intern/docker_homeassistant/templates/config/configuration.yaml

@@ -801,12 +801,6 @@ automation ansible:
     triggers: []
     conditions: []
     actions:
-      - action: light.turn_on
-        metadata: {}
-        data:
-          brightness_pct: 50
-        target:
-          device_id: c4f8f83fb287ba7b1d66b674a1564c75
       - delay:
           hours: 0
           minutes: 3

webserver/docker_gitlab/templates/conf/gitlab.rb

@@ -757,6 +757,9 @@ registry_external_url 'https://{{ domain_registry }}'
 # gitlab_rails['registry_port'] = "5005"
 # gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
 gitlab_rails['registry_enabled'] = true
+#gitlab_rails['registry_host'] = "{{ domain_registry }}"
+#gitlab_rails['registry_port'] = ""
+#gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
 
 # Notification secret, it's used to authenticate notification requests to GitLab application
 # You only need to change this when you use external Registry service, otherwise
@@ -765,12 +768,15 @@ gitlab_rails['registry_enabled'] = true
 
 ###! **Do not change the following 3 settings unless you know what you are
 ###!   doing**
-# gitlab_rails['registry_api_url'] = "http://localhost:5000"
+gitlab_rails['registry_api_url'] = "http://localhost:5000"
 # gitlab_rails['registry_key_path'] = "/var/opt/gitlab/gitlab-rails/certificate.key"
 # gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
 
 ### Settings used by Registry application
 registry['enable'] = true
+registry['registry_http_addr'] = "0.0.0.0:5000"
+# registry['log_directory'] = "/var/log/gitlab/registry"
+
 # registry['username'] = "registry"
 # registry['group'] = "registry"
 # registry['uid'] = nil
@@ -807,6 +813,19 @@ registry['enable'] = true
 #   }
 # }
 
+# registry['storage'] = {
+#   'filesystem' => {
+#     'rootdirectory' => "/var/opt/gitlab/gitlab-rails/shared/registry"
+#   },
+#   'delete' => {
+#     'enabled' => true
+#   },
+#   'cache' => {
+#     'blobdescriptor' => 'inmemory'
+#   }
+# }
+
+
 ### Registry notifications endpoints
 # registry['notifications'] = [
 #   {
@@ -1300,6 +1319,10 @@ registry['enable'] = true
 # nginx['redirect_http_to_https'] = false
 # nginx['redirect_http_to_https_port'] = 80
 
+# Increase maximal header size, needed for registry to work
+nginx['client_max_body_size'] = "500m"
+nginx['large_client_header_buffers'] = "8 32k"
+
 ##! Most root CA's are included by default
 # nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/ca.crt"
 
@@ -1755,6 +1778,7 @@ registry_nginx['enable'] = true
 
 registry_nginx['listen_port'] = 5005
 registry_nginx['listen_https'] = false
+registry_nginx['proxy_pass'] = "http://localhost:5000"
 
 registry_nginx['proxy_set_headers'] = {
   "Host" => "$http_host",
@@ -1764,6 +1788,20 @@ registry_nginx['proxy_set_headers'] = {
   "X-Forwarded-Ssl" => "on"
 }
 
+# Increase maximal header size, needed for registry to work
+registry_nginx['client_max_body_size'] = "500m"
+registry_nginx['large_client_header_buffers'] = "8 32k"
+
+# Konfiguriere zusätzliche Nginx-Parameter für Registry
+registry_nginx['custom_gitlab_server_config'] = "
+  client_header_buffer_size 64k;
+  proxy_buffer_size 64k;
+  proxy_buffers 8 64k;
+  proxy_busy_buffers_size 64k;
+  proxy_connect_timeout 300s;
+  proxy_read_timeout 300s;
+"
+
 ################################################################################
 ## Prometheus
 ##! Docs: https://docs.gitlab.com/ee/administration/monitoring/prometheus/

webserver/docker_gitlab/templates/docker-compose.yml

@@ -2,7 +2,8 @@ services:
 
   app:
 
-    image: gitlab/gitlab-ce:latest
+    # Version pinned due to upgrade problems with 17.9.x  
+    image: gitlab/gitlab-ce:17.8.6-ce.0
     restart: always
     ports:
       - "444:22"
@@ -24,6 +25,8 @@ services:
       - traefik.http.routers.{{ servicename }}_registry.entrypoints=websecure
       - traefik.http.routers.{{ servicename }}_registry.service={{ servicename }}_registry
       - traefik.http.services.{{ servicename }}_registry.loadbalancer.server.port=5005
+      - traefik.http.middlewares.registry-headers.headers.customRequestHeaders.Host={{ domain_registry }}
+      - traefik.http.routers.{{ servicename }}_registry.middlewares=registry-headers
     networks:
       - default
       - web