http3 QUIC on nginx

add Prometheus and grafana services

automate secret deployment

configure joe user to use fish shell with some niceties, but as on demand shell, not on login

monitor and alert on error logs

move more crons to shepherd timed services