From 628e25ec8fc6915f36f6010db83302acfc941b4f Mon Sep 17 00:00:00 2001 From: Stephen Ndegwa <105418748+stephenndegwa@users.noreply.github.com> Date: Tue, 31 Dec 2024 22:29:55 +0300 Subject: [PATCH 1/2] Add tutorial: How to Install and Configure Harbor --- .../01.en.md | 428 ++++++++++++++++++ 1 file changed, 428 insertions(+) create mode 100644 tutorials/how-to-install-and-configure-harbor/01.en.md diff --git a/tutorials/how-to-install-and-configure-harbor/01.en.md b/tutorials/how-to-install-and-configure-harbor/01.en.md new file mode 100644 index 000000000..910d65644 --- /dev/null +++ b/tutorials/how-to-install-and-configure-harbor/01.en.md @@ -0,0 +1,428 @@ +--- +SPDX-License-Identifier: MIT +path: "/tutorials/how-to-install-and-configure-harbor" +slug: "how-to-install-and-configure-harbor" +date: "2023-01-01" +title: "How to Install and Configure Harbor" +short_description: "Learn how to install and configure Harbor, an open-source container image registry, to secure and manage your container images." +tags: ["Containerization", "Harbor", "Docker", "Kubernetes"] +author: "Stephen Ndegwa" +author_link: "https://github.com/stephenndegwa" +author_img: "https://avatars.githubusercontent.com/u/105418748" +author_description: "System administrator with expertise in Linux and high-availability RAID configurations." +language: "en" +available_languages: ["en"] +header_img: "header-raid" +cta: "product" +--- + +## Introduction + +Harbor is an open-source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted. It serves as a central repository for container images, ensuring their integrity and access control across environments. In this guide, you'll learn how to install the latest version of Harbor and configure it for storing container images. + +Harbor can be deployed as a set of Docker containers, and this tutorial assumes you have Docker and Docker Compose installed. + +--- + +## Prerequisites + +Before you begin, ensure you have the following prerequisites: + +1. **Operating System**: A server running a supported Linux distribution (e.g., Ubuntu 20.04 or CentOS 7). +2. **Root or Sudo Access**: Administrative privileges to install software and modify system configurations. +3. **Docker**: Docker Engine version 17.06.0-ce or later installed. +4. **Docker Compose**: Docker Compose version 1.18.0 or later installed. +5. **Domain Name**: A fully qualified domain name (FQDN) for accessing Harbor. + +Ensure all these prerequisites are met before proceeding with the installation and configuration of Harbor. + +--- + +## Step 1: Download and Extract the Harbor Installer + +To install Harbor, the first step is downloading and extracting the Harbor installer. Follow these instructions: + +### Download the Latest Installer + +Use the following command to download the offline installer for the latest version of Harbor (v2.12.1 in this example): + +```bash +wget https://github.com/goharbor/harbor/releases/download/v2.12.1/harbor-offline-installer-v2.12.1.tgz +``` + +### Extract the Installer + +1. Extract the downloaded installer: + ```bash + tar xzvf harbor-offline-installer-v2.12.1.tgz + ``` +2. The extraction creates a directory named `harbor` with the following files: + ``` + harbor/harbor.v2.12.1.tar.gz + harbor/prepare + harbor/LICENSE + harbor/install.sh + harbor/common.sh + harbor/harbor.yml.tmpl + ``` + +### Verify the Installer Directory + +1. Navigate to the `harbor` directory: + ```bash + cd harbor + ``` +2. Verify its contents by listing the files: + ```bash + ls + ``` + The output should be: + ``` + harbor.v2.12.1.tar.gz + prepare + LICENSE + install.sh + common.sh + harbor.yml.tmpl + ``` + +--- + +You’re now ready to move to Step 2, where you’ll configure the `harbor.yml` file to prepare for Harbor installation. + +--- + +## Step 2: Configure the `harbor.yml` File + +Before installing Harbor, you must configure the `harbor.yml` file to define the system settings and parameters. Follow these steps to set up the configuration: + +### Locate the `harbor.yml` Template + +The extracted Harbor installer includes a configuration template file named `harbor.yml.tmpl`. You need to create the `harbor.yml` file based on this template. + +1. Navigate to the Harbor directory: + ```bash + cd harbor + ``` +2. Copy the template file to create the actual configuration file: + ```bash + cp harbor.yml.tmpl harbor.yml + ``` + +### Edit the `harbor.yml` File + +1. Open the `harbor.yml` file in a text editor (e.g., `nano` or `vim`): + ```bash + nano harbor.yml + ``` +2. Modify the following key parameters: + + - **`hostname`**: Set this to the IP address or fully qualified domain name (FQDN) of your Harbor server. + ```yaml + hostname: + ``` + Replace `` with your server's actual domain or hostname. + + - **HTTPS Configuration**: Enable HTTPS by specifying the certificate and private key paths. + ```yaml + https: + port: 443 + certificate: /etc/letsencrypt/live//fullchain.pem + private_key: /etc/letsencrypt/live//privkey.pem + ``` + Replace `` with your domain. + + - **Admin Password**: Set an initial password for the Harbor admin user. The default username is `admin`. + ```yaml + harbor_admin_password: YourStrongPassword + ``` + + - **Data Volume**: Specify the directory where Harbor will store data. The default is `/data`. + ```yaml + data_volume: /data + ``` + + - **Database Password**: Optionally, set a password for the internal PostgreSQL database. + ```yaml + database: + password: YourDatabasePassword + ``` + +3. Save and close the file. + +--- + +### Generate SSL Certificates with Certbot + +If you do not already have an SSL certificate for your domain, you can generate one using Certbot and Let’s Encrypt. + +1. Install Certbot on your system: + - **For Ubuntu/Debian**: + ```bash + sudo apt update + sudo apt install certbot -y + ``` + - **For CentOS/RHEL**: + ```bash + sudo yum install certbot -y + ``` + +2. Stop any services using ports 80 and 443, such as Nginx or Apache: + ```bash + sudo systemctl stop nginx + sudo systemctl stop apache2 + ``` + +3. Run Certbot to generate the certificate: + ```bash + sudo certbot certonly --standalone --agree-tos --no-eff-email --email your-email@example.com -d + ``` + This will create the certificate and private key in the `/etc/letsencrypt/live//` directory. + +4. Restart any stopped services: + ```bash + sudo systemctl start nginx + ``` + +--- + +### Verify the Configuration + +Check that the `harbor.yml` file has been updated correctly: + +```bash +cat harbor.yml +``` + +Ensure all parameters reflect your intended configuration. + +--- + +With the `harbor.yml` file configured, including the SSL certificate paths, you are now ready to proceed to Step 3, where you’ll install and start Harbor. + +--- + +## Step 3: Install Docker, and Start Harbor Installation + +Harbor requires Docker (version 17.06.0-ce or later) and Docker Compose (version 1.18.0 or later). Follow these steps to ensure Docker and Docker Compose are installed correctly before proceeding with Harbor installation. + +### Remove Old Docker Versions + +If you have older versions of Docker or related packages installed, remove them to avoid conflicts: + +```bash +for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done +``` + +### Set Up Docker's apt Repository + +Before installing Docker, add its official repository to your system: + +1. Update the package index and install required dependencies: + ```bash + sudo apt-get update + sudo apt-get install ca-certificates curl + ``` + +2. Add Docker's GPG key: + ```bash + sudo install -m 0755 -d /etc/apt/keyrings + sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc + sudo chmod a+r /etc/apt/keyrings/docker.asc + ``` + +3. Add the Docker repository to apt sources: + ```bash + echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + sudo apt-get update + ``` + + > Note: For Ubuntu derivatives (e.g., Linux Mint), use `UBUNTU_CODENAME` instead of `VERSION_CODENAME`. + +### Install Docker + +1. Install the latest version of Docker: + ```bash + sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + ``` + +2. Verify the Docker installation: + ```bash + sudo docker run hello-world + ``` + This command downloads a test image and runs it in a container, printing a confirmation message. + +### Install Docker Compose + +1. Update the package index: + ```bash + sudo apt-get update + ``` + +2. Install the Docker Compose plugin: + ```bash + sudo apt-get install docker-compose-plugin + ``` + +3. Verify Docker Compose installation: + ```bash + docker compose version + ``` + You should see output similar to: + ``` + Docker Compose version vN.N.N + ``` + + +### Run the Harbor Installation Script + +1. Navigate to the Harbor directory: + ```bash + cd harbor + ``` + +2. Run the installation script: + ```bash + sudo ./install.sh + ``` + + +### Start Harbor Services + +1. Use Docker Compose to start Harbor: + ```bash + docker compose up -d + ``` + This command starts Harbor services as containers in detached mode. The output should resemble: + ``` + [+] Running 9/0 + ✔ Container harbor-log Running 0.0s + ✔ Container registryctl Running 0.0s + ✔ Container harbor-portal Running 0.0s + ✔ Container redis Running 0.0s + ✔ Container harbor-db Running 0.0s + ✔ Container registry Running 0.0s + ✔ Container harbor-core Running 0.0s + ✔ Container nginx Running 0.0s + ✔ Container harbor-jobservice Running 0.0s + ``` + +2. Verify that the containers are running: + ```bash + sudo docker ps + ``` + You should see several containers, including `nginx`, `core`, `portal`, and others, in a running state. + +### Access the Harbor Interface + +1. Open a web browser and navigate to your Harbor instance: + ``` + https:// + ``` +2. Log in with the default username `admin` and the password you set in the `harbor.yml` file. + +--- + +Harbor is now successfully installed and ready for use. Proceed to configure image storage and push/pull operations in the next step. + +--- + +## Step 4: Configure Image Storage and Push/Pull Operations + +Once Harbor is successfully installed and running, you can start configuring image storage and perform push/pull operations. Follow the steps below: + +### Create a Project in Harbor + +1. Log in to the Harbor web interface: + - URL: `https://` + - Username: `admin` + - Password: The one you set in `harbor.yml`. + +2. Navigate to the **Projects** tab. + +3. Click **New Project**, and provide the following details: + - **Project Name**: `my-project` (or any desired name). + - **Access Level**: Choose **Private** to restrict access or **Public** for open access. + +4. Save the project. + +### Log In to Harbor from Docker + +Before pushing or pulling images, you need to authenticate your Docker client with Harbor. + +1. Use the following command to log in: + ```bash + docker login + ``` + - Enter your Harbor username (`admin`) and password when prompted. + +### Push an Image to Harbor + +1. Tag the image you want to push, associating it with your Harbor repository: + ```bash + docker tag ubuntu:latest /my-project/ubuntu:latest + ``` + +2. Push the tagged image: + ```bash + docker push /my-project/ubuntu:latest + ``` + +3. Verify the image in the Harbor web interface under **Projects > my-project**. + +### Pull an Image from Harbor + +To pull the image back from Harbor to a Docker client: + +1. Use the following command: + ```bash + docker pull /my-project/ubuntu:latest + ``` + +2. Confirm the image is pulled by listing local images: + ```bash + docker images + ``` + +### Optional: Enable Content Trust (Notary) + +If you wish to enable image signing for additional security: + +1. Configure Docker to use content trust: + ```bash + export DOCKER_CONTENT_TRUST=1 + ``` + +2. Push or pull images as usual to ensure they are signed. + +--- + +Harbor is now configured for storing and managing container images. You can use these steps to efficiently manage your Docker images within Harbor. + +--- + +### License: MIT + + From 6101f438fb5be365b84b6ba613beb403c9adaf80 Mon Sep 17 00:00:00 2001 From: Stephen Ndegwa <105418748+stephenndegwa@users.noreply.github.com> Date: Tue, 31 Dec 2024 22:51:03 +0300 Subject: [PATCH 2/2] Add tutorial: How to Configure cPanel Backups with Hetzner Storage Box --- tutorials/cpanel-backup-with-hetzner/01.en.md | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 tutorials/cpanel-backup-with-hetzner/01.en.md diff --git a/tutorials/cpanel-backup-with-hetzner/01.en.md b/tutorials/cpanel-backup-with-hetzner/01.en.md new file mode 100644 index 000000000..7ff6fc5e2 --- /dev/null +++ b/tutorials/cpanel-backup-with-hetzner/01.en.md @@ -0,0 +1,100 @@ +--- +SPDX-License-Identifier: MIT +path: "/tutorials/cpanel-backup-with-hetzner" +slug: "cpanel-backup-with-hetzner" +date: "2023-01-01" +title: "How to Configure cPanel Backups with Hetzner Storage Box" +short_description: "Learn how to configure cPanel backups to a Hetzner Storage Box for secure and reliable offsite data storage." +tags: ["Backup", "cPanel", "Hetzner", "Storage"] +author: "Stephen Ndegwa" +author_link: "https://github.com/stephenndegwa" +author_img: "https://avatars.githubusercontent.com/u/105418748" +author_description: "System administrator with expertise in Linux and high-availability RAID configurations." +language: "en" +available_languages: ["en"] +header_img: "header-raid" +cta: "product" +--- + +## Introduction +This tutorial will guide you through configuring cPanel backups to a Hetzner Storage Box. Hetzner Storage Boxes are efficient and secure solutions for offsite backups, allowing you to store data away from your primary server. By the end of this tutorial, your cPanel server will automatically upload backups to the Hetzner Storage Box, ensuring reliable data protection. + +### Prerequisites +- A cPanel/WHM server. +- Access to a Hetzner Storage Box with valid credentials. +- SSH access to your cPanel server. +- Basic knowledge of Linux commands. + +Example placeholders used: +- **Username:** `holu` +- **Hostname:** `` +- **Domain:** `` +- **IP Address:** `<10.0.0.1>` + +--- + +## Steps + +### Step 1: Prepare Hetzner Storage Box +1. Log in to the Hetzner Robot Interface. +2. Navigate to the **Storage Boxes** section and select your Storage Box. +3. Note the **FTP/SSH/Samba credentials** provided. +4. Ensure that **SSH** is enabled for the Storage Box in its settings. + +### Step 2: Configure cPanel Backup System +1. Log in to WHM on your cPanel server. +2. Navigate to **Backup Configuration** (Home > Backup > Backup Configuration). +3. Enable **Backups** by checking the "Enable Backups" option. +4. Choose the backup type (e.g., Compressed, Uncompressed, or Incremental). +5. Set the backup schedule and retention policy according to your requirements. +6. Click **Save Configuration**. + +### Step 3: Set Up Remote Destination +1. In WHM, navigate to **Backup Configuration** > **Additional Destinations**. +2. Click **Create New Destination** and select **Custom Destination**. +3. Fill in the required fields: + - **Destination Type:** `SFTP` or `rsync`. + - **Name:** `HetznerStorageBox` (or a name of your choice). + - **Backup Directory:** `/backup` (or another directory on the Storage Box). + - **Remote Host:** `` (e.g., `u123456.your-storagebox.de`). + - **Port:** `23` (default for SSH/SFTP or rsync). + - **Remote Username:** ``. + - **Remote Password:** ``. +4. Click **Save and Validate Destination** to ensure the connection works. + +### Step 4: Test Backup Configuration +1. In WHM, navigate to **Backup Configuration** > **Additional Destinations**. +2. Select the Hetzner Storage Box destination and click **Transfer Backups to Destination**. +3. Verify that backups are successfully uploaded to the Storage Box. + +### Step 5: Automate Backups +1. Confirm that the backup schedule is active in the **Backup Configuration** section. +2. Monitor backups to ensure that daily/weekly backups are automatically transferred to the Hetzner Storage Box. + +--- + +## Conclusion +By following this tutorial, you have successfully configured cPanel to use a Hetzner Storage Box for offsite backups. This setup enhances data security and provides a reliable recovery option in case of server failures. + +### License: MIT + +