fix: capture exit code instead of std-out

fix: Unset -e during nc command
fix(lego): do not trigger script abortion on wanted exit code != 0
2025-11-28 12:23:10 +01:00 · 2025-11-28 12:23:10 +01:00 · 2025-11-28 12:23:10 +01:00 · 2025-11-28 12:20:16 +01:00 · 2025-11-07 22:39:21 +01:00 · 2025-11-06 19:41:21 +01:00
6 changed files with 15 additions and 11 deletions
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -1,6 +1,6 @@
 namespace: finallycoffee
 name: base
-version: 0.3.0
+version: 0.4.0
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
@@ -8,8 +8,9 @@ description: >-2
  Roles for base services which are core functionality like managing packages
  and ssh or common dependencies other services like databases
 dependencies:
-  "community.docker": "^4.2.0"
-  "community.general": "^10.0.0"
+  "community.docker": "^4.7.0"
+  "community.general": "^11.1.2"
+  "containers.podman": "^1.17.0"
 license_file: LICENSE.md
 build_ignore:
 - '*.tar.gz'
--- a/playbooks/lego_certificate.yml
+++ b/playbooks/lego_certificate.yml
@@ -10,7 +10,7 @@
      vars:
        _dns_record:
          type: "CNAME"
-          name: "_acme-challenge.{{ _domain }}"
+          name: "_acme-challenge.{{ _domain }}."
          content: "{{ target_tsig_key_name }}.{{ target_acme_zone }}."
      loop: "{{ target_domains }}"
      loop_control:
--- a/roles/lego/defaults/main.yml
+++ b/roles/lego/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 lego_user: "lego"
-lego_version: "4.25.1"
+lego_version: "4.28.1"
 lego_instance: default
 lego_base_path: "/opt/lego"
 lego_cert_user: "acme-{{ lego_instance }}"
--- a/roles/lego/files/lego_run.sh
+++ b/roles/lego/files/lego_run.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-set -euo pipefail
+set -xeuo pipefail

 LEGO_BINARY=$(/usr/bin/env which lego)

@@ -8,14 +8,17 @@ if [[ -n "${LEGO_HTTP_FALLBACK_PORT:-}" ]]; then
    echo "nc not found (in PATH), exiting"
    exit 1
  fi
+  set +e
  nc -z 127.0.0.1 $LEGO_HTTP_PORT;
-  if [[ $? -eq 0 ]]; then
+  nc_exit_code=$?;
+  set -e
+  if [[ $nc_exit_code -eq 0 ]]; then
      LEGO_HTTP_PORT=$LEGO_HTTP_FALLBACK_PORT
  fi
 fi

 if [[ -n "${LEGO_PRE_RENEWAL_HOOK:-}" ]]; then
-  $LEGO_PRE_RENEWAL_HOOK
+  /usr/bin/env bash -c "$LEGO_PRE_RENEWAL_HOOK"
 fi

 LEGO_COMMAND_ARGS_EXPANDED=$(bash -c "echo $LEGO_COMMAND_ARGS") # This is a bit icky
@@ -31,5 +34,5 @@ find "$LEGO_CERT_STORE_PATH/certificates" -type f | xargs -I{} -n 1 chmod "$LEGO
 find "$LEGO_CERT_STORE_PATH/certificates" -type f | xargs -I{} -n 1 chown "${LEGO_CERT_USER}:${LEGO_CERT_GROUP}" "{}"

 if [[ -n "${LEGO_POST_RENEWAL_HOOK:-}" ]]; then
-  $LEGO_POST_RENEWAL_HOOK
+  /usr/bin/env bash -c "$LEGO_POST_RENEWAL_HOOK"
 fi
--- a/roles/minio/defaults/main/container.yml
+++ b/roles/minio/defaults/main/container.yml
@@ -1,7 +1,7 @@
 ---
 minio_container_name: minio
 minio_container_image_name: "docker.io/minio/minio"
-minio_container_image_tag: "RELEASE.2025-07-18T21-56-31Z"
+minio_container_image_tag: "RELEASE.2025-10-15T17-29-55Z"
 minio_container_image: "{{ minio_container_image_name }}:{{ minio_container_image_tag }}"
 minio_container_networks: []
 minio_container_ports: []
--- a/roles/nginx/defaults/main.yml
+++ b/roles/nginx/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-nginx_version: "1.29.0"
+nginx_version: "1.29.3"
 nginx_flavour: alpine
 nginx_base_path: /opt/nginx
 nginx_config_file: "{{ nginx_base_path }}/nginx.conf"
Author	SHA1	Message	Date
Jadyn Emma Jäger	4c2b6ccc6d	fix: capture exit code instead of std-out	2025-11-28 12:23:10 +01:00
Jadyn Emma Jäger	2681032d96	fix: Unset -e during nc command	2025-11-28 12:23:10 +01:00
transcaffeine	66877d3258	fix(lego): do not trigger script abortion on wanted exit code != 0	2025-11-28 12:23:10 +01:00
Jadyn Emma Jäger	3c8fc29746	feat(roles/lego): Run hooks with bash -c ref #13	2025-11-28 12:20:16 +01:00
transcaffeine	39b7190342	update(minio): bump container image tag to RELEASE.2025-10-15T17-29-55Z	2025-11-07 22:39:21 +01:00
transcaffeine	a3ed7081f8	update(lego): bump version to 4.28.1	2025-11-06 19:41:21 +01:00
transcaffeine	b564b1579f	fix(playbooks/lego_certificate): fix missing trailing dot in record name	2025-11-02 17:27:10 +01:00
transcaffeine	52f6f5b45b	update(lego): bump version to 4.28.0	2025-11-01 15:30:08 +01:00
transcaffeine	d0203a5dd7	update(nginx): bump veersion to 1.29.3	2025-10-28 16:58:43 +01:00
transcaffeine	72bb3fd273	update(lego): bump version to 4.27.0	2025-10-18 22:50:35 +02:00
transcaffeine	766957254a	update(nginx): bump version to 1.29.2	2025-10-08 15:39:13 +02:00
transcaffeine	5e777934ed	update(lego): bump version to 4.26.0	2025-09-14 21:30:58 +02:00
transcaffeine	b44110704b	update(minio): bump container image tag to RELEASE.2025-09-07T16-13-09Z	2025-09-07 21:52:08 +02:00
transcaffeine	416044692b	meta: bump collection version to 0.4.0, update dependencies	2025-08-13 19:17:28 +02:00
transcaffeine	31c68f5e89	update(nginx): bump version to 1.29.1	2025-08-13 18:13:56 +02:00
transcaffeine	7b9ac4b0d5	update(minio): bump container image tag to RELEASE.2025-07-23T15-54-02Z	2025-08-08 21:15:31 +02:00
transcaffeine	dcab6c5404	update(lego): bump version to 4.25.2	2025-08-06 21:34:03 +02:00