From a979fccd12de1bcd1c2ea8c7eb11e7e379101a89 Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Thu, 30 Oct 2025 04:47:10 +0100
Subject: [PATCH 1/4] renovate: add custom regex manager for inventory vars
 dependencies

Inspiration taken from/documentation:
https://docs.renovatebot.com/presets-customManagers/#custommanagersdockerfileversions
https://docs.renovatebot.com/modules/manager/regex/
---
 renovate.json | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/renovate.json b/renovate.json
index f72babb..9dc45bf 100644
--- a/renovate.json
+++ b/renovate.json
@@ -30,6 +30,18 @@
       "versioning": "regex:^(?<major>\\d+\\.\\d+)(?:\\.(?<minor>\\d+))$"
     }
   ],
+  "customManagers": [
+    // Custom manager using regex for letting Renovate find dependencies in inventory variables.
+    {
+      "customType": "regex",
+      "managerFilePatterns": [
+        "/^inventories/.*?_vars/.*?\\.ya?ml$/"
+      ],
+      "matchStrings": [
+        "# renovate: datasource=(?<datasource>[a-zA-Z0-9-._]+?) depName=(?<depName>[^\\s]+?)(?: packageName=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[^\\s]+?))?\\s*.+?\\s*:\\s*[\"']?(?<currentValue>.+?)[\"']?\\s"
+      ]
+    }
+  ],
   "docker-compose": {
     "managerFilePatterns": [
       "/(^|/)(?:docker-)?compose[^/]*\\.ya?ml.j2$/"

From 83fd86897796e66e1ea59a188efbb582c83fb7ae Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Thu, 30 Oct 2025 04:49:44 +0100
Subject: [PATCH 2/4] docker(role): use full image sources

---
 roles/nextcloud/templates/compose.yaml.j2 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/nextcloud/templates/compose.yaml.j2 b/roles/nextcloud/templates/compose.yaml.j2
index 4644d8b..9e28735 100644
--- a/roles/nextcloud/templates/compose.yaml.j2
+++ b/roles/nextcloud/templates/compose.yaml.j2
@@ -32,9 +32,9 @@ services:
       OVERWRITECLIURL: "https://{{ nextcloud__fqdn }}/"
       OVERWRITEHOST: "{{ nextcloud__fqdn }}"
       OVERWRITEPROTOCOL: "https"
-    
+
   db:
-    image: postgres:{{ nextcloud__postgres_version }}
+    image: docker.io/library/postgres:{{ nextcloud__postgres_version }}
     restart: unless-stopped
     #ports:
     #  - 127.0.0.1:5432:5432
@@ -48,7 +48,7 @@ services:
       POSTGRES_PASSWORD: "{{ nextcloud__postgres_password }}"
 
   redis:
-    image: redis:alpine
+    image: docker.io/library/redis:alpine
     restart: unless-stopped
     networks:
       - nextcloud

From df59e5e3a992f665188bce39b9b806b569ba800b Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Thu, 30 Oct 2025 04:56:31 +0100
Subject: [PATCH 3/4] add renovate comment for custom regex matcher to
 inventory version vars

---
 inventories/chaosknoten/host_vars/cloud.yaml  | 2 ++
 inventories/chaosknoten/host_vars/netbox.yaml | 1 +
 2 files changed, 3 insertions(+)

diff --git a/inventories/chaosknoten/host_vars/cloud.yaml b/inventories/chaosknoten/host_vars/cloud.yaml
index 35fb162..fd1ac46 100644
--- a/inventories/chaosknoten/host_vars/cloud.yaml
+++ b/inventories/chaosknoten/host_vars/cloud.yaml
@@ -1,4 +1,6 @@
+# renovate: datasource=docker depName=git.hamburg.ccc.de/ccchh/oci-images/nextcloud
 nextcloud__version: 32
+# renovate: datasource=docker depName=postgres
 nextcloud__postgres_version: 15.14
 nextcloud__fqdn: cloud.hamburg.ccc.de
 nextcloud__data_dir: /data/nextcloud
diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml
index 4726885..fb99f0e 100644
--- a/inventories/chaosknoten/host_vars/netbox.yaml
+++ b/inventories/chaosknoten/host_vars/netbox.yaml
@@ -1,3 +1,4 @@
+# renovate: datasource=github-releases depName=netbox packageName=netbox-community/netbox
 netbox__version: "v4.1.7"
 netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
 netbox__custom_pipeline_oidc_group_and_role_mapping: true

From 1e20315493c2c60ecb199cea352bda228716c38f Mon Sep 17 00:00:00 2001
From: Renovate <no-reply@git.hamburg.ccc.de>
Date: Thu, 30 Oct 2025 03:58:37 +0000
Subject: [PATCH 4/4] Update docker.io/library/mariadb Docker tag to v12

---
 resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
index ffe491b..174c929 100644
--- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
@@ -3,7 +3,7 @@
 
 services:
   database:
-    image: docker.io/library/mariadb:11@sha256:ae6119716edac6998ae85508431b3d2e666530ddf4e94c61a10710caec9b0f71
+    image: docker.io/library/mariadb:12@sha256:5b6a1eac15b85b981a61afb89aea2a22bf76b5f58809d05f0bcc13ab6ec44cb8
     environment:
       - "MARIADB_DATABASE=wordpress"
       - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"