Update all stable non-major dependencies

netbox(host): move to new network and hostname
renovate(host): move to new network and hostname
2026-01-09 02:15:47 +00:00 · 2026-01-09 03:05:29 +01:00 · 2026-01-07 18:46:27 +01:00 · 2026-01-07 18:46:16 +01:00
12 changed files with 25 additions and 25 deletions
--- a/.forgejo/workflows/lint.yaml
+++ b/.forgejo/workflows/lint.yaml
@ -24,7 +24,7 @@ jobs:
      # work in our environmnet.
      # Rather manually setup python (pip) before instead.
      - name: Run ansible-lint
-        uses: https://github.com/ansible/ansible-lint@v25.11.0
+        uses: https://github.com/ansible/ansible-lint@v25.12.2
        with:
          setup_python: "false"
          requirements_file: "requirements.yml"
--- a/inventories/chaosknoten/host_vars/netbox.yaml
+++ b/inventories/chaosknoten/host_vars/netbox.yaml
@ -1,5 +1,5 @@
 # renovate: datasource=github-releases depName=netbox packageName=netbox-community/netbox
-netbox__version: "v4.4.6"
+netbox__version: "v4.5.0"
 netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
 netbox__custom_pipeline_oidc_group_and_role_mapping: true
--- a/inventories/chaosknoten/hosts.yaml
+++ b/inventories/chaosknoten/hosts.yaml
@ -33,9 +33,9 @@ all:
      ansible_host: mumble.hamburg.ccc.de
      ansible_user: chaos
    netbox:
-      ansible_host: netbox-intern.hamburg.ccc.de
+      ansible_host: netbox.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    onlyoffice:
      ansible_host: onlyoffice.hosts.hamburg.ccc.de
      ansible_user: chaos
@ -67,13 +67,13 @@ all:
      ansible_user: chaos
      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
    sunders:
-      ansible_host: sunders-intern.hamburg.ccc.de
+      ansible_host: sunders.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    renovate:
-      ansible_host: renovate-intern.hamburg.ccc.de
+      ansible_host: renovate.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
 hypervisors:
  hosts:
    chaosknoten:
--- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
@ -2,7 +2,7 @@
 services:
  prometheus:
-    image: docker.io/prom/prometheus:v3.7.3
+    image: docker.io/prom/prometheus:v3.9.1
    container_name: prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
@ -19,7 +19,7 @@ services:
      - prom_data:/prometheus
  alertmanager:
-    image: docker.io/prom/alertmanager:v0.29.0
+    image: docker.io/prom/alertmanager:v0.30.0
    container_name: alertmanager
    command:
      - '--config.file=/etc/alertmanager/alertmanager.yaml'
@ -32,7 +32,7 @@ services:
      - alertmanager_data:/alertmanager
  grafana:
-    image: docker.io/grafana/grafana:12.3.0
+    image: docker.io/grafana/grafana:12.3.1
    container_name: grafana
    ports:
      - 3000:3000
@ -46,7 +46,7 @@ services:
      - graf_data:/var/lib/grafana
  pve-exporter:
-    image: docker.io/prompve/prometheus-pve-exporter:3.5.5
+    image: docker.io/prompve/prometheus-pve-exporter:3.8.0
    container_name: pve-exporter
    ports:
      - 9221:9221
@ -59,7 +59,7 @@ services:
      - /dev/null:/etc/prometheus/pve.yml
  loki:
-    image: docker.io/grafana/loki:3.6.0
+    image: docker.io/grafana/loki:3.6.3
    container_name: loki
    ports:
      - 13100:3100
--- a/resources/chaosknoten/netbox/nginx/netbox.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/netbox/nginx/netbox.hamburg.ccc.de.conf
@ -2,7 +2,7 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
--- a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
@ -4,7 +4,7 @@
 services:
  onlyoffice:
-    image: docker.io/onlyoffice/documentserver:9.1.0
+    image: docker.io/onlyoffice/documentserver:9.2.1
    restart: unless-stopped
    volumes:
      - "./onlyoffice/DocumentServer/logs:/var/log/onlyoffice"
--- a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
@ -13,7 +13,7 @@ services:
    restart: unless-stopped
  app:
-    image: quay.io/hedgedoc/hedgedoc:1.10.3
+    image: quay.io/hedgedoc/hedgedoc:1.10.5
    environment:
      - "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
      - "CMD_DOMAIN=pad.hamburg.ccc.de"
--- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
@ -23,7 +23,7 @@ services:
      - pretalx_net
  static:
-    image: docker.io/library/nginx:1.29.3
+    image: docker.io/library/nginx:1.29.4
    restart: unless-stopped
    volumes:
      - public:/usr/share/nginx/html
@ -33,7 +33,7 @@ services:
      - pretalx_net
  pretalx:
-    image: docker.io/pretalx/standalone:v2025.1.0
+    image: docker.io/pretalx/standalone:v2025.2.2
    entrypoint: gunicorn
    command:
      - "pretalx.wsgi"
@ -78,7 +78,7 @@ services:
      - pretalx_net
  celery:
-    image: docker.io/pretalx/standalone:v2025.1.0
+    image: docker.io/pretalx/standalone:v2025.2.2
    command:
      - taskworker
    restart: unless-stopped
--- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
@ -19,7 +19,7 @@ map $host $upstream_acme_challenge_host {
    matrix.hamburg.ccc.de 172.31.17.150:31820;
    mas.hamburg.ccc.de 172.31.17.150:31820;
    element-admin.hamburg.ccc.de 172.31.17.151:31820;
-    netbox.hamburg.ccc.de 172.31.17.167:31820;
+    netbox.hamburg.ccc.de netbox.hosts.hamburg.ccc.de:31820;
    onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:31820;
    pad.hamburg.ccc.de pad.hosts.hamburg.ccc.de:31820;
    pretalx.hamburg.ccc.de 172.31.17.157:31820;
@ -29,7 +29,7 @@ map $host $upstream_acme_challenge_host {
    wiki.hamburg.ccc.de wiki.hosts.hamburg.ccc.de:31820;
    www.hamburg.ccc.de 172.31.17.151:31820;
    tickets.hamburg.ccc.de 172.31.17.148:31820;
-    sunders.hamburg.ccc.de 172.31.17.170:31820;
+    sunders.hamburg.ccc.de sunders.hosts.hamburg.ccc.de:31820;
    zammad.hamburg.ccc.de 172.31.17.152:31820;
    eh03.easterhegg.eu 172.31.17.151:31820;
    eh05.easterhegg.eu 172.31.17.151:31820;
--- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
@ -32,7 +32,7 @@ stream {
        onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:8443;
        hackertours.hamburg.ccc.de 172.31.17.151:8443;
        staging.hackertours.hamburg.ccc.de 172.31.17.151:8443;
-        netbox.hamburg.ccc.de 172.31.17.167:8443;
+        netbox.hamburg.ccc.de netbox.hosts.hamburg.ccc.de:8443;
        matrix.hamburg.ccc.de 172.31.17.150:8443;
        mas.hamburg.ccc.de 172.31.17.150:8443;
        element-admin.hamburg.ccc.de 172.31.17.151:8443;
@ -43,7 +43,7 @@ stream {
        staging.hamburg.ccc.de 172.31.17.151:8443;
        spaceapi.hamburg.ccc.de 172.31.17.151:8443;
        tickets.hamburg.ccc.de 172.31.17.148:8443;
-        sunders.hamburg.ccc.de 172.31.17.170:8443;
+        sunders.hamburg.ccc.de sunders.hosts.hamburg.ccc.de:8443;
        zammad.hamburg.ccc.de 172.31.17.152:8443;
        c3cat.de 172.31.17.151:8443;
        www.c3cat.de 172.31.17.151:8443;
--- a/resources/chaosknoten/sunders/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/sunders/docker_compose/compose.yaml.j2
@ -3,7 +3,7 @@
 services:
  db:
-    image: mariadb:12.0.2
+    image: mariadb:12.1.2
    command: --max_allowed_packet=3250585600
    environment:
      MYSQL_ROOT_PASSWORD: "{{ secret__sunders_db_root_password }}"
--- a/resources/chaosknoten/sunders/nginx/sunders.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/sunders/nginx/sunders.hamburg.ccc.de.conf
@ -2,7 +2,7 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
Author	SHA1	Message	Date
Renovate	c27288b1f5	Update all stable non-major dependencies Some checks failed / Ansible Lint (push) Failing after 2m28s Details / Ansible Lint (pull_request) Failing after 2m39s Details	2026-01-09 02:15:47 +00:00
June	49e3ecb986	netbox(host): move to new network and hostname Some checks failed / Ansible Lint (push) Failing after 2m3s Details	2026-01-09 03:05:29 +01:00
June	a622f21b54	renovate(host): move to new network and hostname	2026-01-07 18:46:27 +01:00
June	40b67c6bc3	sunders(host): move to new network and hostname	2026-01-07 18:46:16 +01:00