joakim/rick-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve logging and infrastructure variable consistency

Browse Source 
Changes:
- Migrate Authentik to journald logging (remove file-based logs)
- Update Gitea to use infrastructure variables for PostgreSQL access
- Add comprehensive logging documentation to deployment guide
- Add infrastructure variable pattern guide to integration docs

Authentik Logging:
- Remove LogDriver=k8s-file from server and worker containers
- Remove logs directory creation from user setup tasks
- Update deployment guide with journald examples and JSON log patterns

Gitea Infrastructure Variables:
- Add infrastructure dependencies section to role defaults
- Replace hardcoded paths with postgresql_unix_socket_directories variable
- Replace hardcoded 'postgres' group with postgresql_client_group variable
- Add infrastructure variable validation in tasks
- Remove manual socket permission override (handled by infrastructure)

Documentation:
- Add journald logging best practices to service integration guide
- Add infrastructure variable pattern documentation with Gitea example
- Update Authentik deployment guide with journald commands and JSON filtering
- Document benefits: centralized logging, single source of truth, maintainability

Validated on arch-vps:
- Authentik logs accessible via journalctl and podman logs (identical output)
- Gitea user added to postgres-clients group (GID 962)
- No PostgreSQL socket permission errors after service restart
This commit is contained in:
Joakim
2025-12-14 17:16:21 +01:00
parent 3506e55016
commit 8e8aabd5e7
7 changed files with 259 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
roles/gitea/defaults/main.yml
View File

@@ -39,9 +39,10 @@ caddy_sites_enabled_dir: "/etc/caddy/sites-enabled"
# =================================================================
# Gitea manages its own database (Unix socket connection)
# Uses infrastructure variables for consistent socket path reference
gitea_db_type: "postgres"
gitea_db_host: "/run/postgresql" # Unix socket directory
gitea_db_port: 5432
gitea_db_host: "{{ postgresql_unix_socket_directories }}" # Unix socket from infrastructure
gitea_db_port: "{{ postgresql_port }}"
gitea_db_name: "gitea"
gitea_db_user: "gitea"
gitea_db_password: "{{ vault_gitea_db_password }}"
@@ -65,6 +66,16 @@ gitea_require_signin: false
# SSH settings
gitea_start_ssh_server: true
# =================================================================
# Infrastructure Dependencies (Read-only)
# =================================================================
# These variables reference infrastructure services defined by their roles
# Applications MUST NOT modify these values - they are provided by infrastructure
postgresql_unix_socket_directories: "/var/run/postgresql"
postgresql_client_group: "postgres-clients"
postgresql_port: 5432
# =================================================================
# Rick-Infra Integration Notes
# =================================================================