--- harbor_port_http: 20080 harbor_port_https: 20443 harbor_port_metrics: 29000 harbor_db_host: "{{ postgres.host }}" harbor_db_port: "{{ postgres.port }}" harbor_db_database: harbor harbor_db_user: "{{ vault_harbor.db.user }}" harbor_db_pass: "{{ vault_harbor.db.pass }}" harbor_version: 2.9.0 harbor_svc: name: harbor domain: registry.serguzim.me caddy_extra: | reverse_proxy /metrics host.docker.internal:{{ harbor_port_metrics }} reverse_proxy host.docker.internal:{{ harbor_port_https }} { transport http { tls tls_server_name registry.serguzim.me } } caddy_default: false db: host: "{{ postgres.host }}" port: "{{ postgres.port }}" database: harbor user: "{{ vault_harbor.db.user }}" pass: "{{ vault_harbor.db.pass }}" harbor_version: 2.9.0 harbor_yml: hostname: "{{ harbor_svc.domain }}" http: port: "{{ harbor_port_http }}" https: port: "{{ harbor_port_https }}" certificate: /opt/services/.lego/certificates/registry.serguzim.me.crt private_key: /opt/services/.lego/certificates/registry.serguzim.me.key external_url: https://registry.serguzim.me harbor_admin_password: "{{ vault_harbor.admin_password }}" data_volume: "{{ (service_path, 'data') | path_join }}" storage_service: s3: accesskey: "{{ vault_harbor.minio.accesskey }}" secretkey: "{{ vault_harbor.minio.secretkey }}" region: de-contabo-1 regionendpoint: https://s3.serguzim.me bucket: registry secure: true trivy: ignore_unfixed: false skip_update: false offline_scan: false security_check: vuln insecure: false jobservice: max_job_workers: 10 job_loggers: - STD_OUTPUT - FILE logger_sweeper_duration: 1 notification: webhook_job_max_retry: 3 webhook_job_http_client_timeout: 3 log: level: info local: rotate_count: 50 rotate_size: 200M location: /var/log/harbor _version: "{{ harbor_version }}" external_database: harbor: host: "{{ harbor_db_host }}" port: "{{ harbor_db_port }}" db_name: "{{ harbor_db_database }}" username: "{{ harbor_db_user }}" password: "{{ harbor_db_pass }}" ssl_mode: verify-full max_idle_conns: 2 max_open_conns: 0 proxy: http_proxy: https_proxy: no_proxy: components: - core - jobservice - trivy metric: enabled: enabled port: "{{ harbor_port_metrics }}" path: /metrics upload_purging: enabled: true age: 168h interval: 24h dryrun: false cache: enabled: false expire_hours: 24