From f8cb2e109b9fe085eec361b84e61caa2dabfb597 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Mon, 30 Oct 2023 02:05:53 +0100
Subject: [PATCH 1/4] update submodules and acmetool config

---
 host_vars/mail01.l3d.space/vars.yml   | 10 ++++++++++
 host_vars/services.l3d.space/vars.yml |  5 +++++
 host_vars/web01.l3d.space/vars.yml    |  7 +++++++
 roles/do1jlr.acmetool                 |  2 +-
 roles/do1jlr.etebase                  |  2 +-
 roles/do1jlr.rspamd                   |  2 +-
 roles/do1jlr.weechat                  |  2 +-
 7 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/host_vars/mail01.l3d.space/vars.yml b/host_vars/mail01.l3d.space/vars.yml
index f35d6a7..4189e07 100644
--- a/host_vars/mail01.l3d.space/vars.yml
+++ b/host_vars/mail01.l3d.space/vars.yml
@@ -53,6 +53,16 @@ nginx_sites:
 # letsencrypt
 acme_notification_email: "{{ _acme_notification_email }}"
 
+# acmetool config
+acme_reload_services:
+  - 'nginx'
+
+acme_restart_services:
+  - 'rspamd'
+  - 'dovecot'
+  - 'unbound'
+  - 'redis-server'
+
 # firewall
 fail2ban_destemail: "{{ _fail2ban_destemail }}"
 firewall_allowed_tcp_ports:
diff --git a/host_vars/services.l3d.space/vars.yml b/host_vars/services.l3d.space/vars.yml
index d9c903b..87f9ff4 100644
--- a/host_vars/services.l3d.space/vars.yml
+++ b/host_vars/services.l3d.space/vars.yml
@@ -19,3 +19,8 @@ etebase__allowed_hosts_allowed_host1: 'etebase.l3d.ch'
 etebase__restart_webserver: true
 etebase__systemd_setup: true
 etebase__create_backup: true
+
+# acmetool config
+acme_reload_services:
+  - 'nginx'
+
diff --git a/host_vars/web01.l3d.space/vars.yml b/host_vars/web01.l3d.space/vars.yml
index a346543..8faa291 100644
--- a/host_vars/web01.l3d.space/vars.yml
+++ b/host_vars/web01.l3d.space/vars.yml
@@ -107,6 +107,13 @@ local_accounts:
   - 'klima'
   - 'roles'
 
+# acmetool config
+acme_reload_services:
+  - 'nginx'
+
+acme_restart_services:
+  - 'gitea'
+
 acme_domain_unwant_list: []
 #  - name: 'example.com'
 
diff --git a/roles/do1jlr.acmetool b/roles/do1jlr.acmetool
index 83df9b7..18a56d9 160000
--- a/roles/do1jlr.acmetool
+++ b/roles/do1jlr.acmetool
@@ -1 +1 @@
-Subproject commit 83df9b74904169e5698555cac183e5cb410f86a6
+Subproject commit 18a56d9045a78634f9fcaf0d8cd5aa0ab2f1393e
diff --git a/roles/do1jlr.etebase b/roles/do1jlr.etebase
index 1c12366..16f389c 160000
--- a/roles/do1jlr.etebase
+++ b/roles/do1jlr.etebase
@@ -1 +1 @@
-Subproject commit 1c12366f23b6f8f516eba2605b91fa7c1dd1cfc4
+Subproject commit 16f389ca76868c0208191595aa036a19cc49c867
diff --git a/roles/do1jlr.rspamd b/roles/do1jlr.rspamd
index 8dcfbcb..affa49e 160000
--- a/roles/do1jlr.rspamd
+++ b/roles/do1jlr.rspamd
@@ -1 +1 @@
-Subproject commit 8dcfbcbeead8675161aff34804603b2cd9a548ec
+Subproject commit affa49e57040ff0852a85ab3d4ee0da6c6669f2d
diff --git a/roles/do1jlr.weechat b/roles/do1jlr.weechat
index 759f0be..f31546b 160000
--- a/roles/do1jlr.weechat
+++ b/roles/do1jlr.weechat
@@ -1 +1 @@
-Subproject commit 759f0be0edc8fc7cd6416b8f47755e2b13f5d47f
+Subproject commit f31546bbda440578f289aa27469fd5bf778a96fb

From 6f5148a871881d102847046173f9e700359a5a35 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Mon, 30 Oct 2023 02:14:28 +0100
Subject: [PATCH 2/4] improve linting and requirements

---
 .github/dependabot.yml                      | 12 +++++++++++
 .github/workflows/ansible-linting-check.yml | 24 +++++++++++++++++++++
 .github/workflows/j2lint-check.yml          | 22 +++++++++++++++++++
 .github/workflows/yamllint-check.yml        | 22 +++++++++++++++++++
 .github/workflows/yamllint.yaml             | 20 -----------------
 host_vars/services.l3d.space/vars.yml       |  1 -
 requirements.txt                            |  3 ++-
 requirements.yml                            |  6 ++++++
 8 files changed, 88 insertions(+), 22 deletions(-)
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/ansible-linting-check.yml
 create mode 100644 .github/workflows/j2lint-check.yml
 create mode 100644 .github/workflows/yamllint-check.yml
 delete mode 100644 .github/workflows/yamllint.yaml
 create mode 100644 requirements.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..c40819a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,12 @@
+---
+# See https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml
new file mode 100644
index 0000000..cdf93dc
--- /dev/null
+++ b/.github/workflows/ansible-linting-check.yml
@@ -0,0 +1,24 @@
+---
+name: Ansible Lint check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run ansible-lint
+        uses: ansible-actions/ansible-lint-action@v1.0.2
+        with:
+          target: "site.yml"
+          python_dependency_file: 'requirements.txt'
+          collections_yml: 'requirements.yml'
diff --git a/.github/workflows/j2lint-check.yml b/.github/workflows/j2lint-check.yml
new file mode 100644
index 0000000..00c7861
--- /dev/null
+++ b/.github/workflows/j2lint-check.yml
@@ -0,0 +1,22 @@
+---
+name: Jinja2 Linting check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Jinja2 Linting
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run j2lint
+        uses: ansible-actions/j2lint-action@v0.0.1
+        with:
+          target: "./"
diff --git a/.github/workflows/yamllint-check.yml b/.github/workflows/yamllint-check.yml
new file mode 100644
index 0000000..5e62f57
--- /dev/null
+++ b/.github/workflows/yamllint-check.yml
@@ -0,0 +1,22 @@
+---
+name: Yamllint check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Yamllint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run yamllint
+        uses: ansible-actions/yamllint-action@v0.0.1
+        with:
+          target: "./"
diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml
deleted file mode 100644
index c4894bd..0000000
--- a/.github/workflows/yamllint.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-name: 'Yamllint GitHub Actions'
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  yamllint:
-    name: 'Yamllint'
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Checkout'
-        uses: actions/checkout@master
-      - name: 'Yamllint'
-        uses: karancode/yamllint-github-action@master
-        with:
-          yamllint_file_or_dir: '.'
-          yamllint_config_filepath: './.yamllint'
-          yamllint_strict: false
-          yamllint_comment: true
diff --git a/host_vars/services.l3d.space/vars.yml b/host_vars/services.l3d.space/vars.yml
index 87f9ff4..fbe25ce 100644
--- a/host_vars/services.l3d.space/vars.yml
+++ b/host_vars/services.l3d.space/vars.yml
@@ -23,4 +23,3 @@ etebase__create_backup: true
 # acmetool config
 acme_reload_services:
   - 'nginx'
-
diff --git a/requirements.txt b/requirements.txt
index 45c1e03..da63411 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1,2 @@
-jmespath
+jmespath>=1.0.1
+passlib[bcrypt]>=1.7.4
diff --git a/requirements.yml b/requirements.yml
new file mode 100644
index 0000000..4fcd9ad
--- /dev/null
+++ b/requirements.yml
@@ -0,0 +1,6 @@
+---
+collections:
+  - name: 'community.general'
+    version: ">=7.5.0,<=8.0.0"
+  - name: 'community.crypto'
+    version: ">=2.15.1,<=3.0.0"

From 567c57e78456412838025d6444c5928ca5cfe553 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Mon, 30 Oct 2023 02:25:21 +0100
Subject: [PATCH 3/4] improve j2ling

---
 .github/workflows/j2lint-check.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/j2lint-check.yml b/.github/workflows/j2lint-check.yml
index 00c7861..95647bd 100644
--- a/.github/workflows/j2lint-check.yml
+++ b/.github/workflows/j2lint-check.yml
@@ -19,4 +19,4 @@ jobs:
       - name: Run j2lint
         uses: ansible-actions/j2lint-action@v0.0.1
         with:
-          target: "./"
+          target: "templates/"

From ad74d0563a5fc55976a02384c694bf7421e06a76 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Mon, 30 Oct 2023 02:29:18 +0100
Subject: [PATCH 4/4] Improve linting checking

---
 .github/workflows/ansible-linting-check.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml
index cdf93dc..9f13b8c 100644
--- a/.github/workflows/ansible-linting-check.yml
+++ b/.github/workflows/ansible-linting-check.yml
@@ -19,6 +19,5 @@ jobs:
       - name: Run ansible-lint
         uses: ansible-actions/ansible-lint-action@v1.0.2
         with:
-          target: "site.yml"
+          target: "./"
           python_dependency_file: 'requirements.txt'
-          collections_yml: 'requirements.yml'