overmind
/
matrix-docker-ansible-deploy
espelhamento de https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Código Issues 0 Versões 0 Wiki Atividade
Ver código fonte

Make traefik-certs-dumper require the Traefik service to avoid race condition 

When both services restart simultaneously (e.g. in all-at-once mode),
Traefik may momentarily truncate or reinitialize acme.json, causing
the certs dumper to read an empty file and panic. By adding
Requires/After on the Traefik service, the certs dumper only starts
after Traefik is fully ready and acme.json is stable.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pull/4914/head
Slavi Pantaleev 2 semanas atrás
pai
59e70b8ca9
commit
bcddeda5df
1 arquivos alterados com 10 adições e 0 exclusões
Visão dividida
Opções de diferenças
Mostrar estatísticas Baixar arquivo de patch Baixar arquivo de diferenças
  1. +10
    -0
      group_vars/matrix_servers

+ 10
- 0
group_vars/matrix_servers Ver arquivo

@@ -5663,6 +5663,16 @@ traefik_certs_dumper_gid: "{{ matrix_user_gid }}"

traefik_certs_dumper_ssl_path: "{{ traefik_ssl_dir_path if traefik_enabled else '' }}"

# We make the certs dumper require the Traefik service (not just docker.service),
# because when both restart simultaneously (e.g. in all-at-once mode), Traefik may
# momentarily truncate or reinitialize acme.json, causing the certs dumper to read
# an empty file and panic. By requiring Traefik, the certs dumper only starts after
# Traefik is fully ready and acme.json is stable.
traefik_certs_dumper_systemd_required_services_list_auto: |
{{
([traefik_identifier + '.service'] if traefik_enabled else [])
}}

traefik_certs_dumper_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else traefik_certs_dumper_container_image_registry_prefix_upstream_default }}"

########################################################################


Escrever Pré-visualização
Carregando…
Cancelar
Salvar