Reject pull/push images throung env variable

[orest-gulman]

I do have a docker compose file with joxit-ui as UI, apache for auth and registry containers.
My registry is running on 5000 and on the top I have apache for auth/authz part.
In joxit-ui I set PULL_URL=https://myregistry.domain.com:5000 and UI images are shown with correct endpoid and i can push or pull images shougn this URI in case auth part was successfull.
For me the issue is that I can push/pull an images bypass auth/auth part by dropping port 5000 and I'm wondering of a posibilitty of rejecting pull/push images inside of joxit-iu nginx.

    environment:
      - SINGLE_REGISTRY=true
      - REGISTRY_URL=https://myregistry.domain.com
      - PULL_URL=https://myregistry.domain.com:5000
      - NGINX_PROXY_PASS_URL=http://172.20.0.20:5000

[Joxit]

Hi, you must use either REGISTRY_URL or NGINX_PROXY_PASS_URL not both of them.

As the configuration suggest, NGINX_PROXY_PASS_URL will proxy pass the requests to your registry.... Since you put an IP on port 5000, its clearly not your apache server.

[orest-gulman]

Hi,
NGINX_PROXY_PASS_URL=http://172.20.0.20:5000
That is apache

[Joxit]

So what's https://myregistry.domain.com?

[orest-gulman]

Also apache. I terminate cert on apache 443/5000

[Joxit]

Okay, so just remove the nginx proxy pass option and it should be good for you