From 2a6a02163fb956a2424e07dc4abaca420411e531 Mon Sep 17 00:00:00 2001
From: Peter Kurfer <peter@icb4dc0.de>
Date: Mon, 24 Mar 2025 15:05:36 +0100
Subject: [PATCH] feat(harbor): configure encryption key

---
 harbor/config/secret.encryption.yaml | Bin 0 -> 433 bytes
 harbor/config/values.harbor.yaml     |   3 ++-
 harbor/kustomization.yaml            |   1 +
 harbor/resources/http_routes.yaml    |  24 +++++++++++++++++++++++-
 4 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 harbor/config/secret.encryption.yaml

diff --git a/harbor/config/secret.encryption.yaml b/harbor/config/secret.encryption.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b3ecf6f4f5dca7818c29fec0486299f429c2c9bc
GIT binary patch
literal 433
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR2FFfuhYv{XoSG1JeF3QGw!k220P%+z-*
z@No@_^2?~w4o{BoEKc$@^T{g9&P;L*^W`!q^DK!9jVy}tEzSsw@F~bFbkBA*4s~+N
z2uU;cO35`bb;$~IDKJb82t~3Xy}ZQ7$2%xHuq>p&$ILOqrO?;NB;UO}J*hM_B-_+4
z-@mvpFta$y-yoaI%PYybDxxqk+q^6!FEuJVDk3q$$IUaOz#u6sHNT*;G%u<&*rmcd
z+%TO>S65dd(j?3^EzLF3E8QtKqR1@N(zwc~BGJUi)5NLVC)cz%)ZaWM(?8!RFE5*m
z?R?>cSBqUPUC0z<3;M5jIxp#sciVf5-*qfLN<Pn$^bc(evUzti{EyNW;oUjbYD=6y
zD(g(W`)=>wcgl8A$yysL^|=qpyE;2aYDm8dos`C~o#W5x%jS_+C;#cQSBacdaM5_j
z^Gwc99(7NQUv8b%wsnqv-*TthN8+9}C2c&uv2036bF;s}y3Dz}YgYD!ez_Vk@z=V8
Z_e-Chm^)QKUE@^O-hPH@Cz2gb0svjQt9AeY

literal 0
HcmV?d00001

diff --git a/harbor/config/values.harbor.yaml b/harbor/config/values.harbor.yaml
index 8a99608..58bc36c 100644
--- a/harbor/config/values.harbor.yaml
+++ b/harbor/config/values.harbor.yaml
@@ -1,9 +1,10 @@
 externalURL: https://registry.icb4dc0.de
+existingSecretSecretKey: harbor-encryption
 
 database:
   type: external
   external:
-    host: app-cluster-pooler-rw.postgres.svc
+    host: app-cluster-rw.postgres.svc
     username: harbor-twpkvp
     coreDatabase: harbor
     existingSecret: db-credentials-harbor
diff --git a/harbor/kustomization.yaml b/harbor/kustomization.yaml
index 3c17fe6..13461d8 100644
--- a/harbor/kustomization.yaml
+++ b/harbor/kustomization.yaml
@@ -29,6 +29,7 @@ images:
 resources:
   - resources/ns.yaml
   - config/secret.s3.yaml
+  - config/secret.encryption.yaml
   - resources/db/db.yaml
   - resources/db/user.yaml
   - resources/dragonfly/db.yaml
diff --git a/harbor/resources/http_routes.yaml b/harbor/resources/http_routes.yaml
index e0f1a99..a7a57fb 100644
--- a/harbor/resources/http_routes.yaml
+++ b/harbor/resources/http_routes.yaml
@@ -30,5 +30,27 @@ spec:
     - registry.icb4dc0.de
   rules:
     - backendRefs:
-        - name: harbor
+        - kind: Service
+          name: harbor-core
           port: 80
+      matches:
+        - path:
+            type: PathPrefix
+            value: "/api/"
+        - path:
+            type: PathPrefix
+            value: "/service/"
+        - path:
+            type: PathPrefix
+            value: "/v2/"
+        - path:
+            type: PathPrefix
+            value: "/c/"
+    - backendRefs:
+        - kind: Service
+          name: harbor-portal
+          port: 80
+      matches:
+        - path:
+            type: PathPrefix
+            value: "/"