Configurations

Properties

NameTypeDescriptionNotes
auth_modestrThe auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth"[optional]
ldap_base_dnstrThe Base DN for LDAP binding.[optional]
ldap_filterstrThe filter for LDAP search[optional]
ldap_group_base_dnstrThe base DN to search LDAP group.[optional]
ldap_group_admin_dnstrSpecify the ldap group which have the same privilege with Harbor admin[optional]
ldap_group_attribute_namestrThe attribute which is used as identity of the LDAP group, default is cn.'[optional]
ldap_group_search_filterstrThe filter to search the ldap group[optional]
ldap_group_search_scopeintThe scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''[optional]
ldap_scopeintThe scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'[optional]
ldap_search_dnstrThe DN of the user to do the search.[optional]
ldap_search_passwordstrThe password of the ldap search dn[optional]
ldap_timeoutintTimeout in seconds for connection to LDAP server[optional]
ldap_uidstrThe attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"[optional]
ldap_urlstrThe URL of LDAP server[optional]
ldap_verify_certboolWhether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate.[optional]
ldap_group_membership_attributestrThe user attribute to identify the group membership[optional]
project_creation_restrictionstrIndicate who can create projects, it could be ''adminonly'' or ''everyone''.[optional]
read_onlyboolThe flag to indicate whether Harbor is in readonly mode.[optional]
self_registrationboolWhether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.[optional]
token_expirationintThe expiration time of the token for internal Registry, in minutes.[optional]
uaa_client_idstrThe client id of UAA[optional]
uaa_client_secretstrThe client secret of the UAA[optional]
uaa_endpointstrThe endpoint of the UAA[optional]
uaa_verify_certboolVerify the certificate in UAA server[optional]
http_authproxy_endpointstrThe endpoint of the HTTP auth[optional]
http_authproxy_tokenreview_endpointstrThe token review endpoint[optional]
http_authproxy_admin_groupsstrThe group which has the harbor admin privileges[optional]
http_authproxy_admin_usernamesstrThe username which has the harbor admin privileges[optional]
http_authproxy_verify_certboolVerify the HTTP auth provider's certificate[optional]
http_authproxy_skip_searchboolSearch user before onboard[optional]
http_authproxy_server_certificatestrThe certificate of the HTTP auth provider[optional]
oidc_namestrThe OIDC provider name[optional]
oidc_endpointstrThe endpoint of the OIDC provider[optional]
oidc_client_idstrThe client ID of the OIDC provider[optional]
oidc_client_secretstrThe OIDC provider secret[optional]
oidc_groups_claimstrThe attribute claims the group name[optional]
oidc_admin_groupstrThe OIDC group which has the harbor admin privileges[optional]
oidc_group_filterstrThe OIDC group filter which filters out the group name doesn't match the regular expression[optional]
oidc_scopestrThe scope of the OIDC provider[optional]
oidc_user_claimstrThe attribute claims the username[optional]
oidc_verify_certboolVerify the OIDC provider's certificate'[optional]
oidc_auto_onboardboolAuto onboard the OIDC user[optional]
oidc_extra_redirect_parmsstrExtra parameters to add when redirect request to OIDC provider[optional]
robot_token_durationintThe robot account token duration in days[optional]
robot_name_prefixstrThe rebot account name prefix[optional]
notification_enableboolEnable notification[optional]
quota_per_project_enableboolEnable quota per project[optional]
storage_per_projectintThe storage quota per project[optional]
audit_log_forward_endpointstrThe audit log forward endpoint[optional]
skip_audit_log_databaseboolSkip audit log database[optional]
session_timeoutintThe session timeout for harbor, in minutes.[optional]