m

volumes/conf.d/registry.zinomedia.de.conf

@@ -23,17 +23,21 @@ server {
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
     ssl_prefer_server_ciphers on;
 
-    # disable any limits to avoid HTTP 413 for large image uploads
-    client_max_body_size 0;
-
     # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
     chunked_transfer_encoding on;
 
+    location / {
+        return 403;
+    }
+
+    location /v2/ {
+        # disable any limits to avoid HTTP 413 for large image uploads
+        client_max_body_size 0;
+
         # Password protect
         auth_basic "Protected Registry";
         auth_basic_user_file /usr/share/nginx/html/registry.zinomedia.de/.htpasswd;
 
-    location /v2/ {
         if ($request_method = OPTIONS) {
             add_header 'Access-Control-Allow-Origin' 'https://registryui.zinomedia.de';
             add_header 'Access-Control-Allow-Credentials' 'true';