postgreql de quayadmin parola değişimi
quaydb=# CREATE EXTENSION pgcrypto;
CREATE EXTENSION
quaydb=# UPDATE "user"
quaydb-# SET password_hash = crypt('quayadmin', gen_salt('bf')), verified = true
quaydb-# WHERE username = 'quayadmin';
UPDATE 1
quaydb=#
config.yml
DISTRIBUTED_STORAGE_PREFERENCE: ["local_storage"]
DISTRIBUTED_STORAGE_CONFIG:
local_storage:
- LocalStorage
- storage_path: /opt/quay/storage
DB_URI: "postgresql://quayuser:quaypass@192.168.251.94:5432/quaydb"
DB_CONNECTION_ARGS:
autorollback: true
DATABASE_SECRET_KEY: quaypasssevretpak
SERVER_HOSTNAME: "quay.local.lab"
BUILDLOGS_REDIS:
host: "192.168.251.94"
password: "redispass"
port: 6379
USER_EVENTS_REDIS:
host: "192.168.251.94"
port: 6379
password: "redispass"
HOSTNAME: "quay.local.lab"
PREFERRED_URL_SCHEME: https
SSL_CERTIFICATE: /conf/stack/ssl/ssl.cert
SSL_PRIVATE_KEY: /conf/stack/ssl/ssl.key
SETUP_COMPLETE: true
CREATE_NAMESPACE_ON_PUSH: true
SUPER_USERS:
- "quayadmin"
FEATURE_MAILING: false
quay-olustur
¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬
#!/bin/bash
REDHAT_USERNAME="redhat@paycore.com" # Set your Red Hat username
REDHAT_PASSWORD='0Wp#ELCNFc=x!0Bg' # Set your Red Hat password
QUAY_USERNAME="redhat@paycore.com" # Set your Quay username
QUAY_PASSWORD='0Wp#ELCNFc=x!0Bg' # Set your Quay password
LOG_FILE="/var/log/quay-install.log"
QUAY_DIR="/opt/quay"
QUAY_IMAGE="registry.redhat.io/quay/quay-rhel8:v3.12.4-6"
POSTGRES_IMAGE="registry.redhat.io/rhel8/postgresql-13:latest"
REDIS_IMAGE="registry.redhat.io/rhel8/redis-6:latest"
# Log yazma fonksiyonu
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" | tee -a $LOG_FILE
}
deploy_quay() {
remove_existing_pod "quay"
log "Deploying Quay..."
podman run -d \
--name quay \
--restart=always \
-v ${QUAY_DIR}/config:/conf/stack:Z \
-v ${QUAY_DIR}/storage:/datastorage:Z \
-v ${QUAY_DIR}/config:/opt/quay/config:Z \
-e CONFIG_APP_PASSWORD=quaypass \
-e DATABASE_SECRET_KEY=quaydatasecret \
-e SERVER_HOSTNAME="quay.local.lab" \
-e DB_URI="postgresql://quayuser:quaypass@192.168.251.94:5432/quaydb" \
-e REDIS_HOST="192.168.251.94" \
-e REDIS_PASSWORD="redispass" \
-e SUPER_USERS="quayadmin" \
-p 80:8080 -p 443:8443 \
${QUAY_IMAGE} || {
log "ERROR: Failed to deploy Quay."
exit 1
}
log "Quay deployed successfully."
}
deploy_quay
exit 0
[root@bastion quay]# cat ssl.sh
#!/bin/bash
DOMAIN="bastion.local.lab"
CERT_DIR="/quay/config/ssl"
DAYS_VALID=3650
mkdir -p "$CERT_DIR"
# Geçici openssl config dosyası oluşturuluyor
OPENSSL_CNF=$(mktemp)
cat > "$OPENSSL_CNF" <<EOF
[req]
default_bits = 4096
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[dn]
C = TR
ST = Malatya
L = Hekimhan
O = MyLab
OU = Dev
CN = $DOMAIN
[req_ext]
subjectAltName = @alt_names
[alt_names]
DNS.1 = $DOMAIN
IP.1 = 10.253.10.10
IP.2 = 10.88.0.1
EOF
# Sertifika ve anahtar oluşturuluyor
openssl req -x509 -nodes -days "$DAYS_VALID" -newkey rsa:4096 \
-keyout "$CERT_DIR/ssl.key" \
-out "$CERT_DIR/ssl.cert" \
-config "$OPENSSL_CNF" -extensions req_ext
# Geçici dosya siliniyor
rm -f "$OPENSSL_CNF"
# Sonuç
if [[ -f "$CERT_DIR/ssl.cert" && -f "$CERT_DIR/ssl.key" ]]; then
echo "✅ SAN içeren SSL sertifikası başarıyla oluşturuldu:"
echo " - $CERT_DIR/ssl.cert"
echo " - $CERT_DIR/ssl.key"
else
echo "❌ Sertifika oluşturulamadı!"
exit 1
fi
[root@bastion quay]#
Hiç yorum yok:
Yorum Gönder