- org-agenda-api-host now supports extraDomains option for additional
domain names, each with its own ACME certificate
- Add org-agenda-api.rbsf.railbird.ai as extra domain on railbird-sf
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Auth password uses env file format for systemd EnvironmentFile
- SSH key is mounted as a file at /secrets/ssh_key in container
- Fixes multi-line SSH key parsing issue in environment files
- Update codex PR patch hash
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add NixOS module to host org-agenda-api container on railbird-sf:
- org-agenda-api-host.nix: New module with nginx reverse proxy and ACME
- nginx configured for rbsf.tplinkdns.com with automatic TLS
- Container runs on port 51847 (random high port)
- Supports nix-built container images via imageFile option
Configure railbird-sf to use the new module:
- Build org-agenda-api container from flake
- Pass container to machine config via specialArgs
- Set up agenix secret for container environment
Note: Requires creating secrets file with AUTH_PASSWORD and
GIT_SSH_PRIVATE_KEY environment variables.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
