diff --git a/.forgejo/workflows/lint.yaml b/.forgejo/workflows/lint.yaml index bdd53f5..600d044 100644 --- a/.forgejo/workflows/lint.yaml +++ b/.forgejo/workflows/lint.yaml @@ -24,7 +24,7 @@ jobs: # work in our environmnet. # Rather manually setup python (pip) before instead. - name: Run ansible-lint - uses: https://github.com/ansible/ansible-lint@v26.3.0 + uses: https://github.com/ansible/ansible-lint@v26.4.0 with: setup_python: "false" requirements_file: "requirements.yml" diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index f28d193..7aaff28 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,5 +1,5 @@ # renovate: datasource=github-releases depName=netbox packageName=netbox-community/netbox -netbox__version: "v4.5.5" +netbox__version: "v4.6.1" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/resources/chaosknoten/acmedns/docker_compose/compose.yaml.j2 b/resources/chaosknoten/acmedns/docker_compose/compose.yaml.j2 index 3fcd8c6..c68973f 100644 --- a/resources/chaosknoten/acmedns/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/acmedns/docker_compose/compose.yaml.j2 @@ -2,7 +2,7 @@ services: oauth2-proxy: container_name: oauth2-proxy - image: quay.io/oauth2-proxy/oauth2-proxy:v7.15.1 + image: quay.io/oauth2-proxy/oauth2-proxy:v7.15.2 command: --config /oauth2-proxy.cfg hostname: oauth2-proxy volumes: diff --git a/resources/chaosknoten/auth-dns/zones/ccchh.net.zone b/resources/chaosknoten/auth-dns/zones/ccchh.net.zone index bb5c16f..0360f81 100644 --- a/resources/chaosknoten/auth-dns/zones/ccchh.net.zone +++ b/resources/chaosknoten/auth-dns/zones/ccchh.net.zone @@ -1,73 +1,64 @@ -$ORIGIN . -$TTL 900 ; 15 minutes -ccchh.net IN SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( - 2026042801 ; serial - 86400 ; refresh (1 day) - 7200 ; retry (2 hours) - 3600000 ; expire (5 weeks 6 days 16 hours) - 7200 ; minimum (2 hours) - ) - NS auth-dns.hamburg.ccc.de. - NS ns.vie.ccc.de. +$TTL 60 ; 1 minutes +@ SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( + 1 ; serial (overwritten by knot automatically) + 86400 ; refresh (1 day) + 7200 ; retry (2 hours) + 3600000 ; expire (5 weeks 6 days 16 hours) + 60 ; minimum/negative ttl (1 minute) + ) -$ORIGIN ccchh.net. -aes A 212.12.48.125 -club-assistant AAAA 2a07:c481:1:d0::a -;_acme-challenge.club-assistant CNAME d50ad73a-f82d-4244-87f0-6f5195b37d21.auth.acmedns.hamburg.ccc.de -club-assistant.z9 AAAA 2a07:c481:1:d0::a -;_acme-challenge.club-assistant.z9 CNAME 0efa74d1-7dcd-478b-bdc5-5b76d0f07642.auth.acmedns.hamburg.ccc.de -esphome AAAA 2a07:c481:1:d0::66 -esphome.z9 AAAA 2a07:c481:1:d0::66 -zigbee2mqtt A 185.161.129.132 -light AAAA 2a07:c481:1:d0::16 -_acme-challenge.light CNAME e59f55ee-9013-469d-a146-a159721b6fea.auth.acmedns.hamburg.ccc.de. -light.z9 AAAA 2a07:c481:1:d0::16 -_acme-challenge.light.z9 CNAME 3bc9e7ce-03dd-4533-a059-b5d38407eaa5.auth.acmedns.hamburg.ccc.de. -light-werkstatt AAAA 2a07:c481:1:d0::16 -_acme-challenge.light-werkstatt CNAME f408acc0-d9f5-4525-bb01-28938e3bb7d0.auth.acmedns.hamburg.ccc.de. -mailserver-endpoint A 82.165.121.46 -ns1 A 185.161.129.133 -send-only-mail MX 10 send-only-mailserver - TXT "v=spf1 mx -all" -send-only-mailserver A 82.165.121.46 -send-only-mailserver-access A 185.161.129.132 -thinkcccore0 AAAA 2a07:c481:1:f2::3 -thinkcccore0.z9 AAAA 2a07:c481:1:f2::3 -thinkcccore1 AAAA 2a07:c481:1:f2::4 -thinkcccore1.z9 AAAA 2a07:c481:1:f2::4 -opnsense AAAA 2a07:c481:1:f2::1 -opnsense.z9 AAAA 2a07:c481:1:f2::1 -pbs AAAA 2a07:c481:1:f2::4 -thinkcccore2 AAAA 2a07:c481:1:f2::5 -thinkcccore2.z9 AAAA 2a07:c481:1:f2::5 -thinkcccore3 AAAA 2a07:c481:1:f2::6 -thinkcccore3.z9 AAAA 2a07:c481:1:f2::6 -miniscccore0 AAAA 2a07:c481:1:f2::9 -miniscccore0.z9 AAAA 2a07:c481:1:f2::9 -uptime-kuma A 185.161.129.132 -status AAAA 2a07:c481:1:ce::a -status.z9 AAAA 2a07:c481:1:ce::a -wiki A 212.12.48.125 -hmdooris-ccu A 10.31.208.202 -buba A 10.31.211.137 -buba.z9 A 10.31.211.137 -dooris AAAA 2a07:c481:1:d0::1c -_acme-challenge.dooris CNAME 37caae1f-b77f-4eb1-aa71-dc3f7ed24360.auth.acmedns.hamburg.ccc.de. -waybackproxy A 10.31.208.99 -yate A 10.31.208.12 -staubiv2 A 10.31.210.233 -staubiv2.z9 A 10.31.210.233 -; Mail: hosts.z9.ccchh.net -hosts.z9 MX 10 cow.hamburg.ccc.de - TXT "v=spf1 mx -all" -dkim._domainkey.hosts.z9 TXT ("v=DKIM1;k=rsa;t=s;s=email;" - "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsdypQ/tlrzto5KVP" - "5o7tEblXK/hOVRFB683uODzo26XTFMSRGjumMuo/tej59GMePdUu0uIsdq8hfj8" - "ot0R2OQNazdyp4NW4TUWfFGJ4S2f6LR3lE3I5Lw7fHiYHz0GnCGTqZIItkHK+xQ" - "i5Fdhwd1YbFJtO0XiZ0jY5w6pvny6pEH8WaKX85rEmz2zqCtpiYPRPmoK/Tn+rV" - "2e8fVioMRm9W8E4PU42WLds66qOkFR0KjKIavE6y7JahESEoVGcVnSPdtMOX0Ln" - "KbSMQNrTvNbBoPdLYvNaXOw7TmVPKjDV+FRCIIdK+m0fL82/vm5jPBvDr5+WlM1" - "xV/P/KlSnQIDAQAB") -$ORIGIN send-only-mail.ccchh.net. -_dmarc TXT "v=DMARC1;p=quarantine;" -key._domainkey TXT "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqduM4+SQ+IQ2uAxbjFkd+0hAjohTgT3nM76jyrWGHJ8TizNU2PGkta0NjCq+m9VLBZUjIJphW2vrnlJsnN0JkGAdoLBL3Qs0kShT6V+xsxslZG2KHApihnJUp34tPSMES+aTnD+jEPGyxFLeoiK+3gywNhCGalHSQ+G88Z2n59wIDAQAB" +@ NS auth-dns.hamburg.ccc.de. +@ NS ns.vie.ccc.de. + + +; +; Network-Infrastructure +; +rt-wan A 185.161.129.134 + AAAA 2a07:c481::1:2 +sw-rack-1 A 10.89.213.2 + AAAA 2a07:c481:1:36::2 +sw-rack-2-poe A 10.89.213.3 + AAAA 2a07:c481:1:36::3 +sw-main-1 A 10.89.213.4 + AAAA 2a07:c481:1:36::4 +sw-main-2 A 10.89.213.5 + AAAA 2a07:c481:1:36::5 +sw-shop-1 A 10.89.213.6 + AAAA 2a07:c481:1:36::6 +sw-shop-2-poe A 10.89.213.7 + AAAA 2a07:c481:1:36::7 +sw-shop-3-poe A 10.89.213.8 + AAAA 2a07:c481:1:36::8 +pve01 A 10.89.213.11 + AAAA 2a07:c481:1:36::11 +pve02 A 10.89.213.12 + AAAA 2a07:c481:1:36::12 +pve03 A 10.89.213.13 + AAAA 2a07:c481:1:36::13 +pve04 A 10.89.213.14 + AAAA 2a07:c481:1:36::14 +pbs A 10.89.213.15 + AAAA 2a07:c481:1:36::15 +unifi A 10.89.213.21 + + +; +; Club-Services +; +xr18 A 172.31.200.21 + +;club-assistant AAAA 2a07:c481:1:d0::a +;;_acme-challenge.club-assistant CNAME d50ad73a-f82d-4244-87f0-6f5195b37d21.auth.acmedns.hamburg.ccc.de +;esphome AAAA 2a07:c481:1:d0::66 +;zigbee2mqtt A 185.161.129.132 +;light AAAA 2a07:c481:1:d0::16 +;_acme-challenge.light CNAME e59f55ee-9013-469d-a146-a159721b6fea.auth.acmedns.hamburg.ccc.de. +;light-werkstatt AAAA 2a07:c481:1:d0::16 +;_acme-challenge.light-werkstatt CNAME f408acc0-d9f5-4525-bb01-28938e3bb7d0.auth.acmedns.hamburg.ccc.de. +;hmdooris-ccu A 10.31.208.202 +;buba A 10.31.211.137 +;dooris AAAA 2a07:c481:1:d0::1c +;_acme-challenge.dooris CNAME 37caae1f-b77f-4eb1-aa71-dc3f7ed24360.auth.acmedns.hamburg.ccc.de. +;yate A 10.31.208.12 +;staubiv2 A 10.31.210.233 diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index 1f6c42f..44dfa20 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -2,7 +2,7 @@ services: prometheus: - image: docker.io/prom/prometheus:v3.10.0 + image: docker.io/prom/prometheus:v3.11.3 container_name: prometheus command: - '--config.file=/etc/prometheus/prometheus.yml' @@ -19,7 +19,7 @@ services: - prom_data:/prometheus alertmanager: - image: docker.io/prom/alertmanager:v0.31.1 + image: docker.io/prom/alertmanager:v0.32.1 container_name: alertmanager command: - '--config.file=/etc/alertmanager/alertmanager.yaml' @@ -46,7 +46,7 @@ services: - graf_data:/var/lib/grafana pve-exporter: - image: docker.io/prompve/prometheus-pve-exporter:3.8.2 + image: docker.io/prompve/prometheus-pve-exporter:3.9.0 container_name: pve-exporter ports: - 9221:9221 @@ -59,7 +59,7 @@ services: - /dev/null:/etc/prometheus/pve.yml loki: - image: docker.io/grafana/loki:3.7.1 + image: docker.io/grafana/loki:3.7.2 container_name: loki ports: - 13100:3100 diff --git a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 index d239bb4..8db3526 100644 --- a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 @@ -22,7 +22,7 @@ services: keycloak: - image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.5.7 + image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.6.0 pull_policy: always restart: unless-stopped command: start --optimized diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 index af1b531..cadfa54 100644 --- a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 @@ -1,7 +1,7 @@ --- services: ntfy: - image: docker.io/binwiederhier/ntfy:v2.20.1 + image: docker.io/binwiederhier/ntfy:v2.23.0 container_name: ntfy command: - serve diff --git a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 index 77f1395..58dddb2 100644 --- a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 @@ -4,7 +4,7 @@ services: onlyoffice: - image: docker.io/onlyoffice/documentserver:9.3.1 + image: docker.io/onlyoffice/documentserver:9.4.0 restart: unless-stopped volumes: - "./onlyoffice/DocumentServer/logs:/var/log/onlyoffice" diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 0bbfcb8..5a489a5 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -15,7 +15,7 @@ services: - pretalx_net redis: - image: docker.io/library/redis:8.6.2 + image: docker.io/library/redis:8.6.3 restart: unless-stopped volumes: - redis:/data @@ -23,7 +23,7 @@ services: - pretalx_net static: - image: docker.io/library/nginx:1.29.7 + image: docker.io/library/nginx:1.31.1 restart: unless-stopped volumes: - public:/usr/share/nginx/html diff --git a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 index b8a4cf2..11593ce 100644 --- a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 @@ -13,7 +13,7 @@ services: restart: unless-stopped redis: - image: docker.io/library/redis:8.6.2 + image: docker.io/library/redis:8.6.3 ports: - "6379:6379" volumes: diff --git a/resources/external/status/docker_compose/compose.yaml.j2 b/resources/external/status/docker_compose/compose.yaml.j2 index 58abefa..638ebbe 100644 --- a/resources/external/status/docker_compose/compose.yaml.j2 +++ b/resources/external/status/docker_compose/compose.yaml.j2 @@ -4,7 +4,7 @@ services: database: - image: docker.io/library/postgres:18.3 + image: docker.io/library/postgres:18.4 restart: always volumes: - ./database:/var/lib/postgresql @@ -16,7 +16,7 @@ services: - gatus gatus: - image: ghcr.io/twin/gatus:v5.35.0 + image: ghcr.io/twin/gatus:v5.36.0 restart: always ports: - "8080:8080"