This commit resolves Docker Hub rate limiting issues on all servers by:
1. Adding Docker Hub authentication support to Diun configuration
2. Making watchRepo configurable (disabled to reduce API calls)
3. Creating automation to deploy changes across all 17 servers
Changes:
- Enhanced diun.yml.j2 template to support:
- Configurable watchRepo setting (defaults to true for compatibility)
- Docker Hub authentication via regopts when credentials provided
- Created 260124-configure-diun-watchrepo.yml playbook to:
- Disable watchRepo (only checks specific tags vs entire repo)
- Enable Docker Hub authentication (5000 pulls/6h vs 100/6h)
- Change schedule to weekly (Monday 6am UTC)
- Created configure-diun-all-servers.sh automation script with:
- Proper SOPS age key file path handling
- Per-server SSH key management
- Sequential deployment across all servers
- Fixed Authentik OIDC provider meta_launch_url to use client_domain
Successfully deployed to all 17 servers (bever, das, egel, haas, kikker,
kraai, mees, mol, mus, otter, ree, specht, uil, valk, vos, wolf, zwaan).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
