Debian trixie upgrades, third batch

upgrade all those servers to Debian trixie.

20 TPA machines

• alberti.torproject.org (can be done before the YEC, ⭐ )
• arti-test-net-01.torproject.org (forgotten in Debian trixie upgrades, second batch (#42070), can be done any time, ⭐ )
• ci-runner-x86-14.torproject.org (forgotten in Debian trixie upgrades, second batch (#42070), can be done any time, ⭐ )
• crm-int-01.torproject.org (blocked by https://gitlab.torproject.org/tpo/web/civicrm/-/issues/196, wait until after the YEC)
• dal-node-01.torproject.org (see #42069 (comment 3245186) before doing the ganeti upgrade)
• dal-node-02.torproject.org
• dal-node-03.torproject.org
• fsn-node-01.torproject.org
• fsn-node-02.torproject.org
• fsn-node-03.torproject.org
• fsn-node-04.torproject.org
• fsn-node-05.torproject.org
• fsn-node-06.torproject.org
• fsn-node-07.torproject.org
• fsn-node-08.torproject.org
• gitlab-02.torproject.org (blocked by upstream #548937)
• nevii.torproject.org (DO NOT DO THIS BEFORE DOING THE DNSSEC SWITCH FIRST, AKA blocked by #42268)
• pauli.torproject.org (wait until after the YEC and @lavamind)
• puppetdb-01.torproject.org (wait until after the YEC and @lavamind)
• snowflake-staging-01.torproject.org (forgotten in Debian trixie upgrades, second batch (#42070), can be done any time, ⭐)

11 tails servers

• isobuilder1.lizard → decommissioned (tails-sysadmin#18210 (closed))
• isobuilder2.lizard → decommissioned (tails-sysadmin#18210 (closed))
• isobuilder3.lizard → decommissioned (tails-sysadmin#18210 (closed))
• isobuilder4.lizard → decommissioned (tails-sysadmin#18210 (closed))
• isoworker1.dragon (running trixie, but currently shut down, return to production blocked by tails-sysadmin#18232)
• isoworker2.dragon (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker3.dragon (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker4.dragon (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker5.dragon (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker6.iguana (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker7.iguana (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworker8.iguana (blocked by #42169 (closed) and tails-sysadmin#18232, requires coordination with tails team!)
• isoworkers-mail.dragon (blocked by #42169 (closed))
• jenkins.dragon
• survey.lizard → decommissioned (#41945 (closed))
• translate.lizard

there's currently not set date for those upgrades, but we're hoping to complete those by the end of 2025. the due date is set as a reminder aligned to after the YEC.