1.18.0

v1.18.0 - 2023-10-11

Upgrade procedure:

• docker: if you want to keep using the docker role, update requirements.yml (xsrv edit-requirements) and playbook.yml (xsrv edit-playbook) to use the archived nodiscc.toolbox.docker role instead. nodiscc.xsrv.podman is now the recommended role for container management.
• xsrv upgrade to upgrade roles/ansible environments to the latest release
• xsrv deploy to apply changes

Note: the collection will no longer be updated on https://galaxy.ansible.com/ui/repo/published/nodiscc/xsrv/ until ansible/galaxy#2438 is fixed, please use the git repository URL in your requirements.yml, as documented in https://xsrv.readthedocs.io/en/latest/usage.html#use-as-ansible-collection.

Added:

• add gitea_act_runner role (Gitea Actions CI/CD runner)
• add podman role (OCI container engine and management tools, replacement for docker)
• gitea: allow enabling built-in Gitea Actions CI/CD system (gitea_enable_actions: no/yes)
• common: allow running unattended-upgrade or apt upgrade immediately (TAGS=utils-apt-unattended-upgrade,utils-apt-upgrade)
• matrix: allow setting up LDAP authentication backend for synapse (matrix_synapse_ldap_*)
• netdata: allow aggregating netdata error/health alarm/collector logs to syslog (netdata_logs_to_syslog: no/yes)
• docker: add an automated procedure to uninstall docker role components (TAGS=utils-docker-uninstall)
• nextcloud: allow automatically checking the filesystem/data directory for changes made outside Nextcloud (nextcloud_filesystem_check_changes: no/yes)

Removed:

• docker: remove role, archive it to separate repository
• apache: remove remove ability to install/configure mod-evasive anti-DDoS module

Changed:

• common: datetime: replace ntpd time synchronization service by systemd-timesyncd
• common: ssh: don't accept locale/language-related environment variables set by the client by default (ssh_accept_locale_env: no/yes)
• graylog: don't perform mongodb backups when the graylog/mongodb service is disabled on the host configuration (graylog_enable_service: yes/no)
• gitea: update to v 1.20.5 [1]
• matrix: update element-web to v1.11.46 [1] [2] [3]
• graylog: update to v5.1 [1] [2] [3] [4] [5] [6] [7]
• openldap: update ldap-account-manager to v8.5
• postgresql: update pgmetrics to v1.16.0
• netdata: update netdata-apt to v1.1.2 [1]
• xsrv: upgrade ansible to v8.5.0

Fixed:

• jitsi: fixed jitsi-videobridge sometimes failing to connect to prosody (org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized) - force updating jvb prosody password

Full changes since v1.17.0