Собственный Docker Registry с самоподписанным TLS сертификатом

$ sudo vi /etc/hosts

127.0.0.1 registry.local

$ cd ~/tmp/
$ git clone https://bitbucket.org/sysadm-ru/self-hosted-docker-registry
$ cd self-hosted-docker-registry/security/tls/
$ docker-compose up

// Забираем из запущенного контейнера сертификаты

$ cd ~
$ docker cp tls_secured_1:/certs .
$ sudo cp certs/selfsigned.crt /usr/local/share/ca-certificates/
$ sudo update-ca-certificates

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

// Если есть желание проверить

$ docker pull busybox
$ docker image tag busybox registry.local/busybox
$ docker image push registry.local/busybox

$ curl --insecure https://registry.local/v2/_catalog

{"repositories":["busybox"]}

# vi /etc/hosts

192.168.0.11 registry.local

$ sudo cp certs/selfsigned.crt /usr/local/share/ca-certificates/
$ sudo update-ca-certificates

$ docker pull mongo
$ docker tag mongo registry.local/mongo
$ docker push registry.local/mongo

$ curl --insecure https://registry.local/v2/_catalog

{"repositories":["busybox","mongo"]}