GitLab Container Registry is a secure and private registry for Docker images integrated completely in Gitlab. In this tutorial we will setup and use GitLab Container Registry. If you’re using previous versions of Gitlab upgrade and then follow this tutorial.
SSL Certificate — Eventhough docker may support unsecured private registries(self signed SSL Certifcates and http registy URL’s). GitLab seems to accept only “https” in url of registry. as when i tried to use http in URL it throw me the following error
Unsupported GitLab Registry external URL scheme: http
you can use self signed certificates or use letsencypt’s certbot(which is opensource certyfing tool).
To use certbot stop any webservers you may be runnng(like nginx, apache). Ensure DNS Mapping is pointing to correct server and run following commands
git clone https://github.com/certbot/certbot
./certbot-auto certonly --standalone -d <domain-name>
you will be asked to enter an email for identity and recovery and your cert and key will be available in
certificate - /etc/letsencrypt/live/<domain-name>/fullchain.pem;
certificate_key - /etc/letsencrypt/live/<domain-name>/privkey.pem;
Modifying /etc/gitlab/gitlab.rb file:
registry_external_url 'https://<domain/sub-domain name>'
registry_nginx['ssl_certificate'] = <location-to-certificate>
registry_nginx['ssl_certificate_key'] = <location-to-certificate-key>
sudo gitlab-ctl reconfigure
Then under every Project Menu will have a Tab “Container Registry” which points to Projects Docker Image Container.