Can't Access Docker Registry 2 locally through curl or remotely - Private Docker Registry

Question

I have been trying to run the Docker Registry on my VPS but I have had no luck. I have been reading the docs here, following guides like Digital Ocean, as well as Googling and following other tutorials and posts. I spent the better half of yesterday trying to triage this.

I am running a real simple docker registry. This is my docker-compose.yml file:

version: '3.3'
services:
  registry:
    image: registry:latest
    ports:
    - "5017:5000"
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: Registry
      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      - ./auth:/auth
      - ./data:/data

I originally had this

version: '3'

services:
  registry:
    image: registry:2
    ports:
    - "5000:5000"
    environment:
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      - ./data:/data

I even tried running it without compose docker run p 5017:5000 --restart=always --name registry registry:2 and every time I run curl http://localhost:5017/v2/_catalog I get Recv failure: Connection reset by peer. I don't get it. I have a ton of other Docker containers running just fine. I don't see what the issue is.

The port is open

# lsof -i:5017
COMMAND     PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
docker-pr 20836 root    4u  IPv4 88933941      0t0  TCP *:5017 (LISTEN)
docker-pr 20840 root    4u  IPv6 88933946      0t0  TCP *:5017 (LISTEN)

Container is up

# docker ps
CONTAINER ID   IMAGE                                                       COMMAND                  CREATED         STATUS         PORTS                                       NAMES
fcb3c6320c44   registry:2                                                  "/entrypoint.sh /etc…"   5 seconds ago   Up 3 seconds   0.0.0.0:5017->5000/tcp, :::5017->5000/tcp   registry

Originally I started by just trying to connect from outside my VPS. I kept getting 502 and 403 errors. I am running httpd Apache on CentOS 7.

# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built:   Mar 24 2022 14:57:57

My Virtual Host:

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName docker.domain.com
        ServerAlias www.docker.domain.com

        ErrorLog /var/www/Docker.domain.com/prod/Logs/httpd/error.log
        CustomLog /var/www/Docker.domain.com/prod/Logs/httpd/requests.log combined

        ProxyPreserveHost on
#       ProxyRequests     off
#       ProxyVia On
        ProxyPass        / http://127.0.0.1:5017/
        ProxyPassReverse / http://127.0.0.1:5017/

        Header always set "Docker-Distribution-Api-Version" "registry/2.0"
        Header onsuccess set "Docker-Distribution-Api-Version" "registry/2.0"
        RequestHeader set X-Forwarded-Proto "https"

        SSLEngine on
        SSLProxyEngine On
        SSLCertificateFile /etc/letsencrypt/live/docker.domain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/docker.domain.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateChainFile /etc/letsencrypt/live/docker.domain.com/chain.pem
    </VirtualHost>
</IfModule>

I even stopped apache and tried installing and using nginx:

server {
    listen 80;

    server_name  docker.domain.com www.docker.domain.com;

    # disable any limits to avoid HTTP 413 for large image uploads
    client_max_body_size 0;

    # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
    chunked_transfer_encoding on;

    location / {
        # Do not allow connections from docker 1.5 and earlier
        # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
        if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
            return 404;
        }

        # To add basic authentication to v2 use auth_basic setting.
        # auth_basic "Registry realm";
        # auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;

        ## If $docker_distribution_api_version is empty, the header is not added.
        ## See the map directive above where this variable is defined.
        # add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;

        proxy_pass                          http://localhost:5017;
        proxy_set_header  Host              $http_host;   # required for docker client's sake
        proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
        proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header  X-Forwarded-Proto $scheme;
        proxy_read_timeout                  900;
    }
}

Then accessing it via https://docker.domain.com/v2 gives me either a 502 or 403 depending on the settings in my VH.

I would really appreciate any guidance. Thank you!

Quick note: I did also post the same question on Dockers Forum, but did not get a response.

update It is related to my iptables firewall. I stopped iptables and everything works fine. I am investigating and will post an update once I figure it out.