Skip to content

feat(kopia): deploy Kopia server + UI with parallel VolSync backups#1531

Open
ixxeL2097 wants to merge 4 commits into
mainfrom
feat/kopia-deployment
Open

feat(kopia): deploy Kopia server + UI with parallel VolSync backups#1531
ixxeL2097 wants to merge 4 commits into
mainfrom
feat/kopia-deployment

Conversation

@ixxeL2097

@ixxeL2097 ixxeL2097 commented Apr 27, 2026

Copy link
Copy Markdown
Member

Summary

Closes / feeds into #1493

  • MinIO : ajout des buckets kopia et restic dans les values genmachine
  • Kopia server : chart custom (gitops/manifests/kopia/genmachine/) déployé via ArgoCD infra-storage, exposé sur kopia.talos-genmachine.fredcorp.com
  • VolSync : ReplicationSource Kopia ajoutées en parallèle des existantes restic pour : wireguard, vault, adguard, homarr, authentik

Architecture

Kopia server (kopia/kopia image)
  ├── init container : kopia repository connect s3 (ou create si premier run)
  ├── main container : kopia server start --address=0.0.0.0:51515
  ├── PVC NFS        : 192.168.1.250:/volatile/kopia  (cache)
  └── CA cert        : fredcorp-ca-chain (trust MinIO TLS)

MinIO bucket : kopia
  └── volsync/<app>/genmachine/  (préfixe par app)

Vault secrets à provisionner avant le déploiement

kopia/repo/minio-backup → password   # clé de chiffrement du repository
kopia/server            → password   # mot de passe UI admin Kopia

minio/creds/admin est réutilisé (déjà existant).

Point d'attention — VolSync Kopia mover

Les ReplicationSource Kopia (spec.kopia) sont créées en parallèle des existantes restic. Le format du secret kopia-config utilise les env vars :

  • KOPIA_PASSWORD, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
  • KOPIA_S3_BUCKET, KOPIA_S3_ENDPOINT, KOPIA_OBJECT_PREFIX

À vérifier : VolSync 0.15.0 supporte bien le mover Kopia et le format exact des env vars dans le secret. Si le mover n'est pas disponible, les ReplicationSource Kopia seront simplement ignorées/en erreur sans impacter les backups restic existants.

Test plan

  • Provisionner les secrets Vault (kopia/repo/minio-backup, kopia/server)
  • Vérifier que ArgoCD sync kopia-genmachine sans erreur
  • Confirmer que le pod Kopia démarre (init container connecte le repo S3)
  • Accéder à https://kopia.talos-genmachine.fredcorp.com et se connecter avec admin / password Vault
  • Vérifier que les buckets kopia et restic apparaissent dans la console MinIO
  • Vérifier les ReplicationSource Kopia (kubectl get replicationsource -A)
  • Confirmer que les ReplicationSource restic existantes fonctionnent toujours

🤖 Generated with Claude Code

ixxeL2097 and others added 2 commits April 26, 2026 23:17
@ixxeL2097 @claude
feat(cilium/genmachine): switch to native routing, enable WireGuard a…
dae2483 
…nd IPv4 BIG TCP

- Switch routing-mode from VXLAN tunnel to native routing
  autoDirectNodeRoutes installs per-node pod CIDR routes automatically
  ipv4NativeRoutingCIDR scoped to 10.244.0.0/16 (genmachine pod CIDR)
- Enable WireGuard pod-to-pod encryption (nodeEncryption disabled)
- Enable IPv4 BIG TCP now compatible with native routing (vs tunnel)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@ixxeL2097 @claude
feat(kopia): deploy Kopia server + UI and add parallel VolSync Kopia …
15c03e1 
…backups

- Add kopia and restic buckets to MinIO genmachine values
- Create custom Helm chart for Kopia server (kopia/kopia image) with:
  - Init container to connect/create S3 repository on startup
  - Kopia server with UI exposed via Traefik ingress at kopia.talos-genmachine.fredcorp.com
  - NFS-backed PVC for cache (192.168.1.250:/volatile/kopia)
  - ExternalSecret pulling from Vault (kopia/repo/minio-backup, kopia/server, minio/creds/admin)
  - Custom CA (fredcorp-ca-chain) for MinIO TLS verification
- Add ArgoCD ApplicationSet for kopia in infra-storage project
- Add parallel Kopia ReplicationSource (VolSync) alongside existing restic sources
  for: wireguard, vault, adguard, homarr, authentik
- Add comment on ipv4NativeRoutingCIDR in Cilium values

Vault secrets to provision before deploy:
  kopia/repo/minio-backup → password
  kopia/server            → password

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@ixxeL2097 ixxeL2097 mentioned this pull request Apr 27, 2026
Open
@ixxeL2097 @claude
chore: merge main and resolve conflict on cilium values
c606c05 
Keep comment on ipv4NativeRoutingCIDR added in this branch.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@ixxel-bot

ixxel-bot Bot commented Apr 27, 2026

Copy link
Copy Markdown
Contributor 
--- main/cilium_gitops_manifests_cilium_genmachine_manifest_main.yaml	2026-04-27 20:14:35.130989528 +0000
+++ pr/cilium_gitops_manifests_cilium_genmachine_manifest_pr.yaml	2026-04-27 20:14:33.923990683 +0000
@@ -67,54 +67,54 @@
 ---
 # Source: cilium/charts/cilium/templates/cilium-ca-secret.yaml
 apiVersion: v1
 kind: Secret
 metadata:
   name: cilium-ca
   namespace: default
   labels:
     cilium.io/helm-template-non-idempotent: "true"
 data:
-  ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUpXblpqd1Vud2RLT2RLMEZ3dEVaYTB3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TlZvWERUSTVNRFF5TmpJdwpNVFF6TlZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyUElOZDNjOFBJWVBCU0V4VE5JeUZqMHZYRjJXaFdMY2NVRWtON1kyQkUxa2h4SkgKMzQyczM3NWNqWThBYWZjdHhVZDdUTGFybHdVUG91b3VXV0wxd0E2V29TZGx5M1JiVDY4QjN2UE1zcUExYU0rZwo3R1kvQXArWE1XdWJGU3NZbkNLUkovdTJsVzV6ZUlJT2tmd3ozU3E4U1NmbnJ5ZE42Q2VLUVpXaE40MXZlbmVaCnF5SU9lV2E4L1BCNVQrMG9FcitWZXgxRFdISVFWOHNkb0VaRGR2NEJlaXpQK2xsd0ZrWVhQN0NnQS9CeHUxbisKNXY3U3IwVHhlQXpicndubXVOeGF5RDVpRzhic2wzeEJqcE9ocnJESENpcjhSNGF6a1NLTUJTYnJUNmlzZmRKTgpkRnVLdnovdDNDcEI5cUFHc0FQKzZBb1VxZ2tFQzRjWFkxZWUzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS01PWFRpQWNlQzk5cUMrbmtRaVEwMWNiRDVETUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQThoMnBTQU1PVU80cDFTMDNlWm9rdGptUVJXbGN4am5sSm5vWlkrbEV3Um1KcnppajZvQnBvCi9ZNmk4bVlSMXhJaG8wcnVVa2JmeXdaYkQ4L2FMaTd4V2RDVFNnMzVyMGcvZ2Zub3FMRDdRbVA1Vk5nNzNUejMKcWVHZnYxRjNVdlhLTXQwK1R0bzhKZmlvWWxNUE9YOVZmTmNoNjdPUHh4dmVzd0E0U1A0RHk4SVJuaFRaSTcvRwpsREFUQkxQUWZKQ0RBQll6c0tvZzRUY25tWkZaQ041OTFqd290NnBGMHk4NTl1K0U0UW9IaEZvRmNmMFc3YmtYCkczUzdaR0lOR29PK25acnF6OVlmc01NR05sMFp5Uys3cnNabXM4TXE4U3BvOFZVTC83REwvUGN2MHNHdVd4K0oKaGkvakJUNnUwT3dZWmlvVWJ0RThqa2xMWFd2bHh0M3EKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
-  ca.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBclBJTmQzYzhQSVlQQlNFeFROSXlGajB2WEYyV2hXTGNjVUVrTjdZMkJFMWtoeEpICjM0MnMzNzVjalk4QWFmY3R4VWQ3VExhcmx3VVBvdW91V1dMMXdBNldvU2RseTNSYlQ2OEIzdlBNc3FBMWFNK2cKN0dZL0FwK1hNV3ViRlNzWW5DS1JKL3UybFc1emVJSU9rZnd6M1NxOFNTZm5yeWRONkNlS1FaV2hONDF2ZW5lWgpxeUlPZVdhOC9QQjVUKzBvRXIrVmV4MURXSElRVjhzZG9FWkRkdjRCZWl6UCtsbHdGa1lYUDdDZ0EvQnh1MW4rCjV2N1NyMFR4ZUF6YnJ3bm11TnhheUQ1aUc4YnNsM3hCanBPaHJyREhDaXI4UjRhemtTS01CU2JyVDZpc2ZkSk4KZEZ1S3Z6L3QzQ3BCOXFBR3NBUCs2QW9VcWdrRUM0Y1hZMWVlM3dJREFRQUJBb0lCQUM4VStHQ1JGOWQ4UVlPSwpmVUxtS0ZlUWtaK3FKTXVzVmNvSlMyUlZXUkJEeDMzVUZyZi8rRk96SGJ3MTlZMWppdFRkdUczeWZ2VXVuZ3FpCmlUcXhhNmk4Ny9ud1lWQ0puVUFzcXl3NG4vM3pDb2M5bXhnd1g3QUZwV0lCWXVkWTQ2ckI2RldEdTdtanA1RGoKaXpibiszQ1c3VXBYTUVZcFE1YlRpTnFBOHpKTmZwNkNnQ09Tam5DbGt2Vkx1bms3a08wTzFrZDhxKzRtbm5PNgoyMmtsdGhqY0NzODJCUFYwc0ZLRzdTR0lPSlZ5NktlVGVrU2htcXFxWU9rU2NFTElBYk9jWDQ0S0p4SnNUZy9XCjhwcnRXWFljS2hXMHhTZENyRWtnMWl0ZWdlYzVoTmNSVjhRQ1BJR2tVdlNYSHlPTUIvSVJyMTQxZ25RR0duRTIKeUdLK1hGMENnWUVBM0hUVENLb3Z1dzVGOFlxTjZkcDcxeFd2YURLUUpUbmJNdDRFUC9oZzE2bGIzV3FONnNaRApzc3owQTA3YUtWSFpMemEyWkxhS09jM2I2MGNsbHNYd05IMUNGV0Zwd0wxK3RxTjJuYVAwRktjRzdYVDFRQVlVCjlaU2ZScTRoZnh6ZjQ1TnVSbTVvMGFpTzlya2tycHltdjlaRmtyQWhzSTNLci92bEF0TkJHdlVDZ1lFQXlOUkEKMnlmelMxRFhZUFgxYmJDaFFvUW10TnUvS3FtbDFFZktCVUFyS242bVVGbjJqRjFaYXVoK0x1RjhwYW5NS0c3QgpiMm9sVFg4V0JoZGZUZllhZi84dUFqNlVjcFZzNW5lYzFQdTBzOGszZVlWaXNRTmFkZjdLM2E3VElJTjEwK0JzClMycjJSLzYxeHlZMHdCb3JubXNmSmJmYzV4YzhLWWNBdU5pdVZnTUNnWUVBdWV4UXVtTUZSQ1dDZVhYWHY1ekMKaXAvQVFnazZwaHFJTWZzcDdHVm1EeHZHM1JKclE5QVg4aWlGdG5CKzd4QVhNWWxjQTg0cS94c05XUHkweDlhQgpnVk1PTTRmbkwyVGhBOWtTUlZxcmsrdFZuVmZoS2pDMjVuS0ViWkNYc1dOQnN1VjR3QytIZVNKR0IvQVc3cWd3CnZXTlJZNmZsa2NmVFk5MzF3dzgxUGkwQ2dZRUF3TDdOdkVpOGZYV0tNTm4vQXBhNlBxKzh3bW9CTUgzLzFSeE4KYlBxb016RzRoM2ZBWS9rWDM3NWhsTGIvUGJRWWFGbmNOd1ZGNWZucDlsQ3FQSlhOMnpqYlBIWTVYVHZDZC9NbQp4MWNJbUdDdmFHYzNVREtxdUlLZ3kyQ0Y2emVnZDRoMkIzQVNEUWtPQjZQSWp2TFBHRTB4YUs3dFNiR0lJVWNiCnowelBEV2NDZ1lFQXdrOHNydU5LVVB2L1R4YnYyR1lOUXFaOWNLNzJMNlZqSVhFNUVGbHBHaUZ2VjQ0dWxJVncKTVA0Z3I1ckNOM3BKaWFxZ3g5dzRXWW5DZERsMlpnaWRnQzFWVHFkdVlnV0pJbWNCN0UrZkFTczd3dWp5MDUrZQo0a0VIV0I3MDU2Z2hCQ0h4Yk1vaWkxOW8xM28zRGcybjRJdldxRVBvOEpweUJ1b2lYcll1R0MwPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
+  ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQU1BWFNuM0ZYMTFISGJmcWlGemMrY2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TTFvWERUSTVNRFF5TmpJdwpNVFF6TTFvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFwWkMzU2xhWml6Rm9wbGNwOXg0QkVpZ3dNUjBmT01ZR0QrQnZOMkJIWmpBNzBpWlIKRWlGRVdhVWxTOXZCcVdhbG52Z1pPdDRtTDR2SzA1bi9xd0NKM01aR1dWR2dVRkU3ZEk5NlZ0TXVRNForNnhWawpVUjFoSWE2a0NjVnYrN2FpUUFtUjRpN3o2M2UxLzI2ZjM0NEFETUdDODNoRUtFT0FGQTMxVFIyNW43VHBwSURZCkVWOXo1aEh6L0ZQSDAwSmZPemdTdldQeFAxUjFjQk4yaFBScE1nVUdLSjI2c2pyVGFjQ0ltdXROUkwwTjVXSkIKdUdmZlNqOWYyNk1ob3FvNHlKMCtSd0c4d01jYThPNmdEa1BMUHBwZnZ3VUFzNVZoOEVWcWU3d1J2TkFoS3BETgpNdHFmZG9UWEZqSk9WVnVPLzFkUDJFNmxreExNbDE3citLVCs2d0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS214Tzh3Rk5kTGJ5M0pHRFRNTGFVeHVaalRITUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ0FmSzdoOWp3R0pIK0M3Wk1Yd3J3ekJzYlhVSWFqWFJuU0I4Q2tGQnBaUFZJemVUZ0R2ZTBsClJlSi8wYXA5eU14SzdaVlVrS05yQVZzN3haY1VaNHhYanBoTzVVMzBsaVJXR1MxM3kyNnZlWEFnYXFQU3REV1MKUnNtak15dHQrM0FmZ0VKbERkejZJeW4zTlhqKzV5a25SRGtBZmlIeHNJakpXWjJDSDByeGppR3VSY0lZTkwwYgpkYWpmdVJ1aHdqOGh6VnEzMFZBVE1SSmRrV280bjZtOXZuY0xzeDQzbmNmanczTXVVQkZsVEdkZEo5NmQ3eUVBCkE1dXRuTlk2bUhJbEdIKzc0SmZJTStoeFJ4cWlmdSs3ZFlOa0pNcEQyTVBwM21idFdkREtsTG14WGIxY29hUkgKaGlJVU5hL3BicDRMTEMvMFZSa1pESkNmT3pObDRkYnQKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+  ca.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBcFpDM1NsYVppekZvcGxjcDl4NEJFaWd3TVIwZk9NWUdEK0J2TjJCSFpqQTcwaVpSCkVpRkVXYVVsUzl2QnFXYWxudmdaT3Q0bUw0dkswNW4vcXdDSjNNWkdXVkdnVUZFN2RJOTZWdE11UTRaKzZ4VmsKVVIxaElhNmtDY1Z2KzdhaVFBbVI0aTd6NjNlMS8yNmYzNDRBRE1HQzgzaEVLRU9BRkEzMVRSMjVuN1RwcElEWQpFVjl6NWhIei9GUEgwMEpmT3pnU3ZXUHhQMVIxY0JOMmhQUnBNZ1VHS0oyNnNqclRhY0NJbXV0TlJMME41V0pCCnVHZmZTajlmMjZNaG9xbzR5SjArUndHOHdNY2E4TzZnRGtQTFBwcGZ2d1VBczVWaDhFVnFlN3dSdk5BaEtwRE4KTXRxZmRvVFhGakpPVlZ1Ty8xZFAyRTZsa3hMTWwxN3IrS1QrNndJREFRQUJBb0lCQUN3QkR4NDBieUhXTTN6RwpmUEpmcUtRMVJ6MitnajVhTDJGSDR2ZGlZUWV4ZVN6TkgwNEV4b0JYQ3RjakpORkw1V2dmZzhFb0t4a0cvQlVLCmdLL24rRHhUL0gyZjJzNk9FSkhWMG92Q0hERTVUWUZZMGExWGRDbjZHMEkzbGlCZU5iaDBjckFkajVuOVdzTjEKbVF0WFYvOEw3YXlkUWV3N3FJNXIrVThTUC9SSXVSeElxUDNqYjcyVHB0QWE0eVgxUUwzR0UzYlREMldvN1JZQwpkRWk5eU41NUhsQU1xTVBoVG1Sd1FLNkJXWGJRRzNyUk1adEs3OEVnb0RVQWx6UnZPbWVFSGdIZzkzWng3bk9PCjFZNDlqdFBONUZwSGpXWDY4b3h2elovcmxUMzdPVnNTVHRrdU5XQitCSU1uMS80Vm5tUnRFUTBGMlhPZVcxWnkKNmdzYWFha0NnWUVBdzJMRTZ3QjIycVZ4YWpEdUVBMjZJenZwTnk2SyswS1FKSlkvZjQrU1J3UzRMRkhHQUd2SgpHcmxrQzlNZWNneFNSdHBMbU5kaXI4MEdNdjRUMmw0dVhIeGV0clFnejlEVDUvVU9KbTA1eHQrMTJjdy92SUpKCjF4Mlk2WmhGNzdLRDB5SXZYSHQvd2xnMGRHV1lrVkRjWFpSYWlMbGhPSXUwV1ppcnJucFRWc2tDZ1lFQTJPMm0KQWp5RUJJaDdmdjBLZVp6amxvMTExS1QrM0hvN0JTQWRxbmp0ai84akZjenp0cWJiQ1Vpa2JYUjlYaktqM3dJRwpkdlgwblNvcU4xUHVzLzBEWWxTL0JKWXRzTDFYcGI3bTdzcm00K1J0TWlMVXlvbWF1TmRNV09xc3RUeTlIVG9aCkpaZTBQaWp0UXV0eE1jZHhuUU9kMWQ0eUprY2V2UDlNaldENkhoTUNnWUVBaFNDUko4WWpOWXN3b2JoQkhQTWQKZHRCbGNWSG5KSmdQK3IzYytoOXEvYlM3Z0ljZk1ENUF3bEs3VmtzOUhWeEQyejcxNzJnaU44S3NqS1lPQk9YVApGUFV3MjdBVUEwVTRmWDI5YkhWVHZxdkREbWxhckNqaUF3NkpsL0JIQnJGTm5OaFlDTjJsQ1Zoc05UcmNIM2RICkR3UDhROWg3NDdsYzR3ZGhRdnJhT2ZFQ2dZQmFDZm4zdjZxRVB5b1RRWEJSbmY4UkJGSStHdVgyR1gzWjJNUzMKZDA0VGtMQzlZYjVldDg3K2dYcE9QQ1cxTFl1N0Nwb29VbHBmeVpxUU1IUkpuT0VFdFd3N3VTSHAxQTFITEgrcAo2ZW4vK1ZZaGt6ZURnYTRJdnNSZnU3aEgyWmdkUTNvZ2ttRXIwOHozRThaK0JPeHhZWWpudGp4V2l2cUZNK3BRClhFbzBwUUtCZ0hHSm5XSGdWQm1CVkordjdtanJiSjFLbjgrS3NudXcyRWVHRmU3NFZQS1dZd0NsSGp3SmU2ZXcKVkUycmpqYTBadUJIVnpka0p4aVA3UzlXbGcwa1FUVEp2ek1JVmM5WG14SkFQSWFhdmZ1QUxmanhsRkFJZ0U3ego1VTN0RE9ZUWZiRXQ2Mmk1Mmp3Ly90SVVPbk5jVm1DLzEzZW81U3I5aVZ3TDhKaE9DTmo1Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
 ---
 # Source: cilium/charts/cilium/templates/hubble/tls-helm/relay-client-secret.yaml
 apiVersion: v1
 kind: Secret
 metadata:
   name: hubble-relay-client-certs
   namespace: default
   labels:
     cilium.io/helm-template-non-idempotent: "true"
 
   annotations:
 type: kubernetes.io/tls
 data:
-  ca.crt:  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUpXblpqd1Vud2RLT2RLMEZ3dEVaYTB3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TlZvWERUSTVNRFF5TmpJdwpNVFF6TlZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyUElOZDNjOFBJWVBCU0V4VE5JeUZqMHZYRjJXaFdMY2NVRWtON1kyQkUxa2h4SkgKMzQyczM3NWNqWThBYWZjdHhVZDdUTGFybHdVUG91b3VXV0wxd0E2V29TZGx5M1JiVDY4QjN2UE1zcUExYU0rZwo3R1kvQXArWE1XdWJGU3NZbkNLUkovdTJsVzV6ZUlJT2tmd3ozU3E4U1NmbnJ5ZE42Q2VLUVpXaE40MXZlbmVaCnF5SU9lV2E4L1BCNVQrMG9FcitWZXgxRFdISVFWOHNkb0VaRGR2NEJlaXpQK2xsd0ZrWVhQN0NnQS9CeHUxbisKNXY3U3IwVHhlQXpicndubXVOeGF5RDVpRzhic2wzeEJqcE9ocnJESENpcjhSNGF6a1NLTUJTYnJUNmlzZmRKTgpkRnVLdnovdDNDcEI5cUFHc0FQKzZBb1VxZ2tFQzRjWFkxZWUzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS01PWFRpQWNlQzk5cUMrbmtRaVEwMWNiRDVETUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQThoMnBTQU1PVU80cDFTMDNlWm9rdGptUVJXbGN4am5sSm5vWlkrbEV3Um1KcnppajZvQnBvCi9ZNmk4bVlSMXhJaG8wcnVVa2JmeXdaYkQ4L2FMaTd4V2RDVFNnMzVyMGcvZ2Zub3FMRDdRbVA1Vk5nNzNUejMKcWVHZnYxRjNVdlhLTXQwK1R0bzhKZmlvWWxNUE9YOVZmTmNoNjdPUHh4dmVzd0E0U1A0RHk4SVJuaFRaSTcvRwpsREFUQkxQUWZKQ0RBQll6c0tvZzRUY25tWkZaQ041OTFqd290NnBGMHk4NTl1K0U0UW9IaEZvRmNmMFc3YmtYCkczUzdaR0lOR29PK25acnF6OVlmc01NR05sMFp5Uys3cnNabXM4TXE4U3BvOFZVTC83REwvUGN2MHNHdVd4K0oKaGkvakJUNnUwT3dZWmlvVWJ0RThqa2xMWFd2bHh0M3EKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
-  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTRENDQWpDZ0F3SUJBZ0lRVDlqaXg5Q0VVTDJiZzYrZmFWTzNSakFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05Nall3TkRJM01qQXhORE0xV2hjTk1qY3dOREkzTWpBeApORE0xV2pBak1TRXdId1lEVlFRRERCZ3FMbWgxWW1Kc1pTMXlaV3hoZVM1amFXeHBkVzB1YVc4d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDK2J0TklqdFAvd3hVeHFxMzdMQmF1NXh1YkFyT0MKZ1FNYkZ5bm5Edmk2b1FUK0FneWJxWDhad0ptMXBKTllSS2luZ25PaGkwalRZMXRBMkpTanl1UkpVcXduamExTgpkRFpsQktXZ2tFVzg2MW5UODErZkZqTW0wc0o0YXdoZTcyYjdaUHlWOVFKWkhiRHhaQXpZWTJEUWIxaW5oeFJoCmZYTzNaZWdxZndaa2I3ekd3Szd0L1BMUC9TaDU5ZGxVOUFQaXBnanh1SnFIb3hBWEthMlVkOHhOblkzcHJwcEgKWUZ4QWkzS0orMlRLMlJLZi9EQytxRUtaUHlKclNYeTV5YWs3b1FnWS9ONVdKd0RWNnFQL0d2bDNBQ28zQjdSbwpPNnVEVm55dklFVDNPekYzVnNkWkJBS2lOZTVoVkw4K3c3MGlHeWdVZFZVNjFtbkk1YWdsYlpYN0FnTUJBQUdqCmdZWXdnWU13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUYKQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZLTU9YVGlBY2VDOTlxQytua1FpUTAxYwpiRDVETUNNR0ExVWRFUVFjTUJxQ0dDb3VhSFZpWW14bExYSmxiR0Y1TG1OcGJHbDFiUzVwYnpBTkJna3Foa2lHCjl3MEJBUXNGQUFPQ0FRRUFIRm9iY0RLUTVvbWVMNUZJc3Z5WkF2ekJqUnhpMjZDRG0zUEVvZ0taLzVhWGtzTlcKN1NYSHhmZnlVM2dqMmlMRHFmMG9kV2pWV0czQW5sV1BlRHkvbGQ0WFFyK1YwaERJQTFaNnFnS3B6UW9MUkhzZQp2ZnVEdGxRTVlLS3dQNFZ3WlYzWEY4SmVPRFVnY1EzK1k0UmRVdVcvMjlkMUhDeVBNTEJ2ZlN0aGVIWlEyR1VMCnB3RFlrRThuelQrYU5Ob04rNlFzSVNYOGdWZS8yZ01sMUJkdWMxc3l4WVA2VExZQ1lKcEhsQ3ozNHZkTisvdEgKZVVhSS9JN0pFdytPeEQ1ZUdweTJmTzBrNExSU2xHSmgwb0NYYk96djVKVUxOZEtzUWF5RFdQcER2bWdnMFZTdQpNNXhzNUF2bEFjMHh2d3VEWElqVXp3TmZlaGlneTZkSit0cFlRQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
-  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdm03VFNJN1QvOE1WTWFxdCt5d1dydWNibXdLemdvRURHeGNwNXc3NHVxRUUvZ0lNCm02bC9HY0NadGFTVFdFU29wNEp6b1l0STAyTmJRTmlVbzhya1NWS3NKNDJ0VFhRMlpRU2xvSkJGdk90WjAvTmYKbnhZekp0TENlR3NJWHU5bSsyVDhsZlVDV1IydzhXUU0yR05nMEc5WXA0Y1VZWDF6dDJYb0tuOEdaRys4eHNDdQo3Znp5ei8wb2VmWFpWUFFENHFZSThiaWFoNk1RRnltdGxIZk1UWjJONmE2YVIyQmNRSXR5aWZ0a3l0a1NuL3d3CnZxaENtVDhpYTBsOHVjbXBPNkVJR1B6ZVZpY0ExZXFqL3hyNWR3QXFOd2UwYUR1cmcxWjhyeUJFOXpzeGQxYkgKV1FRQ29qWHVZVlMvUHNPOUloc29GSFZWT3RacHlPV29KVzJWK3dJREFRQUJBb0lCQUF0dU9ZNXhNclozT3c0Kwp2a21GaHZZN2R4Q0lTbUFoTTRYc2oyc2h1RlB6ZlNQUzJhcDlnRUw2ZFprYW1hR1BWWHF0VjB2a2RKd0Rxb21SCnRuOGxteXVKSTlmYkpwd1dMZUdybXJ5d3YzVkdKemt0NVpqY1pON1N0RElCekUwSUhJVmFHOW1nYzN2VXRXcDMKNUw1S3cvNVNHa1dZMDMzQSt2NHFMUzJVb3J5WFRxaGlkNk5sNGFHSC9NK3Bsek5heDBsN2Uzc0Rram1zMS9uTApPUTVmV2lCVmg5ajZFZmYveGJ1T3JDd0V4UUl2aTl6WHpDTGlxN2FuUzd1VTVmcnRZZVN4QlVuUm83UmNZS2luClBqQlhyQjJKdXcxU3g0V1hCVWoxbElIWlJJcjhCbG04QW1objNqOWNDTVhKdlE4MGx6NmVodnJRZmQ3VkxwQlAKb2tMMFNqRUNnWUVBMEFiaG11Tk9aTWdVNDhCemRvYkJQQ2FqckNia0RRZ0JWY0E0S3hlNDJyNllBMHFyVmJqcAptOEo5ZjBueEpOeElsVm93U0w4SXdUMTdmVVJqUnp1TFVnbTRpR2VQeXNmS1lWcTJSZFY5SEVpNk9HcnBPZll5ClJSRzB4ek9PVTN6cU85ZlZSb2Nsb1ZZYTM4V0xSa01TckR3OFNvMU9HN1BHYzI5ODIxYW1rbk1DZ1lFQTZsbEQKU0V0WS9WblA0WjlCMDFCdWpxaHNUQm1zbXh3U2lzZGxocG0zdHE4MGZUOVEyeTNrdGVPeEF3VFdObDVVcERCOApnM3o1Vm5PYm5GS05CNmExK2hQenpDZnZvRG9BN1p4WklqT1ljaURkUm5qWUxkMWtPdFNmWTBuZHF0Mm01REsyCmRDRDRxdS9JTitzQktaUnY2Nit0SHRzbVpqT05Wd1dKeTczQnBGa0NnWUJTczBtaFQ5aHNqSFp4aktMYWJmd0kKTTd4QnhqeEhTZlZ0NTdyc3RzT1FndERnRGlGTE5QWDZMRG5FRHR0Rk1pWFE2a2Zqdzc1eFJFWUJxTnhuQnk3OQo4RXRpUHZtVlBoUWcyL1Uya2dibzVhalNvUDRUUXVMOVBtckYvcU1JWWRLazg4c2YvTDVqQTE0dnM5TUluY1dnCm4xbkFzYWhwcnZDb0Y1eGxmbTgrTFFLQmdGWVMyUktKa2pManRPWFN2N09rbkNiTGw1TlA3c1M5eDlXdkxRd0cKRTZNR3NRbTdvckFPS0MzaVpsYU1oVDFNNGx1MzcxUEFLRGhubCtVUHNQcjVjV2Rid3JUZWlqWFllQlROMHpNcgpyamRrK01EMGk3bzAwYWFHQjlESkJhREhiby9zVEhWVTB1QzkxMVVxZksvUDlGZWxtN2wwbHFMOUZsRzdHQVI4Ck9zNXBBb0dCQUtkeDZhQ25CRW9mYjlWQzBUWEhub3l5OVRweG4yTGlVdTBIajF6OGJhbnBtMWpYWVhnL2tsVUgKOG02aWdya2hzVzJVSmk2bEs4MlA5eW9rbHJZNUxOQ1UvakdxN3FzazdsRDByYUdtSVVIZmZRaGFNZnBaWk9ucApUVDhxMXRaSVJQTW5CSDNKeWlkQisxUU9GNVA3ejNZRitLSlQ2VWpEbnRkb2x0NTlHNDg5Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
+  ca.crt:  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQU1BWFNuM0ZYMTFISGJmcWlGemMrY2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TTFvWERUSTVNRFF5TmpJdwpNVFF6TTFvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFwWkMzU2xhWml6Rm9wbGNwOXg0QkVpZ3dNUjBmT01ZR0QrQnZOMkJIWmpBNzBpWlIKRWlGRVdhVWxTOXZCcVdhbG52Z1pPdDRtTDR2SzA1bi9xd0NKM01aR1dWR2dVRkU3ZEk5NlZ0TXVRNForNnhWawpVUjFoSWE2a0NjVnYrN2FpUUFtUjRpN3o2M2UxLzI2ZjM0NEFETUdDODNoRUtFT0FGQTMxVFIyNW43VHBwSURZCkVWOXo1aEh6L0ZQSDAwSmZPemdTdldQeFAxUjFjQk4yaFBScE1nVUdLSjI2c2pyVGFjQ0ltdXROUkwwTjVXSkIKdUdmZlNqOWYyNk1ob3FvNHlKMCtSd0c4d01jYThPNmdEa1BMUHBwZnZ3VUFzNVZoOEVWcWU3d1J2TkFoS3BETgpNdHFmZG9UWEZqSk9WVnVPLzFkUDJFNmxreExNbDE3citLVCs2d0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS214Tzh3Rk5kTGJ5M0pHRFRNTGFVeHVaalRITUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ0FmSzdoOWp3R0pIK0M3Wk1Yd3J3ekJzYlhVSWFqWFJuU0I4Q2tGQnBaUFZJemVUZ0R2ZTBsClJlSi8wYXA5eU14SzdaVlVrS05yQVZzN3haY1VaNHhYanBoTzVVMzBsaVJXR1MxM3kyNnZlWEFnYXFQU3REV1MKUnNtak15dHQrM0FmZ0VKbERkejZJeW4zTlhqKzV5a25SRGtBZmlIeHNJakpXWjJDSDByeGppR3VSY0lZTkwwYgpkYWpmdVJ1aHdqOGh6VnEzMFZBVE1SSmRrV280bjZtOXZuY0xzeDQzbmNmanczTXVVQkZsVEdkZEo5NmQ3eUVBCkE1dXRuTlk2bUhJbEdIKzc0SmZJTStoeFJ4cWlmdSs3ZFlOa0pNcEQyTVBwM21idFdkREtsTG14WGIxY29hUkgKaGlJVU5hL3BicDRMTEMvMFZSa1pESkNmT3pObDRkYnQKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTRENDQWpDZ0F3SUJBZ0lRSm5EcnB1WisvTWd1blJ2K3VnZVIwekFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05Nall3TkRJM01qQXhORE16V2hjTk1qY3dOREkzTWpBeApORE16V2pBak1TRXdId1lEVlFRRERCZ3FMbWgxWW1Kc1pTMXlaV3hoZVM1amFXeHBkVzB1YVc4d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEa3ZyR3ZuTVJvSWphbDRCeUdod2UwRkpqTXFQbWQKbEV5Y1pHZFZBWXlpMjRJUU1mN1VSbDZKMUtWSmh0YkhpUlNJR00ySm1DNEFFK2o0RDREQmI0N1hHTUYyN01WNwpYTEJMTkV5T0N2RjlJOVAxeWJXcEwvUjZoQzVTazFwSE94UWhET2p3S2NXeW9sUHRwcDdBVExGL1BZTHMvbVkwCk1CekxnZUZXL0lVRWE2NFk0UVhKVXJlQ3NuY0xrSlk2SkdhMjBmRlZSei9kOVoxb2czU0VxYmU2eDllNnllRWwKdEx4MmZ5dVZEKzVIMEhhUzRyazJjU3dNMWVNT0xob2xyOTV3QmF3aFB3UjBpT0hwQ0RJVXVuS1BmNGo0aTVvZQpnT3VYdFdQdWUxQzYwVUpZRDdxR3NveWxqUmJaOWIyVlREc3grSzM3dXc2citYcUNQcHhkWVJGREFnTUJBQUdqCmdZWXdnWU13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUYKQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZLbXhPOHdGTmRMYnkzSkdEVE1MYVV4dQpaalRITUNNR0ExVWRFUVFjTUJxQ0dDb3VhSFZpWW14bExYSmxiR0Y1TG1OcGJHbDFiUzVwYnpBTkJna3Foa2lHCjl3MEJBUXNGQUFPQ0FRRUFDSDNOaWlvaTZkbjMvbEEzQ1VON0h5cXd3c3l0UXhSenhZWkNodVpTeXpEVlBqdHIKSUFGdE1sVWdRUkx4a21EMHF3eEYzWjlyamtsUDBIeVlLM01wMjNoN3N0T2ZrdkEydWpRMUw0dFoxUHNYK0ZHRgphcGNoS3BUWUhrRnNXUmt3UDFYcS9zVEFOYWRNZWxnS3FLUXIyeVU2dDhHekQwRWhKMkM0cldHbWdKWHN3d25tCkZrVVFCNXltTkVtSkZqZlN2OURiY1BNdStDaHZ5OWx0Rlhqdkp5R3J5Rk00NFEzRVovS21pVkhJSUNKeWRRL3cKRUNZaHlyVWRqQWk2K0lhVExZNzBzZ1VLQWhaMFN6ekZLUThmc091ZnVEc2drbDhiMlk3dG1KVGRPeVJyTXZFZApCTmZpM2Z1ZHhDcnNPRWxIQlRPdU5qYjdBak1wWjNzaExzWlFEUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBNUw2eHI1ekVhQ0kycGVBY2hvY0h0QlNZektqNW5aUk1uR1JuVlFHTW90dUNFREgrCjFFWmVpZFNsU1liV3g0a1VpQmpOaVpndUFCUG8rQStBd1crTzF4akJkdXpGZTF5d1N6Uk1qZ3J4ZlNQVDljbTEKcVMvMGVvUXVVcE5hUnpzVUlRem84Q25Gc3FKVDdhYWV3RXl4ZnoyQzdQNW1OREFjeTRIaFZ2eUZCR3V1R09FRgp5VkszZ3JKM0M1Q1dPaVJtdHRIeFZVYy8zZldkYUlOMGhLbTN1c2ZYdXNuaEpiUzhkbjhybFEvdVI5QjJrdUs1Ck5uRXNETlhqRGk0YUphL2VjQVdzSVQ4RWRJamg2UWd5RkxweWozK0krSXVhSG9Ecmw3Vmo3bnRRdXRGQ1dBKzYKaHJLTXBZMFcyZlc5bFV3N01maXQrN3NPcS9sNmdqNmNYV0VSUXdJREFRQUJBb0lCQURaVWpNT1hTcGNwT1MyZwowMldvZ00zbTdudjl6bnY5RTAwNkU4aisrelpiU01Nci9NalNoZlhheWY5eXhXVFRURXNmQ1FLYllLR29HUGVDClJ5U3FxSlN5VHBFK241RXpiTFFRRWZiUzVwVEFnOEduVFR5SUpWdE1OZXhyRDFCSDJmb1hwT1FXSjl6TDdYOU8KeWZvR3ZVbnBoRVZpRDBocC9RemhKbktRdTg5V2lTazF6MjIzdmlKckpEbHdtcmY5aklINUJjSzJWS2lJN296Ngp6U2huTFJCVGx2MXFKaXFjeEF4QlMzbjk0L2RUSUtySGlOaXpRYkhWYld0eDJUMDVOZ3dQMmREOGZmQm4zVWtSCjVqUys0RnpyQ1NaWUxUc0lwMGc4SDZJb0hjSkxSek5zUHIzMVdXRFdIZDh3WjF1dGVoYmZISTRBK0lUWC9RYlgKRUM5VytvRUNnWUVBOFpNRHhJckdEczFVL0lMZlRGbFZyb1NaVEM4S0UzeTNCZE5hTm04dVVqQTZSMU02RmdpMQpZeDhGWTNHYjIrdENWSVFQaG03ZXNYUHdqNkNUWTBKVmZIV1IrcTdhVk1YOTk0TmxtRGRtTjFFOWFmWWJnR2lvCkZwR1pFWk9NZG1xZnpXb2hSK1B1T0orSmF4cEdCcW9va3BJQjJZeHB3aDR1dG00Y3IwbGI0bUVDZ1lFQThtZU4KK1dIMGdJdGZxLzZJR3QyTCtSbXhBSWM4andyUGYwOUduT3pheXZUQVM0dHRxSCtHOCtLblJxKy93ZU1oMGJRcgp0NmtEZlhEaFpCOS9WanV4c016TW1rOVRQUGpSQTVPN0JOb3Z2RmswOW8vemd3TGg1N21VaTN2K2FZVG0vME15CmQxWUhKS2ZhTHFObEFlRGxaY2c4eEtEVUFRbFRxbGZqbEJraDNpTUNnWUFibzJCSStqK1NyZmROTklQcnJrVFoKUko1dFV1eHFNbGlXT0FvWU5Ed3Vkd29UNHZmQVVacS9EbXVGWnhnWDN5Q2xucjVQK1J0TlhpQmxyazl1aWNaUwpDUGw4bnNpbjdrY1NMRnhSUC9WWDJ0bVY1K3haa3ArNGhVdm44T09mSUsvTHhwcXNLTzIyV0xwV0lKbG1aYzFpCmg0WGlwK2ZwcDU1Y2pOaUhUWE5Qd1FLQmdRQ3ZGbDgxRnl6TXdGN2RVNThwa0lhdTZZQ3crZjJpOEZNS0NNL2YKUHpHVjBRMG9ROUIwR1pEM2plbjNJN0NsTWhMV2JvWDVSYW9RckQwUTNiTlRMUkRldkQ2NDRyMGoyRERZblpkRApIUG5IMk1OcHFIWmlWZTJvTzZKdzBhSGt3NnM2QzJaalRnOGd5ZUROT1JZWE1rTmZyaTgrYzFCT1kxYzhQZmxTCm1vaWM4d0tCZ0ZhNEtEWmZBSzRyU2Urby9VSXhFMUp0Y3ZWVGxMT255K0pVTWdNSDQwcjVWaDcwRmtsU3VnUHkKSzNUSHNaVWtMaEp1RmNpc3FUblQ5cnZtWVlXUVRZR2pFeHRUbjB1bzhteWhTSnJFd3I1bUN4dVQ4ZDZXWit5KwplbmNlTi9QbW1Hd0dYYTZZQlk0eU52alRTRmNsYUJrdld0UEQwZWlzZzBwa3Rjekl2QnlJCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
 ---
 # Source: cilium/charts/cilium/templates/hubble/tls-helm/server-secret.yaml
 apiVersion: v1
 kind: Secret
 metadata:
   name: hubble-server-certs
   namespace: default
   labels:
     cilium.io/helm-template-non-idempotent: "true"
 
   annotations:
 type: kubernetes.io/tls
 data:
-  ca.crt:  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUpXblpqd1Vud2RLT2RLMEZ3dEVaYTB3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TlZvWERUSTVNRFF5TmpJdwpNVFF6TlZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyUElOZDNjOFBJWVBCU0V4VE5JeUZqMHZYRjJXaFdMY2NVRWtON1kyQkUxa2h4SkgKMzQyczM3NWNqWThBYWZjdHhVZDdUTGFybHdVUG91b3VXV0wxd0E2V29TZGx5M1JiVDY4QjN2UE1zcUExYU0rZwo3R1kvQXArWE1XdWJGU3NZbkNLUkovdTJsVzV6ZUlJT2tmd3ozU3E4U1NmbnJ5ZE42Q2VLUVpXaE40MXZlbmVaCnF5SU9lV2E4L1BCNVQrMG9FcitWZXgxRFdISVFWOHNkb0VaRGR2NEJlaXpQK2xsd0ZrWVhQN0NnQS9CeHUxbisKNXY3U3IwVHhlQXpicndubXVOeGF5RDVpRzhic2wzeEJqcE9ocnJESENpcjhSNGF6a1NLTUJTYnJUNmlzZmRKTgpkRnVLdnovdDNDcEI5cUFHc0FQKzZBb1VxZ2tFQzRjWFkxZWUzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS01PWFRpQWNlQzk5cUMrbmtRaVEwMWNiRDVETUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQThoMnBTQU1PVU80cDFTMDNlWm9rdGptUVJXbGN4am5sSm5vWlkrbEV3Um1KcnppajZvQnBvCi9ZNmk4bVlSMXhJaG8wcnVVa2JmeXdaYkQ4L2FMaTd4V2RDVFNnMzVyMGcvZ2Zub3FMRDdRbVA1Vk5nNzNUejMKcWVHZnYxRjNVdlhLTXQwK1R0bzhKZmlvWWxNUE9YOVZmTmNoNjdPUHh4dmVzd0E0U1A0RHk4SVJuaFRaSTcvRwpsREFUQkxQUWZKQ0RBQll6c0tvZzRUY25tWkZaQ041OTFqd290NnBGMHk4NTl1K0U0UW9IaEZvRmNmMFc3YmtYCkczUzdaR0lOR29PK25acnF6OVlmc01NR05sMFp5Uys3cnNabXM4TXE4U3BvOFZVTC83REwvUGN2MHNHdVd4K0oKaGkvakJUNnUwT3dZWmlvVWJ0RThqa2xMWFd2bHh0M3EKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
-  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWakNDQWo2Z0F3SUJBZ0lRVUxvRUhrR1JCYW50cEF3cFQwMXB6akFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05Nall3TkRJM01qQXhORE0xV2hjTk1qY3dOREkzTWpBeApORE0xV2pBcU1TZ3dKZ1lEVlFRRERCOHFMbVJsWm1GMWJIUXVhSFZpWW14bExXZHljR011WTJsc2FYVnRMbWx2Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdng2S0x4ZlhETTNVMHBJTk9TeGEKdFF5OG1wUWdUWk84ZE9CaHA2QVVtMDdSaGVXZEVnS0RoRlNpQlNNUDl0N2wzRE5rcVlKZU5HSGtyeFVRaEd6cwpIaVFMN3NKMUZtaDdpbEtDRzBUM3Nub1dVd3Z5WFJXVTZHUXJBNlBDT3k1c1FVSHo5WkVuUExQTEpPa2czR3lmCldDdTdkSVZCaWRwRmg3b25qa0xLRmY3ckNidk96STdVT1lxUWpxdFNwYkVhU3B5MTFaRVpwTEMwbkVEMHZwY1cKeEp0b3BtazlOcmJhaHRSYUVPaEJJUGh0NWZPQUtmYVNaQ0FOQ05SVGx3RWxFUUFSVnBjMU5hZGtlVEtZZDRTVQpla29TRU9MQnV6U1hkY2drZkZRYzM0dUlzQmhyMU9sbmpXV2hoaWJkejc0Rm5wTUFBdlU0TFBLV1diT0pVQzRTCm1RSURBUUFCbzRHTk1JR0tNQTRHQTFVZER3RUIvd1FFQXdJRm9EQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0QKQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JTakRsMDRnSEhndmZhZwp2cDVFSWtOTlhHdytRekFxQmdOVkhSRUVJekFoZ2g4cUxtUmxabUYxYkhRdWFIVmlZbXhsTFdkeWNHTXVZMmxzCmFYVnRMbWx2TUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFBczhJbWQxMEpWQzJOaE5uYVRidVpVVHNndkFrNm8KOWZxM0d5dllNZ0hWNHRPNm5EOWkxL3NnL1o4NU95VGtKMmtBc0tyRjJjZTRoaEp5cVE5Z1Q1Snp5cllwTTBCaQptanNGZFQ0MWhHcGQveVc3NFdlKzhyc1VvNjgrRHlRZndPZzlDRnhnclJ3YnJRakdLbzRBdlNjY0UySWpVN3pYCmlUZ3cwSnE5azBmR3IyOWNYYWN5Mk93dW1Ua2hOeWJTajBCako3OGpkZmljRjhDZlUvRDZkSVYxRENhNVZwUkIKa0pVdGJXenU4RmQ1ODNZV3FCUUY3TnVRZkc5eE5abFpYSnBxMUs3QmVxWGhhUnZ6aVdRa3hFbXVNenhLK3dyMApCeERsYUNlbnVZcHdkN2d4bDFnVkxhNE9FM0VsVDU2QlA2RmxZcXViTVdoMUtPU3QrT0hzV3F1MgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
-  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBdng2S0x4ZlhETTNVMHBJTk9TeGF0UXk4bXBRZ1RaTzhkT0JocDZBVW0wN1JoZVdkCkVnS0RoRlNpQlNNUDl0N2wzRE5rcVlKZU5HSGtyeFVRaEd6c0hpUUw3c0oxRm1oN2lsS0NHMFQzc25vV1V3dnkKWFJXVTZHUXJBNlBDT3k1c1FVSHo5WkVuUExQTEpPa2czR3lmV0N1N2RJVkJpZHBGaDdvbmprTEtGZjdyQ2J2Twp6STdVT1lxUWpxdFNwYkVhU3B5MTFaRVpwTEMwbkVEMHZwY1d4SnRvcG1rOU5yYmFodFJhRU9oQklQaHQ1Zk9BCktmYVNaQ0FOQ05SVGx3RWxFUUFSVnBjMU5hZGtlVEtZZDRTVWVrb1NFT0xCdXpTWGRjZ2tmRlFjMzR1SXNCaHIKMU9sbmpXV2hoaWJkejc0Rm5wTUFBdlU0TFBLV1diT0pVQzRTbVFJREFRQUJBb0lCQUFIWW9KaEVDRVlJVHFhLwp3Sm5JTkZKeVBuZldJcVMvM3E3RFdjdDdKL3A0YmJJMzJGeXJsN1o2eWREaVl6MnMyV0ZzbHF1WTJ6ZWNLQ1VmCjFJMFptZTM2OFA3bXM5SmFWOTByZEY4aE8xZW04Y1J1R3dmV3FraFV3QXlmaU82MlFWZEtYNDlabzdIUFZudWUKQytlaWlLY3dUdlhaSEFaaDl5WWw2eUFSbVptbm5JbzlYcHVCN2lrd1ZTVU1xdXppR0hKRWdScEdVZ3gxZU9ncwo2VGloMThYQ3E3QU5yMWFhaWFGbDNxaHBhZDdNOFdOelQ1Zytxd3lRL0E5NXZKcmFERkY3M0pDK0R5NUU1Ui8xCm8xUThaVXZGOFhKeTVIR3dmM011bXFwQmk4T3BBOXY5VVFVbzdWT3pnOVIrSmRpdHlUYU1XL2l1Q21ubVh2bHAKOVpsTkNLRUNnWUVBeDJ1ZUd4OFZGZ0ZpckJHTnFacmpFNzRNSDVkV3VZVkJzQTUveHQ1cDE4UmJGV1VOc3IweQpYMmZWMXlwRW5mQjVTVDBnRnp2OUYrVXhJS2dSTTZiZzU0dldYK1BQUUp6OGRleVpzdzl5MkZCaDFWaWNlQVFYCjFIcUlvOEJIb1RYMmtOT21EanlSbnlvc1U5R1NZR0JheDJ4ZDk3VXhGc3FmVGFqR2JqeUQvdkVDZ1lFQTlWZisKajB6aUdvQ2JyVmNETHl2ako4dm5BWTdVY2MxV2lrNkxWck1ZNWN1c0pQL0VMb2hDZ2ZRN1lWTlJpWTlsb0FrVwpITm9OMlFZTDgvbmRWN1NONUFHMEdrWGhGMWNwcldkQlZacFNqbDR0S1I0c1lsbEp5dVVlNE11WlhUZTB4VkFnCmFNclBOa3ByUTZrUWZwVmc3WVllVC9acTAvQUNaTGFkUE0zS0hpa0NnWUFFNHdnKzFlWW9ZZVJQSHliL2p3SWQKaTd5MFVYc1lsTUZsVlJXZ2cvYklDTkhLbG0xZGdmRm9FUjFXWm56RCtnNmUwdGFrZXgzYXBnMHNKYkkyTjlLdgpHZWdvOVdZd3lTZ09vN3VvZmFwc3pwdDNKUExBcGlrSFZmRmZRZWovZEZrVWQzdE1RZ08zaU1zSlNzdHhmU3I4ClZCV0JhbmxIZTdPbnJZa2ZUbkJWb1FLQmdIQi9wOTlIcnNuZVBRUXZ5T3NCWWNpbXk4ZEFHaFFReHVUbWZTZ0YKT1o1dFZRTW1NR3Z4MlNWRHUxSzJaTVlCOWVSN0ppT1dyUkRkbisrQW5Fa1NKcG50V2d0T0RaZXBSUmdaSjdFNwo4UzBNN0FKVnJwNXVPTk1MV3F4VFQ0Q2FBWThVWGJnUGZ4Snk3MXA0RkhNbXhlcEVQSFFJRnhZVmtOTmpsUmdECmVQRjVBb0dBRncvWlJ2d2MrQXU3YUE5SmF1L0J5cHF0VkVWM2ZnVGR5WWxWRy9McysvMkhqKzkzYzlUOEsrcVoKWE5wTE1FUW9SSFY1UUkxN1h1bTFCV2g1WUVFa1NuTm5PU0hpY3JuYkVYT2RPTXZZQXdEaitrbkZxNFAvRmNxMwpDL05ORGw5c0IvQnE5a2dpRmJsZEtoZkJIOHNZcUJqbzZhY1B3bDhUL2hZTGpOTGVXNkk9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
+  ca.crt:  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQU1BWFNuM0ZYMTFISGJmcWlGemMrY2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkyTURReU56SXdNVFF6TTFvWERUSTVNRFF5TmpJdwpNVFF6TTFvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFwWkMzU2xhWml6Rm9wbGNwOXg0QkVpZ3dNUjBmT01ZR0QrQnZOMkJIWmpBNzBpWlIKRWlGRVdhVWxTOXZCcVdhbG52Z1pPdDRtTDR2SzA1bi9xd0NKM01aR1dWR2dVRkU3ZEk5NlZ0TXVRNForNnhWawpVUjFoSWE2a0NjVnYrN2FpUUFtUjRpN3o2M2UxLzI2ZjM0NEFETUdDODNoRUtFT0FGQTMxVFIyNW43VHBwSURZCkVWOXo1aEh6L0ZQSDAwSmZPemdTdldQeFAxUjFjQk4yaFBScE1nVUdLSjI2c2pyVGFjQ0ltdXROUkwwTjVXSkIKdUdmZlNqOWYyNk1ob3FvNHlKMCtSd0c4d01jYThPNmdEa1BMUHBwZnZ3VUFzNVZoOEVWcWU3d1J2TkFoS3BETgpNdHFmZG9UWEZqSk9WVnVPLzFkUDJFNmxreExNbDE3citLVCs2d0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGS214Tzh3Rk5kTGJ5M0pHRFRNTGFVeHVaalRITUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ0FmSzdoOWp3R0pIK0M3Wk1Yd3J3ekJzYlhVSWFqWFJuU0I4Q2tGQnBaUFZJemVUZ0R2ZTBsClJlSi8wYXA5eU14SzdaVlVrS05yQVZzN3haY1VaNHhYanBoTzVVMzBsaVJXR1MxM3kyNnZlWEFnYXFQU3REV1MKUnNtak15dHQrM0FmZ0VKbERkejZJeW4zTlhqKzV5a25SRGtBZmlIeHNJakpXWjJDSDByeGppR3VSY0lZTkwwYgpkYWpmdVJ1aHdqOGh6VnEzMFZBVE1SSmRrV280bjZtOXZuY0xzeDQzbmNmanczTXVVQkZsVEdkZEo5NmQ3eUVBCkE1dXRuTlk2bUhJbEdIKzc0SmZJTStoeFJ4cWlmdSs3ZFlOa0pNcEQyTVBwM21idFdkREtsTG14WGIxY29hUkgKaGlJVU5hL3BicDRMTEMvMFZSa1pESkNmT3pObDRkYnQKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWakNDQWo2Z0F3SUJBZ0lRSlBqeEZnemt6MmNoajJ4dWtKZWwyREFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05Nall3TkRJM01qQXhORE16V2hjTk1qY3dOREkzTWpBeApORE16V2pBcU1TZ3dKZ1lEVlFRRERCOHFMbVJsWm1GMWJIUXVhSFZpWW14bExXZHljR011WTJsc2FYVnRMbWx2Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBc1ZlYVIrQkRJR21qd2tKdmR0WDUKTkxoUlkzcERnSHY4WnE1NElHMTNodlhnTHhTRzVoU013UWtxTG9mRkVYVjNlNHJVVS9ndnNBZWU1SS9rVWtSQgpwTERGZDdlc2pHK0tsSE9BV3lvdjVRbThoZjNMVkVpYXM5THVBdVFzTHdxMWNQWEV2M2wyTk1WZnlURjFyemZxCnE3S1lNSkdTNHF6OFJETFFoellNMmxnWTdGNnFqS2YxYmxLT1FZT0FuUDM4OTZKb1U1eEUreFpIT3JubHNCazUKa2ZzUEI2NERQY2c5Z2tNbllqRVRpV0I3V0FBQ3krSXo0WTV6SHBDU1NBbmhDWjNMQXkxcWZ4dmlpUjJsZzNyRwphNGltY3hUM1prNzBlQzQ2aFpNUThKU3RhbmxBaEVQMVNGMVBPcFRGQ05raURENTlWK2xDSzVXNTY1UTh4Nmg0CitRSURBUUFCbzRHTk1JR0tNQTRHQTFVZER3RUIvd1FFQXdJRm9EQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0QKQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JTcHNUdk1CVFhTMjh0eQpSZzB6QzJsTWJtWTB4ekFxQmdOVkhSRUVJekFoZ2g4cUxtUmxabUYxYkhRdWFIVmlZbXhsTFdkeWNHTXVZMmxzCmFYVnRMbWx2TUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQXhBNityTHhZTjAzelpaVkE2bllpVi9NbW5PbDcKYW1JZ2s1elNEVXV4U3pTVUVkaGxjRlErWDY2Qk9wMkU4dVVGRW0vWVk1azc5L1Uzd3kwV3paNThTSlIyUXlFawpQQjFmUmt1SFZrZkJzMkRNQW4raHVBaUU2NDlzSDE3T0NZTGdIRm5EajI2aFZkZEZJdlFDQnNNKzNjVWM2MnlPCnJjd2owck9SZ3hRMVBtTk5ZTDZIK0hDcXdsOFFoNHFadFlPL21vTHJjcUtzL1g1MDhQK3NZY0FDYlpldHNRcnUKbHlKWnVPeFkvRCtVMVVnZXpOZDUwWWRVK3dTWHV4dENrUTE4L1A0T1hPVDBUQm84MWFtZnM3QUMva3VhU3hwTwpDVjRpUjQ4ZTduUFRYdFZ2T29DdjlObXpTYk9jc2FGMkVKTHdWNGFnSkFqR2pCcnpWc1oxV1kvTwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBc1ZlYVIrQkRJR21qd2tKdmR0WDVOTGhSWTNwRGdIdjhacTU0SUcxM2h2WGdMeFNHCjVoU013UWtxTG9mRkVYVjNlNHJVVS9ndnNBZWU1SS9rVWtSQnBMREZkN2VzakcrS2xIT0FXeW92NVFtOGhmM0wKVkVpYXM5THVBdVFzTHdxMWNQWEV2M2wyTk1WZnlURjFyemZxcTdLWU1KR1M0cXo4UkRMUWh6WU0ybGdZN0Y2cQpqS2YxYmxLT1FZT0FuUDM4OTZKb1U1eEUreFpIT3JubHNCazVrZnNQQjY0RFBjZzlna01uWWpFVGlXQjdXQUFDCnkrSXo0WTV6SHBDU1NBbmhDWjNMQXkxcWZ4dmlpUjJsZzNyR2E0aW1jeFQzWms3MGVDNDZoWk1ROEpTdGFubEEKaEVQMVNGMVBPcFRGQ05raURENTlWK2xDSzVXNTY1UTh4Nmg0K1FJREFRQUJBb0lCQUFHK2xOdnV6cytRejhybgpaYnFnM0RTeWpoKzd0M3p2WmZUZlNTWGpMY1o4RmdVZ2llWFZmeitlM0NBSHR6UGhiZTEwZzN1Q28zckllR2hUCktnY2llTUFxcFB2MUtKTmJ2WWM4VGtwQjgwLytIOXYwT24zTkZsM1NlSzQ2bWJIL2J2Z2swc0gzYXp4QVVoMk8KaVA1ODZhZ0t0N015bTJQemJsVXF2WFpoc21WV0dFNEwxaExqa0dzODQ3Wm9uUzgrNUVnZ2JFR0Q2dDBxVjJrVApjV0Y0cElkMXBpdDgvZ1NPbnptSitZTExnNWFVWGk4K0k2ak83Yk1tSTdFZzJZVytkUG5zdElzZURSdG1PZ05WClBKVEhkRGhtd0g4TG5sc3hDeTIwYmZUYndhSTVJR3kxM1NvOUZ4K0xnUURYa3BlUU1wc3pQeFZDMGhhQytaVmgKRHl6bWM2a0NnWUVBNkszWW1LRE9IUHVuMmFlTEI2REYwS3RoNGhBR0M4M0N0d1lYa0Z2ZitiRG5IYUNmazZYYgpZdG1aVjdQNHl3V3c2N3NKQUJ4b3U3VUdYWEhVbnJtVm9USEhhcU50eFBueE9oSDdMdTAxdy8yNmxuOThmUGxHCkw4OGUzQng0QXU4RUlFK2h2c09EdGZETU1MUGlIb1gzNXhtUmJNUTAzZGZXeDM0eVh3QjFhL01DZ1lFQXd4M24KdGNVVUdQMW1CcThGRTZXZTBFdHhXVWlNUndyMkpiK0w2Z00wZSs4SncvSWNaZm9uTHNmMGxGYTI4SlcwaldLWQpKRElGVUNzQnkwOVUrYXlrYVAyT2NuSlBDMldwc3pyTzF6V2dlZUhuSHR0MWdZUk4rMjJtWnlvMlpGRjZVaUlqCnpPVzJjTnczSit0VmJGa0FxcVFibksrS1N1bXhyQ0d0WEZhUjNtTUNnWUFrMmtRUUNJZ2N0dzhpdmhLYkpxK3UKR1Ricm96WVI4SWtDakFoM2FOWFVxbHd3cVJ3ZE9vdkE0RTRWUWdBSngrRDV0U243eG9RZ0ZzL25SUHcwRjVqSApheWIya09QMTZ0QjJMaHJtbDlPSU0wdTJRb0xwR0dJeGVGQ2U5RE5kNDVWM3VLVVpuY1hpcnp6b0NkV3FsL1ZuCnVQajdqU2dDYXdrdGw2Tkt3THZZV1FLQmdISnMvVkJLVGFrQ0ltMVZBdU1zdytCZi9nOWdUblB6Wjd0bmhBUXUKOFA2bGh0S1ZFRFoxNTdpMXB5ZS9XdlhvdGNRY3lDQ2gvUit3dVJLa2FhOHFvaGk0YW11UHdlOXJKWVJvdnBqVAphRk5TT2hxTWxYTHBSbHBuU2FsQ3hqYzYyVU9GcGYwcDBqNkp4d2J3S2w2cUs0dm5SaEl6bUNTcXZIbTRIbFVDCnAvVUZBb0dBZFIvQXlnRjJGV2s5ZHBaRmhrTHR5c1FWZHAwakxwcnY5c0tIcTk0YURnejllR01DempQRzB5RXgKMllTNzNlQy9STnZFWCtUMEJPNGxqbnArVWllWm0xSTBmVDlUWm5KQUdIYUI4NEpLUzRKbE9UbW9OK3N2OW83SgpYTDg5VnBsNTByS1FCV0hNd2RNV2U2amVjN29lUC8rbVQxcDg4SzdVdVhWSGF2SE5WVzg9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
 ---
 # Source: cilium/charts/cilium/templates/cilium-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: cilium-config
   namespace: default
 data:
 
   # Identity allocation mode selects how identities are shared between cilium
 
--- main/minio_gitops_manifests_minio_genmachine_manifest_main.yaml	2026-04-27 20:14:36.504988110 +0000
+++ pr/minio_gitops_manifests_minio_genmachine_manifest_pr.yaml	2026-04-27 20:14:35.946988686 +0000
@@ -120,20 +120,22 @@
     }
     
     # Try connecting to MinIO instance
     scheme=http
     connectToMinio $scheme
     
     
     
     # Create the buckets
     createBucket cnpg-backup "none" false true false
+    createBucket kopia "none" false false false
+    createBucket restic "none" false false false
     
   add-user: |-
     #!/bin/sh
     set -e ; # Have script exit in the event of a failed command.
     MC_CONFIG_DIR="/etc/minio/mc/"
     MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}"
     
     # AccessKey and secretkey credentials file are added to prevent shell execution errors caused by special characters.
     # Special characters for example : ',",<,>,{,}
     MINIO_ACCESSKEY_SECRETKEY_TMP="/tmp/accessKey_and_secretKey_tmp"
@@ -510,21 +512,21 @@
       app: minio
       release: minio
   template:
     metadata:
       name: minio
       labels:
         app: minio
         release: minio
       annotations:
         checksum/secrets: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
-        checksum/config: afc3a4eba10bfb478dce16cc52cd37bf434fb055333cfd5f33ba02b3cb5c39bf
+        checksum/config: b3ef853188e69bcb45a6f81325688ebaa7e585f6d1f345308d5280f26b59fd79
     spec:
       securityContext:
         
         fsGroup: 1000
         fsGroupChangePolicy: OnRootMismatch
         runAsGroup: 1000
         runAsUser: 1000
       
       serviceAccountName: minio-sa
       containers:

@ixxeL2097 @claude
refactor(kopia): switch to bjw-s/app-template chart + thespad/kopia-s…
47f7e8c 
…erver image

Replace custom Deployment/Service/Ingress templates with the bjw-s app-template
Helm chart (v4.6.2) which is the standard pattern in K8s homelabs.

Switch image from kopia/kopia to ghcr.io/thespad/kopia-server which is purpose-built
for server mode and exposes the correct env vars (KOPIA_UI_USERNAME/KOPIA_UI_PASSWORD).

Update ExternalSecret to produce KOPIA_UI_USERNAME/KOPIA_UI_PASSWORD instead of
the generic KOPIA_SERVER_PASSWORD used by the raw kopia image.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@ixxeL2097 ixxeL2097 force-pushed the main branch 3 times, most recently from 5248ff3 to 5c29049 Compare May 14, 2026 06:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ixxeL2097