diff --git a/roles/rproxy/tasks/main.yml b/roles/rproxy/tasks/main.yml
index 729856d..9d21948 100644
--- a/roles/rproxy/tasks/main.yml
+++ b/roles/rproxy/tasks/main.yml
@@ -7,6 +7,11 @@
     - install
     - add_config
 
+  - name: Get IP address
+    ansible.builtin.shell:
+      cmd: hostname -I | awk '{print $1}'
+    register: IP
+
 - name: Install docker (Debian)
   ansible.builtin.apt:
     name:
@@ -58,7 +63,7 @@
 
     - name: Copy docker-compose
       ansible.builtin.template:
-        src: templates/docker-compose.yml.j2
+        src: templates/docker-compose.rproxy.yml.j2
         dest: "{{ rproxy_dir }}/docker-compose.yml"
 
     - name: Copy nginx.conf
@@ -83,11 +88,6 @@
 
 - name: Create https repository
   block:
-    - name: Get IP address
-      ansible.builtin.shell:
-        cmd: hostname -I | awk '{print $1}'
-      register: IP
-
     - name: Create repo dir
       ansible.builtin.file:
         path: "{{ rproxy_dir }}/repo"
@@ -137,6 +137,56 @@
         restarted: true
   tags: install
 
+- name: Create docker repository
+  block:
+    - name: Create repo dir
+      ansible.builtin.file:
+        path: "{{ dockerrepo_dir }}/repo"
+        state: directory
+
+    - name: Create certs dir
+      ansible.builtin.file:
+        path: "{{ dockerrepo_dir }}/certs"
+        state: directory
+
+    - name: Copy dockerrepo certificate cnf
+      ansible.builtin.template:
+        src: templates/dockerrepo.cnf.j2
+        dest: '{{ dockerrepo_dir }}/certs/dockerrepo.cnf'
+
+    - name: Generate dockerrepo certificate key
+      ansible.builtin.shell:
+        cmd: 'openssl genrsa -out {{ dockerrepo_dir }}/certs/dockerrepo.key 2048'
+
+    - name: Generate dockerrepo csr
+      ansible.builtin.shell:
+        cmd: 'openssl req -key {{ dockerrepo_dir }}/certs/dockerrepo.key -new -out {{ dockerrepo_dir }}/certs/dockerrepo.csr -config {{ dockerrepo_dir }}/certs/dockerrepo.cnf'
+
+    - name: Sign dockerrepo certificate
+      ansible.builtin.shell:
+        cmd: 'openssl x509 -req -CA {{ rproxy_dir }}/certs/RootCA.crt -CAkey {{ rproxy_dir }}/certs/RootCA.key -in {{ dockerrepo_dir }}/certs/dockerrepo.csr -out {{ dockerrepo_dir }}/certs/dockerrepo.crt -CAcreateserial -extfile {{ dockerrepo_dir }}/certs/dockerrepo.cnf -days 365 -extensions v3_x509'
+
+    - name: Create fullchain certificate
+      ansible.builtin.shell:
+        cmd: 'cat {{ rproxy_dir }}/certs/RootCA.crt >> {{ dockerrepo_dir }}/certs/dockerrepo.crt'
+
+    - name: Delete csr
+      ansible.builtin.file:
+        path: "{{ dockerrepo_dir }}/certs/dockerrepo.csr"
+        state: absent
+
+    - name: Delete cnf
+      ansible.builtin.file:
+        path: "{{ dockerrepo_dir }}/certs/dockerrepo.cnf"
+        state: absent
+
+    - name: Restart rproxy
+      community.docker.docker_compose:
+        project_src: "{{ dockerrepo_dir }}"
+        build: false
+        restarted: true
+  tags: install
+
 - name: Create configs
   block:
     - name: Copy server.conf
diff --git a/roles/rproxy/templates/docker-compose.dockerrepo.yml.j2 b/roles/rproxy/templates/docker-compose.dockerrepo.yml.j2
new file mode 100644
index 0000000..971f030
--- /dev/null
+++ b/roles/rproxy/templates/docker-compose.dockerrepo.yml.j2
@@ -0,0 +1,15 @@
+version: '3.3'
+
+services:
+  nginx:
+    image: registry:latest
+    container_name: dockerrepo
+    restart: always
+    environment:
+      - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dockerrepo.crt
+      - REGISTRY_HTTP_TLS_KEY=/certs/dockerrepo.key
+    volumes:
+      - {{ dockerrepo_dir }}/repo:/var/lib/registry
+      - {{ dockerrepo_dir }}/certs:/certs
+    ports:
+      - 5000:5000
\ No newline at end of file
diff --git a/roles/rproxy/templates/docker-compose.yml.j2 b/roles/rproxy/templates/docker-compose.rproxy.yml.j2
similarity index 100%
rename from roles/rproxy/templates/docker-compose.yml.j2
rename to roles/rproxy/templates/docker-compose.rproxy.yml.j2
diff --git a/roles/rproxy/templates/dockerrepo.cnf.j2 b/roles/rproxy/templates/dockerrepo.cnf.j2
new file mode 100644
index 0000000..0167769
--- /dev/null
+++ b/roles/rproxy/templates/dockerrepo.cnf.j2
@@ -0,0 +1,29 @@
+[ req ]
+prompt                 = no
+distinguished_name     = dockerrepo.{{ domain.stdout }}
+req_extensions         = v3_req
+x509_extensions		   = v3_x509
+
+
+[ dockerrepo.{{ domain.stdout }} ]
+countryName            = RU
+stateOrProvinceName    = RU
+localityName           = MSK
+organizationName       = {{ domain.stdout }}
+organizationalUnitName = IT
+commonName             = dockerrepo.{{ domain.stdout }}
+emailAddress           = admin@{{ domain.stdout }}
+
+[ v3_req ]
+basicConstraints       = CA:false
+keyUsage               = digitalSignature, keyEncipherment
+subjectAltName         = @sans
+
+[ v3_x509 ]
+basicConstraints       = CA:false
+keyUsage               = digitalSignature, keyEncipherment
+subjectAltName         = @sans
+
+[ sans ]
+DNS.1 = dockerrepo.{{ domain.stdout }}
+IP.1 = {{ IP.stdout }}
\ No newline at end of file
diff --git a/rproxy.yml b/rproxy.yml
index 9ee0785..8b2b0cb 100644
--- a/rproxy.yml
+++ b/rproxy.yml
@@ -5,6 +5,7 @@
   vars:
     ansible_python_interpreter: /usr/bin/python3
     rproxy_dir: /opt/rproxy
+    dockerrepo_dir: /opt/dockerrepo
   
   vars_prompt:
     - name: rproxy_service_name