From 2e0d4328867e312e70e3c204fe112b640b60838e Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Wed, 23 Apr 2025 15:56:34 +0200
Subject: [PATCH 001/129] add backup config info to

---
 app/Http/Controllers/Api/DatabasesController.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 504665f6a..452e24837 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -11,6 +11,7 @@
 use App\Http\Controllers\Controller;
 use App\Jobs\DeleteResourceJob;
 use App\Models\Project;
+use App\Models\ScheduledDatabaseBackup;
 use App\Models\Server;
 use Illuminate\Http\Request;
 use OpenApi\Attributes as OA;
@@ -78,7 +79,17 @@ public function databases(Request $request)
         foreach ($projects as $project) {
             $databases = $databases->merge($project->databases());
         }
-        $databases = $databases->map(function ($database) {
+
+        $backupConfig = ScheduledDatabaseBackup::with('latest_log')->get();
+        $databases = $databases->map(function ($database) use ($backupConfig) {
+            $databaseBackupConfig = $backupConfig->where('database_id', $database->id)->first();
+
+            if ($databaseBackupConfig) {
+                $database->backup_configs = $databaseBackupConfig;
+            } else {
+                $database->backup_configs = null;
+            }
+
             return $this->removeSensitiveData($database);
         });
 

From da487f609acfd8966ff8393e3c77dba64f358858 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Wed, 23 Apr 2025 20:59:20 +0200
Subject: [PATCH 002/129] implmenet `Get /database/:uuid/backups` api

---
 .../Controllers/Api/DatabasesController.php   | 63 +++++++++++++++++++
 routes/api.php                                |  5 ++
 2 files changed, 68 insertions(+)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 452e24837..de8daa43e 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -96,6 +96,69 @@ public function databases(Request $request)
         return response()->json($databases);
     }
 
+    #[OA\Get(
+        summary: 'Get',
+        description: 'Get database by UUID.',
+        path: '/databases/{uuid}/backups',
+        operationId: 'get-database-backups-by-uuid',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['Databases'],
+        parameters: [
+            new OA\Parameter(
+                name: 'uuid',
+                in: 'path',
+                description: 'UUID of the database.',
+                required: true,
+                schema: new OA\Schema(
+                    type: 'string',
+                    format: 'uuid',
+                )
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Get all backups for a database',
+                content: new OA\JsonContent(
+                    type: 'string',
+                    example: 'Content is very complex. Will be implemented later.',
+                ),
+            ),
+            new OA\Response(
+                response: 401,
+                ref: '#/components/responses/401',
+            ),
+            new OA\Response(
+                response: 400,
+                ref: '#/components/responses/400',
+            ),
+            new OA\Response(
+                response: 404,
+                ref: '#/components/responses/404',
+            ),
+        ]
+    )]
+    public function database_backup_details_uuid(Request $request)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+        if (! $request->uuid) {
+            return response()->json(['message' => 'UUID is required.'], 404);
+        }
+        $database = queryDatabaseByUuidWithinTeam($request->uuid, $teamId);
+        if (! $database) {
+            return response()->json(['message' => 'Database not found.'], 404);
+        }
+
+        $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->first();
+
+        return response()->json($this->removeSensitiveData($backupConfig));
+    }
+
     #[OA\Get(
         summary: 'Get',
         description: 'Get database by UUID.',
diff --git a/routes/api.php b/routes/api.php
index 8ac8aef14..409dd393f 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -23,6 +23,10 @@
 });
 
 Route::post('/feedback', [OtherController::class, 'feedback']);
+Route::get('/test', function () {
+    return response()->json(['message' => 'test']);
+});
+
 Route::group([
     'middleware' => ['auth:sanctum', 'api.ability:write'],
     'prefix' => 'v1',
@@ -110,6 +114,7 @@
     Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['api.ability:write']);
 
     Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']);
+    Route::get('/databases/{uuid}/backups', [DatabasesController::class, 'database_backup_details_uuid'])->middleware(['api.ability:read']);
     Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
     Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
 

From 5dff22d3455146c7a46901da823d6c8a8c3c8d06 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Thu, 24 Apr 2025 16:48:08 +0200
Subject: [PATCH 003/129] implement backup config via api

---
 .../Controllers/Api/DatabasesController.php   | 61 ++++++++++++++++++-
 routes/api.php                                |  3 -
 2 files changed, 59 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index de8daa43e..ab0191581 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -288,6 +288,19 @@ public function database_by_uuid(Request $request)
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
+                        // WIP
+                        'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
+                        's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
+                        'enabled' => ['type' => 'boolean', 'description' => 'Weather the backup is enabled or not'],
+                        'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
+                        'dump_all' => ['type' => 'boolean', 'description' => 'Weather all databases are dumped or not'],
+                        'frequency' => ['type' => 'string', 'description' => 'Frequency of the backup'],
+                        'database_backup_retention_amount_locally' => ['type' => 'integer', 'description' => 'Retention amount of the backup locally'],
+                        'database_backup_retention_days_locally' => ['type' => 'integer', 'description' => 'Retention days of the backup locally'],
+                        'database_backup_retention_max_storage_locally' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
+                        'database_backup_retention_amount_s3' => ['type' => 'integer', 'description' => 'Retention amount of the backup in s3'],
+                        'database_backup_retention_days_s3' => ['type' => 'integer', 'description' => 'Retention days of the backup in s3'],
+                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
                     ],
                 ),
             )
@@ -313,12 +326,14 @@ public function database_by_uuid(Request $request)
     )]
     public function update_by_uuid(Request $request)
     {
+        $allowedBackupConfigsFields = ['save_s3', 'enabled', 'dump_all', 'frequency',  'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
         $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
             return invalidTokenResponse();
         }
 
+        // this check if the request is a valid json
         $return = validateIncomingRequest($request);
         if ($return instanceof \Illuminate\Http\JsonResponse) {
             return $return;
@@ -336,6 +351,18 @@ public function update_by_uuid(Request $request)
             'limits_cpus' => 'string',
             'limits_cpuset' => 'string|nullable',
             'limits_cpu_shares' => 'numeric',
+            'save_s3' => 'boolean',
+            'enabled' => 'boolean',
+            'dump_all' => 'boolean',
+            's3_storage_id' => 'integer|min:1|exists:s3_storages,id|nullable',
+            'databases_to_backup' => 'string',
+            'frequency' => 'string|in:every_minute,hourly,daily,weekly,monthly,yearly',
+            'database_backup_retention_amount_locally' => 'integer|min:0',
+            'database_backup_retention_days_locally' => 'integer|min:0',
+            'database_backup_retention_max_storage_locally' => 'integer|min:0',
+            'database_backup_retention_amount_s3' => 'integer|min:0',
+            'database_backup_retention_days_s3' => 'integer|min:0',
+            'database_backup_retention_max_storage_s3' => 'integer|min:0',
         ]);
 
         if ($validator->fails()) {
@@ -347,6 +374,7 @@ public function update_by_uuid(Request $request)
         $uuid = $request->uuid;
         removeUnnecessaryFieldsFromRequest($request);
         $database = queryDatabaseByUuidWithinTeam($uuid, $teamId);
+        $backupConfig = ScheduledDatabaseBackup::where('database_id', $database->id)->first();
         if (! $database) {
             return response()->json(['message' => 'Database not found.'], 404);
         }
@@ -545,7 +573,7 @@ public function update_by_uuid(Request $request)
                 }
                 break;
         }
-        $extraFields = array_diff(array_keys($request->all()), $allowedFields);
+        $extraFields = array_diff(array_keys($request->all()), $allowedFields, $allowedBackupConfigsFields);
         if ($validator->fails() || ! empty($extraFields)) {
             $errors = $validator->errors();
             if (! empty($extraFields)) {
@@ -567,7 +595,36 @@ public function update_by_uuid(Request $request)
             $whatToDoWithDatabaseProxy = 'start';
         }
 
-        $database->update($request->all());
+        $backupPayload = $request->only($allowedBackupConfigsFields);
+        $databasePayload = $request->only($allowedFields);
+
+        if ($databasePayload) {
+            $database->update($databasePayload);
+        }
+
+        if ($backupPayload && ! $backupConfig) {
+            if ($database->type() === 'standalone-postgresql') {
+                $backupPayload['databases_to_backup'] = $database->postgres_db;
+            } elseif ($database->type() === 'standalone-mysql') {
+                $backupPayload['databases_to_backup'] = $database->mysql_database;
+            } elseif ($database->type() === 'standalone-mariadb') {
+                $backupPayload['databases_to_backup'] = $database->mariadb_database;
+            } elseif ($database->type() === 'standalone-mongodbs') {
+                $backupPayload['databases_to_backup'] = $database->mongo_initdb_database;
+            }
+
+            $backupConfig = ScheduledDatabaseBackup::create([
+                'database_id' => $database->id,
+                'database_type' => $database->getMorphClass(),
+                'team_id' => $teamId,
+                's3_storage_id' => $backupPayload['s3_storage_id'] ?? 1,
+                ...$backupPayload,
+            ]);
+        }
+
+        if ($backupPayload && $backupConfig) {
+            $backupConfig->update($backupPayload);
+        }
 
         if ($whatToDoWithDatabaseProxy === 'start') {
             StartDatabaseProxy::dispatch($database);
diff --git a/routes/api.php b/routes/api.php
index 409dd393f..326399f30 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -23,9 +23,6 @@
 });
 
 Route::post('/feedback', [OtherController::class, 'feedback']);
-Route::get('/test', function () {
-    return response()->json(['message' => 'test']);
-});
 
 Route::group([
     'middleware' => ['auth:sanctum', 'api.ability:write'],

From 2a06a392d5174f278f20cf9533644d1e7fd2c747 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Fri, 25 Apr 2025 11:46:02 +0200
Subject: [PATCH 004/129] Implement backup delete

---
 .../Controllers/Api/DatabasesController.php   | 95 +++++++++++++++++++
 routes/api.php                                |  1 +
 2 files changed, 96 insertions(+)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index ab0191581..a25b07bf2 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -1750,6 +1750,101 @@ public function delete_by_uuid(Request $request)
         ]);
     }
 
+    #[OA\Delete(
+        summary: 'Delete backup',
+        description: 'Deletes a backup by its database UUID and backup ID.',
+        path: '/databases/{uuid}/backups/{backup_id}',
+        operationId: 'delete-backup-by-uuid',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['backups'],
+        parameters: [
+            new OA\Parameter(
+                name: 'uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the database to delete',
+                schema: new OA\Schema(type: 'string')
+            ),
+            new OA\Parameter(
+                name: 'backup_id',
+                in: 'path',
+                required: true,
+                description: 'ID of the backup to delete',
+                schema: new OA\Schema(type: 'string')
+            ),
+            new OA\Parameter(
+                name: 'delete_s3',
+                in: 'query',
+                required: false,
+                description: 'Whether to delete the backup from S3',
+                schema: new OA\Schema(type: 'boolean', default: false)
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Backup deleted.',
+                content: new OA\JsonContent(
+                    type: 'object',
+                    properties: [
+                        'message' => new OA\Schema(type: 'string', example: 'Backup deleted.'),
+                    ]
+                )
+            ),
+            new OA\Response(
+                response: 404,
+                description: 'Backup not found.',
+                content: new OA\JsonContent(
+                    type: 'object',
+                    properties: [
+                        'message' => new OA\Schema(type: 'string', example: 'Backup not found.'),
+                    ]
+                )
+            ),
+        ]
+    )]
+    public function delete_backup_by_uuid(Request $request)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+        $database = queryDatabaseByUuidWithinTeam($request->uuid, $teamId);
+        if (! $database) {
+            return response()->json(['message' => 'Database not found.'], 404);
+        }
+        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)->first();
+        if (! $backup) {
+            return response()->json(['message' => 'Backup not found.'], 404);
+        }
+        $execution = $backup->executions()->where('id', $request->backup_id)->first();
+        if (! $execution) {
+            return response()->json(['message' => 'Execution not found.'], 404);
+        }
+
+        $deleteS3 = filter_var($request->query->get('delete_s3', false), FILTER_VALIDATE_BOOLEAN);
+
+        try {
+            if ($execution->filename) {
+                deleteBackupsLocally($execution->filename, $database->destination->server);
+
+                if ($deleteS3 && $backup->s3) {
+                    deleteBackupsS3($execution->filename, $backup->s3);
+                }
+            }
+
+            $execution->delete();
+
+            return response()->json([
+                'message' => 'Backup deleted.',
+            ]);
+        } catch (\Exception $e) {
+            return response()->json(['message' => 'Failed to delete backup: '.$e->getMessage()], 500);
+        }
+    }
+
     #[OA\Get(
         summary: 'Start',
         description: 'Start database. `Post` request is also accepted.',
diff --git a/routes/api.php b/routes/api.php
index 326399f30..1a1990513 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -114,6 +114,7 @@
     Route::get('/databases/{uuid}/backups', [DatabasesController::class, 'database_backup_details_uuid'])->middleware(['api.ability:read']);
     Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
     Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/databases/{uuid}/backups/{backup_id}', [DatabasesController::class, 'delete_backup_by_uuid'])->middleware(['api.ability:write']);
 
     Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['api.ability:write']);
     Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['api.ability:write']);

From 81180af27d4f5870bd7e4253c7fd3804eeac2afb Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Fri, 25 Apr 2025 15:49:14 +0200
Subject: [PATCH 005/129] add ability to get backup now and get all schedule
 backup

---
 .../Controllers/Api/DatabasesController.php   | 26 +++++++++++++------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index a25b07bf2..9d007939d 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -9,6 +9,7 @@
 use App\Actions\Database\StopDatabaseProxy;
 use App\Enums\NewDatabaseTypes;
 use App\Http\Controllers\Controller;
+use App\Jobs\DatabaseBackupJob;
 use App\Jobs\DeleteResourceJob;
 use App\Models\Project;
 use App\Models\ScheduledDatabaseBackup;
@@ -80,12 +81,11 @@ public function databases(Request $request)
             $databases = $databases->merge($project->databases());
         }
 
-        $backupConfig = ScheduledDatabaseBackup::with('latest_log')->get();
-        $databases = $databases->map(function ($database) use ($backupConfig) {
-            $databaseBackupConfig = $backupConfig->where('database_id', $database->id)->first();
+        $databases = $databases->map(function ($database) {
+            $backupConfig = ScheduledDatabaseBackup::with('latest_log')->where('database_id', $database->id)->get();
 
-            if ($databaseBackupConfig) {
-                $database->backup_configs = $databaseBackupConfig;
+            if ($backupConfig) {
+                $database->backup_configs = $backupConfig;
             } else {
                 $database->backup_configs = null;
             }
@@ -98,7 +98,7 @@ public function databases(Request $request)
 
     #[OA\Get(
         summary: 'Get',
-        description: 'Get database by UUID.',
+        description: 'Get backups details by database UUID.',
         path: '/databases/{uuid}/backups',
         operationId: 'get-database-backups-by-uuid',
         security: [
@@ -291,6 +291,7 @@ public function database_by_uuid(Request $request)
                         // WIP
                         'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
                         's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
+                        'backup_now' => ['type' => 'boolean', 'description' => 'Weather to take a backup now or not'],
                         'enabled' => ['type' => 'boolean', 'description' => 'Weather the backup is enabled or not'],
                         'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
                         'dump_all' => ['type' => 'boolean', 'description' => 'Weather all databases are dumped or not'],
@@ -326,7 +327,7 @@ public function database_by_uuid(Request $request)
     )]
     public function update_by_uuid(Request $request)
     {
-        $allowedBackupConfigsFields = ['save_s3', 'enabled', 'dump_all', 'frequency',  'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
+        $allowedBackupConfigsFields = ['save_s3', 'enabled', 'dump_all', 'frequency', 'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
         $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
@@ -352,6 +353,7 @@ public function update_by_uuid(Request $request)
             'limits_cpuset' => 'string|nullable',
             'limits_cpu_shares' => 'numeric',
             'save_s3' => 'boolean',
+            'backup_now' => 'boolean|nullable',
             'enabled' => 'boolean',
             'dump_all' => 'boolean',
             's3_storage_id' => 'integer|min:1|exists:s3_storages,id|nullable',
@@ -573,7 +575,7 @@ public function update_by_uuid(Request $request)
                 }
                 break;
         }
-        $extraFields = array_diff(array_keys($request->all()), $allowedFields, $allowedBackupConfigsFields);
+        $extraFields = array_diff(array_keys($request->all()), $allowedFields, $allowedBackupConfigsFields, ['backup_now']);
         if ($validator->fails() || ! empty($extraFields)) {
             $errors = $validator->errors();
             if (! empty($extraFields)) {
@@ -620,10 +622,18 @@ public function update_by_uuid(Request $request)
                 's3_storage_id' => $backupPayload['s3_storage_id'] ?? 1,
                 ...$backupPayload,
             ]);
+
+            if ($request->backup_now) {
+                DatabaseBackupJob::dispatch($backupConfig);
+            }
         }
 
         if ($backupPayload && $backupConfig) {
             $backupConfig->update($backupPayload);
+
+            if ($request->backup_now) {
+                DatabaseBackupJob::dispatch($backupConfig);
+            }
         }
 
         if ($whatToDoWithDatabaseProxy === 'start') {

From 71ff19e746e59619ed2975877ea0754ada07b5cb Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Fri, 25 Apr 2025 15:53:23 +0200
Subject: [PATCH 006/129] get all of the backups

---
 app/Http/Controllers/Api/DatabasesController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 9d007939d..9c04d1d42 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -154,7 +154,7 @@ public function database_backup_details_uuid(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
-        $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->first();
+        $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->get();
 
         return response()->json($this->removeSensitiveData($backupConfig));
     }

From b4119fe012052f5d083c0d849d2f2942eca02f40 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Fri, 25 Apr 2025 16:43:05 +0200
Subject: [PATCH 007/129] change the order of update

---
 .../Controllers/Api/DatabasesController.php     | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 9c04d1d42..389983920 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -604,6 +604,15 @@ public function update_by_uuid(Request $request)
             $database->update($databasePayload);
         }
 
+        if ($backupPayload && $backupConfig) {
+            $backupConfig->update($backupPayload);
+
+            if ($request->backup_now) {
+                dd('test');
+                DatabaseBackupJob::dispatch($backupConfig);
+            }
+        }
+
         if ($backupPayload && ! $backupConfig) {
             if ($database->type() === 'standalone-postgresql') {
                 $backupPayload['databases_to_backup'] = $database->postgres_db;
@@ -628,14 +637,6 @@ public function update_by_uuid(Request $request)
             }
         }
 
-        if ($backupPayload && $backupConfig) {
-            $backupConfig->update($backupPayload);
-
-            if ($request->backup_now) {
-                DatabaseBackupJob::dispatch($backupConfig);
-            }
-        }
-
         if ($whatToDoWithDatabaseProxy === 'start') {
             StartDatabaseProxy::dispatch($database);
         } elseif ($whatToDoWithDatabaseProxy === 'stop') {

From 166e5ad2271479b8ea6d8d7ea1a849fed85d0aad Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Fri, 25 Apr 2025 17:20:48 +0200
Subject: [PATCH 008/129] remove dd

---
 app/Http/Controllers/Api/DatabasesController.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 389983920..4f62da8bf 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -608,7 +608,6 @@ public function update_by_uuid(Request $request)
             $backupConfig->update($backupPayload);
 
             if ($request->backup_now) {
-                dd('test');
                 DatabaseBackupJob::dispatch($backupConfig);
             }
         }

From be104cd612cdf3e13523c0077bb4273cb95687a5 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Thu, 22 May 2025 14:36:14 +0200
Subject: [PATCH 009/129] feat(api): add endpoint to update backup
 configuration by UUID and backup ID; modify response to include backup id

---
 .../Controllers/Api/DatabasesController.php   | 153 +++++++++++++++++-
 routes/api.php                                |   1 +
 2 files changed, 152 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 4f62da8bf..7172e5aae 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -156,7 +156,7 @@ public function database_backup_details_uuid(Request $request)
 
         $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->get();
 
-        return response()->json($this->removeSensitiveData($backupConfig));
+        return response()->json($backupConfig);
     }
 
     #[OA\Get(
@@ -288,7 +288,6 @@ public function database_by_uuid(Request $request)
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
-                        // WIP
                         'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
                         's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
                         'backup_now' => ['type' => 'boolean', 'description' => 'Weather to take a backup now or not'],
@@ -647,6 +646,156 @@ public function update_by_uuid(Request $request)
         ]);
     }
 
+    #[OA\Patch(
+        summary: 'Update',
+        description: 'Update a specific backup configuration for a given database, identified by its UUID and the backup ID',
+        path: '/databases/{uuid}/backups/{backup_id}',
+        operationId: 'update-database-backup-config-by-uuid-and-backup-id',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['Databases'],
+        parameters: [
+            new OA\Parameter(
+                name: 'uuid',
+                in: 'path',
+                description: 'UUID of the database.',
+                required: true,
+                schema: new OA\Schema(
+                    type: 'string',
+                    format: 'uuid',
+                )
+            ),
+            new OA\Parameter(
+                name: 'backup_id',
+                in: 'path',
+                description: 'ID of the backup configuration.',
+                required: true,
+                schema: new OA\Schema(
+                    type: 'integer',
+                )
+            ),
+        ],
+        requestBody: new OA\RequestBody(
+            description: 'Database backup configuration data',
+            required: true,
+            content: new OA\MediaType(
+                mediaType: 'application/json',
+                schema: new OA\Schema(
+                    type: 'object',
+                    properties: [
+                        'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
+                        's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
+                        'backup_now' => ['type' => 'boolean', 'description' => 'Weather to take a backup now or not'],
+                        'enabled' => ['type' => 'boolean', 'description' => 'Weather the backup is enabled or not'],
+                        'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
+                        'dump_all' => ['type' => 'boolean', 'description' => 'Weather all databases are dumped or not'],
+                        'frequency' => ['type' => 'string', 'description' => 'Frequency of the backup'],
+                        'database_backup_retention_amount_locally' => ['type' => 'integer', 'description' => 'Retention amount of the backup locally'],
+                        'database_backup_retention_days_locally' => ['type' => 'integer', 'description' => 'Retention days of the backup locally'],
+                        'database_backup_retention_max_storage_locally' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
+                        'database_backup_retention_amount_s3' => ['type' => 'integer', 'description' => 'Retention amount of the backup in s3'],
+                        'database_backup_retention_days_s3' => ['type' => 'integer', 'description' => 'Retention days of the backup in s3'],
+                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
+                    ],
+                ),
+            )
+        ),
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Database backup configuration updated',
+            ),
+            new OA\Response(
+                response: 401,
+                ref: '#/components/responses/401',
+            ),
+            new OA\Response(
+                response: 400,
+                ref: '#/components/responses/400',
+            ),
+            new OA\Response(
+                response: 404,
+                ref: '#/components/responses/404',
+            ),
+        ]
+    )]
+    public function update_backup_config_by_uuid_and_backup_id(Request $request)
+    {
+        $backupConfigFields = ['save_s3', 'enabled', 'dump_all', 'frequency', 'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
+
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+        // this check if the request is a valid json
+        $return = validateIncomingRequest($request);
+        if ($return instanceof \Illuminate\Http\JsonResponse) {
+            return $return;
+        }
+        $validator = customApiValidator($request->all(), [
+            'save_s3' => 'boolean',
+            'backup_now' => 'boolean|nullable',
+            'enabled' => 'boolean',
+            'dump_all' => 'boolean',
+            's3_storage_id' => 'integer|min:1|exists:s3_storages,id|nullable',
+            'databases_to_backup' => 'string',
+            'frequency' => 'string|in:every_minute,hourly,daily,weekly,monthly,yearly',
+            'database_backup_retention_amount_locally' => 'integer|min:0',
+            'database_backup_retention_days_locally' => 'integer|min:0',
+            'database_backup_retention_max_storage_locally' => 'integer|min:0',
+            'database_backup_retention_amount_s3' => 'integer|min:0',
+            'database_backup_retention_days_s3' => 'integer|min:0',
+            'database_backup_retention_max_storage_s3' => 'integer|min:0',
+        ]);
+        if ($validator->fails()) {
+            return response()->json([
+                'message' => 'Validation failed.',
+                'errors' => $validator->errors(),
+            ], 422);
+        }
+
+        if (! $request->uuid) {
+            return response()->json(['message' => 'UUID is required.'], 404);
+        }
+        $uuid = $request->uuid;
+        removeUnnecessaryFieldsFromRequest($request);
+        $database = queryDatabaseByUuidWithinTeam($uuid, $teamId);
+        if (! $database) {
+            return response()->json(['message' => 'Database not found.'], 404);
+        }
+
+        $backupConfig = ScheduledDatabaseBackup::where('database_id', $database->id)
+            ->where('id', $request->backup_id)
+            ->first();
+        if (! $backupConfig) {
+            return response()->json(['message' => 'Backup config not found.'], 404);
+        }
+
+        $extraFields = array_diff(array_keys($request->all()), $backupConfigFields, ['backup_now']);
+        if (! empty($extraFields)) {
+            $errors = $validator->errors();
+            foreach ($extraFields as $field) {
+                $errors->add($field, 'This field is not allowed.');
+            }
+
+            return response()->json([
+                'message' => 'Validation failed.',
+                'errors' => $errors,
+            ], 422);
+        }
+
+        $backupConfig->update($request->only($backupConfigFields));
+
+        if ($request->backup_now) {
+            DatabaseBackupJob::dispatch($backupConfig);
+        }
+
+        return response()->json([
+            'message' => 'Database backup configuration updated',
+        ]);
+    }
+
     #[OA\Post(
         summary: 'Create (PostgreSQL)',
         description: 'Create a new PostgreSQL database.',
diff --git a/routes/api.php b/routes/api.php
index 1a1990513..a5abe4b98 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -113,6 +113,7 @@
     Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']);
     Route::get('/databases/{uuid}/backups', [DatabasesController::class, 'database_backup_details_uuid'])->middleware(['api.ability:read']);
     Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
+    Route::patch('/databases/{uuid}/backups/{backup_id}', [DatabasesController::class, 'update_backup_config_by_uuid_and_backup_id'])->middleware(['api.ability:write']);
     Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
     Route::delete('/databases/{uuid}/backups/{backup_id}', [DatabasesController::class, 'delete_backup_by_uuid'])->middleware(['api.ability:write']);
 

From 2bf6a9cb2c324715b19d87e88babfba1ebc7ca30 Mon Sep 17 00:00:00 2001
From: DanielHemmati <danialups1997@gmail.com>
Date: Thu, 22 May 2025 14:39:36 +0200
Subject: [PATCH 010/129] undo changes to update_by_uuid method

---
 .../Controllers/Api/DatabasesController.php   | 56 +------------------
 1 file changed, 2 insertions(+), 54 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 7172e5aae..4fa42c37d 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -326,7 +326,6 @@ public function database_by_uuid(Request $request)
     )]
     public function update_by_uuid(Request $request)
     {
-        $allowedBackupConfigsFields = ['save_s3', 'enabled', 'dump_all', 'frequency', 'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
         $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
@@ -351,19 +350,6 @@ public function update_by_uuid(Request $request)
             'limits_cpus' => 'string',
             'limits_cpuset' => 'string|nullable',
             'limits_cpu_shares' => 'numeric',
-            'save_s3' => 'boolean',
-            'backup_now' => 'boolean|nullable',
-            'enabled' => 'boolean',
-            'dump_all' => 'boolean',
-            's3_storage_id' => 'integer|min:1|exists:s3_storages,id|nullable',
-            'databases_to_backup' => 'string',
-            'frequency' => 'string|in:every_minute,hourly,daily,weekly,monthly,yearly',
-            'database_backup_retention_amount_locally' => 'integer|min:0',
-            'database_backup_retention_days_locally' => 'integer|min:0',
-            'database_backup_retention_max_storage_locally' => 'integer|min:0',
-            'database_backup_retention_amount_s3' => 'integer|min:0',
-            'database_backup_retention_days_s3' => 'integer|min:0',
-            'database_backup_retention_max_storage_s3' => 'integer|min:0',
         ]);
 
         if ($validator->fails()) {
@@ -375,7 +361,6 @@ public function update_by_uuid(Request $request)
         $uuid = $request->uuid;
         removeUnnecessaryFieldsFromRequest($request);
         $database = queryDatabaseByUuidWithinTeam($uuid, $teamId);
-        $backupConfig = ScheduledDatabaseBackup::where('database_id', $database->id)->first();
         if (! $database) {
             return response()->json(['message' => 'Database not found.'], 404);
         }
@@ -574,7 +559,7 @@ public function update_by_uuid(Request $request)
                 }
                 break;
         }
-        $extraFields = array_diff(array_keys($request->all()), $allowedFields, $allowedBackupConfigsFields, ['backup_now']);
+        $extraFields = array_diff(array_keys($request->all()), $allowedFields);
         if ($validator->fails() || ! empty($extraFields)) {
             $errors = $validator->errors();
             if (! empty($extraFields)) {
@@ -596,44 +581,7 @@ public function update_by_uuid(Request $request)
             $whatToDoWithDatabaseProxy = 'start';
         }
 
-        $backupPayload = $request->only($allowedBackupConfigsFields);
-        $databasePayload = $request->only($allowedFields);
-
-        if ($databasePayload) {
-            $database->update($databasePayload);
-        }
-
-        if ($backupPayload && $backupConfig) {
-            $backupConfig->update($backupPayload);
-
-            if ($request->backup_now) {
-                DatabaseBackupJob::dispatch($backupConfig);
-            }
-        }
-
-        if ($backupPayload && ! $backupConfig) {
-            if ($database->type() === 'standalone-postgresql') {
-                $backupPayload['databases_to_backup'] = $database->postgres_db;
-            } elseif ($database->type() === 'standalone-mysql') {
-                $backupPayload['databases_to_backup'] = $database->mysql_database;
-            } elseif ($database->type() === 'standalone-mariadb') {
-                $backupPayload['databases_to_backup'] = $database->mariadb_database;
-            } elseif ($database->type() === 'standalone-mongodbs') {
-                $backupPayload['databases_to_backup'] = $database->mongo_initdb_database;
-            }
-
-            $backupConfig = ScheduledDatabaseBackup::create([
-                'database_id' => $database->id,
-                'database_type' => $database->getMorphClass(),
-                'team_id' => $teamId,
-                's3_storage_id' => $backupPayload['s3_storage_id'] ?? 1,
-                ...$backupPayload,
-            ]);
-
-            if ($request->backup_now) {
-                DatabaseBackupJob::dispatch($backupConfig);
-            }
-        }
+        $database->update($request->all());
 
         if ($whatToDoWithDatabaseProxy === 'start') {
             StartDatabaseProxy::dispatch($database);

From 7a110880c1e7bc36b4a841890912799746310945 Mon Sep 17 00:00:00 2001
From: jvdboog <110812872+jvdboog@users.noreply.github.com>
Date: Sun, 20 Jul 2025 22:15:42 +0200
Subject: [PATCH 011/129] feat: Improve detection of special network modes

---
 bootstrap/helpers/shared.php | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php
index 7ce511f2c..4e77b35c3 100644
--- a/bootstrap/helpers/shared.php
+++ b/bootstrap/helpers/shared.php
@@ -614,10 +614,14 @@ function getTopLevelNetworks(Service|Application $resource)
             $definedNetwork = collect([$resource->uuid]);
             $services = collect($services)->map(function ($service, $_) use ($topLevelNetworks, $definedNetwork) {
                 $serviceNetworks = collect(data_get($service, 'networks', []));
-                $hasHostNetworkMode = data_get($service, 'network_mode') === 'host' ? true : false;
+                $networkMode = data_get($service, 'network_mode');
 
-                // Only add 'networks' key if 'network_mode' is not 'host'
-                if (! $hasHostNetworkMode) {
+                $hasValidNetworkMode =
+                    $networkMode === 'host' ||
+                    (is_string($networkMode) && (str_starts_with($networkMode, 'service:') || str_starts_with($networkMode, 'container:')));
+
+                // Only add 'networks' key if 'network_mode' is not 'host' or does not start with 'service:' or 'container:'
+                if (! $hasValidNetworkMode) {
                     // Collect/create/update networks
                     if ($serviceNetworks->count() > 0) {
                         foreach ($serviceNetworks as $networkName => $networkDetails) {
@@ -1502,7 +1506,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 $serviceNetworks = collect(data_get($service, 'networks', []));
                 $serviceVariables = collect(data_get($service, 'environment', []));
                 $serviceLabels = collect(data_get($service, 'labels', []));
-                $hasHostNetworkMode = data_get($service, 'network_mode') === 'host' ? true : false;
+                $networkMode = data_get($service, 'network_mode');
+
+                $hasValidNetworkMode =
+                    $networkMode === 'host' ||
+                    (is_string($networkMode) && (str_starts_with($networkMode, 'service:') || str_starts_with($networkMode, 'container:')));
+
                 if ($serviceLabels->count() > 0) {
                     $removedLabels = collect([]);
                     $serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) {
@@ -1613,7 +1622,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 $savedService->ports = $collectedPorts->implode(',');
                 $savedService->save();
 
-                if (! $hasHostNetworkMode) {
+                if (! $hasValidNetworkMode) {
                     // Add Coolify specific networks
                     $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
                         return $value == $definedNetwork;

From bfc8a25b726102f79776a900cdb41e793c240316 Mon Sep 17 00:00:00 2001
From: QarthO <qartho@gmail.com>
Date: Fri, 29 Aug 2025 09:09:03 -0400
Subject: [PATCH 012/129] move domain trimming before URL validation

---
 app/Livewire/Project/Application/General.php            | 3 ++-
 app/Livewire/Project/Service/EditDomain.php             | 3 ++-
 app/Livewire/Project/Service/ServiceApplicationView.php | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php
index aa72b7c5f..c55afb589 100644
--- a/app/Livewire/Project/Application/General.php
+++ b/app/Livewire/Project/Application/General.php
@@ -547,9 +547,10 @@ public function submit($showToaster = true)
             $this->application->fqdn = str($this->application->fqdn)->replaceEnd(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->replaceStart(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->trim()->explode(',')->map(function ($domain) {
+                $domain = trim($domain);
                 Url::fromString($domain, ['http', 'https']);
 
-                return str($domain)->trim()->lower();
+                return str($domain)->lower();
             });
 
             $this->application->fqdn = $this->application->fqdn->unique()->implode(',');
diff --git a/app/Livewire/Project/Service/EditDomain.php b/app/Livewire/Project/Service/EditDomain.php
index 5ce170b99..7c718393d 100644
--- a/app/Livewire/Project/Service/EditDomain.php
+++ b/app/Livewire/Project/Service/EditDomain.php
@@ -41,9 +41,10 @@ public function submit()
             $this->application->fqdn = str($this->application->fqdn)->replaceEnd(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->replaceStart(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->trim()->explode(',')->map(function ($domain) {
+                $domain = trim($domain);
                 Url::fromString($domain, ['http', 'https']);
 
-                return str($domain)->trim()->lower();
+                return str($domain)->lower();
             });
             $this->application->fqdn = $this->application->fqdn->unique()->implode(',');
             $warning = sslipDomainWarning($this->application->fqdn);
diff --git a/app/Livewire/Project/Service/ServiceApplicationView.php b/app/Livewire/Project/Service/ServiceApplicationView.php
index 3ac12cfe9..e37b6ad86 100644
--- a/app/Livewire/Project/Service/ServiceApplicationView.php
+++ b/app/Livewire/Project/Service/ServiceApplicationView.php
@@ -149,9 +149,10 @@ public function submit()
             $this->application->fqdn = str($this->application->fqdn)->replaceEnd(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->replaceStart(',', '')->trim();
             $this->application->fqdn = str($this->application->fqdn)->trim()->explode(',')->map(function ($domain) {
+                $domain = trim($domain);
                 Url::fromString($domain, ['http', 'https']);
 
-                return str($domain)->trim()->lower();
+                return str($domain)->lower();
             });
             $this->application->fqdn = $this->application->fqdn->unique()->implode(',');
             $warning = sslipDomainWarning($this->application->fqdn);

From 4b592b93e8757bd73e3b94316274a9de93001489 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Fri, 29 Aug 2025 15:22:30 +0200
Subject: [PATCH 013/129] chore: remove unused files

---
 scripts/install-1.6.sh | 571 -----------------------------
 scripts/install-1.7.sh | 789 -----------------------------------------
 2 files changed, 1360 deletions(-)
 delete mode 100644 scripts/install-1.6.sh
 delete mode 100755 scripts/install-1.7.sh

diff --git a/scripts/install-1.6.sh b/scripts/install-1.6.sh
deleted file mode 100644
index 50bce4e55..000000000
--- a/scripts/install-1.6.sh
+++ /dev/null
@@ -1,571 +0,0 @@
-#!/bin/bash
-## Do not modify this file. You will lose the ability to install and auto-update!
-
-set -e # Exit immediately if a command exits with a non-zero status
-## $1 could be empty, so we need to disable this check
-#set -u # Treat unset variables as an error and exit
-set -o pipefail # Cause a pipeline to return the status of the last command that exited with a non-zero status
-CDN="https://cdn.coollabs.io/coolify"
-DATE=$(date +"%Y%m%d-%H%M%S")
-
-VERSION="1.6"
-DOCKER_VERSION="27.0"
-# TODO: Ask for a user
-CURRENT_USER=$USER
-
-if [ $EUID != 0 ]; then
-    echo "Please run this script as root or with sudo"
-    exit
-fi
-
-echo -e "Welcome to Coolify Installer!"
-echo -e "This script will install everything for you. Sit back and relax."
-echo -e "Source code: https://github.com/coollabsio/coolify/blob/main/scripts/install.sh\n"
-
-# Predefined root user
-ROOT_USERNAME=${ROOT_USERNAME:-}
-ROOT_USER_EMAIL=${ROOT_USER_EMAIL:-}
-ROOT_USER_PASSWORD=${ROOT_USER_PASSWORD:-}
-
-TOTAL_SPACE=$(df -BG / | awk 'NR==2 {print $2}' | sed 's/G//')
-AVAILABLE_SPACE=$(df -BG / | awk 'NR==2 {print $4}' | sed 's/G//')
-REQUIRED_TOTAL_SPACE=30
-REQUIRED_AVAILABLE_SPACE=20
-WARNING_SPACE=false
-
-if [ "$TOTAL_SPACE" -lt "$REQUIRED_TOTAL_SPACE" ]; then
-    WARNING_SPACE=true
-    cat <<EOF
-WARNING: Insufficient total disk space!
-
-Total disk space:     ${TOTAL_SPACE}GB
-Required disk space:  ${REQUIRED_TOTAL_SPACE}GB
-
-==================
-EOF
-fi
-
-if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_AVAILABLE_SPACE" ]; then
-    cat <<EOF
-WARNING: Insufficient available disk space!
-
-Available disk space:   ${AVAILABLE_SPACE}GB
-Required available space: ${REQUIRED_AVAILABLE_SPACE}GB
-
-==================
-EOF
-    WARNING_SPACE=true
-fi
-
-if [ "$WARNING_SPACE" = true ]; then
-    echo "Sleeping for 5 seconds."
-    sleep 5
-fi
-
-mkdir -p /data/coolify/{source,ssh,applications,databases,backups,services,proxy,webhooks-during-maintenance,sentinel}
-mkdir -p /data/coolify/ssh/{keys,mux}
-mkdir -p /data/coolify/proxy/dynamic
-
-chown -R 9999:root /data/coolify
-chmod -R 700 /data/coolify
-
-INSTALLATION_LOG_WITH_DATE="/data/coolify/source/installation-${DATE}.log"
-
-exec > >(tee -a $INSTALLATION_LOG_WITH_DATE) 2>&1
-
-getAJoke() {
-    JOKES=$(curl -s --max-time 2 "https://v2.jokeapi.dev/joke/Programming?blacklistFlags=nsfw,religious,political,racist,sexist,explicit&format=txt&type=single" || true)
-    if [ "$JOKES" != "" ]; then
-        echo -e " - Until then, here's a joke for you:\n"
-        echo -e "$JOKES\n"
-    fi
-}
-OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
-ENV_FILE="/data/coolify/source/.env"
-
-# Check if the OS is manjaro, if so, change it to arch
-if [ "$OS_TYPE" = "manjaro" ] || [ "$OS_TYPE" = "manjaro-arm" ]; then
-    OS_TYPE="arch"
-fi
-
-# Check if the OS is Endeavour OS, if so, change it to arch
-if [ "$OS_TYPE" = "endeavouros" ]; then
-    OS_TYPE="arch"
-fi
-
-# Check if the OS is Asahi Linux, if so, change it to fedora
-if [ "$OS_TYPE" = "fedora-asahi-remix" ]; then
-    OS_TYPE="fedora"
-fi
-
-# Check if the OS is popOS, if so, change it to ubuntu
-if [ "$OS_TYPE" = "pop" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-# Check if the OS is linuxmint, if so, change it to ubuntu
-if [ "$OS_TYPE" = "linuxmint" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-#Check if the OS is zorin, if so, change it to ubuntu
-if [ "$OS_TYPE" = "zorin" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-if [ "$OS_TYPE" = "arch" ] || [ "$OS_TYPE" = "archarm" ]; then
-    OS_VERSION="rolling"
-else
-    OS_VERSION=$(grep -w "VERSION_ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
-fi
-
-# Install xargs on Amazon Linux 2023 - lol
-if [ "$OS_TYPE" = 'amzn' ]; then
-    dnf install -y findutils >/dev/null
-fi
-
-LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',')
-LATEST_HELPER_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',')
-LATEST_REALTIME_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',')
-
-if [ -z "$LATEST_HELPER_VERSION" ]; then
-    LATEST_HELPER_VERSION=latest
-fi
-
-if [ -z "$LATEST_REALTIME_VERSION" ]; then
-    LATEST_REALTIME_VERSION=latest
-fi
-
-case "$OS_TYPE" in
-arch | ubuntu | debian | raspbian | centos | fedora | rhel | ol | rocky | sles | opensuse-leap | opensuse-tumbleweed | almalinux | amzn | alpine) ;;
-*)
-    echo "This script only supports Debian, Redhat, Arch Linux, Alpine Linux, or SLES based operating systems for now."
-    exit
-    ;;
-esac
-
-# Overwrite LATEST_VERSION if user pass a version number
-if [ "$1" != "" ]; then
-    LATEST_VERSION=$1
-    LATEST_VERSION="${LATEST_VERSION,,}"
-    LATEST_VERSION="${LATEST_VERSION#v}"
-fi
-
-echo -e "---------------------------------------------"
-echo "| Operating System  | $OS_TYPE $OS_VERSION"
-echo "| Docker            | $DOCKER_VERSION"
-echo "| Coolify           | $LATEST_VERSION"
-echo "| Helper            | $LATEST_HELPER_VERSION"
-echo "| Realtime          | $LATEST_REALTIME_VERSION"
-echo -e "---------------------------------------------\n"
-echo -e "1. Installing required packages (curl, wget, git, jq, openssl). "
-
-case "$OS_TYPE" in
-arch)
-    pacman -Sy --noconfirm --needed curl wget git jq openssl >/dev/null || true
-    ;;
-alpine)
-    sed -i '/^#.*\/community/s/^#//' /etc/apk/repositories
-    apk update >/dev/null
-    apk add curl wget git jq openssl >/dev/null
-    ;;
-ubuntu | debian | raspbian)
-    apt-get update -y >/dev/null
-    apt-get install -y curl wget git jq openssl >/dev/null
-    ;;
-centos | fedora | rhel | ol | rocky | almalinux | amzn)
-    if [ "$OS_TYPE" = "amzn" ]; then
-        dnf install -y wget git jq openssl >/dev/null
-    else
-        if ! command -v dnf >/dev/null; then
-            yum install -y dnf >/dev/null
-        fi
-        if ! command -v curl >/dev/null; then
-            dnf install -y curl >/dev/null
-        fi
-        dnf install -y wget git jq openssl >/dev/null
-    fi
-    ;;
-sles | opensuse-leap | opensuse-tumbleweed)
-    zypper refresh >/dev/null
-    zypper install -y curl wget git jq openssl >/dev/null
-    ;;
-*)
-    echo "This script only supports Debian, Redhat, Arch Linux, or SLES based operating systems for now."
-    exit
-    ;;
-esac
-
-echo -e "2. Check OpenSSH server configuration. "
-
-# Detect OpenSSH server
-SSH_DETECTED=false
-if [ -x "$(command -v systemctl)" ]; then
-    if systemctl status sshd >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    elif systemctl status ssh >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    fi
-elif [ -x "$(command -v service)" ]; then
-    if service sshd status >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    elif service ssh status >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    fi
-fi
-
-if [ "$SSH_DETECTED" = "false" ]; then
-    echo " - OpenSSH server not detected. Installing OpenSSH server."
-    case "$OS_TYPE" in
-    arch)
-        pacman -Sy --noconfirm openssh >/dev/null
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    alpine)
-        apk add openssh >/dev/null
-        rc-update add sshd default >/dev/null 2>&1
-        service sshd start >/dev/null 2>&1
-        ;;
-    ubuntu | debian | raspbian)
-        apt-get update -y >/dev/null
-        apt-get install -y openssh-server >/dev/null
-        systemctl enable ssh >/dev/null 2>&1
-        systemctl start ssh >/dev/null 2>&1
-        ;;
-    centos | fedora | rhel | ol | rocky | almalinux | amzn)
-        if [ "$OS_TYPE" = "amzn" ]; then
-            dnf install -y openssh-server >/dev/null
-        else
-            dnf install -y openssh-server >/dev/null
-        fi
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    sles | opensuse-leap | opensuse-tumbleweed)
-        zypper install -y openssh >/dev/null
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    *)
-        echo "###############################################################################"
-        echo "WARNING: Could not detect and install OpenSSH server - this does not mean that it is not installed or not running, just that we could not detect it."
-        echo -e "Please make sure it is installed and running, otherwise Coolify cannot connect to the host system. \n"
-        echo "###############################################################################"
-        exit 1
-        ;;
-    esac
-    echo " - OpenSSH server installed successfully."
-    SSH_DETECTED=true
-fi
-
-# Detect SSH PermitRootLogin
-SSH_PERMIT_ROOT_LOGIN=$(sshd -T | grep -i "permitrootlogin" | awk '{print $2}') || true
-if [ "$SSH_PERMIT_ROOT_LOGIN" = "yes" ] || [ "$SSH_PERMIT_ROOT_LOGIN" = "without-password" ] || [ "$SSH_PERMIT_ROOT_LOGIN" = "prohibit-password" ]; then
-    echo " - SSH PermitRootLogin is enabled."
-else
-    echo " - SSH PermitRootLogin is disabled."
-    echo "   If you have problems with SSH, please read this: https://coolify.io/docs/knowledge-base/server/openssh"
-fi
-
-# Detect if docker is installed via snap
-if [ -x "$(command -v snap)" ]; then
-    SNAP_DOCKER_INSTALLED=$(snap list docker >/dev/null 2>&1 && echo "true" || echo "false")
-    if [ "$SNAP_DOCKER_INSTALLED" = "true" ]; then
-        echo " - Docker is installed via snap."
-        echo "   Please note that Coolify does not support Docker installed via snap."
-        echo "   Please remove Docker with snap (snap remove docker) and reexecute this script."
-        exit 1
-    fi
-fi
-
-echo -e "3. Check Docker Installation. "
-if ! [ -x "$(command -v docker)" ]; then
-    echo " - Docker is not installed. Installing Docker. It may take a while."
-    getAJoke
-    case "$OS_TYPE" in
-    "almalinux")
-        dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo >/dev/null 2>&1
-        dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Docker could not be installed automatically. Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-            exit 1
-        fi
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        ;;
-    "alpine")
-        apk add docker docker-cli-compose >/dev/null 2>&1
-        rc-update add docker default >/dev/null 2>&1
-        service docker start >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with apk. Try to install it manually."
-            echo "   Please visit https://wiki.alpinelinux.org/wiki/Docker for more information."
-            exit 1
-        fi
-        ;;
-    "arch")
-        pacman -Sy docker docker-compose --noconfirm >/dev/null 2>&1
-        systemctl enable docker.service >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with pacman. Try to install it manually."
-            echo "   Please visit https://wiki.archlinux.org/title/docker for more information."
-            exit 1
-        fi
-        ;;
-    "amzn")
-        dnf install docker -y >/dev/null 2>&1
-        DOCKER_CONFIG=${DOCKER_CONFIG:-/usr/local/lib/docker}
-        mkdir -p $DOCKER_CONFIG/cli-plugins >/dev/null 2>&1
-        curl -sL https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o $DOCKER_CONFIG/cli-plugins/docker-compose >/dev/null 2>&1
-        chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose >/dev/null 2>&1
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with dnf. Try to install it manually."
-            echo "   Please visit https://www.cyberciti.biz/faq/how-to-install-docker-on-amazon-linux-2/ for more information."
-            exit 1
-        fi
-        ;;
-    "fedora")
-        if [ -x "$(command -v dnf5)" ]; then
-            # dnf5 is available
-            dnf config-manager addrepo --from-repofile=https://download.docker.com/linux/fedora/docker-ce.repo --overwrite >/dev/null 2>&1
-        else
-            # dnf5 is not available, use dnf
-            dnf config-manager --add-repo=https://download.docker.com/linux/fedora/docker-ce.repo >/dev/null 2>&1
-        fi
-        dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Docker could not be installed automatically. Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-            exit 1
-        fi
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        ;;
-    *)
-        if [ "$OS_TYPE" = "ubuntu" ] && [ "$OS_VERSION" = "24.10" ]; then
-            echo "Docker automated installation is not supported on Ubuntu 24.10 (non-LTS release)."
-            echo "Please install Docker manually."
-            exit 1
-        fi
-        curl -s https://releases.rancher.com/install-docker/${DOCKER_VERSION}.sh | sh 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            curl -s https://get.docker.com | sh -s -- --version ${DOCKER_VERSION} 2>&1
-            if ! [ -x "$(command -v docker)" ]; then
-                echo " - Docker installation failed."
-                echo "   Maybe your OS is not supported?"
-                echo " - Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-                exit 1
-            fi
-        fi
-        ;;
-    esac
-    echo " - Docker installed successfully."
-else
-    echo " - Docker is installed."
-fi
-
-echo -e "4. Check Docker Configuration. "
-mkdir -p /etc/docker
-# shellcheck disable=SC2015
-test -s /etc/docker/daemon.json && cp /etc/docker/daemon.json /etc/docker/daemon.json.original-"$DATE" || cat >/etc/docker/daemon.json <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  },
-  "default-address-pools": [
-    {"base":"10.0.0.0/8","size":24}
-  ]
-}
-EOL
-cat >/etc/docker/daemon.json.coolify <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  },
-  "default-address-pools": [
-    {"base":"10.0.0.0/8","size":24}
-  ]
-}
-EOL
-TEMP_FILE=$(mktemp)
-if ! jq -s '.[0] * .[1]' /etc/docker/daemon.json /etc/docker/daemon.json.coolify >"$TEMP_FILE"; then
-    echo "Error merging JSON files"
-    exit 1
-fi
-mv "$TEMP_FILE" /etc/docker/daemon.json
-
-restart_docker_service() {
-    # Check if systemctl is available
-    if command -v systemctl >/dev/null 2>&1; then
-        echo " - Using systemctl to restart Docker."
-        systemctl restart docker
-
-        if [ $? -eq 0 ]; then
-            echo " - Docker restarted successfully using systemctl."
-        else
-            echo " - Failed to restart Docker using systemctl."
-            return 1
-        fi
-
-    # Check if service command is available
-    elif command -v service >/dev/null 2>&1; then
-        echo " - Using service command to restart Docker."
-        service docker restart
-
-        if [ $? -eq 0 ]; then
-            echo " - Docker restarted successfully using service."
-        else
-            echo " - Failed to restart Docker using service."
-            return 1
-        fi
-
-    # If neither systemctl nor service is available
-    else
-        echo " - Neither systemctl nor service command is available on this system."
-        return 1
-    fi
-}
-
-if [ -s /etc/docker/daemon.json.original-"$DATE" ]; then
-    DIFF=$(diff <(jq --sort-keys . /etc/docker/daemon.json) <(jq --sort-keys . /etc/docker/daemon.json.original-"$DATE"))
-    if [ "$DIFF" != "" ]; then
-        echo " - Docker configuration updated, restart docker daemon..."
-        restart_docker_service
-    else
-        echo " - Docker configuration is up to date."
-    fi
-else
-    echo " - Docker configuration updated, restart docker daemon..."
-    restart_docker_service
-fi
-
-echo -e "5. Download required files from CDN. "
-curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml
-curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml
-curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
-curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
-
-echo -e "6. Make backup of .env to .env-$DATE"
-
-# Copy .env.example if .env does not exist
-if [ -f $ENV_FILE ]; then
-    cp $ENV_FILE $ENV_FILE-$DATE
-else
-    echo " - File does not exist: $ENV_FILE"
-    echo " - Copying .env.production to .env-$DATE"
-    cp /data/coolify/source/.env.production $ENV_FILE-$DATE
-    # Generate a secure APP_ID and APP_KEY
-    sed -i "s|^APP_ID=.*|APP_ID=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^APP_KEY=.*|APP_KEY=base64:$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Postgres DB username and password
-    # Causes issues: database "random-user" does not exist
-    # sed -i "s|^DB_USERNAME=.*|DB_USERNAME=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^DB_PASSWORD=.*|DB_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Redis password
-    sed -i "s|^REDIS_PASSWORD=.*|REDIS_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate secure Pusher credentials
-    sed -i "s|^PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-fi
-
-# Add default root user credentials from environment variables
-if [ -n "$ROOT_USERNAME" ] && [ -n "$ROOT_USER_EMAIL" ] && [ -n "$ROOT_USER_PASSWORD" ]; then
-    if grep -q "^ROOT_USERNAME=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USERNAME=.*|ROOT_USERNAME=$ROOT_USERNAME|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_EMAIL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_EMAIL=.*|ROOT_USER_EMAIL=$ROOT_USER_EMAIL|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_PASSWORD=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_PASSWORD=.*|ROOT_USER_PASSWORD=$ROOT_USER_PASSWORD|" "$ENV_FILE-$DATE"
-    fi
-fi
-
-# Merge .env and .env.production. New values will be added to .env
-echo -e "7. Propagating .env with new values - if necessary."
-awk -F '=' '!seen[$1]++' "$ENV_FILE-$DATE" /data/coolify/source/.env.production >$ENV_FILE
-
-if [ "$AUTOUPDATE" = "false" ]; then
-    if ! grep -q "AUTOUPDATE=" /data/coolify/source/.env; then
-        echo "AUTOUPDATE=false" >>/data/coolify/source/.env
-    else
-        sed -i "s|AUTOUPDATE=.*|AUTOUPDATE=false|g" /data/coolify/source/.env
-    fi
-fi
-echo -e "8. Checking for SSH key for localhost access."
-if [ ! -f ~/.ssh/authorized_keys ]; then
-    mkdir -p ~/.ssh
-    chmod 700 ~/.ssh
-    touch ~/.ssh/authorized_keys
-    chmod 600 ~/.ssh/authorized_keys
-fi
-
-set +e
-IS_COOLIFY_VOLUME_EXISTS=$(docker volume ls | grep coolify-db | wc -l)
-set -e
-
-if [ "$IS_COOLIFY_VOLUME_EXISTS" -eq 0 ]; then
-    echo " - Generating SSH key."
-    ssh-keygen -t ed25519 -a 100 -f /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal -q -N "" -C coolify
-    chown 9999 /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal
-    sed -i "/coolify/d" ~/.ssh/authorized_keys
-    cat /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal.pub >>~/.ssh/authorized_keys
-    rm -f /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal.pub
-fi
-
-chown -R 9999:root /data/coolify
-chmod -R 700 /data/coolify
-
-echo -e "9. Installing Coolify ($LATEST_VERSION)"
-echo -e " - It could take a while based on your server's performance, network speed, stars, etc."
-echo -e " - Please wait."
-getAJoke
-
-bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}"
-echo " - Coolify installed successfully."
-rm -f $ENV_FILE-$DATE
-
-echo " - Waiting for 20 seconds for Coolify (database migrations) to be ready."
-getAJoke
-
-sleep 20
-echo -e "\033[0;35m
-   ____                            _         _       _   _                 _
-  / ___|___  _ __   __ _ _ __ __ _| |_ _   _| | __ _| |_(_) ___  _ __  ___| |
- | |   / _ \| '_ \ / _\` | '__/ _\` | __| | | | |/ _\` | __| |/ _ \| '_ \/ __| |
- | |__| (_) | | | | (_| | | | (_| | |_| |_| | | (_| | |_| | (_) | | | \__ \_|
-  \____\___/|_| |_|\__, |_|  \__,_|\__|\__,_|_|\__,_|\__|_|\___/|_| |_|___(_)
-                   |___/
-\033[0m"
-echo -e "\nYour instance is ready to use!\n"
-echo -e "You can access Coolify through your Public IP: http://$(curl -4s https://ifconfig.io):8000"
-
-set +e
-DEFAULT_PRIVATE_IP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
-PRIVATE_IPS=$(hostname -I 2>/dev/null || ip -o addr show scope global | awk '{print $4}' | cut -d/ -f1)
-set -e
-
-if [ -n "$PRIVATE_IPS" ]; then
-    echo -e "\nIf your Public IP is not accessible, you can use the following Private IPs:\n"
-    for IP in $PRIVATE_IPS; do
-        if [ "$IP" != "$DEFAULT_PRIVATE_IP" ]; then
-            echo -e "http://$IP:8000"
-        fi
-    done
-fi
-echo -e "\nWARNING: It is highly recommended to backup your Environment variables file (/data/coolify/source/.env) to a safe location, outside of this server (e.g. into a Password Manager).\n"
-cp /data/coolify/source/.env /data/coolify/source/.env.backup
diff --git a/scripts/install-1.7.sh b/scripts/install-1.7.sh
deleted file mode 100755
index 282ecc669..000000000
--- a/scripts/install-1.7.sh
+++ /dev/null
@@ -1,789 +0,0 @@
-#!/bin/bash
-## Do not modify this file. You will lose the ability to install and auto-update!
-
-## Environment variables that can be set:
-## ROOT_USERNAME - Predefined root username
-## ROOT_USER_EMAIL - Predefined root user email
-## ROOT_USER_PASSWORD - Predefined root user password
-## DOCKER_ADDRESS_POOL_BASE - Custom Docker address pool base (default: 10.0.0.0/8)
-## DOCKER_ADDRESS_POOL_SIZE - Custom Docker address pool size (default: 24)
-## DOCKER_POOL_FORCE_OVERRIDE - Force override Docker address pool configuration (default: false)
-## AUTOUPDATE - Set to "false" to disable auto-updates
-
-set -e # Exit immediately if a command exits with a non-zero status
-## $1 could be empty, so we need to disable this check
-#set -u # Treat unset variables as an error and exit
-set -o pipefail # Cause a pipeline to return the status of the last command that exited with a non-zero status
-CDN="https://cdn.coollabs.io/coolify"
-DATE=$(date +"%Y%m%d-%H%M%S")
-
-VERSION="1.7"
-DOCKER_VERSION="27.0"
-# TODO: Ask for a user
-CURRENT_USER=$USER
-
-if [ $EUID != 0 ]; then
-    echo "Please run this script as root or with sudo"
-    exit
-fi
-
-echo -e "Welcome to Coolify Installer!"
-echo -e "This script will install everything for you. Sit back and relax."
-echo -e "Source code: https://github.com/coollabsio/coolify/blob/main/scripts/install.sh\n"
-
-# Predefined root user
-ROOT_USERNAME=${ROOT_USERNAME:-}
-ROOT_USER_EMAIL=${ROOT_USER_EMAIL:-}
-ROOT_USER_PASSWORD=${ROOT_USER_PASSWORD:-}
-
-# Docker address pool configuration defaults
-DOCKER_ADDRESS_POOL_BASE_DEFAULT="10.0.0.0/8"
-DOCKER_ADDRESS_POOL_SIZE_DEFAULT=24
-
-# Check if environment variables were explicitly provided
-DOCKER_POOL_BASE_PROVIDED=false
-DOCKER_POOL_SIZE_PROVIDED=false
-DOCKER_POOL_FORCE_OVERRIDE=${DOCKER_POOL_FORCE_OVERRIDE:-false}
-
-if [ -n "${DOCKER_ADDRESS_POOL_BASE+x}" ]; then
-    DOCKER_POOL_BASE_PROVIDED=true
-fi
-
-if [ -n "${DOCKER_ADDRESS_POOL_SIZE+x}" ]; then
-    DOCKER_POOL_SIZE_PROVIDED=true
-fi
-
-restart_docker_service() {
-    # Check if systemctl is available
-    if command -v systemctl >/dev/null 2>&1; then
-        systemctl restart docker
-        if [ $? -eq 0 ]; then
-            echo " - Docker daemon restarted successfully"
-        else
-            echo " - Failed to restart Docker daemon"
-            return 1
-        fi
-    # Check if service command is available
-    elif command -v service >/dev/null 2>&1; then
-        service docker restart
-        if [ $? -eq 0 ]; then
-            echo " - Docker daemon restarted successfully"
-        else
-            echo " - Failed to restart Docker daemon"
-            return 1
-        fi
-    # If neither systemctl nor service is available
-    else
-        echo " - Error: No service management system found"
-        return 1
-    fi
-}
-
-# Function to compare address pools
-compare_address_pools() {
-    local base1="$1"
-    local size1="$2"
-    local base2="$3"
-    local size2="$4"
-
-    # Normalize CIDR notation for comparison
-    local ip1=$(echo "$base1" | cut -d'/' -f1)
-    local prefix1=$(echo "$base1" | cut -d'/' -f2)
-    local ip2=$(echo "$base2" | cut -d'/' -f1)
-    local prefix2=$(echo "$base2" | cut -d'/' -f2)
-
-    # Compare IPs and prefixes
-    if [ "$ip1" = "$ip2" ] && [ "$prefix1" = "$prefix2" ] && [ "$size1" = "$size2" ]; then
-        return 0 # Pools are the same
-    else
-        return 1 # Pools are different
-    fi
-}
-
-# Docker address pool configuration
-DOCKER_ADDRESS_POOL_BASE=${DOCKER_ADDRESS_POOL_BASE:-"$DOCKER_ADDRESS_POOL_BASE_DEFAULT"}
-DOCKER_ADDRESS_POOL_SIZE=${DOCKER_ADDRESS_POOL_SIZE:-$DOCKER_ADDRESS_POOL_SIZE_DEFAULT}
-
-# Load Docker address pool configuration from .env file if it exists and environment variables were not provided
-if [ -f "/data/coolify/source/.env" ] && [ "$DOCKER_POOL_BASE_PROVIDED" = false ] && [ "$DOCKER_POOL_SIZE_PROVIDED" = false ]; then
-    ENV_DOCKER_ADDRESS_POOL_BASE=$(grep -E "^DOCKER_ADDRESS_POOL_BASE=" /data/coolify/source/.env | cut -d '=' -f2)
-    ENV_DOCKER_ADDRESS_POOL_SIZE=$(grep -E "^DOCKER_ADDRESS_POOL_SIZE=" /data/coolify/source/.env | cut -d '=' -f2)
-
-    if [ -n "$ENV_DOCKER_ADDRESS_POOL_BASE" ]; then
-        DOCKER_ADDRESS_POOL_BASE="$ENV_DOCKER_ADDRESS_POOL_BASE"
-    fi
-
-    if [ -n "$ENV_DOCKER_ADDRESS_POOL_SIZE" ]; then
-        DOCKER_ADDRESS_POOL_SIZE="$ENV_DOCKER_ADDRESS_POOL_SIZE"
-    fi
-fi
-
-# Check if daemon.json exists and extract existing address pool configuration
-EXISTING_POOL_CONFIGURED=false
-if [ -f /etc/docker/daemon.json ]; then
-    if jq -e '.["default-address-pools"]' /etc/docker/daemon.json >/dev/null 2>&1; then
-        EXISTING_POOL_BASE=$(jq -r '.["default-address-pools"][0].base' /etc/docker/daemon.json 2>/dev/null)
-        EXISTING_POOL_SIZE=$(jq -r '.["default-address-pools"][0].size' /etc/docker/daemon.json 2>/dev/null)
-
-        if [ -n "$EXISTING_POOL_BASE" ] && [ -n "$EXISTING_POOL_SIZE" ] && [ "$EXISTING_POOL_BASE" != "null" ] && [ "$EXISTING_POOL_SIZE" != "null" ]; then
-            echo "Found existing Docker network pool: $EXISTING_POOL_BASE/$EXISTING_POOL_SIZE"
-            EXISTING_POOL_CONFIGURED=true
-
-            # Check if environment variables were explicitly provided
-            if [ "$DOCKER_POOL_BASE_PROVIDED" = false ] && [ "$DOCKER_POOL_SIZE_PROVIDED" = false ]; then
-                DOCKER_ADDRESS_POOL_BASE="$EXISTING_POOL_BASE"
-                DOCKER_ADDRESS_POOL_SIZE="$EXISTING_POOL_SIZE"
-            else
-                # Check if force override is enabled
-                if [ "$DOCKER_POOL_FORCE_OVERRIDE" = true ]; then
-                    echo "Force override enabled - network pool will be updated with $DOCKER_ADDRESS_POOL_BASE/$DOCKER_ADDRESS_POOL_SIZE."
-                else
-                    echo "Custom pool provided but force override not enabled - using existing configuration."
-                    echo "To force override, set DOCKER_POOL_FORCE_OVERRIDE=true"
-                    echo "This won't change the existing docker networks, only the pool configuration for the newly created networks."
-                    DOCKER_ADDRESS_POOL_BASE="$EXISTING_POOL_BASE"
-                    DOCKER_ADDRESS_POOL_SIZE="$EXISTING_POOL_SIZE"
-                    DOCKER_POOL_BASE_PROVIDED=false
-                    DOCKER_POOL_SIZE_PROVIDED=false
-                fi
-            fi
-        fi
-    fi
-fi
-
-# Validate Docker address pool configuration
-if ! [[ $DOCKER_ADDRESS_POOL_BASE =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/[0-9]+$ ]]; then
-    echo "Warning: Invalid network pool base format: $DOCKER_ADDRESS_POOL_BASE"
-    if [ "$EXISTING_POOL_CONFIGURED" = true ]; then
-        echo "Using existing configuration: $EXISTING_POOL_BASE"
-        DOCKER_ADDRESS_POOL_BASE="$EXISTING_POOL_BASE"
-    else
-        echo "Using default configuration: $DOCKER_ADDRESS_POOL_BASE_DEFAULT"
-        DOCKER_ADDRESS_POOL_BASE="$DOCKER_ADDRESS_POOL_BASE_DEFAULT"
-    fi
-fi
-
-if ! [[ $DOCKER_ADDRESS_POOL_SIZE =~ ^[0-9]+$ ]] || [ "$DOCKER_ADDRESS_POOL_SIZE" -lt 16 ] || [ "$DOCKER_ADDRESS_POOL_SIZE" -gt 28 ]; then
-    echo "Warning: Invalid network pool size: $DOCKER_ADDRESS_POOL_SIZE (must be 16-28)"
-    if [ "$EXISTING_POOL_CONFIGURED" = true ]; then
-        echo "Using existing configuration: $EXISTING_POOL_SIZE"
-        DOCKER_ADDRESS_POOL_SIZE="$EXISTING_POOL_SIZE"
-    else
-        echo "Using default configuration: $DOCKER_ADDRESS_POOL_SIZE_DEFAULT"
-        DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE_DEFAULT
-    fi
-fi
-
-TOTAL_SPACE=$(df -BG / | awk 'NR==2 {print $2}' | sed 's/G//')
-AVAILABLE_SPACE=$(df -BG / | awk 'NR==2 {print $4}' | sed 's/G//')
-REQUIRED_TOTAL_SPACE=30
-REQUIRED_AVAILABLE_SPACE=20
-WARNING_SPACE=false
-
-if [ "$TOTAL_SPACE" -lt "$REQUIRED_TOTAL_SPACE" ]; then
-    WARNING_SPACE=true
-    cat <<EOF
-WARNING: Insufficient total disk space!
-
-Total disk space:     ${TOTAL_SPACE}GB
-Required disk space:  ${REQUIRED_TOTAL_SPACE}GB
-
-==================
-EOF
-fi
-
-if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_AVAILABLE_SPACE" ]; then
-    cat <<EOF
-WARNING: Insufficient available disk space!
-
-Available disk space:   ${AVAILABLE_SPACE}GB
-Required available space: ${REQUIRED_AVAILABLE_SPACE}GB
-
-==================
-EOF
-    WARNING_SPACE=true
-fi
-
-if [ "$WARNING_SPACE" = true ]; then
-    echo "Sleeping for 5 seconds."
-    sleep 5
-fi
-
-mkdir -p /data/coolify/{source,ssh,applications,databases,backups,services,proxy,webhooks-during-maintenance,sentinel}
-mkdir -p /data/coolify/ssh/{keys,mux}
-mkdir -p /data/coolify/proxy/dynamic
-
-chown -R 9999:root /data/coolify
-chmod -R 700 /data/coolify
-
-INSTALLATION_LOG_WITH_DATE="/data/coolify/source/installation-${DATE}.log"
-
-exec > >(tee -a $INSTALLATION_LOG_WITH_DATE) 2>&1
-
-getAJoke() {
-    JOKES=$(curl -s --max-time 2 "https://v2.jokeapi.dev/joke/Programming?blacklistFlags=nsfw,religious,political,racist,sexist,explicit&format=txt&type=single" || true)
-    if [ "$JOKES" != "" ]; then
-        echo -e " - Until then, here's a joke for you:\n"
-        echo -e "$JOKES\n"
-    fi
-}
-OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
-ENV_FILE="/data/coolify/source/.env"
-
-# Check if the OS is manjaro, if so, change it to arch
-if [ "$OS_TYPE" = "manjaro" ] || [ "$OS_TYPE" = "manjaro-arm" ]; then
-    OS_TYPE="arch"
-fi
-
-# Check if the OS is Endeavour OS, if so, change it to arch
-if [ "$OS_TYPE" = "endeavouros" ]; then
-    OS_TYPE="arch"
-fi
-
-# Check if the OS is Asahi Linux, if so, change it to fedora
-if [ "$OS_TYPE" = "fedora-asahi-remix" ]; then
-    OS_TYPE="fedora"
-fi
-
-# Check if the OS is popOS, if so, change it to ubuntu
-if [ "$OS_TYPE" = "pop" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-# Check if the OS is linuxmint, if so, change it to ubuntu
-if [ "$OS_TYPE" = "linuxmint" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-#Check if the OS is zorin, if so, change it to ubuntu
-if [ "$OS_TYPE" = "zorin" ]; then
-    OS_TYPE="ubuntu"
-fi
-
-if [ "$OS_TYPE" = "arch" ] || [ "$OS_TYPE" = "archarm" ]; then
-    OS_VERSION="rolling"
-else
-    OS_VERSION=$(grep -w "VERSION_ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
-fi
-
-# Install xargs on Amazon Linux 2023 - lol
-if [ "$OS_TYPE" = 'amzn' ]; then
-    dnf install -y findutils >/dev/null
-fi
-
-LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',')
-LATEST_HELPER_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',')
-LATEST_REALTIME_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',')
-
-if [ -z "$LATEST_HELPER_VERSION" ]; then
-    LATEST_HELPER_VERSION=latest
-fi
-
-if [ -z "$LATEST_REALTIME_VERSION" ]; then
-    LATEST_REALTIME_VERSION=latest
-fi
-
-case "$OS_TYPE" in
-arch | ubuntu | debian | raspbian | centos | fedora | rhel | ol | rocky | sles | opensuse-leap | opensuse-tumbleweed | almalinux | amzn | alpine) ;;
-*)
-    echo "This script only supports Debian, Redhat, Arch Linux, Alpine Linux, or SLES based operating systems for now."
-    exit
-    ;;
-esac
-
-# Overwrite LATEST_VERSION if user pass a version number
-if [ "$1" != "" ]; then
-    LATEST_VERSION=$1
-    LATEST_VERSION="${LATEST_VERSION,,}"
-    LATEST_VERSION="${LATEST_VERSION#v}"
-fi
-
-echo -e "---------------------------------------------"
-echo "| Operating System  | $OS_TYPE $OS_VERSION"
-echo "| Docker            | $DOCKER_VERSION"
-echo "| Coolify           | $LATEST_VERSION"
-echo "| Helper            | $LATEST_HELPER_VERSION"
-echo "| Realtime          | $LATEST_REALTIME_VERSION"
-echo "| Docker Pool       | $DOCKER_ADDRESS_POOL_BASE (size $DOCKER_ADDRESS_POOL_SIZE)"
-echo -e "---------------------------------------------\n"
-echo -e "1. Installing required packages (curl, wget, git, jq, openssl). "
-
-case "$OS_TYPE" in
-arch)
-    pacman -Sy --noconfirm --needed curl wget git jq openssl >/dev/null || true
-    ;;
-alpine)
-    sed -i '/^#.*\/community/s/^#//' /etc/apk/repositories
-    apk update >/dev/null
-    apk add curl wget git jq openssl >/dev/null
-    ;;
-ubuntu | debian | raspbian)
-    apt-get update -y >/dev/null
-    apt-get install -y curl wget git jq openssl >/dev/null
-    ;;
-centos | fedora | rhel | ol | rocky | almalinux | amzn)
-    if [ "$OS_TYPE" = "amzn" ]; then
-        dnf install -y wget git jq openssl >/dev/null
-    else
-        if ! command -v dnf >/dev/null; then
-            yum install -y dnf >/dev/null
-        fi
-        if ! command -v curl >/dev/null; then
-            dnf install -y curl >/dev/null
-        fi
-        dnf install -y wget git jq openssl >/dev/null
-    fi
-    ;;
-sles | opensuse-leap | opensuse-tumbleweed)
-    zypper refresh >/dev/null
-    zypper install -y curl wget git jq openssl >/dev/null
-    ;;
-*)
-    echo "This script only supports Debian, Redhat, Arch Linux, or SLES based operating systems for now."
-    exit
-    ;;
-esac
-
-echo -e "2. Check OpenSSH server configuration. "
-
-# Detect OpenSSH server
-SSH_DETECTED=false
-if [ -x "$(command -v systemctl)" ]; then
-    if systemctl status sshd >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    elif systemctl status ssh >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    fi
-elif [ -x "$(command -v service)" ]; then
-    if service sshd status >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    elif service ssh status >/dev/null 2>&1; then
-        echo " - OpenSSH server is installed."
-        SSH_DETECTED=true
-    fi
-fi
-
-if [ "$SSH_DETECTED" = "false" ]; then
-    echo " - OpenSSH server not detected. Installing OpenSSH server."
-    case "$OS_TYPE" in
-    arch)
-        pacman -Sy --noconfirm openssh >/dev/null
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    alpine)
-        apk add openssh >/dev/null
-        rc-update add sshd default >/dev/null 2>&1
-        service sshd start >/dev/null 2>&1
-        ;;
-    ubuntu | debian | raspbian)
-        apt-get update -y >/dev/null
-        apt-get install -y openssh-server >/dev/null
-        systemctl enable ssh >/dev/null 2>&1
-        systemctl start ssh >/dev/null 2>&1
-        ;;
-    centos | fedora | rhel | ol | rocky | almalinux | amzn)
-        if [ "$OS_TYPE" = "amzn" ]; then
-            dnf install -y openssh-server >/dev/null
-        else
-            dnf install -y openssh-server >/dev/null
-        fi
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    sles | opensuse-leap | opensuse-tumbleweed)
-        zypper install -y openssh >/dev/null
-        systemctl enable sshd >/dev/null 2>&1
-        systemctl start sshd >/dev/null 2>&1
-        ;;
-    *)
-        echo "###############################################################################"
-        echo "WARNING: Could not detect and install OpenSSH server - this does not mean that it is not installed or not running, just that we could not detect it."
-        echo -e "Please make sure it is installed and running, otherwise Coolify cannot connect to the host system. \n"
-        echo "###############################################################################"
-        exit 1
-        ;;
-    esac
-    echo " - OpenSSH server installed successfully."
-    SSH_DETECTED=true
-fi
-
-# Detect SSH PermitRootLogin
-SSH_PERMIT_ROOT_LOGIN=$(sshd -T | grep -i "permitrootlogin" | awk '{print $2}') || true
-if [ "$SSH_PERMIT_ROOT_LOGIN" = "yes" ] || [ "$SSH_PERMIT_ROOT_LOGIN" = "without-password" ] || [ "$SSH_PERMIT_ROOT_LOGIN" = "prohibit-password" ]; then
-    echo " - SSH PermitRootLogin is enabled."
-else
-    echo " - SSH PermitRootLogin is disabled."
-    echo "   If you have problems with SSH, please read this: https://coolify.io/docs/knowledge-base/server/openssh"
-fi
-
-# Detect if docker is installed via snap
-if [ -x "$(command -v snap)" ]; then
-    SNAP_DOCKER_INSTALLED=$(snap list docker >/dev/null 2>&1 && echo "true" || echo "false")
-    if [ "$SNAP_DOCKER_INSTALLED" = "true" ]; then
-        echo " - Docker is installed via snap."
-        echo "   Please note that Coolify does not support Docker installed via snap."
-        echo "   Please remove Docker with snap (snap remove docker) and reexecute this script."
-        exit 1
-    fi
-fi
-
-echo -e "3. Check Docker Installation. "
-if ! [ -x "$(command -v docker)" ]; then
-    echo " - Docker is not installed. Installing Docker. It may take a while."
-    getAJoke
-    case "$OS_TYPE" in
-    "almalinux")
-        dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo >/dev/null 2>&1
-        dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Docker could not be installed automatically. Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-            exit 1
-        fi
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        ;;
-    "alpine")
-        apk add docker docker-cli-compose >/dev/null 2>&1
-        rc-update add docker default >/dev/null 2>&1
-        service docker start >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with apk. Try to install it manually."
-            echo "   Please visit https://wiki.alpinelinux.org/wiki/Docker for more information."
-            exit 1
-        fi
-        ;;
-    "arch")
-        pacman -Sy docker docker-compose --noconfirm >/dev/null 2>&1
-        systemctl enable docker.service >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with pacman. Try to install it manually."
-            echo "   Please visit https://wiki.archlinux.org/title/docker for more information."
-            exit 1
-        fi
-        ;;
-    "amzn")
-        dnf install docker -y >/dev/null 2>&1
-        DOCKER_CONFIG=${DOCKER_CONFIG:-/usr/local/lib/docker}
-        mkdir -p $DOCKER_CONFIG/cli-plugins >/dev/null 2>&1
-        curl -sL https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o $DOCKER_CONFIG/cli-plugins/docker-compose >/dev/null 2>&1
-        chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose >/dev/null 2>&1
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Failed to install Docker with dnf. Try to install it manually."
-            echo "   Please visit https://www.cyberciti.biz/faq/how-to-install-docker-on-amazon-linux-2/ for more information."
-            exit 1
-        fi
-        ;;
-    "centos" | "fedora" | "rhel")
-        if [ -x "$(command -v dnf5)" ]; then
-            # dnf5 is available
-            dnf config-manager addrepo --from-repofile=https://download.docker.com/linux/$OS_TYPE/docker-ce.repo --overwrite >/dev/null 2>&1
-        else
-            # dnf5 is not available, use dnf
-            dnf config-manager --add-repo=https://download.docker.com/linux/$OS_TYPE/docker-ce.repo >/dev/null 2>&1
-        fi
-        dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin >/dev/null 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            echo " - Docker could not be installed automatically. Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-            exit 1
-        fi
-        systemctl start docker >/dev/null 2>&1
-        systemctl enable docker >/dev/null 2>&1
-        ;;
-    *)
-        if [ "$OS_TYPE" = "ubuntu" ] && [ "$OS_VERSION" = "24.10" ]; then
-            echo "Docker automated installation is not supported on Ubuntu 24.10 (non-LTS release)."
-            echo "Please install Docker manually."
-            exit 1
-        fi
-        curl -s https://releases.rancher.com/install-docker/${DOCKER_VERSION}.sh | sh 2>&1
-        if ! [ -x "$(command -v docker)" ]; then
-            curl -s https://get.docker.com | sh -s -- --version ${DOCKER_VERSION} 2>&1
-            if ! [ -x "$(command -v docker)" ]; then
-                echo " - Docker installation failed."
-                echo "   Maybe your OS is not supported?"
-                echo " - Please visit https://docs.docker.com/engine/install/ and install Docker manually to continue."
-                exit 1
-            fi
-        fi
-        ;;
-    esac
-    echo " - Docker installed successfully."
-else
-    echo " - Docker is installed."
-fi
-
-echo -e "4. Check Docker Configuration. "
-
-echo " - Network pool configuration: ${DOCKER_ADDRESS_POOL_BASE}/${DOCKER_ADDRESS_POOL_SIZE}"
-echo " - To override existing configuration: DOCKER_POOL_FORCE_OVERRIDE=true"
-
-mkdir -p /etc/docker
-
-# Backup original daemon.json if it exists
-if [ -f /etc/docker/daemon.json ]; then
-    cp /etc/docker/daemon.json /etc/docker/daemon.json.original-"$DATE"
-fi
-
-# Create coolify configuration with or without address pools based on whether they were explicitly provided
-if [ "$DOCKER_POOL_FORCE_OVERRIDE" = true ] || [ "$EXISTING_POOL_CONFIGURED" = false ]; then
-    # First check if the configuration would actually change anything
-    if [ -f /etc/docker/daemon.json ]; then
-        CURRENT_POOL_BASE=$(jq -r '.["default-address-pools"][0].base' /etc/docker/daemon.json 2>/dev/null)
-        CURRENT_POOL_SIZE=$(jq -r '.["default-address-pools"][0].size' /etc/docker/daemon.json 2>/dev/null)
-
-        if [ "$CURRENT_POOL_BASE" = "$DOCKER_ADDRESS_POOL_BASE" ] && [ "$CURRENT_POOL_SIZE" = "$DOCKER_ADDRESS_POOL_SIZE" ]; then
-            echo " - Network pool configuration unchanged, skipping update"
-            NEED_MERGE=false
-        else
-            # If force override is enabled or no existing configuration exists,
-            # create a new configuration with the specified address pools
-            echo " - Creating new Docker configuration with network pool: ${DOCKER_ADDRESS_POOL_BASE}/${DOCKER_ADDRESS_POOL_SIZE}"
-            cat >/etc/docker/daemon.json <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  },
-  "default-address-pools": [
-    {"base":"${DOCKER_ADDRESS_POOL_BASE}","size":${DOCKER_ADDRESS_POOL_SIZE}}
-  ]
-}
-EOL
-            NEED_MERGE=true
-        fi
-    else
-        # No existing configuration, create new one
-        echo " - Creating new Docker configuration with network pool: ${DOCKER_ADDRESS_POOL_BASE}/${DOCKER_ADDRESS_POOL_SIZE}"
-        cat >/etc/docker/daemon.json <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  },
-  "default-address-pools": [
-    {"base":"${DOCKER_ADDRESS_POOL_BASE}","size":${DOCKER_ADDRESS_POOL_SIZE}}
-  ]
-}
-EOL
-        NEED_MERGE=true
-    fi
-else
-    # Check if we need to update log settings
-    if [ -f /etc/docker/daemon.json ] && jq -e '.["log-driver"] == "json-file" and .["log-opts"]["max-size"] == "10m" and .["log-opts"]["max-file"] == "3"' /etc/docker/daemon.json >/dev/null 2>&1; then
-        echo " - Log configuration is up to date"
-        NEED_MERGE=false
-    else
-        # Create a configuration without address pools to preserve existing ones
-        cat >/etc/docker/daemon.json.coolify <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  }
-}
-EOL
-        NEED_MERGE=true
-    fi
-fi
-
-# Remove the duplicate daemon.json creation since we handle it above
-if ! [ -f /etc/docker/daemon.json ]; then
-    # If no daemon.json exists, create it with default settings
-    cat >/etc/docker/daemon.json <<EOL
-{
-  "log-driver": "json-file",
-  "log-opts": {
-    "max-size": "10m",
-    "max-file": "3"
-  },
-  "default-address-pools": [
-    {"base":"${DOCKER_ADDRESS_POOL_BASE}","size":${DOCKER_ADDRESS_POOL_SIZE}}
-  ]
-}
-EOL
-    NEED_MERGE=false
-fi
-
-if [ -s /etc/docker/daemon.json.original-"$DATE" ]; then
-    DIFF=$(diff <(jq --sort-keys . /etc/docker/daemon.json) <(jq --sort-keys . /etc/docker/daemon.json.original-"$DATE") || true)
-    if [ "$DIFF" != "" ]; then
-        echo " - Checking configuration changes..."
-
-        # Check if address pools were changed
-        if echo "$DIFF" | grep -q "default-address-pools"; then
-            if [ "$DOCKER_POOL_BASE_PROVIDED" = true ] || [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
-                echo " - Network pool updated per user request"
-            else
-                echo " - Warning: Network pool modified without explicit request"
-            fi
-        fi
-
-        # Remove this redundant restart since we already restarted when writing the config
-        echo " - Configuration changes confirmed"
-        if [ "$NEED_MERGE" = true ]; then
-            echo " - Configuration updated - restarting Docker daemon..."
-            restart_docker_service
-        else
-            echo " - Configuration is up to date"
-        fi
-    else
-        echo " - Configuration is up to date"
-    fi
-else
-    if [ "$NEED_MERGE" = true ]; then
-        echo " - Configuration updated - restarting Docker daemon..."
-        restart_docker_service
-    else
-        echo " - Configuration is up to date"
-    fi
-fi
-
-echo -e "5. Download required files from CDN. "
-curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml
-curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml
-curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
-curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
-
-echo -e "6. Make backup of .env to .env-$DATE"
-
-# Copy .env.example if .env does not exist
-if [ -f $ENV_FILE ]; then
-    cp $ENV_FILE $ENV_FILE-$DATE
-else
-    echo " - File does not exist: $ENV_FILE"
-    echo " - Copying .env.production to .env-$DATE"
-    cp /data/coolify/source/.env.production $ENV_FILE-$DATE
-    # Generate a secure APP_ID and APP_KEY
-    sed -i "s|^APP_ID=.*|APP_ID=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^APP_KEY=.*|APP_KEY=base64:$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Postgres DB username and password
-    # Causes issues: database "random-user" does not exist
-    # sed -i "s|^DB_USERNAME=.*|DB_USERNAME=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^DB_PASSWORD=.*|DB_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Redis password
-    sed -i "s|^REDIS_PASSWORD=.*|REDIS_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate secure Pusher credentials
-    sed -i "s|^PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-fi
-
-# Add default root user credentials from environment variables
-if [ -n "$ROOT_USERNAME" ] && [ -n "$ROOT_USER_EMAIL" ] && [ -n "$ROOT_USER_PASSWORD" ]; then
-    if grep -q "^ROOT_USERNAME=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USERNAME=.*|ROOT_USERNAME=$ROOT_USERNAME|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_EMAIL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_EMAIL=.*|ROOT_USER_EMAIL=$ROOT_USER_EMAIL|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_PASSWORD=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_PASSWORD=.*|ROOT_USER_PASSWORD=$ROOT_USER_PASSWORD|" "$ENV_FILE-$DATE"
-    fi
-fi
-
-# Merge .env and .env.production. New values will be added to .env
-echo -e "7. Propagating .env with new values - if necessary."
-awk -F '=' '!seen[$1]++' "$ENV_FILE-$DATE" /data/coolify/source/.env.production >$ENV_FILE
-
-if [ "$AUTOUPDATE" = "false" ]; then
-    if ! grep -q "AUTOUPDATE=" /data/coolify/source/.env; then
-        echo "AUTOUPDATE=false" >>/data/coolify/source/.env
-    else
-        sed -i "s|AUTOUPDATE=.*|AUTOUPDATE=false|g" /data/coolify/source/.env
-    fi
-fi
-
-# Save Docker address pool configuration to .env file
-if ! grep -q "DOCKER_ADDRESS_POOL_BASE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE" >>/data/coolify/source/.env
-else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_BASE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_BASE=.*|DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE|g" /data/coolify/source/.env
-    fi
-fi
-
-if ! grep -q "DOCKER_ADDRESS_POOL_SIZE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE" >>/data/coolify/source/.env
-else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_SIZE=.*|DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE|g" /data/coolify/source/.env
-    fi
-fi
-
-echo -e "8. Checking for SSH key for localhost access."
-if [ ! -f ~/.ssh/authorized_keys ]; then
-    mkdir -p ~/.ssh
-    chmod 700 ~/.ssh
-    touch ~/.ssh/authorized_keys
-    chmod 600 ~/.ssh/authorized_keys
-fi
-
-set +e
-IS_COOLIFY_VOLUME_EXISTS=$(docker volume ls | grep coolify-db | wc -l)
-set -e
-
-if [ "$IS_COOLIFY_VOLUME_EXISTS" -eq 0 ]; then
-    echo " - Generating SSH key."
-    ssh-keygen -t ed25519 -a 100 -f /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal -q -N "" -C coolify
-    chown 9999 /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal
-    sed -i "/coolify/d" ~/.ssh/authorized_keys
-    cat /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal.pub >>~/.ssh/authorized_keys
-    rm -f /data/coolify/ssh/keys/id.$CURRENT_USER@host.docker.internal.pub
-fi
-
-chown -R 9999:root /data/coolify
-chmod -R 700 /data/coolify
-
-echo -e "9. Installing Coolify ($LATEST_VERSION)"
-echo -e " - It could take a while based on your server's performance, network speed, stars, etc."
-echo -e " - Please wait."
-getAJoke
-
-bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}"
-echo " - Coolify installed successfully."
-rm -f $ENV_FILE-$DATE
-
-echo " - Waiting for 20 seconds for Coolify (database migrations) to be ready."
-getAJoke
-
-sleep 20
-echo -e "\033[0;35m
-   ____                            _         _       _   _                 _
-  / ___|___  _ __   __ _ _ __ __ _| |_ _   _| | __ _| |_(_) ___  _ __  ___| |
- | |   / _ \| '_ \ / _\` | '__/ _\` | __| | | | |/ _\` | __| |/ _ \| '_ \/ __| |
- | |__| (_) | | | | (_| | | | (_| | |_| |_| | | (_| | |_| | (_) | | | \__ \_|
-  \____\___/|_| |_|\__, |_|  \__,_|\__|\__,_|_|\__,_|\__|_|\___/|_| |_|___(_)
-                   |___/
-\033[0m"
-echo -e "\nYour instance is ready to use!\n"
-echo -e "You can access Coolify through your Public IP: http://$(curl -4s https://ifconfig.io):8000"
-
-set +e
-DEFAULT_PRIVATE_IP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
-PRIVATE_IPS=$(hostname -I 2>/dev/null || ip -o addr show scope global | awk '{print $4}' | cut -d/ -f1)
-set -e
-
-if [ -n "$PRIVATE_IPS" ]; then
-    echo -e "\nIf your Public IP is not accessible, you can use the following Private IPs:\n"
-    for IP in $PRIVATE_IPS; do
-        if [ "$IP" != "$DEFAULT_PRIVATE_IP" ]; then
-            echo -e "http://$IP:8000"
-        fi
-    done
-fi
-echo -e "\nWARNING: It is highly recommended to backup your Environment variables file (/data/coolify/source/.env) to a safe location, outside of this server (e.g. into a Password Manager).\n"
-cp /data/coolify/source/.env /data/coolify/source/.env.backup

From 5b637c1de13d6aae8655a56bd2da17ac9479ff34 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Fri, 29 Aug 2025 15:26:28 +0200
Subject: [PATCH 014/129] refactor(installer): improve install script

- remove unused VERSION variable.
- fix the source code link of the install script.
- properly back up the `.env` file on each run of the install script.
- do not delete the backup .env file at the end of the install script.
- Add improved handling and more logging for updating environment variable values.
---
 scripts/install.sh | 126 +++++++++++++++++++++------------------------
 1 file changed, 60 insertions(+), 66 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 064fc7e4d..64913d599 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -20,7 +20,6 @@ DATE=$(date +"%Y%m%d-%H%M%S")
 
 OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
 ENV_FILE="/data/coolify/source/.env"
-VERSION="21"
 DOCKER_VERSION="27.0"
 # TODO: Ask for a user
 CURRENT_USER=$USER
@@ -32,7 +31,7 @@ fi
 
 echo -e "Welcome to Coolify Installer!"
 echo -e "This script will install everything for you. Sit back and relax."
-echo -e "Source code: https://github.com/coollabsio/coolify/blob/main/scripts/install.sh\n"
+echo -e "Source code: https://github.com/coollabsio/coolify/blob/v4.x/scripts/install.sh"
 
 # Predefined root user
 ROOT_USERNAME=${ROOT_USERNAME:-}
@@ -711,84 +710,80 @@ curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.p
 curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
 
-echo -e "6. Make backup of .env to .env-$DATE"
+echo -e "6. Setting up environment variable file"
 
-# Copy .env.example if .env does not exist
 if [ -f $ENV_FILE ]; then
+    # If .env exists, create backup
+    echo " - Creating backup of existing .env file to .env-$DATE"
     cp $ENV_FILE $ENV_FILE-$DATE
+    # Merge .env.production values into .env
+    echo " - Merging .env.production values into .env"
+    awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+    echo " - .env file merged successfully"
 else
-    echo " - File does not exist: $ENV_FILE"
-    echo " - Copying .env.production to .env-$DATE"
-    cp /data/coolify/source/.env.production $ENV_FILE-$DATE
-    # Generate a secure APP_ID and APP_KEY
-    sed -i "s|^APP_ID=.*|APP_ID=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^APP_KEY=.*|APP_KEY=base64:$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Postgres DB username and password
-    # Causes issues: database "random-user" does not exist
-    # sed -i "s|^DB_USERNAME=.*|DB_USERNAME=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^DB_PASSWORD=.*|DB_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Redis password
-    sed -i "s|^REDIS_PASSWORD=.*|REDIS_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate secure Pusher credentials
-    sed -i "s|^PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
+    # If no .env exists, copy .env.production to .env
+    echo " - No .env file found, copying .env.production to .env"
+    cp /data/coolify/source/.env.production $ENV_FILE
 fi
 
+echo -e "7. Checking and updating environment variables if necessary..."
+
+update_env_var() {
+    local key="$1"
+    local value="$2"
+
+    # If variable "key=" exists but has no value, update the value of the existing line
+    if grep -q "^${key}=$" "$ENV_FILE"; then
+        sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
+        echo " - Updated value of ${key} as the current value was empty"
+    # If variable "key=" doesn't exist, append it to the file with value
+    elif ! grep -q "^${key}=" "$ENV_FILE"; then
+        printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
+        echo " - Added ${key} with default value as the variable was missing"
+    fi
+}
+
+update_env_var "APP_ID" "$(openssl rand -hex 16)"
+update_env_var "APP_KEY" "base64:$(openssl rand -base64 32)"
+# update_env_var "DB_USERNAME" "$(openssl rand -hex 16)" # Causes issues: database "random-user" does not exist
+update_env_var "DB_PASSWORD" "$(openssl rand -base64 32)"
+update_env_var "REDIS_PASSWORD" "$(openssl rand -base64 32)"
+update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
+
 # Add default root user credentials from environment variables
 if [ -n "$ROOT_USERNAME" ] && [ -n "$ROOT_USER_EMAIL" ] && [ -n "$ROOT_USER_PASSWORD" ]; then
-    if grep -q "^ROOT_USERNAME=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USERNAME=.*|ROOT_USERNAME=$ROOT_USERNAME|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_EMAIL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_EMAIL=.*|ROOT_USER_EMAIL=$ROOT_USER_EMAIL|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_PASSWORD=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_PASSWORD=.*|ROOT_USER_PASSWORD=$ROOT_USER_PASSWORD|" "$ENV_FILE-$DATE"
-    fi
+    echo " - Setting predefined root user credentials from environment"
+    update_env_var "ROOT_USERNAME" "$ROOT_USERNAME"
+    update_env_var "ROOT_USER_EMAIL" "$ROOT_USER_EMAIL"
+    update_env_var "ROOT_USER_PASSWORD" "$ROOT_USER_PASSWORD"
 fi
 
-# Add registry URL to .env file
 if [ -n "${REGISTRY_URL+x}" ]; then
     # Only update if REGISTRY_URL was explicitly provided
-    if grep -q "^REGISTRY_URL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^REGISTRY_URL=.*|REGISTRY_URL=$REGISTRY_URL|" "$ENV_FILE-$DATE"
-    else
-        echo "REGISTRY_URL=$REGISTRY_URL" >>"$ENV_FILE-$DATE"
-    fi
+    update_env_var "REGISTRY_URL" "$REGISTRY_URL"
 fi
 
-# Merge .env and .env.production. New values will be added to .env
-echo -e "7. Propagating .env with new values - if necessary."
-awk -F '=' '!seen[$1]++' "$ENV_FILE-$DATE" /data/coolify/source/.env.production >$ENV_FILE
-
 if [ "$AUTOUPDATE" = "false" ]; then
-    if ! grep -q "AUTOUPDATE=" /data/coolify/source/.env; then
-        echo "AUTOUPDATE=false" >>/data/coolify/source/.env
-    else
-        sed -i "s|AUTOUPDATE=.*|AUTOUPDATE=false|g" /data/coolify/source/.env
+    update_env_var "AUTOUPDATE" "false"
+fi
+
+if [ "$DOCKER_POOL_BASE_PROVIDED" = true ]; then
+    update_env_var "DOCKER_ADDRESS_POOL_BASE" "$DOCKER_ADDRESS_POOL_BASE"
+else
+    # Add with default value if missing
+    if ! grep -q "^DOCKER_ADDRESS_POOL_BASE=" "$ENV_FILE"; then
+        update_env_var "DOCKER_ADDRESS_POOL_BASE" "$DOCKER_ADDRESS_POOL_BASE"
     fi
 fi
 
-# Save Docker address pool configuration to .env file
-if ! grep -q "DOCKER_ADDRESS_POOL_BASE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE" >>/data/coolify/source/.env
+if [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
+    update_env_var "DOCKER_ADDRESS_POOL_SIZE" "$DOCKER_ADDRESS_POOL_SIZE"
 else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_BASE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_BASE=.*|DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE|g" /data/coolify/source/.env
-    fi
-fi
-
-if ! grep -q "DOCKER_ADDRESS_POOL_SIZE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE" >>/data/coolify/source/.env
-else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_SIZE=.*|DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE|g" /data/coolify/source/.env
+    # Add with default value if missing
+    if ! grep -q "^DOCKER_ADDRESS_POOL_SIZE=" "$ENV_FILE"; then
+        update_env_var "DOCKER_ADDRESS_POOL_SIZE" "$DOCKER_ADDRESS_POOL_SIZE"
     fi
 fi
 
@@ -824,14 +819,13 @@ echo -e " - Please wait."
 getAJoke
 
 if [[ $- == *x* ]]; then
-    bash -x /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}"
+    bash -x /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}" "true"
 else
-    bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}"
+    bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}" "true"
 fi
 echo " - Coolify installed successfully."
-rm -f $ENV_FILE-$DATE
 
-echo " - Waiting for 20 seconds for Coolify (database migrations) to be ready."
+echo " - Waiting for 20 seconds for Coolify database migrations to be ready."
 getAJoke
 
 sleep 20
@@ -868,5 +862,5 @@ if [ -n "$PRIVATE_IPS" ]; then
         fi
     done
 fi
+
 echo -e "\nWARNING: It is highly recommended to backup your Environment variables file (/data/coolify/source/.env) to a safe location, outside of this server (e.g. into a Password Manager).\n"
-cp /data/coolify/source/.env /data/coolify/source/.env.backup

From 64f3fdc4634974021b9661b0974d9e46e2ffe7e9 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Fri, 29 Aug 2025 15:28:31 +0200
Subject: [PATCH 015/129] refactor(upgrade): improve upgrade script

- remove unused VERSION variable.
- add backup functionality of the .env file on each run of the upgrade script.
- skip .env backup when coming from the install script
- add improved handling and more logging for updating environment-variable values.
- remove not needed line
---
 scripts/upgrade.sh | 45 ++++++++++++++++++++++++++++++++-------------
 1 file changed, 32 insertions(+), 13 deletions(-)

diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh
index 32bffad48..5d52b44fe 100644
--- a/scripts/upgrade.sh
+++ b/scripts/upgrade.sh
@@ -1,11 +1,12 @@
 #!/bin/bash
 ## Do not modify this file. You will lose the ability to autoupdate!
 
-VERSION="15"
 CDN="https://cdn.coollabs.io/coolify"
 LATEST_IMAGE=${1:-latest}
 LATEST_HELPER_VERSION=${2:-latest}
 REGISTRY_URL=${3:-ghcr.io}
+SKIP_BACKUP=${4:-false}
+ENV_FILE="/data/coolify/source/.env"
 
 DATE=$(date +%Y-%m-%d-%H-%M-%S)
 LOGFILE="/data/coolify/source/upgrade-${DATE}.log"
@@ -14,20 +15,39 @@ curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml
 curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml
 curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 
-# Merge .env and .env.production. New values will be added to .env
-awk -F '=' '!seen[$1]++' /data/coolify/source/.env /data/coolify/source/.env.production >/data/coolify/source/.env.tmp && mv /data/coolify/source/.env.tmp /data/coolify/source/.env
-# Check if PUSHER_APP_ID or PUSHER_APP_KEY or PUSHER_APP_SECRET is empty in /data/coolify/source/.env
-if grep -q "PUSHER_APP_ID=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|g" /data/coolify/source/.env
+# Backup existing .env file before making any changes
+if [ "$SKIP_BACKUP" != "true" ]; then
+    if [ -f "$ENV_FILE" ]; then
+        echo "Creating backup of existing .env file to .env-$DATE" >>$LOGFILE
+        cp $ENV_FILE $ENV_FILE-$DATE
+    else
+        echo "No existing .env file found to backup" >>$LOGFILE
+    fi
 fi
 
-if grep -q "PUSHER_APP_KEY=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|g" /data/coolify/source/.env
-fi
+echo "Merging .env.production values into .env" >>$LOGFILE
+awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+echo ".env file merged successfully" >>$LOGFILE
 
-if grep -q "PUSHER_APP_SECRET=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|g" /data/coolify/source/.env
-fi
+update_env_var() {
+    local key="$1"
+    local value="$2"
+
+    # If variable "key=" exists but has no value, update the value of the existing line
+    if grep -q "^${key}=$" "$ENV_FILE"; then
+        sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
+        echo " - Updated value of ${key} as the current value was empty" >>$LOGFILE
+    # If variable "key=" doesn't exist, append it to the file with value
+    elif ! grep -q "^${key}=" "$ENV_FILE"; then
+        printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
+        echo " - Added ${key} with default value as the variable was missing" >>$LOGFILE
+    fi
+}
+
+echo "Checking and updating environment variables if necessary..." >>$LOGFILE
+update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
 
 # Make sure coolify network exists
 # It is created when starting Coolify with docker compose
@@ -37,7 +57,6 @@ if ! docker network inspect coolify >/dev/null 2>&1; then
         docker network create --attachable coolify 2>/dev/null
     fi
 fi
-# docker network create --attachable --driver=overlay coolify-overlay 2>/dev/null
 
 # Check if Docker config file exists
 DOCKER_CONFIG_MOUNT=""

From 983197b74282d57aab7a31b5b25b366afd6269c4 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Fri, 29 Aug 2025 18:42:46 +0200
Subject: [PATCH 016/129] chore: adjust wording

---
 scripts/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 64913d599..3bbabf648 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -739,7 +739,7 @@ update_env_var() {
     # If variable "key=" doesn't exist, append it to the file with value
     elif ! grep -q "^${key}=" "$ENV_FILE"; then
         printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
-        echo " - Added ${key} with default value as the variable was missing"
+        echo " - Added ${key} and it's value as the variable was missing"
     fi
 }
 

From c0ffda37f285598a448e90f1a10dc174f4abc3ef Mon Sep 17 00:00:00 2001
From: Dominic <dominic@userexe.me>
Date: Sun, 31 Aug 2025 22:32:30 -0400
Subject: [PATCH 017/129] remove ~ from forbidden characters in git URLs

---
 app/Rules/ValidGitRepositoryUrl.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Rules/ValidGitRepositoryUrl.php b/app/Rules/ValidGitRepositoryUrl.php
index 3cbe9246e..c7ea208cc 100644
--- a/app/Rules/ValidGitRepositoryUrl.php
+++ b/app/Rules/ValidGitRepositoryUrl.php
@@ -31,7 +31,7 @@ public function validate(string $attribute, mixed $value, Closure $fail): void
         $dangerousChars = [
             ';', '|', '&', '$', '`', '(', ')', '{', '}',
             '[', ']', '<', '>', '\n', '\r', '\0', '"', "'",
-            '\\', '!', '?', '*', '~', '^', '%', '=', '+',
+            '\\', '!', '?', '*', '^', '%', '=', '+',
             '#', // Comment character that could hide commands
         ];
 

From 758fe18d79be34768084ecced1020ff46a884370 Mon Sep 17 00:00:00 2001
From: Dominic <dominic@userexe.me>
Date: Wed, 3 Sep 2025 13:01:03 -0400
Subject: [PATCH 018/129] oops missed a check

---
 app/Rules/ValidGitRepositoryUrl.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Rules/ValidGitRepositoryUrl.php b/app/Rules/ValidGitRepositoryUrl.php
index c7ea208cc..d549961dc 100644
--- a/app/Rules/ValidGitRepositoryUrl.php
+++ b/app/Rules/ValidGitRepositoryUrl.php
@@ -85,7 +85,7 @@ public function validate(string $attribute, mixed $value, Closure $fail): void
             }
 
             // Validate SSH URL format (git@host:user/repo.git)
-            if (! preg_match('/^git@[a-zA-Z0-9\.\-]+:[a-zA-Z0-9\-_\/\.]+$/', $value)) {
+            if (! preg_match('/^git@[a-zA-Z0-9\.\-]+:[a-zA-Z0-9\-_\/\.~]+$/', $value)) {
                 $fail('The :attribute is not a valid SSH repository URL.');
 
                 return;

From 7a7f2c64bb53972da97be1c500b3f5f6f58e7e7e Mon Sep 17 00:00:00 2001
From: Kimmo Salmela <kimmo.salmela@reun.eu>
Date: Thu, 4 Sep 2025 13:41:20 +0300
Subject: [PATCH 019/129] Update Coolify logo files

---
 public/coolify-logo-dev-transparent.png | Bin 7866 -> 1775 bytes
 public/coolify-logo-dev-transparent.svg |   1 +
 public/coolify-logo.svg                 |  10 +---------
 public/coolify-transparent.png          | Bin 7872 -> 1797 bytes
 4 files changed, 2 insertions(+), 9 deletions(-)
 create mode 100644 public/coolify-logo-dev-transparent.svg

diff --git a/public/coolify-logo-dev-transparent.png b/public/coolify-logo-dev-transparent.png
index 9beeb9ba3f402d0aee0ec2c580d4dc233e6684ee..4e65e8b72160821db2ebf40d06a919ef703c2675 100644
GIT binary patch
literal 1775
zcmeAS@N?(olHy`uVBq!ia0y~yU`zmE4mO}jYvN)bAg3|Y**Ty%$lXc7)79C`(9+CI
z*GSKhfk9(p>BQaM%#H%>`;T;dY;6(~6Kh`)suZZ0ku3O;HEW{FhpQ^-dV)nK3&jOD
zisrDgUOX1Qu)c9y(^dtIE`@8iv~I1KQ*5cIls4_=&u`nU55Lo?cpMqJy+-juF{`na
zP~fukw5hAoSABe_?&9mTwWsq&!JJLs>bj42UUys`_OtkZ)LW-hK?fg;%LVXmR<O~s
z*%xCVb5AHQ%(#>Fq42{7O>vQZg<qDO_UBt3`>*6ik30Lp+Zt<@)E9mdUo9CdK5hEt
zb?MWu%>Qknzta2ZvLvC~N1``&7&)=D8n#KO_?Z7SYUjM<JbjJEWO=P;{*$K1gr+r%
z`iOZ>Ug+R(MRn!8Nh><%O`4c`^yUBi`=X-q`=j^jF-`5?_V*TJ=<E+$6K~72Z~I%y
zA<ADcPy6Zf?+f4ie(9ZbZ67;tc0pC(rAfC7w(;qHcRS=GvXrZE{j!6n4X>PcxGZ|*
z%ud_iH=n=Yd$jsf==2Snx#t$`OZ+G8(Vc#Sp?CiaV4QFkctjR6Fz_7#VaBQ2e9{aI
ztRkK+jv*Cu-d;OBvBf}y#gX$^&W+x`J8Uz~tY|ipt&o-BI=gY_SG%yij2UM>&wToK
zu?^n_V@9?P4g&|521X?&9s$9Gh7Ja17ZwQxr2`Ct)RT()%FuACwm0<NcP4sR2Xw#D
z_1_U+J1*JGkG!{k{l>4~+vip?(!gWbLaOpAbJlm$u*(1M>(6|$yYP`-UZ!r8Ve=WS
zlE=uj%jh*DIGKDuZqHF>dR{$u!7m2tXFY6TJM(M9tt$D|_ZUp}?VJB)pE%9)Kg1Ce
tBl&OK1(pK&3{r7aEncws5t>%*{B>j&JfHCySWq%Bc)I$ztaD0e0swNf?Op%?

literal 7866
zcmeGhe^gWF^?n~OkQmU=OvBX4Yd1}6t;yV(FvpLFKZd_bn6>^mBBbp+$1|Cs!vPu~
zU({MX#|^vHX<KL5s%tl`VCNAkgglRq?Pxn(+YJsWB&~W7F$4vYU`XEXi`$%@?!Wb)
zE`Q{_m;2q{-@W&{_j~&a3-VJYOq~D#Da)2FUIjq$m4Y%6A0t&C-^B+hUzNWQPW@$i
zKfsJ_%NFOYt}6Dq)mt@5k1YA?{L(k-9_gB2agBfUB5j`O{MNL$2cOyW<6mbR>ZDX&
zU_fX&HI!R!y`<8}f9?5@Nhzn)@W#h^NIW!nFa~E(mLLNKbD;pqb9<iD#%PH*Q3f)x
zo<UmCxwW%m45^rMk5?Wc#^!AeD`hDh$EMwrw~JD9S%2|sGEk|6j2I1<sNh8Jht7F2
zP@{pZF&bs^1SLCv+`1{I5f7ilXf$bG(ZH@1!AmiX1Za-Y#1;O(^l-by>-*EoO)t_0
zlX;Ez`qdLs;`>{r?Q?8ZWB!J@&^}2VFsYTSe^kwU_#2H_r5|Bfwn@IuU?8f%Q0<zm
zftD7Vt=s`;gMO_TiaMibF`hkAV8CjXD8~3L48xwDu#Wk9Bq>0})PEA`z}=#QfXQ4W
zKxsPjkgi^rjih;8ot`NgxEl7<)>!;n4E)9?d8nvF=7GT)+GwL!F$cm>O%dOOc)`1F
z1XN4z2EVU{VyabOHVh(aSFh7_pT7y*;h+lfiftPN*zdQ6N1eF7m5HYqboJn?yCtX+
zqpJOAu`gjrWwuH=WWV1tU_rp`h{e^`gzNt@8Ch9_IixGs{vsibHIPF}{T@ByStIvd
zltVDRT2Q-6L@o9A>LIK*&gJ3kBvH?NkuYa$vo*M$;-Nk0irnqR^$fwhR)AZBy|~^J
z=FAe;j@AT7h--A(9Ej&1Z9+gO+En6khq?Ri#dWI#ZaKtev?d2WcRL(d1MC}7-4;YW
ziymbWZJJI4?j$cdH(EpQIX`q~^xKM1AadJNUzRYmXk7hf4Q*~zbO`mS8u)4W;P0sS
z(yZU~X&|-rG&fPHWC<&j>3Og_r2C$lsW%KIb5jYq(p>V|Y&cc=*p7)rbAH+iFJq9|
zxO*s-6ZYDkI|FfsaUcGduvw4}0}`no3%%Ye_L(}|2h$Tf@|ftEj4`=P8Xs%1SS{UI
zZJ>c*?VRjXdkRL|;CdJj86z2m61@_I*9*++1vul@0p*><0o}Q<QeTL5Xq9w3@<%;p
zM|XPOM=H58RRsGz(eAa<cQ%5OsVi@MRXIn74p7X{k;H1cSpws)geQ1dUgLmqHIt^9
z!`jUY?9ZXlxw#Q{N%&?CX;p`8q^NmehhTmN<yv)E4vuAbwL&<F^>fP!DZGifs%0kd
znd<wwJqk`}86UCOd?#eE_>y`gS*}__i<KbJj)WX?#s-HA>hY*P-ey8(A?`|)L#x&y
z_sb?J(AjoQ1{XC8C=v_C8LXsnk^d{l`e{j9+i$lFB?*@-nS@@z0zR(ALoM1LyvZq7
zs+B+vL?NVOuX@U;ER@00juJRFzDLU&=kUM@JED}oo^b@^FyZ0DVI4f-`jk^9$4HO5
zVCh(jUXXWF$wtN%{}v;_u|5N=s=c7nq~RGz`D`0GaA#Tp6B`+Zd;gd^E;8=ec=*JV
zBwh;QHI^KRpCs|~@{8yShDo76I{a4OJJow^(pcfoGTs1t;l2BT-O<s_m+LZk_)L*z
zk~^4WgS34H(fCW?qS|;=ZdB5W+u+6_1Kj;u6{RPzdHTt4uE*_yi(wtyru+4Bi?l~x
zzpiGrNk^IZdj{)zT5Tlr^mbDAe9DZS;xPt?i^2_u0xG`O1$%YoEV+|1wpKeHrZRzk
zz5xnOo?oOnjP3F-wggq)OWg|b;L}wTsTGA=`dqHl9<n!R_z#smei*r|gUG}zVt*C~
z;&a<w31!a@Q}4y8S)6?tih8dCA)9>isGF5!&qkc4a)fN|quwj?vL@KSi8yD6a*I0+
zr2PTA{D&a?fMMeu!GHm7M-@UVTvcHU$Uc?V$7sFBuIC$P^ROlZy;o3L3`f@OdYL!k
zuraGMI&i#(KBTn%VJfY-?*lc{ZW+>Wv+!2nS~m{r?^ckqP1>Wo#G`l-;2!f^ZdJl(
z5jCqK?OM61yl^@AU5MOK2(AQ^V18DBlUsZJaHOjhGEXN?$}_JLVCAVEKNPKRf#!Er
z9eHLGUP$;p@x%1)_aO63a@|7nO1waMYP_y<bOn3RuJBCpLBphBXGD#63y!Ar^xk$=
zYmR-r-B42UQKb~<vF*B~kVi7Hl$4oOGwi}Qcz7)I^%oT4D@#__Jqok8m#ao7x+!mr
zqxB!>8aKf7bvyHUjY`Rs(Lb*vWj{#$+Y3szytjxt8QiEW%(27cqm$mB0!hF0rYaXx
z%J0mbw+5!KUp$&d>wlhcNHFjimam#{oQov<K_S{_R&n$d27A4A`zJ&Gl<#Nnfw!-H
zF!KuTQf<<8ZCt%Ck@rsDO>^XCTTb`~ovM@S>Ton<DXij#7FECL$cJVsU)0t2IAL?7
z?=3YO(}G;5x-nJ%ZmT^9hjR(wAXvY#EspRd^TX5n*jJQ&IK_9R%#6Li!*G}5a2oeR
jJRahC@defg(YDRD^M|ee)eG=rG%Q<Eu=vzM^Ui+&_!h3@

diff --git a/public/coolify-logo-dev-transparent.svg b/public/coolify-logo-dev-transparent.svg
new file mode 100644
index 000000000..5427fe0a4
--- /dev/null
+++ b/public/coolify-logo-dev-transparent.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 352 352"><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#7d7c00"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#fffd02"/></svg>
\ No newline at end of file
diff --git a/public/coolify-logo.svg b/public/coolify-logo.svg
index 6f4f641f5..9d10de243 100644
--- a/public/coolify-logo.svg
+++ b/public/coolify-logo.svg
@@ -1,9 +1 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg version="1.1" viewBox="0 0 2048 2048" width="512" height="512" xmlns="http://www.w3.org/2000/svg">
-<path transform="translate(257,640)" d="m0 0h254l1 1v127h127l1 1v639h895l1 1v127h127l1 1v254l-5 1h-1018l-1-1v-127h-127l-1-1v-127h-127l-1-1v-127h-127l-1-1v-766z" fill="#8550FC"/>
-<path transform="translate(513,384)" d="m0 0h1022l1 1v127h127l1 1v254l-5 1h-1018l-1-1v-127h-127l-1-1v-254z" fill="#8550FC"/>
-<path transform="translate(1537,1536)" d="m0 0h126l1 1v254l-5 1h-1018l-1-1v-126l896-1v-29z" fill="#452E72"/>
-<path transform="translate(1537,512)" d="m0 0h126l1 1v254l-5 1h-1018l-1-1v-126l896-1v-29z" fill="#452E72"/>
-<path transform="translate(513,768)" d="m0 0h126l1 1v638l-7 1-108-1-12-1z" fill="#452E72"/>
-<path transform="translate(478,1408)" d="m0 0h32l1 1v127h-126l-1-1v-126z" fill="#452E72"/>
-</svg>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 352 352"><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#452e72"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#864ffc"/></svg>
\ No newline at end of file
diff --git a/public/coolify-transparent.png b/public/coolify-transparent.png
index 96fc0db36db2febba387bbf48d31163361cf9985..99a56acbe3cae04dfc76a4bb38fed8b9b84453bd 100644
GIT binary patch
literal 1797
zcmeAS@N?(olHy`uVBq!ia0y~yU`zmE4mO}jYvN)bAg3|Y**Ty%$lXc7)79C`(9+CI
z*GSKhfk9(p>BQaM%#H%>`;T;dY;6(~6Kh`)suZZ0ku3O;HEW{FhpQ^-dV)nK3&jOD
zisrDgUOX1Qu)c9y(^dtIE`@8iv~I1KQ*5cIls4_=&u`nU55Lo?cpMqJy+-juF{`na
zP~fukw5hAoSABe_?&9mTwWsq&!JJLs>bj42UUys`_OtkZ)LW-hK?fg;%LVXmR<O~s
z*%xCVb5AHQ%(#>Fq42{7O>vQZg<qDO_UBt3`>*6ik30Lp+Zt<@)E9mdUo9CdK5hEt
zb?MWu%>Qknzta2ZvLvC~N1``&7&)=D8n#KO_?Z7SYUjM<JbjJEWO=P;{*$K1gr+r%
z`iOZ>Ug+R(MRn!8Nh><%O`4c`^yUBi`=X-q`=j^jF-`5?_V*TJ=<E+$6K~72Z~I%y
zA<ADcPy6Zf?+f4ie(9ZbZ67;tc0pC(rAfC7w(;qHcRS=GvXrZE{j!6n4X>PcxGZ|*
z%ud_iH=n=Yd$jsf==2Snx#t$`OZ+G8(Vc#Sp?CiaV4QFkctjR6Fz_7#VaBQ2e9{aI
ztXiHfjv*Cu-d-~dJnA6f7C5a_kmm@q>#OIgtgb9e798--;<8C#P|i=ASlB%$`N8k>
zZfonfymvJ=>9x!kEY_t?`Mv(B#eun;1`aL_j7m&A0)hz*9SqDaED{Pz2N(ny**Z9=
zCbj7bJ448}()myK$y3ct{EnPhXg6=O-J+71(;DBmm+t@i`|#YKjI{9_hC?D>F=yT0
zb-w8T@9)`DemflJr$LBfSW3g#8?}oznd8I?{u|e7r~Q7PKmVzXfYmzH+y!*Y9)a=!
z*7D~g?=zUx{j<ANYfrnpkD7WG+dX&(EC{~xIvl1~wm4z`>!@r1Z<7BNU{T88>FVdQ
I&MBb@0D3U=`~Uy|

literal 7872
zcmeHMYj6`)6h3#mDVwIT+eS#0N*A0V0)=!CZGF&e5ovi0RD4heNaF*i4q`isQYcAo
z#4<3J#|Y9og|y@Fm_ddDqgbG27s}KTM_VW_Tic{mjkTspc_nRL-d&t=${+uzKb+0X
z$=;m3=X|^8oO|xMCz}fv=4lfiOaK7w-2B;#0Vp!0fQcuUTV<Dq$pyW;IByml{ywb_
zVBEU7vvXf4GkZJHs)y7m&t6E+&~O<PSD1GH$_!)~gV+r7mI+(t#MPC&>3W&EY(04W
z#N2YBF}w{BMKf%*E;v2VVy?dXt4s}fJeJ1sDq3`3Y?>}lV&QF>$s{H)_{_fY6_O;!
z!H;*PQtxMB!~DQ`iOKWOAj@!>k8luQHSmd=FfoSGIQh1vfQQ6sT~l;~2?)94B^fN%
zVMtwea>+y)oD#JX6CAk+Wj3s?Um%0ic&sc#ZJ;PiX`lI18JvMESw?wa#llKR{PT-W
z3~C$gv2dEfKTN-&>bBViUHAvDVBTeF3=8JvP??Ue){bGJy<ZQVg!)5)XeU{q<*}&h
z?$`R5*}jyAw|qr1Rr*~0B^m~MBN~|oBju4*2pws%%anQAUN21L;CR3&Q%k^i`zw-*
z?nG5G1*1*T;~1`W3o@m;gsUzB-x(tCgnC1P;k)qCBTyCv{2w&C__Z&6lK6G~nwT~r
z3ry#P%;8AL<EilY6KUpYBL~hbVa9W?tYeO!>_B|h$6_)<rLQMnc#XkK^n4*IU7>Ss
z5N}eHd+p8nI+eI@72P@ksMQav(~?=p8<RY9BW!ZlSB{1ykM}&Gs8nqEw?X8IvqVg|
z#3by^@_YL`J^M_ovjQ9*I>**@z+`upx7Y0WWl)8oVJNTt`Q%_s&w_WWN({92365bs
zzLQkfNAFV6{3$Eq;Nn=nx-Nn&PdXO!uyeS6$#An^y=`i@Qhv4j>_h9~sgEeCuInWD
zjnJnJ67f;EkDiB6!EYq_#3*-6)fQFH*drdnP+V0T_10V8tA%Kae?Hb9ZhMryMk*z5
zw+b(kr0KROWbWZ7aWKzX3+o9)T|`&>q~jHY+NPNzokgMFa!`;i?V)DIIhGUVfEj}H
z_HH8WO@emyPVy+10&39!wa{U5?AN7|MCiTIE=0bpAJCCm`e_p6Xu=#&Apb4Hia`V3
z<}zK>+=}CV&e{!<`$!<&)Wam9hh`Er44~~!0rH2m2HsN01A}jcRs8vqY(zCv6c2kn
zMp$fXR<n}(C~l@5ZND*gA(ldjg}xyT-svi(=#45GLw;)!><w?!ahVw$(EPe6r9di%
zRl-MEBuXk!a;&nGDEsAqUlnAg!|egVY7J%7_H^2#OSfj#fTO_e_2^?-CenXlS9%E#
z=QNp4sh~+UNBeK5z+hCxH$tzP6i2w{XAQOuQFShdfjcspgO{>mo~DR~Z?q%UD3(bz
zlBJB?FFFmsu5qiGL!<?H`MZ!F>uU61xZ)nqEFhe3zKlgK=Ad(=3Lm5@4N`ryvC608
zh4rY-C+gTjQU!lr6HvR){h|^#KUT(2JBZ$Qyg6vu%cr2>n7TFBvWSP@z2VxD-`Bu(
z(wrzmEpkQO{B7VVh}=-|Lfj(W@*)q1-tP9n?rV*ZeKbBP*FsJT3l4Yr;2uRk`XH_2
z1Z01axNVkY0S}c^!$tM|RnR+9^?W>1b+omdyjxj};>>tZs`^B~1U>RKj9_@&2n!FL
zd4{bfCyE^_W1)RkY7=RhTvw$ol8VekqswrQS$#Tj^LHAoTj^)%iA3*D9agI0*!zDT
z%AKUA(m7;uUGu>`MqC5Kl8Z(;v3L+eVOOIIWglION?+BE`#{`_p?cXV7rIB$2{Px4
zcTs8a1LG>hYU1~$LBV|0h+0ParwT$NREKK=cZ{TuV{iJa<&<NK<+~!iS5L*_E5_pV
z>qV(kVcJ_~9%YMZn(wu(I7qy=`PV0Co-WC7#F5s5m~u9ch4Imf3zYlpn5W|$b9k6B
zuw;J%o>H^P`3%hVx1?l~=JkCU<JZ%ORTL^V{JXG8wQemba^>U|b*<D@>w`g(@N#=b
zi%El9Y)v$t!X25yK}VMcU$NUxLbVA2Nm_NwPeXCUb3lWKbRgxU4if6hg#VQtT&v|j
w!nQLE{;;b+9=DOr=!(MU6g&Li;~|_h`O;@=^Sv9IfqdpZyKwg5S(Xp}0JX-Y*Z=?k


From c8b6ffe549e728654e26aa62a625a808f633214d Mon Sep 17 00:00:00 2001
From: Kimmo Salmela <kimmo.salmela@reun.eu>
Date: Thu, 4 Sep 2025 14:07:19 +0300
Subject: [PATCH 020/129] Add SVG role attributes and title tags

---
 public/coolify-logo-dev-transparent.svg | 2 +-
 public/coolify-logo.svg                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/public/coolify-logo-dev-transparent.svg b/public/coolify-logo-dev-transparent.svg
index 5427fe0a4..a4159154f 100644
--- a/public/coolify-logo-dev-transparent.svg
+++ b/public/coolify-logo-dev-transparent.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 352 352"><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#7d7c00"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#fffd02"/></svg>
\ No newline at end of file
+<svg role="img" viewBox="0 0 352 352" xmlns="http://www.w3.org/2000/svg"><title>Coolify</title><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#7d7c00"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#fffd02"/></svg>
\ No newline at end of file
diff --git a/public/coolify-logo.svg b/public/coolify-logo.svg
index 9d10de243..bff8f6b40 100644
--- a/public/coolify-logo.svg
+++ b/public/coolify-logo.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 352 352"><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#452e72"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#864ffc"/></svg>
\ No newline at end of file
+<svg role="img" viewBox="0 0 352 352" xmlns="http://www.w3.org/2000/svg"><title>Coolify</title><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#452e72"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#864ffc"/></svg>
\ No newline at end of file

From 1530d35b63fc893a69b7f3d428781c91abba35fa Mon Sep 17 00:00:00 2001
From: Kimmo Salmela <kimmo.salmela@reun.eu>
Date: Thu, 4 Sep 2025 14:09:43 +0300
Subject: [PATCH 021/129] Add monochrome logo

---
 public/coolify-logo-monochrome.png | Bin 0 -> 1826 bytes
 public/coolify-logo-monochrome.svg |   1 +
 2 files changed, 1 insertion(+)
 create mode 100644 public/coolify-logo-monochrome.png
 create mode 100644 public/coolify-logo-monochrome.svg

diff --git a/public/coolify-logo-monochrome.png b/public/coolify-logo-monochrome.png
new file mode 100644
index 0000000000000000000000000000000000000000..48605e8fda6d5830ab19195f32049d8a20df39eb
GIT binary patch
literal 1826
zcmeAS@N?(olHy`uVBq!ia0y~yU`zmE4mO}jYvN)bAg3|Y**Ty%$lXc7)79C`(9+CI
z*GSKhfk9(p>BQaM%#H%>`;T;dY;6(~6Kh`)suZZ0ku3O;HEW{FhpQ^-dV)nK3&jOD
zisrDgUOX1Qu)c9y(^dtIE`@8iv~I1KQ*5cIls4_=&u`nU55Lo?cpMqJy+-juF{`na
zP~fukw5hAoSABe_?&9mTwWsq&!JJLs>bj42UUys`_OtkZ)LW-hK?fg;%LVXmR<O~s
z*%xCVb5AHQ%(#>Fq42{7O>vQZg<qDO_UBt3`>*6ik30Lp+Zt<@)E9mdUo9CdK5hEt
zb?MWu%>Qknzta2ZvLvC~N1``&7&)=D8n#KO_?Z7SYUjM<JbjJEWO=P;{*$K1gr+r%
z`iOZ>Ug+R(MRn!8Nh><%O`4c`^yUBi`=X-q`=j^jF-`5?_V*TJ=<E+$6K~72Z~I%y
zA<ADcPy6Zf?+f4ie(9ZbZ67;tc0pC(rAfC7w(;qHcRS=GvXrZE{j!6n4X>PcxGZ|*
z%ud_iH=n=Yd$jsf==2Snx#t$`OZ+G8(Vc#Sp?CiaV4QFkctjR6Fz_7#VaBQ2e9{aI
ztnQvJjv*Cu-rm{hd&EJ+^`iX=&Y9i|Qnj|ONXSeOZo0VjgC*-58^M^~HG<g{SD72m
zXz~Bo;AgKeVr1*!FmP~bU{qq_5fDsh=wM)WVUbW!I=~=EJ*mDbh6BE_#>MY!4)9Xj
zY#fd~VQ9R*$|VQr)$}4}EPez!sTe4^{oGylH6QtQ)Up5hvftijn!f;b{e9pp(A#--
z$+`b(A1u2=+fc?45;Td?QM*XaFfv~oX8)cy^L!P{2m7@%E3Yait(If3nT$2XsYlFv
zcyRJk-V$s{_uYs08tc#Q|8Hy@Kl?nxkImLBKi04_h}1MOP%$ePU13g3yUNUPZ%5j*
zJCzO6G%q6{DQe<kxdLWzxL~vK5og%@RqPD;b9eI#Jh%r`W<p(0f8v(46f9oQelZtV
P&N6tq`njxgN@xNA^v47F

literal 0
HcmV?d00001

diff --git a/public/coolify-logo-monochrome.svg b/public/coolify-logo-monochrome.svg
new file mode 100644
index 000000000..f60f33f97
--- /dev/null
+++ b/public/coolify-logo-monochrome.svg
@@ -0,0 +1 @@
+<svg role="img" viewBox="0 0 352 352" xmlns="http://www.w3.org/2000/svg"><title>Coolify</title><path d="M63.996 64V0h256v64Zm0 192h-64V64h64Zm0 0h256v64h-256Zm32-160V71.067h231.066V32h24.934v64zm0 0v152.533H71.063V96ZM56.93 263.066V288H31.997v-24.934ZM351.996 352h-256v-24.934h231.066V288h24.934z"/></svg>
\ No newline at end of file

From 0f030c5e546bcf6e149f85c01fb7e57117c89d0c Mon Sep 17 00:00:00 2001
From: Terijaki <590522+terijaki@users.noreply.github.com>
Date: Sun, 7 Sep 2025 13:28:37 +0200
Subject: [PATCH 022/129] Change favicon image type to PNG and SVG

Changing to the correct type. Incorrect type can cause issues with certain browsers.
---
 resources/views/layouts/base.blade.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php
index ebb134324..af8353078 100644
--- a/resources/views/layouts/base.blade.php
+++ b/resources/views/layouts/base.blade.php
@@ -35,9 +35,9 @@
     @endphp
     <title>{{ $name }}{{ $title ?? 'Coolify' }}</title>
     @env('local')
-        <link rel="icon" href="{{ asset('coolify-logo-dev-transparent.png') }}" type="image/x-icon" />
+        <link rel="icon" href="{{ asset('coolify-logo-dev-transparent.png') }}" type="image/png" />
     @else
-        <link rel="icon" href="{{ asset('coolify-logo.svg') }}" type="image/x-icon" />
+        <link rel="icon" href="{{ asset('coolify-logo.svg') }}" type="image/svg+xml" />
     @endenv
     <meta name="csrf-token" content="{{ csrf_token() }}">
     @vite(['resources/js/app.js', 'resources/css/app.css'])

From 843935d679b0b23b714e4305f1146931d33fbfa9 Mon Sep 17 00:00:00 2001
From: nikita <nikitka.shmidt.01@gmail.com>
Date: Sat, 13 Sep 2025 02:14:10 +0600
Subject: [PATCH 023/129] fix(ui): improve mobile sidebar close behavior

- Add click handler to close sidebar when clicking overlay
- Fix sidebar positioning by changing inset-0 to h-full
- Improves mobile navigation UX
---
 resources/views/layouts/app.blade.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php
index 47ea71ecc..e02877527 100644
--- a/resources/views/layouts/app.blade.php
+++ b/resources/views/layouts/app.blade.php
@@ -16,8 +16,8 @@
             }
         }" x-cloak class="mx-auto" :class="pageWidth === 'full' ? '' : 'max-w-7xl'">
             <div class="relative z-50 lg:hidden" :class="open ? 'block' : 'hidden'" role="dialog" aria-modal="true">
-                <div class="fixed inset-0 bg-black/80"></div>
-                <div class="fixed inset-0 flex">
+                <div class="fixed inset-0 bg-black/80" x-on:click="open = false"></div>
+                <div class="fixed h-full flex">
                     <div class="relative flex flex-1 w-full mr-16 max-w-56 ">
                         <div class="absolute top-0 flex justify-center w-16 pt-5 left-full">
                             <button type="button" class="-m-2.5 p-2.5" x-on:click="open = !open">

From 45ba0bc0428a25295393a91736cb077c84199dfc Mon Sep 17 00:00:00 2001
From: nikita <nikitka.shmidt.01@gmail.com>
Date: Sat, 13 Sep 2025 02:27:55 +0600
Subject: [PATCH 024/129] deleted mr-16

---
 resources/views/layouts/app.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php
index e02877527..5f05c0e6c 100644
--- a/resources/views/layouts/app.blade.php
+++ b/resources/views/layouts/app.blade.php
@@ -18,7 +18,7 @@
             <div class="relative z-50 lg:hidden" :class="open ? 'block' : 'hidden'" role="dialog" aria-modal="true">
                 <div class="fixed inset-0 bg-black/80" x-on:click="open = false"></div>
                 <div class="fixed h-full flex">
-                    <div class="relative flex flex-1 w-full mr-16 max-w-56 ">
+                    <div class="relative flex flex-1 w-full max-w-56 ">
                         <div class="absolute top-0 flex justify-center w-16 pt-5 left-full">
                             <button type="button" class="-m-2.5 p-2.5" x-on:click="open = !open">
                                 <span class="sr-only">Close sidebar</span>

From 5247185933e4138e71c941599af3f3937d4bf5c0 Mon Sep 17 00:00:00 2001
From: Ossama Lafhel <ossama.lafhel@kanpredict.com>
Date: Sat, 13 Sep 2025 04:28:27 +0200
Subject: [PATCH 025/129] feat(add-watch-paths-for-services): show watch paths
 field for docker compose applications

- Fix UI template to display Watch Paths for all GitHub-based applications
- Remove condition that limited Watch Paths to private repositories only
- Add comprehensive unit tests for isWatchPathsTriggered() method
- Test various pattern matching scenarios (wildcards, globs, etc.)
- Watch Paths now works for Docker Compose apps with both public and private repos
---
 .../project/application/general.blade.php     |  10 +-
 tests/Unit/ApplicationWatchPathsTest.php      | 165 ++++++++++++++++++
 2 files changed, 174 insertions(+), 1 deletion(-)
 create mode 100644 tests/Unit/ApplicationWatchPathsTest.php

diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php
index 315385593..3ffe074fa 100644
--- a/resources/views/livewire/project/application/general.blade.php
+++ b/resources/views/livewire/project/application/general.blade.php
@@ -265,6 +265,14 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                             helper="If you use this, you need to specify paths relatively and should use the same compose file in the custom command, otherwise the automatically configured labels / etc won't work.<br><br>So in your case, use: <span class='dark:text-warning'>docker compose -f .{{ Str::start($application->base_directory . $application->docker_compose_location, '/') }} up -d</span>"
                                             label="Custom Start Command" />
                                     </div>
+                                    @if ($this->application->is_github_based())
+                                        <div class="pt-4">
+                                            <x-forms.textarea
+                                                helper="Gitignore-style rules to filter Git based webhook deployments."
+                                                placeholder="services/api/**" id="application.watch_paths"
+                                                label="Watch Paths" x-bind:disabled="shouldDisable()" />
+                                        </div>
+                                    @endif
                                 </div>
                             @else
                                 <div class="flex flex-col gap-2 xl:flex-row">
@@ -296,7 +304,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                     @endif
 
                                 </div>
-                                @if ($this->application->is_github_based() && !$this->application->is_public_repository())
+                                @if ($this->application->is_github_based())
                                     <div class="pb-4">
                                         <x-forms.textarea
                                             helper="Gitignore-style rules to filter Git based webhook deployments."
diff --git a/tests/Unit/ApplicationWatchPathsTest.php b/tests/Unit/ApplicationWatchPathsTest.php
new file mode 100644
index 000000000..c90105b78
--- /dev/null
+++ b/tests/Unit/ApplicationWatchPathsTest.php
@@ -0,0 +1,165 @@
+<?php
+
+namespace Tests\Unit;
+
+use App\Models\Application;
+use Illuminate\Support\Collection;
+use Tests\TestCase;
+
+class ApplicationWatchPathsTest extends TestCase
+{
+    public function test_is_watch_paths_triggered_returns_false_when_watch_paths_is_null()
+    {
+        $application = new Application();
+        $application->watch_paths = null;
+
+        $modified_files = collect(['docker-compose.yml', 'README.md']);
+
+        $this->assertFalse($application->isWatchPathsTriggered($modified_files));
+    }
+
+    public function test_is_watch_paths_triggered_with_exact_match()
+    {
+        $application = new Application();
+        $application->watch_paths = "docker-compose.yml\nDockerfile";
+
+        // Exact match should return true
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile'])));
+
+        // Non-matching file should return false
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_wildcard_patterns()
+    {
+        $application = new Application();
+        $application->watch_paths = "*.yml\nsrc/**/*.php\nconfig/*";
+
+        // Wildcard matches
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['production.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/Controllers/UserController.php'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/Models/User.php'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['config/app.php'])));
+
+        // Non-matching files
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['src/index.js'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['configurations/deep/file.php'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_multiple_files()
+    {
+        $application = new Application();
+        $application->watch_paths = "docker-compose.yml\n*.env";
+
+        // At least one file matches
+        $modified_files = collect(['README.md', 'docker-compose.yml', 'package.json']);
+        $this->assertTrue($application->isWatchPathsTriggered($modified_files));
+
+        // No files match
+        $modified_files = collect(['README.md', 'package.json', 'src/index.js']);
+        $this->assertFalse($application->isWatchPathsTriggered($modified_files));
+    }
+
+    public function test_is_watch_paths_triggered_with_complex_patterns()
+    {
+        $application = new Application();
+        // fnmatch doesn't support {a,b} syntax, so we need to use separate patterns
+        $application->watch_paths = "**/*.js\n**/*.jsx\n**/*.ts\n**/*.tsx";
+
+        // JavaScript/TypeScript files should match
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/index.js'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['components/Button.jsx'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['types/user.ts'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['pages/Home.tsx'])));
+
+        // Deeply nested files should match
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/components/ui/Button.tsx'])));
+
+        // Non-matching files
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['package.json'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_question_mark_pattern()
+    {
+        $application = new Application();
+        $application->watch_paths = "test?.txt\nfile-?.yml";
+
+        // Single character wildcard matches
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['test1.txt'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['testA.txt'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['file-1.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['file-B.yml'])));
+
+        // Non-matching files
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['test.txt'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['test12.txt'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['file.yml'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_character_set_pattern()
+    {
+        $application = new Application();
+        $application->watch_paths = "[abc]test.txt\nfile[0-9].yml";
+
+        // Character set matches
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['atest.txt'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['btest.txt'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['ctest.txt'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['file1.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['file9.yml'])));
+
+        // Non-matching files
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['dtest.txt'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['test.txt'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['fileA.yml'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_empty_watch_paths()
+    {
+        $application = new Application();
+        $application->watch_paths = '';
+
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['any-file.txt'])));
+    }
+
+    public function test_is_watch_paths_triggered_with_whitespace_only_patterns()
+    {
+        $application = new Application();
+        $application->watch_paths = "\n  \n\t\n";
+
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['any-file.txt'])));
+    }
+
+    public function test_is_watch_paths_triggered_for_dockercompose_typical_patterns()
+    {
+        $application = new Application();
+        $application->watch_paths = "docker-compose*.yml\n.env*\nDockerfile*\nservices/**";
+
+        // Docker Compose related files
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.prod.yml'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose-dev.yml'])));
+        
+        // Environment files
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env.local'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env.production'])));
+        
+        // Dockerfile variations
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile.prod'])));
+        
+        // Service files
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['services/api/app.js'])));
+        $this->assertTrue($application->isWatchPathsTriggered(collect(['services/web/index.html'])));
+
+        // Non-matching files (e.g., documentation, configs outside services)
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['package.json'])));
+        $this->assertFalse($application->isWatchPathsTriggered(collect(['config/nginx.conf'])));
+    }
+}
\ No newline at end of file

From c1c149968ea07b58fe22839dd5323b256a8f641f Mon Sep 17 00:00:00 2001
From: GitHub Actions <actions@github.com>
Date: Tue, 16 Sep 2025 15:31:48 +0100
Subject: [PATCH 026/129] Fix team invitation email case sensitivity bug

- Add email normalization to TeamInvitation model using setEmailAttribute()
- Add HasFactory trait to Team model for testing support
- Create TeamFactory for testing
- Add tests to verify email normalization works correctly
- Fixes issue where mixed case emails in invitations would cause lookup failures
- Resolves #6291

The bug occurred because:
1. User model normalizes emails to lowercase
2. TeamInvitation model did not normalize emails
3. When invitation was created with mixed case, it was stored as-is
4. User lookup failed due to case mismatch during invitation acceptance
5. This caused users to not be able to see teams they were invited to

This fix ensures both models normalize emails consistently.
---
 app/Models/Team.php                           |  3 +-
 app/Models/TeamInvitation.php                 |  8 +++
 database/factories/TeamFactory.php            | 40 ++++++++++++
 .../TeamInvitationEmailNormalizationTest.php  | 63 +++++++++++++++++++
 4 files changed, 113 insertions(+), 1 deletion(-)
 create mode 100644 database/factories/TeamFactory.php
 create mode 100644 tests/Feature/TeamInvitationEmailNormalizationTest.php

diff --git a/app/Models/Team.php b/app/Models/Team.php
index 81638e31c..1b700404d 100644
--- a/app/Models/Team.php
+++ b/app/Models/Team.php
@@ -10,6 +10,7 @@
 use App\Traits\HasNotificationSettings;
 use App\Traits\HasSafeStringAttribute;
 use Illuminate\Database\Eloquent\Casts\Attribute;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Notifications\Notifiable;
 use OpenApi\Attributes as OA;
@@ -37,7 +38,7 @@
 
 class Team extends Model implements SendsDiscord, SendsEmail, SendsPushover, SendsSlack
 {
-    use HasNotificationSettings, HasSafeStringAttribute, Notifiable;
+    use HasFactory, HasNotificationSettings, HasSafeStringAttribute, Notifiable;
 
     protected $guarded = [];
 
diff --git a/app/Models/TeamInvitation.php b/app/Models/TeamInvitation.php
index 0fea1806b..92107c48c 100644
--- a/app/Models/TeamInvitation.php
+++ b/app/Models/TeamInvitation.php
@@ -15,6 +15,14 @@ class TeamInvitation extends Model
         'via',
     ];
 
+    /**
+     * Set the email attribute to lowercase.
+     */
+    public function setEmailAttribute($value)
+    {
+        $this->attributes['email'] = strtolower($value);
+    }
+
     public function team()
     {
         return $this->belongsTo(Team::class);
diff --git a/database/factories/TeamFactory.php b/database/factories/TeamFactory.php
new file mode 100644
index 000000000..0e95842b4
--- /dev/null
+++ b/database/factories/TeamFactory.php
@@ -0,0 +1,40 @@
+<?php
+
+namespace Database\Factories;
+
+use App\Models\Team;
+use Illuminate\Database\Eloquent\Factories\Factory;
+
+/**
+ * @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\Team>
+ */
+class TeamFactory extends Factory
+{
+    protected $model = Team::class;
+
+    /**
+     * Define the model's default state.
+     *
+     * @return array<string, mixed>
+     */
+    public function definition(): array
+    {
+        return [
+            'name' => $this->faker->company() . ' Team',
+            'description' => $this->faker->sentence(),
+            'personal_team' => false,
+            'show_boarding' => false,
+        ];
+    }
+
+    /**
+     * Indicate that the team is a personal team.
+     */
+    public function personal(): static
+    {
+        return $this->state(fn (array $attributes) => [
+            'personal_team' => true,
+            'name' => $this->faker->firstName() . "'s Team",
+        ]);
+    }
+}
diff --git a/tests/Feature/TeamInvitationEmailNormalizationTest.php b/tests/Feature/TeamInvitationEmailNormalizationTest.php
new file mode 100644
index 000000000..c7ad9134b
--- /dev/null
+++ b/tests/Feature/TeamInvitationEmailNormalizationTest.php
@@ -0,0 +1,63 @@
+<?php
+
+namespace Tests\Feature;
+
+use App\Models\Team;
+use App\Models\TeamInvitation;
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class TeamInvitationEmailNormalizationTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_team_invitation_normalizes_email_to_lowercase()
+    {
+        // Create a team
+        $team = Team::factory()->create();
+
+        // Create invitation with mixed case email
+        $invitation = TeamInvitation::create([
+            'team_id' => $team->id,
+            'uuid' => 'test-uuid-123',
+            'email' => 'Test@Example.com', // Mixed case
+            'role' => 'member',
+            'link' => 'https://example.com/invite/test-uuid-123',
+            'via' => 'link'
+        ]);
+
+        // Verify email was normalized to lowercase
+        $this->assertEquals('test@example.com', $invitation->email);
+    }
+
+    public function test_team_invitation_works_with_existing_user_email()
+    {
+        // Create a team
+        $team = Team::factory()->create();
+
+        // Create a user with lowercase email
+        $user = User::factory()->create([
+            'email' => 'test@example.com',
+            'name' => 'Test User'
+        ]);
+
+        // Create invitation with mixed case email
+        $invitation = TeamInvitation::create([
+            'team_id' => $team->id,
+            'uuid' => 'test-uuid-123',
+            'email' => 'Test@Example.com', // Mixed case
+            'role' => 'member',
+            'link' => 'https://example.com/invite/test-uuid-123',
+            'via' => 'link'
+        ]);
+
+        // Verify the invitation email matches the user email (both normalized)
+        $this->assertEquals($user->email, $invitation->email);
+
+        // Verify user lookup works
+        $foundUser = User::whereEmail($invitation->email)->first();
+        $this->assertNotNull($foundUser);
+        $this->assertEquals($user->id, $foundUser->id);
+    }
+}

From 0c9cdbe0eb59dccb7542e98df9869381506dd869 Mon Sep 17 00:00:00 2001
From: Kimmo Salmela <kimmo.salmela@reun.eu>
Date: Wed, 17 Sep 2025 12:40:38 +0300
Subject: [PATCH 027/129] Add red Coolify logo

---
 public/coolify-logo-red.png | Bin 0 -> 1777 bytes
 public/coolify-logo-red.svg |   1 +
 2 files changed, 1 insertion(+)
 create mode 100644 public/coolify-logo-red.png
 create mode 100644 public/coolify-logo-red.svg

diff --git a/public/coolify-logo-red.png b/public/coolify-logo-red.png
new file mode 100644
index 0000000000000000000000000000000000000000..b3f7d2b6c94ee3ef8005f18d2dbe0e3745fb6dfc
GIT binary patch
literal 1777
zcmeAS@N?(olHy`uVBq!ia0y~yU`zmE4mO}jYvN)bAg3YI**Ty%$lXc7)79C`(9+CI
z*GSKhfk9(p>BRHeE`cJ)?Tt^o7wC=*(C5{D;_jQH<Hpl^RO0FNv}ZHT7eDL0UTvJY
zDRf)#lp8;`KG08Cy=JOX(55u+oD0SCmb)2!FFW`1&ilR3OWyB%(7Pn$uGU*N+qs5^
z7cMX|wq8EPKG3syM*p-GS(3uR%7R^e+of&%_Pi>|61D&SennhQv{r>y3w!9{GaUU~
z{p(YB+Ra;MUr8wm{1LI^@Dy&Yc<ZV&Pu<&v_3ABh+zvTESSubTwBO=e_thmUxlf<|
z_<H4<U&ZpzRZTyB`7-55*v2%SLoFPO42~H%v%E-jsA=%4dO1nd_0#VCpVcF$#f0v0
z<eRK2q;m3tVpiCy<EmMUj;Ag=Vfpv}?QrkcuS-{7XIc2>;I{Z%3u>6{K5zTGFaP#@
z_JAV(^p{TmKFNLA-!)G^<6rEG=;q0vo5XH6T`v7_S2ED}m+sV#N>ko>{R_&(r1TeN
z-FtiUyj}Ztfyk-rcQw3~&6xhVlsi5qE&ZYWww9;BDB&#dh%9Dc;5!1sj8nDwq!}1k
z#XVgdLn`LHy>_s-#X*4O;5^}Ho7Tq~|7hG_oc5%dgMC%2OV+hLcmB=Uy^k?t&F{#k
z|KctAKBO`62nZ%LbTBZxut+E<9bgb-Wb5ECaByj0RHB}g%vVN+so81Mf5*|t0t^>l
z1Nzf$(Uy1VQ-5DSvwFY%o|)p*_7sMlkN}*x*lt1D**8W1%{QN_UGSKd9^s3_DKv@8
zQM;&;RZ_09#~AOv^S|y~ksQa`-=5Mh=#^5Qtl<A~c1_WL>&>TY7Ze};zn^Y7BUJuF
l+4VE)@)@M)Ru24Qd~j9b+8@<ptiW=U!PC{xWt~$(696Zx`VasB

literal 0
HcmV?d00001

diff --git a/public/coolify-logo-red.svg b/public/coolify-logo-red.svg
new file mode 100644
index 000000000..4cbfef43f
--- /dev/null
+++ b/public/coolify-logo-red.svg
@@ -0,0 +1 @@
+<svg role="img" viewBox="0 0 352 352" xmlns="http://www.w3.org/2000/svg"><title>Coolify</title><path d="M64 256v32H32v-32zm0 0V96h32v160ZM96 96V64h224V32h32v64Zm224 192h32v64H96v-32h224z" style="fill:#8c0000"/><path d="M64 256H0V64h64Zm0-192V0h256v64Zm0 192h256v64H64Z" style="fill:#ff6d6c"/></svg>
\ No newline at end of file

From 844a67a006c3478f6bc31840476fbcee895169cb Mon Sep 17 00:00:00 2001
From: Yihang Wang <wangyihanger@gmail.com>
Date: Thu, 18 Sep 2025 00:40:09 +0800
Subject: [PATCH 028/129] fix: hide sensitive email change fields in team
 member responses

---
 app/Http/Controllers/Api/TeamController.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/Http/Controllers/Api/TeamController.php b/app/Http/Controllers/Api/TeamController.php
index d4b24d8ab..e12d83542 100644
--- a/app/Http/Controllers/Api/TeamController.php
+++ b/app/Http/Controllers/Api/TeamController.php
@@ -179,6 +179,8 @@ public function members_by_id(Request $request)
         $members = $team->members;
         $members->makeHidden([
             'pivot',
+            'email_change_code',
+            'email_change_code_expires_at',
         ]);
 
         return response()->json(
@@ -264,6 +266,8 @@ public function current_team_members(Request $request)
         $team = auth()->user()->currentTeam();
         $team->members->makeHidden([
             'pivot',
+            'email_change_code',
+            'email_change_code_expires_at',
         ]);
 
         return response()->json(

From 65f24de101b4764505662534ec83ded4bc40d57e Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 16:26:11 +0530
Subject: [PATCH 029/129] Changed Sentinel metrics color from yellow to blue +
 cyan (cpu + memory)

---
 resources/views/layouts/base.blade.php        |  9 ++-
 .../livewire/project/shared/metrics.blade.php | 74 ++++++++++---------
 .../views/livewire/server/charts.blade.php    | 60 +++++++--------
 3 files changed, 75 insertions(+), 68 deletions(-)

diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php
index ebb134324..c074412d3 100644
--- a/resources/views/layouts/base.blade.php
+++ b/resources/views/layouts/base.blade.php
@@ -138,7 +138,8 @@
                 }
             }
             let theme = localStorage.theme
-            let baseColor = '#FCD452'
+            let cpuColor = '#1e90ff'
+            let ramColor = '#00ced1'
             let textColor = '#ffffff'
             let editorBackground = '#181818'
             let editorTheme = 'blackboard'
@@ -149,12 +150,14 @@ function checkTheme() {
                     theme = window.matchMedia('(prefers-color-scheme: dark)').matches ? 'dark' : 'light'
                 }
                 if (theme == 'dark') {
-                    baseColor = '#FCD452'
+                    cpuColor = '#1e90ff'
+                    ramColor = '#00ced1'
                     textColor = '#ffffff'
                     editorBackground = '#181818'
                     editorTheme = 'blackboard'
                 } else {
-                    baseColor = 'black'
+                    cpuColor = '#1e90ff'
+                    ramColor = '#00ced1'
                     textColor = '#000000'
                     editorBackground = '#ffffff'
                     editorTheme = null
diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index cfe83ded6..d6609d9e6 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -34,6 +34,7 @@ class="pt-5">
                     const optionsServerCpu = {
                         stroke: {
                             curve: 'straight',
+                            width: 2,
                         },
                         chart: {
                             height: '150px',
@@ -68,16 +69,16 @@ class="pt-5">
                                 enabled: false,
                             }
                         },
-                        grid: {
-                            show: true,
-                            borderColor: '',
-                        },
-                        colors: [baseColor],
-                        xaxis: {
-                            type: 'datetime',
-                        },
-                        series: [{
-                            name: "CPU %",
+                         grid: {
+                             show: true,
+                             borderColor: '',
+                         },
+                         colors: [cpuColor],
+                         xaxis: {
+                             type: 'datetime',
+                         },
+                         series: [{
+                             name: "CPU %",
                             data: []
                         }],
                         noData: {
@@ -101,11 +102,11 @@ class="pt-5">
                     document.addEventListener('livewire:init', () => {
                         Livewire.on('refreshChartData-{!! $chartId !!}-cpu', (chartData) => {
                             checkTheme();
-                            serverCpuChart.updateOptions({
-                                series: [{
-                                    data: chartData[0].seriesData,
-                                }],
-                                colors: [baseColor],
+                             serverCpuChart.updateOptions({
+                                 series: [{
+                                     data: chartData[0].seriesData,
+                                 }],
+                                 colors: [cpuColor],
                                 xaxis: {
                                     type: 'datetime',
                                     labels: {
@@ -143,6 +144,7 @@ class="pt-5">
                     const optionsServerMemory = {
                         stroke: {
                             curve: 'straight',
+                            width: 2,
                         },
                         chart: {
                             height: '150px',
@@ -177,22 +179,22 @@ class="pt-5">
                                 enabled: false,
                             }
                         },
-                        grid: {
-                            show: true,
-                            borderColor: '',
-                        },
-                        colors: [baseColor],
-                        xaxis: {
-                            type: 'datetime',
-                            labels: {
-                                show: true,
-                                style: {
-                                    colors: textColor,
-                                }
-                            }
-                        },
-                        series: [{
-                            name: "Memory (MB)",
+                         grid: {
+                             show: true,
+                             borderColor: '',
+                         },
+                         colors: [ramColor],
+                         xaxis: {
+                             type: 'datetime',
+                             labels: {
+                                 show: true,
+                                 style: {
+                                     colors: textColor,
+                                 }
+                             }
+                         },
+                         series: [{
+                             name: "Memory (MB)",
                             data: []
                         }],
                         noData: {
@@ -217,11 +219,11 @@ class="pt-5">
                     document.addEventListener('livewire:init', () => {
                         Livewire.on('refreshChartData-{!! $chartId !!}-memory', (chartData) => {
                             checkTheme();
-                            serverMemoryChart.updateOptions({
-                                series: [{
-                                    data: chartData[0].seriesData,
-                                }],
-                                colors: [baseColor],
+                             serverMemoryChart.updateOptions({
+                                 series: [{
+                                     data: chartData[0].seriesData,
+                                 }],
+                                 colors: [ramColor],
                                 xaxis: {
                                     type: 'datetime',
                                     labels: {
diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index b84e0240f..f5a2418fd 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -27,6 +27,7 @@
                         const optionsServerCpu = {
                             stroke: {
                                 curve: 'straight',
+                                width: 2,
                             },
                             chart: {
                                 height: '150px',
@@ -61,16 +62,16 @@
                                     enabled: false,
                                 }
                             },
-                            grid: {
-                                show: true,
-                                borderColor: '',
-                            },
-                            colors: [baseColor],
-                            xaxis: {
-                                type: 'datetime',
-                            },
-                            series: [{
-                                name: 'CPU %',
+                             grid: {
+                                 show: true,
+                                 borderColor: '',
+                             },
+                             colors: [cpuColor],
+                             xaxis: {
+                                 type: 'datetime',
+                             },
+                             series: [{
+                                 name: 'CPU %',
                                 data: []
                             }],
                             noData: {
@@ -95,11 +96,11 @@
                         document.addEventListener('livewire:init', () => {
                             Livewire.on('refreshChartData-{!! $chartId !!}-cpu', (chartData) => {
                                 checkTheme();
-                                serverCpuChart.updateOptions({
-                                    series: [{
-                                        data: chartData[0].seriesData,
-                                    }],
-                                    colors: [baseColor],
+                                 serverCpuChart.updateOptions({
+                                     series: [{
+                                         data: chartData[0].seriesData,
+                                     }],
+                                     colors: [cpuColor],
                                     xaxis: {
                                         type: 'datetime',
                                         labels: {
@@ -138,6 +139,7 @@
                             const optionsServerMemory = {
                                 stroke: {
                                     curve: 'straight',
+                                    width: 2,
                                 },
                                 chart: {
                                     height: '150px',
@@ -172,15 +174,15 @@
                                         enabled: false,
                                     }
                                 },
-                                grid: {
-                                    show: true,
-                                    borderColor: '',
-                                },
-                                colors: [baseColor],
-                                xaxis: {
-                                    type: 'datetime',
-                                    labels: {
-                                        show: true,
+                                 grid: {
+                                     show: true,
+                                     borderColor: '',
+                                 },
+                                 colors: [ramColor],
+                                 xaxis: {
+                                     type: 'datetime',
+                                     labels: {
+                                         show: true,
                                         style: {
                                             colors: textColor,
                                         }
@@ -212,11 +214,11 @@
                             document.addEventListener('livewire:init', () => {
                                 Livewire.on('refreshChartData-{!! $chartId !!}-memory', (chartData) => {
                                     checkTheme();
-                                    serverMemoryChart.updateOptions({
-                                        series: [{
-                                            data: chartData[0].seriesData,
-                                        }],
-                                        colors: [baseColor],
+                                     serverMemoryChart.updateOptions({
+                                         series: [{
+                                             data: chartData[0].seriesData,
+                                         }],
+                                         colors: [ramColor],
                                         xaxis: {
                                             type: 'datetime',
                                             labels: {

From 0ef0247e14ac0f5a808b9a21600070fe0dc3917f Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 22:40:08 +0530
Subject: [PATCH 030/129] Improved metrics graph tooltip to show usage in a
 better way and added timestamp to the tooltip

---
 app/Livewire/Project/Shared/Metrics.php       |  12 +-
 resources/css/utilities.css                   |  17 ++
 .../livewire/project/shared/metrics.blade.php | 277 ++++++++++--------
 .../views/livewire/server/charts.blade.php    |  54 +++-
 4 files changed, 222 insertions(+), 138 deletions(-)

diff --git a/app/Livewire/Project/Shared/Metrics.php b/app/Livewire/Project/Shared/Metrics.php
index fdc35fc0f..9dc944f9d 100644
--- a/app/Livewire/Project/Shared/Metrics.php
+++ b/app/Livewire/Project/Shared/Metrics.php
@@ -8,7 +8,7 @@ class Metrics extends Component
 {
     public $resource;
 
-    public $chartId = 'container-cpu';
+    public $chartId = 'metrics';
 
     public $data;
 
@@ -33,6 +33,16 @@ public function loadData()
         try {
             $cpuMetrics = $this->resource->getCpuMetrics($this->interval);
             $memoryMetrics = $this->resource->getMemoryMetrics($this->interval);
+
+            // Debug logging
+            \Log::info('Metrics loadData called', [
+                'chartId' => $this->chartId,
+                'cpuMetrics' => $cpuMetrics,
+                'memoryMetrics' => $memoryMetrics,
+                'cpuEvent' => "refreshChartData-{$this->chartId}-cpu",
+                'memoryEvent' => "refreshChartData-{$this->chartId}-memory"
+            ]);
+
             $this->dispatch("refreshChartData-{$this->chartId}-cpu", [
                 'seriesData' => $cpuMetrics,
             ]);
diff --git a/resources/css/utilities.css b/resources/css/utilities.css
index d09d7f49c..65869e02f 100644
--- a/resources/css/utilities.css
+++ b/resources/css/utilities.css
@@ -10,6 +10,23 @@ @utility apexcharts-xaxistooltip {
     @apply hidden!;
 }
 
+@utility apexcharts-tooltip-custom {
+    @apply bg-white dark:bg-coolgray-100 border border-neutral-200 dark:border-coolgray-300 rounded-lg shadow-lg p-3 text-sm;
+    min-width: 160px;
+}
+
+@utility apexcharts-tooltip-custom-value {
+    @apply text-neutral-700 dark:text-neutral-300 mb-1;
+}
+
+@utility apexcharts-tooltip-value-bold {
+    @apply font-bold text-black dark:text-white;
+}
+
+@utility apexcharts-tooltip-custom-title {
+    @apply text-xs text-neutral-500 dark:text-neutral-400 font-medium;
+}
+
 @utility input-sticky {
     @apply block py-1.5 w-full text-sm text-black rounded-sm border-0 ring-1 ring-inset dark:bg-coolgray-100 dark:text-white ring-neutral-200 dark:ring-coolgray-300 focus:ring-2 focus:ring-neutral-400 dark:focus:ring-coolgray-300;
 }
diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index d6609d9e6..9b08babb3 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -1,21 +1,20 @@
 <div>
-    <div class="flex items-center gap-2 ">
+    <div class="flex items-center gap-2">
         <h2>Metrics</h2>
     </div>
     <div class="pb-4">Basic metrics for your container.</div>
-    @if ($resource->getMorphClass() === 'App\Models\Application' && $resource->build_pack === 'dockercompose')
-        <div class="alert alert-warning">Metrics are not available for Docker Compose applications yet!</div>
-    @elseif(!$resource->destination->server->isMetricsEnabled())
-        <div class="alert alert-warning">Metrics are only available for servers with Sentinel & Metrics enabled!</div>
-        <div> Go to <a class="underline dark:text-white"
-                href="{{ route('server.show', $resource->destination->server->uuid) }}">Server settings</a> to
-            enable
-            it.</div>
-    @else
-        @if (!str($resource->status)->contains('running'))
-            <div class="alert alert-warning">Metrics are only available when this resource is running!</div>
+    <div>
+        @if ($resource->getMorphClass() === 'App\Models\Application' && $resource->build_pack === 'dockercompose')
+            <div class="alert alert-warning">Metrics are not available for Docker Compose applications yet!</div>
+        @elseif(!$resource->destination->server->isMetricsEnabled())
+            <div class="alert alert-warning">Metrics are only available for servers with Sentinel & Metrics enabled!</div>
+            <div>Go to <a class="underline dark:text-white" href="{{ route('server.show', $resource->destination->server->uuid) }}">Server settings</a> to enable it.</div>
         @else
-            <x-forms.select label="Interval" wire:change="setInterval" id="interval">
+            @if (!str($resource->status)->contains('running'))
+                <div class="alert alert-warning">Metrics are only available when this resource is running!</div>
+            @else
+                <div>
+                <x-forms.select label="Interval" wire:change="setInterval" id="interval">
                 <option value="5">5 minutes (live)</option>
                 <option value="10">10 minutes (live)</option>
                 <option value="30">30 minutes</option>
@@ -77,63 +76,76 @@ class="pt-5">
                          xaxis: {
                              type: 'datetime',
                          },
-                         series: [{
-                             name: "CPU %",
-                            data: []
-                        }],
-                        noData: {
-                            text: 'Loading...',
-                            style: {
-                                color: textColor,
-                            }
-                        },
-                        tooltip: {
-                            enabled: true,
-                            marker: {
-                                show: false,
-                            }
-                        },
-                        legend: {
-                            show: false
-                        }
+                          series: [{
+                              name: "CPU %",
+                             data: []
+                         }],
+                         noData: {
+                             text: 'Loading...',
+                             style: {
+                                 color: textColor,
+                             }
+                         },
+                         tooltip: {
+                             enabled: true,
+                             marker: {
+                                 show: false,
+                             },
+                             custom: function({ series, seriesIndex, dataPointIndex, w }) {
+                                 const value = series[seriesIndex][dataPointIndex];
+                                 const timestamp = w.globals.seriesX[seriesIndex][dataPointIndex];
+                                 const date = new Date(timestamp);
+                                 const timeString = String(date.getUTCHours()).padStart(2, '0') + ':' +
+                                     String(date.getUTCMinutes()).padStart(2, '0') + ':' +
+                                     String(date.getUTCSeconds()).padStart(2, '0') + ', ' +
+                                     date.getUTCFullYear() + '-' +
+                                     String(date.getUTCMonth() + 1).padStart(2, '0') + '-' +
+                                     String(date.getUTCDate()).padStart(2, '0');
+                                 return '<div class="apexcharts-tooltip-custom">' +
+                                     '<div class="apexcharts-tooltip-custom-value">CPU: <span class="apexcharts-tooltip-value-bold">' + value + '%</span></div>' +
+                                     '<div class="apexcharts-tooltip-custom-title">' + timeString + '</div>' +
+                                     '</div>';
+                             }
+                         },
+                         legend: {
+                             show: false
+                         }
                     }
-                    const serverCpuChart = new ApexCharts(document.getElementById(`{!! $chartId !!}-cpu`), optionsServerCpu);
-                    serverCpuChart.render();
-                    document.addEventListener('livewire:init', () => {
-                        Livewire.on('refreshChartData-{!! $chartId !!}-cpu', (chartData) => {
-                            checkTheme();
-                             serverCpuChart.updateOptions({
-                                 series: [{
-                                     data: chartData[0].seriesData,
-                                 }],
-                                 colors: [cpuColor],
-                                xaxis: {
-                                    type: 'datetime',
-                                    labels: {
-                                        show: true,
-                                        style: {
-                                            colors: textColor,
-                                        }
-                                    }
-                                },
-                                yaxis: {
-                                    show: true,
-                                    labels: {
-                                        show: true,
-                                        style: {
-                                            colors: textColor,
-                                        }
-                                    }
-                                },
-                                noData: {
-                                    text: 'Loading...',
-                                    style: {
-                                        color: textColor,
-                                    }
-                                }
-                            });
-                        });
-                    });
+                     const serverCpuChart = new ApexCharts(document.getElementById(`{!! $chartId !!}-cpu`), optionsServerCpu);
+                     serverCpuChart.render();
+                     Livewire.on('refreshChartData-{!! $chartId !!}-cpu', (chartData) => {
+                         checkTheme();
+                          serverCpuChart.updateOptions({
+                              series: [{
+                                  data: chartData[0].seriesData,
+                              }],
+                              colors: [cpuColor],
+                             xaxis: {
+                                 type: 'datetime',
+                                 labels: {
+                                     show: true,
+                                     style: {
+                                         colors: textColor,
+                                     }
+                                 }
+                             },
+                             yaxis: {
+                                 show: true,
+                                 labels: {
+                                     show: true,
+                                     style: {
+                                         colors: textColor,
+                                     }
+                                 }
+                             },
+                             noData: {
+                                 text: 'Loading...',
+                                 style: {
+                                     color: textColor,
+                                 }
+                             }
+                         });
+                     });
                 </script>
 
                 <h3>Memory (MB)</h3>
@@ -195,65 +207,80 @@ class="pt-5">
                          },
                          series: [{
                              name: "Memory (MB)",
-                            data: []
-                        }],
-                        noData: {
-                            text: 'Loading...',
-                            style: {
-                                color: textColor,
-                            }
-                        },
-                        tooltip: {
-                            enabled: true,
-                            marker: {
-                                show: false,
-                            }
-                        },
-                        legend: {
-                            show: false
-                        }
+                             data: []
+                         }],
+                         noData: {
+                             text: 'Loading...',
+                             style: {
+                                 color: textColor,
+                             }
+                         },
+                         tooltip: {
+                             enabled: true,
+                             marker: {
+                                 show: false,
+                             },
+                             custom: function({ series, seriesIndex, dataPointIndex, w }) {
+                                 const value = series[seriesIndex][dataPointIndex];
+                                 const timestamp = w.globals.seriesX[seriesIndex][dataPointIndex];
+                                 const date = new Date(timestamp);
+                                 const timeString = String(date.getUTCHours()).padStart(2, '0') + ':' +
+                                     String(date.getUTCMinutes()).padStart(2, '0') + ':' +
+                                     String(date.getUTCSeconds()).padStart(2, '0') + ', ' +
+                                     date.getUTCFullYear() + '-' +
+                                     String(date.getUTCMonth() + 1).padStart(2, '0') + '-' +
+                                     String(date.getUTCDate()).padStart(2, '0');
+                                 return '<div class="apexcharts-tooltip-custom">' +
+                                     '<div class="apexcharts-tooltip-custom-value">Memory: <span class="apexcharts-tooltip-value-bold">' + value + ' MB</span></div>' +
+                                     '<div class="apexcharts-tooltip-custom-title">' + timeString + '</div>' +
+                                     '</div>';
+                             }
+                         },
+                         legend: {
+                             show: false
+                         }
                     }
-                    const serverMemoryChart = new ApexCharts(document.getElementById(`{!! $chartId !!}-memory`),
-                        optionsServerMemory);
-                    serverMemoryChart.render();
-                    document.addEventListener('livewire:init', () => {
-                        Livewire.on('refreshChartData-{!! $chartId !!}-memory', (chartData) => {
-                            checkTheme();
-                             serverMemoryChart.updateOptions({
-                                 series: [{
-                                     data: chartData[0].seriesData,
-                                 }],
-                                 colors: [ramColor],
-                                xaxis: {
-                                    type: 'datetime',
-                                    labels: {
-                                        show: true,
-                                        style: {
-                                            colors: textColor,
-                                        }
-                                    }
-                                },
-                                yaxis: {
-                                    min: 0,
-                                    show: true,
-                                    labels: {
-                                        show: true,
-                                        style: {
-                                            colors: textColor,
-                                        }
-                                    }
-                                },
-                                noData: {
-                                    text: 'Loading...',
-                                    style: {
-                                        color: textColor,
-                                    }
-                                }
-                            });
-                        });
-                    });
+                     const serverMemoryChart = new ApexCharts(document.getElementById(`{!! $chartId !!}-memory`),
+                         optionsServerMemory);
+                     serverMemoryChart.render();
+                     Livewire.on('refreshChartData-{!! $chartId !!}-memory', (chartData) => {
+                         checkTheme();
+                          serverMemoryChart.updateOptions({
+                              series: [{
+                                  data: chartData[0].seriesData,
+                              }],
+                              colors: [ramColor],
+                             xaxis: {
+                                 type: 'datetime',
+                                 labels: {
+                                     show: true,
+                                     style: {
+                                         colors: textColor,
+                                     }
+                                 }
+                             },
+                             yaxis: {
+                                 min: 0,
+                                 show: true,
+                                 labels: {
+                                     show: true,
+                                     style: {
+                                         colors: textColor,
+                                     }
+                                 }
+                             },
+                             noData: {
+                                 text: 'Loading...',
+                                 style: {
+                                     color: textColor,
+                                 }
+                             }
+                         });
+                     });
                 </script>
             </div>
+            </div>
         @endif
     @endif
+    </div>
 </div>
diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index f5a2418fd..2cb8e2c37 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -80,12 +80,27 @@
                                     color: textColor,
                                 }
                             },
-                            tooltip: {
-                                enabled: true,
-                                marker: {
-                                    show: false,
-                                }
-                            },
+                             tooltip: {
+                                 enabled: true,
+                                 marker: {
+                                     show: false,
+                                 },
+                                 custom: function({ series, seriesIndex, dataPointIndex, w }) {
+                                     const value = series[seriesIndex][dataPointIndex];
+                                     const timestamp = w.globals.seriesX[seriesIndex][dataPointIndex];
+                                     const date = new Date(timestamp);
+                                     const timeString = String(date.getUTCHours()).padStart(2, '0') + ':' +
+                                         String(date.getUTCMinutes()).padStart(2, '0') + ':' +
+                                         String(date.getUTCSeconds()).padStart(2, '0') + ', ' +
+                                         date.getUTCFullYear() + '-' +
+                                         String(date.getUTCMonth() + 1).padStart(2, '0') + '-' +
+                                         String(date.getUTCDate()).padStart(2, '0');
+                                     return '<div class="apexcharts-tooltip-custom">' +
+                                         '<div class="apexcharts-tooltip-custom-value">CPU: <span class="apexcharts-tooltip-value-bold">' + value + '%</span></div>' +
+                                         '<div class="apexcharts-tooltip-custom-title">' + timeString + '</div>' +
+                                         '</div>';
+                                 }
+                             },
                             legend: {
                                 show: false
                             }
@@ -198,12 +213,27 @@
                                         color: textColor,
                                     }
                                 },
-                                tooltip: {
-                                    enabled: true,
-                                    marker: {
-                                        show: false,
-                                    }
-                                },
+                                 tooltip: {
+                                     enabled: true,
+                                     marker: {
+                                         show: false,
+                                     },
+                                     custom: function({ series, seriesIndex, dataPointIndex, w }) {
+                                         const value = series[seriesIndex][dataPointIndex];
+                                         const timestamp = w.globals.seriesX[seriesIndex][dataPointIndex];
+                                         const date = new Date(timestamp);
+                                         const timeString = String(date.getUTCHours()).padStart(2, '0') + ':' +
+                                             String(date.getUTCMinutes()).padStart(2, '0') + ':' +
+                                             String(date.getUTCSeconds()).padStart(2, '0') + ', ' +
+                                             date.getUTCFullYear() + '-' +
+                                             String(date.getUTCMonth() + 1).padStart(2, '0') + '-' +
+                                             String(date.getUTCDate()).padStart(2, '0');
+                                         return '<div class="apexcharts-tooltip-custom">' +
+                                             '<div class="apexcharts-tooltip-custom-value">Memory: <span class="apexcharts-tooltip-value-bold">' + value + '%</span></div>' +
+                                             '<div class="apexcharts-tooltip-custom-title">' + timeString + '</div>' +
+                                             '</div>';
+                                     }
+                                 },
                                 legend: {
                                     show: false
                                 }

From 610ef310341d7bc7384349f80f787b0b9ce3c41e Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 22:51:24 +0530
Subject: [PATCH 031/129] Hidden metrics charts grid borders on darkmode (it
 was too bright on darkmode)

---
 resources/css/utilities.css | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/resources/css/utilities.css b/resources/css/utilities.css
index 65869e02f..694ad61a3 100644
--- a/resources/css/utilities.css
+++ b/resources/css/utilities.css
@@ -6,6 +6,10 @@ @utility apexcharts-tooltip-title {
     @apply hidden!;
 }
 
+@utility apexcharts-grid-borders {
+    @apply dark:hidden!;
+}
+
 @utility apexcharts-xaxistooltip {
     @apply hidden!;
 }

From a0f4566580eb982705f5ceba3efff8faddddce16 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 22:55:25 +0530
Subject: [PATCH 032/129] Fixed Memory title on app metrics being larger than
 CPU title

---
 resources/views/livewire/project/shared/metrics.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index 9b08babb3..84e4595aa 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -148,7 +148,7 @@ class="pt-5">
                      });
                 </script>
 
-                <h3>Memory (MB)</h3>
+                <h4>Memory (MB)</h4>
                 <div wire:ignore id="{!! $chartId !!}-memory"></div>
 
                 <script>

From ac577b076e0ab6017f8645dddfb68fe86b17148d Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 22:57:54 +0530
Subject: [PATCH 033/129] Fixed typo on server metrics description

---
 resources/views/livewire/server/charts.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index 2cb8e2c37..26814f575 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -7,7 +7,7 @@
         <x-server.sidebar :server="$server" activeMenu="metrics" />
         <div class="w-full">
             <h2>Metrics</h2>
-            <div class="pb-4">Basic metrics for your container.</div>
+            <div class="pb-4">Basic metrics for your server.</div>
             @if ($server->isMetricsEnabled())
                 <div @if ($poll) wire:poll.5000ms='pollData' @endif x-init="$wire.loadData()">
                     <x-forms.select label="Interval" wire:change="setInterval" id="interval">

From 20c57cde781ab966b121887891343db0044d2309 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 22:59:31 +0530
Subject: [PATCH 034/129] Enabled animations for metrics graphs

---
 resources/views/livewire/project/shared/metrics.blade.php | 4 ++--
 resources/views/livewire/server/charts.blade.php          | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index 84e4595aa..582235c36 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -52,7 +52,7 @@ class="pt-5">
                                 },
                             },
                             animations: {
-                                enabled: false,
+                                enabled: true,
                             },
                         },
                         fill: {
@@ -175,7 +175,7 @@ class="pt-5">
                                 },
                             },
                             animations: {
-                                enabled: false,
+                                enabled: true,
                             },
                         },
                         fill: {
diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index 26814f575..eaa94f6ea 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -46,7 +46,7 @@
                                     },
                                 },
                                 animations: {
-                                    enabled: false,
+                                    enabled: true,
                                 },
                             },
                             fill: {
@@ -173,7 +173,7 @@
                                         },
                                     },
                                     animations: {
-                                        enabled: false,
+                                        enabled: true,
                                     },
                                 },
                                 fill: {

From ee40fa0bef68ed400a43a75a45287a02f6de5ede Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 23:14:15 +0530
Subject: [PATCH 035/129] Added proper labels for Y axis data on metrics graphs

---
 .../livewire/project/shared/metrics.blade.php | 44 +++++++++++--------
 .../views/livewire/server/charts.blade.php    | 44 +++++++++++--------
 2 files changed, 50 insertions(+), 38 deletions(-)

diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index 582235c36..5b84705f4 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -129,15 +129,18 @@ class="pt-5">
                                      }
                                  }
                              },
-                             yaxis: {
-                                 show: true,
-                                 labels: {
-                                     show: true,
-                                     style: {
-                                         colors: textColor,
-                                     }
-                                 }
-                             },
+                              yaxis: {
+                                  show: true,
+                                  labels: {
+                                      show: true,
+                                      style: {
+                                          colors: textColor,
+                                      },
+                                      formatter: function(value) {
+                                          return Math.round(value) + ' %';
+                                      }
+                                  }
+                              },
                              noData: {
                                  text: 'Loading...',
                                  style: {
@@ -259,16 +262,19 @@ class="pt-5">
                                      }
                                  }
                              },
-                             yaxis: {
-                                 min: 0,
-                                 show: true,
-                                 labels: {
-                                     show: true,
-                                     style: {
-                                         colors: textColor,
-                                     }
-                                 }
-                             },
+                              yaxis: {
+                                  min: 0,
+                                  show: true,
+                                  labels: {
+                                      show: true,
+                                      style: {
+                                          colors: textColor,
+                                      },
+                                      formatter: function(value) {
+                                          return Math.round(value) + ' MB';
+                                      }
+                                  }
+                              },
                              noData: {
                                  text: 'Loading...',
                                  style: {
diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index eaa94f6ea..0b9adbe3b 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -125,15 +125,18 @@
                                             }
                                         }
                                     },
-                                    yaxis: {
-                                        show: true,
-                                        labels: {
-                                            show: true,
-                                            style: {
-                                                colors: textColor,
-                                            }
-                                        }
-                                    },
+                                     yaxis: {
+                                         show: true,
+                                         labels: {
+                                             show: true,
+                                             style: {
+                                                 colors: textColor,
+                                             },
+                                             formatter: function(value) {
+                                                 return Math.round(value) + ' %';
+                                             }
+                                         }
+                                     },
                                     noData: {
                                         text: 'Loading...',
                                         style: {
@@ -258,16 +261,19 @@
                                                 }
                                             }
                                         },
-                                        yaxis: {
-                                            min: 0,
-                                            show: true,
-                                            labels: {
-                                                show: true,
-                                                style: {
-                                                    colors: textColor,
-                                                }
-                                            }
-                                        },
+                                         yaxis: {
+                                             min: 0,
+                                             show: true,
+                                             labels: {
+                                                 show: true,
+                                                 style: {
+                                                     colors: textColor,
+                                                 },
+                                                  formatter: function(value) {
+                                                      return Math.round(value) + ' %';
+                                                  }
+                                             }
+                                         },
                                         noData: {
                                             text: 'Loading...',
                                             style: {

From cb7fbe9a710a12a81f691b99e68e1c3fec740761 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 23:19:24 +0530
Subject: [PATCH 036/129] Renamed metrics titles CPU(%) to CPU usage - same for
 memory

---
 resources/views/livewire/project/shared/metrics.blade.php | 8 ++++----
 resources/views/livewire/server/charts.blade.php          | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php
index 5b84705f4..7c7456b5e 100644
--- a/resources/views/livewire/project/shared/metrics.blade.php
+++ b/resources/views/livewire/project/shared/metrics.blade.php
@@ -2,7 +2,7 @@
     <div class="flex items-center gap-2">
         <h2>Metrics</h2>
     </div>
-    <div class="pb-4">Basic metrics for your container.</div>
+    <div class="pb-4">Basic metrics for your application container.</div>
     <div>
         @if ($resource->getMorphClass() === 'App\Models\Application' && $resource->build_pack === 'dockercompose')
             <div class="alert alert-warning">Metrics are not available for Docker Compose applications yet!</div>
@@ -11,7 +11,7 @@
             <div>Go to <a class="underline dark:text-white" href="{{ route('server.show', $resource->destination->server->uuid) }}">Server settings</a> to enable it.</div>
         @else
             @if (!str($resource->status)->contains('running'))
-                <div class="alert alert-warning">Metrics are only available when this resource is running!</div>
+                <div class="alert alert-warning">Metrics are only available when the application container is running!</div>
             @else
                 <div>
                 <x-forms.select label="Interval" wire:change="setInterval" id="interval">
@@ -25,7 +25,7 @@
             </x-forms.select>
             <div @if ($poll) wire:poll.5000ms='pollData' @endif x-init="$wire.loadData()"
                 class="pt-5">
-                <h4>CPU (%)</h4>
+                <h4>CPU Usage</h4>
                 <div wire:ignore id="{!! $chartId !!}-cpu"></div>
 
                 <script>
@@ -151,7 +151,7 @@ class="pt-5">
                      });
                 </script>
 
-                <h4>Memory (MB)</h4>
+                <h4>Memory Usage</h4>
                 <div wire:ignore id="{!! $chartId !!}-memory"></div>
 
                 <script>
diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php
index 0b9adbe3b..6a64d3d7d 100644
--- a/resources/views/livewire/server/charts.blade.php
+++ b/resources/views/livewire/server/charts.blade.php
@@ -19,7 +19,7 @@
                         <option value="10080">1 week</option>
                         <option value="43200">30 days</option>
                     </x-forms.select>
-                    <h4 class="pt-4">CPU (%)</h4>
+                    <h4 class="pt-4">CPU Usage</h4>
                     <div wire:ignore id="{!! $chartId !!}-cpu"></div>
 
                     <script>
@@ -149,7 +149,7 @@
                     </script>
 
                     <div>
-                        <h4>Memory (%)</h4>
+                        <h4>Memory Usage</h4>
                         <div wire:ignore id="{!! $chartId !!}-memory"></div>
 
                         <script>

From ee9cf076c382fce135ac0e354ae89a81e63da13c Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Fri, 19 Sep 2025 23:28:25 +0530
Subject: [PATCH 037/129] Removed debug logging for metrics

---
 app/Livewire/Project/Shared/Metrics.php | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/app/Livewire/Project/Shared/Metrics.php b/app/Livewire/Project/Shared/Metrics.php
index 9dc944f9d..e5b87b48c 100644
--- a/app/Livewire/Project/Shared/Metrics.php
+++ b/app/Livewire/Project/Shared/Metrics.php
@@ -33,16 +33,6 @@ public function loadData()
         try {
             $cpuMetrics = $this->resource->getCpuMetrics($this->interval);
             $memoryMetrics = $this->resource->getMemoryMetrics($this->interval);
-
-            // Debug logging
-            \Log::info('Metrics loadData called', [
-                'chartId' => $this->chartId,
-                'cpuMetrics' => $cpuMetrics,
-                'memoryMetrics' => $memoryMetrics,
-                'cpuEvent' => "refreshChartData-{$this->chartId}-cpu",
-                'memoryEvent' => "refreshChartData-{$this->chartId}-memory"
-            ]);
-
             $this->dispatch("refreshChartData-{$this->chartId}-cpu", [
                 'seriesData' => $cpuMetrics,
             ]);

From 6f64629adb0e7e5454a1278c41788b24a17a88a9 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Sat, 20 Sep 2025 23:38:29 +0530
Subject: [PATCH 038/129] Fixed deployment logs showing in red text for non
 error lines in light mode

---
 .../livewire/project/application/deployment/show.blade.php      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/livewire/project/application/deployment/show.blade.php b/resources/views/livewire/project/application/deployment/show.blade.php
index 0857818d6..b52a6eaf1 100644
--- a/resources/views/livewire/project/application/deployment/show.blade.php
+++ b/resources/views/livewire/project/application/deployment/show.blade.php
@@ -113,7 +113,7 @@ class="flex flex-col-reverse w-full p-2 px-4 mt-4 overflow-y-auto bg-white dark:
                         ])>
                             <span x-show="showTimestamps" class="shrink-0 text-gray-500">{{ $line['timestamp'] }}</span>
                             <span @class([
-                                'text-coollabs dark:text-warning' => $line['hidden'],
+                                'text-success dark:text-warning' => $line['hidden'],
                                 'text-red-500' => $line['stderr'],
                                 'font-bold' => isset($line['command']) && $line['command'],
                                 'whitespace-pre-wrap',

From 1786e6c6bd05b84dd1589038ae80bfd36fbcac64 Mon Sep 17 00:00:00 2001
From: Cinzya <cynti-ebert@web.de>
Date: Sun, 21 Sep 2025 09:48:02 +0200
Subject: [PATCH 039/129] feat(comments): add automated comments for labeled
 pull requests to guide documentation updates

---
 .github/workflows/chore-pr-comments.yml | 43 +++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 .github/workflows/chore-pr-comments.yml

diff --git a/.github/workflows/chore-pr-comments.yml b/.github/workflows/chore-pr-comments.yml
new file mode 100644
index 000000000..472356b30
--- /dev/null
+++ b/.github/workflows/chore-pr-comments.yml
@@ -0,0 +1,43 @@
+name: Add comment based on label
+on:
+  pull_request:
+    types:
+      - labeled
+jobs:
+  add-comment:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    strategy:
+      matrix:
+        include:
+          - label: "⚙️ Service"
+            body: |
+              It appears to us that you are either adding a new service or making changes to an existing one.
+              We kindly ask you to also review and update the **Coolify Documentation** to include this new service or it's new configuration needs.
+              This will help ensure that our documentation remains accurate and up-to-date for all users.
+
+              Coolify Docs Repository: https://github.com/coollabsio/coolify-docs
+              How to Contribute a new Service to the Docs: https://coolify.io/docs/get-started/contribute/service#adding-a-new-service-template-to-the-coolify-documentation
+          - label: "🛠️ Feature"
+            body: |
+              It appears to us that you are adding a new feature to Coolify.
+              We kindly ask you to also update the **Coolify Documentation** to include information about this new feature.
+              This will help ensure that our documentation remains accurate and up-to-date for all users.
+
+              Coolify Docs Repository: https://github.com/coollabsio/coolify-docs
+              How to Contribute to the Docs: https://coolify.io/docs/get-started/contribute/documentation
+          # - label: "✨ Enhancement"
+          #  body: |
+          #    It appears to us that you are making an enhancement to Coolify.
+          #    We kindly ask you to also review and update the Coolify Documentation to include information about this enhancement if applicable.
+          #    This will help ensure that our documentation remains accurate and up-to-date for all users.
+    steps:
+      - name: Add comment
+        if: github.event.label.name == matrix.label
+        run: gh pr comment "$NUMBER" --body "$BODY"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: ${{ github.repository }}
+          NUMBER: ${{ github.event.pull_request.number }}
+          BODY: ${{ matrix.body }}

From eab9f9187968aaeb862568f7d9e9db030ae93581 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Sun, 21 Sep 2025 20:20:32 +0530
Subject: [PATCH 040/129] Fixed incorrect proxy config file path on ui

---
 app/Livewire/Server/Proxy.php                   | 2 +-
 resources/views/livewire/server/proxy.blade.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Livewire/Server/Proxy.php b/app/Livewire/Server/Proxy.php
index 6ccca644a..5ef559862 100644
--- a/app/Livewire/Server/Proxy.php
+++ b/app/Livewire/Server/Proxy.php
@@ -45,7 +45,7 @@ public function mount()
 
     public function getConfigurationFilePathProperty()
     {
-        return $this->server->proxyPath().'/docker-compose.yml';
+        return $this->server->proxyPath().'docker-compose.yml';
     }
 
     public function changeProxy()
diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index db2fd2827..256f43e76 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -56,7 +56,7 @@
                             <div class="flex flex-col gap-2 pt-4">
                                 <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
                                     monacoEditorLanguage="yaml"
-                                    label="Configuration file ({{ $this->configurationFilePath }})" name="proxySettings"
+                                    label="Configuration file ( {{ $this->configurationFilePath }} )" name="proxySettings"
                                     id="proxySettings" rows="30" />
                                 @can('update', $server)
                                     <x-modal-confirmation title="Reset Proxy Configuration?"

From 8c005435b5425fcc82dd92f029e0d6999703e941 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Sun, 21 Sep 2025 23:59:46 +0530
Subject: [PATCH 041/129] Added confirmation modal for switching proxies

---
 .../components/modal-confirmation.blade.php   |  3 +-
 .../views/livewire/server/proxy.blade.php     | 34 +++++++++----------
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/resources/views/components/modal-confirmation.blade.php b/resources/views/components/modal-confirmation.blade.php
index 0d185782f..1c82614a6 100644
--- a/resources/views/components/modal-confirmation.blade.php
+++ b/resources/views/components/modal-confirmation.blade.php
@@ -11,6 +11,7 @@
     'content' => null,
     'checkboxes' => [],
     'actions' => [],
+    'warningMessage' => null,
     'confirmWithText' => true,
     'confirmationText' => 'Confirm Deletion',
     'confirmationLabel' => 'Please confirm the execution of the actions by entering the Name below',
@@ -228,7 +229,7 @@ class="w-24 dark:bg-coolgray-200 dark:hover:bg-coolgray-300">
                     <div x-show="step === 2">
                         <div class="p-4 mb-4 text-white border-l-4 border-red-500 bg-error" role="alert">
                             <p class="font-bold">Warning</p>
-                            <p>This operation is permanent and cannot be undone. Please think again before proceeding!
+                            <p>{!! $warningMessage ?: 'This operation is permanent and cannot be undone. Please think again before proceeding!' !!}
                             </p>
                         </div>
                         <div class="mb-4">The following actions will be performed:</div>
diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index db2fd2827..9100fc2a0 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -4,24 +4,22 @@
         <div x-init="$wire.loadProxyConfiguration">
             @if ($selectedProxy !== 'NONE')
                 <form wire:submit='submit'>
-                    <div class="flex items-center gap-2">
-                        <h2>Configuration</h2>
-                        @if ($server->proxy->status === 'exited' || $server->proxy->status === 'removing')
-                            <x-forms.button canGate="update" :canResource="$server" wire:click.prevent="changeProxy">Switch
-                                Proxy</x-forms.button>
-                        @else
-                            <x-forms.button canGate="update" :canResource="$server" disabled
-                                wire:click.prevent="changeProxy">Switch Proxy</x-forms.button>
-                        @endif
-                        <x-forms.button canGate="update" :canResource="$server" type="submit">Save</x-forms.button>
-                    </div>
-                    <div class="pb-4 "> <svg class="inline-flex w-6 h-6 mr-2 dark:text-warning" viewBox="0 0 256 256"
-                            xmlns="http://www.w3.org/2000/svg">
-                            <path fill="currentColor"
-                                d="M240.26 186.1L152.81 34.23a28.74 28.74 0 0 0-49.62 0L15.74 186.1a27.45 27.45 0 0 0 0 27.71A28.31 28.31 0 0 0 40.55 228h174.9a28.31 28.31 0 0 0 24.79-14.19a27.45 27.45 0 0 0 .02-27.71m-20.8 15.7a4.46 4.46 0 0 1-4 2.2H40.55a4.46 4.46 0 0 1-4-2.2a3.56 3.56 0 0 1 0-3.73L124 46.2a4.77 4.77 0 0 1 8 0l87.44 151.87a3.56 3.56 0 0 1 .02 3.73M116 136v-32a12 12 0 0 1 24 0v32a12 12 0 0 1-24 0m28 40a16 16 0 1 1-16-16a16 16 0 0 1 16 16" />
-                        </svg>Before switching proxies, please read <a class="underline dark:text-white"
-                            href="https://coolify.io/docs/knowledge-base/server/proxies#switch-between-proxies">this</a>.
-                    </div>
+                     <div class="flex items-center gap-2">
+                         <h2>Configuration</h2>
+                         @if ($server->proxy->status === 'exited' || $server->proxy->status === 'removing')
+                             @can('update', $server)
+                                 <x-modal-confirmation title="Confirm Proxy Switching?" buttonTitle="Switch Proxy"
+                                     submitAction="changeProxy" :actions="[
+                                         'Custom proxy configurations may be reset to their default settings.'
+                                     ]" warningMessage="This operation may cause issues. Please refer to the guide <a href='https://coolify.io/docs/knowledge-base/server/proxies#switch-between-proxies' target='_blank' class='underline text-white'>switching between proxies</a> before proceeding!" step2ButtonText="Switch Proxy" :confirmWithText="false" :confirmWithPassword="false">
+                                 </x-modal-confirmation>
+                             @endcan
+                         @else
+                             <x-forms.button canGate="update" :canResource="$server"
+                                 wire:click="$dispatch('error', 'Currently running proxy must be stopped before switching proxy')">Switch Proxy</x-forms.button>
+                         @endif
+                         <x-forms.button canGate="update" :canResource="$server" type="submit">Save</x-forms.button>
+                     </div>
                     <h3>Advanced</h3>
                     <div class="pb-4 w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server"

From 9da54bc94f112c228307eef6b7da26fbfd8ee731 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 00:05:26 +0530
Subject: [PATCH 042/129] Added description text on Proxy configuration title

---
 resources/views/livewire/server/proxy.blade.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index 9100fc2a0..e61acbec4 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -20,7 +20,8 @@
                          @endif
                          <x-forms.button canGate="update" :canResource="$server" type="submit">Save</x-forms.button>
                      </div>
-                    <h3>Advanced</h3>
+                     <div class="subtitle">Configure your proxy settings and advanced options.</div>
+                     <h3>Advanced</h3>
                     <div class="pb-4 w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server"
                             helper="If set, all resources will only have docker container labels for {{ str($server->proxyType())->title() }}.<br>For applications, labels needs to be regenerated manually. <br>Resources needs to be restarted."

From 11878bcf5db02ac7db4b8d4e090a20034598be6c Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 00:09:49 +0530
Subject: [PATCH 043/129] Added (Coolify Proxy) to the proxy name on
 Configuration page

New users can easily understand Traefik or Caddy is being used as the Coolify proxy
---
 resources/views/livewire/server/proxy.blade.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index e61acbec4..652322d32 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -36,9 +36,9 @@
                         @endif
                     </div>
                     @if ($server->proxyType() === ProxyTypes::TRAEFIK->value)
-                        <h3>Traefik</h3>
+                        <h3>Traefik (Coolify Proxy)</h3>
                     @elseif ($server->proxyType() === 'CADDY')
-                        <h3>Caddy</h3>
+                        <h3>Caddy (Coolify Proxy)</h3>
                     @endif
                     @if (
                         $server->proxy->last_applied_settings &&

From 24fdac624d57ba7c8d1cab2d8e40e3855a60040b Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 00:15:02 +0530
Subject: [PATCH 044/129] Improved spacing between titles on proxy
 configuration page

---
 resources/views/livewire/server/proxy.blade.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index 652322d32..4c330725d 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -22,7 +22,7 @@
                      </div>
                      <div class="subtitle">Configure your proxy settings and advanced options.</div>
                      <h3>Advanced</h3>
-                    <div class="pb-4 w-96">
+                    <div class="pb-6 w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server"
                             helper="If set, all resources will only have docker container labels for {{ str($server->proxyType())->title() }}.<br>For applications, labels needs to be regenerated manually. <br>Resources needs to be restarted."
                             id="server.settings.generate_exact_labels"
@@ -52,7 +52,7 @@
                     </div>
                     <div wire:loading.remove wire:target="loadProxyConfiguration">
                         @if ($proxySettings)
-                            <div class="flex flex-col gap-2 pt-4">
+                            <div class="flex flex-col gap-2 pt-2">
                                 <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
                                     monacoEditorLanguage="yaml"
                                     label="Configuration file ({{ $this->configurationFilePath }})" name="proxySettings"

From 4ea4846124632f6bdbbfaa51c248f7337f3f5336 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 00:26:08 +0530
Subject: [PATCH 045/129] Moved Proxy config reset button from bottom of the
 editor to next to the proxy name

---
 .../views/livewire/server/proxy.blade.php     | 58 ++++++++++---------
 1 file changed, 32 insertions(+), 26 deletions(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index 4c330725d..aa6b9b7cd 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -8,7 +8,8 @@
                          <h2>Configuration</h2>
                          @if ($server->proxy->status === 'exited' || $server->proxy->status === 'removing')
                              @can('update', $server)
-                                 <x-modal-confirmation title="Confirm Proxy Switching?" buttonTitle="Switch Proxy"
+                                 <x-modal-confirmation title="Confirm Proxy Switching?" 
+                                     buttonTitle="Switch Proxy"
                                      submitAction="changeProxy" :actions="[
                                          'Custom proxy configurations may be reset to their default settings.'
                                      ]" warningMessage="This operation may cause issues. Please refer to the guide <a href='https://coolify.io/docs/knowledge-base/server/proxies#switch-between-proxies' target='_blank' class='underline text-white'>switching between proxies</a> before proceeding!" step2ButtonText="Switch Proxy" :confirmWithText="false" :confirmWithPassword="false">
@@ -35,11 +36,30 @@
                                 id="redirectUrl" label="Redirect to (optional)" />
                         @endif
                     </div>
-                    @if ($server->proxyType() === ProxyTypes::TRAEFIK->value)
-                        <h3>Traefik (Coolify Proxy)</h3>
-                    @elseif ($server->proxyType() === 'CADDY')
-                        <h3>Caddy (Coolify Proxy)</h3>
-                    @endif
+                     @php
+                         $proxyTitle = $server->proxyType() === ProxyTypes::TRAEFIK->value ? 'Traefik (Coolify Proxy)' : 'Caddy (Coolify Proxy)';
+                     @endphp
+                     @if ($server->proxyType() === ProxyTypes::TRAEFIK->value || $server->proxyType() === 'CADDY')
+                         <div class="flex items-center gap-2">
+                             <h3>{{ $proxyTitle }}</h3>
+                             @if($proxySettings)
+                                 @can('update', $server)
+                                     <x-modal-confirmation title="Reset Proxy Configuration?"
+                                         buttonTitle="Reset Configuration"
+                                         submitAction="resetProxyConfiguration" :actions="[
+                                             'Reset proxy configuration to default settings',
+                                             'All custom configurations will be lost',
+                                             'Custom ports and entrypoints will be removed',
+                                         ]"
+                                         confirmationText="{{ $server->name }}"
+                                         confirmationLabel="Please confirm by entering the server name below"
+                                         shortConfirmationLabel="Server Name" step2ButtonText="Reset Configuration"
+                                         :confirmWithPassword="false" :confirmWithText="true">
+                                     </x-modal-confirmation>
+                                 @endcan
+                             @endif
+                         </div>
+                     @endif
                     @if (
                         $server->proxy->last_applied_settings &&
                             $server->proxy->last_saved_settings !== $server->proxy->last_applied_settings)
@@ -52,26 +72,12 @@
                     </div>
                     <div wire:loading.remove wire:target="loadProxyConfiguration">
                         @if ($proxySettings)
-                            <div class="flex flex-col gap-2 pt-2">
-                                <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
-                                    monacoEditorLanguage="yaml"
-                                    label="Configuration file ({{ $this->configurationFilePath }})" name="proxySettings"
-                                    id="proxySettings" rows="30" />
-                                @can('update', $server)
-                                    <x-modal-confirmation title="Reset Proxy Configuration?"
-                                        buttonTitle="Reset configuration to default" isErrorButton
-                                        submitAction="resetProxyConfiguration" :actions="[
-                                            'Reset proxy configuration to default settings',
-                                            'All custom configurations will be lost',
-                                            'Custom ports and entrypoints will be removed',
-                                        ]"
-                                        confirmationText="{{ $server->name }}"
-                                        confirmationLabel="Please confirm by entering the server name below"
-                                        shortConfirmationLabel="Server Name" step2ButtonText="Reset Configuration"
-                                        :confirmWithPassword="false" :confirmWithText="true">
-                                    </x-modal-confirmation>
-                                @endcan
-                            </div>
+                             <div class="flex flex-col gap-2 pt-2">
+                                  <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
+                                      monacoEditorLanguage="yaml"
+                                      label="Configuration file ({{ $this->configurationFilePath }})" name="proxySettings"
+                                      id="proxySettings" rows="30" />
+                             </div>
                         @endif
                     </div>
                 </form>

From 3cc2426b9aec54de2eced7bf74e6576b6149a7e3 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 09:26:55 +0200
Subject: [PATCH 046/129] style(environment-variable): adjust SVG icon margin
 for improved layout in locked state

---
 .../livewire/project/shared/environment-variable/show.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/livewire/project/shared/environment-variable/show.blade.php b/resources/views/livewire/project/shared/environment-variable/show.blade.php
index a04b477d5..80cd19121 100644
--- a/resources/views/livewire/project/shared/environment-variable/show.blade.php
+++ b/resources/views/livewire/project/shared/environment-variable/show.blade.php
@@ -7,7 +7,7 @@
         @if ($isLocked)
             <div class="flex flex-1 w-full gap-2">
                 <x-forms.input disabled id="key" />
-                <svg class="icon" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
+                <svg class="icon  my-1" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
                     <g fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2">
                         <path d="M5 13a2 2 0 0 1 2-2h10a2 2 0 0 1 2 2v6a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2v-6z" />
                         <path d="M11 16a1 1 0 1 0 2 0a1 1 0 0 0-2 0m-3-5V7a4 4 0 1 1 8 0v4" />

From 4f71d14d392754c0940ce33b49bf180867564248 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 09:44:30 +0200
Subject: [PATCH 047/129] feat(event): introduce
 ApplicationConfigurationChanged event to handle team-specific configuration
 updates and broadcast changes feat(envs): Generate hash from secrets to
 invalidate docker layers

---
 .../ApplicationConfigurationChanged.php       | 35 ++++++++++
 app/Jobs/ApplicationDeploymentJob.php         | 64 +++++++++++++++++--
 .../Project/Shared/ConfigurationChecker.php   | 10 ++-
 3 files changed, 104 insertions(+), 5 deletions(-)
 create mode 100644 app/Events/ApplicationConfigurationChanged.php

diff --git a/app/Events/ApplicationConfigurationChanged.php b/app/Events/ApplicationConfigurationChanged.php
new file mode 100644
index 000000000..3dd532b19
--- /dev/null
+++ b/app/Events/ApplicationConfigurationChanged.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Events;
+
+use Illuminate\Broadcasting\InteractsWithSockets;
+use Illuminate\Broadcasting\PrivateChannel;
+use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class ApplicationConfigurationChanged implements ShouldBroadcast
+{
+    use Dispatchable, InteractsWithSockets, SerializesModels;
+
+    public ?int $teamId = null;
+
+    public function __construct($teamId = null)
+    {
+        if (is_null($teamId) && auth()->check() && auth()->user()->currentTeam()) {
+            $teamId = auth()->user()->currentTeam()->id;
+        }
+        $this->teamId = $teamId;
+    }
+
+    public function broadcastOn(): array
+    {
+        if (is_null($this->teamId)) {
+            return [];
+        }
+
+        return [
+            new PrivateChannel("team.{$this->teamId}"),
+        ];
+    }
+}
diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php
index c880057e5..7fa12757e 100644
--- a/app/Jobs/ApplicationDeploymentJob.php
+++ b/app/Jobs/ApplicationDeploymentJob.php
@@ -5,6 +5,7 @@
 use App\Actions\Docker\GetContainersStatus;
 use App\Enums\ApplicationDeploymentStatus;
 use App\Enums\ProcessStatus;
+use App\Events\ApplicationConfigurationChanged;
 use App\Events\ServiceStatusChanged;
 use App\Models\Application;
 use App\Models\ApplicationDeploymentQueue;
@@ -147,6 +148,8 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
 
     private Collection $saved_outputs;
 
+    private ?string $secrets_hash_key = null;
+
     private ?string $full_healthcheck_url = null;
 
     private string $serverUser = 'root';
@@ -2712,22 +2715,28 @@ private function generate_build_env_variables()
         if ($this->application->build_pack === 'nixpacks') {
             $variables = collect($this->nixpacks_plan_json->get('variables'));
         } else {
-            // Generate environment variables for build process (filters by is_buildtime = true)
             $this->generate_env_variables();
             $variables = collect([])->merge($this->env_args);
         }
 
-        // Check if build secrets are enabled and BuildKit is supported
         if ($this->dockerBuildkitSupported && $this->application->settings->use_build_secrets) {
             $this->generate_build_secrets($variables);
             $this->build_args = '';
         } else {
-            // Fall back to traditional build args
+            $secrets_hash = '';
+            if ($variables->isNotEmpty()) {
+                $secrets_hash = $this->generate_secrets_hash($variables);
+            }
+
             $this->build_args = $variables->map(function ($value, $key) {
                 $value = escapeshellarg($value);
 
                 return "--build-arg {$key}={$value}";
             });
+
+            if ($secrets_hash) {
+                $this->build_args->push("--build-arg COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}");
+            }
         }
     }
 
@@ -2746,13 +2755,18 @@ private function generate_docker_env_flags_for_secrets()
             return '';
         }
 
-        return $variables
+        $secrets_hash = $this->generate_secrets_hash($variables);
+        $env_flags = $variables
             ->map(function ($env) {
                 $escaped_value = escapeshellarg($env->real_value);
 
                 return "-e {$env->key}={$escaped_value}";
             })
             ->implode(' ');
+
+        $env_flags .= " -e COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}";
+
+        return $env_flags;
     }
 
     private function generate_build_secrets(Collection $variables)
@@ -2768,6 +2782,36 @@ private function generate_build_secrets(Collection $variables)
                 return "--secret id={$key},env={$key}";
             })
             ->implode(' ');
+
+        $this->build_secrets .= ' --secret id=COOLIFY_BUILD_SECRETS_HASH,env=COOLIFY_BUILD_SECRETS_HASH';
+    }
+
+    private function generate_secrets_hash($variables)
+    {
+        if (! $this->secrets_hash_key) {
+            $this->secrets_hash_key = bin2hex(random_bytes(32));
+        }
+
+        if ($variables instanceof Collection) {
+            $secrets_string = $variables
+                ->mapWithKeys(function ($value, $key) {
+                    return [$key => $value];
+                })
+                ->sortKeys()
+                ->map(function ($value, $key) {
+                    return "{$key}={$value}";
+                })
+                ->implode('|');
+        } else {
+            $secrets_string = $variables
+                ->map(function ($env) {
+                    return "{$env->key}={$env->real_value}";
+                })
+                ->sort()
+                ->implode('|');
+        }
+
+        return hash_hmac('sha256', $secrets_string, $this->secrets_hash_key);
     }
 
     private function add_build_env_variables_to_dockerfile()
@@ -2809,6 +2853,12 @@ private function add_build_env_variables_to_dockerfile()
                     }
                 }
             }
+
+            if ($envs->isNotEmpty()) {
+                $secrets_hash = $this->generate_secrets_hash($envs);
+                $dockerfile->splice(1, 0, ["ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"]);
+            }
+
             $dockerfile_base64 = base64_encode($dockerfile->implode("\n"));
             $this->execute_remote_command([
                 executeInDocker($this->deployment_uuid, "echo '{$dockerfile_base64}' | base64 -d | tee {$this->workdir}{$this->dockerfile_location} > /dev/null"),
@@ -2850,6 +2900,9 @@ private function modify_dockerfile_for_secrets($dockerfile_path)
         // Generate mount strings for all secrets
         $mountStrings = $variables->map(fn ($env) => "--mount=type=secret,id={$env->key},env={$env->key}")->implode(' ');
 
+        // Add mount for the secrets hash to ensure cache invalidation
+        $mountStrings .= ' --mount=type=secret,id=COOLIFY_BUILD_SECRETS_HASH,env=COOLIFY_BUILD_SECRETS_HASH';
+
         $modified = false;
         $dockerfile = $dockerfile->map(function ($line) use ($mountStrings, &$modified) {
             $trimmed = ltrim($line);
@@ -3186,6 +3239,9 @@ private function next(string $status)
         queue_next_deployment($this->application);
 
         if ($status === ApplicationDeploymentStatus::FINISHED->value) {
+            ray($this->application->team()->id);
+            event(new ApplicationConfigurationChanged($this->application->team()->id));
+
             if (! $this->only_this_server) {
                 $this->deploy_to_additional_destinations();
             }
diff --git a/app/Livewire/Project/Shared/ConfigurationChecker.php b/app/Livewire/Project/Shared/ConfigurationChecker.php
index ab9f3785d..ce9ce7780 100644
--- a/app/Livewire/Project/Shared/ConfigurationChecker.php
+++ b/app/Livewire/Project/Shared/ConfigurationChecker.php
@@ -20,7 +20,15 @@ class ConfigurationChecker extends Component
 
     public Application|Service|StandaloneRedis|StandalonePostgresql|StandaloneMongodb|StandaloneMysql|StandaloneMariadb|StandaloneKeydb|StandaloneDragonfly|StandaloneClickhouse $resource;
 
-    protected $listeners = ['configurationChanged'];
+    public function getListeners()
+    {
+        $teamId = auth()->user()->currentTeam()->id;
+
+        return [
+            "echo-private:team.{$teamId},ApplicationConfigurationChanged" => 'configurationChanged',
+            'configurationChanged' => 'configurationChanged',
+        ];
+    }
 
     public function mount()
     {

From 79174f51c3987bce46d211ae9d05fa6283e9de45 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 09:44:36 +0200
Subject: [PATCH 048/129] docs(claude): update testing guidelines and add note
 on Application::team relationship

---
 CLAUDE.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index 83b51d4a8..22e762182 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -651,4 +651,8 @@ ## Test Enforcement
 
 - Every change must be programmatically tested. Write a new test or update an existing test, then run the affected tests to make sure they pass.
 - Run the minimum number of tests needed to ensure code quality and speed. Use `php artisan test` with a specific filename or filter.
-</laravel-boost-guidelines>
\ No newline at end of file
+</laravel-boost-guidelines>
+
+
+Random other things you should remember:
+- App\Models\Application::team must return a relationship instance., always use team()
\ No newline at end of file

From e2c5caf78c8d57acb2a58513f3a207ea4245eadd Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 09:54:29 +0200
Subject: [PATCH 049/129] refactor(proxy): streamline proxy configuration form
 layout and improve button placements

---
 .../views/livewire/server/proxy.blade.php     | 112 ++++++++----------
 1 file changed, 47 insertions(+), 65 deletions(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index a20bdb02e..f3682f1c6 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -4,25 +4,25 @@
         <div x-init="$wire.loadProxyConfiguration">
             @if ($selectedProxy !== 'NONE')
                 <form wire:submit='submit'>
-                     <div class="flex items-center gap-2">
-                         <h2>Configuration</h2>
-                         @if ($server->proxy->status === 'exited' || $server->proxy->status === 'removing')
-                             @can('update', $server)
-                                 <x-modal-confirmation title="Confirm Proxy Switching?" 
-                                     buttonTitle="Switch Proxy"
-                                     submitAction="changeProxy" :actions="[
-                                         'Custom proxy configurations may be reset to their default settings.'
-                                     ]" warningMessage="This operation may cause issues. Please refer to the guide <a href='https://coolify.io/docs/knowledge-base/server/proxies#switch-between-proxies' target='_blank' class='underline text-white'>switching between proxies</a> before proceeding!" step2ButtonText="Switch Proxy" :confirmWithText="false" :confirmWithPassword="false">
-                                 </x-modal-confirmation>
-                             @endcan
-                         @else
-                             <x-forms.button canGate="update" :canResource="$server"
-                                 wire:click="$dispatch('error', 'Currently running proxy must be stopped before switching proxy')">Switch Proxy</x-forms.button>
-                         @endif
-                         <x-forms.button canGate="update" :canResource="$server" type="submit">Save</x-forms.button>
-                     </div>
-                     <div class="subtitle">Configure your proxy settings and advanced options.</div>
-                     <h3>Advanced</h3>
+                    <div class="flex items-center gap-2">
+                        <h2>Configuration</h2>
+                        @if ($server->proxy->status === 'exited' || $server->proxy->status === 'removing')
+                            @can('update', $server)
+                                <x-modal-confirmation title="Confirm Proxy Switching?" buttonTitle="Switch Proxy"
+                                    submitAction="changeProxy" :actions="['Custom proxy configurations may be reset to their default settings.']"
+                                    warningMessage="This operation may cause issues. Please refer to the guide <a href='https://coolify.io/docs/knowledge-base/server/proxies#switch-between-proxies' target='_blank' class='underline text-white'>switching between proxies</a> before proceeding!"
+                                    step2ButtonText="Switch Proxy" :confirmWithText="false" :confirmWithPassword="false">
+                                </x-modal-confirmation>
+                            @endcan
+                        @else
+                            <x-forms.button canGate="update" :canResource="$server"
+                                wire:click="$dispatch('error', 'Currently running proxy must be stopped before switching proxy')">Switch
+                                Proxy</x-forms.button>
+                        @endif
+                        <x-forms.button canGate="update" :canResource="$server" type="submit">Save</x-forms.button>
+                    </div>
+                    <div class="subtitle">Configure your proxy settings and advanced options.</div>
+                    <h3>Advanced</h3>
                     <div class="pb-6 w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server"
                             helper="If set, all resources will only have docker container labels for {{ str($server->proxyType())->title() }}.<br>For applications, labels needs to be regenerated manually. <br>Resources needs to be restarted."
@@ -36,30 +36,32 @@
                                 id="redirectUrl" label="Redirect to (optional)" />
                         @endif
                     </div>
-                     @php
-                         $proxyTitle = $server->proxyType() === ProxyTypes::TRAEFIK->value ? 'Traefik (Coolify Proxy)' : 'Caddy (Coolify Proxy)';
-                     @endphp
-                     @if ($server->proxyType() === ProxyTypes::TRAEFIK->value || $server->proxyType() === 'CADDY')
-                         <div class="flex items-center gap-2">
-                             <h3>{{ $proxyTitle }}</h3>
-                             @if($proxySettings)
-                                 @can('update', $server)
-                                     <x-modal-confirmation title="Reset Proxy Configuration?"
-                                         buttonTitle="Reset Configuration"
-                                         submitAction="resetProxyConfiguration" :actions="[
-                                             'Reset proxy configuration to default settings',
-                                             'All custom configurations will be lost',
-                                             'Custom ports and entrypoints will be removed',
-                                         ]"
-                                         confirmationText="{{ $server->name }}"
-                                         confirmationLabel="Please confirm by entering the server name below"
-                                         shortConfirmationLabel="Server Name" step2ButtonText="Reset Configuration"
-                                         :confirmWithPassword="false" :confirmWithText="true">
-                                     </x-modal-confirmation>
-                                 @endcan
-                             @endif
-                         </div>
-                     @endif
+                    @php
+                        $proxyTitle =
+                            $server->proxyType() === ProxyTypes::TRAEFIK->value
+                                ? 'Traefik (Coolify Proxy)'
+                                : 'Caddy (Coolify Proxy)';
+                    @endphp
+                    @if ($server->proxyType() === ProxyTypes::TRAEFIK->value || $server->proxyType() === 'CADDY')
+                        <div class="flex items-center gap-2">
+                            <h3>{{ $proxyTitle }}</h3>
+                            @if ($proxySettings)
+                                @can('update', $server)
+                                    <x-modal-confirmation title="Reset Proxy Configuration?"
+                                        buttonTitle="Reset Configuration" submitAction="resetProxyConfiguration"
+                                        :actions="[
+                                            'Reset proxy configuration to default settings',
+                                            'All custom configurations will be lost',
+                                            'Custom ports and entrypoints will be removed',
+                                        ]" confirmationText="{{ $server->name }}"
+                                        confirmationLabel="Please confirm by entering the server name below"
+                                        shortConfirmationLabel="Server Name" step2ButtonText="Reset Configuration"
+                                        :confirmWithPassword="false" :confirmWithText="true">
+                                    </x-modal-confirmation>
+                                @endcan
+                            @endif
+                        </div>
+                    @endif
                     @if (
                         $server->proxy->last_applied_settings &&
                             $server->proxy->last_saved_settings !== $server->proxy->last_applied_settings)
@@ -75,29 +77,9 @@
                             <div class="flex flex-col gap-2 pt-4">
                                 <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
                                     monacoEditorLanguage="yaml"
-                                    label="Configuration file ( {{ $this->configurationFilePath }} )" name="proxySettings"
-                                    id="proxySettings" rows="30" />
-                                @can('update', $server)
-                                    <x-modal-confirmation title="Reset Proxy Configuration?"
-                                        buttonTitle="Reset configuration to default" isErrorButton
-                                        submitAction="resetProxyConfiguration" :actions="[
-                                            'Reset proxy configuration to default settings',
-                                            'All custom configurations will be lost',
-                                            'Custom ports and entrypoints will be removed',
-                                        ]"
-                                        confirmationText="{{ $server->name }}"
-                                        confirmationLabel="Please confirm by entering the server name below"
-                                        shortConfirmationLabel="Server Name" step2ButtonText="Reset Configuration"
-                                        :confirmWithPassword="false" :confirmWithText="true">
-                                    </x-modal-confirmation>
-                                @endcan
+                                    label="Configuration file ( {{ $this->configurationFilePath }} )"
+                                    name="proxySettings" id="proxySettings" rows="30" />
                             </div>
-                             <div class="flex flex-col gap-2 pt-2">
-                                  <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
-                                      monacoEditorLanguage="yaml"
-                                      label="Configuration file ({{ $this->configurationFilePath }})" name="proxySettings"
-                                      id="proxySettings" rows="30" />
-                             </div>
                         @endif
                     </div>
                 </form>

From e4b7b454cce64fcdb26ccac79aef8805d79c3073 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 09:54:59 +0200
Subject: [PATCH 050/129] style(proxy): adjust padding in proxy configuration
 form for better visual alignment

---
 resources/views/livewire/server/proxy.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index f3682f1c6..c40bdd31b 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -74,7 +74,7 @@
                     </div>
                     <div wire:loading.remove wire:target="loadProxyConfiguration">
                         @if ($proxySettings)
-                            <div class="flex flex-col gap-2 pt-4">
+                            <div class="flex flex-col gap-2 pt-2">
                                 <x-forms.textarea canGate="update" :canResource="$server" useMonacoEditor
                                     monacoEditorLanguage="yaml"
                                     label="Configuration file ( {{ $this->configurationFilePath }} )"

From a463a562ecd874eb10511b6be1ff80fe5c25365c Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 12:51:23 +0200
Subject: [PATCH 051/129] fix(domains): trim whitespace from domains before
 validation

---
 app/Http/Controllers/Api/ApplicationsController.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php
index cd640df17..ce9e723d4 100644
--- a/app/Http/Controllers/Api/ApplicationsController.php
+++ b/app/Http/Controllers/Api/ApplicationsController.php
@@ -3380,11 +3380,12 @@ private function validateDataApplications(Request $request, Server $server)
             $fqdn = str($fqdn)->replaceStart(',', '')->trim();
             $errors = [];
             $fqdn = str($fqdn)->trim()->explode(',')->map(function ($domain) use (&$errors) {
+                $domain = trim($domain);
                 if (filter_var($domain, FILTER_VALIDATE_URL) === false) {
                     $errors[] = 'Invalid domain: '.$domain;
                 }
 
-                return str($domain)->trim()->lower();
+                return str($domain)->lower();
             });
             if (count($errors) > 0) {
                 return response()->json([

From b90ff0e09a0f5cdae2237c0983996511ed1627e9 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 12:54:37 +0200
Subject: [PATCH 052/129] refactor(remoteProcess): remove redundant file
 transfer functions for improved clarity

---
 bootstrap/helpers/remoteProcess.php | 58 -----------------------------
 1 file changed, 58 deletions(-)

diff --git a/bootstrap/helpers/remoteProcess.php b/bootstrap/helpers/remoteProcess.php
index 56386a55f..3218bf878 100644
--- a/bootstrap/helpers/remoteProcess.php
+++ b/bootstrap/helpers/remoteProcess.php
@@ -84,64 +84,6 @@ function () use ($source, $dest, $server) {
     );
 }
 
-function transfer_file_to_container(string $content, string $container_path, string $deployment_uuid, Server $server, bool $throwError = true): ?string
-{
-    $temp_file = tempnam(sys_get_temp_dir(), 'coolify_env_');
-
-    try {
-        // Write content to temporary file
-        file_put_contents($temp_file, $content);
-
-        // Generate unique filename for server transfer
-        $server_temp_file = '/tmp/coolify_env_'.uniqid().'_'.$deployment_uuid;
-
-        // Transfer file to server
-        instant_scp($temp_file, $server_temp_file, $server, $throwError);
-
-        // Ensure parent directory exists in container, then copy file
-        $parent_dir = dirname($container_path);
-        $commands = [];
-        if ($parent_dir !== '.' && $parent_dir !== '/') {
-            $commands[] = executeInDocker($deployment_uuid, "mkdir -p \"$parent_dir\"");
-        }
-        $commands[] = "docker cp $server_temp_file $deployment_uuid:$container_path";
-        $commands[] = "rm -f $server_temp_file";  // Cleanup server temp file
-
-        return instant_remote_process_with_timeout($commands, $server, $throwError);
-
-    } finally {
-        // Always cleanup local temp file
-        if (file_exists($temp_file)) {
-            unlink($temp_file);
-        }
-    }
-}
-
-function transfer_file_to_server(string $content, string $server_path, Server $server, bool $throwError = true): ?string
-{
-    $temp_file = tempnam(sys_get_temp_dir(), 'coolify_env_');
-
-    try {
-        // Write content to temporary file
-        file_put_contents($temp_file, $content);
-
-        // Ensure parent directory exists on server
-        $parent_dir = dirname($server_path);
-        if ($parent_dir !== '.' && $parent_dir !== '/') {
-            instant_remote_process_with_timeout(["mkdir -p \"$parent_dir\""], $server, $throwError);
-        }
-
-        // Transfer file directly to server destination
-        return instant_scp($temp_file, $server_path, $server, $throwError);
-
-    } finally {
-        // Always cleanup local temp file
-        if (file_exists($temp_file)) {
-            unlink($temp_file);
-        }
-    }
-}
-
 function instant_remote_process_with_timeout(Collection|array $command, Server $server, bool $throwError = true, bool $no_sudo = false): ?string
 {
     $command = $command instanceof Collection ? $command->toArray() : $command;

From 0539dedaa0061732264c9a4026399fe9b7f2867f Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 13:14:45 +0200
Subject: [PATCH 053/129] feat(databases): enhance backup management API with
 new endpoints and improved data handling

- Refactored backup configuration retrieval and update logic to use UUIDs instead of IDs.
- Added new endpoint to list backup executions for a specific backup configuration.
- Improved error handling and validation for backup operations.
- Updated API documentation to reflect changes in parameter names and descriptions.
---
 .../Controllers/Api/DatabasesController.php   | 355 +++++++++++++++---
 routes/api.php                                |   6 +-
 2 files changed, 310 insertions(+), 51 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 8c70d1bdc..31bf2807e 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -82,14 +82,15 @@ public function databases(Request $request)
             $databases = $databases->merge($project->databases());
         }
 
-        $databases = $databases->map(function ($database) {
-            $backupConfig = ScheduledDatabaseBackup::with('latest_log')->where('database_id', $database->id)->get();
+        $databaseIds = $databases->pluck('id')->toArray();
 
-            if ($backupConfig) {
-                $database->backup_configs = $backupConfig;
-            } else {
-                $database->backup_configs = null;
-            }
+        $backupConfigs = ScheduledDatabaseBackup::with('latest_log')
+            ->whereIn('database_id', $databaseIds)
+            ->get()
+            ->groupBy('database_id');
+
+        $databases = $databases->map(function ($database) use ($backupConfigs) {
+            $database->backup_configs = $backupConfigs->get($database->id, collect())->values();
 
             return $this->removeSensitiveData($database);
         });
@@ -155,6 +156,8 @@ public function database_backup_details_uuid(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
+        $this->authorize('view', $database);
+
         $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->get();
 
         return response()->json($backupConfig);
@@ -291,19 +294,19 @@ public function database_by_uuid(Request $request)
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
-                        'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
-                        's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
-                        'backup_now' => ['type' => 'boolean', 'description' => 'Weather to take a backup now or not'],
-                        'enabled' => ['type' => 'boolean', 'description' => 'Weather the backup is enabled or not'],
+                        'save_s3' => ['type' => 'boolean', 'description' => 'Whether data is saved in s3 or not'],
+                        's3_storage_uuid' => ['type' => 'string', 'description' => 'S3 storage UUID'],
+                        'backup_now' => ['type' => 'boolean', 'description' => 'Whether to take a backup now or not'],
+                        'enabled' => ['type' => 'boolean', 'description' => 'Whether the backup is enabled or not'],
                         'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
-                        'dump_all' => ['type' => 'boolean', 'description' => 'Weather all databases are dumped or not'],
+                        'dump_all' => ['type' => 'boolean', 'description' => 'Whether all databases are dumped or not'],
                         'frequency' => ['type' => 'string', 'description' => 'Frequency of the backup'],
                         'database_backup_retention_amount_locally' => ['type' => 'integer', 'description' => 'Retention amount of the backup locally'],
                         'database_backup_retention_days_locally' => ['type' => 'integer', 'description' => 'Retention days of the backup locally'],
                         'database_backup_retention_max_storage_locally' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
                         'database_backup_retention_amount_s3' => ['type' => 'integer', 'description' => 'Retention amount of the backup in s3'],
                         'database_backup_retention_days_s3' => ['type' => 'integer', 'description' => 'Retention days of the backup in s3'],
-                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
+                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup in S3'],
                     ],
                 ),
             )
@@ -587,6 +590,7 @@ public function update_by_uuid(Request $request)
             $whatToDoWithDatabaseProxy = 'start';
         }
 
+        // Only update database fields, not backup configuration
         $database->update($request->all());
 
         if ($whatToDoWithDatabaseProxy === 'start') {
@@ -603,8 +607,8 @@ public function update_by_uuid(Request $request)
     #[OA\Patch(
         summary: 'Update',
         description: 'Update a specific backup configuration for a given database, identified by its UUID and the backup ID',
-        path: '/databases/{uuid}/backups/{backup_id}',
-        operationId: 'update-database-backup-config-by-uuid-and-backup-id',
+        path: '/databases/{uuid}/backups/{scheduled_backup_uuid}',
+        operationId: 'update-database-backup',
         security: [
             ['bearerAuth' => []],
         ],
@@ -621,12 +625,13 @@ public function update_by_uuid(Request $request)
                 )
             ),
             new OA\Parameter(
-                name: 'backup_id',
+                name: 'scheduled_backup_uuid',
                 in: 'path',
-                description: 'ID of the backup configuration.',
+                description: 'UUID of the backup configuration.',
                 required: true,
                 schema: new OA\Schema(
-                    type: 'integer',
+                    type: 'string',
+                    format: 'uuid',
                 )
             ),
         ],
@@ -638,19 +643,19 @@ public function update_by_uuid(Request $request)
                 schema: new OA\Schema(
                     type: 'object',
                     properties: [
-                        'save_s3' => ['type' => 'boolean', 'description' => 'Weather data is saved in s3 or not'],
-                        's3_storage_id' => ['type' => 'integer', 'description' => 'S3 storage id'],
-                        'backup_now' => ['type' => 'boolean', 'description' => 'Weather to take a backup now or not'],
-                        'enabled' => ['type' => 'boolean', 'description' => 'Weather the backup is enabled or not'],
+                        'save_s3' => ['type' => 'boolean', 'description' => 'Whether data is saved in s3 or not'],
+                        's3_storage_uuid' => ['type' => 'string', 'description' => 'S3 storage UUID'],
+                        'backup_now' => ['type' => 'boolean', 'description' => 'Whether to take a backup now or not'],
+                        'enabled' => ['type' => 'boolean', 'description' => 'Whether the backup is enabled or not'],
                         'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
-                        'dump_all' => ['type' => 'boolean', 'description' => 'Weather all databases are dumped or not'],
+                        'dump_all' => ['type' => 'boolean', 'description' => 'Whether all databases are dumped or not'],
                         'frequency' => ['type' => 'string', 'description' => 'Frequency of the backup'],
                         'database_backup_retention_amount_locally' => ['type' => 'integer', 'description' => 'Retention amount of the backup locally'],
                         'database_backup_retention_days_locally' => ['type' => 'integer', 'description' => 'Retention days of the backup locally'],
                         'database_backup_retention_max_storage_locally' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
                         'database_backup_retention_amount_s3' => ['type' => 'integer', 'description' => 'Retention amount of the backup in s3'],
                         'database_backup_retention_days_s3' => ['type' => 'integer', 'description' => 'Retention days of the backup in s3'],
-                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
+                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup in S3'],
                     ],
                 ),
             )
@@ -674,9 +679,9 @@ public function update_by_uuid(Request $request)
             ),
         ]
     )]
-    public function update_backup_config_by_uuid_and_backup_id(Request $request)
+    public function update_backup(Request $request)
     {
-        $backupConfigFields = ['save_s3', 'enabled', 'dump_all', 'frequency', 'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_id'];
+        $backupConfigFields = ['save_s3', 'enabled', 'dump_all', 'frequency', 'databases_to_backup', 'database_backup_retention_amount_locally', 'database_backup_retention_days_locally', 'database_backup_retention_max_storage_locally', 'database_backup_retention_amount_s3', 'database_backup_retention_days_s3', 'database_backup_retention_max_storage_s3', 's3_storage_uuid'];
 
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
@@ -692,8 +697,8 @@ public function update_backup_config_by_uuid_and_backup_id(Request $request)
             'backup_now' => 'boolean|nullable',
             'enabled' => 'boolean',
             'dump_all' => 'boolean',
-            's3_storage_id' => 'integer|min:1|exists:s3_storages,id|nullable',
-            'databases_to_backup' => 'string',
+            's3_storage_uuid' => 'string|exists:s3_storages,uuid|nullable',
+            'databases_to_backup' => 'string|nullable',
             'frequency' => 'string|in:every_minute,hourly,daily,weekly,monthly,yearly',
             'database_backup_retention_amount_locally' => 'integer|min:0',
             'database_backup_retention_days_locally' => 'integer|min:0',
@@ -712,6 +717,12 @@ public function update_backup_config_by_uuid_and_backup_id(Request $request)
         if (! $request->uuid) {
             return response()->json(['message' => 'UUID is required.'], 404);
         }
+
+        // Validate scheduled_backup_uuid is provided
+        if (! $request->scheduled_backup_uuid) {
+            return response()->json(['message' => 'Scheduled backup UUID is required.'], 400);
+        }
+
         $uuid = $request->uuid;
         removeUnnecessaryFieldsFromRequest($request);
         $database = queryDatabaseByUuidWithinTeam($uuid, $teamId);
@@ -720,7 +731,7 @@ public function update_backup_config_by_uuid_and_backup_id(Request $request)
         }
 
         $backupConfig = ScheduledDatabaseBackup::where('database_id', $database->id)
-            ->where('id', $request->backup_id)
+            ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
         if (! $backupConfig) {
             return response()->json(['message' => 'Backup config not found.'], 404);
@@ -739,7 +750,18 @@ public function update_backup_config_by_uuid_and_backup_id(Request $request)
             ], 422);
         }
 
-        $backupConfig->update($request->only($backupConfigFields));
+        $backupData = $request->only($backupConfigFields);
+
+        // Convert s3_storage_uuid to s3_storage_id
+        if (isset($backupData['s3_storage_uuid'])) {
+            $s3Storage = \App\Models\S3Storage::where('uuid', $backupData['s3_storage_uuid'])->first();
+            if ($s3Storage) {
+                $backupData['s3_storage_id'] = $s3Storage->id;
+            }
+            unset($backupData['s3_storage_uuid']);
+        }
+
+        $backupConfig->update($backupData);
 
         if ($request->backup_now) {
             DatabaseBackupJob::dispatch($backupConfig);
@@ -1869,29 +1891,147 @@ public function delete_by_uuid(Request $request)
     }
 
     #[OA\Delete(
-        summary: 'Delete backup',
-        description: 'Deletes a backup by its database UUID and backup ID.',
-        path: '/databases/{uuid}/backups/{backup_id}',
-        operationId: 'delete-backup-by-uuid',
+        summary: 'Delete backup configuration',
+        description: 'Deletes a backup configuration and all its executions.',
+        path: '/databases/{uuid}/backups/{scheduled_backup_uuid}',
+        operationId: 'delete-backup-configuration-by-uuid',
         security: [
             ['bearerAuth' => []],
         ],
-        tags: ['backups'],
+        tags: ['Databases'],
         parameters: [
             new OA\Parameter(
                 name: 'uuid',
                 in: 'path',
                 required: true,
-                description: 'UUID of the database to delete',
+                description: 'UUID of the database',
                 schema: new OA\Schema(type: 'string')
             ),
             new OA\Parameter(
-                name: 'backup_id',
+                name: 'scheduled_backup_uuid',
                 in: 'path',
                 required: true,
-                description: 'ID of the backup to delete',
+                description: 'UUID of the backup configuration to delete',
+                schema: new OA\Schema(type: 'string', format: 'uuid')
+            ),
+            new OA\Parameter(
+                name: 'delete_s3',
+                in: 'query',
+                required: false,
+                description: 'Whether to delete all backup files from S3',
+                schema: new OA\Schema(type: 'boolean', default: false)
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Backup configuration deleted.',
+                content: new OA\JsonContent(
+                    type: 'object',
+                    properties: [
+                        'message' => new OA\Schema(type: 'string', example: 'Backup configuration and all executions deleted.'),
+                    ]
+                )
+            ),
+            new OA\Response(
+                response: 404,
+                description: 'Backup configuration not found.',
+                content: new OA\JsonContent(
+                    type: 'object',
+                    properties: [
+                        'message' => new OA\Schema(type: 'string', example: 'Backup configuration not found.'),
+                    ]
+                )
+            ),
+        ]
+    )]
+    public function delete_backup_by_uuid(Request $request)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        // Validate scheduled_backup_uuid is provided
+        if (! $request->scheduled_backup_uuid) {
+            return response()->json(['message' => 'Scheduled backup UUID is required.'], 400);
+        }
+
+        $database = queryDatabaseByUuidWithinTeam($request->uuid, $teamId);
+        if (! $database) {
+            return response()->json(['message' => 'Database not found.'], 404);
+        }
+
+        // Find the backup configuration by its UUID
+        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+            ->where('uuid', $request->scheduled_backup_uuid)
+            ->first();
+
+        if (! $backup) {
+            return response()->json(['message' => 'Backup configuration not found.'], 404);
+        }
+
+        $deleteS3 = filter_var($request->query->get('delete_s3', false), FILTER_VALIDATE_BOOLEAN);
+
+        try {
+            // Get all executions for this backup configuration
+            $executions = $backup->executions()->get();
+
+            // Delete all execution files (locally and optionally from S3)
+            foreach ($executions as $execution) {
+                if ($execution->filename) {
+                    deleteBackupsLocally($execution->filename, $database->destination->server);
+
+                    if ($deleteS3 && $backup->s3) {
+                        deleteBackupsS3($execution->filename, $backup->s3);
+                    }
+                }
+
+                $execution->delete();
+            }
+
+            // Delete the backup configuration itself
+            $backup->delete();
+
+            return response()->json([
+                'message' => 'Backup configuration and all executions deleted.',
+            ]);
+        } catch (\Exception $e) {
+            return response()->json(['message' => 'Failed to delete backup: '.$e->getMessage()], 500);
+        }
+    }
+
+    #[OA\Delete(
+        summary: 'Delete backup execution',
+        description: 'Deletes a specific backup execution.',
+        path: '/databases/{uuid}/backups/{scheduled_backup_uuid}/executions/{execution_uuid}',
+        operationId: 'delete-backup-execution-by-uuid',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['Databases'],
+        parameters: [
+            new OA\Parameter(
+                name: 'uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the database',
                 schema: new OA\Schema(type: 'string')
             ),
+            new OA\Parameter(
+                name: 'scheduled_backup_uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the backup configuration',
+                schema: new OA\Schema(type: 'string', format: 'uuid')
+            ),
+            new OA\Parameter(
+                name: 'execution_uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the backup execution to delete',
+                schema: new OA\Schema(type: 'string', format: 'uuid')
+            ),
             new OA\Parameter(
                 name: 'delete_s3',
                 in: 'query',
@@ -1903,43 +2043,59 @@ public function delete_by_uuid(Request $request)
         responses: [
             new OA\Response(
                 response: 200,
-                description: 'Backup deleted.',
+                description: 'Backup execution deleted.',
                 content: new OA\JsonContent(
                     type: 'object',
                     properties: [
-                        'message' => new OA\Schema(type: 'string', example: 'Backup deleted.'),
+                        'message' => new OA\Schema(type: 'string', example: 'Backup execution deleted.'),
                     ]
                 )
             ),
             new OA\Response(
                 response: 404,
-                description: 'Backup not found.',
+                description: 'Backup execution not found.',
                 content: new OA\JsonContent(
                     type: 'object',
                     properties: [
-                        'message' => new OA\Schema(type: 'string', example: 'Backup not found.'),
+                        'message' => new OA\Schema(type: 'string', example: 'Backup execution not found.'),
                     ]
                 )
             ),
         ]
     )]
-    public function delete_backup_by_uuid(Request $request)
+    public function delete_execution_by_uuid(Request $request)
     {
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
             return invalidTokenResponse();
         }
+
+        // Validate parameters
+        if (! $request->scheduled_backup_uuid) {
+            return response()->json(['message' => 'Scheduled backup UUID is required.'], 400);
+        }
+        if (! $request->execution_uuid) {
+            return response()->json(['message' => 'Execution UUID is required.'], 400);
+        }
+
         $database = queryDatabaseByUuidWithinTeam($request->uuid, $teamId);
         if (! $database) {
             return response()->json(['message' => 'Database not found.'], 404);
         }
-        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)->first();
+
+        // Find the backup configuration by its UUID
+        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+            ->where('uuid', $request->scheduled_backup_uuid)
+            ->first();
+
         if (! $backup) {
-            return response()->json(['message' => 'Backup not found.'], 404);
+            return response()->json(['message' => 'Backup configuration not found.'], 404);
         }
-        $execution = $backup->executions()->where('id', $request->backup_id)->first();
+
+        // Find the specific execution
+        $execution = $backup->executions()->where('uuid', $request->execution_uuid)->first();
         if (! $execution) {
-            return response()->json(['message' => 'Execution not found.'], 404);
+            return response()->json(['message' => 'Backup execution not found.'], 404);
         }
 
         $deleteS3 = filter_var($request->query->get('delete_s3', false), FILTER_VALIDATE_BOOLEAN);
@@ -1956,13 +2112,114 @@ public function delete_backup_by_uuid(Request $request)
             $execution->delete();
 
             return response()->json([
-                'message' => 'Backup deleted.',
+                'message' => 'Backup execution deleted.',
             ]);
         } catch (\Exception $e) {
-            return response()->json(['message' => 'Failed to delete backup: '.$e->getMessage()], 500);
+            return response()->json(['message' => 'Failed to delete backup execution: '.$e->getMessage()], 500);
         }
     }
 
+    #[OA\Get(
+        summary: 'List backup executions',
+        description: 'Get all executions for a specific backup configuration.',
+        path: '/databases/{uuid}/backups/{scheduled_backup_uuid}/executions',
+        operationId: 'list-backup-executions',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['Databases'],
+        parameters: [
+            new OA\Parameter(
+                name: 'uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the database',
+                schema: new OA\Schema(type: 'string')
+            ),
+            new OA\Parameter(
+                name: 'scheduled_backup_uuid',
+                in: 'path',
+                required: true,
+                description: 'UUID of the backup configuration',
+                schema: new OA\Schema(type: 'string', format: 'uuid')
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'List of backup executions',
+                content: new OA\JsonContent(
+                    type: 'object',
+                    properties: [
+                        'executions' => new OA\Schema(
+                            type: 'array',
+                            items: new OA\Schema(
+                                type: 'object',
+                                properties: [
+                                    'uuid' => ['type' => 'string'],
+                                    'filename' => ['type' => 'string'],
+                                    'size' => ['type' => 'integer'],
+                                    'created_at' => ['type' => 'string'],
+                                    'message' => ['type' => 'string'],
+                                    'status' => ['type' => 'string'],
+                                ]
+                            )
+                        ),
+                    ]
+                )
+            ),
+            new OA\Response(
+                response: 404,
+                description: 'Backup configuration not found.',
+            ),
+        ]
+    )]
+    public function list_backup_executions(Request $request)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        // Validate scheduled_backup_uuid is provided
+        if (! $request->scheduled_backup_uuid) {
+            return response()->json(['message' => 'Scheduled backup UUID is required.'], 400);
+        }
+
+        $database = queryDatabaseByUuidWithinTeam($request->uuid, $teamId);
+        if (! $database) {
+            return response()->json(['message' => 'Database not found.'], 404);
+        }
+
+        // Find the backup configuration by its UUID
+        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+            ->where('uuid', $request->scheduled_backup_uuid)
+            ->first();
+
+        if (! $backup) {
+            return response()->json(['message' => 'Backup configuration not found.'], 404);
+        }
+
+        // Get all executions for this backup configuration
+        $executions = $backup->executions()
+            ->orderBy('created_at', 'desc')
+            ->get()
+            ->map(function ($execution) {
+                return [
+                    'uuid' => $execution->uuid,
+                    'filename' => $execution->filename,
+                    'size' => $execution->size,
+                    'created_at' => $execution->created_at->toIso8601String(),
+                    'message' => $execution->message,
+                    'status' => $execution->status,
+                ];
+            });
+
+        return response()->json([
+            'executions' => $executions,
+        ]);
+    }
+
     #[OA\Get(
         summary: 'Start',
         description: 'Start database. `Post` request is also accepted.',
diff --git a/routes/api.php b/routes/api.php
index 82b29ea4d..ea6fd5249 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -115,10 +115,12 @@
 
     Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']);
     Route::get('/databases/{uuid}/backups', [DatabasesController::class, 'database_backup_details_uuid'])->middleware(['api.ability:read']);
+    Route::get('/databases/{uuid}/backups/{scheduled_backup_uuid}/executions', [DatabasesController::class, 'list_backup_executions'])->middleware(['api.ability:read']);
     Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
-    Route::patch('/databases/{uuid}/backups/{backup_id}', [DatabasesController::class, 'update_backup_config_by_uuid_and_backup_id'])->middleware(['api.ability:write']);
+    Route::patch('/databases/{uuid}/backups/{scheduled_backup_uuid}', [DatabasesController::class, 'update_backup'])->middleware(['api.ability:write']);
     Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
-    Route::delete('/databases/{uuid}/backups/{backup_id}', [DatabasesController::class, 'delete_backup_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/databases/{uuid}/backups/{scheduled_backup_uuid}', [DatabasesController::class, 'delete_backup_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/databases/{uuid}/backups/{scheduled_backup_uuid}/executions/{execution_uuid}', [DatabasesController::class, 'delete_execution_by_uuid'])->middleware(['api.ability:write']);
 
     Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['api.ability:write']);
     Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['api.ability:write']);

From 9638012a4f9b7f1929c12bb722a287c3f673324b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 15:11:30 +0200
Subject: [PATCH 054/129] feat(github): add GitHub app management endpoints

- Implemented a new GithubController with endpoints to create GitHub apps, load repositories, and fetch branches for a given repository.
- Added OpenAPI annotations for API documentation.
- Included validation for incoming requests and error handling for various scenarios.
---
 app/Http/Controllers/Api/GithubController.php | 395 ++++++++++++++++++
 routes/api.php                                |   5 +
 2 files changed, 400 insertions(+)
 create mode 100644 app/Http/Controllers/Api/GithubController.php

diff --git a/app/Http/Controllers/Api/GithubController.php b/app/Http/Controllers/Api/GithubController.php
new file mode 100644
index 000000000..88a13dea2
--- /dev/null
+++ b/app/Http/Controllers/Api/GithubController.php
@@ -0,0 +1,395 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Controllers\Controller;
+use App\Models\GithubApp;
+use App\Models\PrivateKey;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Str;
+use OpenApi\Attributes as OA;
+
+class GithubController extends Controller
+{
+    #[OA\Post(
+        summary: 'Create GitHub App',
+        description: 'Create a new GitHub app.',
+        path: '/github-apps',
+        operationId: 'create-github-app',
+        security: [
+            ['bearerAuth' => []],
+        ],
+        tags: ['GitHub Apps'],
+        requestBody: new OA\RequestBody(
+            description: 'GitHub app creation payload.',
+            required: true,
+            content: [
+                new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'name' => ['type' => 'string', 'description' => 'Name of the GitHub app.'],
+                            'organization' => ['type' => 'string', 'nullable' => true, 'description' => 'Organization to associate the app with.'],
+                            'api_url' => ['type' => 'string', 'description' => 'API URL for the GitHub app (e.g., https://api.github.com).'],
+                            'html_url' => ['type' => 'string', 'description' => 'HTML URL for the GitHub app (e.g., https://github.com).'],
+                            'custom_user' => ['type' => 'string', 'description' => 'Custom user for SSH access (default: git).'],
+                            'custom_port' => ['type' => 'integer', 'description' => 'Custom port for SSH access (default: 22).'],
+                            'app_id' => ['type' => 'integer', 'description' => 'GitHub App ID from GitHub.'],
+                            'installation_id' => ['type' => 'integer', 'description' => 'GitHub Installation ID.'],
+                            'client_id' => ['type' => 'string', 'description' => 'GitHub OAuth App Client ID.'],
+                            'client_secret' => ['type' => 'string', 'description' => 'GitHub OAuth App Client Secret.'],
+                            'webhook_secret' => ['type' => 'string', 'description' => 'Webhook secret for GitHub webhooks.'],
+                            'private_key_uuid' => ['type' => 'string', 'description' => 'UUID of an existing private key for GitHub App authentication.'],
+                            'is_public' => ['type' => 'boolean', 'description' => 'Whether this is a public GitHub app (default: false).'],
+                            'is_system_wide' => ['type' => 'boolean', 'description' => 'Is this app system-wide (cloud only).'],
+                        ],
+                        required: ['name', 'api_url', 'html_url', 'app_id', 'installation_id', 'client_id', 'client_secret', 'private_key_uuid'],
+                    ),
+                ),
+            ],
+        ),
+        responses: [
+            new OA\Response(
+                response: 201,
+                description: 'GitHub app created successfully.',
+                content: [
+                    new OA\MediaType(
+                        mediaType: 'application/json',
+                        schema: new OA\Schema(
+                            type: 'object',
+                            properties: [
+                                'id' => ['type' => 'integer'],
+                                'uuid' => ['type' => 'string'],
+                                'name' => ['type' => 'string'],
+                                'organization' => ['type' => 'string', 'nullable' => true],
+                                'api_url' => ['type' => 'string'],
+                                'html_url' => ['type' => 'string'],
+                                'custom_user' => ['type' => 'string'],
+                                'custom_port' => ['type' => 'integer'],
+                                'app_id' => ['type' => 'integer'],
+                                'installation_id' => ['type' => 'integer'],
+                                'client_id' => ['type' => 'string'],
+                                'private_key_id' => ['type' => 'integer'],
+                                'is_public' => ['type' => 'boolean'],
+                                'is_system_wide' => ['type' => 'boolean'],
+                                'team_id' => ['type' => 'integer'],
+                            ]
+                        )
+                    ),
+                ]
+            ),
+            new OA\Response(
+                response: 400,
+                ref: '#/components/responses/400',
+            ),
+            new OA\Response(
+                response: 401,
+                ref: '#/components/responses/401',
+            ),
+            new OA\Response(
+                response: 422,
+                ref: '#/components/responses/422',
+            ),
+        ]
+    )]
+    public function create_github_app(Request $request)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+        $return = validateIncomingRequest($request);
+        if ($return instanceof \Illuminate\Http\JsonResponse) {
+            return $return;
+        }
+
+        $allowedFields = [
+            'name',
+            'organization',
+            'api_url',
+            'html_url',
+            'custom_user',
+            'custom_port',
+            'app_id',
+            'installation_id',
+            'client_id',
+            'client_secret',
+            'webhook_secret',
+            'private_key_uuid',
+            'is_public',
+            'is_system_wide',
+        ];
+
+        $validator = customApiValidator($request->all(), [
+            'name' => 'required|string|max:255',
+            'organization' => 'nullable|string|max:255',
+            'api_url' => 'required|string|url',
+            'html_url' => 'required|string|url',
+            'custom_user' => 'string|max:255',
+            'custom_port' => 'integer|min:1|max:65535',
+            'app_id' => 'required|integer',
+            'installation_id' => 'required|integer',
+            'client_id' => 'required|string|max:255',
+            'client_secret' => 'required|string',
+            'webhook_secret' => 'required|string',
+            'private_key_uuid' => 'required|string',
+            'is_public' => 'boolean',
+            'is_system_wide' => 'boolean',
+        ]);
+
+        $extraFields = array_diff(array_keys($request->all()), $allowedFields);
+        if ($validator->fails() || ! empty($extraFields)) {
+            $errors = $validator->errors();
+            if (! empty($extraFields)) {
+                foreach ($extraFields as $field) {
+                    $errors->add($field, 'This field is not allowed.');
+                }
+            }
+
+            return response()->json([
+                'message' => 'Validation failed.',
+                'errors' => $errors,
+            ], 422);
+        }
+
+        try {
+            // Verify the private key belongs to the team
+            $privateKey = PrivateKey::where('uuid', $request->input('private_key_uuid'))
+                ->where('team_id', $teamId)
+                ->first();
+
+            if (! $privateKey) {
+                return response()->json([
+                    'message' => 'Private key not found or does not belong to your team.',
+                ], 404);
+            }
+
+            $payload = [
+                'uuid' => Str::uuid(),
+                'name' => $request->input('name'),
+                'organization' => $request->input('organization'),
+                'api_url' => $request->input('api_url'),
+                'html_url' => $request->input('html_url'),
+                'custom_user' => $request->input('custom_user', 'git'),
+                'custom_port' => $request->input('custom_port', 22),
+                'app_id' => $request->input('app_id'),
+                'installation_id' => $request->input('installation_id'),
+                'client_id' => $request->input('client_id'),
+                'client_secret' => $request->input('client_secret'),
+                'webhook_secret' => $request->input('webhook_secret'),
+                'private_key_id' => $privateKey->id,
+                'is_public' => $request->input('is_public', false),
+                'team_id' => $teamId,
+            ];
+
+            if (! isCloud()) {
+                $payload['is_system_wide'] = $request->input('is_system_wide', false);
+            }
+
+            $githubApp = GithubApp::create($payload);
+
+            return response()->json($githubApp, 201);
+        } catch (\Throwable $e) {
+            return handleError($e);
+        }
+    }
+
+    #[OA\Get(
+        path: '/github-apps/{github_app_id}/repositories',
+        summary: 'Load Repositories for a GitHub App',
+        description: 'Fetch repositories from GitHub for a given GitHub app.',
+        operationId: 'load-repositories',
+        tags: ['GitHub Apps'],
+        security: [
+            ['bearerAuth' => []],
+        ],
+        parameters: [
+            new OA\Parameter(
+                name: 'github_app_id',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'integer'),
+                description: 'GitHub App ID'
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Repositories loaded successfully.',
+                content: new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'repositories' => new OA\Items(
+                                type: 'array',
+                                items: new OA\Schema(type: 'object')
+                            ),
+                        ]
+                    )
+                )
+            ),
+            new OA\Response(
+                response: 400,
+                ref: '#/components/responses/400',
+            ),
+            new OA\Response(
+                response: 401,
+                ref: '#/components/responses/401',
+            ),
+            new OA\Response(
+                response: 404,
+                ref: '#/components/responses/404',
+            ),
+        ]
+    )]
+    public function load_repositories($github_app_id)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        try {
+            $githubApp = GithubApp::where('id', $github_app_id)
+                ->where('team_id', $teamId)
+                ->firstOrFail();
+
+            $token = generateGithubInstallationToken($githubApp);
+            $repositories = collect();
+            $page = 1;
+            $maxPages = 100; // Safety limit: max 10,000 repositories
+
+            while ($page <= $maxPages) {
+                $response = Http::withToken($token)->get("{$githubApp->api_url}/installation/repositories", [
+                    'per_page' => 100,
+                    'page' => $page,
+                ]);
+
+                if ($response->status() !== 200) {
+                    return response()->json([
+                        'message' => $response->json()['message'] ?? 'Failed to load repositories',
+                    ], $response->status());
+                }
+
+                $json = $response->json();
+                $repos = $json['repositories'] ?? [];
+
+                if (empty($repos)) {
+                    break; // No more repositories to load
+                }
+
+                $repositories = $repositories->concat($repos);
+                $page++;
+            }
+
+            return response()->json([
+                'repositories' => $repositories->sortBy('name')->values(),
+            ]);
+        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+            return response()->json(['message' => 'GitHub app not found'], 404);
+        } catch (\Throwable $e) {
+            return handleError($e);
+        }
+    }
+
+    #[OA\Get(
+        path: '/github-apps/{github_app_id}/repositories/{owner}/{repo}/branches',
+        summary: 'Load Branches for a GitHub Repository',
+        description: 'Fetch branches from GitHub for a given repository.',
+        operationId: 'load-branches',
+        tags: ['GitHub Apps'],
+        security: [
+            ['bearerAuth' => []],
+        ],
+        parameters: [
+            new OA\Parameter(
+                name: 'github_app_id',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'integer'),
+                description: 'GitHub App ID'
+            ),
+            new OA\Parameter(
+                name: 'owner',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'string'),
+                description: 'Repository owner'
+            ),
+            new OA\Parameter(
+                name: 'repo',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'string'),
+                description: 'Repository name'
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Branches loaded successfully.',
+                content: new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'branches' => new OA\Items(
+                                type: 'array',
+                                items: new OA\Schema(type: 'object')
+                            ),
+                        ]
+                    )
+                )
+            ),
+            new OA\Response(
+                response: 400,
+                ref: '#/components/responses/400',
+            ),
+            new OA\Response(
+                response: 401,
+                ref: '#/components/responses/401',
+            ),
+            new OA\Response(
+                response: 404,
+                ref: '#/components/responses/404',
+            ),
+        ]
+    )]
+    public function load_branches($github_app_id, $owner, $repo)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        try {
+            $githubApp = GithubApp::where('id', $github_app_id)
+                ->where('team_id', $teamId)
+                ->firstOrFail();
+
+            $token = generateGithubInstallationToken($githubApp);
+
+            $response = Http::withToken($token)->get("{$githubApp->api_url}/repos/{$owner}/{$repo}/branches");
+
+            if ($response->status() !== 200) {
+                return response()->json([
+                    'message' => 'Error loading branches from GitHub.',
+                    'error' => $response->json('message'),
+                ], $response->status());
+            }
+
+            $branches = $response->json();
+
+            return response()->json([
+                'branches' => $branches,
+            ]);
+        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+            return response()->json(['message' => 'GitHub app not found'], 404);
+        } catch (\Throwable $e) {
+            return handleError($e);
+        }
+    }
+}
diff --git a/routes/api.php b/routes/api.php
index ea6fd5249..4f0aceed6 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -3,6 +3,7 @@
 use App\Http\Controllers\Api\ApplicationsController;
 use App\Http\Controllers\Api\DatabasesController;
 use App\Http\Controllers\Api\DeployController;
+use App\Http\Controllers\Api\GithubController;
 use App\Http\Controllers\Api\OtherController;
 use App\Http\Controllers\Api\ProjectController;
 use App\Http\Controllers\Api\ResourcesController;
@@ -103,6 +104,10 @@
     Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['api.ability:write']);
     Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['api.ability:write']);
 
+    Route::post('/github-apps', [GithubController::class, 'create_github_app'])->middleware(['api.ability:write']);
+    Route::get('/github-apps/{github_app_id}/repositories', [GithubController::class, 'load_repositories'])->middleware(['api.ability:read']);
+    Route::get('/github-apps/{github_app_id}/repositories/{owner}/{repo}/branches', [GithubController::class, 'load_branches'])->middleware(['api.ability:read']);
+
     Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['api.ability:read']);
     Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['api.ability:write']);
     Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['api.ability:write']);

From 5e6946c33a2a8f5c1a1afed43b128a10eb663932 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 15:28:18 +0200
Subject: [PATCH 055/129] feat(github): add update and delete endpoints for
 GitHub apps

- Implemented endpoints to update and delete GitHub apps in the GithubController.
- Added OpenAPI annotations for the new endpoints, including request and response specifications.
- Removed the 'is_public' field from the app creation and update processes, defaulting it to false.
- Enhanced validation for update requests to ensure proper data handling.
---
 app/Http/Controllers/Api/GithubController.php | 270 +++++++++++++++++-
 routes/api.php                                |   2 +
 2 files changed, 267 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/Api/GithubController.php b/app/Http/Controllers/Api/GithubController.php
index 88a13dea2..b529b80f3 100644
--- a/app/Http/Controllers/Api/GithubController.php
+++ b/app/Http/Controllers/Api/GithubController.php
@@ -42,7 +42,6 @@ class GithubController extends Controller
                             'client_secret' => ['type' => 'string', 'description' => 'GitHub OAuth App Client Secret.'],
                             'webhook_secret' => ['type' => 'string', 'description' => 'Webhook secret for GitHub webhooks.'],
                             'private_key_uuid' => ['type' => 'string', 'description' => 'UUID of an existing private key for GitHub App authentication.'],
-                            'is_public' => ['type' => 'boolean', 'description' => 'Whether this is a public GitHub app (default: false).'],
                             'is_system_wide' => ['type' => 'boolean', 'description' => 'Is this app system-wide (cloud only).'],
                         ],
                         required: ['name', 'api_url', 'html_url', 'app_id', 'installation_id', 'client_id', 'client_secret', 'private_key_uuid'],
@@ -72,7 +71,6 @@ class GithubController extends Controller
                                 'installation_id' => ['type' => 'integer'],
                                 'client_id' => ['type' => 'string'],
                                 'private_key_id' => ['type' => 'integer'],
-                                'is_public' => ['type' => 'boolean'],
                                 'is_system_wide' => ['type' => 'boolean'],
                                 'team_id' => ['type' => 'integer'],
                             ]
@@ -118,7 +116,6 @@ public function create_github_app(Request $request)
             'client_secret',
             'webhook_secret',
             'private_key_uuid',
-            'is_public',
             'is_system_wide',
         ];
 
@@ -135,7 +132,6 @@ public function create_github_app(Request $request)
             'client_secret' => 'required|string',
             'webhook_secret' => 'required|string',
             'private_key_uuid' => 'required|string',
-            'is_public' => 'boolean',
             'is_system_wide' => 'boolean',
         ]);
 
@@ -180,7 +176,7 @@ public function create_github_app(Request $request)
                 'client_secret' => $request->input('client_secret'),
                 'webhook_secret' => $request->input('webhook_secret'),
                 'private_key_id' => $privateKey->id,
-                'is_public' => $request->input('is_public', false),
+                'is_public' => false,
                 'team_id' => $teamId,
             ];
 
@@ -392,4 +388,268 @@ public function load_branches($github_app_id, $owner, $repo)
             return handleError($e);
         }
     }
+
+    /**
+     * Update a GitHub app.
+     */
+    #[OA\Patch(
+        path: '/github-apps/{github_app_id}',
+        operationId: 'updateGithubApp',
+        security: [
+            ['api_token' => []],
+        ],
+        tags: ['GitHub Apps'],
+        summary: 'Update GitHub App',
+        description: 'Update an existing GitHub app.',
+        parameters: [
+            new OA\Parameter(
+                name: 'github_app_id',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'integer'),
+                description: 'GitHub App ID'
+            ),
+        ],
+        requestBody: new OA\RequestBody(
+            required: true,
+            content: new OA\MediaType(
+                mediaType: 'application/json',
+                schema: new OA\Schema(
+                    type: 'object',
+                    properties: [
+                        'name' => ['type' => 'string', 'description' => 'GitHub App name'],
+                        'organization' => ['type' => 'string', 'nullable' => true, 'description' => 'GitHub organization'],
+                        'api_url' => ['type' => 'string', 'description' => 'GitHub API URL'],
+                        'html_url' => ['type' => 'string', 'description' => 'GitHub HTML URL'],
+                        'custom_user' => ['type' => 'string', 'description' => 'Custom user for SSH'],
+                        'custom_port' => ['type' => 'integer', 'description' => 'Custom port for SSH'],
+                        'app_id' => ['type' => 'integer', 'description' => 'GitHub App ID'],
+                        'installation_id' => ['type' => 'integer', 'description' => 'GitHub Installation ID'],
+                        'client_id' => ['type' => 'string', 'description' => 'GitHub Client ID'],
+                        'client_secret' => ['type' => 'string', 'description' => 'GitHub Client Secret'],
+                        'webhook_secret' => ['type' => 'string', 'description' => 'GitHub Webhook Secret'],
+                        'private_key_uuid' => ['type' => 'string', 'description' => 'Private key UUID'],
+                        'is_system_wide' => ['type' => 'boolean', 'description' => 'Is system wide (non-cloud instances only)'],
+                    ]
+                )
+            )
+        ),
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'GitHub app updated successfully',
+                content: new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'message' => ['type' => 'string', 'example' => 'GitHub app updated successfully'],
+                            'data' => ['type' => 'object', 'description' => 'Updated GitHub app data'],
+                        ]
+                    )
+                )
+            ),
+            new OA\Response(response: 401, description: 'Unauthorized'),
+            new OA\Response(response: 404, description: 'GitHub app not found'),
+            new OA\Response(response: 422, description: 'Validation error'),
+        ]
+    )]
+    public function update_github_app(Request $request, $github_app_id)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        try {
+            $githubApp = GithubApp::where('id', $github_app_id)
+                ->where('team_id', $teamId)
+                ->firstOrFail();
+
+            // Define allowed fields for update
+            $allowedFields = [
+                'name',
+                'organization',
+                'api_url',
+                'html_url',
+                'custom_user',
+                'custom_port',
+                'app_id',
+                'installation_id',
+                'client_id',
+                'client_secret',
+                'webhook_secret',
+                'private_key_uuid',
+            ];
+
+            if (! isCloud()) {
+                $allowedFields[] = 'is_system_wide';
+            }
+
+            $payload = $request->only($allowedFields);
+
+            // Validate the request
+            $rules = [];
+            if (isset($payload['name'])) {
+                $rules['name'] = 'string';
+            }
+            if (isset($payload['organization'])) {
+                $rules['organization'] = 'nullable|string';
+            }
+            if (isset($payload['api_url'])) {
+                $rules['api_url'] = 'url';
+            }
+            if (isset($payload['html_url'])) {
+                $rules['html_url'] = 'url';
+            }
+            if (isset($payload['custom_user'])) {
+                $rules['custom_user'] = 'string';
+            }
+            if (isset($payload['custom_port'])) {
+                $rules['custom_port'] = 'integer|min:1|max:65535';
+            }
+            if (isset($payload['app_id'])) {
+                $rules['app_id'] = 'integer';
+            }
+            if (isset($payload['installation_id'])) {
+                $rules['installation_id'] = 'integer';
+            }
+            if (isset($payload['client_id'])) {
+                $rules['client_id'] = 'string';
+            }
+            if (isset($payload['client_secret'])) {
+                $rules['client_secret'] = 'string';
+            }
+            if (isset($payload['webhook_secret'])) {
+                $rules['webhook_secret'] = 'string';
+            }
+            if (isset($payload['private_key_uuid'])) {
+                $rules['private_key_uuid'] = 'string|uuid';
+            }
+            if (! isCloud() && isset($payload['is_system_wide'])) {
+                $rules['is_system_wide'] = 'boolean';
+            }
+
+            $validator = customApiValidator($payload, $rules);
+            if ($validator->fails()) {
+                return response()->json([
+                    'message' => 'Validation error',
+                    'errors' => $validator->errors(),
+                ], 422);
+            }
+
+            // Handle private_key_uuid -> private_key_id conversion
+            if (isset($payload['private_key_uuid'])) {
+                $privateKey = PrivateKey::where('team_id', $teamId)
+                    ->where('uuid', $payload['private_key_uuid'])
+                    ->first();
+
+                if (! $privateKey) {
+                    return response()->json([
+                        'message' => 'Private key not found or does not belong to your team',
+                    ], 404);
+                }
+
+                unset($payload['private_key_uuid']);
+                $payload['private_key_id'] = $privateKey->id;
+            }
+
+            // Update the GitHub app
+            $githubApp->update($payload);
+
+            return response()->json([
+                'message' => 'GitHub app updated successfully',
+                'data' => $githubApp,
+            ]);
+        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+            return response()->json([
+                'message' => 'GitHub app not found',
+            ], 404);
+        }
+    }
+
+    /**
+     * Delete a GitHub app.
+     */
+    #[OA\Delete(
+        path: '/github-apps/{github_app_id}',
+        operationId: 'deleteGithubApp',
+        security: [
+            ['api_token' => []],
+        ],
+        tags: ['GitHub Apps'],
+        summary: 'Delete GitHub App',
+        description: 'Delete a GitHub app if it\'s not being used by any applications.',
+        parameters: [
+            new OA\Parameter(
+                name: 'github_app_id',
+                in: 'path',
+                required: true,
+                schema: new OA\Schema(type: 'integer'),
+                description: 'GitHub App ID'
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'GitHub app deleted successfully',
+                content: new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'message' => ['type' => 'string', 'example' => 'GitHub app deleted successfully'],
+                        ]
+                    )
+                )
+            ),
+            new OA\Response(response: 401, description: 'Unauthorized'),
+            new OA\Response(response: 404, description: 'GitHub app not found'),
+            new OA\Response(
+                response: 409,
+                description: 'Conflict - GitHub app is in use',
+                content: new OA\MediaType(
+                    mediaType: 'application/json',
+                    schema: new OA\Schema(
+                        type: 'object',
+                        properties: [
+                            'message' => ['type' => 'string', 'example' => 'This GitHub app is being used by 5 application(s). Please delete all applications first.'],
+                        ]
+                    )
+                )
+            ),
+        ]
+    )]
+    public function delete_github_app($github_app_id)
+    {
+        $teamId = getTeamIdFromToken();
+        if (is_null($teamId)) {
+            return invalidTokenResponse();
+        }
+
+        try {
+            $githubApp = GithubApp::where('id', $github_app_id)
+                ->where('team_id', $teamId)
+                ->firstOrFail();
+
+            // Check if the GitHub app is being used by any applications
+            if ($githubApp->applications->isNotEmpty()) {
+                $count = $githubApp->applications->count();
+
+                return response()->json([
+                    'message' => "This GitHub app is being used by {$count} application(s). Please delete all applications first.",
+                ], 409);
+            }
+
+            $githubApp->delete();
+
+            return response()->json([
+                'message' => 'GitHub app deleted successfully',
+            ]);
+        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+            return response()->json([
+                'message' => 'GitHub app not found',
+            ], 404);
+        }
+    }
 }
diff --git a/routes/api.php b/routes/api.php
index 4f0aceed6..aead715ae 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -105,6 +105,8 @@
     Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['api.ability:write']);
 
     Route::post('/github-apps', [GithubController::class, 'create_github_app'])->middleware(['api.ability:write']);
+    Route::patch('/github-apps/{github_app_id}', [GithubController::class, 'update_github_app'])->middleware(['api.ability:write']);
+    Route::delete('/github-apps/{github_app_id}', [GithubController::class, 'delete_github_app'])->middleware(['api.ability:write']);
     Route::get('/github-apps/{github_app_id}/repositories', [GithubController::class, 'load_repositories'])->middleware(['api.ability:read']);
     Route::get('/github-apps/{github_app_id}/repositories/{owner}/{repo}/branches', [GithubController::class, 'load_branches'])->middleware(['api.ability:read']);
 

From 36dfd1bc6e1c61498a4358446d1c183c717d1659 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 15:41:56 +0200
Subject: [PATCH 056/129] refactor(github): enhance API request handling and
 validation

- Updated validation rules for 'custom_user' and 'custom_port' fields to be nullable in the GithubController.
- Refactored API request handling in GithubController, GithubPrivateRepository, and helper functions to use a consistent Http::GitHub method with timeout and retry logic.
- Improved error handling for repository and branch loading processes.
---
 app/Http/Controllers/Api/GithubController.php | 20 ++++++++++++-------
 .../Project/New/GithubPrivateRepository.php   |  8 +++++++-
 bootstrap/helpers/github.php                  |  8 +++++++-
 3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/app/Http/Controllers/Api/GithubController.php b/app/Http/Controllers/Api/GithubController.php
index b529b80f3..b297c0cec 100644
--- a/app/Http/Controllers/Api/GithubController.php
+++ b/app/Http/Controllers/Api/GithubController.php
@@ -124,8 +124,8 @@ public function create_github_app(Request $request)
             'organization' => 'nullable|string|max:255',
             'api_url' => 'required|string|url',
             'html_url' => 'required|string|url',
-            'custom_user' => 'string|max:255',
-            'custom_port' => 'integer|min:1|max:65535',
+            'custom_user' => 'nullable|string|max:255',
+            'custom_port' => 'nullable|integer|min:1|max:65535',
             'app_id' => 'required|integer',
             'installation_id' => 'required|integer',
             'client_id' => 'required|string|max:255',
@@ -259,10 +259,13 @@ public function load_repositories($github_app_id)
             $maxPages = 100; // Safety limit: max 10,000 repositories
 
             while ($page <= $maxPages) {
-                $response = Http::withToken($token)->get("{$githubApp->api_url}/installation/repositories", [
-                    'per_page' => 100,
-                    'page' => $page,
-                ]);
+                $response = Http::GitHub($githubApp->api_url, $token)
+                    ->timeout(20)
+                    ->retry(3, 200, throw: false)
+                    ->get('/installation/repositories', [
+                        'per_page' => 100,
+                        'page' => $page,
+                    ]);
 
                 if ($response->status() !== 200) {
                     return response()->json([
@@ -368,7 +371,10 @@ public function load_branches($github_app_id, $owner, $repo)
 
             $token = generateGithubInstallationToken($githubApp);
 
-            $response = Http::withToken($token)->get("{$githubApp->api_url}/repos/{$owner}/{$repo}/branches");
+            $response = Http::GitHub($githubApp->api_url, $token)
+                ->timeout(20)
+                ->retry(3, 200, throw: false)
+                ->get("/repos/{$owner}/{$repo}/branches");
 
             if ($response->status() !== 200) {
                 return response()->json([
diff --git a/app/Livewire/Project/New/GithubPrivateRepository.php b/app/Livewire/Project/New/GithubPrivateRepository.php
index 0f496e6db..a2071931e 100644
--- a/app/Livewire/Project/New/GithubPrivateRepository.php
+++ b/app/Livewire/Project/New/GithubPrivateRepository.php
@@ -143,7 +143,13 @@ public function loadBranches()
 
     protected function loadBranchByPage()
     {
-        $response = Http::withToken($this->token)->get("{$this->github_app->api_url}/repos/{$this->selected_repository_owner}/{$this->selected_repository_repo}/branches?per_page=100&page={$this->page}");
+        $response = Http::GitHub($this->github_app->api_url, $this->token)
+            ->timeout(20)
+            ->retry(3, 200, throw: false)
+            ->get("/repos/{$this->selected_repository_owner}/{$this->selected_repository_repo}/branches", [
+                'per_page' => 100,
+                'page' => $this->page,
+            ]);
         $json = $response->json();
         if ($response->status() !== 200) {
             return $this->dispatch('error', $json['message']);
diff --git a/bootstrap/helpers/github.php b/bootstrap/helpers/github.php
index 0de2f2fd9..3b5f183fb 100644
--- a/bootstrap/helpers/github.php
+++ b/bootstrap/helpers/github.php
@@ -135,7 +135,13 @@ function getPermissionsPath(GithubApp $source)
 
 function loadRepositoryByPage(GithubApp $source, string $token, int $page)
 {
-    $response = Http::withToken($token)->get("{$source->api_url}/installation/repositories?per_page=100&page={$page}");
+    $response = Http::GitHub($source->api_url, $token)
+        ->timeout(20)
+        ->retry(3, 200, throw: false)
+        ->get('/installation/repositories', [
+            'per_page' => 100,
+            'page' => $page,
+        ]);
     $json = $response->json();
     if ($response->status() !== 200) {
         return [

From ed2ba832a8a0f306f612ca725735aedc3bad12ae Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 17:41:20 +0200
Subject: [PATCH 057/129] refactor(databases): remove deprecated backup
 parameters from API documentation

- Removed obsolete backup-related parameters from the OpenAPI specification in the DatabasesController.
- Streamlined the API documentation to enhance clarity and focus on current functionality.
---
 app/Http/Controllers/Api/DatabasesController.php | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 31bf2807e..a9c7cb6f4 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -294,19 +294,6 @@ public function database_by_uuid(Request $request)
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
-                        'save_s3' => ['type' => 'boolean', 'description' => 'Whether data is saved in s3 or not'],
-                        's3_storage_uuid' => ['type' => 'string', 'description' => 'S3 storage UUID'],
-                        'backup_now' => ['type' => 'boolean', 'description' => 'Whether to take a backup now or not'],
-                        'enabled' => ['type' => 'boolean', 'description' => 'Whether the backup is enabled or not'],
-                        'databases_to_backup' => ['type' => 'string', 'description' => 'Comma separated list of databases to backup'],
-                        'dump_all' => ['type' => 'boolean', 'description' => 'Whether all databases are dumped or not'],
-                        'frequency' => ['type' => 'string', 'description' => 'Frequency of the backup'],
-                        'database_backup_retention_amount_locally' => ['type' => 'integer', 'description' => 'Retention amount of the backup locally'],
-                        'database_backup_retention_days_locally' => ['type' => 'integer', 'description' => 'Retention days of the backup locally'],
-                        'database_backup_retention_max_storage_locally' => ['type' => 'integer', 'description' => 'Max storage of the backup locally'],
-                        'database_backup_retention_amount_s3' => ['type' => 'integer', 'description' => 'Retention amount of the backup in s3'],
-                        'database_backup_retention_days_s3' => ['type' => 'integer', 'description' => 'Retention days of the backup in s3'],
-                        'database_backup_retention_max_storage_s3' => ['type' => 'integer', 'description' => 'Max storage of the backup in S3'],
                     ],
                 ),
             )

From 5c6ab5033280dd154f9323cae10b099676f0ece0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 17:44:26 +0200
Subject: [PATCH 058/129] fix(databases): update backup retrieval logic to
 include team context

- Modified backup configuration queries in the DatabasesController to filter by team ID, ensuring proper access control.
- Enhanced S3 storage retrieval to use the current team context for better data integrity.
- Added a relationship method in ScheduledDatabaseBackup model to associate backups with teams.
---
 app/Http/Controllers/Api/DatabasesController.php | 11 ++++++-----
 app/Models/ScheduledDatabaseBackup.php           |  5 +++++
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index a9c7cb6f4..c697417bd 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -12,6 +12,7 @@
 use App\Jobs\DatabaseBackupJob;
 use App\Jobs\DeleteResourceJob;
 use App\Models\Project;
+use App\Models\S3Storage;
 use App\Models\ScheduledDatabaseBackup;
 use App\Models\Server;
 use App\Models\StandalonePostgresql;
@@ -717,7 +718,7 @@ public function update_backup(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
-        $backupConfig = ScheduledDatabaseBackup::where('database_id', $database->id)
+        $backupConfig = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
         if (! $backupConfig) {
@@ -741,7 +742,7 @@ public function update_backup(Request $request)
 
         // Convert s3_storage_uuid to s3_storage_id
         if (isset($backupData['s3_storage_uuid'])) {
-            $s3Storage = \App\Models\S3Storage::where('uuid', $backupData['s3_storage_uuid'])->first();
+            $s3Storage = S3Storage::ownedByCurrentTeam()->where('uuid', $backupData['s3_storage_uuid'])->first();
             if ($s3Storage) {
                 $backupData['s3_storage_id'] = $s3Storage->id;
             }
@@ -1950,7 +1951,7 @@ public function delete_backup_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2071,7 +2072,7 @@ public function delete_execution_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2179,7 +2180,7 @@ public function list_backup_executions(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
diff --git a/app/Models/ScheduledDatabaseBackup.php b/app/Models/ScheduledDatabaseBackup.php
index 90204d8df..f26090951 100644
--- a/app/Models/ScheduledDatabaseBackup.php
+++ b/app/Models/ScheduledDatabaseBackup.php
@@ -10,6 +10,11 @@ class ScheduledDatabaseBackup extends BaseModel
 {
     protected $guarded = [];
 
+    public function team()
+    {
+        return $this->belongsTo(Team::class);
+    }
+
     public function database(): MorphTo
     {
         return $this->morphTo();

From bb06a74fee991b23366ce638860f6db66a213778 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 17:45:37 +0200
Subject: [PATCH 059/129] refactor(databases): streamline backup queries to use
 team context

- Updated backup retrieval logic in DatabasesController to utilize the new ownedByCurrentTeam method for improved access control.
- Enhanced code readability and maintainability by centralizing team-based filtering in the ScheduledDatabaseBackup model.
---
 app/Http/Controllers/Api/DatabasesController.php | 8 ++++----
 app/Models/ScheduledDatabaseBackup.php           | 5 +++++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index c697417bd..9a8c7d459 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -718,7 +718,7 @@ public function update_backup(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
-        $backupConfig = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
+        $backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
         if (! $backupConfig) {
@@ -1951,7 +1951,7 @@ public function delete_backup_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2072,7 +2072,7 @@ public function delete_execution_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2180,7 +2180,7 @@ public function list_backup_executions(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::where('team_id', $teamId)->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
diff --git a/app/Models/ScheduledDatabaseBackup.php b/app/Models/ScheduledDatabaseBackup.php
index f26090951..4dbeed648 100644
--- a/app/Models/ScheduledDatabaseBackup.php
+++ b/app/Models/ScheduledDatabaseBackup.php
@@ -10,6 +10,11 @@ class ScheduledDatabaseBackup extends BaseModel
 {
     protected $guarded = [];
 
+    public static function ownedByCurrentTeam()
+    {
+        return ScheduledDatabaseBackup::whereRelation('team', 'id', currentTeam()->id)->orderBy('name');
+    }
+
     public function team()
     {
         return $this->belongsTo(Team::class);

From 33d25f418e8a3dd5639e12b144fcfb1160f701b4 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 17:47:46 +0200
Subject: [PATCH 060/129] refactor(databases): update backup queries to use
 team-specific method

- Modified backup retrieval logic in DatabasesController to utilize the new ownedByCurrentTeamAPI method for improved access control based on team ID.
- Enhanced code consistency and maintainability by centralizing team-based filtering in the ScheduledDatabaseBackup model.
---
 app/Http/Controllers/Api/DatabasesController.php | 12 ++++++------
 app/Models/ScheduledDatabaseBackup.php           |  5 +++++
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 9a8c7d459..c9617fdb8 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -85,7 +85,7 @@ public function databases(Request $request)
 
         $databaseIds = $databases->pluck('id')->toArray();
 
-        $backupConfigs = ScheduledDatabaseBackup::with('latest_log')
+        $backupConfigs = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->with('latest_log')
             ->whereIn('database_id', $databaseIds)
             ->get()
             ->groupBy('database_id');
@@ -159,7 +159,7 @@ public function database_backup_details_uuid(Request $request)
 
         $this->authorize('view', $database);
 
-        $backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->get();
+        $backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->with('executions')->where('database_id', $database->id)->get();
 
         return response()->json($backupConfig);
     }
@@ -718,7 +718,7 @@ public function update_backup(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
-        $backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
+        $backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
         if (! $backupConfig) {
@@ -1951,7 +1951,7 @@ public function delete_backup_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2072,7 +2072,7 @@ public function delete_execution_by_uuid(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
@@ -2180,7 +2180,7 @@ public function list_backup_executions(Request $request)
         }
 
         // Find the backup configuration by its UUID
-        $backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
+        $backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
 
diff --git a/app/Models/ScheduledDatabaseBackup.php b/app/Models/ScheduledDatabaseBackup.php
index 4dbeed648..4656457ae 100644
--- a/app/Models/ScheduledDatabaseBackup.php
+++ b/app/Models/ScheduledDatabaseBackup.php
@@ -15,6 +15,11 @@ public static function ownedByCurrentTeam()
         return ScheduledDatabaseBackup::whereRelation('team', 'id', currentTeam()->id)->orderBy('name');
     }
 
+    public static function ownedByCurrentTeamAPI(int $teamId)
+    {
+        return ScheduledDatabaseBackup::whereRelation('team', 'id', $teamId)->orderBy('name');
+    }
+
     public function team()
     {
         return $this->belongsTo(Team::class);

From 238957132cdf91ac1b0d5a39b44917ebeb3f5dd1 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Mon, 22 Sep 2025 19:43:15 +0200
Subject: [PATCH 061/129] feat(databases): enhance backup update and deletion
 logic with validation

- Added authorization checks for updating and deleting backups in DatabasesController.
- Implemented validation for S3 storage UUID when saving backups, ensuring it belongs to the current team.
- Improved error handling during backup deletion with transaction management for better data integrity.
---
 .../Controllers/Api/DatabasesController.php   | 34 ++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index c9617fdb8..62ac36d5c 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -17,6 +17,7 @@
 use App\Models\Server;
 use App\Models\StandalonePostgresql;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
 use OpenApi\Attributes as OA;
 
 class DatabasesController extends Controller
@@ -718,6 +719,24 @@ public function update_backup(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
+        $this->authorize('update', $database);
+
+        if ($request->boolean('save_s3') && ! $request->filled('s3_storage_uuid')) {
+            return response()->json([
+                'message' => 'Validation failed.',
+                'errors' => ['s3_storage_uuid' => ['The s3_storage_uuid field is required when save_s3 is true.']],
+            ], 422);
+        }
+        if ($request->filled('s3_storage_uuid')) {
+            $existsInTeam = S3Storage::ownedByCurrentTeam()->where('uuid', $request->s3_storage_uuid)->exists();
+            if (! $existsInTeam) {
+                return response()->json([
+                    'message' => 'Validation failed.',
+                    'errors' => ['s3_storage_uuid' => ['The selected S3 storage is invalid for this team.']],
+                ], 422);
+            }
+        }
+
         $backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
             ->first();
@@ -745,6 +764,11 @@ public function update_backup(Request $request)
             $s3Storage = S3Storage::ownedByCurrentTeam()->where('uuid', $backupData['s3_storage_uuid'])->first();
             if ($s3Storage) {
                 $backupData['s3_storage_id'] = $s3Storage->id;
+            } elseif ($request->boolean('save_s3')) {
+                return response()->json([
+                    'message' => 'Validation failed.',
+                    'errors' => ['s3_storage_uuid' => ['The selected S3 storage is invalid for this team.']],
+                ], 422);
             }
             unset($backupData['s3_storage_uuid']);
         }
@@ -752,7 +776,7 @@ public function update_backup(Request $request)
         $backupConfig->update($backupData);
 
         if ($request->backup_now) {
-            DatabaseBackupJob::dispatch($backupConfig);
+            dispatch(new DatabaseBackupJob($backupConfig));
         }
 
         return response()->json([
@@ -1950,6 +1974,8 @@ public function delete_backup_by_uuid(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
+        $this->authorize('update', $database);
+
         // Find the backup configuration by its UUID
         $backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)
@@ -1962,6 +1988,7 @@ public function delete_backup_by_uuid(Request $request)
         $deleteS3 = filter_var($request->query->get('delete_s3', false), FILTER_VALIDATE_BOOLEAN);
 
         try {
+            DB::beginTransaction();
             // Get all executions for this backup configuration
             $executions = $backup->executions()->get();
 
@@ -1980,11 +2007,14 @@ public function delete_backup_by_uuid(Request $request)
 
             // Delete the backup configuration itself
             $backup->delete();
+            DB::commit();
 
             return response()->json([
                 'message' => 'Backup configuration and all executions deleted.',
             ]);
         } catch (\Exception $e) {
+            DB::rollBack();
+
             return response()->json(['message' => 'Failed to delete backup: '.$e->getMessage()], 500);
         }
     }
@@ -2071,6 +2101,8 @@ public function delete_execution_by_uuid(Request $request)
             return response()->json(['message' => 'Database not found.'], 404);
         }
 
+        $this->authorize('update', $database);
+
         // Find the backup configuration by its UUID
         $backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
             ->where('uuid', $request->scheduled_backup_uuid)

From 6b5f87eec844e32c4c1e06e031e44fc929ad9812 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 23:38:36 +0530
Subject: [PATCH 062/129] Added new callout component

---
 resources/views/components/callout.blade.php | 59 ++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 resources/views/components/callout.blade.php

diff --git a/resources/views/components/callout.blade.php b/resources/views/components/callout.blade.php
new file mode 100644
index 000000000..e65dad63b
--- /dev/null
+++ b/resources/views/components/callout.blade.php
@@ -0,0 +1,59 @@
+@props(['type' => 'warning', 'title' => 'Warning', 'class' => ''])
+
+@php
+    $icons = [
+        'warning' => '<svg class="w-5 h-5 text-yellow-600 dark:text-yellow-400" fill="currentColor" viewBox="0 0 20 20"><path fill-rule="evenodd" d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z" clip-rule="evenodd"></path></svg>',
+        
+        'danger' => '<svg class="w-5 h-5 text-red-600 dark:text-red-400" fill="currentColor" viewBox="0 0 20 20"><path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd"></path></svg>',
+        
+        'info' => '<svg class="w-5 h-5 text-blue-600 dark:text-blue-400" fill="currentColor" viewBox="0 0 20 20"><path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd"></path></svg>',
+        
+        'success' => '<svg class="w-5 h-5 text-green-600 dark:text-green-400" fill="currentColor" viewBox="0 0 20 20"><path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zm3.707-9.293a1 1 0 00-1.414-1.414L9 10.586 7.707 9.293a1 1 0 00-1.414 1.414l2 2a1 1 0 001.414 0l4-4z" clip-rule="evenodd"></path></svg>'
+    ];
+
+    $colors = [
+        'warning' => [
+            'bg' => 'bg-yellow-50 dark:bg-yellow-900/30',
+            'border' => 'border-yellow-300 dark:border-yellow-800',
+            'title' => 'text-yellow-800 dark:text-yellow-300',
+            'text' => 'text-yellow-700 dark:text-yellow-200'
+        ],
+        'danger' => [
+            'bg' => 'bg-red-50 dark:bg-red-900/30',
+            'border' => 'border-red-300 dark:border-red-800',
+            'title' => 'text-red-800 dark:text-red-300',
+            'text' => 'text-red-700 dark:text-red-200'
+        ],
+        'info' => [
+            'bg' => 'bg-blue-50 dark:bg-blue-900/30',
+            'border' => 'border-blue-300 dark:border-blue-800',
+            'title' => 'text-blue-800 dark:text-blue-300',
+            'text' => 'text-blue-700 dark:text-blue-200'
+        ],
+        'success' => [
+            'bg' => 'bg-green-50 dark:bg-green-900/30',
+            'border' => 'border-green-300 dark:border-green-800',
+            'title' => 'text-green-800 dark:text-green-300',
+            'text' => 'text-green-700 dark:text-green-200'
+        ]
+    ];
+
+    $colorScheme = $colors[$type] ?? $colors['warning'];
+    $icon = $icons[$type] ?? $icons['warning'];
+@endphp
+
+<div {{ $attributes->merge(['class' => 'p-4 border rounded-lg ' . $colorScheme['bg'] . ' ' . $colorScheme['border'] . ' ' . $class]) }}>
+    <div class="flex items-start">
+        <div class="flex-shrink-0">
+            {!! $icon !!}
+        </div>
+        <div class="ml-3">
+            <div class="text-base font-bold {{ $colorScheme['title'] }}">
+                {{ $title }}
+            </div>
+            <div class="mt-2 text-sm {{ $colorScheme['text'] }}">
+                {{ $slot }}
+            </div>
+        </div>
+    </div>
+</div>
\ No newline at end of file

From dc8398ada813c42427edb386d01a45431c4a3fb3 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Mon, 22 Sep 2025 23:56:08 +0530
Subject: [PATCH 063/129] Cleaned up docker cleanup page

---
 .../livewire/server/docker-cleanup.blade.php  | 81 ++++++++++---------
 1 file changed, 43 insertions(+), 38 deletions(-)

diff --git a/resources/views/livewire/server/docker-cleanup.blade.php b/resources/views/livewire/server/docker-cleanup.blade.php
index 04d133181..4d440b23b 100644
--- a/resources/views/livewire/server/docker-cleanup.blade.php
+++ b/resources/views/livewire/server/docker-cleanup.blade.php
@@ -11,13 +11,6 @@
                     <div class="flex items-center gap-2">
                         <h2>Docker Cleanup</h2>
                         <x-forms.button type="submit" canGate="update" :canResource="$server">Save</x-forms.button>
-                    </div>
-                    <div class="mt-3 mb-4">Configure Docker cleanup settings for your server.</div>
-                </div>
-
-                <div class="flex flex-col gap-2">
-                    <div class="flex gap-4">
-                        <h3>Docker Cleanup</h3>
                         @can('update', $server)
                             <x-modal-confirmation title="Confirm Docker Cleanup?" buttonTitle="Trigger Manual Cleanup"
                                 isHighlightedButton submitAction="manualCleanup" :actions="[
@@ -31,7 +24,14 @@
                                 :confirmWithPassword="false" step2ButtonText="Trigger Docker Cleanup" />
                         @endcan
                     </div>
-                    <div class="flex flex-wrap items-center gap-4">
+                    <div class="mt-1 mb-6">Configure Docker cleanup settings for your server.</div>
+                </div>
+
+                <div class="flex flex-col gap-2">
+                    <div class="flex gap-4">
+                        <h3>Cleanup Configuration</h3>
+                    </div>
+                    <div class="flex items-center gap-4">
                         <x-forms.input canGate="update" :canResource="$server" placeholder="*/10 * * * *"
                             id="dockerCleanupFrequency" label="Docker cleanup frequency" required
                             helper="Cron expression for Docker Cleanup.<br>You can use every_minute, hourly, daily, weekly, monthly, yearly.<br><br>Default is every night at midnight." />
@@ -40,43 +40,48 @@
                                 label="Docker cleanup threshold (%)" required
                                 helper="The Docker cleanup tasks will run when the disk usage exceeds this threshold." />
                         @endif
-                        <div class="w-96">
-                            <x-forms.checkbox canGate="update" :canResource="$server"
-                                helper="Enabling Force Docker Cleanup or manually triggering a cleanup will perform the following actions:
-                        <ul class='list-disc pl-4 mt-2'>
-                            <li>Removes stopped containers managed by Coolify (as containers are none persistent, no data will be lost).</li>
-                            <li>Deletes unused images.</li>
-                            <li>Clears build cache.</li>
-                            <li>Removes old versions of the Coolify helper image.</li>
-                            <li>Optionally delete unused volumes (if enabled in advanced options).</li>
-                            <li>Optionally remove unused networks (if enabled in advanced options).</li>
-                        </ul>"
-                                instantSave id="forceDockerCleanup" label="Force Docker Cleanup" />
-                        </div>
                     </div>
-                    <p class="text-sm text-gray-600 dark:text-gray-400 mb-2">
-                        <span class="dark:text-warning font-bold">Warning: Enable these
-                            options only if you fully understand their implications and
-                            consequences!</span><br>Improper use will result in data loss and could cause
-                        functional issues.
-                    </p>
+                    <div class="w-96">
+                        <x-forms.checkbox canGate="update" :canResource="$server"
+                            helper="Enabling Force Docker Cleanup or manually triggering a cleanup will perform the following actions:
+                            <ul class='list-disc pl-4 mt-2'>
+                                <li>Removes stopped containers managed by Coolify (as containers are none persistent, no data will be lost).</li>
+                                <li>Deletes unused images.</li>
+                                <li>Clears build cache.</li>
+                                <li>Removes old versions of the Coolify helper image.</li>
+                                <li>Optionally delete unused volumes (if enabled in advanced options).</li>
+                                <li>Optionally remove unused networks (if enabled in advanced options).</li>
+                            </ul>"
+                            instantSave id="forceDockerCleanup" label="Force Docker Cleanup" 
+                        />
+                    </div>
+
+                </div>
+
+                <div class="flex flex-col gap-2 mt-6">
+                    <h3>Advanced</h3>
+                    <x-callout type="warning" title="Caution">
+                        <p>These options can cause permanent data loss and functional issues. Only enable if you fully understand the consequences</p>
+                    </x-callout>
                     <div class="w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server" instantSave id="deleteUnusedVolumes"
                             label="Delete Unused Volumes"
-                            helper="This option will remove all unused Docker volumes during cleanup.<br><br><strong>Warning: Data form stopped containers will be lost!</strong><br><br>Consequences include:<br>
-                    <ul class='list-disc pl-4 mt-2'>
-                    <li>Volumes not attached to running containers will be deleted and data will be permanently lost (stopped containers are affected).</li>
-                    <li>Data from stopped containers volumes will be permanently lost.</li>
-                    <li>No way to recover deleted volume data.</li>
-                    </ul>" />
+                            helper="This option will remove all unused Docker volumes during cleanup.<br><br><strong>Warning: Data from stopped containers will be lost!</strong><br><br>Consequences include:<br>
+                            <ul class='list-disc pl-4 mt-2'>
+                                <li>Volumes not attached to running containers will be deleted and data will be permanently lost (stopped containers are affected).</li>
+                                <li>Data from stopped containers volumes will be permanently lost.</li>
+                                <li>No way to recover deleted volume data.</li>
+                            </ul>" 
+                        />
                         <x-forms.checkbox canGate="update" :canResource="$server" instantSave id="deleteUnusedNetworks"
                             label="Delete Unused Networks"
                             helper="This option will remove all unused Docker networks during cleanup.<br><br><strong>Warning: Functionality may be lost and containers may not be able to communicate with each other!</strong><br><br>Consequences include:<br>
-                    <ul class='list-disc pl-4 mt-2'>
-                    <li>Networks not attached to running containers will be permanently deleted (stopped containers are affected).</li>
-                    <li>Custom networks for stopped containers will be permanently deleted.</li>
-                    <li>Functionality may be lost and containers may not be able to communicate with each other.</li>
-                    </ul>" />
+                            <ul class='list-disc pl-4 mt-2'>
+                                <li>Networks not attached to running containers will be permanently deleted (stopped containers are affected).</li>
+                                <li>Custom networks for stopped containers will be permanently deleted.</li>
+                                <li>Functionality may be lost and containers may not be able to communicate with each other.</li>
+                            </ul>" 
+                        />
                     </div>
                 </div>
             </form>

From 79b940422c151fbf15edd8be0f947348c0d34d79 Mon Sep 17 00:00:00 2001
From: Henk Hornschuh <h.hornschuh@basecom.de>
Date: Mon, 22 Sep 2025 21:27:18 +0200
Subject: [PATCH 064/129] fix(): fix typo of installed

---
 app/Livewire/Server/ValidateAndInstall.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Livewire/Server/ValidateAndInstall.php b/app/Livewire/Server/ValidateAndInstall.php
index c75474e44..bf0b7b6a5 100644
--- a/app/Livewire/Server/ValidateAndInstall.php
+++ b/app/Livewire/Server/ValidateAndInstall.php
@@ -146,7 +146,7 @@ public function validateDockerVersion()
                 StartProxy::dispatch($this->server);
             } else {
                 $requiredDockerVersion = str(config('constants.docker.minimum_required_version'))->before('.');
-                $this->error = 'Minimum Docker Engine version '.$requiredDockerVersion.' is not instaled. Please install Docker manually before continuing: <a target="_blank" class="underline" href="https://docs.docker.com/engine/install/#server">documentation</a>.';
+                $this->error = 'Minimum Docker Engine version '.$requiredDockerVersion.' is not installed. Please install Docker manually before continuing: <a target="_blank" class="underline" href="https://docs.docker.com/engine/install/#server">documentation</a>.';
                 $this->server->update([
                     'validation_logs' => $this->error,
                 ]);

From 299db159cb3e67377ea14813ced91239c9a304bf Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Tue, 23 Sep 2025 06:32:51 +0530
Subject: [PATCH 065/129] Moved terminal access settings to security page

---
 app/Livewire/Server/Advanced.php              | 33 --------
 .../Server/Security/TerminalAccess.php        | 79 +++++++++++++++++++
 .../server/sidebar-security.blade.php         |  4 +
 .../views/livewire/server/advanced.blade.php  | 41 ----------
 .../server/security/terminal-access.blade.php | 58 ++++++++++++++
 routes/web.php                                |  2 +
 6 files changed, 143 insertions(+), 74 deletions(-)
 create mode 100644 app/Livewire/Server/Security/TerminalAccess.php
 create mode 100644 resources/views/livewire/server/security/terminal-access.blade.php

diff --git a/app/Livewire/Server/Advanced.php b/app/Livewire/Server/Advanced.php
index 760c4df0d..bbc3bd96a 100644
--- a/app/Livewire/Server/Advanced.php
+++ b/app/Livewire/Server/Advanced.php
@@ -27,9 +27,6 @@ class Advanced extends Component
     #[Validate(['integer', 'min:1'])]
     public int $dynamicTimeout = 1;
 
-    #[Validate(['boolean'])]
-    public bool $isTerminalEnabled = false;
-
     public function mount(string $server_uuid)
     {
         try {
@@ -42,36 +39,7 @@ public function mount(string $server_uuid)
         }
     }
 
-    public function toggleTerminal($password)
-    {
-        try {
-            // Check if user is admin or owner
-            if (! auth()->user()->isAdmin()) {
-                throw new \Exception('Only team administrators and owners can modify terminal access.');
-            }
 
-            // Verify password unless two-step confirmation is disabled
-            if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
-                if (! Hash::check($password, Auth::user()->password)) {
-                    $this->addError('password', 'The provided password is incorrect.');
-
-                    return;
-                }
-            }
-
-            // Toggle the terminal setting
-            $this->server->settings->is_terminal_enabled = ! $this->server->settings->is_terminal_enabled;
-            $this->server->settings->save();
-
-            // Update the local property
-            $this->isTerminalEnabled = $this->server->settings->is_terminal_enabled;
-
-            $status = $this->isTerminalEnabled ? 'enabled' : 'disabled';
-            $this->dispatch('success', "Terminal access has been {$status}.");
-        } catch (\Throwable $e) {
-            return handleError($e, $this);
-        }
-    }
 
     public function syncData(bool $toModel = false)
     {
@@ -88,7 +56,6 @@ public function syncData(bool $toModel = false)
             $this->dynamicTimeout = $this->server->settings->dynamic_timeout;
             $this->serverDiskUsageNotificationThreshold = $this->server->settings->server_disk_usage_notification_threshold;
             $this->serverDiskUsageCheckFrequency = $this->server->settings->server_disk_usage_check_frequency;
-            $this->isTerminalEnabled = $this->server->settings->is_terminal_enabled;
         }
     }
 
diff --git a/app/Livewire/Server/Security/TerminalAccess.php b/app/Livewire/Server/Security/TerminalAccess.php
new file mode 100644
index 000000000..c5898314b
--- /dev/null
+++ b/app/Livewire/Server/Security/TerminalAccess.php
@@ -0,0 +1,79 @@
+<?php
+
+namespace App\Livewire\Server\Security;
+
+use App\Models\InstanceSettings;
+use App\Models\Server;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Livewire\Attributes\Validate;
+use Livewire\Component;
+
+class TerminalAccess extends Component
+{
+    public Server $server;
+
+    public array $parameters = [];
+
+    #[Validate(['boolean'])]
+    public bool $isTerminalEnabled = false;
+
+    public function mount(string $server_uuid)
+    {
+        try {
+            $this->server = Server::ownedByCurrentTeam()->whereUuid($server_uuid)->firstOrFail();
+            $this->parameters = get_route_parameters();
+            $this->syncData();
+
+        } catch (\Throwable) {
+            return redirect()->route('server.index');
+        }
+    }
+
+    public function toggleTerminal($password)
+    {
+        try {
+            // Check if user is admin or owner
+            if (! auth()->user()->isAdmin()) {
+                throw new \Exception('Only team administrators and owners can modify terminal access.');
+            }
+
+            // Verify password unless two-step confirmation is disabled
+            if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
+                if (! Hash::check($password, Auth::user()->password)) {
+                    $this->addError('password', 'The provided password is incorrect.');
+
+                    return;
+                }
+            }
+
+            // Toggle the terminal setting
+            $this->server->settings->is_terminal_enabled = ! $this->server->settings->is_terminal_enabled;
+            $this->server->settings->save();
+
+            // Update the local property
+            $this->isTerminalEnabled = $this->server->settings->is_terminal_enabled;
+
+            $status = $this->isTerminalEnabled ? 'enabled' : 'disabled';
+            $this->dispatch('success', "Terminal access has been {$status}.");
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
+    public function syncData(bool $toModel = false)
+    {
+        if ($toModel) {
+            $this->authorize('update', $this->server);
+            $this->validate();
+            // No other fields to sync for terminal access
+        } else {
+            $this->isTerminalEnabled = $this->server->settings->is_terminal_enabled;
+        }
+    }
+
+    public function render()
+    {
+        return view('livewire.server.security.terminal-access');
+    }
+}
\ No newline at end of file
diff --git a/resources/views/components/server/sidebar-security.blade.php b/resources/views/components/server/sidebar-security.blade.php
index 6f6d9d8a0..141d32f3b 100644
--- a/resources/views/components/server/sidebar-security.blade.php
+++ b/resources/views/components/server/sidebar-security.blade.php
@@ -3,4 +3,8 @@
         href="{{ route('server.security.patches', $parameters) }}">
         Server Patching
     </a>
+    <a class="{{ request()->routeIs('server.security.terminal-access') ? 'menu-item menu-item-active' : 'menu-item' }}"
+        href="{{ route('server.security.terminal-access', $parameters) }}">
+        Terminal Access
+    </a>
 </div>
diff --git a/resources/views/livewire/server/advanced.blade.php b/resources/views/livewire/server/advanced.blade.php
index 308a9eed2..6622961c5 100644
--- a/resources/views/livewire/server/advanced.blade.php
+++ b/resources/views/livewire/server/advanced.blade.php
@@ -14,47 +14,6 @@
                 <div class="mb-4">Advanced configuration for your server.</div>
             </div>
 
-            <div class="flex items-center gap-2">
-                <h3>Terminal Access</h3>
-                <x-helper
-                    helper="Control whether terminal access is available for this server and its containers.<br/>Only team
-                    administrators and owners can modify this setting." />
-                @if ($isTerminalEnabled)
-                    <span
-                        class="px-2 py-1 text-xs font-semibold text-green-800 bg-green-100 rounded dark:text-green-100 dark:bg-green-800">
-                        Enabled
-                    </span>
-                @else
-                    <span
-                        class="px-2 py-1 text-xs font-semibold text-red-800 bg-red-100 rounded dark:text-red-100 dark:bg-red-800">
-                        Disabled
-                    </span>
-                @endif
-            </div>
-            <div class="flex flex-col gap-4">
-                <div class="flex items-center gap-4 pt-4">
-                    @if (auth()->user()->isAdmin())
-                        <div wire:key="terminal-access-change-{{ $isTerminalEnabled }}" class="pb-4">
-                            <x-modal-confirmation title="Confirm Terminal Access Change?"
-                                temporaryDisableTwoStepConfirmation
-                                buttonTitle="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}"
-                                submitAction="toggleTerminal" :actions="[
-                                    $isTerminalEnabled
-                                        ? 'This will disable terminal access for this server and all its containers.'
-                                        : 'This will enable terminal access for this server and all its containers.',
-                                    $isTerminalEnabled
-                                        ? 'Users will no longer be able to access terminal views from the UI.'
-                                        : 'Users will be able to access terminal views from the UI.',
-                                    'This change will take effect immediately.',
-                                ]" confirmationText="{{ $server->name }}"
-                                shortConfirmationLabel="Server Name"
-                                step3ButtonText="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}">
-                            </x-modal-confirmation>
-                        </div>
-                    @endif
-                </div>
-            </div>
-
             <h3>Disk Usage</h3>
             <div class="flex flex-col gap-6">
                 <div class="flex flex-col">
diff --git a/resources/views/livewire/server/security/terminal-access.blade.php b/resources/views/livewire/server/security/terminal-access.blade.php
new file mode 100644
index 000000000..81e9482f1
--- /dev/null
+++ b/resources/views/livewire/server/security/terminal-access.blade.php
@@ -0,0 +1,58 @@
+<div>
+    <x-slot:title>
+        {{ data_get_str($server, 'name')->limit(10) }} > Terminal Access | Coolify
+    </x-slot>
+    <livewire:server.navbar :server="$server" />
+    <div x-data="{ activeTab: window.location.hash ? window.location.hash.substring(1) : 'general' }" class="flex flex-col h-full gap-8 sm:flex-row">
+        <x-server.sidebar-security :server="$server" :parameters="$parameters" />
+        <div class="w-full">
+            <div>
+                <div class="flex items-center gap-2">
+                    <h2>Terminal Access</h2>
+                </div>
+                <div class="mb-4">Control terminal access for this server and its containers.</div>
+            </div>
+
+            <div class="flex items-center gap-2">
+                <h3>Terminal Access</h3>
+                <x-helper
+                    helper="Control whether terminal access is available for this server and its containers.<br/>Only team
+                    administrators and owners can modify this setting." />
+                @if ($isTerminalEnabled)
+                    <span
+                        class="px-2 py-1 text-xs font-semibold text-green-800 bg-green-100 rounded dark:text-green-100 dark:bg-green-800">
+                        Enabled
+                    </span>
+                @else
+                    <span
+                        class="px-2 py-1 text-xs font-semibold text-red-800 bg-red-100 rounded dark:text-red-100 dark:bg-red-800">
+                        Disabled
+                    </span>
+                @endif
+            </div>
+            <div class="flex flex-col gap-4">
+                <div class="flex items-center gap-4 pt-4">
+                    @if (auth()->user()->isAdmin())
+                        <div wire:key="terminal-access-change-{{ $isTerminalEnabled }}" class="pb-4">
+                            <x-modal-confirmation title="Confirm Terminal Access Change?"
+                                temporaryDisableTwoStepConfirmation
+                                buttonTitle="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}"
+                                submitAction="toggleTerminal" :actions="[
+                                    $isTerminalEnabled
+                                        ? 'This will disable terminal access for this server and all its containers.'
+                                        : 'This will enable terminal access for this server and all its containers.',
+                                    $isTerminalEnabled
+                                        ? 'Users will no longer be able to access terminal views from the UI.'
+                                        : 'Users will be able to access terminal views from the UI.',
+                                    'This change will take effect immediately.',
+                                ]" confirmationText="{{ $server->name }}"
+                                shortConfirmationLabel="Server Name"
+                                step3ButtonText="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}">
+                            </x-modal-confirmation>
+                        </div>
+                    @endif
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
\ No newline at end of file
diff --git a/routes/web.php b/routes/web.php
index e6567daad..fd2ed8730 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -51,6 +51,7 @@
 use App\Livewire\Server\Proxy\Show as ProxyShow;
 use App\Livewire\Server\Resources as ResourcesShow;
 use App\Livewire\Server\Security\Patches;
+use App\Livewire\Server\Security\TerminalAccess;
 use App\Livewire\Server\Show as ServerShow;
 use App\Livewire\Settings\Advanced as SettingsAdvanced;
 use App\Livewire\Settings\Index as SettingsIndex;
@@ -260,6 +261,7 @@
         Route::get('/docker-cleanup', DockerCleanup::class)->name('server.docker-cleanup');
         Route::get('/security', fn () => redirect(route('dashboard')))->name('server.security')->middleware('can.update.resource');
         Route::get('/security/patches', Patches::class)->name('server.security.patches')->middleware('can.update.resource');
+        Route::get('/security/terminal-access', TerminalAccess::class)->name('server.security.terminal-access')->middleware('can.update.resource');
     });
     Route::get('/destinations', DestinationIndex::class)->name('destination.index');
     Route::get('/destination/{destination_uuid}', DestinationShow::class)->name('destination.show');

From 710e8c3d512254bc6775a7edff4c25a550130ed9 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com>
Date: Tue, 23 Sep 2025 07:58:03 +0530
Subject: [PATCH 066/129] Fixed CSRF validation errors for bugsink service
 template

---
 templates/compose/bugsink.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/bugsink.yaml b/templates/compose/bugsink.yaml
index 7231dc7fa..f137eb1a8 100644
--- a/templates/compose/bugsink.yaml
+++ b/templates/compose/bugsink.yaml
@@ -35,6 +35,7 @@ services:
       - SERVICE_URL_BUGSINK_8000
       - BASE_URL=$SERVICE_URL_BUGSINK_8000
       - DATABASE_URL=mysql://${SERVICE_USER_BUGSINK}:$SERVICE_PASSWORD_BUGSINK@mysql:3306/${MYSQL_DATABASE:-bugsink}
+      - BEHIND_HTTPS_PROXY=True
     depends_on:
       mysql:
         condition: service_healthy

From 1733b210ed72a091141815460b9755e4853085ce Mon Sep 17 00:00:00 2001
From: ShadowArcanist <projectshadowmoon@gmail.com>
Date: Tue, 23 Sep 2025 09:26:17 +0530
Subject: [PATCH 067/129] Cleaned up Terminal Access page (visual improvements)

---
 .../server/security/terminal-access.blade.php | 49 +++++++++----------
 1 file changed, 23 insertions(+), 26 deletions(-)

diff --git a/resources/views/livewire/server/security/terminal-access.blade.php b/resources/views/livewire/server/security/terminal-access.blade.php
index 81e9482f1..3541c429d 100644
--- a/resources/views/livewire/server/security/terminal-access.blade.php
+++ b/resources/views/livewire/server/security/terminal-access.blade.php
@@ -6,34 +6,14 @@
     <div x-data="{ activeTab: window.location.hash ? window.location.hash.substring(1) : 'general' }" class="flex flex-col h-full gap-8 sm:flex-row">
         <x-server.sidebar-security :server="$server" :parameters="$parameters" />
         <div class="w-full">
-            <div>
+             <div>
                 <div class="flex items-center gap-2">
                     <h2>Terminal Access</h2>
-                </div>
-                <div class="mb-4">Control terminal access for this server and its containers.</div>
-            </div>
-
-            <div class="flex items-center gap-2">
-                <h3>Terminal Access</h3>
-                <x-helper
-                    helper="Control whether terminal access is available for this server and its containers.<br/>Only team
-                    administrators and owners can modify this setting." />
-                @if ($isTerminalEnabled)
-                    <span
-                        class="px-2 py-1 text-xs font-semibold text-green-800 bg-green-100 rounded dark:text-green-100 dark:bg-green-800">
-                        Enabled
-                    </span>
-                @else
-                    <span
-                        class="px-2 py-1 text-xs font-semibold text-red-800 bg-red-100 rounded dark:text-red-100 dark:bg-red-800">
-                        Disabled
-                    </span>
-                @endif
-            </div>
-            <div class="flex flex-col gap-4">
-                <div class="flex items-center gap-4 pt-4">
+                    <x-helper
+                        helper="Decide if users (including admins and the owner) can access the terminal for this server and its containers from the dashboard.<br/>
+                                Only team administrators and owners can change this setting."/>
                     @if (auth()->user()->isAdmin())
-                        <div wire:key="terminal-access-change-{{ $isTerminalEnabled }}" class="pb-4">
+                        <div wire:key="terminal-access-change-{{ $isTerminalEnabled }}">
                             <x-modal-confirmation title="Confirm Terminal Access Change?"
                                 temporaryDisableTwoStepConfirmation
                                 buttonTitle="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}"
@@ -47,11 +27,28 @@ class="px-2 py-1 text-xs font-semibold text-red-800 bg-red-100 rounded dark:text
                                     'This change will take effect immediately.',
                                 ]" confirmationText="{{ $server->name }}"
                                 shortConfirmationLabel="Server Name"
-                                step3ButtonText="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}">
+                                step3ButtonText="{{ $isTerminalEnabled ? 'Disable Terminal' : 'Enable Terminal' }}"
+                                isHighlightedButton>
                             </x-modal-confirmation>
                         </div>
                     @endif
                 </div>
+                <div class="mb-4">Manage terminal access to this server and its containers.</div>
+            </div>
+
+            <div class="flex items-center gap-2">
+                <h3>Terminal Status:</h3>
+                @if ($isTerminalEnabled)
+                    <span
+                        class="px-2 py-1 text-xs font-semibold text-green-800 bg-green-100 rounded dark:text-green-100 dark:bg-green-800">
+                        Operational
+                    </span>
+                @else
+                    <span
+                        class="px-2 py-1 text-xs font-semibold text-red-800 bg-red-100 rounded dark:text-red-100 dark:bg-red-800">
+                        Disabled
+                    </span>
+                @endif
             </div>
         </div>
     </div>

From 69c36e63339f1086df21652b0b44108a78829337 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 08:49:11 +0200
Subject: [PATCH 068/129] refactor(server): update dispatch messages and
 streamline data synchronization

---
 app/Livewire/Server/Show.php                   | 6 +++---
 resources/views/livewire/server/show.blade.php | 5 +----
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/app/Livewire/Server/Show.php b/app/Livewire/Server/Show.php
index 473e0b60e..db4dc9b88 100644
--- a/app/Livewire/Server/Show.php
+++ b/app/Livewire/Server/Show.php
@@ -271,7 +271,7 @@ public function restartSentinel()
             $this->authorize('manageSentinel', $this->server);
             $customImage = isDev() ? $this->sentinelCustomDockerImage : null;
             $this->server->restartSentinel($customImage);
-            $this->dispatch('success', 'Restarting Sentinel.');
+            $this->dispatch('info', 'Restarting Sentinel.');
         } catch (\Throwable $e) {
             return handleError($e, $this);
         }
@@ -355,7 +355,7 @@ public function regenerateSentinelToken()
     public function instantSave()
     {
         try {
-            $this->submit();
+            $this->syncData(true);
         } catch (\Throwable $e) {
             return handleError($e, $this);
         }
@@ -365,7 +365,7 @@ public function submit()
     {
         try {
             $this->syncData(true);
-            $this->dispatch('success', 'Server updated.');
+            $this->dispatch('success', 'Server settings updated.');
         } catch (\Throwable $e) {
             return handleError($e, $this);
         }
diff --git a/resources/views/livewire/server/show.blade.php b/resources/views/livewire/server/show.blade.php
index c463b1b74..29eacf627 100644
--- a/resources/views/livewire/server/show.blade.php
+++ b/resources/views/livewire/server/show.blade.php
@@ -239,7 +239,6 @@ class="w-full input opacity-50 cursor-not-allowed"
                         @endif
                     </div>
                     <div class="flex flex-col gap-2">
-
                         <div class="w-96">
                             <x-forms.checkbox canGate="update" :canResource="$server" wire:model.live="isSentinelEnabled"
                                 label="Enable Sentinel" />
@@ -267,9 +266,7 @@ class="w-full input opacity-50 cursor-not-allowed"
                                     $wire.set('sentinelCustomDockerImage', this.customImage);
                                 }
                             }" x-init="$wire.set('sentinelCustomDockerImage', customImage)">
-                                <x-forms.input 
-                                    x-model="customImage"
-                                    @input.debounce.500ms="saveCustomImage()"
+                                <x-forms.input x-model="customImage" @input.debounce.500ms="saveCustomImage()"
                                     placeholder="e.g., sentinel:latest or myregistry/sentinel:dev"
                                     label="Custom Sentinel Docker Image (Dev Only)"
                                     helper="Override the default Sentinel Docker image for testing. Leave empty to use the default." />

From 8d5f9ed0f631b1e42d9d85aedae967794cfbc4d4 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 08:49:28 +0200
Subject: [PATCH 069/129] refactor(cache): update team retrieval method in
 ClearsGlobalSearchCache trait

---
 app/Traits/ClearsGlobalSearchCache.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Traits/ClearsGlobalSearchCache.php b/app/Traits/ClearsGlobalSearchCache.php
index 0bcc5d319..d1cd2c5f5 100644
--- a/app/Traits/ClearsGlobalSearchCache.php
+++ b/app/Traits/ClearsGlobalSearchCache.php
@@ -65,7 +65,7 @@ private function getTeamIdForCache()
     {
         // For database models, team is accessed through environment.project.team
         if (method_exists($this, 'team')) {
-            $team = $this->team();
+            $team = $this->team;
             if (filled($team)) {
                 return is_object($team) ? $team->id : null;
             }

From b1abdcee8312706eb1ae3ba88c4e70ecfce67e72 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 08:53:14 +0200
Subject: [PATCH 070/129] feat(environment-variables): implement environment
 variable analysis for build-time issues

- Added EnvironmentVariableAnalyzer trait to analyze and warn about problematic environment variables during the build process.
- Integrated analysis into ApplicationDeploymentJob and Livewire components to provide feedback on potential build issues.
- Introduced a new Blade component for displaying warnings related to environment variables in the UI.
---
 app/Jobs/ApplicationDeploymentJob.php         |  32 ++-
 .../Shared/EnvironmentVariable/Add.php        |   6 +-
 .../Shared/EnvironmentVariable/Show.php       |   6 +-
 app/Traits/EnvironmentVariableAnalyzer.php    | 221 ++++++++++++++++++
 .../environment-variable-warning.blade.php    |  32 +++
 .../shared/environment-variable/add.blade.php |   6 +-
 .../environment-variable/show.blade.php       |   1 +
 7 files changed, 300 insertions(+), 4 deletions(-)
 create mode 100644 app/Traits/EnvironmentVariableAnalyzer.php
 create mode 100644 resources/views/components/environment-variable-warning.blade.php

diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php
index 7fa12757e..bd45c09c6 100644
--- a/app/Jobs/ApplicationDeploymentJob.php
+++ b/app/Jobs/ApplicationDeploymentJob.php
@@ -18,6 +18,7 @@
 use App\Models\SwarmDocker;
 use App\Notifications\Application\DeploymentFailed;
 use App\Notifications\Application\DeploymentSuccess;
+use App\Traits\EnvironmentVariableAnalyzer;
 use App\Traits\ExecuteRemoteCommand;
 use Carbon\Carbon;
 use Exception;
@@ -39,7 +40,7 @@
 
 class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
 {
-    use Dispatchable, ExecuteRemoteCommand, InteractsWithQueue, Queueable, SerializesModels;
+    use Dispatchable, EnvironmentVariableAnalyzer, ExecuteRemoteCommand, InteractsWithQueue, Queueable, SerializesModels;
 
     public $tries = 1;
 
@@ -2710,6 +2711,30 @@ private function start_by_compose_file()
         $this->application_deployment_queue->addLogEntry('New container started.');
     }
 
+    private function analyzeBuildTimeVariables($variables)
+    {
+        $variablesArray = $variables->toArray();
+        $warnings = self::analyzeBuildVariables($variablesArray);
+
+        if (empty($warnings)) {
+            return;
+        }
+        $this->application_deployment_queue->addLogEntry('----------------------------------------');
+        foreach ($warnings as $warning) {
+            $messages = self::formatBuildWarning($warning);
+            foreach ($messages as $message) {
+                $this->application_deployment_queue->addLogEntry($message, type: 'warning');
+            }
+            $this->application_deployment_queue->addLogEntry('');
+        }
+
+        // Add general advice
+        $this->application_deployment_queue->addLogEntry('💡 Tips to resolve build issues:', type: 'info');
+        $this->application_deployment_queue->addLogEntry('   1. Set these variables as "Runtime only" in the environment variables settings', type: 'info');
+        $this->application_deployment_queue->addLogEntry('   2. Use different values for build-time (e.g., NODE_ENV=development for build)', type: 'info');
+        $this->application_deployment_queue->addLogEntry('   3. Consider using multi-stage Docker builds to separate build and runtime environments', type: 'info');
+    }
+
     private function generate_build_env_variables()
     {
         if ($this->application->build_pack === 'nixpacks') {
@@ -2719,6 +2744,11 @@ private function generate_build_env_variables()
             $variables = collect([])->merge($this->env_args);
         }
 
+        // Analyze build variables for potential issues
+        if ($variables->isNotEmpty()) {
+            $this->analyzeBuildTimeVariables($variables);
+        }
+
         if ($this->dockerBuildkitSupported && $this->application->settings->use_build_secrets) {
             $this->generate_build_secrets($variables);
             $this->build_args = '';
diff --git a/app/Livewire/Project/Shared/EnvironmentVariable/Add.php b/app/Livewire/Project/Shared/EnvironmentVariable/Add.php
index 23a2cd59d..5f5e12e0a 100644
--- a/app/Livewire/Project/Shared/EnvironmentVariable/Add.php
+++ b/app/Livewire/Project/Shared/EnvironmentVariable/Add.php
@@ -2,12 +2,13 @@
 
 namespace App\Livewire\Project\Shared\EnvironmentVariable;
 
+use App\Traits\EnvironmentVariableAnalyzer;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Livewire\Component;
 
 class Add extends Component
 {
-    use AuthorizesRequests;
+    use AuthorizesRequests, EnvironmentVariableAnalyzer;
 
     public $parameters;
 
@@ -27,6 +28,8 @@ class Add extends Component
 
     public bool $is_buildtime = true;
 
+    public array $problematicVariables = [];
+
     protected $listeners = ['clearAddEnv' => 'clear'];
 
     protected $rules = [
@@ -50,6 +53,7 @@ class Add extends Component
     public function mount()
     {
         $this->parameters = get_route_parameters();
+        $this->problematicVariables = self::getProblematicVariablesForFrontend();
     }
 
     public function submit()
diff --git a/app/Livewire/Project/Shared/EnvironmentVariable/Show.php b/app/Livewire/Project/Shared/EnvironmentVariable/Show.php
index 0d0467c13..3b8d244cc 100644
--- a/app/Livewire/Project/Shared/EnvironmentVariable/Show.php
+++ b/app/Livewire/Project/Shared/EnvironmentVariable/Show.php
@@ -4,13 +4,14 @@
 
 use App\Models\EnvironmentVariable as ModelsEnvironmentVariable;
 use App\Models\SharedEnvironmentVariable;
+use App\Traits\EnvironmentVariableAnalyzer;
 use App\Traits\EnvironmentVariableProtection;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Livewire\Component;
 
 class Show extends Component
 {
-    use AuthorizesRequests, EnvironmentVariableProtection;
+    use AuthorizesRequests, EnvironmentVariableAnalyzer, EnvironmentVariableProtection;
 
     public $parameters;
 
@@ -48,6 +49,8 @@ class Show extends Component
 
     public bool $is_redis_credential = false;
 
+    public array $problematicVariables = [];
+
     protected $listeners = [
         'refreshEnvs' => 'refresh',
         'refresh',
@@ -77,6 +80,7 @@ public function mount()
         if ($this->type === 'standalone-redis' && ($this->env->key === 'REDIS_PASSWORD' || $this->env->key === 'REDIS_USERNAME')) {
             $this->is_redis_credential = true;
         }
+        $this->problematicVariables = self::getProblematicVariablesForFrontend();
     }
 
     public function getResourceProperty()
diff --git a/app/Traits/EnvironmentVariableAnalyzer.php b/app/Traits/EnvironmentVariableAnalyzer.php
new file mode 100644
index 000000000..a2fe0eeba
--- /dev/null
+++ b/app/Traits/EnvironmentVariableAnalyzer.php
@@ -0,0 +1,221 @@
+<?php
+
+namespace App\Traits;
+
+trait EnvironmentVariableAnalyzer
+{
+    /**
+     * List of environment variables that commonly cause build issues when set to production values.
+     * Each entry contains the variable pattern and associated metadata.
+     */
+    protected static function getProblematicBuildVariables(): array
+    {
+        return [
+            'NODE_ENV' => [
+                'problematic_values' => ['production', 'prod'],
+                'affects' => 'Node.js/npm/yarn',
+                'issue' => 'Skips devDependencies installation which are often required for building (webpack, typescript, etc.)',
+                'recommendation' => 'Uncheck "Available at Buildtime" or use "development" during build',
+            ],
+            'NPM_CONFIG_PRODUCTION' => [
+                'problematic_values' => ['true', '1', 'yes'],
+                'affects' => 'npm',
+                'issue' => 'Forces npm to skip devDependencies',
+                'recommendation' => 'Remove from build-time variables or set to false',
+            ],
+            'YARN_PRODUCTION' => [
+                'problematic_values' => ['true', '1', 'yes'],
+                'affects' => 'Yarn',
+                'issue' => 'Forces yarn to skip devDependencies',
+                'recommendation' => 'Remove from build-time variables or set to false',
+            ],
+            'COMPOSER_NO_DEV' => [
+                'problematic_values' => ['1', 'true', 'yes'],
+                'affects' => 'PHP/Composer',
+                'issue' => 'Skips require-dev packages which may include build tools',
+                'recommendation' => 'Set as "Runtime only" or remove from build-time variables',
+            ],
+            'MIX_ENV' => [
+                'problematic_values' => ['prod', 'production'],
+                'affects' => 'Elixir/Phoenix',
+                'issue' => 'Production mode may skip development dependencies needed for compilation',
+                'recommendation' => 'Use "dev" for build or set as "Runtime only"',
+            ],
+            'RAILS_ENV' => [
+                'problematic_values' => ['production'],
+                'affects' => 'Ruby on Rails',
+                'issue' => 'May affect asset precompilation and dependency handling',
+                'recommendation' => 'Consider using "development" for build phase',
+            ],
+            'RACK_ENV' => [
+                'problematic_values' => ['production'],
+                'affects' => 'Ruby/Rack',
+                'issue' => 'May affect dependency handling and build behavior',
+                'recommendation' => 'Consider using "development" for build phase',
+            ],
+            'BUNDLE_WITHOUT' => [
+                'problematic_values' => ['development', 'test', 'development:test'],
+                'affects' => 'Ruby/Bundler',
+                'issue' => 'Excludes gem groups that may contain build dependencies',
+                'recommendation' => 'Remove from build-time variables or adjust groups',
+            ],
+            'FLASK_ENV' => [
+                'problematic_values' => ['production'],
+                'affects' => 'Python/Flask',
+                'issue' => 'May affect debug mode and development tools availability',
+                'recommendation' => 'Usually safe, but consider "development" for complex builds',
+            ],
+            'DJANGO_SETTINGS_MODULE' => [
+                'problematic_values' => [], // Check if contains 'production' or 'prod'
+                'affects' => 'Python/Django',
+                'issue' => 'Production settings may disable debug tools needed during build',
+                'recommendation' => 'Use development settings for build phase',
+                'check_function' => 'checkDjangoSettings',
+            ],
+            'APP_ENV' => [
+                'problematic_values' => ['production', 'prod'],
+                'affects' => 'Laravel/Symfony',
+                'issue' => 'May affect dependency installation and build optimizations',
+                'recommendation' => 'Consider using "local" or "development" for build',
+            ],
+            'ASPNETCORE_ENVIRONMENT' => [
+                'problematic_values' => ['Production'],
+                'affects' => '.NET/ASP.NET Core',
+                'issue' => 'May affect build-time configurations and optimizations',
+                'recommendation' => 'Usually safe, but verify build requirements',
+            ],
+            'CI' => [
+                'problematic_values' => ['true', '1', 'yes'],
+                'affects' => 'Various tools',
+                'issue' => 'Changes behavior in many tools (disables interactivity, changes caching)',
+                'recommendation' => 'Usually beneficial for builds, but be aware of behavior changes',
+            ],
+        ];
+    }
+
+    /**
+     * Analyze an environment variable for potential build issues.
+     * Always returns a warning if the key is in our list, regardless of value.
+     */
+    public static function analyzeBuildVariable(string $key, string $value): ?array
+    {
+        $problematicVars = self::getProblematicBuildVariables();
+
+        // Direct key match
+        if (isset($problematicVars[$key])) {
+            $config = $problematicVars[$key];
+
+            // Check if it has a custom check function
+            if (isset($config['check_function'])) {
+                $method = $config['check_function'];
+                if (method_exists(self::class, $method)) {
+                    return self::$method($key, $value, $config);
+                }
+            }
+
+            // Always return warning for known problematic variables
+            return [
+                'variable' => $key,
+                'value' => $value,
+                'affects' => $config['affects'],
+                'issue' => $config['issue'],
+                'recommendation' => $config['recommendation'],
+            ];
+        }
+
+        return null;
+    }
+
+    /**
+     * Analyze multiple environment variables for potential build issues.
+     */
+    public static function analyzeBuildVariables(array $variables): array
+    {
+        $warnings = [];
+
+        foreach ($variables as $key => $value) {
+            $warning = self::analyzeBuildVariable($key, $value);
+            if ($warning) {
+                $warnings[] = $warning;
+            }
+        }
+
+        return $warnings;
+    }
+
+    /**
+     * Custom check for Django settings module.
+     */
+    protected static function checkDjangoSettings(string $key, string $value, array $config): ?array
+    {
+        // Always return warning for DJANGO_SETTINGS_MODULE when it's set as build-time
+        return [
+            'variable' => $key,
+            'value' => $value,
+            'affects' => $config['affects'],
+            'issue' => $config['issue'],
+            'recommendation' => $config['recommendation'],
+        ];
+    }
+
+    /**
+     * Generate a formatted warning message for deployment logs.
+     */
+    public static function formatBuildWarning(array $warning): array
+    {
+        $messages = [
+            "⚠️ Build-time environment variable warning: {$warning['variable']}={$warning['value']}",
+            "   Affects: {$warning['affects']}",
+            "   Issue: {$warning['issue']}",
+            "   Recommendation: {$warning['recommendation']}",
+        ];
+
+        return $messages;
+    }
+
+    /**
+     * Check if a variable should show a warning in the UI.
+     */
+    public static function shouldShowBuildWarning(string $key): bool
+    {
+        return isset(self::getProblematicBuildVariables()[$key]);
+    }
+
+    /**
+     * Get UI warning message for a specific variable.
+     */
+    public static function getUIWarningMessage(string $key): ?string
+    {
+        $problematicVars = self::getProblematicBuildVariables();
+
+        if (! isset($problematicVars[$key])) {
+            return null;
+        }
+
+        $config = $problematicVars[$key];
+        $problematicValuesStr = implode(', ', $config['problematic_values']);
+
+        return "Setting {$key} to {$problematicValuesStr} as a build-time variable may cause issues. {$config['issue']} Consider: {$config['recommendation']}";
+    }
+
+    /**
+     * Get problematic variables configuration for frontend use.
+     */
+    public static function getProblematicVariablesForFrontend(): array
+    {
+        $vars = self::getProblematicBuildVariables();
+        $result = [];
+
+        foreach ($vars as $key => $config) {
+            // Skip the check_function as it's PHP-specific
+            $result[$key] = [
+                'problematic_values' => $config['problematic_values'],
+                'affects' => $config['affects'],
+                'issue' => $config['issue'],
+                'recommendation' => $config['recommendation'],
+            ];
+        }
+
+        return $result;
+    }
+}
diff --git a/resources/views/components/environment-variable-warning.blade.php b/resources/views/components/environment-variable-warning.blade.php
new file mode 100644
index 000000000..ab7cab555
--- /dev/null
+++ b/resources/views/components/environment-variable-warning.blade.php
@@ -0,0 +1,32 @@
+@props(['problematicVariables' => []])
+
+<template x-data="{
+    problematicVars: @js($problematicVariables),
+    get showWarning() {
+        const currentKey = $wire.key;
+        const isBuildtime = $wire.is_buildtime;
+
+        if (!isBuildtime || !currentKey) return false;
+        if (!this.problematicVars.hasOwnProperty(currentKey)) return false;
+
+        // Always show warning for known problematic variables when set as buildtime
+        return true;
+    },
+    get warningMessage() {
+        if (!this.showWarning) return null;
+        const config = this.problematicVars[$wire.key];
+        if (!config) return null;
+        return config.issue;
+    },
+    get recommendation() {
+        if (!this.showWarning) return null;
+        const config = this.problematicVars[$wire.key];
+        if (!config) return null;
+        return `Recommendation: ${config.recommendation}`;
+    }
+}" x-if="showWarning">
+    <div class="p-3 rounded-lg bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-800">
+        <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="warningMessage"></div>
+        <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="recommendation"></div>
+    </div>
+</template>
diff --git a/resources/views/livewire/project/shared/environment-variable/add.blade.php b/resources/views/livewire/project/shared/environment-variable/add.blade.php
index 104cb8003..2978e2b35 100644
--- a/resources/views/livewire/project/shared/environment-variable/add.blade.php
+++ b/resources/views/livewire/project/shared/environment-variable/add.blade.php
@@ -3,11 +3,15 @@
     <x-forms.textarea x-show="$wire.is_multiline === true" x-cloak id="value" label="Value" required />
     <x-forms.input x-show="$wire.is_multiline === false" x-cloak placeholder="production" id="value"
         x-bind:label="$wire.is_multiline === false && 'Value'" required />
+
     @if (!$shared || $isNixpacks)
         <x-forms.checkbox id="is_buildtime"
             helper="Make this variable available during Docker build process. Useful for build secrets and dependencies."
             label="Available at Buildtime" />
-        <x-forms.checkbox id="is_runtime" 
+
+        <x-environment-variable-warning :problematic-variables="$problematicVariables" />
+
+        <x-forms.checkbox id="is_runtime"
             helper="Make this variable available in the running container at runtime."
             label="Available at Runtime" />
         <x-forms.checkbox id="is_literal"
diff --git a/resources/views/livewire/project/shared/environment-variable/show.blade.php b/resources/views/livewire/project/shared/environment-variable/show.blade.php
index 80cd19121..4524abb82 100644
--- a/resources/views/livewire/project/shared/environment-variable/show.blade.php
+++ b/resources/views/livewire/project/shared/environment-variable/show.blade.php
@@ -188,6 +188,7 @@
                             @endif
                         @endif
                     </div>
+                    <x-environment-variable-warning :problematic-variables="$problematicVariables" />
                     <div class="flex w-full justify-end gap-2">
                         @if ($isDisabled)
                             <x-forms.button disabled type="submit">Update</x-forms.button>

From dc32bed1ae09f6e889442ac6ba435cb8da345778 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 08:54:20 +0200
Subject: [PATCH 071/129] fix(environment-variables): update affected services
 in environment variable analysis

- Expanded the list of affected services in the EnvironmentVariableAnalyzer trait to include 'bun' and 'pnpm' alongside 'npm' and 'yarn'.
- Improved clarity on the impact of problematic environment variables during the build process.
---
 app/Traits/EnvironmentVariableAnalyzer.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/Traits/EnvironmentVariableAnalyzer.php b/app/Traits/EnvironmentVariableAnalyzer.php
index a2fe0eeba..c264e60b3 100644
--- a/app/Traits/EnvironmentVariableAnalyzer.php
+++ b/app/Traits/EnvironmentVariableAnalyzer.php
@@ -13,19 +13,19 @@ protected static function getProblematicBuildVariables(): array
         return [
             'NODE_ENV' => [
                 'problematic_values' => ['production', 'prod'],
-                'affects' => 'Node.js/npm/yarn',
+                'affects' => 'Node.js/npm/yarn/bun/pnpm',
                 'issue' => 'Skips devDependencies installation which are often required for building (webpack, typescript, etc.)',
                 'recommendation' => 'Uncheck "Available at Buildtime" or use "development" during build',
             ],
             'NPM_CONFIG_PRODUCTION' => [
                 'problematic_values' => ['true', '1', 'yes'],
-                'affects' => 'npm',
+                'affects' => 'npm/pnpm',
                 'issue' => 'Forces npm to skip devDependencies',
                 'recommendation' => 'Remove from build-time variables or set to false',
             ],
             'YARN_PRODUCTION' => [
                 'problematic_values' => ['true', '1', 'yes'],
-                'affects' => 'Yarn',
+                'affects' => 'Yarn/pnpm',
                 'issue' => 'Forces yarn to skip devDependencies',
                 'recommendation' => 'Remove from build-time variables or set to false',
             ],

From 99b101507ce04b8be91b3b06f94a022c049d875f Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 09:13:10 +0200
Subject: [PATCH 072/129] feat(databases): implement unique UUID generation for
 backup execution

- Enhanced the DatabaseBackupJob to generate a unique UUID for each backup execution attempt.
- Added logic to retry UUID generation up to three times if a duplicate is detected, ensuring uniqueness and preventing execution conflicts.
---
 app/Jobs/DatabaseBackupJob.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/app/Jobs/DatabaseBackupJob.php b/app/Jobs/DatabaseBackupJob.php
index 6ac9ae1e6..5c38d938f 100644
--- a/app/Jobs/DatabaseBackupJob.php
+++ b/app/Jobs/DatabaseBackupJob.php
@@ -74,13 +74,21 @@ public function __construct(public ScheduledDatabaseBackup $backup)
     {
         $this->onQueue('high');
         $this->timeout = $backup->timeout;
-
-        $this->backup_log_uuid = (string) new Cuid2;
     }
 
     public function handle(): void
     {
         try {
+            $attempts = 0;
+            do {
+                $this->backup_log_uuid = (string) new Cuid2;
+                $exists = ScheduledDatabaseBackupExecution::where('uuid', $this->backup_log_uuid)->exists();
+                $attempts++;
+                if ($attempts >= 3 && $exists) {
+                    throw new \Exception('Unable to generate unique UUID for backup execution after 3 attempts');
+                }
+            } while ($exists);
+
             $databasesToBackup = null;
 
             $this->team = Team::find($this->backup->team_id);

From 88fa6a4a56be707f19b6ebbe532cb71b7e1118c0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 09:50:44 +0200
Subject: [PATCH 073/129] feat(cloud-check): enhance subscription reporting in
 CloudCheckSubscription command

- Added CSV output for active subscribers, including detailed information on subscription status and invoice status.
- Implemented checks for missing subscription IDs and provided appropriate logging in the CSV for visibility.
- Improved handling of non-active subscriptions with detailed output for better tracking and analysis.
---
 .../Commands/CloudCheckSubscription.php       | 57 +++++++++++++++++--
 1 file changed, 52 insertions(+), 5 deletions(-)

diff --git a/app/Console/Commands/CloudCheckSubscription.php b/app/Console/Commands/CloudCheckSubscription.php
index 6e237e84b..da416fdb6 100644
--- a/app/Console/Commands/CloudCheckSubscription.php
+++ b/app/Console/Commands/CloudCheckSubscription.php
@@ -28,22 +28,69 @@ public function handle()
     {
         $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
         $activeSubscribers = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
+
+        $out = fopen('php://output', 'w');
+        // CSV header
+        fputcsv($out, [
+            'team_id',
+            'invoice_status',
+            'stripe_customer_url',
+            'stripe_subscription_id',
+            'subscription_status',
+            'subscription_url',
+            'note',
+        ]);
+
         foreach ($activeSubscribers as $team) {
             $stripeSubscriptionId = $team->subscription->stripe_subscription_id;
             $stripeInvoicePaid = $team->subscription->stripe_invoice_paid;
             $stripeCustomerId = $team->subscription->stripe_customer_id;
-            if (! $stripeSubscriptionId) {
-                echo "Team {$team->id} has no subscription, but invoice status is: {$stripeInvoicePaid}\n";
-                echo "Link on Stripe: https://dashboard.stripe.com/customers/{$stripeCustomerId}\n";
+
+            if (! $stripeSubscriptionId && str($stripeInvoicePaid)->lower() != 'past_due') {
+                fputcsv($out, [
+                    $team->id,
+                    $stripeInvoicePaid,
+                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                    null,
+                    null,
+                    null,
+                    'Missing subscription ID while invoice not past_due',
+                ]);
 
                 continue;
             }
+
+            if (! $stripeSubscriptionId) {
+                // No subscription ID and invoice is past_due, still record for visibility
+                fputcsv($out, [
+                    $team->id,
+                    $stripeInvoicePaid,
+                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                    null,
+                    null,
+                    null,
+                    'Missing subscription ID',
+                ]);
+
+                continue;
+            }
+
             $subscription = $stripe->subscriptions->retrieve($stripeSubscriptionId);
             if ($subscription->status === 'active') {
                 continue;
             }
-            echo "Subscription {$stripeSubscriptionId} is not active ({$subscription->status})\n";
-            echo "Link on Stripe: https://dashboard.stripe.com/subscriptions/{$stripeSubscriptionId}\n";
+
+            fputcsv($out, [
+                $team->id,
+                $stripeInvoicePaid,
+                $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                $stripeSubscriptionId,
+                $subscription->status,
+                "https://dashboard.stripe.com/subscriptions/{$stripeSubscriptionId}",
+                'Subscription not active',
+            ]);
         }
+
+        fclose($out);
     }
 }

From c97874eb45f80e802824dd2c8becbfc7208de67e Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:00:10 +0200
Subject: [PATCH 074/129] fix(team): clear stripe_subscription_id on
 subscription end

- Updated the subscriptionEnded method to set stripe_subscription_id to null when a subscription ends, ensuring proper handling of subscription state.
---
 app/Models/Team.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/Models/Team.php b/app/Models/Team.php
index 81638e31c..97a7d89d7 100644
--- a/app/Models/Team.php
+++ b/app/Models/Team.php
@@ -193,6 +193,7 @@ public function isAnyNotificationEnabled()
     public function subscriptionEnded()
     {
         $this->subscription->update([
+            'stripe_subscription_id' => null,
             'stripe_cancel_at_period_end' => false,
             'stripe_invoice_paid' => false,
             'stripe_trial_already_ended' => false,

From 95453bfaaaadef57af9069d2da61818d7103e754 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:00:24 +0200
Subject: [PATCH 075/129] feat(cloud-check): enhance CloudCheckSubscription
 command with fix options

- Added options to the CloudCheckSubscription command for fixing canceled subscriptions in the database.
- Implemented a dry-run mode to preview changes without applying them.
- Introduced a flag to limit checks/fixes to the first found subscription, improving command usability and control.
---
 .../Commands/CloudCheckSubscription.php       | 225 +++++++++++++++++-
 1 file changed, 224 insertions(+), 1 deletion(-)

diff --git a/app/Console/Commands/CloudCheckSubscription.php b/app/Console/Commands/CloudCheckSubscription.php
index da416fdb6..e24918df5 100644
--- a/app/Console/Commands/CloudCheckSubscription.php
+++ b/app/Console/Commands/CloudCheckSubscription.php
@@ -12,7 +12,10 @@ class CloudCheckSubscription extends Command
      *
      * @var string
      */
-    protected $signature = 'cloud:check-subscription';
+    protected $signature = 'cloud:check-subscription
+                            {--fix : Fix canceled subscriptions in database}
+                            {--dry-run : Show what would be fixed without making changes}
+                            {--one : Only check/fix the first found subscription}';
 
     /**
      * The console command description.
@@ -27,6 +30,11 @@ class CloudCheckSubscription extends Command
     public function handle()
     {
         $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
+
+        if ($this->option('fix') || $this->option('dry-run')) {
+            return $this->fixCanceledSubscriptions($stripe);
+        }
+
         $activeSubscribers = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
 
         $out = fopen('php://output', 'w');
@@ -93,4 +101,219 @@ public function handle()
 
         fclose($out);
     }
+
+    /**
+     * Fix canceled subscriptions in the database
+     */
+    private function fixCanceledSubscriptions(\Stripe\StripeClient $stripe)
+    {
+        $isDryRun = $this->option('dry-run');
+        $checkOne = $this->option('one');
+
+        if ($isDryRun) {
+            $this->info('DRY RUN MODE - No changes will be made');
+            if ($checkOne) {
+                $this->info('Checking only the first canceled subscription...');
+            } else {
+                $this->info('Checking for canceled subscriptions...');
+            }
+        } else {
+            if ($checkOne) {
+                $this->info('Checking and fixing only the first canceled subscription...');
+            } else {
+                $this->info('Checking and fixing canceled subscriptions...');
+            }
+        }
+
+        $teamsWithSubscriptions = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
+        $toFixCount = 0;
+        $fixedCount = 0;
+        $errors = [];
+        $canceledSubscriptions = [];
+
+        foreach ($teamsWithSubscriptions as $team) {
+            $subscription = $team->subscription;
+
+            if (! $subscription->stripe_subscription_id) {
+                continue;
+            }
+
+            try {
+                $stripeSubscription = $stripe->subscriptions->retrieve(
+                    $subscription->stripe_subscription_id
+                );
+
+                if ($stripeSubscription->status === 'canceled') {
+                    $toFixCount++;
+
+                    // Get team members' emails
+                    $memberEmails = $team->members->pluck('email')->toArray();
+
+                    $canceledSubscriptions[] = [
+                        'team_id' => $team->id,
+                        'team_name' => $team->name,
+                        'customer_id' => $subscription->stripe_customer_id,
+                        'subscription_id' => $subscription->stripe_subscription_id,
+                        'status' => 'canceled',
+                        'member_emails' => $memberEmails,
+                        'subscription_model' => $subscription->toArray(),
+                    ];
+
+                    if ($isDryRun) {
+                        $this->warn('Would fix canceled subscription:');
+                        $this->line("  Team ID: {$team->id}");
+                        $this->line("  Team Name: {$team->name}");
+                        $this->line('  Team Members: '.implode(', ', $memberEmails));
+                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("  Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
+                        $this->line('  Current Subscription Data:');
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $this->line("    - {$key}: null");
+                            } elseif (is_bool($value)) {
+                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
+                            } else {
+                                $this->line("    - {$key}: {$value}");
+                            }
+                        }
+                        $this->newLine();
+                    } else {
+                        $this->warn("Found canceled subscription for Team ID: {$team->id}");
+
+                        // Send internal notification with all details before fixing
+                        $notificationMessage = "Fixing canceled subscription:\n";
+                        $notificationMessage .= "Team ID: {$team->id}\n";
+                        $notificationMessage .= "Team Name: {$team->name}\n";
+                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
+                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
+                        $notificationMessage .= "Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}\n";
+                        $notificationMessage .= "Subscription Data:\n";
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $notificationMessage .= "  - {$key}: null\n";
+                            } elseif (is_bool($value)) {
+                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
+                            } else {
+                                $notificationMessage .= "  - {$key}: {$value}\n";
+                            }
+                        }
+                        send_internal_notification($notificationMessage);
+
+                        // Apply the same logic as customer.subscription.deleted webhook
+                        $team->subscriptionEnded();
+
+                        $fixedCount++;
+                        $this->info("  ✓ Fixed subscription for Team ID: {$team->id}");
+                        $this->line('    Team Members: '.implode(', ', $memberEmails));
+                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("    Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
+                    }
+
+                    // Break if --one flag is set
+                    if ($checkOne) {
+                        break;
+                    }
+                }
+            } catch (\Stripe\Exception\InvalidRequestException $e) {
+                if ($e->getStripeCode() === 'resource_missing') {
+                    $toFixCount++;
+
+                    // Get team members' emails
+                    $memberEmails = $team->members->pluck('email')->toArray();
+
+                    $canceledSubscriptions[] = [
+                        'team_id' => $team->id,
+                        'team_name' => $team->name,
+                        'customer_id' => $subscription->stripe_customer_id,
+                        'subscription_id' => $subscription->stripe_subscription_id,
+                        'status' => 'missing',
+                        'member_emails' => $memberEmails,
+                        'subscription_model' => $subscription->toArray(),
+                    ];
+
+                    if ($isDryRun) {
+                        $this->error('Would fix missing subscription (not found in Stripe):');
+                        $this->line("  Team ID: {$team->id}");
+                        $this->line("  Team Name: {$team->name}");
+                        $this->line('  Team Members: '.implode(', ', $memberEmails));
+                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("  Subscription ID (missing): {$subscription->stripe_subscription_id}");
+                        $this->line('  Current Subscription Data:');
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $this->line("    - {$key}: null");
+                            } elseif (is_bool($value)) {
+                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
+                            } else {
+                                $this->line("    - {$key}: {$value}");
+                            }
+                        }
+                        $this->newLine();
+                    } else {
+                        $this->error("Subscription not found in Stripe for Team ID: {$team->id}");
+
+                        // Send internal notification with all details before fixing
+                        $notificationMessage = "Fixing missing subscription (not found in Stripe):\n";
+                        $notificationMessage .= "Team ID: {$team->id}\n";
+                        $notificationMessage .= "Team Name: {$team->name}\n";
+                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
+                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
+                        $notificationMessage .= "Subscription ID (missing): {$subscription->stripe_subscription_id}\n";
+                        $notificationMessage .= "Subscription Data:\n";
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $notificationMessage .= "  - {$key}: null\n";
+                            } elseif (is_bool($value)) {
+                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
+                            } else {
+                                $notificationMessage .= "  - {$key}: {$value}\n";
+                            }
+                        }
+                        send_internal_notification($notificationMessage);
+
+                        // Apply the same logic as customer.subscription.deleted webhook
+                        $team->subscriptionEnded();
+
+                        $fixedCount++;
+                        $this->info("  ✓ Fixed missing subscription for Team ID: {$team->id}");
+                        $this->line('    Team Members: '.implode(', ', $memberEmails));
+                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                    }
+
+                    // Break if --one flag is set
+                    if ($checkOne) {
+                        break;
+                    }
+                } else {
+                    $errors[] = "Team ID {$team->id}: ".$e->getMessage();
+                }
+            } catch (\Exception $e) {
+                $errors[] = "Team ID {$team->id}: ".$e->getMessage();
+            }
+        }
+
+        $this->newLine();
+        $this->info('Summary:');
+
+        if ($isDryRun) {
+            $this->info("  - Found {$toFixCount} canceled/missing subscriptions that would be fixed");
+
+            if ($toFixCount > 0) {
+                $this->newLine();
+                $this->comment('Run with --fix to apply these changes');
+            }
+        } else {
+            $this->info("  - Fixed {$fixedCount} canceled/missing subscriptions");
+        }
+
+        if (! empty($errors)) {
+            $this->newLine();
+            $this->error('Errors encountered:');
+            foreach ($errors as $error) {
+                $this->error("  - {$error}");
+            }
+        }
+
+        return 0;
+    }
 }

From e483e38f53c78853dcc51a8e563693195b4e9403 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:00:38 +0200
Subject: [PATCH 076/129] feat(stripe): enhance subscription handling and
 verification process

- Updated StripeProcessJob to include detailed handling of subscription statuses during invoice payment events.
- Introduced VerifyStripeSubscriptionStatusJob to manage subscription status verification and updates, improving error handling and notification for various subscription states.
- Enhanced logic to handle cases where subscription IDs are missing, ensuring robust subscription management.
---
 app/Jobs/StripeProcessJob.php                 |  58 ++++++++--
 .../VerifyStripeSubscriptionStatusJob.php     | 102 ++++++++++++++++++
 2 files changed, 154 insertions(+), 6 deletions(-)
 create mode 100644 app/Jobs/VerifyStripeSubscriptionStatusJob.php

diff --git a/app/Jobs/StripeProcessJob.php b/app/Jobs/StripeProcessJob.php
index 088b6c67d..aebceaa6d 100644
--- a/app/Jobs/StripeProcessJob.php
+++ b/app/Jobs/StripeProcessJob.php
@@ -93,20 +93,66 @@ public function handle(): void
                     break;
                 case 'invoice.paid':
                     $customerId = data_get($data, 'customer');
+                    $invoiceAmount = data_get($data, 'amount_paid', 0);
+                    $subscriptionId = data_get($data, 'subscription');
                     $planId = data_get($data, 'lines.data.0.plan.id');
                     if (Str::contains($excludedPlans, $planId)) {
                         // send_internal_notification('Subscription excluded.');
                         break;
                     }
                     $subscription = Subscription::where('stripe_customer_id', $customerId)->first();
-                    if ($subscription) {
-                        $subscription->update([
-                            'stripe_invoice_paid' => true,
-                            'stripe_past_due' => false,
-                        ]);
-                    } else {
+                    if (! $subscription) {
                         throw new \RuntimeException("No subscription found for customer: {$customerId}");
                     }
+
+                    if ($subscription->stripe_subscription_id) {
+                        try {
+                            $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
+                            $stripeSubscription = $stripe->subscriptions->retrieve(
+                                $subscription->stripe_subscription_id
+                            );
+
+                            switch ($stripeSubscription->status) {
+                                case 'active':
+                                    $subscription->update([
+                                        'stripe_invoice_paid' => true,
+                                        'stripe_past_due' => false,
+                                    ]);
+                                    break;
+
+                                case 'past_due':
+                                    $subscription->update([
+                                        'stripe_invoice_paid' => true,
+                                        'stripe_past_due' => true,
+                                    ]);
+                                    break;
+
+                                case 'canceled':
+                                case 'incomplete_expired':
+                                case 'unpaid':
+                                    send_internal_notification(
+                                        "Invoice paid for {$stripeSubscription->status} subscription. ".
+                                        "Customer: {$customerId}, Amount: \${$invoiceAmount}"
+                                    );
+                                    break;
+
+                                default:
+                                    VerifyStripeSubscriptionStatusJob::dispatch($subscription)
+                                        ->delay(now()->addSeconds(20));
+                                    break;
+                            }
+                        } catch (\Exception $e) {
+                            VerifyStripeSubscriptionStatusJob::dispatch($subscription)
+                                ->delay(now()->addSeconds(20));
+
+                            send_internal_notification(
+                                'Failed to verify subscription status in invoice.paid: '.$e->getMessage()
+                            );
+                        }
+                    } else {
+                        VerifyStripeSubscriptionStatusJob::dispatch($subscription)
+                            ->delay(now()->addSeconds(20));
+                    }
                     break;
                 case 'invoice.payment_failed':
                     $customerId = data_get($data, 'customer');
diff --git a/app/Jobs/VerifyStripeSubscriptionStatusJob.php b/app/Jobs/VerifyStripeSubscriptionStatusJob.php
new file mode 100644
index 000000000..35b219287
--- /dev/null
+++ b/app/Jobs/VerifyStripeSubscriptionStatusJob.php
@@ -0,0 +1,102 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Models\Subscription;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+
+class VerifyStripeSubscriptionStatusJob implements ShouldQueue
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    public function __construct(public Subscription $subscription)
+    {
+        $this->onQueue('high');
+    }
+
+    public function handle(): void
+    {
+        // If no subscription ID yet, try to find it via customer
+        if (! $this->subscription->stripe_subscription_id &&
+            $this->subscription->stripe_customer_id) {
+            try {
+                $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
+                $subscriptions = $stripe->subscriptions->all([
+                    'customer' => $this->subscription->stripe_customer_id,
+                    'limit' => 1,
+                ]);
+
+                if ($subscriptions->data) {
+                    $this->subscription->update([
+                        'stripe_subscription_id' => $subscriptions->data[0]->id,
+                    ]);
+                }
+            } catch (\Exception $e) {
+                // Continue without subscription ID
+            }
+        }
+
+        if (! $this->subscription->stripe_subscription_id) {
+            return;
+        }
+
+        try {
+            $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
+            $stripeSubscription = $stripe->subscriptions->retrieve(
+                $this->subscription->stripe_subscription_id
+            );
+
+            switch ($stripeSubscription->status) {
+                case 'active':
+                    $this->subscription->update([
+                        'stripe_invoice_paid' => true,
+                        'stripe_past_due' => false,
+                        'stripe_cancel_at_period_end' => $stripeSubscription->cancel_at_period_end,
+                    ]);
+                    break;
+
+                case 'past_due':
+                    // Keep subscription active but mark as past_due
+                    $this->subscription->update([
+                        'stripe_invoice_paid' => true,
+                        'stripe_past_due' => true,
+                        'stripe_cancel_at_period_end' => $stripeSubscription->cancel_at_period_end,
+                    ]);
+                    break;
+
+                case 'canceled':
+                case 'incomplete_expired':
+                case 'unpaid':
+                    // Ensure subscription is marked as inactive
+                    $this->subscription->update([
+                        'stripe_invoice_paid' => false,
+                        'stripe_past_due' => false,
+                    ]);
+
+                    // Trigger subscription ended logic if canceled
+                    if ($stripeSubscription->status === 'canceled') {
+                        $team = $this->subscription->team;
+                        if ($team) {
+                            $team->subscriptionEnded();
+                        }
+                    }
+                    break;
+
+                default:
+                    send_internal_notification(
+                        'Unknown subscription status in VerifyStripeSubscriptionStatusJob: '.$stripeSubscription->status.
+                        ' for customer: '.$this->subscription->stripe_customer_id
+                    );
+                    break;
+            }
+        } catch (\Exception $e) {
+            send_internal_notification(
+                'VerifyStripeSubscriptionStatusJob failed for subscription ID '.$this->subscription->id.': '.$e->getMessage()
+            );
+        }
+    }
+}

From 9ecb1ca011be79bb212d8b7c7dba45139adb2d0c Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:37:56 +0200
Subject: [PATCH 077/129] fix(github): update authentication method for GitHub
 app operations

- Changed security scheme from 'api_token' to 'bearerAuth' for the update and delete GitHub app endpoints.
- Ensured consistent authentication handling across GitHub app operations.
---
 app/Http/Controllers/Api/GithubController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Api/GithubController.php b/app/Http/Controllers/Api/GithubController.php
index b297c0cec..8c95a585f 100644
--- a/app/Http/Controllers/Api/GithubController.php
+++ b/app/Http/Controllers/Api/GithubController.php
@@ -402,7 +402,7 @@ public function load_branches($github_app_id, $owner, $repo)
         path: '/github-apps/{github_app_id}',
         operationId: 'updateGithubApp',
         security: [
-            ['api_token' => []],
+            ['bearerAuth' => []],
         ],
         tags: ['GitHub Apps'],
         summary: 'Update GitHub App',
@@ -581,7 +581,7 @@ public function update_github_app(Request $request, $github_app_id)
         path: '/github-apps/{github_app_id}',
         operationId: 'deleteGithubApp',
         security: [
-            ['api_token' => []],
+            ['bearerAuth' => []],
         ],
         tags: ['GitHub Apps'],
         summary: 'Delete GitHub App',

From 7f30afb823f4b458fa4e782ebf7f703ab3c39c98 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:38:08 +0200
Subject: [PATCH 078/129] fix(databases): restrict database updates to allowed
 fields only

- Modified the update_by_uuid method to use only the specified allowed fields from the request for database updates, enhancing data integrity and security.
---
 app/Http/Controllers/Api/DatabasesController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 62ac36d5c..0e282fccd 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -580,7 +580,7 @@ public function update_by_uuid(Request $request)
         }
 
         // Only update database fields, not backup configuration
-        $database->update($request->all());
+        $database->update($request->only($allowedFields));
 
         if ($whatToDoWithDatabaseProxy === 'start') {
             StartDatabaseProxy::dispatch($database);

From e3a03eb647f0f394f06e90ed6e97d3ae6c1d10d3 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:38:55 +0200
Subject: [PATCH 079/129] fix(cache): add Model import to
 ClearsGlobalSearchCache trait for improved functionality

---
 app/Traits/ClearsGlobalSearchCache.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/Traits/ClearsGlobalSearchCache.php b/app/Traits/ClearsGlobalSearchCache.php
index d1cd2c5f5..306e4b2e1 100644
--- a/app/Traits/ClearsGlobalSearchCache.php
+++ b/app/Traits/ClearsGlobalSearchCache.php
@@ -3,6 +3,7 @@
 namespace App\Traits;
 
 use App\Livewire\GlobalSearch;
+use Illuminate\Database\Eloquent\Model;
 
 trait ClearsGlobalSearchCache
 {

From 6dc5c53387996cdb99d8e850e5782c074a4e2baf Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:40:56 +0200
Subject: [PATCH 080/129] fix(environment-variables): correct method call
 syntax in analyzeBuildVariable function

- Updated the method call syntax in the analyzeBuildVariable function to use curly braces for dynamic method invocation, ensuring proper execution of the specified check function.
---
 app/Traits/EnvironmentVariableAnalyzer.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Traits/EnvironmentVariableAnalyzer.php b/app/Traits/EnvironmentVariableAnalyzer.php
index c264e60b3..0b452a940 100644
--- a/app/Traits/EnvironmentVariableAnalyzer.php
+++ b/app/Traits/EnvironmentVariableAnalyzer.php
@@ -109,7 +109,7 @@ public static function analyzeBuildVariable(string $key, string $value): ?array
             if (isset($config['check_function'])) {
                 $method = $config['check_function'];
                 if (method_exists(self::class, $method)) {
-                    return self::$method($key, $value, $config);
+                    return self::{$method}($key, $value, $config);
                 }
             }
 

From be9aff3cdc14a121cf743df3c268e9b404b71dc6 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 11:54:10 +0200
Subject: [PATCH 081/129] refactor(database-backup): move unique UUID
 generation for backup execution to database loop

- Refactored the DatabaseBackupJob to generate a unique UUID for each database backup execution within the loop, improving clarity and ensuring uniqueness for each backup attempt.
- Removed redundant UUID generation logic from the initial part of the handle method.
---
 app/Jobs/DatabaseBackupJob.php | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/app/Jobs/DatabaseBackupJob.php b/app/Jobs/DatabaseBackupJob.php
index 5c38d938f..92db14a61 100644
--- a/app/Jobs/DatabaseBackupJob.php
+++ b/app/Jobs/DatabaseBackupJob.php
@@ -79,16 +79,6 @@ public function __construct(public ScheduledDatabaseBackup $backup)
     public function handle(): void
     {
         try {
-            $attempts = 0;
-            do {
-                $this->backup_log_uuid = (string) new Cuid2;
-                $exists = ScheduledDatabaseBackupExecution::where('uuid', $this->backup_log_uuid)->exists();
-                $attempts++;
-                if ($attempts >= 3 && $exists) {
-                    throw new \Exception('Unable to generate unique UUID for backup execution after 3 attempts');
-                }
-            } while ($exists);
-
             $databasesToBackup = null;
 
             $this->team = Team::find($this->backup->team_id);
@@ -296,6 +286,17 @@ public function handle(): void
                 $this->backup_dir = backup_dir().'/coolify'."/coolify-db-$ip";
             }
             foreach ($databasesToBackup as $database) {
+                // Generate unique UUID for each database backup execution
+                $attempts = 0;
+                do {
+                    $this->backup_log_uuid = (string) new Cuid2;
+                    $exists = ScheduledDatabaseBackupExecution::where('uuid', $this->backup_log_uuid)->exists();
+                    $attempts++;
+                    if ($attempts >= 3 && $exists) {
+                        throw new \Exception('Unable to generate unique UUID for backup execution after 3 attempts');
+                    }
+                } while ($exists);
+
                 $size = 0;
                 try {
                     if (str($databaseType)->contains('postgres')) {

From 5a5fb27af17d90c9e88f690f99eb875f6ef7ba4b Mon Sep 17 00:00:00 2001
From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com>
Date: Tue, 23 Sep 2025 17:13:10 +0530
Subject: [PATCH 082/129] disable posthog service

The web service returns a 500 status code due to a migration issue with the ClickHouse service.
---
 templates/compose/posthog.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/posthog.yaml b/templates/compose/posthog.yaml
index 76136bdd3..afd16d1e8 100644
--- a/templates/compose/posthog.yaml
+++ b/templates/compose/posthog.yaml
@@ -1,3 +1,4 @@
+# ignore: true
 # documentation: https://posthog.com
 # slogan: The single platform to analyze, test, observe, and deploy new features
 # category: analytics

From 7b0d22ed4d5ed08e8eb3c4ff108d8d2f4c00bd2c Mon Sep 17 00:00:00 2001
From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com>
Date: Tue, 23 Sep 2025 18:20:01 +0530
Subject: [PATCH 083/129] Updated Beszel service template with new version
 changes

---
 templates/compose/beszel.yaml | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/templates/compose/beszel.yaml b/templates/compose/beszel.yaml
index 89f711635..45b57a91b 100644
--- a/templates/compose/beszel.yaml
+++ b/templates/compose/beszel.yaml
@@ -6,19 +6,24 @@
 # port: 8090
 
 # When adding a System in the UI, the Host/IP must be beszel-agent (or the container name, ex: beszel-agent-pswog4s8wks4o8osw44cw0k8)
-# Add the public Key in "Key" env variable below
+# Add the public Key in "Key" env variable and token in the "Token" variable below (These are obtained from Beszel UI)
 services:
   beszel:
-    image: henrygd/beszel:latest
+    image: 'henrygd/beszel:0.12.10'
     environment:
       - SERVICE_URL_BESZEL_8090
     volumes:
-      - beszel_data:/beszel_data
-
+      - 'beszel_data:/beszel_data'
+      - 'beszel_socket:/beszel_socket'
   beszel-agent:
-    image: henrygd/beszel-agent
+    image: 'henrygd/beszel-agent:0.12.10'
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - beszel_agent_data:/var/lib/beszel-agent
+      - beszel_socket:/beszel_socket
+      - '/var/run/docker.sock:/var/run/docker.sock:ro'
     environment:
-      - PORT=45876
-      - KEY=${KEY}
+      - LISTEN=/beszel_socket/beszel.sock
+      - HUB_URL=http://beszel:8090
+      - 'TOKEN=${TOKEN}'
+      - 'KEY=${KEY}'
+

From 106682b5b82d1b38aec2f24d1b5aa79cfb1cea9c Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 14:56:58 +0200
Subject: [PATCH 084/129] refactor(cloud-commands): consolidate and enhance
 subscription management commands

- Deleted obsolete CloudCheckSubscription, CloudCleanupSubscriptions, and CloudDeleteUser commands to streamline the codebase.
- Introduced new CloudDeleteUser and CloudFixSubscription commands with improved functionality for user deletion and subscription management.
- Enhanced subscription handling with options for fixing canceled subscriptions and verifying active subscriptions against Stripe, improving overall command usability and control.
---
 .../Commands/{ => Cloud}/CloudDeleteUser.php  |   2 +-
 .../Commands/Cloud/CloudFixSubscription.php   | 879 ++++++++++++++++++
 .../Commands/CloudCheckSubscription.php       | 319 -------
 .../Commands/CloudCleanupSubscriptions.php    | 101 --
 4 files changed, 880 insertions(+), 421 deletions(-)
 rename app/Console/Commands/{ => Cloud}/CloudDeleteUser.php (99%)
 create mode 100644 app/Console/Commands/Cloud/CloudFixSubscription.php
 delete mode 100644 app/Console/Commands/CloudCheckSubscription.php
 delete mode 100644 app/Console/Commands/CloudCleanupSubscriptions.php

diff --git a/app/Console/Commands/CloudDeleteUser.php b/app/Console/Commands/Cloud/CloudDeleteUser.php
similarity index 99%
rename from app/Console/Commands/CloudDeleteUser.php
rename to app/Console/Commands/Cloud/CloudDeleteUser.php
index 6928eb97b..29580a95e 100644
--- a/app/Console/Commands/CloudDeleteUser.php
+++ b/app/Console/Commands/Cloud/CloudDeleteUser.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Console\Commands;
+namespace App\Console\Commands\Cloud;
 
 use App\Actions\Stripe\CancelSubscription;
 use App\Actions\User\DeleteUserResources;
diff --git a/app/Console/Commands/Cloud/CloudFixSubscription.php b/app/Console/Commands/Cloud/CloudFixSubscription.php
new file mode 100644
index 000000000..194e9bb5f
--- /dev/null
+++ b/app/Console/Commands/Cloud/CloudFixSubscription.php
@@ -0,0 +1,879 @@
+<?php
+
+namespace App\Console\Commands\Cloud;
+
+use App\Models\Team;
+use Illuminate\Console\Command;
+
+class CloudFixSubscription extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'cloud:fix-subscription
+                            {--fix-canceled-subs : Fix canceled subscriptions in database}
+                            {--verify-all : Verify all active subscriptions against Stripe}
+                            {--fix-verified : Fix discrepancies found during verification}
+                            {--dry-run : Show what would be fixed without making changes}
+                            {--one : Only fix the first found subscription}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Fix Cloud subscriptions';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
+
+        if ($this->option('verify-all')) {
+            return $this->verifyAllActiveSubscriptions($stripe);
+        }
+
+        if ($this->option('fix-canceled-subs') || $this->option('dry-run')) {
+            return $this->fixCanceledSubscriptions($stripe);
+        }
+
+        $activeSubscribers = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
+
+        $out = fopen('php://output', 'w');
+        // CSV header
+        fputcsv($out, [
+            'team_id',
+            'invoice_status',
+            'stripe_customer_url',
+            'stripe_subscription_id',
+            'subscription_status',
+            'subscription_url',
+            'note',
+        ]);
+
+        foreach ($activeSubscribers as $team) {
+            $stripeSubscriptionId = $team->subscription->stripe_subscription_id;
+            $stripeInvoicePaid = $team->subscription->stripe_invoice_paid;
+            $stripeCustomerId = $team->subscription->stripe_customer_id;
+
+            if (! $stripeSubscriptionId && str($stripeInvoicePaid)->lower() != 'past_due') {
+                fputcsv($out, [
+                    $team->id,
+                    $stripeInvoicePaid,
+                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                    null,
+                    null,
+                    null,
+                    'Missing subscription ID while invoice not past_due',
+                ]);
+
+                continue;
+            }
+
+            if (! $stripeSubscriptionId) {
+                // No subscription ID and invoice is past_due, still record for visibility
+                fputcsv($out, [
+                    $team->id,
+                    $stripeInvoicePaid,
+                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                    null,
+                    null,
+                    null,
+                    'Missing subscription ID',
+                ]);
+
+                continue;
+            }
+
+            $subscription = $stripe->subscriptions->retrieve($stripeSubscriptionId);
+            if ($subscription->status === 'active') {
+                continue;
+            }
+
+            fputcsv($out, [
+                $team->id,
+                $stripeInvoicePaid,
+                $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
+                $stripeSubscriptionId,
+                $subscription->status,
+                "https://dashboard.stripe.com/subscriptions/{$stripeSubscriptionId}",
+                'Subscription not active',
+            ]);
+        }
+
+        fclose($out);
+    }
+
+    /**
+     * Fix canceled subscriptions in the database
+     */
+    private function fixCanceledSubscriptions(\Stripe\StripeClient $stripe)
+    {
+        $isDryRun = $this->option('dry-run');
+        $checkOne = $this->option('one');
+
+        if ($isDryRun) {
+            $this->info('DRY RUN MODE - No changes will be made');
+            if ($checkOne) {
+                $this->info('Checking only the first canceled subscription...');
+            } else {
+                $this->info('Checking for canceled subscriptions...');
+            }
+        } else {
+            if ($checkOne) {
+                $this->info('Checking and fixing only the first canceled subscription...');
+            } else {
+                $this->info('Checking and fixing canceled subscriptions...');
+            }
+        }
+
+        $teamsWithSubscriptions = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
+        $toFixCount = 0;
+        $fixedCount = 0;
+        $errors = [];
+        $canceledSubscriptions = [];
+
+        foreach ($teamsWithSubscriptions as $team) {
+            $subscription = $team->subscription;
+
+            if (! $subscription->stripe_subscription_id) {
+                continue;
+            }
+
+            try {
+                $stripeSubscription = $stripe->subscriptions->retrieve(
+                    $subscription->stripe_subscription_id
+                );
+
+                if ($stripeSubscription->status === 'canceled') {
+                    $toFixCount++;
+
+                    // Get team members' emails
+                    $memberEmails = $team->members->pluck('email')->toArray();
+
+                    $canceledSubscriptions[] = [
+                        'team_id' => $team->id,
+                        'team_name' => $team->name,
+                        'customer_id' => $subscription->stripe_customer_id,
+                        'subscription_id' => $subscription->stripe_subscription_id,
+                        'status' => 'canceled',
+                        'member_emails' => $memberEmails,
+                        'subscription_model' => $subscription->toArray(),
+                    ];
+
+                    if ($isDryRun) {
+                        $this->warn('Would fix canceled subscription:');
+                        $this->line("  Team ID: {$team->id}");
+                        $this->line("  Team Name: {$team->name}");
+                        $this->line('  Team Members: '.implode(', ', $memberEmails));
+                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("  Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
+                        $this->line('  Current Subscription Data:');
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $this->line("    - {$key}: null");
+                            } elseif (is_bool($value)) {
+                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
+                            } else {
+                                $this->line("    - {$key}: {$value}");
+                            }
+                        }
+                        $this->newLine();
+                    } else {
+                        $this->warn("Found canceled subscription for Team ID: {$team->id}");
+
+                        // Send internal notification with all details before fixing
+                        $notificationMessage = "Fixing canceled subscription:\n";
+                        $notificationMessage .= "Team ID: {$team->id}\n";
+                        $notificationMessage .= "Team Name: {$team->name}\n";
+                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
+                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
+                        $notificationMessage .= "Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}\n";
+                        $notificationMessage .= "Subscription Data:\n";
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $notificationMessage .= "  - {$key}: null\n";
+                            } elseif (is_bool($value)) {
+                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
+                            } else {
+                                $notificationMessage .= "  - {$key}: {$value}\n";
+                            }
+                        }
+                        send_internal_notification($notificationMessage);
+
+                        // Apply the same logic as customer.subscription.deleted webhook
+                        $team->subscriptionEnded();
+
+                        $fixedCount++;
+                        $this->info("  ✓ Fixed subscription for Team ID: {$team->id}");
+                        $this->line('    Team Members: '.implode(', ', $memberEmails));
+                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("    Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
+                    }
+
+                    // Break if --one flag is set
+                    if ($checkOne) {
+                        break;
+                    }
+                }
+            } catch (\Stripe\Exception\InvalidRequestException $e) {
+                if ($e->getStripeCode() === 'resource_missing') {
+                    $toFixCount++;
+
+                    // Get team members' emails
+                    $memberEmails = $team->members->pluck('email')->toArray();
+
+                    $canceledSubscriptions[] = [
+                        'team_id' => $team->id,
+                        'team_name' => $team->name,
+                        'customer_id' => $subscription->stripe_customer_id,
+                        'subscription_id' => $subscription->stripe_subscription_id,
+                        'status' => 'missing',
+                        'member_emails' => $memberEmails,
+                        'subscription_model' => $subscription->toArray(),
+                    ];
+
+                    if ($isDryRun) {
+                        $this->error('Would fix missing subscription (not found in Stripe):');
+                        $this->line("  Team ID: {$team->id}");
+                        $this->line("  Team Name: {$team->name}");
+                        $this->line('  Team Members: '.implode(', ', $memberEmails));
+                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                        $this->line("  Subscription ID (missing): {$subscription->stripe_subscription_id}");
+                        $this->line('  Current Subscription Data:');
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $this->line("    - {$key}: null");
+                            } elseif (is_bool($value)) {
+                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
+                            } else {
+                                $this->line("    - {$key}: {$value}");
+                            }
+                        }
+                        $this->newLine();
+                    } else {
+                        $this->error("Subscription not found in Stripe for Team ID: {$team->id}");
+
+                        // Send internal notification with all details before fixing
+                        $notificationMessage = "Fixing missing subscription (not found in Stripe):\n";
+                        $notificationMessage .= "Team ID: {$team->id}\n";
+                        $notificationMessage .= "Team Name: {$team->name}\n";
+                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
+                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
+                        $notificationMessage .= "Subscription ID (missing): {$subscription->stripe_subscription_id}\n";
+                        $notificationMessage .= "Subscription Data:\n";
+                        foreach ($subscription->getAttributes() as $key => $value) {
+                            if (is_null($value)) {
+                                $notificationMessage .= "  - {$key}: null\n";
+                            } elseif (is_bool($value)) {
+                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
+                            } else {
+                                $notificationMessage .= "  - {$key}: {$value}\n";
+                            }
+                        }
+                        send_internal_notification($notificationMessage);
+
+                        // Apply the same logic as customer.subscription.deleted webhook
+                        $team->subscriptionEnded();
+
+                        $fixedCount++;
+                        $this->info("  ✓ Fixed missing subscription for Team ID: {$team->id}");
+                        $this->line('    Team Members: '.implode(', ', $memberEmails));
+                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
+                    }
+
+                    // Break if --one flag is set
+                    if ($checkOne) {
+                        break;
+                    }
+                } else {
+                    $errors[] = "Team ID {$team->id}: ".$e->getMessage();
+                }
+            } catch (\Exception $e) {
+                $errors[] = "Team ID {$team->id}: ".$e->getMessage();
+            }
+        }
+
+        $this->newLine();
+        $this->info('Summary:');
+
+        if ($isDryRun) {
+            $this->info("  - Found {$toFixCount} canceled/missing subscriptions that would be fixed");
+
+            if ($toFixCount > 0) {
+                $this->newLine();
+                $this->comment('Run with --fix-canceled-subs to apply these changes');
+            }
+        } else {
+            $this->info("  - Fixed {$fixedCount} canceled/missing subscriptions");
+        }
+
+        if (! empty($errors)) {
+            $this->newLine();
+            $this->error('Errors encountered:');
+            foreach ($errors as $error) {
+                $this->error("  - {$error}");
+            }
+        }
+
+        return 0;
+    }
+
+    /**
+     * Verify all active subscriptions against Stripe API
+     */
+    private function verifyAllActiveSubscriptions(\Stripe\StripeClient $stripe)
+    {
+        $isDryRun = $this->option('dry-run');
+        $shouldFix = $this->option('fix-verified');
+
+        $this->info('Verifying all active subscriptions against Stripe...');
+        if ($isDryRun) {
+            $this->info('DRY RUN MODE - No changes will be made');
+        }
+        if ($shouldFix && ! $isDryRun) {
+            $this->warn('FIX MODE - Discrepancies will be corrected');
+        }
+
+        // Get all teams with active subscriptions
+        $teamsWithActiveSubscriptions = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
+        $totalCount = $teamsWithActiveSubscriptions->count();
+
+        $this->info("Found {$totalCount} teams with active subscriptions in database");
+        $this->newLine();
+
+        $out = fopen('php://output', 'w');
+
+        // CSV header
+        fputcsv($out, [
+            'team_id',
+            'team_name',
+            'customer_id',
+            'subscription_id',
+            'db_status',
+            'stripe_status',
+            'action',
+            'member_emails',
+            'customer_url',
+            'subscription_url',
+        ]);
+
+        $stats = [
+            'total' => $totalCount,
+            'valid_active' => 0,
+            'valid_past_due' => 0,
+            'canceled' => 0,
+            'missing' => 0,
+            'invalid' => 0,
+            'fixed' => 0,
+            'errors' => 0,
+        ];
+
+        $processedCount = 0;
+
+        foreach ($teamsWithActiveSubscriptions as $team) {
+            $subscription = $team->subscription;
+            $memberEmails = $team->members->pluck('email')->toArray();
+
+            // Database state
+            $dbStatus = 'active';
+            if ($subscription->stripe_past_due) {
+                $dbStatus = 'past_due';
+            }
+
+            $stripeStatus = null;
+            $action = 'none';
+
+            if (! $subscription->stripe_subscription_id) {
+                $this->line("Team {$team->id}: Missing subscription ID, searching in Stripe...");
+
+                $foundResult = null;
+                $searchMethod = null;
+
+                // Search by customer ID
+                if ($subscription->stripe_customer_id) {
+                    $this->line("  → Searching by customer ID: {$subscription->stripe_customer_id}");
+                    $foundResult = $this->searchSubscriptionsByCustomer($stripe, $subscription->stripe_customer_id);
+                    if ($foundResult) {
+                        $searchMethod = $foundResult['method'];
+                    }
+                } else {
+                    $this->line('  → No customer ID available');
+                }
+
+                // Search by emails if not found
+                if (! $foundResult && count($memberEmails) > 0) {
+                    $foundResult = $this->searchSubscriptionsByEmails($stripe, $memberEmails);
+                    if ($foundResult) {
+                        $searchMethod = $foundResult['method'];
+
+                        // Update customer ID if different
+                        if (isset($foundResult['customer_id']) && $subscription->stripe_customer_id !== $foundResult['customer_id']) {
+                            if ($isDryRun) {
+                                $this->warn("  ⚠ Would update customer ID from {$subscription->stripe_customer_id} to {$foundResult['customer_id']}");
+                            } elseif ($shouldFix) {
+                                $subscription->update(['stripe_customer_id' => $foundResult['customer_id']]);
+                                $this->info("  ✓ Updated customer ID to {$foundResult['customer_id']}");
+                            }
+                        }
+                    }
+                }
+
+                if ($foundResult && isset($foundResult['subscription'])) {
+                    // Check if it's an active/past_due subscription
+                    if (in_array($foundResult['status'], ['active', 'past_due'])) {
+                        // Found an active subscription, handle update
+                        $result = $this->handleFoundSubscription(
+                            $team,
+                            $subscription,
+                            $foundResult['subscription'],
+                            $searchMethod,
+                            $isDryRun,
+                            $shouldFix,
+                            $stats
+                        );
+
+                        fputcsv($out, [
+                            $team->id,
+                            $team->name,
+                            $subscription->stripe_customer_id,
+                            $result['id'],
+                            $dbStatus,
+                            $result['status'],
+                            $result['action'],
+                            implode(', ', $memberEmails),
+                            $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                            $result['url'],
+                        ]);
+                    } else {
+                        // Found subscription but it's canceled/expired - needs to be deactivated
+                        $this->warn("  → Found {$foundResult['status']} subscription {$foundResult['subscription']->id} - needs deactivation");
+
+                        $result = $this->handleMissingSubscription($team, $subscription, $foundResult['status'], $isDryRun, $shouldFix, $stats);
+
+                        fputcsv($out, [
+                            $team->id,
+                            $team->name,
+                            $subscription->stripe_customer_id,
+                            $foundResult['subscription']->id,
+                            $dbStatus,
+                            $foundResult['status'],
+                            'needs_fix',
+                            implode(', ', $memberEmails),
+                            $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                            "https://dashboard.stripe.com/subscriptions/{$foundResult['subscription']->id}",
+                        ]);
+                    }
+                } else {
+                    // No subscription found at all
+                    $this->line('  → No subscription found');
+
+                    $stripeStatus = 'not_found';
+                    $result = $this->handleMissingSubscription($team, $subscription, $stripeStatus, $isDryRun, $shouldFix, $stats);
+
+                    fputcsv($out, [
+                        $team->id,
+                        $team->name,
+                        $subscription->stripe_customer_id,
+                        'N/A',
+                        $dbStatus,
+                        $result['status'],
+                        $result['action'],
+                        implode(', ', $memberEmails),
+                        $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                        'N/A',
+                    ]);
+                }
+            } else {
+                // First validate the subscription ID format
+                if (! str_starts_with($subscription->stripe_subscription_id, 'sub_')) {
+                    $this->warn("  ⚠ Invalid subscription ID format (doesn't start with 'sub_')");
+                }
+
+                try {
+                    $stripeSubscription = $stripe->subscriptions->retrieve(
+                        $subscription->stripe_subscription_id
+                    );
+
+                    $stripeStatus = $stripeSubscription->status;
+
+                    // Determine if action is needed
+                    switch ($stripeStatus) {
+                        case 'active':
+                            $stats['valid_active']++;
+                            $action = 'valid';
+                            break;
+
+                        case 'past_due':
+                            $stats['valid_past_due']++;
+                            $action = 'valid';
+                            // Ensure past_due flag is set
+                            if (! $subscription->stripe_past_due) {
+                                if ($isDryRun) {
+                                    $this->info("Would set stripe_past_due=true for Team {$team->id}");
+                                } elseif ($shouldFix) {
+                                    $subscription->update(['stripe_past_due' => true]);
+                                }
+                            }
+                            break;
+
+                        case 'canceled':
+                        case 'incomplete_expired':
+                        case 'unpaid':
+                        case 'incomplete':
+                            $stats['canceled']++;
+                            $action = 'needs_fix';
+
+                            // Only output problematic subscriptions
+                            fputcsv($out, [
+                                $team->id,
+                                $team->name,
+                                $subscription->stripe_customer_id,
+                                $subscription->stripe_subscription_id,
+                                $dbStatus,
+                                $stripeStatus,
+                                $action,
+                                implode(', ', $memberEmails),
+                                "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}",
+                                "https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}",
+                            ]);
+
+                            if ($isDryRun) {
+                                $this->info("Would deactivate subscription for Team {$team->id} - status: {$stripeStatus}");
+                            } elseif ($shouldFix) {
+                                $this->fixSubscription($team, $subscription, $stripeStatus);
+                                $stats['fixed']++;
+                            }
+                            break;
+
+                        default:
+                            $stats['invalid']++;
+                            $action = 'unknown';
+
+                            // Only output problematic subscriptions
+                            fputcsv($out, [
+                                $team->id,
+                                $team->name,
+                                $subscription->stripe_customer_id,
+                                $subscription->stripe_subscription_id,
+                                $dbStatus,
+                                $stripeStatus,
+                                $action,
+                                implode(', ', $memberEmails),
+                                "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}",
+                                "https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}",
+                            ]);
+                            break;
+                    }
+
+                } catch (\Stripe\Exception\InvalidRequestException $e) {
+                    $this->error('  → Error: '.$e->getMessage());
+
+                    if ($e->getStripeCode() === 'resource_missing' || $e->getHttpStatus() === 404) {
+                        // Subscription doesn't exist, try to find by customer ID
+                        $this->warn("  → Subscription not found, checking customer's subscriptions...");
+
+                        $foundResult = null;
+                        if ($subscription->stripe_customer_id) {
+                            $foundResult = $this->searchSubscriptionsByCustomer($stripe, $subscription->stripe_customer_id);
+                        }
+
+                        if ($foundResult && isset($foundResult['subscription']) && in_array($foundResult['status'], ['active', 'past_due'])) {
+                            // Found an active subscription with different ID
+                            $this->warn("  → ID mismatch! DB: {$subscription->stripe_subscription_id}, Stripe: {$foundResult['subscription']->id}");
+
+                            fputcsv($out, [
+                                $team->id,
+                                $team->name,
+                                $subscription->stripe_customer_id,
+                                "WRONG ID: {$subscription->stripe_subscription_id} → {$foundResult['subscription']->id}",
+                                $dbStatus,
+                                $foundResult['status'],
+                                'id_mismatch',
+                                implode(', ', $memberEmails),
+                                "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}",
+                                "https://dashboard.stripe.com/subscriptions/{$foundResult['subscription']->id}",
+                            ]);
+
+                            if ($isDryRun) {
+                                $this->warn("  → Would update subscription ID to {$foundResult['subscription']->id}");
+                            } elseif ($shouldFix) {
+                                $subscription->update([
+                                    'stripe_subscription_id' => $foundResult['subscription']->id,
+                                    'stripe_invoice_paid' => true,
+                                    'stripe_past_due' => $foundResult['status'] === 'past_due',
+                                ]);
+                                $stats['fixed']++;
+                                $this->info('  → Updated subscription ID');
+                            }
+
+                            $stats[$foundResult['status'] === 'active' ? 'valid_active' : 'valid_past_due']++;
+                        } else {
+                            // No active subscription found
+                            $stripeStatus = $foundResult ? $foundResult['status'] : 'not_found';
+                            $result = $this->handleMissingSubscription($team, $subscription, $stripeStatus, $isDryRun, $shouldFix, $stats);
+
+                            fputcsv($out, [
+                                $team->id,
+                                $team->name,
+                                $subscription->stripe_customer_id,
+                                $subscription->stripe_subscription_id,
+                                $dbStatus,
+                                $result['status'],
+                                $result['action'],
+                                implode(', ', $memberEmails),
+                                $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                                $foundResult && isset($foundResult['subscription']) ? "https://dashboard.stripe.com/subscriptions/{$foundResult['subscription']->id}" : 'N/A',
+                            ]);
+                        }
+                    } else {
+                        // Other API error
+                        $stats['errors']++;
+                        $this->error('  → API Error - not marking as deleted');
+
+                        fputcsv($out, [
+                            $team->id,
+                            $team->name,
+                            $subscription->stripe_customer_id,
+                            $subscription->stripe_subscription_id,
+                            $dbStatus,
+                            'error: '.$e->getStripeCode(),
+                            'error',
+                            implode(', ', $memberEmails),
+                            $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                            $subscription->stripe_subscription_id ? "https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}" : 'N/A',
+                        ]);
+                    }
+                } catch (\Exception $e) {
+                    $this->error('  → Unexpected error: '.$e->getMessage());
+                    $stats['errors']++;
+
+                    fputcsv($out, [
+                        $team->id,
+                        $team->name,
+                        $subscription->stripe_customer_id,
+                        $subscription->stripe_subscription_id,
+                        $dbStatus,
+                        'error',
+                        'error',
+                        implode(', ', $memberEmails),
+                        $subscription->stripe_customer_id ? "https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}" : 'N/A',
+                        $subscription->stripe_subscription_id ? "https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}" : 'N/A',
+                    ]);
+                }
+            }
+
+            $processedCount++;
+            if ($processedCount % 100 === 0) {
+                $this->info("Processed {$processedCount}/{$totalCount} subscriptions...");
+            }
+        }
+
+        fclose($out);
+
+        // Print summary
+        $this->newLine(2);
+        $this->info('=== Verification Summary ===');
+        $this->info("Total subscriptions checked: {$stats['total']}");
+        $this->newLine();
+
+        $this->info('Valid subscriptions in Stripe:');
+        $this->line("  - Active: {$stats['valid_active']}");
+        $this->line("  - Past Due: {$stats['valid_past_due']}");
+        $validTotal = $stats['valid_active'] + $stats['valid_past_due'];
+        $this->info("  Total valid: {$validTotal}");
+
+        $this->newLine();
+        $this->warn('Invalid subscriptions:');
+        $this->line("  - Canceled/Expired: {$stats['canceled']}");
+        $this->line("  - Missing/Not Found: {$stats['missing']}");
+        $this->line("  - Unknown status: {$stats['invalid']}");
+        $invalidTotal = $stats['canceled'] + $stats['missing'] + $stats['invalid'];
+        $this->warn("  Total invalid: {$invalidTotal}");
+
+        if ($stats['errors'] > 0) {
+            $this->newLine();
+            $this->error("Errors encountered: {$stats['errors']}");
+        }
+
+        if ($shouldFix && ! $isDryRun) {
+            $this->newLine();
+            $this->info("Fixed subscriptions: {$stats['fixed']}");
+        } elseif ($invalidTotal > 0 && ! $shouldFix) {
+            $this->newLine();
+            $this->comment('Run with --fix-verified to fix the discrepancies');
+        }
+
+        return 0;
+    }
+
+    /**
+     * Fix a subscription based on its status
+     */
+    private function fixSubscription($team, $subscription, $status)
+    {
+        $message = "Fixing subscription for Team ID: {$team->id} (Status: {$status})\n";
+        $message .= "Team Name: {$team->name}\n";
+        $message .= "Customer ID: {$subscription->stripe_customer_id}\n";
+        $message .= "Subscription ID: {$subscription->stripe_subscription_id}\n";
+
+        send_internal_notification($message);
+
+        // Call the team's subscription ended method which properly cleans up
+        $team->subscriptionEnded();
+    }
+
+    /**
+     * Search for subscriptions by customer ID
+     */
+    private function searchSubscriptionsByCustomer(\Stripe\StripeClient $stripe, $customerId, $requireActive = false)
+    {
+        try {
+            $subscriptions = $stripe->subscriptions->all([
+                'customer' => $customerId,
+                'limit' => 10,
+                'status' => 'all',
+            ]);
+
+            $this->line('  → Found '.count($subscriptions->data).' subscription(s) for customer');
+
+            // Look for active/past_due first
+            foreach ($subscriptions->data as $sub) {
+                $this->line("    - Subscription {$sub->id}: status={$sub->status}");
+                if (in_array($sub->status, ['active', 'past_due'])) {
+                    $this->info("    ✓ Found active/past_due subscription: {$sub->id}");
+
+                    return ['subscription' => $sub, 'status' => $sub->status, 'method' => 'customer_id'];
+                }
+            }
+
+            // If not requiring active and there are subscriptions, return first one
+            if (! $requireActive && count($subscriptions->data) > 0) {
+                $sub = $subscriptions->data[0];
+                $this->warn("    ⚠ Only found {$sub->status} subscription: {$sub->id}");
+
+                return ['subscription' => $sub, 'status' => $sub->status, 'method' => 'customer_id_first'];
+            }
+
+            return null;
+        } catch (\Exception $e) {
+            $this->error('  → Error searching by customer ID: '.$e->getMessage());
+
+            return null;
+        }
+    }
+
+    /**
+     * Search for subscriptions by team member emails
+     */
+    private function searchSubscriptionsByEmails(\Stripe\StripeClient $stripe, $emails)
+    {
+        $this->line('  → Searching by team member emails...');
+
+        foreach ($emails as $email) {
+            $this->line("    → Checking email: {$email}");
+
+            try {
+                $customers = $stripe->customers->all([
+                    'email' => $email,
+                    'limit' => 5,
+                ]);
+
+                if (count($customers->data) === 0) {
+                    $this->line('      - No customers found');
+
+                    continue;
+                }
+
+                $this->line('      - Found '.count($customers->data).' customer(s)');
+
+                foreach ($customers->data as $customer) {
+                    $this->line("      - Checking customer {$customer->id}");
+
+                    $result = $this->searchSubscriptionsByCustomer($stripe, $customer->id, true);
+                    if ($result) {
+                        $result['method'] = "email:{$email}";
+                        $result['customer_id'] = $customer->id;
+
+                        return $result;
+                    }
+                }
+            } catch (\Exception $e) {
+                $this->error("      - Error searching for email {$email}: ".$e->getMessage());
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Handle found subscription update (only for active/past_due subscriptions)
+     */
+    private function handleFoundSubscription($team, $subscription, $foundSub, $searchMethod, $isDryRun, $shouldFix, &$stats)
+    {
+        $stripeStatus = $foundSub->status;
+        $this->info("  ✓ FOUND active/past_due subscription {$foundSub->id} (status: {$stripeStatus})");
+
+        // Only update if it's active or past_due
+        if (! in_array($stripeStatus, ['active', 'past_due'])) {
+            $this->error("  ERROR: handleFoundSubscription called with {$stripeStatus} subscription!");
+
+            return [
+                'id' => $foundSub->id,
+                'status' => $stripeStatus,
+                'action' => 'error',
+                'url' => "https://dashboard.stripe.com/subscriptions/{$foundSub->id}",
+            ];
+        }
+
+        if ($isDryRun) {
+            $this->warn("  → Would update subscription ID to {$foundSub->id} (status: {$stripeStatus})");
+        } elseif ($shouldFix) {
+            $subscription->update([
+                'stripe_subscription_id' => $foundSub->id,
+                'stripe_invoice_paid' => true,
+                'stripe_past_due' => $stripeStatus === 'past_due',
+            ]);
+            $stats['fixed']++;
+            $this->info("  → Updated subscription ID to {$foundSub->id}");
+        }
+
+        // Update stats
+        $stats[$stripeStatus === 'active' ? 'valid_active' : 'valid_past_due']++;
+
+        return [
+            'id' => "FOUND: {$foundSub->id}",
+            'status' => $stripeStatus,
+            'action' => "will_update (via {$searchMethod})",
+            'url' => "https://dashboard.stripe.com/subscriptions/{$foundSub->id}",
+        ];
+    }
+
+    /**
+     * Handle missing subscription
+     */
+    private function handleMissingSubscription($team, $subscription, $status, $isDryRun, $shouldFix, &$stats)
+    {
+        $stats['missing']++;
+
+        if ($isDryRun) {
+            $statusMsg = $status !== 'not_found' ? "status: {$status}" : 'no subscription found in Stripe';
+            $this->warn("  → Would deactivate subscription - {$statusMsg}");
+        } elseif ($shouldFix) {
+            $this->fixSubscription($team, $subscription, $status);
+            $stats['fixed']++;
+            $this->info('  → Deactivated subscription');
+        }
+
+        return [
+            'id' => 'N/A',
+            'status' => $status,
+            'action' => 'needs_fix',
+            'url' => 'N/A',
+        ];
+    }
+}
diff --git a/app/Console/Commands/CloudCheckSubscription.php b/app/Console/Commands/CloudCheckSubscription.php
deleted file mode 100644
index e24918df5..000000000
--- a/app/Console/Commands/CloudCheckSubscription.php
+++ /dev/null
@@ -1,319 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use App\Models\Team;
-use Illuminate\Console\Command;
-
-class CloudCheckSubscription extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'cloud:check-subscription
-                            {--fix : Fix canceled subscriptions in database}
-                            {--dry-run : Show what would be fixed without making changes}
-                            {--one : Only check/fix the first found subscription}';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Check Cloud subscriptions';
-
-    /**
-     * Execute the console command.
-     */
-    public function handle()
-    {
-        $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
-
-        if ($this->option('fix') || $this->option('dry-run')) {
-            return $this->fixCanceledSubscriptions($stripe);
-        }
-
-        $activeSubscribers = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
-
-        $out = fopen('php://output', 'w');
-        // CSV header
-        fputcsv($out, [
-            'team_id',
-            'invoice_status',
-            'stripe_customer_url',
-            'stripe_subscription_id',
-            'subscription_status',
-            'subscription_url',
-            'note',
-        ]);
-
-        foreach ($activeSubscribers as $team) {
-            $stripeSubscriptionId = $team->subscription->stripe_subscription_id;
-            $stripeInvoicePaid = $team->subscription->stripe_invoice_paid;
-            $stripeCustomerId = $team->subscription->stripe_customer_id;
-
-            if (! $stripeSubscriptionId && str($stripeInvoicePaid)->lower() != 'past_due') {
-                fputcsv($out, [
-                    $team->id,
-                    $stripeInvoicePaid,
-                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
-                    null,
-                    null,
-                    null,
-                    'Missing subscription ID while invoice not past_due',
-                ]);
-
-                continue;
-            }
-
-            if (! $stripeSubscriptionId) {
-                // No subscription ID and invoice is past_due, still record for visibility
-                fputcsv($out, [
-                    $team->id,
-                    $stripeInvoicePaid,
-                    $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
-                    null,
-                    null,
-                    null,
-                    'Missing subscription ID',
-                ]);
-
-                continue;
-            }
-
-            $subscription = $stripe->subscriptions->retrieve($stripeSubscriptionId);
-            if ($subscription->status === 'active') {
-                continue;
-            }
-
-            fputcsv($out, [
-                $team->id,
-                $stripeInvoicePaid,
-                $stripeCustomerId ? "https://dashboard.stripe.com/customers/{$stripeCustomerId}" : null,
-                $stripeSubscriptionId,
-                $subscription->status,
-                "https://dashboard.stripe.com/subscriptions/{$stripeSubscriptionId}",
-                'Subscription not active',
-            ]);
-        }
-
-        fclose($out);
-    }
-
-    /**
-     * Fix canceled subscriptions in the database
-     */
-    private function fixCanceledSubscriptions(\Stripe\StripeClient $stripe)
-    {
-        $isDryRun = $this->option('dry-run');
-        $checkOne = $this->option('one');
-
-        if ($isDryRun) {
-            $this->info('DRY RUN MODE - No changes will be made');
-            if ($checkOne) {
-                $this->info('Checking only the first canceled subscription...');
-            } else {
-                $this->info('Checking for canceled subscriptions...');
-            }
-        } else {
-            if ($checkOne) {
-                $this->info('Checking and fixing only the first canceled subscription...');
-            } else {
-                $this->info('Checking and fixing canceled subscriptions...');
-            }
-        }
-
-        $teamsWithSubscriptions = Team::whereRelation('subscription', 'stripe_invoice_paid', true)->get();
-        $toFixCount = 0;
-        $fixedCount = 0;
-        $errors = [];
-        $canceledSubscriptions = [];
-
-        foreach ($teamsWithSubscriptions as $team) {
-            $subscription = $team->subscription;
-
-            if (! $subscription->stripe_subscription_id) {
-                continue;
-            }
-
-            try {
-                $stripeSubscription = $stripe->subscriptions->retrieve(
-                    $subscription->stripe_subscription_id
-                );
-
-                if ($stripeSubscription->status === 'canceled') {
-                    $toFixCount++;
-
-                    // Get team members' emails
-                    $memberEmails = $team->members->pluck('email')->toArray();
-
-                    $canceledSubscriptions[] = [
-                        'team_id' => $team->id,
-                        'team_name' => $team->name,
-                        'customer_id' => $subscription->stripe_customer_id,
-                        'subscription_id' => $subscription->stripe_subscription_id,
-                        'status' => 'canceled',
-                        'member_emails' => $memberEmails,
-                        'subscription_model' => $subscription->toArray(),
-                    ];
-
-                    if ($isDryRun) {
-                        $this->warn('Would fix canceled subscription:');
-                        $this->line("  Team ID: {$team->id}");
-                        $this->line("  Team Name: {$team->name}");
-                        $this->line('  Team Members: '.implode(', ', $memberEmails));
-                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
-                        $this->line("  Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
-                        $this->line('  Current Subscription Data:');
-                        foreach ($subscription->getAttributes() as $key => $value) {
-                            if (is_null($value)) {
-                                $this->line("    - {$key}: null");
-                            } elseif (is_bool($value)) {
-                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
-                            } else {
-                                $this->line("    - {$key}: {$value}");
-                            }
-                        }
-                        $this->newLine();
-                    } else {
-                        $this->warn("Found canceled subscription for Team ID: {$team->id}");
-
-                        // Send internal notification with all details before fixing
-                        $notificationMessage = "Fixing canceled subscription:\n";
-                        $notificationMessage .= "Team ID: {$team->id}\n";
-                        $notificationMessage .= "Team Name: {$team->name}\n";
-                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
-                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
-                        $notificationMessage .= "Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}\n";
-                        $notificationMessage .= "Subscription Data:\n";
-                        foreach ($subscription->getAttributes() as $key => $value) {
-                            if (is_null($value)) {
-                                $notificationMessage .= "  - {$key}: null\n";
-                            } elseif (is_bool($value)) {
-                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
-                            } else {
-                                $notificationMessage .= "  - {$key}: {$value}\n";
-                            }
-                        }
-                        send_internal_notification($notificationMessage);
-
-                        // Apply the same logic as customer.subscription.deleted webhook
-                        $team->subscriptionEnded();
-
-                        $fixedCount++;
-                        $this->info("  ✓ Fixed subscription for Team ID: {$team->id}");
-                        $this->line('    Team Members: '.implode(', ', $memberEmails));
-                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
-                        $this->line("    Subscription URL: https://dashboard.stripe.com/subscriptions/{$subscription->stripe_subscription_id}");
-                    }
-
-                    // Break if --one flag is set
-                    if ($checkOne) {
-                        break;
-                    }
-                }
-            } catch (\Stripe\Exception\InvalidRequestException $e) {
-                if ($e->getStripeCode() === 'resource_missing') {
-                    $toFixCount++;
-
-                    // Get team members' emails
-                    $memberEmails = $team->members->pluck('email')->toArray();
-
-                    $canceledSubscriptions[] = [
-                        'team_id' => $team->id,
-                        'team_name' => $team->name,
-                        'customer_id' => $subscription->stripe_customer_id,
-                        'subscription_id' => $subscription->stripe_subscription_id,
-                        'status' => 'missing',
-                        'member_emails' => $memberEmails,
-                        'subscription_model' => $subscription->toArray(),
-                    ];
-
-                    if ($isDryRun) {
-                        $this->error('Would fix missing subscription (not found in Stripe):');
-                        $this->line("  Team ID: {$team->id}");
-                        $this->line("  Team Name: {$team->name}");
-                        $this->line('  Team Members: '.implode(', ', $memberEmails));
-                        $this->line("  Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
-                        $this->line("  Subscription ID (missing): {$subscription->stripe_subscription_id}");
-                        $this->line('  Current Subscription Data:');
-                        foreach ($subscription->getAttributes() as $key => $value) {
-                            if (is_null($value)) {
-                                $this->line("    - {$key}: null");
-                            } elseif (is_bool($value)) {
-                                $this->line("    - {$key}: ".($value ? 'true' : 'false'));
-                            } else {
-                                $this->line("    - {$key}: {$value}");
-                            }
-                        }
-                        $this->newLine();
-                    } else {
-                        $this->error("Subscription not found in Stripe for Team ID: {$team->id}");
-
-                        // Send internal notification with all details before fixing
-                        $notificationMessage = "Fixing missing subscription (not found in Stripe):\n";
-                        $notificationMessage .= "Team ID: {$team->id}\n";
-                        $notificationMessage .= "Team Name: {$team->name}\n";
-                        $notificationMessage .= 'Team Members: '.implode(', ', $memberEmails)."\n";
-                        $notificationMessage .= "Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}\n";
-                        $notificationMessage .= "Subscription ID (missing): {$subscription->stripe_subscription_id}\n";
-                        $notificationMessage .= "Subscription Data:\n";
-                        foreach ($subscription->getAttributes() as $key => $value) {
-                            if (is_null($value)) {
-                                $notificationMessage .= "  - {$key}: null\n";
-                            } elseif (is_bool($value)) {
-                                $notificationMessage .= "  - {$key}: ".($value ? 'true' : 'false')."\n";
-                            } else {
-                                $notificationMessage .= "  - {$key}: {$value}\n";
-                            }
-                        }
-                        send_internal_notification($notificationMessage);
-
-                        // Apply the same logic as customer.subscription.deleted webhook
-                        $team->subscriptionEnded();
-
-                        $fixedCount++;
-                        $this->info("  ✓ Fixed missing subscription for Team ID: {$team->id}");
-                        $this->line('    Team Members: '.implode(', ', $memberEmails));
-                        $this->line("    Customer URL: https://dashboard.stripe.com/customers/{$subscription->stripe_customer_id}");
-                    }
-
-                    // Break if --one flag is set
-                    if ($checkOne) {
-                        break;
-                    }
-                } else {
-                    $errors[] = "Team ID {$team->id}: ".$e->getMessage();
-                }
-            } catch (\Exception $e) {
-                $errors[] = "Team ID {$team->id}: ".$e->getMessage();
-            }
-        }
-
-        $this->newLine();
-        $this->info('Summary:');
-
-        if ($isDryRun) {
-            $this->info("  - Found {$toFixCount} canceled/missing subscriptions that would be fixed");
-
-            if ($toFixCount > 0) {
-                $this->newLine();
-                $this->comment('Run with --fix to apply these changes');
-            }
-        } else {
-            $this->info("  - Fixed {$fixedCount} canceled/missing subscriptions");
-        }
-
-        if (! empty($errors)) {
-            $this->newLine();
-            $this->error('Errors encountered:');
-            foreach ($errors as $error) {
-                $this->error("  - {$error}");
-            }
-        }
-
-        return 0;
-    }
-}
diff --git a/app/Console/Commands/CloudCleanupSubscriptions.php b/app/Console/Commands/CloudCleanupSubscriptions.php
deleted file mode 100644
index ab676c927..000000000
--- a/app/Console/Commands/CloudCleanupSubscriptions.php
+++ /dev/null
@@ -1,101 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use App\Events\ServerReachabilityChanged;
-use App\Models\Team;
-use Illuminate\Console\Command;
-
-class CloudCleanupSubscriptions extends Command
-{
-    protected $signature = 'cloud:cleanup-subs';
-
-    protected $description = 'Cleanup subcriptions teams';
-
-    public function handle()
-    {
-        try {
-            if (! isCloud()) {
-                $this->error('This command can only be run on cloud');
-
-                return;
-            }
-            $this->info('Cleaning up subcriptions teams');
-            $stripe = new \Stripe\StripeClient(config('subscription.stripe_api_key'));
-
-            $teams = Team::all()->filter(function ($team) {
-                return $team->id !== 0;
-            })->sortBy('id');
-            foreach ($teams as $team) {
-                if ($team) {
-                    $this->info("Checking team {$team->id}");
-                }
-                if (! data_get($team, 'subscription')) {
-                    $this->disableServers($team);
-
-                    continue;
-                }
-                // If the team has no subscription id and the invoice is paid, we need to reset the invoice paid status
-                if (! (data_get($team, 'subscription.stripe_subscription_id'))) {
-                    $this->info("Resetting invoice paid status for team {$team->id}");
-
-                    $team->subscription->update([
-                        'stripe_invoice_paid' => false,
-                        'stripe_trial_already_ended' => false,
-                        'stripe_subscription_id' => null,
-                    ]);
-                    $this->disableServers($team);
-
-                    continue;
-                } else {
-                    $subscription = $stripe->subscriptions->retrieve(data_get($team, 'subscription.stripe_subscription_id'), []);
-                    $status = data_get($subscription, 'status');
-                    if ($status === 'active') {
-                        $team->subscription->update([
-                            'stripe_invoice_paid' => true,
-                            'stripe_trial_already_ended' => false,
-                        ]);
-
-                        continue;
-                    }
-                    $this->info('Subscription status: '.$status);
-                    $this->info('Subscription id: '.data_get($team, 'subscription.stripe_subscription_id'));
-                    $confirm = $this->confirm('Do you want to cancel the subscription?', true);
-                    if (! $confirm) {
-                        $this->info("Skipping team {$team->id}");
-                    } else {
-                        $this->info("Cancelling subscription for team {$team->id}");
-                        $team->subscription->update([
-                            'stripe_invoice_paid' => false,
-                            'stripe_trial_already_ended' => false,
-                            'stripe_subscription_id' => null,
-                        ]);
-                        $this->disableServers($team);
-                    }
-                }
-            }
-        } catch (\Exception $e) {
-            $this->error($e->getMessage());
-
-            return;
-        }
-    }
-
-    private function disableServers(Team $team)
-    {
-        foreach ($team->servers as $server) {
-            if ($server->settings->is_usable === true || $server->settings->is_reachable === true || $server->ip !== '1.2.3.4') {
-                $this->info("Disabling server {$server->id} {$server->name}");
-                $server->settings()->update([
-                    'is_usable' => false,
-                    'is_reachable' => false,
-                ]);
-                $server->update([
-                    'ip' => '1.2.3.4',
-                ]);
-
-                ServerReachabilityChanged::dispatch($server);
-            }
-        }
-    }
-}

From 82a8c42d9aab6b225270af4256111af92543883b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 15:27:47 +0200
Subject: [PATCH 085/129] fix(clears-global-search-cache): refine team
 retrieval logic in getTeamIdForCache method

- Updated the getTeamIdForCache method to differentiate team retrieval based on the instance type, ensuring correct access to the team property or method for Server models and other types.
---
 app/Traits/ClearsGlobalSearchCache.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/Traits/ClearsGlobalSearchCache.php b/app/Traits/ClearsGlobalSearchCache.php
index 306e4b2e1..ae587aa87 100644
--- a/app/Traits/ClearsGlobalSearchCache.php
+++ b/app/Traits/ClearsGlobalSearchCache.php
@@ -66,7 +66,11 @@ private function getTeamIdForCache()
     {
         // For database models, team is accessed through environment.project.team
         if (method_exists($this, 'team')) {
-            $team = $this->team;
+            if ($this instanceof \App\Models\Server) {
+                $team = $this->team;
+            } else {
+                $team = $this->team();
+            }
             if (filled($team)) {
                 return is_object($team) ? $team->id : null;
             }

From d04bd084a1bcbeb1c7bb0cbc20e4d8361761dfb6 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 15:29:38 +0200
Subject: [PATCH 086/129] refactor(toast-component): improve layout and icon
 handling in toast notifications

- Updated the toast component to enhance the layout by changing the alignment of items from 'start' to 'center'.
- Added 'flex-shrink-0' class to SVG icons to prevent them from shrinking, ensuring consistent icon display across different toast types.
---
 resources/views/components/toast.blade.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/resources/views/components/toast.blade.php b/resources/views/components/toast.blade.php
index cec1e6c3f..60f98f3df 100644
--- a/resources/views/components/toast.blade.php
+++ b/resources/views/components/toast.blade.php
@@ -397,28 +397,28 @@ class="relative flex flex-col items-start shadow-[0_5px_15px_-3px_rgb(0_0_0_/_0.
                         :class="{ 'p-4': !toast.html, 'p-0': toast.html }">
                         <template x-if="!toast.html">
                             <div class="relative w-full">
-                                <div class="flex items-start"
+                                <div class="flex items-center"
                                     :class="{ 'text-green-500': toast.type=='success', 'text-blue-500': toast.type=='info', 'text-orange-400': toast.type=='warning', 'text-red-500': toast.type=='danger', 'text-gray-800': toast.type=='default' }">
 
-                                    <svg x-show="toast.type=='success'" class="w-[18px] h-[18px] mr-1.5 -ml-1"
+                                    <svg x-show="toast.type=='success'" class="w-[18px] h-[18px] mr-1.5 -ml-1 flex-shrink-0"
                                         viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
                                         <path fill-rule="evenodd" clip-rule="evenodd"
                                             d="M12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2ZM16.7744 9.63269C17.1238 9.20501 17.0604 8.57503 16.6327 8.22559C16.2051 7.87615 15.5751 7.93957 15.2256 8.36725L10.6321 13.9892L8.65936 12.2524C8.24484 11.8874 7.61295 11.9276 7.248 12.3421C6.88304 12.7566 6.92322 13.3885 7.33774 13.7535L9.31046 15.4903C10.1612 16.2393 11.4637 16.1324 12.1808 15.2547L16.7744 9.63269Z"
                                             fill="currentColor"></path>
                                     </svg>
-                                    <svg x-show="toast.type=='info'" class="w-[18px] h-[18px] mr-1.5 -ml-1"
+                                    <svg x-show="toast.type=='info'" class="w-[18px] h-[18px] mr-1.5 -ml-1 flex-shrink-0"
                                         viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
                                         <path fill-rule="evenodd" clip-rule="evenodd"
                                             d="M12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2ZM12 9C12.5523 9 13 8.55228 13 8C13 7.44772 12.5523 7 12 7C11.4477 7 11 7.44772 11 8C11 8.55228 11.4477 9 12 9ZM13 12C13 11.4477 12.5523 11 12 11C11.4477 11 11 11.4477 11 12V16C11 16.5523 11.4477 17 12 17C12.5523 17 13 16.5523 13 16V12Z"
                                             fill="currentColor"></path>
                                     </svg>
-                                    <svg x-show="toast.type=='warning'" class="w-[18px] h-[18px] mr-1.5 -ml-1"
+                                    <svg x-show="toast.type=='warning'" class="w-[18px] h-[18px] mr-1.5 -ml-1 flex-shrink-0"
                                         viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
                                         <path fill-rule="evenodd" clip-rule="evenodd"
                                             d="M9.44829 4.46472C10.5836 2.51208 13.4105 2.51168 14.5464 4.46401L21.5988 16.5855C22.7423 18.5509 21.3145 21 19.05 21L4.94967 21C2.68547 21 1.25762 18.5516 2.4004 16.5862L9.44829 4.46472ZM11.9995 8C12.5518 8 12.9995 8.44772 12.9995 9V13C12.9995 13.5523 12.5518 14 11.9995 14C11.4473 14 10.9995 13.5523 10.9995 13V9C10.9995 8.44772 11.4473 8 11.9995 8ZM12.0009 15.99C11.4486 15.9892 11.0003 16.4363 10.9995 16.9886L10.9995 16.9986C10.9987 17.5509 11.4458 17.9992 11.9981 18C12.5504 18.0008 12.9987 17.5537 12.9995 17.0014L12.9995 16.9914C13.0003 16.4391 12.5532 15.9908 12.0009 15.99Z"
                                             fill="currentColor"></path>
                                     </svg>
-                                    <svg x-show="toast.type=='danger'" class="w-[18px] h-[18px] mr-1.5 -ml-1"
+                                    <svg x-show="toast.type=='danger'" class="w-[18px] h-[18px] mr-1.5 -ml-1 flex-shrink-0"
                                         viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
                                         <path fill-rule="evenodd" clip-rule="evenodd"
                                             d="M2 12C2 6.47715 6.47715 2 12 2C17.5228 2 22 6.47715 22 12C22 17.5228 17.5228 22 12 22C6.47715 22 2 17.5228 2 12ZM11.9996 7C12.5519 7 12.9996 7.44772 12.9996 8V12C12.9996 12.5523 12.5519 13 11.9996 13C11.4474 13 10.9996 12.5523 10.9996 12V8C10.9996 7.44772 11.4474 7 11.9996 7ZM12.001 14.99C11.4488 14.9892 11.0004 15.4363 10.9997 15.9886L10.9996 15.9986C10.9989 16.5509 11.446 16.9992 11.9982 17C12.5505 17.0008 12.9989 16.5537 12.9996 16.0014L12.9996 15.9914C13.0004 15.4391 12.5533 14.9908 12.001 14.99Z"

From 2fd5e048072ba95b05a0f4025da8e567df236eae Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 15:44:09 +0200
Subject: [PATCH 087/129] refactor(private-key-update): implement transaction
 for private key association and connection validation

- Refactored the private key update logic to use a database transaction for associating the private key with the server, ensuring atomicity.
- Improved error handling by refreshing the server state upon failure and validating the connection after updates.
- Enhanced success and error dispatching for better user feedback during the update process.
---
 app/Livewire/Server/PrivateKey/Show.php | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/app/Livewire/Server/PrivateKey/Show.php b/app/Livewire/Server/PrivateKey/Show.php
index 845d568ce..f0d53a077 100644
--- a/app/Livewire/Server/PrivateKey/Show.php
+++ b/app/Livewire/Server/PrivateKey/Show.php
@@ -5,6 +5,7 @@
 use App\Models\PrivateKey;
 use App\Models\Server;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Illuminate\Support\Facades\DB;
 use Livewire\Component;
 
 class Show extends Component
@@ -35,19 +36,19 @@ public function setPrivateKey($privateKeyId)
 
             return;
         }
-
-        $originalPrivateKeyId = $this->server->getOriginal('private_key_id');
         try {
             $this->authorize('update', $this->server);
-            $this->server->update(['private_key_id' => $privateKeyId]);
-            ['uptime' => $uptime, 'error' => $error] = $this->server->validateConnection(justCheckingNewKey: true);
-            if ($uptime) {
-                $this->dispatch('success', 'Private key updated successfully.');
-            } else {
-                throw new \Exception($error);
-            }
+            DB::transaction(function () use ($ownedPrivateKey) {
+                $this->server->privateKey()->associate($ownedPrivateKey);
+                $this->server->save();
+                ['uptime' => $uptime, 'error' => $error] = $this->server->validateConnection(justCheckingNewKey: true);
+                if (! $uptime) {
+                    throw new \Exception($error);
+                }
+            });
+            $this->dispatch('success', 'Private key updated successfully.');
         } catch (\Exception $e) {
-            $this->server->update(['private_key_id' => $originalPrivateKeyId]);
+            $this->server->refresh();
             $this->server->validateConnection();
             $this->dispatch('error', $e->getMessage());
         }

From 37c6f36b3b88286a68fa1b995ce10fb2d058a1f8 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 16:49:59 +0200
Subject: [PATCH 088/129] feat(private-key-refresh): add refresh dispatch on
 private key update and connection check

- Implemented a dispatch for 'refreshServerShow' after successfully updating the private key and validating the server connection.
- This enhancement improves the user experience by ensuring the server display is updated immediately following key changes and connection checks.
---
 app/Livewire/Server/PrivateKey/Show.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/Livewire/Server/PrivateKey/Show.php b/app/Livewire/Server/PrivateKey/Show.php
index f0d53a077..fd55717fa 100644
--- a/app/Livewire/Server/PrivateKey/Show.php
+++ b/app/Livewire/Server/PrivateKey/Show.php
@@ -47,6 +47,7 @@ public function setPrivateKey($privateKeyId)
                 }
             });
             $this->dispatch('success', 'Private key updated successfully.');
+            $this->dispatch('refreshServerShow');
         } catch (\Exception $e) {
             $this->server->refresh();
             $this->server->validateConnection();
@@ -60,6 +61,7 @@ public function checkConnection()
             ['uptime' => $uptime, 'error' => $error] = $this->server->validateConnection();
             if ($uptime) {
                 $this->dispatch('success', 'Server is reachable.');
+                $this->dispatch('refreshServerShow');
             } else {
                 $this->dispatch('error', 'Server is not reachable.<br><br>Check this <a target="_blank" class="underline" href="https://coolify.io/docs/knowledge-base/server/openssh">documentation</a> for further help.<br><br>Error: '.$error);
 

From 0b885d75e3efe8443163b27ced23893b8156b1c8 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 23 Sep 2025 18:17:49 +0200
Subject: [PATCH 089/129] fix(subscription-job): enhance retry logic for
 VerifyStripeSubscriptionStatusJob

- Added retry configuration with a maximum of 3 attempts and backoff intervals of 10, 30, and 60 seconds to improve job resilience and handling of transient failures.
---
 app/Jobs/VerifyStripeSubscriptionStatusJob.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/Jobs/VerifyStripeSubscriptionStatusJob.php b/app/Jobs/VerifyStripeSubscriptionStatusJob.php
index 35b219287..58b6944a2 100644
--- a/app/Jobs/VerifyStripeSubscriptionStatusJob.php
+++ b/app/Jobs/VerifyStripeSubscriptionStatusJob.php
@@ -13,6 +13,10 @@ class VerifyStripeSubscriptionStatusJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public int $tries = 3;
+
+    public array $backoff = [10, 30, 60];
+
     public function __construct(public Subscription $subscription)
     {
         $this->onQueue('high');

From dc807f31a076d0b7d9765b0081cfa5df9f9189d9 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Tue, 23 Sep 2025 16:20:55 +0000
Subject: [PATCH 090/129] docs: update changelog

---
 CHANGELOG.md | 105 ++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 87 insertions(+), 18 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4360a7c49..177012001 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,44 +4,89 @@ # Changelog
 
 ## [unreleased]
 
-### 📚 Documentation
-
-- Update changelog
-
-### ⚙️ Miscellaneous Tasks
-
-- *(docker)* Add a blank line for improved readability in Dockerfile
-
-## [4.0.0-beta.428] - 2025-09-15
-
 ### 🚀 Features
 
-- *(deployment)* Enhance deployment status reporting with detailed information on active deployments and team members
+- *(environment)* Replace is_buildtime_only with is_runtime and is_buildtime flags for environment variables, updating related logic and views
+- *(deployment)* Handle buildtime and runtime variables during deployment
+- *(search)* Implement global search functionality with caching and modal interface
+- *(search)* Enable query logging for global search caching
+- *(environment)* Add dynamic checkbox options for environment variable settings based on user permissions and variable types
+- *(redaction)* Implement sensitive information redaction in logs and commands
+- *(api)* Add endpoint to update backup configuration by UUID and backup ID; modify response to include backup id
+- *(databases)* Enhance backup management API with new endpoints and improved data handling
+- *(github)* Add GitHub app management endpoints
+- *(github)* Add update and delete endpoints for GitHub apps
+- *(databases)* Enhance backup update and deletion logic with validation
+- *(environment-variables)* Implement environment variable analysis for build-time issues
+- *(databases)* Implement unique UUID generation for backup execution
+- *(cloud-check)* Enhance subscription reporting in CloudCheckSubscription command
+- *(cloud-check)* Enhance CloudCheckSubscription command with fix options
+- *(stripe)* Enhance subscription handling and verification process
+- *(private-key-refresh)* Add refresh dispatch on private key update and connection check
 
 ### 🐛 Bug Fixes
 
-- *(application)* Improve watch paths handling by trimming and filtering empty paths to prevent unnecessary triggers
+- *(docker)* Enhance container status aggregation to include restarting and exited states
+- *(environment)* Correct grammatical errors in helper text for environment variable sorting checkbox
+- *(ui)* Change order and fix ui on small screens
+- Order for git deploy types
+- *(deployment)* Enhance Dockerfile modification for build-time variables and secrets during deployment in case of docker compose buildpack
+- Hide sensitive email change fields in team member responses
+- *(domains)* Trim whitespace from domains before validation
+- *(databases)* Update backup retrieval logic to include team context
+- *(environment-variables)* Update affected services in environment variable analysis
+- *(team)* Clear stripe_subscription_id on subscription end
+- *(github)* Update authentication method for GitHub app operations
+- *(databases)* Restrict database updates to allowed fields only
+- *(cache)* Add Model import to ClearsGlobalSearchCache trait for improved functionality
+- *(environment-variables)* Correct method call syntax in analyzeBuildVariable function
+- *(clears-global-search-cache)* Refine team retrieval logic in getTeamIdForCache method
+- *(subscription-job)* Enhance retry logic for VerifyStripeSubscriptionStatusJob
 
 ### 🚜 Refactor
 
-- *(deployment)* Streamline environment variable handling for dockercompose and improve sorting of runtime variables
-- *(remoteProcess)* Remove command log comments for file transfers to simplify code
-- *(remoteProcess)* Remove file transfer handling from remote_process and instant_remote_process functions to simplify code
-- *(deployment)* Update environment file paths in docker compose commands to use working directory for improved consistency
+- *(environment)* Conditionally render Docker Build Secrets checkbox based on build pack type
+- *(search)* Optimize cache clearing logic to only trigger on searchable field changes
+- *(environment)* Streamline rendering of Docker Build Secrets checkbox and adjust layout for environment variable settings
+- *(proxy)* Streamline proxy configuration form layout and improve button placements
+- *(remoteProcess)* Remove redundant file transfer functions for improved clarity
+- *(github)* Enhance API request handling and validation
+- *(databases)* Remove deprecated backup parameters from API documentation
+- *(databases)* Streamline backup queries to use team context
+- *(databases)* Update backup queries to use team-specific method
+- *(server)* Update dispatch messages and streamline data synchronization
+- *(cache)* Update team retrieval method in ClearsGlobalSearchCache trait
+- *(database-backup)* Move unique UUID generation for backup execution to database loop
+- *(cloud-commands)* Consolidate and enhance subscription management commands
+- *(toast-component)* Improve layout and icon handling in toast notifications
+- *(private-key-update)* Implement transaction for private key association and connection validation
 
 ### 📚 Documentation
 
 - Update changelog
+- Update changelog
+- *(claude)* Update testing guidelines and add note on Application::team relationship
+
+### 🎨 Styling
+
+- *(environment-variable)* Adjust SVG icon margin for improved layout in locked state
+- *(proxy)* Adjust padding in proxy configuration form for better visual alignment
 
 ### ⚙️ Miscellaneous Tasks
 
-- *(constants)* Update realtime_version from 1.0.10 to 1.0.11
-- *(versions)* Increment coolify version to 4.0.0-beta.428 and update realtime_version to 1.0.10
+- Change order of runtime and buildtime
+
+## [4.0.0-beta.428] - 2025-09-15
+
+### 📚 Documentation
+
+- Update changelog
 
 ## [4.0.0-beta.427] - 2025-09-15
 
 ### 🚀 Features
 
+- Improve detection of special network modes
 - *(command)* Add option to sync GitHub releases to BunnyCDN and refactor sync logic
 - *(ui)* Display current version in settings dropdown and update UI accordingly
 - *(settings)* Add option to restrict PR deployments to repository members and contributors
@@ -67,6 +112,9 @@ ### 🚀 Features
 - *(executions)* Add 'Load All' button to view all logs and implement loadAllLogs method for complete log retrieval
 - *(auth)* Enhance user login flow to handle team invitations, attaching users to invited teams upon first login and maintaining personal team logic for regular logins
 - *(laravel-boost)* Add Laravel Boost guidelines and MCP server configuration to enhance development experience
+- *(deployment)* Enhance deployment status reporting with detailed information on active deployments and team members
+- *(deployment)* Implement cancellation checks during deployment process to enhance user control and prevent unnecessary execution
+- *(deployment)* Introduce 'use_build_secrets' setting for enhanced security during Docker builds and update related logic in deployment process
 
 ### 🐛 Bug Fixes
 
@@ -93,6 +141,13 @@ ### 🐛 Bug Fixes
 - *(security)* Update contact email for vulnerability reports to improve security communication
 - *(navbar)* Restrict subscription link visibility to admin users in cloud environment
 - *(docker)* Enhance container status aggregation for multi-container applications, including exclusion handling based on docker-compose configuration
+- *(application)* Improve watch paths handling by trimming and filtering empty paths to prevent unnecessary triggers
+- *(server)* Update server usability check to reflect actual Docker availability status
+- *(server)* Add build server check to disable Sentinel and update related logic
+- *(server)* Implement refreshServer method and update navbar event listener for improved server state management
+- *(deployment)* Prevent removal of running containers for pull request deployments in case of failure
+- *(docker)* Redirect stderr to stdout for container log retrieval to capture error messages
+- *(clone)* Update destinations method call to ensure correct retrieval of selected destination
 
 ### 🚜 Refactor
 
@@ -132,6 +187,16 @@ ### 🚜 Refactor
 - *(environment)* Remove 'is_build_time' attribute from environment variable handling across the application to simplify configuration
 - *(environment)* Streamline environment variable handling by replacing sorting methods with direct property access and enhancing query ordering for improved performance
 - *(stripe-jobs)* Comment out internal notification calls and add subscription status verification before sending failure notifications
+- *(deployment)* Streamline environment variable handling for dockercompose and improve sorting of runtime variables
+- *(remoteProcess)* Remove command log comments for file transfers to simplify code
+- *(remoteProcess)* Remove file transfer handling from remote_process and instant_remote_process functions to simplify code
+- *(deployment)* Update environment file paths in docker compose commands to use working directory for improved consistency
+- *(server)* Remove debugging ray call from validateConnection method for cleaner code
+- *(deployment)* Conditionally cleanup build secrets based on Docker BuildKit support and remove redundant calls for improved efficiency
+- *(deployment)* Remove redundant environment variable documentation from Dockerfile comments to streamline the deployment process
+- *(deployment)* Streamline Docker BuildKit detection and environment variable handling for enhanced security during application deployment
+- *(deployment)* Optimize BuildKit capabilities detection and remove unnecessary comments for cleaner deployment logic
+- *(deployment)* Rename method for modifying Dockerfile to improve clarity and streamline build secrets integration
 
 ### 📚 Documentation
 
@@ -145,6 +210,10 @@ ### ⚙️ Miscellaneous Tasks
 - Remove webhooks table cleanup
 - *(cleanup)* Remove deprecated ServerCheck and related job classes to streamline codebase
 - *(versions)* Update sentinel version from 0.0.15 to 0.0.16 in versions.json files
+- *(constants)* Update realtime_version from 1.0.10 to 1.0.11
+- *(versions)* Increment coolify version to 4.0.0-beta.428 and update realtime_version to 1.0.10
+- *(docker)* Add a blank line for improved readability in Dockerfile
+- *(versions)* Bump coolify version to 4.0.0-beta.429 and nightly version to 4.0.0-beta.430
 
 ## [4.0.0-beta.426] - 2025-08-28
 

From 98a30e2482e2eaabf7da04553c755512b1817bc1 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 09:19:38 +0200
Subject: [PATCH 091/129] chore(docker-compose): update soketi image version to
 1.0.10 in production and Windows configurations

---
 other/nightly/docker-compose.prod.yml    |  2 +-
 other/nightly/docker-compose.windows.yml |  2 +-
 templates/service-templates-latest.json  | 16 ----------------
 templates/service-templates.json         | 16 ----------------
 4 files changed, 2 insertions(+), 34 deletions(-)

diff --git a/other/nightly/docker-compose.prod.yml b/other/nightly/docker-compose.prod.yml
index 57f062202..b90f126a2 100644
--- a/other/nightly/docker-compose.prod.yml
+++ b/other/nightly/docker-compose.prod.yml
@@ -61,7 +61,7 @@ services:
       retries: 10
       timeout: 2s
   soketi:
-    image: '${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-realtime:1.0.9'
+    image: '${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-realtime:1.0.10'
     ports:
       - "${SOKETI_PORT:-6001}:6001"
       - "6002:6002"
diff --git a/other/nightly/docker-compose.windows.yml b/other/nightly/docker-compose.windows.yml
index e19ec961f..09ce3ead3 100644
--- a/other/nightly/docker-compose.windows.yml
+++ b/other/nightly/docker-compose.windows.yml
@@ -103,7 +103,7 @@ services:
       retries: 10
       timeout: 2s
   soketi:
-    image: 'ghcr.io/coollabsio/coolify-realtime:1.0.0'
+    image: 'ghcr.io/coollabsio/coolify-realtime:1.0.10'
     pull_policy: always
     container_name: coolify-realtime
     restart: always
diff --git a/templates/service-templates-latest.json b/templates/service-templates-latest.json
index 35bdd37c0..09086606b 100644
--- a/templates/service-templates-latest.json
+++ b/templates/service-templates-latest.json
@@ -3165,22 +3165,6 @@
         "minversion": "0.0.0",
         "port": "9000"
     },
-    "posthog": {
-        "documentation": "https://posthog.com?utm_source=coolify.io",
-        "slogan": "The single platform to analyze, test, observe, and deploy new features",
-        "compose": "c2VydmljZXM6CiAgZGI6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjEyLWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3Rob2ctcG9zdGdyZXMtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPXBvc3Rob2cKICAgICAgLSBQT1NUR1JFU19EQj1wb3N0aG9nCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSBwb3N0aG9nJwogICAgICBpbnRlcnZhbDogMnMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDE1CiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOjYuMi43LWFscGluZScKICAgIGNvbW1hbmQ6ICdyZWRpcy1zZXJ2ZXIgLS1tYXhtZW1vcnktcG9saWN5IGFsbGtleXMtbHJ1IC0tbWF4bWVtb3J5IDIwMG1iJwogIGNsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjMuMTEuMi4xMS1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlLmpzb24KICAgICAgICBjb250ZW50OiAie1xuICBcIiRzY2hlbWFcIjogXCJodHRwczovL2pzb24tc2NoZW1hLm9yZy9kcmFmdC8yMDIwLTEyL3NjaGVtYVwiLFxuICBcIiRpZFwiOiBcImZpbGU6Ly9wb3N0aG9nL2lkbC9ldmVudHNfZGVhZF9sZXR0ZXJfcXVldWUuanNvblwiLFxuICBcInRpdGxlXCI6IFwiZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlXCIsXG4gIFwiZGVzY3JpcHRpb25cIjogXCJFdmVudHMgdGhhdCBmYWlsZWQgdG8gYmUgdmFsaWRhdGVkIG9yIHByb2Nlc3NlZCBhbmQgYXJlIHNlbnQgdG8gdGhlIERMUVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJ1dWlkIGZvciB0aGUgc3VibWlzc2lvblwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJldmVudF91dWlkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidXVpZCBmb3IgdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImV2ZW50XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiZXZlbnQgdHlwZVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIHRoZSBwcm9wZXJ0aWVzIGpzb24gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImRpc3RpbmN0X2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiUG9zdEhvZyBkaXN0aW5jdF9pZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidGVhbV9pZCAobWFwcyB0byB0aGUgcHJvamVjdCB1bmRlciB0aGUgb3JnYW5pemF0aW9uKVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJlbGVtZW50c19jaGFpblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGF1dG9jYXB0dXJlLiBET00gZWxlbWVudCBoaWVyYXJjaHlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGF1dG9jYXB0dXJlLiBET00gZWxlbWVudCBoaWVyYXJjaHlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiaXBcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJJUCBBZGRyZXNzIG9mIHRoZSBhc3NvY2lhdGVkIHdpdGggdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInNpdGVfdXJsXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU2l0ZSBVUkwgYXNzb2NpYXRlZCB3aXRoIHRoZSBldmVudCB0aGUgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwibm93XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIG9mIHRoZSBETFEgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwicmF3X3BheWxvYWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJSYXcgcGF5bG9hZCBvZiB0aGUgZXZlbnQgdGhhdCBmYWlsZWQgdG8gYmUgY29uc3VtZWRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiZXJyb3JfdGltZXN0YW1wXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIHRoYXQgdGhlIGVycm9yIG9mIGluZ2VzdGlvbiBvY2N1cnJlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJlcnJvcl9sb2NhdGlvblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlNvdXJjZSBvZiBlcnJvciBpZiBrbm93blwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJlcnJvclwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkVycm9yIGlmIGtub3duXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInRhZ3NcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUYWdzIGFzc29jaWF0ZWQgd2l0aCB0aGUgZXJyb3Igb3IgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJhcnJheVwiLFxuICAgICAgICAgIFwiaXRlbXNcIjoge1xuICAgICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICAgIH1cbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJyYXdfcGF5bG9hZFwiXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvZXZlbnRzX2pzb24uanNvbgogICAgICAgIHRhcmdldDogL2lkbC9ldmVudHNfanNvbi5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgXCIkc2NoZW1hXCI6IFwiaHR0cHM6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQvMjAyMC0xMi9zY2hlbWFcIixcbiAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvZXZlbnRzX2pzb24uanNvblwiLFxuICBcInRpdGxlXCI6IFwiZXZlbnRzX2pzb25cIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIkV2ZW50IHNjaGVtYSB0aGF0IGlzIGRlc3RpbmVkIGZvciBDbGlja0hvdXNlXCIsXG4gIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgXCJ1dWlkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidXVpZCBmb3IgdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImV2ZW50XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiZXZlbnQgdHlwZVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIHRoZSBwcm9wZXJ0aWVzIGpzb24gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInRpbWVzdGFtcFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlRpbWVzdGFtcCB0aGF0IHRoZSBldmVudCBvY2N1cnJlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidGVhbV9pZCAobWFwcyB0byB0aGUgcHJvamVjdCB1bmRlciB0aGUgb3JnYW5pemF0aW9uKVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJkaXN0aW5jdF9pZFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlBvc3RIb2cgZGlzdGluY3RfaWRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiZWxlbWVudHNfY2hhaW5cIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VkIGZvciBhdXRvY2FwdHVyZS4gRE9NIGVsZW1lbnQgaGllcmFyY2h5XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImNyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUaW1lc3RhbXAgd2hlbiBldmVudCB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIGZvciB0aGUgYXNzb2NpYXRlZCBwZXJzb24gaWYgYXZhaWxhYmxlXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInBlcnNvbl9jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIGZvciB3aGVuIHRoZSBhc3NvY2lhdGVkIHBlcnNvbiB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25fcHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiB0aGUgcGVyc29uIEpTT04gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMF9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMV9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMl9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwM19wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwNF9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMF9jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAncyBjcmVhdGlvbiB0aW1lc3RhbXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXAxX2NyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCdzIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJncm91cDJfY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkdyb3VwJ3MgY3JlYXRpb24gdGltZXN0YW1wXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwM19jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAncyBjcmVhdGlvbiB0aW1lc3RhbXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXA0X2NyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCdzIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9XG4gIH0sXG4gIFwicmVxdWlyZWRcIjogW1widXVpZFwiLCBcImV2ZW50XCIsIFwicHJvcGVydGllc1wiLCBcInRpbWVzdGFtcFwiLCBcInRlYW1faWRcIl1cbn1cbiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vaWRsL2dyb3Vwcy5qc29uCiAgICAgICAgdGFyZ2V0OiAvaWRsL2dyb3Vwcy5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgXCIkc2NoZW1hXCI6IFwiaHR0cHM6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQvMjAyMC0xMi9zY2hlbWFcIixcbiAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvZ3JvdXBzLmpzb25cIixcbiAgXCJ0aXRsZVwiOiBcImdyb3Vwc1wiLFxuICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXBzIHNjaGVtYSB0aGF0IGlzIGRlc3RpbmVkIGZvciBDbGlja0hvdXNlXCIsXG4gIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgXCJncm91cF90eXBlX2luZGV4XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAgdHlwZSBpbmRleFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJncm91cF9rZXlcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCBLZXlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkdyb3VwIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGVhbSBJRCBhc3NvY2lhdGVkIHdpdGggZ3JvdXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXBfcHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiBncm91cCBKU09OIHByb3BlcnRpZXMgb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJncm91cF90eXBlX2luZGV4XCIsIFwiZ3JvdXBfa2V5XCIsIFwiY3JlYXRlZF9hdFwiLCBcInRlYW1faWRcIiwgXCJncm91cF9wcm9wZXJ0aWVzXCJdXG59XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9pZGwubWQKICAgICAgICB0YXJnZXQ6IC9pZGwvaWRsLm1kCiAgICAgICAgY29udGVudDogIiMgSURMIC0gSW50ZXJmYWNlIERlZmluaXRpb24gTGFuZ3VhZ2VcblxuVGhpcyBkaXJlY3RvcnkgaXMgcmVzcG9uc2libGUgZm9yIGRlZmluaW5nIHRoZSBzY2hlbWFzIG9mIHRoZSBkYXRhIGJldHdlZW4gc2VydmljZXMuXG5QcmltYXJpbHkgdGhpcyB3aWxsIGJlIGJldHdlZW4gc2VydmljZXMgYW5kIENsaWNrSG91c2UsIGJ1dCBjYW4gYmUgcmVhbGx5IGFueSB0aGluZyBhdCB0aGUgYm91bmRyeSBvZiBzZXJ2aWNlcy5cblxuVGhlIHJlYXNvbiB3aHkgd2UgZG8gdGhpcyBpcyBiZWNhdXNlIGl0IG1ha2VzIGdlbmVyYXRpbmcgY29kZSwgdmFsaWRhdGluZyBkYXRhLCBhbmQgdW5kZXJzdGFuZGluZyB0aGUgc3lzdGVtIGEgd2hvbGUgbG90IGVhc2llci4gV2UndmUgaGFkIGEgZmV3IGN1c3RvbWVycyByZXF1ZXN0IHRoaXMgb2YgdXMgZm9yIGVuZ2luZWVyaW5nIGEgZGVlcGVyIGludGVncmF0aW9uIHdpdGggdXMuXG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb24uanNvbgogICAgICAgIHRhcmdldDogL2lkbC9wZXJzb24uanNvbgogICAgICAgIGNvbnRlbnQ6ICJ7XG4gIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbi5qc29uXCIsXG4gIFwidGl0bGVcIjogXCJwZXJzb25cIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBzY2hlbWEgdGhhdCBpcyBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIGZvciB0aGUgcGVyc29uXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImNyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJQZXJzb24gY3JlYXRpb24gdGltZXN0YW1wXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcInRlYW1faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUZWFtIElEIGFzc29jaWF0ZWQgd2l0aCBwZXJzb25cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwicHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiBwZXJzb24gSlNPTiBwcm9wZXJ0aWVzIG9iamVjdFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJpc19pZGVudGlmaWVkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGlkZW50aWZpZWQ/XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwiYm9vbGVhblwiXG4gICAgICB9LFxuICAgICAgXCJpc19kZWxldGVkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGRlbGV0ZWQ/XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwiYm9vbGVhblwiXG4gICAgICB9LFxuICAgICAgXCJ2ZXJzaW9uXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVmVyc2lvbiBmaWVsZCBmb3IgY29sbGFwc2luZyBsYXRlciAocHN1ZWRvLXRvbWJzdG9uZSlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfVxuICB9LFxuICBcInJlcXVpcmVkXCI6IFtcImlkXCIsIFwiY3JlYXRlZF9hdFwiLCBcInRlYW1faWRcIiwgXCJwcm9wZXJ0aWVzXCIsIFwiaXNfaWRlbnRpZmllZFwiLCBcImlzX2RlbGV0ZWRcIiwgXCJ2ZXJzaW9uXCJdXG59XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb25fZGlzdGluY3RfaWQuanNvbgogICAgICAgIHRhcmdldDogL2lkbC9wZXJzb25fZGlzdGluY3RfaWQuanNvbgogICAgICAgIGNvbnRlbnQ6ICJ7XG4gIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbl9kaXN0aW5jdF9pZC5qc29uXCIsXG4gIFwidGl0bGVcIjogXCJwZXJzb25fZGlzdGluY3RfaWRcIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBkaXN0aW5jdCBpZCBzY2hlbWEgdGhhdCBpcyBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiZGlzdGluY3RfaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VyIHByb3ZpZGVkIElEIGZvciB0aGUgZGlzdGluY3QgdXNlclwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIG9mIHRoZSBwZXJzb25cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwidGVhbV9pZFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlRlYW0gSUQgYXNzb2NpYXRlZCB3aXRoIHBlcnNvbl9kaXN0aW5jdF9pZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJfc2lnblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGNvbGxhcHNpbmcgbGF0ZXIgZGlmZmVyZW50IHZlcnNpb25zIG9mIGEgZGlzdGluY3QgaWQgKHBzdWVkby10b21ic3RvbmUpXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcImlzX2RlbGV0ZWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJCb29sZWFuIGlzIHRoZSBwZXJzb24gZGlzdGluY3RfaWQgZGVsZXRlZD9cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJib29sZWFuXCJcbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJkaXN0aW5jdF9pZFwiLCBcInBlcnNvbl9pZFwiLCBcInRlYW1faWRcIiwgXCJfc2lnblwiLCBcImlzX2RlbGV0ZWRcIl1cbiB9XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb25fZGlzdGluY3RfaWQyLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvcGVyc29uX2Rpc3RpbmN0X2lkMi5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgICBcIiRzY2hlbWFcIjogXCJodHRwczovL2pzb24tc2NoZW1hLm9yZy9kcmFmdC8yMDIwLTEyL3NjaGVtYVwiLFxuICAgIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbl9kaXN0aW5jdF9pZDIuanNvblwiLFxuICAgIFwidGl0bGVcIjogXCJwZXJzb25fZGlzdGluY3RfaWQyXCIsXG4gICAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBkaXN0aW5jdCBpZDIgc2NoZW1hIHRoYXQgaXMgZGVzdGluZWQgZm9yIENsaWNrSG91c2VcIixcbiAgICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgICBcImRpc3RpbmN0X2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VyIHByb3ZpZGVkIElEIGZvciB0aGUgZGlzdGluY3QgdXNlclwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVVSUQgb2YgdGhlIHBlcnNvblwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUZWFtIElEIGFzc29jaWF0ZWQgd2l0aCBwZXJzb25fZGlzdGluY3RfaWRcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwidmVyc2lvblwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVXNlZCBmb3IgY29sbGFwc2luZyBsYXRlciBkaWZmZXJlbnQgdmVyc2lvbnMgb2YgYSBkaXN0aW5jdCBpZCAocHN1ZWRvLXRvbWJzdG9uZSlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwiaXNfZGVsZXRlZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGRpc3RpbmN0X2lkIGRlbGV0ZWQ/XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJib29sZWFuXCJcbiAgICAgICAgfVxuICAgIH0sXG4gICAgXCJyZXF1aXJlZFwiOiBbXCJkaXN0aW5jdF9pZFwiLCBcInBlcnNvbl9pZFwiLCBcInRlYW1faWRcIiwgXCJ2ZXJzaW9uXCIsIFwiaXNfZGVsZXRlZFwiXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb24KICAgICAgICBjb250ZW50OiAie1xuICAgIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gICAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb25cIixcbiAgICBcInRpdGxlXCI6IFwicGx1Z2luX2xvZ19lbnRyaWVzXCIsXG4gICAgXCJkZXNjcmlwdGlvblwiOiBcIlBsdWdpbiBsb2cgZW50cmllcyB0aGF0IGFyZSBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICAgIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICAgIFwicHJvcGVydGllc1wiOiB7XG4gICAgICAgIFwiaWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVVSUQgZm9yIHRoZSBsb2cgZW50cnlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICAgIH0sXG4gICAgICAgIFwidGVhbV9pZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGVhbSBJRCBhc3NvY2lhdGVkIHdpdGggcGVyc29uX2Rpc3RpbmN0X2lkXCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgICB9LFxuICAgICAgICBcInBsdWdpbl9pZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiUGx1Z2luIElEIGFzc29jaWF0ZWQgd2l0aCB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgICB9LFxuICAgICAgICBcInBsdWdpbl9jb25maWdfaWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlBsdWdpbiBDb25maWcgSUQgYXNzb2NpYXRlZCB3aXRoIHRoZSBsb2cgZW50cnlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwidGltZXN0YW1wXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUaW1lc3RhbXAgZm9yIHdoZW4gdGhlIGxvZyBlbnRyeSB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJzb3VyY2VcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlNvdXJjZSBvZiB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcInR5cGVcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkxvZyBlbnRyeSB0eXBlXCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcIm1lc3NhZ2VcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkxvZyBlbnRyeSBib2R5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcImluc3RhbmNlX2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIG9mIHRoZSBpbnN0YW5jZSB0aGF0IGdlbmVyYXRlZCB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9XG4gICAgfSxcbiAgICBcInJlcXVpcmVkXCI6IFtcbiAgICAgICAgXCJpZFwiLFxuICAgICAgICBcInRlYW1faWRcIixcbiAgICAgICAgXCJwbHVnaW5faWRcIixcbiAgICAgICAgXCJwbHVnaW5fY29uZmlnX2lkXCIsXG4gICAgICAgIFwidGltZXN0YW1wXCIsXG4gICAgICAgIFwic291cmNlXCIsXG4gICAgICAgIFwidHlwZVwiLFxuICAgICAgICBcIm1lc3NhZ2VcIixcbiAgICAgICAgXCJpbnN0YW5jZV9pZFwiXG4gICAgXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9kb2NrZXIvY2xpY2tob3VzZS9kb2NrZXItZW50cnlwb2ludC1pbml0ZGIuZC9pbml0LWRiLnNoCiAgICAgICAgdGFyZ2V0OiAvZG9ja2VyLWVudHJ5cG9pbnQtaW5pdGRiLmQvaW5pdC1kYi5zaAogICAgICAgIGNvbnRlbnQ6ICIjIS9iaW4vYmFzaFxuc2V0IC1lXG5cbmNwIC1yIC9pZGwvKiAvdmFyL2xpYi9jbGlja2hvdXNlL2Zvcm1hdF9zY2hlbWFzL1xuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9kb2NrZXIvY2xpY2tob3VzZS9jb25maWcueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy54bWwKICAgICAgICBjb250ZW50OiAiPD94bWwgdmVyc2lvbj1cIjEuMFwiPz5cbjwhLS1cbiAgTk9URTogVXNlciBhbmQgcXVlcnkgbGV2ZWwgc2V0dGluZ3MgYXJlIHNldCB1cCBpbiBcInVzZXJzLnhtbFwiIGZpbGUuXG4gIElmIHlvdSBoYXZlIGFjY2lkZW50YWxseSBzcGVjaWZpZWQgdXNlci1sZXZlbCBzZXR0aW5ncyBoZXJlLCBzZXJ2ZXIgd29uJ3Qgc3RhcnQuXG4gIFlvdSBjYW4gZWl0aGVyIG1vdmUgdGhlIHNldHRpbmdzIHRvIHRoZSByaWdodCBwbGFjZSBpbnNpZGUgXCJ1c2Vycy54bWxcIiBmaWxlXG4gIG9yIGFkZCA8c2tpcF9jaGVja19mb3JfaW5jb3JyZWN0X3NldHRpbmdzPjE8L3NraXBfY2hlY2tfZm9yX2luY29ycmVjdF9zZXR0aW5ncz4gaGVyZS5cbi0tPlxuPHlhbmRleD5cbiAgICA8bG9nZ2VyPlxuICAgICAgICA8IS0tIFBvc3NpYmxlIGxldmVscyBbMV06XG5cbiAgICAgICAgICAtIG5vbmUgKHR1cm5zIG9mZiBsb2dnaW5nKVxuICAgICAgICAgIC0gZmF0YWxcbiAgICAgICAgICAtIGNyaXRpY2FsXG4gICAgICAgICAgLSBlcnJvclxuICAgICAgICAgIC0gd2FybmluZ1xuICAgICAgICAgIC0gbm90aWNlXG4gICAgICAgICAgLSBpbmZvcm1hdGlvblxuICAgICAgICAgIC0gZGVidWdcbiAgICAgICAgICAtIHRyYWNlXG4gICAgICAgICAgLSB0ZXN0IChub3QgZm9yIHByb2R1Y3Rpb24gdXNhZ2UpXG5cbiAgICAgICAgICAgIFsxXTpcbiAgICAgICAgaHR0cHM6Ly9naXRodWIuY29tL3BvY29wcm9qZWN0L3BvY28vYmxvYi9wb2NvLTEuOS40LXJlbGVhc2UvRm91bmRhdGlvbi9pbmNsdWRlL1BvY28vTG9nZ2VyLmgjTDEwNS1MMTE0XG4gICAgICAgIC0tPlxuICAgICAgICA8bGV2ZWw+dHJhY2U8L2xldmVsPlxuICAgICAgICA8bG9nPi92YXIvbG9nL2NsaWNraG91c2Utc2VydmVyL2NsaWNraG91c2Utc2VydmVyLmxvZzwvbG9nPlxuICAgICAgICA8ZXJyb3Jsb2c+L3Zhci9sb2cvY2xpY2tob3VzZS1zZXJ2ZXIvY2xpY2tob3VzZS1zZXJ2ZXIuZXJyLmxvZzwvZXJyb3Jsb2c+XG4gICAgICAgIDwhLS0gUm90YXRpb24gcG9saWN5XG4gICAgICAgICAgICBTZWVcbiAgICAgICAgaHR0cHM6Ly9naXRodWIuY29tL3BvY29wcm9qZWN0L3BvY28vYmxvYi9wb2NvLTEuOS40LXJlbGVhc2UvRm91bmRhdGlvbi9pbmNsdWRlL1BvY28vRmlsZUNoYW5uZWwuaCNMNTQtTDg1XG4gICAgICAgICAgLS0+XG4gICAgICAgIDxzaXplPjEwMDBNPC9zaXplPlxuICAgICAgICA8Y291bnQ+MTA8L2NvdW50PlxuICAgICAgICA8IS0tIDxjb25zb2xlPjE8L2NvbnNvbGU+IC0tPiA8IS0tIERlZmF1bHQgYmVoYXZpb3IgaXMgYXV0b2RldGVjdGlvbiAobG9nIHRvIGNvbnNvbGUgaWYgbm90IGRhZW1vbiBtb2RlXG4gICAgICAgIGFuZCBpcyB0dHkpIC0tPlxuXG4gICAgICAgIDwhLS0gUGVyIGxldmVsIG92ZXJyaWRlcyAobGVnYWN5KTpcblxuICAgICAgICBGb3IgZXhhbXBsZSB0byBzdXBwcmVzcyBsb2dnaW5nIG9mIHRoZSBDb25maWdSZWxvYWRlciB5b3UgY2FuIHVzZTpcbiAgICAgICAgTk9URTogbGV2ZWxzLmxvZ2dlciBpcyByZXNlcnZlZCwgc2VlIGJlbG93LlxuICAgICAgICAtLT5cbiAgICAgICAgPCEtLVxuICAgICAgICA8bGV2ZWxzPlxuICAgICAgICAgIDxDb25maWdSZWxvYWRlcj5ub25lPC9Db25maWdSZWxvYWRlcj5cbiAgICAgICAgPC9sZXZlbHM+XG4gICAgICAgIC0tPlxuXG4gICAgICAgIDwhLS0gUGVyIGxldmVsIG92ZXJyaWRlczpcblxuICAgICAgICBGb3IgZXhhbXBsZSB0byBzdXBwcmVzcyBsb2dnaW5nIG9mIHRoZSBSQkFDIGZvciBkZWZhdWx0IHVzZXIgeW91IGNhbiB1c2U6XG4gICAgICAgIChCdXQgcGxlYXNlIG5vdGUgdGhhdCB0aGUgbG9nZ2VyIG5hbWUgbWF5YmUgY2hhbmdlZCBmcm9tIHZlcnNpb24gdG8gdmVyc2lvbiwgZXZlbiBhZnRlciBtaW5vclxuICAgICAgICB1cGdyYWRlKVxuICAgICAgICAtLT5cbiAgICAgICAgPCEtLVxuICAgICAgICA8bGV2ZWxzPlxuICAgICAgICAgIDxsb2dnZXI+XG4gICAgICAgICAgICA8bmFtZT5Db250ZXh0QWNjZXNzIChkZWZhdWx0KTwvbmFtZT5cbiAgICAgICAgICAgIDxsZXZlbD5ub25lPC9sZXZlbD5cbiAgICAgICAgICA8L2xvZ2dlcj5cbiAgICAgICAgICA8bG9nZ2VyPlxuICAgICAgICAgICAgPG5hbWU+RGF0YWJhc2VPcmRpbmFyeSAodGVzdCk8L25hbWU+XG4gICAgICAgICAgICA8bGV2ZWw+bm9uZTwvbGV2ZWw+XG4gICAgICAgICAgPC9sb2dnZXI+XG4gICAgICAgIDwvbGV2ZWxzPlxuICAgICAgICAtLT5cbiAgICA8L2xvZ2dlcj5cblxuICAgIDwhLS0gQWRkIGhlYWRlcnMgdG8gcmVzcG9uc2UgaW4gb3B0aW9ucyByZXF1ZXN0LiBPUFRJT05TIG1ldGhvZCBpcyB1c2VkIGluIENPUlMgcHJlZmxpZ2h0XG4gICAgcmVxdWVzdHMuIC0tPlxuICAgIDwhLS0gSXQgaXMgb2ZmIGJ5IGRlZmF1bHQuIE5leHQgaGVhZGVycyBhcmUgb2JsaWdhdGUgZm9yIENPUlMuLS0+XG4gICAgPCEtLSBodHRwX29wdGlvbnNfcmVzcG9uc2U+XG4gICAgICAgIDxoZWFkZXI+XG4gICAgICAgICAgICA8bmFtZT5BY2Nlc3MtQ29udHJvbC1BbGxvdy1PcmlnaW48L25hbWU+XG4gICAgICAgICAgICA8dmFsdWU+KjwvdmFsdWU+XG4gICAgICAgIDwvaGVhZGVyPlxuICAgICAgICA8aGVhZGVyPlxuICAgICAgICAgICAgPG5hbWU+QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczwvbmFtZT5cbiAgICAgICAgICAgIDx2YWx1ZT5vcmlnaW4sIHgtcmVxdWVzdGVkLXdpdGg8L3ZhbHVlPlxuICAgICAgICA8L2hlYWRlcj5cbiAgICAgICAgPGhlYWRlcj5cbiAgICAgICAgICAgIDxuYW1lPkFjY2Vzcy1Db250cm9sLUFsbG93LU1ldGhvZHM8L25hbWU+XG4gICAgICAgICAgICA8dmFsdWU+UE9TVCwgR0VULCBPUFRJT05TPC92YWx1ZT5cbiAgICAgICAgPC9oZWFkZXI+XG4gICAgICAgIDxoZWFkZXI+XG4gICAgICAgICAgICA8bmFtZT5BY2Nlc3MtQ29udHJvbC1NYXgtQWdlPC9uYW1lPlxuICAgICAgICAgICAgPHZhbHVlPjg2NDAwPC92YWx1ZT5cbiAgICAgICAgPC9oZWFkZXI+XG4gICAgPC9odHRwX29wdGlvbnNfcmVzcG9uc2UgLS0+XG5cbiAgICA8IS0tIEl0IGlzIHRoZSBuYW1lIHRoYXQgd2lsbCBiZSBzaG93biBpbiB0aGUgY2xpY2tob3VzZS1jbGllbnQuXG4gICAgICAgIEJ5IGRlZmF1bHQsIGFueXRoaW5nIHdpdGggXCJwcm9kdWN0aW9uXCIgd2lsbCBiZSBoaWdobGlnaHRlZCBpbiByZWQgaW4gcXVlcnkgcHJvbXB0LlxuICAgIC0tPlxuICAgIDwhLS1kaXNwbGF5X25hbWU+cHJvZHVjdGlvbjwvZGlzcGxheV9uYW1lLS0+XG5cbiAgICA8IS0tIFBvcnQgZm9yIEhUVFAgQVBJLiBTZWUgYWxzbyAnaHR0cHNfcG9ydCcgZm9yIHNlY3VyZSBjb25uZWN0aW9ucy5cbiAgICAgICAgVGhpcyBpbnRlcmZhY2UgaXMgYWxzbyB1c2VkIGJ5IE9EQkMgYW5kIEpEQkMgZHJpdmVycyAoRGF0YUdyaXAsIERiZWF2ZXIsIC4uLilcbiAgICAgICAgYW5kIGJ5IG1vc3Qgb2Ygd2ViIGludGVyZmFjZXMgKGVtYmVkZGVkIFVJLCBHcmFmYW5hLCBSZWRhc2gsIC4uLikuXG4gICAgICAtLT5cbiAgICA8aHR0cF9wb3J0PjgxMjM8L2h0dHBfcG9ydD5cblxuICAgIDwhLS0gUG9ydCBmb3IgaW50ZXJhY3Rpb24gYnkgbmF0aXZlIHByb3RvY29sIHdpdGg6XG4gICAgICAgIC0gY2xpY2tob3VzZS1jbGllbnQgYW5kIG90aGVyIG5hdGl2ZSBDbGlja0hvdXNlIHRvb2xzIChjbGlja2hvdXNlLWJlbmNobWFyaywgY2xpY2tob3VzZS1jb3BpZXIpO1xuICAgICAgICAtIGNsaWNraG91c2Utc2VydmVyIHdpdGggb3RoZXIgY2xpY2tob3VzZS1zZXJ2ZXJzIGZvciBkaXN0cmlidXRlZCBxdWVyeSBwcm9jZXNzaW5nO1xuICAgICAgICAtIENsaWNrSG91c2UgZHJpdmVycyBhbmQgYXBwbGljYXRpb25zIHN1cHBvcnRpbmcgbmF0aXZlIHByb3RvY29sXG4gICAgICAgICh0aGlzIHByb3RvY29sIGlzIGFsc28gaW5mb3JtYWxseSBjYWxsZWQgYXMgXCJ0aGUgVENQIHByb3RvY29sXCIpO1xuICAgICAgICBTZWUgYWxzbyAndGNwX3BvcnRfc2VjdXJlJyBmb3Igc2VjdXJlIGNvbm5lY3Rpb25zLlxuICAgIC0tPlxuICAgIDx0Y3BfcG9ydD45MDAwPC90Y3BfcG9ydD5cblxuICAgIDwhLS0gQ29tcGF0aWJpbGl0eSB3aXRoIE15U1FMIHByb3RvY29sLlxuICAgICAgICBDbGlja0hvdXNlIHdpbGwgcHJldGVuZCB0byBiZSBNeVNRTCBmb3IgYXBwbGljYXRpb25zIGNvbm5lY3RpbmcgdG8gdGhpcyBwb3J0LlxuICAgIC0tPlxuICAgIDxteXNxbF9wb3J0PjkwMDQ8L215c3FsX3BvcnQ+XG5cbiAgICA8IS0tIENvbXBhdGliaWxpdHkgd2l0aCBQb3N0Z3JlU1FMIHByb3RvY29sLlxuICAgICAgICBDbGlja0hvdXNlIHdpbGwgcHJldGVuZCB0byBiZSBQb3N0Z3JlU1FMIGZvciBhcHBsaWNhdGlvbnMgY29ubmVjdGluZyB0byB0aGlzIHBvcnQuXG4gICAgLS0+XG4gICAgPHBvc3RncmVzcWxfcG9ydD45MDA1PC9wb3N0Z3Jlc3FsX3BvcnQ+XG5cbiAgICA8IS0tIEhUVFAgQVBJIHdpdGggVExTIChIVFRQUykuXG4gICAgICAgIFlvdSBoYXZlIHRvIGNvbmZpZ3VyZSBjZXJ0aWZpY2F0ZSB0byBlbmFibGUgdGhpcyBpbnRlcmZhY2UuXG4gICAgICAgIFNlZSB0aGUgb3BlblNTTCBzZWN0aW9uIGJlbG93LlxuICAgIC0tPlxuICAgIDxodHRwc19wb3J0Pjg0NDM8L2h0dHBzX3BvcnQ+XG5cbiAgICA8IS0tIE5hdGl2ZSBpbnRlcmZhY2Ugd2l0aCBUTFMuXG4gICAgICAgIFlvdSBoYXZlIHRvIGNvbmZpZ3VyZSBjZXJ0aWZpY2F0ZSB0byBlbmFibGUgdGhpcyBpbnRlcmZhY2UuXG4gICAgICAgIFNlZSB0aGUgb3BlblNTTCBzZWN0aW9uIGJlbG93LlxuICAgIC0tPlxuICAgIDx0Y3BfcG9ydF9zZWN1cmU+OTQ0MDwvdGNwX3BvcnRfc2VjdXJlPlxuXG4gICAgPCEtLSBOYXRpdmUgaW50ZXJmYWNlIHdyYXBwZWQgd2l0aCBQUk9YWXYxIHByb3RvY29sXG4gICAgICAgIFBST1hZdjEgaGVhZGVyIHNlbnQgZm9yIGV2ZXJ5IGNvbm5lY3Rpb24uXG4gICAgICAgIENsaWNrSG91c2Ugd2lsbCBleHRyYWN0IGluZm9ybWF0aW9uIGFib3V0IHByb3h5LWZvcndhcmRlZCBjbGllbnQgYWRkcmVzcyBmcm9tIHRoZSBoZWFkZXIuXG4gICAgLS0+XG4gICAgPCEtLSA8dGNwX3dpdGhfcHJveHlfcG9ydD45MDExPC90Y3Bfd2l0aF9wcm94eV9wb3J0PiAtLT5cblxuICAgIDwhLS0gUG9ydCBmb3IgY29tbXVuaWNhdGlvbiBiZXR3ZWVuIHJlcGxpY2FzLiBVc2VkIGZvciBkYXRhIGV4Y2hhbmdlLlxuICAgICAgICBJdCBwcm92aWRlcyBsb3ctbGV2ZWwgZGF0YSBhY2Nlc3MgYmV0d2VlbiBzZXJ2ZXJzLlxuICAgICAgICBUaGlzIHBvcnQgc2hvdWxkIG5vdCBiZSBhY2Nlc3NpYmxlIGZyb20gdW50cnVzdGVkIG5ldHdvcmtzLlxuICAgICAgICBTZWUgYWxzbyAnaW50ZXJzZXJ2ZXJfaHR0cF9jcmVkZW50aWFscycuXG4gICAgICAgIERhdGEgdHJhbnNmZXJyZWQgb3ZlciBjb25uZWN0aW9ucyB0byB0aGlzIHBvcnQgc2hvdWxkIG5vdCBnbyB0aHJvdWdoIHVudHJ1c3RlZCBuZXR3b3Jrcy5cbiAgICAgICAgU2VlIGFsc28gJ2ludGVyc2VydmVyX2h0dHBzX3BvcnQnLlxuICAgICAgLS0+XG4gICAgPGludGVyc2VydmVyX2h0dHBfcG9ydD45MDA5PC9pbnRlcnNlcnZlcl9odHRwX3BvcnQ+XG5cbiAgICA8IS0tIFBvcnQgZm9yIGNvbW11bmljYXRpb24gYmV0d2VlbiByZXBsaWNhcyB3aXRoIFRMUy5cbiAgICAgICAgWW91IGhhdmUgdG8gY29uZmlndXJlIGNlcnRpZmljYXRlIHRvIGVuYWJsZSB0aGlzIGludGVyZmFjZS5cbiAgICAgICAgU2VlIHRoZSBvcGVuU1NMIHNlY3Rpb24gYmVsb3cuXG4gICAgICAgIFNlZSBhbHNvICdpbnRlcnNlcnZlcl9odHRwX2NyZWRlbnRpYWxzJy5cbiAgICAgIC0tPlxuICAgIDwhLS0gPGludGVyc2VydmVyX2h0dHBzX3BvcnQ+OTAxMDwvaW50ZXJzZXJ2ZXJfaHR0cHNfcG9ydD4gLS0+XG5cbiAgICA8IS0tIEhvc3RuYW1lIHRoYXQgaXMgdXNlZCBieSBvdGhlciByZXBsaWNhcyB0byByZXF1ZXN0IHRoaXMgc2VydmVyLlxuICAgICAgICBJZiBub3Qgc3BlY2lmaWVkLCB0aGFuIGl0IGlzIGRldGVybWluZWQgYW5hbG9nb3VzIHRvICdob3N0bmFtZSAtZicgY29tbWFuZC5cbiAgICAgICAgVGhpcyBzZXR0aW5nIGNvdWxkIGJlIHVzZWQgdG8gc3dpdGNoIHJlcGxpY2F0aW9uIHRvIGFub3RoZXIgbmV0d29yayBpbnRlcmZhY2VcbiAgICAgICAgKHRoZSBzZXJ2ZXIgbWF5IGJlIGNvbm5lY3RlZCB0byBtdWx0aXBsZSBuZXR3b3JrcyB2aWEgbXVsdGlwbGUgYWRkcmVzc2VzKVxuICAgICAgLS0+XG5cbiAgICA8IS0tXG4gICAgPGludGVyc2VydmVyX2h0dHBfaG9zdD5leGFtcGxlLnlhbmRleC5ydTwvaW50ZXJzZXJ2ZXJfaHR0cF9ob3N0PlxuICAgIC0tPlxuXG4gICAgPCEtLSBZb3UgY2FuIHNwZWNpZnkgY3JlZGVudGlhbHMgZm9yIGF1dGhlbnRoaWNhdGlvbiBiZXR3ZWVuIHJlcGxpY2FzLlxuICAgICAgICBUaGlzIGlzIHJlcXVpcmVkIHdoZW4gaW50ZXJzZXJ2ZXJfaHR0cHNfcG9ydCBpcyBhY2Nlc3NpYmxlIGZyb20gdW50cnVzdGVkIG5ldHdvcmtzLFxuICAgICAgICBhbmQgYWxzbyByZWNvbW1lbmRlZCB0byBhdm9pZCBTU1JGIGF0dGFja3MgZnJvbSBwb3NzaWJseSBjb21wcm9taXNlZCBzZXJ2aWNlcyBpbiB5b3VyIG5ldHdvcmsuXG4gICAgICAtLT5cbiAgICA8IS0tPGludGVyc2VydmVyX2h0dHBfY3JlZGVudGlhbHM+XG4gICAgICAgIDx1c2VyPmludGVyc2VydmVyPC91c2VyPlxuICAgICAgICA8cGFzc3dvcmQ+PC9wYXNzd29yZD5cbiAgICA8L2ludGVyc2VydmVyX2h0dHBfY3JlZGVudGlhbHM+LS0+XG5cbiAgICA8IS0tIExpc3RlbiBzcGVjaWZpZWQgYWRkcmVzcy5cbiAgICAgICAgVXNlIDo6ICh3aWxkY2FyZCBJUHY2IGFkZHJlc3MpLCBpZiB5b3Ugd2FudCB0byBhY2NlcHQgY29ubmVjdGlvbnMgYm90aCB3aXRoIElQdjQgYW5kIElQdjYgZnJvbVxuICAgIGV2ZXJ5d2hlcmUuXG4gICAgICAgIE5vdGVzOlxuICAgICAgICBJZiB5b3Ugb3BlbiBjb25uZWN0aW9ucyBmcm9tIHdpbGRjYXJkIGFkZHJlc3MsIG1ha2Ugc3VyZSB0aGF0IGF0IGxlYXN0IG9uZSBvZiB0aGUgZm9sbG93aW5nXG4gICAgbWVhc3VyZXMgYXBwbGllZDpcbiAgICAgICAgLSBzZXJ2ZXIgaXMgcHJvdGVjdGVkIGJ5IGZpcmV3YWxsIGFuZCBub3QgYWNjZXNzaWJsZSBmcm9tIHVudHJ1c3RlZCBuZXR3b3JrcztcbiAgICAgICAgLSBhbGwgdXNlcnMgYXJlIHJlc3RyaWN0ZWQgdG8gc3Vic2V0IG9mIG5ldHdvcmsgYWRkcmVzc2VzIChzZWUgdXNlcnMueG1sKTtcbiAgICAgICAgLSBhbGwgdXNlcnMgaGF2ZSBzdHJvbmcgcGFzc3dvcmRzLCBvbmx5IHNlY3VyZSAoVExTKSBpbnRlcmZhY2VzIGFyZSBhY2Nlc3NpYmxlLCBvciBjb25uZWN0aW9ucyBhcmVcbiAgICBvbmx5IG1hZGUgdmlhIFRMUyBpbnRlcmZhY2VzLlxuICAgICAgICAtIHVzZXJzIHdpdGhvdXQgcGFzc3dvcmQgaGF2ZSByZWFkb25seSBhY2Nlc3MuXG4gICAgICAgIFNlZSBhbHNvOiBodHRwczovL3d3dy5zaG9kYW4uaW8vc2VhcmNoP3F1ZXJ5PWNsaWNraG91c2VcbiAgICAgIC0tPlxuICAgIDwhLS0gPGxpc3Rlbl9ob3N0Pjo6PC9saXN0ZW5faG9zdD4gLS0+XG5cblxuICAgIDwhLS0gU2FtZSBmb3IgaG9zdHMgd2l0aG91dCBzdXBwb3J0IGZvciBJUHY2OiAtLT5cbiAgICA8IS0tIDxsaXN0ZW5faG9zdD4wLjAuMC4wPC9saXN0ZW5faG9zdD4gLS0+XG5cbiAgICA8IS0tIERlZmF1bHQgdmFsdWVzIC0gdHJ5IGxpc3RlbiBsb2NhbGhvc3Qgb24gSVB2NCBhbmQgSVB2Ni4gLS0+XG4gICAgPCEtLVxuICAgIDxsaXN0ZW5faG9zdD46OjE8L2xpc3Rlbl9ob3N0PlxuICAgIDxsaXN0ZW5faG9zdD4xMjcuMC4wLjE8L2xpc3Rlbl9ob3N0PlxuICAgIC0tPlxuXG4gICAgPCEtLSBEb24ndCBleGl0IGlmIElQdjYgb3IgSVB2NCBuZXR3b3JrcyBhcmUgdW5hdmFpbGFibGUgd2hpbGUgdHJ5aW5nIHRvIGxpc3Rlbi4gLS0+XG4gICAgPCEtLSA8bGlzdGVuX3RyeT4wPC9saXN0ZW5fdHJ5PiAtLT5cblxuICAgIDwhLS0gQWxsb3cgbXVsdGlwbGUgc2VydmVycyB0byBsaXN0ZW4gb24gdGhlIHNhbWUgYWRkcmVzczpwb3J0LiBUaGlzIGlzIG5vdCByZWNvbW1lbmRlZC5cbiAgICAgIC0tPlxuICAgIDwhLS0gPGxpc3Rlbl9yZXVzZV9wb3J0PjA8L2xpc3Rlbl9yZXVzZV9wb3J0PiAtLT5cblxuICAgIDwhLS0gPGxpc3Rlbl9iYWNrbG9nPjQwOTY8L2xpc3Rlbl9iYWNrbG9nPiAtLT5cblxuICAgIDxtYXhfY29ubmVjdGlvbnM+NDA5NjwvbWF4X2Nvbm5lY3Rpb25zPlxuXG4gICAgPCEtLSBGb3IgJ0Nvbm5lY3Rpb246IGtlZXAtYWxpdmUnIGluIEhUVFAgMS4xIC0tPlxuICAgIDxrZWVwX2FsaXZlX3RpbWVvdXQ+Mzwva2VlcF9hbGl2ZV90aW1lb3V0PlxuXG4gICAgPCEtLSBnUlBDIHByb3RvY29sIChzZWUgc3JjL1NlcnZlci9ncnBjX3Byb3Rvcy9jbGlja2hvdXNlX2dycGMucHJvdG8gZm9yIHRoZSBBUEkpIC0tPlxuICAgIDwhLS0gPGdycGNfcG9ydD45MTAwPC9ncnBjX3BvcnQ+IC0tPlxuICAgIDxncnBjPlxuICAgICAgICA8ZW5hYmxlX3NzbD5mYWxzZTwvZW5hYmxlX3NzbD5cblxuICAgICAgICA8IS0tIFRoZSBmb2xsb3dpbmcgdHdvIGZpbGVzIGFyZSB1c2VkIG9ubHkgaWYgZW5hYmxlX3NzbD0xIC0tPlxuICAgICAgICA8c3NsX2NlcnRfZmlsZT4vcGF0aC90by9zc2xfY2VydF9maWxlPC9zc2xfY2VydF9maWxlPlxuICAgICAgICA8c3NsX2tleV9maWxlPi9wYXRoL3RvL3NzbF9rZXlfZmlsZTwvc3NsX2tleV9maWxlPlxuXG4gICAgICAgIDwhLS0gV2hldGhlciBzZXJ2ZXIgd2lsbCByZXF1ZXN0IGNsaWVudCBmb3IgYSBjZXJ0aWZpY2F0ZSAtLT5cbiAgICAgICAgPHNzbF9yZXF1aXJlX2NsaWVudF9hdXRoPmZhbHNlPC9zc2xfcmVxdWlyZV9jbGllbnRfYXV0aD5cblxuICAgICAgICA8IS0tIFRoZSBmb2xsb3dpbmcgZmlsZSBpcyB1c2VkIG9ubHkgaWYgc3NsX3JlcXVpcmVfY2xpZW50X2F1dGg9MSAtLT5cbiAgICAgICAgPHNzbF9jYV9jZXJ0X2ZpbGU+L3BhdGgvdG8vc3NsX2NhX2NlcnRfZmlsZTwvc3NsX2NhX2NlcnRfZmlsZT5cblxuICAgICAgICA8IS0tIERlZmF1bHQgdHJhbnNwb3J0IGNvbXByZXNzaW9uIHR5cGUgKGNhbiBiZSBvdmVycmlkZGVuIGJ5IGNsaWVudCwgc2VlIHRoZVxuICAgICAgICB0cmFuc3BvcnRfY29tcHJlc3Npb25fdHlwZSBmaWVsZCBpbiBRdWVyeUluZm8pLlxuICAgICAgICAgICAgU3VwcG9ydGVkIGFsZ29yaXRobXM6IG5vbmUsIGRlZmxhdGUsIGd6aXAsIHN0cmVhbV9nemlwIC0tPlxuICAgICAgICA8dHJhbnNwb3J0X2NvbXByZXNzaW9uX3R5cGU+bm9uZTwvdHJhbnNwb3J0X2NvbXByZXNzaW9uX3R5cGU+XG5cbiAgICAgICAgPCEtLSBEZWZhdWx0IHRyYW5zcG9ydCBjb21wcmVzc2lvbiBsZXZlbC4gU3VwcG9ydGVkIGxldmVsczogMC4uMyAtLT5cbiAgICAgICAgPHRyYW5zcG9ydF9jb21wcmVzc2lvbl9sZXZlbD4wPC90cmFuc3BvcnRfY29tcHJlc3Npb25fbGV2ZWw+XG5cbiAgICAgICAgPCEtLSBTZW5kL3JlY2VpdmUgbWVzc2FnZSBzaXplIGxpbWl0cyBpbiBieXRlcy4gLTEgbWVhbnMgdW5saW1pdGVkIC0tPlxuICAgICAgICA8bWF4X3NlbmRfbWVzc2FnZV9zaXplPi0xPC9tYXhfc2VuZF9tZXNzYWdlX3NpemU+XG4gICAgICAgIDxtYXhfcmVjZWl2ZV9tZXNzYWdlX3NpemU+LTE8L21heF9yZWNlaXZlX21lc3NhZ2Vfc2l6ZT5cblxuICAgICAgICA8IS0tIEVuYWJsZSBpZiB5b3Ugd2FudCB2ZXJ5IGRldGFpbGVkIGxvZ3MgLS0+XG4gICAgICAgIDx2ZXJib3NlX2xvZ3M+ZmFsc2U8L3ZlcmJvc2VfbG9ncz5cbiAgICA8L2dycGM+XG5cbiAgICA8IS0tIFVzZWQgd2l0aCBodHRwc19wb3J0IGFuZCB0Y3BfcG9ydF9zZWN1cmUuIEZ1bGwgc3NsIG9wdGlvbnMgbGlzdDpcbiAgICBodHRwczovL2dpdGh1Yi5jb20vQ2xpY2tIb3VzZS1FeHRyYXMvcG9jby9ibG9iL21hc3Rlci9OZXRTU0xfT3BlblNTTC9pbmNsdWRlL1BvY28vTmV0L1NTTE1hbmFnZXIuaCNMNzEgLS0+XG4gICAgPG9wZW5TU0w+XG4gICAgICAgIDxzZXJ2ZXI+IDwhLS0gVXNlZCBmb3IgaHR0cHMgc2VydmVyIEFORCBzZWN1cmUgdGNwIHBvcnQgLS0+XG4gICAgICAgICAgICA8IS0tIG9wZW5zc2wgcmVxIC1zdWJqIFwiL0NOPWxvY2FsaG9zdFwiIC1uZXcgLW5ld2tleSByc2E6MjA0OCAtZGF5cyAzNjUgLW5vZGVzIC14NTA5XG4gICAgICAgICAgICAta2V5b3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvc2VydmVyLmtleSAtb3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvc2VydmVyLmNydCAtLT5cbiAgICAgICAgICAgIDxjZXJ0aWZpY2F0ZUZpbGU+L2V0Yy9jbGlja2hvdXNlLXNlcnZlci9zZXJ2ZXIuY3J0PC9jZXJ0aWZpY2F0ZUZpbGU+XG4gICAgICAgICAgICA8cHJpdmF0ZUtleUZpbGU+L2V0Yy9jbGlja2hvdXNlLXNlcnZlci9zZXJ2ZXIua2V5PC9wcml2YXRlS2V5RmlsZT5cbiAgICAgICAgICAgIDwhLS0gZGhwYXJhbXMgYXJlIG9wdGlvbmFsLiBZb3UgY2FuIGRlbGV0ZSB0aGUgPGRoUGFyYW1zRmlsZT4gZWxlbWVudC5cbiAgICAgICAgICAgICAgICBUbyBnZW5lcmF0ZSBkaHBhcmFtcywgdXNlIHRoZSBmb2xsb3dpbmcgY29tbWFuZDpcbiAgICAgICAgICAgICAgICAgIG9wZW5zc2wgZGhwYXJhbSAtb3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvZGhwYXJhbS5wZW0gNDA5NlxuICAgICAgICAgICAgICAgIE9ubHkgZmlsZSBmb3JtYXQgd2l0aCBCRUdJTiBESCBQQVJBTUVURVJTIGlzIHN1cHBvcnRlZC5cbiAgICAgICAgICAgICAgLS0+XG4gICAgICAgICAgICA8ZGhQYXJhbXNGaWxlPi9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvZGhwYXJhbS5wZW08L2RoUGFyYW1zRmlsZT5cbiAgICAgICAgICAgIDx2ZXJpZmljYXRpb25Nb2RlPm5vbmU8L3ZlcmlmaWNhdGlvbk1vZGU+XG4gICAgICAgICAgICA8bG9hZERlZmF1bHRDQUZpbGU+dHJ1ZTwvbG9hZERlZmF1bHRDQUZpbGU+XG4gICAgICAgICAgICA8Y2FjaGVTZXNzaW9ucz50cnVlPC9jYWNoZVNlc3Npb25zPlxuICAgICAgICAgICAgPGRpc2FibGVQcm90b2NvbHM+c3NsdjIsc3NsdjM8L2Rpc2FibGVQcm90b2NvbHM+XG4gICAgICAgICAgICA8cHJlZmVyU2VydmVyQ2lwaGVycz50cnVlPC9wcmVmZXJTZXJ2ZXJDaXBoZXJzPlxuICAgICAgICA8L3NlcnZlcj5cblxuICAgICAgICA8Y2xpZW50PiA8IS0tIFVzZWQgZm9yIGNvbm5lY3RpbmcgdG8gaHR0cHMgZGljdGlvbmFyeSBzb3VyY2UgYW5kIHNlY3VyZWQgWm9va2VlcGVyXG4gICAgICAgICAgICBjb21tdW5pY2F0aW9uIC0tPlxuICAgICAgICAgICAgPGxvYWREZWZhdWx0Q0FGaWxlPnRydWU8L2xvYWREZWZhdWx0Q0FGaWxlPlxuICAgICAgICAgICAgPGNhY2hlU2Vzc2lvbnM+dHJ1ZTwvY2FjaGVTZXNzaW9ucz5cbiAgICAgICAgICAgIDxkaXNhYmxlUHJvdG9jb2xzPnNzbHYyLHNzbHYzPC9kaXNhYmxlUHJvdG9jb2xzPlxuICAgICAgICAgICAgPHByZWZlclNlcnZlckNpcGhlcnM+dHJ1ZTwvcHJlZmVyU2VydmVyQ2lwaGVycz5cbiAgICAgICAgICAgIDwhLS0gVXNlIGZvciBzZWxmLXNpZ25lZDogPHZlcmlmaWNhdGlvbk1vZGU+bm9uZTwvdmVyaWZpY2F0aW9uTW9kZT4gLS0+XG4gICAgICAgICAgICA8aW52YWxpZENlcnRpZmljYXRlSGFuZGxlcj5cbiAgICAgICAgICAgICAgICA8IS0tIFVzZSBmb3Igc2VsZi1zaWduZWQ6IDxuYW1lPkFjY2VwdENlcnRpZmljYXRlSGFuZGxlcjwvbmFtZT4gLS0+XG4gICAgICAgICAgICAgICAgPG5hbWU+UmVqZWN0Q2VydGlmaWNhdGVIYW5kbGVyPC9uYW1lPlxuICAgICAgICAgICAgPC9pbnZhbGlkQ2VydGlmaWNhdGVIYW5kbGVyPlxuICAgICAgICA8L2NsaWVudD5cbiAgICA8L29wZW5TU0w+XG5cbiAgICA8IS0tIERlZmF1bHQgcm9vdCBwYWdlIG9uIGh0dHBbc10gc2VydmVyLiBGb3IgZXhhbXBsZSBsb2FkIFVJIGZyb20gaHR0cHM6Ly90YWJpeC5pby8gd2hlblxuICAgIG9wZW5pbmcgaHR0cDovL2xvY2FsaG9zdDo4MTIzIC0tPlxuICAgIDwhLS1cbiAgICA8aHR0cF9zZXJ2ZXJfZGVmYXVsdF9yZXNwb25zZT48IVtDREFUQVs8aHRtbCBuZy1hcHA9XCJTTUkyXCI+PGhlYWQ+PGJhc2VcbiAgICBocmVmPVwiaHR0cDovL3VpLnRhYml4LmlvL1wiPjwvaGVhZD48Ym9keT48ZGl2IHVpLXZpZXc9XCJcIiBjbGFzcz1cImNvbnRlbnQtdWlcIj48L2Rpdj48c2NyaXB0XG4gICAgc3JjPVwiaHR0cDovL2xvYWRlci50YWJpeC5pby9tYXN0ZXIuanNcIj48L3NjcmlwdD48L2JvZHk+PC9odG1sPl1dPjwvaHR0cF9zZXJ2ZXJfZGVmYXVsdF9yZXNwb25zZT5cbiAgICAtLT5cblxuICAgIDwhLS0gTWF4aW11bSBudW1iZXIgb2YgY29uY3VycmVudCBxdWVyaWVzLiAtLT5cbiAgICA8bWF4X2NvbmN1cnJlbnRfcXVlcmllcz4xMDA8L21heF9jb25jdXJyZW50X3F1ZXJpZXM+XG5cbiAgICA8IS0tIE1heGltdW0gbWVtb3J5IHVzYWdlIChyZXNpZGVudCBzZXQgc2l6ZSkgZm9yIHNlcnZlciBwcm9jZXNzLlxuICAgICAgICBaZXJvIHZhbHVlIG9yIHVuc2V0IG1lYW5zIGRlZmF1bHQuIERlZmF1bHQgaXMgXCJtYXhfc2VydmVyX21lbW9yeV91c2FnZV90b19yYW1fcmF0aW9cIiBvZiBhdmFpbGFibGVcbiAgICBwaHlzaWNhbCBSQU0uXG4gICAgICAgIElmIHRoZSB2YWx1ZSBpcyBsYXJnZXIgdGhhbiBcIm1heF9zZXJ2ZXJfbWVtb3J5X3VzYWdlX3RvX3JhbV9yYXRpb1wiIG9mIGF2YWlsYWJsZSBwaHlzaWNhbCBSQU0sIGl0XG4gICAgd2lsbCBiZSBjdXQgZG93bi5cblxuICAgICAgICBUaGUgY29uc3RyYWludCBpcyBjaGVja2VkIG9uIHF1ZXJ5IGV4ZWN1dGlvbiB0aW1lLlxuICAgICAgICBJZiBhIHF1ZXJ5IHRyaWVzIHRvIGFsbG9jYXRlIG1lbW9yeSBhbmQgdGhlIGN1cnJlbnQgbWVtb3J5IHVzYWdlIHBsdXMgYWxsb2NhdGlvbiBpcyBncmVhdGVyXG4gICAgICAgICAgdGhhbiBzcGVjaWZpZWQgdGhyZXNob2xkLCBleGNlcHRpb24gd2lsbCBiZSB0aHJvd24uXG5cbiAgICAgICAgSXQgaXMgbm90IHByYWN0aWNhbCB0byBzZXQgdGhpcyBjb25zdHJhaW50IHRvIHNtYWxsIHZhbHVlcyBsaWtlIGp1c3QgYSBmZXcgZ2lnYWJ5dGVzLFxuICAgICAgICAgIGJlY2F1c2UgbWVtb3J5IGFsbG9jYXRvciB3aWxsIGtlZXAgdGhpcyBhbW91bnQgb2YgbWVtb3J5IGluIGNhY2hlcyBhbmQgdGhlIHNlcnZlciB3aWxsIGRlbnkgc2VydmljZVxuICAgIG9mIHF1ZXJpZXMuXG4gICAgICAtLT5cbiAgICA8bWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2U+MDwvbWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2U+XG5cbiAgICA8IS0tIE1heGltdW0gbnVtYmVyIG9mIHRocmVhZHMgaW4gdGhlIEdsb2JhbCB0aHJlYWQgcG9vbC5cbiAgICBUaGlzIHdpbGwgZGVmYXVsdCB0byBhIG1heGltdW0gb2YgMTAwMDAgdGhyZWFkcyBpZiBub3Qgc3BlY2lmaWVkLlxuICAgIFRoaXMgc2V0dGluZyB3aWxsIGJlIHVzZWZ1bCBpbiBzY2VuYXJpb3Mgd2hlcmUgdGhlcmUgYXJlIGEgbGFyZ2UgbnVtYmVyXG4gICAgb2YgZGlzdHJpYnV0ZWQgcXVlcmllcyB0aGF0IGFyZSBydW5uaW5nIGNvbmN1cnJlbnRseSBidXQgYXJlIGlkbGluZyBtb3N0XG4gICAgb2YgdGhlIHRpbWUsIGluIHdoaWNoIGNhc2UgYSBoaWdoZXIgbnVtYmVyIG9mIHRocmVhZHMgbWlnaHQgYmUgcmVxdWlyZWQuXG4gICAgLS0+XG5cbiAgICA8bWF4X3RocmVhZF9wb29sX3NpemU+MTAwMDA8L21heF90aHJlYWRfcG9vbF9zaXplPlxuXG4gICAgPCEtLSBOdW1iZXIgb2Ygd29ya2VycyB0byByZWN5Y2xlIGNvbm5lY3Rpb25zIGluIGJhY2tncm91bmQgKHNlZSBhbHNvIGRyYWluX3RpbWVvdXQpLlxuICAgICAgICBJZiB0aGUgcG9vbCBpcyBmdWxsLCBjb25uZWN0aW9uIHdpbGwgYmUgZHJhaW5lZCBzeW5jaHJvbm91c2x5LiAtLT5cbiAgICA8IS0tIDxtYXhfdGhyZWFkc19mb3JfY29ubmVjdGlvbl9jb2xsZWN0b3I+MTA8L21heF90aHJlYWRzX2Zvcl9jb25uZWN0aW9uX2NvbGxlY3Rvcj4gLS0+XG5cbiAgICA8IS0tIE9uIG1lbW9yeSBjb25zdHJhaW5lZCBlbnZpcm9ubWVudHMgeW91IG1heSBoYXZlIHRvIHNldCB0aGlzIHRvIHZhbHVlIGxhcmdlciB0aGFuIDEuXG4gICAgICAtLT5cbiAgICA8bWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2VfdG9fcmFtX3JhdGlvPjAuOTwvbWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2VfdG9fcmFtX3JhdGlvPlxuXG4gICAgPCEtLSBTaW1wbGUgc2VydmVyLXdpZGUgbWVtb3J5IHByb2ZpbGVyLiBDb2xsZWN0IGEgc3RhY2sgdHJhY2UgYXQgZXZlcnkgcGVhayBhbGxvY2F0aW9uIHN0ZXAgKGluXG4gICAgYnl0ZXMpLlxuICAgICAgICBEYXRhIHdpbGwgYmUgc3RvcmVkIGluIHN5c3RlbS50cmFjZV9sb2cgdGFibGUgd2l0aCBxdWVyeV9pZCA9IGVtcHR5IHN0cmluZy5cbiAgICAgICAgWmVybyBtZWFucyBkaXNhYmxlZC5cbiAgICAgIC0tPlxuICAgIDx0b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcD40MTk0MzA0PC90b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcD5cblxuICAgIDwhLS0gQ29sbGVjdCByYW5kb20gYWxsb2NhdGlvbnMgYW5kIGRlYWxsb2NhdGlvbnMgYW5kIHdyaXRlIHRoZW0gaW50byBzeXN0ZW0udHJhY2VfbG9nIHdpdGhcbiAgICAnTWVtb3J5U2FtcGxlJyB0cmFjZV90eXBlLlxuICAgICAgICBUaGUgcHJvYmFiaWxpdHkgaXMgZm9yIGV2ZXJ5IGFsbG9jL2ZyZWUgcmVnYXJkbGVzcyB0byB0aGUgc2l6ZSBvZiB0aGUgYWxsb2NhdGlvbi5cbiAgICAgICAgTm90ZSB0aGF0IHNhbXBsaW5nIGhhcHBlbnMgb25seSB3aGVuIHRoZSBhbW91bnQgb2YgdW50cmFja2VkIG1lbW9yeSBleGNlZWRzIHRoZSB1bnRyYWNrZWQgbWVtb3J5XG4gICAgbGltaXQsXG4gICAgICAgICAgd2hpY2ggaXMgNCBNaUIgYnkgZGVmYXVsdCBidXQgY2FuIGJlIGxvd2VyZWQgaWYgJ3RvdGFsX21lbW9yeV9wcm9maWxlcl9zdGVwJyBpcyBsb3dlcmVkLlxuICAgICAgICBZb3UgbWF5IHdhbnQgdG8gc2V0ICd0b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcCcgdG8gMSBmb3IgZXh0cmEgZmluZSBncmFpbmVkIHNhbXBsaW5nLlxuICAgICAgLS0+XG4gICAgPHRvdGFsX21lbW9yeV90cmFja2VyX3NhbXBsZV9wcm9iYWJpbGl0eT4wPC90b3RhbF9tZW1vcnlfdHJhY2tlcl9zYW1wbGVfcHJvYmFiaWxpdHk+XG5cbiAgICA8IS0tIFNldCBsaW1pdCBvbiBudW1iZXIgb2Ygb3BlbiBmaWxlcyAoZGVmYXVsdDogbWF4aW11bSkuIFRoaXMgc2V0dGluZyBtYWtlcyBzZW5zZSBvbiBNYWMgT1MgWFxuICAgIGJlY2F1c2UgZ2V0cmxpbWl0KCkgZmFpbHMgdG8gcmV0cmlldmVcbiAgICAgICAgY29ycmVjdCBtYXhpbXVtIHZhbHVlLiAtLT5cbiAgICA8IS0tIDxtYXhfb3Blbl9maWxlcz4yNjIxNDQ8L21heF9vcGVuX2ZpbGVzPiAtLT5cblxuICAgIDwhLS0gU2l6ZSBvZiBjYWNoZSBvZiB1bmNvbXByZXNzZWQgYmxvY2tzIG9mIGRhdGEsIHVzZWQgaW4gdGFibGVzIG9mIE1lcmdlVHJlZSBmYW1pbHkuXG4gICAgICAgIEluIGJ5dGVzLiBDYWNoZSBpcyBzaW5nbGUgZm9yIHNlcnZlci4gTWVtb3J5IGlzIGFsbG9jYXRlZCBvbmx5IG9uIGRlbWFuZC5cbiAgICAgICAgQ2FjaGUgaXMgdXNlZCB3aGVuICd1c2VfdW5jb21wcmVzc2VkX2NhY2hlJyB1c2VyIHNldHRpbmcgdHVybmVkIG9uIChvZmYgYnkgZGVmYXVsdCkuXG4gICAgICAgIFVuY29tcHJlc3NlZCBjYWNoZSBpcyBhZHZhbnRhZ2VvdXMgb25seSBmb3IgdmVyeSBzaG9ydCBxdWVyaWVzIGFuZCBpbiByYXJlIGNhc2VzLlxuXG4gICAgICAgIE5vdGU6IHVuY29tcHJlc3NlZCBjYWNoZSBjYW4gYmUgcG9pbnRsZXNzIGZvciBsejQsIGJlY2F1c2UgbWVtb3J5IGJhbmR3aWR0aFxuICAgICAgICBpcyBzbG93ZXIgdGhhbiBtdWx0aS1jb3JlIGRlY29tcHJlc3Npb24gb24gc29tZSBzZXJ2ZXIgY29uZmlndXJhdGlvbnMuXG4gICAgICAgIEVuYWJsaW5nIGl0IGNhbiBzb21ldGltZXMgcGFyYWRveGljYWxseSBtYWtlIHF1ZXJpZXMgc2xvd2VyLlxuICAgICAgLS0+XG4gICAgPHVuY29tcHJlc3NlZF9jYWNoZV9zaXplPjg1ODk5MzQ1OTI8L3VuY29tcHJlc3NlZF9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBBcHByb3hpbWF0ZSBzaXplIG9mIG1hcmsgY2FjaGUsIHVzZWQgaW4gdGFibGVzIG9mIE1lcmdlVHJlZSBmYW1pbHkuXG4gICAgICAgIEluIGJ5dGVzLiBDYWNoZSBpcyBzaW5nbGUgZm9yIHNlcnZlci4gTWVtb3J5IGlzIGFsbG9jYXRlZCBvbmx5IG9uIGRlbWFuZC5cbiAgICAgICAgWW91IHNob3VsZCBub3QgbG93ZXIgdGhpcyB2YWx1ZS5cbiAgICAgIC0tPlxuICAgIDxtYXJrX2NhY2hlX3NpemU+NTM2ODcwOTEyMDwvbWFya19jYWNoZV9zaXplPlxuXG5cbiAgICA8IS0tIElmIHlvdSBlbmFibGUgdGhlIGBtaW5fYnl0ZXNfdG9fdXNlX21tYXBfaW9gIHNldHRpbmcsXG4gICAgICAgIHRoZSBkYXRhIGluIE1lcmdlVHJlZSB0YWJsZXMgY2FuIGJlIHJlYWQgd2l0aCBtbWFwIHRvIGF2b2lkIGNvcHlpbmcgZnJvbSBrZXJuZWwgdG8gdXNlcnNwYWNlLlxuICAgICAgICBJdCBtYWtlcyBzZW5zZSBvbmx5IGZvciBsYXJnZSBmaWxlcyBhbmQgaGVscHMgb25seSBpZiBkYXRhIHJlc2lkZSBpbiBwYWdlIGNhY2hlLlxuICAgICAgICBUbyBhdm9pZCBmcmVxdWVudCBvcGVuL21tYXAvbXVubWFwL2Nsb3NlIGNhbGxzICh3aGljaCBhcmUgdmVyeSBleHBlbnNpdmUgZHVlIHRvIGNvbnNlcXVlbnQgcGFnZVxuICAgIGZhdWx0cylcbiAgICAgICAgYW5kIHRvIHJldXNlIG1hcHBpbmdzIGZyb20gc2V2ZXJhbCB0aHJlYWRzIGFuZCBxdWVyaWVzLFxuICAgICAgICB0aGUgY2FjaGUgb2YgbWFwcGVkIGZpbGVzIGlzIG1haW50YWluZWQuIEl0cyBzaXplIGlzIHRoZSBudW1iZXIgb2YgbWFwcGVkIHJlZ2lvbnMgKHVzdWFsbHkgZXF1YWwgdG9cbiAgICB0aGUgbnVtYmVyIG9mIG1hcHBlZCBmaWxlcykuXG4gICAgICAgIFRoZSBhbW91bnQgb2YgZGF0YSBpbiBtYXBwZWQgZmlsZXMgY2FuIGJlIG1vbml0b3JlZFxuICAgICAgICBpbiBzeXN0ZW0ubWV0cmljcywgc3lzdGVtLm1ldHJpY19sb2cgYnkgdGhlIE1NYXBwZWRGaWxlcywgTU1hcHBlZEZpbGVCeXRlcyBtZXRyaWNzXG4gICAgICAgIGFuZCBpbiBzeXN0ZW0uYXN5bmNocm9ub3VzX21ldHJpY3MsIHN5c3RlbS5hc3luY2hyb25vdXNfbWV0cmljc19sb2cgYnkgdGhlIE1NYXBDYWNoZUNlbGxzIG1ldHJpYyxcbiAgICAgICAgYW5kIGFsc28gaW4gc3lzdGVtLmV2ZW50cywgc3lzdGVtLnByb2Nlc3Nlcywgc3lzdGVtLnF1ZXJ5X2xvZywgc3lzdGVtLnF1ZXJ5X3RocmVhZF9sb2csXG4gICAgc3lzdGVtLnF1ZXJ5X3ZpZXdzX2xvZyBieSB0aGVcbiAgICAgICAgQ3JlYXRlZFJlYWRCdWZmZXJNTWFwLCBDcmVhdGVkUmVhZEJ1ZmZlck1NYXBGYWlsZWQsIE1NYXBwZWRGaWxlQ2FjaGVIaXRzLCBNTWFwcGVkRmlsZUNhY2hlTWlzc2VzXG4gICAgZXZlbnRzLlxuICAgICAgICBOb3RlIHRoYXQgdGhlIGFtb3VudCBvZiBkYXRhIGluIG1hcHBlZCBmaWxlcyBkb2VzIG5vdCBjb25zdW1lIG1lbW9yeSBkaXJlY3RseSBhbmQgaXMgbm90IGFjY291bnRlZFxuICAgICAgICBpbiBxdWVyeSBvciBzZXJ2ZXIgbWVtb3J5IHVzYWdlIC0gYmVjYXVzZSB0aGlzIG1lbW9yeSBjYW4gYmUgZGlzY2FyZGVkIHNpbWlsYXIgdG8gT1MgcGFnZSBjYWNoZS5cbiAgICAgICAgVGhlIGNhY2hlIGlzIGRyb3BwZWQgKHRoZSBmaWxlcyBhcmUgY2xvc2VkKSBhdXRvbWF0aWNhbGx5IG9uIHJlbW92YWwgb2Ygb2xkIHBhcnRzIGluIE1lcmdlVHJlZSxcbiAgICAgICAgYWxzbyBpdCBjYW4gYmUgZHJvcHBlZCBtYW51YWxseSBieSB0aGUgU1lTVEVNIERST1AgTU1BUCBDQUNIRSBxdWVyeS5cbiAgICAgIC0tPlxuICAgIDxtbWFwX2NhY2hlX3NpemU+MTAwMDwvbW1hcF9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBDYWNoZSBzaXplIGluIGJ5dGVzIGZvciBjb21waWxlZCBleHByZXNzaW9ucy4tLT5cbiAgICA8Y29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9zaXplPjEzNDIxNzcyODwvY29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBDYWNoZSBzaXplIGluIGVsZW1lbnRzIGZvciBjb21waWxlZCBleHByZXNzaW9ucy4tLT5cbiAgICA8Y29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9lbGVtZW50c19zaXplPjEwMDAwPC9jb21waWxlZF9leHByZXNzaW9uX2NhY2hlX2VsZW1lbnRzX3NpemU+XG5cbiAgICA8IS0tIFBhdGggdG8gZGF0YSBkaXJlY3RvcnksIHdpdGggdHJhaWxpbmcgc2xhc2guIC0tPlxuICAgIDxwYXRoPi92YXIvbGliL2NsaWNraG91c2UvPC9wYXRoPlxuXG4gICAgPCEtLSBQYXRoIHRvIHRlbXBvcmFyeSBkYXRhIGZvciBwcm9jZXNzaW5nIGhhcmQgcXVlcmllcy4gLS0+XG4gICAgPHRtcF9wYXRoPi92YXIvbGliL2NsaWNraG91c2UvdG1wLzwvdG1wX3BhdGg+XG5cbiAgICA8IS0tIFBvbGljeSBmcm9tIHRoZSA8c3RvcmFnZV9jb25maWd1cmF0aW9uPiBmb3IgdGhlIHRlbXBvcmFyeSBmaWxlcy5cbiAgICAgICAgSWYgbm90IHNldCA8dG1wX3BhdGg+IGlzIHVzZWQsIG90aGVyd2lzZSA8dG1wX3BhdGg+IGlzIGlnbm9yZWQuXG5cbiAgICAgICAgTm90ZXM6XG4gICAgICAgIC0gbW92ZV9mYWN0b3IgICAgICAgICAgICAgIGlzIGlnbm9yZWRcbiAgICAgICAgLSBrZWVwX2ZyZWVfc3BhY2VfYnl0ZXMgICAgaXMgaWdub3JlZFxuICAgICAgICAtIG1heF9kYXRhX3BhcnRfc2l6ZV9ieXRlcyBpcyBpZ25vcmVkXG4gICAgICAgIC0geW91IG11c3QgaGF2ZSBleGFjdGx5IG9uZSB2b2x1bWUgaW4gdGhhdCBwb2xpY3lcbiAgICAtLT5cbiAgICA8IS0tIDx0bXBfcG9saWN5PnRtcDwvdG1wX3BvbGljeT4gLS0+XG5cbiAgICA8IS0tIERpcmVjdG9yeSB3aXRoIHVzZXIgcHJvdmlkZWQgZmlsZXMgdGhhdCBhcmUgYWNjZXNzaWJsZSBieSAnZmlsZScgdGFibGUgZnVuY3Rpb24uIC0tPlxuICAgIDx1c2VyX2ZpbGVzX3BhdGg+L3Zhci9saWIvY2xpY2tob3VzZS91c2VyX2ZpbGVzLzwvdXNlcl9maWxlc19wYXRoPlxuXG4gICAgPCEtLSBMREFQIHNlcnZlciBkZWZpbml0aW9ucy4gLS0+XG4gICAgPGxkYXBfc2VydmVycz5cbiAgICAgICAgPCEtLSBMaXN0IExEQVAgc2VydmVycyB3aXRoIHRoZWlyIGNvbm5lY3Rpb24gcGFyYW1ldGVycyBoZXJlIHRvIGxhdGVyIDEpIHVzZSB0aGVtIGFzXG4gICAgICAgIGF1dGhlbnRpY2F0b3JzIGZvciBkZWRpY2F0ZWQgbG9jYWwgdXNlcnMsXG4gICAgICAgICAgICAgIHdobyBoYXZlICdsZGFwJyBhdXRoZW50aWNhdGlvbiBtZWNoYW5pc20gc3BlY2lmaWVkIGluc3RlYWQgb2YgJ3Bhc3N3b3JkJywgb3IgdG8gMikgdXNlIHRoZW0gYXNcbiAgICAgICAgcmVtb3RlIHVzZXIgZGlyZWN0b3JpZXMuXG4gICAgICAgICAgICBQYXJhbWV0ZXJzOlxuICAgICAgICAgICAgICAgIGhvc3QgLSBMREFQIHNlcnZlciBob3N0bmFtZSBvciBJUCwgdGhpcyBwYXJhbWV0ZXIgaXMgbWFuZGF0b3J5IGFuZCBjYW5ub3QgYmUgZW1wdHkuXG4gICAgICAgICAgICAgICAgcG9ydCAtIExEQVAgc2VydmVyIHBvcnQsIGRlZmF1bHQgaXMgNjM2IGlmIGVuYWJsZV90bHMgaXMgc2V0IHRvIHRydWUsIDM4OSBvdGhlcndpc2UuXG4gICAgICAgICAgICAgICAgYmluZF9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBETiB0byBiaW5kIHRvLlxuICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JyBzdWJzdHJpbmdzIG9mIHRoZSB0ZW1wbGF0ZSB3aXRoXG4gICAgICAgIHRoZSBhY3R1YWxcbiAgICAgICAgICAgICAgICAgICAgICAgIHVzZXIgbmFtZSBkdXJpbmcgZWFjaCBhdXRoZW50aWNhdGlvbiBhdHRlbXB0LlxuICAgICAgICAgICAgICAgIHVzZXJfZG5fZGV0ZWN0aW9uIC0gc2VjdGlvbiB3aXRoIExEQVAgc2VhcmNoIHBhcmFtZXRlcnMgZm9yIGRldGVjdGluZyB0aGUgYWN0dWFsIHVzZXIgRE4gb2YgdGhlXG4gICAgICAgIGJvdW5kIHVzZXIuXG4gICAgICAgICAgICAgICAgICAgICAgICBUaGlzIGlzIG1haW5seSB1c2VkIGluIHNlYXJjaCBmaWx0ZXJzIGZvciBmdXJ0aGVyIHJvbGUgbWFwcGluZyB3aGVuIHRoZSBzZXJ2ZXIgaXMgQWN0aXZlIERpcmVjdG9yeS5cbiAgICAgICAgVGhlXG4gICAgICAgICAgICAgICAgICAgICAgICByZXN1bHRpbmcgdXNlciBETiB3aWxsIGJlIHVzZWQgd2hlbiByZXBsYWNpbmcgJ3t1c2VyX2RufScgc3Vic3RyaW5ncyB3aGVyZXZlciB0aGV5IGFyZSBhbGxvd2VkLiBCeVxuICAgICAgICBkZWZhdWx0LFxuICAgICAgICAgICAgICAgICAgICAgICAgdXNlciBETiBpcyBzZXQgZXF1YWwgdG8gYmluZCBETiwgYnV0IG9uY2Ugc2VhcmNoIGlzIHBlcmZvcm1lZCwgaXQgd2lsbCBiZSB1cGRhdGVkIHdpdGggdG8gdGhlXG4gICAgICAgIGFjdHVhbCBkZXRlY3RlZFxuICAgICAgICAgICAgICAgICAgICAgICAgdXNlciBETiB2YWx1ZS5cbiAgICAgICAgICAgICAgICAgICAgYmFzZV9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBiYXNlIEROIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JyBhbmQgJ3tiaW5kX2RufScgc3Vic3RyaW5nc1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9mIHRoZSB0ZW1wbGF0ZSB3aXRoIHRoZSBhY3R1YWwgdXNlciBuYW1lIGFuZCBiaW5kIEROIGR1cmluZyB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgIHNjb3BlIC0gc2NvcGUgb2YgdGhlIExEQVAgc2VhcmNoLlxuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjY2VwdGVkIHZhbHVlcyBhcmU6ICdiYXNlJywgJ29uZV9sZXZlbCcsICdjaGlsZHJlbicsICdzdWJ0cmVlJyAodGhlIGRlZmF1bHQpLlxuICAgICAgICAgICAgICAgICAgICBzZWFyY2hfZmlsdGVyIC0gdGVtcGxhdGUgdXNlZCB0byBjb25zdHJ1Y3QgdGhlIHNlYXJjaCBmaWx0ZXIgZm9yIHRoZSBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGUgcmVzdWx0aW5nIGZpbHRlciB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JywgJ3tiaW5kX2RufScsIGFuZFxuICAgICAgICAne2Jhc2VfZG59J1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1YnN0cmluZ3Mgb2YgdGhlIHRlbXBsYXRlIHdpdGggdGhlIGFjdHVhbCB1c2VyIG5hbWUsIGJpbmQgRE4sIGFuZCBiYXNlIEROIGR1cmluZyB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgTm90ZSwgdGhhdCB0aGUgc3BlY2lhbCBjaGFyYWN0ZXJzIG11c3QgYmUgZXNjYXBlZCBwcm9wZXJseSBpbiBYTUwuXG4gICAgICAgICAgICAgICAgdmVyaWZpY2F0aW9uX2Nvb2xkb3duIC0gYSBwZXJpb2Qgb2YgdGltZSwgaW4gc2Vjb25kcywgYWZ0ZXIgYSBzdWNjZXNzZnVsIGJpbmQgYXR0ZW1wdCwgZHVyaW5nIHdoaWNoXG4gICAgICAgIGEgdXNlciB3aWxsIGJlIGFzc3VtZWRcbiAgICAgICAgICAgICAgICAgICAgICAgIHRvIGJlIHN1Y2Nlc3NmdWxseSBhdXRoZW50aWNhdGVkIGZvciBhbGwgY29uc2VjdXRpdmUgcmVxdWVzdHMgd2l0aG91dCBjb250YWN0aW5nIHRoZSBMREFQIHNlcnZlci5cbiAgICAgICAgICAgICAgICAgICAgICAgIFNwZWNpZnkgMCAodGhlIGRlZmF1bHQpIHRvIGRpc2FibGUgY2FjaGluZyBhbmQgZm9yY2UgY29udGFjdGluZyB0aGUgTERBUCBzZXJ2ZXIgZm9yIGVhY2hcbiAgICAgICAgYXV0aGVudGljYXRpb24gcmVxdWVzdC5cbiAgICAgICAgICAgICAgICBlbmFibGVfdGxzIC0gZmxhZyB0byB0cmlnZ2VyIHVzZSBvZiBzZWN1cmUgY29ubmVjdGlvbiB0byB0aGUgTERBUCBzZXJ2ZXIuXG4gICAgICAgICAgICAgICAgICAgICAgICBTcGVjaWZ5ICdubycgZm9yIHBsYWluIHRleHQgKGxkYXA6Ly8pIHByb3RvY29sIChub3QgcmVjb21tZW5kZWQpLlxuICAgICAgICAgICAgICAgICAgICAgICAgU3BlY2lmeSAneWVzJyBmb3IgTERBUCBvdmVyIFNTTC9UTFMgKGxkYXBzOi8vKSBwcm90b2NvbCAocmVjb21tZW5kZWQsIHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICAgICAgICAgIFNwZWNpZnkgJ3N0YXJ0dGxzJyBmb3IgbGVnYWN5IFN0YXJ0VExTIHByb3RvY29sIChwbGFpbiB0ZXh0IChsZGFwOi8vKSBwcm90b2NvbCwgdXBncmFkZWQgdG8gVExTKS5cbiAgICAgICAgICAgICAgICB0bHNfbWluaW11bV9wcm90b2NvbF92ZXJzaW9uIC0gdGhlIG1pbmltdW0gcHJvdG9jb2wgdmVyc2lvbiBvZiBTU0wvVExTLlxuICAgICAgICAgICAgICAgICAgICAgICAgQWNjZXB0ZWQgdmFsdWVzIGFyZTogJ3NzbDInLCAnc3NsMycsICd0bHMxLjAnLCAndGxzMS4xJywgJ3RsczEuMicgKHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICB0bHNfcmVxdWlyZV9jZXJ0IC0gU1NML1RMUyBwZWVyIGNlcnRpZmljYXRlIHZlcmlmaWNhdGlvbiBiZWhhdmlvci5cbiAgICAgICAgICAgICAgICAgICAgICAgIEFjY2VwdGVkIHZhbHVlcyBhcmU6ICduZXZlcicsICdhbGxvdycsICd0cnknLCAnZGVtYW5kJyAodGhlIGRlZmF1bHQpLlxuICAgICAgICAgICAgICAgIHRsc19jZXJ0X2ZpbGUgLSBwYXRoIHRvIGNlcnRpZmljYXRlIGZpbGUuXG4gICAgICAgICAgICAgICAgdGxzX2tleV9maWxlIC0gcGF0aCB0byBjZXJ0aWZpY2F0ZSBrZXkgZmlsZS5cbiAgICAgICAgICAgICAgICB0bHNfY2FfY2VydF9maWxlIC0gcGF0aCB0byBDQSBjZXJ0aWZpY2F0ZSBmaWxlLlxuICAgICAgICAgICAgICAgIHRsc19jYV9jZXJ0X2RpciAtIHBhdGggdG8gdGhlIGRpcmVjdG9yeSBjb250YWluaW5nIENBIGNlcnRpZmljYXRlcy5cbiAgICAgICAgICAgICAgICB0bHNfY2lwaGVyX3N1aXRlIC0gYWxsb3dlZCBjaXBoZXIgc3VpdGUgKGluIE9wZW5TU0wgbm90YXRpb24pLlxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICA8bXlfbGRhcF9zZXJ2ZXI+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+NjM2PC9wb3J0PlxuICAgICAgICAgICAgICAgICAgICA8YmluZF9kbj51aWQ9e3VzZXJfbmFtZX0sb3U9dXNlcnMsZGM9ZXhhbXBsZSxkYz1jb208L2JpbmRfZG4+XG4gICAgICAgICAgICAgICAgICAgIDx2ZXJpZmljYXRpb25fY29vbGRvd24+MzAwPC92ZXJpZmljYXRpb25fY29vbGRvd24+XG4gICAgICAgICAgICAgICAgICAgIDxlbmFibGVfdGxzPnllczwvZW5hYmxlX3Rscz5cbiAgICAgICAgICAgICAgICAgICAgPHRsc19taW5pbXVtX3Byb3RvY29sX3ZlcnNpb24+dGxzMS4yPC90bHNfbWluaW11bV9wcm90b2NvbF92ZXJzaW9uPlxuICAgICAgICAgICAgICAgICAgICA8dGxzX3JlcXVpcmVfY2VydD5kZW1hbmQ8L3Rsc19yZXF1aXJlX2NlcnQ+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2VydF9maWxlPi9wYXRoL3RvL3Rsc19jZXJ0X2ZpbGU8L3Rsc19jZXJ0X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfa2V5X2ZpbGU+L3BhdGgvdG8vdGxzX2tleV9maWxlPC90bHNfa2V5X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2FfY2VydF9maWxlPi9wYXRoL3RvL3Rsc19jYV9jZXJ0X2ZpbGU8L3Rsc19jYV9jZXJ0X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2FfY2VydF9kaXI+L3BhdGgvdG8vdGxzX2NhX2NlcnRfZGlyPC90bHNfY2FfY2VydF9kaXI+XG4gICAgICAgIDx0bHNfY2lwaGVyX3N1aXRlPkVDREhFLUVDRFNBLUFFUzI1Ni1HQ00tU0hBMzg0OkVDREhFLVJTQS1BRVMyNTYtR0NNLVNIQTM4NDpBRVMyNTYtR0NNLVNIQTM4NDwvdGxzX2NpcGhlcl9zdWl0ZT5cbiAgICAgICAgICAgICAgICA8L215X2xkYXBfc2VydmVyPlxuICAgICAgICAgICAgRXhhbXBsZSAodHlwaWNhbCBBY3RpdmUgRGlyZWN0b3J5IHdpdGggY29uZmlndXJlZCB1c2VyIEROIGRldGVjdGlvbiBmb3IgZnVydGhlciByb2xlIG1hcHBpbmcpOlxuICAgICAgICAgICAgICAgIDxteV9hZF9zZXJ2ZXI+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+Mzg5PC9wb3J0PlxuICAgICAgICAgICAgICAgICAgICA8YmluZF9kbj5FWEFNUExFXFx7dXNlcl9uYW1lfTwvYmluZF9kbj5cbiAgICAgICAgICAgICAgICAgICAgPHVzZXJfZG5fZGV0ZWN0aW9uPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+Q049VXNlcnMsREM9ZXhhbXBsZSxEQz1jb208L2Jhc2VfZG4+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2VhcmNoX2ZpbHRlcj4oJmFtcDsob2JqZWN0Q2xhc3M9dXNlcikoc0FNQWNjb3VudE5hbWU9e3VzZXJfbmFtZX0pKTwvc2VhcmNoX2ZpbHRlcj5cbiAgICAgICAgICAgICAgICAgICAgPC91c2VyX2RuX2RldGVjdGlvbj5cbiAgICAgICAgICAgICAgICAgICAgPGVuYWJsZV90bHM+bm88L2VuYWJsZV90bHM+XG4gICAgICAgICAgICAgICAgPC9teV9hZF9zZXJ2ZXI+XG4gICAgICAgIC0tPlxuICAgIDwvbGRhcF9zZXJ2ZXJzPlxuXG4gICAgPCEtLSBUbyBlbmFibGUgS2VyYmVyb3MgYXV0aGVudGljYXRpb24gc3VwcG9ydCBmb3IgSFRUUCByZXF1ZXN0cyAoR1NTLVNQTkVHTyksIGZvciB0aG9zZSB1c2Vyc1xuICAgIHdobyBhcmUgZXhwbGljaXRseSBjb25maWd1cmVkXG4gICAgICAgICAgdG8gYXV0aGVudGljYXRlIHZpYSBLZXJiZXJvcywgZGVmaW5lIGEgc2luZ2xlICdrZXJiZXJvcycgc2VjdGlvbiBoZXJlLlxuICAgICAgICBQYXJhbWV0ZXJzOlxuICAgICAgICAgICAgcHJpbmNpcGFsIC0gY2Fub25pY2FsIHNlcnZpY2UgcHJpbmNpcGFsIG5hbWUsIHRoYXQgd2lsbCBiZSBhY3F1aXJlZCBhbmQgdXNlZCB3aGVuIGFjY2VwdGluZ1xuICAgIHNlY3VyaXR5IGNvbnRleHRzLlxuICAgICAgICAgICAgICAgICAgICBUaGlzIHBhcmFtZXRlciBpcyBvcHRpb25hbCwgaWYgb21pdHRlZCwgdGhlIGRlZmF1bHQgcHJpbmNpcGFsIHdpbGwgYmUgdXNlZC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgY2Fubm90IGJlIHNwZWNpZmllZCB0b2dldGhlciB3aXRoICdyZWFsbScgcGFyYW1ldGVyLlxuICAgICAgICAgICAgcmVhbG0gLSBhIHJlYWxtLCB0aGF0IHdpbGwgYmUgdXNlZCB0byByZXN0cmljdCBhdXRoZW50aWNhdGlvbiB0byBvbmx5IHRob3NlIHJlcXVlc3RzIHdob3NlXG4gICAgaW5pdGlhdG9yJ3MgcmVhbG0gbWF0Y2hlcyBpdC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgaXMgb3B0aW9uYWwsIGlmIG9taXR0ZWQsIG5vIGFkZGl0aW9uYWwgZmlsdGVyaW5nIGJ5IHJlYWxtIHdpbGwgYmUgYXBwbGllZC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgY2Fubm90IGJlIHNwZWNpZmllZCB0b2dldGhlciB3aXRoICdwcmluY2lwYWwnIHBhcmFtZXRlci5cbiAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgIDxrZXJiZXJvcyAvPlxuICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgPGtlcmJlcm9zPlxuICAgICAgICAgICAgICAgIDxwcmluY2lwYWw+SFRUUC9jbGlja2hvdXNlLmV4YW1wbGUuY29tQEVYQU1QTEUuQ09NPC9wcmluY2lwYWw+XG4gICAgICAgICAgICA8L2tlcmJlcm9zPlxuICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgPGtlcmJlcm9zPlxuICAgICAgICAgICAgICAgIDxyZWFsbT5FWEFNUExFLkNPTTwvcmVhbG0+XG4gICAgICAgICAgICA8L2tlcmJlcm9zPlxuICAgIC0tPlxuXG4gICAgPCEtLSBTb3VyY2VzIHRvIHJlYWQgdXNlcnMsIHJvbGVzLCBhY2Nlc3MgcmlnaHRzLCBwcm9maWxlcyBvZiBzZXR0aW5ncywgcXVvdGFzLiAtLT5cbiAgICA8dXNlcl9kaXJlY3Rvcmllcz5cbiAgICAgICAgPHVzZXJzX3htbD5cbiAgICAgICAgICAgIDwhLS0gUGF0aCB0byBjb25maWd1cmF0aW9uIGZpbGUgd2l0aCBwcmVkZWZpbmVkIHVzZXJzLiAtLT5cbiAgICAgICAgICAgIDxwYXRoPnVzZXJzLnhtbDwvcGF0aD5cbiAgICAgICAgPC91c2Vyc194bWw+XG4gICAgICAgIDxsb2NhbF9kaXJlY3Rvcnk+XG4gICAgICAgICAgICA8IS0tIFBhdGggdG8gZm9sZGVyIHdoZXJlIHVzZXJzIGNyZWF0ZWQgYnkgU1FMIGNvbW1hbmRzIGFyZSBzdG9yZWQuIC0tPlxuICAgICAgICAgICAgPHBhdGg+L3Zhci9saWIvY2xpY2tob3VzZS9hY2Nlc3MvPC9wYXRoPlxuICAgICAgICA8L2xvY2FsX2RpcmVjdG9yeT5cblxuICAgICAgICA8IS0tIFRvIGFkZCBhbiBMREFQIHNlcnZlciBhcyBhIHJlbW90ZSB1c2VyIGRpcmVjdG9yeSBvZiB1c2VycyB0aGF0IGFyZSBub3QgZGVmaW5lZCBsb2NhbGx5LFxuICAgICAgICBkZWZpbmUgYSBzaW5nbGUgJ2xkYXAnIHNlY3Rpb25cbiAgICAgICAgICAgICAgd2l0aCB0aGUgZm9sbG93aW5nIHBhcmFtZXRlcnM6XG4gICAgICAgICAgICAgICAgc2VydmVyIC0gb25lIG9mIExEQVAgc2VydmVyIG5hbWVzIGRlZmluZWQgaW4gJ2xkYXBfc2VydmVycycgY29uZmlnIHNlY3Rpb24gYWJvdmUuXG4gICAgICAgICAgICAgICAgICAgICAgICBUaGlzIHBhcmFtZXRlciBpcyBtYW5kYXRvcnkgYW5kIGNhbm5vdCBiZSBlbXB0eS5cbiAgICAgICAgICAgICAgICByb2xlcyAtIHNlY3Rpb24gd2l0aCBhIGxpc3Qgb2YgbG9jYWxseSBkZWZpbmVkIHJvbGVzIHRoYXQgd2lsbCBiZSBhc3NpZ25lZCB0byBlYWNoIHVzZXIgcmV0cmlldmVkXG4gICAgICAgIGZyb20gdGhlIExEQVAgc2VydmVyLlxuICAgICAgICAgICAgICAgICAgICAgICAgSWYgbm8gcm9sZXMgYXJlIHNwZWNpZmllZCBoZXJlIG9yIGFzc2lnbmVkIGR1cmluZyByb2xlIG1hcHBpbmcgKGJlbG93KSwgdXNlciB3aWxsIG5vdCBiZSBhYmxlIHRvXG4gICAgICAgIHBlcmZvcm0gYW55XG4gICAgICAgICAgICAgICAgICAgICAgICBhY3Rpb25zIGFmdGVyIGF1dGhlbnRpY2F0aW9uLlxuICAgICAgICAgICAgICAgIHJvbGVfbWFwcGluZyAtIHNlY3Rpb24gd2l0aCBMREFQIHNlYXJjaCBwYXJhbWV0ZXJzIGFuZCBtYXBwaW5nIHJ1bGVzLlxuICAgICAgICAgICAgICAgICAgICAgICAgV2hlbiBhIHVzZXIgYXV0aGVudGljYXRlcywgd2hpbGUgc3RpbGwgYm91bmQgdG8gTERBUCwgYW4gTERBUCBzZWFyY2ggaXMgcGVyZm9ybWVkIHVzaW5nXG4gICAgICAgIHNlYXJjaF9maWx0ZXIgYW5kIHRoZVxuICAgICAgICAgICAgICAgICAgICAgICAgbmFtZSBvZiB0aGUgbG9nZ2VkIGluIHVzZXIuIEZvciBlYWNoIGVudHJ5IGZvdW5kIGR1cmluZyB0aGF0IHNlYXJjaCwgdGhlIHZhbHVlIG9mIHRoZSBzcGVjaWZpZWRcbiAgICAgICAgYXR0cmlidXRlIGlzXG4gICAgICAgICAgICAgICAgICAgICAgICBleHRyYWN0ZWQuIEZvciBlYWNoIGF0dHJpYnV0ZSB2YWx1ZSB0aGF0IGhhcyB0aGUgc3BlY2lmaWVkIHByZWZpeCwgdGhlIHByZWZpeCBpcyByZW1vdmVkLCBhbmQgdGhlXG4gICAgICAgIHJlc3Qgb2YgdGhlXG4gICAgICAgICAgICAgICAgICAgICAgICB2YWx1ZSBiZWNvbWVzIHRoZSBuYW1lIG9mIGEgbG9jYWwgcm9sZSBkZWZpbmVkIGluIENsaWNrSG91c2UsIHdoaWNoIGlzIGV4cGVjdGVkIHRvIGJlIGNyZWF0ZWRcbiAgICAgICAgYmVmb3JlaGFuZCBieVxuICAgICAgICAgICAgICAgICAgICAgICAgQ1JFQVRFIFJPTEUgY29tbWFuZC5cbiAgICAgICAgICAgICAgICAgICAgICAgIFRoZXJlIGNhbiBiZSBtdWx0aXBsZSAncm9sZV9tYXBwaW5nJyBzZWN0aW9ucyBkZWZpbmVkIGluc2lkZSB0aGUgc2FtZSAnbGRhcCcgc2VjdGlvbi4gQWxsIG9mIHRoZW1cbiAgICAgICAgd2lsbCBiZVxuICAgICAgICAgICAgICAgICAgICAgICAgYXBwbGllZC5cbiAgICAgICAgICAgICAgICAgICAgYmFzZV9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBiYXNlIEROIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JywgJ3tiaW5kX2RufScsIGFuZCAne3VzZXJfZG59J1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1YnN0cmluZ3Mgb2YgdGhlIHRlbXBsYXRlIHdpdGggdGhlIGFjdHVhbCB1c2VyIG5hbWUsIGJpbmQgRE4sIGFuZCB1c2VyIEROIGR1cmluZyBlYWNoIExEQVAgc2VhcmNoLlxuICAgICAgICAgICAgICAgICAgICBzY29wZSAtIHNjb3BlIG9mIHRoZSBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY2NlcHRlZCB2YWx1ZXMgYXJlOiAnYmFzZScsICdvbmVfbGV2ZWwnLCAnY2hpbGRyZW4nLCAnc3VidHJlZScgKHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICAgICAgc2VhcmNoX2ZpbHRlciAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBzZWFyY2ggZmlsdGVyIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBmaWx0ZXIgd2lsbCBiZSBjb25zdHJ1Y3RlZCBieSByZXBsYWNpbmcgYWxsICd7dXNlcl9uYW1lfScsICd7YmluZF9kbn0nLCAne3VzZXJfZG59JyxcbiAgICAgICAgYW5kXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgJ3tiYXNlX2RufScgc3Vic3RyaW5ncyBvZiB0aGUgdGVtcGxhdGUgd2l0aCB0aGUgYWN0dWFsIHVzZXIgbmFtZSwgYmluZCBETiwgdXNlciBETiwgYW5kIGJhc2UgRE5cbiAgICAgICAgZHVyaW5nXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgZWFjaCBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBOb3RlLCB0aGF0IHRoZSBzcGVjaWFsIGNoYXJhY3RlcnMgbXVzdCBiZSBlc2NhcGVkIHByb3Blcmx5IGluIFhNTC5cbiAgICAgICAgICAgICAgICAgICAgYXR0cmlidXRlIC0gYXR0cmlidXRlIG5hbWUgd2hvc2UgdmFsdWVzIHdpbGwgYmUgcmV0dXJuZWQgYnkgdGhlIExEQVAgc2VhcmNoLiAnY24nLCBieSBkZWZhdWx0LlxuICAgICAgICAgICAgICAgICAgICBwcmVmaXggLSBwcmVmaXgsIHRoYXQgd2lsbCBiZSBleHBlY3RlZCB0byBiZSBpbiBmcm9udCBvZiBlYWNoIHN0cmluZyBpbiB0aGUgb3JpZ2luYWwgbGlzdCBvZlxuICAgICAgICBzdHJpbmdzIHJldHVybmVkIGJ5XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlIExEQVAgc2VhcmNoLiBQcmVmaXggd2lsbCBiZSByZW1vdmVkIGZyb20gdGhlIG9yaWdpbmFsIHN0cmluZ3MgYW5kIHJlc3VsdGluZyBzdHJpbmdzIHdpbGwgYmVcbiAgICAgICAgdHJlYXRlZFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIGxvY2FsIHJvbGUgbmFtZXMuIEVtcHR5LCBieSBkZWZhdWx0LlxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICA8bGRhcD5cbiAgICAgICAgICAgICAgICAgICAgPHNlcnZlcj5teV9sZGFwX3NlcnZlcjwvc2VydmVyPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZXM+XG4gICAgICAgICAgICAgICAgICAgICAgICA8bXlfbG9jYWxfcm9sZTEgLz5cbiAgICAgICAgICAgICAgICAgICAgICAgIDxteV9sb2NhbF9yb2xlMiAvPlxuICAgICAgICAgICAgICAgICAgICA8L3JvbGVzPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZV9tYXBwaW5nPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+b3U9Z3JvdXBzLGRjPWV4YW1wbGUsZGM9Y29tPC9iYXNlX2RuPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHNjb3BlPnN1YnRyZWU8L3Njb3BlPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHNlYXJjaF9maWx0ZXI+KCZhbXA7KG9iamVjdENsYXNzPWdyb3VwT2ZOYW1lcykobWVtYmVyPXtiaW5kX2RufSkpPC9zZWFyY2hfZmlsdGVyPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGF0dHJpYnV0ZT5jbjwvYXR0cmlidXRlPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHByZWZpeD5jbGlja2hvdXNlXzwvcHJlZml4PlxuICAgICAgICAgICAgICAgICAgICA8L3JvbGVfbWFwcGluZz5cbiAgICAgICAgICAgICAgICA8L2xkYXA+XG4gICAgICAgICAgICBFeGFtcGxlICh0eXBpY2FsIEFjdGl2ZSBEaXJlY3Rvcnkgd2l0aCByb2xlIG1hcHBpbmcgdGhhdCByZWxpZXMgb24gdGhlIGRldGVjdGVkIHVzZXIgRE4pOlxuICAgICAgICAgICAgICAgIDxsZGFwPlxuICAgICAgICAgICAgICAgICAgICA8c2VydmVyPm15X2FkX3NlcnZlcjwvc2VydmVyPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZV9tYXBwaW5nPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+Q049VXNlcnMsREM9ZXhhbXBsZSxEQz1jb208L2Jhc2VfZG4+XG4gICAgICAgICAgICAgICAgICAgICAgICA8YXR0cmlidXRlPkNOPC9hdHRyaWJ1dGU+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2NvcGU+c3VidHJlZTwvc2NvcGU+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2VhcmNoX2ZpbHRlcj4oJmFtcDsob2JqZWN0Q2xhc3M9Z3JvdXApKG1lbWJlcj17dXNlcl9kbn0pKTwvc2VhcmNoX2ZpbHRlcj5cbiAgICAgICAgICAgICAgICAgICAgICAgIDxwcmVmaXg+Y2xpY2tob3VzZV88L3ByZWZpeD5cbiAgICAgICAgICAgICAgICAgICAgPC9yb2xlX21hcHBpbmc+XG4gICAgICAgICAgICAgICAgPC9sZGFwPlxuICAgICAgICAtLT5cbiAgICA8L3VzZXJfZGlyZWN0b3JpZXM+XG5cbiAgICA8IS0tIERlZmF1bHQgcHJvZmlsZSBvZiBzZXR0aW5ncy4gLS0+XG4gICAgPGRlZmF1bHRfcHJvZmlsZT5kZWZhdWx0PC9kZWZhdWx0X3Byb2ZpbGU+XG5cbiAgICA8IS0tIENvbW1hLXNlcGFyYXRlZCBsaXN0IG9mIHByZWZpeGVzIGZvciB1c2VyLWRlZmluZWQgc2V0dGluZ3MuIC0tPlxuICAgIDxjdXN0b21fc2V0dGluZ3NfcHJlZml4ZXM+PC9jdXN0b21fc2V0dGluZ3NfcHJlZml4ZXM+XG5cbiAgICA8IS0tIFN5c3RlbSBwcm9maWxlIG9mIHNldHRpbmdzLiBUaGlzIHNldHRpbmdzIGFyZSB1c2VkIGJ5IGludGVybmFsIHByb2Nlc3NlcyAoRGlzdHJpYnV0ZWQgRERMXG4gICAgd29ya2VyIGFuZCBzbyBvbikuIC0tPlxuICAgIDwhLS0gPHN5c3RlbV9wcm9maWxlPmRlZmF1bHQ8L3N5c3RlbV9wcm9maWxlPiAtLT5cblxuICAgIDwhLS0gQnVmZmVyIHByb2ZpbGUgb2Ygc2V0dGluZ3MuXG4gICAgICAgIFRoaXMgc2V0dGluZ3MgYXJlIHVzZWQgYnkgQnVmZmVyIHN0b3JhZ2UgdG8gZmx1c2ggZGF0YSB0byB0aGUgdW5kZXJseWluZyB0YWJsZS5cbiAgICAgICAgRGVmYXVsdDogdXNlZCBmcm9tIHN5c3RlbV9wcm9maWxlIGRpcmVjdGl2ZS5cbiAgICAtLT5cbiAgICA8IS0tIDxidWZmZXJfcHJvZmlsZT5kZWZhdWx0PC9idWZmZXJfcHJvZmlsZT4gLS0+XG5cbiAgICA8IS0tIERlZmF1bHQgZGF0YWJhc2UuIC0tPlxuICAgIDxkZWZhdWx0X2RhdGFiYXNlPmRlZmF1bHQ8L2RlZmF1bHRfZGF0YWJhc2U+XG5cbiAgICA8IS0tIFNlcnZlciB0aW1lIHpvbmUgY291bGQgYmUgc2V0IGhlcmUuXG5cbiAgICAgICAgVGltZSB6b25lIGlzIHVzZWQgd2hlbiBjb252ZXJ0aW5nIGJldHdlZW4gU3RyaW5nIGFuZCBEYXRlVGltZSB0eXBlcyxcbiAgICAgICAgICB3aGVuIHByaW50aW5nIERhdGVUaW1lIGluIHRleHQgZm9ybWF0cyBhbmQgcGFyc2luZyBEYXRlVGltZSBmcm9tIHRleHQsXG4gICAgICAgICAgaXQgaXMgdXNlZCBpbiBkYXRlIGFuZCB0aW1lIHJlbGF0ZWQgZnVuY3Rpb25zLCBpZiBzcGVjaWZpYyB0aW1lIHpvbmUgd2FzIG5vdCBwYXNzZWQgYXMgYW4gYXJndW1lbnQuXG5cbiAgICAgICAgVGltZSB6b25lIGlzIHNwZWNpZmllZCBhcyBpZGVudGlmaWVyIGZyb20gSUFOQSB0aW1lIHpvbmUgZGF0YWJhc2UsIGxpa2UgVVRDIG9yIEFmcmljYS9BYmlkamFuLlxuICAgICAgICBJZiBub3Qgc3BlY2lmaWVkLCBzeXN0ZW0gdGltZSB6b25lIGF0IHNlcnZlciBzdGFydHVwIGlzIHVzZWQuXG5cbiAgICAgICAgUGxlYXNlIG5vdGUsIHRoYXQgc2VydmVyIGNvdWxkIGRpc3BsYXkgdGltZSB6b25lIGFsaWFzIGluc3RlYWQgb2Ygc3BlY2lmaWVkIG5hbWUuXG4gICAgICAgIEV4YW1wbGU6IFctU1UgaXMgYW4gYWxpYXMgZm9yIEV1cm9wZS9Nb3Njb3cgYW5kIFp1bHUgaXMgYW4gYWxpYXMgZm9yIFVUQy5cbiAgICAtLT5cbiAgICA8IS0tIDx0aW1lem9uZT5FdXJvcGUvTW9zY293PC90aW1lem9uZT4gLS0+XG5cbiAgICA8IS0tIFlvdSBjYW4gc3BlY2lmeSB1bWFzayBoZXJlIChzZWUgXCJtYW4gdW1hc2tcIikuIFNlcnZlciB3aWxsIGFwcGx5IGl0IG9uIHN0YXJ0dXAuXG4gICAgICAgIE51bWJlciBpcyBhbHdheXMgcGFyc2VkIGFzIG9jdGFsLiBEZWZhdWx0IHVtYXNrIGlzIDAyNyAob3RoZXIgdXNlcnMgY2Fubm90IHJlYWQgbG9ncywgZGF0YSBmaWxlcyxcbiAgICBldGM7IGdyb3VwIGNhbiBvbmx5IHJlYWQpLlxuICAgIC0tPlxuICAgIDwhLS0gPHVtYXNrPjAyMjwvdW1hc2s+IC0tPlxuXG4gICAgPCEtLSBQZXJmb3JtIG1sb2NrYWxsIGFmdGVyIHN0YXJ0dXAgdG8gbG93ZXIgZmlyc3QgcXVlcmllcyBsYXRlbmN5XG4gICAgICAgICAgYW5kIHRvIHByZXZlbnQgY2xpY2tob3VzZSBleGVjdXRhYmxlIGZyb20gYmVpbmcgcGFnZWQgb3V0IHVuZGVyIGhpZ2ggSU8gbG9hZC5cbiAgICAgICAgRW5hYmxpbmcgdGhpcyBvcHRpb24gaXMgcmVjb21tZW5kZWQgYnV0IHdpbGwgbGVhZCB0byBpbmNyZWFzZWQgc3RhcnR1cCB0aW1lIGZvciB1cCB0byBhIGZld1xuICAgIHNlY29uZHMuXG4gICAgLS0+XG4gICAgPG1sb2NrX2V4ZWN1dGFibGU+dHJ1ZTwvbWxvY2tfZXhlY3V0YWJsZT5cblxuICAgIDwhLS0gUmVhbGxvY2F0ZSBtZW1vcnkgZm9yIG1hY2hpbmUgY29kZSAoXCJ0ZXh0XCIpIHVzaW5nIGh1Z2UgcGFnZXMuIEhpZ2hseSBleHBlcmltZW50YWwuIC0tPlxuICAgIDxyZW1hcF9leGVjdXRhYmxlPmZhbHNlPC9yZW1hcF9leGVjdXRhYmxlPlxuXG4gICAgPCFbQ0RBVEFbXG4gICAgICAgIFVuY29tbWVudCBiZWxvdyBpbiBvcmRlciB0byB1c2UgSkRCQyB0YWJsZSBlbmdpbmUgYW5kIGZ1bmN0aW9uLlxuXG4gICAgICAgIFRvIGluc3RhbGwgYW5kIHJ1biBKREJDIGJyaWRnZSBpbiBiYWNrZ3JvdW5kOlxuICAgICAgICAqIFtEZWJpYW4vVWJ1bnR1XVxuICAgICAgICAgIGV4cG9ydCBNVk5fVVJMPWh0dHBzOi8vcmVwbzEubWF2ZW4ub3JnL21hdmVuMi9ydS95YW5kZXgvY2xpY2tob3VzZS9jbGlja2hvdXNlLWpkYmMtYnJpZGdlXG4gICAgICAgICAgZXhwb3J0IFBLR19WRVI9JChjdXJsIC1zTCAkTVZOX1VSTC9tYXZlbi1tZXRhZGF0YS54bWwgfCBncmVwICc8cmVsZWFzZT4nIHwgc2VkIC1lICdzfC4qPlxcKC4qXFwpPC4qfFxcMXwnKVxuICAgICAgICAgIHdnZXQgaHR0cHM6Ly9naXRodWIuY29tL0NsaWNrSG91c2UvY2xpY2tob3VzZS1qZGJjLWJyaWRnZS9yZWxlYXNlcy9kb3dubG9hZC92JFBLR19WRVIvY2xpY2tob3VzZS1qZGJjLWJyaWRnZV8kUEtHX1ZFUi0xX2FsbC5kZWJcbiAgICAgICAgICBhcHQgaW5zdGFsbCAtLW5vLWluc3RhbGwtcmVjb21tZW5kcyAtZiAuL2NsaWNraG91c2UtamRiYy1icmlkZ2VfJFBLR19WRVItMV9hbGwuZGViXG4gICAgICAgICAgY2xpY2tob3VzZS1qZGJjLWJyaWRnZSAmXG5cbiAgICAgICAgKiBbQ2VudE9TL1JIRUxdXG4gICAgICAgICAgZXhwb3J0IE1WTl9VUkw9aHR0cHM6Ly9yZXBvMS5tYXZlbi5vcmcvbWF2ZW4yL3J1L3lhbmRleC9jbGlja2hvdXNlL2NsaWNraG91c2UtamRiYy1icmlkZ2VcbiAgICAgICAgICBleHBvcnQgUEtHX1ZFUj0kKGN1cmwgLXNMICRNVk5fVVJML21hdmVuLW1ldGFkYXRhLnhtbCB8IGdyZXAgJzxyZWxlYXNlPicgfCBzZWQgLWUgJ3N8Lio+XFwoLipcXCk8Lip8XFwxfCcpXG4gICAgICAgICAgd2dldCBodHRwczovL2dpdGh1Yi5jb20vQ2xpY2tIb3VzZS9jbGlja2hvdXNlLWpkYmMtYnJpZGdlL3JlbGVhc2VzL2Rvd25sb2FkL3YkUEtHX1ZFUi9jbGlja2hvdXNlLWpkYmMtYnJpZGdlLSRQS0dfVkVSLTEubm9hcmNoLnJwbVxuICAgICAgICAgIHl1bSBsb2NhbGluc3RhbGwgLXkgY2xpY2tob3VzZS1qZGJjLWJyaWRnZS0kUEtHX1ZFUi0xLm5vYXJjaC5ycG1cbiAgICAgICAgICBjbGlja2hvdXNlLWpkYmMtYnJpZGdlICZcblxuICAgICAgICBQbGVhc2UgcmVmZXIgdG8gaHR0cHM6Ly9naXRodWIuY29tL0NsaWNrSG91c2UvY2xpY2tob3VzZS1qZGJjLWJyaWRnZSN1c2FnZSBmb3IgbW9yZSBpbmZvcm1hdGlvbi5cbiAgICBdXT5cbiAgICA8IS0tXG4gICAgPGpkYmNfYnJpZGdlPlxuICAgICAgICA8aG9zdD4xMjcuMC4wLjE8L2hvc3Q+XG4gICAgICAgIDxwb3J0PjkwMTk8L3BvcnQ+XG4gICAgPC9qZGJjX2JyaWRnZT5cbiAgICAtLT5cblxuICAgIDwhLS0gQ29uZmlndXJhdGlvbiBvZiBjbHVzdGVycyB0aGF0IGNvdWxkIGJlIHVzZWQgaW4gRGlzdHJpYnV0ZWQgdGFibGVzLlxuICAgICAgICBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vb3BlcmF0aW9ucy90YWJsZV9lbmdpbmVzL2Rpc3RyaWJ1dGVkL1xuICAgICAgLS0+XG4gICAgPHJlbW90ZV9zZXJ2ZXJzPlxuXG4gICAgICAgIDwhLS0gVGVzdCBvbmx5IHNoYXJkIGNvbmZpZyBmb3IgdGVzdGluZyBkaXN0cmlidXRlZCBzdG9yYWdlIC0tPlxuICAgICAgICA8cG9zdGhvZz5cbiAgICAgICAgICAgIDwhLS0gSW50ZXItc2VydmVyIHBlci1jbHVzdGVyIHNlY3JldCBmb3IgRGlzdHJpYnV0ZWQgcXVlcmllc1xuICAgICAgICAgICAgICAgIGRlZmF1bHQ6IG5vIHNlY3JldCAobm8gYXV0aGVudGljYXRpb24gd2lsbCBiZSBwZXJmb3JtZWQpXG5cbiAgICAgICAgICAgICAgICBJZiBzZXQsIHRoZW4gRGlzdHJpYnV0ZWQgcXVlcmllcyB3aWxsIGJlIHZhbGlkYXRlZCBvbiBzaGFyZHMsIHNvIGF0IGxlYXN0OlxuICAgICAgICAgICAgICAgIC0gc3VjaCBjbHVzdGVyIHNob3VsZCBleGlzdCBvbiB0aGUgc2hhcmQsXG4gICAgICAgICAgICAgICAgLSBzdWNoIGNsdXN0ZXIgc2hvdWxkIGhhdmUgdGhlIHNhbWUgc2VjcmV0LlxuXG4gICAgICAgICAgICAgICAgQW5kIGFsc28gKGFuZCB3aGljaCBpcyBtb3JlIGltcG9ydGFudCksIHRoZSBpbml0aWFsX3VzZXIgd2lsbFxuICAgICAgICAgICAgICAgIGJlIHVzZWQgYXMgY3VycmVudCB1c2VyIGZvciB0aGUgcXVlcnkuXG5cbiAgICAgICAgICAgICAgICBSaWdodCBub3cgdGhlIHByb3RvY29sIGlzIHByZXR0eSBzaW1wbGUgYW5kIGl0IG9ubHkgdGFrZXMgaW50byBhY2NvdW50OlxuICAgICAgICAgICAgICAgIC0gY2x1c3RlciBuYW1lXG4gICAgICAgICAgICAgICAgLSBxdWVyeVxuXG4gICAgICAgICAgICAgICAgQWxzbyBpdCB3aWxsIGJlIG5pY2UgaWYgdGhlIGZvbGxvd2luZyB3aWxsIGJlIGltcGxlbWVudGVkOlxuICAgICAgICAgICAgICAgIC0gc291cmNlIGhvc3RuYW1lIChzZWUgaW50ZXJzZXJ2ZXJfaHR0cF9ob3N0KSwgYnV0IHRoZW4gaXQgd2lsbCBkZXBlbmRzIGZyb20gRE5TLFxuICAgICAgICAgICAgICAgICAgaXQgY2FuIHVzZSBJUCBhZGRyZXNzIGluc3RlYWQsIGJ1dCB0aGVuIHRoZSB5b3UgbmVlZCB0byBnZXQgY29ycmVjdCBvbiB0aGUgaW5pdGlhdG9yIG5vZGUuXG4gICAgICAgICAgICAgICAgLSB0YXJnZXQgaG9zdG5hbWUgLyBpcCBhZGRyZXNzIChzYW1lIG5vdGVzIGFzIGZvciBzb3VyY2UgaG9zdG5hbWUpXG4gICAgICAgICAgICAgICAgLSB0aW1lLWJhc2VkIHNlY3VyaXR5IHRva2Vuc1xuICAgICAgICAgICAgLS0+XG4gICAgICAgICAgICA8IS0tIDxzZWNyZXQ+PC9zZWNyZXQ+IC0tPlxuXG4gICAgICAgICAgICA8c2hhcmQ+XG4gICAgICAgICAgICAgICAgPCEtLSBPcHRpb25hbC4gV2hldGhlciB0byB3cml0ZSBkYXRhIHRvIGp1c3Qgb25lIG9mIHRoZSByZXBsaWNhcy4gRGVmYXVsdDogZmFsc2VcbiAgICAgICAgICAgICAgICAod3JpdGUgZGF0YSB0byBhbGwgcmVwbGljYXMpLiAtLT5cbiAgICAgICAgICAgICAgICA8IS0tIDxpbnRlcm5hbF9yZXBsaWNhdGlvbj5mYWxzZTwvaW50ZXJuYWxfcmVwbGljYXRpb24+IC0tPlxuICAgICAgICAgICAgICAgIDwhLS0gT3B0aW9uYWwuIFNoYXJkIHdlaWdodCB3aGVuIHdyaXRpbmcgZGF0YS4gRGVmYXVsdDogMS4gLS0+XG4gICAgICAgICAgICAgICAgPCEtLSA8d2VpZ2h0PjE8L3dlaWdodD4gLS0+XG4gICAgICAgICAgICAgICAgPHJlcGxpY2E+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+OTAwMDwvcG9ydD5cbiAgICAgICAgICAgICAgICAgICAgPCEtLSBPcHRpb25hbC4gUHJpb3JpdHkgb2YgdGhlIHJlcGxpY2EgZm9yIGxvYWRfYmFsYW5jaW5nLiBEZWZhdWx0OiAxIChsZXNzXG4gICAgICAgICAgICAgICAgICAgIHZhbHVlIGhhcyBtb3JlIHByaW9yaXR5KS4gLS0+XG4gICAgICAgICAgICAgICAgICAgIDwhLS0gPHByaW9yaXR5PjE8L3ByaW9yaXR5PiAtLT5cbiAgICAgICAgICAgICAgICA8L3JlcGxpY2E+XG4gICAgICAgICAgICA8L3NoYXJkPlxuICAgICAgICA8L3Bvc3Rob2c+XG4gICAgPC9yZW1vdGVfc2VydmVycz5cblxuICAgIDwhLS0gVGhlIGxpc3Qgb2YgaG9zdHMgYWxsb3dlZCB0byB1c2UgaW4gVVJMLXJlbGF0ZWQgc3RvcmFnZSBlbmdpbmVzIGFuZCB0YWJsZSBmdW5jdGlvbnMuXG4gICAgICAgIElmIHRoaXMgc2VjdGlvbiBpcyBub3QgcHJlc2VudCBpbiBjb25maWd1cmF0aW9uLCBhbGwgaG9zdHMgYXJlIGFsbG93ZWQuXG4gICAgLS0+XG4gICAgPHJlbW90ZV91cmxfYWxsb3dfaG9zdHM+XG4gICAgICAgIDwhLS0gSG9zdCBzaG91bGQgYmUgc3BlY2lmaWVkIGV4YWN0bHkgYXMgaW4gVVJMLiBUaGUgbmFtZSBpcyBjaGVja2VkIGJlZm9yZSBETlMgcmVzb2x1dGlvbi5cbiAgICAgICAgICAgIEV4YW1wbGU6IFwieWFuZGV4LnJ1XCIsIFwieWFuZGV4LnJ1LlwiIGFuZCBcInd3dy55YW5kZXgucnVcIiBhcmUgZGlmZmVyZW50IGhvc3RzLlxuICAgICAgICAgICAgICAgICAgICBJZiBwb3J0IGlzIGV4cGxpY2l0bHkgc3BlY2lmaWVkIGluIFVSTCwgdGhlIGhvc3Q6cG9ydCBpcyBjaGVja2VkIGFzIGEgd2hvbGUuXG4gICAgICAgICAgICAgICAgICAgIElmIGhvc3Qgc3BlY2lmaWVkIGhlcmUgd2l0aG91dCBwb3J0LCBhbnkgcG9ydCB3aXRoIHRoaXMgaG9zdCBhbGxvd2VkLlxuICAgICAgICAgICAgICAgICAgICBcInlhbmRleC5ydVwiIC0+IFwieWFuZGV4LnJ1OjQ0M1wiLCBcInlhbmRleC5ydTo4MFwiIGV0Yy4gaXMgYWxsb3dlZCwgYnV0IFwieWFuZGV4LnJ1OjgwXCIgLT4gb25seVxuICAgICAgICBcInlhbmRleC5ydTo4MFwiIGlzIGFsbG93ZWQuXG4gICAgICAgICAgICBJZiB0aGUgaG9zdCBpcyBzcGVjaWZpZWQgYXMgSVAgYWRkcmVzcywgaXQgaXMgY2hlY2tlZCBhcyBzcGVjaWZpZWQgaW4gVVJMLiBFeGFtcGxlOlxuICAgICAgICBcIlsyYTAyOjZiODphOjphXVwiLlxuICAgICAgICAgICAgSWYgdGhlcmUgYXJlIHJlZGlyZWN0cyBhbmQgc3VwcG9ydCBmb3IgcmVkaXJlY3RzIGlzIGVuYWJsZWQsIGV2ZXJ5IHJlZGlyZWN0ICh0aGUgTG9jYXRpb24gZmllbGQpIGlzXG4gICAgICAgIGNoZWNrZWQuXG4gICAgICAgICAgICBIb3N0IHNob3VsZCBiZSBzcGVjaWZpZWQgdXNpbmcgdGhlIGhvc3QgeG1sIHRhZzpcbiAgICAgICAgICAgICAgICAgICAgPGhvc3Q+eWFuZGV4LnJ1PC9ob3N0PlxuICAgICAgICAtLT5cblxuICAgICAgICA8IS0tIFJlZ3VsYXIgZXhwcmVzc2lvbiBjYW4gYmUgc3BlY2lmaWVkLiBSRTIgZW5naW5lIGlzIHVzZWQgZm9yIHJlZ2V4cHMuXG4gICAgICAgICAgICBSZWdleHBzIGFyZSBub3QgYWxpZ25lZDogZG9uJ3QgZm9yZ2V0IHRvIGFkZCBeIGFuZCAkLiBBbHNvIGRvbid0IGZvcmdldCB0byBlc2NhcGUgZG90ICguKVxuICAgICAgICBtZXRhY2hhcmFjdGVyXG4gICAgICAgICAgICAoZm9yZ2V0dGluZyB0byBkbyBzbyBpcyBhIGNvbW1vbiBzb3VyY2Ugb2YgZXJyb3IpLlxuICAgICAgICAtLT5cbiAgICAgICAgPGhvc3RfcmVnZXhwPi4qPC9ob3N0X3JlZ2V4cD5cbiAgICA8L3JlbW90ZV91cmxfYWxsb3dfaG9zdHM+XG5cbiAgICA8IS0tIElmIGVsZW1lbnQgaGFzICdpbmNsJyBhdHRyaWJ1dGUsIHRoZW4gZm9yIGl0J3MgdmFsdWUgd2lsbCBiZSB1c2VkIGNvcnJlc3BvbmRpbmdcbiAgICBzdWJzdGl0dXRpb24gZnJvbSBhbm90aGVyIGZpbGUuXG4gICAgICAgIEJ5IGRlZmF1bHQsIHBhdGggdG8gZmlsZSB3aXRoIHN1YnN0aXR1dGlvbnMgaXMgL2V0Yy9tZXRyaWthLnhtbC4gSXQgY291bGQgYmUgY2hhbmdlZCBpbiBjb25maWcgaW5cbiAgICAnaW5jbHVkZV9mcm9tJyBlbGVtZW50LlxuICAgICAgICBWYWx1ZXMgZm9yIHN1YnN0aXR1dGlvbnMgYXJlIHNwZWNpZmllZCBpbiAvY2xpY2tob3VzZS9uYW1lX29mX3N1YnN0aXR1dGlvbiBlbGVtZW50cyBpbiB0aGF0IGZpbGUuXG4gICAgICAtLT5cblxuICAgIDwhLS0gWm9vS2VlcGVyIGlzIHVzZWQgdG8gc3RvcmUgbWV0YWRhdGEgYWJvdXQgcmVwbGljYXMsIHdoZW4gdXNpbmcgUmVwbGljYXRlZCB0YWJsZXMuXG4gICAgICAgIE9wdGlvbmFsLiBJZiB5b3UgZG9uJ3QgdXNlIHJlcGxpY2F0ZWQgdGFibGVzLCB5b3UgY291bGQgb21pdCB0aGF0LlxuXG4gICAgICAgIFNlZSBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vZW5naW5lcy90YWJsZS1lbmdpbmVzL21lcmdldHJlZS1mYW1pbHkvcmVwbGljYXRpb24vXG4gICAgICAtLT5cblxuICAgIDx6b29rZWVwZXI+XG4gICAgICAgIDxub2RlPlxuICAgICAgICAgICAgPGhvc3Q+em9va2VlcGVyPC9ob3N0PlxuICAgICAgICAgICAgPHBvcnQ+MjE4MTwvcG9ydD5cbiAgICAgICAgPC9ub2RlPlxuICAgIDwvem9va2VlcGVyPlxuXG4gICAgPCEtLSBTdWJzdGl0dXRpb25zIGZvciBwYXJhbWV0ZXJzIG9mIHJlcGxpY2F0ZWQgdGFibGVzLlxuICAgICAgICAgIE9wdGlvbmFsLiBJZiB5b3UgZG9uJ3QgdXNlIHJlcGxpY2F0ZWQgdGFibGVzLCB5b3UgY291bGQgb21pdCB0aGF0LlxuXG4gICAgICAgIFNlZVxuICAgIGh0dHBzOi8vY2xpY2tob3VzZS5jb20vZG9jcy9lbi9lbmdpbmVzL3RhYmxlLWVuZ2luZXMvbWVyZ2V0cmVlLWZhbWlseS9yZXBsaWNhdGlvbi8jY3JlYXRpbmctcmVwbGljYXRlZC10YWJsZXNcbiAgICAgIC0tPlxuXG4gICAgPG1hY3Jvcz5cbiAgICAgICAgPHNoYXJkPjAxPC9zaGFyZD5cbiAgICAgICAgPHJlcGxpY2E+Y2gxPC9yZXBsaWNhPlxuICAgIDwvbWFjcm9zPlxuXG5cbiAgICA8IS0tIFJlbG9hZGluZyBpbnRlcnZhbCBmb3IgZW1iZWRkZWQgZGljdGlvbmFyaWVzLCBpbiBzZWNvbmRzLiBEZWZhdWx0OiAzNjAwLiAtLT5cbiAgICA8YnVpbHRpbl9kaWN0aW9uYXJpZXNfcmVsb2FkX2ludGVydmFsPjM2MDA8L2J1aWx0aW5fZGljdGlvbmFyaWVzX3JlbG9hZF9pbnRlcnZhbD5cblxuXG4gICAgPCEtLSBNYXhpbXVtIHNlc3Npb24gdGltZW91dCwgaW4gc2Vjb25kcy4gRGVmYXVsdDogMzYwMC4gLS0+XG4gICAgPG1heF9zZXNzaW9uX3RpbWVvdXQ+MzYwMDwvbWF4X3Nlc3Npb25fdGltZW91dD5cblxuICAgIDwhLS0gRGVmYXVsdCBzZXNzaW9uIHRpbWVvdXQsIGluIHNlY29uZHMuIERlZmF1bHQ6IDYwLiAtLT5cbiAgICA8ZGVmYXVsdF9zZXNzaW9uX3RpbWVvdXQ+NjA8L2RlZmF1bHRfc2Vzc2lvbl90aW1lb3V0PlxuXG4gICAgPCEtLSBTZW5kaW5nIGRhdGEgdG8gR3JhcGhpdGUgZm9yIG1vbml0b3JpbmcuIFNldmVyYWwgc2VjdGlvbnMgY2FuIGJlIGRlZmluZWQuIC0tPlxuICAgIDwhLS1cbiAgICAgICAgaW50ZXJ2YWwgLSBzZW5kIGV2ZXJ5IFggc2Vjb25kXG4gICAgICAgIHJvb3RfcGF0aCAtIHByZWZpeCBmb3Iga2V5c1xuICAgICAgICBob3N0bmFtZV9pbl9wYXRoIC0gYXBwZW5kIGhvc3RuYW1lIHRvIHJvb3RfcGF0aCAoZGVmYXVsdCA9IHRydWUpXG4gICAgICAgIG1ldHJpY3MgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0ubWV0cmljc1xuICAgICAgICBldmVudHMgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0uZXZlbnRzXG4gICAgICAgIGFzeW5jaHJvbm91c19tZXRyaWNzIC0gc2VuZCBkYXRhIGZyb20gdGFibGUgc3lzdGVtLmFzeW5jaHJvbm91c19tZXRyaWNzXG4gICAgLS0+XG4gICAgPCEtLVxuICAgIDxncmFwaGl0ZT5cbiAgICAgICAgPGhvc3Q+bG9jYWxob3N0PC9ob3N0PlxuICAgICAgICA8cG9ydD40MjAwMDwvcG9ydD5cbiAgICAgICAgPHRpbWVvdXQ+MC4xPC90aW1lb3V0PlxuICAgICAgICA8aW50ZXJ2YWw+NjA8L2ludGVydmFsPlxuICAgICAgICA8cm9vdF9wYXRoPm9uZV9taW48L3Jvb3RfcGF0aD5cbiAgICAgICAgPGhvc3RuYW1lX2luX3BhdGg+dHJ1ZTwvaG9zdG5hbWVfaW5fcGF0aD5cblxuICAgICAgICA8bWV0cmljcz50cnVlPC9tZXRyaWNzPlxuICAgICAgICA8ZXZlbnRzPnRydWU8L2V2ZW50cz5cbiAgICAgICAgPGV2ZW50c19jdW11bGF0aXZlPmZhbHNlPC9ldmVudHNfY3VtdWxhdGl2ZT5cbiAgICAgICAgPGFzeW5jaHJvbm91c19tZXRyaWNzPnRydWU8L2FzeW5jaHJvbm91c19tZXRyaWNzPlxuICAgIDwvZ3JhcGhpdGU+XG4gICAgPGdyYXBoaXRlPlxuICAgICAgICA8aG9zdD5sb2NhbGhvc3Q8L2hvc3Q+XG4gICAgICAgIDxwb3J0PjQyMDAwPC9wb3J0PlxuICAgICAgICA8dGltZW91dD4wLjE8L3RpbWVvdXQ+XG4gICAgICAgIDxpbnRlcnZhbD4xPC9pbnRlcnZhbD5cbiAgICAgICAgPHJvb3RfcGF0aD5vbmVfc2VjPC9yb290X3BhdGg+XG5cbiAgICAgICAgPG1ldHJpY3M+dHJ1ZTwvbWV0cmljcz5cbiAgICAgICAgPGV2ZW50cz50cnVlPC9ldmVudHM+XG4gICAgICAgIDxldmVudHNfY3VtdWxhdGl2ZT5mYWxzZTwvZXZlbnRzX2N1bXVsYXRpdmU+XG4gICAgICAgIDxhc3luY2hyb25vdXNfbWV0cmljcz5mYWxzZTwvYXN5bmNocm9ub3VzX21ldHJpY3M+XG4gICAgPC9ncmFwaGl0ZT5cbiAgICAtLT5cblxuICAgIDwhLS0gU2VydmUgZW5kcG9pbnQgZm9yIFByb21ldGhldXMgbW9uaXRvcmluZy4gLS0+XG4gICAgPCEtLVxuICAgICAgICBlbmRwb2ludCAtIG1lcnRpY3MgcGF0aCAocmVsYXRpdmUgdG8gcm9vdCwgc3RhdHJpbmcgd2l0aCBcIi9cIilcbiAgICAgICAgcG9ydCAtIHBvcnQgdG8gc2V0dXAgc2VydmVyLiBJZiBub3QgZGVmaW5lZCBvciAwIHRoYW4gaHR0cF9wb3J0IHVzZWRcbiAgICAgICAgbWV0cmljcyAtIHNlbmQgZGF0YSBmcm9tIHRhYmxlIHN5c3RlbS5tZXRyaWNzXG4gICAgICAgIGV2ZW50cyAtIHNlbmQgZGF0YSBmcm9tIHRhYmxlIHN5c3RlbS5ldmVudHNcbiAgICAgICAgYXN5bmNocm9ub3VzX21ldHJpY3MgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0uYXN5bmNocm9ub3VzX21ldHJpY3NcbiAgICAgICAgc3RhdHVzX2luZm8gLSBzZW5kIGRhdGEgZnJvbSBkaWZmZXJlbnQgY29tcG9uZW50IGZyb20gQ0gsIGV4OiBEaWN0aW9uYXJpZXMgc3RhdHVzXG4gICAgLS0+XG4gICAgPCEtLVxuICAgIDxwcm9tZXRoZXVzPlxuICAgICAgICA8ZW5kcG9pbnQ+L21ldHJpY3M8L2VuZHBvaW50PlxuICAgICAgICA8cG9ydD45MzYzPC9wb3J0PlxuXG4gICAgICAgIDxtZXRyaWNzPnRydWU8L21ldHJpY3M+XG4gICAgICAgIDxldmVudHM+dHJ1ZTwvZXZlbnRzPlxuICAgICAgICA8YXN5bmNocm9ub3VzX21ldHJpY3M+dHJ1ZTwvYXN5bmNocm9ub3VzX21ldHJpY3M+XG4gICAgICAgIDxzdGF0dXNfaW5mbz50cnVlPC9zdGF0dXNfaW5mbz5cbiAgICA8L3Byb21ldGhldXM+XG4gICAgLS0+XG5cbiAgICA8IS0tIFF1ZXJ5IGxvZy4gVXNlZCBvbmx5IGZvciBxdWVyaWVzIHdpdGggc2V0dGluZyBsb2dfcXVlcmllcyA9IDEuIC0tPlxuICAgIDxxdWVyeV9sb2c+XG4gICAgICAgIDwhLS0gV2hhdCB0YWJsZSB0byBpbnNlcnQgZGF0YS4gSWYgdGFibGUgaXMgbm90IGV4aXN0LCBpdCB3aWxsIGJlIGNyZWF0ZWQuXG4gICAgICAgICAgICBXaGVuIHF1ZXJ5IGxvZyBzdHJ1Y3R1cmUgaXMgY2hhbmdlZCBhZnRlciBzeXN0ZW0gdXBkYXRlLFxuICAgICAgICAgICAgICB0aGVuIG9sZCB0YWJsZSB3aWxsIGJlIHJlbmFtZWQgYW5kIG5ldyB0YWJsZSB3aWxsIGJlIGNyZWF0ZWQgYXV0b21hdGljYWxseS5cbiAgICAgICAgLS0+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfbG9nPC90YWJsZT5cbiAgICAgICAgPCEtLVxuICAgICAgICAgICAgUEFSVElUSU9OIEJZIGV4cHI6XG4gICAgICAgIGh0dHBzOi8vY2xpY2tob3VzZS5jb20vZG9jcy9lbi90YWJsZV9lbmdpbmVzL21lcmdldHJlZS1mYW1pbHkvY3VzdG9tX3BhcnRpdGlvbmluZ19rZXkvXG4gICAgICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgICAgIGV2ZW50X2RhdGVcbiAgICAgICAgICAgICAgICB0b01vbmRheShldmVudF9kYXRlKVxuICAgICAgICAgICAgICAgIHRvWVlZWU1NKGV2ZW50X2RhdGUpXG4gICAgICAgICAgICAgICAgdG9TdGFydE9mSG91cihldmVudF90aW1lKVxuICAgICAgICAtLT5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8IS0tXG4gICAgICAgICAgICBUYWJsZSBUVEwgc3BlY2lmaWNhdGlvbjpcbiAgICAgICAgaHR0cHM6Ly9jbGlja2hvdXNlLmNvbS9kb2NzL2VuL2VuZ2luZXMvdGFibGUtZW5naW5lcy9tZXJnZXRyZWUtZmFtaWx5L21lcmdldHJlZS8jbWVyZ2V0cmVlLXRhYmxlLXR0bFxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICBldmVudF9kYXRlICsgSU5URVJWQUwgMSBXRUVLXG4gICAgICAgICAgICAgICAgZXZlbnRfZGF0ZSArIElOVEVSVkFMIDcgREFZIERFTEVURVxuICAgICAgICAgICAgICAgIGV2ZW50X2RhdGUgKyBJTlRFUlZBTCAyIFdFRUsgVE8gRElTSyAnYmJiJ1xuXG4gICAgICAgIDx0dGw+ZXZlbnRfZGF0ZSArIElOVEVSVkFMIDMwIERBWSBERUxFVEU8L3R0bD5cbiAgICAgICAgLS0+XG5cbiAgICAgICAgPCEtLSBJbnN0ZWFkIG9mIHBhcnRpdGlvbl9ieSwgeW91IGNhbiBwcm92aWRlIGZ1bGwgZW5naW5lIGV4cHJlc3Npb24gKHN0YXJ0aW5nIHdpdGggRU5HSU5FID1cbiAgICAgICAgKSB3aXRoIHBhcmFtZXRlcnMsXG4gICAgICAgICAgICBFeGFtcGxlOiA8ZW5naW5lPkVOR0lORSA9IE1lcmdlVHJlZSBQQVJUSVRJT04gQlkgdG9ZWVlZTU0oZXZlbnRfZGF0ZSkgT1JERVIgQlkgKGV2ZW50X2RhdGUsXG4gICAgICAgIGV2ZW50X3RpbWUpIFNFVFRJTkdTIGluZGV4X2dyYW51bGFyaXR5ID0gMTAyNDwvZW5naW5lPlxuICAgICAgICAgIC0tPlxuXG4gICAgICAgIDwhLS0gSW50ZXJ2YWwgb2YgZmx1c2hpbmcgZGF0YS4gLS0+XG4gICAgICAgIDxmbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+NzUwMDwvZmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPlxuICAgIDwvcXVlcnlfbG9nPlxuXG4gICAgPCEtLSBUcmFjZSBsb2cuIFN0b3JlcyBzdGFjayB0cmFjZXMgY29sbGVjdGVkIGJ5IHF1ZXJ5IHByb2ZpbGVycy5cbiAgICAgICAgU2VlIHF1ZXJ5X3Byb2ZpbGVyX3JlYWxfdGltZV9wZXJpb2RfbnMgYW5kIHF1ZXJ5X3Byb2ZpbGVyX2NwdV90aW1lX3BlcmlvZF9ucyBzZXR0aW5ncy4gLS0+XG4gICAgPHRyYWNlX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT50cmFjZV9sb2c8L3RhYmxlPlxuXG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC90cmFjZV9sb2c+XG5cbiAgICA8IS0tIFF1ZXJ5IHRocmVhZCBsb2cuIEhhcyBpbmZvcm1hdGlvbiBhYm91dCBhbGwgdGhyZWFkcyBwYXJ0aWNpcGF0ZWQgaW4gcXVlcnkgZXhlY3V0aW9uLlxuICAgICAgICBVc2VkIG9ubHkgZm9yIHF1ZXJpZXMgd2l0aCBzZXR0aW5nIGxvZ19xdWVyeV90aHJlYWRzID0gMS4gLS0+XG4gICAgPHF1ZXJ5X3RocmVhZF9sb2c+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfdGhyZWFkX2xvZzwvdGFibGU+XG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9xdWVyeV90aHJlYWRfbG9nPlxuXG4gICAgPCEtLSBRdWVyeSB2aWV3cyBsb2cuIEhhcyBpbmZvcm1hdGlvbiBhYm91dCBhbGwgZGVwZW5kZW50IHZpZXdzIGFzc29jaWF0ZWQgd2l0aCBhIHF1ZXJ5LlxuICAgICAgICBVc2VkIG9ubHkgZm9yIHF1ZXJpZXMgd2l0aCBzZXR0aW5nIGxvZ19xdWVyeV92aWV3cyA9IDEuIC0tPlxuICAgIDxxdWVyeV92aWV3c19sb2c+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfdmlld3NfbG9nPC90YWJsZT5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjc1MDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L3F1ZXJ5X3ZpZXdzX2xvZz5cblxuICAgIDwhLS0gVW5jb21tZW50IGlmIHVzZSBwYXJ0IGxvZy5cbiAgICAgICAgUGFydCBsb2cgY29udGFpbnMgaW5mb3JtYXRpb24gYWJvdXQgYWxsIGFjdGlvbnMgd2l0aCBwYXJ0cyBpbiBNZXJnZVRyZWUgdGFibGVzIChjcmVhdGlvbiwgZGVsZXRpb24sXG4gICAgbWVyZ2VzLCBkb3dubG9hZHMpLi0tPlxuICAgIDxwYXJ0X2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5wYXJ0X2xvZzwvdGFibGU+XG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9wYXJ0X2xvZz5cblxuICAgIDwhLS0gVW5jb21tZW50IHRvIHdyaXRlIHRleHQgbG9nIGludG8gdGFibGUuXG4gICAgICAgIFRleHQgbG9nIGNvbnRhaW5zIGFsbCBpbmZvcm1hdGlvbiBmcm9tIHVzdWFsIHNlcnZlciBsb2cgYnV0IHN0b3JlcyBpdCBpbiBzdHJ1Y3R1cmVkIGFuZCBlZmZpY2llbnRcbiAgICB3YXkuXG4gICAgICAgIFRoZSBsZXZlbCBvZiB0aGUgbWVzc2FnZXMgdGhhdCBnb2VzIHRvIHRoZSB0YWJsZSBjYW4gYmUgbGltaXRlZCAoPGxldmVsPiksIGlmIG5vdCBzcGVjaWZpZWQgYWxsXG4gICAgbWVzc2FnZXMgd2lsbCBnbyB0byB0aGUgdGFibGUuXG4gICAgPHRleHRfbG9nPlxuICAgICAgICA8ZGF0YWJhc2U+c3lzdGVtPC9kYXRhYmFzZT5cbiAgICAgICAgPHRhYmxlPnRleHRfbG9nPC90YWJsZT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgICAgIDxsZXZlbD48L2xldmVsPlxuICAgIDwvdGV4dF9sb2c+XG4gICAgLS0+XG5cbiAgICA8IS0tIE1ldHJpYyBsb2cgY29udGFpbnMgcm93cyB3aXRoIGN1cnJlbnQgdmFsdWVzIG9mIFByb2ZpbGVFdmVudHMsIEN1cnJlbnRNZXRyaWNzIGNvbGxlY3RlZFxuICAgIHdpdGggXCJjb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kc1wiIGludGVydmFsLiAtLT5cbiAgICA8bWV0cmljX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5tZXRyaWNfbG9nPC90YWJsZT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgICAgIDxjb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kcz4xMDAwPC9jb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L21ldHJpY19sb2c+XG5cbiAgICA8IS0tXG4gICAgICAgIEFzeW5jaHJvbm91cyBtZXRyaWMgbG9nIGNvbnRhaW5zIHZhbHVlcyBvZiBtZXRyaWNzIGZyb21cbiAgICAgICAgc3lzdGVtLmFzeW5jaHJvbm91c19tZXRyaWNzLlxuICAgIC0tPlxuICAgIDxhc3luY2hyb25vdXNfbWV0cmljX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5hc3luY2hyb25vdXNfbWV0cmljX2xvZzwvdGFibGU+XG4gICAgICAgIDwhLS1cbiAgICAgICAgICAgIEFzeW5jaHJvbm91cyBtZXRyaWNzIGFyZSB1cGRhdGVkIG9uY2UgYSBtaW51dGUsIHNvIHRoZXJlIGlzXG4gICAgICAgICAgICBubyBuZWVkIHRvIGZsdXNoIG1vcmUgb2Z0ZW4uXG4gICAgICAgIC0tPlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjcwMDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L2FzeW5jaHJvbm91c19tZXRyaWNfbG9nPlxuXG4gICAgPCEtLVxuICAgICAgICBPcGVuVGVsZW1ldHJ5IGxvZyBjb250YWlucyBPcGVuVGVsZW1ldHJ5IHRyYWNlIHNwYW5zLlxuICAgIC0tPlxuICAgIDxvcGVudGVsZW1ldHJ5X3NwYW5fbG9nPlxuICAgICAgICA8IS0tXG4gICAgICAgICAgICBUaGUgZGVmYXVsdCB0YWJsZSBjcmVhdGlvbiBjb2RlIGlzIGluc3VmZmljaWVudCwgdGhpcyA8ZW5naW5lPiBzcGVjXG4gICAgICAgICAgICBpcyBhIHdvcmthcm91bmQuIFRoZXJlIGlzIG5vICdldmVudF90aW1lJyBmb3IgdGhpcyBsb2csIGJ1dCB0d28gdGltZXMsXG4gICAgICAgICAgICBzdGFydCBhbmQgZmluaXNoLiBJdCBpcyBzb3J0ZWQgYnkgZmluaXNoIHRpbWUsIHRvIGF2b2lkIGluc2VydGluZ1xuICAgICAgICAgICAgZGF0YSB0b28gZmFyIGF3YXkgaW4gdGhlIHBhc3QgKHByb2JhYmx5IHdlIGNhbiBzb21ldGltZXMgaW5zZXJ0IGEgc3BhblxuICAgICAgICAgICAgdGhhdCBpcyBzZWNvbmRzIGVhcmxpZXIgdGhhbiB0aGUgbGFzdCBzcGFuIGluIHRoZSB0YWJsZSwgZHVlIHRvIGEgcmFjZVxuICAgICAgICAgICAgYmV0d2VlbiBzZXZlcmFsIHNwYW5zIGluc2VydGVkIGluIHBhcmFsbGVsKS4gVGhpcyBnaXZlcyB0aGUgc3BhbnMgYVxuICAgICAgICAgICAgZ2xvYmFsIG9yZGVyIHRoYXQgd2UgY2FuIHVzZSB0byBlLmcuIHJldHJ5IGluc2VydGlvbiBpbnRvIHNvbWUgZXh0ZXJuYWxcbiAgICAgICAgICAgIHN5c3RlbS5cbiAgICAgICAgLS0+XG4gICAgICAgIDxlbmdpbmU+XG4gICAgICAgICAgICBlbmdpbmUgTWVyZ2VUcmVlXG4gICAgICAgICAgICBwYXJ0aXRpb24gYnkgdG9ZWVlZTU0oZmluaXNoX2RhdGUpXG4gICAgICAgICAgICBvcmRlciBieSAoZmluaXNoX2RhdGUsIGZpbmlzaF90aW1lX3VzLCB0cmFjZV9pZClcbiAgICAgICAgPC9lbmdpbmU+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+b3BlbnRlbGVtZXRyeV9zcGFuX2xvZzwvdGFibGU+XG4gICAgICAgIDxmbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+NzUwMDwvZmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPlxuICAgIDwvb3BlbnRlbGVtZXRyeV9zcGFuX2xvZz5cblxuXG4gICAgPCEtLSBDcmFzaCBsb2cuIFN0b3JlcyBzdGFjayB0cmFjZXMgZm9yIGZhdGFsIGVycm9ycy5cbiAgICAgICAgVGhpcyB0YWJsZSBpcyBub3JtYWxseSBlbXB0eS4gLS0+XG4gICAgPGNyYXNoX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5jcmFzaF9sb2c8L3RhYmxlPlxuXG4gICAgICAgIDxwYXJ0aXRpb25fYnkgLz5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz4xMDAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9jcmFzaF9sb2c+XG5cbiAgICA8IS0tIFNlc3Npb24gbG9nLiBTdG9yZXMgdXNlciBsb2cgaW4gKHN1Y2Nlc3NmdWwgb3Igbm90KSBhbmQgbG9nIG91dCBldmVudHMuIC0tPlxuICAgIDxzZXNzaW9uX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5zZXNzaW9uX2xvZzwvdGFibGU+XG5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjc1MDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L3Nlc3Npb25fbG9nPlxuXG4gICAgPCEtLSBQYXJhbWV0ZXJzIGZvciBlbWJlZGRlZCBkaWN0aW9uYXJpZXMsIHVzZWQgaW4gWWFuZGV4Lk1ldHJpY2EuXG4gICAgICAgIFNlZSBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vZGljdHMvaW50ZXJuYWxfZGljdHMvXG4gICAgLS0+XG5cbiAgICA8IS0tIFBhdGggdG8gZmlsZSB3aXRoIHJlZ2lvbiBoaWVyYXJjaHkuIC0tPlxuICAgIDwhLS1cbiAgICA8cGF0aF90b19yZWdpb25zX2hpZXJhcmNoeV9maWxlPi9vcHQvZ2VvL3JlZ2lvbnNfaGllcmFyY2h5LnR4dDwvcGF0aF90b19yZWdpb25zX2hpZXJhcmNoeV9maWxlPiAtLT5cblxuICAgIDwhLS0gUGF0aCB0byBkaXJlY3Rvcnkgd2l0aCBmaWxlcyBjb250YWluaW5nIG5hbWVzIG9mIHJlZ2lvbnMgLS0+XG4gICAgPCEtLSA8cGF0aF90b19yZWdpb25zX25hbWVzX2ZpbGVzPi9vcHQvZ2VvLzwvcGF0aF90b19yZWdpb25zX25hbWVzX2ZpbGVzPiAtLT5cblxuXG4gICAgPCEtLSA8dG9wX2xldmVsX2RvbWFpbnNfcGF0aD4vdmFyL2xpYi9jbGlja2hvdXNlL3RvcF9sZXZlbF9kb21haW5zLzwvdG9wX2xldmVsX2RvbWFpbnNfcGF0aD4gLS0+XG4gICAgPCEtLSBDdXN0b20gVExEIGxpc3RzLlxuICAgICAgICBGb3JtYXQ6IDxuYW1lPi9wYXRoL3RvL2ZpbGU8L25hbWU+XG5cbiAgICAgICAgQ2hhbmdlcyB3aWxsIG5vdCBiZSBhcHBsaWVkIHcvbyBzZXJ2ZXIgcmVzdGFydC5cbiAgICAgICAgUGF0aCB0byB0aGUgbGlzdCBpcyB1bmRlciB0b3BfbGV2ZWxfZG9tYWluc19wYXRoIChzZWUgYWJvdmUpLlxuICAgIC0tPlxuICAgIDx0b3BfbGV2ZWxfZG9tYWluc19saXN0cz5cbiAgICAgICAgPCEtLVxuICAgICAgICA8cHVibGljX3N1ZmZpeF9saXN0Pi9wYXRoL3RvL3B1YmxpY19zdWZmaXhfbGlzdC5kYXQ8L3B1YmxpY19zdWZmaXhfbGlzdD5cbiAgICAgICAgLS0+XG4gICAgPC90b3BfbGV2ZWxfZG9tYWluc19saXN0cz5cblxuICAgIDwhLS0gQ29uZmlndXJhdGlvbiBvZiBleHRlcm5hbCBkaWN0aW9uYXJpZXMuIFNlZTpcbiAgICAgICAgaHR0cHM6Ly9jbGlja2hvdXNlLmNvbS9kb2NzL2VuL3NxbC1yZWZlcmVuY2UvZGljdGlvbmFyaWVzL2V4dGVybmFsLWRpY3Rpb25hcmllcy9leHRlcm5hbC1kaWN0c1xuICAgIC0tPlxuICAgIDxkaWN0aW9uYXJpZXNfY29uZmlnPipfZGljdGlvbmFyeS54bWw8L2RpY3Rpb25hcmllc19jb25maWc+XG5cbiAgICA8IS0tIENvbmZpZ3VyYXRpb24gb2YgdXNlciBkZWZpbmVkIGV4ZWN1dGFibGUgZnVuY3Rpb25zIC0tPlxuICAgIDx1c2VyX2RlZmluZWRfZXhlY3V0YWJsZV9mdW5jdGlvbnNfY29uZmlnPipfZnVuY3Rpb24ueG1sPC91c2VyX2RlZmluZWRfZXhlY3V0YWJsZV9mdW5jdGlvbnNfY29uZmlnPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgaWYgeW91IHdhbnQgZGF0YSB0byBiZSBjb21wcmVzc2VkIDMwLTEwMCUgYmV0dGVyLlxuICAgICAgICBEb24ndCBkbyB0aGF0IGlmIHlvdSBqdXN0IHN0YXJ0ZWQgdXNpbmcgQ2xpY2tIb3VzZS5cbiAgICAgIC0tPlxuICAgIDwhLS1cbiAgICA8Y29tcHJlc3Npb24+XG4gICAgICAgIDwhLSAtIFNldCBvZiB2YXJpYW50cy4gQ2hlY2tlZCBpbiBvcmRlci4gTGFzdCBtYXRjaGluZyBjYXNlIHdpbnMuIElmIG5vdGhpbmcgbWF0Y2hlcywgbHo0IHdpbGwgYmVcbiAgICB1c2VkLiAtIC0+XG4gICAgICAgIDxjYXNlPlxuXG4gICAgICAgICAgICA8IS0gLSBDb25kaXRpb25zLiBBbGwgbXVzdCBiZSBzYXRpc2ZpZWQuIFNvbWUgY29uZGl0aW9ucyBtYXkgYmUgb21pdHRlZC4gLSAtPlxuICAgICAgICAgICAgPG1pbl9wYXJ0X3NpemU+MTAwMDAwMDAwMDA8L21pbl9wYXJ0X3NpemU+ICAgICAgICA8IS0gLSBNaW4gcGFydCBzaXplIGluIGJ5dGVzLiAtIC0+XG4gICAgICAgICAgICA8bWluX3BhcnRfc2l6ZV9yYXRpbz4wLjAxPC9taW5fcGFydF9zaXplX3JhdGlvPiAgIDwhLSAtIE1pbiBzaXplIG9mIHBhcnQgcmVsYXRpdmUgdG8gd2hvbGUgdGFibGVcbiAgICBzaXplLiAtIC0+XG5cbiAgICAgICAgICAgIDwhLSAtIFdoYXQgY29tcHJlc3Npb24gbWV0aG9kIHRvIHVzZS4gLSAtPlxuICAgICAgICAgICAgPG1ldGhvZD56c3RkPC9tZXRob2Q+XG4gICAgICAgIDwvY2FzZT5cbiAgICA8L2NvbXByZXNzaW9uPlxuICAgIC0tPlxuXG4gICAgPCEtLSBDb25maWd1cmF0aW9uIG9mIGVuY3J5cHRpb24uIFRoZSBzZXJ2ZXIgZXhlY3V0ZXMgYSBjb21tYW5kIHRvXG4gICAgICAgIG9idGFpbiBhbiBlbmNyeXB0aW9uIGtleSBhdCBzdGFydHVwIGlmIHN1Y2ggYSBjb21tYW5kIGlzXG4gICAgICAgIGRlZmluZWQsIG9yIGVuY3J5cHRpb24gY29kZWNzIHdpbGwgYmUgZGlzYWJsZWQgb3RoZXJ3aXNlLiBUaGVcbiAgICAgICAgY29tbWFuZCBpcyBleGVjdXRlZCB0aHJvdWdoIC9iaW4vc2ggYW5kIGlzIGV4cGVjdGVkIHRvIHdyaXRlXG4gICAgICAgIGEgQmFzZTY0LWVuY29kZWQga2V5IHRvIHRoZSBzdGRvdXQuIC0tPlxuICAgIDxlbmNyeXB0aW9uX2NvZGVjcz5cbiAgICAgICAgPCEtLSBhZXNfMTI4X2djbV9zaXYgLS0+XG4gICAgICAgIDwhLS0gRXhhbXBsZSBvZiBnZXR0aW5nIGhleCBrZXkgZnJvbSBlbnYgLS0+XG4gICAgICAgIDwhLS0gdGhlIGNvZGUgc2hvdWxkIHVzZSB0aGlzIGtleSBhbmQgdGhyb3cgYW4gZXhjZXB0aW9uIGlmIGl0cyBsZW5ndGggaXMgbm90IDE2IGJ5dGVzIC0tPlxuICAgICAgICA8IS0ta2V5X2hleFxuICAgICAgICBmcm9tX2Vudj1cIi4uLlwiPjwva2V5X2hleCAtLT5cblxuICAgICAgICA8IS0tIEV4YW1wbGUgb2YgbXVsdGlwbGUgaGV4IGtleXMuIFRoZXkgY2FuIGJlIGltcG9ydGVkIGZyb20gZW52IG9yIGJlIHdyaXR0ZW4gZG93biBpblxuICAgICAgICBjb25maWctLT5cbiAgICAgICAgPCEtLSB0aGUgY29kZSBzaG91bGQgdXNlIHRoZXNlIGtleXMgYW5kIHRocm93IGFuIGV4Y2VwdGlvbiBpZiB0aGVpciBsZW5ndGggaXMgbm90IDE2IGJ5dGVzIC0tPlxuICAgICAgICA8IS0tIGtleV9oZXggaWQ9XCIwXCI+Li4uPC9rZXlfaGV4IC0tPlxuICAgICAgICA8IS0tIGtleV9oZXggaWQ9XCIxXCIgZnJvbV9lbnY9XCIuLlwiPjwva2V5X2hleCAtLT5cbiAgICAgICAgPCEtLSBrZXlfaGV4IGlkPVwiMlwiPi4uLjwva2V5X2hleCAtLT5cbiAgICAgICAgPCEtLSBjdXJyZW50X2tleV9pZD4yPC9jdXJyZW50X2tleV9pZCAtLT5cblxuICAgICAgICA8IS0tIEV4YW1wbGUgb2YgZ2V0dGluZyBoZXgga2V5IGZyb20gY29uZmlnIC0tPlxuICAgICAgICA8IS0tIHRoZSBjb2RlIHNob3VsZCB1c2UgdGhpcyBrZXkgYW5kIHRocm93IGFuIGV4Y2VwdGlvbiBpZiBpdHMgbGVuZ3RoIGlzIG5vdCAxNiBieXRlcyAtLT5cbiAgICAgICAgPCEtLSBrZXk+Li4uPC9rZXkgLS0+XG5cbiAgICAgICAgPCEtLSBleGFtcGxlIG9mIGFkZGluZyBub25jZSAtLT5cbiAgICAgICAgPCEtLSBub25jZT4uLi48L25vbmNlIC0tPlxuXG4gICAgICAgIDwhLS0gL2Flc18xMjhfZ2NtX3NpdiAtLT5cbiAgICA8L2VuY3J5cHRpb25fY29kZWNzPlxuXG4gICAgPCEtLSBBbGxvdyB0byBleGVjdXRlIGRpc3RyaWJ1dGVkIERETCBxdWVyaWVzIChDUkVBVEUsIERST1AsIEFMVEVSLCBSRU5BTUUpIG9uIGNsdXN0ZXIuXG4gICAgICAgIFdvcmtzIG9ubHkgaWYgWm9vS2VlcGVyIGlzIGVuYWJsZWQuIENvbW1lbnQgaXQgaWYgc3VjaCBmdW5jdGlvbmFsaXR5IGlzbid0IHJlcXVpcmVkLiAtLT5cbiAgICA8ZGlzdHJpYnV0ZWRfZGRsPlxuICAgICAgICA8IS0tIFBhdGggaW4gWm9vS2VlcGVyIHRvIHF1ZXVlIHdpdGggRERMIHF1ZXJpZXMgLS0+XG4gICAgICAgIDxwYXRoPi9jbGlja2hvdXNlL3Rhc2tfcXVldWUvZGRsPC9wYXRoPlxuXG4gICAgICAgIDwhLS0gU2V0dGluZ3MgZnJvbSB0aGlzIHByb2ZpbGUgd2lsbCBiZSB1c2VkIHRvIGV4ZWN1dGUgRERMIHF1ZXJpZXMgLS0+XG4gICAgICAgIDwhLS0gPHByb2ZpbGU+ZGVmYXVsdDwvcHJvZmlsZT4gLS0+XG5cbiAgICAgICAgPCEtLSBDb250cm9scyBob3cgbXVjaCBPTiBDTFVTVEVSIHF1ZXJpZXMgY2FuIGJlIHJ1biBzaW11bHRhbmVvdXNseS4gLS0+XG4gICAgICAgIDwhLS0gPHBvb2xfc2l6ZT4xPC9wb29sX3NpemU+IC0tPlxuXG4gICAgICAgIDwhLS1cbiAgICAgICAgICAgIENsZWFudXAgc2V0dGluZ3MgKGFjdGl2ZSB0YXNrcyB3aWxsIG5vdCBiZSByZW1vdmVkKVxuICAgICAgICAtLT5cblxuICAgICAgICA8IS0tIENvbnRyb2xzIHRhc2sgVFRMIChkZWZhdWx0IDEgd2VlaykgLS0+XG4gICAgICAgIDwhLS0gPHRhc2tfbWF4X2xpZmV0aW1lPjYwNDgwMDwvdGFza19tYXhfbGlmZXRpbWU+IC0tPlxuXG4gICAgICAgIDwhLS0gQ29udHJvbHMgaG93IG9mdGVuIGNsZWFudXAgc2hvdWxkIGJlIHBlcmZvcm1lZCAoaW4gc2Vjb25kcykgLS0+XG4gICAgICAgIDwhLS0gPGNsZWFudXBfZGVsYXlfcGVyaW9kPjYwPC9jbGVhbnVwX2RlbGF5X3BlcmlvZD4gLS0+XG5cbiAgICAgICAgPCEtLSBDb250cm9scyBob3cgbWFueSB0YXNrcyBjb3VsZCBiZSBpbiB0aGUgcXVldWUgLS0+XG4gICAgICAgIDwhLS0gPG1heF90YXNrc19pbl9xdWV1ZT4xMDAwPC9tYXhfdGFza3NfaW5fcXVldWU+IC0tPlxuICAgIDwvZGlzdHJpYnV0ZWRfZGRsPlxuXG4gICAgPCEtLSBTZXR0aW5ncyB0byBmaW5lIHR1bmUgTWVyZ2VUcmVlIHRhYmxlcy4gU2VlIGRvY3VtZW50YXRpb24gaW4gc291cmNlIGNvZGUsIGluXG4gICAgTWVyZ2VUcmVlU2V0dGluZ3MuaCAtLT5cbiAgICA8IS0tXG4gICAgPG1lcmdlX3RyZWU+XG4gICAgICAgIDxtYXhfc3VzcGljaW91c19icm9rZW5fcGFydHM+NTwvbWF4X3N1c3BpY2lvdXNfYnJva2VuX3BhcnRzPlxuICAgIDwvbWVyZ2VfdHJlZT5cbiAgICAtLT5cblxuICAgIDwhLS0gUHJvdGVjdGlvbiBmcm9tIGFjY2lkZW50YWwgRFJPUC5cbiAgICAgICAgSWYgc2l6ZSBvZiBhIE1lcmdlVHJlZSB0YWJsZSBpcyBncmVhdGVyIHRoYW4gbWF4X3RhYmxlX3NpemVfdG9fZHJvcCAoaW4gYnl0ZXMpIHRoYW4gdGFibGUgY291bGQgbm90XG4gICAgYmUgZHJvcHBlZCB3aXRoIGFueSBEUk9QIHF1ZXJ5LlxuICAgICAgICBJZiB5b3Ugd2FudCBkbyBkZWxldGUgb25lIHRhYmxlIGFuZCBkb24ndCB3YW50IHRvIGNoYW5nZSBjbGlja2hvdXNlLXNlcnZlciBjb25maWcsIHlvdSBjb3VsZCBjcmVhdGVcbiAgICBzcGVjaWFsIGZpbGUgPGNsaWNraG91c2UtcGF0aD4vZmxhZ3MvZm9yY2VfZHJvcF90YWJsZSBhbmQgbWFrZSBEUk9QIG9uY2UuXG4gICAgICAgIEJ5IGRlZmF1bHQgbWF4X3RhYmxlX3NpemVfdG9fZHJvcCBpcyA1MEdCOyBtYXhfdGFibGVfc2l6ZV90b19kcm9wPTAgYWxsb3dzIHRvIERST1AgYW55IHRhYmxlcy5cbiAgICAgICAgVGhlIHNhbWUgZm9yIG1heF9wYXJ0aXRpb25fc2l6ZV90b19kcm9wLlxuICAgICAgICBVbmNvbW1lbnQgdG8gZGlzYWJsZSBwcm90ZWN0aW9uLlxuICAgIC0tPlxuICAgIDwhLS0gPG1heF90YWJsZV9zaXplX3RvX2Ryb3A+MDwvbWF4X3RhYmxlX3NpemVfdG9fZHJvcD4gLS0+XG4gICAgPCEtLSA8bWF4X3BhcnRpdGlvbl9zaXplX3RvX2Ryb3A+MDwvbWF4X3BhcnRpdGlvbl9zaXplX3RvX2Ryb3A+IC0tPlxuXG4gICAgPCEtLSBFeGFtcGxlIG9mIHBhcmFtZXRlcnMgZm9yIEdyYXBoaXRlTWVyZ2VUcmVlIHRhYmxlIGVuZ2luZSAtLT5cbiAgICA8Z3JhcGhpdGVfcm9sbHVwX2V4YW1wbGU+XG4gICAgICAgIDxwYXR0ZXJuPlxuICAgICAgICAgICAgPHJlZ2V4cD5jbGlja19jb3N0PC9yZWdleHA+XG4gICAgICAgICAgICA8ZnVuY3Rpb24+YW55PC9mdW5jdGlvbj5cbiAgICAgICAgICAgIDxyZXRlbnRpb24+XG4gICAgICAgICAgICAgICAgPGFnZT4wPC9hZ2U+XG4gICAgICAgICAgICAgICAgPHByZWNpc2lvbj4zNjAwPC9wcmVjaXNpb24+XG4gICAgICAgICAgICA8L3JldGVudGlvbj5cbiAgICAgICAgICAgIDxyZXRlbnRpb24+XG4gICAgICAgICAgICAgICAgPGFnZT44NjQwMDwvYWdlPlxuICAgICAgICAgICAgICAgIDxwcmVjaXNpb24+NjA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICA8L3BhdHRlcm4+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGZ1bmN0aW9uPm1heDwvZnVuY3Rpb24+XG4gICAgICAgICAgICA8cmV0ZW50aW9uPlxuICAgICAgICAgICAgICAgIDxhZ2U+MDwvYWdlPlxuICAgICAgICAgICAgICAgIDxwcmVjaXNpb24+NjA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICAgICAgPHJldGVudGlvbj5cbiAgICAgICAgICAgICAgICA8YWdlPjM2MDA8L2FnZT5cbiAgICAgICAgICAgICAgICA8cHJlY2lzaW9uPjMwMDwvcHJlY2lzaW9uPlxuICAgICAgICAgICAgPC9yZXRlbnRpb24+XG4gICAgICAgICAgICA8cmV0ZW50aW9uPlxuICAgICAgICAgICAgICAgIDxhZ2U+ODY0MDA8L2FnZT5cbiAgICAgICAgICAgICAgICA8cHJlY2lzaW9uPjM2MDA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9ncmFwaGl0ZV9yb2xsdXBfZXhhbXBsZT5cblxuICAgIDwhLS0gRGlyZWN0b3J5IGluIDxjbGlja2hvdXNlLXBhdGg+IGNvbnRhaW5pbmcgc2NoZW1hIGZpbGVzIGZvciB2YXJpb3VzIGlucHV0IGZvcm1hdHMuXG4gICAgICAgIFRoZSBkaXJlY3Rvcnkgd2lsbCBiZSBjcmVhdGVkIGlmIGl0IGRvZXNuJ3QgZXhpc3QuXG4gICAgICAtLT5cbiAgICA8Zm9ybWF0X3NjaGVtYV9wYXRoPi92YXIvbGliL2NsaWNraG91c2UvZm9ybWF0X3NjaGVtYXMvPC9mb3JtYXRfc2NoZW1hX3BhdGg+XG5cbiAgICA8IS0tIERlZmF1bHQgcXVlcnkgbWFza2luZyBydWxlcywgbWF0Y2hpbmcgbGluZXMgd291bGQgYmUgcmVwbGFjZWQgd2l0aCBzb21ldGhpbmcgZWxzZSBpbiB0aGVcbiAgICBsb2dzXG4gICAgICAgIChib3RoIHRleHQgbG9ncyBhbmQgc3lzdGVtLnF1ZXJ5X2xvZykuXG4gICAgICAgIG5hbWUgLSBuYW1lIGZvciB0aGUgcnVsZSAob3B0aW9uYWwpXG4gICAgICAgIHJlZ2V4cCAtIFJFMiBjb21wYXRpYmxlIHJlZ3VsYXIgZXhwcmVzc2lvbiAobWFuZGF0b3J5KVxuICAgICAgICByZXBsYWNlIC0gc3Vic3RpdHV0aW9uIHN0cmluZyBmb3Igc2Vuc2l0aXZlIGRhdGEgKG9wdGlvbmFsLCBieSBkZWZhdWx0IC0gc2l4IGFzdGVyaXNrcylcbiAgICAtLT5cbiAgICA8cXVlcnlfbWFza2luZ19ydWxlcz5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8bmFtZT5oaWRlIGVuY3J5cHQvZGVjcnlwdCBhcmd1bWVudHM8L25hbWU+XG4gICAgICAgICAgICA8cmVnZXhwPigoPzphZXNfKT8oPzplbmNyeXB0fGRlY3J5cHQpKD86X215c3FsKT8pXFxzKlxcKFxccyooPzonKD86XFxcXCd8LikrJ3wuKj8pXFxzKlxcKTwvcmVnZXhwPlxuICAgICAgICAgICAgPCEtLSBvciBtb3JlIHNlY3VyZSwgYnV0IGFsc28gbW9yZSBpbnZhc2l2ZTpcbiAgICAgICAgICAgICAgICAoYWVzX1xcdyspXFxzKlxcKC4qXFwpXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxyZXBsYWNlPlxcMSg/Pz8pPC9yZXBsYWNlPlxuICAgICAgICA8L3J1bGU+XG4gICAgPC9xdWVyeV9tYXNraW5nX3J1bGVzPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgdG8gdXNlIGN1c3RvbSBodHRwIGhhbmRsZXJzLlxuICAgICAgICBydWxlcyBhcmUgY2hlY2tlZCBmcm9tIHRvcCB0byBib3R0b20sIGZpcnN0IG1hdGNoIHJ1bnMgdGhlIGhhbmRsZXJcbiAgICAgICAgICAgIHVybCAtIHRvIG1hdGNoIHJlcXVlc3QgVVJMLCB5b3UgY2FuIHVzZSAncmVnZXg6JyBwcmVmaXggdG8gdXNlIHJlZ2V4IG1hdGNoKG9wdGlvbmFsKVxuICAgICAgICAgICAgbWV0aG9kcyAtIHRvIG1hdGNoIHJlcXVlc3QgbWV0aG9kLCB5b3UgY2FuIHVzZSBjb21tYXMgdG8gc2VwYXJhdGUgbXVsdGlwbGUgbWV0aG9kIG1hdGNoZXMob3B0aW9uYWwpXG4gICAgICAgICAgICBoZWFkZXJzIC0gdG8gbWF0Y2ggcmVxdWVzdCBoZWFkZXJzLCBtYXRjaCBlYWNoIGNoaWxkIGVsZW1lbnQoY2hpbGQgZWxlbWVudCBuYW1lIGlzIGhlYWRlciBuYW1lKSxcbiAgICB5b3UgY2FuIHVzZSAncmVnZXg6JyBwcmVmaXggdG8gdXNlIHJlZ2V4IG1hdGNoKG9wdGlvbmFsKVxuICAgICAgICBoYW5kbGVyIGlzIHJlcXVlc3QgaGFuZGxlclxuICAgICAgICAgICAgdHlwZSAtIHN1cHBvcnRlZCB0eXBlczogc3RhdGljLCBkeW5hbWljX3F1ZXJ5X2hhbmRsZXIsIHByZWRlZmluZWRfcXVlcnlfaGFuZGxlclxuICAgICAgICAgICAgcXVlcnkgLSB1c2Ugd2l0aCBwcmVkZWZpbmVkX3F1ZXJ5X2hhbmRsZXIgdHlwZSwgZXhlY3V0ZXMgcXVlcnkgd2hlbiB0aGUgaGFuZGxlciBpcyBjYWxsZWRcbiAgICAgICAgICAgIHF1ZXJ5X3BhcmFtX25hbWUgLSB1c2Ugd2l0aCBkeW5hbWljX3F1ZXJ5X2hhbmRsZXIgdHlwZSwgZXh0cmFjdHMgYW5kIGV4ZWN1dGVzIHRoZSB2YWx1ZVxuICAgIGNvcnJlc3BvbmRpbmcgdG8gdGhlIDxxdWVyeV9wYXJhbV9uYW1lPiB2YWx1ZSBpbiBIVFRQIHJlcXVlc3QgcGFyYW1zXG4gICAgICAgICAgICBzdGF0dXMgLSB1c2Ugd2l0aCBzdGF0aWMgdHlwZSwgcmVzcG9uc2Ugc3RhdHVzIGNvZGVcbiAgICAgICAgICAgIGNvbnRlbnRfdHlwZSAtIHVzZSB3aXRoIHN0YXRpYyB0eXBlLCByZXNwb25zZSBjb250ZW50LXR5cGVcbiAgICAgICAgICAgIHJlc3BvbnNlX2NvbnRlbnQgLSB1c2Ugd2l0aCBzdGF0aWMgdHlwZSwgUmVzcG9uc2UgY29udGVudCBzZW50IHRvIGNsaWVudCwgd2hlbiB1c2luZyB0aGUgcHJlZml4XG4gICAgJ2ZpbGU6Ly8nIG9yICdjb25maWc6Ly8nLCBmaW5kIHRoZSBjb250ZW50IGZyb20gdGhlIGZpbGUgb3IgY29uZmlndXJhdGlvbiBzZW5kIHRvIGNsaWVudC5cblxuICAgIDxodHRwX2hhbmRsZXJzPlxuICAgICAgICA8cnVsZT5cbiAgICAgICAgICAgIDx1cmw+LzwvdXJsPlxuICAgICAgICAgICAgPG1ldGhvZHM+UE9TVCxHRVQ8L21ldGhvZHM+XG4gICAgICAgICAgICA8aGVhZGVycz48cHJhZ21hPm5vLWNhY2hlPC9wcmFnbWE+PC9oZWFkZXJzPlxuICAgICAgICAgICAgPGhhbmRsZXI+XG4gICAgICAgICAgICAgICAgPHR5cGU+ZHluYW1pY19xdWVyeV9oYW5kbGVyPC90eXBlPlxuICAgICAgICAgICAgICAgIDxxdWVyeV9wYXJhbV9uYW1lPnF1ZXJ5PC9xdWVyeV9wYXJhbV9uYW1lPlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8dXJsPi9wcmVkZWZpbmVkX3F1ZXJ5PC91cmw+XG4gICAgICAgICAgICA8bWV0aG9kcz5QT1NULEdFVDwvbWV0aG9kcz5cbiAgICAgICAgICAgIDxoYW5kbGVyPlxuICAgICAgICAgICAgICAgIDx0eXBlPnByZWRlZmluZWRfcXVlcnlfaGFuZGxlcjwvdHlwZT5cbiAgICAgICAgICAgICAgICA8cXVlcnk+U0VMRUNUICogRlJPTSBzeXN0ZW0uc2V0dGluZ3M8L3F1ZXJ5PlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8aGFuZGxlcj5cbiAgICAgICAgICAgICAgICA8dHlwZT5zdGF0aWM8L3R5cGU+XG4gICAgICAgICAgICAgICAgPHN0YXR1cz4yMDA8L3N0YXR1cz5cbiAgICAgICAgICAgICAgICA8Y29udGVudF90eXBlPnRleHQvcGxhaW47IGNoYXJzZXQ9VVRGLTg8L2NvbnRlbnRfdHlwZT5cbiAgICAgICAgICAgICAgICA8cmVzcG9uc2VfY29udGVudD5jb25maWc6Ly9odHRwX3NlcnZlcl9kZWZhdWx0X3Jlc3BvbnNlPC9yZXNwb25zZV9jb250ZW50PlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG4gICAgPC9odHRwX2hhbmRsZXJzPlxuICAgIC0tPlxuXG4gICAgPHNlbmRfY3Jhc2hfcmVwb3J0cz5cbiAgICAgICAgPCEtLSBDaGFuZ2luZyA8ZW5hYmxlZD4gdG8gdHJ1ZSBhbGxvd3Mgc2VuZGluZyBjcmFzaCByZXBvcnRzIHRvIC0tPlxuICAgICAgICA8IS0tIHRoZSBDbGlja0hvdXNlIGNvcmUgZGV2ZWxvcGVycyB0ZWFtIHZpYSBTZW50cnkgaHR0cHM6Ly9zZW50cnkuaW8gLS0+XG4gICAgICAgIDwhLS0gRG9pbmcgc28gYXQgbGVhc3QgaW4gcHJlLXByb2R1Y3Rpb24gZW52aXJvbm1lbnRzIGlzIGhpZ2hseSBhcHByZWNpYXRlZCAtLT5cbiAgICAgICAgPGVuYWJsZWQ+ZmFsc2U8L2VuYWJsZWQ+XG4gICAgICAgIDwhLS0gQ2hhbmdlIDxhbm9ueW1pemU+IHRvIHRydWUgaWYgeW91IGRvbid0IGZlZWwgY29tZm9ydGFibGUgYXR0YWNoaW5nIHRoZSBzZXJ2ZXIgaG9zdG5hbWVcbiAgICAgICAgdG8gdGhlIGNyYXNoIHJlcG9ydCAtLT5cbiAgICAgICAgPGFub255bWl6ZT5mYWxzZTwvYW5vbnltaXplPlxuICAgICAgICA8IS0tIERlZmF1bHQgZW5kcG9pbnQgc2hvdWxkIGJlIGNoYW5nZWQgdG8gZGlmZmVyZW50IFNlbnRyeSBEU04gb25seSBpZiB5b3UgaGF2ZSAtLT5cbiAgICAgICAgPCEtLSBzb21lIGluLWhvdXNlIGVuZ2luZWVycyBvciBoaXJlZCBjb25zdWx0YW50cyB3aG8ncmUgZ29pbmcgdG8gZGVidWcgQ2xpY2tIb3VzZSBpc3N1ZXNcbiAgICAgICAgZm9yIHlvdSAtLT5cbiAgICAgICAgPGVuZHBvaW50Pmh0dHBzOi8vNmYzMzAzNGNmZTY4NGRkN2EzYWI5ODc1ZTU3YjFjOGRAbzM4ODg3MC5pbmdlc3Quc2VudHJ5LmlvLzUyMjYyNzc8L2VuZHBvaW50PlxuICAgIDwvc2VuZF9jcmFzaF9yZXBvcnRzPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgdG8gZGlzYWJsZSBDbGlja0hvdXNlIGludGVybmFsIEROUyBjYWNoaW5nLiAtLT5cbiAgICA8IS0tIDxkaXNhYmxlX2ludGVybmFsX2Ruc19jYWNoZT4xPC9kaXNhYmxlX2ludGVybmFsX2Ruc19jYWNoZT4gLS0+XG5cbiAgICA8IS0tIFlvdSBjYW4gYWxzbyBjb25maWd1cmUgcm9ja3NkYiBsaWtlIHRoaXM6IC0tPlxuICAgIDwhLS1cbiAgICA8cm9ja3NkYj5cbiAgICAgICAgPG9wdGlvbnM+XG4gICAgICAgICAgICA8bWF4X2JhY2tncm91bmRfam9icz44PC9tYXhfYmFja2dyb3VuZF9qb2JzPlxuICAgICAgICA8L29wdGlvbnM+XG4gICAgICAgIDxjb2x1bW5fZmFtaWx5X29wdGlvbnM+XG4gICAgICAgICAgICA8bnVtX2xldmVscz4yPC9udW1fbGV2ZWxzPlxuICAgICAgICA8L2NvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgPHRhYmxlcz5cbiAgICAgICAgICAgIDx0YWJsZT5cbiAgICAgICAgICAgICAgICA8bmFtZT5UQUJMRTwvbmFtZT5cbiAgICAgICAgICAgICAgICA8b3B0aW9ucz5cbiAgICAgICAgICAgICAgICAgICAgPG1heF9iYWNrZ3JvdW5kX2pvYnM+ODwvbWF4X2JhY2tncm91bmRfam9icz5cbiAgICAgICAgICAgICAgICA8L29wdGlvbnM+XG4gICAgICAgICAgICAgICAgPGNvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgICAgICAgICAgICAgPG51bV9sZXZlbHM+MjwvbnVtX2xldmVscz5cbiAgICAgICAgICAgICAgICA8L2NvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgICAgIDwvdGFibGU+XG4gICAgICAgIDwvdGFibGVzPlxuICAgIDwvcm9ja3NkYj5cbiAgICAtLT5cbjwveWFuZGV4PiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vZG9ja2VyL2NsaWNraG91c2UvdXNlcnMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL3VzZXJzLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8P3htbCB2ZXJzaW9uPVwiMS4wXCI/PlxuPHlhbmRleD5cbiAgICA8IS0tIFNlZSBhbHNvIHRoZSBmaWxlcyBpbiB1c2Vycy5kIGRpcmVjdG9yeSB3aGVyZSB0aGUgc2V0dGluZ3MgY2FuIGJlIG92ZXJyaWRkZW4uIC0tPlxuXG4gICAgPCEtLSBQcm9maWxlcyBvZiBzZXR0aW5ncy4gLS0+XG4gICAgPHByb2ZpbGVzPlxuICAgICAgICA8IS0tIERlZmF1bHQgc2V0dGluZ3MuIC0tPlxuICAgICAgICA8ZGVmYXVsdD5cbiAgICAgICAgICAgIDwhLS0gTWF4aW11bSBtZW1vcnkgdXNhZ2UgZm9yIHByb2Nlc3Npbmcgc2luZ2xlIHF1ZXJ5LCBpbiBieXRlcy4gLS0+XG4gICAgICAgICAgICA8bWF4X21lbW9yeV91c2FnZT4xMDAwMDAwMDAwMDwvbWF4X21lbW9yeV91c2FnZT5cblxuICAgICAgICAgICAgPCEtLSBIb3cgdG8gY2hvb3NlIGJldHdlZW4gcmVwbGljYXMgZHVyaW5nIGRpc3RyaWJ1dGVkIHF1ZXJ5IHByb2Nlc3NpbmcuXG4gICAgICAgICAgICAgICAgcmFuZG9tIC0gY2hvb3NlIHJhbmRvbSByZXBsaWNhIGZyb20gc2V0IG9mIHJlcGxpY2FzIHdpdGggbWluaW11bSBudW1iZXIgb2YgZXJyb3JzXG4gICAgICAgICAgICAgICAgbmVhcmVzdF9ob3N0bmFtZSAtIGZyb20gc2V0IG9mIHJlcGxpY2FzIHdpdGggbWluaW11bSBudW1iZXIgb2YgZXJyb3JzLCBjaG9vc2UgcmVwbGljYVxuICAgICAgICAgICAgICAgICAgd2l0aCBtaW5pbXVtIG51bWJlciBvZiBkaWZmZXJlbnQgc3ltYm9scyBiZXR3ZWVuIHJlcGxpY2EncyBob3N0bmFtZSBhbmQgbG9jYWwgaG9zdG5hbWVcbiAgICAgICAgICAgICAgICAgIChIYW1taW5nIGRpc3RhbmNlKS5cbiAgICAgICAgICAgICAgICBpbl9vcmRlciAtIGZpcnN0IGxpdmUgcmVwbGljYSBpcyBjaG9zZW4gaW4gc3BlY2lmaWVkIG9yZGVyLlxuICAgICAgICAgICAgICAgIGZpcnN0X29yX3JhbmRvbSAtIGlmIGZpcnN0IHJlcGxpY2Egb25lIGhhcyBoaWdoZXIgbnVtYmVyIG9mIGVycm9ycywgcGljayBhIHJhbmRvbSBvbmUgZnJvbSByZXBsaWNhc1xuICAgICAgICAgICAgd2l0aCBtaW5pbXVtIG51bWJlciBvZiBlcnJvcnMuXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxsb2FkX2JhbGFuY2luZz5yYW5kb208L2xvYWRfYmFsYW5jaW5nPlxuXG4gICAgICAgICAgICA8YWxsb3dfbm9uZGV0ZXJtaW5pc3RpY19tdXRhdGlvbnM+MTwvYWxsb3dfbm9uZGV0ZXJtaW5pc3RpY19tdXRhdGlvbnM+XG5cbiAgICAgICAgPC9kZWZhdWx0PlxuXG4gICAgICAgIDwhLS0gUHJvZmlsZSB0aGF0IGFsbG93cyBvbmx5IHJlYWQgcXVlcmllcy4gLS0+XG4gICAgICAgIDxyZWFkb25seT5cbiAgICAgICAgICAgIDxyZWFkb25seT4xPC9yZWFkb25seT5cbiAgICAgICAgPC9yZWFkb25seT5cblxuICAgIDwvcHJvZmlsZXM+XG5cbiAgICA8IS0tIFVzZXJzIGFuZCBBQ0wuIC0tPlxuICAgIDx1c2Vycz5cbiAgICAgICAgPCEtLSBJZiB1c2VyIG5hbWUgd2FzIG5vdCBzcGVjaWZpZWQsICdkZWZhdWx0JyB1c2VyIGlzIHVzZWQuIC0tPlxuICAgICAgICA8ZGVmYXVsdD5cbiAgICAgICAgICAgIDwhLS0gU2VlIGFsc28gdGhlIGZpbGVzIGluIHVzZXJzLmQgZGlyZWN0b3J5IHdoZXJlIHRoZSBwYXNzd29yZCBjYW4gYmUgb3ZlcnJpZGRlbi5cblxuICAgICAgICAgICAgICAgIFBhc3N3b3JkIGNvdWxkIGJlIHNwZWNpZmllZCBpbiBwbGFpbnRleHQgb3IgaW4gU0hBMjU2IChpbiBoZXggZm9ybWF0KS5cblxuICAgICAgICAgICAgICAgIElmIHlvdSB3YW50IHRvIHNwZWNpZnkgcGFzc3dvcmQgaW4gcGxhaW50ZXh0IChub3QgcmVjb21tZW5kZWQpLCBwbGFjZSBpdCBpbiAncGFzc3dvcmQnIGVsZW1lbnQuXG4gICAgICAgICAgICAgICAgRXhhbXBsZTogPHBhc3N3b3JkPnF3ZXJ0eTwvcGFzc3dvcmQ+LlxuICAgICAgICAgICAgICAgIFBhc3N3b3JkIGNvdWxkIGJlIGVtcHR5LlxuXG4gICAgICAgICAgICAgICAgSWYgeW91IHdhbnQgdG8gc3BlY2lmeSBTSEEyNTYsIHBsYWNlIGl0IGluICdwYXNzd29yZF9zaGEyNTZfaGV4JyBlbGVtZW50LlxuICAgICAgICAgICAgICAgIEV4YW1wbGU6XG4gICAgICAgICAgICA8cGFzc3dvcmRfc2hhMjU2X2hleD42NWU4NGJlMzM1MzJmYjc4NGM0ODEyOTY3NWY5ZWZmM2E2ODJiMjcxNjhjMGVhNzQ0YjJjZjU4ZWUwMjMzN2M1PC9wYXNzd29yZF9zaGEyNTZfaGV4PlxuICAgICAgICAgICAgICAgIFJlc3RyaWN0aW9ucyBvZiBTSEEyNTY6IGltcG9zc2liaWxpdHkgdG8gY29ubmVjdCB0byBDbGlja0hvdXNlIHVzaW5nIE15U1FMIEpTIGNsaWVudCAoYXMgb2YgSnVseVxuICAgICAgICAgICAgMjAxOSkuXG5cbiAgICAgICAgICAgICAgICBJZiB5b3Ugd2FudCB0byBzcGVjaWZ5IGRvdWJsZSBTSEExLCBwbGFjZSBpdCBpbiAncGFzc3dvcmRfZG91YmxlX3NoYTFfaGV4JyBlbGVtZW50LlxuICAgICAgICAgICAgICAgIEV4YW1wbGU6XG4gICAgICAgICAgICA8cGFzc3dvcmRfZG91YmxlX3NoYTFfaGV4PmUzOTU3OTZkNjU0NmIxYjY1ZGI5ZDY2NWNkNDNmMGU4NThkZDQzMDM8L3Bhc3N3b3JkX2RvdWJsZV9zaGExX2hleD5cblxuICAgICAgICAgICAgICAgIElmIHlvdSB3YW50IHRvIHNwZWNpZnkgYSBwcmV2aW91c2x5IGRlZmluZWQgTERBUCBzZXJ2ZXIgKHNlZSAnbGRhcF9zZXJ2ZXJzJyBpbiB0aGUgbWFpbiBjb25maWcpIGZvclxuICAgICAgICAgICAgYXV0aGVudGljYXRpb24sXG4gICAgICAgICAgICAgICAgICBwbGFjZSBpdHMgbmFtZSBpbiAnc2VydmVyJyBlbGVtZW50IGluc2lkZSAnbGRhcCcgZWxlbWVudC5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8bGRhcD48c2VydmVyPm15X2xkYXBfc2VydmVyPC9zZXJ2ZXI+PC9sZGFwPlxuXG4gICAgICAgICAgICAgICAgSWYgeW91IHdhbnQgdG8gYXV0aGVudGljYXRlIHRoZSB1c2VyIHZpYSBLZXJiZXJvcyAoYXNzdW1pbmcgS2VyYmVyb3MgaXMgZW5hYmxlZCwgc2VlICdrZXJiZXJvcycgaW5cbiAgICAgICAgICAgIHRoZSBtYWluIGNvbmZpZyksXG4gICAgICAgICAgICAgICAgICBwbGFjZSAna2VyYmVyb3MnIGVsZW1lbnQgaW5zdGVhZCBvZiAncGFzc3dvcmQnIChhbmQgc2ltaWxhcikgZWxlbWVudHMuXG4gICAgICAgICAgICAgICAgVGhlIG5hbWUgcGFydCBvZiB0aGUgY2Fub25pY2FsIHByaW5jaXBhbCBuYW1lIG9mIHRoZSBpbml0aWF0b3IgbXVzdCBtYXRjaCB0aGUgdXNlciBuYW1lIGZvclxuICAgICAgICAgICAgYXV0aGVudGljYXRpb24gdG8gc3VjY2VlZC5cbiAgICAgICAgICAgICAgICBZb3UgY2FuIGFsc28gcGxhY2UgJ3JlYWxtJyBlbGVtZW50IGluc2lkZSAna2VyYmVyb3MnIGVsZW1lbnQgdG8gZnVydGhlciByZXN0cmljdCBhdXRoZW50aWNhdGlvbiB0b1xuICAgICAgICAgICAgb25seSB0aG9zZSByZXF1ZXN0c1xuICAgICAgICAgICAgICAgICAgd2hvc2UgaW5pdGlhdG9yJ3MgcmVhbG0gbWF0Y2hlcyBpdC5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8a2VyYmVyb3MgLz5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8a2VyYmVyb3M+PHJlYWxtPkVYQU1QTEUuQ09NPC9yZWFsbT48L2tlcmJlcm9zPlxuXG4gICAgICAgICAgICAgICAgSG93IHRvIGdlbmVyYXRlIGRlY2VudCBwYXNzd29yZDpcbiAgICAgICAgICAgICAgICBFeGVjdXRlOiBQQVNTV09SRD0kKGJhc2U2NCA8IC9kZXYvdXJhbmRvbSB8IGhlYWQgLWM4KTsgZWNobyBcIiRQQVNTV09SRFwiOyBlY2hvIC1uIFwiJFBBU1NXT1JEXCIgfFxuICAgICAgICAgICAgc2hhMjU2c3VtIHwgdHIgLWQgJy0nXG4gICAgICAgICAgICAgICAgSW4gZmlyc3QgbGluZSB3aWxsIGJlIHBhc3N3b3JkIGFuZCBpbiBzZWNvbmQgLSBjb3JyZXNwb25kaW5nIFNIQTI1Ni5cblxuICAgICAgICAgICAgICAgIEhvdyB0byBnZW5lcmF0ZSBkb3VibGUgU0hBMTpcbiAgICAgICAgICAgICAgICBFeGVjdXRlOiBQQVNTV09SRD0kKGJhc2U2NCA8IC9kZXYvdXJhbmRvbSB8IGhlYWQgLWM4KTsgZWNobyBcIiRQQVNTV09SRFwiOyBlY2hvIC1uIFwiJFBBU1NXT1JEXCIgfFxuICAgICAgICAgICAgc2hhMXN1bSB8IHRyIC1kICctJyB8IHh4ZCAtciAtcCB8IHNoYTFzdW0gfCB0ciAtZCAnLSdcbiAgICAgICAgICAgICAgICBJbiBmaXJzdCBsaW5lIHdpbGwgYmUgcGFzc3dvcmQgYW5kIGluIHNlY29uZCAtIGNvcnJlc3BvbmRpbmcgZG91YmxlIFNIQTEuXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxwYXNzd29yZD48L3Bhc3N3b3JkPlxuXG4gICAgICAgICAgICA8IS0tIExpc3Qgb2YgbmV0d29ya3Mgd2l0aCBvcGVuIGFjY2Vzcy5cblxuICAgICAgICAgICAgICAgIFRvIG9wZW4gYWNjZXNzIGZyb20gZXZlcnl3aGVyZSwgc3BlY2lmeTpcbiAgICAgICAgICAgICAgICAgICAgPGlwPjo6LzA8L2lwPlxuXG4gICAgICAgICAgICAgICAgVG8gb3BlbiBhY2Nlc3Mgb25seSBmcm9tIGxvY2FsaG9zdCwgc3BlY2lmeTpcbiAgICAgICAgICAgICAgICAgICAgPGlwPjo6MTwvaXA+XG4gICAgICAgICAgICAgICAgICAgIDxpcD4xMjcuMC4wLjE8L2lwPlxuXG4gICAgICAgICAgICAgICAgRWFjaCBlbGVtZW50IG9mIGxpc3QgaGFzIG9uZSBvZiB0aGUgZm9sbG93aW5nIGZvcm1zOlxuICAgICAgICAgICAgICAgIDxpcD4gSVAtYWRkcmVzcyBvciBuZXR3b3JrIG1hc2suIEV4YW1wbGVzOiAyMTMuMTgwLjIwNC4zIG9yIDEwLjAuMC4xLzggb3IgMTAuMC4wLjEvMjU1LjI1NS4yNTUuMFxuICAgICAgICAgICAgICAgICAgICAyYTAyOjZiODo6MyBvciAyYTAyOjZiODo6My82NCBvciAyYTAyOjZiODo6My9mZmZmOmZmZmY6ZmZmZjpmZmZmOjouXG4gICAgICAgICAgICAgICAgPGhvc3Q+IEhvc3RuYW1lLiBFeGFtcGxlOiBzZXJ2ZXIwMS55YW5kZXgucnUuXG4gICAgICAgICAgICAgICAgICAgIFRvIGNoZWNrIGFjY2VzcywgRE5TIHF1ZXJ5IGlzIHBlcmZvcm1lZCwgYW5kIGFsbCByZWNlaXZlZCBhZGRyZXNzZXMgY29tcGFyZWQgdG8gcGVlciBhZGRyZXNzLlxuICAgICAgICAgICAgICAgIDxob3N0X3JlZ2V4cD4gUmVndWxhciBleHByZXNzaW9uIGZvciBob3N0IG5hbWVzLiBFeGFtcGxlLCBec2VydmVyXFxkXFxkLVxcZFxcZC1cXGRcXC55YW5kZXhcXC5ydSRcbiAgICAgICAgICAgICAgICAgICAgVG8gY2hlY2sgYWNjZXNzLCBETlMgUFRSIHF1ZXJ5IGlzIHBlcmZvcm1lZCBmb3IgcGVlciBhZGRyZXNzIGFuZCB0aGVuIHJlZ2V4cCBpcyBhcHBsaWVkLlxuICAgICAgICAgICAgICAgICAgICBUaGVuLCBmb3IgcmVzdWx0IG9mIFBUUiBxdWVyeSwgYW5vdGhlciBETlMgcXVlcnkgaXMgcGVyZm9ybWVkIGFuZCBhbGwgcmVjZWl2ZWQgYWRkcmVzc2VzIGNvbXBhcmVkXG4gICAgICAgICAgICB0byBwZWVyIGFkZHJlc3MuXG4gICAgICAgICAgICAgICAgICAgIFN0cm9uZ2x5IHJlY29tbWVuZGVkIHRoYXQgcmVnZXhwIGlzIGVuZHMgd2l0aCAkXG4gICAgICAgICAgICAgICAgQWxsIHJlc3VsdHMgb2YgRE5TIHJlcXVlc3RzIGFyZSBjYWNoZWQgdGlsbCBzZXJ2ZXIgcmVzdGFydC5cbiAgICAgICAgICAgIC0tPlxuICAgICAgICAgICAgPG5ldHdvcmtzPlxuICAgICAgICAgICAgICAgIDxpcD46Oi8wPC9pcD5cbiAgICAgICAgICAgIDwvbmV0d29ya3M+XG5cbiAgICAgICAgICAgIDwhLS0gU2V0dGluZ3MgcHJvZmlsZSBmb3IgdXNlci4gLS0+XG4gICAgICAgICAgICA8cHJvZmlsZT5kZWZhdWx0PC9wcm9maWxlPlxuXG4gICAgICAgICAgICA8IS0tIFF1b3RhIGZvciB1c2VyLiAtLT5cbiAgICAgICAgICAgIDxxdW90YT5kZWZhdWx0PC9xdW90YT5cblxuICAgICAgICAgICAgPCEtLSBVc2VyIGNhbiBjcmVhdGUgb3RoZXIgdXNlcnMgYW5kIGdyYW50IHJpZ2h0cyB0byB0aGVtLiAtLT5cbiAgICAgICAgICAgIDwhLS0gPGFjY2Vzc19tYW5hZ2VtZW50PjE8L2FjY2Vzc19tYW5hZ2VtZW50PiAtLT5cbiAgICAgICAgPC9kZWZhdWx0PlxuICAgIDwvdXNlcnM+XG5cbiAgICA8IS0tIFF1b3Rhcy4gLS0+XG4gICAgPHF1b3Rhcz5cbiAgICAgICAgPCEtLSBOYW1lIG9mIHF1b3RhLiAtLT5cbiAgICAgICAgPGRlZmF1bHQ+XG4gICAgICAgICAgICA8IS0tIExpbWl0cyBmb3IgdGltZSBpbnRlcnZhbC4gWW91IGNvdWxkIHNwZWNpZnkgbWFueSBpbnRlcnZhbHMgd2l0aCBkaWZmZXJlbnQgbGltaXRzLiAtLT5cbiAgICAgICAgICAgIDxpbnRlcnZhbD5cbiAgICAgICAgICAgICAgICA8IS0tIExlbmd0aCBvZiBpbnRlcnZhbC4gLS0+XG4gICAgICAgICAgICAgICAgPGR1cmF0aW9uPjM2MDA8L2R1cmF0aW9uPlxuXG4gICAgICAgICAgICAgICAgPCEtLSBObyBsaW1pdHMuIEp1c3QgY2FsY3VsYXRlIHJlc291cmNlIHVzYWdlIGZvciB0aW1lIGludGVydmFsLiAtLT5cbiAgICAgICAgICAgICAgICA8cXVlcmllcz4wPC9xdWVyaWVzPlxuICAgICAgICAgICAgICAgIDxlcnJvcnM+MDwvZXJyb3JzPlxuICAgICAgICAgICAgICAgIDxyZXN1bHRfcm93cz4wPC9yZXN1bHRfcm93cz5cbiAgICAgICAgICAgICAgICA8cmVhZF9yb3dzPjA8L3JlYWRfcm93cz5cbiAgICAgICAgICAgICAgICA8ZXhlY3V0aW9uX3RpbWU+MDwvZXhlY3V0aW9uX3RpbWU+XG4gICAgICAgICAgICA8L2ludGVydmFsPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9xdW90YXM+XG48L3lhbmRleD5cbiIKICAgICAgLSAnY2xpY2tob3VzZS1kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICBkZXBlbmRzX29uOgogICAgICAtIGthZmthCiAgICAgIC0gem9va2VlcGVyCiAgem9va2VlcGVyOgogICAgaW1hZ2U6ICd6b29rZWVwZXI6My43LjAnCiAgICB2b2x1bWVzOgogICAgICAtICd6b29rZWVwZXItZGF0YWxvZzovZGF0YWxvZycKICAgICAgLSAnem9va2VlcGVyLWRhdGE6L2RhdGEnCiAgICAgIC0gJ3pvb2tlZXBlci1sb2dzOi9sb2dzJwogIGthZmthOgogICAgaW1hZ2U6ICdnaGNyLmlvL3Bvc3Rob2cva2Fma2EtY29udGFpbmVyOnYyLjguMicKICAgIGRlcGVuZHNfb246CiAgICAgIC0gem9va2VlcGVyCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBLQUZLQV9CUk9LRVJfSUQ9MTAwMQogICAgICAtIEtBRktBX0NGR19SRVNFUlZFRF9CUk9LRVJfTUFYX0lEPTEwMDEKICAgICAgLSAnS0FGS0FfQ0ZHX0xJU1RFTkVSUz1QTEFJTlRFWFQ6Ly86OTA5MicKICAgICAgLSAnS0FGS0FfQ0ZHX0FEVkVSVElTRURfTElTVEVORVJTPVBMQUlOVEVYVDovL2thZmthOjkwOTInCiAgICAgIC0gJ0tBRktBX0NGR19aT09LRUVQRVJfQ09OTkVDVD16b29rZWVwZXI6MjE4MScKICAgICAgLSBBTExPV19QTEFJTlRFWFRfTElTVEVORVI9eWVzCiAgb2JqZWN0X3N0b3JhZ2U6CiAgICBpbWFnZTogJ21pbmlvL21pbmlvOlJFTEVBU0UuMjAyMi0wNi0yNVQxNS01MC0xNlonCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBNSU5JT19ST09UX1VTRVI9JFNFUlZJQ0VfVVNFUl9NSU5JTwogICAgICAtIE1JTklPX1JPT1RfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfTUlOSU8KICAgIGVudHJ5cG9pbnQ6IHNoCiAgICBjb21tYW5kOiAnLWMgJydta2RpciAtcCAvZGF0YS9wb3N0aG9nICYmIG1pbmlvIHNlcnZlciAtLWFkZHJlc3MgIjoxOTAwMCIgLS1jb25zb2xlLWFkZHJlc3MgIjoxOTAwMSIgL2RhdGEnJycKICAgIHZvbHVtZXM6CiAgICAgIC0gJ29iamVjdF9zdG9yYWdlOi9kYXRhJwogIG1haWxkZXY6CiAgICBpbWFnZTogJ21haWxkZXYvbWFpbGRldjoyLjAuNScKICBmbG93ZXI6CiAgICBpbWFnZTogJ21oZXIvZmxvd2VyOjIuMC4wJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEZMT1dFUl9QT1JUOiA1NTU1CiAgICAgIENFTEVSWV9CUk9LRVJfVVJMOiAncmVkaXM6Ly9yZWRpczo2Mzc5JwogIHdlYjoKICAgIGltYWdlOiAncG9zdGhvZy9wb3N0aG9nOmxhdGVzdCcKICAgIGNvbW1hbmQ6IC9jb21wb3NlL3N0YXJ0CiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jb21wb3NlL3N0YXJ0CiAgICAgICAgdGFyZ2V0OiAvY29tcG9zZS9zdGFydAogICAgICAgIGNvbnRlbnQ6ICIjIS9iaW4vYmFzaFxuL2NvbXBvc2Uvd2FpdFxuLi9iaW4vbWlncmF0ZVxuLi9iaW4vZG9ja2VyLXNlcnZlclxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jb21wb3NlL3dhaXQKICAgICAgICB0YXJnZXQ6IC9jb21wb3NlL3dhaXQKICAgICAgICBjb250ZW50OiAiIyEvdXNyL2Jpbi9lbnYgcHl0aG9uM1xuXG5pbXBvcnQgc29ja2V0XG5pbXBvcnQgdGltZVxuXG5kZWYgbG9vcCgpOlxuICAgIHByaW50KFwiV2FpdGluZyBmb3IgQ2xpY2tIb3VzZSBhbmQgUG9zdGdyZXMgdG8gYmUgcmVhZHlcIilcbiAgICB0cnk6XG4gICAgICAgIHdpdGggc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCwgc29ja2V0LlNPQ0tfU1RSRUFNKSBhcyBzOlxuICAgICAgICAgICAgcy5jb25uZWN0KCgnY2xpY2tob3VzZScsIDkwMDApKVxuICAgICAgICBwcmludChcIkNsaWNraG91c2UgaXMgcmVhZHlcIilcbiAgICAgICAgd2l0aCBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pIGFzIHM6XG4gICAgICAgICAgICBzLmNvbm5lY3QoKCdkYicsIDU0MzIpKVxuICAgICAgICBwcmludChcIlBvc3RncmVzIGlzIHJlYWR5XCIpXG4gICAgZXhjZXB0IENvbm5lY3Rpb25SZWZ1c2VkRXJyb3IgYXMgZTpcbiAgICAgICAgdGltZS5zbGVlcCg1KVxuICAgICAgICBsb29wKClcblxubG9vcCgpXG4iCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9XRUJfODAwMAogICAgICAtIE9QVF9PVVRfQ0FQVFVSSU5HPXRydWUKICAgICAgLSBESVNBQkxFX1NFQ1VSRV9TU0xfUkVESVJFQ1Q9dHJ1ZQogICAgICAtIElTX0JFSElORF9QUk9YWT10cnVlCiAgICAgIC0gVFJVU1RfQUxMX1BST1hJRVM9dHJ1ZQogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly9wb3N0aG9nOiRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTQGRiOjU0MzIvcG9zdGhvZycKICAgICAgLSBDTElDS0hPVVNFX0hPU1Q9Y2xpY2tob3VzZQogICAgICAtIENMSUNLSE9VU0VfREFUQUJBU0U9cG9zdGhvZwogICAgICAtIENMSUNLSE9VU0VfU0VDVVJFPWZhbHNlCiAgICAgIC0gQ0xJQ0tIT1VTRV9WRVJJRlk9ZmFsc2UKICAgICAgLSBLQUZLQV9IT1NUUz1rYWZrYQogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9yZWRpczo2Mzc5LycKICAgICAgLSBQR0hPU1Q9ZGIKICAgICAgLSBQR1VTRVI9cG9zdGhvZwogICAgICAtIFBHUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBERVBMT1lNRU5UPWhvYmJ5CiAgICAgIC0gU0lURV9VUkw9JFNFUlZJQ0VfVVJMX1dFQgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfQkFTRTY0XzY0X1NFQ1JFVEtFWQogICAgICAtICdFTkNSWVBUSU9OX1NBTFRfS0VZUz0ke1NFUlZJQ0VfRU5DUllQVElPTl9TQUxUX0tFWVM6LTAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMDAwYmVlZjAwfScKICAgIGRlcGVuZHNfb246CiAgICAgIC0gZGIKICAgICAgLSByZWRpcwogICAgICAtIGNsaWNraG91c2UKICAgICAgLSBrYWZrYQogICAgICAtIG9iamVjdF9zdG9yYWdlCiAgd29ya2VyOgogICAgaW1hZ2U6ICdwb3N0aG9nL3Bvc3Rob2c6bGF0ZXN0JwogICAgY29tbWFuZDogJy4vYmluL2RvY2tlci13b3JrZXItY2VsZXJ5IC0td2l0aC1zY2hlZHVsZXInCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBPUFRfT1VUX0NBUFRVUklORz10cnVlCiAgICAgIC0gRElTQUJMRV9TRUNVUkVfU1NMX1JFRElSRUNUPXRydWUKICAgICAgLSBJU19CRUhJTkRfUFJPWFk9dHJ1ZQogICAgICAtIFRSVVNUX0FMTF9QUk9YSUVTPXRydWUKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vcG9zdGhvZzokU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU0BkYjo1NDMyL3Bvc3Rob2cnCiAgICAgIC0gQ0xJQ0tIT1VTRV9IT1NUPWNsaWNraG91c2UKICAgICAgLSBDTElDS0hPVVNFX0RBVEFCQVNFPXBvc3Rob2cKICAgICAgLSBDTElDS0hPVVNFX1NFQ1VSRT1mYWxzZQogICAgICAtIENMSUNLSE9VU0VfVkVSSUZZPWZhbHNlCiAgICAgIC0gS0FGS0FfSE9TVFM9a2Fma2EKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vcmVkaXM6NjM3OS8nCiAgICAgIC0gUEdIT1NUPWRiCiAgICAgIC0gUEdVU0VSPXBvc3Rob2cKICAgICAgLSBQR1BBU1NXT1JEPSRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTCiAgICAgIC0gREVQTE9ZTUVOVD1ob2JieQogICAgICAtIFNJVEVfVVJMPSRTRVJWSUNFX1VSTF9XRUIKICAgICAgLSBTRUNSRVRfS0VZPSRTRVJWSUNFX0JBU0U2NF82NF9TRUNSRVRLRVkKICAgICAgLSAnRU5DUllQVElPTl9TQUxUX0tFWVM9JHtTRVJWSUNFX0VOQ1JZUFRJT05fU0FMVF9LRVlTOi0wMGJlZWYwMDAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMH0nCiAgICBkZXBlbmRzX29uOgogICAgICAtIGRiCiAgICAgIC0gcmVkaXMKICAgICAgLSBjbGlja2hvdXNlCiAgICAgIC0ga2Fma2EKICAgICAgLSBvYmplY3Rfc3RvcmFnZQogIHBsdWdpbnM6CiAgICBpbWFnZTogJ3Bvc3Rob2cvcG9zdGhvZzpsYXRlc3QnCiAgICBjb21tYW5kOiAnLi9iaW4vcGx1Z2luLXNlcnZlciAtLW5vLXJlc3RhcnQtbG9vcCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly9wb3N0aG9nOiRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTQGRiOjU0MzIvcG9zdGhvZycKICAgICAgLSAnS0FGS0FfSE9TVFM9a2Fma2E6OTA5MicKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vcmVkaXM6NjM3OS8nCiAgICAgIC0gQ0xJQ0tIT1VTRV9IT1NUPWNsaWNraG91c2UKICAgICAgLSBDTElDS0hPVVNFX0RBVEFCQVNFPXBvc3Rob2cKICAgICAgLSBDTElDS0hPVVNFX1NFQ1VSRT1mYWxzZQogICAgICAtIENMSUNLSE9VU0VfVkVSSUZZPWZhbHNlCiAgICAgIC0gU0lURV9VUkw9JFNFUlZJQ0VfVVJMX1dFQgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfQkFTRTY0XzY0X1NFQ1JFVEtFWQogICAgICAtICdFTkNSWVBUSU9OX1NBTFRfS0VZUz0ke1NFUlZJQ0VfRU5DUllQVElPTl9TQUxUX0tFWVM6LTAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMDAwYmVlZjAwfScKICAgIGRlcGVuZHNfb246CiAgICAgIC0gZGIKICAgICAgLSByZWRpcwogICAgICAtIGNsaWNraG91c2UKICAgICAgLSBrYWZrYQogICAgICAtIG9iamVjdF9zdG9yYWdlCiAgZWxhc3RpY3NlYXJjaDoKICAgIGltYWdlOiAnZWxhc3RpY3NlYXJjaDo3LjE2LjInCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBjbHVzdGVyLnJvdXRpbmcuYWxsb2NhdGlvbi5kaXNrLnRocmVzaG9sZF9lbmFibGVkPXRydWUKICAgICAgLSBjbHVzdGVyLnJvdXRpbmcuYWxsb2NhdGlvbi5kaXNrLndhdGVybWFyay5sb3c9NTEybWIKICAgICAgLSBjbHVzdGVyLnJvdXRpbmcuYWxsb2NhdGlvbi5kaXNrLndhdGVybWFyay5oaWdoPTI1Nm1iCiAgICAgIC0gY2x1c3Rlci5yb3V0aW5nLmFsbG9jYXRpb24uZGlzay53YXRlcm1hcmsuZmxvb2Rfc3RhZ2U9MTI4bWIKICAgICAgLSBkaXNjb3ZlcnkudHlwZT1zaW5nbGUtbm9kZQogICAgICAtICdFU19KQVZBX09QVFM9LVhtczI1Nm0gLVhteDI1Nm0nCiAgICAgIC0geHBhY2suc2VjdXJpdHkuZW5hYmxlZD1mYWxzZQogICAgdm9sdW1lczoKICAgICAgLSAnZWxhc3RpY3NlYXJjaC1kYXRhOi92YXIvbGliL2VsYXN0aWNzZWFyY2gvZGF0YScKICB0ZW1wb3JhbDoKICAgIGltYWdlOiAndGVtcG9yYWxpby9hdXRvLXNldHVwOjEuMjAuMCcKICAgIGVudmlyb25tZW50OgogICAgICAtIERCPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1JUPTU0MzIKICAgICAgLSBQT1NUR1JFU19VU0VSPXBvc3Rob2cKICAgICAgLSBQT1NUR1JFU19QV0Q9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBQT1NUR1JFU19TRUVEUz1kYgogICAgICAtIERZTkFNSUNfQ09ORklHX0ZJTEVfUEFUSD1jb25maWcvZHluYW1pY2NvbmZpZy9kZXZlbG9wbWVudC1zcWwueWFtbAogICAgICAtIEVOQUJMRV9FUz10cnVlCiAgICAgIC0gRVNfU0VFRFM9ZWxhc3RpY3NlYXJjaAogICAgICAtIEVTX1ZFUlNJT049djcKICAgICAgLSBFTkFCTEVfRVM9ZmFsc2UKICAgIGRlcGVuZHNfb246CiAgICAgIGRiOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9kb2NrZXIvdGVtcG9yYWwvZHluYW1pY2NvbmZpZy9kZXZlbG9wbWVudC1zcWwueWFtbAogICAgICAgIHRhcmdldDogL2V0Yy90ZW1wb3JhbC9jb25maWcvZHluYW1pY2NvbmZpZy9kZXZlbG9wbWVudC1zcWwueWFtbAogICAgICAgIGNvbnRlbnQ6ICJsaW1pdC5tYXhJRExlbmd0aDpcbiAgICAtIHZhbHVlOiAyNTVcbiAgICAgIGNvbnN0cmFpbnRzOiB7fVxuc3lzdGVtLmZvcmNlU2VhcmNoQXR0cmlidXRlc0NhY2hlUmVmcmVzaE9uUmVhZDpcbiAgICAtIHZhbHVlOiBmYWxzZVxuICAgICAgY29uc3RyYWludHM6IHt9XG4iCiAgdGVtcG9yYWwtYWRtaW4tdG9vbHM6CiAgICBpbWFnZTogJ3RlbXBvcmFsaW8vYWRtaW4tdG9vbHM6MS4yMC4wJwogICAgZGVwZW5kc19vbjoKICAgICAgLSB0ZW1wb3JhbAogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1RFTVBPUkFMX0NMSV9BRERSRVNTPXRlbXBvcmFsOjcyMzMnCiAgICBzdGRpbl9vcGVuOiB0cnVlCiAgICB0dHk6IHRydWUKICB0ZW1wb3JhbC11aToKICAgIGltYWdlOiAndGVtcG9yYWxpby91aToyLjEwLjMnCiAgICBkZXBlbmRzX29uOgogICAgICAtIHRlbXBvcmFsCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnVEVNUE9SQUxfQUREUkVTUz10ZW1wb3JhbDo3MjMzJwogICAgICAtICdURU1QT1JBTF9DT1JTX09SSUdJTlM9aHR0cDovL2xvY2FsaG9zdDozMDAwJwogIHRlbXBvcmFsLWRqYW5nby13b3JrZXI6CiAgICBpbWFnZTogJ3Bvc3Rob2cvcG9zdGhvZzpsYXRlc3QnCiAgICBjb21tYW5kOiAuL2Jpbi90ZW1wb3JhbC1kamFuZ28td29ya2VyCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBESVNBQkxFX1NFQ1VSRV9TU0xfUkVESVJFQ1Q9dHJ1ZQogICAgICAtIElTX0JFSElORF9QUk9YWT10cnVlCiAgICAgIC0gVFJVU1RfQUxMX1BST1hJRVM9dHJ1ZQogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly9wb3N0aG9nOiRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTQGRiOjU0MzIvcG9zdGhvZycKICAgICAgLSBDTElDS0hPVVNFX0hPU1Q9Y2xpY2tob3VzZQogICAgICAtIENMSUNLSE9VU0VfREFUQUJBU0U9cG9zdGhvZwogICAgICAtIENMSUNLSE9VU0VfU0VDVVJFPWZhbHNlCiAgICAgIC0gQ0xJQ0tIT1VTRV9WRVJJRlk9ZmFsc2UKICAgICAgLSBLQUZLQV9IT1NUUz1rYWZrYQogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9yZWRpczo2Mzc5LycKICAgICAgLSBQR0hPU1Q9ZGIKICAgICAgLSBQR1VTRVI9cG9zdGhvZwogICAgICAtIFBHUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBERVBMT1lNRU5UPWhvYmJ5CiAgICAgIC0gU0lURV9VUkw9JFNFUlZJQ0VfVVJMX1dFQgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfQkFTRTY0XzY0X1NFQ1JFVEtFWQogICAgICAtICdFTkNSWVBUSU9OX1NBTFRfS0VZUz0ke1NFUlZJQ0VfRU5DUllQVElPTl9TQUxUX0tFWVM6LTAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMDAwYmVlZjAwfScKICAgICAgLSBURU1QT1JBTF9IT1NUPXRlbXBvcmFsCiAgICBkZXBlbmRzX29uOgogICAgICAtIGRiCiAgICAgIC0gcmVkaXMKICAgICAgLSBjbGlja2hvdXNlCiAgICAgIC0ga2Fma2EKICAgICAgLSBvYmplY3Rfc3RvcmFnZQogICAgICAtIHRlbXBvcmFsCg==",
-        "tags": [
-            "analytics",
-            "product",
-            "open-source",
-            "self-hosted",
-            "ab-testing",
-            "event-tracking"
-        ],
-        "category": "analytics",
-        "logo": "svgs/posthog.svg",
-        "minversion": "4.0.0-beta.222"
-    },
     "postiz": {
         "documentation": "https://docs.postiz.com?utm_source=coolify.io",
         "slogan": "Open source social media scheduling tool.",
diff --git a/templates/service-templates.json b/templates/service-templates.json
index 34154ad0f..00df910e2 100644
--- a/templates/service-templates.json
+++ b/templates/service-templates.json
@@ -3165,22 +3165,6 @@
         "minversion": "0.0.0",
         "port": "9000"
     },
-    "posthog": {
-        "documentation": "https://posthog.com?utm_source=coolify.io",
-        "slogan": "The single platform to analyze, test, observe, and deploy new features",
-        "compose": "c2VydmljZXM6CiAgZGI6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjEyLWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3Rob2ctcG9zdGdyZXMtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPXBvc3Rob2cKICAgICAgLSBQT1NUR1JFU19EQj1wb3N0aG9nCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSBwb3N0aG9nJwogICAgICBpbnRlcnZhbDogMnMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDE1CiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOjYuMi43LWFscGluZScKICAgIGNvbW1hbmQ6ICdyZWRpcy1zZXJ2ZXIgLS1tYXhtZW1vcnktcG9saWN5IGFsbGtleXMtbHJ1IC0tbWF4bWVtb3J5IDIwMG1iJwogIGNsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjMuMTEuMi4xMS1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlLmpzb24KICAgICAgICBjb250ZW50OiAie1xuICBcIiRzY2hlbWFcIjogXCJodHRwczovL2pzb24tc2NoZW1hLm9yZy9kcmFmdC8yMDIwLTEyL3NjaGVtYVwiLFxuICBcIiRpZFwiOiBcImZpbGU6Ly9wb3N0aG9nL2lkbC9ldmVudHNfZGVhZF9sZXR0ZXJfcXVldWUuanNvblwiLFxuICBcInRpdGxlXCI6IFwiZXZlbnRzX2RlYWRfbGV0dGVyX3F1ZXVlXCIsXG4gIFwiZGVzY3JpcHRpb25cIjogXCJFdmVudHMgdGhhdCBmYWlsZWQgdG8gYmUgdmFsaWRhdGVkIG9yIHByb2Nlc3NlZCBhbmQgYXJlIHNlbnQgdG8gdGhlIERMUVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJ1dWlkIGZvciB0aGUgc3VibWlzc2lvblwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJldmVudF91dWlkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidXVpZCBmb3IgdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImV2ZW50XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiZXZlbnQgdHlwZVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIHRoZSBwcm9wZXJ0aWVzIGpzb24gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImRpc3RpbmN0X2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiUG9zdEhvZyBkaXN0aW5jdF9pZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidGVhbV9pZCAobWFwcyB0byB0aGUgcHJvamVjdCB1bmRlciB0aGUgb3JnYW5pemF0aW9uKVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJlbGVtZW50c19jaGFpblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGF1dG9jYXB0dXJlLiBET00gZWxlbWVudCBoaWVyYXJjaHlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGF1dG9jYXB0dXJlLiBET00gZWxlbWVudCBoaWVyYXJjaHlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiaXBcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJJUCBBZGRyZXNzIG9mIHRoZSBhc3NvY2lhdGVkIHdpdGggdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInNpdGVfdXJsXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU2l0ZSBVUkwgYXNzb2NpYXRlZCB3aXRoIHRoZSBldmVudCB0aGUgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwibm93XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIG9mIHRoZSBETFEgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwicmF3X3BheWxvYWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJSYXcgcGF5bG9hZCBvZiB0aGUgZXZlbnQgdGhhdCBmYWlsZWQgdG8gYmUgY29uc3VtZWRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiZXJyb3JfdGltZXN0YW1wXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIHRoYXQgdGhlIGVycm9yIG9mIGluZ2VzdGlvbiBvY2N1cnJlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJlcnJvcl9sb2NhdGlvblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlNvdXJjZSBvZiBlcnJvciBpZiBrbm93blwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJlcnJvclwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkVycm9yIGlmIGtub3duXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInRhZ3NcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUYWdzIGFzc29jaWF0ZWQgd2l0aCB0aGUgZXJyb3Igb3IgZXZlbnRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJhcnJheVwiLFxuICAgICAgICAgIFwiaXRlbXNcIjoge1xuICAgICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICAgIH1cbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJyYXdfcGF5bG9hZFwiXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvZXZlbnRzX2pzb24uanNvbgogICAgICAgIHRhcmdldDogL2lkbC9ldmVudHNfanNvbi5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgXCIkc2NoZW1hXCI6IFwiaHR0cHM6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQvMjAyMC0xMi9zY2hlbWFcIixcbiAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvZXZlbnRzX2pzb24uanNvblwiLFxuICBcInRpdGxlXCI6IFwiZXZlbnRzX2pzb25cIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIkV2ZW50IHNjaGVtYSB0aGF0IGlzIGRlc3RpbmVkIGZvciBDbGlja0hvdXNlXCIsXG4gIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgXCJ1dWlkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidXVpZCBmb3IgdGhlIGV2ZW50XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImV2ZW50XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiZXZlbnQgdHlwZVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIHRoZSBwcm9wZXJ0aWVzIGpzb24gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInRpbWVzdGFtcFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlRpbWVzdGFtcCB0aGF0IHRoZSBldmVudCBvY2N1cnJlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwidGVhbV9pZCAobWFwcyB0byB0aGUgcHJvamVjdCB1bmRlciB0aGUgb3JnYW5pemF0aW9uKVwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJkaXN0aW5jdF9pZFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlBvc3RIb2cgZGlzdGluY3RfaWRcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiZWxlbWVudHNfY2hhaW5cIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VkIGZvciBhdXRvY2FwdHVyZS4gRE9NIGVsZW1lbnQgaGllcmFyY2h5XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImNyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUaW1lc3RhbXAgd2hlbiBldmVudCB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIGZvciB0aGUgYXNzb2NpYXRlZCBwZXJzb24gaWYgYXZhaWxhYmxlXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcInBlcnNvbl9jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGltZXN0YW1wIGZvciB3aGVuIHRoZSBhc3NvY2lhdGVkIHBlcnNvbiB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25fcHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiB0aGUgcGVyc29uIEpTT04gb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMF9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMV9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMl9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwM19wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwNF9wcm9wZXJ0aWVzXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiU3RyaW5nIHJlcHJlc2VudGF0aW9uIG9mIGEgZ3JvdXAncyBwcm9wZXJ0aWVzXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwMF9jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAncyBjcmVhdGlvbiB0aW1lc3RhbXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXAxX2NyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCdzIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJncm91cDJfY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkdyb3VwJ3MgY3JlYXRpb24gdGltZXN0YW1wXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcImdyb3VwM19jcmVhdGVkX2F0XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAncyBjcmVhdGlvbiB0aW1lc3RhbXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXA0X2NyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCdzIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9XG4gIH0sXG4gIFwicmVxdWlyZWRcIjogW1widXVpZFwiLCBcImV2ZW50XCIsIFwicHJvcGVydGllc1wiLCBcInRpbWVzdGFtcFwiLCBcInRlYW1faWRcIl1cbn1cbiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vaWRsL2dyb3Vwcy5qc29uCiAgICAgICAgdGFyZ2V0OiAvaWRsL2dyb3Vwcy5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgXCIkc2NoZW1hXCI6IFwiaHR0cHM6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQvMjAyMC0xMi9zY2hlbWFcIixcbiAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvZ3JvdXBzLmpzb25cIixcbiAgXCJ0aXRsZVwiOiBcImdyb3Vwc1wiLFxuICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXBzIHNjaGVtYSB0aGF0IGlzIGRlc3RpbmVkIGZvciBDbGlja0hvdXNlXCIsXG4gIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgXCJncm91cF90eXBlX2luZGV4XCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiR3JvdXAgdHlwZSBpbmRleFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJncm91cF9rZXlcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJHcm91cCBLZXlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwiY3JlYXRlZF9hdFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkdyb3VwIGNyZWF0aW9uIHRpbWVzdGFtcFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGVhbSBJRCBhc3NvY2lhdGVkIHdpdGggZ3JvdXBcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwiZ3JvdXBfcHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiBncm91cCBKU09OIHByb3BlcnRpZXMgb2JqZWN0XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJncm91cF90eXBlX2luZGV4XCIsIFwiZ3JvdXBfa2V5XCIsIFwiY3JlYXRlZF9hdFwiLCBcInRlYW1faWRcIiwgXCJncm91cF9wcm9wZXJ0aWVzXCJdXG59XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9pZGwubWQKICAgICAgICB0YXJnZXQ6IC9pZGwvaWRsLm1kCiAgICAgICAgY29udGVudDogIiMgSURMIC0gSW50ZXJmYWNlIERlZmluaXRpb24gTGFuZ3VhZ2VcblxuVGhpcyBkaXJlY3RvcnkgaXMgcmVzcG9uc2libGUgZm9yIGRlZmluaW5nIHRoZSBzY2hlbWFzIG9mIHRoZSBkYXRhIGJldHdlZW4gc2VydmljZXMuXG5QcmltYXJpbHkgdGhpcyB3aWxsIGJlIGJldHdlZW4gc2VydmljZXMgYW5kIENsaWNrSG91c2UsIGJ1dCBjYW4gYmUgcmVhbGx5IGFueSB0aGluZyBhdCB0aGUgYm91bmRyeSBvZiBzZXJ2aWNlcy5cblxuVGhlIHJlYXNvbiB3aHkgd2UgZG8gdGhpcyBpcyBiZWNhdXNlIGl0IG1ha2VzIGdlbmVyYXRpbmcgY29kZSwgdmFsaWRhdGluZyBkYXRhLCBhbmQgdW5kZXJzdGFuZGluZyB0aGUgc3lzdGVtIGEgd2hvbGUgbG90IGVhc2llci4gV2UndmUgaGFkIGEgZmV3IGN1c3RvbWVycyByZXF1ZXN0IHRoaXMgb2YgdXMgZm9yIGVuZ2luZWVyaW5nIGEgZGVlcGVyIGludGVncmF0aW9uIHdpdGggdXMuXG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb24uanNvbgogICAgICAgIHRhcmdldDogL2lkbC9wZXJzb24uanNvbgogICAgICAgIGNvbnRlbnQ6ICJ7XG4gIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbi5qc29uXCIsXG4gIFwidGl0bGVcIjogXCJwZXJzb25cIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBzY2hlbWEgdGhhdCBpcyBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIGZvciB0aGUgcGVyc29uXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgIH0sXG4gICAgICBcImNyZWF0ZWRfYXRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJQZXJzb24gY3JlYXRpb24gdGltZXN0YW1wXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcInRlYW1faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUZWFtIElEIGFzc29jaWF0ZWQgd2l0aCBwZXJzb25cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfSxcbiAgICAgIFwicHJvcGVydGllc1wiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlN0cmluZyByZXByZXNlbnRhdGlvbiBvZiBwZXJzb24gSlNPTiBwcm9wZXJ0aWVzIG9iamVjdFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJpc19pZGVudGlmaWVkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGlkZW50aWZpZWQ/XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwiYm9vbGVhblwiXG4gICAgICB9LFxuICAgICAgXCJpc19kZWxldGVkXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGRlbGV0ZWQ/XCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwiYm9vbGVhblwiXG4gICAgICB9LFxuICAgICAgXCJ2ZXJzaW9uXCI6IHtcbiAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVmVyc2lvbiBmaWVsZCBmb3IgY29sbGFwc2luZyBsYXRlciAocHN1ZWRvLXRvbWJzdG9uZSlcIixcbiAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgfVxuICB9LFxuICBcInJlcXVpcmVkXCI6IFtcImlkXCIsIFwiY3JlYXRlZF9hdFwiLCBcInRlYW1faWRcIiwgXCJwcm9wZXJ0aWVzXCIsIFwiaXNfaWRlbnRpZmllZFwiLCBcImlzX2RlbGV0ZWRcIiwgXCJ2ZXJzaW9uXCJdXG59XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb25fZGlzdGluY3RfaWQuanNvbgogICAgICAgIHRhcmdldDogL2lkbC9wZXJzb25fZGlzdGluY3RfaWQuanNvbgogICAgICAgIGNvbnRlbnQ6ICJ7XG4gIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbl9kaXN0aW5jdF9pZC5qc29uXCIsXG4gIFwidGl0bGVcIjogXCJwZXJzb25fZGlzdGluY3RfaWRcIixcbiAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBkaXN0aW5jdCBpZCBzY2hlbWEgdGhhdCBpcyBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgXCJwcm9wZXJ0aWVzXCI6IHtcbiAgICAgIFwiZGlzdGluY3RfaWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VyIHByb3ZpZGVkIElEIGZvciB0aGUgZGlzdGluY3QgdXNlclwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICB9LFxuICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIG9mIHRoZSBwZXJzb25cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgfSxcbiAgICAgIFwidGVhbV9pZFwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlRlYW0gSUQgYXNzb2NpYXRlZCB3aXRoIHBlcnNvbl9kaXN0aW5jdF9pZFwiLFxuICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICB9LFxuICAgICAgXCJfc2lnblwiOiB7XG4gICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVzZWQgZm9yIGNvbGxhcHNpbmcgbGF0ZXIgZGlmZmVyZW50IHZlcnNpb25zIG9mIGEgZGlzdGluY3QgaWQgKHBzdWVkby10b21ic3RvbmUpXCIsXG4gICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgIH0sXG4gICAgICBcImlzX2RlbGV0ZWRcIjoge1xuICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJCb29sZWFuIGlzIHRoZSBwZXJzb24gZGlzdGluY3RfaWQgZGVsZXRlZD9cIixcbiAgICAgICAgICBcInR5cGVcIjogXCJib29sZWFuXCJcbiAgICAgIH1cbiAgfSxcbiAgXCJyZXF1aXJlZFwiOiBbXCJkaXN0aW5jdF9pZFwiLCBcInBlcnNvbl9pZFwiLCBcInRlYW1faWRcIiwgXCJfc2lnblwiLCBcImlzX2RlbGV0ZWRcIl1cbiB9XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2lkbC9wZXJzb25fZGlzdGluY3RfaWQyLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvcGVyc29uX2Rpc3RpbmN0X2lkMi5qc29uCiAgICAgICAgY29udGVudDogIntcbiAgICBcIiRzY2hlbWFcIjogXCJodHRwczovL2pzb24tc2NoZW1hLm9yZy9kcmFmdC8yMDIwLTEyL3NjaGVtYVwiLFxuICAgIFwiJGlkXCI6IFwiZmlsZTovL3Bvc3Rob2cvaWRsL3BlcnNvbl9kaXN0aW5jdF9pZDIuanNvblwiLFxuICAgIFwidGl0bGVcIjogXCJwZXJzb25fZGlzdGluY3RfaWQyXCIsXG4gICAgXCJkZXNjcmlwdGlvblwiOiBcIlBlcnNvbiBkaXN0aW5jdCBpZDIgc2NoZW1hIHRoYXQgaXMgZGVzdGluZWQgZm9yIENsaWNrSG91c2VcIixcbiAgICBcInR5cGVcIjogXCJvYmplY3RcIixcbiAgICBcInByb3BlcnRpZXNcIjoge1xuICAgICAgICBcImRpc3RpbmN0X2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVc2VyIHByb3ZpZGVkIElEIGZvciB0aGUgZGlzdGluY3QgdXNlclwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJwZXJzb25faWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVVSUQgb2YgdGhlIHBlcnNvblwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwic3RyaW5nXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJ0ZWFtX2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUZWFtIElEIGFzc29jaWF0ZWQgd2l0aCBwZXJzb25fZGlzdGluY3RfaWRcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwidmVyc2lvblwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVXNlZCBmb3IgY29sbGFwc2luZyBsYXRlciBkaWZmZXJlbnQgdmVyc2lvbnMgb2YgYSBkaXN0aW5jdCBpZCAocHN1ZWRvLXRvbWJzdG9uZSlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwiaXNfZGVsZXRlZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiQm9vbGVhbiBpcyB0aGUgcGVyc29uIGRpc3RpbmN0X2lkIGRlbGV0ZWQ/XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJib29sZWFuXCJcbiAgICAgICAgfVxuICAgIH0sXG4gICAgXCJyZXF1aXJlZFwiOiBbXCJkaXN0aW5jdF9pZFwiLCBcInBlcnNvbl9pZFwiLCBcInRlYW1faWRcIiwgXCJ2ZXJzaW9uXCIsIFwiaXNfZGVsZXRlZFwiXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb24KICAgICAgICB0YXJnZXQ6IC9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb24KICAgICAgICBjb250ZW50OiAie1xuICAgIFwiJHNjaGVtYVwiOiBcImh0dHBzOi8vanNvbi1zY2hlbWEub3JnL2RyYWZ0LzIwMjAtMTIvc2NoZW1hXCIsXG4gICAgXCIkaWRcIjogXCJmaWxlOi8vcG9zdGhvZy9pZGwvcGx1Z2luX2xvZ19lbnRyaWVzLmpzb25cIixcbiAgICBcInRpdGxlXCI6IFwicGx1Z2luX2xvZ19lbnRyaWVzXCIsXG4gICAgXCJkZXNjcmlwdGlvblwiOiBcIlBsdWdpbiBsb2cgZW50cmllcyB0aGF0IGFyZSBkZXN0aW5lZCBmb3IgQ2xpY2tIb3VzZVwiLFxuICAgIFwidHlwZVwiOiBcIm9iamVjdFwiLFxuICAgIFwicHJvcGVydGllc1wiOiB7XG4gICAgICAgIFwiaWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlVVSUQgZm9yIHRoZSBsb2cgZW50cnlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcInN0cmluZ1wiXG4gICAgICAgIH0sXG4gICAgICAgIFwidGVhbV9pZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiVGVhbSBJRCBhc3NvY2lhdGVkIHdpdGggcGVyc29uX2Rpc3RpbmN0X2lkXCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgICB9LFxuICAgICAgICBcInBsdWdpbl9pZFwiOiB7XG4gICAgICAgICAgICBcImRlc2NyaXB0aW9uXCI6IFwiUGx1Z2luIElEIGFzc29jaWF0ZWQgd2l0aCB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJudW1iZXJcIlxuICAgICAgICB9LFxuICAgICAgICBcInBsdWdpbl9jb25maWdfaWRcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlBsdWdpbiBDb25maWcgSUQgYXNzb2NpYXRlZCB3aXRoIHRoZSBsb2cgZW50cnlcIixcbiAgICAgICAgICAgIFwidHlwZVwiOiBcIm51bWJlclwiXG4gICAgICAgIH0sXG4gICAgICAgIFwidGltZXN0YW1wXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJUaW1lc3RhbXAgZm9yIHdoZW4gdGhlIGxvZyBlbnRyeSB3YXMgY3JlYXRlZFwiLFxuICAgICAgICAgICAgXCJ0eXBlXCI6IFwibnVtYmVyXCJcbiAgICAgICAgfSxcbiAgICAgICAgXCJzb3VyY2VcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIlNvdXJjZSBvZiB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcInR5cGVcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkxvZyBlbnRyeSB0eXBlXCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcIm1lc3NhZ2VcIjoge1xuICAgICAgICAgICAgXCJkZXNjcmlwdGlvblwiOiBcIkxvZyBlbnRyeSBib2R5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9LFxuICAgICAgICBcImluc3RhbmNlX2lkXCI6IHtcbiAgICAgICAgICAgIFwiZGVzY3JpcHRpb25cIjogXCJVVUlEIG9mIHRoZSBpbnN0YW5jZSB0aGF0IGdlbmVyYXRlZCB0aGUgbG9nIGVudHJ5XCIsXG4gICAgICAgICAgICBcInR5cGVcIjogXCJzdHJpbmdcIlxuICAgICAgICB9XG4gICAgfSxcbiAgICBcInJlcXVpcmVkXCI6IFtcbiAgICAgICAgXCJpZFwiLFxuICAgICAgICBcInRlYW1faWRcIixcbiAgICAgICAgXCJwbHVnaW5faWRcIixcbiAgICAgICAgXCJwbHVnaW5fY29uZmlnX2lkXCIsXG4gICAgICAgIFwidGltZXN0YW1wXCIsXG4gICAgICAgIFwic291cmNlXCIsXG4gICAgICAgIFwidHlwZVwiLFxuICAgICAgICBcIm1lc3NhZ2VcIixcbiAgICAgICAgXCJpbnN0YW5jZV9pZFwiXG4gICAgXVxufVxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9kb2NrZXIvY2xpY2tob3VzZS9kb2NrZXItZW50cnlwb2ludC1pbml0ZGIuZC9pbml0LWRiLnNoCiAgICAgICAgdGFyZ2V0OiAvZG9ja2VyLWVudHJ5cG9pbnQtaW5pdGRiLmQvaW5pdC1kYi5zaAogICAgICAgIGNvbnRlbnQ6ICIjIS9iaW4vYmFzaFxuc2V0IC1lXG5cbmNwIC1yIC9pZGwvKiAvdmFyL2xpYi9jbGlja2hvdXNlL2Zvcm1hdF9zY2hlbWFzL1xuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9kb2NrZXIvY2xpY2tob3VzZS9jb25maWcueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy54bWwKICAgICAgICBjb250ZW50OiAiPD94bWwgdmVyc2lvbj1cIjEuMFwiPz5cbjwhLS1cbiAgTk9URTogVXNlciBhbmQgcXVlcnkgbGV2ZWwgc2V0dGluZ3MgYXJlIHNldCB1cCBpbiBcInVzZXJzLnhtbFwiIGZpbGUuXG4gIElmIHlvdSBoYXZlIGFjY2lkZW50YWxseSBzcGVjaWZpZWQgdXNlci1sZXZlbCBzZXR0aW5ncyBoZXJlLCBzZXJ2ZXIgd29uJ3Qgc3RhcnQuXG4gIFlvdSBjYW4gZWl0aGVyIG1vdmUgdGhlIHNldHRpbmdzIHRvIHRoZSByaWdodCBwbGFjZSBpbnNpZGUgXCJ1c2Vycy54bWxcIiBmaWxlXG4gIG9yIGFkZCA8c2tpcF9jaGVja19mb3JfaW5jb3JyZWN0X3NldHRpbmdzPjE8L3NraXBfY2hlY2tfZm9yX2luY29ycmVjdF9zZXR0aW5ncz4gaGVyZS5cbi0tPlxuPHlhbmRleD5cbiAgICA8bG9nZ2VyPlxuICAgICAgICA8IS0tIFBvc3NpYmxlIGxldmVscyBbMV06XG5cbiAgICAgICAgICAtIG5vbmUgKHR1cm5zIG9mZiBsb2dnaW5nKVxuICAgICAgICAgIC0gZmF0YWxcbiAgICAgICAgICAtIGNyaXRpY2FsXG4gICAgICAgICAgLSBlcnJvclxuICAgICAgICAgIC0gd2FybmluZ1xuICAgICAgICAgIC0gbm90aWNlXG4gICAgICAgICAgLSBpbmZvcm1hdGlvblxuICAgICAgICAgIC0gZGVidWdcbiAgICAgICAgICAtIHRyYWNlXG4gICAgICAgICAgLSB0ZXN0IChub3QgZm9yIHByb2R1Y3Rpb24gdXNhZ2UpXG5cbiAgICAgICAgICAgIFsxXTpcbiAgICAgICAgaHR0cHM6Ly9naXRodWIuY29tL3BvY29wcm9qZWN0L3BvY28vYmxvYi9wb2NvLTEuOS40LXJlbGVhc2UvRm91bmRhdGlvbi9pbmNsdWRlL1BvY28vTG9nZ2VyLmgjTDEwNS1MMTE0XG4gICAgICAgIC0tPlxuICAgICAgICA8bGV2ZWw+dHJhY2U8L2xldmVsPlxuICAgICAgICA8bG9nPi92YXIvbG9nL2NsaWNraG91c2Utc2VydmVyL2NsaWNraG91c2Utc2VydmVyLmxvZzwvbG9nPlxuICAgICAgICA8ZXJyb3Jsb2c+L3Zhci9sb2cvY2xpY2tob3VzZS1zZXJ2ZXIvY2xpY2tob3VzZS1zZXJ2ZXIuZXJyLmxvZzwvZXJyb3Jsb2c+XG4gICAgICAgIDwhLS0gUm90YXRpb24gcG9saWN5XG4gICAgICAgICAgICBTZWVcbiAgICAgICAgaHR0cHM6Ly9naXRodWIuY29tL3BvY29wcm9qZWN0L3BvY28vYmxvYi9wb2NvLTEuOS40LXJlbGVhc2UvRm91bmRhdGlvbi9pbmNsdWRlL1BvY28vRmlsZUNoYW5uZWwuaCNMNTQtTDg1XG4gICAgICAgICAgLS0+XG4gICAgICAgIDxzaXplPjEwMDBNPC9zaXplPlxuICAgICAgICA8Y291bnQ+MTA8L2NvdW50PlxuICAgICAgICA8IS0tIDxjb25zb2xlPjE8L2NvbnNvbGU+IC0tPiA8IS0tIERlZmF1bHQgYmVoYXZpb3IgaXMgYXV0b2RldGVjdGlvbiAobG9nIHRvIGNvbnNvbGUgaWYgbm90IGRhZW1vbiBtb2RlXG4gICAgICAgIGFuZCBpcyB0dHkpIC0tPlxuXG4gICAgICAgIDwhLS0gUGVyIGxldmVsIG92ZXJyaWRlcyAobGVnYWN5KTpcblxuICAgICAgICBGb3IgZXhhbXBsZSB0byBzdXBwcmVzcyBsb2dnaW5nIG9mIHRoZSBDb25maWdSZWxvYWRlciB5b3UgY2FuIHVzZTpcbiAgICAgICAgTk9URTogbGV2ZWxzLmxvZ2dlciBpcyByZXNlcnZlZCwgc2VlIGJlbG93LlxuICAgICAgICAtLT5cbiAgICAgICAgPCEtLVxuICAgICAgICA8bGV2ZWxzPlxuICAgICAgICAgIDxDb25maWdSZWxvYWRlcj5ub25lPC9Db25maWdSZWxvYWRlcj5cbiAgICAgICAgPC9sZXZlbHM+XG4gICAgICAgIC0tPlxuXG4gICAgICAgIDwhLS0gUGVyIGxldmVsIG92ZXJyaWRlczpcblxuICAgICAgICBGb3IgZXhhbXBsZSB0byBzdXBwcmVzcyBsb2dnaW5nIG9mIHRoZSBSQkFDIGZvciBkZWZhdWx0IHVzZXIgeW91IGNhbiB1c2U6XG4gICAgICAgIChCdXQgcGxlYXNlIG5vdGUgdGhhdCB0aGUgbG9nZ2VyIG5hbWUgbWF5YmUgY2hhbmdlZCBmcm9tIHZlcnNpb24gdG8gdmVyc2lvbiwgZXZlbiBhZnRlciBtaW5vclxuICAgICAgICB1cGdyYWRlKVxuICAgICAgICAtLT5cbiAgICAgICAgPCEtLVxuICAgICAgICA8bGV2ZWxzPlxuICAgICAgICAgIDxsb2dnZXI+XG4gICAgICAgICAgICA8bmFtZT5Db250ZXh0QWNjZXNzIChkZWZhdWx0KTwvbmFtZT5cbiAgICAgICAgICAgIDxsZXZlbD5ub25lPC9sZXZlbD5cbiAgICAgICAgICA8L2xvZ2dlcj5cbiAgICAgICAgICA8bG9nZ2VyPlxuICAgICAgICAgICAgPG5hbWU+RGF0YWJhc2VPcmRpbmFyeSAodGVzdCk8L25hbWU+XG4gICAgICAgICAgICA8bGV2ZWw+bm9uZTwvbGV2ZWw+XG4gICAgICAgICAgPC9sb2dnZXI+XG4gICAgICAgIDwvbGV2ZWxzPlxuICAgICAgICAtLT5cbiAgICA8L2xvZ2dlcj5cblxuICAgIDwhLS0gQWRkIGhlYWRlcnMgdG8gcmVzcG9uc2UgaW4gb3B0aW9ucyByZXF1ZXN0LiBPUFRJT05TIG1ldGhvZCBpcyB1c2VkIGluIENPUlMgcHJlZmxpZ2h0XG4gICAgcmVxdWVzdHMuIC0tPlxuICAgIDwhLS0gSXQgaXMgb2ZmIGJ5IGRlZmF1bHQuIE5leHQgaGVhZGVycyBhcmUgb2JsaWdhdGUgZm9yIENPUlMuLS0+XG4gICAgPCEtLSBodHRwX29wdGlvbnNfcmVzcG9uc2U+XG4gICAgICAgIDxoZWFkZXI+XG4gICAgICAgICAgICA8bmFtZT5BY2Nlc3MtQ29udHJvbC1BbGxvdy1PcmlnaW48L25hbWU+XG4gICAgICAgICAgICA8dmFsdWU+KjwvdmFsdWU+XG4gICAgICAgIDwvaGVhZGVyPlxuICAgICAgICA8aGVhZGVyPlxuICAgICAgICAgICAgPG5hbWU+QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczwvbmFtZT5cbiAgICAgICAgICAgIDx2YWx1ZT5vcmlnaW4sIHgtcmVxdWVzdGVkLXdpdGg8L3ZhbHVlPlxuICAgICAgICA8L2hlYWRlcj5cbiAgICAgICAgPGhlYWRlcj5cbiAgICAgICAgICAgIDxuYW1lPkFjY2Vzcy1Db250cm9sLUFsbG93LU1ldGhvZHM8L25hbWU+XG4gICAgICAgICAgICA8dmFsdWU+UE9TVCwgR0VULCBPUFRJT05TPC92YWx1ZT5cbiAgICAgICAgPC9oZWFkZXI+XG4gICAgICAgIDxoZWFkZXI+XG4gICAgICAgICAgICA8bmFtZT5BY2Nlc3MtQ29udHJvbC1NYXgtQWdlPC9uYW1lPlxuICAgICAgICAgICAgPHZhbHVlPjg2NDAwPC92YWx1ZT5cbiAgICAgICAgPC9oZWFkZXI+XG4gICAgPC9odHRwX29wdGlvbnNfcmVzcG9uc2UgLS0+XG5cbiAgICA8IS0tIEl0IGlzIHRoZSBuYW1lIHRoYXQgd2lsbCBiZSBzaG93biBpbiB0aGUgY2xpY2tob3VzZS1jbGllbnQuXG4gICAgICAgIEJ5IGRlZmF1bHQsIGFueXRoaW5nIHdpdGggXCJwcm9kdWN0aW9uXCIgd2lsbCBiZSBoaWdobGlnaHRlZCBpbiByZWQgaW4gcXVlcnkgcHJvbXB0LlxuICAgIC0tPlxuICAgIDwhLS1kaXNwbGF5X25hbWU+cHJvZHVjdGlvbjwvZGlzcGxheV9uYW1lLS0+XG5cbiAgICA8IS0tIFBvcnQgZm9yIEhUVFAgQVBJLiBTZWUgYWxzbyAnaHR0cHNfcG9ydCcgZm9yIHNlY3VyZSBjb25uZWN0aW9ucy5cbiAgICAgICAgVGhpcyBpbnRlcmZhY2UgaXMgYWxzbyB1c2VkIGJ5IE9EQkMgYW5kIEpEQkMgZHJpdmVycyAoRGF0YUdyaXAsIERiZWF2ZXIsIC4uLilcbiAgICAgICAgYW5kIGJ5IG1vc3Qgb2Ygd2ViIGludGVyZmFjZXMgKGVtYmVkZGVkIFVJLCBHcmFmYW5hLCBSZWRhc2gsIC4uLikuXG4gICAgICAtLT5cbiAgICA8aHR0cF9wb3J0PjgxMjM8L2h0dHBfcG9ydD5cblxuICAgIDwhLS0gUG9ydCBmb3IgaW50ZXJhY3Rpb24gYnkgbmF0aXZlIHByb3RvY29sIHdpdGg6XG4gICAgICAgIC0gY2xpY2tob3VzZS1jbGllbnQgYW5kIG90aGVyIG5hdGl2ZSBDbGlja0hvdXNlIHRvb2xzIChjbGlja2hvdXNlLWJlbmNobWFyaywgY2xpY2tob3VzZS1jb3BpZXIpO1xuICAgICAgICAtIGNsaWNraG91c2Utc2VydmVyIHdpdGggb3RoZXIgY2xpY2tob3VzZS1zZXJ2ZXJzIGZvciBkaXN0cmlidXRlZCBxdWVyeSBwcm9jZXNzaW5nO1xuICAgICAgICAtIENsaWNrSG91c2UgZHJpdmVycyBhbmQgYXBwbGljYXRpb25zIHN1cHBvcnRpbmcgbmF0aXZlIHByb3RvY29sXG4gICAgICAgICh0aGlzIHByb3RvY29sIGlzIGFsc28gaW5mb3JtYWxseSBjYWxsZWQgYXMgXCJ0aGUgVENQIHByb3RvY29sXCIpO1xuICAgICAgICBTZWUgYWxzbyAndGNwX3BvcnRfc2VjdXJlJyBmb3Igc2VjdXJlIGNvbm5lY3Rpb25zLlxuICAgIC0tPlxuICAgIDx0Y3BfcG9ydD45MDAwPC90Y3BfcG9ydD5cblxuICAgIDwhLS0gQ29tcGF0aWJpbGl0eSB3aXRoIE15U1FMIHByb3RvY29sLlxuICAgICAgICBDbGlja0hvdXNlIHdpbGwgcHJldGVuZCB0byBiZSBNeVNRTCBmb3IgYXBwbGljYXRpb25zIGNvbm5lY3RpbmcgdG8gdGhpcyBwb3J0LlxuICAgIC0tPlxuICAgIDxteXNxbF9wb3J0PjkwMDQ8L215c3FsX3BvcnQ+XG5cbiAgICA8IS0tIENvbXBhdGliaWxpdHkgd2l0aCBQb3N0Z3JlU1FMIHByb3RvY29sLlxuICAgICAgICBDbGlja0hvdXNlIHdpbGwgcHJldGVuZCB0byBiZSBQb3N0Z3JlU1FMIGZvciBhcHBsaWNhdGlvbnMgY29ubmVjdGluZyB0byB0aGlzIHBvcnQuXG4gICAgLS0+XG4gICAgPHBvc3RncmVzcWxfcG9ydD45MDA1PC9wb3N0Z3Jlc3FsX3BvcnQ+XG5cbiAgICA8IS0tIEhUVFAgQVBJIHdpdGggVExTIChIVFRQUykuXG4gICAgICAgIFlvdSBoYXZlIHRvIGNvbmZpZ3VyZSBjZXJ0aWZpY2F0ZSB0byBlbmFibGUgdGhpcyBpbnRlcmZhY2UuXG4gICAgICAgIFNlZSB0aGUgb3BlblNTTCBzZWN0aW9uIGJlbG93LlxuICAgIC0tPlxuICAgIDxodHRwc19wb3J0Pjg0NDM8L2h0dHBzX3BvcnQ+XG5cbiAgICA8IS0tIE5hdGl2ZSBpbnRlcmZhY2Ugd2l0aCBUTFMuXG4gICAgICAgIFlvdSBoYXZlIHRvIGNvbmZpZ3VyZSBjZXJ0aWZpY2F0ZSB0byBlbmFibGUgdGhpcyBpbnRlcmZhY2UuXG4gICAgICAgIFNlZSB0aGUgb3BlblNTTCBzZWN0aW9uIGJlbG93LlxuICAgIC0tPlxuICAgIDx0Y3BfcG9ydF9zZWN1cmU+OTQ0MDwvdGNwX3BvcnRfc2VjdXJlPlxuXG4gICAgPCEtLSBOYXRpdmUgaW50ZXJmYWNlIHdyYXBwZWQgd2l0aCBQUk9YWXYxIHByb3RvY29sXG4gICAgICAgIFBST1hZdjEgaGVhZGVyIHNlbnQgZm9yIGV2ZXJ5IGNvbm5lY3Rpb24uXG4gICAgICAgIENsaWNrSG91c2Ugd2lsbCBleHRyYWN0IGluZm9ybWF0aW9uIGFib3V0IHByb3h5LWZvcndhcmRlZCBjbGllbnQgYWRkcmVzcyBmcm9tIHRoZSBoZWFkZXIuXG4gICAgLS0+XG4gICAgPCEtLSA8dGNwX3dpdGhfcHJveHlfcG9ydD45MDExPC90Y3Bfd2l0aF9wcm94eV9wb3J0PiAtLT5cblxuICAgIDwhLS0gUG9ydCBmb3IgY29tbXVuaWNhdGlvbiBiZXR3ZWVuIHJlcGxpY2FzLiBVc2VkIGZvciBkYXRhIGV4Y2hhbmdlLlxuICAgICAgICBJdCBwcm92aWRlcyBsb3ctbGV2ZWwgZGF0YSBhY2Nlc3MgYmV0d2VlbiBzZXJ2ZXJzLlxuICAgICAgICBUaGlzIHBvcnQgc2hvdWxkIG5vdCBiZSBhY2Nlc3NpYmxlIGZyb20gdW50cnVzdGVkIG5ldHdvcmtzLlxuICAgICAgICBTZWUgYWxzbyAnaW50ZXJzZXJ2ZXJfaHR0cF9jcmVkZW50aWFscycuXG4gICAgICAgIERhdGEgdHJhbnNmZXJyZWQgb3ZlciBjb25uZWN0aW9ucyB0byB0aGlzIHBvcnQgc2hvdWxkIG5vdCBnbyB0aHJvdWdoIHVudHJ1c3RlZCBuZXR3b3Jrcy5cbiAgICAgICAgU2VlIGFsc28gJ2ludGVyc2VydmVyX2h0dHBzX3BvcnQnLlxuICAgICAgLS0+XG4gICAgPGludGVyc2VydmVyX2h0dHBfcG9ydD45MDA5PC9pbnRlcnNlcnZlcl9odHRwX3BvcnQ+XG5cbiAgICA8IS0tIFBvcnQgZm9yIGNvbW11bmljYXRpb24gYmV0d2VlbiByZXBsaWNhcyB3aXRoIFRMUy5cbiAgICAgICAgWW91IGhhdmUgdG8gY29uZmlndXJlIGNlcnRpZmljYXRlIHRvIGVuYWJsZSB0aGlzIGludGVyZmFjZS5cbiAgICAgICAgU2VlIHRoZSBvcGVuU1NMIHNlY3Rpb24gYmVsb3cuXG4gICAgICAgIFNlZSBhbHNvICdpbnRlcnNlcnZlcl9odHRwX2NyZWRlbnRpYWxzJy5cbiAgICAgIC0tPlxuICAgIDwhLS0gPGludGVyc2VydmVyX2h0dHBzX3BvcnQ+OTAxMDwvaW50ZXJzZXJ2ZXJfaHR0cHNfcG9ydD4gLS0+XG5cbiAgICA8IS0tIEhvc3RuYW1lIHRoYXQgaXMgdXNlZCBieSBvdGhlciByZXBsaWNhcyB0byByZXF1ZXN0IHRoaXMgc2VydmVyLlxuICAgICAgICBJZiBub3Qgc3BlY2lmaWVkLCB0aGFuIGl0IGlzIGRldGVybWluZWQgYW5hbG9nb3VzIHRvICdob3N0bmFtZSAtZicgY29tbWFuZC5cbiAgICAgICAgVGhpcyBzZXR0aW5nIGNvdWxkIGJlIHVzZWQgdG8gc3dpdGNoIHJlcGxpY2F0aW9uIHRvIGFub3RoZXIgbmV0d29yayBpbnRlcmZhY2VcbiAgICAgICAgKHRoZSBzZXJ2ZXIgbWF5IGJlIGNvbm5lY3RlZCB0byBtdWx0aXBsZSBuZXR3b3JrcyB2aWEgbXVsdGlwbGUgYWRkcmVzc2VzKVxuICAgICAgLS0+XG5cbiAgICA8IS0tXG4gICAgPGludGVyc2VydmVyX2h0dHBfaG9zdD5leGFtcGxlLnlhbmRleC5ydTwvaW50ZXJzZXJ2ZXJfaHR0cF9ob3N0PlxuICAgIC0tPlxuXG4gICAgPCEtLSBZb3UgY2FuIHNwZWNpZnkgY3JlZGVudGlhbHMgZm9yIGF1dGhlbnRoaWNhdGlvbiBiZXR3ZWVuIHJlcGxpY2FzLlxuICAgICAgICBUaGlzIGlzIHJlcXVpcmVkIHdoZW4gaW50ZXJzZXJ2ZXJfaHR0cHNfcG9ydCBpcyBhY2Nlc3NpYmxlIGZyb20gdW50cnVzdGVkIG5ldHdvcmtzLFxuICAgICAgICBhbmQgYWxzbyByZWNvbW1lbmRlZCB0byBhdm9pZCBTU1JGIGF0dGFja3MgZnJvbSBwb3NzaWJseSBjb21wcm9taXNlZCBzZXJ2aWNlcyBpbiB5b3VyIG5ldHdvcmsuXG4gICAgICAtLT5cbiAgICA8IS0tPGludGVyc2VydmVyX2h0dHBfY3JlZGVudGlhbHM+XG4gICAgICAgIDx1c2VyPmludGVyc2VydmVyPC91c2VyPlxuICAgICAgICA8cGFzc3dvcmQ+PC9wYXNzd29yZD5cbiAgICA8L2ludGVyc2VydmVyX2h0dHBfY3JlZGVudGlhbHM+LS0+XG5cbiAgICA8IS0tIExpc3RlbiBzcGVjaWZpZWQgYWRkcmVzcy5cbiAgICAgICAgVXNlIDo6ICh3aWxkY2FyZCBJUHY2IGFkZHJlc3MpLCBpZiB5b3Ugd2FudCB0byBhY2NlcHQgY29ubmVjdGlvbnMgYm90aCB3aXRoIElQdjQgYW5kIElQdjYgZnJvbVxuICAgIGV2ZXJ5d2hlcmUuXG4gICAgICAgIE5vdGVzOlxuICAgICAgICBJZiB5b3Ugb3BlbiBjb25uZWN0aW9ucyBmcm9tIHdpbGRjYXJkIGFkZHJlc3MsIG1ha2Ugc3VyZSB0aGF0IGF0IGxlYXN0IG9uZSBvZiB0aGUgZm9sbG93aW5nXG4gICAgbWVhc3VyZXMgYXBwbGllZDpcbiAgICAgICAgLSBzZXJ2ZXIgaXMgcHJvdGVjdGVkIGJ5IGZpcmV3YWxsIGFuZCBub3QgYWNjZXNzaWJsZSBmcm9tIHVudHJ1c3RlZCBuZXR3b3JrcztcbiAgICAgICAgLSBhbGwgdXNlcnMgYXJlIHJlc3RyaWN0ZWQgdG8gc3Vic2V0IG9mIG5ldHdvcmsgYWRkcmVzc2VzIChzZWUgdXNlcnMueG1sKTtcbiAgICAgICAgLSBhbGwgdXNlcnMgaGF2ZSBzdHJvbmcgcGFzc3dvcmRzLCBvbmx5IHNlY3VyZSAoVExTKSBpbnRlcmZhY2VzIGFyZSBhY2Nlc3NpYmxlLCBvciBjb25uZWN0aW9ucyBhcmVcbiAgICBvbmx5IG1hZGUgdmlhIFRMUyBpbnRlcmZhY2VzLlxuICAgICAgICAtIHVzZXJzIHdpdGhvdXQgcGFzc3dvcmQgaGF2ZSByZWFkb25seSBhY2Nlc3MuXG4gICAgICAgIFNlZSBhbHNvOiBodHRwczovL3d3dy5zaG9kYW4uaW8vc2VhcmNoP3F1ZXJ5PWNsaWNraG91c2VcbiAgICAgIC0tPlxuICAgIDwhLS0gPGxpc3Rlbl9ob3N0Pjo6PC9saXN0ZW5faG9zdD4gLS0+XG5cblxuICAgIDwhLS0gU2FtZSBmb3IgaG9zdHMgd2l0aG91dCBzdXBwb3J0IGZvciBJUHY2OiAtLT5cbiAgICA8IS0tIDxsaXN0ZW5faG9zdD4wLjAuMC4wPC9saXN0ZW5faG9zdD4gLS0+XG5cbiAgICA8IS0tIERlZmF1bHQgdmFsdWVzIC0gdHJ5IGxpc3RlbiBsb2NhbGhvc3Qgb24gSVB2NCBhbmQgSVB2Ni4gLS0+XG4gICAgPCEtLVxuICAgIDxsaXN0ZW5faG9zdD46OjE8L2xpc3Rlbl9ob3N0PlxuICAgIDxsaXN0ZW5faG9zdD4xMjcuMC4wLjE8L2xpc3Rlbl9ob3N0PlxuICAgIC0tPlxuXG4gICAgPCEtLSBEb24ndCBleGl0IGlmIElQdjYgb3IgSVB2NCBuZXR3b3JrcyBhcmUgdW5hdmFpbGFibGUgd2hpbGUgdHJ5aW5nIHRvIGxpc3Rlbi4gLS0+XG4gICAgPCEtLSA8bGlzdGVuX3RyeT4wPC9saXN0ZW5fdHJ5PiAtLT5cblxuICAgIDwhLS0gQWxsb3cgbXVsdGlwbGUgc2VydmVycyB0byBsaXN0ZW4gb24gdGhlIHNhbWUgYWRkcmVzczpwb3J0LiBUaGlzIGlzIG5vdCByZWNvbW1lbmRlZC5cbiAgICAgIC0tPlxuICAgIDwhLS0gPGxpc3Rlbl9yZXVzZV9wb3J0PjA8L2xpc3Rlbl9yZXVzZV9wb3J0PiAtLT5cblxuICAgIDwhLS0gPGxpc3Rlbl9iYWNrbG9nPjQwOTY8L2xpc3Rlbl9iYWNrbG9nPiAtLT5cblxuICAgIDxtYXhfY29ubmVjdGlvbnM+NDA5NjwvbWF4X2Nvbm5lY3Rpb25zPlxuXG4gICAgPCEtLSBGb3IgJ0Nvbm5lY3Rpb246IGtlZXAtYWxpdmUnIGluIEhUVFAgMS4xIC0tPlxuICAgIDxrZWVwX2FsaXZlX3RpbWVvdXQ+Mzwva2VlcF9hbGl2ZV90aW1lb3V0PlxuXG4gICAgPCEtLSBnUlBDIHByb3RvY29sIChzZWUgc3JjL1NlcnZlci9ncnBjX3Byb3Rvcy9jbGlja2hvdXNlX2dycGMucHJvdG8gZm9yIHRoZSBBUEkpIC0tPlxuICAgIDwhLS0gPGdycGNfcG9ydD45MTAwPC9ncnBjX3BvcnQ+IC0tPlxuICAgIDxncnBjPlxuICAgICAgICA8ZW5hYmxlX3NzbD5mYWxzZTwvZW5hYmxlX3NzbD5cblxuICAgICAgICA8IS0tIFRoZSBmb2xsb3dpbmcgdHdvIGZpbGVzIGFyZSB1c2VkIG9ubHkgaWYgZW5hYmxlX3NzbD0xIC0tPlxuICAgICAgICA8c3NsX2NlcnRfZmlsZT4vcGF0aC90by9zc2xfY2VydF9maWxlPC9zc2xfY2VydF9maWxlPlxuICAgICAgICA8c3NsX2tleV9maWxlPi9wYXRoL3RvL3NzbF9rZXlfZmlsZTwvc3NsX2tleV9maWxlPlxuXG4gICAgICAgIDwhLS0gV2hldGhlciBzZXJ2ZXIgd2lsbCByZXF1ZXN0IGNsaWVudCBmb3IgYSBjZXJ0aWZpY2F0ZSAtLT5cbiAgICAgICAgPHNzbF9yZXF1aXJlX2NsaWVudF9hdXRoPmZhbHNlPC9zc2xfcmVxdWlyZV9jbGllbnRfYXV0aD5cblxuICAgICAgICA8IS0tIFRoZSBmb2xsb3dpbmcgZmlsZSBpcyB1c2VkIG9ubHkgaWYgc3NsX3JlcXVpcmVfY2xpZW50X2F1dGg9MSAtLT5cbiAgICAgICAgPHNzbF9jYV9jZXJ0X2ZpbGU+L3BhdGgvdG8vc3NsX2NhX2NlcnRfZmlsZTwvc3NsX2NhX2NlcnRfZmlsZT5cblxuICAgICAgICA8IS0tIERlZmF1bHQgdHJhbnNwb3J0IGNvbXByZXNzaW9uIHR5cGUgKGNhbiBiZSBvdmVycmlkZGVuIGJ5IGNsaWVudCwgc2VlIHRoZVxuICAgICAgICB0cmFuc3BvcnRfY29tcHJlc3Npb25fdHlwZSBmaWVsZCBpbiBRdWVyeUluZm8pLlxuICAgICAgICAgICAgU3VwcG9ydGVkIGFsZ29yaXRobXM6IG5vbmUsIGRlZmxhdGUsIGd6aXAsIHN0cmVhbV9nemlwIC0tPlxuICAgICAgICA8dHJhbnNwb3J0X2NvbXByZXNzaW9uX3R5cGU+bm9uZTwvdHJhbnNwb3J0X2NvbXByZXNzaW9uX3R5cGU+XG5cbiAgICAgICAgPCEtLSBEZWZhdWx0IHRyYW5zcG9ydCBjb21wcmVzc2lvbiBsZXZlbC4gU3VwcG9ydGVkIGxldmVsczogMC4uMyAtLT5cbiAgICAgICAgPHRyYW5zcG9ydF9jb21wcmVzc2lvbl9sZXZlbD4wPC90cmFuc3BvcnRfY29tcHJlc3Npb25fbGV2ZWw+XG5cbiAgICAgICAgPCEtLSBTZW5kL3JlY2VpdmUgbWVzc2FnZSBzaXplIGxpbWl0cyBpbiBieXRlcy4gLTEgbWVhbnMgdW5saW1pdGVkIC0tPlxuICAgICAgICA8bWF4X3NlbmRfbWVzc2FnZV9zaXplPi0xPC9tYXhfc2VuZF9tZXNzYWdlX3NpemU+XG4gICAgICAgIDxtYXhfcmVjZWl2ZV9tZXNzYWdlX3NpemU+LTE8L21heF9yZWNlaXZlX21lc3NhZ2Vfc2l6ZT5cblxuICAgICAgICA8IS0tIEVuYWJsZSBpZiB5b3Ugd2FudCB2ZXJ5IGRldGFpbGVkIGxvZ3MgLS0+XG4gICAgICAgIDx2ZXJib3NlX2xvZ3M+ZmFsc2U8L3ZlcmJvc2VfbG9ncz5cbiAgICA8L2dycGM+XG5cbiAgICA8IS0tIFVzZWQgd2l0aCBodHRwc19wb3J0IGFuZCB0Y3BfcG9ydF9zZWN1cmUuIEZ1bGwgc3NsIG9wdGlvbnMgbGlzdDpcbiAgICBodHRwczovL2dpdGh1Yi5jb20vQ2xpY2tIb3VzZS1FeHRyYXMvcG9jby9ibG9iL21hc3Rlci9OZXRTU0xfT3BlblNTTC9pbmNsdWRlL1BvY28vTmV0L1NTTE1hbmFnZXIuaCNMNzEgLS0+XG4gICAgPG9wZW5TU0w+XG4gICAgICAgIDxzZXJ2ZXI+IDwhLS0gVXNlZCBmb3IgaHR0cHMgc2VydmVyIEFORCBzZWN1cmUgdGNwIHBvcnQgLS0+XG4gICAgICAgICAgICA8IS0tIG9wZW5zc2wgcmVxIC1zdWJqIFwiL0NOPWxvY2FsaG9zdFwiIC1uZXcgLW5ld2tleSByc2E6MjA0OCAtZGF5cyAzNjUgLW5vZGVzIC14NTA5XG4gICAgICAgICAgICAta2V5b3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvc2VydmVyLmtleSAtb3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvc2VydmVyLmNydCAtLT5cbiAgICAgICAgICAgIDxjZXJ0aWZpY2F0ZUZpbGU+L2V0Yy9jbGlja2hvdXNlLXNlcnZlci9zZXJ2ZXIuY3J0PC9jZXJ0aWZpY2F0ZUZpbGU+XG4gICAgICAgICAgICA8cHJpdmF0ZUtleUZpbGU+L2V0Yy9jbGlja2hvdXNlLXNlcnZlci9zZXJ2ZXIua2V5PC9wcml2YXRlS2V5RmlsZT5cbiAgICAgICAgICAgIDwhLS0gZGhwYXJhbXMgYXJlIG9wdGlvbmFsLiBZb3UgY2FuIGRlbGV0ZSB0aGUgPGRoUGFyYW1zRmlsZT4gZWxlbWVudC5cbiAgICAgICAgICAgICAgICBUbyBnZW5lcmF0ZSBkaHBhcmFtcywgdXNlIHRoZSBmb2xsb3dpbmcgY29tbWFuZDpcbiAgICAgICAgICAgICAgICAgIG9wZW5zc2wgZGhwYXJhbSAtb3V0IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvZGhwYXJhbS5wZW0gNDA5NlxuICAgICAgICAgICAgICAgIE9ubHkgZmlsZSBmb3JtYXQgd2l0aCBCRUdJTiBESCBQQVJBTUVURVJTIGlzIHN1cHBvcnRlZC5cbiAgICAgICAgICAgICAgLS0+XG4gICAgICAgICAgICA8ZGhQYXJhbXNGaWxlPi9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvZGhwYXJhbS5wZW08L2RoUGFyYW1zRmlsZT5cbiAgICAgICAgICAgIDx2ZXJpZmljYXRpb25Nb2RlPm5vbmU8L3ZlcmlmaWNhdGlvbk1vZGU+XG4gICAgICAgICAgICA8bG9hZERlZmF1bHRDQUZpbGU+dHJ1ZTwvbG9hZERlZmF1bHRDQUZpbGU+XG4gICAgICAgICAgICA8Y2FjaGVTZXNzaW9ucz50cnVlPC9jYWNoZVNlc3Npb25zPlxuICAgICAgICAgICAgPGRpc2FibGVQcm90b2NvbHM+c3NsdjIsc3NsdjM8L2Rpc2FibGVQcm90b2NvbHM+XG4gICAgICAgICAgICA8cHJlZmVyU2VydmVyQ2lwaGVycz50cnVlPC9wcmVmZXJTZXJ2ZXJDaXBoZXJzPlxuICAgICAgICA8L3NlcnZlcj5cblxuICAgICAgICA8Y2xpZW50PiA8IS0tIFVzZWQgZm9yIGNvbm5lY3RpbmcgdG8gaHR0cHMgZGljdGlvbmFyeSBzb3VyY2UgYW5kIHNlY3VyZWQgWm9va2VlcGVyXG4gICAgICAgICAgICBjb21tdW5pY2F0aW9uIC0tPlxuICAgICAgICAgICAgPGxvYWREZWZhdWx0Q0FGaWxlPnRydWU8L2xvYWREZWZhdWx0Q0FGaWxlPlxuICAgICAgICAgICAgPGNhY2hlU2Vzc2lvbnM+dHJ1ZTwvY2FjaGVTZXNzaW9ucz5cbiAgICAgICAgICAgIDxkaXNhYmxlUHJvdG9jb2xzPnNzbHYyLHNzbHYzPC9kaXNhYmxlUHJvdG9jb2xzPlxuICAgICAgICAgICAgPHByZWZlclNlcnZlckNpcGhlcnM+dHJ1ZTwvcHJlZmVyU2VydmVyQ2lwaGVycz5cbiAgICAgICAgICAgIDwhLS0gVXNlIGZvciBzZWxmLXNpZ25lZDogPHZlcmlmaWNhdGlvbk1vZGU+bm9uZTwvdmVyaWZpY2F0aW9uTW9kZT4gLS0+XG4gICAgICAgICAgICA8aW52YWxpZENlcnRpZmljYXRlSGFuZGxlcj5cbiAgICAgICAgICAgICAgICA8IS0tIFVzZSBmb3Igc2VsZi1zaWduZWQ6IDxuYW1lPkFjY2VwdENlcnRpZmljYXRlSGFuZGxlcjwvbmFtZT4gLS0+XG4gICAgICAgICAgICAgICAgPG5hbWU+UmVqZWN0Q2VydGlmaWNhdGVIYW5kbGVyPC9uYW1lPlxuICAgICAgICAgICAgPC9pbnZhbGlkQ2VydGlmaWNhdGVIYW5kbGVyPlxuICAgICAgICA8L2NsaWVudD5cbiAgICA8L29wZW5TU0w+XG5cbiAgICA8IS0tIERlZmF1bHQgcm9vdCBwYWdlIG9uIGh0dHBbc10gc2VydmVyLiBGb3IgZXhhbXBsZSBsb2FkIFVJIGZyb20gaHR0cHM6Ly90YWJpeC5pby8gd2hlblxuICAgIG9wZW5pbmcgaHR0cDovL2xvY2FsaG9zdDo4MTIzIC0tPlxuICAgIDwhLS1cbiAgICA8aHR0cF9zZXJ2ZXJfZGVmYXVsdF9yZXNwb25zZT48IVtDREFUQVs8aHRtbCBuZy1hcHA9XCJTTUkyXCI+PGhlYWQ+PGJhc2VcbiAgICBocmVmPVwiaHR0cDovL3VpLnRhYml4LmlvL1wiPjwvaGVhZD48Ym9keT48ZGl2IHVpLXZpZXc9XCJcIiBjbGFzcz1cImNvbnRlbnQtdWlcIj48L2Rpdj48c2NyaXB0XG4gICAgc3JjPVwiaHR0cDovL2xvYWRlci50YWJpeC5pby9tYXN0ZXIuanNcIj48L3NjcmlwdD48L2JvZHk+PC9odG1sPl1dPjwvaHR0cF9zZXJ2ZXJfZGVmYXVsdF9yZXNwb25zZT5cbiAgICAtLT5cblxuICAgIDwhLS0gTWF4aW11bSBudW1iZXIgb2YgY29uY3VycmVudCBxdWVyaWVzLiAtLT5cbiAgICA8bWF4X2NvbmN1cnJlbnRfcXVlcmllcz4xMDA8L21heF9jb25jdXJyZW50X3F1ZXJpZXM+XG5cbiAgICA8IS0tIE1heGltdW0gbWVtb3J5IHVzYWdlIChyZXNpZGVudCBzZXQgc2l6ZSkgZm9yIHNlcnZlciBwcm9jZXNzLlxuICAgICAgICBaZXJvIHZhbHVlIG9yIHVuc2V0IG1lYW5zIGRlZmF1bHQuIERlZmF1bHQgaXMgXCJtYXhfc2VydmVyX21lbW9yeV91c2FnZV90b19yYW1fcmF0aW9cIiBvZiBhdmFpbGFibGVcbiAgICBwaHlzaWNhbCBSQU0uXG4gICAgICAgIElmIHRoZSB2YWx1ZSBpcyBsYXJnZXIgdGhhbiBcIm1heF9zZXJ2ZXJfbWVtb3J5X3VzYWdlX3RvX3JhbV9yYXRpb1wiIG9mIGF2YWlsYWJsZSBwaHlzaWNhbCBSQU0sIGl0XG4gICAgd2lsbCBiZSBjdXQgZG93bi5cblxuICAgICAgICBUaGUgY29uc3RyYWludCBpcyBjaGVja2VkIG9uIHF1ZXJ5IGV4ZWN1dGlvbiB0aW1lLlxuICAgICAgICBJZiBhIHF1ZXJ5IHRyaWVzIHRvIGFsbG9jYXRlIG1lbW9yeSBhbmQgdGhlIGN1cnJlbnQgbWVtb3J5IHVzYWdlIHBsdXMgYWxsb2NhdGlvbiBpcyBncmVhdGVyXG4gICAgICAgICAgdGhhbiBzcGVjaWZpZWQgdGhyZXNob2xkLCBleGNlcHRpb24gd2lsbCBiZSB0aHJvd24uXG5cbiAgICAgICAgSXQgaXMgbm90IHByYWN0aWNhbCB0byBzZXQgdGhpcyBjb25zdHJhaW50IHRvIHNtYWxsIHZhbHVlcyBsaWtlIGp1c3QgYSBmZXcgZ2lnYWJ5dGVzLFxuICAgICAgICAgIGJlY2F1c2UgbWVtb3J5IGFsbG9jYXRvciB3aWxsIGtlZXAgdGhpcyBhbW91bnQgb2YgbWVtb3J5IGluIGNhY2hlcyBhbmQgdGhlIHNlcnZlciB3aWxsIGRlbnkgc2VydmljZVxuICAgIG9mIHF1ZXJpZXMuXG4gICAgICAtLT5cbiAgICA8bWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2U+MDwvbWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2U+XG5cbiAgICA8IS0tIE1heGltdW0gbnVtYmVyIG9mIHRocmVhZHMgaW4gdGhlIEdsb2JhbCB0aHJlYWQgcG9vbC5cbiAgICBUaGlzIHdpbGwgZGVmYXVsdCB0byBhIG1heGltdW0gb2YgMTAwMDAgdGhyZWFkcyBpZiBub3Qgc3BlY2lmaWVkLlxuICAgIFRoaXMgc2V0dGluZyB3aWxsIGJlIHVzZWZ1bCBpbiBzY2VuYXJpb3Mgd2hlcmUgdGhlcmUgYXJlIGEgbGFyZ2UgbnVtYmVyXG4gICAgb2YgZGlzdHJpYnV0ZWQgcXVlcmllcyB0aGF0IGFyZSBydW5uaW5nIGNvbmN1cnJlbnRseSBidXQgYXJlIGlkbGluZyBtb3N0XG4gICAgb2YgdGhlIHRpbWUsIGluIHdoaWNoIGNhc2UgYSBoaWdoZXIgbnVtYmVyIG9mIHRocmVhZHMgbWlnaHQgYmUgcmVxdWlyZWQuXG4gICAgLS0+XG5cbiAgICA8bWF4X3RocmVhZF9wb29sX3NpemU+MTAwMDA8L21heF90aHJlYWRfcG9vbF9zaXplPlxuXG4gICAgPCEtLSBOdW1iZXIgb2Ygd29ya2VycyB0byByZWN5Y2xlIGNvbm5lY3Rpb25zIGluIGJhY2tncm91bmQgKHNlZSBhbHNvIGRyYWluX3RpbWVvdXQpLlxuICAgICAgICBJZiB0aGUgcG9vbCBpcyBmdWxsLCBjb25uZWN0aW9uIHdpbGwgYmUgZHJhaW5lZCBzeW5jaHJvbm91c2x5LiAtLT5cbiAgICA8IS0tIDxtYXhfdGhyZWFkc19mb3JfY29ubmVjdGlvbl9jb2xsZWN0b3I+MTA8L21heF90aHJlYWRzX2Zvcl9jb25uZWN0aW9uX2NvbGxlY3Rvcj4gLS0+XG5cbiAgICA8IS0tIE9uIG1lbW9yeSBjb25zdHJhaW5lZCBlbnZpcm9ubWVudHMgeW91IG1heSBoYXZlIHRvIHNldCB0aGlzIHRvIHZhbHVlIGxhcmdlciB0aGFuIDEuXG4gICAgICAtLT5cbiAgICA8bWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2VfdG9fcmFtX3JhdGlvPjAuOTwvbWF4X3NlcnZlcl9tZW1vcnlfdXNhZ2VfdG9fcmFtX3JhdGlvPlxuXG4gICAgPCEtLSBTaW1wbGUgc2VydmVyLXdpZGUgbWVtb3J5IHByb2ZpbGVyLiBDb2xsZWN0IGEgc3RhY2sgdHJhY2UgYXQgZXZlcnkgcGVhayBhbGxvY2F0aW9uIHN0ZXAgKGluXG4gICAgYnl0ZXMpLlxuICAgICAgICBEYXRhIHdpbGwgYmUgc3RvcmVkIGluIHN5c3RlbS50cmFjZV9sb2cgdGFibGUgd2l0aCBxdWVyeV9pZCA9IGVtcHR5IHN0cmluZy5cbiAgICAgICAgWmVybyBtZWFucyBkaXNhYmxlZC5cbiAgICAgIC0tPlxuICAgIDx0b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcD40MTk0MzA0PC90b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcD5cblxuICAgIDwhLS0gQ29sbGVjdCByYW5kb20gYWxsb2NhdGlvbnMgYW5kIGRlYWxsb2NhdGlvbnMgYW5kIHdyaXRlIHRoZW0gaW50byBzeXN0ZW0udHJhY2VfbG9nIHdpdGhcbiAgICAnTWVtb3J5U2FtcGxlJyB0cmFjZV90eXBlLlxuICAgICAgICBUaGUgcHJvYmFiaWxpdHkgaXMgZm9yIGV2ZXJ5IGFsbG9jL2ZyZWUgcmVnYXJkbGVzcyB0byB0aGUgc2l6ZSBvZiB0aGUgYWxsb2NhdGlvbi5cbiAgICAgICAgTm90ZSB0aGF0IHNhbXBsaW5nIGhhcHBlbnMgb25seSB3aGVuIHRoZSBhbW91bnQgb2YgdW50cmFja2VkIG1lbW9yeSBleGNlZWRzIHRoZSB1bnRyYWNrZWQgbWVtb3J5XG4gICAgbGltaXQsXG4gICAgICAgICAgd2hpY2ggaXMgNCBNaUIgYnkgZGVmYXVsdCBidXQgY2FuIGJlIGxvd2VyZWQgaWYgJ3RvdGFsX21lbW9yeV9wcm9maWxlcl9zdGVwJyBpcyBsb3dlcmVkLlxuICAgICAgICBZb3UgbWF5IHdhbnQgdG8gc2V0ICd0b3RhbF9tZW1vcnlfcHJvZmlsZXJfc3RlcCcgdG8gMSBmb3IgZXh0cmEgZmluZSBncmFpbmVkIHNhbXBsaW5nLlxuICAgICAgLS0+XG4gICAgPHRvdGFsX21lbW9yeV90cmFja2VyX3NhbXBsZV9wcm9iYWJpbGl0eT4wPC90b3RhbF9tZW1vcnlfdHJhY2tlcl9zYW1wbGVfcHJvYmFiaWxpdHk+XG5cbiAgICA8IS0tIFNldCBsaW1pdCBvbiBudW1iZXIgb2Ygb3BlbiBmaWxlcyAoZGVmYXVsdDogbWF4aW11bSkuIFRoaXMgc2V0dGluZyBtYWtlcyBzZW5zZSBvbiBNYWMgT1MgWFxuICAgIGJlY2F1c2UgZ2V0cmxpbWl0KCkgZmFpbHMgdG8gcmV0cmlldmVcbiAgICAgICAgY29ycmVjdCBtYXhpbXVtIHZhbHVlLiAtLT5cbiAgICA8IS0tIDxtYXhfb3Blbl9maWxlcz4yNjIxNDQ8L21heF9vcGVuX2ZpbGVzPiAtLT5cblxuICAgIDwhLS0gU2l6ZSBvZiBjYWNoZSBvZiB1bmNvbXByZXNzZWQgYmxvY2tzIG9mIGRhdGEsIHVzZWQgaW4gdGFibGVzIG9mIE1lcmdlVHJlZSBmYW1pbHkuXG4gICAgICAgIEluIGJ5dGVzLiBDYWNoZSBpcyBzaW5nbGUgZm9yIHNlcnZlci4gTWVtb3J5IGlzIGFsbG9jYXRlZCBvbmx5IG9uIGRlbWFuZC5cbiAgICAgICAgQ2FjaGUgaXMgdXNlZCB3aGVuICd1c2VfdW5jb21wcmVzc2VkX2NhY2hlJyB1c2VyIHNldHRpbmcgdHVybmVkIG9uIChvZmYgYnkgZGVmYXVsdCkuXG4gICAgICAgIFVuY29tcHJlc3NlZCBjYWNoZSBpcyBhZHZhbnRhZ2VvdXMgb25seSBmb3IgdmVyeSBzaG9ydCBxdWVyaWVzIGFuZCBpbiByYXJlIGNhc2VzLlxuXG4gICAgICAgIE5vdGU6IHVuY29tcHJlc3NlZCBjYWNoZSBjYW4gYmUgcG9pbnRsZXNzIGZvciBsejQsIGJlY2F1c2UgbWVtb3J5IGJhbmR3aWR0aFxuICAgICAgICBpcyBzbG93ZXIgdGhhbiBtdWx0aS1jb3JlIGRlY29tcHJlc3Npb24gb24gc29tZSBzZXJ2ZXIgY29uZmlndXJhdGlvbnMuXG4gICAgICAgIEVuYWJsaW5nIGl0IGNhbiBzb21ldGltZXMgcGFyYWRveGljYWxseSBtYWtlIHF1ZXJpZXMgc2xvd2VyLlxuICAgICAgLS0+XG4gICAgPHVuY29tcHJlc3NlZF9jYWNoZV9zaXplPjg1ODk5MzQ1OTI8L3VuY29tcHJlc3NlZF9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBBcHByb3hpbWF0ZSBzaXplIG9mIG1hcmsgY2FjaGUsIHVzZWQgaW4gdGFibGVzIG9mIE1lcmdlVHJlZSBmYW1pbHkuXG4gICAgICAgIEluIGJ5dGVzLiBDYWNoZSBpcyBzaW5nbGUgZm9yIHNlcnZlci4gTWVtb3J5IGlzIGFsbG9jYXRlZCBvbmx5IG9uIGRlbWFuZC5cbiAgICAgICAgWW91IHNob3VsZCBub3QgbG93ZXIgdGhpcyB2YWx1ZS5cbiAgICAgIC0tPlxuICAgIDxtYXJrX2NhY2hlX3NpemU+NTM2ODcwOTEyMDwvbWFya19jYWNoZV9zaXplPlxuXG5cbiAgICA8IS0tIElmIHlvdSBlbmFibGUgdGhlIGBtaW5fYnl0ZXNfdG9fdXNlX21tYXBfaW9gIHNldHRpbmcsXG4gICAgICAgIHRoZSBkYXRhIGluIE1lcmdlVHJlZSB0YWJsZXMgY2FuIGJlIHJlYWQgd2l0aCBtbWFwIHRvIGF2b2lkIGNvcHlpbmcgZnJvbSBrZXJuZWwgdG8gdXNlcnNwYWNlLlxuICAgICAgICBJdCBtYWtlcyBzZW5zZSBvbmx5IGZvciBsYXJnZSBmaWxlcyBhbmQgaGVscHMgb25seSBpZiBkYXRhIHJlc2lkZSBpbiBwYWdlIGNhY2hlLlxuICAgICAgICBUbyBhdm9pZCBmcmVxdWVudCBvcGVuL21tYXAvbXVubWFwL2Nsb3NlIGNhbGxzICh3aGljaCBhcmUgdmVyeSBleHBlbnNpdmUgZHVlIHRvIGNvbnNlcXVlbnQgcGFnZVxuICAgIGZhdWx0cylcbiAgICAgICAgYW5kIHRvIHJldXNlIG1hcHBpbmdzIGZyb20gc2V2ZXJhbCB0aHJlYWRzIGFuZCBxdWVyaWVzLFxuICAgICAgICB0aGUgY2FjaGUgb2YgbWFwcGVkIGZpbGVzIGlzIG1haW50YWluZWQuIEl0cyBzaXplIGlzIHRoZSBudW1iZXIgb2YgbWFwcGVkIHJlZ2lvbnMgKHVzdWFsbHkgZXF1YWwgdG9cbiAgICB0aGUgbnVtYmVyIG9mIG1hcHBlZCBmaWxlcykuXG4gICAgICAgIFRoZSBhbW91bnQgb2YgZGF0YSBpbiBtYXBwZWQgZmlsZXMgY2FuIGJlIG1vbml0b3JlZFxuICAgICAgICBpbiBzeXN0ZW0ubWV0cmljcywgc3lzdGVtLm1ldHJpY19sb2cgYnkgdGhlIE1NYXBwZWRGaWxlcywgTU1hcHBlZEZpbGVCeXRlcyBtZXRyaWNzXG4gICAgICAgIGFuZCBpbiBzeXN0ZW0uYXN5bmNocm9ub3VzX21ldHJpY3MsIHN5c3RlbS5hc3luY2hyb25vdXNfbWV0cmljc19sb2cgYnkgdGhlIE1NYXBDYWNoZUNlbGxzIG1ldHJpYyxcbiAgICAgICAgYW5kIGFsc28gaW4gc3lzdGVtLmV2ZW50cywgc3lzdGVtLnByb2Nlc3Nlcywgc3lzdGVtLnF1ZXJ5X2xvZywgc3lzdGVtLnF1ZXJ5X3RocmVhZF9sb2csXG4gICAgc3lzdGVtLnF1ZXJ5X3ZpZXdzX2xvZyBieSB0aGVcbiAgICAgICAgQ3JlYXRlZFJlYWRCdWZmZXJNTWFwLCBDcmVhdGVkUmVhZEJ1ZmZlck1NYXBGYWlsZWQsIE1NYXBwZWRGaWxlQ2FjaGVIaXRzLCBNTWFwcGVkRmlsZUNhY2hlTWlzc2VzXG4gICAgZXZlbnRzLlxuICAgICAgICBOb3RlIHRoYXQgdGhlIGFtb3VudCBvZiBkYXRhIGluIG1hcHBlZCBmaWxlcyBkb2VzIG5vdCBjb25zdW1lIG1lbW9yeSBkaXJlY3RseSBhbmQgaXMgbm90IGFjY291bnRlZFxuICAgICAgICBpbiBxdWVyeSBvciBzZXJ2ZXIgbWVtb3J5IHVzYWdlIC0gYmVjYXVzZSB0aGlzIG1lbW9yeSBjYW4gYmUgZGlzY2FyZGVkIHNpbWlsYXIgdG8gT1MgcGFnZSBjYWNoZS5cbiAgICAgICAgVGhlIGNhY2hlIGlzIGRyb3BwZWQgKHRoZSBmaWxlcyBhcmUgY2xvc2VkKSBhdXRvbWF0aWNhbGx5IG9uIHJlbW92YWwgb2Ygb2xkIHBhcnRzIGluIE1lcmdlVHJlZSxcbiAgICAgICAgYWxzbyBpdCBjYW4gYmUgZHJvcHBlZCBtYW51YWxseSBieSB0aGUgU1lTVEVNIERST1AgTU1BUCBDQUNIRSBxdWVyeS5cbiAgICAgIC0tPlxuICAgIDxtbWFwX2NhY2hlX3NpemU+MTAwMDwvbW1hcF9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBDYWNoZSBzaXplIGluIGJ5dGVzIGZvciBjb21waWxlZCBleHByZXNzaW9ucy4tLT5cbiAgICA8Y29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9zaXplPjEzNDIxNzcyODwvY29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9zaXplPlxuXG4gICAgPCEtLSBDYWNoZSBzaXplIGluIGVsZW1lbnRzIGZvciBjb21waWxlZCBleHByZXNzaW9ucy4tLT5cbiAgICA8Y29tcGlsZWRfZXhwcmVzc2lvbl9jYWNoZV9lbGVtZW50c19zaXplPjEwMDAwPC9jb21waWxlZF9leHByZXNzaW9uX2NhY2hlX2VsZW1lbnRzX3NpemU+XG5cbiAgICA8IS0tIFBhdGggdG8gZGF0YSBkaXJlY3RvcnksIHdpdGggdHJhaWxpbmcgc2xhc2guIC0tPlxuICAgIDxwYXRoPi92YXIvbGliL2NsaWNraG91c2UvPC9wYXRoPlxuXG4gICAgPCEtLSBQYXRoIHRvIHRlbXBvcmFyeSBkYXRhIGZvciBwcm9jZXNzaW5nIGhhcmQgcXVlcmllcy4gLS0+XG4gICAgPHRtcF9wYXRoPi92YXIvbGliL2NsaWNraG91c2UvdG1wLzwvdG1wX3BhdGg+XG5cbiAgICA8IS0tIFBvbGljeSBmcm9tIHRoZSA8c3RvcmFnZV9jb25maWd1cmF0aW9uPiBmb3IgdGhlIHRlbXBvcmFyeSBmaWxlcy5cbiAgICAgICAgSWYgbm90IHNldCA8dG1wX3BhdGg+IGlzIHVzZWQsIG90aGVyd2lzZSA8dG1wX3BhdGg+IGlzIGlnbm9yZWQuXG5cbiAgICAgICAgTm90ZXM6XG4gICAgICAgIC0gbW92ZV9mYWN0b3IgICAgICAgICAgICAgIGlzIGlnbm9yZWRcbiAgICAgICAgLSBrZWVwX2ZyZWVfc3BhY2VfYnl0ZXMgICAgaXMgaWdub3JlZFxuICAgICAgICAtIG1heF9kYXRhX3BhcnRfc2l6ZV9ieXRlcyBpcyBpZ25vcmVkXG4gICAgICAgIC0geW91IG11c3QgaGF2ZSBleGFjdGx5IG9uZSB2b2x1bWUgaW4gdGhhdCBwb2xpY3lcbiAgICAtLT5cbiAgICA8IS0tIDx0bXBfcG9saWN5PnRtcDwvdG1wX3BvbGljeT4gLS0+XG5cbiAgICA8IS0tIERpcmVjdG9yeSB3aXRoIHVzZXIgcHJvdmlkZWQgZmlsZXMgdGhhdCBhcmUgYWNjZXNzaWJsZSBieSAnZmlsZScgdGFibGUgZnVuY3Rpb24uIC0tPlxuICAgIDx1c2VyX2ZpbGVzX3BhdGg+L3Zhci9saWIvY2xpY2tob3VzZS91c2VyX2ZpbGVzLzwvdXNlcl9maWxlc19wYXRoPlxuXG4gICAgPCEtLSBMREFQIHNlcnZlciBkZWZpbml0aW9ucy4gLS0+XG4gICAgPGxkYXBfc2VydmVycz5cbiAgICAgICAgPCEtLSBMaXN0IExEQVAgc2VydmVycyB3aXRoIHRoZWlyIGNvbm5lY3Rpb24gcGFyYW1ldGVycyBoZXJlIHRvIGxhdGVyIDEpIHVzZSB0aGVtIGFzXG4gICAgICAgIGF1dGhlbnRpY2F0b3JzIGZvciBkZWRpY2F0ZWQgbG9jYWwgdXNlcnMsXG4gICAgICAgICAgICAgIHdobyBoYXZlICdsZGFwJyBhdXRoZW50aWNhdGlvbiBtZWNoYW5pc20gc3BlY2lmaWVkIGluc3RlYWQgb2YgJ3Bhc3N3b3JkJywgb3IgdG8gMikgdXNlIHRoZW0gYXNcbiAgICAgICAgcmVtb3RlIHVzZXIgZGlyZWN0b3JpZXMuXG4gICAgICAgICAgICBQYXJhbWV0ZXJzOlxuICAgICAgICAgICAgICAgIGhvc3QgLSBMREFQIHNlcnZlciBob3N0bmFtZSBvciBJUCwgdGhpcyBwYXJhbWV0ZXIgaXMgbWFuZGF0b3J5IGFuZCBjYW5ub3QgYmUgZW1wdHkuXG4gICAgICAgICAgICAgICAgcG9ydCAtIExEQVAgc2VydmVyIHBvcnQsIGRlZmF1bHQgaXMgNjM2IGlmIGVuYWJsZV90bHMgaXMgc2V0IHRvIHRydWUsIDM4OSBvdGhlcndpc2UuXG4gICAgICAgICAgICAgICAgYmluZF9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBETiB0byBiaW5kIHRvLlxuICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JyBzdWJzdHJpbmdzIG9mIHRoZSB0ZW1wbGF0ZSB3aXRoXG4gICAgICAgIHRoZSBhY3R1YWxcbiAgICAgICAgICAgICAgICAgICAgICAgIHVzZXIgbmFtZSBkdXJpbmcgZWFjaCBhdXRoZW50aWNhdGlvbiBhdHRlbXB0LlxuICAgICAgICAgICAgICAgIHVzZXJfZG5fZGV0ZWN0aW9uIC0gc2VjdGlvbiB3aXRoIExEQVAgc2VhcmNoIHBhcmFtZXRlcnMgZm9yIGRldGVjdGluZyB0aGUgYWN0dWFsIHVzZXIgRE4gb2YgdGhlXG4gICAgICAgIGJvdW5kIHVzZXIuXG4gICAgICAgICAgICAgICAgICAgICAgICBUaGlzIGlzIG1haW5seSB1c2VkIGluIHNlYXJjaCBmaWx0ZXJzIGZvciBmdXJ0aGVyIHJvbGUgbWFwcGluZyB3aGVuIHRoZSBzZXJ2ZXIgaXMgQWN0aXZlIERpcmVjdG9yeS5cbiAgICAgICAgVGhlXG4gICAgICAgICAgICAgICAgICAgICAgICByZXN1bHRpbmcgdXNlciBETiB3aWxsIGJlIHVzZWQgd2hlbiByZXBsYWNpbmcgJ3t1c2VyX2RufScgc3Vic3RyaW5ncyB3aGVyZXZlciB0aGV5IGFyZSBhbGxvd2VkLiBCeVxuICAgICAgICBkZWZhdWx0LFxuICAgICAgICAgICAgICAgICAgICAgICAgdXNlciBETiBpcyBzZXQgZXF1YWwgdG8gYmluZCBETiwgYnV0IG9uY2Ugc2VhcmNoIGlzIHBlcmZvcm1lZCwgaXQgd2lsbCBiZSB1cGRhdGVkIHdpdGggdG8gdGhlXG4gICAgICAgIGFjdHVhbCBkZXRlY3RlZFxuICAgICAgICAgICAgICAgICAgICAgICAgdXNlciBETiB2YWx1ZS5cbiAgICAgICAgICAgICAgICAgICAgYmFzZV9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBiYXNlIEROIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JyBhbmQgJ3tiaW5kX2RufScgc3Vic3RyaW5nc1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9mIHRoZSB0ZW1wbGF0ZSB3aXRoIHRoZSBhY3R1YWwgdXNlciBuYW1lIGFuZCBiaW5kIEROIGR1cmluZyB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgIHNjb3BlIC0gc2NvcGUgb2YgdGhlIExEQVAgc2VhcmNoLlxuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjY2VwdGVkIHZhbHVlcyBhcmU6ICdiYXNlJywgJ29uZV9sZXZlbCcsICdjaGlsZHJlbicsICdzdWJ0cmVlJyAodGhlIGRlZmF1bHQpLlxuICAgICAgICAgICAgICAgICAgICBzZWFyY2hfZmlsdGVyIC0gdGVtcGxhdGUgdXNlZCB0byBjb25zdHJ1Y3QgdGhlIHNlYXJjaCBmaWx0ZXIgZm9yIHRoZSBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGUgcmVzdWx0aW5nIGZpbHRlciB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JywgJ3tiaW5kX2RufScsIGFuZFxuICAgICAgICAne2Jhc2VfZG59J1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1YnN0cmluZ3Mgb2YgdGhlIHRlbXBsYXRlIHdpdGggdGhlIGFjdHVhbCB1c2VyIG5hbWUsIGJpbmQgRE4sIGFuZCBiYXNlIEROIGR1cmluZyB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgTm90ZSwgdGhhdCB0aGUgc3BlY2lhbCBjaGFyYWN0ZXJzIG11c3QgYmUgZXNjYXBlZCBwcm9wZXJseSBpbiBYTUwuXG4gICAgICAgICAgICAgICAgdmVyaWZpY2F0aW9uX2Nvb2xkb3duIC0gYSBwZXJpb2Qgb2YgdGltZSwgaW4gc2Vjb25kcywgYWZ0ZXIgYSBzdWNjZXNzZnVsIGJpbmQgYXR0ZW1wdCwgZHVyaW5nIHdoaWNoXG4gICAgICAgIGEgdXNlciB3aWxsIGJlIGFzc3VtZWRcbiAgICAgICAgICAgICAgICAgICAgICAgIHRvIGJlIHN1Y2Nlc3NmdWxseSBhdXRoZW50aWNhdGVkIGZvciBhbGwgY29uc2VjdXRpdmUgcmVxdWVzdHMgd2l0aG91dCBjb250YWN0aW5nIHRoZSBMREFQIHNlcnZlci5cbiAgICAgICAgICAgICAgICAgICAgICAgIFNwZWNpZnkgMCAodGhlIGRlZmF1bHQpIHRvIGRpc2FibGUgY2FjaGluZyBhbmQgZm9yY2UgY29udGFjdGluZyB0aGUgTERBUCBzZXJ2ZXIgZm9yIGVhY2hcbiAgICAgICAgYXV0aGVudGljYXRpb24gcmVxdWVzdC5cbiAgICAgICAgICAgICAgICBlbmFibGVfdGxzIC0gZmxhZyB0byB0cmlnZ2VyIHVzZSBvZiBzZWN1cmUgY29ubmVjdGlvbiB0byB0aGUgTERBUCBzZXJ2ZXIuXG4gICAgICAgICAgICAgICAgICAgICAgICBTcGVjaWZ5ICdubycgZm9yIHBsYWluIHRleHQgKGxkYXA6Ly8pIHByb3RvY29sIChub3QgcmVjb21tZW5kZWQpLlxuICAgICAgICAgICAgICAgICAgICAgICAgU3BlY2lmeSAneWVzJyBmb3IgTERBUCBvdmVyIFNTTC9UTFMgKGxkYXBzOi8vKSBwcm90b2NvbCAocmVjb21tZW5kZWQsIHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICAgICAgICAgIFNwZWNpZnkgJ3N0YXJ0dGxzJyBmb3IgbGVnYWN5IFN0YXJ0VExTIHByb3RvY29sIChwbGFpbiB0ZXh0IChsZGFwOi8vKSBwcm90b2NvbCwgdXBncmFkZWQgdG8gVExTKS5cbiAgICAgICAgICAgICAgICB0bHNfbWluaW11bV9wcm90b2NvbF92ZXJzaW9uIC0gdGhlIG1pbmltdW0gcHJvdG9jb2wgdmVyc2lvbiBvZiBTU0wvVExTLlxuICAgICAgICAgICAgICAgICAgICAgICAgQWNjZXB0ZWQgdmFsdWVzIGFyZTogJ3NzbDInLCAnc3NsMycsICd0bHMxLjAnLCAndGxzMS4xJywgJ3RsczEuMicgKHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICB0bHNfcmVxdWlyZV9jZXJ0IC0gU1NML1RMUyBwZWVyIGNlcnRpZmljYXRlIHZlcmlmaWNhdGlvbiBiZWhhdmlvci5cbiAgICAgICAgICAgICAgICAgICAgICAgIEFjY2VwdGVkIHZhbHVlcyBhcmU6ICduZXZlcicsICdhbGxvdycsICd0cnknLCAnZGVtYW5kJyAodGhlIGRlZmF1bHQpLlxuICAgICAgICAgICAgICAgIHRsc19jZXJ0X2ZpbGUgLSBwYXRoIHRvIGNlcnRpZmljYXRlIGZpbGUuXG4gICAgICAgICAgICAgICAgdGxzX2tleV9maWxlIC0gcGF0aCB0byBjZXJ0aWZpY2F0ZSBrZXkgZmlsZS5cbiAgICAgICAgICAgICAgICB0bHNfY2FfY2VydF9maWxlIC0gcGF0aCB0byBDQSBjZXJ0aWZpY2F0ZSBmaWxlLlxuICAgICAgICAgICAgICAgIHRsc19jYV9jZXJ0X2RpciAtIHBhdGggdG8gdGhlIGRpcmVjdG9yeSBjb250YWluaW5nIENBIGNlcnRpZmljYXRlcy5cbiAgICAgICAgICAgICAgICB0bHNfY2lwaGVyX3N1aXRlIC0gYWxsb3dlZCBjaXBoZXIgc3VpdGUgKGluIE9wZW5TU0wgbm90YXRpb24pLlxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICA8bXlfbGRhcF9zZXJ2ZXI+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+NjM2PC9wb3J0PlxuICAgICAgICAgICAgICAgICAgICA8YmluZF9kbj51aWQ9e3VzZXJfbmFtZX0sb3U9dXNlcnMsZGM9ZXhhbXBsZSxkYz1jb208L2JpbmRfZG4+XG4gICAgICAgICAgICAgICAgICAgIDx2ZXJpZmljYXRpb25fY29vbGRvd24+MzAwPC92ZXJpZmljYXRpb25fY29vbGRvd24+XG4gICAgICAgICAgICAgICAgICAgIDxlbmFibGVfdGxzPnllczwvZW5hYmxlX3Rscz5cbiAgICAgICAgICAgICAgICAgICAgPHRsc19taW5pbXVtX3Byb3RvY29sX3ZlcnNpb24+dGxzMS4yPC90bHNfbWluaW11bV9wcm90b2NvbF92ZXJzaW9uPlxuICAgICAgICAgICAgICAgICAgICA8dGxzX3JlcXVpcmVfY2VydD5kZW1hbmQ8L3Rsc19yZXF1aXJlX2NlcnQ+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2VydF9maWxlPi9wYXRoL3RvL3Rsc19jZXJ0X2ZpbGU8L3Rsc19jZXJ0X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfa2V5X2ZpbGU+L3BhdGgvdG8vdGxzX2tleV9maWxlPC90bHNfa2V5X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2FfY2VydF9maWxlPi9wYXRoL3RvL3Rsc19jYV9jZXJ0X2ZpbGU8L3Rsc19jYV9jZXJ0X2ZpbGU+XG4gICAgICAgICAgICAgICAgICAgIDx0bHNfY2FfY2VydF9kaXI+L3BhdGgvdG8vdGxzX2NhX2NlcnRfZGlyPC90bHNfY2FfY2VydF9kaXI+XG4gICAgICAgIDx0bHNfY2lwaGVyX3N1aXRlPkVDREhFLUVDRFNBLUFFUzI1Ni1HQ00tU0hBMzg0OkVDREhFLVJTQS1BRVMyNTYtR0NNLVNIQTM4NDpBRVMyNTYtR0NNLVNIQTM4NDwvdGxzX2NpcGhlcl9zdWl0ZT5cbiAgICAgICAgICAgICAgICA8L215X2xkYXBfc2VydmVyPlxuICAgICAgICAgICAgRXhhbXBsZSAodHlwaWNhbCBBY3RpdmUgRGlyZWN0b3J5IHdpdGggY29uZmlndXJlZCB1c2VyIEROIGRldGVjdGlvbiBmb3IgZnVydGhlciByb2xlIG1hcHBpbmcpOlxuICAgICAgICAgICAgICAgIDxteV9hZF9zZXJ2ZXI+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+Mzg5PC9wb3J0PlxuICAgICAgICAgICAgICAgICAgICA8YmluZF9kbj5FWEFNUExFXFx7dXNlcl9uYW1lfTwvYmluZF9kbj5cbiAgICAgICAgICAgICAgICAgICAgPHVzZXJfZG5fZGV0ZWN0aW9uPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+Q049VXNlcnMsREM9ZXhhbXBsZSxEQz1jb208L2Jhc2VfZG4+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2VhcmNoX2ZpbHRlcj4oJmFtcDsob2JqZWN0Q2xhc3M9dXNlcikoc0FNQWNjb3VudE5hbWU9e3VzZXJfbmFtZX0pKTwvc2VhcmNoX2ZpbHRlcj5cbiAgICAgICAgICAgICAgICAgICAgPC91c2VyX2RuX2RldGVjdGlvbj5cbiAgICAgICAgICAgICAgICAgICAgPGVuYWJsZV90bHM+bm88L2VuYWJsZV90bHM+XG4gICAgICAgICAgICAgICAgPC9teV9hZF9zZXJ2ZXI+XG4gICAgICAgIC0tPlxuICAgIDwvbGRhcF9zZXJ2ZXJzPlxuXG4gICAgPCEtLSBUbyBlbmFibGUgS2VyYmVyb3MgYXV0aGVudGljYXRpb24gc3VwcG9ydCBmb3IgSFRUUCByZXF1ZXN0cyAoR1NTLVNQTkVHTyksIGZvciB0aG9zZSB1c2Vyc1xuICAgIHdobyBhcmUgZXhwbGljaXRseSBjb25maWd1cmVkXG4gICAgICAgICAgdG8gYXV0aGVudGljYXRlIHZpYSBLZXJiZXJvcywgZGVmaW5lIGEgc2luZ2xlICdrZXJiZXJvcycgc2VjdGlvbiBoZXJlLlxuICAgICAgICBQYXJhbWV0ZXJzOlxuICAgICAgICAgICAgcHJpbmNpcGFsIC0gY2Fub25pY2FsIHNlcnZpY2UgcHJpbmNpcGFsIG5hbWUsIHRoYXQgd2lsbCBiZSBhY3F1aXJlZCBhbmQgdXNlZCB3aGVuIGFjY2VwdGluZ1xuICAgIHNlY3VyaXR5IGNvbnRleHRzLlxuICAgICAgICAgICAgICAgICAgICBUaGlzIHBhcmFtZXRlciBpcyBvcHRpb25hbCwgaWYgb21pdHRlZCwgdGhlIGRlZmF1bHQgcHJpbmNpcGFsIHdpbGwgYmUgdXNlZC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgY2Fubm90IGJlIHNwZWNpZmllZCB0b2dldGhlciB3aXRoICdyZWFsbScgcGFyYW1ldGVyLlxuICAgICAgICAgICAgcmVhbG0gLSBhIHJlYWxtLCB0aGF0IHdpbGwgYmUgdXNlZCB0byByZXN0cmljdCBhdXRoZW50aWNhdGlvbiB0byBvbmx5IHRob3NlIHJlcXVlc3RzIHdob3NlXG4gICAgaW5pdGlhdG9yJ3MgcmVhbG0gbWF0Y2hlcyBpdC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgaXMgb3B0aW9uYWwsIGlmIG9taXR0ZWQsIG5vIGFkZGl0aW9uYWwgZmlsdGVyaW5nIGJ5IHJlYWxtIHdpbGwgYmUgYXBwbGllZC5cbiAgICAgICAgICAgICAgICAgICAgVGhpcyBwYXJhbWV0ZXIgY2Fubm90IGJlIHNwZWNpZmllZCB0b2dldGhlciB3aXRoICdwcmluY2lwYWwnIHBhcmFtZXRlci5cbiAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgIDxrZXJiZXJvcyAvPlxuICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgPGtlcmJlcm9zPlxuICAgICAgICAgICAgICAgIDxwcmluY2lwYWw+SFRUUC9jbGlja2hvdXNlLmV4YW1wbGUuY29tQEVYQU1QTEUuQ09NPC9wcmluY2lwYWw+XG4gICAgICAgICAgICA8L2tlcmJlcm9zPlxuICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgPGtlcmJlcm9zPlxuICAgICAgICAgICAgICAgIDxyZWFsbT5FWEFNUExFLkNPTTwvcmVhbG0+XG4gICAgICAgICAgICA8L2tlcmJlcm9zPlxuICAgIC0tPlxuXG4gICAgPCEtLSBTb3VyY2VzIHRvIHJlYWQgdXNlcnMsIHJvbGVzLCBhY2Nlc3MgcmlnaHRzLCBwcm9maWxlcyBvZiBzZXR0aW5ncywgcXVvdGFzLiAtLT5cbiAgICA8dXNlcl9kaXJlY3Rvcmllcz5cbiAgICAgICAgPHVzZXJzX3htbD5cbiAgICAgICAgICAgIDwhLS0gUGF0aCB0byBjb25maWd1cmF0aW9uIGZpbGUgd2l0aCBwcmVkZWZpbmVkIHVzZXJzLiAtLT5cbiAgICAgICAgICAgIDxwYXRoPnVzZXJzLnhtbDwvcGF0aD5cbiAgICAgICAgPC91c2Vyc194bWw+XG4gICAgICAgIDxsb2NhbF9kaXJlY3Rvcnk+XG4gICAgICAgICAgICA8IS0tIFBhdGggdG8gZm9sZGVyIHdoZXJlIHVzZXJzIGNyZWF0ZWQgYnkgU1FMIGNvbW1hbmRzIGFyZSBzdG9yZWQuIC0tPlxuICAgICAgICAgICAgPHBhdGg+L3Zhci9saWIvY2xpY2tob3VzZS9hY2Nlc3MvPC9wYXRoPlxuICAgICAgICA8L2xvY2FsX2RpcmVjdG9yeT5cblxuICAgICAgICA8IS0tIFRvIGFkZCBhbiBMREFQIHNlcnZlciBhcyBhIHJlbW90ZSB1c2VyIGRpcmVjdG9yeSBvZiB1c2VycyB0aGF0IGFyZSBub3QgZGVmaW5lZCBsb2NhbGx5LFxuICAgICAgICBkZWZpbmUgYSBzaW5nbGUgJ2xkYXAnIHNlY3Rpb25cbiAgICAgICAgICAgICAgd2l0aCB0aGUgZm9sbG93aW5nIHBhcmFtZXRlcnM6XG4gICAgICAgICAgICAgICAgc2VydmVyIC0gb25lIG9mIExEQVAgc2VydmVyIG5hbWVzIGRlZmluZWQgaW4gJ2xkYXBfc2VydmVycycgY29uZmlnIHNlY3Rpb24gYWJvdmUuXG4gICAgICAgICAgICAgICAgICAgICAgICBUaGlzIHBhcmFtZXRlciBpcyBtYW5kYXRvcnkgYW5kIGNhbm5vdCBiZSBlbXB0eS5cbiAgICAgICAgICAgICAgICByb2xlcyAtIHNlY3Rpb24gd2l0aCBhIGxpc3Qgb2YgbG9jYWxseSBkZWZpbmVkIHJvbGVzIHRoYXQgd2lsbCBiZSBhc3NpZ25lZCB0byBlYWNoIHVzZXIgcmV0cmlldmVkXG4gICAgICAgIGZyb20gdGhlIExEQVAgc2VydmVyLlxuICAgICAgICAgICAgICAgICAgICAgICAgSWYgbm8gcm9sZXMgYXJlIHNwZWNpZmllZCBoZXJlIG9yIGFzc2lnbmVkIGR1cmluZyByb2xlIG1hcHBpbmcgKGJlbG93KSwgdXNlciB3aWxsIG5vdCBiZSBhYmxlIHRvXG4gICAgICAgIHBlcmZvcm0gYW55XG4gICAgICAgICAgICAgICAgICAgICAgICBhY3Rpb25zIGFmdGVyIGF1dGhlbnRpY2F0aW9uLlxuICAgICAgICAgICAgICAgIHJvbGVfbWFwcGluZyAtIHNlY3Rpb24gd2l0aCBMREFQIHNlYXJjaCBwYXJhbWV0ZXJzIGFuZCBtYXBwaW5nIHJ1bGVzLlxuICAgICAgICAgICAgICAgICAgICAgICAgV2hlbiBhIHVzZXIgYXV0aGVudGljYXRlcywgd2hpbGUgc3RpbGwgYm91bmQgdG8gTERBUCwgYW4gTERBUCBzZWFyY2ggaXMgcGVyZm9ybWVkIHVzaW5nXG4gICAgICAgIHNlYXJjaF9maWx0ZXIgYW5kIHRoZVxuICAgICAgICAgICAgICAgICAgICAgICAgbmFtZSBvZiB0aGUgbG9nZ2VkIGluIHVzZXIuIEZvciBlYWNoIGVudHJ5IGZvdW5kIGR1cmluZyB0aGF0IHNlYXJjaCwgdGhlIHZhbHVlIG9mIHRoZSBzcGVjaWZpZWRcbiAgICAgICAgYXR0cmlidXRlIGlzXG4gICAgICAgICAgICAgICAgICAgICAgICBleHRyYWN0ZWQuIEZvciBlYWNoIGF0dHJpYnV0ZSB2YWx1ZSB0aGF0IGhhcyB0aGUgc3BlY2lmaWVkIHByZWZpeCwgdGhlIHByZWZpeCBpcyByZW1vdmVkLCBhbmQgdGhlXG4gICAgICAgIHJlc3Qgb2YgdGhlXG4gICAgICAgICAgICAgICAgICAgICAgICB2YWx1ZSBiZWNvbWVzIHRoZSBuYW1lIG9mIGEgbG9jYWwgcm9sZSBkZWZpbmVkIGluIENsaWNrSG91c2UsIHdoaWNoIGlzIGV4cGVjdGVkIHRvIGJlIGNyZWF0ZWRcbiAgICAgICAgYmVmb3JlaGFuZCBieVxuICAgICAgICAgICAgICAgICAgICAgICAgQ1JFQVRFIFJPTEUgY29tbWFuZC5cbiAgICAgICAgICAgICAgICAgICAgICAgIFRoZXJlIGNhbiBiZSBtdWx0aXBsZSAncm9sZV9tYXBwaW5nJyBzZWN0aW9ucyBkZWZpbmVkIGluc2lkZSB0aGUgc2FtZSAnbGRhcCcgc2VjdGlvbi4gQWxsIG9mIHRoZW1cbiAgICAgICAgd2lsbCBiZVxuICAgICAgICAgICAgICAgICAgICAgICAgYXBwbGllZC5cbiAgICAgICAgICAgICAgICAgICAgYmFzZV9kbiAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBiYXNlIEROIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBETiB3aWxsIGJlIGNvbnN0cnVjdGVkIGJ5IHJlcGxhY2luZyBhbGwgJ3t1c2VyX25hbWV9JywgJ3tiaW5kX2RufScsIGFuZCAne3VzZXJfZG59J1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1YnN0cmluZ3Mgb2YgdGhlIHRlbXBsYXRlIHdpdGggdGhlIGFjdHVhbCB1c2VyIG5hbWUsIGJpbmQgRE4sIGFuZCB1c2VyIEROIGR1cmluZyBlYWNoIExEQVAgc2VhcmNoLlxuICAgICAgICAgICAgICAgICAgICBzY29wZSAtIHNjb3BlIG9mIHRoZSBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY2NlcHRlZCB2YWx1ZXMgYXJlOiAnYmFzZScsICdvbmVfbGV2ZWwnLCAnY2hpbGRyZW4nLCAnc3VidHJlZScgKHRoZSBkZWZhdWx0KS5cbiAgICAgICAgICAgICAgICAgICAgc2VhcmNoX2ZpbHRlciAtIHRlbXBsYXRlIHVzZWQgdG8gY29uc3RydWN0IHRoZSBzZWFyY2ggZmlsdGVyIGZvciB0aGUgTERBUCBzZWFyY2guXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgVGhlIHJlc3VsdGluZyBmaWx0ZXIgd2lsbCBiZSBjb25zdHJ1Y3RlZCBieSByZXBsYWNpbmcgYWxsICd7dXNlcl9uYW1lfScsICd7YmluZF9kbn0nLCAne3VzZXJfZG59JyxcbiAgICAgICAgYW5kXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgJ3tiYXNlX2RufScgc3Vic3RyaW5ncyBvZiB0aGUgdGVtcGxhdGUgd2l0aCB0aGUgYWN0dWFsIHVzZXIgbmFtZSwgYmluZCBETiwgdXNlciBETiwgYW5kIGJhc2UgRE5cbiAgICAgICAgZHVyaW5nXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgZWFjaCBMREFQIHNlYXJjaC5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBOb3RlLCB0aGF0IHRoZSBzcGVjaWFsIGNoYXJhY3RlcnMgbXVzdCBiZSBlc2NhcGVkIHByb3Blcmx5IGluIFhNTC5cbiAgICAgICAgICAgICAgICAgICAgYXR0cmlidXRlIC0gYXR0cmlidXRlIG5hbWUgd2hvc2UgdmFsdWVzIHdpbGwgYmUgcmV0dXJuZWQgYnkgdGhlIExEQVAgc2VhcmNoLiAnY24nLCBieSBkZWZhdWx0LlxuICAgICAgICAgICAgICAgICAgICBwcmVmaXggLSBwcmVmaXgsIHRoYXQgd2lsbCBiZSBleHBlY3RlZCB0byBiZSBpbiBmcm9udCBvZiBlYWNoIHN0cmluZyBpbiB0aGUgb3JpZ2luYWwgbGlzdCBvZlxuICAgICAgICBzdHJpbmdzIHJldHVybmVkIGJ5XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlIExEQVAgc2VhcmNoLiBQcmVmaXggd2lsbCBiZSByZW1vdmVkIGZyb20gdGhlIG9yaWdpbmFsIHN0cmluZ3MgYW5kIHJlc3VsdGluZyBzdHJpbmdzIHdpbGwgYmVcbiAgICAgICAgdHJlYXRlZFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIGxvY2FsIHJvbGUgbmFtZXMuIEVtcHR5LCBieSBkZWZhdWx0LlxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICA8bGRhcD5cbiAgICAgICAgICAgICAgICAgICAgPHNlcnZlcj5teV9sZGFwX3NlcnZlcjwvc2VydmVyPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZXM+XG4gICAgICAgICAgICAgICAgICAgICAgICA8bXlfbG9jYWxfcm9sZTEgLz5cbiAgICAgICAgICAgICAgICAgICAgICAgIDxteV9sb2NhbF9yb2xlMiAvPlxuICAgICAgICAgICAgICAgICAgICA8L3JvbGVzPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZV9tYXBwaW5nPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+b3U9Z3JvdXBzLGRjPWV4YW1wbGUsZGM9Y29tPC9iYXNlX2RuPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHNjb3BlPnN1YnRyZWU8L3Njb3BlPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHNlYXJjaF9maWx0ZXI+KCZhbXA7KG9iamVjdENsYXNzPWdyb3VwT2ZOYW1lcykobWVtYmVyPXtiaW5kX2RufSkpPC9zZWFyY2hfZmlsdGVyPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGF0dHJpYnV0ZT5jbjwvYXR0cmlidXRlPlxuICAgICAgICAgICAgICAgICAgICAgICAgPHByZWZpeD5jbGlja2hvdXNlXzwvcHJlZml4PlxuICAgICAgICAgICAgICAgICAgICA8L3JvbGVfbWFwcGluZz5cbiAgICAgICAgICAgICAgICA8L2xkYXA+XG4gICAgICAgICAgICBFeGFtcGxlICh0eXBpY2FsIEFjdGl2ZSBEaXJlY3Rvcnkgd2l0aCByb2xlIG1hcHBpbmcgdGhhdCByZWxpZXMgb24gdGhlIGRldGVjdGVkIHVzZXIgRE4pOlxuICAgICAgICAgICAgICAgIDxsZGFwPlxuICAgICAgICAgICAgICAgICAgICA8c2VydmVyPm15X2FkX3NlcnZlcjwvc2VydmVyPlxuICAgICAgICAgICAgICAgICAgICA8cm9sZV9tYXBwaW5nPlxuICAgICAgICAgICAgICAgICAgICAgICAgPGJhc2VfZG4+Q049VXNlcnMsREM9ZXhhbXBsZSxEQz1jb208L2Jhc2VfZG4+XG4gICAgICAgICAgICAgICAgICAgICAgICA8YXR0cmlidXRlPkNOPC9hdHRyaWJ1dGU+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2NvcGU+c3VidHJlZTwvc2NvcGU+XG4gICAgICAgICAgICAgICAgICAgICAgICA8c2VhcmNoX2ZpbHRlcj4oJmFtcDsob2JqZWN0Q2xhc3M9Z3JvdXApKG1lbWJlcj17dXNlcl9kbn0pKTwvc2VhcmNoX2ZpbHRlcj5cbiAgICAgICAgICAgICAgICAgICAgICAgIDxwcmVmaXg+Y2xpY2tob3VzZV88L3ByZWZpeD5cbiAgICAgICAgICAgICAgICAgICAgPC9yb2xlX21hcHBpbmc+XG4gICAgICAgICAgICAgICAgPC9sZGFwPlxuICAgICAgICAtLT5cbiAgICA8L3VzZXJfZGlyZWN0b3JpZXM+XG5cbiAgICA8IS0tIERlZmF1bHQgcHJvZmlsZSBvZiBzZXR0aW5ncy4gLS0+XG4gICAgPGRlZmF1bHRfcHJvZmlsZT5kZWZhdWx0PC9kZWZhdWx0X3Byb2ZpbGU+XG5cbiAgICA8IS0tIENvbW1hLXNlcGFyYXRlZCBsaXN0IG9mIHByZWZpeGVzIGZvciB1c2VyLWRlZmluZWQgc2V0dGluZ3MuIC0tPlxuICAgIDxjdXN0b21fc2V0dGluZ3NfcHJlZml4ZXM+PC9jdXN0b21fc2V0dGluZ3NfcHJlZml4ZXM+XG5cbiAgICA8IS0tIFN5c3RlbSBwcm9maWxlIG9mIHNldHRpbmdzLiBUaGlzIHNldHRpbmdzIGFyZSB1c2VkIGJ5IGludGVybmFsIHByb2Nlc3NlcyAoRGlzdHJpYnV0ZWQgRERMXG4gICAgd29ya2VyIGFuZCBzbyBvbikuIC0tPlxuICAgIDwhLS0gPHN5c3RlbV9wcm9maWxlPmRlZmF1bHQ8L3N5c3RlbV9wcm9maWxlPiAtLT5cblxuICAgIDwhLS0gQnVmZmVyIHByb2ZpbGUgb2Ygc2V0dGluZ3MuXG4gICAgICAgIFRoaXMgc2V0dGluZ3MgYXJlIHVzZWQgYnkgQnVmZmVyIHN0b3JhZ2UgdG8gZmx1c2ggZGF0YSB0byB0aGUgdW5kZXJseWluZyB0YWJsZS5cbiAgICAgICAgRGVmYXVsdDogdXNlZCBmcm9tIHN5c3RlbV9wcm9maWxlIGRpcmVjdGl2ZS5cbiAgICAtLT5cbiAgICA8IS0tIDxidWZmZXJfcHJvZmlsZT5kZWZhdWx0PC9idWZmZXJfcHJvZmlsZT4gLS0+XG5cbiAgICA8IS0tIERlZmF1bHQgZGF0YWJhc2UuIC0tPlxuICAgIDxkZWZhdWx0X2RhdGFiYXNlPmRlZmF1bHQ8L2RlZmF1bHRfZGF0YWJhc2U+XG5cbiAgICA8IS0tIFNlcnZlciB0aW1lIHpvbmUgY291bGQgYmUgc2V0IGhlcmUuXG5cbiAgICAgICAgVGltZSB6b25lIGlzIHVzZWQgd2hlbiBjb252ZXJ0aW5nIGJldHdlZW4gU3RyaW5nIGFuZCBEYXRlVGltZSB0eXBlcyxcbiAgICAgICAgICB3aGVuIHByaW50aW5nIERhdGVUaW1lIGluIHRleHQgZm9ybWF0cyBhbmQgcGFyc2luZyBEYXRlVGltZSBmcm9tIHRleHQsXG4gICAgICAgICAgaXQgaXMgdXNlZCBpbiBkYXRlIGFuZCB0aW1lIHJlbGF0ZWQgZnVuY3Rpb25zLCBpZiBzcGVjaWZpYyB0aW1lIHpvbmUgd2FzIG5vdCBwYXNzZWQgYXMgYW4gYXJndW1lbnQuXG5cbiAgICAgICAgVGltZSB6b25lIGlzIHNwZWNpZmllZCBhcyBpZGVudGlmaWVyIGZyb20gSUFOQSB0aW1lIHpvbmUgZGF0YWJhc2UsIGxpa2UgVVRDIG9yIEFmcmljYS9BYmlkamFuLlxuICAgICAgICBJZiBub3Qgc3BlY2lmaWVkLCBzeXN0ZW0gdGltZSB6b25lIGF0IHNlcnZlciBzdGFydHVwIGlzIHVzZWQuXG5cbiAgICAgICAgUGxlYXNlIG5vdGUsIHRoYXQgc2VydmVyIGNvdWxkIGRpc3BsYXkgdGltZSB6b25lIGFsaWFzIGluc3RlYWQgb2Ygc3BlY2lmaWVkIG5hbWUuXG4gICAgICAgIEV4YW1wbGU6IFctU1UgaXMgYW4gYWxpYXMgZm9yIEV1cm9wZS9Nb3Njb3cgYW5kIFp1bHUgaXMgYW4gYWxpYXMgZm9yIFVUQy5cbiAgICAtLT5cbiAgICA8IS0tIDx0aW1lem9uZT5FdXJvcGUvTW9zY293PC90aW1lem9uZT4gLS0+XG5cbiAgICA8IS0tIFlvdSBjYW4gc3BlY2lmeSB1bWFzayBoZXJlIChzZWUgXCJtYW4gdW1hc2tcIikuIFNlcnZlciB3aWxsIGFwcGx5IGl0IG9uIHN0YXJ0dXAuXG4gICAgICAgIE51bWJlciBpcyBhbHdheXMgcGFyc2VkIGFzIG9jdGFsLiBEZWZhdWx0IHVtYXNrIGlzIDAyNyAob3RoZXIgdXNlcnMgY2Fubm90IHJlYWQgbG9ncywgZGF0YSBmaWxlcyxcbiAgICBldGM7IGdyb3VwIGNhbiBvbmx5IHJlYWQpLlxuICAgIC0tPlxuICAgIDwhLS0gPHVtYXNrPjAyMjwvdW1hc2s+IC0tPlxuXG4gICAgPCEtLSBQZXJmb3JtIG1sb2NrYWxsIGFmdGVyIHN0YXJ0dXAgdG8gbG93ZXIgZmlyc3QgcXVlcmllcyBsYXRlbmN5XG4gICAgICAgICAgYW5kIHRvIHByZXZlbnQgY2xpY2tob3VzZSBleGVjdXRhYmxlIGZyb20gYmVpbmcgcGFnZWQgb3V0IHVuZGVyIGhpZ2ggSU8gbG9hZC5cbiAgICAgICAgRW5hYmxpbmcgdGhpcyBvcHRpb24gaXMgcmVjb21tZW5kZWQgYnV0IHdpbGwgbGVhZCB0byBpbmNyZWFzZWQgc3RhcnR1cCB0aW1lIGZvciB1cCB0byBhIGZld1xuICAgIHNlY29uZHMuXG4gICAgLS0+XG4gICAgPG1sb2NrX2V4ZWN1dGFibGU+dHJ1ZTwvbWxvY2tfZXhlY3V0YWJsZT5cblxuICAgIDwhLS0gUmVhbGxvY2F0ZSBtZW1vcnkgZm9yIG1hY2hpbmUgY29kZSAoXCJ0ZXh0XCIpIHVzaW5nIGh1Z2UgcGFnZXMuIEhpZ2hseSBleHBlcmltZW50YWwuIC0tPlxuICAgIDxyZW1hcF9leGVjdXRhYmxlPmZhbHNlPC9yZW1hcF9leGVjdXRhYmxlPlxuXG4gICAgPCFbQ0RBVEFbXG4gICAgICAgIFVuY29tbWVudCBiZWxvdyBpbiBvcmRlciB0byB1c2UgSkRCQyB0YWJsZSBlbmdpbmUgYW5kIGZ1bmN0aW9uLlxuXG4gICAgICAgIFRvIGluc3RhbGwgYW5kIHJ1biBKREJDIGJyaWRnZSBpbiBiYWNrZ3JvdW5kOlxuICAgICAgICAqIFtEZWJpYW4vVWJ1bnR1XVxuICAgICAgICAgIGV4cG9ydCBNVk5fVVJMPWh0dHBzOi8vcmVwbzEubWF2ZW4ub3JnL21hdmVuMi9ydS95YW5kZXgvY2xpY2tob3VzZS9jbGlja2hvdXNlLWpkYmMtYnJpZGdlXG4gICAgICAgICAgZXhwb3J0IFBLR19WRVI9JChjdXJsIC1zTCAkTVZOX1VSTC9tYXZlbi1tZXRhZGF0YS54bWwgfCBncmVwICc8cmVsZWFzZT4nIHwgc2VkIC1lICdzfC4qPlxcKC4qXFwpPC4qfFxcMXwnKVxuICAgICAgICAgIHdnZXQgaHR0cHM6Ly9naXRodWIuY29tL0NsaWNrSG91c2UvY2xpY2tob3VzZS1qZGJjLWJyaWRnZS9yZWxlYXNlcy9kb3dubG9hZC92JFBLR19WRVIvY2xpY2tob3VzZS1qZGJjLWJyaWRnZV8kUEtHX1ZFUi0xX2FsbC5kZWJcbiAgICAgICAgICBhcHQgaW5zdGFsbCAtLW5vLWluc3RhbGwtcmVjb21tZW5kcyAtZiAuL2NsaWNraG91c2UtamRiYy1icmlkZ2VfJFBLR19WRVItMV9hbGwuZGViXG4gICAgICAgICAgY2xpY2tob3VzZS1qZGJjLWJyaWRnZSAmXG5cbiAgICAgICAgKiBbQ2VudE9TL1JIRUxdXG4gICAgICAgICAgZXhwb3J0IE1WTl9VUkw9aHR0cHM6Ly9yZXBvMS5tYXZlbi5vcmcvbWF2ZW4yL3J1L3lhbmRleC9jbGlja2hvdXNlL2NsaWNraG91c2UtamRiYy1icmlkZ2VcbiAgICAgICAgICBleHBvcnQgUEtHX1ZFUj0kKGN1cmwgLXNMICRNVk5fVVJML21hdmVuLW1ldGFkYXRhLnhtbCB8IGdyZXAgJzxyZWxlYXNlPicgfCBzZWQgLWUgJ3N8Lio+XFwoLipcXCk8Lip8XFwxfCcpXG4gICAgICAgICAgd2dldCBodHRwczovL2dpdGh1Yi5jb20vQ2xpY2tIb3VzZS9jbGlja2hvdXNlLWpkYmMtYnJpZGdlL3JlbGVhc2VzL2Rvd25sb2FkL3YkUEtHX1ZFUi9jbGlja2hvdXNlLWpkYmMtYnJpZGdlLSRQS0dfVkVSLTEubm9hcmNoLnJwbVxuICAgICAgICAgIHl1bSBsb2NhbGluc3RhbGwgLXkgY2xpY2tob3VzZS1qZGJjLWJyaWRnZS0kUEtHX1ZFUi0xLm5vYXJjaC5ycG1cbiAgICAgICAgICBjbGlja2hvdXNlLWpkYmMtYnJpZGdlICZcblxuICAgICAgICBQbGVhc2UgcmVmZXIgdG8gaHR0cHM6Ly9naXRodWIuY29tL0NsaWNrSG91c2UvY2xpY2tob3VzZS1qZGJjLWJyaWRnZSN1c2FnZSBmb3IgbW9yZSBpbmZvcm1hdGlvbi5cbiAgICBdXT5cbiAgICA8IS0tXG4gICAgPGpkYmNfYnJpZGdlPlxuICAgICAgICA8aG9zdD4xMjcuMC4wLjE8L2hvc3Q+XG4gICAgICAgIDxwb3J0PjkwMTk8L3BvcnQ+XG4gICAgPC9qZGJjX2JyaWRnZT5cbiAgICAtLT5cblxuICAgIDwhLS0gQ29uZmlndXJhdGlvbiBvZiBjbHVzdGVycyB0aGF0IGNvdWxkIGJlIHVzZWQgaW4gRGlzdHJpYnV0ZWQgdGFibGVzLlxuICAgICAgICBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vb3BlcmF0aW9ucy90YWJsZV9lbmdpbmVzL2Rpc3RyaWJ1dGVkL1xuICAgICAgLS0+XG4gICAgPHJlbW90ZV9zZXJ2ZXJzPlxuXG4gICAgICAgIDwhLS0gVGVzdCBvbmx5IHNoYXJkIGNvbmZpZyBmb3IgdGVzdGluZyBkaXN0cmlidXRlZCBzdG9yYWdlIC0tPlxuICAgICAgICA8cG9zdGhvZz5cbiAgICAgICAgICAgIDwhLS0gSW50ZXItc2VydmVyIHBlci1jbHVzdGVyIHNlY3JldCBmb3IgRGlzdHJpYnV0ZWQgcXVlcmllc1xuICAgICAgICAgICAgICAgIGRlZmF1bHQ6IG5vIHNlY3JldCAobm8gYXV0aGVudGljYXRpb24gd2lsbCBiZSBwZXJmb3JtZWQpXG5cbiAgICAgICAgICAgICAgICBJZiBzZXQsIHRoZW4gRGlzdHJpYnV0ZWQgcXVlcmllcyB3aWxsIGJlIHZhbGlkYXRlZCBvbiBzaGFyZHMsIHNvIGF0IGxlYXN0OlxuICAgICAgICAgICAgICAgIC0gc3VjaCBjbHVzdGVyIHNob3VsZCBleGlzdCBvbiB0aGUgc2hhcmQsXG4gICAgICAgICAgICAgICAgLSBzdWNoIGNsdXN0ZXIgc2hvdWxkIGhhdmUgdGhlIHNhbWUgc2VjcmV0LlxuXG4gICAgICAgICAgICAgICAgQW5kIGFsc28gKGFuZCB3aGljaCBpcyBtb3JlIGltcG9ydGFudCksIHRoZSBpbml0aWFsX3VzZXIgd2lsbFxuICAgICAgICAgICAgICAgIGJlIHVzZWQgYXMgY3VycmVudCB1c2VyIGZvciB0aGUgcXVlcnkuXG5cbiAgICAgICAgICAgICAgICBSaWdodCBub3cgdGhlIHByb3RvY29sIGlzIHByZXR0eSBzaW1wbGUgYW5kIGl0IG9ubHkgdGFrZXMgaW50byBhY2NvdW50OlxuICAgICAgICAgICAgICAgIC0gY2x1c3RlciBuYW1lXG4gICAgICAgICAgICAgICAgLSBxdWVyeVxuXG4gICAgICAgICAgICAgICAgQWxzbyBpdCB3aWxsIGJlIG5pY2UgaWYgdGhlIGZvbGxvd2luZyB3aWxsIGJlIGltcGxlbWVudGVkOlxuICAgICAgICAgICAgICAgIC0gc291cmNlIGhvc3RuYW1lIChzZWUgaW50ZXJzZXJ2ZXJfaHR0cF9ob3N0KSwgYnV0IHRoZW4gaXQgd2lsbCBkZXBlbmRzIGZyb20gRE5TLFxuICAgICAgICAgICAgICAgICAgaXQgY2FuIHVzZSBJUCBhZGRyZXNzIGluc3RlYWQsIGJ1dCB0aGVuIHRoZSB5b3UgbmVlZCB0byBnZXQgY29ycmVjdCBvbiB0aGUgaW5pdGlhdG9yIG5vZGUuXG4gICAgICAgICAgICAgICAgLSB0YXJnZXQgaG9zdG5hbWUgLyBpcCBhZGRyZXNzIChzYW1lIG5vdGVzIGFzIGZvciBzb3VyY2UgaG9zdG5hbWUpXG4gICAgICAgICAgICAgICAgLSB0aW1lLWJhc2VkIHNlY3VyaXR5IHRva2Vuc1xuICAgICAgICAgICAgLS0+XG4gICAgICAgICAgICA8IS0tIDxzZWNyZXQ+PC9zZWNyZXQ+IC0tPlxuXG4gICAgICAgICAgICA8c2hhcmQ+XG4gICAgICAgICAgICAgICAgPCEtLSBPcHRpb25hbC4gV2hldGhlciB0byB3cml0ZSBkYXRhIHRvIGp1c3Qgb25lIG9mIHRoZSByZXBsaWNhcy4gRGVmYXVsdDogZmFsc2VcbiAgICAgICAgICAgICAgICAod3JpdGUgZGF0YSB0byBhbGwgcmVwbGljYXMpLiAtLT5cbiAgICAgICAgICAgICAgICA8IS0tIDxpbnRlcm5hbF9yZXBsaWNhdGlvbj5mYWxzZTwvaW50ZXJuYWxfcmVwbGljYXRpb24+IC0tPlxuICAgICAgICAgICAgICAgIDwhLS0gT3B0aW9uYWwuIFNoYXJkIHdlaWdodCB3aGVuIHdyaXRpbmcgZGF0YS4gRGVmYXVsdDogMS4gLS0+XG4gICAgICAgICAgICAgICAgPCEtLSA8d2VpZ2h0PjE8L3dlaWdodD4gLS0+XG4gICAgICAgICAgICAgICAgPHJlcGxpY2E+XG4gICAgICAgICAgICAgICAgICAgIDxob3N0PmxvY2FsaG9zdDwvaG9zdD5cbiAgICAgICAgICAgICAgICAgICAgPHBvcnQ+OTAwMDwvcG9ydD5cbiAgICAgICAgICAgICAgICAgICAgPCEtLSBPcHRpb25hbC4gUHJpb3JpdHkgb2YgdGhlIHJlcGxpY2EgZm9yIGxvYWRfYmFsYW5jaW5nLiBEZWZhdWx0OiAxIChsZXNzXG4gICAgICAgICAgICAgICAgICAgIHZhbHVlIGhhcyBtb3JlIHByaW9yaXR5KS4gLS0+XG4gICAgICAgICAgICAgICAgICAgIDwhLS0gPHByaW9yaXR5PjE8L3ByaW9yaXR5PiAtLT5cbiAgICAgICAgICAgICAgICA8L3JlcGxpY2E+XG4gICAgICAgICAgICA8L3NoYXJkPlxuICAgICAgICA8L3Bvc3Rob2c+XG4gICAgPC9yZW1vdGVfc2VydmVycz5cblxuICAgIDwhLS0gVGhlIGxpc3Qgb2YgaG9zdHMgYWxsb3dlZCB0byB1c2UgaW4gVVJMLXJlbGF0ZWQgc3RvcmFnZSBlbmdpbmVzIGFuZCB0YWJsZSBmdW5jdGlvbnMuXG4gICAgICAgIElmIHRoaXMgc2VjdGlvbiBpcyBub3QgcHJlc2VudCBpbiBjb25maWd1cmF0aW9uLCBhbGwgaG9zdHMgYXJlIGFsbG93ZWQuXG4gICAgLS0+XG4gICAgPHJlbW90ZV91cmxfYWxsb3dfaG9zdHM+XG4gICAgICAgIDwhLS0gSG9zdCBzaG91bGQgYmUgc3BlY2lmaWVkIGV4YWN0bHkgYXMgaW4gVVJMLiBUaGUgbmFtZSBpcyBjaGVja2VkIGJlZm9yZSBETlMgcmVzb2x1dGlvbi5cbiAgICAgICAgICAgIEV4YW1wbGU6IFwieWFuZGV4LnJ1XCIsIFwieWFuZGV4LnJ1LlwiIGFuZCBcInd3dy55YW5kZXgucnVcIiBhcmUgZGlmZmVyZW50IGhvc3RzLlxuICAgICAgICAgICAgICAgICAgICBJZiBwb3J0IGlzIGV4cGxpY2l0bHkgc3BlY2lmaWVkIGluIFVSTCwgdGhlIGhvc3Q6cG9ydCBpcyBjaGVja2VkIGFzIGEgd2hvbGUuXG4gICAgICAgICAgICAgICAgICAgIElmIGhvc3Qgc3BlY2lmaWVkIGhlcmUgd2l0aG91dCBwb3J0LCBhbnkgcG9ydCB3aXRoIHRoaXMgaG9zdCBhbGxvd2VkLlxuICAgICAgICAgICAgICAgICAgICBcInlhbmRleC5ydVwiIC0+IFwieWFuZGV4LnJ1OjQ0M1wiLCBcInlhbmRleC5ydTo4MFwiIGV0Yy4gaXMgYWxsb3dlZCwgYnV0IFwieWFuZGV4LnJ1OjgwXCIgLT4gb25seVxuICAgICAgICBcInlhbmRleC5ydTo4MFwiIGlzIGFsbG93ZWQuXG4gICAgICAgICAgICBJZiB0aGUgaG9zdCBpcyBzcGVjaWZpZWQgYXMgSVAgYWRkcmVzcywgaXQgaXMgY2hlY2tlZCBhcyBzcGVjaWZpZWQgaW4gVVJMLiBFeGFtcGxlOlxuICAgICAgICBcIlsyYTAyOjZiODphOjphXVwiLlxuICAgICAgICAgICAgSWYgdGhlcmUgYXJlIHJlZGlyZWN0cyBhbmQgc3VwcG9ydCBmb3IgcmVkaXJlY3RzIGlzIGVuYWJsZWQsIGV2ZXJ5IHJlZGlyZWN0ICh0aGUgTG9jYXRpb24gZmllbGQpIGlzXG4gICAgICAgIGNoZWNrZWQuXG4gICAgICAgICAgICBIb3N0IHNob3VsZCBiZSBzcGVjaWZpZWQgdXNpbmcgdGhlIGhvc3QgeG1sIHRhZzpcbiAgICAgICAgICAgICAgICAgICAgPGhvc3Q+eWFuZGV4LnJ1PC9ob3N0PlxuICAgICAgICAtLT5cblxuICAgICAgICA8IS0tIFJlZ3VsYXIgZXhwcmVzc2lvbiBjYW4gYmUgc3BlY2lmaWVkLiBSRTIgZW5naW5lIGlzIHVzZWQgZm9yIHJlZ2V4cHMuXG4gICAgICAgICAgICBSZWdleHBzIGFyZSBub3QgYWxpZ25lZDogZG9uJ3QgZm9yZ2V0IHRvIGFkZCBeIGFuZCAkLiBBbHNvIGRvbid0IGZvcmdldCB0byBlc2NhcGUgZG90ICguKVxuICAgICAgICBtZXRhY2hhcmFjdGVyXG4gICAgICAgICAgICAoZm9yZ2V0dGluZyB0byBkbyBzbyBpcyBhIGNvbW1vbiBzb3VyY2Ugb2YgZXJyb3IpLlxuICAgICAgICAtLT5cbiAgICAgICAgPGhvc3RfcmVnZXhwPi4qPC9ob3N0X3JlZ2V4cD5cbiAgICA8L3JlbW90ZV91cmxfYWxsb3dfaG9zdHM+XG5cbiAgICA8IS0tIElmIGVsZW1lbnQgaGFzICdpbmNsJyBhdHRyaWJ1dGUsIHRoZW4gZm9yIGl0J3MgdmFsdWUgd2lsbCBiZSB1c2VkIGNvcnJlc3BvbmRpbmdcbiAgICBzdWJzdGl0dXRpb24gZnJvbSBhbm90aGVyIGZpbGUuXG4gICAgICAgIEJ5IGRlZmF1bHQsIHBhdGggdG8gZmlsZSB3aXRoIHN1YnN0aXR1dGlvbnMgaXMgL2V0Yy9tZXRyaWthLnhtbC4gSXQgY291bGQgYmUgY2hhbmdlZCBpbiBjb25maWcgaW5cbiAgICAnaW5jbHVkZV9mcm9tJyBlbGVtZW50LlxuICAgICAgICBWYWx1ZXMgZm9yIHN1YnN0aXR1dGlvbnMgYXJlIHNwZWNpZmllZCBpbiAvY2xpY2tob3VzZS9uYW1lX29mX3N1YnN0aXR1dGlvbiBlbGVtZW50cyBpbiB0aGF0IGZpbGUuXG4gICAgICAtLT5cblxuICAgIDwhLS0gWm9vS2VlcGVyIGlzIHVzZWQgdG8gc3RvcmUgbWV0YWRhdGEgYWJvdXQgcmVwbGljYXMsIHdoZW4gdXNpbmcgUmVwbGljYXRlZCB0YWJsZXMuXG4gICAgICAgIE9wdGlvbmFsLiBJZiB5b3UgZG9uJ3QgdXNlIHJlcGxpY2F0ZWQgdGFibGVzLCB5b3UgY291bGQgb21pdCB0aGF0LlxuXG4gICAgICAgIFNlZSBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vZW5naW5lcy90YWJsZS1lbmdpbmVzL21lcmdldHJlZS1mYW1pbHkvcmVwbGljYXRpb24vXG4gICAgICAtLT5cblxuICAgIDx6b29rZWVwZXI+XG4gICAgICAgIDxub2RlPlxuICAgICAgICAgICAgPGhvc3Q+em9va2VlcGVyPC9ob3N0PlxuICAgICAgICAgICAgPHBvcnQ+MjE4MTwvcG9ydD5cbiAgICAgICAgPC9ub2RlPlxuICAgIDwvem9va2VlcGVyPlxuXG4gICAgPCEtLSBTdWJzdGl0dXRpb25zIGZvciBwYXJhbWV0ZXJzIG9mIHJlcGxpY2F0ZWQgdGFibGVzLlxuICAgICAgICAgIE9wdGlvbmFsLiBJZiB5b3UgZG9uJ3QgdXNlIHJlcGxpY2F0ZWQgdGFibGVzLCB5b3UgY291bGQgb21pdCB0aGF0LlxuXG4gICAgICAgIFNlZVxuICAgIGh0dHBzOi8vY2xpY2tob3VzZS5jb20vZG9jcy9lbi9lbmdpbmVzL3RhYmxlLWVuZ2luZXMvbWVyZ2V0cmVlLWZhbWlseS9yZXBsaWNhdGlvbi8jY3JlYXRpbmctcmVwbGljYXRlZC10YWJsZXNcbiAgICAgIC0tPlxuXG4gICAgPG1hY3Jvcz5cbiAgICAgICAgPHNoYXJkPjAxPC9zaGFyZD5cbiAgICAgICAgPHJlcGxpY2E+Y2gxPC9yZXBsaWNhPlxuICAgIDwvbWFjcm9zPlxuXG5cbiAgICA8IS0tIFJlbG9hZGluZyBpbnRlcnZhbCBmb3IgZW1iZWRkZWQgZGljdGlvbmFyaWVzLCBpbiBzZWNvbmRzLiBEZWZhdWx0OiAzNjAwLiAtLT5cbiAgICA8YnVpbHRpbl9kaWN0aW9uYXJpZXNfcmVsb2FkX2ludGVydmFsPjM2MDA8L2J1aWx0aW5fZGljdGlvbmFyaWVzX3JlbG9hZF9pbnRlcnZhbD5cblxuXG4gICAgPCEtLSBNYXhpbXVtIHNlc3Npb24gdGltZW91dCwgaW4gc2Vjb25kcy4gRGVmYXVsdDogMzYwMC4gLS0+XG4gICAgPG1heF9zZXNzaW9uX3RpbWVvdXQ+MzYwMDwvbWF4X3Nlc3Npb25fdGltZW91dD5cblxuICAgIDwhLS0gRGVmYXVsdCBzZXNzaW9uIHRpbWVvdXQsIGluIHNlY29uZHMuIERlZmF1bHQ6IDYwLiAtLT5cbiAgICA8ZGVmYXVsdF9zZXNzaW9uX3RpbWVvdXQ+NjA8L2RlZmF1bHRfc2Vzc2lvbl90aW1lb3V0PlxuXG4gICAgPCEtLSBTZW5kaW5nIGRhdGEgdG8gR3JhcGhpdGUgZm9yIG1vbml0b3JpbmcuIFNldmVyYWwgc2VjdGlvbnMgY2FuIGJlIGRlZmluZWQuIC0tPlxuICAgIDwhLS1cbiAgICAgICAgaW50ZXJ2YWwgLSBzZW5kIGV2ZXJ5IFggc2Vjb25kXG4gICAgICAgIHJvb3RfcGF0aCAtIHByZWZpeCBmb3Iga2V5c1xuICAgICAgICBob3N0bmFtZV9pbl9wYXRoIC0gYXBwZW5kIGhvc3RuYW1lIHRvIHJvb3RfcGF0aCAoZGVmYXVsdCA9IHRydWUpXG4gICAgICAgIG1ldHJpY3MgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0ubWV0cmljc1xuICAgICAgICBldmVudHMgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0uZXZlbnRzXG4gICAgICAgIGFzeW5jaHJvbm91c19tZXRyaWNzIC0gc2VuZCBkYXRhIGZyb20gdGFibGUgc3lzdGVtLmFzeW5jaHJvbm91c19tZXRyaWNzXG4gICAgLS0+XG4gICAgPCEtLVxuICAgIDxncmFwaGl0ZT5cbiAgICAgICAgPGhvc3Q+bG9jYWxob3N0PC9ob3N0PlxuICAgICAgICA8cG9ydD40MjAwMDwvcG9ydD5cbiAgICAgICAgPHRpbWVvdXQ+MC4xPC90aW1lb3V0PlxuICAgICAgICA8aW50ZXJ2YWw+NjA8L2ludGVydmFsPlxuICAgICAgICA8cm9vdF9wYXRoPm9uZV9taW48L3Jvb3RfcGF0aD5cbiAgICAgICAgPGhvc3RuYW1lX2luX3BhdGg+dHJ1ZTwvaG9zdG5hbWVfaW5fcGF0aD5cblxuICAgICAgICA8bWV0cmljcz50cnVlPC9tZXRyaWNzPlxuICAgICAgICA8ZXZlbnRzPnRydWU8L2V2ZW50cz5cbiAgICAgICAgPGV2ZW50c19jdW11bGF0aXZlPmZhbHNlPC9ldmVudHNfY3VtdWxhdGl2ZT5cbiAgICAgICAgPGFzeW5jaHJvbm91c19tZXRyaWNzPnRydWU8L2FzeW5jaHJvbm91c19tZXRyaWNzPlxuICAgIDwvZ3JhcGhpdGU+XG4gICAgPGdyYXBoaXRlPlxuICAgICAgICA8aG9zdD5sb2NhbGhvc3Q8L2hvc3Q+XG4gICAgICAgIDxwb3J0PjQyMDAwPC9wb3J0PlxuICAgICAgICA8dGltZW91dD4wLjE8L3RpbWVvdXQ+XG4gICAgICAgIDxpbnRlcnZhbD4xPC9pbnRlcnZhbD5cbiAgICAgICAgPHJvb3RfcGF0aD5vbmVfc2VjPC9yb290X3BhdGg+XG5cbiAgICAgICAgPG1ldHJpY3M+dHJ1ZTwvbWV0cmljcz5cbiAgICAgICAgPGV2ZW50cz50cnVlPC9ldmVudHM+XG4gICAgICAgIDxldmVudHNfY3VtdWxhdGl2ZT5mYWxzZTwvZXZlbnRzX2N1bXVsYXRpdmU+XG4gICAgICAgIDxhc3luY2hyb25vdXNfbWV0cmljcz5mYWxzZTwvYXN5bmNocm9ub3VzX21ldHJpY3M+XG4gICAgPC9ncmFwaGl0ZT5cbiAgICAtLT5cblxuICAgIDwhLS0gU2VydmUgZW5kcG9pbnQgZm9yIFByb21ldGhldXMgbW9uaXRvcmluZy4gLS0+XG4gICAgPCEtLVxuICAgICAgICBlbmRwb2ludCAtIG1lcnRpY3MgcGF0aCAocmVsYXRpdmUgdG8gcm9vdCwgc3RhdHJpbmcgd2l0aCBcIi9cIilcbiAgICAgICAgcG9ydCAtIHBvcnQgdG8gc2V0dXAgc2VydmVyLiBJZiBub3QgZGVmaW5lZCBvciAwIHRoYW4gaHR0cF9wb3J0IHVzZWRcbiAgICAgICAgbWV0cmljcyAtIHNlbmQgZGF0YSBmcm9tIHRhYmxlIHN5c3RlbS5tZXRyaWNzXG4gICAgICAgIGV2ZW50cyAtIHNlbmQgZGF0YSBmcm9tIHRhYmxlIHN5c3RlbS5ldmVudHNcbiAgICAgICAgYXN5bmNocm9ub3VzX21ldHJpY3MgLSBzZW5kIGRhdGEgZnJvbSB0YWJsZSBzeXN0ZW0uYXN5bmNocm9ub3VzX21ldHJpY3NcbiAgICAgICAgc3RhdHVzX2luZm8gLSBzZW5kIGRhdGEgZnJvbSBkaWZmZXJlbnQgY29tcG9uZW50IGZyb20gQ0gsIGV4OiBEaWN0aW9uYXJpZXMgc3RhdHVzXG4gICAgLS0+XG4gICAgPCEtLVxuICAgIDxwcm9tZXRoZXVzPlxuICAgICAgICA8ZW5kcG9pbnQ+L21ldHJpY3M8L2VuZHBvaW50PlxuICAgICAgICA8cG9ydD45MzYzPC9wb3J0PlxuXG4gICAgICAgIDxtZXRyaWNzPnRydWU8L21ldHJpY3M+XG4gICAgICAgIDxldmVudHM+dHJ1ZTwvZXZlbnRzPlxuICAgICAgICA8YXN5bmNocm9ub3VzX21ldHJpY3M+dHJ1ZTwvYXN5bmNocm9ub3VzX21ldHJpY3M+XG4gICAgICAgIDxzdGF0dXNfaW5mbz50cnVlPC9zdGF0dXNfaW5mbz5cbiAgICA8L3Byb21ldGhldXM+XG4gICAgLS0+XG5cbiAgICA8IS0tIFF1ZXJ5IGxvZy4gVXNlZCBvbmx5IGZvciBxdWVyaWVzIHdpdGggc2V0dGluZyBsb2dfcXVlcmllcyA9IDEuIC0tPlxuICAgIDxxdWVyeV9sb2c+XG4gICAgICAgIDwhLS0gV2hhdCB0YWJsZSB0byBpbnNlcnQgZGF0YS4gSWYgdGFibGUgaXMgbm90IGV4aXN0LCBpdCB3aWxsIGJlIGNyZWF0ZWQuXG4gICAgICAgICAgICBXaGVuIHF1ZXJ5IGxvZyBzdHJ1Y3R1cmUgaXMgY2hhbmdlZCBhZnRlciBzeXN0ZW0gdXBkYXRlLFxuICAgICAgICAgICAgICB0aGVuIG9sZCB0YWJsZSB3aWxsIGJlIHJlbmFtZWQgYW5kIG5ldyB0YWJsZSB3aWxsIGJlIGNyZWF0ZWQgYXV0b21hdGljYWxseS5cbiAgICAgICAgLS0+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfbG9nPC90YWJsZT5cbiAgICAgICAgPCEtLVxuICAgICAgICAgICAgUEFSVElUSU9OIEJZIGV4cHI6XG4gICAgICAgIGh0dHBzOi8vY2xpY2tob3VzZS5jb20vZG9jcy9lbi90YWJsZV9lbmdpbmVzL21lcmdldHJlZS1mYW1pbHkvY3VzdG9tX3BhcnRpdGlvbmluZ19rZXkvXG4gICAgICAgICAgICBFeGFtcGxlOlxuICAgICAgICAgICAgICAgIGV2ZW50X2RhdGVcbiAgICAgICAgICAgICAgICB0b01vbmRheShldmVudF9kYXRlKVxuICAgICAgICAgICAgICAgIHRvWVlZWU1NKGV2ZW50X2RhdGUpXG4gICAgICAgICAgICAgICAgdG9TdGFydE9mSG91cihldmVudF90aW1lKVxuICAgICAgICAtLT5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8IS0tXG4gICAgICAgICAgICBUYWJsZSBUVEwgc3BlY2lmaWNhdGlvbjpcbiAgICAgICAgaHR0cHM6Ly9jbGlja2hvdXNlLmNvbS9kb2NzL2VuL2VuZ2luZXMvdGFibGUtZW5naW5lcy9tZXJnZXRyZWUtZmFtaWx5L21lcmdldHJlZS8jbWVyZ2V0cmVlLXRhYmxlLXR0bFxuICAgICAgICAgICAgRXhhbXBsZTpcbiAgICAgICAgICAgICAgICBldmVudF9kYXRlICsgSU5URVJWQUwgMSBXRUVLXG4gICAgICAgICAgICAgICAgZXZlbnRfZGF0ZSArIElOVEVSVkFMIDcgREFZIERFTEVURVxuICAgICAgICAgICAgICAgIGV2ZW50X2RhdGUgKyBJTlRFUlZBTCAyIFdFRUsgVE8gRElTSyAnYmJiJ1xuXG4gICAgICAgIDx0dGw+ZXZlbnRfZGF0ZSArIElOVEVSVkFMIDMwIERBWSBERUxFVEU8L3R0bD5cbiAgICAgICAgLS0+XG5cbiAgICAgICAgPCEtLSBJbnN0ZWFkIG9mIHBhcnRpdGlvbl9ieSwgeW91IGNhbiBwcm92aWRlIGZ1bGwgZW5naW5lIGV4cHJlc3Npb24gKHN0YXJ0aW5nIHdpdGggRU5HSU5FID1cbiAgICAgICAgKSB3aXRoIHBhcmFtZXRlcnMsXG4gICAgICAgICAgICBFeGFtcGxlOiA8ZW5naW5lPkVOR0lORSA9IE1lcmdlVHJlZSBQQVJUSVRJT04gQlkgdG9ZWVlZTU0oZXZlbnRfZGF0ZSkgT1JERVIgQlkgKGV2ZW50X2RhdGUsXG4gICAgICAgIGV2ZW50X3RpbWUpIFNFVFRJTkdTIGluZGV4X2dyYW51bGFyaXR5ID0gMTAyNDwvZW5naW5lPlxuICAgICAgICAgIC0tPlxuXG4gICAgICAgIDwhLS0gSW50ZXJ2YWwgb2YgZmx1c2hpbmcgZGF0YS4gLS0+XG4gICAgICAgIDxmbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+NzUwMDwvZmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPlxuICAgIDwvcXVlcnlfbG9nPlxuXG4gICAgPCEtLSBUcmFjZSBsb2cuIFN0b3JlcyBzdGFjayB0cmFjZXMgY29sbGVjdGVkIGJ5IHF1ZXJ5IHByb2ZpbGVycy5cbiAgICAgICAgU2VlIHF1ZXJ5X3Byb2ZpbGVyX3JlYWxfdGltZV9wZXJpb2RfbnMgYW5kIHF1ZXJ5X3Byb2ZpbGVyX2NwdV90aW1lX3BlcmlvZF9ucyBzZXR0aW5ncy4gLS0+XG4gICAgPHRyYWNlX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT50cmFjZV9sb2c8L3RhYmxlPlxuXG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC90cmFjZV9sb2c+XG5cbiAgICA8IS0tIFF1ZXJ5IHRocmVhZCBsb2cuIEhhcyBpbmZvcm1hdGlvbiBhYm91dCBhbGwgdGhyZWFkcyBwYXJ0aWNpcGF0ZWQgaW4gcXVlcnkgZXhlY3V0aW9uLlxuICAgICAgICBVc2VkIG9ubHkgZm9yIHF1ZXJpZXMgd2l0aCBzZXR0aW5nIGxvZ19xdWVyeV90aHJlYWRzID0gMS4gLS0+XG4gICAgPHF1ZXJ5X3RocmVhZF9sb2c+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfdGhyZWFkX2xvZzwvdGFibGU+XG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9xdWVyeV90aHJlYWRfbG9nPlxuXG4gICAgPCEtLSBRdWVyeSB2aWV3cyBsb2cuIEhhcyBpbmZvcm1hdGlvbiBhYm91dCBhbGwgZGVwZW5kZW50IHZpZXdzIGFzc29jaWF0ZWQgd2l0aCBhIHF1ZXJ5LlxuICAgICAgICBVc2VkIG9ubHkgZm9yIHF1ZXJpZXMgd2l0aCBzZXR0aW5nIGxvZ19xdWVyeV92aWV3cyA9IDEuIC0tPlxuICAgIDxxdWVyeV92aWV3c19sb2c+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+cXVlcnlfdmlld3NfbG9nPC90YWJsZT5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjc1MDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L3F1ZXJ5X3ZpZXdzX2xvZz5cblxuICAgIDwhLS0gVW5jb21tZW50IGlmIHVzZSBwYXJ0IGxvZy5cbiAgICAgICAgUGFydCBsb2cgY29udGFpbnMgaW5mb3JtYXRpb24gYWJvdXQgYWxsIGFjdGlvbnMgd2l0aCBwYXJ0cyBpbiBNZXJnZVRyZWUgdGFibGVzIChjcmVhdGlvbiwgZGVsZXRpb24sXG4gICAgbWVyZ2VzLCBkb3dubG9hZHMpLi0tPlxuICAgIDxwYXJ0X2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5wYXJ0X2xvZzwvdGFibGU+XG4gICAgICAgIDxwYXJ0aXRpb25fYnk+dG9ZWVlZTU0oZXZlbnRfZGF0ZSk8L3BhcnRpdGlvbl9ieT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9wYXJ0X2xvZz5cblxuICAgIDwhLS0gVW5jb21tZW50IHRvIHdyaXRlIHRleHQgbG9nIGludG8gdGFibGUuXG4gICAgICAgIFRleHQgbG9nIGNvbnRhaW5zIGFsbCBpbmZvcm1hdGlvbiBmcm9tIHVzdWFsIHNlcnZlciBsb2cgYnV0IHN0b3JlcyBpdCBpbiBzdHJ1Y3R1cmVkIGFuZCBlZmZpY2llbnRcbiAgICB3YXkuXG4gICAgICAgIFRoZSBsZXZlbCBvZiB0aGUgbWVzc2FnZXMgdGhhdCBnb2VzIHRvIHRoZSB0YWJsZSBjYW4gYmUgbGltaXRlZCAoPGxldmVsPiksIGlmIG5vdCBzcGVjaWZpZWQgYWxsXG4gICAgbWVzc2FnZXMgd2lsbCBnbyB0byB0aGUgdGFibGUuXG4gICAgPHRleHRfbG9nPlxuICAgICAgICA8ZGF0YWJhc2U+c3lzdGVtPC9kYXRhYmFzZT5cbiAgICAgICAgPHRhYmxlPnRleHRfbG9nPC90YWJsZT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgICAgIDxsZXZlbD48L2xldmVsPlxuICAgIDwvdGV4dF9sb2c+XG4gICAgLS0+XG5cbiAgICA8IS0tIE1ldHJpYyBsb2cgY29udGFpbnMgcm93cyB3aXRoIGN1cnJlbnQgdmFsdWVzIG9mIFByb2ZpbGVFdmVudHMsIEN1cnJlbnRNZXRyaWNzIGNvbGxlY3RlZFxuICAgIHdpdGggXCJjb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kc1wiIGludGVydmFsLiAtLT5cbiAgICA8bWV0cmljX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5tZXRyaWNfbG9nPC90YWJsZT5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz43NTAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgICAgIDxjb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kcz4xMDAwPC9jb2xsZWN0X2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L21ldHJpY19sb2c+XG5cbiAgICA8IS0tXG4gICAgICAgIEFzeW5jaHJvbm91cyBtZXRyaWMgbG9nIGNvbnRhaW5zIHZhbHVlcyBvZiBtZXRyaWNzIGZyb21cbiAgICAgICAgc3lzdGVtLmFzeW5jaHJvbm91c19tZXRyaWNzLlxuICAgIC0tPlxuICAgIDxhc3luY2hyb25vdXNfbWV0cmljX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5hc3luY2hyb25vdXNfbWV0cmljX2xvZzwvdGFibGU+XG4gICAgICAgIDwhLS1cbiAgICAgICAgICAgIEFzeW5jaHJvbm91cyBtZXRyaWNzIGFyZSB1cGRhdGVkIG9uY2UgYSBtaW51dGUsIHNvIHRoZXJlIGlzXG4gICAgICAgICAgICBubyBuZWVkIHRvIGZsdXNoIG1vcmUgb2Z0ZW4uXG4gICAgICAgIC0tPlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjcwMDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L2FzeW5jaHJvbm91c19tZXRyaWNfbG9nPlxuXG4gICAgPCEtLVxuICAgICAgICBPcGVuVGVsZW1ldHJ5IGxvZyBjb250YWlucyBPcGVuVGVsZW1ldHJ5IHRyYWNlIHNwYW5zLlxuICAgIC0tPlxuICAgIDxvcGVudGVsZW1ldHJ5X3NwYW5fbG9nPlxuICAgICAgICA8IS0tXG4gICAgICAgICAgICBUaGUgZGVmYXVsdCB0YWJsZSBjcmVhdGlvbiBjb2RlIGlzIGluc3VmZmljaWVudCwgdGhpcyA8ZW5naW5lPiBzcGVjXG4gICAgICAgICAgICBpcyBhIHdvcmthcm91bmQuIFRoZXJlIGlzIG5vICdldmVudF90aW1lJyBmb3IgdGhpcyBsb2csIGJ1dCB0d28gdGltZXMsXG4gICAgICAgICAgICBzdGFydCBhbmQgZmluaXNoLiBJdCBpcyBzb3J0ZWQgYnkgZmluaXNoIHRpbWUsIHRvIGF2b2lkIGluc2VydGluZ1xuICAgICAgICAgICAgZGF0YSB0b28gZmFyIGF3YXkgaW4gdGhlIHBhc3QgKHByb2JhYmx5IHdlIGNhbiBzb21ldGltZXMgaW5zZXJ0IGEgc3BhblxuICAgICAgICAgICAgdGhhdCBpcyBzZWNvbmRzIGVhcmxpZXIgdGhhbiB0aGUgbGFzdCBzcGFuIGluIHRoZSB0YWJsZSwgZHVlIHRvIGEgcmFjZVxuICAgICAgICAgICAgYmV0d2VlbiBzZXZlcmFsIHNwYW5zIGluc2VydGVkIGluIHBhcmFsbGVsKS4gVGhpcyBnaXZlcyB0aGUgc3BhbnMgYVxuICAgICAgICAgICAgZ2xvYmFsIG9yZGVyIHRoYXQgd2UgY2FuIHVzZSB0byBlLmcuIHJldHJ5IGluc2VydGlvbiBpbnRvIHNvbWUgZXh0ZXJuYWxcbiAgICAgICAgICAgIHN5c3RlbS5cbiAgICAgICAgLS0+XG4gICAgICAgIDxlbmdpbmU+XG4gICAgICAgICAgICBlbmdpbmUgTWVyZ2VUcmVlXG4gICAgICAgICAgICBwYXJ0aXRpb24gYnkgdG9ZWVlZTU0oZmluaXNoX2RhdGUpXG4gICAgICAgICAgICBvcmRlciBieSAoZmluaXNoX2RhdGUsIGZpbmlzaF90aW1lX3VzLCB0cmFjZV9pZClcbiAgICAgICAgPC9lbmdpbmU+XG4gICAgICAgIDxkYXRhYmFzZT5zeXN0ZW08L2RhdGFiYXNlPlxuICAgICAgICA8dGFibGU+b3BlbnRlbGVtZXRyeV9zcGFuX2xvZzwvdGFibGU+XG4gICAgICAgIDxmbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+NzUwMDwvZmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPlxuICAgIDwvb3BlbnRlbGVtZXRyeV9zcGFuX2xvZz5cblxuXG4gICAgPCEtLSBDcmFzaCBsb2cuIFN0b3JlcyBzdGFjayB0cmFjZXMgZm9yIGZhdGFsIGVycm9ycy5cbiAgICAgICAgVGhpcyB0YWJsZSBpcyBub3JtYWxseSBlbXB0eS4gLS0+XG4gICAgPGNyYXNoX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5jcmFzaF9sb2c8L3RhYmxlPlxuXG4gICAgICAgIDxwYXJ0aXRpb25fYnkgLz5cbiAgICAgICAgPGZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz4xMDAwPC9mbHVzaF9pbnRlcnZhbF9taWxsaXNlY29uZHM+XG4gICAgPC9jcmFzaF9sb2c+XG5cbiAgICA8IS0tIFNlc3Npb24gbG9nLiBTdG9yZXMgdXNlciBsb2cgaW4gKHN1Y2Nlc3NmdWwgb3Igbm90KSBhbmQgbG9nIG91dCBldmVudHMuIC0tPlxuICAgIDxzZXNzaW9uX2xvZz5cbiAgICAgICAgPGRhdGFiYXNlPnN5c3RlbTwvZGF0YWJhc2U+XG4gICAgICAgIDx0YWJsZT5zZXNzaW9uX2xvZzwvdGFibGU+XG5cbiAgICAgICAgPHBhcnRpdGlvbl9ieT50b1lZWVlNTShldmVudF9kYXRlKTwvcGFydGl0aW9uX2J5PlxuICAgICAgICA8Zmx1c2hfaW50ZXJ2YWxfbWlsbGlzZWNvbmRzPjc1MDA8L2ZsdXNoX2ludGVydmFsX21pbGxpc2Vjb25kcz5cbiAgICA8L3Nlc3Npb25fbG9nPlxuXG4gICAgPCEtLSBQYXJhbWV0ZXJzIGZvciBlbWJlZGRlZCBkaWN0aW9uYXJpZXMsIHVzZWQgaW4gWWFuZGV4Lk1ldHJpY2EuXG4gICAgICAgIFNlZSBodHRwczovL2NsaWNraG91c2UuY29tL2RvY3MvZW4vZGljdHMvaW50ZXJuYWxfZGljdHMvXG4gICAgLS0+XG5cbiAgICA8IS0tIFBhdGggdG8gZmlsZSB3aXRoIHJlZ2lvbiBoaWVyYXJjaHkuIC0tPlxuICAgIDwhLS1cbiAgICA8cGF0aF90b19yZWdpb25zX2hpZXJhcmNoeV9maWxlPi9vcHQvZ2VvL3JlZ2lvbnNfaGllcmFyY2h5LnR4dDwvcGF0aF90b19yZWdpb25zX2hpZXJhcmNoeV9maWxlPiAtLT5cblxuICAgIDwhLS0gUGF0aCB0byBkaXJlY3Rvcnkgd2l0aCBmaWxlcyBjb250YWluaW5nIG5hbWVzIG9mIHJlZ2lvbnMgLS0+XG4gICAgPCEtLSA8cGF0aF90b19yZWdpb25zX25hbWVzX2ZpbGVzPi9vcHQvZ2VvLzwvcGF0aF90b19yZWdpb25zX25hbWVzX2ZpbGVzPiAtLT5cblxuXG4gICAgPCEtLSA8dG9wX2xldmVsX2RvbWFpbnNfcGF0aD4vdmFyL2xpYi9jbGlja2hvdXNlL3RvcF9sZXZlbF9kb21haW5zLzwvdG9wX2xldmVsX2RvbWFpbnNfcGF0aD4gLS0+XG4gICAgPCEtLSBDdXN0b20gVExEIGxpc3RzLlxuICAgICAgICBGb3JtYXQ6IDxuYW1lPi9wYXRoL3RvL2ZpbGU8L25hbWU+XG5cbiAgICAgICAgQ2hhbmdlcyB3aWxsIG5vdCBiZSBhcHBsaWVkIHcvbyBzZXJ2ZXIgcmVzdGFydC5cbiAgICAgICAgUGF0aCB0byB0aGUgbGlzdCBpcyB1bmRlciB0b3BfbGV2ZWxfZG9tYWluc19wYXRoIChzZWUgYWJvdmUpLlxuICAgIC0tPlxuICAgIDx0b3BfbGV2ZWxfZG9tYWluc19saXN0cz5cbiAgICAgICAgPCEtLVxuICAgICAgICA8cHVibGljX3N1ZmZpeF9saXN0Pi9wYXRoL3RvL3B1YmxpY19zdWZmaXhfbGlzdC5kYXQ8L3B1YmxpY19zdWZmaXhfbGlzdD5cbiAgICAgICAgLS0+XG4gICAgPC90b3BfbGV2ZWxfZG9tYWluc19saXN0cz5cblxuICAgIDwhLS0gQ29uZmlndXJhdGlvbiBvZiBleHRlcm5hbCBkaWN0aW9uYXJpZXMuIFNlZTpcbiAgICAgICAgaHR0cHM6Ly9jbGlja2hvdXNlLmNvbS9kb2NzL2VuL3NxbC1yZWZlcmVuY2UvZGljdGlvbmFyaWVzL2V4dGVybmFsLWRpY3Rpb25hcmllcy9leHRlcm5hbC1kaWN0c1xuICAgIC0tPlxuICAgIDxkaWN0aW9uYXJpZXNfY29uZmlnPipfZGljdGlvbmFyeS54bWw8L2RpY3Rpb25hcmllc19jb25maWc+XG5cbiAgICA8IS0tIENvbmZpZ3VyYXRpb24gb2YgdXNlciBkZWZpbmVkIGV4ZWN1dGFibGUgZnVuY3Rpb25zIC0tPlxuICAgIDx1c2VyX2RlZmluZWRfZXhlY3V0YWJsZV9mdW5jdGlvbnNfY29uZmlnPipfZnVuY3Rpb24ueG1sPC91c2VyX2RlZmluZWRfZXhlY3V0YWJsZV9mdW5jdGlvbnNfY29uZmlnPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgaWYgeW91IHdhbnQgZGF0YSB0byBiZSBjb21wcmVzc2VkIDMwLTEwMCUgYmV0dGVyLlxuICAgICAgICBEb24ndCBkbyB0aGF0IGlmIHlvdSBqdXN0IHN0YXJ0ZWQgdXNpbmcgQ2xpY2tIb3VzZS5cbiAgICAgIC0tPlxuICAgIDwhLS1cbiAgICA8Y29tcHJlc3Npb24+XG4gICAgICAgIDwhLSAtIFNldCBvZiB2YXJpYW50cy4gQ2hlY2tlZCBpbiBvcmRlci4gTGFzdCBtYXRjaGluZyBjYXNlIHdpbnMuIElmIG5vdGhpbmcgbWF0Y2hlcywgbHo0IHdpbGwgYmVcbiAgICB1c2VkLiAtIC0+XG4gICAgICAgIDxjYXNlPlxuXG4gICAgICAgICAgICA8IS0gLSBDb25kaXRpb25zLiBBbGwgbXVzdCBiZSBzYXRpc2ZpZWQuIFNvbWUgY29uZGl0aW9ucyBtYXkgYmUgb21pdHRlZC4gLSAtPlxuICAgICAgICAgICAgPG1pbl9wYXJ0X3NpemU+MTAwMDAwMDAwMDA8L21pbl9wYXJ0X3NpemU+ICAgICAgICA8IS0gLSBNaW4gcGFydCBzaXplIGluIGJ5dGVzLiAtIC0+XG4gICAgICAgICAgICA8bWluX3BhcnRfc2l6ZV9yYXRpbz4wLjAxPC9taW5fcGFydF9zaXplX3JhdGlvPiAgIDwhLSAtIE1pbiBzaXplIG9mIHBhcnQgcmVsYXRpdmUgdG8gd2hvbGUgdGFibGVcbiAgICBzaXplLiAtIC0+XG5cbiAgICAgICAgICAgIDwhLSAtIFdoYXQgY29tcHJlc3Npb24gbWV0aG9kIHRvIHVzZS4gLSAtPlxuICAgICAgICAgICAgPG1ldGhvZD56c3RkPC9tZXRob2Q+XG4gICAgICAgIDwvY2FzZT5cbiAgICA8L2NvbXByZXNzaW9uPlxuICAgIC0tPlxuXG4gICAgPCEtLSBDb25maWd1cmF0aW9uIG9mIGVuY3J5cHRpb24uIFRoZSBzZXJ2ZXIgZXhlY3V0ZXMgYSBjb21tYW5kIHRvXG4gICAgICAgIG9idGFpbiBhbiBlbmNyeXB0aW9uIGtleSBhdCBzdGFydHVwIGlmIHN1Y2ggYSBjb21tYW5kIGlzXG4gICAgICAgIGRlZmluZWQsIG9yIGVuY3J5cHRpb24gY29kZWNzIHdpbGwgYmUgZGlzYWJsZWQgb3RoZXJ3aXNlLiBUaGVcbiAgICAgICAgY29tbWFuZCBpcyBleGVjdXRlZCB0aHJvdWdoIC9iaW4vc2ggYW5kIGlzIGV4cGVjdGVkIHRvIHdyaXRlXG4gICAgICAgIGEgQmFzZTY0LWVuY29kZWQga2V5IHRvIHRoZSBzdGRvdXQuIC0tPlxuICAgIDxlbmNyeXB0aW9uX2NvZGVjcz5cbiAgICAgICAgPCEtLSBhZXNfMTI4X2djbV9zaXYgLS0+XG4gICAgICAgIDwhLS0gRXhhbXBsZSBvZiBnZXR0aW5nIGhleCBrZXkgZnJvbSBlbnYgLS0+XG4gICAgICAgIDwhLS0gdGhlIGNvZGUgc2hvdWxkIHVzZSB0aGlzIGtleSBhbmQgdGhyb3cgYW4gZXhjZXB0aW9uIGlmIGl0cyBsZW5ndGggaXMgbm90IDE2IGJ5dGVzIC0tPlxuICAgICAgICA8IS0ta2V5X2hleFxuICAgICAgICBmcm9tX2Vudj1cIi4uLlwiPjwva2V5X2hleCAtLT5cblxuICAgICAgICA8IS0tIEV4YW1wbGUgb2YgbXVsdGlwbGUgaGV4IGtleXMuIFRoZXkgY2FuIGJlIGltcG9ydGVkIGZyb20gZW52IG9yIGJlIHdyaXR0ZW4gZG93biBpblxuICAgICAgICBjb25maWctLT5cbiAgICAgICAgPCEtLSB0aGUgY29kZSBzaG91bGQgdXNlIHRoZXNlIGtleXMgYW5kIHRocm93IGFuIGV4Y2VwdGlvbiBpZiB0aGVpciBsZW5ndGggaXMgbm90IDE2IGJ5dGVzIC0tPlxuICAgICAgICA8IS0tIGtleV9oZXggaWQ9XCIwXCI+Li4uPC9rZXlfaGV4IC0tPlxuICAgICAgICA8IS0tIGtleV9oZXggaWQ9XCIxXCIgZnJvbV9lbnY9XCIuLlwiPjwva2V5X2hleCAtLT5cbiAgICAgICAgPCEtLSBrZXlfaGV4IGlkPVwiMlwiPi4uLjwva2V5X2hleCAtLT5cbiAgICAgICAgPCEtLSBjdXJyZW50X2tleV9pZD4yPC9jdXJyZW50X2tleV9pZCAtLT5cblxuICAgICAgICA8IS0tIEV4YW1wbGUgb2YgZ2V0dGluZyBoZXgga2V5IGZyb20gY29uZmlnIC0tPlxuICAgICAgICA8IS0tIHRoZSBjb2RlIHNob3VsZCB1c2UgdGhpcyBrZXkgYW5kIHRocm93IGFuIGV4Y2VwdGlvbiBpZiBpdHMgbGVuZ3RoIGlzIG5vdCAxNiBieXRlcyAtLT5cbiAgICAgICAgPCEtLSBrZXk+Li4uPC9rZXkgLS0+XG5cbiAgICAgICAgPCEtLSBleGFtcGxlIG9mIGFkZGluZyBub25jZSAtLT5cbiAgICAgICAgPCEtLSBub25jZT4uLi48L25vbmNlIC0tPlxuXG4gICAgICAgIDwhLS0gL2Flc18xMjhfZ2NtX3NpdiAtLT5cbiAgICA8L2VuY3J5cHRpb25fY29kZWNzPlxuXG4gICAgPCEtLSBBbGxvdyB0byBleGVjdXRlIGRpc3RyaWJ1dGVkIERETCBxdWVyaWVzIChDUkVBVEUsIERST1AsIEFMVEVSLCBSRU5BTUUpIG9uIGNsdXN0ZXIuXG4gICAgICAgIFdvcmtzIG9ubHkgaWYgWm9vS2VlcGVyIGlzIGVuYWJsZWQuIENvbW1lbnQgaXQgaWYgc3VjaCBmdW5jdGlvbmFsaXR5IGlzbid0IHJlcXVpcmVkLiAtLT5cbiAgICA8ZGlzdHJpYnV0ZWRfZGRsPlxuICAgICAgICA8IS0tIFBhdGggaW4gWm9vS2VlcGVyIHRvIHF1ZXVlIHdpdGggRERMIHF1ZXJpZXMgLS0+XG4gICAgICAgIDxwYXRoPi9jbGlja2hvdXNlL3Rhc2tfcXVldWUvZGRsPC9wYXRoPlxuXG4gICAgICAgIDwhLS0gU2V0dGluZ3MgZnJvbSB0aGlzIHByb2ZpbGUgd2lsbCBiZSB1c2VkIHRvIGV4ZWN1dGUgRERMIHF1ZXJpZXMgLS0+XG4gICAgICAgIDwhLS0gPHByb2ZpbGU+ZGVmYXVsdDwvcHJvZmlsZT4gLS0+XG5cbiAgICAgICAgPCEtLSBDb250cm9scyBob3cgbXVjaCBPTiBDTFVTVEVSIHF1ZXJpZXMgY2FuIGJlIHJ1biBzaW11bHRhbmVvdXNseS4gLS0+XG4gICAgICAgIDwhLS0gPHBvb2xfc2l6ZT4xPC9wb29sX3NpemU+IC0tPlxuXG4gICAgICAgIDwhLS1cbiAgICAgICAgICAgIENsZWFudXAgc2V0dGluZ3MgKGFjdGl2ZSB0YXNrcyB3aWxsIG5vdCBiZSByZW1vdmVkKVxuICAgICAgICAtLT5cblxuICAgICAgICA8IS0tIENvbnRyb2xzIHRhc2sgVFRMIChkZWZhdWx0IDEgd2VlaykgLS0+XG4gICAgICAgIDwhLS0gPHRhc2tfbWF4X2xpZmV0aW1lPjYwNDgwMDwvdGFza19tYXhfbGlmZXRpbWU+IC0tPlxuXG4gICAgICAgIDwhLS0gQ29udHJvbHMgaG93IG9mdGVuIGNsZWFudXAgc2hvdWxkIGJlIHBlcmZvcm1lZCAoaW4gc2Vjb25kcykgLS0+XG4gICAgICAgIDwhLS0gPGNsZWFudXBfZGVsYXlfcGVyaW9kPjYwPC9jbGVhbnVwX2RlbGF5X3BlcmlvZD4gLS0+XG5cbiAgICAgICAgPCEtLSBDb250cm9scyBob3cgbWFueSB0YXNrcyBjb3VsZCBiZSBpbiB0aGUgcXVldWUgLS0+XG4gICAgICAgIDwhLS0gPG1heF90YXNrc19pbl9xdWV1ZT4xMDAwPC9tYXhfdGFza3NfaW5fcXVldWU+IC0tPlxuICAgIDwvZGlzdHJpYnV0ZWRfZGRsPlxuXG4gICAgPCEtLSBTZXR0aW5ncyB0byBmaW5lIHR1bmUgTWVyZ2VUcmVlIHRhYmxlcy4gU2VlIGRvY3VtZW50YXRpb24gaW4gc291cmNlIGNvZGUsIGluXG4gICAgTWVyZ2VUcmVlU2V0dGluZ3MuaCAtLT5cbiAgICA8IS0tXG4gICAgPG1lcmdlX3RyZWU+XG4gICAgICAgIDxtYXhfc3VzcGljaW91c19icm9rZW5fcGFydHM+NTwvbWF4X3N1c3BpY2lvdXNfYnJva2VuX3BhcnRzPlxuICAgIDwvbWVyZ2VfdHJlZT5cbiAgICAtLT5cblxuICAgIDwhLS0gUHJvdGVjdGlvbiBmcm9tIGFjY2lkZW50YWwgRFJPUC5cbiAgICAgICAgSWYgc2l6ZSBvZiBhIE1lcmdlVHJlZSB0YWJsZSBpcyBncmVhdGVyIHRoYW4gbWF4X3RhYmxlX3NpemVfdG9fZHJvcCAoaW4gYnl0ZXMpIHRoYW4gdGFibGUgY291bGQgbm90XG4gICAgYmUgZHJvcHBlZCB3aXRoIGFueSBEUk9QIHF1ZXJ5LlxuICAgICAgICBJZiB5b3Ugd2FudCBkbyBkZWxldGUgb25lIHRhYmxlIGFuZCBkb24ndCB3YW50IHRvIGNoYW5nZSBjbGlja2hvdXNlLXNlcnZlciBjb25maWcsIHlvdSBjb3VsZCBjcmVhdGVcbiAgICBzcGVjaWFsIGZpbGUgPGNsaWNraG91c2UtcGF0aD4vZmxhZ3MvZm9yY2VfZHJvcF90YWJsZSBhbmQgbWFrZSBEUk9QIG9uY2UuXG4gICAgICAgIEJ5IGRlZmF1bHQgbWF4X3RhYmxlX3NpemVfdG9fZHJvcCBpcyA1MEdCOyBtYXhfdGFibGVfc2l6ZV90b19kcm9wPTAgYWxsb3dzIHRvIERST1AgYW55IHRhYmxlcy5cbiAgICAgICAgVGhlIHNhbWUgZm9yIG1heF9wYXJ0aXRpb25fc2l6ZV90b19kcm9wLlxuICAgICAgICBVbmNvbW1lbnQgdG8gZGlzYWJsZSBwcm90ZWN0aW9uLlxuICAgIC0tPlxuICAgIDwhLS0gPG1heF90YWJsZV9zaXplX3RvX2Ryb3A+MDwvbWF4X3RhYmxlX3NpemVfdG9fZHJvcD4gLS0+XG4gICAgPCEtLSA8bWF4X3BhcnRpdGlvbl9zaXplX3RvX2Ryb3A+MDwvbWF4X3BhcnRpdGlvbl9zaXplX3RvX2Ryb3A+IC0tPlxuXG4gICAgPCEtLSBFeGFtcGxlIG9mIHBhcmFtZXRlcnMgZm9yIEdyYXBoaXRlTWVyZ2VUcmVlIHRhYmxlIGVuZ2luZSAtLT5cbiAgICA8Z3JhcGhpdGVfcm9sbHVwX2V4YW1wbGU+XG4gICAgICAgIDxwYXR0ZXJuPlxuICAgICAgICAgICAgPHJlZ2V4cD5jbGlja19jb3N0PC9yZWdleHA+XG4gICAgICAgICAgICA8ZnVuY3Rpb24+YW55PC9mdW5jdGlvbj5cbiAgICAgICAgICAgIDxyZXRlbnRpb24+XG4gICAgICAgICAgICAgICAgPGFnZT4wPC9hZ2U+XG4gICAgICAgICAgICAgICAgPHByZWNpc2lvbj4zNjAwPC9wcmVjaXNpb24+XG4gICAgICAgICAgICA8L3JldGVudGlvbj5cbiAgICAgICAgICAgIDxyZXRlbnRpb24+XG4gICAgICAgICAgICAgICAgPGFnZT44NjQwMDwvYWdlPlxuICAgICAgICAgICAgICAgIDxwcmVjaXNpb24+NjA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICA8L3BhdHRlcm4+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGZ1bmN0aW9uPm1heDwvZnVuY3Rpb24+XG4gICAgICAgICAgICA8cmV0ZW50aW9uPlxuICAgICAgICAgICAgICAgIDxhZ2U+MDwvYWdlPlxuICAgICAgICAgICAgICAgIDxwcmVjaXNpb24+NjA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICAgICAgPHJldGVudGlvbj5cbiAgICAgICAgICAgICAgICA8YWdlPjM2MDA8L2FnZT5cbiAgICAgICAgICAgICAgICA8cHJlY2lzaW9uPjMwMDwvcHJlY2lzaW9uPlxuICAgICAgICAgICAgPC9yZXRlbnRpb24+XG4gICAgICAgICAgICA8cmV0ZW50aW9uPlxuICAgICAgICAgICAgICAgIDxhZ2U+ODY0MDA8L2FnZT5cbiAgICAgICAgICAgICAgICA8cHJlY2lzaW9uPjM2MDA8L3ByZWNpc2lvbj5cbiAgICAgICAgICAgIDwvcmV0ZW50aW9uPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9ncmFwaGl0ZV9yb2xsdXBfZXhhbXBsZT5cblxuICAgIDwhLS0gRGlyZWN0b3J5IGluIDxjbGlja2hvdXNlLXBhdGg+IGNvbnRhaW5pbmcgc2NoZW1hIGZpbGVzIGZvciB2YXJpb3VzIGlucHV0IGZvcm1hdHMuXG4gICAgICAgIFRoZSBkaXJlY3Rvcnkgd2lsbCBiZSBjcmVhdGVkIGlmIGl0IGRvZXNuJ3QgZXhpc3QuXG4gICAgICAtLT5cbiAgICA8Zm9ybWF0X3NjaGVtYV9wYXRoPi92YXIvbGliL2NsaWNraG91c2UvZm9ybWF0X3NjaGVtYXMvPC9mb3JtYXRfc2NoZW1hX3BhdGg+XG5cbiAgICA8IS0tIERlZmF1bHQgcXVlcnkgbWFza2luZyBydWxlcywgbWF0Y2hpbmcgbGluZXMgd291bGQgYmUgcmVwbGFjZWQgd2l0aCBzb21ldGhpbmcgZWxzZSBpbiB0aGVcbiAgICBsb2dzXG4gICAgICAgIChib3RoIHRleHQgbG9ncyBhbmQgc3lzdGVtLnF1ZXJ5X2xvZykuXG4gICAgICAgIG5hbWUgLSBuYW1lIGZvciB0aGUgcnVsZSAob3B0aW9uYWwpXG4gICAgICAgIHJlZ2V4cCAtIFJFMiBjb21wYXRpYmxlIHJlZ3VsYXIgZXhwcmVzc2lvbiAobWFuZGF0b3J5KVxuICAgICAgICByZXBsYWNlIC0gc3Vic3RpdHV0aW9uIHN0cmluZyBmb3Igc2Vuc2l0aXZlIGRhdGEgKG9wdGlvbmFsLCBieSBkZWZhdWx0IC0gc2l4IGFzdGVyaXNrcylcbiAgICAtLT5cbiAgICA8cXVlcnlfbWFza2luZ19ydWxlcz5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8bmFtZT5oaWRlIGVuY3J5cHQvZGVjcnlwdCBhcmd1bWVudHM8L25hbWU+XG4gICAgICAgICAgICA8cmVnZXhwPigoPzphZXNfKT8oPzplbmNyeXB0fGRlY3J5cHQpKD86X215c3FsKT8pXFxzKlxcKFxccyooPzonKD86XFxcXCd8LikrJ3wuKj8pXFxzKlxcKTwvcmVnZXhwPlxuICAgICAgICAgICAgPCEtLSBvciBtb3JlIHNlY3VyZSwgYnV0IGFsc28gbW9yZSBpbnZhc2l2ZTpcbiAgICAgICAgICAgICAgICAoYWVzX1xcdyspXFxzKlxcKC4qXFwpXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxyZXBsYWNlPlxcMSg/Pz8pPC9yZXBsYWNlPlxuICAgICAgICA8L3J1bGU+XG4gICAgPC9xdWVyeV9tYXNraW5nX3J1bGVzPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgdG8gdXNlIGN1c3RvbSBodHRwIGhhbmRsZXJzLlxuICAgICAgICBydWxlcyBhcmUgY2hlY2tlZCBmcm9tIHRvcCB0byBib3R0b20sIGZpcnN0IG1hdGNoIHJ1bnMgdGhlIGhhbmRsZXJcbiAgICAgICAgICAgIHVybCAtIHRvIG1hdGNoIHJlcXVlc3QgVVJMLCB5b3UgY2FuIHVzZSAncmVnZXg6JyBwcmVmaXggdG8gdXNlIHJlZ2V4IG1hdGNoKG9wdGlvbmFsKVxuICAgICAgICAgICAgbWV0aG9kcyAtIHRvIG1hdGNoIHJlcXVlc3QgbWV0aG9kLCB5b3UgY2FuIHVzZSBjb21tYXMgdG8gc2VwYXJhdGUgbXVsdGlwbGUgbWV0aG9kIG1hdGNoZXMob3B0aW9uYWwpXG4gICAgICAgICAgICBoZWFkZXJzIC0gdG8gbWF0Y2ggcmVxdWVzdCBoZWFkZXJzLCBtYXRjaCBlYWNoIGNoaWxkIGVsZW1lbnQoY2hpbGQgZWxlbWVudCBuYW1lIGlzIGhlYWRlciBuYW1lKSxcbiAgICB5b3UgY2FuIHVzZSAncmVnZXg6JyBwcmVmaXggdG8gdXNlIHJlZ2V4IG1hdGNoKG9wdGlvbmFsKVxuICAgICAgICBoYW5kbGVyIGlzIHJlcXVlc3QgaGFuZGxlclxuICAgICAgICAgICAgdHlwZSAtIHN1cHBvcnRlZCB0eXBlczogc3RhdGljLCBkeW5hbWljX3F1ZXJ5X2hhbmRsZXIsIHByZWRlZmluZWRfcXVlcnlfaGFuZGxlclxuICAgICAgICAgICAgcXVlcnkgLSB1c2Ugd2l0aCBwcmVkZWZpbmVkX3F1ZXJ5X2hhbmRsZXIgdHlwZSwgZXhlY3V0ZXMgcXVlcnkgd2hlbiB0aGUgaGFuZGxlciBpcyBjYWxsZWRcbiAgICAgICAgICAgIHF1ZXJ5X3BhcmFtX25hbWUgLSB1c2Ugd2l0aCBkeW5hbWljX3F1ZXJ5X2hhbmRsZXIgdHlwZSwgZXh0cmFjdHMgYW5kIGV4ZWN1dGVzIHRoZSB2YWx1ZVxuICAgIGNvcnJlc3BvbmRpbmcgdG8gdGhlIDxxdWVyeV9wYXJhbV9uYW1lPiB2YWx1ZSBpbiBIVFRQIHJlcXVlc3QgcGFyYW1zXG4gICAgICAgICAgICBzdGF0dXMgLSB1c2Ugd2l0aCBzdGF0aWMgdHlwZSwgcmVzcG9uc2Ugc3RhdHVzIGNvZGVcbiAgICAgICAgICAgIGNvbnRlbnRfdHlwZSAtIHVzZSB3aXRoIHN0YXRpYyB0eXBlLCByZXNwb25zZSBjb250ZW50LXR5cGVcbiAgICAgICAgICAgIHJlc3BvbnNlX2NvbnRlbnQgLSB1c2Ugd2l0aCBzdGF0aWMgdHlwZSwgUmVzcG9uc2UgY29udGVudCBzZW50IHRvIGNsaWVudCwgd2hlbiB1c2luZyB0aGUgcHJlZml4XG4gICAgJ2ZpbGU6Ly8nIG9yICdjb25maWc6Ly8nLCBmaW5kIHRoZSBjb250ZW50IGZyb20gdGhlIGZpbGUgb3IgY29uZmlndXJhdGlvbiBzZW5kIHRvIGNsaWVudC5cblxuICAgIDxodHRwX2hhbmRsZXJzPlxuICAgICAgICA8cnVsZT5cbiAgICAgICAgICAgIDx1cmw+LzwvdXJsPlxuICAgICAgICAgICAgPG1ldGhvZHM+UE9TVCxHRVQ8L21ldGhvZHM+XG4gICAgICAgICAgICA8aGVhZGVycz48cHJhZ21hPm5vLWNhY2hlPC9wcmFnbWE+PC9oZWFkZXJzPlxuICAgICAgICAgICAgPGhhbmRsZXI+XG4gICAgICAgICAgICAgICAgPHR5cGU+ZHluYW1pY19xdWVyeV9oYW5kbGVyPC90eXBlPlxuICAgICAgICAgICAgICAgIDxxdWVyeV9wYXJhbV9uYW1lPnF1ZXJ5PC9xdWVyeV9wYXJhbV9uYW1lPlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8dXJsPi9wcmVkZWZpbmVkX3F1ZXJ5PC91cmw+XG4gICAgICAgICAgICA8bWV0aG9kcz5QT1NULEdFVDwvbWV0aG9kcz5cbiAgICAgICAgICAgIDxoYW5kbGVyPlxuICAgICAgICAgICAgICAgIDx0eXBlPnByZWRlZmluZWRfcXVlcnlfaGFuZGxlcjwvdHlwZT5cbiAgICAgICAgICAgICAgICA8cXVlcnk+U0VMRUNUICogRlJPTSBzeXN0ZW0uc2V0dGluZ3M8L3F1ZXJ5PlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG5cbiAgICAgICAgPHJ1bGU+XG4gICAgICAgICAgICA8aGFuZGxlcj5cbiAgICAgICAgICAgICAgICA8dHlwZT5zdGF0aWM8L3R5cGU+XG4gICAgICAgICAgICAgICAgPHN0YXR1cz4yMDA8L3N0YXR1cz5cbiAgICAgICAgICAgICAgICA8Y29udGVudF90eXBlPnRleHQvcGxhaW47IGNoYXJzZXQ9VVRGLTg8L2NvbnRlbnRfdHlwZT5cbiAgICAgICAgICAgICAgICA8cmVzcG9uc2VfY29udGVudD5jb25maWc6Ly9odHRwX3NlcnZlcl9kZWZhdWx0X3Jlc3BvbnNlPC9yZXNwb25zZV9jb250ZW50PlxuICAgICAgICAgICAgPC9oYW5kbGVyPlxuICAgICAgICA8L3J1bGU+XG4gICAgPC9odHRwX2hhbmRsZXJzPlxuICAgIC0tPlxuXG4gICAgPHNlbmRfY3Jhc2hfcmVwb3J0cz5cbiAgICAgICAgPCEtLSBDaGFuZ2luZyA8ZW5hYmxlZD4gdG8gdHJ1ZSBhbGxvd3Mgc2VuZGluZyBjcmFzaCByZXBvcnRzIHRvIC0tPlxuICAgICAgICA8IS0tIHRoZSBDbGlja0hvdXNlIGNvcmUgZGV2ZWxvcGVycyB0ZWFtIHZpYSBTZW50cnkgaHR0cHM6Ly9zZW50cnkuaW8gLS0+XG4gICAgICAgIDwhLS0gRG9pbmcgc28gYXQgbGVhc3QgaW4gcHJlLXByb2R1Y3Rpb24gZW52aXJvbm1lbnRzIGlzIGhpZ2hseSBhcHByZWNpYXRlZCAtLT5cbiAgICAgICAgPGVuYWJsZWQ+ZmFsc2U8L2VuYWJsZWQ+XG4gICAgICAgIDwhLS0gQ2hhbmdlIDxhbm9ueW1pemU+IHRvIHRydWUgaWYgeW91IGRvbid0IGZlZWwgY29tZm9ydGFibGUgYXR0YWNoaW5nIHRoZSBzZXJ2ZXIgaG9zdG5hbWVcbiAgICAgICAgdG8gdGhlIGNyYXNoIHJlcG9ydCAtLT5cbiAgICAgICAgPGFub255bWl6ZT5mYWxzZTwvYW5vbnltaXplPlxuICAgICAgICA8IS0tIERlZmF1bHQgZW5kcG9pbnQgc2hvdWxkIGJlIGNoYW5nZWQgdG8gZGlmZmVyZW50IFNlbnRyeSBEU04gb25seSBpZiB5b3UgaGF2ZSAtLT5cbiAgICAgICAgPCEtLSBzb21lIGluLWhvdXNlIGVuZ2luZWVycyBvciBoaXJlZCBjb25zdWx0YW50cyB3aG8ncmUgZ29pbmcgdG8gZGVidWcgQ2xpY2tIb3VzZSBpc3N1ZXNcbiAgICAgICAgZm9yIHlvdSAtLT5cbiAgICAgICAgPGVuZHBvaW50Pmh0dHBzOi8vNmYzMzAzNGNmZTY4NGRkN2EzYWI5ODc1ZTU3YjFjOGRAbzM4ODg3MC5pbmdlc3Quc2VudHJ5LmlvLzUyMjYyNzc8L2VuZHBvaW50PlxuICAgIDwvc2VuZF9jcmFzaF9yZXBvcnRzPlxuXG4gICAgPCEtLSBVbmNvbW1lbnQgdG8gZGlzYWJsZSBDbGlja0hvdXNlIGludGVybmFsIEROUyBjYWNoaW5nLiAtLT5cbiAgICA8IS0tIDxkaXNhYmxlX2ludGVybmFsX2Ruc19jYWNoZT4xPC9kaXNhYmxlX2ludGVybmFsX2Ruc19jYWNoZT4gLS0+XG5cbiAgICA8IS0tIFlvdSBjYW4gYWxzbyBjb25maWd1cmUgcm9ja3NkYiBsaWtlIHRoaXM6IC0tPlxuICAgIDwhLS1cbiAgICA8cm9ja3NkYj5cbiAgICAgICAgPG9wdGlvbnM+XG4gICAgICAgICAgICA8bWF4X2JhY2tncm91bmRfam9icz44PC9tYXhfYmFja2dyb3VuZF9qb2JzPlxuICAgICAgICA8L29wdGlvbnM+XG4gICAgICAgIDxjb2x1bW5fZmFtaWx5X29wdGlvbnM+XG4gICAgICAgICAgICA8bnVtX2xldmVscz4yPC9udW1fbGV2ZWxzPlxuICAgICAgICA8L2NvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgPHRhYmxlcz5cbiAgICAgICAgICAgIDx0YWJsZT5cbiAgICAgICAgICAgICAgICA8bmFtZT5UQUJMRTwvbmFtZT5cbiAgICAgICAgICAgICAgICA8b3B0aW9ucz5cbiAgICAgICAgICAgICAgICAgICAgPG1heF9iYWNrZ3JvdW5kX2pvYnM+ODwvbWF4X2JhY2tncm91bmRfam9icz5cbiAgICAgICAgICAgICAgICA8L29wdGlvbnM+XG4gICAgICAgICAgICAgICAgPGNvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgICAgICAgICAgICAgPG51bV9sZXZlbHM+MjwvbnVtX2xldmVscz5cbiAgICAgICAgICAgICAgICA8L2NvbHVtbl9mYW1pbHlfb3B0aW9ucz5cbiAgICAgICAgICAgIDwvdGFibGU+XG4gICAgICAgIDwvdGFibGVzPlxuICAgIDwvcm9ja3NkYj5cbiAgICAtLT5cbjwveWFuZGV4PiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vZG9ja2VyL2NsaWNraG91c2UvdXNlcnMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL3VzZXJzLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8P3htbCB2ZXJzaW9uPVwiMS4wXCI/PlxuPHlhbmRleD5cbiAgICA8IS0tIFNlZSBhbHNvIHRoZSBmaWxlcyBpbiB1c2Vycy5kIGRpcmVjdG9yeSB3aGVyZSB0aGUgc2V0dGluZ3MgY2FuIGJlIG92ZXJyaWRkZW4uIC0tPlxuXG4gICAgPCEtLSBQcm9maWxlcyBvZiBzZXR0aW5ncy4gLS0+XG4gICAgPHByb2ZpbGVzPlxuICAgICAgICA8IS0tIERlZmF1bHQgc2V0dGluZ3MuIC0tPlxuICAgICAgICA8ZGVmYXVsdD5cbiAgICAgICAgICAgIDwhLS0gTWF4aW11bSBtZW1vcnkgdXNhZ2UgZm9yIHByb2Nlc3Npbmcgc2luZ2xlIHF1ZXJ5LCBpbiBieXRlcy4gLS0+XG4gICAgICAgICAgICA8bWF4X21lbW9yeV91c2FnZT4xMDAwMDAwMDAwMDwvbWF4X21lbW9yeV91c2FnZT5cblxuICAgICAgICAgICAgPCEtLSBIb3cgdG8gY2hvb3NlIGJldHdlZW4gcmVwbGljYXMgZHVyaW5nIGRpc3RyaWJ1dGVkIHF1ZXJ5IHByb2Nlc3NpbmcuXG4gICAgICAgICAgICAgICAgcmFuZG9tIC0gY2hvb3NlIHJhbmRvbSByZXBsaWNhIGZyb20gc2V0IG9mIHJlcGxpY2FzIHdpdGggbWluaW11bSBudW1iZXIgb2YgZXJyb3JzXG4gICAgICAgICAgICAgICAgbmVhcmVzdF9ob3N0bmFtZSAtIGZyb20gc2V0IG9mIHJlcGxpY2FzIHdpdGggbWluaW11bSBudW1iZXIgb2YgZXJyb3JzLCBjaG9vc2UgcmVwbGljYVxuICAgICAgICAgICAgICAgICAgd2l0aCBtaW5pbXVtIG51bWJlciBvZiBkaWZmZXJlbnQgc3ltYm9scyBiZXR3ZWVuIHJlcGxpY2EncyBob3N0bmFtZSBhbmQgbG9jYWwgaG9zdG5hbWVcbiAgICAgICAgICAgICAgICAgIChIYW1taW5nIGRpc3RhbmNlKS5cbiAgICAgICAgICAgICAgICBpbl9vcmRlciAtIGZpcnN0IGxpdmUgcmVwbGljYSBpcyBjaG9zZW4gaW4gc3BlY2lmaWVkIG9yZGVyLlxuICAgICAgICAgICAgICAgIGZpcnN0X29yX3JhbmRvbSAtIGlmIGZpcnN0IHJlcGxpY2Egb25lIGhhcyBoaWdoZXIgbnVtYmVyIG9mIGVycm9ycywgcGljayBhIHJhbmRvbSBvbmUgZnJvbSByZXBsaWNhc1xuICAgICAgICAgICAgd2l0aCBtaW5pbXVtIG51bWJlciBvZiBlcnJvcnMuXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxsb2FkX2JhbGFuY2luZz5yYW5kb208L2xvYWRfYmFsYW5jaW5nPlxuXG4gICAgICAgICAgICA8YWxsb3dfbm9uZGV0ZXJtaW5pc3RpY19tdXRhdGlvbnM+MTwvYWxsb3dfbm9uZGV0ZXJtaW5pc3RpY19tdXRhdGlvbnM+XG5cbiAgICAgICAgPC9kZWZhdWx0PlxuXG4gICAgICAgIDwhLS0gUHJvZmlsZSB0aGF0IGFsbG93cyBvbmx5IHJlYWQgcXVlcmllcy4gLS0+XG4gICAgICAgIDxyZWFkb25seT5cbiAgICAgICAgICAgIDxyZWFkb25seT4xPC9yZWFkb25seT5cbiAgICAgICAgPC9yZWFkb25seT5cblxuICAgIDwvcHJvZmlsZXM+XG5cbiAgICA8IS0tIFVzZXJzIGFuZCBBQ0wuIC0tPlxuICAgIDx1c2Vycz5cbiAgICAgICAgPCEtLSBJZiB1c2VyIG5hbWUgd2FzIG5vdCBzcGVjaWZpZWQsICdkZWZhdWx0JyB1c2VyIGlzIHVzZWQuIC0tPlxuICAgICAgICA8ZGVmYXVsdD5cbiAgICAgICAgICAgIDwhLS0gU2VlIGFsc28gdGhlIGZpbGVzIGluIHVzZXJzLmQgZGlyZWN0b3J5IHdoZXJlIHRoZSBwYXNzd29yZCBjYW4gYmUgb3ZlcnJpZGRlbi5cblxuICAgICAgICAgICAgICAgIFBhc3N3b3JkIGNvdWxkIGJlIHNwZWNpZmllZCBpbiBwbGFpbnRleHQgb3IgaW4gU0hBMjU2IChpbiBoZXggZm9ybWF0KS5cblxuICAgICAgICAgICAgICAgIElmIHlvdSB3YW50IHRvIHNwZWNpZnkgcGFzc3dvcmQgaW4gcGxhaW50ZXh0IChub3QgcmVjb21tZW5kZWQpLCBwbGFjZSBpdCBpbiAncGFzc3dvcmQnIGVsZW1lbnQuXG4gICAgICAgICAgICAgICAgRXhhbXBsZTogPHBhc3N3b3JkPnF3ZXJ0eTwvcGFzc3dvcmQ+LlxuICAgICAgICAgICAgICAgIFBhc3N3b3JkIGNvdWxkIGJlIGVtcHR5LlxuXG4gICAgICAgICAgICAgICAgSWYgeW91IHdhbnQgdG8gc3BlY2lmeSBTSEEyNTYsIHBsYWNlIGl0IGluICdwYXNzd29yZF9zaGEyNTZfaGV4JyBlbGVtZW50LlxuICAgICAgICAgICAgICAgIEV4YW1wbGU6XG4gICAgICAgICAgICA8cGFzc3dvcmRfc2hhMjU2X2hleD42NWU4NGJlMzM1MzJmYjc4NGM0ODEyOTY3NWY5ZWZmM2E2ODJiMjcxNjhjMGVhNzQ0YjJjZjU4ZWUwMjMzN2M1PC9wYXNzd29yZF9zaGEyNTZfaGV4PlxuICAgICAgICAgICAgICAgIFJlc3RyaWN0aW9ucyBvZiBTSEEyNTY6IGltcG9zc2liaWxpdHkgdG8gY29ubmVjdCB0byBDbGlja0hvdXNlIHVzaW5nIE15U1FMIEpTIGNsaWVudCAoYXMgb2YgSnVseVxuICAgICAgICAgICAgMjAxOSkuXG5cbiAgICAgICAgICAgICAgICBJZiB5b3Ugd2FudCB0byBzcGVjaWZ5IGRvdWJsZSBTSEExLCBwbGFjZSBpdCBpbiAncGFzc3dvcmRfZG91YmxlX3NoYTFfaGV4JyBlbGVtZW50LlxuICAgICAgICAgICAgICAgIEV4YW1wbGU6XG4gICAgICAgICAgICA8cGFzc3dvcmRfZG91YmxlX3NoYTFfaGV4PmUzOTU3OTZkNjU0NmIxYjY1ZGI5ZDY2NWNkNDNmMGU4NThkZDQzMDM8L3Bhc3N3b3JkX2RvdWJsZV9zaGExX2hleD5cblxuICAgICAgICAgICAgICAgIElmIHlvdSB3YW50IHRvIHNwZWNpZnkgYSBwcmV2aW91c2x5IGRlZmluZWQgTERBUCBzZXJ2ZXIgKHNlZSAnbGRhcF9zZXJ2ZXJzJyBpbiB0aGUgbWFpbiBjb25maWcpIGZvclxuICAgICAgICAgICAgYXV0aGVudGljYXRpb24sXG4gICAgICAgICAgICAgICAgICBwbGFjZSBpdHMgbmFtZSBpbiAnc2VydmVyJyBlbGVtZW50IGluc2lkZSAnbGRhcCcgZWxlbWVudC5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8bGRhcD48c2VydmVyPm15X2xkYXBfc2VydmVyPC9zZXJ2ZXI+PC9sZGFwPlxuXG4gICAgICAgICAgICAgICAgSWYgeW91IHdhbnQgdG8gYXV0aGVudGljYXRlIHRoZSB1c2VyIHZpYSBLZXJiZXJvcyAoYXNzdW1pbmcgS2VyYmVyb3MgaXMgZW5hYmxlZCwgc2VlICdrZXJiZXJvcycgaW5cbiAgICAgICAgICAgIHRoZSBtYWluIGNvbmZpZyksXG4gICAgICAgICAgICAgICAgICBwbGFjZSAna2VyYmVyb3MnIGVsZW1lbnQgaW5zdGVhZCBvZiAncGFzc3dvcmQnIChhbmQgc2ltaWxhcikgZWxlbWVudHMuXG4gICAgICAgICAgICAgICAgVGhlIG5hbWUgcGFydCBvZiB0aGUgY2Fub25pY2FsIHByaW5jaXBhbCBuYW1lIG9mIHRoZSBpbml0aWF0b3IgbXVzdCBtYXRjaCB0aGUgdXNlciBuYW1lIGZvclxuICAgICAgICAgICAgYXV0aGVudGljYXRpb24gdG8gc3VjY2VlZC5cbiAgICAgICAgICAgICAgICBZb3UgY2FuIGFsc28gcGxhY2UgJ3JlYWxtJyBlbGVtZW50IGluc2lkZSAna2VyYmVyb3MnIGVsZW1lbnQgdG8gZnVydGhlciByZXN0cmljdCBhdXRoZW50aWNhdGlvbiB0b1xuICAgICAgICAgICAgb25seSB0aG9zZSByZXF1ZXN0c1xuICAgICAgICAgICAgICAgICAgd2hvc2UgaW5pdGlhdG9yJ3MgcmVhbG0gbWF0Y2hlcyBpdC5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8a2VyYmVyb3MgLz5cbiAgICAgICAgICAgICAgICBFeGFtcGxlOiA8a2VyYmVyb3M+PHJlYWxtPkVYQU1QTEUuQ09NPC9yZWFsbT48L2tlcmJlcm9zPlxuXG4gICAgICAgICAgICAgICAgSG93IHRvIGdlbmVyYXRlIGRlY2VudCBwYXNzd29yZDpcbiAgICAgICAgICAgICAgICBFeGVjdXRlOiBQQVNTV09SRD0kKGJhc2U2NCA8IC9kZXYvdXJhbmRvbSB8IGhlYWQgLWM4KTsgZWNobyBcIiRQQVNTV09SRFwiOyBlY2hvIC1uIFwiJFBBU1NXT1JEXCIgfFxuICAgICAgICAgICAgc2hhMjU2c3VtIHwgdHIgLWQgJy0nXG4gICAgICAgICAgICAgICAgSW4gZmlyc3QgbGluZSB3aWxsIGJlIHBhc3N3b3JkIGFuZCBpbiBzZWNvbmQgLSBjb3JyZXNwb25kaW5nIFNIQTI1Ni5cblxuICAgICAgICAgICAgICAgIEhvdyB0byBnZW5lcmF0ZSBkb3VibGUgU0hBMTpcbiAgICAgICAgICAgICAgICBFeGVjdXRlOiBQQVNTV09SRD0kKGJhc2U2NCA8IC9kZXYvdXJhbmRvbSB8IGhlYWQgLWM4KTsgZWNobyBcIiRQQVNTV09SRFwiOyBlY2hvIC1uIFwiJFBBU1NXT1JEXCIgfFxuICAgICAgICAgICAgc2hhMXN1bSB8IHRyIC1kICctJyB8IHh4ZCAtciAtcCB8IHNoYTFzdW0gfCB0ciAtZCAnLSdcbiAgICAgICAgICAgICAgICBJbiBmaXJzdCBsaW5lIHdpbGwgYmUgcGFzc3dvcmQgYW5kIGluIHNlY29uZCAtIGNvcnJlc3BvbmRpbmcgZG91YmxlIFNIQTEuXG4gICAgICAgICAgICAtLT5cbiAgICAgICAgICAgIDxwYXNzd29yZD48L3Bhc3N3b3JkPlxuXG4gICAgICAgICAgICA8IS0tIExpc3Qgb2YgbmV0d29ya3Mgd2l0aCBvcGVuIGFjY2Vzcy5cblxuICAgICAgICAgICAgICAgIFRvIG9wZW4gYWNjZXNzIGZyb20gZXZlcnl3aGVyZSwgc3BlY2lmeTpcbiAgICAgICAgICAgICAgICAgICAgPGlwPjo6LzA8L2lwPlxuXG4gICAgICAgICAgICAgICAgVG8gb3BlbiBhY2Nlc3Mgb25seSBmcm9tIGxvY2FsaG9zdCwgc3BlY2lmeTpcbiAgICAgICAgICAgICAgICAgICAgPGlwPjo6MTwvaXA+XG4gICAgICAgICAgICAgICAgICAgIDxpcD4xMjcuMC4wLjE8L2lwPlxuXG4gICAgICAgICAgICAgICAgRWFjaCBlbGVtZW50IG9mIGxpc3QgaGFzIG9uZSBvZiB0aGUgZm9sbG93aW5nIGZvcm1zOlxuICAgICAgICAgICAgICAgIDxpcD4gSVAtYWRkcmVzcyBvciBuZXR3b3JrIG1hc2suIEV4YW1wbGVzOiAyMTMuMTgwLjIwNC4zIG9yIDEwLjAuMC4xLzggb3IgMTAuMC4wLjEvMjU1LjI1NS4yNTUuMFxuICAgICAgICAgICAgICAgICAgICAyYTAyOjZiODo6MyBvciAyYTAyOjZiODo6My82NCBvciAyYTAyOjZiODo6My9mZmZmOmZmZmY6ZmZmZjpmZmZmOjouXG4gICAgICAgICAgICAgICAgPGhvc3Q+IEhvc3RuYW1lLiBFeGFtcGxlOiBzZXJ2ZXIwMS55YW5kZXgucnUuXG4gICAgICAgICAgICAgICAgICAgIFRvIGNoZWNrIGFjY2VzcywgRE5TIHF1ZXJ5IGlzIHBlcmZvcm1lZCwgYW5kIGFsbCByZWNlaXZlZCBhZGRyZXNzZXMgY29tcGFyZWQgdG8gcGVlciBhZGRyZXNzLlxuICAgICAgICAgICAgICAgIDxob3N0X3JlZ2V4cD4gUmVndWxhciBleHByZXNzaW9uIGZvciBob3N0IG5hbWVzLiBFeGFtcGxlLCBec2VydmVyXFxkXFxkLVxcZFxcZC1cXGRcXC55YW5kZXhcXC5ydSRcbiAgICAgICAgICAgICAgICAgICAgVG8gY2hlY2sgYWNjZXNzLCBETlMgUFRSIHF1ZXJ5IGlzIHBlcmZvcm1lZCBmb3IgcGVlciBhZGRyZXNzIGFuZCB0aGVuIHJlZ2V4cCBpcyBhcHBsaWVkLlxuICAgICAgICAgICAgICAgICAgICBUaGVuLCBmb3IgcmVzdWx0IG9mIFBUUiBxdWVyeSwgYW5vdGhlciBETlMgcXVlcnkgaXMgcGVyZm9ybWVkIGFuZCBhbGwgcmVjZWl2ZWQgYWRkcmVzc2VzIGNvbXBhcmVkXG4gICAgICAgICAgICB0byBwZWVyIGFkZHJlc3MuXG4gICAgICAgICAgICAgICAgICAgIFN0cm9uZ2x5IHJlY29tbWVuZGVkIHRoYXQgcmVnZXhwIGlzIGVuZHMgd2l0aCAkXG4gICAgICAgICAgICAgICAgQWxsIHJlc3VsdHMgb2YgRE5TIHJlcXVlc3RzIGFyZSBjYWNoZWQgdGlsbCBzZXJ2ZXIgcmVzdGFydC5cbiAgICAgICAgICAgIC0tPlxuICAgICAgICAgICAgPG5ldHdvcmtzPlxuICAgICAgICAgICAgICAgIDxpcD46Oi8wPC9pcD5cbiAgICAgICAgICAgIDwvbmV0d29ya3M+XG5cbiAgICAgICAgICAgIDwhLS0gU2V0dGluZ3MgcHJvZmlsZSBmb3IgdXNlci4gLS0+XG4gICAgICAgICAgICA8cHJvZmlsZT5kZWZhdWx0PC9wcm9maWxlPlxuXG4gICAgICAgICAgICA8IS0tIFF1b3RhIGZvciB1c2VyLiAtLT5cbiAgICAgICAgICAgIDxxdW90YT5kZWZhdWx0PC9xdW90YT5cblxuICAgICAgICAgICAgPCEtLSBVc2VyIGNhbiBjcmVhdGUgb3RoZXIgdXNlcnMgYW5kIGdyYW50IHJpZ2h0cyB0byB0aGVtLiAtLT5cbiAgICAgICAgICAgIDwhLS0gPGFjY2Vzc19tYW5hZ2VtZW50PjE8L2FjY2Vzc19tYW5hZ2VtZW50PiAtLT5cbiAgICAgICAgPC9kZWZhdWx0PlxuICAgIDwvdXNlcnM+XG5cbiAgICA8IS0tIFF1b3Rhcy4gLS0+XG4gICAgPHF1b3Rhcz5cbiAgICAgICAgPCEtLSBOYW1lIG9mIHF1b3RhLiAtLT5cbiAgICAgICAgPGRlZmF1bHQ+XG4gICAgICAgICAgICA8IS0tIExpbWl0cyBmb3IgdGltZSBpbnRlcnZhbC4gWW91IGNvdWxkIHNwZWNpZnkgbWFueSBpbnRlcnZhbHMgd2l0aCBkaWZmZXJlbnQgbGltaXRzLiAtLT5cbiAgICAgICAgICAgIDxpbnRlcnZhbD5cbiAgICAgICAgICAgICAgICA8IS0tIExlbmd0aCBvZiBpbnRlcnZhbC4gLS0+XG4gICAgICAgICAgICAgICAgPGR1cmF0aW9uPjM2MDA8L2R1cmF0aW9uPlxuXG4gICAgICAgICAgICAgICAgPCEtLSBObyBsaW1pdHMuIEp1c3QgY2FsY3VsYXRlIHJlc291cmNlIHVzYWdlIGZvciB0aW1lIGludGVydmFsLiAtLT5cbiAgICAgICAgICAgICAgICA8cXVlcmllcz4wPC9xdWVyaWVzPlxuICAgICAgICAgICAgICAgIDxlcnJvcnM+MDwvZXJyb3JzPlxuICAgICAgICAgICAgICAgIDxyZXN1bHRfcm93cz4wPC9yZXN1bHRfcm93cz5cbiAgICAgICAgICAgICAgICA8cmVhZF9yb3dzPjA8L3JlYWRfcm93cz5cbiAgICAgICAgICAgICAgICA8ZXhlY3V0aW9uX3RpbWU+MDwvZXhlY3V0aW9uX3RpbWU+XG4gICAgICAgICAgICA8L2ludGVydmFsPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9xdW90YXM+XG48L3lhbmRleD5cbiIKICAgICAgLSAnY2xpY2tob3VzZS1kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICBkZXBlbmRzX29uOgogICAgICAtIGthZmthCiAgICAgIC0gem9va2VlcGVyCiAgem9va2VlcGVyOgogICAgaW1hZ2U6ICd6b29rZWVwZXI6My43LjAnCiAgICB2b2x1bWVzOgogICAgICAtICd6b29rZWVwZXItZGF0YWxvZzovZGF0YWxvZycKICAgICAgLSAnem9va2VlcGVyLWRhdGE6L2RhdGEnCiAgICAgIC0gJ3pvb2tlZXBlci1sb2dzOi9sb2dzJwogIGthZmthOgogICAgaW1hZ2U6ICdnaGNyLmlvL3Bvc3Rob2cva2Fma2EtY29udGFpbmVyOnYyLjguMicKICAgIGRlcGVuZHNfb246CiAgICAgIC0gem9va2VlcGVyCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBLQUZLQV9CUk9LRVJfSUQ9MTAwMQogICAgICAtIEtBRktBX0NGR19SRVNFUlZFRF9CUk9LRVJfTUFYX0lEPTEwMDEKICAgICAgLSAnS0FGS0FfQ0ZHX0xJU1RFTkVSUz1QTEFJTlRFWFQ6Ly86OTA5MicKICAgICAgLSAnS0FGS0FfQ0ZHX0FEVkVSVElTRURfTElTVEVORVJTPVBMQUlOVEVYVDovL2thZmthOjkwOTInCiAgICAgIC0gJ0tBRktBX0NGR19aT09LRUVQRVJfQ09OTkVDVD16b29rZWVwZXI6MjE4MScKICAgICAgLSBBTExPV19QTEFJTlRFWFRfTElTVEVORVI9eWVzCiAgb2JqZWN0X3N0b3JhZ2U6CiAgICBpbWFnZTogJ21pbmlvL21pbmlvOlJFTEVBU0UuMjAyMi0wNi0yNVQxNS01MC0xNlonCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBNSU5JT19ST09UX1VTRVI9JFNFUlZJQ0VfVVNFUl9NSU5JTwogICAgICAtIE1JTklPX1JPT1RfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfTUlOSU8KICAgIGVudHJ5cG9pbnQ6IHNoCiAgICBjb21tYW5kOiAnLWMgJydta2RpciAtcCAvZGF0YS9wb3N0aG9nICYmIG1pbmlvIHNlcnZlciAtLWFkZHJlc3MgIjoxOTAwMCIgLS1jb25zb2xlLWFkZHJlc3MgIjoxOTAwMSIgL2RhdGEnJycKICAgIHZvbHVtZXM6CiAgICAgIC0gJ29iamVjdF9zdG9yYWdlOi9kYXRhJwogIG1haWxkZXY6CiAgICBpbWFnZTogJ21haWxkZXYvbWFpbGRldjoyLjAuNScKICBmbG93ZXI6CiAgICBpbWFnZTogJ21oZXIvZmxvd2VyOjIuMC4wJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEZMT1dFUl9QT1JUOiA1NTU1CiAgICAgIENFTEVSWV9CUk9LRVJfVVJMOiAncmVkaXM6Ly9yZWRpczo2Mzc5JwogIHdlYjoKICAgIGltYWdlOiAncG9zdGhvZy9wb3N0aG9nOmxhdGVzdCcKICAgIGNvbW1hbmQ6IC9jb21wb3NlL3N0YXJ0CiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jb21wb3NlL3N0YXJ0CiAgICAgICAgdGFyZ2V0OiAvY29tcG9zZS9zdGFydAogICAgICAgIGNvbnRlbnQ6ICIjIS9iaW4vYmFzaFxuL2NvbXBvc2Uvd2FpdFxuLi9iaW4vbWlncmF0ZVxuLi9iaW4vZG9ja2VyLXNlcnZlclxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jb21wb3NlL3dhaXQKICAgICAgICB0YXJnZXQ6IC9jb21wb3NlL3dhaXQKICAgICAgICBjb250ZW50OiAiIyEvdXNyL2Jpbi9lbnYgcHl0aG9uM1xuXG5pbXBvcnQgc29ja2V0XG5pbXBvcnQgdGltZVxuXG5kZWYgbG9vcCgpOlxuICAgIHByaW50KFwiV2FpdGluZyBmb3IgQ2xpY2tIb3VzZSBhbmQgUG9zdGdyZXMgdG8gYmUgcmVhZHlcIilcbiAgICB0cnk6XG4gICAgICAgIHdpdGggc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCwgc29ja2V0LlNPQ0tfU1RSRUFNKSBhcyBzOlxuICAgICAgICAgICAgcy5jb25uZWN0KCgnY2xpY2tob3VzZScsIDkwMDApKVxuICAgICAgICBwcmludChcIkNsaWNraG91c2UgaXMgcmVhZHlcIilcbiAgICAgICAgd2l0aCBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pIGFzIHM6XG4gICAgICAgICAgICBzLmNvbm5lY3QoKCdkYicsIDU0MzIpKVxuICAgICAgICBwcmludChcIlBvc3RncmVzIGlzIHJlYWR5XCIpXG4gICAgZXhjZXB0IENvbm5lY3Rpb25SZWZ1c2VkRXJyb3IgYXMgZTpcbiAgICAgICAgdGltZS5zbGVlcCg1KVxuICAgICAgICBsb29wKClcblxubG9vcCgpXG4iCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fV0VCXzgwMDAKICAgICAgLSBPUFRfT1VUX0NBUFRVUklORz10cnVlCiAgICAgIC0gRElTQUJMRV9TRUNVUkVfU1NMX1JFRElSRUNUPXRydWUKICAgICAgLSBJU19CRUhJTkRfUFJPWFk9dHJ1ZQogICAgICAtIFRSVVNUX0FMTF9QUk9YSUVTPXRydWUKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vcG9zdGhvZzokU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU0BkYjo1NDMyL3Bvc3Rob2cnCiAgICAgIC0gQ0xJQ0tIT1VTRV9IT1NUPWNsaWNraG91c2UKICAgICAgLSBDTElDS0hPVVNFX0RBVEFCQVNFPXBvc3Rob2cKICAgICAgLSBDTElDS0hPVVNFX1NFQ1VSRT1mYWxzZQogICAgICAtIENMSUNLSE9VU0VfVkVSSUZZPWZhbHNlCiAgICAgIC0gS0FGS0FfSE9TVFM9a2Fma2EKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vcmVkaXM6NjM3OS8nCiAgICAgIC0gUEdIT1NUPWRiCiAgICAgIC0gUEdVU0VSPXBvc3Rob2cKICAgICAgLSBQR1BBU1NXT1JEPSRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTCiAgICAgIC0gREVQTE9ZTUVOVD1ob2JieQogICAgICAtIFNJVEVfVVJMPSRTRVJWSUNFX0ZRRE5fV0VCCiAgICAgIC0gU0VDUkVUX0tFWT0kU0VSVklDRV9CQVNFNjRfNjRfU0VDUkVUS0VZCiAgICAgIC0gJ0VOQ1JZUFRJT05fU0FMVF9LRVlTPSR7U0VSVklDRV9FTkNSWVBUSU9OX1NBTFRfS0VZUzotMDBiZWVmMDAwMGJlZWYwMDAwYmVlZjAwMDBiZWVmMDB9JwogICAgZGVwZW5kc19vbjoKICAgICAgLSBkYgogICAgICAtIHJlZGlzCiAgICAgIC0gY2xpY2tob3VzZQogICAgICAtIGthZmthCiAgICAgIC0gb2JqZWN0X3N0b3JhZ2UKICB3b3JrZXI6CiAgICBpbWFnZTogJ3Bvc3Rob2cvcG9zdGhvZzpsYXRlc3QnCiAgICBjb21tYW5kOiAnLi9iaW4vZG9ja2VyLXdvcmtlci1jZWxlcnkgLS13aXRoLXNjaGVkdWxlcicKICAgIGVudmlyb25tZW50OgogICAgICAtIE9QVF9PVVRfQ0FQVFVSSU5HPXRydWUKICAgICAgLSBESVNBQkxFX1NFQ1VSRV9TU0xfUkVESVJFQ1Q9dHJ1ZQogICAgICAtIElTX0JFSElORF9QUk9YWT10cnVlCiAgICAgIC0gVFJVU1RfQUxMX1BST1hJRVM9dHJ1ZQogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly9wb3N0aG9nOiRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTQGRiOjU0MzIvcG9zdGhvZycKICAgICAgLSBDTElDS0hPVVNFX0hPU1Q9Y2xpY2tob3VzZQogICAgICAtIENMSUNLSE9VU0VfREFUQUJBU0U9cG9zdGhvZwogICAgICAtIENMSUNLSE9VU0VfU0VDVVJFPWZhbHNlCiAgICAgIC0gQ0xJQ0tIT1VTRV9WRVJJRlk9ZmFsc2UKICAgICAgLSBLQUZLQV9IT1NUUz1rYWZrYQogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9yZWRpczo2Mzc5LycKICAgICAgLSBQR0hPU1Q9ZGIKICAgICAgLSBQR1VTRVI9cG9zdGhvZwogICAgICAtIFBHUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBERVBMT1lNRU5UPWhvYmJ5CiAgICAgIC0gU0lURV9VUkw9JFNFUlZJQ0VfRlFETl9XRUIKICAgICAgLSBTRUNSRVRfS0VZPSRTRVJWSUNFX0JBU0U2NF82NF9TRUNSRVRLRVkKICAgICAgLSAnRU5DUllQVElPTl9TQUxUX0tFWVM9JHtTRVJWSUNFX0VOQ1JZUFRJT05fU0FMVF9LRVlTOi0wMGJlZWYwMDAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMH0nCiAgICBkZXBlbmRzX29uOgogICAgICAtIGRiCiAgICAgIC0gcmVkaXMKICAgICAgLSBjbGlja2hvdXNlCiAgICAgIC0ga2Fma2EKICAgICAgLSBvYmplY3Rfc3RvcmFnZQogIHBsdWdpbnM6CiAgICBpbWFnZTogJ3Bvc3Rob2cvcG9zdGhvZzpsYXRlc3QnCiAgICBjb21tYW5kOiAnLi9iaW4vcGx1Z2luLXNlcnZlciAtLW5vLXJlc3RhcnQtbG9vcCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly9wb3N0aG9nOiRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTQGRiOjU0MzIvcG9zdGhvZycKICAgICAgLSAnS0FGS0FfSE9TVFM9a2Fma2E6OTA5MicKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vcmVkaXM6NjM3OS8nCiAgICAgIC0gQ0xJQ0tIT1VTRV9IT1NUPWNsaWNraG91c2UKICAgICAgLSBDTElDS0hPVVNFX0RBVEFCQVNFPXBvc3Rob2cKICAgICAgLSBDTElDS0hPVVNFX1NFQ1VSRT1mYWxzZQogICAgICAtIENMSUNLSE9VU0VfVkVSSUZZPWZhbHNlCiAgICAgIC0gU0lURV9VUkw9JFNFUlZJQ0VfRlFETl9XRUIKICAgICAgLSBTRUNSRVRfS0VZPSRTRVJWSUNFX0JBU0U2NF82NF9TRUNSRVRLRVkKICAgICAgLSAnRU5DUllQVElPTl9TQUxUX0tFWVM9JHtTRVJWSUNFX0VOQ1JZUFRJT05fU0FMVF9LRVlTOi0wMGJlZWYwMDAwYmVlZjAwMDBiZWVmMDAwMGJlZWYwMH0nCiAgICBkZXBlbmRzX29uOgogICAgICAtIGRiCiAgICAgIC0gcmVkaXMKICAgICAgLSBjbGlja2hvdXNlCiAgICAgIC0ga2Fma2EKICAgICAgLSBvYmplY3Rfc3RvcmFnZQogIGVsYXN0aWNzZWFyY2g6CiAgICBpbWFnZTogJ2VsYXN0aWNzZWFyY2g6Ny4xNi4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gY2x1c3Rlci5yb3V0aW5nLmFsbG9jYXRpb24uZGlzay50aHJlc2hvbGRfZW5hYmxlZD10cnVlCiAgICAgIC0gY2x1c3Rlci5yb3V0aW5nLmFsbG9jYXRpb24uZGlzay53YXRlcm1hcmsubG93PTUxMm1iCiAgICAgIC0gY2x1c3Rlci5yb3V0aW5nLmFsbG9jYXRpb24uZGlzay53YXRlcm1hcmsuaGlnaD0yNTZtYgogICAgICAtIGNsdXN0ZXIucm91dGluZy5hbGxvY2F0aW9uLmRpc2sud2F0ZXJtYXJrLmZsb29kX3N0YWdlPTEyOG1iCiAgICAgIC0gZGlzY292ZXJ5LnR5cGU9c2luZ2xlLW5vZGUKICAgICAgLSAnRVNfSkFWQV9PUFRTPS1YbXMyNTZtIC1YbXgyNTZtJwogICAgICAtIHhwYWNrLnNlY3VyaXR5LmVuYWJsZWQ9ZmFsc2UKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2VsYXN0aWNzZWFyY2gtZGF0YTovdmFyL2xpYi9lbGFzdGljc2VhcmNoL2RhdGEnCiAgdGVtcG9yYWw6CiAgICBpbWFnZTogJ3RlbXBvcmFsaW8vYXV0by1zZXR1cDoxLjIwLjAnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBEQj1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9SVD01NDMyCiAgICAgIC0gUE9TVEdSRVNfVVNFUj1wb3N0aG9nCiAgICAgIC0gUE9TVEdSRVNfUFdEPSRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTCiAgICAgIC0gUE9TVEdSRVNfU0VFRFM9ZGIKICAgICAgLSBEWU5BTUlDX0NPTkZJR19GSUxFX1BBVEg9Y29uZmlnL2R5bmFtaWNjb25maWcvZGV2ZWxvcG1lbnQtc3FsLnlhbWwKICAgICAgLSBFTkFCTEVfRVM9dHJ1ZQogICAgICAtIEVTX1NFRURTPWVsYXN0aWNzZWFyY2gKICAgICAgLSBFU19WRVJTSU9OPXY3CiAgICAgIC0gRU5BQkxFX0VTPWZhbHNlCiAgICBkZXBlbmRzX29uOgogICAgICBkYjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgdm9sdW1lczoKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vZG9ja2VyL3RlbXBvcmFsL2R5bmFtaWNjb25maWcvZGV2ZWxvcG1lbnQtc3FsLnlhbWwKICAgICAgICB0YXJnZXQ6IC9ldGMvdGVtcG9yYWwvY29uZmlnL2R5bmFtaWNjb25maWcvZGV2ZWxvcG1lbnQtc3FsLnlhbWwKICAgICAgICBjb250ZW50OiAibGltaXQubWF4SURMZW5ndGg6XG4gICAgLSB2YWx1ZTogMjU1XG4gICAgICBjb25zdHJhaW50czoge31cbnN5c3RlbS5mb3JjZVNlYXJjaEF0dHJpYnV0ZXNDYWNoZVJlZnJlc2hPblJlYWQ6XG4gICAgLSB2YWx1ZTogZmFsc2VcbiAgICAgIGNvbnN0cmFpbnRzOiB7fVxuIgogIHRlbXBvcmFsLWFkbWluLXRvb2xzOgogICAgaW1hZ2U6ICd0ZW1wb3JhbGlvL2FkbWluLXRvb2xzOjEuMjAuMCcKICAgIGRlcGVuZHNfb246CiAgICAgIC0gdGVtcG9yYWwKICAgIGVudmlyb25tZW50OgogICAgICAtICdURU1QT1JBTF9DTElfQUREUkVTUz10ZW1wb3JhbDo3MjMzJwogICAgc3RkaW5fb3BlbjogdHJ1ZQogICAgdHR5OiB0cnVlCiAgdGVtcG9yYWwtdWk6CiAgICBpbWFnZTogJ3RlbXBvcmFsaW8vdWk6Mi4xMC4zJwogICAgZGVwZW5kc19vbjoKICAgICAgLSB0ZW1wb3JhbAogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1RFTVBPUkFMX0FERFJFU1M9dGVtcG9yYWw6NzIzMycKICAgICAgLSAnVEVNUE9SQUxfQ09SU19PUklHSU5TPWh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCcKICB0ZW1wb3JhbC1kamFuZ28td29ya2VyOgogICAgaW1hZ2U6ICdwb3N0aG9nL3Bvc3Rob2c6bGF0ZXN0JwogICAgY29tbWFuZDogLi9iaW4vdGVtcG9yYWwtZGphbmdvLXdvcmtlcgogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gRElTQUJMRV9TRUNVUkVfU1NMX1JFRElSRUNUPXRydWUKICAgICAgLSBJU19CRUhJTkRfUFJPWFk9dHJ1ZQogICAgICAtIFRSVVNUX0FMTF9QUk9YSUVTPXRydWUKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vcG9zdGhvZzokU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU0BkYjo1NDMyL3Bvc3Rob2cnCiAgICAgIC0gQ0xJQ0tIT1VTRV9IT1NUPWNsaWNraG91c2UKICAgICAgLSBDTElDS0hPVVNFX0RBVEFCQVNFPXBvc3Rob2cKICAgICAgLSBDTElDS0hPVVNFX1NFQ1VSRT1mYWxzZQogICAgICAtIENMSUNLSE9VU0VfVkVSSUZZPWZhbHNlCiAgICAgIC0gS0FGS0FfSE9TVFM9a2Fma2EKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vcmVkaXM6NjM3OS8nCiAgICAgIC0gUEdIT1NUPWRiCiAgICAgIC0gUEdVU0VSPXBvc3Rob2cKICAgICAgLSBQR1BBU1NXT1JEPSRTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTCiAgICAgIC0gREVQTE9ZTUVOVD1ob2JieQogICAgICAtIFNJVEVfVVJMPSRTRVJWSUNFX0ZRRE5fV0VCCiAgICAgIC0gU0VDUkVUX0tFWT0kU0VSVklDRV9CQVNFNjRfNjRfU0VDUkVUS0VZCiAgICAgIC0gJ0VOQ1JZUFRJT05fU0FMVF9LRVlTPSR7U0VSVklDRV9FTkNSWVBUSU9OX1NBTFRfS0VZUzotMDBiZWVmMDAwMGJlZWYwMDAwYmVlZjAwMDBiZWVmMDB9JwogICAgICAtIFRFTVBPUkFMX0hPU1Q9dGVtcG9yYWwKICAgIGRlcGVuZHNfb246CiAgICAgIC0gZGIKICAgICAgLSByZWRpcwogICAgICAtIGNsaWNraG91c2UKICAgICAgLSBrYWZrYQogICAgICAtIG9iamVjdF9zdG9yYWdlCiAgICAgIC0gdGVtcG9yYWwK",
-        "tags": [
-            "analytics",
-            "product",
-            "open-source",
-            "self-hosted",
-            "ab-testing",
-            "event-tracking"
-        ],
-        "category": "analytics",
-        "logo": "svgs/posthog.svg",
-        "minversion": "4.0.0-beta.222"
-    },
     "postiz": {
         "documentation": "https://docs.postiz.com?utm_source=coolify.io",
         "slogan": "Open source social media scheduling tool.",

From 02115e2cffe4cd54c8654b352e2c6bb51fd8b803 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 09:20:12 +0200
Subject: [PATCH 092/129] chore(versions): update coolify version numbers to
 4.0.0-beta.430 and 4.0.0-beta.431 in configuration files

---
 config/constants.php        | 2 +-
 other/nightly/versions.json | 4 ++--
 versions.json               | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/constants.php b/config/constants.php
index 224f2dfb5..f28dac5ed 100644
--- a/config/constants.php
+++ b/config/constants.php
@@ -2,7 +2,7 @@
 
 return [
     'coolify' => [
-        'version' => '4.0.0-beta.429',
+        'version' => '4.0.0-beta.430',
         'helper_version' => '1.0.11',
         'realtime_version' => '1.0.10',
         'self_hosted' => env('SELF_HOSTED', true),
diff --git a/other/nightly/versions.json b/other/nightly/versions.json
index fd5dccaf0..b391286d7 100644
--- a/other/nightly/versions.json
+++ b/other/nightly/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.428"
+            "version": "4.0.0-beta.430"
         },
         "nightly": {
-            "version": "4.0.0-beta.429"
+            "version": "4.0.0-beta.431"
         },
         "helper": {
             "version": "1.0.11"
diff --git a/versions.json b/versions.json
index 2379f2cd7..b391286d7 100644
--- a/versions.json
+++ b/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.429"
+            "version": "4.0.0-beta.430"
         },
         "nightly": {
-            "version": "4.0.0-beta.430"
+            "version": "4.0.0-beta.431"
         },
         "helper": {
             "version": "1.0.11"

From 18e14e37c19d958b601162a3a4f4da564054b79d Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 09:24:18 +0200
Subject: [PATCH 093/129] refactor(installer, upgrade): enhance environment
 variable management

- Remove unused VERSION variable from both scripts.
- Update the source code link in the install script to point to the correct version.
- Improve backup functionality for the .env file in both scripts, allowing for conditional backups.
- Enhance the handling and logging of environment variable updates, ensuring existing variables are updated or added as necessary.
- Streamline the upgrade process by incorporating Docker configuration checks and adjustments.
---
 other/nightly/install.sh | 126 +++++++++++++++++++--------------------
 other/nightly/upgrade.sh |  55 ++++++++++++-----
 2 files changed, 100 insertions(+), 81 deletions(-)

diff --git a/other/nightly/install.sh b/other/nightly/install.sh
index 92ad12302..38be272a5 100755
--- a/other/nightly/install.sh
+++ b/other/nightly/install.sh
@@ -20,7 +20,6 @@ DATE=$(date +"%Y%m%d-%H%M%S")
 
 OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
 ENV_FILE="/data/coolify/source/.env"
-VERSION="21"
 DOCKER_VERSION="27.0"
 # TODO: Ask for a user
 CURRENT_USER=$USER
@@ -32,7 +31,7 @@ fi
 
 echo -e "Welcome to Coolify Installer!"
 echo -e "This script will install everything for you. Sit back and relax."
-echo -e "Source code: https://github.com/coollabsio/coolify/blob/main/scripts/install.sh\n"
+echo -e "Source code: https://github.com/coollabsio/coolify/blob/v4.x/scripts/install.sh"
 
 # Predefined root user
 ROOT_USERNAME=${ROOT_USERNAME:-}
@@ -711,84 +710,80 @@ curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.p
 curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
 
-echo -e "6. Make backup of .env to .env-$DATE"
+echo -e "6. Setting up environment variable file"
 
-# Copy .env.example if .env does not exist
 if [ -f $ENV_FILE ]; then
+    # If .env exists, create backup
+    echo " - Creating backup of existing .env file to .env-$DATE"
     cp $ENV_FILE $ENV_FILE-$DATE
+    # Merge .env.production values into .env
+    echo " - Merging .env.production values into .env"
+    awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+    echo " - .env file merged successfully"
 else
-    echo " - File does not exist: $ENV_FILE"
-    echo " - Copying .env.production to .env-$DATE"
-    cp /data/coolify/source/.env.production $ENV_FILE-$DATE
-    # Generate a secure APP_ID and APP_KEY
-    sed -i "s|^APP_ID=.*|APP_ID=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^APP_KEY=.*|APP_KEY=base64:$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Postgres DB username and password
-    # Causes issues: database "random-user" does not exist
-    # sed -i "s|^DB_USERNAME=.*|DB_USERNAME=$(openssl rand -hex 16)|" "$ENV_FILE-$DATE"
-    sed -i "s|^DB_PASSWORD=.*|DB_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate a secure Redis password
-    sed -i "s|^REDIS_PASSWORD=.*|REDIS_PASSWORD=$(openssl rand -base64 32)|" "$ENV_FILE-$DATE"
-
-    # Generate secure Pusher credentials
-    sed -i "s|^PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
-    sed -i "s|^PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|" "$ENV_FILE-$DATE"
+    # If no .env exists, copy .env.production to .env
+    echo " - No .env file found, copying .env.production to .env"
+    cp /data/coolify/source/.env.production $ENV_FILE
 fi
 
+echo -e "7. Checking and updating environment variables if necessary..."
+
+update_env_var() {
+    local key="$1"
+    local value="$2"
+
+    # If variable "key=" exists but has no value, update the value of the existing line
+    if grep -q "^${key}=$" "$ENV_FILE"; then
+        sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
+        echo " - Updated value of ${key} as the current value was empty"
+    # If variable "key=" doesn't exist, append it to the file with value
+    elif ! grep -q "^${key}=" "$ENV_FILE"; then
+        printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
+        echo " - Added ${key} and it's value as the variable was missing"
+    fi
+}
+
+update_env_var "APP_ID" "$(openssl rand -hex 16)"
+update_env_var "APP_KEY" "base64:$(openssl rand -base64 32)"
+# update_env_var "DB_USERNAME" "$(openssl rand -hex 16)" # Causes issues: database "random-user" does not exist
+update_env_var "DB_PASSWORD" "$(openssl rand -base64 32)"
+update_env_var "REDIS_PASSWORD" "$(openssl rand -base64 32)"
+update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
+
 # Add default root user credentials from environment variables
 if [ -n "$ROOT_USERNAME" ] && [ -n "$ROOT_USER_EMAIL" ] && [ -n "$ROOT_USER_PASSWORD" ]; then
-    if grep -q "^ROOT_USERNAME=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USERNAME=.*|ROOT_USERNAME=$ROOT_USERNAME|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_EMAIL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_EMAIL=.*|ROOT_USER_EMAIL=$ROOT_USER_EMAIL|" "$ENV_FILE-$DATE"
-    fi
-    if grep -q "^ROOT_USER_PASSWORD=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^ROOT_USER_PASSWORD=.*|ROOT_USER_PASSWORD=$ROOT_USER_PASSWORD|" "$ENV_FILE-$DATE"
-    fi
+    echo " - Setting predefined root user credentials from environment"
+    update_env_var "ROOT_USERNAME" "$ROOT_USERNAME"
+    update_env_var "ROOT_USER_EMAIL" "$ROOT_USER_EMAIL"
+    update_env_var "ROOT_USER_PASSWORD" "$ROOT_USER_PASSWORD"
 fi
 
-# Add registry URL to .env file
 if [ -n "${REGISTRY_URL+x}" ]; then
     # Only update if REGISTRY_URL was explicitly provided
-    if grep -q "^REGISTRY_URL=" "$ENV_FILE-$DATE"; then
-        sed -i "s|^REGISTRY_URL=.*|REGISTRY_URL=$REGISTRY_URL|" "$ENV_FILE-$DATE"
-    else
-        echo "REGISTRY_URL=$REGISTRY_URL" >>"$ENV_FILE-$DATE"
-    fi
+    update_env_var "REGISTRY_URL" "$REGISTRY_URL"
 fi
 
-# Merge .env and .env.production. New values will be added to .env
-echo -e "7. Propagating .env with new values - if necessary."
-awk -F '=' '!seen[$1]++' "$ENV_FILE-$DATE" /data/coolify/source/.env.production >$ENV_FILE
-
 if [ "$AUTOUPDATE" = "false" ]; then
-    if ! grep -q "AUTOUPDATE=" /data/coolify/source/.env; then
-        echo "AUTOUPDATE=false" >>/data/coolify/source/.env
-    else
-        sed -i "s|AUTOUPDATE=.*|AUTOUPDATE=false|g" /data/coolify/source/.env
+    update_env_var "AUTOUPDATE" "false"
+fi
+
+if [ "$DOCKER_POOL_BASE_PROVIDED" = true ]; then
+    update_env_var "DOCKER_ADDRESS_POOL_BASE" "$DOCKER_ADDRESS_POOL_BASE"
+else
+    # Add with default value if missing
+    if ! grep -q "^DOCKER_ADDRESS_POOL_BASE=" "$ENV_FILE"; then
+        update_env_var "DOCKER_ADDRESS_POOL_BASE" "$DOCKER_ADDRESS_POOL_BASE"
     fi
 fi
 
-# Save Docker address pool configuration to .env file
-if ! grep -q "DOCKER_ADDRESS_POOL_BASE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE" >>/data/coolify/source/.env
+if [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
+    update_env_var "DOCKER_ADDRESS_POOL_SIZE" "$DOCKER_ADDRESS_POOL_SIZE"
 else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_BASE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_BASE=.*|DOCKER_ADDRESS_POOL_BASE=$DOCKER_ADDRESS_POOL_BASE|g" /data/coolify/source/.env
-    fi
-fi
-
-if ! grep -q "DOCKER_ADDRESS_POOL_SIZE=" /data/coolify/source/.env; then
-    echo "DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE" >>/data/coolify/source/.env
-else
-    # Only update if explicitly provided
-    if [ "$DOCKER_POOL_SIZE_PROVIDED" = true ]; then
-        sed -i "s|DOCKER_ADDRESS_POOL_SIZE=.*|DOCKER_ADDRESS_POOL_SIZE=$DOCKER_ADDRESS_POOL_SIZE|g" /data/coolify/source/.env
+    # Add with default value if missing
+    if ! grep -q "^DOCKER_ADDRESS_POOL_SIZE=" "$ENV_FILE"; then
+        update_env_var "DOCKER_ADDRESS_POOL_SIZE" "$DOCKER_ADDRESS_POOL_SIZE"
     fi
 fi
 
@@ -824,14 +819,13 @@ echo -e " - Please wait."
 getAJoke
 
 if [[ $- == *x* ]]; then
-    bash -x /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}"
+    bash -x /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}" "true"
 else
-    bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}"
+    bash /data/coolify/source/upgrade.sh "${LATEST_VERSION:-latest}" "${LATEST_HELPER_VERSION:-latest}" "${REGISTRY_URL:-ghcr.io}" "true"
 fi
 echo " - Coolify installed successfully."
-rm -f $ENV_FILE-$DATE
 
-echo " - Waiting for 20 seconds for Coolify (database migrations) to be ready."
+echo " - Waiting for 20 seconds for Coolify database migrations to be ready."
 getAJoke
 
 sleep 20
@@ -868,5 +862,5 @@ if [ -n "$PRIVATE_IPS" ]; then
         fi
     done
 fi
+
 echo -e "\nWARNING: It is highly recommended to backup your Environment variables file (/data/coolify/source/.env) to a safe location, outside of this server (e.g. into a Password Manager).\n"
-cp /data/coolify/source/.env /data/coolify/source/.env.backup
diff --git a/other/nightly/upgrade.sh b/other/nightly/upgrade.sh
index 0b031ca75..018573ed0 100644
--- a/other/nightly/upgrade.sh
+++ b/other/nightly/upgrade.sh
@@ -1,11 +1,12 @@
 #!/bin/bash
 ## Do not modify this file. You will lose the ability to autoupdate!
 
-VERSION="15"
 CDN="https://cdn.coollabs.io/coolify-nightly"
 LATEST_IMAGE=${1:-latest}
 LATEST_HELPER_VERSION=${2:-latest}
 REGISTRY_URL=${3:-ghcr.io}
+SKIP_BACKUP=${4:-false}
+ENV_FILE="/data/coolify/source/.env"
 
 DATE=$(date +%Y-%m-%d-%H-%M-%S)
 LOGFILE="/data/coolify/source/upgrade-${DATE}.log"
@@ -14,20 +15,39 @@ curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml
 curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml
 curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 
-# Merge .env and .env.production. New values will be added to .env
-awk -F '=' '!seen[$1]++' /data/coolify/source/.env /data/coolify/source/.env.production >/data/coolify/source/.env.tmp && mv /data/coolify/source/.env.tmp /data/coolify/source/.env
-# Check if PUSHER_APP_ID or PUSHER_APP_KEY or PUSHER_APP_SECRET is empty in /data/coolify/source/.env
-if grep -q "PUSHER_APP_ID=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_ID=.*|PUSHER_APP_ID=$(openssl rand -hex 32)|g" /data/coolify/source/.env
+# Backup existing .env file before making any changes
+if [ "$SKIP_BACKUP" != "true" ]; then
+    if [ -f "$ENV_FILE" ]; then
+        echo "Creating backup of existing .env file to .env-$DATE" >>$LOGFILE
+        cp $ENV_FILE $ENV_FILE-$DATE
+    else
+        echo "No existing .env file found to backup" >>$LOGFILE
+    fi
 fi
 
-if grep -q "PUSHER_APP_KEY=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_KEY=.*|PUSHER_APP_KEY=$(openssl rand -hex 32)|g" /data/coolify/source/.env
-fi
+echo "Merging .env.production values into .env" >>$LOGFILE
+awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+echo ".env file merged successfully" >>$LOGFILE
 
-if grep -q "PUSHER_APP_SECRET=$" /data/coolify/source/.env; then
-    sed -i "s|PUSHER_APP_SECRET=.*|PUSHER_APP_SECRET=$(openssl rand -hex 32)|g" /data/coolify/source/.env
-fi
+update_env_var() {
+    local key="$1"
+    local value="$2"
+
+    # If variable "key=" exists but has no value, update the value of the existing line
+    if grep -q "^${key}=$" "$ENV_FILE"; then
+        sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
+        echo " - Updated value of ${key} as the current value was empty" >>$LOGFILE
+    # If variable "key=" doesn't exist, append it to the file with value
+    elif ! grep -q "^${key}=" "$ENV_FILE"; then
+        printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
+        echo " - Added ${key} with default value as the variable was missing" >>$LOGFILE
+    fi
+}
+
+echo "Checking and updating environment variables if necessary..." >>$LOGFILE
+update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
+update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
 
 # Make sure coolify network exists
 # It is created when starting Coolify with docker compose
@@ -37,11 +57,16 @@ if ! docker network inspect coolify >/dev/null 2>&1; then
         docker network create --attachable coolify 2>/dev/null
     fi
 fi
-# docker network create --attachable --driver=overlay coolify-overlay 2>/dev/null
+
+# Check if Docker config file exists
+DOCKER_CONFIG_MOUNT=""
+if [ -f /root/.docker/config.json ]; then
+    DOCKER_CONFIG_MOUNT="-v /root/.docker/config.json:/root/.docker/config.json"
+fi
 
 if [ -f /data/coolify/source/docker-compose.custom.yml ]; then
     echo "docker-compose.custom.yml detected." >>$LOGFILE
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
 else
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
 fi

From 8ee4ddf4891d5cc3f26009bd806c56bc59fed885 Mon Sep 17 00:00:00 2001
From: Michael Engel <michael_engel@posteo.de>
Date: Wed, 24 Sep 2025 10:52:01 +0200
Subject: [PATCH 094/129] fix(PreviewCompose): adds port to preview urls

---
 app/Livewire/Project/Application/PreviewsCompose.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/Livewire/Project/Application/PreviewsCompose.php b/app/Livewire/Project/Application/PreviewsCompose.php
index 2632509ea..a42fb82bb 100644
--- a/app/Livewire/Project/Application/PreviewsCompose.php
+++ b/app/Livewire/Project/Application/PreviewsCompose.php
@@ -72,10 +72,12 @@ public function generate()
                 $template = $this->preview->application->preview_url_template;
                 $host = $url->getHost();
                 $schema = $url->getScheme();
+                $port = ":" . $url->getPort();
                 $random = new Cuid2;
                 $preview_fqdn = str_replace('{{random}}', $random, $template);
                 $preview_fqdn = str_replace('{{domain}}', $host, $preview_fqdn);
                 $preview_fqdn = str_replace('{{pr_id}}', $this->preview->pull_request_id, $preview_fqdn);
+                $preview_fqdn = str_replace('{{port}}', $port, $preview_fqdn);
                 $preview_fqdn = "$schema://$preview_fqdn";
             }
 

From 589abca775f0316622612b6a277b2c18fa926af9 Mon Sep 17 00:00:00 2001
From: Cinzya <cynti-ebert@web.de>
Date: Wed, 24 Sep 2025 11:45:34 +0200
Subject: [PATCH 095/129] feat(comments): ping PR author

---
 .github/workflows/chore-pr-comments.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/chore-pr-comments.yml b/.github/workflows/chore-pr-comments.yml
index 472356b30..f20729346 100644
--- a/.github/workflows/chore-pr-comments.yml
+++ b/.github/workflows/chore-pr-comments.yml
@@ -13,6 +13,8 @@ jobs:
         include:
           - label: "⚙️ Service"
             body: |
+              Hi @${{ github.event.pull_request.user.login }}! 👋
+
               It appears to us that you are either adding a new service or making changes to an existing one.
               We kindly ask you to also review and update the **Coolify Documentation** to include this new service or it's new configuration needs.
               This will help ensure that our documentation remains accurate and up-to-date for all users.
@@ -21,6 +23,8 @@ jobs:
               How to Contribute a new Service to the Docs: https://coolify.io/docs/get-started/contribute/service#adding-a-new-service-template-to-the-coolify-documentation
           - label: "🛠️ Feature"
             body: |
+              Hi @${{ github.event.pull_request.user.login }}! 👋
+
               It appears to us that you are adding a new feature to Coolify.
               We kindly ask you to also update the **Coolify Documentation** to include information about this new feature.
               This will help ensure that our documentation remains accurate and up-to-date for all users.

From d54a47a3a59d8a7cb2ba2c8729425eedb1fe1170 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 13:13:24 +0200
Subject: [PATCH 096/129] Update other/nightly/install.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 other/nightly/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/other/nightly/install.sh b/other/nightly/install.sh
index 38be272a5..2df72ca3d 100755
--- a/other/nightly/install.sh
+++ b/other/nightly/install.sh
@@ -715,7 +715,7 @@ echo -e "6. Setting up environment variable file"
 if [ -f $ENV_FILE ]; then
     # If .env exists, create backup
     echo " - Creating backup of existing .env file to .env-$DATE"
-    cp $ENV_FILE $ENV_FILE-$DATE
+    cp "$ENV_FILE" "$ENV_FILE-$DATE"
     # Merge .env.production values into .env
     echo " - Merging .env.production values into .env"
     awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE

From 70ddfe9a175d19bfdf7c0687957f2d785307e391 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 13:13:49 +0200
Subject: [PATCH 097/129] Update other/nightly/install.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 other/nightly/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/other/nightly/install.sh b/other/nightly/install.sh
index 2df72ca3d..899fa1184 100755
--- a/other/nightly/install.sh
+++ b/other/nightly/install.sh
@@ -825,7 +825,7 @@ else
 fi
 echo " - Coolify installed successfully."
 
-echo " - Waiting for 20 seconds for Coolify database migrations to be ready."
+echo " - Waiting 20 seconds for Coolify database migrations to complete."
 getAJoke
 
 sleep 20

From febeb00e482c388ef6bcf70807e8deef552f1cde Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 13:14:18 +0200
Subject: [PATCH 098/129] Update scripts/install.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 scripts/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 3bbabf648..84ea0834b 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -715,7 +715,7 @@ echo -e "6. Setting up environment variable file"
 if [ -f $ENV_FILE ]; then
     # If .env exists, create backup
     echo " - Creating backup of existing .env file to .env-$DATE"
-    cp $ENV_FILE $ENV_FILE-$DATE
+    cp "$ENV_FILE" "$ENV_FILE-$DATE"
     # Merge .env.production values into .env
     echo " - Merging .env.production values into .env"
     awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE

From cf1c54b24c3b78066ed8559258e576553df93dce Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 13:14:27 +0200
Subject: [PATCH 099/129] Update scripts/install.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 scripts/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 84ea0834b..0a8139b93 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -825,7 +825,7 @@ else
 fi
 echo " - Coolify installed successfully."
 
-echo " - Waiting for 20 seconds for Coolify database migrations to be ready."
+echo " - Waiting 20 seconds for Coolify database migrations to complete."
 getAJoke
 
 sleep 20

From acb408a2b748c812831851def476e98679a6268a Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 13:18:48 +0200
Subject: [PATCH 100/129] refactor(upgrade): enhance logging and quoting in
 upgrade scripts

- Improve logging statements for better clarity and consistency.
- Add quotes around variables in commands to prevent potential issues with spaces.
- Ensure consistent handling of environment variable updates and backups.
---
 other/nightly/upgrade.sh | 24 ++++++++++++------------
 scripts/upgrade.sh       | 24 ++++++++++++------------
 2 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/other/nightly/upgrade.sh b/other/nightly/upgrade.sh
index 018573ed0..14eede4ee 100644
--- a/other/nightly/upgrade.sh
+++ b/other/nightly/upgrade.sh
@@ -18,16 +18,16 @@ curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 # Backup existing .env file before making any changes
 if [ "$SKIP_BACKUP" != "true" ]; then
     if [ -f "$ENV_FILE" ]; then
-        echo "Creating backup of existing .env file to .env-$DATE" >>$LOGFILE
-        cp $ENV_FILE $ENV_FILE-$DATE
+        echo "Creating backup of existing .env file to .env-$DATE" >>"$LOGFILE"
+        cp "$ENV_FILE" "$ENV_FILE-$DATE"
     else
-        echo "No existing .env file found to backup" >>$LOGFILE
+        echo "No existing .env file found to backup" >>"$LOGFILE"
     fi
 fi
 
-echo "Merging .env.production values into .env" >>$LOGFILE
-awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
-echo ".env file merged successfully" >>$LOGFILE
+echo "Merging .env.production values into .env" >>"$LOGFILE"
+awk -F '=' '!seen[$1]++' "$ENV_FILE" /data/coolify/source/.env.production > "$ENV_FILE.tmp" && mv "$ENV_FILE.tmp" "$ENV_FILE"
+echo ".env file merged successfully" >>"$LOGFILE"
 
 update_env_var() {
     local key="$1"
@@ -36,15 +36,15 @@ update_env_var() {
     # If variable "key=" exists but has no value, update the value of the existing line
     if grep -q "^${key}=$" "$ENV_FILE"; then
         sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
-        echo " - Updated value of ${key} as the current value was empty" >>$LOGFILE
+        echo " - Updated value of ${key} as the current value was empty" >>"$LOGFILE"
     # If variable "key=" doesn't exist, append it to the file with value
     elif ! grep -q "^${key}=" "$ENV_FILE"; then
         printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
-        echo " - Added ${key} with default value as the variable was missing" >>$LOGFILE
+        echo " - Added ${key} with default value as the variable was missing" >>"$LOGFILE"
     fi
 }
 
-echo "Checking and updating environment variables if necessary..." >>$LOGFILE
+echo "Checking and updating environment variables if necessary..." >>"$LOGFILE"
 update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
 update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
 update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
@@ -65,8 +65,8 @@ if [ -f /root/.docker/config.json ]; then
 fi
 
 if [ -f /data/coolify/source/docker-compose.custom.yml ]; then
-    echo "docker-compose.custom.yml detected." >>$LOGFILE
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    echo "docker-compose.custom.yml detected." >>"$LOGFILE"
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>"$LOGFILE" 2>&1
 else
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>"$LOGFILE" 2>&1
 fi
diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh
index 5d52b44fe..8340d95b0 100644
--- a/scripts/upgrade.sh
+++ b/scripts/upgrade.sh
@@ -18,16 +18,16 @@ curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production
 # Backup existing .env file before making any changes
 if [ "$SKIP_BACKUP" != "true" ]; then
     if [ -f "$ENV_FILE" ]; then
-        echo "Creating backup of existing .env file to .env-$DATE" >>$LOGFILE
-        cp $ENV_FILE $ENV_FILE-$DATE
+        echo "Creating backup of existing .env file to .env-$DATE" >>"$LOGFILE"
+        cp "$ENV_FILE" "$ENV_FILE-$DATE"
     else
-        echo "No existing .env file found to backup" >>$LOGFILE
+        echo "No existing .env file found to backup" >>"$LOGFILE"
     fi
 fi
 
-echo "Merging .env.production values into .env" >>$LOGFILE
-awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
-echo ".env file merged successfully" >>$LOGFILE
+echo "Merging .env.production values into .env" >>"$LOGFILE"
+awk -F '=' '!seen[$1]++' "$ENV_FILE" /data/coolify/source/.env.production > "$ENV_FILE.tmp" && mv "$ENV_FILE.tmp" "$ENV_FILE"
+echo ".env file merged successfully" >>"$LOGFILE"
 
 update_env_var() {
     local key="$1"
@@ -36,15 +36,15 @@ update_env_var() {
     # If variable "key=" exists but has no value, update the value of the existing line
     if grep -q "^${key}=$" "$ENV_FILE"; then
         sed -i "s|^${key}=$|${key}=${value}|" "$ENV_FILE"
-        echo " - Updated value of ${key} as the current value was empty" >>$LOGFILE
+        echo " - Updated value of ${key} as the current value was empty" >>"$LOGFILE"
     # If variable "key=" doesn't exist, append it to the file with value
     elif ! grep -q "^${key}=" "$ENV_FILE"; then
         printf '%s=%s\n' "$key" "$value" >>"$ENV_FILE"
-        echo " - Added ${key} with default value as the variable was missing" >>$LOGFILE
+        echo " - Added ${key} with default value as the variable was missing" >>"$LOGFILE"
     fi
 }
 
-echo "Checking and updating environment variables if necessary..." >>$LOGFILE
+echo "Checking and updating environment variables if necessary..." >>"$LOGFILE"
 update_env_var "PUSHER_APP_ID" "$(openssl rand -hex 32)"
 update_env_var "PUSHER_APP_KEY" "$(openssl rand -hex 32)"
 update_env_var "PUSHER_APP_SECRET" "$(openssl rand -hex 32)"
@@ -65,8 +65,8 @@ if [ -f /root/.docker/config.json ]; then
 fi
 
 if [ -f /data/coolify/source/docker-compose.custom.yml ]; then
-    echo "docker-compose.custom.yml detected." >>$LOGFILE
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    echo "docker-compose.custom.yml detected." >>"$LOGFILE"
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml -f /data/coolify/source/docker-compose.custom.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>"$LOGFILE" 2>&1
 else
-    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>$LOGFILE 2>&1
+    docker run -v /data/coolify/source:/data/coolify/source -v /var/run/docker.sock:/var/run/docker.sock ${DOCKER_CONFIG_MOUNT} --rm ${REGISTRY_URL:-ghcr.io}/coollabsio/coolify-helper:${LATEST_HELPER_VERSION} bash -c "LATEST_IMAGE=${LATEST_IMAGE} docker compose --env-file /data/coolify/source/.env -f /data/coolify/source/docker-compose.yml -f /data/coolify/source/docker-compose.prod.yml up -d --remove-orphans --force-recreate --wait --wait-timeout 60" >>"$LOGFILE" 2>&1
 fi

From 664e2eaac79c7601a0e2cfff0db89008c5c16d36 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 16:38:21 +0200
Subject: [PATCH 101/129] fix(environment-variable): update checkbox visibility
 and helper text for build and runtime options

- Removed unnecessary condition for displaying the buildtime checkbox.
- Improved the layout and helper text for runtime and literal checkboxes to enhance user understanding.
---
 .../project/shared/environment-variable/add.blade.php        | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/resources/views/livewire/project/shared/environment-variable/add.blade.php b/resources/views/livewire/project/shared/environment-variable/add.blade.php
index 2978e2b35..353fe02de 100644
--- a/resources/views/livewire/project/shared/environment-variable/add.blade.php
+++ b/resources/views/livewire/project/shared/environment-variable/add.blade.php
@@ -4,15 +4,14 @@
     <x-forms.input x-show="$wire.is_multiline === false" x-cloak placeholder="production" id="value"
         x-bind:label="$wire.is_multiline === false && 'Value'" required />
 
-    @if (!$shared || $isNixpacks)
+    @if (!$shared)
         <x-forms.checkbox id="is_buildtime"
             helper="Make this variable available during Docker build process. Useful for build secrets and dependencies."
             label="Available at Buildtime" />
 
         <x-environment-variable-warning :problematic-variables="$problematicVariables" />
 
-        <x-forms.checkbox id="is_runtime"
-            helper="Make this variable available in the running container at runtime."
+        <x-forms.checkbox id="is_runtime" helper="Make this variable available in the running container at runtime."
             label="Available at Runtime" />
         <x-forms.checkbox id="is_literal"
             helper="This means that when you use $VARIABLES in a value, it should be interpreted as the actual characters '$VARIABLES' and not as the value of a variable named VARIABLE.<br><br>Useful if you have $ sign in your value and there are some characters after it, but you would not like to interpolate it from another value. In this case, you should set this to true."

From e9324fd410604408e2f0f9242b9059ca0c17af36 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 17:27:42 +0200
Subject: [PATCH 102/129] fix(deployment-job): escape single quotes in build
 arguments for Docker Compose command

- Added logic to escape single quotes in build arguments to ensure proper execution in bash -c context used by executeInDocker, preventing potential command errors.
---
 app/Jobs/ApplicationDeploymentJob.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php
index bd45c09c6..c5ab62136 100644
--- a/app/Jobs/ApplicationDeploymentJob.php
+++ b/app/Jobs/ApplicationDeploymentJob.php
@@ -642,6 +642,8 @@ private function deploy_docker_compose_buildpack()
 
             if (! $this->application->settings->use_build_secrets && $this->build_args instanceof \Illuminate\Support\Collection && $this->build_args->isNotEmpty()) {
                 $build_args_string = $this->build_args->implode(' ');
+                // Escape single quotes for bash -c context used by executeInDocker
+                $build_args_string = str_replace("'", "'\\''", $build_args_string);
                 $command .= " {$build_args_string}";
                 $this->application_deployment_queue->addLogEntry('Adding build arguments to Docker Compose build command.');
             }

From 4ce495d91ee73a6260663e73ab5d95d08b634140 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 17:53:18 +0200
Subject: [PATCH 103/129] Update
 app/Livewire/Project/Application/PreviewsCompose.php

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 app/Livewire/Project/Application/PreviewsCompose.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Project/Application/PreviewsCompose.php b/app/Livewire/Project/Application/PreviewsCompose.php
index a42fb82bb..7641edcc5 100644
--- a/app/Livewire/Project/Application/PreviewsCompose.php
+++ b/app/Livewire/Project/Application/PreviewsCompose.php
@@ -72,7 +72,8 @@ public function generate()
                 $template = $this->preview->application->preview_url_template;
                 $host = $url->getHost();
                 $schema = $url->getScheme();
-                $port = ":" . $url->getPort();
+                $portInt = $url->getPort();
+                $port = $portInt !== null ? ':' . $portInt : '';
                 $random = new Cuid2;
                 $preview_fqdn = str_replace('{{random}}', $random, $template);
                 $preview_fqdn = str_replace('{{domain}}', $host, $preview_fqdn);

From 7160b889000f81fa8791ace0af58485996169f03 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Wed, 24 Sep 2025 15:58:16 +0000
Subject: [PATCH 104/129] docs: update changelog

---
 CHANGELOG.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 177012001..b08d963ff 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,16 @@ # Changelog
 
 ## [unreleased]
 
+### 🐛 Bug Fixes
+
+- *(PreviewCompose)* Adds port to preview urls
+
+### 📚 Documentation
+
+- Update changelog
+
+## [4.0.0-beta.429] - 2025-09-23
+
 ### 🚀 Features
 
 - *(environment)* Replace is_buildtime_only with is_runtime and is_buildtime flags for environment variables, updating related logic and views
@@ -23,6 +33,8 @@ ### 🚀 Features
 - *(cloud-check)* Enhance CloudCheckSubscription command with fix options
 - *(stripe)* Enhance subscription handling and verification process
 - *(private-key-refresh)* Add refresh dispatch on private key update and connection check
+- *(comments)* Add automated comments for labeled pull requests to guide documentation updates
+- *(comments)* Ping PR author
 
 ### 🐛 Bug Fixes
 
@@ -42,6 +54,8 @@ ### 🐛 Bug Fixes
 - *(environment-variables)* Correct method call syntax in analyzeBuildVariable function
 - *(clears-global-search-cache)* Refine team retrieval logic in getTeamIdForCache method
 - *(subscription-job)* Enhance retry logic for VerifyStripeSubscriptionStatusJob
+- *(environment-variable)* Update checkbox visibility and helper text for build and runtime options
+- *(deployment-job)* Escape single quotes in build arguments for Docker Compose command
 
 ### 🚜 Refactor
 
@@ -75,6 +89,8 @@ ### 🎨 Styling
 ### ⚙️ Miscellaneous Tasks
 
 - Change order of runtime and buildtime
+- *(docker-compose)* Update soketi image version to 1.0.10 in production and Windows configurations
+- *(versions)* Update coolify version numbers to 4.0.0-beta.430 and 4.0.0-beta.431 in configuration files
 
 ## [4.0.0-beta.428] - 2025-09-15
 

From 667c8e6432332d4ec8728452a47f368b3dba9e9d Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 18:19:36 +0200
Subject: [PATCH 105/129] fix(deployment-job): enhance build time variable
 analysis

- Introduced logic to filter user-defined build time variables from the database based on the pull request context.
- Improved handling of build time variables to ensure only relevant variables are analyzed, enhancing the deployment process.
---
 app/Jobs/ApplicationDeploymentJob.php | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php
index c5ab62136..e10422848 100644
--- a/app/Jobs/ApplicationDeploymentJob.php
+++ b/app/Jobs/ApplicationDeploymentJob.php
@@ -2715,7 +2715,27 @@ private function start_by_compose_file()
 
     private function analyzeBuildTimeVariables($variables)
     {
-        $variablesArray = $variables->toArray();
+        $userDefinedVariables = collect([]);
+
+        $dbVariables = $this->pull_request_id === 0
+            ? $this->application->environment_variables()
+                ->where('is_buildtime', true)
+                ->pluck('key')
+            : $this->application->environment_variables_preview()
+                ->where('is_buildtime', true)
+                ->pluck('key');
+
+        foreach ($variables as $key => $value) {
+            if ($dbVariables->contains($key)) {
+                $userDefinedVariables->put($key, $value);
+            }
+        }
+
+        if ($userDefinedVariables->isEmpty()) {
+            return;
+        }
+
+        $variablesArray = $userDefinedVariables->toArray();
         $warnings = self::analyzeBuildVariables($variablesArray);
 
         if (empty($warnings)) {

From 78be85dbbcef1fd2d4513fe8f3ba4d1426732fae Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Wed, 24 Sep 2025 16:20:52 +0000
Subject: [PATCH 106/129] docs: update changelog

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b08d963ff..e5a6049eb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,9 +7,11 @@ ## [unreleased]
 ### 🐛 Bug Fixes
 
 - *(PreviewCompose)* Adds port to preview urls
+- *(deployment-job)* Enhance build time variable analysis
 
 ### 📚 Documentation
 
+- Update changelog
 - Update changelog
 
 ## [4.0.0-beta.429] - 2025-09-23

From 0a6b2a05860e55a044ff37d9cbd3f11feceba9d5 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 20:08:51 +0200
Subject: [PATCH 107/129] chore(versions): increment coolify version numbers to
 4.0.0-beta.431 and 4.0.0-beta.432 in configuration files

---
 config/constants.php        | 2 +-
 other/nightly/versions.json | 4 ++--
 versions.json               | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/constants.php b/config/constants.php
index f28dac5ed..bdf21588c 100644
--- a/config/constants.php
+++ b/config/constants.php
@@ -2,7 +2,7 @@
 
 return [
     'coolify' => [
-        'version' => '4.0.0-beta.430',
+        'version' => '4.0.0-beta.431',
         'helper_version' => '1.0.11',
         'realtime_version' => '1.0.10',
         'self_hosted' => env('SELF_HOSTED', true),
diff --git a/other/nightly/versions.json b/other/nightly/versions.json
index b391286d7..f71aed12c 100644
--- a/other/nightly/versions.json
+++ b/other/nightly/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.430"
+            "version": "4.0.0-beta.431"
         },
         "nightly": {
-            "version": "4.0.0-beta.431"
+            "version": "4.0.0-beta.432"
         },
         "helper": {
             "version": "1.0.11"
diff --git a/versions.json b/versions.json
index b391286d7..f71aed12c 100644
--- a/versions.json
+++ b/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.430"
+            "version": "4.0.0-beta.431"
         },
         "nightly": {
-            "version": "4.0.0-beta.431"
+            "version": "4.0.0-beta.432"
         },
         "helper": {
             "version": "1.0.11"

From f3164f6ac10c9d5763ec0b266fdb2f25e71f8b3a Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 20:41:17 +0200
Subject: [PATCH 108/129] fix(docker): adjust openssh-client installation in
 Dockerfile to avoid version bug

- Specified installation of openssh-client from Alpine v3.21 to prevent issues with version r8.
- Updated repository configuration to temporarily include v3.21 for this installation.
---
 docker/production/Dockerfile | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docker/production/Dockerfile b/docker/production/Dockerfile
index 6c9628a81..22ae961d8 100644
--- a/docker/production/Dockerfile
+++ b/docker/production/Dockerfile
@@ -72,9 +72,12 @@ RUN apk add --no-cache gnupg && \
     curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg
 
 # Install system dependencies
-RUN apk add --no-cache \
+# Install openssh-client from v3.21 to avoid bug in r8, then remove v3.21 repos
+RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.21/main" >> /etc/apk/repositories && \
+    apk add --no-cache 'openssh-client<10.0_p1-r8' && \
+    sed -i '/v3.21/d' /etc/apk/repositories && \
+    apk add --no-cache \
     postgresql${POSTGRES_VERSION}-client \
-    openssh-client \
     git \
     git-lfs \
     jq \

From 22f7a20daabd732892040d7ba29b2317f1688b35 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 24 Sep 2025 20:49:49 +0200
Subject: [PATCH 109/129] fix(docker): streamline openssh-client installation
 in Dockerfile

- Removed temporary repository configuration for Alpine v3.21.
- Upgraded system packages and added openssh-client directly to the installation process.
---
 docker/production/Dockerfile | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/docker/production/Dockerfile b/docker/production/Dockerfile
index 22ae961d8..628fb5054 100644
--- a/docker/production/Dockerfile
+++ b/docker/production/Dockerfile
@@ -72,12 +72,10 @@ RUN apk add --no-cache gnupg && \
     curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg
 
 # Install system dependencies
-# Install openssh-client from v3.21 to avoid bug in r8, then remove v3.21 repos
-RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.21/main" >> /etc/apk/repositories && \
-    apk add --no-cache 'openssh-client<10.0_p1-r8' && \
-    sed -i '/v3.21/d' /etc/apk/repositories && \
-    apk add --no-cache \
+RUN apk upgrade
+RUN apk add --no-cache \
     postgresql${POSTGRES_VERSION}-client \
+    openssh-client \
     git \
     git-lfs \
     jq \

From d086f9fc50e1ed2e236e0956f23ee0a9d3a0ee79 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Wed, 24 Sep 2025 18:55:40 +0000
Subject: [PATCH 110/129] docs: update changelog

---
 CHANGELOG.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e5a6049eb..04b99c646 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,21 @@ ## [unreleased]
 
 ### 🐛 Bug Fixes
 
+- *(docker)* Adjust openssh-client installation in Dockerfile to avoid version bug
+- *(docker)* Streamline openssh-client installation in Dockerfile
+
+### 📚 Documentation
+
+- Update changelog
+
+### ⚙️ Miscellaneous Tasks
+
+- *(versions)* Increment coolify version numbers to 4.0.0-beta.431 and 4.0.0-beta.432 in configuration files
+
+## [4.0.0-beta.430] - 2025-09-24
+
+### 🐛 Bug Fixes
+
 - *(PreviewCompose)* Adds port to preview urls
 - *(deployment-job)* Enhance build time variable analysis
 

From 8f44ade48804304bcd531789d3dc389f853a55a1 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 09:27:26 +0200
Subject: [PATCH 111/129] chore(versions): update coolify version numbers to
 4.0.0-beta.432 and 4.0.0-beta.433 in configuration files

---
 config/constants.php        | 2 +-
 other/nightly/versions.json | 4 ++--
 versions.json               | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/constants.php b/config/constants.php
index bdf21588c..01d2feb56 100644
--- a/config/constants.php
+++ b/config/constants.php
@@ -2,7 +2,7 @@
 
 return [
     'coolify' => [
-        'version' => '4.0.0-beta.431',
+        'version' => '4.0.0-beta.432',
         'helper_version' => '1.0.11',
         'realtime_version' => '1.0.10',
         'self_hosted' => env('SELF_HOSTED', true),
diff --git a/other/nightly/versions.json b/other/nightly/versions.json
index f71aed12c..3255c215b 100644
--- a/other/nightly/versions.json
+++ b/other/nightly/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.431"
+            "version": "4.0.0-beta.432"
         },
         "nightly": {
-            "version": "4.0.0-beta.432"
+            "version": "4.0.0-beta.433"
         },
         "helper": {
             "version": "1.0.11"
diff --git a/versions.json b/versions.json
index f71aed12c..3255c215b 100644
--- a/versions.json
+++ b/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.431"
+            "version": "4.0.0-beta.432"
         },
         "nightly": {
-            "version": "4.0.0-beta.432"
+            "version": "4.0.0-beta.433"
         },
         "helper": {
             "version": "1.0.11"

From 0e93d363111d267562f580495c563bab142a10f0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 09:32:39 +0200
Subject: [PATCH 112/129] fix(team): normalize email case in invite link
 generation

---
 app/Livewire/Team/InviteLink.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/Livewire/Team/InviteLink.php b/app/Livewire/Team/InviteLink.php
index 0bac39db8..45f7e467f 100644
--- a/app/Livewire/Team/InviteLink.php
+++ b/app/Livewire/Team/InviteLink.php
@@ -48,6 +48,8 @@ private function generateInviteLink(bool $sendEmail = false)
             if (auth()->user()->role() === 'admin' && $this->role === 'owner') {
                 throw new \Exception('Admins cannot invite owners.');
             }
+            $this->email = strtolower($this->email);
+
             $member_emails = currentTeam()->members()->get()->pluck('email');
             if ($member_emails->contains($this->email)) {
                 return handleError(livewire: $this, customErrorMessage: "$this->email is already a member of ".currentTeam()->name.'.');

From f81d36cc4eadecad211da2e2f03def6f8d141da8 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 10:31:07 +0200
Subject: [PATCH 113/129] fix(README): update Juxtdigital description to
 reflect current services

---
 README.md                               | 2 +-
 templates/service-templates-latest.json | 4 ++--
 templates/service-templates.json        | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index f291a33e8..1c88f4c54 100644
--- a/README.md
+++ b/README.md
@@ -76,7 +76,7 @@ ## Big Sponsors
 * [QuantCDN](https://www.quantcdn.io?ref=coolify.io) - Enterprise-grade content delivery network
 * [PFGLabs](https://pfglabs.com?ref=coolify.io) - Build Real Projects with Golang
 * [JobsCollider](https://jobscollider.com/remote-jobs?ref=coolify.io) - 30,000+ remote jobs for developers
-* [Juxtdigital](https://juxtdigital.com?ref=coolify.io) - Digital transformation and web solutions
+* [Juxtdigital](https://juxtdigital.com?ref=coolify.io) - Digital PR & AI Authority Building Agency
 * [Cloudify.ro](https://cloudify.ro?ref=coolify.io) - Cloud hosting solutions
 * [CodeRabbit](https://coderabbit.ai?ref=coolify.io) - Cut Code Review Time & Bugs in Half
 * [American Cloud](https://americancloud.com?ref=coolify.io) - US-based cloud infrastructure services
diff --git a/templates/service-templates-latest.json b/templates/service-templates-latest.json
index 09086606b..fbb428568 100644
--- a/templates/service-templates-latest.json
+++ b/templates/service-templates-latest.json
@@ -189,7 +189,7 @@
     "beszel": {
         "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started?utm_source=coolify.io",
         "slogan": "A lightweight server resource monitoring hub with historical data, docker stats, and alerts.",
-        "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9CRVNaRUxfODA5MAogICAgdm9sdW1lczoKICAgICAgLSAnYmVzemVsX2RhdGE6L2Jlc3plbF9kYXRhJwogIGJlc3plbC1hZ2VudDoKICAgIGltYWdlOiBoZW5yeWdkL2Jlc3plbC1hZ2VudAogICAgdm9sdW1lczoKICAgICAgLSAnL3Zhci9ydW4vZG9ja2VyLnNvY2s6L3Zhci9ydW4vZG9ja2VyLnNvY2s6cm8nCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1JUPTQ1ODc2CiAgICAgIC0gJ0tFWT0ke0tFWX0nCg==",
+        "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDowLjEyLjEwJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfQkVTWkVMXzgwOTAKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2Jlc3plbF9kYXRhOi9iZXN6ZWxfZGF0YScKICAgICAgLSAnYmVzemVsX3NvY2tldDovYmVzemVsX3NvY2tldCcKICBiZXN6ZWwtYWdlbnQ6CiAgICBpbWFnZTogJ2hlbnJ5Z2QvYmVzemVsLWFnZW50OjAuMTIuMTAnCiAgICB2b2x1bWVzOgogICAgICAtICdiZXN6ZWxfYWdlbnRfZGF0YTovdmFyL2xpYi9iZXN6ZWwtYWdlbnQnCiAgICAgIC0gJ2Jlc3plbF9zb2NrZXQ6L2Jlc3plbF9zb2NrZXQnCiAgICAgIC0gJy92YXIvcnVuL2RvY2tlci5zb2NrOi92YXIvcnVuL2RvY2tlci5zb2NrOnJvJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gTElTVEVOPS9iZXN6ZWxfc29ja2V0L2Jlc3plbC5zb2NrCiAgICAgIC0gJ0hVQl9VUkw9aHR0cDovL2Jlc3plbDo4MDkwJwogICAgICAtICdUT0tFTj0ke1RPS0VOfScKICAgICAgLSAnS0VZPSR7S0VZfScK",
         "tags": [
             "beszel",
             "monitoring",
@@ -302,7 +302,7 @@
     "bugsink": {
         "documentation": "https://www.bugsink.com/docs/?utm_source=coolify.io",
         "slogan": "Self-hosted Error Tracking.",
-        "compose": "c2VydmljZXM6CiAgbXlzcWw6CiAgICBpbWFnZTogJ215c3FsOmxhdGVzdCcKICAgIHJlc3RhcnQ6IHVubGVzcy1zdG9wcGVkCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LWJ1Z3Npbmt9JwogICAgICAtICdNWVNRTF9VU0VSPSR7U0VSVklDRV9VU0VSX0JVR1NJTkt9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfQlVHU0lOS30nCiAgICB2b2x1bWVzOgogICAgICAtICdteS1kYXRhdm9sdW1lOi92YXIvbGliL215c3FsJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG15c3FsYWRtaW4KICAgICAgICAtIHBpbmcKICAgICAgICAtICctaCcKICAgICAgICAtIDEyNy4wLjAuMQogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgd2ViOgogICAgaW1hZ2U6IGJ1Z3NpbmsvYnVnc2luawogICAgcmVzdGFydDogdW5sZXNzLXN0b3BwZWQKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfUEFTU1dPUkRfNjRfQlVHU0lOSwogICAgICAtICdDUkVBVEVfU1VQRVJVU0VSPWFkbWluOiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTksnCiAgICAgIC0gU0VSVklDRV9VUkxfQlVHU0lOS184MDAwCiAgICAgIC0gQkFTRV9VUkw9JFNFUlZJQ0VfVVJMX0JVR1NJTktfODAwMAogICAgICAtICdEQVRBQkFTRV9VUkw9bXlzcWw6Ly8ke1NFUlZJQ0VfVVNFUl9CVUdTSU5LfTokU0VSVklDRV9QQVNTV09SRF9CVUdTSU5LQG15c3FsOjMzMDYvJHtNWVNRTF9EQVRBQkFTRTotYnVnc2lua30nCiAgICBkZXBlbmRzX29uOgogICAgICBteXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdweXRob24gLWMgJydpbXBvcnQgcmVxdWVzdHM7IHJlcXVlc3RzLmdldCgiaHR0cDovL2xvY2FsaG9zdDo4MDAwLyIpLnJhaXNlX2Zvcl9zdGF0dXMoKScnJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==",
+        "compose": "c2VydmljZXM6CiAgbXlzcWw6CiAgICBpbWFnZTogJ215c3FsOmxhdGVzdCcKICAgIHJlc3RhcnQ6IHVubGVzcy1zdG9wcGVkCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LWJ1Z3Npbmt9JwogICAgICAtICdNWVNRTF9VU0VSPSR7U0VSVklDRV9VU0VSX0JVR1NJTkt9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfQlVHU0lOS30nCiAgICB2b2x1bWVzOgogICAgICAtICdteS1kYXRhdm9sdW1lOi92YXIvbGliL215c3FsJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG15c3FsYWRtaW4KICAgICAgICAtIHBpbmcKICAgICAgICAtICctaCcKICAgICAgICAtIDEyNy4wLjAuMQogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgd2ViOgogICAgaW1hZ2U6IGJ1Z3NpbmsvYnVnc2luawogICAgcmVzdGFydDogdW5sZXNzLXN0b3BwZWQKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfUEFTU1dPUkRfNjRfQlVHU0lOSwogICAgICAtICdDUkVBVEVfU1VQRVJVU0VSPWFkbWluOiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTksnCiAgICAgIC0gU0VSVklDRV9VUkxfQlVHU0lOS184MDAwCiAgICAgIC0gQkFTRV9VUkw9JFNFUlZJQ0VfVVJMX0JVR1NJTktfODAwMAogICAgICAtICdEQVRBQkFTRV9VUkw9bXlzcWw6Ly8ke1NFUlZJQ0VfVVNFUl9CVUdTSU5LfTokU0VSVklDRV9QQVNTV09SRF9CVUdTSU5LQG15c3FsOjMzMDYvJHtNWVNRTF9EQVRBQkFTRTotYnVnc2lua30nCiAgICAgIC0gQkVISU5EX0hUVFBTX1BST1hZPVRydWUKICAgIGRlcGVuZHNfb246CiAgICAgIG15c3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3B5dGhvbiAtYyAnJ2ltcG9ydCByZXF1ZXN0czsgcmVxdWVzdHMuZ2V0KCJodHRwOi8vbG9jYWxob3N0OjgwMDAvIikucmFpc2VfZm9yX3N0YXR1cygpJycnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK",
         "tags": [
             "python",
             "error-tracking",
diff --git a/templates/service-templates.json b/templates/service-templates.json
index 00df910e2..2fd056a19 100644
--- a/templates/service-templates.json
+++ b/templates/service-templates.json
@@ -189,7 +189,7 @@
     "beszel": {
         "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started?utm_source=coolify.io",
         "slogan": "A lightweight server resource monitoring hub with historical data, docker stats, and alerts.",
-        "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fQkVTWkVMXzgwOTAKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2Jlc3plbF9kYXRhOi9iZXN6ZWxfZGF0YScKICBiZXN6ZWwtYWdlbnQ6CiAgICBpbWFnZTogaGVucnlnZC9iZXN6ZWwtYWdlbnQKICAgIHZvbHVtZXM6CiAgICAgIC0gJy92YXIvcnVuL2RvY2tlci5zb2NrOi92YXIvcnVuL2RvY2tlci5zb2NrOnJvJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9SVD00NTg3NgogICAgICAtICdLRVk9JHtLRVl9Jwo=",
+        "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDowLjEyLjEwJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0JFU1pFTF84MDkwCiAgICB2b2x1bWVzOgogICAgICAtICdiZXN6ZWxfZGF0YTovYmVzemVsX2RhdGEnCiAgICAgIC0gJ2Jlc3plbF9zb2NrZXQ6L2Jlc3plbF9zb2NrZXQnCiAgYmVzemVsLWFnZW50OgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbC1hZ2VudDowLjEyLjEwJwogICAgdm9sdW1lczoKICAgICAgLSAnYmVzemVsX2FnZW50X2RhdGE6L3Zhci9saWIvYmVzemVsLWFnZW50JwogICAgICAtICdiZXN6ZWxfc29ja2V0Oi9iZXN6ZWxfc29ja2V0JwogICAgICAtICcvdmFyL3J1bi9kb2NrZXIuc29jazovdmFyL3J1bi9kb2NrZXIuc29jazpybycKICAgIGVudmlyb25tZW50OgogICAgICAtIExJU1RFTj0vYmVzemVsX3NvY2tldC9iZXN6ZWwuc29jawogICAgICAtICdIVUJfVVJMPWh0dHA6Ly9iZXN6ZWw6ODA5MCcKICAgICAgLSAnVE9LRU49JHtUT0tFTn0nCiAgICAgIC0gJ0tFWT0ke0tFWX0nCg==",
         "tags": [
             "beszel",
             "monitoring",
@@ -302,7 +302,7 @@
     "bugsink": {
         "documentation": "https://www.bugsink.com/docs/?utm_source=coolify.io",
         "slogan": "Self-hosted Error Tracking.",
-        "compose": "c2VydmljZXM6CiAgbXlzcWw6CiAgICBpbWFnZTogJ215c3FsOmxhdGVzdCcKICAgIHJlc3RhcnQ6IHVubGVzcy1zdG9wcGVkCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LWJ1Z3Npbmt9JwogICAgICAtICdNWVNRTF9VU0VSPSR7U0VSVklDRV9VU0VSX0JVR1NJTkt9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfQlVHU0lOS30nCiAgICB2b2x1bWVzOgogICAgICAtICdteS1kYXRhdm9sdW1lOi92YXIvbGliL215c3FsJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG15c3FsYWRtaW4KICAgICAgICAtIHBpbmcKICAgICAgICAtICctaCcKICAgICAgICAtIDEyNy4wLjAuMQogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgd2ViOgogICAgaW1hZ2U6IGJ1Z3NpbmsvYnVnc2luawogICAgcmVzdGFydDogdW5sZXNzLXN0b3BwZWQKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfUEFTU1dPUkRfNjRfQlVHU0lOSwogICAgICAtICdDUkVBVEVfU1VQRVJVU0VSPWFkbWluOiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTksnCiAgICAgIC0gU0VSVklDRV9GUUROX0JVR1NJTktfODAwMAogICAgICAtIEJBU0VfVVJMPSRTRVJWSUNFX0ZRRE5fQlVHU0lOS184MDAwCiAgICAgIC0gJ0RBVEFCQVNFX1VSTD1teXNxbDovLyR7U0VSVklDRV9VU0VSX0JVR1NJTkt9OiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTktAbXlzcWw6MzMwNi8ke01ZU1FMX0RBVEFCQVNFOi1idWdzaW5rfScKICAgIGRlcGVuZHNfb246CiAgICAgIG15c3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3B5dGhvbiAtYyAnJ2ltcG9ydCByZXF1ZXN0czsgcmVxdWVzdHMuZ2V0KCJodHRwOi8vbG9jYWxob3N0OjgwMDAvIikucmFpc2VfZm9yX3N0YXR1cygpJycnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK",
+        "compose": "c2VydmljZXM6CiAgbXlzcWw6CiAgICBpbWFnZTogJ215c3FsOmxhdGVzdCcKICAgIHJlc3RhcnQ6IHVubGVzcy1zdG9wcGVkCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LWJ1Z3Npbmt9JwogICAgICAtICdNWVNRTF9VU0VSPSR7U0VSVklDRV9VU0VSX0JVR1NJTkt9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfQlVHU0lOS30nCiAgICB2b2x1bWVzOgogICAgICAtICdteS1kYXRhdm9sdW1lOi92YXIvbGliL215c3FsJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG15c3FsYWRtaW4KICAgICAgICAtIHBpbmcKICAgICAgICAtICctaCcKICAgICAgICAtIDEyNy4wLjAuMQogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgd2ViOgogICAgaW1hZ2U6IGJ1Z3NpbmsvYnVnc2luawogICAgcmVzdGFydDogdW5sZXNzLXN0b3BwZWQKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFQ1JFVF9LRVk9JFNFUlZJQ0VfUEFTU1dPUkRfNjRfQlVHU0lOSwogICAgICAtICdDUkVBVEVfU1VQRVJVU0VSPWFkbWluOiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTksnCiAgICAgIC0gU0VSVklDRV9GUUROX0JVR1NJTktfODAwMAogICAgICAtIEJBU0VfVVJMPSRTRVJWSUNFX0ZRRE5fQlVHU0lOS184MDAwCiAgICAgIC0gJ0RBVEFCQVNFX1VSTD1teXNxbDovLyR7U0VSVklDRV9VU0VSX0JVR1NJTkt9OiRTRVJWSUNFX1BBU1NXT1JEX0JVR1NJTktAbXlzcWw6MzMwNi8ke01ZU1FMX0RBVEFCQVNFOi1idWdzaW5rfScKICAgICAgLSBCRUhJTkRfSFRUUFNfUFJPWFk9VHJ1ZQogICAgZGVwZW5kc19vbjoKICAgICAgbXlzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncHl0aG9uIC1jICcnaW1wb3J0IHJlcXVlc3RzOyByZXF1ZXN0cy5nZXQoImh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC8iKS5yYWlzZV9mb3Jfc3RhdHVzKCknJycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=",
         "tags": [
             "python",
             "error-tracking",

From dd80d26ff0753d3d43ce137dcd041708422be89f Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 10:32:27 +0200
Subject: [PATCH 114/129] fix(environment-variable-warning): enhance warning
 logic to check for problematic variable values

---
 .../environment-variable-warning.blade.php          | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/resources/views/components/environment-variable-warning.blade.php b/resources/views/components/environment-variable-warning.blade.php
index ab7cab555..bb144172f 100644
--- a/resources/views/components/environment-variable-warning.blade.php
+++ b/resources/views/components/environment-variable-warning.blade.php
@@ -4,13 +4,18 @@
     problematicVars: @js($problematicVariables),
     get showWarning() {
         const currentKey = $wire.key;
+        const currentValue = $wire.value;
         const isBuildtime = $wire.is_buildtime;
 
         if (!isBuildtime || !currentKey) return false;
         if (!this.problematicVars.hasOwnProperty(currentKey)) return false;
 
-        // Always show warning for known problematic variables when set as buildtime
-        return true;
+        const config = this.problematicVars[currentKey];
+        if (!config || !config.problematic_values) return false;
+
+        // Check if current value matches any problematic values
+        const lowerValue = String(currentValue).toLowerCase();
+        return config.problematic_values.some(pv => pv.toLowerCase() === lowerValue);
     },
     get warningMessage() {
         if (!this.showWarning) return null;
@@ -25,8 +30,8 @@
         return `Recommendation: ${config.recommendation}`;
     }
 }" x-if="showWarning">
-    <div class="p-3 rounded-lg bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-800">
+    <x-callout type="warning" title="Caution">
         <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="warningMessage"></div>
         <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="recommendation"></div>
-    </div>
+    </x-callout>
 </template>

From b5d50d4ae49ad6d11ce88493ae98945afa13581c Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 10:38:01 +0200
Subject: [PATCH 115/129] refactor(upgrade): replace warning div with a callout
 component for better UI consistency

---
 resources/views/livewire/upgrade.blade.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/resources/views/livewire/upgrade.blade.php b/resources/views/livewire/upgrade.blade.php
index 3c5f31b7b..aa3e289b7 100644
--- a/resources/views/livewire/upgrade.blade.php
+++ b/resources/views/livewire/upgrade.blade.php
@@ -54,12 +54,12 @@ class="absolute top-0 right-0 flex items-center justify-center w-8 h-8 mt-5 mr-5
                             <p>Are you sure you would like to upgrade your instance to {{ $latestVersion }}?</p>
                             <br />
 
-                            <div
-                                class="p-4 mb-4 text-yellow-800 border border-yellow-300 rounded-lg bg-yellow-50 dark:bg-yellow-900/30 dark:text-yellow-300 dark:border-yellow-800">
-                                <p class="font-medium">Warning: Any deployments running during the update process will
+                            <x-callout type="warning" title="Caution">
+                                <p>Any deployments running during the update process will
                                     fail. Please ensure no deployments are in progress on any server before continuing.
                                 </p>
-                            </div>
+                            </x-callout>
+                            <br />
                             <p>You can review the changelogs <a class="font-bold underline dark:text-white"
                                     href="https://github.com/coollabsio/coolify/releases" target="_blank">here</a>.</p>
                             <br />

From facba28e0a223711c872f7929baffa11887bce45 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:14:56 +0200
Subject: [PATCH 116/129] refactor(ui): replace warning and error divs with
 callout components for improved consistency and readability

---
 .../domain-conflict-modal.blade.php           | 16 ++++-----
 .../components/modal-confirmation.blade.php   | 18 ++++------
 .../livewire/destination/new/docker.blade.php |  7 ++--
 .../livewire/project/shared/danger.blade.php  | 15 ++-------
 .../project/shared/destination.blade.php      | 20 +++--------
 .../shared/resource-operations.blade.php      | 20 ++++-------
 .../livewire/project/shared/tags.blade.php    |  9 ++---
 .../project/shared/webhooks.blade.php         |  4 ++-
 .../server/cloudflare-tunnel.blade.php        | 33 ++++++++-----------
 .../views/livewire/server/proxy.blade.php     |  5 ++-
 .../views/livewire/server/show.blade.php      |  7 ++--
 .../livewire/settings/advanced.blade.php      | 10 +++---
 .../livewire/source/github/change.blade.php   | 16 ++-------
 .../livewire/source/github/create.blade.php   |  7 ++--
 .../views/livewire/storage/create.blade.php   |  7 ++--
 .../livewire/subscription/actions.blade.php   |  7 ++--
 .../livewire/subscription/index.blade.php     |  8 ++---
 17 files changed, 75 insertions(+), 134 deletions(-)

diff --git a/resources/views/components/domain-conflict-modal.blade.php b/resources/views/components/domain-conflict-modal.blade.php
index 218a7ef16..fe55a8ba5 100644
--- a/resources/views/components/domain-conflict-modal.blade.php
+++ b/resources/views/components/domain-conflict-modal.blade.php
@@ -30,14 +30,12 @@ class="flex absolute top-2 right-2 justify-center items-center w-8 h-8 rounded-f
                         </button>
                     </div>
                     <div class="relative w-auto">
-                        <div class="p-4 mb-4 text-white border-l-4 border-red-500 bg-red-600" role="alert">
-                            <p class="font-bold">Warning: Domain Conflict Detected</p>
-                            <p>{{ $slot ?? 'The following domain(s) are already in use by other resources. Using the same domain for multiple resources can cause routing conflicts and unpredictable behavior.' }}
-                            </p>
-                        </div>
+                        <x-callout type="danger" title="Domain Conflict Detected" class="mb-4">
+                            The following domain(s) are already in use by other resources. Using the same domain for
+                            multiple resources can cause routing conflicts and unpredictable behavior.
+                        </x-callout>
 
                         <div class="mb-4">
-                            <h4 class="mb-2 font-semibold">Conflicting Resources:</h4>
                             <ul class="space-y-2">
                                 @foreach ($conflicts as $conflict)
                                     <li class="flex items-start text-red-500">
@@ -58,9 +56,7 @@ class="underline hover:text-red-400">
                             </ul>
                         </div>
 
-                        <div class="p-4 mb-4 text-yellow-800 dark:text-yellow-200 border-l-4 bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-700 rounded-lg"
-                            role="alert">
-                            <p class="font-bold">What will happen if you continue?</p>
+                        <x-callout type="warning" title="What will happen if you continue?" class="mb-4">
                             @if (isset($consequences))
                                 {{ $consequences }}
                             @else
@@ -71,7 +67,7 @@ class="underline hover:text-red-400">
                                     <li>SSL certificates might not work correctly</li>
                                 </ul>
                             @endif
-                        </div>
+                        </x-callout>
 
                         <div class="flex flex-wrap gap-2 justify-between mt-4">
                             <x-forms.button @click="modalOpen = false; $wire.set('showDomainConflictModal', false)"
diff --git a/resources/views/components/modal-confirmation.blade.php b/resources/views/components/modal-confirmation.blade.php
index 1c82614a6..1a3c88f80 100644
--- a/resources/views/components/modal-confirmation.blade.php
+++ b/resources/views/components/modal-confirmation.blade.php
@@ -201,9 +201,6 @@ class="flex absolute top-2 right-2 justify-center items-center w-8 h-8 rounded-f
                     @if (!empty($checkboxes))
                         <!-- Step 1: Select actions -->
                         <div x-show="step === 1">
-                            <div class="flex justify-between items-center">
-                                <h4>Actions</h4>
-                            </div>
                             @foreach ($checkboxes as $index => $checkbox)
                                 <div class="flex justify-between items-center mb-2">
                                     <x-forms.checkbox fullWidth :label="$checkbox['label']" :id="$checkbox['id']"
@@ -227,11 +224,9 @@ class="w-24 dark:bg-coolgray-200 dark:hover:bg-coolgray-300">
 
                     <!-- Step 2: Confirm deletion -->
                     <div x-show="step === 2">
-                        <div class="p-4 mb-4 text-white border-l-4 border-red-500 bg-error" role="alert">
-                            <p class="font-bold">Warning</p>
-                            <p>{!! $warningMessage ?: 'This operation is permanent and cannot be undone. Please think again before proceeding!' !!}
-                            </p>
-                        </div>
+                        <x-callout type="danger" title="Warning" class="mb-4">
+                            {!! $warningMessage ?: 'This operation is permanent and cannot be undone. Please think again before proceeding!' !!}
+                        </x-callout>
                         <div class="mb-4">The following actions will be performed:</div>
                         <ul class="mb-4 space-y-2">
                             @foreach ($actions as $action)
@@ -325,10 +320,9 @@ class="w-auto" isError
                     <!-- Step 3: Password confirmation -->
                     @if (!$disableTwoStepConfirmation)
                         <div x-show="step === 3 && confirmWithPassword">
-                            <div class="p-4 mb-4 text-white border-l-4 border-red-500 bg-error" role="alert">
-                                <p class="font-bold">Final Confirmation</p>
-                                <p>Please enter your password to confirm this destructive action.</p>
-                            </div>
+                            <x-callout type="danger" title="Final Confirmation" class="mb-4">
+                                Please enter your password to confirm this destructive action.
+                            </x-callout>
                             <div class="flex flex-col gap-2 mb-4">
                                 @php
                                     $passwordConfirm = Str::uuid();
diff --git a/resources/views/livewire/destination/new/docker.blade.php b/resources/views/livewire/destination/new/docker.blade.php
index 795b33e81..953c4d42e 100644
--- a/resources/views/livewire/destination/new/docker.blade.php
+++ b/resources/views/livewire/destination/new/docker.blade.php
@@ -18,8 +18,7 @@
         </form>
     </div>
 @else
-    <div class="text-gray-500 p-4 text-center">
-        <p>You don't have permission to create new destinations.</p>
-        <p class="text-sm">Please contact your team administrator for access.</p>
-    </div>
+    <x-callout type="warning" title="Permission Required">
+        You don't have permission to create new destinations. Please contact your team administrator for access.
+    </x-callout>
 @endcan
diff --git a/resources/views/livewire/project/shared/danger.blade.php b/resources/views/livewire/project/shared/danger.blade.php
index 3562caa02..11afe0b41 100644
--- a/resources/views/livewire/project/shared/danger.blade.php
+++ b/resources/views/livewire/project/shared/danger.blade.php
@@ -11,17 +11,8 @@
             confirmationLabel="Please confirm the execution of the actions by entering the Resource Name below"
             shortConfirmationLabel="Resource Name" />
     @else
-        <div class="flex items-center gap-2 p-4 border border-red-500 rounded-lg bg-red-50 dark:bg-red-900/20">
-            <svg class="w-5 h-5 text-red-500" fill="currentColor" viewBox="0 0 20 20">
-                <path fill-rule="evenodd"
-                    d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.28 7.22a.75.75 0 00-1.06 1.06L8.94 10l-1.72 1.72a.75.75 0 101.06 1.06L10 11.06l1.72 1.72a.75.75 0 101.06-1.06L11.06 10l1.72-1.72a.75.75 0 00-1.06-1.06L10 8.94 8.28 7.22z"
-                    clip-rule="evenodd"></path>
-            </svg>
-            <div>
-                <div class="font-semibold text-red-700 dark:text-red-300">Insufficient Permissions</div>
-                <div class="text-sm text-red-600 dark:text-red-400">You don't have permission to delete this resource.
-                    Contact your team administrator for access.</div>
-            </div>
-        </div>
+        <x-callout type="danger" title="Insufficient Permissions">
+            You don't have permission to delete this resource. Contact your team administrator for access.
+        </x-callout>
     @endif
 </div>
diff --git a/resources/views/livewire/project/shared/destination.blade.php b/resources/views/livewire/project/shared/destination.blade.php
index 245449557..68ae44dc0 100644
--- a/resources/views/livewire/project/shared/destination.blade.php
+++ b/resources/views/livewire/project/shared/destination.blade.php
@@ -80,21 +80,11 @@ class="absolute bg-error -top-1 -left-1 badge "></div>
         <div class="flex flex-col gap-2">
             @if ($resource->persistentStorages()->count() > 0)
                 <h3>Add another server</h3>
-                <div
-                    class="p-4 bg-yellow-50 border border-yellow-200 rounded-lg dark:bg-yellow-900/20 dark:border-yellow-800">
-                    <div class="flex items-center">
-
-                        <div>
-                            <h4 class="text-sm font-medium text-yellow-800 dark:text-yellow-200">Cannot add additional
-                                servers</h4>
-                            <p class="text-sm text-yellow-700 dark:text-yellow-300 mt-1">
-                                This application has persistent storage volumes configured. Applications with persistent
-                                storage cannot be deployed to multiple servers as the storage would not be accessible
-                                across different servers.
-                            </p>
-                        </div>
-                    </div>
-                </div>
+                <x-callout type="warning" title="Cannot add additional servers">
+                    This application has persistent storage volumes configured. Applications with persistent
+                    storage cannot be deployed to multiple servers as the storage would not be accessible
+                    across different servers.
+                </x-callout>
             @elseif (count($networks) > 0)
                 <h3>Add another server</h3>
                 <div class="grid grid-cols-1 gap-4">
diff --git a/resources/views/livewire/project/shared/resource-operations.blade.php b/resources/views/livewire/project/shared/resource-operations.blade.php
index aa8f536ce..be7cbd7dc 100644
--- a/resources/views/livewire/project/shared/resource-operations.blade.php
+++ b/resources/views/livewire/project/shared/resource-operations.blade.php
@@ -28,13 +28,9 @@
                     @endforeach
                 @endforeach
             @else
-                <div
-                    class="p-4 bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-700 rounded-lg">
-                    <div class="text-yellow-800 dark:text-yellow-200">
-                        <strong>Access Restricted:</strong> You don't have permission to clone resources. Contact your team
-                        administrator to request access.
-                    </div>
-                </div>
+                <x-callout type="warning" title="Access Restricted">
+                    You don't have permission to clone resources. Contact your team administrator to request access.
+                </x-callout>
             @endcan
         </div>
     </div>
@@ -71,13 +67,9 @@ class="font-bold dark:text-warning">{{ $resource->environment->project->name }}
                     <div>No projects found to move to</div>
                 @endforelse
             @else
-                <div
-                    class="p-4 bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-700 rounded-lg">
-                    <div class="text-yellow-800 dark:text-yellow-200">
-                        <strong>Access Restricted:</strong> You don't have permission to move resources between projects or
-                        environments. Contact your team administrator to request access.
-                    </div>
-                </div>
+                <x-callout type="warning" title="Access Restricted">
+                    You don't have permission to move resources between projects or environments. Contact your team administrator to request access.
+                </x-callout>
             @endcan
         </div>
     </div>
diff --git a/resources/views/livewire/project/shared/tags.blade.php b/resources/views/livewire/project/shared/tags.blade.php
index 2c75deab9..85208b75b 100644
--- a/resources/views/livewire/project/shared/tags.blade.php
+++ b/resources/views/livewire/project/shared/tags.blade.php
@@ -10,12 +10,9 @@
             <x-forms.button type="submit">Add</x-forms.button>
         </form>
     @else
-        <div class="p-4 bg-yellow-50 dark:bg-yellow-900/20 border border-yellow-200 dark:border-yellow-700 rounded-lg mt-4">
-            <div class="text-yellow-800 dark:text-yellow-200">
-                <strong>Access Restricted:</strong> You don't have permission to manage tags. Contact your team
-                administrator to request access.
-            </div>
-        </div>
+        <x-callout type="warning" title="Access Restricted" class="mt-4">
+            You don't have permission to manage tags. Contact your team administrator to request access.
+        </x-callout>
     @endcan
     @if (data_get($this->resource, 'tags') && count(data_get($this->resource, 'tags')) > 0)
         <h3 class="pt-4">Assigned Tags</h3>
diff --git a/resources/views/livewire/project/shared/webhooks.blade.php b/resources/views/livewire/project/shared/webhooks.blade.php
index f3403a402..ede1725b1 100644
--- a/resources/views/livewire/project/shared/webhooks.blade.php
+++ b/resources/views/livewire/project/shared/webhooks.blade.php
@@ -73,7 +73,9 @@
                     @endcan
                 </form>
             @else
-                You are using an official Git App. You do not need manual webhooks.
+                <x-callout type="info" title="Information">
+                    You are using an official Git App. You do not need manual webhooks.
+                </x-callout>
             @endif
         </div>
     @endif
diff --git a/resources/views/livewire/server/cloudflare-tunnel.blade.php b/resources/views/livewire/server/cloudflare-tunnel.blade.php
index ce1cb7e58..a56d77926 100644
--- a/resources/views/livewire/server/cloudflare-tunnel.blade.php
+++ b/resources/views/livewire/server/cloudflare-tunnel.blade.php
@@ -23,15 +23,11 @@ class="px-2 py-1 text-xs font-semibold text-green-800 bg-green-100 rounded dark:
             <div class="flex flex-col gap-2 pt-6">
                 @if ($isCloudflareTunnelsEnabled)
                     <div class="flex flex-col gap-4">
-                        <div
-                            class="w-full px-4 py-2 text-yellow-800 rounded-xs border-l-4 border-yellow-500 bg-yellow-50 dark:bg-yellow-900/30 dark:text-yellow-300 dark:border-yellow-600">
-                            <p class="font-bold">Warning!</p>
-                            <p>If you disable Cloudflare Tunnel, you will need to update the server's IP address back
-                                to
-                                its real IP address in the server "General" settings. The server may become inaccessible
-                                if the IP
-                                address is not updated correctly.</p>
-                        </div>
+                        <x-callout type="warning" title="Warning!">
+                            If you disable Cloudflare Tunnel, you will need to update the server's IP address back
+                            to its real IP address in the server "General" settings. The server may become inaccessible
+                            if the IP address is not updated correctly.
+                        </x-callout>
                         <div class="w-64">
                             @if ($server->ip_previous)
                                 <x-modal-confirmation title="Disable Cloudflare Tunnel?"
@@ -60,10 +56,9 @@ class="w-full px-4 py-2 text-yellow-800 rounded-xs border-l-4 border-yellow-500
                         </div>
                     </div>
                 @elseif (!$server->isFunctional())
-                    <div
-                        class="p-4 mb-4 w-full text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-yellow-900 dark:text-yellow-300">
+                    <x-callout type="info" title="Configuration Options" class="mb-4">
                         To <span class="font-semibold">automatically</span> configure Cloudflare Tunnel, please
-                        validate your server first.</span> Then you will need a Cloudflare token and an SSH
+                        validate your server first. Then you will need a Cloudflare token and an SSH
                         domain configured.
                         <br />
                         To <span class="font-semibold">manually</span> configure Cloudflare Tunnel, please
@@ -72,8 +67,8 @@ class="p-4 mb-4 w-full text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-
                         <br /><br />
                         For more information, please read our <a
                             href="https://coolify.io/docs/knowledge-base/cloudflare/tunnels/server-ssh" target="_blank"
-                            class="underline ">documentation</a>.
-                    </div>
+                            class="underline">documentation</a>.
+                    </x-callout>
                 @endif
                 @if (!$isCloudflareTunnelsEnabled && $server->isFunctional())
                     <div class="flex  flex-col pb-2">
@@ -97,10 +92,9 @@ class="flex flex-col gap-2 w-full">
                                 <x-forms.button type="submit" isHighlighted>Continue</x-forms.button>
                             </form>
                         @else
-                            <div
-                                class="p-4 mb-4 text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-yellow-900 dark:text-yellow-300">
+                            <x-callout type="warning" title="Permission Required" class="mb-4">
                                 You don't have permission to configure Cloudflare Tunnel for this server.
-                            </div>
+                            </x-callout>
                         @endcan
                     </div>
                     @script
@@ -128,10 +122,9 @@ class="p-4 mb-4 text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-yellow-
                         confirmationLabel="Please type the confirmation text to confirm that you manually configured Cloudflare Tunnel."
                         shortConfirmationLabel="Confirmation text" />
                 @else
-                    <div
-                        class="p-4 mb-4 text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-yellow-900 dark:text-yellow-300">
+                    <x-callout type="warning" title="Permission Required" class="mb-4">
                         You don't have permission to configure Cloudflare Tunnel for this server.
-                    </div>
+                    </x-callout>
                 @endcan
             </div>
             @endif
diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index c40bdd31b..c46a114d8 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -119,10 +119,9 @@
                         </x-forms.button> --}}
                     </div>
                 @else
-                    <div
-                        class="p-4 mb-4 text-sm text-yellow-800 bg-yellow-100 rounded-sm dark:bg-yellow-900 dark:text-yellow-300">
+                    <x-callout type="warning" title="Permission Required" class="mb-4">
                         You don't have permission to configure proxy settings for this server.
-                    </div>
+                    </x-callout>
                 @endcan
             </div>
     @endif
diff --git a/resources/views/livewire/server/show.blade.php b/resources/views/livewire/server/show.blade.php
index 29eacf627..a25e245e9 100644
--- a/resources/views/livewire/server/show.blade.php
+++ b/resources/views/livewire/server/show.blade.php
@@ -62,9 +62,10 @@ class="mt-8 mb-4 w-full font-bold box-without-bg bg-coollabs hover:bg-coollabs-1
                     </x-forms.button>
                 @endif
                 @if ($server->isForceDisabled() && isCloud())
-                    <div class="pt-4 font-bold text-red-500">The system has disabled the server because you have
-                        exceeded the
-                        number of servers for which you have paid.</div>
+                    <x-callout type="danger" title="Server Disabled" class="mt-4">
+                        The system has disabled the server because you have exceeded the
+                        number of servers for which you have paid.
+                    </x-callout>
                 @endif
                 <div class="flex flex-col gap-2 pt-4">
                     <div class="flex flex-col gap-2 w-full lg:flex-row">
diff --git a/resources/views/livewire/settings/advanced.blade.php b/resources/views/livewire/settings/advanced.blade.php
index b68370a09..65d7181c6 100644
--- a/resources/views/livewire/settings/advanced.blade.php
+++ b/resources/views/livewire/settings/advanced.blade.php
@@ -66,12 +66,10 @@
                             confirmationLabel="Please type the confirmation text to disable two step confirmation."
                             shortConfirmationLabel="Confirmation text" />
                     </div>
-                    <div class="w-full px-4 py-2 mb-4 text-white rounded-xs border-l-4 border-red-500 bg-error">
-                        <p class="font-bold">Warning!</p>
-                        <p>Disabling two step confirmation reduces security (as anyone can easily delete anything) and
-                            increases
-                            the risk of accidental actions. This is not recommended for production servers.</p>
-                    </div>
+                    <x-callout type="danger" title="Warning!" class="mb-4">
+                        Disabling two step confirmation reduces security (as anyone can easily delete anything) and
+                        increases the risk of accidental actions. This is not recommended for production servers.
+                    </x-callout>
                 @endif
             </div>
         </form>
diff --git a/resources/views/livewire/source/github/change.blade.php b/resources/views/livewire/source/github/change.blade.php
index ba610eacd..e4d5e5228 100644
--- a/resources/views/livewire/source/github/change.blade.php
+++ b/resources/views/livewire/source/github/change.blade.php
@@ -269,19 +269,9 @@ class=""
                             helper="Necessary for adding Github Runners to repositories.<br><br>Administration: read & write" /> --}}
                         </div>
                     @else
-                        <div
-                            class="flex items-center gap-2 p-4 border border-red-500 rounded-lg bg-red-50 dark:bg-red-900/20">
-                            <svg class="w-5 h-5 text-red-500" fill="currentColor" viewBox="0 0 20 20">
-                                <path fill-rule="evenodd"
-                                    d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.28 7.22a.75.75 0 00-1.06 1.06L8.94 10l-1.72 1.72a.75.75 0 101.06 1.06L10 11.06l1.72 1.72a.75.75 0 101.06-1.06L11.06 10l1.72-1.72a.75.75 0 00-1.06-1.06L10 8.94 8.28 7.22z"
-                                    clip-rule="evenodd"></path>
-                            </svg>
-                            <div>
-                                <div class="font-semibold text-red-700 dark:text-red-300">Insufficient Permissions</div>
-                                <div class="text-sm text-red-600 dark:text-red-400">You don't have permission to create
-                                    new GitHub Apps. Please contact your team administrator.</div>
-                            </div>
-                        </div>
+                        <x-callout type="danger" title="Insufficient Permissions">
+                            You don't have permission to create new GitHub Apps. Please contact your team administrator.
+                        </x-callout>
                     @endcan
                 </div>
             </div>
diff --git a/resources/views/livewire/source/github/create.blade.php b/resources/views/livewire/source/github/create.blade.php
index 154e93a27..f47575784 100644
--- a/resources/views/livewire/source/github/create.blade.php
+++ b/resources/views/livewire/source/github/create.blade.php
@@ -52,8 +52,7 @@ class="flex items-center justify-between w-full px-1 py-2 text-left select-none
         </x-forms.button>
     </form>
 @else
-    <div class="text-gray-500 p-4 text-center">
-        <p>You don't have permission to create new GitHub Apps.</p>
-        <p class="text-sm">Please contact your team administrator for access.</p>
-    </div>
+    <x-callout type="warning" title="Permission Required">
+        You don't have permission to create new GitHub Apps. Please contact your team administrator for access.
+    </x-callout>
 @endcan
diff --git a/resources/views/livewire/storage/create.blade.php b/resources/views/livewire/storage/create.blade.php
index 735e040eb..d4a12cf4b 100644
--- a/resources/views/livewire/storage/create.blade.php
+++ b/resources/views/livewire/storage/create.blade.php
@@ -24,8 +24,7 @@
         </form>
     </div>
 @else
-    <div class="text-gray-500 p-4 text-center">
-        <p>You don't have permission to create new S3 storage configurations.</p>
-        <p class="text-sm">Please contact your team administrator for access.</p>
-    </div>
+    <x-callout type="warning" title="Permission Required">
+        You don't have permission to create new S3 storage configurations. Please contact your team administrator for access.
+    </x-callout>
 @endcan
diff --git a/resources/views/livewire/subscription/actions.blade.php b/resources/views/livewire/subscription/actions.blade.php
index e54cb0bd4..516a57dd3 100644
--- a/resources/views/livewire/subscription/actions.blade.php
+++ b/resources/views/livewire/subscription/actions.blade.php
@@ -26,10 +26,11 @@
                 <div class="text-xl font-bold dark:text-white">{{ currentTeam()->servers->count() }}</div>
             </div>
             @if (currentTeam()->serverOverflow())
-                <div class="py-4"><span class="font-bold text-red-500">WARNING:</span> You must delete
-                    {{ currentTeam()->servers->count() - $server_limits }} servers,
+                <x-callout type="danger" title="WARNING" class="my-4">
+                    You must delete {{ currentTeam()->servers->count() - $server_limits }} servers,
                     or upgrade your subscription. {{ currentTeam()->servers->count() - $server_limits }} servers will be
-                    deactivated.</div>
+                    deactivated.
+                </x-callout>
             @endif
             <x-forms.button class="gap-2" wire:click='stripeCustomerPortal'>Change Server Quantity
             </x-forms.button>
diff --git a/resources/views/livewire/subscription/index.blade.php b/resources/views/livewire/subscription/index.blade.php
index 0ca786988..d1d933e04 100644
--- a/resources/views/livewire/subscription/index.blade.php
+++ b/resources/views/livewire/subscription/index.blade.php
@@ -55,10 +55,10 @@
             <div class="flex gap-2">
                 <h1>Subscription</h1>
             </div>
-            <div>You are not an admin so you cannot manage your Team's subscription. If this does not make sense, please
-                <span class="underline cursor-pointer dark:text-white" wire:click="help">contact
-                    us</span>.
-            </div>
+            <x-callout type="warning" title="Permission Required">
+                You are not an admin so you cannot manage your Team's subscription. If this does not make sense, please
+                <span class="underline cursor-pointer dark:text-white" wire:click="help">contact us</span>.
+            </x-callout>
         </div>
     @endif
 </div>

From 9768deccd51a1417c3681e487287f57c456a766b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:15:17 +0200
Subject: [PATCH 117/129] chore(workflow): update pull request trigger to
 pull_request_target and refine permissions for enhanced security

---
 .github/workflows/chore-pr-comments.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/chore-pr-comments.yml b/.github/workflows/chore-pr-comments.yml
index f20729346..8836c6632 100644
--- a/.github/workflows/chore-pr-comments.yml
+++ b/.github/workflows/chore-pr-comments.yml
@@ -1,6 +1,6 @@
 name: Add comment based on label
 on:
-  pull_request:
+  pull_request_target:
     types:
       - labeled
 jobs:
@@ -8,6 +8,15 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       pull-requests: write
+      contents: read
+      actions: none
+      checks: none
+      deployments: none
+      issues: none
+      packages: none
+      repository-projects: none
+      security-events: none
+      statuses: none
     strategy:
       matrix:
         include:

From 2b402c9ce9535f5c63aba96f728f218eed8c0172 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:33:32 +0200
Subject: [PATCH 118/129] Update app/Models/TeamInvitation.php

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 app/Models/TeamInvitation.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Models/TeamInvitation.php b/app/Models/TeamInvitation.php
index 92107c48c..c322982ed 100644
--- a/app/Models/TeamInvitation.php
+++ b/app/Models/TeamInvitation.php
@@ -18,7 +18,7 @@ class TeamInvitation extends Model
     /**
      * Set the email attribute to lowercase.
      */
-    public function setEmailAttribute($value)
+    public function setEmailAttribute(string $value): void
     {
         $this->attributes['email'] = strtolower($value);
     }

From 12afc1d6b661067c0778dad4c6ad0e0704a6e554 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:38:56 +0200
Subject: [PATCH 119/129] Update
 resources/views/livewire/server/docker-cleanup.blade.php

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 resources/views/livewire/server/docker-cleanup.blade.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/resources/views/livewire/server/docker-cleanup.blade.php b/resources/views/livewire/server/docker-cleanup.blade.php
index 4d440b23b..66e9de720 100644
--- a/resources/views/livewire/server/docker-cleanup.blade.php
+++ b/resources/views/livewire/server/docker-cleanup.blade.php
@@ -68,9 +68,8 @@
                             label="Delete Unused Volumes"
                             helper="This option will remove all unused Docker volumes during cleanup.<br><br><strong>Warning: Data from stopped containers will be lost!</strong><br><br>Consequences include:<br>
                             <ul class='list-disc pl-4 mt-2'>
-                                <li>Volumes not attached to running containers will be deleted and data will be permanently lost (stopped containers are affected).</li>
-                                <li>Data from stopped containers volumes will be permanently lost.</li>
-                                <li>No way to recover deleted volume data.</li>
+                                <li>Volumes not attached to running containers will be permanently deleted (volumes from stopped containers are affected).</li>
+                                <li>Data stored in deleted volumes cannot be recovered.</li>
                             </ul>" 
                         />
                         <x-forms.checkbox canGate="update" :canResource="$server" instantSave id="deleteUnusedNetworks"

From 38445568768f8f10b952b75b00b15e4e358154e1 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:39:17 +0200
Subject: [PATCH 120/129] Update templates/service-templates.json

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 templates/service-templates.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/service-templates.json b/templates/service-templates.json
index 2fd056a19..ce9ead7cf 100644
--- a/templates/service-templates.json
+++ b/templates/service-templates.json
@@ -187,7 +187,7 @@
         "minversion": "0.0.0"
     },
     "beszel": {
-        "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started?utm_source=coolify.io",
+        "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started&utm_source=coolify.io",
         "slogan": "A lightweight server resource monitoring hub with historical data, docker stats, and alerts.",
         "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDowLjEyLjEwJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0JFU1pFTF84MDkwCiAgICB2b2x1bWVzOgogICAgICAtICdiZXN6ZWxfZGF0YTovYmVzemVsX2RhdGEnCiAgICAgIC0gJ2Jlc3plbF9zb2NrZXQ6L2Jlc3plbF9zb2NrZXQnCiAgYmVzemVsLWFnZW50OgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbC1hZ2VudDowLjEyLjEwJwogICAgdm9sdW1lczoKICAgICAgLSAnYmVzemVsX2FnZW50X2RhdGE6L3Zhci9saWIvYmVzemVsLWFnZW50JwogICAgICAtICdiZXN6ZWxfc29ja2V0Oi9iZXN6ZWxfc29ja2V0JwogICAgICAtICcvdmFyL3J1bi9kb2NrZXIuc29jazovdmFyL3J1bi9kb2NrZXIuc29jazpybycKICAgIGVudmlyb25tZW50OgogICAgICAtIExJU1RFTj0vYmVzemVsX3NvY2tldC9iZXN6ZWwuc29jawogICAgICAtICdIVUJfVVJMPWh0dHA6Ly9iZXN6ZWw6ODA5MCcKICAgICAgLSAnVE9LRU49JHtUT0tFTn0nCiAgICAgIC0gJ0tFWT0ke0tFWX0nCg==",
         "tags": [

From 3477bbb240fb4baa3f07eb30ff5d2d643df129be Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:40:23 +0200
Subject: [PATCH 121/129] Update
 resources/views/livewire/server/docker-cleanup.blade.php

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 resources/views/livewire/server/docker-cleanup.blade.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/resources/views/livewire/server/docker-cleanup.blade.php b/resources/views/livewire/server/docker-cleanup.blade.php
index 66e9de720..7eb71aead 100644
--- a/resources/views/livewire/server/docker-cleanup.blade.php
+++ b/resources/views/livewire/server/docker-cleanup.blade.php
@@ -76,10 +76,9 @@
                             label="Delete Unused Networks"
                             helper="This option will remove all unused Docker networks during cleanup.<br><br><strong>Warning: Functionality may be lost and containers may not be able to communicate with each other!</strong><br><br>Consequences include:<br>
                             <ul class='list-disc pl-4 mt-2'>
-                                <li>Networks not attached to running containers will be permanently deleted (stopped containers are affected).</li>
-                                <li>Custom networks for stopped containers will be permanently deleted.</li>
-                                <li>Functionality may be lost and containers may not be able to communicate with each other.</li>
-                            </ul>" 
+                                <li>Networks not attached to running containers will be permanently deleted (networks used by stopped containers are affected).</li>
+                                <li>Containers may lose connectivity if required networks are removed.</li>
+                            </ul>"
                         />
                     </div>
                 </div>

From 12c7e28a48a16692000c32b6024fb5571cb1ff4e Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:44:34 +0200
Subject: [PATCH 122/129] fix(install): ensure proper quoting of environment
 file paths to prevent issues with spaces

---
 other/nightly/install.sh | 6 +++---
 scripts/install.sh       | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/other/nightly/install.sh b/other/nightly/install.sh
index 899fa1184..bcd37e71f 100755
--- a/other/nightly/install.sh
+++ b/other/nightly/install.sh
@@ -712,18 +712,18 @@ curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
 
 echo -e "6. Setting up environment variable file"
 
-if [ -f $ENV_FILE ]; then
+if [ -f "$ENV_FILE" ]; then
     # If .env exists, create backup
     echo " - Creating backup of existing .env file to .env-$DATE"
     cp "$ENV_FILE" "$ENV_FILE-$DATE"
     # Merge .env.production values into .env
     echo " - Merging .env.production values into .env"
-    awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+    awk -F '=' '!seen[$1]++' "$ENV_FILE" "/data/coolify/source/.env.production" > "$ENV_FILE.tmp" && mv "$ENV_FILE.tmp" "$ENV_FILE"
     echo " - .env file merged successfully"
 else
     # If no .env exists, copy .env.production to .env
     echo " - No .env file found, copying .env.production to .env"
-    cp /data/coolify/source/.env.production $ENV_FILE
+    cp "/data/coolify/source/.env.production" "$ENV_FILE"
 fi
 
 echo -e "7. Checking and updating environment variables if necessary..."
diff --git a/scripts/install.sh b/scripts/install.sh
index 0a8139b93..f75ac8f73 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -712,18 +712,18 @@ curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh
 
 echo -e "6. Setting up environment variable file"
 
-if [ -f $ENV_FILE ]; then
+if [ -f "$ENV_FILE" ]; then
     # If .env exists, create backup
     echo " - Creating backup of existing .env file to .env-$DATE"
     cp "$ENV_FILE" "$ENV_FILE-$DATE"
     # Merge .env.production values into .env
     echo " - Merging .env.production values into .env"
-    awk -F '=' '!seen[$1]++' $ENV_FILE /data/coolify/source/.env.production > $ENV_FILE.tmp && mv $ENV_FILE.tmp $ENV_FILE
+    awk -F '=' '!seen[$1]++' "$ENV_FILE" "/data/coolify/source/.env.production" > "$ENV_FILE.tmp" && mv "$ENV_FILE.tmp" "$ENV_FILE"
     echo " - .env file merged successfully"
 else
     # If no .env exists, copy .env.production to .env
     echo " - No .env file found, copying .env.production to .env"
-    cp /data/coolify/source/.env.production $ENV_FILE
+    cp "/data/coolify/source/.env.production" "$ENV_FILE"
 fi
 
 echo -e "7. Checking and updating environment variables if necessary..."

From 6cd3bc04617bb8a2dc7010c2b8aa9ef5050e9c27 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:44:58 +0200
Subject: [PATCH 123/129] fix(security): implement authorization checks for
 terminal access management

---
 app/Livewire/Server/Security/TerminalAccess.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Server/Security/TerminalAccess.php b/app/Livewire/Server/Security/TerminalAccess.php
index c5898314b..284eea7dd 100644
--- a/app/Livewire/Server/Security/TerminalAccess.php
+++ b/app/Livewire/Server/Security/TerminalAccess.php
@@ -4,6 +4,7 @@
 
 use App\Models\InstanceSettings;
 use App\Models\Server;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Livewire\Attributes\Validate;
@@ -11,6 +12,8 @@
 
 class TerminalAccess extends Component
 {
+    use AuthorizesRequests;
+
     public Server $server;
 
     public array $parameters = [];
@@ -22,6 +25,7 @@ public function mount(string $server_uuid)
     {
         try {
             $this->server = Server::ownedByCurrentTeam()->whereUuid($server_uuid)->firstOrFail();
+            $this->authorize('update', $this->server);
             $this->parameters = get_route_parameters();
             $this->syncData();
 
@@ -33,6 +37,8 @@ public function mount(string $server_uuid)
     public function toggleTerminal($password)
     {
         try {
+            $this->authorize('update', $this->server);
+
             // Check if user is admin or owner
             if (! auth()->user()->isAdmin()) {
                 throw new \Exception('Only team administrators and owners can modify terminal access.');
@@ -76,4 +82,4 @@ public function render()
     {
         return view('livewire.server.security.terminal-access');
     }
-}
\ No newline at end of file
+}

From 47b060e29146241d9192932b7cee8ad4c34fffd4 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:45:03 +0200
Subject: [PATCH 124/129] refactor(ui): improve styling and consistency in
 environment variable warning and docker cleanup components

---
 .../environment-variable-warning.blade.php    |  4 +-
 .../livewire/server/docker-cleanup.blade.php  |  6 +-
 .../TeamInvitationEmailNormalizationTest.php  | 88 +++++++++----------
 3 files changed, 45 insertions(+), 53 deletions(-)

diff --git a/resources/views/components/environment-variable-warning.blade.php b/resources/views/components/environment-variable-warning.blade.php
index bb144172f..1ad05ed46 100644
--- a/resources/views/components/environment-variable-warning.blade.php
+++ b/resources/views/components/environment-variable-warning.blade.php
@@ -31,7 +31,7 @@
     }
 }" x-if="showWarning">
     <x-callout type="warning" title="Caution">
-        <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="warningMessage"></div>
-        <div class="text-sm text-yellow-700 dark:text-yellow-300" x-text="recommendation"></div>
+        <div class="text-sm" x-text="warningMessage"></div>
+        <div class="text-sm" x-text="recommendation"></div>
     </x-callout>
 </template>
diff --git a/resources/views/livewire/server/docker-cleanup.blade.php b/resources/views/livewire/server/docker-cleanup.blade.php
index 7eb71aead..c2d33bdda 100644
--- a/resources/views/livewire/server/docker-cleanup.blade.php
+++ b/resources/views/livewire/server/docker-cleanup.blade.php
@@ -41,11 +41,11 @@
                                 helper="The Docker cleanup tasks will run when the disk usage exceeds this threshold." />
                         @endif
                     </div>
-                    <div class="w-96">
+                    <div class="w-full sm:w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server"
                             helper="Enabling Force Docker Cleanup or manually triggering a cleanup will perform the following actions:
                             <ul class='list-disc pl-4 mt-2'>
-                                <li>Removes stopped containers managed by Coolify (as containers are none persistent, no data will be lost).</li>
+                                <li>Removes stopped containers managed by Coolify (as containers are non-persistent, no data will be lost).</li>
                                 <li>Deletes unused images.</li>
                                 <li>Clears build cache.</li>
                                 <li>Removes old versions of the Coolify helper image.</li>
@@ -63,7 +63,7 @@
                     <x-callout type="warning" title="Caution">
                         <p>These options can cause permanent data loss and functional issues. Only enable if you fully understand the consequences</p>
                     </x-callout>
-                    <div class="w-96">
+                    <div class="w-full sm:w-96">
                         <x-forms.checkbox canGate="update" :canResource="$server" instantSave id="deleteUnusedVolumes"
                             label="Delete Unused Volumes"
                             helper="This option will remove all unused Docker volumes during cleanup.<br><br><strong>Warning: Data from stopped containers will be lost!</strong><br><br>Consequences include:<br>
diff --git a/tests/Feature/TeamInvitationEmailNormalizationTest.php b/tests/Feature/TeamInvitationEmailNormalizationTest.php
index c7ad9134b..bf497c66e 100644
--- a/tests/Feature/TeamInvitationEmailNormalizationTest.php
+++ b/tests/Feature/TeamInvitationEmailNormalizationTest.php
@@ -1,63 +1,55 @@
 <?php
 
-namespace Tests\Feature;
-
 use App\Models\Team;
 use App\Models\TeamInvitation;
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
-use Tests\TestCase;
 
-class TeamInvitationEmailNormalizationTest extends TestCase
-{
-    use RefreshDatabase;
+uses(RefreshDatabase::class);
 
-    public function test_team_invitation_normalizes_email_to_lowercase()
-    {
-        // Create a team
-        $team = Team::factory()->create();
+test('team invitation normalizes email to lowercase', function () {
+    // Create a team
+    $team = Team::factory()->create();
 
-        // Create invitation with mixed case email
-        $invitation = TeamInvitation::create([
-            'team_id' => $team->id,
-            'uuid' => 'test-uuid-123',
-            'email' => 'Test@Example.com', // Mixed case
-            'role' => 'member',
-            'link' => 'https://example.com/invite/test-uuid-123',
-            'via' => 'link'
-        ]);
+    // Create invitation with mixed case email
+    $invitation = TeamInvitation::create([
+        'team_id' => $team->id,
+        'uuid' => 'test-uuid-123',
+        'email' => 'Test@Example.com', // Mixed case
+        'role' => 'member',
+        'link' => 'https://example.com/invite/test-uuid-123',
+        'via' => 'link',
+    ]);
 
-        // Verify email was normalized to lowercase
-        $this->assertEquals('test@example.com', $invitation->email);
-    }
+    // Verify email was normalized to lowercase
+    expect($invitation->email)->toBe('test@example.com');
+});
 
-    public function test_team_invitation_works_with_existing_user_email()
-    {
-        // Create a team
-        $team = Team::factory()->create();
+test('team invitation works with existing user email', function () {
+    // Create a team
+    $team = Team::factory()->create();
 
-        // Create a user with lowercase email
-        $user = User::factory()->create([
-            'email' => 'test@example.com',
-            'name' => 'Test User'
-        ]);
+    // Create a user with lowercase email
+    $user = User::factory()->create([
+        'email' => 'test@example.com',
+        'name' => 'Test User',
+    ]);
 
-        // Create invitation with mixed case email
-        $invitation = TeamInvitation::create([
-            'team_id' => $team->id,
-            'uuid' => 'test-uuid-123',
-            'email' => 'Test@Example.com', // Mixed case
-            'role' => 'member',
-            'link' => 'https://example.com/invite/test-uuid-123',
-            'via' => 'link'
-        ]);
+    // Create invitation with mixed case email
+    $invitation = TeamInvitation::create([
+        'team_id' => $team->id,
+        'uuid' => 'test-uuid-123',
+        'email' => 'Test@Example.com', // Mixed case
+        'role' => 'member',
+        'link' => 'https://example.com/invite/test-uuid-123',
+        'via' => 'link',
+    ]);
 
-        // Verify the invitation email matches the user email (both normalized)
-        $this->assertEquals($user->email, $invitation->email);
+    // Verify the invitation email matches the user email (both normalized)
+    expect($invitation->email)->toBe($user->email);
 
-        // Verify user lookup works
-        $foundUser = User::whereEmail($invitation->email)->first();
-        $this->assertNotNull($foundUser);
-        $this->assertEquals($user->id, $foundUser->id);
-    }
-}
+    // Verify user lookup works
+    $foundUser = User::whereEmail($invitation->email)->first();
+    expect($foundUser)->not->toBeNull();
+    expect($foundUser->id)->toBe($user->id);
+});

From a20f4ffe65a7d797514f1b16b3fabbbd14c7b6ad Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 11:50:06 +0200
Subject: [PATCH 125/129] refactor(security): streamline update check
 functionality and improve UI button interactions in patches view

---
 .../views/livewire/server/security/patches.blade.php     | 9 ++++++---
 templates/service-templates.json                         | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/resources/views/livewire/server/security/patches.blade.php b/resources/views/livewire/server/security/patches.blade.php
index f8b51f34e..fd7b61ad9 100644
--- a/resources/views/livewire/server/security/patches.blade.php
+++ b/resources/views/livewire/server/security/patches.blade.php
@@ -10,7 +10,7 @@
         </x-slot:content>
     </x-slide-over>
 
-    <div x-data="{ activeTab: window.location.hash ? window.location.hash.substring(1) : 'general' }" class="flex flex-col h-full gap-8 sm:flex-row" x-init="$wire.checkForUpdates()">
+    <div x-data="{ activeTab: window.location.hash ? window.location.hash.substring(1) : 'general' }" class="flex flex-col h-full gap-8 sm:flex-row">
         <x-server.sidebar-security :server="$server" :parameters="$parameters" />
         <form wire:submit='submit' class="w-full">
             <div>
@@ -20,8 +20,6 @@
                     <x-helper
                         helper="Only available for apt, dnf and zypper package managers atm, more coming
             soon.<br/>Status notifications sent every week.<br/>You can disable notifications in the <a class='dark:text-white underline' href='{{ route('notifications.email') }}'>notification settings</a>." />
-                    <x-forms.button type="button" wire:click="$dispatch('checkForUpdatesDispatch')">
-                        Check Now</x-forms.button>
                     @if (isDev())
                         <x-forms.button type="button" wire:click="sendTestEmail">
                             Send Test Email (dev only)</x-forms.button>
@@ -30,6 +28,8 @@
                 <div>Update your servers semi-automatically.</div>
                 <div>
                     <div class="flex flex-col gap-6 pt-4">
+                        <x-forms.button type="button" wire:click="$dispatch('checkForUpdates')">
+                            Check for Updates</x-forms.button>
                         <div class="flex flex-col">
                             <div>
                                 <div class="pb-2" wire:target="checkForUpdates" wire:loading>
@@ -109,6 +109,9 @@
     </div>
     @script
         <script>
+            $wire.on('checkForUpdates', () => {
+                $wire.$call('checkForUpdatesDispatch');
+            });
             $wire.on('updateAllPackages', () => {
                 window.dispatchEvent(new CustomEvent('startupdate'));
                 $wire.$call('updateAllPackages');
diff --git a/templates/service-templates.json b/templates/service-templates.json
index ce9ead7cf..2fd056a19 100644
--- a/templates/service-templates.json
+++ b/templates/service-templates.json
@@ -187,7 +187,7 @@
         "minversion": "0.0.0"
     },
     "beszel": {
-        "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started&utm_source=coolify.io",
+        "documentation": "https://github.com/henrygd/beszel?tab=readme-ov-file#getting-started?utm_source=coolify.io",
         "slogan": "A lightweight server resource monitoring hub with historical data, docker stats, and alerts.",
         "compose": "c2VydmljZXM6CiAgYmVzemVsOgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbDowLjEyLjEwJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0JFU1pFTF84MDkwCiAgICB2b2x1bWVzOgogICAgICAtICdiZXN6ZWxfZGF0YTovYmVzemVsX2RhdGEnCiAgICAgIC0gJ2Jlc3plbF9zb2NrZXQ6L2Jlc3plbF9zb2NrZXQnCiAgYmVzemVsLWFnZW50OgogICAgaW1hZ2U6ICdoZW5yeWdkL2Jlc3plbC1hZ2VudDowLjEyLjEwJwogICAgdm9sdW1lczoKICAgICAgLSAnYmVzemVsX2FnZW50X2RhdGE6L3Zhci9saWIvYmVzemVsLWFnZW50JwogICAgICAtICdiZXN6ZWxfc29ja2V0Oi9iZXN6ZWxfc29ja2V0JwogICAgICAtICcvdmFyL3J1bi9kb2NrZXIuc29jazovdmFyL3J1bi9kb2NrZXIuc29jazpybycKICAgIGVudmlyb25tZW50OgogICAgICAtIExJU1RFTj0vYmVzemVsX3NvY2tldC9iZXN6ZWwuc29jawogICAgICAtICdIVUJfVVJMPWh0dHA6Ly9iZXN6ZWw6ODA5MCcKICAgICAgLSAnVE9LRU49JHtUT0tFTn0nCiAgICAgIC0gJ0tFWT0ke0tFWX0nCg==",
         "tags": [

From 8f78c54cd3a7eb963a886e8d1179acfba4dc6f04 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 13:18:48 +0200
Subject: [PATCH 126/129] fix(application): restrict GitHub-based application
 settings to non-public repositories

---
 .../views/livewire/project/application/general.blade.php      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php
index 3b9609ac4..6fddb549a 100644
--- a/resources/views/livewire/project/application/general.blade.php
+++ b/resources/views/livewire/project/application/general.blade.php
@@ -268,7 +268,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                             helper="If you use this, you need to specify paths relatively and should use the same compose file in the custom command, otherwise the automatically configured labels / etc won't work.<br><br>So in your case, use: <span class='dark:text-warning'>docker compose -f .{{ Str::start($application->base_directory . $application->docker_compose_location, '/') }} up -d</span>"
                                             label="Custom Start Command" />
                                     </div>
-                                    @if ($this->application->is_github_based())
+                                    @if ($this->application->is_github_based() && !$this->application->is_public_repository())
                                         <div class="pt-4">
                                             <x-forms.textarea
                                                 helper="Gitignore-style rules to filter Git based webhook deployments."
@@ -307,7 +307,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                     @endif
 
                                 </div>
-                                @if ($this->application->is_github_based())
+                                @if ($this->application->is_github_based() && !$this->application->is_public_repository())
                                     <div class="pb-4">
                                         <x-forms.textarea
                                             helper="Gitignore-style rules to filter Git based webhook deployments."

From 2eef83f0726dba1661460e9a3a73a8ffd7d259cc Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 13:19:05 +0200
Subject: [PATCH 127/129] fix(traits): update saved_outputs handling in
 ExecuteRemoteCommand to use collection methods for better performance

---
 app/Traits/ExecuteRemoteCommand.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Traits/ExecuteRemoteCommand.php b/app/Traits/ExecuteRemoteCommand.php
index f9df19c16..b4a1402d9 100644
--- a/app/Traits/ExecuteRemoteCommand.php
+++ b/app/Traits/ExecuteRemoteCommand.php
@@ -202,13 +202,13 @@ private function executeCommandWithProcess($command, $hidden, $customType, $appe
 
             if ($this->save) {
                 if (data_get($this->saved_outputs, $this->save, null) === null) {
-                    data_set($this->saved_outputs, $this->save, str());
+                    $this->saved_outputs->put($this->save, str());
                 }
                 if ($append) {
-                    $this->saved_outputs[$this->save] .= str($sanitized_output)->trim();
-                    $this->saved_outputs[$this->save] = str($this->saved_outputs[$this->save]);
+                    $current_value = $this->saved_outputs->get($this->save);
+                    $this->saved_outputs->put($this->save, str($current_value.str($sanitized_output)->trim()));
                 } else {
-                    $this->saved_outputs[$this->save] = str($sanitized_output)->trim();
+                    $this->saved_outputs->put($this->save, str($sanitized_output)->trim());
                 }
             }
         });

From 708a08fdd624ee45e5586f200639e289d666d432 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 13:19:12 +0200
Subject: [PATCH 128/129] fix(application): enhance domain handling by
 replacing both dots and dashes with underscores for HTML form binding

---
 app/Livewire/Project/Application/General.php  | 12 +--
 app/Models/Application.php                    |  5 +-
 bootstrap/helpers/parsers.php                 | 82 ++++++++++++-------
 .../project/application/general.blade.php     |  4 +-
 4 files changed, 65 insertions(+), 38 deletions(-)

diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php
index 2ade83038..ae9bd314b 100644
--- a/app/Livewire/Project/Application/General.php
+++ b/app/Livewire/Project/Application/General.php
@@ -210,10 +210,10 @@ public function mount()
             }
         }
         $this->parsedServiceDomains = $this->application->docker_compose_domains ? json_decode($this->application->docker_compose_domains, true) : [];
-        // Convert service names with dots to use underscores for HTML form binding
+        // Convert service names with dots and dashes to use underscores for HTML form binding
         $sanitizedDomains = [];
         foreach ($this->parsedServiceDomains as $serviceName => $domain) {
-            $sanitizedKey = str($serviceName)->slug('_')->toString();
+            $sanitizedKey = str($serviceName)->replace('-', '_')->replace('.', '_')->toString();
             $sanitizedDomains[$sanitizedKey] = $domain;
         }
         $this->parsedServiceDomains = $sanitizedDomains;
@@ -305,10 +305,10 @@ public function loadComposeFile($isInit = false, $showToast = true)
             // Refresh parsedServiceDomains to reflect any changes in docker_compose_domains
             $this->application->refresh();
             $this->parsedServiceDomains = $this->application->docker_compose_domains ? json_decode($this->application->docker_compose_domains, true) : [];
-            // Convert service names with dots to use underscores for HTML form binding
+            // Convert service names with dots and dashes to use underscores for HTML form binding
             $sanitizedDomains = [];
             foreach ($this->parsedServiceDomains as $serviceName => $domain) {
-                $sanitizedKey = str($serviceName)->slug('_')->toString();
+                $sanitizedKey = str($serviceName)->replace('-', '_')->replace('.', '_')->toString();
                 $sanitizedDomains[$sanitizedKey] = $domain;
             }
             $this->parsedServiceDomains = $sanitizedDomains;
@@ -334,7 +334,7 @@ public function generateDomain(string $serviceName)
 
             $uuid = new Cuid2;
             $domain = generateUrl(server: $this->application->destination->server, random: $uuid);
-            $sanitizedKey = str($serviceName)->slug('_')->toString();
+            $sanitizedKey = str($serviceName)->replace('-', '_')->replace('.', '_')->toString();
             $this->parsedServiceDomains[$sanitizedKey]['domain'] = $domain;
 
             // Convert back to original service names for storage
@@ -344,7 +344,7 @@ public function generateDomain(string $serviceName)
                 $originalServiceName = $key;
                 if (isset($this->parsedServices['services'])) {
                     foreach ($this->parsedServices['services'] as $originalName => $service) {
-                        if (str($originalName)->slug('_')->toString() === $key) {
+                        if (str($originalName)->replace('-', '_')->replace('.', '_')->toString() === $key) {
                             $originalServiceName = $originalName;
                             break;
                         }
diff --git a/app/Models/Application.php b/app/Models/Application.php
index 094e5c82b..9f6dcb125 100644
--- a/app/Models/Application.php
+++ b/app/Models/Application.php
@@ -1479,14 +1479,14 @@ public function loadComposeFile($isInit = false)
             if ($this->docker_compose_domains) {
                 $json = collect(json_decode($this->docker_compose_domains));
                 foreach ($json as $key => $value) {
-                    if (str($key)->contains('-')) {
+                    if (str($key)->contains('-') || str($key)->contains('.')) {
                         $key = str($key)->replace('-', '_')->replace('.', '_');
                     }
                     $json->put((string) $key, $value);
                 }
                 $services = collect(data_get($parsedServices, 'services', []));
                 foreach ($services as $name => $service) {
-                    if (str($name)->contains('-')) {
+                    if (str($name)->contains('-') || str($name)->contains('.')) {
                         $replacedName = str($name)->replace('-', '_')->replace('.', '_');
                         $services->put((string) $replacedName, $service);
                         $services->forget((string) $name);
@@ -1503,6 +1503,7 @@ public function loadComposeFile($isInit = false)
                 } else {
                     $this->docker_compose_domains = null;
                 }
+                ray($this->docker_compose_domains);
                 $this->save();
             }
 
diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php
index d4701d251..25cc5d0a6 100644
--- a/bootstrap/helpers/parsers.php
+++ b/bootstrap/helpers/parsers.php
@@ -385,21 +385,34 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int
                         'is_preview' => false,
                     ]);
                     if ($resource->build_pack === 'dockercompose') {
-                        $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]);
-                        $domainExists = data_get($domains->get($fqdnFor), 'domain');
-                        $envExists = $resource->environment_variables()->where('key', $key->value())->first();
-                        if (str($domainExists)->replace('http://', '')->replace('https://', '')->value() !== $envExists->value) {
-                            $envExists->update([
-                                'value' => $url,
-                            ]);
+                        // Check if a service with this name actually exists
+                        $serviceExists = false;
+                        foreach ($services as $serviceName => $service) {
+                            $transformedServiceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value();
+                            if ($transformedServiceName === $fqdnFor) {
+                                $serviceExists = true;
+                                break;
+                            }
                         }
-                        if (is_null($domainExists)) {
-                            // Put URL in the domains array instead of FQDN
-                            $domains->put((string) $fqdnFor, [
-                                'domain' => $url,
-                            ]);
-                            $resource->docker_compose_domains = $domains->toJson();
-                            $resource->save();
+
+                        // Only add domain if the service exists
+                        if ($serviceExists) {
+                            $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]);
+                            $domainExists = data_get($domains->get($fqdnFor), 'domain');
+                            $envExists = $resource->environment_variables()->where('key', $key->value())->first();
+                            if (str($domainExists)->replace('http://', '')->replace('https://', '')->value() !== $envExists->value) {
+                                $envExists->update([
+                                    'value' => $url,
+                                ]);
+                            }
+                            if (is_null($domainExists)) {
+                                // Put URL in the domains array instead of FQDN
+                                $domains->put((string) $fqdnFor, [
+                                    'domain' => $url,
+                                ]);
+                                $resource->docker_compose_domains = $domains->toJson();
+                                $resource->save();
+                            }
                         }
                     }
                 } elseif ($command->value() === 'URL') {
@@ -418,20 +431,33 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int
                         'is_preview' => false,
                     ]);
                     if ($resource->build_pack === 'dockercompose') {
-                        $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]);
-                        $domainExists = data_get($domains->get($urlFor), 'domain');
-                        $envExists = $resource->environment_variables()->where('key', $key->value())->first();
-                        if ($domainExists !== $envExists->value) {
-                            $envExists->update([
-                                'value' => $url,
-                            ]);
+                        // Check if a service with this name actually exists
+                        $serviceExists = false;
+                        foreach ($services as $serviceName => $service) {
+                            $transformedServiceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value();
+                            if ($transformedServiceName === $urlFor) {
+                                $serviceExists = true;
+                                break;
+                            }
                         }
-                        if (is_null($domainExists)) {
-                            $domains->put((string) $urlFor, [
-                                'domain' => $url,
-                            ]);
-                            $resource->docker_compose_domains = $domains->toJson();
-                            $resource->save();
+
+                        // Only add domain if the service exists
+                        if ($serviceExists) {
+                            $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]);
+                            $domainExists = data_get($domains->get($urlFor), 'domain');
+                            $envExists = $resource->environment_variables()->where('key', $key->value())->first();
+                            if ($domainExists !== $envExists->value) {
+                                $envExists->update([
+                                    'value' => $url,
+                                ]);
+                            }
+                            if (is_null($domainExists)) {
+                                $domains->put((string) $urlFor, [
+                                    'domain' => $url,
+                                ]);
+                                $resource->docker_compose_domains = $domains->toJson();
+                                $resource->save();
+                            }
                         }
                     }
                 } else {
@@ -910,7 +936,7 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int
                 $preview = $resource->previews()->find($preview_id);
                 $docker_compose_domains = collect(json_decode(data_get($preview, 'docker_compose_domains')));
                 if ($docker_compose_domains->count() > 0) {
-                    $found_fqdn = data_get($docker_compose_domains, "$serviceName.domain");
+                    $found_fqdn = data_get($docker_compose_domains, "$changedServiceName.domain");
                     if ($found_fqdn) {
                         $fqdns = collect($found_fqdn);
                     } else {
diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php
index 6fddb549a..41ce78222 100644
--- a/resources/views/livewire/project/application/general.blade.php
+++ b/resources/views/livewire/project/application/general.blade.php
@@ -50,8 +50,8 @@
                                     <div class="flex items-end gap-2">
                                         <x-forms.input
                                             helper="You can specify one domain with path or more with comma. You can specify a port to bind the domain to.<br><br><span class='text-helper'>Example</span><br>- http://app.coolify.io,https://cloud.coolify.io/dashboard<br>- http://app.coolify.io/api/v3<br>- http://app.coolify.io:3000 -> app.coolify.io will point to port 3000 inside the container. "
-                                            label="Domains for {{ str($serviceName)->headline() }}"
-                                            id="parsedServiceDomains.{{ str($serviceName)->slug('_') }}.domain"
+                                            label="Domains for {{ $serviceName }}"
+                                            id="parsedServiceDomains.{{ str($serviceName)->replace('-', '_')->replace('.', '_') }}.domain"
                                             x-bind:disabled="shouldDisable()"></x-forms.input>
                                         @can('update', $application)
                                             <x-forms.button wire:click="generateDomain('{{ $serviceName }}')">Generate

From 0691a1834a1994fb6f29c0b27e52c8d0b4c310c5 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Thu, 25 Sep 2025 14:26:11 +0200
Subject: [PATCH 129/129] feat(application): implement order-based pattern
 matching for watch paths with negation support

---
 app/Models/Application.php                    | 173 +++++++-
 .../project/application/general.blade.php     |   4 +-
 tests/Unit/ApplicationWatchPathsTest.php      | 380 ++++++++++++++----
 3 files changed, 458 insertions(+), 99 deletions(-)

diff --git a/app/Models/Application.php b/app/Models/Application.php
index 9f6dcb125..cfe4ba8db 100644
--- a/app/Models/Application.php
+++ b/app/Models/Application.php
@@ -1556,40 +1556,185 @@ protected function buildGitCheckoutCommand($target): string
         return $command;
     }
 
+    private function parseWatchPaths($value)
+    {
+        if ($value) {
+            $watch_paths = collect(explode("\n", $value))
+                ->map(function (string $path): string {
+                    // Trim whitespace and remove leading slashes to normalize paths
+                    $path = trim($path);
+
+                    return ltrim($path, '/');
+                })
+                ->filter(function (string $path): bool {
+                    return strlen($path) > 0;
+                });
+
+            return trim($watch_paths->implode("\n"));
+        }
+    }
+
     public function watchPaths(): Attribute
     {
         return Attribute::make(
             set: function ($value) {
                 if ($value) {
-                    return trim($value);
+                    return $this->parseWatchPaths($value);
                 }
             }
         );
     }
 
+    public function matchWatchPaths(Collection $modified_files, ?Collection $watch_paths): Collection
+    {
+        return self::matchPaths($modified_files, $watch_paths);
+    }
+
+    /**
+     * Static method to match paths against watch patterns with negation support
+     * Uses order-based matching: last matching pattern wins
+     */
+    public static function matchPaths(Collection $modified_files, ?Collection $watch_paths): Collection
+    {
+        if (is_null($watch_paths) || $watch_paths->isEmpty()) {
+            return collect([]);
+        }
+
+        return $modified_files->filter(function ($file) use ($watch_paths) {
+            $shouldInclude = null; // null means no patterns matched
+
+            // Process patterns in order - last match wins
+            foreach ($watch_paths as $pattern) {
+                $pattern = trim($pattern);
+                if (empty($pattern)) {
+                    continue;
+                }
+
+                $isExclusion = str_starts_with($pattern, '!');
+                $matchPattern = $isExclusion ? substr($pattern, 1) : $pattern;
+
+                if (self::globMatch($matchPattern, $file)) {
+                    // This pattern matches - it determines the current state
+                    $shouldInclude = ! $isExclusion;
+                }
+            }
+
+            // If no patterns matched and we only have exclusion patterns, include by default
+            if ($shouldInclude === null) {
+                // Check if we only have exclusion patterns
+                $hasInclusionPatterns = $watch_paths->contains(fn ($p) => ! str_starts_with(trim($p), '!'));
+
+                return ! $hasInclusionPatterns;
+            }
+
+            return $shouldInclude;
+        })->values();
+    }
+
+    /**
+     * Check if a path matches a glob pattern
+     * Supports: *, **, ?, [abc], [!abc]
+     */
+    public static function globMatch(string $pattern, string $path): bool
+    {
+        $regex = self::globToRegex($pattern);
+
+        return preg_match($regex, $path) === 1;
+    }
+
+    /**
+     * Convert a glob pattern to a regular expression
+     */
+    public static function globToRegex(string $pattern): string
+    {
+        $regex = '';
+        $inGroup = false;
+        $chars = str_split($pattern);
+        $len = count($chars);
+
+        for ($i = 0; $i < $len; $i++) {
+            $c = $chars[$i];
+
+            switch ($c) {
+                case '*':
+                    // Check for **
+                    if ($i + 1 < $len && $chars[$i + 1] === '*') {
+                        // ** matches any number of directories
+                        $regex .= '.*';
+                        $i++; // Skip next *
+                        // Skip optional /
+                        if ($i + 1 < $len && $chars[$i + 1] === '/') {
+                            $i++;
+                        }
+                    } else {
+                        // * matches anything except /
+                        $regex .= '[^/]*';
+                    }
+                    break;
+
+                case '?':
+                    // ? matches any single character except /
+                    $regex .= '[^/]';
+                    break;
+
+                case '[':
+                    // Character class
+                    $inGroup = true;
+                    $regex .= '[';
+                    // Check for negation
+                    if ($i + 1 < $len && ($chars[$i + 1] === '!' || $chars[$i + 1] === '^')) {
+                        $regex .= '^';
+                        $i++;
+                    }
+                    break;
+
+                case ']':
+                    if ($inGroup) {
+                        $inGroup = false;
+                        $regex .= ']';
+                    } else {
+                        $regex .= preg_quote($c, '#');
+                    }
+                    break;
+
+                case '.':
+                case '(':
+                case ')':
+                case '+':
+                case '{':
+                case '}':
+                case '$':
+                case '^':
+                case '|':
+                case '\\':
+                    // Escape regex special characters
+                    $regex .= '\\'.$c;
+                    break;
+
+                default:
+                    $regex .= $c;
+                    break;
+            }
+        }
+
+        // Wrap in delimiters and anchors
+        return '#^'.$regex.'$#';
+    }
+
     public function isWatchPathsTriggered(Collection $modified_files): bool
     {
         if (is_null($this->watch_paths)) {
             return false;
         }
-        $watch_paths = collect(explode("\n", $this->watch_paths))
-            ->map(function (string $path): string {
-                return trim($path);
-            })
-            ->filter(function (string $path): bool {
-                return strlen($path) > 0;
-            });
+        $this->watch_paths = $this->parseWatchPaths($this->watch_paths);
+        $this->save();
+        $watch_paths = collect(explode("\n", $this->watch_paths));
 
         // If no valid patterns after filtering, don't trigger
         if ($watch_paths->isEmpty()) {
             return false;
         }
-
-        $matches = $modified_files->filter(function ($file) use ($watch_paths) {
-            return $watch_paths->contains(function ($glob) use ($file) {
-                return fnmatch($glob, $file);
-            });
-        });
+        $matches = $this->matchWatchPaths($modified_files, $watch_paths);
 
         return $matches->count() > 0;
     }
diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php
index 41ce78222..ba7d2edb0 100644
--- a/resources/views/livewire/project/application/general.blade.php
+++ b/resources/views/livewire/project/application/general.blade.php
@@ -271,7 +271,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                     @if ($this->application->is_github_based() && !$this->application->is_public_repository())
                                         <div class="pt-4">
                                             <x-forms.textarea
-                                                helper="Gitignore-style rules to filter Git based webhook deployments."
+                                                helper="Order-based pattern matching to filter Git webhook deployments. Supports wildcards (*, **, ?) and negation (!). Last matching pattern wins."
                                                 placeholder="services/api/**" id="application.watch_paths"
                                                 label="Watch Paths" x-bind:disabled="shouldDisable()" />
                                         </div>
@@ -310,7 +310,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
                                 @if ($this->application->is_github_based() && !$this->application->is_public_repository())
                                     <div class="pb-4">
                                         <x-forms.textarea
-                                            helper="Gitignore-style rules to filter Git based webhook deployments."
+                                            helper="Order-based pattern matching to filter Git webhook deployments. Supports wildcards (*, **, ?) and negation (!). Last matching pattern wins."
                                             placeholder="src/pages/**" id="application.watch_paths"
                                             label="Watch Paths" x-bind:disabled="!canUpdate" />
                                     </div>
diff --git a/tests/Unit/ApplicationWatchPathsTest.php b/tests/Unit/ApplicationWatchPathsTest.php
index c90105b78..f675db43a 100644
--- a/tests/Unit/ApplicationWatchPathsTest.php
+++ b/tests/Unit/ApplicationWatchPathsTest.php
@@ -3,163 +3,377 @@
 namespace Tests\Unit;
 
 use App\Models\Application;
-use Illuminate\Support\Collection;
-use Tests\TestCase;
+use PHPUnit\Framework\TestCase;
 
 class ApplicationWatchPathsTest extends TestCase
 {
+    /**
+     * This matches the CURRENT (broken) behavior without negation support
+     * which is what the old Application.php had
+     */
+    private function matchWatchPathsCurrentBehavior(array $changed_files, ?array $watch_paths): array
+    {
+        if (is_null($watch_paths) || empty($watch_paths)) {
+            return [];
+        }
+
+        $matches = [];
+        foreach ($changed_files as $file) {
+            foreach ($watch_paths as $pattern) {
+                $pattern = trim($pattern);
+                if (empty($pattern)) {
+                    continue;
+                }
+                // Old implementation just uses fnmatch directly
+                // This means !patterns are treated as literal strings
+                if (fnmatch($pattern, $file)) {
+                    $matches[] = $file;
+                    break;
+                }
+            }
+        }
+
+        return $matches;
+    }
+
+    /**
+     * Use the shared implementation from Application model
+     */
+    private function matchWatchPaths(array $changed_files, ?array $watch_paths): array
+    {
+        $modifiedFiles = collect($changed_files);
+        $watchPaths = is_null($watch_paths) ? null : collect($watch_paths);
+
+        $result = Application::matchPaths($modifiedFiles, $watchPaths);
+
+        return $result->toArray();
+    }
+
     public function test_is_watch_paths_triggered_returns_false_when_watch_paths_is_null()
     {
-        $application = new Application();
-        $application->watch_paths = null;
+        $changed_files = ['docker-compose.yml', 'README.md'];
+        $watch_paths = null;
 
-        $modified_files = collect(['docker-compose.yml', 'README.md']);
-
-        $this->assertFalse($application->isWatchPathsTriggered($modified_files));
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
     }
 
     public function test_is_watch_paths_triggered_with_exact_match()
     {
-        $application = new Application();
-        $application->watch_paths = "docker-compose.yml\nDockerfile";
+        $watch_paths = ['docker-compose.yml', 'Dockerfile'];
 
-        // Exact match should return true
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile'])));
+        // Exact match should return matches
+        $matches = $this->matchWatchPaths(['docker-compose.yml'], $watch_paths);
+        $this->assertCount(1, $matches);
+        $this->assertEquals(['docker-compose.yml'], $matches);
 
-        // Non-matching file should return false
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
+        $matches = $this->matchWatchPaths(['Dockerfile'], $watch_paths);
+        $this->assertCount(1, $matches);
+        $this->assertEquals(['Dockerfile'], $matches);
+
+        // Non-matching file should return empty
+        $matches = $this->matchWatchPaths(['README.md'], $watch_paths);
+        $this->assertEmpty($matches);
     }
 
     public function test_is_watch_paths_triggered_with_wildcard_patterns()
     {
-        $application = new Application();
-        $application->watch_paths = "*.yml\nsrc/**/*.php\nconfig/*";
+        $watch_paths = ['*.yml', 'src/**/*.php', 'config/*'];
 
         // Wildcard matches
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['production.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/Controllers/UserController.php'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/Models/User.php'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['config/app.php'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['docker-compose.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['production.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['src/Controllers/UserController.php'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['src/Models/User.php'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['config/app.php'], $watch_paths));
 
         // Non-matching files
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['src/index.js'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['configurations/deep/file.php'])));
+        $this->assertEmpty($this->matchWatchPaths(['README.md'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['src/index.js'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['configurations/deep/file.php'], $watch_paths));
     }
 
     public function test_is_watch_paths_triggered_with_multiple_files()
     {
-        $application = new Application();
-        $application->watch_paths = "docker-compose.yml\n*.env";
+        $watch_paths = ['docker-compose.yml', '*.env'];
 
         // At least one file matches
-        $modified_files = collect(['README.md', 'docker-compose.yml', 'package.json']);
-        $this->assertTrue($application->isWatchPathsTriggered($modified_files));
+        $changed_files = ['README.md', 'docker-compose.yml', 'package.json'];
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertNotEmpty($matches);
+        $this->assertContains('docker-compose.yml', $matches);
 
         // No files match
-        $modified_files = collect(['README.md', 'package.json', 'src/index.js']);
-        $this->assertFalse($application->isWatchPathsTriggered($modified_files));
+        $changed_files = ['README.md', 'package.json', 'src/index.js'];
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
     }
 
     public function test_is_watch_paths_triggered_with_complex_patterns()
     {
-        $application = new Application();
         // fnmatch doesn't support {a,b} syntax, so we need to use separate patterns
-        $application->watch_paths = "**/*.js\n**/*.jsx\n**/*.ts\n**/*.tsx";
+        $watch_paths = ['**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx'];
 
         // JavaScript/TypeScript files should match
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/index.js'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['components/Button.jsx'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['types/user.ts'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['pages/Home.tsx'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['src/index.js'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['components/Button.jsx'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['types/user.ts'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['pages/Home.tsx'], $watch_paths));
 
         // Deeply nested files should match
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['src/components/ui/Button.tsx'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['src/components/ui/Button.tsx'], $watch_paths));
 
         // Non-matching files
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['package.json'])));
+        $this->assertEmpty($this->matchWatchPaths(['README.md'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['package.json'], $watch_paths));
     }
 
     public function test_is_watch_paths_triggered_with_question_mark_pattern()
     {
-        $application = new Application();
-        $application->watch_paths = "test?.txt\nfile-?.yml";
+        $watch_paths = ['test?.txt', 'file-?.yml'];
 
         // Single character wildcard matches
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['test1.txt'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['testA.txt'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['file-1.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['file-B.yml'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['test1.txt'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['testA.txt'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['file-1.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['file-B.yml'], $watch_paths));
 
         // Non-matching files
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['test.txt'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['test12.txt'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['file.yml'])));
+        $this->assertEmpty($this->matchWatchPaths(['test.txt'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['test12.txt'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['file.yml'], $watch_paths));
     }
 
     public function test_is_watch_paths_triggered_with_character_set_pattern()
     {
-        $application = new Application();
-        $application->watch_paths = "[abc]test.txt\nfile[0-9].yml";
+        $watch_paths = ['[abc]test.txt', 'file[0-9].yml'];
 
         // Character set matches
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['atest.txt'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['btest.txt'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['ctest.txt'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['file1.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['file9.yml'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['atest.txt'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['btest.txt'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['ctest.txt'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['file1.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['file9.yml'], $watch_paths));
 
         // Non-matching files
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['dtest.txt'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['test.txt'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['fileA.yml'])));
+        $this->assertEmpty($this->matchWatchPaths(['dtest.txt'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['test.txt'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['fileA.yml'], $watch_paths));
     }
 
     public function test_is_watch_paths_triggered_with_empty_watch_paths()
     {
-        $application = new Application();
-        $application->watch_paths = '';
+        $watch_paths = [];
 
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['any-file.txt'])));
+        $matches = $this->matchWatchPaths(['any-file.txt'], $watch_paths);
+        $this->assertEmpty($matches);
     }
 
     public function test_is_watch_paths_triggered_with_whitespace_only_patterns()
     {
-        $application = new Application();
-        $application->watch_paths = "\n  \n\t\n";
+        $watch_paths = ['', '  ', '	'];
 
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['any-file.txt'])));
+        $matches = $this->matchWatchPaths(['any-file.txt'], $watch_paths);
+        $this->assertEmpty($matches);
     }
 
     public function test_is_watch_paths_triggered_for_dockercompose_typical_patterns()
     {
-        $application = new Application();
-        $application->watch_paths = "docker-compose*.yml\n.env*\nDockerfile*\nservices/**";
+        $watch_paths = ['docker-compose*.yml', '.env*', 'Dockerfile*', 'services/**'];
 
         // Docker Compose related files
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose.prod.yml'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['docker-compose-dev.yml'])));
-        
+        $this->assertNotEmpty($this->matchWatchPaths(['docker-compose.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['docker-compose.prod.yml'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['docker-compose-dev.yml'], $watch_paths));
+
         // Environment files
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env.local'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['.env.production'])));
-        
+        $this->assertNotEmpty($this->matchWatchPaths(['.env'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['.env.local'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['.env.production'], $watch_paths));
+
         // Dockerfile variations
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['Dockerfile.prod'])));
-        
+        $this->assertNotEmpty($this->matchWatchPaths(['Dockerfile'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['Dockerfile.prod'], $watch_paths));
+
         // Service files
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['services/api/app.js'])));
-        $this->assertTrue($application->isWatchPathsTriggered(collect(['services/web/index.html'])));
+        $this->assertNotEmpty($this->matchWatchPaths(['services/api/app.js'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['services/web/index.html'], $watch_paths));
 
         // Non-matching files (e.g., documentation, configs outside services)
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['README.md'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['package.json'])));
-        $this->assertFalse($application->isWatchPathsTriggered(collect(['config/nginx.conf'])));
+        $this->assertEmpty($this->matchWatchPaths(['README.md'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['package.json'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['config/nginx.conf'], $watch_paths));
     }
-}
\ No newline at end of file
+
+    public function test_negation_pattern_with_non_matching_file()
+    {
+        // Test case: file that does NOT match the exclusion pattern should trigger
+        $changed_files = ['docker-compose/index.ts'];
+        $watch_paths = ['!docker-compose-test/**'];
+
+        // Since the file docker-compose/index.ts does NOT match the exclusion pattern docker-compose-test/**
+        // it should trigger the deployment (file is included by default when only exclusion patterns exist)
+        // This means: "deploy everything EXCEPT files in docker-compose-test/**"
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertNotEmpty($matches);
+        $this->assertEquals(['docker-compose/index.ts'], $matches);
+
+        // Test the opposite: file that DOES match the exclusion pattern should NOT trigger
+        $changed_files = ['docker-compose-test/index.ts'];
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
+
+        // Test with deeper path
+        $changed_files = ['docker-compose-test/sub/dir/file.ts'];
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
+    }
+
+    public function test_mixed_inclusion_and_exclusion_patterns()
+    {
+        // Include all JS files but exclude test directories
+        $watch_paths = ['**/*.js', '!**/*test*/**'];
+
+        // Should match: JS files not in test directories
+        $this->assertNotEmpty($this->matchWatchPaths(['src/index.js'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['components/Button.js'], $watch_paths));
+
+        // Should NOT match: JS files in test directories
+        $this->assertEmpty($this->matchWatchPaths(['test/unit/app.js'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['src/test-utils/helper.js'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['docker-compose-test/index.js'], $watch_paths));
+
+        // Should NOT match: non-JS files
+        $this->assertEmpty($this->matchWatchPaths(['README.md'], $watch_paths));
+    }
+
+    public function test_multiple_negation_patterns()
+    {
+        // Exclude multiple directories
+        $watch_paths = ['!tests/**', '!docs/**', '!*.md'];
+
+        // Should match: files not in excluded patterns
+        $this->assertNotEmpty($this->matchWatchPaths(['src/index.js'], $watch_paths));
+        $this->assertNotEmpty($this->matchWatchPaths(['docker-compose.yml'], $watch_paths));
+
+        // Should NOT match: files in excluded patterns
+        $this->assertEmpty($this->matchWatchPaths(['tests/unit/test.js'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['docs/api.html'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['README.md'], $watch_paths));
+        $this->assertEmpty($this->matchWatchPaths(['CHANGELOG.md'], $watch_paths));
+    }
+
+    public function test_current_broken_behavior_with_negation_patterns()
+    {
+        // This test demonstrates the CURRENT broken behavior
+        // where negation patterns are treated as literal strings
+        $changed_files = ['docker-compose/index.ts'];
+        $watch_paths = ['!docker-compose-test/**'];
+
+        // With the current broken implementation, this returns empty
+        // because it tries to match files starting with literal "!"
+        $matches = $this->matchWatchPathsCurrentBehavior($changed_files, $watch_paths);
+        $this->assertEmpty($matches); // This is why your webhook doesn't trigger!
+
+        // Even if the file had ! in the path, fnmatch would treat ! as a literal character
+        // not as a negation operator, so it still wouldn't match the pattern correctly
+        $changed_files = ['test/file.ts'];
+        $matches = $this->matchWatchPathsCurrentBehavior($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
+    }
+
+    public function test_order_based_matching_with_conflicting_patterns()
+    {
+        // Test case 1: Exclude then include - last pattern (include) should win
+        $changed_files = ['docker-compose/index.ts'];
+        $watch_paths = ['!docker-compose/**', 'docker-compose/**'];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertNotEmpty($matches);
+        $this->assertEquals(['docker-compose/index.ts'], $matches);
+
+        // Test case 2: Include then exclude - last pattern (exclude) should win
+        $watch_paths = ['docker-compose/**', '!docker-compose/**'];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+        $this->assertEmpty($matches);
+    }
+
+    public function test_order_based_matching_with_multiple_overlapping_patterns()
+    {
+        $changed_files = ['src/test/unit.js', 'src/components/Button.js', 'test/integration.js'];
+
+        // Include all JS, then exclude test dirs, then re-include specific test file
+        $watch_paths = [
+            '**/*.js',              // Include all JS files
+            '!**/test/**',          // Exclude all test directories
+            'src/test/unit.js',      // Re-include this specific test file
+        ];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+
+        // src/test/unit.js should be included (last specific pattern wins)
+        // src/components/Button.js should be included (only matches first pattern)
+        // test/integration.js should be excluded (matches exclude pattern, no override)
+        $this->assertCount(2, $matches);
+        $this->assertContains('src/test/unit.js', $matches);
+        $this->assertContains('src/components/Button.js', $matches);
+        $this->assertNotContains('test/integration.js', $matches);
+    }
+
+    public function test_order_based_matching_with_specific_overrides()
+    {
+        $changed_files = [
+            'docs/api.md',
+            'docs/guide.md',
+            'docs/internal/secret.md',
+            'src/index.js',
+        ];
+
+        // Exclude all docs, then include specific docs subdirectory
+        $watch_paths = [
+            '!docs/**',             // Exclude all docs
+            'docs/internal/**',     // But include internal docs
+            'src/**',                // Include src files
+        ];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+
+        // Only docs/internal/secret.md and src/index.js should be included
+        $this->assertCount(2, $matches);
+        $this->assertContains('docs/internal/secret.md', $matches);
+        $this->assertContains('src/index.js', $matches);
+        $this->assertNotContains('docs/api.md', $matches);
+        $this->assertNotContains('docs/guide.md', $matches);
+    }
+
+    public function test_order_based_matching_preserves_order_precedence()
+    {
+        $changed_files = ['app/config.json'];
+
+        // Multiple conflicting patterns - last match should win
+        $watch_paths = [
+            '**/*.json',        // Include (matches)
+            '!app/**',          // Exclude (matches)
+            'app/*.json',       // Include (matches) - THIS SHOULD WIN
+        ];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+
+        // File should be included because last matching pattern is inclusive
+        $this->assertNotEmpty($matches);
+        $this->assertEquals(['app/config.json'], $matches);
+
+        // Now reverse the last two patterns
+        $watch_paths = [
+            '**/*.json',        // Include (matches)
+            'app/*.json',       // Include (matches)
+            '!app/**',          // Exclude (matches) - THIS SHOULD WIN
+        ];
+
+        $matches = $this->matchWatchPaths($changed_files, $watch_paths);
+
+        // File should be excluded because last matching pattern is exclusive
+        $this->assertEmpty($matches);
+    }
+}