pierrelf.com
Rust implementation of OCI Distribution Spec with granular access control
1services:
2 grain:
3 image: pierrelf/grain:latest
4 container_name: grain-registry
5 ports:
6 - "127.0.0.1:8888:8888"
7 restart: unless-stopped
8 environment:
9 - RUST_LOG=info
10 healthcheck:
11 test: ["CMD", "curl", "-f", "http://localhost:8888/v2/"]
12 interval: 30s
13 timeout: 3s
14 retries: 3
15 start_period: 5s
16 volumes:
17 # The application writes blobs/manifests/uploads under its working dir at /app/tmp
18 - /var/lib/grain/tmp:/app/tmp
19 # Bind the users file into the container path the image expects
20 - /var/lib/grain/users.json:/data/users.json:ro
21
22 caddy:
23 image: caddy:2
24 container_name: grain-caddy
25 ports:
26 - "80:80"
27 - "443:443"
28 restart: unless-stopped
29 depends_on:
30 - grain
31 volumes:
32 # Caddyfile: replace the placeholder domain with your actual domain
33 - /var/lib/grain/caddy/Caddyfile:/etc/caddy/Caddyfile:ro
34 # Persistent storage for Caddy (TLS certs and config)
35 - /var/lib/grain/caddy/data:/data
36 - /var/lib/grain/caddy/config:/config
37 # Optional: persist Caddy logs on the host
38 - /var/lib/grain/caddy/logs:/var/log/caddy