Update docker.io/library/mariadb Docker tag to v12

docs/create-new-web-service-vm.md

@@ -37,7 +37,8 @@ As the first step, we need to make the host known to Ansible.
     2. Add the host to the desired roles. As a minimum, you'll want `base_config_hosts` and `infrastructure_authorized_keys_hosts`. For a typical web service based on Docker Compose, you'll want `docker_compose_hosts`, `nginx_hosts`, and `certbot_hosts`.
  3. In the directorry `inventories/chaosknoten/host_var/`:
     1. A file `inventories/chaosknoten/host_var/example.yaml` with the host/service specific configuration.
-    2. A file `inventories/chaosknoten/host_var/example.sops.yaml` with the encrypted secrets for the host/service. Run `sops inventories/chaosknoten/host_var/example.yaml` to edit/create that file. Entries there should generally be prefixed with `secret__` to make it easier to see where that variable is coming from in templates etc.
+    2. A file `inventories/chaosknoten/host_var/example.sops.yaml` with the encrypted secrets for the host/service. Run `sops inventories/chaosknoten/host_var/example.yaml` to edit/create that file. Entries here should generally be prefixed with `secret__` to make it easier to see where that variable is coming from in templates etc.
+       * Add an entry `ansible_pull__age_private_key` with the age private key you generated above.
 
 ## Service-specific config
 

resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2

@@ -3,7 +3,7 @@
 
 services:
   database:
-    image: docker.io/library/mariadb:11
+    image: docker.io/library/mariadb:12
     environment:
       - "MARIADB_DATABASE=wordpress"
       - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"