fix: Configure Docker insecure registry and add GIT_BRANCH

- Add Docker daemon configuration to use HTTP for git.michaelschiemer.de:5000 registry
- Configure insecure-registries in /etc/docker/daemon.json
- Add GIT_BRANCH environment variable (staging for staging, main for production)
- Set default GIT_REPOSITORY_URL if not provided
- Fixes 'http: server gave HTTP response to HTTPS client' error
- Fixes missing GIT_BRANCH variable warnings

deployment/ansible/playbooks/deploy-image.yml

@@ -52,7 +52,13 @@
         minio_root_user: "{{ minio_root_user | default(vault_minio_root_user | default('minioadmin')) }}"
         minio_root_password: "{{ minio_root_password | default(vault_minio_root_password | default('')) }}"
         secrets_dir: "{{ secrets_dir | default('./secrets') }}"
-        git_repository_url: "{{ git_repository_url | default(vault_git_repository_url | default('')) }}"
+        git_repository_url: "{{ git_repository_url | default(vault_git_repository_url | default('https://git.michaelschiemer.de/michael/michaelschiemer.git')) }}"
+        git_branch: >-
+          {%- if deployment_environment == 'staging' -%}
+            staging
+          {%- else -%}
+            main
+          {%- endif -%}
         git_token: "{{ git_token | default(vault_git_token | default('')) }}"
         git_username: "{{ git_username | default(vault_git_username | default('')) }}"
         git_password: "{{ git_password | default(vault_git_password | default('')) }}"
@@ -168,6 +174,41 @@
       when: not env_file_exists.stat.exists
       become: yes
 
+    - name: Configure Docker to use HTTP for git.michaelschiemer.de:5000 registry
+      shell: |
+        # Check if insecure-registries is already configured
+        if ! grep -q "git.michaelschiemer.de:5000" /etc/docker/daemon.json 2>/dev/null; then
+          # Backup existing daemon.json
+          cp /etc/docker/daemon.json /etc/docker/daemon.json.bak 2>/dev/null || echo '{}' > /etc/docker/daemon.json.bak
+          # Add insecure-registries if not present
+          python3 << 'EOF'
+import json
+import sys
+try:
+    with open('/etc/docker/daemon.json', 'r') as f:
+        config = json.load(f)
+except (FileNotFoundError, json.JSONDecodeError):
+    config = {}
+if 'insecure-registries' not in config:
+    config['insecure-registries'] = []
+if 'git.michaelschiemer.de:5000' not in config['insecure-registries']:
+    config['insecure-registries'].append('git.michaelschiemer.de:5000')
+    with open('/etc/docker/daemon.json', 'w') as f:
+        json.dump(config, f, indent=2)
+    sys.exit(0)  # Changed
+sys.exit(1)  # No change
+EOF
+          # Restart Docker daemon if configuration changed
+          if [ $? -eq 0 ]; then
+            systemctl restart docker || service docker restart || true
+            sleep 2
+          fi
+        fi
+      become: yes
+      ignore_errors: yes
+      changed_when: false
+      failed_when: false
+
     - name: Deploy application stack with new image
       shell: |
         cd {{ application_code_dest }}
@@ -181,6 +222,7 @@
         MINIO_ROOT_PASSWORD: "{{ minio_root_password | default('') }}"
         SECRETS_DIR: "{{ secrets_dir | default('./secrets') }}"
         GIT_REPOSITORY_URL: "{{ git_repository_url | default('') }}"
+        GIT_BRANCH: "{{ git_branch | default('main') }}"
         GIT_TOKEN: "{{ git_token | default('') }}"
         GIT_USERNAME: "{{ git_username | default('') }}"
         GIT_PASSWORD: "{{ git_password | default('') }}"