Initial commit

.gitignore

@@ -0,0 +1,6 @@
+harbor
+my_start.sh
+Deploy/config/registry/config.yml
+Deploy/config/ui/env
+Deploy/config/ui/app.conf
+Deploy/prepare.my

Deploy/config/nginx/nginx.conf

@@ -0,0 +1,68 @@
+worker_processes auto;
+
+events {
+  worker_connections 1024;
+  use epoll;
+  multi_accept on;
+}
+
+http {
+  tcp_nodelay on;
+
+  # this is necessary for us to be able to disable request buffering in all cases
+  proxy_http_version 1.1;
+
+
+  upstream registry {
+    server registry:5000;
+#    check interval=2000 rise=1 fall=1 timeout=5000 type=tcp;
+  }
+
+  upstream ui {
+    server ui:80;
+#    check interval=2000 rise=1 fall=1 timeout=5000 type=tcp;
+  }
+
+
+  server {
+    listen 80;
+
+    # disable any limits to avoid HTTP 413 for large image uploads
+    client_max_body_size 0;
+
+    location / {
+      proxy_pass http://ui/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_buffering off;
+      proxy_request_buffering off;
+    }
+
+    location /v1/ {
+      return 404;
+    }
+
+    location /v2/ {
+      proxy_pass http://registry/v2/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_buffering off;
+      proxy_request_buffering off;
+
+    }
+
+    location /service/ {
+      proxy_pass http://ui/service/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_buffering off;
+      proxy_request_buffering off;
+    }
+  }
+}

Deploy/config/registry/root.crt

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWDCCAcGgAwIBAgIJAN1nLuloDeHNMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTYwMTI3MDQyMDM1WhcNNDMwNjE0MDQyMDM1WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQClak/4HO7EeLU0w/BhtVENPLOqU0AP2QjVUdg1qhNiDWVrbWx9KYHqz5Kn0n2+
+fxdZo3o7ZY5/2+hhgkKh1z6Kge9XGgune6z4fx2J/X2Se8WsGeQUTiND8ngSnsCA
+NtYFwW50SbUZPtyf5XjAfKRofZem51OxbxzN3217L/ubKwIDAQABo1AwTjAdBgNV
+HQ4EFgQU5EG2VrB3I6G/TudUpz+kBgQXSvYwHwYDVR0jBBgwFoAU5EG2VrB3I6G/
+TudUpz+kBgQXSvYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQAx+2eo
+oOm0YNy9KQ81+7GQkKVWoPQXjAGGgZuZj8WCFepYqUSJ4q5qbuVCY8WbGcHVk2Rx
+Jg1XDCmMjBgYP6S0ikezBRqSmNA3G6oFiydTKBfPs6RNalsB0C78Xk5l5+PIyd2R
+jFKOKoMpkjwfeJv2j64WNGoBgqj7XRBoJ11a4g==
+-----END CERTIFICATE-----

Deploy/db/Dockerfile

@@ -0,0 +1,8 @@
+FROM mysql:5.6
+
+WORKDIR /tmp
+
+ADD registry.sql r.sql 
+
+ADD docker-entrypoint.sh /entrypoint.sh
+RUN chmod u+x /entrypoint.sh 

Deploy/db/docker-entrypoint.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+
+if [ ! -d '/var/lib/mysql/mysql' -a "${1%_safe}" = 'mysqld' ]; then
+	if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" ]; then
+		echo >&2 'error: database is uninitialized and MYSQL_ROOT_PASSWORD not set'
+		echo >&2 '  Did you forget to add -e MYSQL_ROOT_PASSWORD=... ? v2'
+		exit 1
+	fi
+
+	mysql_install_db --user=mysql --datadir=/var/lib/mysql
+
+	# These statements _must_ be on individual lines, and _must_ end with
+	# semicolons (no line breaks or comments are permitted).
+	# TODO proper SQL escaping on ALL the things D:
+	TEMP_FILE='/tmp/mysql-first-time.sql'
+	cat > "$TEMP_FILE" <<-EOSQL
+		DELETE FROM mysql.user ;
+		CREATE USER 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
+		GRANT ALL ON *.* TO 'root'@'%' WITH GRANT OPTION ;
+		DROP DATABASE IF EXISTS test ;
+	EOSQL
+
+	if [ "$MYSQL_DATABASE" ]; then
+		echo "CREATE DATABASE IF NOT EXISTS $MYSQL_DATABASE ;" >> "$TEMP_FILE"
+	fi
+
+	if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
+		echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" >> "$TEMP_FILE"
+
+		if [ "$MYSQL_DATABASE" ]; then
+			echo "GRANT ALL ON $MYSQL_DATABASE.* TO '$MYSQL_USER'@'%' ;" >> "$TEMP_FILE"
+		fi
+	fi
+
+	echo 'FLUSH PRIVILEGES ;' >> "$TEMP_FILE"
+	cat /tmp/r.sql >> "$TEMP_FILE"
+
+	set -- "$@" --init-file="$TEMP_FILE"
+fi
+
+chown -R mysql:mysql /var/lib/mysql
+exec "$@"

Deploy/db/registry.sql

@@ -0,0 +1,104 @@
+drop database if exists registry;
+create database registry charset = utf8;
+
+use registry;
+
+create table access (
+ access_id int NOT NULL AUTO_INCREMENT,
+ access_code char(1),
+ comment varchar (30),
+ primary key (access_id)
+);
+
+insert into access values 
+( null, 'A', 'All access for the system'),
+( null, 'M', 'Management access for project'),
+( null, 'R', 'Read access for project'),
+( null, 'W', 'Write access for project'),
+( null, 'D', 'Delete access for project'),
+( null, 'S', 'Search access for project');
+
+
+create table role (
+ role_id int NOT NULL AUTO_INCREMENT,
+ role_code varchar(20),
+ name varchar (20),
+ primary key (role_id)
+);
+
+insert into role values 
+( null, 'AMDRWS', 'sysAdmin'),
+( null, 'MDRWS', 'projectAdmin'),
+( null, 'RWS', 'developer'),
+( null, 'RS', 'guest');
+
+
+create table user (
+ user_id int NOT NULL AUTO_INCREMENT,
+ username varchar(15),
+ email varchar(30),
+ password varchar(40) NOT NULL,
+ realname varchar (20) NOT NULL,
+ comment varchar (30),
+ deleted tinyint (1) DEFAULT 0 NOT NULL,
+ reset_uuid varchar(40) DEFAULT NULL,
+ salt varchar(40) DEFAULT NULL,
+ primary key (user_id),
+ UNIQUE (username),
+ UNIQUE (email)
+);
+
+insert into user values 
+(1, 'admin', 'admin@example.com', '', 'system admin', 'admin user',0, null, ''),
+(2, 'anonymous', 'anonymous@example.com', '', 'anonymous user', 'anonymous user', 1, null, '');
+
+create table project (
+ project_id int NOT NULL AUTO_INCREMENT,
+ owner_id int NOT NULL,
+ name varchar (30) NOT NULL,
+ creation_time timestamp,
+ deleted tinyint (1) DEFAULT 0 NOT NULL,
+ public tinyint (1) DEFAULT 0 NOT NULL,
+ primary key (project_id),
+ FOREIGN KEY (owner_id) REFERENCES user(user_id)
+);
+
+insert into project values 
+(null, 1, 'library', NOW(), 0, 1);
+
+create table project_role (
+ pr_id int NOT NULL AUTO_INCREMENT,
+ project_id int NOT NULL,
+ role_id int NOT NULL,
+ primary key (pr_id),
+ FOREIGN KEY (role_id) REFERENCES role(role_id),
+ FOREIGN KEY (project_id) REFERENCES project (project_id)
+);
+
+insert into project_role values
+( 1,1,1 );
+
+create table user_project_role (
+ upr_id int NOT NULL AUTO_INCREMENT,
+ user_id int NOT NULL,
+ pr_id int NOT NULL,
+ primary key (upr_id),
+ FOREIGN KEY (user_id) REFERENCES user(user_id),
+ FOREIGN KEY (pr_id) REFERENCES project_role (pr_id)
+);
+
+insert into user_project_role values
+( 1,1,1 );
+
+create table access_log (
+ log_id int NOT NULL AUTO_INCREMENT,
+ user_id int NOT NULL,
+ project_id int NOT NULL,
+ repo_name varchar (40), 
+ GUID varchar(64), 
+ operation varchar(20) NOT NULL,
+ op_time timestamp,
+ primary key (log_id),
+ FOREIGN KEY (user_id) REFERENCES user(user_id),
+ FOREIGN KEY (project_id) REFERENCES project (project_id)
+);

Deploy/docker-compose.yml

@@ -0,0 +1,61 @@
+log:
+  build: ./log/
+  volumes:
+    - /var/log/harbor/:/var/log/docker/
+  ports:
+    - 1514:514
+registry:
+  image: library/registry:2.1.1
+  volumes:
+    - /data/registry:/storage
+    - ./config/registry/:/etc/registry/
+  ports:
+    - 5001:5001
+  command:
+    /etc/registry/config.yml
+  links:
+    - log
+  log_driver: "syslog"
+  log_opt:
+    syslog-address: "tcp://127.0.0.1:1514"
+    tag: "{{.Name}}"
+mysql:
+  build: ./db/
+  volumes:
+    - /data/database:/var/lib/mysql
+  environment:
+    MYSQL_ROOT_PASSWORD: root
+  links:
+    - log
+  log_driver: "syslog"
+  log_opt:
+    syslog-address: "tcp://127.0.0.1:1514"
+    tag: "{{.Name}}"
+ui:
+  build: ../
+  env_file:
+    - ./config/ui/env
+  volumes:
+    - ./config/ui/app.conf:/etc/ui/app.conf
+  links:
+    - registry:registry
+    - mysql:mysql
+    - log
+  log_driver: "syslog"
+  log_opt:
+    syslog-address: "tcp://127.0.0.1:1514"
+    tag: "{{.Name}}"
+proxy:
+  image: library/nginx:1.9
+  volumes:
+    - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf
+  links:
+    - ui:ui
+    - registry:registry
+    - log
+  ports:
+    - 80:80
+  log_driver: "syslog"
+  log_opt:
+    syslog-address: "tcp://127.0.0.1:1514"
+    tag: "{{.Name}}"

Deploy/log/Dockerfile

@@ -0,0 +1,28 @@
+FROM library/ubuntu:14.04
+
+# run logrotate hourly
+RUN mv /etc/cron.daily/logrotate /etc/cron.hourly/
+
+# logrotate configuration file for docker
+ADD logrotate_docker.conf /etc/logrotate.d/
+
+#disable imklog model
+RUN sed 's/$ModLoad imklog/#$ModLoad imklog/' -i /etc/rsyslog.conf
+RUN sed 's/$KLogPermitNonKernelFacility on/#$KLogPermitNonKernelFacility on/' -i /etc/rsyslog.conf
+
+# provides TCP/UDP syslog reception
+RUN sed 's/#$ModLoad imudp/$ModLoad imudp/' -i /etc/rsyslog.conf
+RUN sed 's/#$UDPServerRun 514/$UDPServerRun 514/' -i /etc/rsyslog.conf
+RUN sed 's/#$ModLoad imtcp/$ModLoad imtcp/' -i /etc/rsyslog.conf
+RUN sed 's/#$InputTCPServerRun 514/$InputTCPServerRun 514/' -i /etc/rsyslog.conf
+
+RUN rm /etc/rsyslog.d/*
+
+# rsyslog configuration file for docker
+ADD rsyslog_docker.conf /etc/rsyslog.d/
+
+VOLUME /var/log/docker/
+
+EXPOSE 514
+
+CMD cron &&  chown -R syslog:syslog /var/log/docker/ && rsyslogd -n

Deploy/log/logrotate_docker.conf

@@ -0,0 +1,7 @@
+# Logrotate configuartion file for docker.
+
+/var/log/docker/*/*.log {
+	rotate 100
+	size 10M
+	copytruncate
+}

Deploy/log/rsyslog_docker.conf

@@ -0,0 +1,7 @@
+#  Rsyslog configuration file for docker.
+
+template(name="DynaFile" type="string"
+	string="/var/log/docker/%$now%/%syslogtag:R,ERE,0,DFLT:[^[]*--end:secpath-replace%.log"
+)
+
+if $programname == "docker" then ?DynaFile