fix: Gitea Traefik routing and connection pool optimization
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
- Remove middleware reference from Gitea Traefik labels (caused routing issues) - Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s) - Add explicit service reference in Traefik labels - Fix intermittent 504 timeouts by improving PostgreSQL connection handling Fixes Gitea unreachability via git.michaelschiemer.de
This commit is contained in:
120
scripts/deployment/setup-gitea-secrets-with-token.sh
Executable file
120
scripts/deployment/setup-gitea-secrets-with-token.sh
Executable file
@@ -0,0 +1,120 @@
|
||||
#!/bin/bash
|
||||
# Set Gitea Repository Secrets with Token
|
||||
# Usage: ./scripts/setup-gitea-secrets-with-token.sh <GITEA_TOKEN>
|
||||
# or: GITEA_TOKEN=xxx ./scripts/setup-gitea-secrets-with-token.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
GITEA_URL="${GITEA_URL:-https://git.michaelschiemer.de}"
|
||||
REPO_OWNER="${REPO_OWNER:-michael}"
|
||||
REPO_NAME="${REPO_NAME:-michaelschiemer}"
|
||||
GITEA_TOKEN="${1:-${GITEA_TOKEN:-}}"
|
||||
|
||||
# Colors
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
echo -e "${BLUE}=== Gitea Repository Secrets Setup ===${NC}"
|
||||
echo ""
|
||||
echo "Repository: ${REPO_OWNER}/${REPO_NAME}"
|
||||
echo "Gitea URL: ${GITEA_URL}"
|
||||
echo ""
|
||||
|
||||
# Check if token is provided
|
||||
if [ -z "$GITEA_TOKEN" ]; then
|
||||
echo -e "${RED}❌ Fehler: GITEA_TOKEN nicht angegeben${NC}"
|
||||
echo ""
|
||||
echo "Verwendung:"
|
||||
echo " $0 <GITEA_TOKEN>"
|
||||
echo " oder:"
|
||||
echo " GITEA_TOKEN=<token> $0"
|
||||
echo ""
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Function to create/update secret via API
|
||||
set_secret() {
|
||||
local secret_name=$1
|
||||
local secret_value=$2
|
||||
|
||||
echo -n "Setting $secret_name... "
|
||||
|
||||
# Base64 encode the secret value
|
||||
local encoded_value=$(printf '%s' "$secret_value" | base64 | tr -d '\n')
|
||||
|
||||
# Gitea API endpoint: PUT /repos/{owner}/{repo}/actions/secrets/{secretname}
|
||||
local response=$(curl -s -w "\n%{http_code}" \
|
||||
-X PUT \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/actions/secrets/${secret_name}" \
|
||||
-d "{
|
||||
\"data\": \"${encoded_value}\"
|
||||
}" 2>&1)
|
||||
|
||||
local http_code=$(echo "$response" | tail -n1)
|
||||
local body=$(echo "$response" | sed '$d')
|
||||
|
||||
if [ "$http_code" = "204" ] || [ "$http_code" = "201" ]; then
|
||||
echo -e "${GREEN}✅ OK${NC}"
|
||||
return 0
|
||||
elif [ "$http_code" = "404" ]; then
|
||||
echo -e "${YELLOW}⚠️ Repository oder Token-Berechtigung fehlt${NC}"
|
||||
echo "Response: $body"
|
||||
return 1
|
||||
else
|
||||
echo -e "${RED}❌ FAILED (HTTP $http_code)${NC}"
|
||||
echo "Response: $body"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Get registry password (default)
|
||||
REGISTRY_PASSWORD="${REGISTRY_PASSWORD:-registry-secure-password-2025}"
|
||||
|
||||
# Get SSH private key
|
||||
if [ -f ~/.ssh/production ]; then
|
||||
SSH_PRIVATE_KEY=$(cat ~/.ssh/production)
|
||||
echo -e "${GREEN}✓ SSH private key gefunden${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ SSH private key nicht gefunden in ~/.ssh/production${NC}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "Testing API connection..."
|
||||
|
||||
# Test API connection first
|
||||
test_response=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
"${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}")
|
||||
|
||||
if [ "$test_response" != "200" ]; then
|
||||
echo -e "${RED}❌ API-Verbindung fehlgeschlagen (HTTP $test_response)${NC}"
|
||||
echo ""
|
||||
echo "Mögliche Probleme:"
|
||||
echo "- Token ungültig oder fehlende Berechtigungen"
|
||||
echo "- Repository nicht gefunden: ${REPO_OWNER}/${REPO_NAME}"
|
||||
echo "- Netzwerkproblem"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo -e "${GREEN}✅ API-Verbindung erfolgreich${NC}"
|
||||
echo ""
|
||||
echo "Setting secrets..."
|
||||
echo ""
|
||||
|
||||
# Set secrets
|
||||
set_secret "REGISTRY_USER" "admin"
|
||||
set_secret "REGISTRY_PASSWORD" "$REGISTRY_PASSWORD"
|
||||
set_secret "SSH_PRIVATE_KEY" "$SSH_PRIVATE_KEY"
|
||||
|
||||
echo ""
|
||||
echo -e "${GREEN}=== Secrets Setup Complete ===${NC}"
|
||||
echo ""
|
||||
echo "Prüfe Secrets in Gitea UI:"
|
||||
echo "${GITEA_URL}/${REPO_OWNER}/${REPO_NAME}/settings/secrets/actions"
|
||||
echo ""
|
||||
Reference in New Issue
Block a user