Fix docker registry proxy

Our proxy was always returning 404 on content blobs because the
CDN part of the proxy was not matching since it appeared after
a greedier match.

Change-Id: Ie88a0e1f554922f6328809b3d96266cc7a20152b
This commit is contained in:
James E. Blair 2019-02-21 11:22:08 -08:00
parent 371d9e8a1c
commit e3170854f9
1 changed files with 8 additions and 7 deletions

View File

@ -390,13 +390,6 @@ LogFormat "%h %l %u %t \"%r\" %>s %b %{cache-status}e \"%{Referer}i\" \"%{User-a
CacheDefaultExpire 86400
CacheStoreExpired On
# NOTE(SamYaple): Docker has historically not allowed to have anything in
# the URI, but it wasn't enforced until they started validating the config
# in docker-ce 17.10. Prior to that, it was working fine.
CacheEnable disk "/"
ProxyPass "/" "https://registry-1.docker.io/" ttl=120 keepalive=On retry=0
ProxyPassReverse "/" "https://registry-1.docker.io/"
# dseasb33srnrn.cloudfront.net
CacheEnable disk "/cloudfront"
ProxyPass "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/" ttl=120 keepalive=On retry=0
@ -407,4 +400,12 @@ LogFormat "%h %l %u %t \"%r\" %>s %b %{cache-status}e \"%{Referer}i\" \"%{User-a
ProxyPass "/cloudflare/" "https://production.cloudflare.docker.com/" ttl=120 keepalive=On retry=0
ProxyPassReverse "/cloudflare/" "https://production.cloudflare.docker.com/"
# NOTE(SamYaple): Docker has historically not allowed to have anything in
# the URI, but it wasn't enforced until they started validating the config
# in docker-ce 17.10. Prior to that, it was working fine.
# NOTE(corvus): Ensure this stanza is last since it's the most
# greedy match.
CacheEnable disk "/"
ProxyPass "/" "https://registry-1.docker.io/" ttl=120 keepalive=On retry=0
ProxyPassReverse "/" "https://registry-1.docker.io/"
</VirtualHost>