Added registry and arch VMS based on it

2 VM one CPU and one GPU
Also have a simple UI for the registry
Added readTimeout because big layers take too long to transfert

Dockerfile.arch-ttyd-gpu

@@ -0,0 +1,8 @@
+FROM registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0
+
+RUN pacman -Syu --noconfirm && \
+    pacman -S --noconfirm \
+        nvidia \
+        cuda \
+        nvidia-utils && \
+    pacman -Scc --noconfirm

developer.yml

@@ -11,16 +11,16 @@ services:
       - "/etc/timezone:/etc/timezone:ro"
       - "/etc/localtime:/etc/localtime:ro"
     labels:
-      - "traefik.enable=true"
+      - traefik.enable=true
       # HTTP/S
-      - "traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)"
-      - "traefik.http.routers.gitea.entrypoints=websecure"
-      - "traefik.http.routers.gitea.tls.certresolver=myresolver"
-      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)
+      - traefik.http.routers.gitea.entrypoints=websecure
+      - traefik.http.routers.gitea.tls.certresolver=myresolver
+      - traefik.http.services.gitea.loadbalancer.server.port=3000
       # SSH
-      - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
-      - "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
-      - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22"
+      - traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
+      - traefik.tcp.routers.gitea-ssh.entrypoints=ssh
+      - traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22
 
   gitea-runner:
     image: docker.io/gitea/act_runner:latest
@@ -43,9 +43,46 @@ services:
     volumes:
       - ./hdd0/mkdocs-sites/zippondb:/docs
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.gitea.rule=Host(`docs.bouvais.lu`)"
-      - "traefik.http.routers.gitea.entrypoints=websecure"
-      - "traefik.http.routers.gitea.tls.certresolver=myresolver"
-      - "traefik.http.routers.gitea.middlewares=auth@docker"
-      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - traefik.enable=true
+      - traefik.http.routers.gitea_runner.rule=Host(`docs.bouvais.lu`)
+      - traefik.http.routers.gitea_runner.entrypoints=websecure
+      - traefik.http.routers.gitea_runner.tls.certresolver=myresolver
+      - traefik.http.routers.gitea_runner.middlewares=auth@docker
+      - traefik.http.services.gitea_runner.loadbalancer.server.port=3000
+
+  registry:
+    image: registry:2
+    container_name: registry
+    restart: unless-stopped
+    environment:
+      - REGISTRY_AUTH_HTPASSWD_REALM=Bouvais Registry
+      - REGISTRY_AUTH_HTPASSWD_PATH=/etc/docker/registry/htpasswd
+      - REGISTRY_HTTP_SECRET=${MASTER_PASSWORD}
+      - REGISTRY_HEALTH_STORAGEDRIVER_ENABLED=true
+      - REGISTRY_STORAGE_DELETE_ENABLED=true
+    volumes:
+      - ./hdd0/registry/data:/var/lib/registry
+      - ./hdd0/registry/htpasswd:/etc/docker/registry/htpasswd:ro
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.registry.rule=Host(`registry.bouvais.lu`)
+      - traefik.http.routers.registry.entrypoints=websecure
+      - traefik.http.routers.registry.tls.certresolver=myresolver 
+      - traefik.http.services.registry.loadbalancer.server.port=5000 
+
+  registry-ui:
+    image: joxit/docker-registry-ui:latest
+    container_name: registry-ui
+    depends_on: [registry]
+    restart: unless-stopped
+    environment:
+      - DELETE_IMAGES=true
+      - REGISTRY_TITLE=Bouvais Docker Registry
+      - NGINX_PROXY_PASS_URL=http://registry:5000
+      - SINGLE_REGISTRY=true
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.registry_ui.rule=Host(`registry-ui.bouvais.lu`)
+      - traefik.http.routers.registry_ui.entrypoints=websecure
+      - traefik.http.routers.registry_ui.tls.certresolver=myresolver 
+      - traefik.http.services.registry_ui.loadbalancer.server.port=80

docker-compose.yml

@@ -23,6 +23,8 @@ services:
       - "--metrics.prometheus=true"
       - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
       - "--entryPoints.ssh.address=:2101"
+      - "--entrypoints.web.transport.respondingTimeouts.readTimeout=180m"
+      - "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=180m"
       # Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host
       - "--accesslog=true"
       - "--accesslog.format=json"

vms.yml

@@ -1,9 +1,7 @@
 services:
-  arch-ttyd:
-    build:
-      context: .
-      dockerfile: Dockerfile.arch-ttyd
-    container_name: arch-ttyd
+  arch-cpu:
+    image: registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0
+    container_name: arch-cpu
     restart: unless-stopped
     volumes:
       - ./hdd0/vms/arch/data:/data
@@ -28,3 +26,35 @@ services:
         reservations:
           cpus: '0.5'
           memory: 256M
+
+  arch-gpu:
+    image: registry.bouvais.lu/vms/arch-ttyd-gpu:1.0.0
+    container_name: arch-gpu
+    restart: unless-stopped
+    volumes:
+      - ./hdd0/vms/arch_gpu/data:/data
+      - ./hdd0/vms/arch_gpu/root:/root
+    command: >
+      ttyd
+      -p 7682
+      -c "${TTYD_USERNAME}:${MASTER_PASSWORD}"
+      -W
+      bash
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.arch_gpu.rule=Host(`arch-gpu.bouvais.lu`)"
+      - "traefik.http.routers.arch_gpu.entrypoints=websecure"
+      - "traefik.http.routers.arch_gpu.tls.certresolver=myresolver"
+      - "traefik.http.services.arch_gpu.loadbalancer.server.port=7682"
+    deploy:
+      resources:
+        limits:
+          cpus: '2.0'
+          memory: 1G
+        reservations:
+          cpus: '0.5'
+          memory: 256M
+          devices:
+            - driver: nvidia
+              capabilities: ["gpu"]
+              count: all