chore(deps): update mysql docker tag to v9

.forgejo/workflows/build-synapse.yaml

@@ -19,16 +19,3 @@ jobs:
           tags: git.janky.solutions/jankysolutions/infra/synapse:latest
           platforms: linux/amd64
           push: ${{ github.ref == 'refs/heads/main' }}
-  rollout:
-    name: roll out update
-    runs-on: ubuntu-latest
-    container:
-      image: git.janky.solutions/jankysolutions/infra/deployer:latest
-    needs: [build-synapse]
-    if: github.ref == 'refs/heads/main'
-    steps:
-      - name: roll out update
-        run: |
-          set -euo pipefail
-          echo "${{ secrets.KUBERNETES_CLIENT_CONFIG }}" > ~/.kube/config
-          kubectl -n matrix rollout restart statefulset homeserver-janky-solutions

containers/synapse/Containerfile

@@ -1,4 +1,4 @@
-FROM matrixdotorg/synapse:v1.120.0
+FROM matrixdotorg/synapse:v1.119.0
 RUN pip install boto3 humanize tqdm
 # there is probably a better way to figure out where the site packages are
 # this used to be hard coded to /usr/local/lib/python3.11/site-packages but then synapse updated it's minor python version and it broke

k8s/matrix/janky.bot-homeserver.yaml

@@ -37,7 +37,7 @@ spec:
             - secretRef:
                 name: synapse-janky-bot
       containers:
-      - image: matrixdotorg/synapse:v1.120.0
+      - image: matrixdotorg/synapse:v1.119.0
         name: synapse
         resources: {}
         volumeMounts:

k8s/operators/external-secrets/bitwarden.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: bitwarden-cli
-          image: ghcr.io/charlesthomas/bitwarden-cli:2024.11.1
+          image: ghcr.io/charlesthomas/bitwarden-cli:2024.11.0
           imagePullPolicy: IfNotPresent
           envFrom:
             - secretRef:

k8s/shlink/shlink.yaml

@@ -18,7 +18,7 @@ spec:
         fsGroup: 1001
         fsGroupChangePolicy: "OnRootMismatch"
       containers:
-      - image: ghcr.io/shlinkio/shlink:4.3.1
+      - image: ghcr.io/shlinkio/shlink:4.2.5
         name: shlink
         resources: {}
         ports:

k8s/snipeit/database.yaml

@@ -28,7 +28,7 @@ spec:
     spec:
       containers:
       - name: mysql
-        image: mysql:8
+        image: mysql:9
         envFrom:
           - secretRef:
               name: mysql

roles/base/tasks/main.yml

@@ -10,30 +10,3 @@
   apt:
     name: [ufw]
     state: absent
-
-- name: check which users exist
-  ansible.builtin.user:
-    name: "{{ item }}"
-  loop: ["root", "finn", "debian"]
-  check_mode: true
-  register: users
-
-- name: Ensure SSH key is set
-  ansible.posix.authorized_key:
-    user: "{{ item.item }}"
-    state: present
-    key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJs5PJ6jQF7Sx3T1b1+NBXt4JRsnjGnWv8+bCf4RpwGM finn@taint
-  loop: "{{ users.results }}"
-  loop_control:
-    label: "{{ item.item }}"
-  when: item.state | d('') == 'present'
-
-- name: Invalidate old SSH key
-  ansible.posix.authorized_key:
-    user: "{{ item.item }}"
-    state: absent
-    key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMaJrZWSrAYTaCoGhW+o8HivmBj5oZi7Dei73FtCl0d finn@taint
-  loop: "{{ users.results }}"
-  loop_control:
-    label: "{{ item.item }}"
-  when: item.state | d('') == 'present'