Vertiwell/gist:3797f39a522d0a5f2dcb0a63b9c1a3e2

## gistfile1.txt
#!/bin/bash
### Deploying Harbor Registry Cluster on Kubernetes for Debian/Ubuntu based OS
## Baseline Guide: https://goharbor.io/docs/2.4.0/install-config/harbor-ha-helm/
# Type of Deployment: Helm
#
### Minimum Requirements ###
## Three Worker Node Cluster (Tested on K0s, K3s, K8s)
## A Storage Backend (Tested on Ceph, OpenEBS, Longhorn)
## Postgres Cluster - See Script
#
## The following base packages are required:
# Helm, Package Manager
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && \
chmod 700 get_helm.sh && \
./get_helm.sh && \
#
### Installation ###
## Set Variables:
# Set a StorageClass (kubectl get sc)
SC=$(kubectl get sc --output=jsonpath={.items..metadata.name})
PS3='Please select a storage class: '
options=($SC)
select STORAGECLASS in "${options[@]}"
do
    echo "Using $STORAGECLASS as the StorageClass"; export STORAGECLASS=$STORAGECLASS; break
done
# Set a domain to use (needs to be real if you want to access this externally from the internet)
echo "Provide a domain to use (i.e: example.com):"
read DOMAIN
# Get Redis password:
RPASS=$(kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode)
# Get Postgres password:
export PPASS=$(cat temp-pass-store | sed -n -e 's/^.*User Postgres: //p') && \
## Create a database in Postgres for Harbor
# Find the nearest Postgres pod
PPOD=$(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.name})
# Find the pods namespace
PNAMESPACE=$(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.namespace})
# Create a password for the harbor databases (to be saved and this file deleted)
export HPASS=$(pwgen -csn 24 1) && echo "User Harbor: "$HPASS"" >> temp-pass-store && \
# Print an sql file to the postgres pod to create the new databases
kubectl exec -it $PPOD -n $PNAMESPACE -- bash -c "printf '\set AUTOCOMMIT on\nCREATE DATABASE registry;\nCREATE DATABASE notary_server;\nCREATE DATABASE notary_signer;\n' > /tmp/createdb.sql" && \
# Execute this sql on the postgres server
kubectl exec -it $PPOD -n $PNAMESPACE -- psql "user=postgres password="$PPASS"" -f "/tmp/createdb.sql" && \
# Execute command to create user and password with permissions to the databases
kubectl exec -it $PPOD -n $PNAMESPACE -- psql "user=postgres password="$PPASS"" -c "CREATE USER harbor WITH PASSWORD '"$HPASS"'" -c "GRANT ALL PRIVILEGES ON DATABASE registry to harbor" -c "GRANT ALL PRIVILEGES ON DATABASE notary_server to harbor" -c "GRANT ALL PRIVILEGES ON DATABASE notary_signer to harbor" && \
# Install the Helm chart repo
helm repo add harbor https://helm.goharbor.io && helm repo update && \
# Create custom values file
# Helm Chart Values Harbor: https://github.com/goharbor/harbor-helm/blob/master/values.yaml
cat <<EOF >config.yaml
expose:
  type: clusterIP
  tls:
    enabled: false
    certSource: none
externalURL: https://harbor.$DOMAIN
persistence:
  persistentVolumeClaim:
    registry:
      storageClass: "$STORAGECLASS"
      size: 2Gi
    chartmuseum:
      storageClass: "$STORAGECLASS"
      size: 2Gi
    jobservice:
      storageClass: "$STORAGECLASS"
      size: 1Gi
    trivy:
      storageClass: "$STORAGECLASS"
      size: 2Gi
notary:
  enabled: false
registry:
  credentials:
    username: "harbor"
    password: "$HPASS"
database:
  type: external
  external:
    host: "postgres.default.svc.cluster.local"
    port: "5432"
    username: "harbor"
    password: "$HPASS"
EOF
# Deploy the Harbor chart with custom values
helm install harbor harbor/harbor -f ./config.yaml --namespace harbor --create-namespace && \
# Wait until each database pod is running before moving on
ROLLOUT_STATUS_CMD="kubectl rollout status -w --timeout=300s deployment/harbor-core -n harbor"
until $ROLLOUT_STATUS_CMD || [ $n -eq 300 ]; do
      $ROLLOUT_STATUS_CMD
   n=$((n + 1))
  sleep 5
done
# Clean up
rm config.yaml
# Wipe everything
# kubectl delete ns harbor; export PPASS=$(cat temp-pass-store | sed -n -e 's/^.*User Postgres: //p'); kubectl exec -it $(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.name}) default  -- psql "user=postgres password="$PPASS"" -c "DROP DATABASE registry" -c "DROP DATABASE notary_server" -c "DROP DATABASE notary_signer" -c "DROP USER harbor"
	#!/bin/bash
	### Deploying Harbor Registry Cluster on Kubernetes for Debian/Ubuntu based OS
	## Baseline Guide: https://goharbor.io/docs/2.4.0/install-config/harbor-ha-helm/
	# Type of Deployment: Helm
	#
	### Minimum Requirements ###
	## Three Worker Node Cluster (Tested on K0s, K3s, K8s)
	## A Storage Backend (Tested on Ceph, OpenEBS, Longhorn)
	## Postgres Cluster - See Script
	#
	## The following base packages are required:
	# Helm, Package Manager
	curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && \
	chmod 700 get_helm.sh && \
	./get_helm.sh && \
	#
	### Installation ###
	## Set Variables:
	# Set a StorageClass (kubectl get sc)
	SC=$(kubectl get sc --output=jsonpath={.items..metadata.name})
	PS3='Please select a storage class: '
	options=($SC)
	select STORAGECLASS in "${options[@]}"
	do
	echo "Using $STORAGECLASS as the StorageClass"; export STORAGECLASS=$STORAGECLASS; break
	done
	# Set a domain to use (needs to be real if you want to access this externally from the internet)
	echo "Provide a domain to use (i.e: example.com):"
	read DOMAIN
	# Get Redis password:
	RPASS=$(kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" \| base64 --decode)
	# Get Postgres password:
	export PPASS=$(cat temp-pass-store \| sed -n -e 's/^.*User Postgres: //p') && \
	## Create a database in Postgres for Harbor
	# Find the nearest Postgres pod
	PPOD=$(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.name})
	# Find the pods namespace
	PNAMESPACE=$(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.namespace})
	# Create a password for the harbor databases (to be saved and this file deleted)
	export HPASS=$(pwgen -csn 24 1) && echo "User Harbor: "$HPASS"" >> temp-pass-store && \
	# Print an sql file to the postgres pod to create the new databases
	kubectl exec -it $PPOD -n $PNAMESPACE -- bash -c "printf '\set AUTOCOMMIT on\nCREATE DATABASE registry;\nCREATE DATABASE notary_server;\nCREATE DATABASE notary_signer;\n' > /tmp/createdb.sql" && \
	# Execute this sql on the postgres server
	kubectl exec -it $PPOD -n $PNAMESPACE -- psql "user=postgres password="$PPASS"" -f "/tmp/createdb.sql" && \
	# Execute command to create user and password with permissions to the databases
	kubectl exec -it $PPOD -n $PNAMESPACE -- psql "user=postgres password="$PPASS"" -c "CREATE USER harbor WITH PASSWORD '"$HPASS"'" -c "GRANT ALL PRIVILEGES ON DATABASE registry to harbor" -c "GRANT ALL PRIVILEGES ON DATABASE notary_server to harbor" -c "GRANT ALL PRIVILEGES ON DATABASE notary_signer to harbor" && \
	# Install the Helm chart repo
	helm repo add harbor https://helm.goharbor.io && helm repo update && \
	# Create custom values file
	# Helm Chart Values Harbor: https://github.com/goharbor/harbor-helm/blob/master/values.yaml
	cat <<EOF >config.yaml
	expose:
	type: clusterIP
	tls:
	enabled: false
	certSource: none
	externalURL: https://harbor.$DOMAIN
	persistence:
	persistentVolumeClaim:
	registry:
	storageClass: "$STORAGECLASS"
	size: 2Gi
	chartmuseum:
	storageClass: "$STORAGECLASS"
	size: 2Gi
	jobservice:
	storageClass: "$STORAGECLASS"
	size: 1Gi
	trivy:
	storageClass: "$STORAGECLASS"
	size: 2Gi
	notary:
	enabled: false
	registry:
	credentials:
	username: "harbor"
	password: "$HPASS"
	database:
	type: external
	external:
	host: "postgres.default.svc.cluster.local"
	port: "5432"
	username: "harbor"
	password: "$HPASS"
	EOF
	# Deploy the Harbor chart with custom values
	helm install harbor harbor/harbor -f ./config.yaml --namespace harbor --create-namespace && \
	# Wait until each database pod is running before moving on
	ROLLOUT_STATUS_CMD="kubectl rollout status -w --timeout=300s deployment/harbor-core -n harbor"
	until $ROLLOUT_STATUS_CMD \|\| [ $n -eq 300 ]; do
	$ROLLOUT_STATUS_CMD
	n=$((n + 1))
	sleep 5
	done
	# Clean up
	rm config.yaml
	# Wipe everything
	# kubectl delete ns harbor; export PPASS=$(cat temp-pass-store \| sed -n -e 's/^.*User Postgres: //p'); kubectl exec -it $(kubectl get pods --selector=app=postgres --all-namespaces --output=jsonpath={.items[].metadata.name}) default -- psql "user=postgres password="$PPASS"" -c "DROP DATABASE registry" -c "DROP DATABASE notary_server" -c "DROP DATABASE notary_signer" -c "DROP USER harbor"