From d2d8551cf80adcb0897ec209c5c2c989382cd5ea Mon Sep 17 00:00:00 2001
From: Daniel Siepmann <coding@daniel-siepmann.de>
Date: Sat, 22 Jun 2024 16:57:15 +0200
Subject: [PATCH] Migrate web-development projects to proper modules

Create proper modules for TYPO3 and static web projects.
Those modules are now used on all machines.
This replaces the old legacy functions used to setup projects.

That way multiple projects can easily be defined within one file.
---
 .gitattributes                                |   3 -
 systems/hikari/configuration.nix              |   3 +-
 systems/hikari/web-development/default.nix    | 123 ------------
 .../web-development/lib/create-static.nix     |  30 ---
 .../web-development/lib/create-typo3.nix      | 121 ------------
 systems/hikari/web-development/lib/mkcert.nix |  53 -----
 systems/hikari/web-development/projects.nix   |  23 +++
 .../web-development/projects/private.nix      |  13 --
 .../projects/service-wrapper.nix              |  28 ---
 .../hikari/web-development/projects/typo3.nix |   8 -
 systems/hikari3/configuration.nix             |   6 +-
 .../private/web-development-projects.nix      | Bin 0 -> 9492 bytes
 systems/hikari3/web-development/default.nix   | 168 ----------------
 .../web-development/lib/create-static.nix     |  30 ---
 .../web-development/lib/create-typo3.nix      | 132 -------------
 systems/hikari3/web-development/projects.nix  |  23 +++
 .../web-development/projects/customer.nix     | Bin 707 -> 0 bytes
 .../projects/customer/itcc-diginno.nix        | Bin 516 -> 0 bytes
 .../projects/customer/itcc-steel.nix          | Bin 508 -> 0 bytes
 .../projects/customer/reu-reu.nix             | Bin 740 -> 0 bytes
 .../projects/customer/sa-frontend.nix         | Bin 243 -> 0 bytes
 .../projects/customer/sa-sa.nix               | Bin 6799 -> 0 bytes
 .../projects/customer/wm-interdaf.nix         | Bin 366 -> 0 bytes
 .../projects/customer/wm-sozio.nix            | Bin 330 -> 0 bytes
 .../web-development/projects/private.nix      |  18 --
 .../projects/service-wrapper.nix              |  33 ----
 .../web-development/projects/typo3.nix        |  12 --
 systems/web-development/default.nix           | 182 ++++++++++++++++++
 .../lib => web-development}/mkcert.nix        |   7 +-
 systems/web-development/static.nix            |  45 +++++
 systems/web-development/typo3.nix             | 149 ++++++++++++++
 31 files changed, 434 insertions(+), 776 deletions(-)
 delete mode 100644 systems/hikari/web-development/default.nix
 delete mode 100644 systems/hikari/web-development/lib/create-static.nix
 delete mode 100644 systems/hikari/web-development/lib/create-typo3.nix
 delete mode 100644 systems/hikari/web-development/lib/mkcert.nix
 create mode 100644 systems/hikari/web-development/projects.nix
 delete mode 100644 systems/hikari/web-development/projects/private.nix
 delete mode 100644 systems/hikari/web-development/projects/service-wrapper.nix
 delete mode 100644 systems/hikari/web-development/projects/typo3.nix
 create mode 100644 systems/hikari3/private/web-development-projects.nix
 delete mode 100644 systems/hikari3/web-development/lib/create-static.nix
 delete mode 100644 systems/hikari3/web-development/lib/create-typo3.nix
 create mode 100644 systems/hikari3/web-development/projects.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/itcc-diginno.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/itcc-steel.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/reu-reu.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/sa-frontend.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/sa-sa.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/wm-interdaf.nix
 delete mode 100644 systems/hikari3/web-development/projects/customer/wm-sozio.nix
 delete mode 100644 systems/hikari3/web-development/projects/private.nix
 delete mode 100644 systems/hikari3/web-development/projects/service-wrapper.nix
 delete mode 100644 systems/hikari3/web-development/projects/typo3.nix
 create mode 100644 systems/web-development/default.nix
 rename systems/{hikari3/web-development/lib => web-development}/mkcert.nix (97%)
 create mode 100644 systems/web-development/static.nix
 create mode 100644 systems/web-development/typo3.nix

diff --git a/.gitattributes b/.gitattributes
index 929bcb6..256fd9a 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -9,9 +9,6 @@ home/files/rclone.conf filter=git-crypt diff=git-crypt
 home/files/typo3-configuration/client-specific/** filter=git-crypt diff=git-crypt
 home/packages/custom/dmenu-scripts/customer-issue.sh filter=git-crypt diff=git-crypt
 systems/hikari/files/hosts filter=git-crypt diff=git-crypt
-systems/hikari/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
 systems/hikari3/files/hosts filter=git-crypt diff=git-crypt
-systems/hikari3/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
-systems/hikari3/web-development/projects/customer/* filter=git-crypt diff=git-crypt
 systems/hikari3/private/* filter=git-crypt diff=git-crypt
 projects/** filter=git-crypt diff=git-crypt
diff --git a/systems/hikari/configuration.nix b/systems/hikari/configuration.nix
index 084a59f..cca9dd9 100644
--- a/systems/hikari/configuration.nix
+++ b/systems/hikari/configuration.nix
@@ -11,7 +11,8 @@
 
     ./cachix.nix
 
-    ./web-development
+    /home/daniels/.config/nixpkgs/systems/web-development/default.nix
+    ./web-development/projects.nix
   ];
 
   boot = {
diff --git a/systems/hikari/web-development/default.nix b/systems/hikari/web-development/default.nix
deleted file mode 100644
index 0d54fa9..0000000
--- a/systems/hikari/web-development/default.nix
+++ /dev/null
@@ -1,123 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-let
-
-  mysqlEnsurePermissionsForDevUser = builtins.listToAttrs (
-    map (databaseName: {
-      name = "${databaseName}.*";
-      value = "ALL PRIVILEGES";
-    })
-    config.custom.web-development.databases
-  );
-
-in {
-  imports = [
-
-    ./lib/mkcert.nix
-
-    ./projects/private.nix
-    ./projects/service-wrapper.nix
-    ./projects/typo3.nix
-
-  ];
-
-  options = {
-
-    custom.web-development = {
-      rootPath = lib.mkOption {
-        type = lib.types.path;
-        default = "/var/projects";
-        description = ''
-          The root folder where web development happens.
-          All Projects need to be placed within this folder.
-        '';
-      };
-      databases = lib.mkOption {
-        type = lib.types.listOf lib.types.nonEmptyStr;
-        default = [];
-        example = lib.literalExpression "[namespace_project namespace2_project1]";
-        description = ''
-          A list of all necessary databases.
-          Used to create the databases and grant permissions.
-        '';
-      };
-    };
-
-  };
-
-  config = {
-
-    services = {
-      httpd = {
-        enable = true;
-
-        user = "daniels";
-
-        adminAddr = "apache@hikari.localhost";
-
-        extraModules = [
-          "info"
-          "rewrite"
-          "proxy"
-          "proxy_fcgi"
-        ];
-
-        virtualHosts."localhost".locations."/server-info" = {
-          extraConfig = ''
-            SetHandler server-info
-            Require local
-          '';
-        };
-      };
-
-      mysql = {
-        enable = true;
-
-        package = pkgs.mariadb;
-
-        ensureUsers = [
-          {
-            name = "daniels";
-            ensurePermissions = {
-              "*.*" = "ALL PRIVILEGES";
-            };
-          }
-          {
-            # INITIALLY once change dev user to be identified by password
-            # alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
-            name = "dev";
-            ensurePermissions = mysqlEnsurePermissionsForDevUser;
-          }
-        ];
-
-        ensureDatabases = [
-          "testing" # Used by TYPO3 functional tests
-          "testing_at" # Used by TYPO3 Acceptance tests
-        ] ++ config.custom.web-development.databases;
-
-        settings = {
-          mysqld = {
-            # sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
-            general_log = true;
-            general_log_file = "/var/lib/mysql/query.log";
-
-            # slow_query_log = true;
-            # slow_query_log_file = "/var/lib/mysql/slow_query.log";
-            # long_query_time = 1;
-
-            bind-address = "127.0.0.1";
-          };
-        };
-      };
-    };
-
-    systemd.tmpfiles.rules = [
-      # TODO: Improve handling of TYPO3 global configuration
-      # Current issue: The files are copied once.
-      # Changes are not reflected until reboot?
-      # I can edit the copied files, but need to keep files in sync.
-      "C ${config.custom.web-development.rootPath}/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.config/nixpkgs/home/files/typo3-configuration"
-    ];
-
-  };
-}
diff --git a/systems/hikari/web-development/lib/create-static.nix b/systems/hikari/web-development/lib/create-static.nix
deleted file mode 100644
index da16ec8..0000000
--- a/systems/hikari/web-development/lib/create-static.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-  config
-  , domain
-  , relativeDocumentRoot
-}:
-
-let
-  documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
-in {
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      inherit documentRoot;
-
-      extraConfig = ''
-        <Directory ${documentRoot}>
-            AllowOverride All
-            Require all granted
-            Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-            DirectoryIndex index.html Index.html
-        </Directory>
-      '';
-    };
-
-  };
-}
diff --git a/systems/hikari/web-development/lib/create-typo3.nix b/systems/hikari/web-development/lib/create-typo3.nix
deleted file mode 100644
index aa643bb..0000000
--- a/systems/hikari/web-development/lib/create-typo3.nix
+++ /dev/null
@@ -1,121 +0,0 @@
-{
-  config
-  , lib
-  , pkgs
-  , domain
-  , relativeDocumentRoot
-  , databaseName
-  , php
-}:
-
-let
-
-  documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
-
-  phpPackage = php.buildEnv {
-    extensions = { enabled, all }: enabled ++ (with all; [
-      xdebug
-    ]);
-    extraConfig = ''
-      max_execution_time = 240
-      max_input_vars = 1500
-
-      xdebug.mode = debug
-      xdebug.max_nesting_level = 400
-    '';
-  };
-
-in {
-  custom.web-development = {
-
-    databases = [databaseName];
-
-  };
-
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      inherit documentRoot;
-
-      extraConfig = ''
-        <Directory ${documentRoot}>
-            AllowOverride None
-            Require all granted
-            DirectoryIndex index.php
-
-            RewriteEngine On
-
-            # Store the current location in an environment variable CWD to use
-            # mod_rewrite in .htaccess files without knowing the RewriteBase
-            RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
-            RewriteRule ^.*$ - [E=CWD:%2]
-
-            # Rule for versioned static files, configured through:
-            # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
-            # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
-            # IMPORTANT: This rule has to be the very first RewriteCond in order to work!
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
-
-            # Access block for folders
-            RewriteRule _(?:recycler|temp)_/ - [F]
-            RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
-            RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
-            RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
-
-            # Block access to all hidden files and directories with the exception of
-            # the visible content from within the `/.well-known/` hidden directory (RFC 5785).
-            RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
-            RewriteCond %{SCRIPT_FILENAME} -d [OR]
-            RewriteCond %{SCRIPT_FILENAME} -f
-            RewriteRule (?:^|/)\. - [F]
-
-            # Stop rewrite processing, if we are in any other known directory
-            # NOTE: Add your additional local storages here
-            RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
-
-            # If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteCond %{REQUEST_FILENAME} !-l
-            RewriteCond %{REQUEST_URI} ^/typo3/.*$
-            RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
-
-            # If the file/symlink/directory does not exist => Redirect to index.php.
-            # For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteCond %{REQUEST_FILENAME} !-l
-            RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
-        </Directory>
-
-        <FilesMatch "\.php$">
-            SetHandler  "proxy:unix:${config.services.phpfpm.pools."${domain}".socket}|fcgi://${domain}/"
-        </FilesMatch>
-      '';
-    };
-
-    phpfpm.pools.${domain} = {
-      inherit (config.services.httpd) user group;
-      inherit phpPackage;
-      settings = {
-        "listen.owner" = config.services.httpd.user;
-        "listen.group" = config.services.httpd.group;
-        "pm" = "ondemand";
-        "pm.max_children" = 15;
-      };
-      phpEnv = {
-        TYPO3_ADDITIONAL_CONFIGURATION = "/var/projects/own/typo3-configuration/AdditionalConfiguration.inc.php";
-        TYPO3_DATABASE = databaseName;
-        TYPO3_CONTEXT = "Development/dsiepmann";
-        IMAGEMAGICK_PATH = lib.makeBinPath [ pkgs.imagemagick ] + "/";
-      };
-    };
-
-  };
-}
diff --git a/systems/hikari/web-development/lib/mkcert.nix b/systems/hikari/web-development/lib/mkcert.nix
deleted file mode 100644
index 6598136..0000000
--- a/systems/hikari/web-development/lib/mkcert.nix
+++ /dev/null
@@ -1,53 +0,0 @@
-{ pkgs, lib, config, ... }:
-
-let
-  certFolder = "/var/projects/own/mkcert";
-
-  domains = builtins.concatStringsSep " " (
-    map (domain: "\"${domain}\"") (
-      builtins.attrNames config.services.httpd.virtualHosts
-    )
-  );
-
-  custom-generate-certs = pkgs.writeShellApplication {
-    name = "custom-generate-certs";
-
-    runtimeInputs = [
-      pkgs.mkcert
-    ];
-
-    text = ''
-      mkdir -p ${certFolder}
-      pushd ${certFolder}
-      declare -a domains=(${domains})
-      for domain in "''${domains[@]}"
-      do
-        CAROOT="${certFolder}" mkcert "$domain"
-      done
-    '';
-  };
-in {
-  options = {
-    custom.web-development = {
-      certFolder = lib.mkOption {
-        type = lib.types.path;
-        default = "${config.custom.web-development.rootPath}/own/mkcert/";
-      };
-    };
-  };
-
-  config = {
-
-    # TODO: Run once before httpd service starts?
-    environment.systemPackages = [
-      custom-generate-certs
-    ];
-
-    # NOTE: Disable until root certificate is generated, then add again
-    # Maybe check for file existense and throw proper error message?
-    security.pki.certificates = [
-      (builtins.readFile "${config.custom.web-development.certFolder}rootCA.pem")
-    ];
-
-  };
-}
diff --git a/systems/hikari/web-development/projects.nix b/systems/hikari/web-development/projects.nix
new file mode 100644
index 0000000..c1badbc
--- /dev/null
+++ b/systems/hikari/web-development/projects.nix
@@ -0,0 +1,23 @@
+{
+  pkgs
+  ,config
+  ,...
+}:
+
+{
+  config.custom.web-development = {
+    typo3 = {
+      "daniel-siepmann.own.localhost" = {
+        relativeDocumentRoot = "own/daniel-siepmann/project/public/";
+        databaseName = "own_danielsiepmann";
+        phpPackage = pkgs.php83;
+      };
+    };
+
+    static = {
+      "tea-docs.typo3.localhost" = {
+        relativeDocumentRoot = "stuff/typo3/extensions/tea/Documentation-GENERATED-temp/Result/project/0.0.0/";
+      };
+    };
+  };
+}
diff --git a/systems/hikari/web-development/projects/private.nix b/systems/hikari/web-development/projects/private.nix
deleted file mode 100644
index 771d83d..0000000
--- a/systems/hikari/web-development/projects/private.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ pkgs, lib, config, ... }:
-
-let
-
-  php = pkgs.php83;
-
-in import ./../lib/create-typo3.nix {
-  inherit config lib pkgs php;
-
-  domain = "daniel-siepmann.own.localhost";
-  relativeDocumentRoot = "own/daniel-siepmann/project/public/";
-  databaseName = "own_danielsiepmann";
-}
diff --git a/systems/hikari/web-development/projects/service-wrapper.nix b/systems/hikari/web-development/projects/service-wrapper.nix
deleted file mode 100644
index 7e78f12..0000000
--- a/systems/hikari/web-development/projects/service-wrapper.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ pkgs, lib, config, ... }:
-
-let
-  domain = "mailhog.localhost";
-in {
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      extraConfig = ''
-        RequestHeader unset Authorization
-        ProxyRequests Off
-        ProxyPreserveHost On
-        ProxyPass / http://localhost:8025/
-        ProxyPassReverse / http://localhost:8025/
-
-        # Mailhog specific
-        <LocationMatch /api/v2/websocket>
-          ProxyPass ws://localhost:8025/api/v2/websocket
-        </LocationMatch>
-      '';
-    };
-
-  };
-}
diff --git a/systems/hikari/web-development/projects/typo3.nix b/systems/hikari/web-development/projects/typo3.nix
deleted file mode 100644
index bd4596e..0000000
--- a/systems/hikari/web-development/projects/typo3.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ lib, config, ... }:
-
-import ./../lib/create-static.nix {
-  inherit config;
-
-  domain = "tea-docs.typo3.localhost";
-  relativeDocumentRoot = "typo3/tea/Documentation-GENERATED-temp/Result/project/0.0.0/";
-}
diff --git a/systems/hikari3/configuration.nix b/systems/hikari3/configuration.nix
index 1eb4eb7..ec9305c 100644
--- a/systems/hikari3/configuration.nix
+++ b/systems/hikari3/configuration.nix
@@ -3,7 +3,7 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 {
-  ,config
+  config
   ,pkgs
   ,...
 }:
@@ -14,7 +14,9 @@
 
     ./cachix.nix
 
-    ./web-development
+    /home/daniels/.config/nixpkgs/systems/web-development/default.nix
+    ./web-development/projects.nix
+    ./private/web-development-projects.nix
 
     ./private/borgbackups.nix
   ];
diff --git a/systems/hikari3/private/web-development-projects.nix b/systems/hikari3/private/web-development-projects.nix
new file mode 100644
index 0000000000000000000000000000000000000000..952aaf0b8e9a68d9ba57ff8150fbf7ec131251cf
GIT binary patch
literal 9492
zcmV+vCF|M%M@dveQdv+`036dgPxswP(UsYq+Mu9o4*}CZ4v}yS@WEok--dh#t!lEE
zAy&v*qbxDAAwkGEf2Kl~k60V@ltIeMRomPb)j>$mMJ3!ASaI;Xcbh9tZu##8uKkYU
z$%9MC)Ye?xM<}{M=8BqH`&ED5r8P9`ztc@EBNa9v@+h0OEWWmpwI>*w?V!KxivlcC
z<O3cgJik#jX!dF1!ynHU>e+Sdsn|D2(`0r3dNW?tEi#KWp$x;v!@pP${3Vku@h3z!
zT-7V|y2@jRyOXcLkDOJF@EAvCl#no(as|cbyXA3gDa1;fbW%VaW!&q8G6S7Bqd4UY
z;+jWD5xORoYfRECDk<;`4)Bqh>GxN2%RMhzQ|#!E0n90_ztRNXSX|kwUJ=I_ZC5T>
z{0Uc1dt&2X&YiP$InXa9<!QC|H7;weKGg>sXQ2{<aodnF>*4q%sw}R?0on*uIQlv|
z4AG%IdhaHQl_6U%q*NkS+$nsQ|C(=twAJ6GOl}0suVS@LUo?9{$p>AYO1|WzNhStA
z#@v=g!1mwD;Sp3`l%YtDp!I)jtVy#AJd}`n?UBJ&bgD>?q`7@xCPZY$%Q(;+S5?6y
zOV#jA00ofdBEd`kBcM;!ikw4ua&hAg9Ur#$b^JVVy4puy+v)BmWFSV$k5ZznF!E*M
zUO6zb3tU0vohdoU$#((y8;aDWXD$I%Qmht!mjBiSlc>+62b6E~6r?*}3C?GJ15Y=)
zBe#{KkrEyY*MqQi-Dwfga1+U_*3G}PL<nohSRd}2d#3EKxgN?mU&_9D>aT_ck-T@r
zDn-{^bM1-j6tJDMz{0gT)akjBEpWIeg%4NQHj#5qd<dC((BHN)l?p<2JG$*eCY;<e
zxOR5)$^4d~sPB-<Gt4@tjQ)kH&P@=#BDG4#@7xb9!VAWad~=I0Y6TxT^xO1jpT(3!
zWP(Kwu2+oXex2n(c|GU0p5FX9QQs~vjN;`6(2nK^yTZL~6Tw5Ex;&b=?@YQ>j}3Zp
zaHVHqW{o7Kpj2d*Gf;kUahSE2V29?)g>3-if-PW|^YRA-#IutMea+tQFCzxQt(j~Q
z@t2Kf8)IZBZ^GZ_K?P4F+AfWLnmVR)G=a#ePA-ldp;l0nrW0}vHK@tSd4*1A1aYE9
zdV$$a#(-|C0<IlnQc{a!rawU)FSA55gBIK3j>m?-)tQ|dKc$}_E;&&Ndm*B?G3CFd
zrYOo*Ex(x-py6uFQ^_ZYSGFH39YpWQhBxj~3_9`I==R03{bVzVIlg~x-Md_QNVBK|
z`q4(T)DOsy(_lsgu8n?!gQ%C?<^8VoF~8!izvFl@DPrCu6tB(n@ACA#pB&g9a-&r}
zO9s*(PWhbi0=SncEs?@LG4m(zED#6WtrN^OV0f!~xSp0Ad1E$ZYw<^S-N3tN9jc}E
z@$4CGu=-@y->1941CK8&oVsUb2`%>m{shB}MC5cgE$_~<Iq2MTJSv{F6pNry@GD1V
zg<&t;zeA2A5UHLyG58+(Z96vUSAO~Xed!2;*J7p~UtO6Kd0GpE-;rlJUw_?pR_Tg=
z+GoNo@RSWSmxb$W+G4!+S^Bv>Rkl?g$zxbko;+^fJ)%MV5Uzu<$s~FwJ}f^cGEu)}
z{BMwNl7aNYsb<t|bJ3W_0=6*$`?9H1&USKI$&v^}rirm7%^!O8*1U%Nb6C5g!&fNY
zJQ&?a<F)r0!O8{N+jqis%bF-wle#8sD-Cmde=d}a{5<-#p{fOQ^~Pu=$tD9hzouFv
z2Wv9T6)4=_wKH<nl!)InmP$*eTSltJ_Dp81j1OiZ4Gk-79UHx71_tul)icQwnL`>^
zUCcaQRcS;c5Ya+nI5y_-wPvBz;OaVljW@v?1z!KRVIlA%A%{f<=9^L4I{flqU4U>-
z3sKPI6fBig8GT>k^))JcRM4MDbu>;XXQUjI>)U*&$4{BZ5TErIS0LN2QuoZ^RT%{^
zM};EAyYqf9k+?C}ls9gzAe@A>Ek6n((`i!)zqB*UC`LmFf~sH(397r*D0BNtNNSo5
zCuRxRjT!pl3nsF<zF~oSwZ3dU3}mz~-vx&o#g1J5V1$MhUc04t#TtE28!jTG6z$M_
zLD@;7x?ho{uG_<uW0lciWjr|LBLXk(BH>>Yl%;4E|0><EvSrBSJdGoOudp1KgGyZ4
zs)u<#SlAg3xx7wcg87rcXRe>$`*Ouz$6E%XoyG*X^~TH3l3GrFJ9C13?6BV>x6Q%D
zk^5~7iedX|U~OYN9-em%<D}T+KV*)A!cEehArc<9jkUJFK*5y!4EEBBRbA^T-;yo|
zvq#sf4Ah+R#H1cg92_NMkys@n-y+1+iO`;1@mnO4U_)hqHh9!y(&@I)C7!i{gSbD%
zDSRo0#;lj@n@On~ef1KYER?TGiZHpUJ41eFCWI-JkfSCeTQ797QqXJ<;o6P%3!V;J
zI!X-MYd3b?EI<x^hl`hT96+e^$q@?m|9pD|`JWWxETRJtI834HOpj6M2@X3N;OQAI
z^9j8`mX@DPPHZ%ha5qYVhvh9Lue?Ky0=jSaluB8ZiLEMy6e1T=`-tfwcl>|euq?9u
z%&R$@JFE%~K?RVf9Gvm!25cdq@s0z}Y$QV~pfRg{Et}zBkFsK=EgSR8qO<{Tbpc4)
z@TIz;MsX_)r0$d;h&J!47N3ZA?xwlsAx-$p7vDUN%Dos5czb{aNy&7>x9dO(?8ym^
zO>-=5d1I{$r(#D;VPUHcPQKY5zz9r-6Ops}B}QA(HL&`r%_*hE7WU1GgXbr_-r*eH
zSqBUxP!0N9Srm}s%V<M{wKikePjDWQP_q&i()`^`-3^)`cs1es#;9{KeuFWKa~uO5
zH;5@<Yw*{R-8=A49-vxz<+4}HYk2b3%JGXCS+Bg9!?gbNizrjyn8BMU11Z>+W4HGS
z-CW@$90JDSQ4xf5j)@%p2@M*2^sjJVZsCu<u}$)Pzj`|sJLgASkquW)>_>X9-o|;V
z?M3{pZj_sZ5?3oe86$$g{Ar!HFnyLzJdg8U&6+fD&d~y~t59p3wl%h}n(DSf3U$;i
zI;0v&4+@V|hv0g?2g2hs@G+V=J!YTg-184xz;J#=<){tkh!5jV+rwVi??0An{eerr
z`_l`1D6lOtgak>vI2pQ3^o@>8q6lvRuR(6%T4@=PT<u=)7!zvl=V-2z+Cq<Ck&I8N
zv$FfgRCt;~@4cCf$AHdrqGd)eE9t{kG0q2HCO&YtY_s*txem&E>Yiq>Ci@TBRYIz=
zI}D(W$DHh=b+It9C=_XEs-{CgtsMI&I4w2Q9rwi9B9SOSi3_-)ME&)t0c4gWAxmS6
zJ=U6n^?m$qOH%wUR&YwFL^$*1kD_e5Y6W2{4fQk(r>knnE()^5bbrajHC&L08r+Kd
zVrw3fd88#XDKTV9eB>WAZd<5_{lM6(0c<VhPw{FUJQbourIgjgYc7DFc;LFsUrciI
zot}Gi6X$ozLp&3?8w|y`@0VH*XErsnP#1g0&DticbbQjX6^v`bq6AH36QEGT)MG$d
z=hTweGqYh#45!1k3XZ1aR}&;m_C(rP>F>1u$}uO+I?iz?+{8LMEFT0?xul5rl3KU4
zJ0B}EDmQe>hP7Rxv1;yZ8)r7otaUjr;vF8jgbP1PdF%}JGnXIdc$cU?A>`zx7p<g+
z1r}V=waS@$YErexPFs7w^3k|S)PwI0`6}m<PBCS>49w4(ITiMv6c|Ae#D_2>c-xkP
zY|b;ua-%HS?WE{8c0c|Ie|LaB`uUY_L$dpN6v=+450t(m%!JA<Q+oy!pE52&U8&u&
zT_Y)Z8kiwrBU_`rP53k<Qy`k^6%PV{vaQ-P4NZR^NC`+%L3}dUDpr)6MwVCj+&+2X
zjZqOlG4_rtx75@8uhfT*S<LzZ?mx$!J#c^QrDMdeH*#z%a?8|HCNmb2+4HMHeHklj
zn&$<E84(&6_aEQ48!bXXwk*`8I;Zv21-1+;L{Bd~%0(V@!o18xs!onR<l8^|P%iu!
ze7ndSn19AcNGfXxxB5672$*7pi_2t@kC0n?%@9-kk;|+N2{x^|zBd@`lbZ`{vXh1q
z|J)4t;JEtY5P1)AMSh%bHbaT#IqEh+Xhs$N(k681<Ff{Lkguz}OSsKxOuuEDAM(%6
zdg`0J76${<6+{F>0LzXk*-;r%r58PF8g28A6^<Z-nz2245&vARHeVTSE?z}^WsvM}
zPNV9i&<_lI6rTQ$NZ+@N0_5V{04!J}Y&IMNg-A_3^`qaP3Vc5o^Lo#T)jhVp&W{qd
zTBlj%1p}JVdpaTws`roEJ<S%5)nc~4b^pRi5mVCM?2dw6u;&CU&7ylI3g=2ZTyJ?i
z4UmNh2tC^dFZs=PbI*K!iJ*}i$!)OV2k@!0eID|*ZT*0M_Wge=^n|tSrg0u@0wrOV
zg|Y%o&XrMj-?p@uIts#_QI^#e7S4e-<jBzh^JvVD<@47swcHn@H+n1|2#Mx4mOEuY
zZ3b}QqLxjEBy+XUSB+~61W|=s<)XGu+Cvts`>4VqVAk7bloC1wmNM#cG<+oWoP%hX
z+QHQv$VQ&OUM`-}V8f0j*p<)f!CB$s<Nv+D>qQr0vVFhxl9jSB+UnuNdAMV><uA3~
zufS~fFz;Hd*ISI$Y4M{}{t3R2EIuf7$0{M$%Ox4n^+dXMLIv|5DV1&1e&#If)YMyE
zxlLNgd^_H%TS}<g!i@~x*H&c{<l5e$LZTGwT~Iwrb0m;bo-MqK{sfz$De+(<=yb5%
zv?9ld__Jw$kkf7Gh!7XD&_9+P9;y758Z~T3O(uztDla5RL`6T$^t?p}JG)(#`!&&n
z2=up>BIubfk|6c^<eH1tiaxBQ?h5epJ#|06hLboASTKea-q<!Uppq}g@<k>Mv_)|8
zb9%|N%j->~c6VjAZ}z-a?hs_-y@f**srS@@-Fn-)G3bkwm&l$(n5ectP9j?>)3@jb
zux2WO4qcY+=o1e7O564Z%K@X&dlJPPT#E7b^UX!6Vkm{S`%T6=1*c#5?X?7>{4Zg0
z+1j(~Mwr^CZpIU%I9o#QD&Er=sm5f|OA()tqc8`dYUxGC-ieU#4>a)YXj{g@RMgiG
z9xoE9GAvBU9iSqeKXW;Dyv_g-8Sj$jobV^Dg2;UDN)s~(7Y7!SDc5V32IB8Rhc1H5
zs<FfhR6z=qht>O*C)F_lN#(f$4Dl?x;~B4R%ve2`A;RgU+DKHoHXQ!D5$)t&gM;qX
zng$!a(t$jBlt_;{asvqd$blA`CRpxnJYZUt^C2t|J`SW7HfkJ}m4(<e3Y)bzmptyz
zhg$dz@d5F?)Zy6uRk~U|g)jKP#Ty)zNZ2R>azZ7}tw+w6E({f|tGh`ahOdL|Lv7HE
z&|SL1r8<cp+<sS|=h5ldAC2Cd4AsPli?5`_Q9gVzOQRjqbl48dRo&^;Web|Ci=9}_
zWd26z;pqXPK{aPQy>MwqfH%xJgPC3S-LGP_x4P1N#p>3i^ht{Tk@_P)P>_{eE?a~m
zb0}j?x`X=$QMiwq<*NTaZ(!3R(txdczhOLpIQ?;lmZ|oOr@tiJf9%&U`yC}HbrGt2
zi4B4N3|5bp6yUGH@TCrf*Ian-BvfR4wOyT`_rQv-fPe=N+tEANcY^u1RK#PYU1TgT
zFvjpLbczIxMRr`!<{u$ZWHvnhVUzXSFXE8z;|uk}vlP!CGZ_nszLp8(lJxk0$;Tg^
z;hTkDJc_l8F|tmtdUYD3`yXNMKz^awT#i<l4#gczyT2F?pKZG42i>l${(5rpc~7$4
z3kvGnVxn(T=<3aw7N4H#BPQDMb3C*%%+{E#{6{H@iJ5vU##dg+6nAY6p>Z0~KQzgq
zem_na@?d2VM5yCyo<$NEzbEpbeYOA=!JcpnuvU8vz~cMlt$(~3LE1H(YzHUfXOw(w
z#T}ig67!A}8woGXC4%7^{Dqnt#4sYeJX7U$Wzm=xGBN03pGf8a<QVlc*`{1_gS4Lm
zNhfeBw>6G0M|%F|ak&48teb24(YQEU@encuvqfAuOhYI`n;%U*EpyaqW<G<X>_Ni0
z6+JJ@$B07M-wA#kan<fF6Uw7~8-JBMuPy5f7fT2(1mw>=UFD3X7No&cg&k|nYQ^Cf
z4DJ&zV60&osZ%&j=Ydb{h0@yt!rj=%7<-Qv$bF)}zAdGN6!O_zvj)eDoyo?!kxwaY
z)GH>As8%l683Yw4Z*&!FjMk2XDs3%ZX%)8aFj(>d>h9G(e*ktx3<DylPPvemVzVYD
zw~z~2NFFQC6B|dd5xHnXyFJb&k36bhaFwrY5KkMyIZ%pM00*&cg~sw1=BSv9<a(G}
zw`P^bMfPrSz^Lt=&<Tml^cI#4QMAtD84Ci9t9($ziabv1QXI%|;0*cKxJVf)+N||c
z{3u8jS;Qd?m|;CSF-lRY`0ZN*M%$)bqs4H_E`37_eQdZNtu*$}M8hUT8FGFl5R1eI
z4ATXdNHcq|hnUpqvW_`FuP;`Q@hhv=T%mL}<{E!{{`~bsnc^Ql?XJ45_vZ_WaU)@|
z@(8LYP+YG8JoFKI6(aJ2afJD?ma4Tj*E=j>rDbh*msVx#Sg{6-6p8}fMKSx314(w)
z?Cp&$@))%HNq%4UG4SnGm&sTerE0O>>8=)U<w2~8RBj$W<D8nBKEP`|YV-U(>?78l
zT3q?iE=>-QYzrHMj-K&Jky2bkO96+M^Btaya@nsN$s%5p&ZDOFw9?D%E?rO~WIto4
z-!Fkl3dXo8&tji0jVdR$L94*{(hhV%&R5zat0A%#pG0$D<C6&5+J&>5r_RlmYxDF~
zxGT@Xd0vmuBoq3w-jRkKFNA?XGd>Aj1T<JbmF^FmYI#rB%tvQEYcq*ocL(C72Zy?X
zh}E|X*`A}6e!+J<{x4RfQEfCs1H*(l$ADO~&6%gTLez2SUk7AGe90Rn;hyv5EEesx
ztg6N)|4Nci0*X+!4kd4P$P9BYVSnEUbRvXxJG21sy+qvJq6!&E<KFC{{s|k9+BxlV
zVfv0CSbIa;;pwV8O>a__8GHJY?qR^WGE-pHiI?FyXnlW4X$;X?iH(Tw9_&+W*mda2
z4oF;vTz7=oKaXLh(&Z1dQWRz!ohE7j;3W;mrnMf{jjdF1B<L;8qB2U4h^d_tnXaKV
zw1{N&4eD;1JDw&0ZgsF@?RmHZV^_u``LDVj0AP=zwmw7T$@BM=i2mQhLO+v8i24Bj
zFJ-mR$!rTJuZ;`V4kQ!TSw;WXcA@WgKsMx*mv9MN(YOUaF4g8`e9P<!Wwu%O@*y4y
z?g4&-hg>QzdTPk|EYVbF0LQ^;(E=&Dq)^3~k8UfTTO3TVz{0?FLV<vNtc33|(d*7`
zcNUO*DCL?Cb5fuQZQ)c<l>#sEBLC_4w<DhF`WdEXJHH}zQ-(=dL!gVBp{o-w>4+*!
z@u&BQXDq@nn$>?Dv01hYc3-1R-#cXqTC+5gU<^iI1CQQ!@AK=D7Eg97<gvY)URfLm
z_&J4c4=%cKc|92H70oy6haJqiyGy($ct4;U*8@sf)yLsDHfmlNun}5rR2yA=^rok;
zWfrPCp$Fk&o$#kpegisrqqk=z^-mqgNWZ<U16-B~E(#9<z)<f9HAmc8`q=4}5D(&;
zE;C~f`CEngQC%7uQQap)Y&|sgGItKU7yy>$FfYL}O-B=6;ENg6wx*bTKwksr)fUl8
z&lpH7QDC}QzH0EsX&=6)=}dt@E0_P6z+I57`WHJoeuJf3YY)HG1?c=0ha`}jj8aE+
zJcWH-KFo6KQz^NT5;Khh*tOS10V#Do<Pp!`TWbAD8q(UzH*ONGomR=fq4$cwlK5pa
zRkym-q-S%bp0D9<IwN-*cGahK71gP|R@Fi5J94PKJscJ=1)bt$l{@Hjdv*}wZTB?A
zK+#_(6r{rC$n;oUQ{Uls<og4E#6%+myIb_(X{%XtXu64%K?C8}F8VpeD+u2{FfDE0
zyZX%REvA-|tg`<gyA%9kkC+$XAN|4UNt-=rh1V4gefwri7I6%If_Zo_Kitrw_bUBj
zDog5k-K(dkY85rEbW3|bN*~Yvm_vgfyd0XH$Oc#4z#QM|7<(bfRT`5LlC<!aL{%|>
z8b#G7#!{uHIbxpqt$dqvw6h>H!fRs$iZP*FnNrFt?p3fBk&)GR=)d0Pw?Y6nV+2zW
zW|}|_y#*VXX5*8T8?SBBy(EhR;0$mN#CnN$Q<2(IM!Y!BM0nL8BW++#PTGl)5Mq*_
z@=p_i#+fo^>Dz=|bCS~O5~}G*@r@~+UXzy&4JBP)ERPe+fnOKGLR7J50?}4@mx!==
zN#O5ksJ?$Rq=E!U%D#7T#yQ!BiGdoltf7<4**Z}$1w)#f$^{5so%@KGH+WI{cSW_<
zOyw<90#k)4I&2O%!V>*_@;Y|z($SV#rZ?JVGWS5q7W;DuV1{>wt7938^vzM3F({l@
zLoDNF0PXm-C19(D>3G#13yaz{FEZ4dt&cb?spA(98%d4`Q>fzzWJ(0|oser9?J8Ku
zF4s$e3eOoJhW7%yH?VK0s@H~B%>COf@8Vhgh6cPA6;L6CKw2ARq#*geYQ^NtsF7gC
zMar39K1;KG+0Q<FNEuZSBm1*_j;3?`zF<_XAm701+j5-BF$fLR^4SU)%v8Ek3$iXy
z>bng99T^h*`(xTuM6(b?ImElI_0Pk6UY4?b`j?&i(PRn<lIBIje;(SEuZ>H+Y@@YJ
zz#>2s>nAz#4TmdGpw+eX2hpT9UmlBR@b?=Fq0yKs>9MQh<1?HM-))6+kbxPlb0s`z
zPHeqrDCu14vRpXO`}8~%(jEsGBQ%f(T9?q9^@Z!VK<k`n9x1Ycm_N&1ZPeKXBSwOc
ze{hJ|$T{b3I4O7yc~14K`C>BIW(Z`ZV-?a7j~o={mwwVK3=iZmIJiRP55Z)bJdH|`
z=WW(JU?w@EPe8p*bw0&|=M!_mJBr5(E~l(C9<X$@+p{sbO?Ak^*d5`iTHJWx>a)nq
zi~RyKfSGWoM}Q`ScZLN-kd|}CL)tjWz*7@#$7=yRpan9+n{NPG6;`p-^|Y_dv^Dtc
zaPSfp+^w9J9y*OtqHJ52>Xn-w9_K;)s&SGN*<qn+HlNJoSeD_Nn?KJI@WqRFFfiR7
z7no9HW4-$nDfjGXLrtb_h?rvVTYt@y9?*sbhUT4;n&3(WI?&V=91IqFQ07U-0w64B
z27w@zODRIydhk>59g0~UHH=Jt=ev=)F7SXPT)-qQ8OqOaaMP`gCB|D7MYgu)&`{}A
z$rvz!6$rkU<Zk|blie%dZG0ChCrcW?n8wvT;#jsVJ17N^+ps+#8yY@#{FGjvWjV+^
zvTu-Q*rIQA5IkqhQ4;{@mnWOZ$4c{n>cG8nKAeJF)>N^Tv=v6PeA(kqMP>*&=+24=
z*Qk_h;3lFwy(b5kiZ4`>X34$L$7L9U>~oL$1OhYYf4wj-vAitbh!Z-M#SE~fybW3d
zrH0KyGv2`$*0S&+6(q#Jh4aL)lvjyRRiMJzag1d}q-=@>57~Jf)1k5oS4az*1$0Tv
zo|mzC6w11$^LBm<MyWch0w(F@W=Dyx*#7f+iioLNwgNr$0lg(wnUSB&w1W@o5OOYA
zF(Y-jCz#>ZN^>b=+s7ST%T`{m23Rrm08$lUxlv|mIsmXv4-@3bz@PNwl$Pz`<pK8K
zMV6Y>(tcGak{t9g<mFV3FiPL@sJF8otSWmJ4HbiRuiC94mOTPZ%5`wbi!!ZY&81cG
zL3i`|Xgq<}rc<YY)7CB2)&dnI5Z4?XqVU4r(_vRuzY}|3SXJjPf=1UVN4ZuoU<h!g
zU=7f*UXe`}u)=Y{zB7H!))1k7jmLV`vLy9wIQ60o2vifOXG5ST22V2@@z=<Yo0Ecc
zxF3A>-{lBQvt&WVh`;D)Mu}l>=Z!}Wqd0HSu9O6-KizU^C~7q9LToLlWtpjP)XX2~
zCx#K>NDt`AirAHU_rMt_PM+H3o@tJ)Qg&Ww8I*h+@oQnMY8dr>@sS_)l_mn)@!Q|U
zU5*u}*Bny(UT?5imX2_>zR7Cu1JJ(#$}CR!5LF0_t$=M)mZg00IZ+6CNkCAa4^ZwY
znNfzG=qq{1>s!cp+bs`7_nXfEhs@a%#JMD42>;cP?A4vqBr{u!xM<#)lWCuqorMOe
z7edl?k`EMCvOa+ML0e}7nzmEs=pa;i#N(UT;iv-209N4BjF-6!M3kl>Rj&gndwi@$
zYbXuFbGUzAyBj4x08wYbIt65^gXcdY07*Q?GKt_eq6MI1PKi9zMgPT+S|20=nS<1y
z^WZfAj?i^tETY<kp<p@}>u!ClP>v|K#GFD9=li!bsy3pSeUt*x%SA`M2I3%)fMef^
zU%WKZT^r!PI)u;*C^&v;+10<KwR9bf_NpdpkH*lOx`_eqxwvNWjZ&2OH8cm+Xi?S9
zMGw0O`ak%$kPeZY0L%#Ej|N9%yEmbpavc;(rsRPz4Mv9WDnqIet&;*c<fJHqn(w;~
z5g~<T7~xg*_-X~t|0j~<lfT8=zmN$Ds;V))k$W3v55T30kI1WKOONUfencMZRTBsR
zo0*=oiAIT_f+-fadH#c*R;4hO91Z!xzcw&+ZWt;hyOQJC=YC%|-73`B(=K{L4+ln(
z?ez#-Ogm*o!}K(amJF6`4j-5k|L#ew7dHMNZ`1=WkWV9i@4$kSA{zFkq8FY5BO74J
z*V<c5@Z18?GSg<P)G#Y6VwPWXNKiDtpv+~b%T04PC}TO)<mhyLlZk(Y{?F?-+P<MF
zKh;aiO!Rn-IWyEq20+zjQhO_Rseo6XZPF$sVvbkZMBFc*`hbmSZUq2hs}-0Ar2&?J
zd>xEnz=X(Exbd1Cleaaox&bYlg^Ii8`VWCUL!`hY4?8@Dg-8GTJ#0+9SOfV%aNXO}
zcnMti!_x3GoUH4)jH6p{y&7ZqCqL#y3N^<mej8DiZg&$J%wOl0SKaEET?_7v3z~PO
zLelBGI=@X-#nuI1W>I#qu^X{@cY$`mSOXe)cC{oHuxIzZX-T&)t_AzV*3u^%dX*-R
zd{WiuD^HxVlaknwHP-MGjV$z>VOnOVU&6nppU!;^Az3%=lX00i3rVB5b^2as!#J~s
zxgIq26s6x+j%AA-Mpp3gN4eQE@IO+qUUNY_TznX=phsG12J%8VRET~V-dR}VMsr~R
z;wUO^MkGIeVDHAXo7iyeOaVy`u^C76HENE}dI6d8@sB6K0q1-Imzss$BKKh91};S*
zsU~zUpp1H3tW88%llI0tkT3>LbYXmNnRr%mt`>mP_AjjS@mE;aD)3X1?U3UB3#`cm
zokHpXBWvrP0-JhY)Y&Aj!4l&kV&jq>&U-n*nZkkMZ2{pGlJ1;TOC&9!On`o=6tLlq
zoy}MCwi1V5uV<RsH!@co7v%S5lP9)c3@~CmA3@ifL8C8X0{RfKmOrn3=+Vx5R(JJE
zqe<rsx-~>CaIJA-3pTu<0%G5Y_y7kV0>nI|N#U#50CHu52v1u$mlU|OHnUqa-z?~p
zhY(=`S*hXq*`wlIF`J5|p}vUgc7h*_6k#Ak60fNA1f|9sNmgWJ;ccyhXJLY;5RJ>J
zY~nI{_)Hl%i}66e$XM1aE7c+Fsg6~m-_6E@!>{d@az$?*#KNu?4Y2r*;+CMokZY&z
z?hkax;4MfHHe(D<V>Z{1<{FIZzi(Tb5`gEiN!v5DB5ZvyCc>tth6YnyFPOZC358w;
zQ#k+W4vvZ#vW_yG=MedQ((1v$p0x@L%Up<aOTwD8Uv2B9W2}*8xj`t+D~ji?_XAth
zyw!JJwVkkn7vwlx5U4^rpK$E;OMla5dv7={$;o+{{umaJQhIT%2waVdL9It4{nz*N
z4WJCsh6Ms_p!ffKMV?yV8_F@iI@0qtu;1}JSIp%NS5wMgK3rEY+VuC`|8>ksQqEjK
zuF`<8mjh_Lc=2#Mrt`zP%TN8a8sM|d+`ke}0MlBUXj0aD?&bi{sLmU9bhsszZ5w>{
zL^|@eQo^IE-=y*y!kj4n{xv%-{eCn;E#|#ccMOpOVg9i&!ptiC`d}gk<kFP%nAy4R
z_OV!=9U}A(b{XjOIaP0VG8}(>8H2o2vDh~m4IM_LRt1XM2D~Sv2d<J7i`;N|B0+Lj
zLwLReglzSX9R=MyR0MibZ$Li0O&Md0g#gRS1ISm-ojRXJFKi?7*hHWU)DSKJ)p3rz
z*Xv51t(cm?ea`*okFxdpz6GJ;Mi|%sQAT1=8smsy6P`dGY-6$I+Pp%{H^rd(&M3@|
zl3;<}=Fr)bK@BZi2kk>aS!ZS@dZyIrvUkS<bd-Jd(EEtbcE)f(-3?pIqcDrtK74p?
zeggx=ynhF197K+Xe>{5i^vA`_eXFnW@FEOKfp(4n9Jqa6yinB+fSSQ<7MLDhv{tZC
mGZ;rb|2cC-QimIijPBtLPvgN0+w&^znfzdP2&J1H9pF^}i%DYu

literal 0
HcmV?d00001

diff --git a/systems/hikari3/web-development/default.nix b/systems/hikari3/web-development/default.nix
index d7e33ac..e69de29 100644
--- a/systems/hikari3/web-development/default.nix
+++ b/systems/hikari3/web-development/default.nix
@@ -1,168 +0,0 @@
-{
-  pkgs
-  ,config
-  ,lib
-  ,...
-}:
-
-let
-
-  mysqlEnsurePermissionsForDevUser = builtins.listToAttrs (
-    map (databaseName: {
-      name = "${databaseName}.*";
-      value = "ALL PRIVILEGES";
-    })
-    config.custom.web-development.databases
-  );
-
-  mysqlLogFile = "/var/lib/mysql/query.log";
-
-in {
-  imports = [
-
-    ./lib/mkcert.nix
-
-    ./projects/service-wrapper.nix
-    ./projects/typo3.nix
-    ./projects/customer/itcc-steel.nix
-    ./projects/customer/sa-frontend.nix
-    ./projects/customer/sa-sa.nix
-    ./projects/customer/reu-reu.nix
-    ./projects/customer/wm-interdaf.nix
-    ./projects/customer/wm-sozio.nix
-
-  ];
-
-  options = {
-
-    custom.web-development = {
-      rootPath = lib.mkOption {
-        type = lib.types.path;
-        default = "/var/projects";
-        description = ''
-          The root folder where web development happens.
-          All Projects need to be placed within this folder.
-        '';
-      };
-      databases = lib.mkOption {
-        type = lib.types.listOf lib.types.nonEmptyStr;
-        default = [];
-        example = lib.literalExpression "[namespace_project namespace2_project1]";
-        description = ''
-          A list of all necessary databases.
-          Used to create the databases and grant permissions.
-        '';
-      };
-    };
-
-  };
-
-  config = {
-
-    services = {
-      httpd = {
-        enable = true;
-
-        user = "daniels";
-
-        adminAddr = "apache@hikari.localhost";
-
-        extraModules = [
-          "info"
-          "rewrite"
-          "proxy"
-          "proxy_fcgi"
-        ];
-
-        virtualHosts."localhost".locations."/server-info" = {
-          extraConfig = ''
-            SetHandler server-info
-            Require local
-          '';
-        };
-      };
-
-      mysql = {
-        enable = true;
-
-        package = pkgs.mariadb;
-
-        ensureUsers = [
-          {
-            name = "daniels";
-            ensurePermissions = {
-              "*.*" = "ALL PRIVILEGES";
-            };
-          }
-          {
-            # INITIALLY once change dev user to be identified by password
-            # alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
-            name = "testing";
-            ensurePermissions = {
-              "*.*" = "ALL PRIVILEGES";
-            };
-          }
-          {
-            # INITIALLY once change dev user to be identified by password
-            # alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
-            name = "dev";
-            ensurePermissions = mysqlEnsurePermissionsForDevUser;
-          }
-        ];
-
-        ensureDatabases = [
-          "testing" # Used by TYPO3 functional tests
-          "testing_at" # Used by TYPO3 Acceptance tests
-        ] ++ config.custom.web-development.databases;
-
-        settings = {
-          mysqld = {
-            # sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
-            general_log = true;
-            general_log_file = mysqlLogFile;
-
-            # slow_query_log = true;
-            # slow_query_log_file = "/var/lib/mysql/slow_query.log";
-            # long_query_time = 1;
-
-            bind-address = "127.0.0.1";
-          };
-        };
-      };
-
-      logrotate = {
-        settings.mysql = {
-          files = mysqlLogFile;
-          su = "${config.services.mysql.user} ${config.services.mysql.user}";
-          frequency = "daily";
-          rotate = 2;
-          sharedscripts = true;
-          compress = true;
-          delaycompress = true;
-          postrotate = "systemctl restart mysql.service > /dev/null 2>/dev/null || true";
-        };
-      };
-    };
-
-    systemd = {
-
-      services = {
-        mysql.serviceConfig = {
-          # Allow group to access the folder,
-         # to allow users within group to tail log.
-          StateDirectoryMode = lib.mkForce "0710";
-        };
-      };
-
-      tmpfiles.rules = [
-        # TODO: Improve handling of TYPO3 global configuration
-        # Current issue: The files are copied once.
-        # Changes are not reflected until reboot?
-        # I can edit the copied files, but need to keep files in sync.
-        "C ${config.custom.web-development.rootPath}/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.config/nixpkgs/home/files/typo3-configuration"
-      ];
-
-    };
-
-  };
-}
diff --git a/systems/hikari3/web-development/lib/create-static.nix b/systems/hikari3/web-development/lib/create-static.nix
deleted file mode 100644
index da16ec8..0000000
--- a/systems/hikari3/web-development/lib/create-static.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-  config
-  , domain
-  , relativeDocumentRoot
-}:
-
-let
-  documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
-in {
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      inherit documentRoot;
-
-      extraConfig = ''
-        <Directory ${documentRoot}>
-            AllowOverride All
-            Require all granted
-            Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-            DirectoryIndex index.html Index.html
-        </Directory>
-      '';
-    };
-
-  };
-}
diff --git a/systems/hikari3/web-development/lib/create-typo3.nix b/systems/hikari3/web-development/lib/create-typo3.nix
deleted file mode 100644
index 6b846e1..0000000
--- a/systems/hikari3/web-development/lib/create-typo3.nix
+++ /dev/null
@@ -1,132 +0,0 @@
-{
-  config
-  , lib
-  , pkgs
-  , domain
-  , relativeDocumentRoot
-  , databaseName
-  , php
-}:
-
-let
-
-  documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
-
-  phpPackage = php.buildEnv {
-    extensions = { enabled, all }: enabled ++ (with all; [
-      xdebug
-    ]);
-    extraConfig = ''
-      max_execution_time = 240
-      max_input_vars = 1500
-
-      display_errors = 1
-      error_reporting = E_ALL
-
-      xdebug.mode = debug
-      xdebug.var_display_max_children = 2048
-      xdebug.var_display_max_depth = 5
-
-      xdebug.max_nesting_level = 400
-    '';
-  };
-
-in {
-  custom.web-development = {
-
-    databases = [databaseName];
-
-  };
-
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      inherit documentRoot;
-
-      extraConfig = ''
-        <Directory ${documentRoot}>
-            AllowOverride None
-            Require all granted
-            DirectoryIndex index.php
-
-            RewriteEngine On
-
-            # Store the current location in an environment variable CWD to use
-            # mod_rewrite in .htaccess files without knowing the RewriteBase
-            RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
-            RewriteRule ^.*$ - [E=CWD:%2]
-
-            # Rule for versioned static files, configured through:
-            # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
-            # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
-            # IMPORTANT: This rule has to be the very first RewriteCond in order to work!
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
-
-            # Access block for folders
-            RewriteRule _(?:recycler|temp)_/ - [F]
-            RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
-            RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
-            RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
-
-            # Block access to all hidden files and directories with the exception of
-            # the visible content from within the `/.well-known/` hidden directory (RFC 5785).
-            RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
-            RewriteCond %{SCRIPT_FILENAME} -d [OR]
-            RewriteCond %{SCRIPT_FILENAME} -f
-            RewriteRule (?:^|/)\. - [F]
-
-            # Stop rewrite processing, if we are in any other known directory
-            # NOTE: Add your additional local storages here
-            RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
-
-            # If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteCond %{REQUEST_FILENAME} !-l
-            RewriteCond %{REQUEST_URI} ^/typo3/.*$
-            RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
-
-            # If the file/symlink/directory does not exist => Redirect to index.php.
-            # For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
-            RewriteCond %{REQUEST_FILENAME} !-f
-            RewriteCond %{REQUEST_FILENAME} !-d
-            RewriteCond %{REQUEST_FILENAME} !-l
-            RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
-        </Directory>
-
-        <FilesMatch "\.php$">
-            SetHandler  "proxy:unix:${config.services.phpfpm.pools."${domain}".socket}|fcgi://${domain}/"
-        </FilesMatch>
-      '';
-    };
-
-    phpfpm.pools.${domain} = {
-      inherit (config.services.httpd) user group;
-      inherit phpPackage;
-
-      settings = {
-        "listen.owner" = config.services.httpd.user;
-        "listen.group" = config.services.httpd.group;
-        "pm" = "ondemand";
-        "pm.max_children" = 15;
-      };
-
-      phpEnv = {
-        TYPO3_ADDITIONAL_CONFIGURATION = "/var/projects/own/typo3-configuration/AdditionalConfiguration.inc.php";
-        TYPO3_DATABASE = databaseName;
-        TYPO3_CONTEXT = "Development/dsiepmann";
-        TYPO3_BASE = "https://${domain}/";
-
-        # Used via TYPO3 API, expose
-        IMAGEMAGICK_PATH = lib.makeBinPath [ pkgs.imagemagick ] + "/";
-      };
-    };
-
-  };
-}
diff --git a/systems/hikari3/web-development/projects.nix b/systems/hikari3/web-development/projects.nix
new file mode 100644
index 0000000..c1badbc
--- /dev/null
+++ b/systems/hikari3/web-development/projects.nix
@@ -0,0 +1,23 @@
+{
+  pkgs
+  ,config
+  ,...
+}:
+
+{
+  config.custom.web-development = {
+    typo3 = {
+      "daniel-siepmann.own.localhost" = {
+        relativeDocumentRoot = "own/daniel-siepmann/project/public/";
+        databaseName = "own_danielsiepmann";
+        phpPackage = pkgs.php83;
+      };
+    };
+
+    static = {
+      "tea-docs.typo3.localhost" = {
+        relativeDocumentRoot = "stuff/typo3/extensions/tea/Documentation-GENERATED-temp/Result/project/0.0.0/";
+      };
+    };
+  };
+}
diff --git a/systems/hikari3/web-development/projects/customer.nix b/systems/hikari3/web-development/projects/customer.nix
deleted file mode 100644
index 3955ef370efc658559daeecb3fcdb907e5e3cb41..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 707
zcmV;!0zCZyM@dveQdv+`06v$dk1jF|0ZWk-M+3DbI!V!BrkanynyhJ3ZvhPOspsXi
z`0}ACTeQBccvEHgfH1Oi-QY)0?)wRP3+rHm1^iyRD0A>ZK4zWMw4w?0{Zzd??U@V%
zkKT^kwsC)(@*ziA>>jVwnFKw`uE+JI3V}RsoETw7jHKHQoF)oemRi-iw>9Sp6CI-6
zfpHgufbYwVni)_~%CGG-w~Rux;HRk&YMFsMFBN|{Qp`s*(+KVuqVI7suf#0!=x}$t
z7z3HIi`6uE&N&<C9RBkYp}9&x5>w4}<0upgl#*QfwUe}J7ZI|`VR`9stH0wQ2HBAD
z@rF9+@qbjs0h!d@9xs*tKz+}DyQ()Tw93?MWjLG|bYNcB9R>kq$RDZ=;wr(eXc)E|
z@$cS0^`P|!6FNj*R}sHgu?e4pUTJB3I;T~+T_9_XByEh1t<4@S9Ly;8V}D+Llx-mM
zK$FRpmGf;@&lX1@Kdq{S>9?4kDV0Up+Ku)HJW}`c5^^y2Os%OQN&&iHGt&T?i7$PX
zST(N{LkE>f2{TVCw_asuRM0%3S9G=5B~R=4ANIol#>|ff>Lhr-z7)vd+}$#WsnpVx
zhpnBWySIjLjkYe1_H)uC4N~=*ch?9Dv!{E{JCc!u!=@arD+<0L5dbybS~!8+2|2bN
ziXvLD<bWAp!oz(7R1{Hwl(J*wn=^yS?<Z&GufpY6P@3Nc#u5*Yo%iNX7gM~&hH-9e
z9ANNPTDQyj(Ca=ihuu<_qPZcu9tK;J$Oxrszb(gX>Ja9u4}c}tq}eGC)P&LApwaNO
ztQ=qiS*EgG#)ej_>(?9)Ew+{&1T2sPx&v2?@{}`-IpW=?ADS3D3LauBL}DB2QD<B<
p@rEw;;ndI8v>ZEWU;<z@`U_~Eewifzt||UL26nfG%9u&RbVOX$S55!`

diff --git a/systems/hikari3/web-development/projects/customer/itcc-diginno.nix b/systems/hikari3/web-development/projects/customer/itcc-diginno.nix
deleted file mode 100644
index d81df0ee053e04779ef9315dea2ce043c72d6ca6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 516
zcmV+f0{i^{M@dveQdv+`089>4MJ!!v%WnoT-1^t6V}6G?1o_|XMCpbo;6^mVjaC$p
zn3<+I;Cshn=4+9T8gNdR-o1AwTz|EsiEY5K2IX55S|G~~>-O{1(--lwhjajY(^@bF
zEd&l8PV=H@AB8VvxSgbe>za?6;Py6;w`}MM{&Im}$CA{Bh!z|0gf%s=RxX{pU4j>)
z0OnDxdXUt%>4fP2Su$0a%U8ysDPF^AEVkb=uC01uql(P$B1EU3an<2*X-#W@@wXj*
zTZZ9soVh$Oq$=Vv!?vyqXNvOGnD<eP?<EgGfS~*BJV8C~D+Ik&Ln}mS1GAmip05pc
zp#QHSk(43?!~>Ad5rjU>-gNP&S*eRqnUk+lmBwbtu5MXmcXQjv@Q!`3)-=H(<5hSj
z661pgFfZINp0!ih5EZU%i?$tP?~J9o&HF<ykVdug)IJEg=2(+v@r&PJtUkpsI61Ro
zNe2)uTJh&hR%6C3NUu28*!#FAPHS2f`W7p75o_uT59%OXsO`@eo1mGKO*4?Hkq$2)
zO^5mU>tp0fIt^hjUI^O#v~A7gIuFw)ky^#}zi&;D^;iP^E8J-r;RE1HL-{H3X&o|n
zpeyMU$;toc$flD&mK}t7=k~^*5_~4_7PT~jplDimS|eI`iGz#H;Ss<Om96AXGJA@N
GfC%(<Tmhs2

diff --git a/systems/hikari3/web-development/projects/customer/itcc-steel.nix b/systems/hikari3/web-development/projects/customer/itcc-steel.nix
deleted file mode 100644
index 08bf4080dbca5ac3c22114cfef81a140eefbcb94..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 508
zcmV<Y0R#R3M@dveQdv+`0D7fB=-lP9Y}Ln_l_?iYYpp$`K+2U(3s_SdHb~o5%&i$@
zYoGZJX3jSSi8Ygl_d~AZr`PAh(tlKyQ{6mSG#yD1t}-$w0S>#bUK_B=E(~cz*zc&y
zWTskk2T8!1%rSbV+R2a73h!jfw&eynyTOtCPENOCpSZ<p9V#_j^NbG9XQi2K;Ku-%
z`uQEO?6nfm3+%1pfE5Z=LnyVid?kG|8L(55c<L9OtBk-uVEp!ZngsC{HGbb=D8PBn
zAMqN$+6*nMX<gi=eq0niEW+l_j4?c*SDh~-k|lt4f)oQkS8GA>(F1R<xw`!Hy6@bA
z&nXdeVSk2RGG#;;P4wb*MiQbM3q#L}c@sU=J^SBADgKkC`F5>XU<O+W@svba+!wcM
ziEY}1M(|l6`vV~s2p58~vN^@i&b@+EZdv||Ck6Cg3#Sdvm<#A}HOjh8!B)8o>QsXi
zj_2(|O-($<7=j+@ll&sRZ23m*n<X+ep@oRBIQ(dR;Mou6CQc(XOAD+j*@CGI&X~yG
zLrGf467C9_t&(Ek4A%#)Y&TkUcgSVRC9nhLCA1ozwUQX>#Bx<`{ufJ{R*BfXtWtc@
y&wLvFhNu$-&XXGfcNd?lRf8j(5S|>kvTcwzWSkxvBN7eI)wBpMu!p<VvYUBGoAZqT

diff --git a/systems/hikari3/web-development/projects/customer/reu-reu.nix b/systems/hikari3/web-development/projects/customer/reu-reu.nix
deleted file mode 100644
index ac49fd5490f099dc8714a052a8f980b3043f26f0..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 740
zcmV<A0vr7RM@dveQdv+`02;`Xl?PEUxaHmbE-_D-nv-k_d8D?T!e}&+Xb|Q_@RDsz
zjXwq(!|u16-@RR9_lQcXgb?Pe1YaGM{mAR^Gr-|flm`gLWS0$mK~ThSTDL5GL)q=p
zDrk6@qiF4;cP^lXM@a)zs{YRCMnWX4%B;@0HH3vm&LDITBF@2ODtJiMBTU2abHNze
z57>E7%J+yjcd7sYHg9dHLQt?TZ|1wBmZx|4&qePDyqZ--p3fFhK1?eva9h%n1Dz<X
z*Ma$SNoYcvOgr#}a4#rp?xvHsTVZ#Bu3%GMVCRgb+|XsQ)??E9>7p9&IVH?YQ)D^C
za0NxrrJ625nkz1bN1s`c_t^fv4F0+sf`wII3BLi`B_;FvD(q!;+ii_1^;V1)N+jg<
z+!nqHkKHVZo?2-!Wx`f9Tpv6O$@Mnhh*;@|Umb{I#fLc}7zRy4b`u-GpDJ!X|7d&n
zxZXeX@#lr_@)@oMFH4?Thf%eoi<#RtUGz%YpeI#Q6uho<&Sm0OyrqEMDKGz1BR~@c
z-1{v4ov~1gk^b{WY{=2wnrvlE2XtC5&EBk%><&HWoN@EjZS$TqPW^(~h2L6tNjy_z
z*tXSQRz3{Bo0EKQ-r{3~`r%rlD#R`A9@5=cw#-7g^{n`BSC=+!7zv4T;k51^y2$>n
zK^4?g(rE^kCi)0sH!K+cCK~%7=;1S|NJY%pZE1r*+Wi-e_yp`CVWppXk+8>$Amp@%
zeM2@^dS;cTpWxRsewVKoqw%)g7tL}aoE%hbB=BG8coheOmhW@>u=x3cJzm|sgt|+<
z&&+<et3)a`q%SSjwXn9Bkh@7M^lB;b5jvM41$k<9sT8PfV>`IN@+j)oF^~`wke`Dj
z<AEfgKv@L|JGg`A-zVQ3Q<ELeRaSW<^@jQ*SG^&F?y{2G=?eWilJQ&(R^4T@Yb;6T
WsAC;bO7d(~T@qB{R3cn^-Pfu@D|55}

diff --git a/systems/hikari3/web-development/projects/customer/sa-frontend.nix b/systems/hikari3/web-development/projects/customer/sa-frontend.nix
deleted file mode 100644
index 9b1860f575a86a9dc238e50178d2d9bd9eaf913e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 243
zcmV<P01W>CM@dveQdv+`05z1#sC)2{X}&Z{D6GV#rTz9@M$jH`Jf?hz^x}WN#|~&@
z7Oky|hGEhPxBTiF3}76n9P6H9e~)$3{8IajMVdN5Pr9M+;btdHN7gI^{Ker__nV|G
zpW1tQ9{6{iZ?E`f)&yy)$yT#^eJCtk<-u6d@8Jh62uCMfdxZX@O?OW(?D~eT*@1Kp
zY)97xQKWJgnB6lRd6Dt1aNKpj+HuDT2CtNKxt~pX?xSO`7%L)|O=tw<m28CfPnve;
t$<Ne6)-T2QQGl79`$-(xuWtYfn}i)&MBQk}ba1n1t&a9z^I}AFiY9GRd)@#5

diff --git a/systems/hikari3/web-development/projects/customer/sa-sa.nix b/systems/hikari3/web-development/projects/customer/sa-sa.nix
deleted file mode 100644
index cebb4727bb9669a15c948dfe9bdfa0930ed5b557..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6799
zcmV;A8gS(RM@dveQdv+`07)YhppDekT*sFhfQ1Tx=zYeis^H~9HrF3rZm13lAIeFx
zMZS4-rv^PoYvFT7DLw-xJeGSnVPK#`OX$M0@=tu24fSkHcM>XF6-!r|#w>9G(vC9+
z{+7%0MDUOczO2lr0l<07nv-ZB->Gvjicz2b5H5f%#nN!yWZ1P#m3$H4hm~^o*haV}
z{uqH?U3#1N|IZ#)oKPkXv{{098C;zBWf3v<wCG7SUTx5L@=!8$9p6$VP9WaA`Kq!T
zRRI!F*<`^V^b%awq2_7Rc90hxE>v6g&V7o0eCcskn^tHbn~4A{Q!_N0aG*W7v8dBd
zVBt(b&62`xkx4ob6bbDS4s0d$Fspi(!7%g#7~k<YG}_NKM^W`N$lCT6l5c?OmG8Uu
zdzH(Z*IWDKvoZo|Xgi3=e$`!dXP>rk<3&vDuGpB+)FNu2Se+$ms!93r!LjWX40%_z
zENo{t4U^;XUXw}V7Q;}~J?As{dAx;zYa#>1cKKVyaf~e7!)Yy-i&-7qN9{bare0f&
zmYM&IVMk3?r^W46z!J=36l=7|aCf(rLw!=1Ukou<qmeO3N*ptIDHSB$X}{;_8bfF|
zw3=2eiY8<LORwnEvKKAPPnNs>O@zAB{qd?S^KlU?F)@ZnBl*fce)FgCtl7MPFT~84
zz=Q&0u9BJAY^Q1Q4ja6$<Vl1lUy%Ko<sI<x5ZoeLnS3Y+oaM5;<Sx$b6FQ}Wr_Tyz
z67s7~Awu~GMd;qjn+9l#e!ZBHoF9iMkap7@!J_KiowFp{nN8*$K9EckLm!HPMU)CO
zg$5=&@`Opk%&;w&4!>Q8;d{76OJ-OtU!N!Ag;q;tzU9&y9O_T8SWR~=SsVEXsxvC4
z4(Hn%HQTBgM7$0Y1rm!wDh{4qMr2rpvEed2u#UL;6ntMW>}il5eR#D5>!$bQ3|^se
z33~8_iXdBV_>6zq;1_7%Nqd?on~QUaqH&D+;N!^gw>ra?dg}w)me(o9pY>sKLQ7#l
zx#=G(DlfSz;3d_H%V;2ap)6M{l))_7YxECoU)p8Dy@!r!AZ?{^GF3+)%<Jr{6B+6h
z+W%e0y~VLCu@@M}>babW&9KTAypVM3OHc#Il3!*=h-vr_^J{(=<|Oyr5Y7hv*7Es2
z={=zf0N5pRu=LF7l``L{bQ|nVydOJX)Vxn?r2(l>ag+!t_r=Z%GquP5jA*&tbA<5d
zU$oTV=8$K}y1_MDinhc|EmpMTXPbCfnG`9cYo=F9ua0PUC<a9^ELuruD2)mNEsj5(
zLMKrz=&r2Cxll3lv2I0k8&jKc6@}+WeUh-9$+<9TM~7lUHt1frWg8mzaC|3!EA`(`
zv|l8Qpf%W-<{Kz&I?Hyw*E#Hp+hyuz8thJUI;Er4|BYYY1M}X!wvWhnxgfiCxYU9N
zw}QwaJ=!RZe-4T?^BAOlI|#et$Gn?If|;^`1c=Uo118d57&rD~2zDORx4%%B%JYuI
z(E1YrCk-2;X<LN025*l%1W9CM;q6ZveZ@DUe-4>x*^X+AZEf;39V>}u(P0P@pLbno
zr0?`;FR7ygF`X)wPfk*@OFlykdoZOY2La}jYynMJ2_<F}Rz9q9L15Dwr~TM|=$bh|
zNF`m8+ZBR4dy->ZR_i21EQcOStmD}hYuoAY<MNytKC1vwcC-F;N#zYMb(WOg$eQz-
z!p{S5-?FOJiKlY31}-40ct_5_rVs&|KN174s##|5`_OXUm~8WBE$Aw5Rjki~A+L(m
z3*_P`_CrMhWL}C37F$>vE*NG|?UczGEclJMK{CLHmUCVXdx!&t7Cti{rKaB8Z43XQ
zvyU>3Fb~2Q!ooX~Gquz6Nq3{?nmDBF#+p)OpO~ivf=|WeGp&0_S)4<h53bvdKrkpL
z=UaKQNXbvz5ajSZ$}Rh9o(n!wZd9w9QtN38a@}>G%x5a?UPxJ9sa+5e-{84eI>xt6
zh7oAQ{c0X92ZVdUEM-WK8+1To0*C^I*WH7L4HwiG?=?6mul@`Z-@l7`Y8aLQ5BP8`
zr?hQB7n0(5PU<M;7q7*<TdlE*%S~BJ35RI$D|cQ(=;Z`Qss_^dLC1y+wbo#-2Kp0U
zxAP{ug{A#pSmS;81_7=xGH^n0w!wtwh^efY@_KcNM5a+ixnRf3REy7gDNY^9bI_I-
zcCQZ-4g~j-s`T@@sMoR)e<s}U7O0)R-Lp)o)?|{F1=4+P5w8Z`yS1(Wk=PEk6CjL<
zQdC#MB|!Q`0DskF{pR5A+f>7l(i9lgZV+#s*Fn%$!6VriunpnE>#RA_*fFa$ajFn8
zz~{k-L`t*<fiOo8FS6uINz{{@_PkZ+Fo2BI2}Mg8W7^(_iQ)2a3wd~934>9Ffbo;x
zO3DMCB}hAO!>)v$B~^y|=pGGTY(BYON;kBCdYO|Kq*R*&PzRko5y|-5M4wJA!pwSh
z{VBNBw`6%fshxWRSX%cGcYp_G16yk13DMuj^Ilj+$<QZIIVpQ13ymyr1+&y-V|yym
zJdNZ$i~SPFM|IlMDb=*2+QKB*gb2))91llL&*)~py9K4(HUt@z<~<%}KoWKTq+Hg;
zxgmCvb|ii&=dP&-YHH{Pl1^7&jtt*ZHDXBc=~o`0L)Uc~4`xwJ=6*D8ddtE&73GDr
zjYJb)_?c25cLn&=p{PTWf$9kkglMdcyt?VHQ}#F?<zTea?+5?~jczoy19M#H>-!(g
zHy$Kru9|0~>|Pp^psbvre~PY{g}ucc!lIp&Mc2PJ&!;@vCcXiU5!pEB4`R>?ohQWU
zbHm;CJC^~KvY~YvV3}b<53fxriaxf(qgYN<F9GR@$WMLY82-(_j*(XO<myAAyp<+@
z$<)-BO6<V}=^G+QbGyOAl^xccKwTRP8B~4XawF!RVYnIQrJo1D7|9!TQPsfVIKM~n
zVI%tR?B8U<z3{<Cu<SLdM%n6A!M3{iuAXhi+JN&r^w{HZ1*$ZgwAK!UGL)I{2=Ik6
zOir5+0K{5KU;aPJfsYsGSmxjU3ale+L?D$SFYKM>92^%EIq&IjS8YA&{!R1*0jVU;
zqN%Sr^OdrZWc@Fz-hU@3KtX?&T6nU5=Uz_`v;C9DuFcHb4KLS=o-v0dHe6{@kml2<
zU2b0lHYPzrac-A`I=2f)1`M4M14|snl0%RYan0C1fL8Zc#y0ZmyRofnHsvuzTXE;$
z9-@+2Pz|VGWO622Q=vFMKeZZ={oD&r>FN|L2WE<M5Z`k-2uO#|iNJoy)Z8s*RVor$
zbExOR$8+gN&J<i^@;Y(>uZ*`@UoesuEv+UD>GWQ;KqY^H=gmO7kXg?G<7nfBQK4th
z;n6=hBS-R-nJb4H%fwhqBVXsD69za!7<rm0N}PQ;E8bmAJn1!TYzmRc%Cze;o{W$3
zAq}^RyL3jJ=-=ngRezn75N(^exKCjAXSTaP;D(0h5Sbx-dF}YO2XypAn~qu+LhyCt
zNN-nU|L6r}6HL=FMs$`~lw*<xeR9qE#B9QNCl9X8QwV_6E-zACd%ytLdLogYH#%{b
zvsV}Srf(I*qIhn56<^2<FZZg_N_M>2)=1fCG-84%Oe(j!0K6Cb7|?+u9?gsVW*#A^
zXohU~bltG&^=Es`4ItC@XWmrT`=q@st-jfBB811D&BzB{Xjn7+Lt(bOKLN)waZ~`o
zzpgXR2;LqnWvwcOtVd!YOwP&E1sq~I!Hno+zilvSezh}5NKJS6H9<su<&VNuRNLB~
zfwIQT!mMfy(@3HRV?KY)6l>4TwIHHHVA>C1-!Ez@oY(6k@xUJHwNF#Gp^wzL7nRNk
z>!z~WNFRA~&h(I-BZrHl!5TI!?;<_oEOEQ)aOl82b6fbk#qtIbsF^nFpEzNxuCog*
znYHW^jKO)#E(7Vz5sJ)=lFkWg&mhnA(w^FEv(a-tet%gLHc90-K2^W!8Cf2C>?8+M
z0)JV0I4@bc+5x`6MsUVcT&~z}5cE4iKB=?+a;Ge+ns3^_D%~Au7i`D|uS>0w6d{-|
zn6A+th?lnmE>Lys{ymz<5!x3XQr?@dT5!oNGxgo%#S(2tWGvlmSo9?0FguD3jgAm?
z6|~+~Q1oTFd59~zq-rUFt(2|g#K*eY4Xo)}9j@wuI$>D;UqV$*UC_)`BM35IT;nDs
zpGfD-I=Yuln+>b$-E#8crGI)w&O59|=+``LgWK__R!ZcjqL}Ntk2zhL^H(927Sj`o
zY16sb%xT>uQT4N9d04YrAbGme&;*}glF)mz=hLk1tYC+=%}dgJ#1TQrz$=znyJWF6
z6{wK7`;=SmvpBZjyq76zyZ}23C-WtAbv1M>@kY#ivD&yip@8^&XXYr#35;{E1sWmm
z2dPtwGh933WggYqeUWY%gJ&5mEXrZ6gyVLjjliX9`zxak9Amv*;BJOpQ$whPmI?2S
zeH$J?pn}8c(-;JaL}~~8({%h859v(s02oW2OKifN_<$9ucUBs<?%{%oC*8{JVWqr?
z*j1bG!sA4t^wX2K)}oU=UVKNKAH;86h;}&k*}OQSYP6gv2?zam7KgnLN<=Cytv^{H
zaFUmtre9U>RPk%-5yag*I<#J+=J`2<(YEp$(2~%JI6fUQB#AGF1q66FX|ux{PK)xB
zU!BoEQK?(C8CX{C_%p)0P%5`M9UYI>(|%BgU9_tXjvRvDQT#e5gs?Ny5Um^@X<}R%
zIdge0zKDe9omomU16{iX<YXTg*WD7<)hXMeYM9~t(ywLgEzP=x$?oo+=Wskg!TbEB
zob*;+Lq`-ciE*wCA>W@CAhp;g@1bm$pz^8P$+!w2b5S@(^#t$7#(!-th0RTO(%9*L
zLLtiV1RpYY{XmZ`i}MFk-TbLxoc)|>P}{}CrgaX1G9&`Whs{pY>H#MVl4WyK-2}L*
zJmLA2rn9`I)Sg0SfUV2Gv6u77jrW-jKMyUpfKR<o`+?AQ53MUqYn*WCl_wK|c3jrj
z3Z5kkLocc;ngxa<mnnjJ#ZL@c>&KyQbp%u>ETQ>FrE=#N+NuTFVZztm3(|uU%HXT2
z)Y-0njmxB7sN!jT2Cwd$GEy}Y7^JSi21_xL^Ha^uv1U6+u{dXtYL-x_s15_elS;X(
zlV%HV+V9uWa9Nh9THNb_xx*tNvm0Pq!kZ*XscnjULRnVY@&DbA0PM(;h{*0g@fpZy
z{KpC)-b~e@O(nW2;%t8gW)vAdmxV74`P~Y$X}G8Vg?%A76@som2ovl?i7<M&ZoKD^
zgwQQXSz)b|0(IGNe7|7mu-x4cM33J$`rB+Gb2PKS-ANwK)|Bt<t!Ifde{0d3xRhbS
znnlO^)v)ocUBxh#?I%pCBb8r5e|SS{VX5C3W%PE(MNZLT%IB)JXl3qi5^o*D*dVM9
z#%tv$aZ$<oA7n?J#2yCAD&Gpp^oY3IL)QtSu^Ea8A<T-@*dP;fg`_e=RlP3fia-Io
zALpTAO2MH=w%{I=IH)rliU>BY@~)YW8vLCJs=H|K#P)Rd1=d9(qLezKL`M8|XF9g_
zQQ?kbnTd0naLckt9XcbtAy;mGdD|_3ZEd#$u)!D7&C#i|)ShCfzW7)!_TwTpeTtWk
zG8LCAz6GyW{hTe)@bbMU;xV$M|DT5j)}A(p_n<cm&yz8hdg!PbjaxQURUm6r6n3gB
z7dy4WG-cLXrJmvtC0U@#%EJwvb?|v(o(#qRx)_6YG}S+liGCGQ1Z7MU)=IDS50C<C
zYu&tIBQd(jHRxP{<^tAYx=2BnoO_+6GZW&$wpqwO(C7St$m9W5@KoNE4>F_?`?y)Q
z0-99-t5|xwKI}{QlHqOVHQ`xkEPYTA^M{{GgbRJmqKQK3uK?~AwJPJ?85Q7T`*9_z
zP}wa#ZHBQQMTITy5#aQB9iTJPTs%dzK3*dkP~k^ELjHVo!ThY?Qx_Al$KOngzjjqu
zk4bX|Np<@>_%(JMb0Ik5g+IuOSf7vrZmMl{LiID%#;L93!-!j<%(b9)xbd{v5muyr
zv~dQI@7mWj@xj(@0=pyM>F-(UQ3$wNmkE?XamsY^txLO)v-??eVS8?~Zp|SMDY53_
zBz?xTBj=9vNa|mM_O>kn@MBkfbN6gCfKLR5LRZn~lnt9?bL3@8F4MllBGV&gW2!71
zC*FFYQRdsTVm#1sfa<IBgW#!66_jxSam!+FFAy_e=fO5Eeg9R8^aYH2n7H%CP90^^
z^b%k)nhbv%i{G@VxlCdi^CF$3X2kogRTq;4dZkc%(c9H=<W;nYMz2-)lYCAhHCRfK
z#0s+qh(VXZb8}#z7*Ajsp6+&vKki7(kbC3j*?4+eyUl!yi@y*NhjhtF6K*K*qE-(R
zuq{G=JTFzey8_b`+~zZl))t$15irYTGgqtt$%Vz8@Jnz{(Ne43-PqY0)^T^a+wCRh
z6ou@kPbDha1k1Vq9$Sgx!d4Ai<(TmpSH)Lgt`M~u2-xq=;X1N@Xe~k(B7pN-6Y!}h
zcHq=sG0HEUY_*gOaK@RGRvhtUeWu=0Pb3*&rb?eF(ijUJp>@NW3V?994kto_96<(x
z_mJPInopU1ZU5u7ntug}j1l<l0?jiFyi{ttA=iFflRe(j^t~V~V=vzXeb5hAD5(2w
zvmJN94V^rtFbT&96klcxej(Pp0=Fl>v3Olpvm=Nt5pW=qsR5ck5Hu<6^oJkAJhJzx
zXiv#O!zf#v(UYDRz)`={Sx~sW0AaQjqxylTw1tY8^}1bw*x|eYU68(U;d7Gz6ggVQ
z*m#<4l%>lB;DU0SCz3NBGLR@AK854&X08`rBn;s}Axx$euTX(tXTE1j^8Yktk2@B`
zy!YOc@htbv8$mGo!`8;9c0wU2_fDnHHm2M>JV0ITk3h>j=ZIen8hy4n63P3n(XM3|
z2*J62TAJF<r5*wBko6q6bo*zARhwdi^N7WiMEy(Qd3FXRz434T$4Zb>UW6z9I<e=B
z2cF~-|EswYH}`R*wAfIMxo4?bR(#mCF^`>>*L%?&s@4xzPxDcO7*>(Y;-w`uX6aD_
z_^S}t;^`g8z|di|^qP@utbZ-^qR$|T9AzmQ6Aqm?9`mU&w&@5xeX9b-TL5=G@+!{2
z)QfWb!*R;35Y%KO>L<jD&l#x=ys<Dkp_9-v8)(#0X{nT5={2$swIqX&%puJ|0E4QY
zoAmy>UCtn)Qq#_1N`C#VVepCcFLK6}6W2gZ&djij`+I}#`*(8l4XhlUFGma>^9fEn
z=tpb{ZWMF|`n`7=@Z@F3z{(%QV`A#k`n&8V5#piQSZC0D866;LO!o}6lHY$)w3Zj5
zo4-AS58rl*&f(*(xmT#VzeBmgBv-r&1aX+;|8=0P25fjOoq*90r_Sstj(mCeaF}ib
zPKAj^<RJdUg+4>>n3!r;$e~9YpPihq{H3|uy|7GWYQz^p1kkuZu$D>0R>TTqF$e-1
zLvlm^+E(`(RkY>fxN!@3&{sFEg|)anEhsWM;TlXrtyGrx>6H_Yh9<#X2QQ5Q%H~b>
ze+-l{Gxa^?NHRsu_2a0_Ka?RP^2>IxY)S&k3>@nDd3VJ%6Cf>Q+S0|R=s0*)N8kvJ
zy;_cv4(Qa?iJ!I63cmEs%qWw-SgTJ>FA97RJ|^)cy+Q4t9mJO}XUoeT0u020><<h+
z{te$w&L`+I`%Ll(s}=><7GJ>z+D5UkBxY0~Npg8;F5PBh*zdz;hLlU`(|-Qw&!4_9
zyjR9QIV)d5n0+JlPq7uIqQ-`+^$?|P4ONHnN^5e;D%Xx-o=A24+V3VZO1}OKsxHnC
zT9b6;8b!(Q|NqwFbz((l%yC0?e}hf-w%_?;(b)YZN;!R9tS@08t(?`R0-a9=L2|-k
zt?&Y}g#TIbAe3KXXDHB#2m95-%EUJ=pz%$Tu3dPwwIAnu%N+3AU|Pr;!grmL{lR(n
z8fkXkBD<w@K5fT*HnRaI%qzAyq7F17Kx3}l(a2Mg)gKnu#l{uf?F<EbR9PS9l$SYg
zee_`J(q$u!<T^Viz+ahhJ2O{aUd)JFp#tadNF>uqo-9e$Dn=0+Qkw{FVrGIX-L|$<
zo+ane7hqg#G9Ncddjzg@e0@P=iJYimoqP+g1_n}%W<gsHh#vt*(Z5-?%V*9yX<`vd
zcd_f3&XTOS2uN%iKk_AOE)^wY|G+^t9V9xNtlzy?+~_MD2?Nbl=B5Z)<eSXI8JzT8
zqOZRZ0$+m!S9D&9an^@t-59(IoWRw$Wzo%!>MyvfF_(WH2J_Hz%g8<#_q~KGC2N*q
zB+m@@$Rw1u1~~Sz$|J=1BpvTn$EOJg=cH)-9HN-Wsyqe2fqmn#y-vB5PIVgP;%xk7
zjN<&TiJzut%7|@LL}+vb?Gx-ohTR)I6`2`wH>ntWMSl<KAJl$328{DqfIz5F!l|nb
z_)U9T1QS#us&qpLf-B3~ZFI0Z;))CQz9%d-;6h$*ak#<!qIx7tRIDt_nl9bdxg<Q*
z8jM>~QW*<LxCpenPHC)_mv%)aUjBB+A>+~vGtiw>Vb8hi;0S~dO#NqY=RUB>B>aER
z5@GY?3P^`<O3z}{3LuQzsrEl0`VX?j0IwMx6%S&BVy-@!#)waYq($7NmN}yI7IJtm
zJ9f~<e^MwEI%8u<M!1OM-#|hGOk*?5k}u6Jh7c%Z@!J=|&5X~f|Ei&oOxM4%fDd#+
zhcn|e^00SWL%v6+K}2UNoYvAR1Si^uubjapu0^@8Yu;DX_)8OT$Sd!EGuw&0PCppB
z;2aIazZ6sM&#)mKj4kG>f5K+SjYvegW`7Vm@FIZxGTk;TNTM=FNW67haS^yi*3+rq
zF|ml6SpigCaZ$&Bm&~8QyZwbqDp)yptMpLk|I+p^ufdsA23DcnPfcvsqOcstF08TQ
xrMAMHpFOe8V1mB)@|_!%x`pU)=9c;-mY-8r^oleK8N{^1V=fVP0R%iH<3hryG$Q~2

diff --git a/systems/hikari3/web-development/projects/customer/wm-interdaf.nix b/systems/hikari3/web-development/projects/customer/wm-interdaf.nix
deleted file mode 100644
index 73ae20091b49eff9d5bfc52750b7a56b1d3009ef..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 366
zcmV-!0g?UyM@dveQdv+`0FX`kte-;A$8QR#Y+-x=XI;X*PdWKa-RAuek-=3e%3aDj
zo}$fQNJfS;Re`{{yX{6QhIA_u>DyAf3pi+=%zw||Lm_vTA&;X81uF&et?pJ4t^*SD
zOIURJ5jA+b*tvS6QQ$!3*u?+SL|VcPn3Lt~GA5@0@aW~hf1;=m<~(rS3B6)tD7XLY
zv`UZf1e>MI9?F&ZlgAv>&J;Fid=uoCB&cT#(If@k4zb<e@VMs8jT1@1Yd3WUKuGqN
z556N^JP#$58AB)wBGaz)Z87**r`wh8v%iHmyNwAaW^PRP%DX*V&BEr*cxTUr&T-z4
zaWn`o^A+XAN<VzdM>SX6;5%5Ap<P0R6zDe9PE1OMGsAWh0r}W!p2=D{;p1odR=@W3
z@kWW{o|EYtf9t+*NfzGjxZ!n)_NJy={hglrJQ&19<7vqi{;fd^CH6pvRYcgSDt@%f
MBbNzCRI$;&$(8=QcK`qY

diff --git a/systems/hikari3/web-development/projects/customer/wm-sozio.nix b/systems/hikari3/web-development/projects/customer/wm-sozio.nix
deleted file mode 100644
index 8892e0e62319789782d37f2359ecd822ee121880..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 330
zcmV-Q0k!@BM@dveQdv+`04{0})2$lBpYV{|wAoVous%iI`zN-|UcJ=FoSw&ajfLUC
z_6yC*Yj2=(?H&z{WFi-9&kN2yMvzg2c!R=#+>fCC{+3}H<KHGqSBOG`bjgC-b0wEi
zDR&2fEc2GYUr1kWz9*DgWu}3urGHU2e}VrhGz?NG*>+ydTDOngaJ|l8`%`S_5n4?E
zokKoFNKN>Vh{J~>*`h$lB0&-lCuv=uQjq#Y2)Yu5$@BHc!EY$3;_DgYHs+_LJ$~h8
z*`&l~4@6poMqH6exb<J3z_F=~4w45}Nf5M>kF&Ny)uQsRAx&$QtB045pv{Kcnq(hx
zrR92qf5UU^yM{D1fQ*)b<*uaKRL|-+%w1>H6WSw!BMZ$yNra8CDFj5dIg(Ni1sGH<
cw_GV~W~iL7$HkoDK6_XV!s4iFiOBbTd+aKuz5oCK

diff --git a/systems/hikari3/web-development/projects/private.nix b/systems/hikari3/web-development/projects/private.nix
deleted file mode 100644
index ae664cf..0000000
--- a/systems/hikari3/web-development/projects/private.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-  pkgs
-  ,lib
-  ,config
-  ,...
-}:
-
-let
-
-  php = pkgs.php83;
-
-in import ./../lib/create-typo3.nix {
-  inherit config lib pkgs php;
-
-  domain = "daniel-siepmann.own.localhost";
-  relativeDocumentRoot = "own/daniel-siepmann/project/public/";
-  databaseName = "own_danielsiepmann";
-}
diff --git a/systems/hikari3/web-development/projects/service-wrapper.nix b/systems/hikari3/web-development/projects/service-wrapper.nix
deleted file mode 100644
index 6669aff..0000000
--- a/systems/hikari3/web-development/projects/service-wrapper.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{
-  ,pkgs
-  ,lib
-  ,config
-  ,...
-}:
-
-let
-  domain = "mailhog.localhost";
-in {
-  services = {
-
-    httpd.virtualHosts.${domain} = {
-      forceSSL = true;
-      sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
-      sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
-
-      extraConfig = ''
-        RequestHeader unset Authorization
-        ProxyRequests Off
-        ProxyPreserveHost On
-        ProxyPass / http://localhost:8025/
-        ProxyPassReverse / http://localhost:8025/
-
-        # Mailhog specific
-        <LocationMatch /api/v2/websocket>
-          ProxyPass ws://localhost:8025/api/v2/websocket
-        </LocationMatch>
-      '';
-    };
-
-  };
-}
diff --git a/systems/hikari3/web-development/projects/typo3.nix b/systems/hikari3/web-development/projects/typo3.nix
deleted file mode 100644
index 86313cf..0000000
--- a/systems/hikari3/web-development/projects/typo3.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  ,lib
-  ,config
-  ,...
-}:
-
-import ./../lib/create-static.nix {
-  inherit config;
-
-  domain = "tea-docs.typo3.localhost";
-  relativeDocumentRoot = "typo3/tea/Documentation-GENERATED-temp/Result/project/0.0.0/";
-}
diff --git a/systems/web-development/default.nix b/systems/web-development/default.nix
new file mode 100644
index 0000000..32dd39b
--- /dev/null
+++ b/systems/web-development/default.nix
@@ -0,0 +1,182 @@
+{
+  pkgs
+  ,config
+  ,lib
+  ,...
+}:
+
+let
+
+  mysqlEnsurePermissionsForDevUser = builtins.listToAttrs (
+    map (databaseName: {
+      name = "${databaseName}.*";
+      value = "ALL PRIVILEGES";
+    })
+    config.custom.web-development.databases
+  );
+
+  mysqlLogFile = "/var/lib/mysql/query.log";
+
+in {
+  imports = [
+
+    ./mkcert.nix
+    ./static.nix
+    ./typo3.nix
+
+  ];
+
+  options = {
+
+    custom.web-development = {
+      rootPath = lib.mkOption {
+        type = lib.types.path;
+        default = "/var/projects";
+        description = ''
+          The root folder where web development happens.
+          All Projects need to be placed within this folder.
+        '';
+      };
+      databases = lib.mkOption {
+        type = lib.types.listOf lib.types.nonEmptyStr;
+        default = [];
+        example = lib.literalExpression "[namespace_project namespace2_project1]";
+        description = ''
+          A list of all necessary databases.
+          Used to create the databases and grant permissions.
+        '';
+      };
+    };
+
+  };
+
+  config = {
+
+    services = {
+      httpd = {
+        enable = true;
+
+        user = "daniels";
+
+        adminAddr = "apache@hikari.localhost";
+
+        extraModules = [
+          "info"
+          "rewrite"
+          "proxy"
+          "proxy_fcgi"
+        ];
+
+        virtualHosts = {
+          "localhost".locations."/server-info" = {
+            extraConfig = ''
+              SetHandler server-info
+              Require local
+            '';
+          };
+
+          "mailhog.localhost" = {
+            forceSSL = true;
+            sslServerCert = "${config.custom.web-development.certFolder}mailhog.localhost.pem";
+            sslServerKey = "${config.custom.web-development.certFolder}mailhog.localhost-key.pem";
+
+            extraConfig = ''
+              RequestHeader unset Authorization
+              ProxyRequests Off
+              ProxyPreserveHost On
+              ProxyPass / http://localhost:8025/
+              ProxyPassReverse / http://localhost:8025/
+
+              # Mailhog specific
+              <LocationMatch /api/v2/websocket>
+                ProxyPass ws://localhost:8025/api/v2/websocket
+              </LocationMatch>
+            '';
+          };
+        };
+      };
+
+      mysql = {
+        enable = true;
+
+        package = pkgs.mariadb;
+
+        ensureUsers = [
+          {
+            name = "daniels";
+            ensurePermissions = {
+              "*.*" = "ALL PRIVILEGES";
+            };
+          }
+          {
+            # INITIALLY once change dev user to be identified by password
+            # alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
+            name = "testing";
+            ensurePermissions = {
+              "*.*" = "ALL PRIVILEGES";
+            };
+          }
+          {
+            # INITIALLY once change dev user to be identified by password
+            # alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
+            name = "dev";
+            ensurePermissions = mysqlEnsurePermissionsForDevUser;
+          }
+        ];
+
+        ensureDatabases = [
+          "testing" # Used by TYPO3 functional tests
+          "testing_at" # Used by TYPO3 Acceptance tests
+        ] ++ config.custom.web-development.databases;
+
+        settings = {
+          mysqld = {
+            # sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
+            general_log = true;
+            general_log_file = mysqlLogFile;
+
+            # slow_query_log = true;
+            # slow_query_log_file = "/var/lib/mysql/slow_query.log";
+            # long_query_time = 1;
+
+            bind-address = "127.0.0.1";
+          };
+        };
+      };
+
+      logrotate = {
+        settings.mysql = {
+          files = mysqlLogFile;
+          su = "${config.services.mysql.user} ${config.services.mysql.user}";
+          frequency = "daily";
+          rotate = 2;
+          sharedscripts = true;
+          compress = true;
+          delaycompress = true;
+          postrotate = "systemctl restart mysql.service > /dev/null 2>/dev/null || true";
+        };
+      };
+    };
+
+    systemd = {
+
+      services = {
+        mysql.serviceConfig = {
+          # Allow group to access the folder,
+         # to allow users within group to tail log.
+          StateDirectoryMode = lib.mkForce "0710";
+        };
+      };
+
+      tmpfiles.rules = [
+        # TODO: Improve handling of TYPO3 global configuration
+        # Current issue: The files are copied once.
+        # Changes are not reflected until reboot?
+        # I can edit the copied files, but need to keep files in sync.
+        "C ${config.custom.web-development.rootPath}/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.config/nixpkgs/home/files/typo3-configuration"
+      ];
+
+    };
+
+  };
+}
diff --git a/systems/hikari3/web-development/lib/mkcert.nix b/systems/web-development/mkcert.nix
similarity index 97%
rename from systems/hikari3/web-development/lib/mkcert.nix
rename to systems/web-development/mkcert.nix
index 6598136..d38e05f 100644
--- a/systems/hikari3/web-development/lib/mkcert.nix
+++ b/systems/web-development/mkcert.nix
@@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
+  pkgs
+  ,lib
+  ,config
+  ,...
+}:
 
 let
   certFolder = "/var/projects/own/mkcert";
diff --git a/systems/web-development/static.nix b/systems/web-development/static.nix
new file mode 100644
index 0000000..36196bb
--- /dev/null
+++ b/systems/web-development/static.nix
@@ -0,0 +1,45 @@
+{
+  config
+  ,lib
+  ,pkgs
+  ,...
+}:
+
+let
+
+  cfg = config.custom.web-development.static;
+
+in {
+  options.custom.web-development.static = lib.mkOption {
+    default = {};
+    description = "Define a set of static projects.";
+    type = with lib.types; attrsOf (submodule {
+      options = {
+        relativeDocumentRoot = lib.mkOption {
+          type = str;
+        };
+      };
+    });
+  };
+
+  config.services.httpd.virtualHosts = builtins.mapAttrs (domainName: cfg:
+    let
+      documentRoot = "${config.custom.web-development.rootPath}/${cfg.relativeDocumentRoot}";
+    in {
+      forceSSL = true;
+      sslServerCert = "${config.custom.web-development.certFolder}${domainName}.pem";
+      sslServerKey = "${config.custom.web-development.certFolder}${domainName}-key.pem";
+
+      inherit documentRoot;
+
+      extraConfig = ''
+        <Directory ${documentRoot}>
+            AllowOverride All
+            Require all granted
+            Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+            DirectoryIndex index.html Index.html
+        </Directory>
+      '';
+    }
+  ) cfg;
+}
diff --git a/systems/web-development/typo3.nix b/systems/web-development/typo3.nix
new file mode 100644
index 0000000..967f502
--- /dev/null
+++ b/systems/web-development/typo3.nix
@@ -0,0 +1,149 @@
+{
+  config
+  ,lib
+  ,pkgs
+  ,...
+}:
+
+let
+
+  cfg = config.custom.web-development.typo3;
+
+in {
+  options.custom.web-development.typo3 = lib.mkOption {
+    default = {};
+    description = "Define a set of TYPO3 projects.";
+    type = with lib.types; attrsOf (submodule {
+      options = {
+        relativeDocumentRoot = lib.mkOption {
+          type = str;
+        };
+        databaseName = lib.mkOption {
+          type = str;
+        };
+        phpPackage = lib.mkOption {
+          type = package;
+        };
+      };
+    });
+  };
+
+  config = {
+
+    services.phpfpm.pools = builtins.mapAttrs (domainName: cfg:
+    let
+      phpPackage = cfg.phpPackage.buildEnv {
+        extensions = { enabled, all }: enabled ++ (with all; [
+          xdebug
+        ]);
+        extraConfig = ''
+          max_execution_time = 240
+          max_input_vars = 1500
+
+          display_errors = 1
+          error_reporting = E_ALL
+
+          xdebug.mode = debug
+          xdebug.var_display_max_children = 2048
+          xdebug.var_display_max_depth = 5
+
+          xdebug.max_nesting_level = 400
+        '';
+      };
+    in {
+      inherit (config.services.httpd) user group;
+      inherit phpPackage;
+
+      settings = {
+        "listen.owner" = config.services.httpd.user;
+        "listen.group" = config.services.httpd.group;
+        "pm" = "ondemand";
+        "pm.max_children" = 15;
+      };
+
+      phpEnv = {
+        TYPO3_ADDITIONAL_CONFIGURATION = "/var/projects/own/typo3-configuration/AdditionalConfiguration.inc.php";
+        TYPO3_DATABASE = cfg.databaseName;
+        TYPO3_CONTEXT = "Development/dsiepmann";
+        TYPO3_BASE = "https://${domainName}/";
+
+        # Used via TYPO3 API, expose
+        IMAGEMAGICK_PATH = lib.makeBinPath [ pkgs.imagemagick ] + "/";
+      };
+    }) cfg;
+
+    services.httpd.virtualHosts = builtins.mapAttrs (domainName: cfg:
+      let
+        documentRoot = "${config.custom.web-development.rootPath}/${cfg.relativeDocumentRoot}";
+      in {
+        forceSSL = true;
+        sslServerCert = "${config.custom.web-development.certFolder}${domainName}.pem";
+        sslServerKey = "${config.custom.web-development.certFolder}${domainName}-key.pem";
+
+        inherit documentRoot;
+
+        extraConfig = ''
+          <Directory ${documentRoot}>
+              AllowOverride None
+              Require all granted
+              DirectoryIndex index.php
+
+              RewriteEngine On
+
+              # Store the current location in an environment variable CWD to use
+              # mod_rewrite in .htaccess files without knowing the RewriteBase
+              RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
+              RewriteRule ^.*$ - [E=CWD:%2]
+
+              # Rule for versioned static files, configured through:
+              # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
+              # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
+              # IMPORTANT: This rule has to be the very first RewriteCond in order to work!
+              RewriteCond %{REQUEST_FILENAME} !-f
+              RewriteCond %{REQUEST_FILENAME} !-d
+              RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
+
+              # Access block for folders
+              RewriteRule _(?:recycler|temp)_/ - [F]
+              RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
+              RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
+              RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
+
+              # Block access to all hidden files and directories with the exception of
+              # the visible content from within the `/.well-known/` hidden directory (RFC 5785).
+              RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
+              RewriteCond %{SCRIPT_FILENAME} -d [OR]
+              RewriteCond %{SCRIPT_FILENAME} -f
+              RewriteRule (?:^|/)\. - [F]
+
+              # Stop rewrite processing, if we are in any other known directory
+              # NOTE: Add your additional local storages here
+              RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
+
+              # If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
+              RewriteCond %{REQUEST_FILENAME} !-f
+              RewriteCond %{REQUEST_FILENAME} !-d
+              RewriteCond %{REQUEST_FILENAME} !-l
+              RewriteCond %{REQUEST_URI} ^/typo3/.*$
+              RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
+
+              # If the file/symlink/directory does not exist => Redirect to index.php.
+              # For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
+              RewriteCond %{REQUEST_FILENAME} !-f
+              RewriteCond %{REQUEST_FILENAME} !-d
+              RewriteCond %{REQUEST_FILENAME} !-l
+              RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
+          </Directory>
+
+          <FilesMatch "\.php$">
+              SetHandler  "proxy:unix:${config.services.phpfpm.pools."${domainName}".socket}|fcgi://${domainName}/"
+          </FilesMatch>
+        '';
+      }
+    ) cfg;
+
+    custom.web-development = {
+      databases = lib.attrsets.mapAttrsToList(name: cfg: cfg.databaseName) cfg;
+    };
+  };
+}