diff --git a/docs/NETWORK_INVENTORY.md b/docs/NETWORK_INVENTORY.md index b223cb7..339242d 100644 --- a/docs/NETWORK_INVENTORY.md +++ b/docs/NETWORK_INVENTORY.md @@ -38,7 +38,7 @@ Dieses Dokument beschreibt Router, DNS, Tailscale, Portfreigaben und Netztrennun | Komponente | Rolle | Adresse | Bemerkung | |---|---|---|---| | AdGuard Home | LAN DNS / Filter | Host `192.168.178.58`, Docker `172.23.0.3` | DNS auf Port 53; Admin soll nur via Tailscale-IP `100.80.98.33:8082` erreichbar sein | -| Unbound | Rekursiver Resolver | Docker `dns_net` | Upstream fuer AdGuard | +| Unbound | DNSSEC-validierender Forwarding-Resolver | Docker `dns_net` | Upstream fuer AdGuard; forwardet per DoT zu Cloudflare, keine Root-Rekursion | | Cloudflare | Authoritative DNS | extern | DNS-Challenge fuer TLS | | Router | DHCP DNS-Verteilung | TBD | Muss auf AdGuard zeigen, falls so betrieben | diff --git a/ops/restore-tests/adguard-compose.test.yml b/ops/restore-tests/adguard-compose.test.yml index 8919535..d2e6fd2 100644 --- a/ops/restore-tests/adguard-compose.test.yml +++ b/ops/restore-tests/adguard-compose.test.yml @@ -1,6 +1,6 @@ services: restoretest-adguard: - image: adguard/adguardhome:v0.107.76@sha256:7157eb1dc3b26c7af1d6898759a7b3f7d0fa09891fbd2d3caa6abc1057a9179b + image: adguard/adguardhome:v0.107.77@sha256:e6f2b8bcda06064ab055b44933a4f0e983c35558b9cdb8d2e7ab1efcee36d890 container_name: restoretest-adguard restart: "no" ports: diff --git a/renovate.json b/renovate.json index 926d729..9ee6fd1 100644 --- a/renovate.json +++ b/renovate.json @@ -39,10 +39,11 @@ "labels": ["dependencies", "minor-patch"] }, { - "description": "Kritische Kerninfra (Traefik=Public-Entrypoint, Unbound=DNS, n8n, Nextcloud): nicht im Sammel-PR, eigene einzeln reviewbare PRs, kein Auto-Merge", + "description": "Kritische Kerninfra (Traefik=Public-Entrypoint, AdGuard/Unbound=DNS, n8n, Nextcloud): nicht im Sammel-PR, eigene einzeln reviewbare PRs, kein Auto-Merge", "matchManagers": ["docker-compose", "dockerfile"], "matchPackageNames": [ "traefik", + "adguard/adguardhome", "shaanmajid/unbound", "docker.n8n.io/n8nio/n8n", "nextcloud"