From 0008ad30385100ea9976175d75adbda5a4d999d2 Mon Sep 17 00:00:00 2001 From: Renovate Date: Wed, 10 Jun 2026 14:16:09 +0000 Subject: [PATCH 1/4] Update docker.io/library/mariadb Docker tag to v12 --- resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 index c2108d8..f359f47 100644 --- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 @@ -3,7 +3,7 @@ services: database: - image: docker.io/library/mariadb:11 + image: docker.io/library/mariadb:12 environment: - "MARIADB_DATABASE=wordpress" - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}" From 57d2a94990459ff045820d436f6aabfb87fb0084 Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 10 Jun 2026 16:17:18 +0200 Subject: [PATCH 2/4] dns: fix syntax error in diday.org zone --- resources/chaosknoten/auth-dns/zones/diday.org.zone | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/resources/chaosknoten/auth-dns/zones/diday.org.zone b/resources/chaosknoten/auth-dns/zones/diday.org.zone index 2aeefcf..bf93208 100644 --- a/resources/chaosknoten/auth-dns/zones/diday.org.zone +++ b/resources/chaosknoten/auth-dns/zones/diday.org.zone @@ -1,4 +1,4 @@ -$TTL 3600 ; 1 minutes +$TTL 3600 @ SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( 1 ; serial (overwritten by knot automatically) 10800 ; refresh @@ -27,8 +27,7 @@ diday.org. TXT "google-site-verification=pJq0LANnNJlkIflK diday.org. MX 10 cow.hamburg.ccc.de. diday.org. TXT "v=spf1 mx ip4:212.12.51.133 ip6:2a00:14b0:f000:23:51:133:0:1 ip4:212.12.48.122 ip6:2a00:14b0:4200:3000:122::1 -all" _dmarc.diday.org. TXT "v=DMARC1; p=none" -dkim._domainkey.diday.org. TXT "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2YlBjR5oNm7eDeMXmQF6Izx1A17+vBHNapHlV2Rlj3N4Cjo9kSn0y8rlrqkASUKszDgToGrh1vkHhtYN6EE5QS5iVVSnXcWPiHnBzrxK4OmhVZZtrgGsM17pq9udAEEapc371dQQsL3WhXOvilGGSIQ9u5VDlc+y/ApXi79J6DHSf66t0JUU1e8vLn8ZI8hcXe3nsHXqbW4ot24rk8EvaugsK40jbhqxZ+BrJTBq/iP8w5RsF6KdYjTaqPfr/D4dbvUU6fc8jLyy3OWZgSkkOmv7m0UdbOm2Kk6c+1hNjQJZVEhQrpGrpAcjE37/v8ZNbQMgaasiugH6ElnKb13ZQIDAQAB -" +dkim._domainkey.diday.org. TXT "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2YlBjR5oNm7eDeMXmQF6Izx1A17+vBHNapHlV2Rlj3N4Cjo9kSn0y8rlrqkASUKszDgToGrh1vkHhtYN6EE5QS5iVVSnXcWPiHnBzrxK4OmhVZZtrgGsM17pq9udAEEapc371dQQsL3WhXOvilGGSIQ9u5VDlc+y/ApXi79J6DHSf66t0JUU1e8vLn8ZI8hcXe3nsHXqbW4ot24rk8EvaugsK40jbhqxZ+BrJTBq/iP8w5RsF6KdYjTaqPfr/D4dbvUU6fc8jLyy3OWZgSkkOmv7m0UdbOm2Kk6c+1hNjQJZVEhQrpGrpAcjE37/v8ZNbQMgaasiugH6ElnKb13ZQIDAQAB" events.diday.org. A 91.98.167.209 events.diday.org. AAAA 2a01:4f8:c2c:44b::1 From 5973de0959242cc5832c361616c5848d002aa6f8 Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 10 Jun 2026 16:17:18 +0200 Subject: [PATCH 3/4] dns: validate zone files before apply in knot role --- roles/knot/tasks/02-configure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/knot/tasks/02-configure.yaml b/roles/knot/tasks/02-configure.yaml index a2a8e55..e79143f 100644 --- a/roles/knot/tasks/02-configure.yaml +++ b/roles/knot/tasks/02-configure.yaml @@ -33,6 +33,7 @@ owner: knot group: knot mode: u=rw,g=r + validate: "kzonecheck -v -o '{{ item.domain }}' %s" # this seems weird but hear me out: # if we don't disable SLAAC, the node automatically gets an address based on IPv6 Router-Advertisements From 1b496097a587c7f7defd5b5d11e7bb0a47f38156 Mon Sep 17 00:00:00 2001 From: Renovate Date: Wed, 10 Jun 2026 14:31:26 +0000 Subject: [PATCH 4/4] Update docker.io/library/mariadb Docker tag to v12 --- resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 index c2108d8..f359f47 100644 --- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 @@ -3,7 +3,7 @@ services: database: - image: docker.io/library/mariadb:11 + image: docker.io/library/mariadb:12 environment: - "MARIADB_DATABASE=wordpress" - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"