dd072ded3c
fix: Use correct path for docker-compose files
...
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 34s
🚀 Build & Deploy Image / Build Docker Image (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been cancelled
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been cancelled
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been cancelled
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Security Vulnerability Scan / Check for Dependency Changes (push) Has been cancelled
- Change stacks_base_path_default from /home/deploy to /home/deploy/deployment/stacks
- Matches actual server directory structure where stacks are located
2025-11-08 15:25:57 +01:00
f7bac92b64
fix: Resolve recursive loop in stacks_base_path variable
...
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 30s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 13s
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 54s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 54s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Use stacks_base_path_default instead of self-reference
- Fixes 'Recursive loop detected' error in install-composer-dependencies playbook
2025-11-08 15:19:37 +01:00
eeaf025fed
fix: Define stacks_base_path variable with default value
...
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 29s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 13s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 29s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 12s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 52s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Add stacks_base_path variable with default '/home/deploy'
- Fixes 'stacks_base_path is undefined' error in install-composer-dependencies playbook
2025-11-08 15:16:24 +01:00
2e14557b21
fix: Handle case where destination exists but is not a git repo
...
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 13s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 27s
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 31s
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 13s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m22s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Check if destination directory exists separately from git repo check
- Remove directory if it exists but is not a git repository
- Prevents 'destination path already exists' error during clone
2025-11-08 15:12:06 +01:00
03f4d90ed0
fix: Remove unsupported owner/group parameters from git module
...
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 28s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 28s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 9s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 10s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 43s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- ansible.builtin.git no longer supports owner and group parameters
- Set ownership in separate file task after git operations
- Fixes 'Unsupported parameters' error
2025-11-08 15:08:52 +01:00
2f98c52300
refactor: Simplify git_repo_url logic
...
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 59s
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 26s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 10s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 12s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 48s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Use single set_fact task with ternary operator
- Cleaner and more efficient than multiple conditional tasks
2025-11-08 15:04:20 +01:00
163460c22e
fix: Use separate variable git_repo_url to avoid recursive loop
...
Security Vulnerability Scan / Check for Dependency Changes (push) Has been cancelled
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been cancelled
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been cancelled
🚀 Build & Deploy Image / Build Docker Image (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been cancelled
🚀 Build & Deploy Image / Determine Build Necessity (push) Has been cancelled
- Use git_repo_url instead of git_repository_url in tasks
- Set git_repo_url based on whether git_repository_url is provided
- This completely avoids the recursive loop issue
2025-11-08 15:04:04 +01:00
0ab3b6a799
fix: Set git_repository_url using set_fact to avoid recursive loop
...
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 33s
🚀 Build & Deploy Image / Build Docker Image (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been cancelled
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been cancelled
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been cancelled
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been cancelled
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Security Vulnerability Scan / Check for Dependency Changes (push) Has been cancelled
- Use set_fact task to set git_repository_url instead of vars section
- This prevents recursive loop when variable is referenced in tasks
2025-11-08 15:03:09 +01:00
acecc23cec
fix: Resolve recursive loop in git_repository_url variable
...
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 57s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 11s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m7s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 10s
- Change git_repository_url to use git_repository_url_default instead of self-reference
- Fixes 'Recursive loop detected in template' error in Ansible playbook
2025-11-08 14:59:16 +01:00
e8a26d7807
test: CI/CD pipeline staging test - Redis aktiviert, Bad Gateway dokumentiert
2025-11-07 20:54:44 +01:00
c088d08639
test: CI/CD pipeline staging test - Repository Setup automatisiert
2025-11-07 20:17:35 +01:00
1963b10749
feat: Integrate Ansible playbooks into CI/CD workflows
...
- Add deploy-application-code.yml for Git-based code deployment
- Add install-composer-dependencies.yml for dependency installation
- Add deploy-image.yml for Docker image deployment
- Update build-image.yml to use Ansible playbooks
- Update manual-deploy.yml to use Ansible playbooks
- Add ANSIBLE_VAULT_PASSWORD secret handling
2025-11-07 18:14:11 +01:00
95147ff23e
refactor(deployment): Remove WireGuard VPN dependency and restore public service access
...
Remove WireGuard integration from production deployment to simplify infrastructure:
- Remove docker-compose-direct-access.yml (VPN-bound services)
- Remove VPN-only middlewares from Grafana, Prometheus, Portainer
- Remove WireGuard middleware definitions from Traefik
- Remove WireGuard IPs (10.8.0.0/24) from Traefik forwarded headers
All monitoring services now publicly accessible via subdomains:
- grafana.michaelschiemer.de (with Grafana native auth)
- prometheus.michaelschiemer.de (with Basic Auth)
- portainer.michaelschiemer.de (with Portainer native auth)
All services use Let's Encrypt SSL certificates via Traefik.
2025-11-05 12:48:25 +01:00
f9b8cf9f33
feat: add API Gateway, RapidMail and Shopify integrations, update WireGuard configs, add Redis override and architecture docs
2025-11-04 23:08:17 +01:00
3ed2685e74
feat: add comprehensive framework features and deployment improvements
...
Major additions:
- Storage abstraction layer with filesystem and in-memory implementations
- Gitea API integration with MCP tools for repository management
- Console dialog mode with interactive command execution
- WireGuard VPN DNS fix implementation and documentation
- HTTP client streaming response support
- Router generic result type
- Parameter type validator for framework core
Framework enhancements:
- Console command registry improvements
- Console dialog components
- Method signature analyzer updates
- Route mapper refinements
- MCP server and tool mapper updates
- Queue job chain and dependency commands
- Discovery tokenizer improvements
Infrastructure:
- Deployment architecture documentation
- Ansible playbook updates for WireGuard client regeneration
- Production environment configuration updates
- Docker Compose local configuration updates
- Remove obsolete docker-compose.yml (replaced by environment-specific configs)
Documentation:
- PERMISSIONS.md for access control guidelines
- WireGuard DNS fix implementation details
- Console dialog mode usage guide
- Deployment architecture overview
Testing:
- Multi-purpose attribute tests
- Gitea Actions integration tests (typed and untyped)
2025-11-04 20:39:48 +01:00
02e4dc9338
feat(local-secrets): introduce unified local secrets management and documentation
...
- Add example secret files for `app_key`, `db_user_password`, and `redis_password`.
- Introduce `local.vault.yml.example` for Ansible Vault encryption of local secrets.
- Create migration and setup scripts for transitioning from `.env.local` to secrets files.
- Update `docker-compose.local.yml` to adopt Docker Secrets and `_FILE` pattern for local configurations.
- Add deployment playbooks and enhanced logging configurations for local development.
2025-11-04 11:06:21 +01:00
12afbe874d
refactor(container): simplify Redis pool initialization flow
...
- Remove redundant `$container` parameter in `RedisPoolInitializer` instantiation.
- Streamline container interactions for improved clarity and maintainability.
2025-11-04 02:43:45 +01:00
7a2cb0b63e
fix: staging deployment configuration and redis secrets handling
2025-11-03 00:15:43 +01:00
a5cd49bde7
feat(deployment): update semaphore configuration and deployment workflows
2025-11-02 20:46:18 +01:00
24cbbccf4c
feat: update deployment configuration and encrypted env loader
...
- Update Ansible playbooks and roles for application deployment
- Add new Gitea/Traefik troubleshooting playbooks
- Update Docker Compose configurations (base, local, staging, production)
- Enhance EncryptedEnvLoader with improved error handling
- Add deployment scripts (autossh setup, migration, secret testing)
- Update CI/CD workflows and documentation
- Add Semaphore stack configuration
2025-11-02 20:38:06 +01:00
7b7f0b41d2
chore: update VPN routing configuration and add Grafana VPN documentation
2025-11-02 18:10:04 +01:00
8344032fb6
feat: add Redis connection diagnostics, VPN routing fixes, and Traefik middleware updates
2025-11-02 15:58:30 +01:00
edcf509a4f
feat: add PHP ini management system and update infrastructure configs
...
- Add PHP ini management classes (Access, IniDirective, IniKey, PhpIni)
- Update deployment configurations (Wireguard, Traefik, Monitoring)
- Add DNS stack and Ansible role
- Add deployment debugging playbooks
- Update framework components (FilePath, RedisConnectionPool)
- Update .gitignore and documentation
2025-11-02 15:29:41 +01:00
871c5b842b
fix: ensure redis secrets flow from vault
2025-11-02 04:27:12 +01:00
e598309c48
feat: improve WireGuard client management and framework initialization
...
- Improve WireGuard client IP calculation logic (find next available IP)
- Add local wireguard-clients directory for storing client configs
- Integrate Redis pool into CacheInitializer
- Improve ContainerBootstrapper with better imports and Redis pool
- Add monitoring role tags for better task organization
- Update WireGuard documentation
- Store generated WireGuard client configs locally
2025-11-02 03:29:23 +01:00
4cec6dd8a0
fix: improve Redis connection error messages and add staging troubleshooting playbooks
...
- Improve Redis connection error message to include password info
- Add Ansible playbooks for staging 502 error troubleshooting
- check-staging-status.yml: Check nginx logs and upstream config
- fix-staging-502-verify.yml: Fix and verify nginx upstream configuration
2025-11-02 02:16:12 +01:00
cf0ad6e905
refactor: improve logging system and add deployment fixes
...
- Enhance logging handlers (Console, DockerJson, File, JsonFile, MultiFile)
- Improve exception and line formatters
- Update logger initialization and processor management
- Add Ansible playbooks for staging 502 error troubleshooting
- Update deployment documentation
- Fix serializer and queue components
- Update error kernel and queued log handler
2025-11-02 01:37:49 +01:00
2defdf2baf
chore: update staging branch with current changes
2025-11-02 00:05:26 +01:00
8381651876
fix: Korrigiere Nginx PHP-FPM Upstream-Konfiguration für Staging
...
- Fix upstream configuration in staging-nginx container
- Verbessere sed-Befehle zur automatischen Korrektur der PHP-FPM Upstream-Definition
- Behebt 502 Bad Gateway Fehler durch korrekte Verbindung zu staging-app:9000
2025-11-01 20:43:42 +01:00
2d99a23286
feat: add system maintenance automation
2025-11-01 19:56:42 +01:00
5a79646daf
chore: sync staging workspace
2025-11-01 19:02:09 +01:00
16d586ecdf
chore: Update deployment configuration and documentation
...
- Update Gitea configuration (remove DEFAULT_ACTIONS_URL)
- Fix deployment documentation
- Update Ansible playbooks
- Clean up deprecated files
- Add new deployment scripts and templates
2025-10-31 21:11:11 +01:00
891508f47c
Fix: Ansible group_vars werden jetzt automatisch geladen
...
- Erstelle Symlink für inventory/group_vars/production.yml
- Ansible lädt group_vars automatisch, wenn sie neben der Inventory-Datei liegen
- Entferne manuelle include_vars Aufrufe (werden später bereinigt)
- Test: Production Deployment Workflow
2025-10-31 20:11:40 +01:00
c087d372c2
Update Docker Registry URLs to HTTPS endpoint (registry.michaelschiemer.de)
...
- Replace git.michaelschiemer.de:5000 (HTTP) with registry.michaelschiemer.de (HTTPS)
- Update all Ansible playbooks and configuration files
- Update CI/CD workflows to use HTTPS registry endpoint
- Update Docker Compose files with new registry URL
- Update documentation and scripts
Benefits:
- Secure HTTPS connection (no insecure registry config needed)
- Consistent use of HTTPS endpoint via Traefik
- Better security practices for production deployment
2025-10-31 14:35:39 +01:00
4c76f54389
Fix: Always update docker-compose.yml to use localhost registry
...
- Ensure docker-compose.yml always uses localhost:5000 for registry access
- Fixes 'no basic auth credentials' error when docker-compose tries to pull images
- Registry only accessible via localhost, not external interface
2025-10-31 11:50:47 +01:00
252a6d9b38
Fix: Always restart stack on deployment to ensure code changes apply
...
- Remove condition that skipped restart when image already exists
- Ensures container restart even when using same image tag (latest)
- Critical for applying code fixes without rebuilding image
2025-10-31 11:50:09 +01:00
2c2db88ba6
Fix: Update docker-compose.yml image URLs to use localhost registry
...
- Update regex to match both localhost and external registry URLs
- Ensure docker-compose uses localhost:5000 for registry access
- Fixes connection refused errors when docker-compose pulls images
2025-10-31 11:47:38 +01:00
ceb86f6d1c
Fix: Use localhost for registry URL in Ansible deployment
...
- Registry only binds to 127.0.0.1:5000 (not external interface)
- Deployment runs on server, so localhost access is correct
- External access still available via Traefik (registry.michaelschiemer.de)
2025-10-31 11:46:49 +01:00
e66f98b84a
Fix: Resolve recursive variable reference in Ansible playbooks
...
- Fix infinite loop in docker_registry_username/docker_registry_password variables
- Use _default suffix variables in production.yml to avoid recursion
- Make docker registry login optional (ignore_errors) for cases where auth isn't needed
- Fix line endings in deploy.sh script
2025-10-31 11:31:43 +01:00
de8fed8711
feat: Complete deployment setup for code pushes
...
- Add pre-flight checks in deploy-update.yml
- Automatically copy docker-compose.yml and nginx config in setup-infrastructure.yml
- Add comprehensive deployment documentation
- Ready for automated code deployments via CI/CD pipeline
2025-10-31 10:31:56 +01:00
6deca7838e
chore: remove test trigger file
2025-10-31 04:14:18 +01:00
f2b375da27
Add automated .env file creation for monitoring stack via Ansible
...
- Add Jinja2 template for monitoring stack .env file
- Add Ansible tasks to generate passwords and create .env automatically
- Update vault example with monitoring credentials
- Remove manual deploy.sh script (using Ansible instead)
- Add app-internal network creation task
2025-10-31 01:59:40 +01:00
e26eb2aa12
feat: CI/CD pipeline setup complete - Ansible playbooks updated, secrets configured, workflow ready
2025-10-31 01:39:24 +01:00
55c04e4fd0
ci: setup CI/CD pipeline with Gitea Actions and secrets configuration
2025-10-31 01:31:44 +01:00
2a7b90312f
chore(deploy): add prod env template, improve ansible deploy, prune old workflows
...
- Add deployment/ansible/templates/.env.production.j2 used by secrets playbook
- Enhance deploy-update.yml to read registry creds from vault or CI
- Update production-deploy workflow to pass registry credentials to Ansible
- Remove obsolete GitHub-style workflows under .gitea (conflicted naming)
Why: make the production pipeline executable end-to-end with Ansible and
consistent secrets handling; avoid legacy CI configs interfering.
2025-10-30 21:38:28 +01:00
