:55 -07:00
Randy Barlow
63b2e74b46
Fix an erroneous comma in documentation JSON.
...
Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
2016-08-23 13:39:24 -04:00
Ben Bodenmiller
1f248a80a6
improve command formatting
...
Signed-off-by: Ben Bodenmiller <bbodenmiller@hotmail.com>
2016-08-19 02:33:02 -07:00
Richard Scothern
010e063270
Merge pull request #1906 from nwt/s3-multipart-copy
...
Use multipart upload API in S3 Move method
2016-08-17 15:22:32 -07:00
Richard Scothern
c4297ef9da
Merge pull request #1839 from adamvduke/adamvduke/allow-http2-registry-clients
...
Allow registry clients to connect via http2
2016-08-16 11:48:06 -07:00
Noah Treuhaft
63468ef4a8
Use multipart upload API in S3 Move method
...
This change to the S3 Move method uses S3's multipart upload API to copy
objects whose size exceeds a threshold. Parts are copied concurrently.
The level of concurrency, part size, and threshold are all configurable
with reasonable defaults.
Using the multipart upload API has two benefits.
* The S3 Move method can now handle objects over 5 GB, fixing #886 .
* Moving most objects, and espectially large ones, is faster. For
example, moving a 1 GB object averaged 30 seconds but now averages 10.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-08-16 10:53:24 -07:00
Stefan Majewsky
a7c6bfd59f
[swift] support different user-domain and tenant-domain
...
This is already supported by ncw/swift, so we just need to pass the
parameters from the storage driver.
Signed-off-by: Stefan Majewsky <stefan.majewsky@sap.com>
2016-08-15 11:21:42 +02:00
Adam Duke
ac009c86f1
Allow registry clients to connect via http2
...
Http2 will be enabled by default and can be disabled with a configuration option.
Signed-off-by: Adam Duke <adam.v.duke@gmail.com>
2016-08-13 22:07:42 -04:00
Frank Chen
87917f3052
Add 'objectAcl' Option to the S3 Storage Backend ( #1867 )
...
* Add Object ACL Support to the S3 Storage Backend
Signed-off-by: Frank Chen <frankchn@gmail.com>
* Made changes per @RichardScothern's comments
Signed-off-by: Frank Chen <frankchn@gmail.com>
* Fix Typos
Signed-off-by: Frank Chen <frankchn@gmail.com>
2016-07-27 12:26:57 -07:00
Richard Scothern
2b72dd3927
Merge pull request #1829 from nwt/foreign-layer-host-whitelist
...
Add a foreign layer URL host whitelist
2016-07-21 16:02:20 -07:00
Noah Treuhaft
61e5803b56
Add control over validation of URLs in pushed manifests
...
Until we have some experience hosting foreign layer manifests, the Hub
operators wish to limit foreign layers on Hub. To that end, this change
adds registry configuration options to restrict the URLs that may appear
in pushed manifests.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-07-19 14:38:42 -07:00
Aaron Lehmann
b0099004e2
Document TOOMANYREQUESTS error code
...
Add entries with this error code in registry/api/v2/descriptors.go.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-07-12 12:18:54 -06:00
Sven Dowideit
a1c1349eac
Stop hugo from making the example URL into a link
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-27 10:15:26 +10:00
Sven Dowideit
82bdab7d48
Replace google docs image link with one in this repo
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-22 13:08:56 +00:00
Richard Scothern
edd7cb5249
Merge pull request #1739 from cezarsa/master
...
[Swift] Expose EndpointType parameter in driver
2016-06-15 10:33:48 -07:00
Sven Dowideit
51be30beb1
Move the building.md doc to the top of the git repo
...
Closes #1776
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-15 20:26:16 +10:00
Victoria Bialas
c0987a9e1b
fixed broken link due to topic re-org in PR#23492
...
Signed-off-by: Victoria Bialas <victoria.bialas@docker.com>
2016-06-14 13:56:17 -07:00
Cezar Sa Espinola
afb262bd5f
Update swift driver docs removing dup table and adding endpointtype
...
Signed-off-by: Cezar Sa Espinola <cezarsa@gmail.com>
2016-06-13 19:30:24 -03:00
Aaron Lehmann
9198d642ba
Merge pull request #1779 from dmcgowan/letsencrypt-support
...
Let's Encrypt support
2016-06-13 10:48:55 -10:00
Richard Scothern
015df6cdea
Add documentation for let's encrypt
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-06-13 11:45:18 -07:00
Richard Scothern
352924cd85
Clarify API documentation around catalog fetch behavior
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-06-08 10:39:17 -07:00
Sven Dowideit
b448455011
Revert to using the full URL, as the OSS checker doesn't have access to the non-OSS docs
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-02 18:22:02 +00:00
allencloud
db90724ab0
fix typos
...
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-06-02 23:03:27 +08:00
Sven Dowideit
bb330cd684
Merge pull request #1762 from SvenDowideit/more-docs-validation-cleanups
...
Next load of docs validation fixes
2016-06-01 11:25:54 -07:00
Richard Scothern
df2184c810
Merge pull request #1627 from luckyraul/swift_auth_url
...
Swift auth version param
2016-06-01 11:23:23 -07:00
Sven Dowideit
e4acec1806
Next load of docs validation fixes
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-01 18:18:17 +00:00
Sven Dowideit
bf4eb92f56
Add topics to the menu
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-05-31 21:31:25 +00:00
Sven Dowideit
1b9ab303a4
Merge pull request #1735 from SvenDowideit/move-menu-page
...
Make the index.html files the visible overview menu entry
2016-05-31 09:32:53 -07:00
Sven Dowideit
3069a04b8c
Make the index.html files the visible overview menu entry
...
And move menu entry definition into a page that the user has no reason to navigate to
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-05-28 01:02:40 +00:00
Richard Scothern
febcee6564
Add a deprecation document detailing signature store removal
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-27 14:51:59 -07:00
Richard Scothern
0c15ab6952
Remove signature store from registry. Return a generated signature for manifest
...
pull.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-27 13:19:26 -07:00
Derek McGowan
3207e0c112
Update auth documentation examples to show "expires in" as int
...
Go will fail to parse the examples since an int is expected rather than a string for the "expires in" value
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-05-25 11:43:36 -07:00
Ke Xu
79d6008a54
fix broken markdown
...
Signed-off-by: Ke Xu <leonhartx.k@gmail.com>
2016-05-24 16:33:30 +09:00
John Starks
f0052b8434
Add support for layers from foreign sources
...
This will be used to support downloading Windows base layers from
Microsoft URLs.
Signed-off-by: John Starks <jostarks@microsoft.com>
2016-05-20 12:31:10 -07:00
Nikita Tarasov
f18da7d3a3
update docs
...
Signed-off-by: Nikita Tarasov <nikita@mygento.ru>
2016-05-16 16:09:26 +03:00
cyli
8854eed7ab
Update the auth spec scope grammar to reflect the fact that hostnames are optionally supported.
...
Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-05-11 15:19:50 -07:00
Richard Scothern
050a30eac0
Merge pull request #1702 from RichardScothern/api.md
...
Remove the unimplemented monolithic upload section from the API
2016-05-10 13:43:25 +01:00
Richard Scothern
2a4deee441
Remove the unimplemented monolithic upload section from the API documentation.
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-04 15:58:08 -07:00
Mary Anthony
b0db8d49bd
Fixing issue identified by customer
...
Entering Seb's comment
Fix the flags
Signed-off-by: Mary Anthony <mary@docker.com>
2016-05-04 13:34:23 -07:00
Richard Scothern
c047d34b22
Merge pull request #1695 from tonyhb/add-regulator-to-filesystem
...
Add regulator to filesystem
2016-05-04 10:05:51 -07:00
Tony Holdstock-Brown
d0352a7448
Add documentation
...
Signed-off-by: Tony Holdstock-Brown <tony@docker.com>
2016-05-03 09:33:25 -07:00
Sven Dowideit
b7088d29c6
Merge pull request #1680 from SvenDowideit/use-docs-base-oss
...
convert docs Dockerfiles to use docs/base:oss
2016-05-03 10:48:11 +10:00
Sven Dowideit
e728c8bbed
convert docs Dockerfiles to use docs/base:oss
...
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-04-28 12:57:10 +00:00
Richard Scothern
a7dda2ce93
Merge pull request #1665 from andrewhsu/middleware-redirect
...
add middleware storage driver for redirect
2016-04-27 15:05:52 -07:00
Andrew Hsu
fe9509f8f3
added config doc for redirect middleware
...
Signed-off-by: Andrew Hsu <andrewhsu@acm.org> (github: andrewhsu)
2016-04-25 11:52:39 -07:00
Nikita Tarasov
b4f060599a
docs + fix test
...
Signed-off-by: Nikita Tarasov <nikita@mygento.ru>
2016-04-17 20:05:51 +03:00
Fabio Huser
17756eb43e
Clarify kid format for JWT token auth in docs
...
The kid value can have an arbitrary format according JOSE specification, but Docker distribution expects a specific format (libtrust fingerprint) to work. This is not written in the documentation so far and is only mentioned in the libtrust source code itself.
Signed-off-by: Fabio Huser <fabio@fh1.ch>
2016-04-17 12:04:15 +02:00
Richard Scothern
b72d74464a
Correction for JSON example.
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-15 09:22:44 -07:00
Mary Anthony
6bce49d51d
Updated per conversation with Richard
...
Removing draft
Richard's comments and some fixes
Signed-off-by: Mary Anthony <mary@docker.com>
2016-04-13 06:43:11 -07:00
Richard Scothern
f9bcbd44ca
Extend garbage collection documentation.
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-11 17:43:25 -07:00
Richard Scothern
55f1b7651f
Merge pull request #1590 from RichardScothern/s3-permission-scopes
...
Document required IAM permissions for S3 storage driver.
2016-04-06 14:46:12 -07:00
Richard Scothern
e4817cfc94
Remove ListAllMyBuckets from the S3 permission scope.
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-06 14:22:08 -07:00
Phil Estes
bf9f80eaff
Correct examples and architecture references in v2.2 spec
...
Add link to the official list of $GOOS and $GOARCH values and correct
values that were incorrectly listed in the spec examples.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
2016-04-03 17:50:22 -04:00
Richard Scothern
0f4427b3c3
Document required IAM permissions for S3 storage driver.
...
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-03-31 14:34:59 -07:00
Olivier Gambier
2c803d6fd0
Merge pull request #1587 from aaronlehmann/build-docs
...
docs: No need to change GOPATH to use vendored code
2016-03-31 14:04:57 -07:00
Aaron Lehmann
c3ec1745c0
docs: No need to change GOPATH to use vendored code
...
Now that we are using "native" Go vendoring, there is no need to
manipulate GOPATH.
Fixes #1586
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-03-31 10:46:02 -07:00
Aaron Lehmann
a11f6b6cfd
Merge pull request #1418 from dmcgowan/oauth-spec
...
Add specification for using OAuth with the token server
2016-03-31 10:42:12 -07:00
Richard Scothern
eb0b7f0173
Update the gc documentation.
...
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-03-30 16:57:21 -07:00