From 85842b657d7b6aa0f78d1968cff402b668b345af Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <dbd@ehtrace.com>
Date: Mon, 4 Apr 2022 17:00:09 +0200
Subject: [PATCH] Update to 2022-04-04 17:00

---
 roles/babashka/defaults/main.yml          | 4 ++--
 roles/matrix_element/defaults/main.yml    | 4 ++--
 roles/mongodb_server/tasks/facts.yml      | 1 +
 roles/pgweb/defaults/main.yml             | 4 ++--
 roles/postgresql_server/defaults/main.yml | 6 +++---
 roles/repo_samba4/defaults/main.yml       | 2 +-
 roles/unifi/defaults/main.yml             | 4 ++--
 7 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/roles/babashka/defaults/main.yml b/roles/babashka/defaults/main.yml
index 3a23691..ec90511 100644
--- a/roles/babashka/defaults/main.yml
+++ b/roles/babashka/defaults/main.yml
@@ -1,8 +1,8 @@
 ---
 
 # Babashka version to deploy
-bb_version: 0.7.8
+bb_version: 0.8.0
 # URL of the archive
 bb_archive_url: https://github.com/babashka/babashka/releases/download/v{{ bb_version }}/babashka-{{ bb_version }}-linux-amd64-static.tar.gz
 # Expected sha256sum of the archive
-bb_archive_sha256: c5db9b3c6ce9d27a250b84ebdaf5990d44a650a27cafd2985b0564a03e3f8b07
+bb_archive_sha256: 2eff6f154fd09d9c2f47ab27997eed4a859f569a59e0a5311200bf31cd86c739
diff --git a/roles/matrix_element/defaults/main.yml b/roles/matrix_element/defaults/main.yml
index 4437fe1..bc157f3 100644
--- a/roles/matrix_element/defaults/main.yml
+++ b/roles/matrix_element/defaults/main.yml
@@ -5,8 +5,8 @@
 element_id: element
 
 # Version to deploy, and expected sha256
-element_version: 1.10.7
-element_archive_sha256: 618ef289bdb72323a231e68ba1c39769d30ab9b8cdbaa29829ccdd1f543a353e
+element_version: 1.10.8
+element_archive_sha256: f9de10ce2fbc8f0c418004d268030063dd363f84fac111e74c21ff9ad5a0260a
 
 # Where to install element
 element_root_dir: /opt/matrix/element
diff --git a/roles/mongodb_server/tasks/facts.yml b/roles/mongodb_server/tasks/facts.yml
index 107bd8d..23f0b99 100644
--- a/roles/mongodb_server/tasks/facts.yml
+++ b/roles/mongodb_server/tasks/facts.yml
@@ -13,6 +13,7 @@
     - import_tasks: ../includes/get_rand_pass.yml
       vars:
         - pass_file: "/root/.mongo.pw"
+          encryption: False
     - set_fact: mongo_admin_pass={{ rand_pass }}
   when: mongo_admin_pass is not defined
   tags: mongo
diff --git a/roles/pgweb/defaults/main.yml b/roles/pgweb/defaults/main.yml
index e2cf034..6650ee1 100644
--- a/roles/pgweb/defaults/main.yml
+++ b/roles/pgweb/defaults/main.yml
@@ -1,11 +1,11 @@
 ---
 
 # Version of pgweb to install
-pgweb_version: 0.11.10
+pgweb_version: 0.11.11
 # URL of the archive
 pgweb_archive_url: https://github.com/sosedoff/pgweb/releases/download/v{{ pgweb_version }}/pgweb_linux_amd64.zip
 # Expected sha256 of the archive
-pgweb_archive_sha256: 9aa0ae44a2512fc8960fccb96003bec169abce5dc92aaf285bf73b48e3022558
+pgweb_archive_sha256: 4b3d961db8b3f7274aadcc8d5c45b791516dd6a92e37a7c96dae6ee2167af0ac
 # Where will pgweb be installed
 pgweb_root_dir: /opt/pgweb
 # SHould ansible handle upgrades or just initial install
diff --git a/roles/postgresql_server/defaults/main.yml b/roles/postgresql_server/defaults/main.yml
index 7298dd1..9e72e25 100644
--- a/roles/postgresql_server/defaults/main.yml
+++ b/roles/postgresql_server/defaults/main.yml
@@ -87,20 +87,20 @@ pg_roles_to_remove: []
 # Turn on or off ldap auth
 pg_ldap_auth: False
 # LDAP server to query. You can enter several servers separated by space
-pg_ldap_host: "{{ (ad_ldap_servers is defined) | ternary(ad_ldap_servers | join(' '), (ldap_uri is defined) | ternary(ldap_uri | urlsplit('hostname'), 'ldap.' ~ ansible_domain)) }}"
+pg_ldap_host: "{{ (ad_ldap_servers is defined) | ternary(ad_ldap_servers | default('') | join(' '), (ldap_uri is defined) | ternary(ldap_uri | default('') | urlsplit('hostname'), 'ldap.' ~ ansible_domain)) }}"
 # port of the ldap server
 pg_ldap_port: 389
 # Should starttls be used
 pg_ldap_starttls: True
 # Base DN where postgres will lookup your users
-pg_ldap_basedn: "{{ (ad_ldap_user_search_base is defined) | ternary(ad_ldap_user_search_base, (ldap_base is defined) | ternary(ldap_base, ansible_domain | regex_replace('\\.', ',DC='))) }}"
+pg_ldap_basedn: "{{ (ad_ldap_user_search_base is defined) | ternary(ad_ldap_user_search_base | default(''), (ldap_base is defined) | ternary(ldap_base | default(''), ansible_domain | regex_replace('\\.', ',DC='))) }}"
 # Bind DN and bind password for postgres to lookup users. If not defined, the lookup will be done anonymously
 # pg_ldap_binddn: postgres@{{ ansible_domain }}
 # pg_ldap_bindpasswd: S3cr3t.
 # The filter to search for user. $username will be replaced by the postgres user whose password is being verified
 pg_ldap_searchfilter: "{{ ad_auth | default(False) | ternary('(&(objectClass=user)(!(useraccountcontrol:1.2.840.113556.1.4.803:=2))(sAMAccountName=$username))', '(&(objectClass=inetOrgPerson)(uid=$username))') }}"
 # Connection type for which ldap auth will be attempted. Note that for security reason you shouldn't set it to host as it'd allow LDAP password
-# to be sent unencrypted over between the postgres client and server (even is the postgres server then uses TLS to check the password against the LDAP server)
+# to be sent unencrypted between the postgres client and server (even is the postgres server then uses TLS to check the password against the LDAP server)
 pg_ldap_conn_type: hostssl
 # Limit for which user / roles the ldap auth will be used (third field in pg_hba.conf)
 pg_ldap_roles: '+ldap_roles'
diff --git a/roles/repo_samba4/defaults/main.yml b/roles/repo_samba4/defaults/main.yml
index fd1767e..1f7f277 100644
--- a/roles/repo_samba4/defaults/main.yml
+++ b/roles/repo_samba4/defaults/main.yml
@@ -1,3 +1,3 @@
 ---
 # Select a branch from https://samba.tranquil.it/centos7/ or https://samba.tranquil.it/centos7/
-samba_major_version: samba-{{ (ansible_distribution_major_version is version('8','<')) | ternary('4.12.15','4.15.5') }}
+samba_major_version: samba-{{ (ansible_distribution_major_version is version('8','<')) | ternary('4.12.15','4.15.6') }}
diff --git a/roles/unifi/defaults/main.yml b/roles/unifi/defaults/main.yml
index b6e4c38..2ef3bd2 100644
--- a/roles/unifi/defaults/main.yml
+++ b/roles/unifi/defaults/main.yml
@@ -3,11 +3,11 @@
 # Where unifi will be installed
 unifi_root_dir: /opt/unifi
 # Version to deploy
-unifi_version: 7.0.23
+unifi_version: 7.0.25
 # URL to get the installation tarball
 unifi_archive_url: https://www.ubnt.com/downloads/unifi/{{ unifi_version }}/UniFi.unix.zip
 # Expected sha256
-unifi_archive_sha256: 90fc6d87254cf211f6e4a8b010265d6365b9fae1e78e20cb023c8af8b406fc21
+unifi_archive_sha256: 1b18006832dae6830b72925bcb1d7ae1a2e7b82faaddfacd778419c2c8744133
 # Should ansible handle upgrades (if False, only initial install will be done)
 unifi_manage_upgrade: True
 # List of ports used by UniFi controler