skip to Main Content

I have GitHub Runner and docker registry on my server and I’m trying to set up ci/cd for some applications.

Directly pushing to the container name with port works smoothly

docker pull alpine
docker tag alpine:latest docker-registry:5000/alpine:latest

docker login docker-registry:5000
Login Succeeded


docker push docker-registry:5000/alpine:latest
The push refers to repository [docker-registry:5000/alpine]
ded7a220bb05: Pushed

But I get an problem when I use the domain

docker pull alpine
docker tag alpine:latest registry.mydomain.com/alpine:latest

docker login registry.mydomain.com
Login Succeeded


docker push registry.mydomain.com/alpine:latest
The push refers to repository [registry.mydomain.com/alpine]
ded7a220bb05: Retrying in 1 second
received unexpected HTTP status: 200 OK

My docker containers

CONTAINER ID   IMAGE                                              COMMAND                  CREATED          STATUS             PORTS                                                  NAMES
eab92ef5610b   registry:2                                         "/entrypoint.sh /etc…"   22 seconds ago   Up 21 seconds      5000/tcp                                               docker-registry
bdd4f0886c19   nginx:1.20.2                                       "/docker-entrypoint.…"   3 months ago     Up About an hour   0.0.0.0:80->80/tcp, :::80->80/tcp                      nginx-ingress
5e7e8e1b591e   myoung34/github-runner:2.299.1-ubuntu-jammy        "/entrypoint.sh ./bi…"   37 hours ago     Up 27 minutes                                                             github-runner

My Nginx config

upstream registry {
  server docker-registry:5000;
}

map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
    '' 'registry/2.0';
}

server {

    listen 443;
    server_name registry.mydomain.com;

    client_max_body_size 0; 

    chunked_transfer_encoding on;

    location /v2/ {

        if ($http_user_agent ~ "^(docker/1.(3|4|5(?!.[0-9]-dev))|Go ).*$" ) {
            return 404;
        }

        auth_basic "Registry Realm";
        auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;

        add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;

        proxy_pass                          http://registry;
        proxy_set_header Host               $http_host;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme; # default => $scheme | cloudflare => https
        proxy_read_timeout                  900;
    }

}

Docker registry logs

time="2022-12-01T13:05:21.576274727Z" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple registries are behind a load-balancer. To provide a shared secret, fill in http.secret in the configuration file or set the REGISTRY_HTTP_SECRET environment variable." go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.576362865Z" level=info msg="redis not configured" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.576419048Z" level=info msg="Starting upload purge in 9m0s" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.588466586Z" level=info msg="using inmemory blob descriptor cache" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.588770043Z" level=info msg="listening on [::]:5000" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
172.18.0.1 - - [01/Dec/2022:13:05:28 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:28.906573279Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=4d19514d-336c-4c1c-ad8a-91a8a4be1e0c http.request.method=GET http.request.remoteaddr="172.18.0.1:42346" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))"
172.18.0.1 - - [01/Dec/2022:13:05:28 +0000] "GET /v2/ HTTP/1.1" 200 2 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:28.91635475Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=6f0cd72e-52dd-4408-812c-c770c1daeb4c http.request.method=GET http.request.remoteaddr="172.18.0.1:42348" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))"
time="2022-12-01T13:05:28.916428075Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=6f0cd72e-52dd-4408-812c-c770c1daeb4c http.request.method=GET http.request.remoteaddr="172.18.0.1:42348" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=8.872969ms http.response.status=200 http.response.written=2
172.18.0.1 - - [01/Dec/2022:13:05:47 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:47.955166053Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=060b8ad8-027d-4e1f-aae8-853e694aa071 http.request.method=GET http.request.remoteaddr="172.18.0.1:42352" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))"
time="2022-12-01T13:05:47.961400261Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=23ab1f44-c687-41a4-854c-88d5223f3c19 http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42354" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
time="2022-12-01T13:05:47.961616963Z" level=error msg="response completed with error" auth.user.name="docker_user" err.code="blob unknown" err.detail=sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 err.message="blob unknown to registry" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=23ab1f44-c687-41a4-854c-88d5223f3c19 http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42354" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=3.888659ms http.response.status=404 http.response.written=157 vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:47 +0000] "HEAD /v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 404 157 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:48.013676521Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=76e692cf-3fec-4739-ac68-dd7e785bc3c0 http.request.method=POST http.request.remoteaddr="172.18.0.1:42356" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine
time="2022-12-01T13:05:48.026046059Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=76e692cf-3fec-4739-ac68-dd7e785bc3c0 http.request.method=POST http.request.remoteaddr="172.18.0.1:42356" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=16.091457ms http.response.status=202 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "POST /v2/alpine/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:48.037049651Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=9d35eb65-a80e-43c7-bcad-42bcd0723ad1 http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42358" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine vars.uuid=cb21fc83-6e19-4c78-b5c0-badb0ff8fe04
time="2022-12-01T13:05:48.956206497Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=9d35eb65-a80e-43c7-bcad-42bcd0723ad1 http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42358" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=929.13763ms http.response.status=202 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "PATCH /v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:48.960962747Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=b4955223-ae69-4d0f-8643-b70148b764fd http.request.method=PUT http.request.remoteaddr="172.18.0.1:42360" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine vars.uuid=cb21fc83-6e19-4c78-b5c0-badb0ff8fe04
time="2022-12-01T13:05:48.975845667Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=b4955223-ae69-4d0f-8643-b70148b764fd http.request.method=PUT http.request.remoteaddr="172.18.0.1:42360" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=18.779158ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "PUT /v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:48.987290535Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=53c874f2-6f55-4cde-b5ca-596dda13583a http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42362" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
time="2022-12-01T13:05:48.987671994Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=53c874f2-6f55-4cde-b5ca-596dda13583a http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42362" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.contenttype="application/octet-stream" http.response.duration=10.691772ms http.response.status=200 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "HEAD /v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 200 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:48.99996587Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=867604cb-09cd-43f4-91b0-52ead32d664e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42364" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
time="2022-12-01T13:05:49.000171622Z" level=error msg="response completed with error" auth.user.name="docker_user" err.code="blob unknown" err.detail=sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da err.message="blob unknown to registry" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=867604cb-09cd-43f4-91b0-52ead32d664e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42364" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=4.875849ms http.response.status=404 http.response.written=157 vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "HEAD /v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 404 157 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:49.009848946Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=7e29e9ea-0864-44e2-bc75-732d246af8a9 http.request.method=POST http.request.remoteaddr="172.18.0.1:42366" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "POST /v2/alpine/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:49.022631954Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=7e29e9ea-0864-44e2-bc75-732d246af8a9 http.request.method=POST http.request.remoteaddr="172.18.0.1:42366" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=21.407075ms http.response.status=202 http.response.written=0
time="2022-12-01T13:05:49.032911791Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=abab2c41-40ee-4c76-8456-3b30b62061af http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42370" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine vars.uuid=32b60b00-82d6-4003-a470-7502f715be61
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PATCH /v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9 HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:49.046509563Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=abab2c41-40ee-4c76-8456-3b30b62061af http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42370" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=22.857284ms http.response.status=202 http.response.written=0
time="2022-12-01T13:05:49.052387956Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=8d17d425-4b89-4597-9314-1f2c35e1afdb http.request.method=PUT http.request.remoteaddr="172.18.0.1:42372" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine vars.uuid=32b60b00-82d6-4003-a470-7502f715be61
time="2022-12-01T13:05:49.067768248Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=8d17d425-4b89-4597-9314-1f2c35e1afdb http.request.method=PUT http.request.remoteaddr="172.18.0.1:42372" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=20.176783ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PUT /v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:49.073531198Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=d77e1f84-f55d-4917-bc8c-aceb4606c23e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42374" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "HEAD /v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 200 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:49.073748384Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=d77e1f84-f55d-4917-bc8c-aceb4606c23e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42374" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.contenttype="application/octet-stream" http.response.duration=4.891873ms http.response.status=200 http.response.written=0
time="2022-12-01T13:05:49.081141753Z" level=info msg="authorized request" go.version=go1.16.15 http.request.contenttype="application/vnd.docker.distribution.manifest.v2+json" http.request.host="docker-registry:5000" http.request.id=b2329d48-38dd-471c-8691-6b08c1eb7ec5 http.request.method=PUT http.request.remoteaddr="172.18.0.1:42376" http.request.uri="/v2/alpine/manifests/latest" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" vars.name=alpine vars.reference=latest
time="2022-12-01T13:05:49.102368205Z" level=info msg="response completed" go.version=go1.16.15 http.request.contenttype="application/vnd.docker.distribution.manifest.v2+json" http.request.host="docker-registry:5000" http.request.id=b2329d48-38dd-471c-8691-6b08c1eb7ec5 http.request.method=PUT http.request.remoteaddr="172.18.0.1:42376" http.request.uri="/v2/alpine/manifests/latest" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 (linux))" http.response.duration=27.598063ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PUT /v2/alpine/manifests/latest HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"

Cloudflare is used for SSL. It automatically redirects to 443

2

Answers


  1. Chosen as BEST ANSWER

    I solved the problem

    One of the main problems was that I was only listening to requests from port 443. This was wrong because my Cloudflare's encryption mode was "Flexible". In this mode, all connections between Cloudflare and your origin are made through HTTP

    I changed 443 to 80, location, and the value of "proxy_set_header X-Forwarded-Proto" with "https", problem solved ))

    server {
    
      listen 80;
      ....
    
      ....
      location / {
        ....
        proxy_set_header X-Forwarded-Proto  https;
        ....
      }
    
    }
    

  2. From the comments:

    Is your proxy configuration dropping the /v2 from the requests to the backend?

    Yes, it does

    That’s an issue. The /v2 is part of the API. I believe the following will include the /v2 in the proxied requests:

            proxy_pass                          http://registry/v2/;
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search