24 files changed, 46 insertions, 38 deletions

diff --git a/inventory/host_vars/ch-apps/vars.yml b/inventory/host_vars/ch-apps/vars.yml
index a3f34992..57a7e485 100644
--- a/inventory/host_vars/ch-apps/vars.yml
+++ b/inventory/host_vars/ch-apps/vars.yml
@@ -141,7 +141,7 @@ kubelet_storage:
     quota: 10G
     'syncoid:sync': 'false'
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ch-companion-raspi.yml b/inventory/host_vars/ch-companion-raspi.yml
index d8134f27..d82f5b8e 100644
--- a/inventory/host_vars/ch-companion-raspi.yml
+++ b/inventory/host_vars/ch-companion-raspi.yml
@@ -29,7 +29,7 @@ docker_pkg_provider: docker-com
 docker_plugins:
   - buildx
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ch-dione.yml b/inventory/host_vars/ch-dione.yml
index 8534d2fb..1782ceea 100644
--- a/inventory/host_vars/ch-dione.yml
+++ b/inventory/host_vars/ch-dione.yml
@@ -49,7 +49,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-# kubernetes_version: 1.30.3
+# kubernetes_version: 1.30.4
 # kubernetes_container_runtime: docker
 # kubernetes_standalone_max_pods: 42
 # kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ch-equinox-t450s.yml b/inventory/host_vars/ch-equinox-t450s.yml
index b34d1ae6..869bcac8 100644
--- a/inventory/host_vars/ch-equinox-t450s.yml
+++ b/inventory/host_vars/ch-equinox-t450s.yml
@@ -262,6 +262,8 @@ ws_base_extra_packages:
   - texlive-lang-german
   - texlive-latex-extra
   - tlp
+  - tor
+  - tor-geoipdb
   - torbrowser-launcher
   - totem
   - unrar
@@ -296,9 +298,6 @@ ws_base_extra_packages:
   - grype
   # needs apt-repo/ansible
   - ansible
-  ### needs apt-repo/tor-project -> https://gitlab.torproject.org/tpo/core/tor/-/issues/40946
-  ##- tor
-  ##- tor-geoipdb
   # needs apt-repo/kubernetes
   - kubectl
   # needs apt-repo/element
diff --git a/inventory/host_vars/ch-equinox-ws.yml b/inventory/host_vars/ch-equinox-ws.yml
index 8c55d382..188a309b 100644
--- a/inventory/host_vars/ch-equinox-ws.yml
+++ b/inventory/host_vars/ch-equinox-ws.yml
@@ -264,6 +264,8 @@ ws_base_extra_packages:
   - texlive
   - texlive-lang-german
   - texlive-latex-extra
+  - tor
+  - tor-geoipdb
   - torbrowser-launcher
   - totem
   - unrar
@@ -297,9 +299,6 @@ ws_base_extra_packages:
   - grype
   # needs apt-repo/ansible
   - ansible
-  ### needs apt-repo/tor-project -> https://gitlab.torproject.org/tpo/core/tor/-/issues/40946
-  ##- tor
-  ##- tor-geoipdb
   # needs apt-repo/kubernetes
   - kubectl
   # needs apt-repo/element
diff --git a/inventory/host_vars/ch-helene.yml b/inventory/host_vars/ch-helene.yml
index 61d4f7ef..52b3a3f9 100644
--- a/inventory/host_vars/ch-helene.yml
+++ b/inventory/host_vars/ch-helene.yml
@@ -49,7 +49,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-# kubernetes_version: 1.30.3
+# kubernetes_version: 1.30.4
 # kubernetes_container_runtime: docker
 # kubernetes_standalone_max_pods: 42
 # kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/mz-ap.yml b/inventory/host_vars/ch-mz-ap.yml
index 044f41f9..044f41f9 100644
--- a/inventory/host_vars/mz-ap.yml
+++ b/inventory/host_vars/ch-mz-ap.yml
diff --git a/inventory/host_vars/mz-router.yml b/inventory/host_vars/ch-mz-router.yml
index 254aaf02..c798623b 100644
--- a/inventory/host_vars/mz-router.yml
+++ b/inventory/host_vars/ch-mz-router.yml
@@ -1,10 +1,4 @@
 ---
-## TOOD:
-# After router upgrades run this command to generate a new dyndns ssh key
-#   $ dropbearkey -t ed25519 -f /etc/dyndns/id_ed25519
-# Then replace the key at the dyndns server (/var/lib/dyndns/.ssh/authorized_keys)
-# after that run the dyndns update script manually to accept the ssh host-key
-
 openwrt_arch: ath79
 openwrt_target: generic
 openwrt_profile: tplink_tl-wdr4300-v1
diff --git a/inventory/host_vars/ch-pan.yml b/inventory/host_vars/ch-pan.yml
index 29ec85ae..74e630a7 100644
--- a/inventory/host_vars/ch-pan.yml
+++ b/inventory/host_vars/ch-pan.yml
@@ -88,7 +88,7 @@ dyndns:
   - "dyn.schaaas.at.      7200  IN  AAAA   2a02:3e0:407::19"
   - "captive.schaaas.at.  7200  IN  CNAME  dyn.schaaas.at."
   clients:
-    mz-router: mzl
+    ch-mz-router: mzl
     ch-equinox-t450s: equinox
     ele-media: elemedia
 
diff --git a/inventory/host_vars/ch-router.yml b/inventory/host_vars/ch-router.yml
index 3f31bcbe..fa15ac69 100644
--- a/inventory/host_vars/ch-router.yml
+++ b/inventory/host_vars/ch-router.yml
@@ -404,8 +404,8 @@ openwrt_uci:
       options:
         enabled: '1'
         interface: 'eth1'
-        download: '147000'
-        upload: '20000'
+        download: '510000'
+        upload: '72000'
         qdisc: 'cake'
         script: 'piece_of_cake.qos'
         qdisc_advanced: '0'
diff --git a/inventory/host_vars/ele-calypso.yml b/inventory/host_vars/ele-calypso.yml
index 90e92097..8da4c4af 100644
--- a/inventory/host_vars/ele-calypso.yml
+++ b/inventory/host_vars/ele-calypso.yml
@@ -74,7 +74,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ele-companion-raspi.yml b/inventory/host_vars/ele-companion-raspi.yml
index 7d130639..b25acb27 100644
--- a/inventory/host_vars/ele-companion-raspi.yml
+++ b/inventory/host_vars/ele-companion-raspi.yml
@@ -29,7 +29,7 @@ docker_pkg_provider: docker-com
 docker_plugins:
   - buildx
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ele-coturn.yml b/inventory/host_vars/ele-coturn.yml
index f966ac9e..1cbc2767 100644
--- a/inventory/host_vars/ele-coturn.yml
+++ b/inventory/host_vars/ele-coturn.yml
@@ -27,7 +27,7 @@ acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
 acme_client: acmetool
 
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 100
 kubernetes_standalone_pod_cidr: 192.168.255.0/24
diff --git a/inventory/host_vars/ele-helene.yml b/inventory/host_vars/ele-helene.yml
index 6eef576d..76f7978c 100644
--- a/inventory/host_vars/ele-helene.yml
+++ b/inventory/host_vars/ele-helene.yml
@@ -92,7 +92,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ele-jitsi.yml b/inventory/host_vars/ele-jitsi.yml
index ea446019..4fe526c0 100644
--- a/inventory/host_vars/ele-jitsi.yml
+++ b/inventory/host_vars/ele-jitsi.yml
@@ -32,7 +32,7 @@ acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
 acme_client: acmetool
 
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 100
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml
index e97e1671..d0fe5e2f 100644
--- a/inventory/host_vars/ele-media.yml
+++ b/inventory/host_vars/ele-media.yml
@@ -73,7 +73,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_cni_variant: with-portmap
 
diff --git a/inventory/host_vars/ele-thetys.yml b/inventory/host_vars/ele-thetys.yml
index 2911be57..8d00359e 100644
--- a/inventory/host_vars/ele-thetys.yml
+++ b/inventory/host_vars/ele-thetys.yml
@@ -77,7 +77,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/glt-jitsi.yml b/inventory/host_vars/glt-jitsi.yml
index 2e36c347..69e51909 100644
--- a/inventory/host_vars/glt-jitsi.yml
+++ b/inventory/host_vars/glt-jitsi.yml
@@ -27,7 +27,7 @@ acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
 acme_client: acmetool
 
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 100
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/s2-thetys.yml b/inventory/host_vars/s2-thetys.yml
index 5f2897c9..8f03e497 100644
--- a/inventory/host_vars/s2-thetys.yml
+++ b/inventory/host_vars/s2-thetys.yml
@@ -53,7 +53,7 @@ kubelet_storage:
   size: 5G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
diff --git a/inventory/host_vars/sk-cloudio/nextcloud.yml b/inventory/host_vars/sk-cloudio/nextcloud.yml
index df947c89..3c5e5ae0 100644
--- a/inventory/host_vars/sk-cloudio/nextcloud.yml
+++ b/inventory/host_vars/sk-cloudio/nextcloud.yml
@@ -96,8 +96,6 @@ nextcloud_instances:
     # new: true
     version: 29.0.3
     port: 8105
-    hostnames:
-    - wolke.elev8.at
     storage:
       type: zfs
       parent: "{{ _nextcloud_zfs_base_ }}"
@@ -110,3 +108,9 @@ nextcloud_instances:
       type: mariadb
       version: 10.11.5
       password: "{{ vault_nextcloud_database_passwords['wolke.elev8.at'] }}"
+    publish:
+      zone: "{{ apps_publish_zone__sk_cloudio }}"
+      hostnames:
+      - wolke.elev8.at
+      tls:
+        certificate_provider: acmetool
diff --git a/inventory/host_vars/sk-cloudio/onlyoffice.yml b/inventory/host_vars/sk-cloudio/onlyoffice.yml
index 11f82abe..d8d3da82 100644
--- a/inventory/host_vars/sk-cloudio/onlyoffice.yml
+++ b/inventory/host_vars/sk-cloudio/onlyoffice.yml
@@ -1,20 +1,30 @@
 ---
-onlyoffice_zfs:
+_onlyoffice_zfs_base_:
   pool: storage
   name: onlyoffice
   properties:
     compression: lz4
-    quota: 5G
 
 onlyoffice_instances:
   office.elev8.at:
-    version: 8.1.0.1
+    version: 8.1.1.2
     port: 8600
-    hostname: office.elev8.at
     jwt_secret: "{{ vault_onlyoffice_jwt_secrets['office.elev8.at'] }}"
+    storage:
+      type: zfs
+      parent: "{{ _onlyoffice_zfs_base_ }}"
+      name: office.elev8.at
+      properties:
+        quota: 5G
     database:
-      version: 12.19
+      version: 12.20
       password: "{{ vault_onlyoffice_database_passwords['office.elev8.at'] }}"
     amqp:
-      version: 3.13.4
+      version: 3.13.7
       password: "{{ vault_onlyoffice_amqp_passwords['office.elev8.at'] }}"
+    publish:
+      zone: "{{ apps_publish_zone__sk_cloudio }}"
+      hostnames:
+      - office.elev8.at
+      tls:
+        certificate_provider: acmetool
diff --git a/inventory/host_vars/sk-cloudio/vars.yml b/inventory/host_vars/sk-cloudio/vars.yml
index 8c57def9..be136e82 100644
--- a/inventory/host_vars/sk-cloudio/vars.yml
+++ b/inventory/host_vars/sk-cloudio/vars.yml
@@ -84,6 +84,8 @@ zfs_sanoid_modules:
 
 
 docker_pkg_provider: docker-com
+docker_plugins:
+  - buildx
 
 docker_storage:
   type: zfs
diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml
index 0c45dfcb..d728464d 100644
--- a/inventory/host_vars/sk-testvm.yml
+++ b/inventory/host_vars/sk-testvm.yml
@@ -56,7 +56,7 @@ kubelet_storage:
   size: 1G
   fs: ext4
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 100
 kubernetes_standalone_pod_cidr: 192.168.255.0/24
diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml
index 4b6df0d7..01cf6e8c 100644
--- a/inventory/host_vars/sk-tomnext-nc.yml
+++ b/inventory/host_vars/sk-tomnext-nc.yml
@@ -88,7 +88,7 @@ kubelet_storage:
   properties:
     quota: 15G
 
-kubernetes_version: 1.30.3
+kubernetes_version: 1.30.4
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 15
 kubernetes_standalone_cni_variant: with-portmap