From 3159bee812cff34796b050bfdb619c0ae0751d59 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Sun, 4 Jun 2023 01:00:17 +0200 Subject: [PATCH] Update to 2023-06-04 01:00 --- roles/babashka/defaults/main.yml | 4 ++-- roles/bookstack/defaults/main.yml | 4 ++-- roles/clamav/tasks/main.yml | 3 +-- roles/cni_plugins/defaults/main.yml | 4 ++-- roles/consul/defaults/main.yml | 4 ++-- roles/consul_template/defaults/main.yml | 4 ++-- roles/diagrams/defaults/main.yml | 4 ++-- roles/documize/defaults/main.yml | 4 ++-- roles/elasticsearch/defaults/main.yml | 4 ++-- roles/elasticsearch/templates/elasticsearch.yml.j2 | 3 +++ roles/matrix_element/defaults/main.yml | 4 ++-- roles/matrix_synapse/defaults/main.yml | 2 +- roles/maven/defaults/main.yml | 6 +++--- roles/miniflux/defaults/main.yml | 4 ++-- roles/miniflux/tasks/archive_pre.yml | 4 ++++ roles/nomad/defaults/main.yml | 8 ++++---- roles/paperless_ng/defaults/main.yml | 4 ++-- roles/sftpgo/defaults/main.yml | 4 ++-- roles/squid/files/acl/software_dbd.domains | 1 + roles/squid/files/acl/software_various.domains | 1 + roles/vaultwarden/defaults/main.yml | 4 ++-- 21 files changed, 44 insertions(+), 36 deletions(-) diff --git a/roles/babashka/defaults/main.yml b/roles/babashka/defaults/main.yml index 8a17702..7e0bb52 100644 --- a/roles/babashka/defaults/main.yml +++ b/roles/babashka/defaults/main.yml @@ -1,8 +1,8 @@ --- # Babashka version to deploy -bb_version: 1.3.179 +bb_version: 1.3.180 # URL of the archive bb_archive_url: https://github.com/babashka/babashka/releases/download/v{{ bb_version }}/babashka-{{ bb_version }}-linux-amd64-static.tar.gz # Expected sha256sum of the archive -bb_archive_sha256: d7d39e1a1ecd7e764c8fd542329c00bfd2924344cae3dc66ef2ea7276a644900 +bb_archive_sha256: 828eb9a3efd315fc2a392d1ea582b316d673fba3bbdb92d0421a35c7159c4b31 diff --git a/roles/bookstack/defaults/main.yml b/roles/bookstack/defaults/main.yml index 36f0322..7d04a8e 100644 --- a/roles/bookstack/defaults/main.yml +++ b/roles/bookstack/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version to deploy -bookstack_version: '23.05.1' +bookstack_version: '23.05.2' # URL of the arhive bookstack_archive_url: https://github.com/BookStackApp/BookStack/archive/v{{ bookstack_version }}.tar.gz # Expected sha256 of the archive -bookstack_archive_sha256: f78cf3035ee65d840ad4c11e58c09abe66c6af61a649d06f3efdcce38f5c5c42 +bookstack_archive_sha256: 8baa11ec1e6fa4c4c8b9c5e8334197bb31382e315985828e0e7a449898460b04 # Should ansible handle bookstack upgrades or just the inintial install bookstack_manage_upgrade: True diff --git a/roles/clamav/tasks/main.yml b/roles/clamav/tasks/main.yml index 598587d..8c64cb0 100644 --- a/roles/clamav/tasks/main.yml +++ b/roles/clamav/tasks/main.yml @@ -10,10 +10,9 @@ - name: Create clamav user account user: - name: clamav + name: "{{ clam_user }}" system: True shell: /sbin/nologin - comment: "ClamAV antivirus user account" - name: Set SELinux seboolean: name={{ item }} state=True persistent=True diff --git a/roles/cni_plugins/defaults/main.yml b/roles/cni_plugins/defaults/main.yml index 6977fe9..3995219 100644 --- a/roles/cni_plugins/defaults/main.yml +++ b/roles/cni_plugins/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version of the CNI plugins to install -cni_version: 1.2.0 +cni_version: 1.3.0 # Archive where the pre compiled bin archive will be downloaded cni_archive_url: https://github.com/containernetworking/plugins/releases/download/v{{ cni_version }}/cni-plugins-linux-amd64-v{{ cni_version }}.tgz # Expected checksum of the archive -cni_archive_sha256: f3a841324845ca6bf0d4091b4fc7f97e18a623172158b72fc3fdcdb9d42d2d37 +cni_archive_sha256: 754a71ed60a4bd08726c3af705a7d55ee3df03122b12e389fdba4bea35d7dd7e # Where the plugins will be installed (binaries will be extracted in a /bin sub-directory) cni_root_dir: /opt/cni diff --git a/roles/consul/defaults/main.yml b/roles/consul/defaults/main.yml index d9d5cfd..2c120ed 100644 --- a/roles/consul/defaults/main.yml +++ b/roles/consul/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version of consul to deploy -consul_version: 1.15.2 +consul_version: 1.15.3 # URL from where the consul archive will be downloaded consul_archive_url: https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_amd64.zip # Expected sha256 of the archive -consul_archive_sha256: 21e6c204f8dfdfde63eed5853fbf5a84d414299a111ad6b66da36d00db6414e9 +consul_archive_sha256: 86c6fe308d2e4eea106d21e20c307726eb87be87eab1f6dfb0d53db81b31d334 # user account under which consul will run (will be created if needed) consul_user: consul diff --git a/roles/consul_template/defaults/main.yml b/roles/consul_template/defaults/main.yml index 261a066..f3f8e53 100644 --- a/roles/consul_template/defaults/main.yml +++ b/roles/consul_template/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version of consul-template to install -consul_tpl_version: 0.31.0 +consul_tpl_version: 0.32.0 # URL of the archive consul_tpl_archive_url: https://releases.hashicorp.com/consul-template/{{ consul_tpl_version }}/consul-template_{{ consul_tpl_version }}_linux_amd64.zip # Expected sha256 of the archive -consul_tpl_archive_sha256: e622fd89e731882264f170ede87023546a306f07bad42e816468223d5a6d57f4 +consul_tpl_archive_sha256: eda83e12a4618929a3ec0a49b11a2823b6201c9ae64e5a15161fd63313caf88b # Root dir where consul-template will be installed consul_tpl_root_dir: /opt/consul_template diff --git a/roles/diagrams/defaults/main.yml b/roles/diagrams/defaults/main.yml index 9b4921e..5284d70 100644 --- a/roles/diagrams/defaults/main.yml +++ b/roles/diagrams/defaults/main.yml @@ -1,11 +1,11 @@ --- # Veresion of diagrams to deploy -diagrams_version: 21.3.1 +diagrams_version: 21.3.3 # URL of the WAR file to deploy diagrams_war_url: https://github.com/jgraph/drawio/releases/download/v{{ diagrams_version }}/draw.war # Expected sha256 of the WAR file -diagrams_war_sha256: 60eb296b83ce42c09d5acc4a008e49768b450b78a64797e81f4d27c11a0a3111 +diagrams_war_sha256: 2da32083a6f2437745c8fd09c6d95df5ed8ebbdd113d4747a27278a1fe9d4e26 # root directory of the installation diagrams_root_dir: /opt/diagrams # Should ansible manage upgrades, or just initial install ? diff --git a/roles/documize/defaults/main.yml b/roles/documize/defaults/main.yml index ea00da2..26f1be6 100644 --- a/roles/documize/defaults/main.yml +++ b/roles/documize/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version of cocumize to deploy -documize_version: 5.6.0 +documize_version: 5.7.0 # URL of the binary to install documize_bin_url: https://github.com/documize/community/releases/download/v{{ documize_version }}/documize-community-linux-amd64 # Expected sha1 of the binary -documize_bin_sha256: eedfd2768b98c34dd674d182d484cfedc17920143b40005a2e40b31973c125c6 +documize_bin_sha256: b0a139b25e8e0650b0ca961d79034efafa7da464eb888277ec90ffab6622fa67 # Should documize handle upgrades or only initial install ? documize_manage_upgrade: True diff --git a/roles/elasticsearch/defaults/main.yml b/roles/elasticsearch/defaults/main.yml index 8f4ddb3..f3c69db 100644 --- a/roles/elasticsearch/defaults/main.yml +++ b/roles/elasticsearch/defaults/main.yml @@ -1,13 +1,13 @@ --- # Version of elasticsearch to deploy -es_version: 7.17.5 +es_version: 8.7.1 # root directory es_root_dir: /opt/elasticsearch # URL of the archive es_archive_url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ es_version }}-linux-x86_64.tar.gz # Expected sha512 of the archive -es_archive_sha512: 98791c40f7ce1ba2a463fddb0986bb6ab9f94ab6479d79f96cd9b772e5208a04c7552c56e9fea484248d2ff1dd46fa25ed7066a41160fb22eb1b8dc837448ccf +es_archive_sha512: 40216fff8f6f827164bda1ecbdcbdc30f202ef9cb8a936c60e52f16a0b6c1bfbdc884fe11d8bbebd8336507aa8ed2f0202b3b61f876d17f4a97ee9fc21f9e3be # Should ansible handle upgrades or only initial installation ? es_manage_upgrade: True # User under which the service will run (will be created) diff --git a/roles/elasticsearch/templates/elasticsearch.yml.j2 b/roles/elasticsearch/templates/elasticsearch.yml.j2 index 40c6ffa..fdd3a59 100644 --- a/roles/elasticsearch/templates/elasticsearch.yml.j2 +++ b/roles/elasticsearch/templates/elasticsearch.yml.j2 @@ -9,3 +9,6 @@ action.auto_create_index: false {% if es_version is version('7','>=') %} discovery.type: single-node {% endif %} + +xpack.security.enabled: false +xpack.security.enrollment.enabled: false diff --git a/roles/matrix_element/defaults/main.yml b/roles/matrix_element/defaults/main.yml index 54a9819..88b8f16 100644 --- a/roles/matrix_element/defaults/main.yml +++ b/roles/matrix_element/defaults/main.yml @@ -5,8 +5,8 @@ element_id: element # Version to deploy, and expected sha256 -element_version: 1.11.30 -element_archive_sha256: 35f718ff31967b9b90b7b3075d6844d5dbdcba9b5c1cc29d0cc50f0dc2bb7102 +element_version: 1.11.31 +element_archive_sha256: 17a497d14f48cc44c16269b6fb387a6c4c006c9f7c39552013513f21f99a50f4 # Where to install element element_root_dir: /opt/matrix/element diff --git a/roles/matrix_synapse/defaults/main.yml b/roles/matrix_synapse/defaults/main.yml index 9ef8621..9dc4af7 100644 --- a/roles/matrix_synapse/defaults/main.yml +++ b/roles/matrix_synapse/defaults/main.yml @@ -1,7 +1,7 @@ --- # Synapse version to deploy -synapse_version: '1.82.0' +synapse_version: '1.84.1' # Should ansible handle Synapse upgrades ? If false, only initial install will be done synapse_manage_upgrade: True diff --git a/roles/maven/defaults/main.yml b/roles/maven/defaults/main.yml index 113e84a..bf0fae9 100644 --- a/roles/maven/defaults/main.yml +++ b/roles/maven/defaults/main.yml @@ -1,6 +1,6 @@ --- -mvn_version: 3.8.6 -mvn_archive_url: https://miroir.univ-lorraine.fr/apache/maven/maven-3/{{ mvn_version }}/binaries/apache-maven-{{ mvn_version }}-bin.tar.gz -mvn_archive_sha256: c7047a48deb626abf26f71ab3643d296db9b1e67f1faa7d988637deac876b5a9 +mvn_version: 3.8.8 +mvn_archive_url: https://dlcdn.apache.org/maven/maven-3/{{ mvn_version }}/binaries/apache-maven-{{ mvn_version }}-bin.tar.gz +mvn_archive_sha256: 17811e108701af5985bf5167abbd47c06e92c6c6bd1c13a1a1c095c9b4ecc32a mvn_root_dir: /opt/maven diff --git a/roles/miniflux/defaults/main.yml b/roles/miniflux/defaults/main.yml index c42f678..56bc2e7 100644 --- a/roles/miniflux/defaults/main.yml +++ b/roles/miniflux/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version to install -miniflux_version: 2.0.43 +miniflux_version: 2.0.44 # URL of the binary to install miniflux_bin_url: https://github.com/miniflux/v2/releases/download/{{ miniflux_version }}/miniflux-linux-amd64 # Expected sha256 of the binary -miniflux_bin_sha256: bb899aae069cfc9effe846fe14cc365d5f82c6974dfde7382b23e41564fc079a +miniflux_bin_sha256: 1a7fb7db4f1590cb9889c9eb3ba368360da8fc911bb78c90e7aa471d3505c23e # Should ansible handle upgrades ? If false, only initial install will be done miniflux_manage_upgrade: True diff --git a/roles/miniflux/tasks/archive_pre.yml b/roles/miniflux/tasks/archive_pre.yml index e32fde1..50fd937 100644 --- a/roles/miniflux/tasks/archive_pre.yml +++ b/roles/miniflux/tasks/archive_pre.yml @@ -8,6 +8,10 @@ copy: src={{ miniflux_root_dir }}/bin/miniflux dest={{ miniflux_root_dir }}/archives/{{ miniflux_current_version }}/ remote_src=True tags: miniflux +- name: Install pg_dump + package: name=postgresql15 + tags: miniflux + - name: Backup the database command: > /usr/pgsql-15/bin/pg_dump diff --git a/roles/nomad/defaults/main.yml b/roles/nomad/defaults/main.yml index 6e728d6..65eb8f9 100644 --- a/roles/nomad/defaults/main.yml +++ b/roles/nomad/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version of Nomad to install -nomad_version: 1.5.1 +nomad_version: 1.5.6 # URL of the archive nomad_archive_url: https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip # Expected sha256 of the archive -nomad_archive_sha256: da4b976dfcab27d16fc03e95719685d4ce603b13a3e5ba692df7c434024dc294 +nomad_archive_sha256: 65a7d5a4c6ade01a44292901b05a7c985b4459e0a079b5eb55f5d61474ee98e5 # List of plugins to install nomad_plugins: @@ -13,8 +13,8 @@ nomad_plugins: archive_url: https://releases.hashicorp.com/nomad-driver-podman/0.4.2/nomad-driver-podman_0.4.2_linux_amd64.zip sha256: bdf7c9f70c79d3d3055e73fdc6212a9bfc221ed824451be2d07b2c62ce4267c4 containerd: - archive_url: https://github.com/Roblox/nomad-driver-containerd/releases/download/v0.9.3/containerd-driver - sha256: 7bbeda63a5e05724c8f8c6d05790fbc175acc89e4309c13839afc9716d4b39c2 + archive_url: https://github.com/Roblox/nomad-driver-containerd/releases/download/v0.9.4/containerd-driver + sha256: 337e1bab178071500bfbe46a59946e0e3bafc652906ed1b755d2aa4d35990982 # Root dir where Nomad will be installed nomad_root_dir: /opt/nomad diff --git a/roles/paperless_ng/defaults/main.yml b/roles/paperless_ng/defaults/main.yml index 60dddfe..3c051a0 100644 --- a/roles/paperless_ng/defaults/main.yml +++ b/roles/paperless_ng/defaults/main.yml @@ -1,13 +1,13 @@ --- # The version to deploy -paperless_version: 1.14.5 +paperless_version: 1.15.0 # Instance ID, as you can deploy several instances on the same server paperless_id: 1 # URL of the paperless archive paperless_archive_url: https://github.com/paperless-ngx/paperless-ngx/releases/download/v{{ paperless_version }}/paperless-ngx-v{{ paperless_version }}.tar.xz # Expected checksum -paperless_archive_sha256: 355a5760cbc967c2bd6dcaf89f577aefd5acedd908361377976e04e17c95a8f9 +paperless_archive_sha256: 0080f6b117d427a9f60ca42c5c3571e0f75de04a40b6eabd1975483955d58ec8 # Should ansible handle install and upgrades, or only initial install paperless_manage_upgrade: True # Root directory where paperless will be installed diff --git a/roles/sftpgo/defaults/main.yml b/roles/sftpgo/defaults/main.yml index 09a8639..da20c2c 100644 --- a/roles/sftpgo/defaults/main.yml +++ b/roles/sftpgo/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version to deploy -sftpgo_version: 2.5.0 +sftpgo_version: 2.5.1 # URL of the archive sftpgo_archive_url: https://github.com/drakkan/sftpgo/releases/download/v{{ sftpgo_version }}/sftpgo_v{{ sftpgo_version }}_linux_x86_64.tar.xz # Expected sha1 of the archive -sftpgo_archive_sha256: d46e40287b0a7c419b9b15863494895c9c08bd7e86410354d13894213f9f6872 +sftpgo_archive_sha256: 48d3f8e589a883cfed231fc06b7445a67e524ad6c7e8606f249af3cb7d8a722d # Should ansible handle upgrades ? If False, only initial install will be done sftpgo_manage_upgrade: True diff --git a/roles/squid/files/acl/software_dbd.domains b/roles/squid/files/acl/software_dbd.domains index 09468f1..4e56e64 100644 --- a/roles/squid/files/acl/software_dbd.domains +++ b/roles/squid/files/acl/software_dbd.domains @@ -1,2 +1,3 @@ rpms.lapiole.org +rpms.ehtrace.com git.lapiole.org diff --git a/roles/squid/files/acl/software_various.domains b/roles/squid/files/acl/software_various.domains index f379582..e6167f3 100644 --- a/roles/squid/files/acl/software_various.domains +++ b/roles/squid/files/acl/software_various.domains @@ -183,6 +183,7 @@ mirror.mariadb.org mirrors.xtom.de mirror.netcologne.de mirrors.xtom.nl +mirrors.ircam.fr # OpenMediaVault packages.openmediavault.org diff --git a/roles/vaultwarden/defaults/main.yml b/roles/vaultwarden/defaults/main.yml index f9e187b..7223f8f 100644 --- a/roles/vaultwarden/defaults/main.yml +++ b/roles/vaultwarden/defaults/main.yml @@ -4,9 +4,9 @@ vaultwarden_version: 1.28.1 vaultwarden_archive_url: https://github.com/dani-garcia/vaultwarden/archive/{{ vaultwarden_version }}.tar.gz vaultwarden_archive_sha256: d6991cba20d8aaf7559eb4b8a7d82b68476c12d4913142490839addc2562d12a -vaultwarden_web_version: 2023.4.0 +vaultwarden_web_version: 2023.4.2 vaultwarden_web_archive_url: https://github.com/dani-garcia/bw_web_builds/releases/download/v{{ vaultwarden_web_version }}/bw_web_v{{ vaultwarden_web_version }}.tar.gz -vaultwarden_web_archive_sha256: 01d74880c027f74c13a287e1f882bcbfba1771320c2cc516445e6697b768f283 +vaultwarden_web_archive_sha256: 82768c9f04c0776e60960b5f537cf5a15c1fb5861b0a1b6ac77aba9475a3292e vaultwarden_root_dir: /opt/vaultwarden vaultwarden_user: vaultwarden