Unable to log into container registry behind nginx reverse proxy

Hi there,

I’m trying to configure container registries on my Gitlab instance.
The Gitlab instance runs on docker using the gitlab/gitlab-ce:13.5.3-ce.0 image.

The host system runs an nginx reverse proxy for https support using let’s encrypt certificates.
Gitlab itself works fine but container registries don’t want to work.

In gitlab.rb I configured the following settings to enable CRs:

registry_external_url 'https://registry.domain.com'

### Settings used by GitLab application
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "http://registry.domain.com:5050"
gitlab_rails['registry_port'] = "5050"
gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"

registry_nginx['enable'] = true
registry_nginx['proxy_set_headers'] = {
 "Host" => "$http_host",
 "X-Real-IP" => "$remote_addr",
 "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
 "X-Forwarded-Proto" => "https",
 "X-Forwarded-Ssl" => "on"

registry_nginx['listen_port'] = 5050
registry_nginx['listen_https'] = false

Nginx is configured to proxy_pass http://localhost:5050; any request on registry.domain.com.

The Container Registry entry now shows up in my repository and on the registry page it tells me to use docker login registry.domain.com:5050 to login using docker.

If I try this I get the error message Error response from daemon: Get "https://registry.domain.com:5050/v2/": http: server gave HTTP response to HTTPS client.
I got these quite often in the beginning of my configuration attempts so if I leave the port and just execute docker login registry.domain.com I now get Error response from daemon: Get "https://registry.domain.com/v2/": denied: access forbidden

That’s the furthest I came so far, no matter what I tried next I always ended up with this denied: access forbidden error. My account is the repository owner and Gitlab administrator, so permissions shouldn’t be an issue.

Currently I fell back to shotgun debugging, I looked up many posts on different sites but none of them got me any further.

I really hope anyone of you can help me out on this.

Did you every get this solved? I am having the same problem.

This topic got me further, but now I have error, “User interaction is not allowed.”