160 lines
4.1 KiB
YAML
160 lines
4.1 KiB
YAML
harbor:
|
|
expose:
|
|
type: route
|
|
tls:
|
|
enabled: false
|
|
route:
|
|
parentRefs:
|
|
- group: gateway.networking.k8s.io
|
|
kind: Gateway
|
|
name: traefik-gateway
|
|
namespace: traefik
|
|
hosts:
|
|
- harbor.alexlebens.net
|
|
externalURL: https://harbor.alexlebens.net
|
|
persistence:
|
|
enabled: true
|
|
persistentVolumeClaim:
|
|
registry:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 100Gi
|
|
existingSecretAdminPassword: harbor-secret
|
|
existingSecretAdminPasswordKey: HARBOR_ADMIN_PASSWORD
|
|
internalTLS:
|
|
enabled: false
|
|
ipFamily:
|
|
ipv6:
|
|
enabled: false
|
|
ipv4:
|
|
enabled: true
|
|
updateStrategy:
|
|
type: Recreate
|
|
existingSecretSecretKey: harbor-secret
|
|
enableMigrateHelmHook: true
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
cache:
|
|
enabled: true
|
|
portal:
|
|
image:
|
|
repository: goharbor/harbor-portal
|
|
tag: v2.14.1
|
|
replicas: 2
|
|
core:
|
|
image:
|
|
repository: goharbor/harbor-core
|
|
tag: v2.14.1
|
|
replicas: 2
|
|
existingSecret: harbor-secret
|
|
secretName: harbor-secret
|
|
existingXsrfSecret: harbor-secret
|
|
jobservice:
|
|
image:
|
|
repository: goharbor/harbor-jobservice
|
|
tag: v2.14.1
|
|
replicas: 2
|
|
jobLoggers:
|
|
- stdout
|
|
existingSecret: harbor-secret
|
|
registry:
|
|
registry:
|
|
image:
|
|
repository: goharbor/registry-photon
|
|
tag: v2.14.1
|
|
controller:
|
|
image:
|
|
repository: goharbor/harbor-registryctl
|
|
tag: v2.14.1
|
|
existingSecret: harbor-secret
|
|
relativeurls: true
|
|
credentials:
|
|
existingSecret: harbor-secret
|
|
upload_purging:
|
|
enabled: true
|
|
age: 72h
|
|
interval: 24h
|
|
dryrun: false
|
|
trivy:
|
|
enabled: true
|
|
database:
|
|
type: external
|
|
external:
|
|
host: harbor-postgresql-18-cluster-rw
|
|
port: "5432"
|
|
username: app
|
|
coreDatabase: app
|
|
existingSecret: harbor-postgresql-18-cluster-app
|
|
redis:
|
|
type: external
|
|
external:
|
|
addr: "redis-replication-harbor-master.harbor:6379"
|
|
exporter:
|
|
image:
|
|
repository: goharbor/harbor-exporter
|
|
tag: v2.14.1
|
|
replicas: 2
|
|
postgres-18-cluster:
|
|
mode: recovery
|
|
cluster:
|
|
image:
|
|
repository: ghcr.io/cloudnative-pg/postgresql
|
|
tag: 18.1-standard-trixie
|
|
storage:
|
|
storageClass: local-path
|
|
walStorage:
|
|
storageClass: local-path
|
|
monitoring:
|
|
enabled: true
|
|
prometheusRule:
|
|
enabled: true
|
|
recovery:
|
|
method: objectStore
|
|
objectStore:
|
|
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
|
endpointURL: http://garage-main.garage:3900
|
|
index: 1
|
|
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
|
backup:
|
|
objectStore:
|
|
- name: external
|
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-18-cluster
|
|
index: 1
|
|
retentionPolicy: "30d"
|
|
isWALArchiver: false
|
|
- name: garage-local
|
|
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
|
index: 1
|
|
endpointURL: http://garage-main.garage:3900
|
|
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
|
endpointCredentialsIncludeRegion: true
|
|
retentionPolicy: "3d"
|
|
isWALArchiver: true
|
|
# - name: garage-remote
|
|
# destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
|
# index: 1
|
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
# endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
|
# retentionPolicy: "30d"
|
|
# data:
|
|
# compression: bzip2
|
|
# jobs: 2
|
|
scheduledBackups:
|
|
- name: daily-backup
|
|
suspend: false
|
|
immediate: true
|
|
schedule: "0 0 0 * * *"
|
|
backupName: external
|
|
- name: live-backup
|
|
suspend: false
|
|
immediate: true
|
|
schedule: "0 0 0 * * *"
|
|
backupName: garage-local
|
|
# - name: weekly-backup
|
|
# suspend: false
|
|
# immediate: true
|
|
# schedule: "0 0 4 * * SAT"
|
|
# backupName: garage-remote
|