version: '3.8'
services:
  registry-mirror:
    image: ${REGISTRY_DOCKER_IMAGE}
    ports:
      - 5000:5000
    volumes:
      - ${CACHES_DIR}/registry_images:/data
    environment:
      REGISTRY_HTTP_ADDR: :5000
      REGISTRY_HTTP_HOST: http://0.0.0.0:5000
      REGISTRY_HTTP_SECRET: ${REGISTRY_HTTP_SECRET:-CHANGEME}
      REGISTRY_PROXY_REMOTEURL: ${REGISTRY_PROXY_REMOTEURL:-https://registry-1.docker.io}
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    configs:
      - source: registry-config
        target: /etc/docker/registry/config.yml
    deploy:
      mode: replicated
      replicas: 1
      restart_policy:
        condition: on-failure
    # secrets:
    #   - source: regmirror_tls_cert
    #     target: /var/lib/registry/regmirror:5000.cert
    #     uid: '0'
    #     gid: '0'
    #     mode: 0400
    #   - source: regmirror_tls_key
    #     target: /var/lib/registry/regmirror:5000.key
    #     uid: '0'
    #     gid: '0'
    #     mode: 0400
    #   - source: regmirror_ca_crt
    #     target: /var/lib/registry/ca.crt
    #     uid: '0'
    #     gid: '0'
    #     mode: 0400


# secrets:
#   regmirror_tls_cert:
#     file: regmirror.cert
#   regmirror_tls_key:
#     file: regmirror.key
#   regmirror_ca_crt:
#     file: ca.crt

configs:
  registry-config:
    file: ${CLUSTER_PATH}/registry.yml

volumes:
  registry_data: