Korbs/zot-docker-setup
1
Fork 0
Code Issues Pull requests Activity
zot-docker-setup/README.md
Korbs 7d8c939758 🚀 Init
2024-12-09 22:20:46 -05:00

3 KiB
Raw Blame History

Zot Docker Setup

Setup Zot in Docker

This is mostly how SudoVanilla's Docker registry is setup.

I'm still new to Zot, so some information below could be inaccurate and some important information could be missing too.

Configuration

Address and Port

Zot will need to bind itself to an address and port.

  • address - 192.168.0.0 (Use Local IP)
  • port - 2000

Example above would bind http://192.168.0.0:2000

Access Control

The already provided configuration is setup to allow guest users to view any images that is available on your Zot registry, with one user(you) being able to view, create, delete, and update images.

Make sure you give yourself access to other permissions, the email you plan to use should be set to users under the * policies under accessControl.

OpenID Connect (Optional)

To setup OpenID Connect, configure the openid portion of the config.json file.

  • name - Name that appears on login button (Sign in with name)
  • issuer - https://sso.whatever.org/odic
    • Don't use the provider configuration endpoint, use the issuer endpoint
  • clientid - Client or App ID
  • clientsecret - Client or App secret
  • scopes - Permissions to give Zot that it can access.

Your Zot redirect URL will look like this:

// Path
/zot/auth/callback/oidc

// Full URL example
https://zot.whatever.org/zot/auth/callback/oidc

The endpoint will use your externalUrl as the assumed redirect URL, make it is set correctly for your setup.

If you don't plan to use this, remove the openid portion from the config.json file.

Htpasswd (Optional)

If you plan to provide a login via email and password, you'll need to create an account with the htpasswd command and create the account you'll use.

Create an account:

htpasswd -bnB MyUsername MyPassword > ./htpasswd

If you don't plan to use this, remove the htpasswd line from the config.json file.

Usage

Building Docker Image

You can build a Docker image as you normally would.

docker build -t your-image .

Pushing Docker Image

Zot seems to be setup to accept OCI images, not the Docker format, so using docker push won't work. You can use skopeo to push, after you save the Docker image as a tar.

Before we proceed, make to login into your Zot registry:

skopeo login zot.whatever.org

If you used OpenID Connect to create an account. Use your email as the username and crete an API Token as the password.

Run docker save to convert the existing image to a .tar format:

docker save -o your-image.tar your-image

Then, push it to your Zot registry:

skopeo copy tarball:./your-image.tar docker://zot.whatever.org/your-image

The /your-image part in the skopeo copy command can be whatever. /whatever/your-image also works.

Try it Out

Let's try pushing an existing image from Docker Hub to your Zot registry, we'll use Bun's image in this example.

docker pull oven/bun
docker save -o bun.tar oven/bun
skopeo copy tarball:./bun.tar docker://zot.whatever.org/oven/bun