diff --git a/inventories/chaosknoten/host_vars/cloud.yaml b/inventories/chaosknoten/host_vars/cloud.yaml index 9c28d58..765a86b 100644 --- a/inventories/chaosknoten/host_vars/cloud.yaml +++ b/inventories/chaosknoten/host_vars/cloud.yaml @@ -1,7 +1,7 @@ # renovate: datasource=docker depName=git.hamburg.ccc.de/ccchh/oci-images/nextcloud nextcloud__version: 32 # renovate: datasource=docker depName=docker.io/library/postgres -nextcloud__postgres_version: 15.17 +nextcloud__postgres_version: 18.4 nextcloud__fqdn: cloud.hamburg.ccc.de nextcloud__data_dir: /data/nextcloud nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}" diff --git a/resources/chaosknoten/lists/docker_compose/compose.yaml.j2 b/resources/chaosknoten/lists/docker_compose/compose.yaml.j2 index db605b5..58d1ed5 100644 --- a/resources/chaosknoten/lists/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/lists/docker_compose/compose.yaml.j2 @@ -62,7 +62,7 @@ services: - POSTGRES_DB=mailmandb - POSTGRES_USER=mailman - "POSTGRES_PASSWORD={{ secret__lists__postgres_password }}" - image: docker.io/library/postgres:12-alpine + image: docker.io/library/postgres:18-alpine volumes: - /opt/mailman/database:/var/lib/postgresql/data networks: diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 0bbfcb8..091bd44 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -3,7 +3,7 @@ services: database: - image: docker.io/library/postgres:15-alpine + image: docker.io/library/postgres:18-alpine environment: - "POSTGRES_USER=pretalx" - "POSTGRES_PASSWORD={{ secret__pretalx_db_password }}" diff --git a/roles/renovate/files/renovate-cleanup.service b/roles/renovate/files/renovate-cleanup.service new file mode 100644 index 0000000..55c191e --- /dev/null +++ b/roles/renovate/files/renovate-cleanup.service @@ -0,0 +1,7 @@ +[Unit] +Description=renovate cleanup (delete docker volume) +Conflicts=renovate.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/docker volume rm renovate diff --git a/roles/renovate/files/renovate-cleanup.timer b/roles/renovate/files/renovate-cleanup.timer new file mode 100644 index 0000000..510004d --- /dev/null +++ b/roles/renovate/files/renovate-cleanup.timer @@ -0,0 +1,9 @@ +[Unit] +Description=renovate cleanup (delete docker volume) running daily + +[Timer] +# @daily with 10 minute offset +OnCalendar=*-*-* 00:10 + +[Install] +WantedBy=timers.target diff --git a/roles/renovate/tasks/main.yaml b/roles/renovate/tasks/main.yaml index f6988ab..4a6c018 100644 --- a/roles/renovate/tasks/main.yaml +++ b/roles/renovate/tasks/main.yaml @@ -16,31 +16,28 @@ mode: "0640" become: true -- name: ensure systemd service exists +- name: ensure systemd services and timers exist ansible.builtin.copy: - src: renovate.service - dest: /etc/systemd/system/renovate.service + src: "{{ item }}" + dest: "/etc/systemd/system/{{ item }}" owner: root group: root mode: "0644" become: true + loop: + - renovate.service + - renovate-cleanup.service + - renovate.timer + - renovate-cleanup.timer notify: - systemd daemon reload -- name: ensure systemd timer exists - ansible.builtin.copy: - src: renovate.timer - dest: /etc/systemd/system/renovate.timer - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer is started and enabled +- name: ensure systemd timers are started and enabled ansible.builtin.systemd_service: - name: renovate.timer + name: "{{ item }}" state: started enabled: true + loop: + - renovate.timer + - renovate-cleanup.timer become: true