diff --git a/.github/workflows/build-main.yml b/.github/workflows/build-main.yml index e2053ab24..bf87d86d2 100644 --- a/.github/workflows/build-main.yml +++ b/.github/workflows/build-main.yml @@ -40,14 +40,14 @@ jobs: steps: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: persist-credentials: false - name: Release id: release # yamllint disable-line rule:line-length - uses: cycjimmy/semantic-release-action@cb425203a562475bca039ba4dbf90c7f9ac790f4 # v4.1.0 + uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # v4.1.1 env: GITHUB_TOKEN: ${{ secrets.SEMANTIC_RELEASE_GITHUB_TOKEN }} GIT_AUTHOR_NAME: aki-bot[bot] diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0afc3415f..66ca2cf23 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -38,7 +38,7 @@ concurrency: env: # renovate: datasource=pypi depName=ansible-core - ANSIBLE_CORE_VERSION: 2.17.4 + ANSIBLE_CORE_VERSION: 2.17.5 # renovate: datasource=pypi depName=netaddr NETADDR_VERSION: 1.3.0 @@ -52,7 +52,7 @@ jobs: steps: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: ref: ${{ (github.event.inputs || inputs).version }} @@ -61,7 +61,7 @@ jobs: uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: # renovate: datasource=docker depName=python versioning=docker - python-version: 3.12.6 + python-version: 3.13.0 - name: Install ansible playbook packages run: > diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1c70c5581..01c83d46a 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 @@ -28,7 +28,7 @@ jobs: uses: extractions/setup-just@dd310ad5a97d8e7b41793f8ef055398d51ad4de6 # v2.0.0 with: # renovate: datasource=crate depName=just - just-version: 1.35.0 + just-version: 1.36.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -37,7 +37,7 @@ jobs: uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: # renovate: datasource=docker depName=python versioning=docker - python-version: 3.12.6 + python-version: 3.13.0 cache: pip - name: Install dependencies diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f02480d99..12b13d21f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set platforms id: set-platforms @@ -52,14 +52,14 @@ jobs: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Setup just # yamllint disable-line rule:line-length uses: extractions/setup-just@dd310ad5a97d8e7b41793f8ef055398d51ad4de6 # v2.0.0 with: # renovate: datasource=crate depName=just - just-version: 1.35.0 + just-version: 1.36.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -68,7 +68,7 @@ jobs: uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: # renovate: datasource=docker depName=python versioning=docker - python-version: 3.12.6 + python-version: 3.13.0 cache: pip - name: Update apt @@ -81,7 +81,7 @@ jobs: - name: Cache Vagrant boxes # yamllint disable-line rule:line-length - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 with: path: ~/.vagrant.d/boxes key: "${{ runner.os }}-\ diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index b1b7ba756..5d9692a86 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -13,12 +13,12 @@ jobs: steps: - name: Checkout # yamllint disable-line rule:line-length - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Get token id: get-token # yamllint disable-line rule:line-length - uses: peter-murray/workflow-application-token-action@dc0413987a085fa17d19df9e47d4677cf81ffef3 # v3.0.0 + uses: peter-murray/workflow-application-token-action@baa1ef2638c3d9e5967b7c8b86219f8fc919e1bb # v3.0.1 with: application_id: ${{ secrets.AKI_BOT_APP_ID }} application_private_key: ${{ secrets.AKI_BOT_APP_PRIVATE_KEY }} @@ -31,7 +31,7 @@ jobs: - name: Update dependencies # yamllint disable-line rule:line-length - uses: renovatebot/github-action@dd4d265eb8646cd04fc5f86ff8bc8d496d75a251 # v40.2.8 + uses: renovatebot/github-action@7743ec9e19ceeb61a3862c5d4131e6710195af11 # v40.3.3 with: # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate renovate-version: 37.440.7 diff --git a/.tool-versions b/.tool-versions index 8d8b1ba8e..61cf635c6 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -python 3.12.6 +python 3.13.0 diff --git a/ansible/requirements.txt b/ansible/requirements.txt index 11837a4fd..f8c016b24 100644 --- a/ansible/requirements.txt +++ b/ansible/requirements.txt @@ -1,4 +1,4 @@ -ansible-core==2.17.4 +ansible-core==2.17.5 molecule==24.9.0 molecule-plugins[vagrant]==23.5.3 netaddr==1.3.0 diff --git a/ansible/requirements.yml b/ansible/requirements.yml index 5f2fc49fd..0893eb82b 100644 --- a/ansible/requirements.yml +++ b/ansible/requirements.yml @@ -1,11 +1,11 @@ --- collections: - name: ansible.posix - version: 1.6.0 + version: 1.6.1 - name: ansible.utils version: 4.1.0 - name: community.general - version: 9.4.0 + version: 9.5.0 - name: devsec.hardening version: 9.0.1 diff --git a/ansible/roles/all/vars/main.yml b/ansible/roles/all/vars/main.yml index f8eadac66..756ff5992 100644 --- a/ansible/roles/all/vars/main.yml +++ b/ansible/roles/all/vars/main.yml @@ -60,7 +60,7 @@ lazydocker_architecture: >- {{ architecture_to_lazydocker_architecture[ansible_architecture] }} # renovate: datasource=github-releases depName=jesseduffield/lazygit -lazygit_version: v0.44.0 +lazygit_version: v0.44.1 architecture_to_lazygit_architecture: x86_64: x86_64 armv7l: armv6 @@ -68,7 +68,7 @@ lazygit_architecture: >- {{ architecture_to_lazygit_architecture[ansible_architecture] }} # renovate: datasource=github-releases depName=jdx/mise -mise_version: v2024.9.3 +mise_version: v2024.10.2 architecture_to_mise_architecture: x86_64: x64 armv7l: armv7 @@ -76,7 +76,7 @@ mise_architecture: >- {{ architecture_to_mise_architecture[ansible_architecture] }} # renovate: datasource=github-releases depName=ajeetdsouza/zoxide -zoxide_version: v0.9.5 +zoxide_version: v0.9.6 architecture_to_zoxide_architecture: x86_64: amd64 armv7l: armv7 diff --git a/ansible/roles/servers/templates/server-nas/docker/apps/github-runners/compose.yml.j2 b/ansible/roles/servers/templates/server-nas/docker/apps/github-runners/compose.yml.j2 index b56da186d..97bf4d9ca 100644 --- a/ansible/roles/servers/templates/server-nas/docker/apps/github-runners/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-nas/docker/apps/github-runners/compose.yml.j2 @@ -1,7 +1,7 @@ --- services: github-runner-homelab: - image: myoung34/github-runner:2.319.1@sha256:0f66cf3f5a67d42e58249c2aa2c4ecd6f523fe3dd907f00884cc3b70425467bb # editorconfig-checker-disable-line + image: myoung34/github-runner:2.320.0@sha256:c14bdd90a15696f8f8669a2109077d38a7f7f432f87ec5b2065a442f2c0f6836 # editorconfig-checker-disable-line # This is the `runner` user. # See: https://github.com/myoung34/docker-github-actions-runner/wiki/Usage#non-root-runners editorconfig-checker-disable-line diff --git a/ansible/roles/servers/templates/server-nas/docker/apps/home/compose.yml.j2 b/ansible/roles/servers/templates/server-nas/docker/apps/home/compose.yml.j2 index 0e0a1a607..03e90c2e0 100755 --- a/ansible/roles/servers/templates/server-nas/docker/apps/home/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-nas/docker/apps/home/compose.yml.j2 @@ -1,7 +1,7 @@ --- services: home-assistant: - image: lscr.io/linuxserver/homeassistant:2024.9.1@sha256:98c60993aea7b24f18c16de44f422bbbe9f8685ed7e30bb0316f9cfb9fbc7351 # editorconfig-checker-disable-line + image: lscr.io/linuxserver/homeassistant:2024.10.2@sha256:57da766c5361f08d76c65d3c2947457e5a061045560d0a7b9179e8170e1726b9 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" @@ -23,7 +23,7 @@ services: restart: always mosquitto: - image: eclipse-mosquitto:2.0.18@sha256:d12c8f80dfc65b768bb9acecc7ef182b976f71fb681640b66358e5e0cf94e9e9 # editorconfig-checker-disable-line + image: eclipse-mosquitto:2.0.19@sha256:069ab2a92ce87b318b91586845af1a53d762b7cffae60737e76e1a8f8dd19e11 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" volumes: @@ -36,7 +36,7 @@ services: restart: always node-red: - image: nodered/node-red:3.1.11@sha256:53903f9c1e0e4a3e73c9bb30c4b3af836434a1f0f342cc7afb7db6e8aa148352 # editorconfig-checker-disable-line + image: nodered/node-red:3.1.14@sha256:f1371b69be50b04702fb9b5235876a56ed0b365c1e3ddf8647274f7c5e1ee433 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" volumes: diff --git a/ansible/roles/servers/templates/server-nas/docker/apps/media/compose.yml.j2 b/ansible/roles/servers/templates/server-nas/docker/apps/media/compose.yml.j2 index dd5af7ffe..0a6eb2668 100755 --- a/ansible/roles/servers/templates/server-nas/docker/apps/media/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-nas/docker/apps/media/compose.yml.j2 @@ -1,7 +1,7 @@ --- services: gluetun: - image: qmcgaw/gluetun:v3.39.0@sha256:2f011a9aca767af62008d879eefcbc80a8645bd4fd4466ab312cc941cb658ad1 # editorconfig-checker-disable-line + image: qmcgaw/gluetun:v3.39.1@sha256:6a8058e626763cbf735ac2f78c774dbb24fec2490bd9d9f7d67e22592cb4a991 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" @@ -63,7 +63,7 @@ services: restart: always prowlarr: - image: lscr.io/linuxserver/prowlarr:1.23.1@sha256:e75b214395fba75e3738ea8342e358dbc523551325b79c217d848a81fe6f3095 # editorconfig-checker-disable-line + image: lscr.io/linuxserver/prowlarr:1.24.3@sha256:3001f0ea0341f370e889467aa1825c42fb8decede85b784c7e380b9ccaad1d4e # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" @@ -81,7 +81,7 @@ services: restart: always qbittorrent: - image: lscr.io/linuxserver/qbittorrent:4.6.6@sha256:5c89a1cd3132981c51fc5ba0f47ecae9b10253029cf8decaa8ae14236fb11e32 # editorconfig-checker-disable-line + image: lscr.io/linuxserver/qbittorrent:4.6.7@sha256:55f15d44396315551f87294a176efae733b16e283f38980308e46073950257c6 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" @@ -103,7 +103,7 @@ services: restart: always radarr: - image: lscr.io/linuxserver/radarr:5.9.1@sha256:5ab12592e768d04d94bc04877bee194f372ea3946abc6de689311f4d8559ee2f # editorconfig-checker-disable-line + image: lscr.io/linuxserver/radarr:5.12.2@sha256:e0045d420eaf298a9449e12ed1cce654f171cc1043311f0f1cadaf2afeabe795 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" diff --git a/ansible/roles/servers/templates/server-nas/docker/apps/monitoring/compose.yml.j2 b/ansible/roles/servers/templates/server-nas/docker/apps/monitoring/compose.yml.j2 index 992889fae..4078308d1 100644 --- a/ansible/roles/servers/templates/server-nas/docker/apps/monitoring/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-nas/docker/apps/monitoring/compose.yml.j2 @@ -1,7 +1,7 @@ --- services: netdata: - image: netdata/netdata:v1.47.1@sha256:9aec543d8da83ff68da5032ed01b862ca96e55e3b20ab6ca98f95cab2e8ea255 # editorconfig-checker-disable-line + image: netdata/netdata:v1.47.4@sha256:3d89a4212017abf180286791299ec99004f54af8978d5130248d1faf0bbeec7a # editorconfig-checker-disable-line hostname: "netdata-{{ inventory_hostname }}" environment: TZ: "{{ timezone }}" @@ -57,7 +57,7 @@ services: restart: always grafana: - image: grafana/grafana-oss:10.4.8@sha256:c88e62a727bbb54b1ce1a420fb81b8b116c10a60d666de92ae74f3481aef1499 # editorconfig-checker-disable-line + image: grafana/grafana-oss:10.4.10@sha256:e9b5417327531e1ea588bd617bb1bc3c724fa4de7fac0d96893a887fe5a478ad # editorconfig-checker-disable-line user: "{{ ansible_admin_user_uid }}:{{ ansible_admin_user_gid }}" environment: TZ: "{{ timezone }}" diff --git a/ansible/roles/servers/templates/server-nas/docker/apps/portainer/compose.yml.j2 b/ansible/roles/servers/templates/server-nas/docker/apps/portainer/compose.yml.j2 index 9763af60a..b96b524d7 100644 --- a/ansible/roles/servers/templates/server-nas/docker/apps/portainer/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-nas/docker/apps/portainer/compose.yml.j2 @@ -1,7 +1,7 @@ --- services: portainer: - image: portainer/portainer-ce:2.21.1@sha256:2c7d2953c322de46d2749d371e892a5e0ad50339f542888798b2cdc81eb85eef # editorconfig-checker-disable-line + image: portainer/portainer-ce:2.22.0@sha256:c071015b90d70cf9a9ba2952e996dca32a61445a583d04c43317fce4f887d314 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" volumes: diff --git a/ansible/roles/servers/templates/server-pi/docker/apps/monitoring/compose.yml.j2 b/ansible/roles/servers/templates/server-pi/docker/apps/monitoring/compose.yml.j2 index e031ca7f9..293e95d02 100644 --- a/ansible/roles/servers/templates/server-pi/docker/apps/monitoring/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-pi/docker/apps/monitoring/compose.yml.j2 @@ -3,7 +3,7 @@ name: monitoring services: netdata: - image: netdata/netdata:v1.47.1@sha256:9aec543d8da83ff68da5032ed01b862ca96e55e3b20ab6ca98f95cab2e8ea255 # editorconfig-checker-disable-line + image: netdata/netdata:v1.47.4@sha256:3d89a4212017abf180286791299ec99004f54af8978d5130248d1faf0bbeec7a # editorconfig-checker-disable-line hostname: "netdata-{{ inventory_hostname }}" environment: TZ: "{{ timezone }}" diff --git a/ansible/roles/servers/templates/server-pi/docker/apps/portainer/compose.yml.j2 b/ansible/roles/servers/templates/server-pi/docker/apps/portainer/compose.yml.j2 index d41cf0bcb..e039b8f9b 100644 --- a/ansible/roles/servers/templates/server-pi/docker/apps/portainer/compose.yml.j2 +++ b/ansible/roles/servers/templates/server-pi/docker/apps/portainer/compose.yml.j2 @@ -3,7 +3,7 @@ name: portainer services: portainer: - image: portainer/portainer-ce:2.21.1@sha256:2c7d2953c322de46d2749d371e892a5e0ad50339f542888798b2cdc81eb85eef # editorconfig-checker-disable-line + image: portainer/portainer-ce:2.22.0@sha256:c071015b90d70cf9a9ba2952e996dca32a61445a583d04c43317fce4f887d314 # editorconfig-checker-disable-line environment: TZ: "{{ timezone }}" volumes: diff --git a/ansible/roles/workstations/vars/main.yml b/ansible/roles/workstations/vars/main.yml index 44486419d..7b0279bc2 100644 --- a/ansible/roles/workstations/vars/main.yml +++ b/ansible/roles/workstations/vars/main.yml @@ -1,6 +1,6 @@ --- # renovate: datasource=github-releases depName=cli/cli -github_cli_version: v2.56.0 +github_cli_version: v2.58.0 architecture_to_github_cli_architecture: x86_64: amd64 armv7l: armv6