From 1a8ce2705350b14dd7b739f6db4950c4daedd02a Mon Sep 17 00:00:00 2001
From: cnphpbb <moqiruyi@gmail.com>
Date: Thu, 4 Dec 2025 19:11:50 +0800
Subject: [PATCH] =?UTF-8?q?fix(harbor):=20=E6=9B=B4=E6=96=B0=E5=AE=B9?=
 =?UTF-8?q?=E5=99=A8=E9=95=9C=E5=83=8F=E7=89=88=E6=9C=AC=E8=87=B3v2.14.1?=
 =?UTF-8?q?=E5=B9=B6=E4=BC=98=E5=8C=96=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 将所有Harbor组件镜像版本从v2.2.2升级到v2.14.1
- 统一使用绝对路径/data/harbor作为挂载点
- 移除过时的dns_search配置项
- 简化volume绑定语法，使用直接路径映射
- 调整proxy服务端口映射配置
---
 harbor/compose.yaml | 131 ++++++++++++++++----------------------------
 1 file changed, 46 insertions(+), 85 deletions(-)

diff --git a/harbor/compose.yaml b/harbor/compose.yaml
index 60ac8d5..5e99ade 100644
--- a/harbor/compose.yaml
+++ b/harbor/compose.yaml
@@ -1,10 +1,8 @@
-version: '2.3'
 services:
   log:
-    image: goharbor/harbor-log:v2.2.2
+    image: goharbor/harbor-log:v2.14.1
     container_name: harbor-log
     restart: always
-    dns_search: .
     cap_drop:
       - ALL
     cap_add:
@@ -14,18 +12,14 @@ services:
       - SETUID
     volumes:
       - /var/log/harbor/:/var/log/docker/:z
-      - type: bind
-        source: ./common/config/log/logrotate.conf
-        target: /etc/logrotate.d/logrotate.conf
-      - type: bind
-        source: ./common/config/log/rsyslog_docker.conf
-        target: /etc/rsyslog.d/rsyslog_docker.conf
+      - /data/harbor/common/config/log/logrotate.conf:/etc/logrotate.d/logrotate.conf
+      - /data/harbor/common/config/log/rsyslog_docker.conf:/etc/rsyslog.d/rsyslog_docker.conf
     ports:
       - 127.0.0.1:1514:10514
     networks:
       - harbor
   registry:
-    image: goharbor/registry-photon:v2.2.2
+    image: goharbor/registry-photon:v2.14.1
     container_name: registry
     restart: always
     cap_drop:
@@ -35,29 +29,24 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/registry:/storage:z
-      - ./common/config/registry/:/etc/registry/:z
-      - type: bind
-        source: /data/secret/registry/root.crt
-        target: /etc/registry/root.crt
-      - type: bind
-        source: ./common/config/shared/trust-certificates
-        target: /harbor_cust_cert
+      - /data/harbor/registry:/storage:z
+      - /data/harbor/common/config/registry/:/etc/registry/:z
+      - /data/harbor/secret/registry/root.crt:/etc/registry/root.crt
+      - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
     networks:
       - harbor
-    dns_search: .
     depends_on:
       - log
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "registry"
   registryctl:
-    image: goharbor/harbor-registryctl:v2.2.2
+    image: goharbor/harbor-registryctl:v2.14.1
     container_name: registryctl
     env_file:
-      - ./common/config/registryctl/env
+      - /data/harbor/common/config/registryctl/env
     restart: always
     cap_drop:
       - ALL
@@ -66,26 +55,21 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/registry:/storage:z
-      - ./common/config/registry/:/etc/registry/:z
-      - type: bind
-        source: ./common/config/registryctl/config.yml
-        target: /etc/registryctl/config.yml
-      - type: bind
-        source: ./common/config/shared/trust-certificates
-        target: /harbor_cust_cert
+      - /data/harbor/registry:/storage:z
+      - /data/harbor/common/config/registry/:/etc/registry/:z
+      - /data/harbor/common/config/registryctl/config.yml:/etc/registryctl/config.yml
+      - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
     networks:
       - harbor
-    dns_search: .
     depends_on:
       - log
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "registryctl"
   postgresql:
-    image: goharbor/harbor-db:v2.2.2
+    image: goharbor/harbor-db:v2.14.1
     container_name: harbor-db
     restart: always
     cap_drop:
@@ -96,21 +80,21 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/database:/var/lib/postgresql/data:z
+      - /data/harbor/database:/var/lib/postgresql/data:z
     networks:
       harbor:
-    dns_search: .
     env_file:
-      - ./common/config/db/env
+      - /data/harbor/common/config/db/env
     depends_on:
       - log
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "postgresql"
+    shm_size: '1gb'
   core:
-    image: goharbor/harbor-core:v2.2.2
+    image: goharbor/harbor-core:v2.14.1
     container_name: harbor-core
     env_file:
       - ./common/config/core/env
@@ -121,24 +105,15 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/ca_download/:/etc/core/ca/:z
-      - /data/:/data/:z
-      - ./common/config/core/certificates/:/etc/core/certificates/:z
-      - type: bind
-        source: ./common/config/core/app.conf
-        target: /etc/core/app.conf
-      - type: bind
-        source: /data/secret/core/private_key.pem
-        target: /etc/core/private_key.pem
-      - type: bind
-        source: /data/secret/keys/secretkey
-        target: /etc/core/key
-      - type: bind
-        source: ./common/config/shared/trust-certificates
-        target: /harbor_cust_cert
+      - /data/harbor/ca_download/:/etc/core/ca/:z
+      - /data/harbor/:/data/:z
+      - /data/harbor/common/config/core/certificates/:/etc/core/certificates/:z
+      - /data/harbor/common/config/core/app.conf:/etc/core/app.conf
+      - /data/harbor/secret/core/private_key.pem:/etc/core/private_key.pem
+      - /data/harbor/data/harbor/secret/keys/secretkey:/etc/core/key
+      - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
     networks:
       harbor:
-    dns_search: .
     depends_on:
       - log
       - registry
@@ -147,10 +122,10 @@ services:
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "core"
   portal:
-    image: goharbor/harbor-portal:v2.2.2
+    image: goharbor/harbor-portal:v2.14.1
     container_name: harbor-portal
     restart: always
     cap_drop:
@@ -161,22 +136,19 @@ services:
       - SETUID
       - NET_BIND_SERVICE
     volumes:
-      - type: bind
-        source: ./common/config/portal/nginx.conf
-        target: /etc/nginx/nginx.conf
+      - /data/harbor/common/config/portal/nginx.conf:/etc/nginx/nginx.conf
     networks:
       - harbor
-    dns_search: .
     depends_on:
       - log
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "portal"
 
   jobservice:
-    image: goharbor/harbor-jobservice:v2.2.2
+    image: goharbor/harbor-jobservice:v2.14.1
     container_name: harbor-jobservice
     env_file:
       - ./common/config/jobservice/env
@@ -188,25 +160,20 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/job_logs:/var/log/jobs:z
-      - type: bind
-        source: ./common/config/jobservice/config.yml
-        target: /etc/jobservice/config.yml
-      - type: bind
-        source: ./common/config/shared/trust-certificates
-        target: /harbor_cust_cert
+      - /data/harbor/job_logs:/var/log/jobs:z
+      - /data/harbor/common/config/jobservice/config.yml:/etc/jobservice/config.yml
+      - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
     networks:
       - harbor
-    dns_search: .
     depends_on:
       - core
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "jobservice"
   redis:
-    image: goharbor/redis-photon:v2.2.2
+    image: goharbor/redis-photon:v2.14.1
     container_name: redis
     restart: always
     cap_drop:
@@ -216,19 +183,18 @@ services:
       - SETGID
       - SETUID
     volumes:
-      - /data/redis:/var/lib/redis
+      - /data/harbor/redis:/var/lib/redis
     networks:
       harbor:
-    dns_search: .
     depends_on:
       - log
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "redis"
   proxy:
-    image: goharbor/nginx-photon:v2.2.2
+    image: goharbor/nginx-photon:v2.14.1
     container_name: nginx
     restart: always
     cap_drop:
@@ -239,17 +205,12 @@ services:
       - SETUID
       - NET_BIND_SERVICE
     volumes:
-      - ./common/config/nginx:/etc/nginx:z
-      - /data/secret/cert:/etc/cert:z
-      - type: bind
-        source: ./common/config/shared/trust-certificates
-        target: /harbor_cust_cert
+      - /data/harbor/common/config/nginx:/etc/nginx:z
+      - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
     networks:
       - harbor
-    dns_search: .
     ports:
-      - 8080:8080
-      - 8443:8443
+      - 80:8080
     depends_on:
       - registry
       - core
@@ -258,7 +219,7 @@ services:
     logging:
       driver: "syslog"
       options:
-        syslog-address: "tcp://127.0.0.1:1514"
+        syslog-address: "tcp://localhost:1514"
         tag: "proxy"
 networks:
   harbor: