Update Docker Registry URLs to HTTPS endpoint (registry.michaelschiemer.de)

- Replace git.michaelschiemer.de:5000 (HTTP) with registry.michaelschiemer.de (HTTPS) - Update all Ansible playbooks and configuration files - Update CI/CD workflows to use HTTPS registry endpoint - Update Docker Compose files with new registry URL - Update documentation and scripts Benefits: - Secure HTTPS connection (no insecure registry config needed) - Consistent use of HTTPS endpoint via Traefik - Better security practices for production deployment
2025-10-31 14:35:39 +01:00
parent 82fb65eb00
commit c087d372c2
24 changed files with 1341 additions and 217 deletions
--- a/docker/mysql/conf.d/security.cnf
+++ b/docker/mysql/conf.d/security.cnf
@@ -1,51 +0,0 @@
-[mysqld]
-# Security Configuration for MariaDB
-# This file hardens the database server for production use
-
-# Network Security
-bind-address = 0.0.0.0
-skip-networking = false
-skip-name-resolve = true
-
-# Connection Security  
-max_connections = 100
-max_connect_errors = 10
-max_user_connections = 50
-
-# SSL/TLS Configuration (Enable in production)
-# ssl-ca = /etc/mysql/ssl/ca-cert.pem
-# ssl-cert = /etc/mysql/ssl/server-cert.pem  
-# ssl-key = /etc/mysql/ssl/server-key.pem
-# require_secure_transport = ON
-
-# Authentication Security
-default_authentication_plugin = mysql_native_password
-
-# Logging Security
-log-error = /var/log/mysql/error.log
-general_log = ON
-general_log_file = /var/log/mysql/general.log
-slow_query_log = ON
-slow_query_log_file = /var/log/mysql/slow.log
-long_query_time = 2
-
-# Disable dangerous functions
-secure_file_priv = ""
-local_infile = OFF
-
-# Performance & Resource Limits
-max_allowed_packet = 64M
-innodb_buffer_pool_size = 256M
-innodb_log_file_size = 64M
-query_cache_size = 64M
-query_cache_limit = 2M
-
-# Character Set
-character-set-server = utf8mb4
-collation-server = utf8mb4_unicode_ci
-
-[mysql]
-default-character-set = utf8mb4
-
-[client]
-default-character-set = utf8mb4