12d9fc06e5
This commit resolves Docker Hub rate limiting issues on all servers by: 1. Adding Docker Hub authentication support to Diun configuration 2. Making watchRepo configurable (disabled to reduce API calls) 3. Creating automation to deploy changes across all 17 servers Changes: - Enhanced diun.yml.j2 template to support: - Configurable watchRepo setting (defaults to true for compatibility) - Docker Hub authentication via regopts when credentials provided - Created 260124-configure-diun-watchrepo.yml playbook to: - Disable watchRepo (only checks specific tags vs entire repo) - Enable Docker Hub authentication (5000 pulls/6h vs 100/6h) - Change schedule to weekly (Monday 6am UTC) - Created configure-diun-all-servers.sh automation script with: - Proper SOPS age key file path handling - Per-server SSH key management - Sequential deployment across all servers - Fixed Authentik OIDC provider meta_launch_url to use client_domain Successfully deployed to all 17 servers (bever, das, egel, haas, kikker, kraai, mees, mol, mus, otter, ree, specht, uil, valk, vos, wolf, zwaan). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
77 lines
2.1 KiB
Django/Jinja
77 lines
2.1 KiB
Django/Jinja
---
|
|
# Diun configuration for {{ inventory_hostname }}
|
|
# Documentation: https://crazymax.dev/diun/
|
|
|
|
db:
|
|
path: /data/diun.db
|
|
|
|
watch:
|
|
workers: {{ diun_watch_workers }}
|
|
schedule: "{{ diun_schedule }}"
|
|
firstCheckNotif: {{ diun_first_check_notif | lower }}
|
|
|
|
defaults:
|
|
watchRepo: {{ diun_watch_repo | default(true) | lower }}
|
|
notifyOn:
|
|
- new
|
|
- update
|
|
|
|
{% if diun_docker_hub_username is defined and diun_docker_hub_password is defined %}
|
|
regopts:
|
|
- selector: image
|
|
username: {{ diun_docker_hub_username }}
|
|
password: {{ diun_docker_hub_password }}
|
|
{% endif %}
|
|
|
|
providers:
|
|
docker:
|
|
watchByDefault: {{ diun_watch_all | lower }}
|
|
{% if diun_exclude_containers | length > 0 %}
|
|
excludeContainers:
|
|
{% for container in diun_exclude_containers %}
|
|
- {{ container }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
notif:
|
|
{% if diun_notif_enabled and diun_notif_type == 'webhook' and diun_webhook_endpoint %}
|
|
webhook:
|
|
endpoint: {{ diun_webhook_endpoint }}
|
|
method: {{ diun_webhook_method }}
|
|
timeout: 10s
|
|
{% if diun_webhook_headers | length > 0 %}
|
|
headers:
|
|
{% for key, value in diun_webhook_headers.items() %}
|
|
{{ key }}: {{ value }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if diun_slack_webhook_url %}
|
|
slack:
|
|
webhookURL: {{ diun_slack_webhook_url }}
|
|
{% endif %}
|
|
|
|
{% if diun_email_enabled and diun_smtp_username_final is defined and diun_smtp_password_final is defined and diun_smtp_password_final != '' %}
|
|
mail:
|
|
host: {{ diun_smtp_host }}
|
|
port: {{ diun_smtp_port }}
|
|
ssl: false
|
|
insecureSkipVerify: false
|
|
username: {{ diun_smtp_username_final }}
|
|
password: {{ diun_smtp_password_final }}
|
|
from: {{ diun_smtp_from }}
|
|
to: {{ diun_smtp_to }}
|
|
{% endif %}
|
|
|
|
{% if diun_matrix_enabled and diun_matrix_homeserver_url and diun_matrix_user and diun_matrix_room_id %}
|
|
matrix:
|
|
homeserverURL: {{ diun_matrix_homeserver_url }}
|
|
user: "{{ diun_matrix_user }}"
|
|
{% if diun_matrix_access_token %}
|
|
accessToken: {{ diun_matrix_access_token }}
|
|
{% elif diun_matrix_password %}
|
|
password: "{{ diun_matrix_password }}"
|
|
{% endif %}
|
|
roomID: "{{ diun_matrix_room_id }}"
|
|
{% endif %}
|