viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

infra: fix containerd forgejo-registry redirect .200->.203 (+skip_verify)

Browse source 
Traefik moved off shared .200 to its dedicated .203 on 2026-05-30, but the
containerd hosts.toml redirect for forgejo.viktorbarzin.me still pointed at the
now-dead .200:443 -> every FRESH forgejo pull failed (cached images kept
running, so it stayed hidden until a new image tag was pulled). Retarget to
.203 and add skip_verify (node dials Traefik by IP; cert is for
forgejo.viktorbarzin.me) in both the new-node cloud-init and existing-node
deploy scripts. Already rolled to all 7 nodes (rewrite + restart containerd,
no drain). Doc fix in .claude/CLAUDE.md.
This commit is contained in:
Viktor Barzin 2026-06-01 20:48:09 +00:00
parent 82855848d1
commit a382683c0e
3 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/create-template-vm/k8s-node-containerd-setup.sh
View file

@ -57,8 +57,9 @@ mkdir -p /etc/containerd/certs.d/forgejo.viktorbarzin.me
cat > /etc/containerd/certs.d/forgejo.viktorbarzin.me/hosts.toml <<'FORGEJO'
server = "https://forgejo.viktorbarzin.me"
[host."https://10.0.20.200"]
[host."https://10.0.20.203"]
capabilities = ["pull", "resolve"]
skip_verify = true
FORGEJO
# quay.io + registry.k8s.io: include mirror configs that match node4's