IHP NameSupport cannot parse trailing-underscore field names at runtime.
orderByAsc #label_ in all four registry list actions (and the API V2
equivalents) crashed the page with ParseErrorBundle. Changed to orderByAsc
#name which avoids the NameSupport conversion path entirely.
textField #label_ in the four registry form views has the same issue.
Replaced with a plain <input> element that reads entry.label_ directly.
Logout <a href={DeleteSessionAction}> sent GET but IHP requires DELETE.
IHP includes methodOverridePost middleware, so a POST form with
_method=DELETE handles this correctly.
Also corrected the seed admin-user migration hash from bcrypt to the
pwstore-fast format (sha256|17|...) that IHP actually uses.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The Helm init container used /bin/RunProdServer which doesn't exist in IHP's
Nix Docker image (binary is at a Nix store path). Additionally, IHP v1.5's
RunProdServer starts the server after migrating — it never exits — so init
containers are the wrong pattern. IHP applies schema changes on startup.
Changes:
- Remove initContainers block from deployment.yaml entirely
- Set runMigrations: false as default in values.yaml
- Update RUNBOOK.md with correct skopeo push procedure (pre-fetch bearer token
to work around Gitea's misconfigured token realm URL: port 80 vs actual 32166)
- Add note that the Nix image has no /bin/sh or /bin/RunProdServer wrapper
k3s registry auth: credentials added to /etc/rancher/k3s/registries.yaml and
iptables DNAT rule added on Railiance01 (92.205.130.254:80 → 32166) so the
ACME token realm redirect works. hub.coulomb.social DNS A record still needed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Generated.Types imports 119 modules, pushing the combined .hi read past
a ~287 MB binary-deserialization limit in GHC 9.10.3. Fix by adding a
nixpkgs overlay that patches the inter-hub-models derivation: replaces
Generated/Types.hs with a thin TypesPart1/TypesPart2 re-export wrapper
after build-generated-code runs, and adds the two split modules to the
cabal exposed-modules list.
Also fix the production binary name from /bin/App to /bin/RunProdServer
in deployment.yaml and RUNBOOK.md (the IHP NixSupport build produces
RunProdServer, not App). Switch packages.docker to IHP's built-in
unoptimized-docker-image which already uses the correct binary path.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Helm chart at deploy/helm/inter-hub/ with Deployment, Service, Ingress
(Traefik + letsencrypt-prod), and migration init container. Runbook at
deploy/railiance/RUNBOOK.md with build, push, rotate, rollback procedures.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
OpenRC init script + RunDevServer env wrapper for the haskelseed build VM
(Alpine 3.23, GHC 9.10.3, IHP 1.5). IHP DevServer binds to 127.0.0.1:8000
so socat forwards 0.0.0.0:8080 → 127.0.0.1:8000 for external access.
Deploy steps are documented in the file headers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
