Proxy Repository for Docker Unable to pull images

• Sonatype Nexus Repository [OSS 3.59.0-01]

Dear Community members, I currently evaluating nexus repository manger to be use instead of JFrog Artifactory (Pro); I’m currently on the “remote repository” part.

I manage to setup a couple of APT remote repositires, now I’m struggling to set the dockerhub proxy remote repository

here are some documentation url I followed:

• Proxy Repository for Docker (sonatype.com)
  Here is what I have so far:
• I have a remote docker hub proxy repository available under: https://nexuslab.domain.eu/repository/docker-hub-proxy/
  • when I test this url with a simple curl command:
    • from the nexus server:

$ curl -I https://nexuslab.domain.eu/
    HTTP/1.1 200 OK
$ curl -I https://nexuslab.domain.eu/repository/docker-remote/v2/ -u svc-nexus-api
Enter host password for user 'svc-nexus-api':
    HTTP/1.1 200 OK

- from a another server (running docker):

 curl -I https://nexuslab.domain.eu/repository/docker-remote/v2/ -u svc-nexus-api
Enter host password for user 'svc-nexus-api':
HTTP/1.1 200 OK

$ docker login nexuslab.domain.eu/repository/docker-remote/v2/
Username: svc-nexus-api
Password:
Error response from daemon: login attempt to https://nexuslab.domain.eu/v2/ failed with status: 404 Not Found

• when I try to pull a docker image, I ve got an Error 404

Error response from daemon: error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "
<!DOCTYPE html>
<html lang=\"en\">
<head>
  <title>404 - Sonatype Nexus Repository</title>
. . .
<div class=\"nexus-body\">
  <div class=\"content-header\">
    <img src=\"../../../../static/rapture/resources/icons/x32/exclamation.png?3.59.0-01\" alt=\"Exclamation point\" aria-role=\"presentation\"/>
    <span class=\"title\">Error 404</span>
    <span class=\"description\">Not Found</span>
. . .

• config in place at nexus web ui level:
  
  

  nexus3-ui-docker-hub-00001852×1051 65 KB

( due to the restrictions in place, please find other screens caputres in replies below)

• config in place on the docker server (to target nexus server):

ubuntuadmin@dokcerlab:~$  curl -I https://nexuslab.domain.eu/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 05 Aug 2024 08:27:02 GMT
Content-Type: text/html
Content-Length: 7927
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 05 Aug 2024 08:27:02 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
Expires: 0

• file: /etc/docker/daemon.json

{
  "registry-mirrors": [ "https://nexuslab.domain.eu" ],
}

• File: .docker/config.json

{
        "auths": {
                "artifactorylab.my.domain.lu": {
                        "auth": "<mysupertokenvaluehere>=="
                }
        }
}

I obviously setup something wrong

Can you point me to the good direction ?

Thanks in advance for your time and help.
kr,

I believe the issue you see is caused by choosing port 443 for docker. It appears you otherwise have Nexus using 443 to serve content so it can’t also be used for Docker.

The issue is that the docker client requires that content be served from /

Hello Thanks for your answer, if I’m not mistaken you invite me to setup and nginx reverse proxy server in front of my Nexus3 repository manager instance ?

• edit file: `etc/nginx/conf.d/nexuslab.conf

ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate      /opt/nexus/etc/ssl/nexuslab/nexuslab.crt;
ssl_certificate_key  /opt/nexus/etc/ssl/nexuslab/nexuslab.key;
server {
    listen 443 ssl;
    server_name nexuslab.my.domain;
    location / {
        proxy_pass http://localhost:8081;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

and then add a block that target a specific port for Docker ? Am I right ?