1、artifactory-pro部署
version: '3.7'
services:
artifactory:
image: releases-docker.jfrog.io/jfrog/artifactory-pro:7.55.8
container_name: artifactory
ports:
- 8082:8082 # for router communication
- 8081:8081 # for artifactory communication
volumes:
- ./data/artifactory/var:/var/opt/jfrog/artifactory
- /etc/localtime:/etc/localtime:ro
privileged: true
user: root
restart: always
logging:
driver: json-file
options:
max-size: "50m"
max-file: "10"
ulimits:
nproc: 65535
nofile:
soft: 32000
hard: 40000
networks:
application:
aliases:
- artifactory-pro
networks:
application:
name: commons
driver: bridge
2、数据库配置
配置路径 /opt/jfrog/artifactory/var/etc/system.yaml
## @formatter:off
## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE
## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
configVersion: 1
## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog
## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
## NOTE: The provided commented key and value is the default.
## SHARED CONFIGURATIONS
## A shared section for keys across all services in this config
shared:
## Security Configuration
security:
## Join key value for joining the cluster (takes precedence over 'joinKeyFile')
#joinKey: "<Your joinKey>"
## Join key file location
#joinKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/join.key>"
## Master key file location
## Generated by the product on first startup if not provided
#masterKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/master.key>"
## Maximum time to wait for key files (master.key and join.key)
#bootstrapKeysReadTimeoutSecs: 120
## Node Settings
node:
## A unique id to identify this node.
## Default: auto generated at startup.
#id: "art1"
## Default: auto resolved by startup script
#ip:
## Sets this node as primary in HA installation
#primary: true
## Sets this node as part of HA installation
#haEnabled: true
## Database Configuration
database:
## Example for postgresql
type: postgresql
## One of: mysql, oracle, mssql, postgresql, mariadb
## Default: Embedded derby
driver: org.postgresql.Driver
url: "jdbc:postgresql://postgres:5432/artifactory-pro"
username: root
password: a123456
2.1、postgres安装
version: '3.7'
services:
artifactory:
image: postgres:13.11
container_name: postgres
environment:
- TZ=Asia/Shanghai
- POSTGRES_USER=root
- POSTGRES_PASSWORD=a123456
volumes:
- ./data/:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime
ports:
- "5432:5432"
privileged: true
user: root
restart: always
logging:
driver: json-file
options:
max-size: "50m"
max-file: "10"
networks:
application:
aliases:
- postgres-sql
networks:
application:
name: commons
driver: bridge
3、nginx 配置
server {
listen 80;
server_name artifactory.jfrog.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name artifactory.jfrog.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate /etc/nginx/cert/jfrog.com.pem;
ssl_certificate_key /etc/nginx/cert/jfrog.com.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/$ /artifactory/webapp/ redirect;
rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect;
rewrite ^/(v2)/(.*) /artifactory/$1/$2;
chunked_transfer_encoding on;
client_max_body_size 0;
location /artifactory/ {
proxy_read_timeout 2400s;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
if ( $request_uri ~ ^/artifactory/(.*)$ ) {
proxy_pass http://10.10.0.20:8081/artifactory/$1;
}
proxy_pass http://10.10.0.20:8081/artifactory/;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /ui/ {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://10.10.0.20:8082/;
}
}