benton · May 27, 2015 19:16
diff --git a/nginx.conf b/nginx.conf
 user root;
 daemon off;
 worker_processes 1;
 error_log /dev/fd/2 info;

 events {
  worker_connections 1024;
 }

 http {
  access_log /dev/fd/1;
  log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
  access_log /dev/fd/1 upstreamlog;


  include /usr/local/nginx/conf/mime.types;
  default_type application/octet-stream;
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';
  sendfile on;
  keepalive_timeout 65;

  auth_ldap_cache_enabled on;
  auth_ldap_cache_expiration_time 10000;
  auth_ldap_cache_size 1000;

  ldap_server iam_ldap_bridge {
       url "ldap://172.17.0.1:10389/dc=mdsol,dc=com?uid?sub?(objectclass=posixaccount)";
       binddn "uid=admin,ou=system";
       binddn_passwd "secret";
       require valid_user;
       satisfy any;
  }

  server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;
    root /usr/local/nginx/html;
    index index.html index.htm;
    # Make site accessible from http://localhost/
    server_name localhost;

    # disable any limits to avoid HTTP 413 for large image uploads
    client_max_body_size 0;
    # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
    chunked_transfer_encoding on;

    auth_ldap "Enter IAM Credentials";
    auth_ldap_servers iam_ldap_bridge;

    location / {
      # Do not allow connections from docker 1.5 and earlier
      # docker pre-1.6.0 did not properly set the user agent on ping, catch Go user agents
      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
        return 404;
      }

      # To add basic authentication to v2 use auth_basic setting plus add_header
      add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;
      proxy_pass http://172.17.0.2:5000;

    }
  }
 }
	user root;
	daemon off;
	worker_processes 1;
	error_log /dev/fd/2 info;

	events {
	worker_connections 1024;
	}

	http {
	access_log /dev/fd/1;
	log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
	access_log /dev/fd/1 upstreamlog;


	include /usr/local/nginx/conf/mime.types;
	default_type application/octet-stream;
	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';
	sendfile on;
	keepalive_timeout 65;

	auth_ldap_cache_enabled on;
	auth_ldap_cache_expiration_time 10000;
	auth_ldap_cache_size 1000;

	ldap_server iam_ldap_bridge {
	url "ldap://172.17.0.1:10389/dc=mdsol,dc=com?uid?sub?(objectclass=posixaccount)";
	binddn "uid=admin,ou=system";
	binddn_passwd "secret";
	require valid_user;
	satisfy any;
	}

	server {
	listen 80 default_server;
	listen [::]:80 default_server ipv6only=on;
	root /usr/local/nginx/html;
	index index.html index.htm;
	# Make site accessible from http://localhost/
	server_name localhost;

	# disable any limits to avoid HTTP 413 for large image uploads
	client_max_body_size 0;
	# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
	chunked_transfer_encoding on;

	auth_ldap "Enter IAM Credentials";
	auth_ldap_servers iam_ldap_bridge;

	location / {
	# Do not allow connections from docker 1.5 and earlier
	# docker pre-1.6.0 did not properly set the user agent on ping, catch Go user agents
	if ($http_user_agent ~ "^(docker\/1\.(3\|4\|5(?!\.[0-9]-dev))\|Go ).*$" ) {
	return 404;
	}

	# To add basic authentication to v2 use auth_basic setting plus add_header
	add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
	proxy_set_header Host $http_host; # required for docker client's sake
	proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_read_timeout 900;
	proxy_pass http://172.17.0.2:5000;

	}
	}
	}