fix: Gitea Traefik routing and connection pool optimization
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
- Remove middleware reference from Gitea Traefik labels (caused routing issues) - Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s) - Add explicit service reference in Traefik labels - Fix intermittent 504 timeouts by improving PostgreSQL connection handling Fixes Gitea unreachability via git.michaelschiemer.de
This commit is contained in:
@@ -45,6 +45,44 @@
|
||||
}}
|
||||
no_log: true
|
||||
|
||||
- name: Generate REGISTRY_HTTP_SECRET if not set
|
||||
set_fact:
|
||||
registry_http_secret: "{{ lookup('password', '/dev/null length=64 chars=hexdigits') }}"
|
||||
no_log: true
|
||||
|
||||
- name: Check if Registry .env file exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ registry_stack_path }}/.env"
|
||||
register: registry_env_file
|
||||
|
||||
- name: Read existing REGISTRY_HTTP_SECRET from .env if exists
|
||||
ansible.builtin.shell: |
|
||||
grep '^REGISTRY_HTTP_SECRET=' "{{ registry_stack_path }}/.env" 2>/dev/null | cut -d'=' -f2- || echo ''
|
||||
register: existing_registry_secret
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
when: registry_env_file.stat.exists
|
||||
no_log: true
|
||||
|
||||
- name: Use existing REGISTRY_HTTP_SECRET if available
|
||||
set_fact:
|
||||
registry_http_secret: "{{ existing_registry_secret.stdout | default(registry_http_secret) }}"
|
||||
when:
|
||||
- registry_env_file.stat.exists
|
||||
- existing_registry_secret.stdout | default('') | string | trim != ''
|
||||
no_log: true
|
||||
|
||||
- name: Create or update Registry .env file
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ registry_stack_path }}/.env"
|
||||
regexp: '^REGISTRY_HTTP_SECRET='
|
||||
line: "REGISTRY_HTTP_SECRET={{ registry_http_secret }}"
|
||||
create: yes
|
||||
mode: '0600'
|
||||
owner: "{{ ansible_user }}"
|
||||
group: "{{ ansible_user }}"
|
||||
no_log: true
|
||||
|
||||
- name: Create Registry htpasswd file if missing
|
||||
shell: |
|
||||
docker run --rm --entrypoint htpasswd httpd:2 -Bbn {{ registry_username }} {{ registry_password }} > {{ registry_auth_path }}/htpasswd
|
||||
|
||||
Reference in New Issue
Block a user