Docker registry - works only locally ?

I can login and build and push on server, but unable to login from remote location. Did I miss something ?

on server:

docker login <server_fqdn>:4567
Username (root): vaclav.adamec
Password:
Login Succeeded

remote login:

docker login <server_fqdn>:4567
Username: vaclav.adamec
Password:
Cannot connect to the Docker daemon. Is the docker daemon running on this host?

• ports are opened, no blocks between me an gitlab server, registry service is running

/usr/bin/docker daemon -H tcp://127.0.0.1:4243 -H tcp://10.4.6.77:4243 -H unix:///var/run/docker.sock --ip-forward=true --iptables=true --ip-masq=true

ps -ef | grep registry
/opt/gitlab/embedded/bin/registry serve ./config.yml

ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 4567 /* 303 allow access to registry */
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 4243 /* 304 allow access to docker */

CFG

• /etc/gitlab/gitlab.rb

registry_external_url 'https://<server_fqdn>:4567'
registry_nginx['ssl_certificate'] = '/etc/gitlab/ssl/cert.crt'
registry_nginx['ssl_certificate_key'] = '/etc/gitlab/ssl/key.key'

• /var/opt/gitlab/registry/config.yml

version: 0.1
log:
  level: info
  fields:
    service: registry
    environment: production
storage:
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/opt/gitlab/gitlab-rails/shared/registry
  delete:
    enabled: true
http:
  addr: localhost:5000
  secret: "xxxxxxxxxxxx"
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3
auth:
  token:
    realm: https://<server_fqdn>/jwt/auth
    service: container_registry
    issuer: omnibus-gitlab-issuer
    rootcertbundle: /var/opt/gitlab/registry/gitlab-registry.crt

versions

gitlab-ce-8.8.4-ce.0.el7.x86_64
docker-engine-1.11.2-1
setup via Puppet module https://github.com/vshn/puppet-gitlab (1.9.1 latest)