registry_path redirect behind NAT (public IP)

[mkarpiarz]

Is your feature request related to a problem? Please describe.
This has been mentioned (in passing) in #1382.

In a setup where the Pulp server has an internal (private) IP and an external (public) IP used to DNAT to the internal one, docker/podman pull will first contact the public IP (i.e. <public-ip>/v2/...) but then, because of request.get_host() in the RegistryPathField.to_representation() method here:

pulp_container/pulp_container/app/serializers.py

Lines 160 to 165 in 2e59a91

	def to_representation(self, value):
	"""
	Converts a base_path into a registry path.
	"""
	request = self.context["request"]
	return f"{request.get_host()}/{value}"

will be redirected to an URL containing the private IP (i.e. <private-ip>/pulp/container/...). Since the private IP is not routable from the Internet, this request will result in an "i/o timeout" during the "initializing source" phase of the pull.

Describe the solution you'd like
Either the distribution update API should allow to modify registry_path or this parameter should be a configuration option.

Describe alternatives you've considered
I can change registry_path directly in the database but would like to avoid doing this every time a new publication is created.

[mkarpiarz]

I was able to fix this issue by setting CONTENT_ORIGIN to the public IP.

I understand the value of registry_path is not stored in the database but generated dynamically on each API call so there is no point in modifying it with an "update" operation. Feel free to close this ticket is this is indeed the case.