1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
# @summary Manages the "distribution" container registry service
#
# https://github.com/distribution/distribution
#
# @param http_addr
# Address to listen to
# @param http_net
# If http_addr refers to an IP-address/port, or a unix socket
# @param registry_dir
# Container storage.
# @param htpasswd
# Location of htpasswd file
# TODO only have this if basic authentication is used.
# @param conf_file
# Path to configuration file.
# Does *not* move the configuration file, but is where the
# configuraion file is expected to be on the machine.
# @param ensure
# To allow decomissioning
class profiles::distribution_registry (
String $http_addr,
Enum['tcp', 'unix'] $http_net = 'tcp',
String $registry_dir = '/var/lib/registry',
String $htpasswd = '/var/lib/distribution-registry/htpasswd',
String $conf_file = '/etc/distribution-registry/conf.yml',
Enum['present', 'absent'] $ensure = 'present',
) {
ensure_packages([
'distribution-registry',
], {
'ensure' => $ensure,
})
if $ensure == 'present' {
service { 'distribution-registry.service':
ensure => running,
}
file { $conf_file:
content => to_yaml({
'version' => '0.1',
'log' => {
'fields' => {
'service' => 'registry',
},
},
'storage' => {
'cache' => {
'blobdescriptor' => 'inmemory',
},
'filesystem' => {
'rootdirectory' => $registry_dir,
},
},
'http' => {
'addr' => $http_addr,
'net' => $http_net,
},
'auth' => {
'htpasswd' => {
'realm' => 'basic-realm',
'path' => $htpasswd,
},
},
'health' => {
'storagedriver' => {
'enabled' => true,
'interval' => '10s',
'threshold' => 3,
},
},
})
}
} else {
file { $conf_file:
ensure => absent,
}
}
}
|