When Midcentury New York Spoke, Sound Archivist Listened–and Recorded Every Word (smithsonianmag.com)

In certain cases, using a full-fledged external (or even local) registry is annoying overhead. And if you think about it, there's already a form of registry present on any of your Docker-enabled hosts — the Docker's own image storage.

So I built Unregistry [1] that exposes Docker's (containerd) image storage through a standard registry API. It adds a `docker pussh` command that pushes images directly to remote Docker daemons over SSH. It transfers only the missing layers, making it fast and efficient.

  docker pussh myapp:latest user@server

Under the hood, it starts a temporary unregistry container on the remote host, pushes to it through an SSH tunnel, and cleans up when done.

I've built it as a byproduct while working on Uncloud [2], a tool for deploying containers across a network of Docker hosts, and figured it'd be useful as a standalone project.

Would love to hear your thoughts and use cases!

[1]: https://github.com/psviderski/unregistry

[2]: https://github.com/psviderski/uncloud

Comments (37)

nine_k · 2h ago

Nice. And the `pussh` command definitely deserves the distinction of one of the most elegant puns: easy to remember, self-explanatory, and just one letter away from its sister standard command.

gchamonlive · 28m ago

It's fine, but it wouldn't hurt to have a more formal alias like `docker push-over-ssh`.

EDIT: why I think it's important because on automations that are developed collaboratively, "pussh" could be seen as a typo by someone unfamiliar with the feature and cause unnecessary confusion, whereas "push-over-ssh" is clearly deliberate. Think of them maybe as short-hand/full flags.

someothherguyy · 14m ago

and prone to collision!

EricRiese · 1h ago

> The extra 's' is for 'sssh'

> What's that extra 's' for?

> That's a typo

metadat · 1h ago

This should have always been a thing! Brilliant.

Docker registries have their place but are overall over-engineered and an antithesis to the hacker mentality.

layoric · 18m ago

I'm so glad there are tools like this and swing back to selfhosted solutions, especially leveraging SSH tooling. Well done and thanks for sharing, will definitely be giving it a spin.

scott113341 · 1h ago

Neat project and approach! I got fed up with expensive registries and ended up self-hosting Zot [1], but this seems way easier for some use cases. Does anyone else wish there was an easy-to-configure, cheap & usage-based, private registry service?

[1]: https://zotregistry.dev

esafak · 1h ago

You can do these image acrobatics with the dagger shell too, but I don't have enough experience with it to give you the incantation: https://docs.dagger.io/features/shell/

throwaway314155 · 1h ago

I assume you can do these "image acrobatics" in any shell.

bradly · 2h ago

As a long ago fan of chef-solo, this is really cool.

Currently, I need to use a docker registry for my Kamal deployments. Are you familiar with it and if this removes the 3rd party dependency?

koakuma-chan · 2h ago

This is really cool. Do you support or plan to support docker compose?

psviderski · 2h ago

Thank you! Can you please clarify what kind of support you mean for docker compose?

fardo · 2h ago

I assume that he means "rather than pushing up each individual container for a project, it could take something like a compose file over a list of underlying containers, and push them all up to the endpoint."

koakuma-chan · 2h ago

Yes, pushing all containers one by one would not be very convenient.

baobun · 1h ago

The right yq|xargs invocation on your compose file should get you to a oneshot.

koakuma-chan · 1h ago

I would prefer docker compose pussh or whatever

actinium226 · 1h ago

This is excellent. I've been doing the save/load and it works fine for me, but I like the idea that this only transfers missing layers.

FWIW I've been saving then using mscp to transfer the file. It basically does multiple scp connections to speed it up and it works great.

remram · 1h ago

Does it start a unregistry container on the remote/receiving end or the local/sending end? I think that runs remotely. I wonder if you could go the other way instead?

selcuka · 1h ago

You mean ssh'ing into the remote server, then pulling image from local? That would require your local host to be accessible from the remote host, or setting up some kind of ssh tunneling.

nothrabannosir · 2h ago

What’s the difference between this and skopeo? Is it the ssh support ? I’m not super familiar with skopeo forgive my ignorance

https://github.com/containers/skopeo

yibers · 2h ago

"skopeo" seems to related to managing registeries, very different from this.

NewJazz · 1h ago

Skopeo manages images, copies them and stuff.

lxe · 2h ago

Ooh this made me discover uncloud. Sounds like exactly what I was looking for. I wanted something like dokku but beefier for a sideproject server setup.

vhodges · 1h ago

There is also https://skateco.github.io/ which (at quick glance) seems similar

nodesocket · 1h ago

A recommendation for Portainer if you haven't used or considered it. I'm running two EC2 instances on AWS using portainer community edition and portainer agent and works really well. The stack feature (which is just docker compose) is also super nice. One EC2 instance; running Portainer agent runs Caddy in a container which acts as the load balancer and reverse proxy.

armx40 · 2h ago

How about using docker context. I use that a lot and works nicely.

Snawoot · 2h ago

How do docker contexts help with the transfer of image between hosts?

yjftsjthsd-h · 1h ago

What is the container for / what does this do that `docker save some:img | ssh wherever docker load` doesn't? More efficient handling of layers or something?

psviderski · 43m ago

Yeah exactly, which is crucial for large images if you change only a few last layers.

The unregistry container provides a standard registry API you can pull images from as well. This could be useful in a cluster environment where you upload an image over ssh to one node and then pull it from there to other nodes.

This is what I’m planning to implement for Uncloud. Unregistry is so lightweight so we can embed it in every machine daemon. This will allow pulling images between machines.

dzonga · 2h ago

this is nice, hopefully DHH and the folks working on Kamal adopt this.

the whole reason I didn't end up using kamal was the 'need' a docker registry thing. when I can easily push a dockerfile / compose to my vps build an image there and restart to deploy via a make command

rudasn · 1h ago

Build the image on the deployment server? Why not build somewhere else once and save time during deployments?

I'm most familiar with on-prem deployments and quickly realised that it's much faster to build once, push to registry (eg github) and docker compose pull during deployments.

isaacvando · 58m ago

Love it!

s1mplicissimus · 2h ago

very cool. now lets integrate this such that we can do `docker/podman push localimage:localtag ssh://hostname:port/remoteimage:remotetag` without extra software installed :)

jlhawn · 2h ago

A quick and dirty version:

    docker -H host1 image save IMAGE | docker -H host2 image load

note: this isn't efficient at all (no compression or layer caching)!

rgrau · 1h ago

I use a variant with ssh and some compression:

    docker save $image | bzip2 | ssh "$host" 'bunzip2 | docker load'

selcuka · 1h ago

If you are happy with bzip2-level compression, you could also use `ssh -C` to enable automatic gzip compression.

selcuka · 1h ago

That method is actually mentioned in their README:

> Save/Load - `docker save | ssh | docker load` transfers the entire image, even if 90% already exists on the server

Show HN: DeepThink Plugin – Bring Gemini 2.5's parallel reasoning to open models

Osprey: Modern functional programming oriented language designed for elegance (ospreylang.dev)

Chinese AI Companies Dodge Chip Curbs by Flying Suitcases of Hard Drives Abroad (wsj.com)

As Nuclear Power Makes a Comeback, South Korea Emerges a Winner (bloomberg.com)

When Midcentury New York Spoke, Sound Archivist Listened–and Recorded Every Word (smithsonianmag.com)

Show HN: Galaxy Explorer – Simple 3D Star Map Built with Three.js and Canvas 2D (v0-interactive-star-map.vercel.app)

AI-Native VCs: People, Automation, and Everything in Between (harmonyland.substack.com)

TI to invest >$60B to manufacture foundational semiconductors in the U.S. (ti.com)

Roast: Structured AI Workflows Made Easy (shopify.engineering)

Foreman – Automate your mixed infrastructure to make operations enjoyable (github.com)

Downloaded More for Business, or Pleasure? (boydkane.com)

A Synchronous Web of State (braid.org)

XAI is facing a lawsuit for operating over 400MW of gas turbines without permits (techcrunch.com)

Brain Freeze (asteriskmag.com)

The six-month recap: closing talk on AI at Web Directions, Melbourne, June 2025 (ghuntley.com)

One of ChatGPT's popular uses just got skewered by Stanford researchers (sfgate.com)

Show HN: We Open Sourced All Our Premium and Free CV/Resume Website Themes (github.com)

Outbox Pattern (event-driven.io)

Wanting to Be Understood Explains the Meta-Problem of Consciousness (arxiv.org)

Log Monitor (logmonitor.io)

We make uncensored AI models (uncensored.com)

Servers don't want to lose the tip credit, new research shows (2024) (restaurantbusinessonline.com)

Gender Imbalance in Computing: Faculty Perceptions of Research (ieeexplore.ieee.org)

PrivacySDK – Privacy scanner for Gitlab/GitHub CI/CD (12 langs, AI-powered)

Designing a shader using voice and hand gestures (twitter.com)

How We Tried to Slow the Rush to War in Iraq (2019) (politico.com)

Six-month-old, solo-owned vibe coder Base44 sells to Wix for $80M cash (techcrunch.com)

Ask HN: Is AI 'context switching' exhausting?

LMCache: Redis for LLMs (github.com)

Show HN: AI Illustrated Stories for Stuffed Animals (stuffiestories.ai)

Google's frighteningly good Veo 3 AI videos to be integrated with YouTube Shorts (arstechnica.com)

AI Agent Architecture via A2A/MCP (medium.com)

Accessibility Programming Doesn't Feel Accessible (acidiclight.dev)

Asana warns MCP AI feature exposed customer data to other orgs (bleepingcomputer.com)

Andrej Karpathy: Software in the era of AI [video] (youtube.com)

Show HN: Digital Scents – A smart diffuser and scent streaming service (digital-scents.com)

A Guide to Developer Advocacy (cameron.pfiffer.org)

Studies Prove your fancy car's touchscreen is worse than buttons (carsandhorsepower.com)

A Little Rant About AI (thatosdeveloper.github.io)

Microsoft planning job cuts aimed at sales people (reuters.com)

Next.js devs and founders-thoughts on visual UI builders with full code control?

It's true, “we” don't care about accessibility on Linux (tesk.page)

Show HN: Aitherapy – 24/7 AI Therapy with HIPAA-Compliant Privacy (aitherapy.care)

Model Context Protocol: Origins and Requests for Startups – Theodora Chu, MCP PM [video] (youtube.com)

Marijuana doubles your risk of cardiovascular death, worrying new study shows (nationalgeographic.com)

Elon Says He's Working to 'Fix' Grok After AI Disagrees with Him (gizmodo.com)

Text Rendering Is Working (merveilles.town)

The Nyanja new PC-Engine/TurboGrafx 16-bit console game in development (sarupro.itch.io)

Stanford CS336: Language Modeling from Scratch [video] (youtube.com)

MCP Specification – version 2025-06-18 changes (modelcontextprotocol.io)

Show HN: Unregistry – “docker push” directly to servers without a registry

Comments (37)