Micha/homelab-infra
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: Micha/homelab-infra:c677ef051581522ddce326ed8b494c48017a27db
Branches Tags
Micha/homelab-infra:master Micha/homelab-infra:renovate/minor-patch-updates
Micha/homelab-infra:audit-2026-05-25-baseline
...
compare: Micha/homelab-infra:7da64ff3165eb0c903a01eef748512fcf8781e05
Branches Tags
Micha/homelab-infra:renovate/minor-patch-updates Micha/homelab-infra:master
Micha/homelab-infra:audit-2026-05-25-baseline

6 Commits
c677ef0515 ... 7da64ff316

Author SHA1 Message Date
Micha 7da64ff316 Add healthcheck to Authelia (authelia helper health-check) 
Authelia ships its own health-check binary subcommand since 4.37+.
Avoids needing wget/curl in the container.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:51 +02:00
Micha 12b63531d1 Add healthcheck to Traefik (ping endpoint) 
Enable --ping=true and use traefik healthcheck --ping. Lightweight
binary call inside the container, no extra tooling needed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:51 +02:00
Micha 3daea94982 Add healthcheck to Gitea (/api/healthz) 
Gitea exposes /api/healthz unauthenticated. 60s start_period
because Gitea sqlite migration on cold start can take a while.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:51 +02:00
Micha 0ca29069c7 Add healthcheck to Vaultwarden (/alive) 
Vaultwarden exposes /alive for liveness. wget --spider, 30s
interval, 30s start_period.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:50 +02:00
Micha eedb08316d Add healthcheck to Redis (redis-cli ping with auth) 
Tier-1 health visibility for the shared Redis. Uses redis-cli with
the password from the mounted secret, fails on anything but PONG.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:50 +02:00
Micha 54a7a0e783 Add healthcheck to postgresql17 (pg_isready) 
Tier-1 health visibility for shared Postgres cluster. pg_isready
against the admin DB; 30s interval, 30s start_period.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-29 15:09:50 +02:00
6 changed files with 40 additions and 0 deletions
Expand all files Collapse all files
core/gitea/docker-compose.yml
+6
View File
@@ -26,6 +26,12 @@ services:
- "222:22"
networks:
- frontend_net
healthcheck:
test: ["CMD-SHELL", "wget -q --spider http://localhost:3000/api/healthz || exit 1"]
interval: 30s
timeout: 5s
retries: 5
start_period: 60s
labels:
- "traefik.enable=true"
- "traefik.docker.network=frontend_net"
infra/postgresql17/docker-compose.yml
+7
View File
@@ -21,6 +21,13 @@ services:
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD-SHELL", "pg_isready -U mailarchiver -d mailarchiver"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
networks:
backend_net:
external: true
infra/redis/docker-compose.yml
+7
View File
@@ -18,6 +18,13 @@ services:
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD-SHELL", "redis-cli -a \"$$(cat /run/secrets/redis_password)\" --no-auth-warning ping | grep -q PONG"]
interval: 30s
timeout: 5s
retries: 5
start_period: 15s
networks:
backend_net:
external: true
security/authelia/docker-compose.yml
+6
View File
@@ -26,6 +26,12 @@ services:
- backend_net
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "authelia", "helper", "health-check"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
labels:
- "traefik.enable=true"
- "traefik.docker.network=frontend_net"
security/vaultwarden/docker-compose.yml
+7
View File
@@ -24,6 +24,13 @@ services:
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD-SHELL", "wget -q --spider http://localhost:80/alive || exit 1"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
labels:
- traefik.enable=true
- traefik.docker.network=frontend_net
traefik/docker-compose.yml
+7
View File
@@ -8,6 +8,7 @@ services:
command:
- --api.dashboard=true
- --api.insecure=false
- --ping=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=frontend_net
@@ -46,6 +47,12 @@ services:
- frontend_net
- backend_net
- monitoring_net
healthcheck:
test: ["CMD", "traefik", "healthcheck", "--ping"]
interval: 30s
timeout: 5s
retries: 3
start_period: 30s
labels:
- traefik.enable=true
- traefik.docker.network=frontend_net