Update Zora configuration: add detailed runbook, reassign ai-stack to CT 120, and improve infrastructure documentation
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Successful in 8m7s
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Successful in 7m16s
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 1m48s
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Successful in 1m32s
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Successful in 8m7s
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Successful in 7m16s
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 1m48s
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Successful in 1m32s
This commit is contained in:
@@ -0,0 +1,73 @@
|
||||
---
|
||||
type: Session Log
|
||||
date: 2026-03-06
|
||||
agent: DevOps Engineer + Curator
|
||||
status: DONE
|
||||
---
|
||||
# Session Log: Zora — Vollständige Konfigurationsanalyse
|
||||
|
||||
## Ziel
|
||||
Ist-Zustand aller drei Zora-Systeme (Gitea CT 101, Runner VM 102, Meldestelle-Host VM 110)
|
||||
erfassen und ein vollständiges, ausführbares Konfigurationsrunbook erstellen.
|
||||
|
||||
---
|
||||
|
||||
## Erkenntnisse aus User-Feedback
|
||||
|
||||
### VM 102 (Gitea-Runner — `10.0.0.23`)
|
||||
| Punkt | Status | Detail |
|
||||
|:---|:---|:---|
|
||||
| `daemon.json` | ✅ OK | `insecure-registries: ["10.0.0.22:3000"]` gesetzt und verifiziert |
|
||||
| `gitea-runner.service` | ❌ FEHLT | Binary (`act_runner`) nie installiert — Service existiert nicht |
|
||||
|
||||
**Root Cause:** Der Gitea Actions Runner wurde bisher nur als Prozess gestartet (oder gar nicht),
|
||||
nie als systemd-Service mit Binary aus den offiziellen `act_runner`-Releases eingerichtet.
|
||||
|
||||
### Gitea CT 101 (`10.0.0.22`)
|
||||
| Punkt | Status |
|
||||
|:---|:---|
|
||||
| Registry-Packages (4x Images) | ✅ Vorhanden (Screenshot bestätigt) |
|
||||
| Org-Secrets `REGISTRY_USER` + `REGISTRY_TOKEN` | ✅ Gesetzt (Screenshot bestätigt) |
|
||||
|
||||
### VM 110 (Meldestelle-Host — `10.0.0.50`)
|
||||
| Punkt | Status | Detail |
|
||||
|:---|:---|:---|
|
||||
| `.env` befüllt | ⚠️ Teilweise | Echte Werte für Ports/Hostnamen OK, aber Passwörter sind noch Placeholder |
|
||||
| `backup.sh` / `deploy.sh` | ✅ Vorhanden | Scripts korrekt implementiert |
|
||||
| Stack gestartet | ❌ Offen | Erst nach Passwort-Fix starten |
|
||||
|
||||
**Kritisch:** `.env` enthält `pg-password`, `kc-password`, `gf-password` — **vor Stack-Start ersetzen!**
|
||||
|
||||
### Workflow `.gitea/workflows/docker-publish.yaml`
|
||||
| Punkt | Status |
|
||||
|:---|:---|
|
||||
| `docker/login-action@v3` | ✅ Aktiv |
|
||||
| Alter Workaround (config.json manuell) | ✅ Auskommentiert |
|
||||
| `max-parallel: 1` (OOM-Schutz) | ✅ Gesetzt |
|
||||
|
||||
---
|
||||
|
||||
## Durchgeführte Änderungen
|
||||
|
||||
### `docs/07_Infrastructure/runbooks/zora-setup-runbook.md` (neu → erweitert)
|
||||
- **Abschnitt 2** komplett überarbeitet: Ist-Status-Box, `daemon.json`-Verifikation als ✅-Schritt,
|
||||
vollständiger `act_runner`-Installationsworkflow (5 Schritte: Token → Binary → Register → Service → Bestätigung).
|
||||
- **Abschnitt 3.4**: Passwort-Warnung als prominenten Hinweis vor `nano .env`.
|
||||
- **Abschnitt 4 (Checkliste)**: Echten Stand eingetragen (✅/❌/⚠️ statt alle offen).
|
||||
|
||||
---
|
||||
|
||||
## Offene Aufgaben (nächste Session)
|
||||
|
||||
```
|
||||
[ ] VM 102: act_runner Binary laden (ARM64, v0.2.11)
|
||||
[ ] VM 102: Runner bei Gitea registrieren (Token aus Admin-UI)
|
||||
[ ] VM 102: gitea-runner.service anlegen + enable --now
|
||||
[ ] VM 102: Runner in Gitea als "Online" bestätigen
|
||||
[ ] VM 110: .env — Passwörter ersetzen (pg, kc, gf, valkey)
|
||||
[ ] VM 110: Stack starten (dc-infra → dc-backend → dc-ops)
|
||||
[ ] VM 110: Smoke-Tests (Keycloak Health, API-Gateway, Grafana)
|
||||
[ ] VM 110: Backup-Cron einrichten
|
||||
```
|
||||
|
||||
**Referenz:** `docs/07_Infrastructure/runbooks/zora-setup-runbook.md`
|
||||
Reference in New Issue
Block a user