freepbx: Install additional required packages

freepbx: Cleanup and only use flask based application
freepbx: Install self developed yealink packages
2024-12-07 00:26:25 +01:00 · 2024-11-30 12:51:55 +01:00 · 2024-11-22 20:21:56 +01:00
34 changed files with 80 additions and 171 deletions
--- a/README.md
+++ b/README.md
@ -15,26 +15,25 @@ Currently the following hosts are installed:
 ### Internal Servers
-| Hostname                    | OS        | Purpose                 |
+| Hostname                  | OS        | Purpose                 |
-| --------------------------- | --------- | ----------------------- |
+| ------------------------- | --------- | ----------------------- |
-| wurst.binary.kitchen        | Proxmox 8 | VM Host                 |
+| wurst.binary.kitchen      | Proxmox 8 | VM Host                 |
-| salat.binary.kitchen        | Proxmox 8 | VM Host                 |
+| salat.binary.kitchen      | Proxmox 8 | VM Host                 |
-| weizen.binary.kitchen       | Proxmox 8 | VM Host                 |
+| weizen.binary.kitchen     | Proxmox 8 | VM Host                 |
-| bacon.binary.kitchen        | Debian 12 | DNS, DHCP, LDAP, RADIUS |
+| bacon.binary.kitchen      | Debian 12 | DNS, DHCP, LDAP, RADIUS |
-| aveta.binary.kitchen        | Debian 12 | DNS, DHCP, LDAP, RADIUS |
+| aveta.binary.kitchen      | Debian 12 | DNS, DHCP, LDAP, RADIUS |
-| aeron.binary.kitchen        | Debian 12 | DNS, DHCP, LDAP, RADIUS |
+| aeron.binary.kitchen      | Debian 12 | DNS, DHCP, LDAP, RADIUS |
-| sulis.binary.kitchen        | Debian 12 | Shell                   |
+| sulis.binary.kitchen      | Debian 12 | Shell                   |
-| nabia.binary.kitchen        | Debian 12 | Monitoring              |
+| nabia.binary.kitchen      | Debian 12 | Monitoring              |
-| epona.binary.kitchen        | Debian 12 | NetBox                  |
+| epona.binary.kitchen      | Debian 12 | NetBox                  |
-| pizza.binary.kitchen        | Debian 11 | OpenHAB *               |
+| pizza.binary.kitchen      | Debian 11 | OpenHAB *               |
-| pancake.binary.kitchen      | Debian 12 | XRDP                    |
+| pancake.binary.kitchen    | Debian 12 | XRDP                    |
-| knoedel.binary.kitchen      | Debian 12 | SIP-DECT OMM            |
+| knoedel.binary.kitchen    | Debian 12 | SIP-DECT OMM            |
-| schweinshaxn.binary.kitchen | Debian 12 | FreePBX                 |
+| bob.binary.kitchen        | Debian 12 | Gitea Actions           |
-| bob.binary.kitchen          | Debian 12 | Gitea Actions           |
+| lasagne.binary.kitchen    | Debian 12 | Home Assistant *        |
-| lasagne.binary.kitchen      | Debian 12 | Home Assistant *        |
+| tschunk.binary.kitchen    | Debian 12 | Strichliste             |
-| tschunk.binary.kitchen      | Debian 12 | Strichliste             |
+| bowle.binary.kitchen      | Debian 12 | Files                   |
-| bowle.binary.kitchen        | Debian 12 | Files                   |
+| lock-auweg.binary.kitchen | Debian 12 | Doorlock                |
 | lock-auweg.binary.kitchen   | Debian 12 | Doorlock                |
 \*: The main application is not managed by ansible but manually installed
@ -64,5 +63,6 @@ Currently the following hosts are installed:
 | palladium.binary-kitchen.net  | Debian 12 | Event pretalx           |
 | argentum.binary-kitchen.net   | Debian 12 | Event Web *             |
 | cadmium.binary-kitchen.net    | Debian 12 | Event NetBox *          |
 | indium.binary-kitchen.net     | Debian 12 | Igel CAM *              |
 \*: The main application is not managed by ansible but manually installed
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@ -106,7 +106,6 @@ mail_aliases:
 - "seife@binary-kitchen.de	anke@binary-kitchen.de"
 - "siebdruck@binary-kitchen.de	anke@binary-kitchen.de"
 - "therapy-jetzt@binary-kitchen.de	darthrain@binary-kitchen.de"
 - "toepferwerkstatt@binary-kitchen.de	anke@binary-kitchen.de,meet_judith@binary-kitchen.de"
 - "vorstand@binary-kitchen.de	anke@binary-kitchen.de,christoph@schindlbeck.eu,ralf@binary-kitchen.de,zaesa@binary-kitchen.de"
 - "voucher1@binary-kitchen.de	exxess@binary-kitchen.de"
 - "voucher2@binary-kitchen.de	exxess@binary-kitchen.de"
--- a/host_vars/aeron.binary.kitchen
+++ b/host_vars/aeron.binary.kitchen
@ -6,4 +6,4 @@ slapd_hostname: ldap3.binary.kitchen
 slapd_replica_id: 3
 slapd_role: slave
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/bacon.binary.kitchen
+++ b/host_vars/bacon.binary.kitchen
@ -16,4 +16,4 @@ slapd_hostname: ldap1.binary.kitchen
 slapd_replica_id: 1
 slapd_role: slave
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/bowle.binary.kitchen
+++ b/host_vars/bowle.binary.kitchen
@ -5,4 +5,4 @@ nfs_exports:
 - /exports/backup/rz 172.23.9.61(rw,sync,no_subtree_check)
 - /exports/tank 172.23.0.0/22(rw,sync,no_subtree_check)
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/lasagne.binary.kitchen
+++ b/host_vars/lasagne.binary.kitchen
@ -8,4 +8,4 @@ root_keys_host:
 - "# Thomas Schmid"
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0Wq37DP89UO6MiJvvRbsXEcEV9d5/JJb7K2R0WHsHa sct39667@m-mob-062"
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/pizza.binary.kitchen
+++ b/host_vars/pizza.binary.kitchen
@ -8,4 +8,4 @@ root_keys_host:
 - "# Thomas Schmid"
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0Wq37DP89UO6MiJvvRbsXEcEV9d5/JJb7K2R0WHsHa sct39667@m-mob-062"
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/ruthenium.binary-kitchen.net
+++ b/host_vars/ruthenium.binary-kitchen.net
@ -4,4 +4,4 @@ root_keys_host:
 - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtTJqeSsB+aRiQ2WeFLVA5dz5YfCuv2TZmsyFqZ8NefJH/ZP3+gud3DwBq4l9HbDJUbfvApLQ9qbwaX0VhBv67mM6f4sWNG8uUW+9MYd6ZTeP3KUwZIHM52nqMFe5XScADL4s8Jsnb08gVp9xdcdufsbiLNYfuNFk+wcwRYtD5eqXZi3oaqshlq61LfBeC958vzvceDrZ2obfCJJ2pvmhUyORvgb6jXfx3kZku5qgk6m9NfyY95UZvSweDZPiN5YqLYekz+jxrYDyeA0DPgwlTcyGn8JI9/HkAD/odTpTAH+T6sbf0OkUi7ufNElAXvxDOJZN8NhxPFfUAW9naTYwGoPd4OJw0AOVLzKcVIjEXKtrxeQ0NOZVoucLFgnXO4iDZGrVHohPVj1UbrVpF00lokBLz1Xh4egrNw0g2Gt28HmZ9lg5Ymv8jJWAy87r5wV0O6aIuseGkSr/V6+92AGK/Yy1tKhZujtv5+CvVVBrLvoOnJJh8vFoVuRM+ucLBhqpewDY2yHZHzQ3J5SZKJ30mBUSYAKHBqVI4VmC/n235VMumIEsqnZvzk96G5TXWyZb0qzkXcct1H8MyQgG0SR0G4Ylm5skCZppEE7udV/wb8lRZv+2YrqBueKZ+Wu6IT3HJbUkor7CcbORjhwL4ETziPm4g4BrTPGUTjyeZ4nSDPQ== exxess"
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG6uNwYKF3rqleM/HP95M+rsm+gwKY8epdtW2OutneY9 ralf@pluto"
-unattended_reboot: "false"
+uau_reboot: "false"
--- a/host_vars/schweinshaxn.binary.kitchen
+++ b/host_vars/schweinshaxn.binary.kitchen
@ -1,4 +0,0 @@
 ---
 root_keys_host:
 - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMJDyq3veSnK+6hSw+Ml6lvTQTPC6vRFqtDXvPBnOtId8F9+/N0ADcPa5UTesnTkQgSAY7WpSoN5D6clYzdcPR55e5WZwZfMSkX14D7v7mrGxUcE4HshTorfEYv5XBd11Tvu0ruMdxlFQ+VFHkZIF305xgyx32INA3zUfnhzHJlKEdIAy8iSbERUV+X5kB59aep6xSpitCHJtsTT5Ky+EsvAhndKB5hDBuwVVr0+Sg5PypeTQ4zzWFyR6DFBEvyEj6bs/pQff9WxSRIXEuLffXOXdRLGHWqX7PfhWcH9WNH55WT7ZKCMGVuG4kYLkZ633c296ISg9q0eNKn99oHuwvzVg/wV3wndHINE+iUKKJjaRUpDUwd9DftFqMbFGATpf8en6KPs/7bgZUGACIfDO6Uy59V75cntiMFZc+BnnpV2qLVBFFD5ClRBCRdqH5D0px+jpuQFo9EUhggL4jzlj9wQf26zv0E4zSGTqbM1jfO3zcXlxSjg3H3Og2GAO5fCQiodpsqkW9Hby/p4s5l+P97tlVlgapnZlSA/1em4lmYshmRk/9scN8PMSXfW9uhncv9qXqp0ypEqEuNfj5u/1Eu8zmayIA9V23xyPn92LMT6MP2BB1kC7jeAXfXHdKBhTYW6bLQJKMs9nypH6RODK1fb9JlIrB61ZDJ9L5K++o2Q== noby"
--- a/host_vars/tschunk.binary.kitchen
+++ b/host_vars/tschunk.binary.kitchen
@ -4,4 +4,4 @@ root_keys_host:
 - "# Thomas Schmid"
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0Wq37DP89UO6MiJvvRbsXEcEV9d5/JJb7K2R0WHsHa sct39667@m-mob-062"
-unattended_reboot: "true"
+uau_reboot: "true"
--- a/2
+++ b/2
@ -8,7 +8,6 @@ epona.binary.kitchen ansible_host=172.23.2.7
 pizza.binary.kitchen ansible_host=172.23.2.33
 pancake.binary.kitchen ansible_host=172.23.2.34
 knoedel.binary.kitchen ansible_host=172.23.2.35
 schweinshaxn.binary.kitchen ansible_host=172.23.2.36
 bob.binary.kitchen ansible_host=172.23.2.37
 lasagne.binary.kitchen ansible_host=172.23.2.38
 tschunk.binary.kitchen ansible_host=172.23.2.39
@ -39,3 +38,4 @@ ruthenium.binary-kitchen.net
 rhodium.binary-kitchen.net
 argentum.binary-kitchen.net
 cadmium.binary-kitchen.net
 indium.binary-kitchen.net
--- a/roles/authentik/defaults/main.yml
+++ b/roles/authentik/defaults/main.yml
@ -1,3 +1,3 @@
 ---
-authentik_version: 2024.12.1
+authentik_version: 2024.10.2
--- a/roles/authentik/templates/authentik.service.j2
+++ b/roles/authentik/templates/authentik.service.j2
@ -15,6 +15,8 @@ TimeoutStartSec=1200
 WorkingDirectory=/opt/authentik
 # Make sure no old containers are running
 ExecStartPre=/usr/bin/docker-compose down -v
 # Update images
 ExecStartPre=-/usr/bin/docker-compose pull --quiet
--- a/roles/authentik/templates/docker-compose.yml.j2
+++ b/roles/authentik/templates/docker-compose.yml.j2
@ -45,10 +45,8 @@ services:
    ports:
      - "127.0.0.1:9000:9000"
    depends_on:
-      postgresql:
+      - postgresql
-        condition: service_healthy
+      - redis
      redis:
        condition: service_healthy
  worker:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:{{ authentik_version }}
    restart: unless-stopped
@ -73,7 +71,5 @@ services:
      - ./certs:/certs
      - ./custom-templates:/templates
    depends_on:
-      postgresql:
+      - postgresql
-        condition: service_healthy
+      - redis
      redis:
        condition: service_healthy
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@ -9,5 +9,3 @@ logrotate_excludes:
 sshd_password_authentication: "no"
 sshd_permit_root_login: "prohibit-password"
 unattended_reboot: "true"
--- a/roles/common/tasks/Debian.yml
+++ b/roles/common/tasks/Debian.yml
@ -4,7 +4,6 @@
  apt:
    name:
    - apt-transport-https
    - debian-goodies
    - dnsutils
    - fdisk
    - gnupg2
@ -16,7 +15,6 @@
    - pydf
    - rsync
    - sudo
    - unattended-upgrades
    - vim-nox
    - wget
    - zsh
@ -28,12 +26,6 @@
    - qemu-guest-agent
  when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
 - name: Configure unattended upgrades
  template: src={{ item }}.j2 dest=/etc/apt/apt.conf.d/{{ item }}
  with_items:
  - 02periodic
  - 50unattended-upgrades
 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
  diff: no
--- a/roles/common/tasks/Proxmox.yml
+++ b/roles/common/tasks/Proxmox.yml
@ -9,7 +9,6 @@
    - less
    - rsync
    - vim-nox
    - wget
    - zsh
 - name: Configure misc software
--- a/roles/common/tasks/chrony.yml
+++ b/roles/common/tasks/chrony.yml
@ -6,6 +6,3 @@
 - name: Configure chrony
  template: src=chrony.conf.j2 dest=/etc/chrony/chrony.conf
  notify: Restart chrony
 - name: Start chrony
  service: name=chrony state=started enabled=yes
--- a/roles/gitea/defaults/main.yml
+++ b/roles/gitea/defaults/main.yml
@ -3,5 +3,5 @@
 gitea_user: gogs
 gitea_group: gogs
-gitea_version: 1.22.6
+gitea_version: 1.22.3
 gitea_url: https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64
--- a/roles/hedgedoc/templates/hedgedoc.service.j2
+++ b/roles/hedgedoc/templates/hedgedoc.service.j2
@ -15,6 +15,8 @@ TimeoutStartSec=1200
 WorkingDirectory=/opt/hedgedoc
 # Make sure no old containers are running
 ExecStartPre=/usr/bin/docker-compose down -v
 # Update images
 ExecStartPre=-/usr/bin/docker-compose pull --quiet
--- a/roles/indium_dummy/meta/main.yml
+++ b/roles/indium_dummy/meta/main.yml
@ -0,0 +1,5 @@
 ---
 dependencies:
 - { role: acertmgr }
 - { role: nginx, nginx_ssl: True }
--- a/roles/indium_dummy/tasks/main.yml
+++ b/roles/indium_dummy/tasks/main.yml
@ -0,0 +1 @@
 ---
--- a/roles/kea/templates/kea/kea-dhcp4.conf.j2
+++ b/roles/kea/templates/kea/kea-dhcp4.conf.j2
@ -32,7 +32,7 @@
            "parameters": {
                "high-availability": [ {
                    "this-server-name": "{{ inventory_hostname.split('.')[0] }}",
-                    "mode": "load-balancing",
+                    "mode": "hot-standby",
                    "heartbeat-delay": 10000,
                    "max-response-delay": 60000,
                    "max-ack-delay": 5000,
@ -42,14 +42,12 @@
                        {
                            "name": "{{ lookup('dig', dhcpd_primary+'/PTR', '@'+dns_primary).split('.')[0] }}",
                            "url": "http://{{ dhcpd_primary }}:8000/",
-                            "role": "primary",
+                            "role": "primary"
                            "auto-failover": true
                        },
                        {
                            "name": "{{ lookup('dig', dhcpd_secondary+'/PTR', '@'+dns_primary).split('.')[0] }}",
                            "url": "http://{{ dhcpd_secondary }}:8000/",
-                            "role": "secondary",
+                            "role": "standby"
                            "auto-failover": true
                        }
                    ]
                } ]
@ -294,26 +292,6 @@
                    "hostname": "cannelloni"
                },
                {
                    "hw-address": "7c:d9:5c:3f:ca:70",
                    "hostname": "cc-keller-video"
                },
                {
                    "hw-address": "54:60:09:f6:49:52",
                    "hostname": "cc-wohnzimmer-audio"
                },
                {
                    "hw-address": "30:fd:38:ce:5a:01",
                    "hostname": "cc-wohnzimmer-video"
                },
                {
                    "hw-address": "54:60:09:f4:da:1c",
                    "hostname": "cc-workshop-audio"
                },
                {
                    "hw-address": "b8:27:eb:1d:b9:bf",
                    "ip-address": "172.23.3.240",
@ -441,16 +419,6 @@
                    "hw-address": "dc:a6:32:bf:e2:3e",
                    "ip-address": "172.23.4.251",
                    "hostname": "openhabgw1"
                },
                {
                    "hw-address": "40:f5:20:28:c7:9b",
                    "hostname": "wled-flux"
                },
                {
                    "hw-address": "08:f9:e0:e4:51:30",
                    "hostname": "wled-stairs"
                }
            ]
        },
--- a/roles/netbox/defaults/main.yml
+++ b/roles/netbox/defaults/main.yml
@ -2,4 +2,4 @@
 netbox_group: netbox
 netbox_user: netbox
-netbox_version: 4.1.8
+netbox_version: 4.1.6
--- a/roles/uau/defaults/main.yml
+++ b/roles/uau/defaults/main.yml
@ -0,0 +1,3 @@
 ---
 uau_reboot: "true"
--- a/roles/uau/tasks/main.yml
+++ b/roles/uau/tasks/main.yml
@ -0,0 +1,13 @@
 ---
 - name: Install unattended upgrades
  apt:
    name:
    - unattended-upgrades
    - debian-goodies
 - name: Configure unattended upgrades
  template: src={{ item }}.j2 dest=/etc/apt/apt.conf.d/{{ item }}
  with_items:
  - 02periodic
  - 50unattended-upgrades
--- a/roles/common/templates/02periodic.j2
+++ b/roles/common/templates/02periodic.j2
--- a/roles/common/templates/50unattended-upgrades.j2
+++ b/roles/common/templates/50unattended-upgrades.j2
@ -113,7 +113,7 @@ Unattended-Upgrade::Remove-Unused-Dependencies "true";
 // Automatically reboot *WITHOUT CONFIRMATION* if
 //  the file /var/run/reboot-required is found after the upgrade
-Unattended-Upgrade::Automatic-Reboot "{{ unattended_reboot }}";
+Unattended-Upgrade::Automatic-Reboot "{{ uau_reboot }}";
 // Automatically reboot even if there are users currently logged in
 // when Unattended-Upgrade::Automatic-Reboot is set to true
--- a/roles/vaultwarden/templates/vaultwarden.service.j2
+++ b/roles/vaultwarden/templates/vaultwarden.service.j2
@ -15,6 +15,8 @@ TimeoutStartSec=1200
 WorkingDirectory=/opt/vaultwarden
 # Make sure no old containers are running
 ExecStartPre=/usr/bin/docker-compose down -v
 # Update images
 ExecStartPre=-/usr/bin/docker-compose pull --quiet
--- a/roles/web/files/certs
+++ b/roles/web/files/certs
@ -28,20 +28,6 @@ autoconfig.binary-kitchen.de:
  format: key
  action: '/usr/sbin/service nginx restart'
 door.binary-kitchen.de:
 - path: /etc/nginx/ssl/door.binary-kitchen.de.crt
  user: root
  group: root
  perm: '400'
  format: crt,ca
  action: '/usr/sbin/service nginx restart'
 - path: /etc/nginx/ssl/door.binary-kitchen.de.key
  user: root
  group: root
  perm: '400'
  format: key
  action: '/usr/sbin/service nginx restart'
 www.ccc-r.de:
 - path: /etc/nginx/ssl/www.ccc-r.de.crt
  user: root
--- a/roles/web/files/vhost
+++ b/roles/web/files/vhost
@ -244,51 +244,3 @@ server {
 	default_type text/html;
 }
 server {
 	listen 80;
 	listen [::]:80;
 	server_name door.binary-kitchen.de;
 	location /.well-known/acme-challenge {
 		default_type "text/plain";
 		alias /var/www/acme-challenge;
 	}
 	location / {
 		return 301 https://door.binary-kitchen.de$request_uri;
 	}
 }
 server {
 	listen 443 ssl http2;
 	listen [::]:443 ssl http2;
 	server_name door.binary-kitchen.de;
 	ssl_certificate_key /etc/nginx/ssl/door.binary-kitchen.de.key;
 	ssl_certificate /etc/nginx/ssl/door.binary-kitchen.de.crt;
 	root /var/www/kitchen-doorbot;
 	client_max_body_size 32M;
 	index index.php;
 	location / {
 		try_files $uri $uri/ @rewrite;
 	}
 	location @rewrite {
 		rewrite ^/(.*)$ /index.php?path=$1 last;
 	}
 	location ~ \.php(?:$|/) {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;
 		include fastcgi_params;
 		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 		fastcgi_param PATH_INFO $fastcgi_path_info;
 		fastcgi_pass unix:/var/run/php/php8.2-fpm-www.sock;
 		fastcgi_intercept_errors on;
 	}
 }
--- a/roles/web/tasks/main.yml
+++ b/roles/web/tasks/main.yml
@ -3,7 +3,6 @@
 - name: Install dependencies
  apt:
    name:
    - php-curl
    - php-fpm
    - php-ldap
    - php-sqlite3
@ -19,7 +18,6 @@
  - eh21-fahrplan
  - makerspace-regensburg
  - kitchen
  - kitchen-doorbot
 - name: Ensure (BK) certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/www.binary-kitchen.de.key -out /etc/nginx/ssl/www.binary-kitchen.de.crt -days 730 -subj "/CN=www.binary-kitchen.de" creates=/etc/nginx/ssl/www.binary-kitchen.de.crt
@ -29,10 +27,6 @@
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/autoconfig.binary-kitchen.de.key -out /etc/nginx/ssl/autoconfig.binary-kitchen.de.crt -days 730 -subj "/CN=autoconfig.binary-kitchen.de" creates=/etc/nginx/ssl/autoconfig.binary-kitchen.de.crt
  notify: Restart nginx
 - name: Ensure (BK doorbot) certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/door.binary-kitchen.de.key -out /etc/nginx/ssl/door.binary-kitchen.de.crt -days 730 -subj "/CN=door.binary-kitchen.de" creates=/etc/nginx/ssl/door.binary-kitchen.de.crt
  notify: Restart nginx
 - name: Ensure (CCC-R) certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/www.ccc-r.de.key -out /etc/nginx/ssl/www.ccc-r.de.crt -days 730 -subj "/CN=www.ccc-r.de" creates=/etc/nginx/ssl/www.ccc-r.de.crt
  notify: Restart nginx
@ -84,7 +78,6 @@
  with_items:
  - "www.binary-kitchen.de"
  - "autoconfig.binary-kitchen.de"
  - "door.binary-kitchen.de"
  - "www.ccc-r.de"
  - "www.makerspace-regensburg.de"
  - "fahrplan.eh21.easterhegg.eu"
--- a/roles/xrdp_apphost/defaults/main.yml
+++ b/roles/xrdp_apphost/defaults/main.yml
@ -31,8 +31,8 @@ xrdp_applications:
    salt: "{{ vault_xrdp_apphost_lightburn_salt }}"
    git_config_folder: /home/lightburn/.config/LightBurn/
-    checksum: sha256:369eeccf3b3631e095324645631a516f311616486342075e056a83fdb9877c4a
+    checksum: sha256:c366f542a32b93e2e0f9e9b03c3cba4dcedecbadec09d94a053c19dae2f69cc8
-    version: 1.7.04
+    version: 1.5.03
  Estlcam:
    user: estlcam
@ -52,7 +52,7 @@ xrdp_applications:
    version_base: 2.7.2
    version: 2.7.2+linux-x64-GTK3-202402291307
-lightburn_url: https://release.lightburnsoftware.com/LightBurn/Release/LightBurn-v{{ xrdp_applications.LightBurn.version }}/LightBurn-Linux64-v{{ xrdp_applications.LightBurn.version }}.run
+lightburn_url: https://github.com/LightBurnSoftware/deployment/releases/download/{{ xrdp_applications.LightBurn.version }}/LightBurn-Linux64-v{{ xrdp_applications.LightBurn.version }}.run
 lightburn_target: /home/{{ xrdp_applications.LightBurn.user }}/LightBurn-Linux64-v{{ xrdp_applications.LightBurn.version }}.run
 slicer_url: https://github.com/prusa3d/PrusaSlicer/releases/download/version_{{ xrdp_applications.Slicer.version_base }}/PrusaSlicer-{{ xrdp_applications.Slicer.version }}.AppImage
--- a/site.yml
+++ b/site.yml
@ -6,6 +6,11 @@
  - common
  - root_keys
 - name: Setup unattended updates
  hosts: [sulis.binary.kitchen, nabia.binary.kitchen, epona.binary.kitchen, pizza.binary.kitchen, pancake.binary.kitchen, knoedel.binary.kitchen, bob.binary.kitchen, lasagne.binary.kitchen, tschunk.binary.kitchen, bowle.binary.kitchen, beryllium.binary-kitchen.net, boron.binary-kitchen.net, carbon.binary-kitchen.net, nitrogen.binary-kitchen.net, oxygen.binary-kitchen.net, fluorine.binary-kitchen.net, neon.binary-kitchen.net, sodium.binary-kitchen.net, magnesium.binary-kitchen.net, aluminium.binary-kitchen.net, krypton.binary-kitchen.net, yttrium.binary-kitchen.net, zirconium.binary-kitchen.net, molybdenum.binary-kitchen.net, ruthenium.binary-kitchen.net, rhodium.binary-kitchen.net, argentum.binary-kitchen.net, cadmium.binary-kitchen.net, indium.binary-kitchen.net]
  roles:
  - uau
 - name: Setup Proxmox VE SSL
  hosts: [salat.binary.kitchen, wurst.binary.kitchen, weizen.binary.kitchen]
  roles:
@ -47,11 +52,6 @@
  roles:
  - omm
 - name: Setup FreePBX server
  hosts: schweinshaxn.binary.kitchen
  roles:
  - freepbx
 - name: Setup gitea runner server
  hosts: bob.binary.kitchen
  roles:
@ -158,6 +158,11 @@
  roles:
 # - netbox
 - name: Setup igelcam server
  hosts: indium.binary-kitchen.net
  roles:
  - indium_dummy
 - name: Setup event web server
  hosts: argentum.binary-kitchen.net
  roles:
Author	SHA1	Message	Date
Thomas Basler	9bb9ebfcce	freepbx: Install additional required packages	2024-12-07 00:26:25 +01:00
Thomas Basler	1c902b5a90	freepbx: Cleanup and only use flask based application	2024-11-30 12:51:55 +01:00
Thomas Basler	288a23b412	freepbx: Install self developed yealink packages	2024-11-22 20:21:56 +01:00
`@ -1,3 +1,3 @@`
	`---`	`---`

	`authentik_version: 2024.12.1`	`authentik_version: 2024.10.2`