Docker Configuration¶
docker:
enabled: true
repository:
- name: docker
registry: https://registry-1.docker.io
auth-token-url: https://auth.docker.io
work-mode: strict_wait
Docker uses standard Registry API v2 endpoints. The repository name from the configuration is not added to the client path.
For Docker Hub, OSA Proxy Go can be configured as a registry mirror in /etc/docker/daemon.json:
Restart the Docker daemon after changing the file.
If several Docker repositories are enabled, use subdomains where the subdomain matches repository[*].name:
This is required by Docker Registry API v2 semantics: the client always uses fixed paths such as /v2/... and /token, so the OSA Proxy Go repository name cannot be added as the first path segment as it is for npm, Maven, or PyPI. With a single Docker repository, OSA Proxy Go can serve it through the main host. With several Docker repositories, the service selects the repository configuration by the request host.
For example, for this configuration:
docker:
enabled: true
repository:
- name: dockerhub
registry: https://registry-1.docker.io
auth-token-url: https://auth.docker.io
- name: company
registry: https://registry.company.example
auth-token-url: https://registry.company.example
clients must use different hostnames:
docker pull dockerhub.osa-proxy.example.com/library/alpine:latest
docker pull company.osa-proxy.example.com/team/image:latest
For this setup, configure wildcard DNS or separate DNS records for the subdomains, a TLS certificate that covers these names, and a reverse proxy/load balancer that forwards requests to OSA Proxy Go while preserving the original Host.