version: '3' services: # 1. Harbor Core Service harbor-core: image: docker.io/bitnami/harbor-core:latest container_name: harbor-core restart: always environment: - BITNAMI_DEBUG=false - HARBOR_ADMIN_PASSWORD=${HARBOR_ADMIN_PASSWORD} # <--- 請修改管理員密碼 # Harbor 核心服務的資料庫連線設定 - HARBOR_DATABASE_HOST=harbor-db - HARBOR_DATABASE_PORT_NUMBER=5432 - HARBOR_DATABASE_USER=bn_harbor - HARBOR_DATABASE_PASSWORD=${HARBOR_GENERAL_PASSWORD} - HARBOR_DATABASE_NAME=bitnami_harbor # Redis 連線設定 - HARBOR_REDIS_HOST=harbor-redis - HARBOR_REDIS_PORT_NUMBER=6379 - HARBOR_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD} # 重要:如果有域名,請改成 https://你的域名 (NPM有處理,不加埠號);只是內網用,改成 http://你的IP:port - HARBOR_EXTERNAL_URL=http://192.168.10.100:7700 - HARBOR_REGISTRY_URL=http://harbor-registry:5000 # Notary 服務設定(如果不使用 Notary,可以忽略這些設定) - HARBOR_NOTARY_SERVER_HOSTNAME=harbor-notary-server - HARBOR_NOTARY_SIGNER_HOSTNAME=harbor-notary-signer depends_on: - harbor-db - harbor-redis - harbor-registry volumes: - /mnt/data/External/harbor/core:/data networks: - harbor-network # 2. Harbor Portal Service harbor-portal: image: docker.io/bitnami/harbor-portal:latest container_name: harbor-portal restart: always ports: - "7700:8080" # HTTP 入口 (NPM 反代請指到這裡) - "7750:8443" # HTTPS 入口 environment: - BITNAMI_DEBUG=false - HARBOR_PORTAL_API_URL=http://harbor-core:8080/api - NGINX_HTTP_PORT_NUMBER=8080 - NGINX_HTTPS_PORT_NUMBER=8443 networks: - harbor-network depends_on: - harbor-core # 3. Harbor Job Service harbor-jobservice: image: docker.io/bitnami/harbor-jobservice:latest container_name: harbor-jobservice restart: always environment: - BITNAMI_DEBUG=false - HARBOR_JOBSERVICE_DATABASE_HOST=harbor-db - HARBOR_JOBSERVICE_DATABASE_USER=bn_harbor - HARBOR_JOBSERVICE_DATABASE_PASSWORD=${HARBOR_GENERAL_PASSWORD} - HARBOR_JOBSERVICE_DATABASE_NAME=bitnami_harbor - HARBOR_JOBSERVICE_REDIS_HOST=harbor-redis - HARBOR_JOBSERVICE_REDIS_PORT_NUMBER=6379 - HARBOR_JOBSERVICE_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD} - HARBOR_JOBSERVICE_CORE_URL=http://harbor-core:8080 depends_on: - harbor-core - harbor-redis volumes: - harbor-jobservice:/var/log/jobs networks: - harbor-network # 4. Harbor Registry Service (映像檔儲存) harbor-registry: image: docker.io/bitnami/harbor-registry:latest container_name: harbor-registry restart: always environment: - BITNAMI_DEBUG=false - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/storage - REGISTRY_HTTP_ADDR=:5000 - REGISTRY_REDIS_HOST=harbor-redis - REGISTRY_REDIS_PORT=6379 - REGISTRY_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD} - REGISTRY_AUTH_TOKEN_REALM=http://harbor-core:8080/service/token # 為了方便,這裡關閉了部分複雜的安全驗證,依賴 Harbor Core 控制 volumes: - /mnt/data/External/harbor/registry:/storage networks: - harbor-network depends_on: - harbor-redis # 5. Harbor Registry Controller harbor-registryctl: image: docker.io/bitnami/harbor-registryctl:latest container_name: harbor-registryctl restart: always environment: - BITNAMI_DEBUG=false - REGISTRYCTL_REGISTRY_HOST=harbor-registry - REGISTRYCTL_REGISTRY_PORT=5000 - REGISTRYCTL_REDIS_HOST=harbor-redis - REGISTRYCTL_REDIS_PORT=6379 - REGISTRYCTL_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD} - REGISTRYCTL_CHECK_INTERVAL=30m depends_on: - harbor-registry - harbor-redis volumes: - /mnt/data/External/harbor/registry:/storage networks: - harbor-network # 6. Harbor Database (PostgreSQL資料庫) harbor-db: image: docker.io/bitnami/postgresql:latest container_name: harbor-db restart: always environment: - POSTGRESQL_USERNAME=bn_harbor - POSTGRESQL_PASSWORD=${HARBOR_GENERAL_PASSWORD} - POSTGRESQL_DATABASE=bitnami_harbor volumes: - harbor-db:/bitnami/postgresql networks: - harbor-network # 7. Redis Cache (快取) harbor-redis: image: docker.io/bitnami/redis:latest container_name: harbor-redis restart: always environment: - REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD} volumes: - harbor-redis:/bitnami/redis/data networks: - harbor-network volumes: harbor-db: harbor-redis: harbor-jobservice: networks: harbor-network: driver: bridge