Commit Graph

100 Commits

Author SHA1 Message Date
Tan Jiang
e02de2068a Enable configuring the CA Certificate for UAA
Enable configuring the path of root cert of UAA in harbor.cfg.  It only
takes effects if the verify_cert is set to "true" If the file does not
exist, the configuration is skipped.
The intention for this commit is to support integration with nested UAA
in PAS or PKS, we don't expect user to manually configure this value,
though he can do it if he wants.
2018-01-03 16:21:29 +08:00
yixingjia
5340fed110
Merge pull request #3848 from yixingjia/ClairHA
Enable Clair in HA
2018-01-03 11:45:44 +08:00
stonezdj
b065f19f51 Add configure parameter ldap_verify_cert to harbor.cfg 2017-12-27 10:21:58 +08:00
yixingj
ecd0bbf2dd Enable Clair in HA
Run clair with Core Harbor services
Add check logic for Clair DB
2017-12-21 23:23:35 +08:00
yixingj
f63588855f Make Clair DB configurable
Make the HOST,PORT,USERNAME,DB configurable for
Clair
2017-12-20 18:29:50 +08:00
Tan Jiang
2ffc58a5d4 Refactor the configuraiton of UAA
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert".  Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
yixingjia
ec269047c7
Merge pull request #3736 from yixingjia/HA
HA installation script
2017-12-12 16:27:28 +08:00
yixingj
d328e2586e HA installation script
Add --ha options when install Harbor.

Currently it does nothing.
2017-12-07 22:56:57 +08:00
wangyan
8cd5ac5171 Update prepare chmod to support python3 2017-12-07 00:31:02 -08:00
Wenkai Yin
66b9699ac2 Improve log rotation configurability 2017-11-09 14:33:05 +08:00
Wenkai Yin
f3a4cecdcb Add email_insecure and delete verify_remote_cert configuration item from harbor.cfg 2017-10-31 13:51:49 +08:00
Wenkai Yin
2156750b04 Move certificate verification to target level
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Daniel Jiang
e6874cf9f1 Merge pull request #3383 from reasonerjt/uaa-integration
Make the root CA certificate of UAA configurable
2017-10-17 12:20:22 +08:00
Tan Jiang
eab6b43d99 Make the root CA certificate of UAA should be configurable 2017-10-16 17:40:29 +08:00
Wenkai Yin
bc3d859571 make log rotate days configurable 2017-10-16 17:09:28 +08:00
Tan Jiang
51286d9baa Provide UAA authenticator for password based authentication. 2017-10-07 00:16:53 +08:00
yixingj
357004fbf1 Make Harbor database configurable 2017-09-25 13:29:49 +08:00
Tan Jiang
629cf29850 The password to access clair db can be configured in harbor.cfg, skip auto-scan if clair-db is not ready 2017-07-17 15:25:47 +08:00
yixingj
a23c6ee8c6 Support include offline data on clair startup 2017-06-28 15:45:16 +08:00
Tan Jiang
15384317e0 add with_clair flag in systeminfo 2017-06-15 16:15:46 +08:00
Tan Jiang
83b9196925 use docker-compose to deploy clair with harbor 2017-04-27 19:13:53 +08:00
wy65701436
91a86faa75 update 2017-04-10 22:33:39 -07:00
wy65701436
ec06bd2073 add crt 0600 2017-04-10 22:06:39 -07:00
wy65701436
6b2b9cdc83 fix issue 1932 2017-04-09 05:16:52 -07:00
Wenkai Yin
ec27e2dc07 remove compress js flag 2017-03-30 12:59:47 +08:00
Tan Jiang
864e0f415e prepare should remove the temp files generated for creating certificate 2017-03-29 17:08:28 +08:00
Tan Jiang
715d87dc80 fixes #1818 2017-03-28 10:11:13 +08:00
Tan Jiang
851f61032a Do not generate new alias each time prepare runs 2017-03-24 20:05:13 +08:00
Tan Jiang
a33f4151e2 merge with dev branch 2017-03-24 14:40:34 +08:00
Tan Jiang
3e8d71538f generate cert for notary signer in prepare,
update the default certificates so the subject is formal.
2017-03-24 13:33:49 +08:00
Tan Jiang
90bc280ea1 add a 4443 ssl server to nginx config 2017-03-24 13:16:48 +08:00
Tan Jiang
402a482bc6 generate cert for notary signer in prepare 2017-03-23 21:00:53 +08:00
Tan Jiang
9d87279152 fix #1570, #1628 2017-03-16 16:09:05 +08:00
Tan Jiang
ef906c96d0 provide systeminfo API for UI 2017-03-10 18:53:11 +08:00
Wenkai Yin
414e8a8bcf Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
Conflicts:
	make/docker-compose.tpl
	src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
a1858098c5 using different secret to mark himself when communicates with other components 2017-02-23 18:24:32 +08:00
Tan Jiang
8cbfffa9c8 deploy notary within Harbor 2017-02-20 19:31:28 +08:00
Tan Jiang
c3c1b84ed1 preparae --conf instead of -conf 2017-02-20 13:21:29 +08:00
Wenkai Yin
f1f78a5649 update 2017-01-19 17:56:08 +08:00
Ricardo Katz
160e22f0fe Changes LDAP Library and other LDAP improvements (#1277)
* Changes LDAP library to go-ldap and creates new ldap timeout directive

* Add support for connection on LDAP using TLS
2016-12-30 16:03:30 +08:00
yhua
90be98bc5d add 'data_volume' in harbor.cfg 2016-12-12 14:35:28 +08:00
Wenkai Yin
8523db5427 make cert dir 2016-11-17 16:14:22 +08:00
Wenkai Yin
e4bf4af9ba mkdir if it does not exist 2016-11-17 15:09:12 +08:00
Tan Jiang
9d7a18a0a3 fix issue in golint, support project creation restriction at backend 2016-11-16 20:31:04 +08:00
Daniel Jiang
0025134a91 Merge pull request #1039 from yhua123/dev
modify prepare for genrate all common/config files from template
2016-11-11 22:38:44 +08:00
yhua
20873a9d17 remove 2 cert file delete action, already delete previous 2016-11-11 16:08:49 +08:00
yhua
f19e19eaf0 move root.crt and private_key.pem to template 2016-11-09 18:21:28 +08:00
yhua
09b62157cf modify prepare for genrate all common/config files from template 2016-11-08 17:40:19 +08:00
Phillip Gomez
0dfce1d837 Make mail identity configurable
The identity field parameter passed to smtp.SendMail is now
configurable instead of being hardcoded to 'Mail Config'.

This fixes issue #900
2016-11-06 18:05:46 -08:00
yhua
311cf8da07 change code 20161019 2016-10-21 18:39:10 +08:00