From 951711bf0735ab097f36c26a8c5dbb2bb9031c17 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Tue, 14 Sep 2021 20:00:00 +0000
Subject: [PATCH] docker-registry: Add basic auth support

---
 roles/docker-distribution/tasks/main.yml          | 10 ++++++++++
 roles/docker-distribution/templates/config.yml.j2 |  6 ++++++
 2 files changed, 16 insertions(+)

diff --git a/roles/docker-distribution/tasks/main.yml b/roles/docker-distribution/tasks/main.yml
index e4f3bb6..154a9c9 100644
--- a/roles/docker-distribution/tasks/main.yml
+++ b/roles/docker-distribution/tasks/main.yml
@@ -54,6 +54,16 @@
     owner: root
     group: docker
 
+- name: copy access file
+  copy:
+    dest: /etc/docker-distribution/registry/htpasswd
+    src: "{{ htpasswd }}"
+    mode: 0640
+    owner: root
+    group: docker
+  when: htpasswd is defined
+  notify: restart docker-distribution
+
 - name: start service
   service:
     name: docker-distribution
diff --git a/roles/docker-distribution/templates/config.yml.j2 b/roles/docker-distribution/templates/config.yml.j2
index 5051821..610bfe0 100644
--- a/roles/docker-distribution/templates/config.yml.j2
+++ b/roles/docker-distribution/templates/config.yml.j2
@@ -7,6 +7,12 @@ storage:
     layerinfo: inmemory
   filesystem:
     rootdirectory: /srv/registry
+{% if htpasswd is defined %}
+auth:
+  htpasswd:
+    realm: Authentication Required
+    path: /etc/docker-distribution/registry/htpasswd
+{% endif %}
 http:
   addr: :5000
 {% if docker_distribution_secret is defined %}