gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '37d94b5166'
${ noResults }
hetzner-ansible/roles/harbor/defaults/main.yml

60 lines
2.4 KiB
YAML
Raw Blame History

---
harbor_version: v2.4.1
harbor_hostname: '{{ stage_server_domain }}'
harbor_external_url: 'https://{{ stage_server_domain }}'
harbor_admin_username: '{{ harbor_admin_username_vault }}'
harbor_admin_password: '{{ harbor_admin_password_vault }}'
traefik_id: '{{ inventory_hostname }}-harbor'
harbor_dockercompose_customized:
services:
core:
extra_hosts:
- '{{ shared_service_keycloak_hostname }}:{{ shared_service_keycloak_ip }}'
- '{{ shared_service_mail_hostname }}:{{ shared_service_mail_ip }}'
proxy:
networks:
- harbor
- front-tier
ports: [] # not exposing ports - already used by traefik
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.{{ traefik_id }}.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.{{ traefik_id }}.service={{ traefik_id }}"
- "traefik.http.routers.{{ traefik_id }}.rule=Host(`{{ harbor_hostname }}`)"
- "traefik.http.routers.{{ traefik_id }}.entrypoints=websecure"
- "traefik.http.routers.{{ traefik_id }}.tls=true"
- "traefik.http.routers.{{ traefik_id }}.tls.certresolver=letsencrypt"
- "traefik.http.services.{{ traefik_id }}.loadbalancer.server.port=8080"
- "traefik.http.middlewares.{{ traefik_id }}-monitor.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.{{ traefik_id }}-monitor.service={{ traefik_id }}-monitor"
- "traefik.http.routers.{{ traefik_id }}-monitor.rule=Host(`{{ harbor_hostname }}`)"
- "traefik.http.routers.{{ traefik_id }}-monitor.entrypoints=monitoring-harbor"
- "traefik.http.routers.{{ traefik_id }}-monitor.tls=true"
- "traefik.http.routers.{{ traefik_id }}-monitor.tls.certresolver=letsencrypt"
- "traefik.http.services.{{ traefik_id }}-monitor.loadbalancer.server.port=9090"
networks:
front-tier:
external: true
harbor_base_configuration:
email_host: '{{ shared_service_mail_hostname }}'
email_port: 25
email_from: '{{ ansible_fqdn }}@{{ shared_service_mail_hostname }}'
email_password: ''
email_username: ''
email_insecure: true
auth_mode: oidc_auth
oidc_name: docker
oidc_endpoint: 'https://{{ shared_service_keycloak_hostname }}/auth/realms/docker'
oidc_client_id: docker-registry
oidc_groups_claim: groups
oidc_scope: openid
oidc_verify_cert: true
oidc_auto_onboard: true
oidc_admin_group: '/admin'
Reference in New Issue View Git Blame Copy Permalink