openssl genrsa -out harbor-ca.key标签:false,key,Harbor,max,ca,harbor,proxy,https From: https://blog.51cto.com/u_15222272/5976323
openssl req -x509 -new -nodes -key harbor-ca.key -subj "/CN=192.168.10.20" -days 7120 -out harbor-ca.crt
root@k-har:/apps/harbor# grep -v "#" ./harbor.yml |grep -v "^$"
hostname: 192.168.10.20
http:
port: 80
https:
port: 443
certificate: /apps/harbor/certs/harbor-ca.crt
private_key: /apps/harbor/certs/harbor-ca.key
harbor_admin_password: 12345
database:
password: root123
max_idle_conns: 100
max_open_conns: 900
conn_max_lifetime: 5m
conn_max_idle_time: 0
data_volume: /data
trivy:
ignore_unfixed: false
skip_update: false
offline_scan: false
security_check: vuln
insecure: false
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.7.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
upload_purging:
enabled: true
age: 168h
interval: 24h
dryrun: false
cache:
enabled: false
expire_hours: 24