From 0db1437c6f3ee6fcde0dedebb00689f64f923300 Mon Sep 17 00:00:00 2001
From: matbgn <mat.gh@bqn.ch>
Date: Mon, 13 Jun 2022 17:16:55 +0200
Subject: [PATCH 1/9] Update Ghost to v5 breaking changes

---
 public/v4/apps/ghost-only.yml | 59 ++++++++++++------------
 public/v4/apps/ghost.yml      | 84 +++++++++++++++++++++--------------
 2 files changed, 81 insertions(+), 62 deletions(-)

diff --git a/public/v4/apps/ghost-only.yml b/public/v4/apps/ghost-only.yml
index dcaa65115..8fcbeb481 100644
--- a/public/v4/apps/ghost-only.yml
+++ b/public/v4/apps/ghost-only.yml
@@ -8,52 +8,52 @@ services:
             GHOST_EMAIL: $$cap_ghost_email
             GHOST_HOST: $$cap_ghost_host
             GHOST_PASSWORD: $$cap_ghost_password
-            GHOST_PROTOCOL: $$cap_ghost_protocol
+            GHOST_ENABLE_HTTPS: $$cap_ghost_protocol
             GHOST_PORT_NUMBER: $$cap_ghost_port
-            MARIADB_HOST: $$cap_mariadb_host
-            MARIADB_PORT_NUMBER: $$cap_mariadb_port_number
-            SMTP_FROM_ADDRESS: $$cap_ghost_smtp_from
-            SMTP_HOST: $$cap_ghost_smtp_host
-            SMTP_PASSWORD: $$cap_ghost_smtp_password
-            SMTP_PORT: $$cap_ghost_smtp_port
-            SMTP_SERVICE: $$cap_ghost_smtp_service
-            SMTP_USER: $$cap_ghost_smtp_user
+            GHOST_DATABASE_HOST: $$cap_db_host
+            GHOST_DATABASE_PORT_NUMBER: $$cap_db_port_number
+            GHOST_SMTP_FROM_ADDRESS: $$cap_ghost_smtp_from
+            GHOST_SMTP_HOST: $$cap_ghost_smtp_host
+            GHOST_SMTP_PASSWORD: $$cap_ghost_smtp_password
+            GHOST_SMTP_PORT: $$cap_ghost_smtp_port
+            GHOST_SMTP_USER: $$cap_ghost_smtp_user
+            GHOST_SMTP_PROTOCOL: $$cap_ghost_smtp_protocol
         image: bitnami/ghost:$$cap_ghost_version
         restart: always
         volumes:
-            - $$cap_appname-data:/bitnami
+            - $$cap_appname-data:/bitnami/ghost
         caproverExtra:
             containerHttpPort: '2368'
 caproverOneClickApp:
     variables:
-        - defaultValue: 3.4.0
+        - defaultValue: 5.2.2
           description: Check out their Docker page for the valid tags https://hub.docker.com/r/bitnami/ghost/tags
           id: $$cap_ghost_version
           label: Ghost Version
           validRegex: /^([^\s^\/])+$/
-        - description: Maria DB Host
+        - description: DB Host
           defaultValue: localhost
-          id: $$cap_mariadb_host
-          label: Maria DB Host
-        - description: Maria DB port
+          id: $$cap_db_host
+          label: DB Host
+        - description: DB port
           defaultValue: '3306'
-          id: $$cap_mariadb_port_number
-          label: MariaDB port
+          id: $$cap_db_port_number
+          label: DB port
         - description: Database name
           defaultValue: ghost
           id: $$cap_ghost_database_name
-          label: MariaDB Database name
+          label: Ghost Database name
           validRegex: /^([^\s^\/])+$/
         - description: User for database
           id: $$cap_ghost_database_user
-          label: MariaDB User
+          label: DB User
           validRegex: /^([^\s^\/])+$/
         - description: Password for database
           id: $$cap_ghost_database_password
-          label: MariaDB Ghost password
+          label: Ghost DB password
           validRegex: /^(?=.*\d).{10,}$/
         - defaultValue: youremail@example.com
-          description: Ghost application email, you will use it to login
+          description: Ghost administrator email, you will use it to login
           id: $$cap_ghost_email
           label: Ghost email
           validRegex: /^([^\s^\/])+$/
@@ -66,19 +66,18 @@ caproverOneClickApp:
           id: $$cap_ghost_host
           label: Ghost Host
           validRegex: /^([^\s^\/])+$/
-        - defaultValue: http
-          description: Protocol that you will be using
+        - defaultValue: 'yes'
+          description: Enable serving Ghost through HTTPS instead of HTTP
           id: $$cap_ghost_protocol
           label: Ghost Protocol
           validRegex: /^([^\s^\/])+$/
-        - defaultValue: '80'
+        - defaultValue: '2368'
           description: Port that you will be using
           id: $$cap_ghost_port
           label: Ghost Port
-        - defaultValue: GMail
-          description: Ghost uses node mailer, check this docs https://docs.ghost.org/concepts/config/#mail
-          id: $$cap_ghost_smtp_service
-          label: STMP service to use
+        - description: The SMTP protocol to use. Allowed values tls, ssl. No default.
+          id: $$cap_ghost_smtp_protocol
+          label: [OPTIONAL] STMP protocol
         - defaultValue: smtp.gmail.com
           description: The STMP host you will be using
           id: $$cap_ghost_smtp_host
@@ -102,6 +101,10 @@ caproverOneClickApp:
         end: >
             Ghost is deployed and available as $$cap_appname. 
 
+            Before starting using Ghost, you'll need to
+
+            - Enable HTTPS
+
             IMPORTANT: It will take up to 2 minutes for Ghost to be ready. Before that, you might see 502 error page.
         start: Ghost is a fully open source, adaptable platform for building and running a modern online publication. We power blogs, magazines and journalists from Zappos to Sky News.
     displayName: Ghost - No Database
diff --git a/public/v4/apps/ghost.yml b/public/v4/apps/ghost.yml
index 68b9943e1..75e4b7ad8 100644
--- a/public/v4/apps/ghost.yml
+++ b/public/v4/apps/ghost.yml
@@ -5,62 +5,71 @@ services:
             GHOST_DATABASE_NAME: ghost
             GHOST_DATABASE_PASSWORD: $$cap_db_ghost_password
             GHOST_DATABASE_USER: ghost
+            GHOST_BLOG_TITLE: $$cap_ghost_blog_title
+            GHOST_USERNAME: $$cap_ghost_user
             GHOST_EMAIL: $$cap_ghost_email
             GHOST_HOST: $$cap_ghost_host
             GHOST_PASSWORD: $$cap_ghost_password
-            GHOST_PROTOCOL: $$cap_ghost_protocol
+            GHOST_ENABLE_HTTPS: $$cap_ghost_protocol
             GHOST_PORT_NUMBER: $$cap_ghost_port
-            MARIADB_HOST: srv-captain--$$cap_appname-db
-            MARIADB_PORT_NUMBER: '3306'
-            SMTP_FROM_ADDRESS: $$cap_ghost_smtp_from
-            SMTP_HOST: $$cap_ghost_smtp_host
-            SMTP_PASSWORD: $$cap_ghost_smtp_password
-            SMTP_PORT: $$cap_ghost_smtp_port
-            SMTP_SERVICE: $$cap_ghost_smtp_service
-            SMTP_USER: $$cap_ghost_smtp_user
+            GHOST_DATABASE_HOST: srv-captain--$$cap_appname-db
+            GHOST_DATABASE_PORT_NUMBER: '3306'
+            GHOST_SMTP_FROM_ADDRESS: $$cap_ghost_smtp_from
+            GHOST_SMTP_HOST: $$cap_ghost_smtp_host
+            GHOST_SMTP_PASSWORD: $$cap_ghost_smtp_password
+            GHOST_SMTP_PORT: $$cap_ghost_smtp_port
+            GHOST_SMTP_USER: $$cap_ghost_smtp_user
+            GHOST_SMTP_PROTOCOL: $$cap_ghost_smtp_protocol
         image: bitnami/ghost:$$cap_ghost_version
         restart: always
         volumes:
-            - $$cap_appname-data:/bitnami
+            - $$cap_appname-data:/bitnami/ghost
+        depends_on:
+            - $$cap_appname-db
         caproverExtra:
             containerHttpPort: '2368'
     $$cap_appname-db:
         environment:
-            MARIADB_DATABASE: ghost
-            MARIADB_PASSWORD: $$cap_db_ghost_password
-            MARIADB_ROOT_PASSWORD: $$cap_db_password
-            MARIADB_ROOT_USER: $$cap_db_user
-            MARIADB_USER: ghost
-        image: bitnami/mariadb:10.1
+            MYSQL_DATABASE: ghost
+            MYSQL_PASSWORD: $$cap_db_ghost_password
+            MYSQL_ROOT_PASSWORD: $$cap_db_password
+            MYSQL_ROOT_USER: $$cap_db_user
+            MYSQL_USER: ghost
+        image: bitnami/mysql:8.0
         restart: always
         volumes:
-            - $$cap_appname-mariadb-data:/bitnami
+            - $$cap_appname-db-data:/bitnami/mysql
         caproverExtra:
             notExposeAsWebApp: 'true'
 caproverOneClickApp:
     variables:
-        - defaultValue: 2.16.4
+        - defaultValue: 5.2.2
           description: Check out their Docker page for the valid tags https://hub.docker.com/r/bitnami/ghost/tags
           id: $$cap_ghost_version
           label: Ghost Version
           validRegex: /^([^\s^\/])+$/
         - defaultValue: admin
-          description: Root user that will be created on MariaDB
+          description: Root user that will be created on DB
           id: $$cap_db_user
-          label: MariaDB root user
+          label: MYSQL root user
           validRegex: /^([^\s^\/])+$/
-        - description: Root password that will be created on MariaDB
+        - description: Root password that will be created on MYSQL
           id: $$cap_db_password
-          label: MariaDB root password
+          label: MYSQL root password
           validRegex: /^(?=.*\d).{10,}$/
         - description: Password for database user named `ghost`
           id: $$cap_db_ghost_password
-          label: MariaDB Ghost password
+          label: MYSQL Ghost password
           validRegex: /^(?=.*\d).{10,}$/
+        - defaultValue: user
+          description: Ghost administrator user
+          id: $$cap_ghost_user
+          label: Ghost administrator username
+          validRegex: /^([^\s^\/])+$/
         - defaultValue: youremail@example.com
-          description: Ghost application email, you will use it to login
+          description: Ghost administrator email, you will use it to login
           id: $$cap_ghost_email
-          label: Ghost email
+          label: Ghost administrator email
           validRegex: /^([^\s^\/])+$/
         - description: The admin password must be at least 10 characters, and at least one number and letter
           id: $$cap_ghost_password
@@ -71,24 +80,24 @@ caproverOneClickApp:
           id: $$cap_ghost_host
           label: Ghost Host
           validRegex: /^([^\s^\/])+$/
-        - defaultValue: http
-          description: Protocol that you will be using
+        - defaultValue: 'yes'
+          description: Enable serving Ghost through HTTPS instead of HTTP
           id: $$cap_ghost_protocol
           label: Ghost Protocol
           validRegex: /^([^\s^\/])+$/
-        - defaultValue: '80'
+        - defaultValue: '2368'
           description: Port that you will be using
           id: $$cap_ghost_port
           label: Ghost Port
-        - defaultValue: GMail
-          description: Ghost uses node mailer, check this docs https://docs.ghost.org/concepts/config/#mail
-          id: $$cap_ghost_smtp_service
-          label: STMP service to use
+        - defaultValue: 'User blog'
+          description: Blog name that will be displayed
+          id: $$cap_ghost_blog_title
+          label: Ghost Blog Title
         - defaultValue: smtp.gmail.com
           description: The STMP host you will be using
           id: $$cap_ghost_smtp_host
           label: STMP host
-        - defaultValue: '465'
+        - defaultValue: '587'
           description: The STMP port you will be using
           id: $$cap_ghost_smtp_port
           label: STMP port
@@ -99,7 +108,10 @@ caproverOneClickApp:
         - description: Your password on the SMTP service
           id: $$cap_ghost_smtp_password
           label: STMP password
-        - defaultValue: your_email@gmail.com
+        - description: The SMTP protocol to use. Allowed values tls, ssl. No default.
+          id: $$cap_ghost_smtp_protocol
+          label: [OPTIONAL] STMP protocol
+        - defaultValue: blog@example.com
           description: STMP from address
           id: $$cap_ghost_smtp_from
           label: STMP from address
@@ -107,6 +119,10 @@ caproverOneClickApp:
         end: >
             Ghost is deployed and available as $$cap_appname. 
 
+            Before starting using Ghost, you'll need to
+
+            - Enable HTTPS
+
             IMPORTANT: It will take up to 2 minutes for Ghost to be ready. Before that, you might see 502 error page.
         start: Ghost is a fully open source, adaptable platform for building and running a modern online publication. We power blogs, magazines and journalists from Zappos to Sky News.
     displayName: ''

From 1ea7baf4ccc53784cd8063884dbda8195ada75a7 Mon Sep 17 00:00:00 2001
From: matbgn <mat.gh@bqn.ch>
Date: Mon, 13 Jun 2022 20:10:02 +0200
Subject: [PATCH 2/9] Fix formatting issue

---
 public/v4/apps/ghost-only.yml | 2 +-
 public/v4/apps/ghost.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/public/v4/apps/ghost-only.yml b/public/v4/apps/ghost-only.yml
index 8fcbeb481..b6c01cd03 100644
--- a/public/v4/apps/ghost-only.yml
+++ b/public/v4/apps/ghost-only.yml
@@ -77,7 +77,7 @@ caproverOneClickApp:
           label: Ghost Port
         - description: The SMTP protocol to use. Allowed values tls, ssl. No default.
           id: $$cap_ghost_smtp_protocol
-          label: [OPTIONAL] STMP protocol
+          label: '[OPTIONAL] STMP protocol'
         - defaultValue: smtp.gmail.com
           description: The STMP host you will be using
           id: $$cap_ghost_smtp_host
diff --git a/public/v4/apps/ghost.yml b/public/v4/apps/ghost.yml
index 75e4b7ad8..8987b5e33 100644
--- a/public/v4/apps/ghost.yml
+++ b/public/v4/apps/ghost.yml
@@ -110,7 +110,7 @@ caproverOneClickApp:
           label: STMP password
         - description: The SMTP protocol to use. Allowed values tls, ssl. No default.
           id: $$cap_ghost_smtp_protocol
-          label: [OPTIONAL] STMP protocol
+          label: '[OPTIONAL] STMP protocol'
         - defaultValue: blog@example.com
           description: STMP from address
           id: $$cap_ghost_smtp_from

From bd654288afe4f07f6caabb2feb7dc42294409496 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <mat.gh@bqn.ch>
Date: Mon, 4 Jul 2022 21:44:14 +0200
Subject: [PATCH 3/9] Upgrade keycloak to v18+ and switch to official repos
 breaking changes

---
 public/v4/apps/keycloak.yml | 49 +++++++++++++++++++++++--------------
 1 file changed, 30 insertions(+), 19 deletions(-)

diff --git a/public/v4/apps/keycloak.yml b/public/v4/apps/keycloak.yml
index d69ef6862..3b4a7e547 100644
--- a/public/v4/apps/keycloak.yml
+++ b/public/v4/apps/keycloak.yml
@@ -1,4 +1,3 @@
-# tested on CR 1.10.1 2022-01-08 by sneak
 captainVersion: 4
 services:
     $$cap_appname-db:
@@ -13,45 +12,47 @@ services:
         caproverExtra:
             notExposeAsWebApp: 'true'
     $$cap_appname:
-        image: jboss/keycloak:$$cap_keycloak_version
         depends_on:
             - $$cap_appname-db
         restart: always
         environment:
             DB_VENDOR: postgres
             DB_ADDR: srv-captain--$$cap_appname-db
-            POSTGRES_DB: keycloak
+            DB_DATABASE: keycloak
             DB_USER: keycloak
             DB_PASSWORD: $$cap_pg_pass
-            KEYCLOAK_USER: $$cap_keycloak_user
-            KEYCLOAK_PASSWORD: $$cap_keycloak_password
-            PROXY_ADDRESS_FORWARDING: 'true'
+            KEYCLOAK_ADMIN: $$cap_keycloak_admin
+            KEYCLOAK_ADMIN_PASSWORD: $$cap_keycloak_password
         caproverExtra:
             containerHttpPort: '8080'
+            dockerfileLines:
+                - FROM quay.io/keycloak/keycloak:$$cap_keycloak_version
+                # TODO: Persistance in database KO -> to be fixed
+                - CMD ["start", "--hostname=$$cap_appname.$$cap_root_domain", "--proxy=edge", "--db-url-host=jdbc:postgresql://srv-captain--$$cap_appname-db/keycloak", "--db-username=keycloak", "--db-password=$$cap_pg_pass"]
 caproverOneClickApp:
     variables:
         - id: $$cap_postgres_version
           label: Postgres Version
-          defaultValue: '9.6'
-          description: Check out their Docker page for the valid tags https://hub.docker.com/r/library/postgres/tags/
+          defaultValue: '10.21'
+          description: Check out their DB page for any valid major tested https://www.keycloak.org/server/db 
           validRegex: /^([^\s^\/])+$/
         - id: $$cap_keycloak_version
           label: Keycloak Version
-          defaultValue: 16.1.0
-          description: v16.1.0 current as of 2021-12-21.  Check out their Docker page for the valid tags https://hub.docker.com/r/jboss/keycloak/tags
+          defaultValue: 18.0.2
+          description: v18.0.2 current as of 2022-07-04.  Check out their Docker page for the valid tags https://quay.io/repository/keycloak/keycloak?tab=tags
           validRegex: /^([^\s^\/])+$/
         - id: $$cap_pg_pass
           label: Postgres Password
           description: 'App-to-app database credential.  12-20 characters.'
           defaultValue: $$cap_gen_random_hex(20)
           validRegex: /.{12,20}/
-        - id: $$cap_keycloak_user
-          label: Keycloak user
-          description: 'Login username for the first web user.'
+        - id: $$cap_keycloak_admin
+          label: Keycloak admin user
+          description: 'Login username for the admin web user.'
           validRegex: /.{1,}/
         - id: $$cap_keycloak_password
-          label: Keycloak password
-          description: 'Login password for the first web user.  12-20 characters.'
+          label: Keycloak admin password
+          description: 'Login password for the admin web user.  12-20 characters.'
           defaultValue: $$cap_gen_random_hex(20)
           validRegex: /.{12,20}/
     instructions:
@@ -62,11 +63,21 @@ caproverOneClickApp:
 
             For source code, see: https://github.com/keycloak/keycloak
 
-            For docker image, see: https://hub.docker.com/r/jboss/keycloak
+            For docker image, see: https://quay.io/repository/keycloak/keycloak
+
+            Enter your Keycloak Configuration parameters and click on next.
+        end: >
+            Keycloak is deployed and available as $$cap_appname. 
+            
+            Before starting using Keycloak, you'll need to
+
+            - Enable HTTPS
+
+            - Force HTTPS by redirecting all HTTP traffic to HTTPS
 
-            Enter your Keycloak Configuration parameters and click on next. It will take about a minute for the process to finish.
-        end: Keycloak is deployed and available as srv-captain--$$cap_appname:8080 to other apps
+            
+            IMPORTANT: It will take up to 1 minutes for Keycloak to be ready. Before that, you might see 502 error page.
     displayName: ''
     isOfficial: true
     description: Keycloak is an open source identity and access management solution
-    documentation: Taken from https://github.com/jboss-dockerfiles/keycloak/blob/master/server/README.md
+    documentation: Taken from https://github.com/keycloak/keycloak-containers/blob/main/docker-compose-examples/keycloak-postgres.yml

From 478374565c9ad51acbac4befa8298ee44f95bdc8 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <mat.gh@bqn.ch>
Date: Tue, 5 Jul 2022 08:38:19 +0200
Subject: [PATCH 4/9] Made data persistent trough postgres

---
 public/v4/apps/keycloak.yml | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/public/v4/apps/keycloak.yml b/public/v4/apps/keycloak.yml
index 3b4a7e547..391790b85 100644
--- a/public/v4/apps/keycloak.yml
+++ b/public/v4/apps/keycloak.yml
@@ -16,19 +16,27 @@ services:
             - $$cap_appname-db
         restart: always
         environment:
-            DB_VENDOR: postgres
-            DB_ADDR: srv-captain--$$cap_appname-db
-            DB_DATABASE: keycloak
-            DB_USER: keycloak
-            DB_PASSWORD: $$cap_pg_pass
             KEYCLOAK_ADMIN: $$cap_keycloak_admin
             KEYCLOAK_ADMIN_PASSWORD: $$cap_keycloak_password
+            KC_DB_PASSWORD: $$cap_pg_pass
         caproverExtra:
             containerHttpPort: '8080'
             dockerfileLines:
+                - FROM quay.io/keycloak/keycloak:$$cap_keycloak_version as builder
+                - ENV KC_HEALTH_ENABLED=true
+                - ENV KC_METRICS_ENABLED=false
+                - ENV KC_FEATURES=token-exchange,recovery-codes
+                - ENV KC_DB=postgres
+                - RUN /opt/keycloak/bin/kc.sh build
+
                 - FROM quay.io/keycloak/keycloak:$$cap_keycloak_version
-                # TODO: Persistance in database KO -> to be fixed
-                - CMD ["start", "--hostname=$$cap_appname.$$cap_root_domain", "--proxy=edge", "--db-url-host=jdbc:postgresql://srv-captain--$$cap_appname-db/keycloak", "--db-username=keycloak", "--db-password=$$cap_pg_pass"]
+                - COPY --from=builder /opt/keycloak/ /opt/keycloak/
+                - WORKDIR /opt/keycloak
+                - ENV KC_DB_URL=jdbc:postgresql://srv-captain--$$cap_appname-db/keycloak
+                - ENV KC_DB_USERNAME=keycloak
+                - ENV KC_DB_PASSWORD=$$cap_pg_pass
+                - ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", "--hostname=$$cap_appname.$$cap_root_domain", "--proxy=edge"]
+
 caproverOneClickApp:
     variables:
         - id: $$cap_postgres_version

From 11192fe785691ce5644b1a10b08b0bea50b495c6 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <mat.gh@bqn.ch>
Date: Tue, 5 Jul 2022 18:44:12 +0200
Subject: [PATCH 5/9] Fix formatting

---
 public/v4/apps/keycloak.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/public/v4/apps/keycloak.yml b/public/v4/apps/keycloak.yml
index 391790b85..448122808 100644
--- a/public/v4/apps/keycloak.yml
+++ b/public/v4/apps/keycloak.yml
@@ -42,7 +42,7 @@ caproverOneClickApp:
         - id: $$cap_postgres_version
           label: Postgres Version
           defaultValue: '10.21'
-          description: Check out their DB page for any valid major tested https://www.keycloak.org/server/db 
+          description: Check out their DB page for any valid major tested https://www.keycloak.org/server/db
           validRegex: /^([^\s^\/])+$/
         - id: $$cap_keycloak_version
           label: Keycloak Version
@@ -76,14 +76,14 @@ caproverOneClickApp:
             Enter your Keycloak Configuration parameters and click on next.
         end: >
             Keycloak is deployed and available as $$cap_appname. 
-            
+
             Before starting using Keycloak, you'll need to
 
             - Enable HTTPS
 
             - Force HTTPS by redirecting all HTTP traffic to HTTPS
 
-            
+
             IMPORTANT: It will take up to 1 minutes for Keycloak to be ready. Before that, you might see 502 error page.
     displayName: ''
     isOfficial: true

From 2ae380506844e9f44a2dd9a7b290be0178439bb3 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <mat.gh@bqn.ch>
Date: Wed, 6 Jul 2022 20:52:32 +0200
Subject: [PATCH 6/9] Update outline to v0.64+ & add OIDC connector & add SMTP
 config & document OSS alternatives

---
 public/v4/apps/outline.yml | 215 ++++++++++++++++++++++++++++---------
 1 file changed, 167 insertions(+), 48 deletions(-)

diff --git a/public/v4/apps/outline.yml b/public/v4/apps/outline.yml
index d48bfae96..b26cfd17e 100644
--- a/public/v4/apps/outline.yml
+++ b/public/v4/apps/outline.yml
@@ -1,17 +1,14 @@
 captainVersion: 4
 services:
     $$cap_appname-redis:
-        image: redis:5
-        caproverExtra:
-            notExposeAsWebApp: 'true'
-    $$cap_appname-fakes3:
-        image: lphoward/fake-s3
+        image: redis:$$cap_redis_version
         volumes:
-            - $$cap_appname-fakes3:/fakes3_root
+            - $$cap_appname-redis-data:/redis.conf
+        restart: always
         caproverExtra:
             notExposeAsWebApp: 'true'
     $$cap_appname-db:
-        image: postgres:12.2
+        image: postgres:$$cap_postgres_version
         volumes:
             - $$cap_appname-db-data:/var/lib/postgresql/data
         restart: always
@@ -21,84 +18,206 @@ services:
             POSTGRES_DB: outline
         caproverExtra:
             notExposeAsWebApp: 'true'
-    $$cap_appname-outline:
+    $$cap_appname:
         depends_on:
-            - $$cap_appname-fakes3
             - $$cap_appname-redis
             - $$cap_appname-db
         image: outlinewiki/outline:$$cap_outline_version
         environment:
             SECRET_KEY: $$cap_secret_key
             UTILS_SECRET: $$cap_utils_secret
-            AWS_ACCESS_KEY_ID: get_a_key_from_aws
-            AWS_SECRET_ACCESS_KEY: get_the_secret_of_above_key
-            AWS_REGION: xx-xxxx-x
-            AWS_S3_UPLOAD_BUCKET_URL: http://srv-captain--$$cap_appname-fakes3:4569
-            AWS_S3_UPLOAD_BUCKET_NAME: bucket_name_here
+            DATABASE_URL: postgres://$$cap_db_user:$$cap_db_pass@srv-captain--$$cap_appname-db:5432/outline
+            DATABASE_URL_TEST: postgres://$$cap_db_user:$$cap_db_pass@srv-captain--$$cap_appname-db:5432/outline-test
+            PGSSLMODE: disable
+            REDIS_URL: redis://srv-captain--$$cap_appname-redis:6379
+            URL: https://$$cap_appname.$$cap_root_domain
+            PORT: '80'
+            AWS_S3_UPLOAD_BUCKET_URL: $$cap_s3_storage_url
+            AWS_REGION: $$cap_s3_storage_region
+            AWS_S3_UPLOAD_BUCKET_NAME: $$cap_s3_storage_bucket_name
+            AWS_ACCESS_KEY_ID: $$cap_s3_storage_access_key_id
+            AWS_SECRET_ACCESS_KEY: $$cap_s3_storage_secret_access_key
             AWS_S3_UPLOAD_MAX_SIZE: '26214400'
+            AWS_S3_FORCE_PATH_STYLE: true
             AWS_S3_ACL: private
+            OIDC_CLIENT_ID: $$cap_oidc_client_id
+            OIDC_CLIENT_SECRET: $$cap_oidc_client_secret
+            OIDC_AUTH_URI: $$cap_oidc_auth_uri
+            OIDC_TOKEN_URI: $$cap_oidc_token_uri
+            OIDC_USERINFO_URI: $$cap_oidc_userinfo_uri
+            OIDC_USERNAME_CLAIM: preferred_username
+            OIDC_DISPLAY_NAME: OpenID
+            OIDC_SCOPES: 'openid profile email'
             SLACK_KEY: $$cap_slack_key
             SLACK_SECRET: $$cap_slack_secret
             GOOGLE_CLIENT_ID: $$cap_google_client_id
             GOOGLE_CLIENT_SECRET: $$cap_google_client_secret
             FORCE_HTTPS: 'false'
-            DEPLOYMENT: self
             ENABLE_UPDATES: 'false'
-            SUBDOMAINS_ENABLED: 'false'
-            WEBSOCKETS_ENABLED: 'false'
-            DEBUG: cache,presenters,events
-            URL: https://$$cap_appname-outline.$$cap_root_domain
-            PORT: '80'
-            REDIS_URL: redis://srv-captain--$$cap_appname-redis:6379
-            DATABASE_URL_TEST: postgres://$$cap_db_user:$$cap_db_pass@srv-captain--$$cap_appname-db:5432/outline-test
-            DATABASE_URL: postgres://$$cap_db_user:$$cap_db_pass@srv-captain--$$cap_appname-db:5432/outline
+            DEBUG: http
+            SMTP_HOST: $$cap_smtp_host
+            SMTP_PORT: $$cap_smtp_port
+            SMTP_USERNAME: $$cap_smtp_username
+            SMTP_PASSWORD: $$cap_smtp_password
+            SMTP_FROM_EMAIL: $$cap_smtp_from_email
+            SMTP_REPLY_EMAIL: $$cap_smtp_reply_email
+            SMTP_TLS_CIPHERS: $$cap_smtp_tls_ciphers
+            SMTP_SECURE: $$cap_smtp_secure
+            DEFAULT_LANGUAGE: $$cap_default_language
 caproverOneClickApp:
     variables:
+        - id: $$cap_outline_version
+          label: Outline Version
+          defaultValue: 0.64.3
+          description: Check out their page for the valid tags https://hub.docker.com/r/outlinewiki/outline/tags
+          validRegex: /^([^\s^\/])+$/
+        - id: $$cap_postgres_version
+          label: Postgres Version
+          defaultValue: '14.4'
+          description: Check out their page for the valid tags https://hub.docker.com/_/postgres?tab=tags
+          validRegex: /^([^\s^\/])+$/
+        - id: $$cap_redis_version
+          label: Redis Version
+          defaultValue: 7.0.2
+          description: Check out their Docker page for the valid tags https://hub.docker.com/_/redis?tab=tags
+          validRegex: /^([^\s^\/])+$/
+        - id: $$cap_secret_key
+          label: SECRET_KEY
+          description: 'Run this command to generate a key: `openssl rand -hex 32`'
+          validRegex: /^([0-9a-f]){64}$/
+        - id: $$cap_utils_secret
+          label: UTILS_SECRET
+          description: 'Run this command to generate a key: `openssl rand -hex 32`'
+          validRegex: /^([0-9a-f]){64}$/
         - id: $$cap_db_user
           label: Database user
-          defaultValue: outlineuser
-          validRegex: /^([a-zA-Z0-9])+$/
+          defaultValue: outline_user
+          validRegex: /^([a-zA-Z0-9_])+$/
         - id: $$cap_db_pass
           label: Database password
           description: ''
+          defaultValue: $$cap_gen_random_hex(20)
           validRegex: /.{8,}/
+        - id: $$cap_s3_storage_url
+          label: S3 Storage compatible API URL for instance Minio, AWS, etc.
+          description: 'NB: You can have your own S3 storage by using the Open Source Minio alternative (there is a Caprover one-click-apps for that)'
+          defaultValue: https://YOUR_S3_STORAGE_PROVIDER_API_URL
+        - id: $$cap_s3_storage_region
+          label: S3 Storage region
+          description: 'Name of the location of the server e.g. "us-west-rack2"'
+          defaultValue: eu-east-1
+        - id: $$cap_s3_storage_bucket_name
+          label: S3 Storage bucket name
+          description: "Log into the Minio dashboard, then select the `Create Bucket` menu option to create a new bucket (e.g. named outline-data). Don't forget to add `Read and Write` policy to the bucket so the Outline app would be able to upload content"
+          defaultValue: outline-data
+        - id: $$cap_s3_storage_access_key_id
+          label: S3 storage Access Key ID
+          description: 'For instance in your Minio instance, create a new user called outline_user for the outline app with a new policy that grants full access inside the bucket (e.g. outlineAppFullAccess - see also https://wiki.generaloutline.com/share/125de1cc-9ff6-424b-8415-0d58c809a40f#h-iam-policy)'
+          defaultValue: outline_user
+        - id: $$cap_s3_storage_secret_access_key
+          label: S3 storage Secret Access Key
+          description: 'For instance in your Minio instance it correponds to the password/secret of above outline_user'
+        - id: $$cap_oidc_client_id
+          label: Client ID created in your Generic OIDC server (e.g. in Keycloak)
+          description: 'E.g. for Keycloak: In the Clients section, create a new client application. Name the app outline_app for simplicity. Also, provide the Root URL where you have installed/planned to install Outline. After that, make sure `Access Type` is set to `confidential` and `Direct Access Grants Enabled` is `OFF` so the Oauth flow initiated by Outline can work as expected.'
+          defaultValue: outline_app
+        - id: $$cap_oidc_client_secret
+          label: Secret for the corresponding Client ID
+          description: 'Found in the Credentials tab in Keycloak'
+        - id: $$cap_oidc_auth_uri
+          label: Authorization Endpoint
+          description: 'In the recent version of Keycloak, the path /auth/ is optional, and the default master realm is not recommended for anything else except managing Keycloak itself. For example you could name the realm `outline`: http://localhost:8080/realms/outline/protocol/openid-connect/auth'
+          defaultValue: 'https://YOUR_IAM_PROVIDER_URL/realms/outline/protocol/openid-connect/auth'
+        - id: $$cap_oidc_token_uri
+          label: Token Management Endpoint
+          description: 'For example with the realm named `outline`: http://localhost:8080/realms/outline/protocol/openid-connect/token'
+          defaultValue: 'https://YOUR_IAM_PROVIDER_URL/realms/outline/protocol/openid-connect/token'
+        - id: $$cap_oidc_userinfo_uri
+          label: User Informations Endpoint
+          description: 'For example with the realm named `outline`: http://localhost:8080/realms/outline/protocol/openid-connect/userinfo'
+          defaultValue: 'https://YOUR_IAM_PROVIDER_URL/realms/outline/protocol/openid-connect/userinfo'
         - id: $$cap_slack_key
           label: Slack Key
-          description: 'IMPORTANT: You need to, at least, set one 3rd party login method, either Slack or Google'
-          defaultValue: get_a_key_from_slack
         - id: $$cap_slack_secret
           label: Slack Secret
-          description: ''
-          defaultValue: get_the_secret_of_above_key
         - id: $$cap_google_client_id
           label: Google Client ID
         - id: $$cap_google_client_secret
           label: Google Client Secret
-          description: ''
-        - id: $$cap_secret_key
-          label: SECRET_KEY
-          description: 'Run this command to generate a key: openssl rand -hex 32'
-          defaultValue: c63eaeed7ee7459098e2901ed87c8b70817428b85fbe3ef59cb6a79abb2bbf4a
-          validRegex: /^([0-9a-f]){64}$/
-        - id: $$cap_utils_secret
-          label: UTILS_SECRET
-          description: 'Run this command to generate a key: openssl rand -hex 32'
-          defaultValue: c9b4d178130f53efc7419eaec9a2e764481269c9602c2ef2e541bdadc63b5bbf
-          validRegex: /^([0-9a-f]){64}$/
-        - id: $$cap_outline_version
-          label: Outline Version
-          defaultValue: version-0.41.0
-          description: Check out their page for the valid tags https://hub.docker.com/r/outlinewiki/outline/tags
-          validRegex: /^([^\s^\/])+$/
+        - id: $$cap_smtp_host
+          label: SMTP host
+          description: To support sending outgoing transactional emails such as "document updated" or "you've been invited" you'll need to provide authentication for an SMTP server
+        - id: $$cap_smtp_port
+          label: SMTP port
+        - id: $$cap_smtp_username
+          label: SMTP username
+        - id: $$cap_smtp_password
+          label: SMTP password
+        - id: $$cap_smtp_from_email
+          label: SMTP from email
+        - id: $$cap_smtp_reply_email
+          label: SMTP reply email
+        - id: $$cap_smtp_tls_ciphers
+          label: SMTP TLS ciphers
+        - id: $$cap_smtp_secure
+          label: SMTP Secure
+          defaultValue: true
+        - id: $$cap_default_language
+          label: The default interface language
+          description: See translate.getoutline.com for a list of available language codes and their rough percentage translated.
+          defaultValue: en_US
     instructions:
-        start: Outline is an open, extensible, wiki for your team built using React and Node.js.
+        start: >
+            Outline is an open, extensible, wiki for your team built using React and Node.js.
+
+
+            Outline requires an external authentication provider such as Google/Slack, etc. 
+            If you don't want to rely on those solutions you can use a generic OpenID Connect Server. 
+            For instance you can use the Open Source Keycloak alternative (there is a Caprover one-click-apps for that)
+
+
+            IMPORTANT: You need to, at least, set one 3rd party login method, either Keycloak, Slack or Google
         end: >
             IMPORTANT: before you start using Outline, you need to 
 
              1) Enable HTTPS 
              2) Force HTTPS 
-             3) Enable Websocket in $$cap_appname-outline. 
-             4) Run database migration `npm run sequelize:migrate` within the $$cap_appname-outline docker container.  
+             3) Enable Websocket in $$cap_appname. 
+             4) Run database migration `npm run sequelize:migrate` within the $$cap_appname docker container.  
+
+             
+            ```
+            var preDeployFunction = async function (captainAppObj, dockerUpdateObject) {
+              const DockerApi = require("./built/docker/DockerApi");
+              const api = new DockerApi.default();
+
+              const setServiceInstances = async (service, count) => {
+                  const inspection = await service.inspect();
+                  const updateObject = { ...inspection.Spec, Mode: { Replicated: { Replicas: count } }, version: inspection.Version.Index };
+                  await service.update(updateObject);
+              };
+
+              const run = async args => {
+                  const imageName = dockerUpdateObject.TaskTemplate.ContainerSpec.Image;
+                  const env = captainAppObj.envVars.map(kv => kv.key + "=" + kv.value);
+                  const config = { Env: env, HostConfig: { AutoRemove: true, NetworkMode: captainAppObj.networks[0] } };
+
+                  const [output] = await api.dockerode.run(imageName, args, process.stdout, config);
+
+                  if (output.StatusCode !== 0) {
+                      throw new Error(`Failed to run image ${imageName} with args ${args} (status code ${output.StatusCode}).`);
+                  }
+              };
+
+              const service = api.dockerode.getService(dockerUpdateObject.Name);
+              await setServiceInstances(service, 0);
+              await run(["yarn", "sequelize:migrate", "--env=production-ssl-disabled"]);
+              dockerUpdateObject.version = (await service.inspect()).Version.Index;
+
+              return dockerUpdateObject;
+            };
+            ```
+
 
             You can customize more settings by environmental variables described here: https://github.com/outline/outline/blob/0deecfac446c37545e0787b3d32062e608a950ab/.env.sample 
 

From 5c888edb13a2454bea5a340c2780c6027c020728 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <matthieu.borgognon@advance-ticket.ch>
Date: Thu, 23 Mar 2023 12:55:02 +0100
Subject: [PATCH 7/9] Add Helper Project Management

---
 public/v4/apps/helper.yml  |  94 +++++++++++++++++++++++++++++++++++++
 public/v4/logos/helper.png | Bin 0 -> 11340 bytes
 2 files changed, 94 insertions(+)
 create mode 100644 public/v4/apps/helper.yml
 create mode 100644 public/v4/logos/helper.png

diff --git a/public/v4/apps/helper.yml b/public/v4/apps/helper.yml
new file mode 100644
index 000000000..cc8c17f23
--- /dev/null
+++ b/public/v4/apps/helper.yml
@@ -0,0 +1,94 @@
+captainVersion: 4
+caproverOneClickApp:
+  variables:
+    - id: $$cap_helper_version
+      label: Helper Version
+      defaultValue: '1.2.3'
+      description: Check out their Docker page for the valid tags https://hub.docker.com/r/eloufirhatim/helper/tags
+      validRegex: "/^([^\\s^\\/])+$/"
+    - id: $$cap_mysql_version  
+      label: SQL Version
+      defaultValue: '5.7'
+      description: Check out their project https://github.com/devaslanphp/project-management/blob/master/docker-compose.yml
+      validRegex: "/^([^\\s^\\/])+$/"
+    - id: $$cap_db_pass
+      label: Database password
+      defaultValue: $$cap_gen_random_hex(20)
+      validRegex: /.{8,}/
+    - id: $$cap_mail_host
+      label: Mail host
+      description: To support sending outgoing emails you'll need to provide authentication for an SMTP server
+    - id: $$cap_mail_port
+      label: Mail port
+      defaultValue: '587'
+    - id: $$cap_mail_username
+      label: Mail username
+    - id: $$cap_mail_from_address
+      label: Mail From Address
+    - id: $$cap_mail_password
+      label: Mail password
+    - id: $$cap_mail_tls_encryption
+      label: Mail Encryption
+      defaultValue: "TLS"
+  instructions:
+    start: |-
+      Helper (Project Manager), is a great tool if you want to manage your projects, tickets and be here for your clients
+
+      It comes also with more than 60 languages ready to use.
+
+      All this made with the best technologies.
+    end: |-
+      Helper has been successfully deployed!
+
+      IMPORTANT: before you start using Helper, you need to 
+      
+        1) Enable HTTPS 
+        2) Force HTTPS 
+
+      You can customize more settings by environmental variables described here: https://github.com/devaslanphp/project-management/blob/master/.env.example
+
+      IMPORTANT: It will take up to 2 minutes for it to be ready. Before that, you might see a 502 error page.
+  displayName: Helper
+  isOfficial: true
+  description: 
+  documentation: See https://devaslanphp.github.io/project-management/#/
+services:
+  $$cap_appname-db:
+    volumes:
+      - $$cap_appname-db-data:/var/lib/mysql
+    environment:
+      MYSQL_DATABASE: helper
+      MYSQL_USER: helper
+      MYSQL_PASSWORD: $$cap_db_pass
+      MYSQL_ROOT_PASSWORD: $$cap_db_pass
+    restart: unless-stopped
+    caproverExtra:
+      notExposeAsWebApp: 'true'
+      dockerfileLines:
+        - FROM mysql:$$cap_mysql_version
+        - CMD ["mysqld", "--default-storage-engine", "innodb"]
+  $$cap_appname:
+    image: eloufirhatim/helper:$$cap_helper_version
+    environment:
+      APP_URL: https://$$cap_appname.$$cap_root_domain
+      APP_FORCE_HTTPS: true
+      DB_CONNECTION: mysql
+      DB_HOST: srv-captain--$$cap_appname-db
+      DB_PORT: 3306
+      DB_DATABASE: helper
+      DB_USERNAME: helper
+      DB_PASSWORD: $$cap_db_pass
+      MAIL_MAILER: smtp
+      MAIL_HOST: $$cap_mail_host
+      MAIL_PORT: $$cap_mail_port
+      MAIL_USERNAME: $$cap_mail_username
+      MAIL_FROM_ADDRESS: $$cap_mail_from_address
+      MAIL_PASSWORD: $$cap_mail_password
+      MAIL_ENCRYPTION: $$cap_mail_tls_encryption
+    depends_on:
+      - $$cap_appname-db
+    restart: "no"
+    volumes:
+      - /etc/localtime:/etc/localtime
+    caproverExtra:
+      containerHttpPort: '8000'
\ No newline at end of file
diff --git a/public/v4/logos/helper.png b/public/v4/logos/helper.png
new file mode 100644
index 0000000000000000000000000000000000000000..41eba65a614948c897a50fb668b493719b9ca44c
GIT binary patch
literal 11340
zcmaKSbyytFw(VfS-62RIxI=IYZUF}O!CeM-C%C)2CAbsZA-Dy1cMI-se&^nE@B8DO
zH{Z;3PfzV#Rl8R0wRV3U4pfjrMIu51005{m(&EaH;{)WQi|_&REvD;!4LJ}xOK3W)
zfX$rU3>{4YA|_xXQ*s$wLvvGQQ$rIEhhb9z004&CQdQGgQ~n#DG1!*b@Sir!?zZ+2
zYXCq%*xlaH*xJ;Y+{o12(oT@#qOFU9+|oplLW5JDRo-6A)WTBQ)6rDLQ$f|()7qHV
zghE(|T)>?V;=tC_*^u1b*2d0>&s~t>Uw-)@=l@)0p&<WP6K88divJpvraX{b4D4u1
z&dtouWX#ISO3uy8%x1*JX~@lM^o5a}ot2%Pg_Vnijf07uosX3b@+SZ97X_q4M-wwX
zWpT;>?hf)xkix>**`AMu#m&u)*^Pr4>}bxy#>>mg!phFV&dvmB!Q|v&=WOWCWamWr
zZx7<8PR5Rw_Rf}IJMw=#8XAFJoCPT$gZ-~r*xLV(TRW%!jua$jEbfN(ENslI|IF&&
z4dvzk|4nUe|EIN+v$E;`j`#oR*h$sH-jqez)Cuh3Xbf39Gs=IuvgZ?XG&OVvJF0@g
zHvbMJ&;slXcCrB5le2R$bCT0)SlXF@-JIzDWgsulCu8U2Y-nd}DkCmP0dc`>X=%bI
z&c!OmBf%}g^@UB6jZH#aM1+@zNAimZml!(_HxCc*ziq|A#xAy|cFzB{HThp#(f?@s
z4;*amAw7$mI$FA#nn*f=ZOQ*NXFkjSJQkk+=<mO6P5$#(c>kj<3uG`X|E%o)wbK8-
z1cA>#r~d<8$dCU4zo{Jr@s1E^6Fw5@0RXh^GU6ht?#rio@R~Rp3ql<Aj3ltN`HO7@
z1+{~VUKeZPh5ZEbMlx?drqd?-Eg0D(qX)5)``59oPdkiGJGj3p;S|-kalCt_YUwuh
zP>6r$opdsE9bqz`@LKNR=!+M9C;T~Q<@xf!=HcN%HwHWu{sb}%5JlS4RbFynF0C1*
zmq9|t@mv8+Xg!Y8`76R%$?OLg`GfMC;WkscZFC(url^qLqa&g1g6lZDD+4mPpA;p#
zoFb9INTBJ%E(@q#q$%8ydAwDE#R`PKwc;K+>`?7VK_YgDt04s`9tQ1`DJNAxzN2qp
zsw~XmS-jXkv3MdXK;QWb@o?6ck?kjtekD%sxCdyDA4*7^e4$jj2|SHxnUy$j-~L78
z?DEXT$L_))!>0n4`~vM3BEq~~2Gcwsc||l4THkGoS?SIrb3mN53pN7?_<o94)xoIv
z!4U)EVjMnmQcJv(XKNYcTk}LpMJi5EmSKs07a~0Zmivc7UoO;cekf-;Z05z4dVSAP
zP+NgL27B0<GwlFdJTFvwMiMRbF37G%Mb^t3jc(7VnE<QKg*=fU>ABxn7+P|{hYUwf
zz8M`ZettlkUq=-W@Vwe^4}Cg?AL&#6mZWhHY>T2P>!vM>%O*mRPSQE?RpSN`!(?R_
z=4<!qob-^C=J5xAF;E%@86W*gSabH9^eCK?NO&yuI^+6SOyJ0l6!#5qUOFH8%{4KT
z=ss!Anq+fYpmg=HIoqAsq1gb|KBhf#PCkY?+3O7nfnp~KrsXM#TRH8+x>kk<P&%Lc
zgS`&kDil<1eJ?Y^yaG<Tmz_N|T;Xakv`ugwZa0&BIHKfLv1p1CGeLk3>vpbD2kwX~
z8;_R#tYPVA)3sJxiJ$&D`8MeGI@cR1!N~)A87TdG&}Ax186v%GwjVBgm@z+}+{*HZ
zP%h`nZnl^R4~|$UJK{!oRROu0H&ga|nTAeKR_Re)7^&m6-5Yx;<!xXX&2u81PY5$K
z5L0%v>EhSNiRG&R)}AM74p?jQz}Z_`?iXNskS-YujS|Pr!b-X{O-WZ*ek~RWA{;Vo
zGAHsx=6CK0I1O4IsI2<!l50;3>5`!<j!!XM&KgRo0Q@#nUOtc%DxTDIi#eb$XgFe_
z=rfVd5hiLGmOPQ>l`{hxv&Xsn?kBS4*9wf|z38toL0927dNA>W&5reLT?wCO;#^oP
zF*8w|91QqDbf_!c>R+pXO;J6=fw+pcsB|&(`)-qQC~f@6IGgFx2fZJ||HM=S3ias&
zJq3+r7!Z>zhQ8H(7#LS7C_A5S;2)E!S~!H&6PUYEGyl=`aY!Y(eR)@M%*Vx;bZ@!z
z>|Bs$h!fvAIcLa;Q?*?+aLr6hnPR)axww;zOt+fHtvXI>znP@^6SF|b3(xu7__R#X
zwR6(BM_W-RuDKXh>D)oF+tkqVgO+$_{v@``>M+_~OCPGNBMZlJ?C0Mn(WMDP%g6;?
z>bqr5S-V5ups85okQAq89-H<aX6L+*!Y#YTqLGxOaUQ$PJTeICXo3Y*SiUa%>Cm_C
zwf<Swilb-M`Zncg{;az5rd$kVQ)d}2PGadyn2WDCbHvy`lI4q9BAF`ib$Wtt>F>nn
zrVy1nd#XDcOODPv@zEy+LX^fNb?WXLzZku*H5Vy|Y<oW*wsM|lo`L>QbR*0C<S!Li
zO9k12#$||3)Q!9Mye3A=cZ)vL`C4&y_`J$X8b~A^4m)O{-anp3xY1?sdq2;O8E<dq
zjcyMm(W-GKTHHA7)18~uE59f@Y5zqYIXF0lzSB=F62*?S4h4CM3d&F>H%4g}<OUAd
zJ03JmR18d#-je$DXlK{Ti2KSlVAClOr5uN&S2~|ppQBassc-kP2*)2@XK#mfxb;_0
zmne>;*`LiFcss3!*wdRNbB-91!T5BjER-FwpIr$y7i$?P`umz@VVi@pZe?V-zgEru
zDQsO!_M3fk+^yP8`k9R>^L0xZNy;iBDdcnbZtZzsQr9u`*?ykWw)bgu*+p!zP}z^M
zoRjSrB$4I4g+3}5&x~NTlJyg3vOC>!K_8|l>O6c?roWqN#E*26Pxd#=Yw^^hjryy;
zc23{C%h+mxyz$Vz1;rugl;QO6`Pp^%Aw0+~Penx7O&$TTrpF9U@wwKAZ^#AOk&R^U
z_TN@f0?MS1qP^4lc`^MczdhY_BrkJ@UPw=*yW@-3<J4vdELSevoz!Zz!E{?!YJ9c4
zP5hZ{;o0RK=XzI(uu@9eLE}h@{AHF4gqs@2@wl93$tFX9sY89*`5wa4apQPav4W{S
z^f^5m(RMW|4k>!A@B|i)D<rFe3$qOH!UW$+Ddj-eqQC?^J!yFE6Vcn))Ts$U!xPVt
z5JALZ&~8Z^(zf!MDH02ESx(=Y)*3Aw&7b+$UE~>&Y5ihQ&1wFPELjdR59x&g?T+x8
z)jqeAw^GDH7A9z&%wBlZh!`x!hM@|(?_Ubm_{K{M(%v%BxVv^D<hDP)-p<qM790F!
zqDDBa<f(dn*(q47wiG0dAyECTS)X_xzK5SPKQ88N{fR*0YFpj=WU^ZQ%2|H>MEI?O
zCk&*#qWaZf2A>I4&s)3MP}kTHoN^^Y#Q@6gJp3KRA5^*GNtsHkCY39v1xwpqe^c;q
zmiF}0RQLExd=_@mU%plSfK(cL>?`$AvWEAtXv1ZnWA6sz`)^h4_7p2cG`vvg2N&fl
zQoIN4urD5?YL@)l$19dGG>_q})LexUw2`SYIQjpCk7q#kOn9lx7TkrHihsVCuJ9|!
z-QmUI%1igc(r)H+tryiNdlC3Iw?veyO4q$d`MI|#g&^E#_GJ4)GX30?L6kC)=enCm
zJFe%g-ZTB>?_?`;xx!3+*>(bn0#<f2F)5%aZajQD8re4$w8-%kSIj0tGQRIqMz?Tl
zUj)g<ld^DlJ3FUbyj2Wyjjg`xRcoc`Z&-HRDMmFo(fh?7tkQg(_L(osI(CxsQu;YZ
zvz`X+ncr2&2z1yg^i0}Oq-XY2KtRgkeU6N))!nM~GIEJX<jV+v0+cBwy)*sDylg8z
z$}Q{s2zRd*E#aqFYLz;7EoyUfuU4y^aup`Bls=z*OxZvJOcXvk7w5w<Dwf1NH&xBE
zqNsR6ibTIJ<5?!9cjatc=LZMEQ#@wEnc5EvSA6>RP*qI$>lPN7q`9n+6$R91JR7&U
zP5D#jQj9HD&sdK9ry<*U>D=1K<GdsZI_y7cYWw@Z<oBu87Z12iq$LTF)P7QXbTvHP
z-o@byL}C7=8lelEEoT_|YliU@uInOC3@Xm#x?W$J1&<w|;#?@_>o0e?(qH@z4L_KL
zvz-&>l}qRa5{}=W57i{~BKb;n7jD_=*DIK4&es>8dM}z<|Fp1^sn5l(m~H9tcHUF|
zED;3BRAQ~xjCZIOda3VB<U@qtU3Je;(nMyvkr>o3(W8=b#qbRhQTg#rrsJLSom;u7
z=!WATr(*EqjKwfgi7awzoJM#qx_LFq>sjO6v)y%|5Ob&LnL3mRnvGB;)tMUW4W?=0
z341+`8w1^oCr7{JyV~prla!7Ge7Ei>bPMY%k6NqN4lH!-wzgcW&d~bGn;=mzx6BjI
z^g2FB7JzFGPGDjO{SEd4jh!;F0?e2cx9`{T*9$CGP;!wdg(H=R<Rt3j<V3Yc#26gM
zazGM@H5eaST7MQ(EKbp&is>s$^e=e~f5GXorQI9$0(Vl}DvT1hyoi<=hQFh|Fi04!
zc*-rOH-66*{Ain70(h~drfy*V;-brBh)AU<P`uKj<E>&tMk>N_2G!E7B&5j%mQ!}7
z7q^-*3~rLiNdA$4ZH>3>$Kn~p@b<S26P1zWJF{TnoT6B|_Pk2$=L<8_-A|XQ;$2aL
zNvu_Qk=xHA<^%V$Hb7fkpQB97c<IEA<Vb1sHeAn0D9~~=se&EdYTf+|jf1n>Fn0WD
z!}f&9S;Q_J<6ZxN+2DyhbQaU&U*%c3$jY6?k<5gXUxRdBx|K0<x640dFO&)IzL;dV
zDTeoKILao?uwV=(71fV!uY{PHxl_pK;w-%%ij-h^@eEk4j%9YNa3b@4#VO7|NY^Sh
z>cOp(%l%E>aAW5`RFrRDw?JdS*2Yl!TJ?cj<2GbGI-}VxUCyIuq<d%uaO5+itQztV
z7aIHc#s6Io0upcpg;K%Tw)pqT+einwE--l%_SqM^)2&WrA%Wx@-+CA?Qkv;r{#Ngw
z8}gSUeFU1peufP+t93e`r#Fv#AB5gkbMKlaA22pY<70L9t6bFqRdIqj&IHIC;{dc#
zug`(>@DErXJYCsJWE^=)N~+7UQyF19pXfg5&9FE{b4Ct$#3%?S(=*XinPfW9vHgSE
zGPst9vfvhEGvqI6I1(~0XlwZ|;FCo=Dd4AH3v*1QyN7H;N+SpP+9^Av3HW|}jK%=n
zTrWn>F1#F{9A;HO6|i-9Dd0y9@~bTyE;X<-KD05YAaO<m--`@n(k?#Zm&mceSGra1
z>nD9Gp*=i{lEHYkKTcw;8zJZMG_evq8?XH|6osC(E?<4s71WA$bVlHnB0w*q4Do!I
zhuQdW_HaL?T;s+dPPF2X+$5o!aHi?B23HFlkXWt-)i;zAvCQ6i;w1*tD!ys!hU;<P
zRx8v=w}Hb<o7Qo<>K-=3BnuQ}9jvpX_vsfiE%xUz)Hl-}rAc_TeL(l4=9vS3n_36f
z=j$GdG}j+B#v25LEj7^Ai@X#Q;c`7xjqHO@3-(PPe?L(b>Bp>MmuAXO@j9MAgCmHK
znPwHzUve;1^8xq24}U!AhN<qK6fT1nM2iB#G>|z`?>13uSN@23??!R03Tw?<21ML$
zl&$%^g|kxEP<JT~ByMF}$COWmM-S#sjrZ`vjaA8kbbKwHeGEg7^55oKM*9>U7?frK
z_1-Pm8qNwec9X9JmfP=hJIy$MH=`0AnV;<<)Swj)h4M=Oz$4rkn7Izi=v{|MJl;Po
zY*x_$G!CO@nr|OH#_di#<08r}_h<MV><+|=hR^0Ly8Jiw`$@T~M^!~cezm;;qWR`z
z+3*!OIW(IqY(Q2dnvuepRQjm$RrRY;#;x)k3MW;@&v;bACR#}ev|l&)<vJNf!xWEy
zP$%DTy>}Oea!5H@A!7@#71+vD>3(vOQwZkP$HoVDQiT+}GAv??4d;5^h>a%S`mlot
zc6%S&yHuLX{E0WJBzT3y9j0+TjsG;D;CJO^AB(+G#-_Ae!*?7Rq~Cp@%?2(P{OJ~I
zOrKMX(Lo*)qM4sEGZmPK-;yia+kJEXoUrl991(8pk-3}cy$q^rLOWUP_!3=m4j-B>
zhY_C2%4e<fVddMtn03+!yWd#+gK}BZah)o?M*n7Y;czlo%3M(77t8Ci<e_x<jNZ&L
zAh}ZUYt3i1f+W@TShB|ESgUX`b=ktC2_eGn>{QoPuMI<YC1OSM`nL%i1{-1}#Y6d8
z97`7xkmo}jx!?(2w_ExKh$o2wz$}Z^(wpq0?zC%UE;F;A*PIiPCF?sEH-N=pc1mis
z<id3<p;SCDkni%S;^*vO0jtvyqFKNwm>ZLd(mf9*%Usg6aCs7&s|Y;Dt5!9YwHThJ
z`qQa`uB-EE{2DPE<h7N3PtuBeU66L8DqPOgbydnG%JH2Po=#nMUtilB<7lq!MD^yr
zH3uzP-3_0Mmsj&Qx#l!WQVb13y&=lPhf`_f3HA^DSd+!?3^z8cm{%0zT|205W1plp
zS2luk^#9mn;(<9}i?ZYfL9J;E;aI;(Zp$kD;|k5ooNGGuUCu@N63{wQa;KSeJ@ts}
z57PfcZ5IVTl~%ehd56>K2TW6dd_>V!dt%G%PlU=x!9P{~>s#OW8KJJc+IJ1>kh1zN
z@Q-ppi8mOC8&e{4t^=l5iP0JZTTgB&C&FqyR9!g|GvJ{>vQVLlv2l_O%|%e}MDuF2
zckFw!p-k0Ph@9>LSylL};UsY{{}sD6O^agqZjT@ZZnK*xE+ov$y#c*BDJ}q<uV36T
z5J9rkj{)CdnJhPi{5d3f+JN>AWN;VW5gV=(BnSv)e{sIO?Wf<k>NwtYG-Jc4tx*x5
zWOz&nKqZl8tV=GkH&P|n7{Z9-!xLLqMgK;(JAI(;?R>YEer6U-`J45NMa>nc^m8gz
znY1$Ip#b#JEBDYTI_3Ni-Jl-JNneMv(>D&2l=&|zoF14ghyuCV0)GT7SF=yuStX>7
zKTttbvwoV>A=>-%0FAQzWz*@|!R~QYN`p|9Zdz!@MAOgijXUpX?nVukF_}4JWa6I4
zXc|&!xT;{e<WC_3VDUIF5KZ{#$q1Y23ywg`QURkMGDxnyJX*?kam67}yZjBmI@$LN
zDnEAP=MD|!cmIhMvmR5&P+Zqh<9C;=PgBE$cCC?o#&~>8ftMBz_k|ofpG1CBD#dIb
z#4l7<OQ|ul*RP9{lyChGHGP$Jtfhso@gOfhC(Psk>qdC>j-33h_d{*!4jH{<sH(sE
zLI@bSBJ5KC6pS-+e!YnV#8p0Ykxqx#kp2WwZFEI(+XW0oQ^XXn8WoMZ7F-)~0(+$?
zpa1#mW<DX52*}*MMq8oq`aQLKKHJ`TNCXI>H&HOt9NnOG5vDhCFt#iT<N{LntQ?x?
zAU?$pkG-E5kgjq73te<Uh1ckdp5DXfScHjR&2v6ebvc02&nHy*JpLBl*O`uHSbrg+
zf*tKiN=oXdp{8~$pfwXgnE;$0i*#@a<mums#=)=@ll?eFb!Gb~C{6!$H$EU%mBHjJ
zWHt<wGGj7V_#OXc>|kd{r9!XGRXdo2H@3-kMcwssv&TBWpOV{VajMv`FJzJff752Y
zrw5aqMKToBzulZoRt)5aT4f%|9uZ$|wASGDe+Jv|JwH92gO?jDZI+vr3gY50(19qj
zAzh3Gb5=)JJ3~S_IXNt=YilkeYrmDz$A5~2qA?h>-0D+A$HuaVm^?<(R_B@+lTRk5
z{$|Ma8JLR>OCk{9IJ!GqQKNl)HY`&9iItU|ZJSd)d-Ovpmh?3ekIB<@z1>4izx1rp
zdI3*LFjeUJv_8KA6kHcWt&qiovgs@JMhHhmlKjZ_z(5>l({aWep_8-Z44EBHG$NFJ
zJ#OYF*FsR<?a2a5sDBbH?HZ``Od=8wRZ<Wxg+(89@OXUyj)I@e5yXxm69(}L2na|`
zU>Mpwx}C4`@(sXg{OrBnAAkOg3{?em{giWXO=Ro!xBYe{@>eBow_qj;SR%2gCaTG6
zXArg7cqr!9Xay2v)bT_b#gf>w?SV)Tzw4<5HX-4W;Ym9r?7qs?ppN=-^-B6wEnALQ
zSlb0&m*YSD;3rbQ_t*QNtJsd+ctOc5%_f_r>qe`&2z5XX@*yPp1E?$LWI~K6`HTif
z?U2Y^y*}UPM#{gYO2djETrAa_hve$z2>Ey}6cv4b9fgj>XYrlt`Q)@wQtx)LZZub>
z_S`0)$+c3Y+oHU>?9ptu<|qJ}AU=Vj?$@u~*JIG!?zmx1v6L@q57ZYI=^W-Co534G
z7@0(Ve(&+X&8y8(L!AZMSz6w(k0c~2cqY9R2dK!%<sswQg9rUXL$i4zK_%TjVDRq5
z##pYf-#5u+6jao`R7NeV-%Y$RZSbrn$8s>3t~fSJb$h~xl+SV9B#qiWsb`^_Ov28G
zQ}@reC-($)^p#rmk_c#MRmc)5INm%E$YMXX+CtDz#AClnbNOMvc4K{g-K+kIbZ~GG
zNkKt@kCv|9xXty<=)S^vXD~WwB#F+65ENaem@AZN<LQFL==h<Qj=g{GCzdH>5l>9A
zE@h>q^AxiAP=oSb$Qs_O7jON~sv!%;>Ytcj^g93s-by6>kMT;4qlj9W>hPcD{+HVY
z{W-P|uNtC6oK`o)jOt%T7h_2UJuw)U7nKSn$3slBeQpk?bGw7i9esOp$7$Q`R=yEd
zY1S6RzFe<E_TRkep5V()tndgPz3L(BpxW5YA_N;2kR3E8SSp)LZ#(1;k4LAx>poi|
zPeu=zg!@i>?(_I}ua25o?|wX!8=sBVpINUJ#eZ{>Nw4)Lf!Aq&tk>=ikMejbzYm0u
z|6IywXlv2?9noix=Z$dtVxuCP7$08>0!3Rc?}y74`=iX#=IBnJ=Nw60K`vI-%hzJL
zR0ZRCq8#Yj#d?eB0`5p$2G=&#pUTY`c;AVsa_pdJF{?*axRBYb=PP75t>?24(DUJF
zKbN1A?NB{%u=DY?a=90?3BFx)z2kXYZA<8B-boQ`h^?N)Yy=vdG5sYN$qU{tI3N#H
zGj=k1(s*cTX(5RW4>wdX^MFSueHjXZM<0B9Jjl&f$Q63UZFrl2Bneb9Zo7|8_XK4Z
zx5slQX~le>Y{mlT1|9=CJ3GD1$I@zhA0F1)+}6%lTlzqUia;V{pd#(cKVF_iFAId;
z9(F22oVH}$)*CEmwYBy)O}VP>CipKbW{B`75I0&~PE>b%#(X3+FKGneef-Whx)d)z
zzJ<t*4?1uEj;E~LOcr12>yk@l_6Q2~-5W`6LohfgCDUYvQuo4V(DHd#uLhmrV`24{
zFuL`MhGvlJcY5<)CkW81S3F!pvfeWuqvj=hZ@%jNc+${#24{JR=H*Ax8Y{ZahZ@5^
zYKZkKdeiI6<FzEl)DFsOFf#u7htyW&3LQ~ZRaF50dXY>b%!4hS-ww}0yT>&c^MF(w
zh3~RI99yX5pj)<v#f2696LgBVP`x|Acq^V#idnD0LdjMp2T8BlPLB#<ogzp?#63^)
zSKi2XHo1y!;-e3y{hjK)qH$fPaQ9>B9OVzs&t#|w2t4q?i%aXi-5GoV)pM9cMJD))
z*?fBo5Q-6o<kCeZ!TfHw4WD~nF1`GR`R9j+G!J2bA7#q5*eZ$N-`(LH;g`!kbA)o`
z39T;Q4k}V)q;4mL!02)Lz4$~CH>fhiMFASJ`5s5br7k}|jbHT+_vdSc+5B!#^)NNC
z2T^MRl9-s7%or1U7@t!(UES~3+~8q;)kjaZxSnMYw+CJ<x?XJ$aNi$Ji-BF<;Efhg
z2-!_2or)pBma!+K;Q&K-rBlr(Gio{NzdqgWa2T%wQtnTe>PvrbmB6~KGh08;DhemR
zZbz~#9t-<q`Q09?wRJkYO$xu`1mD*XccZ*LomAfnprWBMM{cxXqTTYlUmBb^YhILH
ziiQ|o@4=IK*UaAVTmvxz2_2E%;aQBS+KZ7xcA|!W$3NY53&g`;A>fqz?E;wmnaddn
z#2pf*u{Z~6)*|@RZeMQo$s5FbLgLx@24R$;WI7dUr6vOA8YELq3s9wYqZoCsIw^Dm
z_U3tPE|KPY72qCgw#8O6&bMZ2Z+Cb3L&;|horRE6R)qDw)roBWdPR*IIM%nVt*tXm
z?l-j-$31h#h0tGjr8hArkU8&d#@r*IqH<<>8ArNEMiX($m(CJ)9=MSBw3xyFdW8^#
zPuvl0U#Ft*>rKoRuZW1q8n@l5=D^G?Fd;Y(_=YD@E2P4TORpLh5cnJ39t`bw+wS1t
zFwKG=vgb0yQ>NGANTufa@l%Y|SQ=XtnF28Bd9xsNyS)=3a)fvfXOW_)H|fRqg;nze
zaj+c6l(d;+pRKnjy@h3Xu#^0fD7M+m+z(z<b0+T+l6TAB1(+*#kyl^l^nGsU5H($l
z4R-swu%_+~+MJIZ*AZ6VI=t@J5s@cgxuDpb%@K5Ajap1Grl2Jea|Oc2yW;#pAk=@(
z`n_u6;c5q;LZ}mI!N;c4`|$=ILQ?B-!-U%_FF%ZxbA^09?7W;D5n>ySD?><i35lxF
z3<BGqx_T*JPS-o0fwcZ2j6F2wspwF^qrWJdDH?FU+*;e(HY$_~Lwfkb;d7PiW&#2N
zj180)Tu<h0$03?QrG>Z6?SdKFv<`o>iaHdzSx`{W1wzcrABl-|;&*9&bcb%rBvQ{A
zUC$8=g`<)1ePaU|K8$m3+(7YU*4WYxkn?;kv|rCfCFWWU=ep5n8h9MTH%FNh)r$QP
zrV>mJQ3nQO9yr}Q(3@B9_UJ0^SzdsNBehSJg191zp#CE=jmA;|cOo$zW*F|{(?^-l
znm|w!!F`yG-z`j@`I4&(gf^<Xt-{#Y*cu%7Mm#a1qWgt@B8vq2!%>7>e-9P_eD(8B
ztNYT1hnEo)`~)Xj+MI#WL=rYl3~eI?Xr&KZ3e5-keDiz0vxR208Xcd90S+=jcASg0
zvEi%-zyNT(6v}sdM$zs*$wMvSwFc28e;NE6qp9W>ef=4DD%G5ol$5?04@TkHkKO~E
zhYUrC#o~_=)vBth+%O|I0%r_rUm6A?@fD|6;AH3ncvkYhE_pXdK?D$2AUxyyrMM6c
zsgHK`w8hKueC2Zs%4HZN3*$<D^i}m`?Z*@#gp$w>(t{b$!H#e&sUYv2x^Lq#17=A$
ztVxA+Sa$nEjb$2<sk8=iDf>ueUlD96lRTR1UAnik#X2eCWm9?Uu30Q4TWGu9(yL}>
zqbnS3k|44govv^#IgxafXUTLRBIl?p4{59m(3lr(By$WfmQOHl4zYmRX=5L*tosg?
zO5czfYAiSk3k$vK`Z@Zz83$Yu{1}#eOlAe`B+t)j5iEpxkLropo^80s2M(tTr4%G0
zaAa!!bWuvhB*6miM?@=2A*`or+^burN~c|8AQBBB_39wEt4T<z7xGtI9m4VqM#63V
zorKGnj$}~#kal{%;kQ8sKo=#bMX<Y+0&vPfAD80i|7oIVkU>H~Nb`h{AWO8$$C?D(
z%`;uYNd2d~vo?VLZ7BDQ!P#;nNBW*gJAmbal;5?2lo1SaC;PV5n#Jp6hSdGc(p#7b
z$pZ$X9wd3N<^hV>Q?bG_Ic5EtXd>ZF;;(R5iF+L0idj5tKOovB9HJ64DDL}^Uv9+7
z3ZvX#ej>*DaaDZo_bpxBE2syoB7<TXdMTy&BZ(u-Gagg9L%b0*93K5L&a1U6=UIvl
zA*oqNAtk^Jc=zpjq04@&cLC$gbkVn`EO_%K)F4I@g%?Ydd#bN5Xnbg}up<-WjXI<?
z6{2+r?99A0GY}WwTNoiFG>ZQTFTuH0`3F>@3dx5W$Rjp0M(wc3X9$KJH4vXAhbJ;x
z4iAN$830une?RNDmq)j+P%d=9Jb%jW@xO@ifG3jg*v1AT`0V)WSUn`J|EQ>Hue(#j
z`DtvuW5mcYQ7lyddQ!W4Sbu(u=b@fDbk@4%Y)!Lv>xHV>96_&n;vI{B6a+uOjq@>y
z1|gB}tAl`l0$YWa+aM2D-UjN{@Xh&j;Sdim-QBtrnUAx7FgIYwnb)SZ&UU4V6rv_{
zAWDkS)rWO(Z>T%^`I;MNp78WqjARx<k2-%L#F32g{vOt9Zt!kQNea(SDyCIA=#!E9
zyx&9kn}p*bnD->*IXc5xQ^ySRR-F*q+{qOCd!qc$KfU{6{S{A){NGR6D!zTuS&zuo
z0}6yfNYnmwv3Asejpf9duNsnfqD&6BEN6BzQ<!wlh3q%GFEHB0YBcqx%?LFoD-8_|
z&+KL2z+JDd9Q@5b&v%LTc2kfsrBhr5Bxsr(N)1Hd`Wc^>Ql%0BIzB8kxj?YGm^8I;
z$$DqdOdK_5H_zQa{tgWbg8}MSOk)i&{i!ubhq>OLOQ4S&WgXLa6-&rrRvQ}|d$_kZ
zpgwpTNTEYc=E(=CJ!%<oLbi#+S@#d7rhrdp%^RM9ER|a#H<fyAT$$HyFz7;3ZC-g6
zLcL(OlEh8k+W^O3{fq(+E1FF|o}rd~H$?(Z1-}IZP6xUL<^4JrvxGJJ77&)X)G}7g
z7#e4R&`k!BT^(G)Zx6;a{_{|>*KViJ&^eN~L$PG=qT#m*E2aW(n71tK+gGA}nmwT{
z-mcj5?_+wC(!(YFDQvxUPqk-nug{^&eE2C-$jq+LjE3<2nM#aX*L$h@Xo)?QZc^}Q
z9~X)3F6)d2BBmkxE3MpfW_tRH)@abThI9jJk+J*~q4+PF(T)S4e+Xmdj)dR!C5n(%
z9YZ+QKTq*xH&M}!k~ynC!>mfE!k6{CC&BirBDp_adIpQWP<TM5t(ev+BoV*l*6BK8
zoDbXU5qArsr3&JSbzQUC@3bn}$E%EE5@W|$D|OKxFh!B+PKLIY1>!SlROvo)tZbc}
zjIy8EEML%BudJ**^HmtDTyEmKlSOf7@6}j*1p=pp@O)w6;Sa>Vt)lvO)Ik<rC~Qup
z7vt9vV=60&aW!J(I+l8hmRE`nLJ&KhMvXy_!D^S^o_8+??c6{nmu&_*RazK^6=Bkh
zFK^d&%+m$TO;Gm^TVDuj8)_^aZfqz=f3Dzj%Lvjhs`}TDrR~{0u1J%3Wc8~2HBq;}
z9Cq-!Z@ti_R_k4u8EsD?wJf}7TEX5fMtw;t=0@lD6`zlg8WY0yL8u3POdDvQ)&{!$
zt*Lks&BD~$H`x`mAq;FpO^WfG_eUnxF%NBk)Q31o?PxX#5fbyP=1|Y1o0_fql)+9*
z1@TajV(>LZOZL~aA$7ittN@b4C0sW*^6NK^wM%7DCGKIwrb_!-7@Y=-tHp<pfD@Ba
zh3uE5>)Xvq7)`%u0hfWg)0Lj*yl`xqDh}E0majj@`#9?}xxsIX%564+g3s>|fw>E%
zPtO5HDu!abGBGzdkF0}^B!w=Xf*why65(~%!}Rs_jhEyg=O|Igwi+}x?%Cbz{aT$8
znRxmZ_Q!j<^v~bXNjgwrH?P{$a=_s|DdpjDt1Ww6`kvwSxQyfUu!IpbI(}rDS6X(M
z)>T*-0vW=1{f)pVYPWibJvdnI1z)!pvnhvv(kf8YApm(4FMQQ3(s~Bjj<;$8{=$fZ
z@dz)4O-kTBx789z`xbVTZta6xya`DMM1iFmbt8Z69jTL`R(lXO6`nRaFVss6LxT*4
zvt>&Cvl4<dx_S2z$II4ZLF?Y1VfZ19qLj3kDo2_C&8dsCy5ZsB3N@aHyapek2d^a8
z*&0oT6SyD+o>|BiL1r-mBBEsskXB^{s1@FWDv^Y&m@id5J<sBoH=igKmuS4M`%0l2
zq#fl!C`ugq4zLd$@shxP+mkjrr}H|{K_eU@_6k@HghP(_otcbzq1c?l{rj804s>%q
z&&*Z&%Hi>R`L0?4j?B{>=f`xGlwr%-R+B-pn5!VgywU|b;8;g!-4Hgozx*S*V=z0_
z7xoG%`<MMpFqer$hMcL`4^;AnVY?DZ^uNDP(1D~Q3rLQ`;oS<6G(?4~5(VvwU!Yn<
zk+j@kc@?^NhR4UxELNIqtIfhw6GGs){Z|0?peA*+8+y7S!sILzyBKBj0grT=!P=$?
zgu@72jo;J*0|Q4se<61YY$i?@`6~%@zd*SsVEUszqvB;v!p&!LY)6{FnnlY@XJ|UY
zts-d^?~iBJ9}Uk!>LpN$8V6=p@CJ0c`5#mj^AKC(djW1u`?|PHRy4hDkrO|PG_SG}
zBs6HRFYyTphv&!5ml~3&keNr+m&p6G!c7;5w9Z$d?T5d^Lpp4v9^gTP+{MgvOitcx
z`e1J?(zM%zEP2&j>y<;y_=}E396OIe%Ng?cmX=PLmCd;Pno2fi&7&@~oeK9_5?RTT
z)AR>L$j#7bsMQ1@k<RDYiWY}>N5t-7=-*VxDLPP1qDxqtDJ9>dI1aPmnzKeFAe}ge
zzwLy6!%?Q?VB|?hs4o7lZ3pv<s#E%iNB>iB9bES;meoiwKoPkCDG%541W<+0EQ-`I
mP~`pa^;57T>uVPP20)6zJH0k>a`4ady)qIC;#Hysf&T{=Wz28@

literal 0
HcmV?d00001


From 1451a0b1f36c8fb4765f2d6d4c3036ea40ece061 Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <matthieu.borgognon@advance-ticket.ch>
Date: Thu, 23 Mar 2023 13:12:28 +0100
Subject: [PATCH 8/9] Add missing description

---
 public/v4/apps/helper.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/public/v4/apps/helper.yml b/public/v4/apps/helper.yml
index cc8c17f23..67bf05aba 100644
--- a/public/v4/apps/helper.yml
+++ b/public/v4/apps/helper.yml
@@ -41,7 +41,7 @@ caproverOneClickApp:
       Helper has been successfully deployed!
 
       IMPORTANT: before you start using Helper, you need to 
-      
+
         1) Enable HTTPS 
         2) Force HTTPS 
 
@@ -50,7 +50,7 @@ caproverOneClickApp:
       IMPORTANT: It will take up to 2 minutes for it to be ready. Before that, you might see a 502 error page.
   displayName: Helper
   isOfficial: true
-  description: 
+  description: An open source Project management tool based on Laravel and Filament
   documentation: See https://devaslanphp.github.io/project-management/#/
 services:
   $$cap_appname-db:

From 670da3e0f2ebfef1195a79f2841d96d5ebbcfa1a Mon Sep 17 00:00:00 2001
From: Matthieu Borgognon <matthieu.borgognon@advance-ticket.ch>
Date: Thu, 23 Mar 2023 13:14:48 +0100
Subject: [PATCH 9/9] Prettify file

---
 public/v4/apps/helper.yml | 170 +++++++++++++++++++-------------------
 1 file changed, 85 insertions(+), 85 deletions(-)

diff --git a/public/v4/apps/helper.yml b/public/v4/apps/helper.yml
index 67bf05aba..81f1c4796 100644
--- a/public/v4/apps/helper.yml
+++ b/public/v4/apps/helper.yml
@@ -1,94 +1,94 @@
 captainVersion: 4
 caproverOneClickApp:
-  variables:
-    - id: $$cap_helper_version
-      label: Helper Version
-      defaultValue: '1.2.3'
-      description: Check out their Docker page for the valid tags https://hub.docker.com/r/eloufirhatim/helper/tags
-      validRegex: "/^([^\\s^\\/])+$/"
-    - id: $$cap_mysql_version  
-      label: SQL Version
-      defaultValue: '5.7'
-      description: Check out their project https://github.com/devaslanphp/project-management/blob/master/docker-compose.yml
-      validRegex: "/^([^\\s^\\/])+$/"
-    - id: $$cap_db_pass
-      label: Database password
-      defaultValue: $$cap_gen_random_hex(20)
-      validRegex: /.{8,}/
-    - id: $$cap_mail_host
-      label: Mail host
-      description: To support sending outgoing emails you'll need to provide authentication for an SMTP server
-    - id: $$cap_mail_port
-      label: Mail port
-      defaultValue: '587'
-    - id: $$cap_mail_username
-      label: Mail username
-    - id: $$cap_mail_from_address
-      label: Mail From Address
-    - id: $$cap_mail_password
-      label: Mail password
-    - id: $$cap_mail_tls_encryption
-      label: Mail Encryption
-      defaultValue: "TLS"
-  instructions:
-    start: |-
-      Helper (Project Manager), is a great tool if you want to manage your projects, tickets and be here for your clients
+    variables:
+        - id: $$cap_helper_version
+          label: Helper Version
+          defaultValue: '1.2.3'
+          description: Check out their Docker page for the valid tags https://hub.docker.com/r/eloufirhatim/helper/tags
+          validRegex: "/^([^\\s^\\/])+$/"
+        - id: $$cap_mysql_version
+          label: SQL Version
+          defaultValue: '5.7'
+          description: Check out their project https://github.com/devaslanphp/project-management/blob/master/docker-compose.yml
+          validRegex: "/^([^\\s^\\/])+$/"
+        - id: $$cap_db_pass
+          label: Database password
+          defaultValue: $$cap_gen_random_hex(20)
+          validRegex: /.{8,}/
+        - id: $$cap_mail_host
+          label: Mail host
+          description: To support sending outgoing emails you'll need to provide authentication for an SMTP server
+        - id: $$cap_mail_port
+          label: Mail port
+          defaultValue: '587'
+        - id: $$cap_mail_username
+          label: Mail username
+        - id: $$cap_mail_from_address
+          label: Mail From Address
+        - id: $$cap_mail_password
+          label: Mail password
+        - id: $$cap_mail_tls_encryption
+          label: Mail Encryption
+          defaultValue: 'TLS'
+    instructions:
+        start: |-
+            Helper (Project Manager), is a great tool if you want to manage your projects, tickets and be here for your clients
 
-      It comes also with more than 60 languages ready to use.
+            It comes also with more than 60 languages ready to use.
 
-      All this made with the best technologies.
-    end: |-
-      Helper has been successfully deployed!
+            All this made with the best technologies.
+        end: |-
+            Helper has been successfully deployed!
 
-      IMPORTANT: before you start using Helper, you need to 
+            IMPORTANT: before you start using Helper, you need to 
 
-        1) Enable HTTPS 
-        2) Force HTTPS 
+              1) Enable HTTPS 
+              2) Force HTTPS 
 
-      You can customize more settings by environmental variables described here: https://github.com/devaslanphp/project-management/blob/master/.env.example
+            You can customize more settings by environmental variables described here: https://github.com/devaslanphp/project-management/blob/master/.env.example
 
-      IMPORTANT: It will take up to 2 minutes for it to be ready. Before that, you might see a 502 error page.
-  displayName: Helper
-  isOfficial: true
-  description: An open source Project management tool based on Laravel and Filament
-  documentation: See https://devaslanphp.github.io/project-management/#/
+            IMPORTANT: It will take up to 2 minutes for it to be ready. Before that, you might see a 502 error page.
+    displayName: Helper
+    isOfficial: true
+    description: An open source Project management tool based on Laravel and Filament
+    documentation: See https://devaslanphp.github.io/project-management/#/
 services:
-  $$cap_appname-db:
-    volumes:
-      - $$cap_appname-db-data:/var/lib/mysql
-    environment:
-      MYSQL_DATABASE: helper
-      MYSQL_USER: helper
-      MYSQL_PASSWORD: $$cap_db_pass
-      MYSQL_ROOT_PASSWORD: $$cap_db_pass
-    restart: unless-stopped
-    caproverExtra:
-      notExposeAsWebApp: 'true'
-      dockerfileLines:
-        - FROM mysql:$$cap_mysql_version
-        - CMD ["mysqld", "--default-storage-engine", "innodb"]
-  $$cap_appname:
-    image: eloufirhatim/helper:$$cap_helper_version
-    environment:
-      APP_URL: https://$$cap_appname.$$cap_root_domain
-      APP_FORCE_HTTPS: true
-      DB_CONNECTION: mysql
-      DB_HOST: srv-captain--$$cap_appname-db
-      DB_PORT: 3306
-      DB_DATABASE: helper
-      DB_USERNAME: helper
-      DB_PASSWORD: $$cap_db_pass
-      MAIL_MAILER: smtp
-      MAIL_HOST: $$cap_mail_host
-      MAIL_PORT: $$cap_mail_port
-      MAIL_USERNAME: $$cap_mail_username
-      MAIL_FROM_ADDRESS: $$cap_mail_from_address
-      MAIL_PASSWORD: $$cap_mail_password
-      MAIL_ENCRYPTION: $$cap_mail_tls_encryption
-    depends_on:
-      - $$cap_appname-db
-    restart: "no"
-    volumes:
-      - /etc/localtime:/etc/localtime
-    caproverExtra:
-      containerHttpPort: '8000'
\ No newline at end of file
+    $$cap_appname-db:
+        volumes:
+            - $$cap_appname-db-data:/var/lib/mysql
+        environment:
+            MYSQL_DATABASE: helper
+            MYSQL_USER: helper
+            MYSQL_PASSWORD: $$cap_db_pass
+            MYSQL_ROOT_PASSWORD: $$cap_db_pass
+        restart: unless-stopped
+        caproverExtra:
+            notExposeAsWebApp: 'true'
+            dockerfileLines:
+                - FROM mysql:$$cap_mysql_version
+                - CMD ["mysqld", "--default-storage-engine", "innodb"]
+    $$cap_appname:
+        image: eloufirhatim/helper:$$cap_helper_version
+        environment:
+            APP_URL: https://$$cap_appname.$$cap_root_domain
+            APP_FORCE_HTTPS: true
+            DB_CONNECTION: mysql
+            DB_HOST: srv-captain--$$cap_appname-db
+            DB_PORT: 3306
+            DB_DATABASE: helper
+            DB_USERNAME: helper
+            DB_PASSWORD: $$cap_db_pass
+            MAIL_MAILER: smtp
+            MAIL_HOST: $$cap_mail_host
+            MAIL_PORT: $$cap_mail_port
+            MAIL_USERNAME: $$cap_mail_username
+            MAIL_FROM_ADDRESS: $$cap_mail_from_address
+            MAIL_PASSWORD: $$cap_mail_password
+            MAIL_ENCRYPTION: $$cap_mail_tls_encryption
+        depends_on:
+            - $$cap_appname-db
+        restart: 'no'
+        volumes:
+            - /etc/localtime:/etc/localtime
+        caproverExtra:
+            containerHttpPort: '8000'