- name: Ensure registry volume directories exists become: true file: state: directory path: "/var/registry/{{ item }}" loop: - certs - auth - name: Install python packages become: true package: name: - python3-docker - python3-passlib - python3-bcrypt state: present - name: Write htpassword file become: true htpasswd: create: true crypt_scheme: bcrypt path: /var/registry/auth/htpasswd name: "{{ intermediate_registry.username }}" password: "{{ intermediate_registry.password }}" - name: Write TLS private key become: true copy: content: "{{ intermediate_registry_tls_key }}" dest: /var/registry/certs/domain.key - name: Write TLS certificate become: true copy: content: "{{ intermediate_registry_tls_cert }}{{ intermediate_registry_tls_chain | default('') }}" dest: /var/registry/certs/domain.crt - name: Start intermediate docker registry command: >- {{ container_command }} run -d --name="intermediate_registry" --restart=always --network=host --env REGISTRY_HTTP_TLS_CERTIFICATE="/certs/domain.crt" --env REGISTRY_HTTP_TLS_KEY="/certs/domain.key" --env REGISTRY_AUTH="htpasswd" --env REGISTRY_AUTH_HTPASSWD_PATH="/auth/htpasswd" --env REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" --volume="/var/registry/certs:/certs" --volume="/var/registry/auth:/auth" docker.io/library/registry:2