Adding a custom private library to catalog

Is there a way to create a custom, private library (aka templates) to add to the catalog?

For example I’d like to allow employees at my company to quickly spin up stack with a predefined set of services, how they’re linked, some default env variables etc. But I don’t want to make this a public template. In fact some of the service docker images refer to a private hub, which wouldn’t work for public anyway.

Yes, we have docs on how to create your own private catalog. Whatever URL you use to add your catalog into Rancher just needs to git clone to be able to handle.

http://docs.rancher.com/rancher/latest/en/catalog/#creating-private-catalogs

Thanks! I didn’t find it myself :frowning:

The documentation says:

The URL needs to one that git clone can handle.

But it doesn’t explain how to handle private repos. Any way to add an SSH key to Rancher to be able to clone from private repos?

Just did this myself, though I don’t know that Rancher officially supports it.

For myself, to make it easy, I temporarily disabled auth on our private repo and set it up with plain http.
Then I exec’d into the running rancher-server container and created an ssh keypair. I updated the git config file directly to switch to ssh (the repos are in /var/log/cattle/DATA/) then did one manual git pull so I could accept the host key.

edit:
To clarify, I disabled authentication on my repo so I could figure out where the repo ends up. You can do this without disabling authentication:

  1. exec into your rancher server container (docker exec -i -t <container-id> /bin/sh)
  2. ssh-keygen
  3. provide id_rsa.pub to your git repo
  4. cd /var/lib/cattle/DATA
  5. mkdir <catalog-alias>
  6. git clone <your repo> <catalog-alias>
  7. add the git repo to Rancher via the webUI using the same catalog alias and git URI you used above.

They do have a feature request open to support this directly:

Thanks! I ended up doing this also. Very curious if upgrading my rancher master container will retain this config, but TBH it’s not that hard to re-do if it breaks.

Added my +1 to issue #3248