Infrastructure issueshttps://git.shivering-isles.com/shivering-isles/infrastructure/-/issues2022-09-14T17:55:31Zhttps://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/10Dependency Dashboard2022-09-14T17:55:31ZBotaniker (Bot)Dependency DashboardThis issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
## Rate-Limited
These updates are currently rate-limited. Click on a...This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
## Rate-Limited
These updates are currently rate-limited. Click on a checkbox below to force their creation now.
- [ ] <!-- unlimit-branch=renovate/mailserver-mtasts-1.x -->automation: Update mailserver-mtasts Docker tag to v1.1.4
- [ ] <!-- unlimit-branch=renovate/hedgedoc-postgres-13.x -->automation: Update hedgedoc-postgres Docker tag to v13.8
- [ ] <!-- unlimit-branch=renovate/keycloak-postgres-13.x -->automation: Update keycloak-postgres Docker tag to v13.8
- [ ] <!-- unlimit-branch=renovate/mailserver-mariadb-10.x -->automation: Update mailserver-mariadb Docker tag to v10.9.2
- [ ] <!-- unlimit-branch=renovate/mastodon-database-13.x -->automation: Update mastodon-database Docker tag to v13.8
- [ ] <!-- unlimit-branch=renovate/hedgedoc-postgres-14.x -->automation: Update hedgedoc-postgres Docker tag to v14
- [ ] <!-- unlimit-branch=renovate/keycloak-postgres-14.x -->automation: Update keycloak-postgres Docker tag to v14
- [ ] <!-- unlimit-branch=renovate/mastodon-database-14.x -->automation: Update mastodon-database Docker tag to v14
- [ ] <!-- unlimit-branch=renovate/matrix-database-14.x -->automation: Update matrix-database Docker tag to v14
- [ ] <!-- unlimit-branch=renovate/monitoring-grafana-9.x -->automation: Update monitoring-grafana Docker tag to v9
- [ ] <!-- unlimit-branch=renovate/monitoring-influxdb-2.x -->automation: Update monitoring-influxdb Docker tag to v2
- [ ] <!-- unlimit-branch=renovate/nextcloud-24.x -->automation: Update nextcloud Docker tag to v24
- [ ] <!-- unlimit-branch=renovate/nextcloud-redis-7.x -->automation: Update nextcloud-redis Docker tag to v7
- [ ] <!-- create-all-rate-limited-prs -->🔐 **Create all rate-limited MRs at once** 🔐
## Open
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
- [ ] <!-- rebase-branch=renovate/mailserver-nginx-1.x -->[automation: Update mailserver-nginx Docker tag to v1.23.1](!412)
- [ ] <!-- rebase-branch=renovate/monitoring-grafana-8.x -->[automation: Update monitoring-grafana Docker tag to v8.5.11](!411)
- [ ] <!-- rebase-branch=renovate/nextcloud-memcache-1.x -->[automation: Update nextcloud-memcache Docker tag to v1.6.17](!414)
- [ ] <!-- rebase-branch=renovate/traefik-2.x -->[automation: Update traefik Docker tag to v2.8.5](!410)
- [ ] <!-- rebase-branch=renovate/gitlab-telegraf-1.x -->[automation: Update gitlab-telegraf Docker tag to v1.24](!415)
- [ ] <!-- rebase-branch=renovate/matrix-synapse-1.x -->[automation: Update matrix-synapse Docker tag to v1.67.0](!408)
- [ ] <!-- rebase-branch=renovate/telegraf-1.x -->[automation: Update telegraf Docker tag to v1.24](!416)
- [ ] <!-- rebase-branch=renovate/docker.io-library-fedora-37.x -->[automation: Update docker.io/library/fedora Docker tag to v37](!417)
- [ ] <!-- rebase-branch=renovate/gitlab-15.x -->[automation: Update gitlab Docker tag to v15](!390)
- [ ] <!-- rebase-branch=renovate/keycloak-19.x -->[automation: Update keycloak Docker tag to v19](!413)
- [ ] <!-- rebase-all-open-prs -->**Click on this checkbox to rebase all open MRs at once**
## Detected dependencies
<details><summary>ansible-galaxy</summary>
<blockquote>
<details><summary>requirements.yml</summary>
- `dev-sec.ssh-hardening 9.7.0`
</details>
</blockquote>
</details>
<details><summary>gitlabci</summary>
<blockquote>
<details><summary>.gitlab-ci.yml</summary>
- `docker.io/library/fedora 32`
</details>
</blockquote>
</details>
<details><summary>regex</summary>
<blockquote>
<details><summary>roles/backup_lvm/defaults/main.yml</summary>
- `backup-duplicity 0.8`
</details>
<details><summary>roles/camo/defaults/main.yml</summary>
- `camo 2.4.0`
</details>
<details><summary>roles/dns_over_https/defaults/main.yml</summary>
- `doh 2.3.1`
- `doh-unbound 1.13.1`
</details>
<details><summary>roles/gitlab/defaults/main.yml</summary>
- `gitlab 14.10.5-ce.0`
- `gitlab-telegraf 1.22`
</details>
<details><summary>roles/hedgedoc/defaults/main.yml</summary>
- `hedgedoc 1.9.4`
- `hedgedoc-postgres 13.7`
</details>
<details><summary>roles/keycloak/defaults/main.yml</summary>
- `keycloak 16.1.1`
- `keycloak-postgres 13.7`
</details>
<details><summary>roles/libravatar/defaults/main.yml</summary>
</details>
<details><summary>roles/mailserver/defaults/main.yml</summary>
- `mailserver-sogo 4.3`
- `mailserver-mtasts v1.1.3`
- `mailserver-nginx 1.23.0`
- `mailserver-mariadb 10.8.3`
- `mailserver-memcache 1.6`
</details>
<details><summary>roles/mastodon/defaults/main.yml</summary>
- `mastodon 3.5.3`
- `mastodon-database 13.7`
- `mastodon-redis 7.0`
</details>
<details><summary>roles/matrix/defaults/main.yml</summary>
- `matrix-synapse 1.60.0`
- `matrix-database 11.16`
</details>
<details><summary>roles/minio/defaults/main.yml</summary>
</details>
<details><summary>roles/monitoring/defaults/main.yml</summary>
- `monitoring-grafana 8.5.6`
- `monitoring-influxdb 1.8.10`
</details>
<details><summary>roles/nextcloud/defaults/main.yml</summary>
- `nextcloud 23.0`
- `nextcloud-memcache 1.6.15`
- `nextcloud-redis 6.2.7`
</details>
<details><summary>roles/telegraf/defaults/main.yml</summary>
- `telegraf 1.22`
- `telegraf-dockersocketproxy 2.3`
</details>
<details><summary>roles/thelounge/defaults/main.yml</summary>
</details>
<details><summary>roles/traefik/defaults/main.yml</summary>
- `traefik v2.8.0`
- `traefik-dockersocketproxy 2.3`
- `traefik-tor 0.4`
- `traefik-acmedumper 2.8.1`
</details>
</blockquote>
</details>https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/9Migrate to new dev-sec collection2021-02-10T13:07:30ZSheogorathMigrate to new dev-sec collectionOriginally this was implemented by !103 but it turns out that the rest of the repository is not prepared for it. Since the new collection requires Ansible 2.10 which contains various major changes. Therefore, until this repository is pre...Originally this was implemented by !103 but it turns out that the rest of the repository is not prepared for it. Since the new collection requires Ansible 2.10 which contains various major changes. Therefore, until this repository is prepared for Ansible 2.10, this migration can not take place.SheogorathSheogorathhttps://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/8Mastodon 3.3.0 breaks SSO (and more?)2021-03-28T22:15:25ZSheogorathMastodon 3.3.0 breaks SSO (and more?)After upgrading to 3.3.0 things escalated a bit. First SSO login broke. That resulted in a roll-back. But not very successful, because it broke notifications for the old version.
moving to the newer version again, with a now valid sessi...After upgrading to 3.3.0 things escalated a bit. First SSO login broke. That resulted in a roll-back. But not very successful, because it broke notifications for the old version.
moving to the newer version again, with a now valid session got me around the SSO problem but notifications still didn't work. Now old notifications were showing up, but new notifications no longer arrived.
With a restore of a backup from today, it was possible to get the instance up and running. Using version 3.2.2.
Further investigation is needed.https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/7Action Required: Fix Renovate Configuration2020-10-06T22:31:41ZBotaniker (Bot)Action Required: Fix Renovate ConfigurationThere is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop MRs until it is resolved.
File: `.renovaterc.json`
Error type: Invalid JSON (parsing failed)
Message: `Syntax er...There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop MRs until it is resolved.
File: `.renovaterc.json`
Error type: Invalid JSON (parsing failed)
Message: `Syntax error: expecting String near }
],
}
`https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/6Action Required: Fix Renovate Configuration2020-10-04T12:36:25ZBotaniker (Bot)Action Required: Fix Renovate ConfigurationThere is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop MRs until it is resolved.
File: `.renovaterc.json`
Error type: The renovate configuration file contains some inv...There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop MRs until it is resolved.
File: `.renovaterc.json`
Error type: The renovate configuration file contains some invalid settings
Message: `Invalid regExp for regexManagers: `# renovate: depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\n\S+(?!image)_version: (?<currentValue>.*?)\s``https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/5Playbook fails on template execution if proxy_hiddenservice is undefined2020-03-09T08:23:05ZAlexander WellbrockPlaybook fails on template execution if proxy_hiddenservice is undefinedI noticed on an initial run of the nextcloud role that if `proxy_hiddenservice` is undefined and the template was not yet evaluated, that somehow the if-branch is taken and the playbook tries to read `proxy_hiddenservice['content']` whic...I noticed on an initial run of the nextcloud role that if `proxy_hiddenservice` is undefined and the template was not yet evaluated, that somehow the if-branch is taken and the playbook tries to read `proxy_hiddenservice['content']` which fails, since the map is undefined.https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/4Add machine message mail gateway2019-10-13T18:52:07ZSheogorathAdd machine message mail gatewayWith OpenPGP-milter and postfix it's a good opportunity to add a separate mail gateway, that is used for machine messages only.
This would allow to split outgoing person mails from machine mails :) And apply different restrictions on t...With OpenPGP-milter and postfix it's a good opportunity to add a separate mail gateway, that is used for machine messages only.
This would allow to split outgoing person mails from machine mails :) And apply different restrictions on them.https://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/3Fix Ansible warning in Mastodon role2019-10-13T18:53:13ZSheogorathFix Ansible warning in Mastodon roleDuring the last deployment this warning appeared:
```
[WARNING]: The value of the "source" option was determined to be "pull".
Please set the "source" option explicitly. Autodetection will be removed in
Ansible 2.12.
```During the last deployment this warning appeared:
```
[WARNING]: The value of the "source" option was determined to be "pull".
Please set the "source" option explicitly. Autodetection will be removed in
Ansible 2.12.
```SheogorathSheogorathhttps://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/2Extend gitlab-runner2019-05-08T22:23:02ZSheogorathExtend gitlab-runnerThe gitlab-runner role should provide multiple runner setups that allow things like [gitlab-hetzner-runner](https://git.shivering-isles.com/shivering-isles/gitlab-hetzner-runner) as well as [gitlab-ansible-runner](https://git.shivering-i...The gitlab-runner role should provide multiple runner setups that allow things like [gitlab-hetzner-runner](https://git.shivering-isles.com/shivering-isles/gitlab-hetzner-runner) as well as [gitlab-ansible-runner](https://git.shivering-isles.com/shivering-isles/gitlab-ansible-runner) to be integrated and deployed in a single deployment step.
Note: `gitlab-ansible-runner` will maybe run the deployment itself, so we have to be careful about updates.SheogorathSheogorathhttps://git.shivering-isles.com/shivering-isles/infrastructure/-/issues/1Update project README2019-05-08T20:55:46ZSheogorathUpdate project READMEThe project README is very outdated and should be reworked soon.The project README is very outdated and should be reworked soon.SheogorathSheogorath