From ea9321953c3328d4a9ce31f4074d2e6d7ec81f79 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 6 May 2026 04:47:40 +0000 Subject: [PATCH 01/10] chore(package): update docker.io/library/traefik docker tag to v3.7 --- tasks/pangolin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index b8b46f9..341d0f0 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -62,7 +62,7 @@ pull: "always" state: "started" name: "traefik" - image: "docker.io/library/traefik:v3.6" + image: "docker.io/library/traefik:v3.7" restart_policy: "unless-stopped" networks: - name: "pangolin" From 3ad285c5be5782f713125677694118b3fa5f9d85 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 7 May 2026 04:47:44 +0000 Subject: [PATCH 02/10] chore(package): update docker.io/fosrl/pangolin docker tag to v1.18.3 --- tasks/pangolin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index 341d0f0..69afc9d 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -29,7 +29,7 @@ pull: "always" state: "started" name: "pangolin" - image: "docker.io/fosrl/pangolin:1.18.2" + image: "docker.io/fosrl/pangolin:1.18.3" restart_policy: "unless-stopped" networks: - name: "pangolin" From 30881cd1fd3c352248d180f673a2adfb974cb720 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 8 May 2026 13:46:51 +0200 Subject: [PATCH 03/10] feat: pin traefik version to v3.7.0 --- tasks/pangolin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index 69afc9d..3cafca5 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -62,7 +62,7 @@ pull: "always" state: "started" name: "traefik" - image: "docker.io/library/traefik:v3.7" + image: "docker.io/library/traefik:v3.7.0" restart_policy: "unless-stopped" networks: - name: "pangolin" From b8868485d0a23a7f18374b3f22412b6d71211930 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 8 May 2026 14:42:38 +0200 Subject: [PATCH 04/10] feat: use pull-through cache for Docker Hub images Replace docker.io references with cr.simoncor.net/dockerhub pull-through cache. Official images now use explicit library/ namespace for cache compatibility. --- tasks/pangolin.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index 3cafca5..da3d006 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -29,7 +29,7 @@ pull: "always" state: "started" name: "pangolin" - image: "docker.io/fosrl/pangolin:1.18.3" + image: "cr.simoncor.net/dockerhub/fosrl/pangolin:1.18.3" restart_policy: "unless-stopped" networks: - name: "pangolin" @@ -62,7 +62,7 @@ pull: "always" state: "started" name: "traefik" - image: "docker.io/library/traefik:v3.7.0" + image: "cr.simoncor.net/dockerhub/library/traefik:v3.7.0" restart_policy: "unless-stopped" networks: - name: "pangolin" From 02fba6bb5db45f0e2ffbeab16c1e8c8ab5e6f669 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 8 May 2026 15:44:27 +0200 Subject: [PATCH 05/10] feat: move deps to playbook Remove galaxy dependencies from role meta and add explicit include_role tasks in the playbook instead. --- meta/main.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/meta/main.yaml b/meta/main.yaml index 4ad52ff..38a55f4 100644 --- a/meta/main.yaml +++ b/meta/main.yaml @@ -5,8 +5,4 @@ galaxy_info: description: "install and configure an pangolin server" license: "MIT" role_name: "pangolin" -dependencies: - - name: "docker" - src: "https://gitlab.simoncor.net/ansible/ans-docker.git" - scm: "git" - version: "main" +dependencies: [] From 38a728f305345516286e62cafe4095bc759ec097 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 8 May 2026 17:08:09 +0200 Subject: [PATCH 06/10] feat: merge role and playbook into single repo Add playbook.yaml and roles/requirements.yml from play-pangolin. The role now includes docker via include_role in the playbook, matching the ans-jellyfin pattern. --- playbook.yaml | 26 ++++++++++++++++++++++++++ readme.md | 2 +- roles/requirements.yml | 6 ++++++ 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 playbook.yaml create mode 100644 roles/requirements.yml diff --git a/playbook.yaml b/playbook.yaml new file mode 100644 index 0000000..b0aad68 --- /dev/null +++ b/playbook.yaml @@ -0,0 +1,26 @@ +--- + +# execute this role +- name: "install and configure Pangolin" + hosts: "all" + become: true + tasks: + + # due to semaphore bug we need to do this ourselves + - name: "force-update requirements" + ansible.builtin.command: + cmd: "ansible-galaxy install -f -r roles/requirements.yml" + become: false + delegate_to: "localhost" + changed_when: false + failed_when: false + + # execute the role + - name: "execute role: docker" + ansible.builtin.include_role: + name: "docker" + + # execute the role + - name: "execute role: pangolin" + ansible.builtin.include_role: + name: "pangolin" diff --git a/readme.md b/readme.md index 121b342..36ff185 100644 --- a/readme.md +++ b/readme.md @@ -1,3 +1,3 @@ # Ansible Role: Pangolin -Install and configure [Pangolin](https://digpangolin.com/) - a serverless web analytics tool. +Install and configure [Pangolin](https://digpangolin.com/) - a tunneled reverse proxy for homelabs. diff --git a/roles/requirements.yml b/roles/requirements.yml new file mode 100644 index 0000000..e8b3842 --- /dev/null +++ b/roles/requirements.yml @@ -0,0 +1,6 @@ +--- + +roles: + - name: "docker" + src: "https://gitlab.simoncor.net/ansible/ans-docker.git" + scm: "git" From 8a1348cd22d43f5c0a53fef260c582af34230904 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 8 May 2026 17:11:37 +0200 Subject: [PATCH 07/10] feat: add pangoline role requirement --- roles/requirements.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/requirements.yml b/roles/requirements.yml index e8b3842..81b0122 100644 --- a/roles/requirements.yml +++ b/roles/requirements.yml @@ -4,3 +4,6 @@ roles: - name: "docker" src: "https://gitlab.simoncor.net/ansible/ans-docker.git" scm: "git" + - name: "pangolin" + src: "https://gitlab.simoncor.net/ansible/ans-pangolin.git" + scm: "git" From f3de1561386ab64aaa7a895a374f01414e829746 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 15 May 2026 14:31:00 +0200 Subject: [PATCH 08/10] ci: migrate from gitlab ci to woodpecker --- .ansible-lint | 1 + .gitlab-ci.yml | 13 ------------- .markdownlint-cli2.jsonc | 3 ++- .woodpecker/linting.yml | 41 ++++++++++++++++++++++++++++++++++++++++ roles/requirements.yml | 4 ++-- 5 files changed, 46 insertions(+), 16 deletions(-) delete mode 100644 .gitlab-ci.yml create mode 100644 .woodpecker/linting.yml diff --git a/.ansible-lint b/.ansible-lint index 9b9b52a..2b580a2 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -3,6 +3,7 @@ exclude_paths: - ".gitlab/*" - ".gitlab-ci.yml" + - ".woodpecker/*" - "defaults/main.yaml" - "meta/main.yaml" - "vars/*" diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 7ec2c37..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -# gitlab stages -stages: - - "gitleaks" - - "linting" - -# include components -include: - - component: "$CI_SERVER_FQDN/components/ansible/linting@v3.0.3" - - component: "$CI_SERVER_FQDN/components/gitleaks/gitleaks@v1.0.0" - - component: "$CI_SERVER_FQDN/components/markdownlint/markdownlint@1.0.0" - - component: "$CI_SERVER_FQDN/components/yamllint/yamllint@1.0.2" diff --git a/.markdownlint-cli2.jsonc b/.markdownlint-cli2.jsonc index 56cd87c..a4ea90f 100644 --- a/.markdownlint-cli2.jsonc +++ b/.markdownlint-cli2.jsonc @@ -6,7 +6,8 @@ // linting rules "config": { "MD013": { - "line_length": 120 + "line_length": 120, + "tables": false } } } diff --git a/.woodpecker/linting.yml b/.woodpecker/linting.yml new file mode 100644 index 0000000..02cf4c2 --- /dev/null +++ b/.woodpecker/linting.yml @@ -0,0 +1,41 @@ +--- +when: + - event: "push" + branch: "main" + - event: "manual" + +steps: + + # gitleaks + - name: "gitleaks" + # renovate: datasource=github-releases depName=gitleaks/gitleaks + image: "cr.simoncor.net/ghcr/gitleaks/gitleaks:v8.30.1" + commands: + - "gitleaks detect --source . --verbose --redact" + + # yamllint + - name: "yamllint" + # renovate: datasource=docker depName=cr.simoncor.net/yamllint + image: "cr.simoncor.net/yamllint:1.38.0" + depends_on: + - "gitleaks" + commands: + - "yamllint -c .yamllint ." + + # ansible-lint + - name: "ansible-lint" + # renovate: datasource=docker depName=docker.io/pipelinecomponents/ansible-lint + image: "cr.simoncor.net/dockerhub/pipelinecomponents/ansible-lint:0.79.11" + depends_on: + - "gitleaks" + commands: + - "ansible-lint -c .ansible-lint ." + + # markdownlint + - name: "markdownlint" + # renovate: datasource=docker depName=docker.io/davidanson/markdownlint-cli2 + image: "cr.simoncor.net/dockerhub/davidanson/markdownlint-cli2:v0.22.1" + depends_on: + - "gitleaks" + commands: + - "markdownlint-cli2 --config .markdownlint-cli2.jsonc" diff --git a/roles/requirements.yml b/roles/requirements.yml index 81b0122..388cccc 100644 --- a/roles/requirements.yml +++ b/roles/requirements.yml @@ -2,8 +2,8 @@ roles: - name: "docker" - src: "https://gitlab.simoncor.net/ansible/ans-docker.git" + src: "https://git.simoncor.net/ansible/docker.git" scm: "git" - name: "pangolin" - src: "https://gitlab.simoncor.net/ansible/ans-pangolin.git" + src: "https://git.simoncor.net/ansible/pangolin.git" scm: "git" From 67362655d969a1fc80a7ff8376bc1b42dafc65a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 15 May 2026 12:46:20 +0000 Subject: [PATCH 09/10] chore(package): update cr.simoncor.net/dockerhub/fosrl/pangolin docker tag to v1.18.4 --- tasks/pangolin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index da3d006..a738b24 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -29,7 +29,7 @@ pull: "always" state: "started" name: "pangolin" - image: "cr.simoncor.net/dockerhub/fosrl/pangolin:1.18.3" + image: "cr.simoncor.net/dockerhub/fosrl/pangolin:1.18.4" restart_policy: "unless-stopped" networks: - name: "pangolin" From c4b85fdc30bb378e2ef51fdcec04254341416277 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 15 May 2026 12:46:23 +0000 Subject: [PATCH 10/10] chore(package): update cr.simoncor.net/dockerhub/library/traefik docker tag to v3.7.1 --- tasks/pangolin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/pangolin.yaml b/tasks/pangolin.yaml index a738b24..b3246f4 100644 --- a/tasks/pangolin.yaml +++ b/tasks/pangolin.yaml @@ -62,7 +62,7 @@ pull: "always" state: "started" name: "traefik" - image: "cr.simoncor.net/dockerhub/library/traefik:v3.7.0" + image: "cr.simoncor.net/dockerhub/library/traefik:v3.7.1" restart_policy: "unless-stopped" networks: - name: "pangolin"