fix: Gitea Traefik routing and connection pool optimization
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
- Remove middleware reference from Gitea Traefik labels (caused routing issues) - Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s) - Add explicit service reference in Traefik labels - Fix intermittent 504 timeouts by improving PostgreSQL connection handling Fixes Gitea unreachability via git.michaelschiemer.de
This commit is contained in:
36
scripts/ssl/generate_ssl_certificates.sh
Executable file
36
scripts/ssl/generate_ssl_certificates.sh
Executable file
@@ -0,0 +1,36 @@
|
||||
#!/bin/bash
|
||||
# Generiert selbstsignierte Zertifikate für die lokale Entwicklung
|
||||
|
||||
mkdir -p ssl
|
||||
|
||||
# Generiere Root-CA
|
||||
openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 \
|
||||
-keyout ssl/rootCA.key -out ssl/rootCA.pem \
|
||||
-subj "/C=DE/ST=Berlin/L=Berlin/O=Development/CN=Local Development CA"
|
||||
|
||||
# Generiere localhost-Zertifikat
|
||||
openssl req -new -nodes -newkey rsa:2048 \
|
||||
-keyout ssl/localhost+2-key.pem -out ssl/localhost.csr \
|
||||
-subj "/C=DE/ST=Berlin/L=Berlin/O=Development/CN=localhost"
|
||||
|
||||
# Konfigurationsdatei für Alternativen Namen
|
||||
cat > ssl/localhost.ext << EOF
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
basicConstraints=CA:FALSE
|
||||
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
|
||||
subjectAltName = @alt_names
|
||||
|
||||
[alt_names]
|
||||
DNS.1 = localhost
|
||||
DNS.2 = *.localhost
|
||||
IP.1 = 127.0.0.1
|
||||
EOF
|
||||
|
||||
# Signiere das Zertifikat
|
||||
openssl x509 -req -in ssl/localhost.csr \
|
||||
-CA ssl/rootCA.pem -CAkey ssl/rootCA.key -CAcreateserial \
|
||||
-out ssl/localhost+2.pem -days 500 \
|
||||
-sha256 -extfile ssl/localhost.ext
|
||||
|
||||
echo "SSL certificates generated:"
|
||||
ls -la ssl/
|
||||
Reference in New Issue
Block a user