Puppet Class: docker::registry::web

Defined in:
modules/docker/manifests/registry/web.pp

Overview

Parameters:

  • docker_username (Any)
  • docker_password_hash (Any)
  • allow_push_from (Any)
  • ssl_settings (Any)
  • use_puppet_certs (Any) (defaults to: false)
  • use_acme_chief_certs (Any) (defaults to: false)
  • ssl_certificate_name (Any) (defaults to: undef)
  • http_endpoint (Any) (defaults to: false)
  • http_allowed_hosts (Any) (defaults to: [])
  • cors (Any) (defaults to: false)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'modules/docker/manifests/registry/web.pp', line 1

class docker::registry::web(
    $docker_username,
    $docker_password_hash,
    $allow_push_from,
    $ssl_settings,
    $use_puppet_certs=false,
    $use_acme_chief_certs=false,
    $ssl_certificate_name=undef,
    $http_endpoint=false,
    $http_allowed_hosts=[],
    $cors=false,
) {
    if (!$use_puppet_certs and ($ssl_certificate_name == undef)) {
        fail('Either puppet certs should be used, or an ssl cert name should be provided')
    }

    if $use_puppet_certs {
        base::expose_puppet_certs { '/etc/nginx':
            ensure          => present,
            provide_private => true,
            require         => Class['nginx'],
        }
    }

    file { '/etc/nginx/htpasswd.registry':
        content => "${docker_username}:${docker_password_hash}",
        owner   => 'www-data',
        group   => 'www-data',
        mode    => '0440',
        before  => Service['nginx'],
        require => Package['nginx-common'],
    }
    nginx::site { 'registry':
        content => template('docker/registry-nginx.conf.erb'),
    }

    if $http_endpoint {
        nginx::site { 'registry-http':
            content => template('docker/registry-http-nginx.conf.erb'),
        }
    }

}