auth_mode |
String |
The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth" |
[optional] |
email_from |
String |
The sender name for Email notification. |
[optional] |
email_host |
String |
The hostname of SMTP server that sends Email notification. |
[optional] |
email_identity |
String |
By default it's empty so the email_username is picked |
[optional] |
email_insecure |
BOOLEAN |
Whether or not the certificate will be verified when Harbor tries to access the email server. |
[optional] |
email_password |
String |
Email password |
[optional] |
email_port |
Integer |
The port of SMTP server |
[optional] |
email_ssl |
BOOLEAN |
When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side. |
[optional] |
email_username |
String |
The username for authenticate against SMTP server |
[optional] |
ldap_base_dn |
String |
The Base DN for LDAP binding. |
[optional] |
ldap_filter |
String |
The filter for LDAP search |
[optional] |
ldap_group_base_dn |
String |
The base DN to search LDAP group. |
[optional] |
ldap_group_admin_dn |
String |
Specify the ldap group which have the same privilege with Harbor admin |
[optional] |
ldap_group_attribute_name |
String |
The attribute which is used as identity of the LDAP group, default is cn.' |
[optional] |
ldap_group_search_filter |
String |
The filter to search the ldap group |
[optional] |
ldap_group_search_scope |
Integer |
The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'' |
[optional] |
ldap_scope |
Integer |
The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE' |
[optional] |
ldap_search_dn |
String |
The DN of the user to do the search. |
[optional] |
ldap_search_password |
String |
The password of the ldap search dn |
[optional] |
ldap_timeout |
Integer |
Timeout in seconds for connection to LDAP server |
[optional] |
ldap_uid |
String |
The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname" |
[optional] |
ldap_url |
String |
The URL of LDAP server |
[optional] |
ldap_verify_cert |
BOOLEAN |
Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate. |
[optional] |
ldap_group_membership_attribute |
String |
The user attribute to identify the group membership |
[optional] |
project_creation_restriction |
String |
Indicate who can create projects, it could be ''adminonly'' or ''everyone''. |
[optional] |
read_only |
BOOLEAN |
The flag to indicate whether Harbor is in readonly mode. |
[optional] |
self_registration |
BOOLEAN |
Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance. |
[optional] |
token_expiration |
Integer |
The expiration time of the token for internal Registry, in minutes. |
[optional] |
uaa_client_id |
String |
The client id of UAA |
[optional] |
uaa_client_secret |
String |
The client secret of the UAA |
[optional] |
uaa_endpoint |
String |
The endpoint of the UAA |
[optional] |
uaa_verify_cert |
BOOLEAN |
Verify the certificate in UAA server |
[optional] |
http_authproxy_endpoint |
String |
The endpoint of the HTTP auth |
[optional] |
http_authproxy_tokenreview_endpoint |
String |
The token review endpoint |
[optional] |
http_authproxy_admin_groups |
String |
The group which has the harbor admin privileges |
[optional] |
http_authproxy_admin_usernames |
String |
The username which has the harbor admin privileges |
[optional] |
http_authproxy_verify_cert |
BOOLEAN |
Verify the HTTP auth provider's certificate |
[optional] |
http_authproxy_skip_search |
BOOLEAN |
Search user before onboard |
[optional] |
http_authproxy_server_certificate |
String |
The certificate of the HTTP auth provider |
[optional] |
oidc_name |
String |
The OIDC provider name |
[optional] |
oidc_endpoint |
String |
The endpoint of the OIDC provider |
[optional] |
oidc_client_id |
String |
The client ID of the OIDC provider |
[optional] |
oidc_client_secret |
String |
The OIDC provider secret |
[optional] |
oidc_groups_claim |
String |
The attribute claims the group name |
[optional] |
oidc_admin_group |
String |
The OIDC group which has the harbor admin privileges |
[optional] |
oidc_scope |
String |
The scope of the OIDC provider |
[optional] |
oidc_user_claim |
String |
The attribute claims the username |
[optional] |
oidc_verify_cert |
BOOLEAN |
Verify the OIDC provider's certificate' |
[optional] |
oidc_auto_onboard |
BOOLEAN |
Auto onboard the OIDC user |
[optional] |
oidc_extra_redirect_parms |
String |
Extra parameters to add when redirect request to OIDC provider |
[optional] |
robot_token_duration |
Integer |
The robot account token duration in days |
[optional] |
robot_name_prefix |
String |
The rebot account name prefix |
[optional] |
notification_enable |
BOOLEAN |
Enable notification |
[optional] |
quota_per_project_enable |
BOOLEAN |
Enable quota per project |
[optional] |
storage_per_project |
Integer |
The storage quota per project |
[optional] |