Disable Harbor tls (rely on Traefik);Configure Traefik with custom certResolver;Retrieve & install root ca in truststore
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@ -13,16 +13,23 @@ platform:
|
||||
- name: traefik
|
||||
namespace: kube-system
|
||||
config: |2
|
||||
additionalArguments:
|
||||
- "--certificatesResolvers.stepca.acme.caserver=https://step-certificates.step-ca.svc.cluster.local/acme/acme/directory"
|
||||
- "--certificatesResolvers.stepca.acme.email=admin"
|
||||
- "--certificatesResolvers.stepca.acme.httpChallenge=true"
|
||||
- "--certificatesResolvers.stepca.acme.httpChallenge.entryPoint=web"
|
||||
- "--certificatesResolvers.stepca.acme.storage=/data/acme.json"
|
||||
- "--certificatesResolvers.stepca.acme.tlsChallenge=true"
|
||||
globalArguments: []
|
||||
ingressRoute:
|
||||
dashboard:
|
||||
enabled: false
|
||||
ports:
|
||||
ssh:
|
||||
port: 8022
|
||||
protocol: TCP
|
||||
web:
|
||||
redirectTo: websecure
|
||||
ingressRoute:
|
||||
dashboard:
|
||||
enabled: false
|
||||
|
||||
helm_repositories:
|
||||
- name: longhorn
|
||||
@ -83,8 +90,12 @@ components:
|
||||
chart_values: !unsafe |
|
||||
expose:
|
||||
ingress:
|
||||
annotations: {}
|
||||
hosts:
|
||||
core: registry.{{ vapp['metacluster.fqdn'] }}
|
||||
tls:
|
||||
certSource: none
|
||||
enabled: false
|
||||
externalURL: https://registry.{{ vapp['metacluster.fqdn'] }}
|
||||
harborAdminPassword: "{{ vapp['guestinfo.rootpw'] }}"
|
||||
notary:
|
||||
|
||||
Reference in New Issue
Block a user