How to secure your local docker registry?

Getting things done is of course a great start, but you must also make sure it is only accessed by authorized users. Therefore, I am here to guide you on how to make a great thing happen.

For some of you haven’t known how to set up a docker registry, you could check my previous post out in the link below:

How to set up a local docker registry on a Linux server?

To begin with, please make sure that you have htpasswd available on your Linux server. htpasswd is one of apache projects that allows you to create and update usernames and passwords stored in flat files for basic authentication.

Now let’s resume working on an old project from an earlier post and inside that project create a file for saving our username and password by using htpasswd.

htpasswd -Bc [filename] [username]
htpasswd -b secretfile docker

After running this command, it will prompt you to enter a password and confirm password. Then, it will create a new file named secretfile. Let now begin to open the docker-compose and modify it as below:

version: '3.8'

services:
  registry:
    container_name: docker_registry
    image: registry:latest
    ports:
    - "5000:5000"
    restart: always
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: Registry
      REGISTRY_AUTH_HTPASSWD_PATH: /secretfile
    volumes:
      - ./registry:/var/lib/registry
      - ./secretfile:/secretfile

Start up the application by running a command.

docker compose up -d

Finally, you should be able to log in to a docker registry

docker login [your-ip]:[port]

Thanks for reading.