-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathharbor.sh
More file actions
101 lines (92 loc) · 4.12 KB
/
harbor.sh
File metadata and controls
101 lines (92 loc) · 4.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/bash
#Harbor on Ubuntu 18.04
# #Prompt for the user to ask if the install should use the IP Address or Fully Qualified Domain Name of the Harbor Server
# PS3='Would you like to install Harbor based on IP or FQDN? '
# select option in IP FQDN
# do
case $1 in
IP)
IPorFQDN=$(hostname -I|cut -d" " -f 1)
break;;
FQDN)
IPorFQDN=$(hostname -f)
break;;
esac
# done
# Housekeeping
mkdir -p /var/www/
cd /var/www/
apt-get install -y git
git clone https://github.com/SpringStorm5/arm_azure/
cp ./arm_azure/harbor.service /etc/systemd/system/harbor.service
mkdir -p /opt/linnovate
cp ./arm_azure/post.sh /opt/linnovate/post.sh
chmod 755 /opt/linnovate/post.sh
cp ./arm_azure/linnovate.service /etc/systemd/system/linnovate.service
systemctl daemon-reload
systemctl enable harbor.service
systemctl enable linnovate.service
apt update -y
swapoff --all
sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab
ufw disable #Do Not Do This In Production
echo "Housekeeping done"
#Install Latest Stable Docker Release
apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update -y
apt-get install -y docker-ce docker-ce-cli containerd.io
tee /etc/docker/daemon.json >/dev/null <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries" : ["$IPorFQDN:443","$IPorFQDN:80","0.0.0.0/0"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
groupadd docker
MAINUSER=$(logname)
usermod -aG docker $MAINUSER
systemctl daemon-reload
systemctl restart docker
echo "Docker Installation done"
#Install Latest Stable Docker Compose Release
COMPOSEVERSION=$(curl -s https://github.com/docker/compose/releases/latest/download 2>&1 | grep -Po [0-9]+\.[0-9]+\.[0-9]+)
curl -L "https://github.com/docker/compose/releases/download/$COMPOSEVERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
echo "Docker Compose Installation done"
#Install Latest Stable Harbor Release
cd /var/www/
HARBORVERSION=$(curl -s https://github.com/goharbor/harbor/releases/latest/download 2>&1 | grep -Po [0-9]+\.[0-9]+\.[0-9]+)
curl -s https://api.github.com/repos/goharbor/harbor/releases/latest | grep browser_download_url | grep online | cut -d '"' -f 4 | wget -qi -
tar xvf harbor-online-installer-v$HARBORVERSION.tgz
cd harbor
# Create Self-Signed OpenSSL Certs
cd /var/www/harbor/
mkdir -p ./data/secret/cert
cd /var/www/harbor/data/secret/cert
FQDN=$(hostname -I|cut -d" " -f 1)
echo subjectAltName = IP:"$(hostname --ip-address)" > extfile.cnf
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 3650 -out ca.crt -subj "/C=US/ST=CA/L=San Francisco/O=VMware/OU=IT Department/CN=${FQDN}"
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ${FQDN}.key -out ${FQDN}.csr -subj "/C=US/ST=CA/L=San Francisco/O=VMware/OU=IT Department/CN=${FQDN}"
openssl x509 -req -days 3650 -in ${FQDN}.csr -CA ca.crt -CAkey ca.key -CAcreateserial -extfile extfile.cnf -out ${FQDN}.crt
cd /var/www/harbor/
cp ../arm_azure/harbor.yml harbor.yml
cp ../arm_azure/prepare ./prepare
#cp harbor.yml.tmpl harbor.yml
# sed -i "s/reg.mydomain.com/$IPorFQDN/g" harbor.yml
# sed -e '/port: 443$/ s/^#*/#/' -i harbor.yml
# sed -e '/https:$/ s/^#*/#/' -i harbor.yml
#sed -e '/\/your\/certificate\/path$/ s/^#*/#/' -i harbor.yml
#sed -e '/\/your\/private\/key\/path$/ s/^#*/#/' -i harbor.yml
PASS=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
sed -i "s/.*harbor_admin_password: Harbor12345*/harbor_admin_password: $PASS/" harbor.yml
./install.sh --with-clair --with-chartmuseum
docker ps
echo -e "Harbor Installation Complete \n\nPlease log out and log in or run the command 'newgrp docker' to use Docker without sudo\n\nLogin to your harbor instance:\n docker login -u admin -p Harbor12345 $IPorFQDN"