thomas/container
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

harbor/docker-compose.yml aktualisiert

Browse Source
This commit is contained in:
Thomas M
2026-01-02 20:43:07 +00:00
parent 858f1b6ed2
commit b6ef8045da
1 changed files with 48 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
harbor/docker-compose.yml
View File

@@ -1,28 +1,51 @@
services: services:
# --------------------------------------------------------- # ---------------------------------------------------------
# 1. Init-Container: erzeugt harbor.yml automatisch # 1. Init-Container: erzeugt harbor.yml + Self-Signed TLS
# --------------------------------------------------------- # ---------------------------------------------------------
harbor-config: harbor-config:
image: alpine:${ALPINE_VERSION:-3.19} image: alpine:${ALPINE_VERSION:-3.19}
container_name: ${HARBOR_CONFIG_CONTAINER:-harbor-config} container_name: ${HARBOR_CONFIG_CONTAINER:-harbor-config}
command: > entrypoint: ["/bin/sh", "-c"]
sh -c " command: |
echo 'hostname: ${HARBOR_HOSTNAME}' > /config/harbor.yml && set -e
echo 'http:' >> /config/harbor.yml &&
echo ' port: ${HARBOR_HTTP_PORT}' >> /config/harbor.yml && # TLS-Verzeichnis erstellen
echo 'https:' >> /config/harbor.yml && mkdir -p ${HARBOR_DATA_PATH:-/data/harbor}/tls
echo ' port: ${HARBOR_HTTPS_PORT}' >> /config/harbor.yml &&
echo ' certificate: /etc/harbor/tls/harbor.crt' >> /config/harbor.yml && # Self-Signed Zertifikat erzeugen, falls nicht vorhanden
echo ' private_key: /etc/harbor/tls/harbor.key' >> /config/harbor.yml && if [ ! -f "${HARBOR_DATA_PATH:-/data/harbor}/tls/harbor.crt" ]; then
echo 'harbor_admin_password: ${HARBOR_ADMIN_PASSWORD}' >> /config/harbor.yml && echo "Generating self-signed certificate..."
echo 'data_volume: ${HARBOR_DATA_PATH}' >> /config/harbor.yml && openssl req -x509 -nodes -newkey rsa:2048 \
echo 'log:' >> /config/harbor.yml && -keyout ${HARBOR_DATA_PATH:-/data/harbor}/tls/harbor.key \
echo ' level: ${HARBOR_LOG_LEVEL}' >> /config/harbor.yml -out ${HARBOR_DATA_PATH:-/data/harbor}/tls/harbor.crt \
" -subj "/CN=${HARBOR_HOSTNAME:-harbor.local}"
fi
# Harbor-Konfiguration erzeugen
cat <<EOF > /config/harbor.yml
hostname: ${HARBOR_HOSTNAME:-harbor.local}
http:
port: ${HARBOR_HTTP_PORT:-8080}
https:
port: ${HARBOR_HTTPS_PORT:-8443}
certificate: /etc/harbor/tls/harbor.crt
private_key: /etc/harbor/tls/harbor.key
harbor_admin_password: ${HARBOR_ADMIN_PASSWORD:-Harbor12345}
data_volume: ${HARBOR_DATA_PATH:-/data/harbor}
log:
level: ${HARBOR_LOG_LEVEL:-info}
EOF
volumes: volumes:
- "${HARBOR_DATA_PATH:-/data/harbor}/config:/config" - "${HARBOR_DATA_PATH:-/data/harbor}/config:/config"
- ${HARBOR_DATA_PATH}/tls:/etc/harbor/tls:ro - "${HARBOR_DATA_PATH:-/data/harbor}/tls:/etc/harbor/tls:ro"
restart: "no" restart: "no"
networks:
- harbor
# --------------------------------------------------------- # ---------------------------------------------------------
# 2. Harbor Services (v2.11.x) # 2. Harbor Services (v2.11.x)
@@ -32,7 +55,7 @@ services:
container_name: ${HARBOR_LOG_CONTAINER:-harbor-log} container_name: ${HARBOR_LOG_CONTAINER:-harbor-log}
restart: always restart: always
volumes: volumes:
- ${HARBOR_DATA_PATH}/log:/var/log/docker - "${HARBOR_DATA_PATH:-/data/harbor}/log:/var/log/docker"
networks: networks:
- harbor - harbor
depends_on: depends_on:
@@ -43,7 +66,7 @@ services:
container_name: ${HARBOR_REGISTRY_CONTAINER:-harbor-registry} container_name: ${HARBOR_REGISTRY_CONTAINER:-harbor-registry}
restart: always restart: always
volumes: volumes:
- ${HARBOR_DATA_PATH}/registry:/storage - "${HARBOR_DATA_PATH:-/data/harbor}/registry:/storage"
networks: networks:
- harbor - harbor
depends_on: depends_on:
@@ -54,70 +77,18 @@ services:
container_name: ${HARBOR_CORE_CONTAINER:-harbor-core} container_name: ${HARBOR_CORE_CONTAINER:-harbor-core}
restart: always restart: always
environment: environment:
- CORE_SECRET=${HARBOR_CORE_SECRET} - CORE_SECRET=${HARBOR_CORE_SECRET:-coresecret}
- JOBSERVICE_SECRET=${HARBOR_JOB_SECRET} - JOBSERVICE_SECRET=${HARBOR_JOB_SECRET:-jobsecret}
volumes: volumes:
- ${HARBOR_DATA_PATH}/core:/data - "${HARBOR_DATA_PATH:-/data/harbor}/core:/data"
- harbor-config:/etc/harbor - "${HARBOR_DATA_PATH:-/data/harbor}/config:/etc/harbor"
networks: networks:
- harbor - harbor
depends_on: depends_on:
- registry - registry
- database
- redis
portal: portal:
image: goharbor/harbor-portal:${HARBOR_VERSION:-v2.11.0} image: goharbor/harbor-portal:${HARBOR_VERSION:-v2.11.0}
container_name: ${HARBOR_PORTAL_CONTAINER:-harbor-portal} container_name: ${HARBOR_PORT
restart: always
networks:
- harbor
depends_on:
- core
labels:
- "traefik.enable=true"
- "traefik.http.routers.harbor.entrypoints=websecure"
- "traefik.http.routers.harbor.rule=Host(`${HARBOR_HOSTNAME}`)"
- "traefik.http.routers.harbor.tls=true"
- "traefik.http.routers.harbor.tls.passthrough=true"
- "traefik.http.services.harbor.loadbalancer.server.port=${HARBOR_HTTPS_PORT}"
jobservice:
image: goharbor/harbor-jobservice:${HARBOR_VERSION:-v2.11.0}
container_name: ${HARBOR_JOB_CONTAINER:-harbor-jobservice}
restart: always
volumes:
- ${HARBOR_DATA_PATH}/jobservice:/var/log/jobs
- harbor-config:/etc/harbor
networks:
- harbor
depends_on:
- core
database:
image: goharbor/harbor-db:${HARBOR_VERSION:-v2.11.0}
container_name: ${HARBOR_DB_CONTAINER:-harbor-db}
restart: always
environment:
- POSTGRES_PASSWORD=${HARBOR_DB_PASSWORD}
volumes:
- ${HARBOR_DATA_PATH}/database:/var/lib/postgresql/data
networks:
- harbor
depends_on:
- harbor-config
redis:
image: goharbor/redis-photon:${HARBOR_VERSION:-v2.11.0}
container_name: ${HARBOR_REDIS_CONTAINER:-harbor-redis}
restart: always
networks:
- harbor
depends_on:
- harbor-config
volumes:
harbor-config:
harbor-data:
networks:
harbor:
driver: bridge