- Removed internal-only HTTPS (`tls internal`) configuration from the `Caddyfile`.
- Uploaded new screenshots to `docs/ScreenShots` for application settings and production error documentation.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Enabled `tls internal` in `Caddyfile` for secure communication behind the proxy.
- Added new screenshots to `docs/ScreenShots` for deployment, application settings, and error diagnosis.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Uploaded detailed production browser console logs from 2026-03-12 for debugging login errors.
- Captured HTTP/2 protocol error, mixed-content issues, and `TypeError: Failed to fetch` from `web-app.js`.
- Documented issues with Keycloak token retrieval over insecure HTTP.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Uploaded browser console logs and related error screenshots to document debugging efforts for Ping Service issues.
- Captured CORS-related errors, database initialization logs, and WebGL warnings for local environment analysis.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Added `mo-code.at` zone file for informational and archival purposes.
- Uploaded related screenshots for Pangolin architecture and server overview.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Added details to the 2026-03-10 session log about the DOCKER_REGISTRY root cause and resolution.
- Updated `.env` to correct the DOCKER_REGISTRY path (`/meldestelle` segment added) for proper Docker image resolution.
- Included related screenshots for troubleshooting and fix verification.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Enabled `directAccessGrants` for `frontend-client` in `meldestelle-realm.json` to support ROPC login flow.
- Strengthened admin credentials in realm configuration to meet password policy requirements.
- Upgraded Keycloak to `26.5.5` with updated Docker healthcheck logic:
- Replaced `curl` with bash `/dev/tcp` for compatibility with `ubi9-micro` image.
- Switched health endpoint from `/ready` to `/live` for single-node use.
- Adjusted healthcheck timings (`start_period`, `timeout`, `interval`) for smoother startup.
- Removed deprecated v1 hostname parameter `KC_HOSTNAME_STRICT_HTTPS`.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Deleted unused `.github` workflows and configurations, including obsolete CI/CD pipelines and PR templates, which were no longer executed after the migration to Gitea. Migrated the `PR Guard` workflow for hardcoded version checks to `.gitea/workflows/pr-guard.yaml`. Verified functional workflows in Gitea (e.g., Docker publish). Documented changes and rationale in session logs.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Revised multiple documents to align with the migration from Incus to Proxmox VE 8.4.10. Updated hypervisor, IP ranges, subnet details, and NAT configurations across all relevant files. Marked Incus sections as historical for clarity. Added AI-Stack setup guide for Proxmox LXC.
Streamlined Keycloak configurations with defaults for development and production in `.env`. Added health checks and improved environment variable documentation with comments to differentiate local and server deployments. Ensured compatibility with pre-built registry images.
Added documentation outlining the recommended frontend state-management approach using Unidirectional Data Flow (UDF). Documented the 2026-01-28 session addressing the critical SQLDelight async issue, detailing the analysis, fix implementation, and results. Updated PingEventRepositoryImpl to use `awaitAsOneOrNull` for proper async handling.
