From 2052520a9007b19b89a59d2a70204b0f3bb3eb10 Mon Sep 17 00:00:00 2001
From: Nathan Price <gravityfargo@modernleft.org>
Date: Sun, 19 Jan 2025 03:10:39 -0500
Subject: [PATCH] Initial commit after history reset

---
 .gitignore                                    |   1 +
 Docker Images/bluesky-pds.md                  | 115 ++++++++
 Docker Images/bluesky-pds/cloudflare.png      | Bin 0 -> 22620 bytes
 Docker Images/bluesky-pds/middleware.md       |  21 ++
 Docker Images/bluesky-pds/standalone.md       |  24 ++
 Docker Images/bluesky-pds/traefik.md          |  41 +++
 Docker Images/quartz.md                       | 113 ++++++++
 .../quartz/Developing with Quartz.md          |  33 +++
 Tutorials/Docker/Proxy Network.md             |  17 ++
 Tutorials/Docker/getting started.md           |   5 +
 Tutorials/Traefik/CloudFlare.md               |  23 ++
 index.md                                      |  21 ++
 templates/primary.md                          |   6 +
 utilities/fail2ban-manager.md                 |  96 ++++++
 utilities/fail2ban-manager/base.md            | 274 ++++++++++++++++++
 .../fail2ban-manager/plugins/cloudflare.md    | 113 ++++++++
 utilities/fail2ban-manager/plugins/hetzner.md | 176 +++++++++++
 .../fail2ban-manager/plugins/telegram.md      | 144 +++++++++
 18 files changed, 1223 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 Docker Images/bluesky-pds.md
 create mode 100644 Docker Images/bluesky-pds/cloudflare.png
 create mode 100644 Docker Images/bluesky-pds/middleware.md
 create mode 100644 Docker Images/bluesky-pds/standalone.md
 create mode 100644 Docker Images/bluesky-pds/traefik.md
 create mode 100644 Docker Images/quartz.md
 create mode 100644 Docker Images/quartz/Developing with Quartz.md
 create mode 100644 Tutorials/Docker/Proxy Network.md
 create mode 100644 Tutorials/Docker/getting started.md
 create mode 100644 Tutorials/Traefik/CloudFlare.md
 create mode 100644 index.md
 create mode 100644 templates/primary.md
 create mode 100644 utilities/fail2ban-manager.md
 create mode 100644 utilities/fail2ban-manager/base.md
 create mode 100644 utilities/fail2ban-manager/plugins/cloudflare.md
 create mode 100644 utilities/fail2ban-manager/plugins/hetzner.md
 create mode 100644 utilities/fail2ban-manager/plugins/telegram.md

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f6b6248
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.obsidian/
diff --git a/Docker Images/bluesky-pds.md b/Docker Images/bluesky-pds.md
new file mode 100644
index 0000000..b48d7e9
--- /dev/null
+++ b/Docker Images/bluesky-pds.md	
@@ -0,0 +1,115 @@
+---
+title: bluesky-pds
+draft: false
+date: 2025-01-18
+---
+
+|                              |                                                                                                |
+| ---------------------------- | ---------------------------------------------------------------------------------------------- |
+| Official bluesky-pds project | [GitHub - bluesky-social/pds](https://github.com/bluesky-social/pds)                           |
+| Image on Forgejo             | [Forgejo](https://code.modernleft.org/gravityfargo/-/packages/container/bluesky-pds/latest)    |
+| Image on Dockerhub           | [Dockerhub](https://hub.docker.com/r/gravityfargo/bluesky-pds)                                 |
+| Image Source                 | [Forgejo](https://code.modernleft.org/gravityfargo/bluesky-pds-docker)                         |
+| Issue Tracker                | [GitHub - gravityfargo/bluesky-pds-docker](https://github.com/gravityfargo/bluesky-pds-docker) |
+
+```bash
+docker pull code.modernleft.org/gravityfargo/bluesky-pds:latest
+```
+
+---
+
+A self-contained Docker image for the [Bluesky PDS (Personal Data Server) ](https://github.com/bluesky-social/pds) for use with Traefik. This image is pinned to v0.4.74.
+
+It is required to run the instance behind a proxy (like [Traefik](https://doc.traefik.io/traefik/)) to generate SSL certificates. This will not work otherwise. The standard pds install includes caddy to handle this. A wildcard DNS assignment along with a wildcard SSL certificate is required. I use Cloudflare for this, see the screenshot below.
+
+This is not intended for production, and I am not responsible for any data loss or security issues. This is a personal project, and I am not affiliated with Bluesky.
+
+> [!warning] Data Warning
+> Before changing images, upgrading, or any other modification always backup your data!
+
+### Requirements
+
+I haven't verified these are the minimum requirements, but they are what I found to be necessary during development. I probably had some dependencies installed already.
+
+#### Manjaro/Arch
+
+```bash
+sudo pacman -S jq
+```
+
+#### Debian/Ubuntu
+
+```bash
+sudo apt install make xxd
+```
+
+### Setup
+
+Generate secrets and add them to `.env` file.
+See [example.env](https://code.modernleft.org/gravityfargo/bluesky-pds-docker/src/branch/main/example.env) as an example.
+
+```bash
+# Generate secret environment variables
+echo PDS_ADMIN_PASSWORD: $(openssl rand --hex 16)
+
+echo PDS_JWT_SECRET: $(openssl rand --hex 16)
+
+echo PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: $(openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)
+```
+
+### Docker Compose Setup
+
+Full list of additional Environment Variables provided by bluesky upstream can be found in the
+[packages/pds/src/config/env.ts](https://github.com/bluesky-social/atproto/blob/main/packages/pds/src/config/env.ts)
+
+If you'd like to learn more about my docker setup, head over to [[getting started|Docker - Getting Started]]
+
+By default, the image uses 1000:1000 as the UID:GID for the user. This can be changed by setting the `PUID` and `PGID` environment variables.
+The compose element `hostname` must be the same value as `PDS_HOSTNAME`.
+
+![[traefik]]
+
+Optionally, you can use the [[middleware|BlueskyHeaders]] middleware to set headers.
+
+---
+
+I do not run this, but it should be possible.
+
+![[standalone]]
+
+### Running Commands
+
+Nothing has changed in this department, other than not needing `sudo`. The commands are the same as the upstream project. Such as
+
+- [Creating an account using pdsadmin](https://github.com/bluesky-social/pds?tab=readme-ov-file#creating-an-account-using-pdsadmin)
+- [Creating an account using an invite code](https://github.com/bluesky-social/pds?tab=readme-ov-file#creating-an-account-using-an-invite-code)
+
+```bash
+docker exec -it bluesky-pds bash
+pdsadmin account create
+pdsadmin create-invite-code
+```
+
+> [!danger] Update Warning
+> Do not under any circumstances update the image using `pdsadmin update`. I have not tested this, and it may break the image. Submit an
+> [issue to my repository](https://github.com/gravityfargo/bluesky-pds-docker) requesting an update,
+> and I will update this image and pin the pds to the new version.
+
+### Cloudflare DNS
+
+After various testing, I have figured out two things.
+
+1. In order for email verification to work, you cannot have the DNS Proxy enabled or `AAAA` records active.
+2. After you have verified emails, and do not intend to use the email feature, you can re-enable the DNS Proxy and `AAAA` records.
+
+![[cloudflare.png]]
+
+## SMTP
+
+I use protonmail for my SMTP server. You can use any SMTP server you like, but I figured I'd share this information.
+These are the environment variables I use.
+
+```
+PDS_EMAIL_SMTP_URL: smtp://user@example.com:TOKEN@smtp.protonmail.ch:587/
+PDS_EMAIL_FROM_ADDRESS: user@example.com
+```
diff --git a/Docker Images/bluesky-pds/cloudflare.png b/Docker Images/bluesky-pds/cloudflare.png
new file mode 100644
index 0000000000000000000000000000000000000000..72bd5b8b293aceba6042788acc765581666745c9
GIT binary patch
literal 22620
zcmb`v1z1(<+Ach?6O&Lv#YCh_LQuq@6;MFB8>AaV43HK<N>CIKX^<`j0ci<AT3V0>
z2_?=w*4q24f1m$+=erKq-fOQ-%sJ*e-uHR#dWP2x>1(@p9Ns}9k#>t+7nLQEHdf%@
zE4OXIKRZu~FXMl<-@UG6MIw=ZBK}Jj%tTH@{I>NKMQamteM4<c6Gajy2gi9k*`w9?
z!LI-C10@nK2bb5~ZCCOAGluet)>bxJ*L2NIb*(KOBn_>s@$FmkSDDX~{_FR<Dn@ZB
zM@eF$m*nju$Ge@J{eP`j&Q#V*^3ViL>2aCx)u!>)9uqS;AjaULEv-pj74SpiA#L@m
zK+y-0F5VALOw3)0xoK?aIsRR;-Z-L6FSB9Fe{~@tt6^(qUE0X1ZRdnuYJ*Kt>LPcW
zjY~?~FCmrNQBhG>MgRVK!uT^L<(}tXU)OKSYMo>F>#IC`zxKYrz8G7dQG5UW<Mg;s
zivRd4?voXN|DtRXBRl0^zZj?`<(2;T3mr5T_qp=dZ@y8K`&Tb%;+?-?^T*a!N^^7b
zcefI^TvSn^otc@@(a||*Q71YX>8BldKYmVJbn;mWm24NqqSc4$=H_OD(XwktT%HZp
zJnzl8R~Ny{X*1TcA@$pfwCwCSyQv<*^_97m`DPi~3yud#tgNhKZK(}oUlWxI?JWXZ
zq$Zh#g@uKdzHgL{7LqD)UA-<LQ8TkV67A-fn8@@(!0r?~d%CBQVU(YC9+ioysbO#N
zg-e$%<rWkKg@uXX@)8wN^%f_)uc#Jnz?IQ&=`OH~cUqj}(-IRCBi^+(f_JL;kC4-i
zQO9FfbU%6S+q89SuVq-C)ksr`+qyCfr*8GZ`yL(%a`EKHuli^-L|t%r_qg8uT#gC5
zw2aJY9-h{Dr}8Hh7S`5-EeUce1-85IS&h_FnC)i9$J4{><>uwF>wMnZKQLhBtd@L-
zTg~OyEqaH+eR>U1swZroIW?4(dC*^QWHaw6j7h1cYqU7Gi1*tVbXumOp<&Oxn&+(A
zrlwLwj=$b2q|)!CV$s37ZO$&r>2-}5u8ZJwod2;wD!(mB$s;q9bD|^bI5+p#eoOw;
zLCyDeQ)=TA6At6)l?L7U+}uVjFWuJHas;U+w>Df@r1jXkXLznbxMW~zxIk&djQIGY
zU3pe<Dv3H(PwgEYEmwcrNJj}8-Z{m{$aqa?cwk^-!10jCNar@2FMQL_l}}YXXI0nx
z{=q%2H(n-M`USsDD4&&HRJ7>9_fZ#|`iF-rex{a~J*f+2_xSO{AcR@@s<X3T+2cL>
z!?j`7<KF^VOI9+r88a=)#!J8WmTju+x3gkZyfVFO=LM&QPYn(J_^52IEB54c{F^S;
zgfJfxaz2km=#P(ft^TFE^s>p}<ems@sZ4`L22$jU7hay8FJ)uJ-<x%Z@2257XfZ)=
zlCO6C=A8_k?Ghp9$kxVILjwXX+S}Xv4KW-)F15}>y^B=%dn{2$PcOV5`=~gP{|D`o
zMDeL!$Mw}kcIsX4P1>6dW~QfWuKxaI(o-0gZ}U@&jXIP=cgL@>uLD6cLYe~=zBnv5
zvW#vu^QWYwtc(b+Yu1HxC#jc2c^x<{n;?7AyVJ(n`i*I4c3%EnxB13veB_Z4yyhI(
zQv7z4KEA$EuC}-6kG9Jco0u{SFD9s$2xaQkY2kH~R0~4Z@q*8ol_~FSKX6KejoP3!
z>CjZsBE7oXDmSNI?T7B}7nSr*K8HB<(kuq9VmBoZC{8*pEG)b?ZX>^k3kZLzb&pv&
zJI$<{KPf4R*a87I%@?#jZM&VSR#)Lmvpik4$M9R)E5jG#bFamMPWjLYgrt_Nh3nRY
z%yd~bkfq)26A9-vH|yvreYn%TGx`V(kBP?IaGiYOZQu4x{Y<>8(DLAcm6esd78V~h
z*uIaC@A}ZD?p7CY>~ig7YCV&~x05GNrW-b&BGJ38SP-B1qsB{xR5hO?!cpeM%a8V-
z6#qUjQ06pMRQdbYPo)A|=7CE8%I4-E+{bjsUq-}z>eck~^K)JvdhR?|$1Auz7(~5m
zi_o9(Oxn(grr4cZJdP<mm!_ei!72DSJ5<yD-tYkKHhcHWJ%>0ReDv75ak}4|6}Jsn
zNcR09m72y(f4ND=d#_+7g{A^Ka}*5b6yk*M+TxLrwd*BT0k416_wZ(&tT$3&91pP`
z9o8>q=I7rp<+S_~c_Q#)Bi|4c``X%{DYEIsMc(pv3aNgtUmr(B;kL<PQ7;z6%_}qD
zvivo6%cw1-?!962T}#W-k00Il2rb>iA+Ves6kC|;mGRiJJCt2}3$~43j&g~si|e0>
z9NO+&8g8Rc_sBLHG`$h?)0K%l|FPVgDnYHt5&LAVqONW?FK<pv$|EJboo?Bq-S!R+
zGqW|U5vp;xWXZ_$`%pb&Ucb(>9^H={uhaj@OHoNFEQE$lgETogNz^8Fb#*njRhu4{
zMb*g2$XwS|et+S$^HYU$<hO6%=Jy*azE$LCBOY?DYP30?@9y`DDGgMtYLcj*%TsRa
z-Y84hc}LHm4@FhA{PE=&K7IWsuLD+eLHIl|Mql4W3cE$^pg7BBKdmv=l2Ddy+PO5~
zFHBk*jgQ6|@1%=9(%RaJ`%kZ|tem2fC-U{(twX$KwAi&K-_qP^c+E&@*e_Thb6YnX
zH8BhPoar#Pk*Jmy18&(V28R3CDOM{>7WGjVB!W&!EnyEc-g<X%C*`>h)zwdWikvno
zF-u8HODEmQdNR?OV>Q!%<?QXG>&vr4QbSueZ6e|Kg$KWxrK%Ne+r4`TFJ{t}8;CQx
zpOW%wr5{~;iCf8Neo#Qbhex|<&}v?zmhYlwBRM%a*-msk%*x_M+2TM&$jq&uI4>Z;
zY1+X>e9%3@D;MSE5AHt9MSSk_SRvJGZ95q!t;q+UrGBy>seeJ#8I}-@wNj;Ytt)!9
zp_kUzR!2Lsn6{GBzO)`~5}d2$#AbQ)gn}u<b=9%7tnAPQM=n%@(yA&i7S;UFZZp(<
zJ`_YhMby!2ezbk+>%SFJhP1V{XBHOf8&ay*ols#6zrLeLR?eyD?k;+psNK4<JePO3
zZv%1BYHDhELgrsylIb@@4JGIF^uMs{d8J<B8Y$!wjypGGpHZmaK%Z|nCGAgtA=iF}
z!PV7u1<N%**&Tr$7#JDpQ&1p4!F0O?9V&S|YA@<G#~+6~cMj{<NA}_Hy*KTol#!9a
z1|0pGNQINbuU+X^j=PeUmPY&Y<cSksik$2m7bojbBX;X#^_)}6c#xZWp46JGT>12*
z#N^UST1G~H4Qt7XbLV`%e7UiI|Nb+o`CPXWZ|kCEsFb+U-6P75ZVhGTpVw&Rwy_e=
zd8AscmZml3x(v9QVkM~ZZ6~Vn0zTNN-jvK*)89Yh=H25qZoQFjZAknOT~oru<ecwe
z?ii&^y~63zosk!uLe|$7OQ?OXHeXO#xbUK==t6OE@rhHXEb-^GzlfqtA`ZwAm-&6f
zhr-z#!qQVIXPapLY)vMu-~`r2@&y^UrSwfrHOvfDZr{06yDQfsj<O#I{*KCsEtdBo
zibSv5`h}^Ibs@BNy~da;SojXD#B>5FjnaN*RQIxwmEDh5FR!bsvu@nJZQBO}u34O(
z@DK?}Nv`fsZ{p)o1A9p~GWDe7jOW%?|5%{zmX|+_c3W$g58)df9sSnXIpV3BZ|%jY
zUq5ItQ)7#A{W!mUUCqMIZUkqrqM~Apv9a-;_XZZ~rz+c0RF5+-Y`{^x>O<|GWm8|~
zT=n$i{EtSDBB#av!NE_*{RK<ECMuAfx%KXuVIJBT*<FBwX5Y2?7XoD0#l+a_zA0qr
zh|yKf-XOq9K=2nmf92mZl}Cs@M^8`B=lH}Kb&c9riIw|XmN6A+s5+Qa*-Wk8-@Ig%
z@*a-+-UA1$YAov-(ac|`s1^{N5od!a<pgXwZ!;$Em*OX2H#yiKyuK-;UiWq5=Z-96
zsc5%fUllI4E*o$iUjFggpY5<O`rwvp*RG)rni_?57rO{dw=JWim;wN`r)xhREo`vu
z|FoT?<}|?_<vc4!dbH<=YmJy=kMo?An!^x<tel*Mr6q^d(S^mS?}hvhvnQ^;4*c-p
zBKC|pHp>#a2(^%NZu#;7>!N^u>5+@l%dY-23lp6Q_}pY<WGYy5U{<T?@0V~`b&L`|
zPu_k$G2Wheu~n{NTzK+F<7=zn7Z=EfqW#ePv}-#j&_yR+Inz}Y$)g^i%|;!ss+IQ3
zG4C}?=YIE=K&GNsuQuh|81vhVJsaS}!FohaC!TyK%gn)2KS!D@?!>VR7rGA?ILyV3
z_UcwYBeSNhSslS4AW>Epbar&eV#hZ%H{(-nVCz=V#}@j8eZ^Hll|k>LS5q9uvv_ic
zovUkCp+gXpLQ1G>!z90Hf{K;3T2<NEKV))PjKIJ^fMeE5pO*H_rjCw|{vSWC-??+g
zFQj!`K|nXUa_b)Y!7r~aw<IYA&5bl1prFvbv+%)vqe`)JnB%W8O<i4G@c=sjy+k#u
z;o6Ulje%%VVIcx{zmtx*E*(P!V=rL!rQwZ34U$h%WUpK{)z^Q%C|tWPfaPzFlNtzC
zP<sWqFhBOy``NRDt*Pn_`q3^SOs}@8vWgOgb?UFeTDZ_*y!7Xf)!K@KiHV7&>Uk#l
zw;BtJ_zO9$45P1ST~~i8G;{Fq@We&LxOEiRu^zwXH`sXXNYTX47{Ln{W~Qe#rh1AT
zdU&g}SQzW|fVFXGrfLR>#uazTW6S){Hr8v-wV~|t$#;TJN`&0SJ#K!m!69#XEgo-j
z5s=jlAoWw0aobW`$=bu{=p%m?CTeCJ2&ym|`&=<o&v&#UU*zEqzEh*slhQUhsUEoz
za|33hg-;(h_UgwLzwq(dh0Xs6B?5Q=>v!n03w_($n;z(V0U;q*(YzdHt4>Q<Ria4Q
zj(@v^*H5^Ub#`rSO(oB=d_3=IXy|94iMzJ8pbY-;QI1atW}sI~-Ap}PVr5~`H<8nO
zikaCLO`TY#qdzYs9XfO<r@N%&bVK`|?hI4FTaX~~BS(&)dtF9h|AEeQ&7Yq8*M>g=
zs;qBvoB0Cdit}YJw=%sT&`Wo|jg$=SS{QXfetuKTm7Pa_iVbr%2yWErPSahtP*qX!
z^z%E#&mWGZ-b+n=9ml@Tj1w2|>t`D$0H~bFk1wxw9p>@`jf*mDj?<lp%;J81)t4y#
zg|EGn2X7PDS<E7Pd~oSDCmYp6tg~KSc<^yOUEPPzpHmqc8YU^G-v_Objy$iKZ&9KQ
z=;9h26=ml5q9($;SPVz@UXoQ`LVQ#|sA8o77a*WyYM*g;e%9!vn|LRpv4FMkbbsiP
zUa+_mBf9<jWWB#~u(2Tn-4}<G8$#=cUcNjkcg|^eIW&|S@R?fBo(*eOxI7$zI(&eV
zGGw3&H?uoKSK{66WN~?U`4lUn*8z8P7&e_iJz4I1e8irh5{G@`L|3BQHsT16kB^^s
zUSjKY{lm=8&K~FFGv1@LuCjG)EcU5Os-d>_<;2^`lF>OP?N1ry;`Y+g*7lV>US64N
zSe`7Hy4SUvtNq`qj~V-;B=30aHG=XTJ9bQ=Z4@<s`uES&<~%F?>JVm$Jj)@J=sqk5
z3dIYQsspsNK93)7rD9QeiGB|7GFLA!rPwu$-b>AA`PYd9jyVC0<>|Stc?5h><HJ3&
zIPcekFVOfwYzlN`BkMXk!f`9oO*?t&Bl)cM7}@C;udg{pIgT-ga~p5bxv&`@xi>*6
z^Axa4|6o<n((>|9!PhZx!Bzq{0ME|hWXa{2sp4hI(ZcV7A%StmH4OCkpSS4W)FAZd
z92lI=$NQTJG)d4dRC(0HDSM~(qHDhwr)08>zAED5slGTeTn(Umj-W-xtx4=fH8auH
zK#e)zgisM=qJ><x?b`LJqT&%w(%p#;?%PR<mpZdeAzAb#rWR}U7P}-V=lFrUHUc~}
z3*1_q=&VFHt@36q-ZmKJdpM(5PEJ<V0GJAktAk%}d3$ps6BCo%@v5qz)9y(pRs*lm
zYvM}Z#KrC3yY~aIaMkC}-_tAUYuE)xqkp1mc&HZG&a}wMG-eqq;3|lo`c(V8JTM#z
zMjSxp((m6-!@{bXWrU@!Uaep*a2<0zwkP7%<;TO+<lCm(^`nQVS!V3`x30+^^_uac
z6QJfY*bA_(#~KMBr`wvOG(XiFjk<63{R0`6RM+u0FXRRw+iQTS39_*}0Bf~>&yP~B
zZ#?!>OAsCQH_B7x5jRPB`DdddV*>-1v4@s{VhF|M(zsT-^-whh!ADeP#x3}V^Xb=J
zoWHO3V{g2{N<CvyJ$w&5iQVKIo3o1xbPpYDga;2E3>w~#c0<1mhZ1AnoonHNbJkew
z;&lK1{psoHqnw;UV6MS{6A`Bx#3dw-3kpWMuKsR(d-FKG%lu7%J;h>Y2fytU=K8pt
zxD+3EclUFOY2Q=o{oTSj^~phZ%4%x7(PWh+eF$oR*1}G-L=<mgyP;o0+TnCtb52n!
zBEBgmC8dkXNg^tRew4!_^yO*PK}!@s4o=SYJgd_HG$*;agVkM^%g3`Ji(MBNk8zkA
zesA6z_34u+R#w~b@p7@tAENtj+p(j+>U8uVn!+%^v(}fFms*mQp98;E_#cUW{rGvF
zO}0t9NUV6UL0bwPu+Iv1x#+cPoR)*vj~ee!BNii3ft5HXr2hW?rSZ%L$spbE*FPT$
zn$$}9M7ZoR@vC<)QFL&09FFom>W>p#Qyt8d4v7pckZ&#Yh}#NE27BR51<i6w(n(ue
z+oh!?(C5pJj{LxZCr+FYY>`@>orZoSJ8iAz)m3!t@}p_IO$LtYDap_qEngX}p@>*0
zbTzm;XHh>td+Uk&#;yG$Bagvq3hbtMPL?mq;>Ai<7b4nQr2@A;{D+!%V(LzgS=|8{
z!Asz_sAfrOMfq<Ntz~{V9xGS15Z*c)Obxuzgi81{D5yQ(h6(Lm^U_xdLP&ga5oh%+
zAT-*&CfdLXi1QWIlluZi6ppGU{H-;L(#tQqss{ZnL4Nj-{BNs~{}X{T8yCSe#{c)5
zc^*8}=}pB-X+!sy=!whq$(Q|qE}H)PW$G!nQ0(0ocwf`lc<regV0`Ax`}bU#GiYy_
zGq{j&UxgHvc9X7;A3vI`05a+gfNpWo<fNyw)09{YJZfKp;8j<ls;XL70bRAOLL&IA
zE{`h!Nu~v~T!*^}<^Lx1X8oo93Vu+Lc&;&RWs@*y^3c0XO8SKIT<2zEo;7D5RJ4OO
zzeGjpw{7mw0$tJGwPhn~(Y)*>N+!!nz~=4X$EZH#Jw3&56TuT?-<C$rXwQ8aD;&@8
z)@!}lBEIg$bJA|cG4_a3N4tAqw?|rLCet(19LP@|A2oh^`S|GI{5^Q|=nn0Mz$1VR
z+Bi~nMaBO9d$xFx$;dQpND99GF%)Nei^rwK)GKc<9vJxkU4tYdBC;bxF;GAj!rE{{
zGyygYyK>o~2flG$p1q>Vybs%lJx*b7*_g@)#u<goXoXrqar3sRus_i^(5iPN({J2L
zt^;Lq*AbyesR*7KXcrMcauiFp<n)4{(F%7KsszT|juof)OT<Q}nk`%d;r{{s^O8d1
zH^#J2-`d;5fd5ZPg+D;^!zMoaHs;FYbrF#b#C4z!a+!P!fcAEGZDlzoCB)P7y1Vh1
zx`$cM^Y7J1a@3~v4%a;mX)YL$dwBc#w{MDC+S=_o=0~7oYPV<T5={B@>G%!Z(vp(9
z)SYLpxQ8%W3U4DP9|nGQ2DOQMbTw~rhl!5`@W6FRNgeRa_eNiz1O)6Q>hk@wYJ=JD
z<P$_t<=O#g+fvo_KL;Gcr&Xy+KS%?ZqBjs07N$4A!os3A;4e7q*}kOhe?gDOEJ6QK
zY<n`RO0EV^R9kyIbFjJLf+0{}riDazt1CLUAhUTw6vO6MH%-meCf3f`lAjc-J>%8<
zbyL!sqP0F#ujFg1?x*L}^o?iu$-ba;v#1qfO+<>v9MOFMzu(??wZY~0{6}coV7o7X
zi`kr)?n0i$ZYoFl21!oWt|TXJE7l=Qz>bB037zI8n_ph>ru3oZdy1Mgi)McSuo3P1
zUeYmVLb10Tsy=b@q$V4+Vxc`dKH#@+-@at(%Rnec13CeuiQ7D6Tq3%|BRQEFBuNWB
znU>G;0Z9H$w3X)7pEyp8N*O1#D}30Ko8O2XK-rc-Lk|;n6C!D9YCd@Qun}4lEgjux
zXAUdCP8kTx>udfQ)}ykvQ$4CD{w%#bllJNSi4zajSEt+n#Bp5u`ub|4E=07nwA}A_
z@R^woZ-{n52oY;5b25-v^=G&VV`h;?B2~y~Sj=t9W*sf6^-H%u)bAS?A5JhyeRjsN
zs3mI3b*a3c1G;Oh&Cgasxk70d3|_ZG8~LD~DxHWX4h2bjWohOat9n#UkE1sv4K}M`
z$*!)hZ4etuA8aSK`sSUKUrOBETz`+A2J>^kK2plPtC`YP_%&5M+G3z0-K3o(PAcLm
zgrq|N5m3oc_SiH&kg$wlIELxz=^#>^)<3=!^qdYX-A_&J2};tLV?KhKNytQi#85PB
zJ8eL1BmgTQWdZI@xhdtC(E*Z3hI4JFqN2hF&ISLM5nkmwa7t2R@N?j&PoKIxiX7P}
zu4|1C40r&+A2=<&Ndup07ajjIaFw}kyIzV<r$i?|gAgi$x!zQ`EGl}ULFDq~x(b2T
zO$BeayKQbt)m<Gd|5Y=;Yi8u(y^J^Q!F@5eHv6pw8rU{Mkl=Kf9V`r%X)UP1CX>Py
zwr3eXAMGAVNJx+j<Jf!;pKw0~MLCW*nWwk+05t8|FwVz-ml?Jbcfxs0#qI6Sqty-p
z!=c0Rw`Jo;S9Nqw5bi<7BRM5yWuljdu&PS~K@xZrRKT3%>F*zpmoEfHaOhzTENzLC
zqKS!#$+aBXLE7TsjuVT&@M|<E9Lfhm864E{xq2K|bmH{s1AF)0OHE~6{j<n>;rkPB
z?=qYjs9q;4a&8>;vbcVI8&E2(fbFh(Xc4YUeOqzN{_Z4Qv5-kL-1M~FpWQNBq^@3F
zFX4<lE7zJy)fjJSmt6nTr)i7F$9Z#TC0Ld)A(wo{1;9OD52&oe@GYv+UEzzt{=zOx
zgX9+{{i3?iVUF~pGbgou@IzZ06;$F48#hX^>+9>2##)oTU%a3zS$UdiBY5_#xL10Y
zf{LoDA%sN8d)(zX2LCW@AQ}zlNx~U?`t+&guiv161hrpIp1sW6>y-{!4SMWW!a#_#
zU%2wMyIXbY%K>z)JYTo^+^*#A16<ZZKHZu%-O*Darn45#(#(3zRgY--!-I1j9Uc3J
zhRUJm&&l6bRHP2zjwXb0E8q2XCoSWI&9&9lXWR5a@pGKNw)B^KTlvt`v%Ci5rp!5J
zDZG8hj#97|2y<3=bK2;K4<3Z>A8?~DXl-?f7FMcUpBNHgH|u!MNHQ;+d1QEQyUyz4
zx)%b^(TgaV^UJD^5#ZoSLdofhkI7M=)@Q}VqXcCQIy1%i#rZnJ<0g0vn;xKpL!XF_
zx18lrQo!nh=<1_y#f9eN@Zy|-f@taLmcPCE`WvJv+y@_Ob^;Zvh|K}$-?g*jwP|~l
z^r=|0>=9u#K@ZrlVS{ARA$Qv38iqv=oI9whQkQpTfHU~<n0Bxkx1MWiYI-Z5AnVtV
zD4(E}UW+D!G7BmA6bnoJ!9ClyeV^_t+gz}5Pnh%R3J}B<&`7;Mi4eYtV@y~moeP0f
z`vOZX;7DXzKszIvz!_GkS3GLq!<iPmyuA2U5JwchO|?m(R{0aXfwq((Q=cJ}=-LXr
zkP(mB=q=80mphXW&q^P9R(!`^%z{TbqU25#(PqJ;l-_niB|SvwonVqC-T4#>3JRsA
zrQgsBA#{TLvA~d<ZdEqdG&QY@x#Il;7HUcxS27^GU9Zb?pm2g*qRRbfj^Bgwl%$mT
z2o<6Ur5_C2%iH@knCyFl#+Vz6QYTm;vt9uJ59PNp^4oeo;44iG5I%l-9~2&^2ZFyY
zoD6#>r)KmZ+8T8TRd=$C2r9cU-d+Yh75#h{w#Wds5Zu3~=>J#!XdU(}PJawaU8F9^
z%Y(oxqoebty<zv3jb>(Mn>KA4)aPVi(3v~U_0KE-14DWBS8Jx1cMF6LOE{&?<&@B0
zr?8dXr8GcW>2t^fC%!peMj!eIiXs~%n!>_Dw5F|ux(uHcO^#i^o)-Gq!}xf8KTDJn
zYWO2idWcdDLk9BCNB9J!CD03^>|Su3KMKYU?#%&}O{7;iP=Eru0b$=*|G1ITAS)~T
zt;mTN8^EMJ;~`dj7S<k4-6fbOifI~`{DwyAA|3;h;a-#*aB(=!8)#{1ZQHYF#AA;T
zYC+q<12svI$-X{gVwl}q6BRHV{p4Nw5~`@)K!_uyk`a5ou|%$ihex};nzGOOatC!_
z=?!e3;_xoIRBi90ncvkf7!1u)3z+f5Eq)5#td{Nh+2iep9__yZ3!C9q2h#_&&GrPa
z(T<zW30l<G`Ov8FQ(Wu#I!J5r{OQ#u&SXBvt}sK1+Y~y%S48Oz{!S=NULL7ef7$lK
z|4IH~thh*V#XrIho`OHPD*g)y1~~h_h(I{{r+a?BTv|~P_crlpc^C2u-uXMw)9kJ=
z|66vVJp`KR+n-qZ%}0?xAbv4&l2KH2@RIJ(=&0ejF>$=-S^`tnL2jE^%6)-bga0M3
zs1s*qm<_nWdmA?-u;4Z2{~)@N3BDqD!o;*ry{V|EsE#<6;qmrbS~2ZQul<FLc-B52
z_Yd_w0xwBsh_I!6<KMgq^+jFoHt8xaFE{CGTH_ZGi11Z@R{~BXnA`HNVjnHRcd-2i
z$%gObZ}NyvlsKu+q(W<E$<Q9&%c7V$GolS82&;9PVfNygFO*=3G}>&`_Ru~F9Pe!0
z@^&9uAxz!wufI=<Kl`A;_T`OO(1sKxGgwUUTY)YVest#3Ku1qf$(!|qbfYc|YdOg2
z2GhR4e#Y@b!aRGD>uXpF4D{%(B+o}1$XQaQD*O(NeL+Xveqoz{K!HfRZGr6s8}+WZ
z=+B@3YSIP<XV4Hf7Z;gz=d(i`Dp2dKtlaAH@gB|<S*!RP4Rn9v{}vUw+*FADcJ|9B
zED!a)fPjGe=WY)cb841u`kOVM*$<&m50We8X`%i50-dxaQ;$CSns-mGKUGgSHPqo*
zPf9Q6qVOwNtrT}IY$2!p3=mJG6(V>{`+L{dcwvp6ot~f-v=2Z7q_WRrxRNX$d=~ou
z?t9Q{h8$L*c6~wK<bKNSbU6*xgcm@|yLRco0`@t~{R9<i2Kbmleulv^`n=P^IUIAw
zF(XfaV8Hy=*5PP(M|=BF-`-q{GLtSy{QoG`yyiV%j`KIlWtT%jSmok;+H+&u-!RwJ
zn<j8GBejA%-|Q^m#v54rrKMy`cOmP?BW_)eA0rI8B<@I0`N^bf)P;y7)but4yZl)Q
zM3x4wAfZ}ZmzHKpn?Uh`bt9)S<kiIr^a!h%w0-+_L}xN}CHf*0EsZyaQ0IWLpn_+c
zb&G?>Y}>y5rq;Q|uAQuf7ax<;ol!`k9chTxhrtU!zG~h9lI@S~0$#Y3D=?6pp?8n>
z6w%znu4%+>An=*j{*#`*zPcb>wEWg*DtT_Fs2JwE^HT5HMZ@C*7&Ql(W)@f2KQ>kk
zu($LN-IRDIy#HVN)#b<J#H;(zU-+GEQ#btm`v)kL>6w|wIXIqzAT}c9Lt9mf`nrT<
zjMaOs-gnMWZPBr&=jPz*XSl7q4%fe^!LN}B*%AVy;LN83&mg5h=_c|LsGWq`K?ss`
z0=6gk_y`gSPt^~Y7qD-<D-Qr{S(LdNmE-OInPib2*4ZtP4=)yryZr7a8gE*9`YQmN
z`O)UBd-m)BWwYbA{_z2=-on=Q6c^V)BmiI~R6r*T1+xLA(4Fkcs}1M&{>yQrWWK`&
z5KC-QLT}X2I0~``bUSS`)$;<!FzDH{2Ol+vkOU%K8qlKwqqmcjSAYvaY|rdXXSh<=
z+8S~@`A)jV#|?h8e5L5fXOMcpt=y^s=kVD%rKjxL6``$$O>ed%%@J?jTU;A0eB@qQ
z8XK08P*RcSn4jo;j;-JK<HzU5*VmNttrJG06l$6N5A=!~IE!rK7B-lI3zOXv2m?{`
zm{3Cm<z{XM?IAcNTq{Tz`vFX20p%kF?EHuz4lK$Zr>P52r-*bIoTb;Oe{k%o<gX%7
zMvdA?LO1M(v`AP@gvW$XL@4g)clfzjT1dJYpo%0ABX_vb7USR2m0N#JC7Y0wlS_uO
zks*HqoUmO-bt#<7uoQI0J*kx)skI)Eb%Ec?w8E~DKo)yxXll^uA)r}LbOd9AHszSB
z?>}%L?7Rg7umlS1U4#_~sSU-EnnUNhUx@?6szbuAf`n`U1@{?~f?u1OlkfEOT?9C~
zH>@3@+~<&ci;#>~!cMOqIvC)ky0TS?OyF7?Q&@aPk!;M5U$RccfBLArYY-#~fzh4`
zAp=RYIr+6--NmbU&dVGDU!~^J&52A7T-P~Zv2?w<!+Q0RUJ(&AAjbHB?r<S8alawG
zH-OcNLL^Kr{(TlgNbRq+X(-K{W?kn&3@dPO-YTXupx_ay1-J-Xc2QrvdlyW#_81Qj
zrJI`@1Y5_pKPO}r!7m8u7-ba})<Zy|0|yU&%FwMbE0~1IKl&~GIMeN<?<MQ2tk6En
zV5~rL?(6Rt5f$A81LHfqY(21E2nMo6EM~7R?$?Hj0VoxU#U#Nm)&aocGVh6mtCez;
z=a{AP`tP=q>rjM=H!N{|0l6UX*)t+m;xF|33@KB;0nYISQsH8c6UZOoa0DVP1|b2U
zk^5v5t}h<ngKiT72QV}{=;>1}$Ns3uNJ$vx4t)=)Liwyt!7n92hW*~x_Yp--L)<4*
zIe-iyAk*{|P=JfKWd&h<!2zP?Hadt7xAi+n*`U|yD7KRoxSW%y6@bjkeruF;{MLkA
z4v_jZBxK8nZ|T}fK+$L(`h)|KqDp947DzoDO^i^%y?{n|f|0T6{R_CT&9ATRSzB69
zaYn&F4oz)9MO1WB#K7QfyM1N22Gy?|2j>4Kjb6MB8Gf`q^ECQuKL9Za76)O^ldv_!
z5OqN?X7f=N7C-C)HXv5e#2PsBhM-YUMO2C$gF*4rfMZoU@go|nP2AMTg9n?El9La?
zY(lCr9^l;h_h>v3>>_=ttdxtBJf!A4Q!Y65{JN%5bKLHmH*aEZZ2mmvOTB-8DK;mL
zPL4{O0oPMRQ5p?S06KzCgD6e^`W1_0W87912;m?Udk-Ie_i2f8#|d`w?c0wD2}PkE
zkikf;AW}NluY2y-&eJEl683`9dxL%WfLaLSjCW*tBi0nYf1pH|40VAY^2BRUd$42;
za5s4QR?kMq#|da{p4W|H39<46jd|fEMMXtFoApWm65ovlw^UbGR!H`X-F6A`3HuRR
zC}d=Ol(cgg_Ym8C5GzFNN__Gm1H<B5%RN0k<Gm%l&kkO0<tspQadvi=q-q_1bG{RV
z{9aQ0d^;iJtSyfa{;!3N4RcGCD!AzD|0Dop^qvmrlMl;?D)JNxE-<!H(|?9=W1Jfe
z%;L$eDzplzbVOMloSa4+l`s8Q>TmSB9*Wn0CjRN;Qy{NDwe<BXSxW{@==`5NLBe>E
zU~h-H42TUW#qRO(B2LWA+?+Pyp0hM}c1FB;^G2meh{*q7d%GsC+^DhBGBG!o!8(&k
zGAmBE{e$%fIrZai7S2{PaT$EMhc{}1H-=d3S6XcjSTj~hL8}G9!4$}|@a^v$Uz#}8
zQYF3R@ot)s0mYn*jOrQPwMDmHF;zJ^IWagksO5ZSY((r0nhQ)Lg6Os+D)?XVw)EpH
z2%4>%xMoXdzW9Jc8NN19h$cKd!iGQ~tLfF{t&R)h4%dEqdwy15;~TKdv6cDqWtq+P
zF|(apv2u1*<qTg|sMKj1%O3`}`^QE{z0k*zd#IIDYVUmkja3D5WE<^)km8-|lhM6l
z0XD1-i3(E8YK7-3bNj|Q&LWCnLBp^Z1j<e9d|_ATl<iEHMMNaMW`zA!C4!84p7^bI
zVx79)8_JP-><4x?EAIdNdrt(EQMdqkW*t{{5S$UIIngUu!txCXVFGT}aCWL4q^C+m
zvA1r0Ow0TU1TRw1p=n(7L_1X|8gEcklwUzXK|&{&PSI2j0%o-5?;e%0sdN1>57+lb
ziV7c*sYWXxNMrza^Azg0K~Etcd?kSSQwl#PldJuGeTTyIqi`J`Ta3oPe<$QBB7KTe
z2KRViVnRwqB{BgDsFNk6Nm^b(G{=+BoGYcC6%_noUT?LWQq8>!E2D#ZPL-Y6rSDGo
z`^u&=842F^A$p0~Edpgt0@s**-D~Onre%mc2o1m%FAeL>m<R2-deI@Jvx`&jzTcMV
zcXK#-QYKv3Z0CKcrkmC6tz4!#Xb0GCX>bq)gM*$|<-=10@G2e^*qw1F7tux_MZ%7U
z?UwHH#};<RA$F}zs7!fJhXDfnCMV6tQg$n~J%Q?<;V`Gi!NIX@+cvgedYdfYvv_yy
zfoTc-if1?T=hhTefsXfvWdJ%v9uRnxPbgJ3_DMMhl6Q4Im7Adf<f}i6oL!|KAoTgQ
zWqp9a^S0xmqa&XKj}zSlH~+$`0H+vKL&+$?FhcJ{XsHR7OILR{B7IAyZN6S!eLxye
zP`v;cjauGbLItv)$ZE5+)~>f5Z8~{YAw?3pZJx!z7Il|j6hwHNxHXlPkAYWOTe_Fc
zej0Hd2It><#Ce(w{s-Yv#5F*jLniShJm@$U6NpkHUlr8LJ34-c45cdPkRu8Pu67O4
zZQxrXvIY*5u35H)kVAkq?cp^TB6UneL_q?EVxOy32j@b|l7)2@<@(#Ou&8JhK@k~%
zV7gT|G<@A#ksN1SvZkN*n`HC2b?=}@YNA2RLJcOp4?Y(G2N0enupxAKO?0#I?t<qq
zW{IA8I@-AuMHX4xH*)dPdDVotj3gtWAquW74R9H^`Vg8Bnr0-(H<5Y9(G~mK&3^^;
z;=js3a0)E^Xva{j&Z!kr|DAff1iyvYqyWmm3mw^}go<tT%w~C3m&oV=@i;AvYoZw-
zPWA{=`7BfxP6*^cD^ms{sr~2FnJa+Rppq*`zC`4iNEgHRzi4f3?aFh~QW-px2s%MZ
z8UP7_SqJ}NH<}8OBg#?XMN{YPbq)d+CPKKhw6uf}?aSNq9UCR@jvsQ_zEEPKU4JtY
zqXs>N4g@xOuI}1CpC1QQGza@y7O7d4PV^ZU7Z<B@@OrA?>{Ngt*1f#sLC`}SP9oBX
zs6ptdBEmVq{r^y3KN&Klucx=4o?co}G1PGQ2kz%SdU~_5Uo+9`E05t?a3C~5j3uBX
zIG`hY`TEweSJ(ps<Q5dnbr`3jgS&$o;Pz3T4uD)CV8z|NBW=T^i9t;_TgZZjel273
z6!44wD^n(AYilmt;8)Q25JqRI{2Bfal?%KmD#5M^6^0rV4vn|^rZlhw6oc0g?FoD>
zyuK2I-4c3g;5XJj4{aC<*GuS}gqIG-quDO*`puni%Fx#G)OPMrI#4v(Qxt)dM@0J|
zR5?uMjS$kq(yumkB|_lheTWpBKW;!etQ^RI1m4G|KPf0k3(*rqsRF2+d#2Tt@ZKqV
zC=^6@)Zsgf$dw>-z%=&mvr7tmN4)_^iySl!#tKFfLyBYKFWMYV?|8?Q73(;h#bl#a
zss5zP7lHQauY;5Jbjq8;hW#5?(kvZ(=y++Go%*Xcuqs0xlGm7Grwnu|gSiN{(VV2j
z34>9-<tyQ6284%;`&St|m|v$RU&wZ#53%JO*z#PuJkXY#?^;*vo4|QVV?TO3y^g21
zHY@2uQ^KfE;MQ6YSO9||@YRvWM_kX0jX`-j#%H&-q3Eg`UU~06M#{hC8$!g+a&Ca+
z^w-zy(SJGN^Y3Q$e;67nN)ZzsJf^9wE!T1@Kx+~O?277ULb8haSCW+;k?f91@$mFK
zcn>;3Ov?R(R{8Ppy|)Gj$H&K~zhyecz_1+8ULo7^msCeDKlaayDi7C#T;_27Z5Clo
z4NkuOcR%~TJ-F1I)WX29Cl6dA+*chW&!nrmy4s|xy&WtG)s7IcRXJ(g1_Q6vR`_0h
z-JYAAyqx-uKz_dZIy!?1k;p@Z`znVIb=KFj$ov9q<N8NmQb>txUqbGuu7VB{YejQY
zQ*8xvy1b0Ux<8h5&w;-!_y4WhXy`+XS$*DEn`OOyi?G6T@%r1j=eq_)Gq_7s)AR-!
zD$iqo-&Bwh9dy6(k{OrETY(DGB*9AY*%I<br3Tv#B-fN#cmcOj*Wn^Kq+|-J{JT~E
zbq0duo}x7Um2ZOY`B@9bW5R3>W;MCRNL8s8s*PR?v9;CESv=}}pkhej|5hzK6V2#|
zoB(RpE<osQ5LBw$EFrMLmacx^1rwu|Md3gA>EE#Ys%`4@CaAVUC|ko|5N~2*iI^2S
zZpHH4h<Cmb!{UQj8n~{B;l9EP-?aacb`VD1wcQ@UrP>NNL^m^MF!9r2vVs?Y;;g5d
z&82K<X_?WU>+LNORn16Xg{6l(scI`~o-u0km>E)<Nn~m&hckD{E~8Qte^Mmmyp+~%
zzhE~iyo#ElHy}G-F~5W1eW~m9m9p^>3Qqr~&R@HP*0;wtEM1}0cWp>T@7tg>;)8S@
z5u692abD_sygB~`(RCfNZ34Gma-9o<YL}){wZ9n7U+G)5^qU&Y74`M?o3?Br@_%UT
z3Ha#6A%yq|%BX`}rQoj?IZAV%f5>I%;=zo4A^nWUj=AIdF$G0;n8)NZ8qc$XK%<uv
z65Mv@JE-4h8V=G5`ZraM;*Kh!1SrnBXrAZLRiW@SVt5LOXNR=_@<I7C&mTXX4f}K1
z{bU8`D+4=wAe!iYIy$NA*RL0c>;(P=uOYmE+FHpd`+hH#nr{g2!1~6t4W^#Z+T@Cz
zm+yC+bohX(`w$ZqnV2I(POThcJ=TKQz?X@1K!`M5#k)P%I7d9T?{XH}n<(s>ml<px
z*O+G}<~=pbWBU5$aqkO~v;ELQ;nm-GC9;{g?<m@Yy^i4b8-O7$qZUulZ%^#>*>Wm%
zHgq8P?*ITgXb60hyOrM?d_)tTo}G<>(nfH_xQ4^LW(eC`Ex~(51n^{P;p`K`Bc>)M
z_Cvu6e<^-QKpqmXO)6JA&TwVacDWX%Jd90K#LouW%>9oVA8KlLg1UgVBc)%a!A4S=
ziao-ivkfVX&A6;Vh~_Z>jf>VL^rFx(A3u074H06`>qgIy8s8BB<LcZ!AsvED?JN8i
z653CrqUslW-OLw8#h|7^+cN1benCVZ{+2Z4Zxo!^Lr6(qAodVRWMm1XK$yM~GW#AM
zu*itjLtj=MDCZNz$_^a4!D`09EF%@O7W~WMY$wynCu*!&Ik~?0HMwjPr8QXX%Hy})
z;spf-Nx6h}^Xq#D^8au)anBqeS7Wue!n-+*R6oQP;v0}EVe^m?_2cW;U_=w<#u8IA
zpj7(NUkKNxA$&^UK5z?mjO;+$lz?1=ZN7zweiHo{X-psJO@yI`toK}&I>W<b!ppV)
z&}blO0$hcni4yiEbSun6;mu)f-X*6!|KY**1Na8(V39)_#b@gOy+p&(P=kcclQ(Zp
zxGtakDfSji4fp9KbWT8-*7qt<(mkI%>Blm}4WWY*LBUtPuLJ*d{_oNPC0W$5>NUTs
zynj9)J=EW@lT24Eld0@V;ttx?<Bj7n828hg9jtO-icVT4L819)TEMX9UQ3I7oMhOB
z4{!&(o;=ZlcuM+IUT)D>x*0Plm%)mOF*QQ2L3|NC!xBRUfNd{~mGL7&MaEetDU~Js
zH)W1$86j=1!(!6X6;L(M|Dj*P1VJJcv!`xAV(v+EwSUI~z$tdPMAOS}ZqlONzh4CL
zQ6SfiN0F%}!t@HfqlM>kY<}JbeRfY`;lmNHnVJ8DJHBQ2;n4hD7hB!saRf1{w?iuj
zomKRSd>Dsrns8?3#p<&;PP^2u4a==g%Wr6KzP|coxbxa9|7+`oq!t_q9jp`Nc2Df_
z-uY#O5V^@aIy*aCrURKF{@{*5vcUL-<O}{_g2;o#_PDLPWLCL@D}pzIHC4=GM%4h5
zb_vQkETETp*%%cFj$hr+X!0<y0d6crXC3h;nOCk|8yFY}O8qS~KHL3oy1}<XhfKyO
zmzy>iV8K1HD^!6|AgSsI)jL2t5BY{npgLqKF!QU3ga+oL%wV9umIfaNx8N-)IK?n~
zBaO@9Rcw0%b6tL9V4x<C>)_{oaJDm9q6O^g;e#Z#gy=oamOo-_JlEiySzxm!w{ZEJ
zTLv2Yuk`uFLf6%NcqbtwiPW*Q_v#^IZot5T%x<{znHG6=*+`2HESgP3y?iyNIZoc&
zr`Ru;CMD$8kWg;I-yU%JTIPNQ&{_cC^EhEq)jM|X+?e5)jI<wO5>E%_N{;*t@pEEg
zN>qt%|MsnG_Ldxeqz92YuNq;h`{kydT{4qg(aR(0#-o3}-?m=qRVzL)fU>w@x`M`h
zFn1JV#yq}@il9GqtW>nLlH%gxDHcaDDqe_uH<3|AJY(;{gQC{f?-Q7$vr)+#kx_w~
zsXIeKOF+TJi2oRE;9CElaP->=y4Xllsb<><E<+J<@f{$JrYn{rBBgY!G*nbXuo$wz
z3&!Dz3E!Zg12E=69NCRp&R{Y85cB|hIf@#k(BzC6L9{|E!5ed+b^j&ZaPXM%x%khk
zgVM8Mh`5}^jM2ax{;7D56IwB%Ct#Ow_&LirZrE_HI7KF7P=L_$`Y<!V(~0gm_I1<d
z%`-?Sb~jpr5Dp^juLZrFk41-sqj8*vCj>!>y8{)w@tU8IE3jhDv7gZ*I3GsCBnQNa
zV?cl6KM~d}K{~i}pdgtyauCAjI3*KRdyj16H)L8dn1P5`x_Pe<;XQz}BE9h)L0}?T
zg5(<E9I2!l-bvTu@2F!Tk*ETR=K^eo{LJFz<>icI9mc>L<7JMZdlQ_H=zwr8h}byR
z6IKQ?3|C%FMqF2Gd3Wol-)z|bi^u}|Ke+0FLx&6(tl)Km--25ez8=C+C8kZ*|Mafc
zvQQm5B!(0okz0n-IgB!&7lL$<CbANg>KjjDhgg;rgqv+XXx4U3+i;KVnr-#GljiC2
z0PcDV1l&=rI9z^P6H#oiYtX)r$oXNQeHt@1flr@`V5klHKQYK-k8Jaq(`U~<K^84c
zuZIqblz{EH2GkXjGi*5`ijTkBi*N$+cVQSNe>D~T`Na-$^5WOddhkHbspdZ$iE{FT
zu|OCt_c!mfJSS}4BS@&Gm!&bTB83Zp#^XHwaVxGWTuUpAARKY#pcLB_!`b2?8UYYi
zd<r>x3yh#C^eb*;m@j?>{<ouyk)}U;Hdl6IQ)s7~Ur?c{%ekWCtxeQbg?{X7BTJbk
zAw6|Qqw8%=idqtX@B{<KObbR8*xBC`tGZ|Sv$t{7MN2Ge{(qtl7uDJ@QUSZ~^uLNa
zthe=aSC)rPx{=l;_sDu*r{}p!6Q6Ls$>Zv|nsn~L6PoQF!P+(2K9t5eYCI>@woc3_
z>%6#oN2%UOo&I)5wi4!*CK?mEMH9Cxy=TszzZm;?d9`u0=PD=HyP(>URmWeBqv1b`
zQ-0DncP%a!r~Y&r$Wa!Tzi^}EVpEy?!!iDiDkYkJrqQ&9b;l0uvoR>tmL!gasHkJ|
zt*C$gd&^CBHcZ|UUquxkLjR6V&mZ2X{rC5pjCc7!`oY)r)ENsYQBl@yrVZ?;eycYw
zB<V6R#Ej5QQ4={Y@I^IkjeowruRHr+-`h9JeH>48SfJmyZ(r7ZsCWzX8%Ft}<o52n
zdF|wW@A7vG^qcS#+930rPTI5Ju48XQgTp<4Z2tK20p9XQ`(59Ed!a2Ae_#BYHtPTX
zcl;mxqECktiFoz-@pJjMSEmo^?_#5R^;nGAm4*95Y{8c6xdHyr3>WC>_uYJal(_Cz
zBNHSazvWsSN9(?ef2C{#p4}HG6YYm!+2G)yK{6E`-EItD60u2`>qd=2U%acz$~FS+
zls;pW!}RIK7dca1d7M!49wHdpS1?s<?6GgHzN%_Fypd3DW6H_yg0?u93p*jqBR0AN
z4OfOv{l<;G2<WBX?JHex{4pQ#>eZ`?Sp{{MTiVND0$d@OaZ!kO6|fn5lfHs@LQcgj
z=5bZE9mK@EDlCs5uWP&O?d{DS(p%!DuI+$030Fv>eE1%Zj)laeBuVW&9_TS&5?oA&
zPy?G3*Dy9>e2(?pxfaEg3771goHoU%r%z+jBct~0Jk8f<%Dd5;Y3)^&an3H2>09Z{
zG33!#Y;0^27cV%>>U<uu?6V6Ne+awoI|jc#f#*HJnBnaSa}1QAyuvx0<}_suyq@N?
zXhxXGh%}gdP2ZPwa3E}<?VVf#0xx7Fj<BTiU%PhiX4foz5Z_9JnzA<iSeQh*>QA5C
zZ0{9y3yvW+YKIf`L_d<>7>R1+JAafRrj>%HcjvLPNuym)$X>d2+pLuL(~LW~v4}F<
zjPTV4KTyPzBYGT0=r9S~kFncNz|P7=(J-#&M0OVi+&SC;uZjv&cUO(~NKC!IqhVrZ
zMxG%51o0CzLrvtdnct1{^^w7)AcAjTG#=;#6^^icKG)Y*0JA^57vb3<t*Lno-o?#Z
zx4!mVKE}|b{91*Ut#X0)<;wHZ3Q5VOKb~G*@?Ov7p^-2%W3jZd3JeZ@h@lf;QfR+h
z0XmJpx<b6Z3-A55Y0wXc5B9^$UyR&m0KIRhsQAFxWVmoa^`~mjaBEPN&Uv>rK`gFE
zem=ji9GS0=4;x}G$f90;b>l;M`DP?I&5~7P$PG}EfmV*fo!&=7;|&k}UC|`;e<ZPw
zv$OB}vpDq_U(+2DtVIuy-C+<CqKCI40woXnK=?f2O<s?c#edEm+;N_d@6w6=nn2GG
zJIi36?K^N_BT@>ad$F-65AN8E8KQJJUkHIDC~2E&XldPl`}T}8CfVWYT|w`_MA5t3
z`jB}MbT(daI!5V@y5WvUA)an<02SaO)Y^w_b+xr=&dZjxc!UgkSOst)%;F8CyH-{n
zBCqyJ+rN=bn2w@Hnij%^5r+^1gV7=XSJ~%txi?)~V?Ee-bDtu|tsRZ5>xMlQS+_#_
zOy1cj-T(6V@m9d+mi}}-ef_d8U-m*ZyaMfm067q|VfB9K=|M!B{u^eAFu#O*a1+Bu
z8}#(__Ij6tZr>2#b%ul=5E{A-5rM+hg-%Z|uYGDX@IP_OEq>1%(h50K<Ix3s7aH;M
z#4`*a=0Ae^eN0eL<!8p0n1%WG_DFTSuR3=H7!s=qE`1UAs-@*1eAfpeuShrC=ySBn
zcMu;OmM^X(zJrg|u+_*tUGh{JF=!twzWJeuJG|r=IJOP)sc4hL*#gsemzX$%jcriq
z$Pg^9si*e{Ay#7UIM?M*_FkWWH4yPnP+j&>Q9XuUGXRYm?%7AU6c71<phPf64=#3h
zZdmHU<HxU&^VsVp`VG(DfF6~O8GTHIy?ptSgd2AmRz}Njq;N%GR>RLkh|(X8R}(=V
zqJ{wx?Zadus00C6sfAq&(_TP%LAc~TKCPZF#oIkkFn*$8VBiV;pK8a$4cy$^)AREO
z$3i0_%BrfwmN=X{oRCy-FIk;1XXD}$Mf3~7aZUUIGB_VfOGWHii2--Gzk4n7X!-c~
zJbio~AZ69D1e!+p9Z;q;F^&MyYA5ExQ?iGBJUzoJJ38(RH1y}hY4vt`u=kIg*`;7s
zx}+R<mq|E5u9HVMAyl|V!I*fS#SggT#2~q*_(-PFc{5513bMD+r#fK8<DnL0I8=CO
z)258f%wx}MW-t_5ij#&toNM!w5(Vio(BsF_(haa^$|0Ji;VdAapqjh~@mo0f^q|-n
z45@(0_I+Z4IZ0Rzjw5*7w7=WRMtmAPgQo(#SoyuWsOhVdGm<DLE32zFm6W^?2!@z*
z`NaNX931<hVU;?l*xK@-6h4TceWR496B}~<1kyzNCLg>IcB2P^{)A#S4S#4<#T?O!
zGmMNM-PYvXPRhT!arErj9oYQ0Bu;Ty^os(t#uOH+ygeOMbr<+Pxk~;=`7iW=*BKf6
z5n+A%_U%RFDnLVs0wm<}n?wTVAmk>}2bhd|j~www=w|@>H$pDkAUQBOR}e=E>FzR=
zv}os9uP-u6N{5V$j7X%|*jP4h?s5c6(l9oHO0|)M@xCXp{WMXdK37+7AUQ9z>z9sz
zX}r2q*>U%D>!(kfK+GRuW(wAw_md|(NFT6o9-{+N0M(N2LAQDJ{{2CuNDNw?`Y`^6
zVu&5Qv-uSg_}J`Qk$%_F)z!ocViJK7TK0yQuHh;+Hr&X+q=w{zTMLBpn$x>34^e5B
z$V3TN*|3O;HfTU9I9#*3bz?<>?<Dmt;iUD(D_8by&|wK3?l^F(qT52Ig{sZ1G4g|1
zh0h^^)tXJbUd!c1NEaz$@OY`~U(h$aO4fd*lI~&O9_8kyfEh(bIuk73Rpdm~*w{$S
zcjF+lfoP$33ffPTKvg&)6GY5&Lleg8?5rHYXD|KmfkZG5;?YU4xuC&+hww(aS6C=$
zJ=H@;q}=QOTxkipv%lf3{MlzAAtJG|uW<9Q*mrGgh$mGbC-wlpP5R}g53W~+d=TuP
z#^FCLH?zbw&IMHkJb(UpWyP6v@zyO0EXUR`$vDdCG1)2jcW)CDH{K9FIfB}QQSIl`
zn+-HI$?WXxh$Zf1Jh%g&_5%Qn@Y<5L@%UkzqhLV~p%p+bA_g7cr|-jbxBc{Y_r27-
z&X-6RuUy$o=w`%)@Aulo5V#G>wXAV-R~IdwmEfvXg7e45&i)Yr=#~uDh=_>9ug2Tx
zqj_$hK7E?>0U|m(>^rCvx3)cT|J~q#8IRi9+Ue=O%ftgCh)_^VhMQ1=3t$-D`lhMx
zU3?-8HEr_}WpGaC*;Kw8bZ_U&wX-fBV`D~m9SUSgC?<KD=PGf&wDW?4gDWgen|IT=
zJ)&t2Syk+O=4cw$2Z1k9PGEPXXXS;poVJ%48M5(6V&uI}SLw8t=j7z{9r9gwrD^8A
zT%4WMfu`D~*aKl4-(`*AUU)ynZ*&CTycU1|!EM8u**|QGYm2?y-ARpdf=5PkjKW)*
zL;BPrDmX*r&r;M!3;QD&v{To&L;w=Y48o0xrm6C0Z_3JU@Dja`LkIA2>-;ceX`@}_
zP*;(;+m?Wv&b=}rARthN50U$^341Nro&ADB2SZePR@N0DK{OE(=G>2;IrBF5vg@m?
z^K6qX2?x-t$u8!4Y+hN5HNqr50Iyz~)!n;$<K{8to$xgR4>W>MxD71_4W62sS_1}}
z6#dqtK~>b$KVQYfFkqmUcoGq@k+D^Xd8DkY9RFw%?+VL)uN$hW-Gk{O41qrq80Tp2
ze|$9B=37H^q?TsAfKNL)DM?gJY&+hvMVbvw<ffV$fws^EHI}CP&foohuYT%b+^PY!
zww1n$WV8?+N7yb{isi_wJ-`9S^&LBU^rcegfqjir^bNU!`m>4Dny#BG6vFdD6t`ZD
z<vp55;r%J%cz{)r&|M1ea#Y5T@NaF568pX>DJVRKmC5a3<esgqsqKG+)BU%Vuqo97
z=_r&6pgO6JFAJaf)Cyxqq^t(QDuoNSY{^f3G&Hh4dWV+U|1kFsQW`RKn#|j8tRHDj
z>luJdTbD8d@gyT7<J8ZKpS0MCFa|Oe$2mC<AOU+_MusY`pDR?*f#Z~PB%zUS+jC^>
ze4Qsh7c5IGEN<AX(6}rN?|?jvCivTZuBq_|4BRIvDcLd^{#l2ktI**97`JJLR2fw*
zR8p+%Zp^J~c5vNTFYHA^ltDm1IX<07<@|3*tr~`gUO-)gLqmN4Riu09e9+jpfXln1
zjPBU6BfP8IMfOi#US24d;eNcygMx}vr%oXP`w6<oOZl^!z`i&_C{?fO?%g9nQNBF!
zKp!*GH_iqdoxa&IDYAcGV-UB{Z3h|ZozG*+*oqvI>wa^d%OjU~{ZXU@V$~TYrn0J_
z{ABf3YoC^@3G$_NbyDZ!$bQ-75?V!9mx`w-10IS-i3Woqkps|Ncju|}oG<_xa>pTL
zQ>A$;tU!y52Sl|Sa&jBNh%`eONLd9nq75FypEz&bx<$>Vaj)Yiq7f|}dS+%R6?5km
z6xvRWc)v+0ugcNkIK-lodk>R0gCiq5h2arihQ<oj?&yB6@LQ?CPJhi|EH}8l`&!k|
zP>H;DKtu!qjkN&v@zNyVn1~i{U*CuB?qu+yvu@ivy*-|ulT!)1lpTW}D8XA{1Ux{p
z$*e1Pro|Lbq`Zqsdzc6!XM^#GFfu~JEOySTFbu#9HVv>zBUE5P$N6oQ{ztAsmxoup
z35QyEbyTL*dPJWtQ9M>eTACa)B7_lz6ttwh6u@D3Hyz+HWn3EW7XfS7*x2l~{+yPM
zyoW2pl#)MmxQ{5oKig6tUq4YwrS9yGI-#SluMIjuxZ}tu;;9{;(5bk?jKc6K(V7Q<
zH;$viusbc7_#PVc^1RNwvEb{=pB~vepU_YrT5~;Xj}XNR4=q(p6<j(Stc475T29X6
z`1sSv{RV)wKs(-tnPX9)!D*B!Z7eZha;T7tW00-T>bzXx+V7v3vcHdEGjKOwY}(TL
zdh(&6At33C7cY{a@*EAkPE0*U(KK1b=FLc6y}AYX`~hwSipB?E2aL%WnNm<t5bWy*
zo<RjQ+ya?e2zNy23**UUz_Z7K#nI*4q@6n1-~aHl0K@&>-yg$$2}FU2^SRFqRPrYF
zVE=0X661kSceINTGeiN6$<C%k&$)^)XAnQ0ZnK0C*|DIi2M>0>IU=;aVig(|w!Qrv
z5XUs0IdUAF2$fEzD?25HoQQ){vZ#2%5&Q^vA|AV+2#R2qD_lp~-{1eSC<75pA>tnZ
zi@;X2ZfkSV1fsove*<EPJMn~qljoS3Bjy+1r1SIhzx#?OoK-NT7T$*{pgGzUd*<A^
z2eJvGz<%Ig4|Hs?$BC(BJYX>To2#lS-Jm5O@%C8K4J4GDqt9y|w$l<%qC&1E9qa+|
zu+0t*4)(ZCZ0f}9iY26G@GveSba@kp2?Szk$v%0zj;H5a2YPvLk|*iCD#y)RZLa5|
zEhLs!k#{j|Rq&Xfx5iTU5vnLs2{UN2#M7UaATpAJ{~(322h(8t^iD(R*M?GyIF+0+
zR51!{#7eXS0*irK4nXD?VF^bEd>s?B0pnO@1kJ>2BX)iHyx#sSUUTy)y>d=4@yCki
zDxj1Q({RL-%80QtJmKS5OD~3^Ls(Rwz{nCg6?6<~ALIf9YKGW2IWN1q3V|Gi+5cn|
z)k+T?jqu`siK)x^@%96-3??odbd)xb2yI?U*YxF<{?HnlQk8R<)!$H3*)jnp_gG7D
z_Mmb{MXD)XaP|r1j_M=or`s>K4JyaQ#qs}2^vzyvvYy#}FW|zuMaNTfLy0?aHC#$Y
z7vMKl%+#5GJhe``q0l`x;q6#>-`x0GKWhYej$@~&DBZq|+A-u6z%(%R;on`u*ePID
zThC?aXFOlx?O08e*bkg~;bScwDW^QQt)yEvX6#bJ9fv(~6z_iSx?5CA+bJa0Kfvte
zx#sQ8esgOkh&*DcM;RFt#CVMU(&?J${#~$Rt`~<+M|`ye{wr<oj`v^UU&9_#e`AK<
z>Iuoorc=kD%U(D@C}*tOwwxsXw&9Un!as$-fAuQifw8f=PX6wMG>DDUO>Kj%T2y(F
z_*=ZQ8P;F%YmWyq3&fWZtI9tGN5}sl4*n0Mx_>49O{|lhY7?Y?CeoyZC;F1au1Jff
Ih-lpZU!<(<Q~&?~

literal 0
HcmV?d00001

diff --git a/Docker Images/bluesky-pds/middleware.md b/Docker Images/bluesky-pds/middleware.md
new file mode 100644
index 0000000..b4fb6b3
--- /dev/null
+++ b/Docker Images/bluesky-pds/middleware.md	
@@ -0,0 +1,21 @@
+#### Middleware
+
+I think file configs are cleaner than having a billion labels. This is not required, but it's nice to have.
+
+```yaml
+# middleware.yaml
+http:
+  middlewares:
+    BlueskyHeaders:
+      headers:
+        accessControlAllowMethods:
+          - GET
+          - OPTIONS
+          - PUT
+          - POST
+          - DELETE
+        accessControlAllowHeaders: "*"
+        accessControlAllowOriginList: "*"
+        addVaryHeader: true
+        stsSeconds: 63072000
+```
diff --git a/Docker Images/bluesky-pds/standalone.md b/Docker Images/bluesky-pds/standalone.md
new file mode 100644
index 0000000..8dea328
--- /dev/null
+++ b/Docker Images/bluesky-pds/standalone.md	
@@ -0,0 +1,24 @@
+
+
+```yaml title="docker-compose.yml"
+# Standalone, you'll need to add a proxy in front of this with SSL.
+services:
+  bluesky-pds:
+    container_name: bluesky-pds
+    hostname: example.com
+    extra_hosts:
+      - "example.com:0.0.0.0" # domain:external_ip
+    image: code.modernleft.org/gravityfargo/bluesky-pds:latest
+    environment:
+      # Define variables here or in a .env file
+      PDS_JWT_SECRET: ...
+      PDS_ADMIN_PASSWORD: ...
+      PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ...
+      PDS_HOSTNAME: example.com
+      PDS_EMAIL_SMTP_URL: ""
+      PDS_EMAIL_FROM_ADDRESS: ""
+      PUID: 1000
+      PGID: 1001
+    volumes:
+      - ./bluesky-pds:/pds
+```
diff --git a/Docker Images/bluesky-pds/traefik.md b/Docker Images/bluesky-pds/traefik.md
new file mode 100644
index 0000000..3ccc628
--- /dev/null
+++ b/Docker Images/bluesky-pds/traefik.md	
@@ -0,0 +1,41 @@
+---
+title: bluesky-pds
+draft: false
+date: 2025-01-18
+---
+
+```yaml title="docker-compose.yml"
+# Traefik Proxy
+services:
+  bluesky-pds:
+    container_name: bluesky-pds
+    image: code.modernleft.org/gravityfargo/bluesky-pds:latest
+    hostname: example.com
+    extra_hosts:
+      - "example.com:0.0.0.0" # domain:external_ip
+    networks:
+      - proxy
+    environment:
+      # Define variables here or in a .env file
+      PDS_JWT_SECRET: ...
+      PDS_ADMIN_PASSWORD: ...
+      PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ...
+      PDS_HOSTNAME: example.com
+      PDS_EMAIL_SMTP_URL: smtps://resend:<your api key here>@smtp.resend.com:465/
+      PDS_EMAIL_FROM_ADDRESS: admin@example.com
+      PUID: 1000
+      PGID: 1001
+    volumes:
+      - ./bluesky-pds:/pds
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.bluesky-pds-insecure.entrypoints: http
+      traefik.http.routers.bluesky-pds-insecure.rule: HostRegexp(`^.+\.example\.com$`) || Host(`example.com`)
+      # traefik.http.routers.bluesky-pds-insecure.middlewares: BlueskyHeaders@file
+      traefik.http.routers.bluesky-pds-secure.entrypoints: https
+      traefik.http.routers.bluesky-pds-secure.rule: HostRegexp(`^.+\.example\.com$`) || Host(`example.com`)
+      traefik.http.routers.bluesky-pds-secure.tls: "true"
+      traefik.http.services.bluesky-pds.loadbalancer.server.scheme: http
+      traefik.http.services.bluesky-pds.loadbalancer.server.port: 3000
+      # traefik.http.routers.bluesky-pds-secure.middlewares: BlueskyHeaders@file
+```
diff --git a/Docker Images/quartz.md b/Docker Images/quartz.md
new file mode 100644
index 0000000..edec654
--- /dev/null
+++ b/Docker Images/quartz.md	
@@ -0,0 +1,113 @@
+---
+title: quartz
+draft: false
+date: 2025-01-16
+---
+
+|                         |                                                                                                |
+| ----------------------- | ---------------------------------------------------------------------------------------------- |
+| Image on Forgejo        | [Forgejo](https://code.modernleft.org/gravityfargo/-/packages/container/quartz-docker/v4.4.0)  |
+| Official quartz project | [GitHub - jackyzha0/quartz](https://github.com/jackyzha0/quartz)                               |
+| Image Source            | [Forgejo - gravityfargo/quartz-docker](https://code.modernleft.org/gravityfargo/quartz-docker) |
+| Issue Tracker           |                                                                                                |
+
+```bash
+docker pull code.modernleft.org/gravityfargo/quartz-docker:v4.4.0
+```
+
+---
+
+This project runs Quartz v4.4.0, a fast, batteries-included static site generator, inside a Docker container. It transforms Markdown content into a fully functional website.
+
+While Quartz provides [Docker support](https://quartz.jzhao.xyz/features/Docker-Support), it is not as self contained as this project.
+
+There is no support for SSL or any other features that are not directly related to building the site. I run everything behind traefik, so I don't need it.
+
+## 🐳 Docker Compose Setup
+
+Create a data directory
+
+```bash
+mkdir -p /srv/quartz
+```
+
+```yaml title="docker-compose.yml"
+services:
+  quartz-wiki:
+    container_name: quartz-wiki
+    image: code.modernleft.org/gravityfargo/quartz-docker:dev
+    ports:
+      - 80:80
+    environment:
+      USER_ID: 1000
+      GROUP_ID: 1001
+      SERVER_NAME: "docs.modernleft.org"
+      ENABLE_CRON: "true"
+      BUILD_SCHEDULE: "*/30 * * * *"
+      CONTENT_REPO: "https://code.modernleft.org/gravityfargo/modernleft-docs.git"
+    volumes:
+      - /srv/quartz:/quartz
+```
+
+**First Run**
+
+```bash
+docker-compose up -d
+docker stop quartz-wiki
+```
+
+On first run, the container will download the necessary dependencies, build the site, and download the content repository.
+
+After that, you can configure whatever you would like in `/srv/quartz/src` using the stock options found in the quartz [documentation](https://quartz.jzhao.xyz/configuration) Bare minimum should be `baseUrl` and `pageTitle`.
+
+🥳 Done! 🎉
+
+## Manually Building the Site
+
+If you don't use the cron job, and don't feel like restarting the container, you can build the site manually.
+
+```bash
+docker exec -it quartz-wiki bash
+#
+cd /quartz/content/ && git restore . && git pull
+cd /quartz/src/ && npx quartz build
+```
+
+## ⚙️ Configuration
+
+**cron**
+
+This is the an equivalent command to the cron job.
+
+```bash
+cd /quartz/content
+git restore .
+git pull
+cd /quartz/src &
+npx quartz build
+echo 'Content Updated.'
+```
+
+Setting `ENABLE_CRON` to `true` and defining `BUILD_SCHEDULE` performs these actions.
+If you need help configuring [Crontab.guru - The cron schedule expression generator](https://crontab.guru/) is a useful tool for that
+
+Example:
+
+```yaml
+environment:
+  ENABLE_CRON: "true"
+  BUILD_SCHEDULE: "*/1 * * * *" # Runs every minute
+```
+
+### Environment Variables
+
+| Variable             | Description                                          | Default Value                                        |
+| -------------------- | ---------------------------------------------------- | ---------------------------------------------------- |
+| `USER_ID`/`GROUP_ID` | UID/GID that` /quartz` will be chown'd to on startup | `1000`:`1000`                                        |
+| `NGINX_PORT`         | Port for the Nginx server                            | `80`                                                 |
+| `SERVER_NAME`        | NGINX server name                                    | `quartz.zhao.xyz`                                    |
+| `ENABLE_CRON`        | Enables scheduled builds (`true` or `false`)         | `false`                                              |
+| `BUILD_SCHEDULE`     | Cron expression for scheduling site builds           | `"*/10 * * * *"` every 10 min                        |
+| `CONTENT_REPO`       | URL of the content repository                        | `https://code.modernleft.org/gravityfargo/empty.git` |
+
+> [!NOTE] > `CONTENT_REPO` Must use https, not git.
diff --git a/Docker Images/quartz/Developing with Quartz.md b/Docker Images/quartz/Developing with Quartz.md
new file mode 100644
index 0000000..dc7fe54
--- /dev/null
+++ b/Docker Images/quartz/Developing with Quartz.md	
@@ -0,0 +1,33 @@
+---
+title: Developing with Quartz
+draft: false
+date: 2025-01-17
+---
+ 
+This container is also good for quickly developing components for Quartz. It is a good way to test things out without having to install anything on your local machine, and a simple `make run` -> `ctrl-c` -> `up arrow` -> `enter` is all you need to see your changes.
+
+I keep all of my projects in `~/Repositories`, so I would do this:
+
+Link my primary development folder to the container repo's source folder:
+```bash
+cd ~/Repositories
+git clone git@git.modernleft.org:gravityfargo/quartz-docker.git
+git clone git@github.com:jackyzha0/quartz.git
+```
+
+Then mount the quartz directory to the development docker-compose file:
+```yaml
+volumes:
+- ~/Repositories/quartz:/quartz/src
+```
+Then, you can run the container with the following command:
+```bash
+cd ~/Repositories/quartz-docker
+make run
+```
+
+If 200+ files are claiming to be modified, you may need to disable filemode checking:
+
+```bash
+git config core.fileMode false
+```
diff --git a/Tutorials/Docker/Proxy Network.md b/Tutorials/Docker/Proxy Network.md
new file mode 100644
index 0000000..93ab31e
--- /dev/null
+++ b/Tutorials/Docker/Proxy Network.md	
@@ -0,0 +1,17 @@
+---
+title: Proxy Network
+draft: true
+date: 2025-01-18
+---
+ 
+```json title="/etc/docker/daemon.json"
+{
+  "ipv6": true,
+  "fixed-cidr-v6": "2001:db8:1::/64"
+}
+```
+
+```bash
+sudo systemctl reboot
+docker network create --subnet=192.168.1.0/24 --ipv6 --attachable proxy
+```
diff --git a/Tutorials/Docker/getting started.md b/Tutorials/Docker/getting started.md
new file mode 100644
index 0000000..131e3f6
--- /dev/null
+++ b/Tutorials/Docker/getting started.md	
@@ -0,0 +1,5 @@
+---
+title: Getting Started
+draft: true
+date: 2025-01-18
+---
diff --git a/Tutorials/Traefik/CloudFlare.md b/Tutorials/Traefik/CloudFlare.md
new file mode 100644
index 0000000..1236a75
--- /dev/null
+++ b/Tutorials/Traefik/CloudFlare.md
@@ -0,0 +1,23 @@
+---
+title: CloudFlare
+draft: true
+date: 2025-01-18
+---
+ 
+Disable:
+- Always Use HTTPS
+- Automatic HTTPS Rewrites
+Enable:
+- gRPC
+- Pseudo IPv4 (headers)
+
+
+If you have A and AAAA then the plugin `github.com/Paxxs/traefik-get-real-ip` 
+
+192.168.1.20 - - [19/Jan/2025:01:01:32 +0000] "GET /static/contentIndex.json HTTP/1.1" 304 0 "[https://docs.modernleft.org/"](https://docs.modernleft.org/"); "Mozilla/5.0 (X11; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0" "2603:7080:f400:ed43:939f:266:9bef:e628, 172.71.255.28"
+
+192.168.1.20 - proxy
+172.71.255.28 - cloudflare ipv4
+2603:7080:f400:ed43:939f:266:9bef:e628 - the actual user's ip
+
+"Pseudo IPv4" is needed for this
\ No newline at end of file
diff --git a/index.md b/index.md
new file mode 100644
index 0000000..58c51e5
--- /dev/null
+++ b/index.md
@@ -0,0 +1,21 @@
+---
+title: Home
+draft: false
+date: 2025-01-16
+---
+
+Welcome to the ModernLeft Documentation!
+
+This is a consolidated wiki for most of my projects.
+
+---
+
+## Docker Containers
+
+### [[quartz]]
+
+Simply [quartz](https://quartz.jzhao.xyz/), in a docker container. This wiki is running on it.
+
+### [[bluesky-pds]]
+
+A self-contained Docker image for the [Bluesky PDS (Personal Data Server)](https://github.com/bluesky-social/pds) for use with Traefik.
diff --git a/templates/primary.md b/templates/primary.md
new file mode 100644
index 0000000..046d170
--- /dev/null
+++ b/templates/primary.md
@@ -0,0 +1,6 @@
+---
+title: ModernLeft - CHANGEME
+draft: false
+date: <% tp.file.creation_date("YYYY-MM-DD") %>
+---
+ 
diff --git a/utilities/fail2ban-manager.md b/utilities/fail2ban-manager.md
new file mode 100644
index 0000000..bf9d288
--- /dev/null
+++ b/utilities/fail2ban-manager.md
@@ -0,0 +1,96 @@
+---
+title: fail2ban-manager
+draft: true
+date: 2025-01-16
+---
+
+An extensible CLI tool for managing [fail2ban](https://github.com/fail2ban/fail2ban).
+
+- [Introduction](#introduction)
+- [Working with Jails](#working-with-jails)
+- [Plugins](#plugins)
+  - [Cloudflare](#cloudflare)
+  - [Plugin: Hetzner](#plugin-hetzner)
+  - [Plugin: Telegram](#plugin-telegram)
+- [Credits](#credits)
+
+## Introduction
+
+Source Code hosted on my [Forgejo instance](https://forgejo.gravityfargo.dev/gravityfargo/fail2ban-manager). Registration is enabled for the public with GitHub via Authentik.
+
+Any issues and feature requests can be submitted here on GitHub.
+
+This tool is designed to make managing fail2ban easier without the need to edit configuration files. It is designed to be extensible via plugins, and easy to use.
+
+## Working with Jails
+
+## Plugins
+
+### Cloudflare
+
+> Ban an IP address using IP Rules in [Cloudflare WAF](https://developers.cloudflare.com/waf/tools/ip-access-rules/create/). Jails are configured create rules in a specific DNS zone. Bans are cached in a database for fail2ban's check action to use.
+
+| Notes                |                                                                   |
+| -------------------- | ----------------------------------------------------------------- |
+| Typer generated docs | [Link](man/cloudflare.md)                                         |
+| Provided via         | [Officicial SDK](https://github.com/cloudflare/cloudflare-python) |
+
+---
+
+https://github.com/Paxxs/traefik-get-real-ip
+
+| Variable               | Purpose                                   |
+| ---------------------- | ----------------------------------------- |
+| `CLOUDFLARE_EMAIL`     | Email address for Cloudflare account      |
+| `CLOUDFLARE_API_TOKEN` | Token with permissions to manage IP Rules |
+
+1. Enable the Cloudflare plugin
+
+```bash
+f2bm plugin enable cloudflare
+```
+
+1. Create an [API Token](https://developers.cloudflare.com/fundamentals/api/get-started/create-token/)
+2. Get the [Zone ID](https://developers.cloudflare.com/fundamentals/setup/find-account-and-zone-ids/) from Cloudflare and create a zone in the database
+
+```bash
+f2bm cloudflare create-zone 11111111111111111111111111111111 example.com
+```
+
+### Plugin: Hetzner
+
+> Whitelist ip addresses in the [Hetzner](https://www.hetzner.com/) cloud firewall, and bulk whitelist Cloudflare IP addresses.
+
+| Notes                |                                                                 |
+| -------------------- | --------------------------------------------------------------- |
+| Typer generated docs | [Link](man/hetzner.md)                                          |
+| Provided via         | [Officicial SDK](https://github.com/hetznercloud/hcloud-python) |
+
+---
+
+1. Enable the Hetzner plugin
+
+```bash
+f2bm plugin enable hetzner
+```
+
+2. Create an [API Token](https://docs.hetzner.com/cloud/api/getting-started/generating-api-token/)
+
+### Plugin: Telegram
+
+> Send a message to a Telegram chat. Custom messages per-jail are supported as well as seperate groups for each jail.
+
+| Notes                |                                                                   |
+| -------------------- | ----------------------------------------------------------------- |
+| Typer generated docs | [Link](man/telegram.md)                                           |
+| Provided via         | [Rest API](https://forgejo.gravityfargo.dev/gravityfargo/envoyer) |
+
+---
+
+## Credits
+
+- [Typer](https://github.com/fastapi/typer), build great CLIs. Easy to code. Based on Python type hints.
+
+- [Rich](https://github.com/Textualize/rich) is a Python library for rich text and beautiful formatting in the terminal.
+
+- [envoyer](https://forgejo.gravityfargo.dev/gravityfargo/envoyer) Stupid simple notifications library. (My Project)
diff --git a/utilities/fail2ban-manager/base.md b/utilities/fail2ban-manager/base.md
new file mode 100644
index 0000000..6fa9c9b
--- /dev/null
+++ b/utilities/fail2ban-manager/base.md
@@ -0,0 +1,274 @@
+---
+title: fail2ban-manager plugin
+draft: true
+date: 2025-01-16
+---
+
+**Usage**:
+
+```console
+$ fail2ban-manager [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--install-completion`: Install completion for the current shell.
+- `--show-completion`: Show completion for the current shell, to copy it or customize the installation.
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `jail`: Configure Fail2ban jails.
+- `config`: Configure fail2ban-manager's configuration.
+- `plugin`: Configure fail2ban-manager's plugins.
+
+## `fail2ban-manager jail`
+
+Configure Fail2ban jails.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `ls`: List all defined jails.
+- `enable`: Enable a jail.
+- `disable`: Disable a jail.
+- `info`: Display information about a jail.
+- `edit`: Edit the properties of a jail.
+
+### `fail2ban-manager jail ls`
+
+List all defined jails.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail ls [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager jail enable`
+
+Enable a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail enable [OPTIONS] NAME
+```
+
+**Arguments**:
+
+- `NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager jail disable`
+
+Disable a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail disable [OPTIONS] NAME
+```
+
+**Arguments**:
+
+- `NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager jail info`
+
+Display information about a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail info [OPTIONS] NAME
+```
+
+**Arguments**:
+
+- `NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager jail edit`
+
+Edit the properties of a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager jail edit [OPTIONS] NAME
+```
+
+**Arguments**:
+
+- `NAME`: Name of the jail. [required]
+
+**Options**:
+
+- `--backend TEXT`: The backend used to get file modifications.
+
+Options: .
+
+- `--bantime-increment`: Enable searching previously banned IPs to increment the ban time.
+- `--bantime-rndtime INTEGER`: Add random time (in seconds) to the calculated ban time.
+- `--bantime-maxtime INTEGER`: Maximum ban time (in seconds) that can be reached.
+- `--bantime-factor FLOAT`: Factor used for exponential growth of ban time.
+- `--bantime-formula TEXT`: Custom formula for calculating the next ban time.
+- `--bantime-multipliers TEXT`: Custom multipliers for calculating the next ban time (e.g., 1 5 30 60).
+- `--bantime-overalljails`: Search for banned IPs across all jails (default: false).
+- `--ignoreself`: Ignore local/own IP addresses (default: true).
+- `--ignoreip TEXT`: List of IPs, CIDR masks, or DNS hosts to ignore.
+
+Example: &quot;127.0.0.1/8 ::1&quot;
+
+- `--ignorecommand TEXT`: Command to dynamically determine if an IP should be ignored.
+- `--bantime TEXT`: Duration for which a host is banned (e.g., 10m, 1h).
+- `--findtime TEXT`: Time window for counting failed attempts before a ban (e.g., 10m).
+- `--maxretry INTEGER`: Number of failed attempts allowed before a ban is triggered.
+- `--maxmatches INTEGER`: Maximum number of stored matches for actions (defaults to maxretry).
+- `--protocol TEXT`: Protocol to be banned (default: tcp).
+- `--port TEXT`: Ports to ban (e.g., 0:65535 to ban all ports).
+- `--chain TEXT`: Specify the chain where jumps will be added for ban actions.
+- `--usedns TEXT`: Behavior for DNS lookups (yes, warn, no, raw).
+- `--logencoding TEXT`: Encoding of the log files (e.g., utf-8, ascii, auto).
+- `--action TEXT`: Default action for banning.
+
+EX: action\_, action_mw, action_mwl, action_xarf, action_cf_mwl, action_abuseipdb
+
+multiple values can be specified.
+`--action action_ --action action_mw`
+
+- `--mta TEXT`: Mail Transfer Agent (e.g., sendmail).
+- `--sender TEXT`: Sender email address for notifications.
+- `--destemail TEXT`: Destination email address for notifications.
+- `--fail2ban-agent TEXT`: User-agent format for Fail2Ban.
+- `--delete TEXT`: Delete an option from the jail.
+
+Example: `--delete bantime`
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager config`
+
+Configure fail2ban-manager's configuration.
+
+**Usage**:
+
+```console
+$ fail2ban-manager config [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `reset`: Copy default configurations from `*.conf`...
+
+### `fail2ban-manager config reset`
+
+Copy default configurations from `*.conf` to `*.local` and json files.
+
+**Usage**:
+
+```console
+$ fail2ban-manager config reset [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager plugin`
+
+Configure fail2ban-manager's plugins.
+
+**Usage**:
+
+```console
+$ fail2ban-manager plugin [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `ls`: List installed plugins.
+- `enable`: Enable a plugin.
+- `disable`: Disable a plugin.
+
+### `fail2ban-manager plugin ls`
+
+List installed plugins.
+
+**Usage**:
+
+```console
+$ fail2ban-manager plugin ls [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager plugin enable`
+
+Enable a plugin.
+
+**Usage**:
+
+```console
+$ fail2ban-manager plugin enable [OPTIONS] PLUGIN_NAME
+```
+
+**Arguments**:
+
+- `PLUGIN_NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+### `fail2ban-manager plugin disable`
+
+Disable a plugin.
+
+**Usage**:
+
+```console
+$ fail2ban-manager plugin disable [OPTIONS] PLUGIN_NAME
+```
+
+**Arguments**:
+
+- `PLUGIN_NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
diff --git a/utilities/fail2ban-manager/plugins/cloudflare.md b/utilities/fail2ban-manager/plugins/cloudflare.md
new file mode 100644
index 0000000..ffd0859
--- /dev/null
+++ b/utilities/fail2ban-manager/plugins/cloudflare.md
@@ -0,0 +1,113 @@
+---
+title: fail2ban-manager plugin - cloudflare
+draft: true
+date: 2025-01-16
+---
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `zones`: List configured zones
+- `zone-info`: Show information about a zone.
+- `create-zone`: Create a new zone in the database.
+- `check-ip`: Check if an IP is banned based on rules...
+- `ban`: Check if an IP is banned based on rules...
+
+## `fail2ban-manager cloudflare zones`
+
+List configured zones
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare zones [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager cloudflare zone-info`
+
+Show information about a zone.
+
+This command will pull the rules from Cloudflare and update the database as well as display the rules in a table.
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare zone-info [OPTIONS] ZONE_ID
+```
+
+**Arguments**:
+
+- `ZONE_ID`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager cloudflare create-zone`
+
+Create a new zone in the database.
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare create-zone [OPTIONS] ZONE_ID NAME
+```
+
+**Arguments**:
+
+- `ZONE_ID`: [required]
+- `NAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager cloudflare check-ip`
+
+Check if an IP is banned based on rules cached in the database.
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare check-ip [OPTIONS] IP
+```
+
+**Arguments**:
+
+- `IP`: IP Address to check [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager cloudflare ban`
+
+Check if an IP is banned based on rules cached in the database.
+
+**Usage**:
+
+```console
+$ fail2ban-manager cloudflare ban [OPTIONS] ZONE_ID IP
+```
+
+**Arguments**:
+
+- `ZONE_ID`: [required]
+- `IP`: IP Address to ban [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
diff --git a/utilities/fail2ban-manager/plugins/hetzner.md b/utilities/fail2ban-manager/plugins/hetzner.md
new file mode 100644
index 0000000..a721660
--- /dev/null
+++ b/utilities/fail2ban-manager/plugins/hetzner.md
@@ -0,0 +1,176 @@
+---
+title: fail2ban-manager plugin - hetzner
+draft: true
+date: 2025-01-16
+---
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `info`: Check the status of the Hetzner plugin.
+- `update`: Update the configuration.
+- `reset`: Reset the configuration to defaults.
+- `token`: Set Hetzner API token.
+- `firewall-info`: Pull the firewalls from the server.
+- `whitelist`: Whitelist an IP address.
+- `whitelist-cloudflare`: Whitelist Cloudflare IP addresses.
+- `delete-rule`: Delete a firewall rule.
+
+## `fail2ban-manager hetzner info`
+
+Check the status of the Hetzner plugin.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner info [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner update`
+
+Update the configuration.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner update [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner reset`
+
+Reset the configuration to defaults.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner reset [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner token`
+
+Set Hetzner API token.
+
+Warning: If token_str is specified, it will be save in plaintext in the database.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner token [OPTIONS] [TOKEN_STR]
+```
+
+**Arguments**:
+
+- `[TOKEN_STR]`: The Hetzner API token.
+
+**Options**:
+
+- `--use-env`: Use the `HETZNER_TOKEN` environment variable.
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner firewall-info`
+
+Pull the firewalls from the server.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner firewall-info [OPTIONS] FIREWALL_ID
+```
+
+**Arguments**:
+
+- `FIREWALL_ID`: The ID of the firewall to pull from the server. [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner whitelist`
+
+Whitelist an IP address.
+
+## Examples
+
+fail2ban-manager hetzner whitelist &lt;FIREWALLID&gt; --self
+fail2ban-manager hetzner whitelist &lt;FIREWALLID&gt; &lt;IP&gt;
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner whitelist [OPTIONS] FIREWALL_ID [IP] [PORT]
+```
+
+**Arguments**:
+
+- `FIREWALL_ID`: The ID of the firewall to pull from the server. [required]
+- `[IP]`: An IP to whitelist.
+- `[PORT]`: any, 443, 80-85 [default: any]
+
+**Options**:
+
+- `--self`: Whitelist the External IP of the current machine.
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner whitelist-cloudflare`
+
+Whitelist Cloudflare IP addresses.
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner whitelist-cloudflare [OPTIONS] FIREWALL_ID [PORT]
+```
+
+**Arguments**:
+
+- `FIREWALL_ID`: The ID of the firewall to pull from the server. [required]
+- `[PORT]`: any, 443, 80-85 [default: 443]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager hetzner delete-rule`
+
+Delete a firewall rule.
+
+## Examples
+
+fail2ban-manager hetzner delete-rule &lt;FIREWALLID&gt; &quot;fail2ban-manager whitelist - &lt;PORT&gt;&quot;
+fail2ban-manager hetzner delete-rule &lt;FIREWALLID&gt; &quot;fail2ban-manager cloudflare whitelist - &lt;PORT&gt;&quot;
+
+**Usage**:
+
+```console
+$ fail2ban-manager hetzner delete-rule [OPTIONS] FIREWALL_ID DESCRIPTION
+```
+
+**Arguments**:
+
+- `FIREWALL_ID`: The ID of the firewall to pull from the server. [required]
+- `DESCRIPTION`: The description of the rule to delete. [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
diff --git a/utilities/fail2ban-manager/plugins/telegram.md b/utilities/fail2ban-manager/plugins/telegram.md
new file mode 100644
index 0000000..fdd0895
--- /dev/null
+++ b/utilities/fail2ban-manager/plugins/telegram.md
@@ -0,0 +1,144 @@
+---
+title: fail2ban-manager plugin - telegram
+draft: true
+date: 2025-01-16
+---
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram [OPTIONS] COMMAND [ARGS]...
+```
+
+**Options**:
+
+- `--install-completion`: Install completion for the current shell.
+- `--show-completion`: Show completion for the current shell, to copy it or customize the installation.
+- `--help`: Show this message and exit.
+
+**Commands**:
+
+- `ls`: List all jails with Telegram notifications.
+- `add-to-jail`: Add the Telegram provider to a jail.
+- `remove-from-jail`: Remove the Telegram provider from a jail.
+- `edit-message`: Set the message for a specific action.
+- `enable-message`: Enable a message for a specific action in...
+- `send`: Send a messague to a Telegram bot.
+
+## `fail2ban-manager telegram ls`
+
+List all jails with Telegram notifications.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram ls [OPTIONS]
+```
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager telegram add-to-jail`
+
+Add the Telegram provider to a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram add-to-jail [OPTIONS] JAILNAME TOKEN CHATID
+```
+
+**Arguments**:
+
+- `JAILNAME`: [required]
+- `TOKEN`: [env var: TELEGRAM_API_TOKEN; required]
+- `CHATID`: [env var: TELEGRAM_CHAT_ID; required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager telegram remove-from-jail`
+
+Remove the Telegram provider from a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram remove-from-jail [OPTIONS] JAILNAME
+```
+
+**Arguments**:
+
+- `JAILNAME`: [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager telegram edit-message`
+
+Set the message for a specific action.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram edit-message [OPTIONS] JAILNAME ACTION MESSAGE
+```
+
+**Arguments**:
+
+- `JAILNAME`: [required]
+- `ACTION`: The action to send a message for. [required]
+- `MESSAGE`: The action to send. [required]
+
+**Options**:
+
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager telegram enable-message`
+
+Enable a message for a specific action in a jail.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram enable-message [OPTIONS] JAILNAME
+```
+
+**Arguments**:
+
+- `JAILNAME`: [required]
+
+**Options**:
+
+- `--start`: Enable message for start action.
+- `--stop`: Enable message for stop action.
+- `--check`: Enable message for check action.
+- `--ban`: Enable message for ban action.
+- `--unban`: Enable message for unban action.
+- `--help`: Show this message and exit.
+
+## `fail2ban-manager telegram send`
+
+Send a messague to a Telegram bot.
+
+**Usage**:
+
+```console
+$ fail2ban-manager telegram send [OPTIONS] ACTION JAILNAME [TOKEN] [CHATID]
+```
+
+**Arguments**:
+
+- `ACTION`: The action to send a message for. [required]
+- `JAILNAME`: Name of the jail sending the message [required]
+- `[TOKEN]`: [env var: TELEGRAM_API_TOKEN]
+- `[CHATID]`: [env var: TELEGRAM_CHAT_ID]
+
+**Options**:
+
+- `--ip TEXT`: IP address of the banned/unbanned IP
+- `--failures INTEGER`: Number of failures before ban [default: 0]
+- `--help`: Show this message and exit.