Includes changes to mkdocs yml and removes style info from docs Read Me, adding a link instead.
Docker-DCO-1.1-Signed-off-by: Fred Lifton <fred.lifton@docker.com> (github: fredlf)
Conflicts:
docs/README.md
Revisions to style guide based on review.
Docker-DCO-1.1-Signed-off-by: Fred Lifton <fred.lifton@docker.com> (github: fredlf)
More Style Guide revisions based on review.
Docker-DCO-1.1-Signed-off-by: Fred Lifton <fred.lifton@docker.com> (github: fredlf)
A few more style guide copy edits
Docker-DCO-1.1-Signed-off-by: Fred Lifton <fred.lifton@docker.com> (github: fredlf)
Upstream-commit: 461d33eeb0fe1058c9fcea39124c2d1f9e141765
Component: engine
Removed docker_io_oauth_api.md: Docker is not currently accepting regist...
Upstream-commit: 32fdcaa4192577b629bb622991804f9f9148e823
Component: engine
This lets you specify custom client TLS certificates and CA root for a
specific registry hostname. Docker will then verify the registry
against the CA and present the client cert when talking to that
registry. This allows the registry to verify that the client has a
proper key, indicating that the client is allowed to access the
images.
A custom cert is configured by creating a directory in
/etc/docker/certs.d with the same name as the registry hostname. Inside
this directory all *.crt files are added as CA Roots (if none exists,
the system default is used) and pair of files <filename>.key and
<filename>.cert indicate a custom certificate to present to the registry.
If there are multiple certificates each one will be tried in
alphabetical order, proceeding to the next if we get a 403 of 5xx
response.
So, an example setup would be:
/etc/docker/certs.d/
└── localhost
├── client.cert
├── client.key
└── localhost.crt
A simple way to test this setup is to use an apache server to host a
registry. Just copy a registry tree into the apache root, here is an
example one containing the busybox image:
http://people.gnome.org/~alexl/v1.tar.gz
Then add this conf file as /etc/httpd/conf.d/registry.conf:
# This must be in the root context, otherwise it causes a re-negotiation
# which is not supported by the tls implementation in go
SSLVerifyClient optional_no_ca
<Location /v1>
Action cert-protected /cgi-bin/cert.cgi
SetHandler cert-protected
Header set x-docker-registry-version "0.6.2"
SetEnvIf Host (.*) custom_host=$1
Header set X-Docker-Endpoints "%{custom_host}e"
</Location>
And this as /var/www/cgi-bin/cert.cgi
#!/bin/bash
if [ "$HTTPS" != "on" ]; then
echo "Status: 403 Not using SSL"
echo "x-docker-registry-version: 0.6.2"
echo
exit 0
fi
if [ "$SSL_CLIENT_VERIFY" == "NONE" ]; then
echo "Status: 403 Client certificate invalid"
echo "x-docker-registry-version: 0.6.2"
echo
exit 0
fi
echo "Content-length: $(stat --printf='%s' $PATH_TRANSLATED)"
echo "x-docker-registry-version: 0.6.2"
echo "X-Docker-Endpoints: $SERVER_NAME"
echo "X-Docker-Size: 0"
echo
cat $PATH_TRANSLATED
This will return 403 for all accessed to /v1 unless *any* client cert
is presented. Obviously a real implementation would verify more details
about the certificate.
Example client certs can be generated with:
openssl genrsa -out client.key 1024
openssl req -new -x509 -text -key client.key -out client.cert
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 05243104fc0a0ef9537766cf5bd920824665eb78
Component: engine
* Added User Guide section outlines.
* Added User Guide to menu.
* Moved HTTPS example to articles.
* Replaced Hello World example with User Guide.
* Moved use cases out of examples.
* Updated Introduction to add User Guide.
* Redirected migrated /use and /articles links.
* Added Docker.io section
* Added Dockerized section
* Added Using Docker section
* Added Docker Images section
* Added Docker Links section
* Added Docker Volumes section
Docker-DCO-1.1-Signed-off-by: James Turnbull <james@lovedthanlost.net> (github: jamtur01)
Upstream-commit: a7b2c4804b2d98c2b5622db40d3d70b88529d7fe
Component: engine
1. Re-aligns the introduction with the new product positioning.
2. Cleanup of some issues with language and formatting.
3. Makes the introduction leaner and meaner.
4. Responds to feedback from product.
Docker-DCO-1.1-Signed-off-by: James Turnbull <james@lovedthanlost.net> (github: jamtur01)
Upstream-commit: 0056884090726f736af2594b09aaa44e373a84d1
Component: engine
MongoDB article had some fundemental issues.
- Outdated Dockerfile
- Insufficient / unclear instructions
- Unnecessary comments
- Failed to explain the role of Docker.io
- Did not have a complete Dockerfile sample
- Lacked a "learn more" section / link to Trusted Builds
This update aims to address all these issues with a complete re-write.
It also:
- Corrects the label under which this article is/was listed on the menu
Docker-DCO-1.1-Signed-off-by: O.S. Tezer <ostezer@gmail.com> (github: ostezer)
- First run at amending after the initial review process.
- Make the Dockerfile generic.
- Revision.
- Fixes
Upstream-commit: fd5672349490f9cd18933a2508e1890c9e026af5
Component: engine
- git mv archived/* .
- put the links back into the summary document
- reduce the header depth by 1 so the TOC lists each API version
- update the mkdocs.yaml to render the archived API docs, but not add
them to the menu/nav
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@fosiki.com> (github: SvenDowideit)
Upstream-commit: de49e7c0a640aada97ace458a4e5d63f5f52d4eb
Component: engine
This adds back in the references to private repositories and
provides some refactoring to the Working with repositories
documentation including updating references to the "Central"
registry to Docker.io.
It also:
* Fixes some links and references to Central Index
* Fixes anchors in other files to updated titles in Working with Repositories.
* Renamed Central Index in the remaining places.
* Updated terms documentation to reflect Docker.io
* Updated some Docker Index naming to be consistent.
* Updates menu labels and hyperlinks.
Docker-DCO-1.1-Signed-off-by: James Turnbull <james@lovedthanlost.net> (github: jamtur01)
Docker-DCO-1.1-Signed-off-by: O.S. Tezer <ostezer@gmail.com> (github: ostezer)
Upstream-commit: a8871b93b95d1220c860987ae1da4e49c943bfea
Component: engine
Removed a now unused endpoint from the accounts API.
Updated some of the accounts links to point to www.docker.io
as the account signup and resend-email-confirmation links should
no longer point to the index.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: c6060a3b25b94ae4738ac27bbf62cbb914af7ced
Component: engine
relative paths, and also fixed some broken images.
There are still more todo - next PR I think :)
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@fosiki.com> (github: SvenDowideit)
Upstream-commit: ada86fc5b736d8b3209429c584384fd9974a148a
Component: engine
