diff --git a/apps/bentopdf/docker-compose.yml b/apps/bentopdf/docker-compose.yml index 151d058..fa5e9da 100644 --- a/apps/bentopdf/docker-compose.yml +++ b/apps/bentopdf/docker-compose.yml @@ -1,6 +1,6 @@ services: bentopdf: - image: bentopdfteam/bentopdf:2.8.4 + image: bentopdfteam/bentopdf:2.8.4@sha256:f54b9ed9c56b767e0098b525468206689b666323c2b500b9686c3cf41cdfa348 container_name: bentopdf restart: unless-stopped tmpfs: diff --git a/apps/mealie/docker-compose.yml b/apps/mealie/docker-compose.yml index 408caf0..319758c 100644 --- a/apps/mealie/docker-compose.yml +++ b/apps/mealie/docker-compose.yml @@ -1,6 +1,6 @@ services: mealie: - image: ghcr.io/mealie-recipes/mealie:v3.12.0 + image: ghcr.io/mealie-recipes/mealie:v3.12.0@sha256:8d962f611390a1cca667eed32a29e9467e9c01c523e2db3ad00f667372067f9d container_name: mealie restart: unless-stopped diff --git a/apps/paperless-gpt/docker-compose.yml b/apps/paperless-gpt/docker-compose.yml index 1ed3ac3..59a54e8 100644 --- a/apps/paperless-gpt/docker-compose.yml +++ b/apps/paperless-gpt/docker-compose.yml @@ -1,6 +1,6 @@ services: paperless-gpt: - image: icereed/paperless-gpt:v0.24.0 + image: icereed/paperless-gpt:v0.24.0@sha256:15bad5d455b98f21bb7b5d6615f56871ff67a8bb379dc0dd7ba411f4633071a6 container_name: paperless-gpt restart: unless-stopped security_opt: diff --git a/apps/paperless/docker-compose.yml b/apps/paperless/docker-compose.yml index 5028ff3..0168aab 100644 --- a/apps/paperless/docker-compose.yml +++ b/apps/paperless/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.9" services: paperless: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.10 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.10@sha256:07a0b4ba01ce377c82a0636e16c0c3d931fde5b7e9304de6601986cc42d9b6e6 container_name: paperless-ngx restart: unless-stopped security_opt: @@ -52,4 +52,4 @@ networks: frontend_net: external: true backend_net: - external: true \ No newline at end of file + external: true diff --git a/docs/MIGRATION_LOG.md b/docs/MIGRATION_LOG.md index 65d7af7..1ea9270 100644 --- a/docs/MIGRATION_LOG.md +++ b/docs/MIGRATION_LOG.md @@ -16,6 +16,12 @@ Dieses Dokument ist nur noch ein historischer Verlauf. Der aktuelle operative Ab ## Historische Meilensteine +### 2026-05-05 - M3b versionierte App-Images digest-gepinnt + +- Versionierte Nicht-Komodo-Images fuer BentoPDF, Mealie, Paperless, Paperless-GPT, AdGuard Home, Grafana, InfluxDB 3 Core und Traefik auf die am Host laufenden, manifest-validierten Digests gepinnt. +- `nextcloud:33.0.2-apache` wurde bewusst nicht in diesem Schritt gepinnt, weil der lokal gelistete Digest nicht als Registry-Manifest fuer `tag@sha256` validierbar war. +- Redis-Caches und Komodo/M10 blieben unveraendert. + ### 2026-05-05 - M6/M7/M8 Doku-Konsolidierung - `hermes.kaleschke.info` als produktive Hermes-Dashboard-Route hinter Traefik + Authelia in Architektur, Repo-Map und Service-Katalog ergaenzt. diff --git a/host-services/Adguard/docker-compose.yml b/host-services/Adguard/docker-compose.yml index 49720ce..adbe51c 100644 --- a/host-services/Adguard/docker-compose.yml +++ b/host-services/Adguard/docker-compose.yml @@ -1,6 +1,6 @@ services: adguard: - image: adguard/adguardhome:v0.107.52 + image: adguard/adguardhome:v0.107.52@sha256:d16cc7517ab96f843e7f8bf8826402dba98f5e6b175858920296243332391589 container_name: adguard restart: unless-stopped volumes: diff --git a/ops/grafana-influxdb/docker-compose.yml b/ops/grafana-influxdb/docker-compose.yml index 5a88730..730b0db 100644 --- a/ops/grafana-influxdb/docker-compose.yml +++ b/ops/grafana-influxdb/docker-compose.yml @@ -1,6 +1,6 @@ services: grafana: - image: grafana/grafana:12.4.3 + image: grafana/grafana:12.4.3@sha256:2e986801428cd689c2358605289c90ab37d2b39e24808874971f54c99bcdc412 container_name: grafana restart: unless-stopped user: "0" @@ -43,7 +43,7 @@ services: - traefik.http.services.grafana.loadbalancer.server.port=3000 influxdb3-core: - image: influxdb:3.9.1-core + image: influxdb:3.9.1-core@sha256:1d58c8b9ac90153ae3a020ede2810c8284933dda50ac71e7573389ab6f012128 container_name: influxdb3-core restart: unless-stopped user: "0" diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index bd417c4..3488b3c 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -1,6 +1,6 @@ services: traefik: - image: traefik:v3.6 + image: traefik:v3.6@sha256:8cb20d16e01a53d8d7f7696ac2f1af7d200d5c9984d226ce2299731d9eab6d6c container_name: traefik restart: unless-stopped security_opt: