Michael Schiemer
36ef2a1e2c
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
- Remove middleware reference from Gitea Traefik labels (caused routing issues) - Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s) - Add explicit service reference in Traefik labels - Fix intermittent 504 timeouts by improving PostgreSQL connection handling Fixes Gitea unreachability via git.michaelschiemer.de
70 lines
2.9 KiB
YAML
70 lines
2.9 KiB
YAML
---
|
|
- name: Set PostgreSQL Production variables for template
|
|
ansible.builtin.set_fact:
|
|
postgres_db: "{{ postgresql_production_db_name }}"
|
|
postgres_user: "{{ postgresql_production_db_user }}"
|
|
postgres_password: "{{ postgresql_production_db_password }}"
|
|
backup_retention_days: "{{ postgresql_production_backup_retention_days }}"
|
|
backup_schedule: "{{ postgresql_production_backup_schedule }}"
|
|
no_log: yes
|
|
|
|
- name: Validate PostgreSQL Production password is set
|
|
ansible.builtin.fail:
|
|
msg: |
|
|
PostgreSQL Production password is not set!
|
|
|
|
Please ensure vault_db_password is defined in:
|
|
- {{ vault_file | default('inventory/group_vars/production/vault.yml') }}
|
|
|
|
Or pass it via extra vars:
|
|
-e "postgresql_production_db_password=your-password"
|
|
when: (postgresql_production_db_password | default('') | string | trim) == ''
|
|
|
|
- name: Create PostgreSQL Production .env file from vault secrets
|
|
ansible.builtin.template:
|
|
src: postgresql.env.j2
|
|
dest: "{{ postgresql_production_stack_path }}/.env"
|
|
mode: '0600'
|
|
|
|
- name: Deploy PostgreSQL Production stack
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ postgresql_production_stack_path }}"
|
|
state: present
|
|
pull: always
|
|
register: postgresql_production_compose_result
|
|
ignore_errors: yes
|
|
|
|
- name: Show PostgreSQL Production logs if deployment failed
|
|
shell: |
|
|
docker compose -f {{ postgresql_production_stack_path }}/docker-compose.yml logs --tail=50 postgres-production
|
|
register: postgresql_production_logs
|
|
changed_when: false
|
|
failed_when: false
|
|
when: postgresql_production_compose_result.failed | default(false)
|
|
|
|
- name: Display PostgreSQL Production logs on failure
|
|
ansible.builtin.debug:
|
|
msg: "{{ postgresql_production_logs.stdout_lines | default([]) }}"
|
|
when: postgresql_production_compose_result.failed | default(false)
|
|
|
|
- name: Check PostgreSQL Production container status
|
|
shell: |
|
|
docker compose -f {{ postgresql_production_stack_path }}/docker-compose.yml ps postgres-production | grep -Eiq "Up|running|healthy"
|
|
register: postgresql_production_state
|
|
changed_when: false
|
|
until: postgresql_production_state.rc == 0
|
|
retries: "{{ ((postgresql_production_wait_timeout | int) + (postgresql_production_wait_interval | int) - 1) // (postgresql_production_wait_interval | int) }}"
|
|
delay: "{{ postgresql_production_wait_interval | int }}"
|
|
failed_when: postgresql_production_state.rc != 0
|
|
when: not ansible_check_mode
|
|
|
|
- name: Fail if PostgreSQL Production deployment failed
|
|
ansible.builtin.fail:
|
|
msg: "PostgreSQL Production stack deployment failed. Check logs above for details."
|
|
when: postgresql_production_compose_result.failed | default(false)
|
|
|
|
- name: Record PostgreSQL Production deployment facts
|
|
set_fact:
|
|
postgresql_production_stack_changed: "{{ postgresql_production_compose_result.changed | default(false) }}"
|
|
postgresql_production_log_hint: ""
|