From cda7a876bced7d8db7bfbf99a81dab4476543361 Mon Sep 17 00:00:00 2001
From: Markos Gogoulos <markos@sixfeetup.com>
Date: Wed, 21 Jan 2026 16:00:49 +0200
Subject: [PATCH] feat: bootstrap Talos 1.12.1 cluster

---
 .github/README.md                             |  55 --
 .github/workflows/test-template.yaml          | 129 ----
 README.md                                     | 130 ++++
 copier.yml                                    |  30 -
 issues.md                                     |  54 --
 nextjs-django-github.test-data.yml            |  21 -
 .github/scaf-logo.png => scaf-logo.png        | Bin
 template/.envrc                               |  27 -
 template/.github/dependabot.yml               |  14 -
 .../workflows/infrastructure-validation.yaml  | 186 +++++
 template/.github/workflows/main.yaml          | 229 ------
 .../.github/workflows/semantic-release.yaml   |  35 -
 template/.pre-commit-config.yaml              |  29 +-
 template/Makefile                             | 172 +----
 template/README.md                            |  25 +-
 template/Taskfile.yml                         |  45 +-
 template/Tiltfile                             |  63 --
 template/argocd/base/argocd/app.yaml          |  33 -
 .../argocd/base/argocd/kustomization.yaml     |   5 -
 template/argocd/base/cert-manager/app.yaml    |  33 -
 .../base/cert-manager/kustomization.yaml      |   5 -
 template/argocd/base/cloudnative-pg/app.yaml  |  33 -
 .../base/cloudnative-pg/kustomization.yaml    |   5 -
 template/argocd/base/ingress/app.yaml         |  28 -
 .../argocd/base/ingress/kustomization.yaml    |   5 -
 .../base/kube-prometheus-stack/app.yaml       |  62 --
 .../kube-prometheus-stack/kustomization.yaml  |   5 -
 .../local-path-provisioner/kustomization.yaml |  36 -
 template/argocd/base/reflector/app.yaml       |  28 -
 .../argocd/base/reflector/kustomization.yaml  |   5 -
 template/argocd/base/sealed-secrets/app.yaml  |  31 -
 .../base/sealed-secrets/kustomization.yaml    |   5 -
 template/argocd/base/traefik/app.yaml         |  37 -
 .../argocd/base/traefik/kustomization.yaml    |   5 -
 .../base/{{ copier__project_slug }}/app.yaml  |  26 -
 .../cloudfront-invalidation-hook.yaml         |  40 -
 .../kustomization.yaml                        |   8 -
 template/argocd/prod/apps/kustomization.yaml  |  25 -
 .../argocd/prod/ingress/kustomization.yaml    |  35 -
 .../argocd/sandbox/apps/kustomization.yaml    |  40 -
 .../sandbox/ingress/cert-manager-issuer.yaml  |  33 -
 .../argocd/sandbox/ingress/certificates.yaml  |  15 -
 template/argocd/sandbox/ingress/ingress.yaml  |  59 --
 .../argocd/sandbox/ingress/kustomization.yaml |   6 -
 template/backend/Dockerfile                   | 103 ---
 template/backend/config/__init__.py           |   7 -
 template/backend/config/asgi.py               |  16 -
 template/backend/config/schema.py             |  13 -
 template/backend/config/settings/__init__.py  |   0
 template/backend/config/settings/base.py      | 336 ---------
 template/backend/config/settings/local.py     |  73 --
 .../backend/config/settings/production.py     | 193 -----
 template/backend/config/settings/test.py      |  48 --
 template/backend/config/urls.py               |  63 --
 template/backend/config/wsgi.py               |  38 -
 template/backend/env.example                  |  21 -
 template/backend/manage.py                    |  23 -
 template/backend/requirements/base.in         |  29 -
 template/backend/requirements/local.in        |   9 -
 template/backend/requirements/production.in   |  20 -
 template/backend/requirements/tests.in        |  15 -
 .../{{copier__project_slug}}/__init__.py      |   7 -
 .../{{copier__project_slug}}/celery.py        |  17 -
 .../{{copier__project_slug}}/conftest.py      |  24 -
 .../contrib/__init__.py                       |   0
 .../contrib/sites/__init__.py                 |   0
 .../contrib/sites/migrations/0001_initial.py  |  41 --
 .../migrations/0002_alter_domain_unique.py    |  19 -
 .../0003_set_site_domain_and_name.py          |  28 -
 .../contrib/sites/migrations/__init__.py      |   0
 .../static/css/project.css                    |  13 -
 .../static/fonts/.gitkeep                     |   0
 .../static/images/favicons/favicon.ico        | Bin 8348 -> 0 bytes
 .../static/js/project.js                      |   1 -
 .../static/sass/project.scss                  |  35 -
 .../templates/403.html                        |   9 -
 .../templates/404.html                        |   9 -
 .../templates/500.html                        |  13 -
 .../templates/account/account_inactive.html   |  12 -
 .../templates/account/base.html               |  11 -
 .../templates/account/email.html              |  80 --
 .../templates/account/email_confirm.html      |  32 -
 .../templates/account/login.html              |  48 --
 .../templates/account/logout.html             |  22 -
 .../templates/account/password_change.html    |  17 -
 .../templates/account/password_reset.html     |  26 -
 .../account/password_reset_done.html          |  17 -
 .../account/password_reset_from_key.html      |  25 -
 .../account/password_reset_from_key_done.html |  10 -
 .../templates/account/password_set.html       |  17 -
 .../templates/account/signup.html             |  23 -
 .../templates/account/signup_closed.html      |  12 -
 .../templates/account/verification_sent.html  |  13 -
 .../account/verified_email_required.html      |  24 -
 .../templates/base.html                       | 106 ---
 .../templates/pages/about.html                |   1 -
 .../templates/pages/home.html                 |   1 -
 .../templates/users/user_detail.html          |  36 -
 .../templates/users/user_form.html            |  17 -
 .../users/__init__.py                         |   0
 .../users/adapters.py                         |  16 -
 .../{{copier__project_slug}}/users/admin.py   |  22 -
 .../{{copier__project_slug}}/users/apps.py    |  13 -
 .../{{copier__project_slug}}/users/forms.py   |  29 -
 .../users/migrations/0001_initial.py          | 131 ----
 .../users/migrations/__init__.py              |   0
 .../{{copier__project_slug}}/users/models.py  |  13 -
 .../users/mutations.py                        |  35 -
 .../{{copier__project_slug}}/users/queries.py |  13 -
 .../{{copier__project_slug}}/users/tasks.py   |  11 -
 .../users/tests/__init__.py                   |   0
 .../users/tests/factories.py                  |  32 -
 .../users/tests/test_forms.py                 |  40 -
 .../users/tests/test_graphql_views.py         | 117 ---
 .../users/tests/test_models.py                |   9 -
 .../users/tests/test_tasks.py                 |  16 -
 .../users/tests/test_urls.py                  |  24 -
 .../users/tests/test_views.py                 |  75 --
 .../{{copier__project_slug}}/users/types.py   |  19 -
 .../{{copier__project_slug}}/users/urls.py    |   9 -
 .../{{copier__project_slug}}/users/views.py   |  47 --
 .../utils/__init__.py                         |   1 -
 .../utils/cloud_storage.py                    |  10 -
 .../utils/context_processors.py               |   5 -
 .../utils/debugger.py                         |  21 -
 .../utils/healthcheck.py                      |  67 --
 template/bitbucket-pipelines.yml              |  62 --
 template/bootstrap-cluster/.env               |   7 +-
 template/bootstrap-cluster/README.md          | 238 ++----
 template/bootstrap-cluster/Taskfile.yml       |   8 +-
 template/bootstrap-cluster/argocd.yaml        | 180 -----
 template/bootstrap-cluster/k3s.yaml           | 247 -------
 template/bootstrap-cluster/production/.env    |   2 +-
 .../bootstrap-cluster/root-app.template.yaml  |  27 -
 template/bootstrap-cluster/talos.yaml         |  63 +-
 template/docs/README.md                       |  50 +-
 template/docs/architecture.md                 | 466 +++++-------
 template/docs/dataflow.md                     | 695 ------------------
 template/docs/debug.md                        |  29 -
 template/docs/deployment.md                   | 374 +++++++++-
 template/docs/development.md                  |  98 ---
 template/docs/monitoring.md                   |  91 ---
 template/docs/project-overview.md             | 146 ++--
 template/docs/qa.md                           |   3 -
 template/docs/secrets.md                      | 326 +++++++-
 template/docs/sentry.md                       |  51 --
 template/flake.nix                            |   1 -
 template/frontend/.dockerignore               |  11 -
 template/frontend/.env.local.example          |   3 -
 template/frontend/.gitignore                  |  38 -
 template/frontend/.husky/pre-push             |   9 -
 template/frontend/.prettierignore             |   5 -
 template/frontend/.prettierrc                 |  13 -
 template/frontend/Dockerfile                  |  17 -
 template/frontend/README.md                   |  39 -
 .../__generated__/fragment-masking.ts         |  87 ---
 template/frontend/__generated__/gql.ts        |  42 --
 template/frontend/__generated__/graphql.ts    | 110 ---
 template/frontend/__generated__/index.ts      |   2 -
 template/frontend/__tests__/about.test.tsx    |  25 -
 template/frontend/codegen.ts                  |  19 -
 .../frontend/components/ErrorBoundary.tsx     |  48 --
 template/frontend/components/Footer.tsx       |  24 -
 template/frontend/components/Layout.tsx       |  19 -
 template/frontend/components/NavBar.tsx       |  17 -
 template/frontend/dependencies-dev-init.txt   |  26 -
 template/frontend/dependencies-init.txt       |  11 -
 template/frontend/eslint.config.mjs           | 112 ---
 template/frontend/lib/apolloClient.ts         |  82 ---
 template/frontend/next.config.mjs             |  13 -
 template/frontend/package.json                |  19 -
 template/frontend/pages/404.tsx               |   8 -
 template/frontend/pages/500.tsx               |   3 -
 template/frontend/pages/_app.tsx              |  21 -
 template/frontend/pages/_document.tsx         |  13 -
 template/frontend/pages/about.tsx             |  31 -
 template/frontend/pages/api/hello.ts          |  10 -
 template/frontend/pages/index.tsx             |  25 -
 template/frontend/postcss.config.mjs          |   5 -
 template/frontend/public/favicon.ico          | Bin 25931 -> 0 bytes
 template/frontend/public/scaf-logo.png        | Bin 47188 -> 0 bytes
 template/frontend/styles/globals.css          |   2 -
 template/frontend/tsconfig.json               |  34 -
 template/frontend/utils/test-utils.tsx        |  18 -
 template/frontend/vitest.config.ts            |  17 -
 template/frontend/vitest.setup.ts             |   3 -
 .../k8s/_monitoring/django-logs-table.yaml    | 190 -----
 .../k8s/_monitoring/loki-stack-values.yaml    |  34 -
 template/k8s/argocd/README.md                 |  46 --
 template/k8s/base/app.configmap.yaml          |  41 --
 template/k8s/base/celery.yaml                 |  77 --
 template/k8s/base/django.yaml                 |  90 ---
 template/k8s/base/flower.yaml                 |  32 -
 template/k8s/base/frontend.yaml               |  54 --
 template/k8s/base/ingress.yaml                |  65 --
 template/k8s/base/kustomization.yaml          |  13 -
 template/k8s/base/pod-disruption-budgets.yaml |  53 --
 template/k8s/base/pod-priority.yaml           |  25 -
 template/k8s/base/redis.yaml                  |  37 -
 template/k8s/local/kustomization.yaml         |  34 -
 template/k8s/local/postgres.yaml              |  89 ---
 template/k8s/local/secrets.yaml               |   9 -
 template/k8s/mailhog/kustomization.yaml       |   5 -
 template/k8s/mailhog/mailhog.yaml             |  42 --
 template/k8s/prod/kustomization.yaml          |  78 --
 template/k8s/sandbox/certificate.yaml         |  13 -
 template/k8s/sandbox/ingress-route.yaml       |  84 ---
 template/k8s/sandbox/kustomization.yaml       | 139 ----
 template/k8s/sandbox/postgres.cnpg.yaml       |  69 --
 template/k8s/templates/secrets.yaml.template  |  15 -
 template/tasks.py                             |  33 +-
 template/terraform/README.md                  |  25 +-
 template/terraform/modules/base/Makefile      |   4 +-
 template/terraform/modules/base/ecr.tf        |  57 --
 .../terraform/modules/base/github-iam-role.tf |  43 --
 template/terraform/modules/base/outputs.tf    |   5 -
 template/terraform/modules/base/route53.tf    |  60 --
 .../terraform/modules/base/security_groups.tf |  10 -
 template/terraform/modules/base/variables.tf  |  50 +-
 template/terraform/production/cluster.tf      |  15 +-
 template/terraform/sandbox/cluster.tf         |  15 +-
 template/terraform/staging/cluster.tf         |  15 +-
 222 files changed, 1442 insertions(+), 8809 deletions(-)
 delete mode 100644 .github/README.md
 delete mode 100644 .github/workflows/test-template.yaml
 create mode 100644 README.md
 delete mode 100644 issues.md
 delete mode 100644 nextjs-django-github.test-data.yml
 rename .github/scaf-logo.png => scaf-logo.png (100%)
 delete mode 100644 template/.envrc
 delete mode 100644 template/.github/dependabot.yml
 create mode 100644 template/.github/workflows/infrastructure-validation.yaml
 delete mode 100644 template/.github/workflows/main.yaml
 delete mode 100644 template/.github/workflows/semantic-release.yaml
 delete mode 100644 template/Tiltfile
 delete mode 100644 template/argocd/base/argocd/app.yaml
 delete mode 100644 template/argocd/base/argocd/kustomization.yaml
 delete mode 100644 template/argocd/base/cert-manager/app.yaml
 delete mode 100644 template/argocd/base/cert-manager/kustomization.yaml
 delete mode 100644 template/argocd/base/cloudnative-pg/app.yaml
 delete mode 100644 template/argocd/base/cloudnative-pg/kustomization.yaml
 delete mode 100644 template/argocd/base/ingress/app.yaml
 delete mode 100644 template/argocd/base/ingress/kustomization.yaml
 delete mode 100644 template/argocd/base/kube-prometheus-stack/app.yaml
 delete mode 100644 template/argocd/base/kube-prometheus-stack/kustomization.yaml
 delete mode 100644 template/argocd/base/local-path-provisioner/kustomization.yaml
 delete mode 100644 template/argocd/base/reflector/app.yaml
 delete mode 100644 template/argocd/base/reflector/kustomization.yaml
 delete mode 100644 template/argocd/base/sealed-secrets/app.yaml
 delete mode 100644 template/argocd/base/sealed-secrets/kustomization.yaml
 delete mode 100644 template/argocd/base/traefik/app.yaml
 delete mode 100644 template/argocd/base/traefik/kustomization.yaml
 delete mode 100644 template/argocd/base/{{ copier__project_slug }}/app.yaml
 delete mode 100644 template/argocd/base/{{ copier__project_slug }}/cloudfront-invalidation-hook.yaml
 delete mode 100644 template/argocd/base/{{ copier__project_slug }}/kustomization.yaml
 delete mode 100644 template/argocd/prod/apps/kustomization.yaml
 delete mode 100644 template/argocd/prod/ingress/kustomization.yaml
 delete mode 100644 template/argocd/sandbox/apps/kustomization.yaml
 delete mode 100644 template/argocd/sandbox/ingress/cert-manager-issuer.yaml
 delete mode 100644 template/argocd/sandbox/ingress/certificates.yaml
 delete mode 100644 template/argocd/sandbox/ingress/ingress.yaml
 delete mode 100644 template/argocd/sandbox/ingress/kustomization.yaml
 delete mode 100644 template/backend/Dockerfile
 delete mode 100644 template/backend/config/__init__.py
 delete mode 100644 template/backend/config/asgi.py
 delete mode 100644 template/backend/config/schema.py
 delete mode 100644 template/backend/config/settings/__init__.py
 delete mode 100644 template/backend/config/settings/base.py
 delete mode 100644 template/backend/config/settings/local.py
 delete mode 100644 template/backend/config/settings/production.py
 delete mode 100644 template/backend/config/settings/test.py
 delete mode 100644 template/backend/config/urls.py
 delete mode 100644 template/backend/config/wsgi.py
 delete mode 100644 template/backend/env.example
 delete mode 100755 template/backend/manage.py
 delete mode 100644 template/backend/requirements/base.in
 delete mode 100644 template/backend/requirements/local.in
 delete mode 100644 template/backend/requirements/production.in
 delete mode 100644 template/backend/requirements/tests.in
 delete mode 100644 template/backend/{{copier__project_slug}}/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/celery.py
 delete mode 100644 template/backend/{{copier__project_slug}}/conftest.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/sites/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/sites/migrations/0001_initial.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/sites/migrations/0002_alter_domain_unique.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/sites/migrations/0003_set_site_domain_and_name.py
 delete mode 100644 template/backend/{{copier__project_slug}}/contrib/sites/migrations/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/static/css/project.css
 delete mode 100644 template/backend/{{copier__project_slug}}/static/fonts/.gitkeep
 delete mode 100644 template/backend/{{copier__project_slug}}/static/images/favicons/favicon.ico
 delete mode 100644 template/backend/{{copier__project_slug}}/static/js/project.js
 delete mode 100644 template/backend/{{copier__project_slug}}/static/sass/project.scss
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/403.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/404.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/500.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/account_inactive.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/base.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/email.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/email_confirm.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/login.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/logout.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_change.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_reset.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_reset_done.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key_done.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/password_set.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/signup.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/signup_closed.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/verification_sent.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/account/verified_email_required.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/base.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/pages/about.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/pages/home.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/users/user_detail.html
 delete mode 100644 template/backend/{{copier__project_slug}}/templates/users/user_form.html
 delete mode 100644 template/backend/{{copier__project_slug}}/users/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/adapters.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/admin.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/apps.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/forms.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/migrations/0001_initial.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/migrations/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/models.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/mutations.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/queries.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tasks.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/factories.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_forms.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_graphql_views.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_models.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_tasks.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_urls.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/tests/test_views.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/types.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/urls.py
 delete mode 100644 template/backend/{{copier__project_slug}}/users/views.py
 delete mode 100644 template/backend/{{copier__project_slug}}/utils/__init__.py
 delete mode 100644 template/backend/{{copier__project_slug}}/utils/cloud_storage.py
 delete mode 100644 template/backend/{{copier__project_slug}}/utils/context_processors.py
 delete mode 100644 template/backend/{{copier__project_slug}}/utils/debugger.py
 delete mode 100644 template/backend/{{copier__project_slug}}/utils/healthcheck.py
 delete mode 100644 template/bitbucket-pipelines.yml
 delete mode 100644 template/bootstrap-cluster/argocd.yaml
 delete mode 100644 template/bootstrap-cluster/k3s.yaml
 delete mode 100644 template/bootstrap-cluster/root-app.template.yaml
 delete mode 100644 template/docs/dataflow.md
 delete mode 100644 template/docs/debug.md
 delete mode 100644 template/docs/development.md
 delete mode 100644 template/docs/monitoring.md
 delete mode 100644 template/docs/qa.md
 delete mode 100644 template/docs/sentry.md
 delete mode 100644 template/frontend/.dockerignore
 delete mode 100644 template/frontend/.env.local.example
 delete mode 100644 template/frontend/.gitignore
 delete mode 100644 template/frontend/.husky/pre-push
 delete mode 100644 template/frontend/.prettierignore
 delete mode 100644 template/frontend/.prettierrc
 delete mode 100644 template/frontend/Dockerfile
 delete mode 100644 template/frontend/README.md
 delete mode 100644 template/frontend/__generated__/fragment-masking.ts
 delete mode 100644 template/frontend/__generated__/gql.ts
 delete mode 100644 template/frontend/__generated__/graphql.ts
 delete mode 100644 template/frontend/__generated__/index.ts
 delete mode 100644 template/frontend/__tests__/about.test.tsx
 delete mode 100644 template/frontend/codegen.ts
 delete mode 100644 template/frontend/components/ErrorBoundary.tsx
 delete mode 100644 template/frontend/components/Footer.tsx
 delete mode 100644 template/frontend/components/Layout.tsx
 delete mode 100644 template/frontend/components/NavBar.tsx
 delete mode 100644 template/frontend/dependencies-dev-init.txt
 delete mode 100644 template/frontend/dependencies-init.txt
 delete mode 100644 template/frontend/eslint.config.mjs
 delete mode 100644 template/frontend/lib/apolloClient.ts
 delete mode 100644 template/frontend/next.config.mjs
 delete mode 100644 template/frontend/package.json
 delete mode 100644 template/frontend/pages/404.tsx
 delete mode 100644 template/frontend/pages/500.tsx
 delete mode 100644 template/frontend/pages/_app.tsx
 delete mode 100644 template/frontend/pages/_document.tsx
 delete mode 100644 template/frontend/pages/about.tsx
 delete mode 100644 template/frontend/pages/api/hello.ts
 delete mode 100644 template/frontend/pages/index.tsx
 delete mode 100644 template/frontend/postcss.config.mjs
 delete mode 100644 template/frontend/public/favicon.ico
 delete mode 100644 template/frontend/public/scaf-logo.png
 delete mode 100644 template/frontend/styles/globals.css
 delete mode 100644 template/frontend/tsconfig.json
 delete mode 100644 template/frontend/utils/test-utils.tsx
 delete mode 100644 template/frontend/vitest.config.ts
 delete mode 100644 template/frontend/vitest.setup.ts
 delete mode 100644 template/k8s/_monitoring/django-logs-table.yaml
 delete mode 100644 template/k8s/_monitoring/loki-stack-values.yaml
 delete mode 100644 template/k8s/argocd/README.md
 delete mode 100644 template/k8s/base/app.configmap.yaml
 delete mode 100644 template/k8s/base/celery.yaml
 delete mode 100644 template/k8s/base/django.yaml
 delete mode 100644 template/k8s/base/flower.yaml
 delete mode 100644 template/k8s/base/frontend.yaml
 delete mode 100644 template/k8s/base/ingress.yaml
 delete mode 100644 template/k8s/base/kustomization.yaml
 delete mode 100644 template/k8s/base/pod-disruption-budgets.yaml
 delete mode 100644 template/k8s/base/pod-priority.yaml
 delete mode 100644 template/k8s/base/redis.yaml
 delete mode 100644 template/k8s/local/kustomization.yaml
 delete mode 100644 template/k8s/local/postgres.yaml
 delete mode 100644 template/k8s/local/secrets.yaml
 delete mode 100644 template/k8s/mailhog/kustomization.yaml
 delete mode 100644 template/k8s/mailhog/mailhog.yaml
 delete mode 100644 template/k8s/prod/kustomization.yaml
 delete mode 100644 template/k8s/sandbox/certificate.yaml
 delete mode 100644 template/k8s/sandbox/ingress-route.yaml
 delete mode 100644 template/k8s/sandbox/kustomization.yaml
 delete mode 100644 template/k8s/sandbox/postgres.cnpg.yaml
 delete mode 100644 template/k8s/templates/secrets.yaml.template
 delete mode 100644 template/terraform/modules/base/ecr.tf
 delete mode 100644 template/terraform/modules/base/github-iam-role.tf

diff --git a/.github/README.md b/.github/README.md
deleted file mode 100644
index a4e3244..0000000
--- a/.github/README.md
+++ /dev/null
@@ -1,55 +0,0 @@
-<p align="center">
-  <img src="scaf-logo.png" width="250px">
-</p>
-
-**scaf fullstack template** provides developers and DevOps engineers with a
-complete blueprint for a new project and streamlines the development experience
-with Tilt.
-
-**scaf fullstack template** generates a new project structure with Kubernetes
-manifests in three Kustomize layers for dev, sandbox, and production. A new
-project contains the following:
-
-- Django backend
-- Celery (optional)
-- Next.js frontend (optional)
-  - Strawberry GraphQL (if frontend is chosen)
-  - Apollo Client (if frontend is chosen)
-  - _TODO: REST alternative to GraphQL_
-- Postgres database for local development
-- CloudNativePG deployment for production
-- Redis
-- Mailhog
-- ArgoCD
-- Traefik
-- Certmanger
-- Certificates and Ingress Routes
-- Kube Prometheus Stack
-- Grafana Loki
-- GitHub pipelines to build and push images, run security, formatting and
-  linting checks
-- Terraform config to set up a k3s or Talos cluster on AWS
-- Sentry (optional)
-
-## Installation
-
-To create a new project using this template, you first need to install `scaf`:
-
-```
-curl -sSL https://raw.githubusercontent.com/sixfeetup/scaf/main/install.sh | bash
-```
-
-The installation script will install kubectl, kind, and Tilt if it can't
-be found on your system.
-
-## Creating a new project using this template
-
-NB: Before you continue, make sure that you have at least 5 to 10 GB of free
-space available to Docker. Note that Docker Desktop on MacOS has its own
-resource limits separate from the host.
-
-Run `scaf myproject https://github.com/getscaf/scaf-talos-template.git`,
-answer all the questions, and you'll have your new project!
-
-Inside `myproject/README.md`, you will have more documentation explaining how to
-use and configure your newly created project.
diff --git a/.github/workflows/test-template.yaml b/.github/workflows/test-template.yaml
deleted file mode 100644
index 9fa05bc..0000000
--- a/.github/workflows/test-template.yaml
+++ /dev/null
@@ -1,129 +0,0 @@
-name: Test template
-
-on:
-  pull_request:
-  schedule:
-    # Run daily at 2 AM UTC
-    - cron: '0 2 * * *'
-  workflow_dispatch: # Allow manual triggering
-
-jobs:
-  test-template:
-    runs-on: ubuntu-latest
-    environment: dev
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 'lts/*'
-          cache: 'npm'
-          cache-dependency-path: 'template/frontend/package*.json'
-
-      - name: Install kind
-        shell: bash
-        run: |
-          curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
-          chmod +x ./kind
-          sudo mv ./kind /usr/local/bin/kind
-
-      - name: Install Python dependencies
-        shell: bash
-        run: |
-          pip install copier black isort
-
-      - name: Configure Git
-        shell: bash
-        run: |
-          git config --global user.email "test@example.com"
-          git config --global user.name "Template Test"
-
-      - name: Test Template
-        shell: bash
-        env:
-          VCS_REF: ${{ github.head_ref || github.ref_name || github.sha }}
-        run: |
-          echo "Installing template from ${VCS_REF}"
-          copier copy \
-          --trust \
-          --defaults \
-          --vcs-ref=${VCS_REF} \
-          https://github.com/getscaf/scaf-talos-template.git test-project
-
-      - name: Run lint and formatting checks
-        shell: bash
-        run: |
-          cd test-project
-          make check-lint-and-formatting
-
-      - name: Run frontend lint and tests
-        shell: bash
-        run: |
-          cd test-project
-          make check-lint-and-test-frontend
-
-      - name: Install Tilt
-        shell: bash
-        run: |
-          curl -fsSL https://raw.githubusercontent.com/tilt-dev/tilt/master/scripts/install.sh | bash
-          tilt version
-
-      - name: Run Tilt CI
-        shell: bash
-        run: |
-          set -euo pipefail
-          cd test-project
-          tilt ci
-
-      - name: Notify Slack on Success
-        if: success() && github.event_name == 'schedule'
-        uses: slackapi/slack-github-action@v2.1.1
-        with:
-          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
-          webhook-type: incoming-webhook
-          payload: |
-            text: "Daily template test completed successfully! ✅"
-            blocks:
-              - type: "section"
-                text:
-                  type: "mrkdwn"
-                  text: "Daily template test completed successfully! ✅"
-              - type: "section"
-                fields:
-                  - type: "mrkdwn"
-                    text: "*Repository*: ${{ github.repository }}"
-                  - type: "mrkdwn"
-                    text: >
-                      *Run Details*: 
-                      <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Logs>
-
-      - name: Notify Slack on Failure
-        if: failure() && github.event_name == 'schedule'
-        uses: slackapi/slack-github-action@v2.1.1
-        with:
-          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
-          webhook-type: incoming-webhook
-          payload: |
-            text: "Daily template test failed! ❌"
-            blocks:
-              - type: "section"
-                text:
-                  type: "mrkdwn"
-                  text: "Daily template test failed! ❌"
-              - type: "section"
-                text:
-                  type: "mrkdwn"
-                  text: "Please check the workflow logs for more information."
-              - type: "section"
-                fields:
-                  - type: "mrkdwn"
-                    text: "*Repository*: ${{ github.repository }}"
-                  - type: "mrkdwn"
-                    text: >
-                      *Run Details*: 
-                      <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Logs>
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..4320491
--- /dev/null
+++ b/README.md
@@ -0,0 +1,130 @@
+<p align="center">
+  <img src="scaf-logo.png" width="250px">
+</p>
+
+**scaf-talos-template** provides DevOps engineers and infrastructure teams with a complete blueprint for deploying production-ready Talos Linux Kubernetes clusters on AWS.
+
+This template generates infrastructure-as-code for a secure, immutable Kubernetes cluster using Talos Linux. A new project contains the following:
+
+- **Talos Linux v1.12.1** - Immutable, secure Kubernetes OS
+- **Terraform/OpenTofu** - Infrastructure provisioning for AWS
+- **AWS Infrastructure** - VPC, EC2, security groups, load balancers, Route53
+- **Multi-Environment Support** - Sandbox, staging, and production configurations
+- **Bootstrap Scripts** - Automated Talos cluster initialization
+- **GitHub Actions** - Infrastructure validation and security scanning
+- **Comprehensive Documentation** - Deployment guides and architecture diagrams
+
+## What is Talos Linux?
+
+Talos Linux is a modern, minimal Linux distribution designed specifically for running Kubernetes:
+
+- **Immutable** - No SSH access, configuration via API only
+- **Secure** - Minimal attack surface, all management via encrypted API
+- **Kubernetes-Native** - Built exclusively for Kubernetes workloads
+- **API-Driven** - All operations performed via declarative configuration
+
+## Installation
+
+To create a new project using this template, you first need to install `scaf`:
+
+```bash
+curl -sSL https://raw.githubusercontent.com/sixfeetup/scaf/main/install.sh | bash
+```
+
+## Creating a new project using this template
+
+Run the following command to create a new project:
+
+```bash
+# If you have the template checked out locally:
+scaf myproject ./scaf-talos-template
+
+# Or use the GitHub URL directly:
+scaf myproject https://github.com/getscaf/scaf-talos-template.git
+```
+
+Answer all the questions, and you'll have your new Talos cluster infrastructure project!
+
+After creating the project, you need to bootstrap the infrastructure.
+
+First, make sure you're logged in to AWS:
+
+```bash
+export AWS_PROFILE=profile && aws sso login
+```
+
+Then proceed with the infrastructure setup:
+
+```bash
+# 1. Create the S3 backend for Terraform state
+cd myproject/terraform/bootstrap
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
+
+# 2. Deploy the infrastructure - sandbox environment
+cd ../sandbox
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
+
+# 3. Bootstrap Talos cluster
+cd ../../bootstrap-cluster
+export ENV=sandbox
+task talos:bootstrap
+
+# 4. Access your cluster
+eval $(task talos:kubeconfig)
+kubectl get nodes
+```
+
+**Note:** The sandbox environment creates a **1-node cluster** for development and testing. For staging and production environments with **3-node clusters**, use:
+
+```bash
+# Deploy staging (3 nodes)
+cd terraform/staging
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
+cd ../../bootstrap-cluster
+export ENV=staging
+task talos:bootstrap
+
+# Deploy production (3 nodes)
+cd ../terraform/production
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
+cd ../../bootstrap-cluster
+export ENV=production
+task talos:bootstrap
+```
+
+Inside `myproject/docs/`, you will find comprehensive documentation for:
+- Deploying infrastructure to AWS
+- Bootstrapping the Talos cluster
+- Managing cluster credentials
+- Architecture diagrams
+
+## Requirements
+
+- AWS account with appropriate credentials
+- Terraform/OpenTofu (v1.6+)
+- talosctl CLI
+- kubectl CLI
+- Task runner
+
+See the generated documentation for detailed prerequisites.
+
+## Removing an Environment
+
+To completely remove an environment and all its resources:
+
+
+```bash
+# 1. Destroy the infrastructure
+cd myproject/terraform/sandbox  # or staging, production
+tofu destroy
+
+# 2. Clean up local configuration files
+cd ../../bootstrap-cluster/sandbox  # or staging, production
+rm -f talosconfig kubeconfig controlplane.yaml
+
+# 3. (Optional) Remove secrets from AWS Secrets Manager
+aws secretsmanager delete-secret --secret-id sandbox_talosconfig_yaml --force-delete-without-recovery
+aws secretsmanager delete-secret --secret-id sandbox_kubeconfig_yaml --force-delete-without-recovery
+```
+
+For complete removal instructions, including how to destroy the S3 backend, see the [Deployment Documentation](myproject/docs/deployment.md).
diff --git a/copier.yml b/copier.yml
index a614cbb..0988929 100644
--- a/copier.yml
+++ b/copier.yml
@@ -132,33 +132,3 @@ copier__aws_account_id:
       "AWS account ID cannot be empty."
     {% endif %}
 
-copier__operating_system:
-  type: str
-  default: "talos"
-  choices:
-    talos: "talos"
-  help: "Deploy Kubernetes on Talos Linux?"
-
-copier__repo_url:
-  type: str
-  default: "git@github.com:organization_name/{{ copier__project_slug }}.git"
-  help: "The URL of the repository."
-  validator: >-
-    {% if not copier__repo_url.startswith("git@") or not ":" in copier__repo_url or not "/" in copier__repo_url.split(":")[1] or not ".git" in copier__repo_url %}
-      Value must follow the format git@provider:orgname/repo.git
-    {% endif %}
-
-copier__source_control_provider:
-  type: str
-  when: false
-  default: "{{ copier__repo_url.split('@')[1].split(':')[0] }}"
-
-copier__source_control_organization_slug:
-  type: str
-  when: false
-  default: "{{ copier__repo_url.split(':')[1].split('/')[0] }}"
-
-copier__repo_name:
-  type: str
-  when: false
-  default: "{{ copier__repo_url.split(':')[1].split('/')[1].replace('.git', '') }}"
diff --git a/issues.md b/issues.md
deleted file mode 100644
index 919cfc6..0000000
--- a/issues.md
+++ /dev/null
@@ -1,54 +0,0 @@
-# issue log
-1. after `./scaf <appname> <template>` it says to cd into `my_talos`, when the directory is `my-talos`
-1. after tilt up, backend never finishes updating
-1. while running terraform commands, if multiple json tokens in ~/.aws/sso/cache it can grab the wrong one causing auth to fail
-1. initial terraform `task deploy-sandbox` fails with github error. There is no mention of running `gh` commands as prereqs.
-```shell
-Do you want to apply this plan? Type 'yes' to confirm: yes
-aws_iam_role.github_oidc_role: Creating...
-aws_iam_role.github_oidc_role: Creation complete after 1s [id=my_talos-github-oidc-role]
-
-Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
-task: [set-github-variables] gh variable set AWS_REGION --body "us-east-1"
-To get started with GitHub CLI, please run:  gh auth login
-Alternatively, populate the GH_TOKEN environment variable with a GitHub API authentication token.
-task: Failed to run task "deploy-sandbox": task: Failed to run task "deploy-environment": task: Failed to run task "set-github-variables": exit status
-```
-1. there needs to be mention that the github repo needs to exist before running terraform commands
-1. public/private key variables apart of talos option when it looks like they should be k3s option
-1. need to mention that whatever domain is used, that the registrar needs to have AWS Route 53 as the primary dns servers so AWS certificate validation works
-1. after AWS resources are deployed it immediately tries to bootstrap the cluster, but talosctl fails because `bootstrap-cluster/sandbox/.env` is not loaded (and looks to be the wrong syntax?). This command `talosctl gen config {{.ENV.CLUSTER_NAME}} {{.ENV.CONTROL_PLANE_ENDPOINT}}` is the one that fails
-1. `bootstrap-cluster/sandbox/.env` has suspect content. ":" instead of "=" 
-1. Multiple runs of `task deploy-sandbox` cause issues with AWS secret creation
-1. Command `task teardown-sandbox` errors out
-```shell
-Checking repository: my-talos-sandbox-backend
-No images to delete in my-talos-sandbox-backend.
-Tearing down the sandbox environment...
-task: Failed to run task "teardown-sandbox": task: Failed to run task "teardown-environment": task: Task "bootstrap-cluster:k3s:delete-all-secrets" does not exist
-```
-1. subsequent runs of  `task deploy-sandbox` can fail on `commit-changes` if there are no files that have changed
-1. must run `export ENV=sandbox` prior to `task deploy-sandbox` so `bootstrap-cluster/sandbox/.env` values are correctly sourced, otherwise talos config tails because `.env` values are not present so argument mismatch (expects 2, 0 provided) errors appear
-1. EC2 public IP's change on reboots, any talos config concerns with this?
-1. Had to add code to terraform/{staging|prod}/backend.tf to get global_variables registered
-```text
-module "global_variables" {
-  source = "../modules/global_variables"
-}
-```
-1. had to rename `terraform/prod` to `terraform/production`
-1. had to pair down `terraform/{env}/outputs.tf`
-1. when deploying a second environment, ECR registry creation fails because it exists
-
-
-# commands
-```shell
-aws ec2 describe-instances --region us-east-1 \
-  --query 'Reservations[].Instances[].{ID:InstanceId,State:State.Name,Type:InstanceType,Name:Tags[?Key==`Name`]|[0].Value}' \
-  --output table
-
-aws ec2 get-console-output --output text --latest --instance-id <id>
-
-nc -vz 54.162.171.160 50000
-nc -vuz 54.162.171.160 50000
-```
\ No newline at end of file
diff --git a/nextjs-django-github.test-data.yml b/nextjs-django-github.test-data.yml
deleted file mode 100644
index c1db934..0000000
--- a/nextjs-django-github.test-data.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-copier__author_name: Iam Scafman
-copier__aws_account_id: "000000000000"
-copier__aws_region: us-east-1
-copier__create_nextjs_frontend: y
-copier__description: My Awesome Scaf Project!
-copier__domain_name: sixfeetup.com
-copier__existing_hosted_zone: scaf.sixfeetup.com
-copier__email: iamscafman@sixfeetup.com
-copier__mail_service: Amazon SES
-copier__operating_system: talos
-copier__project_dash: my-awesome-scaf-project
-copier__project_name: My Awesome Scaf Project
-copier__project_slug: my_awesome_scaf_project
-copier__repo_name: my_awesome_scaf_project
-copier__repo_url: git@github.com:sixfeetup/my_awesome_scaf_project.git
-copier__source_control_organization_slug: sixfeetup
-copier__source_control_provider: github.com
-copier__timezone: US/Eastern
-copier__use_celery: n
-copier__use_sentry: n
-copier__version: 0.1.0
diff --git a/.github/scaf-logo.png b/scaf-logo.png
similarity index 100%
rename from .github/scaf-logo.png
rename to scaf-logo.png
diff --git a/template/.envrc b/template/.envrc
deleted file mode 100644
index b6cd349..0000000
--- a/template/.envrc
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/use/bin/env bash
-
-# Source personal .envrc.local if it exists
-if [ -f .envrc.local ]; then
-    echo "Loading personal environment from .envrc.local"
-    source .envrc.local
-fi
-
-if command -v nix-shell >/dev/null 2>&1; then
-    use flake
-fi
-
-# read the secrets from 1Password
-# strip whitespace from the value
-export AWS_S3_ACCESS_KEY_ID="op://{{ copier__project_name }}/AWS_S3_ACCESS_KEY_ID/token"
-export AWS_S3_SECRET_ACCESS_KEY="op://{{ copier__project_name }}/AWS_S3_SECRET_ACCESS_KEY/token"
-export AWS_SES_ACCESS_KEY_ID="op://{{ copier__project_name }}/AWS_SES_ACCESS_KEY_ID/token"
-export AWS_SES_SECRET_ACCESS_KEY="op://{{ copier__project_name }}/AWS_SES_SECRET_ACCESS_KEY/token"
-export POSTGRES_PASSWORD="op://{{ copier__project_name }}/POSTGRES_DB/password"
-export POSTGRES_USER="op://{{ copier__project_name }}/POSTGRES_DB/username"
-# use sandbox host for secrets generation
-export POSTGRES_HOST=postgres
-export DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}/{{ copier__project_slug }}
-export DJANGO_SECRET_KEY="op://{{ copier__project_name }}/DJANGO_SECRET_KEY/token"
-{%- if copier__mail_service == 'Mailgun' %}
-# Mailgun api key
-export MAILGUN_API_KEY="op://{{ copier__project_name }}/MAILGUN_API_KEY/token"{%- endif %}
diff --git a/template/.github/dependabot.yml b/template/.github/dependabot.yml
deleted file mode 100644
index 27d058b..0000000
--- a/template/.github/dependabot.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "pip"
-    directory: "/backend"
-    schedule:
-      interval: "weekly"
-
-{% if copier__create_nextjs_frontend %}
-  - package-ecosystem: "npm"
-    directory: "/frontend"
-    schedule:
-      interval: "weekly"
-{% endif %}
-
diff --git a/template/.github/workflows/infrastructure-validation.yaml b/template/.github/workflows/infrastructure-validation.yaml
new file mode 100644
index 0000000..36cf74b
--- /dev/null
+++ b/template/.github/workflows/infrastructure-validation.yaml
@@ -0,0 +1,186 @@
+name: Infrastructure Validation
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+jobs:
+  terraform-validate:
+    name: Terraform Validation
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        environment: [sandbox, staging, production]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.6.0
+          terraform_wrapper: false
+
+      - name: Setup OpenTofu
+        uses: opentofu/setup-opentofu@v1
+        with:
+          tofu_version: 1.6.0
+
+      - name: Terraform Format Check
+        id: fmt
+        run: |
+          cd terraform/${{ '{{ matrix.environment }}' }}
+          tofu fmt -check -recursive
+        continue-on-error: true
+
+      - name: Terraform Init
+        id: init
+        run: |
+          cd terraform/${{ '{{ matrix.environment }}' }}
+          tofu init -backend=false
+
+      - name: Terraform Validate
+        id: validate
+        run: |
+          cd terraform/${{ '{{ matrix.environment }}' }}
+          tofu validate
+
+      - name: Comment PR (if applicable)
+        if: github.event_name == 'pull_request' && steps.fmt.outcome == 'failure'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: '⚠️ **Terraform Format Check Failed** for `${{ '{{ matrix.environment }}' }}`\n\nPlease run `terraform fmt -recursive` in the terraform directory.'
+            })
+
+  terraform-security-scan:
+    name: Terraform Security Scan
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run tfsec
+        uses: aquasecurity/tfsec-action@v1.0.3
+        with:
+          working_directory: terraform
+          soft_fail: true
+          format: sarif
+          additional_args: --minimum-severity MEDIUM
+
+      - name: Upload tfsec SARIF
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif
+          category: tfsec
+
+      - name: Run Checkov
+        uses: bridgecrewio/checkov-action@v12
+        with:
+          directory: terraform
+          framework: terraform
+          soft_fail: true
+          output_format: sarif
+          output_file_path: checkov-results.sarif
+
+      - name: Upload Checkov SARIF
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: checkov-results.sarif
+          category: checkov
+
+  yaml-validation:
+    name: YAML Validation
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install yamllint
+        run: pip install yamllint
+
+      - name: Validate YAML files
+        run: |
+          yamllint -c .yamllint bootstrap-cluster/ || true
+          yamllint copier.yml || true
+
+  documentation-check:
+    name: Documentation Build
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        run: |
+          pip install uv
+          uvx --with mkdocs-material --with mkdocs-mermaid2-plugin mkdocs --version
+
+      - name: Build documentation
+        run: make docs
+
+      - name: Check for broken links (optional)
+        run: |
+          uvx --with mkdocs-material --with mkdocs-mermaid2-plugin mkdocs build --strict
+        continue-on-error: true
+
+  pre-commit-checks:
+    name: Pre-commit Checks
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install pre-commit
+        run: pip install pre-commit
+
+      - name: Run pre-commit hooks
+        run: pre-commit run --all-files
+
+  validation-summary:
+    name: Validation Summary
+    runs-on: ubuntu-latest
+    needs: [terraform-validate, terraform-security-scan, yaml-validation, documentation-check, pre-commit-checks]
+    if: always()
+
+    steps:
+      - name: Check validation results
+        run: |
+          echo "## Validation Summary" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "- Terraform Validation: ${{ '{{ needs.terraform-validate.result }}' }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Security Scan: ${{ '{{ needs.terraform-security-scan.result }}' }}" >> $GITHUB_STEP_SUMMARY
+          echo "- YAML Validation: ${{ '{{ needs.yaml-validation.result }}' }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Documentation: ${{ '{{ needs.documentation-check.result }}' }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Pre-commit: ${{ '{{ needs.pre-commit-checks.result }}' }}" >> $GITHUB_STEP_SUMMARY
+
+      - name: Fail if any critical check failed
+        if: |
+          needs.terraform-validate.result == 'failure' ||
+          needs.terraform-security-scan.result == 'failure'
+        run: |
+          echo "❌ Critical validation checks failed!"
+          exit 1
diff --git a/template/.github/workflows/main.yaml b/template/.github/workflows/main.yaml
deleted file mode 100644
index a2de256..0000000
--- a/template/.github/workflows/main.yaml
+++ /dev/null
@@ -1,229 +0,0 @@
-name: Main Workflow
-
-on: [ push, pull_request ]
-
-env:
-  AWS_REGION: ${{ '{{ vars.AWS_REGION }}' }}
-  AWS_ACCOUNT_ID: ${{ '{{ vars.AWS_ACCOUNT_ID }}' }}
-
-jobs:
-  check-lint-and-formatting:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v4
-      - name: Check lint and formatting
-        run: make check-lint-and-formatting
-{% if copier__create_nextjs_frontend %}
-  check-lint-and-test-frontend:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
-        with:
-          node-version: '20'
-      - name: Frontend Lint & Typecheck & Test
-        run: make check-lint-and-test-frontend
-{% endif %}
-  backend-test:
-    runs-on: ubuntu-latest
-
-    services:
-      postgres:
-        image: postgres:17
-        env:
-          POSTGRES_DB: {{ copier__project_slug }}
-          POSTGRES_USER: {{ copier__project_slug }}
-          POSTGRES_PASSWORD: TESTPASSWORD
-        # Set health checks to wait until postgres has started
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-
-{% if copier__use_celery %}
-      redis:
-        image: redis
-        options: >-
-          --health-cmd "redis-cli ping"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-{% endif %}
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v4
-        with:
-          python-version: "3.10"
-      - name: Run backend tests
-        run: CI=true make backend-test
-        env:
-          DATABASE_URL: postgresql://{{ copier__project_slug }}:TESTPASSWORD@localhost:5432/{{ copier__project_slug }}
-          POSTGRES_HOST: postgres
-          POSTGRES_PORT: 5432
-{% if copier__use_celery %}          CELERY_BROKER_URL: redis://127.0.0.1:6379/0{% endif %}
-
-  build-backend-image:
-    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
-    needs: [check-lint-and-formatting, backend-test]
-    outputs:
-      short-sha: ${{ '{{ steps.vars.outputs.short-sha }}' }}
-      branch-name: ${{ '{{ steps.vars.outputs.branch-name }}' }}
-      target-env: ${{ '{{ steps.vars.outputs.target-env }}' }}
-
-    permissions:
-      id-token: write
-      contents: read
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Configure AWS credentials from OIDC
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: arn:aws:iam::${{ '{{ env.AWS_ACCOUNT_ID }}' }}:role/{{ copier__project_slug }}-github-oidc-role
-          aws-region: ${{ '{{ env.AWS_REGION }}' }}
-
-      - name: Log in to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
-
-      - name: Set environment variables
-        id: vars
-        run: |
-          SHORT_SHA=$(git rev-parse --short HEAD)
-          BRANCH_NAME=$(echo ${{ '{{ github.ref }}' }} | sed s,refs/heads/,, | sed s,/,-,g)
-          TARGET_ENV=$(if [ "$BRANCH_NAME" = "main" ]; then echo "prod"; else echo "sandbox"; fi)
-          echo "short-sha=$SHORT_SHA" >> $GITHUB_OUTPUT
-          echo "branch-name=$BRANCH_NAME" >> $GITHUB_OUTPUT
-          echo "target-env=$TARGET_ENV" >> $GITHUB_OUTPUT
-          echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_ENV
-          echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
-          echo "TARGET_ENV=$TARGET_ENV" >> $GITHUB_ENV
-
-      - name: Set Backend ECR Repo
-        run: |
-          echo "ECR_REPO_BACKEND=${{ '{{ env.AWS_ACCOUNT_ID }}' }}.dkr.ecr.${{ '{{ env.AWS_REGION }}' }}.amazonaws.com/{{ copier__project_dash }}-$TARGET_ENV-backend" >> $GITHUB_ENV
-
-      - name: Build and push backend image
-        uses: docker/build-push-action@v5
-        with:
-          context: ./backend
-          push: true
-          tags: ${{ '{{ env.ECR_REPO_BACKEND }}' }}:${{ '{{ env.SHORT_SHA }}' }},${{ '{{ env.ECR_REPO_BACKEND }}' }}:${{ '{{ env.BRANCH_NAME }}' }}
-
-{% if copier__create_nextjs_frontend %}
-  build-frontend-image:
-    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
-    needs: [check-lint-and-test-frontend]
-
-    permissions:
-      id-token: write
-      contents: read
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Configure AWS credentials from OIDC
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: arn:aws:iam::${{ '{{ env.AWS_ACCOUNT_ID }}' }}:role/{{ copier__project_slug }}-github-oidc-role
-          aws-region: ${{ '{{ env.AWS_REGION }}' }}
-
-      - name: Log in to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
-
-      - name: Set environment variables
-        run: |
-          echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
-          echo "BRANCH_NAME=$(echo ${{ '{{ github.ref }}' }} | sed s,refs/heads/,, | sed s,/,-,g)" >> $GITHUB_ENV
-          export TARGET_ENV=$(if [ "$BRANCH_NAME" = "main" ]; then echo "prod"; else echo "sandbox"; fi)
-          echo "TARGET_ENV=$TARGET_ENV" >> $GITHUB_ENV
-
-      - name: Set frontend environment variables
-        run: |
-          echo "NEXT_PUBLIC_API_URL=https://api.sandbox.{{ copier__domain_name }}/" >> ./frontend/.env
-          echo "NEXT_PUBLIC_GRAPHQL_ENDPOINT=https://api.sandbox.{{ copier__domain_name }}/graphql/" >> ./frontend/.env
-          echo "NEXT_GRAPHQL_ENDPOINT=https://api.sandbox.{{ copier__domain_name }}/graphql/" >> ./frontend/.env
-
-      - name: Set Frontend ECR Repo
-        run: |
-          echo "ECR_REPO_FRONTEND=${{ '{{ env.AWS_ACCOUNT_ID }}' }}.dkr.ecr.${{ '{{ env.AWS_REGION }}' }}.amazonaws.com/{{ copier__project_dash }}-$TARGET_ENV-frontend" >> $GITHUB_ENV
-
-      - name: Build and push frontend image
-        uses: docker/build-push-action@v5
-        with:
-          context: ./frontend
-          push: true
-          tags: ${{ '{{env.ECR_REPO_FRONTEND}}' }}:${{ '{{ env.SHORT_SHA }}' }},${{ '{{ env.ECR_REPO_FRONTEND }}' }}:${{ '{{ env.BRANCH_NAME }}' }}
-{% endif %}
-
-  update-manifests:
-    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
-{% if copier__create_nextjs_frontend %}
-    needs: [build-backend-image, build-frontend-image]
-{% else %}
-    needs: [build-backend-image]
-{% endif %}
-
-    permissions:
-      contents: write
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          token: ${{ '{{secrets.GITHUB_TOKEN}}' }}
-          persist-credentials: true
-
-      - name: Get environment variables from backend job
-        run: |
-          echo "SHORT_SHA=${{ '{{ needs.build-backend-image.outputs.short-sha }}' }}" >> $GITHUB_ENV
-          echo "BRANCH_NAME=${{ '{{ needs.build-backend-image.outputs.branch-name }}' }}" >> $GITHUB_ENV
-          echo "TARGET_ENV=${{ '{{ needs.build-backend-image.outputs.target-env }}' }}" >> $GITHUB_ENV
-
-      - name: Set ECR Repos
-        run: |
-          echo "ECR_REPO_BACKEND=${{ '{{ env.AWS_ACCOUNT_ID }}' }}.dkr.ecr.${{ '{{ env.AWS_REGION }}' }}.amazonaws.com/{{ copier__project_dash }}-$TARGET_ENV-backend" >> $GITHUB_ENV
-          {% if copier__create_nextjs_frontend %}
-          echo "ECR_REPO_FRONTEND=${{ '{{ env.AWS_ACCOUNT_ID }}' }}.dkr.ecr.${{ '{{ env.AWS_REGION }}' }}.amazonaws.com/{{ copier__project_dash }}-$TARGET_ENV-frontend" >> $GITHUB_ENV
-          {% endif %}
-
-      - name: Tag Images
-        run: |
-          cd k8s/$TARGET_ENV
-          kustomize edit set image backend=$ECR_REPO_BACKEND:$SHORT_SHA
-          {% if copier__create_nextjs_frontend %}
-          kustomize edit set image frontend=$ECR_REPO_FRONTEND:$SHORT_SHA
-          {% endif %}
-
-      - name: Commit & Push to GitHub
-        run: |
-          git config user.email "$GITHUB_EMAIL"
-          git config user.name "GitHub User"
-          git add k8s/$TARGET_ENV/kustomization.yaml
-          git commit -m "Update $TARGET_ENV image to $SHORT_SHA [skip ci]"
-          git push
diff --git a/template/.github/workflows/semantic-release.yaml b/template/.github/workflows/semantic-release.yaml
deleted file mode 100644
index 7d2272e..0000000
--- a/template/.github/workflows/semantic-release.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Semantic Release
-
-on:
-  push:
-    branches:
-      - main
-
-permissions:
-  contents: write
-  issues: write
-
-jobs:
-  semantic-release:
-    runs-on: ubuntu-latest
-    environment: dev
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          token: ${{ '{{secrets.GITHUB_TOKEN}}' }}
-          persist-credentials: false
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: "lts/*"
-
-      - name: Install Dependencies
-        run: npm install semantic-release @semantic-release/changelog @semantic-release/git @semantic-release/github @semantic-release/commit-analyzer conventional-changelog-conventionalcommits
-
-      - name: Run Semantic Release
-        run: npx semantic-release
-        env:
-          GITHUB_TOKEN: ${{ '{{secrets.GITHUB_TOKEN}}' }}
diff --git a/template/.pre-commit-config.yaml b/template/.pre-commit-config.yaml
index 3feed41..c1b1fb6 100644
--- a/template/.pre-commit-config.yaml
+++ b/template/.pre-commit-config.yaml
@@ -4,29 +4,8 @@ repos:
   hooks:
   - id: check-case-conflict
   - id: check-merge-conflict
-  - id: debug-statements
-    exclude: ^backend/{{ copier__project_slug }}/utils/debugger.py
   - id: detect-private-key
-
-- repo: https://github.com/psf/black
-  rev: 25.1.0
-  hooks:
-  - id: black
-
-- repo: https://github.com/pycqa/isort
-  rev: 6.0.1
-  hooks:
-  - id: isort
-    args: ["--profile", "black", "--filter-files"]
-
-- repo: https://github.com/charliermarsh/ruff-pre-commit
-  rev: 'v0.12.12'
-  hooks:
-  - id: ruff
-    args: ["--ignore", "E501"]
-
-- repo: https://github.com/PyCQA/bandit
-  rev: 1.8.6
-  hooks:
-  - id: bandit
-    args: ["-ll"]
+  - id: end-of-file-fixer
+  - id: trailing-whitespace
+  - id: check-yaml
+    args: ['--unsafe']
diff --git a/template/Makefile b/template/Makefile
index 3ac5677..88e3def 100644
--- a/template/Makefile
+++ b/template/Makefile
@@ -1,8 +1,3 @@
-KUBECTL_EXEC_BACKEND = kubectl exec -it $$(kubectl get pods -l app=backend -o jsonpath="{.items[0].metadata.name}") -- bash
-{% if copier__create_nextjs_frontend %}
-KUBECTL_EXEC_FRONTEND = kubectl exec -it $$(kubectl get pods -l app=frontend -o jsonpath="{.items[0].metadata.name}") -- bash
-{% endif %}
-
 # colors
 BLUE:=$(shell echo "\033[0;36m")
 GREEN:=$(shell echo "\033[0;32m")
@@ -12,177 +7,18 @@ END:=$(shell echo "\033[0m")
 
 PROJECT_SLUG:="{{ copier__project_slug }}"
 
-## Release/Deployment Targets
-
-ci: test secure build  ## Execute the same checks used in CI/CD
-
-.git/hooks/pre-commit: ## Install pre-commit hooks
-	pip install pre-commit; \
-	cd backend/; \
-	pre-commit install
-
-check-lint-and-formatting: .git/hooks/pre-commit ## Execute check of lint and formatting using existing pre-commit hooks
-	cd backend; \
-	pre-commit run -a
-
-{% if copier__create_nextjs_frontend %}
-check-lint-and-test-frontend:  ## Frontend Lint & Typecheck & Test
-	cd frontend && \
-	npm install --legacy-peer-deps && \
-	npm run lint-src && \
-	npm run typecheck && \
-	npm run test
-{% endif %}
-
-backend-test: ## Execute backend tests
-ifeq ($(CI),true)
-	pip install uv; \
-	cd backend; \
-	uv venv ./venv; \
-	. ./venv/bin/activate; \
-	uv pip install \
-		-r requirements/production.txt \
-		-r requirements/tests.txt; \
-	cd scafman; \
-	export DJANGO_SECRET_KEY="test"; \
-	pytest --cov=./ --cov-report html --ds=config.settings.test
-else
-	$(KUBECTL_EXEC_BACKEND) -c "cd {{ copier__project_slug }} && pytest --cov=./ --cov-report html --ds=config.settings.test"
-endif
-
-{% if copier__create_nextjs_frontend %}
-frontend-test: ## Execute frontend tests
-ifeq ($(CI),true)
-	cd frontend/; \
-	npm ci; \
-	npm run test
-else
-	$(KUBECTL_EXEC_FRONTEND) -c "npm run test"
-endif
-
-test: backend-test frontend-test  ## Run all tests
-{% else %}
-test: backend-test  ## Run all tests
-{% endif %}
-
-## Development Targets
-
-backend/requirements/local.txt: compile
-backend/requirements/production.txt: compile
-backend/requirements/tests.txt: compile
-
-setup:
-	@echo " $(YELLOW)⛭$(END) Checking if the setup is correct and all prerequisites are installed..."
-	@MISSING=""; \
-	for exec in $(PREREQUISITE_COMMANDS); do \
-		if ! which $$exec > /dev/null 2>&1; then \
-			MISSING="$$MISSING $$exec"; \
-		fi; \
-	done; \
-	if [ -n "$$MISSING" ]; then \
-		echo " $(RED)❌$(END)Missing executables:$$MISSING. These must be installed by you to continue"; \
-		false; \
-	else \
-		echo " $(GREEN)✔️$(END) All prerequisites are installed."; \
-	fi
-	@CURRENT_CONTEXT="$$(kubectl config current-context 2>&1)"; \
-	if [ "$$CURRENT_CONTEXT" = "kind-$(PROJECT_SLUG)" ]; then \
-		echo " $(GREEN)✔️$(END) The kubectl context is correctly set to kind-$(PROJECT_SLUG). Run 'tilt up' to start your cluster!"; \
-	else \
-		echo " $(YELLOW)⛭$(END) Current kubectl context is not 'kind-$(PROJECT_SLUG)'. Switching context now..."; \
-		if [ -z "$$(kubectl config get-contexts -o name | grep -w 'kind-$(PROJECT_SLUG)$$')" ]; then \
-			echo " $(YELLOW)⛭$(END) No context found for kind-$(PROJECT_SLUG). Creating one. Please wait, this may take a couple of minutes on a slower machine..."; \
-			kind create cluster --name $(PROJECT_SLUG) 1>/dev/null 2>/tmp/scaf_error.log; \
-			echo " $(GREEN)✔️$(END) kind-$(PROJECT_SLUG) cluster and context created."; \
-			echo " $(BLUE)🗣️ Remember, you can safely run \"make setup\" any time to switch between Scaf projects.$(END)"; \
-		fi; \
-		kubectl config use-context kind-$(PROJECT_SLUG) 1>/dev/null 2>/tmp/scaf_error.log; \
-		echo " $(GREEN)✔️$(END) Context switched to kind-$(PROJECT_SLUG). Run 'tilt up' to start your cluster! "; \
-	fi
-
-outdated: ## Show all the outdated packages with their latest versions in the container
-	$(KUBECTL_EXEC_BACKEND) -c "pip list --outdated"
-
-pipdeptree: ## Show the dependencies of installed packages as a tree structure
-	$(KUBECTL_EXEC_BACKEND) -c "uv pip tree --no-cache"
-
-compile: backend/requirements/base.in backend/requirements/tests.in ## compile latest requirements to be built into the docker image
-	@docker run --rm -v $(shell pwd)/backend/requirements:/local python:3.13-slim /bin/bash -c \
-		"apt-get update; apt-get install -y libpq-dev; \
-		 pip install uv; \
-		 touch /local/base.txt; touch /local/production.txt; touch /local/tests.txt; touch /local/local.txt; \
-		 uv pip compile --upgrade --generate-hashes --output-file /local/base.txt /local/base.in; \
-		 uv pip compile --upgrade --generate-hashes --output-file /local/production.txt /local/production.in; \
-		 uv pip compile --upgrade --generate-hashes --output-file /local/tests.txt /local/tests.in; \
-		 uv pip compile --upgrade --output-file /local/local.txt /local/local.in"
-
-compile-frontend: frontend/package.json ## compile latest frontend dependencies to be built into the docker image
-	@docker run --rm --user node -w "/app" -v $(shell pwd)/frontend:/app node:lts /bin/bash -c "npm install"
-
-init-frontend-dependencies: ## compile initial frontend dependencies to be built into the docker image
-	@docker run --rm --user $(shell id -u):$(shell id -g) -w "/app" -v $(shell pwd)/frontend:/app -e npm_config_cache=/tmp/.npm node:lts /bin/bash -c \
-		"xargs npm install < dependencies-init.txt"
-	@docker run --rm --user $(shell id -u):$(shell id -g) -w "/app" -v $(shell pwd)/frontend:/app -e npm_config_cache=/tmp/.npm node:lts /bin/bash -c \
-		"xargs npm install --save-dev < dependencies-dev-init.txt"
-
-shell-backend:  ## Shell into the running Django container
-	$(KUBECTL_EXEC_BACKEND)
-
-{% if copier__create_nextjs_frontend %}
-shell-frontend:
-	$(KUBECTL_EXEC_FRONTEND)
-{% endif %}
-
-secure:  ## Analyze dependencies for security issues
-	$(KUBECTL_EXEC_BACKEND) -c "safety check"
-
-DEBUG ?= false
-secrets:
-	@$(call check_var,ENVIRONMENT)
-	@echo "Creating sealed secrets for $$(kubectl config current-context) cluster"
-	kubectl config get-contexts --no-headers | \
-		grep -E "(admin@)?{{ copier__project_dash }}-$(ENVIRONMENT)" | \
-		head -1 | \
-		awk '{print $$2}' | \
-		xargs -r kubectl config use-context
-	AWS_S3_ACCESS_KEY_ID=$$(tofu -chdir=./terraform/$(ENVIRONMENT) output -raw cnpg_user_access_key) \
-	AWS_S3_SECRET_ACCESS_KEY=$$(tofu -chdir=./terraform/$(ENVIRONMENT) output -raw cnpg_user_secret_key) \
-{% if copier__mail_service == "Amazon SES" %}	AWS_SES_ACCESS_KEY_ID=$$(tofu -chdir=./terraform/$(ENVIRONMENT) output -raw amazon_ses_user_key) \
-	AWS_SES_SECRET_ACCESS_KEY=$$(tofu -chdir=./terraform/$(ENVIRONMENT) output -raw amazon_ses_user_secret_key) \{% endif %}
-	DJANGO_SECRET_KEY=$$(LC_CTYPE=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32; echo) \
-	ENVIRONMENT=$(ENVIRONMENT) \
-	envsubst < k8s/templates/secrets.yaml.template | op inject | if [ "$(DEBUG)" = "true" ]; then cat; else kubeseal -n {{ copier__project_slug }}-$(ENVIRONMENT) --format yaml > k8s/$(ENVIRONMENT)/secrets.yaml; fi
-
-sandbox-secrets: ## Create sealed secrets for sandbox
-	$(MAKE) secrets ENVIRONMENT=sandbox
-
-debug-sandbox-secrets: ## Debug sandbox secrets
-	$(MAKE) secrets ENVIRONMENT=sandbox DEBUG=true
-
-staging-secrets: ## Create sealed secrets for sandbox
-	$(MAKE) secrets ENVIRONMENT=sandbox
-
-debug-staging-secrets: ## Debug sandbox secrets
-	$(MAKE) secrets ENVIRONMENT=sandbox DEBUG=true
-
-prod-secrets: ## Create sealed secrets for prod
-	$(MAKE) secrets ENVIRONMENT=prod
-
-debug-prod-secrets: ## Create sealed secrets for prod
-	$(MAKE) secrets ENVIRONMENT=prod DEBUG=true
-
 ensure-uv:
 	@which uv >/dev/null 2>&1 || { echo "Installing uv..."; curl -LsSf https://astral.sh/uv/install.sh | sh; }
 
-docs: ensure-uv ## Build the Docs
+docs: ensure-uv ## Build the documentation
 	uvx  --with mkdocs-material --with mkdocs-mermaid2-plugin mkdocs build
 
-serve-docs: ensure-uv ## Serve the Docs
+serve-docs: ensure-uv ## Serve the documentation locally
 	uvx  --with mkdocs-material --with mkdocs-mermaid2-plugin mkdocs serve -a localhost:8001
 
 ## Help
 
-help: ## Show the list of all the commands and their help text
+help: ## Show the list of all available commands
 	@awk 'BEGIN 	{ FS = ":.*##"; target="";printf "\nUsage:\n  make \033[36m<target>\033[33m\n\nTargets:\033[0m\n" } \
 		/^[a-zA-Z_-]+:.*?##/ { if(target=="")print ""; target=$$1; printf " \033[36m%-10s\033[0m %s\n\n", $$1, $$2 } \
 		/^([a-zA-Z_-]+):/ {if(target=="")print "";match($$0, "(.*):"); target=substr($$0,RSTART,RLENGTH) } \
@@ -190,6 +26,6 @@ help: ## Show the list of all the commands and their help text
 		/^## .*/ {match($$0, "## (.+)$$"); txt=substr($$0,4,RLENGTH);printf "\n\033[33m%s\033[0m\n", txt ; target=""} \
 	' $(MAKEFILE_LIST)
 
-.PHONY: help check-lint-and-formatting ci ensure-uv secure build build-dev outdated pipdeptree compile destroy-data load-dump clean clean-dev squeaky_clean update check-sandbox-release check-staging-release check-prod-release
+.PHONY: help ensure-uv docs serve-docs
 
 .DEFAULT_GOAL := help
diff --git a/template/README.md b/template/README.md
index dea8d62..4b4cb4c 100644
--- a/template/README.md
+++ b/template/README.md
@@ -2,30 +2,13 @@
 
 ## :information_source: About the {{ copier__project_name }} project
 
-* [:telescope: Project overview](/docs/project-overview.md)
-* [:house: Architecture](/docs/architecture.md)
-<!-- * [:hospital: ER Diagram](/docs/erdiagram.md) -->
-
-## :technologist: How to set up your local environment for development
-
-See [docs/development.md](/docs/development.md)
+* [:telescope: Project overview](docs/project-overview.md)
+* [:house: Architecture](docs/architecture.md)
 
 ## :package: How to deploy
 
-See [docs/deployment.md](/docs/deployment.md)
+See [docs/deployment.md](docs/deployment.md)
 
 ## :shushing_face: How to manage passwords and sensitive values
 
-See [docs/secrets.md](/docs/secrets.md)
-
-## :bug: How to debug the application
-
-See [docs/debug.md](/docs/debug.md)
-
-## :test_tube: How to test the application
-
-See [docs/qa.md](/docs/qa.md)
-
-## :microscope: How to monitor the application
-
-See [docs/monitoring.md](/docs/monitoring.md)
+See [docs/secrets.md](docs/secrets.md)
diff --git a/template/Taskfile.yml b/template/Taskfile.yml
index bbf241d..d9666d3 100644
--- a/template/Taskfile.yml
+++ b/template/Taskfile.yml
@@ -50,11 +50,11 @@ tasks:
           echo -e "{{.RED}}Error: AWS_PROFILE environment variable must be set{{.END}}"
           exit 1
         fi
-        
+
         PROFILE_MSG="using profile '$AWS_PROFILE'"
         echo -e "{{.BLUE}}Checking AWS credentials $PROFILE_MSG...{{.END}}"
-        
-        # Check SSO cache first (faster than API call), because sts get-caller-identity 
+
+        # Check SSO cache first (faster than API call), because sts get-caller-identity
         #  can be slow and will return quicker about expirations, while sts get-caller-identity
         #  does return valid credentials that are actually expired
         NEED_LOGIN=false
@@ -62,7 +62,7 @@ tasks:
         if [ -n "$SSO_START_URL" ]; then
           SSO_CACHE_KEY=$(echo -n "$SSO_START_URL" | sha1sum | cut -d' ' -f1)
           SSO_CACHE_FILE="$HOME/.aws/sso/cache/${SSO_CACHE_KEY}.json"
-          
+
           if [ -f "$SSO_CACHE_FILE" ]; then
             EXPIRES_AT=$(jq -r '.expiresAt // empty' "$SSO_CACHE_FILE" 2>/dev/null)
             if [ -n "$EXPIRES_AT" ]; then
@@ -76,16 +76,16 @@ tasks:
             NEED_LOGIN=true
           fi
         fi
-        
+
         if [ "$NEED_LOGIN" = "false" ] && ! aws sts get-caller-identity --profile "$AWS_PROFILE" >/dev/null 2>&1; then
           NEED_LOGIN=true
         fi
-        
+
         if [ "$NEED_LOGIN" = "true" ]; then
           echo -e "{{.YELLOW}}AWS login required $PROFILE_MSG...{{.END}}"
           aws sso login --profile "$AWS_PROFILE"
         fi
-        
+
         echo -e "{{.GREEN}}AWS credentials verified and working.{{.END}}"
 
   ask-auto-approve:
@@ -96,7 +96,7 @@ tasks:
       - |
         echo -e "{{.YELLOW}}Would you like to auto-approve all terraform operations? (y/N):{{.END}}" >&2
         read -p "> " auto_approve || true
-        
+
         if [ "$auto_approve" = "y" ] || [ "$auto_approve" = "Y" ] || [ "$auto_approve" = "yes" ]; then
           echo -e "{{.GREEN}}Terraform operations will be auto-approved.{{.END}}" >&2
           echo "1"
@@ -129,27 +129,6 @@ tasks:
 {% raw %}
         vars: {ENV: '{{.ENV}}'}
 
-  delete-ecr-images:
-    desc: Delete all images from ECR repositories for an environment
-    requires:
-      vars: [ENV]
-    prompt: "WARNING: This will permanently delete all container images in the ECR repositories for the '{{.ENV}}' environment.\nAre you sure you want to continue? Type 'yes' to confirm: "
-    cmds:
-      - |
-        set -e
-        REPO_URLS=$(tofu -chdir=./terraform/{{.ENV}} output -json | jq -r 'to_entries[] | select(.key | endswith("_ecr_repo")) | .value.value | select(. != null)')
-        for REPO_URL in $REPO_URLS; do
-          REPO_NAME=$(basename "$REPO_URL")
-          echo "Checking repository: $REPO_NAME"
-          IMAGE_IDS=$(aws ecr list-images --repository-name "$REPO_NAME" --query 'imageIds[*]' --output json)
-          if [ -n "$IMAGE_IDS" ] && [ "$IMAGE_IDS" != "[]" ]; then
-            echo "Deleting images from $REPO_NAME..."
-            aws ecr batch-delete-image --repository-name "$REPO_NAME" --image-ids "$IMAGE_IDS" >/dev/null
-          else
-            echo "No images to delete in $REPO_NAME."
-          fi
-        done
-
   commit-changes:
     desc: Commit any changed files
     cmds:
@@ -169,7 +148,7 @@ tasks:
       - |
         [ "$?" = "0" ] || (echo -e "{{.RED}}Error: Environment must be either 'sandbox', 'staging', or 'production'{{.END}}" && exit 1)
       - echo -e "{{.BLUE}}{{.ACTION}} the {{.ENV}} environment...{{.END}}"
-      
+
   determine-control-plane-ip-address:
     desc: Determine IP addresses for control plane security group configuration
     internal: true
@@ -190,9 +169,9 @@ tasks:
       - echo "2) Enter multiple IP addresses as a comma-separated list"
       - |
         read -p "Enter your choice (1/2): " ip_choice
-        if [ "$ip_choice" = "1" ]; then 
+        if [ "$ip_choice" = "1" ]; then
           PUBLIC_IP_CIDRS="{{.CURRENT_IP}}/32"
-        elif [ "$ip_choice" = "2" ]; then 
+        elif [ "$ip_choice" = "2" ]; then
           echo -e "{{.YELLOW}}Enter comma-separated list of IP addresses (e.g., 1.2.3.4,5.6.7.8):{{.END}}"
           read -p "> " PUBLIC_IP
           PUBLIC_IP_CLEAN=$(echo "$PUBLIC_IP" | sed 's/, /,/g')
@@ -266,8 +245,6 @@ tasks:
     silent: true
     cmds:
       - task: establish-aws-login
-      - task: delete-ecr-images
-        vars: {ENV: sandbox}
       - task: teardown-environment
         vars: {ENV: sandbox}
 
diff --git a/template/Tiltfile b/template/Tiltfile
deleted file mode 100644
index 98f0a07..0000000
--- a/template/Tiltfile
+++ /dev/null
@@ -1,63 +0,0 @@
-print(
-    """
------------------------------------------------------------------
-✨ Hello Tilt! This appears in the (Tiltfile) pane whenever Tilt
-   evaluates this file.
------------------------------------------------------------------
-""".strip()
-)
-
-load("ext://syncback", "syncback")
-
-docker_build(
-    "backend",
-    context="backend",
-    build_args={"DEVEL": "yes", "TEST": "yes"},
-    live_update=[
-        sync("./backend/config", "/app/src/config"),
-        sync("./backend/{{ copier__project_slug }}", "/app/src/{{ copier__project_slug }}"),
-    ],
-)
-
-{% if copier__create_nextjs_frontend  %}
-docker_build(
-    "frontend",
-    context="frontend",
-    live_update=[
-        sync("./frontend", "/app"),
-    ],
-)
-{% endif %}
-
-k8s_yaml(
-    kustomize("./k8s/local/")
-)
-
-syncback(
-    "backend-sync",
-    "deploy/backend",
-    "/app/src/{{ copier__project_slug }}/",
-    target_dir="./backend/{{ copier__project_slug }}",
-    rsync_path='/app/bin/rsync.tilt',
-)
-
-{% if copier__create_nextjs_frontend %}
-syncback(
-    "frontend-sync",
-    "deploy/frontend",
-    "/app/",
-    target_dir="./frontend",
-    rsync_path='/app/rsync.tilt',
-    ignore=[".next", "next-env.d.ts", "node_modules", "rsync.tilt"],
-)
-{% endif %}
-
-{% if copier__create_nextjs_frontend %}
-k8s_resource(workload='frontend', port_forwards=3000)
-{% endif %}
-k8s_resource(workload='backend', port_forwards=8000)
-k8s_resource(workload='mailhog', port_forwards=8025)
-k8s_resource(workload='postgres', port_forwards=5432)
-{% if copier__use_celery %}
-k8s_resource(workload='celery', port_forwards=5555)
-{% endif %}
diff --git a/template/argocd/base/argocd/app.yaml b/template/argocd/base/argocd/app.yaml
deleted file mode 100644
index 34cfe41..0000000
--- a/template/argocd/base/argocd/app.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: argocd
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: argo-cd
-    repoURL: https://argoproj.github.io/argo-helm
-    targetRevision: 8.2.0
-    helm:
-      releaseName: argocd
-      # https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#traefik-v22
-      valuesObject:
-        configs:
-          params:
-            server.insecure: true
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: argocd
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
diff --git a/template/argocd/base/argocd/kustomization.yaml b/template/argocd/base/argocd/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/argocd/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/cert-manager/app.yaml b/template/argocd/base/cert-manager/app.yaml
deleted file mode 100644
index 78d17cf..0000000
--- a/template/argocd/base/cert-manager/app.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: cert-manager
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: cert-manager
-    repoURL: https://charts.jetstack.io
-    targetRevision: v1.14.5
-    helm:
-      releaseName: cert-manager
-      parameters:
-      - name: "installCRDs"
-        value: "true"
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: cert-manager
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-    syncOptions:
-      - CreateNamespace=true
diff --git a/template/argocd/base/cert-manager/kustomization.yaml b/template/argocd/base/cert-manager/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/cert-manager/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/cloudnative-pg/app.yaml b/template/argocd/base/cloudnative-pg/app.yaml
deleted file mode 100644
index 842db5b..0000000
--- a/template/argocd/base/cloudnative-pg/app.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: cloudnative-pg
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: cloudnative-pg
-    repoURL: https://cloudnative-pg.github.io/charts
-    targetRevision: v0.19.1
-    helm:
-      releaseName: cloudnative-pg
-      parameters:
-      - name: "fullnameOverride"
-        value: "cnpg-controller-manager"
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: cnpg-system
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-    syncOptions:
-      - CreateNamespace=true
diff --git a/template/argocd/base/cloudnative-pg/kustomization.yaml b/template/argocd/base/cloudnative-pg/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/cloudnative-pg/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/ingress/app.yaml b/template/argocd/base/ingress/app.yaml
deleted file mode 100644
index e1bc814..0000000
--- a/template/argocd/base/ingress/app.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: ingress
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "3"
-spec:
-  project: default
-  source:
-    repoURL: {{ copier__repo_url }}
-    targetRevision: main
-    path: argocd/prod/ingress
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: default
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-    syncOptions:
-    - CreateNamespace=true
diff --git a/template/argocd/base/ingress/kustomization.yaml b/template/argocd/base/ingress/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/ingress/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/kube-prometheus-stack/app.yaml b/template/argocd/base/kube-prometheus-stack/app.yaml
deleted file mode 100644
index dfb4e3d..0000000
--- a/template/argocd/base/kube-prometheus-stack/app.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: kube-prometheus-stack
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "1"
-spec:
-  project: default
-  source:
-    chart: kube-prometheus-stack
-    repoURL: https://prometheus-community.github.io/helm-charts
-    targetRevision: 60.3.0
-    helm:
-      releaseName: kube-prometheus-stack
-      valuesObject:
-        alertmanager:
-          enabled: false
-        grafana:
-          enabled: false
-        prometheusOperator:
-          resources:
-            limits:
-              cpu: 100m
-              memory: 200Mi
-            requests:
-              cpu: 50m
-              memory: 100Mi
-        prometheus:
-          prometheusSpec:
-            podMonitorSelectorNilUsesHelmValues: false
-            podMonitorSelector: {}
-            # Add retention configuration for Prometheus
-            retention: 90d
-            retentionSize: 9GB
-            # Adjust storage size if needed
-            storageSpec:
-              volumeClaimTemplate:
-                spec:
-                  storageClassName: local-path
-                  accessModes: ["ReadWriteOnce"]
-                  resources:
-                    requests:
-                      storage: 10Gi
-
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: monitoring
-  syncPolicy:
-    automated: {}
-    # automated:
-    #   prune: true
-    #   selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-    syncOptions:
-      - CreateNamespace=true
-      - ServerSideApply=true
diff --git a/template/argocd/base/kube-prometheus-stack/kustomization.yaml b/template/argocd/base/kube-prometheus-stack/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/kube-prometheus-stack/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/local-path-provisioner/kustomization.yaml b/template/argocd/base/local-path-provisioner/kustomization.yaml
deleted file mode 100644
index 5bddcd3..0000000
--- a/template/argocd/base/local-path-provisioner/kustomization.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-# kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- github.com/rancher/local-path-provisioner/deploy?ref=v0.0.26
-patches:
-- patch: |-
-    kind: ConfigMap
-    apiVersion: v1
-    metadata:
-      name: local-path-config
-      namespace: local-path-storage
-    data:
-      config.json: |-
-        {
-                "nodePathMap":[
-                {
-                        "node":"DEFAULT_PATH_FOR_NON_LISTED_NODES",
-                        "paths":["/var/local-path-provisioner"]
-                }
-                ]
-        }
-- patch: |-
-    apiVersion: storage.k8s.io/v1
-    kind: StorageClass
-    metadata:
-      name: local-path
-      annotations:
-        storageclass.kubernetes.io/is-default-class: "true"
-- patch: |-
-    apiVersion: v1
-    kind: Namespace
-    metadata:
-      name: local-path-storage
-      labels:
-        pod-security.kubernetes.io/enforce: privileged
diff --git a/template/argocd/base/reflector/app.yaml b/template/argocd/base/reflector/app.yaml
deleted file mode 100644
index 7fc3d81..0000000
--- a/template/argocd/base/reflector/app.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: reflector
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: reflector
-    repoURL: https://emberstack.github.io/helm-charts
-    targetRevision: 7.1.262
-    helm:
-      releaseName: reflector
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: kube-system
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
diff --git a/template/argocd/base/reflector/kustomization.yaml b/template/argocd/base/reflector/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/reflector/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/sealed-secrets/app.yaml b/template/argocd/base/sealed-secrets/app.yaml
deleted file mode 100644
index 54ed77c..0000000
--- a/template/argocd/base/sealed-secrets/app.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: sealed-secrets
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: sealed-secrets
-    repoURL: https://bitnami-labs.github.io/sealed-secrets
-    targetRevision: 2.13.2
-    helm:
-      releaseName: sealed-secrets
-      parameters:
-      - name: "fullnameOverride"
-        value: sealed-secrets-controller
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: kube-system
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
diff --git a/template/argocd/base/sealed-secrets/kustomization.yaml b/template/argocd/base/sealed-secrets/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/sealed-secrets/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/traefik/app.yaml b/template/argocd/base/traefik/app.yaml
deleted file mode 100644
index 9eb6ab8..0000000
--- a/template/argocd/base/traefik/app.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: traefik
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-spec:
-  project: default
-  source:
-    chart: traefik
-    repoURL: https://traefik.github.io/charts 
-    targetRevision: 28.0.0
-    helm:
-      releaseName: traefik
-      parameters:
-      - name: "service.type"
-        value: NodePort
-      - name: "ports.web.nodePort"
-        value: "30080"
-      - name: "ports.websecure.nodePort"
-        value: "30443"
-      - name: "deployment.kind"
-        value: DaemonSet
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: kube-system
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
diff --git a/template/argocd/base/traefik/kustomization.yaml b/template/argocd/base/traefik/kustomization.yaml
deleted file mode 100644
index 98860a0..0000000
--- a/template/argocd/base/traefik/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-kind: Kustomization
diff --git a/template/argocd/base/{{ copier__project_slug }}/app.yaml b/template/argocd/base/{{ copier__project_slug }}/app.yaml
deleted file mode 100644
index 42ef5a4..0000000
--- a/template/argocd/base/{{ copier__project_slug }}/app.yaml	
+++ /dev/null
@@ -1,26 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: {{ copier__rfc1123_subdomain }}-prod
-  namespace: argocd
-spec:
-  project: default
-  source:
-    repoURL: {{ copier__repo_url }}
-    targetRevision: main
-    path: k8s/prod
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: {{ copier__rfc1123_subdomain }}-prod
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-    syncOptions:
-    - CreateNamespace=true
diff --git a/template/argocd/base/{{ copier__project_slug }}/cloudfront-invalidation-hook.yaml b/template/argocd/base/{{ copier__project_slug }}/cloudfront-invalidation-hook.yaml
deleted file mode 100644
index 24ab830..0000000
--- a/template/argocd/base/{{ copier__project_slug }}/cloudfront-invalidation-hook.yaml	
+++ /dev/null
@@ -1,40 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: cloudfront-invalidation
-  annotations:
-    argocd.argoproj.io/hook: PostSync
-    argocd.argoproj.io/hook-delete-policy: HookSucceeded
-spec:
-  backoffLimit: 2
-  template:
-    spec:
-      restartPolicy: OnFailure
-      containers:
-        - name: aws-cli
-          image: amazon/aws-cli:latest
-          env:
-            - name: AWS_ACCESS_KEY_ID
-              valueFrom:
-                secretKeyRef:
-                  name: secrets-config
-                  key: AWS_S3_ACCESS_KEY_ID
-            - name: AWS_SECRET_ACCESS_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: secrets-config
-                  key: AWS_S3_SECRET_ACCESS_KEY
-            - name: AWS_REGION
-              value: us-east-1  # Change if needed
-            - name: DISTRIBUTION_ID
-              envFrom:
-                - configMapRef:
-                  name: app-config
-          command:
-            - /bin/sh
-            - -c
-            - |
-              echo "Creating CloudFront invalidation..."
-              aws cloudfront create-invalidation \
-                --distribution-id "$DISTRIBUTION_ID" \
-                --paths "/*"
\ No newline at end of file
diff --git a/template/argocd/base/{{ copier__project_slug }}/kustomization.yaml b/template/argocd/base/{{ copier__project_slug }}/kustomization.yaml
deleted file mode 100644
index 59c8321..0000000
--- a/template/argocd/base/{{ copier__project_slug }}/kustomization.yaml	
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- app.yaml
-{% if copier__create_nextjs_frontend %}
-- cloudfront-invalidation-hook.yaml
-{% endif %}
-kind: Kustomization
diff --git a/template/argocd/prod/apps/kustomization.yaml b/template/argocd/prod/apps/kustomization.yaml
deleted file mode 100644
index d8867b8..0000000
--- a/template/argocd/prod/apps/kustomization.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- ../../base/argocd
-- ../../base/cert-manager
-- ../../base/cloudnative-pg
-- ../../base/ingress
-- ../../base/kube-prometheus-stack
-- ../../base/local-path-provisioner
-- ../../base/reflector
-- ../../base/sealed-secrets
-- ../../base/traefik
-- ../../base/{{ copier__project_slug }}
-kind: Kustomization
-patches:
-- patch: |-
-    - op: replace
-      path: /spec/source/targetRevision
-      value: main
-    - op: replace
-      path: /spec/source/path
-      value: argocd/prod/ingress
-  target:
-    kind: Application
-    name: ingress
diff --git a/template/argocd/prod/ingress/kustomization.yaml b/template/argocd/prod/ingress/kustomization.yaml
deleted file mode 100644
index 8f01ea4..0000000
--- a/template/argocd/prod/ingress/kustomization.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-resources:
-- ../../sandbox/ingress
-patches:
-- patch: |-
-    - op: replace
-      path: /metadata/name
-      value: argocd-{{ copier__project_slug }}-tls
-    - op: replace
-      path: /spec/secretName
-      value: argocd-{{ copier__project_slug }}-tls
-    - op: replace
-      path: /spec/dnsNames
-      value:
-        - argocd.{{ copier__domain_name }}
-  target:
-    kind: Certificate
-    name: argocd-sandbox-{{ copier__project_slug }}-tls
-- patch: |-
-    - op: replace
-      path: /metadata/name
-      value: argocd-{{ copier__project_slug }}
-    - op: replace
-      path: /spec/routes/0/match
-      value: Host(`argocd.{{ copier__domain_name }}`)
-    - op: replace
-      path: /spec/routes/1/match
-      value: Host(`argocd.{{ copier__domain_name }}`) && Headers(`Content-Type`, `application/grpc`)
-    - op: replace
-      path: /spec/tls
-      value: argocd-{{ copier__project_slug }}-tls
-  target:
-    kind: IngressRoute
-    name: argocd-sandbox-{{ copier__project_slug }}
-kind: Kustomization
diff --git a/template/argocd/sandbox/apps/kustomization.yaml b/template/argocd/sandbox/apps/kustomization.yaml
deleted file mode 100644
index 42920a3..0000000
--- a/template/argocd/sandbox/apps/kustomization.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-namespace: argocd
-resources:
-- ../../base/argocd
-- ../../base/cert-manager
-- ../../base/cloudnative-pg
-- ../../base/ingress
-- ../../base/local-path-provisioner
-- ../../base/reflector
-- ../../base/sealed-secrets
-- ../../base/traefik
-- ../../base/{{ copier__project_slug }}
-kind: Kustomization
-patches:
-- patch: |-
-    - op: replace
-      path: /spec/source/targetRevision
-      value: develop
-    - op: replace
-      path: /spec/source/path
-      value: argocd/sandbox/ingress
-  target:
-    kind: Application
-    name: ingress
-- patch: |-
-    - op: replace
-      path: /spec/source/targetRevision
-      value: develop
-    - op: replace
-      path: /metadata/name
-      value: {{ copier__project_slug }}-sandbox
-    - op: replace
-      path: /spec/source/path
-      value: k8s/sandbox
-    - op: replace
-      path: /spec/destination/namespace
-      value: {{ copier__project_slug }}-sandbox
-  target:
-    kind: Application
-    name: {{ copier__project_slug }}-prod
diff --git a/template/argocd/sandbox/ingress/cert-manager-issuer.yaml b/template/argocd/sandbox/ingress/cert-manager-issuer.yaml
deleted file mode 100644
index 5342228..0000000
--- a/template/argocd/sandbox/ingress/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-  name: letsencrypt-prod
-  annotations:
-    argocd.argoproj.io/sync-wave: "1"
-spec:
-  acme:
-    server: https://acme-v02.api.letsencrypt.org/directory
-    email: {{ copier__email }}
-    privateKeySecretRef:
-      name: letsencrypt-prod
-    solvers:
-      - http01:
-          ingress:
-            class: traefik
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-  name: letsencrypt-staging
-  annotations:
-    argocd.argoproj.io/sync-wave: "1"
-spec:
-  acme:
-    server: https://acme-staging-v02.api.letsencrypt.org/directory
-    email: {{ copier__email }}
-    privateKeySecretRef:
-      name: letsencrypt-staging
-    solvers:
-      - http01:
-          ingress:
-            class: traefik
diff --git a/template/argocd/sandbox/ingress/certificates.yaml b/template/argocd/sandbox/ingress/certificates.yaml
deleted file mode 100644
index d1b9f85..0000000
--- a/template/argocd/sandbox/ingress/certificates.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: argocd-sandbox-{{ copier__project_slug }}-tls
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "3"
-spec:
-  secretName: argocd-sandbox-{{ copier__project_slug }}-tls
-  issuerRef:
-    name: letsencrypt-prod
-    kind: ClusterIssuer
-  dnsNames:
-  - argocd.sandbox.{{ copier__domain_name }}
diff --git a/template/argocd/sandbox/ingress/ingress.yaml b/template/argocd/sandbox/ingress/ingress.yaml
deleted file mode 100644
index dd81b69..0000000
--- a/template/argocd/sandbox/ingress/ingress.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: argocd-sandbox-{{ copier__project_slug }}
-  annotations:
-    argocd.argoproj.io/sync-wave: "2"
-  namespace: argocd
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`argocd.sandbox.{{ copier__domain_name }}`)
-      priority: 10
-      services:
-        - name: argocd-server
-          port: 80
-    - kind: Rule
-      match: Host(`argocd.sandbox.{{ copier__domain_name }}`) && Headers(`Content-Type`, `application/grpc`)
-      priority: 11
-      services:
-        - name: argocd-server
-          port: 80
-          scheme: h2c
-  tls:
-    secretName: argocd-sandbox-{{ copier__project_slug }}-tls
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: http-to-https-redirect
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "5"
-spec:
-  entryPoints:
-    - web
-  routes:
-    - kind: Rule
-      match: PathPrefix(`/`)
-      priority: 1
-      middlewares:
-        - name: redirect-to-https
-      services:
-        - kind: TraefikService
-          name: noop@internal
----
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: redirect-to-https
-  namespace: argocd
-  annotations:
-    argocd.argoproj.io/sync-wave: "5"
-spec:
-  redirectScheme:
-    scheme: https
-    permanent: true
diff --git a/template/argocd/sandbox/ingress/kustomization.yaml b/template/argocd/sandbox/ingress/kustomization.yaml
deleted file mode 100644
index f836962..0000000
--- a/template/argocd/sandbox/ingress/kustomization.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-resources:
-- cert-manager-issuer.yaml
-- certificates.yaml
-- ingress.yaml
-kind: Kustomization
diff --git a/template/backend/Dockerfile b/template/backend/Dockerfile
deleted file mode 100644
index eba3639..0000000
--- a/template/backend/Dockerfile
+++ /dev/null
@@ -1,103 +0,0 @@
-# Build all of the dependencies then we will build the actual application image
-FROM python:3.13-slim AS build
-
-ENV PYTHONUNBUFFERED=1
-ENV PYTHONDONTWRITEBYTECODE=1
-ENV BOGUS=1
-
-ARG DEVEL=no
-ARG TEST=no
-
-RUN apt-get update \
-    && apt-get install --no-install-recommends -y \
-    build-essential \
-    ca-certificates \
-    curl \
-    gettext \
-    gnupg \
-    && mkdir -p /etc/apt/keyrings \
-    && apt-get install --no-install-recommends -y \
-    libffi-dev \
-    libpq-dev \
-    libssl-dev \
-    postgresql-client \
-    postgresql-client-common
-
-
-# We create an /app directory with a virtual environment in it to store our
-# application in.
-RUN set -x \
-    && python3 -m venv /app
-
-# Now that we've created our virtual environment, we'll go ahead and update
-# our $PATH to refer to it first.
-ENV VIRTUAL_ENV="/app"
-ENV PATH="$VIRTUAL_ENV/bin:${PATH}"
-
-# Next, we want to update pip, setuptools, and wheel inside of this virtual
-# environment to ensure that we have the latest versions of them.
-RUN pip --no-cache-dir install --upgrade uv
-RUN uv pip --no-cache install --upgrade setuptools wheel
-
-COPY requirements /tmp/requirements
-
-RUN set -x \
-    && if [ "$DEVEL" = "yes" ]; then uv pip --no-cache install -r /tmp/requirements/local.txt; fi
-
-RUN set -x \
-    && uv pip --no-cache install --no-deps \
-    -r /tmp/requirements/production.txt \
-    -r /tmp/requirements/base.txt
-
-RUN set -x \
-    && if [ "$TEST" = "yes" ]; then uv pip --no-cache install --no-deps \
-    -r /tmp/requirements/tests.txt; fi
-
-# Now we can build the application image
-FROM python:3.13-slim
-
-ENV PYTHONUNBUFFERED=1
-ENV PYTHONPATH="/app"
-ENV PATH="/app/bin:${PATH}"
-ENV BOGUS=1
-
-WORKDIR /app/src
-
-ARG DEVEL=no
-# this is used by Sentry to associate errors with releases
-ARG RELEASE="dev"
-
-# This is a work around because otherwise postgresql-client bombs out trying
-# to create symlinks to these directories.
-RUN set -x \
-    && mkdir -p /usr/share/man/man1 \
-    && mkdir -p /usr/share/man/man7
-
-RUN apt-get update \
-    # psycopg2 dependencies
-    && apt-get install --no-install-recommends -y \
-    ca-certificates \
-    curl \
-    gettext \
-    libpq5 \
-    gnupg \
-    && mkdir -p /etc/apt/keyrings \
-    && apt-get install --no-install-recommends -y \
-    $(if [ "$DEVEL" = "yes" ]; then echo 'bash postgresql-client'; fi) \
-    # awscli
-    && apt-get install -y \
-    awscli \
-    # cleaning up unused files
-    && apt-get remove -y \
-    curl \
-    gnupg \
-    && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-RUN adduser --system --no-create-home django
-COPY --chown=django:django --from=build /app/ /app/
-COPY --chown=django:django config/ /app/src/config/
-COPY --chown=django:django manage.py /app/src/
-COPY --chown=django:django {{ copier__project_slug }}/ /app/src/{{ copier__project_slug }}/
-
-USER django
diff --git a/template/backend/config/__init__.py b/template/backend/config/__init__.py
deleted file mode 100644
index b30ebd5..0000000
--- a/template/backend/config/__init__.py
+++ /dev/null
@@ -1,7 +0,0 @@
-{% if copier__use_celery -%}
-# This will make sure the app is always imported when
-# Django starts so that shared_task will use this app.
-from {{ copier__project_slug }}.celery import app as celery_app
-
-__all__ = ("celery_app",)
-{% endif -%}
diff --git a/template/backend/config/asgi.py b/template/backend/config/asgi.py
deleted file mode 100644
index d6dc739..0000000
--- a/template/backend/config/asgi.py
+++ /dev/null
@@ -1,16 +0,0 @@
-"""
-ASGI config for {{ copier__project_name }} project.
-
-It exposes the ASGI callable as a module-level variable named ``application``.
-
-For more information on this file, see
-https://docs.djangoproject.com/en/dev/howto/deployment/asgi/
-
-"""
-import os
-
-from django.core.asgi import get_asgi_application
-
-os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.local")
-
-application = get_asgi_application()
diff --git a/template/backend/config/schema.py b/template/backend/config/schema.py
deleted file mode 100644
index 3394ca8..0000000
--- a/template/backend/config/schema.py
+++ /dev/null
@@ -1,13 +0,0 @@
-import strawberry
-from strawberry_django.optimizer import DjangoOptimizerExtension
-from {{ copier__project_slug }}.users.queries import UserQuery
-from {{ copier__project_slug }}.users.mutations import UserMutation
-
-schema = strawberry.Schema(
-    query=UserQuery,
-    mutation=UserMutation,
-    extensions=[
-        # other extensions...
-        DjangoOptimizerExtension,
-    ],
-)
diff --git a/template/backend/config/settings/__init__.py b/template/backend/config/settings/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/config/settings/base.py b/template/backend/config/settings/base.py
deleted file mode 100644
index aa35a84..0000000
--- a/template/backend/config/settings/base.py
+++ /dev/null
@@ -1,336 +0,0 @@
-"""
-Base settings to build other settings files upon.
-"""
-from pathlib import Path
-
-import environ
-
-{% if copier__use_sentry %}
-import sentry_sdk
-
-{% endif %}
-
-ROOT_DIR = Path(__file__).resolve(strict=True).parent.parent.parent
-# {{ copier__project_slug }}/
-APPS_DIR = ROOT_DIR / "{{ copier__project_slug }}"
-env = environ.Env()
-
-READ_DOT_ENV_FILE = env.bool("DJANGO_READ_DOT_ENV_FILE", default=False)
-if READ_DOT_ENV_FILE:
-    # OS environment variables take precedence over variables from .env
-    env.read_env(str(ROOT_DIR / ".env"))
-
-# GENERAL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#debug
-DEBUG = env.bool("DJANGO_DEBUG", False)
-# Local time zone. Choices are
-# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
-# though not all of them may be available with every OS.
-# In Windows, this must be set to your system time zone.
-TIME_ZONE = "{{ copier__timezone }}"
-# https://docs.djangoproject.com/en/dev/ref/settings/#language-code
-LANGUAGE_CODE = "en-us"
-# https://docs.djangoproject.com/en/dev/ref/settings/#site-id
-SITE_ID = 1
-# https://docs.djangoproject.com/en/dev/ref/settings/#use-i18n
-USE_I18N = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#use-l10n
-USE_L10N = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#use-tz
-USE_TZ = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#locale-paths
-LOCALE_PATHS = [str(ROOT_DIR / "locale")]
-
-# DATABASES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#databases
-DATABASES = {"default": env.db("DATABASE_URL")}
-DATABASES["default"]["ATOMIC_REQUESTS"] = True
-
-# URLS
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#root-urlconf
-ROOT_URLCONF = "config.urls"
-# https://docs.djangoproject.com/en/dev/ref/settings/#wsgi-application
-WSGI_APPLICATION = "config.wsgi.application"
-ASGI_APPLICATION = "config.asgi.application"
-
-# APPS
-# ------------------------------------------------------------------------------
-DJANGO_APPS = [
-    "django.contrib.auth",
-    "django.contrib.contenttypes",
-    "django.contrib.sessions",
-    "django.contrib.sites",
-    "django.contrib.messages",
-    "django.contrib.staticfiles",
-    # "django.contrib.humanize", # Handy template tags
-    "django.contrib.admin",
-    "django.forms",
-]
-THIRD_PARTY_APPS = [
-    "crispy_forms",
-    "crispy_bootstrap5",
-    "allauth",
-    "allauth.account",
-    "allauth.socialaccount",
-{%- if copier__use_celery %}
-    "django_celery_beat",
-{%- endif %}
-{%- if copier__create_nextjs_frontend %}
-    "strawberry_django",
-    "corsheaders",
-{%- endif %}
-]
-
-LOCAL_APPS = [
-    "{{ copier__project_slug }}.users.apps.UsersConfig",
-    # Your stuff: custom apps go here
-]
-# https://docs.djangoproject.com/en/dev/ref/settings/#installed-apps
-INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
-
-# MIGRATIONS
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#migration-modules
-MIGRATION_MODULES = {"sites": "{{ copier__project_slug }}.contrib.sites.migrations"}
-
-# AUTHENTICATION
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#authentication-backends
-AUTHENTICATION_BACKENDS = [
-    "django.contrib.auth.backends.ModelBackend",
-    "allauth.account.auth_backends.AuthenticationBackend",
-]
-# https://docs.djangoproject.com/en/dev/ref/settings/#auth-user-model
-AUTH_USER_MODEL = "users.User"
-# https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url
-LOGIN_REDIRECT_URL = "users:redirect"
-# https://docs.djangoproject.com/en/dev/ref/settings/#login-url
-LOGIN_URL = "account_login"
-
-# PASSWORDS
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#password-hashers
-PASSWORD_HASHERS = [
-    # https://docs.djangoproject.com/en/dev/topics/auth/passwords/#using-argon2-with-django
-    "django.contrib.auth.hashers.Argon2PasswordHasher",
-    "django.contrib.auth.hashers.PBKDF2PasswordHasher",
-    "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
-    "django.contrib.auth.hashers.BCryptSHA256PasswordHasher",
-]
-# https://docs.djangoproject.com/en/dev/ref/settings/#auth-password-validators
-AUTH_PASSWORD_VALIDATORS = [
-    {
-        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"
-    },
-    {"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
-    {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
-    {"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
-]
-
-# MIDDLEWARE
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#middleware
-MIDDLEWARE = [
-    "allauth.account.middleware.AccountMiddleware",
-    "django.middleware.security.SecurityMiddleware",
-    "django.contrib.sessions.middleware.SessionMiddleware",
-    "{{ copier__project_slug }}.utils.healthcheck.HealthCheckMiddleware",
-    "django.middleware.locale.LocaleMiddleware",
-    {%- if copier__create_nextjs_frontend %}
-    "corsheaders.middleware.CorsMiddleware",
-    {%- endif %}
-    "django.middleware.common.CommonMiddleware",
-    "django.middleware.csrf.CsrfViewMiddleware",
-    "django.contrib.auth.middleware.AuthenticationMiddleware",
-    "django.contrib.messages.middleware.MessageMiddleware",
-    "django.middleware.common.BrokenLinkEmailsMiddleware",
-    "django.middleware.clickjacking.XFrameOptionsMiddleware",
-]
-
-# STATIC
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#static-root
-STATIC_ROOT = str(ROOT_DIR / "staticfiles")
-# https://docs.djangoproject.com/en/dev/ref/settings/#static-url
-STATIC_URL = "/static/"
-# https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#std:setting-STATICFILES_DIRS
-STATICFILES_DIRS = [str(APPS_DIR / "static")]
-# https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#staticfiles-finders
-STATICFILES_FINDERS = [
-    "django.contrib.staticfiles.finders.FileSystemFinder",
-    "django.contrib.staticfiles.finders.AppDirectoriesFinder",
-]
-
-# MEDIA
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#media-root
-MEDIA_ROOT = str(APPS_DIR / "media")
-# https://docs.djangoproject.com/en/dev/ref/settings/#media-url
-MEDIA_URL = "/media/"
-
-# TEMPLATES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#templates
-TEMPLATES = [
-    {
-        # https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-TEMPLATES-BACKEND
-        "BACKEND": "django.template.backends.django.DjangoTemplates",
-        # https://docs.djangoproject.com/en/dev/ref/settings/#template-dirs
-        "DIRS": [str(APPS_DIR / "templates")],
-        "OPTIONS": {
-            # https://docs.djangoproject.com/en/dev/ref/settings/#template-loaders
-            # https://docs.djangoproject.com/en/dev/ref/templates/api/#loader-types
-            "loaders": [
-                "django.template.loaders.filesystem.Loader",
-                "django.template.loaders.app_directories.Loader",
-            ],
-            # https://docs.djangoproject.com/en/dev/ref/settings/#template-context-processors
-            "context_processors": [
-                "django.template.context_processors.debug",
-                "django.template.context_processors.request",
-                "django.contrib.auth.context_processors.auth",
-                "django.template.context_processors.i18n",
-                "django.template.context_processors.media",
-                "django.template.context_processors.static",
-                "django.template.context_processors.tz",
-                "django.contrib.messages.context_processors.messages",
-                "{{ copier__project_slug }}.utils.context_processors.settings_context",
-            ],
-        },
-    }
-]
-
-# https://docs.djangoproject.com/en/dev/ref/settings/#form-renderer
-FORM_RENDERER = "django.forms.renderers.TemplatesSetting"
-
-# http://django-crispy-forms.readthedocs.io/en/latest/install.html#template-packs
-CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5"
-
-CRISPY_TEMPLATE_PACK = "bootstrap5"
-
-# FIXTURES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#fixture-dirs
-FIXTURE_DIRS = (str(APPS_DIR / "fixtures"),)
-
-# SECURITY
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-httponly
-SESSION_COOKIE_HTTPONLY = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#csrf-cookie-httponly
-CSRF_COOKIE_HTTPONLY = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-browser-xss-filter
-SECURE_BROWSER_XSS_FILTER = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#x-frame-options
-X_FRAME_OPTIONS = "DENY"
-
-# EMAIL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-backend
-EMAIL_BACKEND = env(
-    "DJANGO_EMAIL_BACKEND", default="django.core.mail.backends.smtp.EmailBackend"
-)
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-timeout
-EMAIL_TIMEOUT = 5
-
-# ADMIN
-# ------------------------------------------------------------------------------
-# Django Admin URL.
-ADMIN_URL = "admin/"
-# https://docs.djangoproject.com/en/dev/ref/settings/#admins
-ADMINS = [("""{{ copier__author_name }}""", "{{ copier__email }}")]
-# https://docs.djangoproject.com/en/dev/ref/settings/#managers
-MANAGERS = ADMINS
-
-# LOGGING
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#logging
-# See https://docs.djangoproject.com/en/dev/topics/logging for
-# more details on how to customize your logging configuration.
-LOGGING = {
-    "version": 1,
-    "disable_existing_loggers": False,
-    "formatters": {
-        "verbose": {
-            "format": "%(levelname)s %(asctime)s %(module)s "
-            "%(process)d %(thread)d %(message)s"
-        }
-    },
-    "handlers": {
-        "console": {
-            "level": "DEBUG",
-            "class": "logging.StreamHandler",
-            "formatter": "verbose",
-        }
-    },
-    "root": {"level": "INFO", "handlers": ["console"]},
-}
-
-{% if copier__use_celery -%}
-# Celery
-# ------------------------------------------------------------------------------
-if USE_TZ:
-    # http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-timezone
-    CELERY_TIMEZONE = TIME_ZONE
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-broker_url
-CELERY_BROKER_URL = env("CELERY_BROKER_URL")
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-result_backend
-CELERY_RESULT_BACKEND = CELERY_BROKER_URL
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-accept_content
-CELERY_ACCEPT_CONTENT = ["json"]
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-task_serializer
-CELERY_TASK_SERIALIZER = "json"
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-result_serializer
-CELERY_RESULT_SERIALIZER = "json"
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#task-time-limit
-# TODO: set to whatever value is adequate in your circumstances
-CELERY_TASK_TIME_LIMIT = 5 * 60
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#task-soft-time-limit
-# TODO: set to whatever value is adequate in your circumstances
-CELERY_TASK_SOFT_TIME_LIMIT = 60
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#beat-scheduler
-CELERY_BEAT_SCHEDULER = "django_celery_beat.schedulers:DatabaseScheduler"
-
-{%- endif %}
-# django-allauth
-# ------------------------------------------------------------------------------
-ACCOUNT_ALLOW_REGISTRATION = env.bool("DJANGO_ACCOUNT_ALLOW_REGISTRATION", True)
-# https://django-allauth.readthedocs.io/en/latest/account/configuration.html
-ACCOUNT_LOGIN_METHODS = {"username"}
-# https://django-allauth.readthedocs.io/en/latest/account/configuration.html
-ACCOUNT_SIGNUP_FIELDS = ["email*", "username*", "password1*", "password2*"]
-# https://django-allauth.readthedocs.io/en/latest/account/configuration.html
-ACCOUNT_EMAIL_VERIFICATION = "mandatory"
-# https://django-allauth.readthedocs.io/en/latest/account/configuration.html
-ACCOUNT_ADAPTER = "{{ copier__project_slug }}.users.adapters.AccountAdapter"
-# https://django-allauth.readthedocs.io/en/latest/account/configuration.html
-SOCIALACCOUNT_ADAPTER = "{{ copier__project_slug }}.users.adapters.SocialAccountAdapter"
-DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
-
-{% if copier__use_sentry %}
-# ------------------------------------------------------------------------------
-# Sentry
-sentry_sdk.init(
-    dsn=env.str("SENTRY_DSN_BACKEND", default=""),
-    environment=env.str("ENVIRONMENT", default="production"),
-    release=env.str("RELEASE", default="dev"),
-)
-{% endif %}
-
-{%- if copier__create_nextjs_frontend %}
-# ------------------------------------------------------------------------------
-# GraphQL settings
-STRAWBERRY_DJANGO = {
-    "FIELD_DESCRIPTION_FROM_HELP_TEXT": True,
-    "TYPE_DESCRIPTION_FROM_MODEL_DOCSTRING": True,
-    "MUTATIONS_DEFAULT_ARGUMENT_NAME": "input",
-    "MUTATIONS_DEFAULT_HANDLE_ERRORS": True,
-}
-{%- endif %}
-
-
-# Your stuff...
-# ------------------------------------------------------------------------------
diff --git a/template/backend/config/settings/local.py b/template/backend/config/settings/local.py
deleted file mode 100644
index 52e5577..0000000
--- a/template/backend/config/settings/local.py
+++ /dev/null
@@ -1,73 +0,0 @@
-from .base import *  # noqa
-from .base import env
-
-# GENERAL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#debug
-DEBUG = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
-SECRET_KEY = (env("DJANGO_SECRET_KEY"),)
-# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = env(
-    "DJANGO_ALLOWED_HOSTS",
-    default=["backend", "localhost", "127.0.0.1"],
-)
-
-# CACHES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#caches
-CACHES = {
-    "default": {
-        "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
-        "LOCATION": "",
-    }
-}
-
-# EMAIL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-host
-EMAIL_HOST = env("EMAIL_HOST", default="mailhog")
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-port
-EMAIL_PORT = 1025
-
-# django-debug-toolbar
-# ------------------------------------------------------------------------------
-# https://django-debug-toolbar.readthedocs.io/en/latest/installation.html#prerequisites
-INSTALLED_APPS += ["debug_toolbar"]  # noqa F405
-# https://django-debug-toolbar.readthedocs.io/en/latest/installation.html#middleware
-MIDDLEWARE += ["debug_toolbar.middleware.DebugToolbarMiddleware"]  # noqa F405
-# https://django-debug-toolbar.readthedocs.io/en/latest/configuration.html#debug-toolbar-config
-DEBUG_TOOLBAR_CONFIG = {
-    "DISABLE_PANELS": ["debug_toolbar.panels.redirects.RedirectsPanel"],
-    "SHOW_TEMPLATE_CONTEXT": True,
-}
-# https://django-debug-toolbar.readthedocs.io/en/latest/installation.html#internal-ips
-INTERNAL_IPS = ["127.0.0.1", "10.0.2.2"]
-if env("USE_DOCKER") == "yes":
-    import socket
-
-    hostname, _, ips = socket.gethostbyname_ex(socket.gethostname())
-    INTERNAL_IPS += [".".join(ip.split(".")[:-1] + ["1"]) for ip in ips]
-
-# django-extensions
-# ------------------------------------------------------------------------------
-# https://django-extensions.readthedocs.io/en/latest/installation_instructions.html#configuration
-# INSTALLED_APPS += ["django_extensions"]  # noqa F405
-
-{% if copier__use_celery -%}
-
-# Celery
-# ------------------------------------------------------------------------------
-# http://docs.celeryproject.org/en/latest/userguide/configuration.html#task-eager-propagates
-CELERY_TASK_EAGER_PROPAGATES = True
-
-{%- endif %}
-
-{%- if copier__create_nextjs_frontend %}
-# ------------------------------------------------------------------------------
-# CORS settings
-CORS_ALLOW_ALL_ORIGINS = True
-CORS_ALLOW_CREDENTIALS = True
-{%- endif %}
-# Your stuff...
-# ------------------------------------------------------------------------------
diff --git a/template/backend/config/settings/production.py b/template/backend/config/settings/production.py
deleted file mode 100644
index b6e851b..0000000
--- a/template/backend/config/settings/production.py
+++ /dev/null
@@ -1,193 +0,0 @@
-from .base import *  # noqa
-from .base import env
-
-# GENERAL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
-SECRET_KEY = env("DJANGO_SECRET_KEY")
-# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = env.list("DJANGO_ALLOWED_HOSTS", default=["{{ copier__domain_name }}"])
-CSRF_TRUSTED_ORIGINS = env.list(
-    "DJANGO_CSRF_TRUSTED_ORIGINS",
-    default=["http://localhost", "https://{{ copier__domain_name }}"],
-)
-# DATABASES
-# ------------------------------------------------------------------------------
-DATABASES["default"] = env.db("DATABASE_URL")  # noqa F405
-DATABASES["default"]["ATOMIC_REQUESTS"] = True  # noqa F405
-DATABASES["default"]["CONN_MAX_AGE"] = env.int("CONN_MAX_AGE", default=60)  # noqa F405
-
-# CACHES
-# ------------------------------------------------------------------------------
-CACHES = {
-    "default": {
-        "BACKEND": "django_redis.cache.RedisCache",
-        "LOCATION": env("REDIS_URL"),
-        "OPTIONS": {
-            "CLIENT_CLASS": "django_redis.client.DefaultClient",
-            # Mimicing memcache behavior.
-            # http://jazzband.github.io/django-redis/latest/#_memcached_exceptions_behavior
-            "IGNORE_EXCEPTIONS": True,
-        },
-    }
-}
-
-# SECURITY
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header
-SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-ssl-redirect
-SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True)
-# https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-secure
-SESSION_COOKIE_SECURE = True
-# https://docs.djangoproject.com/en/dev/ref/settings/#csrf-cookie-secure
-CSRF_COOKIE_SECURE = True
-# https://docs.djangoproject.com/en/dev/topics/security/#ssl-https
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-seconds
-# TODO: set this to 60 seconds first and then to 518400 once you prove the former works
-SECURE_HSTS_SECONDS = 60
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-include-subdomains
-SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
-    "DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS", default=True
-)
-# https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-preload
-SECURE_HSTS_PRELOAD = env.bool("DJANGO_SECURE_HSTS_PRELOAD", default=True)
-# https://docs.djangoproject.com/en/dev/ref/middleware/#x-content-type-options-nosniff
-SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
-    "DJANGO_SECURE_CONTENT_TYPE_NOSNIFF", default=True
-)
-
-# STORAGES
-# ------------------------------------------------------------------------------
-# https://django-storages.readthedocs.io/en/latest/#installation
-INSTALLED_APPS += ["storages"]  # noqa F405
-# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
-AWS_STORAGE_BUCKET_NAME = env("DJANGO_AWS_STORAGE_BUCKET_NAME")
-# It is required to set AWS_S3_CUSTOM_DOMAIN when the bucket is private and static content is served through CloudFront
-AWS_S3_CUSTOM_DOMAIN = env("AWS_S3_CUSTOM_DOMAIN", default=None)
-AWS_S3_URL_PROTOCOL = env("AWS_S3_CUSTOM_DOMAIN_PROTOCOL", default="https:")
-# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
-AWS_QUERYSTRING_AUTH = False
-# DO NOT change these unless you know what you're doing.
-_AWS_EXPIRY = 60 * 60 * 24 * 7
-# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
-AWS_S3_OBJECT_PARAMETERS = {
-    "CacheControl": f"max-age={_AWS_EXPIRY}, s-maxage={_AWS_EXPIRY}, must-revalidate"
-}
-#  https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
-AWS_DEFAULT_ACL = "public-read"
-# https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html#settings
-AWS_S3_REGION_NAME = env("DJANGO_AWS_REGION_NAME", default="us-east-1")
-
-# STATIC
-# ------------------------
-STATICFILES_STORAGE = "{{ copier__project_slug }}.utils.cloud_storage.S3StaticStorage"
-STATIC_URL = f"https://{AWS_STORAGE_BUCKET_NAME}.s3.amazonaws.com/static/"
-
-# MEDIA
-# ------------------------------------------------------------------------------
-DEFAULT_FILE_STORAGE = "{{ copier__project_slug }}.utils.cloud_storage.S3MediaStorage"
-MEDIA_URL = f"https://{AWS_STORAGE_BUCKET_NAME}.s3.amazonaws.com/media/"
-
-# TEMPLATES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#templates
-TEMPLATES[-1]["OPTIONS"]["loaders"] = [  # type: ignore[index] # noqa F405
-    (
-        "django.template.loaders.cached.Loader",
-        [
-            "django.template.loaders.filesystem.Loader",
-            "django.template.loaders.app_directories.Loader",
-        ],
-    )
-]
-
-# EMAIL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#default-from-email
-DEFAULT_FROM_EMAIL = env(
-    "DJANGO_DEFAULT_FROM_EMAIL",
-    default="{{ copier__project_name }} <noreply@{{ copier__domain_name }}>",
-)
-# https://docs.djangoproject.com/en/dev/ref/settings/#server-email
-SERVER_EMAIL = env("DJANGO_SERVER_EMAIL", default=DEFAULT_FROM_EMAIL)
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-subject-prefix
-EMAIL_SUBJECT_PREFIX = env(
-    "DJANGO_EMAIL_SUBJECT_PREFIX",
-    default="[{{ copier__project_name }}]",
-)
-
-# ADMIN
-# ------------------------------------------------------------------------------
-# Django Admin URL regex.
-ADMIN_URL = env("DJANGO_ADMIN_URL")
-
-# Anymail
-# ------------------------------------------------------------------------------
-# https://anymail.readthedocs.io/en/stable/installation/#installing-anymail
-INSTALLED_APPS += ["anymail"]  # noqa F405
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-backend
-# https://anymail.readthedocs.io/en/stable/installation/#anymail-settings-reference
-{%- if copier__mail_service == 'Mailgun' %}
-# https://anymail.readthedocs.io/en/stable/esps/mailgun/
-EMAIL_BACKEND = "anymail.backends.mailgun.EmailBackend"
-ANYMAIL = {
-    "MAILGUN_API_KEY": env("MAILGUN_API_KEY"),
-    "MAILGUN_SENDER_DOMAIN": env("MAILGUN_DOMAIN"),
-    "MAILGUN_API_URL": env("MAILGUN_API_URL", default="https://api.mailgun.net/v3"),
-}
-{%- elif copier__mail_service == 'Amazon SES' %}
-# https://anymail.readthedocs.io/en/stable/esps/amazon_ses/
-EMAIL_BACKEND = "anymail.backends.amazon_ses.EmailBackend"
-ANYMAIL = {}
-{%- elif copier__mail_service == 'Other SMTP' %}
-# https://anymail.readthedocs.io/en/stable/esps
-EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
-ANYMAIL = {}
-{%- endif %}
-
-# LOGGING
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#logging
-# See https://docs.djangoproject.com/en/dev/topics/logging for
-# more details on how to customize your logging configuration.
-LOGGING = {
-    "version": 1,
-    "disable_existing_loggers": True,
-    "formatters": {
-        "verbose": {
-            "format": "%(levelname)s %(asctime)s %(module)s "
-            "%(process)d %(thread)d %(message)s"
-        }
-    },
-    "handlers": {
-        "console": {
-            "level": "DEBUG",
-            "class": "logging.StreamHandler",
-            "formatter": "verbose",
-        }
-    },
-    "root": {"level": "INFO", "handlers": ["console"]},
-    "loggers": {
-        "django.db.backends": {
-            "level": "ERROR",
-            "handlers": ["console"],
-            "propagate": False,
-        },
-        "django.security.DisallowedHost": {
-            "level": "ERROR",
-            "handlers": ["console"],
-            "propagate": False,
-        },
-    },
-}
-
-{%- if copier__create_nextjs_frontend %}
-# ------------------------------------------------------------------------------
-# CORS settings
-CORS_ALLOWED_ORIGINS = env.list("CORS_ALLOWED_ORIGINS", default=[])
-CORS_ALLOW_CREDENTIALS = env.bool("CORS_ALLOW_CREDENTIALS", default=False)
-{%- endif %}
-
-# Your stuff...
-# ------------------------------------------------------------------------------
diff --git a/template/backend/config/settings/test.py b/template/backend/config/settings/test.py
deleted file mode 100644
index 1aa25e5..0000000
--- a/template/backend/config/settings/test.py
+++ /dev/null
@@ -1,48 +0,0 @@
-"""
-With these settings, tests run faster.
-"""
-
-from .base import *  # noqa
-from .base import env
-
-# GENERAL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
-SECRET_KEY = env("DJANGO_SECRET_KEY")
-# https://docs.djangoproject.com/en/dev/ref/settings/#test-runner
-TEST_RUNNER = "django.test.runner.DiscoverRunner"
-
-# CACHES
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#caches
-CACHES = {
-    "default": {
-        "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
-        "LOCATION": "",
-    }
-}
-
-# PASSWORDS
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#password-hashers
-PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]
-
-# TEMPLATES
-# ------------------------------------------------------------------------------
-TEMPLATES[-1]["OPTIONS"]["loaders"] = [  # type: ignore[index] # noqa F405
-    (
-        "django.template.loaders.cached.Loader",
-        [
-            "django.template.loaders.filesystem.Loader",
-            "django.template.loaders.app_directories.Loader",
-        ],
-    )
-]
-
-# EMAIL
-# ------------------------------------------------------------------------------
-# https://docs.djangoproject.com/en/dev/ref/settings/#email-backend
-EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
-
-# Your stuff...
-# ------------------------------------------------------------------------------
diff --git a/template/backend/config/urls.py b/template/backend/config/urls.py
deleted file mode 100644
index 41d1850..0000000
--- a/template/backend/config/urls.py
+++ /dev/null
@@ -1,63 +0,0 @@
-from django.conf import settings
-from django.conf.urls.static import static
-from django.contrib import admin
-from django.contrib.staticfiles.urls import staticfiles_urlpatterns
-from django.urls import include, path
-from django.views import defaults as default_views
-from django.views.generic import TemplateView
-
-{%- if copier__create_nextjs_frontend %}
-from django.views.decorators.csrf import csrf_exempt
-from strawberry.django.views import GraphQLView
-
-from .schema import schema
-
-{%- endif %}
-
-urlpatterns = [
-    path("", TemplateView.as_view(template_name="pages/home.html"), name="home"),
-    path(
-        "about/", TemplateView.as_view(template_name="pages/about.html"), name="about"
-    ),
-    # Django Admin, use {% raw %}{% url 'admin:index' %}{% endraw %}
-    path(settings.ADMIN_URL, admin.site.urls),
-    # User management
-    path("users/", include("{{ copier__project_slug }}.users.urls", namespace="users")),
-    path("accounts/", include("allauth.urls")),
-    # Your stuff: custom urls includes go here
-] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
-if settings.DEBUG:
-    # Static file serving when using Gunicorn + Uvicorn for local web socket development
-    urlpatterns += staticfiles_urlpatterns()
-
-{%- if copier__create_nextjs_frontend %}
-urlpatterns += [
-    path("graphql/", csrf_exempt(GraphQLView.as_view(schema=schema))),
-]
-{%- endif %}
-
-if settings.DEBUG:
-    # This allows the error pages to be debugged during development, just visit
-    # these url in browser to see how these error pages look like.
-    urlpatterns += [
-        path(
-            "400/",
-            default_views.bad_request,
-            kwargs={"exception": Exception("Bad Request!")},
-        ),
-        path(
-            "403/",
-            default_views.permission_denied,
-            kwargs={"exception": Exception("Permission Denied")},
-        ),
-        path(
-            "404/",
-            default_views.page_not_found,
-            kwargs={"exception": Exception("Page not Found")},
-        ),
-        path("500/", default_views.server_error),
-    ]
-    if "debug_toolbar" in settings.INSTALLED_APPS:
-        import debug_toolbar
-
-        urlpatterns = [path("__debug__/", include(debug_toolbar.urls))] + urlpatterns
diff --git a/template/backend/config/wsgi.py b/template/backend/config/wsgi.py
deleted file mode 100644
index 292dfc6..0000000
--- a/template/backend/config/wsgi.py
+++ /dev/null
@@ -1,38 +0,0 @@
-"""
-WSGI config for {{ copier__project_name }} project.
-
-This module contains the WSGI application used by Django's development server
-and any production WSGI deployments. It should expose a module-level variable
-named ``application``. Django's ``runserver`` and ``runfcgi`` commands discover
-this application via the ``WSGI_APPLICATION`` setting.
-
-Usually you will have the standard Django WSGI application here, but it also
-might make sense to replace the whole Django WSGI application with a custom one
-that later delegates to the Django one. For example, you could introduce WSGI
-middleware here, or combine a Django application with an application of another
-framework.
-
-"""
-import os
-import sys
-from pathlib import Path
-
-from django.core.wsgi import get_wsgi_application
-
-# This allows easy placement of apps within the interior
-# {{ copier__project_slug }} directory.
-ROOT_DIR = Path(__file__).resolve(strict=True).parent.parent
-sys.path.append(str(ROOT_DIR / "{{ copier__project_slug }}"))
-# We defer to a DJANGO_SETTINGS_MODULE already in the environment. This breaks
-# if running multiple sites in the same mod_wsgi process. To fix this, use
-# mod_wsgi daemon mode with each site in its own daemon process, or use
-# os.environ["DJANGO_SETTINGS_MODULE"] = "config.settings.production"
-os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.production")
-
-# This application object is used by any WSGI server configured to use this
-# file. This includes Django's development server, if the WSGI_APPLICATION
-# setting points here.
-application = get_wsgi_application()
-# Apply WSGI middleware here.
-# from helloworld.wsgi import HelloWorldApplication
-# application = HelloWorldApplication(application)
diff --git a/template/backend/env.example b/template/backend/env.example
deleted file mode 100644
index 611d3a0..0000000
--- a/template/backend/env.example
+++ /dev/null
@@ -1,21 +0,0 @@
-# General settings
-DJANGO_ADMIN_URL=
-DJANGO_SETTINGS_MODULE=config.settings.local
-DJANGO_SECRET_KEY=)!@y(_a9@pbbc8d1yidg9v18m1_y*4o(ha5a076*86_#*zxb43
-DJANGO_ALLOWED_HOSTS=.sixfeetup.com
-
-# AWS Settings
-DJANGO_AWS_ACCESS_KEY_ID=
-DJANGO_AWS_SECRET_ACCESS_KEY=
-DJANGO_AWS_STORAGE_BUCKET_NAME=
-
-# Used with email
-DJANGO_MAILGUN_API_KEY=
-DJANGO_SERVER_EMAIL=
-MAILGUN_SENDER_DOMAIN=
-
-# Security! Better to use DNS for this task, but you can use redirect
-DJANGO_SECURE_SSL_REDIRECT=False
-
-# Are we using Vagrant
-USE_VAGRANT=
diff --git a/template/backend/manage.py b/template/backend/manage.py
deleted file mode 100755
index ca6912d..0000000
--- a/template/backend/manage.py
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/usr/bin/env python
-import os
-import sys
-
-if __name__ == "__main__":
-    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.local")
-
-    try:
-        from django.core.management import execute_from_command_line
-    except ImportError:
-        # The above import may fail for some other reason. Ensure that the
-        # issue is really that Django is missing to avoid masking other
-        # exceptions on Python 2.
-        try:
-            import django  # noqa
-        except ImportError:
-            raise ImportError(
-                "Couldn't import Django. Are you sure it's installed and "
-                "available on your PYTHONPATH environment variable? Did you "
-                "forget to activate a virtual environment?"
-            )
-        raise
-    execute_from_command_line(sys.argv)
diff --git a/template/backend/requirements/base.in b/template/backend/requirements/base.in
deleted file mode 100644
index a10e45d..0000000
--- a/template/backend/requirements/base.in
+++ /dev/null
@@ -1,29 +0,0 @@
-argon2-cffi
-crispy-bootstrap5
-daphne
-django
-django-allauth
-django-crispy-forms
-django-environ
-django-model-utils
-django-redis
-Pillow
-urllib3
-{% if copier__use_sentry %}
-sentry-sdk[django]
-{% endif %}
-
-{%- if copier__use_celery %}
-celery
-django-celery-beat
-flower
-redis
-{%- endif %}
-
-{%- if copier__create_nextjs_frontend %}
-strawberry-graphql-django
-{%- endif %}
-
-{%- if copier__create_nextjs_frontend %}
-django-cors-headers
-{%- endif %}
diff --git a/template/backend/requirements/local.in b/template/backend/requirements/local.in
deleted file mode 100644
index 45f1c66..0000000
--- a/template/backend/requirements/local.in
+++ /dev/null
@@ -1,9 +0,0 @@
-# Local development dependencies go here
--r base.txt
-
-debugpy
-django-debug-toolbar
-django-extensions
-ipdb
-pydevd-pycharm==243.26053.29
-Werkzeug
diff --git a/template/backend/requirements/production.in b/template/backend/requirements/production.in
deleted file mode 100644
index db8052c..0000000
--- a/template/backend/requirements/production.in
+++ /dev/null
@@ -1,20 +0,0 @@
-# PRECAUTION: avoid production dependencies that aren't in development
-
--r base.txt
-
-gunicorn
-psycopg2
-uvicorn[standard]
-
-# Django
-# ------------------------------------------------------------------------------
-django-storages[boto3] # https://github.com/jschneier/django-storages
-daphne
-
-{%- if copier__mail_service == 'Mailgun' %}
-django-anymail[mailgun] # https://github.com/anymail/django-anymail
-{%- elif copier__mail_service == 'Amazon SES' %}
-django-anymail[amazon_ses] # https://github.com/anymail/django-anymail
-{%- elif copier__mail_service == 'Other SMTP' %}
-django-anymail # https://github.com/anymail/django-anymail
-{%- endif %}
diff --git a/template/backend/requirements/tests.in b/template/backend/requirements/tests.in
deleted file mode 100644
index aa4340b..0000000
--- a/template/backend/requirements/tests.in
+++ /dev/null
@@ -1,15 +0,0 @@
-# Test dependencies go here.
--r base.txt
-
-coverage
-flake8
-django-test-plus
-factory-boy
-django-coverage-plugin
-
-# pytest
-pytest-django
-pytest-cov
-pytest-freezegun
-pytest-mock
-pytest-sugar
diff --git a/template/backend/{{copier__project_slug}}/__init__.py b/template/backend/{{copier__project_slug}}/__init__.py
deleted file mode 100644
index 713e35a..0000000
--- a/template/backend/{{copier__project_slug}}/__init__.py
+++ /dev/null
@@ -1,7 +0,0 @@
-__version__ = "{{ copier__version }}"
-__version_info__ = tuple(
-    [
-        int(num) if num.isdigit() else num
-        for num in __version__.replace("-", ".", 1).split(".")
-    ]
-)
diff --git a/template/backend/{{copier__project_slug}}/celery.py b/template/backend/{{copier__project_slug}}/celery.py
deleted file mode 100644
index ccd9b5f..0000000
--- a/template/backend/{{copier__project_slug}}/celery.py
+++ /dev/null
@@ -1,17 +0,0 @@
-import os
-
-from celery import Celery
-
-# set the default Django settings module for the 'celery' program.
-os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.local")
-
-app = Celery("{{ copier__project_slug }}")
-
-# Using a string here means the worker doesn't have to serialize
-# the configuration object to child processes.
-# - namespace='CELERY' means all celery-related configuration keys
-#   should have a `CELERY_` prefix.
-app.config_from_object("django.conf:settings", namespace="CELERY")
-
-# Load task modules from all registered Django app configs.
-app.autodiscover_tasks()
diff --git a/template/backend/{{copier__project_slug}}/conftest.py b/template/backend/{{copier__project_slug}}/conftest.py
deleted file mode 100644
index c07f40f..0000000
--- a/template/backend/{{copier__project_slug}}/conftest.py
+++ /dev/null
@@ -1,24 +0,0 @@
-import pytest
-{%- if copier__create_nextjs_frontend %}
-from strawberry_django.test.client import TestClient
-{%- endif %}
-
-from {{ copier__project_slug }}.users.models import User
-from {{ copier__project_slug }}.users.tests.factories import UserFactory
-
-
-@pytest.fixture(autouse=True)
-def media_storage(settings, tmpdir):
-    settings.MEDIA_ROOT = tmpdir.strpath
-
-
-@pytest.fixture
-def user() -> User:
-    return UserFactory()
-
-
-{% if copier__create_nextjs_frontend -%}
-@pytest.fixture
-def graphql_client() -> TestClient:
-    return TestClient("/graphql/")
-{%- endif %}
diff --git a/template/backend/{{copier__project_slug}}/contrib/__init__.py b/template/backend/{{copier__project_slug}}/contrib/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/contrib/sites/__init__.py b/template/backend/{{copier__project_slug}}/contrib/sites/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0001_initial.py b/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0001_initial.py
deleted file mode 100644
index 91d4361..0000000
--- a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0001_initial.py
+++ /dev/null
@@ -1,41 +0,0 @@
-import django.contrib.sites.models
-from django.contrib.sites.models import _simple_domain_name_validator
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = []
-
-    operations = [
-        migrations.CreateModel(
-            name="Site",
-            fields=[
-                (
-                    "id",
-                    models.BigAutoField(
-                        verbose_name="ID",
-                        serialize=False,
-                        auto_created=True,
-                        primary_key=True,
-                    ),
-                ),
-                (
-                    "domain",
-                    models.CharField(
-                        max_length=100,
-                        verbose_name="domain name",
-                        validators=[_simple_domain_name_validator],
-                    ),
-                ),
-                ("name", models.CharField(max_length=50, verbose_name="display name")),
-            ],
-            options={
-                "ordering": ("domain",),
-                "db_table": "django_site",
-                "verbose_name": "site",
-                "verbose_name_plural": "sites",
-            },
-            bases=(models.Model,),
-            managers=[("objects", django.contrib.sites.models.SiteManager())],
-        )
-    ]
diff --git a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0002_alter_domain_unique.py b/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0002_alter_domain_unique.py
deleted file mode 100644
index 4359049..0000000
--- a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0002_alter_domain_unique.py
+++ /dev/null
@@ -1,19 +0,0 @@
-import django.contrib.sites.models
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = [("sites", "0001_initial")]
-
-    operations = [
-        migrations.AlterField(
-            model_name="site",
-            name="domain",
-            field=models.CharField(
-                max_length=100,
-                unique=True,
-                validators=[django.contrib.sites.models._simple_domain_name_validator],
-                verbose_name="domain name",
-            ),
-        )
-    ]
diff --git a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0003_set_site_domain_and_name.py b/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0003_set_site_domain_and_name.py
deleted file mode 100644
index 1470aa8..0000000
--- a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/0003_set_site_domain_and_name.py
+++ /dev/null
@@ -1,28 +0,0 @@
-from django.conf import settings
-from django.db import migrations
-
-
-def update_site_forward(apps, schema_editor):
-    """Set site domain and name."""
-    Site = apps.get_model("sites", "Site")
-    Site.objects.update_or_create(
-        id=settings.SITE_ID,
-        defaults={
-            "domain": "{{ copier__domain_name }}",
-            "name": "{{ copier__project_name }}",
-        },
-    )
-
-
-def update_site_backward(apps, schema_editor):
-    """Revert site domain and name to default."""
-    Site = apps.get_model("sites", "Site")
-    Site.objects.update_or_create(
-        id=settings.SITE_ID, defaults={"domain": "example.com", "name": "example.com"}
-    )
-
-
-class Migration(migrations.Migration):
-    dependencies = [("sites", "0002_alter_domain_unique")]
-
-    operations = [migrations.RunPython(update_site_forward, update_site_backward)]
diff --git a/template/backend/{{copier__project_slug}}/contrib/sites/migrations/__init__.py b/template/backend/{{copier__project_slug}}/contrib/sites/migrations/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/static/css/project.css b/template/backend/{{copier__project_slug}}/static/css/project.css
deleted file mode 100644
index f1d543d..0000000
--- a/template/backend/{{copier__project_slug}}/static/css/project.css
+++ /dev/null
@@ -1,13 +0,0 @@
-/* These styles are generated from project.scss. */
-
-.alert-debug {
-  color: black;
-  background-color: white;
-  border-color: #d6e9c6;
-}
-
-.alert-error {
-  color: #b94a48;
-  background-color: #f2dede;
-  border-color: #eed3d7;
-}
diff --git a/template/backend/{{copier__project_slug}}/static/fonts/.gitkeep b/template/backend/{{copier__project_slug}}/static/fonts/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/static/images/favicons/favicon.ico b/template/backend/{{copier__project_slug}}/static/images/favicons/favicon.ico
deleted file mode 100644
index e1c1dd1a32a3a077c41a21e52bc7fb5ac90d3afb..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8348
zcmeHLX-gGh6rQ3V&`<D7CE<noAlEjsXwxujXd#F)ld{xou?49lT4^C#DMQg92<lcw
zMzolfs1@y^S<!}Aws>92%;lcmGu`Jl^WK@OV`^XKh08PZoaH%l?rdiiWq>kJ2@6vM
zhAH8L6=kTRD1!xR`-2o^hS&}loN!U1#gF+=YxEq~uqf5#iBw%p0;w;5ehm+6a!sSu
zh;X+$+}oF$X1Q6DwS~>Y_Hpw^(&QvJO<5ZCPrn5l<LUX!$CQ2UuxTFFU@d=5o~T)_
zM&9lX?aYJe)cC!DuyW2Hv#fzNBja7o{yI$k?DQi4Qa1T~osibBqqBpOvgVuShAz;K
zmYFZ>aNp%s{<NfD^tq;K$)o9J`Bk|DTDfaUPz^Y4pxH6?go{g!rZ4q%h8hZr&i<2r
zT*`Rbm$#it9u?E4ueH?P(XQoh{?VjqRllpGTlcTg>B3x1hf%*?eW>oS{<{4s^u_yG
zpDyG!_iV#~G=q<~slG@0Sx47XXQ%O;HY7ILVf}<nvkjKkUq5Z@&&!CV?=8)SJU*X~
zs@_!4mAeIW{>B-)R$6GV^A78)t0tN9`tu3r9Z+xM?NgUd8geu=c`0?r;-KR&IQjKs
zSB#VCpg8CPW&M}$sth@H=VS%t;23!!j};F)bb;W3EkA!4QmCsY_p81^T<lC2Jw<JL
zl>K0{;$g>e1Hl998^0M+r0-7ZSN+l_cMSRuEALTE@|d6+3{GMP^;_|<<G6v~fm@Db
z$SJ7$Z6)nIxtS6-&!vT#DsfNbg?K9-cIX1Z>yhubb{FF1IPgH|0>SH%pC!c)uFI)H
z?jv4y0uO{P5WE>~I<$r!RFo0lN4r{xm;Jy4p$h~b3S*a#)$Z*nI}&Kc_C+*zZHz1v
zIR8TBVH<RTUHMzt<pQkyWFERe+1}lKD}5^-d7%pgZx^j}ta#*yE)cw3G}D>7Y?Mp~
zofpsr+SP@>EX4e*bQ{nAUYtKrQ&-5d4j;FF{^-^Dt2^5I`HSb!|22PN26n3>hKPOy
zW<i`2eS&}fZx3to{LSA9#ODI-3qh#w1a37VHY(or(QZwVGl$n`v8t<fVnSrlb)f&h
zX0M(~Jg?;!WC#2>2D*A*v+c{bFKCwozbB{dObp~e&1Nxrj<4Ih4~w)M`nl08o}Wq2
z#Jt(k+M>+}JY(=2gm(gdUq)^@e%tX(F)RBtotnB2^y>YKz-5eg_qO&n%lJ1nuQmTY
zxmyE1NWjl1EGvD?Z|n;neT;sa?Q;Ef-#%$BYxXAhD4xF+@M>*qrR!x^sPN98|BX4;
z!$NJcKF`^C7f(<_vlp%b>`pxL^8Y<&?KFx{n_!5C9VqLA*CP@zhXs2t#dmrAKu?d_
y^&_r5_e@uesG}CO*g!3o?-kB+I^cA`>44J#rvpw0oDMi0a5~_0!0Eu>4*Uj$LD0AW

diff --git a/template/backend/{{copier__project_slug}}/static/js/project.js b/template/backend/{{copier__project_slug}}/static/js/project.js
deleted file mode 100644
index d26d23b..0000000
--- a/template/backend/{{copier__project_slug}}/static/js/project.js
+++ /dev/null
@@ -1 +0,0 @@
-/* Project specific Javascript goes here. */
diff --git a/template/backend/{{copier__project_slug}}/static/sass/project.scss b/template/backend/{{copier__project_slug}}/static/sass/project.scss
deleted file mode 100644
index ac8348c..0000000
--- a/template/backend/{{copier__project_slug}}/static/sass/project.scss
+++ /dev/null
@@ -1,35 +0,0 @@
-@import "bootstrap";
-
-// project specific CSS goes here
-
-////////////////////////////////
-//Variables//
-////////////////////////////////
-
-// Alert colors
-
-$white: #fff;
-$mint-green: #d6e9c6;
-$black: #000;
-$pink: #f2dede;
-$dark-pink: #eed3d7;
-$red: #b94a48;
-
-////////////////////////////////
-//Alerts//
-////////////////////////////////
-
-// bootstrap alert CSS, translated to the django-standard levels of
-// debug, info, success, warning, error
-
-.alert-debug {
-	background-color: $white;
-	border-color: $mint-green;
-	color: $black;
-}
-
-.alert-error {
-	background-color: $pink;
-	border-color: $dark-pink;
-	color: $red;
-}
diff --git a/template/backend/{{copier__project_slug}}/templates/403.html b/template/backend/{{copier__project_slug}}/templates/403.html
deleted file mode 100644
index c02bd4e..0000000
--- a/template/backend/{{copier__project_slug}}/templates/403.html
+++ /dev/null
@@ -1,9 +0,0 @@
-{% raw %}{% extends "base.html" %}
-
-{% block title %}Forbidden (403){% endblock %}
-
-{% block content %}
-<h1>Forbidden (403)</h1>
-
-<p>CSRF verification failed. Request aborted.</p>
-{% endblock content %}{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/404.html b/template/backend/{{copier__project_slug}}/templates/404.html
deleted file mode 100644
index 1687ef3..0000000
--- a/template/backend/{{copier__project_slug}}/templates/404.html
+++ /dev/null
@@ -1,9 +0,0 @@
-{% raw %}{% extends "base.html" %}
-
-{% block title %}Page not found{% endblock %}
-
-{% block content %}
-<h1>Page not found</h1>
-
-<p>This is not the page you were looking for.</p>
-{% endblock content %}{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/500.html b/template/backend/{{copier__project_slug}}/templates/500.html
deleted file mode 100644
index 122e081..0000000
--- a/template/backend/{{copier__project_slug}}/templates/500.html
+++ /dev/null
@@ -1,13 +0,0 @@
-{% raw %}{% extends "base.html" %}
-
-{% block title %}Server Error{% endblock %}
-
-{% block content %}
-<h1>Ooops!!! 500</h1>
-
-<h3>Looks like something went wrong!</h3>
-
-<p>We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, try refreshing.</p>
-{% endblock content %}
-
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/account_inactive.html b/template/backend/{{copier__project_slug}}/templates/account/account_inactive.html
deleted file mode 100644
index fe9b680..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/account_inactive.html
+++ /dev/null
@@ -1,12 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-
-{% block head_title %}{% trans "Account Inactive" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "Account Inactive" %}</h1>
-
-<p>{% trans "This account is inactive." %}</p>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/base.html b/template/backend/{{copier__project_slug}}/templates/account/base.html
deleted file mode 100644
index cd07bba..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/base.html
+++ /dev/null
@@ -1,11 +0,0 @@
-{% raw %}{% extends "base.html" %}
-{% block title %}{% block head_title %}{% endblock head_title %}{% endblock title %}
-
-{% block content %}
-<div class="row">
-  <div class="col-md-6 offset-md-3">
-    {% block inner %}{% endblock %}
-  </div>
-</div>
-{% endblock %}
-{% endraw %}
\ No newline at end of file
diff --git a/template/backend/{{copier__project_slug}}/templates/account/email.html b/template/backend/{{copier__project_slug}}/templates/account/email.html
deleted file mode 100644
index 78d9973..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/email.html
+++ /dev/null
@@ -1,80 +0,0 @@
-{% raw %}
-{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Account" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "E-mail Addresses" %}</h1>
-
-{% if user.emailaddress_set.all %}
-<p>{% trans 'The following e-mail addresses are associated with your account:' %}</p>
-
-<form action="{% url 'account_email' %}" class="email_list" method="post">
-{% csrf_token %}
-<fieldset class="blockLabels">
-
-  {% for emailaddress in user.emailaddress_set.all %}
-<div class="radio">
-  <label for="email_radio_{{forloop.counter}}" class="{% if emailaddress.primary %}primary_email{%endif%}">
-
-    <input id="email_radio_{{forloop.counter}}" type="radio" name="email" {% if emailaddress.primary or user.emailaddress_set.count == 1 %}checked="checked"{%endif %} value="{{emailaddress.email}}"/>
-
-    {{ emailaddress.email }}
-    {% if emailaddress.verified %}
-    <span class="verified">{% trans "Verified" %}</span>
-    {% else %}
-    <span class="unverified">{% trans "Unverified" %}</span>
-    {% endif %}
-    {% if emailaddress.primary %}<span class="primary">{% trans "Primary" %}</span>{% endif %}
-  </label>
-</div>
-  {% endfor %}
-
-<div class="form-group">
-      <button class="secondaryAction btn btn-primary" type="submit" name="action_primary" >{% trans 'Make Primary' %}</button>
-      <button class="secondaryAction btn btn-primary" type="submit" name="action_send" >{% trans 'Re-send Verification' %}</button>
-      <button class="primaryAction btn btn-primary" type="submit" name="action_remove" >{% trans 'Remove' %}</button>
-</div>
-
-</fieldset>
-</form>
-
-{% else %}
-<p><strong>{% trans 'Warning:'%}</strong> {% trans "You currently do not have any e-mail address set up. You should really add an e-mail address so you can receive notifications, reset your password, etc." %}</p>
-
-{% endif %}
-
-
-    <h2>{% trans "Add E-mail Address" %}</h2>
-
-    <form method="post" action="{% url 'account_email' %}" class="add_email">
-        {% csrf_token %}
-        {{ form|crispy }}
-        <button class="btn btn-primary" name="action_add" type="submit">{% trans "Add E-mail" %}</button>
-    </form>
-
-{% endblock %}
-
-
-{% block javascript %}
-{{ block.super }}
-<script type="text/javascript">
-(function() {
-  var message = "{% trans 'Do you really want to remove the selected e-mail address?' %}";
-  var actions = document.getElementsByName('action_remove');
-  if (actions.length) {
-    actions[0].addEventListener("click", function(e) {
-      if (! confirm(message)) {
-        e.preventDefault();
-      }
-    });
-  }
-})();
-
-$('.form-group').removeClass('row');
-</script>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/email_confirm.html b/template/backend/{{copier__project_slug}}/templates/account/email_confirm.html
deleted file mode 100644
index eb45cf6..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/email_confirm.html
+++ /dev/null
@@ -1,32 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load account %}
-
-{% block head_title %}{% trans "Confirm E-mail Address" %}{% endblock %}
-
-
-{% block inner %}
-<h1>{% trans "Confirm E-mail Address" %}</h1>
-
-{% if confirmation %}
-
-{% user_display confirmation.email_address.user as user_display %}
-
-<p>{% blocktrans with confirmation.email_address.email as email %}Please confirm that <a href="mailto:{{ email }}">{{ email }}</a> is an e-mail address for user {{ user_display }}.{% endblocktrans %}</p>
-
-<form method="post" action="{% url 'account_confirm_email' confirmation.key %}">
-{% csrf_token %}
-    <button class="btn btn-primary" type="submit">{% trans 'Confirm' %}</button>
-</form>
-
-{% else %}
-
-{% url 'account_email' as email_url %}
-
-<p>{% blocktrans %}This e-mail confirmation link expired or is invalid. Please <a href="{{ email_url }}">issue a new e-mail confirmation request</a>.{% endblocktrans %}</p>
-
-{% endif %}
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/login.html b/template/backend/{{copier__project_slug}}/templates/account/login.html
deleted file mode 100644
index a719322..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/login.html
+++ /dev/null
@@ -1,48 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load account socialaccount %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Sign In" %}{% endblock %}
-
-{% block inner %}
-
-<h1>{% trans "Sign In" %}</h1>
-
-{% get_providers as socialaccount_providers %}
-
-{% if socialaccount_providers %}
-<p>{% blocktrans with site.name as site_name %}Please sign in with one
-of your existing third party accounts. Or, <a href="{{ signup_url }}">sign up</a>
-for a {{ site_name }} account and sign in below:{% endblocktrans %}</p>
-
-<div class="socialaccount_ballot">
-
-  <ul class="socialaccount_providers">
-    {% include "socialaccount/snippets/provider_list.html" with process="login" %}
-  </ul>
-
-  <div class="login-or">{% trans 'or' %}</div>
-
-</div>
-
-{% include "socialaccount/snippets/login_extra.html" %}
-
-{% else %}
-<p>{% blocktrans %}If you have not created an account yet, then please
-<a href="{{ signup_url }}">sign up</a> first.{% endblocktrans %}</p>
-{% endif %}
-
-<form class="login" method="POST" action="{% url 'account_login' %}">
-  {% csrf_token %}
-  {{ form|crispy }}
-  {% if redirect_field_value %}
-  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
-  {% endif %}
-  <a class="button secondaryAction" href="{% url 'account_reset_password' %}">{% trans "Forgot Password?" %}</a>
-  <button class="primaryAction btn btn-primary" type="submit">{% trans "Sign In" %}</button>
-</form>
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/logout.html b/template/backend/{{copier__project_slug}}/templates/account/logout.html
deleted file mode 100644
index baa8183..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/logout.html
+++ /dev/null
@@ -1,22 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-
-{% block head_title %}{% trans "Sign Out" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "Sign Out" %}</h1>
-
-<p>{% trans 'Are you sure you want to sign out?' %}</p>
-
-<form method="post" action="{% url 'account_logout' %}">
-  {% csrf_token %}
-  {% if redirect_field_value %}
-  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}"/>
-  {% endif %}
-  <button class="btn btn-danger" type="submit">{% trans 'Sign Out' %}</button>
-</form>
-
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_change.html b/template/backend/{{copier__project_slug}}/templates/account/password_change.html
deleted file mode 100644
index 62bbbc1..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_change.html
+++ /dev/null
@@ -1,17 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Change Password" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% trans "Change Password" %}</h1>
-
-    <form method="POST" action="{% url 'account_change_password' %}" class="password_change">
-        {% csrf_token %}
-        {{ form|crispy }}
-        <button class="btn btn-primary" type="submit" name="action">{% trans "Change Password" %}</button>
-    </form>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_reset.html b/template/backend/{{copier__project_slug}}/templates/account/password_reset.html
deleted file mode 100644
index b9869fb..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_reset.html
+++ /dev/null
@@ -1,26 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load account %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Password Reset" %}{% endblock %}
-
-{% block inner %}
-
-    <h1>{% trans "Password Reset" %}</h1>
-    {% if user.is_authenticated %}
-    {% include "account/snippets/already_logged_in.html" %}
-    {% endif %}
-
-    <p>{% trans "Forgotten your password? Enter your e-mail address below, and we'll send you an e-mail allowing you to reset it." %}</p>
-
-    <form method="POST" action="{% url 'account_reset_password' %}" class="password_reset">
-        {% csrf_token %}
-        {{ form|crispy }}
-        <input class="btn btn-primary" type="submit" value="{% trans 'Reset My Password' %}" />
-    </form>
-
-    <p>{% blocktrans %}Please contact us if you have any trouble resetting your password.{% endblocktrans %}</p>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_reset_done.html b/template/backend/{{copier__project_slug}}/templates/account/password_reset_done.html
deleted file mode 100644
index cf2129b..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_reset_done.html
+++ /dev/null
@@ -1,17 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load account %}
-
-{% block head_title %}{% trans "Password Reset" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% trans "Password Reset" %}</h1>
-    
-    {% if user.is_authenticated %}
-    {% include "account/snippets/already_logged_in.html" %}
-    {% endif %}
-    
-    <p>{% blocktrans %}We have sent you an e-mail. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key.html b/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key.html
deleted file mode 100644
index 671eb12..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key.html
+++ /dev/null
@@ -1,25 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load crispy_forms_tags %}
-{% block head_title %}{% trans "Change Password" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% if token_fail %}{% trans "Bad Token" %}{% else %}{% trans "Change Password" %}{% endif %}</h1>
-
-    {% if token_fail %}
-        {% url 'account_reset_password' as passwd_reset_url %}
-        <p>{% blocktrans %}The password reset link was invalid, possibly because it has already been used.  Please request a <a href="{{ passwd_reset_url }}">new password reset</a>.{% endblocktrans %}</p>
-    {% else %}
-        {% if form %}
-            <form method="POST" action=".">
-                {% csrf_token %}
-                {{ form|crispy }}
-                <input class="btn btn-primary" type="submit" name="action" value="{% trans 'change password' %}"/>
-            </form>
-        {% else %}
-            <p>{% trans 'Your password is now changed.' %}</p>
-        {% endif %}
-    {% endif %}
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key_done.html b/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key_done.html
deleted file mode 100644
index 925b7aa..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_reset_from_key_done.html
+++ /dev/null
@@ -1,10 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% block head_title %}{% trans "Change Password" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% trans "Change Password" %}</h1>
-    <p>{% trans 'Your password is now changed.' %}</p>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/password_set.html b/template/backend/{{copier__project_slug}}/templates/account/password_set.html
deleted file mode 100644
index 563a0b1..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/password_set.html
+++ /dev/null
@@ -1,17 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Set Password" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% trans "Set Password" %}</h1>
-
-    <form method="POST" action="{% url 'account_set_password' %}" class="password_set">
-        {% csrf_token %}
-        {{ form|crispy }}
-        <input class="btn btn-primary" type="submit" name="action" value="{% trans 'Set Password' %}"/>
-    </form>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/signup.html b/template/backend/{{copier__project_slug}}/templates/account/signup.html
deleted file mode 100644
index 80490a2..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/signup.html
+++ /dev/null
@@ -1,23 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-{% load crispy_forms_tags %}
-
-{% block head_title %}{% trans "Signup" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "Sign Up" %}</h1>
-
-<p>{% blocktrans %}Already have an account? Then please <a href="{{ login_url }}">sign in</a>.{% endblocktrans %}</p>
-
-<form class="signup" id="signup_form" method="post" action="{% url 'account_signup' %}">
-  {% csrf_token %}
-  {{ form|crispy }}
-  {% if redirect_field_value %}
-  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
-  {% endif %}
-  <button class="btn btn-primary" type="submit">{% trans "Sign Up" %} &raquo;</button>
-</form>
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/signup_closed.html b/template/backend/{{copier__project_slug}}/templates/account/signup_closed.html
deleted file mode 100644
index eca9b15..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/signup_closed.html
+++ /dev/null
@@ -1,12 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-
-{% block head_title %}{% trans "Sign Up Closed" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "Sign Up Closed" %}</h1>
-
-<p>{% trans "We are sorry, but the sign up is currently closed." %}</p>
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/verification_sent.html b/template/backend/{{copier__project_slug}}/templates/account/verification_sent.html
deleted file mode 100644
index ccc8d9a..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/verification_sent.html
+++ /dev/null
@@ -1,13 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-
-{% block head_title %}{% trans "Verify Your E-mail Address" %}{% endblock %}
-
-{% block inner %}
-    <h1>{% trans "Verify Your E-mail Address" %}</h1>
-
-    <p>{% blocktrans %}We have sent an e-mail to you for verification. Follow the link provided to finalize the signup process. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/account/verified_email_required.html b/template/backend/{{copier__project_slug}}/templates/account/verified_email_required.html
deleted file mode 100644
index f3078b6..0000000
--- a/template/backend/{{copier__project_slug}}/templates/account/verified_email_required.html
+++ /dev/null
@@ -1,24 +0,0 @@
-{% raw %}{% extends "account/base.html" %}
-
-{% load i18n %}
-
-{% block head_title %}{% trans "Verify Your E-mail Address" %}{% endblock %}
-
-{% block inner %}
-<h1>{% trans "Verify Your E-mail Address" %}</h1>
-
-{% url 'account_email' as email_url %}
-
-<p>{% blocktrans %}This part of the site requires us to verify that
-you are who you claim to be. For this purpose, we require that you
-verify ownership of your e-mail address. {% endblocktrans %}</p>
-
-<p>{% blocktrans %}We have sent an e-mail to you for
-verification. Please click on the link inside this e-mail. Please
-contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
-
-<p>{% blocktrans %}<strong>Note:</strong> you can still <a href="{{ email_url }}">change your e-mail address</a>.{% endblocktrans %}</p>
-
-
-{% endblock %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/base.html b/template/backend/{{copier__project_slug}}/templates/base.html
deleted file mode 100644
index db8bae7..0000000
--- a/template/backend/{{copier__project_slug}}/templates/base.html
+++ /dev/null
@@ -1,106 +0,0 @@
-{% raw %}{% load static i18n {% endraw %}{% raw %}%}<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="x-ua-compatible" content="ie=edge">
-    <title>{% block title %}{% endraw %}{{ copier__project_name }}{% raw %}{% endblock title %}</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-
-    <!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
-    <!--[if lt IE 9]>
-      <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <![endif]-->
-
-    <link rel="icon" href="{% static 'images/favicons/favicon.ico' %}">
-
-    {% block css %}
-    {% endraw %}{% raw %}
-    <!-- Latest compiled and minified Bootstrap CSS -->
-    <link href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
-    {% endraw %}{% raw %}
-
-    <!-- Your stuff: Third-party CSS libraries go here -->
- 
-    <!-- This file stores project-specific CSS -->
-    <link href="{% static 'css/project.css' %}" rel="stylesheet">
-    {% endblock %}
-
-  </head>
-
-  <body>
-
-    <div class="mb-1">
-      <nav class="navbar navbar-expand-md navbar-light bg-light">
-        <button class="navbar-toggler navbar-toggler-right" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
-          <span class="navbar-toggler-icon"></span>
-        </button>
-        <a class="navbar-brand" href="{% url 'home' %}">{% endraw %}{{ copier__project_name }}{% raw %}</a>
-
-        <div class="collapse navbar-collapse" id="navbarSupportedContent">
-          <ul class="navbar-nav mr-auto">
-            <li class="nav-item active">
-              <a class="nav-link" href="{% url 'home' %}">Home <span class="sr-only">(current)</span></a>
-            </li>
-            <li class="nav-item">
-              <a class="nav-link" href="{% url 'about' %}">About</a>
-            </li>
-            {% if request.user.is_authenticated %}
-              <li class="nav-item">
-                {# URL provided by django-allauth/account/urls.py #}
-                <a class="nav-link" href="{% url 'users:detail' request.user.username  %}">{% trans "My Profile" %}</a>
-              </li>
-              <li class="nav-item">
-                {# URL provided by django-allauth/account/urls.py #}
-                <a class="nav-link" href="{% url 'account_logout' %}">{% trans "Sign Out" %}</a>
-              </li>
-            {% else %}
-              <li class="nav-item">
-                {# URL provided by django-allauth/account/urls.py #}
-                <a id="sign-up-link" class="nav-link" href="{% url 'account_signup' %}">{% trans "Sign Up" %}</a>
-              </li>
-              <li class="nav-item">
-                {# URL provided by django-allauth/account/urls.py #}
-                <a id="log-in-link" class="nav-link" href="{% url 'account_login' %}">{% trans "Sign In" %}</a>
-              </li>
-            {% endif %}
-          </ul>
-        </div>
-      </nav>
-
-    </div>
-
-    <div class="container">
-
-      {% if messages %}
-          {% for message in messages %}
-              <div class="alert {% if message.tags %}alert-{{ message.tags }}{% endif %}">{{ message }}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button></div>
-          {% endfor %}
-      {% endif %}
-
-      {% block content %}
-        <p>Welcome to your brand-new <a href="https://github.com/sixfeetup/scaf">Scaf</a>-powered Django project! Your development journey starts here. Explore, build, and innovate with speed and ease.</p>
-      {% endblock content %}
-
-    </div> <!-- /container -->
-
-    {% block modal %}{% endblock modal %}
-
-    <!-- Le javascript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    {% block javascript %}
-      <!-- Bootstrap JS and its dependencies-->
-      <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
-      <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
-      <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
-
-      <!-- Your stuff: Third-party javascript libraries go here -->
-
-      <!-- place project specific Javascript in this file -->
-      <script src="{% static 'js/project.js' %}"></script>
-    {% endblock javascript %}
-  </body>
-</html>
- {% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/pages/about.html b/template/backend/{{copier__project_slug}}/templates/pages/about.html
deleted file mode 100644
index 94beff9..0000000
--- a/template/backend/{{copier__project_slug}}/templates/pages/about.html
+++ /dev/null
@@ -1 +0,0 @@
-{% raw %}{% extends "base.html" %}{% endraw %}
\ No newline at end of file
diff --git a/template/backend/{{copier__project_slug}}/templates/pages/home.html b/template/backend/{{copier__project_slug}}/templates/pages/home.html
deleted file mode 100644
index 94beff9..0000000
--- a/template/backend/{{copier__project_slug}}/templates/pages/home.html
+++ /dev/null
@@ -1 +0,0 @@
-{% raw %}{% extends "base.html" %}{% endraw %}
\ No newline at end of file
diff --git a/template/backend/{{copier__project_slug}}/templates/users/user_detail.html b/template/backend/{{copier__project_slug}}/templates/users/user_detail.html
deleted file mode 100644
index 47b6112..0000000
--- a/template/backend/{{copier__project_slug}}/templates/users/user_detail.html
+++ /dev/null
@@ -1,36 +0,0 @@
-{% raw %}{% extends "base.html" %}
-{% load static %}
-
-{% block title %}User: {{ object.username }}{% endblock %}
-
-{% block content %}
-<div class="container">
-
-  <div class="row">
-    <div class="col-sm-12">
-
-      <h2>{{ object.username }}</h2>
-      {% if object.name %}
-        <p>{{ object.name }}</p>
-      {% endif %}
-    </div>
-  </div>
-
-{% if object == request.user %}
-<!-- Action buttons -->
-<div class="row">
-
-  <div class="col-sm-12">
-    <a class="btn btn-primary" href="{% url 'users:update' %}" role="button">My Info</a>
-    <a class="btn btn-primary" href="{% url 'account_email' %}" role="button">E-Mail</a>
-    <!-- Your Stuff: Custom user template urls -->
-  </div>
-
-</div>
-<!-- End Action buttons -->
-{% endif %}
-
-
-</div>
-{% endblock content %}
-{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/templates/users/user_form.html b/template/backend/{{copier__project_slug}}/templates/users/user_form.html
deleted file mode 100644
index e9da0d4..0000000
--- a/template/backend/{{copier__project_slug}}/templates/users/user_form.html
+++ /dev/null
@@ -1,17 +0,0 @@
-{% raw %}{% extends "base.html" %}
-{% load crispy_forms_tags %}
-
-{% block title %}{{ user.username }}{% endblock %}
-
-{% block content %}
-  <h1>{{ user.username }}</h1>
-  <form class="form-horizontal" method="post" action="{% url 'users:update' %}">
-    {% csrf_token %}
-    {{ form|crispy }}
-    <div class="control-group">
-      <div class="controls">
-        <button type="submit" class="btn btn-primary">Update</button>
-      </div>
-    </div>
-  </form>
-{% endblock %}{% endraw %}
diff --git a/template/backend/{{copier__project_slug}}/users/__init__.py b/template/backend/{{copier__project_slug}}/users/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/users/adapters.py b/template/backend/{{copier__project_slug}}/users/adapters.py
deleted file mode 100644
index 0d206fa..0000000
--- a/template/backend/{{copier__project_slug}}/users/adapters.py
+++ /dev/null
@@ -1,16 +0,0 @@
-from typing import Any
-
-from allauth.account.adapter import DefaultAccountAdapter
-from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
-from django.conf import settings
-from django.http import HttpRequest
-
-
-class AccountAdapter(DefaultAccountAdapter):
-    def is_open_for_signup(self, request: HttpRequest):
-        return getattr(settings, "ACCOUNT_ALLOW_REGISTRATION", True)
-
-
-class SocialAccountAdapter(DefaultSocialAccountAdapter):
-    def is_open_for_signup(self, request: HttpRequest, sociallogin: Any):
-        return getattr(settings, "ACCOUNT_ALLOW_REGISTRATION", True)
diff --git a/template/backend/{{copier__project_slug}}/users/admin.py b/template/backend/{{copier__project_slug}}/users/admin.py
deleted file mode 100644
index 1e6dd25..0000000
--- a/template/backend/{{copier__project_slug}}/users/admin.py
+++ /dev/null
@@ -1,22 +0,0 @@
-from django.contrib import admin
-from django.contrib.auth import admin as auth_admin
-from django.contrib.auth import get_user_model
-from {{copier__project_slug}}.users.forms import (UserChangeForm,
-                                                  UserCreationForm)
-
-User = get_user_model()
-
-
-@admin.register(User)
-class UserAdmin(auth_admin.UserAdmin):
-    form = UserChangeForm
-    add_form = UserCreationForm
-    fieldsets = (("User", {"fields": ("name",)}),) + auth_admin.UserAdmin.fieldsets
-    add_fieldsets = (
-        (None, {
-            'classes': ('wide',),
-            'fields': ('username', 'email', 'name', 'password1', 'password2'),
-        }),
-    )
-    list_display = ["username", "name", "is_superuser"]
-    search_fields = ["name"]
diff --git a/template/backend/{{copier__project_slug}}/users/apps.py b/template/backend/{{copier__project_slug}}/users/apps.py
deleted file mode 100644
index 3ac2ce3..0000000
--- a/template/backend/{{copier__project_slug}}/users/apps.py
+++ /dev/null
@@ -1,13 +0,0 @@
-from django.apps import AppConfig
-from django.utils.translation import gettext_lazy as _
-
-
-class UsersConfig(AppConfig):
-    name = "{{ copier__project_slug }}.users"
-    verbose_name = _("Users")
-
-    def ready(self):
-        try:
-            import {{ copier__project_slug }}.users.signals  # noqa F401
-        except ImportError:
-            pass
diff --git a/template/backend/{{copier__project_slug}}/users/forms.py b/template/backend/{{copier__project_slug}}/users/forms.py
deleted file mode 100644
index cf4b25a..0000000
--- a/template/backend/{{copier__project_slug}}/users/forms.py
+++ /dev/null
@@ -1,29 +0,0 @@
-from django.contrib.auth import forms, get_user_model
-from django.core.exceptions import ValidationError
-from django.utils.translation import gettext_lazy as _
-
-User = get_user_model()
-
-
-class UserChangeForm(forms.UserChangeForm):
-    class Meta(forms.UserChangeForm.Meta):
-        model = User
-
-
-class UserCreationForm(forms.UserCreationForm):
-    error_message = forms.UserCreationForm.error_messages.update(
-        {"duplicate_username": _("This username has already been taken.")}
-    )
-
-    class Meta(forms.UserCreationForm.Meta):
-        model = User
-
-    def clean_username(self):
-        username = self.cleaned_data["username"]
-
-        try:
-            User.objects.get(username=username)
-        except User.DoesNotExist:
-            return username
-
-        raise ValidationError(self.error_messages["duplicate_username"])
diff --git a/template/backend/{{copier__project_slug}}/users/migrations/0001_initial.py b/template/backend/{{copier__project_slug}}/users/migrations/0001_initial.py
deleted file mode 100644
index b0e6bd5..0000000
--- a/template/backend/{{copier__project_slug}}/users/migrations/0001_initial.py
+++ /dev/null
@@ -1,131 +0,0 @@
-import django.contrib.auth.models
-import django.contrib.auth.validators
-import django.utils.timezone
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    initial = True
-
-    dependencies = [("auth", "0008_alter_user_username_max_length")]
-
-    operations = [
-        migrations.CreateModel(
-            name="User",
-            fields=[
-                (
-                    "id",
-                    models.BigAutoField(
-                        auto_created=True,
-                        primary_key=True,
-                        serialize=False,
-                        verbose_name="ID",
-                    ),
-                ),
-                ("password", models.CharField(max_length=128, verbose_name="password")),
-                (
-                    "last_login",
-                    models.DateTimeField(
-                        blank=True, null=True, verbose_name="last login"
-                    ),
-                ),
-                (
-                    "is_superuser",
-                    models.BooleanField(
-                        default=False,
-                        help_text="Designates that this user has all permissions without explicitly assigning them.",
-                        verbose_name="superuser status",
-                    ),
-                ),
-                (
-                    "username",
-                    models.CharField(
-                        error_messages={
-                            "unique": "A user with that username already exists."
-                        },
-                        help_text="Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.",
-                        max_length=150,
-                        unique=True,
-                        validators=[
-                            django.contrib.auth.validators.UnicodeUsernameValidator()
-                        ],
-                        verbose_name="username",
-                    ),
-                ),
-                (
-                    "first_name",
-                    models.CharField(
-                        blank=True, max_length=30, verbose_name="first name"
-                    ),
-                ),
-                (
-                    "last_name",
-                    models.CharField(
-                        blank=True, max_length=150, verbose_name="last name"
-                    ),
-                ),
-                (
-                    "email",
-                    models.EmailField(
-                        blank=True, max_length=254, verbose_name="email address"
-                    ),
-                ),
-                (
-                    "is_staff",
-                    models.BooleanField(
-                        default=False,
-                        help_text="Designates whether the user can log into this admin site.",
-                        verbose_name="staff status",
-                    ),
-                ),
-                (
-                    "is_active",
-                    models.BooleanField(
-                        default=True,
-                        help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.",
-                        verbose_name="active",
-                    ),
-                ),
-                (
-                    "date_joined",
-                    models.DateTimeField(
-                        default=django.utils.timezone.now, verbose_name="date joined"
-                    ),
-                ),
-                (
-                    "name",
-                    models.CharField(
-                        blank=True, max_length=255, verbose_name="Name of User"
-                    ),
-                ),
-                (
-                    "groups",
-                    models.ManyToManyField(
-                        blank=True,
-                        help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
-                        related_name="user_set",
-                        related_query_name="user",
-                        to="auth.Group",
-                        verbose_name="groups",
-                    ),
-                ),
-                (
-                    "user_permissions",
-                    models.ManyToManyField(
-                        blank=True,
-                        help_text="Specific permissions for this user.",
-                        related_name="user_set",
-                        related_query_name="user",
-                        to="auth.Permission",
-                        verbose_name="user permissions",
-                    ),
-                ),
-            ],
-            options={
-                "verbose_name_plural": "users",
-                "verbose_name": "user",
-                "abstract": False,
-            },
-            managers=[("objects", django.contrib.auth.models.UserManager())],
-        )
-    ]
diff --git a/template/backend/{{copier__project_slug}}/users/migrations/__init__.py b/template/backend/{{copier__project_slug}}/users/migrations/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/users/models.py b/template/backend/{{copier__project_slug}}/users/models.py
deleted file mode 100644
index 653012d..0000000
--- a/template/backend/{{copier__project_slug}}/users/models.py
+++ /dev/null
@@ -1,13 +0,0 @@
-from django.contrib.auth.models import AbstractUser
-from django.db.models import CharField
-from django.urls import reverse
-from django.utils.translation import gettext_lazy as _
-
-
-class User(AbstractUser):
-    # First Name and Last Name do not cover name patterns
-    # around the globe.
-    name = CharField(_("Name of User"), blank=True, max_length=255)
-
-    def get_absolute_url(self):
-        return reverse("users:detail", kwargs={"username": self.username})
diff --git a/template/backend/{{copier__project_slug}}/users/mutations.py b/template/backend/{{copier__project_slug}}/users/mutations.py
deleted file mode 100644
index 32e5fa9..0000000
--- a/template/backend/{{copier__project_slug}}/users/mutations.py
+++ /dev/null
@@ -1,35 +0,0 @@
-import strawberry
-import strawberry_django
-from django.contrib.auth import get_user_model
-from strawberry_django import mutations
-
-from .types import UserType
-
-User = get_user_model()
-
-
-@strawberry_django.input(User)
-class UserRegistrationInput:
-    username: strawberry.auto
-    password: strawberry.auto
-
-
-@strawberry_django.partial(User)
-class UserPartialUpdateInput:
-    id: strawberry.auto
-    name: strawberry.auto
-
-
-@strawberry.type
-class UserMutation:
-    """
-    User mutations
-    """
-
-    # Auth mutations
-    login: UserType = strawberry_django.auth.login()
-    logout = strawberry_django.auth.logout()
-    register: UserType = strawberry_django.auth.register(UserRegistrationInput)
-
-    # User mutations
-    update_user: UserType = mutations.update(UserPartialUpdateInput)
diff --git a/template/backend/{{copier__project_slug}}/users/queries.py b/template/backend/{{copier__project_slug}}/users/queries.py
deleted file mode 100644
index 1a09bc5..0000000
--- a/template/backend/{{copier__project_slug}}/users/queries.py
+++ /dev/null
@@ -1,13 +0,0 @@
-import strawberry
-import strawberry_django
-
-from .types import UserType
-
-
-@strawberry.type
-class UserQuery:
-    """
-    User queries
-    """
-
-    me: UserType = strawberry_django.auth.current_user()
diff --git a/template/backend/{{copier__project_slug}}/users/tasks.py b/template/backend/{{copier__project_slug}}/users/tasks.py
deleted file mode 100644
index c99341c..0000000
--- a/template/backend/{{copier__project_slug}}/users/tasks.py
+++ /dev/null
@@ -1,11 +0,0 @@
-from django.contrib.auth import get_user_model
-
-from config import celery_app
-
-User = get_user_model()
-
-
-@celery_app.task()
-def get_users_count():
-    """A pointless Celery task to demonstrate usage."""
-    return User.objects.count()
diff --git a/template/backend/{{copier__project_slug}}/users/tests/__init__.py b/template/backend/{{copier__project_slug}}/users/tests/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/template/backend/{{copier__project_slug}}/users/tests/factories.py b/template/backend/{{copier__project_slug}}/users/tests/factories.py
deleted file mode 100644
index 36f9634..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/factories.py
+++ /dev/null
@@ -1,32 +0,0 @@
-from collections.abc import Sequence
-from typing import Any
-
-from django.contrib.auth import get_user_model
-from factory import Faker, post_generation
-from factory.django import DjangoModelFactory
-
-
-class UserFactory(DjangoModelFactory):
-    username = Faker("user_name")
-    email = Faker("email")
-    name = Faker("name")
-
-    @post_generation
-    def password(self, create: bool, extracted: Sequence[Any], **kwargs):
-        password = (
-            extracted
-            if extracted
-            else Faker(
-                "password",
-                length=42,
-                special_chars=True,
-                digits=True,
-                upper_case=True,
-                lower_case=True,
-            ).evaluate(None, None, extra={"locale": None})
-        )
-        self.set_password(password)
-
-    class Meta:
-        model = get_user_model()
-        django_get_or_create = ["username"]
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_forms.py b/template/backend/{{copier__project_slug}}/users/tests/test_forms.py
deleted file mode 100644
index 2c8d86d..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_forms.py
+++ /dev/null
@@ -1,40 +0,0 @@
-import pytest
-
-from {{ copier__project_slug }}.users.forms import UserCreationForm
-from {{ copier__project_slug }}.users.tests.factories import UserFactory
-
-pytestmark = pytest.mark.django_db
-
-
-class TestUserCreationForm:
-    def test_clean_username(self):
-        # A user with proto_user params does not exist yet.
-        proto_user = UserFactory.build()
-
-        form = UserCreationForm(
-            {
-                "username": proto_user.username,
-                "password1": proto_user._password,
-                "password2": proto_user._password,
-            }
-        )
-
-        assert form.is_valid()
-        assert form.clean_username() == proto_user.username
-
-        # Creating a user.
-        form.save()
-
-        # The user with proto_user params already exists,
-        # hence cannot be created.
-        form = UserCreationForm(
-            {
-                "username": proto_user.username,
-                "password1": proto_user._password,
-                "password2": proto_user._password,
-            }
-        )
-
-        assert not form.is_valid()
-        assert len(form.errors) == 1
-        assert "username" in form.errors
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_graphql_views.py b/template/backend/{{copier__project_slug}}/users/tests/test_graphql_views.py
deleted file mode 100644
index 475694f..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_graphql_views.py
+++ /dev/null
@@ -1,117 +0,0 @@
-import pytest
-from strawberry_django.test.client import TestClient
-
-from {{ copier__project_slug }}.users.models import User
-
-pytestmark = pytest.mark.django_db
-
-
-class TestGraphQLView:
-    """
-    Tests for the GraphQL view.
-    """
-
-    def test_me_unauthenticated(self, graphql_client: TestClient):
-        """
-        Test that the `me` query does not work when the user is not logged in.
-        """
-        res = graphql_client.query(
-            """
-            query Me {
-                me {
-                    id
-                    username
-                    name
-                    email
-                    isStaff
-                    isActive
-                }
-            }
-            """,
-            asserts_errors=False,
-        )
-        assert not res.data
-        assert res.errors[0]["message"] == "User is not logged in."
-
-    def test_me_authenticated(self, user: User, graphql_client: TestClient):
-        """
-        Test that the `me` query returns the user information if authenticated.
-        """
-        with graphql_client.login(user):
-            res = graphql_client.query(
-                """
-                query Me {
-                    me {
-                        email
-                        id
-                        isActive
-                        isStaff
-                        name
-                        username
-                    }
-                }
-                """
-            )
-
-        assert res.errors is None
-        assert res.data == {
-            "me": {
-                "id": str(user.id),
-                "email": user.email,
-                "name": user.name,
-                "username": user.username,
-                "isActive": user.is_active,
-                "isStaff": user.is_staff,
-            },
-        }
-
-    def test_update_user_unauthenticated(self, graphql_client: TestClient):
-        """
-        Test that the `update_user` mutation does not allow unauthenticated users.
-        """
-        res = graphql_client.query(
-            """
-            mutation MyMutation {
-                updateUser(input: {id: 1 name: "John Doe"}) {
-                    ... on UserType {
-                        id
-                        email
-                        name
-                    }
-                }
-            }
-            """
-        )
-
-        assert res.errors is None
-        assert res.data == {"updateUser": {}}
-
-    def test_update_user_authenticated(self, user: User, graphql_client: TestClient):
-        """
-        Test that the `update_user` mutation is updating user information.
-        """
-        expected_name = "John Doe"
-        with graphql_client.login(user):
-            res = graphql_client.query(
-                """
-                mutation UpdateUser($input: UserPartialUpdateInput!) {
-                    updateUser(input: $input) {
-                        ... on UserType {
-                            id
-                            email
-                            name
-                        }
-                    }
-                }
-                """,
-                variables={"input": {"id": str(user.id), "name": expected_name}},
-            )
-
-        assert res.errors is None
-        assert res.data == {
-            "updateUser": {
-                "id": str(user.id),
-                "email": user.email,
-                "name": expected_name,
-            }
-        }
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_models.py b/template/backend/{{copier__project_slug}}/users/tests/test_models.py
deleted file mode 100644
index b16e929..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_models.py
+++ /dev/null
@@ -1,9 +0,0 @@
-import pytest
-
-from {{ copier__project_slug }}.users.models import User
-
-pytestmark = pytest.mark.django_db
-
-
-def test_user_get_absolute_url(user: User):
-    assert user.get_absolute_url() == f"/users/{user.username}/"
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_tasks.py b/template/backend/{{copier__project_slug}}/users/tests/test_tasks.py
deleted file mode 100644
index cbdc88b..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_tasks.py
+++ /dev/null
@@ -1,16 +0,0 @@
-import pytest
-from celery.result import EagerResult
-
-from {{ copier__project_slug }}.users.tasks import get_users_count
-from {{ copier__project_slug }}.users.tests.factories import UserFactory
-
-pytestmark = pytest.mark.django_db
-
-
-def test_user_count(settings):
-    """A basic test to execute the get_users_count Celery task."""
-    UserFactory.create_batch(3)
-    settings.CELERY_TASK_ALWAYS_EAGER = True
-    task_result = get_users_count.delay()
-    assert isinstance(task_result, EagerResult)
-    assert task_result.result == 3
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_urls.py b/template/backend/{{copier__project_slug}}/users/tests/test_urls.py
deleted file mode 100644
index ee8f968..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_urls.py
+++ /dev/null
@@ -1,24 +0,0 @@
-import pytest
-from django.urls import resolve, reverse
-
-from {{ copier__project_slug }}.users.models import User
-
-pytestmark = pytest.mark.django_db
-
-
-def test_detail(user: User):
-    assert (
-        reverse("users:detail", kwargs={"username": user.username})
-        == f"/users/{user.username}/"
-    )
-    assert resolve(f"/users/{user.username}/").view_name == "users:detail"
-
-
-def test_update():
-    assert reverse("users:update") == "/users/~update/"
-    assert resolve("/users/~update/").view_name == "users:update"
-
-
-def test_redirect():
-    assert reverse("users:redirect") == "/users/~redirect/"
-    assert resolve("/users/~redirect/").view_name == "users:redirect"
diff --git a/template/backend/{{copier__project_slug}}/users/tests/test_views.py b/template/backend/{{copier__project_slug}}/users/tests/test_views.py
deleted file mode 100644
index 1a3c908..0000000
--- a/template/backend/{{copier__project_slug}}/users/tests/test_views.py
+++ /dev/null
@@ -1,75 +0,0 @@
-import pytest
-from django.contrib.auth.models import AnonymousUser
-from django.http.response import Http404
-from django.test import RequestFactory
-
-from {{ copier__project_slug }}.users.models import User
-from {{ copier__project_slug }}.users.tests.factories import UserFactory
-from {{ copier__project_slug }}.users.views import UserRedirectView, UserUpdateView, user_detail_view
-
-pytestmark = pytest.mark.django_db
-
-
-class TestUserUpdateView:
-    """
-    TODO:
-        extracting view initialization code as class-scoped fixture
-        would be great if only pytest-django supported non-function-scoped
-        fixture db access -- this is a work-in-progress for now:
-        https://github.com/pytest-dev/pytest-django/pull/258
-    """
-
-    def test_get_success_url(self, user: User, rf: RequestFactory):
-        view = UserUpdateView()
-        request = rf.get("/fake-url/")
-        request.user = user
-
-        view.request = request
-
-        assert view.get_success_url() == f"/users/{user.username}/"
-
-    def test_get_object(self, user: User, rf: RequestFactory):
-        view = UserUpdateView()
-        request = rf.get("/fake-url/")
-        request.user = user
-
-        view.request = request
-
-        assert view.get_object() == user
-
-
-class TestUserRedirectView:
-    def test_get_redirect_url(self, user: User, rf: RequestFactory):
-        view = UserRedirectView()
-        request = rf.get("/fake-url")
-        request.user = user
-
-        view.request = request
-
-        assert view.get_redirect_url() == f"/users/{user.username}/"
-
-
-class TestUserDetailView:
-    def test_authenticated(self, user: User, rf: RequestFactory):
-        request = rf.get("/fake-url/")
-        request.user = UserFactory()
-
-        response = user_detail_view(request, username=user.username)
-
-        assert response.status_code == 200
-
-    def test_not_authenticated(self, user: User, rf: RequestFactory):
-        request = rf.get("/fake-url/")
-        request.user = AnonymousUser()  # type: ignore
-
-        response = user_detail_view(request, username=user.username)
-
-        assert response.status_code == 302
-        assert response.url == "/accounts/login/?next=/fake-url/"
-
-    def test_case_sensitivity(self, rf: RequestFactory):
-        request = rf.get("/fake-url/")
-        request.user = UserFactory(username="UserName")
-
-        with pytest.raises(Http404):
-            user_detail_view(request, username="username")
diff --git a/template/backend/{{copier__project_slug}}/users/types.py b/template/backend/{{copier__project_slug}}/users/types.py
deleted file mode 100644
index c01fc8e..0000000
--- a/template/backend/{{copier__project_slug}}/users/types.py
+++ /dev/null
@@ -1,19 +0,0 @@
-import strawberry
-import strawberry_django
-from django.contrib.auth import get_user_model
-
-User = get_user_model()
-
-
-@strawberry_django.type(User)
-class UserType:
-    """
-    User type
-    """
-
-    id: strawberry.auto
-    username: strawberry.auto
-    name: strawberry.auto
-    email: strawberry.auto
-    is_staff: strawberry.auto
-    is_active: strawberry.auto
diff --git a/template/backend/{{copier__project_slug}}/users/urls.py b/template/backend/{{copier__project_slug}}/users/urls.py
deleted file mode 100644
index 32796d5..0000000
--- a/template/backend/{{copier__project_slug}}/users/urls.py
+++ /dev/null
@@ -1,9 +0,0 @@
-from django.urls import path
-from {{ copier__project_slug }}.users.views import user_detail_view, user_redirect_view, user_update_view
-
-app_name = "users"
-urlpatterns = [
-    path("~redirect/", view=user_redirect_view, name="redirect"),
-    path("~update/", view=user_update_view, name="update"),
-    path("<str:username>/", view=user_detail_view, name="detail"),
-]
diff --git a/template/backend/{{copier__project_slug}}/users/views.py b/template/backend/{{copier__project_slug}}/users/views.py
deleted file mode 100644
index 4a6e397..0000000
--- a/template/backend/{{copier__project_slug}}/users/views.py
+++ /dev/null
@@ -1,47 +0,0 @@
-from django.contrib import messages
-from django.contrib.auth import get_user_model
-from django.contrib.auth.mixins import LoginRequiredMixin
-from django.urls import reverse
-from django.utils.translation import gettext_lazy as _
-from django.views.generic import DetailView, RedirectView, UpdateView
-
-User = get_user_model()
-
-
-class UserDetailView(LoginRequiredMixin, DetailView):
-    model = User
-    slug_field = "username"
-    slug_url_kwarg = "username"
-
-
-user_detail_view = UserDetailView.as_view()
-
-
-class UserUpdateView(LoginRequiredMixin, UpdateView):
-    model = User
-    fields = ["name"]
-
-    def get_success_url(self):
-        return reverse("users:detail", kwargs={"username": self.request.user.username})
-
-    def get_object(self):
-        return User.objects.get(username=self.request.user.username)
-
-    def form_valid(self, form):
-        messages.add_message(
-            self.request, messages.INFO, _("Infos successfully updated")
-        )
-        return super().form_valid(form)
-
-
-user_update_view = UserUpdateView.as_view()
-
-
-class UserRedirectView(LoginRequiredMixin, RedirectView):
-    permanent = False
-
-    def get_redirect_url(self):
-        return reverse("users:detail", kwargs={"username": self.request.user.username})
-
-
-user_redirect_view = UserRedirectView.as_view()
diff --git a/template/backend/{{copier__project_slug}}/utils/__init__.py b/template/backend/{{copier__project_slug}}/utils/__init__.py
deleted file mode 100644
index 2ce2620..0000000
--- a/template/backend/{{copier__project_slug}}/utils/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-from .debugger import pycharm_debugger, vscode_debugger # noqa: F401
diff --git a/template/backend/{{copier__project_slug}}/utils/cloud_storage.py b/template/backend/{{copier__project_slug}}/utils/cloud_storage.py
deleted file mode 100644
index e9c01d6..0000000
--- a/template/backend/{{copier__project_slug}}/utils/cloud_storage.py
+++ /dev/null
@@ -1,10 +0,0 @@
-from storages.backends.s3boto3 import S3Boto3Storage
-
-
-class S3StaticStorage(S3Boto3Storage):
-    location = "static"
-
-
-class S3MediaStorage(S3Boto3Storage):
-    location = "media"
-    file_overwrite = False
diff --git a/template/backend/{{copier__project_slug}}/utils/context_processors.py b/template/backend/{{copier__project_slug}}/utils/context_processors.py
deleted file mode 100644
index de40507..0000000
--- a/template/backend/{{copier__project_slug}}/utils/context_processors.py
+++ /dev/null
@@ -1,5 +0,0 @@
-from django.conf import settings
-
-
-def settings_context(_request):
-    return {"settings": settings}
diff --git a/template/backend/{{copier__project_slug}}/utils/debugger.py b/template/backend/{{copier__project_slug}}/utils/debugger.py
deleted file mode 100644
index 957bc41..0000000
--- a/template/backend/{{copier__project_slug}}/utils/debugger.py
+++ /dev/null
@@ -1,21 +0,0 @@
-import logging
-import os
-
-logger = logging.getLogger(__name__)
-
-
-def pycharm_debugger():
-    logger.info("Pycharm pydevd connecting...")
-    import pydevd_pycharm
-    host_ip = os.getenv("DOCKER_GATEWAY_IP")
-    try:
-        pydevd_pycharm.settrace(
-            host_ip, port=6400, stdoutToServer=True, stderrToServer=True, suspend=False
-        )
-    except ConnectionRefusedError:
-        msg = "Debugger connection failed. Check IDE debugger is running and try again. Continuing without debugger."
-        logger.error(msg.upper())
-
-
-def vscode_debugger():
-    raise NotImplementedError("VSCode debugger not implemented")
diff --git a/template/backend/{{copier__project_slug}}/utils/healthcheck.py b/template/backend/{{copier__project_slug}}/utils/healthcheck.py
deleted file mode 100644
index 540914c..0000000
--- a/template/backend/{{copier__project_slug}}/utils/healthcheck.py
+++ /dev/null
@@ -1,67 +0,0 @@
-import logging
-
-from django.http import HttpResponse, HttpResponseServerError
-
-logger = logging.getLogger("healthz")
-
-
-class HealthCheckMiddleware(object):
-    def __init__(self, get_response):
-        self.get_response = get_response
-        # One-time configuration and initialization.
-
-    def __call__(self, request):
-        if request.method == "GET":
-            if request.path == "/readiness":
-                return self.readiness(request)
-            elif request.path == "/healthz":
-                return self.healthz(request)
-        return self.get_response(request)
-
-    def healthz(self, request):
-        """
-        Returns that the server is alive.
-        """
-        return HttpResponse("OK")
-
-    def readiness(self, request):
-        # Connect to each database and do a generic standard SQL query
-        # that doesn't write any data and doesn't depend on any tables
-        # being present.
-        from django.db import connections
-
-        for name in connections:
-            cursor = None
-            connection = connections[name]
-            try:
-                cursor = connection.cursor()
-                cursor.execute("SELECT 1;")
-                row = cursor.fetchone()
-                if row is None:
-                    return HttpResponseServerError("db: invalid response")
-            except Exception as e:
-                logger.exception(e)
-                return HttpResponseServerError("db: cannot connect to database.")
-            finally:
-                if cursor:
-                    cursor.close()
-                connection.close()
-
-        # Call get_stats() to connect to each memcached instance and get its stats.
-        # This can effectively check if each is online.
-        try:
-            from django.core.cache import caches
-            from django.core.cache.backends.memcached import BaseMemcachedCache
-
-            for cache in caches.all():
-                if isinstance(cache, BaseMemcachedCache):
-                    stats = cache._cache.get_stats()
-                    if len(stats) != len(cache._servers):
-                        return HttpResponseServerError(
-                            "cache: cannot connect to cache."
-                        )
-        except Exception as e:
-            logger.exception(e)
-            return HttpResponseServerError("cache: cannot connect to cache.")
-
-        return HttpResponse("OK")
diff --git a/template/bitbucket-pipelines.yml b/template/bitbucket-pipelines.yml
deleted file mode 100644
index aa97b25..0000000
--- a/template/bitbucket-pipelines.yml
+++ /dev/null
@@ -1,62 +0,0 @@
-image: python:3.12
-
-definitions:
-  services:
-    docker:
-      memory: 3072
-
-    postgres:
-      image: postgres:17
-      environment:
-        POSTGRES_DB: {{ copier__project_slug }}
-        POSTGRES_USER: {{ copier__project_slug }}
-        POSTGRES_PASSWORD: TESTPASSWORD
-{% if copier__use_celery %}
-    redis:
-      image: redis:stable
-{% endif %}
-
-  steps:
-    - step: &backend-tests
-        name: Backend Tests
-        caches:
-          - pip
-        script:
-          - export DATABASE_URL=postgres://{{ copier__project_slug }}:TESTPASSWORD@localhost:5432/{{ copier__project_slug }}
-{% if copier__use_celery %}
-          - export CELERY_BROKER_URL=redis://127.0.0.1:6379/0
-{% endif %}
-          - CI=true make backend-test
-
-        services:
-{% if copier__use_celery %}
-          - redis
-{% endif %}
-          - postgres
-
-    - step: &check-lint-and-formatting
-        name: Check lint and formatting
-        caches:
-          - pip
-        script:
-          - make check-lint-and-formatting
-
-{% if copier__create_nextjs_frontend %}
-    - step: &check-lint-and-test-frontend
-        name: Frontend Lint & Typecheck & Test
-        image: node:20
-        caches:
-          - node
-        script:
-          - CI=true make check-lint-and-test-frontend
-
-{% endif %}
-
-pipelines:
-  default:
-    - parallel:
-      - step: *check-lint-and-formatting
-{% if copier__create_nextjs_frontend %}
-      - step: *check-lint-and-test-frontend
-{% endif %}
-      - step: *backend-tests
diff --git a/template/bootstrap-cluster/.env b/template/bootstrap-cluster/.env
index f27dbfb..47241c7 100644
--- a/template/bootstrap-cluster/.env
+++ b/template/bootstrap-cluster/.env
@@ -1,7 +1,2 @@
 TOFU_DIR=../terraform
-{%- if copier__operating_system == "talos" %}
-TALOS_FACTORY_IMAGE=factory.talos.dev/installer/10e276a06c1f86b182757a962258ac00655d3425e5957f617bdc82f06894e39b:v1.7.6
-{%- endif %}
-ARGOCD_VERSION=8.2.0
-REPO_URL={{ copier__repo_url }}
-REPO_NAME={{ copier__repo_name }}
+TALOS_FACTORY_IMAGE=factory.talos.dev/installer/10e276a06c1f86b182757a962258ac00655d3425e5957f617bdc82f06894e39b:v1.12.1
diff --git a/template/bootstrap-cluster/README.md b/template/bootstrap-cluster/README.md
index d90541f..e357fcd 100644
--- a/template/bootstrap-cluster/README.md
+++ b/template/bootstrap-cluster/README.md
@@ -1,44 +1,22 @@
-{%- if copier__operating_system == "talos" %}# Bootstrap Talos and ArgoCD
+# Bootstrap Talos
 
-After deploying infrastructure using Terraform, we can proceed with configuring
-Talos and bootstrapping ArgoCD.
+After deploying infrastructure using Terraform, we can proceed with configuring Talos and bootstrapping the Kubernetes cluster.
 
-Terraform is solely utilized for deploying infrastructure. Any subsequent
-configuration of Talos or ArgoCD is done using Taskfile tasks.
-{%- elif copier__operating_system == "k3s" %}# Bootstrap k3s and ArgoCD
+Terraform is solely utilized for deploying infrastructure. Any subsequent configuration of Talos is done using Taskfile tasks.
 
-After deploying infrastructure using Terraform, we can proceed with configuring
-k3s and bootstrapping ArgoCD.
+To view a list of tasks and their descriptions, navigate to the `bootstrap-cluster` directory and execute `task`.
 
-Terraform is solely utilized for deploying infrastructure. Any subsequent
-configuration of k3s or ArgoCD is done using Taskfile tasks.
-{%- endif %}
+Note that there is a directory for each environment: sandbox, staging, and production.
 
-To view a list of tasks and their descriptions, navigate to the
-`bootstrap-cluster` directory and execute `task`.
+We recommend opening the AWS serial console for each EC2 instance to monitor the bootstrap process.
 
-Note that there is a directory for each environment: sandbox, staging, and
-cluster.
+## Bootstrapping Talos
 
-We recommend opening the AWS serial console for each ec2 instance to monitor the
-bootstrap process.
-
-{%- if copier__operating_system == "talos" %}
-
-### Bootstrapping Talos
-
-{%- elif copier__operating_system == "k3s" %}
-
-### Bootstrapping k3s
-
-{%- endif %}
-
-1. Navigate to the directory corresponding to the environment being set up and
-   run:
+1. Navigate to the bootstrap-cluster directory and set the environment:
 
    ```shell
+   cd bootstrap-cluster
    export ENV=sandbox
-   cd $ENV
    ```
 
 2. Review the `.env` file for the given environment:
@@ -48,9 +26,7 @@ bootstrap process.
    CLUSTER_NAME: "{{ copier__project_dash }}-sandbox"
    ```
 
-{%- if copier__operating_system == "talos" %}
-   Note that we use a Talos factory image. This image contains a system
-   extension that provides the ECR credential provider.
+   Note that we use a Talos factory image. This image contains a system extension that provides the ECR credential provider.
 
    ```
    siderolabs/ecr-credential-provider (v1.28.1)
@@ -59,8 +35,7 @@ bootstrap process.
        CredentialProvider API to authenticate against AWS' Elastic Container
        Registry and pull images.
    ```
-{%- endif %}
-{%- if copier__operating_system == "talos" %}
+
 3. Bootstrap Talos with the following command:
 
    ```
@@ -81,72 +56,40 @@ bootstrap process.
        - task: store_controlplane_config
        - task: store_talosconfig
        - task: apply_talos_config
-       - sleep 30
+       - sleep 60
        - task: bootstrap_kubernetes
-       - sleep 30
+       - sleep 60
        - task: generate_kubeconfig
        - task: store_kubeconfig
        - task: upgrade_talos
-       - task: enable_ecr_credential_helper
    ```
 
-   It takes a few minutes for the cluster nodes to register as etcd
-   members and synchronize.
+   It takes a few minutes for the cluster nodes to register as etcd members and synchronize.
 
-{%- elif copier__operating_system == "k3s" %}
-3. Bootstrap k3s with the following command:
+   When the bootstrap completes successfully, you should see output similar to:
 
    ```
-   task k3s:bootstrap
+   Upgrading Talos on <node-public-ip>
+   watching nodes: [<node-public-ip>]
+       * <node-public-ip>: post check passed
    ```
 
-   To understand what this task will do, examine the Taskfile configuration:
+   This indicates the Talos upgrade has completed successfully.
 
-   ```yaml
-   bootstrap:
-     desc: |
-       Run all tasks required to bootstrap k3s and Kubernetes cluster.
-     requires:
-       vars: [ENV]
-     cmds:
-       - task: save-node-ips
-       - task: setup-ssh-key
-       - task: install-k3s
-       - task: fetch-kubeconfig
-       - task: store-kubeconfig
-       - task: enable-ecr-credential-helper
-   ```
-
-   It takes a few minutes for the cluster nodes to register as etcd
-   members and synchronize.
-
-{%- endif %}
-
-   If the cluster fails to bootstrap, refer to the Troubleshooting section
-   below.
+   If the cluster fails to bootstrap, refer to the Troubleshooting section below.
 
-{%- if copier__operating_system == "talos" %}
 4. Verify the health of your cluster with:
 
     ```shell
     task talos:health
     ```
 
-    5. Test kubectl access:
-
-       ```shell
-       eval $(task talos:kubeconfig)
-       kubectl cluster-info
-       ```
-{%- elif copier__operating_system == "k3s" %}
-
-4. Test kubectl access:
+5. Test kubectl access:
 
    ```shell
-   eval $(task k3s:kubeconfig)
+   eval $(task talos:kubeconfig)
    kubectl cluster-info
    ```
-{%- endif %}
 
    This should return output similar to the following:
 
@@ -158,131 +101,46 @@ bootstrap process.
    To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
    ```
 
-### Bootstrapping ArgoCD
-
-1. Review the branches used for deployment to the sandbox, staging and
-   production environments. The default configuration will release the `develop`
-   branch to the Sandbox and the `main` branch to the Production environment.
-   Make sure to make the `develop` branch the default branch for PRs on a newly
-   created Git repository.
-
-   Review the branch rule in `bootstrap_root_app` job in
-   `bootstrap-cluster/argocd.yaml`:
-
-   ```
-   vars:
-     BRANCH:
-       sh: ([ "$ENV" = "production" ] && echo "main" || echo "develop")
-   ```
-
-   Review the `targetRevision` in the `kustomization.yaml` files shown below:
-
-   `argocd/sandbox/apps/kustomization.yaml`:
-
-   ```
-   patches:
-   - patch: |-
-       - op: replace
-         path: /spec/source/targetRevision
-         value: develop
-     target:
-       kind: Application
-       name: ingress
-   ...
-   - patch: |-
-       - op: replace
-         path: /spec/source/targetRevision
-         value: develop
-     target:
-       kind: Application
-       name: {{ copier__project_slug }}-prod
-   ```
-
-   `argocd/prod/apps/kustomization.yaml`:
+## Troubleshooting
 
-   ```
-   patches:
-   - patch: |-
-       - op: replace
-         path: /spec/source/targetRevision
-         value: main
-     target:
-       kind: Application
-       name: ingress
-   ```
+### Bootstrap fails with "secret already exists"
 
-2. Next, we need to create a GitHub deploy key to allow ArgoCD to monitor the
-   repo. This step requires access to the 1password vault for your project.
+If you see an error like:
+```
+An error occurred (ResourceExistsException) when calling the CreateSecret operation:
+The operation failed because the secret sandbox_talosconfig_yaml already exists.
+```
 
-   Review the vault name in the `op` cli command in
-   `bootstrap-cluster/argocd.yaml`:
+This means you've already run bootstrap before. To restart the bootstrap process:
 
-   ```
-      - op item create
-          ...
-          --vault='{{ copier__project_name }}'
+1. Delete existing secrets and configs:
+   ```shell
+   task talos:reset_config
    ```
 
-   Sign into 1password with `op signin` and generate the deploy key:
-
+2. Run bootstrap again:
    ```shell
-   task argocd:generate_github_deploy_key
+   task talos:bootstrap
    ```
 
-3. Add the deploy key to your Git repository
+**Note:** This is intentionally designed to fail loudly to prevent accidentally overwriting credentials for an existing cluster.
 
-4. Proceed with installing ArgoCD by executing:
+### Bootstrap fails completely
 
-   ```shell
-   task argocd:bootstrap
-   ```
-
-The `argocd:bootstrap` task configuration is as follows:
+If bootstrapping Talos fails, we recommend resetting the config files and recreating EC2 instances before trying again.
 
-```
-  bootstrap:
-      desc: Setup ArgoCD
-      cmds:
-        - task: install
-        - task: create_repo_credentials_secret
-        - task: bootstrap_root_app
-```
+1. Reset config and state with `task talos:reset_config` for the given environment.
 
-5. ArgoCD will install the Sealed Secrets operator in the cluster. Once it is
-   installed, we can generate secrets for the given environment.
+2. Destroy and recreate EC2 instances:
 
    ```shell
-   cd ..
-   make debug-$ENV-secrets
-   make $ENV-secrets
+   cd ../terraform/$ENV/
+   tofu destroy \
+     -target "module.cluster.module.control_plane_nodes[0].aws_instance.this[0]" \
+     -target "module.cluster.module.control_plane_nodes[1].aws_instance.this[0]" \
+     -target "module.cluster.module.control_plane_nodes[2].aws_instance.this[0]"
+   tofu plan -out="tfplan.out"
+   tofu apply tfplan.out
    ```
 
-6. Commit the `secrets.yaml` file for the given environment and push it to the
-   repo.
-
-## Troubleshooting
-
-{%- if copier__operating_system == "talos" %}
-If bootstrapping Talos fails, we recommend resetting the config files and
-recreating ec2 instances before trying again.
-
-1. Reset config and state with `task talos:reset_config` for the given
-   environment.
-
-2. Destroy and recreate ec2 instances:
-
-   cd ../terraform/$ENV/
-   terraform destroy \
-    -target "module.cluster.module.control_plane_nodes[0].aws_instance.this[0]" \
-    -target "module.c luster.module.control_plane_nodes[1].aws_instance.this[0]" \
-    -target "module.c luster.module.control_plane_nodes[1].aws_instance.this[0]"
-   terraform plan -out="tfplan.out"
-   terraform apply tfplan.out
-{%- elif copier__operating_system == "k3s" %}
-If bootstrapping k3s fails, we recommend uninstalling k3s from each node and
-boostrapping from scratch.
-
-```shell
-task k3s:uninstall-k3s
-```
-{%- endif %}
+3. Try bootstrapping again from step 3.
diff --git a/template/bootstrap-cluster/Taskfile.yml b/template/bootstrap-cluster/Taskfile.yml
index 1113211..1213262 100644
--- a/template/bootstrap-cluster/Taskfile.yml
+++ b/template/bootstrap-cluster/Taskfile.yml
@@ -2,13 +2,9 @@ version: '3'
 vars:
   ENV: {{ "'{{.ENV}}'" }}
 
-includes:
-  argocd:
-    taskfile: ./argocd.yaml
-    vars:
-      ENV: {{ "'{{.ENV}}'" }}
-      ARGOCD_VERSION: {{ "'{{.ARGOCD_VERSION}}'" }}
+dotenv: ['.env', '{{ "{{.ENV}}" }}/.env']
 
+includes:
   talos:
     taskfile: ./talos.yaml
     vars:
diff --git a/template/bootstrap-cluster/argocd.yaml b/template/bootstrap-cluster/argocd.yaml
deleted file mode 100644
index 13dace0..0000000
--- a/template/bootstrap-cluster/argocd.yaml
+++ /dev/null
@@ -1,180 +0,0 @@
-version: '3'
-silent: true
-
-env:
-  GITHUB_DEPLOY_KEY_TITLE: "{{ copier__project_name }} ArgoCD GitHub Deploy Key"
-
-tasks:
-  generate_github_deploy_key:
-    desc: |
-      Generate a GitHub deploy key and store it in AWS Parameter Store
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        set -e
-        TMP_DIR=$(mktemp -d)
-        ssh-keygen -t ed25519 -f $TMP_DIR/id_ed25519 -q -N ""
-        aws ssm put-parameter \
-          --name "/{{ copier__project_slug }}/{{ '{{.ENV}}' }}/argocd/github_deploy_key" \
-          --value "file://$TMP_DIR/id_ed25519" \
-          --type SecureString --overwrite
-        aws ssm put-parameter \
-          --name "/{{ copier__project_slug }}/{{ '{{.ENV}}' }}/argocd/github_deploy_key.pub" \
-          --value "file://$TMP_DIR/id_ed25519.pub" \
-          --type String --overwrite
-        rm -rf $TMP_DIR
-
-  add_github_deploy_key:
-    desc: Add the public key to the GitHub repository as a deploy key
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        set -e
-        KEY_ID=$(gh repo deploy-key list | grep "$GITHUB_DEPLOY_KEY_TITLE" | cut -f1)
-        if [ -n "$KEY_ID" ]; then
-          echo "Deleting existing deploy key '$GITHUB_DEPLOY_KEY_TITLE'..."
-          gh repo deploy-key delete "$KEY_ID"
-        fi
-        TMP_DIR=$(mktemp -d)
-        aws ssm get-parameter \
-          --name "/{{ copier__project_slug }}/{{ '{{.ENV}}' }}/argocd/github_deploy_key.pub" \
-          --query Parameter.Value --output text > $TMP_DIR/id_ed25519.pub
-        echo "Adding new deploy key '$GITHUB_DEPLOY_KEY_TITLE'..."
-        gh repo deploy-key add $TMP_DIR/id_ed25519.pub --title "$GITHUB_DEPLOY_KEY_TITLE"
-        rm -rf $TMP_DIR
-
-  bootstrap:
-    desc: Setup ArgoCD
-    requires:
-      vars: [ENV]
-    cmds:
-      - task: install
-        vars: {ENV: {{ "'{{.ENV}}'" }}, ARGOCD_VERSION: {{ "'{{.ARGOCD_VERSION}}'" }}}
-      - task: generate_github_deploy_key
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: add_github_deploy_key
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: create_repo_credentials_secret
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: bootstrap_root_app
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: monitor_sealed_secrets
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: generate_sealed_secrets
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: commit_sealed_secrets
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-
-  install:
-    desc: Deploy ArgoCD using Helm
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - helm repo add argocd https://argoproj.github.io/argo-helm
-      - helm repo update
-      - helm install argocd argo-cd
-          --repo https://argoproj.github.io/argo-helm
-          --version {{ '{{.ARGOCD_VERSION}}' }}
-          --namespace argocd
-          --create-namespace
-          --set configs.params.server.insecure=true
-
-  create_repo_credentials_secret:
-    requires:
-      vars: [ENV]
-    vars:
-      GITHUB_DEPLOY_KEY_B64:
-        sh: aws ssm get-parameter --name "/{{ copier__project_slug }}/{{ '{{.ENV}}' }}/argocd/github_deploy_key" --with-decryption --query Parameter.Value --output text | base64 -w0
-    desc: Create and apply repo credentials secret for each repo
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - |
-        cat <<EOF | kubectl apply -f -
-        apiVersion: v1
-        kind: Secret
-        metadata:
-          name: {{ '{{printf "%s-repocreds" .REPO_NAME}}' }}
-          namespace: argocd
-          labels:
-            argocd.argoproj.io/secret-type: repository
-        data:
-          type: {{ '{{"git" | b64enc}}' }}
-          url: {{ '{{.REPO_URL | b64enc}}' }}
-          sshPrivateKey: {{ '{{.GITHUB_DEPLOY_KEY_B64}}' }}
-        EOF
-
-  create_github_webhook_secret:
-    requires:
-      vars: [ARGOCD_GITHUB_ACCESS_TOKEN, ENV]
-    desc: |
-      Create GitHub webhook secret and apply
-
-      Usage: ARGOCD_GITHUB_ACCESS_TOKEN="secret token" task argocd:create_github_webhook_secret
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - kubectl -n argocd create secret generic github-token
-          --from-literal=token="{{ '{{ARGOCD_GITHUB_ACCESS_TOKEN}}' }}"
-          --dry-run=client -o yaml | kubectl apply -f -
-
-  bootstrap_root_app:
-    requires:
-      vars: [ENV]
-    vars:
-      BRANCH:
-        sh: ([ "$ENV" = "production" ] && echo "main" || echo "develop")
-    desc: Bootstrap the Cluster
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - |
-        export ENV="{{ '{{.ENV}}' }}" && \
-        export BRANCH="{{ '{{.BRANCH}}' }}" && \
-        cat root-app.template.yaml | envsubst | kubectl apply -f -
-
-  monitor_sealed_secrets:
-    desc: Monitor the cluster until the sealed secrets operator is installed
-    requires:
-      vars: [ENV]
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - |
-        echo "Waiting for sealed-secrets-controller pod to be created..."
-        until kubectl get pod -n kube-system -l app.kubernetes.io/name=sealed-secrets -o jsonpath='{.items[0].metadata.name}' >/dev/null 2>&1; do
-          sleep 5
-        done
-        echo "Pod created. Waiting for it to be ready..."
-        kubectl wait --for=condition=ready pod -n kube-system -l app.kubernetes.io/name=sealed-secrets --timeout=120s
-        echo "Waiting for sealed-secrets-controller service to be available..."
-        until kubectl get endpoints -n kube-system sealed-secrets-controller -o jsonpath='{.subsets[?(@.addresses)].addresses[0].ip}' >/dev/null 2>&1; do
-          sleep 5
-        done
-        echo "sealed-secrets-controller is ready."
-
-  generate_sealed_secrets:
-    desc: Generate sealed secrets for the environment
-    requires:
-      vars: [ENV]
-    env:
-      KUBECONFIG: "{{ '{{.ENV}}' }}/kubeconfig"
-    cmds:
-      - |
-        AWS_S3_ACCESS_KEY_ID=$(tofu -chdir=../terraform/{{ '{{.ENV}}' }} output -raw cnpg_user_access_key) \
-        AWS_S3_SECRET_ACCESS_KEY=$(tofu -chdir=../terraform/{{ '{{.ENV}}' }} output -raw cnpg_user_secret_key) \
-        DJANGO_SECRET_KEY=$(LC_CTYPE=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32; echo) \
-        ENVIRONMENT={{ '{{.ENV}}' }} \
-        envsubst < ../k8s/templates/secrets.yaml.template | kubeseal -n {{ copier__rfc1123_subdomain }}-{{ '{{.ENV}}' }} --format yaml > ../k8s/{{ '{{.ENV}}' }}/secrets.yaml
-
-  commit_sealed_secrets:
-    desc: Commit and push the sealed secrets
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        git add ../k8s/{{ '{{.ENV}}' }}/secrets.yaml
-        git commit -m "feat(secrets): add sealed secrets for {{ '{{.ENV}}' }}"
-        git push
diff --git a/template/bootstrap-cluster/k3s.yaml b/template/bootstrap-cluster/k3s.yaml
deleted file mode 100644
index f92b5fd..0000000
--- a/template/bootstrap-cluster/k3s.yaml
+++ /dev/null
@@ -1,247 +0,0 @@
----
-version: '3'
-silent: true
-vars:
-  ENV: {{ "'{{.ENV}}'" }}
-
-tasks:
-  bootstrap:
-    desc: |
-      Run all tasks required to bootstrap k3s and Kubernetes cluster.
-    requires:
-      vars: [ENV]
-    cmds:
-      - task: save-node-ips
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: setup-ssh-key
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: install-ecr-credential-helper
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: install-k3s
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: fetch-kubeconfig
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-      - task: store-kubeconfig
-        vars: {ENV: {{ "'{{.ENV}}'" }}}
-
-  save-node-ips:
-    desc: Save node IPs to files for later reference
-    requires:
-      vars: [ENV]
-    cmds:
-      - tofu -chdir=../terraform/{{ '{{.ENV}}' }} output control_plane_nodes_public_ips | sed 's/"//g; s/,/\n/g' > {{ '{{.ENV}}' }}/public_ips.txt
-      - tofu -chdir=../terraform/{{ '{{.ENV}}' }} output control_plane_nodes_private_ips | sed 's/"//g; s/,/\n/g' > {{ '{{.ENV}}' }}/private_ips.txt
-
-  setup-ssh-key:
-    desc: Extract and save SSH key from terraform output
-    cmds:
-      - tofu -chdir=../terraform/{{ '{{.ENV}}' }} output -raw private_deploy_key > {{ '{{.ENV}}' }}/id_ed25519
-      - chmod 600 {{ '{{.ENV}}' }}/id_ed25519
-
-  ssh-server-node:
-    vars:
-      IP:
-        sh: head -n1 {{ '{{.ENV}}' }}/public_ips.txt
-    requires:
-      vars: [ENV]
-    cmds:
-      - TERM=xterm-256color ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@{{ '{{.IP}}' }}
-
-  install-ecr-credential-helper:
-    desc: |
-      Install the ECR credential helper on all control plane nodes.
-    vars:
-      NODE_IPS:
-        sh: cat {{ '{{.ENV}}' }}/public_ips.txt
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        for ip in $(echo "{{ '{{.NODE_IPS}}' }}"); do
-          echo "Installing ECR credential helper on $ip..."
-          # Download and install the ECR credential provider
-          ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@$ip \
-            'sudo wget https://artifacts.k8s.io/binaries/cloud-provider-aws/v1.29.0/linux/amd64/ecr-credential-provider-linux-amd64 -O /usr/local/bin/ecr-credential-provider && \
-             sudo chmod +x /usr/local/bin/ecr-credential-provider'
-
-          # Create credential provider config
-          ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@$ip \
-            'sudo mkdir -p /etc/rancher/k3s && \
-             echo "apiVersion: kubelet.config.k8s.io/v1
-        kind: CredentialProviderConfig
-        providers:
-          - name: ecr-credential-provider
-            matchImages:
-              - \"*.dkr.ecr.*.amazonaws.com\"
-            defaultCacheDuration: \"12h\"
-            apiVersion: credentialprovider.kubelet.k8s.io/v1" | sudo tee /etc/rancher/k3s/credential-provider-config.yaml'
-        done
-
-  install-k3s:
-    desc: Install k3s on nodes
-    vars:
-      PUBLIC_IPS:
-        sh: cat {{ '{{.ENV}}' }}/public_ips.txt
-      PRIVATE_IPS:
-        sh: cat {{ '{{.ENV}}' }}/private_ips.txt
-      FIRST_PUBLIC_IP:
-        sh: head -n1 {{ '{{.ENV}}' }}/public_ips.txt
-      FIRST_PRIVATE_IP:
-        sh: head -n1 {{ '{{.ENV}}' }}/private_ips.txt
-      OTHER_PUBLIC_IPS:
-        sh: tail -n +2 {{ '{{.ENV}}' }}/public_ips.txt
-      OTHER_PRIVATE_IPS:
-        sh: tail -n +2 {{ '{{.ENV}}' }}/private_ips.txt
-      NODE_COUNT:
-        sh: wc -l < {{ '{{.ENV}}' }}/public_ips.txt
-      K3S_TOKEN:
-        sh: tr -dc A-Za-z0-9 </dev/urandom | head -c 13
-    requires:
-      vars: [ENV]
-    silent: true
-    cmds:
-      - |
-        # Install first node
-        CLUSTER_INIT=""
-        if [ "{{ '{{.NODE_COUNT}}' }}" -gt 1 ]; then
-          CLUSTER_INIT="--cluster-init"
-        fi
-        ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 \
-          ubuntu@{{ '{{.FIRST_PUBLIC_IP}}' }} \
-          'curl -sfL https://get.k3s.io | K3S_TOKEN={{ '{{.K3S_TOKEN}}' }} \
-          INSTALL_K3S_EXEC="server {{ '{{.CLUSTER_INIT}}' }} \
-          --tls-san {{ '{{.FIRST_PUBLIC_IP}}' }} --tls-san {{ '{{.FIRST_PRIVATE_IP}}' }} \
-          --node-ip {{ '{{.FIRST_PRIVATE_IP}}' }} \
-          --advertise-address {{ '{{.FIRST_PRIVATE_IP}}' }} \
-          --disable=traefik \
-          --image-credential-provider-config /etc/rancher/k3s/credential-provider-config.yaml \
-          --image-credential-provider-bin-dir /usr/local/bin" \
-          K3S_KUBECONFIG_MODE="644" sh -s -'
-
-        # Wait briefly then check k3s service status
-        echo "Waiting 5s for k3s service to initialize on {{ '{{.FIRST_PUBLIC_IP}}' }}..."
-        sleep 5
-        if ! ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@{{ '{{.FIRST_PUBLIC_IP}}' }} 'systemctl is-failed --quiet k3s'; then
-          echo "k3s service initialized successfully"
-        else
-          echo "k3s service failed to start properly"
-          exit 1
-        fi
-
-      - |
-        # Install other nodes if they exist
-        if [ "{{ '{{.NODE_COUNT}}' }}" -gt 1 ]; then
-          for ip in $(echo "{{ '{{.OTHER_PUBLIC_IPS}}' }}"); do
-            i=$((i+1))
-            PUBLIC_IP=$(echo "{{ '{{.OTHER_PUBLIC_IPS}}' }}" | sed -n "${i}p")
-            PRIVATE_IP=$(echo "{{ '{{.OTHER_PRIVATE_IPS}}' }}" | sed -n "${i}p")
-            echo "Installing $PUBLIC_IP..."
-            ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@$PUBLIC_IP \
-              'curl -sfL https://get.k3s.io | K3S_TOKEN={{ '{{.K3S_TOKEN}}' }} \
-              INSTALL_K3S_EXEC="server --server https://{{ '{{.FIRST_PRIVATE_IP}}' }}:6443 \
-              --tls-san {{ '{{.FIRST_PUBLIC_IP}}' }} --tls-san {{ '{{.FIRST_PRIVATE_IP}}' }} \
-              --node-ip '$PRIVATE_IP' \
-              --disable=traefik \
-              --image-credential-provider-config /etc/rancher/k3s/credential-provider-config.yaml \
-              --image-credential-provider-bin-dir /usr/local/bin" \
-              K3S_KUBECONFIG_MODE="644" sh -s -'
-          done
-        fi
-
-  fetch-kubeconfig:
-    desc: Fetch and modify kubeconfig from first control plane node
-    requires:
-      vars: [ENV]
-    vars:
-      IP:
-        sh: head -n1 {{ '{{.ENV}}' }}/public_ips.txt
-    cmds:
-      - |
-        if [ -f {{ '{{.ENV}}' }}/kubeconfig ]; then
-          cp {{ '{{.ENV}}' }}/kubeconfig {{ '{{.ENV}}' }}/kubeconfig.bak.$(date +%Y%m%d_%H%M%S)
-        fi
-        scp -o StrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@{{ '{{.IP}}' }}:/etc/rancher/k3s/k3s.yaml {{ '{{.ENV}}' }}/kubeconfig
-      - sed -i'' -e "s/127.0.0.1/{{ '{{.IP}}' }}/g" {{ '{{.ENV}}' }}/kubeconfig
-      - sed -i'' -e "s/default/{{copier__project_slug}}-{{ '{{.ENV}}' }}/g" {{ '{{.ENV}}' }}/kubeconfig
-      - chmod 600 {{ '{{.ENV}}' }}/kubeconfig
-
-  store-kubeconfig:
-    desc: |
-      Store the Kubernetes kubeconfig file in AWS Secrets Manager.
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-       if aws secretsmanager describe-secret --secret-id "{{copier__project_slug}}_{{ '{{.ENV}}' }}_kubeconfig" >/dev/null 2>&1; then
-          aws secretsmanager put-secret-value \
-            --secret-id "{{copier__project_slug}}_{{ '{{.ENV}}' }}_kubeconfig" \
-            --secret-string "$(base64 -w0 {{ '{{.ENV}}' }}/kubeconfig)" > /dev/null
-        else
-          aws secretsmanager create-secret \
-            --name "{{copier__project_slug}}_{{ '{{.ENV}}' }}_kubeconfig" \
-            --secret-string "$(base64 -w0 {{ '{{.ENV}}' }}/kubeconfig)" > /dev/null
-        fi
-  delete-all-secrets:
-    desc: |
-      Delete all related secrets from AWS Secrets Manager.
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        aws secretsmanager delete-secret \
-          --secret-id "{{copier__project_slug}}_{{ '{{.ENV}}' }}_kubeconfig" \
-          --force-delete-without-recovery > /dev/null 2>&1
-
-  reset-config:
-    desc: |
-      Remove all config files and delete secrets in AWS Secrets Manager
-    requires:
-      vars: [ENV]
-    cmds:
-      - task: delete_all_secrets
-      - cd {{ '{{.ENV}}' }} && rm -f kubeconfig
-
-  kubeconfig:
-    desc: |
-      Retrieve the Kubeconfig for a given cluster
-
-      Since the commands run in sub-shell you can eval the output to export
-      KUBECONFIG to your current shell:
-
-        eval $(task k3s:kubeconfig)
-    silent: true
-    cmds:
-      - echo "export KUBECONFIG=$(pwd)/{{ '{{.ENV}}' }}/kubeconfig"
-
-  uninstall-k3s:
-    desc: Uninstall k3s from all nodes
-    vars:
-      PUBLIC_IPS:
-        sh: cat {{ '{{.ENV}}' }}/public_ips.txt
-    requires:
-      vars: [ENV]
-    silent: true
-    cmds:
-      - |
-        for ip in $(echo "{{ '{{.PUBLIC_IPS}}' }}"); do
-          echo "Uninstalling k3s from $ip..."
-          ssh -oStrictHostKeyChecking=no -i {{ '{{.ENV}}' }}/id_ed25519 ubuntu@$ip \
-            '/usr/local/bin/k3s-uninstall.sh'
-        done
-
-  fetch-config:
-    desc: |
-      Fetch kubeconfig from AWS Secrets
-      Manager.
-    requires:
-      vars: [ENV]
-    cmds:
-      - |
-        if [ -f {{ '{{.ENV}}' }}/kubeconfig ]; then
-          cp {{ '{{.ENV}}' }}/kubeconfig {{ '{{.ENV}}' }}/kubeconfig.bak.$(date +%Y%m%d_%H%M%S)
-        fi
-        aws secretsmanager get-secret-value \
-          --secret-id "{{copier__project_slug}}_{{ '{{.ENV}}' }}_kubeconfig" | \
-          yq ".SecretString" | tr -d '"' | \
-          base64 -d > ./{{ '{{.ENV}}' }}/kubeconfig
-      - chmod 600 {{ '{{.ENV}}' }}/kubeconfig
diff --git a/template/bootstrap-cluster/production/.env b/template/bootstrap-cluster/production/.env
index 23bfad7..88f4368 100644
--- a/template/bootstrap-cluster/production/.env
+++ b/template/bootstrap-cluster/production/.env
@@ -1,2 +1,2 @@
-CONTROL_PLANE_ENDPOINT="https://k8s.{{ copier__domain_name }}:6443"
+CONTROL_PLANE_ENDPOINT="https://k8s.prod.{{ copier__domain_name }}:6443"
 CLUSTER_NAME="{{ copier__project_dash }}-prod"
diff --git a/template/bootstrap-cluster/root-app.template.yaml b/template/bootstrap-cluster/root-app.template.yaml
deleted file mode 100644
index d4657bb..0000000
--- a/template/bootstrap-cluster/root-app.template.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: root
-  namespace: argocd
-  creationTimestamp: null
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-  labels:
-    app.kubernetes.io/name: root
-spec:
-  destination:
-    namespace: argocd
-    server: https://kubernetes.default.svc
-  project: default
-  source:
-    path: argocd/${ENV}/apps
-    repoURL: {{ copier__repo_url }}
-    targetRevision: ${BRANCH}
-  syncPolicy:
-    automated:
-      allowEmpty: true
-      prune: true
-      selfHeal: true
-    syncOptions:
-    - allowEmpty=true
diff --git a/template/bootstrap-cluster/talos.yaml b/template/bootstrap-cluster/talos.yaml
index 87c3a73..0503b45 100644
--- a/template/bootstrap-cluster/talos.yaml
+++ b/template/bootstrap-cluster/talos.yaml
@@ -1,7 +1,4 @@
 version: '3'
-env:
-  TALOSCONFIG: ./{{ '{{.ENV}}' }}/talosconfig
-  KUBECONFIG: ./{{ '{{.ENV}}' }}/kubeconfig
 tasks:
   bootstrap:
     desc: |
@@ -19,11 +16,16 @@ tasks:
       - sleep 60
       - task: generate_kubeconfig
       - task: store_kubeconfig
-      - task: upgrade_talos
+      # - task: upgrade_talos
   generate_configs:
     desc: |
       Generate the initial Talos configuration files for the control plane
       and Talos nodes.
+    vars:
+      PUBLIC_IPS:
+        sh: |
+          tofu -chdir={{ '{{.TOFU_DIR}}' }}/{{ '{{.ENV}}' }} \
+            output -raw control_plane_nodes_public_ips
     cmds:
       - |
         talosctl gen config {{ '{{.CLUSTER_NAME}}' }} {{ '{{.CONTROL_PLANE_ENDPOINT}}' }} \
@@ -31,6 +33,7 @@ tasks:
           --output ./{{ '{{.ENV}}' }}/ \
           --config-patch @patches/patch-machine.yaml \
           --config-patch-control-plane @patches/patch-control-plane.yaml \
+          --additional-sans {{ '{{.PUBLIC_IPS}}' }} \
           --with-examples=false \
           --with-docs=false
   set_node_ips:
@@ -45,18 +48,21 @@ tasks:
     requires:
       vars: [ENV]
     cmds:
-      - talosctl --talosconfig $TALOSCONFIG config endpoint {{ '{{.EC2_HOSTS}}' }}
+      - talosctl --talosconfig ./{{ '{{.ENV}}' }}/talosconfig config endpoint {{ '{{.EC2_HOSTS}}' }}
+      - |
+        echo "✅ Endpoints set in talosconfig:"
+        grep -A 3 "endpoints:" ./{{ '{{.ENV}}' }}/talosconfig | head -5
   apply_talos_config:
     desc: |
       Apply the Talos configuration to all nodes in the control plane.
     cmds:
       - |
-        for node in $(yq -r '.contexts[].endpoints[]' $TALOSCONFIG); do \
+        for node in $(yq -r '.contexts[].endpoints[]' ./{{ '{{.ENV}}' }}/talosconfig); do \
           echo "Applying config to $node" && \
           talosctl apply-config \
             --insecure \
             --nodes $node \
-            --talosconfig $TALOSCONFIG \
+            --talosconfig ./{{ '{{.ENV}}' }}/talosconfig \
             --file ./{{ '{{.ENV}}' }}/controlplane.yaml; \
         done
   bootstrap_kubernetes:
@@ -66,10 +72,10 @@ tasks:
       FIRST_NODE:
         sh: |
           tofu -chdir={{ '{{.TOFU_DIR}}' }}/{{ '{{.ENV}}' }} \
-            output -raw control_plane_nodes_private_ips | \
+            output -raw control_plane_nodes_public_ips | \
             cut -d',' -f1
     cmds:
-      - talosctl bootstrap --talosconfig $TALOSCONFIG --nodes {{ '{{.FIRST_NODE}}' }}
+      - talosctl bootstrap --talosconfig ./{{ '{{.ENV}}' }}/talosconfig --nodes {{ '{{.FIRST_NODE}}' }}
   generate_kubeconfig:
     desc: |
       Generate the kubeconfig file to access the Kubernetes cluster using
@@ -78,19 +84,24 @@ tasks:
       FIRST_NODE:
         sh: |
           tofu -chdir={{ '{{.TOFU_DIR}}' }}/{{ '{{.ENV}}' }} \
-            output -raw control_plane_nodes_private_ips | \
+            output -raw control_plane_nodes_public_ips | \
             cut -d',' -f1
     cmds:
-      - talosctl kubeconfig $KUBECONFIG --talosconfig $TALOSCONFIG --nodes {{ '{{.FIRST_NODE}}' }} --force
+      - talosctl kubeconfig ./{{ '{{.ENV}}' }}/kubeconfig --talosconfig ./{{ '{{.ENV}}' }}/talosconfig --nodes {{ '{{.FIRST_NODE}}' }} --force
   upgrade_talos:
     desc: |
       Upgrade Talos on all control plane nodes to a specified version.
+    vars:
+      CONTROL_PLANE_PUBLIC_IPS:
+        sh: |
+          tofu -chdir={{ '{{.TOFU_DIR}}' }}/{{ '{{.ENV}}' }} \
+            output -raw control_plane_nodes_public_ips | tr ',' ' '
     cmds:
       #- task: health
       - |
-        for node in $(echo "{{ '{{.CONTROL_PLANE_PRIVATE_IPS}}' }}"); do
+        for node in {{ '{{.CONTROL_PLANE_PUBLIC_IPS}}' }}; do
           echo "Upgrading Talos on $node" && \
-          talosctl upgrade --talosconfig $TALOSCONFIG --nodes $node --image {{ '{{.TALOS_FACTORY_IMAGE}}' }}; \
+          talosctl upgrade --talosconfig ./{{ '{{.ENV}}' }}/talosconfig --nodes $node --image {{ '{{.TALOS_FACTORY_IMAGE}}' }}; \
         done
   store_talosconfig:
     desc: |
@@ -101,7 +112,7 @@ tasks:
       - |
         aws secretsmanager create-secret \
           --name "{{ '{{.ENV}}' }}_talosconfig_yaml" \
-          --secret-string "$(base64 -w0 $TALOSCONFIG)"
+          --secret-string "$(base64 -w0 ./{{ '{{.ENV}}' }}/talosconfig)"
   store_controlplane_config:
     desc: |
       Store the Talos control plane configuration file in AWS Secrets
@@ -122,7 +133,7 @@ tasks:
       - |
         aws secretsmanager create-secret \
           --name "{{ '{{.ENV}}' }}_kubeconfig" \
-          --secret-string "$(base64 -w0 $KUBECONFIG)"
+          --secret-string "$(base64 -w0 ./{{ '{{.ENV}}' }}/kubeconfig)"
   health:
     desc: |
       Check the health of the Talos cluster.
@@ -130,33 +141,31 @@ tasks:
       FIRST_NODE:
         sh: |
           tofu -chdir={{ '{{.TOFU_DIR}}' }}/{{ '{{.ENV}}' }} \
-            output -raw control_plane_nodes_private_ips | \
+            output -raw control_plane_nodes_public_ips | \
             cut -d',' -f1
     cmds:
-      - talosctl health --talosconfig $TALOSCONFIG --nodes {{ '{{.FIRST_NODE}}' }}
+      - talosctl health --talosconfig ./{{ '{{.ENV}}' }}/talosconfig --nodes {{ '{{.FIRST_NODE}}' }}
   services:
     desc: |
       Check service status on all notes.
     cmds:
       - |
-        for node in $(yq -r '.contexts[].endpoints[]' $TALOSCONFIG); do
-          talosctl service --talosconfig $TALOSCONFIG --nodes $node;
+        for node in $(yq -r '.contexts[].endpoints[]' ./{{ '{{.ENV}}' }}/talosconfig); do
+          talosctl service --talosconfig ./{{ '{{.ENV}}' }}/talosconfig --nodes $node;
         done
   delete_all_secrets:
     desc: |
       Delete all related secrets from AWS Secrets Manager.
+      Restores secrets scheduled for deletion before deleting them.
     requires:
       vars: [ENV]
     cmds:
       - |
-        aws secretsmanager delete-secret \
-          --secret-id "{{ '{{.ENV}}' }}_kubeconfig" --force-delete-without-recovery
-      - |
-        aws secretsmanager delete-secret \
-          --secret-id "{{ '{{.ENV}}' }}_talosconfig_yaml" --force-delete-without-recovery
-      - |
-        aws secretsmanager delete-secret \
-          --secret-id "{{ '{{.ENV}}' }}_talos_controlplane_yaml" --force-delete-without-recovery
+        for secret in "{{ '{{.ENV}}' }}_kubeconfig" "{{ '{{.ENV}}' }}_talosconfig_yaml" "{{ '{{.ENV}}' }}_talos_controlplane_yaml"; do
+          echo "Deleting secret: $secret"
+          aws secretsmanager restore-secret --secret-id "$secret" 2>/dev/null || true
+          aws secretsmanager delete-secret --secret-id "$secret" --force-delete-without-recovery 2>/dev/null || true
+        done
   reset_config:
     desc: |
       Remove all config files and delete secrets in AWS Secrets Manager
diff --git a/template/docs/README.md b/template/docs/README.md
index f0f4c49..a2e0d7b 100644
--- a/template/docs/README.md
+++ b/template/docs/README.md
@@ -1,17 +1,33 @@
-# Project Documentation
-
-You are encouraged to add in this directory all documentation
-useful for others (and you in future) to understand better
-how the project work and to help developers to prepare their environment.
-
-Examples (not all possibilities) of good things that can be documented:
-
-- How to configure development environment using third-party
-applications and integrations (e.g. Slack, Discord, external
-APIs, etc);
-- How to prepare the environment to accomplish a specific task
-that demands business knowledge and populate data in multible tables;
-- Glossary of business terms and actions that are not obvious
-to the general public;
-- Anything that you needed to research inside the project and
-it could help a new developer not to have spent time on that research.
+# Talos Kubernetes Cluster Documentation
+
+This directory contains documentation for deploying and managing a Talos Linux Kubernetes cluster on AWS.
+
+## Overview
+
+This project provides infrastructure-as-code templates for deploying a production-ready Talos Linux Kubernetes cluster on AWS using Terraform and OpenTofu.
+
+## Documentation Contents
+
+- **[Project Overview](./project-overview.md)** - Introduction to the template and its purpose
+- **[Architecture](./architecture.md)** - Infrastructure architecture and design
+- **[Deployment](./deployment.md)** - Step-by-step deployment instructions
+- **[Secrets Management](./secrets.md)** - How to manage sensitive configuration
+
+## What is Talos Linux?
+
+Talos Linux is a modern, minimal Linux distribution designed specifically for running Kubernetes. Key features:
+
+- **Immutable**: No SSH, no shell, configuration via API only
+- **Secure**: Minimal attack surface, all management via encrypted API
+- **Kubernetes-Native**: Built exclusively for running Kubernetes workloads
+- **API-Driven**: All operations performed via declarative configuration
+
+## Quick Start
+
+1. Generate a new project from this template using Copier
+2. Configure AWS credentials
+3. Deploy infrastructure: `cd terraform/sandbox && tofu apply`
+4. Bootstrap Talos cluster: `cd bootstrap-cluster/sandbox && task talos:bootstrap`
+5. Access your cluster: `kubectl --kubeconfig kubeconfig get nodes`
+
+For detailed instructions, see the [Deployment Documentation](./deployment.md).
diff --git a/template/docs/architecture.md b/template/docs/architecture.md
index cc48e32..032f2d8 100644
--- a/template/docs/architecture.md
+++ b/template/docs/architecture.md
@@ -1,10 +1,10 @@
 # :house: Architecture
 
-This document outlines the architecture of the application, with diagrams to visualize the different components and their relationships.
+This document outlines the infrastructure architecture for deploying Talos Linux Kubernetes clusters on AWS.
 
 ## System Overview
 
-The template provides a full-stack application with the following components:
+The template provides infrastructure for deploying a Talos Linux Kubernetes cluster with the following components:
 
 ```mermaid
 %%{
@@ -21,59 +21,48 @@ The template provides a full-stack application with the following components:
   }
 }%%
 flowchart TD
-    %% External entities
-    User([User])
-    
-    %% Top-level system components
-    subgraph SystemOverview["SCAF System Overview"]
-        %% Infrastructure layer
+    subgraph SystemOverview["Talos Cluster Architecture"]
         subgraph InfraLayer["Infrastructure Layer"]
-            TF[Terraform] --> AWS[AWS Resources]
-            K8S[Kubernetes] --> CLUSTER[K8s Cluster]
+            TF[Terraform/OpenTofu] --> AWS[AWS Resources]
+            AWS --> VPC[VPC Network]
+            AWS --> EC2[EC2 Instances]
+            AWS --> DNS[Route53 DNS]
         end
-        
-        %% Application layer
-        subgraph AppLayer["Application Layer"]
-            FE[Next.js Frontend] --> |GraphQL| BE[Django Backend]
-            BE --> |Queries/Mutations| DB[(PostgreSQL)]
-            BE --> |Async Tasks| CELERY[Celery Workers]
-            CELERY --> REDIS[Redis]
-            CELERY --> |Email| MAIL[Email Service]
+
+        subgraph OSLayer["Operating System Layer"]
+            EC2 --> TALOS[Talos Linux v1.12.1]
+            TALOS --> API[Talos API]
+        end
+
+        subgraph K8sLayer["Kubernetes Layer"]
+            API --> K8S[Kubernetes Cluster]
+            K8S --> CP[Control Plane]
+            CP --> APISERVER[API Server]
+            CP --> ETCD[etcd]
+            CP --> SCHEDULER[Scheduler]
         end
-        
-        %% Connections between layers
-        CLUSTER --> APP[Application Stack]
-        AWS --> APP
     end
-    
-    %% External connections
-    User -->|interacts with| FE
 
     %% Style definitions - Gruvbox Dark theme
-    classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
     classDef infrastructure fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef application fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef database fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold,shape:cylinder
-    classDef queue fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
+    classDef os fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef kubernetes fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
 
     %% Apply styles
-    class User external
-    class TF,K8S,AWS,CLUSTER,APP infrastructure
-    class FE,BE,CELERY,MAIL application
-    class DB database
-    class REDIS queue
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
+    class TF,AWS,VPC,EC2,DNS infrastructure
+    class TALOS,API os
+    class K8S,CP,APISERVER,ETCD,SCHEDULER kubernetes
+
+    %% Explicit styling for subgraphs
     style SystemOverview fill:#282828,color:#fabd2f,font-weight:bold
     style InfraLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style AppLayer fill:#282828,color:#fabd2f,font-weight:bold
+    style OSLayer fill:#282828,color:#fabd2f,font-weight:bold
+    style K8sLayer fill:#282828,color:#fabd2f,font-weight:bold
 ```
 
-## Application Architecture
-
-### Frontend (Next.js)
+## AWS Infrastructure (Terraform)
 
-The frontend is built with Next.js and TypeScript, using Apollo Client for GraphQL communication with the backend.
+The cloud infrastructure is managed with Terraform/OpenTofu, provisioning the following AWS resources:
 
 ```mermaid
 %%{
@@ -89,89 +78,61 @@ The frontend is built with Next.js and TypeScript, using Apollo Client for Graph
     }
   }
 }%%
-flowchart LR
-    %% Node styling
-    
-    subgraph FrontendArch["Frontend Architecture"]
-        subgraph NextComponents["Next.js Components"]
-            PAGES[Pages] --> COMPS[Components]
-            PAGES --> HOOKS[Hooks/Utils]
-            APOLLO[Apollo Client] --> GQL[GraphQL Queries/Mutations] 
-            PAGES --> APOLLO
-        end
-    end
-    
-    APOLLO --> |HTTP/GraphQL| API[Backend API]
-    
-    %% Style definitions - Gruvbox Dark theme
-    classDef frontend fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef api fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    
-    %% Apply styles
-    class PAGES,COMPS,HOOKS,APOLLO,GQL frontend
-    class API api
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
-    style FrontendArch fill:#282828,color:#fabd2f,font-weight:bold
-    style NextComponents fill:#282828,color:#fabd2f,font-weight:bold
-```
+flowchart TB
+    INTERNET([Internet])
 
-### Backend (Django)
+    subgraph AWSArch["AWS Infrastructure"]
+        R53[Route53 DNS] --> ELB[Elastic Load Balancer]
 
-The backend is built with Django, using Django GraphQL and Celery for async task processing.
+        ELB --> VPC[VPC Network]
 
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945'
-    }
-  }
-}%%
-flowchart TB
-    %% External entities
-    User([User])
-    
-    subgraph BackendArch["Backend Architecture"]
-        subgraph DjangoComponents["Django Components"]
-            URLS[URL Configuration] --> VIEWS[Views/GraphQL]
-            VIEWS --> MODELS[Models]
-            MODELS --> DB[(PostgreSQL)]
-            VIEWS --> |Async Tasks| TASKS[Celery Tasks]
-            TASKS --> REDIS[Redis]
-        end
+        VPC --> SG[Security Groups]
+        VPC --> SUBNET[Public Subnets]
+
+        SUBNET --> EC2_1[EC2 Control Plane 1<br/>Talos Linux]
+        SUBNET --> EC2_2[EC2 Control Plane 2<br/>Talos Linux]
+        SUBNET --> EC2_3[EC2 Control Plane 3<br/>Talos Linux]
+
+        SG --> EC2_1
+        SG --> EC2_2
+        SG --> EC2_3
+
+        IAM[IAM Roles] --> EC2_1
+        IAM --> EC2_2
+        IAM --> EC2_3
     end
-    
-    User --> |HTTP Request| VIEWS
-    
+
+    INTERNET --> |k8s.domain.com:6443| R53
+
     %% Style definitions - Gruvbox Dark theme
     classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef backend fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef database fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold,shape:cylinder
-    classDef queue fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    
+    classDef network fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
+    classDef compute fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef security fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
+
     %% Apply styles
-    class User external
-    class URLS,VIEWS,MODELS,TASKS backend
-    class DB database
-    class REDIS queue
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
-    style BackendArch fill:#282828,color:#fabd2f,font-weight:bold
-    style DjangoComponents fill:#282828,color:#fabd2f,font-weight:bold
+    class INTERNET external
+    class R53,ELB,VPC,SUBNET network
+    class EC2_1,EC2_2,EC2_3 compute
+    class SG,IAM security
+
+    %% Explicit styling for subgraph
+    style AWSArch fill:#282828,color:#fabd2f,font-weight:bold
 ```
 
-## Infrastructure Architecture
+### Infrastructure Components
 
-### Kubernetes Deployment
+- **VPC**: Isolated network with configurable CIDR blocks
+- **Public Subnets**: Subnets across multiple availability zones for high availability
+- **Security Groups**: Firewall rules for Kubernetes API (6443), Talos API (50000), and inter-node communication
+- **EC2 Instances**: Control plane nodes running Talos Linux AMI
+- **Elastic Load Balancer**: Load balances traffic to control plane nodes
+- **Route53**: DNS records for cluster API endpoint (k8s.domain.com)
+- **IAM Roles**: Permissions for EC2 instances to access AWS services
 
-The application is deployed on Kubernetes, with separate environments for development, staging, and production.
+## Talos Linux Architecture
+
+Talos Linux provides the operating system layer that creates and manages the Kubernetes cluster:
 
 ```mermaid
 %%{
@@ -188,150 +149,63 @@ The application is deployed on Kubernetes, with separate environments for develo
   }
 }%%
 flowchart TB
-    %% External entities
-    User([User])
-    
-    subgraph K8sArch["Kubernetes Architecture"]
-        INGRESS[Ingress Controller] --> FE_SVC[Frontend Service]
-        INGRESS --> BE_SVC[Backend Service]
-        
-        FE_SVC --> FE_POD[Frontend Pods]
-        BE_SVC --> BE_POD[Backend Pods]
-        
-        CELERY_SVC[Celery Service] --> CELERY_POD[Celery Pods]
-        
-        DB_SVC[Database Service] --> DB_POD[Database Pods]
-        REDIS_SVC[Redis Service] --> REDIS_POD[Redis Pods]
-    end
-    
-    User --> |HTTPS| INGRESS
-    
-    %% Style definitions - Gruvbox Dark theme
-    classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef ingress fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef service fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef pod fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    
-    %% Apply styles
-    class User external
-    class INGRESS ingress
-    class FE_SVC,BE_SVC,CELERY_SVC,DB_SVC,REDIS_SVC service
-    class FE_POD,BE_POD,CELERY_POD,DB_POD,REDIS_POD pod
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
-    style K8sArch fill:#282828,color:#fabd2f,font-weight:bold
-```
+    ADMIN([Cluster Administrator])
 
-### AWS Infrastructure (Terraform)
+    subgraph TalosArch["Talos Linux Architecture"]
+        TALOSCTL[talosctl CLI] --> |gRPC/TLS| TALOSAPI[Talos API :50000]
 
-The cloud infrastructure is managed with Terraform, provisioning AWS resources.
+        TALOSAPI --> MACHINED[machined<br/>System Service Manager]
 
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945'
-    }
-  }
-}%%
-flowchart TB
-    %% External entities
-    INTERNET([Internet])
-    
-    subgraph AWSArch["AWS Infrastructure"]
-        R53[Route53] --> CF[CloudFront]
-        CF --> ALB[Application Load Balancer]
-        
-        ALB --> EKS[EKS Cluster]
-        
-        EKS --> EC2[EC2 Instances]
-        
-        ECR[ECR Repositories] --> EKS
-        
-        RDS[RDS PostgreSQL] --- EKS
-        
-        S3[S3 Buckets] --- CF
+        MACHINED --> K8S_SERVICES[Kubernetes Services]
+        MACHINED --> SYSTEM[System Services]
+
+        K8S_SERVICES --> KUBELET[kubelet]
+        K8S_SERVICES --> API_SERVER[kube-apiserver]
+        K8S_SERVICES --> CONTROLLER[kube-controller-manager]
+        K8S_SERVICES --> SCHEDULER[kube-scheduler]
+        K8S_SERVICES --> ETCD[etcd]
+
+        SYSTEM --> NETWORKD[networkd<br/>Network Management]
+        SYSTEM --> TRUSTD[trustd<br/>Certificate Management]
     end
-    
-    INTERNET --> R53
-    
+
+    ADMIN --> TALOSCTL
+
+    KUBECTL[kubectl] --> |HTTPS:6443| API_SERVER
+
     %% Style definitions - Gruvbox Dark theme
     classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef network fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef compute fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef storage fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef database fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold,shape:cylinder
-    
+    classDef api fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
+    classDef core fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef k8s fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
+    classDef system fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
+
     %% Apply styles
-    class INTERNET external
-    class R53,CF,ALB network
-    class EKS,EC2 compute
-    class ECR,S3 storage
-    class RDS database
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
-    style AWSArch fill:#282828,color:#fabd2f,font-weight:bold
+    class ADMIN,TALOSCTL,KUBECTL external
+    class TALOSAPI api
+    class MACHINED,K8S_SERVICES,SYSTEM core
+    class KUBELET,API_SERVER,CONTROLLER,SCHEDULER,ETCD k8s
+    class NETWORKD,TRUSTD system
+
+    %% Explicit styling for subgraph
+    style TalosArch fill:#282828,color:#fabd2f,font-weight:bold
 ```
 
-## Data Flow
+### Talos Components
 
-This diagram illustrates how data flows through the system:
+- **machined**: Core system service that manages all other services
+- **Talos API**: gRPC API for cluster management (port 50000)
+- **kubelet**: Kubernetes node agent
+- **kube-apiserver**: Kubernetes API server (port 6443)
+- **kube-controller-manager**: Kubernetes controller manager
+- **kube-scheduler**: Kubernetes scheduler
+- **etcd**: Distributed key-value store for Kubernetes state
+- **networkd**: Network configuration and management
+- **trustd**: Certificate and PKI management
 
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945',
-      'actorBkg': '#3c3836',
-      'actorTextColor': '#ebdbb2',
-      'actorBorder': '#928374'
-    }
-  }
-}%%
-sequenceDiagram
-    actor User as User
-    participant FE as Frontend (Next.js)
-    participant BE as Backend (Django)
-    participant DB as PostgreSQL
-    participant Worker as Celery Worker
-    
-    User->>FE: Access Application
-    activate FE
-    FE->>BE: GraphQL Query/Mutation
-    activate BE
-    BE->>DB: Database Query
-    activate DB
-    DB-->>BE: Query Results
-    deactivate DB
-    BE-->>FE: GraphQL Response
-    deactivate BE
-    FE-->>User: Display Data
-    deactivate FE
-    
-    alt Async Process
-        BE->>Worker: Queue Task
-        activate Worker
-        Worker->>DB: Process Data
-        activate DB
-        deactivate DB
-        Worker->>BE: Task Result
-        deactivate Worker
-    end
-```
+## Deployment Flow
 
-## Development Workflow
+This diagram shows the deployment process from infrastructure provisioning to running cluster:
 
 ```mermaid
 %%{
@@ -348,30 +222,29 @@ sequenceDiagram
   }
 }%%
 flowchart LR
-    subgraph DevWorkflow["Development Workflow"]
-        CODE[Local Development] --> |Git Push| REPO[Repository]
-        REPO --> |CI/CD Pipeline| CI[CI/CD Tests]
-        CI --> |Deployment| K8S[Kubernetes]
-        K8S --> |ArgoCD| ENV[Environment]
+    subgraph DeployFlow["Deployment Flow"]
+        TERRAFORM[1. Terraform Apply<br/>Provision AWS Resources] --> EC2[2. EC2 Instances Boot<br/>Talos Linux AMI]
+        EC2 --> GENCONFIG[3. Generate Configs<br/>talosctl gen config]
+        GENCONFIG --> APPLYCONFIG[4. Apply Configuration<br/>talosctl apply-config]
+        APPLYCONFIG --> BOOTSTRAP[5. Bootstrap Cluster<br/>talosctl bootstrap]
+        BOOTSTRAP --> KUBECONFIG[6. Generate kubeconfig<br/>talosctl kubeconfig]
+        KUBECONFIG --> RUNNING[7. Cluster Running<br/>kubectl get nodes]
     end
-    
+
     %% Style definitions - Gruvbox Dark theme
-    classDef dev fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef repo fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef ci fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef deploy fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    
+    classDef terraform fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
+    classDef boot fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef config fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
+    classDef running fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
+
     %% Apply styles
-    class CODE dev
-    class REPO repo
-    class CI ci
-    class K8S,ENV deploy
-    
-    %% Link styling
-    linkStyle default stroke:#7c6f64,stroke-width:2px,stroke-dasharray: 5 5
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
-    style DevWorkflow fill:#282828,color:#fabd2f,font-weight:bold
+    class TERRAFORM terraform
+    class EC2 boot
+    class GENCONFIG,APPLYCONFIG,BOOTSTRAP,KUBECONFIG config
+    class RUNNING running
+
+    %% Explicit styling for subgraph
+    style DeployFlow fill:#282828,color:#fabd2f,font-weight:bold
 ```
 
 ## Environment Architecture
@@ -394,33 +267,54 @@ The project supports multiple environments with different configurations:
 }%%
 flowchart TB
     subgraph EnvArch["Environment Architecture"]
-        BASE[Base Configuration] --> DEV[Development]
-        BASE --> SANDBOX[Sandbox]
-        BASE --> STAGING[Staging]
-        BASE --> PROD[Production]
-        
-        DEV --> |Local Testing| DEV_ENV[Local Environment]
-        SANDBOX --> |Testing| SANDBOX_ENV[Sandbox Environment]
-        STAGING --> |Pre-Production| STAGING_ENV[Staging Environment]
-        PROD --> |Production| PROD_ENV[Production Environment]
+        TERRAFORM[Terraform Base Module]
+
+        TERRAFORM --> SANDBOX[Sandbox Environment<br/>terraform/sandbox/]
+        TERRAFORM --> STAGING[Staging Environment<br/>terraform/staging/]
+        TERRAFORM --> PROD[Production Environment<br/>terraform/production/]
+
+        SANDBOX --> SANDBOX_CLUSTER[Talos Cluster<br/>k8s.sandbox.domain.com]
+        STAGING --> STAGING_CLUSTER[Talos Cluster<br/>k8s.staging.domain.com]
+        PROD --> PROD_CLUSTER[Talos Cluster<br/>k8s.prod.domain.com]
     end
-    
+
     %% Style definitions - Gruvbox Dark theme
     classDef base fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef dev fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef sandbox fill:#b16286,stroke:#8f3f71,stroke-width:2px,color:#282828,font-weight:bold
     classDef staging fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
     classDef prod fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    classDef sandbox fill:#b16286,stroke:#8f3f71,stroke-width:2px,color:#282828,font-weight:bold
-    classDef env fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    
+    classDef cluster fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+
     %% Apply styles
-    class BASE base
-    class DEV dev
+    class TERRAFORM base
     class SANDBOX sandbox
     class STAGING staging
     class PROD prod
-    class DEV_ENV,SANDBOX_ENV,STAGING_ENV,PROD_ENV env
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
+    class SANDBOX_CLUSTER,STAGING_CLUSTER,PROD_CLUSTER cluster
+
+    %% Explicit styling for subgraph
     style EnvArch fill:#282828,color:#fabd2f,font-weight:bold
-```
\ No newline at end of file
+```
+
+## Security Architecture
+
+Talos Linux provides multiple layers of security:
+
+1. **No SSH Access**: Impossible to SSH into nodes, eliminating a major attack vector
+2. **Immutable File System**: Root filesystem is read-only and cannot be modified
+3. **API Authentication**: All management operations require mutual TLS authentication
+4. **Minimal Attack Surface**: Only runs Kubernetes components, nothing else
+5. **Encrypted Communication**: All API communication is encrypted
+6. **Certificate Management**: Automatic certificate rotation and management
+
+## Network Architecture
+
+Default ports and protocols:
+
+- **6443**: Kubernetes API server (HTTPS)
+- **50000**: Talos API (gRPC/TLS)
+- **50001**: Talos Trustd API (gRPC/TLS)
+- **2379-2380**: etcd client and peer communication
+- **10250**: kubelet API
+
+All inter-node communication is secured with TLS.
diff --git a/template/docs/dataflow.md b/template/docs/dataflow.md
deleted file mode 100644
index 74eb727..0000000
--- a/template/docs/dataflow.md
+++ /dev/null
@@ -1,695 +0,0 @@
-# :arrows_counterclockwise: Data Flow Diagrams
-
-This document provides detailed data flow diagrams for the application, visualizing how data moves through different components and stages of the system.
-
-## Comprehensive Data Flow
-
-This diagram shows the overall data flow across all components of the system, including frontend, backend, storage systems, and external integrations.
-
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945'
-    }
-  }
-}%%
-flowchart TD
-    %% External entities
-    User([End User])
-    Developer([Developer])
-    
-    %% Data sources
-    subgraph DataSources["Data Sources"]
-        direction TB
-        FormInput[("User Form Input")]
-        APIData[("External API Data")]
-        FileUploads[("File Uploads")]
-        StoredData[("Database Records")]
-    end
-    
-    %% Frontend data flow
-    subgraph FrontendFlow["Frontend Data Flow"]
-        direction TB
-        NextPages["Next.js Pages"]
-        Components["React Components"]
-        ClientState["Client State Management"]
-        ApolloClient["Apollo Client"]
-        GQLQueries["GraphQL Queries"]
-        GQLMutations["GraphQL Mutations"]
-        
-        NextPages --> Components
-        Components --> ClientState
-        ClientState --> Components
-        Components --> ApolloClient
-        ApolloClient --> GQLQueries
-        ApolloClient --> GQLMutations
-    end
-    
-    %% Backend data flow
-    subgraph BackendFlow["Backend Data Flow"]
-        direction TB
-        DjangoViews["Django Views/GraphQL"]
-        QueryResolvers["GraphQL Query Resolvers"]
-        MutationResolvers["GraphQL Mutation Resolvers"]
-        DjangoModels["Django Models"]
-        ModelValidation["Model Validation"]
-        Serialization["Data Serialization"]
-        CeleryTasks["Async Celery Tasks"]
-        
-        DjangoViews --> QueryResolvers
-        DjangoViews --> MutationResolvers
-        QueryResolvers --> DjangoModels
-        MutationResolvers --> ModelValidation
-        ModelValidation --> DjangoModels
-        DjangoModels --> Serialization
-        MutationResolvers --> CeleryTasks
-        CeleryTasks --> DjangoModels
-    end
-    
-    %% Storage systems
-    subgraph StorageSystems["Storage Systems"]
-        direction TB
-        PostgreSQL[(PostgreSQL)]
-        Redis[(Redis)]
-        S3Bucket[(S3 Bucket)]
-        
-        PostgreSQL --> StoredData
-    end
-    
-    %% External systems
-    subgraph ExternalSystems["External Systems"]
-        direction TB
-        EmailService["Email Service"]
-        ExternalAPIs["Third-Party APIs"]
-    end
-    
-    %% Deployment data flow
-    subgraph DeploymentFlow["Deployment Data Flow"]
-        direction TB
-        SourceCode[("Source Code")]
-        GitRepo["Git Repository"]
-        CISystem["CI/CD Pipeline"]
-        DockerImages["Docker Images"]
-        ECRRepository["ECR Repository"]
-        K8sManifests["Kubernetes Manifests"]
-        ArgoCD["ArgoCD"]
-        K8sCluster["Kubernetes Cluster"]
-        
-        SourceCode --> GitRepo
-        GitRepo --> CISystem
-        CISystem --> DockerImages
-        DockerImages --> ECRRepository
-        K8sManifests --> ArgoCD
-        ECRRepository --> ArgoCD
-        ArgoCD --> K8sCluster
-    end
-    
-    %% Primary data flow connections
-    %% User/Client interactions
-    User --> FormInput
-    User --> FileUploads
-    FormInput --> Components
-    FileUploads --> Components
-    
-    %% Frontend to backend
-    GQLQueries --> DjangoViews
-    GQLMutations --> DjangoViews
-    
-    %% Backend to storage
-    DjangoModels --> PostgreSQL
-    CeleryTasks --> Redis
-    CeleryTasks --> S3Bucket
-    
-    %% External integrations
-    CeleryTasks --> EmailService
-    QueryResolvers --> ExternalAPIs
-    ExternalAPIs --> APIData
-    APIData --> QueryResolvers
-    
-    %% Deployment workflow
-    Developer --> SourceCode
-    
-    %% Response flows
-    PostgreSQL --> DjangoModels
-    Serialization --> QueryResolvers
-    Serialization --> MutationResolvers
-    QueryResolvers --> DjangoViews
-    MutationResolvers --> DjangoViews
-    DjangoViews --> GQLQueries
-    DjangoViews --> GQLMutations
-    GQLQueries --> ApolloClient
-    GQLMutations --> ApolloClient
-    ApolloClient --> Components
-    Components --> NextPages
-    NextPages --> User
-    
-    %% Style definitions - Gruvbox Dark theme
-    classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef frontend fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef backend fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef storage fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold,shape:cylinder
-    classDef queue fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    classDef data fill:#b16286,stroke:#8f3f71,stroke-width:2px,color:#282828,font-weight:bold
-    classDef deployment fill:#98971a,stroke:#79740e,stroke-width:2px,color:#282828,font-weight:bold
-    classDef external_system fill:#d65d0e,stroke:#af3a03,stroke-width:2px,color:#282828,font-weight:bold
-    
-    %% Apply styles
-    class User,Developer external
-    class NextPages,Components,ClientState,ApolloClient,GQLQueries,GQLMutations frontend
-    class DjangoViews,QueryResolvers,MutationResolvers,DjangoModels,ModelValidation,Serialization,CeleryTasks backend
-    class PostgreSQL,Redis,S3Bucket storage
-    class FormInput,APIData,FileUploads,StoredData data
-    class EmailService,ExternalAPIs external_system
-    class SourceCode,GitRepo,CISystem,DockerImages,ECRRepository,K8sManifests,ArgoCD,K8sCluster deployment
-    
-    %% Explicit styling for subgraph titles
-    style DataSources fill:#282828,color:#fabd2f,font-weight:bold
-    style FrontendFlow fill:#282828,color:#fabd2f,font-weight:bold
-    style BackendFlow fill:#282828,color:#fabd2f,font-weight:bold
-    style StorageSystems fill:#282828,color:#fabd2f,font-weight:bold
-    style ExternalSystems fill:#282828,color:#fabd2f,font-weight:bold
-    style DeploymentFlow fill:#282828,color:#fabd2f,font-weight:bold
-```
-
-## CRUD Operations Flow
-
-This sequence diagram illustrates the detailed flow of Create, Read, Update, and Delete operations from user interaction through the entire stack.
-
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945',
-      'actorBkg': '#3c3836',
-      'actorTextColor': '#ebdbb2',
-      'actorBorder': '#928374'
-    }
-  }
-}%%
-sequenceDiagram
-    actor User as User
-    participant UI as Next.js UI
-    participant Client as Apollo Client
-    participant API as Django GraphQL API
-    participant Validation as Input Validation
-    participant Model as Django Models
-    participant DB as PostgreSQL
-    participant Background as Celery Tasks
-    
-    %% CREATE flow
-    User->>UI: Submit Create Form
-    activate UI
-    UI->>Client: Execute create mutation
-    activate Client
-    Client->>API: GraphQL mutation request
-    activate API
-    API->>Validation: Validate input data
-    activate Validation
-    
-    alt Invalid Data
-        Validation-->>API: Validation errors
-        API-->>Client: Return validation errors
-        Client-->>UI: Display errors
-        UI-->>User: Show error feedback
-    else Valid Data
-        Validation-->>API: Validated data
-        deactivate Validation
-        API->>Model: Create new object
-        activate Model
-        Model->>DB: INSERT query
-        activate DB
-        DB-->>Model: Confirmation
-        deactivate DB
-        Model-->>API: New object data
-        deactivate Model
-        
-        opt Async Processing Needed
-            API->>Background: Queue background task
-            activate Background
-            Background->>DB: Additional processing
-            Background-->>API: Processing status
-            deactivate Background
-        end
-        
-        API-->>Client: Return success response
-        deactivate API
-        Client-->>UI: Update local cache/state
-        deactivate Client
-        UI-->>User: Display success confirmation
-        UI->>UI: Redirect or update view
-    end
-    deactivate UI
-    
-    %% READ flow
-    User->>UI: Request Data View
-    activate UI
-    UI->>Client: Execute query
-    activate Client
-    Client->>API: GraphQL query request
-    activate API
-    API->>Model: Retrieve data
-    activate Model
-    Model->>DB: SELECT query
-    activate DB
-    DB-->>Model: Query results
-    deactivate DB
-    Model-->>API: Format data
-    deactivate Model
-    API-->>Client: Return data
-    deactivate API
-    Client-->>UI: Update local state
-    deactivate Client
-    UI-->>User: Display data
-    deactivate UI
-    
-    %% UPDATE flow
-    User->>UI: Submit Edit Form
-    activate UI
-    UI->>Client: Execute update mutation
-    activate Client
-    Client->>API: GraphQL mutation request
-    activate API
-    API->>Validation: Validate input data
-    activate Validation
-    
-    alt Invalid Data
-        Validation-->>API: Validation errors
-        API-->>Client: Return validation errors
-        Client-->>UI: Display errors
-        UI-->>User: Show error feedback
-    else Valid Data
-        Validation-->>API: Validated data
-        deactivate Validation
-        API->>Model: Update object
-        activate Model
-        Model->>DB: UPDATE query
-        activate DB
-        DB-->>Model: Confirmation
-        deactivate DB
-        Model-->>API: Updated object data
-        deactivate Model
-        
-        opt Async Processing Needed
-            API->>Background: Queue background task
-            activate Background
-            Background->>DB: Additional processing
-            Background-->>API: Processing status
-            deactivate Background
-        end
-        
-        API-->>Client: Return success response
-        deactivate API
-        Client-->>UI: Update local cache/state
-        deactivate Client
-        UI-->>User: Display success confirmation
-    end
-    deactivate UI
-    
-    %% DELETE flow
-    User->>UI: Request Delete
-    activate UI
-    UI->>UI: Confirm deletion
-    UI->>Client: Execute delete mutation
-    activate Client
-    Client->>API: GraphQL mutation request
-    activate API
-    API->>Model: Delete object
-    activate Model
-    Model->>DB: DELETE query
-    activate DB
-    DB-->>Model: Confirmation
-    deactivate DB
-    Model-->>API: Success status
-    deactivate Model
-    
-    opt Background Cleanup
-        API->>Background: Queue cleanup task
-        activate Background
-        Background->>DB: Cleanup related data
-        Background-->>API: Cleanup status
-        deactivate Background
-    end
-    
-    API-->>Client: Return success response
-    deactivate API
-    Client-->>UI: Update local cache/state
-    deactivate Client
-    UI-->>User: Display success confirmation
-    UI->>UI: Redirect to list view
-    deactivate UI
-```
-
-## API/Backend Data Processing Flow
-
-This diagram illustrates how data moves through the various layers of the backend, from API requests to database operations.
-
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945'
-    }
-  }
-}%%
-flowchart TD
-    %% Request entry points
-    GraphQLReq(["GraphQL Request"])
-    RestReq(["REST API Request"])
-    CeleryTask(["Scheduled/Triggered Task"])
-    
-    %% Authentication & permission layer
-    subgraph AuthLayer["Authentication & Authorization"]
-        direction LR
-        TokenAuth["Token Authentication"]
-        SessionAuth["Session Authentication"]
-        Permissions["Permission Checks"]
-        
-        TokenAuth --> Permissions
-        SessionAuth --> Permissions
-    end
-    
-    %% Request processing layer
-    subgraph APILayer["API Processing Layer"]
-        direction LR
-        GQLSchema["GraphQL Schema"]
-        GQLResolvers["GraphQL Resolvers"]
-        RestViews["REST API Views"]
-        Serializers["Django Serializers"]
-        
-        GQLSchema --> GQLResolvers
-        RestViews --> Serializers
-    end
-    
-    %% Business logic layer
-    subgraph BusinessLayer["Business Logic Layer"]
-        direction TB
-        Services["Service Functions"]
-        ModelMethods["Model Methods"]
-        HelperFuncs["Helper Utilities"]
-        Validators["Data Validators"]
-        
-        Services --> ModelMethods
-        Services --> HelperFuncs
-        Services --> Validators
-    end
-    
-    %% Data access layer
-    subgraph DataLayer["Data Access Layer"]
-        direction TB
-        Models["Django Models"]
-        Managers["Custom Managers"]
-        QuerySets["QuerySet Methods"]
-        RawSQL["Raw SQL (when needed)"]
-        
-        Models --> Managers
-        Managers --> QuerySets
-        Managers --> RawSQL
-    end
-    
-    %% Database layer
-    subgraph DBLayer["Database Layer"]
-        direction LR
-        ReadReplica[("Read Replica")]
-        MainDB[("Primary Database")]
-        Migrations["Django Migrations"]
-        
-        ReadReplica --- MainDB
-        Migrations --> MainDB
-    end
-    
-    %% Asynchronous processing
-    subgraph AsyncLayer["Asynchronous Processing"]
-        direction TB
-        CeleryQueue["Celery Task Queue"]
-        Workers["Celery Workers"]
-        Results["Task Results Storage"]
-        
-        CeleryQueue --> Workers
-        Workers --> Results
-    end
-    
-    %% External services integration
-    subgraph ExternalLayer["External Integrations"]
-        direction LR
-        Email["Email Service"]
-        Storage["S3 Storage"]
-        ThirdParty["3rd Party APIs"]
-        
-        Email --- Storage
-        Storage --- ThirdParty
-    end
-    
-    %% Main request flow
-    GraphQLReq --> TokenAuth
-    RestReq --> SessionAuth
-    Permissions --> GQLSchema
-    Permissions --> RestViews
-    GQLResolvers --> Services
-    Serializers --> Services
-    Services --> Models
-    Models --> MainDB
-    Models --> ReadReplica
-    
-    %% Async flow
-    GQLResolvers --> CeleryQueue
-    RestViews --> CeleryQueue
-    CeleryTask --> CeleryQueue
-    Workers --> Services
-    Workers --> ExternalLayer
-    
-    %% Return flow
-    MainDB --> Models
-    ReadReplica --> Models
-    Models --> Services
-    Models --> ModelMethods
-    Services --> GQLResolvers
-    Services --> Serializers
-    GQLResolvers --> |Response| GraphQLReq
-    Serializers --> |Response| RestReq
-    
-    %% Style definitions - Gruvbox Dark theme
-    classDef input fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef auth fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef api fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef business fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef data fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    classDef db fill:#b16286,stroke:#8f3f71,stroke-width:2px,color:#282828,font-weight:bold
-    classDef async fill:#98971a,stroke:#79740e,stroke-width:2px,color:#282828,font-weight:bold
-    classDef ext fill:#d65d0e,stroke:#af3a03,stroke-width:2px,color:#282828,font-weight:bold
-    
-    %% Apply styles
-    class GraphQLReq,RestReq,CeleryTask input
-    class TokenAuth,SessionAuth,Permissions auth
-    class GQLSchema,GQLResolvers,RestViews,Serializers api
-    class Services,ModelMethods,HelperFuncs,Validators business
-    class Models,Managers,QuerySets,RawSQL data
-    class ReadReplica,MainDB,Migrations db
-    class CeleryQueue,Workers,Results async
-    class Email,Storage,ThirdParty ext
-    
-    %% Explicit styling for subgraph titles
-    style AuthLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style APILayer fill:#282828,color:#fabd2f,font-weight:bold
-    style BusinessLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style DataLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style DBLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style AsyncLayer fill:#282828,color:#fabd2f,font-weight:bold
-    style ExternalLayer fill:#282828,color:#fabd2f,font-weight:bold
-```
-
-## Deployment/Infrastructure Data Flow
-
-This diagram visualizes how code and configuration flow through the CI/CD pipeline to cloud and Kubernetes infrastructure.
-
-```mermaid
-%%{
-  init: {
-    'theme': 'base',
-    'themeVariables': {
-      'primaryColor': '#282828',
-      'primaryTextColor': '#ebdbb2',
-      'primaryBorderColor': '#7c6f64',
-      'lineColor': '#7c6f64',
-      'secondaryColor': '#3c3836',
-      'tertiaryColor': '#504945'
-    }
-  }
-}%%
-flowchart TD
-    %% Development sources
-    Developer([Developer])
-    LocalCode[("Local Code")]
-    
-    %% Source control
-    subgraph SourceControl["Source Control"]
-        direction TB
-        GitRepo["Git Repository"]
-        PRs["Pull Requests"]
-        Branches["Feature/Release Branches"]
-        MainBranch["Main Branch"]
-        
-        Branches --> PRs
-        PRs --> MainBranch
-    end
-    
-    %% CI/CD pipeline
-    subgraph CIPipeline["CI/CD Pipeline"]
-        direction TB
-        GHActions["GitHub Actions"]
-        Lint["Linting & Type Checking"]
-        UnitTests["Unit Tests"]
-        IntegTests["Integration Tests"]
-        Build["Build Process"]
-        
-        GHActions --> Lint
-        GHActions --> UnitTests
-        Lint --> Build
-        UnitTests --> Build
-        IntegTests --> Build
-    end
-    
-    %% Artifacts
-    subgraph Artifacts["Build Artifacts"]
-        direction TB
-        FrontendImage["Frontend Docker Image"]
-        BackendImage["Backend Docker Image"]
-        CeleryImage["Celery Worker Image"]
-        TerraformPlans["Terraform Plans"]
-        
-        FrontendImage --- BackendImage
-        BackendImage --- CeleryImage
-    end
-    
-    %% Infrastructure as code
-    subgraph IaC["Infrastructure as Code"]
-        direction TB
-        TerraformModules["Terraform Modules"]
-        TerraformVars["Environment Variables"]
-        K8sManifests["Kubernetes Manifests"]
-        KustomizeOverlays["Kustomize Overlays"]
-        
-        TerraformModules --> TerraformVars
-        K8sManifests --> KustomizeOverlays
-    end
-    
-    %% Cloud resources
-    subgraph CloudResources["AWS Cloud Resources"]
-        direction TB
-        VPC["VPC & Networking"]
-        EKS["EKS Cluster"]
-        ECR["Container Registry"]
-        RDS["RDS Database"]
-        S3["S3 Buckets"]
-        CF["CloudFront"]
-        R53["Route 53"]
-        
-        VPC --> EKS
-        ECR --> EKS
-        EKS --> RDS
-        S3 --> CF
-        CF --> R53
-    end
-    
-    %% Kubernetes deployment
-    subgraph K8sDeployment["Kubernetes Deployment"]
-        direction TB
-        ArgoCD["ArgoCD"]
-        CertManager["Cert Manager"]
-        Ingress["Ingress Controller"]
-        Secrets["Sealed Secrets"]
-        Monitoring["Monitoring Stack"]
-        FrontendSvc["Frontend Service"]
-        BackendSvc["Backend Service"]
-        CelerySvc["Celery Service"]
-        RedisSvc["Redis Service"]
-        DBSvc["Database Service"]
-        
-        ArgoCD --> CertManager
-        ArgoCD --> Ingress
-        ArgoCD --> Secrets
-        ArgoCD --> Monitoring
-        ArgoCD --> FrontendSvc
-        ArgoCD --> BackendSvc
-        ArgoCD --> CelerySvc
-        ArgoCD --> RedisSvc
-        ArgoCD --> DBSvc
-        Secrets --> FrontendSvc
-        Secrets --> BackendSvc
-        Secrets --> CelerySvc
-        Secrets --> DBSvc
-        Ingress --> FrontendSvc
-        Ingress --> BackendSvc
-    end
-    
-    %% End user access
-    EndUser([End User])
-    
-    %% Main flow connections
-    Developer --> LocalCode
-    LocalCode --> GitRepo
-    MainBranch --> GHActions
-    Build --> FrontendImage
-    Build --> BackendImage
-    Build --> CeleryImage
-    FrontendImage --> ECR
-    BackendImage --> ECR
-    CeleryImage --> ECR
-    MainBranch --> TerraformModules
-    MainBranch --> K8sManifests
-    TerraformVars --> VPC
-    TerraformVars --> EKS
-    TerraformVars --> ECR
-    TerraformVars --> RDS
-    TerraformVars --> S3
-    TerraformVars --> CF
-    TerraformVars --> R53
-    KustomizeOverlays --> ArgoCD
-    ECR --> ArgoCD
-    EKS --> ArgoCD
-    R53 --> EndUser
-    
-    %% Style definitions - Gruvbox Dark theme
-    classDef external fill:#3c3836,stroke:#928374,stroke-width:1px,color:#ebdbb2,font-weight:bold
-    classDef source fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef ci fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
-    classDef artifact fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef iac fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    classDef cloud fill:#b16286,stroke:#8f3f71,stroke-width:2px,color:#282828,font-weight:bold
-    classDef k8s fill:#98971a,stroke:#79740e,stroke-width:2px,color:#282828,font-weight:bold
-    
-    %% Apply styles
-    class Developer,EndUser,LocalCode external
-    class GitRepo,PRs,Branches,MainBranch source
-    class GHActions,Lint,UnitTests,IntegTests,Build ci
-    class FrontendImage,BackendImage,CeleryImage,TerraformPlans artifact
-    class TerraformModules,TerraformVars,K8sManifests,KustomizeOverlays iac
-    class VPC,EKS,ECR,RDS,S3,CF,R53 cloud
-    class ArgoCD,CertManager,Ingress,Secrets,Monitoring,FrontendSvc,BackendSvc,CelerySvc,RedisSvc,DBSvc k8s
-    
-    %% Explicit styling for subgraph titles
-    style SourceControl fill:#282828,color:#fabd2f,font-weight:bold
-    style CIPipeline fill:#282828,color:#fabd2f,font-weight:bold
-    style Artifacts fill:#282828,color:#fabd2f,font-weight:bold
-    style IaC fill:#282828,color:#fabd2f,font-weight:bold
-    style CloudResources fill:#282828,color:#fabd2f,font-weight:bold
-    style K8sDeployment fill:#282828,color:#fabd2f,font-weight:bold
-```
\ No newline at end of file
diff --git a/template/docs/debug.md b/template/docs/debug.md
deleted file mode 100644
index 96ea6e7..0000000
--- a/template/docs/debug.md
+++ /dev/null
@@ -1,29 +0,0 @@
-# :bug: How to debug the application
-
-The steps below describe how to set up interactive debugging with PyCharm.
-
-## PyCharm Debugging Setup
-Update `k8s/base/app.configmap.yaml` with `data` field `PYTHONBREAKPOINT: "utils.pycharm_debugger"`
-
-In PyCharm:
-
-1. Go to 'Run' in the toolbar
-2. Click on 'Edit Configurations'
-3. Click on '+' in the top left of the dialog
-4. Select 'Python Debug Server'
-5. Set the host to 0.0.0.0 and the port to 6400, and the name as you see fit.
-6. For 'path mappings' set /path/to/{{ copier__project_slug}}/backend=/app/src
-7. Check 'Redirect console output to console'
-8. Remove check on 'Suspend after connect'.
-9. Click 'Ok'
-
-![debug__debug_configuration.png](images/debug__debug_configuration.png)
-
-## Debugging in development
-Before the code you want to debug, add the following:
-
-```python
-breakpoint()
-```
-
-You must then set break points in your IDE and call the code as usual to hit them.
diff --git a/template/docs/deployment.md b/template/docs/deployment.md
index 27573e4..87ff078 100644
--- a/template/docs/deployment.md
+++ b/template/docs/deployment.md
@@ -1,10 +1,372 @@
-# :package: How to deploy
+# :package: How to Deploy a Talos Cluster
 
-## Infrastructure provisioning
+This guide walks through deploying a Talos Linux Kubernetes cluster on AWS, from infrastructure provisioning to cluster bootstrap.
 
-Terraform can be used to provision AWS resources for your project deployment.
-Read [terraform/README.md](/terraform/README.md) for more information and steps for provisioning resources.
+## Prerequisites
 
-## Application deployment
+Before you begin, ensure you have the following tools installed:
 
-Use ArgoCD and Kubernetes to automate the deployment of your application to your infrastructure. ArgoCD monitors changes within your repository, promptly applying the relevant Kubernetes manifests. Read [bootstrap-cluster/README.md](/bootstrap-cluster/README.md) for more details.
+- **AWS CLI** - Configured with appropriate credentials
+- **Terraform/OpenTofu** - Infrastructure provisioning (v1.6+)
+- **talosctl** - Talos cluster management CLI
+- **kubectl** - Kubernetes command-line tool
+- **Task** - Task runner for automation
+
+## Deployment Overview
+
+The deployment process consists of two main phases:
+
+1. **Infrastructure Provisioning** - Use Terraform to create AWS resources
+2. **Cluster Bootstrap** - Use Talos to initialize the Kubernetes cluster
+
+## Step 1: Configure AWS Credentials
+
+Ensure your AWS credentials are configured:
+
+```bash
+aws configure
+# OR
+export AWS_PROFILE=your-profile
+```
+
+Verify access:
+
+```bash
+aws sts get-caller-identity
+```
+
+## Step 2: Choose Your Environment
+
+The template supports three environments:
+
+- **sandbox** - Testing and experimentation
+- **staging** - Pre-production validation
+- **production** - Production workloads
+
+For this guide, we'll use **sandbox**. Replace with your chosen environment as needed.
+
+## Step 3: Create S3 Backend for Terraform State
+
+Before provisioning infrastructure, you need to create the S3 bucket and DynamoDB table for storing Terraform state.
+
+Navigate to the bootstrap directory:
+
+```bash
+cd terraform/bootstrap
+```
+
+Initialize and apply the bootstrap configuration:
+
+```bash
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
+```
+
+This creates:
+- S3 bucket for storing Terraform state
+- DynamoDB table for state locking
+
+**Note:** This step only needs to be run once for all environments.
+
+## Step 4: Provision Infrastructure with Terraform
+
+### Initialize Terraform
+
+Navigate to the environment directory:
+
+```bash
+cd ../sandbox
+```
+
+Initialize Terraform:
+
+```bash
+tofu init
+```
+
+### Review and Apply
+
+Review the planned changes:
+
+```bash
+tofu plan
+```
+
+Apply the infrastructure:
+
+```bash
+tofu apply
+```
+
+Type `yes` when prompted to confirm.
+
+### What Gets Created
+
+Terraform provisions:
+
+- VPC with public subnets across availability zones
+- Security groups for Kubernetes and Talos APIs
+- EC2 instances with Talos Linux AMI (control plane nodes)
+- Elastic Load Balancer for control plane access
+- Route53 DNS record for cluster API endpoint
+- IAM roles for EC2 instances
+
+**Note:** EC2 instances will boot with Talos OS but the Kubernetes cluster is NOT yet initialized.
+
+## Step 5: Bootstrap the Talos Cluster
+
+After infrastructure is provisioned, bootstrap the Kubernetes cluster.
+
+### Navigate to Bootstrap Directory
+
+```bash
+cd ../../bootstrap-cluster/sandbox
+```
+
+### Review Environment Configuration
+
+Check the `.env` file for your environment:
+
+```bash
+cat .env
+```
+
+This contains:
+- `TALOS_FACTORY_IMAGE` - Talos version (v1.12.1)
+- `TOFU_DIR` - Path to Terraform directory
+
+### Run Bootstrap Process
+
+Execute the bootstrap task:
+
+```bash
+export ENV=sandbox
+task talos:bootstrap
+```
+
+This automated task performs the following steps:
+
+1. **Generate Configs** - Creates `talosconfig` and `controlplane.yaml`
+2. **Set Node IPs** - Configures Talos endpoints from Terraform output
+3. **Apply Configuration** - Pushes Talos config to all nodes
+4. **Bootstrap Kubernetes** - Initializes the Kubernetes cluster
+5. **Generate kubeconfig** - Creates kubectl configuration
+6. **Upgrade Talos** - Updates to specific v1.12.1 factory image
+
+### Monitor the Process
+
+You can monitor the bootstrap process via AWS Serial Console:
+
+1. Go to AWS Console → EC2 → Instances
+2. Select a control plane instance
+3. Actions → Monitor and troubleshoot → Get system log
+
+## Step 6: Verify Cluster Status
+
+### Check Talos Node Health
+
+```bash
+export TALOSCONFIG=./sandbox/talosconfig
+talosctl health --nodes <first-node-ip>
+```
+
+### Check Talos Version
+
+```bash
+talosctl version --nodes <node-ip>
+```
+
+### Access Kubernetes Cluster
+
+```bash
+export KUBECONFIG=./sandbox/kubeconfig
+kubectl get nodes
+```
+
+Expected output:
+```
+NAME                 STATUS   ROLES           AGE   VERSION
+my-cluster-0         Ready    control-plane   5m    v1.31.x
+my-cluster-1         Ready    control-plane   5m    v1.31.x
+my-cluster-2         Ready    control-plane   5m    v1.31.x
+```
+
+### Check Kubernetes Components
+
+```bash
+kubectl get pods -n kube-system
+```
+
+All system pods should be Running.
+
+## Step 7: Store Credentials Securely
+
+The bootstrap process stores credentials in AWS Secrets Manager:
+
+- **Talosconfig** - Stored as `${ENV}_talosconfig_yaml`
+- **Kubeconfig** - Stored as `${ENV}_kubeconfig_yaml`
+
+Retrieve them later with:
+
+```bash
+# Get talosconfig
+aws secretsmanager get-secret-value \
+  --secret-id sandbox_talosconfig_yaml \
+  --query SecretString --output text | base64 -d > talosconfig
+
+# Get kubeconfig
+aws secretsmanager get-secret-value \
+  --secret-id sandbox_kubeconfig_yaml \
+  --query SecretString --output text | base64 -d > kubeconfig
+```
+
+## Common Bootstrap Tasks
+
+The `Taskfile.yml` in `bootstrap-cluster/` provides several useful tasks:
+
+### List Available Tasks
+
+```bash
+task --list
+```
+
+### Individual Bootstrap Steps
+
+If you need to run steps individually:
+
+```bash
+# Generate Talos configuration
+task talos:generate_configs
+
+# Apply config to nodes
+task talos:apply_talos_config
+
+# Bootstrap Kubernetes
+task talos:bootstrap_kubernetes
+
+# Generate kubeconfig
+task talos:generate_kubeconfig
+
+# Upgrade Talos version
+task talos:upgrade_talos
+
+# Check cluster health
+task talos:health
+```
+
+## Upgrading Talos
+
+To upgrade to a new Talos version:
+
+1. Update `TALOS_FACTORY_IMAGE` in `bootstrap-cluster/.env`
+2. Run the upgrade task:
+
+```bash
+export ENV=sandbox
+task talos:upgrade_talos
+```
+
+## Removing All Resources from an Environment
+
+**WARNING:** This will permanently destroy all resources and data in the environment. This action cannot be undone.
+
+### Step 1: Destroy the Environment Infrastructure
+
+Navigate to the environment directory and destroy all resources:
+
+```bash
+cd terraform/sandbox  # or staging, production
+tofu destroy
+```
+
+Review the resources that will be destroyed and type `yes` when prompted.
+
+This will remove:
+- EC2 instances (control plane nodes)
+- Elastic Load Balancer
+- Route53 DNS records
+- Security groups
+- VPC and subnets
+- IAM roles
+
+### Step 2: Clean Up Local Configuration Files
+
+Remove the generated Talos and Kubernetes configuration files:
+
+```bash
+cd ../../bootstrap-cluster/sandbox  # or staging, production
+rm -f talosconfig kubeconfig controlplane.yaml
+```
+
+### Step 3 (Optional): Remove Secrets from AWS Secrets Manager
+
+If you want to remove the stored credentials:
+
+```bash
+aws secretsmanager delete-secret --secret-id sandbox_talosconfig_yaml --force-delete-without-recovery
+aws secretsmanager delete-secret --secret-id sandbox_kubeconfig_yaml --force-delete-without-recovery
+aws secretsmanager delete-secret --secret-id sandbox_talos_controlplane_yaml --force-delete-without-recovery
+```
+
+### Step 4 (Optional): Destroy S3 Backend
+
+**WARNING:** Only do this if you want to remove ALL environments and start fresh. This will delete the Terraform state for all environments.
+
+```bash
+cd terraform/bootstrap
+tofu destroy
+```
+
+This removes:
+- S3 bucket storing Terraform state
+- DynamoDB table for state locking
+
+**Note:** You must destroy all environment infrastructure (sandbox, staging, production) before destroying the S3 backend.
+
+## Troubleshooting
+
+### Terraform Issues
+
+**Error:** "Error creating VPC"
+- Check AWS credentials and region configuration
+- Verify account limits for VPCs
+
+**Error:** "No Talos AMI found"
+- Verify the AWS region has Talos AMIs available
+- Check the AMI filter in `terraform/modules/base/ec2.tf`
+
+### Bootstrap Issues
+
+**Error:** "failed to dial"
+- Ensure security groups allow port 50000 (Talos API)
+- Verify EC2 instances are running
+- Check public IPs are accessible
+
+**Error:** "context deadline exceeded"
+- Talos nodes may still be booting (wait 2-3 minutes)
+- Check AWS Serial Console for boot logs
+
+### Cluster Not Healthy
+
+```bash
+# Check Talos service status
+talosctl --nodes <ip> services
+
+# View Talos logs
+talosctl --nodes <ip> logs kubelet
+
+# Check etcd health
+talosctl --nodes <ip> etcd members
+```
+
+## Next Steps
+
+After successfully deploying your cluster:
+
+1. **Deploy workloads** - Use `kubectl apply` to deploy applications
+2. **Install cluster add-ons** - CNI, CSI drivers, ingress controllers, etc.
+3. **Review security** - Configure RBAC, network policies, pod security standards
+
+For more information:
+- See [Architecture Documentation](./architecture.md)
+- Read the [Talos Documentation](https://www.talos.dev/docs/)
+- Check [Terraform README](../terraform/README.md)
diff --git a/template/docs/development.md b/template/docs/development.md
deleted file mode 100644
index 85d93e9..0000000
--- a/template/docs/development.md
+++ /dev/null
@@ -1,98 +0,0 @@
-# :technologist: How to set up your local environment for development
-
-## Requirements
-
-To work with Kubernetes, you need to install some additional software packages.
-Depending on your operating system, the installation instructions may vary.
-
-The documentation and scripts in the repo are written to work with `kubectl`, `kind` and `Tilt`.
-
-Consult the links below if you prefer to use Minikube or Docker Desktop instead:
-* [minikube](https://minikube.sigs.k8s.io/docs/start/).
-* [Docker](https://docs.docker.com/get-docker/).
-
-## Setup your environment
-
-1. Get the repository
-
-       $ git clone {{ copier__repo_url }}
-       $ cd {{ copier__project_slug }}
-
-2. Prepare the environment variables. Edit the `.envrc` file to work for your environment.
-
-   **For personal environment configurations**: Create a `.envrc.local` file for your personal development settings that won't be committed to version control:
-
-   ```bash
-   # Example .envrc.local file
-   export DEBUG=true
-   export LOG_LEVEL=debug
-   export LOCAL_DEV_SETTING=custom_value
-   ```
-
-   The `.envrc.local` file will be automatically loaded when you enter the directory (after `.envrc`), allowing you to override or add environment variables without modifying the shared `.envrc` file.
-
-## Run the kubernetes cluster and the {{ copier__project_slug }} app to develop the code
-
-First load the environment variables, then run:
-
-      $ make setup
-      $ tilt up
-
-:information_source: It may take a little bit of time for all the services to start up, and it's possible for
-the first run to fail because of timing conflicts. If you do see messages indicating there
-were errors during the first run, stop all the containers using Ctrl-C, and then try it again.
-
-You are now ready to edit the code.
-The app will be automatically reloaded when its files change.
-
-To delete resources created by Tilt once you are done working:
-
-       $ tilt down
-
-This will not delete persistent volumes created by Tilt, and you should be able to start Tilt again with your data intact.
-
-To remove the cluster entirely:
-
-       $ kind delete cluster --name {{ copier__project_slug }}
-
-To switch between different Scaf project contexts:
-      
-      $ tilt down    # inside the codebase of the previous project
-      $ make setup   # inside the codebase of the project you want to work on
-      $ tilt up
-
-## Next steps
-
-Creating a superuser account in the backend is useful so you have access to
-Django Admin that will be accessible at [http://localhost:8000/admin](http://localhost:8000/admin)
-
-To create a superuser use the following commands:
-
-    $ make shell-backend
-    $ ./manage.py createsuperuser
-{% if copier__create_nextjs_frontend %}
-This project has a NextJS frontend configured. You can access it at [http://localhost:3000/](http://localhost:3000/).
-{% endif %}
-
-## Update dependencies
-
-To update the backend app dependencies, you must edit the `backend/requirements/*.in` files.
-Once you have made your changes, you need to regenerate the `backend/requirements/*.txt` files using:
-
-       $ make compile
-
-
-## Resource Limits Consideration
-
-Resource limits have been predefined for both Django and NextJS services to ensure optimal performance and efficient resource utilization:
-
-- **Django**:
-  - Requests: `cpu: 200m`, `memory: 300Mi`
-  - Limits: `cpu: 250m`, `memory: 400Mi`
-{% if copier__create_nextjs_frontend %}
-- **NextJS**:
-  - Requests: `cpu: 100m`, `memory: 200Mi`
-  - Limits: `cpu: 250m`, `memory: 300Mi`
-{% endif %}
-
-Ensure these values are appropriate for your environment. If needed, adjust them based on real workload observations in a staging or production environment to balance performance and resource consumption.
\ No newline at end of file
diff --git a/template/docs/monitoring.md b/template/docs/monitoring.md
deleted file mode 100644
index 4bd99b0..0000000
--- a/template/docs/monitoring.md
+++ /dev/null
@@ -1,91 +0,0 @@
-# :microscope: How to monitor the application
-{% if copier__use_sentry %}
-### How to monitor errors
-
-Sentry can be used for error reporting at the application level. Sentry is included as a dependency in the project requirements, and the SENTRY_DSN configuration variable is included in the Django config map.
-Next, one needs to add the project to Sentry by following the steps below:
-
-Note: The values for both tokens can be empty if you don't wish to use Sentry.
-
-1. Create two projects in your organisation's Sentry instance, e.g. https://sixfeetup.sentry.io/projects/
-   1. One project for the backend 
-   2. One project for the frontend 
-2. Configure Slack notifications
-3. Add team members in Sentry 
-4. Update `k8s/base/app.configmap.yaml` `SENTRY_DSN_BACKEND`, `VITE_SENTRY_DSN_FRONTEND` with the DSNs appropriate for the relevant Sentry projects. 
-
-For more detailed steps view [Sentry specific documentation](/docs/sentry.md)
-
-{% endif %}
-### How to monitor logs and the deployed application
-
-Install Loki for log aggregation and the Kube Prometheus Stack with Grafana Dashboards for monitoring.
-
-#### Setup AWS credentials
-
-First export the credentials to your environment variables. Change the values accordingly:
-
-```
-export AWS_ACCESS_KEY_ID='ABC123456'
-export AWS_SECRET_ACCESS_KEY='ABC123456'
-```
-
-Then create a secret in the monitoring namespace:
-
-```
-kubectl create secret generic iam-loki-s3 --from-literal=AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID --from-literal=AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -n monitoring
-```
-
-#### Install monitoring
-
-Before installing the monitoring tools, you will need to export the GRAFANA_ADMIN_PASSWORD environment variable. This will be used to set the Grafana admin password. Change the value accordingly:
-
-```
-export GRAFANA_ADMIN_PASSWORD='ABC123456'
-```
-
-Now install the loki-stack and kube-prometheus-stack helm charts:
-
-```
-make monitoring-up
-```
-
-If you want to store the logs in an S3 bucket, you will need to include the yaml values `k8s/_monitoring/loki-stack-values.yaml` file for the `helm install loki` command in the Makefile:
-
-```
-helm install loki grafana/loki-stack --values k8s/_monitoring/loki-stack-values.yaml --namespace monitoring --create-namespace
-```
-
-#### Connect to Grafana dashboard
-
-You can connect to Grafana through local port forwarding using the steps below. Alternatively, you can set up ingress to point to Grafana.
-
-```
-make monitoring-port-forward
-```
-
-And open http://localhost:8080 on your browser
-
-Login with admin / prom-operator that are the default values. To see these values, run
-
-```
-make monitoring-login
-```
-
-Login to Grafana. Hit the `Explore` button and this gets you to the place with existing data sources. Select the newly added Loki data source.
-
-You are also able to change the password for the Grafana admin user. To do this, run the following command:
-
-```
-kubectl exec --namespace monitoring -c grafana -it $(kubectl get pods --namespace monitoring -l "app.kubernetes.io/name=grafana" -o jsonpath="{.items[0].metadata.name}") -- grafana-cli admin reset-admin-password newpassword
-```
-
-By default, you are on the code view, and you can hit the 'label browser' option on the left side and make a selection based on a number of items - eg select namespace and the namespace that interests you. Hit the `Live` mode on the right side of the screen to see logs in real time - a good check that things are setup as expected!
-
-#### Create a dashboard
-
-There is a predefined django logs table dashboard that can be created with the following command:
-
-```
-make monitoring-dashboard
-```
diff --git a/template/docs/project-overview.md b/template/docs/project-overview.md
index bd549b1..4efad39 100644
--- a/template/docs/project-overview.md
+++ b/template/docs/project-overview.md
@@ -1,16 +1,16 @@
 # :telescope: Project Overview
 
-This project template provides a full-stack application scaffold with integrated deployment tooling. It's designed to quickly bootstrap new projects with a standardized architecture and best practices.
+This project template provides infrastructure-as-code for deploying production-ready Talos Linux Kubernetes clusters on AWS. It's designed to quickly bootstrap new Kubernetes clusters with a standardized, secure, and immutable infrastructure.
 
 ## Purpose
 
 The purpose of this template is to:
 
-1. Provide a consistent starting point for new projects
-2. Implement best practices for development, testing, and deployment
-3. Reduce setup time for new projects
+1. Provide a consistent starting point for new Kubernetes clusters
+2. Implement security best practices with immutable infrastructure (Talos Linux)
+3. Reduce cluster setup time from days to hours
 4. Ensure infrastructure is defined as code from the beginning
-5. Enable rapid iteration and deployment to various environments
+5. Enable deployment to multiple environments (sandbox, staging, production)
 
 ## Core Technologies
 
@@ -30,46 +30,43 @@ The purpose of this template is to:
 }%%
 flowchart LR
     subgraph Temp["Core Technologies"]
-        Frontend["Frontend
-        Next.js
-        TypeScript
-        Apollo Client
-        GraphQL
-        TailwindCSS
-        Vitest"]
-        
-        Backend["Backend
-        Django
-        GraphQL
-        Celery
-        Redis
-        PostgreSQL"]
-        
-        Infrastructure["Infrastructure
-        Kubernetes
-        Docker
-        ArgoCD
-        Terraform"]
-        
-        DevOps["DevOps
-        CI/CD
-        GitOps
-        Secrets Management"]
+        OS["Operating System
+        Talos Linux v1.12.1
+        Immutable
+        API-Driven
+        Kubernetes-Native"]
+
+        Infra["Infrastructure
+        Terraform/OpenTofu
+        AWS EC2
+        VPC Networking
+        Route53 DNS"]
+
+        K8s["Kubernetes
+        Control Plane
+        etcd
+        API Server
+        Scheduler"]
+
+        Tools["Tooling
+        talosctl
+        kubectl
+        Task Automation"]
     end
-    
+
     %% Style definitions - Gruvbox Dark theme
-    classDef frontend fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
-    classDef backend fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef os fill:#d79921,stroke:#b57614,stroke-width:2px,color:#282828,font-weight:bold
     classDef infra fill:#458588,stroke:#076678,stroke-width:2px,color:#282828,font-weight:bold
-    classDef devops fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
-    
+    classDef k8s fill:#689d6a,stroke:#427b58,stroke-width:2px,color:#282828,font-weight:bold
+    classDef tools fill:#cc241d,stroke:#9d0006,stroke-width:2px,color:#282828,font-weight:bold
+
     %% Apply styles
-    class Frontend frontend
-    class Backend backend
-    class Infrastructure infra
-    class DevOps devops
-    
-    %% Explicit styling for subgraph titles - works in both light and dark modes
+    class OS os
+    class Infra infra
+    class K8s k8s
+    class Tools tools
+
+    %% Explicit styling for subgraph titles
     style Temp fill:#282828,color:#fabd2f,font-weight:bold
 ```
 
@@ -77,31 +74,56 @@ flowchart LR
 
 The template follows these design principles:
 
-1. **Infrastructure as Code**: All infrastructure is defined in Terraform and Kubernetes manifests
-2. **GitOps**: Deployment is managed through Git using ArgoCD
-3. **Environment Parity**: Development, sandbox, staging, and production environments use the same configuration base
-4. **Containerization**: All application components run in containers
-5. **Microservices**: The application is structured as separate services (frontend, backend, workers)
-6. **API-First**: Backend exposes GraphQL API consumed by the frontend
-7. **Async Processing**: Long-running tasks are handled asynchronously with Celery
+1. **Infrastructure as Code**: All infrastructure defined in Terraform
+2. **Immutable Infrastructure**: Talos OS cannot be modified at runtime
+3. **Security First**: No SSH access, minimal attack surface, API-only management
+4. **Environment Parity**: Sandbox, staging, and production use identical base configuration
+5. **Declarative Configuration**: All cluster configuration managed via talosconfig files
+6. **API-Driven Operations**: All management operations via `talosctl` CLI
 
 ## How to Use This Template
 
-1. Create a new project using Copier with this template
-2. Fill in the required variables during setup
-3. Initialize the Git repository
-4. Start development with the included tooling
+1. Generate a new project using Copier with this template
+2. Fill in the required variables (project name, AWS region, domain, etc.)
+3. Configure AWS credentials
+4. Deploy infrastructure with Terraform
+5. Bootstrap Talos cluster with provided scripts
+6. Deploy your applications to the cluster
 
-For more details on the architecture, see the [Architecture Documentation](./architecture.md).
+For detailed instructions, see the [Deployment Documentation](./deployment.md).
 
 ## Key Features
 
-- Next.js frontend with TypeScript and GraphQL integration
-- Django backend with GraphQL API
-- Celery for background task processing
-- Kubernetes manifests for deployment
-- Terraform for infrastructure provisioning
-- CI/CD pipeline configuration
-- Comprehensive documentation
-- Development environment setup
-- Testing infrastructure
\ No newline at end of file
+- **Talos Linux v1.12.1** - Latest stable Talos OS with custom factory image
+- **AWS Infrastructure** - VPC, EC2 instances, security groups, load balancers
+- **Multi-Environment Support** - Sandbox, staging, and production configurations
+- **Terraform/OpenTofu** - Infrastructure provisioning and state management
+- **Custom Extensions** - ECR credential provider for AWS container registry
+- **High Availability** - Configurable number of control plane nodes
+- **Secure by Default** - API-only management, no SSH access
+- **DNS Integration** - Automatic Route53 configuration
+
+## What You Get
+
+After deployment, you'll have:
+
+- A fully functional Kubernetes cluster running on Talos Linux
+- EC2 instances configured as Kubernetes control plane nodes
+- VPC with proper networking and security groups
+- DNS records for cluster API access
+- `talosconfig` for cluster management
+- `kubeconfig` for kubectl access
+- Ready to deploy your workloads
+
+## What This Template Does NOT Include
+
+This is a **bare cluster template**. It does not include:
+
+- Application deployments
+- Database services
+- Message queues
+- Monitoring/logging solutions
+- CI/CD pipelines
+- Application load balancing
+
+You can deploy any of these on top of the cluster once it's running.
diff --git a/template/docs/qa.md b/template/docs/qa.md
deleted file mode 100644
index df3c397..0000000
--- a/template/docs/qa.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# :test_tube: How to test the application
-
-TODO: Document all the testing and QA processes.
diff --git a/template/docs/secrets.md b/template/docs/secrets.md
index 9c652ed..1f01489 100644
--- a/template/docs/secrets.md
+++ b/template/docs/secrets.md
@@ -1,36 +1,322 @@
-# :shushing_face: How to manage passwords and sensitive values
+# :shushing_face: How to Manage Cluster Credentials
 
-## Using SealedSecrets
+This document describes how to manage sensitive cluster credentials for your Talos Kubernetes cluster.
 
-SealedSecrets can be used to encrypt passwords for the values to be safely checked in.
-Creating a new secret involves encrypting the secret using kubeseal. [Installing kubeseal](https://github.com/bitnami-labs/sealed-secrets#kubeseal).
+## Cluster Credentials Overview
 
-Configure kubernetes to your current project config and context, making sure you are in the correct prod/sandbox environment
+The Talos cluster has two primary credential files:
 
-    $ export KUBECONFIG=~/.kube/config:~/.kube/{{ copier__project_slug }}.ec2.config
-    $ kubectl config use-context {{ copier__project_slug }}-environment
+1. **talosconfig** - Used by `talosctl` to manage the Talos operating system
+2. **kubeconfig** - Used by `kubectl` to interact with Kubernetes
 
-(replace environment with the actual environment name, e.g. `sandbox` or `production`)
+Both files contain TLS certificates and keys that provide administrative access to the cluster.
 
+## Automatic Storage in AWS Secrets Manager
 
-Add the secrets to your manifest using the secrets template file, and run kubeseal on the unencrypted values. The makefile target `sandbox-secrets` will replace the variables in `./k8s/templates/secrets.yaml.template` with the encoded variables from the environment, and copy the manifest with the encrypted values to `.k8s/overlays/sandbox/secrets.yaml`. The same can be done for the prod environment using the `prod-secrets` target
+During the bootstrap process (`task talos:bootstrap`), credentials are automatically stored in AWS Secrets Manager:
 
-    $ make sandbox-secrets
+### Secrets Created
 
-    $ make prod-secrets
+- **Talosconfig**: Stored as `${ENV}_talosconfig_yaml` (e.g., `sandbox_talosconfig_yaml`)
+- **Kubeconfig**: Stored as `${ENV}_kubeconfig_yaml` (e.g., `sandbox_kubeconfig_yaml`)
+- **Control Plane Config**: Stored as `${ENV}_controlplane_yaml`
 
-The `k8s/*/secrets.yaml` file can now be safely checked in. The passwords will be unencrypted by SealedSecrets in the cluster.
-When a secret is added/removed update the `k8s/templates` files, update the environment variables in .envrc and rerun the make commands.
+These secrets are base64-encoded before storage.
 
-The decrypted values can be retrieved running:
+## Retrieving Credentials
 
-    $ kubectl get secret secrets-config -n {{ copier__project_dash }} -o yaml > unsealed_secrets.yaml
+### From AWS Secrets Manager
 
-## Using .envrc file
+Retrieve credentials from AWS Secrets Manager using the AWS CLI:
 
-To ease managing your passwords and secrets you can store the values in 1Password.
-You will need to install and configure [1Password cli](https://developer.1password.com/docs/cli/get-started/)
+```bash
+# Retrieve talosconfig
+aws secretsmanager get-secret-value \
+  --secret-id sandbox_talosconfig_yaml \
+  --query SecretString --output text | base64 -d > talosconfig
 
-You can automatically source from the `.envrc` file using [direnv](https://direnv.net/docs/installation.html)
+# Retrieve kubeconfig
+aws secretsmanager get-secret-value \
+  --secret-id sandbox_kubeconfig_yaml \
+  --query SecretString --output text | base64 -d > kubeconfig
+```
 
-You can also manually export the variables to your environment using `source .envrc`
+### From Local Bootstrap Directory
+
+After running `task talos:bootstrap`, credentials are also stored locally:
+
+```bash
+bootstrap-cluster/sandbox/
+├── talosconfig       # Talos management credentials
+├── kubeconfig        # Kubernetes access credentials
+└── controlplane.yaml # Control plane configuration
+```
+
+## Using Credentials
+
+### Using talosctl
+
+Set the `TALOSCONFIG` environment variable:
+
+```bash
+export TALOSCONFIG=./bootstrap-cluster/sandbox/talosconfig
+
+# Check Talos version
+talosctl version --nodes <node-ip>
+
+# View cluster health
+talosctl health --nodes <node-ip>
+
+# List all services
+talosctl services --nodes <node-ip>
+```
+
+Or specify the config file explicitly:
+
+```bash
+talosctl --talosconfig ./talosconfig health
+```
+
+### Using kubectl
+
+Set the `KUBECONFIG` environment variable:
+
+```bash
+export KUBECONFIG=./bootstrap-cluster/sandbox/kubeconfig
+
+# Get cluster nodes
+kubectl get nodes
+
+# View all pods
+kubectl get pods -A
+
+# Check cluster info
+kubectl cluster-info
+```
+
+Or specify the config file explicitly:
+
+```bash
+kubectl --kubeconfig ./kubeconfig get nodes
+```
+
+## Credential Security Best Practices
+
+### 1. Never Commit Credentials to Git
+
+The `.gitignore` file already excludes these files:
+
+```gitignore
+talosconfig
+kubeconfig
+controlplane.yaml
+```
+
+Ensure these patterns remain in your `.gitignore`.
+
+### 2. Restrict File Permissions
+
+Limit credential file permissions:
+
+```bash
+chmod 600 talosconfig
+chmod 600 kubeconfig
+```
+
+### 3. Use Separate Credentials Per Environment
+
+Each environment (sandbox, staging, production) has its own credentials:
+
+```
+bootstrap-cluster/
+├── sandbox/
+│   ├── talosconfig
+│   └── kubeconfig
+├── staging/
+│   ├── talosconfig
+│   └── kubeconfig
+└── production/
+    ├── talosconfig
+    └── kubeconfig
+```
+
+Never reuse credentials across environments.
+
+### 4. Rotate Credentials Regularly
+
+Talos certificates have expiration dates. Monitor and rotate before expiry:
+
+```bash
+# Check certificate expiration
+talosctl config info
+
+# Rotate Kubernetes certificates (automatically handled by Talos)
+```
+
+### 5. Use IAM for AWS Secrets Manager Access
+
+Control who can retrieve credentials from AWS Secrets Manager using IAM policies:
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "secretsmanager:GetSecretValue"
+      ],
+      "Resource": "arn:aws:secretsmanager:region:account:secret:sandbox_*"
+    }
+  ]
+}
+```
+
+## Team Access Patterns
+
+### For New Team Members
+
+1. Ensure they have AWS CLI configured with appropriate IAM permissions
+2. Provide them with the environment name (e.g., "sandbox")
+3. They retrieve credentials from AWS Secrets Manager:
+
+```bash
+# Set environment
+export ENV=sandbox
+
+# Retrieve talosconfig
+aws secretsmanager get-secret-value \
+  --secret-id ${ENV}_talosconfig_yaml \
+  --query SecretString --output text | base64 -d > talosconfig
+
+# Retrieve kubeconfig
+aws secretsmanager get-secret-value \
+  --secret-id ${ENV}_kubeconfig_yaml \
+  --query SecretString --output text | base64 -d > kubeconfig
+
+# Set environment variables
+export TALOSCONFIG=$(pwd)/talosconfig
+export KUBECONFIG=$(pwd)/kubeconfig
+
+# Verify access
+talosctl version
+kubectl get nodes
+```
+
+### For CI/CD Pipelines
+
+CI/CD systems can retrieve credentials from AWS Secrets Manager using IAM roles:
+
+```bash
+# In GitHub Actions, GitLab CI, etc.
+export TALOSCONFIG=$(mktemp)
+export KUBECONFIG=$(mktemp)
+
+aws secretsmanager get-secret-value \
+  --secret-id ${ENV}_talosconfig_yaml \
+  --query SecretString --output text | base64 -d > $TALOSCONFIG
+
+aws secretsmanager get-secret-value \
+  --secret-id ${ENV}_kubeconfig_yaml \
+  --query SecretString --output text | base64 -d > $KUBECONFIG
+
+# Now run kubectl or talosctl commands
+kubectl apply -f manifests/
+```
+
+## Managing Application Secrets
+
+This template provides a **bare Kubernetes cluster** without application secret management.
+
+For application secrets, you can deploy one of the following solutions on your cluster:
+
+### Option 1: Sealed Secrets
+
+Encrypt secrets in Git using Sealed Secrets:
+
+```bash
+# Install Sealed Secrets controller
+kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.24.0/controller.yaml
+
+# Install kubeseal CLI
+# See: https://github.com/bitnami-labs/sealed-secrets#kubeseal
+
+# Create and seal a secret
+echo -n mypassword | kubectl create secret generic mysecret \
+  --dry-run=client --from-file=password=/dev/stdin -o yaml | \
+  kubeseal -o yaml > mysealedsecret.yaml
+
+# Commit sealed secret to Git
+git add mysealedsecret.yaml
+```
+
+### Option 2: External Secrets Operator
+
+Sync secrets from AWS Secrets Manager to Kubernetes:
+
+```bash
+# Install External Secrets Operator
+helm install external-secrets \
+  external-secrets/external-secrets \
+  -n external-secrets-system --create-namespace
+
+# Create ExternalSecret resource pointing to AWS Secrets Manager
+```
+
+### Option 3: HashiCorp Vault
+
+Use Vault for centralized secret management.
+
+## Updating Stored Credentials
+
+If you regenerate cluster credentials, update AWS Secrets Manager:
+
+```bash
+# Update talosconfig
+aws secretsmanager update-secret \
+  --secret-id ${ENV}_talosconfig_yaml \
+  --secret-string "$(base64 -w0 talosconfig)"
+
+# Update kubeconfig
+aws secretsmanager update-secret \
+  --secret-id ${ENV}_kubeconfig_yaml \
+  --secret-string "$(base64 -w0 kubeconfig)"
+```
+
+## Troubleshooting
+
+### "AccessDenied" when retrieving from Secrets Manager
+
+Check your IAM permissions:
+
+```bash
+aws iam get-user
+aws sts get-caller-identity
+```
+
+Verify the secret exists:
+
+```bash
+aws secretsmanager list-secrets | grep ${ENV}
+```
+
+### "certificate has expired" error
+
+Talos automatically rotates certificates. If you encounter expiry issues:
+
+```bash
+# Regenerate kubeconfig
+talosctl kubeconfig --force
+```
+
+### Lost credentials
+
+If you lose local credentials but they're in AWS Secrets Manager, retrieve them as shown above.
+
+If credentials are completely lost, you may need to bootstrap a new control plane, which requires cluster recreation.
+
+## References
+
+- [Talos Security Documentation](https://www.talos.dev/docs/security/)
+- [AWS Secrets Manager Documentation](https://docs.aws.amazon.com/secretsmanager/)
+- [Kubernetes Secret Management](https://kubernetes.io/docs/concepts/configuration/secret/)
diff --git a/template/docs/sentry.md b/template/docs/sentry.md
deleted file mode 100644
index 56e676a..0000000
--- a/template/docs/sentry.md
+++ /dev/null
@@ -1,51 +0,0 @@
-## Detailed steps for creating and configuring a project in Sentry
-
-### Create the Project in Sentry
-
-1. Log in to sentry.io and click the Create Project button
-2. Choose Django
-3. Name the Project with client-backend naming convention (ex. {{ copier__project_dash }}-backend)
-4. Assign a team (create a team, if needed, with the plus icon next to the team dropdown). Teams should be based around the people involved in a project or projects that need to know about errors, not just the client.
-5. Click the Create Project button
-6. Repeat the above steps with the following changes:
-7. Choose Next.js
-8. Name the Project with client-frontend naming convention (ex. {{ copier__project_dash }}-frontend)
-9. Assign a team (create a team, if needed, with the plus icon next to the team dropdown). Teams should be based around the people involved in a project or projects that need to know about errors, not just the client.
-10. Click the Create Project button
-
-### Configure Slack Notifications
-
-1. Click on Setting on the sidebar
-2. Click on Projects on the secondary sidebar that is revealed
-3. Click on the Project created in the previous section
-4. Click on Alerts on the new secondary sidebar
-5. Edit the existing rule or Add a new rule if there is not one already
-6. Use “Send a notification for new issues” for the Rule Name
-7. Choose “An issue is first seen” for the Conditions
-8. Leave “All Environments”
-9. Delete the “Send a notification (for all legacy integrations)” Action, if it exists, to disable sending emails
-10. Add an Action and choose “Send a notification to the Slack workspace” option from the menu and fill in the appropriate `#channel` name
-
-### Add Team Members
-1. Click Settings on the sidebar
-2. Click Teams on the secondary sidebar that is revealed
-3. Click on the Team assigned to the Project you just created
-4. Click Add Member to add additional team members as needed for the project
-
-### Add code to Django
-
-By default this is in the base config. Make sure the following is to your preferences in all logical locations in the `backend/config/settings/{environment}.py` files:
-
-```
-    import sentry_sdk
-    ...
-    sentry_sdk.init(
-        dsn=env.str("SENTRY_DSN_BACKEND", default=""),
-        environment=env.str("ENVIRONMENT", default="production"),
-        release=env.str("RELEASE", default="dev"),
-    )
-```
-
-Update `k8s/base/app.configmap.yaml` `SENTRY_DSN_BACKEND`, `VITE_SENTRY_DSN_FRONTEND` with the DSNs provided for the relevant Sentry projects. 
-
-You can find them in Sentry by clicking Settings on the sidebar, then Projects on the secondary sidebar, then the project, then Client Keys (DSN)
diff --git a/template/flake.nix b/template/flake.nix
index ac0a177..1b890ae 100644
--- a/template/flake.nix
+++ b/template/flake.nix
@@ -29,7 +29,6 @@
               pip
             ]))
             awscli2
-            argocd
             bashInteractive
             copier
             coreutils
diff --git a/template/frontend/.dockerignore b/template/frontend/.dockerignore
deleted file mode 100644
index 603d148..0000000
--- a/template/frontend/.dockerignore
+++ /dev/null
@@ -1,11 +0,0 @@
-# Items that don't need to be in a Docker image.
-# Anything not used by the build system should go here.
-Dockerfile
-.dockerignore
-.gitignore
-README.md
-
-# Artifacts that will be built during image creation.
-# This should contain all files created during `npm run build`.
-*/build
-*/node_modules
diff --git a/template/frontend/.env.local.example b/template/frontend/.env.local.example
deleted file mode 100644
index 69cba1a..0000000
--- a/template/frontend/.env.local.example
+++ /dev/null
@@ -1,3 +0,0 @@
-IS_PRE_PUSH_HOOKS_ENABLED=true
-NEXT_PUBLIC_GRAPHQL_ENDPOINT=http://localhost:8000/graphql/
-NEXT_GRAPHQL_ENDPOINT=http://backend:8000/graphql/
diff --git a/template/frontend/.gitignore b/template/frontend/.gitignore
deleted file mode 100644
index 4ce2256..0000000
--- a/template/frontend/.gitignore
+++ /dev/null
@@ -1,38 +0,0 @@
-# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
-
-# dependencies
-/node_modules
-/.pnp
-.pnp.js
-.yarn/install-state.gz
-
-# testing
-/coverage
-
-# next.js
-/.next/
-/out/
-
-# production
-/build
-
-# misc
-.DS_Store
-*.pem
-
-# debug
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-
-# local env files
-.env*.local
-.env
-
-# vercel
-.vercel
-
-# typescript
-*.tsbuildinfo
-next-env.d.ts
-!lib/
diff --git a/template/frontend/.husky/pre-push b/template/frontend/.husky/pre-push
deleted file mode 100644
index d3b14bc..0000000
--- a/template/frontend/.husky/pre-push
+++ /dev/null
@@ -1,9 +0,0 @@
-cd frontend
-if test -f ./.env.local; then
-  source ./.env.local
-  if [ "$IS_PRE_PUSH_HOOKS_ENABLED" = "true" ] || [ "$IS_PRE_PUSH_HOOKS_ENABLED" = "1" ]; then
-    npm run format-check
-    npm run lint-src
-    npm run typecheck
-  fi
-fi
diff --git a/template/frontend/.prettierignore b/template/frontend/.prettierignore
deleted file mode 100644
index be956f3..0000000
--- a/template/frontend/.prettierignore
+++ /dev/null
@@ -1,5 +0,0 @@
-node_modules
-.next
-out
-public
-__generated__
\ No newline at end of file
diff --git a/template/frontend/.prettierrc b/template/frontend/.prettierrc
deleted file mode 100644
index 8992f03..0000000
--- a/template/frontend/.prettierrc
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "arrowParens": "avoid",
-  "bracketSpacing": true,
-  "jsxSingleQuote": true,
-  "printWidth": 120,
-  "quoteProps": "as-needed",
-  "semi": false,
-  "singleQuote": true,
-  "tabWidth": 2,
-  "trailingComma": "none",
-  "plugins": ["prettier-plugin-tailwindcss"],
-  "tailwindFunctions": ["clsx"]
-}
diff --git a/template/frontend/Dockerfile b/template/frontend/Dockerfile
deleted file mode 100644
index 36f5764..0000000
--- a/template/frontend/Dockerfile
+++ /dev/null
@@ -1,17 +0,0 @@
-FROM node:lts AS base
-FROM base AS build
-
-WORKDIR /app
-COPY package*.json ./
-RUN npm install
-
-# copy node_modules from the build image
-FROM base
-
-WORKDIR /app
-RUN chown node:node /app
-COPY --from=build --chown=node:node /app/node_modules node_modules
-COPY --chown=node:node . /app
-USER node
-
-CMD ["npm", "run", "dev"]
diff --git a/template/frontend/README.md b/template/frontend/README.md
deleted file mode 100644
index 23a47c9..0000000
--- a/template/frontend/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).
-
-## Getting Started
-
-Running the development server:
-
-Tilt will automatically deploy a NextJS container for development, and it is recommended not to run NextJS locally.
-
-Update the .env.local.example file to .env.local
-Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
-
-You can start editing the page by modifying `pages/index.tsx`. The page auto-updates as you edit the file.
-
-This project uses [`next/font`](https://nextjs.org/docs/basic-features/font-optimization) to automatically optimize and load Inter, a custom Google Font.
-This project uses GraphQL for the backend, and Apollo Client for the frontend. The Apollo Client is set up in the `lib/apolloClient.ts` file.
-
-## Environment Variables
-
-| Variable Name                | Explanation                                                |
-| ---------------------------- | ---------------------------------------------------------- | --- |
-| IS_PRE_PUSH_HOOKS_ENABLED    | Controls husky pre-push hooks for frontend folder          |     |
-| NEXT_PUBLIC_GRAPHQL_ENDPOINT | The public graphql endpoint url                            |
-| NEXT_GRAPHQL_ENDPOINT        | The graphql endpoint url to be used for serverside queries |     |
-
-## Suggested Tools
-
-[Apollo Client Devtools](https://chromewebstore.google.com/detail/apollo-client-devtools/jdkknkkbebbapilgoeccciglkfbmbnfm)
-[GraphQL Network Inspector](https://chromewebstore.google.com/detail/graphql-network-inspector/ndlbedplllcgconngcnfmkadhokfaaln)
-
-## Learn More
-
-To learn more about Next.js, take a look at the following resources:
-
-- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
-- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
-
-You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!
-
-Check out the official [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.
diff --git a/template/frontend/__generated__/fragment-masking.ts b/template/frontend/__generated__/fragment-masking.ts
deleted file mode 100644
index aca71b1..0000000
--- a/template/frontend/__generated__/fragment-masking.ts
+++ /dev/null
@@ -1,87 +0,0 @@
-/* eslint-disable */
-import { ResultOf, DocumentTypeDecoration, TypedDocumentNode } from '@graphql-typed-document-node/core';
-import { FragmentDefinitionNode } from 'graphql';
-import { Incremental } from './graphql';
-
-
-export type FragmentType<TDocumentType extends DocumentTypeDecoration<any, any>> = TDocumentType extends DocumentTypeDecoration<
-  infer TType,
-  any
->
-  ? [TType] extends [{ ' $fragmentName'?: infer TKey }]
-    ? TKey extends string
-      ? { ' $fragmentRefs'?: { [key in TKey]: TType } }
-      : never
-    : never
-  : never;
-
-// return non-nullable if `fragmentType` is non-nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: FragmentType<DocumentTypeDecoration<TType, any>>
-): TType;
-// return nullable if `fragmentType` is undefined
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: FragmentType<DocumentTypeDecoration<TType, any>> | undefined
-): TType | undefined;
-// return nullable if `fragmentType` is nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: FragmentType<DocumentTypeDecoration<TType, any>> | null
-): TType | null;
-// return nullable if `fragmentType` is nullable or undefined
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: FragmentType<DocumentTypeDecoration<TType, any>> | null | undefined
-): TType | null | undefined;
-// return array of non-nullable if `fragmentType` is array of non-nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: Array<FragmentType<DocumentTypeDecoration<TType, any>>>
-): Array<TType>;
-// return array of nullable if `fragmentType` is array of nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: Array<FragmentType<DocumentTypeDecoration<TType, any>>> | null | undefined
-): Array<TType> | null | undefined;
-// return readonly array of non-nullable if `fragmentType` is array of non-nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: ReadonlyArray<FragmentType<DocumentTypeDecoration<TType, any>>>
-): ReadonlyArray<TType>;
-// return readonly array of nullable if `fragmentType` is array of nullable
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: ReadonlyArray<FragmentType<DocumentTypeDecoration<TType, any>>> | null | undefined
-): ReadonlyArray<TType> | null | undefined;
-export function useFragment<TType>(
-  _documentNode: DocumentTypeDecoration<TType, any>,
-  fragmentType: FragmentType<DocumentTypeDecoration<TType, any>> | Array<FragmentType<DocumentTypeDecoration<TType, any>>> | ReadonlyArray<FragmentType<DocumentTypeDecoration<TType, any>>> | null | undefined
-): TType | Array<TType> | ReadonlyArray<TType> | null | undefined {
-  return fragmentType as any;
-}
-
-
-export function makeFragmentData<
-  F extends DocumentTypeDecoration<any, any>,
-  FT extends ResultOf<F>
->(data: FT, _fragment: F): FragmentType<F> {
-  return data as FragmentType<F>;
-}
-export function isFragmentReady<TQuery, TFrag>(
-  queryNode: DocumentTypeDecoration<TQuery, any>,
-  fragmentNode: TypedDocumentNode<TFrag>,
-  data: FragmentType<TypedDocumentNode<Incremental<TFrag>, any>> | null | undefined
-): data is FragmentType<typeof fragmentNode> {
-  const deferredFields = (queryNode as { __meta__?: { deferredFields: Record<string, (keyof TFrag)[]> } }).__meta__
-    ?.deferredFields;
-
-  if (!deferredFields) return true;
-
-  const fragDef = fragmentNode.definitions[0] as FragmentDefinitionNode | undefined;
-  const fragName = fragDef?.name?.value;
-
-  const fields = (fragName && deferredFields[fragName]) || [];
-  return fields.length > 0 && fields.every(field => data && field in data);
-}
diff --git a/template/frontend/__generated__/gql.ts b/template/frontend/__generated__/gql.ts
deleted file mode 100644
index dbd15e5..0000000
--- a/template/frontend/__generated__/gql.ts
+++ /dev/null
@@ -1,42 +0,0 @@
-/* eslint-disable */
-import * as types from './graphql';
-import { TypedDocumentNode as DocumentNode } from '@graphql-typed-document-node/core';
-
-/**
- * Map of all GraphQL operations in the project.
- *
- * This map has several performance disadvantages:
- * 1. It is not tree-shakeable, so it will include all operations in the project.
- * 2. It is not minifiable, so the string of a GraphQL query will be multiple times inside the bundle.
- * 3. It does not support dead code elimination, so it will add unused operations.
- *
- * Therefore it is highly recommended to use the babel or swc plugin for production.
- */
-const documents = {
-    "\n  query Me {\n    me {\n      id\n      name\n    }\n  }\n": types.MeDocument,
-};
-
-/**
- * The gql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
- *
- *
- * @example
- * ```ts
- * const query = gql(`query GetUser($id: ID!) { user(id: $id) { name } }`);
- * ```
- *
- * The query argument is unknown!
- * Please regenerate the types.
- */
-export function gql(source: string): unknown;
-
-/**
- * The gql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
- */
-export function gql(source: "\n  query Me {\n    me {\n      id\n      name\n    }\n  }\n"): (typeof documents)["\n  query Me {\n    me {\n      id\n      name\n    }\n  }\n"];
-
-export function gql(source: string) {
-  return (documents as any)[source] ?? {};
-}
-
-export type DocumentType<TDocumentNode extends DocumentNode<any, any>> = TDocumentNode extends DocumentNode<  infer TType,  any>  ? TType  : never;
\ No newline at end of file
diff --git a/template/frontend/__generated__/graphql.ts b/template/frontend/__generated__/graphql.ts
deleted file mode 100644
index e0691ff..0000000
--- a/template/frontend/__generated__/graphql.ts
+++ /dev/null
@@ -1,110 +0,0 @@
-import { TypedDocumentNode as DocumentNode } from '@graphql-typed-document-node/core';
-export type Maybe<T> = T | null;
-export type InputMaybe<T> = Maybe<T>;
-export type Exact<T extends { [key: string]: unknown }> = { [K in keyof T]: T[K] };
-export type MakeOptional<T, K extends keyof T> = Omit<T, K> & { [SubKey in K]?: Maybe<T[SubKey]> };
-export type MakeMaybe<T, K extends keyof T> = Omit<T, K> & { [SubKey in K]: Maybe<T[SubKey]> };
-export type MakeEmpty<T extends { [key: string]: unknown }, K extends keyof T> = { [_ in K]?: never };
-export type Incremental<T> = T | { [P in keyof T]?: P extends ' $fragmentName' | '__typename' ? T[P] : never };
-/** All built-in and custom scalars, mapped to their actual values */
-export type Scalars = {
-  ID: { input: string; output: string; }
-  String: { input: string; output: string; }
-  Boolean: { input: boolean; output: boolean; }
-  Int: { input: number; output: number; }
-  Float: { input: number; output: number; }
-};
-
-export type OperationInfo = {
-  __typename?: 'OperationInfo';
-  /** List of messages returned by the operation. */
-  messages: Array<OperationMessage>;
-};
-
-export type OperationMessage = {
-  __typename?: 'OperationMessage';
-  /** The error code, or `null` if no error code was set. */
-  code?: Maybe<Scalars['String']['output']>;
-  /** The field that caused the error, or `null` if it isn't associated with any particular field. */
-  field?: Maybe<Scalars['String']['output']>;
-  /** The kind of this message. */
-  kind: OperationMessageKind;
-  /** The error message. */
-  message: Scalars['String']['output'];
-};
-
-export enum OperationMessageKind {
-  Error = 'ERROR',
-  Info = 'INFO',
-  Permission = 'PERMISSION',
-  Validation = 'VALIDATION',
-  Warning = 'WARNING'
-}
-
-export type RegisterPayload = OperationInfo | UserType;
-
-export type UpdateUserPayload = OperationInfo | UserType;
-
-export type UserMutation = {
-  __typename?: 'UserMutation';
-  login: UserType;
-  logout: Scalars['Boolean']['output'];
-  register: RegisterPayload;
-  updateUser: UpdateUserPayload;
-};
-
-
-export type UserMutationLoginArgs = {
-  password: Scalars['String']['input'];
-  username: Scalars['String']['input'];
-};
-
-
-export type UserMutationRegisterArgs = {
-  input: UserRegistrationInput;
-};
-
-
-export type UserMutationUpdateUserArgs = {
-  input: UserPartialUpdateInput;
-};
-
-/** User(id, password, last_login, is_superuser, username, first_name, last_name, email, is_staff, is_active, date_joined, name) */
-export type UserPartialUpdateInput = {
-  id?: InputMaybe<Scalars['ID']['input']>;
-  name?: InputMaybe<Scalars['String']['input']>;
-};
-
-export type UserQuery = {
-  __typename?: 'UserQuery';
-  me: UserType;
-};
-
-/** User(id, password, last_login, is_superuser, username, first_name, last_name, email, is_staff, is_active, date_joined, name) */
-export type UserRegistrationInput = {
-  password: Scalars['String']['input'];
-  /** Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. */
-  username: Scalars['String']['input'];
-};
-
-/** User(id, password, last_login, is_superuser, username, first_name, last_name, email, is_staff, is_active, date_joined, name) */
-export type UserType = {
-  __typename?: 'UserType';
-  email: Scalars['String']['output'];
-  id: Scalars['ID']['output'];
-  /** Designates whether this user should be treated as active. Unselect this instead of deleting accounts. */
-  isActive: Scalars['Boolean']['output'];
-  /** Designates whether the user can log into this admin site. */
-  isStaff: Scalars['Boolean']['output'];
-  name: Scalars['String']['output'];
-  /** Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. */
-  username: Scalars['String']['output'];
-};
-
-export type MeQueryVariables = Exact<{ [key: string]: never; }>;
-
-
-export type MeQuery = { __typename?: 'UserQuery', me: { __typename?: 'UserType', id: string, name: string } };
-
-
-export const MeDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"Me"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"me"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}}]}}]} as unknown as DocumentNode<MeQuery, MeQueryVariables>;
diff --git a/template/frontend/__generated__/index.ts b/template/frontend/__generated__/index.ts
deleted file mode 100644
index f515991..0000000
--- a/template/frontend/__generated__/index.ts
+++ /dev/null
@@ -1,2 +0,0 @@
-export * from "./fragment-masking";
-export * from "./gql";
\ No newline at end of file
diff --git a/template/frontend/__tests__/about.test.tsx b/template/frontend/__tests__/about.test.tsx
deleted file mode 100644
index 911d864..0000000
--- a/template/frontend/__tests__/about.test.tsx
+++ /dev/null
@@ -1,25 +0,0 @@
-import { expect, test } from 'vitest'
-
-import { GET_ME } from '@/pages'
-import { render, screen } from '@/utils/test-utils'
-
-import AboutPage from '../pages/about'
-
-const mocks = [
-  {
-    request: {
-      query: GET_ME
-    },
-    result: {
-      data: {
-        me: { id: '1', name: 'John Doe' }
-      }
-    }
-  }
-]
-
-test('AboutPage', async () => {
-  render(<AboutPage />, { mocks })
-  expect(await screen.findByRole('heading', { level: 1, name: 'About Page' })).toBeInTheDocument()
-  expect(await screen.findByText('John Doe')).toBeInTheDocument()
-})
diff --git a/template/frontend/codegen.ts b/template/frontend/codegen.ts
deleted file mode 100644
index 431d76b..0000000
--- a/template/frontend/codegen.ts
+++ /dev/null
@@ -1,19 +0,0 @@
-import { CodegenConfig } from '@graphql-codegen/cli'
-
-const config: CodegenConfig = {
-  schema: 'http://localhost:8000/graphql/',
-  // this assumes that all your source files are in a top-level `src/` directory - you might need to adjust this to your file structure
-  documents: ['./**/*.{ts,tsx}'],
-  generates: {
-    './__generated__/': {
-      preset: 'client',
-      plugins: [],
-      presetConfig: {
-        gqlTagName: 'gql'
-      }
-    }
-  },
-  ignoreNoDocuments: true
-}
-
-export default config
diff --git a/template/frontend/components/ErrorBoundary.tsx b/template/frontend/components/ErrorBoundary.tsx
deleted file mode 100644
index 8a8aca0..0000000
--- a/template/frontend/components/ErrorBoundary.tsx
+++ /dev/null
@@ -1,48 +0,0 @@
-import { Component, ErrorInfo, ReactNode } from 'react'
-
-interface Props {
-  children: ReactNode
-}
-
-interface State {
-  hasError: boolean
-  error: Error | null
-  errorInfo: ErrorInfo | null
-}
-
-class ErrorBoundary extends Component<Props, State> {
-  constructor(props: Props) {
-    super(props)
-    this.state = { hasError: false, error: null, errorInfo: null }
-  }
-
-  static getDerivedStateFromError(error: Error): State {
-    // Update state so the next render will show the fallback UI.
-    return { hasError: true, error, errorInfo: null }
-  }
-
-  componentDidCatch(error: Error, errorInfo: ErrorInfo) {
-    // You can also log the error to an error reporting service
-    this.setState({ error, errorInfo })
-    console.error('ErrorBoundary caught an error', error, errorInfo)
-  }
-
-  render() {
-    if (this.state.hasError) {
-      return (
-        <div>
-          <h1>Something went wrong.</h1>
-          <details className='whitespace-nowrap'>
-            {this.state.error && this.state.error.toString()}
-            <br />
-            {this.state.errorInfo?.componentStack}
-          </details>
-        </div>
-      )
-    }
-
-    return this.props.children
-  }
-}
-
-export default ErrorBoundary
diff --git a/template/frontend/components/Footer.tsx b/template/frontend/components/Footer.tsx
deleted file mode 100644
index a1f2728..0000000
--- a/template/frontend/components/Footer.tsx
+++ /dev/null
@@ -1,24 +0,0 @@
-import Link from 'next/link'
-
-const Footer = () => {
-  return (
-    <footer className='bg-gray-800 py-8 text-white'>
-      <div className='container mx-auto px-4'>
-        <div className='flex items-center justify-between'>
-          <div>
-            <h3 className='text-lg font-bold'>{{ copier__project_name }}</h3>
-            <p className='text-sm'>
-              &copy; {new Date().getFullYear()} {{ copier__project_name }}. All rights reserved.
-            </p>
-          </div>
-          <div className='space-x-4'>
-            <Link href='/'>Home</Link>
-            <Link href='/about'>About</Link>
-          </div>
-        </div>
-      </div>
-    </footer>
-  )
-}
-
-export default Footer
diff --git a/template/frontend/components/Layout.tsx b/template/frontend/components/Layout.tsx
deleted file mode 100644
index 8cc6b34..0000000
--- a/template/frontend/components/Layout.tsx
+++ /dev/null
@@ -1,19 +0,0 @@
-import { Inter } from 'next/font/google'
-import { ReactNode } from 'react'
-
-import Footer from './Footer'
-import NavBar from './NavBar'
-
-const inter = Inter({ subsets: ['latin'] })
-
-const Layout = ({ children }: { children: ReactNode }) => {
-  return (
-    <div className={`${inter.className}`}>
-      <NavBar />
-      <main className={`container mx-auto min-h-48 ${inter.className}`}>{children}</main>
-      <Footer />
-    </div>
-  )
-}
-
-export default Layout
diff --git a/template/frontend/components/NavBar.tsx b/template/frontend/components/NavBar.tsx
deleted file mode 100644
index 12a3ce8..0000000
--- a/template/frontend/components/NavBar.tsx
+++ /dev/null
@@ -1,17 +0,0 @@
-import Link from 'next/link'
-
-const NavBar = () => {
-  return (
-    <nav className='bg-gray-800 p-4'>
-      <div className='container mx-auto'>
-        <div className='flex items-center gap-4 text-lg font-bold text-white'>
-          <span className='text-xl'>SCAF</span>
-          <Link href='/'>Home</Link>
-          <Link href='/about'>About</Link>
-        </div>
-      </div>
-    </nav>
-  )
-}
-
-export default NavBar
diff --git a/template/frontend/dependencies-dev-init.txt b/template/frontend/dependencies-dev-init.txt
deleted file mode 100644
index 3880bc0..0000000
--- a/template/frontend/dependencies-dev-init.txt
+++ /dev/null
@@ -1,26 +0,0 @@
-@eslint/eslintrc
-@graphql-codegen/cli
-@graphql-codegen/client-preset
-@graphql-typed-document-node/core
-@tailwindcss/postcss
-@testing-library/dom
-@testing-library/react
-@types/lodash
-@types/react
-@types/react-dom
-@vitejs/plugin-react
-eslint
-eslint-config-next
-eslint-plugin-import
-eslint-plugin-jsx-a11y
-eslint-plugin-react
-eslint-plugin-react-hooks
-graphql
-husky
-jsdom
-prettier
-prettier-plugin-tailwindcss
-tailwindcss
-typescript
-typescript-eslint
-vitest
diff --git a/template/frontend/dependencies-init.txt b/template/frontend/dependencies-init.txt
deleted file mode 100644
index 1c24b03..0000000
--- a/template/frontend/dependencies-init.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-@apollo/client@3.14
-@testing-library/jest-dom
-@testing-library/user-event
-@typescript-eslint/eslint-plugin
-clsx
-deepmerge
-eslint-plugin-unused-imports
-lodash
-next
-react
-react-dom
diff --git a/template/frontend/eslint.config.mjs b/template/frontend/eslint.config.mjs
deleted file mode 100644
index d0f6bc1..0000000
--- a/template/frontend/eslint.config.mjs
+++ /dev/null
@@ -1,112 +0,0 @@
-import path from 'node:path'
-import { fileURLToPath } from 'node:url'
-import tseslint from 'typescript-eslint'
-import nextCoreWebVitals from 'eslint-config-next/core-web-vitals'
-import jsxA11y from 'eslint-plugin-jsx-a11y'
-import unusedImports from 'eslint-plugin-unused-imports'
-
-const __filename = fileURLToPath(import.meta.url)
-const __dirname = path.dirname(__filename)
-
-import globals from 'globals'
-export default [
-  ...tseslint.configs.recommended,
-  // Next.js recommended + core web vitals (flat)
-  ...nextCoreWebVitals,
-  // Ignores for build outputs and non-source files
-  {
-    ignores: [
-      'node_modules/**',
-      '.next/**',
-      'out/**',
-      'dist/**',
-      'eslint.config.mjs'
-    ]
-  },
-  // Project-specific rules and additional plugins
-  {
-    plugins: {
-      'unused-imports': unusedImports
-    },
-    settings: {
-      react: { version: 'detect' }
-    },
-    rules: {
-      'react/jsx-curly-brace-presence': 'error',
-      'unused-imports/no-unused-imports': 'error',
-      'unused-imports/no-unused-vars': [
-        'warn',
-        {
-          vars: 'all',
-          varsIgnorePattern: '^_',
-          args: 'after-used',
-          argsIgnorePattern: '^_'
-        }
-      ],
-      'import/order': [
-        'error',
-        {
-          alphabetize: { caseInsensitive: true, order: 'asc' },
-          groups: ['external', 'builtin', 'internal', 'parent', 'sibling', 'index'],
-          'newlines-between': 'always'
-        }
-      ],
-      'object-shorthand': ['error', 'properties'],
-      'react/jsx-no-useless-fragment': 'error',
-      'require-await': 'error',
-      'no-restricted-imports': [
-        'error',
-        {
-          paths: [
-            { name: '@apollo/client', importNames: ['gql'], message: 'Use the @/__generated__/gql to get proper typings!' },
-            { name: '@apollo/client/core', importNames: ['gql'], message: 'Use the @/__generated__/gql to get proper typings!' },
-            { name: '@testing-library/react', importNames: ['*'], message: 'Use the imports from test-utils instead!' }
-          ]
-        }
-      ]
-    }
-  },
-
-  // TypeScript-specific settings and rules
-  {
-    files: ['**/*.ts', '**/*.tsx'],
-    languageOptions: {
-      parser: tseslint.parser,
-      parserOptions: {
-        project: ['./tsconfig.json'],
-        tsconfigRootDir: __dirname
-      }
-    },
-    plugins: {
-      '@typescript-eslint': tseslint.plugin
-    },
-    rules: {
-      '@typescript-eslint/no-unused-vars': 'off',
-      '@typescript-eslint/no-unnecessary-condition': 'error',
-      '@typescript-eslint/triple-slash-reference': 'off'
-    }
-  },
-  // Node overrides for common config files
-  {
-    files: [
-      '*.config.{js,mjs,ts}'
-    ],
-    languageOptions: {
-      globals: globals.node,
-      sourceType: 'module'
-    },
-    rules: {
-      'import/no-extraneous-dependencies': ['error', { devDependencies: true }]
-    }
-  },
-  {
-    files: ['*.config.cjs'],
-    languageOptions: {
-      globals: globals.node,
-      sourceType: 'commonjs'
-    },
-    rules: {
-      'import/no-extraneous-dependencies': ['error', { devDependencies: true }]
-    }
-  }
-]
diff --git a/template/frontend/lib/apolloClient.ts b/template/frontend/lib/apolloClient.ts
deleted file mode 100644
index d6144e3..0000000
--- a/template/frontend/lib/apolloClient.ts
+++ /dev/null
@@ -1,82 +0,0 @@
-import { ApolloClient, HttpLink, InMemoryCache, NormalizedCacheObject, from } from '@apollo/client'
-import { setContext } from '@apollo/client/link/context'
-import { onError } from '@apollo/client/link/error'
-import merge from 'deepmerge'
-import isEqual from 'lodash/isEqual'
-import type { AppProps } from 'next/app'
-
-export const APOLLO_STATE_PROP_NAME = '__APOLLO_STATE__'
-
-let apolloClient: ApolloClient<NormalizedCacheObject> | undefined
-
-const errorLink = onError(({ graphQLErrors, networkError }) => {
-  if (graphQLErrors)
-    graphQLErrors.forEach(({ message, locations, path }) =>
-      console.log(`[GraphQL error]: Message: ${message}, Location: ${locations}, Path: ${path}`)
-    )
-  if (networkError) console.log(`[Network error]: ${networkError}`)
-})
-
-const httpLink = new HttpLink({
-  uri:
-    typeof window === 'undefined'
-      ? process.env.NEXT_GRAPHQL_ENDPOINT || 'http://backend:8000/graphql/'
-      : process.env.NEXT_PUBLIC_GRAPHQL_ENDPOINT || 'http://localhost:8000/graphql/',
-  credentials: 'include'
-})
-
-const authLink = setContext((_, { headers }) => {
-  const token = typeof window !== 'undefined' ? localStorage.getItem('token') : null
-  return {
-    headers: {
-      ...headers,
-      authorization: token ? `Bearer ${token}` : ''
-    }
-  }
-})
-
-function createApolloClient() {
-  return new ApolloClient({
-    ssrMode: typeof window === 'undefined',
-    link: from([errorLink, authLink, httpLink]),
-    cache: new InMemoryCache()
-  })
-}
-
-export function initializeApollo(initialState: NormalizedCacheObject | null = null) {
-  const _apolloClient = apolloClient ?? createApolloClient()
-  //  the initial state gets hydrated here
-  if (initialState) {
-    // Get existing cache, loaded during client side data fetching
-    const existingCache = _apolloClient.extract()
-
-    // Merge the initialState from getStaticProps/getServerSideProps
-    // in the existing cache
-    const data = merge(existingCache, initialState, {
-      // combine arrays using object equality (like in sets)
-      arrayMerge: (destinationArray, sourceArray) => [
-        ...sourceArray,
-        ...destinationArray.filter(d => sourceArray.every(s => !isEqual(d, s)))
-      ]
-    })
-    // Restore the cache with the merged data
-    _apolloClient.cache.restore(data)
-  }
-  // For SSR always create a new Apollo Client
-  if (typeof window === 'undefined') return _apolloClient
-  // Create the Apollo Client once in the client
-  if (!apolloClient) apolloClient = _apolloClient
-  return _apolloClient
-}
-
-export function addApolloState(client: typeof apolloClient, pageProps: AppProps['pageProps']) {
-  if (pageProps?.props) {
-    pageProps.props[APOLLO_STATE_PROP_NAME] = client?.cache.extract()
-  }
-  return pageProps
-}
-
-export function useApollo(pageProps: AppProps['pageProps']) {
-  const state = pageProps[APOLLO_STATE_PROP_NAME]
-  return initializeApollo(state)
-}
diff --git a/template/frontend/next.config.mjs b/template/frontend/next.config.mjs
deleted file mode 100644
index 4587f45..0000000
--- a/template/frontend/next.config.mjs
+++ /dev/null
@@ -1,13 +0,0 @@
-import path from 'node:path'
-import { fileURLToPath } from 'node:url'
-
-const __filename = fileURLToPath(import.meta.url)
-const __dirname = path.dirname(__filename)
-
-/** @type {import('next').NextConfig} */
-const nextConfig = {
-  reactStrictMode: true,
-  outputFileTracingRoot: path.join(__dirname, '..')
-}
-
-export default nextConfig
diff --git a/template/frontend/package.json b/template/frontend/package.json
deleted file mode 100644
index 4fab50e..0000000
--- a/template/frontend/package.json
+++ /dev/null
@@ -1,19 +0,0 @@
-{
-  "name": "{{ copier__project_name }}",
-  "version": "0.1.0",
-  "private": true,
-  "scripts": {
-    "dev": "next dev",
-    "build": "next build",
-    "start": "next start",
-    "lint-src": "eslint .",
-    "lint-fix": "eslint . --fix",
-    "format": "prettier --write .",
-    "format-check": "prettier --check .",
-    "test": "vitest --run",
-    "test-watch": "vitest",
-    "typecheck": "tsc --noEmit",
-    "prepare": "cd .. && husky frontend/.husky",
-    "codegen": "graphql-codegen"
-  }
-}
diff --git a/template/frontend/pages/404.tsx b/template/frontend/pages/404.tsx
deleted file mode 100644
index 054afad..0000000
--- a/template/frontend/pages/404.tsx
+++ /dev/null
@@ -1,8 +0,0 @@
-export default function Custom404() {
-  return (
-    <>
-      <h1>404 - Page Not Found</h1>
-      <p>Edit pages/404.tsx</p>
-    </>
-  )
-}
diff --git a/template/frontend/pages/500.tsx b/template/frontend/pages/500.tsx
deleted file mode 100644
index 79519a6..0000000
--- a/template/frontend/pages/500.tsx
+++ /dev/null
@@ -1,3 +0,0 @@
-export default function Custom500() {
-  return <h1>500 - Server-side error occurred</h1>
-}
diff --git a/template/frontend/pages/_app.tsx b/template/frontend/pages/_app.tsx
deleted file mode 100644
index c63bbcc..0000000
--- a/template/frontend/pages/_app.tsx
+++ /dev/null
@@ -1,21 +0,0 @@
-import { ApolloProvider } from '@apollo/client'
-import type { AppProps } from 'next/app'
-
-import ErrorBoundary from '@/components/ErrorBoundary'
-import Layout from '@/components/Layout'
-import '@/styles/globals.css'
-
-import { useApollo } from '../lib/apolloClient'
-
-export default function App({ Component, pageProps }: AppProps) {
-  const apolloClient = useApollo(pageProps)
-  return (
-    <ErrorBoundary>
-      <ApolloProvider client={apolloClient}>
-        <Layout>
-          <Component {...pageProps} />
-        </Layout>
-      </ApolloProvider>
-    </ErrorBoundary>
-  )
-}
diff --git a/template/frontend/pages/_document.tsx b/template/frontend/pages/_document.tsx
deleted file mode 100644
index ee65e53..0000000
--- a/template/frontend/pages/_document.tsx
+++ /dev/null
@@ -1,13 +0,0 @@
-import { Html, Head, Main, NextScript } from 'next/document'
-
-export default function Document() {
-  return (
-    <Html lang='en'>
-      <Head />
-      <body>
-        <Main />
-        <NextScript />
-      </body>
-    </Html>
-  )
-}
diff --git a/template/frontend/pages/about.tsx b/template/frontend/pages/about.tsx
deleted file mode 100644
index fd486fb..0000000
--- a/template/frontend/pages/about.tsx
+++ /dev/null
@@ -1,31 +0,0 @@
-import { useQuery } from '@apollo/client'
-
-import { addApolloState, initializeApollo } from '@/lib/apolloClient'
-
-import { GET_ME } from '.'
-
-export default function About() {
-  const { loading, error, data } = useQuery(GET_ME)
-
-  if (loading) return <p>Loading...</p>
-  return (
-    <>
-      <h1>About Page</h1>
-      <p>This page is using Server Side Rendering to fetch User Info</p>
-      {error ? <p>Error: {error.message}</p> : <p>{data?.me.name}</p>}{' '}
-    </>
-  )
-}
-export async function getServerSideProps() {
-  const apolloClient = initializeApollo()
-  try {
-    await apolloClient.query({
-      query: GET_ME
-    })
-  } catch (error) {
-    console.log('error', error)
-  }
-  return addApolloState(apolloClient, {
-    props: {}
-  })
-}
diff --git a/template/frontend/pages/api/hello.ts b/template/frontend/pages/api/hello.ts
deleted file mode 100644
index 9bafa6e..0000000
--- a/template/frontend/pages/api/hello.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
-import type { NextApiRequest, NextApiResponse } from 'next'
-
-type Data = {
-  name: string
-}
-
-export default function handler(req: NextApiRequest, res: NextApiResponse<Data>) {
-  res.status(200).json({ name: 'John Doe' })
-}
diff --git a/template/frontend/pages/index.tsx b/template/frontend/pages/index.tsx
deleted file mode 100644
index c8c0499..0000000
--- a/template/frontend/pages/index.tsx
+++ /dev/null
@@ -1,25 +0,0 @@
-import { useQuery } from '@apollo/client'
-
-import { gql } from '@/__generated__'
-
-export const GET_ME = gql(/* GraphQL */ `
-  query Me {
-    me {
-      id
-      name
-    }
-  }
-`)
-
-export default function Home() {
-  const { loading, error, data } = useQuery(GET_ME)
-
-  if (loading) return <p>Loading...</p>
-  return (
-    <>
-      <h1>Home Page</h1>
-      <p>This page using Client Side Rendering to fetch User Info</p>
-      {error ? <p>Error: {error.message}</p> : <p>{data?.me.name}</p>}
-    </>
-  )
-}
\ No newline at end of file
diff --git a/template/frontend/postcss.config.mjs b/template/frontend/postcss.config.mjs
deleted file mode 100644
index 92f98cd..0000000
--- a/template/frontend/postcss.config.mjs
+++ /dev/null
@@ -1,5 +0,0 @@
-const config = {
-  plugins: ["@tailwindcss/postcss"],
-};
-
-export default config;
\ No newline at end of file
diff --git a/template/frontend/public/favicon.ico b/template/frontend/public/favicon.ico
deleted file mode 100644
index 718d6fea4835ec2d246af9800eddb7ffb276240c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 25931
zcmeHv30#a{`}aL_*G&7qml|y<+KVaDM2m#dVr!KsA!#An?kSQM(q<_dDNCpjEux83
zLb9Z^XxbDl(w>%i@8hT6>)&Gu{h#Oeyszu?xtw#Zb1mO<?sK2}EE5RAKnxHU7lft+
zNRAPL3?T?25I&drAjl1ssi=G|D?(7bFsgtO(2o>{pgX9699l+Qppw7jXaYf~-84xW
z)w4x8?=youko|}Vr~(D$UX<xm7|19n6Hxvd5m6xx<*9a4%RmR{en}E&p$X-wy5A}T
zU0^dwXVA>IbiXABHh`p1?nn8Po~fxRJv}|0e(BPs|G`(TT%kKVJAdg5*Z|x0leQq0
zkdUBvb#>9F()jo|T~kx@OM8$9wzs~t2l;K=woNssA3l6|sx2r3+kdfVW@e^8e*E}v
zA1y5{bRi+3Z`uD3{F7LgFJDdvm;nJilkzDku>BwXH(8ItVCXk*-lSJnR?-2UN%<G)
zWdETe=&R39RaKR)udn|#TOgZ!e!yM=<=+`Uz{l^5UtkZ2fHDQ;UwMB}v%l$A-`~F-
z{Qr^x^CSUf63Sry{6y#+`<sMA?dPFvg)$lC_RkFRKnCi7&P<a6>hJ){&rlvg`CDTj
z)Bzo!3v7Ou#83zEDEFcKt(f1E0~=rqeEbTnMvWR#{+9pg%7G8y>u1OVRUSoox-ovF
z2Ydma(;=YuBY(eI|04{hXzZD6_f(v~H;C~y5=DhAC{MMS>2fm~1H_t2$56pc$NH8(
z5bH|<)71dV-_oCHIrzrT`2s-5w_+2CM0$95I6X8p^r!gHp+j_gd;9O<1~CEQQGS8)
zS9Qh3#p&JM-G8rHekNmKVewU;pJRcTAog68KYo^dRo}(M<!8cv(gkb9@A>>36U4Us
zfgYWSiHZL3;lpWT=<n~R&zm>zNAW>Dh#mB!_@Lg%$ms8N-;aPqMn+C2HqZgz&9~Eu
z4|Kp<`$q)Uw1R?y(~S>ePdonHxpV1#eSP1B;Ogo+-Pk}6#0GsZZ5!||ev2MGdh}_m
z{DeR7?0-1^zVs&`AV6<!ZvGbtU{7FdY&`9DeD(=q|M30$GCs(E?S0J1$e@G0#Z=wz
zl)*a>Vt;r3`I`OI_wgs*w=eO%_#7Kepl{B<UyBc9U%rn&@xFZ-e{%i>@xiyCANc(l
zzIyd4y|c6PXWq9-|KM8(zIk8LPk(>a)zyFWjhT!$HJ$qX1vo@d25W<<x-(q{Yn-pG
zKTz?fwGmh&&2-F3f57**)?Xk#p#S9h^DhK{VVKE&0KR^-_MMD9nf@pDACnmVll!kp
z3?Tha?LWW70P;AL{}cP~sW|?W|MbA09{7Kt2f!i(y>fvZQ2zUz5WRc(UnFMKHwe1|
zWmlB1qdbiA(C0jmnV<}GfbKtmcu^2*P^O?<jWWPHxu*D53Uq)j1!ZtH3Vi&#Nd^rV
zj`B>MBLZKt|As~ge8&AAO~2K@zbXelK|4T<{|y4`raF{=72kC2Kn(L4YyenWgrPiv
z@^mr$t{#X5VuIMeL!7Ab6_kG$&#&5p*Z{+?5U|TZ`B!7llpVmp@skYz&n^8QfPJzL
z0G6K_OJM9x+Wu2gfN45phANGt{7=C>i34CV{Xqlx(fWpeAoj^N0Biu`w+MVcCUyU*
zDZuzO0>4Z6fbu^T_arWW5n!E45vX8N=bxTVeFoep_G#VmNlQzAI_KTIc{6>c+04vr
zx@W}zE5JNSU>!THJ{J=cqjz+4{L4A{Ob9$ZJ*S1?Ggg3klFp!+Y1@K+pK1DqI|_gq
z5ZDXVpge8-cs!o|;K73#YXZ3AShj50wBvuq3NTOZ`M&qtjj#GOFfgExjg8Gn8>Vq5
z`85n+9|!iLCZF5$HJ$Iu($dm?8~-ofu}tEc+-pyke=3!im#6pk_Wo8IA|fJwD&~~F
zc16osQ)EBo58U7XDuMexaPRjU@h8tXe%S{fA0NH3vGJFhuyyO!Uyl2^&EOpX{9As0
zWj+P>{@}jxH)8|r;2HdupP!vie{sJ28b&bo!8`D^x}TE$%zXNb^X1p@0PJ86`dZyj
z%ce7*{^oo+6%&~I!8hQy-vQ7E)0t0ybH4l%KltWOo~8cO`T=157JqL(oq_rC%ea&4
z2NcTJe-HgFjNg-gZ$6!Y`SMHrlj}Etf7<Kk?_r;;``Uc^3+u}-v3@Q8<@$Nr`<F?K
z-%F>?r!zQTPPSv}{so2e>Fjs1{<qUF=hGRSFDG$<z3x<+@%{Vd%a`e+qodRP&D<om
zAEn>gzk~LGeesX%r(Lh6rbhSo_n)@@G-FTQy93;l#E)hgP@d_SGvyCp0~o(Y;Ee8{
zdVUDbHm5`2taPUOY^MAGOw*<R_VaVlPH<<CgYr!E->>=s7=Gst=D+p+2yON!0%Hk`
zz5mAhyT4lS*T3LS^WSxUy86q&GnoHxzQ6vm8)VS}_zuqG?+3td68_x;etQAdu@sc6
zQJ&5|4(I?~3d-QOAODHpZ=hlSg(lBZ!JZWCtHHSj`0Wh93-Uk)_S%zsJ~aD>{`A0~
z9{AG(e|q3g5B%wYKRxiL2Y$8(4w<boVrLOyLG9R$m+7N>6bzchKuloQW#e&S3n+P-
z8!ds-%f;TJ1>)v)##>gd{PdS2Oc3VaR`fr=`O8QIO(6(N!A?pr5C#6fc~Ge@N%Vvu
zaoAX2&(a6eWy_q&UwOhU)|P3J0Qc%OdhzW=F4D|pt0E4osw;%<%Dn58hAWD^XnZD=
z>9~H(3bmLtxpF?a7su6J7M*x1By7YSUbxGi)Ot0P77`}P<HJ;%@cvfCkvm6xcMjdY
zed_u6xK)F%|1Hy`)`e~K(f*MqTJ?92I+4lga{A5`-U@Cab35G6unNk<*dpB|Rtkp;
z?32o^yBlJsuA-^abQ~7;%<oa^k<DbKc{lOW2!yM#nEALvv)IhY7b|Wfg(UhtiurTM
zY-B6L26$JQo&Kt3nh3JTJ)garEgw^{uEM3__%b$U5{~+aMO*k)6R#grkER2`U6KS-
z=j1=QhCkuy%iiHWrqH8CeGNw*C?epTpl2Bo@ugUPKRFeiVHOpL7PHu-SAgX@qmTGH
z_%ePz1`io8XDfwLmip;Rn;1yo+3>3{)&5Un{KD?`-e?r21!4vTTnN(4Y6Lin?UkSM
z`MXCTC1@4A4~mvz%Rh2&EwY))LeoT=*`tMoqcEXI>TZU9WTP#l?uFv+@Dn~b(>xh2
z;>B?;Tz2SR&KVb>vGiBSB`@U7VIWFSo=LDSb9F{GF^DbmWAfpms8Sx9OX4CnBJca3
zlj9(x!dIjN?OG1X4l*imJNvRCk}F%!?SOfiOq5y^mZW)jFL@<gIi}tCXee1<sGV$i
z4r_`X#mEQbiDh!Efji0GjM9z-0bF}p0(*s(OzMJ|;K&OJBar<ARLp}T>a|r-@d#f7
z2gmU8L3IZq0ynIws=}~m^#@&C%J6QFo~Mo4V`>v7MI-_!EBMMtb%_M&kvAaN)@ZVw
z+`toz&WG#HkWDjnZE!6nk{e-oFdL^$YnbOCN}JC&{$#$O27@|Tn-skXr)2ml2~O!5
zX+gYoxhoc7qoU?C^3~&!U?kRFtnSEecWuH0B0OvLodgUAi}8p1<ZO0#U-k07ifx!>
zrO6RSXHH}D<I*>Mc$&|?D004<Y&c6)m74d`LOLU@ruR+Um4>DiOVMHV8kXCP@7NKB
zgaZq^^O<7PoKEp72kby@W0Z!Y*A<g|TlOeriuPP`vK2IntATvs?Iv|J14j&;NFSFo
zyJ+sca?G+8C%!b{Sq=6cJJqS>y{&vfg#C&gG@YVR9g?FEocMUi1gSN$+V+ayF45{a
zuDZDT<?u;)RfLQwg>N}mS|;BO%gEf}pjBfN2-gIrU#G5~cucA;dokXW89%>AyXJJI
z9X4Ul<x{xc_m~`mWBP0<g-{#wm}Vv~Ef3pKWC&N_<~88zSbEk;;+{DnJ9-u&Zc74s
zJ6TCQyl_^|5cY;wmDdrU@LTL-3v0H#Ui?8ICQV{imof1MHuM$`e*ux>IWA|ZYHgbI
z5?oFk@A=Ik7lrEQPDH!H+b`7_Y~aDb_qa=B2^Y&Ow41cU=4WDd40dp5(QS-WMN-=Y
z9g;6_-JdNU;|6cPwf$ak*aJIcwL@1n$#l~zi{c{EW?T;DaW*E8DYq?Umtz{nJ&w-M
zEMyT<MDk{HKbd#ckg5-pS_?QUVhZv?&Q-ioBS}$nvBd)nE7YO0deN~G(#zCJAbY$E
z!)g3Ytl=_NDUV%pykcE+Q<{EoZ_4FR@&#d<hqs%N>DrC&9K$d|kZe2#ws6)L=7K+{
zQw{XnV6UC$6-rW0emqm8wJoeZK)wJIcV?dST}Z;G0Arq{dVDu0&4kd%N!3F1*;*pW
zR&qUiFzK=@44#QGw7k1`3t_d8&*kBV->O##t|tonFc2YWrL7_eqg+=+k;!F-`^b8>
z#KWCE8%u4k@EprxqiV$VmmtiWxDLgnGu$Vs<8rppV5E<MCr+anDo)-{XRlCJ;D#M(
zT=3WgR02;Nm!54biUb^FtzPh8iGrf412epnki-k+G4mdkzC|lJqaRMbb0~Jjp-{}I
z5Do5afZi>ajBXL4nyyZM$SWVm!wnCj-B!Wjqj5-5dNXukI2$$|Bu3Lrw}z65Lc=1G
z^-#WuQOj$hwNGG?*CM_TO8Bg-1+qc>J7k5c51U8g?ZU5n?HYor;~JIjoWH-G>AoUP
ztrWWLbRNqIjW#RT*WqZgPJXU7C)VaW5}MiijYbABmzoru6EmQ*N8cVK7a3|aOB#O&
zBl8JY2WKfmj;h#Q!pN%9o@VNLv{OUL?rixHwOZuvX7{IJ{(EdPpuVFoQqIOa7gi<U
zTpbX&UCeYeNu>LVkBOKL@^smUA!tZ1CKRK}#SSM)iQHk)*R~?M!qkCruaS!#oIL1c
z<cK@1=jX>?J<BS8bpdt^R+}%A_DEhF^%o}8e!!lc`Y!qU>;U~&FfH#*98^G?i}pA{
z9Jg36t4=%6mhY(quYq*vSxptes9qy|7xSlH?G=S@>u>Ebe;|LVhs~@+06N<4CViBk
zUiY$thvX;>Tby6z9Y1e<Q<iIG*|o$r?OTFp`s)@_nHs4LeWbGvg7^}NK)>dAMQaiH
zm^r3v#$Q#2T=X>bsY#D%s!bhs^M9PMAcHbCc0FMHV{u-dwlL;a1eJ63v5U*?Q_8JO
zT#50!RD619#j_Uf))0ooADz~*9&lN!bBDRUgE>Vud-i5ck%vT=r^yD*^?Mp@Q^v+V
zG#-?gKlr}Eeqifb{|So?HM&g91<J5P5=Ly{?(NNY{6`O~L5r@sJe3rNZn06%SLk);
z9?hvE^Hr{!*G$<_doyzGn#*z*#}?)8dH=eYTgvc)T~}Jw!kCv68<+KL5{5?EXtDAZ
zWeNqp8%KIuBi&icn5s815Vho<+99VW1~m@L8l0=$c`t-L{q))~<!p*~vCdUcBcPz`
zyUi}!-k_`G{>P8|av8hQoCmQXkd?7wIJw<dY^{|7OQJUHKB~nksN_|Xy;DL?xjxU^
zbMa`WdfTBnr<wTd$mY&SgJ4U|X``k`#`gN@M+0x2W{YgC3kbLk<uYFJWglkx_)2#b
ztRiuA!EK9o)f`I2k)l;Of%E`ff91WlZh8yfRi6#N-mC`Ma(yr~U82SyAhc9B+ur!f
zP-3igg*KeYs9mGOAw@OaXYy9DnGjn0<m`JH&Q^h}^!h+uS9Ct*o-oEy(?iT6Yco>b
z_^v8bbg`<ZOL)a;i=IdfK0Zvw4nXsoC?eTOMpY)_ptiORm%J(1CD3dE0Z%Vy<2iHp
zcp>SAn{I*4bH$u(RZ6*x<DqKJ+5;a6Jq~=Y8V&c?Vsyq88!2nD?H?Eww58Mqt$7R8
z5BMjmKx>UhuA~hc=8czK8SHEKTzSxgbwi~9(OqJB&gwb^l4+m`k*Q;_?>Y-APi1{k
zAHQ)P)G)f|AyjSgcCFps)Fh6Bca*Xznq3<?y%xNvu0N78_R?~<RDFQx0ynlRG(E|j
zvEGN3bF<E_9p-I!UwQXFqcSGV#e^98tgFqLp+z9eP}y!jNA{)r*a+%M-_20xg?94<
zzmM{}syi0cd&P)zywMdS&Y_9k5JDtOM!L)b^2WP!+fHYGv>6!pV6Az&m{O8$wGFD?
zY&O*3*J0;_EqM#jh6^gMQKpXV?#1?>$ml1xvh8nSN>-?H=V;nJIwB07YX$e6vLxH(
zqYwQ>qxwR(i4f)DLd)-$P>T-no_c!LsN@)8`e;W@)-Hj0>nJ-}Kla4-ZdPJzI&Mce
zv)V_j;(3ERN3_@I$N<^|4Lf`B;8n+bX@bHbcZTopEmDI*Jfl)-pFDvo6svPRoo@(x
z);_{lY<;);XzT`dBFpRmGrr}z5u1=p<K1~3>C^<jVp}L(pzgMB_Vs-O?{Z?y$8M;)
zi@7zwpzV9#m72%En~(9@E)GWV^(~J*@^*K*TE0mynAnGJ5YSLCEnC42H-`tr4L=oW
zI}N{xQ$HT8Q6CVHf%RY&xw7!Zj(0xmg(K#UQ4u!ej95z7V4phlcTJ2&AR}$)zV-s!
zO7bqY6(=?1t+JCOW_z%HRE>S-{ce6iXQlLGcItwJ^mZx{m$&DA_oEZ)B{_bYPq-HA
zcH8WGoBG(aBU_j)vEy+_71T34@4dmSg!|M8Vf92Zj6WH7Q7t#OHQqWgFE3ARt+%!T
z?oLovLVlnf?2c7pTc)~cc^($_8nyKwsN`RA-23ed3sdj(ys%pjjM+9JrctL;dy8a(
z@en&CQmnV(()bu|Y%G1-4a(6x{aLytn$T-;(&{QIJB9vMox11U-1HpD@d(QkaJdEb
zG{)+6Dos_L+O3NpWo^=gR?evp|CqEG?L&Ut#D*KLaRFOgOEK(Kq1@!EGcTfo+%A&I
z=dLbB+d$u{sh?u)xP{PF8L%;YPPW53+@{>5W=Jt#wQpN;0_HYdw1{ksf_XhO4#2F=
zyPx6Lx2<92L-;L5PD`zn6zwIH`Jk(<gsVPionpJ-imI56$j4P0!br@ny3=!{x2TY^
zCD=)8_PgmN)E!^nczcDGc9Wm7oo5O3@fh=k=kh8J?_3KqEp7JHdv8z_iZ5#KmbiPt
z2Bt8Ro^p$7pS!xL3mtj<iN3f}#r6_&$Es0PnJTE?c;0#$%cGdu`T%~`gW;c^VD-S=
zrAatMf^%Lzr*wQ4kHSOb?WOUuEsJQ3xr{Imf1t{~iNmRwb_SP9!?FFN=b-E){!8P2
ztWCT~262O8`%?3<W4Wg+ovWY<re)?^kZ|Yi>$?Qw({erA$^bC;q33hv!d!>%wRhj#
zal^hk+WGNg;rJtb-EB(?czvOM=H7dl=vblBwAv>}%1@{}mnpUznfq1cE^sgsL0*4I
zJ##!*B?=vI_OEVis5o+_IwMIRrpQyT_Sq~ZU%oY7c5JMIADzpD!Upz9h@iWg_>>~j
zOLS;wp^i$-E?4<_cp?RiS%Rd?i;f*mOz=~(&3lo<=@(nR!_Rqiprh@weZlL!t#NCc
zO!QTcInq|%#>OVgobj{~ixEUec`E25zJ~*DofsQdzIa@5^nOXj2T;8O`l--(QyU<o
zeu8G~Z>^$t?TGY^7#&FQ+2SS3B#qK*k3`ye?8jUYSajE5iBbJls75CCc(m3dk{t?-
zopcER9{Z?TC)mk~gpi^kbbu>b-+a{m#8-y2^p$ka4n60w;Sc2}HMf<8JUvh<G@KZw
z+<GL!lpeahq2+nO{>CL0B&Btk)T`ctE$*qNW8L$`7!r^9T+>=<=2qaq-;ll2{`{Rg
zc5a0ZUI$oG&j-qVOuKa=*v4aY#IsoM+1|c4Z)<}lEDvy;5huB@1RJPquU2U*U-;gu
z=En2m+qjBzR#DEJDO`WU)hdd{Vj%^0V*KoyZ|5lzV87&g_j~NCjwv0uQVqXOb*QrQ
zy|Qn`hxx(58c<SELWpDAg~83oY-J_WoDiI6d7>70$E;L(X0uZZ72M1!6oeg)(cdKO
ze0gDaTz+ohR-#d)NbAH4x{I(21yjwvBQfmpLu$)|m{XolbgF!pmsqJ#D}(ylp6uC>
z{bqtcI#hT#HW=wl7>p!38sKsJ`r8}lt-q%Keqy%u(xk=yiIJiUw6|5IvkS+#?JTBl
z8H5(Q?l#wzazujH!8o>1xtn8#_w+397*<wp?Ryt$UFh41$qd}LyNJ7Oao(Aw2g|wy
zH_nZ+R#~EUME^#j4$@^5&>_cy8!pQGP%K(Ga3pAjsaTbbXJlQF_+m+-UpUUent@xM
zg%jqLUExj~o^vQ3Gl*>wh=_gOr2*|U64_iXb+-111a<qXXnUI&{l`dM&{4Gw)jZn;
zlj{VxW@#OcVE1Y%J*u^Z@H+XSqL6SwA|^jv2RU_+d;O!mk)dw7-m9B4{6*G1zRdR6
zQ}6v&Xt7R2h3Xp}EQk4nF2TULG{Ri=D|JC<a+K7dldN1}CY_f!vK#u}K3`g#TpO&W
z;!;64`0$d9raD!VbYP`kuFUasaMh!;&81y}LHS(SuGRxwEn4LZb4DS1j9iAq$MXd@
z(Ebka7_Gc(ljGaJqtI-OzmA@c@sYB$)Vg!RP4~``vaVyRq$rJXRjIPwtepN;(B%wy
zmU>H}$TjeajM+I20xw(((>fej-@CIz4S1pi$(#}P7`4({6QS2CaQS4NPENDp>sAqD
z$bH4KGzXGffkJ7R>V>)>tC)uax{UsN*dbeNC*v}#8Y#OWYwL4t$ePR?VTyIs!wea+
z5Urmc)X|^`MG~*dS6pGSbU+gPJoq*^a=_>$n4|P^w$sMBBy@f*Z^Jg6?n5?oId6f{
z$LW4M|4m502z0t7g<#Bx%X;9<=)smFolV&(V^(7Cv2-sxbxopQ!)*#ZRhTBpx1)Fc
zNm1T%bONzv6@#|dz(w02AH8OXe>kQ#1FMCzO}2J_mST)+ExmBr9cva-@?;wnmWMOk
z{3_~EX_xadgJGv&H@zK_8{(x84`}+c?oSBX*Ge3VdfTt&F}yCpFP?CpW+BE^cWY0^
zb&uBN!Ja3UzYHK-CTyA5=L<c0d<h!DNBIa<xax8W3(Ru8L0cVXQ18|Y^|*S%)R96z
zBT$(=zQ}2vmt6LzN~Oyf_Y92%P@QOx{7~}5!UIqCdfu?VwC0Nb!2@iiit8-5zUWFG
z*G&+GLIU#J;}hvowNJWnglvb^<2q~lS#?ixVtYT@(O3{TC|4kFJYLB*jni-4YZi0>
zEMW{l3Usky#ly=7px648W31UNV@K)&Ub&zP1c7%)`{);I4b0Q<)B}3;NMG2JH=X$U
zfIW4)4n9ZM`-yRj67I)YSLDK)qfUJ_ij}a#aZN~9EXrh8eZY2&=uY%2N0UFF7<~%M
zsB8=erOWZ>Ct_#^tHZ|*q`H;A)5;ycw*I<Cd*bZlOJ9YmRUK2<qXkpRR3nr6r~%Jz
z*(8tA&DYO)etdgVmoonqD{*<5Fog4ClIs-~_uhjuZOI}#Wy+ce${%#oyHloXelqfz
z8)?D3Y_>cmVxi8_0Xk}aJA^ath+E;xg!x+As(M#0=)3!NJR6H&9+zd#iP(m0PIW8$
z1Y^VX`>jm`W!=WpF*{ioM?C9`yOR>@0q=u7o>BP-eSHqCgMDj!2anwH?s%i2p+Q7D
zzszIf5XJpE)IG4;d_(La-xenmF(tgAxK`Y4sQ}BSJEPs6N_U2vI{8=0C_F?@7<(G;
zo$~G=8p+076G;`}>{MQ>t>7cm=zGtfbdDXm6||jUU|?X?CaE?(<6bKDYKeHlz}DA8
zXT={X=yp_R;HfJ9h%?eWvQ!dRgz&Su*JfNt!Wu>|XfU<MM~gB&J0gc}IH}?|B4WRK
zWPL0FhctFGdMucOFdhrVunIe5)4K^H9IjB#eA)p5w?c#v7kp8jx^~bxxJB{;hPFL9
zkR9Dbpj+T5ZMgHQg|oj*DS;x&jK}1rn&}Shp9sgOI*7puQD-w?3H*cg72;5H(_zW*
zApJBIM-p2~F;qWDj!n|Kd=5|T8OPkQ_G;ujgvKybr5@~eci2{8WAz+%NUSp-&eoG!
zOGLNLJewWl&1*NT467W3god~fYgX?!f0?NCFnjD$qE-fyQ)|Q_DLc*{olmXSVl$g_
z$vj}o?RatMy(o*j8?q1Mgw{OUOgVR6_qvS<Co*&!cR`ROi|*I`ajyG5s@L8agnX2J
zF=DLkMG`z{RP&996y0yAtvJcb<cba?TV#j4VYFPC>&68iRikRrHRW|ZxzRR^`eIGt
zIeiDgVS>IeExKVRWW8-=<xUfo0v~z=RA=cFWKXgcMECd}xHp7iqkBanH}TZ0h0rA=
zqxUZ>A=<k-RjTtwbJkkep{8z*173wY^e%-U0{Ue!n@wbg^2q)Vx5c(_RfvuR4}XXn
z+JE>yA`}`)ZkWBrZD`hpWIxBGkh&f#ijr449~m`j6{4jiJ*C!oVA8ZC?$1RM#K(_b
zL9TW)kN*Y4%^-qPpMP7d4)o?Nk#>aoYHT(*g)qmRUb?**F@pnNiy6Fv9rEiUqD(^O
zzyS?nBrX63BTRYduaG(0VVG2yJRe%o&rVrLjbxTaAFTd8s;<<@Qs>u(<193R8>}2_
zuwp{7;H2a*X7_jryzriZXMg?bTuegABb^87@SsKkr2)0Gyiax8KQWstw^v<oS3Xw7
zu51m`3~hoyxErcHymdFTZd#AO59{EkuFTcpAR33(3xc{zRnn1~1Ei(i*^HdCvM~;;
za&}Uip|u>#ix45EVrcEhr>!NMhprl<CqZuKa#zuI&@zymVzIicetS0bq#u?m(r_@S
zJ79bl%4EyHCQ3fK@en+A1@)e}HWLP|gr_zuoA{}Z<(-*53Zu@k+=^%~5F(z$EFLI;
z-TQTS8$W|GRbZq93Ha1?lu+`O;rn>$InQMzjSFH54x5k9qHc`@9uKQzvL4ihcq{^B
zPrVR=o_ic%Y>6&rMN)hTZsI7I<3&`#(nl+3y3ys9A~<Ao%ZuW})CJ)6^(aRV(gGxR
z89#(FDW;GZEAf;rI$+PU)rEV|rASrwP0_mr^Ldv)IuUf1M>&^=4?PL&nd8)`OfG#n
zwAMN$1&>K++c{^|7<<q5KGu)u(OEfEJJw2aEi(;x-i=Y=j3ram9H2n-Fuqv0dVlXJ
z&WgG5X({!vJFDrEbm+CWDca^zIe2@s1@a;;Y3!U9Q)&P0UXFmCP51_!wvTfAIyR^M
z7^R*O@yz1b-s4VC>4P=2y(B{jJsQ0a#U;HTo4ZmWZYvI{+s;Td{Yzem%0*k#)vjpB
zia;J&>}ICate44SFYY3vEelqStQWFihx%^vQ@Do(sOy7yR2@WNv7Y9I^yL=nZr3mb
zXKV5t@=?-Sk|b{XMhA7ZGB@2hqsx}4xwCW!in#C<kr{U&JG{9FhoZ<aTve_lLz39>
zI@}sc<h3gsW}hp-`WUywKA>Zlr3-NFJ@NFaJlhyfcw{k^vvtGl`N9xSo**rDW4S}i
zM9{fMPWo%4wYDG~BZ18BD+}h|GQKc-g^{++3MY>}W_uq7jGHx{mwE9fZiPCoxN$+7
zrODGGJrOkcPQUB(FD5aoS4g~7#6NR^ma7-!>mHuJfY5kTe6PpNNKC9GGRiu^L31uG
z$7v`*JknQHsYB!Tm_W{a32TM099djW%5e+j0Ve_ct}IM>XLF1Ap+YvcrLV=|CKo6S
zb+<Td{{5RWR}u2f(q<b(D$9JsF0OOzJ*+z0P5kc1t}CXlYgua%x*2lSgp|*WS3H-#
zdYr7?GQOL18zUS<2|;+vi4|4sQBM2Gs&WVS!D`q5Lz;XR@5rEfa{uG-!q?R8Ncz%(
z5K6~LQ@d2wp#)5q4u<ENlFbS)U4o1t9{-d>9Nl3_YdKP6%Cxy@6TxZ>;4&nTneadr
z_ES90ydCev)LV!dN=#(*f}|ZORFdvkYBni^aLbUk>BajeWIOcmHP#8S)*2U~QKI%S
zyrLmtPqb&TphJ;>yAxri#;{uyk`JJqODDw%(Z=2<VfJZemI(PFAD{6Sm|uE%BTbkl
zROsg*MOh20YgGs3H7?@pmQ>`1uc}br^V%>j!gS)D*q*f_-qf8&D;W1dJgQMlaH5er
zN2U<%Smb7==vE}dDI8K7cKz!vs^73o9f>2sgiTzWcwY|BMYHH5%Vn7#kiw&eItCqa
zIkR2~Q}>X=Ar8W|^Ms41Fm8o6IB2_j60eOeBB1Br!boW7JnoeX6Gs)?7rW0^5psc-
zjS16yb>dFn>KPOF;imD}e!enuIniFzv}n$m2#gCCv4jM#ArwlzZ$7@9&XkFxZ4n!V
zj3dyiwW4Ki2QG{@i>yuZXQizw_OkZI^-3otXC{!(lUpJF33gI60ak;Uqitp74|B6I
zgg{b=Iz}WkhCGj1M<xTd?60J5qsr1Cg7F~~U2N!(@lC<>=hu4#Aw173YxIVbISaoc
z-nLZC*6Tgivd5V`K%GxhBsp@SUU60-rfc$=wb>zdJzXS&-5(NRRodFk;Kxk!S(<ov
z$YXcI9;^grAyiJ4dWTv3b}K~Ww09(;mLY4+kj|$A?IMr}`7q?mIS1>O(a0e7oY=E(
zAyS;Ow?6Q&XA+cnkCb{28_1N8H#?J!*$MmIwLq^*T_9-z^&UE@A(z9oGYtFy6EZef
LrJugUA?W`A8`#=m

diff --git a/template/frontend/public/scaf-logo.png b/template/frontend/public/scaf-logo.png
deleted file mode 100644
index 521c0d9dc716defcf6d3db7ce3ec491700648f6e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 47188
zcmXt8Wk6Kl(_TtSN<g|nQczT4Dd}`+q(eaIknRrYE?JQlrKCG01OW-@lw7(y-n0JR
z|A+mu_uM(p%sdn4p822xlf}cK#DPE{c=B>mY7huoF!G0W5BzfhyAy&y>Zs(U#5LSA
zx92>HX*5xK4)(|!bQP`|UOvvJs#3AA#I31fl*{%<bu^X2j`$I>_`umA@=H5QhB5Vr
zM-t4BxXFVVGB~Uv86U<4hUY&{s%WZmCc+^B@5#Abn;PcN=<Rwr?bY|6B`U48T<wai
zPxyUq{q*b^(PpABY}&sw;Ja65&(6_2Lp!QM0<(Pdx}`BwdC_vy1d%y{7^U(>GMlr%
zOnlEzhsA+5$F}E-X)zO$l51dPg6`P8MH6F}p6`r(BYwfrWA0qR@ZM!J4hN1W1Zj$@
z5El6a=0CNK{$2r%0r{#ac6gbEr8-zbD~^XU#wh!)i#En@CZ&*q6dcI*WsMz^^7|#j
ziufNJU>ylipl4z>W#wSu-~T8FmZ*{1LhMlOqAHHFvOC9uQn-RWGP%&X@6F@g$ETJ>
zF4(C?<A;dFR2&;+cLtB}hLkVceNKg>qRL{#FaaDzzFerK(G||}8}!xV$01K*6YJZ|
zNjL+M+mEGJw^g^DsHU`#LzNysw`KUXyz*d?xa~uBC30^oHXby7)Cnn_1`g*mE32;(
zla7VIl~G?qa?yI?k*}ZIVYUEc!Lx%jB-KeegkkvixG_c1qOkr$c2u93Lq1Onl}o2=
zAzX8OFS!5W^JC|S0F?YIdv*tpq<l^ZOm@l6hv3b5Y<)Z>Y`8R1qy7u*{Z%%_ENq%Q
z9?DYiCNFj!tu`Sv66~3mQbSzF(KoUeia(-<rwI&pf$Bi|gw25jDRz2Ce6fQ~kq*46
zhNlW1rlVZnPowzvCbP?5J=GN77tY}dV?GSqb(X(gWIO#cF@Z27lg=E`@LSw7#}3zo
zmbEj$2<2VqAR|&F=_I~4bKl5ENle5bl?0|hoG=WAqGd{vgfxJAD1?92@x8$Y{ajHa
zDNv&ny@eDS1|Bgd8<XzO11JPED=#+-fD$A3X3;Z={)3Wifw{lLrf82%V`k*?-TZlM
zVtShbR}k1PA!CRtfGak!p;71UK2qW!sxNT$Kf@$^-PT$RWK(nt#YYWzjU`0O{++!4
zGtwyI4&3G7B}qxl0Dn%v5N`rGi2)uYd=y*s!SIUX;W&msq=Q-rydV9TMed`)S_8q&
z;WD7$csWoTrF##_S!{ozHUp2$OcIWluW+-?RgmjWc}eP+ViPeK9+gd{sQ%lI*=3W|
z*d!_6ZQ}h%Mln$Bkmf(^W9b2H3BW$3t9hC{NEkHdYSrsVs^s0{C)dvG`8limO8d{_
zT#rnB$o1EZ|IDB0L7PTuj<~c^)~H5m{MO{3aq|?aQEJEE<a|ZqmO*JP>z+j78AB~t
zcRcL3QdTP=?T~Iu<A{EY)U#v}tSbGohMsREnbz}DIUus1_BC?7?ie7%oqlwH;$whF
z|K9bNUr&*`7IoQTz``r4nzsWKIfH42`s=<GAAt4D@^`hNIV8JWPQTSkK|q)>?|<a&
zMoMDdS+`i6uE2b}Rlv)S%A`oCi2S#zm0;EJL8_o}R&5mEIJ<)Zw$48>1~d1lY0MGo
z=J&@7k!r=Dw;0I~A~#U04MpWodZBGp8+A)fuJQkW#&Y#8=OxMBoOt$I(6W-Dw6ZY;
zBLx*P4xz|O>s-Dux`+6KgJh?_^(F83e~%_)P!|we^v$}+$dzp~_krst<k8>53%<QE
zekn%&yVZTJm98l}>`w369>3AGz4VTx$GXvI&+}&e^_{_-SP-*(h@fi9{K5<mod$yJ
zP#`@NcwK`>1}{w2w##G1fqd>BQy6K!z1!4`53O+d>4o9sJ)Rx^l9|Y(nw@gnp7}Dj
ztlAchEANCnnKLwFL;F_!10+Vp0Ci8HY!E#Zb6O-V!?sV}kW){edLB^yc?dPQ_~eVv
zXB!&*(Pa5qS*!2rpWi>3<xjQ%v+Z{W$T&HGpE7Z;OZka`xASvj{F%Djg1<YQn>b8{
z=Rm%e+X~stqYl}Jyfb2pDa;Bg{PcJ*Ay4bnEGeJZ^QcP!*F@+^5%OJhk{Lc$I+Voj
z7Q@@_SZw&$@6FdZ!l%qt_WnIt!95dX7-|V)3N7U3h(F1`MLo#W7>hdb8X5q&5lx3C
z8y&_@9C0)`oK0LE`dBa9$48ZLqBul$A_T@P|Fx7Xz)>|t>zF4nc~)c1I(apoxjNGq
zvwfJ@WZEnZN)$tliG~>r`;#F<jmlKenThBcD%;`cTiQI$p)b|Jz4Lu+BO|Yt9*UBM
zR{C{CQRJTo)!PU-hd|!-RDaa=J<+6_MBuddx2491Q@s6s;{D&m(yCST3TnACu<r_!
z%VB@q^pN!es~A(}gdvT&NasEcs#9TSvFTzRlL3m&BLWc=g3<uZ*!JmH*`sm^p6fHJ
zDTY&{1ZR1KzW2`^vp{;IoB@XIc%J5?<Vf>5W8oBDe)!bg_yw0=-nmY~7*-96X%5%U
zuwR|md%UH0S1GayV{vbl0;Wb62YN^ed|q2q@RF|$apAM|Ej4o*PvJ}+yq~m5$Sb{%
z!F{iE=Vw@>J~Dt99Q3dO6;AAax4psG|6v-r^En7J6qe^%?TyFfMYyY{DSRlApkY6q
z3-$`RnIr93K-*(u0n8U|K0y~)MHle3+F-Vl>Zc3v(rOdwj}%H*NZ9O}QcdAT>`KCs
z)uS72t4|4dg;+K!U{pD<c96T~o`TQG;kT}ok^DQhU2P6|99z|-{JqUxNdwXjdsHL#
z7YWSlnc`@RD^umh+)A`$(CCb*%Arm;L7UND*nplyVSJtzAGB}eUE}4;*Zj#Baz9O&
z<r%1-VL$v8a8Vh7*`xS}?<?MXW4XY1amdVGQ2tpMj77d=<H6!)si;HSztoLlS0ckG
zuZDM@;(p-(yB1nc3_e^YFx8cWGqiSY`D-@wpTTK1MOK%SfI%FSdznVbatV2x=}$3W
zS-3}ULt%_Ac7IGAW_auD%{Q16#&BQ}6~`@uzV!?9*}|}UDC-(Pha%yy`#|zg8fNYc
zz}&#^qu|(7j+b(c_izDE$j3W`S@Y+W|0gnuMR?oiuU+xX$;;<O4r|wc+Yi*3C`C!;
z?_Ax7D7sunq}@pP^T1<-#9{<;kCb6ym@k^MmzSEn8okpy62E{?0({O7ioDNCgQfif
zPVur6<<y>~gSuIPcJrnTsc)z;MN;0S^X3O>BI;)xV67)CLzOzVG-zQS<xGqO8qfS9
z=qO+pmtnu=t86^8=313t*UnY5s7i_1Ci?j`OSvoYY!f=IyMQyJyp`Fz;h#0b%{3sY
z9-=LdR?9KVZ+2g&cb#a4Mc;=@;n>eTs#{gwKhs3w$b~)!o;vk$S|IIsW=$dkI-BLf
zj*xZt=+9M!*rrQPbfG88?T>3oCnyyXI2`%*k9-!c?~sWq49&3pv3#}?Ehe2XLBT70
zxYSoa<y&04I#MlRO6UjX7ZFA>I-bKV_Pg~Gb)Q242O6UV(7B-m^SqouL&qpTV*Lw8
z?Kylg0}UJYWM-FDTTD-<A<~X5e?{wLnFQT=|J(iD(WP1SY`@mumU-Q-LqQJ9bjC+1
zzvY>WK1D}XI4^&)->#PsXzey(E^>kMVT$hKle;=>FsnJGiB$@uT$j{wA{2!rSQGL*
zpA+<+dN0%aBRj2vFkq6$=9^OI8(tARb_soM<9dM24o7d!m*+sht2IxR5#AC&Aa{45
z!Hyfppy@d{TimT|EbXtK4d>zruk%Mm`Gl4Ih_QB}rk8<|wl{mxHV>AO|03CSb0uj&
zAbBbZI<=9M+>_@)lAcbZB^d*yl|$z<^}E*AM>h#r_h@NdKl5sR`)TSO!R#4b)b=~S
zo>A9e2k#3#W_H;Im(Yt*la4PN57@6Zw~X6=nNj;5VV0k+ZZOI#L^{&lzMP?_R$U{M
z?~6qw8V@F|WQfbJj+T+>dx;9)a?PF)yD#s6r4f9Gopc*jt0jez3Tof+Yy<UPi}!2v
zd?vB%V5_^KOcP;gkV?q;(<<iHg|Z{|+co&NIGcRehzh|`LA#@At|D`_+oin2Hu-tq
z-2TWyt~E2e!n5)dzd&1Atk`hN_`Il#bNBNR^B8gVl1si0JVlcO>d9KZ2AKp#>hW9n
z*R%Cfa%xRR`Sjs3GA==yQ2Yq)_%R}oo+mpO2kBTR$Q9Il?_1u%NPm-%Fv?FoF@2Ev
z;zfhR$nNGeq+f5T?&<!C*W!R%P9$>?^}TApLSlRg`RQj@X8}~HLih3&+<rW%b9q56
z1O-a;nW$X32}`iad%ZbLTDeD>P+_v5Ter`Z_T)i}D?!tZoim8eKEA6mVuv<a?`&p7
zC;kQ|f0^@r1)Ue30<#r3-5zMJ@>3_bv!v0sL*M+n;oc?8MFW|{i&ezAoXp9(k|M>K
z1g+kbyLDuIHc{LOd2g&ChGAxeuCcc9c}ZLIEcFLJREEk^->;?(KY4@Yeb88bIyC$u
zK|=}8RvC&Sf-1?(KG*%Cv*a6fkeZ>3rN4D*Th)hQ7O>#NR{5&~p~A?im9_D3@rvtl
z!Wa}U^nPI3EZ#>x*$KIk`RO$*lhigsd4;Tk+x-wlnxKT57o`+-y7<jE1`T-;wI^66
zg}pfP3UEQzwpW~=-_>qBkhdHwBlEUni4x%g<~fxym?6f@W)?q`oFCw9j{K5m@a<cG
zB3T<nRycQjo=CL|p_a6koEnEx7W!j#ps;3!4qaFfX2)Z<ixH9pj)4|iWnf+Q)=jI$
z!>$-{d9P9rx%aN(qyAv0X_`;G9PI0tXQ3Z?0y+skaK~#PC>vS$Kc>GobN;~WGA3%P
zOdXtX`0kfOog>BZCanP@yW+#4Q1cQMb>!~&N0bus7w<db9R{~IaO8DdR=%tp4-d_u
z+<CqLTyp)%1YXW{$uLz>L!8(u!5Bm?!;#yvU}ooeYdi8OeIz$vVCTX4Q(lEJ_>szh
zQC?`3J}JpI#H#L6{fV!X^M^d)3}ISPKl%4#DhX=6;%w}VRyYo;^}oFxkk6<l$?Wt|
zatWdVmK^~s7ISqUn&Ns$C|(TsW5q@JHBX>2H4P9u1H9Dt$qv4Bng3*xEFvX|7x%5F
zL3W;oBlth1CHg1%_5vrcwyVvdySAWMgG2%ZK;)vBBolQaI^KSWM8;oAq4hYbG>#cO
zi6WmypD;i-IE@4w#ZWw(Rb^w(3{p{Br4peoZG2L18N{ra@U+upb!wP2;r%ahwxWtx
zv;^O7@EY@Q`0UX2TLc;;)L?>GESjYrg`Tyd@>34y3_lfD$4GJ%nOCELBy(L+0+=8-
zKoaq8(zwnQds`3Khg}x9gG14WM&FM}iJSt!>T>)2vhGknmPCPr3IOX<HNbcc$CSJ$
zohqk>p!SC7^8#(uV8A$<F`BqbZ8v}-MaMGuC%d@`eH{Q8FPHTz-<Jt_P2~I?RPW?D
z1c8*}k0KZ`)T9Os@~iwF!kHfLokQ~OI}s`<)UGi&T*?ETNZzfP30$NBr&Az3X4vfI
zju*|0@+%94xJTx-TpvA<;{27JnLqyEq>h>0@s^@xB_=NiDWedO_tqzelbPKhWhiJk
z47oh+>jp%AdN4=l$s0LmX};!W+W9GneMy)bKl9Lpz5kiK;re$KxbU=?y;p0&&6VD~
zC;DrS)<2QP13SoIWl7*|1KcoxK`CLv91V;@^B!crm*m2Cj7{gYBR*Lf9Vy?nt8Xl>
zzr@!M<XWAzv`qW8BsryKp;_Anr5Yl6zjRHespc64MSnOLRoWZsQr1r3cQ01d;L~2M
zrPCo>ZNs#gl9nb5)AyTPt1L5NyBqx%8hfL=9;D8j=+z;vMwLUDS>L`+|Mc_fU*8m#
z_(~5r{8zv3^xJ-4!v>{1Dc}G*&AsDL(xV*CiY2eJPM=t**GWCycOBgu;g2`1#5@JG
zs;M%Bt}`}i?oYz+57R{J_gLPJO|<`6Z`U*meZ3G~8n2NJ-2d0b)}M1IXgXsfp|5t0
zPy6b<v$SZwdFI2fGw_baRgYIMNO0)%F{e*2O6+HRZgX#KW+wiSB!rD*E28OFqH{OC
zsHfFVa7_dxE0%D1|5z!OdzdA8FVtS(9>&K7McVxFT+U+ziVvm9%dC~8z1wDmJD=+2
zPjibAUHgccH?X-BjbQ-e&13730+eCW<h}W@rFybl&Lmd*rexu1U+e?;Re}lcTle=)
zUs^;=uMXGRZW2d##jZe;C{Nlw!H`5!=%RbrnR_}Yc8j;*N8cb3I58iL>4!nKfMwLk
zTHjyNx4v)k`@I5S9nLa+5{YStTpHig21cruo7@dlORrdAY_eGh!7XnCvrz#Z!9YvQ
zx4alYEsoaP=B4XrNCTJM1&g`QeO9v?eOq_b1FBJu;^FGwhZ{{sNTEygNg9ULFC3;A
z_tdnx2(CFAUQSnsWhs?D)$nkh=b;Em7()RSYt>~~=XawlAf(MCR;&oI0fWo0o7j%B
zn=4(u0ZHM<MrvUou9An2mrb@!hDoOmdK35O?{YZvVj7p{SI8(hV#h6ik0Il)4}^Mh
zPkH<NP3ffXfrfKHmDjkvKb<g%K|BxVx}?D?fQkgELG!M`V!{QGRk8cR-Q2)Ar0Qzd
zk7Qn#&LEzyxuLV(350Kc8gLz=#1ISb1S~w9tQ^J|`Q)|neIw9YaMK}8fDde_fZTAr
zBmMVt`UXa?Pww16LnpDjSI*+MTp1WXR7f##NHI~=IIJ`@2Js^HEogpc&Z?T_6AQs&
zw=WtPjjV9Wi$PIW!$HcD0XfIvEii>g!<ULh$2;0ogHeb@I;8;vyE$Nkg6U7h?`nny
z#*d#aeSmsrpM0J+&}S7W2QFbszm`)V0{P&t(A($U#e!hX{0%{|k6?quwAYrQqG71S
zYHbyZV5DRM$kH4&v<6F=IzX|LI{rk}(CgiNpx5R&1^021uRJzVjP5k5OEq%A%F!@}
z+QD^u?wpAXLD<h_kW=#gfl>!bA`d|gDD5qc{<wG{2KMh-Mhtyl8}gqQ0c$XjhK})V
zUff0iDQngQ9M-odUnhuUzOuJPc!1;<2oxp_6VphVC;r6!_5LB7NpS&+Lkf>H!)khv
z%E<gjC)E4fR0i?3RQ&DFc%*>%b(i3Sw@QIQ_dqhk`AeTv<>u)cHVOloq@{3NhD<Jh
ziC!rz|M4(JLLgww4voEmA?>_@hR#VJw2Vn9NHlu?r#ccDFu=4^PxMJ?&T9FEi2G^m
zFsT}%X+L!X6(!TNsW3)Ca0Li|N4aUz9<>qSeZGVHlP#&DZ&YTqQ(ZQH_CgGNWJdPA
zTk2yIpzl?ta(!*b5fDnxhH6Ok7lYLPsnvrQ>3L6G6Py!ZLOvswx6!9Y8w<Y+;i4Oz
z&b+Up-SAc)p|H&VWg(Ym(Es6jxhN-I+Sp&Q;N;tSW*thQ9pKGd`K<rl&{?J=19}|X
zsFjn{5yi*w33tSotv4aRsd!$?wR-nMG5m#d2vK`y$36MEBd+U4%;6Ai!-ZKFRzwFu
z;etaK;Y%(REEKcd(b!_*A3dwww<<Ei&L=voZO*M%ZBP_{VfJ!-2>lbfPmAzn??VLd
zrLtH;%&yPv_wSCit&WGLe-TGUcXy_j%gO~UpVHR7);%-dP}|b@sP*%0k)(}PiBFF*
z8*G=uP>s`7u~72LHs9?&@LU;UQNAUgnGtThuP_pkbk$p!&f?t82(65Q{o>A9e&*{N
z_`oVBcLIv?_Hu_Ehk+1{L;`}i8t@v&{+nMSd+9g^4XNzOO{R)`0EK><vU;m)evFun
z?Wqo)Z(_xZm1B_}mw!@}qvUz#g5b&0VMQsAVhe_hj84+;Ok2Sj4ZWcTRhGFfsCpsn
zXYtCp%STavxOwe3>;0~FzdKj!QBw5V1Fml*o;JUMqmIITB`>dYj?Wjy<sn?eI1K*B
z4(rCZaQj-=VsTkY-)p_X@GSkL-wSsP<r0&M49BlH*nJLTjtj-~z{W}f<|J)@@oVL(
zt&7!vC{DOoZpdztz^p4>P|cPbdq&R0v<rKcSXrYz5e|`6rG3C*<`N9(<#o#Q-(iGe
zqS2AN3wChGRNdlF9H&RSqDl9{iq(y|TmQO1!Z`qz5IFQva!D18NbKEAF|oiO9(ilS
z3Rr+mur?M8jOyf1%wsjDUuO@{h@=_NpS1p!K#<w%0=)AdZ;KPEDzZ4`I+@hY@U}>%
z5XLrRdYRAhq#lG2wq1)t5%?r8eJ`9TL_(e@wG=;j7ep%ISMn|4bgvwSLf-?-xu&Jb
z02elcGk)@(64O?F^hZ;#@FkzO2fq38(%BMCC^0Ktt1TSzG6wkl*N!PZ;gey%i5u~4
zH2g&D(T%#}va%9&u2*`oE~vi>EA*jtqd;|Pz}2*pf`o7PiqESmI(-~W8WxA0*z~rU
zj%SJ{N{Au73_#~8QDI9sJ@^h`4sX*j;IJ*O1`2259y<>srqPU+q8g?-+&0<#<vtUl
zx*NK%a7t?J3dil@X%{+>li`gfVk6!cx<uqtQ77z*mcs%<n%sT?qElys)$^7z0l&_l
zbN3-~Od3c6cm+OuS8cVmj-wpcEri4&S*Xs@m-ku^xH6Sz;#Crfd^FxTdtCGp5jh!r
zOrGI*9>HG>P@({o?D`V+>+MX4wc2rZYMIbZ(h$dCc{otQ_^DUMEFT&~JeLsFp-)Sp
ztQL5L$4Cp4rCVCk<$LE2LsUdIUB2EKaP(6#u{Ur?+XG-jfxSw%-$^`In7HaArvu1c
zafv9&;6En6+{NrB8|s_GQQIDXSeDE08u=+X&i>chL2k3r9Nsb2ziC{aqm3n~{pkK)
z(_5rC<g!8m(b=)oPqQLy@>dxp#Pn3QA|o4hE)la^EhcaXLcsSW2X__lwIYcG{cZ$q
zJ~3vA`j3x1%Q-)T$0`P(7!^zXPHYpQvU#_S<Lu>WW`Pq#^v1}wF?0?*YvoUc{|<5V
z+VvTidqb1hCMIRcL)~JvSs`&OAfDZNJYG+X>BM$R3mQCEn&Y3P!c~=KxG(9LeY}RU
zMFOdK$$<X1IA4`x-C00=U04u{Io)9hGnlpSTTsH->Q5Z#!?TBBi6{(!E{@%e^)&#+
zDWH?U4F5AIHAj|KdTQrJn)6MK3r=2cf!eg%J2>jgP`2Qg`pIP}uC~=MB6~8SVq&GK
zo;r)TOS^h&#hjQe)(*!^e#(H~Dp&z^f2C*U>-o0O)m`~@SYPrDdhxz*nguGvNH)&S
z)j$Hp0ldwD8<37{o%I_$2S7S<iquF$2HyE`LC5=saeFu<U0~b_@c$mzmzrjlJ()zO
zFr2@vTe?;ch_steq!q4!#nYKCs}1o3Z<Z1(eTFaq5<32<`y!IX{h*LA6cH#pl<jS7
z^PHO0-0l$ak`RcR)ksm)+XAkbNyPTk!urVnl$-MF7bE_s#34_(dQNqKg&zS6^V`$a
z!2A{A<Jbib4HjwlXccSs^a^`<PKiSEtEUXK2->`WuV4w-hz;5;l6?ey+)Y&EJwznu
zIQF6a-=eVrmJ@N0>Mjr%&w)V%rbd}djD>&CCfjYH!%We_a6|eE`AH8yTw!&-59X&2
zAVe+_tm=oN4AwS^1dAH$KUYGF%|}whrablu*U1aDSNSeDkVp`dj;i`>)z3jd6-K@(
z8uSK14BLCf4~=l3p0ftzWJLO@{Piz_R1rayw@03qE=4XlW=y5aISHIWv$EtVosA$7
zXrqS^hU4;`%{0!kM91hAI_Of6;f*ZD{d2lrRCK7h=7*{vA#9W^Re+4msB11rbRRJ<
zaGDs3$a*Sl;QR<b1)G4F!+!$l9_mR;I3&TjJyBw^JjHQX<)RAnkAkw;6_#YB*GCsr
z2rd$Kn^jzM4XxjQoDGuP&iXj!G6zNBRn_HsVGkn3m=;)clcPVs!3tQ^QvaBqvs)ZW
zwcKg;_6?nh`(*8X_ecpWDH<}gtM*jY*69~&(&<Re1`8txr5NrLTw$Tu1F&C&I%rhZ
zpjUZIL|Y{I%Q+^LwDAr0+J*bFdyg%DB@)@>6;^5gqjVcJz@GG?*o8H!BSm>Rhx!Rg
z0gtIS#f>*x?~;iP$v#Ns;k>)Phe04}UnHw(hJfvY9EYdsd>MtKqEQV&_^8S-R85TT
z!NQK)MQ_P*NA|H+-*Im<-5-klmgk~5&JOtnLNVv7MM#xLvkML~HP&gRdFz;@<Rvg7
zf|keGGpXD_VC1C8Y@tKm0yC*r`+(XeH<JEs96R$XPEm^6TF}bqM;umsg*}=?HTf-O
zm{%DnepX~5g!^~^AV;_K&dJ;xeG<iIQ10pz?ZUM8X0b_1a?vN_^3>fjos}NVLXIT<
z{6JTYrzxgGg{orR(w!@#PG4#izH+%`@!ORT@P3dWFEG#pyhsZLCLV6!ur&YRf|Gf$
z^3^|rx2UBXnXX0=Iah8<J}o8f+&#|xdlybUtRp>>Y>T8IT%@BSr?1vZpYKmXLpoLW
zOem>ROP%!!(+;P1i-!1%6SeZTE0lUTOx#@$DKXB2!5%~*zdtEs2JG8;r*XS#v!+$F
z=yDj{T$}2NOv&~pQ!nYnC-5Pw#{PYvV}^#B)uEZ6awh!5Okd;hT@yk20pe9iy;i!9
zhv9dCT}Jtn7(~OE29(PewpB3ynX`N^G+^A&>XBS={+7$EyM`V$c{eq)oR<pBd1e6`
zD)gkDyr@|G+?%5~OG_zJv9?Dm(S<?;v!Wddj9bjTQl`zv6RmoM5PG1UNSRFq43Y&4
zZSvK-JdRDjQR28L=6d*xJ7&n|Q`&*ZP=q<h)1EWotER;e%T~Ycy}USB{g@@(SYan)
z3dEgPW%iTR((dx{`F_Kx-!=zkE94NMRVLn6F>za=YO76@m?NFmLykNQ9=V?@*CEbY
z0dQ40VvOCh!Uwx&c@KtKPFHeH<g?(FuqWpBN7r}blk^6=eMTu4&c~`)lIm#*n^t+Z
zLgVuOlb|N5R>n(MSS@~c-umPcQLaNeqGRrOcto-KG(D|R1Lh|jAEzaJMKjvU8sFW&
zyH1urxYd7m_p#Imch&@<$Y4fil19139_){a432WB#U3)J#g%+0+%<JizY{82nGHEC
z6pN?5p`SZ5yDMVW)ReO}`gFJ8GbMYzBWdX%r)yvZM^Cq~iMu@|*dlqk4Puhb#O3#V
zi0c;mKKw+^?vXB;HVwFEpmYmqOT)av67tNKY%Er%C)V2p#h-8j1{tmh@PaGh;nz#*
z`+w0cCRDgBesKBxZRBy%Lq%kNhVp|J*zbWBmMy#<)QDbq1g~4d#+$lWLdEv2hsH60
zU(!oBh*g{|l7qET7veUxYHo*y4d<3(!g)G}Z^u};UJEErAl-2AmDR!s?K_!9s(k_0
z-MnYq9P%!I?C7!yrdvS)P_ljV4b3<j$ipz@uW7mNgQCO<eN%iUw4eJkQL_WTTP8^T
z^>V2ViZL>7FfjWjK_IGDunvG;r6nr5BKC=r%ZqVre{G~++9#voOGHJ@6Htsep)20U
z!JnwPj`qDkNeRa$Ya;;~1y&@hIcB>=oHtB@9-<eXz*yv={#LBAW%?$QV7e64(gL<%
ze`H6G0s3L$A2Wj8(nJi6wdQ9|dRtB(ne=Etf~Pj@gs9)4{dau2Qqy?-u;<`~swG2$
zIEy}MC!0bY8*%Of^`nVve&wfoPhP}6Req7|PW9qmMkJdY$?)X8`{<MnE^D#2g%od+
z>@K&f#|0OZlQrdw_AC2pyx`5Jx+K9bDfi!gednaOvRmbf^V#tfYT(Szd4?s(a9mg@
z$vlw<NA2apk)X#D&862k%4%{&{p^^5|3RPn>)x4ey=+~>qr>ZbSDdj;vs719`bsve
zfai<BDg>j_@sCnvHt(7XJ-26>GIMOlXy$t$FOb`1Zj8a=Ud^z??^!5IM(CG1Hf-2Q
z%D}LvWH$)l-2Rj}5^as6tkuM36FWsJB&e3E_Kg-H$u+|tuBNe7IAK^QK#IRx(}&G$
z0}{*kmdvvZvjm($=2{a{DY(<@Dv`H_JLoUpsuH5ks}gRSG_Z~2%_DMzPF$!OWaVbQ
zaMnMHA6%Yh_gBiHM{nBN8V6Wvk4#q4;~rj7uvI34jf8{DXAy|sFo@X$42DGmw?@}M
zn>Q39BW5-#d4dyZW#;*|&hKGDC{|rp6rTeF3HNs==>Xi(0c^1Gvi{V%^Dw-aB>0;(
zqoSBq;mgMjVt@W$))f1+wC3!`d;=21NcdF{DQjb$Z1|<KqXd@4XL@wut-qFEai)Rg
zBnzpG+M>w?Su$5>vpF*fQ90PKP=?$yzAlgFAss;J0o69iw@o6JFoMQdvO;)202IYx
zg+;@wbP?B0rEpY>%rfrhx7NDsSVkq0!oCG?)N11sbV3@S5QVb(vMExX&&qiv)dxmr
zQiX7@U=J9!fr$#`zZE)HsypaYPB)*BdnH(qm5|fO?OIO+`UJO7+m8ZW@R4FlUO3MA
zk;qJ;SvtCK)tA}+hbP8K0_%s2IF@_Y$G6`6lOo|Hf`1ZiQrq_tD=n^%$N8lmrdF#P
zm&E{`f4Hg$LHwcBPJT}stV5@z?+(s3c@Ii#;|qDD_#&6?`pcwi6kBh;S3g$cXuVpW
zKQqn!a@r#m*iCFhMoNV6@rrfuVVc^jB)h=ewmk_9gTHhJ%y>;ROBZFe^g+%<T1fhd
zZ;S5zi13vRsY|cKyOyq!1$N3UHr|D^T(vqzom5$|YwOdkYn^!eR>j*ZZ@Jrm-i6y7
zII36tk2ogCo-|OyC8_X>s*bMA-Gn22&r5*J_eYf~345|cfHp_i-^$|}2d-A%s|EA;
z!<a12Wa)?*M*I0-qt_SB$yrw?6MNV7hoxnj3T~>?bKLJMI4|~|c~8rT3y74#Azptx
zrG!x81d))V)?)hmoQGpSN^@t9!ibdnO^5`GKblmY-*v5(bs;cu`u@6}-`LNGUmq*1
zT<OH8mO0;XkuGCz(|V^eFa?<-&6@HzGtbmd^g{c8LP>%Tgnb`X=>LWh=~E8F;zS0*
zq%)}YU2ZRUgfL7JwjQ}|?qEIke^_v|MyEpPx$nqiXalioPf~6BW}0Qe+KaE)zhUYV
zCu?e(D)lhSst{{BHsTr~)wK8S?G5@B*4%k;jVk>k5Ut;|rmb?ms}b_8OL5~{7QPfI
zxKGL?uS_;Kpd{WaD#7pWhn9m3Ht0wWoSy1aYgJ|EcE8CE`j?40iXC*#*NjSJb3gk;
zJN~BhUK8(-Oh#(WFZibc#+SJVQidg)@G>%{T9UbJWdz87WLy$msK2dSsJv1a`iA~!
zt%}%~M>h#m9)&^@I4j9|1Qti5HU8>3O@v=XP<Pr@d$$T{yg(!7g1Ont^{ZVz>6tIM
z10V}20kg|u5&$(r|GbC~i>+2iH}WopLryB*V`@s-v&DlvfWX*6pTvcMHWXlqWy4xN
zUn_MD<S2-|G&gzLC|Bnu{MA|Qoq4&EqoSFest|@~Ffph?z#zG3B*CiM&?%F<&&shW
zQaGH`?5G2+k_J1jyF?Yf9W85_AXTa(h2rmzyqew2=#7d$t>6jkq>(sxGL;Y#Pd;U@
z97n9!CEibYS{AZ;{8GvLE4uLC;3ppZ7xc0B%6ao^1PlEL{wU0B9D|JP-D`5M5alUI
zd9<p8kA~D5zl@v7Z4bQ{H$%wokOYL#q-f!EsOgxU#=GJ)5hPaqrx5<($g8o-P`Hn|
zY0zxp!KR+1<cDq^3sypeu-!WC63H3Xt6XW?@CfB(e_1+5iL@_ziPP9$Eyzy#NAMLn
zB|i*i{eclGRmA?TqQ+n#BnByg$eK05yvQKQ{8*G!>p#wLQ-btSKEem>6p<Lsu%N(r
z1DGHTbyg7)_q4V9Fq=LOBZ|tzZd_g*;+JtHhzO6Of|}Q;5vKGpR>~A$E!ToqkmM15
zvm^C>SILs~OOC-94`<=8S7HCi_GMGx(IMjL4hf2FuIm9Urc@Uv{(gAM@QU^YJrCpI
zNme!SXIhYn34B2qMBz;f*-}7D;Pk!fgc%^Z|65&6{PX(=H*`|D@yqK4N-MHz_da2p
zJbJT}U<0~?1CsC$uc;S_Sc8Aoy<o2}7=aOKU(?4ne|PS)F}Yi`GYy)?4pd7&A=U!s
zS3QV86TU>_nUk7*US${Ps+t8Nvmjcj{Q9rcM<K2m-JMycUtnvgel|kVGJ&?-_c}u2
z(7EUDE1U|322t(D)-tkPRdM?_{D#8gEpum?st~QyDE>CtzyKVrpj3%2ED&(Aa(y-!
zE88Ll-r%|uso>RqYxlG&rXyvdspmfu9K4-!=fCe0cju`jgtGa)o`u)ZNJ!dYDRaPe
zI0ARQiWoh=qW4C2n!TKA&+(-OG88fi`Q{%pVJy9CX55jjR{u;pu?K8jQ5AJ-Fs&;M
zjkPYsnv}IrzKH%GbKO0swV&adxMgCzmH{?4Oeu)ewfpDlzC2a0`F&c<A5tJ9f520_
zD~`o)IYy-orn#r4Oa#5VdjNfc%nQ~p`2SEg82kT=uJip7ZLM8`Pa7l%y9ro;=PYkk
z#ShO$i>?hFkRqPpPGgs=5BK`>&@&;!rkG1vIVgmcF@zM*JB&}PX~spe@R#8&ZFO~o
zGld7F;}TnsFJc<oU+JIa?5tVk2sjIa7;DbDmu^}<4#NoVpI%Ly2->XBGGJssZnd!j
zH8cd&P>YX&<tCtZ@5oBST&zJVvr`JUq40R+DM(XH&i6jn;gqQ4JjDUolLF<;%mW(S
z`Z413*QeP7zirbx_m8OLl)>>>C@Fr!RJy8Eg+M!mRL?9mzu9pf=BnZ%R0gLP7+wEn
zpuxOS%`5jI@Hf7$%)d2d<NQ^`=kHd{3QIIWX%@oRbaa~@{Lq|=$Z6EEq%s$8rm=3d
z_<x)ctY5Aw8y@lANeM~slXjZTRy;Qtv!3~$9Oz&d?-i`oq>C)mI3OlTS%a^R1`L1^
zt3ci|zcco;Cs$gDPYzTGw#?N+_6m?*5|FbvaXM~56nN%IoAvf?_>8@MGdQ^Q`$#gR
zMl1dkK8P=jY`ij{&cD1|>`i#G@h7AASD<S|+Y#nPapj?kxYP<~;Z6>z77V*y)}oW+
zaqhn)`<f*9q|q{OKv`;~?~5zy*j7P2O$uw{w$f&CYBI(N0bL|X^nL6;j(dHOVGu!v
zs)XZ1eV7+(nZ1*rL0f6++CIo0IsqCuxY#%NXDd%bA@LeVKf>@B;H|#CFjafL2*$Iw
z$n+g!!TPe9>lGP|a(mJ=(__YFI7qwGGA{pHy}A0;6*a3^DTGA6=O;{S?#cVU**RKW
znb9_d8MYvEXHs{2v^Tk+PUX-S$0oZD7f4n`dY<fm|JO*wg^sr40M@Q$ImD_YCQm$!
zV?Y*eVd;`N*PnyfOJrG*)X*<*)RS^x31)-BU%6-?JOx<BKv|NK1zhQ3u9=<#*-oXa
z0lT$yVH8GKMMsJd%ZBGT##BvO`VEMIuGm0$8$Aa=5Z2?iVBPN;nXgm4pX7)*cqUZV
z_-)XQprxPi4C`4eC^JytvS+(Q<K2DOOI_IxVT8BZ8QdA&>Tf~oPL|Rk_2$PJ=uE?-
zft747LR?YBc9kM+C@=io(#?<UbS%kitw||1Mq$J5OfonUL@?|Z*A?s))g_?Wrv{QM
z-^u7s2$zp>XB7O5(^1pLew_O-?>pe^ER*n`TsULeUs@CAs>uJ^QUQipA<j{0Sxl)6
zC(wV#`YjB@RFc=iZ~zl@ROlAe=SLxUz*z6JLiMy${pc%Nvf+$!%gtrQ<-h~u9K4fd
za7IC`T_SGL>Z3gwEiMsoYW&xFQ`mp<a_am&UsqLgnQvgi!o^ifze7M;oJkn*n~!p4
zBo-Or$j-v+Akh`|s`x&t-~`>STzi(a%q{+hJU_PKrA+uu#Ql^HTi67GD0u%nNX@AK
zStsp2D8$3e2c3)RR~e#c)hgOIQRD8z2u+@8%RR4QMAoPu!?WgX=0v4Owu7&pQxcO3
zV+wk_)Cm8}5KdptpMmJ&#8{=bIi0t@nLoQqpUM?yB1n(A9`~K_B*S2cbE%3R+#Yd3
z-1@sjEDrS2t(dN@CV8m7N|TI+r>aY=VfAlK6M(}cGvK^VPZ#eq>-W58Eb{g{6)=B^
zV*)ucaEL~?x2cAy&>F5`+0VX-DcASh179=~K;ki@`NsP8bWU&!U3_lSfdZ?dr~ghe
zp^E?TqW!7fxE?Ec54(xS6EUnbko_uR(jyTDjfi(;nj8d&PY-#;>dJMe>!+a79$a5i
zHYc<TvC^2hV(nOkL<7)~U?#eLbyW#hM|L;ybHBYoQ|r;(B5B{1nwIWyPiM-b=OS3c
zM0o}}sPPkmV6sQn?<=BwPjHG{!RI@YzvMePZ)*hDu^PSdZ^glReQWzW48j}<h={Tv
z$J#ivzD~0~dDh+aOR>>H(;Q0H7j^I+%vhCVK1k8<O=@oNX8<S7dj=%IiS8b8soMPU
zngBp!s_XE*E%epbIt;e@)^NtUw!q7T&FvZ>8PGetU9%+}_Se#WwgG&iQ^9(@lk;Kl
zv!@`-N^p7AIqkhPz>hZ$$;2Invu;)VgZ-i}e$8RCrasWrRA_uqZ*Z)mw^>4rE>b%s
ztE~_v0x19~j{JB&@x8|uiSKhLK#?~Pb6R9_dWo4=0|S;AoRCmWW8}feW`=|7AHuRh
zD&WODO>Inw3Nw6;gw9l$G<eU4=&f*SE8C6IQoHZArq0E&*lSIt^J;7{BNf{l&AgsJ
z_pLer1TDFbo8HB@7WG^^3zl$382_X=mNpXa@E=JqI7bkcj~lb*LyNB%ru=YyNLNLq
zUOQ7mPE_4Y^u+7k)zu?!F3nH#8k33V`BHc%zBm#jMzX0csPrD#ezlm4qr)sWOa3l6
zUaw%>iR>Zq`tHf<E`LV5{#J&VN=vgn=j7-pd*!XE5p^e|-olaJNA~Gj``|cBQ<LGb
zzRG-=%P+WSQP<Csgfe^iS_5aL&U=WUvSM{P{=LwP6_&`7#2;OX)_ieKfWsbotK&84
zqd$n$pYQRu8VF>M=w`*R>>A4d`ZYarV4XCNlt-?*Ki}&tzjmSa)~YAJCd!wi?2isB
z`GmJTw7efGtv{XFbb-no1>7mUfQA^1HPL#kd7+B1`RIa^)bTsq1(nK+4NFspXnIMc
z3Gv4>J+ORonz{-N?Za{kID;6bSm+6Qv_nx;glG8WaqCs&60%Mne_Bg4b*OH<w%vz3
z0)g-*!BbqWk?l>wChujDJ3E%wUWlLsiR`x^bt4F%vxXWE)=;$`D<ool;D<dK{7d%y
zP)Y6jg;#-va1{y~IG*RcUru?RX>m316IYa53?;&3>z<`*v<r@rp@B7={<CeByKcS8
zy?uY6#4GC@0?w*P#z*Wtxmhu(HN!_V;C|%y948*W4)Qak1iffcP4uU~5)@Kqcd#w=
zTYzVeAXrD@7s1ve2tVN9q`S@+1K9fXsBN;eH(yzyfiuU)iK}!b8+kB4m{zB9&mjox
zGqAcf5(ENm_0OaY9KuFBEnT>7E-!+ybbYWu_;1B<`j3=KeqOQg@N3sF7u438F+EnS
z3?3cU-kM#*aW_be3L)xK=%^L^v$t-U!&8*M-w#MFf4%|aw{>|g>wXmD60r@1|2|`*
zM?*#i{FR0B!=0RP?EZ~+HARC%)C^m!IBpHdyAf>U^VLJduXog9?*N!jJ|w|I)!<8c
zpg)ag2nDVD8J|rXJ5XJVy=q0jWsn-@uWGHXZVkA<_A?w;&O0p7`wsu>Ot>Ek6w|~Z
z>;KIik+!|+I;?Z>Ty}C41ilxHW&bTp+*9DKV&6KNyTg^eL0zQ7+PJsSr^+2msy<Ic
zrQ4{NX5oq!-88*eV6(SRYu9G$Smt&rVJIX$oYhs4gCVIt!CbGiKH{c!-e-Wk2C&m;
zBF{ULiMMH`q_kzk_(8(`$fL{J`_PUILmwHAt_a<x)Y9@O+NUPI4tA88Twmy@aprK+
z;03tj*bt=v0C;YAbR0Wk&o0aProaW~vw&5qytS5YVQ&gv*%R5c7b3O!LSo<x_!A6(
z$+c%lkCjc7J5gNebf+AAf6{B(2AMUJbXppv7U_F~7TSeX&f<?RmD1?AqEZDr9zGl!
zQi!sLp~eFqsu7N^@}6Nz#N+-jo>D8aOLmE{IaDLW$Csb*Er%`X4cQ|4z%4eUKwKOv
zkG{a|ZLF-uEb5gd+2hH}Kfj3Hc1^qjsDA;T%C#p`9aKe+07L)ghKlLIGauA|qgrk!
zEAsXL1(dM}d#1YZ)pmLU!|<MjuB93!l0n583tZOVQRo8E?e4wBhsZ@tL`{<Y2>Le_
zeuXZ9+ea0#4i-`k)3)#qR-n-t&`9HWHU(O$TbPzb%#|yPG_v28mVBfYsByoDU@85I
ztU59T?x0P|TTuyJDDn~DdSL|a@tcl0i+rOs8ilKFG+*nmN{n;e<X069LZzvjG9Qc#
zicSqb8`)q2s(#AtfI|Fvp{}sYE29dXw&zeN&Gi;tq1~C60JUyUXjW6`dtzTvM!faB
zVO4g1j@7KD_ZJ6Q$|v8m;}89O*qTMaz`zgF{(E#gE89$&QT=BAN=Qp5^eZlWiuY}u
zfc~8Iup;yE=^vxJ>+0C&NY*#>yiPnmKRAz#rBxKWA@TJ-UCxbtM3zn*IeZ=5@$4)U
zHMygzuFjy!y=nG2Gy#_%I#Ko=_P29~E<e%$d6$F=ESC`!J;jL?<}_083QEfso@?Wf
zaOQT*$|JI5ri+8WP6fn6v(G{{oLTb;!b)2EMszin3&TIOXCyDRA{OIZ5*%jOFiaf2
z41@5~0Yp`Ex@Z`i<18^Wft#IXP*(xzAKkw#1a2OZ{up|gdUv-jJ9Mop>b*VH@%~Nw
z)C7+Uv>qeDb@=a0jVjc49x81?bu+qGtbR_|IWYc`5jc*-$3_2gCaXmK*E}{Rfv4%|
z@6FeIe>A&<NJaiI-YjQzT~w|`0s+>Oi@EeRTUD?{$>p<=X7K$T^7ezCOaKXupgG+5
zRObB%LJMek`f5ZX*H!hGvRj!;ps`7H)zJ&kB^*?I_GKn(c%pW8z>j1ml6W~`ol`mw
zw=Kg+y_PG!T_k|zXIfk6j=CrBwNaMEH*2F^Pt5$*AIFh{fYQ7Zw1FGD3eRyXd^6(1
zTfg2eUwIWWGSx5)75|-a9(WlW18&=&$b!W2)zdS74=&8C%qq6I9$cO+I%^ibeZU)}
ztI6Knj&1VO-IB^y@!YxC?<Lf88cbmbBF%dG{mAWoGfB{c!XO=F8`p4?%!beNO&F+^
zFSU*(b~gwdfC@4xyU+wJ45#_<ke)~03wgKA5b88C1*U&c>^YLgBT}z_5fx1HU19(Q
zr2&}DrcV#nWN(Cf?RD4J#fhDk5lJ3yK`w#kwhLx(`not{arZB(l+@sk<TJ8FZQ?_3
z9{CnLCJCW+s7N$0T*GwZ52lbvN&y)n2Bg5%9&_G*AHL&6ug0P6W`?vYEQk_=acq_F
zYYT0;JtT-8d{!Y^S%BMmoV~B`B4O_U4e|`=NPlyd<`VdGP{5L`#7MHyLJQD+u5th>
zPMN}$V(2>zm5x)J*<j7YN7Vrzcj@&>ZxO0nB+D5YokH9Hp@F5>+9y2J(kqk;`{)z=
zf$PiO?#a<TTK_;`7pz;KUTC|3a&2Tw^(YhtC!Q{Outu*COIyas5M*0*cC3X9<lu=1
zKtgydvhQSmZprFoWNn>qu2`b}nXpi=K8a0pCNq;TMl^xjRi}`xWOx4eFbe%BI9x|v
zEpl$5XOmMG7?2#TtR~fG8|rG9!WkbcK2)skFHuK-9G~@|1>`3}G#m-Y@+GaD5pC_j
z;;Oh|4*f4)p2A<(VrHh_5^IK2!g*2<yUCP-H0W<$ieoKW($QAkTpLcu{(mxm$&it8
zQx&;8X9uT$1z^uWONf*33xi%h2PlMhU`E<n_DeR6S+2uAV4~u)iXklB$e^e10cWen
zAE@|~OS#QDD|pVi01bMMggBOQ1wl*IMU&w;x?I(zdHP3JRab%x9StUA^fHD!#_Z1x
zfh^3%2rwt=z#n*8k{Q%!eANS^Eg}2P?8Bnd(yu%$siI5hn;aFboZsURd}aeMly=}l
z5{>HhnR{`x_^EqG1HqUV+lM3Ey0sa}EaOdFU+iOTV)mPPz~vkpFA%N1MHeS}QQ)05
z)F0IJLz*7RZ*W9Br9^hcxv_bta%-TQ_qj2^`%nB{XV9up^$|Eln0>E0Al)Ki`*DFU
zwv&VD3g+Z;C@puu=m~mBd{s2B5SA3Um1sK-mFcT2zU?rV-N~8d&d@Q0agP`08I0kc
z5<ML1;(m)6AO}tzX;ZRc`Cd2qH`InOOcvdnieLSm9Q<RKORI0v$#rEGd=~&a9)K=x
z-+M2~9p!tfk5;5r-T;{W_)PftbzVCI2r-OoIzt$iES<TR{LRFxk?M~i%O+uAF!-+v
zz30_`VTfZ3UqYoKupk@Y<|z#7Pf@V8E>SoB6=-F71BMjDwbrqYaz|Q4t3k8{-(voE
z<!0cdxk}M}U>&+0EalMqJSLCaG~D<}9=SJzhL8wCTxc|xR$DBnP-FwsqVQSCv+9!Z
zX;+*QHFjvA^t~<Z{D<GZG!?ykN#DdG!4}BFEacUrKtRhVFK7JDyu@e0y5!FOQDX1B
zPCa?&ua?t>taUK*^5s`X^iTbXeq0av%_aJSu|r;0Z@*d>RHZd@8)qYh2_n&}iY)#e
z2y>tW)@R<U*hkN%FV^PI%P6|=PShsUwn)PN?qef}S$VW|f;MAQzYi0{>anKPx5wrW
z%oM9b<j6w^U#{LBp1GH~o#$nd9iBP5J*jTm=AIs7tFF~9Y%?<)$B6ZfZ}~nf)@lq!
zc1Xc|l*aCCh<j}IKA3orp+}sgBsvajHWe+7%t9^Yzqv%vzv@x;cF>-7X#)w91I#_7
zrN1guAQO#T*EQ^x-rCAb?gux*5vFKM(KrO|>g_x{rn#27vgcvzfQ4Tkfcda=_T+pQ
zp21sa&*e>1Tx%o95jltNQ$5<fi*mtuRl%~kY5IK26X@pL_>Rd9y}v$kllq;;P8r(D
zCG)w|A8`2dBQ-3b@yAq`-~?wdyA^0n#i20NYy+m9NWsLI)X|U7DWBF<$KmO~u{jes
zs%oYvD_$lTf7&kyv=5;ab8~1eWAe6gVhe%150b#5&j=8=^!d>lq5SFeS<KiRkpjcW
z`hdtdcAy8I+Qfq`k~&(T#V6dQ7N(IJH(=N=yg-i)zGjY-lcDRYrl<?~*(v!-=E1J0
zzw@gg1!MD2^-~K!N|r5A*DujX0kbnu3<z?Hu9A2a<45Dw@(>XzRbSp{J?_W>82dsA
z8!nVw-!X9>3zF<9Cf2tdc!anv1dJv}st&&ux9k+-@VgBex^9Xys^_8>3^+chU|02l
zj}64L6n#Gi16%FB?=Z)nap0^_f+@yrkvoM|7W=S7$sb^}ZuD3G<blYn35*n}#5hq(
z--xLnAbuMmV27}8V@t()b0g0b^|Rs14&aLO6(=#hvxT0II7NSfCnS3$iH?kSa82H$
zy|e?i{jvN5u@xKhP`1M&0n<Q{ob1)N+RRz=wcdndgvC*1%>L&fm*A@yxw2+kII90s
zV5f88y9npMxd^(ms`UGq9|}`bzc25aQ|lzi7~&U+88^kmsj5O!k)pR=Zx#6c8m-&7
znH$F@?CLTpsvQD7{%#Ip#oT7hQ#bH`3$2Y+JTJS7=w?Rs=D0@db01SbiaGXh0(}Oj
zfZr2%lMR>CdGPbgkb$AM8YFE3!0-oN2S%^6DythOhD?3|XYqi^AU8K&?hGwO-TZpk
zH~|=)!jE-;h=8L_FeKq%@)@z)@X>oE{~vW0x(3uWbd^-2os?r5TNaftLhWnOySFr$
zztPhC0eL9i4S~aPNLhcbFV50my*!Mg5_NhUo>s{RJ+JcMfTDjyV;%apOmxv8-HsJ!
zy#7klr!iyhxzEoX$<+`2J2ytH!xAOx{^G}Q$qVspVZ~-9MdWW@i_!?Pi&P6<WTDZ!
zAR$#BWQ}7#x*S*7LJ!Z;PM8-06R5^`R+rVa!7jl}EL+SY?JW+$@(B?vh~dJ-8w!Y8
zWV|ZmVz@%Z%Bl($z}95*h{-WkkP|uslKmfT+4J*fBYs1ycTSKzFfR4d*Wn#&b5k+h
zw#|BPLUC_Dv?KLydF#G5WEbRw6-=stJoWD@@0g-KkpkC{@r0C@iPaDPxfMq!Qzh2(
z`Tqh;?F}oCDXN}=V&qIBHg@kV=S&UP^bXC<Gw(hCoZ}h);b#CzM-FWhWQwF28oH7-
zFZ0E4{md|r1c>B|nY`ZwIj`woPhfz1QVGaKc|_0;^&;WTcQ?dtn3X;KlN$lK2Znpq
zwfVKD-CnOC>0q)q&Ifl*v39`<gt$9<P{J`pHpMI^Rl?ndzQrY2R#{$IlxnCNvVsZ}
zJoPyOZBuw(f1QOF?sAUK*!1>0nkCGzcYe{aV#&UzJyS-QFH3>4W^}o}2o2igQ-LXi
zq=oElkeeK8wy+|ZMwI<{d_+l<X(9Ds4l>U6i1ONoIv{;&j!GdLlc1bk_3dLfH7tT(
z6@<6m(a)cdD?fzPgOTPq+i!yW+|{m4@8I+nw)j0M^dFmM8H62m8w99#y!>hzZlf(B
zEB64znx~tohC*lH(0)$SSEFZlS{dWu7pzw6@v&+LeqIUb#RK7FW36KWhp09+4h_|@
zg*>@x`922vjZw5sH=4L{Tlq)0{<BD5)O1sU*;X8$#z;Q?g8~U!cM2-FJcF>Og6DD3
zN(H1hnsN&QiTi@-$NXnPzSh^k>Pw;(u39#s=)}W3iGk!YYg{$k0T<e=ze7Z=aM&Q-
zwh5jUxBHa#+E{vd%)Td6v1yN@dwnE6{U1QiiZbm4d>X~mchCQixwrm{>iPb_7im=5
z0Hi@mN}8oR1f(0JU6GKKMoLhW28jg(7NmRWE>S|4W@!|JC8hg2_<Dc7kME!G-Cq{=
z-aB*V%!xTO&vWiTOXJJ&aWiwe0$>00EG_oz5r50B8QUwK@xuqVu7)MDNmu0eG!`@Z
zwWR7a$%mMm$L);}kNeaik$1vLAxnG`<Wfbj5}CjQ?N}mro}jY07cb-rA6zx?o!I;p
zdXaxT*ZF%J?tZYBP%nRqIs~3jQ8#xK`BfaZ$nJ!E?ZfOiN9W|9TB1c}M=^^VG9`ev
zScBi%(#$sQn0%h(@DM$LRW%=YS>8}8McGJ@(zM@?!|lfr%<6ybPBwx1dSv<=_+E9b
z+hN7t1TxsZ@gcEOIeEXL>3P}A6j%w~7lj^(cLIk8%v%DXOn&8eb_gVa`x7rW3}CTe
zm`wh1FkI^Q#<KL4H)$IKb1?w$LlC~H^(Fuq3rSgK^F1r`Z*hKK<CS237m}*Xhy!`{
zxL0wnA4qrRT!rcwv*Wev9)Wxn9lw5Xt{D$D1vY3Zeyrt@W=ir(o+qqto84kash1~!
zw7-sizhbzj5jak!gNLO@2pAZ=>)Qx=BKLla^$XzdAi?~5)OlryagJx82X@GR_wXO_
z)M-K-ErgS?f;qt|1i}|Ft62HR9(D;Z-H_}TfN2mF9pGJB2E=hCjJAGB$U(l`AYz07
zq^MSb=Z)7LlkERs;}8Z_NiNXcO(2%nFmlLK(`WKjW<RT9J;VMvR!F<rII%VP7Ws{@
zgxAj(PnuIET-y@>Vue6@75S-v)N6ttASYf&aI4#ld=`!Z7;qgZEF{(?`n|O{trLh6
z8D4?OkZIK>;D>7xf5DFpxc)cLlRIf0Q=;2m47~@o@`Ag83xS-Bjety#%vofl$SsI1
z0GmN#EsM7S2ypv84Q}keW~4l8RQIUCbI^}jkpKNunR<)!r|Pw?UbieYI}ZT-upeGG
z0WG$`qe5b(H@Q(ECjhQ|7vM*~@`1rH1l_;a^W>2;*z|@(T@U`R!vPTnM<rpJ8X!VJ
zs0wbeG`XuL5(E}CsHIUV7zV`s;KJPB8^LM;S7?+Zd?IM>sx?swq*t@tQO<kcg-S`u
zf4#&C%X^fh+_kEs%4vSNU1+BB`sIcgqDqhYwlsDUW^s#wvt~J9EvhX%Xc!W!4G8`+
znmmDMG+BE)U#t1J_VZGAj#2A*gC4PEOf+x&GTm8G^v8&Mtu`?+iJdm`ikLRzW&=-S
zwqS37o=f|HYV!t(BLBGe>|th*;&g+h?=fScQ=Dg7l=Bx7`Y|24+q@ZX-!JYx)joZx
z(kM#V+RCDulGhptn|QPSyD>RmX>Hsd0DnvBv`!DiuNN+=kZevMM0~nzQt^T3>TCG(
zadfAdp48CV@SRsJ%QQpgJGun)3mdXeZ1!)$F2?x?ArP^@LH|n}@_U(daGf~x8S&KQ
z9VHew?l*JoPm1qsmJsf9!ip&xtK<bysXSAcMo7Dd)K@c>0s;bOUG;YHi&X^g(Bh<|
zF5E|^h#KoR({3>J?W0U2zDLlxV78g*(4K$Rs>HV8-|wm?%NZo9BobL5i9S#oOw_H3
z>A@|kTuaG^gPHd5hxNXvB@`JQuP8*bY;L2}i}M<lFf5P-s23G(Fqif`i{z05On*0A
zBs8kAN~@GYl%m`XABFAUXA`>LbdMtx!t|a>4x$paM1q*TgW?Th8vI_TN%07JXv*d~
z`2^1aZOPhlnm;;Y566K#0Yb~5t%+3OJy&cDh}u6U$$OPL9<@<hqb}qLaIkVjj4ZWY
zDqL6Gn-b5!{Wspo5kR62e>%go!uKaHP_y4lMkc4}Vy8NGjZvNgrMm6YLDI3~FWvfz
zAP^SNcsorC|C)=7>h@-0;I0ivP?0AS4fGozdVpBTw1?~{pv0w0^9JM%@XHY1v5eTv
z0M*mE$7=;gXMUR5wI7|=c0lM)JWQgbD_@P?foUN;$ywg-YwN7s=Ma$pc7HjLF6kix
zk$INpoB4es(_(E>weWA`)zq77<ajXs-0X_5;mOZgQ~=2J*zG%v0Uf7Op+2|+LbW6V
zQ0eJ;2Z(W1QsG=w9&AG8qyZJ}h?wc$^4S@PR?lh>r#vH8<89+PIAGh7d}9S*+rgHN
zeu#;=<na_0X}_l?ZlRt`F1U6Le+F*?JEVnC%NwIX+`l(nANF$%wIKnspG(2zGyDes
zHSBQDZ1s}<wOy@r7QWfF`8gk-<h<Aw@|Nh)C24veYdbQ+MteR0P|#NUKPz(0PFJsH
zj&6!(8T+8l&joN@*KN@fis}d<8pOCJ`az@wkQ$@HqPV~-HrR>vk-yc@Ym7n^MdI%q
z8x*2v!n7bbr6@){$dZdz3QV)CAS?t*^xWr-pk0n<n)@K|3Y`xC4JAoip39fNQC;&%
zRTRe=?~<|~-Q&)_^{_Nwc+C=nD76Eu5v0mRnBL4o-&J>aFe+%Me`N!93V_lRL?0kf
zE3_y{pj@2sRdT+ce}EB)zJzyLH9Y^j_CeKAM7@XJgiZFxFI#nz8IC)58dtHq7y<zj
z79iV$WvHT?Zq90;XQCJ1F?rWPpLiJ>vAHTCR7D2sG~Xyt-S?P(Uz={ufzukFg>lZ|
zHfR5E-wJO3e5v4n-RHfLUE4g$yKRcto?lTi8seLwiv6AQex*U6lhk>(1qC(D^H$>s
zId06@MJ14gpJn`fJ@db=-ybyXjlPpk+<N5E<LdU&v*;#GbkkmK$im&^_Yo$h1!pZm
z-c4sMH(KMxb$l0y*WP-EU*(giE0O&hcPI$fy6%c3^CZ$W%clv<ijOsXyP<=}y0*e1
zy~=M4e;IeV*SbHaiD4ngp|MvVmLT7tv5|lEPL2R%en1G);lG^+(igYl@8Laf7%jsF
zX#Mn+CT2ELx}-7GY5amj=(}gCv>cL^olcEOPw+UxDu9;`t|%%>Dl%w<{^oj@hjvLu
zMPC_{d~^FL2MCrsPpq-aGNty-`6+%o<b@n^e?!-K?~^S!aJT{D1BlhcBxg&bl8OGK
z*-C{*hg6SEmMixMqLdjL(nQ7pG6kP?&i&+F*Q8++eAAdu{dACGQ8Hpx=e5+`e-mX(
zhVh2-x9W1viuQ4r{&g2yD+_*fV9Lkk!%NrYtcB2PG@Ndo7bomoXiP=9YoW{icTgN3
z;lV8|ml0SpVYH$fz52^}O)0A0vrKjlK4+=2V$Ms+isOW?$RZQN8+FOJ4tP`@A`XrF
zGs6iWFL8jBi8TJ)6c0i+F~{0c+412wuCwae2X~4qv9UhH$F1(RZP!P?Ph{P159;(=
z6xzm&&N##ItOVSP_B#a@rFE9v_~auYK>KC%61Uu$p}LK=?H`PNqI|ZqH^8}rCH401
z6ZWC<T+`{p%JkbMQr8bB2^sia!eAZ>UWE1$r2mHfWo;vFJgJ`FF2@6H4Le!lf=+O;
z50g}xjapV>!3-N}5KpEp?ZC4s@k|$|yU!)D2Y7M`AV4h@ruy%~4wOVz23>zwxPDGo
zeDKY06!+IxNb-AM-as|Z@_4Cf=FN-li(4$6@1V00M%r$t?!aXOecVA5nTTATCMQbk
zoA|fTq?i~q3NU<ETz!(@R#mFYQjqLbC;w+o>l0y^h`m+<UCXd|cpDxbP>6Wo?t=FU
z#TI*kMSGR%@NKcPVO0uUU4VMHEW*9J8~K4<)YXU+%DxF@9}_VykbO*(z;kh^3j0NX
zVY#%Hr^2~5Nv^NVB~kcIGqHJ!duIHP>Mg{_8T7{{SI)la5G~$;!BW1FG#I!4l^?KZ
zmyVgcH#ij_oG2@Ey?m0dZu|B@zh_)^=qsGX+`ZQGo$K0K0_Vs2)b@AsI`Z#5nH03W
zl0AkWV<?3upW<PG_yrPX$ygnlBFM)cV8X2bz>9UKnqoW(vi8#t5yxDrJ9$5kl<EHU
zuy%4uGmA@giwfO)wi8|e>+Z?4fO)79`;G|QWd)||Ut{Rw67}t{w2gIY^ONGztG~6H
z>sz&&xMnlVM{3MW$hd*2PmBuxXkA490w?^JVpB^>0o8gFzuwLN^c60UIkx?flzh*q
zprQxp4cPC35Y$mkn6RmooIYH$E%tMI;f`DJ+4u!ON#L<)YJX0Qw}y8bWXMH61EL1$
z+`KT?QH~LGE&&#nCc(W#7hc?C_yQ9@4V~Q!aDwajrHoE9dU`ZvK^seTZ(OpQynwe`
zWTXb*U<1CBI*;|u9_J543ouJ+sL`_`5Nd^mTL&9)Y2xP&sY|aogc%M<>L*%1p??Yp
zyRHoT*%%&r<HYx8tUaJ$ZpgI^z7}^#ysj4gJu?|nMIVQs)nfpe0bx-ko0|q}8%V2~
zYFz6DH-_?%+7v+owzMHE{9pkOfwT>LO?s?kT2SFxW8wP>F*@M_$B9({lLHC1ygOK{
zxzMuWRhawTiF)iOx95S1<yTq~_Z;nMQy84|m>S4B1ae;aywx+L+i^SID^VRSm0a`!
zL=W;x|C%^LDXZSJH!e`gD78baZ0gw6dXg`^yOtNoLW?a&sHX;st2p(x0_vK4NW0(r
z6=Syg$1VJ@K_yt1!P?$%=?H}IdSL(wK3aKFr^)9J))FTvh|`A{7Madh#Mk{dr-<~3
zckFa)sRq4HdK{Stf^u+som+2{hF#~Mo+MP94G1cR|Le3AHetkeKQqQl-3}yGLNb9v
z2mP8_nemA8v0vm)isLSb{To$tlE{>J$B)t}7SAJak}7c>D1lZV{sxby^%}s;L6TGZ
zJz&lukk^=^SL1{c_U2I@r#1hdU)Kq*f9(sz-~_u|M>LR~p-(?iUrEi~4CqtDffPVm
z34hj6fD4}~kiT=9Kp+EY{f{816<1i&7>GM8uR{vR0=(i*=d?IzsQkZ%G(Qnp>83+t
z=^{!0qc(wmTD;>o)C43y?$82(f<Wd})oV3fPd*BPvnc=nsQ2#FBXCS*RM`KI7w}Qi
zJDuaipw;dFYt^2>2Dl^0{Qr98yVH4jP5%FTJvsWZd?dmD(U`^vG&JOY&#Jxi4EZhq
zba@x#y0v@%#~F4O*5a%wSp|xJB+(J|-(n=aju*fulKmg$5CxFEa{WIOaF5sD*Xh#W
zD>(A>|MK{KJPgKKdUv<e#ll!@gTs7o*^s8<%2MInQ6NQdzHllvaw<h4YfDS(TD*1+
zy~f6;#}B8=kOq#GI^3oDl-e92lw{getfVpz8Dk-g*z#NS>4~xoJ_$#XXB+OB!zK=l
zC3g<7>E<%#r~Iyv@@(PnR6=!h8CXw7xrA`ZDHe9fzDWA7>+3oOn&(-(Ao{f`<1GBk
zPG0lwue!(5!_Tn_`?iaJC2UpRg{?Shwe_tBS?J!x=d^OcP1OHHe`L@;=Qdf{x0Pjh
z&dT<ECg?<LrPVRuyv-CDT$30R)QiafR1Vb(SQ)Onz#o(}G;rQ(ko>*Uif$R+%F<Qn
zR@NhZSD)u@`aHpV$*S;Dw#BpTq_WU!J5=)QqjW_|x}%oZ#tgQpcP~%du`<hzaGxKD
zi``=Q2|ru$TAPDge8Xc@?pfpPS++-dgRoO5YI7wp@fp{^+bvoxvsv*B_MMzDrp@m6
zQN5zR12Zm;A|2BoD(n+D=vbwyOs6$}h^}eR$TMN(ggotzA=>-=MZkky^i{1BZQHKN
z>L<*T7cZ=q->%38EF0`qwAv}3SE-!;T5bQjXXQG-BI(~}a&aM2bKG67Zy?)mVAL>V
z*0?$|(Zals!Mb>#?cmTvG9N|AM)b4)UaBR!5`R3UbDi9%)dbhNgz|_lON2*7HG+_N
z;h=8dQMHPS!n*y8t^+ho<&PrMkK&uRw(#XoWzU3>6mV00p^`a*V&PB49?;RX-0l={
z%J!YTXGTGPrsurU^0|tGlN=Y}wL4qB)e29~xuyI3Gw&P)FXjBP-#O2=EpC`MC=m*`
z{-i;RzZ@Zt_D8FRd@i{$XO7>Nn(IVkJrWStCb7@(g@Llt@o5$X3FaqH^<Kg^PNQnF
z<nj<ju7Q%A$%ORVHg7w=$X*6D{LoW3=nO&FA3i;|>ptOgzJKeF9aMEg&!A(;dm%ii
z<89N+g5B|g{EobzNL`$fQ=Q{+W~8pl>q5|ez9WA9bG~S5f~i#GNVkQ)&?7VAy*YyU
z&;$+DsFj}1Nh?<iEdk5}02>H5oD=M^3Qs;Z9uddqp~A9>5O$$2x;g$*FnqD<XwagY
z0W)&@@@x<Ef!?@hHS`_yA$n23FiIy!#;d?&zcyO4`*gJ5EA3cKD^#6VaH3J?HH^Qx
zLFc>m5-Tg!!;fKwHlZgWpBbIp7Ee`oqSUQA+7_n_M`L@{H>ca9qwHN?7+J{eui2Lc
zoDHs`&sjSHs9yE-ASrO>?Q((0dU6sdE^+X8JVK|74{iJ=O1Cf{@EoDsyX|tB?z;bF
zQ?KLc{Q0x#de^%l1?o=(gXjVOiq#jVa5--+7xK+hF5V-)rN#KVG2>DF;p0z%gc5C}
znQ#()A*61PL5dgX#?njOop%%M0*wm$L?jpYT17KNohO*9H>1VR;Zx1Gu;C{nF6mjB
z`0wWoDAMxPG{vQuMTgE?z7@ukTXm}3ht5z&xUZxy>#+zE?JcH7+4uX&g=`95#%9=B
z3`Eo7Ra*udCgZK{ajV8eWvZwm;WBcXS13hmr>FFvgt{KAa~E)a4dopWyiG(0FU`ft
z87rWf5!2<RqRwsQdmwP@@-fLuD_-A?)_JZ>&|xpa^|w*=Us)-hCRR{>fQSBeTM+Tw
zS-Te#S)7u#EIT>Z6!&8C8lQFWCd(yIkn<h7PiLGGd+~?&g!2@sXC%f3WK=xj6P~Tu
zR(qT|Xsxp<=z44uc+Y-e#-}c}VVntSf|VVli#?^Su*+j27X{3>wmJvZ%HE-sm0xr7
zW0g_6q-mf39nN>p@}J3;a_#e62@e%CFF>xac1v3bd`~_g&#~g@ckQwr*=H&_!%1Jx
z>99Ara?tvOXUfDRg$MzeXgazJWi-#8S8lRwaeftW8oc)?yl-{Aeb+aY$`#|`o}b>W
zWF0c)C-#N+e1V^xs}BCPjp*+JO<fvK4$7m{ec=sM;|Se0aPyM?4$~5g6Ame?sM%mA
zv`PO~@3;EJo!s(I_&+N!({yx=hCR=kJsyQ!wcww6)xo>7@b(`ENps@aFq8AcRkqt`
zQMyhAWMn7z?}RaF{49R&^K9MdIaIZxX6Oxm+w;Rm;bZMmJ1tE$3W9Tw1qQHB5%;Dw
zmv{}eg3s(z_Y_!>r(Pmg$T3<Y1%D;n&nh)aBq7^@9THE~Hfmp5z3c1<aAMn?8?D?q
z82+ThP979RxFVVeEfX>q?AlTnNp(M{vE&OBznj)l;+x9OBn2!Z3pEhld(IVbrU$Ku
zRQDw(y@<948mXP@<w%x=fh=8l;^&2Xh*_#V_CF)$);?6zOitw(jkhD)B?Ke*;JHg$
ze?fuN4f_tC=)zr{(j*J2GqW2Spz!nc7E)K~GN8;aNR#$%qeCWysrz#Juewi%@-Ve#
zgE`^vwS;6fX;zC^yjNIwFM`{|-VA#O!|)#7@gy?T{*-E!+;+5X4OM*|u$J(ntzeUq
ziQEmy2KD2b`%+N(o@{PH!hH4zs9~@8$#j0Q{OC%!oaWu+oQlARB3)CoY9}|x&kdTb
zkwGtVGD3bp>nf^}bgT8J7m=z;Fz@^=MYt1N6r986SuX;q`!$u)Go*ahdaH>+?Mbl9
zfQ}7Cn~LURxOwRQ$wMYh!av^7xckqiI{gzgfjTKb$SD@*OhaBh=voN0FZ^<B*ha^P
zp+<8oEtk;@W~%PSj8fKLRsSdr-DF`Rmjgr(v5@okC|hu$Re#w|aSvXlD7=j!U>|tf
zG*&oHxcnA>JEJo-!KxdA=J@plrL&k`CyN~7pd@nvhE*&<%c4-^PoVxNm2;{+RB?ob
zEfo<dJD+uzB`fo8260B$X;;lFFoXtM`*uTT;qShR3KBV558_4+Fjxt^RdBf>yG|8%
zuM9`$E1VkM3b<TOTrA`$kb3&pv?fZzXKLpJ<5Upa`)6!y;Mcpz*9y3wzxI<;c#dat
zIk!xgvbM;-x7vS(=E&nfjVyf6a;xiq!eafmz|nr1O1Jk<v>e%Pbng7D!jkQ`o~N-6
z&~QN|w|KE1v$!1n9ZpZl@0z2V{1m<lQDiH#p*dJgvYLn=qnrvz<4B*%vg?%VKQt2n
zGZNMN!}|VYpVzwxbLsvW%O#{EZz%EvsjE<+%ob4Az{yPOocRJ89vK!4tflXSMH%x$
zGY_<oJ@QAn_}$Lmxi1T1ja1aaptS3x>9G*+*=Nbo@6vm3g<F`v1YHH|%Cg^xO|Wa-
zedqVrq@z0ysheTUVomK+-+1&ys_aVw?8UDTLgoQ}wk0IAtk!!}Q@<Aes%vF|5lzVQ
zYd?|c1~7oNCtg!YHiH`<=FLQ(;%ngl98kTq)QHW*n=p5VhIh*~3A>KHhT6Ey!W?G!
zrt0W9ivdxwBNP=XN{v1VJX_!T|IYJM#znTg6^$y7_PFB3&Xlsats3&HXxEE6v!(v)
z8GqNxZ&oBlByiSND8<VlG%u(?Ib`XFz&jE;!)N_e_5d?K`~mosC2PRR<oJXq?wsYN
zoNpW~cLQfCjB2qmefqtK$oyxbWV^BB2%d~?JY%RC3jZ1UY|#y^8cnsnasN56cKx_J
z!$DJ;e_xI8R@SXPS#s!xy!PkWDBbazDYzuub_tHd&em}DI5K!I_y;8wIJIPVru;OJ
zL8{H0wxaIAxHD=a`#6F~j<8N@mI0dGhoxsAYb*v9i!M^X@dsLS_Vu2}5p(NksGsf&
zqE&4imQ;c$!!CSf3^!?SH5V=~AbMPXec5DT%gg^FYw%Q&X(jV)wt6n+V$RoHNO2Vj
zENQo}mW1RvPIF}^7>!mTL!xVwYxX8irM4lysaIzjxskbb^2viQFOM<g<k?z=_owM2
z_61ym%*U(WuZf!&IE(aofWE>r9^DVjY@?&=yDgyj8E52pacBR%vk>D{bJsw`!PX0?
zYFE*V^Mh^UZe~sb)@E|@XTN~J3C{o3-#MPQ>f8F$b~wqeD^bSzW?mW}+qYwkV&=Fv
zK=>ZXo3^1kkw6QsKl3AV$4jN}@y=GU9+UI?<*?T4fIW0=zEwN4YL2eH4ODh{bbMNq
z!8#mptNc>Y*?SRPbNg~fM1c7|7uQ5;v6je4dwWl(>nKAL?&2TW!`{Ph`6N~jsZ-x;
z>N;yQ=7UI0?BtveqlyEtYFuofPX4zyu#LF~v*wXYOi(y`i|a8#^AT1FuTZrOK1nJU
z>(q>+m~m{%Z6C3xGhJTO$JEj@Eg?@8{55bthfQR+A}IuC)!#4H1qrDuE?W&M9Ut;8
z<a2C!a&0_?z|kEmn_j*2{Ov>ayL!fU7L+AM*e>O;8Mj})rS1c5wR?W)_y-I;4$ZC%
z%?qI`k7Z||$J39E{t}lMp^wW|)rHi3l!^Ip{eFM|qnxLrZ1mdd65I(Rw`gga)Ff?b
z6o0)$zjHLvOoiEPsMuuw<XLNMjd`aXx<MJ{QyMb%WaX>&G5UtUvhT6VNMOwD*|RyC
z6*Vn^zR)McliIxZZXYVkigquim=*Z>5K7cRytY4FIu<)F9N4XVQxQ2r3t?eSp>EkA
zJtvClZRU=GHM>yHApTL-<<E5M9ozC|Lh087X#RA}`J7iT?Var3IrJ|h$}jKRw@vO_
z?|A5s<%eIawvpUSPLnK={n3(ZT=jh9q$Ttx|LZ-k<0X>CN{2LqTbX55M46fR-qOzv
zq;Pt^VqJ=R>nmjBhdk{pbhw8m%sG17))AlN)f?z7d45dd)$9CDGu+EQ8_$GO!NzH;
zc&AkP8M^HF{PGU|f}vKrUH{KV(g)S8vzs5Ko7-l0(~HZ9Gc5@$uL{MmdB(jq_>a)M
zR}Z57c%TBueyob!0zgbN%p8-e_9gc!Y=yd-?2%t_;|TWu9$&q(zCr1E=rv#j^|}?f
zn`oT;p!}kc&D4<SND2o8S3xDOG3dd$$+*ZVfz>LuED_$8kG&^P`X-V)CW5S!A2&JM
z%6!xyC&TEGs);t}kvg9d1YQDb9WBP&l~d<b@H``v?w-S}xJ*?Sx(e{TsV!n+{;$_e
zm0SI`mC<2q-Ewc*AXVp_`DeSEe#;^gnC}B6HHIL{JEMPNZa4RVibU2pj)7_XT9wyF
z$Gt*&&w6y9F6UOq1s>Fh*|%>uTil&NFWu61*B@&a3BoHDo}_BazZ<v@HENw6I<EZD
z+WtV=O8!+G{FTjO%fZf{k-3<ry3R-My&BjD28C&r6&2D{fsAXpk=vU3y1pNWI$Cwz
zMRREC`%QXW?KKV2-Mio!6wlhKb3d<qxwptR5M5u~X!=5LtR)xzD!mwV^;g+%Fr1UP
z9XqDC3>JU8rEyY|fe8z&Qabw(q3K!vb6z0=em<2~4utMi1Fcf!^(Le|mbf=l(3)0y
z6YW>$z2|>&kfoc^rlb8s^@9g9H{9!+HJXl6mp#pXTZamg?a~5OkaBW!Vtbx}ayle7
zbom;WyD|xpey@<tH=kbVR>dIDm0oELyOKRV(FOkLg<-0gMbG<u;Y#~lhJo*1dvnF2
z1Xr(Ty@+h)Xm(l=zfps~4=iA0ge=z$m(l`IsEHl4qv1r7{<R3r2C8JQ-+owNwdQ0H
z4eA;bp*eCUhU8=?2Y>#~;pIM@nERugxo?=+yFT7AL<VIdX9vRNZ<flq@7JMUHFmY?
zQ^+9Ebb-I9Pe1%uN?^FfSdK;@tZa+k?9VF^bi@XlBq(Um>)mxQ`?(!h=~o%R#AQ9g
zPd3~{lh8=lz;mqB=d0lhGei<5kEeS(LUzIx?bpgJHz%>x4W>28;O7svW9VS>z35%*
z&$h+VO@2eBx0Jbs>S4r&7H;n%!MZ1LM^&{Fo^8cydd)KpDPEJ7^@pZ^jAV`c?pv7I
zLKVAKcq`!yzNJ;ow7hjmb;~^=mcx%rMHl8@t}ZRz<RII<bIqATV#=_<?FHlV^WaUK
z)#T*$LD4eF*ukKYEI)j$I$!1oMMyZ4IE*f+^_RUL)Z$U|)tgNmhof^jpwEWcRB~i6
zy8oJa+3uasu<xT;PB&y~=PRID(!8kBm2A^D11*{R9>Pcd#w^Bx1?ce5yn{xvbLbc=
zSiSVs-qT@Pg8t*J(c|?evaf%5g}Cp%i1-n1yz2Wlrd>%nnFagN-ig%Mh>z#+8?h}G
z@?Ga<qsfN8c|XIBmX_jad3L73ylXKGzdKv@U?AYfs<~1N=V-IV!^sCU$oer+n;w&^
zd!%f8e}Bt-w5bk-n0kSYkBV9vC$>n<WMw~uB1;8O>*M+zx!G{dFFZR%PxssmzBG(G
zSHT&?g=*~$`tMlG-Ryh7xq&%pA-nS_r}o?DmSUcO%g9LH>sct2d<m89dJF`t*k39k
z^;ZWOgl9lBYoK<DBslc#OSb0{yhrTxu79=>bJX}-ZH?kahA*Is%dG3#nhI&kSxn?o
zZ(}AkfAAR+$pz2)IkAa0(KanhD>d4<ta^(Iq78<_KYlqNmpDf@I?y-QerwuI!wh=Q
z0&woQ3ldPsZF;SV#9#%tsH^J;C=su#hG*|yUbJ3MlM4xTeEsNCycy22^@dMVT+&ww
zQx0nmeIGk4SG&5jCN)v7%LenB4#ilQT9-O}ImxnKSw&QM8}9W^gd^OlEyJvOeoQ;S
zw}fBrt~{x<?MsfP+woz}7I+1do~RUe>4WOsCXuo?xKq=AU>TZwkyKGU@BwkkhTiH}
z4>8h_1#|PyL?q!SV71JM@|HE?wVvA4`*2boRaoBN;uH`F4GQc?-!*%#qc@D`{H9Ns
z>>P=m<b3xm(DQ3$5LX$u`8_gA5JE35cb3q!=lyi140}eGNe6d=hSSn%5eU8KI%@r1
z(=2qq$nl9gmEn+&M`=S+<ng;hFr$e{Xt2Yj2>)zJ0+xd+=W}-sUp8ArOg%uLo!DZH
zenuBZhJ^vOq`&5TYQjsl*a*?bZy@zT={{9|FTi48sEB;>GH#QSoGa-gH_aU~7}K?+
z+uZ?|EVLc&2ff*(bmP&yW2_l2*%6LM4?SvU)|%F2tkf%H9cLmZ2BNvRjJn0xUOHmc
zWk1>61w1}9x%Fl`Qg-6d%Uy5clZ|6hjHUkA(^u_}DBx#BG_=u(T{ClQZYFZp>z<mv
zy#z99&E#)$S7L{YTX~N;B{{nB&Y|A?nb3@9=vu3vu%~DKdsoj=j+sl{<}tymRn9{N
z1(xh<H?_$b8X|$_pym~!Y4t1cVV|oR^r99^)h*_O6ZsWkC+%EZL0`>TSTl`|W_&6w
z7PF|2ii}jzt9c8YwQcbx&d=`y!T4KxtJ-a^UZ4gGD;&JCQRipomM@aEw>bsA3+sbI
zD3O9ufPZZFZpsCZQXY>x@in)Bcn*BXA=kcG_$9DUYakNLOdku-Qvjc|>y?&nzrjdw
zr+yrPzZahW!HDx_I3*eQ{F`Pyzxz^?FQJNix49$UZiS~N47%xDUyNh_0#wZe`OPb2
z66^)RmKWmA7M2*1Bazo1`Aho$y$Zo&d<+hd9fx7DVKQ>$I5*f8WbE$Adc7ff!SUnc
zkLgMt+LH0`&gTv#NH1|(vj~IYTI863r>~N&o|5UEcfqB>**B65IK;aini|;=VpU1(
z^|2;>v(Ef=B00Y*)pmr*m{)a^SpCaybrKMGbh(8fWon*NjhCCu*3b0#uD4d%gm@*N
zH*gE10JgYQTq)(kCXi}Z#Dy-=OXDa{3Pjc{mw7-#V!92S0CFB5&*b?6)K7#gg@mq=
zIlEjLH@bl;k<V&gGHTE<oAW<0InLilVYZruAv@q~&6FuCmB-Guepo=$Ka;L&72Uu+
z^Y;uCPy9d#A&i!bbT$2J@b_*f-jp#)pLwSCHDVt<uWrg!s*4q@i&Em`Ni?~q5`Lmn
z?0>Xdp0(Q0)(3&S$tGo*k(%ZxMKgGATf<qTlx}-WoL#ZCoJOFH3R>sH?*!W#&X}wl
zJxsczicl=W5%$M{d;-S<dnpkGq{4q*l{Fm(KDuyj*q<g^dz$3Q3F&8GHWx3?9W6Cm
z_g&%~sMExSh+-2lR#=z%)s-;}i>sd3!dNwEc>`XR)cAkc|4W0)cN#B*9OtY16<TT)
zT9O=zLE333<rv80GELcM`TE79;L#qiV~BS^y|J%nVa<|xA#zBZDp(;gjq~6S)9w0p
zbH#9QstC~lhgvLkH&>58>ljyhlKb6O2gL{$gg>9my4BTCLd26*vzqj%QOe)?k($_$
zNKi+Vq2Ysm=H&;E2~ZA?Tv=8fwq%D2i$fJ1Ax^&MNe4WG6Uj8&<*A4IsoUVG&Wals
zU_rV8-u-#Sx+Lu4VPQ^!XMA^j+G&4P1#J@o_j?|zi~5*yX#y63jw%go;~A_QGV}{O
zm<61aX&xR|qe2B{C|+e0l^C5)-<weqd~c}6%N=(}SD}f^ko?Y6UAMQv?lT9+I1B>8
zS}waMI(2A{(%s90SypMrPgXq!ay8qez%{PM%abfz1?5<%Jx@mc;&+BU_f7MphR9@q
zGLc%QHFE3oT~41rR;z1xZr{DVwMpD`HHbm2dpfTgKmxyhOO%q<0Ya9T0M4}`qz;sF
z3m$X<N@)RXZ#k567c0)Vp?RzK8dK%pF~&|dddE4pDZMbi1_eE1854)Z#ugPJ=r84p
z0N|usn)Z9%S`e?K;K<;Ezr^IRuTiKx$Fjs$Zvi_}h#V-hmeIemi6RLaTHMeW`>fZv
zT#VWXN{rY?+`kc(Q=-xs)M)zfTb4S6K$3{jRTv|pdUZ*^l_4iMD8`C%vV0{FanGw(
z6FbZ_YYT-fF!MwT0s&%|<urDN(z^UE9)2aBsCG2NGV9rr{ux4QNui`R-`e5CgbisY
ze94I|*jpup%Dh0qC){P+-48Gv2U|ScW;}!D475_#Z~_%)SRraq7x6iuGywu3Clv^j
zu_>KrnH58WZ0{9S^&}p8CP}Y4j~+gZpv>QIgK@3iH^Hb}m4IAQ`$;En1uB?S4~eU~
zeeF*!gEL%UHg%ei<FMdg@d>N}SLr&6Yyiv^i~}Y<$8)1z5Tgp41BC<oa~+k}I;c?H
z-)A-$gRi@}T*GY5nnNH%AyD3I4kog-RKq-aN$#;xlLA#@sx{Q;E~;cr#|MfL44!vx
zQW9^g26aCFRo`=OJ}KLWE9YUqElpsF`Rj!$f##{78L?rV3)*D}eo48$j}27mb9b6~
z7=Xd5qu{V+=GJJup!T-8nZ4_)uaW?cgu%%sD7V<%`I&QV(NeuSkYiK&IsBo|6Kd|k
z<1|xEqJ<5&Duihp$a#P)P=Ug7>ctbP-UIP>K~3a%2|Nq-i|?g6vYDRb43z-^Rf+Q`
zkb%%H09Z6$6r-v&kkoqism8C(Gws(8M9Y4tDdL8+*P9V)*EfP;)p%Htp8&QhYg{Lr
z7TC7`mwu)!?|EjtFsfxf_OBb5lqgma<wl=(*TX0P!-)Mjq0;87opusys`+kZ?J4K1
zUjo#XCRo5OgDV^Y5yS!o^4`XHHQsjE^3gkWeeX%#mQ<H;c|xC8@&v;Y+|ud4R;3QI
zDj*VIPL^O7N^4th5%`($NRU&zYpBS!h89s<g8@{bspb8iENqBOH8?@Nx!ue*`1<MT
z+5;E~&9I>Ausec=4RCGa*Kai&ynpNiVr~?rkT)@(?0hD2l)3ns6QgiRCG@nhCI+05
z_U8Q@Aie=f`!JG;<yh<K%!UegQDf#!?!6s1U0bX9J0|^7b9yJP#wG^vFz~M_Xcg44
zEf0N*_<+s})!*7{v(QJytxsNvH*n`IUd(FKK}c@^{%SuckGuQG-LRYpcFtGm9exc|
zcvNX;rzTLIu$8v?O^6gP<#ys@0gw*MM*b@ORp~tYg<Zl~y`$xM;Dz^GLgq1#L)Hxf
zTq4HU$T{=vGQjscU3p~Kc`rYjh~^R_P_-0!Y?h#~cz55z97s{o*5~FnSv1htkba($
z+iEdgCEr+4Y>o$sqyQ~^<vdc;8cfLa>1pBhJ|Q(Ee^oSW&dGh1TjLxGhGm3M+&WIO
zt+J`x|3-s~ubX*62$7iq+@;r}ch?%QybK*Je=F!!F<Q{%S=8;`#R6NAALj^uc6$>f
z!F#=Ufe<TKYrAMMeMkg}gc30>r0Z`t71uwdmi!9LPUicO%7H;j9wPvNBN+M-I8JD7
z15gEhR~(zR^6Zcb;1T?5{n|{`#J%5m^eZ}#SNPq-=pE)qCnT47Z8Kr@=Qj^<QymyP
z!T0BH=3N;NlrTV80KjLVsZks@MeSYd$n}Aq^ET$*oW^rEcQX##P%4((xlG<W<>e`K
zuhmYMElYs?&|G-t%aHnVp7r9d4{SQXSs={`V6ms}LycZof+FXUEzTfeCvCM-EKwGs
z!UyJ$N}oPqg*PdGp7&yb5H{H8$~_3s8xKDsHL<$qPT-|r7fPU9#iax!YC?`FlcR6+
zJ8$A|5usBfQp{K`mc-Wn@B?(j%fy;Epewq9gG))MW<>yjfE09q<M+F_9jG;%v`)v~
zBi~B($tyMfGY1S_oZ`l8&(prOpoX(R^7=ooOe*}}y}rj2C}n6V1+K&EAPkPoh6lzL
zo()?W@=osu<`Lv>5LDYa&d6?QwZ>-j3GRy;zR-OJ26mg?fuL?PKDn&&x;+5VCiRMo
zgnqp^G)7@u*ydLRa`8YueHt&T;tNYq8{XI5LZh`!7sAjFre74FL|q!rJbMvY<MY-t
zZIY_DN}J_Pr$5JFbx>8zgQU6B1fcxw4$o4wAwig+Iu-B1<op0tYM)Bav=uHGbJ87k
zs29FKt6>7YMYv?k#-p_iq>g=rA8%=^MG^EB{I4fmk6vuob2jRVF76|3-DO*(1t^~x
z@~6}{W=a;a1F%@_h3gnZUsjUWR$P9x`}Z;baYTS?IO(o{RpNdUm$kIBMk!Zx0e6za
zX`^OQX#%mnYC2M#m;2Q+4&rN<T)i(GR4<lc24l&XYE~?x4BY#^bsyi-6Sgh<<4s!`
zHQ5uY#F_2QmGeuw*KvY1<@*;|s%OOAJQMx?>5S0|c|rgtvGc}(mjx2pBr>10<!2`D
z-z}~>;^_=99)sF?f9#7WjGK@skuqXu|9PTC{PbBUz)FPysK?Hf)FjL7-j}Rx3ss#}
z_YfL%@mP&T_=Un%X5hfnqoP=GoEnNRF6v6Dv^WqKK%w9eQf*CH>#RXl!TIAT(v#1|
z?_hI>bA#>MJ0NWqDZ%!+d!~2-&QFmnKQ((GvA+Q3gWBal9JX}>L#aVATBV)!a26O8
z3PFt`<@sOPt$oI+9nmzDSt*~eWxj$A6jsA0@=BA&IdTk9z2a|LlDR>~YGIWG*B+Sc
zkr4oVkukfzjSVd8;4VNG8pOs4LHXB<B)A=jVf6tNCaqjQ6L2*0CdnKM-@1fv-pOjd
zwcCr(oP}xgWRiBS*}ByHW4=*?!F01Zr;7tTZ`bWc<L9!{oAxsdd3h>gQ#!Q{P12`G
zv&RIj0VKrwK-#51)<7&+;+lcQ!hGtAniY6s?fhW9WZMsMRSyeO#_Q#!;xev~{2%mC
zF}M3UR~YWhC%=PB2aQro5;aXW=2=MztYFe-{p_90-1=!g=GI9ac!rid2NED@%;WO>
zTApxf&HldD;9JJ)DWHYY)ck$<cF<_g$%{{Na8T*2ME}Mm6bpj&nUqN);xOUcyAs`u
zsZkv1*JmTh&G<vw3Q#dgR&w)b)4Z?@7>S(Kky}=z0ya~bcRCX(3&U5d9j$@@dRvb@
zj37p#jcjYYUtD%y7`z_g$7@+<PF+L#naN6npVvQ<zcRRb67q@v@Kv4qyvQq}^-t6g
z6&VnJyd}{p322HEcbycMUB+$b%Gdg?6u=es+b)n>T7tSAiV&h}jafbWh`jIxK%(IK
zYf_oWFgX3I?Ti?l5BF>fMYn$TJ{FroiLs7zP?wiGh^#2b^aKu2$Iyuiem$rs%`Z^B
z=XGsTUdb~mygvScAK+IM_#?OUcQJOow#&lElR_4A|2Li?y_oqCaaj+5Cz2YJ5qZA4
zxT1L5SO2)-$vsF~q+I0A&SHL%C%Es=vBwDIuSaub0UaM`!}vqbjUrN0xZo2YY1|`3
zG@`q}TaV@#DR^SrI;e&%BcM${Mkg!L5F<2?6hB&9SYZgdO!5n*ff6W&2M#o!=$L8U
z9er8pvTAPNfz<pV*dT_Al>)|+p$ssUgx>j!iJt*MfH*Nj<e(Jw#$QlS7&X~3PB>Ji
zh}=Jk0|Kq9%SB7{oT`?D>w%_$*`N7$_^N4-KVq+8g%O97E-rT6`t0(3nMgvsnCoj+
z8_+q{wH#+1*p003K4S#ZUU*Vd<KGr~r7UP>CS`Y>k}GPyUQ-Qp22edj+Vd^==D80q
zFKbVEb)yuqtFqpFa<tmks`sn{hO%IS$@E`D_y<=^*UXcpzA|(Pjrv}0!HRG*#bNM2
zPA38VlM$v;U1kK0mClq?Wx)MHX#D!<3WvI?mrgTyuf6D!Ufq+Vs>h|e3cO$OvCoKc
zM7*A!9wmO0m~yIdZ17{ihcGIDdBZU#uwIL|7$>CetAihVZ4f(eG>Wfvad&*6&!b^u
z8%NFe+nl%Xm)~+-tB48bV^us|x{smEDy^^GF9nIukl@rS{Qrx=4Gykja2z?K&epF6
zhgC^cW4I}(kETwWHE?Yxox=l%UIE?Bfd}t(O*3G9yB@tA;(8SZj!6dZjSLlJN3o3U
z=H-mAjrrb?e!anHtCe}Oj1hR692>hjH{UWG&^FY-_SUt&jkkY~<!H~8Ff8(;yt29B
z4++B{?e+OS&pY?-A!S~7FT>!*K67*PT(qb>{4F>0@KiyQ#=W}}`eu#I@^iCIB{NNa
zert{Wck4rnyh+w7gA#osT(KWOR7h_y=Hw!I9^gmT!I)>S%qR2(oqj!oxk^vy*F;Y+
zcc1-jZfQ$-_yHLwml8o-qn%bkD?nzb%e5)}XZE5?RE~Y>Xz$H7-rkwoeH@4?j+}yq
zQT~UI)J*2mJ%F|qafzDIN}a-=%Uvx;E53d~<+C6R*79!ham^A`^4&OFG!wbMdXTsn
zzYK_1Ush5H^2)_<UK(xFp>mHX@UUe5wRq#R?Po{Vpb7m9%qa)z2Uc0}^VE$S+h|cA
z&Wt{-jJ4B#RA>-u?e4B&S6wUT#qoA0EgmaO>to#!@6C>UBaMc=yEh|b`8J8x`rn2~
zCf$MfD=;Y3{5mGRMUIg7TPv8qInEQ1auk0loUMFEkk!3Sdee5}pn#TF1I{3MnJw78
z{6jiBX8#X1YPJs7UEE52v;Xk$@~wOo-l?39PTty)icLgAF=I=@{*M;a(N##-D%Qd+
zK>2sgtPt6pJnyQvE19!qhSs&`zx;Fxh|9QO4RGVjnrfb|EU#u^+hD;xd=LvDKSn96
zf3k-YX<a_0hDuZ(c_BXkJQK<js$EQ5bd_3z=Vi@puSEAp<sytp)D1rzwK+iu>XBtP
zA^u50-NMO)DB-hvBQ5VgP)c2fG~st17NVlh^5$k|Yv!pDY#SLe(i`8BIXMwSv=^{p
zbq)^HM0uUL%PLQ-us!lJP{h(k7k>oGn%|o}*<e{zeAEh`kr!5@w|C-6*gDb0-1;Or
z98#9@@MCi8$sO3aiVGU}3T9F!-^bN2x%T<iCQMIH<Wbvq)xM9Pp}n@ZP%+yHc;;I!
zO;Pb{BY(14daQ-jUXSQqP4An;l%d*Y9N(60e~m|O#(B}j7CG{qyP%+|l8uwprE#H%
z#n26#9A%nN>z;=})BW5P94-9|>dScr^l`~0$x`PEMJ1XuE$EuKR*4=Zrmj<WzyUC!
z`?gyomJEq66SwHMDmb*XhU+w*G#`eOAy*zok0>k)Z|&E$)S?r(NP7=9VOQnHSEc#m
za#nU9^vppFI`!OZKGPYqZ>s;HroUjqsO;_PgT^1+=8YH(Dr?@B)*OAL*5uCPH0rwl
zw5j()g?ZXYe9ayfL_!91{Bnw0NYIGa?Y_nX?!i<mNz8jg)q*1Oc_kpm=5=ZlnnXtt
z^aVwEgP@+4yO!qPCp1oKXL?PI`AucrrMICQ(Yn$srVP>QPHeNjE#~p?)p`*_@j#uT
zBIFNqV^*Qwm)(t~jppVfo5Q(p8%w1LtobMIKnVDO>J~J2$}J`_&Y5NF;;$X1JE@Jn
zbwnH)OkNe&qM%a&E@_;#w_(quM!pSRO0x?ItEo?@&tFmmp~Gp4h0i7oe8Tk%oS7^8
zU;cX5^uyn3s~&sd!5h+_HU7Hw*j8pHe$c*6Bn;Kjg&eUm$P9SI({$XX<>Y{FkD=xH
zK>P6am6;n(M}3l1>83b(Dd|vBHNTv7NdKuV4dDrF6${Es4z>jtNtx1+8}XVMPcqk>
zfh<MbuEC6BG=o}mQ2D0%`sn@sQ7>er@>@alrS!(zHzL1B<h*q^H1#Hxm_;l$^8=2T
z2V>6Z-^?YdGT=a1C;@e~*3}=%SgVI<6N0$W;g3w#kQd&`sv>4RdS$krd6R<;3Ft$$
zgWJ(k*bwpvu+?ZzUs8$B#gdgnZYuo;^-~9SL0l))4s{W|Pn-A>e~4C!4sipb;tTZE
zu>TeGil~3}fFz_6Gk4yD%;k<(f0bHeU)*#kV%O+M1Bvw@2#ZA4rC3a-8WNPrD<g!^
zW`<Vp)bbRI%?#ft`0YB?(Goif95>*CVi90|Hh*zItFZc+*>gi*xdhrO<1&bqe6O%^
zG%G4fHgI}niVb0akrKQK|IU4%>D<e%Y3ffdhfpm_{iZo+?Mq4W3XiLKxN+6ACoUwI
zMV0{vgoyLI?R38SW2g+DvSQJ;S~Mb{p{!WOvE{ss){p`RR}oc)T~-W%uwdO_WKb=x
z!*Q`C<Q6!BKhqk_5SSkdQ4rnikCU2PXnZG)wEch~f<RP*WeB<@j~X{6-tF{HvX##K
zYJ8VZ%avr0?}0<1!BrlcdD?>E9IAz}NmoN4rAiDqOJHZrm>1tsp4@Dv67@`~By0Gv
z1!;e0@#ha<FXi}@vuya+#*WMlu^<FuHyB;>FYt}E?mq+?kaZz$rpv#|YcFZ_>3m&?
z13C}91oFjAM?x$}sT>2&5Yo1`=2P|Z4PGfXU89Z0_~fV_5S?2)p!r@0)t2%SH?CUL
z9f6YmDS+sV;qTjOGy;HC`4W5h99+YmcT!fmRo5Jb(foJ>`R4eY?q(|5Q8mv}F`N(x
zqatXY?QXRv%+JltFr>Q28g<h})e+fPmgngP;^Ef@MPEG335Sy5yn`7uWe43Z+)0Oz
z?@&R0xZ%hx$gR`lU7dc|d=~XAvM0}SC`HNy(-`0Vl{=R1;?8G2m8w1NFNPEKWqEeg
z)Ol<xRTy?ib`L?AjP8pU+>|_~+l}Ocg416%*JERDWp0kh$yq%O6S~!_uQxqhJS{$v
z1cAtf$q<-5dGzq&^tP$t{d^AF{=6~^-z7zuc?3qSc^CG1zq}g3%!p=SOSSzS4!za;
zn?5cx5IEVz<e)H38Au%9UYg@iwY8}EX`k?&;oSt3&9EB!u(7P$G`t5D6UewZ<Ylh9
zUovf-TVq8M`ikZ;VrtLKkW3R=l}Dvz%(n2EX<`f#%nOKCe>ugfan%4fB-pmwNC@Q9
zolaS8BoETlSC5f&P|j-iJGhP7bD3-$J!OF+7ZaTBzSPvKFJqB7{G}pbDIxhASu^7#
z30a`H!T3XmwGWYXuH%adN|jqricnfhQbYww(U-}uQhct|KHY?(s>`P)u;$pgQZAi7
z)(A!w;MuRLlU&7Uyipi&BYJsZXWoKQgS2~tInWUlRx1x+xHuCyd=}NsA?A!(yUXKk
z9%cGnL`^!)4s$cksJKpTB&&incH`SOgtEQB`b^@?jr3#-T}&f6#5F{Qpr&`uY^~!e
zdCt@d-MWkt5}cga?MVIk`l-uDt(%Cq4yxs?!(SDdz**Xty^(SS$6pQk<4SM`2}S&_
zsmF(^F;ZOmRl*NsJZe47A*8<gLa6O|u)6{rWU`=L3Fcj=1DXy*k%eEnJy|<OCfT`-
z9+nQrf|~KbrI{I0N>zSpkzVDlI&##rTQ$Y+5@~%j>+^n8YRpq{tK0gp)prv+{}MY=
z;s#?Zdw36$vEw)nBzme}_%@WW9}~St+?z{$eAHCN0{(VdpBJJ)K-+pT#SOsxh?Q56
z>6zK&e&{X-{aq4+S4vOZIVsN{9}=9cLVL18NC|M{7=AuJLJxg1{E*_D{_w+tjmDgX
zevS$oiE-yTd_6&}NA^w1Wy7(pZs8thgF3^`WyM7KIpk}zzfpZOsY3x$ecxW5Zj2J5
z=KYn|leZd~f;J==B=?F+_3<DoOyGqP&tKNak51SbF*G}+;dXy#YJMqlHvzd-$xx38
z#=Ph({j6<*lr?EEZv1Vs1{F~;7jG)#yifEl&pUalm;VWFbG;`O^5fQ)i;9S5l8%m<
z;ja%>Zfl6}al$b(HcekctsL9{_v#9NZm}0QWI&gjkyqLK?^6(Ea6};m!jVlai$1=Y
z#KHlpXG^lmB{IU5^&E)ll0Hh=5mC&hB4Wn+fp)8r^J;8Nokjo=BQi-qDqCU4S&W!(
zW^Jj{Y21AQo4#|n$7$?;93^-a09~zSbtB5dJoMAmWzyGEQ+{V|__HSCM*0}32mU9M
zkI&VjX8Gas8Nu`5<e&_0i|J7EAMzB6@;=Yga58HNr<K1LuUlPvdup47_bI3wyoz4q
z=d{qMBXEIb4_wM~d82PRtm<o&w(#67Z``j)9JfdlU_Rc?y|!<%u?S>>{cx<Wm#2Au
zIB=3Y6SDM9xa6yGi6ZurJY)n|N4_3O4?n~`jEQSKK5^YTpZM{d`7_no#<wAd#NOIO
zO4ukV?3*b1#Os;m#2r>8jZ%#>Q>5&-Z|>$Ae=#HSjj*EqF|ICt?uL>XxdoJGl$e_J
zF$3(>QoW_A?$W~IwO`@>TUM~l&issxpr7M9AX=EHYL-irjJZ8TDg-2{;$d`^tElfM
z!R(lW5<KlK#+!kr-e|#=bpn@Fdc2k<bxUeC4LYt5G>o-Q%Z)iJg{9R)5wlZXcC^2q
zC>chORB`m@zE!h{P=!Mq%f3F~s;!Mp_nw-nh#Hp~6UX2kCQaknA~dE5{dmJR&H8H&
zQQg`)^A;V)v*SOW(LCM!8n2n@W`27?<OU-tHR$c)%t-XX59RfVKB<Yig1XJ|F?9sn
zOOeh_8`NSh(n@)ef9-i;ol}=z7rv@Io=WJMY8Reb=o!9^hxm4EqW7fK3SIo+ulh2A
zdyng{)`CU7K8=nQ6efXHvu9kA16=z=`5bl+694@Qzcbjw6RSSk#?H%b1A4UG=z$cX
zl5Cn9tF4wCEkHt#UZ4$%imS;|s>{>FO^*zH%{axZ(%XKRrp;9CZHnt&NuhpAI;j~R
z@#vI03nLo(9O$7nE&)xuA0tr177jgqr3s955HdP^5_GL??L|Wn{mlrQ2-Bx8H+?J9
zOfdeOoRyxzK5t**#1eBrRM^4r?SJ3#+GY5lAnHF_mhZ7`t&0owJl?QTE_BB)lurw9
z5da|Ab!m+2ms;Wol$$tpyz%)#wMWZ^SS@^%f6#)9cI0K_vsKLk>6Gaq3!2^HMuVc#
zB+jBo`{BR8-1z6dA=xM2zD<Rb3{q_07uBr54rX}2!!dQ8+(hbx^S|V$8`r68Ao=Od
z|B|0%{+Ij&)@;|wPry8YZy5z3x!{{2hu}JY3__~?|I5eMuK;b=Z(Q~EPqahg@610D
zXN)4mxxrEsM(4Y2E}ruUsqbyB_sDb<)0kZA)KYIa(P*)~J`K5<gK~_WW2}KN?*C9#
zVa{{dqJJwBnK}T<ENuEqXPwOaKh1shLsU=q@GeWY64D{vAT22<B@IirBHi7)0wM^4
z0wUeDq;#{Qgh+=pODGKs(*3>odEWow{q5c}bI!~;GjnS0ok_kNY9skJAcYRdI?P}J
z@?;9Q%n_stXIyx=k^en+X{pL{0-!s1s2YaCT`};yuXi8#Gw#3V?2j<*e`vVOS4o(_
zmexP`axp6t`Tw5f*#7?~-DGOSNlLY}r-REJOL||OggK&G4S<ku01yH8YzFJhk_%+g
zhdugl??sq)-`20!&A<xQ<a?jy*y`n2i;&V1MMQzWJ~_I@f&InLDIjmkz<K!xv|bBS
z<gjl$H!P?3(vWLS?kQ6?mXuLb+e9ZOl4Nv%Uar#!D`{E(UY}nEadU5k@bF{d<GZ!F
z8B6wLC{98W-GU9wn-hq5=d9+N6Vo7&)-uM<ZBVtqx2D4>b}{UYMD-W%+z7uv9rgPj
z>XKDo^YLboe|^;M>bEh|DtR>rJtzOD-=4t%G9k;cmy#R<Cw}xBuXV0`C%^o-l4GLj
zgIahYcBt%;;L5ClxdXLK%yU?|S<CzEb`_Mhmemm|WqU$$sn^AaQ8<Toq$qNGs-F*Z
zVh2(dj-yUTxbDKm2H}DD=+!kD<T6=Lrc|lqNW09)WAIxi-0x2@a+$>|2Pu-}m!U0t
zW^IIYa*zT>oU!*~=x9<+6?x8bJ>Z`N>$gF@?vlf4u#s2!?@nNQM`0{o=5ic@AY8(H
z#_b4+i&~HH&7Qw~Tvpq%R^RyXam&T>NU&;NHF;7<czg=2^JU2CEEBKY^0F{`iZ<<0
zP1_LsTa+)hii5)SHIwuon1%^<2%%*Lc?1QRb`}|$TrfvEpbO}z1>y;ULgnBWIZjd+
zhaYuYBu!f((>2O-8nc^+@>QDhtJsdcQgq&AH=U^c;Xi6ozmSQikkJoY!vS^;2dg9f
z15T#NHJ<np?`<(!#~r%z^2X-99>3^DHS*7$wi4s=a8GoiiE%XegD=8wzBJ#b!H_-%
znM3rGk|6}46Jd)WDM5sspew0HOVeYq8d(_=G025?k=!s3NS6f6WxCmD@RkNxK3ytb
zpCJ1}k<)PbM57lL<E}Wf4F$dCFW_;d$S%=3wci9=Q;?5|8$v!JgGE&{#O3qqPvT3=
z{i#N{J}~Ghf!1qaK2os4ZFpJt9z!NtRWlE5*=lfM!NE$kF$!l$VFwZX0+op!Vnoz<
zS`FE>NJ6b^!7LYJF<<@4M2K1qgmjR?o%-qfh>yMz><w3{+Dr+b<>N;o_LIKKG+2)~
zhMI!Bv+U+Vm&R;OBK^8w<^MnkKiClerrz0NE<=S0n+U()a92Lgk4;p<M?W*qdkC{`
z-~8Zl|I8N)>#c$rOAv0PV1Ggu(liXjkYQscXr$*(D%eJ{A8!Yv9=E3)nG$iqoR<Ro
zuLoF-2_B0)3!5rn#^QC8BZ;Nn*c(0jRGJTeV7Ebn?GzISE<!y)t!qZNt-CHlc4P*E
zhFrdJ70z(_y<f%(r=UQt6U0e%Hpbu<Z=Vem!yYi^9w~Z+e*>4#{RkTRp1T%XsOHTo
z*o1?Y<T9<#uCn0NIFo*)5eD=qof3IS0vVPmp!6o_WCHY9V7C%PKnDNn!eU$317oM|
z{`s)oxt#9e!-sTDVfXj9R*x76M0Jk2`utA}lU7*k2=K6P1T!&qL1bb4tF+^yzlVg{
z)<eF)8pZi|$v;cP`VrgFC_%zMPi0M-!dHvqBs&GFXE>A3hC9JoO}*1r3v-3eg?N}y
z4I8eI8D7OeFgSL_ZN1h$Qv2PjIC$p`@dgSycL+V+0JYtSj5O9ZuivwH0x0UEjZDI;
zYt<Yt+S3fVhZz{7)P5JPkza@_;D*^vU#fIVHYf4?53Ec5OQEpLG3FrOy0u_mDT=F&
zxo6js9K+zUhW#O71Y@DYwx|P@EpJJGCq{6+`fWhShXrE7U95rNw3Lq<KWjYgJK3Tf
zbJ_SVggR0{VUe|J&LaC=it@q_g0SN5Ghknx$fg1cl@vdB<}(~Q-sv7TTQrCryYrlj
z=~!Vwin8{*5@cATSmwEcd8+|ZQEx#8AMJhnn>Ny_+;i<=wF@I!62+VE_zuza?dX9F
zVmAJ}kQ>`>CfQK;)6tkC7nXUM`@_{~sh%@ZGa1QO5fV8*Z5Ic&f8_DK^00HdJhc|x
zLTJ`|^qGbSlLsQ_?u;2_BT+HY+N+`u9&8*sv#G<_kwSI%x&7Z96+GHhF!#Jq@up_B
zk>?DmOz>_afUc1^=SZi5od~OoYO}9*81z%jQ7&8V%N#sg3&ha2u)yNcxjPl}vm~ZG
zEFV$y;myg)t}UwY%jbdJ{E1l?s?q}T&p+EjakGCv@vBwvk6sQb*@)(#lu}g(-E60H
z%x!c81%+<C@2s79*$v-bCz~{Nrea$qADnRdVnbH-!1Sp^a`hB&r|F46nWqHIn4l1c
zW~%84GK36})9GrFh37>wVx_<Xf^;M*3m^R;GHO!~HT8eexNj`mvZ-<wK`<jS{))97
zi|BD(5xI2xS1ap#<`IXL+GMMUEL$R1FwJ5f`c<75t<{D8k|J5)`_eu>kZk(xxEu*V
zu2P4_3%J2xiSox!ryeWXRzEGSSC7aYluLJE!pvX2$rz?c?WaDDr8J>UqYNf$_Y@i`
zb1x$Ib{%XYSLfMG1_2G-G5%g{wm5}U*`bx5%v@_MxLyD9GkEC`OCP3sTr2d7soI{;
zJWQg8WLZ=URnyy+m0-Zb<JWE{EV18HFU_opQrr2xTsKzdpLsGhqWA~>(`SnpeFinP
zS9tF8u@+F?!8DUKoRX^TC=U5448C1DfD#4RO9FO8hRpKbdLCH#b}_%tJqIeiP}bD)
zo`Rfa?v0YaDB#|#KlZ~r`yJ#Lzw+kd7}ksaWzqIWLF^bc+t9g(6seINsh}U}q+Q5x
z#3NQd0-xB~TY8M-*QxKe@ule=_gG~5SD}iqT$<#(bmq>aH8dH}s8YTA`+dXy6&gFf
z2+qa{<g0@YM-_qN7d$+0ffUeTrbu>WTGQKTj2@z**ZlQZdZkfke5{U-{bOa75y^7-
zEL@ysO-k2vxy(tf2t*0y=X#@Se=S3ko=c6InUc)DrK}@#-k-+RMLgsO^-~eD^_!5v
zgiL}RNz5btt4v(HqSL_UCtUsEsgaI#l!?^H5>69s+&1yvfTiXelk8!GgSxHhPN!W8
z-3L{PA?+)VRjDZyCa)9yg(IPVt3b7sV68#S4vV$G<VUyo*Chj2RQ`WLT1HoEX6)nh
zTL~5?{`@vxI=&qV>H=(p3@_qpBYNyTDC~x`?*;jN@Wz^a)2EDr(498uQ25s^{&jHe
z1F+VOIM$y@!#_2iu=uruUgPwcckn!$<JDfGmBN&G`o1!yCi{x8;(SRu<P8fF#}YE!
z@uaM8eqts^ekr;&fWkavaLc7_6~|k6tql%t!vmB}C^H?bau5;ul8$((LSVvxIX)YE
zF_lRAl(JfQcWrpFgV5^6@x~}}_#=e^vwoe!6WX86V_Klw!{`%yi%kwr&J2-Qd?I%P
z0+ucZtUVOUQK}KTR)Lw;I~r5M?W&et^`k!*xw7Z6HT=QieWj?=Qwk9%IVD)GVBbOx
zjbG7pm7qXz4{Y*mK)j^O(wD#5iYNpP6^X@GIyE$vB*w?=5j>%{=v(WQ>)081w#1mN
z{cIzu=x^X`w<zWw6;^PeaK*H#3rZ`SV-j!1moHBB1A06)R2jM}om25yz4g;p@7~X)
zVykRvf`Ka%m+_4xm8smpR(Oos;x=wJJ5Pi{Nt2zloR8PklO+L08oi-_WtydMH-C*1
zuo`fTp3&|3;K?7|#ewEY+h&>3lk2wC;~m?-4>HjGU(|0-zo==-QoJ_)@}tSBy8mi2
z$+gPyinQMGNB#wbh|0xsjd%3s=By^E0y$TE79`F=cz{;TJdV{@Z_P}(*d_EU)cLu^
zBoFRH9Fffqfk7NY+G!ha%<mJ%WG4Xrzu|0Mj<M+bfkR|^wvMV@e)+<XfB+*YNPS|)
zYXBc`gZ0)Y;>Gj6G&KH{9=_B$MdmdzMCtJsMg%CjCI7`&qlZp5fd$L87J4zK;RoT9
zmR=}p6F6!8TusVJmS+Sege)rc5nWY6O|tA9;zIc3_awV?>{QgzJeyVH8=FU<DrnM&
zQ*s6UyC9}govN#B%g8`8NU2E}$=#uqi%6n_v>uLG%>Q}#qUu9c!{pM+Je`?P$yS!Y
zYVdISqnHaLmpNIB!f(-v+c&Kw+xc0Qh8E!94(;pt8^?pkq0G6~?N@$}c%>ew*y_{A
zyOmcJqjDI4OF>Oq6)&455`7LV5)N3}J_6Ct1e*xv#v=SQ1DXzJDITCE0R<oNLB;hc
zXl&-$gM=xPOBhWDBz_srILmXczWGxguWu_##({L5eH-{O5MfL(sV9~$it%PbN8>}H
zZMCEDuJQfK5Rv%Cen!eI`YF%at3F<Sy(zm{iXr?L#*!6Qj@_x!dno8@1#5gjtCc+O
z<e!k!f<7xeFT5T$`+X|8BKFHC%3W!80IJ0H%yP1Z%gxeh_TFL73J?GK!TT_K?)s1W
zPgB<&;`0!y-yClbzsgLU8mv)(P`rk6#hp^wSUayyW{=-EH5>aD9N>2!ZI)L|xi}M!
zbWpgN%_D{<|2#Um7ljEC7|OXRQlL@+9FMK88AZ@Y{N*{XSC20Jx)Mna_p6Mf2YyRO
zlYn8{hh`+d-jNQyM-%3Kfl<|@qs_G6C$f~>3m<YBpiMFGN+~mxabAoV`{|S>o#D|z
zflMyj>Lsv}JTzI%6|I6dS1li%zkC1tv>B@;Pr|N7!$~NWdmdGb4P0~?uV?wvjgy9>
z?e)KbD3wH?xlk^67c=~ZauDKUK5h_mlMd__{f!l&EIdg2PTZb?B-XYLbmp3@pRA{&
zUE-optoLw#EFVeRiBlAJkda<j*4;+Y%EjV(g9b0aC^aUtf<zMKbl6Hr@rv*JSb;kG
zQUz3Jy2>o1N<OI)8(s(*SPxrZo)jDo>n!B1Ufm>teXWe#mg4MSDU6UF!Jr6yop7LQ
z5@Zx$5t{~a2_)}XUhjc$+v;3{h%MEd&(dZx^~E*1L89VrcD17&^(n7Ps?PSLLFGxb
zKDL3frg$F6I#alK7zyC&9YfUL3cEU+6gYz)X(H(7@-_#{A`oTa#5lXg<g;`yG~EOK
z*3Ubq9Qvb1UFrS#{7kyX9h<pjx?duIz_eG>DX4ORn3V%Ojt0s4r?M9TW@%D~nW{jj
zopeYfesx!_Z)g&Qo5HfnDo~g_zTKzRo>*#`hX|qm)iM0)T};zxL0b`0o|}%0>{+DT
zW7fZcUke$Fv+NWWYKSJh1XOy5^9PkQa!kb_MemC~ahsm#I#T;(=iQUF#BDoiGNGCO
zo{Q|!&+#$^9JbkQH}yY;a+Kn9lHEKOl*L8|(5ewqU{2J@-LBXonq2CV_=c)dMI$3Y
zkXFDkEuoi-9qp_xHw$aAPo_wR_3n+G(!jw<EsM=W`^c9j0rS=G7{)3UngD-&-z*yM
zA~Y6+Fgw2ptCLBgl{Yr;7CMwhpS@w2p71{cEx}dWu4$f6rHeE8m0W<uXD>35QC@=%
zVJkm}Y)6TbK2SVO7tigb&$ky?&l8n@6P^6lNllKp9Q7<H-wbf$9<za2E)ng%Izpnk
z4`w|At1<MCzT<;^FL>=Keq6=r)^E>RgiN9~zzdTQg-LlbknhfV;pH#eL0|5jm-<+v
zAgMx1KQ+v~bQPY|cfZCQ3rOn$h3a4V);&Z{38Y<;e>%%|uWhwr@6bTIPij%`<N@F@
zFU;!s^cckOkV1WnMh9W;dkSKLPWP&Ps#=v-+B;0t%FsfwlSUM9u)bJ_<pX@eP9ysT
z$J2~%eJd8}f#WZFN+pKIX4OirkB<9K$DEp_Dp0DIK2UFa4YIsS+2V!SLw3#My0nrX
z%YZXTA}vmjE7&yb>Q5yYDk#_@XDdHo&RmiHT?>ffBZR*WATkUZ6*#R74r>wp_TH@f
zji`kyJ2Bcq#>l7x$S!v?7P9#8IDXhL^Re<^<<xEh#-qSLzai)$YzzOVmRlvlVzkNM
z(PNZnXF*oGzN^DJdYZC=VWRG6%&A^PQC@cI(<-i`Wz9X0u=L<j1Rs!uaYPM+q$=JI
zn;M^bga?*n-wt3|p{<Wsp*yNL9Tr6=^pg)c6AYLyeZe>9&E$4u;ve!J0gI0AyVMP$
zn<pZJJ0En5&WCC<LG3DTRMc~1+)cv2)_Ar&IW24tS91FGdF-kvHi-h0rGOr5@l4<H
z6PzcP8M*3LTIIb_?@qMPM`Jr=lhfAKG<9e=PoYp&`6r8)BOBpTwzZx&8thIwQk#FV
z?J;ZVepQ|Jx=W3W<Cvx!Bp}!SJf1>U3($}m%N7X`J`4Bt$}_0{W}K;x(BP}RpYEqB
z(x$LX1j(W(r9b+aRgVahE{3AHFFoeX5xiM=Q;ZhMPQQR^^U^OZDe$&o*^$L`Ua%W*
zI+qG-{zMy>STmESy727dg^$kjVr+ZM2A%Ggj>2wi`$Nvh40$FIkr<sF%I)q+`vE{O
zwoEAA+tINSAFb0Qe#vHGWcJ&Pa(^leA~goYQ|SBm31fF~u7-sl5tL6I2qOvHAlbnr
zW-ZQ(0ilwSoy7+4GI2I?flStJ7<tcI!gYFq$UK#;Cl_(rP(z(UaBOI#)Oaip`|3c^
z0&=_x^88nNBRv~0x&Ic}*n<*um)K~2_)6Yrcm<X~3kw`){|lraHnEpx#9`k!=4EKm
zKF=|)mq>PZ_dfWGM}^DAcizzMFVb0|tXB;kUSq&pd#Nweh6YUfoc7Ft4+*Zgd%K!(
z0eUYFLVdIvvOcuT6npK4F&JkXZU!VrmxWJKP=d2>K+*>ftWIo}Fl$e%V|s{6CS&)5
zboG^R?V8HKCa1j)-4(FU$xcHOvHAv@-58V=qJE-1i5WjV>5s5+Mnh|Rg!COV$BS45
zLH_>S2?3fxhcBMc5zk81xpIWuUig4p8gKynQe>}pdLrNYN&W)wx(b>i{GfDpslfVb
zeeE{{#VZ`F5*io8H{4L2QkW%^_vbM?y?&uH*wv7ie|(8@>(s~#y}ZP*)t#?tnS;m7
zLqVx?P;_1fr__LVWNx-3QVn17xxeZnwfY)g!#F*B7s?9Hcf1}<ABm62O7(j$#^>J~
zqzI!RSLwE+Ble5`{#aQHj1DUe4c5mL%p+MCn5rs1$yj2#3-!7iMTzc#kmnp<=IXMG
z#l+UOp(gw1%^Av@X3u}=2~Ouj7My)ul#_kyx5j6#V5Fc9b5#dVqR(IZ#D7*)mF#TK
zimcPSP1d(n<NEK%|H^n?mJvL=Jva4Z%Thxz@J58m8|q%v;v+Q?FZ%6A?a|pQNprhE
zw(<Jn7Y|7(^L9m9x;9%1#gonc7m5W?8htTFIc=ooN{7J5l%N7NPv8@+KM^ay)m8qz
zUg?aj&r=$ZmSKQfY-CX9m}m$J&Q=Igw+Pj5SM^C>lV5L`wQKzO6AtQzR#$7gth+1K
zPb(&W)O|5r<=HV9v;o%E7H{bcynM6OQYY%`JVZ_b@k)WjFP7e9<fqm>WQk4gYx|Ua
z^wFsqYT%|rf*a(W<NOZ6N3LN5Z-_}OV=F{%xy<(1zsU%;`okU=@n(eKhbayS&*N%p
zYZ1t`$Z_1+8R!EkKVW5MToYGJW{(SvrojXevZScbrx|tmK!T~L4PzFq%_bddqIHBu
zWG&vO$CJJl-0$@(n2Zp9Py>(efMkWKTuX*XIg#K#SDPGvxZNzt#M>ajRPHb*8|dvu
zB7G%nQM=vrW-YF)XmtQDWgNSqoRqaj_7*#|Q{SvZb&Gi`dWQAa@fYjdiKr^X={j<6
ziyBvI>})ryT-OYP7lm6s{ZwNEor&DeMf_dF%VvLO8&UEzceQOb>gacIql3q`yrXaq
zx75`1%?lqcF32zE&I6-1V*en@{XIGhp7@dreM(b_lt9wHejPd4=+ra=b65Dq7a^T1
zrb_<#^knCrAe*8IMWhqs{!N_1YljBQv#8N)I1F^WTI<CoSVdGUV3qBdoYE>}a4_gB
zYE2#$9_n>_fT!VD7Nb2M$`m|!d`;mCs-c$0wL|D4^}BmU)IO&=i&;_CI{xM-QNfz|
ztOkCl4CINXpRC398oIj@H+S<OR>|3F<^p)OE8T-^GuvOzHy^hoXv7ssHeFss_yO^&
zoM2SlQt850#n$Di6r0YMihV&Q9gmN^hi!hxT?-)_J=`Vulh+$vQ)X!E7dT66^EAxT
z)6v3L?S6?-hX&}T9zskTYA$<Fbu{&K+MjJ({Sw%V*@}x8@3Y66c!4ryzQCbVGLIeQ
z41M_0v>m*mlIQyS-HFZ%y{7byd7SUvJ9VxnPC<q<pB;yc+RQaOE*P2ubLBm0XRFFC
zOn3Ke9+~XO7KE0Yd0r(0&LQV&rDOej!2cAo;~k^{p9%&gXFkR$pck@}HUlUxrm;Mv
zJ3D{s)w4>VK(!f}ky8NtPys~AzQXJ--aAYdGz}b-54ri5H6q+OG$Kx;om4K{B;LRJ
z+bDEKrm1Fkda`9qm}Q`@G|8rfXc0f=qEu?>DCfTmo66@0P%5$kO$U=0ii$u=WZBT&
ztmW&p$DPfi04-6?hfhgNXNy>qGmnn*0|wXPc&J)?Y3R%BFpl<c#S<C-;Tb27ctI%Q
z660NrOrv|Gpc3HRPn%!iB|dW+q>ite4pC`0*Y~8|Ixn?RrqR|e2{3Z~rV2T(E62A^
zPB*~)lcM~#B`N7|I06Y;IwhfL%ogN+Z9?dN3C;YuvddDf5P-G+=l-IXv)Iyu#?<tf
z?Kl&$RcK*bNxqGf2VQ5(@@KIAn)y4xbv$SdAVTqQ!}zcZl$C!KqtP5;;KdMdQ&2{S
z0nM%n!tm;_;5xp`f7u#I5Wjyq%`lkctwVw6wq2ox45lOKouFmO1#3uDHm2+)kKmz$
z)l19ks$#WDshh39$1(J<2i|3rU4xWYz$ZT|GC(^0Y&Qg%`NChkUew2d;A#`kh2mkS
znL7A$@k~uh=abF=vZaQ5z>GCr5Y9@~3{XOyH*JplO6^ZT^w%<35VHGYggH>*#Y0^Z
z9g`Xc=C2~>V^XQEi?re(AZyTeK$u)IWuq^5{31SM%$Ioi+@u#$C5`Q^_FJZ^=KfhQ
zToSlCfh(rl)>*6`uLlUhLkSwp>Kw7JJg|=o2nh;rvphKVQ&9GoyCl_zH9V{oGnVE8
zjIKCL8XXbth2<Hc3G@S*Q()gEyGD%LU`i?(5H7K9m}~kPlCcOPAe&dAJTe3!_YXiA
zzw@{K0>;Oc#8L_dyr=!|3w0!K6y54)DlTEdF<iz_h1c-nJscoy?IXmR9v8#jeq$+5
z+x=>ElFzs|OjE-zKL1Bl8j$VoY>ju_m}}GxYyS`e|0**XpThmIgF`IMp!N1d%4Blg
zq?ua6f8fmHJg*JoMW><@A2+-3_50b&#s(L>t8?+Aa~(eUm$l${_53slcZ^y|<cEFb
zDM*+6okN;N?|`g{LrM_2kOD1{XkqQ8gXp9+H|2mN#C))0o;eglO6(1SyTJ)h<b_yP
z6+Z{#S!eTXwp-+CF;}J!CJP@sFQ&iMqhq7L%6J}0uLHJ0p*~#%GeAD^`o-POg%X{w
zlwjQh!4jzo7`=p2kilO9_=uIsJ?F{TljElmPPB$w%-6!_(RkzuzY2kz;4B%iJBDmA
zNA88o@hw`_g6T~mFR;NOQe{;u7A?*LogW0_%O+3>Ru_cg4l3Ej#L-C%2+@V>X@}EF
zV$ZbnvXb)OT9}>{i;e@naUXS;lnG*fs8cDxvxULFj-sN~QW{6DiyBkWX+d4#;heSB
zE7})3rD`&q&up)zj+1DBtiaOedQ$s^*o#$%d%$%CM<%DxQcfP6o8#o02}z#d_Si8z
z$!>~34oJvj$lOV)I6u$v4sdXf4Umh$8Ql@Gi)?1k$JcdMFJ!WK{vjI%y4bV7zLC%a
zF7ncl0hVHJsfc90r}HH0+cL<L0LEkJ;K?CEW$*v4K_-ev{4krPoQwf`Aj@Ilyyg(r
z*rAQCvJ(-$>6klBm&<MB$b3YtZ`hYH(}B9OdGuv8=~=-;PSTC3NCpZDkx~Prr(j<r
z+>sLa>~UEOLg}Q-(!7fOB@VKjjX#2s2jJm=tBSfQnVZMKcEr?xx~?u41iJ+OCrsH?
z?NWd%3HivmMvpuoWRN2&e<U~!jB^&$2VGWpB^xcOLDQ2Ct+J`r$sUN1P&?FoJ5EVx
z(MHH?JRFv_uYnbb+-5vHtt7B{ijwDv`62D!+HfKb1}CwN)li!^rircKgo9jomK(_L
zcl-_%WtM`G?a@Y&T5#Ut@1KTkcY;Mtp0Vv8oc`Jk5RCaGMjl67GK{!r&9hkw>l6~x
z*j6~HpE`oQenzWzTou}*1kqEb7G~fBvYNH$bz@xL3+a}I88Lc&DB*wY${M#WW&fD~
zQCI2u%_*#n$shAx6KuCJHv{;~lg?hKfr<;%-407PfL2ce^Cl@Bfa>D6NzocL|5#vI
z9v^#y0qP+snxtAbGnU+6Oj(;Zaz&8@A7ysDIt|=a#aX=7z1{x(8zSXRIY0X1Yy43t
zzQ-Bn{?;WD4-ebtM=Qq8gpOHHO!Op6>K?%bpjJuN|E5h5SbB}eX8{(=J~<4_|JX7q
z3_X;-0;r##Xh^zms~cgUgM;Eda+OW7JYU0i@UT!<*PIVEkr<kO<<2hZSg%5z)lGra
zUz+xLVCwN@{V!*nR{{+u8C{1-h9FcisH#msd{aqv2C*B^&Gw5t@kc+{;xgs9b0Iky
z*^BzYn$+a*?3-))<tv7Q>R8fQeSKZTR9Kkvbw?MlF{@<hpMLT-K#I?W^J5|`w;ixP
z;!<gNZAX=&e1u{<dFg4wlp#0If5HSPG2Dh9b@Z;aB?J8)y|fdH3OB&MJx)Gfzn|rz
z^?3ivG>OaF7fUm&=CrzDd+g*|pS2&~@Lj3<h*WK<O6&}<W$w2QD&w7I<dR-k-n!L+
zYWXw5tUr-F!?pZ!Nm`8-6tw0neAM$a)vvN&ja$a$DKn9l=aoqHD_X&iqu*&kd-Nnb
z(^`|iuFMUHcZ*G1;3#3e_*gxpmm645S<jTR7XM~PwKzIF(QYsx1orytIx0_$T2E=K
zO5Z4bM|w%_ks^AEo2L}o|Iz1a2RGMsL31hVpl!X0#b~zrT_sLp6yybtqg$t5N^D}?
z>0HVlZ3Kh(AeA9j1kT-V=7qjKaMb-rAN@~ZMsA3k!rAbF<kt#TbD>rTCc_n;h^cjg
zQsw}cxUZSf?+X~O;@1H6pk<)*q@7QEC$B$HsVc3Mn+t1=w<x5X><xxuAja|bX4pc%
zn$@uNg@v)PjNdMC;L$Ed>>i1?T0wtk;BShN!L=*KLUf9pr-c3R^pMC!M^++!UXf{g
zGCM-QOe9+xhfey{-scQ1fGmIU<=YQad(0+c<F_q9k}_{3M#N}YBLf@w%7g`&COl%J
z`Kr94i7r$3?dgZpkITvnkmx?HG}Xl~sMGQ2m>77<B4m$FadOHgZ-Ry;en(jx-C-iz
zib(bHz&mbh%}~yc0|J1@F3`ZlnCFtnVma*#Q}oLmKMtl+Ea+c-sJ^=RP|%n|*dUhp
zp5t^&3WLr)B&-tf-Iz)xHJ+Am@?sFv=l{qcYMr0b(=^I&!{Fq}&q``Omp9-K2^H1^
z<Gk1YLS~)W#*_3|E+>8VK&h^5q^uyxWQ5n4<hwZbg&*W`9rpdzNz>Vv>tp?gMGHr?
z%-^*ZCI)7(LGK;3NN}oW`M%xj$`*+(B(LisvOi`OiNMH;QOl`Ia(!6i2|rA+H$Xdn
zX;tQp5TcpKsB;disIp-#Ovc7CyWC09(GKFmkqC<B<~2$Ei+E<Hi13_aJ(=~B{9FU>
z@8`m8^QM;Yu|Pb-XO6vRg>yemJ7Jm=yW~M2i%e$$d7l6#|0{^H*7&h9?z-m8TE|S@
z1>@C!heq!%SeDa4!Mz9QP1=VgnE5(n!6Q#ud#Hr${pFuB;3_=LWT*M?_9>o<3bsO?
z?EZ)qY2TACus1f>h7OW9@7S!!6}Tp8qIFGhqjN;xIMyfqnzL}V^bVeGec9d~b}~GW
zvCxjvdi0}RN_hRsA}nZV$h$L;F}&(&0d$EG2Rm#%ON5A+VUKRy=Js8Oh?#EC%^_;&
zfqLkVf>HWY+(l6kb2kf;(KMb#^&_jQ<Ij^w#`4YcAmw*YSnmM4fx*i-lnQr`X`#xB
zF<N|A)s3XGzig=PK)OK;#yj5(@vT)3ERmJJR#X7k$JxJS-Lhum!_V$s3Zj1*GGF-+
z{Eu1ybHUk_4F@G<7d_0a>(gC@%`ZNsWVeR6iZQ(~OA!X;JFJOMbraE%JQ1K%ajK{P
z09lI6-O4GCn~j)*Nk2RB#{-pEOWEX1_I`Ur3KmF2%_*?~5C<A(<GtTD0Ae}~?!&tt
zIu4^0W8ww;zUBednkXbDRPHcUb!j_l$FQDPkYZd__b}bHP~aP<j~k}_g7jZ;knbDv
z(@O8rj{w#gW_9tef1DMF%>!)x1h9fD-u#DkLWj%cy0hM8OJJ?yK~`P$>Hk$6Lr3xe
z73Uu-{Ey;$5Nhvq1-MlUd#NyY^*>2@Dytl*bUvsu0=Tb5?y~$78LOxZag$2|?S(Nj
zW>ezOSpHp)9i$g1bfu;Hh(aj35>}Y4uC+h>W5lH?V1)L<oH=5sVYK-PN5UOYbT6H`
z`vFdSDO!O_R~j@gvVr-JLnV5!E8SX;;06&?XAiO{GVt;rc-H)ZZtS;tiM~&xm9%eC
z|Mg72wUfvc+xjg)U>;LiXeZ*onr1TngWt*l_I;C7@8qq@GIw7$*eVJ9hC70}+m7n5
z^1FW(KeS_-iEc4L<n)USp-Ea0yI2~9y8@8}tw?e-txtk=W2~?FV@J>(jWPL93uWqv
zdw>KFRF{7GVE*H*!d}ijz&t#z&bF?MyFU|oxlQ%_jznF7mqN_kHjVQHU%t5$d?u~u
z4$4Z8K6(6;X`)U6SDWIGiPdxS)jQH3Ext$<ob9#XR5(Q@B&=K`&3)oH?g}uLINd$S
zAX5zr(@=^({5dCU+;`xziEifZ3JpTDIehE*=de`lo@9VX!Q@&)Q9qMN^*`d0$OiVF
ze=`@l@-<;4QbTj(J3cdWcW=qT0@Yocb^SYF+0i4`IC2G8!iv&TQBhCI9Tl#65(&8i
ziK(Nfan97cK(p9OUK+#ymYv=bsk^Vr!HgKYlXGM>Pk}#{yVm&O-AIf@NZ|)pS3JVy
z`$ugZe(W;vPx53NwvXqY`ZY>A@I;a_75Ed8&ZTMHHP8NCXbG4i=-I5MdIelk-8N#Q
zskMx|5|N%)a4*G}IZyS)GeuiUJ&Hfa$O_4|f4m3@L4r98&Z5k~H9$iM&MK^qET_;r
zne=Zk?Jp;+RAw;OP~4TsVPCP@Vc(TF&Sb*~6k@`D(6c%*W0u7H<y`_VP0SkuO|h0*
zOTpqJ$Zs>HaATkRE37~&BBdTF-wkd-(Y(}c*2$OAEj^`_`?^;=?(F-k13LfkT)mJK
zs|MKC>IS$$&}ZjZOQy|UcY@F*%7Vx;=*}lf_1W}Pl49sTJ7-w3Lpn6q{u5Jz*tjuu
z#vuJmt{29*U_@T9sJlS5m>=a`KWUJ>?iwl{FZP&tsOSC-xGgdh8T~&@{H(m%XGg=$
z;YTla2$<!eNp6r1f{aYbn7i)q{V8MauKG<Z^fsC^!W^n&fi+K<ktFr*u554)EBKWe
zBVBDqG<O6Ds?$N;MBBvqUz26CLQ6dfD}2r2gib5?*1#fI2X7zPo&df1INNydOjqR~
zyE#18#)iOp>MDp}3S2dudAIn-CN7EGZB-67=bvl|9z>GnaQBnJ%i!BzsMLT`1j^US
zT;*UHC={WHtOnKv8H@)`3lo3!{%#sM{FPBJ#&sR0FTm4-{*#`=(mSN_e|)BK3P4W5
zsL$UyqKIuA3GTXt#;U~PAN;RfqacPR$eD$T2fN>AG4&AU9YoCEdgLGPhNKP|FS<J^
zuC5j%7sgL6k)h>j3e!N_hwz`U=P*Ote{GkB41-ZPViDx0>%@sa5xf!Rha|bpxM!^U
zqXQmy(h_wNsHUE#)1A+h8jvuWjI5rzD&rY~@PC%m{F(mW05f1QV1!EUlDwsU6X}iz
z)yX2xc)re6$cRMI-*La{N_i%;Z)(L+%~v3iE<Wa8OL|hu-LD5b1*0(*@iM@`>B&jL
zcT25KZ5JymRW1w5H;O!afY#x!5w5a6#h+57Y2bTtP!&XTPf`=4nXAX3g>8|@Rt{i@
zWD$de4|}bb?1yiKkx!N)_wMP=r*o}OoHN>R?(oMBp3vNV^Q`(z^J%4m)$9KQ<&-6W

diff --git a/template/frontend/styles/globals.css b/template/frontend/styles/globals.css
deleted file mode 100644
index 3d552a6..0000000
--- a/template/frontend/styles/globals.css
+++ /dev/null
@@ -1,2 +0,0 @@
-@import "tailwindcss";
-
diff --git a/template/frontend/tsconfig.json b/template/frontend/tsconfig.json
deleted file mode 100644
index 0febbe7..0000000
--- a/template/frontend/tsconfig.json
+++ /dev/null
@@ -1,34 +0,0 @@
-{
-  "compilerOptions": {
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
-    "allowJs": true,
-    "skipLibCheck": true,
-    "strict": true,
-    "noEmit": true,
-    "esModuleInterop": true,
-    "module": "esnext",
-    "moduleResolution": "bundler",
-    "resolveJsonModule": true,
-    "isolatedModules": true,
-    "jsx": "preserve",
-    "incremental": true,
-    "paths": {
-      "@/*": [
-        "./*"
-      ]
-    },
-    "target": "ES2017"
-  },
-  "include": [
-    "next-env.d.ts",
-    "**/*.ts",
-    "**/*.tsx"
-  ],
-  "exclude": [
-    "node_modules"
-  ]
-}
diff --git a/template/frontend/utils/test-utils.tsx b/template/frontend/utils/test-utils.tsx
deleted file mode 100644
index 2b6673f..0000000
--- a/template/frontend/utils/test-utils.tsx
+++ /dev/null
@@ -1,18 +0,0 @@
-import { MockedProvider, MockedResponse } from '@apollo/client/testing'
-import { render } from '@testing-library/react'
-import React from 'react'
-
-type Options = {
-  mocks?: MockedResponse[]
-}
-const renderWithProviders = (ui: React.ReactElement, options: Options = {}) => {
-  render(
-    <MockedProvider mocks={options.mocks} addTypename={false}>
-      {ui}
-    </MockedProvider>
-  )
-}
-
-export { screen } from '@testing-library/react'
-export { renderWithProviders as render }
-export { userEvent } from '@testing-library/user-event'
diff --git a/template/frontend/vitest.config.ts b/template/frontend/vitest.config.ts
deleted file mode 100644
index 938d4ad..0000000
--- a/template/frontend/vitest.config.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-import react from '@vitejs/plugin-react'
-import { defineConfig } from 'vitest/config'
-
-import { fileURLToPath } from 'node:url'
-
-export default defineConfig({
-  plugins: [react()],
-  test: {
-    environment: 'jsdom',
-    setupFiles: ['./vitest.setup.ts']
-  },
-  resolve: {
-    alias: {
-      '@': fileURLToPath(new URL('./', import.meta.url))
-    }
-  }
-})
diff --git a/template/frontend/vitest.setup.ts b/template/frontend/vitest.setup.ts
deleted file mode 100644
index 10234f4..0000000
--- a/template/frontend/vitest.setup.ts
+++ /dev/null
@@ -1,3 +0,0 @@
-/// <reference types="vitest" />
-
-import '@testing-library/jest-dom/vitest'
diff --git a/template/k8s/_monitoring/django-logs-table.yaml b/template/k8s/_monitoring/django-logs-table.yaml
deleted file mode 100644
index 581ead0..0000000
--- a/template/k8s/_monitoring/django-logs-table.yaml
+++ /dev/null
@@ -1,190 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  labels:
-    grafana_dashboard: "1"
-  name: django-logs-table
-  namespace: monitoring
-data:
-  django-logs-table.json: |-
-    {
-      "annotations": {
-        "list": [
-          {
-            "builtIn": 1,
-            "datasource": {
-              "type": "grafana",
-              "uid": "-- Grafana --"
-            },
-            "enable": true,
-            "hide": true,
-            "iconColor": "rgba(0, 211, 255, 1)",
-            "name": "Annotations & Alerts",
-            "type": "dashboard"
-          }
-        ]
-      },
-      "editable": true,
-      "fiscalYearStartMonth": 0,
-      "graphTooltip": 0,
-      "id": 33,
-      "links": [],
-      "liveNow": false,
-      "panels": [
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "P8E80F9AEF21F6940"
-          },
-          "fieldConfig": {
-            "defaults": {
-              "color": {
-                "mode": "thresholds"
-              },
-              "custom": {
-                "align": "auto",
-                "cellOptions": {
-                  "type": "auto"
-                },
-                "inspect": false
-              },
-              "mappings": [],
-              "thresholds": {
-                "mode": "absolute",
-                "steps": [
-                  {
-                    "color": "green",
-                    "value": null
-                  },
-                  {
-                    "color": "red",
-                    "value": 80
-                  }
-                ]
-              }
-            },
-            "overrides": []
-          },
-          "gridPos": {
-            "h": 8,
-            "w": 12,
-            "x": 0,
-            "y": 0
-          },
-          "id": 1,
-          "options": {
-            "cellHeight": "sm",
-            "footer": {
-              "countRows": false,
-              "fields": "",
-              "reducer": [
-                "sum"
-              ],
-              "show": false
-            },
-            "showHeader": true
-          },
-          "pluginVersion": "10.1.1",
-          "targets": [
-            {
-              "datasource": {
-                "type": "loki",
-                "uid": "P8E80F9AEF21F6940"
-              },
-              "editorMode": "builder",
-              "expr": "{namespace=\"default\", container=\"django\"} |= ``",
-              "queryType": "range",
-              "refId": "A"
-            }
-          ],
-          "title": "Django Logs Table",
-          "type": "table"
-        },
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "P8E80F9AEF21F6940"
-          },
-          "fieldConfig": {
-            "defaults": {
-              "color": {
-                "mode": "thresholds"
-              },
-              "custom": {
-                "align": "auto",
-                "cellOptions": {
-                  "type": "auto"
-                },
-                "inspect": false
-              },
-              "mappings": [],
-              "thresholds": {
-                "mode": "absolute",
-                "steps": [
-                  {
-                    "color": "green",
-                    "value": null
-                  },
-                  {
-                    "color": "red",
-                    "value": 80
-                  }
-                ]
-              }
-            },
-            "overrides": []
-          },
-          "gridPos": {
-            "h": 8,
-            "w": 12,
-            "x": 12,
-            "y": 0
-          },
-          "id": 2,
-          "options": {
-            "cellHeight": "sm",
-            "footer": {
-              "countRows": false,
-              "fields": "",
-              "reducer": [
-                "sum"
-              ],
-              "show": false
-            },
-            "showHeader": true
-          },
-          "pluginVersion": "10.1.1",
-          "targets": [
-            {
-              "datasource": {
-                "type": "loki",
-                "uid": "P8E80F9AEF21F6940"
-              },
-              "editorMode": "builder",
-              "expr": "{namespace=\"default\", container=\"postgres\"} |= ``",
-              "queryType": "range",
-              "refId": "A"
-            }
-          ],
-          "title": "Postgres Logs Table",
-          "type": "table"
-        }
-      ],
-      "refresh": "",
-      "schemaVersion": 38,
-      "style": "dark",
-      "tags": [],
-      "templating": {
-        "list": []
-      },
-      "time": {
-        "from": "now-6h",
-        "to": "now"
-      },
-      "timepicker": {},
-      "timezone": "",
-      "title": "Django",
-      "uid": "1693997350",
-      "version": 3,
-      "weekStart": ""
-    }
diff --git a/template/k8s/_monitoring/loki-stack-values.yaml b/template/k8s/_monitoring/loki-stack-values.yaml
deleted file mode 100644
index 9af069a..0000000
--- a/template/k8s/_monitoring/loki-stack-values.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-loki:
-  priorityClassName: monitoring-low-priority
-  env:
-    - name: AWS_ACCESS_KEY_ID
-      valueFrom:
-        secretKeyRef:
-          name: iam-loki-s3
-          key: AWS_ACCESS_KEY_ID
-    - name: AWS_SECRET_ACCESS_KEY
-      valueFrom:
-        secretKeyRef:
-          name: iam-loki-s3
-          key: AWS_SECRET_ACCESS_KEY
-  config:
-    schema_config:
-      configs:
-        - from: 2021-05-12
-          store: boltdb-shipper
-          object_store: s3
-          schema: v11
-          index:
-            prefix: loki_index_
-            period: 24h
-    storage_config:
-      aws:
-        s3: s3://{{ copier__aws_region }}/{{ copier__project_dash }}-loki-index-bucket
-        s3forcepathstyle: true
-        bucketnames: {{ copier__project_dash }}-loki-index-bucket
-        region: {{ copier__aws_region }}
-        insecure: false
-        sse_encryption: false
-      boltdb_shipper:
-        shared_store: s3
-        cache_ttl: 24h
diff --git a/template/k8s/argocd/README.md b/template/k8s/argocd/README.md
deleted file mode 100644
index a066fab..0000000
--- a/template/k8s/argocd/README.md
+++ /dev/null
@@ -1,46 +0,0 @@
-# Kubernetes Control Plane
-
-## ArgoCD
-
-An ArgoCD application will automate your kubernetes deployments.
-
-Install [ArgoCD CLI](https://argo-cd.readthedocs.io/en/stable/cli_installation/).
-
-Log in to your ArgoCD dashboard, eg
-
-    $ argocd login argocd.sixfeetup.com
-
-Find your cluster context (set your KUBECONFIG file if neccessary)
-
-    $ kubectl config get-contexts -o name
-
-Add your cluster to ArgoCD. This will also output the `CLUSTER_IP` you will use in the application.
-
-    $ argocd cluster add {{ copier__project_slug }}-environment
- (replace environment with the actual environment name, e.g. `sandbox` or `production`)
-
-### Creating the ArgoCD application manifests
-
-Export the cluster IP from ArgoCD to your environment
-
-    $ export CLUSTER_IP=CLUSTER_IP
-
-Create a deploy key for your repository export it to your environment as `SSH_PRIVATE_KEY`.
-
-    $ export SSH_PRIVATE_KEY=DEPLOY_KEY
-
-Export your repository url to your environment
-
-    $ export REPO_URL=PROJECT_REPOSITORY
-
-Create the `application.yaml` manifest and `repocred.yaml` secret and seal it
-
-    $ make argocd-app
-
-If you are working in the SFU environment move your application and repocreds manifest to `sixfeetup/controlplane.git/argocd/applications/{{ copier__project_slug }}/`
-
-Apply the manifests
-
-    $ kubectl apply -f argocd/applications/{{ copier__project_slug }}
-
-Your ArgoCD application should be visible on the ArgoCD dashboard. Check the repository and cluster connection.
diff --git a/template/k8s/base/app.configmap.yaml b/template/k8s/base/app.configmap.yaml
deleted file mode 100644
index 685be10..0000000
--- a/template/k8s/base/app.configmap.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: app-config
-data:
-  DJANGO_DEBUG: "False"
-  USE_DOCKER: "yes"
-  DJANGO_ADMIN_URL: "admin/"
-  DJANGO_SETTINGS_MODULE: "config.settings.local"
-  DJANGO_SECRET_KEY: "CHANGEME"
-  DJANGO_ALLOWED_HOSTS: "localhost,127.0.0.1,backend,.{{ copier__domain_name }}"
-  DJANGO_CSRF_TRUSTED_ORIGINS: "http://localhost,https://{{ copier__domain_name }}"
-  DJANGO_SECURE_SSL_REDIRECT: "False"
-  PGDATA: "/var/lib/postgresql/data/pgdata"
-  POSTGRES_DB: "{{ copier__project_slug }}"
-  POSTGRES_USER: "{{ copier__project_slug }}"
-  REDIS_URL: "redis://redis:6379/1"
-  # todo: see if PYDEVD_USE_* can be removed later, I was getting this error
-  #  with pydevd-pycharm==243.26053.29:
-  # cannot import name 'trace_dispatch' from '_pydevd_bundle.pydevd_trace_dispatch'
-  # (/app/lib/python3.12/site-packages/_pydevd_bundle/pydevd_trace_dispatch.py)
-  # Also probably need to add cython to local.in in that case.
-  PYDEVD_USE_CYTHON: "NO"
-  PYDEVD_USE_FRAME_EVAL: "NO"
-  PYTHONBREAKPOINT: "" # "utils.pycharm_debugger" for pycharm
-{%- if copier__mail_service == 'Mailgun' %}
-  MAILGUN_DOMAIN: "{{ copier__domain_name }}"
-  MAILGUN_API_URL: "https://api.mailgun.net/v3"{%- endif %}
-{%- if copier__use_celery %}
-  CELERY_BROKER_URL: "redis://redis:6379/0"
-  FLOWER_BROKER_URL: "redis://redis:6379/0"
-  FLOWER_ADDRESS: "0.0.0.0"
-  FLOWER_PORT: "5555"{%- endif %}
-  # S3 storage access
-  DJANGO_AWS_REGION_NAME: "{{ copier__aws_region }}"
-  DJANGO_AWS_STORAGE_BUCKET_NAME: "CHANGEME_S3_BUCKET_NAME"
-{% if copier__use_sentry %}
-  SENTRY_DSN_BACKEND: ""
-  ENVIRONMENT: "dev"
-  VITE_SENTRY_DSN_FRONTEND: ""
-  VITE_ENVIRONMENT: "dev"{% endif %}
diff --git a/template/k8s/base/celery.yaml b/template/k8s/base/celery.yaml
deleted file mode 100644
index f1509f2..0000000
--- a/template/k8s/base/celery.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: flower
-  labels:
-    app: celery
-spec:
-  type: ClusterIP
-  selector:
-    app: celery
-  ports:
-    - port: 5555
-      targetPort: flower-server
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: celery
-  labels:
-    app: celery
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: celery
-  template:
-    metadata:
-      labels:
-        app: celery
-    spec:
-      priorityClassName: app-medium-priority
-      containers:
-        - name: celeryworker
-          image: backend:latest
-          command: 
-            - celery
-          args:
-            - -A
-            - {{ copier__project_slug }}
-            - worker
-            - -E
-            - -l
-            - info
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
-        - name: celerybeat
-          image: backend:latest
-          command: 
-            - celery
-          args:
-            - -A
-            - {{ copier__project_slug }}
-            - beat
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
-        - name: flower
-          ports:
-            - name: flower-server
-              containerPort: 5555
-          image: backend:latest
-          command: 
-            - celery
-          args:
-            - -A
-            - {{ copier__project_slug }}
-            - flower
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
diff --git a/template/k8s/base/django.yaml b/template/k8s/base/django.yaml
deleted file mode 100644
index f445f95..0000000
--- a/template/k8s/base/django.yaml
+++ /dev/null
@@ -1,90 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: backend
-  labels:
-    app: backend
-spec:
-  type: ClusterIP
-  selector:
-    app: backend
-  ports:
-    - port: 8000
-      targetPort: http-server
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: backend
-  labels:
-    app: backend
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: backend
-  template:
-    metadata:
-      labels:
-        app: backend
-    spec:
-      priorityClassName: app-medium-priority
-      containers:
-        - name: backend
-          image: backend:latest
-          command: ["python", "manage.py", "runserver", "0.0.0.0:8000"]
-          ports:
-            - name: http-server
-              containerPort: 8000
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
-          resources:
-            limits:
-              cpu: "250m"
-              memory: "400Mi"
-            requests:
-              cpu: "200m"
-              memory: "300Mi"
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: 8000
-              httpHeaders:
-                - name: Host
-                  value: localhost
-            initialDelaySeconds: 29
-            periodSeconds: 29
-            timeoutSeconds: 2
-            failureThreshold: 3
-            terminationGracePeriodSeconds: 60
-          readinessProbe:
-            httpGet:
-              path: /readiness
-              port: 8000
-              httpHeaders:
-                - name: Host
-                  value: localhost
-            initialDelaySeconds: 31
-            periodSeconds: 31
-            timeoutSeconds: 3
-            successThreshold: 1
-      initContainers:
-        - name: check-db-ready
-          image: postgres:17
-          command: [
-              "sh",
-              "-c",
-              "until pg_isready -h $(POSTGRES_HOST);
-              do echo waiting for postgres; sleep 2; done;",
-            ]
-        - name: backend-migration
-          image: backend:latest
-          command: ["python", "manage.py", "migrate"]
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
diff --git a/template/k8s/base/flower.yaml b/template/k8s/base/flower.yaml
deleted file mode 100644
index f4589e5..0000000
--- a/template/k8s/base/flower.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: flower
-  labels:
-    app: {{ copier__project_slug }}
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: {{ copier__project_slug }}
-  template:
-    metadata:
-      labels:
-        app: {{ copier__project_slug }}
-    spec:
-      priorityClassName: app-medium-priority
-      containers:
-        - name: flower
-          image: {{ copier__project_slug }}_local_django:latest
-          command: ["celery", "-A", "{{ copier__project_slug }}", "flower"]
-          envFrom:
-            - configMapRef:
-                name: django-config
-      initContainers:
-        - name: celery-check-workers-ready
-          image: {{ copier__project_slug }}_local_django:latest
-          command:
-            ['sh', '-c', 'until celery -A {{ copier__project_slug }} inspect ping; do echo Waiting for Celery workers to be ready; sleep 5; done']
-          envFrom:
-            - configMapRef:
-                name: django-config
diff --git a/template/k8s/base/frontend.yaml b/template/k8s/base/frontend.yaml
deleted file mode 100644
index aaeae52..0000000
--- a/template/k8s/base/frontend.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: frontend
-  labels:
-    app: frontend
-spec:
-  type: ClusterIP
-  selector:
-    app: frontend
-  ports:
-    - port: 3000
-      targetPort: http-server
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: frontend
-  labels:
-    app: frontend
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: frontend
-  template:
-    metadata:
-      labels:
-        app: frontend
-    spec:
-      priorityClassName: app-medium-priority
-      containers:
-        - name: frontend
-          image: frontend:latest
-          ports:
-            - name: http-server
-              containerPort: 3000
-          resources:
-            limits:
-              cpu: "500m"
-              memory: "600Mi"
-            requests:
-              cpu: "100m"
-              memory: "300Mi"
-          env:
-            - name: PORT
-              value: "3000"
-            - name: DJANGO_ADDRESS
-              value: backend:8000
-          envFrom:
-            - configMapRef:
-                name: app-config
-            - secretRef:
-                name: secrets-config
diff --git a/template/k8s/base/ingress.yaml b/template/k8s/base/ingress.yaml
deleted file mode 100644
index 59d2480..0000000
--- a/template/k8s/base/ingress.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-{% if copier__create_nextjs_frontend %}
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: frontend-ingress
-  annotations:
-    cert-manager.io/issuer: letsencrypt-staging
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: {{ copier__project_slug }}.local
-      priority: 10
-      services:
-        - name: frontend
-          port: 3000
-  tls:
-    certResolver: letsencrypt
----
-{% endif %}
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: backend-ingress
-  annotations:
-    cert-manager.io/issuer: letsencrypt-staging
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: k8s.{{ copier__project_slug }}.local
-      priority: 10
-      services:
-        - name: backend
-          port: 8000
-  tls:
-    certResolver: letsencrypt
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: http-to-https-redirect
-spec:
-  entryPoints:
-    - web
-  routes:
-    - kind: Rule
-      match: PathPrefix(`/`)
-      priority: 1
-      middlewares:
-        - name: redirect-to-https
-      services:
-        - kind: TraefikService
-          name: noop@internal
----
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: redirect-to-https
-spec:
-  redirectScheme:
-    scheme: https
-    permanent: true
diff --git a/template/k8s/base/kustomization.yaml b/template/k8s/base/kustomization.yaml
deleted file mode 100644
index 25fd7c0..0000000
--- a/template/k8s/base/kustomization.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-- ./app.configmap.yaml
-- ./django.yaml
-{% if copier__create_nextjs_frontend %}
-- ./frontend.yaml{% endif %}
-- ./redis.yaml
-{%- if copier__use_celery %}
-- ./celery.yaml{%- endif %}
-- ./pod-priority.yaml
-- ./pod-disruption-budgets.yaml  
\ No newline at end of file
diff --git a/template/k8s/base/pod-disruption-budgets.yaml b/template/k8s/base/pod-disruption-budgets.yaml
deleted file mode 100644
index deb85ac..0000000
--- a/template/k8s/base/pod-disruption-budgets.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: backend-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: backend
----
-{%- if copier__use_celery %}
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: celery-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: celery
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: flower-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: flower
----
-{%- endif %}
-{% if copier__create_nextjs_frontend %}
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: frontend-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: frontend
----
-{% endif %}
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: redis-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: redis
diff --git a/template/k8s/base/pod-priority.yaml b/template/k8s/base/pod-priority.yaml
deleted file mode 100644
index 61d3ea5..0000000
--- a/template/k8s/base/pod-priority.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: scheduling.k8s.io/v1
-kind: PriorityClass
-metadata:
-  name: postgres-high-priority
-value: 100000
-globalDefault: false
-description: "Priority class for PostgreSQL to avoid eviction"
-
----
-apiVersion: scheduling.k8s.io/v1
-kind: PriorityClass
-metadata:
-  name: app-medium-priority
-value: 50000
-globalDefault: false
-description: "Priority class for the main application stack"
-
----
-apiVersion: scheduling.k8s.io/v1
-kind: PriorityClass
-metadata:
-  name: monitoring-low-priority
-value: 10000
-globalDefault: false
-description: "Priority class for monitoring tools like Prometheus, Grafana, etc."
diff --git a/template/k8s/base/redis.yaml b/template/k8s/base/redis.yaml
deleted file mode 100644
index 6b55a6e..0000000
--- a/template/k8s/base/redis.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: redis
-  labels:
-    app: redis
-spec:
-  type: ClusterIP
-  selector:
-    app: redis
-  ports:
-    - port: 6379
-      targetPort: redis-server
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: redis
-  labels:
-    app: redis
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: redis
-  template:
-    metadata:
-      labels:
-        app: redis
-    spec:
-      priorityClassName: app-medium-priority
-      containers:
-        - name: redis
-          image: redis:6.0.5
-          ports:
-            - name: redis-server
-              containerPort: 6379
diff --git a/template/k8s/local/kustomization.yaml b/template/k8s/local/kustomization.yaml
deleted file mode 100644
index b3196a0..0000000
--- a/template/k8s/local/kustomization.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-- ../base
-- ../mailhog
-- ./postgres.yaml
-- ./secrets.yaml
-
-patches:
-- patch: |-
-    - op: add
-      path: /spec/template/spec/initContainers/0/env
-      value:
-        - name: POSTGRES_HOST
-          value: postgres
-    - op: replace
-      path: /spec/template/spec/containers/0/livenessProbe
-      value: null
-    - op: replace
-      path: /spec/template/spec/containers/0/readinessProbe
-      value: null
-  target:
-    kind: Deployment
-    name: backend
-- patch: |-
-    - op: add
-      path: /spec/template/spec/containers/0/env
-      value:
-        - name: DOCKER_GATEWAY_IP # used for debugger to reach out to host machine
-          value: "172.17.0.1"
-  target:
-    kind: Deployment
-    name: backend
diff --git a/template/k8s/local/postgres.yaml b/template/k8s/local/postgres.yaml
deleted file mode 100644
index 4a632b5..0000000
--- a/template/k8s/local/postgres.yaml
+++ /dev/null
@@ -1,89 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: postgres
-  labels:
-    app: postgres
-spec:
-  ports:
-    - port: 5432
-      targetPort: 5432
-  selector:
-    app: postgres
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: postgres
-  labels:
-    app: postgres
-spec:
-  serviceName: postgres
-  replicas: 1
-  selector:
-    matchLabels:
-      app: postgres
-  template:
-    metadata:
-      labels:
-        app: postgres
-    spec:
-      priorityClassName: postgres-high-priority
-      containers:
-        - name: postgres
-          image: postgres:17
-          ports:
-            - containerPort: 5432
-          envFrom:
-          - configMapRef:
-              name: app-config
-          - secretRef:
-              name: secrets-config
-          volumeMounts:
-            - name: {{ copier__project_dash }}-postgres-volume-mount
-              mountPath: /var/lib/postgresql/data
-          # readinessProbe:
-          #   exec:
-          #     command:
-          #       - bash
-          #       - "-c"
-          #       - "psql -U$POSTGRES_USER -d$POSTGRES_DB -c 'SELECT 1'"
-          #   initialDelaySeconds: 15
-          #   timeoutSeconds: 2
-          # livenessProbe:
-          #   exec:
-          #     command:
-          #       - bash
-          #       - "-c"
-          #       - "psql -U$POSTGRES_USER -d$POSTGRES_DB -c 'SELECT 1'"
-          #   initialDelaySeconds: 15
-          #   timeoutSeconds: 2
-      volumes:
-        - name: {{ copier__project_dash }}-postgres-volume-mount
-          persistentVolumeClaim:
-            claimName: {{ copier__project_dash }}-postgres-pvc
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  annotations:
-    tilt.dev/down-policy: keep
-  name: {{ copier__project_dash }}-postgres-pvc
-  labels:
-    type: local
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 500Mi
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: postgres-pdb
-spec:
-  minAvailable: 1
-  selector:
-    matchLabels:
-      app: postgres
diff --git a/template/k8s/local/secrets.yaml b/template/k8s/local/secrets.yaml
deleted file mode 100644
index 9301241..0000000
--- a/template/k8s/local/secrets.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: v1
-stringData:
-  POSTGRES_PASSWORD: __POSTGRES_PASSWORD__
-  DATABASE_URL: postgresql://{{ copier__project_slug }}:__POSTGRES_PASSWORD__@postgres/{{ copier__project_slug }}
-  DJANGO_SECRET_KEY: __DJANGO_SECRET_KEY__
-kind: Secret
-metadata:
-  name: secrets-config
-type: Opaque
diff --git a/template/k8s/mailhog/kustomization.yaml b/template/k8s/mailhog/kustomization.yaml
deleted file mode 100644
index a4a1a56..0000000
--- a/template/k8s/mailhog/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - mailhog.yaml
diff --git a/template/k8s/mailhog/mailhog.yaml b/template/k8s/mailhog/mailhog.yaml
deleted file mode 100644
index f3f3517..0000000
--- a/template/k8s/mailhog/mailhog.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: mailhog
-  labels:
-    app: mailhog
-spec:
-  type: ClusterIP
-  selector:
-    app: mailhog
-  ports:
-    - port: 8025
-      targetPort: smtp-server-ui
-      name: smtp-server-ui
-    - port: 1025
-      targetPort: smtp-server
-      name: smtp-server
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: mailhog
-  labels:
-    app: mailhog
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: mailhog
-  template:
-    metadata:
-      labels:
-        app: mailhog
-    spec:
-      containers:
-        - name: mailhog
-          image: mailhog/mailhog:v1.0.0
-          ports:
-            - name: smtp-server-ui
-              containerPort: 8025
-            - name: smtp-server
-              containerPort: 1025
diff --git a/template/k8s/prod/kustomization.yaml b/template/k8s/prod/kustomization.yaml
deleted file mode 100644
index e98a1c8..0000000
--- a/template/k8s/prod/kustomization.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: {{ copier__rfc1123_subdomain }}-prod
-
-resources:
-  - ../sandbox
-  - secrets.yaml
-
-patches:
-- target:
-    kind: SealedSecret
-    name: secrets-config
-  path: secrets.yaml
-- patch: |-
-    - op: replace
-      path: /spec/issuerRef/name
-      value: letsencrypt-prod
-    - op: replace
-      path: /spec/dnsNames
-      value:
-        - api.{{ copier__domain_name }}
-        - k8s.{{ copier__domain_name }}
-  target:
-    kind: Certificate
-    name: cluster-cert
-- patch: |-
-    - op: replace
-      path: /metadata/annotations/cert-manager.io~1cluster-issuer
-      value: letsencrypt-prod
-    - op: replace
-      path: /spec/routes/0/match
-      value: Host(`api.{{ copier__domain_name }}`)
-  target:
-    kind: IngressRoute
-    name: backend-ingress
-- patch: |-
-    - op: replace
-      path: /metadata/annotations/cert-manager.io~1cluster-issuer
-      value: letsencrypt-prod
-    - op: replace
-      path: /spec/routes/0/match
-      value: Host(`k8s.{{ copier__domain_name }}`)
-  target:
-    kind: IngressRoute
-    name: k8s-ingress
-- patch: |-
-    - op: replace
-      path: /spec/backup/barmanObjectStore/destinationPath
-      value: "s3://{{ copier__project_dash }}-prod-backups/"
-  target:
-    kind: Cluster
-    name: postgres
-{% if copier__create_nextjs_frontend %}
-- patch: |-
-    - op: add
-      path: /data/DISTRIBUTION_ID
-      value: "CHANGEME"
-  target:
-    kind: ConfigMap
-    name: app-config{% endif %}
-
-configMapGenerator:
-  - name: app-config
-    behavior: merge
-    literals:
-     - ENVIRONMENT="production"
-     - DJANGO_SETTINGS_MODULE="config.settings.production"
-     - DJANGO_CSRF_TRUSTED_ORIGINS="https://{{ copier__domain_name }}"
-     - AWS_S3_CUSTOM_DOMAIN="{{ copier__domain_name }}"
-
-images:
-  - name: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-sandbox-backend
-    newName: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-backend
-    newTag: latest
-{% if copier__create_nextjs_frontend %}
-  - name: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-sandbox-frontend
-    newName: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-frontend
-    newTag: latest{% endif %}
diff --git a/template/k8s/sandbox/certificate.yaml b/template/k8s/sandbox/certificate.yaml
deleted file mode 100644
index 2d3cc32..0000000
--- a/template/k8s/sandbox/certificate.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: cluster-cert
-spec:
-  secretName: cluster-cert-tls
-  issuerRef:
-    name: letsencrypt-prod
-    kind: ClusterIssuer
-  dnsNames:
-    - api.sandbox.{{ copier__domain_name }}
-    - k8s.sandbox.{{ copier__domain_name }}
-    - nextjs.{{ copier__domain_name }}
diff --git a/template/k8s/sandbox/ingress-route.yaml b/template/k8s/sandbox/ingress-route.yaml
deleted file mode 100644
index 30179e3..0000000
--- a/template/k8s/sandbox/ingress-route.yaml
+++ /dev/null
@@ -1,84 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: backend-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-staging
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`api.sandbox.{{ copier__domain_name }}`)
-      priority: 10
-      services:
-        - name: backend
-          port: 8000
-  tls:
-    secretName: cluster-cert-tls
----
-{% if copier__create_nextjs_frontend %}
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: frontend-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-staging
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`nextjs.{{ copier__domain_name }}`)
-      priority: 10
-      services:
-        - name: frontend
-          port: 3000
-  tls:
-    secretName: cluster-cert-tls
----
-{% endif %}
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: k8s-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-staging
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`k8s.sandbox.{{ copier__domain_name }}`)
-      priority: 10
-      services:
-        - name: backend
-          port: 8000
-  tls:
-    secretName: cluster-cert-tls
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: http-to-https-redirect
-spec:
-  entryPoints:
-    - web
-  routes:
-    - kind: Rule
-      match: PathPrefix(`/`)
-      priority: 1
-      middlewares:
-        - name: redirect-to-https
-      services:
-        - kind: TraefikService
-          name: noop@internal
----
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: redirect-to-https
-spec:
-  redirectScheme:
-    scheme: https
-    permanent: true
diff --git a/template/k8s/sandbox/kustomization.yaml b/template/k8s/sandbox/kustomization.yaml
deleted file mode 100644
index 2f45f69..0000000
--- a/template/k8s/sandbox/kustomization.yaml
+++ /dev/null
@@ -1,139 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: {{ copier__rfc1123_subdomain }}-sandbox
-
-resources:
-  - ../base
-  - certificate.yaml
-  - ingress-route.yaml
-  - postgres.cnpg.yaml
-  - secrets.yaml
-
-patches:
-- patch: |-
-    - op: replace
-      path: /spec/template/spec/containers/0/command
-      value: ["daphne"]
-    - op: replace
-      path: /spec/template/spec/containers/0/args
-      value: ["--bind", "0.0.0.0", "--port", "8000", "--ping-interval", "15", "--ping-timeout", "5", "config.asgi:application"]
-    - op: add
-      path: /spec/template/spec/imagePullSecrets
-      value:
-        - name: regcred
-    - op: add
-      path: /spec/template/spec/initContainers/0/env
-      value:
-        - name: POSTGRES_HOST
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: host
-    - op: replace
-      path: /spec/template/spec/initContainers/0/command
-      value: ["sh", "-c", "until pg_isready -h $(POSTGRES_HOST); do echo waiting for postgres; sleep 2; done;"]
-    - op: add
-      path: /spec/template/spec/initContainers/1/env
-      value:
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: uri
-    - op: add
-      path: /spec/template/spec/containers/0/env
-      value:
-        - name: POSTGRES_HOST
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: host
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: uri
-  target:
-    kind: Deployment
-    name: backend
-{%- if copier__use_celery %}
-- patch: |-
-    - op: add
-      path: /spec/template/spec/containers/0/env
-      value:
-        - name: POSTGRES_HOST
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: host
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: uri
-    - op: add
-      path: /spec/template/spec/containers/1/env
-      value:
-        - name: POSTGRES_HOST
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: host
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: uri
-    - op: add
-      path: /spec/template/spec/containers/2/env
-      value:
-        - name: POSTGRES_HOST
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: host
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: postgres-app
-              key: uri
-  target:
-    kind: Deployment
-    name: celery
-{%- endif %}
-{% if copier__create_nextjs_frontend %}
-- patch: |-
-    - op: add
-      path: /spec/template/spec/imagePullSecrets
-      value:
-        - name: regcred
-  target:
-    kind: Deployment
-    name: frontend
-- patch: |-
-    - op: add
-      path: /data/DISTRIBUTION_ID
-      value: "CHANGEME"
-  target:
-    kind: ConfigMap
-    name: app-config{% endif %}
-
-configMapGenerator:
-  - name: app-config
-    behavior: merge
-    literals:
-     - ENVIRONMENT="sandbox"
-     - DJANGO_SETTINGS_MODULE="config.settings.production"
-     - DJANGO_CSRF_TRUSTED_ORIGINS="https://sandbox.{{ copier__domain_name }}"
-     - CORS_ALLOWED_ORIGINS="https://nextjs.{{ copier__domain_name }},https://sandbox.{{ copier__domain_name }}"
-     - CORS_ALLOW_CREDENTIALS=True
-     - AWS_S3_CUSTOM_DOMAIN="sandbox.{{ copier__domain_name }}"
-
-images:
-  - name: backend
-    newName: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-sandbox-backend
-    newTag: latest
-{% if copier__create_nextjs_frontend %}
-  - name: frontend
-    newName: {{ copier__aws_account_id }}.dkr.ecr.{{ copier__aws_region }}.amazonaws.com/{{ copier__project_dash }}-sandbox-frontend
-    newTag: latest{% endif %}
diff --git a/template/k8s/sandbox/postgres.cnpg.yaml b/template/k8s/sandbox/postgres.cnpg.yaml
deleted file mode 100644
index 9c8a5c7..0000000
--- a/template/k8s/sandbox/postgres.cnpg.yaml
+++ /dev/null
@@ -1,69 +0,0 @@
-apiVersion: postgresql.cnpg.io/v1
-kind: Cluster
-metadata:
-  name: postgres
-  labels:
-    app: postgres
-spec:
-  priorityClassName: postgres-high-priority
-  instances: 1
-  # TODO: Uncomment after first successful backup
-  # bootstrap:
-  #   recovery:
-  #     source: clusterBackup
-  primaryUpdateStrategy: unsupervised
-  storage:
-    size: 2Gi
-
-  backup:
-    barmanObjectStore:
-      destinationPath: "s3://{{ copier__project_dash }}-sandbox-backups/"
-      s3Credentials:
-        accessKeyId:
-          name: aws-creds
-          key: AWS_S3_ACCESS_KEY_ID
-        secretAccessKey:
-          name: aws-creds
-          key: AWS_S3_SECRET_ACCESS_KEY
-      wal:
-        compression: gzip
-      data:
-        compression: gzip
-        jobs: 1
-      tags:
-        backupRetentionPolicy: "expire"
-      historyTags:
-        backupRetentionPolicy: "keep"
-    retentionPolicy: "30d"
-
-  externalClusters:
-    - name: clusterBackup
-      barmanObjectStore:
-        destinationPath: "s3://{{ copier__project_dash }}-sandbox-backups/"
-        # Copy backup from "postgres" to "postgres-restore"
-        # Or set up a Kubernetes Job to copy it
-        serverName: postgres-restore
-        s3Credentials:
-          accessKeyId:
-            name: secrets-config
-            key: AWS_S3_ACCESS_KEY_ID
-          secretAccessKey:
-            name: secrets-config
-            key: AWS_S3_SECRET_ACCESS_KEY
-        data:
-          compression: gzip
-        wal:
-          compression: gzip
-          maxParallel: 8
----
-apiVersion: postgresql.cnpg.io/v1
-kind: ScheduledBackup
-metadata:
-  name: scheduled-backup
-spec:
-  schedule: "0 0 * * *"  # Runs daily at midnight
-  suspend: false
-  immediate: true
-  backupOwnerReference: self
-  cluster:
-    name: postgres
diff --git a/template/k8s/templates/secrets.yaml.template b/template/k8s/templates/secrets.yaml.template
deleted file mode 100644
index 90c3127..0000000
--- a/template/k8s/templates/secrets.yaml.template
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-stringData:
-  AWS_S3_ACCESS_KEY_ID: $AWS_S3_ACCESS_KEY_ID
-  AWS_S3_SECRET_ACCESS_KEY: $AWS_S3_SECRET_ACCESS_KEY
-{%- if copier__mail_service == 'Amazon SES' %}
-  AWS_SES_ACCESS_KEY_ID: $AWS_SES_ACCESS_KEY_ID
-  AWS_SES_SECRET_ACCESS_KEY: $AWS_SES_SECRET_ACCESS_KEY{%- endif %}
-  DJANGO_SECRET_KEY: $DJANGO_SECRET_KEY
-{%- if copier__mail_service == 'Mailgun' %}
-  MAILGUN_API_KEY: op://{{ copier__project_name }}/$ENVIRONMENT secrets/MAILGUN_API_KEY"{%- endif %}
-
-kind: Secret
-metadata:
-  name: secrets-config
-type: Opaque
diff --git a/template/tasks.py b/template/tasks.py
index 2e8f848..7db06de 100644
--- a/template/tasks.py
+++ b/template/tasks.py
@@ -18,21 +18,6 @@ def init_git_repo():
     print(SUCCESS + "Git repository initialized." + TERMINATOR)
 
 
-def configure_git_remote():
-    repo_url = "{{ copier__repo_url }}"
-    if repo_url:
-        print(INFO + f"repo_url: {repo_url}" + TERMINATOR)
-        command = f"git remote add origin {repo_url}"
-        subprocess.run(shlex.split(command), check=True)
-        print(SUCCESS + f"Remote origin={repo_url} added." + TERMINATOR)
-    else:
-        print(
-            WARNING
-            + "No repo_url provided. Skipping git remote configuration."
-            + TERMINATOR
-        )
-
-
 def party_popper():
     for _ in range(4):
         print("\r🎉 POP! 💥", end="", flush=True)
@@ -40,30 +25,24 @@ def party_popper():
         print("\r💥 POP! 🎉", end="", flush=True)
         subprocess.run(["sleep", "0.3"])
 
-    print("\r🎊 Congrats! Your {{ copier__project_slug }} project is ready! 🎉")
+    print("\r🎊 Congrats! Your {{ copier__project_slug }} Talos cluster project is ready! 🎉")
     print()
-    print("To get started, run:")
-    print("cd {{ copier__project_slug }}")
-    print("tilt up")
+    print("To get started:")
+    print("1. cd {{ copier__project_slug }}")
+    print("2. Create S3 backend: cd terraform/bootstrap && tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out")
+    print("3. Deploy infrastructure: cd ../sandbox && tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out")
+    print("4. Bootstrap Talos: cd ../../bootstrap-cluster && export ENV=sandbox && task talos:bootstrap")
     print()
 
 
 def run_setup():
-    subprocess.run(
-        shlex.split("kind create cluster --name {{ copier__project_dash }}"), check=True
-    )
-    subprocess.run(shlex.split("make compile"), check=True)
-
-    print("Dependencies compiled successfully.")
     print("Performing initial commit.")
-
     subprocess.run(shlex.split("git add ."), check=True)
     subprocess.run(shlex.split("git commit -m 'Initial commit' --quiet"), check=True)
 
 
 def main():
     init_git_repo()
-    configure_git_remote()
     run_setup()
     party_popper()
 
diff --git a/template/terraform/README.md b/template/terraform/README.md
index f79ce3d..81af4c4 100644
--- a/template/terraform/README.md
+++ b/template/terraform/README.md
@@ -48,17 +48,28 @@ Export the `AWS_PROFILE` environment variable:
 ```
 $ export AWS_PROFILE=scaf
 ```
-Then, to deploy to sandbox you can run:
 
+## Deployment
+
+### Bootstrap Terraform State Backend
+
+First, create the S3 bucket and DynamoDB table for Terraform state:
+
+```bash
+cd bootstrap
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
 ```
-$ task deploy-sandbox
-```
 
-TODO: replace with automation between the environment creation and the argocd bootstrap:
+This only needs to be run once for all environments.
+
+### Deploy an Environment
 
+To deploy the sandbox environment:
 
+```bash
+cd ../sandbox
+tofu init && tofu plan -out=tfplan.out && tofu apply tfplan.out
 ```
-{% if copier__create_nextjs_frontend %}
-6. After the environment is successfully deployed, note the CloudFront distribution ID that was created, and update the `DISTRIBUTION_ID` value in the corresponding kustomization.yaml file (e.g., sandbox/kustomization.yaml or production/kustomization.yaml) to reflect the correct value.
-{% endif %}
+
+For other environments, replace `sandbox` with `staging` or `production`.
 
diff --git a/template/terraform/modules/base/Makefile b/template/terraform/modules/base/Makefile
index 39f1f4f..739b4e1 100644
--- a/template/terraform/modules/base/Makefile
+++ b/template/terraform/modules/base/Makefile
@@ -21,8 +21,6 @@ kubeconfig:
 
 remove-kube-state:
 	rm -f kubeconfig
-	tofu state rm helm_release.argocd \
-		kubernetes_namespace.monitoring || true
 
 # TODO: add copier__use_talos check for talos targets
 talosconfig:
@@ -55,7 +53,7 @@ upgrade-talos:
 	for ip in $${ip_array[@]} ; do \
 		echo "Upgrading Talos node at IP: $$ip" ; \
 		talosctl upgrade --nodes $$ip \
-		--image factory.talos.dev/installer/10e276a06c1f86b182757a962258ac00655d3425e5957f617bdc82f06894e39b:v1.7.4 ; \
+		--image factory.talos.dev/installer/10e276a06c1f86b182757a962258ac00655d3425e5957f617bdc82f06894e39b:v1.12.1 ; \
 	done
 
 destroy: remove-kube-state remove-talos-state
diff --git a/template/terraform/modules/base/ecr.tf b/template/terraform/modules/base/ecr.tf
deleted file mode 100644
index b5974dd..0000000
--- a/template/terraform/modules/base/ecr.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-{% if copier__create_nextjs_frontend %}
-module "ecr_frontend" {
-  source  = "terraform-aws-modules/ecr/aws"
-  version = "1.6.0"
-
-  repository_name                 = var.frontend_ecr_repo
-  repository_image_tag_mutability = "MUTABLE"
-
-  repository_lifecycle_policy = jsonencode({
-    rules = [
-      {
-        rulePriority = 1,
-        description  = "Keep last 5 images",
-        selection = {
-          tagStatus     = "tagged",
-          tagPrefixList = ["v"],
-          countType     = "imageCountMoreThan",
-          countNumber   = 5
-        },
-        action = {
-          type = "expire"
-        }
-      }
-    ]
-  })
-
-  tags = local.common_tags
-}
-{% endif %}
-
-module "ecr_backend" {
-  source  = "terraform-aws-modules/ecr/aws"
-  version = "1.6.0"
-
-  repository_name                 = var.backend_ecr_repo
-  repository_image_tag_mutability = "MUTABLE"
-
-  repository_lifecycle_policy = jsonencode({
-    rules = [
-      {
-        rulePriority = 1,
-        description  = "Keep last 5 images",
-        selection = {
-          tagStatus     = "tagged",
-          tagPrefixList = ["v"],
-          countType     = "imageCountMoreThan",
-          countNumber   = 5
-        },
-        action = {
-          type = "expire"
-        }
-      }
-    ]
-  })
-
-  tags = local.common_tags
-}
diff --git a/template/terraform/modules/base/github-iam-role.tf b/template/terraform/modules/base/github-iam-role.tf
deleted file mode 100644
index 44f7934..0000000
--- a/template/terraform/modules/base/github-iam-role.tf
+++ /dev/null
@@ -1,43 +0,0 @@
-data "aws_iam_role" "github_oidc_role" {
-  name = "{{ copier__project_slug }}-github-oidc-role"
-}
-
-# Define the IAM policy for ECR
-resource "aws_iam_policy" "ecr_push_policy" {
-  name        = "${var.app_name}-${var.repo_name}-ecr-push-policy"
-  description = "Policy to allow pushing images to ECR"
-
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "ecr:GetDownloadUrlForLayer",
-          "ecr:BatchGetImage",
-          "ecr:BatchCheckLayerAvailability",
-          "ecr:PutImage",
-          "ecr:InitiateLayerUpload",
-          "ecr:UploadLayerPart",
-          "ecr:CompleteLayerUpload"
-        ],
-        Resource = [
-          {% if copier__create_nextjs_frontend %}"arn:aws:ecr:${var.aws_region}:${var.account_id}:repository/${var.frontend_ecr_repo}",{% endif %}
-          "arn:aws:ecr:${var.aws_region}:${var.account_id}:repository/${var.backend_ecr_repo}",
-        ]
-      },
-      {
-        Effect   = "Allow",
-        Action   = "ecr:GetAuthorizationToken",
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-# Attach the policy to the role
-resource "aws_iam_role_policy_attachment" "ecr_push_policy_attachment" {
-  role       = data.aws_iam_role.github_oidc_role.name
-  policy_arn = aws_iam_policy.ecr_push_policy.arn
-}
-
diff --git a/template/terraform/modules/base/outputs.tf b/template/terraform/modules/base/outputs.tf
index 3012a45..039f56f 100644
--- a/template/terraform/modules/base/outputs.tf
+++ b/template/terraform/modules/base/outputs.tf
@@ -7,8 +7,3 @@ output "control_plane_nodes_private_ips" {
   description = "The private ip addresses of the control plane nodes."
   value       = join(",", module.control_plane_nodes.*.private_ip)
 }
-
-output "backend_ecr_repo" {
-  description = "The Backend ECR repository"
-  value       = module.ecr_backend.repository_url
-}
diff --git a/template/terraform/modules/base/route53.tf b/template/terraform/modules/base/route53.tf
index 998ea29..0ccefd9 100644
--- a/template/terraform/modules/base/route53.tf
+++ b/template/terraform/modules/base/route53.tf
@@ -16,14 +16,6 @@ locals {
   zone_id = var.existing_hosted_zone == "" ? aws_route53_zone.route_zone[0].zone_id : data.aws_route53_zone.existing_zone[0].zone_id
 }
 
-resource "aws_route53_record" "api" {
-  zone_id = local.zone_id
-  name    = var.api_domain_name
-  type    = "CNAME"
-  records = [module.elb_k8s_elb.elb_dns_name]
-  ttl     = 600
-}
-
 resource "aws_route53_record" "k8s" {
   zone_id = local.zone_id
   name    = var.cluster_domain_name
@@ -31,55 +23,3 @@ resource "aws_route53_record" "k8s" {
   records = [module.elb_k8s_elb.elb_dns_name]
   ttl     = 600
 }
-
-{% if copier__create_nextjs_frontend %}
-resource "aws_route53_record" "nextjs" {
-  zone_id = local.zone_id
-  name    = var.nextjs_domain_name
-  type    = "CNAME"
-  records = [module.elb_k8s_elb.elb_dns_name]
-  ttl     = 600
-}
-
-resource "aws_route53_record" "frontend" {
-  zone_id = local.zone_id
-  name    = var.domain_name
-  type    = "A"
-
-  alias {
-    name                   = aws_cloudfront_distribution.cloudfront.domain_name
-    zone_id                = aws_cloudfront_distribution.cloudfront.hosted_zone_id
-    evaluate_target_health = false
-  }
-}
-
-resource "aws_route53_record" "frontend-v6" {
-  zone_id = local.zone_id
-  name    = var.domain_name
-  type    = "AAAA"
-
-  alias {
-    name                   = aws_cloudfront_distribution.cloudfront.domain_name
-    zone_id                = aws_cloudfront_distribution.cloudfront.hosted_zone_id
-    evaluate_target_health = false
-  }
-}
-{% endif %}
-
-# record for argocd call
-resource "aws_route53_record" "argocd" {
-  zone_id = local.zone_id
-  name    = var.argocd_domain_name
-  type    = "CNAME"
-  records = [module.elb_k8s_elb.elb_dns_name]
-  ttl     = 600
-}
-
-# record for prometheus call
-resource "aws_route53_record" "prometheus" {
-  zone_id = local.zone_id
-  name    = var.prometheus_domain_name
-  type    = "CNAME"
-  records = [module.elb_k8s_elb.elb_dns_name]
-  ttl     = 600
-}
diff --git a/template/terraform/modules/base/security_groups.tf b/template/terraform/modules/base/security_groups.tf
index eb63998..9f9de6b 100644
--- a/template/terraform/modules/base/security_groups.tf
+++ b/template/terraform/modules/base/security_groups.tf
@@ -33,7 +33,6 @@ module "cluster_sg" {
       cidr_blocks = var.admin_allowed_ips
       description = "Kubernetes API Access"
     },
-{% if copier__operating_system == "talos" %}
     {
       from_port   = 50000
       to_port     = 50000
@@ -41,15 +40,6 @@ module "cluster_sg" {
       cidr_blocks = var.admin_allowed_ips
       description = "Talos API Access"
     },
-{%- elif copier__operating_system == "k3s" %}
-    {
-      from_port   = 22
-      to_port     = 22
-      protocol    = "tcp"
-      cidr_blocks = var.admin_allowed_ips
-      description = "Talos API Access"
-    },
-{%- endif %}
   ]
 
   egress_with_cidr_blocks = [
diff --git a/template/terraform/modules/base/variables.tf b/template/terraform/modules/base/variables.tf
index 83eab28..53f249d 100644
--- a/template/terraform/modules/base/variables.tf
+++ b/template/terraform/modules/base/variables.tf
@@ -33,36 +33,14 @@ variable "domain_name" {
   default = "{{ copier__domain_name }}"
 }
 
-variable "api_domain_name" {
-  type    = string
-  default = "api.{{ copier__domain_name }}"
-}
-
 variable "cluster_domain_name" {
   type    = string
   default = "k8s.{{ copier__domain_name }}"
 }
-{% if copier__create_nextjs_frontend %}
-variable "nextjs_domain_name" {
-  type    = string
-  default = "nextjs.{{ copier__domain_name }}"
-}
-{% endif %}
-
-variable "argocd_domain_name" {
-  type    = string
-  default = "argocd.{{ copier__domain_name }}"
-}
-
-
-variable "prometheus_domain_name" {
-  type    = string
-  default = "prometheus.{{ copier__domain_name }}"
-}
 
 variable "kubernetes_version" {
 
-  description = "Kubernetes version to use for the cluster, if not set the k8s version shipped with the talos sdk or k3s version will be used"
+  description = "Kubernetes version to use for the cluster, if not set the k8s version shipped with the Talos SDK will be used"
   type        = string
   default     = null
 }
@@ -92,37 +70,11 @@ variable "cluster_vpc_cidr" {
   default     = "172.16.0.0/16"
 }
 
-{% if copier__operating_system == "talos" %}
 variable "config_patch_files" {
   description = "Path to talos config path files that applies to all nodes"
   type        = list(string)
   default     = []
 }
-{%- endif %}
-
-variable "repo_name" {
-  type    = string
-  default = "{{ copier__repo_name }}"
-}
-
-variable "repo_url" {
-  type    = string
-  default = "{{ copier__repo_url }}"
-}
-
-{% if copier__create_nextjs_frontend %}
-variable "frontend_ecr_repo" {
-  description = "The Frontend ECR repository name"
-  type        = string
-  default     = "{{ copier__project_dash }}-sandbox-frontend"
-}
-{% endif %}
-
-variable "backend_ecr_repo" {
-  description = "The backend ECR repository name"
-  type        = string
-  default     = "{{ copier__project_dash }}-sandbox-backend"
-}
 
 variable "admin_allowed_ips" {
   description = "A list of CIDR blocks that are allowed to access the kubernetes api"
diff --git a/template/terraform/production/cluster.tf b/template/terraform/production/cluster.tf
index 771d737..50309a6 100644
--- a/template/terraform/production/cluster.tf
+++ b/template/terraform/production/cluster.tf
@@ -1,13 +1,10 @@
 module "cluster" {
-  source                 = "../modules/base"
-  environment            = "prod"
-  cluster_name           = "{{ copier__project_dash }}-prod"
-  domain_name            = "prod.{{ copier__domain_name }}"
-  api_domain_name        = "api.prod.{{ copier__domain_name }}"
-  cluster_domain_name    = "k8s.prod.{{ copier__domain_name }}"
-  argocd_domain_name     = "argocd.prod.{{ copier__domain_name }}"
-  prometheus_domain_name = "prometheus.prod.{{ copier__domain_name }}"
-  existing_hosted_zone   = module.global_variables.existing_hosted_zone
+  source               = "../modules/base"
+  environment          = "prod"
+  cluster_name         = "{{ copier__project_dash }}-prod"
+  domain_name          = "prod.{{ copier__domain_name }}"
+  cluster_domain_name  = "k8s.prod.{{ copier__domain_name }}"
+  existing_hosted_zone = module.global_variables.existing_hosted_zone
   control_plane = {
     # 2 vCPUs, 4 GiB RAM, $0.0376 per Hour
     instance_type = "t3a.medium"
diff --git a/template/terraform/sandbox/cluster.tf b/template/terraform/sandbox/cluster.tf
index bb5de13..ae63af1 100644
--- a/template/terraform/sandbox/cluster.tf
+++ b/template/terraform/sandbox/cluster.tf
@@ -1,13 +1,10 @@
 module "cluster" {
-  source                 = "../modules/base"
-  environment            = "sandbox"
-  cluster_name           = "{{ copier__project_dash }}-sandbox"
-  domain_name            = "sandbox.{{ copier__domain_name }}"
-  api_domain_name        = "api.sandbox.{{ copier__domain_name }}"
-  cluster_domain_name    = "k8s.sandbox.{{ copier__domain_name }}"
-  argocd_domain_name     = "argocd.sandbox.{{ copier__domain_name }}"
-  prometheus_domain_name = "prometheus.sandbox.{{ copier__domain_name }}"
-  existing_hosted_zone   = module.global_variables.existing_hosted_zone
+  source               = "../modules/base"
+  environment          = "sandbox"
+  cluster_name         = "{{ copier__project_dash }}-sandbox"
+  domain_name          = "sandbox.{{ copier__domain_name }}"
+  cluster_domain_name  = "k8s.sandbox.{{ copier__domain_name }}"
+  existing_hosted_zone = module.global_variables.existing_hosted_zone
   control_plane = {
     # 2 vCPUs, 4 GiB RAM, $0.0376 per Hour
     instance_type = "t3a.medium"
diff --git a/template/terraform/staging/cluster.tf b/template/terraform/staging/cluster.tf
index 45ab223..ae6aea0 100644
--- a/template/terraform/staging/cluster.tf
+++ b/template/terraform/staging/cluster.tf
@@ -1,13 +1,10 @@
 module "cluster" {
-  source                 = "../modules/base"
-  environment            = "staging"
-  cluster_name           = "{{ copier__project_dash }}-staging"
-  domain_name            = "staging.{{ copier__domain_name }}"
-  api_domain_name        = "api.staging.{{ copier__domain_name }}"
-  cluster_domain_name    = "k8s.staging.{{ copier__domain_name }}"
-  argocd_domain_name     = "argocd.staging.{{ copier__domain_name }}"
-  prometheus_domain_name = "prometheus.staging.{{ copier__domain_name }}"
-  existing_hosted_zone   = module.global_variables.existing_hosted_zone
+  source               = "../modules/base"
+  environment          = "staging"
+  cluster_name         = "{{ copier__project_dash }}-staging"
+  domain_name          = "staging.{{ copier__domain_name }}"
+  cluster_domain_name  = "k8s.staging.{{ copier__domain_name }}"
+  existing_hosted_zone = module.global_variables.existing_hosted_zone
   control_plane = {
     # 2 vCPUs, 4 GiB RAM, $0.0376 per Hour
     instance_type = "t3a.medium"