mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-26 04:05:40 +01:00
Merge branch 'master' of github.com:vmware/harbor
This commit is contained in:
commit
b801393c74
2
.gitignore
vendored
2
.gitignore
vendored
@ -3,4 +3,6 @@ my_start.sh
|
|||||||
Deploy/config/registry/config.yml
|
Deploy/config/registry/config.yml
|
||||||
Deploy/config/ui/env
|
Deploy/config/ui/env
|
||||||
Deploy/config/ui/app.conf
|
Deploy/config/ui/app.conf
|
||||||
|
Deploy/config/db/env
|
||||||
Deploy/prepare.my
|
Deploy/prepare.my
|
||||||
|
Deploy/harbor.cfg.my
|
||||||
|
15
Deploy/config/ui/private_key.pem
Normal file
15
Deploy/config/ui/private_key.pem
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICXQIBAAKBgQClak/4HO7EeLU0w/BhtVENPLOqU0AP2QjVUdg1qhNiDWVrbWx9
|
||||||
|
KYHqz5Kn0n2+fxdZo3o7ZY5/2+hhgkKh1z6Kge9XGgune6z4fx2J/X2Se8WsGeQU
|
||||||
|
TiND8ngSnsCANtYFwW50SbUZPtyf5XjAfKRofZem51OxbxzN3217L/ubKwIDAQAB
|
||||||
|
AoGBAITMMuNYJwAogCGaZHOs4yMjZoIJT9bpQMQxbsi2f9UqOA/ky0I4foqKloyQ
|
||||||
|
2k6DLbXTHqBsydgwLgGKWAAiE5xIR2bPMUNSLgjbA2eLly3aOR/0FJ5n09k2EmGg
|
||||||
|
Am7tLP+6yneXWKVi3HI3NzXriVjWK94WHGGC1b9F+n5CY/2RAkEA1d62OJUNve2k
|
||||||
|
IY6/b6T0BdssFo3VFcm22vnayEL/wcYrnRfF9Pb5wM4HUUqwVelKTouivXg60GNK
|
||||||
|
ZKYAx5CtHwJBAMYAEf5u0CQ/8URcwBuMkm0LzK4AM2x1nGs7gIxAEFhu1Z4xPjVe
|
||||||
|
MtIxuHhDhlLvD760uccmo5yE72QJ1ZrYBHUCQQCAxLZMPRpoB4QyHEOREe1G9V6H
|
||||||
|
OeBZXPk2wQcEWqqo3gt2a1DqHCXl+2aWgHTJVUxDHHngwFoRDCdHkFeZ0LcbAkAj
|
||||||
|
T8/luI2WaXD16DS6tQ9IM1qFjbOeHDuRRENgv+wqWVnvpIibq/kUU5m6mRBTqh78
|
||||||
|
u+6F/fYf6/VluftGalAhAkAukdMtt+sksq2e7Qw2dRr5GXtXjt+Otjj0NaJENmWk
|
||||||
|
a7SgAs34EOWtbd0XGYpZFrg134MzQGbweFeEUTj++e8p
|
||||||
|
-----END RSA PRIVATE KEY-----
|
@ -23,8 +23,8 @@ mysql:
|
|||||||
build: ./db/
|
build: ./db/
|
||||||
volumes:
|
volumes:
|
||||||
- /data/database:/var/lib/mysql
|
- /data/database:/var/lib/mysql
|
||||||
environment:
|
env_file:
|
||||||
MYSQL_ROOT_PASSWORD: root
|
- ./config/db/env
|
||||||
links:
|
links:
|
||||||
- log
|
- log
|
||||||
log_driver: "syslog"
|
log_driver: "syslog"
|
||||||
@ -37,6 +37,7 @@ ui:
|
|||||||
- ./config/ui/env
|
- ./config/ui/env
|
||||||
volumes:
|
volumes:
|
||||||
- ./config/ui/app.conf:/etc/ui/app.conf
|
- ./config/ui/app.conf:/etc/ui/app.conf
|
||||||
|
- ./config/ui/private_key.pem:/etc/ui/private_key.pem
|
||||||
links:
|
links:
|
||||||
- registry:registry
|
- registry:registry
|
||||||
- mysql:mysql
|
- mysql:mysql
|
||||||
@ -45,7 +46,7 @@ ui:
|
|||||||
log_opt:
|
log_opt:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://127.0.0.1:1514"
|
||||||
syslog-tag: "ui"
|
syslog-tag: "ui"
|
||||||
proxy:
|
roxy:
|
||||||
image: library/nginx:1.9
|
image: library/nginx:1.9
|
||||||
volumes:
|
volumes:
|
||||||
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf
|
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf
|
||||||
|
24
Deploy/harbor.cfg
Normal file
24
Deploy/harbor.cfg
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
## CONFIGURATIONS
|
||||||
|
#The endpoint for user to access UI and registry service
|
||||||
|
hostname = mydomain.com
|
||||||
|
#The protocol for accessing the UI and token/notification service, by default it is http
|
||||||
|
#User can set it to https if ssl is setup on nginx
|
||||||
|
ui_url_protocol = http
|
||||||
|
#Email settings for ui to send password resetting emails
|
||||||
|
email_server = smtp.mydomain.com
|
||||||
|
email_server_port = 25
|
||||||
|
email_username = sample_admin@mydomain.com
|
||||||
|
email_password = abc
|
||||||
|
email_from = admin <sample_admin@mydomain.com>
|
||||||
|
##The password of harbor admin
|
||||||
|
harbor_admin_password= Harbor12345
|
||||||
|
##By default the auth mode is db_auth, i.e. the creadentials are stored in a databse
|
||||||
|
#please set it to ldap_auth if you want to verify user's credentials against an ldap server.
|
||||||
|
auth_mode = db_auth
|
||||||
|
#The url for ldap endpoint
|
||||||
|
ldap_url = ldaps://ldap.mydomain.com
|
||||||
|
#The basedn template for verifying the user's password
|
||||||
|
ldap_basedn = uid=%s,ou=people,dc=mydomain,dc=com
|
||||||
|
#The password for root user of db
|
||||||
|
db_password = root123
|
||||||
|
#####
|
@ -1,36 +1,45 @@
|
|||||||
#!/usr/bin/python
|
#!/usr/bin/python
|
||||||
|
|
||||||
## CONFIGURATIONS
|
import ConfigParser
|
||||||
#The endpoint for user to access UI and registry service
|
import StringIO
|
||||||
hostname = "mydomain.com"
|
|
||||||
#User can update the protocol if ssl has been setup
|
|
||||||
ui_url = "http://" + hostname
|
|
||||||
#Email settings for ui to send password resetting emails
|
|
||||||
email_server = "smtp.mydomain.com"
|
|
||||||
email_server_port = "25"
|
|
||||||
email_username = "sample_admin@mydomain.com"
|
|
||||||
email_password = "abc"
|
|
||||||
email_from = "admin <sample_admin@mydomain.com>"
|
|
||||||
##The password of harbor admin
|
|
||||||
harbor_admin_password= "Harbor12345"
|
|
||||||
##By default the auth mode is db_auth, i.e. the creadentials are stored in a databse
|
|
||||||
#please set it to ldap_auth if you want to verify user's credentials against an ldap server.
|
|
||||||
auth_mode = "db_auth"
|
|
||||||
#The url for ldap endpoint
|
|
||||||
ldap_url = "ldaps://ldap.mydomain.com"
|
|
||||||
#The basedn template for verifying the user's password
|
|
||||||
ldap_basedn = "uid=%s,ou=people,dc=mydomain,dc=com"
|
|
||||||
#####
|
|
||||||
import os
|
import os
|
||||||
from string import Template
|
from string import Template
|
||||||
|
|
||||||
|
#Read configurations
|
||||||
|
conf = StringIO.StringIO()
|
||||||
|
conf.write("[configuration]\n")
|
||||||
|
conf.write(open("harbor.cfg").read())
|
||||||
|
conf.seek(0, os.SEEK_SET)
|
||||||
|
cp = ConfigParser.RawConfigParser()
|
||||||
|
cp.readfp(conf)
|
||||||
|
|
||||||
|
hostname = cp.get("configuration", "hostname")
|
||||||
|
ui_url = cp.get("configuration", "ui_url_protocol") + "://" + hostname
|
||||||
|
email_server = cp.get("configuration", "email_server")
|
||||||
|
email_server_port = cp.get("configuration", "email_server_port")
|
||||||
|
email_username = cp.get("configuration", "email_username")
|
||||||
|
email_password = cp.get("configuration", "email_password")
|
||||||
|
email_from = cp.get("configuration", "email_from")
|
||||||
|
harbor_admin_password = cp.get("configuration", "harbor_admin_password")
|
||||||
|
auth_mode = cp.get("configuration", "auth_mode")
|
||||||
|
ldap_url = cp.get("configuration", "ldap_url")
|
||||||
|
ldap_basedn = cp.get("configuration", "ldap_basedn")
|
||||||
|
db_password = cp.get("configuration", "db_password")
|
||||||
|
########
|
||||||
|
|
||||||
base_dir = os.path.dirname(__file__)
|
base_dir = os.path.dirname(__file__)
|
||||||
config_dir = os.path.join(base_dir, "config")
|
config_dir = os.path.join(base_dir, "config")
|
||||||
templates_dir = os.path.join(base_dir, "templates")
|
templates_dir = os.path.join(base_dir, "templates")
|
||||||
|
|
||||||
|
|
||||||
ui_config_dir = os.path.join(config_dir,"ui")
|
ui_config_dir = os.path.join(config_dir,"ui")
|
||||||
if not os.path.exists(ui_config_dir):
|
if not os.path.exists(ui_config_dir):
|
||||||
os.makedirs(os.path.join(config_dir, "ui"))
|
os.makedirs(os.path.join(config_dir, "ui"))
|
||||||
|
|
||||||
|
db_config_dir = os.path.join(config_dir, "db")
|
||||||
|
if not os.path.exists(db_config_dir):
|
||||||
|
os.makedirs(os.path.join(config_dir, "db"))
|
||||||
|
|
||||||
def render(src, dest, **kw):
|
def render(src, dest, **kw):
|
||||||
t = Template(open(src, 'r').read())
|
t = Template(open(src, 'r').read())
|
||||||
with open(dest, 'w') as f:
|
with open(dest, 'w') as f:
|
||||||
@ -40,8 +49,9 @@ def render(src, dest, **kw):
|
|||||||
ui_conf_env = os.path.join(config_dir, "ui", "env")
|
ui_conf_env = os.path.join(config_dir, "ui", "env")
|
||||||
ui_conf = os.path.join(config_dir, "ui", "app.conf")
|
ui_conf = os.path.join(config_dir, "ui", "app.conf")
|
||||||
registry_conf = os.path.join(config_dir, "registry", "config.yml")
|
registry_conf = os.path.join(config_dir, "registry", "config.yml")
|
||||||
|
db_conf_env = os.path.join(config_dir, "db", "env")
|
||||||
|
|
||||||
conf_files = [ ui_conf, ui_conf_env, registry_conf ]
|
conf_files = [ ui_conf, ui_conf_env, registry_conf, db_conf_env ]
|
||||||
for f in conf_files:
|
for f in conf_files:
|
||||||
if os.path.exists(f):
|
if os.path.exists(f):
|
||||||
print "Clearing the configuration file: %s" % f
|
print "Clearing the configuration file: %s" % f
|
||||||
@ -69,4 +79,8 @@ render(os.path.join(templates_dir, "registry", "config.yml"),
|
|||||||
registry_conf,
|
registry_conf,
|
||||||
ui_url=ui_url)
|
ui_url=ui_url)
|
||||||
|
|
||||||
|
render(os.path.join(templates_dir, "db", "env"),
|
||||||
|
db_conf_env,
|
||||||
|
db_password=db_password)
|
||||||
|
|
||||||
print "The configuration files are ready, please use docker-compose to start the service."
|
print "The configuration files are ready, please use docker-compose to start the service."
|
||||||
|
1
Deploy/templates/db/env
Normal file
1
Deploy/templates/db/env
Normal file
@ -0,0 +1 @@
|
|||||||
|
MYSQL_ROOT_PASSWORD=$db_password
|
@ -12,11 +12,12 @@ Harbor is a project to provide enterprise capabilities for Docker Registry V2.
|
|||||||
Harbor is self contained and can be easily deployed via docker-compose.
|
Harbor is self contained and can be easily deployed via docker-compose.
|
||||||
```sh
|
```sh
|
||||||
$ cd Deploy
|
$ cd Deploy
|
||||||
#make update to the parameters in ./prepare
|
#make update to the parameters in ./harbor.cfg
|
||||||
$ ./prepare
|
$ ./prepare
|
||||||
Generated configuration file: ./config/ui/env
|
Generated configuration file: ./config/ui/env
|
||||||
Generated configuration file: ./config/ui/app.conf
|
Generated configuration file: ./config/ui/app.conf
|
||||||
Generated configuration file: ./config/registry/config.yml
|
Generated configuration file: ./config/registry/config.yml
|
||||||
|
Generated configuration file: ./config/db/env
|
||||||
$ docker-compose up
|
$ docker-compose up
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -32,7 +32,7 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
issuer = "registry-token-issuer"
|
issuer = "registry-token-issuer"
|
||||||
privateKey = "conf/private_key.pem"
|
privateKey = "/etc/ui/private_key.pem"
|
||||||
expiration = 5 //minute
|
expiration = 5 //minute
|
||||||
)
|
)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user