Merge branch 'master' into master

2025-02-21 17:45:58 +01:00 · 2025-02-21 17:45:58 +01:00 · ddd033c14a
commit ddd033c14a
parent 66f2dfd484 2fe2420a10
15 changed files with 40 additions and 39 deletions
--- a/.yamllint
+++ b/.yamllint
@ -2,6 +2,7 @@
 extends: default

 rules:
+  comments-indentation: disable
  line-length: disable
  truthy:
    allowed-values:
--- a/host-beaker.yml
+++ b/host-beaker.yml
@ -22,6 +22,6 @@
      ansible.builtin.lineinfile:
        path: /etc/pve/user.cfg
        regexp: "^group:Admins:"
-        line: "group:Admins:{{ users | map(attribute = 'logname') | join(\"@pam,\") }}@pam::"
+        line: "group:Admins:{{ users | map(attribute='logname') | join(\"@pam,\") }}@pam::"

  handlers:
--- a/host-krypton.yml
+++ b/host-krypton.yml
@ -98,9 +98,9 @@
        rule: allow
        port: '389'
        proto: tcp
-        from: "{{  item  }}"
+        from: "{{ item }}"
        comment: LDAP Docker Access
-      loop: "{{  docker_ip_ranges  }}"
+      loop: "{{ docker_ip_ranges }}"

    - name: Allow access to openLDAP from local docker container [2/2]
      become: true
@ -108,9 +108,9 @@
        rule: allow
        port: '636'
        proto: tcp
-        from: "{{  item  }}"
+        from: "{{ item }}"
        comment: LDAP Docker Access
-      loop: "{{  docker_ip_ranges  }}"
+      loop: "{{ docker_ip_ranges }}"


    - name: Ensure container for entities validation service is running
--- a/host-platon.yml
+++ b/host-platon.yml
@ -141,7 +141,7 @@
        mode: "0644"
      register: wiringPi_copy

-    - name: Install wiringPi library  # noqa 503
+    - name: Install wiringPi library  # noqa: no-handler
      ansible.builtin.apt:
        state: present
        deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
--- a/host-radon.yml
+++ b/host-radon.yml
@ -13,7 +13,7 @@
    nodered_image: nodered/node-red:3.0.1-1-18
    nodered_data: "{{ data_dir }}/nodered"

-    rabbitmq_image: bitnami/rabbitmq:4.0.5
+    rabbitmq_image: bitnami/rabbitmq:4.0.6
    rabbitmq_data: "{{ data_dir }}/rabbitmq"

    pwr_meter_pulse_gw_image: netz39/power-meter-pulse-gateway:0.3.0
--- a/host-unicorn.yml
+++ b/host-unicorn.yml
@ -13,7 +13,7 @@
    - name: Setup the docker container for unifi-controller
      docker_container:
        name: unifi-controller
-        image: jacobalberty/unifi:v9.0.108
+        image: jacobalberty/unifi:v9.0.114
        state: started
        restart_policy: unless-stopped
        container_default_behavior: no_defaults
@ -22,13 +22,13 @@
        # These fixed ports are needed.
        # https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
        ports:
-          - "8080:8080/tcp"   # Device command/control
-          - "8443:8443/tcp"   # Web interface + API
-          - "8843:8843/tcp"   # HTTPS portal
-          - "8880:8880/tcp"   # HTTP portal
-          - "3478:3478/udp"   # STUN service
-          - "6789:6789/tcp"   # Speed Test (unifi5 only)
-          - "10001:10001/udp" # Used for device discovery.
+          - "8080:8080/tcp"     # Device command/control
+          - "8443:8443/tcp"     # Web interface + API
+          - "8843:8843/tcp"     # HTTPS portal
+          - "8880:8880/tcp"     # HTTP portal
+          - "3478:3478/udp"     # STUN service
+          - "6789:6789/tcp"     # Speed Test (unifi5 only)
+          - "10001:10001/udp"   # Used for device discovery.
        volumes:
          - "{{ data_dir }}/unifi-controller/data:/unifi/data"
          - "{{ data_dir }}/unifi-controller/log:/unifi/log"
--- a/host-wittgenstein.yml
+++ b/host-wittgenstein.yml
@ -94,7 +94,7 @@
        force: no
      register: wiringPi_download

-    - name: Install wiringPi library  # noqa 503
+    - name: Install wiringPi library  # noqa: no-handler
      ansible.builtin.apt:
        state: present
        deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
@ -140,13 +140,13 @@
        detach: yes
        restart_policy: unless-stopped
        ports:
-          - "0.0.0.0:{{ spaceapi_host_port }}:8080" # Must be reached by pottwal
+          - "0.0.0.0:{{ spaceapi_host_port }}:8080"   # Must be reached by pottwal
 #          - "127.0.0.1:{{ spaceapi_host_port }}:8080"
        env:
          TZ: "{{ timezone }}"
          MQTT_BROKER: "platon.n39.eu"
          MQTT_TOPIC_STATUS: "{{ spaceapi_topic_status }}"
-          MQTT_TOPIC_LASTCHANGE:  "{{ spaceapi_topic_lastchange }}"
+          MQTT_TOPIC_LASTCHANGE: "{{ spaceapi_topic_lastchange }}"
      tags:
        - spaceapi

--- a/host_vars/pottwal.n39.eu/vars.yml
+++ b/host_vars/pottwal.n39.eu/vars.yml
@ -12,23 +12,23 @@ cleanuri_amqp_vhost: "/cleanuri"
 forgejo_host_port: 9091
 forgejo_ssh_port: 2222
 forgejo_domain_name: git.n39.eu
-forgejo_image: codeberg.org/forgejo/forgejo:10.0.0
+forgejo_image: codeberg.org/forgejo/forgejo:10.0.1

 shlink_host_port: 8083
 shlink_domain_name: sl.n39.eu
-shlink_image: shlinkio/shlink:4.4.0
+shlink_image: shlinkio/shlink:4.4.4
 shlink_initial_api_key: "{{ vault_shlink_initial_api_key }}"
 shlink_postgres_password: "{{ vault_shlink_postgres_password }}"

 hedgedoc_host_port: 8084
 hedgedoc_domain_name: pad.n39.eu
-hedgedoc_image: quay.io/hedgedoc/hedgedoc:1.10.0
+hedgedoc_image: quay.io/hedgedoc/hedgedoc:1.10.2
 hedgedoc_db_image: postgres:16.4-alpine
 hedgedoc_postgres_password: "{{ vault_hedgedoc_postgres_password }}"

 redmine_host_port: 8087
 redmine_domain_name: redmine.n39.eu
-redmine_image: redmine:6.0.2
+redmine_image: redmine:6.0.3
 redmine_mysql_image: mysql:8.4
 redmine_database: redmine
 redmine_database_password: "{{ vault_redmine_database_password }}"
@ -42,7 +42,7 @@ influxdb_init_password: "{{ vault_influxdb_init_password }}"
 jabber_host_port: 8086
 prosody_domain_name: jabber.n39.eu
 prosody_image: netz39/prosody:0.11
-prosody_web_image: joseluisq/static-web-server:2.35
+prosody_web_image: joseluisq/static-web-server:2.36
 prosody_config_dir: "/etc/prosody"
 prosody_data_dir: "{{ data_dir }}/prosody"

@ -52,14 +52,14 @@ uptimekuma_image: louislam/uptime-kuma:1.23.16

 grafana_host_port: 8089
 grafana_domain_name: grafana.n39.eu
-grafana_image: grafana/grafana:11.4.0
+grafana_image: grafana/grafana:11.5.2
 grafana_admin_password: "{{ vault_grafana_admin_password }}"

 homebox_host_port: 8092
 homebox_domain_name: inventory.n39.eu
 homebox_image: ghcr.io/hay-kot/homebox:v0.10.3

-renovate_image: renovate/renovate:39.84.0
+renovate_image: renovate/renovate:39.161.0
 renovate_forgejo_pat: "{{ vault_renovate_forgejo_pat }}"
 renovate_github_pat: "{{ vault_renovate_github_pat }}"
 renovate_git_user: "Renovate Bot <accounts+renovatebot@netz39.de>"
--- a/host_vars/radon.n39.eu/vars.yml
+++ b/host_vars/radon.n39.eu/vars.yml
@ -11,4 +11,3 @@ kiosk_grafana_user: "{{ vault_kiosk_grafana_user }}"
 kiosk_grafana_pass: "{{ vault_kiosk_grafana_pass }}"
 kiosk_mqtt_host: "mqtt.n39.eu"
 kiosk_mqtt_topic: "Netz39/Things/HackingDashboard/Screenshot"
-
--- a/host_vars/wittgenstein.n39.eu/vars.yml
+++ b/host_vars/wittgenstein.n39.eu/vars.yml
@ -1,3 +1,4 @@
+---
 server_admin: "admin+wittgenstein@netz39.de"
 mac: "b8:27:eb:48:f1:59"
 ansible_python_interpreter: /usr/bin/python3
--- a/roles/cleanuri/tasks/main.yml
+++ b/roles/cleanuri/tasks/main.yml
@ -35,7 +35,7 @@
    env:
      TZ: "{{ timezone }}"
      AMQP_HOST: "{{ cleanuri_amqp_host }}"
-      AMQP_USER: "{{ cleanuri_amqp_user  }}"
+      AMQP_USER: "{{ cleanuri_amqp_user }}"
      AMQP_PASS: "{{ cleanuri_amqp_pass }}"
      AMQP_VHOST: "{{ cleanuri_amqp_vhost }}"
      GATEWAY_RESULT_QUEUE: "{{ cleanuri_amqp_results }}"
@ -52,7 +52,7 @@
    env:
      TZ: "{{ timezone }}"
      AMQP_HOST: "{{ cleanuri_amqp_host }}"
-      AMQP_USER: "{{ cleanuri_amqp_user  }}"
+      AMQP_USER: "{{ cleanuri_amqp_user }}"
      AMQP_PASS: "{{ cleanuri_amqp_pass }}"
      AMQP_VHOST: "{{ cleanuri_amqp_vhost }}"
      CANONIZER_TASK_QUEUE: "{{ cleanuri_amqp_canonizer }}"
@ -69,7 +69,7 @@
    env:
      TZ: "{{ timezone }}"
      AMQP_HOST: "{{ cleanuri_amqp_host }}"
-      AMQP_USER: "{{ cleanuri_amqp_user  }}"
+      AMQP_USER: "{{ cleanuri_amqp_user }}"
      AMQP_PASS: "{{ cleanuri_amqp_pass }}"
      AMQP_VHOST: "{{ cleanuri_amqp_vhost }}"
      EXTRACTION_TASK_QUEUE: "{{ cleanuri_amqp_retrieval }}"
--- a/roles/docker_setup/tasks/main.yml
+++ b/roles/docker_setup/tasks/main.yml
@ -34,7 +34,7 @@
    dest: /etc/apt/sources.list.d/docker.list
  register: apt_repo

- name: Update package cache  # noqa 503
+- name: Update package cache  # noqa: no-handler
  ansible.builtin.apt:
    update_cache: true
  when: apt_repo.changed
--- a/roles/nfs-host/tasks/main.yml
+++ b/roles/nfs-host/tasks/main.yml
@ -3,9 +3,9 @@
  ansible.builtin.apt:
    state: present
    name:
-    - nfs-kernel-server
-    - nfs-common
-    - parted
+      - nfs-kernel-server
+      - nfs-common
+      - parted

 - name: Create a new ext4 primary partition
  community.general.parted:
--- a/roles/nginx_https_ingress/tasks/main.yml
+++ b/roles/nginx_https_ingress/tasks/main.yml
@ -8,9 +8,9 @@
  ansible.builtin.apt:
    state: present
    name:
-    - apt-transport-https
-    - ca-certificates
-    - gnupg2
+      - apt-transport-https
+      - ca-certificates
+      - gnupg2

 ### Setup APT cache for the nginx repository
 #
@ -33,7 +33,7 @@
    src: files/apt-preference-99nginx
    dest: /etc/apt/preferences.d/99nginx

- name: Update package cache # noqa 503
+- name: Update package cache  # noqa: no-handler
  ansible.builtin.apt:
    update_cache: true
  when: apt_repo.changed
@ -45,7 +45,7 @@
    state: present
    name:
    # This version of nginx comes with the ngx_stream_core_module module
-    - nginx
+      - nginx


 ### Configuration