Use an external container registry with GitLab as an auth endpoint

Hi everyone.

I actually learn gitlab to improve administration skills before subscribe a ee plan.
I have some difficulties after many weeks learning on how to install and configure a self-hosted gitlab to use it with my own self-hosted docker registry.

I have a docker-compose.yaml like this for my registry and I use a gitlab-ce (13.10.2 installed from omnibus on ubuntu 20.10) with a gitlab.rb like this](gitlab.rg configuration - You can find all certs and keys added during the configuration here

There is many mistakes after reading docs and issues around the container registry administration:

1°) Where I can store key and certificates of the registry? Into /etc/gitlab/ssl same as gitlab key and certificate or into /etc/gitlab/trusted-certs… Actually the only way I found to resole a strange issue on /etc/gitlab/ssl/reg.example.key is to run a chmod 777 /etc/gitlab/ssl/reg.example.key on this file to keep root:root ownership because after a gitlab-ctl reconfigure this file ownership are git:git and the key has been modifying… I’m sure I fail something here and it isn’t a good practice.

2°) Why the doc say to change port 5000 of my registry to avoid conflict? What’s the gitlab service that use this port?

3°) What do you think of my current setup? What will need to be modified to use an external container registry with GitLab as an auth endpoint ?

Thanks in advance for your help :slight_smile: