diff --git a/playbooks/groups/docker-registry.yml b/playbooks/groups/docker-registry.yml index 8cdfadfdde..f28d650ee9 100644 --- a/playbooks/groups/docker-registry.yml +++ b/playbooks/groups/docker-registry.yml @@ -28,3 +28,63 @@ handlers: - include: "{{ handlers }}/restart_services.yml" + +- name: setup docker distribution registry + hosts: docker-registry:docker-registry-stg + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - /srv/private/ansible/vars.yml + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + + # NOTE: tls is disabled for docker-distribution because we are listening only + # on localhost and all external connections will be through httpd which + # will be SSL enalbed. + roles: + - { + role: docker-distribution, + conf_path: "/etc/docker-distribution/registry/config.yml", + tls: { + enabled: False, + }, + log: { + fields: { + service: "registry" + } + }, + storage: { + cache: { + layeredinfo: "inmemory" + }, + filesystem: { + rootdirectory: "/srv/" + }, + httpd: { + addr: "localhost:5000" + }, + when: env == "staging" + } + - { + role: docker-distribution, + conf_path: "/etc/docker-distribution/registry/config.yml", + tls: { + enabled: False, + }, + log: { + fields: { + service: "registry" + } + }, + storage: { + cache: { + layeredinfo: "inmemory" + }, + filesystem: { + rootdirectory: "/srv/" + }, + httpd: { + addr: "localhost:5000" + }, + when: env == "production" + } +