Add a non-tls example config (cesanta#209)

sporynin · Feb 2, 2018 · 509a03a · 509a03a
1 parent 7c0b9aa
commit 509a03a
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/examples/non_tls.yml b/examples/non_tls.yml
@@ -0,0 +1,33 @@
+# A non-tls example. See reference.yml for explanation of all options.
+#
+# auth:
+# token:
+# realm: "https://127.0.0.1:5001/auth"
+# service: "Docker registry"
+# issuer: "Acme auth server"
+# rootcertbundle: "/path/to/server.pem"
+
+server:
+ addr: ":5001"
+
+token:
+ issuer: "Acme auth server" # Must match issuer in the Registry config.
+ expiration: 900
+ certificate: "/path/to/server.pem"
+ key: "/path/to/server.key"
+
+users:
+ # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
+ "admin":
+ password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC" # badmin
+ "test":
+ password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya" # 123
+
+acl:
+ - match: {account: "admin"}
+ actions: ["*"]
+ comment: "Admin has full access to everything."
+ - match: {account: "user"}
+ actions: ["pull"]
+ comment: "User \"user\" can pull stuff."
+ # Access is denied by default.