153 lines
4.8 KiB
YAML
153 lines
4.8 KiB
YAML
version: '3'
|
||
|
||
services:
|
||
# 1. Harbor Core Service
|
||
harbor-core:
|
||
image: docker.io/bitnami/harbor-core:latest
|
||
container_name: harbor-core
|
||
restart: always
|
||
environment:
|
||
- BITNAMI_DEBUG=false
|
||
- HARBOR_ADMIN_PASSWORD=${HARBOR_ADMIN_PASSWORD} # <--- 請修改管理員密碼
|
||
# Harbor 核心服務的資料庫連線設定
|
||
- HARBOR_DATABASE_HOST=harbor-db
|
||
- HARBOR_DATABASE_PORT_NUMBER=5432
|
||
- HARBOR_DATABASE_USER=bn_harbor
|
||
- HARBOR_DATABASE_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- HARBOR_DATABASE_NAME=bitnami_harbor
|
||
# Redis 連線設定
|
||
- HARBOR_REDIS_HOST=harbor-redis
|
||
- HARBOR_REDIS_PORT_NUMBER=6379
|
||
- HARBOR_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
# 重要:如果有域名,請改成 https://你的域名 (NPM有處理,不加埠號);只是內網用,改成 http://你的IP:port
|
||
- HARBOR_EXTERNAL_URL=http://192.168.10.100:7700
|
||
- HARBOR_REGISTRY_URL=http://harbor-registry:5000
|
||
# Notary 服務設定(如果不使用 Notary,可以忽略這些設定)
|
||
- HARBOR_NOTARY_SERVER_HOSTNAME=harbor-notary-server
|
||
- HARBOR_NOTARY_SIGNER_HOSTNAME=harbor-notary-signer
|
||
depends_on:
|
||
- harbor-db
|
||
- harbor-redis
|
||
- harbor-registry
|
||
volumes:
|
||
- /mnt/data/External/harbor/core:/data
|
||
networks:
|
||
- harbor-network
|
||
|
||
# 2. Harbor Portal Service
|
||
harbor-portal:
|
||
image: docker.io/bitnami/harbor-portal:latest
|
||
container_name: harbor-portal
|
||
restart: always
|
||
ports:
|
||
- "7700:8080" # HTTP 入口 (NPM 反代請指到這裡)
|
||
- "7750:8443" # HTTPS 入口
|
||
environment:
|
||
- BITNAMI_DEBUG=false
|
||
- HARBOR_PORTAL_API_URL=http://harbor-core:8080/api
|
||
- NGINX_HTTP_PORT_NUMBER=8080
|
||
- NGINX_HTTPS_PORT_NUMBER=8443
|
||
networks:
|
||
- harbor-network
|
||
depends_on:
|
||
- harbor-core
|
||
|
||
# 3. Harbor Job Service
|
||
harbor-jobservice:
|
||
image: docker.io/bitnami/harbor-jobservice:latest
|
||
container_name: harbor-jobservice
|
||
restart: always
|
||
environment:
|
||
- BITNAMI_DEBUG=false
|
||
- HARBOR_JOBSERVICE_DATABASE_HOST=harbor-db
|
||
- HARBOR_JOBSERVICE_DATABASE_USER=bn_harbor
|
||
- HARBOR_JOBSERVICE_DATABASE_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- HARBOR_JOBSERVICE_DATABASE_NAME=bitnami_harbor
|
||
- HARBOR_JOBSERVICE_REDIS_HOST=harbor-redis
|
||
- HARBOR_JOBSERVICE_REDIS_PORT_NUMBER=6379
|
||
- HARBOR_JOBSERVICE_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- HARBOR_JOBSERVICE_CORE_URL=http://harbor-core:8080
|
||
depends_on:
|
||
- harbor-core
|
||
- harbor-redis
|
||
volumes:
|
||
- harbor-jobservice:/var/log/jobs
|
||
networks:
|
||
- harbor-network
|
||
|
||
# 4. Harbor Registry Service (映像檔儲存)
|
||
harbor-registry:
|
||
image: docker.io/bitnami/harbor-registry:latest
|
||
container_name: harbor-registry
|
||
restart: always
|
||
environment:
|
||
- BITNAMI_DEBUG=false
|
||
- REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/storage
|
||
- REGISTRY_HTTP_ADDR=:5000
|
||
- REGISTRY_REDIS_HOST=harbor-redis
|
||
- REGISTRY_REDIS_PORT=6379
|
||
- REGISTRY_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- REGISTRY_AUTH_TOKEN_REALM=http://harbor-core:8080/service/token
|
||
# 為了方便,這裡關閉了部分複雜的安全驗證,依賴 Harbor Core 控制
|
||
volumes:
|
||
- /mnt/data/External/harbor/registry:/storage
|
||
networks:
|
||
- harbor-network
|
||
depends_on:
|
||
- harbor-redis
|
||
|
||
# 5. Harbor Registry Controller
|
||
harbor-registryctl:
|
||
image: docker.io/bitnami/harbor-registryctl:latest
|
||
container_name: harbor-registryctl
|
||
restart: always
|
||
environment:
|
||
- BITNAMI_DEBUG=false
|
||
- REGISTRYCTL_REGISTRY_HOST=harbor-registry
|
||
- REGISTRYCTL_REGISTRY_PORT=5000
|
||
- REGISTRYCTL_REDIS_HOST=harbor-redis
|
||
- REGISTRYCTL_REDIS_PORT=6379
|
||
- REGISTRYCTL_REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- REGISTRYCTL_CHECK_INTERVAL=30m
|
||
depends_on:
|
||
- harbor-registry
|
||
- harbor-redis
|
||
volumes:
|
||
- /mnt/data/External/harbor/registry:/storage
|
||
networks:
|
||
- harbor-network
|
||
|
||
# 6. Harbor Database (PostgreSQL資料庫)
|
||
harbor-db:
|
||
image: docker.io/bitnami/postgresql:latest
|
||
container_name: harbor-db
|
||
restart: always
|
||
environment:
|
||
- POSTGRESQL_USERNAME=bn_harbor
|
||
- POSTGRESQL_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
- POSTGRESQL_DATABASE=bitnami_harbor
|
||
volumes:
|
||
- harbor-db:/bitnami/postgresql
|
||
networks:
|
||
- harbor-network
|
||
|
||
# 7. Redis Cache (快取)
|
||
harbor-redis:
|
||
image: docker.io/bitnami/redis:latest
|
||
container_name: harbor-redis
|
||
restart: always
|
||
environment:
|
||
- REDIS_PASSWORD=${HARBOR_GENERAL_PASSWORD}
|
||
volumes:
|
||
- harbor-redis:/bitnami/redis/data
|
||
networks:
|
||
- harbor-network
|
||
|
||
volumes:
|
||
harbor-db:
|
||
harbor-redis:
|
||
harbor-jobservice:
|
||
|
||
networks:
|
||
harbor-network:
|
||
driver: bridge |