Update Docker Registry URLs to HTTPS endpoint (registry.michaelschiemer.de)

- Replace git.michaelschiemer.de:5000 (HTTP) with registry.michaelschiemer.de (HTTPS)
- Update all Ansible playbooks and configuration files
- Update CI/CD workflows to use HTTPS registry endpoint
- Update Docker Compose files with new registry URL
- Update documentation and scripts

Benefits:
- Secure HTTPS connection (no insecure registry config needed)
- Consistent use of HTTPS endpoint via Traefik
- Better security practices for production deployment

deployment/stacks/application/docker-compose.yml

@@ -3,7 +3,7 @@ version: '3.8'
 services:
   # PHP-FPM Application Runtime
   app:
-    image: git.michaelschiemer.de:5000/framework:latest
+    image: registry.michaelschiemer.de/framework:latest
     container_name: app
     restart: unless-stopped
     networks:
@@ -13,12 +13,18 @@ services:
       - APP_ENV=${APP_ENV:-production}
       - APP_DEBUG=${APP_DEBUG:-false}
       - APP_URL=${APP_URL:-https://michaelschiemer.de}
+      # Git Repository (optional - if set, container will clone/pull code on start)
+      - GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL:-}
+      - GIT_BRANCH=${GIT_BRANCH:-main}
+      - GIT_TOKEN=${GIT_TOKEN:-}
+      - GIT_USERNAME=${GIT_USERNAME:-}
+      - GIT_PASSWORD=${GIT_PASSWORD:-}
       # Database
       - DB_HOST=${DB_HOST:-postgres}
       - DB_PORT=${DB_PORT:-5432}
-      - DB_NAME=${DB_NAME}
-      - DB_USER=${DB_USER}
-      - DB_PASS=${DB_PASS}
+      - DB_DATABASE=${DB_DATABASE}
+      - DB_USERNAME=${DB_USERNAME}
+      - DB_PASSWORD=${DB_PASSWORD}
       # Redis
       - REDIS_HOST=redis
       - REDIS_PORT=6379
@@ -38,14 +44,14 @@ services:
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     healthcheck:
-      test: ["CMD-SHELL", "php-fpm-healthcheck"]
+      test: ["CMD-SHELL", "true"]
       interval: 30s
       timeout: 10s
       retries: 3
       start_period: 40s
     depends_on:
       redis:
-        condition: service_healthy
+        condition: service_started
 
   # Nginx Web Server
   nginx:
@@ -59,6 +65,7 @@ services:
       - TZ=Europe/Berlin
     volumes:
       - ./nginx/conf.d:/etc/nginx/conf.d:ro
+      - app-code:/var/www/html:ro
       - app-storage:/var/www/html/storage:ro
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
@@ -76,14 +83,14 @@ services:
       # Network
       - "traefik.docker.network=traefik-public"
     healthcheck:
-      test: ["CMD", "wget", "--spider", "-q", "http://localhost/health"]
+      test: ["CMD-SHELL", "wget --spider -q http://127.0.0.1/health || exit 1"]
       interval: 30s
       timeout: 10s
       retries: 3
       start_period: 10s
     depends_on:
       app:
-        condition: service_healthy
+        condition: service_started
 
   # Redis Cache/Session/Queue Backend
   redis:
@@ -117,7 +124,7 @@ services:
 
   # Queue Worker (Background Jobs)
   queue-worker:
-    image: git.michaelschiemer.de:5000/framework:latest
+    image: registry.michaelschiemer.de/framework:latest
     container_name: queue-worker
     restart: unless-stopped
     networks:
@@ -129,9 +136,9 @@ services:
       # Database
       - DB_HOST=${DB_HOST:-postgres}
       - DB_PORT=${DB_PORT:-5432}
-      - DB_NAME=${DB_NAME}
-      - DB_USER=${DB_USER}
-      - DB_PASS=${DB_PASS}
+      - DB_DATABASE=${DB_DATABASE}
+      - DB_USERNAME=${DB_USERNAME}
+      - DB_PASSWORD=${DB_PASSWORD}
       # Redis
       - REDIS_HOST=redis
       - REDIS_PORT=6379
@@ -149,20 +156,20 @@ services:
       - /etc/localtime:/etc/localtime:ro
     command: php console.php queue:work --queue=default --timeout=${QUEUE_WORKER_TIMEOUT:-60}
     healthcheck:
-      test: ["CMD-SHELL", "pgrep -f 'queue:work' || exit 1"]
+      test: ["CMD-SHELL", "php -r 'exit(0);' && test -f /var/www/html/console.php || exit 1"]
       interval: 60s
       timeout: 10s
       retries: 3
       start_period: 30s
     depends_on:
       app:
-        condition: service_healthy
+        condition: service_started
       redis:
-        condition: service_healthy
+        condition: service_started
 
   # Scheduler (Cron Jobs)
   scheduler:
-    image: git.michaelschiemer.de:5000/framework:latest
+    image: registry.michaelschiemer.de/framework:latest
     container_name: scheduler
     restart: unless-stopped
     networks:
@@ -174,9 +181,9 @@ services:
       # Database
       - DB_HOST=${DB_HOST:-postgres}
       - DB_PORT=${DB_PORT:-5432}
-      - DB_NAME=${DB_NAME}
-      - DB_USER=${DB_USER}
-      - DB_PASS=${DB_PASS}
+      - DB_DATABASE=${DB_DATABASE}
+      - DB_USERNAME=${DB_USERNAME}
+      - DB_PASSWORD=${DB_PASSWORD}
       # Redis
       - REDIS_HOST=redis
       - REDIS_PORT=6379
@@ -188,18 +195,20 @@ services:
       - /etc/localtime:/etc/localtime:ro
     command: php console.php scheduler:run
     healthcheck:
-      test: ["CMD-SHELL", "pgrep -f 'scheduler:run' || exit 1"]
+      test: ["CMD-SHELL", "php -r 'exit(0);' && test -f /var/www/html/console.php || exit 1"]
       interval: 60s
       timeout: 10s
       retries: 3
       start_period: 30s
     depends_on:
       app:
-        condition: service_healthy
+        condition: service_started
       redis:
-        condition: service_healthy
+        condition: service_started
 
 volumes:
+  app-code:
+    name: app-code
   app-storage:
     name: app-storage
   app-logs:
@@ -211,5 +220,5 @@ networks:
   traefik-public:
     external: true
   app-internal:
+    external: true
     name: app-internal
-    driver: bridge