diff --git a/hubproxy/latest/data/config.toml b/hubproxy/latest/data/config.toml new file mode 100644 index 000000000..f4c2610ac --- /dev/null +++ b/hubproxy/latest/data/config.toml @@ -0,0 +1,90 @@ +[server] +host = "0.0.0.0" +# 监听端口 +port = 5000 +# Github文件大小限制(字节),默认2GB +fileSize = 2147483648 +# HTTP/2 多路复用,提升下载速度 +enableH2C = false + +[rateLimit] +# 每个IP每周期允许的请求数(注意Docker镜像会有多个层,会消耗多个次数) +requestLimit = 500 +# 限流周期(小时) +periodHours = 3.0 + +[security] +# IP白名单,支持单个IP或IP段 +# 白名单中的IP不受限流限制 +whiteList = [ + "127.0.0.1", + "172.17.0.0/16", + "192.168.1.0/24" +] + +# IP黑名单,支持单个IP或IP段 +# 黑名单中的IP将被直接拒绝访问 +blackList = [ + "192.168.100.1", + "192.168.100.0/24" +] + +[access] +# 代理服务白名单(支持GitHub仓库和Docker镜像,支持通配符) +# 只允许访问白名单中的仓库/镜像,为空时不限制 +whiteList = [] + +# 代理服务黑名单(支持GitHub仓库和Docker镜像,支持通配符) +# 禁止访问黑名单中的仓库/镜像 +blackList = [ + "baduser/malicious-repo", + "*/malicious-repo", + "baduser/*" +] + +# 代理配置,支持有用户名/密码认证和无认证模式 +# 无认证: socks5://127.0.0.1:1080 +# 有认证: socks5://username:password@127.0.0.1:1080 +# 留空不使用代理 +proxy = "" + +[download] +# 批量下载离线镜像数量限制 +maxImages = 10 + +# Registry映射配置,支持多种镜像仓库上游 +[registries] + +# GitHub Container Registry +[registries."ghcr.io"] +upstream = "ghcr.io" +authHost = "ghcr.io/token" +authType = "github" +enabled = true + +# Google Container Registry +[registries."gcr.io"] +upstream = "gcr.io" +authHost = "gcr.io/v2/token" +authType = "google" +enabled = true + +# Quay.io Container Registry +[registries."quay.io"] +upstream = "quay.io" +authHost = "quay.io/v2/auth" +authType = "quay" +enabled = true + +# Kubernetes Container Registry +[registries."registry.k8s.io"] +upstream = "registry.k8s.io" +authHost = "registry.k8s.io" +authType = "anonymous" +enabled = true + +[tokenCache] +# 是否启用缓存(同时控制Token和Manifest缓存)显著提升性能 +enabled = true +# 默认缓存时间(分钟) +defaultTTL = "20m" \ No newline at end of file diff --git a/hubproxy/latest/docker-compose.yml b/hubproxy/latest/docker-compose.yml index bea1a6f0a..19b874e21 100644 --- a/hubproxy/latest/docker-compose.yml +++ b/hubproxy/latest/docker-compose.yml @@ -5,7 +5,7 @@ services: ports: - "${PANEL_APP_PORT_HTTP}:8888" volumes: - - ./src/config.toml:/root/config.toml + - ./data/config.toml:/root/config.toml logging: driver: json-file options: