From 113bda1571591386b05ed52f791f468d9bef6dd5 Mon Sep 17 00:00:00 2001
From: guangtao <gtrunsec@hardenedlinux.org>
Date: Mon, 6 Nov 2023 03:33:07 -0800
Subject: [PATCH] refactor: update tenzir-devops

---
 .github/workflows/nix-oci.yaml                |   2 +-
 README.org                                    |  30 +-
 dev/configs/treefmt.toml                      |   3 -
 dev/tasks/runScriptWithEnv.nix                |  14 -
 devshell.toml                                 |   7 +-
 diagrams/images/process-compose-tenzir.svg    | 850 ++++++++++++++++++
 diagrams/process-compose.org                  |   6 +-
 flake.lock                                    | 647 +++----------
 flake.nix                                     |  29 +-
 prod/tasks/deploy-tenzir-aws/default.nix      |  10 -
 units/cells/dev/configs/treefmt.nix           |   6 +
 .../cells/dev/shellsProfiles}/commands.toml   |   0
 .../cells/dev/shellsProfiles}/packages.toml   |   0
 units/cells/dev/tasks/climod.md               |  37 +
 units/cells/dev/tasks/climod.nix              |  32 +
 units/cells/dev/tasks/makes-ps-tenzir/_env    |   5 +
 .../dev}/tasks/makes-ps-tenzir/default.nix    |   9 +-
 .../cells/dev}/tasks/makes-ps-tenzir/env      |   0
 .../dev}/tasks/makes-ps-tenzir/tenzir.yaml    |   0
 {dev => units/cells/dev}/tasks/makes-test.nix |   6 +-
 units/cells/dev/tasks/runScriptWithEnv.nix    |  18 +
 .../cells/dev}/tasks/script-json/default.json |   0
 .../dev}/tasks/script-json/function.json      |   0
 units/cells/dev/tasks/test.nix                |   1 +
 .../cells/prod}/schemas/tenzir-sysmon.yaml    |   0
 .../prod/tasks/deploy-tenzir-aws/default.nix  |   6 +
 .../tasks/deploy-tenzir-aws/entrypoint.sh     |   0
 .../cells/prod}/tasks/deploy-tenzir-aws/env   |   0
 28 files changed, 1116 insertions(+), 602 deletions(-)
 delete mode 100644 dev/configs/treefmt.toml
 delete mode 100644 dev/tasks/runScriptWithEnv.nix
 create mode 100644 diagrams/images/process-compose-tenzir.svg
 delete mode 100644 prod/tasks/deploy-tenzir-aws/default.nix
 create mode 100644 units/cells/dev/configs/treefmt.nix
 rename {dev/shellProfiles => units/cells/dev/shellsProfiles}/commands.toml (100%)
 rename {dev/shellProfiles => units/cells/dev/shellsProfiles}/packages.toml (100%)
 create mode 100644 units/cells/dev/tasks/climod.md
 create mode 100644 units/cells/dev/tasks/climod.nix
 create mode 100644 units/cells/dev/tasks/makes-ps-tenzir/_env
 rename {dev => units/cells/dev}/tasks/makes-ps-tenzir/default.nix (58%)
 rename {dev => units/cells/dev}/tasks/makes-ps-tenzir/env (100%)
 rename {dev => units/cells/dev}/tasks/makes-ps-tenzir/tenzir.yaml (100%)
 rename {dev => units/cells/dev}/tasks/makes-test.nix (86%)
 create mode 100644 units/cells/dev/tasks/runScriptWithEnv.nix
 rename {dev => units/cells/dev}/tasks/script-json/default.json (100%)
 rename {dev => units/cells/dev}/tasks/script-json/function.json (100%)
 create mode 100644 units/cells/dev/tasks/test.nix
 rename {prod => units/cells/prod}/schemas/tenzir-sysmon.yaml (100%)
 create mode 100644 units/cells/prod/tasks/deploy-tenzir-aws/default.nix
 rename {prod => units/cells/prod}/tasks/deploy-tenzir-aws/entrypoint.sh (100%)
 rename {prod => units/cells/prod}/tasks/deploy-tenzir-aws/env (100%)

diff --git a/.github/workflows/nix-oci.yaml b/.github/workflows/nix-oci.yaml
index 942401d..7f39b8b 100644
--- a/.github/workflows/nix-oci.yaml
+++ b/.github/workflows/nix-oci.yaml
@@ -23,4 +23,4 @@ jobs:
 
       - name: copy oci-image to the register
         run: |
-          nix run ./#x86_64-linux.dev.containers.default.copyToRegistry
+          nix run ./#x86_64-linux.dev.containers.default.out.copyToRegistry
diff --git a/README.org b/README.org
index 6c5f618..01868f4 100644
--- a/README.org
+++ b/README.org
@@ -12,23 +12,27 @@
 
 * Configuration languages or files
 
-By simply placing the supported configuration formats or files in the corresponding folders, the auto-importing mechanism will be triggered automatically.
+By simply placing the supported configuration formats or files in the corresponding folders, the auto-importing mechanism will be triggered.
 #+begin_quote
  We have a global command-line tool called ~std~ that allows users to query and execute various tasks.
 #+end_quote
 
-- [X] ~devshell~ -> path -> ./cells/devshell
-  - nix,yaml
-- [X] ~tasks~ -> path -> ./cells/tasks/tasks
-  - nix,json,yaml
-- [X] ~schemas~ -> path -> ./tenzir/schemas/
-  - nix,yaml,json
-- [ ] ~terraform~ -> path -> ./deploy/tf
-  - nix(validator::terranix),hcl(validator::internal),json(overrideValues),nickel(validator::tf-ncl)
-- [ ] ~kubernets~ -> path -> ./deploy/k8s
-  - ts(validator::architect-k8s-template),yaml,nickel,nix,json(overrideValues)
-- [] ~secrets~ -> path -> ./secrets
-  - envs(yaml/json), sops(GPG,ssh),age(ssh),vault(cloud),git-crypt
++ units (dirs)
+  1) cells(std&nix) A DevOps framework for the SDLC with the power of Nix and Flakes. Good for keeping deadlines!
+    - [X] ~devshell~ -> path -> ./cells/devshell
+      - nix,yaml
+    - [X] ~tasks~ -> path -> ./cells/tasks/tasks
+      - nix,json,yaml
+    - [X] ~schemas~ -> path -> ./tenzir/schemas/
+      - nix,yaml,json
+    - [ ] ~terraform~ -> path -> ./deploy/tf
+      - nix(validator::terranix),hcl(validator::internal),json(overrideValues),nickel(validator::tf-ncl)
+    - [ ] ~kubernets~ -> path -> ./deploy/k8s
+      - ts(validator::architect-k8s-template),yaml,nickel,nix,json(overrideValues)
+    - [] ~secrets~ -> path -> ./secrets
+      - envs(yaml/json), sops(GPG,ssh),age(ssh),vault(cloud),git-crypt
+
+  2) nickel: Introducing the experimental incorporation of Nickel into security dataflow.
 
 
 Moreover, users have the flexibility to modify the structure of the related cells' paths by using the ~cellsFrom~ field in the ~./devshell.toml~.
diff --git a/dev/configs/treefmt.toml b/dev/configs/treefmt.toml
deleted file mode 100644
index 6297c92..0000000
--- a/dev/configs/treefmt.toml
+++ /dev/null
@@ -1,3 +0,0 @@
-[formatter.prettier]
-command = "prettier"
-excludes = ["generated-*.yaml"]
diff --git a/dev/tasks/runScriptWithEnv.nix b/dev/tasks/runScriptWithEnv.nix
deleted file mode 100644
index aae18a8..0000000
--- a/dev/tasks/runScriptWithEnv.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-makeScript {
-  name = "runScriptWithEnv";
-  env = {
-    a = "1";
-    b = "2";
-    VAR_NAME = "test";
-  };
-  searchPaths.bin = [nixpkgs.hello];
-  searchPaths.source = [];
-  entrypoint = ''
-    hello --help
-    echo $a
-  '';
-}
diff --git a/devshell.toml b/devshell.toml
index 9d3c1b6..ea960d5 100644
--- a/devshell.toml
+++ b/devshell.toml
@@ -1,9 +1,4 @@
-[cellBlocks]
-shellProfiles = "/shellProfiles" #toml,nix
-shell = "/shell" # nix
-tasks = "/tasks"
-configs = "/configs" #json,toml,yaml
-schemas = "/schemas" #json,toml,yaml
+cellsFrom = "/units/cells"
 
 [devshell]
 # programs.sops.enable = true;
diff --git a/diagrams/images/process-compose-tenzir.svg b/diagrams/images/process-compose-tenzir.svg
new file mode 100644
index 0000000..f8e523c
--- /dev/null
+++ b/diagrams/images/process-compose-tenzir.svg
@@ -0,0 +1,850 @@
+<?xml version="1.0" encoding="utf-8"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" d2Version="v0.6.0" preserveAspectRatio="xMinYMin meet" viewBox="0 0 599 1375"><svg id="d2-svg" class="d2-4136361241" width="599" height="1375" viewBox="-179 -184 599 1375"><rect x="-179.000000" y="-184.000000" width="599.000000" height="1375.000000" rx="0.000000" class=" fill-N7" stroke-width="0" /><style type="text/css"><![CDATA[
+.d2-4136361241 .text {
+	font-family: "d2-4136361241-font-regular";
+}
+@font-face {
+	font-family: d2-4136361241-font-regular;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAA1QAAoAAAAAFKQAAguFAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgXd/Vo2NtYXAAAAFUAAAAjAAAAKgCegOKZ2x5ZgAAAeAAAAbmAAAJeLnMSHpoZWFkAAAIyAAAADYAAAA2G4Ue32hoZWEAAAkAAAAAJAAAACQKhAXjaG10eAAACSQAAACDAAAAhDsPBi5sb2NhAAAJqAAAAEQAAABEKGoqvm1heHAAAAnsAAAAIAAAACAAOQD2bmFtZQAACgwAAAMjAAAIFAbDVU1wb3N0AAANMAAAAB0AAAAg/9EAMgADAgkBkAAFAAACigJYAAAASwKKAlgAAAFeADIBIwAAAgsFAwMEAwICBGAAAvcAAAADAAAAAAAAAABBREJPAEAAIP//Au7/BgAAA9gBESAAAZ8AAAAAAeYClAAAACAAA3icZMy5bcIAGEDhz7FzO4mTOAeXxAJMAQNYggUokFgAWTALFSAGQPTMwgZs8CO55ZWv+JBIJchl1igVUpm+gZHKxMxCbRVBc4cqY1NztWVEnOMSpzjGIfaxi21sGu+2RM9dY9978OjJsxevcm/efSh8+vKt9OPXn38tbR1drgAAAP//AQAA///DgRv1eJxsVW1sG2cd/z+PHZ9dO3Vu8Xttn+8u8dmO3+KzfUnsnBu/pM6rk3Oz5mVJ1TY0VVcqLZFaVVQM6NYOIVg+FKkSHUyifNgHQDCpgPatEyO8bNO+sFUDaQLkTewDYPwBac0durOdJohPPj3S8/z+v7e/oQdWAHAG3wUdmMAKz4AdgCdpcpDmOJYQeEFgnTqBQySxgv4k7yI0ldZns/rh4ufFGy++iJa/iu/uXxl7aWvr1xvXr8vfbnwmp9B7nwGCtNLCJ/B98AH0MMFgJp3N8imHkwgGWcZgsNscDj6VFZwGA5Kkr8/MvlTPP+eNeYoRcZ1PrYmJaSrOnbcs3nv+8j1pOJD1MhPXJOlGMcSkYykAwLAKgNN4F4xAqhPzKYfdZmA5PpXNpIMsu/rg3vdf++7SzM7Ozs4M3n3j/ms/KX/r5s2XD+6a8S6Ywda5q11mSfLg+lvTV8XbV66cf7Z+5tkNvDuwVN3alJ+g6sTkKQEAEESUFvoHvg8xjR8naHwy6WCQ4+L4KFuVrNPpx3abwYD6KteGUuxZfqLqG6Y2qPFwZiOX22Rj/qm4UKJTnvXg+EB205KJjg3Gckkm5D0e7o0Uk6laLDaQ9dHpKBX2mEN9sYnh9FIKEHgB0BO8C4TKhM3Qdpb8yzvok3fw9OTk/kPQ+KaVFvoZaoIHBgCcjGqGkNZGIzhtUDvJcqzBwKWyQkYz59H44qvfI4dCkWlfgLkwtrJQJnTMooMV2RvnUpapiYUlkhphA7ZRR/jLa/Ifx7yRIkPdseYT4UHAICkt9AXeg34ItNVhCZbk7UQby6YBqTIzBsLucKAwMxXQEUUJ07XQ2fO5s5P5Wq5CnWQDBQvtS+G9R8s+7vYL9WtiZWt14QITULxO0DyIKy30U9RUNfj/GetG7JmTl/ITz4vJijtiT/iiFa5eYsYcA/SCJb+9IG3nGWe235VYGqlv+WyCj1Y1Sygt9LjLoa2Z9jiX4btiCZkDoP+sXc2dEyJiQF8vEzrvrPtknhr1c4XgpOXlG7Ud0e+pv7U/MuoNV0qy15moj5y5AFib/3eoCS6gjjCw2wwEfVAQHa1JhZwTl8XCprD+JYTlX/acmWRzJ3xU7fdIXxjlFy3j27WFbfHmpV63ae45O5m1+VFweq6m6SQBoA/xXiftXR9Ilmx7QEqSjp1LzZ2SosnB3CDee7RJJ86ty39A4bIYHJRfB0WBCgC8iR/iIPgBwADUTQBQFOUjhYOfa+eB9vlX4ACzgffAomGSfD9P9LMcYZcWde+v/fBXq99Zw3uyH8Hb8p//fvlrnTtKCz7Ce2BtK07y5IGFb8TD0nGTniDMRodlNIMv7t/tJxES9fo2Fv4XagKtYTn5tlNHWBIHv1KZ0AVmh0YK1uB8dGZKisazZSmayJZRY5JNDEfD6S71Gfn1zk9XQ9TsaNjBOKxhmdCx8wciao8d0bDj9z9RE6xw4ojfRzthtzmQNbdVKGzl8hcLhYv5wtxcQZyf72Q1vy0tbOfLW/XTly6drm+B1jcefYGanaw+nc5mMLBMkHPa+w/3TZ2Urg1tnM+dHWFKDL6u1a0wQIvv4jdHvKE7L0jXRL9n6QEyHOmb2gkePe7i9GQE7fluMXiBJ3WHO4Fu630zkXYxTtLYWHz/oBTv/njZG9KK4fPF9+eQ4WkrutnZQM3OZm+z6bS6LbS7GvY5+yw2K1Vyo8ZyPHusqtenRHmvnSOv0kK3UBMiWo4O72ZtNf/PZm4v5g/SG2w4UB5KJmn+BFOMrNRi896QOxuID/mTJ9hyLFyzcF7BTccoN+M81ktnwrlawJnud0W8Tp/d3EsLca4Y0vBdSgtV8FVwdnLMZgSBt/N29mmeP58fr84eq9y6RUd6/ZY+W8KyWkW9Ys8rr5TkZmzYpBcJs/bWjNJC76GGmrsjnSA7a+iTuWp9KBnMMaouzKzl3DpKyx+WRW4Ircie2VBSnQcAP0QNrR86vt/hUCUV+g996VhdMKg+R+h+cOd01Xic0Bv7TDMLsybSqDdaiVPz39icNFlNemPfsTJqyJ8yJYYpMch96MuDetjy4GCFlZ8AAouSQL9BDTXpTz0QhMPwuuN4tc9n6TPaTOGs1fz20gWz26w3246dWfgFmah8YNBP4J5cbAB9Kv+bqjJ0NYB695vJ2ZiqCwWAXkUNMAHwGaT+8SHaTiH4G5pVABmj6HopKn+zpGkYho+RFXlAByBkeHu48XGh0MkZPEAN9VzdUZKEGrIHkPJbPA0CfghmAFILeLtMLopyuSgKT/vcLr/f5fYBIG3//Qg1OjurmzXVJkPAMdhLmly9Ay4p/9jYI+p6+Cj27f91evm/AAAA//8BAAD///b8/NEAAAABAAAAAguFUKyezV8PPPUAAwPoAAAAANhdoKEAAAAA3WYvNv46/tsIbwPIAAAAAwACAAAAAAAAAAEAAAPY/u8AAAiY/jr+OghvAAEAAAAAAAAAAAAAAAAAAAAheJwczCGOwlAYhdHvv2NHkycaaIIqJMU0IAgShbuOsgBWwypQ7KQYDIZdgCq4R6g/OTqxpwOtaXSk1ZJWI2ZKFPGhUYWjo9acRbyoVWJ6trzzI56YjP82WFOs8eA82AOOM0WYpJKdbqS48x8XJrGioseQr7/nCwAA//8BAAD//5IiHGMAAAAALAAsAFwAegCcAOAA8gEqAV4BjAG+AfICFAIgAiwCRgJiApQCtgLiAxYDSgNqA6oD0APyBCwEXARyBH4EigSgBLwAAQAAACEAjAAMAGYABwABAAAAAAAAAAAAAAAAAAQAA3icnJTdThtXFIU/B9ttVDUXFYrIDTqXbZWM3QiiBK5MCYpVhFOP0x+pqjR4xj9iPDPyDFCqPkCv+xZ9i1z1OfoQVa+rs7wNNqoUgRCwzpy991lnr7UPsMm/bFCrPwT+av5guMZ2c8/wAx41nxre4Ljxt+H6SkyDuPGb4SZfNvqGP+J9/Q/DH7NT/9nwQ7bqR4Y/4Xl90/CnG45/DD9ih/cLXIOX/G64xhaF4Qds8pPhDR5jNWt1HtM23OAztg032QYGTKlImZIxxjFiyphz5iSUhCTMmTIiIcbRpUNKpa8ZkZBj/L9fI0Iq5kSqOKHCkRKSElEysYq/KivnrU4caTW3vQ4VEyJOlXFGRIYjZ0xORsKZ6lRUFOzRokXJUHwLKkoCSqakBOTMGdOixxHHDJgwpcRxpEqeWUjOiIpLIp3vLMJ3ZkhCRmmszsmIxdOJX6LsLsc4ehSKXa18vFbhKY7vlO255Yr9ikC/boXZ+rlLNhEX6meqrqTauZSCE+36czt8K1yxh7tXf9aZfLhHsf5XqnzKufSPpVQmJhnObdEhlINC9wTHgdZdQnXke7oMeEOPdwy07tCnT4cTBnR5rdwefRxf0+OEQ2V0hRd7R3LMCT/i+IauYnztxPqzUCzhFwpzdymOc91jRqGee+aB7prohndX2M9QvuaOUjlDzZGPdNIv05xFjM0VhRjO1MulN0rrX2yOmOkuXtubfT8NFzZ7yym+ItcMe7cuOHnlFow+pGpwyzOX+gmIiMk5VcSQnBktKq7E+y0R56Q4DtW9N5qSis51jj/nSi5JmIlBl0x15hT6G5lvQuM+XPO9s7ckVr5nenZ9q/uc4tSrG43eqXvLvdC6nKwo0DJV8xU3DcU1M+8nmqlV/qFyS71uOc/ok0j1VDe4/Q48J6DNDrvsM9E5Q+1c2BvR1jvR5hX76sEZiaJGcnViFXYJeMEuu7zixVrNDocc0GP/DhwXWT0OeH1rZ12nZRVndf4Um7b4Op5dr17eW6/P7+DLLzRRNy9jX9r4bl9YtRv/nxAx81zc1uqd3BOC/wAAAP//AQAA//8HW0wwAHicYmBmAIP/5xiMGLAAAAAAAP//AQAA//8vAQIDAAAA");
+}
+.text-underline {
+	text-decoration: underline;
+}
+.d2-4136361241 .text-bold {
+	font-family: "d2-4136361241-font-bold";
+}
+@font-face {
+	font-family: d2-4136361241-font-bold;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAA1MAAoAAAAAFJgAAguFAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgXxHXrmNtYXAAAAFUAAAAjAAAAKgCegOKZ2x5ZgAAAeAAAAbgAAAJVPSvNRJoZWFkAAAIwAAAADYAAAA2G38e1GhoZWEAAAj4AAAAJAAAACQKfwXgaG10eAAACRwAAACEAAAAhD6ABNZsb2NhAAAJoAAAAEQAAABEJ9gqIG1heHAAAAnkAAAAIAAAACAAOQD3bmFtZQAACgQAAAMoAAAIKgjwVkFwb3N0AAANLAAAAB0AAAAg/9EAMgADAioCvAAFAAACigJYAAAASwKKAlgAAAFeADIBKQAAAgsHAwMEAwICBGAAAvcAAAADAAAAAAAAAABBREJPACAAIP//Au7/BgAAA9gBESAAAZ8AAAAAAfAClAAAACAAA3icZMy5bcIAGEDhz7FzO4mTOAeXxAJMAQNYggUokFgAWTALFSAGQPTMwgZs8CO55ZWv+JBIJchl1igVUpm+gZHKxMxCbRVBc4cqY1NztWVEnOMSpzjGIfaxi21sGu+2RM9dY9978OjJsxevcm/efSh8+vKt9OPXn38tbR1drgAAAP//AQAA///DgRv1eJxcVV1sG1kVPvfamWkcb5KxPR7b8f+1Z2wntmNPxpM0ThwnjpO0zn+TprtJU6oCKWnT0KQkW1XqS4VgSVVRF1GQYHkACaSCtCoP3UUBgWCh2iIt6pa+sNpFrPpskLVCyLHRzDh/+2Df0dXofOd8P2egAaYA8EX8AHTQCC1gAhZAZHxMUBQEQsuiLBNOJwuIoaewqfqznwphfTisj3gfem4uL6Px8/jB3pU3xi9e/Hy5t7f643ffq95FG+8BIIjVyrgTP4Q2gAY/z0tdqZSYtHI0zxM/RbEWq5hMyRyFlmbemp27O5O55Juwy6RjrH1+NJSxTcwYC9+7euUH06L/POdKnh+8tB6wL14ADOMAuIB3wKB1KiatVtZCUUQQk6mU1MXzhIw/uXR/eurehaizezYWm+124p3cvfX1+yNbocWJiXNBgHqdTrwDRrAcq0NYRkxKXUqZT0dv5PObw9Oj2wPpHN4RFicLF+Mfo5kVMQKgzEhqZWzADyGizijIVmUoqYsXhBg+PjBrsXKchoAsA7eTZ8h8KBYV2+d8ab73cq57PXLaOyDw0Z7Imd78yTVjZ+zLbt7v8rhMgeZ4Pp5a6OqILNnbPE63m/HbzgynFrsBgR0Am/EO0MoERPKxhHn2GP3vMW69dWuvBOqckVoZfYQqYAcCwPkVIWS1JVpQG2QZIhCKkpMpWVJ1+W1u6k4Rk7BnICDFV08uf2XboPeMnLAHzRNpj/FsZmKhxSfY2C+5AmvXq5+JTnKdM581tLtsnIqXrZWxFe+CBTwaK4QmjMjSKphKgKBwRPw0a7WiYd+QS2/cKOpdOX96IZ5eXuBT8x1hS8jo80p491HB4er/emHuzcx2vvDN6AemZpX3QK2MdlEFHF/0lsa05iwK2YevZUe/kYuNOIeJV8pkOm0x88ngvLHvxszsZp+bW3YVsgPjbMsFb5vGlVArowreBTN497lSCwuSeISlfUH/s3itd7kr3G2nitsGvSOPbYLJ3G4hqbjxO29O3+h32gq/2BtKOMi2xf6BqXloZGwYsNr7P1EFbHV+9kEUamif4iCld53YpaAgz8j1waErvSNLcT2uvjTkE1IqwZ//4WOhw58y9m/OTG9mMqs5c7AxJfrOOdzoZFiKa97MKgOpOijurvPPMoRRC9NMtkg7Tyenx4ourzNkw7uPztnbV5eqz5AvFbJz1XegVgMZAD7GzzEPbgCgwQNvAdRqtb/W0vCJeu+t3+8cYLrxLhhVTEaURdpMBJrN3tP/6Ce/+s3b6xm8W13707PqP34/clN5v1ZGJrwLLRrbjMgciPeXQm+RaWygKZMxaHzjNCZ7LzkTQlcbaA1H50IV8Kk4nKipdGxC+uDMKv7NJ6Ss2XcqMXW66PIGO5W/OCoNeKLtIX9if+zO6jv1Y58/VKnzV8c4yt+2Qe8dPyAQlTLu6DH+NK0xjSrQ8oUteBiDupWQNXMtl7uWyazlcmuZaCwWjUWjdZ/2bc7O3OjbGh/IFhS7ahkbxVZUAbOiC3fYnbK//LzAsebDiCl9usaE11fSyylv2tEwyafm2yOW0BP884SDfHtjbjvTZp/8LgocBEzJwSiqqPW9AA2SrJbdD4Moi4zuaA7QZco+6NfC0K+k+bODIDz5fsHmUcPg8ib2FlDgMAl1v6B7qAKmYzpqG1NjuK3As06D7TV7q7PPgkpnk4mGhtt6fThZ/RQQsLUyehtVQFD9c7h/eW3/HhRTtq8bsxbqeeKr/KA/4/G5XTGHuzd0ea7nrGfQ0eXo6eG9feEVI+9ZtLdxZsZqNhgDPeHhecG2YLEKNntzE+mJDS1p2WJqZbSGN4FTVZUkIsmyyIosObJ8YHEyV2Bubm0Rl9Fu4Myy8WvzT69Sd+5s/DkSpPSrlFGrla6V0X9RSfHZsQww9ZXz9+mxotvr5K3F7Sad55RxdQl1VT+Rwg4XGq22Dgc7AIENAJdQSc2DTuSsVoVKWT7ypCMCzyvlaPrBrfudlIHS0681yre7G1toPd1Ix7+19ShKv0br6Sa6A5VeBUd5/hR5pZ6jwVfV1vdJPhTKk/fVno21frSHSoqrD3mX5aPQuma8bfW1OGjTiWDIQP/uwUiTyaA/wTSm7z7iuif/QOnXUUPA5UD/euHPB8kIeVFt6p+rf1d5APRrVIJGAFEyKx82ncjyH76L1j98OYliGxPVv20o77XDU+RDCdAByJLItn/+dGWl7iv4CJWUe2UPZYuoVG0FVPsl7oFZ/ByaABjV0FpogrFYMBiL4Z4IIRHlB4DUHfcClaD1mLcUeSgq4Am3OAxmg4sresf/eIK6otMLYfTvqjn1ugz/BwAA//8BAAD//2R38IEAAQAAAAILhc6AxJdfDzz1AAED6AAAAADYXaCEAAAAAN1mLzb+N/7ECG0D8QABAAMAAgAAAAAAAAABAAAD2P7vAAAImP43/jcIbQABAAAAAAAAAAAAAAAAAAAAIQKyAFAAyAAAAkYALgJ7AE0CVABNAiwAIwIsABkCDwAqAj0AQQHTACQCPQAnAgYAJAI7AEEBFAA3ARb/zQIkAEEBHgBBA1kAQQI8AEECKwAkAj0AQQI9ACcBjgBBAbsAFQF/ABECOAA8AwgAGAIJAAwBzAAmAUwAKwEUAEEAAP+tARb/zQAAACwALABYAHwAngDeAPABKAFaAYYBuAHsAg4CGgImAj4CWgKMAq4C2gMKAz4DXgOaA8AD4gQaBEoEXgRqBHYEjASqAAEAAAAhAJAADABjAAcAAQAAAAAAAAAAAAAAAAAEAAN4nJyUz24bVRTGf05s0wrBAkVVuonugkWR6NhUSdU2K4fUikUUB48LQkJIE8/4jzKeGXkmDuEJWPMWvEVXPATPgVij+Xzs2AXRJoqSfHfu+fOdc75zgR3+ZptK9SHwRz0xXGGvfm54iwf1E8PbtOtbhqs8qf1puEZYmxuu83mtZ/gj3lZ/M/yA/epPhh+yW20b/phn1R3Dn2w7/jL8Kfu8XeAKvOBXwxV2yQxvscOPhrd5hMWsVHlE03CNz9gzXGcP6DOhIGZCwgjHkAkjrpgRkeMTMWPCkIgQR4cWMYW+JgRCjtF/fg3wKZgRKOKYAkeMT0xAztgi/iKvlHNlHOo0s7sWBWMCLuRxSUCCI2VESkLEpeIUFGS8okGDnIH4ZhTkeORMiPFImTGiQZc2p/QZMyHH0VakkplPypCCawLld2ZRdmZAREJurK5ICMXTiV8k7w6nOLpksl2PfLoR4Usc38m75JbK9is8/bo1Zpt5l2wC5upnrK7EurnWBMe6LfO2+Fa44BXuXv3ZZPL+HoX6XyjyBVeaf6hJJWKS4NwuLXwpyHePcRzp3MFXR76nQ58Turyhr3OLHj1anNGnw2v5dunh+JouZxzLoyO8uGtLMWf8gOMbOrIpY0fWn8XEIn4mM3Xn4jhTHVMy9bxk7qnWSBXefcLlDqUb6sjlM9AelZZO80u0ZwEjU0UmhlP1cqmN3PoXmiKmqqWc7e19uQ1z273lFt+QaodLtS44lZNbMHrfVL13NHOtH4+AkJQLWQxImdKg4Ea8zwm4IsZxrO6daEsKWiufMs+NVBIxFYMOieLMyPQ3MN34xn2woXtnb0ko/5Lp5aqq+2Rx6tXtjN6oe8s737ocrU2gYVNN19Q0ENfEtB9pp9b5+/LN9bqlPOWIlJjwXy/AMzya7HPAIWNlGOhmbq9DUy9Ek5ccqvpLIlkNpefIIhzg8ZwDDnjJ83f6uGTijItbcVnP3eKYI7ocflAVC/suR7xeffv/rL+LaVO1OJ6uTi/uPcUnd1DrF9qz2/eyp4mVk5hbtNutOCNgWnJxu+s1ucd4/wAAAP//AQAA///0t09ReJxiYGYAg//nGIwYsAAAAAAA//8BAAD//y8BAgMAAAA=");
+}]]></style><style type="text/css"><![CDATA[.shape {
+  shape-rendering: geometricPrecision;
+  stroke-linejoin: round;
+}
+.connection {
+  stroke-linecap: round;
+  stroke-linejoin: round;
+}
+.blend {
+  mix-blend-mode: multiply;
+  opacity: 0.5;
+}
+
+		.d2-4136361241 .fill-N1{fill:#CDD6F4;}
+		.d2-4136361241 .fill-N2{fill:#BAC2DE;}
+		.d2-4136361241 .fill-N3{fill:#A6ADC8;}
+		.d2-4136361241 .fill-N4{fill:#585B70;}
+		.d2-4136361241 .fill-N5{fill:#45475A;}
+		.d2-4136361241 .fill-N6{fill:#313244;}
+		.d2-4136361241 .fill-N7{fill:#1E1E2E;}
+		.d2-4136361241 .fill-B1{fill:#CBA6f7;}
+		.d2-4136361241 .fill-B2{fill:#CBA6f7;}
+		.d2-4136361241 .fill-B3{fill:#6C7086;}
+		.d2-4136361241 .fill-B4{fill:#585B70;}
+		.d2-4136361241 .fill-B5{fill:#45475A;}
+		.d2-4136361241 .fill-B6{fill:#313244;}
+		.d2-4136361241 .fill-AA2{fill:#f38BA8;}
+		.d2-4136361241 .fill-AA4{fill:#45475A;}
+		.d2-4136361241 .fill-AA5{fill:#313244;}
+		.d2-4136361241 .fill-AB4{fill:#45475A;}
+		.d2-4136361241 .fill-AB5{fill:#313244;}
+		.d2-4136361241 .stroke-N1{stroke:#CDD6F4;}
+		.d2-4136361241 .stroke-N2{stroke:#BAC2DE;}
+		.d2-4136361241 .stroke-N3{stroke:#A6ADC8;}
+		.d2-4136361241 .stroke-N4{stroke:#585B70;}
+		.d2-4136361241 .stroke-N5{stroke:#45475A;}
+		.d2-4136361241 .stroke-N6{stroke:#313244;}
+		.d2-4136361241 .stroke-N7{stroke:#1E1E2E;}
+		.d2-4136361241 .stroke-B1{stroke:#CBA6f7;}
+		.d2-4136361241 .stroke-B2{stroke:#CBA6f7;}
+		.d2-4136361241 .stroke-B3{stroke:#6C7086;}
+		.d2-4136361241 .stroke-B4{stroke:#585B70;}
+		.d2-4136361241 .stroke-B5{stroke:#45475A;}
+		.d2-4136361241 .stroke-B6{stroke:#313244;}
+		.d2-4136361241 .stroke-AA2{stroke:#f38BA8;}
+		.d2-4136361241 .stroke-AA4{stroke:#45475A;}
+		.d2-4136361241 .stroke-AA5{stroke:#313244;}
+		.d2-4136361241 .stroke-AB4{stroke:#45475A;}
+		.d2-4136361241 .stroke-AB5{stroke:#313244;}
+		.d2-4136361241 .background-color-N1{background-color:#CDD6F4;}
+		.d2-4136361241 .background-color-N2{background-color:#BAC2DE;}
+		.d2-4136361241 .background-color-N3{background-color:#A6ADC8;}
+		.d2-4136361241 .background-color-N4{background-color:#585B70;}
+		.d2-4136361241 .background-color-N5{background-color:#45475A;}
+		.d2-4136361241 .background-color-N6{background-color:#313244;}
+		.d2-4136361241 .background-color-N7{background-color:#1E1E2E;}
+		.d2-4136361241 .background-color-B1{background-color:#CBA6f7;}
+		.d2-4136361241 .background-color-B2{background-color:#CBA6f7;}
+		.d2-4136361241 .background-color-B3{background-color:#6C7086;}
+		.d2-4136361241 .background-color-B4{background-color:#585B70;}
+		.d2-4136361241 .background-color-B5{background-color:#45475A;}
+		.d2-4136361241 .background-color-B6{background-color:#313244;}
+		.d2-4136361241 .background-color-AA2{background-color:#f38BA8;}
+		.d2-4136361241 .background-color-AA4{background-color:#45475A;}
+		.d2-4136361241 .background-color-AA5{background-color:#313244;}
+		.d2-4136361241 .background-color-AB4{background-color:#45475A;}
+		.d2-4136361241 .background-color-AB5{background-color:#313244;}
+		.d2-4136361241 .color-N1{color:#CDD6F4;}
+		.d2-4136361241 .color-N2{color:#BAC2DE;}
+		.d2-4136361241 .color-N3{color:#A6ADC8;}
+		.d2-4136361241 .color-N4{color:#585B70;}
+		.d2-4136361241 .color-N5{color:#45475A;}
+		.d2-4136361241 .color-N6{color:#313244;}
+		.d2-4136361241 .color-N7{color:#1E1E2E;}
+		.d2-4136361241 .color-B1{color:#CBA6f7;}
+		.d2-4136361241 .color-B2{color:#CBA6f7;}
+		.d2-4136361241 .color-B3{color:#6C7086;}
+		.d2-4136361241 .color-B4{color:#585B70;}
+		.d2-4136361241 .color-B5{color:#45475A;}
+		.d2-4136361241 .color-B6{color:#313244;}
+		.d2-4136361241 .color-AA2{color:#f38BA8;}
+		.d2-4136361241 .color-AA4{color:#45475A;}
+		.d2-4136361241 .color-AA5{color:#313244;}
+		.d2-4136361241 .color-AB4{color:#45475A;}
+		.d2-4136361241 .color-AB5{color:#313244;}.appendix text.text{fill:#CDD6F4}.md{--color-fg-default:#CDD6F4;--color-fg-muted:#BAC2DE;--color-fg-subtle:#A6ADC8;--color-canvas-default:#1E1E2E;--color-canvas-subtle:#313244;--color-border-default:#CBA6f7;--color-border-muted:#CBA6f7;--color-neutral-muted:#313244;--color-accent-fg:#CBA6f7;--color-accent-emphasis:#CBA6f7;--color-attention-subtle:#BAC2DE;--color-danger-fg:red;}.sketch-overlay-B1{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-B2{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-B3{fill:url(#streaks-dark);mix-blend-mode:overlay}.sketch-overlay-B4{fill:url(#streaks-dark);mix-blend-mode:overlay}.sketch-overlay-B5{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-B6{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-AA2{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-AA4{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-AA5{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-AB4{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-AB5{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-N1{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-N2{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-N3{fill:url(#streaks-normal);mix-blend-mode:color-burn}.sketch-overlay-N4{fill:url(#streaks-dark);mix-blend-mode:overlay}.sketch-overlay-N5{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-N6{fill:url(#streaks-darker);mix-blend-mode:lighten}.sketch-overlay-N7{fill:url(#streaks-darker);mix-blend-mode:lighten}.light-code{display: none}.dark-code{display: block}]]></style><style type="text/css">.d2-4136361241 .md em,
+.d2-4136361241 .md dfn {
+  font-family: "d2-4136361241-font-italic";
+}
+
+.d2-4136361241 .md b,
+.d2-4136361241 .md strong {
+  font-family: "d2-4136361241-font-bold";
+}
+
+.d2-4136361241 .md code,
+.d2-4136361241 .md kbd,
+.d2-4136361241 .md pre,
+.d2-4136361241 .md samp {
+  font-family: "d2-4136361241-font-mono";
+  font-size: 1em;
+}
+
+.d2-4136361241 .md {
+  tab-size: 4;
+}
+
+/* variables are provided in d2renderers/d2svg/d2svg.go */
+
+.d2-4136361241 .md {
+  -ms-text-size-adjust: 100%;
+  -webkit-text-size-adjust: 100%;
+  margin: 0;
+  color: var(--color-fg-default);
+  background-color: transparent; /* we don't want to define the background color */
+  font-family: "d2-4136361241-font-regular";
+  font-size: 16px;
+  line-height: 1.5;
+  word-wrap: break-word;
+}
+
+.d2-4136361241 .md details,
+.d2-4136361241 .md figcaption,
+.d2-4136361241 .md figure {
+  display: block;
+}
+
+.d2-4136361241 .md summary {
+  display: list-item;
+}
+
+.d2-4136361241 .md [hidden] {
+  display: none !important;
+}
+
+.d2-4136361241 .md a {
+  background-color: transparent;
+  color: var(--color-accent-fg);
+  text-decoration: none;
+}
+
+.d2-4136361241 .md a:active,
+.d2-4136361241 .md a:hover {
+  outline-width: 0;
+}
+
+.d2-4136361241 .md abbr[title] {
+  border-bottom: none;
+  text-decoration: underline dotted;
+}
+
+.d2-4136361241 .md dfn {
+  font-style: italic;
+}
+
+.d2-4136361241 .md h1 {
+  margin: 0.67em 0;
+  padding-bottom: 0.3em;
+  font-size: 2em;
+  border-bottom: 1px solid var(--color-border-muted);
+}
+
+.d2-4136361241 .md mark {
+  background-color: var(--color-attention-subtle);
+  color: var(--color-text-primary);
+}
+
+.d2-4136361241 .md small {
+  font-size: 90%;
+}
+
+.d2-4136361241 .md sub,
+.d2-4136361241 .md sup {
+  font-size: 75%;
+  line-height: 0;
+  position: relative;
+  vertical-align: baseline;
+}
+
+.d2-4136361241 .md sub {
+  bottom: -0.25em;
+}
+
+.d2-4136361241 .md sup {
+  top: -0.5em;
+}
+
+.d2-4136361241 .md img {
+  border-style: none;
+  max-width: 100%;
+  box-sizing: content-box;
+  background-color: var(--color-canvas-default);
+}
+
+.d2-4136361241 .md figure {
+  margin: 1em 40px;
+}
+
+.d2-4136361241 .md hr {
+  box-sizing: content-box;
+  overflow: hidden;
+  background: transparent;
+  border-bottom: 1px solid var(--color-border-muted);
+  height: 0.25em;
+  padding: 0;
+  margin: 24px 0;
+  background-color: var(--color-border-default);
+  border: 0;
+}
+
+.d2-4136361241 .md input {
+  font: inherit;
+  margin: 0;
+  overflow: visible;
+  font-family: inherit;
+  font-size: inherit;
+  line-height: inherit;
+}
+
+.d2-4136361241 .md [type="button"],
+.d2-4136361241 .md [type="reset"],
+.d2-4136361241 .md [type="submit"] {
+  -webkit-appearance: button;
+}
+
+.d2-4136361241 .md [type="button"]::-moz-focus-inner,
+.d2-4136361241 .md [type="reset"]::-moz-focus-inner,
+.d2-4136361241 .md [type="submit"]::-moz-focus-inner {
+  border-style: none;
+  padding: 0;
+}
+
+.d2-4136361241 .md [type="button"]:-moz-focusring,
+.d2-4136361241 .md [type="reset"]:-moz-focusring,
+.d2-4136361241 .md [type="submit"]:-moz-focusring {
+  outline: 1px dotted ButtonText;
+}
+
+.d2-4136361241 .md [type="checkbox"],
+.d2-4136361241 .md [type="radio"] {
+  box-sizing: border-box;
+  padding: 0;
+}
+
+.d2-4136361241 .md [type="number"]::-webkit-inner-spin-button,
+.d2-4136361241 .md [type="number"]::-webkit-outer-spin-button {
+  height: auto;
+}
+
+.d2-4136361241 .md [type="search"] {
+  -webkit-appearance: textfield;
+  outline-offset: -2px;
+}
+
+.d2-4136361241 .md [type="search"]::-webkit-search-cancel-button,
+.d2-4136361241 .md [type="search"]::-webkit-search-decoration {
+  -webkit-appearance: none;
+}
+
+.d2-4136361241 .md ::-webkit-input-placeholder {
+  color: inherit;
+  opacity: 0.54;
+}
+
+.d2-4136361241 .md ::-webkit-file-upload-button {
+  -webkit-appearance: button;
+  font: inherit;
+}
+
+.d2-4136361241 .md a:hover {
+  text-decoration: underline;
+}
+
+.d2-4136361241 .md hr::before {
+  display: table;
+  content: "";
+}
+
+.d2-4136361241 .md hr::after {
+  display: table;
+  clear: both;
+  content: "";
+}
+
+.d2-4136361241 .md table {
+  border-spacing: 0;
+  border-collapse: collapse;
+  display: block;
+  width: max-content;
+  max-width: 100%;
+  overflow: auto;
+}
+
+.d2-4136361241 .md td,
+.d2-4136361241 .md th {
+  padding: 0;
+}
+
+.d2-4136361241 .md details summary {
+  cursor: pointer;
+}
+
+.d2-4136361241 .md details:not([open]) > *:not(summary) {
+  display: none !important;
+}
+
+.d2-4136361241 .md kbd {
+  display: inline-block;
+  padding: 3px 5px;
+  color: var(--color-fg-default);
+  vertical-align: middle;
+  background-color: var(--color-canvas-subtle);
+  border: solid 1px var(--color-neutral-muted);
+  border-bottom-color: var(--color-neutral-muted);
+  border-radius: 6px;
+  box-shadow: inset 0 -1px 0 var(--color-neutral-muted);
+}
+
+.d2-4136361241 .md h1,
+.d2-4136361241 .md h2,
+.d2-4136361241 .md h3,
+.d2-4136361241 .md h4,
+.d2-4136361241 .md h5,
+.d2-4136361241 .md h6 {
+  margin-top: 24px;
+  margin-bottom: 16px;
+  font-weight: 400;
+  line-height: 1.25;
+  font-family: "d2-4136361241-font-semibold";
+}
+
+.d2-4136361241 .md h2 {
+  padding-bottom: 0.3em;
+  font-size: 1.5em;
+  border-bottom: 1px solid var(--color-border-muted);
+}
+
+.d2-4136361241 .md h3 {
+  font-size: 1.25em;
+}
+
+.d2-4136361241 .md h4 {
+  font-size: 1em;
+}
+
+.d2-4136361241 .md h5 {
+  font-size: 0.875em;
+}
+
+.d2-4136361241 .md h6 {
+  font-size: 0.85em;
+  color: var(--color-fg-muted);
+}
+
+.d2-4136361241 .md p {
+  margin-top: 0;
+  margin-bottom: 10px;
+}
+
+.d2-4136361241 .md blockquote {
+  margin: 0;
+  padding: 0 1em;
+  color: var(--color-fg-muted);
+  border-left: 0.25em solid var(--color-border-default);
+}
+
+.d2-4136361241 .md ul,
+.d2-4136361241 .md ol {
+  margin-top: 0;
+  margin-bottom: 0;
+  padding-left: 2em;
+}
+
+.d2-4136361241 .md ol ol,
+.d2-4136361241 .md ul ol {
+  list-style-type: lower-roman;
+}
+
+.d2-4136361241 .md ul ul ol,
+.d2-4136361241 .md ul ol ol,
+.d2-4136361241 .md ol ul ol,
+.d2-4136361241 .md ol ol ol {
+  list-style-type: lower-alpha;
+}
+
+.d2-4136361241 .md dd {
+  margin-left: 0;
+}
+
+.d2-4136361241 .md pre {
+  margin-top: 0;
+  margin-bottom: 0;
+  word-wrap: normal;
+}
+
+.d2-4136361241 .md ::placeholder {
+  color: var(--color-fg-subtle);
+  opacity: 1;
+}
+
+.d2-4136361241 .md input::-webkit-outer-spin-button,
+.d2-4136361241 .md input::-webkit-inner-spin-button {
+  margin: 0;
+  -webkit-appearance: none;
+  appearance: none;
+}
+
+.d2-4136361241 .md::before {
+  display: table;
+  content: "";
+}
+
+.d2-4136361241 .md::after {
+  display: table;
+  clear: both;
+  content: "";
+}
+
+.d2-4136361241 .md > *:first-child {
+  margin-top: 0 !important;
+}
+
+.d2-4136361241 .md > *:last-child {
+  margin-bottom: 0 !important;
+}
+
+.d2-4136361241 .md a:not([href]) {
+  color: inherit;
+  text-decoration: none;
+}
+
+.d2-4136361241 .md .absent {
+  color: var(--color-danger-fg);
+}
+
+.d2-4136361241 .md .anchor {
+  float: left;
+  padding-right: 4px;
+  margin-left: -20px;
+  line-height: 1;
+}
+
+.d2-4136361241 .md .anchor:focus {
+  outline: none;
+}
+
+.d2-4136361241 .md p,
+.d2-4136361241 .md blockquote,
+.d2-4136361241 .md ul,
+.d2-4136361241 .md ol,
+.d2-4136361241 .md dl,
+.d2-4136361241 .md table,
+.d2-4136361241 .md pre,
+.d2-4136361241 .md details {
+  margin-top: 0;
+  margin-bottom: 16px;
+}
+
+.d2-4136361241 .md blockquote > :first-child {
+  margin-top: 0;
+}
+
+.d2-4136361241 .md blockquote > :last-child {
+  margin-bottom: 0;
+}
+
+.d2-4136361241 .md sup > a::before {
+  content: "[";
+}
+
+.d2-4136361241 .md sup > a::after {
+  content: "]";
+}
+
+.d2-4136361241 .md h1:hover .anchor,
+.d2-4136361241 .md h2:hover .anchor,
+.d2-4136361241 .md h3:hover .anchor,
+.d2-4136361241 .md h4:hover .anchor,
+.d2-4136361241 .md h5:hover .anchor,
+.d2-4136361241 .md h6:hover .anchor {
+  text-decoration: none;
+}
+
+.d2-4136361241 .md h1 tt,
+.d2-4136361241 .md h1 code,
+.d2-4136361241 .md h2 tt,
+.d2-4136361241 .md h2 code,
+.d2-4136361241 .md h3 tt,
+.d2-4136361241 .md h3 code,
+.d2-4136361241 .md h4 tt,
+.d2-4136361241 .md h4 code,
+.d2-4136361241 .md h5 tt,
+.d2-4136361241 .md h5 code,
+.d2-4136361241 .md h6 tt,
+.d2-4136361241 .md h6 code {
+  padding: 0 0.2em;
+  font-size: inherit;
+}
+
+.d2-4136361241 .md ul.no-list,
+.d2-4136361241 .md ol.no-list {
+  padding: 0;
+  list-style-type: none;
+}
+
+.d2-4136361241 .md ol[type="1"] {
+  list-style-type: decimal;
+}
+
+.d2-4136361241 .md ol[type="a"] {
+  list-style-type: lower-alpha;
+}
+
+.d2-4136361241 .md ol[type="i"] {
+  list-style-type: lower-roman;
+}
+
+.d2-4136361241 .md div > ol:not([type]) {
+  list-style-type: decimal;
+}
+
+.d2-4136361241 .md ul ul,
+.d2-4136361241 .md ul ol,
+.d2-4136361241 .md ol ol,
+.d2-4136361241 .md ol ul {
+  margin-top: 0;
+  margin-bottom: 0;
+}
+
+.d2-4136361241 .md li > p {
+  margin-top: 16px;
+}
+
+.d2-4136361241 .md li + li {
+  margin-top: 0.25em;
+}
+
+.d2-4136361241 .md dl {
+  padding: 0;
+}
+
+.d2-4136361241 .md dl dt {
+  padding: 0;
+  margin-top: 16px;
+  font-size: 1em;
+  font-style: italic;
+  font-family: "d2-4136361241-font-semibold";
+}
+
+.d2-4136361241 .md dl dd {
+  padding: 0 16px;
+  margin-bottom: 16px;
+}
+
+.d2-4136361241 .md table th {
+  font-family: "d2-4136361241-font-semibold";
+}
+
+.d2-4136361241 .md table th,
+.d2-4136361241 .md table td {
+  padding: 6px 13px;
+  border: 1px solid var(--color-border-default);
+}
+
+.d2-4136361241 .md table tr {
+  background-color: var(--color-canvas-default);
+  border-top: 1px solid var(--color-border-muted);
+}
+
+.d2-4136361241 .md table tr:nth-child(2n) {
+  background-color: var(--color-canvas-subtle);
+}
+
+.d2-4136361241 .md table img {
+  background-color: transparent;
+}
+
+.d2-4136361241 .md img[align="right"] {
+  padding-left: 20px;
+}
+
+.d2-4136361241 .md img[align="left"] {
+  padding-right: 20px;
+}
+
+.d2-4136361241 .md span.frame {
+  display: block;
+  overflow: hidden;
+}
+
+.d2-4136361241 .md span.frame > span {
+  display: block;
+  float: left;
+  width: auto;
+  padding: 7px;
+  margin: 13px 0 0;
+  overflow: hidden;
+  border: 1px solid var(--color-border-default);
+}
+
+.d2-4136361241 .md span.frame span img {
+  display: block;
+  float: left;
+}
+
+.d2-4136361241 .md span.frame span span {
+  display: block;
+  padding: 5px 0 0;
+  clear: both;
+  color: var(--color-fg-default);
+}
+
+.d2-4136361241 .md span.align-center {
+  display: block;
+  overflow: hidden;
+  clear: both;
+}
+
+.d2-4136361241 .md span.align-center > span {
+  display: block;
+  margin: 13px auto 0;
+  overflow: hidden;
+  text-align: center;
+}
+
+.d2-4136361241 .md span.align-center span img {
+  margin: 0 auto;
+  text-align: center;
+}
+
+.d2-4136361241 .md span.align-right {
+  display: block;
+  overflow: hidden;
+  clear: both;
+}
+
+.d2-4136361241 .md span.align-right > span {
+  display: block;
+  margin: 13px 0 0;
+  overflow: hidden;
+  text-align: right;
+}
+
+.d2-4136361241 .md span.align-right span img {
+  margin: 0;
+  text-align: right;
+}
+
+.d2-4136361241 .md span.float-left {
+  display: block;
+  float: left;
+  margin-right: 13px;
+  overflow: hidden;
+}
+
+.d2-4136361241 .md span.float-left span {
+  margin: 13px 0 0;
+}
+
+.d2-4136361241 .md span.float-right {
+  display: block;
+  float: right;
+  margin-left: 13px;
+  overflow: hidden;
+}
+
+.d2-4136361241 .md span.float-right > span {
+  display: block;
+  margin: 13px auto 0;
+  overflow: hidden;
+  text-align: right;
+}
+
+.d2-4136361241 .md code,
+.d2-4136361241 .md tt {
+  padding: 0.2em 0.4em;
+  margin: 0;
+  font-size: 85%;
+  background-color: var(--color-neutral-muted);
+  border-radius: 6px;
+}
+
+.d2-4136361241 .md code br,
+.d2-4136361241 .md tt br {
+  display: none;
+}
+
+.d2-4136361241 .md del code {
+  text-decoration: inherit;
+}
+
+.d2-4136361241 .md pre code {
+  font-size: 100%;
+}
+
+.d2-4136361241 .md pre > code {
+  padding: 0;
+  margin: 0;
+  word-break: normal;
+  white-space: pre;
+  background: transparent;
+  border: 0;
+}
+
+.d2-4136361241 .md .highlight {
+  margin-bottom: 16px;
+}
+
+.d2-4136361241 .md .highlight pre {
+  margin-bottom: 0;
+  word-break: normal;
+}
+
+.d2-4136361241 .md .highlight pre,
+.d2-4136361241 .md pre {
+  padding: 16px;
+  overflow: auto;
+  font-size: 85%;
+  line-height: 1.45;
+  background-color: var(--color-canvas-subtle);
+  border-radius: 6px;
+}
+
+.d2-4136361241 .md pre code,
+.d2-4136361241 .md pre tt {
+  display: inline;
+  max-width: auto;
+  padding: 0;
+  margin: 0;
+  overflow: visible;
+  line-height: inherit;
+  word-wrap: normal;
+  background-color: transparent;
+  border: 0;
+}
+
+.d2-4136361241 .md .csv-data td,
+.d2-4136361241 .md .csv-data th {
+  padding: 5px;
+  overflow: hidden;
+  font-size: 12px;
+  line-height: 1;
+  text-align: left;
+  white-space: nowrap;
+}
+
+.d2-4136361241 .md .csv-data .blob-num {
+  padding: 10px 8px 9px;
+  text-align: right;
+  background: var(--color-canvas-default);
+  border: 0;
+}
+
+.d2-4136361241 .md .csv-data tr {
+  border-top: 0;
+}
+
+.d2-4136361241 .md .csv-data th {
+  font-family: "d2-4136361241-font-semibold";
+  background: var(--color-canvas-subtle);
+  border-top: 0;
+}
+
+.d2-4136361241 .md .footnotes {
+  font-size: 12px;
+  color: var(--color-fg-muted);
+  border-top: 1px solid var(--color-border-default);
+}
+
+.d2-4136361241 .md .footnotes ol {
+  padding-left: 16px;
+}
+
+.d2-4136361241 .md .footnotes li {
+  position: relative;
+}
+
+.d2-4136361241 .md .footnotes li:target::before {
+  position: absolute;
+  top: -8px;
+  right: -8px;
+  bottom: -8px;
+  left: -24px;
+  pointer-events: none;
+  content: "";
+  border: 2px solid var(--color-accent-emphasis);
+  border-radius: 6px;
+}
+
+.d2-4136361241 .md .footnotes li:target {
+  color: var(--color-fg-default);
+}
+
+.d2-4136361241 .md .task-list-item {
+  list-style-type: none;
+}
+
+.d2-4136361241 .md .task-list-item label {
+  font-weight: 400;
+}
+
+.d2-4136361241 .md .task-list-item.enabled label {
+  cursor: pointer;
+}
+
+.d2-4136361241 .md .task-list-item + .task-list-item {
+  margin-top: 3px;
+}
+
+.d2-4136361241 .md .task-list-item .handle {
+  display: none;
+}
+
+.d2-4136361241 .md .task-list-item-checkbox {
+  margin: 0 0.2em 0.25em -1.6em;
+  vertical-align: middle;
+}
+
+.d2-4136361241 .md .contains-task-list:dir(rtl) .task-list-item-checkbox {
+  margin: 0 -1.6em 0.25em 0.2em;
+}
+</style><g id="process-compose"><g class="shape" ><rect x="0.000000" y="29.000000" width="240.000000" height="1061.000000" class=" stroke-B1 fill-B4" style="stroke-width:2;" /></g><text x="120.000000" y="16.000000" class="text fill-N1" style="text-anchor:middle;font-size:28px">Process Compose</text></g><g id="title"><g class="shape" ></g><text x="120.500000" y="-43.000000" class="text text-underline fill-N1" style="text-anchor:middle;font-size:40px">process-compose tenzir</text></g><g id="process-compose.tenzir"><g class="shape" ><rect x="50.000000" y="70.000000" width="140.000000" height="292.000000" class=" stroke-B1 fill-B5" style="stroke-width:2;" /></g><text x="120.000000" y="58.000000" class="text fill-N1" style="text-anchor:middle;font-size:24px">Tenzir</text></g><g id="process-compose.data-science"><g class="shape" ><rect x="30.000000" y="502.000000" width="180.000000" height="126.000000" class=" stroke-B1 fill-B5" style="stroke-width:2;" /></g><text x="120.000000" y="490.000000" class="text fill-N1" style="text-anchor:middle;font-size:24px">Data Science</text></g><g id="process-compose.publisher"><g class="shape" ><rect x="34.000000" y="768.000000" width="173.000000" height="292.000000" class=" stroke-B1 fill-B5" style="stroke-width:2;" /></g><text x="120.500000" y="756.000000" class="text fill-N1" style="text-anchor:middle;font-size:24px">Publisher</text></g><g id="process-compose.tenzir.node"><g class="shape" ><rect x="80.000000" y="100.000000" width="80.000000" height="66.000000" class=" stroke-B1 fill-B6" style="stroke-width:2;" /></g><text x="120.000000" y="138.500000" class="text-bold fill-N1" style="text-anchor:middle;font-size:16px">node</text></g><g id="process-compose.tenzir.web"><g class="shape" ><rect x="83.000000" y="266.000000" width="75.000000" height="66.000000" class=" stroke-B1 fill-B6" style="stroke-width:2;" /></g><text x="120.500000" y="304.500000" class="text-bold fill-N1" style="text-anchor:middle;font-size:16px">web</text></g><g id="process-compose.data-science.jupyterlab"><g class="shape" ><rect x="60.000000" y="532.000000" width="120.000000" height="66.000000" class=" stroke-B1 fill-B6" style="stroke-width:2;" /></g><text x="120.000000" y="570.500000" class="text-bold fill-N1" style="text-anchor:middle;font-size:16px">jupyterlab</text></g><g id="process-compose.publisher.notebook"><g class="shape" ><rect x="64.000000" y="798.000000" width="113.000000" height="66.000000" class=" stroke-B1 fill-B6" style="stroke-width:2;" /></g><text x="120.500000" y="836.500000" class="text-bold fill-N1" style="text-anchor:middle;font-size:16px">notebook</text></g><g id="process-compose.publisher.quarto"><g class="shape" ><rect x="73.000000" y="964.000000" width="94.000000" height="66.000000" class=" stroke-B1 fill-B6" style="stroke-width:2;" /></g><text x="120.000000" y="1002.500000" class="text-bold fill-N1" style="text-anchor:middle;font-size:16px">quarto</text></g><g id="process-compose.tenzir.(node -&gt; web)[0]"><marker id="mk-3488378134" markerWidth="10.000000" markerHeight="12.000000" refX="7.000000" refY="6.000000" viewBox="0.000000 0.000000 10.000000 12.000000" orient="auto" markerUnits="userSpaceOnUse"> <polygon points="0.000000,0.000000 10.000000,6.000000 0.000000,12.000000" class="connection fill-B1" stroke-width="2" /> </marker><path d="M 120.000000 168.000000 C 120.000000 206.000000 120.000000 226.000000 120.000000 262.000000" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-3488378134)" mask="url(#d2-4136361241)" /></g><g id="process-compose.publisher.(notebook -&gt; quarto)[0]"><path d="M 120.000000 866.000000 C 120.000000 904.000000 120.000000 924.000000 120.000000 960.000000" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-3488378134)" mask="url(#d2-4136361241)" /></g><g id="process-compose.(data-science.jupyterlab -&gt; publisher.notebook)[0]"><path d="M 120.000000 600.000000 C 120.000000 638.000000 120.000000 658.000000 120.000000 673.000000 C 120.000000 688.000000 120.000000 758.000000 120.000000 794.000000" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-3488378134)" mask="url(#d2-4136361241)" /></g><g id="process-compose.(tenzir -&gt; data-science)[0]"><path d="M 120.000000 364.000000 C 120.000000 418.000000 120.000000 438.799988 120.000000 462.000000" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-3488378134)" mask="url(#d2-4136361241)" /></g><mask id="d2-4136361241" maskUnits="userSpaceOnUse" x="-179" y="-184" width="599" height="1375">
+<rect x="-179" y="-184" width="599" height="1375" fill="white"></rect>
+<rect x="17.500000" y="-12.000000" width="205" height="36" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="-78.000000" y="-83.000000" width="397" height="51" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="88.500000" y="34.000000" width="63" height="31" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="56.500000" y="466.000000" width="127" height="31" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="73.500000" y="732.000000" width="94" height="31" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="102.500000" y="122.500000" width="35" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="105.500000" y="288.500000" width="30" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="82.500000" y="554.500000" width="75" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="86.500000" y="820.500000" width="68" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="95.500000" y="986.500000" width="49" height="21" fill="rgba(0,0,0,0.75)"></rect>
+</mask></svg></svg>
diff --git a/diagrams/process-compose.org b/diagrams/process-compose.org
index 0296d97..709cb47 100644
--- a/diagrams/process-compose.org
+++ b/diagrams/process-compose.org
@@ -9,8 +9,8 @@
 
 
 
-* init Jobs
-#+BEGIN_SRC d2 :file images/process-compose-tenzir.png :flags --theme 200 :exports both :tangle (concat (org-entry-get nil "PRJ-DIR" t) "process-compose-tenzir.d2")
+* tenzir
+#+BEGIN_SRC d2 :file images/process-compose-tenzir.svg :flags --theme 200 :exports both :tangle (concat (org-entry-get nil "PRJ-DIR" t) "process-compose-tenzir.d2")
 # !/usr/bin/env d2 --theme 200
 #
 title: {
@@ -41,4 +41,4 @@ process-compose: Process Compose {
 #+END_SRC
 
 #+RESULTS:
-[[file:images/process-compose-tenzir.png]]
+[[file:images/process-compose-tenzir.svg]]
diff --git a/flake.lock b/flake.lock
index 12e1c33..cb4f2af 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2,11 +2,15 @@
   "nodes": {
     "POP": {
       "inputs": {
-        "flake-compat": "flake-compat",
+        "flake-compat": [
+          "tenzir-devops",
+          "omnibus",
+          "flops"
+        ],
         "nixlib": "nixlib",
         "nixpkgs": [
           "tenzir-devops",
-          "std-ext",
+          "omnibus",
           "flops"
         ]
       },
@@ -39,28 +43,13 @@
         "type": "github"
       }
     },
-    "blank_2": {
-      "locked": {
-        "lastModified": 1625557891,
-        "narHash": "sha256-O8/MWsPBGhhyPoPLHZAuoZiiHo9q6FLlEeIDEXuj6T4=",
-        "owner": "divnix",
-        "repo": "blank",
-        "rev": "5a5d2684073d9f563072ed07c871d577a6c614a8",
-        "type": "github"
-      },
-      "original": {
-        "owner": "divnix",
-        "repo": "blank",
-        "type": "github"
-      }
-    },
     "call-flake": {
       "locked": {
-        "lastModified": 1687380775,
+        "lastModified": 1697332845,
         "narHash": "sha256-bmhE1TmrJG4ba93l9WQTLuYM53kwGQAjYHRvHOeuxWU=",
         "owner": "divnix",
         "repo": "call-flake",
-        "rev": "74061f6c241227cd05e79b702db9a300a2e4131a",
+        "rev": "088f8589c7f3ee59bea1858a89f5125d284c3c4a",
         "type": "github"
       },
       "original": {
@@ -71,11 +60,11 @@
     },
     "call-flake_2": {
       "locked": {
-        "lastModified": 1689473344,
+        "lastModified": 1687380775,
         "narHash": "sha256-bmhE1TmrJG4ba93l9WQTLuYM53kwGQAjYHRvHOeuxWU=",
         "owner": "divnix",
         "repo": "call-flake",
-        "rev": "a07e91d3fb59eb9f7ec706a151e1a7b36a1e8727",
+        "rev": "74061f6c241227cd05e79b702db9a300a2e4131a",
         "type": "github"
       },
       "original": {
@@ -86,42 +75,18 @@
     },
     "devshell": {
       "inputs": {
-        "nixpkgs": "nixpkgs_3",
-        "systems": "systems"
-      },
-      "locked": {
-        "lastModified": 1688380630,
-        "narHash": "sha256-8ilApWVb1mAi4439zS3iFeIT0ODlbrifm/fegWwgHjA=",
-        "owner": "numtide",
-        "repo": "devshell",
-        "rev": "f9238ec3d75cefbb2b42a44948c4e8fb1ae9a205",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "devshell",
-        "type": "github"
-      }
-    },
-    "devshell_2": {
-      "inputs": {
-        "flake-utils": [
-          "tenzir-devops",
-          "std-oci",
-          "flake-utils"
-        ],
         "nixpkgs": [
           "tenzir-devops",
-          "std-oci",
           "nixpkgs"
-        ]
+        ],
+        "systems": "systems"
       },
       "locked": {
-        "lastModified": 1663445644,
-        "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=",
+        "lastModified": 1698410321,
+        "narHash": "sha256-MphuSlgpmKwtJncGMohryHiK55J1n6WzVQ/OAfmfoMc=",
         "owner": "numtide",
         "repo": "devshell",
-        "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66",
+        "rev": "1aed986e3c81a4f6698e85a7452cbfcc4b31a36e",
         "type": "github"
       },
       "original": {
@@ -134,18 +99,20 @@
       "inputs": {
         "haumea": [
           "tenzir-devops",
-          "std",
+          "omnibus",
+          "flops",
           "haumea"
         ],
         "nixlib": [
           "tenzir-devops",
-          "std",
-          "haumea",
-          "nixpkgs"
+          "omnibus",
+          "flops",
+          "nixlib"
         ],
         "yants": [
           "tenzir-devops",
-          "std",
+          "omnibus",
+          "flops",
           "yants"
         ]
       },
@@ -159,7 +126,6 @@
       },
       "original": {
         "owner": "divnix",
-        "ref": "0.2.1",
         "repo": "dmerge",
         "type": "github"
       }
@@ -168,20 +134,18 @@
       "inputs": {
         "haumea": [
           "tenzir-devops",
-          "std-ext",
-          "flops",
+          "std",
           "haumea"
         ],
         "nixlib": [
           "tenzir-devops",
-          "std-ext",
-          "flops",
-          "nixlib"
+          "std",
+          "haumea",
+          "nixpkgs"
         ],
         "yants": [
           "tenzir-devops",
-          "std-ext",
-          "flops",
+          "std",
           "yants"
         ]
       },
@@ -195,53 +159,11 @@
       },
       "original": {
         "owner": "divnix",
+        "ref": "0.2.1",
         "repo": "dmerge",
         "type": "github"
       }
     },
-    "dmerge_3": {
-      "inputs": {
-        "nixlib": [
-          "tenzir-devops",
-          "std-oci",
-          "nixpkgs"
-        ],
-        "yants": [
-          "tenzir-devops",
-          "std-oci",
-          "yants"
-        ]
-      },
-      "locked": {
-        "lastModified": 1659548052,
-        "narHash": "sha256-fzI2gp1skGA8mQo/FBFrUAtY0GQkAIAaV/V127TJPyY=",
-        "owner": "divnix",
-        "repo": "data-merge",
-        "rev": "d160d18ce7b1a45b88344aa3f13ed1163954b497",
-        "type": "github"
-      },
-      "original": {
-        "owner": "divnix",
-        "repo": "data-merge",
-        "type": "github"
-      }
-    },
-    "flake-compat": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1650374568,
-        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": [
@@ -250,11 +172,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1690933134,
-        "narHash": "sha256-ab989mN63fQZBFrkk4Q8bYxQCktuHmBIBqUG1jl6/FQ=",
+        "lastModified": 1698882062,
+        "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "59cf3f1447cfc75087e7273b04b31e689a8599fb",
+        "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
         "type": "github"
       },
       "original": {
@@ -264,72 +186,15 @@
       }
     },
     "flake-utils": {
-      "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_2": {
-      "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_3": {
-      "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_4": {
-      "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
-        "type": "github"
+      "inputs": {
+        "systems": "systems_2"
       },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_5": {
       "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
+        "lastModified": 1694529238,
+        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
+        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
         "type": "github"
       },
       "original": {
@@ -338,7 +203,7 @@
         "type": "github"
       }
     },
-    "flake-utils_6": {
+    "flake-utils_2": {
       "locked": {
         "lastModified": 1653893745,
         "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
@@ -353,36 +218,21 @@
         "type": "github"
       }
     },
-    "flake-utils_7": {
-      "locked": {
-        "lastModified": 1659877975,
-        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
     "flops": {
       "inputs": {
         "POP": "POP",
-        "call-flake": "call-flake_2",
-        "dmerge": "dmerge_2",
-        "haumea": "haumea_2",
+        "call-flake": "call-flake",
+        "dmerge": "dmerge",
+        "haumea": "haumea",
         "nixlib": "nixlib_2",
-        "yants": "yants_2"
+        "yants": "yants"
       },
       "locked": {
-        "lastModified": 1691319618,
-        "narHash": "sha256-2bzDIZNahyiwUnHCnmLhbyTTMX4hgZ1HlRQNqff2jCk=",
+        "lastModified": 1699270012,
+        "narHash": "sha256-izzsLl21YKYRv44bjiJgx7+BTViiB/q6cPD0j7vd7+s=",
         "owner": "gtrunsec",
         "repo": "flops",
-        "rev": "4cd9339adb5f4bf6ded2f8cb32c0cb9bc299fc99",
+        "rev": "9821cfc20ea0a7179576a99576d25f6ce31c2177",
         "type": "github"
       },
       "original": {
@@ -393,42 +243,42 @@
     },
     "haumea": {
       "inputs": {
-        "nixpkgs": "nixpkgs_2"
+        "nixpkgs": [
+          "tenzir-devops",
+          "omnibus",
+          "flops",
+          "nixlib"
+        ]
       },
       "locked": {
-        "lastModified": 1685133229,
-        "narHash": "sha256-FePm/Gi9PBSNwiDFq3N+DWdfxFq0UKsVVTJS3cQPn94=",
+        "lastModified": 1697205539,
+        "narHash": "sha256-gHEy0Q+eEQJkWl6/DpFxXPOlTx/lMU7Pvs/bwoq4OhI=",
         "owner": "nix-community",
         "repo": "haumea",
-        "rev": "34dd58385092a23018748b50f9b23de6266dffc2",
+        "rev": "fc119c500189f739fec7ad33d111f9c92910eccf",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "v0.2.2",
         "repo": "haumea",
         "type": "github"
       }
     },
     "haumea_2": {
       "inputs": {
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-ext",
-          "flops",
-          "nixlib"
-        ]
+        "nixpkgs": "nixpkgs_3"
       },
       "locked": {
-        "lastModified": 1689557889,
-        "narHash": "sha256-kllmt6JnHlry+WAASdSMDaRwbiuk2dFhkbW3Qz1w8BU=",
+        "lastModified": 1685133229,
+        "narHash": "sha256-FePm/Gi9PBSNwiDFq3N+DWdfxFq0UKsVVTJS3cQPn94=",
         "owner": "nix-community",
         "repo": "haumea",
-        "rev": "d6a9593ff2160ce29bf6d905e9ccbcecd66baeef",
+        "rev": "34dd58385092a23018748b50f9b23de6266dffc2",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
+        "ref": "v0.2.2",
         "repo": "haumea",
         "type": "github"
       }
@@ -456,28 +306,6 @@
         "type": "github"
       }
     },
-    "incl_2": {
-      "inputs": {
-        "nixlib": [
-          "tenzir-devops",
-          "std-oci",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1669263024,
-        "narHash": "sha256-E/+23NKtxAqYG/0ydYgxlgarKnxmDbg6rCMWnOBqn9Q=",
-        "owner": "divnix",
-        "repo": "incl",
-        "rev": "ce7bebaee048e4cd7ebdb4cee7885e00c4e2abca",
-        "type": "github"
-      },
-      "original": {
-        "owner": "divnix",
-        "repo": "incl",
-        "type": "github"
-      }
-    },
     "n2c": {
       "inputs": {
         "flake-utils": "flake-utils",
@@ -487,11 +315,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1688922987,
-        "narHash": "sha256-RnQwrCD5anqWfyDAVbfFIeU+Ha6cwt5QcIwIkaGRzQw=",
+        "lastModified": 1697285352,
+        "narHash": "sha256-tRGLm/DO8+anGUCgLYxTF5EPqWv8EZ9MVFWRdh285HU=",
         "owner": "nlewo",
         "repo": "nix2container",
-        "rev": "ab381a7d714ebf96a83882264245dbd34f0a7ec8",
+        "rev": "9d7f33ef0058f4df4c0912025f43c758a3289d76",
         "type": "github"
       },
       "original": {
@@ -503,10 +331,11 @@
     "nixago": {
       "inputs": {
         "flake-utils": "flake-utils_2",
-        "nixago-exts": "nixago-exts",
+        "nixago-exts": [
+          "tenzir-devops"
+        ],
         "nixpkgs": [
           "tenzir-devops",
-          "std-ext",
           "nixpkgs"
         ]
       },
@@ -524,112 +353,6 @@
         "type": "github"
       }
     },
-    "nixago-exts": {
-      "inputs": {
-        "flake-utils": "flake-utils_3",
-        "nixago": "nixago_2",
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-ext",
-          "nixago",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1676070308,
-        "narHash": "sha256-QaJ65oc2l8iwQIGWUJ0EKjCeSuuCM/LqR8RauxZUUkc=",
-        "owner": "nix-community",
-        "repo": "nixago-extensions",
-        "rev": "e5380cb0456f4ea3c86cf94e3039eb856bf07d0b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixago-extensions",
-        "type": "github"
-      }
-    },
-    "nixago-exts_2": {
-      "inputs": {
-        "flake-utils": "flake-utils_5",
-        "nixago": "nixago_3",
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-ext",
-          "nixago",
-          "nixago-exts",
-          "nixago",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1655508669,
-        "narHash": "sha256-BDDdo5dZQMmwNH/GNacy33nPBnCpSIydWFPZs0kkj/g=",
-        "owner": "nix-community",
-        "repo": "nixago-extensions",
-        "rev": "3022a932ce109258482ecc6568c163e8d0b426aa",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixago-extensions",
-        "type": "github"
-      }
-    },
-    "nixago_2": {
-      "inputs": {
-        "flake-utils": "flake-utils_4",
-        "nixago-exts": "nixago-exts_2",
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-ext",
-          "nixago",
-          "nixago-exts",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1676070010,
-        "narHash": "sha256-iYzJIWptE1EUD8VINAg66AAMUajizg8JUYN3oBmb8no=",
-        "owner": "nix-community",
-        "repo": "nixago",
-        "rev": "d480ba6c0c16e2c5c0bd2122852d6a0c9ad1ed0e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "rename-config-data",
-        "repo": "nixago",
-        "type": "github"
-      }
-    },
-    "nixago_3": {
-      "inputs": {
-        "flake-utils": "flake-utils_6",
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-ext",
-          "nixago",
-          "nixago-exts",
-          "nixago",
-          "nixago-exts",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1655405483,
-        "narHash": "sha256-Crd49aZWNrpczlRTOwWGfwBMsTUoG9vlHDKQC7cx264=",
-        "owner": "nix-community",
-        "repo": "nixago",
-        "rev": "e6a9566c18063db5b120e69e048d3627414e327d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixago",
-        "type": "github"
-      }
-    },
     "nixlib": {
       "locked": {
         "lastModified": 1653180592,
@@ -647,11 +370,11 @@
     },
     "nixlib_2": {
       "locked": {
-        "lastModified": 1689469483,
-        "narHash": "sha256-2SBhY7rZQ/iNCxe04Eqxlz9YK9KgbaTMBssq3/BgdWY=",
+        "lastModified": 1698540503,
+        "narHash": "sha256-YN6DJQc7SMe6ep9FhD2BGl92bo24NPNRWjADEJE4xeU=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "02fea408f27186f139153e1ae88f8ab2abd9c22c",
+        "rev": "ce2acb20a405bf6f910081c2adc988bbc8100e4c",
         "type": "github"
       },
       "original": {
@@ -662,11 +385,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1691279975,
-        "narHash": "sha256-EwPVVuQJGf77NOlX96FE9bpbFGz1wq/M4sqJ6Vk4LyM=",
+        "lastModified": 1699126377,
+        "narHash": "sha256-LtDx5VgD/F+5SSRqt8BRSiZi5EwMjWLI1XGjWizcnMI=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "97bd658852ce0efbdc4d9ca84ad466a4cbfb1cf4",
+        "rev": "e583a3b08f2b59488deb2ace2528df37c931509f",
         "type": "github"
       },
       "original": {
@@ -678,11 +401,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1681001314,
-        "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=",
+        "lastModified": 1660438583,
+        "narHash": "sha256-rJUTYxFKlWUJI3njAwEc1pKAVooAViZGJvsgqfh/q/E=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4",
+        "rev": "bbd8f7cd87d0b29294ef3072ffdbd61d60f05da4",
         "type": "github"
       },
       "original": {
@@ -693,27 +416,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1677383253,
-        "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "9952d6bc395f5841262b006fbace8dd7e143b634",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_4": {
-      "locked": {
-        "lastModified": 1660438583,
-        "narHash": "sha256-rJUTYxFKlWUJI3njAwEc1pKAVooAViZGJvsgqfh/q/E=",
+        "lastModified": 1681001314,
+        "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "bbd8f7cd87d0b29294ef3072ffdbd61d60f05da4",
+        "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4",
         "type": "github"
       },
       "original": {
@@ -737,24 +444,27 @@
         "type": "github"
       }
     },
-    "nosys_2": {
+    "omnibus": {
+      "inputs": {
+        "flops": "flops"
+      },
       "locked": {
-        "lastModified": 1668010795,
-        "narHash": "sha256-JBDVBnos8g0toU7EhIIqQ1If5m/nyBqtHhL3sicdPwI=",
-        "owner": "divnix",
-        "repo": "nosys",
-        "rev": "feade0141487801c71ff55623b421ed535dbdefa",
+        "lastModified": 1699270133,
+        "narHash": "sha256-AS/w3i6zKiGs+u9t4B9dMbnLnGoRMPbEKqPFrU3uRVw=",
+        "owner": "gtrunsec",
+        "repo": "omnibus",
+        "rev": "4afa8d88956fe14b8c0a38006eccd54f432ff195",
         "type": "github"
       },
       "original": {
-        "owner": "divnix",
-        "repo": "nosys",
+        "owner": "gtrunsec",
+        "repo": "omnibus",
         "type": "github"
       }
     },
     "paisano": {
       "inputs": {
-        "call-flake": "call-flake",
+        "call-flake": "call-flake_2",
         "nixpkgs": [
           "tenzir-devops",
           "std",
@@ -798,34 +508,6 @@
         "type": "github"
       }
     },
-    "paisano_2": {
-      "inputs": {
-        "nixpkgs": [
-          "tenzir-devops",
-          "std-oci",
-          "nixpkgs"
-        ],
-        "nosys": "nosys_2",
-        "yants": [
-          "tenzir-devops",
-          "std-oci",
-          "yants"
-        ]
-      },
-      "locked": {
-        "lastModified": 1676683211,
-        "narHash": "sha256-5pkyVT4UF89QhEGH/vb7JgbGsOW76bTDtdNETUJtAqA=",
-        "owner": "divnix",
-        "repo": "paisano",
-        "rev": "63b36b54d5368722e386e16f8e0827dc75165f06",
-        "type": "github"
-      },
-      "original": {
-        "owner": "divnix",
-        "repo": "paisano",
-        "type": "github"
-      }
-    },
     "root": {
       "inputs": {
         "nixpkgs": [
@@ -845,11 +527,10 @@
         "blank": "blank",
         "devshell": [
           "tenzir-devops",
-          "std-ext",
           "devshell"
         ],
-        "dmerge": "dmerge",
-        "haumea": "haumea",
+        "dmerge": "dmerge_2",
+        "haumea": "haumea_2",
         "incl": "incl",
         "makes": [
           "tenzir-devops",
@@ -867,7 +548,6 @@
         ],
         "nixago": [
           "tenzir-devops",
-          "std-ext",
           "nixago"
         ],
         "nixpkgs": [
@@ -881,14 +561,14 @@
           "std",
           "blank"
         ],
-        "yants": "yants"
+        "yants": "yants_2"
       },
       "locked": {
-        "lastModified": 1689337213,
-        "narHash": "sha256-qa0B38ihDW1MuAshwgvlbkk3CgheWlvYr35oMpDrxJs=",
+        "lastModified": 1692861655,
+        "narHash": "sha256-NVScyi+Gd7lf5bcH8vysGSqESNiZGrDgaxXY5KdO3iA=",
         "owner": "divnix",
         "repo": "std",
-        "rev": "17dc4eb9587517397dad00617b020769fece3cfe",
+        "rev": "3ce88a33db33ae48ec0081f717e4f035812c3755",
         "type": "github"
       },
       "original": {
@@ -897,91 +577,22 @@
         "type": "github"
       }
     },
-    "std-ext": {
-      "inputs": {
-        "devshell": "devshell",
-        "flops": "flops",
-        "nixago": "nixago",
-        "nixpkgs": [
-          "tenzir-devops",
-          "nixpkgs"
-        ],
-        "org-roam-book-template": [
-          "tenzir-devops"
-        ],
-        "std": [
-          "tenzir-devops",
-          "std"
-        ]
-      },
-      "locked": {
-        "lastModified": 1691319692,
-        "narHash": "sha256-n2c/ULAPojGkQz5itVB9g7D1gaLxAJJ2tGaIpJGBfEE=",
-        "owner": "gtrunsec",
-        "repo": "std-ext",
-        "rev": "db6280ad2105c94813ddeedc9a9fe5b12937079e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "gtrunsec",
-        "repo": "std-ext",
-        "type": "github"
-      }
-    },
-    "std-oci": {
-      "inputs": {
-        "arion": [
-          "tenzir-devops",
-          "std-oci",
-          "blank"
-        ],
-        "blank": "blank_2",
-        "devshell": "devshell_2",
-        "dmerge": "dmerge_3",
-        "flake-utils": "flake-utils_7",
-        "incl": "incl_2",
-        "makes": [
-          "tenzir-devops",
-          "std-oci",
-          "blank"
-        ],
-        "microvm": [
-          "tenzir-devops",
-          "std-oci",
-          "blank"
-        ],
-        "n2c": [
-          "tenzir-devops",
-          "n2c"
-        ],
-        "nixago": [
-          "tenzir-devops",
-          "std-ext",
-          "nixago"
-        ],
-        "nixpkgs": [
-          "tenzir-devops",
-          "nixpkgs"
-        ],
-        "paisano": "paisano_2",
-        "yants": "yants_3"
-      },
+    "systems": {
       "locked": {
-        "lastModified": 1691357392,
-        "narHash": "sha256-7BiQyfCE0rRBXU1TECSsFt25C8tYkiVP/yXE+rl1dVg=",
-        "owner": "gtrunsec",
-        "repo": "std",
-        "rev": "15f9545da1d800212a0fa8ca8ccb0b60794fb5c3",
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
         "type": "github"
       },
       "original": {
-        "owner": "gtrunsec",
-        "ref": "mkDevOCI",
-        "repo": "std",
+        "owner": "nix-systems",
+        "repo": "default",
         "type": "github"
       }
     },
-    "systems": {
+    "systems_2": {
       "locked": {
         "lastModified": 1681028828,
         "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@@ -998,29 +609,25 @@
     },
     "tenzir-devops": {
       "inputs": {
+        "devshell": "devshell",
         "flake-parts": "flake-parts",
-        "flops": [
-          "tenzir-devops",
-          "std-ext",
-          "flops"
-        ],
         "n2c": "n2c",
+        "nixago": "nixago",
         "nixpkgs": "nixpkgs",
         "nixpkgs-users": [
           "tenzir-devops",
           "nixpkgs"
         ],
-        "std": "std",
-        "std-ext": "std-ext",
-        "std-oci": "std-oci"
+        "omnibus": "omnibus",
+        "std": "std"
       },
       "locked": {
         "dir": "nix/devops",
-        "lastModified": 1691492090,
-        "narHash": "sha256-p8/ybRAL/Tmev54Zd3UKRyvop4JuJgD7pi9zhFPcOyw=",
+        "lastModified": 1699270317,
+        "narHash": "sha256-UxRJBS1rU4iD/MZhB2SjjjiEz0f+vty0b+0z1Q0YzbY=",
         "owner": "gtrunsec",
         "repo": "vast",
-        "rev": "3add8e933d01ccce81b8f42905d685785522fe7d",
+        "rev": "54b74fa23aa5b1af59ebbb26949debeea192834e",
         "type": "github"
       },
       "original": {
@@ -1033,12 +640,7 @@
     },
     "yants": {
       "inputs": {
-        "nixpkgs": [
-          "tenzir-devops",
-          "std",
-          "haumea",
-          "nixpkgs"
-        ]
+        "nixpkgs": "nixpkgs_2"
       },
       "locked": {
         "lastModified": 1686863218,
@@ -1055,37 +657,20 @@
       }
     },
     "yants_2": {
-      "inputs": {
-        "nixpkgs": "nixpkgs_4"
-      },
-      "locked": {
-        "lastModified": 1686863218,
-        "narHash": "sha256-kooxYm3/3ornWtVBNHM3Zh020gACUyFX2G0VQXnB+mk=",
-        "owner": "divnix",
-        "repo": "yants",
-        "rev": "8f0da0dba57149676aa4817ec0c880fbde7a648d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "divnix",
-        "repo": "yants",
-        "type": "github"
-      }
-    },
-    "yants_3": {
       "inputs": {
         "nixpkgs": [
           "tenzir-devops",
-          "std-oci",
+          "std",
+          "haumea",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1667096281,
-        "narHash": "sha256-wRRec6ze0gJHmGn6m57/zhz/Kdvp9HS4Nl5fkQ+uIuA=",
+        "lastModified": 1686863218,
+        "narHash": "sha256-kooxYm3/3ornWtVBNHM3Zh020gACUyFX2G0VQXnB+mk=",
         "owner": "divnix",
         "repo": "yants",
-        "rev": "d18f356ec25cb94dc9c275870c3a7927a10f8c3c",
+        "rev": "8f0da0dba57149676aa4817ec0c880fbde7a648d",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index b797ea8..fbc3351 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,23 +1,30 @@
 {
   description = "The users' interface to the Tenzir platform";
-  outputs = {
-    self,
-    tenzir-devops,
-    ...
-  } @ inputs:
-    (
-      tenzir-devops.lib.mkStd {inherit inputs;}
-    )
+  outputs =
+    { self, tenzir-devops, ... }@inputs:
+    (tenzir-devops.lib.mkStd { inherit inputs; })
     // {
-      devShells = inputs.tenzir-devops.inputs.std.harvest inputs.self [["dev" "shells"]];
-      templates = (inputs.tenzir-devops.inputs.std.harvest inputs.self ["dev" "lib"]).x86_64-linux.templates;
+      devShells = inputs.tenzir-devops.inputs.std.harvest inputs.self [
+        [
+          "dev"
+          "shells"
+        ]
+      ];
+      templates =
+        (inputs.tenzir-devops.inputs.std.harvest inputs.self [
+          "dev"
+          "lib"
+        ]).x86_64-linux.templates;
     };
   inputs = {
     tenzir-devops.url = "github:gtrunsec/vast/devops?dir=nix/devops";
     nixpkgs.follows = "tenzir-devops/nixpkgs";
   };
   nixConfig = {
-    extra-substituters = ["https://tenzir.cachix.org" "https://vast.cachix.org"];
+    extra-substituters = [
+      "https://tenzir.cachix.org"
+      "https://vast.cachix.org"
+    ];
     extra-trusted-public-keys = [
       "tenzir.cachix.org-1:+MLwldLx9GLGLsi9mDr5RrVYyI64iVobWpntJaPM50E="
       "vast.cachix.org-1:0L8rErLUuFAdspyGYYQK3Sgs9PYRMzkLEqS2GxfaQhA="
diff --git a/prod/tasks/deploy-tenzir-aws/default.nix b/prod/tasks/deploy-tenzir-aws/default.nix
deleted file mode 100644
index 91bdceb..0000000
--- a/prod/tasks/deploy-tenzir-aws/default.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-makeScript {
-  name = "runScriptWithEnv";
-  searchPaths.bin = [
-    nixpkgs.awscli
-  ];
-  searchPaths.source = [
-    ./env
-  ];
-  entrypoint = ./entrypoint.sh;
-}
diff --git a/units/cells/dev/configs/treefmt.nix b/units/cells/dev/configs/treefmt.nix
new file mode 100644
index 0000000..cee8e56
--- /dev/null
+++ b/units/cells/dev/configs/treefmt.nix
@@ -0,0 +1,6 @@
+{
+  formatter.prettier = {
+    command = "prettier";
+    excludes = dmerge.append [ "generated-*.yaml" ];
+  };
+}
diff --git a/dev/shellProfiles/commands.toml b/units/cells/dev/shellsProfiles/commands.toml
similarity index 100%
rename from dev/shellProfiles/commands.toml
rename to units/cells/dev/shellsProfiles/commands.toml
diff --git a/dev/shellProfiles/packages.toml b/units/cells/dev/shellsProfiles/packages.toml
similarity index 100%
rename from dev/shellProfiles/packages.toml
rename to units/cells/dev/shellsProfiles/packages.toml
diff --git a/units/cells/dev/tasks/climod.md b/units/cells/dev/tasks/climod.md
new file mode 100644
index 0000000..e7cc72a
--- /dev/null
+++ b/units/cells/dev/tasks/climod.md
@@ -0,0 +1,37 @@
+# climod
+
+```nix
+climod {
+  name = "demo";
+  description = "Demo CLI generated";
+  action.bash = ''
+    echo Hello, world
+    echo $#
+    while [ $# -gt 0 ]; do
+      echo "$1"
+      shift
+    done
+  '';
+  target.bash.prelude = ''
+    echo "Starting..."
+  '';
+  allowExtraArguments = true;
+  subcommands.args.description = "Print args";
+  subcommands.args.allowExtraArguments = true;
+  subcommands.args.action.bash = ''
+    for line in "$@"; do
+      echo $line
+    done
+  '';
+  subcommands.eoq.description = "Eoq subcommand";
+  subcommands.eoq.subcommands.greet.description = "Greets the user";
+  subcommands.eoq.subcommands.greet.action.bash = "echo Hello, $GREET_USER!";
+  subcommands.eoq.subcommands.greet.flags = [
+    {
+      description = "User name";
+      keywords = ["-n" "--name"];
+      variable = "GREET_USER";
+    }
+  ];
+}
+```
diff --git a/units/cells/dev/tasks/climod.nix b/units/cells/dev/tasks/climod.nix
new file mode 100644
index 0000000..f6835f6
--- /dev/null
+++ b/units/cells/dev/tasks/climod.nix
@@ -0,0 +1,32 @@
+climod {
+  name = "demo";
+  description = "Demo CLI generated";
+  action.bash = ''
+    echo Hello, world
+  '';
+  target.bash.prelude = ''
+    echo "This is a prelude"
+  '';
+  allowExtraArguments = true;
+  subcommands.tasks.description = "Print args";
+  subcommands.tasks.allowExtraArguments = true;
+  subcommands.tasks.action.bash = ''
+    # glow ${./climod.md}
+    echo Hello
+  '';
+  subcommands.eoq.description = "Eoq subcommand";
+  subcommands.tasks.subcommands.makeScript.description = "makes::fun => make a script";
+  subcommands.tasks.subcommands.makeScript.action.bash =
+    let
+      md = ''
+        # example
+
+         ```nix
+         ${builtins.readFile ./makes-test.nix}
+         ```
+      '';
+    in
+    ''
+      echo '${md}' | glow -
+    '';
+}
diff --git a/units/cells/dev/tasks/makes-ps-tenzir/_env b/units/cells/dev/tasks/makes-ps-tenzir/_env
new file mode 100644
index 0000000..357a7ed
--- /dev/null
+++ b/units/cells/dev/tasks/makes-ps-tenzir/_env
@@ -0,0 +1,5 @@
+TENZIR_PLUGINS__PLATFORM__CONTROL_ENDPOINT="wss://ws.tenzir.app/production"
+TENZIR_PLUGINS__PLATFORM__API_KEY="bVXe-Gtwr3VRKoOhDvUFldM35VAQTiteWca16rcX23c"
+TENZIR_PLUGINS__PLATFORM__TENANT_ID="t-8937c5hz"
+TENZIR_ENDPOINT=127.0.0.1:5158
+TENZIR_ALLOW_UNSAFE_PIPELINES=true
diff --git a/dev/tasks/makes-ps-tenzir/default.nix b/units/cells/dev/tasks/makes-ps-tenzir/default.nix
similarity index 58%
rename from dev/tasks/makes-ps-tenzir/default.nix
rename to units/cells/dev/tasks/makes-ps-tenzir/default.nix
index 251b8ec..74ccb47 100644
--- a/dev/tasks/makes-ps-tenzir/default.nix
+++ b/units/cells/dev/tasks/makes-ps-tenzir/default.nix
@@ -1,21 +1,18 @@
 makeScript {
   name = "process-compose-tenzir";
-  searchPaths.bin = [];
+  searchPaths.bin = [ ];
   searchPaths.source = [
     ./env
     (makeEnvVars {
       name = "configs";
       mapping = {
         tenzirConfig = ./tenzir.yaml;
-        extraWebFlags = "--bind=127.0.0.1";
+        tenzirWebFlag = "--mode=dev --bind=127.0.0.1";
       };
     })
   ];
   entrypoint = ''
-    # automatically export all variables
-    set -a
     # keep the running directory in the top-level of git
-    cd $PRJ_ROOT
-    ${nixpkgs.lib.getExe tenzir-devops.packages.ps-tenzir-users}
+    (cd $PRJ_ROOT && ${nixpkgs.lib.getExe tenzir-devops.packages.ps-tenzir-users})
   '';
 }
diff --git a/dev/tasks/makes-ps-tenzir/env b/units/cells/dev/tasks/makes-ps-tenzir/env
similarity index 100%
rename from dev/tasks/makes-ps-tenzir/env
rename to units/cells/dev/tasks/makes-ps-tenzir/env
diff --git a/dev/tasks/makes-ps-tenzir/tenzir.yaml b/units/cells/dev/tasks/makes-ps-tenzir/tenzir.yaml
similarity index 100%
rename from dev/tasks/makes-ps-tenzir/tenzir.yaml
rename to units/cells/dev/tasks/makes-ps-tenzir/tenzir.yaml
diff --git a/dev/tasks/makes-test.nix b/units/cells/dev/tasks/makes-test.nix
similarity index 86%
rename from dev/tasks/makes-test.nix
rename to units/cells/dev/tasks/makes-test.nix
index a787a23..7133c0f 100644
--- a/dev/tasks/makes-test.nix
+++ b/units/cells/dev/tasks/makes-test.nix
@@ -1,8 +1,6 @@
 makeScript {
   name = "runScriptWithEnv";
-  searchPaths.bin = [
-    nixpkgs.hello
-  ];
+  searchPaths.bin = [ nixpkgs.hello ];
   searchPaths.source = [
     (makeEnvVars {
       name = "firstEnvVarsOutput";
@@ -21,6 +19,6 @@ makeScript {
   ];
   entrypoint = ''
     hello --help
-    echo $a
+    echo "$a"
   '';
 }
diff --git a/units/cells/dev/tasks/runScriptWithEnv.nix b/units/cells/dev/tasks/runScriptWithEnv.nix
new file mode 100644
index 0000000..082ffdd
--- /dev/null
+++ b/units/cells/dev/tasks/runScriptWithEnv.nix
@@ -0,0 +1,18 @@
+makeScript {
+  name = "runScriptWithEnv";
+  searchPaths.bin = [ nixpkgs.hello ];
+  searchPaths.source = [
+    (makeEnvVars {
+      name = "firstEnvVarsOutput";
+      mapping = {
+        a = "1";
+        b = "2";
+        VAR_NAME = "test";
+      };
+    })
+  ];
+  entrypoint = ''
+    hello --help
+    echo $a
+  '';
+}
diff --git a/dev/tasks/script-json/default.json b/units/cells/dev/tasks/script-json/default.json
similarity index 100%
rename from dev/tasks/script-json/default.json
rename to units/cells/dev/tasks/script-json/default.json
diff --git a/dev/tasks/script-json/function.json b/units/cells/dev/tasks/script-json/function.json
similarity index 100%
rename from dev/tasks/script-json/function.json
rename to units/cells/dev/tasks/script-json/function.json
diff --git a/units/cells/dev/tasks/test.nix b/units/cells/dev/tasks/test.nix
new file mode 100644
index 0000000..d73fae6
--- /dev/null
+++ b/units/cells/dev/tasks/test.nix
@@ -0,0 +1 @@
+{ tenzir-devops }@args: args
diff --git a/prod/schemas/tenzir-sysmon.yaml b/units/cells/prod/schemas/tenzir-sysmon.yaml
similarity index 100%
rename from prod/schemas/tenzir-sysmon.yaml
rename to units/cells/prod/schemas/tenzir-sysmon.yaml
diff --git a/units/cells/prod/tasks/deploy-tenzir-aws/default.nix b/units/cells/prod/tasks/deploy-tenzir-aws/default.nix
new file mode 100644
index 0000000..3029854
--- /dev/null
+++ b/units/cells/prod/tasks/deploy-tenzir-aws/default.nix
@@ -0,0 +1,6 @@
+makeScript {
+  name = "runScriptWithEnv";
+  searchPaths.bin = [ nixpkgs.awscli ];
+  searchPaths.source = [ ./env ];
+  entrypoint = ./entrypoint.sh;
+}
diff --git a/prod/tasks/deploy-tenzir-aws/entrypoint.sh b/units/cells/prod/tasks/deploy-tenzir-aws/entrypoint.sh
similarity index 100%
rename from prod/tasks/deploy-tenzir-aws/entrypoint.sh
rename to units/cells/prod/tasks/deploy-tenzir-aws/entrypoint.sh
diff --git a/prod/tasks/deploy-tenzir-aws/env b/units/cells/prod/tasks/deploy-tenzir-aws/env
similarity index 100%
rename from prod/tasks/deploy-tenzir-aws/env
rename to units/cells/prod/tasks/deploy-tenzir-aws/env