version: "3.9" services: # --------------------------------------------------------- # 1. Init-Container: erzeugt harbor.yml (OHNE HTTPS!) # --------------------------------------------------------- harbor-config: image: alpine:${ALPINE_VERSION:-3.19} container_name: ${HARBOR_CONFIG_CONTAINER:-harbor-config} entrypoint: ["/bin/sh", "-c"] command: | set -e mkdir -p /etc/harbor cat < /etc/harbor/harbor.yml hostname: ${HARBOR_HOSTNAME:-harbor.local} http: port: ${HARBOR_HTTP_PORT:-8080} harbor_admin_password: ${HARBOR_ADMIN_PASSWORD:-Harbor12345} data_volume: ${HARBOR_DATA_PATH:-/opt/docker/harbor/data} log: level: ${HARBOR_LOG_LEVEL:-info} EOF volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/config:/etc/harbor" restart: "no" networks: - harbor # --------------------------------------------------------- # 2. Harbor Services # --------------------------------------------------------- log: image: goharbor/harbor-log:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_LOG_CONTAINER:-harbor-log} restart: always volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/log:/var/log/docker" networks: - harbor depends_on: - harbor-config database: image: goharbor/harbor-db:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_DB_CONTAINER:-harbor-db} restart: always environment: - POSTGRES_PASSWORD=${HARBOR_DB_PASSWORD:-root123} volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/database:/var/lib/postgresql/data" networks: - harbor depends_on: - harbor-config redis: image: goharbor/redis-photon:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_REDIS_CONTAINER:-harbor-redis} restart: always networks: - harbor depends_on: - harbor-config registry: image: goharbor/registry-photon:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_REGISTRY_CONTAINER:-harbor-registry} restart: always volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/registry:/storage" networks: - harbor - proxy depends_on: - harbor-config labels: - "traefik.enable=true" - "traefik.http.routers.harbor-registry.rule=Host(`${HARBOR_HOSTNAME}`) && PathPrefix(`/v2/`)" - "traefik.http.routers.harbor-registry.entrypoints=websecure" - "traefik.http.routers.harbor-registry.tls=true" - "traefik.http.routers.harbor-registry.tls.certresolver=le" - "traefik.docker.network=proxy" core: image: goharbor/harbor-core:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_CORE_CONTAINER:-harbor-core} restart: always environment: - CORE_SECRET=${HARBOR_CORE_SECRET:-coresecret} - JOBSERVICE_SECRET=${HARBOR_JOB_SECRET:-jobsecret} volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/core:/data" - "${HARBOR_DATA_PATH:-/data/harbor}/config:/etc/harbor" networks: - harbor depends_on: - registry - database - redis portal: image: goharbor/harbor-portal:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_PORTAL_CONTAINER:-harbor-portal} restart: always networks: - harbor - proxy depends_on: - core labels: - "traefik.enable=true" - "traefik.http.routers.harbor-ui.rule=Host(`${HARBOR_HOSTNAME}`)" - "traefik.http.routers.harbor-ui.entrypoints=websecure" - "traefik.http.routers.harbor-ui.tls=true" - "traefik.http.routers.harbor-ui.tls.certresolver=le" - "traefik.docker.network=proxy" jobservice: image: goharbor/harbor-jobservice:${HARBOR_VERSION:-v2.11.0} container_name: ${HARBOR_JOB_CONTAINER:-harbor-jobservice} restart: always volumes: - "${HARBOR_DATA_PATH:-/data/harbor}/jobservice:/var/log/jobs" - "${HARBOR_DATA_PATH:-/data/harbor}/config:/etc/harbor" networks: - harbor depends_on: - core # --------------------------------------------------------- # Netzwerke # --------------------------------------------------------- networks: harbor: driver: bridge proxy: external: true