mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-26 20:26:13 +01:00
c5d73e6a0c
use switch to make decision whether mTLS or server TLS Signed-off-by: DQ <dengq@vmware.com>
19 lines
724 B
Bash
Executable File
19 lines
724 B
Bash
Executable File
#!/bin/bash
|
|
IP=`ip addr s eth0 |grep "inet "|awk '{print $2}' |awk -F "/" '{print $1}'`
|
|
|
|
#echo $IP
|
|
sudo sed "s/reg.mydomain.com/$IP/" make/harbor.yml.tmpl |sudo tee make/harbor.yml
|
|
|
|
# enable internal tls
|
|
echo "internal_tls:" >> make/harbor.yml
|
|
echo " enabled: true" >> make/harbor.yml
|
|
echo " verify_client_cert: true" >> make/harbor.yml
|
|
echo " dir: /etc/harbor/tls/internal" >> make/harbor.yml
|
|
|
|
# TODO: remove it when scanner adapter support internal access of harbor
|
|
echo "storage_service:" >> make/harbor.yml
|
|
echo " ca_bundle: /data/cert/server.crt" >> make/harbor.yml
|
|
|
|
sed "s|/your/certificate/path|/data/cert/server.crt|g" -i make/harbor.yml
|
|
sed "s|/your/private/key/path|/data/cert/server.key|g" -i make/harbor.yml
|