infrastructure/clusters/cl01tl/services/harbor/values.yaml

harbor:
  expose:
    type: clusterIP
    tls:
      auto:
        commonName: harbor.alexlebens.net
  externalURL: https://harbor.alexlebens.net
  persistence:
    enabled: true
    persistentVolumeClaim:
      registry:
        storageClass: ceph-block
        accessMode: ReadWriteOnce
        size: 80Gi
      jobservice:
        jobLog:
          storageClass: ceph-block
          accessMode: ReadWriteOnce
          size: 5Gi
      redis:
        storageClass: ceph-block
        accessMode: ReadWriteOnce
        size: 5Gi
      trivy:
        storageClass: ceph-block
        accessMode: ReadWriteOnce
        size: 5Gi
  existingSecretAdminPassword: harbor-secret
  existingSecretAdminPasswordKey: HARBOR_ADMIN_PASSWORD
  ipFamily:
    ipv6:
      enabled: false
    ipv4:
      enabled: true
  updateStrategy:
    type: Recreate
  existingSecretSecretKey: harbor-secret
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
  cache:
    enabled: true
  portal:
    image:
      repository: ghcr.io/goharbor/harbor-portal
      tag: v2.13.0
  core:
    image:
      repository: ghcr.io/goharbor/harbor-core
      tag: v2.13.0
    # existingSecret: harbor-secret
  jobservice:
    image:
      repository: ghcr.io/goharbor/harbor-jobservice
      tag: v2.13.0
    # existingSecret: harbor-secret
    # existingSecretKey: JOBSERVICE_SECRET
  registry:
    registry:
      image:
        repository: ghcr.io/goharbor/registry-photon
        tag: v2.13.0
    controller:
      image:
        repository: ghcr.io/goharbor/harbor-registryctl
        tag: v2.13.0
    # existingSecret: harbor-secret
    # existingSecretKey: REGISTRY_HTTP_SECRET
    # relativeurls: true
    # credentials:
    #   existingSecret: harbor-secret
    # upload_purging:
    #   enabled: true
    #   age: 168h
    #   interval: 24h
    #   dryrun: false
  trivy:
    enabled: false
  database:
    type: external
    external:
      host: harbor-postgresql-17-cluster-rw
      port: "5432"
      username: app
      coreDatabase: app
      existingSecret: harbor-postgresql-17-cluster-app
  redis:
    type: internal
    internal:
      image:
        repository: goharbor/redis-photon
        tag: v2.13.0
  exporter:
    image:
      repository: ghcr.io/goharbor/harbor-exporter
      tag: v2.13.0
postgres-17-cluster:
  mode: standalone
  cluster:
    storage:
      storageClass: local-path
    walStorage:
      storageClass: local-path
    monitoring:
      enabled: true
      prometheusRule:
        enabled: true
  recovery:
    method: objectStore
    objectStore:
      endpointURL: https://nyc3.digitaloceanspaces.com
      destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-17-cluster
      endpointCredentials: harbor-postgresql-17-cluster-backup-secret
      recoveryIndex: 1
  backup:
    enabled: true
    endpointURL: https://nyc3.digitaloceanspaces.com
    destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-17-cluster
    endpointCredentials: harbor-postgresql-17-cluster-backup-secret
    backupIndex: 1