zot fix

2025-09-15 01:03:32 -05:00 · 2025-09-15 01:03:32 -05:00 · 5bfeffe31f
commit 5bfeffe31f
parent 8459ea7058
5 changed files with 3 additions and 55 deletions
--- a/services/zot/configmap.yaml
+++ b/services/zot/configmap.yaml
@ -18,6 +18,7 @@ data:
        "address": "0.0.0.0",
        "port": "5000",
        "realm": "zot-registry",
+        "compat": ["docker2s2"],
        "auth": {
          "htpasswd": { "path": "/etc/zot/htpasswd" }
        },
@ -37,7 +38,7 @@ data:
          }
        }
      },
-      "log": { "level": "debug" },
+      "log": { "level": "info" },
      "extensions": {
        "ui": { "enable": true },
        "search": { "enable": true },
--- a/services/zot/ingress.yaml
+++ b/services/zot/ingress.yaml
@ -8,9 +8,6 @@ metadata:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
-    # traefik.ingress.kubernetes.io/router.tls.options: zot-h1only@kubernetescrd
-    # traefik.ingress.kubernetes.io/router.middlewares: zot-zot-headers@kubernetescrd,zot-zot-buffering@kubernetescrd
-    traefik.ingress.kubernetes.io/router.middlewares: zot-add-www-auth@kubernetescrd
    traefik.ingress.kubernetes.io/router.middlewares: zot-zot-resp-headers@kubernetescrd
 spec:
  ingressClassName: traefik
--- a/services/zot/kustomization.yaml
+++ b/services/zot/kustomization.yaml
@ -9,4 +9,3 @@ resources:
  - service.yaml
  - ingress.yaml
  - middleware.yaml
-  # - tlsoptions.yaml
--- a/services/zot/middleware.yaml
+++ b/services/zot/middleware.yaml
@ -1,42 +1,4 @@
-# # services/zot/middleware.yaml
-# apiVersion: traefik.io/v1alpha1
-# kind: Middleware
-# metadata:
-#   name: zot-headers
-#   namespace: zot
-# spec:
-#   headers:
-#     customRequestHeaders:
-#       Docker-Distribution-Api-Version: "registry/2.0"
-
-# ---
-
-# apiVersion: traefik.io/v1alpha1
-# kind: Middleware
-# metadata:
-#   name: zot-buffering
-#   namespace: zot
-# spec:
-#   buffering:
-#     # "0" here means "no limit" for Traefik's buffering middleware
-#     maxRequestBodyBytes: 0
-#     memRequestBodyBytes: 0
-#     maxResponseBodyBytes: 0
-#     memResponseBodyBytes: 0
-#     retryExpression: "IsNetworkError() && Attempts() <= 2"
-
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: add-www-auth
-  namespace: zot
-spec:
-  headers:
-    customResponseHeaders:
-      WWW-Authenticate: Basic realm="zot-registry"
-
---
-
+# services/zot/middleware.yaml
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
@ -46,7 +8,6 @@ spec:
  headers:
    customResponseHeaders:
      Docker-Distribution-Api-Version: "registry/2.0"
-      WWW-Authenticate: 'Basic realm="zot-registry"'
    accessControlAllowOriginList:
      - "*"
    accessControlAllowCredentials: true
@ -63,4 +24,3 @@ spec:
      - PUT
      - PATCH
      - DELETE
-
--- a/services/zot/tlsoptions.yaml
+++ b/services/zot/tlsoptions.yaml
@ -1,9 +0,0 @@
-# # services/zot/tlsoptions.yaml
-# apiVersion: traefik.io/v1alpha1
-# kind: TLSOption
-# metadata:
-#   name: h1only
-#   namespace: zot
-# spec:
-#   alpnProtocols:
-#     - http/1.1