An Ansible Role that installs the pre-release of Harbor 2.0 on Linux.
This role is in alpha stage. Issues and PRs are welcome.
Every variable as a default value expect for harbor_hostname
which as to be specified in your playbook.
For a complete list or to modify default values, see defaults/main.yaml
.
To change the install dir:
harbor_install_dir: /opt
To change default protocol:
harbor_ui_url_protocol: "http"
If you want to change the exposed ports of Harbor's NGINX from the defaults of 80 and 443, use:
harbor_exposed_http_port: 81
harbor_exposed_https_port: 444
To install with extras set:
harbor_extras:
- clair
- notary
You can also pass extra arguments to the installer with harbor_installer_extra_args
(a string).
You may define harbor_projects
if you want projects to be automatically created once harbor is installed.
harbor_projects:
- project_name: test
is_public: "false"
content_trust: "false"
prevent_vul: "true"
severity: "high"
auto_scan: "true"
You can create users automatically during harbor installation. The password defaults to "HarborUser12345".
This operation is idempotent.
harbor_users:
- username: user1
email: user1@test.com
realname: User Number 1
role_name: developer
role_id: 2
has_admin_role: true
---
- name: Installing and configuring Harbor
hosts: registry
vars:
harbor_hostname: my.domain.com
harbor_projects:
- project_name: myproject
is_public: "false"
content_trust: "false"
prevent_vul: "true"
severity: "high"
auto_scan: "true"
harbor_users:
- username: user1
email: user1@test.com
realname: User Number 1
role_name: developer
role_id: 2
has_admin_role: true
roles:
- harbor
After the playbook runs, you should be able to navigate https://my.domain.com
and see Harbor's UI. You can login with admin/Harbor12345
.
For convenience, this role includes tasks to stop, start and restart the registry using docker-compose.
Here's a playbook created specifically to restart the registry:
---
- hosts: registry
tasks:
- name: Restarting Harbor
include_role:
name: harbor
tasks_from: restart
Running the playbook above effectively restarts all components of Harbor. This takes into consideration if you are using clair
and/or notary
and uses their docker-compose files too.
tasks_from
can be restart
, start
and stop
.
If you are running the playbook again to ensure the list of users but you have already changed the default admin password, you can set the harbor_admin_password
variable somewhere or simply pass it in the command-line with -e "harbor_admin_password=mypass"
.
This role was created in 2019 by Nicholas Amorim and updated for Harbor 2.0 by Grégoire Martinache.