差分

このページの2つのバージョン間の差分を表示します。

--- linux:podman:simple-container-registry [2024/03/21 05:22] – [レジストリ構築] ともやん
+++ linux:podman:simple-container-registry [2025/03/17 09:43] (現在) – [レジストリ構築] ともやん
@@ 行 6: / 行 6: @@
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">dnf</font> install <font color="#A347BA">-y</font> podman httpd-tools
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">dnf</font> install <font color="#A347BA">-y</font> podman httpd-tools
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 22: / 行 22: @@
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">mkdir</font> <font color="#A347BA">-p</font> /var/lib/registry/<font color="#12488B"><b>{</b></font>auth,certs,data<font color="#12488B"><b>}</b></font> <font color="#12488B"><b>&amp;&amp;</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">ls</font> <font color="#A347BA">-al</font> /var/lib/registry
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">mkdir</font> <font color="#A347BA">-p</font> /var/lib/registry/<font color="#12488B"><b>{</b></font>auth,certs,data<font color="#12488B"><b>}</b></font> <font color="#12488B"><b>&amp;&amp;</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">ls</font> <font color="#A347BA">-al</font> /var/lib/registry
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 37: / 行 37: @@
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">htpasswd</font> <font color="#A347BA">-cB</font> /var/lib/registry/auth/htpasswd tomoyan
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">htpasswd</font> <font color="#A347BA">-cB</font> /var/lib/registry/auth/htpasswd tomoyan
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 45: / 行 45: @@
 </pre></html></WRAP>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">bat</font> <font color="#A347BA">-n</font> <u style="text-decoration-style:single">/var/lib/registry/auth/htpasswd</u>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">bat</font> <font color="#A347BA">-n</font> <u style="text-decoration-style:single">/var/lib/registry/auth/htpasswd</u>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 55: / 行 55: @@
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269">htpasswd</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">htpasswd</font>
 </pre></html></WRAP>
 <WRAP group>
@@ 行 116: / 行 116: @@
 </WRAP><!-- tip -->
-自己署名証明書の作成🤔\\
+自己署名 SSL 証明書の作成🤔\\
+ここではファイル名 wicked-beat.crt を作成する\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-keyout</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.key</u> \
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-keyout</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.key</u> \
-<font color="#A347BA">-x509</font> <font color="#A347BA">-days</font> 365 <font color="#A347BA">-out</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u>  \
+<font color="#A347BA">-x509</font> <font color="#A347BA">-days</font> 365 <font color="#A347BA">-out</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u>  \
-<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/CN=wicked-beat,wicked-beat.fireball.local&quot;</font> \
+<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/CN=localhost,wicked-beat,wicked-beat.fireball.lan&quot;</font> \
-<font color="#A347BA">-addext</font> <font color="#A2734C">&quot;subjectAltName=DNS:wicked-beat,DNS:wicked-beat.fireball.local&quot;</font>
+<font color="#A347BA">-addext</font> <font color="#A2734C">&quot;subjectAltName=DNS:localhost,DNS:wicked-beat,DNS:wicked-beat.fireball.lan&quot;</font>
 </pre></html></WRAP>
-<WRAP color_result_hlong><html><pre>..+..........+..+......+.+.........+...........+......+....+.....+.........+.+++++++++++++++++++++++++++++++++++++++++++++*......+.+..+.......+......+..+...+....+..................+..+...+.+.........+..+.........+....+...+..+.+....................+.+......+..+.......+...........+...+.+.....+......+++++++++++++++++++++++++++++++++++++++++++++*...+............+...+++++
+<WRAP color_result><html><pre>..+..........+..+......+.+.........+...........+......+....+.....+.........+.+++++++++++++++++++++++++++++++++++++++++++++*......+.+..+.......+......+..+...+....+..................+..+...+.+.........+..+.........+....+...+..+.+....................+.+......+..+.......+...........+...+.+.....+......+++++++++++++++++++++++++++++++++++++++++++++*...+............+...+++++
 .....+.+.....+.........+......+...+..........+..+.+++++++++++++++++++++++++++++++++++++++++++++*..........+.......+..+..........+...+..+......+...+.......+.....+.......+.....+.+......+++++++++++++++++++++++++++++++++++++++++++++*....+.....+......+............+..........+...+...+..+.........+....+...........+......+...+..........+...............+............+............+.....+...+.......+...+............+.................+....+.....+.........+......+......+.+...+......+.....+.+.....+....+...+...+..+...+.......+..+.....................+.......+........+...+.+......+.................+.............+.........+...+..+........................+.......+...+..+++++
 -----
@@ 行 130: / 行 131: @@
 </WRAP>
-作成された自己署名証明書の内容確認🤔\\
+作成された自己署名 SSL 証明書の内容確認🤔\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> x<font color="#999999">509 </font><font color="#A347BA">-in</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u></font><font color="#999999"> </font><font color="#A347BA">-text</font><font color="#999999"> </font><font color="#A347BA">-noout</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> x<font color="#999999">509 </font><font color="#A347BA">-in</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u></font><font color="#999999"> </font><font color="#A347BA">-text</font><font color="#999999"> </font><font color="#A347BA">-noout</font>
 </pre></html></WRAP>
 <WRAP color_result_long><html><pre>Certificate:
@@ 行 141: / 行 142: @@
 :86:56:c8:1a:fa:0c:32:13:7b:87:54:10:de:66:12:98:f5:b6:28
         Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN = &quot;wicked-beat,wicked-beat.fireball.local&quot;
+        Issuer: CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
         Validity
             Not Before: Mar 20 20:16:18 2024 GMT
             Not After : Mar 20 20:16:18 2025 GMT
-        Subject: CN = &quot;wicked-beat,wicked-beat.fireball.local&quot;
+        <b class=DiYE>Subject: CN = &quot;localhost,wicked-beat,wicked-beat.fireball.lan&quot;</b>
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ 行 152: / 行 153: @@
 :99:f1:8c:dd:3b:6e:53:8a:1d:79:47:03:d8:48:
 :de:03:79:af:7c:0e:ff:e8:61:b2:48:45:a9:a5:
-                    ee:bf:62:f5:c9:b3:9f:58:fd:8c:65:fa:bc:94:8c:
+〜省略〜
-:1e:c7:e7:3d:8b:e3:0a:79:9d:a5:9b:75:3e:bb:
-b:07:54:9b:0c:87:a5:c0:0c:43:c6:f9:4d:34:d0:
-                    af:bc:61:7a:fc:df:2b:ac:d9:60:3b:72:40:c0:3c:
-:40:12:71:5c:f9:74:05:de:13:a3:0d:32:a2:cc:
-:d9:ea:36:cf:99:78:04:c1:95:bd:e4:68:07:1a:
-:26:9e:75:87:20:5d:a5:97:34:1f:2c:15:0b:cd:
-:99:42:35:07:aa:ec:3c:53:82:6f:f0:96:ec:de:
-a:65:4d:72:a9:cf:ed:28:f3:21:88:d2:2e:ec:02:
-                    fd:8d:dc:39:e2:eb:a8:b3:72:6f:fa:69:09:7a:e7:
-e:85:97:41:f2:6b:e2:06:88:1d:6e:f7:e3:25:af:
-f:94:66:ca:b0:b8:4d:75:a0:12:99:53:4a:93:3e:
-:3c:b6:b5:bd:24:51:f8:50:a4:49:b7:63:27:98:
-:49:d7:cd:f5:0c:ac:73:b9:f4:bd:b1:20:dc:0b:
-:ff:60:dd:2b:bd:a4:74:10:3a:3b:07:ef:e2:08:
-a:30:41:aa:7b:07:50:54:bf:27:76:29:07:f5:c5:
-                    f2:ed:0e:a1:7c:a6:43:9f:03:aa:3e:01:b4:3f:43:
-d:9e:61:a1:bf:5c:90:b1:2e:21:66:e8:e9:e9:0f:
-                    fd:55:45:9e:a3:f8:02:f7:83:17:90:88:90:58:26:
-:7e:2f:26:5e:bb:58:37:03:13:65:9a:15:28:58:
-                    c3:51:22:5f:88:ac:21:a7:7c:44:f5:52:bd:9a:28:
-                    b9:d1:cb:10:78:5f:04:3b:0d:44:8f:39:a1:ae:0a:
-:a2:93:84:c0:42:88:84:f0:fc:3d:90:6f:98:b9:
-:40:b9:a0:51:b7:9f:d7:e1:6d:e1:0d:f3:88:e5:
-:6c:18:63:f3:8e:fd:84:5a:3d:05:76:16:da:25:
-                    e1:39:de:11:ac:d0:fb:c2:9b:7e:6b:c0:42:59:ba:
-b:2a:11:9d:b4:0c:73:cb:c8:cb:e2:11:ff:9d:41:
-:57:56:6c:63:3c:3f:8e:3a:b1:3b:39:33:82:33:
-e:bb:bd:c1:0d:c6:26:fb:10:2f:cc:bd:ef:8b:b8:
-                    c1:a8:b5:88:11:d1:bc:75:27:98:4b:e5:e5:13:2c:
-:e2:18:94:81:a8:1c:06:6f:ba:fb:be:4a:a1:a4:
 :f8:cb:9c:f2:98:43:85:ab:86:80:27:cc:10:b8:
                     ac:5b:41
@@ 行 193: / 行 164: @@
             X509v3 Basic Constraints: critical
                 CA:TRUE
-            X509v3 Subject Alternative Name:
+            <b class=DiYE>X509v3 Subject Alternative Name:
-                DNS:wicked-beat, DNS:wicked-beat.fireball.local
+                DNS:localhost, DNS:wicked-beat, DNS:wicked-beat.fireball.lan</b>
     Signature Algorithm: sha256WithRSAEncryption
     Signature Value:
 :9e:7f:a9:17:6e:86:83:16:fb:2b:45:7b:20:bb:5b:7e:7e:
         c9:77:45:ce:f6:a2:05:c2:c5:cb:9f:22:2b:aa:90:2e:0d:e7:
-a:6d:e9:09:24:3c:c8:1e:bd:43:14:c5:8c:45:0e:6d:66:93:
+〜省略〜
-:6c:69:c8:63:e5:9c:20:4e:77:4f:6e:eb:cc:0e:10:ea:40:
-        fb:be:41:32:e9:c9:c6:a9:93:f6:3e:9a:70:e0:57:1e:4c:2b:
-:23:85:d9:bd:f6:95:40:cd:5f:0f:eb:8b:77:c3:09:f2:b1:
-        f2:7d:02:0d:d6:ec:4d:eb:c4:13:b4:ba:9b:01:4a:ec:eb:79:
-d:da:8d:e2:cc:93:d5:d5:f5:a4:45:4b:25:6a:ee:c1:73:bd:
-        d5:f0:e7:59:1c:b5:e8:96:45:47:6e:8d:bd:ef:5b:06:19:7d:
-:60:f4:56:f5:4f:5e:e1:52:15:df:e2:1c:60:f4:20:5e:7e:
-        c8:7c:09:36:46:93:e8:7a:fa:3c:50:05:bc:8d:16:c6:50:f7:
-:e0:8b:db:f7:6c:3f:17:b3:bf:ac:1d:98:b5:15:59:f1:89:
-e:45:8b:ea:a5:fc:80:6f:fc:cd:da:2e:d6:4c:47:5c:5b:da:
-:99:7f:87:80:ec:07:05:63:17:23:f0:f0:c7:d4:87:8a:fb:
-d:ab:c6:c3:54:37:ad:66:a3:17:f0:27:80:99:39:70:9f:d8:
-e:92:18:04:03:96:3c:6d:12:8c:1c:4f:a6:d2:3d:96:95:36:
-f:4e:ba:12:da:fb:e9:bb:f7:27:d6:37:ce:52:98:40:2c:02:
-a:77:41:85:e3:45:54:2d:23:38:cf:5e:34:13:21:e7:f6:83:
-:1e:9b:9b:5f:bf:54:41:20:68:29:e4:1d:85:7e:8b:a3:39:
-:d7:b6:79:a0:bd:09:b0:31:27:ba:ee:24:ac:f7:95:c8:5c:
-        ac:e2:20:b6:8b:ea:7f:5a:45:15:76:5d:76:18:8e:b0:36:23:
-f:31:2f:27:17:59:6d:37:0a:ea:bf:08:bc:db:1d:2a:e7:89:
-:b1:7f:e8:1c:62:23:ed:cf:44:1a:97:df:d0:8b:8d:45:d1:
-a:f2:cc:2e:ea:97:59:4e:13:45:d2:0d:ee:57:97:b4:aa:05:
-:1b:29:14:47:bc:47:e4:2b:7c:73:bf:30:81:43:a2:88:e0:
-:81:a7:06:42:7f:7e:35:83:33:c3:08:d2:58:a3:ad:9e:48:
-        fe:45:49:e0:d3:e7:91:7c:c0:be:36:5f:c4:82:b2:90:5b:5b:
         ae:c7:0b:d1:19:72:15:2d:67:db:fe:b7:d0:46:c0:87:dc:c1:
         aa:e9:3b:ce:e8:5c:11:e0
@@ 行 229: / 行 176: @@
 </WRAP>
-ホストでの証明書の信頼🤔\\
+クライアント/ホストでの SSL 証明書の信頼🤔\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u> <u style="text-decoration-style:single">/etc/pki/ca-trust/source/anchors/</u>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u> <u style="text-decoration-style:single">/etc/pki/ca-trust/source/anchors/</u>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">update-ca-trust</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">update-ca-trust</font>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269">trust</font> list <font color="#12488B"><b>|</b></font> <font color="#26A269">grep</font> <font color="#A347BA">-i</font> <font color="#A2734C">&quot;wicked-beat&quot;</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">trust</font> list <font color="#12488B"><b>|</b></font> <font color="#26A269">grep</font> <font color="#A347BA">-i</font> <font color="#A2734C">&quot;wicked-beat&quot;</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
-    label: <font color="#C01C28"><b>wicked-beat</b></font>,<font color="#C01C28"><b>wicked-beat</b></font>.fireball.local
+    label: localhost,<font color="#C01C28"><b>wicked-beat</b></font>,<font color="#C01C28"><b>wicked-beat</b></font>.fireball.lan
 </pre></html></WRAP>
 </WRAP>
@@ 行 244: / 行 191: @@
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--add-port=5000/tcp</font> <font color="#A347BA">--zone=internal</font> <font color="#A347BA">--permanent</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--add-port=5000/tcp</font> <font color="#A347BA">--zone=internal</font> <font color="#A347BA">--permanent</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 250: / 行 197: @@
 </pre></html></WRAP>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--add-port=5000/tcp</font> <font color="#A347BA">--zone=public</font> <font color="#A347BA">--permanent</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--add-port=5000/tcp</font> <font color="#A347BA">--zone=public</font> <font color="#A347BA">--permanent</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 256: / 行 203: @@
 </pre></html></WRAP>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--reload</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">firewall-cmd</font> <font color="#A347BA">--reload</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
@@ 行 263: / 行 210: @@
 </WRAP>
-===== レジストリの起動 =====
+===== レジストリの起動/停止 =====
+最新バージョンは [[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で確認できる🤔\\
+レジストリの起動🤔\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">podman</font> run <font color="#A347BA">--name</font> myregistry \
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">podman</font> run <font color="#A347BA">-d</font> <font color="#A347BA">--restart</font> always <font color="#A347BA">--name</font> registry \
 <font color="#A347BA">-p</font> 5000:5000 \
 <font color="#A347BA">-v</font> /var/lib/registry/data:/var/lib/registry:z \
 <font color="#A347BA">-v</font> /var/lib/registry/auth:/auth:z \
-<font color="#A347BA">-e</font> <font color="#A2734C">&quot;REGISTRY_AUTH=htpasswd&quot;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_AUTH=htpasswd&apos;</font> \
-<font color="#A347BA">-e</font> <font color="#A2734C">&quot;REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm&quot;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm&apos;</font> \
 <font color="#A347BA">-e</font> REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
 <font color="#A347BA">-v</font> /var/lib/registry/certs:/certs:z \
-<font color="#A347BA">-e</font> <font color="#A2734C">&quot;REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt&quot;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wicked-beat.crt&apos;</font> \
-<font color="#A347BA">-e</font> <font color="#A2734C">&quot;REGISTRY_HTTP_TLS_KEY=/certs/domain.key&quot;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_KEY=/certs/wicked-beat.key&apos;</font> \
 <font color="#A347BA">-e</font> REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED=true \
-<font color="#A347BA">-d</font> \
+<font color="#A347BA">-e</font> REGISTRY_STORAGE_DELETE_ENABLED=true \
 docker.io/library/registry:2.8.3
 </pre></html></WRAP>
@@ 行 293: / 行 243: @@
 </pre></html></WRAP>
 </WRAP>
-[[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で最新バージョンを確認できる🤔\\
+レジストリを停止する場合...🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">sh</font> <font color="#A347BA">-c</font> <font color="#A2734C">&apos;podman stop registry &amp;&amp; podman rm registry&apos;</font>
+</pre></html></WRAP>
+</WRAP>
+レジストリへのアクセス確認🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">curl</font><font color="#FF9999"> </font><font color="#A347BA">-u</font><font color="#FF9999"> tomoyan https://wicked-beat:5000/v2/_catalog</font>
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+Enter host password for user &apos;tomoyan&apos;:
+{&quot;repositories&quot;:[]}
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+registry
+registry
+</pre></html></WRAP>
+</WRAP>
+証明書の検証🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font><font color="#999999"> s_client </font><font color="#A347BA">-connect</font><font color="#999999"> wicked-beat:5000 </font><font color="#A347BA">-servername</font><font color="#999999"> wicked-beat</font>
+</pre></html></WRAP>
+<WRAP color_result_long><html><pre>
+CONNECTED(00000003)
+depth=0 CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+verify return:1
+---
+Certificate chain
+s:CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+   i:CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
+   v:NotBefore: Mar 20 20:20:12 2024 GMT; NotAfter: Mar 20 20:20:12 2025 GMT
+---
+Server certificate
+-----BEGIN CERTIFICATE-----
+MIIFeTCCA2GgAwIBAgIUItMtxtFJlg4OwxuJ/3QYs5TB5JEwDQYJKoZIhvcNAQEL
+BQAwMTEvMC0GA1UEAwwmd2lja2VkLWJlYXQsd2lja2VkLWJlYXQuZmlyZWJhbGwu
+bG9jYWwwHhcNMjQwMzIwMjAyMDEyWhcNMjUwMzIwMjAyMDEyWjAxMS8wLQYDVQQD
+〜省略〜
+I72x52OQk9dfvXp2yiXhTSjZVcqY2axwvdEm8dA7kBE+vImTbxUJYzGWetMo3n4a
+oZEMw11w4NNmuw1fvw==
+-----END CERTIFICATE-----
+subject=CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+issuer=CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+---
+No client certificate CA names sent
+Peer signing digest: SHA256
+Peer signature type: RSA-PSS
+Server Temp Key: X25519, 253 bits
+---
+SSL handshake has read 2201 bytes and written 379 bytes
+Verification: OK
+---
+New, TLSv1.3, Cipher is TLS_CHACHA20_POLY1305_SHA256
+Server public key is 4096 bit
+This TLS version forbids renegotiation.
+Compression: NONE
+Expansion: NONE
+No ALPN negotiated
+Early data was not sent
+Verify return code: 0 (ok)
+---
+---
+Post-Handshake New Session Ticket arrived:
+SSL-Session:
+    Protocol  : TLSv1.3
+    Cipher    : TLS_CHACHA20_POLY1305_SHA256
+    Session-ID: A930863BF5140DE8683A6A979F0BA450D05FE1871A5DF7C41B21412014C626BB
+    Session-ID-ctx:
+    Resumption PSK: 8A1A0CC8DBCD3534B4B3BD4572450A4DE453E6FB693AFCC8A371F8BAA22D33AE
+    PSK identity: None
+    PSK identity hint: None
+    SRP username: None
+    TLS session ticket lifetime hint: 604800 (seconds)
+    TLS session ticket:
+- 43 d1 3e 3d 52 05 5d 46-04 5a 5e 6c 78 f3 be 80   C.&gt;=R.]F.Z^lx...
+- 13 48 4b 79 4a df 76 2b-e0 29 5f 5b e1 81 e3 f6   .HKyJ.v+.)_[....
+- 16 b3 4a 66 84 78 41 26-22 4b 5e a9 f6 0a 5f f6   ..Jf.xA&amp;&quot;K^..._.
+- 84 45 b9 da 86 77 e2 cf-d6 ac bf c1 6b ac 9d 7d   .E...w......k..}
+- d9 5a eb 61 9c e4 f6 8f-10 8e 0e 99 37 70 a5 75   .Z.a........7p.u
+- 38 e0 3b f3 2f fa b9 fb-60 d4 82 6e 8a cb 55 56   8.;./...`..n..UV
+- 49 5a 21 6f 1a 25 31 ca-26 c2 ce 22 00 0e a7 e1   IZ!o.%1.&amp;..&quot;....
+- 28                                                (
+    Start Time: 1710966295
+    Timeout   : 7200 (sec)
+    Verify return code: 0 (ok)
+    Extended master secret: no
+    Max Early Data: 0
+---
+read R BLOCK
+</pre></html></WRAP>
+</WRAP>
+レジストリにログインする🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> login wicked-beat:5000
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+Username: tomoyan
+Password:
+Login Succeeded!
+</pre></html></WRAP>
+</WRAP>
+ログイン中の認証情報は <html><code>/run/user/&lt;gid&gt;/containers/auth.json</code></html> に base64 エンコードで保存されている🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">bat</font> <font color="#A347BA">-n</font> <u style="text-decoration-style:single">/run/user/1000/containers/auth.json</u>
+</pre></html></WRAP>
+<WRAP color_result><html><pre class=Bat>
+<font color="#444444">   1</font> <font color="#FFFFFF">{</font>
+<font color="#444444">   2</font> <font color="#FFFFFF">    </font><font color="#FF8700">&quot;auths&quot;</font><font color="#FFFFFF">: {</font>
+<font color="#444444">   3</font> <font color="#FFFFFF">        </font><font color="#FF8700">&quot;wicked-beat:5000&quot;</font><font color="#FFFFFF">: {</font>
+<font color="#444444">   4</font> <font color="#FFFFFF">            </font><font color="#FF8700">&quot;auth&quot;</font><font color="#FFFFFF">: </font><font color="#D7D787">&quot;aB1cd2efghiJklMnOPQ3STUv&quot;</font>
+<font color="#444444">   5</font> <font color="#FFFFFF">        }</font>
+<font color="#444444">   6</font> <font color="#FFFFFF">    }</font>
+<font color="#444444">   7</font> <font color="#FFFFFF">}</font>
+</pre></html></WRAP>
+</WRAP>
+レジストリからログアウトする🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> logout wicked-beat:5000
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+Removed login credentials for wicked-beat:5000
+</pre></html></WRAP>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">bat</font> <font color="#A347BA">-n</font> <u style="text-decoration-style:single">/run/user/1000/containers/auth.json</u>
+</pre></html></WRAP>
+<WRAP color_result><html><pre class=Bat>
+<font color="#444444">   1</font> <font color="#FFFFFF">{</font>
+<font color="#444444">   2</font> <font color="#FFFFFF">    </font><font color="#FF8700">&quot;auths&quot;</font><font color="#FFFFFF">: {}</font>
+<font color="#444444">   3</font> <font color="#FFFFFF">}</font>
+</pre></html></WRAP>
+</WRAP>
+===== レジストリへのプッシュ/プル =====
+ログインする🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> login wicked-beat:5000
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+Username: tomoyan
+Password:
+Login Succeeded!
+</pre></html></WRAP>
+</WRAP>
+プッシュする🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> push localhost/haruo_podman:0.01 wicked-beat:5000/haruo_podman:v0.01
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+Getting image source signatures
+Copying blob 10650e391d43 done   |
+Copying blob aacbd0b4169c done   |
+Copying blob 80f811a7d4fe done   |
+Copying blob 53f86715cdba done   |
+Copying blob eb2eb8ccdc68 done   |
+Copying config f291a9bf30 done   |
+Writing manifest to image destination
+</pre></html></WRAP>
+</WRAP>
+プッシュされた内容を確認する🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> search wicked-beat:5000/
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+NAME                           DESCRIPTION
+wicked-beat:5000/haruo_podman
+</pre></html></WRAP>
+</WRAP>
+削除してみる🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">skopeo</font> <font color="#A347BA">--debug</font> delete docker://wicked-beat:5000/haruo_podman:v0.01
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+<font color="#D0CFCC">DEBU</font>[0000] Using registries.d directory /etc/containers/registries.d
+<font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration &quot;/etc/containers/registries.conf&quot;
+<font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration &quot;/etc/containers/registries.conf.d/000-shortnames.conf&quot;
+<font color="#D0CFCC">DEBU</font>[0000] Found credentials for wicked-beat:5000/haruo_podman in credential helper containers-auth.json in file /run/user/1000/containers/auth.json
+<font color="#D0CFCC">DEBU</font>[0000]  No signature storage configuration found for wicked-beat:5000/haruo_podman:v0.01, using built-in default file:///home/tomoyan/.local/share/containers/sigstore
+<font color="#D0CFCC">DEBU</font>[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/wicked-beat:5000
+<font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/
+<font color="#D0CFCC">DEBU</font>[0000] Ping https://wicked-beat:5000/v2/ status 401
+<font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/haruo_podman/manifests/v0.01
+<font color="#D0CFCC">DEBU</font>[0000] DELETE https://wicked-beat:5000/v2/haruo_podman/manifests/sha256:f652ef85a8862285775a01c6dd279c35debd0b581c41e209875c3ab1d3ceacd7
+<font color="#D0CFCC">DEBU</font>[0000] Deleting /home/tomoyan/.local/share/containers/sigstore/haruo_podman@sha256=f652ef85a8862285775a01c6dd279c35debd0b581c41e209875c3ab1d3ceacd7/signature-1
+</pre></html></WRAP>
+</WRAP>
+削除しても消えないが、配布には使える🤪\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">podman</font> search wicked-beat:5000/
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+NAME                           DESCRIPTION
+wicked-beat:5000/haruo_podman
+</pre></html></WRAP>
+</WRAP>
+プッシュしたら二度と消せない🤪\\
+コンテナ起動時に REGISTRY_STORAGE_DELETE_ENABLED=true も指定してるし、docker v2 API で DELETE も実行している🤔\\
+<WRAP color_term>
+<WRAP color_command><html><pre>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269">skopeo</font> <font color="#A347BA">--debug</font> delete docker://wicked-beat:5000/haruo_podman:v0.01
+</pre></html></WRAP>
+<WRAP color_result><html><pre>
+<font color="#D0CFCC">DEBU</font>[0000] Using registries.d directory /etc/containers/registries.d
+<font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration &quot;/etc/containers/registries.conf&quot;
+<font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration &quot;/etc/containers/registries.conf.d/000-shortnames.conf&quot;
+<font color="#D0CFCC">DEBU</font>[0000] Found credentials for wicked-beat:5000/haruo_podman in credential helper containers-auth.json in file /run/user/1000/containers/auth.json
+<font color="#D0CFCC">DEBU</font>[0000]  No signature storage configuration found for wicked-beat:5000/haruo_podman:v0.01, using built-in default file:///home/tomoyan/.local/share/containers/sigstore
+<font color="#D0CFCC">DEBU</font>[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/wicked-beat:5000
+<font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/
+<font color="#D0CFCC">DEBU</font>[0000] Ping https://wicked-beat:5000/v2/ status 401
+<font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/haruo_podman/manifests/v0.01
+<font color="#C01C28">FATA</font>[0000] Unable to delete wicked-beat:5000/haruo_podman:v0.01. Image may not exist or is not stored with a v2 Schema in a v2 registry
+</pre></html></WRAP>
+</WRAP>
 ===== 参考文献 =====
 [[https://www.redhat.com/sysadmin/simple-container-registry|How to implement a simple personal/private Linux container image registry for internal use | Enable Sysadmin]] [[gtr>https://www.redhat.com/sysadmin/simple-container-registry|翻訳]]\\
 [[https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|Tutorial: Host a Local Podman Image Registry - The New Stack]] [[gtr>https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|翻訳]]\\
+[[git>quay/quay|quay/quay: Build, Store, and Distribute your Applications and Containers]]\\
+[[https://github.com/quay/quay/blob/master/docs/quick-local-deployment.md|quay/docs/quick-local-deployment.md at master · quay/quay]]\\
+[[https://access.redhat.com/docum.entation/ja-jp/red_hat_quay/2.9/html-single/deploy_red_hat_quay_-_basic/index|Deploy Red Hat Quay - Basic Red Hat Quay 2.9 | Red Hat Customer Portal]] [[gtr>https://access.redhat.com/documentation/ja-jp/red_hat_quay/2.9/html-single/deploy_red_hat_quay_-_basic/index|翻訳]]\\