From 2d1b885b4b330b3d7d6b0534487ae5746cd6d5f5 Mon Sep 17 00:00:00 2001 From: Renovate Date: Thu, 9 Apr 2026 00:16:39 +0000 Subject: [PATCH 1/3] Update all stable non-major dependencies --- .forgejo/workflows/lint.yaml | 2 +- inventories/chaosknoten/host_vars/netbox.yaml | 2 +- resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 | 4 ++-- resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 | 2 +- resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/lint.yaml b/.forgejo/workflows/lint.yaml index bdd53f5..600d044 100644 --- a/.forgejo/workflows/lint.yaml +++ b/.forgejo/workflows/lint.yaml @@ -24,7 +24,7 @@ jobs: # work in our environmnet. # Rather manually setup python (pip) before instead. - name: Run ansible-lint - uses: https://github.com/ansible/ansible-lint@v26.3.0 + uses: https://github.com/ansible/ansible-lint@v26.4.0 with: setup_python: "false" requirements_file: "requirements.yml" diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index f28d193..a1b0fe6 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,5 +1,5 @@ # renovate: datasource=github-releases depName=netbox packageName=netbox-community/netbox -netbox__version: "v4.5.5" +netbox__version: "v4.5.7" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index 8c38500..8681982 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -2,7 +2,7 @@ services: prometheus: - image: docker.io/prom/prometheus:v3.10.0 + image: docker.io/prom/prometheus:v3.11.1 container_name: prometheus command: - '--config.file=/etc/prometheus/prometheus.yml' @@ -19,7 +19,7 @@ services: - prom_data:/prometheus alertmanager: - image: docker.io/prom/alertmanager:v0.31.1 + image: docker.io/prom/alertmanager:v0.32.0 container_name: alertmanager command: - '--config.file=/etc/alertmanager/alertmanager.yaml' diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 index af1b531..9b16db4 100644 --- a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 @@ -1,7 +1,7 @@ --- services: ntfy: - image: docker.io/binwiederhier/ntfy:v2.20.1 + image: docker.io/binwiederhier/ntfy:v2.21.0 container_name: ntfy command: - serve diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 0bbfcb8..2207733 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -23,7 +23,7 @@ services: - pretalx_net static: - image: docker.io/library/nginx:1.29.7 + image: docker.io/library/nginx:1.29.8 restart: unless-stopped volumes: - public:/usr/share/nginx/html From abcd622757245466faa4f658329c5060686d1710 Mon Sep 17 00:00:00 2001 From: bitwhisker Date: Sat, 11 Apr 2026 02:36:44 +0200 Subject: [PATCH 2/3] light(host): move to dns-01-acme-dns --- inventories/z9/host_vars/light.sops.yaml | 9 ++++++--- inventories/z9/host_vars/light.yaml | 23 +++++++++++++++++++---- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/inventories/z9/host_vars/light.sops.yaml b/inventories/z9/host_vars/light.sops.yaml index 02cf01f..2ce8807 100644 --- a/inventories/z9/host_vars/light.sops.yaml +++ b/inventories/z9/host_vars/light.sops.yaml @@ -1,4 +1,7 @@ ansible_pull__age_private_key: ENC[AES256_GCM,data:VEGxr8C7RlEhyQhf+to/OrbfPPKkyL7iUU1yDXGAzmmPCQ4VftK71eiyN7OS6pG8J89Mj4Sy/dcY4SUX+rTl/q1csZMn9t4NBN8=,iv:JcrdyFLX5srZfRj9SA+RXf+CRZi5GEcApgyYsHoHTGE=,tag:xdJ4GmK3afZDkXmkrriStg==,type:str] +secret__acme_dns_api_key_light_ccchh_net: ENC[AES256_GCM,data:SLUNVJQ4Nkos+tYH0l9ndJI8mrfZFC9i/qQqkcHgfLaNjL1tFuAFfQ==,iv:cc7DsiqzMlc2lh3D63cElMQcOeYT7oNxmRy7irSr9/s=,tag:dBnTAJXvgWlmq5vVGxrykw==,type:str] +secret__acme_dns_api_key_light_z9_ccchh_net: ENC[AES256_GCM,data:m6+Sk533qTRfhrwv7U2RydJh/j7KjJKHiEetyzgvJV1dgWXmE5AhYA==,iv:lAGv4vfxA+DQfwaHiDp3NMel0tjmZl96nKUAN8QGFe4=,tag:h0wM/F9E4dIy+NYLIVUpxg==,type:str] +secret__acme_dns_api_key_light_werkstatt_ccchh_net: ENC[AES256_GCM,data:zJ9hQo1jmQ5+d0oU+CD+cQh89HshPpguZCak7Nfjdb2bygUXJrEIIw==,iv:y+FSB/k5LixKJOm9egWsjhByQAdv7TfJHvv3job2oYg=,tag:CmuUqnCI3V/aOOUitzYT9Q==,type:str] sops: age: - recipient: age1llkxtfx4dgnezmukj4ganx4ql9k4ga4ca9zuanf5r568jfp8peeqal490q @@ -10,8 +13,8 @@ sops: SHgzd0IvZjJBamZFcHczNm1FN1Q1TzAKDgId6bAykxsgXAeBWXd6Dyxiiyh0gIb/ Q6MHNtagsA5OrUtc7xEInVt8CYT8czI/Lr9pHzmx5bQPlDf8NkW0lA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-30T18:56:30Z" - mac: ENC[AES256_GCM,data:XQJwF0MuaNoNssD3QvcDrlz+W7cccDdBaY82i6Qae7zBOQKlxLRJ7FteaDQEmQ7Yb1xBczpS+wBLgKNy5WbwIm8GELX1Hs91Y/SUguCnSualWhSVw9HW42T4oP9OEv2DC2aiJYHampSOgjmWgbPqawCU9xfsnP7RFGajQNNmRWU=,iv:O+A6tGFLhS4AVjLQ25eEjUfERPG2PnzgczZ0wczf7UY=,tag:yjFBjKtSE6vu9JMY9DQ0UA==,type:str] + lastmodified: "2026-04-11T01:24:10Z" + mac: ENC[AES256_GCM,data:D7qAgDZX8B0oNdZovHE74sSZI5X3qd8oDPHWl13Q2ohLnp9vJsFxrKntXxeeHASzQceDv2RQ1exwq7ZPor62sLFx+xO1Dc0Awpq1eoclDlHPyKlvT3pgkcB8IxDO/FuO+7hg/bJkmTHhbHTiHLGQDWN2sQev309Eka86lQyCzIQ=,iv:OBCobeUp+GwdDQhrNtTJhiRVMxRJafq5g1rhMoEFhjc=,tag:OSAWMn2NPZnVKcRX+eJf+Q==,type:str] pgp: - created_at: "2026-03-30T19:01:24Z" enc: |- @@ -213,4 +216,4 @@ sops: -----END PGP MESSAGE----- fp: 41FFAF3D519CF5C039FBD8414BCC213729AF0E49 unencrypted_suffix: _unencrypted - version: 3.12.1 + version: 3.12.2 diff --git a/inventories/z9/host_vars/light.yaml b/inventories/z9/host_vars/light.yaml index a5957e2..c14515d 100644 --- a/inventories/z9/host_vars/light.yaml +++ b/inventories/z9/host_vars/light.yaml @@ -60,9 +60,24 @@ nginx__configurations: content: "{{ lookup('ansible.builtin.file', 'resources/z9/dooris/nginx/http_handler.conf') }}" certbot__acme_account_email_address: le-admin@hamburg.ccc.de -certbot__certificate_domains: - - "light-werkstatt.ccchh.net" - - "light.ccchh.net" - - "light.z9.ccchh.net" +certbot__certs: + - commonName: "light.ccchh.net" + challengeType: "dns-01-acme-dns" + dns_01_acme_dns: + subdomain: "e59f55ee-9013-469d-a146-a159721b6fea" + apiUser: "33e96ec7-1f98-4f70-92be-85a42dabd211" + apiKey: "{{ secret__acme_dns_api_key_light_ccchh_net }}" + - commonName: "light.z9.ccchh.net" + challengeType: "dns-01-acme-dns" + dns_01_acme_dns: + subdomain: "3bc9e7ce-03dd-4533-a059-b5d38407eaa5" + apiUser: "c3b00882-ca2a-4d11-9ebd-fccfb8618b75" + apiKey: "{{ secret__acme_dns_api_key_light_z9_ccchh_net }}" + - commonName: "light-werkstatt.ccchh.net" + challengeType: "dns-01-acme-dns" + dns_01_acme_dns: + subdomain: "f408acc0-d9f5-4525-bb01-28938e3bb7d0" + apiUser: "a030e419-6ed8-43ee-8425-a451b457f83a" + apiKey: "{{ secret__acme_dns_api_key_light_werkstatt_ccchh_net }}" certbot__new_cert_commands: - "systemctl reload nginx.service" From 5798eb5734edcaf232040cd139340b36bd082725 Mon Sep 17 00:00:00 2001 From: Renovate Date: Sat, 11 Apr 2026 02:46:04 +0000 Subject: [PATCH 3/3] Update all stable non-major dependencies --- .forgejo/workflows/lint.yaml | 2 +- inventories/chaosknoten/host_vars/netbox.yaml | 2 +- resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 | 4 ++-- resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 | 2 +- resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/lint.yaml b/.forgejo/workflows/lint.yaml index bdd53f5..600d044 100644 --- a/.forgejo/workflows/lint.yaml +++ b/.forgejo/workflows/lint.yaml @@ -24,7 +24,7 @@ jobs: # work in our environmnet. # Rather manually setup python (pip) before instead. - name: Run ansible-lint - uses: https://github.com/ansible/ansible-lint@v26.3.0 + uses: https://github.com/ansible/ansible-lint@v26.4.0 with: setup_python: "false" requirements_file: "requirements.yml" diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index f28d193..a1b0fe6 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,5 +1,5 @@ # renovate: datasource=github-releases depName=netbox packageName=netbox-community/netbox -netbox__version: "v4.5.5" +netbox__version: "v4.5.7" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index 8c38500..8681982 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -2,7 +2,7 @@ services: prometheus: - image: docker.io/prom/prometheus:v3.10.0 + image: docker.io/prom/prometheus:v3.11.1 container_name: prometheus command: - '--config.file=/etc/prometheus/prometheus.yml' @@ -19,7 +19,7 @@ services: - prom_data:/prometheus alertmanager: - image: docker.io/prom/alertmanager:v0.31.1 + image: docker.io/prom/alertmanager:v0.32.0 container_name: alertmanager command: - '--config.file=/etc/alertmanager/alertmanager.yaml' diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 index af1b531..9b16db4 100644 --- a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 @@ -1,7 +1,7 @@ --- services: ntfy: - image: docker.io/binwiederhier/ntfy:v2.20.1 + image: docker.io/binwiederhier/ntfy:v2.21.0 container_name: ntfy command: - serve diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 0bbfcb8..2207733 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -23,7 +23,7 @@ services: - pretalx_net static: - image: docker.io/library/nginx:1.29.7 + image: docker.io/library/nginx:1.29.8 restart: unless-stopped volumes: - public:/usr/share/nginx/html