Compare commits

..

42 commits

Author SHA1 Message Date
f1975fb586 Switch label designer to dersimn/brother_ql_web 2023-11-02 22:07:32 +01:00
55a6785b09 Merge pull request 'chore(deps): update mysql docker tag to v8.2' (!247) from renovate/mysql-8.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#247
2023-10-31 05:28:14 +01:00
7b061f5fab chore(deps): update mysql docker tag to v8.2 2023-10-31 05:27:25 +01:00
67f338ea00 Merge pull request 'chore(deps): update renovate/renovate docker tag to v37.36.2' (!248) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#248
Reviewed-by: Alexander Dahl <alex@netz39.de>
2023-10-31 05:26:32 +01:00
656bff5b30 chore(deps): update renovate/renovate docker tag to v37.36.2 2023-10-31 01:18:16 +00:00
74255b59e8 Merge pull request 'feat: initial setup for host plumbum' (!237) from feat/host-plumbum into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#237
Reviewed-by: Alexander Dahl <alex@netz39.de>
2023-10-24 20:41:05 +02:00
00eafad2d0 feat: initial setup for host plumbum 2023-10-24 18:17:21 +02:00
0cb397e1e6 Merge pull request 'chore(deps): update ghcr.io/hay-kot/homebox docker tag to v0.10.1' (!238) from renovate/ghcr.io-hay-kot-homebox-0.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#238
2023-10-24 18:15:14 +02:00
0a8f86ef36 feat: add homebox tag to ansible jobs 2023-10-24 18:14:56 +02:00
1d9a5d8a3c chore(deps): update ghcr.io/hay-kot/homebox docker tag to v0.10.1 2023-10-24 18:14:56 +02:00
dd3098bd25 Merge pull request 'chore(deps): update renovate/renovate docker tag to v37.31.5' (!245) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#245
2023-10-24 18:05:20 +02:00
c24bec47ff chore(deps): update renovate/renovate docker tag to v37.31.5 2023-10-24 18:03:10 +02:00
607b810f75 Merge pull request 'chore(deps): update grafana/grafana docker tag to v10.2.0' (!246) from renovate/grafana-grafana-10.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#246
2023-10-24 18:01:56 +02:00
e218b9e697 chore(deps): update grafana/grafana docker tag to v10.2.0 2023-10-24 14:18:11 +00:00
9c559ab1cc Merge pull request 'chore(deps): update bitnami/rabbitmq docker tag to v3.12.7' (!244) from renovate/bitnami-rabbitmq-3.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#244
2023-10-19 21:17:50 +02:00
c147a3395d chore(deps): update bitnami/rabbitmq docker tag to v3.12.7 2023-10-18 02:18:09 +00:00
49e3b4a4aa Merge pull request '⬆️ Apply security releases for cleanuri components' (!243) from dependency/cleanuri-0.3.1 into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#243
Reviewed-by: Alexander Dahl <alex@netz39.de>
2023-10-17 13:37:03 +02:00
b70bf5222e ⬆️ Apply security releases for cleanuri components
Security releases are available due to a vulnerability in the json library:

* https://github.com/penguineer/cleanURI-apigateway/releases/tag/v0.3.1
* https://github.com/penguineer/cleanURI-canonizer/releases/tag/v0.3.1
2023-10-16 12:00:05 +02:00
09d6d47572 Merge pull request 'chore(deps): update joseluisq/static-web-server docker tag to v2.23' (!242) from renovate/joseluisq-static-web-server-2.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#242
Reviewed-by: Alexander Dahl <alex@netz39.de>
2023-10-16 10:56:28 +02:00
944ba34de1 chore(deps): update joseluisq/static-web-server docker tag to v2.23 2023-10-15 21:18:12 +00:00
ae3e5e618f Merge pull request 'chore(deps): update jacobalberty/unifi docker tag to v7.5.176' (!239) from renovate/jacobalberty-unifi-7.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#239
2023-10-14 22:54:57 +02:00
47211aa71c chore(deps): update jacobalberty/unifi docker tag to v7.5.176 2023-10-14 22:54:46 +02:00
e23ff670d1 Merge pull request 'chore(deps): update renovate/renovate docker tag to v37.19.2' (!241) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#241
2023-10-14 22:53:15 +02:00
ddecf46d71 chore(deps): update renovate/renovate docker tag to v37.19.2 2023-10-14 22:53:04 +02:00
3ba104bd76 Merge pull request 'chore(deps): update grafana/grafana docker tag to v10.1.5' (!240) from renovate/grafana-grafana-10.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#240
2023-10-14 22:47:43 +02:00
8d1b16db26 chore(deps): update grafana/grafana docker tag to v10.1.5 2023-10-12 12:18:09 +00:00
15312f9b2a Merge pull request 'chore(deps): update louislam/uptime-kuma docker tag to v1.23.3' (!236) from renovate/louislam-uptime-kuma-1.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#236
2023-10-09 18:08:00 +02:00
3986e66aab Merge pull request 'chore(deps): update renovate/renovate docker tag to v37.8.1' (!235) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#235
2023-10-09 17:55:07 +02:00
47151d8409 chore(deps): update louislam/uptime-kuma docker tag to v1.23.3 2023-10-09 13:18:10 +00:00
5d3f01ea2f chore(deps): update renovate/renovate docker tag to v37.8.1 2023-10-08 17:18:12 +00:00
2cee687fa4 Merge pull request 'chore(deps): update renovate/renovate docker tag to v37.6.2' (!234) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#234
2023-10-06 07:07:23 +02:00
818dd94d85 chore(deps): update renovate/renovate docker tag to v37.6.2 2023-10-06 00:18:06 +00:00
596d1892fb Merge pull request 'chore(deps): update redmine docker tag to v5.0.6' (!232) from renovate/redmine-5.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#232
2023-10-03 15:32:06 +02:00
8b9f04f927 chore(deps): update redmine docker tag to v5.0.6 2023-10-03 15:28:02 +02:00
2b25b22d64 Merge pull request 'chore(deps): update grafana/grafana docker tag to v10.1.4' (!230) from renovate/grafana-grafana-10.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#230
2023-10-03 15:27:05 +02:00
3a5e5cd63d chore(deps): update grafana/grafana docker tag to v10.1.4 2023-10-03 15:26:52 +02:00
2faf1be79c Merge pull request 'chore(deps): update bitnami/dokuwiki:20230404 docker digest to a130235' (!231) from renovate/bitnami-dokuwiki-20230404 into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#231
2023-10-03 15:24:40 +02:00
0f5b0a1220 chore(deps): update bitnami/dokuwiki:20230404 docker digest to a130235 2023-10-03 15:18:31 +02:00
ad75e8b9a7 Merge pull request 'chore(deps): update renovate/renovate docker tag to v37' (!228) from renovate/renovate-renovate-37.x into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#228
2023-10-03 15:18:03 +02:00
ace1b1814a chore(deps): update renovate/renovate docker tag to v37 2023-10-03 08:20:04 +00:00
8baa360306 Merge pull request 'chore(deps): update bitnami/dokuwiki:20230404 docker digest to 4e8d01b' (!226) from renovate/bitnami-dokuwiki-20230404 into master
Reviewed-on: Netz39_Admin/netz39-infra-ansible#226
2023-09-28 22:15:35 +02:00
32b54ee9ff chore(deps): update bitnami/dokuwiki:20230404 docker digest to 4e8d01b 2023-09-27 19:18:08 +00:00
13 changed files with 25 additions and 178 deletions

View file

@ -1,19 +0,0 @@
#!/bin/sh
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games'
echo 'start i2c-foo'
sudo modprobe i2c_dev
sudo modprobe i2c_bcm2708
# wait for network devices
sleep 30
cd /home/pi
echo 'start ampel controller'
tmux new-session -s ampel 'cd /home/pi/netz39_space_notification/raspberry/ledcontrol && ./ledcontrol'
echo 'start lever controller'
tmux new-window -t ampel:1 'cd /home/pi/netz39_space_notification/raspberry/statusswitch && ./statusswitch'
#echo 'start spaceapi controller'
#tmux new-window -t ampel:2 '/home/pi/netz39_space_notification/SpaceAPI && ./update-json.py --server=platon'

View file

@ -1,7 +0,0 @@
#!/bin/bash
logger -t unstuck "unstuck $(date)"
killall tmux
sleep 1
/home/pi/reboot.sh

View file

@ -544,6 +544,8 @@
mode: "0755"
- path: "{{ data_dir }}/homebox/data"
mode: "0755"
tags:
- homebox
- name: Ensure container for homebox is running
docker_container:
@ -562,6 +564,8 @@
HBOX_LOG_LEVEL: "info"
HBOX_LOG_FORMAT: "text"
HBOX_WEB_MAX_UPLOAD_SIZE: "10"
tags:
- homebox
- name: Setup proxy site {{ homebox_domain_name }}
include_role:
@ -570,6 +574,8 @@
site_name: "{{ homebox_domain_name }}"
proxy_port: "{{ homebox_host_port }}"
proxy_preserve_host: "On"
tags:
- homebox
- name: Setup proxy site spaceapi.n39.eu
template:

View file

@ -13,13 +13,13 @@
nodered_image: nodered/node-red:3.0.1-1-18
nodered_data: "{{ data_dir }}/nodered"
rabbitmq_image: bitnami/rabbitmq:3.12.6
rabbitmq_image: bitnami/rabbitmq:3.12.7
rabbitmq_data: "{{ data_dir }}/rabbitmq"
pwr_meter_pulse_gw_image: netz39/power-meter-pulse-gateway:0.3.0
brotherql_host_port: 9004
brotherql_web_image: pklaus/brother_ql_web:alpine_9e20b6d
brotherql_web_image: dersimn/brother_ql_web:2.1-alpine
roles:
# role 'docker_setup' applied through group 'docker_host'
@ -187,7 +187,7 @@
state: started
ports:
- "127.0.0.1:{{ brotherql_host_port }}:8013"
command: " ./brother_ql_web.py --model QL-720NW tcp://{{ brotherql_printer_ip }}"
command: "--default-label-size 62 --model QL-720NW tcp://{{ brotherql_printer_ip }}"
detach: yes
env:
TZ: "{{ timezone }}"

View file

@ -14,7 +14,7 @@
dokuwiki_port: 9005
# This container is pinned, because there are issues
# with backwards compatibility within the same tag!
dokuwiki_image: bitnami/dokuwiki:20230404@sha256:9350261bc0f5d5fdece01623b6e025242f3cf51415e67f20dbd6b3f5159431d2
dokuwiki_image: bitnami/dokuwiki:20230404@sha256:a13023559160cf6bd1f2b77b753b5335643d65c0347cad4898076efa9de78d14
discord_invite_domain: discord.netz39.de

View file

@ -13,7 +13,7 @@
- name: Setup the docker container for unifi-controller
docker_container:
name: unifi-controller
image: jacobalberty/unifi:v7.5.174
image: jacobalberty/unifi:v7.5.176
state: started
restart_policy: unless-stopped
container_default_behavior: no_defaults

View file

@ -1,130 +0,0 @@
---
- hosts: wittgenstein2.n39.eu
become: true
roles:
- role: docker_setup
vars:
docker_data_root: "/srv/docker"
- role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: ansible-role-dehydrated
vars:
dehydrated_contact_email: "{{ server_admin }}"
- role: penguineer.dehydrated_cron
tasks:
- name: Install packages needed for the system
# This is a list of all packages,
# unless they are installed by a specific role
ansible.builtin.apt:
state: present
name:
# This is needed for the user-executed tasks
- acl
# Regular packages
- tmux
- git-core
- cmake
- build-essential
- libmosquitto-dev
- libconfig-dev
- mosquitto-clients
- i2c-tools
# - name: Set MAC address for proper DHCP recognition
# # Uses mac variable from inventory
# ansible.builtin.template:
# src: templates/network-interfaces-dhcp-mac.j2
# dest: /etc/network/interfaces.d/wittgenstein-mac
# owner: root
# group: root
# mode: '0644'
- name: Disable IPv6
# Because it is not working....
ansible.builtin.copy:
src: files/sysctl-no-ipv6.conf
dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
owner: root
group: root
mode: '0644'
### Gatekeeper user (pi for now)
#
# All the gatekeeping / door control stuff is here!
- name: Ensure gatekeeper user is there
ansible.builtin.user:
name: "{{ gatekeeper_user }}"
groups: dialout,audio,plugdev,input,netdev,i2c,gpio
append: yes
- name: Copy management scripts
ansible.builtin.copy:
src: "files/wittgenstein/{{ item }}"
dest: "/home/{{ gatekeeper_user }}/{{ item }}"
owner: "{{ gatekeeper_user }}"
group: "{{ gatekeeper_user }}"
mode: "0755"
loop:
- reboot.sh
- unstuck.sh
- name: Install start-up cron
ansible.builtin.cron:
name: Start the gatekeeper services
job: "/home/{{ gatekeeper_user }}/reboot.sh"
user: "{{ gatekeeper_user }}"
special_time: reboot
- name: Download wiringPi library
# WiringPi needs to be installed, but that library seems to be
# obsolete. We download something and hope it works...
ansible.builtin.get_url:
url: https://project-downloads.drogon.net/wiringpi-latest.deb
dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
mode: "0644"
force: no
register: wiringPi_download
- name: Install wiringPi library # noqa 503
ansible.builtin.apt:
state: present
deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
when: wiringPi_download.changed
### Ampelsteuerung
- name: Clone netz39_space_notification initial checkout
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.git:
repo: https://github.com/netz39/space_notification.git
dest: "/home/{{ gatekeeper_user }}/netz39_space_notification"
clone: yes
update: no
- name: Compile ledcontrol agent
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.shell:
chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol"
cmd: make
creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol/ledcontrol"
- name: Compile statusswitch agent
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.shell:
chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch"
cmd: make
creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch/statusswitch"
handlers:

View file

@ -0,0 +1,2 @@
---
mac: "32:A3:94:A0:23:77"

View file

@ -28,8 +28,8 @@ hedgedoc_postgres_password: "{{ vault_hedgedoc_postgres_password }}"
redmine_host_port: 8087
redmine_domain_name: redmine.n39.eu
redmine_image: redmine:5.0.5
redmine_mysql_image: mysql:8.1
redmine_image: redmine:5.0.6
redmine_mysql_image: mysql:8.2
redmine_database: redmine
redmine_database_password: "{{ vault_redmine_database_password }}"
@ -42,24 +42,24 @@ influxdb_init_password: "{{ vault_influxdb_init_password }}"
jabber_host_port: 8086
prosody_domain_name: jabber.n39.eu
prosody_image: netz39/prosody:0.11
prosody_web_image: joseluisq/static-web-server:2.22
prosody_web_image: joseluisq/static-web-server:2.23
prosody_config_dir: "/etc/prosody"
prosody_data_dir: "{{ data_dir }}/prosody"
uptimekuma_host_port: 8085
uptimekuma_domain_name: uptime.n39.eu
uptimekuma_image: louislam/uptime-kuma:1.23.2
uptimekuma_image: louislam/uptime-kuma:1.23.3
grafana_host_port: 8089
grafana_domain_name: grafana.n39.eu
grafana_image: grafana/grafana:10.1.2
grafana_image: grafana/grafana:10.2.0
grafana_admin_password: "{{ vault_grafana_admin_password }}"
homebox_host_port: 8092
homebox_domain_name: inventory.n39.eu
homebox_image: ghcr.io/hay-kot/homebox:v0.9.2
homebox_image: ghcr.io/hay-kot/homebox:v0.10.1
renovate_image: renovate/renovate:36.103.0
renovate_image: renovate/renovate:37.36.2
renovate_forgejo_pat: "{{ vault_renovate_forgejo_pat }}"
renovate_github_pat: "{{ vault_renovate_github_pat }}"
renovate_git_user: "Renovate Bot <accounts+renovatebot@netz39.de>"

View file

@ -1,4 +0,0 @@
server_admin: "admin+wittgenstein@netz39.de"
ansible_python_interpreter: /usr/bin/python3
gatekeeper_user: pi
data_dir: "/srv/data"

View file

@ -8,10 +8,10 @@ all:
krypton.n39.eu:
oganesson.n39.eu:
platon.n39.eu:
plumbum.n39.eu:
pottwal.n39.eu:
radon.n39.eu:
unicorn.n39.eu:
wittgenstein2.n39.eu:
k3s-c1.n39.eu:
k3s-c2.n39.eu:
k3s-c3.n39.eu:
@ -32,6 +32,7 @@ all:
holmium.n39.eu:
krypton.n39.eu:
oganesson.n39.eu:
plumbum.n39.eu:
pottwal.n39.eu:
radon.n39.eu:
unicorn.n39.eu:
@ -49,6 +50,7 @@ all:
krypton.n39.eu:
oganesson.n39.eu:
platon.n39.eu:
plumbum.n39.eu:
pottwal.n39.eu:
radon.n39.eu:
wittgenstein.n39.eu:

View file

@ -39,6 +39,3 @@
- name: Hobbes specific setup
import_playbook: host-hobbes.yml
- name: Wittgenstein specific setup
import_playbook: host-wittgenstein.yml

View file

@ -20,6 +20,6 @@ cleanuri_amqp_retrieval: "extractor"
# Docker images
cleanuri_image_webui: mrtux/cleanuri-webui:0.2.0
cleanuri_image_apigateway: mrtux/cleanuri-apigateway:0.3.0
cleanuri_image_canonizer: mrtux/cleanuri-canonizer:0.3.0
cleanuri_image_apigateway: mrtux/cleanuri-apigateway:0.3.1
cleanuri_image_canonizer: mrtux/cleanuri-canonizer:0.3.1
cleanuri_image_extractor: mrtux/cleanuri-extractor:0.3.0