Merge pull request #8 from DO1JLR/r

update submodules and acmetool config

.github/dependabot.yml

@@ -0,0 +1,12 @@
+---
+# See https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/ansible-linting-check.yml

@@ -0,0 +1,23 @@
+---
+name: Ansible Lint check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run ansible-lint
+        uses: ansible-actions/ansible-lint-action@v1.0.2
+        with:
+          target: "./"
+          python_dependency_file: 'requirements.txt'

.github/workflows/j2lint-check.yml

@@ -0,0 +1,22 @@
+---
+name: Jinja2 Linting check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Jinja2 Linting
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run j2lint
+        uses: ansible-actions/j2lint-action@v0.0.1
+        with:
+          target: "templates/"

.github/workflows/yamllint-check.yml

@@ -0,0 +1,22 @@
+---
+name: Yamllint check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Yamllint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Run yamllint
+        uses: ansible-actions/yamllint-action@v0.0.1
+        with:
+          target: "./"

.github/workflows/yamllint.yaml

@@ -1,20 +0,0 @@
----
-name: 'Yamllint GitHub Actions'
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  yamllint:
-    name: 'Yamllint'
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Checkout'
-        uses: actions/checkout@master
-      - name: 'Yamllint'
-        uses: karancode/yamllint-github-action@master
-        with:
-          yamllint_file_or_dir: '.'
-          yamllint_config_filepath: './.yamllint'
-          yamllint_strict: false
-          yamllint_comment: true

host_vars/mail01.l3d.space/vars.yml

@@ -53,6 +53,16 @@ nginx_sites:
 # letsencrypt
 acme_notification_email: "{{ _acme_notification_email }}"
 
+# acmetool config
+acme_reload_services:
+  - 'nginx'
+
+acme_restart_services:
+  - 'rspamd'
+  - 'dovecot'
+  - 'unbound'
+  - 'redis-server'
+
 # firewall
 fail2ban_destemail: "{{ _fail2ban_destemail }}"
 firewall_allowed_tcp_ports:

host_vars/services.l3d.space/vars.yml

@@ -19,3 +19,7 @@ etebase__allowed_hosts_allowed_host1: 'etebase.l3d.ch'
 etebase__restart_webserver: true
 etebase__systemd_setup: true
 etebase__create_backup: true
+
+# acmetool config
+acme_reload_services:
+  - 'nginx'

host_vars/web01.l3d.space/vars.yml

@@ -107,6 +107,13 @@ local_accounts:
   - 'klima'
   - 'roles'
 
+# acmetool config
+acme_reload_services:
+  - 'nginx'
+
+acme_restart_services:
+  - 'gitea'
+
 acme_domain_unwant_list: []
 #  - name: 'example.com'
 

requirements.txt

@@ -1 +1,2 @@
-jmespath
+jmespath>=1.0.1
+passlib[bcrypt]>=1.7.4

requirements.yml

@@ -0,0 +1,6 @@
+---
+collections:
+  - name: 'community.general'
+    version: ">=7.5.0,<=8.0.0"
+  - name: 'community.crypto'
+    version: ">=2.15.1,<=3.0.0"

roles/do1jlr.acmetool

@@ -1 +1 @@
-Subproject commit 83df9b74904169e5698555cac183e5cb410f86a6
+Subproject commit 18a56d9045a78634f9fcaf0d8cd5aa0ab2f1393e

roles/do1jlr.etebase

@@ -1 +1 @@
-Subproject commit 1c12366f23b6f8f516eba2605b91fa7c1dd1cfc4
+Subproject commit 16f389ca76868c0208191595aa036a19cc49c867

roles/do1jlr.rspamd

@@ -1 +1 @@
-Subproject commit 8dcfbcbeead8675161aff34804603b2cd9a548ec
+Subproject commit affa49e57040ff0852a85ab3d4ee0da6c6669f2d

roles/do1jlr.weechat

@@ -1 +1 @@
-Subproject commit 759f0be0edc8fc7cd6416b8f47755e2b13f5d47f
+Subproject commit f31546bbda440578f289aa27469fd5bf778a96fb