From 11bd467fe5e965a5135c39c8246b06ad608af17f Mon Sep 17 00:00:00 2001 From: admin Date: Fri, 6 Feb 2026 11:58:10 -0700 Subject: [PATCH] move from harbor to zot --- lxc1/p2-apps/harbor.yml | 93 ------------------------------------ lxc1/p2-apps/zot.yml | 28 +++++++++++ lxc1/p2-apps/zot/config.json | 49 +++++++++++++++++++ 3 files changed, 77 insertions(+), 93 deletions(-) delete mode 100644 lxc1/p2-apps/harbor.yml create mode 100644 lxc1/p2-apps/zot.yml create mode 100644 lxc1/p2-apps/zot/config.json diff --git a/lxc1/p2-apps/harbor.yml b/lxc1/p2-apps/harbor.yml deleted file mode 100644 index f9ba96a..0000000 --- a/lxc1/p2-apps/harbor.yml +++ /dev/null @@ -1,93 +0,0 @@ -services: - harbor-core: - image: bitnami/harbor-core:latest - container_name: harbor-core-node${HARBOR_NODE_ID} - restart: unless-stopped - depends_on: - - harbor-db - - harbor-redis - - harbor-registry - environment: - - HARBOR_ADMIN_PASSWORD=${HARBOR_ADMIN_PASS} - - HARBOR_DATABASE_HOST=harbor-db - - HARBOR_DATABASE_PASSWORD=${HARBOR_DB_PASS} - - HARBOR_REDIS_HOST=harbor-redis - # Internal Docker DNS uses service name (harbor-registry), not container name - - HARBOR_REGISTRY_URL=http://harbor-registry:5000 - - EXT_ENDPOINT=https://${HARBOR_HOST_NAME}.${TRAEFIK_DNS_SUFFIX} - volumes: - - /shared/harbor/data:/data - networks: - - harbor_internal - - harbor_external - labels: - - "traefik.enable=true" - - "traefik.docker.network=harbor_external" - # FIXED TYPO: Changed TREAFIK to TRAEFIK - - "traefik.http.routers.harbor.rule=Host(`${HARBOR_HOST_NAME}.${TRAEFIK_DNS_SUFFIX}`)" - - "traefik.http.routers.harbor.tls=true" - - "traefik.http.routers.harbor.tls.certresolver=dns_resolver" - - "traefik.http.services.harbor.loadbalancer.server.port=8080" - - harbor-registry: - image: bitnami/harbor-registry:latest - container_name: harbor-registry-node${HARBOR_NODE_ID} - restart: unless-stopped - depends_on: - - harbor-redis - environment: - - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/storage - - REGISTRY_REDIS_HOST=harbor-redis - - REGISTRY_HTPASSWD_REALM=Harbor-Registry - volumes: - - /shared/harbor/registry:/storage - - /shared/harbor/config/registry:/etc/registry:ro - networks: - - harbor_internal - - harbor-jobservice: - image: bitnami/harbor-jobservice:latest - container_name: harbor-jobservice-node${HARBOR_NODE_ID} - restart: unless-stopped - depends_on: - - harbor-core - - harbor-redis - - harbor-db - environment: - - HARBOR_DATABASE_HOST=harbor-db - - HARBOR_DATABASE_PASSWORD=${HARBOR_DB_PASS} - - HARBOR_REDIS_HOST=harbor-redis - volumes: - - /shared/harbor/jobservice:/var/log/jobs - networks: - - harbor_internal - - harbor-db: - image: bitnami/postgresql:latest - container_name: harbor-db-node${HARBOR_NODE_ID} - restart: unless-stopped - environment: - - POSTGRESQL_USERNAME=bn_harbor - - POSTGRESQL_PASSWORD=${HARBOR_DB_PASS} - - POSTGRESQL_DATABASE=bitnami_harbor - volumes: - - /shared/harbor/database:/bitnami/postgresql - networks: - - harbor_internal - - harbor-redis: - image: bitnami/redis:latest - container_name: harbor-redis-node${HARBOR_NODE_ID} - restart: unless-stopped - environment: - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - /shared/harbor/redis:/bitnami/redis/data - networks: - - harbor_internal - -networks: - harbor_internal: - driver: bridge - harbor_external: - external: true \ No newline at end of file diff --git a/lxc1/p2-apps/zot.yml b/lxc1/p2-apps/zot.yml new file mode 100644 index 0000000..a6a5e61 --- /dev/null +++ b/lxc1/p2-apps/zot.yml @@ -0,0 +1,28 @@ +services: + zot: + image: ghcr.io/project-zot/zot-linux-amd64:latest + container_name: zot-node${ZOT_NODE_ID} + restart: unless-stopped + # Zot runs as user 1000 by default in this image, aligning with your setup + user: "1000:1000" + volumes: + # The Config File (We will create this below) + - /shared/zot/config.json:/etc/zot/config.json + # The Storage (Images go here) + - /shared/zot/data:/var/lib/zot + networks: + - zot_external + - zot_internal + labels: + - "traefik.enable=true" + - "traefik.docker.network=zot_external" + - "traefik.http.routers.zot.rule=Host(`${HARBOR_HOST_NAME}.${TRAEFIK_DNS_SUFFIX}`)" + - "traefik.http.routers.zot.tls=true" + - "traefik.http.routers.zot.tls.certresolver=dns_resolver" + - "traefik.http.services.zot.loadbalancer.server.port=5000" + +networks: + zot_internal: + driver: bridge + zot_external: + external: true \ No newline at end of file diff --git a/lxc1/p2-apps/zot/config.json b/lxc1/p2-apps/zot/config.json new file mode 100644 index 0000000..70a75a2 --- /dev/null +++ b/lxc1/p2-apps/zot/config.json @@ -0,0 +1,49 @@ +{ + "distSpecVersion": "1.1.0", + "storage": { + "rootDirectory": "/var/lib/zot", + "gc": true, + "dedupe": true + }, + "http": { + "address": "0.0.0.0", + "port": "5000" + }, + "extensions": { + "sync": { + "enable": true, + "registries": [ + { + "urls": ["https://registry-1.docker.io"], + "onDemand": true, + "tlsVerify": true, + "content": [ + { "prefix": "docker-hub/**" } + ] + }, + { + "urls": ["https://ghcr.io"], + "onDemand": true, + "tlsVerify": true, + "content": [ + { "prefix": "ghcr/**" } + ] + }, + { + "urls": ["https://lscr.io"], + "onDemand": true, + "tlsVerify": true, + "content": [ + { "prefix": "lscr/**" } + ] + } + ] + }, + "ui": { + "enable": true + }, + "search": { + "enable": true + } + } +} \ No newline at end of file