Add a non-tls example config (#209)

cesanta · Feb 2, 2018 · 509a03a · 509a03a
1 parent 7c0b9aa
commit 509a03a
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/examples/non_tls.yml b/examples/non_tls.yml
@@ -0,0 +1,33 @@
+# A non-tls example. See reference.yml for explanation of all options.
+#
+#  auth:
+#    token:
+#      realm: "http://127.0.0.1:5001/auth"
+#      service: "Docker registry"
+#      issuer: "Acme auth server"
+#      rootcertbundle: "/path/to/server.pem"
+
+server:
+  addr: ":5001"
+
+token:
+  issuer: "Acme auth server"  # Must match issuer in the Registry config.
+  expiration: 900
+  certificate: "/path/to/server.pem"
+  key: "/path/to/server.key"
+
+users:
+  # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
+  "admin":
+    password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC"  # badmin
+  "test":
+    password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya"  # 123
+
+acl:
+  - match: {account: "admin"}
+    actions: ["*"]
+    comment: "Admin has full access to everything."
+  - match: {account: "user"}
+    actions: ["pull"]
+    comment: "User \"user\" can pull stuff."
+  # Access is denied by default.