Enable TLS by default if /ssl directory is present.

Generates needed keys and certs.
If only one element in the key/cert pair is present, nothing is
overriden; instead, the user is asked to either remove the existing
element, or put the missing one back.

Uses TLSv1, since TLSv1.1 nor TLSv1.2 are available in the current
version of python 2.7.

Usage: docker run -d -p 5000:5000 -v /etc/docker/certs.d:/ssl registry

There are no breaking changes, since the /ssl directory is not present
by default.

Signed-off-by: Tibor Vass <[email protected]>

Author: tiborvass

Dockerfile

@@ -12,13 +12,18 @@ FROM ubuntu:14.04
 RUN apt-get update \
 # Install pip
     && apt-get install -y \
+        curl \
         python-pip \
 # Install deps for backports.lmza (python2 requires it)
         python-dev \
         liblzma-dev \
         libevent1-dev \
     && rm -rf /var/lib/apt/lists/*
 
+# get generate_cert
+RUN curl -L -o /usr/local/bin/generate_cert https://github.com/SvenDowideit/generate_cert/releases/download/0.1/generate_cert-0.1-linux-amd64/ && \
+    chmod +x /usr/local/bin/generate_cert
+
 COPY . /docker-registry
 COPY ./config/boto.cfg /etc/boto.cfg
 
@@ -37,4 +42,5 @@ ENV SETTINGS_FLAVOR dev
 
 EXPOSE 5000
 
+ENTRYPOINT ["/docker-registry/wrap.sh"]
 CMD ["docker-registry"]