Docker container registry does not work with the inclusion of a standard port
!887 (merged) fixed ports for GitLab but broke using the Docker container over standard HTTPS via port 443. This happened in https://gitlab.com/gitlab-com/infrastructure/issues/256 today. Apparently, adding 443 to the Host
header breaks the Docker container registry. As a workaround, we manually configured the header.
According to this GitHub issue, Docker distribution doesn't like having standard ports in the Host
header for some reason. I'm not sure why that it is, but if you set registry_external_url http://mydomain.com:4567
, then you DO need port 4567 in the Host
header. I'll submit a MR for this.
Also when users terminate SSL in the reverse proxy and communicate over HTTP internally, I'm not sure if putting port 443 in the header is appropriate. I'm not sure the best way to resolve this issue. We could either document this extra configuration step or disable the Host
header if listen_https
is being used.
/cc: @jacobvosmaer-gitlab, @marin