Compare commits
7 commits
renovate/m
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 29f22759a4 | |||
| 6bbc5b24d7 | |||
| 86c496faaf | |||
| d13630bd51 | |||
| 3b1f44e19e | |||
| ce1e33d678 | |||
| 89fcffdf59 |
6 changed files with 44 additions and 4 deletions
|
|
@ -19,3 +19,16 @@ jobs:
|
|||
tags: git.janky.solutions/jankysolutions/infra/synapse:latest
|
||||
platforms: linux/amd64
|
||||
push: ${{ github.ref == 'refs/heads/main' }}
|
||||
rollout:
|
||||
name: roll out update
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: git.janky.solutions/jankysolutions/infra/deployer:latest
|
||||
needs: [build-synapse]
|
||||
if: github.ref == 'refs/heads/main'
|
||||
steps:
|
||||
- name: roll out update
|
||||
run: |
|
||||
set -euo pipefail
|
||||
echo "${{ secrets.KUBERNETES_CLIENT_CONFIG }}" > ~/.kube/config
|
||||
kubectl -n matrix rollout restart statefulset homeserver-janky-solutions
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
FROM matrixdotorg/synapse:v1.119.0
|
||||
FROM matrixdotorg/synapse:v1.120.0
|
||||
RUN pip install boto3 humanize tqdm
|
||||
# there is probably a better way to figure out where the site packages are
|
||||
# this used to be hard coded to /usr/local/lib/python3.11/site-packages but then synapse updated it's minor python version and it broke
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ spec:
|
|||
- secretRef:
|
||||
name: synapse-janky-bot
|
||||
containers:
|
||||
- image: matrixdotorg/synapse:v1.119.0
|
||||
- image: matrixdotorg/synapse:v1.120.0
|
||||
name: synapse
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: bitwarden-cli
|
||||
image: ghcr.io/charlesthomas/bitwarden-cli:2024.11.0
|
||||
image: ghcr.io/charlesthomas/bitwarden-cli:2024.11.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
envFrom:
|
||||
- secretRef:
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ spec:
|
|||
fsGroup: 1001
|
||||
fsGroupChangePolicy: "OnRootMismatch"
|
||||
containers:
|
||||
- image: ghcr.io/shlinkio/shlink:4.2.5
|
||||
- image: ghcr.io/shlinkio/shlink:4.3.1
|
||||
name: shlink
|
||||
resources: {}
|
||||
ports:
|
||||
|
|
|
|||
|
|
@ -10,3 +10,30 @@
|
|||
apt:
|
||||
name: [ufw]
|
||||
state: absent
|
||||
|
||||
- name: check which users exist
|
||||
ansible.builtin.user:
|
||||
name: "{{ item }}"
|
||||
loop: ["root", "finn", "debian"]
|
||||
check_mode: true
|
||||
register: users
|
||||
|
||||
- name: Ensure SSH key is set
|
||||
ansible.posix.authorized_key:
|
||||
user: "{{ item.item }}"
|
||||
state: present
|
||||
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJs5PJ6jQF7Sx3T1b1+NBXt4JRsnjGnWv8+bCf4RpwGM finn@taint
|
||||
loop: "{{ users.results }}"
|
||||
loop_control:
|
||||
label: "{{ item.item }}"
|
||||
when: item.state | d('') == 'present'
|
||||
|
||||
- name: Invalidate old SSH key
|
||||
ansible.posix.authorized_key:
|
||||
user: "{{ item.item }}"
|
||||
state: absent
|
||||
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMaJrZWSrAYTaCoGhW+o8HivmBj5oZi7Dei73FtCl0d finn@taint
|
||||
loop: "{{ users.results }}"
|
||||
loop_control:
|
||||
label: "{{ item.item }}"
|
||||
when: item.state | d('') == 'present'
|
||||
|
|
|
|||
Loading…
Reference in a new issue