From 2088088f8745ff566be5058cd81691c1b28c3311 Mon Sep 17 00:00:00 2001
From: Cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:17:43 +0200
Subject: [PATCH 01/10] change personal compose

---
 docker-compose.yaml | 28 +++++++++++++---------------
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index c2dfe11..4a8ba1a 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,23 +1,21 @@
-version: '3.8'
-
 services:
   gotify:
     container_name: gotify
     hostname: gotify
-    image: gotify/server          # Uncommand correct server image
-    # image: gotify/server-arm7
-    # image: gotify/server-arm64
+    image: gotify/server:latest
     restart: unless-stopped
     security_opt:
       - no-new-privileges:true
     networks:
       - net
+      - default
     ports:
-      - "8680:80"
+      - "1337:80"
     volumes:
-      - data:/app/data
+      - ./data:/app/data
     environment:
-      GOTIFY_DEFAULTUSER_PASS:  'my-very-strong-password'   # Change me!!!!!
+      TZ:                       'Europe/Berlin'
+      GOTIFY_DEFAULTUSER_PASS:  'test1234'
 
   igotify:
     container_name: igotify
@@ -29,18 +27,18 @@ services:
     pull_policy: always
     networks:
       - net
+      - default
     ports:
-      - "8681:8080"
+      - "1338:8080"
+    environment:
+      - IGOTIFY_CLIENT_TOKEN='Cyirsn0q.hYe3si'
+      - GOTIFY_SERVER_URL="http://gotify"
     volumes:
-      - api-data:/app/data
-    #environment:                 # option environment see above note
-    #  GOTIFY_URLS:          ''
-    #  GOTIFY_CLIENT_TOKENS: ''
-    #  SECNTFY_TOKENS:       ''
+      - ./api-data:/app/data
 
 networks:
   net:
 
 volumes:
   data:
-  api-data:
\ No newline at end of file
+  api-data:

From f24466e3fd0a746cd4069f6c1b79ea47e5910376 Mon Sep 17 00:00:00 2001
From: Cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:19:13 +0200
Subject: [PATCH 02/10] initial helm setup

---
 charts/igotify/.helmignore                    |  23 +++
 charts/igotify/Chart.yaml                     |  24 +++
 charts/igotify/templates/NOTES.txt            |  22 +++
 charts/igotify/templates/_helpers.tpl         |  62 +++++++
 charts/igotify/templates/deployment.yaml      |  75 +++++++++
 charts/igotify/templates/hpa.yaml             |  32 ++++
 charts/igotify/templates/ingress.yaml         |  51 ++++++
 charts/igotify/templates/pvc.yaml             |  23 +++
 charts/igotify/templates/service.yaml         |  30 ++++
 charts/igotify/templates/serviceaccount.yaml  |  13 ++
 .../templates/tests/test-connection.yaml      |  15 ++
 charts/igotify/values.example.yaml            |  40 +++++
 charts/igotify/values.yaml                    | 159 ++++++++++++++++++
 13 files changed, 569 insertions(+)
 create mode 100644 charts/igotify/.helmignore
 create mode 100644 charts/igotify/Chart.yaml
 create mode 100644 charts/igotify/templates/NOTES.txt
 create mode 100644 charts/igotify/templates/_helpers.tpl
 create mode 100644 charts/igotify/templates/deployment.yaml
 create mode 100644 charts/igotify/templates/hpa.yaml
 create mode 100644 charts/igotify/templates/ingress.yaml
 create mode 100644 charts/igotify/templates/pvc.yaml
 create mode 100644 charts/igotify/templates/service.yaml
 create mode 100644 charts/igotify/templates/serviceaccount.yaml
 create mode 100644 charts/igotify/templates/tests/test-connection.yaml
 create mode 100644 charts/igotify/values.example.yaml
 create mode 100644 charts/igotify/values.yaml

diff --git a/charts/igotify/.helmignore b/charts/igotify/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/igotify/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/igotify/Chart.yaml b/charts/igotify/Chart.yaml
new file mode 100644
index 0000000..17ee492
--- /dev/null
+++ b/charts/igotify/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: igotify
+description: Docker container for sending Gotify notifications to iOS devices (bridge to gotify websocket)
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.3.1"
diff --git a/charts/igotify/templates/NOTES.txt b/charts/igotify/templates/NOTES.txt
new file mode 100644
index 0000000..e4f3058
--- /dev/null
+++ b/charts/igotify/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "igotify.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "igotify.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "igotify.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "igotify.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/charts/igotify/templates/_helpers.tpl b/charts/igotify/templates/_helpers.tpl
new file mode 100644
index 0000000..20afacb
--- /dev/null
+++ b/charts/igotify/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "igotify.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "igotify.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "igotify.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "igotify.labels" -}}
+helm.sh/chart: {{ include "igotify.chart" . }}
+{{ include "igotify.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "igotify.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "igotify.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "igotify.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "igotify.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/igotify/templates/deployment.yaml b/charts/igotify/templates/deployment.yaml
new file mode 100644
index 0000000..59c16bb
--- /dev/null
+++ b/charts/igotify/templates/deployment.yaml
@@ -0,0 +1,75 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gotify
+  labels:
+    app: gotify
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gotify
+  template:
+    metadata:
+      labels:
+        app: gotify
+    spec:
+      securityContext:
+        runAsNonRoot: true
+      containers:
+        - name: gotify
+          image: {{ .Values.gotify.image }}
+          imagePullPolicy: IfNotPresent
+          ports:
+            - containerPort: {{ .Values.gotify.containerPort }}
+          env:
+            - name: TZ
+              value: {{ .Values.gotify.env.TZ }}
+            - name: GOTIFY_DEFAULTUSER_PASS
+              value: {{ .Values.gotify.env.GOTIFY_DEFAULTUSER_PASS }}
+          volumeMounts:
+            - name: gotify-data
+              mountPath: {{ .Values.gotify.volumeMountPath }}
+      volumes:
+        - name: gotify-data
+          persistentVolumeClaim:
+            claimName: gotify-data
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: igotify
+  labels:
+    app: igotify
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: igotify
+  template:
+    metadata:
+      labels:
+        app: igotify
+    spec:
+      securityContext:
+        runAsNonRoot: true
+      containers:
+        - name: igotify
+          image: {{ .Values.igotify.image }}
+          imagePullPolicy: Always
+          ports:
+            - containerPort: {{ .Values.igotify.containerPort }}
+          env:
+            - name: IGOTIFY_CLIENT_TOKEN
+              value: {{ .Values.igotify.env.IGOTIFY_CLIENT_TOKEN }}
+            - name: GOTIFY_SERVER_URL
+              value: {{ .Values.igotify.env.GOTIFY_SERVER_URL }}
+          volumeMounts:
+            - name: igotify-data
+              mountPath: {{ .Values.igotify.volumeMountPath }}
+      volumes:
+        - name: igotify-data
+          persistentVolumeClaim:
+            claimName: igotify-data
diff --git a/charts/igotify/templates/hpa.yaml b/charts/igotify/templates/hpa.yaml
new file mode 100644
index 0000000..e99c61e
--- /dev/null
+++ b/charts/igotify/templates/hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "igotify.fullname" . }}
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "igotify.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
diff --git a/charts/igotify/templates/ingress.yaml b/charts/igotify/templates/ingress.yaml
new file mode 100644
index 0000000..8338f88
--- /dev/null
+++ b/charts/igotify/templates/ingress.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: gotify-ingress
+  annotations:
+    {{- if .Values.ingress.className }}
+    kubernetes.io/ingress.class: {{ .Values.ingress.className }}
+    {{- end }}
+    {{- if .Values.ingress.annotations }}
+    {{- toYaml .Values.ingress.annotations | nindent 4 }}
+    {{- end }}
+spec:
+  rules:
+    - host: {{ .Values.ingress.gotifyHost }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: gotify
+                port:
+                  number: {{ .Values.gotify.servicePort }}
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: igotify-ingress
+  annotations:
+    {{- if .Values.ingress.className }}
+    kubernetes.io/ingress.class: {{ .Values.ingress.className }}
+    {{- end }}
+    {{- if .Values.ingress.annotations }}
+    {{- toYaml .Values.ingress.annotations | nindent 4 }}
+    {{- end }}
+spec:
+  rules:
+    - host: {{ .Values.ingress.igotifyHost }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: igotify
+                port:
+                  number: {{ .Values.igotify.servicePort }}
+{{- end }}
+
diff --git a/charts/igotify/templates/pvc.yaml b/charts/igotify/templates/pvc.yaml
new file mode 100644
index 0000000..0b2cd5f
--- /dev/null
+++ b/charts/igotify/templates/pvc.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gotify-data
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: igotify-data
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+
diff --git a/charts/igotify/templates/service.yaml b/charts/igotify/templates/service.yaml
new file mode 100644
index 0000000..28e8a2e
--- /dev/null
+++ b/charts/igotify/templates/service.yaml
@@ -0,0 +1,30 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: gotify
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.gotify.servicePort }}
+      targetPort: {{ .Values.gotify.containerPort }}
+      protocol: TCP
+      name: http
+  selector:
+    app: gotify
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: igotify
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.igotify.servicePort }}
+      targetPort: {{ .Values.igotify.containerPort }}
+      protocol: TCP
+      name: http
+  selector:
+    app: igotify
+
diff --git a/charts/igotify/templates/serviceaccount.yaml b/charts/igotify/templates/serviceaccount.yaml
new file mode 100644
index 0000000..5f8b54e
--- /dev/null
+++ b/charts/igotify/templates/serviceaccount.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "igotify.serviceAccountName" . }}
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}
diff --git a/charts/igotify/templates/tests/test-connection.yaml b/charts/igotify/templates/tests/test-connection.yaml
new file mode 100644
index 0000000..5193d82
--- /dev/null
+++ b/charts/igotify/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "igotify.fullname" . }}-test-connection"
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "igotify.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
diff --git a/charts/igotify/values.example.yaml b/charts/igotify/values.example.yaml
new file mode 100644
index 0000000..c32a5f1
--- /dev/null
+++ b/charts/igotify/values.example.yaml
@@ -0,0 +1,40 @@
+# Gotify server settings
+gotify:
+  image: gotify/server:latest        # Docker image for Gotify server
+  containerPort: 80                  # Port inside the container
+  servicePort: 1337                  # Port exposed by the Kubernetes service
+  env:
+    TZ: "Europe/Berlin"              # Timezone setting
+    GOTIFY_DEFAULTUSER_PASS: ""      # Default user password
+  volumeMountPath: /app/data         # Mount path for data volume
+
+# iGotify assistant settings
+igotify:
+  image: ghcr.io/androidseb25/igotify-notification-assist:latest
+  containerPort: 8080
+  servicePort: 1338
+  env:
+    IGOTIFY_CLIENT_TOKEN: ""         # Client token for auth
+    GOTIFY_SERVER_URL: "http://gotify"  # URL to reach gotify from igotify
+  volumeMountPath: /app/data
+
+# Persistence settings for volumes
+persistence:
+  gotify:
+    enabled: true
+    size: 1Gi                        # Volume size
+    storageClassName: ""            # Optional storage class
+  igotify:
+    enabled: true
+    size: 1Gi
+    storageClassName: ""
+
+# Ingress settings for external access
+ingress:
+  enabled: true
+  className: nginx                  # Ingress controller class name
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+  gotifyHost: gotify.example.com    # Public hostname for Gotify
+  igotifyHost: igotify.example.com  # Public hostname for iGotify
+
diff --git a/charts/igotify/values.yaml b/charts/igotify/values.yaml
new file mode 100644
index 0000000..8d17409
--- /dev/null
+++ b/charts/igotify/values.yaml
@@ -0,0 +1,159 @@
+gotify:
+  image: gotify/server:latest
+  containerPort: 80
+  servicePort: 1337
+  env:
+    TZ: "Europe/Berlin"
+    GOTIFY_DEFAULTUSER_PASS: "test1234"
+  volumeMountPath: /app/data
+
+igotify:
+  image: ghcr.io/androidseb25/igotify-notification-assist:latest
+  containerPort: 8080
+  servicePort: 1338
+  env:
+    IGOTIFY_CLIENT_TOKEN: "Cyirsn0q.hYe3si"
+    GOTIFY_SERVER_URL: "http://gotify"
+  volumeMountPath: /app/data
+
+persistence:
+  gotify:
+    enabled: true
+    size: 1Gi
+    storageClassName: ""
+  igotify:
+    enabled: true
+    size: 1Gi
+    storageClassName: ""
+
+ingress:
+  enabled: false
+  className: nginx
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+  gotifyHost: gotify.example.com
+  igotifyHost: igotify.example.com
+---
+# # Default values for igotify.
+# # This is a YAML-formatted file.
+# # Declare variables to be passed into your templates.
+#
+# # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
+# replicaCount: 1
+#
+# # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
+# image:
+#   repository: nginx
+#   # This sets the pull policy for images.
+#   pullPolicy: IfNotPresent
+#   # Overrides the image tag whose default is the chart appVersion.
+#   tag: ""
+#
+# # This is for the secrets for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+# imagePullSecrets: []
+# # This is to override the chart name.
+# nameOverride: ""
+# fullnameOverride: ""
+#
+# # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
+# serviceAccount:
+#   # Specifies whether a service account should be created
+#   create: true
+#   # Automatically mount a ServiceAccount's API credentials?
+#   automount: true
+#   # Annotations to add to the service account
+#   annotations: {}
+#   # The name of the service account to use.
+#   # If not set and create is true, a name is generated using the fullname template
+#   name: ""
+#
+# # This is for setting Kubernetes Annotations to a Pod.
+# # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+# podAnnotations: {}
+# # This is for setting Kubernetes Labels to a Pod.
+# # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+# podLabels: {}
+#
+# podSecurityContext: {}
+#   # fsGroup: 2000
+#
+# securityContext: {}
+#   # capabilities:
+#   #   drop:
+#   #   - ALL
+#   # readOnlyRootFilesystem: true
+#   # runAsNonRoot: true
+#   # runAsUser: 1000
+#
+# # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
+# service:
+#   # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+#   type: ClusterIP
+#   # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
+#   port: 80
+#
+# # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
+# ingress:
+#   enabled: false
+#   className: ""
+#   annotations: {}
+#     # kubernetes.io/ingress.class: nginx
+#     # kubernetes.io/tls-acme: "true"
+#   hosts:
+#     - host: chart-example.local
+#       paths:
+#         - path: /
+#           pathType: ImplementationSpecific
+#   tls: []
+#   #  - secretName: chart-example-tls
+#   #    hosts:
+#   #      - chart-example.local
+#
+# resources: {}
+#   # We usually recommend not to specify default resources and to leave this as a conscious
+#   # choice for the user. This also increases chances charts run on environments with little
+#   # resources, such as Minikube. If you do want to specify resources, uncomment the following
+#   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+#   # limits:
+#   #   cpu: 100m
+#   #   memory: 128Mi
+#   # requests:
+#   #   cpu: 100m
+#   #   memory: 128Mi
+#
+# # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
+# livenessProbe:
+#   httpGet:
+#     path: /
+#     port: http
+# readinessProbe:
+#   httpGet:
+#     path: /
+#     port: http
+#
+# # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
+# autoscaling:
+#   enabled: false
+#   minReplicas: 1
+#   maxReplicas: 100
+#   targetCPUUtilizationPercentage: 80
+#   # targetMemoryUtilizationPercentage: 80
+#
+# # Additional volumes on the output Deployment definition.
+# volumes: []
+# # - name: foo
+# #   secret:
+# #     secretName: mysecret
+# #     optional: false
+#
+# # Additional volumeMounts on the output Deployment definition.
+# volumeMounts: []
+# # - name: foo
+# #   mountPath: "/etc/foo"
+# #   readOnly: true
+#
+# nodeSelector: {}
+#
+# tolerations: []
+#
+# affinity: {}

From 5c420502a80695b978994834327a399cdd9f91c0 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:40:36 +0000
Subject: [PATCH 03/10] add non-root user to image

---
 Dockerfile | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 29472f6..a3ceaf2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,11 @@
 # See https://devblogs.microsoft.com/dotnet/improving-multiplatform-container-support/
 FROM mcr.microsoft.com/dotnet/aspnet:9.0 AS base
+
+# Create non-root user and group with fixed UID/GID 1000
+RUN groupadd -g 1000 appgroup && useradd -u 1000 -g appgroup -m appuser
+
 WORKDIR /app
+
 EXPOSE 5047
 EXPOSE 7221
 
@@ -22,7 +27,13 @@ RUN dotnet publish "./iGotify Notification Assist.csproj" -c Release -a $TARGETA
 
 # final stage/image
 FROM base AS final
-WORKDIR /app
 COPY --from=publish /app/publish .
-# USER $APP_UID
+
+# Ensure appuser owns the app directory
+RUN chown -R appuser:appgroup /app
+
+# Switch to non-root user
+USER appuser
+
 ENTRYPOINT ["dotnet", "iGotify Notification Assist.dll"]
+

From aea9b5fd10d1bcb52f40880eba3f626f83a79803 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:42:22 +0000
Subject: [PATCH 04/10] remove old init values for helm

---
 charts/igotify/values.yaml | 142 +++++--------------------------------
 1 file changed, 18 insertions(+), 124 deletions(-)

diff --git a/charts/igotify/values.yaml b/charts/igotify/values.yaml
index 8d17409..95b31c7 100644
--- a/charts/igotify/values.yaml
+++ b/charts/igotify/values.yaml
@@ -33,127 +33,21 @@ ingress:
     nginx.ingress.kubernetes.io/rewrite-target: /
   gotifyHost: gotify.example.com
   igotifyHost: igotify.example.com
----
-# # Default values for igotify.
-# # This is a YAML-formatted file.
-# # Declare variables to be passed into your templates.
-#
-# # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
-# replicaCount: 1
-#
-# # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
-# image:
-#   repository: nginx
-#   # This sets the pull policy for images.
-#   pullPolicy: IfNotPresent
-#   # Overrides the image tag whose default is the chart appVersion.
-#   tag: ""
-#
-# # This is for the secrets for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
-# imagePullSecrets: []
-# # This is to override the chart name.
-# nameOverride: ""
-# fullnameOverride: ""
-#
-# # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
-# serviceAccount:
-#   # Specifies whether a service account should be created
-#   create: true
-#   # Automatically mount a ServiceAccount's API credentials?
-#   automount: true
-#   # Annotations to add to the service account
-#   annotations: {}
-#   # The name of the service account to use.
-#   # If not set and create is true, a name is generated using the fullname template
-#   name: ""
-#
-# # This is for setting Kubernetes Annotations to a Pod.
-# # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
-# podAnnotations: {}
-# # This is for setting Kubernetes Labels to a Pod.
-# # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
-# podLabels: {}
-#
-# podSecurityContext: {}
-#   # fsGroup: 2000
-#
-# securityContext: {}
-#   # capabilities:
-#   #   drop:
-#   #   - ALL
-#   # readOnlyRootFilesystem: true
-#   # runAsNonRoot: true
-#   # runAsUser: 1000
-#
-# # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
-# service:
-#   # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
-#   type: ClusterIP
-#   # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
-#   port: 80
-#
-# # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
-# ingress:
-#   enabled: false
-#   className: ""
-#   annotations: {}
-#     # kubernetes.io/ingress.class: nginx
-#     # kubernetes.io/tls-acme: "true"
-#   hosts:
-#     - host: chart-example.local
-#       paths:
-#         - path: /
-#           pathType: ImplementationSpecific
-#   tls: []
-#   #  - secretName: chart-example-tls
-#   #    hosts:
-#   #      - chart-example.local
-#
-# resources: {}
-#   # We usually recommend not to specify default resources and to leave this as a conscious
-#   # choice for the user. This also increases chances charts run on environments with little
-#   # resources, such as Minikube. If you do want to specify resources, uncomment the following
-#   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-#   # limits:
-#   #   cpu: 100m
-#   #   memory: 128Mi
-#   # requests:
-#   #   cpu: 100m
-#   #   memory: 128Mi
-#
-# # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
-# livenessProbe:
-#   httpGet:
-#     path: /
-#     port: http
-# readinessProbe:
-#   httpGet:
-#     path: /
-#     port: http
-#
-# # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
-# autoscaling:
-#   enabled: false
-#   minReplicas: 1
-#   maxReplicas: 100
-#   targetCPUUtilizationPercentage: 80
-#   # targetMemoryUtilizationPercentage: 80
-#
-# # Additional volumes on the output Deployment definition.
-# volumes: []
-# # - name: foo
-# #   secret:
-# #     secretName: mysecret
-# #     optional: false
-#
-# # Additional volumeMounts on the output Deployment definition.
-# volumeMounts: []
-# # - name: foo
-# #   mountPath: "/etc/foo"
-# #   readOnly: true
-#
-# nodeSelector: {}
-#
-# tolerations: []
-#
-# affinity: {}
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Automatically mount a ServiceAccount's API credentials?
+  automount: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80

From 694b4571e8206adfe6af20263d41ea5661896c91 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:42:40 +0000
Subject: [PATCH 05/10] set non-root user to pod security

---
 charts/igotify/templates/deployment.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/charts/igotify/templates/deployment.yaml b/charts/igotify/templates/deployment.yaml
index 59c16bb..a3014f7 100644
--- a/charts/igotify/templates/deployment.yaml
+++ b/charts/igotify/templates/deployment.yaml
@@ -55,6 +55,8 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
+        runAsUser: 1000
+        fsGroup: 1000
       containers:
         - name: igotify
           image: {{ .Values.igotify.image }}

From 04fe7de2d2d48276b03c64e68c99e5f02803ffea Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 10:43:07 +0000
Subject: [PATCH 06/10] remove helm test

---
 .../igotify/templates/tests/test-connection.yaml  | 15 ---------------
 1 file changed, 15 deletions(-)
 delete mode 100644 charts/igotify/templates/tests/test-connection.yaml

diff --git a/charts/igotify/templates/tests/test-connection.yaml b/charts/igotify/templates/tests/test-connection.yaml
deleted file mode 100644
index 5193d82..0000000
--- a/charts/igotify/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "igotify.fullname" . }}-test-connection"
-  labels:
-    {{- include "igotify.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "igotify.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never

From 5349f79df12984b7ed87d752ac1839fd0724c3f9 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 12:52:58 +0000
Subject: [PATCH 07/10] first working chart, using gotify as dependency instead
 of defining it ourself

---
 charts/igotify/Chart.lock                     |   6 +
 charts/igotify/Chart.yaml                     |   9 +-
 charts/igotify/charts/gotify-0.5.2.tgz        | Bin 0 -> 13925 bytes
 charts/igotify/templates/deployment.yaml      | 124 ++++++++--------
 charts/igotify/templates/ingress.yaml         |  68 ++++-----
 charts/igotify/templates/pvc.yaml             |  23 ---
 charts/igotify/templates/service.yaml         |  29 +---
 .../templates/tests/test-connection.yaml      |  15 ++
 charts/igotify/values.example.yaml            |  40 ------
 charts/igotify/values.yaml                    | 133 +++++++++++++-----
 10 files changed, 228 insertions(+), 219 deletions(-)
 create mode 100644 charts/igotify/Chart.lock
 create mode 100644 charts/igotify/charts/gotify-0.5.2.tgz
 delete mode 100644 charts/igotify/templates/pvc.yaml
 create mode 100644 charts/igotify/templates/tests/test-connection.yaml
 delete mode 100644 charts/igotify/values.example.yaml

diff --git a/charts/igotify/Chart.lock b/charts/igotify/Chart.lock
new file mode 100644
index 0000000..a14d3a1
--- /dev/null
+++ b/charts/igotify/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: gotify
+  repository: https://pmoscode-helm.github.io/gotify/
+  version: 0.5.2
+digest: sha256:c6c1e934ae5402663be457b1f2ffb40d9d2e59f04dd9b2cbebbd7ccb0f444ea2
+generated: "2025-05-28T11:52:42.177530614Z"
diff --git a/charts/igotify/Chart.yaml b/charts/igotify/Chart.yaml
index 17ee492..69f7243 100644
--- a/charts/igotify/Chart.yaml
+++ b/charts/igotify/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: igotify
-description: Docker container for sending Gotify notifications to iOS devices (bridge to gotify websocket)
+description: A Helm chart for Kubernetes
 
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -21,4 +21,9 @@ version: 0.1.0
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.3.1"
+appVersion: "1.16.0"
+
+dependencies:
+  - name: gotify
+    version: 0.5.2
+    repository: https://pmoscode-helm.github.io/gotify/
diff --git a/charts/igotify/charts/gotify-0.5.2.tgz b/charts/igotify/charts/gotify-0.5.2.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..3bc4e8b5ca04d6fcd49de245591caf12f073b14f
GIT binary patch
literal 13925
zcmV-rHk!#FiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMZ}cHFkMIClQ#Q{aqqZzOeQL~_2hu9KrkV|#jJNk3_P(o{Dq
z0g25SL>z)4K*<x^572+wC+O-weTY6!U!Z-2E^L4tay~36c5-^|&s;09hQ!Cl#{R|z
zFcXSL%fpj7%~X3y7x7;{|Kqx@+wXSqU)Ocl|Mj|F_b*=0bvs?Z=lh+%xSrqb_y0oN
zKLD1ECzpz5e{ny#ul2$Gi##+*grbUzL>@VW&`j}&hH9P%Z7vS^g3dr5k@pTEgtSOP
z7jQ%j&EP9Sut@RlP(pSG*^%Gww>!2#8dDXCY=P~Yr$u6(<Zln@g7v$by~aF*M8Xky
zJ(+I%n%r)HbS?5M1lvKL#YbeWR4R`S4`&=JhGKD;E`$sPgVr44#bIR>MJqB-Q<16P
z(aa&2G6%T{?Sk?|QJz4y0dvug?G6@{$47)Gk@#Ejsm;KlDgOs#l8fYs-1!bo)AFZ5
zGXoiBJXQGWC4xg*gc8XYX$-_n35i5TBqWR{GeQ$aG6;d+>0b+wQctrp7aFW`#Mn|h
z0d?r`P`AAW7k2cqn2E!T-XAWgRFK)%E&aMB7c`FBX)<%FxNurK2TV5cQ=5uv*&0Dg
zBm!)E+aT03g(E`KH0B{vymMC|(rx$JzVpxK#ec?QC-9EOImkaq0X!i8d)~lXm;Zx~
z`$hi$8IKX)4k6D-t3@(Mh2%<POLEWE+%lGt@eZkcUK995{WOnbl8TszTCnP0m-yp|
z9LM)`DT{Jpo@J0IVi}N#h^RS~{U|y+B8`UQU}1cFnaA-pgc&GF_7b5;0>FSZ36BVa
zh~}{}1qqiVm%#R&^?FC-=11G)-}o#MnGqiscaUYA0rpt?8s%}kQNpn*4u_I~OhqE$
z6;Or}zHuCeAZ6=BBq|ee>o|_Zed{9QGoBog|7;xmXX8JUtz}+=nhPd%p_k)n^YY?)
z`k##k_99gVbb-ZynYJXtVzDV9hENek6%D8aa?2A&_T;ZISI}va#ZvwnH%Tg_nq?sO
z9a0uO<y2QaBDV0VMMXl9BoJyjsR7W6LaPvLjO>}&Kaz;qzgaQMf^Wk)%_OMjxr&DW
zp6b7+d;!m=Sq}dmi}3lG2x+`eL{@^MTbm21p2zx={)=cG{Jhg~`+6d?=avXrpy#6a
zl~O71MaG^R5UPVZDFLq{sUQ;Fq%LfJzLAifqYj~L!IN!;%dYCRF6~=elRPV#B~g$i
zG%g#d)W^mbJmCu(m+wgo$xO{P!%!*pWb2<t#B*2Efht__1^gxw<PiJk5gF&1Na651
z$l?|Jh6gf|!Hi3lp|&HC&>#l(Ei&@z{Sk?1EWr>q58*frMV_cqCYWlZ{?#EQ%z!F5
zA}Y(FC`%b56^oK6v01Nbagui*imG~Y3pr4)L-y`@9FqXZ3=+tw0;ahh7O7h9m)1fl
zE(-2V1v_5rYNNn4gn7o*QnMnwRV6%;e3^+nJtDsAx@*<sS{+0uWfw`jyb?ma;4#Rh
zRIn&fLpA4KX8exFFoUrSX<Wm+?lGh(4S38I2We1G2+KrT{M{nQXJ<y{<jJu-7m4ny
zf_;3g2~!h}2HGM~H()HElQ`GL+2m4Fn#j}<85UzZ5lO^nc?N_hnkl7Y|JAiE-K?Mu
zV=Co&f%R=OssXyq1IQ9kAkmXB?X|J)5lLn|dAqfsie-z2*tQ;<ZeI%p>pisa#}UzT
zMz!EA)h2EmMMvRoP&Kc)8v4Z%IV|6pB2z@kL|0!xVxYfHA><JcHO6A2E)e;e0kx1Z
zL#}n*Qn9o%v;y;4(e*YcomA^QsUQhqoyRJl$o(9WVs<xXpeCfG5}8(flK-Z^>3=lg
zzT_oWqP}@;OzG8+BXR|leV=g!7fHC{;ZWr?E?Pa&^QBv@{M^E985G8M!9w2y$z@LC
zc&S|tu~<ODh*sQMCLp4h<p|2!=$R-%VxV_G)SOE~C81gu$&icO;5wWO9s;T(EiJU9
zYm+G!j-?<x(V|I$)c8+A^KYi4W)XsN@Q!C9(bF!CnG<uRVkk7a0i{V~9?o_5uX(~X
zjkd`oB1@4ICdfTaY9pys%M&wNg}_BZGe1ve*m}$pU4*h<a*5v;x`PDtl+bM1w4T{Q
z;OIfyN%4{d8AaSg3NrHb3e{h?ZKDgmBD^roQ35RN?*%N-Ui19nYi@`5YYy_UHP#F!
z!QdLr4UugTsY=9<6_Q}X+M-d!6Rwt6@t<w@etGb*X1sz$8dC-G@cd#rzHY0x>htyS
zfdAL&c!M?nuj>uEU;Mv6<MG<$B^XgviHwjpS7#(xYKfU>%U{hw0?~4fCQKeV@7}ev
z3D*9H2^$p3-Rddw;RBY)Xfgxx725Pi&o@e=zSLz2S(R?1{x)ytN~Q1K>5jfyud8BR
zM!tJTv|9P_;pp)2-8<72wo5*Ic=ygUw(7wYb=LokCFnjvfx#(B8s~z+rN~sH1lihB
zZEZ-I_Ta5Hp~(5g>G-G1i>vALulBT#2vtmGph&Bwtx}oN5Qqlk3SzC2+UMol4<ATN
zkYA)oG?335@7h|Iv~{cU#{IFKSRg($3UgTMmUt4zIRnzLk*&f<ZICwk@L_)qvdQHd
zT)I{HyP)F=76_PBROPZw8PhWX_|E?L&_Dpfxxl$QIz0T!f^qa!iK!h(KNFOFM`Nw9
zvyUO35TZrY5t%5mpi83YEf7i~xYv$Vu0WQCLA6OTxzzeP07CC5k2RgPD<&cNLF6Q)
z3Av{#oEs+u$EjVC3L|{|<VluyA!*$|Jau2MrtW%t^^eKPmf6F$9@FWAy^&U{5c#C>
z?p@>EJIjB2JYn#b6tf&xP*^Y@arcqE+Q?&ulNukk%>8N{M;g+#DaE1g<iXNec?1()
zUY!1Pe*Aj8hOJbv$C7$X8Z=GYbx#Dt4O=j|!eVo?5>KSk*m}O+nMTr1o?3vSj4Fz4
zTTGg<om`wxk0<Bjt8G#y73^^X{Hj3FR+(e54jIByN}%$!5kuwlHvYjSSH&!Q{-Eu)
z-L`i$bce3yv0Q>Sle4Nq(QaG;`J*7#P_!bE-P4R!z}I~oeN{(FRiOW~)#<<7vtj@J
zG>2IGp>36ZuBCtn?Z4jo`ftzuvi|$$Jn!Be9ysH-DLUSBsD<IsZEiaUhgM26h<LIt
z2V1L;=*zcFDglbTLULDw=;S?7S)PQX-@!lm;yRBa{+2XajWz4cLEug>&PZt4gVtnA
z@@r0G9&un=%pllp=X)@1V|k@}z<4wXAf#F<NwEO(_flS)!A2ZnCJD{Jc+!9o2#h`K
z1xrN4>G`!Ts|^4xF!$TeBqEs+Tc(jxaUsskJFZ9(xXh)7Q))XUk7En%F1)TZb%EQ8
zslC1?QJ`$+_s5`HYhU~KR|xvi^T*HU3dRx%rjd2^XW*>8d?IjZ#uF8h#=ptdzsbg0
zTc*>;Q`h!CYcyAxOwAv~Y85prOvF-$DHYQI;@y*qg;q1VK9VYu&EIyBpS&j-q_NhD
zjsKxR8b39j&Ol<Z5Qza$?gY?$HW1DsUbN->5P?40W=-1Rv`vQ_pQQ~Eo!Lg)6)Lgg
zJ1+AW^tVkzs$84bCc;LQ_vF`HC|DcsW-AMt&>65+uso{S8rQ~_+={OvzV#5s)(6?z
z3V~Uj_^27VrB-1^9&K1iAEVcG0d6g3LhV9|G0r|Rpz5;A`7RMuFV;5eKx9n~?0v-l
z*x%JuQXOA~?~6to_KyvpU~2;#y#3GCwf}#7HtatJX)KltNIqXW-~;yGpg-uZ+kbt(
z^Tq!AGoEU88BJ4pc;`8{JYh%Vv?K(la8HlQ)z$|C3=Xm4(=5fI2wAHTm&)NiNqE8_
zQKYM@Y8%TetD^rXkBH|GQixmA;DV}fepcyWdmo#MXw_HWfLV~fZMQPiqETEUDkM&Q
zS-Ff!k+nq1Rc$4Hpo_TH^KezIBA(2PxHhJzkE(3Dz~a_XY~<9G{cmK=e9B-pHOf}f
z*`|2f)mAoE+&3XwP0!k*{&rATF^}q6aY@`&gRHFcQCN1sBX<Jh`Sq4<B5k7*D#KUp
zN>bK`4@VoH6`hgy>*jjRx@xTVa#=~t+GuZ;wN-}?lDo~(u9*dpwbxRj>TRrW{PJQt
zdGW(f*W;^yjIVyW8ed;toL`S$jgL>qSJ$-~gkW-F4bmNbS*viZ%MGgh82CkE%`Uj7
z|MO#kD_i;uP;JWqdmLu3r&r_S*FPPfon3rCKE1e_yqugr8oyh+t(e}AAJ2NrYYAu%
zjOFxrdi>q-_4udL$?@6vWcpb6*L(S0pzmmNm1VYGZ#8K6^&yBFHu0|USPYz8oS%<R
zrjv{F?MP_o9*VSQ7Bsd%R#?`bqr2TWui$3~+CPf;Ew9&M9KSezb2fc*J-))&@S_2&
zXa4Pi?jyZj9$!D2g|=i2evAw^>8+X*_yCL=F3s=fFQ=~_3tz4Ir}4*jfrAnGt(`Z9
z?$B*~tcf?5XBWq(<I~CO<Co*>)5+DxXx!{g`DlBWXK%E)d!V5-&b46sXiHb)my_%1
z)$vm}p_Y8P6}5LF&KK}n8$I%9YxfV@*)2VUHHa3v!Aq0&M$`0gtq3mgZ0~NaRJzt!
zZ58MU7hu*(q?u466!8(6o?KSG#rzHukn%DU0o41`{k()V>xmSpdUK#L=EK&$VfSkQ
zW<VML!}}=rl~l`avGrDIY}>6oGu_(_&Zo@snxLp;4OTNSD#I!YsDB^?Co$!V`e;J^
zYNvhv5HOn>1(S16d3HqJkq`B<RY9`hmsIo1R>f*rXP@GaZ1h*8q*eU5B1!GD_ESlW
zTa~J2%l*FIKHdM{i2oEBHlJ}T&;#+GuG?GB|LS?}m-x@0@;s2qRfK=P(jws8E)9K5
zJd_pWU8priHSw#K`B4ch(}ZmRQ0ADM-9CE~7I%=Hh($^>AdPRHdu?ynavP+5Qpuce
z|2+@DI==0fT-iVO_g6_^Ji;vGy*ZVChvi1U)!hq?kEF0SDouX%lOCl6_4`}fJ^lx>
z*LXy>p=R`0)Yw&vRS+-%buY48p3K^}L$ea&)pB&Ub=Uo@-36d%rO)*$@K!;h|CIHz
z1}P?ZIkDRqwni>j#QbS-%58DAEfbF=H^PHE<a~D{U9pJcJ&svEjZaMHw%L=_HjiqM
zXrs?{fHw@3deWxdT~Q*z=6&ueTkQE*Q<1h-C5N;ysWhzH%<V0~$<?L~U1{~ZD6=uB
z@<*1(@ZcC~z!f`JbWfO}x&b04RF&Ya?PJ-MBfA>6F>LEuul3pm^%VPGK0+;DJ%L<S
z&uU{$0mihNx4CN~%oEV?7815@uRkQ@9tG)U=%KPZs{U-160JE<76a~tsXyp4Y`i5T
z$rk}+rlCR=ZjXO#iN=)Roj(N_TgUim5BIx118Xn8ETR5)@od=t>0S7_j{$hV{&)Mm
z&ieij-y3|f|No5Vaj^trR9$Y1Bh=3)@qW)*u?Z-w**V)Fs%}Cwa;o}f!&KQ>wWfM&
za&NUevfOaGqrp|ldUI>xqUvTl6w(Hc-Ei{XU`KY-A2R<N{BN~LsboHbFnEan2OImp
z`u*OQ{NF$2S>s;A=r%j<ckyz?IQirR5GxASmeI;RAZvSujBBy6)xB<HsnR^%xvQim
z5Guj)mW>a8WG{>1aYeHksLS<W^0qj6E$m*;aCvItNB4Khh+X{uC&vHWet$Fnf8c%L
z|3BlY_=S6q<FkFTw<B7(Pu3zepF^O04mo0&zB-D3J<k4v41rzzZ&QXpix_x_|GOLc
zpZ#w4i~awnJdeulUXQ@8^L25!&!gD;BguZBGZMQtlFt~B{Vx>`Db9a=b$tGEe0K4&
zy<nfckB{@e@4B7d`uTsIp8tja|BUAuIhoUB2C<kq&T$+Q%@sk6yPA?2$Z{`Snu%W^
zTy1G%BFq<%;9*>eDH8D*+Kw~DV{ftrRfJ0tPzj8PgxvfcASHCw-;aBC3-K*LO2gtc
zo+}E;q1SfX?%}>;b|zLJpllAAf$ZiQ7Bo>jBvv-@WYw$*8Mj3?JJg22;hm2gmFH>^
z@3$T2KmOX%5=KIX2|5d!-9koMt#6!X&&Zp^Ztr7`^B;JE={Gk;@Yx(0q?M&IeLd!U
z*w9oiPDXXxy|&kGw_lBqPxt@h(DdLq&z?OaFMz5%1L-&|lBZ0|Uvsdb66DSt`AYU~
z`UC1wI(iZS3$6}ry>8zf1ObgGWBqUd{r=Dkx)JUBK6QuS4hQ=rSdvRnkdfCy{dOxf
z$~1W2<umevzpcTiQGxSOoa<N+&)!WB2HjCGd@`K2-q2@31jCLygkCW6yCaBtZf`(C
z%KC$@@B7=}H0KxYI(1FMiRWmMy_=!iV}b8K89H0fXZ<MbgWKtY@Ap~1?{)oX1f6cL
z(;p2+-Og_4G9eUsag7;FEs?}a4NceW4c-3Jp)vJB8Vx#qa0h+X?|?fTy4|iv1J+?3
z-}7nM-40DI0nK0X4e?yRtLLm2vH?6DE4JPs8nU71109WqULRZ!`jJ2KLbo5dK*962
z($+`W@utc)kB7_husl?BR^z;V(jva=cUzv<^7=biyi&paBu01J?RKsAr!u@p_HNv6
zKVZ;%@}$^$eb)^mU>%PQy~y|dDDpc#WkYWe(GWU8u!G@isDA<)cA?&V8tS{Bg!=9}
z>fI-!-X(iCqd_<r4hK(0y{$KL2W~WqXr~Vz?T2j8b9=+V(1VU23<2EmVbnhf4ck%Q
zt)SlRxBLfD-}xlecj~C`uA#m%wkP$oeQcd_Y#mKj{_vr(`R%7kxBA%pwqG4v=c8mr
z8N+kewPD4h;(RTsAZ?m69xdIK#}bjfn~pymb={{EoUI2Qi$(*#!>Bvz_WQoyA9}9u
zcUZRvJ$E#WwkrY+=_`mAc0;>`E1W}kOZIL;KNxn0;geyq_4=+q>~(208g@p$7Y$%A
z48oDy8?h*em<L-84g-_Q_}!9FS?;|eGNefYnKpyGo=4f!F=gwGMsDbL!d@@x2A!Z2
zj0XN7>~=a{zcUI)VX$3QZJ0qBpUoAyr%NItl1n@%!tSd(BzH8^h7gPf(TLF}Lu%`d
zI^AxMG2icwdXd)|^r9~7Lo^(X`d%-jJ-Qoz3y}fZ=4hg|bsy$HMzVLqz^C2r)6Fwm
z&v*OOb=_WP=ns4t2A(_UdV>Lky(nOAufLVj>g@j{R@~11e%mkE-yOC(-oxzw1S4V#
z`+HUP*S*)-ziuKYTxt7Qvry1uk^3~MiY#R6(b15OI^KvzLqF;b!(K2LxzuN@>$@H>
zf4H3l>~W$Ie`~fXNV3{Dh%d<A4TYi0JoaSBY`tL^^(eTk?+4vZ*B$w^PkX&i&x?Y-
z8x6dzmghPde6n5Vmv-Hw$>38ooL|>){zvV)AYY{A`5{UWERUu|uiN*Z?#9`AZsZMv
zP8bFr>vh2$M1eo*_j<!lCmi;|XuuwW_)k{9entI03h~}2@t?QOe;-r7h<KXTknd}i
zP4;dEksmRLo{W53FYJWfs52NwG#CzsE*l2JA!Xez3wu$|bGK7{iySkCr@CEDzI!vB
zoWE=@7)odD0FIbTd!45{fTo_?@gg?t4Z2Y;=tQ0$GA|qq{L!fIjs{*g+G^t)fI^X|
zj0d^0x~p)Mug1rxugC2L)A(Mbu{KVIy&z=pbmPR-3!<UlAC3ml^*e(;W!?UW_6JeF
z+Z**d?g-o+UaGN1rc~Y{vXrnP7z7;>Enf%S9`(9Ucadzp-mn+3fDJ~S!O$Odz#Dd4
zzXLSv4|+WxV26sekZDJL0VJSorl+zCox!m8bXjlfby+X!cDueGY170TjG`foXg6eD
zzwh?Ke($5OSbftAyMgCE-DI=%*s$A+!1tgRLa!V8!_g?{4QS7IgDB{Z2D|*0H3hif
z5-p-enHta_(wtbtlOorc?A`c%8u;C()0M5qI?(am&alUNUe6E1evi?S>v>TyV4VOM
zY{!^drb5H9&XIdJUbh#9^yyI$TdzCx81ty-vr*RtV7}*tol!KT)QyI|3tJ;sb<zAJ
zF}YnddsUq{Xt|FN&7YzZy}C~H9@dE)qS<fv$lguBhEV`dw@Yok00#a3zz>4Z>jiA&
zcWEc;dc#hKc1E7ZhC76eHI-<}Teq+zQ6?6~{}FfO<tuV*#Nyt~VBijd&eL=l3K~;y
z$hxdUJr^R@AG!T*I1Jp*AQ}w)V90vi;f|oDw&e?GYOWAQhrEG1e7bjG>qTDRYl|X^
zy2DPl7j)gxus0g?++HW7-Tr7RtGCF4-r_NLsgRNfMk?pByhH-C3W|KPZ5cb%96T-Q
z0`Nu?ZHabA-H1J1C);|%Za@QI9?(Gu5Q0nT0NlRo`(4+gZnR?{=w=qGW$(rdhOP@w
z55(Gfeeksci98BE^W0!G9C-bJ4!mx^7xcRRNBr-?ThIbA^g3+lcAxGpn0mgp!+R{~
zc-=k>{Lu49l(Enq^w_A|_d7eO4DTjr&$wzG)}2MK%etND>11!~g<%+Wy?*F-`hyYc
zc)g()j=GWW_g%&YF6@YwYqYc>xhoIq(c+=&_No7Lf5p}dU=;KRt{X(G(-{Pe`dyFF
z5GV^fo;!*@;!LOJG7GNAT!>rLTdvoq-KXmbTd&jYy93YjyJ0u*{SIX#V6@xQIO_VL
z&-%MzIk`9;|8()<r<05G(>Etmqqc_qXc+XKK1sIT0Q$ZDzy)s@bw|wgJAQ8zx<M3D
z*9GPdwocNz+WKUV!mD}|-Inj}P+Jkt&;ryWc)HpGPg}+#uNP9!?`S#KrO+AC9z>n)
zAcWp13<teIzpm0g=51(G`gnB#WF^Uf?A@@@P+PiBkF}V3z&sj6y%0LXh<d&5$nyqa
z7ly-r2bfPgJ4BlXsdf@U6jO5pq%{_=jN!U><9Xdt$eu25Y`wvt(*YXz!yxDl7z}zH
zcQEpMqy8}Lxx*mZp>qv<#R*4~Q|%N79SA$W!zniPg6=5v`W=7d!q8<M#)h5?lnn=i
zq1zn}dmr)3RyS0d+bPN34fH!fxBqmf!q$tzPT%cy`~h@n;JN)Ma=Sekbw{BOq3?%V
zJ@gitBwTSCThi7zf$q@jKiwd*^}>*OLpltiFkr)hA4bt2gedeok?Rk=ez@J1|7RyB
ze0l!xr^x@=P$i$Sj|cMq`tC;lU#HXilK=asJkQ99V0d8ciAY!;D$*+M5XQA2JWdW3
z{6(IT%NW=U9A}c4`#KW^8Azq8M?xyd%<aNNq>!MFxraCucyM;*)~zPF2STM&2AxD^
ze1*yd!6e15v`2wnMoKfqL!KHP#uFm)Y?Tp|Fh~E^GB3yDJSdsdj7q7yYeg9Vfww7S
z9IsZ3L`L8avZY9%sg)zmFfO5oL1)k;fnZBV^539I7?);q>9R>c%@ZEtpAz2UG8ql^
zprzuWY?2uy3^KwQBnp8@nC@1)LR=(GCx$zSbtfxWngm#G)&!eGija#Igd!0O9@+~?
znk2!`)WDEJCiM@8rYX>jVjCI7|3l1Y*brXz{5Gd?9TuVcH0DUVoYHGW6Gk&89cOGV
zsxx<<z?|N3yhw$rRd~>>AyI<*n%_ZnS`n`z&z#jX*aXfa$2lOUun>u{LNqxnQmW<#
zu3Mh4MB`rxyzW7$Ib<XSk;dR0knccO$UvqLswhVcG9E>S+C<6|E)v-!cO33h!4oB$
z1?nx9rE@@Dn#->BhndEgIYpj^A*2XUh`{9`jw%9R0S#}R19DuJu%``jLk`#yO+_qb
z{5QNKNf0#`5(teV2$eY>TvO$OOGR%%HZkjzkr-%(m&ss!LG#fHQs;oY5TRK@6bZSX
z+ax;8WQkA&eKU>c9B;<s3FCL1<usN}66C75`o<wd+(Aa;c*PU-`OOnEbX;*RC%Zad
zQ**VRE^LU2{|1c2G@0de2Aalj9jUmr&Jr9|N>iLjh{*JK*&VeLFwI09^JLZ}Jdt^f
zC>0rDkck<^(=F}2d3O2=N;j9q#$55xv`@oZ-QHy$#5}~W8Nbt(?26@!&vK5vXnK-g
zm*se3(i08S*<1c7N#{$6eF$s)A^do;Q4`$_kz>4qXL`b7EeSM`7~d3$b3iVTZbK_a
z@8>+6lThTbHgKsPOAs$ffR_bG&LG3oNt&jaNHcB#Bh<m|1d)*$G$s<1MpenLS5+$H
z+U>ZsQm`sLwTD#FYivYb7}JbL%Yq9)V<ANR<e3&WMhp-UIon7Br8$pdd*M<AYW*dm
zT#r1<z%UREt(<m>GdfXjBw8exlg)QiVSD?K=G0z_Xja?JO^G#*RKiB^v{dB^<zNQ7
zA!kKe#xBM`80dMu<ycxaiMhkyP@gE~(k_eOZMK>lDc*vp2#xtHsoWK@rbe-IB}hOM
zN5LW$8O?aSL~?~}K@&)nmOsgoRMemmq1bhS4co1n!;&z7g;OJ$CQ)<D(NB=GL=-_H
zxyFFVG(Rk&JT|iaIut25&U6c`=As@jmtkretcneSSMpe_;Qg9q={Y10O)5f2iz*RC
zJmmJ?Pp$j3I51bpk*Z=Kso`JKe7h!`Y8C5>z1R|9M5Hz~Y<~n==&=<X>!d<r{X0%;
z<+PTiF<Ai9AI$auM3<&n-KMrh^dPk=0p^szP(#@YTT5b|pb!*Mgnz;vB+8(AjGTq{
z%4$=oLhm%l&FmOaW#-Jz_&t}fLo6?-mKz!pk(Kw8RM8pR18~<_9#)WO!2d%_zP}aj
zVw=G?ZOr)&#UhP0tI0CGI|Hpwf#J0C<PN0bGrW2^&BP)#v}^c2Ubda0nKgK{7!pBj
zYa)N57Dw<=9EVG*J#0MN++0u$HAAGK)Ckd(F$g|ZC0FjCXf6q5G}XP9TK49o!e}Sr
z4icJFqDB=qY=!nKCXeqoixmpz#%ovNBlq|B?VYu3l|%2adx*}th+0-P;P0PA^ppMF
zUa)<%VQ*@S@sDcWKXlid+tz#&)9CN1tlXg;EXhrE-M2M^WNUmOP-+I*;d<Hq_Ll&`
zzx-4B|Fz}M&)dfX`+t1bTR;E99}L_t{{NrxVA{P{aD}^gL})VZ$w@UIM2T%7ffpEi
z7g3~b5SrZDdpGHAq3v-+Pl<~2_*e3O|L_0j|MP$SZ$@3HWoooy-OAEB1CmhW8J$`E
zgK284O|HRMfHzark4D~We?$Jb_Y8HWm9qG59|1C+qE>+Sbcx>U9O4w4WuPdJC82?~
z?C0XXzRze*6NX8Xb6B*=rMc}3gAp>%z-TjSZcWP|hC7<5GIb_^NMu-AV`FJ-nAIrT
zWMX$x6-%g;#6l6El0#NFcr}AwE6IfrYEG;hvL4aURvS<5M0}@FHLcqRxK>qMr>Mjx
zM6yl(-~Z!({a+mC8*;2QzPaf<=C@#VHR8lLndpQvk$kPJQNA(JND}I6Ng|#A0+WF;
z2GF(zDwpMS$UMdECzWo@X!V2?_ef?Ca_g`ezv>>yJ-SwCk_Mnv^pebJnl8<J9y#BT
z7P(e5tG0|Ur}qHL&N?@*t{{S}KK(o~z1!bkOPk_@<zHJTw+6H#c*Q?i0H{2*m)S!c
zn|2~SS4<v;B94L1a_zcp=e}oTgT5W7rR|rRk@Mr;vo*tFUzeJYS9($?`ER*4+C=i>
z-ZS3P6V;-vU+p_v@_S9QQ?X)qz{2-5Q7t7}s|nqA2x*a<D>TbANq?8mG}C3pi&l`&
zq%C!w&t_nZ?{R`x@GmTn%JNGKDqn29A2gbbSizy5ROs`^y=NMWEnM+y;kc{hYg?Es
z(oA5SN7MhQ-J(bfEEHc`Y7Q+{{fhXwR?8S>IcI>du726pPt0P>Ymk!8u#9mgTMPRJ
zTlpUaPq6#KiJbyn{J8h*7r_(k*wRZ&0bT4nXwa_BtTk$@+)%_TtAWsDh8a|7?ass<
zWJ!4`opZAxvDZ6!{8Ca7i{NlUrGjkBLcxC9`EFSUtBJw`1^L_5#KM#yc{&%d-OGvo
zM<G)U5pDN<93{58Er_-aQrF^ZVnmmwVT?J*TS7@e_crt_b1kv7U#*Lx5G!T*Y9q$Y
z8UZ~LU;Ayx`Oe6HM8g^Yd==5t(hq1B&W*G7mK&zInP4E|@e^bM7yD*J3k;8-l3R+r
zO(qEmskxHZj5HFtcIAo8xxqD7H!@dgos<AD8!h5RY<gMTkDYO4ulFs6RPO)9c2Kox
z_X|S>?2b!nGlT3<%Y}mkOuUjN@?NVrWbL-&*a=i~NGw1RKx{6z14Bx6oFeGkfWFt$
zYC=C|ZX*%L;+`k7BP~!b%qoS&_fye*n7}=*)n00$!ZcZtMUEjqbJY)(CDx3txwi!O
zbq3{y;yh8J+DMh>)0nDAWQ)T6lw>av41SSKlBA0!0Tu2y34;_8Rt*?SfQ2k=lD6Y~
z4>okCQHt@q5S6jHCD2a4BvP2mEsJz6yDQWALFAUI3Z@E+J6R>9G{ev(HlpYZr?i+E
zX~PF5W@FWyCKU!U%y?>Sp-YVPYlWYqd_W*)Hq>g6je(j>j}oH|r`0iQJ0YgotY)bY
zE)CHx=&}S`<jNe*h9wIiQD8xP*49O?6%B96#T{f(EbfWO$V;viWNo}5UN=S=)Bka^
zC}ZwNuoG4ZEL$YnAnlRUB9p5Vr$w$~8s0iB+p5!A?@-a1(<0x+LjUvP_`f+VawRBR
z(9~&>aqBhZF*)N>>8~Qo7ml_Vj4a$#=2{#+d-jZ+!HmY_Tqqs_*=loqL%!E&57*58
zszGGYsck<x%V1r8(p=3&28?*F`)}n9!p3}Qu9Y>c9BQqZEloUEu7X-7o!e~tw;6)P
zOXR0=cs4FZQo}op<hcG;rGl7;kVvq3$#wH(r}_2l8L{&FIu90HnXn*cHJcV3=a|fd
zU?j+Ah4wPkt8L;K^cc;e1BxY!%y3?a;XFky!HroJnz4qm?%C?8TO$cYH3Emci>p^n
zg0>{usw=`Xo{eU&04n^=6YKAkhOGg-)WR491bd5UDJXHLqQsR6vy@YMP`SiCMKoEG
zRN$fyjS(SKl88#RCP`Z4^~!ZBs6k616Uo(`+Jt^9?X*-p1qIoHCtw|t3_IXxisSN~
z>Co)1)S?`+Ok`RpU}32xDsr~zgeRE#r7%8PUAfe+MWRj7!<DSv0&m??xM9E3J}7Jy
zymMLz^bs{dSXan$T3zDeHq0AjNb6*7wd+wMO|`N`oEd*Bm*oP=%4uX|50y+YcN(3s
z9@~;gbRzdx$+?Dv3XrvBre&sqi6g6PN|t68Y$LSF9i?rfhgnXfHhOTvxbdWJ^h=e|
z@D{SCs^f2eeU8Ti{afca$Y&;_OPe4yhkcs~VsEO|z}02(zNvwDG#J$SgR@d`zU1mv
z9#q_H#4zJB%%udjVm=Mb$u?FE3SU0RXGiE{7!WiLfb326KLHJIjRSIV-6WTVO`zwl
zINf^hd!8_HFPr3yC;8hZS<p}yemm?p$??@|Q@to%sC|uqG}9c0t70jS^<USge{X8*
z1fBX?(nd<dTRPKHH=#3K^kK_GcYA4Mz|u@RPtv>)?w}Ex<_e3QP-I%nV!(yc4AM-n
zJgf+@Z!tCz+LCBtu1eu`>uOF!td&5)#@~KS%D)o#<W!J}mGgv>ms+Z?1pT*KgZ@yc
zy+k`<rMxdzEHa2OoL;OR-sN!uS$QJ4CUWf?lNFgsNNn~*l^Cr4vxbym0$d$}Si-&G
zuwvCrTlG?DIkajEJ3%-D(65zt1x*&?4j&2;Q!{JG<;zQQ3%Hbu=cgb@g?o$ZnYL|6
z!fc7_D^!wuh~qY*Rhyc*ELp=EZ+d8YKn6y1XEoc)QV?c&f|jrr;RXRXl@(3?*$j5F
zcg?jLyVr_TtLwmu2Q)Rbxg&U@ZFNA=X}mRBh^s`XnrhYpPmhkqx0aht(Iu!-E#X$R
zz<Mx79_(vl?k%pl8TKz$`p|PlGuU{}C8y9(<yya%Yvip$Z>PK6k8)qehD~r#@J)Fd
zfjls3PKpJH1k91Cn$?UcV8Wf@>Yi~kO(q1!Ga~NMeBqMhGDl@%t$ta=8nwg!LS*ZP
zlW~%)?a!r%iw@FE1Th#vSNa<nXkKS#hnse5tG<(wYAcR1)*_1C;*=`gEZlLCms+&#
zI2Q?ukFU)MRt!mPS}`IO(1mfJ*5<M9m9)sQDY}3~0GV~UGMksMA<PVk7a>Mtz~V$8
zSEw>%nyhNCCd<$w5rG-YJ>Aty(}d#75fp@L5`}~W+n!0k%Wmr);m_K9l`U-d=Qdi+
zE6%KaM2`)7&?Fx~u?~+`x#F=&U@&PZ7D$GP&d~}$&1g1OuyrJSb@~_{55x)(BL4R0
zW+8|wguk@*kD@b4_KHlOpTo=~6aBp3EcvUL64QJPk+Rb6hHJCfo^%#03;uX09$B1d
zwA*(sBwe|!B`P$<N<iA|JDO-na%rS3B^Z@lc}V6Oe`(A$%wfwb-hExg1W+(0E2S?J
zM2aTK02fM(DlPPlZldO_qm)N)YDbvY1}}@15EDVQ5uHrrvpJC!uPPyxKrkud!y-X!
z{BkPplUPu#(EUm%vq=sPR_e5HT;e53;GRTwKZYS`o?xPy<}d@EM#9P(&6BW9t~@x<
z0;=$P)Ep!j=wrk#(gu1y>+3T0Tnr_QABq`O)(=??3zH@|<}MktVf9V6pXiY$RlNUB
z59{hvotc$8x*8iUtQhjEVc5h4je8J^JIH`(TXh+L=B#=uQ7Dp#&+^QstG37`WXA9%
zH^z+r9r4l9p2zjG3gOM^3bFtoDW=783C9vmYb4oZvch63si|<Zjb$bxOoKMD15KDB
zL2dP-z))dg7`vDOB@tH@`6@$^8ZM`NAq#%CN~ujIT4Cj>UCk>KrKuJHLbC;x#j4yL
zT0E87UrWN^4q}m_TN7C`FVp?wFD?r{Y7;!Sktdp$tiZVkBh5-yGjFZ%%%!G>0y_)(
zizqUC^gxX#RoF(jlt>Bgr_ypkf-1z)*BO}4=Fnw>N91SQ8n)Cdvneq&ZTW&S))I-m
z*_FgR$Y{3wD0}U21u6_y$~%#K>p0`BQp>Df8{-{i^-awXelo>k+~keavwCn4#z3=*
zDVL(zuegfg;GoF-EtHC|so&Ak&{7FvEn-a$4z&7j1<RKHw<_riswf$u$}a~87!i`%
z7hJB^(W?QU7CAULt(u(0*^q?^dvJhbIXD1o2%Cl7nkigeK0?klyk)E2&zEg-Tr=Ct
zfV=h$aqZQ#N@MNqV+Nnp`cBi{y~u8hc!Y-chqY*Np<^^BW&nwt3uP#mCVYXy`{m??
zJUFm@6iY6Im6`5fb+WbC42*@(pVF+z60T2?32?<WXU;^P^`Nw4Wg<XIh<H6wEW8yG
z2`c6xgfu<ew>G=T44?#$RSYk#aSUb1K>yg*YK25Y5%c60Afd^j<S`^Fq*CqcAw5v@
z<@v?y@nNw1jV8bCYXC4n(KbP76U;J}KOTWuF-{60y-LQ=hR@446J%LUT;q~#mZqhu
zJU2d6DU1#dP(BK&HZxg_9I3?jHR%*IP@gfoF~NW&3x6rT)8J~tRtjvQbS3v2Z-X|;
z`ZDE(KHItUU(IbqL&_L?)suA5fjd}F$J6G^4O#%GP{jSylKKAnC7JKP$H(fMv&qT$
z{CfPy^zp#{Ki}=G@Bj09U-tj~InV3Kl$@DGGRHX)>C)`3*bDb@_dTguCysMj?sw4=
zNjr(blFTxyz2hdqjdmi!opCd07F#~dP97ox?KBxXE)?m~DJ)GXB6Y6~C)BMH6ZEz2
zt9c~$1j9Wo{2JG`Mq?j4VL)TYI;+K}a>q^vQe`}}$rq*9SbUE8g4-U-%_Y(?2bnYx
z&L&w1#v}bN;ILA&wFox{mI-eX1G5^Bs8SDc4_+KQp-4HDHg*A>4Lk_5fk;^tp>uja
zxB2SjNVs&OJWIHo8%xOg>oN~acuK4-*@Yr8%hU46oW@QAaR)dSGrNgd30|G7zM570
zNzSP;=2!X{_l1<h$<SI?)GYhqvZ{uEZJ2GxnZ6p6>x&oD?~kv>WO7X|uP**EIUS#p
z#_=_oTsNBJ`^ogx#hWSl{`l(Z_<Z^Uxp+a2&wn6)pPZjI$@qV|yc%C$lZz{7^7`^@
zGCpmR$@$6Io72hpOY+^DDLKEGlC#O{$#i^5rWZtaXq%dhuXSUu$5$t>j?bsZ-%ZXY
z(;u47i^=p{xB24YiX4;6<E!c9<jvXf6}fzKb$M|;CdcQe<ox1%a{l6Ka{hAsdVD@@
zlgT+bzaZm(jL)a!`qlB-neNItelvY_ai!rSCl{ALTuolSnvz!+XQ$(<Yx3QgoK23u
zI~$v>&VL{$XUCJ*O>%nt`uOD-Yh6rVjjtSC%s@xJe>K*xbbrU^<oIMdxj5Iuz#Q%4
zlWCJoFRrF#)$b?Q<0d)2np|syytuk}-E=fMFJ9;(lXG3~d~90Ls3x@;xwyjLZ?4B>
zgXDC4d^S0Md95q!Ar^(d<oo~Ed#wI1&-wc!`glP954xT8`~Q5m^X2~kKjnF5kAADB
z_W$*!yy?en_p0af^2Mwz=Nw{&SGD6|hljQ>9<c7WD)D9-e~U@9&!d>Cmi#rR8SFbZ
zf4wP=$RV%tU}xiyF!a8@&9nG<QHHJ#*I5CuIzFZdO0F7Rt6<l#<)H~7eygiKx0M{{
zMJ5)c^qI_^LkXzEBj=mKZ=^)xf`D=BOsc-LtKeo!Y6xbhdAVx(>=~JwY<L>Sf5l|2
zm!NQknM{&MIC%Y#wy$tW%$(W0Y}t7!z^NHxZR^l+Q3Q<E+AwGPn8dI|D%{a&wr!N<
zxP5<fH9i|3Uypw}KYl&_an-YJ*;o*vSS(EBDUHQa7DQu>roZO_=2Czpp}Bc+wR8~C
zJXY(`T<02~{*D9?i+lU!rV8L{E^*{?e#k^9@dy6zCtL2&?Dr@kts0MJ+u)m|81u;*
zF7jkMHtbr4*;S15w=v!_bEs;$mN8s&l)AxOj1`LQBDi*08Epx|gX1krK4Qe_ETc%9
z8zaUqus-`YC$EmLrazKa%l1(N(bRbuKvV8v@XS?Rj`N=U9hT%h!Q0~BlT%AH`ma?y
z^1buEr62SE;-A`I_{({354cYAIKC7y4|UVpP)}y$J^8tD9N*KWZ2U~#6I}!k7tm$O
ziYs|iuW0$ga6Z<rl&l=1Y44C&HK^#U-V#<W0-|?oc{%mUmw6mt+r#AFlbB15m!EHb
z)Gcfj*h_@Mltb-}@u*}!(<Uy?1KT%^+cO&96Jgwl_vGhyjmoWPjiYxTnvJlyS-El4
zXfzx4rpLw+-k{TL%!O34adh(z|7sjHkl<TjHgmUeKTM<9NU55eV*0PfQRC3Q)HB{V
zYD|hXR_yvZg^)))Y<&3f!;j5|ignc=Kj;ykSedapV^WW0=e^7olwSd5-)CIGMG^wy
zzglvwk>cv>_aqP^*7b3`x|aD=Ep4uGP+7j&j=jyf0*3Ft<k)*LHTFViVv4TUuisj|
zPC+&)q+ZH-Z*^0fQAGnP;Y1{fU5(vrLjp?YqJaI3>8VTkYfSbGO&^&H4gO}e0t>#?
zGc7?q&s8-1_f-Eq<qLQ|&2sqnScK2d^xW^8u(wotvUF>jOr9fI=)cf$eBSA}eT>3d
zO-xvj&;=B~QYz)W$k=lO!v3})o^l!+BCd>2{u*-y9Xm|?UX;f(XULu{(KKUimXOx_
zFf;W=LZ%s^-Unq1p428(4`fI6OFNQBHIbHuS8eHcQe}|L)Lip_f^6%#y7Gc2e4%~u
zqF!u^t*Y0~0o+2{MnGis^8zg|d|Pcu@df-Qk~Lh6^Gu|0_#I@i9gsDWR>f@-<;|+)
z7=}28S^;IWL8XK8TIa@k;ceGE)+8HB4_v;jl)zP`YW;0Z+I)=_x-_R(B*DWiBpXzN
z@Z;-Zm95^$Ua^+C+O5wc0*h2FHEC+y`FfRvpcSa4%rWNsy(e$77$MObk(hsqKa7yE
z)+BkqB{NXJTsJ$-d%Ia}wRBMK)+x7JF}7M3HVG{ee+#lnQj@M`j|Q{rlzYH&O~qER
zHTKQ+mtvI?cM>I)n>4m8YiPrxRg|dz+HX5kyEv}qJef(m&33h^DVLR#<;&KK1A*HN
z?#yD^3@VG&bCIdg9=RmNqFnd3_Ks{jxN!!dFZL~kA~ox=jW#5Ats?cOVJ-lm(!6h&
zoVS&#Q>(OTOn9=FES4a1B_WQ?H&QOhA$@1LF~s#?a2v`F+#MRlZ7tKRQm|&^@kC|f
z@YkG&x7u%3hud3R1e!S*H4}m2zGXTnjGev0;O44KtELHgIhmqS_1FFF4JRVI7lQp_
z8rC4~9?}kS*a31%@99D;^{ZBS7v-0L*O%wZ^X2)k`}}_a00960-ne1c0MGyc6+&~%

literal 0
HcmV?d00001

diff --git a/charts/igotify/templates/deployment.yaml b/charts/igotify/templates/deployment.yaml
index a3014f7..9bb49de 100644
--- a/charts/igotify/templates/deployment.yaml
+++ b/charts/igotify/templates/deployment.yaml
@@ -1,77 +1,81 @@
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: gotify
+  name: {{ include "igotify.fullname" . }}
   labels:
-    app: gotify
+    {{- include "igotify.labels" . | nindent 4 }}
 spec:
-  replicas: 1
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
   selector:
     matchLabels:
-      app: gotify
+      {{- include "igotify.selectorLabels" . | nindent 6 }}
   template:
     metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       labels:
-        app: gotify
+        {{- include "igotify.labels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
     spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "igotify.serviceAccountName" . }}
+      {{- with .Values.podSecurityContext }}
       securityContext:
-        runAsNonRoot: true
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       containers:
-        - name: gotify
-          image: {{ .Values.gotify.image }}
-          imagePullPolicy: IfNotPresent
-          ports:
-            - containerPort: {{ .Values.gotify.containerPort }}
+        - name: {{ .Chart.Name }}
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
           env:
-            - name: TZ
-              value: {{ .Values.gotify.env.TZ }}
-            - name: GOTIFY_DEFAULTUSER_PASS
-              value: {{ .Values.gotify.env.GOTIFY_DEFAULTUSER_PASS }}
-          volumeMounts:
-            - name: gotify-data
-              mountPath: {{ .Values.gotify.volumeMountPath }}
-      volumes:
-        - name: gotify-data
-          persistentVolumeClaim:
-            claimName: gotify-data
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: igotify
-  labels:
-    app: igotify
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: igotify
-  template:
-    metadata:
-      labels:
-        app: igotify
-    spec:
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 1000
-        fsGroup: 1000
-      containers:
-        - name: igotify
-          image: {{ .Values.igotify.image }}
-          imagePullPolicy: Always
+            - name: ASPNETCORE_URLS
+              value: "http://0.0.0.0:5000"
           ports:
-            - containerPort: {{ .Values.igotify.containerPort }}
-          env:
-            - name: IGOTIFY_CLIENT_TOKEN
-              value: {{ .Values.igotify.env.IGOTIFY_CLIENT_TOKEN }}
-            - name: GOTIFY_SERVER_URL
-              value: {{ .Values.igotify.env.GOTIFY_SERVER_URL }}
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          {{- with .Values.livenessProbe }}
+          livenessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.readinessProbe }}
+          readinessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.volumeMounts }}
           volumeMounts:
-            - name: igotify-data
-              mountPath: {{ .Values.igotify.volumeMountPath }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.volumes }}
       volumes:
-        - name: igotify-data
-          persistentVolumeClaim:
-            claimName: igotify-data
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/igotify/templates/ingress.yaml b/charts/igotify/templates/ingress.yaml
index 8338f88..22c69f7 100644
--- a/charts/igotify/templates/ingress.yaml
+++ b/charts/igotify/templates/ingress.yaml
@@ -1,51 +1,43 @@
-{{- if .Values.ingress.enabled }}
+{{- if .Values.ingress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: gotify-ingress
+  name: {{ include "igotify.fullname" . }}
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
   annotations:
-    {{- if .Values.ingress.className }}
-    kubernetes.io/ingress.class: {{ .Values.ingress.className }}
-    {{- end }}
-    {{- if .Values.ingress.annotations }}
-    {{- toYaml .Values.ingress.annotations | nindent 4 }}
-    {{- end }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
-  rules:
-    - host: {{ .Values.ingress.gotifyHost }}
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: gotify
-                port:
-                  number: {{ .Values.gotify.servicePort }}
-
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: igotify-ingress
-  annotations:
-    {{- if .Values.ingress.className }}
-    kubernetes.io/ingress.class: {{ .Values.ingress.className }}
+  {{- with .Values.ingress.className }}
+  ingressClassName: {{ . }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
     {{- end }}
-    {{- if .Values.ingress.annotations }}
-    {{- toYaml .Values.ingress.annotations | nindent 4 }}
-    {{- end }}
-spec:
+  {{- end }}
   rules:
-    - host: {{ .Values.ingress.igotifyHost }}
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
       http:
         paths:
-          - path: /
-            pathType: Prefix
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- with .pathType }}
+            pathType: {{ . }}
+            {{- end }}
             backend:
               service:
-                name: igotify
+                name: {{ include "igotify.fullname" $ }}
                 port:
-                  number: {{ .Values.igotify.servicePort }}
+                  number: {{ $.Values.service.port }}
+          {{- end }}
+    {{- end }}
 {{- end }}
-
diff --git a/charts/igotify/templates/pvc.yaml b/charts/igotify/templates/pvc.yaml
deleted file mode 100644
index 0b2cd5f..0000000
--- a/charts/igotify/templates/pvc.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: gotify-data
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 1Gi
-
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: igotify-data
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 1Gi
-
diff --git a/charts/igotify/templates/service.yaml b/charts/igotify/templates/service.yaml
index 28e8a2e..b225977 100644
--- a/charts/igotify/templates/service.yaml
+++ b/charts/igotify/templates/service.yaml
@@ -1,30 +1,15 @@
----
 apiVersion: v1
 kind: Service
 metadata:
-  name: gotify
+  name: {{ include "igotify.fullname" . }}
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
 spec:
-  type: ClusterIP
+  type: {{ .Values.service.type }}
   ports:
-    - port: {{ .Values.gotify.servicePort }}
-      targetPort: {{ .Values.gotify.containerPort }}
+    - port: {{ .Values.service.port }}
+      targetPort: 5000
       protocol: TCP
       name: http
   selector:
-    app: gotify
-
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: igotify
-spec:
-  type: ClusterIP
-  ports:
-    - port: {{ .Values.igotify.servicePort }}
-      targetPort: {{ .Values.igotify.containerPort }}
-      protocol: TCP
-      name: http
-  selector:
-    app: igotify
-
+    {{- include "igotify.selectorLabels" . | nindent 4 }}
diff --git a/charts/igotify/templates/tests/test-connection.yaml b/charts/igotify/templates/tests/test-connection.yaml
new file mode 100644
index 0000000..5193d82
--- /dev/null
+++ b/charts/igotify/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "igotify.fullname" . }}-test-connection"
+  labels:
+    {{- include "igotify.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "igotify.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
diff --git a/charts/igotify/values.example.yaml b/charts/igotify/values.example.yaml
deleted file mode 100644
index c32a5f1..0000000
--- a/charts/igotify/values.example.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-# Gotify server settings
-gotify:
-  image: gotify/server:latest        # Docker image for Gotify server
-  containerPort: 80                  # Port inside the container
-  servicePort: 1337                  # Port exposed by the Kubernetes service
-  env:
-    TZ: "Europe/Berlin"              # Timezone setting
-    GOTIFY_DEFAULTUSER_PASS: ""      # Default user password
-  volumeMountPath: /app/data         # Mount path for data volume
-
-# iGotify assistant settings
-igotify:
-  image: ghcr.io/androidseb25/igotify-notification-assist:latest
-  containerPort: 8080
-  servicePort: 1338
-  env:
-    IGOTIFY_CLIENT_TOKEN: ""         # Client token for auth
-    GOTIFY_SERVER_URL: "http://gotify"  # URL to reach gotify from igotify
-  volumeMountPath: /app/data
-
-# Persistence settings for volumes
-persistence:
-  gotify:
-    enabled: true
-    size: 1Gi                        # Volume size
-    storageClassName: ""            # Optional storage class
-  igotify:
-    enabled: true
-    size: 1Gi
-    storageClassName: ""
-
-# Ingress settings for external access
-ingress:
-  enabled: true
-  className: nginx                  # Ingress controller class name
-  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
-  gotifyHost: gotify.example.com    # Public hostname for Gotify
-  igotifyHost: igotify.example.com  # Public hostname for iGotify
-
diff --git a/charts/igotify/values.yaml b/charts/igotify/values.yaml
index 95b31c7..cd707c3 100644
--- a/charts/igotify/values.yaml
+++ b/charts/igotify/values.yaml
@@ -1,53 +1,118 @@
+# Default values for gotify
 gotify:
-  image: gotify/server:latest
-  containerPort: 80
-  servicePort: 1337
+  ingress:
+    enabled: false
+    className: nginx
+    annotations:
+      nginx.ingress.kubernetes.io/rewrite-target: /
+    hosts:
+      - host: gotify.example.com
+        paths:
+          - path: /
+            pathType: Prefix
+  persistence:
+    enabled: true
+    size: 1Gi
+    storageClass: ""
+  service:
+    port: 1337
   env:
     TZ: "Europe/Berlin"
-    GOTIFY_DEFAULTUSER_PASS: "test1234"
-  volumeMountPath: /app/data
+    GOTIFY_DEFAULTUSER_PASS: "change_this_admin_password"
 
-igotify:
-  image: ghcr.io/androidseb25/igotify-notification-assist:latest
-  containerPort: 8080
-  servicePort: 1338
-  env:
-    IGOTIFY_CLIENT_TOKEN: "Cyirsn0q.hYe3si"
-    GOTIFY_SERVER_URL: "http://gotify"
-  volumeMountPath: /app/data
 
-persistence:
-  gotify:
-    enabled: true
-    size: 1Gi
-    storageClassName: ""
-  igotify:
-    enabled: true
-    size: 1Gi
-    storageClassName: ""
+# Default values for igotify.
+replicaCount: 1
 
-ingress:
-  enabled: false
-  className: nginx
-  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
-  gotifyHost: gotify.example.com
-  igotifyHost: igotify.example.com
+image:
+  #repository: ghcr.io/androidseb25/igotify-notification-assist
+  repository: cellexec/igotify
+  pullPolicy: IfNotPresent
+  tag: "latest"
+
+imagePullSecrets: []
+nameOverride: "igotify-notification"
+fullnameOverride: "igotify-notification"
 
 serviceAccount:
-  # Specifies whether a service account should be created
   create: true
-  # Automatically mount a ServiceAccount's API credentials?
   automount: true
-  # Annotations to add to the service account
   annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
   name: ""
 
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext:
+  fsGroup: 1000
+
+securityContext:
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+livenessProbe:
+  httpGet:
+    path: /version
+    port: 5000
+
+readinessProbe:
+  httpGet:
+    path: /version
+    port: 5000
+
 autoscaling:
   enabled: false
   minReplicas: 1
   maxReplicas: 100
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
+
+volumes: []
+# - name: igotify-data
+#   secret:
+#     secretName: mysecret
+#     optional: false
+
+# Additional volumeMounts on the output Deployment definition.
+volumeMounts: []
+# - name: igotify-data
+#   mountPath: "/app/data"
+#   readOnly: true
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}

From 33e6a92fbdd2b012fa28d727e0767fec7e65abc7 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 12:55:30 +0000
Subject: [PATCH 08/10] exclude prod values

---
 charts/igotify/.gitignore | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 charts/igotify/.gitignore

diff --git a/charts/igotify/.gitignore b/charts/igotify/.gitignore
new file mode 100644
index 0000000..b9f095d
--- /dev/null
+++ b/charts/igotify/.gitignore
@@ -0,0 +1 @@
+values.production.yaml

From f4c831c7e5f80b716923a6318fb72998758da323 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 13:18:53 +0000
Subject: [PATCH 09/10] remove remaining test port

---
 charts/igotify/values.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/charts/igotify/values.yaml b/charts/igotify/values.yaml
index cd707c3..985d34b 100644
--- a/charts/igotify/values.yaml
+++ b/charts/igotify/values.yaml
@@ -14,8 +14,6 @@ gotify:
     enabled: true
     size: 1Gi
     storageClass: ""
-  service:
-    port: 1337
   env:
     TZ: "Europe/Berlin"
     GOTIFY_DEFAULTUSER_PASS: "change_this_admin_password"

From 76551555b73df712ea76e3fd861e36bb0ba67d66 Mon Sep 17 00:00:00 2001
From: cellexec <cellexec@outlook.com>
Date: Wed, 28 May 2025 13:25:24 +0000
Subject: [PATCH 10/10] revert personal docker compose test before PR

---
 docker-compose.yaml | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 4a8ba1a..c2dfe11 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,21 +1,23 @@
+version: '3.8'
+
 services:
   gotify:
     container_name: gotify
     hostname: gotify
-    image: gotify/server:latest
+    image: gotify/server          # Uncommand correct server image
+    # image: gotify/server-arm7
+    # image: gotify/server-arm64
     restart: unless-stopped
     security_opt:
       - no-new-privileges:true
     networks:
       - net
-      - default
     ports:
-      - "1337:80"
+      - "8680:80"
     volumes:
-      - ./data:/app/data
+      - data:/app/data
     environment:
-      TZ:                       'Europe/Berlin'
-      GOTIFY_DEFAULTUSER_PASS:  'test1234'
+      GOTIFY_DEFAULTUSER_PASS:  'my-very-strong-password'   # Change me!!!!!
 
   igotify:
     container_name: igotify
@@ -27,18 +29,18 @@ services:
     pull_policy: always
     networks:
       - net
-      - default
     ports:
-      - "1338:8080"
-    environment:
-      - IGOTIFY_CLIENT_TOKEN='Cyirsn0q.hYe3si'
-      - GOTIFY_SERVER_URL="http://gotify"
+      - "8681:8080"
     volumes:
-      - ./api-data:/app/data
+      - api-data:/app/data
+    #environment:                 # option environment see above note
+    #  GOTIFY_URLS:          ''
+    #  GOTIFY_CLIENT_TOKENS: ''
+    #  SECNTFY_TOKENS:       ''
 
 networks:
   net:
 
 volumes:
   data:
-  api-data:
+  api-data:
\ No newline at end of file