x-defaults: &defaults restart: unless-stopped logging: driver: json-file options: max-size: 100m max-file: "3" services: # Harbor Core harbor-core: <<: *defaults image: goharbor/harbor-core:${HARBOR_VERSION:-v2.12.0} depends_on: harbor-db: condition: service_healthy harbor-redis: condition: service_healthy volumes: - harbor_config:/etc/core - harbor_ca_download:/etc/core/ca - harbor_secret:/etc/core/certificates environment: - TZ=${TZ:-UTC} - CORE_SECRET=${HARBOR_CORE_SECRET:-} - JOBSERVICE_SECRET=${HARBOR_JOBSERVICE_SECRET:-} - DATABASE_TYPE=postgresql - POSTGRESQL_HOST=harbor-db - POSTGRESQL_PORT=5432 - POSTGRESQL_USERNAME=postgres - POSTGRESQL_PASSWORD=${HARBOR_DB_PASSWORD:-password} - POSTGRESQL_DATABASE=registry - REGISTRY_URL=http://harbor-registry:5000 - TOKEN_SERVICE_URL=http://harbor-core:8080/service/token - HARBOR_ADMIN_PASSWORD=${HARBOR_ADMIN_PASSWORD:-Harbor12345} - CORE_URL=http://harbor-core:8080 - JOBSERVICE_URL=http://harbor-jobservice:8080 - REGISTRY_STORAGE_PROVIDER_NAME=filesystem - READ_ONLY=false - RELOAD_KEY=${HARBOR_RELOAD_KEY:-} healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/v2.0/ping"] interval: 30s timeout: 10s retries: 3 start_period: 30s # Harbor JobService harbor-jobservice: <<: *defaults image: goharbor/harbor-jobservice:${HARBOR_VERSION:-v2.12.0} depends_on: harbor-db: condition: service_healthy harbor-redis: condition: service_healthy volumes: - harbor_job_logs:/var/log/jobs environment: - TZ=${TZ:-UTC} - CORE_SECRET=${HARBOR_CORE_SECRET:-} - JOBSERVICE_SECRET=${HARBOR_JOBSERVICE_SECRET:-} - CORE_URL=http://harbor-core:8080 - DATABASE_TYPE=postgresql - POSTGRESQL_HOST=harbor-db - POSTGRESQL_PORT=5432 - POSTGRESQL_USERNAME=postgres - POSTGRESQL_PASSWORD=${HARBOR_DB_PASSWORD:-password} - POSTGRESQL_DATABASE=registry # Harbor Registry harbor-registry: <<: *defaults image: goharbor/registry-photon:${HARBOR_VERSION:-v2.12.0} volumes: - harbor_registry:/storage environment: - TZ=${TZ:-UTC} - REGISTRY_HTTP_SECRET=${HARBOR_REGISTRY_SECRET:-} healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5000/"] interval: 30s timeout: 10s retries: 3 start_period: 10s # Harbor Portal (UI) harbor-portal: <<: *defaults image: goharbor/harbor-portal:${HARBOR_VERSION:-v2.12.0} environment: - TZ=${TZ:-UTC} # Harbor Proxy (Nginx) harbor-proxy: <<: *defaults image: goharbor/nginx-photon:${HARBOR_VERSION:-v2.12.0} ports: - "${HARBOR_HTTP_PORT_OVERRIDE:-80}:8080" - "${HARBOR_HTTPS_PORT_OVERRIDE:-443}:8443" depends_on: harbor-core: condition: service_healthy harbor-portal: condition: service_started harbor-registry: condition: service_healthy environment: - TZ=${TZ:-UTC} healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/"] interval: 30s timeout: 10s retries: 3 start_period: 10s # Harbor Database harbor-db: <<: *defaults image: goharbor/harbor-db:${HARBOR_VERSION:-v2.12.0} volumes: - harbor_db:/var/lib/postgresql/data environment: - TZ=${TZ:-UTC} - POSTGRES_PASSWORD=${HARBOR_DB_PASSWORD:-password} - POSTGRES_DB=registry deploy: resources: limits: cpus: '1.00' memory: 1G reservations: cpus: '0.25' memory: 256M healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 30s timeout: 10s retries: 3 start_period: 30s # Harbor Redis harbor-redis: <<: *defaults image: goharbor/redis-photon:${HARBOR_VERSION:-v2.12.0} volumes: - harbor_redis:/var/lib/redis environment: - TZ=${TZ:-UTC} deploy: resources: limits: cpus: '0.50' memory: 256M reservations: cpus: '0.10' memory: 64M healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 3s retries: 3 start_period: 5s volumes: harbor_config: harbor_ca_download: harbor_secret: harbor_job_logs: harbor_registry: harbor_db: harbor_redis: