I am trying to run my own Docker registry but I would not like anyone to be able to push to my registry. I saw some option called privileged access (https://github.com/docker/docker-registry/blob/master/ADVANCED.md). I can see how to generate the key but I can't find how to use my private/public key pair to push a container. Is it even possible to use this privileged access feature for pushing containers into a private registry?
2 Answers
I believe you need to set some flags when you start your client docker daemon.
You don't state your OS, but on Ubuntu you can find your flags in /etc/default/docker change those and restart the service sudo service docker restart
The possible options are: https://docs.docker.com/reference/commandline/cli/#daemon
--tls=false Use TLS; implied by --tlsverify flag
--tlscacert="/home/sven/.docker/ca.pem" Trust only remotes providing a certificate signed by the CA given here
--tlscert="/home/sven/.docker/cert.pem" Path to TLS certificate file
--tlskey="/home/sven/.docker/key.pem" Path to TLS key file
--tlsverify=false Use TLS and verify the remote (daemon: verify client, client: verify daemon)
apparently the python implementation of that project is currently obsolete, and was archived by its collaborators, the new development branch is running on golang and you can check it here https://github.com/docker/distribution
