mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-22 10:15:35 +01:00
Merge branch 'master' of github.com:vmware/harbor
This commit is contained in:
commit
b801393c74
2
.gitignore
vendored
2
.gitignore
vendored
@ -3,4 +3,6 @@ my_start.sh
|
||||
Deploy/config/registry/config.yml
|
||||
Deploy/config/ui/env
|
||||
Deploy/config/ui/app.conf
|
||||
Deploy/config/db/env
|
||||
Deploy/prepare.my
|
||||
Deploy/harbor.cfg.my
|
||||
|
15
Deploy/config/ui/private_key.pem
Normal file
15
Deploy/config/ui/private_key.pem
Normal file
@ -0,0 +1,15 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXQIBAAKBgQClak/4HO7EeLU0w/BhtVENPLOqU0AP2QjVUdg1qhNiDWVrbWx9
|
||||
KYHqz5Kn0n2+fxdZo3o7ZY5/2+hhgkKh1z6Kge9XGgune6z4fx2J/X2Se8WsGeQU
|
||||
TiND8ngSnsCANtYFwW50SbUZPtyf5XjAfKRofZem51OxbxzN3217L/ubKwIDAQAB
|
||||
AoGBAITMMuNYJwAogCGaZHOs4yMjZoIJT9bpQMQxbsi2f9UqOA/ky0I4foqKloyQ
|
||||
2k6DLbXTHqBsydgwLgGKWAAiE5xIR2bPMUNSLgjbA2eLly3aOR/0FJ5n09k2EmGg
|
||||
Am7tLP+6yneXWKVi3HI3NzXriVjWK94WHGGC1b9F+n5CY/2RAkEA1d62OJUNve2k
|
||||
IY6/b6T0BdssFo3VFcm22vnayEL/wcYrnRfF9Pb5wM4HUUqwVelKTouivXg60GNK
|
||||
ZKYAx5CtHwJBAMYAEf5u0CQ/8URcwBuMkm0LzK4AM2x1nGs7gIxAEFhu1Z4xPjVe
|
||||
MtIxuHhDhlLvD760uccmo5yE72QJ1ZrYBHUCQQCAxLZMPRpoB4QyHEOREe1G9V6H
|
||||
OeBZXPk2wQcEWqqo3gt2a1DqHCXl+2aWgHTJVUxDHHngwFoRDCdHkFeZ0LcbAkAj
|
||||
T8/luI2WaXD16DS6tQ9IM1qFjbOeHDuRRENgv+wqWVnvpIibq/kUU5m6mRBTqh78
|
||||
u+6F/fYf6/VluftGalAhAkAukdMtt+sksq2e7Qw2dRr5GXtXjt+Otjj0NaJENmWk
|
||||
a7SgAs34EOWtbd0XGYpZFrg134MzQGbweFeEUTj++e8p
|
||||
-----END RSA PRIVATE KEY-----
|
@ -23,8 +23,8 @@ mysql:
|
||||
build: ./db/
|
||||
volumes:
|
||||
- /data/database:/var/lib/mysql
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: root
|
||||
env_file:
|
||||
- ./config/db/env
|
||||
links:
|
||||
- log
|
||||
log_driver: "syslog"
|
||||
@ -37,6 +37,7 @@ ui:
|
||||
- ./config/ui/env
|
||||
volumes:
|
||||
- ./config/ui/app.conf:/etc/ui/app.conf
|
||||
- ./config/ui/private_key.pem:/etc/ui/private_key.pem
|
||||
links:
|
||||
- registry:registry
|
||||
- mysql:mysql
|
||||
@ -45,7 +46,7 @@ ui:
|
||||
log_opt:
|
||||
syslog-address: "tcp://127.0.0.1:1514"
|
||||
syslog-tag: "ui"
|
||||
proxy:
|
||||
roxy:
|
||||
image: library/nginx:1.9
|
||||
volumes:
|
||||
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf
|
||||
|
24
Deploy/harbor.cfg
Normal file
24
Deploy/harbor.cfg
Normal file
@ -0,0 +1,24 @@
|
||||
## CONFIGURATIONS
|
||||
#The endpoint for user to access UI and registry service
|
||||
hostname = mydomain.com
|
||||
#The protocol for accessing the UI and token/notification service, by default it is http
|
||||
#User can set it to https if ssl is setup on nginx
|
||||
ui_url_protocol = http
|
||||
#Email settings for ui to send password resetting emails
|
||||
email_server = smtp.mydomain.com
|
||||
email_server_port = 25
|
||||
email_username = sample_admin@mydomain.com
|
||||
email_password = abc
|
||||
email_from = admin <sample_admin@mydomain.com>
|
||||
##The password of harbor admin
|
||||
harbor_admin_password= Harbor12345
|
||||
##By default the auth mode is db_auth, i.e. the creadentials are stored in a databse
|
||||
#please set it to ldap_auth if you want to verify user's credentials against an ldap server.
|
||||
auth_mode = db_auth
|
||||
#The url for ldap endpoint
|
||||
ldap_url = ldaps://ldap.mydomain.com
|
||||
#The basedn template for verifying the user's password
|
||||
ldap_basedn = uid=%s,ou=people,dc=mydomain,dc=com
|
||||
#The password for root user of db
|
||||
db_password = root123
|
||||
#####
|
@ -1,36 +1,45 @@
|
||||
#!/usr/bin/python
|
||||
|
||||
## CONFIGURATIONS
|
||||
#The endpoint for user to access UI and registry service
|
||||
hostname = "mydomain.com"
|
||||
#User can update the protocol if ssl has been setup
|
||||
ui_url = "http://" + hostname
|
||||
#Email settings for ui to send password resetting emails
|
||||
email_server = "smtp.mydomain.com"
|
||||
email_server_port = "25"
|
||||
email_username = "sample_admin@mydomain.com"
|
||||
email_password = "abc"
|
||||
email_from = "admin <sample_admin@mydomain.com>"
|
||||
##The password of harbor admin
|
||||
harbor_admin_password= "Harbor12345"
|
||||
##By default the auth mode is db_auth, i.e. the creadentials are stored in a databse
|
||||
#please set it to ldap_auth if you want to verify user's credentials against an ldap server.
|
||||
auth_mode = "db_auth"
|
||||
#The url for ldap endpoint
|
||||
ldap_url = "ldaps://ldap.mydomain.com"
|
||||
#The basedn template for verifying the user's password
|
||||
ldap_basedn = "uid=%s,ou=people,dc=mydomain,dc=com"
|
||||
#####
|
||||
import ConfigParser
|
||||
import StringIO
|
||||
import os
|
||||
from string import Template
|
||||
|
||||
#Read configurations
|
||||
conf = StringIO.StringIO()
|
||||
conf.write("[configuration]\n")
|
||||
conf.write(open("harbor.cfg").read())
|
||||
conf.seek(0, os.SEEK_SET)
|
||||
cp = ConfigParser.RawConfigParser()
|
||||
cp.readfp(conf)
|
||||
|
||||
hostname = cp.get("configuration", "hostname")
|
||||
ui_url = cp.get("configuration", "ui_url_protocol") + "://" + hostname
|
||||
email_server = cp.get("configuration", "email_server")
|
||||
email_server_port = cp.get("configuration", "email_server_port")
|
||||
email_username = cp.get("configuration", "email_username")
|
||||
email_password = cp.get("configuration", "email_password")
|
||||
email_from = cp.get("configuration", "email_from")
|
||||
harbor_admin_password = cp.get("configuration", "harbor_admin_password")
|
||||
auth_mode = cp.get("configuration", "auth_mode")
|
||||
ldap_url = cp.get("configuration", "ldap_url")
|
||||
ldap_basedn = cp.get("configuration", "ldap_basedn")
|
||||
db_password = cp.get("configuration", "db_password")
|
||||
########
|
||||
|
||||
base_dir = os.path.dirname(__file__)
|
||||
config_dir = os.path.join(base_dir, "config")
|
||||
templates_dir = os.path.join(base_dir, "templates")
|
||||
|
||||
|
||||
ui_config_dir = os.path.join(config_dir,"ui")
|
||||
if not os.path.exists(ui_config_dir):
|
||||
os.makedirs(os.path.join(config_dir, "ui"))
|
||||
|
||||
db_config_dir = os.path.join(config_dir, "db")
|
||||
if not os.path.exists(db_config_dir):
|
||||
os.makedirs(os.path.join(config_dir, "db"))
|
||||
|
||||
def render(src, dest, **kw):
|
||||
t = Template(open(src, 'r').read())
|
||||
with open(dest, 'w') as f:
|
||||
@ -40,8 +49,9 @@ def render(src, dest, **kw):
|
||||
ui_conf_env = os.path.join(config_dir, "ui", "env")
|
||||
ui_conf = os.path.join(config_dir, "ui", "app.conf")
|
||||
registry_conf = os.path.join(config_dir, "registry", "config.yml")
|
||||
db_conf_env = os.path.join(config_dir, "db", "env")
|
||||
|
||||
conf_files = [ ui_conf, ui_conf_env, registry_conf ]
|
||||
conf_files = [ ui_conf, ui_conf_env, registry_conf, db_conf_env ]
|
||||
for f in conf_files:
|
||||
if os.path.exists(f):
|
||||
print "Clearing the configuration file: %s" % f
|
||||
@ -69,4 +79,8 @@ render(os.path.join(templates_dir, "registry", "config.yml"),
|
||||
registry_conf,
|
||||
ui_url=ui_url)
|
||||
|
||||
render(os.path.join(templates_dir, "db", "env"),
|
||||
db_conf_env,
|
||||
db_password=db_password)
|
||||
|
||||
print "The configuration files are ready, please use docker-compose to start the service."
|
||||
|
1
Deploy/templates/db/env
Normal file
1
Deploy/templates/db/env
Normal file
@ -0,0 +1 @@
|
||||
MYSQL_ROOT_PASSWORD=$db_password
|
@ -12,11 +12,12 @@ Harbor is a project to provide enterprise capabilities for Docker Registry V2.
|
||||
Harbor is self contained and can be easily deployed via docker-compose.
|
||||
```sh
|
||||
$ cd Deploy
|
||||
#make update to the parameters in ./prepare
|
||||
#make update to the parameters in ./harbor.cfg
|
||||
$ ./prepare
|
||||
Generated configuration file: ./config/ui/env
|
||||
Generated configuration file: ./config/ui/app.conf
|
||||
Generated configuration file: ./config/registry/config.yml
|
||||
Generated configuration file: ./config/db/env
|
||||
$ docker-compose up
|
||||
```
|
||||
|
||||
|
@ -32,7 +32,7 @@ import (
|
||||
|
||||
const (
|
||||
issuer = "registry-token-issuer"
|
||||
privateKey = "conf/private_key.pem"
|
||||
privateKey = "/etc/ui/private_key.pem"
|
||||
expiration = 5 //minute
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user