1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
{config, ...}: let
registryPort = 5000;
registryUIPort = 5080;
in {
imports = [
./umami.nix
];
sops.secrets.rootPwd.neededForUsers = true;
roles.base.root.hashedPasswordFile = config.sops.secrets.rootPwd.path;
networking.firewall.allowedTCPPorts = [
registryPort
registryUIPort
];
services.dockerRegistry = {
enable = true;
enableGarbageCollect = true;
enableDelete = true;
port = registryPort;
listenAddress = "0.0.0.0";
};
virtualisation.oci-containers.containers."registry-ui" = {
image = "joxit/docker-registry-ui:2.5.7";
hostname = "registry-ui";
extraOptions = [
"--network=host"
];
environment = {
REGISTRY_URL = "http://10.1.2.9:5000";
SINGLE_REGISTRY = "true";
DELETE_IMAGES = "true";
SHOW_CONTENT_DIGEST = "true";
NGINX_LISTEN_PORT = toString registryUIPort;
};
};
system.stateVersion = "24.05";
}