From 27e668b7b4b416c8e983066a99427b91277c6e25 Mon Sep 17 00:00:00 2001
From: ddadmin <ddadmin@dot-dot.ru>
Date: Mon, 17 Mar 2025 22:49:22 +0300
Subject: [PATCH] first commit

---
 .env                                          |  11 ++
 .gitignore                                    |   5 +
 configs/mlatrucks/.env                        |  71 ++++++++++
 configs/mltorgtrans/.env                      |  68 ++++++++++
 configs/nginx/conf.d/dagster.dot-dot.ru.conf  |  25 ++++
 .../nginx/conf.d/ml-staging.dot-dot.ru.conf   |  37 +++++
 configs/nginx/conf.d/ml.dot-dot.ru.conf       |  49 +++++++
 configs/nginx/conf.d/mlflow.dot-dot.ru.conf   |  26 ++++
 configs/nginx/conf.d/superset.dot-dot.ru.conf |  25 ++++
 .../nginx/conf.d/torchserve.dot-dot.ru.conf   |  64 +++++++++
 configs/nginx/nginx.conf                      |  65 +++++++++
 configs/nginx/ssl/dot2023.crt                 |  89 ++++++++++++
 configs/nginx/ssl/dot2023.key                 |  51 +++++++
 configs/nginx/ssl/dot2024.crt                 | 107 +++++++++++++++
 configs/nginx/ssl/dot2024.key                 |  51 +++++++
 configs/traefik/conf.d/ middlewares.yml       |  19 +++
 configs/traefik/conf.d/dot2023.crt            |  89 ++++++++++++
 configs/traefik/conf.d/dot2023.key            |  51 +++++++
 configs/traefik/conf.d/global.yml             |  15 ++
 docker-compose.yml                            | 128 ++++++++++++++++++
 20 files changed, 1046 insertions(+)
 create mode 100644 .env
 create mode 100644 .gitignore
 create mode 100644 configs/mlatrucks/.env
 create mode 100644 configs/mltorgtrans/.env
 create mode 100644 configs/nginx/conf.d/dagster.dot-dot.ru.conf
 create mode 100644 configs/nginx/conf.d/ml-staging.dot-dot.ru.conf
 create mode 100644 configs/nginx/conf.d/ml.dot-dot.ru.conf
 create mode 100644 configs/nginx/conf.d/mlflow.dot-dot.ru.conf
 create mode 100644 configs/nginx/conf.d/superset.dot-dot.ru.conf
 create mode 100644 configs/nginx/conf.d/torchserve.dot-dot.ru.conf
 create mode 100644 configs/nginx/nginx.conf
 create mode 100644 configs/nginx/ssl/dot2023.crt
 create mode 100644 configs/nginx/ssl/dot2023.key
 create mode 100644 configs/nginx/ssl/dot2024.crt
 create mode 100644 configs/nginx/ssl/dot2024.key
 create mode 100644 configs/traefik/conf.d/ middlewares.yml
 create mode 100644 configs/traefik/conf.d/dot2023.crt
 create mode 100644 configs/traefik/conf.d/dot2023.key
 create mode 100644 configs/traefik/conf.d/global.yml
 create mode 100644 docker-compose.yml

diff --git a/.env b/.env
new file mode 100644
index 0000000..80f39fe
--- /dev/null
+++ b/.env
@@ -0,0 +1,11 @@
+COMPOSE_PROJECT_NAME=dd
+
+MYSQL_PORT=0.0.0.0:3306
+MYSQL_ROOT_PASSWORD=iis5YohThe2xahch8sah
+MYSQL_DATABASE=dot
+MYSQL_USER=dot
+MYSQL_PASSWORD=phai4Eeghequohyoowie
+
+
+MLTORGTRANS_TAG=master
+MLATRUCKS_TAG=master
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7cf27fd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+groozgo_parser
+ml_builder
+ml_builder_staging
+superset
+superset_old_3v
\ No newline at end of file
diff --git a/configs/mlatrucks/.env b/configs/mlatrucks/.env
new file mode 100644
index 0000000..cede42e
--- /dev/null
+++ b/configs/mlatrucks/.env
@@ -0,0 +1,71 @@
+APP_NAME="DOT-DOT MLATRUCKS"
+APP_ENV=production
+APP_KEY=base64:rjt6Sy7r9csxhvPHTIzs7/rIlJpuC1Rc6hAulPvcrKk=
+APP_DEBUG=false
+APP_TIMEZONE=UTC
+APP_URL=http://localhost
+APP_EMAIL_DOMAIN="dot-dot.ru"
+
+APP_LOCALE=ru
+APP_FALLBACK_LOCALE=ru
+APP_FAKER_LOCALE=ru_RU
+
+APP_MAINTENANCE_DRIVER=file
+# APP_MAINTENANCE_STORE=database
+
+BCRYPT_ROUNDS=12
+
+LOG_CHANNEL=stack
+LOG_STACK=single
+LOG_DEPRECATIONS_CHANNEL=null
+LOG_LEVEL=debug
+
+DEFAULT_DB_CONNECTION=default
+
+#Параметры подключения к базе
+DB_HOST=db
+DB_PORT=3306
+DB_DATABASE=ml_atrucks
+DB_USERNAME=root
+DB_PASSWORD=iis5YohThe2xahch8sah
+DB_CONNECTION=mysql
+
+
+
+SESSION_DRIVER=database
+SESSION_LIFETIME=120
+SESSION_ENCRYPT=false
+SESSION_PATH=/
+SESSION_DOMAIN=null
+
+BROADCAST_CONNECTION=log
+FILESYSTEM_DISK=local
+QUEUE_CONNECTION=database
+
+CACHE_STORE=database
+CACHE_PREFIX=
+
+MEMCACHED_HOST=127.0.0.1
+
+REDIS_CLIENT=phpredis
+REDIS_HOST=127.0.0.1
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+MAIL_MAILER=log
+MAIL_HOST=127.0.0.1
+MAIL_PORT=2525
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDRESS="hello@example.com"
+MAIL_FROM_NAME="${APP_NAME}"
+
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_DEFAULT_REGION=us-east-1
+AWS_BUCKET=
+AWS_USE_PATH_STYLE_ENDPOINT=false
+
+VITE_APP_NAME="${APP_NAME}"
+DOT_DOT_HOST=http://dot-dot.local
\ No newline at end of file
diff --git a/configs/mltorgtrans/.env b/configs/mltorgtrans/.env
new file mode 100644
index 0000000..1118601
--- /dev/null
+++ b/configs/mltorgtrans/.env
@@ -0,0 +1,68 @@
+APP_NAME="DOT-DOT torgtrans"
+APP_ENV=production
+APP_KEY=base64:YSdqiavko2+RJzLXL/0NIJdhnL/Lpow9IhzGE2OqCFw=
+APP_DEBUG=false
+APP_TIMEZONE=UTC
+APP_URL=http://localhost
+APP_EMAIL_DOMAIN="dot-dot.ru"
+
+APP_LOCALE=ru
+APP_FALLBACK_LOCALE=ru
+APP_FAKER_LOCALE=ru_RU
+
+APP_MAINTENANCE_DRIVER=file
+# APP_MAINTENANCE_STORE=database
+
+BCRYPT_ROUNDS=12
+
+LOG_CHANNEL=stack
+LOG_STACK=single
+LOG_DEPRECATIONS_CHANNEL=null
+LOG_LEVEL=debug
+
+DEFAULT_DB_CONNECTION=default
+
+#Параметры подключения к базе
+DB_HOST=db
+DB_PORT=3306
+DB_DATABASE=ml_torgtrans
+DB_USERNAME=root
+DB_PASSWORD=iis5YohThe2xahch8sah
+
+SESSION_DRIVER=database
+SESSION_LIFETIME=120
+SESSION_ENCRYPT=false
+SESSION_PATH=/
+SESSION_DOMAIN=null
+
+BROADCAST_CONNECTION=log
+FILESYSTEM_DISK=local
+QUEUE_CONNECTION=database
+
+CACHE_STORE=database
+CACHE_PREFIX=
+
+# MEMCACHED_HOST=127.0.0.1
+
+REDIS_CLIENT=phpredis
+REDIS_HOST=redis
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+MAIL_MAILER=log
+MAIL_HOST=127.0.0.1
+MAIL_PORT=2525
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDRESS="hello@example.com"
+MAIL_FROM_NAME="${APP_NAME}"
+
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_DEFAULT_REGION=us-east-1
+AWS_BUCKET=
+AWS_USE_PATH_STYLE_ENDPOINT=false
+
+VITE_APP_NAME="${APP_NAME}"
+DOT_DOT_HOST=http://dot-dot.local
\ No newline at end of file
diff --git a/configs/nginx/conf.d/dagster.dot-dot.ru.conf b/configs/nginx/conf.d/dagster.dot-dot.ru.conf
new file mode 100644
index 0000000..4cfa1a5
--- /dev/null
+++ b/configs/nginx/conf.d/dagster.dot-dot.ru.conf
@@ -0,0 +1,25 @@
+server {
+    listen 80;
+    server_name dagster.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name dagster.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://dagster:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
\ No newline at end of file
diff --git a/configs/nginx/conf.d/ml-staging.dot-dot.ru.conf b/configs/nginx/conf.d/ml-staging.dot-dot.ru.conf
new file mode 100644
index 0000000..7c60eb8
--- /dev/null
+++ b/configs/nginx/conf.d/ml-staging.dot-dot.ru.conf
@@ -0,0 +1,37 @@
+server {
+    listen 80;
+    server_name ml-api-staging.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name ml-api-staging.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://ml-api-staging:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+    location /metrics {
+        proxy_pass http://node-exporter:9100;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
diff --git a/configs/nginx/conf.d/ml.dot-dot.ru.conf b/configs/nginx/conf.d/ml.dot-dot.ru.conf
new file mode 100644
index 0000000..b74372a
--- /dev/null
+++ b/configs/nginx/conf.d/ml.dot-dot.ru.conf
@@ -0,0 +1,49 @@
+server {
+    listen 80;
+    server_name ml.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name ml.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://ml-api:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+    location /metrics {
+        proxy_pass http://node-exporter:9100;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+    location /cadvisor {
+        proxy_pass http://cadvisor:8080/metrics;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
\ No newline at end of file
diff --git a/configs/nginx/conf.d/mlflow.dot-dot.ru.conf b/configs/nginx/conf.d/mlflow.dot-dot.ru.conf
new file mode 100644
index 0000000..e312ca7
--- /dev/null
+++ b/configs/nginx/conf.d/mlflow.dot-dot.ru.conf
@@ -0,0 +1,26 @@
+server {
+    listen 80;
+    server_name mlflow.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name mlflow.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+	client_max_body_size 600m;
+        proxy_pass http://mlflow:80;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
diff --git a/configs/nginx/conf.d/superset.dot-dot.ru.conf b/configs/nginx/conf.d/superset.dot-dot.ru.conf
new file mode 100644
index 0000000..f362f6d
--- /dev/null
+++ b/configs/nginx/conf.d/superset.dot-dot.ru.conf
@@ -0,0 +1,25 @@
+server {
+    listen 80;
+    server_name superset.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name superset.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://superset_nginx:80;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
\ No newline at end of file
diff --git a/configs/nginx/conf.d/torchserve.dot-dot.ru.conf b/configs/nginx/conf.d/torchserve.dot-dot.ru.conf
new file mode 100644
index 0000000..39bf046
--- /dev/null
+++ b/configs/nginx/conf.d/torchserve.dot-dot.ru.conf
@@ -0,0 +1,64 @@
+server {
+    listen 80;
+    server_name torchserve.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name torchserve.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://torchserve:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+    location /metrics {
+        proxy_pass http://torchserve:8082;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+}
+
+server {
+    listen 80;
+    server_name tmanagement.dot-dot.ru;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name tmanagement.dot-dot.ru;
+
+    ssl_certificate /etc/nginx/ssl/dot2024.crt;
+    ssl_certificate_key /etc/nginx/ssl/dot2024.key;
+
+    location / {
+        proxy_pass http://torchserve:8081;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        chunked_transfer_encoding off;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+}
\ No newline at end of file
diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf
new file mode 100644
index 0000000..ebd2d87
--- /dev/null
+++ b/configs/nginx/nginx.conf
@@ -0,0 +1,65 @@
+user nginx;
+worker_processes 16;
+
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 10240;
+    use epoll;
+    multi_accept on;
+}
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    log_format upstream_time '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" rt=$request_time uct=$upstream_connect_time uht=$upstream_header_time urt=$upstream_response_time "$http_user_agent"';
+
+    log_format json escape=json '{'
+    '"time":"$time_iso8601",'
+    '"proxy_protocol_addr":"$proxy_protocol_addr",'
+    '"remote_addr":"$remote_addr",'
+    '"x-forward-for":"$proxy_add_x_forwarded_for",'
+    '"request_id":"$request_id",'
+    '"request":"$request",'
+    '"remote_user":"$remote_user",'
+    '"bytes_sent":"$bytes_sent",'
+    '"body_bytes_sent":"$body_bytes_sent",'
+    '"request_time":"$request_time",'
+    '"status":"$status",'
+    '"vhost":"$host",'
+    '"request_proto":"$server_protocol",'
+    '"path":"$uri",'
+    '"request_query":"$args",'
+    '"request_length":"$request_length",'
+    '"method":"$request_method",'
+    '"http_referrer":"$http_referer",'
+    '"http_user_agent":"$http_user_agent",'
+    '"upstream_addr":"$upstream_addr",'
+    '"upstream_latency":"$upstream_response_time",'
+    '"upstream_status":"$upstream_status",'
+    '"upstream_response_time":"$upstream_response_time",'
+    '"upstream_connect_time":"$upstream_connect_time",'
+    '"upstream_header_time":"$upstream_header_time",'
+    '"upstream_bytes_received":"$upstream_bytes_received",'
+    '"upstream_bytes_sent":"$upstream_bytes_sent",'
+    '"tls":"$ssl_protocol/$ssl_cipher"'
+    '}';
+
+    access_log /var/log/nginx/access.log json;
+
+    #    server_tokens off;
+    #    charset UTF-8;
+    #    sendfile on;
+    #    tcp_nopush on;
+    #    tcp_nodelay on;
+    #    keepalive_requests 1000;
+    #    keepalive_timeout 65;
+    #    #gzip  on;
+    client_max_body_size 30M;
+    map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+    }
+    resolver 127.0.0.11 ipv6=off valid=1s;
+    include /etc/nginx/conf.d/*.conf;
+}
\ No newline at end of file
diff --git a/configs/nginx/ssl/dot2023.crt b/configs/nginx/ssl/dot2023.crt
new file mode 100644
index 0000000..2de881a
--- /dev/null
+++ b/configs/nginx/ssl/dot2023.crt
@@ -0,0 +1,89 @@
+-----BEGIN CERTIFICATE-----
+MIIHQTCCBimgAwIBAgIMYVwKHoDdXb8WTFQpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
+BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
+bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEc0MB4XDTIzMDgwMjE0MTYxN1oXDTI0MDkw
+MjE0MTYxNlowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCV
+dDp4+ffuBFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9Cq
+VVT1F3s+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4Nex
+VqHnL4ClHvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZ
+yebOxix+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ON
+hUo3nNd8zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR
+2CCzy9maj4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7Or
+ikVdMcDb68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEe
+hdTSpoASD/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt
+/GmjwJlFCWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5A
+bRb6YRW+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivz
+jxcCAwEAAaOCA1YwggNSMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYw
+gYMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj
+ZXJ0L2FscGhhc3NsY2FzaGEyNTZnNC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9v
+Y3NwLmdsb2JhbHNpZ24uY29tL2FscGhhc3NsY2FzaGEyNTZnNDBXBgNVHSAEUDBO
+MAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwQQYDVR0f
+BDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9hbHBoYXNzbGNh
+c2hhMjU2ZzQuY3JsMCMGA1UdEQQcMBqCDCouZG90LWRvdC5ydYIKZG90LWRvdC5y
+dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUT8us
+qMLvq92Db2u/zpg9XFgldhUwHQYDVR0OBBYEFIt9yZp7jkyW2E7F5+NDJJmTMtN/
+MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModG
+fLzs3sNRSFlGcR+1mwAAAYm2m1GuAAAEAwBHMEUCIQDVSAsUx+m51oyOz+83SGL2
+JpUGiUKiXgInZsWbG25VygIgLF23BEmAoRV+PFPclVuHrztd4lQecA+32tvUZ3xf
+OWQAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYm2m07AAAAE
+AwBGMEQCIE14pWcPqQC25z/q0FR5PaU+xIilbLwXvYm1UvJSajPDAiBEYH/fq9iP
+pnK9z+7aLua2mh6uF2RMHRtcE/nbsr2tcQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7
+UYSFNL2kPTBI1/urAAABibabTscAAAQDAEcwRQIgQlo7NdtTa6cyiAKdsfozkLMQ
+wt+D4WZCcdzk9GYul74CIQCa7MvbM4pP0jSLN6MYWPEAt0hXiDzHKihtVt0ChW0R
+qDANBgkqhkiG9w0BAQsFAAOCAQEAB338wY8/u9tawPiCdr6dD10SO9+mQNCv83xI
+Qa7IQ/33VQUMQ6qCMYTLZqu7c/e1x587UG7TLf0I3awEfBbLeMkTJKEooCK9VG3O
+nfWD/lTwvr13lEpKuEEx643eqirxJEv3bQTHpQBn1Pkm9Svw/LJWi/bUKg0VNjYs
+jQrZYH0q3jzx3dV3S5hUCjGL6d0tflD5w5YHWWMaEuVsn7yYovAROKnYOWuVisPJ
+YRA6cADR39usU1CyLTSb50PHUOosnp+YqZCzVkU2Z/gPLyXjiRKU6wou8baSoDHu
+KoxoGK4YfjizRTAdEexD+LHh0s1Ev6gr9OetJWPjbhghNGPIbw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCA3KgAwIBAgIQfU1CqStDHX5kU+fBmo1YdzANBgkqhkiG9w0BAQsFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIyMTAx
+MjAzNDk0M1oXDTI3MTAxMjAwMDAwMFowTDELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExIjAgBgNVBAMTGUFscGhhU1NMIENBIC0gU0hBMjU2
+IC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJCmVZhWIPzOH
+A3jP1QwkuDFT8/+DImyZlSt85UpZwq7G0Sqd+n8gLlHIZypQkad5VkT7OLU+MI78
+lC7LVwxpU19ExlaWL67ANyWG8XHx3AJFQoZhuDbvUeNzRQyQs6XS5wN6uDlF0Bf1
+AtCUQWrGGLGYwyC1xTrzgrFKpESsIXMqklUGTsh8i7DKZhRUVfgrPLJUkbbLUrLY
+42+KRCiwfSvBloC5PgDYnj3oMZ1aTe3Wfk3l1I4D3RKaJ4PU1qHXhHJOge2bjGIG
+l6MsaBN+BB2sr6EnxX0xnMIbew2oIfOFoLqs47vh/GH4JN0qql2WBHfDPVDm3b+G
+QxY6N/LXAgMBAAGjggFbMIIBVzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE
+FE/LrKjC76vdg29rv86YPVxYJXYVMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTN
+NKj//P1LMHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au
+Z2xvYmFsc2lnbi5jb20vcm9vdHIxMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl
+Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIxLmNydDAzBgNVHR8ELDAqMCig
+JqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMCEGA1UdIAQa
+MBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggEBABol
+9nNkiECpWQenQ7oVP1FhvRX/LWTdzXpdMmp/SELnEJhoOe+366E0dt8tWGg+ezAc
+DPeGYPmp83nAVLeDpji7Nqu8ldB8+G/B6U9GB8i2DDIAqSsFEvcMbWb5gZ2/DmRN
+cifGi9FKAuFu2wyft4s4DHwzL2CJ2zjMlUOM3RaE1cxuOs+Om6MCD9G7vnkAtSiC
+/OOfHO902f4yI2a48K+gKaAf3lISFXjd32pwQ21LpM3ueIGydaJ+1/z8nv+C7SUT
+5bHoz7cYU27LUvh1n2WSNnC6/QwFSoP6gNKa4POO/oO13xjhrLRHJ/04cKMbRALt
+JWQkPacJ8SJVhB2R7BI=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/configs/nginx/ssl/dot2023.key b/configs/nginx/ssl/dot2023.key
new file mode 100644
index 0000000..22d8c80
--- /dev/null
+++ b/configs/nginx/ssl/dot2023.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCVdDp4+ffu
+BFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9CqVVT1F3s+
+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4NexVqHnL4Cl
+HvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZyebOxix+
+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ONhUo3nNd8
+zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR2CCzy9ma
+j4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7OrikVdMcDb
+68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEehdTSpoAS
+D/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt/GmjwJlF
+CWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5AbRb6YRW+
+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivzjxcCAwEA
+AQKCAgEAri0Pi8KOI348uW9ZnPzuwT7hXvy3IZs1Uzo5hqPu1XqtOEm+8RRbhUC0
+azuumYMfAKDhGxzlAy3JqgJQrrnSEfLFFPFifbEjjY1bIckK82K75SPSn+m2lEro
+QvGpH1iE4krKt6geX/ZVX29a9vAqLbXrdUQavDFJtXAJq3R8IgLMWUT2OE1utyD5
+FoNmFfz5N7x8daMdtvUBMagwxqYU4iKn2/IRH7tpPm3dACxdW78fMYrkJy32D8Ld
+3uBjJXOl7/9iFc+GsSbhD9utyw+YYRTBVTfVf1cpvdeIF1eHPIGQvxTkctV7Hfhu
+F4NsL3aH9gh2Rdc9pjtJ2RxfX70DZUJ+mDguAwkVDeLlrxUqanqRAUew9mw4yqFd
+Jni5MeSU6+1aSA6rDlCMsXdpaIfozcj9UHfvs8aNTLV0iHs6QG0NVOJhm/DtzPfb
+SFQhtJ93CPeuWqdNylFiq0mdhHv09RWiSXOwDZbRmZGdfR8KVEg91LBLw9v+F51L
+ewSFZMH6akr+6H6D1kjLumAQsUF6nEsPpVoRZHzvlpUVUKV7q+BI1N/Fqlncw9I+
+9IysFimQbfx9itFlzNfMYOQ1pfP51nuiCflojlOJUP4n3YnzdJA37AwXSZYndyiW
+PsX5CWYEOn+IW8TnS9ZoGT1YfsOnNx0oDW6RTu+5m7LjNvnu8jECggEBAO3onsfT
+oU/E8AAFf3FVNrGI4GuUWu9Nl1+vClMFRpyOeiSafVvodXg6fgckhOr8KQlfwB1r
+QBXz/zkUKV3lWGuONx4z9NAlUB5Nvb3uHof6nWgE4ZZ74CjXR3IZM9WlbcOxB4YV
+KjBT+IgvbKv7UdbKGpFq/wZWT1t8MwbjcDcwLSvxXcZOF/VQB7EJftht24Z5Mqfn
+B8u2Z6afS2VlX3GbVg8ymsT+ohrKZSsIScrD/c52rDUkiIYldLSljRBaRCxlXwBx
+kUMNQvYMtRSv/b22cSAZDXV8vN8gby7XZMM6f3UKYF9BCbxbJvpwbGOsBqrsWySo
+JwiayvBMw8kNn9sCggEBAN93KqwxIKplr8yaLc9vFqXR/dLIJkK2YvaYTK9NjGVb
+4U5Z18K+Yv57dy7M7sDay61uHG52YEpbiyALD+XaVcWpYBNOvuNiu35Oa4WOdV7N
+4yU5+DcjhgJySeiQ64NW8s88yD6pmHzFxXYgKkLkkr2EqaL+yvCYVCs1o5bV0boo
+2Y8n8UxjgLSxVWHWALW38IfbI1nkK/IabWO1hl1m8pdXaPZax68NIp3R8YFyWHep
+JiJryUAtSbo3QLdXM90OFPLtiSY1faHcvzb7FZ6ux8RKbbXAIkNTcjnf66AQhVNp
+jykYRcALX+r+Xj6RLPypwniGDqlhao1dlw2s+VokgHUCggEBALTj2EaLrO1gCjOZ
++oqLhih6sFhb1sB5OI1yI+F383Z6BnjqVkKZfyfJIaYAqGebDwCnowU7VODcQsR9
+he50wUQWP+ZhDtVsaXyBE7Hj6abucNx0SaoHyiqDdTlV3EmnnMvcQKI8WXWhgyjZ
+FkG1t0YfKRBEUF/bJD+lMY8dQ2dS5CWzQd/T5PeKwC5lz+JztSSL5m4vhYfoyuqv
+173i1C0nNModafw6t7qzBTUw+hqH5uUi6lEF1CBbPl9UOOukFo3DDfbiYtaesLkw
+dEakgcPLgjwrkEYyb9Efciolb+HZCqxNFXWXl/V1QS/OZztpwzAWwj4e9H7gY0lO
+tNab210CggEAJtLTTRsz66bDBi77KoDIVILJMGepjgmV4/XNzN8SN0HhQPWG8MSW
++lOE/1KHYGYi4Lyyn9ZdIE4LO8PwPSTTpgWpNXGG5IZwwJ7rO0bmyVPH1N3fa+T2
+EVK92HPlFupyQOL0fz6DyZmqlr072mdPvzFfL3xI0cgFR4SIKVp4l3klYyOzXmwj
+HkF47gh6Exgj59aAq8tifytsOdh9wZhzKSv8hmB7NMR5cSXaaXzuNcvjXjOPwWCc
+4Idc7P1ve0ZJCXOPUl4Ut5xcdDbnKKyA9G9h5CO/UCcdP0TR8PstzrIWNzOKWrUf
+MvqCcShTwonTyZCw12ifVHQgHDYjFDAnSQKCAQAqlEkgCuA9ObOsj7W4KM/OjWd/
+wK8EC9oESdBOl9fn/pAktyh73GYYsIqwaHFRDcTLr74ULdqx+4vsOvCXl0wMMFOq
+iAZdba8CYtjFVDudJf3oJceSHiITocJqo4H4zOxeL0K1ssoX5caN5kYzYufCfKKH
+dGEPWnI+l3akR1kqHL6Xoq0YluPGh6PhkV2X6tuUf4G5K1NEdT4+KE1IeJqFviLd
+mOE5sErWyUrQotsI2n14gsdONOwS0FkElGlEZgCPu2uiXhrYeUf+R4r/V3MNtwVl
+aFk8InJnkfr7XitOv/Q+eJThwhnnNCrefLj/x9vAHUrNvRf+NpKr1xSDk9fk
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
diff --git a/configs/nginx/ssl/dot2024.crt b/configs/nginx/ssl/dot2024.crt
new file mode 100644
index 0000000..c3da3d4
--- /dev/null
+++ b/configs/nginx/ssl/dot2024.crt
@@ -0,0 +1,107 @@
+-----BEGIN CERTIFICATE-----
+MIIHVjCCBj6gAwIBAgIMUR4H/7XMBL9Q9JAXMA0GCSqGSIb3DQEBCwUAMFUxCzAJ
+BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSswKQYDVQQDEyJH
+bG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAyMDIzMB4XDTI0MDgxNDA0MjQz
+MVoXDTI1MDkxNTA0MjQzMFowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPle
+RZg0Egj+gqyiGa/RXjpWm0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZ
+UW4lMYiEwF9jSXINlfuzgKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wq
+EEE6YC09OjFRbErlF1jAFL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897
+zrUwbF7aYTGwKotk6w11L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9Zr
+nJl0x+3/4XSS7ogcInUdFopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy1
+6WTDLdIsCNzZpiRvbPxbxvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2
+/wifmes9OlfoAV/QlrpehpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIi
+LfpzmlqCC9EXrK0GWTl/K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6
+dtLhP3LjN+lvR7BNKTCNhafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9t
+oiSch6x4O/aLyFY3aO4/GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+u
+wd7w3gTvSLWR3DcCAwEAAaOCA2IwggNeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMIGZBggrBgEFBQcBAQSBjDCBiTBJBggrBgEFBQcwAoY9aHR0cDovL3Nl
+Y3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyNmFscGhhc3NsY2EyMDIz
+LmNydDA8BggrBgEFBQcwAYYwaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nn
+Y2NyNmFscGhhc3NsY2EyMDIzMFcGA1UdIARQME4wCAYGZ4EMAQIBMEIGCisGAQQB
+oDIKAQMwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v
+cmVwb3NpdG9yeS8wRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5nbG9iYWxz
+aWduLmNvbS9nc2djY3I2YWxwaGFzc2xjYTIwMjMuY3JsMCMGA1UdEQQcMBqCDCou
+ZG90LWRvdC5ydYIKZG90LWRvdC5ydTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwHwYDVR0jBBgwFoAUvQW384qTPHPLefoPhRKhd5YYkXQwHQYDVR0OBBYE
+FEFaB0lwsh68jY4d3zGJ8RSUenjoMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA
+dQCvGBoo1oyj4KmKTJxnqwn4u7wiuq68sTijoZ3T+bYDDQAAAZFPIWD2AAAEAwBG
+MEQCIBr9tqm+1D7C4ecXmA7ne6gHVeLgGOFf3jjnYdz80JWhAiASjtZlH8rYzLwF
+3AX/Cfo+7KfRG+mbk2FY9OKJuu7bWgB1ABLxTjS9U3JMhAYZw48/ehP457Vih4ic
+bTAFhOvlhiY6AAABkU8hYO0AAAQDAEYwRAIgSFiFncqd8KmZrv8brFZAaKzbCjR1
+GU5ygJCv2K9xWnsCIFuwzf8leBa2eSKvSY7MCUgxXgRFl7rYjPjc6Foap0hyAHcA
+DeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGRTyFhEgAABAMASDBG
+AiEAxlxp+G3ArhozCos4yDTtLSB4sZ8496/R0WAlUqRLeRYCIQDKszlCeQNZB83Y
+XGVCkPV+unVCmfKuuUJei1Md9GHjhjANBgkqhkiG9w0BAQsFAAOCAQEAg/1URGZb
+xq8lMzrDb95Exkqm45FHLVbifPBSqiyCVtqa9VWDkyAQqCHhaCCB0N1YmCZGbXZy
+HefWc8f/v4Kxam/8IpUXAH7U7sWZhX6p1yRn6Z5+FnWoyr1I6t/tDv1yBvB2EsKe
+jJPLLPq41Aw6QP5EZ8Eks1VREW5aq2a+8WDJKnL3CCCtlIBh6cntADzZBBE2Zb2E
+0/lM83sGLj9vAFw/PIkE/OCVobtpcj56O1UYZs/RDbLNhPUmhUhpSHSaiWU7VXeR
+PoLgStsJrBZTSg1bdj8HK32lTzKcYspWwvjzbPclllxGzqKLTIdtCA9SbIl+363n
+YMEkGJPyfIu4uQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjDCCA3SgAwIBAgIQfx8skC6D0OO2+zvuR4tegDANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMzA3MTkwMzQzMjVaFw0y
+NjA3MTkwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAy
+MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00Jvk5ADppO0rgDn
+j1M14XIb032Aas409JJFAb8cUjipFOth7ySLdaWLe3s63oSs5x3eWwzTpX4BFkzZ
+bxT1eoJSHfT2M0wZ5QOPcCIjsr+YB8TAvV2yJSyq+emRrN/FtgCSTaWXSJ5jipW8
+SJ/VAuXPMzuAP2yYpuPcjjQ5GyrssDXgu+FhtYxqyFP7BSvx9jQhh5QV5zhLycua
+n8n+J0Uw09WRQK6JGQ5HzDZQinkNel+fZZNRG1gE9Qeh+tHBplrkalB1g85qJkPO
+J7SoEvKsmDkajggk/sSq7NPyzFaa/VBGZiRRG+FkxCBniGD5618PQ4trcwHyMojS
+FObOHQIDAQABo4IBXzCCAVswDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS9
+BbfzipM8c8t5+g+FEqF3lhiRdDAfBgNVHSMEGDAWgBSubAWjkxPioufi1xzWx/B/
+yGdToDB7BggrBgEFBQcBAQRvMG0wLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n
+bG9iYWxzaWduLmNvbS9yb290cjYwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUu
+Z2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjYuY3J0MDYGA1UdHwQvMC0wK6Ap
+oCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yNi5jcmwwIQYDVR0g
+BBowGDAIBgZngQwBAgEwDAYKKwYBBAGgMgoBAzANBgkqhkiG9w0BAQsFAAOCAgEA
+fMkkMo5g4mn1ft4d4xR2kHzYpDukhC1XYPwfSZN3A9nEBadjdKZMH7iuS1vF8uSc
+g26/30DRPen2fFRsr662ECyUCR4OfeiiGNdoQvcesM9Xpew3HLQP4qHg+s774hNL
+vGRD4aKSKwFqLMrcqCw6tEAfX99tFWsD4jzbC6k8tjSLzEl0fTUlfkJaWpvLVkpg
+9et8tD8d51bymCg5J6J6wcXpmsSGnksBobac1+nXmgB7jQC9edU8Z41FFo87BV3k
+CtrWWsdkQavObMsXUPl/AO8y/jOuAWz0wyvPnKom+o6W4vKDY6/6XPypNdebOJ6m
+jyaILp0quoQvhjx87BzENh5s57AIOyIGpS0sDEChVDPzLEfRsH2FJ8/W5woF0nvs
+BTqfYSCqblQbHeDDtCj7Mlf8JfqaMuqcbE4rMSyfeHyCdZQwnc/r9ujnth691AJh
+xyYeCM04metJIe7cB6d4dFm+Pd5ervY4x32r0uQ1Q0spy1VjNqUJjussYuXNyMmF
+HSuLQQ6PrePmH5lcSMQpYKzPoD/RiNVD/PK0O3vuO5vh3o7oKb1FfzoanDsFFTrw
+0aLOdRW/tmLPWVNVlAb8ad+B80YJsL4HXYnQG8wYAFb8LhwSDyT9v+C1C1lcIHE7
+nE0AAp9JSHxDYsma9pi4g0Phg3BgOm2euTRzw7R0SzU=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg
+MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx
+MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET
+MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI
+xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k
+ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD
+aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw
+LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw
+1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX
+k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2
+SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h
+bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n
+WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY
+rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce
+MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu
+bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN
+nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt
+Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61
+55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj
+vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf
+cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz
+oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp
+nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs
+pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v
+JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R
+8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4
+5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/configs/nginx/ssl/dot2024.key b/configs/nginx/ssl/dot2024.key
new file mode 100644
index 0000000..50b5bbd
--- /dev/null
+++ b/configs/nginx/ssl/dot2024.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPleRZg0Egj+gqyiGa/RXjpW
+m0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZUW4lMYiEwF9jSXINlfuz
+gKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wqEEE6YC09OjFRbErlF1jA
+FL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897zrUwbF7aYTGwKotk6w11
+L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9ZrnJl0x+3/4XSS7ogcInUd
+Fopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy16WTDLdIsCNzZpiRvbPxb
+xvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2/wifmes9OlfoAV/Qlrpe
+hpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIiLfpzmlqCC9EXrK0GWTl/
+K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6dtLhP3LjN+lvR7BNKTCN
+hafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9toiSch6x4O/aLyFY3aO4/
+GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+uwd7w3gTvSLWR3DcCAwEA
+AQKCAgBHE8zU2D9r1mZl3ymigyTgUdte/AAhvzn92rq/N29i0PFbGRV+B1FCnza1
+AWakcdykPMZX8Vg6iyCnKyzeBrZHSVFOw6/O5+jyB0XLKbyJRoSLgC0dLh26vdCW
+pPnAIC1e40Lf6xJYraoQHBCcVDD0fE/MRRNPN3up62FEil18zv1GwQOglIjJRhK9
+1eE20EuhZiZjo37vDyhyFX2ZQ43FIX6/2eZttXyHO9A8I1e7CL8c+xVmVS6vmcOM
+xqkJvgNtNQ7zvmjMOTVzsAuI4yEMOyrXEZEJsWZJobxBSforMb/iuDtV9k+Ap/z8
+m9nxfLQtkjj6Qvm4U9JrrLC0IJ6nFC1Xnxx71YuwVsjvJhDidS30OSRfKTnJrRBA
+Elx42ymkWuYgsw7Tt50ePGNTU6YlfrRZC/nA/65vnknzR6y7BSo+X7BdPMXKf2Kh
+sFossaKbdk3FGLoNBmame4pTirR17ogE2vvNhRn2v7bs76/der6uKQkTmcWHExbB
+hURVXxqaNwW3nH3rL7ooByno2zaNPbX3KgI8auUqKq66lnxG5+Ggdsl2B+yQF5x/
+S4vAAb+eJlBeFcMqvBzjLKnN5mQ0j9Cw/svvl+ckdCxVriH4EmHe4WmS6L3JbG44
+P+D4ttRL2LON1BVySB659iCzZ8Ru+774yr7NvBwsUDf1ONqaQQKCAQEA+95aRS+C
+YrFcI2YoePb2+49CT9+bzQZEU6c+JMKEiSGHe+1gGVKwqLqwa8KPe9glhi/389Hg
+cGFdBotrZtBM2G3QMF5VtN7LYKYqVSzMGcSmrtUU0o40pTk1mdY4zGnEjeH9c/Mr
+7S5mTgQGKCCC40dAUrwVIJkqPWDCfUmLwMX85UhKaAT4jbeKcczvdGmPtugimoBD
+Yc3w2U7VqEKH2LaOvpGP5rK2+dINJhYds+TesMjUV5+a1PfDWJwyjExwH9mYTHuR
+Ja9Spu8W6sFjwCJg0O2vdGTfSKHyHYEdR+ABhLb1nE7w/MOFSYCCpTLhUOXkiQSC
+gm2Pq3XKrD6JpwKCAQEA9dnw3gwXs1qPlS4Rv2v+6vomRb9ZIxLQozGf1Vtq97qV
+jB8xPXD+6tQRfu8zGxa0n8gDjYVE92BpH5bNZ51K2Xe7Ug2hnoVutOKBO31i1o7d
+PXUqzbi7666i86oU5ypJEd/Djc17ihmhWX2dWoZr7UODCbTobiODtibMcbqmaJKz
+9bR8P63o/DdRhrHkRRtknImwZHZ/8TNbJpTs3BT9QSfXB7FmphGPUR2JhDhyWaOm
+vByVw3oMzb2getBAeHHPbEK8bygBQkKSN0Sv0hOHfU3vsPIudD0At6zXxESx86hs
+QYz8Bgt0vdkDZdsCGVy/ZbH7fQUBxnX0Pj8duthK8QKCAQAtYEbFFiUYYLmnyvzZ
+piyi75FT0IZCLrHanFPOzZiRGBBPnFlm1oXrMA8equOsvSktfrDeJV6ZAIGA71c/
+I6HkkAwk2qn4NvdPB0CzLanrrokVEGB6+pGzfpYQjA6ZjSiTIzbFT/cG+QgHYCQ3
+0HukNK76+NWZlN6ORkNjzP83kLPaHucAzHx3E60GiZROVcJFgpbRXPBGy5JrpA9M
+DAhrW6Bl5tWVC3d5lIU36l4Zjc8s7FGNI70CR0zTRvi4XAELS+lrRgvFTUvHtWVc
+j9DHyanFmjy07INpk3uKIzvCOjIr1cZ0DajO8O6vak6fMoZzS6ebo8tbch+jFUqZ
+M38bAoIBAQCZRLKWK6HG7alfzmXAGbrFkQe1KdKPPBaX9sL3R1PLdyXuQi/3Zu91
+RJpXsRYCSEh46D/WxYO2WQOQbvpFI1lbc/py8A6W/gaDfEYm6UdqDYy92MLDl+yH
+xMrP73OynbkKDJ8kUzs2YD4nxVkI645zT0htD7xrlXZyY4PHTx6ZSQQqJMflBy2d
+t3r65wIxVx+FO42dRAcFPwgPaH61wdwU95plsGIXHBFl920Y4fvgCFdVJNj1EazT
+wuk+R4A51nICwyQohB8syMXQ8OBPrl8kbicFACaXzsQYvgeR02XBSnma8CLaPeAc
+zyMAJ+YKG7ky1B+91BZEPJr1B3IoXtlxAoIBADilYIz2QK+MjhkaTroe3B80yPn9
+HEZrJU97fWbwFxgj2prITitwVg4wo98/+bnyFyJUESVMZBaiE8zShHW5gmXMdChS
+DUTKIp9qPB6+YHDnqixgKvRNdR8F2UErxD6Q+sqa9+w7KMjhQirEm7Ffpy+hGqKm
+fT7mMAWNIV43QaHXD40xakJ+uIqjhXa09V1M+nUbhn9W6Tyqv6i5xu3iNd86MzEh
+3QCbDqjtE8Dr2DcTkRXLECG9tiQHi5q0OOJPzn0bNoUFQPT8gJ3p14Q7kzhPnXo2
+qjItUwFJxX+pPx6GQgNt7BYOxRVX34VWH3iaqTVtzCLX5xpUs1fx77bZ+ww=
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
diff --git a/configs/traefik/conf.d/ middlewares.yml b/configs/traefik/conf.d/ middlewares.yml
new file mode 100644
index 0000000..bc84ae5
--- /dev/null
+++ b/configs/traefik/conf.d/ middlewares.yml	
@@ -0,0 +1,19 @@
+http:
+  middlewares:
+    middlewares-secure-headers:
+      headers:
+        hostsProxyHeaders:
+          - "X-Forwarded-Host"
+          - "X-Forwarded-Uri"
+          - "X-Forwarded-Proto"
+        stsSeconds: 63072000
+        stsIncludeSubdomains: true
+        stsPreload: true
+        forceSTSHeader: true
+        contentTypeNosniff: true
+        browserXssFilter: true
+        referrerPolicy: "same-origin"
+        permissionsPolicy: "camera=(), microphone=(), geolocation=(), payment=(), usb=(), vr=()"
+        customResponseHeaders:
+          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex,noindex,nofollow"
+          Server: ""
\ No newline at end of file
diff --git a/configs/traefik/conf.d/dot2023.crt b/configs/traefik/conf.d/dot2023.crt
new file mode 100644
index 0000000..2de881a
--- /dev/null
+++ b/configs/traefik/conf.d/dot2023.crt
@@ -0,0 +1,89 @@
+-----BEGIN CERTIFICATE-----
+MIIHQTCCBimgAwIBAgIMYVwKHoDdXb8WTFQpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
+BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
+bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEc0MB4XDTIzMDgwMjE0MTYxN1oXDTI0MDkw
+MjE0MTYxNlowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCV
+dDp4+ffuBFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9Cq
+VVT1F3s+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4Nex
+VqHnL4ClHvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZ
+yebOxix+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ON
+hUo3nNd8zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR
+2CCzy9maj4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7Or
+ikVdMcDb68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEe
+hdTSpoASD/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt
+/GmjwJlFCWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5A
+bRb6YRW+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivz
+jxcCAwEAAaOCA1YwggNSMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYw
+gYMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj
+ZXJ0L2FscGhhc3NsY2FzaGEyNTZnNC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9v
+Y3NwLmdsb2JhbHNpZ24uY29tL2FscGhhc3NsY2FzaGEyNTZnNDBXBgNVHSAEUDBO
+MAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwQQYDVR0f
+BDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9hbHBoYXNzbGNh
+c2hhMjU2ZzQuY3JsMCMGA1UdEQQcMBqCDCouZG90LWRvdC5ydYIKZG90LWRvdC5y
+dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUT8us
+qMLvq92Db2u/zpg9XFgldhUwHQYDVR0OBBYEFIt9yZp7jkyW2E7F5+NDJJmTMtN/
+MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModG
+fLzs3sNRSFlGcR+1mwAAAYm2m1GuAAAEAwBHMEUCIQDVSAsUx+m51oyOz+83SGL2
+JpUGiUKiXgInZsWbG25VygIgLF23BEmAoRV+PFPclVuHrztd4lQecA+32tvUZ3xf
+OWQAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYm2m07AAAAE
+AwBGMEQCIE14pWcPqQC25z/q0FR5PaU+xIilbLwXvYm1UvJSajPDAiBEYH/fq9iP
+pnK9z+7aLua2mh6uF2RMHRtcE/nbsr2tcQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7
+UYSFNL2kPTBI1/urAAABibabTscAAAQDAEcwRQIgQlo7NdtTa6cyiAKdsfozkLMQ
+wt+D4WZCcdzk9GYul74CIQCa7MvbM4pP0jSLN6MYWPEAt0hXiDzHKihtVt0ChW0R
+qDANBgkqhkiG9w0BAQsFAAOCAQEAB338wY8/u9tawPiCdr6dD10SO9+mQNCv83xI
+Qa7IQ/33VQUMQ6qCMYTLZqu7c/e1x587UG7TLf0I3awEfBbLeMkTJKEooCK9VG3O
+nfWD/lTwvr13lEpKuEEx643eqirxJEv3bQTHpQBn1Pkm9Svw/LJWi/bUKg0VNjYs
+jQrZYH0q3jzx3dV3S5hUCjGL6d0tflD5w5YHWWMaEuVsn7yYovAROKnYOWuVisPJ
+YRA6cADR39usU1CyLTSb50PHUOosnp+YqZCzVkU2Z/gPLyXjiRKU6wou8baSoDHu
+KoxoGK4YfjizRTAdEexD+LHh0s1Ev6gr9OetJWPjbhghNGPIbw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCA3KgAwIBAgIQfU1CqStDHX5kU+fBmo1YdzANBgkqhkiG9w0BAQsFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIyMTAx
+MjAzNDk0M1oXDTI3MTAxMjAwMDAwMFowTDELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExIjAgBgNVBAMTGUFscGhhU1NMIENBIC0gU0hBMjU2
+IC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJCmVZhWIPzOH
+A3jP1QwkuDFT8/+DImyZlSt85UpZwq7G0Sqd+n8gLlHIZypQkad5VkT7OLU+MI78
+lC7LVwxpU19ExlaWL67ANyWG8XHx3AJFQoZhuDbvUeNzRQyQs6XS5wN6uDlF0Bf1
+AtCUQWrGGLGYwyC1xTrzgrFKpESsIXMqklUGTsh8i7DKZhRUVfgrPLJUkbbLUrLY
+42+KRCiwfSvBloC5PgDYnj3oMZ1aTe3Wfk3l1I4D3RKaJ4PU1qHXhHJOge2bjGIG
+l6MsaBN+BB2sr6EnxX0xnMIbew2oIfOFoLqs47vh/GH4JN0qql2WBHfDPVDm3b+G
+QxY6N/LXAgMBAAGjggFbMIIBVzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE
+FE/LrKjC76vdg29rv86YPVxYJXYVMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTN
+NKj//P1LMHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au
+Z2xvYmFsc2lnbi5jb20vcm9vdHIxMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl
+Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIxLmNydDAzBgNVHR8ELDAqMCig
+JqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMCEGA1UdIAQa
+MBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggEBABol
+9nNkiECpWQenQ7oVP1FhvRX/LWTdzXpdMmp/SELnEJhoOe+366E0dt8tWGg+ezAc
+DPeGYPmp83nAVLeDpji7Nqu8ldB8+G/B6U9GB8i2DDIAqSsFEvcMbWb5gZ2/DmRN
+cifGi9FKAuFu2wyft4s4DHwzL2CJ2zjMlUOM3RaE1cxuOs+Om6MCD9G7vnkAtSiC
+/OOfHO902f4yI2a48K+gKaAf3lISFXjd32pwQ21LpM3ueIGydaJ+1/z8nv+C7SUT
+5bHoz7cYU27LUvh1n2WSNnC6/QwFSoP6gNKa4POO/oO13xjhrLRHJ/04cKMbRALt
+JWQkPacJ8SJVhB2R7BI=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/configs/traefik/conf.d/dot2023.key b/configs/traefik/conf.d/dot2023.key
new file mode 100644
index 0000000..22d8c80
--- /dev/null
+++ b/configs/traefik/conf.d/dot2023.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCVdDp4+ffu
+BFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9CqVVT1F3s+
+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4NexVqHnL4Cl
+HvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZyebOxix+
+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ONhUo3nNd8
+zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR2CCzy9ma
+j4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7OrikVdMcDb
+68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEehdTSpoAS
+D/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt/GmjwJlF
+CWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5AbRb6YRW+
+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivzjxcCAwEA
+AQKCAgEAri0Pi8KOI348uW9ZnPzuwT7hXvy3IZs1Uzo5hqPu1XqtOEm+8RRbhUC0
+azuumYMfAKDhGxzlAy3JqgJQrrnSEfLFFPFifbEjjY1bIckK82K75SPSn+m2lEro
+QvGpH1iE4krKt6geX/ZVX29a9vAqLbXrdUQavDFJtXAJq3R8IgLMWUT2OE1utyD5
+FoNmFfz5N7x8daMdtvUBMagwxqYU4iKn2/IRH7tpPm3dACxdW78fMYrkJy32D8Ld
+3uBjJXOl7/9iFc+GsSbhD9utyw+YYRTBVTfVf1cpvdeIF1eHPIGQvxTkctV7Hfhu
+F4NsL3aH9gh2Rdc9pjtJ2RxfX70DZUJ+mDguAwkVDeLlrxUqanqRAUew9mw4yqFd
+Jni5MeSU6+1aSA6rDlCMsXdpaIfozcj9UHfvs8aNTLV0iHs6QG0NVOJhm/DtzPfb
+SFQhtJ93CPeuWqdNylFiq0mdhHv09RWiSXOwDZbRmZGdfR8KVEg91LBLw9v+F51L
+ewSFZMH6akr+6H6D1kjLumAQsUF6nEsPpVoRZHzvlpUVUKV7q+BI1N/Fqlncw9I+
+9IysFimQbfx9itFlzNfMYOQ1pfP51nuiCflojlOJUP4n3YnzdJA37AwXSZYndyiW
+PsX5CWYEOn+IW8TnS9ZoGT1YfsOnNx0oDW6RTu+5m7LjNvnu8jECggEBAO3onsfT
+oU/E8AAFf3FVNrGI4GuUWu9Nl1+vClMFRpyOeiSafVvodXg6fgckhOr8KQlfwB1r
+QBXz/zkUKV3lWGuONx4z9NAlUB5Nvb3uHof6nWgE4ZZ74CjXR3IZM9WlbcOxB4YV
+KjBT+IgvbKv7UdbKGpFq/wZWT1t8MwbjcDcwLSvxXcZOF/VQB7EJftht24Z5Mqfn
+B8u2Z6afS2VlX3GbVg8ymsT+ohrKZSsIScrD/c52rDUkiIYldLSljRBaRCxlXwBx
+kUMNQvYMtRSv/b22cSAZDXV8vN8gby7XZMM6f3UKYF9BCbxbJvpwbGOsBqrsWySo
+JwiayvBMw8kNn9sCggEBAN93KqwxIKplr8yaLc9vFqXR/dLIJkK2YvaYTK9NjGVb
+4U5Z18K+Yv57dy7M7sDay61uHG52YEpbiyALD+XaVcWpYBNOvuNiu35Oa4WOdV7N
+4yU5+DcjhgJySeiQ64NW8s88yD6pmHzFxXYgKkLkkr2EqaL+yvCYVCs1o5bV0boo
+2Y8n8UxjgLSxVWHWALW38IfbI1nkK/IabWO1hl1m8pdXaPZax68NIp3R8YFyWHep
+JiJryUAtSbo3QLdXM90OFPLtiSY1faHcvzb7FZ6ux8RKbbXAIkNTcjnf66AQhVNp
+jykYRcALX+r+Xj6RLPypwniGDqlhao1dlw2s+VokgHUCggEBALTj2EaLrO1gCjOZ
++oqLhih6sFhb1sB5OI1yI+F383Z6BnjqVkKZfyfJIaYAqGebDwCnowU7VODcQsR9
+he50wUQWP+ZhDtVsaXyBE7Hj6abucNx0SaoHyiqDdTlV3EmnnMvcQKI8WXWhgyjZ
+FkG1t0YfKRBEUF/bJD+lMY8dQ2dS5CWzQd/T5PeKwC5lz+JztSSL5m4vhYfoyuqv
+173i1C0nNModafw6t7qzBTUw+hqH5uUi6lEF1CBbPl9UOOukFo3DDfbiYtaesLkw
+dEakgcPLgjwrkEYyb9Efciolb+HZCqxNFXWXl/V1QS/OZztpwzAWwj4e9H7gY0lO
+tNab210CggEAJtLTTRsz66bDBi77KoDIVILJMGepjgmV4/XNzN8SN0HhQPWG8MSW
++lOE/1KHYGYi4Lyyn9ZdIE4LO8PwPSTTpgWpNXGG5IZwwJ7rO0bmyVPH1N3fa+T2
+EVK92HPlFupyQOL0fz6DyZmqlr072mdPvzFfL3xI0cgFR4SIKVp4l3klYyOzXmwj
+HkF47gh6Exgj59aAq8tifytsOdh9wZhzKSv8hmB7NMR5cSXaaXzuNcvjXjOPwWCc
+4Idc7P1ve0ZJCXOPUl4Ut5xcdDbnKKyA9G9h5CO/UCcdP0TR8PstzrIWNzOKWrUf
+MvqCcShTwonTyZCw12ifVHQgHDYjFDAnSQKCAQAqlEkgCuA9ObOsj7W4KM/OjWd/
+wK8EC9oESdBOl9fn/pAktyh73GYYsIqwaHFRDcTLr74ULdqx+4vsOvCXl0wMMFOq
+iAZdba8CYtjFVDudJf3oJceSHiITocJqo4H4zOxeL0K1ssoX5caN5kYzYufCfKKH
+dGEPWnI+l3akR1kqHL6Xoq0YluPGh6PhkV2X6tuUf4G5K1NEdT4+KE1IeJqFviLd
+mOE5sErWyUrQotsI2n14gsdONOwS0FkElGlEZgCPu2uiXhrYeUf+R4r/V3MNtwVl
+aFk8InJnkfr7XitOv/Q+eJThwhnnNCrefLj/x9vAHUrNvRf+NpKr1xSDk9fk
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
diff --git a/configs/traefik/conf.d/global.yml b/configs/traefik/conf.d/global.yml
new file mode 100644
index 0000000..034e570
--- /dev/null
+++ b/configs/traefik/conf.d/global.yml
@@ -0,0 +1,15 @@
+providers:
+  docker:
+    network: ingress
+tls:
+  stores:
+    default:
+      defaultCertificate:
+        certFile: /conf.d/dot2024.crt
+        keyFile: /conf.d/dot2024.key
+http:
+  middlewares:
+    global-chain:
+      chain:
+        middlewares:
+          - middlewares-secure-headers
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..dd47066
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,128 @@
+volumes:
+  letsencrypt:
+  nginx_log_volume:
+  mysql_data_volume:
+  mysql_backup_volume:
+
+
+networks:
+  ingress:
+    external: true
+
+services:
+  db:
+    image: mariadb:10.3.25
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
+      MYSQL_USER: ${MYSQL_USER}
+      MYSQL_DATABASE: ${MYSQL_DATABASE}
+      MYSQL_PASSWORD: ${MYSQL_PASSWORD}
+    ports:
+      - ${MYSQL_PORT}:3306
+    volumes:
+      - mysql_data_volume:/var/lib/mysql
+      - mysql_backup_volume:/backups
+    networks:
+      ingress:
+
+
+  php-cli-mltorgtrans:
+    user: 1000:1000
+    image: registry.dot-dot.ru/mltorgtrans:${MLTORGTRANS_TAG}
+    command: php artisan app:run-collector 6d7867e74c767c5c81545d38f4ab3113
+    restart: unless-stopped
+    volumes:
+      - ./configs/mltorgtrans/.env:/application/.env
+    env_file:
+      - ./configs/mltorgtrans/.env
+    networks:
+      ingress:
+
+
+  php-cli-mlatrucks:
+    image: registry.dot-dot.ru/mlatrucks:${MLATRUCKS_TAG}
+    command: php artisan app:run-collector pPHx1yZOaiOsUb0zAIaoiY0B4SLOcyS8gBYaAxvI9RVSAR6u
+    restart: unless-stopped
+    volumes:
+      - ./configs/mlatrucks/.env:/application/.env
+    env_file:
+      - ./configs/mlatrucks/.env
+    depends_on:
+      mlatrucks_db_migration:
+        condition: service_completed_successfully
+    networks:
+      ingress:
+
+  mlatrucks_db_migration:
+    image: registry.dot-dot.ru/mlatrucks:${MLATRUCKS_TAG}
+    command: /application/artisan migrate --force --no-interaction
+    volumes:
+      - ./configs/mlatrucks/.env:/application/.env
+    env_file:
+      - ./configs/mlatrucks/.env
+    networks:
+      ingress: {}
+
+  nginx:
+    image: nginx:1.25.3-alpine3.18
+    restart: unless-stopped
+    volumes:
+      - ./configs/nginx/conf.d:/etc/nginx/conf.d
+      - ./configs/nginx/nginx.conf:/etc/nginx/nginx.conf
+      - ./configs/nginx/www:/var/www
+      - ./configs/nginx/ssl:/etc/nginx/ssl
+      - ./configs/nginx/other:/etc/nginx/other
+      - nginx_log_volume:/var/log/nginx
+    ports:
+      - 80:80
+      - 443:443
+    # depends_on:
+    networks:
+      - ingress
+
+  node-exporter:
+    image: prom/node-exporter:v1.7.0
+    container_name: node-exporter
+    restart: unless-stopped
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /:/rootfs:ro
+    command:
+      - '--path.procfs=/host/proc'
+      - '--path.rootfs=/rootfs'
+      - '--path.sysfs=/host/sys'
+      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.node_exporter.rule=Host(`ml.dot-dot.ru`)"
+      - "traefik.http.routers.node_exporter.rule=Path(`/metrics`)"
+      - "traefik.http.routers.node_exporter.service=node_exporter"
+      - "traefik.http.routers.node_exporter.entrypoints=https"
+      - "traefik.http.services.node_exporter.loadbalancer.server.port=9100"
+    networks:
+      - ingress
+
+  cadvisor:
+    image: gcr.io/cadvisor/cadvisor:v0.49.1
+    restart: unless-stopped
+    container_name: cadvisor
+    privileged: true
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:ro
+      - /sys:/sys:ro
+      - /var/lib/docker:/var/lib/docker:ro
+      - /dev/disk:/dev/disk:ro
+    devices:
+      - /dev/kmsg:/dev/kmsg
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.cadvisor.rule=Host(`ml.dot-dot.ru`)"
+      - "traefik.http.routers.cadvisor.rule=Path(`/cadvisor`)"
+      - "traefik.http.routers.cadvisor.service=cadvisor"
+      - "traefik.http.routers.cadvisor.entrypoints=https"
+      - "traefik.http.services.cadvisor.loadbalancer.server.port=8080"
+    networks:
+      - ingress