If you have some docker services running on your Synology NAS you might want to host an own docker registry in your local network as well for pushing self-created images. For this purpose docker provides a container registry image on docker hub. Running the registry on your NAS inside the local network does not necessarily need a TLS communication. But docker requires a TLS communication between a registry and your docker instance by default. To allow the communication without TLS you need to set the "insecure-registries":["HOST:PORT"] property to the docker configuration. You need to set the entry on client and server side to be able to docker pull and docker push successfully.
For the solution I assume that there is already a registry container running. If this is not the case, start a registry container first by either
- Run this command via ssh:
docker run -d -p 5010:5000 --name registry-1 --restart always registry- Or use the Container Manager in DSM for running an equivalent container
Enable Pulling from registry
Connect to your Synology NAS using SSH. If you don’t know how to do that, see this blog post.
- Add
"insecure-registries":["HOST:PORT"]to the dockerd.json
sudo vi /var/packages/ContainerManager/etc/dockerd.jsonHOST:PORT needs to be replaced with the address of the private registry, e.g.
- Then restart the docker daemon
sudo systemctl restart pkg-ContainerManager-dockerd.serviceNOTE
Maybe the service name will change in future. As long as docker is contained in the service name you should be able to find by
systemctl list-units --type=service --all | grep -i dockerIn case the location of the dockerd.json does not succeed check if the folder ContainerManager has changed its name.
Enable pushing to registry
Open Docker Desktop and insert the JSON as well like described in the picture.
