Docker Hub has announced new pull limits starting 2024-04-01. An easy way to get around that is to set up a pull-through cache. This can easily be done using CNCF Distribution. Here’s how I did that on NixOS:
{ lib, config, ... }:
with lib;
let cfg = config.services.dockercache;
in {
options.services.dockercache = {
enable = mkEnableOption "Enable docker cache";
domain = mkOption {
default = "${config.networking.hostName}.${config.networking.domain}";
type = types.str;
description = "default domain to serve";
};
};
config = mkIf cfg.enable {
services.dockerRegistry = {
enable = true;
enableGarbageCollect = true;
extraConfig = {
proxy.remoteurl = "https://registry-1.docker.io";
log.accesslog.disabled = true; # access can be seen in caddy log
http.debug = { # only if you use prometheus
addr = "localhost:5001";
prometheus.enabled = true;
};
};
};
systemd.services.docker-registry.environment = {
OTEL_TRACES_EXPORTER = "none"; # disable sending traces (on by default)
};
services.caddy.virtualHosts."${cfg.domain}" = {
extraConfig = ''
handle /metrics {
basic_auth {
prometheus ...
}
reverse_proxy http://localhost:5001
}
reverse_proxy http://localhost:5000
'';
};
virtualisation.docker.daemon.settings.registry-mirrors = [
"https://your.sub.domain"
];
};
}