zot fix

2025-09-15 01:03:32 -05:00 · 2025-09-15 01:03:32 -05:00 · 5bfeffe31f
commit 5bfeffe31f
parent 8459ea7058
5 changed files with 3 additions and 55 deletions
--- a/services/zot/configmap.yaml
+++ b/services/zot/configmap.yaml
@ -18,6 +18,7 @@ data:
        "address": "0.0.0.0",
        "port": "5000",
        "realm": "zot-registry",
        "compat": ["docker2s2"],
        "auth": {
          "htpasswd": { "path": "/etc/zot/htpasswd" }
        },
@ -37,7 +38,7 @@ data:
          }
        }
      },
-      "log": { "level": "debug" },
+      "log": { "level": "info" },
      "extensions": {
        "ui": { "enable": true },
        "search": { "enable": true },
--- a/services/zot/ingress.yaml
+++ b/services/zot/ingress.yaml
@ -8,9 +8,6 @@ metadata:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
    # traefik.ingress.kubernetes.io/router.tls.options: zot-h1only@kubernetescrd
    # traefik.ingress.kubernetes.io/router.middlewares: zot-zot-headers@kubernetescrd,zot-zot-buffering@kubernetescrd
    traefik.ingress.kubernetes.io/router.middlewares: zot-add-www-auth@kubernetescrd
    traefik.ingress.kubernetes.io/router.middlewares: zot-zot-resp-headers@kubernetescrd
 spec:
  ingressClassName: traefik
--- a/services/zot/kustomization.yaml
+++ b/services/zot/kustomization.yaml
@ -9,4 +9,3 @@ resources:
  - service.yaml
  - ingress.yaml
  - middleware.yaml
  # - tlsoptions.yaml
--- a/services/zot/middleware.yaml
+++ b/services/zot/middleware.yaml
@ -1,42 +1,4 @@
-# # services/zot/middleware.yaml
+# services/zot/middleware.yaml
 # apiVersion: traefik.io/v1alpha1
 # kind: Middleware
 # metadata:
 #   name: zot-headers
 #   namespace: zot
 # spec:
 #   headers:
 #     customRequestHeaders:
 #       Docker-Distribution-Api-Version: "registry/2.0"
 # ---
 # apiVersion: traefik.io/v1alpha1
 # kind: Middleware
 # metadata:
 #   name: zot-buffering
 #   namespace: zot
 # spec:
 #   buffering:
 #     # "0" here means "no limit" for Traefik's buffering middleware
 #     maxRequestBodyBytes: 0
 #     memRequestBodyBytes: 0
 #     maxResponseBodyBytes: 0
 #     memResponseBodyBytes: 0
 #     retryExpression: "IsNetworkError() && Attempts() <= 2"
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: add-www-auth
  namespace: zot
 spec:
  headers:
    customResponseHeaders:
      WWW-Authenticate: Basic realm="zot-registry"
 ---
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
@ -46,7 +8,6 @@ spec:
  headers:
    customResponseHeaders:
      Docker-Distribution-Api-Version: "registry/2.0"
      WWW-Authenticate: 'Basic realm="zot-registry"'
    accessControlAllowOriginList:
      - "*"
    accessControlAllowCredentials: true
@ -63,4 +24,3 @@ spec:
      - PUT
      - PATCH
      - DELETE
--- a/services/zot/tlsoptions.yaml
+++ b/services/zot/tlsoptions.yaml
@ -1,9 +0,0 @@
 # # services/zot/tlsoptions.yaml
 # apiVersion: traefik.io/v1alpha1
 # kind: TLSOption
 # metadata:
 #   name: h1only
 #   namespace: zot
 # spec:
 #   alpnProtocols:
 #     - http/1.1