- fixed our keycloak theme with keycloak 26.1.0 in pub-solar/keycloak-theme#5
- fixed broken NixOS matrix-appservice-irc module in https://github.com/NixOS/nixpkgs/pull/375533
Fix warnings:
trace: evaluation warning: The option `services.forgejo.mailerPasswordFile' defined in `/nix/store/13vqhb5askjgi07wqwxawq4bdm7h0wc7-source/flake.nix, via option flake.nixosModules.forgejo' has been renamed to `services.forgejo.secrets.mailer.PASSWD'.
trace: evaluation warning: Using `services.nextcloud.config.dbtableprefix` is deprecated. Fresh installations with this option set are not allowed anymore since v20. If you have an existing installation with a custom table prefix, make sure it is set correctly in `config.php` and remove the option from your NixOS config.
Fix errors:
- The option definition `services.matrix-sliding-sync' in `/nix/store/wgxgv8rjbd2nhf7y28kfzm4n6kz85dnq-source/flake.nix, via option flake.nixosModules.matrix' no longer has any effect; please remove it.
The matrix-sliding-sync package has been removed, since matrix-synapse incorporated its functionality
- The option `services.keycloak.settings.proxy' has been removed. Set `services.keycloak.settings.proxy-headers` in combination with other hostname options as needed instead.
See [Proxy option removed](https://www.keycloak.org/docs/latest/upgrading/index.html#proxy-option-removed) for more information.
error: The option `services.matrix-appservice-irc.settings.ircService.mediaProxy.publicUrl' was accessed but has no value defined. Try setting the option.
CNAME records
By usind wildcard CNAME records, we make lego think it needs to validate
challenges using these CNAME records. We actually want regular
_acme-challenge.* records, so use a environment variable to avoid CNAME
detection. This fixes DNS cert renewal. Still curious? See:
https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme/
This commit removes the flora-6 host. All services are moved to
trinkgenossin, with the drone service being removed completely in favour
of forgejo actions.
This follows the official installation instructions at https://github.com/openbikesensor/portal/blob/main/docs/production-deployment.md
Unfortunately, the postgres database needs to have postgis enabled, so
we'll have to start a second instance. To stay close to the official
deployment instructions, this is running in docker.
The secrets were taken from the old installation instance. During
initial installation, we'll need to import data from the old instance
into this one, which might take a while.
