From a937e589346c23564a5fc7ef20a9fa4d94f1f461 Mon Sep 17 00:00:00 2001 From: Joey Hafner Date: Tue, 16 Jul 2024 13:59:21 -0700 Subject: [PATCH] #1 Pin all images to running image for Druid --- Monorepo TODO.md | 1 + homelab/druid/config/5etools/docker-compose.yml | 2 +- homelab/druid/config/gitea/docker-compose.yml | 6 +++--- homelab/druid/config/monitoring/docker-compose.yml | 4 ++-- homelab/druid/config/traefik/docker-compose.yml | 2 +- homelab/druid/config/uptime-kuma/docker-compose.yml | 2 +- homelab/druid/config/vaultwarden/docker-compose.yml | 2 +- homelab/druid/config/wireguard/docker-compose.yml | 2 +- 8 files changed, 11 insertions(+), 10 deletions(-) diff --git a/Monorepo TODO.md b/Monorepo TODO.md index 6a752219..bad3727e 100644 --- a/Monorepo TODO.md +++ b/Monorepo TODO.md @@ -21,6 +21,7 @@ This page describes steps to take to move toward initial valid commit. 6. `.pre-commit-config.yaml` 12. Cutover hosts from `homelab` to `Jafner.net` with sparse checkout. 1. `fighter` - Migrate secrets from `~/homelab/**/*_secrets.env` to `~/Jafner.net/active projects/homelab/**/*_secrets.env`. + - `cd /home/admin/homelab/ && SECRETFILES=$(find . -name '*_secrets.env' | cut -d'/' -f2-) && for file in $(echo $SECRETFILES); do FROM_FILE=$(echo "/home/admin/homelab/$file"); TO_FILE=$(echo "/home/admin/Jafner.net/homelab/$file"); echo "$FROM_FILE -> $TO_FILE"; cp -p "$FROM_FILE" "$TO_FILE"; done` 2. `druid` 13. Pin docker image versions to current. 14. Configure deployment systems diff --git a/homelab/druid/config/5etools/docker-compose.yml b/homelab/druid/config/5etools/docker-compose.yml index 0e32eef0..a70eb0f5 100644 --- a/homelab/druid/config/5etools/docker-compose.yml +++ b/homelab/druid/config/5etools/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.9' services: 5etools: container_name: 5etools - image: jafner/5etools-docker + image: jafner/5etools-docker@sha256:18df6bc9ad236c24d012c878c3db153736fdcae943f0bf817ade4c0fda991cb2 restart: "no" volumes: - $DOCKER_DATA/htdocs:/usr/local/apache2/htdocs diff --git a/homelab/druid/config/gitea/docker-compose.yml b/homelab/druid/config/gitea/docker-compose.yml index 0bf71fad..0a228d79 100644 --- a/homelab/druid/config/gitea/docker-compose.yml +++ b/homelab/druid/config/gitea/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: gitea: - image: gitea/gitea:1.21.0 + image: gitea/gitea@sha256:59c71717df8b56ed633d50de9d8d2c1671dae2afc08ae142fb04cc2ec4b0ba85 container_name: gitea_gitea env_file: - path: ./gitea.env @@ -25,7 +25,7 @@ services: - traefik.http.services.gitea.loadbalancer.server.port=3000 postgres: - image: postgres:13 + image: postgres@sha256:19975f71ce75557051d89ac75af011ba2d370160937dba3d61259e6bf6b9804f container_name: gitea_postgres networks: - gitea @@ -36,7 +36,7 @@ services: - postgres_data:/var/lib/postgresql/data runner-ubuntu: - image: gitea/act_runner:latest + image: gitea/act_runner@sha256:48f96921f1163720cfa6a9d362d9154fbe1f7572e616294d78ef12b9ec797f98 container_name: gitea_runner-ubuntu depends_on: - gitea diff --git a/homelab/druid/config/monitoring/docker-compose.yml b/homelab/druid/config/monitoring/docker-compose.yml index ce9228f4..5395a940 100644 --- a/homelab/druid/config/monitoring/docker-compose.yml +++ b/homelab/druid/config/monitoring/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: exporter-docker: - image: prometheusnet/docker_exporter + image: prometheusnet/docker_exporter@sha256:f48aa98298fcde47edbd97f1c33534318a1f3e28ed9581f56fc2dcb4c3b21455 container_name: monitoring_exporter-docker restart: "no" ports: @@ -10,7 +10,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro exporter-ping: - image: czerwonk/ping_exporter + image: czerwonk/ping_exporter@sha256:6c7b05282358300cbb3335390b84a22ff564e3701cd193621c81300cb758ec00 container_name: monitoring_exporter-ping restart: "no" ports: diff --git a/homelab/druid/config/traefik/docker-compose.yml b/homelab/druid/config/traefik/docker-compose.yml index caf53dfd..2c70384a 100644 --- a/homelab/druid/config/traefik/docker-compose.yml +++ b/homelab/druid/config/traefik/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.9' services: traefik: container_name: traefik_traefik - image: traefik:latest + image: traefik@sha256:7fcfa08bac2048d7bf0b42ed7437e36642c3b5c69d50c066c8878f033888918e restart: "no" networks: - web diff --git a/homelab/druid/config/uptime-kuma/docker-compose.yml b/homelab/druid/config/uptime-kuma/docker-compose.yml index 0256e4db..952f0da1 100644 --- a/homelab/druid/config/uptime-kuma/docker-compose.yml +++ b/homelab/druid/config/uptime-kuma/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: uptime-kuma: - image: louislam/uptime-kuma:1 + image: louislam/uptime-kuma@sha256:e10376878b88fdeaa554b581695b99b5552fbbbb5344806046a859dcd3a2daf0 container_name: uptime-kuma_uptime-kuma restart: "no" volumes: diff --git a/homelab/druid/config/vaultwarden/docker-compose.yml b/homelab/druid/config/vaultwarden/docker-compose.yml index 7909c7ab..92efd076 100644 --- a/homelab/druid/config/vaultwarden/docker-compose.yml +++ b/homelab/druid/config/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: vaultwarden: - image: vaultwarden/server:latest + image: vaultwarden/server@sha256:2ed1d43b7cd49e2b86b27111ae204c15d6f55c4523a220e3542bf0527fd44bf5 container_name: vaultwarden_vaultwarden restart: "no" env_file: diff --git a/homelab/druid/config/wireguard/docker-compose.yml b/homelab/druid/config/wireguard/docker-compose.yml index b7c59f56..f3594c68 100644 --- a/homelab/druid/config/wireguard/docker-compose.yml +++ b/homelab/druid/config/wireguard/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: wg-easy: - image: weejewel/wg-easy + image: weejewel/wg-easy@sha256:c90b263d8a383ac55905e4edbe1513ba87b1a479bcaa8bb471412137b9541751 container_name: wireguard_wg-easy restart: "no" env_file: