From 47ea50484b57c34ac9c5dbb3ac792734830bfdde Mon Sep 17 00:00:00 2001
From: Giles Bradshaw <giles.bradshaw@sigyl.com>
Date: Sun, 10 May 2020 08:37:27 +0100
Subject: [PATCH] move registry to proxy

---
 docker-compose-proxy.yml | 50 ++++++++++++++++++++++++++++++++++++++++
 docker-compose.yml       | 45 ------------------------------------
 2 files changed, 50 insertions(+), 45 deletions(-)

diff --git a/docker-compose-proxy.yml b/docker-compose-proxy.yml
index 45a0156..3a47016 100644
--- a/docker-compose-proxy.yml
+++ b/docker-compose-proxy.yml
@@ -86,6 +86,51 @@ services:
       - NGROK_AUTH_TOKEN=${NGROK_AUTH_TOKEN}
     networks:
       - appnet
+  registry:
+    # internal registry
+    deploy:
+      placement:
+        constraints: [node.labels.com.sigyl.git-stack == yes]
+      replicas: 1
+      restart_policy:
+        condition: any
+    image: registry:2
+    volumes:
+      - registry-data:/var/lib/registry
+    environment:
+      - REGISTRY_HTTP_ADDR=0.0.0.0:5000
+      - REGISTRY_HTTP_TLS_CERTIFICATE="/run/secrets/registry-cert"
+      - REGISTRY_HTTP_TLS_KEY="/run/secrets/registry-key"
+    networks:
+      - appnet
+    secrets:
+      - registry-cert
+      - registry-key
+    ports:
+      - 5003:5000
+  registry-cache:
+    # registry cache (used?)
+    deploy:
+      placement:
+        constraints: [node.labels.com.sigyl.git-stack == yes]
+      replicas: 1
+      restart_policy:
+        condition: any
+    image: registry:2
+    ports:
+      - 5002:5001
+    volumes:
+      - registry-cache-data:/var/lib/registry
+    environment:
+      - REGISTRY_HTTP_ADDR=0.0.0.0:5001
+      - REGISTRY_HTTP_TLS_CERTIFICATE="/run/secrets/registry-cert"
+      - REGISTRY_HTTP_TLS_KEY="/run/secrets/registry-key"
+      - REGISTRY_PROXY_REMOTEURL=http://registry-1.docker.io
+    networks:
+      - appnet
+    secrets:
+      - registry-cert
+      - registry-key  
   registry-1:
     deploy:
       placement:
@@ -113,3 +158,8 @@ networks:
   externalnet:
     driver: overlay
     external: true
+secrets:
+  'registry-cert':
+    file: .certificates/registry.crt
+  'registry-key':
+    file: .certificates/registry.key
diff --git a/docker-compose.yml b/docker-compose.yml
index c97b5a4..c3054b4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -98,51 +98,6 @@ services:
       - SIGYL_STACK_ROOT=$SIGYL_STACK_ROOT
     networks:
       - appnet
-  registry:
-    # internal registry
-    deploy:
-      placement:
-        constraints: [node.labels.com.sigyl.git-stack == yes]
-      replicas: 1
-      restart_policy:
-        condition: any
-    image: registry:2
-    volumes:
-      - registry-data:/var/lib/registry
-    environment:
-      - REGISTRY_HTTP_ADDR=0.0.0.0:5000
-      - REGISTRY_HTTP_TLS_CERTIFICATE="/run/secrets/registry-cert"
-      - REGISTRY_HTTP_TLS_KEY="/run/secrets/registry-key"
-    networks:
-      - appnet
-    secrets:
-      - registry-cert
-      - registry-key
-    ports:
-      - 5003:5000
-  registry-cache:
-    # registry cache (used?)
-    deploy:
-      placement:
-        constraints: [node.labels.com.sigyl.git-stack == yes]
-      replicas: 1
-      restart_policy:
-        condition: any
-    image: registry:2
-    ports:
-      - 5002:5001
-    volumes:
-      - registry-cache-data:/var/lib/registry
-    environment:
-      - REGISTRY_HTTP_ADDR=0.0.0.0:5001
-      - REGISTRY_HTTP_TLS_CERTIFICATE="/run/secrets/registry-cert"
-      - REGISTRY_HTTP_TLS_KEY="/run/secrets/registry-key"
-      - REGISTRY_PROXY_REMOTEURL=http://registry-1.docker.io
-    networks:
-      - appnet
-    secrets:
-      - registry-cert
-      - registry-key  
   ghost:
     # ghost blog
     deploy: