Five-step setup for private Docker repository with Let's Encrypt SSL

Our core developer (Felipe) has released and open sourced a really interesting project related to Docker. There's a ton of Docker registries available, but private ones tend to cost money (and they can get expensive as you grow), here's a snippet on how to creating one protected with Let's Encrypt.

Requirements

1. A domain name (or subdomain).
2. A cloud Instance (a droplet on DigitalOcean, ideally with Ubuntu 16, with Docker and Docker Compose installed)

What's a registry you ask?

It's a place to store docker images, where other machines can push/pull from. Some content must be kept private, hence the private docker registry.

What's a docker Image?

It's an environment where your app lives, that can be shared easily, docker allows to run them under their supported operating systems.

Here's the repository to place in your instance

https://github.com/fzuleta/private-docker-registry-ssl

Steps

1. Set in docker-compose.yml the REGISTRY_USER, REGISTRY_PASSWORD and DOMAIN on the Nginx args.
2. On ssl_gen set DOMAIN value with your domain.
3. docker-compose up -d
4. chmod +x *.sh && ./ssl_gen.sh
5. After it succeeds, start it with docker-compose restart

After it succeeds

1. From your local machine (or another) add your repo url to the insecure-registries (instructions: https://docs.docker.com/registry/insecure/)
2. docker login my-repo-url.com give your user name/pass
3. It should say Login Succeeded

Automatic cron setup

This will schedule a renewal of the SSL cert with Let's Encrypt every 15 days.

1. crontab -u $USER -e
2. 0 0 */15 * * /path/to/registry_files/ssl_renew.sh

Hope it helps!