From 9d5a9f908cf3bfecac007aafd7f2982a0681be54 Mon Sep 17 00:00:00 2001 From: Renovate Date: Tue, 31 Mar 2026 15:01:07 +0000 Subject: [PATCH 1/3] Update docker.io/xenrox/ntfy-alertmanager Docker tag to v1 --- .../chaosknoten/grafana/docker_compose/compose.yaml.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index a39c08a..8c38500 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -70,7 +70,7 @@ services: - loki_data:/var/loki ntfy-alertmanager-ccchh-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-ccchh-critical volumes: - ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config @@ -79,7 +79,7 @@ services: restart: unless-stopped ntfy-alertmanager-fux-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-fux-critical volumes: - ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config @@ -88,7 +88,7 @@ services: restart: unless-stopped ntfy-alertmanager-ccchh: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-ccchh volumes: - ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config @@ -97,7 +97,7 @@ services: restart: unless-stopped ntfy-alertmanager-fux: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-fux volumes: - ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config From 6bc872f1c0af393f6cb2a8d281f68244887b3a17 Mon Sep 17 00:00:00 2001 From: June Date: Tue, 31 Mar 2026 17:51:06 +0200 Subject: [PATCH 2/3] pretalx(host): move to dns-01-acme-dns as http-01 failed for cfp.eh22 --- .../chaosknoten/host_vars/pretalx.sops.yaml | 7 ++++--- inventories/chaosknoten/host_vars/pretalx.yaml | 16 +++++++++++++--- .../nginx/acme_challenge.conf | 2 -- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/inventories/chaosknoten/host_vars/pretalx.sops.yaml b/inventories/chaosknoten/host_vars/pretalx.sops.yaml index e5f3132..7a42dcc 100644 --- a/inventories/chaosknoten/host_vars/pretalx.sops.yaml +++ b/inventories/chaosknoten/host_vars/pretalx.sops.yaml @@ -1,6 +1,7 @@ secret__pretalx_db_password: ENC[AES256_GCM,data:T9qw46sR88tcj4NG1oK3AfjreU4N1cIN0w==,iv:g2rr7PbFN9bFDg/w7vZBiuMB4p2j2uu0eQAyiweuQ6Q=,tag:0coJNAbT5W9gxy2fVOhuoA==,type:str] secret__pretalx_mail_password: ENC[AES256_GCM,data:HJrrmdDKzity4Fzz+JEj/kvddzHpRbw1Yw==,iv:dW15nSyYjzlFdPkQoZmJ5k+poWyJZ7dW5Lo8IFjtfMc=,tag:AZZObQRDMMoQgnPmqo/+Tw==,type:str] ansible_pull__age_private_key: ENC[AES256_GCM,data:CguBtrNgimXc0dBhIHn6SNYhmHY1z6mHXdb7bmAFUy5FtqAmU/HGTxIsOZdn+GjwHhk3idi4my68qAkyxiuvHno7yQ+HTRgPl4k=,iv:kFLI2ptzZi2UK0MLEyFpYdvJ4o2C0zaQ1K6fowYmG/4=,tag:8hwlDVpu+HBm+hjNAdiVyw==,type:str] +secret__acme_dns_api_key_pretalx_hamburg_ccc_de: ENC[AES256_GCM,data:e5Chvj450jNpRZJWZ/fYersQC6U8V8sgcvXkhbCSSKO/U4wBJWTr6g==,iv:gkMZlzwIoeft5VrOGVdvA2QRacoO9QetKVJxJ6xHG54=,tag:Lz0r1P0qcCyJ00MFu1JR2g==,type:str] sops: age: - recipient: age133wy6sxhgx3kkwxecra6xf9ey2uhnvtjpgwawwfmpvz0jpd0s5dqe385u3 @@ -12,8 +13,8 @@ sops: T3BVQmZyVFlyaloxZ1lUdEtlbDYxbkkKdaYhzRq66SVBbhn4iNVSDSoEBk7+zODh cogERhbBCuz6WXCKBHjFwLDggM6y2cLo/uk3qkG2X7YDXUqO/DMwSA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:41:45Z" - mac: ENC[AES256_GCM,data:tw/zADjnc9mNcT1sEGDeCFr9RuyPsgj6mtcmDwpYdquhdfmjvccUBwly/NFFdHAwUqmL4l5R2xAFaeKxiEO03DT9nx6jujDvgpKaWyiXqgPnzMvft/9SXdjwx1+4COmT15WQ3LfTQbTXAJH3taGDQeRJBPRYFcykscyw3S5/aU8=,iv:kmCUVVT17MPoV4/tGqxKGeXuf1eIzX9qqJt6HL2ygPQ=,tag:+v+TVU4Nr+ZCqLxWvWWjdA==,type:str] + lastmodified: "2026-03-31T15:20:20Z" + mac: ENC[AES256_GCM,data:XUk54tSq/2B5DlHSOovKuGT2x5ffl6EahmqriA6P+V0e8D9PNemgOcV7s0GfW3QgKNQ7RCCRaXZpOZADh4yIR/AslrIGAJ1qNHgekZgRJ0VX8yydjHMpVG5u9Qi4Kr/u867xXhSzjSLEsefT60RGCKyrQs5/QqkK833PaIJylqE=,iv:1sRcJlDHN3eu/oRyJ8e9TB7+5yThlf6iboBnaaO/IvM=,tag:EW+m//ycUf+crIeEOJoPtQ==,type:str] pgp: - created_at: "2026-03-05T19:18:39Z" enc: |- @@ -215,4 +216,4 @@ sops: -----END PGP MESSAGE----- fp: 41FFAF3D519CF5C039FBD8414BCC213729AF0E49 unencrypted_suffix: _unencrypted - version: 3.10.2 + version: 3.12.1 diff --git a/inventories/chaosknoten/host_vars/pretalx.yaml b/inventories/chaosknoten/host_vars/pretalx.yaml index 12610b6..e1298f0 100644 --- a/inventories/chaosknoten/host_vars/pretalx.yaml +++ b/inventories/chaosknoten/host_vars/pretalx.yaml @@ -2,9 +2,19 @@ docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 're docker_compose__configuration_files: [ ] certbot__acme_account_email_address: le-admin@hamburg.ccc.de -certbot__certificate_domains: - - "pretalx.hamburg.ccc.de" - - "cfp.eh22.easterhegg.eu" +certbot__certs: + - commonName: "pretalx.hamburg.ccc.de" + challengeType: "dns-01-acme-dns" + dns_01_acme_dns: + subdomain: 295a66d4-1d71-49f3-a80a-1f7527ec9cca + apiUser: bee0544b-a414-42eb-96a1-3e30d43e104c + apiKey: "{{ secret__acme_dns_api_key_pretalx_hamburg_ccc_de }}" + - commonName: "cfp.eh22.easterhegg.eu" + challengeType: "dns-01-acme-dns" + dns_01_acme_dns: + subdomain: 295a66d4-1d71-49f3-a80a-1f7527ec9cca + apiUser: bee0544b-a414-42eb-96a1-3e30d43e104c + apiKey: "{{ secret__acme_dns_api_key_pretalx_hamburg_ccc_de }}" certbot__new_cert_commands: - "systemctl reload nginx.service" diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf index 7bb4993..3bcd0fb 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf @@ -22,7 +22,6 @@ map $host $upstream_acme_challenge_host { netbox.hamburg.ccc.de netbox.hosts.hamburg.ccc.de:31820; onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:31820; pad.hamburg.ccc.de pad.hosts.hamburg.ccc.de:31820; - pretalx.hamburg.ccc.de pretalx.hosts.hamburg.ccc.de:31820; spaceapi.hamburg.ccc.de 172.31.17.151:31820; staging.hamburg.ccc.de 172.31.17.151:31820; wiki.ccchh.net wiki.hosts.hamburg.ccc.de:31820; @@ -71,7 +70,6 @@ map $host $upstream_acme_challenge_host { woodpecker.hamburg.ccc.de 172.31.17.160:31820; design.hamburg.ccc.de 172.31.17.162:31820; hydra.hamburg.ccc.de 172.31.17.163:31820; - cfp.eh22.easterhegg.eu 172.31.17.157:31820; ntfy.hamburg.ccc.de ntfy.hosts.hamburg.ccc.de:31820; cryptoparty-hamburg.de 172.31.17.151:31820; cryptoparty.hamburg.ccc.de 172.31.17.151:31820; From 229b337f6c06aa0d21e495a17fc58d850f03dc7b Mon Sep 17 00:00:00 2001 From: Renovate Date: Tue, 31 Mar 2026 16:01:06 +0000 Subject: [PATCH 3/3] Update docker.io/xenrox/ntfy-alertmanager Docker tag to v1 --- .../chaosknoten/grafana/docker_compose/compose.yaml.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index a39c08a..8c38500 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -70,7 +70,7 @@ services: - loki_data:/var/loki ntfy-alertmanager-ccchh-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-ccchh-critical volumes: - ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config @@ -79,7 +79,7 @@ services: restart: unless-stopped ntfy-alertmanager-fux-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-fux-critical volumes: - ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config @@ -88,7 +88,7 @@ services: restart: unless-stopped ntfy-alertmanager-ccchh: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-ccchh volumes: - ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config @@ -97,7 +97,7 @@ services: restart: unless-stopped ntfy-alertmanager-fux: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0 + image: docker.io/xenrox/ntfy-alertmanager:1.0.0 container_name: ntfy-alertmanager-fux volumes: - ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config