From dabcd7d4c8163b773328a1e4867563ebfa85d2c4 Mon Sep 17 00:00:00 2001
From: Robin Gloster <mail@glob.in>
Date: Sun, 18 Sep 2016 20:57:01 +0200
Subject: [PATCH] dockerRegistry module: re-init with new underlying software

---
 nixos/modules/module-list.nix                 |  1 +
 nixos/modules/rename.nix                      |  2 -
 .../modules/services/misc/docker-registry.nix | 66 +++++++++++++++++++
 nixos/tests/docker-registry.nix               | 45 +++++++++++++
 4 files changed, 112 insertions(+), 2 deletions(-)
 create mode 100644 nixos/modules/services/misc/docker-registry.nix
 create mode 100644 nixos/tests/docker-registry.nix

diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 1e84729d6f41..e1d986dc6339 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -235,6 +235,7 @@
   ./services/misc/dictd.nix
   ./services/misc/dysnomia.nix
   ./services/misc/disnix.nix
+  ./services/misc/docker-registry.nix
   ./services/misc/emby.nix
   ./services/misc/errbot.nix
   ./services/misc/etcd.nix
diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index 9abe7d450c93..44e07f4618de 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -156,7 +156,5 @@ with lib;
       "See the 16.09 release notes for more information.")
     (mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ] "")
     (mkRemovedOptionModule [ "services" "dovecot2" "package" ] "")
-    (mkRemovedOptionModule [ "services" "dockerRegistry" ]
-      "docker-registry has been deprecated upstream since a long time.")
   ];
 }
diff --git a/nixos/modules/services/misc/docker-registry.nix b/nixos/modules/services/misc/docker-registry.nix
new file mode 100644
index 000000000000..96ac2a1cf2c9
--- /dev/null
+++ b/nixos/modules/services/misc/docker-registry.nix
@@ -0,0 +1,66 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.dockerRegistry;
+
+in {
+  options.services.dockerRegistry = {
+    enable = mkEnableOption "Docker Registry";
+
+    listenAddress = mkOption {
+      description = "Docker registry host or ip to bind to.";
+      default = "127.0.0.1";
+      type = types.str;
+    };
+
+    port = mkOption {
+      description = "Docker registry port to bind to.";
+      default = 5000;
+      type = types.int;
+    };
+
+    storagePath = mkOption {
+      type = types.path;
+      default = "/var/lib/docker-registry";
+      description = "Docker registry storage path.";
+    };
+
+    extraConfig = mkOption {
+      description = ''
+        Docker extra registry configuration via environment variables.
+      '';
+      default = {};
+      type = types.attrsOf types.str;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.services.docker-registry = {
+      description = "Docker Container Registry";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+
+      environment = {
+        REGISTRY_HTTP_ADDR = "${cfg.listenAddress}:${toString cfg.port}";
+        REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY = cfg.storagePath;
+      } // cfg.extraConfig;
+
+      script = ''
+        ${pkgs.docker-distribution}/bin/registry serve \
+          ${pkgs.docker-distribution.out}/share/go/src/github.com/docker/distribution/cmd/registry/config-example.yml
+      '';
+
+      serviceConfig = {
+        User = "docker-registry";
+        WorkingDirectory = cfg.storagePath;
+      };
+    };
+
+    users.extraUsers.docker-registry = {
+      createHome = true;
+      home = cfg.storagePath;
+    };
+  };
+}
diff --git a/nixos/tests/docker-registry.nix b/nixos/tests/docker-registry.nix
new file mode 100644
index 000000000000..df24686aba8e
--- /dev/null
+++ b/nixos/tests/docker-registry.nix
@@ -0,0 +1,45 @@
+# This test runs docker-registry and check if it works
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "docker-registry";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ globin ];
+  };
+
+  nodes = {
+    registry = { config, pkgs, ... }: {
+      services.dockerRegistry.enable = true;
+      services.dockerRegistry.port = 8080;
+      services.dockerRegistry.listenAddress = "0.0.0.0";
+      networking.firewall.allowedTCPPorts = [ 8080 ];
+    };
+
+    client1 = { config, pkgs, ...}: {
+      virtualisation.docker.enable = true;
+      virtualisation.docker.socketActivation = false;
+      virtualisation.docker.extraOptions = "--insecure-registry registry:8080";
+    };
+
+    client2 = { config, pkgs, ...}: {
+      virtualisation.docker.enable = true;
+      virtualisation.docker.socketActivation = false;
+      virtualisation.docker.extraOptions = "--insecure-registry registry:8080";
+    };
+  };
+
+  testScript = ''
+    $client1->start();
+    $client1->waitForUnit("docker.service");
+    $client1->succeed("tar cv --files-from /dev/null | docker import - scratch");
+    $client1->succeed("docker tag scratch registry:8080/scratch");
+
+    $registry->start();
+    $registry->waitForUnit("docker-registry.service");
+    $client1->succeed("docker push registry:8080/scratch");
+
+    $client2->start();
+    $client2->waitForUnit("docker.service");
+    $client2->succeed("docker pull registry:8080/scratch");
+    $client2->succeed("docker images | grep scratch");
+  '';
+})