Docker repository configuration when inside a container confusion

Sonatype Nexus Repository
,
1

Hi folks. I am trying to get Nexus working for hosting our internal docker images.

  • I am using the official docker image sonatype/nexus3:3.89.1-alpine
  • The only port being exposed is 8081
  • I am running nginx as the reverse proxy
  • There are currently no other sites running on this server, it will probably be dedicated to Nexus

The Setup

My nginx configuration file /etc/nginx/sites-available/nexus.conf looks like this: (as per offical docs)

server {
  listen *:80;
  listen *:443 ssl;

  server_name  reg.{{ domain }};

  # allow large uploads of files
  client_max_body_size 1G;

  # optimize downloading files larger than 1G
  #proxy_max_temp_file_size 2G;

  ssl on;
  ssl_certificate /etc/nginx/ssl/nexus.crt;
  ssl_certificate_key /etc/nginx/ssl/nexus.key;

  # Docker /v2 and /v1 (for search) requests
  location /v2 {
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto "https";
    proxy_pass http://127.0.0.1:8081/repository/my-docker-repo/$request_uri;
  }
  location /v1 {
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto "https";
    proxy_pass http://127.0.0.1:8081/repository/my-docker-repo/$request_uri;
  }

  location / {
    # Use IPv4 upstream address instead of DNS name to avoid attempts by nginx to use IPv6 DNS lookup
    proxy_pass http://127.0.0.1:8081/;
    proxy_pass_header Server;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

My repo config

image
image924Ă—1276 104 KB

The Problem

I can successfully login to the repository using docker login reg.mydomain.internal

I have an image prepared already, and tagged to reg.mydomain.internal/foo:1

The push fails with an error

error from registry: blob upload unknown to registry - Attempting to complete upload with uuid: db20b7b4-b011-4dd8-a7bb-be9be097ea43 and name: foo with different name: my-docker-repo/foo

The documentation that I have found is a bit light on the “Other Connectors” and how that affects the push/pull URLs. It’s also hard to Google for because I get swamped with articles about docker “proxy” repos instead of the proxy itself.

Any help gratefully received,

Thanks

2

Aah, I missed an important little bit of text on the repo setup, “or leave blank if using a reverse proxy”. I just had to select “Other Connectors” and leave the rest blank. Now it works.

Leaving this here for future travellers.

1 Like