Fix zot port and sync config, update plan with implementation details

- Change zot port from 5000 to 5050 (macOS ControlCenter uses 5000) - Fix sync config: use destination for namespacing, prefix ** for matching - Update tailscale_serve to use port 5050 - Add zot role to main playbook - Document implementation details in plan Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17 20:44:45 -08:00 · 2026-01-17 20:44:45 -08:00 · 1ee2863fc7
commit 1ee2863fc7
parent b62b10a60f
5 changed files with 13 additions and 3 deletions
--- a/ansible/playbooks/indri.yml
+++ b/ansible/playbooks/indri.yml
@ -99,6 +99,8 @@
      tags: devpi
    - role: devpi_metrics
      tags: devpi_metrics
+    - role: zot
+      tags: zot
    - role: plex_metrics
      tags: plex_metrics
    - role: postgresql
--- a/ansible/roles/tailscale_serve/defaults/main.yml
+++ b/ansible/roles/tailscale_serve/defaults/main.yml
@ -39,4 +39,4 @@ tailscale_serve_services:
  - name: svc:registry
    https:
      port: 443
-      upstream: http://localhost:5000
+      upstream: http://localhost:5050
--- a/ansible/roles/zot/defaults/main.yml
+++ b/ansible/roles/zot/defaults/main.yml
@ -3,7 +3,7 @@ zot_repo_dir: /Users/erichblume/code/3rd/zot
 zot_binary: "{{ zot_repo_dir }}/bin/zot-darwin-arm64"
 zot_data_dir: /Users/erichblume/zot
 zot_config_dir: /Users/erichblume/.config/zot
-zot_port: 5000
+zot_port: 5050
 zot_log_dir: /Users/erichblume/Library/Logs

 # Pull-through cache registries (on-demand sync)
--- a/ansible/roles/zot/templates/config.json.j2
+++ b/ansible/roles/zot/templates/config.json.j2
@ -20,7 +20,7 @@
 {% for registry in zot_sync_registries %}
        {
          "urls": ["{{ registry.url }}"],
-          "content": [{"prefix": "{{ registry.name }}/**"}],
+          "content": [{"prefix": "**", "destination": "/{{ registry.name }}"}],
          "onDemand": true,
          "tlsVerify": true
        }{% if not loop.last %},{% endif %}
--- a/plans/k8s-migration.md
+++ b/plans/k8s-migration.md
@ -324,6 +324,10 @@ ssh indri 'curl -s http://localhost:5000/v2/_catalog'
 # Expected: {"repositories":["docker.io/library/alpine"]}
 ```

+**Implementation Details:**
+- Changed port from 5000 to 5050 because macOS ControlCenter (AirPlay Receiver) uses port 5000 by default.
+- Fixed sync config: use `"content": [{"prefix": "**", "destination": "/{{ registry.name }}"}]` instead of `"prefix": "{{ registry.name }}/**"`. The destination rewrites the local path, while prefix `**` matches all upstream repos.
+
 ---

 ### Step 0.4: Add Zot to Tailscale Serve
@ -357,6 +361,10 @@ curl -s https://registry.tail8d86e.ts.net/v2/_catalog
 # Expected: {"repositories":["blumeops/test","docker.io/library/alpine"]}
 ```

+**Implementation Details:**
+- Changed upstream port from 5000 to 5050 (see Step 0.3 implementation details).
+- After running `tailscale serve`, the service must be approved in Tailscale admin console at https://login.tailscale.com/admin/services before it becomes accessible.
+
 ---

 ### Step 0.5: Create Zot Metrics Role