michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Gitea Traefik routing and connection pool optimization
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Details
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Details

Browse Source 
- Remove middleware reference from Gitea Traefik labels (caused routing issues)
- Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s)
- Add explicit service reference in Traefik labels
- Fix intermittent 504 timeouts by improving PostgreSQL connection handling

Fixes Gitea unreachability via git.michaelschiemer.de
This commit is contained in:
Michael Schiemer
2025-11-09 14:46:15 +01:00
parent 85c369e846
commit 36ef2a1e2c
1366 changed files with 104925 additions and 28719 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
deployment/stacks/traefik/dynamic/gitea-router.yml Normal file
View File

@@ -0,0 +1,17 @@
# Gitea Router Configuration
# Router definition for Gitea using File Provider
http:
routers:
gitea:
rule: Host(`git.michaelschiemer.de`)
entryPoints:
- websecure
service: gitea
tls:
certResolver: letsencrypt
middlewares:
- security-headers-global
- gzip-compression
priority: 100

0
deployment/stacks/traefik/dynamic/gitea-service.yml → deployment/stacks/traefik/dynamic/gitea-service.yml.disabled
View File

9
deployment/stacks/traefik/dynamic/gitea-ssh.yml
View File

@@ -1,5 +1,7 @@
# TCP Router Configuration for Gitea SSH
# Routes SSH traffic on port 2222 to Gitea container
# Note: Gitea SSH is handled via port mapping in docker-compose.yml
# This file is kept for reference but may not be needed
tcp:
routers:
@@ -13,8 +15,5 @@ tcp:
gitea-ssh-service:
loadBalancer:
servers:
# Gitea container SSH service
# Note: Using container IP from gitea_gitea-internal network
# Traefik runs in host network mode, so we need the actual container IP
# IP address: 172.23.0.3 (gitea_gitea-internal network)
- address: "172.23.0.3:22"
# Use container name in bridge network mode
- address: "gitea:22"

20
deployment/stacks/traefik/dynamic/gitea.yml
View File

@@ -1,20 +0,0 @@
# Gitea configuration is now handled via Docker labels in docker-compose.yml
# This file is kept for reference but is not used
# Traefik will automatically discover Gitea via Docker labels and use the container IP
# when running in host network mode
#
# http:
# routers:
# gitea:
# rule: Host(`git.michaelschiemer.de`)
# entrypoints:
# - websecure
# service: gitea
# tls:
# certResolver: letsencrypt
# priority: 100
# services:
# gitea:
# loadBalancer:
# servers:
# - url: http://gitea:3000

9
deployment/stacks/traefik/dynamic/middlewares.yml
View File

@@ -43,14 +43,6 @@ http:
average: 200
burst: 100
period: 1s
# IP whitelist for admin services (example)
# Uncomment and adjust for production
# admin-whitelist:
# ipWhiteList:
# sourceRange:
# - "127.0.0.1/32"
# - "10.0.0.0/8"
# Chain multiple middlewares
default-chain:
@@ -65,4 +57,3 @@ http:
- security-headers-global
- gzip-compression
- rate-limit-strict
# - admin-whitelist # Uncomment for IP whitelisting