# Docker registry proxy for api versions 1 and 2

upstream docker-registry {
  server registryv1:5000;
}

upstream docker-registry-v2 {
  server registryv2:5000;
}

# No client auth or TLS
server {
  listen 5000;
  server_name localhost;

  # disable any limits to avoid HTTP 413 for large image uploads
  client_max_body_size 0;

  # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
  chunked_transfer_encoding on;

  location /v2/ {
    # Do not allow connections from docker 1.5 and earlier
    # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
    if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
      return 404;
    }

    # To add basic authentication to v2 use auth_basic setting plus add_header
    # auth_basic "registry.localhost";
    # auth_basic_user_file test.password;
    # add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;

    include               docker-registry-v2.conf;
  }

  location / {
    include               docker-registry.conf;
  }
}