Added registry and arch VMS based on it

2 VM one CPU and one GPU Also have a simple UI for the registry Added readTimeout because big layers take too long to transfert
2025-06-30 21:15:46 +00:00 · 2025-06-30 21:15:46 +00:00 · 3ccda644e2
commit 3ccda644e2
parent 7ff800f97c
5 changed files with 96 additions and 19 deletions
--- a/Dockerfile.arch-ttyd-cpu
+++ b/Dockerfile.arch-ttyd-cpu
--- a/Dockerfile.arch-ttyd-gpu
+++ b/Dockerfile.arch-ttyd-gpu
@ -0,0 +1,8 @@
 FROM registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0
 RUN pacman -Syu --noconfirm && \
    pacman -S --noconfirm \
        nvidia \
        cuda \
        nvidia-utils && \
    pacman -Scc --noconfirm
--- a/developer.yml
+++ b/developer.yml
@ -11,16 +11,16 @@ services:
      - "/etc/timezone:/etc/timezone:ro"
      - "/etc/localtime:/etc/localtime:ro"
    labels:
-      - "traefik.enable=true"
+      - traefik.enable=true
      # HTTP/S
-      - "traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)"
+      - traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)
-      - "traefik.http.routers.gitea.entrypoints=websecure"
+      - traefik.http.routers.gitea.entrypoints=websecure
-      - "traefik.http.routers.gitea.tls.certresolver=myresolver"
+      - traefik.http.routers.gitea.tls.certresolver=myresolver
-      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - traefik.http.services.gitea.loadbalancer.server.port=3000
      # SSH
-      - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
+      - traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
-      - "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
+      - traefik.tcp.routers.gitea-ssh.entrypoints=ssh
-      - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22"
+      - traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22
  gitea-runner:
    image: docker.io/gitea/act_runner:latest
@ -43,9 +43,46 @@ services:
    volumes:
      - ./hdd0/mkdocs-sites/zippondb:/docs
    labels:
-      - "traefik.enable=true"
+      - traefik.enable=true
-      - "traefik.http.routers.gitea.rule=Host(`docs.bouvais.lu`)"
+      - traefik.http.routers.gitea_runner.rule=Host(`docs.bouvais.lu`)
-      - "traefik.http.routers.gitea.entrypoints=websecure"
+      - traefik.http.routers.gitea_runner.entrypoints=websecure
-      - "traefik.http.routers.gitea.tls.certresolver=myresolver"
+      - traefik.http.routers.gitea_runner.tls.certresolver=myresolver
-      - "traefik.http.routers.gitea.middlewares=auth@docker"
+      - traefik.http.routers.gitea_runner.middlewares=auth@docker
-      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - traefik.http.services.gitea_runner.loadbalancer.server.port=3000
  registry:
    image: registry:2
    container_name: registry
    restart: unless-stopped
    environment:
      - REGISTRY_AUTH_HTPASSWD_REALM=Bouvais Registry
      - REGISTRY_AUTH_HTPASSWD_PATH=/etc/docker/registry/htpasswd
      - REGISTRY_HTTP_SECRET=${MASTER_PASSWORD}
      - REGISTRY_HEALTH_STORAGEDRIVER_ENABLED=true
      - REGISTRY_STORAGE_DELETE_ENABLED=true
    volumes:
      - ./hdd0/registry/data:/var/lib/registry
      - ./hdd0/registry/htpasswd:/etc/docker/registry/htpasswd:ro
    labels:
      - traefik.enable=true
      - traefik.http.routers.registry.rule=Host(`registry.bouvais.lu`)
      - traefik.http.routers.registry.entrypoints=websecure
      - traefik.http.routers.registry.tls.certresolver=myresolver 
      - traefik.http.services.registry.loadbalancer.server.port=5000 
  registry-ui:
    image: joxit/docker-registry-ui:latest
    container_name: registry-ui
    depends_on: [registry]
    restart: unless-stopped
    environment:
      - DELETE_IMAGES=true
      - REGISTRY_TITLE=Bouvais Docker Registry
      - NGINX_PROXY_PASS_URL=http://registry:5000
      - SINGLE_REGISTRY=true
    labels:
      - traefik.enable=true
      - traefik.http.routers.registry_ui.rule=Host(`registry-ui.bouvais.lu`)
      - traefik.http.routers.registry_ui.entrypoints=websecure
      - traefik.http.routers.registry_ui.tls.certresolver=myresolver 
      - traefik.http.services.registry_ui.loadbalancer.server.port=80
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -23,6 +23,8 @@ services:
      - "--metrics.prometheus=true"
      - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
      - "--entryPoints.ssh.address=:2101"
      - "--entrypoints.web.transport.respondingTimeouts.readTimeout=180m"
      - "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=180m"
      # Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host
      - "--accesslog=true"
      - "--accesslog.format=json"
--- a/vms.yml
+++ b/vms.yml
@ -1,9 +1,7 @@
 services:
-  arch-ttyd:
+  arch-cpu:
-    build:
+    image: registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0
-      context: .
+    container_name: arch-cpu
      dockerfile: Dockerfile.arch-ttyd
    container_name: arch-ttyd
    restart: unless-stopped
    volumes:
      - ./hdd0/vms/arch/data:/data
@ -28,3 +26,35 @@ services:
        reservations:
          cpus: '0.5'
          memory: 256M
  arch-gpu:
    image: registry.bouvais.lu/vms/arch-ttyd-gpu:1.0.0
    container_name: arch-gpu
    restart: unless-stopped
    volumes:
      - ./hdd0/vms/arch_gpu/data:/data
      - ./hdd0/vms/arch_gpu/root:/root
    command: >
      ttyd
      -p 7682
      -c "${TTYD_USERNAME}:${MASTER_PASSWORD}"
      -W
      bash
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.arch_gpu.rule=Host(`arch-gpu.bouvais.lu`)"
      - "traefik.http.routers.arch_gpu.entrypoints=websecure"
      - "traefik.http.routers.arch_gpu.tls.certresolver=myresolver"
      - "traefik.http.services.arch_gpu.loadbalancer.server.port=7682"
    deploy:
      resources:
        limits:
          cpus: '2.0'
          memory: 1G
        reservations:
          cpus: '0.5'
          memory: 256M
          devices:
            - driver: nvidia
              capabilities: ["gpu"]
              count: all