From 149e1afbe9bfdd29adf1271ce4cb8364cbb24d1c Mon Sep 17 00:00:00 2001
From: Opnxng <opnxng@tuta.io>
Date: Mon, 6 Nov 2023 10:39:27 +0800
Subject: [PATCH] Inital commit

---
 .gitignore                                    |    4 +
 LICENSE                                       |  661 +++++
 README.md                                     |   20 +
 deploy.yml                                    |   65 +
 files/gitea/conf/example.app.ini              |   13 +
 .../gitea/public/assets/css/theme-github.css  |  552 ++++
 files/gitea/templates/custom/extra_links.tmpl |    3 +
 files/nitter/about.html                       |   49 +
 files/nitter/about.md                         |   59 +
 files/paulgo/donate.md                        |   10 +
 production                                    |   30 +
 setups/setup-anonymousoverflow.yml            |    6 +
 setups/setup-authelia.yml                     |   29 +
 setups/setup-breezewiki.yml                   |    7 +
 setups/setup-caddy.yml                        |   21 +
 setups/setup-firefox.yml                      |    7 +
 setups/setup-gitea.yml                        |   11 +
 setups/setup-nitter.yml                       |   40 +
 setups/setup-paulgo.yml                       |   22 +
 setups/setup-runner.yml                       |    7 +
 setups/setup-scribe.yml                       |    6 +
 templates/compose/4get.yaml.j2                |   26 +
 templates/compose/anonymousoverflow.yaml.j2   |   26 +
 templates/compose/authelia.yaml.j2            |   24 +
 templates/compose/binternet.yaml.j2           |   22 +
 templates/compose/breezewiki.yaml.j2          |   24 +
 templates/compose/caddy.yaml.j2               |   30 +
 templates/compose/cinny.yaml.j2               |   22 +
 templates/compose/etherpad.yaml.j2            |   68 +
 templates/compose/firefox.yaml.j2             |   38 +
 templates/compose/geoipupdate.yaml.j2         |   25 +
 templates/compose/gitea.yaml.j2               |   31 +
 templates/compose/gothub.yaml.j2              |   38 +
 templates/compose/imgin.yaml.j2               |   23 +
 templates/compose/it-tools.yaml.j2            |   22 +
 templates/compose/libreddit.yaml.j2           |   28 +
 templates/compose/libredditarm.yaml.j2        |   28 +
 templates/compose/libremdb.yaml.j2            |   27 +
 templates/compose/mlmym.yaml.j2               |   28 +
 templates/compose/nitter.yaml.j2              |   55 +
 templates/compose/ntfy.yaml.j2                |   43 +
 templates/compose/paulgo.yaml.j2              |   61 +
 templates/compose/photon.yaml.j2              |   27 +
 templates/compose/privatebin.yaml.j2          |   24 +
 templates/compose/proxigram.yaml.j2           |   53 +
 templates/compose/proxitok.yaml.j2            |   74 +
 templates/compose/quetre.yaml.j2              |   23 +
 templates/compose/rat-aint-tieba.yaml.j2      |   21 +
 templates/compose/runner.yaml.j2              |   29 +
 templates/compose/scribe.yaml.j2              |   28 +
 templates/compose/send.yaml.j2                |   61 +
 templates/compose/simplytranslate.yaml.j2     |   29 +
 templates/compose/socks5.yaml.j2              |   15 +
 templates/compose/stirling-pdf.yaml.j2        |   27 +
 templates/compose/teddit.yaml.j2              |   54 +
 templates/compose/voyager.yaml.j2             |   23 +
 templates/compose/watchtower.yaml.j2          |   19 +
 templates/compose/wolfree.yaml.j2             |   21 +
 templates/conf/Caddyfile.j2                   |  663 +++++
 templates/conf/config.ini.j2                  |    3 +
 templates/conf/nitter.conf.j2                 |   48 +
 templates/conf/runner.j2                      |   15 +
 templates/conf/settings.yml.j2                | 2543 +++++++++++++++++
 vars/services.yml                             |  136 +
 64 files changed, 6247 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 deploy.yml
 create mode 100755 files/gitea/conf/example.app.ini
 create mode 100644 files/gitea/public/assets/css/theme-github.css
 create mode 100644 files/gitea/templates/custom/extra_links.tmpl
 create mode 100755 files/nitter/about.html
 create mode 100755 files/nitter/about.md
 create mode 100755 files/paulgo/donate.md
 create mode 100644 production
 create mode 100644 setups/setup-anonymousoverflow.yml
 create mode 100644 setups/setup-authelia.yml
 create mode 100644 setups/setup-breezewiki.yml
 create mode 100644 setups/setup-caddy.yml
 create mode 100755 setups/setup-firefox.yml
 create mode 100644 setups/setup-gitea.yml
 create mode 100644 setups/setup-nitter.yml
 create mode 100644 setups/setup-paulgo.yml
 create mode 100644 setups/setup-runner.yml
 create mode 100644 setups/setup-scribe.yml
 create mode 100644 templates/compose/4get.yaml.j2
 create mode 100644 templates/compose/anonymousoverflow.yaml.j2
 create mode 100644 templates/compose/authelia.yaml.j2
 create mode 100644 templates/compose/binternet.yaml.j2
 create mode 100644 templates/compose/breezewiki.yaml.j2
 create mode 100644 templates/compose/caddy.yaml.j2
 create mode 100644 templates/compose/cinny.yaml.j2
 create mode 100644 templates/compose/etherpad.yaml.j2
 create mode 100644 templates/compose/firefox.yaml.j2
 create mode 100644 templates/compose/geoipupdate.yaml.j2
 create mode 100644 templates/compose/gitea.yaml.j2
 create mode 100644 templates/compose/gothub.yaml.j2
 create mode 100644 templates/compose/imgin.yaml.j2
 create mode 100644 templates/compose/it-tools.yaml.j2
 create mode 100644 templates/compose/libreddit.yaml.j2
 create mode 100644 templates/compose/libredditarm.yaml.j2
 create mode 100644 templates/compose/libremdb.yaml.j2
 create mode 100644 templates/compose/mlmym.yaml.j2
 create mode 100644 templates/compose/nitter.yaml.j2
 create mode 100644 templates/compose/ntfy.yaml.j2
 create mode 100644 templates/compose/paulgo.yaml.j2
 create mode 100644 templates/compose/photon.yaml.j2
 create mode 100644 templates/compose/privatebin.yaml.j2
 create mode 100644 templates/compose/proxigram.yaml.j2
 create mode 100644 templates/compose/proxitok.yaml.j2
 create mode 100644 templates/compose/quetre.yaml.j2
 create mode 100644 templates/compose/rat-aint-tieba.yaml.j2
 create mode 100755 templates/compose/runner.yaml.j2
 create mode 100644 templates/compose/scribe.yaml.j2
 create mode 100644 templates/compose/send.yaml.j2
 create mode 100644 templates/compose/simplytranslate.yaml.j2
 create mode 100644 templates/compose/socks5.yaml.j2
 create mode 100644 templates/compose/stirling-pdf.yaml.j2
 create mode 100644 templates/compose/teddit.yaml.j2
 create mode 100644 templates/compose/voyager.yaml.j2
 create mode 100644 templates/compose/watchtower.yaml.j2
 create mode 100644 templates/compose/wolfree.yaml.j2
 create mode 100755 templates/conf/Caddyfile.j2
 create mode 100644 templates/conf/config.ini.j2
 create mode 100755 templates/conf/nitter.conf.j2
 create mode 100644 templates/conf/runner.j2
 create mode 100755 templates/conf/settings.yml.j2
 create mode 100644 vars/services.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..722a14c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+vars/secrets.yml
+templates/conf/users_database.yml.j2
+templates/conf/configuration.yml.j2
+files/firefox
\ No newline at end of file
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..70eec1e
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,661 @@
+                    GNU AFFERO GENERAL PUBLIC LICENSE
+                       Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+  A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate.  Many developers of free software are heartened and
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+  The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+  An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals.  This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU Affero General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Remote Network Interaction; Use with the GNU General Public License.
+
+  Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software.  This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time.  Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source.  For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code.  There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<http://www.gnu.org/licenses/>.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..1cccab6
--- /dev/null
+++ b/README.md
@@ -0,0 +1,20 @@
+# Ansible project for Opnxng deployment
+
+An Ansible project that deploy docker services to our servers.
+
+`ansible-playbook -i "production" "deploy.yml"`
+
+## Services
+
+The services are hosted on one Vultr and four Oracle servers. A [variables file](vars/services.yml) defines the services to be deployed or already deployed.
+
+They are deployed with [Compose files](templates/compose) and load balanced according to the [Caddyfile](templates/conf/Caddyfile.j2).
+
+## Configurations
+
+Our SearXNG instance uses a custom [settings.yml](templates/conf/settings.yml.j2) that always include upstream changes. It is updated by hand with reference to [Pussthecat.org's configuration](https://github.com/PussTheCat-org/PussTheCat.org-Configs/tree/master/Services/SearXNG).
+
+Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yml](/opnxng/ansible-opnxng-deploy). We host an Authelia and Firefox stack that is restricted to specific users only. Their related files are also kept locally.
+
+## Contact
+Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.
\ No newline at end of file
diff --git a/deploy.yml b/deploy.yml
new file mode 100644
index 0000000..7d2d2df
--- /dev/null
+++ b/deploy.yml
@@ -0,0 +1,65 @@
+---
+- name: Docker Deploy
+  hosts: all
+  gather_facts: false
+  vars_files:
+    - vars/secrets.yml
+    - vars/services.yml
+  tasks:
+  
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Docker Compose down
+      command: "docker-compose -f {{ docker_dir }}/{{ item }}/docker-compose.yaml down"
+      loop: "{{ down[inventory_hostname] }}"
+      when: down is defined and inventory_hostname in down
+      ignore_errors: yes
+
+    - name: Remove project directory
+      file:
+        path: "{{ docker_dir }}/{{ item }}"
+        state: absent
+      become: true
+      loop: "{{ remove[inventory_hostname] }}"
+      when: remove is defined and inventory_hostname in remove
+      ignore_errors: yes
+
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Create project directory
+      file:
+        path: "{{ docker_dir }}/{{ item }}"
+        state: directory
+        owner: 1000
+        group: 1000
+        mode: 0755
+      loop: "{{ compose[inventory_hostname] }}"
+      when: compose is defined and inventory_hostname in compose
+
+    - name: Inital Setup
+      include_tasks: "setups/setup-{{ item }}.yml"
+      loop: "{{ setup[inventory_hostname] }}"
+      when: setup is defined and inventory_hostname in setup
+      ignore_errors: yes
+
+    - name: Copy Docker Compose
+      template:
+        src: "compose/{{ item }}.yaml.j2"
+        dest: "{{ docker_dir }}/{{ item }}/docker-compose.yaml"
+        owner: 1000
+        group: 1000
+        mode: 0755
+      loop: "{{ compose[inventory_hostname] }}"
+      when: compose is defined and inventory_hostname in compose
+
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Docker Compose pull
+      command: "docker-compose -f {{ docker_dir }}/{{ item }}/docker-compose.yaml pull"
+      loop: "{{ compose[inventory_hostname] }}"
+      when: compose is defined and inventory_hostname in compose
+
+    - name: Docker Compose up
+      command: "docker-compose -f {{ docker_dir }}/{{ item }}/docker-compose.yaml up --remove-orphans --force-recreate -d"
+      loop: "{{ compose[inventory_hostname] }}"
+      when: compose is defined and inventory_hostname in compose
\ No newline at end of file
diff --git a/files/gitea/conf/example.app.ini b/files/gitea/conf/example.app.ini
new file mode 100755
index 0000000..7c17476
--- /dev/null
+++ b/files/gitea/conf/example.app.ini
@@ -0,0 +1,13 @@
+[server]
+LANDING_PAGE = /explore/repos
+
+[storage.packages]
+STORAGE_TYPE = local
+PATH = /packages
+
+[actions]
+ENABLED=true
+
+[ui]
+THEMES = github
+DEFAULT_THEME = github
\ No newline at end of file
diff --git a/files/gitea/public/assets/css/theme-github.css b/files/gitea/public/assets/css/theme-github.css
new file mode 100644
index 0000000..ba7861b
--- /dev/null
+++ b/files/gitea/public/assets/css/theme-github.css
@@ -0,0 +1,552 @@
+/* Made by Rainnny <3 */
+
+.chroma {
+	background-color: var(--color-code-bg);
+}
+.chroma .lntd {
+	vertical-align: top;
+	border: 0;
+	margin: 0;
+	padding: 0;
+}
+.chroma .lntable {
+	border-spacing: 0;
+	border: 0;
+	width: auto;
+	margin: 0;
+	padding: 0;
+	display: block;
+	overflow: auto;
+}
+.chroma .hl {
+	width: 100%;
+	display: block;
+}
+.chroma .lnt,
+.chroma .ln {
+	margin-right: 0.4em;
+	padding: 0 0.4em;
+}
+.chroma .gs {
+	font-weight: var(--font-weight-semibold);
+}
+.chroma .gl {
+	text-decoration: underline;
+}
+.chroma .bp {
+	color: #fabd2f;
+}
+.chroma .c,
+.chroma .c1,
+.chroma .ch,
+.chroma .cm {
+	color: #777e94;
+}
+.chroma .cp {
+	color: #8ec07c;
+}
+.chroma .cpf {
+	color: #79c0ff;
+}
+.chroma .cs {
+	color: #9075cd;
+}
+.chroma .dl {
+	color: #79c0ff;
+}
+.chroma .gd {
+	color: #fff;
+	background-color: #5f3737;
+}
+.chroma .ge {
+	color: #ddee30;
+}
+.chroma .gh {
+	color: #ffaa10;
+}
+.chroma .gi {
+	color: #fff;
+	background-color: #3a523a;
+}
+.chroma .go {
+	color: #777e94;
+}
+.chroma .gp {
+	color: #ebdbb2;
+}
+.chroma .gr {
+	color: #f43;
+}
+.chroma .gs {
+	color: #ebdbb2;
+}
+.chroma .gt {
+	color: #7ee787;
+}
+.chroma .gu {
+	color: #a5d6ff;
+}
+.chroma .il {
+	color: #79c0ff;
+}
+.chroma .k {
+	color: #ff7b72;
+}
+.chroma .kc {
+	color: #79c0ff;
+}
+.chroma .kd {
+	color: #ff7b72;
+}
+.chroma .kn {
+	color: #ff7b72;
+}
+.chroma .kp {
+	color: #5f8700;
+}
+.chroma .kr {
+	color: #7ee787;
+}
+.chroma .kt {
+	color: #ff7b72;
+}
+.chroma .m,
+.chroma .mb,
+.chroma .mf,
+.chroma .mh,
+.chroma .mi,
+.chroma .mo {
+	color: #79c0ff;
+}
+.chroma .n {
+	color: #c9d1d9;
+}
+.chroma .na {
+	color: #d2a8ff;
+}
+.chroma .nb {
+	color: #a5d6ff;
+}
+.chroma .nc {
+	color: #e6edf3;
+}
+.chroma .nd {
+	color: #79c0ff;
+}
+.chroma .ne {
+	color: #7ee787;
+}
+.chroma .nf,
+.chroma .ni {
+	color: #d2a8ff;
+}
+.chroma .nl {
+	color: #7ee787;
+}
+.chroma .nn {
+	color: #e6edf3;
+}
+.chroma .no {
+	color: #79c0ff;
+}
+.chroma .nt {
+	color: #7ee787;
+}
+.chroma .nv {
+	color: #ebdbb2;
+}
+.chroma .nx {
+	color: #b6bac5;
+}
+.chroma .o {
+	color: #7ee787;
+}
+.chroma .ow {
+	color: #5f8700;
+}
+.chroma .p {
+	color: #d2d4db;
+}
+.chroma .s,
+.chroma .s1,
+.chroma .s2 {
+	color: #a5d6ff;
+}
+.chroma .sa {
+	color: #79c0ff;
+}
+.chroma .sb {
+	color: #a5d6ff;
+}
+.chroma .sc {
+	color: #79c0ff;
+}
+.chroma .sd {
+	color: #777e94;
+}
+.chroma .se {
+	color: #7ee787;
+}
+.chroma .sh {
+	color: #79c0ff;
+}
+.chroma .si {
+	color: #ffaa10;
+}
+.chroma .sr {
+	color: #9075cd;
+}
+.chroma .ss {
+	color: #7ee787;
+}
+.chroma .sx {
+	color: #ffaa10;
+}
+.chroma .vc {
+	color: #7ee787;
+}
+.chroma .vg,
+.chroma .vi {
+	color: #ffaa10;
+}
+.chroma .w {
+	color: #7f8699;
+}
+.CodeMirror.cm-s-default .cm-property,
+.CodeMirror.cm-s-paper .cm-property {
+	color: #a0cc75;
+}
+.CodeMirror.cm-s-default .cm-header,
+.CodeMirror.cm-s-paper .cm-header {
+	color: #9daccc;
+}
+.CodeMirror.cm-s-default .cm-quote,
+.CodeMirror.cm-s-paper .cm-quote {
+	color: #090;
+}
+.CodeMirror.cm-s-default .cm-keyword,
+.CodeMirror.cm-s-paper .cm-keyword {
+	color: #cc8a61;
+}
+.CodeMirror.cm-s-default .cm-atom,
+.CodeMirror.cm-s-paper .cm-atom {
+	color: #ef5e77;
+}
+.CodeMirror.cm-s-default .cm-number,
+.CodeMirror.cm-s-paper .cm-number {
+	color: #ff5656;
+}
+.CodeMirror.cm-s-default .cm-def,
+.CodeMirror.cm-s-paper .cm-def {
+	color: #e4e4e4;
+}
+.CodeMirror.cm-s-default .cm-variable-2,
+.CodeMirror.cm-s-paper .cm-variable-2 {
+	color: #00bdbf;
+}
+.CodeMirror.cm-s-default .cm-variable-3,
+.CodeMirror.cm-s-paper .cm-variable-3 {
+	color: #085;
+}
+.CodeMirror.cm-s-default .cm-comment,
+.CodeMirror.cm-s-paper .cm-comment {
+	color: #8e9ab3;
+}
+.CodeMirror.cm-s-default .cm-string,
+.CodeMirror.cm-s-paper .cm-string {
+	color: #a77272;
+}
+.CodeMirror.cm-s-default .cm-string-2,
+.CodeMirror.cm-s-paper .cm-string-2 {
+	color: #f50;
+}
+.CodeMirror.cm-s-default .cm-meta,
+.CodeMirror.cm-s-paper .cm-meta,
+.CodeMirror.cm-s-default .cm-qualifier,
+.CodeMirror.cm-s-paper .cm-qualifier {
+	color: #ffb176;
+}
+.CodeMirror.cm-s-default .cm-builtin,
+.CodeMirror.cm-s-paper .cm-builtin {
+	color: #b7c951;
+}
+.CodeMirror.cm-s-default .cm-bracket,
+.CodeMirror.cm-s-paper .cm-bracket {
+	color: #997;
+}
+.CodeMirror.cm-s-default .cm-tag,
+.CodeMirror.cm-s-paper .cm-tag {
+	color: #f1d273;
+}
+.CodeMirror.cm-s-default .cm-attribute,
+.CodeMirror.cm-s-paper .cm-attribute {
+	color: #bfcc70;
+}
+.CodeMirror.cm-s-default .cm-hr,
+.CodeMirror.cm-s-paper .cm-hr {
+	color: #999;
+}
+.CodeMirror.cm-s-default .cm-url,
+.CodeMirror.cm-s-paper .cm-url {
+	color: #c5cfd0;
+}
+.CodeMirror.cm-s-default .cm-link,
+.CodeMirror.cm-s-paper .cm-link {
+	color: #d8c792;
+}
+.CodeMirror.cm-s-default .cm-error,
+.CodeMirror.cm-s-paper .cm-error {
+	color: #dbdbeb;
+}
+:root {
+	--is-dark-theme: true;
+	--color-primary: #4b80ca;
+	--color-primary-contrast: #fff;
+	--color-primary-dark-1: #739cb3;
+	--color-primary-dark-2: #40aaff;
+	--color-primary-dark-3: #92b4c4;
+	--color-primary-dark-4: #a1bbcd;
+	--color-primary-dark-5: #cfddc1;
+	--color-primary-dark-6: #e7eee0;
+	--color-primary-dark-7: #f8faf6;
+	--color-primary-light-1: #4b80ca;
+	--color-primary-light-2: #437aad;
+	--color-primary-light-3: #415b8b;
+	--color-primary-light-4: #25425a;
+	--color-primary-light-5: #223546;
+	--color-primary-light-6: #131923;
+	--color-primary-light-7: #06090b;
+	--color-primary-alpha-10: #3683c019;
+	--color-primary-alpha-20: #3683c033;
+	--color-primary-alpha-30: #3683c04b;
+	--color-primary-alpha-40: #3683c066;
+	--color-primary-alpha-50: #3683c080;
+	--color-primary-alpha-60: #3683c099;
+	--color-primary-alpha-70: #3683c0b3;
+	--color-primary-alpha-80: #3683c0cc;
+	--color-primary-alpha-90: #3683c0e1;
+	--color-primary-hover: var(--color-primary-light-1);
+	--color-primary-active: var(--color-primary-light-2);
+	--color-secondary: #2c2f35;
+	--color-secondary-dark-1: #505665;
+	--color-secondary-dark-2: #5b6273;
+	--color-secondary-dark-3: #71798e;
+	--color-secondary-dark-4: #7f8699;
+	--color-secondary-dark-5: #8c93a4;
+	--color-secondary-dark-6: #9aa0af;
+	--color-secondary-dark-7: #a8adba;
+	--color-secondary-dark-8: #c4c7d0;
+	--color-secondary-dark-9: #dfe1e6;
+	--color-secondary-dark-10: #edeef1;
+	--color-secondary-dark-11: #fbfbfc;
+	--color-secondary-dark-12: #eeeff2;
+	--color-secondary-dark-13: #fbfbfc;
+	--color-secondary-light-1: #373b46;
+	--color-secondary-light-2: #292c34;
+	--color-secondary-light-3: #1c1e23;
+	--color-secondary-light-4: #0e0f11;
+	--color-secondary-alpha-10: #2c2f35;
+	--color-secondary-alpha-20: #2c2f3533;
+	--color-secondary-alpha-30: #2c2f354b;
+	--color-secondary-alpha-40: #2c2f3566;
+	--color-secondary-alpha-50: #2c2f3580;
+	--color-secondary-alpha-60: #2c2f3599;
+	--color-secondary-alpha-70: #2c2f35b3;
+	--color-secondary-alpha-80: #2c2f35cc;
+	--color-secondary-alpha-90: #2c2f35e1;
+	--color-red: #da3737;
+	--color-orange: #f17a2b;
+	--color-yellow: #f3c640;
+	--color-olive: #c8df36;
+	--color-green: #3bc75b;
+	--color-teal: #69d4cf;
+	--color-blue: #4b80ca;
+	--color-violet: #754ad3;
+	--color-purple: #b65dd4;
+	--color-pink: #e04b9f;
+	--color-brown: #a86d45;
+	--color-black: #141516;
+	--color-grey: #797c85;
+	--color-gold: #d4b74c;
+	--color-white: #ffffff;
+	--color-red-light: #d15a5a;
+	--color-orange-light: #f6a066;
+	--color-yellow-light: #eaaf03;
+	--color-olive-light: #abc016;
+	--color-green-light: #93b373;
+	--color-teal-light: #00b6ad;
+	--color-blue-light: #4e96cc;
+	--color-violet-light: #9b79e4;
+	--color-purple-light: #ba6ad5;
+	--color-pink-light: #d74397;
+	--color-brown-light: #b08061;
+	--color-black-light: #3f4555;
+	--color-red-dark-1: #c23636;
+	--color-orange-dark-1: #f38236;
+	--color-yellow-dark-1: #b88a03;
+	--color-olive-dark-1: #839311;
+	--color-green-dark-1: #7a9e55;
+	--color-teal-dark-1: #00837c;
+	--color-blue-dark-1: #347cb3;
+	--color-violet-dark-1: #7b4edb;
+	--color-purple-dark-1: #a742c9;
+	--color-pink-dark-1: #be297d;
+	--color-brown-dark-1: #94674a;
+	--color-black-dark-1: #292d38;
+	--color-red-dark-2: #ad3030;
+	--color-orange-dark-2: #f16e17;
+	--color-yellow-dark-2: #a37a02;
+	--color-olive-dark-2: #74820f;
+	--color-green-dark-2: #6c8c4c;
+	--color-teal-dark-2: #00746e;
+	--color-blue-dark-2: #2e6e9f;
+	--color-violet-dark-2: #6733d6;
+	--color-purple-dark-2: #9834b9;
+	--color-pink-dark-2: #a9246f;
+	--color-brown-dark-2: #835b42;
+	--color-black-dark-2: #252832;
+	--color-console-bg: #11171f;
+	--color-ansi-black: var(--color-black);
+	--color-ansi-red: var(--color-red);
+	--color-ansi-green: var(--color-green);
+	--color-ansi-yellow: var(--color-yellow);
+	--color-ansi-blue: var(--color-blue);
+	--color-ansi-magenta: var(--color-pink);
+	--color-ansi-cyan: var(--color-teal);
+	--color-ansi-white: var(--color-console-fg-subtle);
+	--color-ansi-bright-black: var(--color-black-light);
+	--color-ansi-bright-red: var(--color-red-light);
+	--color-ansi-bright-green: var(--color-green-light);
+	--color-ansi-bright-yellow: var(--color-yellow-light);
+	--color-ansi-bright-blue: var(--color-blue-light);
+	--color-ansi-bright-magenta: var(--color-pink-light);
+	--color-ansi-bright-cyan: var(--color-teal-light);
+	--color-ansi-bright-white: var(--color-console-fg);
+	--color-grey: #505665;
+	--color-grey-light: #a1a6b7;
+	--color-gold: #b1983b;
+	--color-white: #fff;
+	--color-diff-removed-word-bg: #6f3333;
+	--color-diff-added-word-bg: #3c653c;
+	--color-diff-removed-row-bg: #3c2626;
+	--color-diff-moved-row-bg: #818044;
+	--color-diff-added-row-bg: #283e2d;
+	--color-diff-removed-row-border: #634343;
+	--color-diff-moved-row-border: #bcca6f;
+	--color-diff-added-row-border: #314a37;
+	--color-diff-inactive: #353846;
+	--color-error-border: #a04141;
+	--color-error-bg: #522;
+	--color-error-bg-active: #744;
+	--color-error-bg-hover: #633;
+	--color-error-text: #f9cbcb;
+	--color-success-border: #458a57;
+	--color-success-bg: #284034;
+	--color-success-text: #6cc664;
+	--color-warning-border: #bb9d00;
+	--color-warning-bg: #3a3a30;
+	--color-warning-text: #fbbd08;
+	--color-info-border: #306090;
+	--color-info-bg: #26354c;
+	--color-info-text: #38a8e8;
+	--color-red-badge: #db2828;
+	--color-red-badge-bg: #db28281a;
+	--color-red-badge-hover-bg: #db28284d;
+	--color-green-badge: #21ba45;
+	--color-green-badge-bg: #21ba451a;
+	--color-green-badge-hover-bg: #21ba454d;
+	--color-yellow-badge: #fbbd08;
+	--color-yellow-badge-bg: #fbbd081a;
+	--color-yellow-badge-hover-bg: #fbbd084d;
+	--color-orange-badge: #f2711c;
+	--color-orange-badge-bg: #f2711c1a;
+	--color-orange-badge-hover-bg: #f2711c4d;
+	--color-git: #f05133;
+	--color-body: #0d1117;
+	--color-box-header: #161b22;
+	--color-box-body: #11171f;
+	--color-box-body-highlight: #262b36;
+	--color-text-dark: #dbe0ea;
+	--color-text: #bbc0ca;
+	--color-text-light: #a6aab5;
+	--color-text-light-1: rgb(125, 133, 144);
+	--color-text-light-2: #8a8e99;
+	--color-text-light-3: #707687;
+	--color-footer: #010409;
+	--color-timeline: #4c525e;
+	--color-input-text: #d5dbe6;
+	--color-input-background: #2c2f35;
+	--color-input-toggle-background: #454a57;
+	--color-input-border: #2c2f35;
+	--color-input-border-hover: #505667;
+	--color-header-wrapper: #0d1117;
+	--color-header-wrapper-transparent: #20243000;
+	--color-light: #00000028;
+	--color-light-mimic-enabled: rgba(
+		0,
+		0,
+		0,
+		calc(40 / 255 * 222 / 255 / var(--opacity-disabled))
+	);
+	--color-light-border: #ffffff28;
+	--color-hover: #ffffff19;
+	--color-active: #ffffff24;
+	--color-menu: #0d1117;
+	--color-card: #0d1117;
+	--color-markup-table-row: #ffffff06;
+	--color-markup-code-block: #ffffff16;
+	--color-button: #1e252e;
+	--color-code-bg: #0d1117;
+	--color-code-sidebar-bg: #232834;
+	--color-shadow: #00000060;
+	--color-secondary-bg: #2c2f35;
+	--color-text-focus: #fff;
+	--color-expand-button: #3c404d;
+	--color-placeholder-text: #8a8e99;
+	--color-editor-line-highlight: var(--color-primary-light-5);
+	--color-project-board-bg: var(--color-secondary-light-2);
+	--color-caret: var(--color-text);
+	--color-reaction-bg: #ffffff12;
+	--color-reaction-hover-bg: var(--color-primary-light-4);
+	--color-reaction-active-bg: var(--color-primary-light-5);
+	--color-tooltip-text: #fff;
+	--color-tooltip-bg: #000000f0;
+	--color-nav-bg: #010409;
+	--color-nav-hover-bg: #383c47;
+	--color-label-text: #dfe3ec;
+	--color-label-bg: #7c84974b;
+	--color-label-hover-bg: #7c8497a0;
+	--color-label-active-bg: #7c8497;
+	--color-accent: var(--color-primary-light-1);
+	--color-small-accent: var(--color-primary-light-5);
+	--color-active-line: #534d1b;
+	accent-color: var(--color-accent);
+	color-scheme: dark;
+}
+.emoji[aria-label="check\ mark"],
+.emoji[aria-label="currency\ exchange"],
+.emoji[aria-label="TOP\ arrow"],
+.emoji[aria-label="END\ arrow"],
+.emoji[aria-label="ON! arrow"],
+.emoji[aria-label="SOON\ arrow"],
+.emoji[aria-label="heavy dollar sign"],
+.emoji[aria-label="copyright"],
+.emoji[aria-label="registered"],
+.emoji[aria-label="trade\ mark"],
+.emoji[aria-label="multiply"],
+.emoji[aria-label="plus"],
+.emoji[aria-label="minus"],
+.emoji[aria-label="divide"],
+.emoji[aria-label="curly\ loop"],
+.emoji[aria-label="double curly loop"],
+.emoji[aria-label="wavy\ dash"],
+.emoji[aria-label="paw\ prints"],
+.emoji[aria-label="musical\ note"],
+.emoji[aria-label="musical\ notes"] {
+	filter: invert() hue-rotate(180deg);
+}
+
+.repository.file.list #repo-files-table tbody .svg.octicon-file-directory-fill,
+.repository.file.list #repo-files-table tbody .svg.octicon-file-submodule {
+	color: #7d8590;
+}
diff --git a/files/gitea/templates/custom/extra_links.tmpl b/files/gitea/templates/custom/extra_links.tmpl
new file mode 100644
index 0000000..dc7605b
--- /dev/null
+++ b/files/gitea/templates/custom/extra_links.tmpl
@@ -0,0 +1,3 @@
+<a class="item" href="{{AppSubUrl}}/opnxng/docker-images">Docker Images</a>
+<a class="item" href="{{AppSubUrl}}/opnxng/ansible-opnxng-deploy">Ansible</a>
+<a class="item" href="{{AppSubUrl}}/opnxng/website">Website</a>
\ No newline at end of file
diff --git a/files/nitter/about.html b/files/nitter/about.html
new file mode 100755
index 0000000..7f2c2fe
--- /dev/null
+++ b/files/nitter/about.html
@@ -0,0 +1,49 @@
+<h1>About</h1>
+<p>Nitter is a free and open source alternative Twitter front-end focused on
+privacy and performance. The source is available on GitHub at
+<a href="https://github.com/zedeus/nitter">https://github.com/zedeus/nitter</a></p>
+<ul>
+<li>No JavaScript or ads</li>
+<li>All requests go through the backend, client never talks to Twitter</li>
+<li>Prevents Twitter from tracking your IP or JavaScript fingerprint</li>
+<li>Uses Twitter's unofficial API (no rate limits or developer account required)</li>
+<li>Lightweight (for <a href="/nim_lang">@nim_lang</a>, 60KB vs 784KB from twitter.com)</li>
+<li>RSS feeds</li>
+<li>Themes</li>
+<li>Mobile support (responsive design)</li>
+<li>AGPLv3 licensed, no proprietary instances permitted</li>
+</ul>
+<p>Nitter's GitHub wiki contains
+<a href="https://github.com/zedeus/nitter/wiki/Instances">instances</a> and
+<a href="https://github.com/zedeus/nitter/wiki/Extensions">browser extensions</a>
+maintained by the community.</p>
+<h2>Opnxng.com</h2>
+<p>Other services: <a href="https://about.opnxng.com/">https://about.opnxng.com/</a></p>
+<p>Donating: <a href="https://liberapay.com/Opnxng/">https://liberapay.com/Opnxng/</a><br>
+Links to donate to the developer of Nitter can be found down below.</p>
+<h2>Why use Nitter?</h2>
+<p>It's impossible to use Twitter without JavaScript enabled. For privacy-minded
+folks, preventing JavaScript analytics and IP-based tracking is important, but
+apart from using a VPN and uBlock/uMatrix, it's impossible. Despite being behind
+a VPN and using heavy-duty adblockers, you can get accurately tracked with your
+<a href="https://restoreprivacy.com/browser-fingerprinting/">browser's fingerprint</a>,
+<a href="https://noscriptfingerprint.com/">no JavaScript required</a>. This all became
+particularly important after Twitter <a href="https://www.eff.org/deeplinks/2020/04/twitter-removes-privacy-option-and-shows-why-we-need-strong-privacy-laws">removed the
+ability</a>
+for users to control whether their data gets sent to advertisers.</p>
+<p>Using an instance of Nitter (hosted on a VPS for example), you can browse
+Twitter without JavaScript while retaining your privacy. In addition to
+respecting your privacy, Nitter is on average around 15 times lighter than
+Twitter, and in most cases serves pages faster (eg. timelines load 2-4x faster).</p>
+<p>In the future a simple account system will be added that lets you follow Twitter
+users, allowing you to have a clean chronological timeline without needing a
+Twitter account.</p>
+<h2>Donating</h2>
+<p>Liberapay: <a href="https://liberapay.com/zedeus">https://liberapay.com/zedeus</a> <br />
+Patreon: <a href="https://patreon.com/nitter">https://patreon.com/nitter</a> <br />
+BTC: bc1qp7q4qz0fgfvftm5hwz3vy284nue6jedt44kxya <br />
+ETH: 0x66d84bc3fd031b62857ad18c62f1ba072b011925 <br />
+LTC: ltc1qhsz5nxw6jw9rdtw9qssjeq2h8hqk2f85rdgpkr <br />
+XMR: 42hKayRoEAw4D6G6t8mQHPJHQcXqofjFuVfavqKeNMNUZfeJLJAcNU19i1bGdDvcdN6romiSscWGWJCczFLe9RFhM3d1zpL</p>
+<h2>Contact</h2>
+<p>Feel free to join our <a href="https://matrix.to/#/#nitter:matrix.org">Matrix channel</a>.</p>
\ No newline at end of file
diff --git a/files/nitter/about.md b/files/nitter/about.md
new file mode 100755
index 0000000..761b546
--- /dev/null
+++ b/files/nitter/about.md
@@ -0,0 +1,59 @@
+# About
+
+Nitter is a free and open source alternative Twitter front-end focused on
+privacy and performance. The source is available on GitHub at
+<https://github.com/zedeus/nitter>
+
+* No JavaScript or ads
+* All requests go through the backend, client never talks to Twitter
+* Prevents Twitter from tracking your IP or JavaScript fingerprint
+* Uses Twitter's unofficial API (no rate limits or developer account required)
+* Lightweight (for [@nim_lang](/nim_lang), 60KB vs 784KB from twitter.com)
+* RSS feeds
+* Themes
+* Mobile support (responsive design)
+* AGPLv3 licensed, no proprietary instances permitted
+
+Nitter's GitHub wiki contains
+[instances](https://github.com/zedeus/nitter/wiki/Instances) and
+[browser extensions](https://github.com/zedeus/nitter/wiki/Extensions)
+maintained by the community.
+
+## Opnxng.com
+Other services: [https://about.opnxng.com/]h(ttps://about.opnxng.com)
+Donating: [https://liberapay.com/Opnxng/](https://liberapay.com/Opnxng)
+Links to donate to the developer of Nitter can be found down below.
+
+## Why use Nitter?
+
+It's impossible to use Twitter without JavaScript enabled. For privacy-minded
+folks, preventing JavaScript analytics and IP-based tracking is important, but
+apart from using a VPN and uBlock/uMatrix, it's impossible. Despite being behind
+a VPN and using heavy-duty adblockers, you can get accurately tracked with your
+[browser's fingerprint](https://restoreprivacy.com/browser-fingerprinting/),
+[no JavaScript required](https://noscriptfingerprint.com/). This all became
+particularly important after Twitter [removed the
+ability](https://www.eff.org/deeplinks/2020/04/twitter-removes-privacy-option-and-shows-why-we-need-strong-privacy-laws)
+for users to control whether their data gets sent to advertisers.
+
+Using an instance of Nitter (hosted on a VPS for example), you can browse
+Twitter without JavaScript while retaining your privacy. In addition to
+respecting your privacy, Nitter is on average around 15 times lighter than
+Twitter, and in most cases serves pages faster (eg. timelines load 2-4x faster).
+
+In the future a simple account system will be added that lets you follow Twitter
+users, allowing you to have a clean chronological timeline without needing a
+Twitter account.
+
+## Donating
+
+Liberapay: <https://liberapay.com/zedeus> \
+Patreon: <https://patreon.com/nitter> \
+BTC: bc1qp7q4qz0fgfvftm5hwz3vy284nue6jedt44kxya \
+ETH: 0x66d84bc3fd031b62857ad18c62f1ba072b011925 \
+LTC: ltc1qhsz5nxw6jw9rdtw9qssjeq2h8hqk2f85rdgpkr \
+XMR: 42hKayRoEAw4D6G6t8mQHPJHQcXqofjFuVfavqKeNMNUZfeJLJAcNU19i1bGdDvcdN6romiSscWGWJCczFLe9RFhM3d1zpL
+
+## Contact
+
+Feel free to join our [Matrix channel](https://matrix.to/#/#nitter:matrix.org).
diff --git a/files/paulgo/donate.md b/files/paulgo/donate.md
new file mode 100755
index 0000000..ca5ba69
--- /dev/null
+++ b/files/paulgo/donate.md
@@ -0,0 +1,10 @@
+# Donate
+
+[Opnxng](https://about.opnxng.com/) hosts privacy-respecting services such as [SearXNG](https://opnxng.com/), [Nitter](https://n.opnxng.com/), [Voyager](https://v.opnxng.com/), [Teddit](https://i.opnxng.com/), and [many more](https://about.opnxng.com/services).
+
+Please consider donating to this site via [Liberapay](https://liberapay.com/Opnxng/). Your donation would allow us to rent more instances and run the services more reliably. We truly thank you for your consideration. 
+<br>
+<br>
+## Donate to SearXNG.org
+
+Support the SearXNG project via [https://docs.searxng.org/donate.html](https://docs.searxng.org/donate.html)
diff --git a/production b/production
new file mode 100644
index 0000000..63c202d
--- /dev/null
+++ b/production
@@ -0,0 +1,30 @@
+oracle:
+  hosts:
+    oracle1:
+      ansible_host: [REDACTED]
+    oracle2:
+      ansible_host: [REDACTED]
+    oracle3:
+      ansible_host: [REDACTED]
+    oracle4:
+      ansible_host: [REDACTED]
+  vars:
+    ansible_ssh_private_key_file: [REDACTED]
+    ansible_user: [REDACTED]
+    ansible_ssh_port: [REDACTED]
+    pipelining: true
+    ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+    ansible_python_interpreter: /usr/bin/python3
+
+# ----------------------------------------------------------------------------------------------------
+
+cloudcompute:
+  hosts:
+    vultr:
+      ansible_host: [REDACTED]
+      ansible_ssh_private_key_file: [REDACTED]
+      ansible_user: [REDACTED]
+      ansible_ssh_port: [REDACTED]
+      pipelining: true
+      ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+      ansible_python_interpreter: /usr/bin/python3
\ No newline at end of file
diff --git a/setups/setup-anonymousoverflow.yml b/setups/setup-anonymousoverflow.yml
new file mode 100644
index 0000000..895b490
--- /dev/null
+++ b/setups/setup-anonymousoverflow.yml
@@ -0,0 +1,6 @@
+    - name: Generate JWT Secret
+      command: openssl rand -hex 32
+      register: anonymousoverflow_jwt_secret_result
+
+    - set_fact:
+        anonymousoverflow_jwt_secret: "{{ anonymousoverflow_jwt_secret_result.stdout }}"
\ No newline at end of file
diff --git a/setups/setup-authelia.yml b/setups/setup-authelia.yml
new file mode 100644
index 0000000..aa03f1a
--- /dev/null
+++ b/setups/setup-authelia.yml
@@ -0,0 +1,29 @@
+    - name: Generate JWT Secret
+      command: openssl rand -hex 64
+      register: authelia_jwt_secret_result
+
+    - set_fact:
+        authelia_jwt_secret: "{{ authelia_jwt_secret_result.stdout }}"
+
+    - name: Generate Session Secret
+      command: openssl rand -hex 64
+      register: authelia_session_secret_result
+
+    - set_fact:
+        authelia_session_secret: "{{ authelia_session_secret_result.stdout }}"
+
+    - name: Set up configuration.yml
+      template:
+        src: "conf/configuration.yml.j2"
+        dest: "{{ docker_dir }}/authelia/configuration.yml"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Set up users_database.yml
+      template:
+        src: "conf/users_database.yml.j2"
+        dest: "{{ docker_dir }}/authelia/users_database.yml"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-breezewiki.yml b/setups/setup-breezewiki.yml
new file mode 100644
index 0000000..1417dbf
--- /dev/null
+++ b/setups/setup-breezewiki.yml
@@ -0,0 +1,7 @@
+    - name: Setup breezewiki config
+      template:
+        src: "conf/config.ini.j2"
+        dest: "{{ docker_dir }}/breezewiki/config.ini.j2"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-caddy.yml b/setups/setup-caddy.yml
new file mode 100644
index 0000000..1175abf
--- /dev/null
+++ b/setups/setup-caddy.yml
@@ -0,0 +1,21 @@
+    - name: Check GeoLite2 file
+      stat:
+        path: "{{ docker_dir }}/caddy/GeoLite2-City.mmdb"
+      register: geolite
+      tags: never
+
+    - name: Create GeoLite2 file
+      command: "touch {{ docker_dir }}/caddy/GeoLite2-City.mmdb"
+      when:
+        - not geolite.stat.exists
+      tags: never
+
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Set up Caddyfile
+      template:
+        src: "conf/Caddyfile.j2"
+        dest: "{{ docker_dir }}/caddy/Caddyfile"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-firefox.yml b/setups/setup-firefox.yml
new file mode 100755
index 0000000..986b086
--- /dev/null
+++ b/setups/setup-firefox.yml
@@ -0,0 +1,7 @@
+    - name: Copy firefox directory
+      copy:
+        src: "firefox/"
+        dest: "{{ docker_dir }}/firefox"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-gitea.yml b/setups/setup-gitea.yml
new file mode 100644
index 0000000..a2ff3b5
--- /dev/null
+++ b/setups/setup-gitea.yml
@@ -0,0 +1,11 @@
+    - name: Copy gitea directory
+      copy:
+        src: "gitea/"
+        dest: "{{ docker_dir }}/gitea/data/gitea"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Curl Github theme
+      shell: curl -s 'https://raw.githubusercontent.com/Rainnny7/gitea-github-theme/master/theme-github.css' > {{ docker_dir }}/gitea/data/gitea/public/assets/css/theme-github.css
+      ignore_errors: true
diff --git a/setups/setup-nitter.yml b/setups/setup-nitter.yml
new file mode 100644
index 0000000..e46a68f
--- /dev/null
+++ b/setups/setup-nitter.yml
@@ -0,0 +1,40 @@
+    - name: Generate JWT Secret
+      command: openssl rand -hex 32
+      register: nitter_jwt_secret_result
+
+    - set_fact:
+        nitter_jwt_secret: "{{ nitter_jwt_secret_result.stdout }}"
+
+    - name: Set up nitter conf
+      template:
+        src: "conf/nitter.conf.j2"
+        dest: "{{ docker_dir }}/nitter/nitter.conf"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Copy about.md
+      copy:
+        src: "nitter/about.md"
+        dest: "{{ docker_dir }}/nitter/about.md"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Copy about.html
+      copy:
+        src: "nitter/about.html"
+        dest: "{{ docker_dir }}/nitter/about.html"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Curl guest_accounts.jsonl
+      shell: curl -s '{{ twitterminator_url }}' > {{ docker_dir }}/nitter/guest_accounts.jsonl
+      ignore_errors: true
+
+    - name: Chmod guest_accounts.jsonl
+      command: chmod 0777 {{ docker_dir }}/nitter/guest_accounts.jsonl
+
+    - name: Chown guest_accounts.jsonl
+      command: chown 1000:1000 {{ docker_dir }}/nitter/guest_accounts.jsonl
\ No newline at end of file
diff --git a/setups/setup-paulgo.yml b/setups/setup-paulgo.yml
new file mode 100644
index 0000000..6c9dfe6
--- /dev/null
+++ b/setups/setup-paulgo.yml
@@ -0,0 +1,22 @@
+    - name: Generate JWT Secret
+      command: openssl rand -hex 32
+      register: paulgo_jwt_secret_result
+
+    - set_fact:
+        paulgo_jwt_secret: "{{ paulgo_jwt_secret_result.stdout }}"
+
+    - name: Set up paulgo conf
+      template:
+        src: "conf/settings.yml.j2"
+        dest: "{{ docker_dir }}/paulgo/settings.yml"
+        owner: 1000
+        group: 1000
+        mode: 0755
+
+    - name: Copy donate.md
+      copy:
+        src: "paulgo/donate.md"
+        dest: "{{ docker_dir }}/paulgo/donate.md"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-runner.yml b/setups/setup-runner.yml
new file mode 100644
index 0000000..375b12f
--- /dev/null
+++ b/setups/setup-runner.yml
@@ -0,0 +1,7 @@
+    - name: Setup runner.j2
+      template:
+        src: "conf/runner.j2"
+        dest: "{{ docker_dir }}/runner/.runner"
+        owner: 1000
+        group: 1000
+        mode: 0755
\ No newline at end of file
diff --git a/setups/setup-scribe.yml b/setups/setup-scribe.yml
new file mode 100644
index 0000000..f599d3f
--- /dev/null
+++ b/setups/setup-scribe.yml
@@ -0,0 +1,6 @@
+    - name: Generate JWT Secret
+      command: openssl rand -hex 32
+      register: scribe_jwt_secret_result
+
+    - set_fact:
+        scribe_jwt_secret: "{{ scribe_jwt_secret_result.stdout }}"
\ No newline at end of file
diff --git a/templates/compose/4get.yaml.j2 b/templates/compose/4get.yaml.j2
new file mode 100644
index 0000000..8bb3c4b
--- /dev/null
+++ b/templates/compose/4get.yaml.j2
@@ -0,0 +1,26 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  4get:
+    image: git.opnxng.com/opnxng/4get:latest
+    container_name: 4get
+    security_opt:
+      - no-new-privileges
+    cap_drop:
+      - ALL
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - FOURGET_SERVER_NAME=4g.opnxng.com
+      - FOURGET_SERVER_ADMIN_EMAIL=opnxng@tuta.io
+    #restart: unless-stopped
+    ports:
+      - '8907:80'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/anonymousoverflow.yaml.j2 b/templates/compose/anonymousoverflow.yaml.j2
new file mode 100644
index 0000000..1367c55
--- /dev/null
+++ b/templates/compose/anonymousoverflow.yaml.j2
@@ -0,0 +1,26 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  anonymousoverflow:
+    image: codeberg.org/aryak/anonymousoverflow-docker-builds
+    container_name: anonymousoverflow
+    security_opt:
+      - no-new-privileges
+    cap_drop:
+      - ALL
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - APP_URL=https://a.opnxng.com
+      - JWT_SIGNING_SECRET="{{ anonymousoverflow_jwt_secret }}"
+    restart: unless-stopped
+    ports:
+      - '8898:8080'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/authelia.yaml.j2 b/templates/compose/authelia.yaml.j2
new file mode 100644
index 0000000..439ceb1
--- /dev/null
+++ b/templates/compose/authelia.yaml.j2
@@ -0,0 +1,24 @@
+# {{ ansible_managed }}
+version: "3.3"
+services:
+  authelia:
+    image: ghcr.io/authelia/authelia
+    container_name: authelia
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    ports:
+      - 9091:9091
+    volumes:
+      - {{ docker_dir }}/authelia:/config
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/binternet.yaml.j2 b/templates/compose/binternet.yaml.j2
new file mode 100644
index 0000000..1c4e5fb
--- /dev/null
+++ b/templates/compose/binternet.yaml.j2
@@ -0,0 +1,22 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  binternet:
+    image: git.opnxng.com/opnxng/binternet:latest
+    container_name: binternet
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    restart: unless-stopped
+    ports:
+      - '8896:80'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/breezewiki.yaml.j2 b/templates/compose/breezewiki.yaml.j2
new file mode 100644
index 0000000..e941ff8
--- /dev/null
+++ b/templates/compose/breezewiki.yaml.j2
@@ -0,0 +1,24 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  breezewiki:
+    image: quay.io/pussthecatorg/breezewiki:latest
+    container_name: breezewiki
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    restart: unless-stopped
+    ports:
+      - '8897:10416'
+    volumes:
+      - {{ docker_dir }}/breezewiki/config.ini:/app/config.ini
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/caddy.yaml.j2 b/templates/compose/caddy.yaml.j2
new file mode 100644
index 0000000..29f5f36
--- /dev/null
+++ b/templates/compose/caddy.yaml.j2
@@ -0,0 +1,30 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  caddy:
+    image: git.opnxng.com/opnxng/caddy:latest
+    container_name: caddy
+    security_opt:
+      - no-new-privileges
+    cap_drop:
+      - ALL
+    cap_add:
+      - NET_BIND_SERVICE
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - HOSTNAME=opnxng.com
+      - CLOUDFLARE_API_TOKEN={{ cloudflare_api_token }}
+    volumes:
+      - {{ docker_dir }}/caddy/GeoLite2-City.mmdb:/etc/caddy/GeoLite2-City.mmdb
+      - {{ docker_dir }}/caddy/Caddyfile:/etc/caddy/Caddyfile
+      - {{ docker_dir }}/caddy/caddy-data:/data:rw
+      - {{ docker_dir }}/caddy/caddy-config:/config:rw
+      - {{ docker_dir }}/caddy/www:/www:rw
+    logging:
+        driver: none
+    restart: unless-stopped
+    network_mode: host
+
+# docker run -v ./Caddyfile:/srv/Caddyfile:rw git.opnxng.com/opnxng/caddy:latest caddy fmt --overwrite Caddyfile
diff --git a/templates/compose/cinny.yaml.j2 b/templates/compose/cinny.yaml.j2
new file mode 100644
index 0000000..1630d41
--- /dev/null
+++ b/templates/compose/cinny.yaml.j2
@@ -0,0 +1,22 @@
+# {{ ansible_managed }}
+version: "3.7"
+services:
+  cinny:
+    image: ghcr.io/cinnyapp/cinny:latest
+    container_name: cinny
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    ports:
+      - 8901:80
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/etherpad.yaml.j2 b/templates/compose/etherpad.yaml.j2
new file mode 100644
index 0000000..8731bf3
--- /dev/null
+++ b/templates/compose/etherpad.yaml.j2
@@ -0,0 +1,68 @@
+# {{ ansible_managed }}
+version: '3'
+services:
+  etherpad:
+    image: git.opnxng.com/opnxng/etherpad:latest
+    container_name: etherpad
+    security_opt:
+      - no-new-privileges
+    depends_on:
+      - etherpaddb
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - DB_TYPE=postgres
+      - DB_HOST=etherpaddb
+      - DB_PORT=5432
+      - DB_NAME=etherpad
+      - DB_USER={{ etherpad_db_user }}
+      - DB_PASS={{ etherpad_db_pass }}
+      # - ADMIN_PASSWORD={{ etherpad_admin_password }}
+      - TITLE=Notes
+      - SKIN_VARIANTS="super-light-toolbar super-light-editor light-background"
+      - DEFAULT_PAD_TEXT=Text
+      - PAD_OPTIONS_NO_COLORS=true
+      - PAD_OPTIONS_SHOW_CONTROLS=true
+      - PAD_OPTIONS_SHOW_CHAT=false
+      - PAD_OPTIONS_SHOW_LINE_NUMBERS=false
+      - PAD_OPTIONS_USE_MONOSPACE_FONT=false
+      - PAD_OPTIONS_USER_NAME=false
+      - PAD_OPTIONS_USER_COLOR=false
+      - SOCKETIO_MAX_HTTP_BUFFER_SIZE=1000000000
+      - MAX_AGE=99999999
+      - MINIFY=false
+      - PAD_OPTIONS_ALWAYS_SHOW_CHAT=false
+      - PAD_OPTIONS_CHAT_AND_USERS=false
+      # - PAD_OPTIONS_RTL=false
+      # - PAD_OPTIONS_LANG=null
+    ports:
+      - 8891:9001
+    restart: unless-stopped
+    networks:
+      - IPv4
+      
+  etherpaddb:
+    image: postgres:16-alpine
+    container_name: etherpaddb
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - POSTGRES_DB=etherpad
+      - POSTGRES_USER={{ etherpad_db_user }}
+      - POSTGRES_PASSWORD={{ etherpad_db_pass }}
+    volumes:
+      - {{ docker_dir }}/etherpad/postgres:/var/lib/postgresql/data
+      - {{ docker_dir }}/etherpad/backups:/backups
+      - {{ docker_dir }}/etherpad/dump:/dump
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/firefox.yaml.j2 b/templates/compose/firefox.yaml.j2
new file mode 100644
index 0000000..a1bf1a9
--- /dev/null
+++ b/templates/compose/firefox.yaml.j2
@@ -0,0 +1,38 @@
+# {{ ansible_managed }}
+version: "3.8"
+services:
+  firefox:
+    image: lscr.io/linuxserver/firefox:latest
+    container_name: firefox
+    security_opt:
+      - seccomp:unconfined #optional
+      #- no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - TITLE=GPT
+      - CUSTOM_PORT=8893
+    volumes:
+      - {{ docker_dir }}/firefox:/config:rw
+      - {{ docker_dir }}/firefox/start.sh:/custom-cont-init.d/start.sh
+      - {{ docker_dir }}/firefox/fly:/config/.fly
+      - {{ docker_dir }}/firefox/profile:/config/.mozilla/firefox
+      - {{ docker_dir }}/firefox/index.html:/usr/share/kasmvnc/www/index.html
+      - {{ docker_dir }}/firefox/vnc.html:/usr/share/kasmvnc/www/vnc.html
+      - {{ docker_dir }}/firefox/style.bundle.css:/usr/share/kasmvnc/www/dist/style.bundle.css
+#    devices:
+#      - /dev/dri:/dev/dri
+    ports:
+      - '8893:8893'
+    shm_size: "2gb"
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
+
+
diff --git a/templates/compose/geoipupdate.yaml.j2 b/templates/compose/geoipupdate.yaml.j2
new file mode 100644
index 0000000..463219e
--- /dev/null
+++ b/templates/compose/geoipupdate.yaml.j2
@@ -0,0 +1,25 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  geoipupdate:
+    container_name: geoipupdate
+    image: ghcr.io/maxmind/geoipupdate
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - GEOIPUPDATE_ACCOUNT_ID={{ geoipupdate_account_id }}
+      - GEOIPUPDATE_LICENSE_KEY={{ geoipupdate_license_key }}
+      - GEOIPUPDATE_EDITION_IDS=GeoLite2-City
+      - GEOIPUPDATE_FREQUENCY=72
+    volumes:
+      - {{ docker_dir }}/caddy/:/usr/share/GeoIP/
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/gitea.yaml.j2 b/templates/compose/gitea.yaml.j2
new file mode 100644
index 0000000..ee47bc0
--- /dev/null
+++ b/templates/compose/gitea.yaml.j2
@@ -0,0 +1,31 @@
+# {{ ansible_managed }}
+version: "3"
+services:
+  gitea:
+#    image: gitea/gitea:latest
+    image: gitea/gitea:nightly
+    container_name: gitea
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+#      - TZ=Asia/Singapore
+      - USER_UID=1000
+      - USER_GID=1000
+      - ROOT_URL=https://git.opnxng.com
+    volumes:
+      - {{ docker_dir }}/gitea/data:/data
+      - {{ docker_dir }}/gitea/packages:/packages
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    restart: always
+    ports:
+      - "3000:3000"
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/gothub.yaml.j2 b/templates/compose/gothub.yaml.j2
new file mode 100644
index 0000000..d9b4f83
--- /dev/null
+++ b/templates/compose/gothub.yaml.j2
@@ -0,0 +1,38 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  gothub:
+    image: codeberg.org/gothub/gothub:latest 
+    container_name: gothub
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - DOCKER=true
+      - GOTHUB_SETUP_COMPLETE=true
+      - GOTHUB_PROXYING_ENABLED=false
+      - GOTHUB_IP_LOGGED=false
+      - GOTHUB_REQUEST_URL_LOGGED=false
+      - GOTHUB_USER_AGENT_LOGGED=false
+      - GOTHUB_DIAGNOSTIC_INFO_LOGGED=false
+      - GOTHUB_INSTANCE_PRIVACY_POLICY=https://about.opnxng.com/privacy/
+      - GOTHUB_INSTANCE_COUNTRY=Singapore
+      - GOTHUB_INSTANCE_PROVIDER=Oracle
+      - GOTHUB_INSTANCE_CLOUDFLARE=false
+    healthcheck:
+      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
+      interval: 30s
+      timeout: 5s
+      retries: 2
+    restart: unless-stopped
+    ports:
+      - '8900:3000'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/imgin.yaml.j2 b/templates/compose/imgin.yaml.j2
new file mode 100644
index 0000000..3672427
--- /dev/null
+++ b/templates/compose/imgin.yaml.j2
@@ -0,0 +1,23 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  imgin:
+    image: git.opnxng.com/opnxng/imgin:latest
+    container_name: imgin
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - BUILDX_GIT_INFO=false
+    restart: unless-stopped
+    ports:
+      - '8899:8080'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/it-tools.yaml.j2 b/templates/compose/it-tools.yaml.j2
new file mode 100644
index 0000000..0155fea
--- /dev/null
+++ b/templates/compose/it-tools.yaml.j2
@@ -0,0 +1,22 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  it-tools:
+    container_name: it-tools
+    image: ghcr.io/corentinth/it-tools:latest
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    ports:
+      - 8892:80
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/libreddit.yaml.j2 b/templates/compose/libreddit.yaml.j2
new file mode 100644
index 0000000..faef06d
--- /dev/null
+++ b/templates/compose/libreddit.yaml.j2
@@ -0,0 +1,28 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  libreddit:
+    container_name: libreddit
+    image: libreddit/libreddit:latest
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - LIBREDDIT_DEFAULT_THEME=black
+      - LIBREDDIT_DEFAULT_SHOW_NSFW=on
+    restart: unless-stopped 
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+    ports:
+      - 8882:8080
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/libredditarm.yaml.j2 b/templates/compose/libredditarm.yaml.j2
new file mode 100644
index 0000000..0065879
--- /dev/null
+++ b/templates/compose/libredditarm.yaml.j2
@@ -0,0 +1,28 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  libreddit:
+    container_name: libreddit
+    image: libreddit/libreddit:arm
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - LIBREDDIT_DEFAULT_THEME=black
+      - LIBREDDIT_DEFAULT_SHOW_NSFW=on
+    restart: unless-stopped 
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+    ports:
+      - 8882:8080
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/libremdb.yaml.j2 b/templates/compose/libremdb.yaml.j2
new file mode 100644
index 0000000..4bb0983
--- /dev/null
+++ b/templates/compose/libremdb.yaml.j2
@@ -0,0 +1,27 @@
+# {{ ansible_managed }}
+version: "3.8"
+services:
+  libremdb:
+    image: quay.io/pussthecatorg/libremdb:latest
+    container_name: libremdb
+    security_opt:
+      - no-new-privileges:true
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - NEXT_TELEMETRY_DISABLED='1'
+      - NEXT_PUBLIC_URL=http://localhost:3000
+      - AXIOS_USERAGENT='Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0'
+      - AXIOS_ACCEPT='text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8'
+      - AXIOS_LANGUAGE='en-US,en;q=0.5'
+    ports:
+      - 8905:3000
+    restart: unless-stopped 
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/mlmym.yaml.j2 b/templates/compose/mlmym.yaml.j2
new file mode 100644
index 0000000..2f6e32f
--- /dev/null
+++ b/templates/compose/mlmym.yaml.j2
@@ -0,0 +1,28 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  mlmym:
+    image: ghcr.io/rystaf/mlmym:latest
+    container_name: mlmym
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - DARK=true
+      #- LEMMY_DOMAIN=lemm.ee
+      #- HIDE_THUMBNAILS=false
+      #- LISTING=All
+      #- SORT=Hot
+      #- COMMENT_SORT=Hot
+    restart: unless-stopped
+    ports:
+      - '8902:8080'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/nitter.yaml.j2 b/templates/compose/nitter.yaml.j2
new file mode 100644
index 0000000..dd6a0cd
--- /dev/null
+++ b/templates/compose/nitter.yaml.j2
@@ -0,0 +1,55 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  nitter:
+    image: git.opnxng.com/opnxng/nitter:latest
+    container_name: nitter
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    ports:
+      - 8883:8080
+    volumes:
+      - {{ docker_dir }}/nitter/nitter.conf:/src/nitter.conf:ro
+      - {{ docker_dir }}/nitter/about.html:/src/public/md/about.html:ro
+      - {{ docker_dir }}/nitter/about.md:/src/public/md/about.md:ro
+      - {{ docker_dir }}/nitter/guest_accounts.jsonl:/src/guest_accounts.jsonl
+    depends_on:
+      - nitter-redis
+    restart: unless-stopped
+    healthcheck:
+      test: wget -nv --tries=1 --spider http://127.0.0.1:8080/Jack/status/20 || exit 1
+      interval: 30s
+      timeout: 5s
+      retries: 2
+    networks:
+      - IPv4
+
+  nitter-redis:
+    image: redis:alpine
+    container_name: nitter-redis
+    command: redis-server --save 60 1 --loglevel warning
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    volumes:
+      - {{ docker_dir }}/nitter/nitter-redis:/data
+    restart: unless-stopped
+    healthcheck:
+      test: redis-cli ping
+      interval: 30s
+      timeout: 5s
+      retries: 2
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
diff --git a/templates/compose/ntfy.yaml.j2 b/templates/compose/ntfy.yaml.j2
new file mode 100644
index 0000000..0058cee
--- /dev/null
+++ b/templates/compose/ntfy.yaml.j2
@@ -0,0 +1,43 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  ntfy:
+    image: binwiederhier/ntfy:latest
+    container_name: ntfy
+    command:
+      - serve
+    security_opt:
+      - no-new-privileges
+    #user: UID:GID # optional: replace with your own user/group or uid/gid
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - NTFY_BASE_URL=https://nt.opnxng.com
+      - NTFY_AUTH_DEFAULT_ACCESS=deny-all
+      - NTFY_CACHE_DURATION=72h
+      - NTFY_AUTH_FILE=/var/lib/ntfy/user.db
+      - NTFY_CACHE_FILE=/var/cache/ntfy/cache.db
+    volumes:
+      - {{ docker_dir }}/ntfy/cache.db:/var/cache/ntfy/cache.db
+      - {{ docker_dir }}/ntfy/user.db:/var/lib/ntfy/user.db
+    restart: unless-stopped
+    ports:
+      - '8911:80'
+    healthcheck: # optional: remember to adapt the host:port to your environment
+        test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
+        interval: 60s
+        timeout: 10s
+        retries: 3
+        start_period: 40s
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
+
+# touch {{ docker_dir }}/ntfy/cache.db && touch {{ docker_dir }}/ntfy/user.db
+# docker exec -it ntfy ntfy user add --role=admin opnxng
+# docker exec -it ntfy ntfy token add opnxng 
\ No newline at end of file
diff --git a/templates/compose/paulgo.yaml.j2 b/templates/compose/paulgo.yaml.j2
new file mode 100644
index 0000000..1055b5c
--- /dev/null
+++ b/templates/compose/paulgo.yaml.j2
@@ -0,0 +1,61 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+
+  searxng:
+    image: git.opnxng.com/opnxng/searxng
+    restart: always
+    container_name: searxng
+    security_opt:
+      - no-new-privileges
+    cap_drop:
+      - ALL
+    cap_add:
+      - CHOWN
+      - SETGID
+      - SETUID
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "1m"
+        max-file: "1"
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - LIMITER=true
+      - REDIS_URL=redis://localhost:6379/0
+      - IMAGE_PROXY=true
+      - BASE_URL=https://opnxng.com/
+      - NAME=SearXNG
+      - CONTACT=https://about.opnxng.com/
+      - ISSUE_URL=https://github.com/searxng/searxng/issues
+      - GIT_URL=https://github.com/paulgoio/searxng
+      - GIT_BRANCH=main
+    depends_on:
+      - redis
+    volumes:
+      - {{ docker_dir }}/paulgo/settings.yml:/usr/local/searxng/searx/settings.yml
+      - {{ docker_dir }}/paulgo/donate.md:/usr/local/searxng/searx/infopage/en/donate.md
+    network_mode: host
+
+  redis:
+    container_name: redis
+    image: "redis:alpine"
+    command: redis-server --save "" --appendonly "no"
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    tmpfs:
+      - /var/lib/redis
+    cap_drop:
+      - ALL
+    cap_add:
+      - SETGID
+      - SETUID
+      - DAC_OVERRIDE
+    restart: always
+    network_mode: host
\ No newline at end of file
diff --git a/templates/compose/photon.yaml.j2 b/templates/compose/photon.yaml.j2
new file mode 100644
index 0000000..443c693
--- /dev/null
+++ b/templates/compose/photon.yaml.j2
@@ -0,0 +1,27 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  photon:
+    # image: ghcr.io/xyphyn/photon:latest
+    image: git.opnxng.com/opnxng/photon:latest
+    container_name: photon
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - PUBLIC_INSTANCE_URL=lemm.ee
+      - PUBLIC_DEFAULT_FEED=All
+      - PUBLIC_NSFW_BLUR=false
+      - PUBLIC_LOCK_TO_INSTANCE=false
+    restart: unless-stopped
+    ports:
+      - '8903:3000'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/privatebin.yaml.j2 b/templates/compose/privatebin.yaml.j2
new file mode 100644
index 0000000..5b5f6d6
--- /dev/null
+++ b/templates/compose/privatebin.yaml.j2
@@ -0,0 +1,24 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  privatebin:
+    container_name: privatebin
+    image: privatebin/unit-alpine
+    security_opt:
+      - no-new-privileges
+    environment:
+      - TZ=Asia/Singapore
+    restart: unless-stopped 
+    ports:
+      - 8884:8080
+    volumes:
+      - {{ docker_dir }}/privatebin/data:/srv/data
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
+
+# sudo chown 65534:82 {{ docker_dir }}/privatebin/data
\ No newline at end of file
diff --git a/templates/compose/proxigram.yaml.j2 b/templates/compose/proxigram.yaml.j2
new file mode 100644
index 0000000..10fc2e6
--- /dev/null
+++ b/templates/compose/proxigram.yaml.j2
@@ -0,0 +1,53 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  proxigram:
+    image: git.opnxng.com/opnxng/proxigram:latest
+    container_name: proxigram
+    security_opt:
+      - no-new-privileges
+    depends_on:
+    - proxigram-redis
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - URL=https://ig.opnxng.com
+      - CACHE=true
+      - REDIS_URL=proxigram-redis:6379
+      - EXPIRE_TIME_FOR_RSS=1d
+      - EXPIRE_TIME_FOR_POST=1d
+      - EXPIRE_TIME_FOR_POSTS=1d
+      - EXPIRE_TIME_FOR_PROFILE=1d
+      - EXPIRE_TIME_FOR_STORIES=1d
+      - PROXY=true
+      - FETCH_PROVIDERS=true
+      - FETCH_PROVIDERS_EVERY=1d
+      - PROVIDERS_LIST_URL=https://codeberg.org/ThePenguinDev/proxigram-providers/raw/branch/main/providers.json
+      - USE_HEADLESS_PROVIDERS=false
+      - RSS=true
+      - ITEMS_PER_RSS=5
+      - SLEEP_TIME_PER_REQUEST=5
+    restart: unless-stopped
+    ports:
+      - 8908:3000
+    networks:
+      - IPv4
+      
+  proxigram-redis:
+    container_name: proxigram-redis
+    image: redis:alpine
+    command: redis-server
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - REDIS_URL=redis:6379
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/proxitok.yaml.j2 b/templates/compose/proxitok.yaml.j2
new file mode 100644
index 0000000..cbc6f15
--- /dev/null
+++ b/templates/compose/proxitok.yaml.j2
@@ -0,0 +1,74 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  proxitok:
+    image: ghcr.io/pablouser1/proxitok:latest
+    container_name: proxitok
+    security_opt:
+      - no-new-privileges
+    cap_drop:
+      - ALL
+    cap_add:
+      - CHOWN
+      - SETGID
+      - SETUID
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - LATTE_CACHE=/cache
+      - API_CACHE=redis
+      - REDIS_HOST=proxitok-redis
+      - REDIS_PORT=6379
+      - API_SIGNER=remote
+      - APP_URL=https://tt.opnxng.com
+      - API_SIGNER_URL=http://proxitok-signer:8080/signature
+    restart: unless-stopped
+    ports:
+      - 8909:8080
+    depends_on:
+      - proxitok-redis
+      - signer
+    networks:
+      - IPv4
+      
+  proxitok-redis:
+    container_name: proxitok-redis
+    image: redis:alpine
+    command: redis-server --save 60 1 --loglevel warning
+    user: nobody
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    tmpfs:
+      - /data:size=10M,mode=0770,uid=65534,gid=65534,noexec,nosuid,nodev
+    cap_drop:
+      - ALL
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+  signer:
+    container_name: proxitok-signer
+    image: ghcr.io/pablouser1/signtok:master
+    init: true
+    user: nobody
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    cap_drop:
+      - ALL
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/quetre.yaml.j2 b/templates/compose/quetre.yaml.j2
new file mode 100644
index 0000000..a5b2eed
--- /dev/null
+++ b/templates/compose/quetre.yaml.j2
@@ -0,0 +1,23 @@
+# {{ ansible_managed }}
+version: "3.6"
+services:
+  quetre:
+    image: quay.io/pussthecatorg/quetre:latest
+    container_name: quetre
+    security_opt:
+      - no-new-privileges:true
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - NODE_ENV=production
+      - PORT=3000
+    ports:
+      - 8904:3000
+    restart: unless-stopped 
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/rat-aint-tieba.yaml.j2 b/templates/compose/rat-aint-tieba.yaml.j2
new file mode 100644
index 0000000..f2348b5
--- /dev/null
+++ b/templates/compose/rat-aint-tieba.yaml.j2
@@ -0,0 +1,21 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  rat-aint-tieba:
+    image: git.opnxng.com/opnxng/rat-aint-tieba:latest
+    container_name: rat-aint-tieba
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    restart: unless-stopped
+    ports:
+      - '8910:8886'
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/runner.yaml.j2 b/templates/compose/runner.yaml.j2
new file mode 100755
index 0000000..fd6dfd9
--- /dev/null
+++ b/templates/compose/runner.yaml.j2
@@ -0,0 +1,29 @@
+# {{ ansible_managed }}
+version: "3"
+services:
+  runner:
+    image: gitea/act_runner:latest
+#    image: gitea/act_runner:latest-dind-rootless
+    container_name: runner
+    restart: always
+    privileged: true
+    volumes:
+      - {{ docker_dir }}/runner:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+#    security_opt:
+#      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+#      - DOCKER_HOST={{ docker_host }}
+      - GITEA_INSTANCE_URL=https://git.opnxng.com
+      - GITEA_RUNNER_REGISTRATION_TOKEN="{{ gitea_runner_registration_token }}"
+      - GITEA_RUNNER_NAME=runner
+      - GITEA_RUNNER_LABELS=ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye,ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,runner:host
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/scribe.yaml.j2 b/templates/compose/scribe.yaml.j2
new file mode 100644
index 0000000..beda320
--- /dev/null
+++ b/templates/compose/scribe.yaml.j2
@@ -0,0 +1,28 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  scribe:
+    container_name: scribe
+    image: git.opnxng.com/opnxng/scribe:latest
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - SCRIBE_PORT=8088
+      - PORT=8088
+      - SCRIBE_HOST=0.0.0.0
+      - SCRIBE_DB=postgres://does@not/matter
+      - LUCKY_ENV=production
+      - APP_DOMAIN=m.opnxng.com
+      - SECRET_KEY_BASE="{{ scribe_jwt_secret }}"
+    restart: unless-stopped 
+    ports:
+      - 8890:8088
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/send.yaml.j2 b/templates/compose/send.yaml.j2
new file mode 100644
index 0000000..b3c5256
--- /dev/null
+++ b/templates/compose/send.yaml.j2
@@ -0,0 +1,61 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  send:
+    # image: "registry.gitlab.com/timvisee/send:latest"
+    image: ghcr.io/xavion-lux/send:latest
+    container_name: send
+    restart: always
+    volumes:
+      - {{ docker_dir }}/send/uploads:/uploads
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - NODE_ENV=development
+      - BASE_URL=https://s.opnxng.com
+      - PORT=1443
+      - REDIS_HOST=send-redis
+      - FILE_DIR=/uploads
+      - DOWNLOAD_COUNTS=1,2,5,10,15,25 #,50,100,1000
+      - DEFAULT_DOWNLOADS=10
+      - MAX_DOWNLOADS=25
+      - EXPIRE_TIMES_SECONDS=3600,86400,604800 #2592000
+      - DEFAULT_EXPIRE_SECONDS=604800
+      - MAX_EXPIRE_SECONDS=604800
+    ports:
+      - 8886:1443
+    networks:
+      - IPv4
+    labels:
+      - "com.centurylinklabs.watchtower.enable=false"
+      
+  send-redis:
+    image: 'redis:alpine'
+    container_name: send-redis
+    restart: always
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    volumes:
+      - {{ docker_dir }}/send/send-redis:/data
+    command: "redis-server --appendonly yes"
+    labels:
+      - "com.centurylinklabs.watchtower.enable=false"
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
+
+
+# Clear expired uploads
+# 0 */3 * * *  find {{ docker_dir }}/send/uploads/ -name 7-\* -mmin +10130 -exec rm {} \;
+# 0 */3 * * *  find {{ docker_dir }}/send/uploads/ -name 1-\* -mmin +1500 -exec rm {} \;
\ No newline at end of file
diff --git a/templates/compose/simplytranslate.yaml.j2 b/templates/compose/simplytranslate.yaml.j2
new file mode 100644
index 0000000..1601340
--- /dev/null
+++ b/templates/compose/simplytranslate.yaml.j2
@@ -0,0 +1,29 @@
+# {{ ansible_managed }}
+version: "3.6"
+services:
+  simplytranslate:
+    image: git.opnxng.com/opnxng/simplytranslate:latest
+    container_name: simplytranslate
+    user: nobody
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    cap_drop:
+      - ALL
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - ADDRESS=0.0.0.0:5000
+      - GOOGLETRANSLATE_ENABLE=true
+      - ICIBA_ENABLE=true
+      - REVERSO_ENABLE=true
+    ports:
+      - 8889:5000
+    restart: unless-stopped 
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/socks5.yaml.j2 b/templates/compose/socks5.yaml.j2
new file mode 100644
index 0000000..7e76e45
--- /dev/null
+++ b/templates/compose/socks5.yaml.j2
@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+version: "3"
+services:
+  socks5:
+    image: serjs/go-socks5-proxy
+    container_name: socks5
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - PROXY_PORT=8870
+    restart: unless-stopped
+    network_mode: host
\ No newline at end of file
diff --git a/templates/compose/stirling-pdf.yaml.j2 b/templates/compose/stirling-pdf.yaml.j2
new file mode 100644
index 0000000..b2bc0db
--- /dev/null
+++ b/templates/compose/stirling-pdf.yaml.j2
@@ -0,0 +1,27 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  stirling-pdf:
+    container_name: stirling-pdf
+    image: frooodle/s-pdf
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - ALLOW_GOOGLE_VISIBILITY=false
+#      APP_LOCALE: en_GB
+#      APP_HOME_NAME: Stirling PDF
+#      APP_HOME_DESCRIPTION: Your locally hosted one-stop-shop for all your PDF needs.
+#      APP_NAVBAR_NAME: Stirling PDF
+#      APP_ROOT_PATH: /
+    restart: unless-stopped 
+    ports:
+      - 8887:8080
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/teddit.yaml.j2 b/templates/compose/teddit.yaml.j2
new file mode 100644
index 0000000..1f68574
--- /dev/null
+++ b/templates/compose/teddit.yaml.j2
@@ -0,0 +1,54 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+
+  teddit:
+    container_name: teddit
+    image: teddit/teddit:latest
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - DOMAIN=i.opnxng.com
+      - USE_HELMET=true
+      - USE_HELMET_HSTS=true
+      - TRUST_PROXY=true
+      - REDIS_HOST=teddit-redis
+      - THEME=dark
+      - FLAIRS_ENABLED=false
+      - API_ENABLED=false
+      - SUGGESTED_SUBREDDITS=["Saved", "Selfhosted", "Linux", "Privacy", "DataHoarder"]
+      - DOMAIN_REPLACEMENTS=[["twitter.com","n.opnxng.com"],["quora.com","q.opnxng.com."],["imgur.com","r.opnxng.com"]]
+    restart: unless-stopped 
+    healthcheck:
+      test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]
+      interval: 1m
+      timeout: 3s
+    ports:
+      - 8881:8080
+    depends_on:
+      - teddit-redis
+    logging:
+        driver: none
+    networks:
+      - IPv4
+
+  teddit-redis:
+    container_name: teddit-redis
+    image: redis:alpine
+    command: redis-server
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - REDIS_REPLICATION_MODE=master
+    restart: unless-stopped
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
diff --git a/templates/compose/voyager.yaml.j2 b/templates/compose/voyager.yaml.j2
new file mode 100644
index 0000000..d37ab6f
--- /dev/null
+++ b/templates/compose/voyager.yaml.j2
@@ -0,0 +1,23 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  voyager:
+    image: ghcr.io/aeharding/voyager:latest
+    container_name: voyager
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - CUSTOM_LEMMY_SERVERS=lemm.ee,lemmy.pussthecat.org,lemmy.ml,hexbear.net,sh.itjust.works,beehaw.org,lemmy.world
+    restart: unless-stopped
+    ports:
+      - '8895:5314'
+    networks:
+      - IPv4
+
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/compose/watchtower.yaml.j2 b/templates/compose/watchtower.yaml.j2
new file mode 100644
index 0000000..5f31b98
--- /dev/null
+++ b/templates/compose/watchtower.yaml.j2
@@ -0,0 +1,19 @@
+# {{ ansible_managed }}
+version: '2.1'
+services:
+   watchtower:
+    image: ghcr.io/containrrr/watchtower
+    container_name: watchtower
+    security_opt:
+      - no-new-privileges
+    environment:
+     - PUID=1000
+     - PGID=1000
+     - TZ=Asia/Singapore
+     - WATCHTOWER_CLEANUP=true
+     - WATCHTOWER_WARN_ON_HEAD_FAILURE=never
+    volumes:
+       - /var/run/docker.sock:/var/run/docker.sock
+    command: --schedule "0 0 1 * * *"
+    restart: unless-stopped
+    network_mode: bridge
\ No newline at end of file
diff --git a/templates/compose/wolfree.yaml.j2 b/templates/compose/wolfree.yaml.j2
new file mode 100644
index 0000000..caa6026
--- /dev/null
+++ b/templates/compose/wolfree.yaml.j2
@@ -0,0 +1,21 @@
+# {{ ansible_managed }}
+version: '3.3'
+services:
+  wolfree:
+    image: git.opnxng.com/opnxng/wolfree:latest
+    container_name: wolfree
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+    restart: unless-stopped
+    ports:
+      - '8906:80'
+    networks:
+      - IPv4
+networks:
+  IPv4:
+    external:
+      name: IPv4
\ No newline at end of file
diff --git a/templates/conf/Caddyfile.j2 b/templates/conf/Caddyfile.j2
new file mode 100755
index 0000000..aba426e
--- /dev/null
+++ b/templates/conf/Caddyfile.j2
@@ -0,0 +1,663 @@
+# {{ ansible_managed }}
+{
+	admin off
+	acme_dns cloudflare {$CLOUDFLARE_API_TOKEN}
+	order rate_limit before basicauth
+}
+
+# ----------------------------------------------------------------------------------------------------
+
+# SearXNG
+
+{$HOSTNAME} {
+	log {
+		output discard
+	}
+
+	@api {
+		path /config
+		path /healthz
+		path /stats/errors
+		path /stats/checker
+	}
+
+	@static {
+		path /static/*
+	}
+
+	@notstatic {
+		not path /static/*
+	}
+
+	@imageproxy {
+		path /image_proxy
+	}
+
+	@notimageproxy {
+		not path /image_proxy
+	}
+
+	header {
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		X-XSS-Protection "1; mode=block"
+		X-Content-Type-Options "nosniff"
+		Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"
+		Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
+		Referrer-Policy "no-referrer"
+		X-Robots-Tag "noindex, noarchive, nofollow"
+		-Server
+	}
+
+	header @api {
+		Access-Control-Allow-Methods "GET, OPTIONS"
+		Access-Control-Allow-Origin "*"
+	}
+
+	# Cache
+	header @static {
+		# Cache
+		Cache-Control "public, max-age=31536000"
+		defer
+	}
+
+	header @notstatic {
+		# No Cache
+		Cache-Control "no-cache, no-store"
+		Pragma "no-cache"
+	}
+
+	# CSP (see http://content-security-policy.com/ )
+	header @imageproxy {
+		Content-Security-Policy "default-src 'none'; img-src 'self' data:"
+	}
+
+	header @notimageproxy {
+		Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/searxng/searxng/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"
+	}
+
+	handle {
+		encode zstd gzip
+		reverse_proxy {{ oracle4_private_ip }}:8080 {
+			header_up X-Real-IP {remote_host}
+			header_up X-Forwarded-Port {http.request.port}
+			header_up X-Forwarded-Proto {http.request.scheme}
+		}
+	}
+}
+
+# ----------------------------------------------------------------------------------------------------
+
+# Other subdomains
+
+*.{$HOSTNAME} {
+
+	log {
+		output discard
+	}
+
+	handle {
+		abort
+	}
+
+	header {
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		X-XSS-Protection "1; mode=block"
+		X-Content-Type-Options "nosniff"
+		Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),usb=(),vr=()"
+		#sync-xhr=(),
+		Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';usb 'none';vr 'none'"
+		#sync-xhr 'none';
+		Referrer-Policy "no-referrer"
+		X-Frame-Options SAMEORIGIN
+		-Server
+	}
+
+	@about host about.{$HOSTNAME}
+	handle @about {
+		root * /www
+		encode gzip
+		file_server
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+		}
+	}
+
+	@www host www.{$HOSTNAME}
+	handle @www {
+		redir https://opnxng.com{uri}
+	}
+
+	@x host x.{$HOSTNAME}
+	handle @x {
+		redir https://opnxng.com{uri}
+	}
+
+	@i host i.{$HOSTNAME}
+	handle @i {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ vultr_private_ip }}:8881
+			to {{ oracle1_private_ip }}:8881
+			to {{ oracle2_private_ip }}:8881
+			to {{ oracle3_private_ip }}:8881
+			to {{ oracle4_private_ip }}:8881
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@l host l.{$HOSTNAME}
+	handle @l {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ vultr_private_ip }}:8882
+			to {{ oracle1_private_ip }}:8882
+			to {{ oracle2_private_ip }}:8882
+			to {{ oracle3_private_ip }}:8882
+			to {{ oracle4_private_ip }}:8882
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@n {
+		host n.{$HOSTNAME}
+		maxmind_geolocation {
+			db_path "/etc/caddy/GeoLite2-City.mmdb"
+			deny_countries CN
+		}
+	}
+	handle @n {
+		@notstatic {
+			not path /css/* /js/* /fonts/* /browserconfig.xml /android-chrome* /favicon* /logo* /lp.svg /robots.txt /safari* /site.webmanifest /pic/*
+		}
+		rate_limit @notstatic {remote.ip} 2r/s 60000 500
+		rate_limit @notstatic {remote.ip} 30r/m 300000 500
+		reverse_proxy {{ oracle4_private_ip }}:8883 {
+			transport http {compression off}
+		}
+		header {
+			header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; media-src 'self' blob:; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.twimg.com; manifest-src 'self'"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@t host t.{$HOSTNAME}
+	handle @t {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8889
+			to {{ oracle2_private_ip }}:8889
+			to {{ oracle3_private_ip }}:8889
+			to {{ oracle4_private_ip }}:8889
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@b host b.{$HOSTNAME}
+	handle @b {
+		reverse_proxy {{ oracle1_private_ip }}:8884
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@s host s.{$HOSTNAME}
+	handle @s {
+		encode zstd gzip
+		reverse_proxy {{ oracle1_private_ip }}:8886
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@p host p.{$HOSTNAME}
+	handle @p {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8887
+			to {{ oracle2_private_ip }}:8887
+			to {{ oracle3_private_ip }}:8887
+			to {{ oracle4_private_ip }}:8887
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@m host m.{$HOSTNAME}
+	handle @m {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8890
+			to {{ oracle2_private_ip }}:8890
+			to {{ oracle3_private_ip }}:8890
+			to {{ oracle4_private_ip }}:8890
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@e host e.{$HOSTNAME}
+	handle @e {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:8891
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@it host it.{$HOSTNAME}
+	handle @it {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8892
+			to {{ oracle2_private_ip }}:8892
+			to {{ oracle3_private_ip }}:8892
+			to {{ oracle4_private_ip }}:8892
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@f {
+		host f.{$HOSTNAME}
+		maxmind_geolocation {
+			db_path "/etc/caddy/GeoLite2-City.mmdb"
+			allow_countries {{ allow_countries }}
+		}
+	}
+	handle @f {
+		forward_auth {{ oracle4_private_ip }}:9091 {
+			uri /api/verify?rd=https://auth.opnxng.com/
+			copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
+			#import trusted_proxy_list
+		}
+
+		encode zstd gzip
+		reverse_proxy {{ oracle2_private_ip }}:8893
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@auth host auth.{$HOSTNAME}
+	handle @auth {
+		reverse_proxy {{ oracle4_private_ip }}:9091
+	}
+
+	@v host v.{$HOSTNAME}
+	handle @v {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8895
+			to {{ oracle2_private_ip }}:8895
+			to {{ oracle3_private_ip }}:8895
+			to {{ oracle4_private_ip }}:8895
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@bn host bn.{$HOSTNAME}
+	handle @bn {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8896
+			to {{ oracle2_private_ip }}:8896
+			to {{ oracle3_private_ip }}:8896
+			to {{ oracle4_private_ip }}:8896
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@z host z.{$HOSTNAME}
+	handle @z {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:8897
+		header {
+			X-Permitted-Cross-Domain-Policies "none"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@a host a.{$HOSTNAME}
+	handle @a {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8898
+			to {{ oracle2_private_ip }}:8898
+			to {{ oracle3_private_ip }}:8898
+			to {{ oracle4_private_ip }}:8898
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@r host r.{$HOSTNAME}
+	handle @r {
+		encode zstd gzip
+		reverse_proxy {{ vultr_private_ip }}:8899
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@g host g.{$HOSTNAME}
+	handle @g {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8900
+			to {{ oracle2_private_ip }}:8900
+			to {{ oracle3_private_ip }}:8900
+			to {{ oracle4_private_ip }}:8900
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@c host c.{$HOSTNAME}
+	handle @c {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8901
+			to {{ oracle2_private_ip }}:8901
+			to {{ oracle3_private_ip }}:8901
+			to {{ oracle4_private_ip }}:8901
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@o host o.{$HOSTNAME}
+	handle @o {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8902
+			to {{ oracle2_private_ip }}:8902
+			to {{ oracle3_private_ip }}:8902
+			to {{ oracle4_private_ip }}:8902
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@ph host ph.{$HOSTNAME}
+	handle @ph {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8903
+			to {{ oracle2_private_ip }}:8903
+			to {{ oracle3_private_ip }}:8903
+			to {{ oracle4_private_ip }}:8903
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@q host q.{$HOSTNAME}
+	handle @q {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8904
+			to {{ oracle2_private_ip }}:8904
+			to {{ oracle3_private_ip }}:8904
+			to {{ oracle4_private_ip }}:8904
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@d host d.{$HOSTNAME}
+	handle @d {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8905
+			to {{ oracle2_private_ip }}:8905
+			to {{ oracle3_private_ip }}:8905
+			to {{ oracle4_private_ip }}:8905
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@wf host wf.{$HOSTNAME}
+	handle @wf {
+		encode zstd gzip
+		reverse_proxy {{ oracle2_private_ip }}:8906
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@4g host 4g.{$HOSTNAME}
+	handle @4g {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8907
+			to {{ oracle2_private_ip }}:8907
+			to {{ oracle3_private_ip }}:8907
+			to {{ oracle4_private_ip }}:8907
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@ig host ig.{$HOSTNAME}
+	handle @ig {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8908
+			to {{ oracle2_private_ip }}:8908
+			to {{ oracle3_private_ip }}:8908
+			to {{ oracle4_private_ip }}:8908
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@tt host tt.{$HOSTNAME}
+	handle @tt {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8909
+			to {{ oracle2_private_ip }}:8909
+			to {{ oracle3_private_ip }}:8909
+			to {{ oracle4_private_ip }}:8909
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@tb host tb.{$HOSTNAME}
+	handle @tb {
+		encode zstd gzip
+		reverse_proxy {{ vultr_private_ip }}:8910
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@git host git.{$HOSTNAME}
+	handle @git {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:3000
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+	@nt host nt.{$HOSTNAME}
+	handle @nt {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:8911
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
+}
+
+# ----------------------------------------------------------------------------------------------------
+
+# Breezewiki redirect to handle subdomain.fandom.com
+
+*.z.{$HOSTNAME} {
+	@fandom host *.z.{$HOSTNAME}
+	redir https://z.opnxng.com/{labels.3}{uri}
+	header {
+		X-Permitted-Cross-Domain-Policies "none"
+		X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		X-XSS-Protection "1; mode=block"
+		X-Content-Type-Options "nosniff"
+		Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"
+		Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
+		Referrer-Policy "no-referrer"
+		X-Frame-Options SAMEORIGIN
+		-Server
+	}
+
+	log {
+		output discard
+	}
+
+	handle {
+		abort
+	}
+}
+
+# ----------------------------------------------------------------------------------------------------
+
+# Imgin redirect to handle i.imgur.com
+
+i.r.{$HOSTNAME} {
+
+	handle {
+		redir https://r.opnxng.com{uri}
+	}
+
+	log {
+		output discard
+	}
+
+	handle {
+		abort
+	}
+}
+
+# ----------------------------------------------------------------------------------------------------
\ No newline at end of file
diff --git a/templates/conf/config.ini.j2 b/templates/conf/config.ini.j2
new file mode 100644
index 0000000..06ed297
--- /dev/null
+++ b/templates/conf/config.ini.j2
@@ -0,0 +1,3 @@
+canonical_origin = https://z.opnxng.com
+debug = false
+port = 10416
\ No newline at end of file
diff --git a/templates/conf/nitter.conf.j2 b/templates/conf/nitter.conf.j2
new file mode 100755
index 0000000..570ede9
--- /dev/null
+++ b/templates/conf/nitter.conf.j2
@@ -0,0 +1,48 @@
+# {{ ansible_managed }}
+[Server]
+address = "0.0.0.0"
+port = 8080
+https = false  # disable to enable cookies when not using https
+httpMaxConnections = 100
+staticDir = "./public"
+title = "nitter"
+hostname = "n.opnxng.com"
+
+[Cache]
+listMinutes = 240  # how long to cache list info (not the tweets, so keep it high)
+rssMinutes = 10  # how long to cache rss queries
+redisHost = "nitter-redis" if using docker-compose
+redisPort = 6379
+redisPassword = ""
+#redisConnections = 0
+#redisMaxConnections = 0
+#redisConnections = 20  # connection pool size
+#redisMaxConnections = 30
+# max, new connections are opened when none are available, but if the pool size
+# goes above this, they're closed when released. don't worry about this unless
+# you receive tons of requests per second
+
+[Config]
+hmacKey = "{{ nitter_jwt_secret }}"  # random key for cryptographic signing of video urls
+base64Media = false  # use base64 encoding for proxied media urls
+enableRSS = false  # set this to false to disable RSS feeds
+enableDebug = false  # enable request logs and debug endpoints
+proxy = ""  # http/https url, SOCKS proxies are not supported
+proxyAuth = ""
+tokenCount = 10
+# minimum amount of usable tokens. tokens are used to authorize API requests,
+# but they expire after ~1 hour, and have a limit of 187 requests.
+# the limit gets reset every 15 minutes, and the pool is filled up so there's
+# always at least $tokenCount usable tokens. again, only increase this if
+# you receive major bursts all the time
+
+# Change default preferences here, see src/prefs_impl.nim for a complete list
+[Preferences]
+theme = "auto_(Twitter)"
+replaceTwitter = "n.opnxng.com"
+replaceYouTube = "yewtu.be"
+replaceReddit = "i.opnxng.com"
+replaceInstagram = ""
+proxyVideos = true
+hlsPlayback = false
+infiniteScroll = false
diff --git a/templates/conf/runner.j2 b/templates/conf/runner.j2
new file mode 100644
index 0000000..6e10af7
--- /dev/null
+++ b/templates/conf/runner.j2
@@ -0,0 +1,15 @@
+{
+  "WARNING": "This file is automatically generated by act-runner. Do not edit it manually unless you know what you are doing. Removing this file will cause act runner to re-register as a new runner.",
+  "id": {{ runner_id }},
+  "uuid": "{{ runner_uuid }}",
+  "name": "runner",
+  "token": "{{ runner_token }}",
+  "address": "https://git.opnxng.com",
+  "labels": [
+    "ubuntu-latest:docker://node:16-bullseye",
+    "ubuntu-22.04:docker://node:16-bullseye",
+    "ubuntu-20.04:docker://node:16-bullseye",
+    "ubuntu-18.04:docker://node:16-buster",
+    "runner:host"
+  ]
+}
\ No newline at end of file
diff --git a/templates/conf/settings.yml.j2 b/templates/conf/settings.yml.j2
new file mode 100755
index 0000000..ae4a611
--- /dev/null
+++ b/templates/conf/settings.yml.j2
@@ -0,0 +1,2543 @@
+# {{ ansible_managed }}
+general:
+  # Debug mode, only for development. Is overwritten by ${SEARXNG_DEBUG}
+  debug: false
+  # displayed name
+  instance_name: "SearXNG"
+  # For example: https://example.com/privacy
+  privacypolicy_url: false
+  # use true to use your own donation page written in searx/info/en/donate.md
+  # use false to disable the donation link
+  donation_url: false
+  # mailto:contact@example.com
+  contact_url: https://about.opnxng.com
+  # record stats
+  enable_metrics: true
+
+brand:
+  new_issue_url: https://github.com/searxng/searxng/issues/new
+  docs_url: https://docs.searxng.org/
+  public_instances: https://searx.space
+  wiki_url: https://github.com/searxng/searxng/wiki
+  issue_url: https://github.com/searxng/searxng/issues
+
+search:
+  # Filter results. 0: None, 1: Moderate, 2: Strict
+  safe_search: 0
+  # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "yandex",
+  # "seznam", "startpage", "swisscows", "qwant", "wikipedia" - leave blank to turn it off
+  # by default.
+  autocomplete: "google"
+  # minimun characters to type before autocompleter starts
+  autocomplete_min: 4
+  # Default search language - leave blank to detect from browser information or
+  # use codes from 'languages.py'
+  default_lang: "all"
+  # Available languages
+  # languages:
+  #   - all
+  #   - en
+  #   - en-US
+  #   - de
+  #   - it-IT
+  #   - fr
+  #   - fr-BE
+  # ban time in seconds after engine errors
+  ban_time_on_fail: 5
+  # max ban time in seconds after engine errors
+  max_ban_time_on_fail: 120
+  suspended_times:
+    # Engine suspension time after error (in seconds; set to 0 to disable)
+    # For error "Access denied" and "HTTP error [402, 403]"
+    SearxEngineAccessDenied: 86400
+    # For error "CAPTCHA"
+    SearxEngineCaptcha: 86400
+    # For error "Too many request" and "HTTP error 429"
+    SearxEngineTooManyRequests: 3600
+    # Cloudflare CAPTCHA
+    cf_SearxEngineCaptcha: 1296000
+    cf_SearxEngineAccessDenied: 86400
+    # ReCAPTCHA
+    recaptcha_SearxEngineCaptcha: 604800
+
+  # remove format to deny access, use lower case.
+  # formats: [html, csv, json, rss]
+  formats:
+    - html
+
+server:
+  # If you change port, bind_address or base_url don't forget to rebuild
+  # instance's environment (make buildenv). Is overwritten by ${SEARXNG_PORT}
+  # and ${SEARXNG_BIND_ADDRESS}
+  port: 8080
+  bind_address: "0.0.0.0"
+  # public URL of the instance, to ensure correct inbound links. Is overwritten
+  # by ${SEARXNG_URL}.
+  base_url: "https://opnxng.com"
+  public_instance: true
+
+  # If your instance owns a /etc/searxng/settings.yml file, then set the following
+  # values there.
+  secret_key: "{{ paulgo_jwt_secret }}"  # Is overwritten by ${SEARXNG_SECRET}
+  # Proxying image results through searx
+  image_proxy: true
+  # 1.0 and 1.1 are supported
+  http_protocol_version: "1.1"
+  # POST queries are more secure as they don't show up in history but may cause
+  # problems when using Firefox containers
+  method: "POST"
+  default_http_headers:
+    X-Download-Options: noopen
+
+redis:
+  # URL to connect redis database. Is overwritten by ${SEARXNG_REDIS_URL}.
+  # https://docs.searxng.org/admin/settings/settings_redis.html#settings-redis
+  url: redis://localhost:6379/0
+
+ui:
+  # Custom static path - leave it blank if you didn't change
+  static_path: ""
+  static_use_hash: true
+  # Custom templates path - leave it blank if you didn't change
+  templates_path: ""
+  # query_in_title: When true, the result page's titles contains the query
+  # it decreases the privacy, since the browser can records the page titles.
+  query_in_title: false
+  # infinite_scroll: When true, automatically loads the next page when scrolling to bottom of the current page.
+  infinite_scroll: false
+  # ui theme
+  default_theme: simple
+  # center the results ?
+  center_alignment: true
+  # URL prefix of the internet archive, don't forget trailing slash (if needed).
+  # cache_url: "https://webcache.googleusercontent.com/search?q=cache:"
+  # Default interface locale - leave blank to detect from browser information or
+  # use codes from the 'locales' config section
+  default_locale: ""
+  # Open result links in a new tab by default
+  # results_on_new_tab: false
+  theme_args:
+    # style of simple theme: auto, light, dark
+    simple_style: auto
+  # Perform search immediately if a category selected.
+  # Disable to select multiple categories at once and start the search manually.
+  search_on_category_select: true
+  # Hotkeys: default or vim
+  hotkeys: default
+
+# Lock arbitrary settings on the preferences page.  To find the ID of the user
+# setting you want to lock, check the ID of the form on the page "preferences".
+#
+# preferences:
+#   lock:
+#     - language
+#     - autocomplete
+#     - method
+#     - query_in_title
+
+# searx supports result proxification using an external service:
+# https://github.com/asciimoo/morty uncomment below section if you have running
+# morty proxy the key is base64 encoded (keep the !!binary notation)
+# Note: since commit af77ec3, morty accepts a base64 encoded key.
+#
+# result_proxy:
+#   url: http://127.0.0.1:3000/
+#   # the key is a base64 encoded string, the YAML !!binary prefix is optional
+#   key: !!binary "your_morty_proxy_key"
+#   # [true|false] enable the "proxy" button next to each result
+#   proxify_results: true
+
+# communication with search engines
+#
+outgoing:
+  # default timeout in seconds, can be override by engine
+  request_timeout: 3.0
+  # the maximum timeout in seconds
+  # max_request_timeout: 10.0
+  # suffix of searx_useragent, could contain information like an email address
+  # to the administrator
+  useragent_suffix: ""
+  # The maximum number of concurrent connections that may be established.
+  pool_connections: 100
+  # Allow the connection pool to maintain keep-alive connections below this
+  # point.
+  pool_maxsize: 20
+  # See https://www.python-httpx.org/http2/
+  enable_http2: true
+  retries: 2
+  retry_on_http_error: [403, 404, 429]
+  # With socks5h, outgoing requests are made using IPv6 addresses
+  proxies:
+   all://:
+      - socks5://{{ vultr_private_ip }}:8870
+      - socks5h://{{ vultr_private_ip }}:8870
+
+      - socks5://{{ oracle1_private_ip }}:8870
+      - socks5h://{{ oracle1_private_ip }}:8870
+
+      - socks5://{{ oracle2_private_ip }}:8870
+      - socks5h://{{ oracle2_private_ip }}:8870
+
+      - socks5://{{ oracle3_private_ip }}:8870
+      - socks5h://{{ oracle3_private_ip }}:8870
+
+      - socks5://{{ oracle4_private_ip }}:8870
+      - socks5h://{{ oracle4_private_ip }}:8870
+
+
+# External plugin configuration, for more details see
+#   https://docs.searxng.org/dev/plugins.html
+#
+# plugins:
+#   - plugin1
+#   - plugin2
+#   - ...
+
+# Comment or un-comment plugin to activate / deactivate by default.
+#
+enabled_plugins:
+  # these plugins are enabled if nothing is configured ..
+  - 'Hash plugin'
+  - 'Self Information'
+  - 'Tracker URL remover'
+  - 'Ahmia blacklist'  # activation depends on outgoing.using_tor_proxy
+#   # these plugins are disabled if nothing is configured ..
+  - 'Hostname replace'  # see hostname_replace configuration below
+#   - 'Open Access DOI rewrite'
+#   - 'Tor check plugin'
+#   # Read the docs before activate: auto-detection of the language could be
+#   # detrimental to users expectations / users can activate the plugin in the
+#   # preferences if they want.
+#   - 'Autodetect search language'
+
+# Configuration of the "Hostname replace" plugin:
+#
+hostname_replace:
+  '(.*\.)?music.youtube\.com$':     'beatbump.io'
+  '(.*\.)?youtube\.com$':           'yewtu.be'
+  '(.*\.)?youtu\.be$':              'yewtu.be'
+  '(.*\.)?youtube-noocookie\.com$': 'yewtu.be'
+  '(.*\.)?reddit\.com$':            'i.opnxng.com'
+  '(.*\.)?redd\.it$':               'i.opnxng.com'
+  '(.*\.)?libi.opnxng\.com$':       'l.opnxng.com'
+#  '(.*\.)?reddit\.com$':            'old.reddit.com'
+#  '(.*\.)?redd\.it$':               'old.reddit.com'
+  '(.*\.)?medium\.com$':            'm.opnxng.com'
+  'fandom\.com$':          'z.opnxng.com'
+  '(.*\.)?imgur\.com$':    'r.opnxng.com'
+  '(.*\.)?mobile.twitter\.com$':    'n.opnxng.com'
+  '(about\www\.)?twitter\.com$':          'n.opnxng.com'
+  '(.*\.)?quora\.com$':            'q.opnxng.com'
+  '(.*\.)?imdb\.com$':            'd.opnxng.com'
+  '(.*\.)?instagram\.com$':            'ig.opnxng.com'
+#  '(.*\.)?tiktok\.com$':            'tt.opnxng.com'
+  '(.*\.)?tieba.baidu\.com$':       'tb.opnxng.com'
+  '(.*\.)?wolframalpha\.com$':            'wf.opnxng.com'
+
+  # block bload domains
+
+  'com\.de': false
+  '(.*\.)?codegrepper\.com': false
+  '(.*\.)?w3schools\.com': false
+  '(.*\.)?geeksforgeeks\.org': false
+  '(.*\.)?stackshare\.io': false
+  '(.*\.)?tutorialspoint\.com': false
+  '(.*\.)?answeright\.com': false
+  '(.*\.)?askdev\.info': false
+  '(.*\.)?askdev\.io': false
+  '(.*\.)?blogmepost\.com': false
+  '(.*\.)?c-sharpcorner\.com': false
+  '(.*\.)?code-examples\.net': false
+  '(.*\.)?codeflow\.site': false
+  '(.*\.)?gitmemory\.cn': false
+  '(.*\.)?gitmemory\.com': false
+  '(.*\.)?intellipaat\.com': false
+  '(.*\.)?javaer101\.com': false
+  '(.*\.)?programmerstart\.com': false
+  '(.*\.)?programmersought\.com': false
+  '(.*\.)?qastack\.com': false
+  '(.*\.)?roboflow\.ai': false
+  '(.*\.)?stackanswers\.net': false
+  '(.*\.)?stackoom\.com': false
+  '(.*\.)?stackovernet\.com': false
+  '(.*\.)?stackovernet\.xyz': false
+  '(.*\.)?stackoverrun\.com': false
+  '(.*\.)?thetopsites\.net': false
+  '(.*\.)?ubuntugeeks\.com': false
+  '(.*\.)?cyberciti\.biz': false
+  '(.*\.)?ispycode\.com': false
+  '(.*\.)?reposhub\.com': false
+  '(.*\.)?githubmemory\.com': false
+  '(.*\.)?issueexplorer\.com': false
+  '(.*\.)?tabnine\.com': false
+  '(.*\.)?gitcode\.net': false
+  '(.*\.)?command-not-found\.com': false
+  '(.*\.)?im-coder\.com': false
+  '(.*\.)?i-harness\.com': false
+
+  # ublock-origin-shitty-copies-filter/stackoverflow-copycats.txt
+
+  '(.*\.)?code-examples\.net': false
+  '(.*\.)?kotaeta\.com': false
+  '(.*\.)?answer-id\.com': false
+  '(.*\.)?code\.i-harness\.com': false
+  '(.*\.)?living-sun\.com': false
+  '(.*\.)?qastack\.jp': false
+  '(.*\.)?qastack\.ru': false
+  '(.*\.)?qastack\.it': false
+  '(.*\.)?qastack\.mx': false
+  '(.*\.)?qastack\.com\.br': false
+  '(.*\.)?qastack\.info\.tr': false
+  '(.*\.)?qastack\.in\.th': false
+  '(.*\.)?qastack\.com\.de': false
+  '(.*\.)?qastack\.fr': false
+  '(.*\.)?qastack\.cn': false
+  '(.*\.)?qastack\.com\.ua': false
+  '(.*\.)?qastack\.co\.in': false
+  '(.*\.)?qastack\.kr': false
+  '(.*\.)?qastack\.vn': false
+  '(.*\.)?qastack\.net\.bd': false
+  '(.*\.)?qa-stack\.pl': false
+  '(.*\.)?qastack\.id': false
+  '(.*\.)?coder\.work': false
+  '(.*\.)?it-swarm-ja\.tech': false
+  '(.*\.)?it-swarm\.jp\.net': false
+  '(.*\.)?it-mure\.jp\.net': false
+  '(.*\.)?it-swarm-ja\.com': false
+  '(.*\.)?it-swarm\.com\.ru': false
+  '(.*\.)?codeflow\.site': false
+  '(.*\.)?codeguides\.site': false
+  '(.*\.)?overcoder\.net': false
+  '(.*\.)?coderoad\.ru': false
+  '(.*\.)?generacodice\.blog': false
+  '(.*\.)?generacodice\.it': false
+  '(.*\.)?generacodice\.com': false
+  '(.*\.)?javaer101\.com': false
+  '(.*\.)?voidcc\.com': false
+  '(.*\.)?siwib\.org': false
+  '(.*\.)?fluffyfables\.com': false
+  '(.*\.)?fixes\.pub': false
+  '(.*\.)?knews\.vip': false
+  '(.*\.)?isolution\.pro': false
+  '(.*\.)?uwenku\.com': false
+  '(.*\.)?lycaeum\.dev': false
+  '(.*\.)?brocante\.dev': false
+  '(.*\.)?classmethod\.dev': false
+  '(.*\.)?stormcrow\.dev': false
+  '(.*\.)?athabasca-foto\.com': false
+  '(.*\.)?zsharp\.org': false
+  '(.*\.)?projectbackpack\.org': false
+  '(.*\.)?waymanamechurch\.org': false
+  '(.*\.)?sunflowercreations\.org': false
+  '(.*\.)?cfadnc\.org': false
+  '(.*\.)?fitforlearning\.org': false
+  '(.*\.)?panaindustrial\.com': false
+  '(.*\.)?sierrasummit2005\.org': false
+  '(.*\.)?theshuggahpies\.com': false
+  '(.*\.)?pcbconline\.org': false
+  '(.*\.)?nuomiphp\.com': false
+  '(.*\.)?ubuntu\.buildwebhost\.com': false
+  '(.*\.)?ubuntuaa\.com': false
+  '(.*\.)?debugcn\.com': false
+  '(.*\.)?sch22\.org': false
+  '(.*\.)?gupgallery\.com': false
+  '(.*\.)?amuddycup\.com': false
+  '(.*\.)?ecnf2016\.org': false
+  '(.*\.)?softwareuser\.asklobster\.com': false
+  '(.*\.)?domainelespailles\.net': false
+  '(.*\.)?ec-europe\.org': false
+  '(.*\.)?pakostnici\.com': false
+  '(.*\.)?try2explore\.com': false
+  '(.*\.)?laravelquestions\.com': false
+  '(.*\.)?itectec\.com': false
+  '(.*\.)?stackovergo\.com': false
+  '(.*\.)?faithcov\.org': false
+  '(.*\.)?noblenaz\.org': false
+  '(.*\.)?py4u\.net': false
+  '(.*\.)?culinarydegree\.info': false
+  '(.*\.)?safehavenpetrescue\.org': false
+  '(.*\.)?qapicks\.com': false
+  '(.*\.)?issues-world\.com': false
+  '(.*\.)?narkive\.jp': false
+  '(.*\.)?ourladylakes\.org': false
+  '(.*\.)?intellipaat\.com': false
+  '(.*\.)?article\.docway\.net': false
+  '(.*\.)?xiu2\.net': false
+  '(.*\.)?codehero\.jp': false
+  '(.*\.)?quabr\.com': false
+  '(.*\.)?webdevqa\.jp\.net': false
+  '(.*\.)?qapicks\.com': false
+  '(.*\.)?exceptionshub\.com': false
+  '(.*\.)?newbedev\.com': false
+  '(.*\.)?codenong\.com': false
+  '(.*\.)?cainiaojiaocheng\.com': false
+  '(.*\.)?routinepanic\.com': false
+  '(.*\.)?pythonwd\.com': false
+  '(.*\.)?tutorialmore\.com': false
+  '(.*\.)?alwaysemmyhope\.com': false
+  '(.*\.)?pretagteam\.com': false
+  '(.*\.)?titanwolf\.org': false
+  '(.*\.)?coderedirect\.com': false
+  '(.*\.)?ostack\.cn': false
+  '(.*\.)?easysavecode\.com': false
+  '(.*\.)?webdevdesigner\.com': false
+  '(.*\.)?ghcc\.net': false
+  '(.*\.)?developreference\.com': false
+  '(.*\.)?semicolonworld\.com': false
+  '(.*\.)?tipsfordev\.com': false
+  '(.*\.)?qi-u\.com': false
+  '(.*\.)?stackqna\.com': false
+  '(.*\.)?xsprogram\.com': false
+  '(.*\.)?stackoom\.com': false
+  '(.*\.)?it-swarm-fr\.com': false
+  '(.*\.)?imtqy\.com': false
+  '(.*\.)?christfever\.in': false
+  '(.*\.)?codersatellite\.com': false
+  '(.*\.)?cndgn\.com': false
+  '(.*\.)?coredump\.biz': false
+  '(.*\.)?farath\.com': false
+  '(.*\.)?devbugfix\.com': false
+  '(.*\.)?tech\.wayne-chu\.com': false
+  '(.*\.)?stackify\.dev': false
+  '(.*\.)?webknox\.com': false
+  '(.*\.)?stackfinder\.jp\.net': false
+  '(.*\.)?coder-solution-jp\.com': false
+  '(.*\.)?jpndev\.com': false
+  '(.*\.)?uebu-kaihatsu\.jp\.net': false
+  '(.*\.)?sqlite\.in': false
+  '(.*\.)?stackguides\.com': false
+  '(.*\.)?younggeeks\.in': false
+  '(.*\.)?answerlib\.com': false
+  '(.*\.)?edupro\.id': false
+  '(.*\.)?python-stack\.de': false
+  '(.*\.)?stackfinder\.ru': false
+  '(.*\.)?stackfault\.net': false
+  '(.*\.)?howtofix\.io': false
+  '(.*\.)?buzzphp\.com': false
+  '(.*\.)?desenv-web-rp\.com': false
+  '(.*\.)?askdev\.vn': false
+  '(.*\.)?quares\.ru': false
+  '(.*\.)?examplefiles\.net': false
+  '(.*\.)?codewdw\.com': false
+  '(.*\.)?jpcodeqa\.com': false
+  '(.*\.)?tutorialguruji\.com': false
+
+  # ublock-origin-shitty-copies-filter/github-copycats.txt
+
+  '(.*\.)?bleepcoder.com': false
+  '(.*\.)?githubja.com': false
+  '(.*\.)?gitmemory.com': false
+  '(.*\.)?giters.com': false
+  '(.*\.)?githubmemory.com': false
+  '(.*\.)?wenyanet.com': false
+  '(.*\.)?issueexplorer.com': false
+  '(.*\.)?opensourcelibs.com': false
+  '(.*\.)?awesomeopensource.com': false
+  '(.*\.)?findbestopensource.com': false
+  '(.*\.)?githubhelp.com': false
+  '(.*\.)?pythonissues.com': false
+  '(.*\.)?golangrepo.com': false
+  '(.*\.)?gitmemory.cn': false
+  '(.*\.)?githubmate.com': false
+  '(.*\.)?reposhub.com': false
+  '(.*\.)?gitanswer.com': false
+  '(.*\.)?githubplus.com': false
+  '(.*\.)?pythonrepo.com': false
+  '(.*\.)?bestofcpp.com': false
+  '(.*\.)?github.innominds.com': false
+  '(.*\.)?www.higithub.com': false
+
+checker:
+  # disable checker when in debug mode
+  off_when_debug: true
+
+  # use "scheduling: false" to disable scheduling
+  # scheduling: interval or int
+
+  # to activate the scheduler:
+  # * uncomment "scheduling" section
+  # * add "cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1"
+  #   to your uwsgi.ini
+
+  # scheduling:
+  #   start_after: [300, 1800]  # delay to start the first run of the checker
+  #   every: [86400, 90000]     # how often the checker runs
+
+  # additional tests: only for the YAML anchors (see the engines section)
+  #
+  additional_tests:
+    rosebud: &test_rosebud
+      matrix:
+        query: rosebud
+        lang: en
+      result_container:
+        - not_empty
+        - ['one_title_contains', 'citizen kane']
+      test:
+        - unique_results
+
+    android: &test_android
+      matrix:
+        query: ['android']
+        lang: ['en', 'de', 'fr', 'zh-CN']
+      result_container:
+        - not_empty
+        - ['one_title_contains', 'google']
+      test:
+        - unique_results
+
+  # tests: only for the YAML anchors (see the engines section)
+  tests:
+    infobox: &tests_infobox
+      infobox:
+        matrix:
+          query: ["linux", "new york", "bbc"]
+        result_container:
+          - has_infobox
+
+categories_as_tabs:
+  general:
+  images:
+  videos:
+  news:
+  #map:
+  music:
+  it:
+  science:
+  files:
+  #social media:
+
+{% raw %}
+
+engines:
+  - name: 9gag
+    engine: 9gag
+    shortcut: 9g
+    disabled: true
+
+  - name: annas archive
+    engine: annas_archive
+    shortcut: aa
+    disabled: false
+
+  # - name: annas articles
+  #   engine: annas_archive
+  #   shortcut: aaa
+  #   # https://docs.searxng.org/dev/engines/online/annas_archive.html
+  #   aa_content: 'journal_article' # book_any .. magazine, standards_document
+  #   aa_ext: 'pdf'  # pdf, epub, ..
+  #   aa_sort: 'newest'  # newest, oldest, largest, smallest
+
+  - name: apk mirror
+    engine: apkmirror
+    timeout: 4.0
+    shortcut: apkm
+    disabled: true
+
+  - name: apple app store
+    engine: apple_app_store
+    shortcut: aps
+    disabled: true
+
+  # Requires Tor
+  - name: ahmia
+    engine: ahmia
+    categories: onions
+    enable_http: true
+    shortcut: ah
+
+  - name: anaconda
+    engine: xpath
+    paging: true
+    first_page_num: 0
+    search_url: https://anaconda.org/search?q={query}&page={pageno}
+    results_xpath: //tbody/tr
+    url_xpath: ./td/h5/a[last()]/@href
+    title_xpath: ./td/h5
+    content_xpath: ./td[h5]/text()
+    categories: it
+    timeout: 6.0
+    shortcut: conda
+    disabled: true
+
+  - name: arch linux wiki
+    engine: archlinux
+    shortcut: al
+    categories: [it, q&a]
+
+  - name: artic
+    engine: artic
+    shortcut: arc
+    timeout: 4.0
+    disabled: true
+
+  - name: arxiv
+    engine: arxiv
+    shortcut: arx
+    timeout: 4.0
+    disabled: true
+
+  # tmp suspended:  dh key too small
+  # - name: base
+  #   engine: base
+  #   shortcut: bs
+
+  - name: bandcamp
+    engine: bandcamp
+    shortcut: bc
+    categories: music
+
+  - name: wikipedia
+    engine: wikipedia
+    shortcut: wp
+    # add "list" to the array to get results in the results list
+    display_type: ["infobox"]
+    base_url: 'https://{language}.wikipedia.org/'
+    categories: [general]
+
+  - name: bilibili
+    engine: bilibili
+    shortcut: bil
+    disabled: true
+
+  - name: bing
+    engine: bing
+    shortcut: bi
+    disabled: false
+
+  - name: bing images
+    engine: bing_images
+    shortcut: bii
+
+  - name: bing news
+    engine: bing_news
+    shortcut: bin
+    categories: news
+    disabled: false
+
+  - name: bing videos
+    engine: bing_videos
+    shortcut: biv
+    categories: videos
+
+  - name: bitbucket
+    engine: xpath
+    paging: true
+    search_url: https://bitbucket.org/repo/all/{pageno}?name={query}
+    url_xpath: //article[@class="repo-summary"]//a[@class="repo-link"]/@href
+    title_xpath: //article[@class="repo-summary"]//a[@class="repo-link"]
+    content_xpath: //article[@class="repo-summary"]/p
+    categories: [it, repos]
+    timeout: 4.0
+    disabled: true
+    shortcut: bb
+    about:
+      website: https://bitbucket.org/
+      wikidata_id: Q2493781
+      official_api_documentation: https://developer.atlassian.com/bitbucket
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: btdigg
+    engine: btdigg
+    shortcut: bt
+    disabled: true
+
+  - name: ccc-tv
+    engine: xpath
+    paging: false
+    search_url: https://media.ccc.de/search/?q={query}
+    url_xpath: //div[@class="caption"]/h3/a/@href
+    title_xpath: //div[@class="caption"]/h3/a/text()
+    content_xpath: //div[@class="caption"]/h4/@title
+    categories: videos
+    disabled: true
+    shortcut: c3tv
+    about:
+      website: https://media.ccc.de/
+      wikidata_id: Q80729951
+      official_api_documentation: https://github.com/voc/voctoweb
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+      # We don't set language: de here because media.ccc.de is not just
+      # for a German audience. It contains many English videos and many
+      # German videos have English subtitles.
+
+  - name: openverse
+    engine: openverse
+    categories: images
+    shortcut: opv
+    disabled: true
+
+  - name: chefkoch
+    engine: chefkoch
+    shortcut: chef
+    # to show premium or plus results too:
+    # skip_premium: false
+    disabled: true
+
+  # - name: core.ac.uk
+  #   engine: core
+  #   categories: science
+  #   shortcut: cor
+  #   # get your API key from: https://core.ac.uk/api-keys/register/
+  #   api_key: 'unset'
+
+  - name: crossref
+    engine: crossref
+    shortcut: cr
+    timeout: 30
+    disabled: true
+
+  - name: crowdview
+    engine: json_engine
+    shortcut: cv
+    categories: general
+    paging: false
+    search_url: https://crowdview-next-js.onrender.com/api/search-v3?query={query}
+    results_query: results
+    url_query: link
+    title_query: title
+    content_query: snippet
+    disabled: true
+    about:
+      website: https://crowdview.ai/
+
+  - name: yep
+    engine: json_engine
+    shortcut: yep
+    categories: general
+    disabled: true
+    paging: false
+    content_html_to_text: true
+    title_html_to_text: true
+    search_url: https://api.yep.com/fs/1/?type=web&q={query}&no_correct=false&limit=100
+    results_query: 1/results
+    title_query: title
+    url_query: url
+    content_query: snippet
+    about:
+      website: https://yep.com
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+
+  - name: curlie
+    engine: xpath
+    shortcut: cl
+    categories: general
+    disabled: true
+    paging: true
+    lang_all: ''
+    search_url: https://curlie.org/search?q={query}&lang={lang}&start={pageno}&stime=92452189
+    page_size: 20
+    results_xpath: //div[@id="site-list-content"]/div[@class="site-item"]
+    url_xpath: ./div[@class="title-and-desc"]/a/@href
+    title_xpath: ./div[@class="title-and-desc"]/a/div
+    content_xpath: ./div[@class="title-and-desc"]/div[@class="site-descr"]
+    about:
+      website: https://curlie.org/
+      wikidata_id: Q60715723
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: currency
+    engine: currency_convert
+    categories: general
+    shortcut: cc
+    disabled: true
+
+  - name: deezer
+    engine: deezer
+    shortcut: dz
+    disabled: true
+
+  - name: deviantart
+    engine: deviantart
+    shortcut: da
+    timeout: 3.0
+    disabled: true
+
+  - name: ddg definitions
+    engine: duckduckgo_definitions
+    shortcut: ddd
+    weight: 2
+    disabled: true
+    tests: *tests_infobox
+
+  # cloudflare protected
+  # - name: digbt
+  #   engine: digbt
+  #   shortcut: dbt
+  #   timeout: 6.0
+  #   disabled: true
+
+  - name: docker hub
+    engine: docker_hub
+    shortcut: dh
+    categories: [it, packages]
+    disabled: true
+
+  - name: erowid
+    engine: xpath
+    paging: true
+    first_page_num: 0
+    page_size: 30
+    search_url: https://www.erowid.org/search.php?q={query}&s={pageno}
+    url_xpath: //dl[@class="results-list"]/dt[@class="result-title"]/a/@href
+    title_xpath: //dl[@class="results-list"]/dt[@class="result-title"]/a/text()
+    content_xpath: //dl[@class="results-list"]/dd[@class="result-details"]
+    categories: []
+    shortcut: ew
+    disabled: true
+    about:
+      website: https://www.erowid.org/
+      wikidata_id: Q1430691
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  # - name: elasticsearch
+  #   shortcut: es
+  #   engine: elasticsearch
+  #   base_url: http://localhost:9200
+  #   username: elastic
+  #   password: changeme
+  #   index: my-index
+  #   # available options: match, simple_query_string, term, terms, custom
+  #   query_type: match
+  #   # if query_type is set to custom, provide your query here
+  #   #custom_query_json: {"query":{"match_all": {}}}
+  #   #show_metadata: false
+  #   disabled: true
+
+  - name: wikidata
+    engine: wikidata
+    shortcut: wd
+    timeout: 3.0
+    weight: 2
+    # add "list" to the array to get results in the results list
+    display_type: ["infobox"]
+    tests: *tests_infobox
+    categories: [general]
+    disabled: true
+
+  - name: duckduckgo
+    engine: duckduckgo
+    shortcut: ddg
+    disabled: true
+
+  - name: duckduckgo images
+    engine: duckduckgo_extra
+    categories: [images, web]
+    ddg_category: images
+    shortcut: ddi
+    disabled: true
+
+  - name: duckduckgo videos
+    engine: duckduckgo_extra
+    categories: [videos, web]
+    ddg_category: videos
+    shortcut: ddv
+    disabled: true
+
+  - name: duckduckgo news
+    engine: duckduckgo_extra
+    categories: [news, web]
+    ddg_category: news
+    shortcut: ddn
+    disabled: true
+
+  - name: duckduckgo weather
+    engine: duckduckgo_weather
+    shortcut: ddw
+    disabled: true
+
+  - name: apple maps
+    engine: apple_maps
+    shortcut: apm
+    disabled: true
+    timeout: 5.0
+
+  - name: emojipedia
+    engine: emojipedia
+    timeout: 4.0
+    shortcut: em
+    disabled: true
+
+  - name: tineye
+    engine: tineye
+    shortcut: tin
+    timeout: 9.0
+    disabled: true
+
+  - name: etymonline
+    engine: xpath
+    paging: true
+    search_url: https://etymonline.com/search?page={pageno}&q={query}
+    url_xpath: //a[contains(@class, "word__name--")]/@href
+    title_xpath: //a[contains(@class, "word__name--")]
+    content_xpath: //section[contains(@class, "word__defination")]
+    first_page_num: 1
+    shortcut: et
+    categories: [dictionaries]
+    about:
+      website: https://www.etymonline.com/
+      wikidata_id: Q1188617
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  # - name: ebay
+  #   engine: ebay
+  #   shortcut: eb
+  #   base_url: 'https://www.ebay.com'
+  #   disabled: true
+  #   timeout: 5
+
+  - name: 1x
+    engine: www1x
+    shortcut: 1x
+    timeout: 3.0
+    disabled: true
+
+  - name: fdroid
+    engine: fdroid
+    shortcut: fd
+    disabled: true
+
+  - name: flickr
+    categories: images
+    shortcut: fl
+    # You can use the engine using the official stable API, but you need an API
+    # key, see: https://www.flickr.com/services/apps/create/
+    # engine: flickr
+    # api_key: 'apikey' # required!
+    # Or you can use the html non-stable engine, activated by default
+    engine: flickr_noapi
+    disabled: true
+
+  - name: free software directory
+    engine: mediawiki
+    shortcut: fsd
+    categories: [it, software wikis]
+    base_url: https://directory.fsf.org/
+    search_type: title
+    timeout: 5.0
+    disabled: true
+    about:
+      website: https://directory.fsf.org/
+      wikidata_id: Q2470288
+
+  # - name: freesound
+  #   engine: freesound
+  #   shortcut: fnd
+  #   disabled: true
+  #   timeout: 15.0
+  # API key required, see: https://freesound.org/docs/api/overview.html
+  #   api_key: MyAPIkey
+
+  - name: frinkiac
+    engine: frinkiac
+    shortcut: frk
+    disabled: true
+
+  - name: genius
+    engine: genius
+    shortcut: gen
+    disabled: true
+
+  - name: gentoo
+    engine: gentoo
+    shortcut: ge
+    timeout: 10.0
+    disabled: true
+
+  - name: gitlab
+    engine: json_engine
+    paging: true
+    search_url: https://gitlab.com/api/v4/projects?search={query}&page={pageno}
+    url_query: web_url
+    title_query: name_with_namespace
+    content_query: description
+    page_size: 20
+    categories: [it, repos]
+    shortcut: gl
+    timeout: 10.0
+    disabled: true
+    about:
+      website: https://about.gitlab.com/
+      wikidata_id: Q16639197
+      official_api_documentation: https://docs.gitlab.com/ee/api/
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+
+  - name: github
+    engine: github
+    shortcut: gh
+    categories: [it, q&a]
+
+    # This a Gitea service. If you would like to use a different instance,
+    # change codeberg.org to URL of the desired Gitea host. Or you can create a
+    # new engine by copying this and changing the name, shortcut and search_url.
+
+  - name: codeberg
+    engine: json_engine
+    search_url: https://codeberg.org/api/v1/repos/search?q={query}&limit=10
+    url_query: html_url
+    title_query: name
+    content_query: description
+    categories: [it, repos]
+    shortcut: cb
+    disabled: true
+    about:
+      website: https://codeberg.org/
+      wikidata_id:
+      official_api_documentation: https://try.gitea.io/api/swagger
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+
+{% endraw %}
+
+  - name: google
+    engine: google
+    shortcut: go
+    # additional_tests:
+    #   android: *test_android
+    proxies:
+     all://:
+        - socks5://{{ vultr_private_ip }}:8870
+        - socks5://{{ oracle1_private_ip }}:8870
+        - socks5://{{ oracle2_private_ip }}:8870
+        - socks5://{{ oracle3_private_ip }}:8870
+        - socks5://{{ oracle4_private_ip }}:8870
+
+  - name: google images
+    engine: google_images
+    shortcut: goi
+    # additional_tests:
+    #   android: *test_android
+    #   dali:
+    #     matrix:
+    #       query: ['Dali Christ']
+    #       lang: ['en', 'de', 'fr', 'zh-CN']
+    #     result_container:
+    #       - ['one_title_contains', 'Salvador']
+    proxies:
+     all://:
+        - socks5://{{ vultr_private_ip }}:8870
+        - socks5://{{ oracle1_private_ip }}:8870
+        - socks5://{{ oracle2_private_ip }}:8870
+        - socks5://{{ oracle3_private_ip }}:8870
+        - socks5://{{ oracle4_private_ip }}:8870
+
+  - name: google news
+    engine: google_news
+    shortcut: gon
+    # additional_tests:
+    #   android: *test_android
+    categories: news
+    disabled: true
+
+  - name: google videos
+    engine: google_videos
+    shortcut: gov
+    # additional_tests:
+    #   android: *test_android
+    disabled: true
+
+  - name: google scholar
+    engine: google_scholar
+    shortcut: gos
+    proxies:
+     all://:
+        - socks5://{{ vultr_private_ip }}:8870
+        - socks5://{{ oracle1_private_ip }}:8870
+        - socks5://{{ oracle2_private_ip }}:8870
+        - socks5://{{ oracle3_private_ip }}:8870
+        - socks5://{{ oracle4_private_ip }}:8870
+
+  - name: google play apps
+    engine: google_play
+    categories: [files, apps]
+    shortcut: gpa
+    play_categ: apps
+    disabled: true
+
+  - name: google play movies
+    engine: google_play
+    categories: videos
+    shortcut: gpm
+    play_categ: movies
+    disabled: true
+
+{% raw %}
+
+  - name: material icons
+    engine: material_icons
+    categories: images
+    shortcut: mi
+    disabled: true
+
+  - name: gpodder
+    engine: json_engine
+    shortcut: gpod
+    timeout: 4.0
+    paging: false
+    search_url: https://gpodder.net/search.json?q={query}
+    url_query: url
+    title_query: title
+    content_query: description
+    page_size: 19
+    categories: music
+    disabled: true
+    about:
+      website: https://gpodder.net
+      wikidata_id: Q3093354
+      official_api_documentation: https://gpoddernet.readthedocs.io/en/latest/api/
+      use_official_api: false
+      requires_api_key: false
+      results: JSON
+
+  - name: habrahabr
+    engine: xpath
+    paging: true
+    search_url: https://habr.com/en/search/page{pageno}/?q={query}
+    results_xpath: //article[contains(@class, "tm-articles-list__item")]
+    url_xpath: .//a[@class="tm-title__link"]/@href
+    title_xpath: .//a[@class="tm-title__link"]
+    content_xpath: .//div[contains(@class, "article-formatted-body")]
+    categories: it
+    timeout: 4.0
+    disabled: true
+    shortcut: habr
+    about:
+      website: https://habr.com/
+      wikidata_id: Q4494434
+      official_api_documentation: https://habr.com/en/docs/help/api/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: hackernews
+    engine: hackernews
+    shortcut: hn
+    disabled: true
+
+  - name: hoogle
+    engine: xpath
+    paging: true
+    search_url: https://hoogle.haskell.org/?hoogle={query}&start={pageno}
+    results_xpath: '//div[@class="result"]'
+    title_xpath: './/div[@class="ans"]//a'
+    url_xpath: './/div[@class="ans"]//a/@href'
+    content_xpath: './/div[@class="from"]'
+    page_size: 20
+    categories: [it, packages]
+    shortcut: ho
+    about:
+      website: https://hoogle.haskell.org/
+      wikidata_id: Q34010
+      official_api_documentation: https://hackage.haskell.org/api
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+    disabled: true
+
+  - name: imdb
+    engine: imdb
+    shortcut: imdb
+    timeout: 6.0
+    disabled: true
+
+  - name: imgur
+    engine: imgur
+    shortcut: img
+    disabled: true
+
+  - name: ina
+    engine: ina
+    shortcut: in
+    timeout: 6.0
+    disabled: true
+
+  - name: invidious
+    engine: invidious
+    # Instanes will be selected randomly, see https://api.invidious.io/ for
+    # instances that are stable (good uptime) and close to you.
+    base_url:
+      - https://invidious.io.lol
+      - https://invidious.fdn.fr
+      - https://yt.artemislena.eu
+      - https://invidious.tiekoetter.com
+      - https://invidious.flokinet.to
+      - https://vid.puffyan.us
+      - https://invidious.privacydev.net
+      - https://inv.tux.pizza
+    shortcut: iv
+    timeout: 3.0
+    categories: videos
+
+  - name: jisho
+    engine: jisho
+    shortcut: js
+    timeout: 3.0
+    disabled: true
+
+  - name: kickass
+    engine: kickass
+    base_url:
+      - https://kickasstorrents.to
+      - https://kickasstorrents.cr
+      - https://kickasstorrent.cr
+      - https://kickass.sx
+      - https://kat.am
+    shortcut: kc
+    timeout: 4.0
+    disabled: true
+
+  - name: lemmy communities
+    engine: lemmy
+    lemmy_type: Communities
+    shortcut: leco
+
+  - name: lemmy users
+    engine: lemmy
+    network: lemmy communities
+    lemmy_type: Users
+    shortcut: leus
+
+  - name: lemmy posts
+    engine: lemmy
+    network: lemmy communities
+    lemmy_type: Posts
+    shortcut: lepo
+
+  - name: lemmy comments
+    engine: lemmy
+    network: lemmy communities
+    lemmy_type: Comments
+    shortcut: lecom
+
+  - name: library genesis
+    engine: xpath
+    search_url: https://libgen.fun/search.php?req={query}
+    url_xpath: //a[contains(@href,"get.php?md5")]/@href
+    title_xpath: //a[contains(@href,"book/")]/text()[1]
+    content_xpath: //td/a[1][contains(@href,"=author")]/text()
+    categories: files
+    timeout: 7.0
+    disabled: true
+    shortcut: lg
+    about:
+      website: https://libgen.fun/
+      wikidata_id: Q22017206
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: z-library
+    engine: zlibrary
+    shortcut: zlib
+    categories: files
+    timeout: 7.0
+
+  - name: library of congress
+    engine: loc
+    shortcut: loc
+    categories: images
+    disabled: true
+
+  - name: lingva
+    engine: lingva
+    shortcut: lv
+    # set lingva instance in url, by default it will use the official instance
+    # url: https://lingva.ml
+    disabled: true
+
+  - name: lobste.rs
+    engine: xpath
+    search_url: https://lobste.rs/search?utf8=%E2%9C%93&q={query}&what=stories&order=relevance
+    results_xpath: //li[contains(@class, "story")]
+    url_xpath: .//a[@class="u-url"]/@href
+    title_xpath: .//a[@class="u-url"]
+    content_xpath: .//a[@class="domain"]
+    categories: it
+    shortcut: lo
+    timeout: 5.0
+    disabled: true
+    about:
+      website: https://lobste.rs/
+      wikidata_id: Q60762874
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: azlyrics
+    shortcut: lyrics
+    engine: xpath
+    timeout: 4.0
+    disabled: true
+    categories: [music, lyrics]
+    paging: true
+    search_url: https://search.azlyrics.com/search.php?q={query}&w=lyrics&p={pageno}
+    url_xpath: //td[@class="text-left visitedlyr"]/a/@href
+    title_xpath: //span/b/text()
+    content_xpath: //td[@class="text-left visitedlyr"]/a/small
+    about:
+      website: https://azlyrics.com
+      wikidata_id: Q66372542
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: mastodon users
+    engine: mastodon
+    mastodon_type: accounts
+    base_url: https://mastodon.social
+    shortcut: mau
+    disabled: true
+
+  - name: mastodon hashtags
+    engine: mastodon
+    mastodon_type: hashtags
+    base_url: https://mastodon.social
+    shortcut: mah
+    disabled: true
+
+  # - name: matrixrooms
+  #   engine: mrs
+  #   # https://docs.searxng.org/dev/engines/online/mrs.html
+  #   # base_url: https://mrs-api-host
+  #   shortcut: mtrx
+  #   disabled: true
+
+  - name: metacpan
+    engine: metacpan
+    shortcut: cpan
+    disabled: true
+    number_of_results: 20
+
+  # - name: meilisearch
+  #   engine: meilisearch
+  #   shortcut: mes
+  #   enable_http: true
+  #   base_url: http://localhost:7700
+  #   index: my-index
+
+  - name: mixcloud
+    engine: mixcloud
+    shortcut: mc
+    categories: music
+
+  # MongoDB engine
+  # Required dependency: pymongo
+  # - name: mymongo
+  #   engine: mongodb
+  #   shortcut: md
+  #   exact_match_only: false
+  #   host: '127.0.0.1'
+  #   port: 27017
+  #   enable_http: true
+  #   results_per_page: 20
+  #   database: 'business'
+  #   collection: 'reviews'  # name of the db collection
+  #   key: 'name'  # key in the collection to search for
+
+  - name: mwmbl
+    engine: mwmbl
+    # api_url: https://api.mwmbl.org
+    shortcut: mwm
+    disabled: true
+
+  - name: npm
+    engine: json_engine
+    paging: true
+    first_page_num: 0
+    search_url: https://api.npms.io/v2/search?q={query}&size=25&from={pageno}
+    results_query: results
+    url_query: package/links/npm
+    title_query: package/name
+    content_query: package/description
+    page_size: 25
+    categories: [it, packages]
+    disabled: true
+    timeout: 5.0
+    shortcut: npm
+    about:
+      website: https://npms.io/
+      wikidata_id: Q7067518
+      official_api_documentation: https://api-docs.npms.io/
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+
+  - name: nyaa
+    engine: nyaa
+    shortcut: nt
+    disabled: true
+
+  - name: mankier
+    engine: json_engine
+    search_url: https://www.mankier.com/api/v2/mans/?q={query}
+    results_query: results
+    url_query: url
+    title_query: name
+    content_query: description
+    categories: it
+    shortcut: man
+    about:
+      website: https://www.mankier.com/
+      official_api_documentation: https://www.mankier.com/api
+      use_official_api: true
+      require_api_key: false
+      results: JSON
+    disabled: true
+
+  - name: odysee
+    engine: odysee
+    shortcut: od
+    disabled: true
+
+  - name: openairedatasets
+    engine: json_engine
+    paging: true
+    search_url: https://api.openaire.eu/search/datasets?format=json&page={pageno}&size=10&title={query}
+    results_query: response/results/result
+    url_query: metadata/oaf:entity/oaf:result/children/instance/webresource/url/$
+    title_query: metadata/oaf:entity/oaf:result/title/$
+    content_query: metadata/oaf:entity/oaf:result/description/$
+    content_html_to_text: true
+    categories: "science"
+    shortcut: oad
+    timeout: 5.0
+    about:
+      website: https://www.openaire.eu/
+      wikidata_id: Q25106053
+      official_api_documentation: https://api.openaire.eu/
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+    disabled: true
+
+  - name: openairepublications
+    engine: json_engine
+    paging: true
+    search_url: https://api.openaire.eu/search/publications?format=json&page={pageno}&size=10&title={query}
+    results_query: response/results/result
+    url_query: metadata/oaf:entity/oaf:result/children/instance/webresource/url/$
+    title_query: metadata/oaf:entity/oaf:result/title/$
+    content_query: metadata/oaf:entity/oaf:result/description/$
+    content_html_to_text: true
+    categories: science
+    shortcut: oap
+    timeout: 5.0
+    about:
+      website: https://www.openaire.eu/
+      wikidata_id: Q25106053
+      official_api_documentation: https://api.openaire.eu/
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+    disabled: true
+
+  # - name: opensemanticsearch
+  #   engine: opensemantic
+  #   shortcut: oss
+  #   base_url: 'http://localhost:8983/solr/opensemanticsearch/'
+
+  - name: openstreetmap
+    engine: openstreetmap
+    shortcut: osm
+
+  - name: openrepos
+    engine: xpath
+    paging: true
+    search_url: https://openrepos.net/search/node/{query}?page={pageno}
+    url_xpath: //li[@class="search-result"]//h3[@class="title"]/a/@href
+    title_xpath: //li[@class="search-result"]//h3[@class="title"]/a
+    content_xpath: //li[@class="search-result"]//div[@class="search-snippet-info"]//p[@class="search-snippet"]
+    categories: files
+    timeout: 4.0
+    disabled: true
+    shortcut: or
+    about:
+      website: https://openrepos.net/
+      wikidata_id:
+      official_api_documentation:
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: packagist
+    engine: json_engine
+    paging: true
+    search_url: https://packagist.org/search.json?q={query}&page={pageno}
+    results_query: results
+    url_query: url
+    title_query: name
+    content_query: description
+    categories: [it, packages]
+    disabled: true
+    timeout: 5.0
+    shortcut: pack
+    about:
+      website: https://packagist.org
+      wikidata_id: Q108311377
+      official_api_documentation: https://packagist.org/apidoc
+      use_official_api: true
+      require_api_key: false
+      results: JSON
+
+  - name: pdbe
+    engine: pdbe
+    shortcut: pdb
+    # Hide obsolete PDB entries.  Default is not to hide obsolete structures
+    #  hide_obsolete: false
+    disabled: true
+
+  - name: photon
+    engine: photon
+    shortcut: ph
+    disabled: true
+
+  - name: pinterest
+    engine: pinterest
+    shortcut: pin
+
+  - name: piped
+    engine: piped
+    shortcut: ppd
+    categories: videos
+    piped_filter: videos
+    timeout: 3.0
+    disabled: true
+
+    # URL to use as link and for embeds
+    frontend_url: https://srv.piped.video
+    # Instance will be selected randomly, for more see https://piped-instances.kavin.rocks/
+    backend_url:
+      - https://pipedapi.kavin.rocks
+      - https://pipedapi-libre.kavin.rocks
+      - https://pipedapi.adminforge.de
+    disabled: true
+
+  - name: piped.music
+    engine: piped
+    network: piped
+    shortcut: ppdm
+    categories: music
+    piped_filter: music_songs
+    timeout: 3.0
+    disabled: true
+
+  - name: piratebay
+    engine: piratebay
+    shortcut: tpb
+    # You may need to change this URL to a proxy if piratebay is blocked in your
+    # country
+    url: https://thepiratebay.org/
+    timeout: 3.0
+    disabled: true
+
+  # Required dependency: psychopg2
+  #  - name: postgresql
+  #    engine: postgresql
+  #    database: postgres
+  #    username: postgres
+  #    password: postgres
+  #    limit: 10
+  #    query_str: 'SELECT * from my_table WHERE my_column = %(query)s'
+  #    shortcut : psql
+
+  - name: pub.dev
+    engine: xpath
+    shortcut: pd
+    search_url: https://pub.dev/packages?q={query}&page={pageno}
+    paging: true
+    results_xpath: //div[contains(@class,"packages-item")]
+    url_xpath: ./div/h3/a/@href
+    title_xpath: ./div/h3/a
+    content_xpath: ./div/div/div[contains(@class,"packages-description")]/span
+    categories: [packages, it]
+    timeout: 3.0
+    disabled: true
+    first_page_num: 1
+    about:
+      website: https://pub.dev/
+      official_api_documentation: https://pub.dev/help/api
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: pubmed
+    engine: pubmed
+    shortcut: pub
+    timeout: 3.0
+    categories: "science"
+
+  - name: pypi
+    shortcut: pypi
+    engine: xpath
+    paging: true
+    search_url: https://pypi.org/search/?q={query}&page={pageno}
+    results_xpath: /html/body/main/div/div/div/form/div/ul/li/a[@class="package-snippet"]
+    url_xpath: ./@href
+    title_xpath: ./h3/span[@class="package-snippet__name"]
+    content_xpath: ./p
+    suggestion_xpath: /html/body/main/div/div/div/form/div/div[@class="callout-block"]/p/span/a[@class="link"]
+    first_page_num: 1
+    categories: [it, packages]
+    about:
+      website: https://pypi.org
+      wikidata_id: Q2984686
+      official_api_documentation: https://warehouse.readthedocs.io/api-reference/index.html
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+    disabled: true
+
+  - name: qwant
+    qwant_categ: web
+    engine: qwant
+    shortcut: qw
+    categories: [general, web]
+    additional_tests:
+      rosebud: *test_rosebud
+    disabled: true
+
+  - name: qwant news
+    qwant_categ: news
+    engine: qwant
+    shortcut: qwn
+    categories: news
+    network: qwant
+    disabled: true
+
+  - name: qwant images
+    qwant_categ: images
+    engine: qwant
+    shortcut: qwi
+    categories: [images, web]
+    network: qwant
+    disabled: true
+
+  - name: qwant videos
+    qwant_categ: videos
+    engine: qwant
+    shortcut: qwv
+    categories: [videos, web]
+    network: qwant
+    disabled: true
+
+  # - name: library
+  #   engine: recoll
+  #   shortcut: lib
+  #   base_url: 'https://recoll.example.org/'
+  #   search_dir: ''
+  #   mount_prefix: /export
+  #   dl_prefix: 'https://download.example.org'
+  #   timeout: 30.0
+  #   categories: files
+  #   disabled: true
+
+  # - name: recoll library reference
+  #   engine: recoll
+  #   base_url: 'https://recoll.example.org/'
+  #   search_dir: reference
+  #   mount_prefix: /export
+  #   dl_prefix: 'https://download.example.org'
+  #   shortcut: libr
+  #   timeout: 30.0
+  #   categories: files
+  #   disabled: true
+
+  - name: radio browser
+    engine: radio_browser
+    shortcut: rb
+    disabled: true
+
+  - name: reddit
+    engine: reddit
+    shortcut: re
+    page_size: 25
+    disabled: true
+
+  # Required dependency: redis
+  # - name: myredis
+  #   shortcut : rds
+  #   engine: redis_server
+  #   exact_match_only: false
+  #   host: '127.0.0.1'
+  #   port: 6379
+  #   enable_http: true
+  #   password: ''
+  #   db: 0
+
+  # tmp suspended: bad certificate
+  #  - name: scanr structures
+  #    shortcut: scs
+  #    engine: scanr_structures
+  #    disabled: true
+
+  - name: sepiasearch
+    engine: sepiasearch
+    shortcut: sep
+    disabled: true
+
+  - name: soundcloud
+    engine: soundcloud
+    shortcut: sc
+    disabled: true
+
+  - name: stackoverflow
+    engine: stackexchange
+    shortcut: st
+    api_site: 'stackoverflow'
+    categories: [it, q&a]
+
+  - name: askubuntu
+    engine: stackexchange
+    shortcut: ubuntu
+    api_site: 'askubuntu'
+    categories: [it, q&a]
+
+  - name: internetarchivescholar
+    engine: internet_archive_scholar
+    shortcut: ias
+    timeout: 5.0
+    disabled: true
+
+  - name: superuser
+    engine: stackexchange
+    shortcut: su
+    api_site: 'superuser'
+    categories: [it, q&a]
+
+  - name: searchcode code
+    engine: searchcode_code
+    shortcut: scc
+    disabled: true
+
+  - name: framalibre
+    engine: framalibre
+    shortcut: frl
+    disabled: true
+
+  # - name: searx
+  #   engine: searx_engine
+  #   shortcut: se
+  #   instance_urls :
+  #       - http://127.0.0.1:8888/
+  #       - ...
+  #   disabled: true
+
+  - name: semantic scholar
+    engine: semantic_scholar
+    disabled: true
+    shortcut: se
+
+  # Spotify needs API credentials
+  # - name: spotify
+  #   engine: spotify
+  #   shortcut: stf
+  #   api_client_id: *******
+  #   api_client_secret: *******
+
+  # - name: solr
+  #   engine: solr
+  #   shortcut: slr
+  #   base_url: http://localhost:8983
+  #   collection: collection_name
+  #   sort: '' # sorting: asc or desc
+  #   field_list: '' # comma separated list of field names to display on the UI
+  #   default_fields: '' # default field to query
+  #   query_fields: '' # query fields
+  #   enable_http: true
+
+  # - name: springer nature
+  #   engine: springer
+  #   # get your API key from: https://dev.springernature.com/signup
+  #   # working API key, for test & debug: "a69685087d07eca9f13db62f65b8f601"
+  #   api_key: 'unset'
+  #   shortcut: springer
+  #   timeout: 15.0
+
+  - name: startpage
+    engine: startpage
+    shortcut: sp
+    timeout: 6.0
+    disabled: true
+    additional_tests:
+      rosebud: *test_rosebud
+
+  - name: tokyotoshokan
+    engine: tokyotoshokan
+    shortcut: tt
+    timeout: 6.0
+    disabled: true
+
+  - name: solidtorrents
+    engine: solidtorrents
+    shortcut: solid
+    timeout: 4.0
+    base_url:
+      - https://solidtorrents.to
+      - https://bitsearch.to
+    disabled: true
+
+  # For this demo of the sqlite engine download:
+  #   https://liste.mediathekview.de/filmliste-v2.db.bz2
+  # and unpack into searx/data/filmliste-v2.db
+  # Query to test: "!demo concert"
+  #
+  # - name: demo
+  #   engine: sqlite
+  #   shortcut: demo
+  #   categories: general
+  #   result_template: default.html
+  #   database: searx/data/filmliste-v2.db
+  #   query_str:  >-
+  #     SELECT title || ' (' || time(duration, 'unixepoch') || ')' AS title,
+  #            COALESCE( NULLIF(url_video_hd,''), NULLIF(url_video_sd,''), url_video) AS url,
+  #            description AS content
+  #       FROM film
+  #      WHERE title LIKE :wildcard OR description LIKE :wildcard
+  #      ORDER BY duration DESC
+
+  - name: tagesschau
+    engine: tagesschau
+    # when set to false, display URLs from Tagesschau, and not the actual source
+    # (e.g. NDR, WDR, SWR, HR, ...)
+    use_source_url: true
+    shortcut: ts
+    disabled: true
+
+  - name: tmdb
+    engine: xpath
+    paging: true
+    categories: movies
+    search_url: https://www.themoviedb.org/search?page={pageno}&query={query}
+    results_xpath: //div[contains(@class,"movie") or contains(@class,"tv")]//div[contains(@class,"card")]
+    url_xpath: .//div[contains(@class,"poster")]/a/@href
+    thumbnail_xpath: .//img/@src
+    title_xpath: .//div[contains(@class,"title")]//h2
+    content_xpath: .//div[contains(@class,"overview")]
+    shortcut: tm
+    disabled: true
+
+  # Requires Tor
+  - name: torch
+    engine: xpath
+    paging: true
+    search_url:
+      http://xmh57jrknzkhv6y3ls3ubitzfqnkrwxhopf5aygthi7d6rplyvk3noyd.onion/cgi-bin/omega/omega?P={query}&DEFAULTOP=and
+    results_xpath: //table//tr
+    url_xpath: ./td[2]/a
+    title_xpath: ./td[2]/b
+    content_xpath: ./td[2]/small
+    categories: onions
+    enable_http: true
+    shortcut: tch
+    disabled: true
+
+  # torznab engine lets you query any torznab compatible indexer.  Using this
+  # engine in combination with Jackett opens the possibility to query a lot of
+  # public and private indexers directly from SearXNG. More details at:
+  # https://docs.searxng.org/dev/engines/online/torznab.html
+  #
+  # - name: Torznab EZTV
+  #   engine: torznab
+  #   shortcut: eztv
+  #   base_url: http://localhost:9117/api/v2.0/indexers/eztv/results/torznab
+  #   enable_http: true  # if using localhost
+  #   api_key: xxxxxxxxxxxxxxx
+  #   show_magnet_links: true
+  #   show_torrent_files: false
+  #   # https://github.com/Jackett/Jackett/wiki/Jackett-Categories
+  #   torznab_categories:  # optional
+  #     - 2000
+  #     - 5000
+
+  # tmp suspended - too slow, too many errors
+  #  - name: urbandictionary
+  #    engine      : xpath
+  #    search_url  : https://www.urbandictionary.com/define.php?term={query}
+  #    url_xpath   : //*[@class="word"]/@href
+  #    title_xpath : //*[@class="def-header"]
+  #    content_xpath: //*[@class="meaning"]
+  #    shortcut: ud
+
+  - name: unsplash
+    engine: unsplash
+    shortcut: us
+    disabled: true
+
+  - name: yahoo
+    engine: yahoo
+    shortcut: yh
+    disabled: true
+
+  - name: yahoo news
+    engine: yahoo_news
+    shortcut: yhn
+    disabled: true
+
+  - name: youtube
+    shortcut: yt
+    # You can use the engine using the official stable API, but you need an API
+    # key See: https://console.developers.google.com/project
+    #
+    # engine: youtube_api
+    # api_key: 'apikey' # required!
+    #
+    # Or you can use the html non-stable engine, activated by default
+    engine: youtube_noapi
+    disabled: true
+
+  - name: dailymotion
+    engine: dailymotion
+    shortcut: dm
+    categories: videos
+
+  - name: vimeo
+    engine: vimeo
+    shortcut: vm
+    categories: videos
+    disabled: true
+
+  - name: wiby
+    engine: json_engine
+    paging: true
+    search_url: https://wiby.me/json/?q={query}&p={pageno}
+    url_query: URL
+    title_query: Title
+    content_query: Snippet
+    categories: [general, web]
+    shortcut: wib
+    disabled: true
+    about:
+      website: https://wiby.me/
+
+  - name: alexandria
+    engine: json_engine
+    shortcut: alx
+    categories: general
+    paging: true
+    search_url: https://api.alexandria.org/?a=1&q={query}&p={pageno}
+    results_query: results
+    title_query: title
+    url_query: url
+    content_query: snippet
+    timeout: 1.5
+    disabled: true
+    about:
+      website: https://alexandria.org/
+      official_api_documentation: https://github.com/alexandria-org/alexandria-api/raw/master/README.md
+      use_official_api: true
+      require_api_key: false
+      results: JSON
+
+  - name: wikibooks
+    engine: mediawiki
+    weight: 0.5
+    shortcut: wb
+    categories: [general, wikimedia]
+    base_url: "https://{language}.wikibooks.org/"
+    search_type: text
+    disabled: true
+    about:
+      website: https://www.wikibooks.org/
+      wikidata_id: Q367
+
+  - name: wikinews
+    engine: mediawiki
+    shortcut: wn
+    categories: [news, wikimedia]
+    base_url: "https://{language}.wikinews.org/"
+    search_type: text
+    srsort: create_timestamp_desc
+    about:
+      website: https://www.wikinews.org/
+      wikidata_id: Q964
+
+  - name: wikiquote
+    engine: mediawiki
+    weight: 0.5
+    shortcut: wq
+    categories: [general, wikimedia]
+    base_url: "https://{language}.wikiquote.org/"
+    search_type: text
+    disabled: true
+    additional_tests:
+      rosebud: *test_rosebud
+    about:
+      website: https://www.wikiquote.org/
+      wikidata_id: Q369
+
+  - name: wikisource
+    engine: mediawiki
+    weight: 0.5
+    shortcut: ws
+    categories: [general, wikimedia]
+    base_url: "https://{language}.wikisource.org/"
+    search_type: text
+    disabled: true
+    about:
+      website: https://www.wikisource.org/
+      wikidata_id: Q263
+
+  - name: wikispecies
+    engine: mediawiki
+    shortcut: wsp
+    categories: [general, science, wikimedia]
+    base_url: "https://species.wikimedia.org/"
+    search_type: text
+    disabled: true
+    about:
+      website: https://species.wikimedia.org/
+      wikidata_id: Q13679
+
+  - name: wiktionary
+    engine: mediawiki
+    shortcut: wt
+    categories: [dictionaries, wikimedia]
+    base_url: "https://{language}.wiktionary.org/"
+    search_type: text
+    about:
+      website: https://www.wiktionary.org/
+      wikidata_id: Q151
+
+  - name: wikiversity
+    engine: mediawiki
+    weight: 0.5
+    shortcut: wv
+    categories: [general, wikimedia]
+    base_url: "https://{language}.wikiversity.org/"
+    search_type: text
+    disabled: true
+    about:
+      website: https://www.wikiversity.org/
+      wikidata_id: Q370
+
+  - name: wikivoyage
+    engine: mediawiki
+    weight: 0.5
+    shortcut: wy
+    categories: [general, wikimedia]
+    base_url: "https://{language}.wikivoyage.org/"
+    search_type: text
+    disabled: true
+    about:
+      website: https://www.wikivoyage.org/
+      wikidata_id: Q373
+
+  - name: wikicommons.images
+    engine: wikicommons
+    shortcut: wc
+    categories: images
+    number_of_results: 10
+
+  - name: wolframalpha
+    shortcut: wa
+    # You can use the engine using the official stable API, but you need an API
+    # key.  See: https://products.wolframalpha.com/api/
+    #
+    # engine: wolframalpha_api
+    # api_key: ''
+    #
+    # Or you can use the html non-stable engine, activated by default
+    engine: wolframalpha_noapi
+    timeout: 6.0
+    categories: general
+    disabled: true
+
+  - name: dictzone
+    engine: dictzone
+    shortcut: dc
+    disabled: true
+
+  - name: mymemory translated
+    engine: translated
+    shortcut: tl
+    timeout: 5.0
+    disabled: true
+    # You can use without an API key, but you are limited to 1000 words/day
+    # See: https://mymemory.translated.net/doc/usagelimits.php
+    # api_key: ''
+
+  # Required dependency: mysql-connector-python
+  #  - name: mysql
+  #    engine: mysql_server
+  #    database: mydatabase
+  #    username: user
+  #    password: pass
+  #    limit: 10
+  #    query_str: 'SELECT * from mytable WHERE fieldname=%(query)s'
+  #    shortcut: mysql
+
+  - name: 1337x
+    engine: 1337x
+    shortcut: 1337x
+    disabled: true
+
+  - name: duden
+    engine: duden
+    shortcut: du
+    disabled: true
+
+  - name: seznam
+    shortcut: szn
+    engine: seznam
+    disabled: true
+
+  # - name: deepl
+  #   engine: deepl
+  #   shortcut: dpl
+  #   # You can use the engine using the official stable API, but you need an API key
+  #   # See: https://www.deepl.com/pro-api?cta=header-pro-api
+  #   api_key: ''  # required!
+  #   timeout: 5.0
+  #   disabled: true
+
+  - name: mojeek
+    shortcut: mjk
+    engine: xpath
+    paging: true
+    categories: [general, web]
+    search_url: https://www.mojeek.com/search?q={query}&s={pageno}&lang={lang}&lb={lang}
+    results_xpath: //ul[@class="results-standard"]/li/a[@class="ob"]
+    url_xpath: ./@href
+    title_xpath: ../h2/a
+    content_xpath: ..//p[@class="s"]
+    suggestion_xpath: //div[@class="top-info"]/p[@class="top-info spell"]/em/a
+    first_page_num: 0
+    page_size: 10
+    disabled: true
+    about:
+      website: https://www.mojeek.com/
+      wikidata_id: Q60747299
+      official_api_documentation: https://www.mojeek.com/services/api.html/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: moviepilot
+    engine: moviepilot
+    shortcut: mp
+    disabled: true
+
+  - name: naver
+    shortcut: nvr
+    categories: [general, web]
+    engine: xpath
+    paging: true
+    search_url: https://search.naver.com/search.naver?where=webkr&sm=osp_hty&ie=UTF-8&query={query}&start={pageno}
+    url_xpath: //a[@class="link_tit"]/@href
+    title_xpath: //a[@class="link_tit"]
+    content_xpath: //a[@class="total_dsc"]/div
+    first_page_num: 1
+    page_size: 10
+    disabled: true
+    about:
+      website: https://www.naver.com/
+      wikidata_id: Q485639
+      official_api_documentation: https://developers.naver.com/docs/nmt/examples/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+      language: ko
+
+  - name: rubygems
+    shortcut: rbg
+    engine: xpath
+    paging: true
+    search_url: https://rubygems.org/search?page={pageno}&query={query}
+    results_xpath: /html/body/main/div/a[@class="gems__gem"]
+    url_xpath: ./@href
+    title_xpath: ./span/h2
+    content_xpath: ./span/p
+    suggestion_xpath: /html/body/main/div/div[@class="search__suggestions"]/p/a
+    first_page_num: 1
+    categories: [it, packages]
+    disabled: true
+    about:
+      website: https://rubygems.org/
+      wikidata_id: Q1853420
+      official_api_documentation: https://guides.rubygems.org/rubygems-org-api/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: peertube
+    engine: peertube
+    shortcut: ptb
+    paging: true
+    # alternatives see: https://instances.joinpeertube.org/instances
+    # base_url: https://tube.4aem.com
+    categories: videos
+    disabled: true
+    timeout: 6.0
+
+  - name: mediathekviewweb
+    engine: mediathekviewweb
+    shortcut: mvw
+    disabled: true
+
+  - name: yacy
+    engine: yacy
+    categories: general
+    search_type: text
+    base_url: https://yacy.searchlab.eu
+    shortcut: ya
+    disabled: true
+    # required if you aren't using HTTPS for your local yacy instance
+    # https://docs.searxng.org/dev/engines/online/yacy.html
+    # enable_http: true
+    # timeout: 3.0
+    # search_mode: 'global'
+
+  - name: yacy images
+    engine: yacy
+    categories: images
+    search_type: image
+    base_url: https://yacy.searchlab.eu
+    shortcut: yai
+    disabled: true
+
+  - name: rumble
+    engine: rumble
+    shortcut: ru
+    base_url: https://rumble.com/
+    paging: true
+    categories: videos
+    disabled: true
+
+  - name: wordnik
+    engine: wordnik
+    shortcut: def
+    base_url: https://www.wordnik.com/
+    categories: [dictionaries]
+    timeout: 5.0
+    disabled: true
+
+  - name: woxikon.de synonyme
+    engine: xpath
+    shortcut: woxi
+    categories: [dictionaries]
+    timeout: 5.0
+    disabled: true
+    search_url: https://synonyme.woxikon.de/synonyme/{query}.php
+    url_xpath: //div[@class="upper-synonyms"]/a/@href
+    content_xpath: //div[@class="synonyms-list-group"]
+    title_xpath: //div[@class="upper-synonyms"]/a
+    no_result_for_http_status: [404]
+    about:
+      website: https://www.woxikon.de/
+      wikidata_id:  # No Wikidata ID
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+      language: de
+
+  - name: seekr news
+    engine: seekr
+    shortcut: senews
+    categories: news
+    seekr_category: news
+    disabled: true
+
+  - name: seekr images
+    engine: seekr
+    network: seekr news
+    shortcut: seimg
+    categories: images
+    seekr_category: images
+    disabled: true
+
+  - name: seekr videos
+    engine: seekr
+    network: seekr news
+    shortcut: sevid
+    categories: videos
+    seekr_category: videos
+    disabled: true
+
+  - name: sjp.pwn
+    engine: sjp
+    shortcut: sjp
+    base_url: https://sjp.pwn.pl/
+    timeout: 5.0
+    disabled: true
+
+  - name: svgrepo
+    engine: svgrepo
+    shortcut: svg
+    timeout: 10.0
+    disabled: true
+
+  - name: tootfinder
+    engine: json_engine
+    categories: ['social media']
+    paging: false
+    search_url: https://www.tootfinder.ch/rest/api/search/{query}
+    url_query: uri
+    title_query: card/title
+    content_query: content
+    thumbnail_query: card/image
+    shortcut: toot
+    about:
+      website: https://tootfinder.ch/
+      official_api_documentation: https://wiki.tootfinder.ch/index.php?name=the-tootfinder-rest-api
+      use_official_api: true
+      require_api_key: false
+      results: 'JSON'
+
+  - name: wallhaven
+    engine: wallhaven
+    # api_key: abcdefghijklmnopqrstuvwxyz
+    shortcut: wh
+    disabled: true
+
+    # wikimini: online encyclopedia for children
+    # The fulltext and title parameter is necessary for Wikimini because
+    # sometimes it will not show the results and redirect instead
+  - name: wikimini
+    engine: xpath
+    shortcut: wkmn
+    search_url: https://fr.wikimini.org/w/index.php?search={query}&title=Sp%C3%A9cial%3ASearch&fulltext=Search
+    url_xpath: //li/div[@class="mw-search-result-heading"]/a/@href
+    title_xpath: //li//div[@class="mw-search-result-heading"]/a
+    content_xpath: //li/div[@class="searchresult"]
+    categories: general
+    disabled: true
+    about:
+      website: https://wikimini.org/
+      wikidata_id: Q3568032
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+      language: fr
+
+  - name: wttr.in
+    engine: wttr
+    shortcut: wttr
+    timeout: 9.0
+
+  - name: yummly
+    engine: yummly
+    shortcut: yum
+    disabled: true
+
+  - name: brave
+    engine: brave
+    shortcut: br
+    time_range_support: true
+    paging: true
+    categories: [general, web]
+    brave_category: search
+    # brave_spellcheck: true
+    disabled: true
+
+  - name: brave.images
+    engine: brave
+    network: brave
+    shortcut: brimg
+    categories: [images, web]
+    brave_category: images
+    disabled: true
+
+  - name: brave.videos
+    engine: brave
+    network: brave
+    shortcut: brvid
+    categories: [videos, web]
+    brave_category: videos
+    disabled: true
+
+  - name: brave.news
+    engine: brave
+    network: brave
+    shortcut: brnews
+    categories: news
+    brave_category: news
+    disabled: true
+
+  - name: lib.rs
+    shortcut: lrs
+    engine: xpath
+    search_url: https://lib.rs/search?q={query}
+    results_xpath: /html/body/main/div/ol/li/a
+    url_xpath: ./@href
+    title_xpath: ./div[@class="h"]/h4
+    content_xpath: ./div[@class="h"]/p
+    categories: [it, packages]
+    disabled: true
+    about:
+      website: https://lib.rs
+      wikidata_id: Q113486010
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: sourcehut
+    shortcut: srht
+    engine: xpath
+    paging: true
+    search_url: https://sr.ht/projects?page={pageno}&search={query}
+    results_xpath: (//div[@class="event-list"])[1]/div[@class="event"]
+    url_xpath: ./h4/a[2]/@href
+    title_xpath: ./h4/a[2]
+    content_xpath: ./p
+    first_page_num: 1
+    categories: [it, repos]
+    disabled: true
+    about:
+      website: https://sr.ht
+      wikidata_id: Q78514485
+      official_api_documentation: https://man.sr.ht/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+  - name: goo
+    shortcut: goo
+    engine: xpath
+    paging: true
+    search_url: https://search.goo.ne.jp/web.jsp?MT={query}&FR={pageno}0
+    url_xpath: //div[@class="result"]/p[@class='title fsL1']/a/@href
+    title_xpath: //div[@class="result"]/p[@class='title fsL1']/a
+    content_xpath: //p[contains(@class,'url fsM')]/following-sibling::p
+    first_page_num: 0
+    categories: [general, web]
+    disabled: true
+    timeout: 4.0
+    about:
+      website: https://search.goo.ne.jp
+      wikidata_id: Q249044
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+      language: ja
+
+  - name: bt4g
+    engine: bt4g
+    shortcut: bt4g
+    disabled: true
+
+  - name: pkg.go.dev
+    engine: xpath
+    shortcut: pgo
+    search_url: https://pkg.go.dev/search?limit=100&m=package&q={query}
+    results_xpath: /html/body/main/div[contains(@class,"SearchResults")]/div[not(@class)]/div[@class="SearchSnippet"]
+    url_xpath: ./div[@class="SearchSnippet-headerContainer"]/h2/a/@href
+    title_xpath: ./div[@class="SearchSnippet-headerContainer"]/h2/a
+    content_xpath: ./p[@class="SearchSnippet-synopsis"]
+    categories: [packages, it]
+    timeout: 3.0
+    disabled: true
+    about:
+      website: https://pkg.go.dev/
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+
+# Doku engine lets you access to any Doku wiki instance:
+# A public one or a privete/corporate one.
+#  - name: ubuntuwiki
+#    engine: doku
+#    shortcut: uw
+#    base_url: 'https://doc.ubuntu-fr.org'
+
+# Be careful when enabling this engine if you are
+# running a public instance. Do not expose any sensitive
+# information. You can restrict access by configuring a list
+# of access tokens under tokens.
+#  - name: git grep
+#    engine: command
+#    command: ['git', 'grep', '{{QUERY}}']
+#    shortcut: gg
+#    tokens: []
+#    disabled: true
+#    delimiter:
+#        chars: ':'
+#        keys: ['filepath', 'code']
+
+# Be careful when enabling this engine if you are
+# running a public instance. Do not expose any sensitive
+# information. You can restrict access by configuring a list
+# of access tokens under tokens.
+#  - name: locate
+#    engine: command
+#    command: ['locate', '{{QUERY}}']
+#    shortcut: loc
+#    tokens: []
+#    disabled: true
+#    delimiter:
+#        chars: ' '
+#        keys: ['line']
+
+# Be careful when enabling this engine if you are
+# running a public instance. Do not expose any sensitive
+# information. You can restrict access by configuring a list
+# of access tokens under tokens.
+#  - name: find
+#    engine: command
+#    command: ['find', '.', '-name', '{{QUERY}}']
+#    query_type: path
+#    shortcut: fnd
+#    tokens: []
+#    disabled: true
+#    delimiter:
+#        chars: ' '
+#        keys: ['line']
+
+# Be careful when enabling this engine if you are
+# running a public instance. Do not expose any sensitive
+# information. You can restrict access by configuring a list
+# of access tokens under tokens.
+#  - name: pattern search in files
+#    engine: command
+#    command: ['fgrep', '{{QUERY}}']
+#    shortcut: fgr
+#    tokens: []
+#    disabled: true
+#    delimiter:
+#        chars: ' '
+#        keys: ['line']
+
+# Be careful when enabling this engine if you are
+# running a public instance. Do not expose any sensitive
+# information. You can restrict access by configuring a list
+# of access tokens under tokens.
+#  - name: regex search in files
+#    engine: command
+#    command: ['grep', '{{QUERY}}']
+#    shortcut: gr
+#    tokens: []
+#    disabled: true
+#    delimiter:
+#        chars: ' '
+#        keys: ['line']
+
+doi_resolvers:
+  oadoi.org: 'https://oadoi.org/'
+  doi.org: 'https://doi.org/'
+  doai.io: 'https://dissem.in/'
+  sci-hub.se: 'https://sci-hub.se/'
+  sci-hub.st: 'https://sci-hub.st/'
+  sci-hub.ru: 'https://sci-hub.ru/'
+
+default_doi_resolver: 'oadoi.org'
+
+{% endraw %}
\ No newline at end of file
diff --git a/vars/services.yml b/vars/services.yml
new file mode 100644
index 0000000..db8ab1c
--- /dev/null
+++ b/vars/services.yml
@@ -0,0 +1,136 @@
+setup:
+  oracle4:
+    - nitter
+
+compose:
+  oracle4:
+    - nitter
+
+# ----------------------------------------------------------------------------------------------------
+
+deployed-compose:
+  vultr:
+    - teddit
+    - libreddit
+    - imgin
+    - rat-aint-tieba
+    - watchtower
+    - 4get
+    - socks5
+  oracle1:
+    - send
+    - privatebin
+    ####################
+    - voyager
+    - mlmym
+    - photon
+    - stirling-pdf
+    - cinny
+    - gothub
+    - anonymousoverflow
+    - scribe
+    - teddit
+    - libredditarm
+    - proxitok
+    - proxigram
+    - it-tools
+    - simplytranslate
+    - quetre
+    - libremdb
+    - binternet
+    - watchtower
+    - 4get
+    - socks5
+  oracle2:
+    - firefox
+    - wolfree
+    ####################
+    - voyager
+    - mlmym
+    - photon
+    - stirling-pdf
+    - cinny
+    - gothub
+    - anonymousoverflow
+    - scribe
+    - teddit
+    - libredditarm
+    - proxitok
+    - proxigram
+    - it-tools
+    - simplytranslate
+    - quetre
+    - libremdb
+    - binternet
+    - watchtower
+    - 4get
+    - socks5
+  oracle3:
+    - breezewiki
+    - etherpad
+    - gitea
+    - runner
+    - ntfy
+    ####################
+    - voyager
+    - mlmym
+    - photon
+    - stirling-pdf
+    - cinny
+    - gothub
+    - anonymousoverflow
+    - scribe
+    - teddit
+    - libredditarm
+    - proxitok
+    - proxigram
+    - it-tools
+    - simplytranslate
+    - quetre
+    - libremdb
+    - binternet
+    - watchtower
+    - 4get
+    - socks5
+  oracle4:
+    - caddy
+    - nitter
+    - paulgo
+    - authelia
+    - geoipupdate
+    ####################
+    - voyager
+    - mlmym
+    - photon
+    - stirling-pdf
+    - cinny
+    - gothub
+    - anonymousoverflow
+    - scribe
+    - teddit
+    - libredditarm
+    - proxitok
+    - proxigram
+    - it-tools
+    - simplytranslate
+    - quetre
+    - libremdb
+    - binternet
+    - watchtower
+    - 4get
+    - socks5
+
+# ----------------------------------------------------------------------------------------------------
+
+deployed-setup:
+  oracle2:
+    - firefox
+  oracle3:
+    - ntfy
+    - gitea
+    - runner
+  oracle4:
+    - authelia
+    - nitter
+    - paulgo
+    - caddy