michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9289344379b43c04bd4248fb6ae16f3ca91bc54a
michaelschiemer/deployment/ansible/templates/application.env.j2
Michael Schiemer 36ef2a1e2c
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 10m14s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details
Security Vulnerability Scan / Check for Dependency Changes (push) Failing after 11m25s
Details
Security Vulnerability Scan / Composer Security Audit (push) Has been cancelled
Details
fix: Gitea Traefik routing and connection pool optimization 
- Remove middleware reference from Gitea Traefik labels (caused routing issues)
- Optimize Gitea connection pool settings (MAX_IDLE_CONNS=30, authentication_timeout=180s)
- Add explicit service reference in Traefik labels
- Fix intermittent 504 timeouts by improving PostgreSQL connection handling

Fixes Gitea unreachability via git.michaelschiemer.de
2025-11-09 14:46:15 +01:00

86 lines
3.9 KiB
Django/Jinja
Raw Blame History

# Application Stack Environment Configuration
# Generated by Ansible - DO NOT EDIT MANUALLY
# Timezone
TZ={{ timezone | default('Europe/Berlin') }}
# Application Domain
APP_DOMAIN={{ app_domain | default('michaelschiemer.de') }}
# Application Settings
APP_ENV={{ app_env | default('production') }}
APP_DEBUG={{ app_debug | default('false') }}
APP_NAME={{ app_display_name | default(app_name | default('Framework') | replace('-', ' ') | title) }}
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
# APP_KEY is loaded from /run/secrets/app_key via APP_KEY_FILE
APP_KEY_FILE=/run/secrets/app_key
APP_TIMEZONE={{ app_timezone | default(timezone | default('Europe/Berlin')) }}
APP_LOCALE={{ app_locale | default('de') }}
APP_URL=https://{{ app_domain }}
APP_SSL_PORT={{ app_ssl_port | default('443') }}
FORCE_HTTPS={{ force_https | default('true') }}
# Database Configuration
# Using PostgreSQL from separate production/staging stacks
DB_DRIVER={{ db_driver | default('pgsql') }}
DB_HOST={{ db_host | default(db_host_default | default('postgres-production' if app_env == 'production' else 'postgres-staging' if app_env == 'staging' else 'postgres')) }}
DB_PORT={{ db_port | default('5432') }}
DB_DATABASE={{ db_name | default(db_name_default) }}
DB_USERNAME={{ db_user | default(db_user_default) }}
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
# DB_PASSWORD is loaded from /run/secrets/db_user_password via DB_PASSWORD_FILE
DB_PASSWORD_FILE=/run/secrets/db_user_password
DB_CHARSET={{ db_charset | default('utf8') }}
# Legacy variables (kept for backward compatibility)
DB_NAME={{ db_name | default(db_name_default) }}
DB_USER={{ db_user | default(db_user_default) }}
# DB_PASS is loaded from Docker Secret via DB_PASSWORD_FILE
# Redis Configuration
# Redis runs in this stack
REDIS_HOST={{ redis_host | default('redis') }}
REDIS_PORT={{ redis_port | default('6379') }}
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
# REDIS_PASSWORD is loaded from /run/secrets/redis_password via REDIS_PASSWORD_FILE
REDIS_PASSWORD_FILE=/run/secrets/redis_password
# Security Configuration
SECURITY_ALLOWED_HOSTS={{ security_allowed_hosts | default('localhost,' ~ app_domain ~ ',www.' ~ app_domain) }}
SECURITY_RATE_LIMIT_PER_MINUTE={{ security_rate_limit_per_minute | default('30') }}
SECURITY_RATE_LIMIT_BURST={{ security_rate_limit_burst | default('5') }}
# Cache Configuration
CACHE_DRIVER={{ cache_driver | default('redis') }}
CACHE_PREFIX={{ cache_prefix | default('app') }}
# Session Configuration
SESSION_DRIVER={{ session_driver | default('redis') }}
SESSION_LIFETIME={{ session_lifetime | default('1800') }}
# Queue Worker Configuration
QUEUE_DRIVER={{ queue_driver | default('redis') }}
QUEUE_CONNECTION={{ queue_connection | default('default') }}
QUEUE_WORKER_SLEEP={{ queue_worker_sleep | default('3') }}
QUEUE_WORKER_TRIES={{ queue_worker_tries | default('3') }}
QUEUE_WORKER_TIMEOUT={{ queue_worker_timeout | default('60') }}
# Vault / Encryption
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
# VAULT_ENCRYPTION_KEY is loaded from /run/secrets/vault_encryption_key via VAULT_ENCRYPTION_KEY_FILE
VAULT_ENCRYPTION_KEY_FILE=/run/secrets/vault_encryption_key
# APP_KEY is loaded from /run/secrets/app_key via APP_KEY_FILE
APP_KEY_FILE=/run/secrets/app_key
# Git Repository Configuration (optional - if set, container will clone/pull code on start)
GIT_REPOSITORY_URL={{ git_repository_url | default('') }}
GIT_BRANCH={{ git_branch | default('main') }}
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
# GIT_TOKEN is loaded from /run/secrets/git_token via GIT_TOKEN_FILE
GIT_TOKEN_FILE=/run/secrets/git_token
GIT_USERNAME={{ git_username | default('') }}
GIT_PASSWORD={{ git_password | default('') }}
# MinIO Object Storage Configuration (optional)
MINIO_ROOT_USER={{ minio_root_user | default('minioadmin') }}
MINIO_ROOT_PASSWORD={{ minio_root_password | default('') }}
Reference in New Issue View Git Blame Copy Permalink