103 lines
2.6 KiB
YAML
103 lines
2.6 KiB
YAML
---
|
|
harbor_port_http: 20080
|
|
harbor_port_https: 20443
|
|
harbor_port_metrics: 29000
|
|
|
|
harbor_db_host: "{{ postgres.host }}"
|
|
harbor_db_port: "{{ postgres.port }}"
|
|
harbor_db_database: harbor
|
|
harbor_db_user: "{{ vault_harbor.db.user }}"
|
|
harbor_db_pass: "{{ vault_harbor.db.pass }}"
|
|
harbor_version: 2.9.0
|
|
|
|
harbor_svc:
|
|
name: harbor
|
|
domain: registry.serguzim.me
|
|
caddy_extra: |
|
|
reverse_proxy /metrics host.docker.internal:{{ harbor_port_metrics }}
|
|
reverse_proxy host.docker.internal:{{ harbor_port_https }} {
|
|
transport http {
|
|
tls
|
|
tls_server_name registry.serguzim.me
|
|
}
|
|
}
|
|
caddy_default: false
|
|
db:
|
|
host: "{{ postgres.host }}"
|
|
port: "{{ postgres.port }}"
|
|
database: harbor
|
|
user: "{{ vault_harbor.db.user }}"
|
|
pass: "{{ vault_harbor.db.pass }}"
|
|
harbor_version: 2.9.0
|
|
|
|
harbor_yml:
|
|
hostname: "{{ harbor_svc.domain }}"
|
|
http:
|
|
port: "{{ harbor_port_http }}"
|
|
https:
|
|
port: "{{ harbor_port_https }}"
|
|
certificate: "{{ (service_path, 'server.crt') | path_join }}"
|
|
private_key: "{{ (service_path, 'server.key') | path_join }}"
|
|
external_url: https://registry.serguzim.me
|
|
harbor_admin_password: "{{ vault_harbor.admin_password }}"
|
|
data_volume: "{{ (service_path, 'data') | path_join }}"
|
|
storage_service:
|
|
s3:
|
|
accesskey: "{{ vault_harbor.minio.accesskey }}"
|
|
secretkey: "{{ vault_harbor.minio.secretkey }}"
|
|
region: de-contabo-1
|
|
regionendpoint: https://s3.serguzim.me
|
|
bucket: registry
|
|
secure: true
|
|
trivy:
|
|
ignore_unfixed: false
|
|
skip_update: false
|
|
offline_scan: false
|
|
security_check: vuln
|
|
insecure: false
|
|
jobservice:
|
|
max_job_workers: 10
|
|
job_loggers:
|
|
- STD_OUTPUT
|
|
- FILE
|
|
logger_sweeper_duration: 1
|
|
notification:
|
|
webhook_job_max_retry: 3
|
|
webhook_job_http_client_timeout: 3
|
|
log:
|
|
level: info
|
|
local:
|
|
rotate_count: 50
|
|
rotate_size: 200M
|
|
location: /var/log/harbor
|
|
_version: "{{ harbor_version }}"
|
|
external_database:
|
|
harbor:
|
|
host: "{{ harbor_db_host }}"
|
|
port: "{{ harbor_db_port }}"
|
|
db_name: "{{ harbor_db_database }}"
|
|
username: "{{ harbor_db_user }}"
|
|
password: "{{ harbor_db_pass }}"
|
|
ssl_mode: verify-full
|
|
max_idle_conns: 2
|
|
max_open_conns: 0
|
|
proxy:
|
|
http_proxy:
|
|
https_proxy:
|
|
no_proxy:
|
|
components:
|
|
- core
|
|
- jobservice
|
|
- trivy
|
|
metric:
|
|
enabled: enabled
|
|
port: "{{ harbor_port_metrics }}"
|
|
path: /metrics
|
|
upload_purging:
|
|
enabled: true
|
|
age: 168h
|
|
interval: 24h
|
|
dryrun: false
|
|
cache:
|
|
enabled: false
|
|
expire_hours: 24
|