🌱 Tollport

Tollport is self-hosted software that lets you host, manage, and share Docker compatible images without the restrictions that other services do. Keep full control, set fine-grained permissions, and even sell your images through your own marketplace.

Tollport is at a pre-release version of 0.5 right now. It's being actively worked on and more features are added each week. Right now, you can use all of the fundamental features of the software. Quality of life patches will be released to get us to version 1.

Simple, quick setup

The easiest way to get Tollport up and running is by using a docker compose file like this:

services:
  registry:
    image: distribution/distribution:3
    ports:
      - "5500:5000"
    environment:
      REGISTRY_AUTH_TOKEN_SERVICE: tollport-registry
      REGISTRY_AUTH_TOKEN_ISSUER: tollport
      REGISTRY_AUTH_TOKEN_JWKS: /var/lib/registry/jwks.json
      REGISTRY_NOTIFICATIONS_ENDPOINTS_0_NAME: tollport
      REGISTRY_NOTIFICATIONS_ENDPOINTS_0_URL: http://web:3000/registry-notification
      REGISTRY_LOG_LEVEL: info
      OTEL_TRACES_EXPORTER: none
      OTEL_METRICS_EXPORTER: none
      OTEL_LOGS_EXPORTER: none
    env_file: .env
    volumes:
      - registry_data:/var/lib/registry
    depends_on:
      web:
        condition: service_healthy
    networks:
      - external_network
      - internal_network

  web:
    image: tollport.shane.computer:5500/tollport:latest
    ports:
      - "3832:3000"
    env_file: .env
    networks:
      - external_network
      - internal_network
    volumes:
      - registry_data:/rails/registry_data
      - tollport_storage:/rails/storage
    healthcheck:
      test: ['CMD-SHELL', "curl -s --noproxy localhost localhost:3000/up | grep -q 'green' || exit 1"]
      interval: 60s
      start_period: 2s
      start_interval: 1s
    depends_on:
      - database

  database:
    image: postgres:17.4
    environment:
      - 'POSTGRES_HOST_AUTH_METHOD=trust'
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - internal_network
    healthcheck:
      test: ['CMD', 'pg_isready', '-U', 'postgres']

volumes:
  registry_data:
  postgres_data:
  tollport_storage:

networks:
  external_network:
  internal_network:
    internal: true

And then with you configuration in a .env file:

# railsy bits

DATABASE_URL="postgres://postgres:somepass@database/tollport_production"

POSTGRES_PASSWORD=somepass

RAILS_ENV=production
SECRET_KEY_BASE=some_key_base

ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=generate with bin/rails db:encryption:init
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=generate with bin/rails db:encryption:init
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=generate with bin/rails db:encryption:init

TOLLPORT_USE_SSL=true

# tollporty bits

TOLLPORT_HOSTNAME=yourdomain.com
TOLLPORT_REGISTRY_ADDRESS=yourdomain.com:5500
TOLLPORT_REGISTRY_URI=http://registry:5000

# emaily bits

SMTP_SERVER=...
SMTP_PORT=587
SMTP_LOGIN=...
SMTP_PASSWORD=...
SMTP_AUTH_METHOD=plain
SMTP_ENABLE_STARTTLS=true
SMTP_FROM_ADDRESS="notifications@example.com"

# stripey bits

STRIPE_API_KEY=your-stripe-key

# distrubution bits

REGISTRY_AUTH_TOKEN_REALM=http://yourdomain.com/auth/token
REGISTRY_HTTP_SECRET: do-a-bit-of-keyboard-bashing

Then, set up your nginx (etc) server configuration to point both services to a hostname.

upstream tollport {
  server 127.0.0.1:3832 fail_timeout=0;
}

upstream tollport_registry {
  server 127.0.0.1:5000 fail_timeout=0;
}

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

server {
  listen 5500 ssl;
  server_name tollport.shane.computer;

  location / {
    proxy_pass http://tollport_registry;
  }
}

server {
  server_name tollport.shane.computer;

  access_log /var/log/nginx/tollport.access.log;

  location / {
    proxy_pass http://tollport;

    # Preserve client headers for Rails
    proxy_set_header Host              $host;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

  location /cable {
    proxy_pass http://tollport;

    proxy_http_version 1.1;
    proxy_set_header Upgrade    $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    proxy_set_header Host              $host;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    # Avoid buffering for WebSockets
    proxy_read_timeout 3600;
    proxy_send_timeout 3600;
    proxy_buffering off;
  }
}

After that, you should be good to go!

Repositories included

🌱 tollport
latest - 14 days ago
đź’ł ÂŁ35.00 once

License recap

What you get:

See the full license. â–ş

License for Tollport

Tollport License v1.0

Last updated: October 2025

1. Grant of License

Tollport (“the Software”) is licensed, not sold.
By purchasing a license, you (“the Licensee”) are granted a non-exclusive, perpetual, worldwide, non-transferable license to:

  • Install and run any number of instances of the Software on your own servers.
  • View and modify the Software’s source code for your own use. This includes changing the display of the software.
  • Store the software forever, on whatever medium you like. Should this product be taken offline, you are still entitled to use your backup copy of the software.
  • Use the Software commercially for your own business purposes.

2. Restrictions

You may not:

  1. Redistribute, sell, sublicense, lease, or otherwise share the Software or derivative works.
  2. Host, operate, or offer the Software as a service (SaaS, PaaS, or similar) for third parties.
  3. Share or publish modified versions of the Software or its source code.
  4. Remove or change any copyright or attribution notices from the source code.
  5. Use the software for distribution of offensive, harmful, or cruel materials, including for war (lawful or otherwise).

3. Ownership

The Software and all intellectual property remain the property of the Licensor. This license does not transfer ownership—you are only granted permission to use the Software as described above. You retain ownership of any changes you make to the codebase. You retain ownership of any content you manage via the Software.

4. Updates

You are entitled to receive all updates released before version 2.0.
Modifications you make may be overwritten during updates; the Licensor is not responsible for merging, preserving, or facilitating your changes.

5. Support

The Licensor may provide assistance to help debug issues or answer questions. You can get support like this by emailing Shane (see shane.computer). Support is provided as a courtesy, with no guaranteed response time or resolution.

6. Warranty

The Software is provided “AS IS”.
To the extent permitted by law, the Licensor disclaims all warranties not required by applicable law, including but not limited to implied warranties of merchantability or fitness for a particular purpose.

7. Limitation of Liability

The Licensor will not be liable for indirect, incidental, special, or consequential damages, including loss of profits or data.
Maximum liability is limited to the amount you paid for the Software license.

8. Data Responsibility

You are solely responsible for your own data and backups.
The Licensor is not responsible for any data loss, corruption, or security issues.

9. Termination

This license terminates automatically if you breach its terms.
After termination, you must stop using the Software and delete all copies.

10. Governing Law

This license is governed by the laws of England and Wales.
Any disputes will be resolved in the courts of England and Wales.

© 2025 Shane Preece. All rights reserved.
Tollport is a proprietary, source-available software product licensed under the Tollport License v1.0.