Search code examples
nginx-reverse-proxyjfrog-container-registry

Set Docker Repository Ports

Been working on setting up JFrog Container Repository and have been running into an issue with setting up the Docker Repository Ports.

I have gone through and set up Nginx as a reverse proxy and have generated a working sites-available conf file

## add ssl entries when https has been set in config
ssl_certificate      /etc/nginx/ssl/secret.crt;
ssl_certificate_key  /etc/nginx/ssl/secret.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers   on;
## server configuration
server {
    listen 443 ssl;
    listen 80 ;

    server_name subdomain.domain.com;
    if ($http_x_forwarded_proto = '') {
        set $http_x_forwarded_proto  $scheme;
    }
    ## Application specific logs
    ## access_log /var/log/nginx/artifactory.jfrog.com-access.log timing;
    ## error_log /var/log/nginx/artifactory.jfrog.com-error.log;
    rewrite ^/$ /artifactory/webapp/ redirect;
    rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect;
    chunked_transfer_encoding on;
    client_max_body_size 0;
    location / {
    proxy_read_timeout  900;
    proxy_pass_header   Server;
    proxy_cookie_path   ~*^/.* /;
    if ( $request_uri ~ ^/artifactory/(.*)$ ) {
        proxy_pass          http://localhost:8081/artifactory/$1;
    }
    proxy_pass         http://localhost:8081/artifactory/;
    proxy_set_header   X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
    proxy_set_header    X-Forwarded-Port  $server_port;
    proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
    proxy_set_header    Host              $http_host;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    }
}

I am able to view the page, login, create repositories...etc...

But when I go to the Advanced tab of a docker repository to try and set the HTTP settings, I am still greeted by the "To use this feature first configure reverse proxy." even though I am viewing the page through the reverse proxy at the time.

I don't know if I am missing something super simple or if I am just running into a bug of sorts. I looked through the JFrog jira and couldn't seem to find anything that matched this description.

Any help would be greatly appriciated.

Thank you!

Edit:

Should probably leave some system info as well...

OS: Centos 7
Nginx: 1.16.1
JCR: 6.17.0-61700900
Solution

  • This is a bug. I have filed RTFACT-21197 for you. That said, it is simply a generator and you can simply edit your existing configuration. For ports, all you need to do is copy/paste and add a docker line with the repository name. For example, let's say you have a repository called docker-local and you want that to be accessible at port 5000, your final configuration would look like this:

    ## add ssl entries when https has been set in config
ssl_certificate      /etc/nginx/ssl/secret.crt;
ssl_certificate_key  /etc/nginx/ssl/secret.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers   on;
## server configuration
server {
    listen 443 ssl;
    listen 80 ;

    server_name subdomain.domain.com;
    if ($http_x_forwarded_proto = '') {
        set $http_x_forwarded_proto  $scheme;
    }
    ## Application specific logs
    ## access_log /var/log/nginx/artifactory.jfrog.com-access.log timing;
    ## error_log /var/log/nginx/artifactory.jfrog.com-error.log;
    rewrite ^/$ /artifactory/webapp/ redirect;
    rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect;
    chunked_transfer_encoding on;
    client_max_body_size 0;
    location / {
        proxy_read_timeout  900;
        proxy_pass_header   Server;
        proxy_cookie_path   ~*^/.* /;
        if ( $request_uri ~ ^/artifactory/(.*)$ ) {
            proxy_pass          http://localhost:8081/artifactory/$1;
        }
        proxy_pass         http://localhost:8081/artifactory/;
        proxy_set_header   X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
        proxy_set_header    X-Forwarded-Port  $server_port;
        proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
        proxy_set_header    Host              $http_host;
        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    }
}

server {
    listen 5000 ssl;

    server_name subdomain.domain.com;
    if ($http_x_forwarded_proto = '') {
        set $http_x_forwarded_proto  $scheme;
    }
    rewrite ^/$ /artifactory/webapp/ redirect;
    rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect;
    rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-local/$1/$2;
    chunked_transfer_encoding on;
    client_max_body_size 0;
    location / {
        proxy_read_timeout  900;
        proxy_pass_header   Server;
        proxy_cookie_path   ~*^/.* /;
        if ( $request_uri ~ ^/artifactory/(.*)$ ) {
            proxy_pass          http://localhost:8081/artifactory/$1;
        }
        proxy_pass         http://localhost:8081/artifactory/;
        proxy_set_header   X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
        proxy_set_header    X-Forwarded-Port  $server_port;
        proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
        proxy_set_header    Host              $http_host;
        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    }
}