Comments (10)
Joxit
commented on August 16, 2024
Hello,
Thanks for your issue.
I don't seen anything wrong in your configuration (excepted the docker-registry-ui tag which should be static and not latest but it's may be a typo?)
I will try to see deeply your issue next week, because I am in Japan now
from docker-registry-ui.
mzylowski
commented on August 16, 2024
Yep I tried a lot of things and I copied here wrong line. I use static tag.
from docker-registry-ui.
commented on August 16, 2024
Hello,
I can not see the Trash can icon available. ( I would like to delete an image)
Here are my registry config and compose file:
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Allow-Origin: ['http://localhost']
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
Access-Control-Allow-Headers: ['Authorization']
Access-Control-Max-Age: [1728000]
Access-Control-Allow-Credentials: [true]
Access-Control-Expose-Headers: ['Docker-Content-Digest']
auth:
htpasswd:
realm: basic-realm
path: /etc/docker/registry/htpasswdversion: '2.0'
services:
registry:
image: registry:2.6.2
restart: always
ports:
- 5000:5000
environment:
- REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin=['*']
volumes:
- ./registry-data:/var/lib/registry
- ./registry-config/credentials.yml:/etc/docker/registry/config.yml
- ./registry-config/htpasswd:/etc/docker/registry/htpasswd
networks:
- registry-ui-net
ui:
image: joxit/docker-registry-ui:static
restart: always
ports:
- 80:80
environment:
- REGISTRY_TITLE=My Private Docker Registry
- REGISTRY_URL=http://registry:5000
depends_on:
- registry
networks:
- registry-ui-net
networks:
registry-ui-net:Any ideas?
from docker-registry-ui.
Joxit
commented on August 16, 2024
Hi @RANGERBEE, for the delete icon you need this environment on the ui DELETE_IMAGES=true
from docker-registry-ui.
freezable
commented on August 16, 2024
Hi @Joxit. Thanks for App. Unfortunately i have the same issue with history and delete. and i also use AWS S3
from docker-registry-ui.
Joxit
commented on August 16, 2024
Hello,
I'm back at home and I may have some leads.
When you use s3 storage, docker private registry send 307 status code (redirect) to your bucket.
That means your bucket should also be well configured (DELETE, Access-Control-Allow-Origin...)
Can you open a console and tell me what you have ?
I wrote an example here https://github.com/Joxit/docker-registry-ui/tree/master/examples/issue-75 (without credentials in docker registry) and it seems to works.
When I add docker registry credentials, it fails because of Access-Control-Allow-Origin
from docker-registry-ui.
mzylowski
commented on August 16, 2024
Hello!
I made few checks today.
Your example for issue-75 (without auth) works well after deployment via compose-up.
Also I checked my configuration by removing auth section from configs. Everything worked fine. Unfortunately is important for me to use auth with my registry.
Can you open a console and tell me what you have ?
What exactly additional info I can get for you?
I also found 307 http code (in docker logs of the registry container):
time="2019-04-18T12:14:02.821608537Z" level=info msg="response completed" go.version=go1.11.2 http.request.host=registry.zylowski.net http.request.id=6b31cf3c-d997-49b4-a56c-a93cbddcefc2 http.request.method=GET http.request.referer="http://registry.zylowski.net:8000/" http.request.remoteaddr=194.99.105.228 http.request.uri="/v2/github-updater/blobs/sha256:c0059e2cde4f63fbd5a2d82bf61daa6d70d2235c102aa07aba6c3b1146661da0" http.request.useragent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" http.response.contenttype="application/octet-stream" http.response.duration=11.267582ms http.response.status=307 http.response.written=0
172.18.0.100 - - [18/Apr/2019:12:14:02 +0000] "GET /v2/github-updater/blobs/sha256:c0059e2cde4f63fbd5a2d82bf61daa6d70d2235c102aa07aba6c3b1146661da0 HTTP/1.0" 307 0 "http://registry.zylowski.net:8000/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36"
In my minio deployment logs I see only:
2019-04-18 12:34:57.542135 I | http: TLS handshake error from 194.99.105.228:29210: EOF
Maybe this one is a bit related:
minio/minio#4044
from docker-registry-ui.
Joxit
commented on August 16, 2024
The issue with minio and credentials are CORS.
When you are using some credentials with browsers, the remote server which need your credentials must send the respond request with these headers :
Access-Control-Allow-Credentials: trueAccess-Control-Allow-Origin: domain.example.com
But Minio is sending Access-Control-Allow-Origin: * instead of the current domain. Because of this, your browser block all these requests. The wildcard can be used only when no credentials are needed.
Here is the type of error in your browser:
Access to XMLHttpRequest at 'http://127.0.0.1:9000/registry/docker/registry/v2/blobs/sha256/73/7328f6f8b41890597575cbaadc884e7386ae0acc53b747401ebce5cf0d624560/data...' (redirected from 'http://127.0.0.1:5000/v2/alpine/blobs/sha256:7328f6f8b41890597575cbaadc884e7386ae0acc53b747401ebce5cf0d624560') from origin 'null' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
If you want to avoid this issue, you will need a proxy in front of your Minio with a correct Access-Control-Allow-Origin.
from docker-registry-ui.
mzylowski
commented on August 16, 2024
Okey, now I understand a lot more.
First issue (showing history of a tag) 
I fixed by adding
redirect:
disable: true
to my registry config.yml (to storage section).
I will try to solve CORS issue related with deleting images in next weeks (by changing nginx-proxy configuration). As workaround is possible to run chrome with
--disable-web-security
from docker-registry-ui.
blomsoft
commented on August 16, 2024
Hi, I have the same problem: it works well, except for showing the history and for deleting images. This is my docker-compose.yml, my server is called testserver.local in my private network at home (it's a Raspberry Pi) and the error that I see in the log of docker-registry-ui, when requesting the history or a delete, is msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential". The certificates of docker-registry are self-signed and I don't use HTTPS for docker-registry-ui yet. The browser that I use for docker-registry-ui asks for credentials and these seem to work.
Can you help?
version: '2.0'
services:
registry:
restart: unless-stopped
image: registry:2.7.1
container_name: docker-registry
ports:
- 5000:5000
environment:
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_HTTP_ADDR: 0.0.0.0:5000
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/testserver.local.crt
REGISTRY_HTTP_TLS_KEY: /certs/testserver.local.key
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin: '[http://testserver.local:5001]'
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials: '[true]'
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: '[HEAD, GET, OPTIONS, DELETE]'
REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: '[Authorization, Accept]'
REGISTRY_HTTP_HEADERS_Access-Control-Max-Age: '[1728000]'
REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: '[Docker-Content-Digest]'
volumes:
- /storage/registry:/var/lib/registry
- /home/pi/Docker/docker-registry/certs:/certs
- /home/pi/Docker/docker-registry/auth:/auth
networks:
- registry-ui
ui:
restart: unless-stopped
image: joxit/docker-registry-ui:latest
container_name: docker-registry-ui
ports:
- 5001:80
environment:
- REGISTRY_TITLE=My Private Docker Registry
- REGISTRY_URL=https://testserver.local:5000
- DELETE_IMAGES=true
- SINGLE_REGISTRY=true
depends_on:
- registry
networks:
- registry-ui
networks:
registry-ui:
from docker-registry-ui.
Related Issues (20)
- UI can't list tags if the registry use S3 backend. HOT 1
- Search bar "placeholder" has low contrast on dark mode HOT 1
- Feature request: Allow hiding the history feature to reduce complexity of the user interface
- Reject pull/push images throung env variable HOT 5
- Help with Scaleway private registry HOT 2
- Allow adding a description for known images HOT 1
- CVE-2024-24989 in used version of nginx HOT 1
- Issue with Access-Control-Allow-Credentials header HOT 1
- docker-registry-ui.js:40 Uncaught TypeError: Cannot read properties of undefined (reading 'filter') HOT 4
- Missing input for username & password in the GUI HOT 1
- ipv6 support
- Using Token Auth
- Updated traefik example
- Delete Tag: The operation is unsupported. HOT 3
- Request to add proxy repository and cache settings
- Question about setting up connection with registry over https HOT 3
- Cors error when looking at details of image HOT 3
- The nginx registry cache cannot pull an image HOT 1
- Favicon has low contrast on dark browser
- Hello, I'd like to know why adding new HTML under /dist doesn't recognize custom components like index.html.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-registry-ui.