Fix Harbor install steps
This commit is contained in:
parent
2657917ebf
commit
07de8f2f6a
1 changed files with 53 additions and 7 deletions
|
|
@ -492,6 +492,13 @@ echo "harbor:$(openssl rand -base64 32)" | sudo chpasswd
|
|||
|
||||
# Add harbor user to docker group
|
||||
sudo usermod -aG docker harbor
|
||||
|
||||
# Add DEPLOY_USER to harbor group for monitoring access
|
||||
sudo usermod -aG harbor DEPLOY_USER
|
||||
|
||||
# Set proper permissions on /opt/harbor directory
|
||||
sudo chown harbor:harbor /opt/harbor
|
||||
sudo chmod 755 /opt/harbor
|
||||
```
|
||||
|
||||
#### 5.2 Generate SSL Certificates
|
||||
|
|
@ -565,13 +572,17 @@ echo "DB_PASSWORD: $DB_PASSWORD"
|
|||
|
||||
# Download and install Harbor
|
||||
cd /opt/harbor
|
||||
wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
|
||||
tar -xzf harbor-offline-installer-v2.10.0.tgz
|
||||
|
||||
# Switch to the DEPLOY_USER
|
||||
sudo su - DEPLOY_USER
|
||||
|
||||
sudo wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
|
||||
sudo tar -xzf harbor-offline-installer-v2.10.0.tgz
|
||||
cd harbor
|
||||
cp harbor.yml.tmpl harbor.yml
|
||||
sudo cp harbor.yml.tmpl harbor.yml
|
||||
|
||||
# Edit harbor.yml configuration
|
||||
nano harbor.yml
|
||||
sudo nano harbor.yml
|
||||
```
|
||||
|
||||
**Important**: In the `harbor.yml` file, update:
|
||||
|
|
@ -580,15 +591,50 @@ nano harbor.yml
|
|||
- `private_key: /etc/ssl/registry/registry.key`
|
||||
- `password: <the DB_PASSWORD generated above>`
|
||||
|
||||
# Note: The default Harbor admin password is "Harbor12345" and will be changed in Step 5.6
|
||||
**Note**: The default Harbor admin password is "Harbor12345" and will be changed in Step 5.6
|
||||
|
||||
```bash
|
||||
# Run the following as the DEPLOY_USER
|
||||
sudo su - DEPLOY_USER
|
||||
|
||||
cd /opt/harbor/harbor
|
||||
|
||||
# Install Harbor with Trivy vulnerability scanner
|
||||
./prepare
|
||||
sudo ./prepare
|
||||
sudo ./install.sh --with-trivy
|
||||
sudo docker compose down
|
||||
sudo chown -R harbor:harbor harbor
|
||||
|
||||
# Switch to the harbor user
|
||||
sudo su - harbor
|
||||
|
||||
cd /opt/harbor/harbor
|
||||
|
||||
# Run the following to patially adjust the permissions correctly for the harbor user
|
||||
./install.sh --with-trivy
|
||||
|
||||
# Exit harbor user shell
|
||||
# Exit harbor user shell to switch back to the DEPLOY_USER
|
||||
exit
|
||||
|
||||
cd /opt/harbor/harbor
|
||||
|
||||
# Run the following to adjust the permissions for various en files
|
||||
sudo chown harbor:harbor common/config/jobservice/env
|
||||
sudo chown harbor:harbor common/config/db/env
|
||||
sudo chown harbor:harbor common/config/registryctl/env
|
||||
sudo chown harbor:harbor common/config/trivy-adapter/env
|
||||
sudo chown harbor:harbor common/config/core/env
|
||||
|
||||
# Switch back to harbor user and bring Harbor back up
|
||||
sudo su - harbor
|
||||
cd /opt/harbor/harbor
|
||||
docker compose up -d
|
||||
|
||||
# Verify that all Harbor containers are healthy
|
||||
docker compose ps -a
|
||||
|
||||
# Verify using the Harbor API that all Harbor processes are healthy
|
||||
curl -I -k https://localhost/api/v2.0/health
|
||||
```
|
||||
|
||||
#### 5.5 Create Systemd Service
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue