mirror of
https://github.com/goharbor/harbor.git
synced 2024-09-27 13:02:59 +02:00
update: rebase+adjust
This commit is contained in:
parent
d25f3556a9
commit
91720859cc
@ -13,12 +13,8 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- {{log_location}}/:/var/log/docker/:z
|
- {{log_location}}/:/var/log/docker/:z
|
||||||
- type: bind
|
- ./common/config/log/logrotate.conf:/etc/logrotate.d/logrotate.conf:z
|
||||||
source: ./common/config/log/logrotate.conf
|
- ./common/config/log/rsyslog_docker.conf:/etc/rsyslog.d/rsyslog_docker.conf:z
|
||||||
target: /etc/logrotate.d/logrotate.conf
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/log/rsyslog_docker.conf
|
|
||||||
target: /etc/rsyslog.d/rsyslog_docker.conf
|
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1514:10514
|
- 127.0.0.1:1514:10514
|
||||||
networks:
|
networks:
|
||||||
@ -36,27 +32,15 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- {{data_volume}}/registry:/storage:z
|
- {{data_volume}}/registry:/storage:z
|
||||||
- ./common/config/registry/:/etc/registry/:z
|
- ./common/config/registry/:/etc/registry/:z
|
||||||
- type: bind
|
- {{data_volume}}/secret/registry/root.crt:/etc/registry/root.crt:z
|
||||||
source: {{data_volume}}/secret/registry/root.crt
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
target: /etc/registry/root.crt
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{% if gcs_keyfile %}
|
{% if gcs_keyfile %}
|
||||||
- type: bind
|
- {{gcs_keyfile}}:/etc/registry/gcs.key:z
|
||||||
source: {{gcs_keyfile}}
|
|
||||||
target: /etc/registry/gcs.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.core_crt_path}}:/harbor_cust_cert/core.crt:z
|
||||||
source: {{internal_tls.core_crt_path}}
|
- {{internal_tls.registry_crt_path}}:/etc/harbor/tls/registry.crt:z
|
||||||
target: /harbor_cust_cert/core.crt
|
- {{internal_tls.registry_key_path}}:/etc/harbor/tls/registry.key:z
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.registry_crt_path}}
|
|
||||||
target: /etc/harbor/tls/registry.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.registry_key_path}}
|
|
||||||
target: /etc/harbor/tls/registry.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
@ -82,24 +66,14 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- {{data_volume}}/registry:/storage:z
|
- {{data_volume}}/registry:/storage:z
|
||||||
- ./common/config/registry/:/etc/registry/:z
|
- ./common/config/registry/:/etc/registry/:z
|
||||||
- type: bind
|
- ./common/config/registryctl/config.yml:/etc/registryctl/config.yml:z
|
||||||
source: ./common/config/registryctl/config.yml
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
target: /etc/registryctl/config.yml
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{% if gcs_keyfile %}
|
{% if gcs_keyfile %}
|
||||||
- type: bind
|
- {{gcs_keyfile}}:/etc/registry/gcs.key:z
|
||||||
source: {{gcs_keyfile}}
|
|
||||||
target: /etc/registry/gcs.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.registryctl_crt_path}}:/etc/harbor/ssl/registryctl.crt:z
|
||||||
source: {{internal_tls.registryctl_crt_path}}
|
- {{internal_tls.registryctl_key_path}}:/etc/harbor/ssl/registryctl.key:z
|
||||||
target: /etc/harbor/ssl/registryctl.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.registryctl_key_path}}
|
|
||||||
target: /etc/harbor/ssl/registryctl.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
@ -152,30 +126,16 @@ services:
|
|||||||
- {{data_volume}}/ca_download/:/etc/core/ca/:z
|
- {{data_volume}}/ca_download/:/etc/core/ca/:z
|
||||||
- {{data_volume}}/:/data/:z
|
- {{data_volume}}/:/data/:z
|
||||||
- ./common/config/core/certificates/:/etc/core/certificates/:z
|
- ./common/config/core/certificates/:/etc/core/certificates/:z
|
||||||
- type: bind
|
- ./common/config/core/app.conf:/etc/core/app.conf:z
|
||||||
source: ./common/config/core/app.conf
|
- {{data_volume}}/secret/core/private_key.pem:/etc/core/private_key.pem:z
|
||||||
target: /etc/core/app.conf
|
- {{data_volume}}/secret/keys/secretkey:/etc/core/key:z
|
||||||
- type: bind
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
source: {{data_volume}}/secret/core/private_key.pem
|
|
||||||
target: /etc/core/private_key.pem
|
|
||||||
- type: bind
|
|
||||||
source: {{data_volume}}/secret/keys/secretkey
|
|
||||||
target: /etc/core/key
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{% if uaa_ca_file %}
|
{% if uaa_ca_file %}
|
||||||
- type: bind
|
- {{uaa_ca_file}}:/etc/core/certificates/uaa_ca.pem:z
|
||||||
source: {{uaa_ca_file}}
|
|
||||||
target: /etc/core/certificates/uaa_ca.pem
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.core_crt_path}}:/etc/harbor/ssl/core.crt:z
|
||||||
source: {{internal_tls.core_crt_path}}
|
- {{internal_tls.core_key_path}}:/etc/harbor/ssl/core.key:z
|
||||||
target: /etc/harbor/ssl/core.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.core_key_path}}
|
|
||||||
target: /etc/harbor/ssl/core.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
@ -205,16 +165,10 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
- NET_BIND_SERVICE
|
- NET_BIND_SERVICE
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- ./common/config/portal/nginx.conf:/etc/nginx/nginx.conf:z
|
||||||
source: ./common/config/portal/nginx.conf
|
|
||||||
target: /etc/nginx/nginx.conf
|
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.portal_crt_path}}:/etc/harbor/tls/portal.crt:z
|
||||||
source: {{internal_tls.portal_crt_path}}
|
- {{internal_tls.portal_key_path}}:/etc/harbor/tls/portal.key:z
|
||||||
target: /etc/harbor/tls/portal.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.portal_key_path}}
|
|
||||||
target: /etc/harbor/tls/portal.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
@ -240,19 +194,11 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- {{data_volume}}/job_logs:/var/log/jobs:z
|
- {{data_volume}}/job_logs:/var/log/jobs:z
|
||||||
- type: bind
|
- ./common/config/jobservice/config.yml:/etc/jobservice/config.yml:z
|
||||||
source: ./common/config/jobservice/config.yml
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
target: /etc/jobservice/config.yml
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.job_service_crt_path}}:/etc/harbor/ssl/job_service.crt:z
|
||||||
source: {{internal_tls.job_service_crt_path}}
|
- {{internal_tls.job_service_key_path}}:/etc/harbor/ssl/job_service.key:z
|
||||||
target: /etc/harbor/ssl/job_service.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.job_service_key_path}}
|
|
||||||
target: /etc/harbor/ssl/job_service.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
@ -275,7 +221,7 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- {{data_volume}}/redis:/var/lib/redis
|
- {{data_volume}}/redis:/var/lib/redis:z
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
depends_on:
|
depends_on:
|
||||||
@ -302,16 +248,10 @@ services:
|
|||||||
{% if protocol == 'https' %}
|
{% if protocol == 'https' %}
|
||||||
- {{data_volume}}/secret/cert:/etc/cert:z
|
- {{data_volume}}/secret/cert:/etc/cert:z
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- type: bind
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{%if internal_tls.enabled %}
|
{%if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.proxy_crt_path}}:/etc/harbor/tls/proxy.crt:z
|
||||||
source: {{internal_tls.proxy_crt_path}}
|
- {{internal_tls.proxy_key_path}}:/etc/harbor/tls/proxy.key:z
|
||||||
target: /etc/harbor/tls/proxy.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.proxy_key_path}}
|
|
||||||
target: /etc/harbor/tls/proxy.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
@ -348,22 +288,12 @@ services:
|
|||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- {{data_volume}}/trivy-adapter/trivy:/home/scanner/.cache/trivy:z
|
||||||
source: {{data_volume}}/trivy-adapter/trivy
|
- {{data_volume}}/trivy-adapter/reports:/home/scanner/.cache/reports:z
|
||||||
target: /home/scanner/.cache/trivy
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
- type: bind
|
|
||||||
source: {{data_volume}}/trivy-adapter/reports
|
|
||||||
target: /home/scanner/.cache/reports
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
{% if internal_tls.enabled %}
|
{% if internal_tls.enabled %}
|
||||||
- type: bind
|
- {{internal_tls.trivy_adapter_crt_path}}:/etc/harbor/ssl/trivy_adapter.crt:z
|
||||||
source: {{internal_tls.trivy_adapter_crt_path}}
|
- {{internal_tls.trivy_adapter_key_path}}:/etc/harbor/ssl/trivy_adapter.key:z
|
||||||
target: /etc/harbor/ssl/trivy_adapter.crt
|
|
||||||
- type: bind
|
|
||||||
source: {{internal_tls.trivy_adapter_key_path}}
|
|
||||||
target: /etc/harbor/ssl/trivy_adapter.key
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
@ -388,9 +318,7 @@ services:
|
|||||||
- postgresql
|
- postgresql
|
||||||
{% endif %}
|
{% endif %}
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- ./common/config/shared/trust-certificates:/harbor_cust_cert:z
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
|
Loading…
Reference in New Issue
Block a user