diff --git a/Caddyfile b/Caddyfile index 64b5f02..1a7d2e9 100644 --- a/Caddyfile +++ b/Caddyfile @@ -22,6 +22,36 @@ } } +dockerreg.mycloudhaus.xyz { + # Important: These headers are required for Docker Registry + header { + -Server + Docker-Distribution-Api-Version registry/2.0 + } + + # Reverse proxy with proper Docker Registry support + reverse_proxy 10.0.0.1:4555 { + # Forward all headers without modification + header_up Host {host} + header_up X-Real-IP {remote} + header_up X-Forwarded-For {remote} + header_up X-Forwarded-Proto {scheme} + + # Critical: Ensure chunked transfer encoding works + transport http { + read_buffer 4096 + write_buffer 4096 + max_response_header 8192 + } + } + + # Handle blob uploads correctly + handle_errors { + # If registry returns error, pass it through + respond "{http.error.status_code} {http.error.status_text}" + } +} + speed.mycloudhaus.xyz { route { crowdsec @@ -143,6 +173,7 @@ inv.mycloudhaus.xyz { crowdsec basic_auth { compile6639 $2a$14$AmsLzCKhcncRJEpXCF5XZ.sq/.9RCfKtY8bg89FKkE1fpU9Y.lSUK + miha $2y$05$N1Gr6khpOaZc5YDQp8quGuQk6phsE69GoLSB3d.w7RnRc8zyQn./6 } reverse_proxy 10.0.0.2:4000 } @@ -235,6 +266,27 @@ playlists.mycloudhaus.xyz { } } +play.mycloudhaus.xyz { + route { + crowdsec + } + reverse_proxy 10.0.0.2:4445 +} + +email.mycloudhaus.xyz { + route { + crowdsec + } + reverse_proxy 10.0.0.2:8025 +} + +translate.mycloudhaus.xyz { + route { + crowdsec + reverse_proxy 10.0.0.2:5555 + } +} + media.mycloudhaus.xyz { route { crowdsec @@ -264,6 +316,13 @@ convert.mycloudhaus.xyz { reverse_proxy 127.0.0.1:6000 } +learn.mycloudhaus.xyz { + basic_auth { + planky273 $2y$05$te50nAtF7oT1vHht3Qy3qOUC5DBAWodCD4xjwPkrFfHjoWrE1Wa1a + } + reverse_proxy 10.0.0.2:8889 +} + #prom.mycloudhaus.xyz { # basic_auth { # # Username "Bob", password "hiccup" diff --git a/quay_registry/config.yml b/quay_registry/config.yml new file mode 100644 index 0000000..7837af9 --- /dev/null +++ b/quay_registry/config.yml @@ -0,0 +1,26 @@ +version: 0.1 +log: + level: debug + fields: + service: registry +storage: + cache: + blobdescriptor: inmemory + filesystem: + rootdirectory: /var/lib/registry + delete: + enabled: true +http: + addr: :5000 + secret: generate-a-random-secret-here + headers: + X-Content-Type-Options: [nosniff] +validation: + manifests: + oci: + enabled: true +# proxy: # Comment out or remove +# remoteurl: https://quay.io # these lines +compatibility: + schema1: + enabled: true diff --git a/quay_registry/docker-compose.yml b/quay_registry/docker-compose.yml new file mode 100644 index 0000000..172d75f --- /dev/null +++ b/quay_registry/docker-compose.yml @@ -0,0 +1,13 @@ +services: + quay-mirror: + image: registry:3 # Use v3 instead of v2 + container_name: quay-mirror + restart: unless-stopped + ports: + - "10.0.0.1:4555:5000" + environment: + #- REGISTRY_PROXY_REMOTEURL=https://quay.io + - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry + - REGISTRY_HTTP_SECRET=generate-a-random-secret-here + volumes: + - ./registry-data:/var/lib/registry diff --git a/quay_registry/tag-invidious.sh b/quay_registry/tag-invidious.sh new file mode 100755 index 0000000..141a524 --- /dev/null +++ b/quay_registry/tag-invidious.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +docker pull quay.io/invidious/invidious-companion:latest +docker pull quay.io/invidious/invidious-invidious:latest +docker tag quay.io/invidious/invidious-companion:latest dockerreg.mycloudhaus.xyz/invidious/invidious-companion:latest +docker tag quay.io/invidious/invidious:latest dockerreg.mycloudhaus.xyz/invidious/invidious:latest +docker push dockerreg.mycloudhaus.xyz/invidious/invidious-companion:latest +docker push dockerreg.mycloudhaus.xyz/invidious/invidious:latest +#docker rmi quay.io/invidious/invidious-companion:latest dockerreg.mycloudhaus.xyz/invidious/invidious-companion:latest +#docker rmi quay.io/invidious/invidious:latest dockerreg.mycloudhaus.xyz/invidious/invidious:latest