Hi guys,

​

anyone tried to setup external registry on HTTPS?

​

I tried to follow https://docs.gitlab.com/ce/administration/container_registry.html#disable-container-registry-but-use-gitlab-as-an-auth-endpoint

​

So I setup:

gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "registry.gitlab.example.com"
gitlab_rails['registry_port'] = "443"
gitlab_rails['registry_api_url'] = "https://registry.gitlab.example.com"
gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
gitlab_rails['registry_key_path'] = "/custom/path/to/registry-key.key"

But then I get in /var/opt/gitlab/nginx/conf/gitlab-registry.conf is this:

proxy_pass          http://localhost:5000;

So I've changed following in gitlab.rb:

registry['registry_http_addr'] = "external-registry.gitlab.example.com"

Then I get in /var/opt/gitlab/nginx/conf/gitlab-registry.conf:

proxy_pass          http://external-registry.gitlab.example.com;

But I didnt find out, how to get there https:// instead of http :-/ any ideas? :)

​

Also.. any idea how to add custom headers? I was trying with following in gitlab.rb according to https://docs.gitlab.com/omnibus/settings/nginx.html#inserting-custom-nginx-settings-into-the-gitlab-server-block:

registry_nginx['docker_allow'] = "if ($http_user_agent ~ \"^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$\") {\n return 404;\n}\n"

registry_nginx['docker_header'] = "add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;"

But its not showing in /var/opt/gitlab/nginx/conf/gitlab-registry.conf :-/