Registry 2 with admin and read-only privilege


I’ve been following the instructions at to configure a private registry with TLS and htpasswd. So far so good - I have it working up to the point that I can sign in with the account I created with htpasswd.

However, I want to configure two levels of access; one with admin privilege that allows push and pull and one with read-only privilege that allows pull only. Does anyone know the correct way to do this? By ‘the correct way’ I mean that I assume it is possible to do this by passing environment variable values to the container at startup.

If this is not possible does anyone know if it is functionality that is on the roadmap?

Thanks in advance for any assistance,


Ah, actually I think I’ve answered my own question and that the answer I require is close to where I was originally looking -


The link appears to be dead :frowning:

Try here:

Or here for some other options:

Note, however the comment on the page about basic authentication.
That leads here: (See “restricting access”)