Compare revisions

3309633c · 3309633c · 3309633c · 3309633c · 3309633c · 3309633c
--- a/remote/docker_homeassistant/tasks/main.yml
+++ b/remote/docker_homeassistant/tasks/main.yml
 ---

- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
   - { path: "{{ basedir }}/homeassistant_admin_password", length: 12 }
   - { path: "{{ basedir }}/influxdb_password",            length: 12 }

--- a/remote/docker_homeassistant/templates/docker-compose.yml
+++ b/remote/docker_homeassistant/templates/docker-compose.yml
@@ -24,7 +24,7 @@ services:
  
  influxdb:

-    image: influxdb:2.6.0
+    image: influxdb:2.7.1
    restart: always
    ports:
      - "{{ int_ip4 }}:{{ influxdb_port }}:8086"

--- a/remote/docker_prometheus/templates/docker-compose.yml
+++ b/remote/docker_prometheus/templates/docker-compose.yml
@@ -5,7 +5,7 @@ services:

  app:

-    image: prom/prometheus:v2.42.0
+    image: prom/prometheus:v2.45.0
    restart: always
    ports:
      - 9090:9090

--- a/site.yml
+++ b/site.yml
@@ -119,12 +119,6 @@
        omada_port_https: 8043,
        omada_portal_https: 8843
      }
-    - {
-        role: intern/docker_graylog, tags: graylog,
-        servicename: graylog,
-        basedir: /srv/graylog,
-        domain: "graylog.warpzone.lan"
-      }
    - { 
        role: intern/docker_tasmoadmin, tags: tasmoadmin, 
        servicename: tasmoadmin,

--- a/verwaltung/docker_gitea/tasks/main.yml
+++ b/verwaltung/docker_gitea/tasks/main.yml
 ---
 # Get secrets 
- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
    - { path: /srv/gitea/mysql_root_pw, length: 24 }
    - { path: /srv/gitea/mysql_user_pw, length: 12 }

--- a/verwaltung/docker_jameica/templates/docker-compose.yml
+++ b/verwaltung/docker_jameica/templates/docker-compose.yml
@@ -36,7 +36,7 @@ services:


  nginx:
-    image: nginx:1.19
+    image: nginx:1.25
    restart: always
    depends_on:
      - vnc

--- a/verwaltung/docker_mysql/tasks/main.yml
+++ b/verwaltung/docker_mysql/tasks/main.yml
 ---
 # Get secrets
- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
    - { path: /srv/mysql/mysql_root_pw, length: 24 }
    - { path: /srv/mysql/mysql_user_pw, length: 12 }

--- a/verwaltung/docker_nextcloud/tasks/main.yml
+++ b/verwaltung/docker_nextcloud/tasks/main.yml
 ---

- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
    - { path: /srv/nextcloud/nextcloud_admin_pass,  length: 24 }
    - { path: /srv/nextcloud/mysql_admin_pass,  length: 24 }

--- a/verwaltung/docker_nextcloud/templates/docker-compose.yml
+++ b/verwaltung/docker_nextcloud/templates/docker-compose.yml
@@ -42,6 +42,9 @@ services:
      MYSQL_HOST: mysql
      NEXTCLOUD_ADMIN_USER: "admin"
      NEXTCLOUD_ADMIN_PASSWORD: "{{nextcloud_admin_pass}}"
+      OVERWRITEPROTOCOL: https
+      OVERWRITECLIURL: https://{{ domain }}
+      OVERWRITEHOST: {{ domain }}
    labels:
      - traefik.enable=true
      - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)

--- a/verwaltung/jameica/tasks/main.yml
+++ b/verwaltung/jameica/tasks/main.yml
@@ -12,7 +12,7 @@
      - openjdk-11-jre

 # Get secrets 
- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
    - { path: /srv/mysql/mysql_user_pw, length: 12 }
   

--- a/webserver/docker_dokuwiki/templates/Dockerfile
+++ b/webserver/docker_dokuwiki/templates/Dockerfile
-FROM php:7.4.33-apache-bullseye
+FROM php:8.2.8-apache-bookworm

 # php-gd modul für dw2pdf plugin
 RUN apt-get update && apt-get install -y \

--- a/webserver/docker_gitlab/templates/conf/gitlab.rb
+++ b/webserver/docker_gitlab/templates/conf/gitlab.rb
@@ -1426,17 +1426,27 @@ nginx['proxy_set_headers'] = {
 ################################################################################

 # logging['svlogd_size'] = 200 * 1024 * 1024 # rotate after 200 MB of log data
+logging['svlogd_size'] = 200 * 1024 * 1024
 # logging['svlogd_num'] = 30 # keep 30 rotated log files
+logging['svlogd_num'] = 30
 # logging['svlogd_timeout'] = 24 * 60 * 60 # rotate after 24 hours
+logging['svlogd_timeout'] = 24 * 60 * 60
 # logging['svlogd_filter'] = "gzip" # compress logs with gzip
+logging['svlogd_filter'] = "gzip"
 # logging['svlogd_udp'] = nil # transmit log messages via UDP
 # logging['svlogd_prefix'] = nil # custom prefix for log messages
 # logging['logrotate_frequency'] = "daily" # rotate logs daily
+logging['logrotate_frequency'] = "daily"
 # logging['logrotate_maxsize'] = nil # rotate logs when they grow bigger than size bytes even before the specified time interval (daily, weekly, monthly, or yearly)
+logging['logrotate_maxsize'] = "200M"
 # logging['logrotate_size'] = nil # do not rotate by size by default
+logging['logrotate_size'] = "50M"
 # logging['logrotate_rotate'] = 30 # keep 30 rotated logs
+logging['logrotate_rotate'] = 30
 # logging['logrotate_compress'] = "compress" # see 'man logrotate'
+logging['logrotate_compress'] = "compress"
 # logging['logrotate_method'] = "copytruncate" # see 'man logrotate'
+logging['logrotate_method'] = "copytruncate"
 # logging['logrotate_postrotate'] = nil # no postrotate command by default
 # logging['logrotate_dateformat'] = nil # use date extensions for rotated files rather than numbers e.g. a value of "-%Y-%m-%d" would give rotated files like production.log-2016-03-09.gz

@@ -1458,7 +1468,7 @@ nginx['proxy_set_headers'] = {
 ##! Docs: https://docs.gitlab.com/omnibus/settings/logs.html#logrotate
 ##! You can disable built in logrotate feature.
 ################################################################################
-# logrotate['enable'] = true
+logrotate['enable'] = true
 # logrotate['log_directory'] = "/var/log/gitlab/logrotate"

 ################################################################################

--- a/webserver/docker_icinga/tasks/main.yml
+++ b/webserver/docker_icinga/tasks/main.yml
 ---

- include: ../functions/get_secret.yml
+- include_tasks: ../functions/get_secret.yml
  with_items:
    - { path: /srv/ldap/secret/ldap_readonly_pass, length: -1 }
    - { path: "{{ basedir }}/icinga_admin_pass",  length: 12 }

--- a/webserver/docker_mail/templates/docker-compose.yml
+++ b/webserver/docker_mail/templates/docker-compose.yml
@@ -48,7 +48,7 @@ services:
      - "traefik.http.routers.{{ servicename }}.tls"
      - "traefik.http.routers.{{ servicename }}.tls.certresolver=letsencrypt"
      - "traefik.http.routers.{{ servicename }}.tls.domains[0].main={{ domain }}"
-      - "traefik.http.routers.{{ servicename }}.tls.domains[0].sans={{ mailserver }}"
+      - "traefik.http.routers.{{ servicename }}.tls.domains[0].sans={{ mailserver }},imap.warpzone.ms,smtp.warpzone.ms"
      - "traefik.http.routers.{{ servicename }}.service={{ servicename }}"
      - "traefik.http.services.{{ servicename }}.loadbalancer.server.port=80"
    networks:
@@ -185,7 +185,7 @@ services:
      - "{{ basedir }}/mailman-web:/opt/mailman-web-data:rw,z"

  mailman-nginx:
-    image: nginx:1.19
+    image: nginx:1.25
    restart: always
    depends_on:
      - mailman-web

--- a/webserver/docker_matrix/tasks/main.yml
+++ b/webserver/docker_matrix/tasks/main.yml
@@ -5,6 +5,7 @@
   - { path: /srv/shared/noreply_email_pass, length: -1 }
   - { path: /srv/ldap/secret/ldap_readonly_pass, length: -1 }
   - { path: /srv/matrix/postgres_user_pass,  length: 24 }
+   - { path: /srv/matrix/admin_access_token,  length: -1 } # Get in Element fo an Admin User: Settings > Help > Advanced 


 - name: create folder struct for matrix
@@ -31,7 +32,9 @@


 - name: Konfig-Dateien erstellen
-  template: src={{ item }} dest=/srv/matrix/{{ item }}
+  template: 
+    src: "{{ item }}" 
+    dest: "/srv/matrix/{{ item }}"
  with_items:
    - docker-compose.yml
    - rest_auth_provider.py
@@ -41,6 +44,15 @@
  register: configs


+- name: Script-Dateien erstellen 
+  template: 
+    src: "{{ item }}" 
+    dest: "/srv/matrix/{{ item }}"
+    mode: "ug+rwx"
+  with_items:
+    - purgemediacache.sh
+
+
 - name: stop matrix docker
  docker_compose:
    project_src: /srv/matrix/

--- a/webserver/docker_matrix/templates/docker-compose.yml
+++ b/webserver/docker_matrix/templates/docker-compose.yml
@@ -68,6 +68,21 @@ services:
      - default
      - web

+
+  purgemediacache:
+    
+    image: jsonfry/curl-cron:latest 
+    restart: always
+    depends_on:
+      - synapse
+    volumes:
+      - /srv/matrix/purgemediacache.sh:/curl.sh
+    environment:
+      CRON_SCHEDULE: "0 7 * * *"
+    networks:
+      - default
+
+
 networks:
  web:
    external: true
--- a/webserver/docker_matrix/templates/purgemediacache.sh
+++ b/webserver/docker_matrix/templates/purgemediacache.sh
+#!/bin/sh
+
+set -e
+
+echo "$(date) - Start"
+
+TS_NOW=$(date +%s)
+DELAY=$((30*24*60*60))
+TS=$((TS_NOW-$DELAY))
+
+curl -X POST --insecure --header "Authorization: Bearer {{ admin_access_token }}" https://{{ domain }}/_synapse/admin/v1/purge_media_cache?before_ts=$(($TS*1000))
+
+echo "$(date) End"
\ No newline at end of file
--- a/webserver/docker_matterbridge/templates/docker-compose.yml
+++ b/webserver/docker_matterbridge/templates/docker-compose.yml
@@ -27,7 +27,7 @@ services:

  web:

-    image: nginx:1.21.6-alpine
+    image: nginx:1.25.1
    restart: always
    volumes:
      - /srv/matterbridge/media/:/usr/share/nginx/html/matterbridge/:ro,z
No results found