web-app-pretix: fix healthcheck and allowed hosts

- Add Host header to curl healthcheck when container_hostname is defined - Use PRETIX_PRETIX_ALLOWED_HOSTS to fix Django 400 Bad Request during healthcheck - Centralize PRETIX_HOSTNAME from container_hostname var - Add Redis broker/result backend config for Celery See: https://chatgpt.com/share/68b59c42-c0fc-800f-9bfb-f1137c59b3de
2025-10-31 18:29:21 +00:00 · 2025-09-01 15:15:04 +02:00
parent 6fa4d00547
commit 9f734dff17
3 changed files with 23 additions and 6 deletions
--- a/roles/web-app-pretix/templates/env.j2
+++ b/roles/web-app-pretix/templates/env.j2
@@ -1,5 +1,6 @@
 ## Pretix core
 PRETIX_PRETIX_INSTANCE_NAME="{{ PRIMARY_DOMAIN | upper }} Tickets"
+PRETIX_PRETIX_ALLOWED_HOSTS="{{ PRETIX_HOSTNAME }},127.0.0.1,localhost"
 PRETIX_PRETIX_URL="{{ PRETIX_URL }}"
 PRETIX_PRETIX_AUTH_BACKENDS="pretix.base.auth.NativeAuthBackend{% if PRETIX_OIDC_ENABLED %},pretix_oidc.auth.OIDCAuthBackend{% endif %}"

@@ -16,12 +17,16 @@ PRETIX_DATABASE_PORT="{{ database_port }}"
 PRETIX_WEB_CONCURRENCY="{{ POSTGRES_ALLOWED_AVG_CONNECTIONS }}"
 PRETIX_WORKER_THREADS="{{ (POSTGRES_ALLOWED_AVG_CONNECTIONS | int // 2 ) }}"

+{% if PRETIX_REDIS_ENABLED %}
 ## Redis
-PRETIX_REDIS_LOCATION="redis://redis:6379/1"
 PRETIX_REDIS_SESSIONS="true"
+PRETIX_REDIS_LOCATION="redis://redis:6379/{{ PRETIX_REDIS_CACHE_DB }}"
+CELERY_BROKER_URL="redis://redis:6379/{{ PRETIX_REDIS_BROKER_DB }}"
+CELERY_RESULT_BACKEND="redis://redis:6379/{{ PRETIX_REDIS_RESULT_DB }}"
+{% endif %}

-## OIDC (plugin)
 {% if PRETIX_OIDC_ENABLED %}
+## OIDC (plugin)
 PRETIX_OIDC_TITLE="{{ PRETIX_OIDC_LABEL | replace('\"','\\\"') }}"
 PRETIX_OIDC_ISSUER="{{ PRETIX_OIDC_ISSUER }}"
 PRETIX_OIDC_AUTHORIZATION_ENDPOINT="{{ PRETIX_OIDC_AUTH_URL }}"
--- a/roles/web-app-pretix/vars/main.yml
+++ b/roles/web-app-pretix/vars/main.yml
@@ -2,12 +2,14 @@
 application_id:                 "web-app-pretix"
 database_type:                  "postgres"
 container_port:                 80
+container_hostname:             "{{ domains | get_domain(application_id) }}"

-# URLs
+# Pretix
+## URLs
 PRETIX_URL:                     "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
-PRETIX_HOSTNAME:                "{{ domains | get_domain(application_id) }}"
+PRETIX_HOSTNAME:                "{{ container_hostname }}"

-# OIDC (mirrors GitLab’s pattern)
+## OIDC (mirrors GitLab’s pattern)
 PRETIX_OIDC_ENABLED:            "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
 PRETIX_OIDC_LABEL:              "{{ OIDC.BUTTON_TEXT }}"
 PRETIX_OIDC_CLIENT_ID:          "{{ OIDC.CLIENT.ID }}"
@@ -22,7 +24,13 @@ PRETIX_OIDC_SCOPES:             "openid,email,profile"
 # Use Keycloak username claim by default (plugin default is 'sub')
 PRETIX_OIDC_UNIQUE_ATTRIBUTE:   "{{ OIDC.ATTRIBUTES.USERNAME }}"

-# Docker
+## Redis
+PRETIX_REDIS_ENABLED:           "{{ applications | get_app_conf(application_id, 'docker.services.redis.enabled') }}"
+PRETIX_REDIS_CACHE_DB:          1
+PRETIX_REDIS_BROKER_DB:         0
+PRETIX_REDIS_RESULT_DB:         2
+
+## Docker
 PRETIX_IMAGE_CUSTOM:            "pretix_custom"
 PRETIX_IMAGE:                   "{{ applications | get_app_conf(application_id, 'docker.services.pretix.image') }}"
 PRETIX_VERSION:                 "{{ applications | get_app_conf(application_id, 'docker.services.pretix.version') }}"