diff --git a/kube/.sops.yaml b/kube/.sops.yaml
index b41649c7..94d66fe3 100644
--- a/kube/.sops.yaml
+++ b/kube/.sops.yaml
@@ -1,7 +1,7 @@
 creation_rules:
   - path_regex: .*.sops.yaml
     encrypted_regex: ^(data|stringData)$
-    pgp: >-
-      31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
     age: >-
       age1xl3fcwdw56k73lraxsjhde4ygwn7jw0js5l5qw7vsp54vc5czuwstcejxu
+    pgp: >-
+      31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
diff --git a/kube/4-core/1-ingress/.sops.yaml b/kube/4-core/1-ingress/.sops.yaml
index a20cf16c..6e9371c8 100644
--- a/kube/4-core/1-ingress/.sops.yaml
+++ b/kube/4-core/1-ingress/.sops.yaml
@@ -1,7 +1,7 @@
 creation_rules:
   - path_regex: .*.yaml
     encrypted_regex: ^(data|stringData|commonName|dnsNames|externalIPs)$
-    pgp: >-
-      31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
     age: >-
       age1xl3fcwdw56k73lraxsjhde4ygwn7jw0js5l5qw7vsp54vc5czuwstcejxu
+    pgp: >-
+      31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
diff --git a/kube/4-core/1-ingress/2-certs.yaml b/kube/4-core/1-ingress/2-certs.yaml
index 598d2725..a1780455 100644
--- a/kube/4-core/1-ingress/2-certs.yaml
+++ b/kube/4-core/1-ingress/2-certs.yaml
@@ -8,28 +8,37 @@ spec:
     issuerRef:
         name: letsencrypt-production
         kind: ClusterIssuer
-    commonName: ENC[AES256_GCM,data:kasrwqZp,iv:pmDjK8oJDUFqVpydg2fIKHeecfxaS0hojmYqHp6EwII=,tag:Jy8lcRvkJkGocZC8vO1tUQ==,type:str]
+    commonName: ENC[AES256_GCM,data:F17/Hbp4,iv:M/yiujqEpifompR5ftSFPxLqpof/6scR4gJoBV2V1ns=,tag:4kUoFCimX3rAVmseQeZ+JA==,type:str]
     dnsNames:
-        - ENC[AES256_GCM,data:DWNY/vyI,iv:UoQgnWraB4dz5qBbZ1d2GQFfi/se+7riPezNBYMzGno=,tag:XO0Bw+XLAWY6jjUXgZaT0w==,type:str]
-        - ENC[AES256_GCM,data:IM9kViiwpXI=,iv:U1eAVCTszFuYM7m2R+IvJTX7LgDOWsEpf3TeY0qVN1E=,tag:4zg/qukVFtU95UZW6nzpbw==,type:str]
+        - ENC[AES256_GCM,data:qtPipbCC,iv:yj+BGPaFo/MNiTlx66ycIn13bf9BcmqZNWrKCAFGczI=,tag:nVXDrE+So+vIokNKqe5HWA==,type:str]
+        - ENC[AES256_GCM,data:+8NX6rnVyrI=,iv:1NhwgteU4uofbT6MyiwitoSMK8vTchMssgoQicLC+4s=,tag:GrKDp46zBD+NqZLpLHInRg==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
-    age: []
-    lastmodified: "2023-01-29T07:50:30Z"
-    mac: ENC[AES256_GCM,data:bs73MMXTtVEV3dtesjw5tRlRC1eEWRGtwHgpViigifarKQ82MwftecDGf0vB9NJSPcUuDpiwD7X2Vkw/MQHKzMgDGBihHoNAMsWI5Jh/5ZxSX2+2OKmUEKLxTjDN6gPW9eEHsOIjRYlLr3f+B9BBNFATUuNvy82NmwsNw8H18kQ=,iv:AeQ6XStXZjj3Mpc+txyh6MBiiMk2dpWEAf6YNnYYXg4=,tag:Hbjg1k0KL0l/77k094HInA==,type:str]
+    age:
+        - recipient: age1xl3fcwdw56k73lraxsjhde4ygwn7jw0js5l5qw7vsp54vc5czuwstcejxu
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSaW51TS93b0JoaDhYSDJN
+            Ym9FL0lxZnZJNHJBcENDNDhwWlA3RGY5SzNVCmkyOXBFME9leEx2RVlaWTJDMXM3
+            TVJqb0F3QlpnZmVTMnV2R243LzBjbTQKLS0tIEgzY1F5TTQzSCtZUG1ralJRdXBF
+            RWlFUkJWQmJ4REQ0dEJ1encydFlGamsKSi0qRECk9btBSszv3fVW6/vXhbmq3sqR
+            chGfT4Ot5JnRWarC9EfeXWStc6zTfGd2hXksTltJS4IADLlUrkpmMA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-01-29T08:02:27Z"
+    mac: ENC[AES256_GCM,data:3OnyUrZ9FA/lPfyCMRsU+CvFAygNnDWN5FcZxaK28C2T69mMp6qklWVFisW61CW11O/gkq83mHkUmrJo/gaPg3M3Ro6ZQZOLZg7/4oxfdf4hjt73sRBpIz5Zh/ft7/hNKCDBOqclLJIkF0Y+Tw1K8I78xSa5EohfFhdIsg6cfEI=,iv:9r7tViEAJgmd/L9eNWNkXGuVOWn00CvyoZ5vr2x9Rzk=,tag:3l9tTaJeSkQQFJFaJfvfBQ==,type:str]
     pgp:
-        - created_at: "2023-01-29T07:50:29Z"
+        - created_at: "2023-01-29T08:02:26Z"
           enc: |
             -----BEGIN PGP MESSAGE-----
 
-            hF4DAAAAAAAAAAASAQdAv/DmuXRIGyPV4/lmECYaHQygexChFy/r54wBQWV8sRcw
-            D/gKQqJeORYTEK1SO2PbksOSZhCc85HHgghPodMkl/lO7MNKlTzQaAhmj7cnm6Te
-            0l4B/gxXQ1eMLokrCY1z1E7BSprTZH+zCA5XSIYLRngRCKs3l1uzBtwgf/6d0K46
-            DG0Bq0W05zO72G4ACpMIuI/cxeR14/7dOtZTua4hHbugmUvWVD5DI/0ASqqbICtJ
-            =utDz
+            hF4DAAAAAAAAAAASAQdA81QJphfeu8v+QdqR2+TGj/+lGg5zDEGyiBx79dHJQHkw
+            FxBYeRRjCyEFGAFtmhOw5ZEOWaDaS3TofQfBhXBevO8xouEQqW5F8YcKCBLrH6tl
+            0lwBIGHtZjpAklRejcj/QzuVt9clWIKcl1cy92P/AzsNNQ0mb4h6MoO+83lIEI57
+            /7vP0M3zPef7huZHV+Kfb7C4MMo+LNl59EwvhrTB+0BmHA9ZexffMuvE8VnfGA==
+            =m/wv
             -----END PGP MESSAGE-----
           fp: 31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
     encrypted_regex: ^(data|stringData|commonName|dnsNames|externalIPs)$
diff --git a/kube/4-core/1-ingress/3-nginx.yaml b/kube/4-core/1-ingress/3-nginx.yaml
index 2804c7fe..ae46a965 100644
--- a/kube/4-core/1-ingress/3-nginx.yaml
+++ b/kube/4-core/1-ingress/3-nginx.yaml
@@ -33,7 +33,7 @@ spec:
                   value: Asia/Singapore
             service:
                 externalIPs:
-                    - ENC[AES256_GCM,data:D0xMPtfAVkuv,iv:7cF1Lc24Wsdqhpxc+PoL22JdIA503VJK/+lseERwfTo=,tag:W13yClE6viOIfIgKy3CA4w==,type:str]
+                    - ENC[AES256_GCM,data:Jao/sge5tVBc,iv:t6rHoNakuJJp5RqKso52x6rGpCRSNWXC0HsXHt9mH0k=,tag:x8UROT/d2eWymq3I+ou1ug==,type:str]
                 externalTrafficPolicy: Local
             publishService:
                 enabled: true
@@ -75,19 +75,28 @@ sops:
     gcp_kms: []
     azure_kv: []
     hc_vault: []
-    age: []
-    lastmodified: "2023-01-29T07:49:35Z"
-    mac: ENC[AES256_GCM,data:9pYDjAI1EQO0UhOpV1qzv9AVa04ZyqdRn1Gb/dvfUXHm0uhOC+zDNiTnCySlcL/nhNS4jOwLhBUfK8yHRX8uBkWIFbOgoOWpJ05iPuCJM9XESivBy+CoYcAKmhy2u9CwvplDCvfP9zR6xjcZVIedX9guZjxOopYaS4l2GSTZRNc=,iv:7KkBLUQVrJthLQpFPzf5lPPiaLhKh4RI4wuxuh758/s=,tag:tiAAjsmnauR/i9sxi8Kxrg==,type:str]
+    age:
+        - recipient: age1xl3fcwdw56k73lraxsjhde4ygwn7jw0js5l5qw7vsp54vc5czuwstcejxu
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTQnhid1E1M0lCZkVvSTlE
+            RnVSZE5UZjFEQnFXb25xckptSU1lK2JRWm1jClZBOXVmZk8rOERUa2JuNGNMSGVm
+            aXhBSnpNRjMrL2tlZVNnZDdKT3ZWc2sKLS0tIDIvWTlTN2lCcCtxaDFtR2dzK2RX
+            aWxFR1pEdklwUTdJY1hmTGJmd2paMGsKjEMN6QYNQK3PoMF6VrlvYgtgDEv+63yy
+            bpaEiToGg3HTX6KV8UCxwl07QGzs2XgIKoilgmisL61hkVuVO+BFSA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-01-29T08:04:23Z"
+    mac: ENC[AES256_GCM,data:qCx2rOT2qMQoKf5Km1/jJCh6GjspmR9aBCzMPXqY6KVql+y18WKrRlGGSjMWxTizcAG+lk9HRhQowStY1a7/XKnkjkVm0FK570JxHIO/k5zKRJIwwP+ZmuTcYrVcRFKufn56BpWJPnKzjISZ+FRUB7YbM/BlTACYOMq+QETTs0M=,iv:mGqM17QNIp0QeM0I4AULqN3+Pavv3icMupTZvLeasAY=,tag:i0wOAZfcGfMIwNefKtRTgw==,type:str]
     pgp:
-        - created_at: "2023-01-29T07:49:34Z"
+        - created_at: "2023-01-29T08:04:23Z"
           enc: |
             -----BEGIN PGP MESSAGE-----
 
-            hF4DAAAAAAAAAAASAQdAk5nWX4DM6JoPx3FOn8S/PhI8mCHBuUl+0JBpnsE3Qisw
-            +RRLnQsBqyHXJuV51kQh2UDGqblHJt77fds8qWuZH1imG4seCz8K5XkqlcjWsFKr
-            0l4Bznc6Ihhm5BNh1RpWa2ztoWnZYeg7nkcvxsSJtkpwAOM5ebBEeQklkt+0Iwwb
-            2ME5XczvWCrDJ7G1mr3uYkud181k7Tv7/9RPy7Yl5x1DMGSl8HLEfZUnpjfa+1FY
-            =jkKQ
+            hF4DAAAAAAAAAAASAQdA7bzu+R0a8NlB469skw/+MaERvUmNqZnpDF0DAanuREQw
+            R+AjPtCDl83i58F8XX+IHNtd0dDnMtUBd66eZ/GWM9NReWuaKD66trhQh8lwxJM2
+            0l4BfKmF7Umg0USdQ3ZFG3u3oprzkuBCMhf6H6EUdPTnoRkGcveABFTkHU/gXwsH
+            eWajUqUwMNhFSFMg0eXS6YoEnV6AKh5kVLhmueMcaA7Nbyjejqs2XMm1bIhndOp9
+            =kigG
             -----END PGP MESSAGE-----
           fp: 31E70E5BC80C58AFF5DD649921AC5A1AC6E5B7F2
     encrypted_regex: ^(data|stringData|commonName|dnsNames|externalIPs)$