michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: prevent CI jobs from restarting Traefik
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 28s
Details
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 35s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 18s
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 17s
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m9s
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details

Browse Source 
- Add traefik_auto_restart check to fix-gitea-timeouts.yml
- Add traefik_auto_restart check to fix-gitea-ssl-routing.yml
- Add traefik_auto_restart check to fix-gitea-complete.yml
- Set traefik_auto_restart=false in all Gitea workflow Ansible calls
- Set gitea_auto_restart=false in all Gitea workflow Ansible calls
- Add redeploy-traefik-gitea.yml playbook for clean redeployment

This prevents CI/CD pipelines from causing Traefik restart loops by
ensuring all remediation playbooks respect the traefik_auto_restart
flag, which is set to false in group_vars/production/vars.yml.
This commit is contained in:
Michael Schiemer
2025-11-08 23:47:44 +01:00
parent a96bd41326
commit f548a0322c
5 changed files with 899 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
deployment/ansible/playbooks/fix-gitea-complete.yml Normal file
View File

@@ -0,0 +1,172 @@
---
# Fix Gitea Complete - Deaktiviert Runner, repariert Service Discovery
# Behebt Gitea-Timeouts durch: 1) Runner deaktivieren, 2) Service Discovery reparieren
- name: Fix Gitea Complete
hosts: production
gather_facts: yes
become: no
vars:
gitea_stack_path: "{{ stacks_base_path }}/gitea"
traefik_stack_path: "{{ stacks_base_path }}/traefik"
gitea_runner_path: "{{ stacks_base_path }}/../gitea-runner"
gitea_url: "https://{{ gitea_domain }}"
tasks:
- name: Check Gitea Runner status
ansible.builtin.shell: |
cd {{ gitea_runner_path }}
docker compose ps gitea-runner 2>/dev/null || echo "Runner not found"
register: runner_status
changed_when: false
failed_when: false
- name: Display Gitea Runner status
ansible.builtin.debug:
msg: |
================================================================================
Gitea Runner Status (Before):
================================================================================
{{ runner_status.stdout }}
================================================================================
- name: Stop Gitea Runner to reduce load
ansible.builtin.shell: |
cd {{ gitea_runner_path }}
docker compose stop gitea-runner
register: runner_stop
changed_when: runner_stop.rc == 0
failed_when: false
when: runner_status.rc == 0
- name: Check Gitea container status before restart
ansible.builtin.shell: |
cd {{ gitea_stack_path }}
docker compose ps gitea
register: gitea_status_before
changed_when: false
- name: Check Traefik container status before restart
ansible.builtin.shell: |
cd {{ traefik_stack_path }}
docker compose ps traefik
register: traefik_status_before
changed_when: false
- name: Restart Gitea container
ansible.builtin.shell: |
cd {{ gitea_stack_path }}
docker compose restart gitea
register: gitea_restart
changed_when: gitea_restart.rc == 0
- name: Wait for Gitea to be ready (direct check)
ansible.builtin.shell: |
cd {{ gitea_stack_path }}
for i in {1..30}; do
if docker compose exec -T gitea curl -f http://localhost:3000/api/healthz >/dev/null 2>&1; then
echo "Gitea is ready"
exit 0
fi
sleep 2
done
echo "Gitea not ready after 60 seconds"
exit 1
register: gitea_ready
changed_when: false
failed_when: false
- name: Restart Traefik to refresh service discovery
ansible.builtin.shell: |
cd {{ traefik_stack_path }}
docker compose restart traefik
register: traefik_restart
changed_when: traefik_restart.rc == 0
when: traefik_auto_restart | default(false) | bool
- name: Wait for Traefik to be ready
ansible.builtin.wait_for:
timeout: 30
delay: 2
changed_when: false
- name: Wait for Gitea to be reachable via Traefik (with retries)
ansible.builtin.uri:
url: "{{ gitea_url }}/api/healthz"
method: GET
status_code: [200]
validate_certs: false
timeout: 10
register: gitea_health_via_traefik
until: gitea_health_via_traefik.status == 200
retries: 15
delay: 2
changed_when: false
failed_when: false
- name: Check if Gitea is in Traefik service discovery
ansible.builtin.shell: |
cd {{ traefik_stack_path }}
docker compose exec -T traefik wget -qO- http://localhost:8080/api/http/services 2>/dev/null | grep -i "gitea" || echo "NOT_FOUND"
register: traefik_gitea_service_check
changed_when: false
failed_when: false
- name: Final status check
ansible.builtin.uri:
url: "{{ gitea_url }}/api/healthz"
method: GET
status_code: [200]
validate_certs: false
timeout: 10
register: final_status
changed_when: false
failed_when: false
- name: Summary
ansible.builtin.debug:
msg: |
================================================================================
ZUSAMMENFASSUNG - Gitea Complete Fix:
================================================================================
Aktionen:
- Gitea Runner: {% if runner_stop.changed | default(false) %}✅ Gestoppt{% else %} War nicht aktiv oder nicht gefunden{% endif %}
- Gitea Restart: {% if gitea_restart.changed %}✅ Durchgeführt{% else %} Nicht nötig{% endif %}
- Traefik Restart: {% if traefik_restart.changed %}✅ Durchgeführt{% else %} Nicht nötig{% endif %}
Gitea Ready Check:
- Direkt: {% if gitea_ready.rc == 0 %}✅ Bereit{% else %}❌ Nicht bereit{% endif %}
Final Status:
- Gitea via Traefik: {% if final_status.status == 200 %}✅ Erreichbar (Status: 200){% else %}❌ Nicht erreichbar (Status: {{ final_status.status | default('TIMEOUT') }}){% endif %}
- Traefik Service Discovery: {% if 'NOT_FOUND' not in traefik_gitea_service_check.stdout %}✅ Gitea gefunden{% else %}❌ Gitea nicht gefunden{% endif %}
{% if final_status.status == 200 and 'NOT_FOUND' not in traefik_gitea_service_check.stdout %}
✅ ERFOLG: Gitea ist jetzt über Traefik erreichbar!
URL: {{ gitea_url }}
Nächste Schritte:
1. Teste Gitea im Browser: {{ gitea_url }}
2. Wenn alles stabil läuft, kannst du den Runner wieder aktivieren:
cd {{ gitea_runner_path }} && docker compose up -d gitea-runner
3. Beobachte ob der Runner Gitea wieder überlastet
{% else %}
⚠️ PROBLEM: Gitea ist noch nicht vollständig erreichbar
Mögliche Ursachen:
{% if final_status.status != 200 %}
- Gitea antwortet nicht via Traefik (Status: {{ final_status.status | default('TIMEOUT') }})
{% endif %}
{% if 'NOT_FOUND' in traefik_gitea_service_check.stdout %}
- Traefik Service Discovery hat Gitea noch nicht erkannt
{% endif %}
Nächste Schritte:
1. Warte 1-2 Minuten und teste erneut: curl -k {{ gitea_url }}/api/healthz
2. Prüfe Traefik-Logs: cd {{ traefik_stack_path }} && docker compose logs traefik --tail=50
3. Prüfe Gitea-Logs: cd {{ gitea_stack_path }} && docker compose logs gitea --tail=50
4. Prüfe Service Discovery: cd {{ traefik_stack_path }} && docker compose exec -T traefik wget -qO- http://localhost:8080/api/http/services
{% endif %}
================================================================================