mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-03 10:01:44 +08:00
39 lines
1.0 KiB
Plaintext
39 lines
1.0 KiB
Plaintext
RequestHeader set X-Forwarded-Scheme https early
|
|
RequestHeader set X-Scheme https early
|
|
RequestHeader set X-Forwarded-Proto https early
|
|
ProxyPreserveHost On
|
|
|
|
|
|
{% if env == "production" %}
|
|
RewriteCond %{HTTP:VIA} !cdn77
|
|
RewriteCond %{REQUEST_METHOD} !^(PATCH|POST|PUT|DELETE|HEAD)$
|
|
RewriteRule ^/v2/(.*)/blobs/([a-zA-Z0-9:]*) https://cdn.registry.fedoraproject.org/v2/$1/blobs/$2 [R]
|
|
{% endif %}
|
|
|
|
# This is terible, but Docker.
|
|
RewriteCond %{REQUEST_METHOD} ^(PATCH|POST|PUT|DELETE)$
|
|
RewriteRule ^/v2/(.*)$ http://docker-registry02:5000/v2/$1 [P,L]
|
|
RewriteRule ^/v2/(.*)$ http://localhost:6081/v2/$1 [P,L]
|
|
|
|
DocumentRoot /srv/web/registry-index/
|
|
|
|
<Directory /srv/web/registry-index>
|
|
Require all granted
|
|
</Directory>
|
|
|
|
SSLVerifyClient optional
|
|
SSLVerifyDepth 1
|
|
SSLCACertificateFile /etc/pki/httpd/registry-ca-{{env}}.cert
|
|
SSLOptions +FakeBasicAuth
|
|
|
|
|
|
<Location /v2>
|
|
AuthName "Registry Authentication"
|
|
AuthType Basic
|
|
AuthUserFile /etc/httpd/conf.d/registry.fedoraproject.org/passwd
|
|
|
|
<Limit GET HEAD>
|
|
Require all granted
|
|
</Limit>
|
|
</Location>
|