## registry-ui server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name ui.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:50000; proxy_set_header Host $host; proxy_set_header Origin $scheme://$host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; # Optional proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Host $host; } } ## docker hub server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name hub.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:51000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## GitHub Container Registry (ghcr.io) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name ghcr.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:52000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## Google Container Registry (gcr.io) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name gcr.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:53000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## Kubernetes Container Registry (k8s.gcr.io) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name k8s-gcr.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:54000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## Kubernetes's container image registry (registry.k8s.io) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name k8s.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:55000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## Quay Container Registry (quay.io) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name quay.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:56000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## Microsoft Container (mcr.microsoft.com) server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name mcr.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:57000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } } ## docker.elastic.co server { listen 80; listen 443 ssl; ## 填写绑定证书的域名 server_name elastic.your_domain_name; ## 证书文件名称(填写你证书存放的路径和名称) ssl_certificate your_domain_name.crt; ## 私钥文件名称(填写你证书存放的路径和名称) ssl_certificate_key your_domain_name.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:58000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }