差分

このページの2つのバージョン間の差分を表示します。

--- linux:podman:simple-container-registry [2025/02/20 08:02] – ともやん
+++ linux:podman:simple-container-registry [2025/03/17 09:43] (現在) – [レジストリ構築] ともやん
@@ 行 116: / 行 116: @@
 </WRAP><!-- tip -->
-自己署名証明書の作成🤔\\
+自己署名 SSL 証明書の作成🤔\\
+ここではファイル名 wicked-beat.crt を作成する\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-keyout</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.key</u> \
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-keyout</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.key</u> \
-<font color="#A347BA">-x509</font> <font color="#A347BA">-days</font> 365 <font color="#A347BA">-out</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u>  \
+<font color="#A347BA">-x509</font> <font color="#A347BA">-days</font> 365 <font color="#A347BA">-out</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u>  \
-<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/CN=localhost,wicked-beat,wicked-beat.fireball.local&quot;</font> \
+<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/CN=localhost,wicked-beat,wicked-beat.fireball.lan&quot;</font> \
-<font color="#A347BA">-addext</font> <font color="#A2734C">&quot;subjectAltName=DNS:localhost,DNS:wicked-beat,DNS:wicked-beat.fireball.local&quot;</font>
+<font color="#A347BA">-addext</font> <font color="#A2734C">&quot;subjectAltName=DNS:localhost,DNS:wicked-beat,DNS:wicked-beat.fireball.lan&quot;</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>..+..........+..+......+.+.........+...........+......+....+.....+.........+.+++++++++++++++++++++++++++++++++++++++++++++*......+.+..+.......+......+..+...+....+..................+..+...+.+.........+..+.........+....+...+..+.+....................+.+......+..+.......+...........+...+.+.....+......+++++++++++++++++++++++++++++++++++++++++++++*...+............+...+++++
@@ 行 130: / 行 131: @@
 </WRAP>
-作成された自己署名証明書の内容確認🤔\\
+作成された自己署名 SSL 証明書の内容確認🤔\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> x<font color="#999999">509 </font><font color="#A347BA">-in</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u></font><font color="#999999"> </font><font color="#A347BA">-text</font><font color="#999999"> </font><font color="#A347BA">-noout</font>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">openssl</font> x<font color="#999999">509 </font><font color="#A347BA">-in</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u></font><font color="#999999"> </font><font color="#A347BA">-text</font><font color="#999999"> </font><font color="#A347BA">-noout</font>
 </pre></html></WRAP>
 <WRAP color_result_long><html><pre>Certificate:
@@ 行 145: / 行 146: @@
             Not Before: Mar 20 20:16:18 2024 GMT
             Not After : Mar 20 20:16:18 2025 GMT
-        Subject: CN = &quot;localhost,wicked-beat,wicked-beat.fireball.local&quot;
+        <b class=DiYE>Subject: CN = &quot;localhost,wicked-beat,wicked-beat.fireball.lan&quot;</b>
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ 行 164: / 行 165: @@
                 CA:TRUE
             <b class=DiYE>X509v3 Subject Alternative Name:
-                DNS:localhost, DNS:wicked-beat, DNS:wicked-beat.fireball.local</b>
+                DNS:localhost, DNS:wicked-beat, DNS:wicked-beat.fireball.lan</b>
     Signature Algorithm: sha256WithRSAEncryption
     Signature Value:
@@ 行 175: / 行 176: @@
 </WRAP>
-ホストでの証明書の信頼🤔\\
+クライアント/ホストでの SSL 証明書の信頼🤔\\
 <WRAP color_term>
 <WRAP color_command><html><pre>
-<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:single">/var/lib/registry/certs/domain.crt</u> <u style="text-decoration-style:single">/etc/pki/ca-trust/source/anchors/</u>
+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:single">/var/lib/registry/certs/wicked-beat.crt</u> <u style="text-decoration-style:single">/etc/pki/ca-trust/source/anchors/</u>
 <font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">update-ca-trust</font>
 <font color="#0087FF"><b>$</b></font> <font color="#26A269">trust</font> list <font color="#12488B"><b>|</b></font> <font color="#26A269">grep</font> <font color="#A347BA">-i</font> <font color="#A2734C">&quot;wicked-beat&quot;</font>
 </pre></html></WRAP>
 <WRAP color_result><html><pre>
-    label: localhost,<font color="#C01C28"><b>wicked-beat</b></font>,<font color="#C01C28"><b>wicked-beat</b></font>.fireball.local
+    label: localhost,<font color="#C01C28"><b>wicked-beat</b></font>,<font color="#C01C28"><b>wicked-beat</b></font>.fireball.lan
 </pre></html></WRAP>
 </WRAP>
@@ 行 210: / 行 211: @@
 ===== レジストリの起動/停止 =====
+最新バージョンは [[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で確認できる🤔\\
 レジストリの起動🤔\\
 <WRAP color_term>
@@ 行 221: / 行 224: @@
 <font color="#A347BA">-e</font> REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
 <font color="#A347BA">-v</font> /var/lib/registry/certs:/certs:z \
-<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt&apos;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wicked-beat.crt&apos;</font> \
-<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_KEY=/certs/domain.key&apos;</font> \
+<font color="#A347BA">-e</font> <font color="#A2734C">&apos;REGISTRY_HTTP_TLS_KEY=/certs/wicked-beat.key&apos;</font> \
 <font color="#A347BA">-e</font> REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED=true \
 <font color="#A347BA">-e</font> REGISTRY_STORAGE_DELETE_ENABLED=true \
@@ 行 240: / 行 243: @@
 </pre></html></WRAP>
 </WRAP>
-[[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で最新バージョンを確認できる🤔\\
 レジストリを停止する場合...🤔\\