feat: CI/CD pipeline setup complete - Ansible playbooks updated, secrets configured, workflow ready

2025-10-31 01:39:24 +01:00
parent 55c04e4fd0
commit e26eb2aa12
601 changed files with 44184 additions and 32477 deletions
--- a/deployment/stacks/registry/docker-compose.yml
+++ b/deployment/stacks/registry/docker-compose.yml
@@ -0,0 +1,54 @@
+version: '3.8'
+
+services:
+  registry:
+    image: registry:2.8
+    container_name: registry
+    restart: unless-stopped
+    networks:
+      - traefik-public
+    ports:
+      - "127.0.0.1:5000:5000"
+    environment:
+      - TZ=Europe/Berlin
+      - REGISTRY_STORAGE_DELETE_ENABLED=true
+      - REGISTRY_AUTH=htpasswd
+      - REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
+      - REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
+      - REGISTRY_HTTP_SECRET=${REGISTRY_HTTP_SECRET}
+      # Storage configuration
+      - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry
+      # Garbage collection configuration (moved to config.yml if needed)
+    volumes:
+      - registry-data:/var/lib/registry
+      - ./auth:/auth:ro
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    labels:
+      - "traefik.enable=true"
+
+      # HTTP Router
+      - "traefik.http.routers.registry.rule=Host(`${REGISTRY_DOMAIN:-registry.michaelschiemer.de}`)"
+      - "traefik.http.routers.registry.entrypoints=websecure"
+      - "traefik.http.routers.registry.tls=true"
+      - "traefik.http.routers.registry.tls.certresolver=letsencrypt"
+
+      # Service
+      - "traefik.http.services.registry.loadbalancer.server.port=5000"
+
+      # Middleware
+      - "traefik.http.routers.registry.middlewares=default-chain@file"
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "http://localhost:5000/v2/"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+
+volumes:
+  registry-data:
+    name: registry-data
+
+networks:
+  traefik-public:
+    external: true