michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36ef2a1e2cf1c2592c11158ab1a6901e968c7fe3
michaelschiemer/deployment/ansible/playbooks/BUILD-INITIAL-IMAGE.md
Michael Schiemer 36ef2a1e2c
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Details
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Details
fix: Gitea Traefik routing and connection pool optimization 
- Remove middleware reference from Gitea Traefik labels (caused routing issues)
- Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s)
- Add explicit service reference in Traefik labels
- Fix intermittent 504 timeouts by improving PostgreSQL connection handling

Fixes Gitea unreachability via git.michaelschiemer.de
2025-11-09 14:46:15 +01:00

2.2 KiB
Raw Blame History

Build Initial Image - Anleitung

Übersicht

Dieses Playbook baut das initiale Docker Image für das Framework und pusht es ins lokale Registry (localhost:5000).

Voraussetzungen

  1. Registry muss laufen: Das Registry muss bereits deployed sein (via setup-infrastructure.yml)
  2. Vault-Passwort: vault_docker_registry_password muss im Vault-File gesetzt sein
  3. Git-Zugriff: Der Server muss Zugriff auf das Git-Repository haben

Verwendung

Standard (main branch)

cd deployment/ansible

ansible-playbook -i inventory/production.yml \
  playbooks/build-initial-image.yml \
  --vault-password-file secrets/.vault_pass

Mit spezifischem Branch

ansible-playbook -i inventory/production.yml \
  playbooks/build-initial-image.yml \
  --vault-password-file secrets/.vault_pass \
  -e "build_repo_branch=staging"

Mit spezifischem Image-Tag

ansible-playbook -i inventory/production.yml \
  playbooks/build-initial-image.yml \
  --vault-password-file secrets/.vault_pass \
  -e "build_image_tag=v1.0.0"

Was das Playbook macht

  1. Lädt Vault-Secrets (Registry-Credentials)
  2. Klont/aktualisiert das Git-Repository
  3. Prüft, ob Dockerfile.production existiert
  4. Loggt sich beim Registry ein
  5. Baut das Docker Image
  6. Pusht das Image ins Registry
  7. Verifiziert, dass das Image existiert

Nach dem Build

Nach erfolgreichem Build kannst du das Application-Stack deployen:

ansible-playbook -i inventory/production.yml \
  playbooks/setup-infrastructure.yml \
  --vault-password-file secrets/.vault_pass

Troubleshooting

Registry-Login schlägt fehl

  • Prüfe, ob vault_docker_registry_password im Vault-File gesetzt ist
  • Prüfe, ob das Registry läuft: docker ps | grep registry
  • Prüfe, ob der Registry erreichbar ist: curl http://localhost:5000/v2/

Dockerfile.production nicht gefunden

  • Prüfe, ob der Branch existiert: git ls-remote --heads <repo-url>
  • Prüfe, ob Dockerfile.production im Repository existiert

Build schlägt fehl

  • Prüfe Docker-Logs auf dem Server
  • Prüfe, ob genug Speicherplatz vorhanden ist: df -h
  • Prüfe, ob Docker Buildx installiert ist: docker buildx version
Reference in New Issue View Git Blame Copy Permalink