Minimal and fast Docker Registry
Go to file
SeanOMik b46a7a844b
Use jwt secret by verifying it in the auth middleware
2023-07-14 21:25:38 -04:00
dev-sql restrict users access to repositories, fix bugs with pushing and pulling, and database bugs 2023-06-16 00:20:51 -04:00
docs Create sqlite database file if it doesn't exist, implement tls 2023-07-13 01:11:31 -04:00
src Use jwt secret by verifying it in the auth middleware 2023-07-14 21:25:38 -04:00
.dockerignore create dockerfile, create more configuration options 2023-06-16 01:15:12 -04:00
.gitignore create dockerfile, create more configuration options 2023-06-16 01:15:12 -04:00
Cargo.lock Rewrite auth endpoint to allow anonymous tokens, and better tokens 2023-07-14 15:42:39 -04:00
Cargo.toml Use jwt secret by verifying it in the auth middleware 2023-07-14 21:25:38 -04:00
Dockerfile add log level to config, create /data dir in docker image 2023-06-17 00:55:12 -04:00
LICENSE First commit 2023-04-17 19:37:18 -04:00
README.md Redo auth once again to add a proper 'auth gate' middleware 2023-07-14 00:37:40 -04:00
config-example.toml add log level to config, create /data dir in docker image 2023-06-17 00:55:12 -04:00
rust-toolchain.toml Dont store blobs in database, create StorageProvider 2023-04-18 18:59:26 -04:00
shell.nix implement ldap support 2023-05-28 23:47:22 -04:00

README.md

Orca registry

Orca is a pure-rust implementation of a Docker Registry.

Note: Orca is still in early development (status).

Features

  • Low resource consumption
  • Easy to deploy
  • Single application and executable

Status

The project is still in early development, use at your own risk. Although the registry does work, and you can push and pull images from it, there is no simple way to modify user permissions and to add users to the registry. Currently, the only way to add a user and, modify their permissions, is to edit the sqlite database.

Adding users

These instructions are assuming the user is stored in the database, if you use LDAP auth, users are created automatically and you don't need all this.

Note: These instructions are subject to change or quickly become outdated without notes in the instructions.

  1. Open the sqlite database in an editor.

  2. Create a bcrypt password hash for the new user:

$ htpasswd -nB
  1. Insert the new user's email, password hash into the user_logins table. The salt is not used, so you can put whatever there

WARNING: Ensure that the username is all lowercase!!!

INSERT INTO user_logins (email, password_hash, password_salt) VALUES ("example@email.com", "some password", "random salt")
  1. Insert the new user into another table, users so the registry knows the source of the user

WARNING: Ensure that the username is all lowercase!!!

INSERT INTO users (username, email, login_source) VALUES ("example", "example@email.com", 0)

a login_source of 0 means database

  1. Give the user registry permissions

WARNING: Ensure that the username is all lowercase!!!

INSERT INTO user_registry_permissions (email, user_type) VALUES ("example@email.com", 1)

a user_type of 1 means admin, they have permission for all image repositories.