From 16de1a2f6aefbc5244c6a6a5c2e47c1c648c8a67 Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Thu, 9 Nov 2023 08:52:20 +0000 Subject: [PATCH] Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot --- enterprise/prometheus/13.0.18/CHANGELOG.md | 99 ++ enterprise/prometheus/13.0.18/Chart.yaml | 36 + enterprise/prometheus/13.0.18/LICENSE | 106 ++ enterprise/prometheus/13.0.18/README.md | 27 + .../prometheus/13.0.18/app-changelog.md | 9 + enterprise/prometheus/13.0.18/app-readme.md | 8 + .../13.0.18/charts/common-14.3.5.tgz | Bin 0 -> 73073 bytes .../charts/kube-state-metrics-3.0.36.tgz | Bin 0 -> 77835 bytes .../13.0.18/charts/node-exporter-3.0.38.tgz | Bin 0 -> 77638 bytes enterprise/prometheus/13.0.18/ix_values.yaml | 1367 ++++++++++++++++ enterprise/prometheus/13.0.18/questions.yaml | 1418 +++++++++++++++++ .../prometheus/13.0.18/templates/NOTES.txt | 1 + .../prometheus/13.0.18/templates/_helpers.tpl | 210 +++ .../templates/alertmanager/_alertmanager.tpl | 174 ++ .../templates/alertmanager/secrets.yaml | 13 + .../alertmanager/serviceaccount.yaml | 12 + .../alertmanager/servicemonitor.yaml | 26 + .../prometheus/13.0.18/templates/common.yaml | 13 + .../templates/exporters/core-dns/service.yaml | 22 + .../exporters/core-dns/servicemonitor.yaml | 29 + .../kube-apiserver/servicemonitor.yaml | 35 + .../kube-controller-manager/endpoints.yaml | 18 + .../kube-controller-manager/service.yaml | 25 + .../servicemonitor.yaml | 40 + .../exporters/kube-scheduler/endpoints.yaml | 18 + .../exporters/kube-scheduler/service.yaml | 25 + .../kube-scheduler/servicemonitor.yaml | 40 + .../exporters/kubelet/servicemonitor.yaml | 85 + .../prometheus/_additionalPrometheusRules.tpl | 15 + .../prometheus/_additionalScrapeJobs.tpl | 13 + .../templates/prometheus/_prometheus.tpl | 363 +++++ .../templates/prometheus/_servicemonitor.tpl | 29 + .../templates/prometheus/clusterrole.yaml | 41 + .../prometheus/clusterrolebinding.yaml | 15 + .../templates/prometheus/serviceaccount.yaml | 12 + enterprise/prometheus/13.0.18/values.yaml | 0 36 files changed, 4344 insertions(+) create mode 100644 enterprise/prometheus/13.0.18/CHANGELOG.md create mode 100644 enterprise/prometheus/13.0.18/Chart.yaml create mode 100644 enterprise/prometheus/13.0.18/LICENSE create mode 100644 enterprise/prometheus/13.0.18/README.md create mode 100644 enterprise/prometheus/13.0.18/app-changelog.md create mode 100644 enterprise/prometheus/13.0.18/app-readme.md create mode 100644 enterprise/prometheus/13.0.18/charts/common-14.3.5.tgz create mode 100644 enterprise/prometheus/13.0.18/charts/kube-state-metrics-3.0.36.tgz create mode 100644 enterprise/prometheus/13.0.18/charts/node-exporter-3.0.38.tgz create mode 100644 enterprise/prometheus/13.0.18/ix_values.yaml create mode 100644 enterprise/prometheus/13.0.18/questions.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/NOTES.txt create mode 100644 enterprise/prometheus/13.0.18/templates/_helpers.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/alertmanager/_alertmanager.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/alertmanager/secrets.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/alertmanager/serviceaccount.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/alertmanager/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/common.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/core-dns/service.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/core-dns/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-apiserver/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/endpoints.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/service.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/endpoints.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/service.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/exporters/kubelet/servicemonitor.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/_additionalPrometheusRules.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/_additionalScrapeJobs.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/_prometheus.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/_servicemonitor.tpl create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/clusterrole.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/clusterrolebinding.yaml create mode 100644 enterprise/prometheus/13.0.18/templates/prometheus/serviceaccount.yaml create mode 100644 enterprise/prometheus/13.0.18/values.yaml diff --git a/enterprise/prometheus/13.0.18/CHANGELOG.md b/enterprise/prometheus/13.0.18/CHANGELOG.md new file mode 100644 index 0000000000..2603b02b74 --- /dev/null +++ b/enterprise/prometheus/13.0.18/CHANGELOG.md @@ -0,0 +1,99 @@ +**Important:** +*for the complete changelog, please refer to the website* + + + + +## [prometheus-13.0.18](https://github.com/truecharts/charts/compare/prometheus-13.0.17...prometheus-13.0.18) (2023-11-09) + +### Chore + +- update container image tccr.io/truecharts/prometheus to v2.47.2 ([#14480](https://github.com/truecharts/charts/issues/14480)) + + + + +## [prometheus-13.0.17](https://github.com/truecharts/charts/compare/prometheus-13.0.16...prometheus-13.0.17) (2023-11-08) + +### Chore + +- update helm general non-major ([#14465](https://github.com/truecharts/charts/issues/14465)) + + + + +## [prometheus-13.0.16](https://github.com/truecharts/charts/compare/prometheus-13.0.15...prometheus-13.0.16) (2023-11-08) + + + + +## [prometheus-13.0.15](https://github.com/truecharts/charts/compare/prometheus-13.0.14...prometheus-13.0.15) (2023-11-08) + + + + +## [prometheus-13.0.14](https://github.com/truecharts/charts/compare/prometheus-13.0.13...prometheus-13.0.14) (2023-11-08) + +### Chore + +- update container image tccr.io/truecharts/alertmanager to v0.26.0 ([#14452](https://github.com/truecharts/charts/issues/14452)) + + + + +## [prometheus-13.0.13](https://github.com/truecharts/charts/compare/prometheus-13.0.12...prometheus-13.0.13) (2023-11-08) + +### Chore + +- update helm general non-major ([#14454](https://github.com/truecharts/charts/issues/14454)) + + + + +## [prometheus-13.0.12](https://github.com/truecharts/charts/compare/prometheus-13.0.11...prometheus-13.0.12) (2023-11-05) + +### Chore + +- update helm general non-major ([#14365](https://github.com/truecharts/charts/issues/14365)) + + + + +## [prometheus-13.0.11](https://github.com/truecharts/charts/compare/prometheus-13.0.10...prometheus-13.0.11) (2023-11-03) + +### Chore + +- update helm general non-major ([#14287](https://github.com/truecharts/charts/issues/14287)) + + + + +## [prometheus-13.0.10](https://github.com/truecharts/charts/compare/prometheus-13.0.9...prometheus-13.0.10) (2023-10-29) + +### Chore + +- Fix typo in categories and make them singular ([#13693](https://github.com/truecharts/charts/issues/13693)) + - update helm general non-major ([#14094](https://github.com/truecharts/charts/issues/14094)) + + + + +## [prometheus-13.0.9](https://github.com/truecharts/charts/compare/prometheus-13.0.8...prometheus-13.0.9) (2023-10-24) + +### Chore + +- update container image tccr.io/truecharts/thanos to v0.32.5 ([#13785](https://github.com/truecharts/charts/issues/13785)) + + + + +## [prometheus-13.0.8](https://github.com/truecharts/charts/compare/prometheus-13.0.7...prometheus-13.0.8) (2023-10-15) + +### Chore + +- update container image tccr.io/truecharts/prometheus to v2.47.2 ([#13632](https://github.com/truecharts/charts/issues/13632)) + + + + +## [prometheus-13.0.7](https://github.com/truecharts/charts/compare/prometheus-13.0.6...prometheus-13.0.7) (2023-10-11) diff --git a/enterprise/prometheus/13.0.18/Chart.yaml b/enterprise/prometheus/13.0.18/Chart.yaml new file mode 100644 index 0000000000..83f3ace732 --- /dev/null +++ b/enterprise/prometheus/13.0.18/Chart.yaml @@ -0,0 +1,36 @@ +apiVersion: v2 +appVersion: "2.47.2" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 14.3.5 + - condition: exporters.enabled,exporters.node-exporter.enabled + name: node-exporter + repository: https://deps.truecharts.org + version: 3.0.38 + - condition: exporters.enabled,exporters.kube-state-metrics.enabled + name: kube-state-metrics + repository: https://deps.truecharts.org + version: 3.0.36 +deprecated: false +description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator. +icon: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus.png +home: https://truecharts.org/charts/enterprise/prometheus +keywords: + - metrics +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: prometheus +sources: + - https://github.com/truecharts/charts/tree/master/charts/enterprise/prometheus + - https://github.com/prometheus-community/helm-charts + - https://github.com/prometheus-operator/kube-prometheus +type: application +version: 13.0.18 +annotations: + truecharts.org/category: metrics + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/enterprise/prometheus/13.0.18/LICENSE b/enterprise/prometheus/13.0.18/LICENSE new file mode 100644 index 0000000000..c30fceb4a5 --- /dev/null +++ b/enterprise/prometheus/13.0.18/LICENSE @@ -0,0 +1,106 @@ +Business Source License 1.1 + +Parameters + +Licensor: The TrueCharts Project, it's owner and it's contributors +Licensed Work: The TrueCharts "Prometheus" Helm Chart +Additional Use Grant: You may use the licensed work in production, as long + as it is directly sourced from a TrueCharts provided + official repository, catalog or source. You may also make private + modification to the directly sourced licenced work, + when used in production. + + The following cases are, due to their nature, also + defined as 'production use' and explicitly prohibited: + - Bundling, including or displaying the licensed work + with(in) another work intended for production use, + with the apparent intend of facilitating and/or + promoting production use by third parties in + violation of this license. + +Change Date: 2050-01-01 + +Change License: 3-clause BSD license + +For information about alternative licensing arrangements for the Software, +please contact: legal@truecharts.org + +Notice + +The Business Source License (this document, or the “License”) is not an Open +Source license. However, the Licensed Work will eventually be made available +under an Open Source License, as stated in this License. + +License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. +“Business Source License” is a trademark of MariaDB Corporation Ab. + +----------------------------------------------------------------------------- + +Business Source License 1.1 + +Terms + +The Licensor hereby grants you the right to copy, modify, create derivative +works, redistribute, and make non-production use of the Licensed Work. The +Licensor may make an Additional Use Grant, above, permitting limited +production use. + +Effective on the Change Date, or the fourth anniversary of the first publicly +available distribution of a specific version of the Licensed Work under this +License, whichever comes first, the Licensor hereby grants you rights under +the terms of the Change License, and the rights granted in the paragraph +above terminate. + +If your use of the Licensed Work does not comply with the requirements +currently in effect as described in this License, you must purchase a +commercial license from the Licensor, its affiliated entities, or authorized +resellers, or you must refrain from using the Licensed Work. + +All copies of the original and modified Licensed Work, and derivative works +of the Licensed Work, are subject to this License. This License applies +separately for each version of the Licensed Work and the Change Date may vary +for each version of the Licensed Work released by Licensor. + +You must conspicuously display this License on each original or modified copy +of the Licensed Work. If you receive the Licensed Work in original or +modified form from a third party, the terms and conditions set forth in this +License apply to your use of that work. + +Any use of the Licensed Work in violation of this License will automatically +terminate your rights under this License for the current and all other +versions of the Licensed Work. + +This License does not grant you any right in any trademark or logo of +Licensor or its affiliates (provided that you may use a trademark or logo of +Licensor as expressly required by this License). + +TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON +AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, +EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND +TITLE. + +MariaDB hereby grants you permission to use this License’s text to license +your works, and to refer to it using the trademark “Business Source License”, +as long as you comply with the Covenants of Licensor below. + +Covenants of Licensor + +In consideration of the right to use this License’s text and the “Business +Source License” name and trademark, Licensor covenants to MariaDB, and to all +other recipients of the licensed work to be provided by Licensor: + +1. To specify as the Change License the GPL Version 2.0 or any later version, + or a license that is compatible with GPL Version 2.0 or a later version, + where “compatible” means that software provided under the Change License can + be included in a program with software provided under GPL Version 2.0 or a + later version. Licensor may specify additional Change Licenses without + limitation. + +2. To either: (a) specify an additional grant of rights to use that does not + impose any additional restriction on the right granted in this License, as + the Additional Use Grant; or (b) insert the text “None”. + +3. To specify a Change Date. + +4. Not to modify this License in any other way. diff --git a/enterprise/prometheus/13.0.18/README.md b/enterprise/prometheus/13.0.18/README.md new file mode 100644 index 0000000000..f8a41e479f --- /dev/null +++ b/enterprise/prometheus/13.0.18/README.md @@ -0,0 +1,27 @@ +# README + +## General Info + +TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +*All Rights Reserved - The TrueCharts Project* diff --git a/enterprise/prometheus/13.0.18/app-changelog.md b/enterprise/prometheus/13.0.18/app-changelog.md new file mode 100644 index 0000000000..851ca54259 --- /dev/null +++ b/enterprise/prometheus/13.0.18/app-changelog.md @@ -0,0 +1,9 @@ + + +## [prometheus-13.0.18](https://github.com/truecharts/charts/compare/prometheus-13.0.17...prometheus-13.0.18) (2023-11-09) + +### Chore + +- update container image tccr.io/truecharts/prometheus to v2.47.2 ([#14480](https://github.com/truecharts/charts/issues/14480)) + + \ No newline at end of file diff --git a/enterprise/prometheus/13.0.18/app-readme.md b/enterprise/prometheus/13.0.18/app-readme.md new file mode 100644 index 0000000000..93f59634ea --- /dev/null +++ b/enterprise/prometheus/13.0.18/app-readme.md @@ -0,0 +1,8 @@ +kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator. + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/prometheus](https://truecharts.org/charts/enterprise/prometheus) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/enterprise/prometheus/13.0.18/charts/common-14.3.5.tgz b/enterprise/prometheus/13.0.18/charts/common-14.3.5.tgz new file mode 100644 index 0000000000000000000000000000000000000000..58fbc6f4962aed33ebff0850b663611ec736857f GIT binary patch literal 73073 zcmV)eK&HPRiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ}ciT47FuFhMufSo_yYb#g*0*dwH~T)W?Y4fK#6Gr@K70G_ z^?^u8!kQvj0+ge+`QPusC&5oqwk#*9c(xmh1O|h_U@$Wn3|umwlVJa31|!y5!nyyq z%|GpSyFKjp#lP)#JNs{Y*z5eQ(;swu?RI;A3X>GlVMzk&7>;F5b{%3$=j_M_X% zcJ3>AV2D4Wh++~Pfkn3g!_fTnAw!fkJVf0HhfKWtAr4&r7x3{og3%I8NCa-87zqZV zjTxDvBQRquq(}SvQ_N=ZxaE@hK8s@HiZc5!4Cy|L5Za$Z%22eg-b+?&V3#+fLBIuM zFrqC9DyArMNx)FR1k`wcH0-zAqrsqYhnDvw^5{{c36jPdO^s<&yl6CmYUVB;Bh%Ht z|MN|!)fu+h&Gz3LbBF^5aeyKL49y|-j{puPQ{zm4YwXg0x* zJ{dzFNG51Z#jm3V0OI2{VgPy`=F=YfKz;>293!8zyZqw_{PDTE0t^DeAb-beS-)~s zbqzjQXb4>-zTRA%UL1jwIEqlf{3W1djsO||2f2&_kAQ$MK;tkZ5d&<7shXSuz!7j9 z-NdoyQ7}gg`ftCt(EyA9ilPN}kwDP%-pNA8HmZC+ry#Kiq6xmMhIAtfl|p)l13ZuC zARr#P;IiU=M#G?QP9^evE$}fNe*N;6M zOo1DOQ&HO^hze@SZwOEZ1Fs2v5+DJi0R+%v-#-Eq=u^~aOrYdFi`I& z5c_e2Ze|gpGva&67aEJsSYJBgON5|@zYK)B;tOAkSR6hGok0mU-BN6Z?F#xdq@4K_ z`q;%n;0oDnWU83XT+jlc-vAQ$%SKw_N)YFBI7NDG!Tg7r(DGA+LP9Yk(Xs)oAADZA zQ414Wcf6kwILGPw406H7;PePAI;~E-)%kBagWbXKs5kVwUDO{Rz|Nq5*f|^@bPmVf zsC&>G^g5%19&+Jfdo(;8bzZz-_XpPnhMbKz{yV+zr249uFq~hoS%w+f8_uEaPiCgv#ZzO^!ViV z;^W!X)%od}sb`}JF5bWW7r5t58|rf^QvfNry12N}h-1nZ{OjQf45>{b!3&ok&QFU+ zz1Fw`0U#Ms0rSJV3PLS2v{J6#M^bcVUkfQm;()0^KXzUI z>xSGROI9-!&2b>w{xO0sx=d>!!?xnSR~~WcK4%f1KyUx*?D+KES!?d?HS{}9?>X0W z1>GgTdDglSMtBZ|9-!Yy$)6Bcy!6JuK+NoV#JdiWtN9`kU5VsRnw3w!aiwDAP*92) zR|pK>$e*cdWQ?fYKwkG<)pXKd=Z`-?>!WngC_|*hJJ8~`E>(XjV+MTw>|}t1!g%CB zUao?|U^GQcSfGDu&RpFzFP?2Sr&)j7-OcFjYjl>m;j{HXPE>B9{myNFVWgu4ik9~? z6d?dZuKV*IG;aRiBkQ$~rG={Dy$N$KE zU5IX;_z=%;&^#0yaC_jDr9BEa%U+|XU>-Xc`Y1Q%63fC*IZBCQ)?g-et(V2^{&@Kz zDgEQ+2MzoE#m(7ui+y5^fH0{e%@FiZbOioXrsd5H26tddV!;bIpbYvx4yNE&t{KRk zYT;u3{Q2KpnND`!T0%p2W6H=}uAq$k3(kGBkgA1Smyj*~@kbNjiCH%B|M2w``n<5j z=mj_-L4aJwkwA)S$`SA{5(5_oeDRdtFo6k2i-aiP75LIhCVL4Jv>G z-pvS%BXUnsbks2TMBIigN2v*tzP0pAUJnHxXl8zY{@l?0D5BuCvTw6(%VO$ls^P*G z&5M`3Z{X;ShG6Y_v^amH@WT_a6(Q^B4>lYF<|i^oMP1`Rf4xQs%t<7jlD`VgDbq{H z*Z)GvXbr=1YT~|l@uDIAXLp~QSzHQ$D?%8!kehL`*ozmcS-C?* z1?3cQF-rF{?9PCcz92xz6Z>Xk1g0q9wk`4+vN-P|pG%oFKXHKxPX_jkf6!=w>NmIg z%{Q)FOO;co1dfwi`L!be031vsZo=qNW*^9Uqm=c;eJkd^!x45=e_totUt-fz>DAIX zg99y2S`Eul+?e_?VsUV;{pBnC;;OjugZEm!VXLkE;BD9I4aeQl#GSa^&iD|HN4*0$ zIPAj%)E|w|VITFo6K~{p;h;O{9S%E#@wn?AxX|r-qXDXPcL#{k86m7Ls=B@a{o!G| z+no%CXxN=}+pvcYq1WjRJEOkWM%~e*dLw~&h;tl@>Y~eQG-VZoaKF_#u*f?&JQ#M| z?r6~KAGQxWZMS_ec6;7VgHC(c?X(a2?x-_5a8ZBUu0$C6 zAr5NOR+hF{wsX+xYdkw6*Bgycms1rUbPv7G@W6%0?R(?Vcsv*nx-LTF!`{FXLS)(#WkifE=nUhnjCaH9F;?_-G^?sf8h2b2Z1Ft)V?J?~2C!NV)(CbtpdKZt8%lx{Cs^S)}b}cE;>-OMy z1Yr-2Ty)TP+ugo586A4K0A5z(*lD#B3_GJ?f7}_5M~CBq*Xtn4thgxG#>YR zL)h;gOa|UyFdmO#8;wW3vFnWw$8NXXZTC4>cYEXUc+flKG)Kcqyyq~&&>KGtZB@At z>;7RE9u5bGgHFfmbq@~4@NhgF^oEmhXXJIk z9v=)~CDsx0@B>LLsup6*=MZck488W@Xnfc|m<+q)cE8v2M(s(z+c|{YE^@nv2mK!6 zJTp4%9d-_ehrNDh?2U)LgK9dHU`ifLXIZ%r>p{Ca8MWbX(1VBV0ra}P!DxuO?E|lk z2Hk!K9lGuTM93TV#^b|o4-GwdFc|j6p4)RfXjF-{+UY^T$IJJCYJJSL?fS+G@ZZ`u zC{z>##>gl44X>!bHcA8jOIk6#AMf09-*6~_Y(NgGXI8y$29lYW0R8MuQ^n~MzhussAFz;1s$8H^6v?a_ELM#EkYwcDM8KI)?JWbD?#p)RQ#I@UoD z7718NEk{&^pdb~2GD8t+HC}+@B=#^V>dIYD=y}NF8anhuR2&2z76HvLT7o;Y1QgG) z4*GC+YOoRlzG^ zSKvVHH@ybJrScje=C)d`y_SM=E}Rb$0+>o8nayATIvUJtFz2mMNnR*jOvz_a3r2Uy z1CVMIS_OW5yUPj~rZyBPc6fDXTPk?uw-`r7UB6IPo#=VM&3GD5Cis)Y5!1w|vfGhR zdGQNl6(%r`V@8Anz#0HP(oh?AVzZW8ZLh(Yu$i>Ud11;C5Lm#}@X7XI%*b0D+~s?r zhMYHorvWEE49xbg^nTt$sa9w<_yK=H-aF$Lr8)A77?l|UCn#dgcQAlc6aiOmm19a{ z6y?YwV+&N=q9`J*Oat>RrVNmY<&PEKDc+2VaJ9eO9Z)L}j1$oF3W8)_fRhMuQ4U~W z1;{2;wPA9~!!SgFC*kwoI=I%fMfJQ)YRZqQy-UH7*k2~xaTCSp{qeQ(H)~uI5%G$m zQ1~16Qs{6TNz4HH#076K<*m+j>nQM=F;!tMlk9kzcm#I_anKw?id~xtleWJJs?Tj! zRdF;{G_=_wQ3Oy?8kEct|4Y3#fg1e1j(*l5LlIeUL0}D<9c?WgNpra5@?Fc5Ru&Bv zWiElHV?6X!c15r;2&OprR8o}rv+B$5JEL7#`$w4(mg_*=43#Fx|&*Dt`81Wv)vhTK3L$vJFTjyNk|1-t-` z7$_seR78BT%z~4Pt7`!nQD#`!7KkD+@q|P)Ew^7}^o<$e^|h{H0}x-5`7WvO6QSb# zgXkal3Hfut)E}o#6`NFdM9`C#8T#I@4a=D3jFg8H-7rfb`Fw^f4_{-1b<2gPb5(Txt8=Q zE*D+BN{fX!*(5Yv#hb}M5tFb!WDy%t53+P6C)}Tm&&}KGEW5P8_gtTl`-oywf=gP- zS$qUS872o{dUW*s_z^Lx6bMg6i`t7hpI;N~`#RXbr`qmo=GBjbM^-mwZ6S z2)JZE#sP1QFB@jhFDabYCThS*RZ1!t@M$>K^m?H=xoDC|BjNkAo8zO*ESW-v?%@(d zBxZH&1y$~G#)1IC0ju334oR$;LKI5zCl+S}BcIDw2IU4JA4LRN9HH0gO(u0qC`La4}m80?DxW>>_-YTaTI^EQl%6A*@7WHy}CS*n;K z5C=YI$|Z@xJq$!-G?NwyWFW%yuJHo=`fG$H|Ni$YbLLZ$ya_|xqIgPMcL!qWG?R+% zbAx&Rg(}zzWFRRHrmE<7-N~W@{cr}md!+`KAo3dKmMCAggOpmmL`iUm15bVX2z~77 zXj8xk^2e*olPg~AHTdb~=2HE6b7KB_d#(QZa4O#kP#oq_Qsb#KoQ zl!A;wcP5lXWfsB+1?&n<%)ucp!6FiedLLZz0yE(Bx-*p#-KDHy)Uuy(;H`uv>HVVw zW~vJ5TUND^Uo~V6sdU$=?Rt!f248f+Dz{%N`xg4(N=;zQ0L9^vVX>4RS&t5Ufnkn_Y+R86OF;F7uB zyH*maWM*>`axUtjj0Prjsf-38qt&=pR-hFbLt($s2#I%!X%q_)^nL725i5zY%*eD8 z5$FQ+#x{7XPwgggGV)cj%F4GtqvetM^P@3RGP~rWePsd$#|wykj)W%h9De!`K>Kau z9*t*&+#QLaL?3&Q^J8fTBz2O44LOVggl6}7%<2Hq#quB;bHpO-(v{@Q2b{hz2N3kk znUerB61@f?@zmcI5>C35)^j{-Hc~}eYnZ5^wi3!H@IoSv0yH#hi4X)c7{Xp+C|W@O z2n-BcQa6I3K96aC$Y}X95@-a{{U>w8W+K=@u9Yp(fouKYlnjY7SYT=spsncPgcLuEk`r%(neP z`fBp6%FcpV`-qZ;Rm}vZqD#_ZQ|FIx40W8Zj5-bbEFw*|LMUQZXKE7$*w=BtG$$ku>^5gG@|qKf zeJ!;3-xtAI6mdzAh5`+fpieA<78FKQCv@;Z_2- zHlfUz;Exl+b7O^LEn_a#XPwJo6*TQ)EP#;gidb{59QS3Atuj`G?ad6S^f8JZ)ikGoq6Lb$;ox~q63`YeN{xF*Z%rZ(#DS;h z${kvkZ)ri#Q>W`zv}~;7kC*RN^DS`BYBbG3XB)Rd68S6&ZR5_~QRI#Bg|$^+pDD}F zdks`v+-tqz`x=<7QZ9e&@Gjnl-bm-O`4>|VMoAbZ@_>iJ2)QCcF_M&eMlG7iK>V}Rsg$|w#17ID;( zPWr+h^E-9ahqrP|g6vz@MIpQO0-9Dxq*up6$wQRgV%y%J#JwBb%E&qEwUDT{Fq)=n z3-9}F;WrYqF`vY@d^~Q$hSGmmsTq+P z>XQh0C}0@+w0gAF-m`G(HQ}CtA?zZ#s)vx$dlGqEu%Up&)0s7-L2~RA2pv?G&Fo4Z z`#xB}2unAP>L>Dq=g#DokzP85;vx(*{W7P~YSLbzrJas$4(_}nl z4mq0Qwo0gRD61qO0Z6$Bq)nj!H)_N6$bFE9%->eSPJ7jqZH#|Mo*2T^)RUy}iHz}9 zVeMkRjLq8BvZ(X}_ECoO>o!DuzM^KDN--GclPqK1WJb*nzZd7_kO%a(xY<=s4GLc% zElO%3K9+kk-jONUqO(k4{w6|vNVwXhz$-$C?v#-tkOw8WY>^upg7Xui=%i7S^;J=Q z1}p_q8r3pk7RMR~lDI>%o4@fhHgyDOX!&Mfi zJxvcsGQ!H7qGc&@6-Kg=6!kSAxoxF3>!YdVk8U=(3TS=?BtTYwGYD8;9CiA0zqO#e zMO!M^)`i-300MnGlO5NZ%pR?%(iOr{e(>O%Y z2a2N0%!g)E$1g~?HWz3r1CtK*iUaF?9D0zMkkB(ZS%edv$aCbf0HBQPx6`F*Ck5t6 zhgKShT1M;rQWCgGq}u{XfQt1*NF4K|UMwFB@;zl#uhd!wwZ;#NEUJ|EsSj@`XIV=tx1sTdO~+((#*Odrc}9@&G@Tq4bT&= z9H|@1)mpe>t}b#+rgU^b@$bo+#O?_Q7w+Gw$VI04Nv>_Oyq0QI~ri$fuR=bFzq}tyzyOMe;UlQ+~ z{FI%*Msm28`-RW5IPxhVF$-gHs#u+jR?d80I1{U30O{HKn{RevRH+C}lI-MZ_cdRr zQu^n9r`0*!Phj10iMIcO%}_IW*;MjR5mCRkeAZXU!!!|j%bMq8#4)fW6P=gYxlwjU ztR#Ur!ysa+sAfblNC9C;g}i*YdV9@_ic}58lHvS!`aNIeZGz5WfG3DD6<%K=l2uv| zGaPE{N_IyjHPnf`_35E17E&Z|G&EbK?fYueYx#tXA;=IO>DLn3)jCO zV#WP0{cbmN|3kOa?G1PLKWyXq;o(kdMSoe zaTA7-R6ZGXkVUvcwAZikkNwY|8-M)K1fIM;z+rA{(P>FuY>DPtw%@g>ioZ--is0xC zU+Hj=l)#fDX`N1;95#Tp#La`GeWztFI>#M14n&1BiI2K2+avq43@vPla zK7k$uf`khBq}b6LGd$HaZJ9a_Xn{XPN;Z*ADxnD{WdhmGy!29|!P}c6mJrK)$PzSF z{g&6`y0ih*QaM{&*3}g$&wCD&OzJ5CcLu3E0Jzk{c)7!hH|t=(YGu zB?mitlg*u(%~h2Y&WvJl8Eq*hWlAx9BW!{Uw4!WYCEe#tBCA}Q={UfDPBbH1V)xG(#)A|V7(F29>}^Q zq+N-HBcwjo86n+n$q1z(IrfQaC*6B1`P=?Kz$uamqLCfmo;tVne@REN>aS)kIURZP zVT1!V0nT@errpe|V!{bGxpyfCyY&$NUDt(DMhy%+Q(dSJ$uD7_0#!Iu==0~J)Js|R zPw-nzn5okQh+7-hnmB>j2aY-ktmDu)KzZe+2|Q6VuV^!}&e|zFKb3?qMHK<>UW1nl zLB6EJcczyMyJtlWfBxK%5gGYx#rfuWNnS%`4=w;LK03{&P;~g8k79mDwNwfq38S#? zO>p*|Y;T`iIzRnWw*KqA??*5GtJnX|aFkvD+k?*T{^zYcPq_YT7OGzTRcskwHkx36 zjDvk~7@-N8uK0)g2!#L#6C7Z+T&*nF%Sq9?Zng;umtgrdyIQ7F96MWD@rv%VgPxbf zz`Z}axjjC8cm6*0=IZ#Ds>L$v*EEClm8_K}Cg)KrWfc{kexWRFz1BLp+4X6){5RM= zRQ#`$|DDbtEB|}L?oR%1B^zx%*Q-v7c+xrDz%aQny?ZqE~LX>^yhh%u^=+ z7hxb&e|1yRgJu8UR?GkPpxsT&|IVo2?d;_LHXft@t8-!#JQZ4>Ia3>59V^ogINcn?|H@5gOpYYtoYW+%@yrSfG{Ogw%Cok8v#2^c<}1DahZ;|6t#N{{8Of z_ZO$;*Y&@yZ{J; zQ#E+W;Z{8!FZJP7mHAJ^Fubxt0$zW&a1vPJIFzC#*Jn@8Pp?Y8(uFI&?q$vU0=x>( z*V@ryIV_8i%oS=`ja#<-dUy=0@K_8Vj0pfgoL`;&a{TtK8ASc!_Tt0M_ZJ`DpWa@7 z`2PLb&9!pwWT9r=6=rVPkTpx_iwR3zGJ*iXBJmdS39ROF(M+~i{?%?T1^rn(Ud=UK zUR*PKh_|bnw%XUE&(+o=@i(RW?4A|+pGpz))cW6Okcv5Z0e{<_-0Z7dhItf%|A(KK%K>m37{`UC8%}-*beU&IV|CQ1SAKTU* zC|p$QtFSm+^!+Neqfool>$TlZp?aHZ=8d|*#d=i>g0-BNHmbGehc}vmklaUYDTNpB zopf-%2$FpbUP>KE#MtUq#Nb?Ae7HHg{o@ajP(YRjon%X{ME5H0?@E2UQr$j!0~{xR zx?oMCqOLmsUxn)YVrUfl%+1)9BwddHg5<+T(7Zr<-0A91s;k#>R95PL@_h5-oc}fa z|Gjob|LY7#{oVfWRvx4O>1>iZmzvD5_E7h~tX}T>7nxnfCPCWip67jqPlYr7xk>m{ zKb7;}8hb~|fm+OKNwJ*d+PY4WWV2dN;e+T2J{ z{lWHdLvZ>vV&LZw-=E!HpPgKt-H2>H^N=k8Ws$h~KxEl=k(C)-XK@hO`80My*%MbX z0v176Tv62c1)D403cl;Kw0~#nCfvqdK<@cS>I8uz(O^u)ja8WHdFY9-s|LqGXM@#Q zn2%kT#DUDlDq^#I1Vx653H0L#sfnugYi_P@t)8o7w>Q_f*B2*0^WXam80|-KP?R^^ zYf<9fsq#0+H)pq}=U1wVkH=OO(PvqZ+v>L$?@!L8x?RbxCZTs)55Kv-{cwGDb$xkU z3rfQDSt!RRCuf&8x2Nx~>mXzDi07?>QXM_1UY-NopksDae!982yuG}-_@95>zCFLb zIeRY;-sF7{wOdzL*y)yp-FE$Gs48Q+0egCOeRF$$`DnOy-gN_gMksi3yI-E=QmOyT?6Xg8{||b@Q8xas-QJ!5-O6M1e>v9RmAh=xvav~gnOZb7q1lJ|J5vM}oPH{m`jywhf5C1;wSKg+{w-*bydeB?IJ z1)pW<3}WcF!p<*41RQe*o|E2yHVyLj5Oep_1&dlvuCB3~7gBiz4l3TL3In@HQQJSN zkR`k2l>MB5`?d~kZ1AbJ|M+M<()e3#|BXi7L3aPQI~wimzim8a=YQ2*p4&h7tHqqw zO?feWxu#PpPOLPb#rmvLK@wq;J^*arB4&2J)t&tjVliQs9$^i$RZE5h^tz-?xVZpG9pbLCYpQ6cE~Z>bI$3T#%4u`2 zl5h#&b?K(T7l2qnwf%p9vw+5t$$M*z4CO7L^7a56i0dK|UmEd5B}}z*OXL$>h}c&v z+eK*Rh`YXR0!*G|zR2ONM=M{cW{wV_AQd+LM^Vb~#1wNZqq-Ie_x}NYIRBq_XGe8!7sr&wi0&VB z4i1uep6i{Nc*MIiEkkxsHCz>S% zXL`O&GCq8kSU!&@A)$f)%@J{hKC!L{%C0HJp2gKVMiRw@*HJSpR4X-&6!^824O3GD zO*ti?Do9)AcwEE&uk`;IR(;a=-(Ej|{RdBXFbg@SHn^slM)*E|C%w|esV zJXQtCLf@C3V%J$d|RuQO`r&VP<}_djmsQTiXIW(QB))`cj56hJWcVpPH8MH_*VXHQ3bg(WA;vYMVfx~`E#S$Y&KwsKXSW| zYh!=>QFgPIrJo4|nsZ5H8=F=F$^kDq{5u?YNA@^0=7>Rk$TrZ?dM}maR`0|i8To67SMuW7)_YUp^XCSa^+)Eq?DqvYc>xtQ(!o1w*hC4D5}k!y zhnHhtmTN%VaKC^I{fyMj{?MP22(#Jz2%MdqULT8>^2Ye?U?_e?MBaF=FTXjK2ebeX z9?j?qO(ZBoPmW0e^Aw;4fEpq{rVK^0pm?w1xl&_|iJc0%l-C60G_xHgs*MlF$d{?} z<}qdOP&7s0RXMnps*nt(hh4T;7CPtSaZ58<3;ONwOB_DREceBGS;kJC$ru4AtWR>c_}qbLyXg*$^xCYcR=5*Zk}FshRFF~fd~G7=v9 zz5`xnuD`Y0dm|FN=3N&LR8cL?C{;`4=Mt4PJ3K|&X{BabM=LGXNLMIIIc9jQW|Usc zrL);mQv@wB*^iJoG!9X;z!Z6oq6cLpf>UJ{g$p-rC)FE$1w;RP!k5JN;%e?!AkPQV0dfi%bPVdM zCfL)wU=b?=)IPCqFK^}rbX`R0JK`alkhlr15cGbDFhduCi`4rFQ4&Y4T`)qw#fUQN zO+q7W(Z0%{-MWW9H?m3z#4ylQUzpT0nDwMJVGP`OQx%i2+LlmMM{JGRUDw z0sayU;wt;^k`R9b=HJTu-#f#8*8e~3?)?8-dFt4Iq2PmW-TcdzG4C?vH5E!s~^R)YW*K|bNm1O!Os7? zl}7|wpP1v0!T1B!|!I)eXg=?V$)L<#F>!Q#B=XjiUi>m3YBoVf{@ zR#~V)4KJIiP_k*syHdtNz;U53^i;?2v$MC_+iPLI!F_O!X~7Qe=Jsy|DXKlYwu^a% zW!tRh))oFC*+;g-&FLWI`<+%vUvCS2TZ{X zMIt=|^gIATfbN0M#exZ-dZ=zyy8cHb_zxLxBK^ne{oi43{qGER_WxEMxynZ*_}^r_ zk=0-F%~sZaQB?kx>#sbi5>w<^nM`>|$b#tqR_+}X*2RI?|9Q{geP1++uXCxA@ z_ljdX?E&7JtkF+8YBoW{o;IB>C_vQ?qP5@G6-b&!LSb!c1eX^XRfPG;` zpy_2zGtf+d=P(3K?9Lk8S%Y7)HE8DQ#_U0AB{K(L4w*Z9 zn>*I_Mc6SJg+(0$OWU$}J9b+(>~`$e?bxngwB5ROn>A~%W+(Ll$Y7T>Q=iL3-MV@D zHJPSQW0pRnNm^)**5Xz5%C};uzQ~BDYO4k;DrQl!uqdq{;S{1+W)=&&i>!Zqi(H|gS`psUo+13 zY=0`R3=+owYngslTv%D`1W*?YDUU%-M?lgk%eZ=yb5?pN=+|JJYh-t(`OY-ou4x{R zDU#`PngDuUgeXNdtzxsXnR**klYlr$AF*|D5p|wJU0b#OU;Eg7YzFuh>wmA`?Pl|T z_B#FD`oE1Qwf>92-lP&B0DhC2fa=-Cb_L9`AcfM+GL-3M?4`i^WF@~lzg+aQmx7km zO6R(^KD?0$&Fxn&^Igy>u(HaFhp9^zC|b7e4rmLL{hT%qVKFR%${eC-t|Kq5))Bm>dtablS!W7~H zb7XAQbzqc zlf_<<_)RX4pZ-z-3sUud#id!Rf3<2D<$u(Nkhg-RoKRDbxRPAab>DA^%sW-)rade+_r~|5l#0 z@BciPjPYdGeJaLto^87R>g@_t9o=0OT~B{ck*gqiy3SSjBVuB> z?ewea&KB*Ge=UuHrQB9f;8hvrhu4F$GVi!7u5X1gDv^3m9W!ovJ3wel4rp1Lm%>_? zP}F}g?i_EfgJfGS>Y_C&N_of-AkCE}wp6D5oK2PfUSV4m;E*@73JTR|p@3!6fG$bI zH0iSNgtxIiGw{-RmRPuYR^|vs7p{tNEf^!kDH`j!=iNt%U3K(^qtm2I%FsN!^`cpT zgeZcHL@gFUG{JW{RjRC@W!`0ELy~Cd8qk9<1rNGG!vuZ|Oi}ORa zhDERae}MA|a7jb~rs}#K?=^@}=yQy@ywNs9reV2y@B$=6fq>x7AP%$~${_=NpWL7D zav3V|x|t67m@>h|8g^5_cG6cKS$j>|d6T7%lLuc!YV$%}?aWQiPp@;twpXRxIAnu) zdDjJ;OcJW%QG5elS#s?)5VGyRg?P)A&GJ4`|jXVeBBaJiMS{E;a(*`ie*l*Qb zKd)f;%$Us!hihIqQsv{6Yqes4=2c@euSb-^L0N%B>1eFerbTw^7AbpCFW`zj{&t>v zky^H^30KV11<(vp_!yN=xat;ZQEPjf^1fyDt>C;YE!eM zU0KvfUk)it%PU+>?=p*_v<7Xd>M$W7^@E{GTLkF)78CYzSY-!RlODxzFo=}HDX0a_|oa-`4N;5OAwpYz%co&c#-SdEI^n-dgq z`B`nc<+aF{9Ai#fF%h#L6Z=3EbFk-tqJ~#iO!+Sg`d3CA+GIWz1gg3(w9qs7a!)fx zAr{HU2U}6a2}Mm2b>N zfXOq4?i~ueqfAE>w%OOVqOEC?BZ52*k*^9s5YNZ@c5y+6oUL49u2np;GA#MCAv;XEXAEsdX3mVS|xsx|4$B`Jibq&K+ z=l^@XO#ElJ+wbi1|7_(Ew%)sn!QO;nSj9}wdrN#(&#NzvUsbctUGl476kjjDs@AF- z=PT>4eF=T_*lxt4E=pNsISSY*Ujpz$ z)W4PaABUst`TuUWx4Zv;E00j=-pj!T$!LRQxHq8yR&dkv>VK6zuT}t8R;{A}t_0!= zokiA{f9tAP`zGq?X_Z6pRB9Sm$lL(8+`yfrG_&{R*nAC&S>>>mscVndzcMPy*QQC6;{5OT zsZ+kzx+I5R?X}lBzN`2~#xOt4A>I^gu6dLp?x6Pm0V8+*k#|Wv4o8nuY1$z^ zE;HnZD55O`Q&iW>z#3-iUKuK8wX)tN@dUco6JGSSI?y45trg31kQvXdW1B(MaY~TO zp0P|gm5YHS@L7FEzZI2mOd=9dHu*x2z^{%vcIf;&!{8;bPz9(n4XGX|g;ui)q{i+w zNT64SROd(~p-bTM@8UxOcDW{CBzu&n#Yjd^ph8MdpnVcoe8J&3|0Rjj$Km%raqr5% zv|Q{(S^bLxeFIn&TN$ZT`6T{;R}_nQ8dPaR=#z`WRJ^);Q*@rFqLMgH)LMOjXq`7{ zjOF3tMBOlwau2)$0b!Cp*#paX0!UO?uVu}30i&$Q*{6{6g;;8{-~|h0$0P^mD0|X> z1vd8KfdYwSR>o>5f9g}4$tu?A)`^^|K+vW|4omA}T~uv&55V^U{9~&E^*G0>k>{D* z$0}~&GAW=IlbITcjxm(b73)*f$+bw8c$bz<8&%WXHY~%Yq z*{5v(CnVk}rco?{0l$yEDSG%-psVhG7>=^>zwJSHcm8uLkBI09iRYQY9*e==0I5J$ zzeLnW0S`TIv_}zBSH^ghRHzf#QBt)yq_?E-sz~0VYHJ7Z7LL+W1%yaPRT2ksnQ#1S zi2t}G9!T&8ifX$s-CdaOHp55sB%vwIFsIo4k-rqsjVUAZxAsmlc*0YQB`p`656gFZ zxFWAjK~mU)y`TS0Nl?|RHMf2qFDmvj*7!EhvKDSW?G@2HKVy?PiBxyzI5=KF?8C9I zGsxMmlC*e?T(bxV(-c$KMfZ}9ln9M76yT>10n8$idbtXXRN>W#$b^9wfH;^T=(E}K zl6Yqe?23CRWL$`-RQ~Qfj475e`>5@3;2`mt$XR_Xtpc0YUn124YQ|F`h0 zRu1Qq4W1^JD}ldeAXidxGf`aX;+{>!ZzZVJ3EoOdKU3sZW(e|OTbTk+dDU9dR9U{? zOCy&`?1T)q1!ltYglgru;x7@WRZr6|o&&oWEdc&Q#$v$54QrVUyqq<2+J9#Eix$L2 z6$Nq8stB&UL%P85-$iO|R-1oJq*hLU7eBd5Cs(<%Xl8TZ+%2|hQ~&qQvHA7 zZY%$LzuU?B{|CMH&i}uaN5uAAemvPoyw9R2Tk;m;doDkoRLAqE0(IhdMA3QyG`!mz z37D~ggbViyF^B`9_bV`3>6}2{A4B)Q5{XI@^yBC2`~;b#LJRaU9^>Arv~L zUWub;b5wyhxzrKLd1AADz@}?(|tGHw>;g6 zkFL-}n8_jjF(PqTG4C1xJbJZWF};jNQ%?k`YlDwnm&8HQ;n0W5qI#_>WH;FES7*+a z+J7Wwj|}@V&kFl*)akUd_TO-@v;Vg8i2T1dwv{KY`$iN%3LqG#G6Qpq@QO2r$_PvW zn?VL(gn%0%$dK3IauWyAY!j>nd_0a|v~1N%A1v6;F`l7;F6btAbp6kE5MaIiEo`4BMksT4+*h>{pTg?1w zm?nl2^urnKrba11_AGLKyt+J*b7e30EtyC8Z#O69pWa@Vefn@}Y9%8*f!GJH^vJ#^ z3_#BB*aK3|is}98JG$psu=Y|zX#zNA$4wqECM|e6*SM7k7d|MHEj3?j~`mJcjygrP(r6E%Lwe-;2}xCEr(N^iw6*PU5HOzOgW5b0VI@6*o^Dy#dZe z2!D%_lR0z9S0`&PKv2eUQN-{ByO5#uflC|a8{njK8ZbZQxwG%W$hCmyaEdNt-@mpx zU#k_5xOXU$*X#X<>I*Q_P3GDwhh9>&PE4{yy&>6(o30k%^|m#iE9OBFe;13q+xgtu z&S(0J1E2 z(6YF87~utE=ngH5D?da+ii)kQ_$zF`veERBca<21ii~=vDN3f&iey^Yvsp2-d&_I@ z{{x7PDb9QR6Q*E>A_N!#(DMKU0lEi1UlGL;xr-})$WyNWOAq)a41j9=ztbIdhFSf; zGwkg2|7|=<|ChTL8!-TspJoddfQ*_|xO0i}TJA^RW8Vj31Y(LjE-mCjC4lIjN+>m> zYfYave#nn5T&-K@q_?#lvFb#fLhwfGo(&~F&jZZB0!A2)eMD_B`Emy7Pd7K0*Ltta zzNN+#Ae5DVCzR=H(2Kr@IvIt=%_+>RuMtUuGysA&RLux~Rr2B;IQVL{#DVpEe;v*ZHDkXJ?}n8{CI8fc|G*^jMgvM`ptMiy+j-=7-k43E3@4XE zWcz9wbKpAYpV!_@XnakV{$sdWAnvCCY!&zS#1nh}55hYzmA8s>+7NgE-Y5m&S#WPobnUC)@RX}SK`T%GWNK!N1M~h(b@2kb zMUH+6;3|)y&N43QZDuaEb1bqxI!}Sg^IY*+`K<8&tCM+8n*X~y>SXhOjQXSA&i}uS zC*}WFqrJg>fbx@_TMY0dqlPYd1oZo$;b3 zeaJdn6Nb!Bl>#K|yipB)MLrzO++U0@XXhLF3q-1X{@mb_Kur1c)KPLFGhM0*TQrrs zZJSUYR;>RUxdU)z{@->tcmGFsxBtJDr{4PVq;~+O+gS7dk96fsVCwVV|B*(o&SCL% zjc2<5qhLt#CwB`9J>~r$>E_Dr|F}-ctrGpD0P_MB<#~>g7IMsA;yh_ReWQGS?C$^g zOWhY}Wkz`Doq-C(#_kQwW?IO+f6n^@OLlMzFkg9(Alls?`0YHU`agpVO=6#J;1J*n z{eRdS<@|r`;b^D-Z{v~vKQ-9bn>hsNq0lGGIogunPZX8E<*7SH%A$Xhe%AG`CDUNz zhwI9v{5^^8d;&eY`H#@Yo=^%5QL6}<)v;k1(j@PuMToD$g_oeabKmXUch47Wv(}8g z4pC7y^g6qU>BCTIjr|FA#@ajIWr2U0-A|=ICJTqa-;y_$cV+cl4vBXyVtfkcbY*B{ z{Q$|w1Yp*0B_!S!T6y~M&duv&K({6n`QxXiLw;Hp-YuAm-mWPpH6K>U%Nhf?7E7*_ zs~c_5ghmAnMHA?vOX58)Sak2na1Ar4RV_NnP(Q=c!=K#p1M2dsdZia5uu|xo1xd{2 zO@y)xLH&p}b<5Bqxo7Q08<>v|a4UjZcQxNR9x_jv{l8G=Mlk&ajc0`1o!DoN)^iE0 zu>X6#L1zE2+a0xc_WxEMVdHUH+uzAjz!T!t!cx@LYG`1#(J-^%&r#8!U|Pfq_++ob!qC|I1vAv&2M_wGsK zzdD0nF8-_E+2w!S$|DszKE~iISctUBr*Y_uq*V{r`6LguxJm|bfTEVoOY10mz>zoX zI^d=J12}hR>42AaXeor*lWrF!_^-ITWJQ0iMQAfwVu>N*TiZ1V88B%qIWvd%v7|6eEKGU6HO4%f{ttKeKW*ia_x~amM*#(I$vvV>#E|}kr!)Sy%)0_9 z#nV8}PLXgYSSHdDV3XeEp$mo`pGA=yN0=>7q#$qEe7Lrw;7QkqOX96s8R~azql<*h zGbJDkxh{z|!_%1q+Q9M2y#w0PlakWs1DTAACZToN+++Gvvnc*8n+Oc3G-MN#r43V{ zQg^jlt$f}ZeH7YG?`0<#Iv0Z$2{t&WFTb%2`zvM10^qj$0!MT0Xho1Fw9hx~y9fu=mtU zQ&PRo_BE#`C4xqZm5N@kjW8Ejd*Icy2FAST15lPCab2AAJIE_Izev?gu=o=&BC^sw zgUg~)|FiPnJw^jux&JfD>3^fa?)>*wp49p8rpPv^M_r^H+<-#2p+t&uT30D*>BHEy zb-xuG8>_prDb-CClFoinK>e8(8%23lEnjjffkM(@+{ z1fZ2qUa6#ZQ3A`XN8mdOnhAq(MMb&*WG+#q#5jfqt-Y1HM7r^k#IWlip&-;nLgZ`2 zJ_7d$+y&%bvY^odClQ&0^f0^zK4O2DnK3Z~=u_xp7c+k;AYPkvn81Yrh|mN@BDtxU zdLE9D%lzeQkw^eCcP82!qZwRa5=Wf1p_u_39_I-XvkVSKUwj2Ajpv90C#L3FQYV{3 z)m}UGFgvD`>GPaMV@(+V0m))u=e4{?K;mIfU|u4oIGCnxOf^=ffqv{$!r=!}a2E**ZK~RApvh8dCp=79G9C(@To?y{>q}x1 zgb@-KR*MUHth~cEjz+=SZ3$(cTKeDh<1PbOrT+~&+4!IKu-o0~f7^Jf^gsQ2vpV3a zLziEf9+>IQR&_yYxBXasFb%AZPN>(AGLwj~2ht30b5xplQeAEW;s`#I7?*6CIV6=<>*~+sjrX|G%DfLE7A)%Sr6HLv_ zCO8k6m|s63e=dZ?7y*Pu4n!QV*Zlv6eLx~G@d;$Ze#_KU^Gw8e@WEkHkNF)%go~iq z_rxMR76Cd76fxu(8NrCyD1lRm0|2R%O5#2!$|4*BA3={V6&x5%ntUJ6$0(u+Kn~~( z=rBnzUdn!ONTx05-@_%<``|)CI>-^)By<^yT703t=j(-9xA~)50BlAm;s~TK%7KCI zi^;_-ZYR0WDO&dQ9X=vOts|)D07ntg+0&=1#8%3y8KjpHn&3~sX*=MR8Z$1zuEi$R zUQ%9lgNi=nOM*XvPwr79Dx~yAT{79A%I#ZPrN_sfXP5u2fyUd29Ii{_?g z6#M8oa6b>G5lRk?)j=A|D%IEq@(M1FtvTHDI84>0UYEqj?s5%u6(*smw{4_)pzYwqaPB=`1JVAmzBP#9)yJW8|uJwFNc4*r%?YB z4)Oh4nYH)vH$bn_|2pm5{m;E!{P%VqxvisZzeyap^5`R%5K|PONF0}y=Usu`A+bWn zS>`bH31^)Z5+s`!Ixx3SDVfm{P(;>TZFh>}esSP}VNad>yN)Nqux&c|vln?Bb?)iM z;F;vFwl`sdwQ^wF`L7eR-x%K#S}JdF+KLWjF6N>V#b$SqN#0DG-%%%1Ulz)n=BX}j zY9M~|f=3O)Z(jNwdD62M?^(rB+JbS|0|hyn{{#^Veg2p8e>=drbso}Zb=DkFd+yZk z<-*GLSHx_s%!s}8Q7~mQ@k#yJwEaqAD=hUPUGEL=S}6nQ>%l~F@p(+y6`Gc4hyQ-{s`}i$N;SmW-FlX0$xwz9!Fzze}cu zob;AhRex)R@R2P4+^g8`dFWHA{}Hwg{jbyRce46lzrDNvV=GS`=|Y%}Y+0EHQ`VRv zC{k6l)~V#il#%(Gl_rERtEHSEUePs;Xd=eN860!*gO~uaP%4ReJG=Q?r!n2Z%En}& z$2X=4Q`wj-RNdHfGwAMl(x+Jd2jO)8R=RcG$;)t_@cd7^*KX&||8#fff41^ei;^Im z>f4Z%mrqI*6^V2tPK7quGDJrrZ>+v2s$r)r&Lu3?4nPU;hPh^iJJ43vg~o{Piy>^JD@V zX7Z}O3<#yZ^iGJs^m{&eXWW?PpUe;a)qF|4{f{?x#ar=5PUPq`eUy3XN-w68$;Oakw+Ul5GqanwnIz&=_e$}XYEnZ=?@6R2 zKpKs2aH>AZQ#}7gTGTlVlRVJt=6trFRsNrDKX?ACJJ{|2ZROGXe{#IR$IM}dhn@N| z{FBvvxxqIY#eb z2%6yRQz#E71te&qdB~RF|KZjC>8#$v(OGKdFm!V5R&B!+A|RVpDYBqAe}+i_qvdOn ziD*g~`1QNRznvtCIosmOJ(TC3A>Z~>CjVt>xBXifO&`4luuA^-+PV1O_GoASZRJVr z&-1|s;&{R1gulvy%E5hE8T)EybS>)0rjGWeQ|_s>tm;&UY{@~NSOkyx-)V^~lZ9up zv|8C&Q)dFR`N&!#aX#0TS?Gh7otgZ%m@ov==jwclQc!$xeQYatBv17NMpJnh$ZkZu zEpKPtGkv>*BO8BK$$$PG29HYrwOapgXZL?cgZ}RP$5x({{8xj$!6iUJ{3ccb)0Yh| z1VyPMEiG9ON=mL4d@mNW6{5TdNHc$ceFZAz>&Q-We+ADf`HzCd6W{;cX}5d1`0r77 zC;zwdq~!luu-J^)N5SHo5c#4XPo($11}_)ci*r!sI)%+#ud(`mDSexPBRZ__*pL^A zTUTM-6^Zy_$I>EekRKMM>>k)c_|Z@+rE0Dpozw4{4`ptGm)4Vat-<}3IU zOmIZmoG;BFA137_0ExIjRp`~9ck(pFKb@Q-qJ)e^_~bEu1Uh$UxdI#W z@(wM{HGcvLYuaUrtd7!X1zgfFB^R-=Jz>c3{&6xRZ&@f7n9Xt_8QVin|5 zpjPo;ZYi*+Q3O9tEx`%an=)R|*~cb~t0SQgFz<^?=15#)A=-W|dI-Uo5I>tcOSY|V zp|BcsI7>OTMz(5Pakq*qDBAXpq!$^eS`8tL6d72`tr1;Z)#56tA0UADuY6FV;;xr48`C%m*8ZtVg7#w}!*{CqMyaFWUU|%J(j#!p`(b8Tahp4 zL9P=)Ma!F0*l6KpXo~-gqa*Y|m3O3$ZzSUxY1MFxR60d!I7IS>?J8GDsUu|LZV)v# zMXr$CFcn)!rGvMY8|2|mkjJ?|)^mW=a(_I)`BBgHu`cyjP+P5Q>FXU*C6Wuloh;6l z<;_J-W`QZ}pK7nzL6XEh+mpUzE-Ad;Si!?Z_}POXkW7}nhhQjcuZ5mG=2VE=Du05) z<-raG?JTgaFi(~uMgaPRDNF9ZU)if-k6X#6W3j*HId&e?w{Lt$OM0AaP1g1*+H2Eh zy(MKsVYvxJn2ca*y=jwpPb|EOBQUoS1zE%XdyDDgP5`co{~Psk=l=%7UHtb}o}B&n zc4M)Bigmsf`%m`eX@WseP!tLxhN77dwcy3GO8;7(PBEjEmR}%Yq^fq7gjfJfWzx0G zjqT46ogzm;Ed!bkX_G67G!X^tdj~2M-dssg5C)Qz%7ufZgnlCA%}}L8{N@5f9=jB* zlK&I@33+Fa3j$mr|3}08`JYjDcm8uLPfGs(zz2JCQGl9vzKIne>C8r#0B#d62=+jL zeIWAPponHJh0#~J=m-%b7!6Jt0hnB~RaiQEO<*qF>jHZip1_b6-BV^rauJFXwypOc z&ri>fZ%>XduWc|mec00ol5BBXC%*97wr3eSFvp`U^*LexG4_&57)W%|)# zZ($Km|4cg#;{g8_BNe1r6`odrNYSvkYC!Z+G2eH%JwFd)#uvw!VIQ-l1Dt6D!x?s| z1O9*Z{=B(uTv-^0@89_pD3<3QD~~P7`#HXooY!M}GJYnp{o0tD zN{&yG@BS;S#KuJut;89zY9EJ4)ac~;appTZP7|f#( zb`wkLS#KK~@-YO+KW;6nn{XHg$9(@dd_mJK()?{zqMuy$7zUFJ;y8gWs5c^sV%j&nJ z2&<_ybos~GNohOu<2=pKiks>-C~q*_7H`g`I~}kNKa!!&D++!!StSkn~Rf+LvS$|zzhu23BZuX4*)0z8Dwlf3q>FM zIhsN+g3*}H13&!V3C zjP6BArfe?7A=Aw!@e%$5!;Ee$Mz51{? zl!YOX9Z`UIH6MsqR~LU=epnog6GF)(OOpK8Yci!W=!bM6U0i`Mfh=x4pL;a9Gr;?W zB!USS#4|(tIT&C8g7T62%u6zTBJqZc*fq#s3jWV<-gw`IzjlGC9?TSJvaop#kVtv_}8 zA2jxdP$c7?Qwda~|Jgp+-ZkTYt^7Zi^jP^>=zuGMoZ3+ZY18P3&<7bkYTGW1g1=y1 zT~b|B2(&!M`r!-U(UK|x)P6`6B{Wp^6F@?GVLJ0y=~vwRp8`#5Lw1Gxr`6Q5Y-*Zn z83Y^3tz_iIIR{^HT8VoVfoV5`X@XInD2eoEx2P)cQQ*Ct6QkT8wu4IU59h@pokS7K zlUb&2ltb+mWj)}X4bGGNGJ_b#c}0l2HJVHlK~>A8SM`o)&TS$ez$wf$4#ZMfx$u@v z%&zfMXjlMzS+Bn;=C`WJD)4aOS)~S)H2wnegetNYVJ7O%{|F6W@DN0BfeWCT^M9v* zaA2PQTm4o1-=#d-`7Z~%okL%O`ymc|r8jLK_M;@ZQ#ZXdgV#BcA!ypv>)g+BZL3?$ zA5v|Xgr8vG0dJJ&DgOs+6)cvZ7-@AIy zOu#hQTh$$vw@m+S;Kwgcx1yI_LRB~BwFj(@91< zPSfzFNyu*Ic$cgYU!1q71g$c>gg&DrD|6z~=vU&6=3wD0-!DO#I4LNCuypPq3>WWO znxU~&uNplw5WnO_+e5oN5qB__R$qIXBp!%7oQNh3zUPT5ED~x#z7#(wfPu zqb|_VX0J-SMiaOMX4MSVX0hyI`CK;Ub9pQ3oWLbBxq`M;0f5|oGbMhFwewr+v~!l1 z&2;B9Z?{j)yz=DaC>cS1o{+(EPe2=2$J&*JE(sj6ZmiL#Uli*pr2uW*hU&6y*Bf$? z%P8^!tW$G${cYj-WH(#pdzA<2WtQYgkVLA!A`j9sb%jzY~V-H ztsmT-uu5 zGV>mi2{R@3!Oig{Mg5PHOSa|EVI;c~Ci5kpjBjDqL2v#X+iKD}4$o1<$rc4zg;8^T%G;Ljv4=ZduxAp<^QvkN92DK zhG@U|7zOR6ffM4hIg948o~K8^OhUWeYGVn#M#`5)e=*9DAEAFkBN#Qi*YUBC-3*yr zd_Lvki7EO};I9&pOf|g)jCJQAE{VlV3M-gZ!k=c?Yo5{w)&f@)Mca*_RD`bv>gp0V1L;Q&eb_G99 z5Mfnv5J4a36l04Z8*C^Z%vqrfk~-`xmQ;bN!_q<{)sfn`Xrdq+VZrO@R?0Ab>)rMH zf9lWw=WRS>e= zu~tG+$uURw7zQ&Ld8q9bKWgF^t|66a)fBLX{_&Q&w=uwF>>^UQ#gdYx7ZgQZg9|Fw zh3opv(g_x&4LDp~MzM0*1}P1d*iTpJzuYr{0#g?DT-HB)E)Y<&PYB*@@uR}%r;+93sv9(h$;4??QHiEpsGhddm*84+3>xB=$v^^uWQ&YsMZcdYKUwss zEw<9+DruSGm&$qOVuTKv^XCbK>2Z=ixC3gIoR|WJ$vU{>zu*)Gpl~vu!t6dnIb?^d zxIfOdnIn%``I=$-24+K8Kqx-D+AHy*pt-*arWr9k-U*EShie!laY%S)a@0;Tcr(f% z9wkvo`0z;(K#bK_y!oP93Nw_1;y%k909-|KH#BtVCzc`RAA5=YoUw`R$X+R7~G9hPptdF=K7qxblf>3r40e zRFFh?(F?+L&GG7htwp+Sf)j+;0!hr`xYD9tEkCWXQjXcju5@KL93@CabAlSR%+I8X z*#o1B`I%JFC%92T|452!)88nqeFNW%6ZBvBsnh=zu}&V#|7&Y|XK&l`|Jqx{e_hI> zv2Ry0=1wb|o18m81lOkYrfo%F5$nk0$4pkNC|S;F>18BqQM`6@QN{NvV6IbprjSWf z#~pA%*#ZmBOJ?xn1mYYYJ_8^~Cx<+qwtyx+cY}1oOq0fNoMaEB<=AJSUSKK3A~Z%h zJ(t*DhtG6fkXe#9%Xr#LA7c~`L4Si;!Z7OaYU3eR-*W+Zhpgb zBF-Hx7@{sRy}JCP!XqN^BS?nbAt4ntNgrLjf9<`708aq8BW5e=aa?ZA&X;J0p<+Be zkixHJY*AqDusAO|ARqG!%lmoVa^pD z(+=p1+ZgJ9%`$~9o)uJ?jK;27F$|6%mJQ6h+4;=P^dMG3f944o`*|<|K1lsMhgnPZ zi1Vhh06KyTU(d%X+};is)WZLXK~PIiAw zCTG2^!m6wH9K1PwQ(EEt{POMgiCTdoF@%&4pfohxcL4AL!d`g)v)=#n&+fae&40ZA zLjV7+zxj{%&pYenE&21y_@A9M&#un+QvyM$w*Kz)^5)f>-`}Hueu4DW|LOd5O}CJM zS(apP@UR>;1-Kj$y{-97T^4T=!q{@KgDet+Dt z5!aDlXNk&T$hi5_-evEm_p0}%_q%B86@hG&LcL4WyFtBIsP_i-en+w_B87F7Q4DS$ z$P(gZ`rEst(CMc%i3uakU+?U~{f=%2BBzmQPQpmT`_OT4W`Uo>VZuyYc^x5bvGQz6 z{four^&^}BKMaA#Bp44clgt6Qhv43ibH>;*yF}^}V6sJpX^0}R3MA&xYb)D!vDSXV zFFhAj=kdu2kxPREjg*_FRjcekMK9LOXd8=m$LNvWK!dZO%9h6*c{#ovw-(}9oi!#M zEOQ)HN|!Z_JJhD5U?B2VB#Y6pI4&iWjnP|?H%1Ad%+GRmdI=6+HxW0$$?KdevX{Q0 z6$MUYbLEIAOp4Zi$DIzY$?b+YPt1(1z*OwN z9D4(22ZL4RJ!Zd|;imdqYg)h0r%wNG2I!yX7NAD|f3Ur0#(&$|*1kH@$V?z2^ljb`ZyC#%R-Zj z!hc|xxl58SvKWn??=HvkWsri-=;(GOcM$cjU!VEp)Vs{k6h&|dPl;SlB`^y_SwVUs zE?$RLwc-=Kn}ZPEVQ$>+35d|m=KMW5|j=HuI0Gkze7N0erb>bdAuo+5&#gHWM(9hW`&Kz33}dS?UR1OAd`>|n79 zXuO0m^kW|MK@TJ|@-gsZ;A4!2L?~n=bqR&$gqia;qNxhLVP-B3ax-;!EzEMCp~V@X zN_&dxUJ48@rZCG;$coG^`R;XR030)ncpz5~DPzrP_XjJ&PV;YU)9)d9%j&f3P zk}{-dL=Ucl@CP}}z?d}V@FzEPI)e4`_}`ShG8H>hU5}#R?NsNujaR2kE6~2}syWVu z3F|u)=kImKjC&Su-%TD~Zq@VZ|lRP@;Bisu%@+SqCgr^KnLer#bQA)pP7=wt09^uR6^&YGUkR%diD zmYZxTMr&LeRPT+hCUK6&ko$~yn#Ae-5eG@kpjM{vsF7l2yR&EWXx8=Sev=%H8jP#6 zt;{I5yNsRc1@^`UP&FhH0F7A!l9LA@Er^yPsdsTJ%=<{PgC-FK6c`AFfZY-ku#BsYloR zFg)gotE+TFRlKIBHgWd$_|y|%&Er6{rdvJnm!64f*(9$xV)d!*`C%w=DQER5$Ttbj zwe*oh%*-Znkzx{Ia0>%}f*}z`iOiWNAQ&b0F$KVO>svTTG6?WJ%7YP#hop=jC;13w zV1i-BBKEz8Ii`c7M^hwX*zs={|2hYOpOTWUWV+>yE-)?7T*q{&at&esHiFmt$8%;R zui77U=(8N}jnFMl{${uXBk zlSzNvmIHESP!yV3-O%2UxVrOB4)E!gn>#RzpB13GdC53g;x7ncaIU{;n zGFom;NC9qjI{!FN-TALv&(9qKqQ?GnZ)bnYJpcFiw^rx>G9K;xR|dPqEN}|cAA$+c z`qMTOFij%1*j&EQYe5piYnV-8b~cQY42G7sP7)8$aO|fZ@GuNAXe16c!d_`cFS^nf zel*qAEX>|@?&okYiLRk>1;JqJY83j)V+1>nd^Elh`%Lp7u~v|**^H!I5zU+-WSd$^ z0qL?SJvPU5#Yo!sFw6o-J({oZe~j?KC#tNQIILX^qv!TlS~`ap~&C? zB_xl|P=#lgpSto(2^a4KhbOmAVEp|opji7^lKMj-C%O#Xr3TD(@JoiOTC?5=x?B35p zfFmD|z`Nf2`Eg%M3!0n9%y|+MIqSCs=QoKIgFN88`X}u`scF zWaPM$RbrXwPR?bcM6q~jG0}!mO1uUd378JV+LUM+{=-ah=ia>yK-M%=dQiNr2K~7r z2*Rw~r*`nFwgkpeOXI*A@7%=;wyA5sZOqFS{2=`*LYG$A^NIwHjwDLzaY&g9r3u%8 z61(}0np%>Zu({v{w(!F7mm70qB5f4O@5toyvFsxnusM^G_dE}vGX_xYN$x1mZXN=H$|64de_Zx|49JxxN~Q>;YD1wy`QG`#y7(?b7|sZ@k=kEv~Qpqz@R=J#zg$0;~V1pZ;!g5Qa=qx=` zWL&$CGjyXCTSsC^R}%csg?CJK*uHhM*L=2h8mrGNEgp5ZVthVlJ*g=r^PRedbPpg0 zAx7(ZiT!LKV4ZX?Eiv|GYm>+wlzP8~B=bUCGn3+318LlEyB-vERR_)j1 zN&UQdtjJQzIh2zu;1MmVT6d%TZ^f$K;4ZL~le{V&a8u^FKO3?70AZt_$~y$|pc44U2t*Vun;?d+QOzdL*TtN8y* zd9?dqGN^zJaXVMPHJP<4Zg)gptu^+?cY7JE_pq(oU~%0``%Vk+KQ}8gcM=SJ539r;ntoYs4em~1I@BTl` z()RZMy&Y@+KiFIC|I2u^{hti#qwN1x=`DYtLqJWT`S^!G*(pGsDi=Hg2n@FWlRnk# z|EkWKHg4uY76=t5m+6|bW+Bbqu(Z1D?=_o({PZC>k|T!{V>g7f!s;Zbf9Bo)dCJ{J zM?lT~ztcZ3^MCDbuk1gU^Jx1&AJj)V0?KnV|3C+T?Bq8V1lm0UNUz#D0z?@4w4TpsfMl)+KGF(3s%Drqn zT(-lIn(1C0m74y4{rZeg|HCrSqXg&7Foyg^Pih0C3DI??19}t8-xY>E6iFVolp*{D zOwyD^j4eYb&(q(aAHocCyowiAq|caH8O!KHhK-N3KNQj6?F*UOg~yV`$Wi2&yfl5* zC2;^y&8rHlD)LZRlE!Lo8y5RW(%j4y)6ih)Tc2F3r;TS`{!dDD4LHDB`TxMw|L*Sh zSNz{n9^L;}4C+b=Fh38dbo0m31mr<$T;O9V0wnEM+JJ_SbN>%vN|r+$Ac%V(f(Qk7 zqhx~NS^U4uP-Heo(3<^!cYoiM|F?H{SNs1`9v)KcM%~%L5XLa0vE_Zj{D#!{665(yQU?1c$;Q$ijoO)*G!VT zNeaB_mIu6Rj<;49r+xs{hMlmID4YeHXW^?sz4S4~jtt~cl#cxK$r$YQ9Y&uS1bzmA z>=GkA-T)L|89F)+K?sBFA*WoVi8AWau)3DWMewqt2=D_BSHrsuOCu`P0;#LrTlK>qe60 zHh{ywZ*A{*61ZBPNOVeBA~hcNdOuBjX>pvIl_pu_taJF&^#AwMlp3=-R#@@p9~fqI z_6i~wtyI<{Jix85#i3sN-|#k2ks-eigAwZkGpkj5An4D1HE}YA(r_;UYO7==Yyg}9 zKTR>1(6s2x(y-du`F zOkvWoSp+>odg{d>hG0=(qQ46Rq?3D{P5*hRmWWQFwR*n%rx>J=sBB2kg(Z7l4V3jVQKbq6c0OWhVm2cklN`zgVX_- z#cVyN8X)Q;@{DXq)DXko*%&X(rv=lai8&}f{U#N3+K?4ov{C@YL;ju&0)02hBKC^V zlfI$LnZBa*skF?Soi{+7AJuipjLL^EN`%uoMxzV9P`|YQ=Z_-=E{|?cKx^lWHATcI zs~p8o7879~+8qP_ats(7@c-fMzkD=b=0EmS^Z(mByZifQ{Fnar!HWN1##5=>2w{r5 z_de2884CZM!4TO_HcVF`bql2nQEP$0^1zzC`ik{u=b%v)^a88p zA5nF|B_F55g=Wm! zQ`GKcZUGM z-QC?CX6`)iSNHz9Ro(NWyQ-&V&gpaZUVE*z13KG!O!BkvJ_P*Qf}vFl6t??&*aEGOqMDtK-@} zY_YFoD5GeMT=M}}DVu1+#wa7QPdh=+AjzJg1`9d9p6pkwKSkP{W`4$~2D7!~C_JMi z(rc82HuWZNE~6;OW2N;8djoK$#9jvy5D$A6EhS^B19FL;otw;U@nnDK2gQIV=WCLTs z#+4!^A}cV$FutEWC-@Lw2q>#J9DAKoKi(Orrb2k6wXLMT^)enx>Jkr3Nahxs$0KslbJK=Je*Ix?P95Bz6A?vghT4hV00XGfQs&ET=B=Ebllsi1)ajzM!F5OOs04h9bHH58 zib!`nd{5nLoV2l9O7?55zg9U2+ul)a%jx}hug7mcEDbVPVI_s%a!`X*@B)WlJ?J9jyirj>EU3-=l z!XB=ku^VP7Z7BZDk}%=I%h{(kIc~jHyexbGB{9S=GNnIFf1Fp>Ljz=qOvA>GkmZfE z(INvd`cge9WcD({JpOL!S0w7KZ*4C!G$|c*V03_7h<5_ByY99xaDz?Tz z@!%cQhvsge^jNyLOSt%7#5~wLc)#dZW6XW>zfyN762(aK+#=CX*Yvu0rLCM?z<)pB z?Bit81`)#s+DcPD-CjjWu0k#YO6;8wZ`n5$GmlPygp8XD&;A^lMhAwQr<`Np=m@59 zb4u*JcB=p=W^y+SPlG`O{3HczpC-jW55e;TdVGZFT3>;5~uQPO03-}dmXOG!o zd){M}e)o3yE3)WFlP}U3O`+x=CXN4iN^!DtW&BlAaHca@0#b&fx1?2KA^k_dvY!Qh z{5MuB5*2L_lufb(>pBGA5SHC5(u+E&qd#=O9D4c!0dAC2@Jt>*KklCySOf z|3@He)(X1uJ$kl8pktg-Z}4Oy5Cz!;!#NE1p4X+p8RxBCTjGT0kRt?=sM`*U=|6 z3Rb0l?}k)t%&Y(D+SB#Msl0Sc{Yb`M{D(Wy;E<4WTQRho zk0-rP70MzWIwo~D%FEZidovO#iQ~mLJc;lzIrs0K5>PsZJBIc>JU}9dhK0`Y9P|O&d+nz%U1Ch;$56n5Eo|N zwE=KB@w5LBaFw|n|1llJqzQB?2LGi_6rjqZgvC1%t|wP|h@4>N2z@%5^vsb{*KQ;o z*fTYz6Nq1tw{a@0SjY+~qKeN#;f02R33aOAQ>RM`?dWGS4SeMd74dO;NbU?yYKTYX z{a8O5o*Vds*X>_Fb>b2Dnzb8jH=A+Y>LfWQE`W*5JCqND{rwp7F8A*io0o6IpR=`I z25L=w)reXBo>VA$$|65y8C`lmt0S=LrNj?`pGNh4F)2CE32ZwA`*{# zdBEeXh!>it;;WOF9W{vQ@Rj6H1V^h(?#&IBL|5TSJ=Zyd>Xi#)eqf!09){LayXyP_ zl>GQ19(kr*Nc7YHS|D}Xo#zP76)CO>gTfZ($DH?Axt*R+T%du*=Es|6;x2hspr9{V zN-~y{|(^!|{jk_FxBkmybZ}n*uYhz11NhpTKC4-rw&$N$SE|#+aj! zMpV!FnIZ;=lSy~VR4xqTA0wXa-0YvX$#|CPSfYQUv^x1Z`Hg=}PvlNat7y@m-tLs< zXXk1P;>I$l= z)bNBTVyt8Ac*nEQeC8+mQ8U#wqKhf$=}*#^u*!2MAzmnB&xAXk$ss1mAzmW8&m`wV z!@p6yIK;?5>k(Dx@AuMYj1*-)zE`5yJ^|P}kS{+$s=Xkm>#NJmchJ%mJ!nLY#0}I- z1-`j_LZ<&O6c2QZ^3;vGG|q0b>f0r2HHE);u8kWG%n?V;_d=uX)E@ z<(Vn3iFVALh1jHe{MWFNcbb=#AX3TJ0Oye+eT={9YU=Jqyu?2d8!TevL`AoZBjP_4 zr_i_&OkAXB2iS%s!~~xk$tT7(G_Lp;p=>R6;Gz`l=!YPR8)k6`c$LJULpp_g>4UMpJ&$sQ(PGis+d(HsqbESe zp*v@x!R1~B;bKGC9ri+VfP4XVR>dH_fBPFCJxr+8n%7inv1)h*7iVg;nxXzQ-j}8X zze|^VQ1EV)TPCXC0JOp`Tq?G~|%k#bkhJ=ujzP69*hMk(QtkJA9USo}0vW>~S%WgOf!D~DjqtPW0iJj3+ z##4Tw#IHJUz}pq>ioVN@XClO5PZO%DFfRVC7RoRX#`(2c&Y2FEeeoX{^FT6f3Dt}0 zrZ}<6*^_?1p76SgZmi1J@tL z3f@rz8)SN{Gc-EBBf5^gkK&nZ+Q`hEPCxH z0)`6J%&Eo8hzn(h2ep44O>)6atr3^(XCZ>N5@{w$Cz>-6``-A3%vJys+y%`X+TG;L z{M*7_KkfTmfFSP^SmHTPO7AYNoRHKU{4K2vgl4myE0MaX=XR1_T;0y6O$(K za9_xJK!G@W3zHtBLK1_!r7CZ=vy8D=`B7k*fJULOS$nL@a58|`*Q@?gAK0vfM2d-oqw;r zfpgdR5J>=J$_XXcC$Cc-v_R4kaN`t7t?%Bds+YGv!(bP~N`@SW!xZ9++7}>faBeos zBnBSb061oe_4z(p@0v)zH`M6Wv{t`3H@T^r$0Oe`$BSkJd|6em z4h#fux}}wUT#^CxjoBQosLDjY{93T^B5FooBHGph5X-X^N^dH~SDiV4!10W1euETfN+gXkeGfc`Z#6r4xnU!p6p?Ez=;yc-&$GV?>bj8YwkC zs*-p$XG}h^iatKXP;8JK3o4cYG~M`QOdEMptWD7g%p6tD;Y!7&-ug3qB&WEU7yCRq zJ^Z>UJ8E)Me@rK%zsrvF&BBmjl7=@e-7w4vZDD#B-cg@bQb^g?uyC_EeUTXm_sQt+ zsH&wn+y&<}Y05c~`uG#;Tq(TlHtH-1CbTiKhWsxn|0-v($;)IE#|_6V*g}RiIAeZA zhiG-+yHOGZcLRPYkk6Og2$$d!ysv&AWVU_U@3PdR&8Xnk=;NHo;&wuw_b>}DR9<=* z$}W#w;_lSQ#)kPmV)0e&w|qvS324R_&9Gm;;OP>&&nDD*i2CVGTh*V~f9*hjo@Td{ z`<-}^-9SYeCb-1dQ2lbLq_oh)#96|UAL+{4Hz~m_(3RJcL?`h}TNN>PO|2}k1(C;% z6?8EG0s2p$BHV>g44&sWdOWHJ&fGX(rT?&uf9~3dIxDf6Bj3eB+UkC0>cw}udPW9< z(r&rXT|X_wxuNkq$0vK=Q*IO2DtvCZXN=enI-Tyqe8LO*6?FUpO;ld=F`1|Ez61(x z{KcIFsX&pipGLjHo$mrA$NI4yVnirq2r&0x2+b_X9y>;;yD(-);rhz&w*BeLr`mK>FQegyy(347sTM><6S^Y^+fWeEdjj%RfpOL-SNF5 z@+I6hJ)hu4l-$@F6gk)?t2-M0^ARWdnbbmRPx;7wMeio zA}8cCw-D#b$5pOUsGP!VOz?aDN!SM4GEb*{jFfQC#14c%6v{)30%w9wqs+#T!DU4h)9*cae#O2C*tyFxB5%!lGhzHSv1BB)X*%kdVuS5rxy^>ZT?9}IN#iBAAJf(Xw zB)Vu(46igahF7XLgKCXpE(p}QuCmSlKK$}6?tPo=zB9S3>4w0hPr4xYk&q+CcXJ7F zEywID$$D#69H^e!B)u-@1F`Yw>&YOL@qt=B-@qDz&ydCcHh^y+mW3G8hjkN}hjtB8 z^p_)YCe!WBnL3Rq1sPfqnV4-(#BvMV)|W?T6B7N*D^DGae!SoabBZ4jj%_p#d0^@~ zE;UfWvd40pfarNm2=UU;McGw7G(sIo*6jOXX)>{P6r;>}?dh;EK#RiP*$AtdS0tiJ zmp#u;9>`*g@JPUecN{k@_iO%0y%EHM^AaTD@ebO`YX&`|YXM2Ydq*BHJi$wTm-L`! zMeqvxW(7N;>pY7ILxK$I2PZ0Ifu=J&KqY#Df^!P{y5LT{ThNp7+klV9C>*o?vf&7h z3Bivznjiw0e>H)qQk_?X8jbR2KNcV4u`jJoa?~7VNjg}6ntn}j11YD}J@@AyjQukI zdc48(K#MS1`|AL0>L=d9B?!ElfVQ8u`u~?&Oac>7Ufaw^arrP1_6=ay%SRaEFc#F5 zFou&Ulp*FHXFD=vR~-7@m%VJY$bT~%MB2w;6~3-`7$xEzjwa0Xl27VS{UNg)+6|&& zQu1hj{n!1-ElV-Y4k4RzLt%jn(j;DdHiVU5FRvpXLW;jccf`0um5=s8A~p~Y)03^zH?2Ljge?xflCC}I3)4E#wz5VK)hk{ zShqSm0jsI#vV7Fz@yiku+20c(h5S*SW|3_8P9mhYkW9iobUpPmoQ)xxR?(C4-w`k!hu&0VRr`!+X%UEeRM1&*7hmsfeZ--S+kc~l1rJxLd zhuA;eX6-{1o%q~IcV=L13n6F1QBsTSzt8i5!>#YqG@y+w{g#5|Gu3wz2Z!-@-l);M z>*dBpbP^u@?|h*%rUv{8CW`XDjh%EW}w+*z6C5!8OTgi#Z;g!Y`z|&~iboGj5xgqgWAQylTOz8~k-pu9*~eTw7&uzwED%b;aFX zv`b2mSjw8zjfB-fN4PUH{%jXb(*8eV>u^Jb^TLvmgKWTGuZZDIIGqx>-rjz#&r4_w z{o*v`jVOs7>HbiAm)+Xs+6MFF4i=Ou)1#bhJ-Rc);fC;#&2yeQ@O!e8mJiz90OlR3 zy8*8+pC(_neSOy}?*VjR)q@CMFP#45;Rv}hawDxgM!JNvKa##E-n7ZMPANzkKMdUn z;+i*mhsd(GFjgk0f*OOeo8f&ucDZXx6#Ji$J)W8H!CKfi>4qCWT91MydPS5y^1zNFMdht!-45nzts$Mi3>fPTqqjjPl+*m-s3JSpoV_UO(C;=hN5WWi?6+Q}1@ zoBsUqWG>YyVoUW*6ZD^WZ#t~O2g)rs^;Z92bPH*E&?Y|=(*9_0m_;paej@go{|c0| z-U503VY%+K+$yoQ^JHJE>c`W{`{Nu`-|KV+cy7_U1*P9v-{lJ(#2^8< zhrTf&cXZ6PSfAhp7XNx%#v-scReBv1g@OE%$Je_^L~)`+T(H-U8LuRJ*VKX41xW zlaWvnqxZ+7obHAgqU~i{@<>RbyD4EVLtzO*79~K7)o=B2<218cOSX6=iKMK@MJ>hB zXSdyzz*w}pSXEa>ik1t8A!@3iz+4rh8uJTohpeuU@@=^=sQv2MWg1kynd@-=0p?0G z9@kF;Tsmh4UX21gZrrB;s}U{JfWxnr?NE7h4Btt<(rQM#ouMwc9<)gzXfIb{EW^b1 z91$lb@k9YwO zV!6L#_Jm+fIr`=YRfi_{_Y0ZAs!(mxZdR44L-Yo_fB2BHos#jS{TcD@M%!iwgzlGf zd8ePv$bfIkuRs>FZ~B8|A+P(xfDKRZX?O_I`B!uavN9iq#CPk1BkoF<-8&XRiH&+N zpN6R*Q>cSwr!*vYmp8}`F z-ObJ5jH4@6+BQ$u9m;Dmr_}dMKw$oDwzg$pLy5LMFoM(>ZG=R~A@y?e^CyhbeFNvd z?fhPfd*&;-`7l@QUGoR|qMrrK6j5#=HKIhVNcbv7xDUu6xK51P7vQ+J;>cB!3uPB9 zPcC`hwe}k1@XC?)vo~g0!8k)?IhIQ0E>?)(z`UpAizr`Pm>7F_=rwqlX6~2aTV=my zMU*@DePLo%rhg~W#GtrXD!G?ff>5pYp#CFX>yY1EY{kO&qFKo2=U3HFmQph`J0hU| zEt=p{uYQ31(a1+rAM*N_{ST_s-$lpbr8G;T{VS(rt8e9Qy7ZTr=VSIY#$A%cN$h}< z7D`@gije`e2r+p9f&u!Mft-Hah3*ri_!K&GM}X}=7ZJrG_{5>Wi%BxppOGC;X}l3~ zWsL+m-tK~x;@5m_y9!9kyz!6>6aN~_gkhYK%sT3CQA;691gS{Hej=GgBByAf4Vk^? zaUE6~Tg;%V>h)Qde8}n|p2I z=EJh_h0Iea546!5_(|buY}7>8LlOH_J>dscZ*PxT(jL(H7*nc(4`}Ukp)Hf{$i&ptAaZ!{=>HZ-kl}pF{Z3NGfcH z2WL7!)bPF{&azS`e@Vmv=YIbu=?6R2cAq_hY{)bIzXGk_dsMoFB`HO$=B+Rl1A2Uf zh6ca_ef~@;gb#%O^jiJ#dg8Iha9Q3#ylN20M7RyK`d^HZM| zsr_^RQ%$;L6n4!oRJ#AEFQ7+jOHz3b?}9>lQ~Q_L(YY49Nb(65*s9@%z54kvmKyv%us9%-J&_hINV!oXDBmcs8u-L) zB82!B%9A~06JA0a{2ecVEKGQY5PuLl+OjkK^Ga$==tlzCsheZh^$ZUG+n6`Uom(KO zbE5R#4Hc&{JA279C0@);ot*WL7|lo%>^Qy1x3&69)Cw)UOEev=Gva9e${&!M`+YGc zTau^ltub@x)J@NU(xtVfcNV-4br))M5ny~k|5no1V8k?U%ynGKKL0RO-8szNEg zkBytn0#DaFIypw>$FgedN3gujsyI_E;jZByTK;$bpKlWZc44img=-UY^^TG=gf%&C zoM>C!fTIdiuZU}17?k%$7#9aPPhxIb54%teZ$uT8fFo2oDMjW0RnFl7(#a*9YV~D2 z(u4|?Iw?+V$}@(+sw(Hsw;&!ATl(bTj>0G%NtZ(^hZ;d z7<#JI4>V1dR*1LXk_ai23%Z_)#|D}7_BO78GH$KkLD*mkJhW|pwb3t8WzTgUpV_DM zTB?w*$+nj@qzxz>E59rTm){DmtJpQCE(E%5g&EVrtjQdze_gy^nj9@b1&hJB@Nii{V z14Z!RG*f|eu%xoB)KlyHthplqFHc!D@`C{u5EM~!U)>C?MsSTbkLW#(@c9=^9am;Y zP*L)M^^-buY^{6~wpn7qD>AXqF2;jZl-HWAu)q}?W%Jk_Y-;}CpF8&@8ykh;PIRR> z;;eNh{P6?Yey?PJso%(OBkpqnn(I~_1*%xq`Yl!csdCL&(r$}YT#KT^c?Z@bD@vn% zF(agA_|BT!&dlzgZoN^(NRg>R_NuK;T~&O{T&QXsrZh$#dG^3h=oj~$u_H(PI3bcW z%bbS8YfJ94q;Bh=eWqiOGi&fJm1*8&LOE!4ZI$aDKziX&z1PchIQ!CT$97PC6R-y3 z(-50K8`IJ*j0n8d1nMfgZ&mb}dY=KcW@qWEu^=b&qd)Vh>jaR3!4O9b5tPRrXlkh@ z7vz=(vY<=o0X34t`%SF#!B*KkxF{v2x~ddMNduO7rDblP9ktZN70AQJCSxYReP(<4ePEZSu`&9 zIdHX4+`6$UvC{cfI}zHOJ%*i8N0le}$<(@a>|`LyJD^{gXryO4l;1zjh)AaHv$KGHWCnSD0Q$`B!3TNx+JUS1O#8F1BJ2l&34DnmJ*>zl*|N$R z$nMW29#S)l6L*->e6y@`9PO&r3iO9H>>)KKKrD6S$1=LEiowdJk5=CCf6pKyOEau_ zca~aqk-!Yr@0?UJUn3eVLTfic&nWM`mzN=$9|?zoYe0ZH3g2%tw3Xk`!e=ogFlp*% zVcsLG%JyUHBPH%bTdyi$W2c)p2^UCF<5gP0Iu7#r~TSzlXnr@sqDQ^`) zU-g)JQYi~eLCO@FuYLrAmcZ-o0C070{j~N8R4n)gG(veD(DR2pJ9WIUC0*P4i@oDn zQYyVNns(%_SbJBn+hVYjLSw?mUQ_KW#`q_B9kpy_Bnvj1?=oEtqmJXxlSK@2usFlG?)QicHx{*%bKs9oeEesLQ^69X`4mu zoMB*~%wDH-&3Lu*Jpv>Z)rPC5nL5Ff(WU#8nz<*X_uyGuz$mIt%-tWn zcaq$|sqUrp^1G?_uNlIK`C%ykZDmz2XY;S6bnwV4(ZY0#4ogo=(V_dNM9_dapW&4l zQIP1gapX}&KOK}Z#6dN?pxXZVD(k@;`-{mV zo^skp28}AaUz-xgNyLb3?EQqaOMHLTo^kHy^wLyMIcR;$U=zf6ID620M{cA~#2EAu z8a6mb(#%8;_fM2jQiJgqY_@xW>0_qL{<>u8&L3-9o_V?u>2U2F8v%7k0>)M{(zyC=`SQ?U;$pl9L_s!K-)9vN%{22jliypb*K>k zybI4*c=rVQRhJcn1du5<6cRaxS8_17o95aZfnF(m?vX#dom6cQ1ua6e1|4=(EsCue z0$}lt&x~8o2qOAB-m!81ExpUvfueqhVOjvj?ofdI9@YM~<4NC{5l+eO<^hf++XVSl z;U6A3XC>4Xps9INT=@(! z16f646K7dH!)nEYo(CTpvbuf^6V=B=I35l+1aqSuY!Dpxa-sk5^h(nUbB^LzK9EZJ ze^MbNUt5B=bpAUZAAfy9&0cwWeH?5enrSXBA~VD9kliwAzP4c=f*c$ptlJR%2yk97 zlSod7)6`<1%C6F1I@z`Ju}#>l0*-d~NCO&cah>JH1PP>)Ns4$8PInha`^7)CjTP5e z2(gdG`+83&AM-*mTS&&{cI+BB&nw#8_V^l>AIZs`Vgwl6G6-K(-Ou5@z6q9ubzEY5 z>r7@ria@dC!U_IrwmaqIE$+Y)A0#_Q(hYr{;^2fc5@qBwvBSY8437}5pZ5@RM`o4p z%Zil92oToAIEI?|>im~=G*Y4m<1f_c*BjL2pMl|=6vN`Q49@9+T;2GBVynS2xW?&$ zZi0Qth4SQ#km^Y(R^;Zei6aBcf_4PH6xCQT+q3HQAUE=|XE8^{1ZHxebWq$w^BHrTiT@^(Iq67aGof6u@@OpC4!7lVPRS{#L%|+v>&;q!2^Q~-DG@+;L zQ6(QULd`%rd%$GZYt1N))O7TA>PAAA2*rDXKioeXT**ss9Mj)V>auaK94noTILnWE zK2-aycV7P_*<7NMOR6as$ImZV8{m(`KgFmfY$3g>HYX{L-QfICapV1Bh(7%0e2n~y`1#>9DOJS7(kc>Vje3e_8%wn(K|O1P0G#Hq zpm~A0K!*$J3t#=qbn0Ao+1mk~?%+srqApo+u4wZD*#b*vBwptD`MVC2tOpP04DJ+5 zF3Mj}qH6J63z43>?}u1*S4oS8wh}mh8lHKY<%(ESQX8NQO#-}NBW~siMbM@C-t)aa z|Fb*jdiR)2k<=rnoLu!n9>ZakX{cA8{_6$s`3wmO5fO@OBHdg)5QvLFux5|YaHXsn-1sv5aDCMpvJ<76~{?8 zN9<00X795zcT|>DTm9-mrz=@mo}Yl@m<~Z_lhM1D`jo_3wv_u7uX&V9xev>N*3y&w zxuyB*P2QF|3y4i&Nn{x219ZPM*(e)u9xFHr7vSZ5PQ;#327RfW4XasQV z$CnrOjgDmC|DUiDR?zBg@oP_|sGu^$c*^%I^!z%5=KvfiqSv1=TaQ~jXW30xM6aue zOqD*J2d^Ov0%N+Tb#D7mP;mrb%Zzy@8G3_>k~c5HoY#t8U1TTY#of-o&Se^J)!YA@ zcooq5vA<4>cxA7)GXuR9`N5JGpUbCbTP{wn-eB!8A%&~!K{N27#@T{rQDx6UTeLil zj=Smt=YNJtz3tuijxDM3DiPq**QpdNkc}xt%!(>29gNql9{!x#lTo+8dOylZpM(Ed z_EVSuHLcx(5Hd6hB^jGJd?Q(q6X~WFhPpfN?eTpt_54-DMf&;YtI?Z32T&g1>kAH0 zz(Jh|+rnjoKXyi!a@;LL#~k-LPdIsYEK`XSY7t<)>UZ(OPBRyGVy_*BSSJjvgD$k} z_CzYcViID`7p-Qtcb6RR&^sFa|8?M?{>gHln{U*!DSYa1n)hB&)Lx^$zVvjq@Qp(y+pFZrrW$*F1lzcO~e{EH6{o1-V#_Th}weLQ&hiJq) zGbr3bJ?j?l<|%s?NVfPw=ZF7F3uonm7QqTl3)hOyw=47`3!Hn>xxdjVn&KVrJx(!i zTxSY?f7Q{=`ST|sOgAyVz`O@NnO5!!kys+a;9KP%I7%%y97$(nzoqIC72suekl8@` zL_c1a8QB&gV}Jfu{uZ3EaU8SCk{+Xazn_}|zp-IY;4|x(dFjef38|!AM79Sr%ZTqp zK)vMy3$vvPGZ8TUCcK7R&l@KsSQ?JX7=1FQNFY9XCCHt?-I z7?(AUU-JHE&DQ7|3uLt9#F%BbD;rP8kyE0=-i!tE*maZ2iw$(uuq<~;fziM=mds?w zn1PPwT=n)FUdL}whZ@gcn2tE4D%NHaDa1pr@_8Zcyz9IEw~ny@%`jp3eX;=d{um(7a(& z^^I(4(2PaXwQc#eY%V7zJV?ruAQ>pLH++Tmi`vi@mwF;a#tZh4&A6_>hriGt z4HB`D;+_68qpgBv9cQsMh6#X4Fi9_hMEW3_!WJ&HF1-x=+7(l2{q_Gl#^Y)FTk^lx z;E)6IYoX+-z(-U3Ka2>aA$M8W?p>fm;d>5D-lj&_7_t`&%BRPYKsLP7^y0Wdt zoVrV&54khqlHB+aT2*y7phKP-OjR6V5Sm=9Wm$C*@DBB7EE=Ef-+6oeT;eI36a}K# ztWe)uX+0Kyop)yASNDJI)bdp9WGk@2h*K$S@?(uEUSZ{-TYGRSgcv}(3ctf_YLVRx z!)~P3P!mQ{P(uLA(&fqS`tzpg63s2bo2sx+o5H|69g++*<7QI98qIa0<+2<1OPrDXr)&nAC#`2Oa<_+;%2WK+&sKJhF}>`rr8_)j<5xzTYo4cH@|!KtlM%=3 zuNZ}NXyz8on3ss+w)UhOyR-S*hWJt8X?>5T5|AIK{VqBu#U|+R>Xw(~= zt(3%kH*V-mwpFm8aXWdrg_gEPIlIot3AI^Y5RJGVCATY~nP+GtLW=!L;1uTXg34K& zY}6}jOc%ZI)bvMtn(;A1r$g{pG6-QA(`C4v$%riIGu)qvMZKSF~!xGpMEWu z1L?#N;YeEy8FO4cFMWtHf%RsUkzUqHbM)7jaSKztcDg=$IEC?dNw;yXnjYtC12C^+ zW0dOtg6&2$8FD)C(gA|hj5AiJhEEtfE-vg!$~B=mYSmqeM~3o=_JOY8hZ)?W{dCV$ ziGTzCciRgo`wT0M2oqc)wzrgIOt6*f&*L8==is`7n8=m=54T(--rQ$wuVcS=PKG%> zj0QBcpsfuKYDezgir)fqXYe0a-!EFV6WuXAr-!YKck3_!`u!k_l(Mvk+U8pkw5R9E zkJ`!?Qh6Uv;B|EDPhS+$Tu}z$=|3a;gc!5o1onmh(u{(3#^3yF8t7c$PfJfU(-qX_ zSzO^XknmW#92c~izAVp) zovhO;?Oom+sTPX?^rj>FWI3zvH9apg&o31h;69?kQA{I*2avQAe(4oZ*WAhv2JcSZ zNQL*9&ir_XuyJ?DWXEFz{dr?bG{i!k$j|XVc*XEh&J*a`(J>%cghWA?srF)ORavcH zpaMAu7HF@eh7em-zC$6{D0~YL$y6X)*^|c4uD181{BvyDA{h#mRuac66lYH?z_H*?f5hH~6 zFG!4F-$e~%!Sjc@Cx}j3?qBT54Pp-%vmP-O7+R&~lX zXmUG8#6Z}e;9HS)SkPqpA4t^((aIo@k+(8|+c6hW&x_Ixzd*s0hU8zUMO5+&>tBn6 zAT%h!u_h8W9wz$>`8(E`E9amHVLG8frP^--D_Oe3<&SFL)O1z^v1QuNz zi+bOalXH43^XkJaq`t_@E$;}Q>O%6-{Rf}IbB}X zT!Cxrbz9#$rS{bg(4gzHwR1Ah-FVqhd6*v0LFCHn0VhhOaGUzV zjZU{m`gz>1800#I-iMxPMj|$A`Or`+a^1o;;fY7!k2t*sgx5=vN!#vzoU?$nruoRU z93)&=wb{_&spW!N_Edbfdqjv?dMWurWf5adjIJSThTc3&2494&5r`sqjB8++Yc2+A zIj>%(`Qp<2;Q0n{} z3l1Z0KJyLyoYa(WP99lA@vnxbppe=GERC_t+{&PWjw>IRQ;n+a5c&3|>8CTx^U1-O z3RwtrWrzWn4fg})Mh-d=3cxuc8qC)16oqhrI5iCfIkb$7F9nw8l=64+#s%bS|ffr2BTPhm#^a5sIOa1t^CDeW{?isEsYJ( z^hv=jEDY!K$T*bYpR`?J4)Wj*TR$wYjz6xyQl&Zah&9t*iT(&0F4CcQLSb%)@<2to z3}oYucO0#^oaCQc*7+AtBq{;SB+g@FB0pu*?;}6{9A6MSh4kVw1wf{xj@mUTu+3DZvfmgX` z`%A^D`qkLWyBD^@LNxy=(mPLDW5TW(7us5I)XmlG7;S2zfeEef- zA!kLS8mi2v+U%~W^+TyjBKZ|OhP}DSeYQYAWp87r*&*NuxDa)3{Q=O!4UCO5ynw4K zM}P>VgNgLd>~{LuYE`ts{@#1Qnp-2}pB2Qne8bts#$HMyjhQoeaWMzIbv}d+xTO?9 zGd`lT;=WN5Ib@CbJjtnuKb&rqw+h#|f8a^}lbuhk+lV=xOVUiSS7=}HP%$gnIsg!5 zg^j;}Wplp~;@@4^T4gtHekdDHKpUHltGo;?NWg|&vY!)(_B=8(CrTuk{_tUx;}ht& zQNyr-t<(wY%HCJ)^FB4U+w3Yfo}9E8#X?J|)41Hpgi^|qYVBAwEg)!K=qsbwI!c`4 zEQ6Y}ubi_sl3w5%)^~ZTZc{nzs<2RXVkC%gX{a1GMU^8DDYc#PPdh>5ryQv=!f!r@ zrRB0k=7rMgTlt{r2{c8(@)EtZoqs^UBCW`Ql7z>-L)IX$Jt3gAwcZMXtDht;$O8Nh z6s(OgX8SD8_zm%j5Fbp`+`;EJ_JnAM*1@Z%n6yE+PPcX=cfceRY-Y-aptLQ)M%LKz zji3{C6*8mcaN&Ts&H{r%k#$O@S0Pifg!UIt;~2X9<_;0co}Yjo;`2+{I)S9&`n;M2 z%+bS7?#F}}M=Pv6+s!)|qTju%THm9>_S#!>oT^Py($E7?a>t7q*Hg^II@KfCrj7~fj`ePK;ZTZ?$v;S}J z?V0hvcKX|^_#aDojQw8>ZyQ^_fc4aN`2z39X8S}-t_+m}e|%ZBtt*~vxgXrAyZSYX zhY`FcuRY*hQje&Ui64nKT+LU!s!ndHpu*dlecRW2I^%vX8Z8iUZuoi|Y^N_!pTX;$ z10qMIVV+>8GAhc>Y*A8FEnMNr02ZY1D@<`54Lf>QHswg)3X&m5On==HbB&g)nu=wU z@$7QC>(PJqJ#*ezGmW+4m}T?Rbk;dWA-D|l=?f}_aWq?yzP|l4>-nEfZX<+8=ShAA z{qW%^3^Ryvb)KL)`ESe8|LkwC;{Pw_G0y+8;cewcwgmQ5;}6RF(XJr4#v39HIB#uL zr_A~4Lk0Hh=iH`;Y6r;SE7+ACa@AUW0 z{eO3Nd*%PTl*icrui5YdF}`i=`^J=cYTLbq{$oppMuYlx?TfcH%06DsRQDkm=hXiG zJc(hQ+$Y;opv^A&8QqzYFIQWZ2sy<+qa7yy$u8*qgddep3R(2N)r}0>6D=u)R_g{F zsBX5yM<+*Pm`tdVRhR#L4TB^OU0$7N0BrwV4!~tTEk6q9UH;SI`dVsUWI%{r|!Cj(PrX9jx>} zOL>g*zwowimjNi|&6DH+RP@_o0ai!;U+Bnh&-}6FGkDJZ|J)zLw(S46clY-#`~Ow^ zpXEFy`#%}q$2kF5bdo202B_gx+Pdm>WRp^xtMr+4MGH|Y(;#))xT=Bbx~BVNA)Tsq zo~aO}dr~RBs)xeroLlIeds4^Tx0GzZ+avb7er7!XBPDECTj&2y-#-6$4_5ZyOL>g* zUk%IF?)e{S0pFhB`LB1NT}7};_Gf++C4rwq^`(f9$8Y_VbGNdz5^a}RkFCz*_T)~> zJV2cx%%fX>)6A{A0r2Z&k_GU}kB7{RyX;$uQTJS~q)&kbcm(D4_riUAdmiw|uMvDUWvk^8tUHh^!oV8?m4(Kz*Bt zsXAVc$k5_TX&6<-_2h*DKZ+prdT5KGQvEiA?(^TvNjx7Faauc9O*>i&VyIb5C4^+ z9A3l$^w@85sK4>!2T%EI{wBpQldy<$r?7IRof{`1tZ}!sTxV$=s|VH2vp-?YBT>QU zC4h0BJ=A;7iW#PQ(Ar2)?3_NdEW8ax{z*o&Sv|8p)#pF|<2dp$p2_4>duq=A-JNao z{NL*Duk1gT@+jy3H5+U|M;lN(zD1;d2CZvOq3?cN&0%PdM7-aC{1mYaUL*RqUw^Y-g zOmYyA1{4t2$49SEH~;(B>jD&Mk1A9EhD0U=dZuFZ>6nbfF&iC=d>r=r^Nxgm{pOds zp^tB`jRwH_=_h}jMi2~=jDj0X@<|3eMX$hVgduN{kuO6-6#J1RtBN&~+i4Xv0QV61 z83ZT>ehhSMHh>@9`wv)!Y|Ife+%HIg6>%AR#S) zz{gOQiIaSU;^8yE7QdXM692;&z*Cn1(&G|ph-!S4_T^9{#4oF==g2pLcaVv_=4{DA z_XY6&^#1gWw0NAr1e7wtt3V1K*x+rO&H0*0hC1h`*l{<5PA$CO$$q@oCW~YWT`>(S zs7428zRo&XWLW4|%iD9#0B3-TXZk=k!qmmGFFc;@kEUb9T%kH1WwdI@TDi^W3$+%# zYFJLJ3;{9FhGQk4%=1+9|I5h#-rwFo*t7D#@9(bo|7ARq|8M86FNGOKIEV2!%>SNF zgIRLFm!aHpn76guNW+{?0}pugXgEQc2fTQIJ>ZQJoL~C+$O9hw^frkmGz&V0K?ZXV zcma(KHTF{vcp;pk0GeshYZ9R6dfsLG__{3U(If$SRq(ca=Je;YX33|7m@`FwX-D13 z!pRJ7ElK`oD<$gx$KKm6H*zD3g7-I{0$Zbwk$NTSTRNfZ_Pw%Nwl&)=DJ0n*pScqr zunHvME*8oFD7D7!jd_iYIOpZ&NjC6R1)xwLq$qZ`%?gKGtO62=L?SbhNF=^LyIas4 zypQ=un|t>$pJnd(sLnd6mdP$^E`qZZ;t9Aj`tqZ4&I06ri~g5=mR&A-Ji8^(qW=$f zeEq+-dwjIN(*MhNbijdfz0|Py0=$4BMhbWW8>G~NJb-FSP8mwXpA=;YQa++o+>;HTayJ% z!1_D%$U?9x$y{BIv0|kfVysMWGZOAFAk_JAnx<76)P%NqKB=HTGp~&<>)eypz6mUw zhN<}Gw;+gqi~os25~1Q>F=c%q>ZqaQbN{o~O6?vv@VAi-`>V}}%p{F)XOnY>T?z*% zRiaH4(m%`dt8(ht)>+%pgklCNA>Xv`q#BD163%f1(VTjHVvUM@9^oi_c+!MMWEtUd z{+FGz-z}$yR*R8?Q>Cxgx6U1wKUt3Alg_w5d3&&<-1K_qHz&EWAM6hRRs_aLC!s%Y z2-i zZK>L`AQk_+a=QCdAha-Yy^W_+PJlCDKm#Zli37E#FeFrtAFyXFq)1*t;a*4~BL(Ee z6wZap74$UTnYZR`?zyHG)xo&)^zlbAyQK+gX0p|%ZSs&I%EmaC-JL*=h0*kAI;D)x zqIu1Z(G1<#ehE&K1TZo|YDQ8tf;7R|2t14-2QXGfyQ1}w&`I@FlI8KxGC?^yS|;MW zHdxOgzDx(BJANWprTVn_U&x^6nfB2brIS7zZ;uIi7oC8dqAi>;4#f&u{Fvq=3KQfP z-FiTHH0IF>i1wq(#{{K_qb+sCc60*dOE!&TDd#o^XhXigVLN{}BpX(*MN3;i|(+^_73CgH-YKQ>rd_;pjatjdME9PT3{NZV2Hg%8%xL`;H-c0(Od*G0for zr}AQ?6Kj$smRa607&r!a|fe1pPqodot>SD^>TtHL=bQ98(h$n3|v6>C_~Hvr8pVAN3ji` zOeQd^^ecwkd$Y|a`SuvWl#d@v;v$&fCA1?Md73|KE0wxiV0(bGZ8o;vY?;;|9WlG; zZ&m{+9upAV3Y=wpsIOaoCWC&zAK9HD(|GJ6Re^Wv$n2ONl`qsUWgmMfK{eOb&eV1szoP%fyF zis~aurnzJFc*3NglcYan-^g-JNREOfoMv7%m2Aed3z?|EoZ)-l^0I)u0@2o57)njs z+bx@GVwqg*yfKjF5hF43W zCrVN9;e&G6SXfu;gWrDBxPL8ms4zY%7*CmaBVhy(Rn=_*!XXzb=WlDO4}YJbMoVvN zKt(f*^i?4-TEqAv<`V(4QV~2ICZLL7+&p^^L?)O?1s!6#NFnQb6*a=#1Zs2yEq{ zw{=`t(o^xELLxv%Yf~oJABA%+P|4ar_Dc5_{eXr8m2KWsO zDVh8TC#iP`K|nJ-e!`ldTn>1vIWtEe2z{3ln1IMzFGMyDpNY@B!T&4w$906olU%?p z{@=a*!+qcXdvvgh|5?i8#Q(^%aeBY|2gBt$dZwcX*k+n?u5Z5tXJWCB%x0&XiYKRp zlUSMZ(U|kx4W$_qCf%RW?%r{Kr@zzRbw1~Ws?P@p`_6|cO)ICB)^d`ZUA(?g@Q(NT zyGH`#_U@5WirvR6DNQV(JhoQ?uv;l)`Ml*@z;hWR6^mt@6J{ZvqLp?Fa_HmY0s%i%XJB^$KuuD>Em6 ze%&#n)}fXo8ysh6q^}K|y0{l;2fuH>1YaW_j}=%qi&Yi+tA@R4IXjD-k%V&AFEaJ$ zL1g!_j?D5&S%z$gLT2p!VjB$|dj&>9hx&jeB2FKiz6&xVP2lNdfT-8^T!D6)k}&Hc z%nN#&`58zI=1$C3nrcWTHP@P^v8IEuB@7x~qmGP`G?45nrfex$9D?|vLN+822qn_r zYxZnR^hSc-SE~qA81V1fwkMS=(joLoNHD2$#E6;0x~6|JM`j1vnFo+efOG1K;? zWlMJoe;Izi^}?R=btnY3S^OZo5Y=YxS%5-;S8JO1g27-qCgh!9n3Rxr(;P(iyAg=g zW$SO{!GIE_sH_pyg=krknC6^zMu62+HIh%BIIZI3c1}+Wn5LjO?ZX25Ork35+MlSp zW4ER-__hFp8L!Y;yIT$E)>W&0%+bV-T@!VK(Vn8XiE>_-qECW~63AgxTjMR_FjUJ# zyaj6(>F!LEE~u(6Q78kPazw2`+j?2=QnJDIGoLG+vNFRS8shghCv8RDU<8Kem0Yr( z=DA>U=gV4!gQ_#4{e9?d{T}I*A(dAFQ^og^og6qpBv0x|MhY>svsQ1#50?3am(ES$l!$uUtb5 z*Xr5E64Za}v_NVGL?~F7Sy?4SQ&pp|p~V-SK0RHxGYchdo)8RCfjq;$N$JT-2LS2II0DdvBQaYB8t#;-94SiN?1 z!3L(CJ4VH}#n(7XfJ~0V3BZ#)MH7^9AhAghM{#-VwT|fvl;bXhw+r=8udlzmdE-+< zaZjfj0jEGib7u6~2eq-k?+Z6ET+YVDG=>JoPbBvPb{6n(9=a9cgy{ir0=43%{^ zqO!xExaa-TcpCiw+M)4Nj3^gE5%TBB|F^q)xa*()UB!Pd>9PF((xjJ55|buRJCe^3 z<+E-BAjwFNj;+*bw?kD9Ztr9^RBRMDDY zcW_u9QpCg>*mvRAAnG*c;p-&Ymo=>P`fD~({my6{URkGVJ0V}B!BX`dwNdAit%s$H^ zfd|CDc#k^Be^FhCRRy>r{{x_X|qX3n2NTV@JRphG)38km9qFWpAPbWf;h$TGs^#? zor9J9|42_4`L7vZM)_~pCM5q2L~9*jUIm2z+p=_{=(nJ*+2Cx!Z?Nhr_)Xj93~vDJ z0;IoL-3IuUPz3lGW-{rkX%$j+Jp(LqYxTk1 z7&8?F!vUM-IiVaS{rXE3oqgdNoixWrZ-bUnJFx31%6u|!fZbXx>1Z@FEWgQsjIS-7 z)`Z%ptK&Mz|9sZ_{{5##{_h`r%8m1Nf`Z(fMJPe*5NBTx$w}2!38}`l3aSKDbdrV+B)hho zlH*bZFe(9W&@+*_n%*a1{RP{I3hFkb^X{ho3Zm5_X)8VzsnVqNByHzcc?B_C)mPHR zReS&|?iNHbB&t`21xwcFBl#rsq8x+HT2YNytxl|_g%zU^9PRK(I2RC01~9h`SI5HK zOB`m>*+}>4>g`269rQmX(|LFP)zj+#tFHfc_E!3TDNmR6pJad;SAU9WLONM~@jQR3 zg@D?%3O6qO6abY4SJm(pu0p7*#x+o$$=g?=>$TV9=~I<#Kc7S7kLTqx$gg~SpWo9# z{u`U-x%_{7yN6Z(-~Q1`{x9RHJ^#&|HQCHdve05oebb9A^CKYiZ>@rjQlFKlnb#bE zz&XmHQ0glBi`Mme%QUiJ6=37;w_LaMF?AYOKi&{L-RD0#60!gcOl1NTd6WVsfK#&31}N|pinOfeTLI=v zXEUG#rR{(pY;+fB2sj<6G+t*46tx;{fgillc)BrAV)nbS28u3qHU~-~%x4c&hqu8X zC`S4jEP~aF{Ez-L=zoevSRN!TQ<=gWsGg#A&xN(fSl1ii=1NvXB{68wNbLgd#6n8~bX zQgV_E=%n>*Q^-gM-~&!m08@Dec_0iO#8Bqt>XL_RZ;+6_sDHsOG@hPTAo;n#Ng5|D z*`W%m+#`yIkKsEnbDegpFOOjNtNT?&nwhdUk}7Od^_vs9d5^Ox3S^x@zgQ?ooK8_y zBfI-;SEdztt%4Y{lp>fsnt?+}ADl^xAbk|HEM5bW#f?3wS5W2Ps#Jm7-{lG9D$z)h z)W*yI<=&#HNDHFk;s-DNedtk%Xn+|O9&Z^6Z>b9)0dRWL0?q?&gS$tR$y*=|xbM{q zC*i{OOL^}^-^WA2+mhFr%HIwzxO1ZdK(|}~Fu(OSk2QD>Kz~30Eb|em3}N!RpaHo@ z*7Y?-CArHj=iC4R^gf4KqAp#HsG480V_WhRxB8RETWU1iK@Ob!F3^aII&0n)sw+1{ zr>8;xGfwi;G=1vrU#9F6HUq(pPLyd%3Z*o)CpA>s__|>Re8$ zla6TE?k1yz;asU2Sh=W_pJAxYnOXXn-ExxWRUbgL;Vw%kS?jZvF%9!ySu9Vs{@e3E z@9z8gA9nT+R{p=GJTut;iXS{t5Ly7Jf)!7ja~qy*{R=xCa(NS;zMow}!1iUx+U`~r z-eBh3hv&BplLT{2GMHW!O>EgYbc(~c?v>@1b57ahZlVfvQrR)C0}e&Ijmp)~%|4n^ zU;^d&ZAH!7u%v}sP0Sa z>c=bx$vQMM3)}ifcsj7HsWLa)hTH5;u$+FigGF|J6FeZm#$=i% zU<~gO_{;6prMDapZb=j@Sa?soR@6N!e_sI(D2G(}FeIkt zfI$r7u(PKWY@&n!`vb*FC~MAhd_KmjqfzkjZ*Vb9U=Fq{46<4$#@cY2rqXRu_*vEr z%QxK#TJ>QR>{9@eDJ%_(_;2 z-3|)lib~Z)ESOLxPj(Tn`i^~wYsT@~1%h!G2lb|w)Ji-R8zmDc-l|=X$Oxl;zaL6O zk4#vDHA_2@y`*tT_W}cbg3x7GxrZPc>w{Zq#>h+HP{zRnCE2LoeFRkJO*e}j511uj z0_nT5Nyx%hL@9s*rd&ufRqIO`Rj3^;VzTC)fvA{Eku~NfnSD9ann0A>2l}s#u0ASn z)m^<)z@Cf+fda;~%*DP5*5XN{5Q)Tp8~TcXz)E5gn&@h11N$%DHlWnSRGn9eLYmf{ zqNcIt$yql&gSCSbvu0{`nURitTRSI9`c+1#e%gL5=Rh(Q_OGyWtfBYhAPdXEnwePi z_ib?2c^4?OOuQ$~t;+n0C$r70rr9;aQn}Sp?2lc+G0p-=5^&RSIOa^rA;^?r@B72F zrOt`4)9tpkZ53{$SY;IrF_{xz`P`IY=C`B~|E)}*zuIN{9Xvt*{{tF~33<2u6HN5o zmN)1gqX)fXJ!>kUw*9|@JwN_u?{If-<^NyC)3_Mae9*6917}@WQ%0@?>%O%tD?fbb z)zmz3BWdg4OYmFZ*Ixn8Q_wG4SxGMQG|&Gy#VF&-wtK$(U;F!&{EvIPtNs6_Je}sh z%?55ZU+aUMy3ULC>1`K3vE3pz-^K8&X_ln=QgHL@#7yg&!bOw6fnTPCqw1WmX>LkW zRd!0#nnpyCx#625Q?i6fsUj^cVXfA*Xb$zM^?@VCR6S|scBrg8IzEIlq9Rx^SC@~= zqT=t9fJk-75H^pSS|F4cEfC5>EzIQQ{MhsAb9tKOKb@xN35g%|(*rg?oU>hn|DP|NQ6u9V-O(h5b4Olgd28Yw={)kalCDQFts}(19uGNvQY%0$&{-LUF#L=#ye zXQPAcnkQMp{c3hYcJFEp9KZK75WwkT3pGlgryShbI#*$Sxs?-1aMc~rg_Ag8ir5V z3P~x$2855FGM099g_RS_>68~iP}g5G`i`@#EoL(`@-~3Qk9-XU>ieL4c2Dhyg!25o zdBSY9T?yU$C~GZge%9FzP7i!ee_|JAv>O~{Sr`#6g55Ms;hkw3pCZ+Y>oS=`lbE{C z!J;(+$45S(G-p8n`Rssh9k6^!v*TY@{#fXjUaHx#FX}E4`8DbEvKM=2>WoYTq9Rr} zi9qzS5(rvxqg6uD)N5_)_Wh-1g@WbkQB~Bqg+jSHC=F4!K^o1xl5|CqwX8H)sy`N@ zQ(Oy5baqP7HA!(?NsyeYw@pNrdq)*YGIGv2K!xUw_``|b*=NTQVUrQMq58-(S z$D|rZzi9uH?YP>oEC7VFdlE}U5gff%3jNJE!Tt_pLjfAei)Fs3HuWXI%&b2aW6ODc zw)}J5d+hORQ^h(?mPG@ce2MO*Hn|vHB9x${J0Cj`=i%cZ^`D=eJ-inqYZy+@`EZD0 zUO9k?V}r29hh#$ji+`@N*Yxpbnzav+Zqf!h&j4A~m!qm}baf}@5i>;sOXHx7 zIG!Lf<+ms%S;9gDES6h1lVZtQaJiM|Af!C$p=1hphaSNfF2v;6$2j+R2_y3DgdQt>fOZ?Z~ z!NIP-|G#&*yW0O>#?xj0-`VuHHWtnI4$)s*UT|x8_pSibw2GI7oL9BMqSbJt`c++rH-p z_ziH1C*U`b;VeNJ2YWLi>&Cp-W9XI(?%h2Z7af0DkAyDZ??W^;>yCc0Lv)K&J{~p9 zmDgp2q2RG~PJV=wv;oY99SayjqlqPz9pPf+zH33pE!-KGKae>Q*8e)?{Ps^VCE3qp zaGRs}+0Os$@9iE|&i}0P|1Iay*>Fhq7cu~1n60au&tRIW8=eh&ob-PEwMkx?>n1F= zX%buII>A{qs8xV2bs|$1iyt!K1A5O*-eQ&RrB~Jy!hpqNluT2ks+nJ69V0pkhJ;Qa z-vkUHFy=gGC)?X7>p$RkI7bPFeL_du;@7q)-tPg?XgsA9W$~lY+NWts9yY<(gbr}B z2?zx@C{JOG`rx(7gCY|@$zpwNtf1sCWWc_~j1&6!22U_o7-rMS08!B;RSFDohS?Y; z;Ab+BU?}1cXD;Yn0hUeU7%?`Srfs0hlHI`XOYj_0jIcG zbyt}ULqdz1a+H211F>Mm90)y)STQDvv@X;=;MpUf2r}Z~k>Rwjt&o3`OpmGgrBjO7 znumcmKIzHEzZJm$TAKeLNQXaG!l^N=Aj2JT+D*GE4$P%`#ga4MJ=HF5@_9=^C5=IS>TR#b`+L! z%oPB`03SZ|ekOyvLZ$=2auk=QR0je76yg3G(5BY`_+!~xpW@SE|0NJjNX8I`-75~dcm8F~ODL##iGIpR@r z(FTd>fNznQ_m(QXA!&-UkxH5=HENjBp0WxR@)h4y!n`$97DnHrK2cbrXd6St)_n+P z57P}79s8SQAxRU9&~k^ewoWvG@4w67J;W&-qym1oI=53gLea*C_6OSEPu%UDnNctY zEZx`Dp|FAU-NK-D=VdmuR4*-rptol6Pn-Tnc}gB9D0_+l(5C;7 z4}Jg7?#|9C|I<<)rT>djUZ4TsaL&>#0IAuTul3FQ{!*-jlB&xv6Fho7Att1iqz$1_e0;#F+hM$GpXSN zn>jh8Fila4*+expf$#BTIterx0xlp!E;mv}_#S0)mn6^(j5)qX75B0jFg(OMQ*|;` zN5SlU9g0$Uos@ti%196N9hNtd>iY=DKcikSaT za1YZdDlRzB3B$6!jxp_ni=n(cLv0CdmitN!Wau8z5?TV1slri3uE^~pp6ZUC4mqM< z>p?mJcXw|>A3!RYNRcANLnODU$Php|Ph@w;kd=dt-lKRb>9wv8RG%rnL4Z(s6%9%@ z`s%tHEb5^&5vVi7H|vlCaHxVyk!)1A#WwX7$|%JnEVPmi$DMLAfgHzBaAAT(+esh% zFh*Gc0t@~ZY_C6W%H-0bfAM3SA~2dl3Nwxn1M8?i>WemEivNiy+bC{88Iz1q0lLze zX{NfPTYDhcpLqjnA!3Nm{1Z`9LK&c#Oi-n}8VbOZ2}&^JD1FrQ!n`0=AKW<&z%(Dj ztrXp(RGLSasSAR1m%!jrCSyeAHac~oj6~(`?u|P*Lj?JhB3DGbB?&q)L$80!jTJSq z#^eE9lf;%OKwdRKVf;>#go7AnqJRImB-urlp!X>G2UyoO;D%tPf0)-ZEe)P)Gt-h; z9j$t+hG*E@uw2{T{_>3Gy^BD=!gn={XRp~GExY|tZD6`AQrW$9IL2B>m242XaH<=E zHdmDpGAvV>I=V$vwEOzuL$6jqdX3b{Dr;wSZ^sYfwCV?ykIeEM)=J@M!bJfpOWFogrtW8> zC`+^fbxo3))TQh|cP&`2Nk4q(=>#mNaZIL}JO?AiT0I%XgsWDXYcVARtFXQVkXr}j z9eIbc4u~{WpBE)M&4fXHmO{ol(!;MZZ_}1qYOoeWi+BP@=z5w8eMb?WGt7lkJdq81 z;H)&Qpznkt`!>gzFn)=+V9gG6vP#cOA_3z1;&sQyt}kBC+YlQ=imoXUi|0!xe|gK? z2-TYx31#DJ=6-{-cdP>j)kN=A>jIYlrzBN^iq;*8J7 z%og6YfS;igLI$0t7_#QmF>CPW zbd4w`i88$JJmLH&@O7+=I|jyPZ5)y4wTh&1810@IbCtzbnT8)Ye`+|!qE35 zolc%E6*U;ckrg&x`DH%$r^WxnIOJ$JO`jA2-gf?P=b#e*wR^bo|19N^&YoL6$_tGE z_gLqT7y)LHU>PA`6^eg4vEr*hutf%fDc?h}X0_|fgc_elK>gM;$BgBWax5<;`CSK% zmEA0_;L~qfkSWToqUu*q&C_iEl^6dMsUW_e{Yt2|`2XEQ|NP(n(atLVZz+$H|Dhb) zMP`Bc-num&Z zfD!P3fR^Pda#99diq#BJGkunW|Fh2Ll_l{BKi&0zaSnNA3!qK^@A&y2_YQVB*H ze7^tx(Lw+3?eBQ{fA4sAmH%fcPjUW#!HR$7_wR5jccDIir^}wh-}zSY_E%~)`Rkp+ z<|<5cO4UBH+M?U4&U+iOZwzRlo1koOqW$_m^h>2fWmhUY^}b8r=9#jv?b)yI zA~XGCi0k_f{r;C{;!WrO?jzN3qi*B*={7vA8Vkj<%`RJ69Ls;Y>wg_xHpd1)>-zt2 zzq0<{U+Mp)JeBy*1=|5uOyVEL15nfFPu2ynyj=jB(N;cyPCkG-lC7Kot7idEcl~c( z&h7+g)Bgv12Y&qD@zHAke<_bt??33F1z$mi<3*bQImHu5A8l2*CI!kYIXS8@>;R~X z409~Am6^yUE2?R24B54+FXXp>vyS+DF3u18v@8ZqQD?y!=^ABA+VOg3EBi} zMG2wQ^_@7yJ4-tVjE5yW%yhP~0(7aJ3JRDK-hxkFU2iM%(q|kw$|JJ2lq0$3i;CE@ z_FKyfG~`YBs?pZ_g^Qls7YsknqFn;qalL-+m_AI?$XQ#3Edx~;XP8Hz-?==@^YpQ(@JF4j&+ydGe?jrZ zNPw34e{gv0&;O&H-JR9^U&bTn{~H1mVXmZrsT3BhcX=8)i70lQ_RljmrB>QukRz%u2xq`bUIK-Q zCUNylkmj?&0P$qa|;it)EFUuPTLNg2yp(hXHlOVa|P91n2}Ihv^r7Q+--l{+-0^5f0ciq6p2 z3j1OLM+jU`(^NOZW@@LB60k#O z;3DIQ4q-eS6Cho^sNJDSW6#gjkg@i=56oNx(gFPS_p=Q|e&1yra5kcd&B(K=P6z1U zK#m^ZBRIXj05@bh<4mWbMwe#3B^3Wt2;o%boIRa#BBcbKtzY9Dc4$ne!jz}_9%q7| z*)=<~l#}E&W^^hq#{O!WjAoQ!f%+X=x*En6@4@yeOnS;`rT|Oc`20!zHjzZ8MV61+*%_)U|hmMwoF#!BsBWBy^Tmia9}auAM z_j%R@vkY-ICWOySI#Y30!kK!F$ek*kkw6XykRk8@F}IyYoTwCiowzAMIqM4u5m*DC zsP)%i|4B8t6#wte!Jcpb9qsI{&VMfDX|w9IHPpIKqb;)>Q6>a+7Na+qb=%_6RTHEx zRG6(6GxspeR!w_GoNAxs{Cw`GGXJ%8xc!s0qJE+nXp8^a-8-z@|9Y^B|60mpc}3KX zm)5ZB*k@L%=D}m?~I6)g=J=6Va&2K9^RK&upZB*m9)_xM$3Y_d7Ms|adZmi3Rq&lRl?H0s(1xys# zi~Fq?_mTCf1GH|asGXxbE%|0aCW_OkSdC!DrigAC;hA(NN^peY6f)*c7%OMCyhKg& ze}P(LmA;VJ=&$|C2M~>k)aB~C`~f1D2MI$HzdOFKTsH>tDNC^d6Xln7oIoX6lA>5#vXj|5dbm^L7 zzQs8moXHrBNL4ddKtN%lBF@+;>1zTTuW-<`M9&JCmiMvixS4n85&TU<{yV@K_(Hbz zLY*cShz}5uc|)}#stb}1Y9`%(({;uv&PGw$HP5aod(88+{JB<*u~s*k=PAIvxX~K| z1%Fco$bbPMsc-j~BiaUZ#OV}Oqnd3@O!TrxavzXnkVZ%@3$;+sG54~3WLt!qPrVYC za~r-cEXz(S+l|F zR*#wu&Ew}f{w;xl=t_z^1+cKWl>D-q+Hi^AXv2wlsf|SA{%h$-KPMy=RvLfIQ3N9T z5P@I{0;>v)W0doos~HhfEmgQlPL+i~>efNxcW_?3)x{e<|97bylEF1(azaLt?J!!u>?w$FKH)BCr8|1B0W31jS8E z;X`(YSHrSyD_Iw6JULDCF}$2kz|kJqs2@5Fn{lbb*DWHK8=fcI+b`}?YF72t^wl!| zUaJ5{!KjgniXjsS3@MrX2q$SpMB6yjdsX_53!R=<>NX>kj(sX8$(6m&8 zj3<$rm64nak(m>b;k?LV!brbRKg5tniW^#pRv`Hlnn|?lX;y8chGaqQ6;qTjTVk#k z3{f`=n&6aV?Ow;FfA@N!f$Cn{9?|Z#tf2=1FI-uELNd&WSPS@LUt3VGuC7V)R=oq2 z(~@h-R?tz10?#(y*F_5>L$km7sV|ytlZYD?+2Es9WoLt8m7o0<9By{|SLwe;yQ-mB zN2;5vXCW5pLaYjAGf|6lrIt?yOA6G!YOph%AD^8Uw88&p0%M=-1Z+G1wX*i1^{rdV|Any1izyuBkD9w*(fb@`$yEWlO1MD2OTSVemxhh( ztID2jmF6}3xZ5wmHKId8C!kD}q}(*Xm8%Sl;k_7x34AZNKR}AI5g&`;*gM>>?D%(* zarf1HdRpXJ-HTL1k!Yqu_4;OtIUZ=FF=<~H=o7@DSkKP@97HiprKwqptZ1V$9Jffh z&LoLjS-mtb?S`r}to0n*)hbT+$~+W$RC+Uo&{RqHtqg>{D<5S5EHEy$)!L|J&Q!^YXv#9PX|5|CjQpp!~`i?}aS{0_VSHS`Y;4SM7N$ zQMQbDd8qi@uiD`dgHTUZ#&6S8vi*%vS}862FUbRVK*|U(SsfC9O#^HbP<0r#)Cc8u zkKNHMLGL%kzotu8r}6trkC{@IQ>sp;xhopi(v#gP2~=k|mMz090r`{*+Zt!Uy*_q` zM{X*+8l|amvNAe8iKkKj%WOMOj{$5u|8sb} zRFY1b@CDcg=$Al% zh$?=N4UmjkU*l_hFYQkC)V{=6^EG2 zF~dn!5_N1tpD73mjJ6FzSqbE#O*TuLpTS0r@{VHDN+`21h~ciJ3Knt z^ZkE^hpYVWOL;2ie=pRqFXRYtk$-p@c|UYxU5^y&;*N=@U-{kxGZSh&2>P?-MeqT+ z1s9kN#A$l&gdnDWU2}rC9iBfeNImw|)@|BVkCNJ7yMb-@ngn|3wKTKGrI-&c@L4=B zC5UPWo#YF@|2$=21FVApzvu(1Iz5Pwg}3F*Q;WkxjZ}t=rv z1a}k-22z<+L;9YWQKf>Q%TlH*8{vd2O{f-GSIR;v^-8tZCSp{NV_BiNNkNWeaTsEh zk^xNn_`OU?d!|#-I%d1S?yP2alC4ce!*UNgCK=;&D&7aIVbCFVpw$4zNd&AeRj{39 z>8b~2qtbfYK7SkM%)i^;6}o>t#+-}M_J*DqZfQ-PFl${?ltWrw5(0n0I;3Rs7e=xs zg;b%+2=SR0t|9u&wm1cK3sidoh5FjKJgwwHt82}PU!AMPrp0MX)ush1m}8OJ%%KZd zsDjpz?eH60<`za?VL1jis|!J7jN~owg{k*~eF-pAn?>?=%fA^&f0rUQhM7JnQ6}5< zV&Ol=HcI{a&z$jl_VwT1&cRV-{kOl$|GJdtS=WEXB_Q=1z`97+RhxC7*FO^Kui6a% z)~wp}XKU4F1Db0!=75}gHCCLh?YJ6qJMvtc#l=v%?FA01IKt8 zRD)g5U-Z~#tU_(-?7(xi>(>po?E>6>3GS|5U!8!{BvID^$B-w`1oMu|6R&ciT`qj zeK9d$-gRpA#(-0>n?c~BYncV^2j4hwnY+eBa0*$5LKXC^;bLw_n*zrIICKsn3*rA< z_JPw@6l{AIH>bxkt5CD&dg|qW;8MalwLpvfKiD}w@Z*1Xj#u)3DUTFcIZ2XYs0VVW z7j^(Jc(>(DQD8v`&jB(T&E+2nmL~&Sp9HXQgi_}OAp-8~sX_8&&@Cy5Rj_@*;`_C( zNdn4V0@KZ|sX;;_W0jrwbIlPFk_t1$C+5jul_#XrUexpLLp|r#P*7TQ%*xS)xt17q z*F>a{RGWofm@}0wuS)fDUMp$!pge%!e^bb3|FcXrut)xzK8rwAGJ|4Nw_&ieLg#0+Rtu zVHP6_F0L6E5(yq9ydqZIIl?D|Btl|gE$JM&2RqNu~t7fy-E5OOE zTwdvmH{C*>^=vy;(Ih8S3^n6~!V!{vl&mNXI+>7$P#)j}HOAM5YXhujy5p5`vG^MC zc&yrRFO_$tkH=B6e9c^!&AsYYCAfZf;k0ZmYetgbtqo?A>HR*|_OU;Y?O$nA;^=fQz!jWOq&Z+Z85qq~6;-d?Hf!h`K(>+fOqh2!?z<=h z&YKvpS}eqars)~juo{#eM6b$>brqZVv4qwn8f&7@n;5B)W}21!czzG3IzE!pNr?1v zU~8C4P}gre6vFJ43HaqKiMp;YY4IzmXyKg=FGIR5P-U4Q%_?2}Mz6&ss|qGoNxf7b zP{!$FPO!N!-y=7t5DoFW@*W()qdeYXkIYHUVw1p(MRBdZ1`>*3Z78n1A32PDH%$X- zvjeO8bL!uP##htvOsvPvT~zgb42N%b>z<$dENVw46ck&T!c8rS|6Tb$~i^_@-r~tPZTkz}y8ZZ=3DT*rhjT9ELHjr7Et*bM;XrSsvv_1x?7_J(g zz*?|ZNEPC<;?}21adr8Vjg~K59M$;*K)*I#tq^(_Di&1e>!lf~UR45uw_k$OJWn5i zS#Z_pN%Og1jD5fpZ1F`)g<2MO+NwxwSE4r*>;}JL;dtgyeZdAJ9A=nfhHBRn5>|Ch z*nMi%^{WK_A3L33cLH66>)jxwnZd&tWdQ#b4Dox!z+gIJAf}Lw1($vE-31_-+QAB1 zdfP93v5=CE+&Y8K1gJl{$hR8z6Y#K@WAn*z~2ceX*Qd*_&el zpF?q8=)0RY!RZxV{)nZ%b&ijnY;V6{Coh;(WksLWbWk9aSD~8`8iXDO9RwQW744lb zlXXbB7hZ9|)b%=;W+P`n?Ypu>t;me3z$((nMN=xOi7thZD(D|fA`;$oD=5Qbg{-n5 z^rdbUYL+R%ivAS)*K$)cl%K=iZ?WI&12-0ts-0SVR{ce9vDM}uX>F);X8nTdvw-is zp;wM+Yi9j&?QOG#dS4^1Gvga&DjPIX$h*b z@!w+IsAi+=@5)Yy9d zcs@iKW*lX1)_nVQC0@${Qd?;&o@M@G(c$W?LbthcHbCFn;%1 zZxPzPzkAFZvcQdGq<%VI0FzC|fML=(I%T02P&lNi#554dbd{x#K(eizGI$6uXTUIq zShGpOlOc#CQ`a08M8D|o{*Z0xgM?0$8fF}4qq7v^Nx&?dKc23|)_x|#Ib@QB;=@9@ zC*}+aYpmFO*nRP4tQ_~bbMQ5WdCnE5Rj>c)04~S?Xw&~k`@6pWKR#aF|Fe`wo&Wyo z^lVWXUj^IDXaJ}xi?;w|ZW0w7Qi>+I>19N=Xqolx(`EI|$@!o+DZjTQU4zLXs@S%M z{9Q3JB;aM_ixmyE1!TKP$sFC~t0oh8Qw@Bwqo!w!@czRDPm4L%F;-f#&Bx72dNBkl zTi6dcLGt8BLJ*TIAuW_m02!N3koKB{4>PWZV)u0tG66Sg%yUpzsqr*KZ$3TVrp1-S z`aJ|!H|T#d<@4Y9XFsjyzjyrmzmN9zR`>rb<*DR#@knAs#ft=)@)f3;UjCa)A zs^RHViJPrZ`T zYnH>?rn+-AQb-R?Gvy4nktkaCS2>Qq_tU&g=`(!l<$om;-`uL8MgH&a9QxpQSvOQeT|uH_u&fY-v}#vC7?UEO4b;=X^f8^6V*nm~&HH zb5&w3s7sa|{N z+;!My!LM%VTb%LUWdG@;0MDKO|6q5wV*eek_J5Z1=t-sy@GmF?M03u}2B5C>F#_z4;=~0NgZkmlKpPZ{)D(a)+Q!Zt2zQ^ZJmk638$phJ^s^b|DUSq@RVghTm1Lo-mbs@zjLs%|CjPO_P-wM1+N1%)cKYJMdgpUDljUc zYoxe0bLLtln4zdH7R;BrHG^q(iAx9Fmh#BC_IAo4$JyuyHRLJ}$doFDxTsxW%}+C$0Y$Cn-xr=V zQNhx~8l^e6iyK>+eG|C}T(_;|E)ZtlaQ?v%sq2oj5jU$X=g)P^xskJHGAo-Pt+uCs z$A+sO@Qwy+quTmJFOxB1ZXuq`EwCozXHT@)@-u+AH~-FIR4YlN(!v{zg&3_&h6d}q ztf$8*w#VryNkD9AsBkobV>S$%#LbiNtGj6V6Iwqs*#CsSO9@P#z5r;m|M!pfeEa`+ zca{HXDUTEjKj@)el;h8^&aAe6QSDG`ESe+#&ncx}7i)A0l z%2VW`(lu*#GKAq3xe=h8J@9t3&>mo&Ehv{?~)m{f|p|l>Z;mk;(0%ZTyI+uUV<#){KxL0pZ{g|=x}F$CI6T4NQta{7gFp$nw5oIxann+ zTn)t};}Bk*Dg%+EsQ7)4C>ON)@$~H*(XqeWUR_2uyi({ZuU1xQZB76i zlLzxt-YY1Su!61oU3$1o0DOYvs68O?K&EK|9$?1RDwR_ha|;B?(#K6On999RI2CIG zUXFUvmy>9-SO;8iFhZPx98xh-kf}>8pbV-PoFYbigx-S*D+T{QK-k~4=ySsn9lK;zi+C*E) z0FH3ei*@P64mi7U@_rMnsk%F5Dd!jADn@5@RdFp5f1+Lg8e-TjQmD0 zQf0MrS-{gG|MeBGPg4M`{-52QO8&=#RsP4NJnepzf&pe%0J?I$2C$&F3Uys}OK|24 zqTRva*=4(KZ8o`XDm_`I7Z;u@dG3;bB{Ek}^=Xm+mX$ES4rsUkk3IRnySIw}U(VAe z|2+nnT?beI>h*xvioYDlPyo)1YXV(=R`pSB_7A%}sE%ZpHG+Mmnpq&okt-GmY%HBl zb;|?kbE>9;U#YW&JZkPrLj-+V}7OI6gXF<^NpD(<=Wp12hYM{hr;&rHt>F zzbxIbHik?GVqO!<{o_)W`p9*V*QWZ@QXU0hi5>H`g;l)f{E}CwHt5j9HGCwe)7`|? zu3aeY*x0j*E-Z-Rsy0HydQG>pu~CUEMZXkZD|d64uuQM_4VuX6MO55lG6Su8p3W_Y zCJ@hA(!f@?L2$mREjd!sj8!twSbeILbyaGxy-;<{qb1fhwLboaL5uv?N2j0F|FgGy zT=DgBsN0o%oUqiENG zxMLK*6Of}KpVAmI06}3Qb&DXc=+#R2qakfnbRn|3)5RBFA+}OBU1(iZIeM%djl=Ha zpu$m2)#w}bv4gs4QZ=?%e!8Y9nIxoWOwVW5Gyckq)g(M?Sj-hn)~MI=%KC5b=x7!HyOifo;2Ls{XeNV)6bFEZ zG0MPTiqk|$^&H0U;0UpP?@ubqi%oN7)Uq*3Q!q-&Kn3r}6bKZhkmGv&QldzdA? zKY)*4OBxw6{ zkZ*eazqvR&zq~zvo;I52|L*SLo`3##_i%sZ|6j`U)s*23F$QkQlu8e6j53D6ZhyDe zyM`1_5J!~tdg=qAC%}I0#t7WeDUy+R3|y-ju?aB$GXq4PC02oce^ya;6c47HP^Q75 zM4ml9sR0+A>2n3&qI3e}%id{{U?D(Y3ch0qd_!TzPr#34Dg*td4Czw`8vFyH?*Ps~ zPDwJ2Ma4}38AwSs>Ve<`8NeK1CWH%$dHM*LBu%2DR&4}xO73xjk{VECIK(lADWE7P z40A#sH$e|x3Xn80@kWGv253mqlspK{5JQF-fD~+Qv=Aj`XK{|;z_!3w(=17)no-uUz>ZLmV3w!w(FArnTv106%*X3E z+W;^le2l2!Ada#`@BpE}#kZEUCioWSIix7#8VDdmFoZEqvC29jy1Pwi4V0Xc36aIz zR@H^fm?j{Hlw-sI&T2s1W0ERXkwo?56RgSWrhG7T=z9kRn9??x%)sbB)5*^*6jH@W<0Rj`4AOP+UzxV|Zd$Mk`t_go(Fr+75xU_IUddpo0 zChXJ%Go_G_v`&@e%}BQ8O*MUz%^CK-5QT+Ol+s&PhZzWIs7)0%z9~%F3FdM_r+6ZS zTF-5*-|L+ZhbWfQMW2_qW@*8{Lo%g&3}BYwdqf$eMf!&!ri_DpI!JMxKK2Se1Vw+f zEP#OJC>ELo2oQyY@Ht%ZuVBqy!L<)#9FN7604fEVY}B3}!EvIBCndn1y#7-RuW8j4 zHJim5L|se5G1EjW5-1!|n2&oZB42>Q8RUY37emn;tsOo4P|GAwA4_4auc4P>sTWVF z5ZvjbXcNg%k>?i>izyydXY8iz!vUU0GsL)M8uV6YV~NQH_Y=CBi3U`j3h_tqe{mD z<8d=P8n&=zg`9u)kUsXhfuKmLmqch$GX(u!??*${Or!!(|%619@ z3MpXdCqz(?Kz*QC6HpW*LCY#`IJ05)3Yaosi8et?&Ht$8oSH|1GBL@N_+ippHzYzz zXg=-Pw3m4(+*ty-99zLC*<=0W!CAnjFrcM6gi}t04G;^B*ehnHYR(n{Ze3#r=y@mm z1Je{pL#(Gql!fK7&=D4>VuDMlAxRFiN3A5}8KFm8+fk5`5dmaaigaPi*mIJBbz|-; zQaxI04%h+=GGWnD!~{QS8Ix!mu0VQ2bm9u!eR~eh|9W?Rc?Yh~Z{A+q-JQP%U;PM9 zudm-+oSlC4<{Z2^{b5s<)9d!v;D@W5{|8*$g6o^B?=N1TzXn&Az0*r!<(%Gvi(8@L zzdF6Wxb5pIS2y6>^PBUpegv;CZqMGFUc9{pr*GbXA5L#>PA~5+&Tql#*Xx_}+gosT11{cPzqvSny$LQZ&)$6Z`r`5%u>Qlv-M3fY-GMh3Z!hjn zMV$>B+SS*+x92x!-=1FHoql!k=Hl+hP4M-_-KBu|_0g3GJRt&7XAZ!RvsIe&Y8dABLB>fK%3y*cmqdd5PjDjKO~8Pn?{wJIzL{qKMM ze@xj_oD|lpicTsriFE{Y6r@V5Lwi8bF)M)E|B8H*oOtRV4C*S zl8K@i=NM_^tLt%2heGqJQ>{!62IN?nMRGtw&;qa?1gi-Omh}bECJ1Is!Df01Q+Ce?x=Jr% zD3@#lRGiF|l1bDYQ8-bE)xirPETB0!_km-f7DO#AR2L<6WRy&~ge2@!sNDg3a#Ro& z<9h*V}hF&NeLiz1~3|ToO68)RMwgSz487 zR{?zNe-2Jx>(Tz-oAcAxZ_oRaus3}V)P9PCp`eROghCA@Q<~xr)hc#C+HvY!Vyvk>Z#2d5A}EVeSGbUY9+JDdIk^;$2Z9 zhA9GPh;roxMjk{&y`tyur3Wqr7a2!%2xCzLzu#KBQR^U84`&H_|BqhpOCVq=LtyJm z@DI0?^n5GuU&@3G>Q+1<-_iRRp@e~>eVH!^#$2vb<%)ohDS0SP=6_~Fa`mj9)w6nj ThtK~X009602~<;E01ycP7OiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ%avM3aAUwb8DX_HX8_OY5yi?K%ZyZ@tyR~gg42iaDj$6m9pgVx}!t0SO?HNMt4wnRkhc>Xbo- z>NCV*?9qeMDU4a;0nUQIZ02b;o6UZ=EBm@xeiW-5ACXb=6?DZ3lq4Zlcv~bQ)d9 zN7RdP#KgPe5&)P22q>OK0Rj}obL=6&rjUUEQ-(qc7y)dGz%Pl5;t(;!M|?885QR|; zVCaJh3Q-Ihq8cdxx+Gzuo@fn_vG_sUe;|+1hBGC6pn6Ps9E(2>400Y0iv4!5#|Kma z0na7}Q^Eoq-qp#S1X$-aXbGrB6i%Ew^l(pNU(7-jlNn-Dlu)N$f-YWO z9*>dN>2x~nPOI;BkGg&L@UYYLy>72N@S1+pAB_86&ujKNhs}P=?RL6u*U^mCKL)jS zv)!q;TJ`4PsNFhlA00Q38vUbor#t9$djGTb{jR(3BP&~a|1GtY|~nAlrm$*u=Llmx+$1lW5x1{dQ?!iF)TC}dpxgA*>_ z35o9C)ynVrero`muzlF;wEez6cHyAgMlBb1j>d;aUDWS&Jiq6`R>$kKI;h=hwVMca z$4CBQtJ&^4j*`WAf4LyR{{?`{rd0lEzZRcj!iYzd%#gko((GaLu;~CmQ7~4bi>!!3 z=mwm-@ZlF*D3mX+vr6+V$GIo*T|l6pACi9)Ay32iNGdaFAlZQe0OJX@e*;hl^?Hny z@bk(;F~egnpCF1SAr2=o`aMBZh*g!9NI1rm8H^Sdib?nn;w~!ULo_2HMGG7AQ52Ae z844GcLZKfKytvGi#P|=6vmhcqOcc!(G$sEDsgytpLs7k-cUCeC#oHYY(cLtX&!Y@G@V z%M#zmG){y9<|h7RF=0f+U-UUfLhfEdU8)pskuRs11WPDF|Mh!97+h44A}?Otwqjcg zi*VLDPJ$()pp3+D!e^sEtIu*p=X}9?Yb=2|46y$w+LSX68H3(bu3xKg6cZQaSW|%K zC`2^(7Jvw{=`lE%A{emgANh}hZF0WnWWK}*`gmi|xH!O)C=W}jc+86yfQg8I6&X_s zNBWE;A-j>Yf8u%k*NEJqQ0)_XKU1HwdqBxH6yq5b`?IJVyU<&&3V-7T30G`CVjo#= z<0MGus19I+-^3(|GAOMBdk<;c9nuCSPC5%l&916avF*%J?B;3(n6k`^d&s=$vhLMt zOM6q?&oQKz^^>So7!;Lm|yAR9@N|YelC@cIWS+TP5?*@`@9(n#8$9 zOqGbT8*6=Sa;*}Xw~3F8EWX8tmk9aauqRK@2{FSDOFObiHQ6RYY@O$O*p17ytS#bW ziTbwHo|Ni^TkJtz;oNG|IZbwRJKPF1SgIs%tOrWBUUA>3(8QlYMqIH+OBDX^LKa!o z#_)|MwP?s#zeA3)k7rf$XP{mO=R!Xh-T`{t2tY72N9%fhy_5E3Feb5Z5fDarkc2+s zzcB@O=%JzD{=1LHFbNoM;07UJ9p8u&MWcYUWz1fU)Wq;CLC2%u#Gcr$N(XCM`%Au$Tg$+=to1=u;FQgMa1#KrxaRN%Z+2 z#C`R@YmJu)hg6RQq{hqI7x3y8XzgXHjY)hAdb7+sHH-QFp*e~%dpHJOj0OL598RAw z;3Y|f^0qNa7~lHb?R$Aj&VL!2MFC`p9$a3H&Tks*6Z^V0mid1)`>ovhZ@=5x`TuR@ z`TV&KaOeezk3fxijd`mfoj)1@b{m5IHA2D=t%2vD{^iSV;rzLth3j8Y!q<9&EM5P- zc5eL-THW?;{cq#>{JCoR6X>J30fV3h8eq5Z|D;dJ`fp58FvF9O#Aq{ZEL;EmL9gKd z)#>fl|2CdyU>ThP&NF~L5(+PW;h(>O`7c@jZ!b>IFK^B_09-vw{6Aa0b|>%u-E8jm z|E)Z)6DoXXz>Tnnfw$O0Aw{6oXgSUh#&CuhimBts4_qy`pV1Uq7c{_7E{uJE+21H2 z_o2EABYq0IJ$4gDVyeI)AABV7-EjrD+M5`TVF+vBXB5nUc4W^ z{7MoqgAX8~NEmJc4ga3RcL0YViiw|iyy8B96a>UNd(S?Q0?dSk1INf?!2^)CLS;OG zb`PVN%(0LB3Q%M`#-6Y$8SmPC;6VlhG65u3fE%XwFrWm?;2i={jOUP{3b-@kOQ#yn zN!4AXLT?2MJcWY&3P^(0Cmc~395tMZ@_dHIBnZeo-x@qf5d|IsfP2wB2k z^6^vv^3fQF$miJpTiPz~%HIUZpifbNJeRge@@~AoIn&@A=O+@2yIk>1wkL1A!GQ1P zQYer`#i(Q9EFsM7#@>2E#_XQclM@99QY2lUJ$4KNG=V|>j+k>v81|6kaI&moWiP~# zec~m&t$m=H`mg`|KdQuk{pbJP42>x8Gr31|6z_|w8RiAfOCig=myA<_G1M)*FC|F#0D&upy=ycGd+3?41Hq2Bhf>QCsPJq zczdATYz@FW7-M+$8k~|iBJvOgoVfeoBnZGYFG|5R5|K^k4t^f90J= z7DFG+V0_0(r5t#}aq63V9B1JkG(z!=$_dt65SXGExes8%Sw962BoVVBQNxJ9)4t@9 zoZZFbj30DA z$2g`8M2Q<qAzWg4%IsUa17PnPq8=UO9FUghNx`RULK|M z6ib>E03BYI@#)pAW?7A#6Em|^!qLlwYY8!wsV0<{7Z4k6y_rK0$K9 zdt?>`4=J;b(eDY4C0la5B<74ec;Ia!F)Mtz%HtNdxMKIkAZLj{f9y>;2ZN4BW-}BE zIY99fDM{G4;vy3Ta6HBV7Q6t340E=>pm9-08PY|W+@L?{7kBk zdU=ccvWPkq@tI^Oco5qFg5Gp7Icl=7R)tu9a~MB3tAU7-*j{|Ti|Q$8IL@ycogN8k zguR3$GUO;Yeei~AB)50=gWmjHuQ9FHQ(=}GYzU&(N$(|ddnS77w>IXM6O==^d7 zhUeGsE=HsCGw}LXa55aey*NF2{q`KZJ^8pV$|+_241B!0{smmzfZ_Gkhl{iGGjMh3 zoLq7#=i~-l-0&U#^~ue}O+!_=x&}X=U!TAJ6`Wn%oW4D|cy|L%-o6DNPp+>|E=L#V zH{j&*44htFo?VPCt}bu(o%6pBug`C8z|}RlcsG1|aelTBE-p{szCXLTd;?y5ycqp_ z^?n52Uc9>)o$xw)HngjsoOkEfr$3)uj!s@*yuBFxx(|N37+rFRKV4me6EHlv9$lQi ze|vHbhVQS3S2yST;PUFSesTHJ^~L3z^LOW$qkY~hXLK=od){yyEuj=Q8nMj^FBMMZ zQY%am{a^q2|5GVbF=C`wL7Pf85G;mpuF6T2aD^~ss_9HGl&JO{rDyWV=Y7g=HK$~b zLeXO~PB%>#1>~Mf=4D?U=OPr$3HvCv)}JN)RF75jO{>>VQ4S2@O!{w_VeY4$^Gv50 z(ek0e77PMMs!TERaDR zXV1VJ5m_Su7vY#Vj%DWbU?{m1WiSY&)y^es3SNdJp26UyWuT=%iaRG!MEM%#U@lK? zfQTj4aFihhkWgq<0-$tivv$}_9SMm(P=;noy%6V5$ZtrC(~QKZ#Ox%N=}8pr18qy1 zBJWPxN{L4`f3b%7+dXnAX6Qd&tQ>@C&v9P96oRL86;x&<6XrR@Oig^NDF{hna&t}ZUXf=PmX`bhF2 z{`PS(p7)$OI8FO?hN(wlKP~Oc7mdl}fPJ9D(a#@8EasJjeGP)&1Ogt7EMef1=!%Hg zJFOU0`DG#K7=6N&StfA4pU21-(ghlG6^!qQd@z*3@wnj(jdfEr$NCr$7Y1LfH#%@t*}F3nx#5dr zeb!edJm)!d<}0X^~8e&oV^HN8$&Eiw7l~eqa)$vG*1| z`j8|yH8vXaHxT8cac6zqEy-1vWI0OhX90S53$*0~qQBu#E2sQavzP^BQASX?B17WmHxV13<0Z%(uZc-@ zq$-W!Iu>yuiDh%8{FH?9 za9$+=Fb72HbR?U?q}*l*qo_2;hDth+&0zxPkinQXBq+{KxvYdjCZHw@6*zUB+u$3fC{aC-EJ=0G$!AU2()=%7{~O2#uz3CV27_My{+D>QTmM^l zL?oOy!n&s->^Rca$2ZYuGO!KH`1i=NG8l`Ki>x;CK$YZZFd7OVn;WFzW+`ZIZ!e_5BIyfB)G+Qu31`aTOZWo2NM11GTLlaPF#K>zMg3FhRYK+{j*|fS;=b?j!>R0m0cSTR zqAiJt;zFWxRCw``V5KU_LZ+;-OsG^0BH@F0H8jZ?WK{3cY9rZ*sv?^)=9WUgQdQOT zE`22{M{_Sm^94Vgj&#Af#}*VE zemFhgg-<*WQ3~FvV5Cs|6u+cAT?f|)`X6J=&{gOaI;JKC&k#w(J}4(f{gxo|Vc&6x z8HT|b3gE*H@<`}Y-bwW}LNO+O@x5xpeCVn7V~B$!Mx$wr=#&J0`h_N9FxD4o+bBei z|8^Z}i!Zt0^J{gdSJ9hxWpDb;1^96!pGj|FQo)-IPgTD9#_@@S!Gn|KxDv$03{G_P zHpir!u|B1DW0$9)xt|g^!`b=_PE5j?R-@Hyv~tqlj$D7x zKJ4^5t-)ajdGM$?=pPN*=y2@yJFR~A$aMz@`e-m{`bXJzq9h2?D6*BgZyeE8r7j;LhmtK$j4FAAMqm(Wd)AHM=!s z94pO?q(5WfNsTC}EyQ|3agF!&_>d^U<6$ph-*{2F!cT7G}@jY6DzYr9h|&< zYl8WGoT5+=IU}+Q`v9}D+bp^Q^nGyp^VP@8eQj+2lANWt~h)kt?7Q@-Kf^iN?#Z4?Pw7{0$aE1&h1 z<{bzC>5K}P@86x={PI;m1%zWzYc|_$BYq8uUrn$|`lx^&5nnDKIfLUoA*vVBd0Q{d ztB}*>J4|OLS}2zi198C*1}bEzrV#o-Jr>B{ay?#a8<4Yf%$b;?!gpR#p%*2`pxbOV zWjwr_a7<#4OTQDs$vWb!P@p??fRGaTjS5_RgBS(w zgSI$2#`bt4>KdlWNJIiMd62J9Nk~}?MOaqZZAJoh{YSr{-W2&sfZ|Jm1i9D5n24=I z3+3v4ELms%_2PszdfN0|K1{+lG4#+dD~0r%iuzvo#G?n=BP6|4uvd}tY?a(KlJlp? z6)%1FBg8C|t!?e(Y31qL%DSKgGcFJqx{*IK)mBe=RMm7k-rDESpz%SPVU!}$-~(ug zAWZ5{rObdYU-DLQmAd)!XYhO(6b9o7VnPG`r>4y1P4nXUW-D_t{W*tQku++B!7{IK z7_zky$c4&Pv_H7+FO+mNNAZKaOXRTlPw6pmGy z70VW8F5jYK9VuH|y6nECncG9KULWf{%&!`VoI^B=*uxo?LXTjeLz#F?R+c5jL`jYz z3@Zx89L53Bi5u5$U=HI0UVT{;aZ))KE3^fc2(L%^R zn$zj*k-&X4KcLgudZTf29te_>d{jbN7vVpU$8?}5d3kAueLq0=P=u}%5$?EvATAaQ zLlIwU4*qohNyNwrE<%RlG4v44xY3A4p12Jmqiv+2Q!DA)MgV@0Nnr|$SZut*BnWO~ zN(`}tb1w^(OcFRz+WZoB=q!Wd)fHotkP0PiLCI!;I-_5{M(jdQloQGO@?T~8fztru z*+@qO+ygHx=~0+j_MEbU#ol=^K!rJ%y)6Ayz?3LvO=eoxdRgA?o8kMk^qb*(4cmki zcSKZazL2K~`p5*1e+EWV7~Y8+OJfmEN?Z}d;RO7~B?EaLElkW`zWfIlrqk26hLF&` zgfcRdJ18T+!dYN8QnhjG60$`R0()$>P5k$vxNE=*%N{)grz8xKCvI6Gg*9ae_*Gu4 zN^jkZp73sw2nnwbzP0MWJSK2jz!fThLm3dmjmbSl@v&q2BSK?Ucc~82u{HEdUJr%7 zh|+EU{-Qj6o;@qY;EmF6^KHvw>T9Oq(iY8&=X`A7_?3oWoq9CHy-T})cr1=0WF7s% zhGW3|OlGKTX#D4IHwejFpqyfU6OvPIl#t2y0_c}7TxA*)!YsOb2F`4E3TYR~-jQVa z3!@na3_#Q_TXFa+zFkEqR52HFw+F=qP(cn;6j+y5^%X&NxW%a_?ZKi3^-V#wIPu@5 zWsXWQiEov5P7UCScsTN&4Rs93sfGLO*)vD{&mR7bjvjSQ2m@F0FisYG_DnS^Pl%+O zqXI5wNqW{w?h8VMe5#^CnDqXuq;cS{ge3#}#y)7IK=qqz{pK5&t)<8*L;{uZ$lm$W zwBE{>?l{ehqy^mcjS|*V^Q~C>HQwQx8t;C3{3Q-8Ef+8x0#FFr0 z#q{i|xUqwG8l8Tcc)jWQoxa;1jJ>hfZn;O$9dr(1@2Cq8QFkyvM_trykNttyhP`&L zbJTD3T(|8VdeCe8gC1IF?$&-vt9DhFH+^k3TCKFNs1Muy_F=czX}Rrg^RVB8O}EqX zTi)Ser-u#^Y9035gQFwwP+Sv4U9WfKwYtp~bWzLeE$l0UI1oG1s+~0ztP_S_JMHaZ zvyaBm8xOo@&+m-=ws#1Pu~zcuLkP1GKY z7at@Tzpz!i%WKqS71QBvqjhMZw|8{dZ+Y!OuhTth9<`cY^U(D=zS~2vdDQN7y(4(o zgq^YHLhrEE?6+IZ!>%`I4Guljb(;%241)-VE8|v{wn(;h*y!qhwg#R*7@#)CDm-i- z`K|t;2a(tH-GS@&++N#5$UW-x{6h~m{Z{L+>7)L*-|F>x9pCFN>?ieN$h_&Q9aY73 zPo-a!?&x5A*lzKz9Qn;I^xEA+uR9nIj=Zt!@n7wJuQf)ndkDwlBjok`whNms>~zPi zaj(~DE$rxB;v$a)t9Dcsw`jF(ae+>|1Kk0H9W?OJVb^Q6yZ(4^74VHsMjf-5wwIo9%J00|x`thrL$6-EVng#K+|?>|sPG-IWF9OtONu-`KnW9Yk&>$a*~+UxF78y@w0N4-|d@3apOU3ld7d!7E+Z4LaE z=QcZovD-Nu^vB(1+aHf%&v!ky*=<74bq{-RVXsAS&BygwR4wf>Uqi5Y*!P=91NW$V zIPSOIX1CMv2hDM}-8zEpHuBm>huse1G&4Br9JLPnN1blV_1%8wa50`qI3bV5v#ea& z>t3@x9yDRU*MUdP9`xIt-k^`#%|pM5dhKot9eLg%M9A-VT=%HmL46+{_WB*y_c~q+ z4HouVo%Epa!|*bV=9$T==M)o_i5O!J7gFX?Dq~0qMnypqu_0vv;0c@LVe^d^C^zb@AAaf~LsVm01V*ejykz+3@Z&R?S0XgAxf z=26RRy+>SL>Gk_fbm)%{{jT3R?6q6SA9P^X^V&ya*zUUH-r%s=9Jpf_^*bHZY_<-& zsEypQ>#fp?266Z|4X05#sajR2%K1oDFmm~~HHtE&CawGq-YK(!4C*59C#tI8 zg%!8mMRXqslgd6o%xg3ndpeQgg)lzE2w*CeWHyB%XlXF}GHx-I=!Me6lztYqV0UdkQFdYZ75Kj@an-fl=FzbLzW-lI@F(QIGj>s0K(FvonIdqCVpe|#LpVV(@Z?ds2xb%)&?0>cl;5H# zBDG8d^DU+#L{Vywr8>;A@^H1k+#OQO5sV|y_e-2)o`F*ldz*?7fyNA!V%3Hz!eK=b z3VjJ*MW7VUwQ0h5y)M(5@}p``-r&W-LrNXlP-42TDT{bPQ6%gQdztR2Fo^P&rnuP6F)+&Dj9#vj3(LLAmzNU>)VVcPbe0_!uIRFxl%#Q##S zjiUyCuf3nO%aDwFX-}H%Z7mH+GbjS@YktzmcO#ShHS6P{m$FFZd}U8K{YgGE7W)#HZUVIK8^Q5s(pOG!4v_GDP8+ zcuHcL<=fA4^2U@Jh7Ge+InwYr2_x` z6<2<`^=1K*^nV|UtY2B@iPUSL(30N8seK_{Zp7&!p`j|?Ob&`zgsVdqz7eZImZs#C z`qTLty}ikkO9Q;-@`OA`ywnkvC1vp$h@_hwfZ5s6>*Eb#R0$Bi@)or>bH2XDI0&?} zK|n1=B(nDFW^+_lX8|>gN%~##33Ukw_)s_4(-JIJZhBkfD3{0AiA`RrCc_?(38V0fYlqr$-!;*fRwylfg%dB60M=963&R2<-EbyhoCF% ziYHWM-ajyliXL!<`QVu<*a)Q~DGn#9=wI98c?$;76t?#&6)u6~HPkIpzUl-ivwMk> z;0}kr`t|_^*w@~sA^`21>*47&5ou$79*u_T&(W#*>+OyD>;0L0CqQwS$7zkHl5jS% ztCz4fnH@#?I9r&4j6rWIghZtliey*UXlyPHaSkSK^Xpjkk`|Z&r}v$S^ysc64I`HQ zf@L19h0r9v-$-Dls^Gp=Rh{ClA!|sXdxdJ!%ek~QiaaBUYcXFOJQjMcN?w|76eJ6j zN+6-}+bNl}I0+QvU_dD}FIW zAxq^7RWYRw313Zo&Gv*5948|F8K!X}SkUXlpCDG@W0~V= zr^3+%=!0$WR^Qr9{bb~;beENHe?bq&>dy~GNy(j(r{Q&GI6TowrZkFY@YDMc+HakE zI~Gof0ro}qyUGDb?4$)9IgJ8@CihvwRso`m6+t-a()&_$79CEXnF|Pd<)~;_ z`ye8|9YagG`esXMImfqFBUPxirimJCE2fM>KO*8PfTKxExFFcEj)YUe90tdrXULLz zF^u$mO#4Gl%Ab-@cOW}{JI0BoynQxK>rI)ud zH8{4^ZEq!=NlrJ%P$m)-=AJk2FN~N&<|w|81?!cec#18in`OT3XVO+vY*h}{3SDm+ zRy9+Y3NLAkbsayVX0TKH!LZ}lcM)lN6he_maVK}4DOYJc6*65GRp~h;+K4c~k(fIA zuj9-edkBn^rrxu3L7Ajyg1J^<-$sQ(z}BV20g5b?yH@=H#WK0pJyMBlRAwgAr~Exv zF8>+H+e(NK`lbz`hRr$Thbl*9W8J4B-{6=eq21;b#(sSaaiEzN|NAODk7LdWvQVHQ z67-41(1OB<@?0A$MwHIrl`f3lVRGzDRtx?v(8_$Z2zCp;8^75+~)X&Hn@8hF(Su`F4RefiD!wc>D0Qu9R#l(LXZ zx_#>}Hz4i-7ZpT8`GdPddJrdJgHDxzr^==Ji##=(3Uh}@ttuR$H5=x*$_nT(VbeP< zJQ`8{893pqfMd^tBG09X=f;KT5XsAwaS{S7{HS9c^o2j>cjl@OZ{?PR`L~{jB6jPC zG%JuutB%zrA5nITZGD3h@2+<%J?E^~f}`HTc#^3ttnas_-$=q-zKC!6eB4Gc`Sfrb zh|41xjBu=43jWw8MU5#vsGNqM($^BNk7d-QRzzm1Ph;exkYO0m#j~x>o`q4b4)+WU zp%=+rJ%W_pli25s4TU6`Osy#m(`%`ZJS#Cg-$0He-{n3D%YOF`nqa6>=M&XO5A~t+?;F!kfRxDTL?9YWR(;o02vd3)F~8TXJxoPxetqw z`P;>?vsN{w8{DcPXYTw(quMtn-R*rdQKM2O*3 zp(2zQB{*-92O5I%Q>5siQIhmkQGEw215zs0GGG?(H4Y_mg~$UKQ6*1&AJkGO?3&DR zN#()2qv~&sHy6KGjD3`bm)^z7O6ro z(A$gQylWPD+1I{Q)=FeK9mlaK%~`(WN~#m%mr{jU_uGnGFkta~zY9^HYmek3}-A6uw~%n&*EFkGII=QLNso|Fj%GgDk66PAi-; z0}<;jo`^1*!~0WnLrE(Ape~$a>Rj)s`#6>!R^}Eh%do2`mW^bvuK~$pD|J{OPb_t!x<4fKcjlIJD&fSfyhDhO8jD;+N*q7T!9&i8L(u5DJ{*-^ z9426rg<-k#Nz0vL)GXaMGy81uT!HV^4gmV1*rGi_mwA#6!2mDr2I7(<5Xl_$sh($y zpk#*XQH->NMPe`(Cr2V~sgMIr0#S^_eM!d)qsgPrAh>{(FqK6jj3(N}f}>%IISooy zJ0rfVqF5_8svP}g_O&*Fj6M% zM8uIxe?LogKJ}X>5sKea6c2MB>UHhEAkEsGp{WQ=+SMxwt@lafLuOn;&*fqfMsyQaTA!Da&_g2J7DydbtVd_N0#i8WdN&F|5=~;r1%nrg zXYQG%?S^CR4JUJ|ns0i`L^0>FrOk?CW+5+Ele@jR|O(dGCH96k91FB_XI?9?{8GZBGdFF_cmExb2TdB znAY08{u`{7wR;#8UyH_s+mtY>2x@6^W@j%7OzjXfBtX{H-yBV+p4UWU#WFjqQ$$fx zo$r}bNxhVZ#D6D0l75`I6)UPd@^)>P_O7O-`Q)v%i9Q@!4QuT zWy-z2f+ef4AZ9w$+*O>8N^GbbdF$gtRV>9wLEBY@#gJ;>56Tn@pg>k!5e2gF z_lW{8z~0@IaG+~rA+5U_BGU5TCoU)n;`On>Yn6_le>f%LHbP7Nlw#va!lrzMdMct) zEhM!veDNCJC#K$J4|-MbdoBlwdjjbdj~EGGPDd0RMS+mdOXL49&HtcXk?Dav5VT_q z9NebbT!Teb2_lx{f9bZ{x%?09e!JJ(<$u`5^ZE0^OGn3$lHL@;e3w&%N$6ZCBZy8L zZ~(9f=%olw`ArydQSoHdMHXQS(N;g_<-wOP&gai{;LG#@HRd(ut%jtyhG?!~+gL|nlt zSRgXWvo=cw1o{*R6spdr#g1Q@=~;}^hN)8n4e(D9l1)UDN^!zbnL@TBFFn`Y;O$Ki zOOa(h-^%AURwIzbLvSv0ST;d3JLixi~CVUf#1 z+SES4`O%49tB*x&Rl=#7_bjAZmRM>FsYgc)E21zLKCH4eH7m6&#>?=X!pPG_mN>Hw ztT#j20=eo8X;Wh945^Q+%#d!kVurGiYW9ulT6XkS@VA4P;0(zC(a3gh&)nPk|D>T< zjaQSFT#mf?D8?ZhgW6x`b-S4t<%~@@e>cWS5b(chps|;u*|{ge!tlW@y_?mmhHMj;|_}F6--L(`eHQtY!8O+{_ zMEe}nWK1^MH3MCBxR&dB7Hm1Xg#o*f0w`%Y2}|29u8OL^zqLs8FZF!2{I9m<1>*lQ z`M=%m^z-t6tJ&Vk|J!(^{GXQ^@~70ww*!Y1#SHoDO7OO{$ya#xv@ea8pN)}U5;$BO z?pg8S*Jb63S*h5M2O=3lHd6g|8qLIu-$s+Ugax%+Xu(<tv0Bd+ZlvLQcta%# zimc2*O(&Z*$o#$}A~TDf52QSgko=Cq`LSc|z{=5K@xHDLWt18i`lh-NAJSh!KLx6A zuF#h+$C;P1>_5Tp31OyA9U!i4SbO3a;sDgtO1+7E>Gxvxzm)&CTD?5~?>1XI{=bdqyFLHW#I@$>PxZq7R);QS+u-+lX#D>Qndi zjNmWt6s^X(=TX=&1X3pR`;fuoO1lNGu9|NokrcX;s6nU4;GcEF(l`qZap-gTubY>P zR)X!5`%psXf2{@o&%^W{x&GC?`qPyx087??r&-Yd`^}yHzn#ade>I~U(*5~5QxF%c z|2b9LPJ3i@{R+n(-i9^;40%zxm~FcNuW8bxrR%wE*0a$-7g`fC>Bhdsu&|=#U~Nl5 zF)#n4Z3p`IyI(G^&djfyUvF;TU7fvud+tc<0sv>1H@Cl>pAT;@Pu`v1oL_%9zdi;v z64v;)s}cWuJgzO8y!3Lbo{#7H@~VpbCwv%QSS|tkf1TG-Sb|e2TylB#^y2Kg;wznd z;_F^sy)Wrk>HS*UTddH_vQ8EXHLS)hU4FfO^cVGG-hXsY0Ql+R`uyX`+qY&C^^4o9 z_oLTW?=R18Z{EMYJRjXC<4zuG-dthUmJL~xgicIYX_65L2$@{jb1ziS)RW)t^*WU&&DU zNcm6Rd|t))zk>b0)6C0%ok4$h{=1dO$bUMTq>iN~Bdk5v{4c9l+x|slS8+&?HM$pR zU-f5!G5%Yl@P~dLx&BSG(p5CTCF{T28|3{z`kmHbxBj>BnDsx($DiGR256{cEgi6y z&C*}{6Y7Ckr^kfG2O^f2aDOzYatUE&8sh>qqzE^0lT~L^Ewj~Z<`qr*)yiiN>b61_ zeQWtaDhSICH!@g%v_9+zO20u2{POGk;X^~i_8Zi%C?8B$lyAP zgNV+jdnbfF!8QSlp(j!lIUlh}@mBI(ho$`+Q<-p`yO7-TnbZLSMWDfiii}m5>UHP~ zw=0MDK}UntQJ7CWk0hat#wvWX0t7{biZKk57^#J-&TB?Dx7Ns2u-nni?akHcFZ}nx z9L5K65|+gc_ZyUWcdGp8WOROec5$t$1lYBzh%w88Tvxxnx;#CX;`TyvH37Y|a`@=x z_WjNI_08~PB`7J;=b@aOo}Ld!w`Z3(t8~W15ie>5l`?u-y*dWC>5e&3`FS)N-VU#? z{{HLj+l!mg`K7#gQ?x;>+`39(r&|(w+s#))RT0w-*t7GS(e1_XtKr&l*9~w^kvF|t zeWv)8O{8(!O#|nDA6=i^o?O4th$&TE*F#V~D7y7Li>-dduzQlmLK38H!Q{b@tHeT7jY+1=#ZMb|FPW$fm;SW06a>1x42pksk`0 zg$!S8d=VWPGD{}HokuDlJ$2Bh2!{TZ^-;>6>So|O;-h0wYYqm3nu8gdrMk#c*Tp&z z*-(W4qN8u*%3mc%3@dmmDuBvm(SX#yElyL6LI1hxuBO~mGVbG=!Esh6ovMXpD~-7|DREI!)1Wa!TM9^SGG1BdgJQ=L z!>y$=w3niCN~oyh=s&84mnQ4TTpFH7p}04!tIG)4HD0dfz=V+@if5Qotg>n4ulsvb zk$Xh_l5vuy58otp==&ziI>qNk*0su3viapL;cj6gS(j8~b{0!2+!Q%{cdR|70clQ2 zvsuZ>S$9fJ{W5!@oD9*>8ICuOj6xPP3nfL1$1)9LwehCZXSsLUWUTm1{mU15dF?gV zh{Q*(16}b|mW?2WelH#TLxe!hthygkIcgKWXFmebTVR`Y@@FX@BwH(JyK zyGU8vZAB30O z__ZR2N^n&{1JmG>qFBvH$+be&A`eVGt`@2wme#sV30;K4Bsvgftm}hmioh9+@`y|m zJFkFC>rUZ9bf!R;VKgmSOU(hbG6;`Gtfe)4jpnxk;VN8Pl5{DuqvcoDOH}6-5FS}~ z)~gV1cP>N6MG)l}uWyf*b2MCyS5!LQL<`N*QAa|Kwvj}%8G38R! z$#UyqPOEzh5tjm97jGJT35X?FJ9r7sLz=`U?yXTWl(m4$>;X6w=^_!|8u3^KOtoW6 z6a!rd-&ZTzMWq+OvS{b!Evy^wynOIQwv-K|VMUs-Myt+N7KeOBzgrqZ>4}(@0<5WC zIYdXrZPn*x1hyzr#~RT(8pTR0#^?|NQfcF#%R+{ys#wiZs#ikc!AtPd#oynZAFrBS z98;PgdT`h}JWSVlVRUBU5&udhZLf)3TU^b~dNz#69SUn@q0!fy+)_uR?{j+XNqWpA ztNRR3v`R|u^n9OaeEcf0Y#vX7LIeL#hr}iF#JVgfzo(R27MIHysTUJoN6fIgx=_-{ zfL}}4Fg1n!rB(rI0cxuZk89}vkF@_7BHn=iZ>L+l|Jmv8{QtM|JmLM%QbxDb``6U^ z*SrHNk9vynJeE1h!XO~`!x+zTfF|gia}ky1OrI+)cAPzVe|9mt{dj#bI$z*SdviW| ze{p92d~>nQ%cVEx!;|Zi(be@asQp{b0pMadI(hx}{O0!c$>}fWmuJVI7LM5(QAYsy z<>Kwzn~xWx)1Qw)jU%g8dEc*_4@dHEn+Zn(p5X3aceT5N-Kx8TDOzsN|9<-R{n`21 z<@xC2)%7now->_?-SQwH^KL#2$Xa(Tt)rVC?y}_)g!L;OkIPZ9B&_W2{^a*@fAU9v z){y^1?w^BO55)|Ru?N|P{69ObL9^ih+1llQ+{&ZmKTORDp2*gPD1a0|;06g2EK#gZ z7zE%H#jLJUm5LvV7SeR2Q^){}kxCivJA7HHr2LYmK!DvC#t+LxNttZQqBqOMCniKD z{}6we*P%)xCOMUPEt7Kb_i1`Askx`XFDOl<2Hz;YEvq0;X3W_suSm16zI<`&^|}Ki z{DJFzTpIiQxhk`kC7+27)MpaOc5fOfs2X_A;osrVKep$=nIQ)CCEHMY>pfSTTfGyP zWaI~qKg}}DC(FStQ(zJh7X}N;UCYF?jZ0JF%NK|9`eTzW`?91@en>@)tn-eVHc>(V zxj;t0ghXc%m*M5ySH&6-8Sdwhp<@zpi7}hbj=}lq+0BV~DKo~mdwuaMCNkr> zPJVMDFK7WEESm8(8cR?HpS&j}#8c8W0Mrx(31ujj1;u;i&y|^LOzcq5m9!=xXNm1N z6>S3OqCkeun}>49Lf)p4k&?30FH3v_exk3GJR$9T4<(JfyeTV@zr?dyY5vx>qT3`0c;>!8oB z^++6^q#(A2NSJBU`c*)w^=(bOR+_86^}e@zFn3DJ091uG)KLon};X8htF2 zQmRfatKg*KVX^32vwP~oYI`g%ev;iXbRBz7uqsZmi{enc7v>By9_J49No-)~!e|k< zPZ$mwl#%Ep2x{PYF8!_D-YXHP8Uk1t4O8g66q2_ zsXz>0D;Z@sb7^e0#1w%`Ob%ic5a^o#yqnqVmrG3fy}Vl@R4*5g%9q4O6i9xCKyFEU^p+i4^f<{lTZ{_mzNsJu{mpAwASk!lq1!(8H^v^M?ROV zSqvGPJY*UzEn)W}3273cc#bLZYYHEfkr+;tS`^K_te&*m>?;`h-&4LNUW(M*FF=tF zqygj%GFUTRS2e+&rUeUGIiU89eS3Q|FQDfkO5YJ5(G5@JST98T=R$szII$q$)@mlkg1%UQh;-dPfQNPP4T;*g<`^Qn(G^vS(u zNW++jwDIYoB}YU;(eT5mI;LEaE2oJ^4Q@+0a|sdTcyexTmNRJ1un1**AioD`B{5+s z!!jk(Lk2k&8NlCzLi{-WZ%9b6vii3)|9h+7&ENm&cX#&xtvsvff03B&KfC&uFJs>2 z%1PSKmyXi6-$1QQ1;av@Dul)-)H%}zUxDUE)lD^`3T;zPOu4d|9_!b|v3{O5ayS!y zh+EW0wb-xp>D*yMxu%>`5mKy+ukwzxEkx%>7EN4|gr07Vf0uD2C=$2R#G@gEnGdxq4##MwyMFlU}Iix9?%QJ*aVdJZ)46E{LUJ0#`{p+ zdl4>Ke0cl=reKO<5uO41K7b%Z_aNYG!8lMoRS)z1c2&<0zIh`*(lsJf1*n_D);qlXC9KrJGE zO}~;yllF|zDT&4Fy>j19dxE#dYxI-#noT=mFPl~ylyud0qP5?z%8)dnE?`V6&g|;* zy9yKAc%$eOLvaX$i;$ss3_Ua?ex?_XVkA%3-ze9;MVvl;z7fyYPl>B?+OO4!*?O(F z1-r-!+k@Z(kD5*4m0)$U`P3-`*4O`JrVF}q_P?e2U%%Na#DDDV@_%jT5qjR4n9>`> zHlYFfC<@5K42A4FQv%H>S5yNHp??cS&@}#)svwLanreau1wVo=Xga&o26x)v_pA+? zwYo8VkXpga0hmGNP2U!-wS5vyfUZe3^1>#O-i zeF$>B%d4s1N=4nedio=&rca}menXYCR2^N3R@Ez81Kqav*?(%~bN77n=Mnn9(eF0o z|J`pE{l5q8=1%|L#v}EAGo^oS13*f-D_Q`ok$eLafN6cRHUIdp+XGXw0*06R0l21s&e2H2Saz|IV?d!Fi9U;js;9}&E|_P@gYuWmm6f2Y&m z>Hk}KRMsjvrJKTOU=0^%lp%+~FTsPiqvwa4%O zHv#rmivYi5|L=6$?R@;tPN%cm|F`jE_J1*@n-l^Bz(1uVphmW_QvtIrNTxJ;h-7#f zdn>R$S;6lvhVyPdDQHElY^-bR!z&rk+^N> zwtggu2FUsS9_1P4+s%wF4HzBo!q zSxr2lVyoYvj3UlA4D|K7VSa6}EC0IIt@Y)we=OUIJlu^IVMX^^XepQI$r@t(K@%d{*4^AUk6>{+Ba$Z;=>FUmIF|gob z*)^T`%?7yNq_DJo*)m7xPY}U=v-o)`DY9;-?&5Sk65Q7$!zyzz118^<6?#%~?O$-{ zTgZG-vGgRb<@$b1xKbv46B@vrrl#vD1KwT>);1w3&2V^)q5yj^8&BVQZ&h!pO7K&8 zrS!d3siP`M87jpu*TysbJRQD&&v1bMkO{|7?4gjsiOCjLSD`zvRb=X15b=C)eJ@JP z8`;3g9K~>gtVT+(wX7F;SBcW0yhAe*KWuU|GXe2216rXkpZ}HedanAcFaP6EL~-9( z{I6EG(=5dQYBzWC|5l#0^M78*>3_0xpNhO{Pa>-;;A_h3s@7&?b{p7N%Iyl&DzdvO zx}N-=L03uebRDbk4Ps)t?eMEAXNxw;?@MLiK^`k8@T!cm!|O>|8h2b4*I8kVNTlA= znwd9!93Z5n8faLOm+G}Hp|JnxzVm)_86@9w*$}N+QNlwG0a>c7(4}(i7j&xZ_XWCD zNgs-8R!N~1S|}meETAEYnMPe6p0GBqP7J(sktF7xUX=xe(YdF5TubIiQHt*M%=ho( zRIfUI#k*6d50s%<{^&)M0Etix8HpP#hG>lM3Zhh1K})^M@rYbEUabYAnwvNU@lLIK zlMP1~D|TLKr1;Y*XTGQElx|tSUugQmpXz_5waRw0i3KtVRIJN`b1Q55hVbAF?Bh+M;R_uvIc zghBzqn?f9FK2+!o3<7e0%FE@j#Ovk;6ky5(6>Hda0lSt>d1Re6Y2!^EJGCPCGE|!v zDz!6LIX~?ekZtcug?Y$3^YWn!IJqEH<+Jz-ys-G%J`lX^-vxUsl+Dvsp_|r`n-}{v zQ1mp;QR}MxGJV=W4|4k3Vyd4lAo$#z%}S?hRytGF^HgYc!350~&CP5zq?As|l1^04 z#yV|UXt%OR*_(O^RqXM%v&@Ukw!Ii}Y5eXcb3-zX1+oGP=hg({i%@KU#*2)y8Z)|vZszksWf|^&imF7ncpfZ zM=_p5hU$0dp&qOL)FTpL@8KAn1o!ZP<`c03P}4%5UK&~VkC-G3#SIj)_(2_%XY6I^ z2iuG29=Q~GNsMaiHDhrF)r`$2ewci#%LHIiFaI`|o3*S;aRFGZRL~f+7gcWSof69E z2Vl%-_~S2McYW+=5mo2%BCU=VV9-zzsCXEqsa zwGHU<(XzlAYq6?66b_6*=S5y~E$?0qLz%Wsn^~l0Fxe=>Tv6ysCp-mO$yW-f&+Fhe z*3FoU(hVL1DO6aEiqo4@6m$N$SamB(ken@~l)!mj(PRp?a^wP} zRjz~*R}=olk2ndC*#OlFsOBkY2ddb|l(8sXRuN=Vnvb6=TWN@I<$ElB04u$@4ZXl|+`Pa6ft#ML7g1in9vE)de!kmN29(k>7Z*abq`__MzLH%s^g zhLexTof2{p_|BTTDQ>Hqf4?nPIq(6d| ztopsvly{o)RyE~&Nq6~!A@w>RmqeG&dbn20Ws0cv(9CZGzc|_wVXS28|74=sR-X0c zzYsAlTAwfmz3B{v?2K;?xLW*M8vn6B$lw1Tw0pb!|66&4NOvix6r^(s(n;Nf0Jwl= zzODSXaO8^xz@=4JkpPzh@r2AG>&w4&Rjh3jtI25#r{Jl?G%k>NA#Qk~H_k|Am({)b z5d^b^(^e&}eZBmZ6H$I#X>3E1)mHGag%b(A$a8eA*84vJHBKHI7jYiF{||+i>IULJ zwmSV@e*f=wTf6v=TY1F&-`AO2zSh1ZCt01fuXKG^QHS(lews_X83J7MDsQIlW-jy= zL8jK}M_ud9pm3GTy_pK%C`31tB^CJD1@*~F9TD+wtOQfJ%L&%k6oRBmv|(V1>UtYkLrvYQ>WbN|taqtDfv)w0iN2OQ zI^=q5`LZ15=5y=4&2_a_tLR+*j%7-zoDHOo&+0S!y{tsd1R@b-(=YTG{8m%f4r~9B zBk&4XXaT5m4QVw{s$2C%Aa(EdK?;4LOLYNN61oH~|1Q5IV3(@{M)FsA8jR%R1S+`n z7}_^+#TOj8#V@I!K8{`o#Jj8h((te!=jAUB^c7%nVnw7<$IMC-iC_E=snPQ?wwDfhq&5E3TwlfSTx$AHA8^%~Y%7ci=d zoPUZqU5KqV4_=T!eohK-j`KJDm-NQIJW#@s%+9zN%0Kn3&2$%QwO8?+TF^lo7lmG0 zA6MYnM2}z}zvyAGaN?D0gwA5PYOTS9)Uo)0X<_2&1UY03Y7b0U}JL4~R z8`^F|+ihsO4edMG(02RTpLjpp_<2wMS^xYeBK{esaU$FVUnl+qElUNuEdN7)koW)X z^*X!zpIdo^M@K|_-%P11rgRftA0?FXZM{9pNOz%+M@5BIJUc3?mb>&;6kg`ZTUKpt z2j0?IdMbwyX{bv5K!(M}e+2)JA@M=lZ=kTYbJN|q>2A|~L@yGWkqirh-RELbKrf+; z%--53$>0fZEmpK#azCs%?EaFtHYGt}OU{1&2PNU6QLTCO^YyG^FQ<)f^Db-Y;nQ9j z&WkHH^^?d9cZS20Im7{U106xmewBvBW8{X#IGkjN!Y;a(4y1x>pZ}rX-}!%SiuuyJsuUBjo>>%n+NRgkC2BT15v~CjYk!@gKXr{_g(gR-R?@znSbf z;Y#(B=m42E*3|19yr=&zLC>DBB-5}FkrGAj%PE|TWvFG29 zo=`?HJ6)jyKRbOPt1nDql0?OX3YolY1H zH}cgh8%clm8QCcw8+{%j|IfY6#((d&TY39`yVKs;|F`l8-=5)z(~bE1%*&!BZ_&SJ z_~CT1KaVP~ivNx%x|#zGANEEZW^5qQ+`C2$;!w!_3XB#y$1n(7=-r)3fk*T~mCl@# zzTiUf1qC&ikRW>yAB*C-tb!?+S0#n3{q1?h8~g`awXdS=f`e3=e$O@VDt}74RJ%xh zjrbeNP{=-zAeo`l0OHvX;ca9(4rI@P==#pz=uhKs#HGOe5>`D<6J^<*s{OCp6a}*e zogT!9k|g$!${YB3Ct3ke{HvPh&BfAAjS=bZm7GIXn_AT;{jbSZxH&Yb3C}lh zY~2mos)PIPS@^6k|Hm#|Qvp~a|Mz;GeEg?&x4ZNI-^wFo{p;5!8&Lo_X?$A^KoI9b z6+o9*MF-GjRR+h8*hk0U;}o%}$}hzW08DiOaF2ZiNDM+E{P(3TMvhC^L2__uB8H@j z=wI1VE2$t7@lWNnFFFDfHYG9sqdd|!-=I(&!uSEyP9-v~Nq}mgCjZH}0H@dll|h$E z1#l%QiR*gR0Kc7}&exGGm1nKmI}!ay7SVqUp*fS!wYsxnMT@eV$&Aw8EZcaELm!6| z#XZcgZ^=ZARb#=C-fp??miv~MI|#DOGZ1;y#XCI;ek%X<}_GO+W`rn|{%HRKP_xn5jZ!3?8|2wj^ zJdy4jQ2;4`z|BMk<{IHOpMDh)m;yG148RxxFGi3d-{E`{hf-}51Ox)?#xQQsA55Umcb5-I- z7SKptu(Kx&2Wf(SS=;Oo>OHL)deoWk#pY214JAdG9_#N4`H$>3@ACw)LaSxNGpJVR z%nd#3SXoLaxwZ=gll@*vI3?{DNvNdIQuqa;$^sdZm}!LNVab3kD^EW!T_l3Jr{(G<2bvlJqG71iEc4^QP<*(-cY*HQ7? z=(PIN+ncIS@6SxFbf(7;2jGRC*-OFzGmpB zJ43|ZjpL@h9sEo9Yp$ro6?VTT@Y5{QpSJC_xz3qp1Y;DkYc#G1MVNk1oe3vWyZih( z-6ks;M@{*5rY?16ahb|*WaS!=yRRu})>w>wPjHO-goJB;W{A6@aHW@JmCv>Lk+C3VsnYW0tOFN%cPR8V4cp}#*0+W9Ysgfg zcLBAkZM2$N4eu@yC>GM*BBozPL|i6V)FPKYgy0~f!=)AP5uQx5Ra>AT-!5=H#$)gT z{a(4PXDCu?I^tGhN(t&`)+e}xG)f|^l=Z5_7xzaocI=+Qv%dX@A}?MV@-Oo&^Z)I1 z3-Ldi?e5P0vyDgSsW)OuH{k&wiR0V)04M@o=mn6LS;Y?^EzKSx)gu3^_`N*5U;2Gn zL_bw>?I3;{?;CSNHaFrqT#3WqQ4TP@MoX+hn1=YUmY3SMf=f zU3Vl|an;oVyxy_qxAJ*V$lv)Q?@m6qcJi6MkZ(1xe<0lU0FkX1ZAE_C}{6nbgxJM>UqJBslfGIWO?$}2yHLyC%xJo_tce_^B9 zEAJ{W3>6Xe&N7(HgcZrPuxFEE?(~+|K6nYl!4#)G{s~hsMKJ=50OCdCl@J64N*;#5#0YX{zcS4y?gI@MM(($-Va4>7&%B~ox za9aEF&paCBSzSGA3lk+9DC9%Rr)-e>;0v+o$Z}Ck81YD8A1>F@jb{(kri?{aNEjpG zXAq>ayVMH?vU+)n5p$5rE7zt9kK*W*_e#GgZ&iO>*l5L8oO4m25%Mq$L}EZ8V@iqW z{F8A13RE6N{qtgIo$4LD1o}M?M%07!_r(zS1X1Bb8Kd9V1wjcCI2Tj&5vAS5kax*T?IEfFX$^5CdaC$~?CJ`>lCmUU-m%Xv-n0 z5>voTPtU8TyQd!-q7kO9i+tWv6mEe5%IHZ$tqRXCw*W?hhGTG#k{smOj8N^{C<)ng zlhwy)0S82yFuToD_0a8Scs(l^b&S9C@{EHuYf$aG+AELjORv+hx35^)Po-Vu`K8xz z2S2fgk&=N3^RvkwJmBMd7{~g8C#y*%BSsXfY81;!3NYPK)g_+OAcYdP)5<~7dC=K@ z9Lf#8W4{sYh7v`^ewx5vFo?Y5fbi+>M}Do1Y11>@DcZk8e)y{&`$+&Zefw58 z|8mKVAQQj*Rl{R}T~eXlDI*_(Hc7^6KE(6PhlA*@A>s?*_Xu=fiWN!K`Y568^70KN+D3odb}RBs*c z`C>At#->Xk!wHHb3t&^IO+UdP-xTvHWrXyw75WKBajknf*X7k9`lZ1zh4S7{7I zlyO?GoxRw%mdO0*JOn0RC&g#wv#|c3`|Pz4|9kgn$Bh56f3UN=*8i{K(e(d(PFuVO zDEI7KsX>soVrvY8%(Bf4gsfVV9K9lc+@L#{C{aTY7}GIUZX?97=cK3%A2QF?gdFCF z3ISp&Z+L@`NQWa9_cx=u|bYY?rFS%9yg-wlq0gBP|&3zh?fxk{etH=CyeQ;W~TZ_wy{k|C7RlNsJpi0oL&UhkHks{%@y$xaR*? z@i6@#pVI4goB%_Z#%MN%E7JSXqU>+xb(f))cEP4#QVVsG8KuAIu>qwFq5eyBG8 z#*d?rG6ix_s|M2KvHdi~MchqgARdJZuRwRLzFVvBzMiqoTs!tUg|2AmO>Pl&XDFRx ze?XqG@y&Oc;h%B)$@$0P;Gp;`^hVLH)bHgKh1b-^$GN8~O(UBdNG@Z5*}Rn$g)3;~ z;pf}h*Tsacj3$yN*0zJat)00AE$i)ubW*It3VPXK0_R$iwRE-B2Bm3KlEZA^2k;Vw z%NdJy9t_viK&|S~DW>`>96jW*jvvr;t@2mmFaotiUmi$wH@9KRatNARwDBxM(<0B> zjSwT3H*j-7ZF-uo6%WQUzx+Stf=Dv_2fQ62ba$$HBe_%pHS+)7-hp}lcXYJ7mj74s zP#OP?Ii?rnKi&Tq%I`Y}9n@PGUQb^AR`rq3rSJRQN{t_AzAor68g{%e149shA94`b-a zOoFpyO2aBYpQJGjTD36G$5u*@uw;Iez^tdPn0c5z;IRz59@t<%fOiLH9@w~pGfK=J z^t!0Pzb1D{O@Ea`sGX=WY$!+x{!;;w^LR35BtkM|^ga1kg%(ayNT!~gi9_A7U-W~I zw{B@BE2>0Z&jfHP1_X4;>WVUy&`4fyct{%X_6Ph9L<##h&muMjNLY@MNpRMqVSXYE z{5XStI1>R91SqyZC_WCL$OSlLjx1qVoTbPK* zaBqb1p|yZO5fCiPZxG{o$>vb&v6-czNfbM7r2zTaaSWB>ZY`rosSW8h9GE<1aqF~q zs<0a+xuaQQ0)QS2i{`kMl%N-*`wrNQbKYgq3WeR_FJ(#o+U%>vCl!Q-k(G*G&y6r4 zSRJrAY=AK-x&X?IB+iSoeS=)H@?ETEfyHN#BN~QXoaPt*aO{-5I+v?^koNQQwueST|mXDf?*w{!=F# zuDGg-E?Em8Vsk&h6&G_n!TECt(^HhrxE8?R`-D9K=-I(5In{OrurxISKVZ-;78qev zmVGG1C z|B*$;jB)@!rg0QRc|4;KuVpw)5cmnm-~eVcxGCLwVU)ojk7rvnkbs{DBii0A9Qo4- zO)|2yeYpb&JhCRxBsXx7{NkpM@nj4!@FrNMCH2f0s_NM(rrDF7)crXn$Epbc2{JKI z<67QB!0=EvFex#?Q8Lsrrb;POLO+QyBJdN)B(#7Y;{%j|@g&ZpG!~U3$RfyZfryO1 zR34!OipZjJnNOv;wLTOwa&agF7l$r6NdoFxqDhKE$1>HwSMcPe`<9|&R-n{9Hx?z< z*BF_3y1G!}l&Kmo12HV6a>8QFlGIR$;KES?2){%(L7G9Du$m_1QQ{7(I7$XY>7QeF_NZ7<6Y>cE=t zgyIY-V+nPL%{ejww-weUL%w?xB#xR z|Jk+jKkXmxtnGhR^3>V1XmhQxH*^b8&P3f{d}nsSd6Lup^*fBmlt|n{03#X$F-r0+ z^1s7}cA|z-Mhx8D>r3N}vnB_2(G$KdzqQoEi zQ38C-s1nTwh4U;*K@9zn92Eo@E}DEj8Q;PT7XS&MGa$?)!R?IogFupP`SHC!!{Q#C zQb-Sal$-Q}9A-UoP~VgDf}h*u;VpoCgfJus=!tUtMD#_*Vy4+iE<}iyj>zFdL)3b7 z6g}YaLG(JpyNX_=Y>s?*yc?MI!7d3tgBabzj8@S2 zMp3f3pt9~Qm2$S}&Euz`kNKH{{>Rbn_WL||uSMl*5&@)6{@>j>GU@-`&cT}gui{ae zB5K)_rWs1J$j`}d;b1{o9V48I2M=gBaGh0|CQq$5_P z8ry`W;3C*c=bq&-pq_p0uk^UWJ(Z9)o9bcmGWRfEs_%Y0Yf9HeW zFHh#^#whixk@q?DC>d@~cb7x^6lQt%m7n-Sm;og_@?7hL)a#BJ5H-bebvLwHEzCeW zT}jfR$hA|Aeu{8Tw#SESM#uI9U=P-CP~0t9|?sR!USg2U6%Q~0&zp4n2hI!GxaH1AT<=kj0>H}>{Fa( z^e7Y>HCM=;)ZK5A1mJLwd;VQd22`-^dbaO{jiZP?y$qg3{A%?QCYdV+wi^Gs5c{R@ z&7f&H9CEQ|nVgzr--5;=L)Mtfk(Om0dTNCjiOqQC2525ZyUi7R-dRE~| z>zIcQaKvc-3^JI;+tO*hUPKVLqat_|LAY zSE5&8+6TSfQ_{841t8Lc(ct3a3C^$J5Pp0`@0Ps(d+T@q-S7VW-R5TZ7xBCMOXnx? zyYtJ2$1v}J%@~sZ67e^0zoXxu>GyGTiK^FcbZ~m$)dUL#Awi7bOcjNG0{l1~`N?Dq zvnXK8Ht;c2RdeS#RZ0rw-H+WLd(;(x^bXuY;OAhBa1MT$7PWAX_d}xX8Zvt+oMw>l zUvz#Mu_X9TIWOj8=38<*D=wp%i~F2whW;+u8f?=mWR?FG4B?VX{%fCN>u1qtLH-Zr z?eTv*{rw%2|J&bP=l@vA(}cR9Tv)c$#=&GYM$o6BDthx&3MM#5<2fr05XzO7EJ9q< zHGybB#;FgEO#DEXIV+?EG4Gp~zfBqw9jt7O6lu|n02eeDIhejfChm;NW| zaQi(|_`G7}m-heZ@AdnZ|Ihx~|7RsnH7QBbp~!~BwS0`Ca7(0P>J|DVpQZ4a#*Gzu zqMoQBi>-jgLIKDiz7~wjt9@bg3KqG2p03`m`obOFs+k|4A0(YZzn=GeFes z|NTSD|8Mtjz5iG8)bD@HCYsE7p|9V-dB_6L(}1aCKP}=wyJJ49 zPo4f}ci-~=+C5y~|E=T^_kV0w!5hPwVKJ{Sxk|KqjJm8vhFe!<+~uN$h9Q=<3hrpi zN|6SxVD3IP_U|&TW)vT-uy6rWZbLjaN3Z-8bivujlsP9QDCxp+n$N(`q}nsD{tib( zsTupJXSG{(4dX+cowJsFqyWJ|9hw3-?Qw$kM`H}eN5K6p1;Oq(xJm9hG9r@=Vf^kTGIs{4@p_$unZ*EM% zXK)8+xYGeU9UgB$#w?Iu!DldtGMsl9Dvn&N6)8icmJue?XWY0OWN<(>_sE|@K*RA2 zsByTeaK!ICu=y_(CBWMP9&cHFqv3~9mY>Aw$nSK_PCMe8OA~y)jGx%?%XN{yX2|UU zi3VWg<3HexE;|BDE&=i9vAI~$?Y~HqR5QRU*-KhcHmm*vdZ7l>p=g~66YvA`rg-LA ziinb7bm3!TyaYOTa8`qje0c|FGR+@FLfLlaAahq5!GN}nPoXn%gYF!iwxZM%W%gH7|&IDq^uyK6quIg;vN=z`~L~omDnLrtJa@&6ey$Ng0GJjT?xvYvb7+hj}3Cdj-)Y&NM8aphBS=@ zZF`IM&k_0SBfuvtFl(k{e_>U^nXO!T>k#&;AqFP|32)mX*_2M`=bcpnISJ%-|-+g*+ij6CQcZ?4z5~fC^p|*y= zc?MvTXET?w#-X0659duUxh&+}Xt#-VJag-rZc#p(zaxC|GB{vCpvnB}$SOu2VlGKB zr=p0=n@g9okm`hvqN2@lHtI}<#@C-zbfht;(vCFIjToAdUIVpArBbAULc|tq>r^47 zijdaTAbf6Ist{|M+!9jhloc-hNxfLXZ-LtysOZF1S>#1Tq?7~l-1d3#F>@9*Jt34Nb%$doF zTb(|E-`Doat#K>4bad-$zQ)a?o_*s7T+-v>YO=9b zQ9Ya5)s~b^g`y^)W-@e9i%XkAd!pdww!mD4735O#-^&O$@c^u||2x{V{QnO7Yy0n& zJeK_TvNhX3zCgYg`H%JGVT?gw;xYxHQ_;0eEl6>b>7Pr}N%t-1@*Nb0v1(_9i3Nx- z3%X`xZ2t<@DQp(_F(Af47r6>c6IwvcJ5a&!S|x$Q45TP!nS*FVzaa8*sx%Vco?*zc zN5SIse-M3y;aL+Sz#960bZGnk9PO?BKUeZ-^#3<9rR`Y(iWTx*oB%~K-@@gHujF zj-S$Wi!^^*mFOq8J%+&~i}D!<&B)XdGy20|C-F89Kf6Z z1)mAE@+Yya__+CB70RElPOkqb1;oCV!?OA8oK=R{CR0R^y4DU(28A^49Xh} zx5b;Y=}rf1!VhGs^NK>CZxB%0cvX+=#m0%bTp!_Y*Do?ONeSv;o;`hvjfQNmGIZf5%tlod>*||0NW_BMVBU0L?1XY3B9m?*&1;zdpNhgW3KG z+*~}rI0hGk0nETKod67J`~VOoAcKtUXQAj5KaZvmj9@&b>%b5HHNiRKOZYb4B14;i zdyy1%jHWD4s22@Dl;9|YAo@td9`n`a8RslpDD^Z!qShOxlZ7Ojj51umA{2X6Gu`Q! zn(XGI%xUWLtMfN!SA?{l{CfWK{O0`Znhm?4pA`oUS79r5_V;8cqXb-^p1eFWq`tyt z$Jorn7~T3Y@XS#*B&vCO_2&Hg{MVOf@1LK&IX@LW@(9D^H8}x*Oe~vCk|auoz{iZC zB#VgddiD5oKZrlC&#vAt4`pcxgdz$MFBSvw;_Bkh%lFHJaY86r zWC-QIU6Uo1K|iD$>Ea562(q~KeC^TX&Hx`4k_aYT5YG(l=U{*Z2+Bw5D-UJ*LgEcw zk*1><;u+52*j{U|Q9_C=FaXzw@2}2Ip1;3%{qld_UtL^qYVPfL70jxk*J41sUsHEf zNI#15$aZm}Z_AW5C8tA)wuUN;I_;`!T7MST|3qVd2t}IiN+nQ@{%7}Sci)Wvwf6s9 z(PQOjq0_1aa%x8vq%D^3LLX%GsBOD23jTt5bxCziA<*(1>&H)lM@y;*Q2QZOl+aMs zPXGz&sp-sLrC)LLe+o3M4cQg$pH@@LvZ-mRWe{vAw~~<;=Nx>+X(jGe1g5Et4dLM%k!4UqmJ-RH|0D_-ZwK)hMDQ z%TC&35E`ljly&R{eoT{?c*Sn+a4%vd3DU0FO>UrCI#YZbI``jVJtQz*K$r2!+P(asDqwS>7xFa1H-=xO=!~+W+kBt@*!|JR1K;r?kcBj}+c_!Tj-_ zJdE`xhS@X<;A?*jx8z?1=VjlS(*n8-o}!Rxc%UP0gSej%H6sjoK8{|mXWj1U81#5a zoqJ*M@)67^G#^MISMl3%!^{0_2y;yxrJR!6KhZS2DGJ%m9Pg49;*0YZm7rCImyFK{ zWo1rW+W3`tqd8bO%lAu+OoECLiLi9;APg7pTAD>;sa`dDW*~mai?)Y$c_e@W2Nkr= zDez^R^5NWKKa~Zm&kCa|CR!VEbGg^8HKa9*S4Ul-qpe>4fL5|~vhSX;%ii{)$C zSkL9HsA~e3tmKNZtqK6-_M0j3Yph-0TBn_>ylkaAmwCH=YUY(E7e~nq^7DjDmU{u( zxH|T(EObfWkbPs#KK-ItPbmdx<2F>6ZM)u(Yq*RePr)WNch}z*o=8NnoY#(WKo$l-gF#`SQ5cPld*B-8xoC$1gCEm43ZguwMysUb;693DtrqRg z4Lw!-3<8{!0)dYqW~LnySfsWXZc!sQ_|YGyG29|6Z-yq!l-LJ1r&zW`f2*xR9%()ysW_G4dERi}U897?eV8B`SuPrit zSI-jiKRd49)Te=~v;Ww$;(s3=9<2R;R`Q7aZ^97mS06_~duiZ=_-w9~MXcxP5ipm~ zZnxT4La&kXrO{s!<&hsp|As~|YId*VVEp;^r66CAb_Tt-U24Na}bxr z5+;Qe%&K8aPDHsB20g{#P!abSx2tiwLTa*91FB`7DOj0(QrL4V4jDnUvK7WA zMIDdV@H${~!$m?bbN-`S*ysYF`uyMN@9voPpZoi3 z`_I)pn*RTiPH9_5K7sXpDF1m^+BW;3aEZ*Xsz%~y3KNL22Rw2_Mf^8erTHY)%|IxC z8^abv)2awn%P>m=kKep^TtWl_8j4<*X3dCIL z4x5-naDv6nL$%1v8pH}^gs%S<*l+RQ7TZ+}WVvIlgrW||0^MU6%w^=EwpaX76TfgH zQkhmw0c+?VZ>f7516;-~MhdrBQnK`dqNrrJ)l0 z=?eXqdnHg{%En&E`iHLt0&4yR!J94qs4)5|7VnoY^zbmue_Wk&+RCifScZ*HVJE{0 z{2Z1*^sYvB$yW2u+k-qvuTgOKHT%Ghh-Es#Abc(SS8P?b1pW?M(3GLNiN+93oJJLu zXv&T1X_USM*P3I{5VuSQ5(p$)WF#y4{Yd%AqDO79l_pn7%M^d9oM$d(=$JWwK8G+p zMd{2PP_yL36fjKI!5#kvr!WA8llc^8_gR!fcF2nR<6K)g@|cyc8Md!rHiQL);SA@Bc{iD4r70I4Fi;fgm)%K?IeRYqYUB^ibKMOPl5nqtiIyS7u8ajMJN=1 zJA$tW{+A-5nenj89GS|i=$V=?#l=0)m>3rW0ih#0Hi(g*AMSgki#hxM;l5`jI&029 zKLbA(9JJ4GpH!w|`i?Qw1uBghYvab1FI-zNGKHaHNQ4)?7`UD}UmdWsOxI0tVjy+^ zN?06MTGXrMr!`i}vHIARuIz@R1gU5)P@|UlnN%@*U{oO{x z;9GHm{tG{g>;H-{|X`N9*{nD|s~b?MlYnX@zr>E9AT2+LYe3tq3e) z9hv-?$%+*v%Q-E*jASi}*KRJV_+ACfb!yKQGHL3#11?6kz=HFV8T>GTILF6N00`2_ zF^{J$po!1DAe}JNq%j<$Y*t#1eFo|UmQpN^#!*hsCHCw1iLMJWOY&wJPkZTO93?~0 z-(r?9%)W;%yC~lRW9U=Mqe(*R7WZhPTRnH;{L1!aca}pz8MI0)RuLVmLV|84gub}^ zQ$`PKnUF2qrEi_4v5vK69U&=>h;qhC6o0D3Ziz1I-n2>^G*Y(+he%dOe@7R@kJjHd@u__d5J3d|iA=S3%^Iez%sumfR( z)c}k>VuqOr0G9f>Zpi2)PPmaY%V{A8QAeUA!=h#TAgn={kvz{dQ{vyzQS{DEt9hk| zPP1d&(51rt#$hAB#eWr63@F@oSe&TpO=?%+b_A)mny>6a>1_&j`+8{GQ;!s;eks{y zO(cH05Xo9KI8Hij}+^w24f(wC!aYBNvYcute_`6$LS@G~_F zD_`YowLC}3k2&DsaB(n#;UtEjPmVI|v_~4|T+uP@fWEkmq5jt_Q|R(pL6ya5P}PcQ za0IbzVAjpfXKtnku@d?-M_}yd!3g*u_46ENE!iV3!j8^ygv(mIr0fsdw+kN8Q@0(X zCOkO!buv=UwH@2GolI=o znb@}NWMUf=+nLyQGD#-3ZQJap@85sD?}x50-D~w)Rn^sJpR@OMY(J=P&o9-j!&d5; zb}j`q>6IwL6YoLY5D;GoLAnF$v9|&C&w#g??Ty^)ogKe2K)}X-t#!p*h5NM6PyX-H zroFW#+yGe;nkCMiJpJu%ucy(j)AX6d-uJp`Cj8DYh)LFzp1~oPMT|#ICQ~8Ve(&TV z(yeu;RdBxCAN6m#v7b48r!PqVsx*}eP_OfQ_)lL(3Gtl?-xSjR5QN8O3vKjn_OAIi zeA#>;&n?4)tW3NHszy_NrXa^mf(y#=NGypm;ffOS;4)J=P#UCf>r9*WFS zyb*^mW???4k;RAneuM@z*1=T(jw|B0qgw+|nj`FT}B)yclu}bqZ-?f{Q zf&v+HHNyX1|ZmNZ6MzuK%}d{0nQ$Ux;iQPa+(v+7q1 zN6pT0Q~UQ0!j_>wyizehXkCE$ppWqSW#zdK_yC#G79pyAI|NJOF2-!#&|=*gZV6l} z*IenyD%6+ z(VoV}J7~H19B`(zf1 zV5sWKy4dKXKAKFjtM|+r1u4_T_%bQ)j*^GECaA{^?-bo-Nvb|GF)QGL2|YO$bB~it zJ1W9GsVG%f6iFvUf?FdG6a${Xs>d|pv!I#@^y?PMd(;Yj89 zQ%12n{bKE0Xf2YmlDn=s4WtjIsoHD1DPG(GQLr;R!BNRBg}L+`aJf3<9c_PXj<+Q)YAZ}HiZHk zI6?OQ5vqQVgBch<>>0~MKl?*)tEVf)!4A|xaZ!X+8jjK3Zu%KFN$&v z!Zu|zu>7#5k2l&H3CA$Q{H<=l)92H}%ZjC@xKbQxc4zsBkP8Om^flOnG^H*d@rq zbHDxX5>`lVRaNFw<=b-RAj=@LE;1O^Yb93u;`W~Q&Vq5rs!l_Y{PGTZP&DMJl0_{$r$mT}JV>b@8T7rwH4zhwe8)4*LUl`yijw`RAy z?CmCn|Mi3+*hqtCTt1Evnq8@THdt1$WI>phZ^4nu&j`wY;@AN@jUgHJ5-0Z8-${~D zlh^0DgBY5Vh1qK=hwU0F8#Vb*GyBiPJd-2JDui#T0`7N)o*qc@fSHh%uTdK!0e~Y* z>6IQK9Y|lyglLVBy&-aCv7vO9X=H;?Xu7}Pec%Zulemle7R^ehzfxgka|YHW?W{uY zA0taO6kfq>pV_J`bX~_rX^N`Wtj3j5#jX09BA?dPogy5c{*O3lh7J*?ITS+*OYLyh z8GigL5WP|!lM~|*wa!0J?gphQNu-=h$%DM3ZEGcW9OOPathx>g(x480ya7Tp`zL)a z&W7k>%V1bZ))E|F{A#m|` zlsrxu`mx(V$!El)t;ai^FC>hjyB%Z0ES)x4nrCF|DpB1UR<5+=NqZ00h2hE`Zm}JQ z-yGJ>1jwp}X04~IuE||k&2)6IJgCJ7^`JwtxhXFOE`LGj;T&e=?d83yqCf54e(vt= z;WBJ&Up_R3t&muS5Qa+;{6JBl9GQ~)dVHSx*Mop zvXMDYe1mU@$tH==-G;@?<0NtA=c69K1P!+gpC=v8@3n@}n4POw;9QZ6K#QWxG&rNn zNCV?FB&hKi2^X9s0@2G@UETH6<{4WG@+TMct=mkDOfNDuwX1Fq8(W+<62!6H z5rb`~I^(~Qk^bXVv%+bohErFY52r+ZPcoNSzdPgfj@8>N4SN$1H8p#=a02mjR{&^QA)WCh&oh}9H}XL zv3)F_!O&dr>W2AkE(+w5Q%DMXX`qY(gY5t>cji2ca%5y&Cy~&^Gy2|{bt<cHV~|bxc8C+K@9F}O z=3VaGrPdjFQyuCj#~AHDtsOPU)`25=%qm1sb&2W zobJYW8AU{&@3dReRDL$|)CuUudXNPaJEtL4EeC6IUd0&<+?DGCf~`Np%Sl@EsSp6w zJwjE&R>y@)4nzCgk#jb=7^$rqoctMWMH|_%U*!&@rJ#o-C2MJ_IN~8Re`GN`SOUF) zmA?B}FcxuEi$Nn@CKCiy4L5E>T^XCuCgr0Q%c>$VWFp~6m;4p-78NH(qZtT!B3zOo`HLjf zFRp0-4XaDKn~-Tpr9PP@F&r)~Eiq>L*GiI+LyzeFf3PsYI3ge8;8%GOl(w2~znG>R z=i-V%5iCRyy7;5!pM76Zq2B$R;=WdPpSzgAMO>UY){bO?2uIa%G;e`iVc^;JG*< zl8KP}*Z=K4G^L32U3-a4R`$30Abkruy?=nh&58GVIbet(H~pLVQu{H$GC%?7ytaDG zm){DR1ynw!?aYxDl+FHn6)U*JDEOHwM+6E1RSYOmh?KI{%XW@%;b>4MLsW6@WRCjL}{uDu8QtnNy{a6X_J%T zIf=lPO;cVhq_ob@r6!*<@A*xL_Cf}!UgKMc^{J09qRaN%kuu>LKwsui1EG}zt=9SG zXAO2=z`=N1hym(yxw0M@K9ln(6iT~BBZDH+{UsP#yz3B3g_B1OFrlJgl$r&e!vHU< zV}Rhgklq3ym7l+4HBNSI0ELRVxZ%ie@H2ez745(`g{281V^;=>CDNt;M?3Rv2!b&J z746hs8{$x;gwOBA_VA2K`YKI^YN8hthSwP@5b;Ng(hP?)%k@mfF9xz5_X(g(NOppM z8`P-O4Mb$cF+qN;HA3)1@GYbC_R6+!!YhPzT@gQZNCtE4JOI7PI;dG1t{@g}F{Wm~ zhwNGA?+ z%($JCMzSN(!OAOYULSm@E=!OcSKrJWD~a=s*PTI)n@~=lZMj=F)Rj95$r~&5cr?C6jF2?B&ClSc6mj2I8;0nVVNV} zv3X52;h{iXnudxSR=PG(Y_@7lpOWu1y7==3wgjo4!Q#TU60}H=Oc6$;C>)2=+_an7 z5KBIRYPsO`u}f{%T2;eoPBw@J_x{BU?X*h@e@rq>`Z&tv3Xz8xne45-vh24e+1mlhwwtAa!w0-5X7RVkUJuEe5^#3YHN}Rf7HW0 zdyI=A)!8h;OY&tTSlLm9LEkU&CCav6$w=usEcgk=W9&OuGQ4({bL{BixeT@|Xw%xu z25H^rGVIS0O6^QU;5ujQ@kYt{znK(c|6GWBY0i@n6MQRl@4_a$WhYOLH2WEdSm+-! zP5j1X+X4l#DKoj7{wd2ak9I+umj_}*1yKKeU3umTdK&yYohiTHOx8dzS3s!GAMi2! zg!nP}clUqZDDf~>Kj@EfJ0t(k#|p{QvXGghD<(t#!Q9)b`%?+)fX5^n?Po*G8LiW1JMxM-_fOaXzim`_=L&`R&7uP@ewh zNLKIw4Cu`zIRce;3c|pHA*l9N`^trPbN@zLK{kk^7%?Vtw=eYfgU}dG0fS{^ZZCg8 z!2QY8jbhCp;43r%oA%@Wb81bMSLKpJTax9L^PjH)tN1S*)=1S9qgOXm)j|%lwL%%B zPMpgi{aeK&bo@q=_~tecH>pN=vr_NlljhUC;nXLdxa7iLb9;S7pkDCZh(Sfrd4iDJ zN5dD`L|)K>0Up18c{|^Kem=oFNhCs`LWP3KO*Q9#gsw}#;ta8jTM&7@>>SFG>6Vd? zda@Y?yFEu+#3EN0(!X^TPuVS-B1LWQ+`zua#N`_qD!h$%n$2YrteDx~dJ2H_u6Ls@; z@CtcH2=-`}?|mlC7&5M4?nO~JPO8$t}7qT|Xx!uCn}Jmj1bcpbWK z>@KxELhTOL=T(qRchh|Lv9CN%7j+fzZHZ6fe0_rcxkF$P$t|;HACm}EGnNw?s;-Nk zjER;Uv%&OK6Z{cPr= z2qvl_1JZ`fVqV7p_VsneQP#;hqG4_6C479xaVwU** zv>r&r6!c@=G&uXQcBlHaEN@U%pIuHtI3C0HU6GdY>-{fXwDc1uk@;eIOhJfmhz!Al z@C_UqB+1lg);5~5uF0GJL#jEqU2lXf1@5f#*B zxF$l_XE>S#VMX!VksMbSHXl1-ZvwOSD%wlnQ7`aGp zNQ${sBkTJ5DRBc~0#Mk5?-Y+ZO zl$yBI05@8183X^wY*_%sH~1~c{-TG^aj&;g5Aqy_#ld& zoeS9L2TcCiyXVg~a|T+c>78F854>VUU)f`sNhy$He=p!81w?9_Ij5^`=JXp*)dKp` zHQ*noYY^t={%Vf7WFQX-ohX zS0^e!oZvbMTuL*vOo+-Sp6JXl|H!ozfZLIcaET5mF)%BDacsTdMEl(Fk4OSv7I%0& z83#*Q1l5DT58CSqE<;;O2&#wlTzO8V97pj#pdY z2C~VZ#HBu%L`U}Lc$q80iM2?q< z$31Rw0cKTV={lXs1joV(?A}fii!#?^H-sWuduL3gH(_7v*TC)xMRY!{wJm(TV$cbX zQeAp|)-aU%KAhTw<|61OCe~tN5RI@Zn992;JfF)EtuU+<$#QitMA#`*If=%Pu6l2K zITz)EyIv-`7OO-oxKC>_EsEoEM01w4K}1WIvB532#xYoi4z1$|jxm#RuX}ZGpWM*Y z(D~*etM$(=PL<1Sf+|SIEFIJ7HFk!XtPAK@8ywdo5CGEZeX4-m9RO!oTj0Ym8*p=5 z?|2WiAN6nmfH#HiAt3X&I^@R<%s?x_OWmtVDl4Ew-uJQ(&VIX!7*ZE}zp~D)nPu)z z``$({o@ju82iz8reB6tYj1sDUyeZ4%mMmAtzErkz4|kH z_;vLKH(b?Rpy?-l^Kcb*|0;JyPN#S$DsqLWPNaGp2*Y57t?;YT%#3c8Qm>4M)`lei zSy4s}??{__Yij)Ry~^jP|hI=Ma7{M%HmHcmdEo8muT5y^pg z)mDx^A#=4Q*3V;08v4{nuUpff(-*IwD&&llo_dpW?gWta6vl?2yP0xA6>Z(trQ5DW zqUAvi;Mg+!;D-eXq}+YLBE%~>IRr7BB*P3>{@x2{zv$H1Kh@AII3I(S`zU@6rnY_@ z&<#KA`r*VkHh^-pdxiX(JId?KLNl}_uOtmP4W>!;c9t74RFMAEuR_2o1DI{&&wc~` zlmogxpna*nc6jvui?f){1LRn1YG(aAg^B35PX4vYKXBcX^h_$ngZ;hi;XHsjfk;?H z$Gtfdl5o3H)cAG|#xrHrKT~&S$*HfBcxx;;rj?2sJn%#Rb=jYApexjVpv(wkDkr7t zR?JQ41uNPpK}ka5*dQkLtuT$m32W>uNi)bYEH1+T(nLBrwyt)~y98!qp$!$qU`zKG zq_lBPgWV}77$Sveqg(ibcC~q7)+6@LEwt|>bqs5xUKum$Z0Vb3$aa^smwVyP*1Q-L zN73oKDP2n(9QcLAYphWV7$e?4?94E4b1(1M`R}jXd(W}eR}JQmf{0IGBK97AWDLu z7YrLFq>$J9G+;sZ!8dDTm62e5QF@x1TI!&IjN;wL|Ep!q&*zjkDasJ|Q)V9eAW zSmc6rkeBy&bqMrgLTsIHor&Mp*>2vLvyx%o*&w0QI2q516%}6ZM$s_yDagsK5t1@H{ zQ;=U3m#jo0|G69hQz7CBUR2E@lp>R4U0pP18T9kQJmMqNcX1Go}*JUzMH&i|2s2hA>|V@vdr?SFg-uojJ&kRf3Ec)WT6 zZ4olx><|9l>4F9(u3omUud@J#!$Yq=vPPr+>u4K})yW18(&rieWkin%=Hp;={nUZu zFxAnO;Ox$}WDsgk^dB8k;(^?C=ej4mTsrEMoaT43jvlB5DC>-g-#MoGa zbf=e)XahU+%0xx$s~~9c+W-L|P@r~RC0?4c-`}a zWc=Em+ihZgc~g%b1H8g&1ur?kZ87x`0_6NXObVDPB?<9DTlieSi8B_AP9}{k=97LA zoZxzhLPl{s*XjjfM`yPc^F>Ul01CYDPgA)cWIzR-6ksK>y8HX)GW|Iz{tKwVC_hbM z%fKD{5RhMDJR)%Zcs3btw|UF#6YUMIW7S`s?C#P8<%Zw48Gqh zwt(|1AtdCQ*Zhx*hX9Tl*=Yb}ioYUA@Sub+`gqajgfHIcW{iP&A?Jiq3rN zsK%sLJ?Hv++c`duYL__80Zf{RK5Aq-=Snxd==dp8w^#w|{_g#3Q<#*F*PzHL-u9)K zVb^&8%cLJG0x+?~ElAtC%=#Sg6+)=`&BwiNxB*O-8H0t1lAlRL=Zow{h#UPwC0WeB z3NE!1{X2hlMjv5$TZM$Iq}`_r0m7YXVQH6uT8Z`wdj?NJV=;LTB1#KC_hpdqz%1F; zyKRU33wgcL{23tUgTr(K=RxsCToj`}tk=mmDCLZhoS8&7=6g%EH)2uG zI*cV?r@tryd5QSzN{c@+EFjm*n^S+Y`weYt6bn3~2fz$nU&%XOX05s0$-*Pqj0ARc zv0%4gE^K``#M<`_SQ@`O;!38thO|5j`H_Dw7yz7d0j?a#$mIL&(A5@jsu%|4%vMKg z^=b2za2y&FjRa6c)&ZfccsZdu)>r`^!p`O(WEKc&KGp@Nc+%Pq27eKw%;fPUs1u8v z@=U8*9qo6B#Y<4}x_)Q+EAgyi{kBdl`C+hWeij2R6mCiN99=RlCPPalOwH1AILr(! z7(*bQO2ba@`}iFdQFx}>D&wEcmX|D|rZ+p;7y3nH{IYgzVHEy2g^i3fRniwOTSYgX zK5B6EV)JE-9u}JxgG5t%1-DgcHY`^W>FP(D64QA7R|o`-T1@d?LegJ^~GYjOd}@HJ*O*4ch&faPI{+mNhmks z9a(o-t)Q<0F7;iDm>+1Yw#s>?V+oJZ=8!>W^6glwy2{)L9c!>$CD;^WzAra>iS~DB zs4@~V1Fx~^_m-9v#Rn6LUo%k)5yAugP8s;PKN{QGVHP+^{)0_15Ew1Y+$Xh07-LqY zb$N#Aez?;8+4jIN3DCuB2)hBi`+9u$ef7A1uB7shw{RV#taaOnn<9Cv6jG}@rk|S! zAyAP{<}mctSsT8=PUBtD?(o{O4f5nsz66kCI$Z&i-z+x)&(F&*0DAB7XQ4i;eBX;I z-gONRKZfSO_i)R)6<@zK%e}AsNUue?9l+)FP1fDcOTxP?0BGT!dT!0JQ!tdEfXT~` z0NCkfQf@4WqO2A3+(S<<$bK*bESi`k3m@TjSN9FS`pm`>Jc60PU zTsatD8$L`EY{aB3D>%uZO+#Is+BFvk1r!;rTd38Cv>K<25*|gbQ!cXgTP4Ve4K18d z{2&Y-8!mWsQhcy%itvpClf6b-XwebG0@0j&rqv!ui5Aa0RoN_A|;9KwUn=Rg0+Q;d) z!tTXy+vVSt*0f7YYBqRJJ&)-Y#8`p=)hi-X+K)OQf8}8J)QAw^PN@j~QO8;Lu5$2f zYe0|EB=~?7ZR!wFcp{)&L-IZD+kLKW0cbM=EbXw}09Kw2>3u7&`gFG6W7hp?)mL7i zuLR+50?Hb#F+h5Me%}yle*}0s{+Bm)`XbJho786o!NWQ4D}D9@-`WnJJ)T=$@1|Ov zWrTuQvX=G`CyyQsPMEk;?dM25mwK8GO;G~miJb+J${UP(An?JwKZ!g3W4|-*1VQGh2bZv8n?)^pEXe+`b@~cG}R>O^hl@=WZI@&n${63ciY0Kq4Rv!`LWC;Ai77;vI zhA^`j`T&^I5J%xlx73<`>}SX1uc=-R?&}s`wDq3-yu&gW!Pl869F|XPmZ+(AA7i~9_UGp&H+Ne`My7< z|I6_rm!8$VR<~k&i>M4AI}-38RvkCX`eR4*YZvxh{BM{!nhTbzacIdZ4-k{K}6p!OrKy{w+(BW+mvqK*|*H z-yfXrBw8?9s-Up#--5`-sOqB`%IG?xMhi@UP)O`ajMu(Y@m4MvK+0`Y)RX>&i%9>U z`6^UCAid~TYO~r=#{|Qts>P}N7((4RQYG+9=S3%GHo!q+>Grui?VI@7QyvK9X>RK) z15|mjzX#A!d1#w3Y5prNy_7{>r#fI4-5kE^qrse+%@~Q@tX3-gcO_{HXSgqcW>X=5 zE{W9C0HZI+MJIbSjKYEjftyx)xgPSI?$2eiIL>lu&Md(_uFR=waQv+V>ckUuAcr9Z z3h$|cA$J6=!8>D##p*4n>LTADmX0;zjYFy7{JyL&V!+FRXLvuaI2hJg<_G1C6~|Yt zjdZG&XD)DyOQDQ5NCExP>U!KA`M&1Vu<3x81~E=XQyJ6F6^`@!?fC&Ue|G<%Y9Ak7 zflWxuy>vA&22umDbFN@y4g{)+Bzz*F8sf=_-stYpAFl{wGK7>z0tkYsSnTAlgsb;v zabPdN?F^fU{S*A}TC_OzzqWHd2HLM`ia(Oz!_xE!RN5&s?PG6u1Y(wI_Lc~k1h8V_ zA${<=nV{n!)5=(sVj#cI5^#(l$d3J;1;HhcAuyVFS9L07$mc7n zobrGdb7cu<$OlZ!dcB<;1ZF7`$(Kp&QT;(GN?_)fE3=gfq}bXp_pSmt%t%^d+PT>DKAW#z9hb!l8IKubFtA|^xQ3X zWfW0XWp}s9rkT-fNh>P<9BxM~X^tGHmBH_S&gRVQVoYW3$_u70Q$hz_L;DUPcB&ye zJ0@M<9#9aP)<@``WT>ysz&;`4=heGJI90{RU_YHjZADmW(X~E{uQv_d_?t%@Pf$C24 zeg%w6zP{4l{saOzjGuK=P-&G~AWXz=#=kjFIO^Dx!d#H?sWKEhJod(t82E{0^=art z9we!4XRl*jypfAW6MecSq`?e)vX@l zTQ*6E#h~M_0J-=3TFYbmN{`}s^%69iE`Iq`+ftL_+wI2`(xjVLtABmN!p^(Z*rSrW zrqKMh3=upr2MZU0J;&rQBQzl-#BZ=(T`xZgrAr$uHNu&e6K!G6;7hL?$O*ZAEMWS( z3QScL%!P7~NXDBk^%F31GDocUN2VPUVJbVTi;<<_)${{s?6aF0nI378biUP%V)5<& za8c@s-9>$SU!H~z5zb%!JWyy~_QRebyC*i~Z7{dzTb%Wm- zh%Xc0<&7dI9=+&h<*p^b{>5>DAb}3uPpo+jV$7TY>}%SjW&k(h4|l6hvelM(_dHufDVoJxCfy1 zWabgD15{KwZ*aCXhiT;gBgPwO@`%U2nnp z6z}A)>7Wl%6Zuri)m=8Y^REf!D_t40);MwC*V=1BSNvNrE2zpCk1xs;RnBYS z)~52FvCggToVl5I**r>k;S7BwHp^8Ae=rBKl_$y+Z;&Uu{eDr#$O3bLZiYZ!K(_a; z0Vk>Uyt?HJots=#r^GapHMn4gYE&4w(km>^l>lT*Eeh~W?ZEJ9Z|HiQN%N$~wAh(DTR=iFqd<`Ys2cREZ z&mzm|=di!(z)_Y9h94|PDsj=h{uX5a#+K^U7qcR7lpf%KBU5mQ>&yCY%tyf#*j~kg zvO<8}8OT~II;lf;K#iUnQsdr@#LA#f^^2#2LG`G*;7{TZR87gkS~7-9af2KM>er3@ESF8i1urNi zFc^ENpaHSPmb$+@YNEMIyOYHS+L)~YU|cyed$6M{Mq%389+MFuKaE9U@u|5HnU6@{ zUTwj;%PS)~NBtZ)wy)+9!$O(mBC#(Ld+%Zj3l zCGpt$Dkw3D9&tphqAU=)t*Yu#m_iicxUwZ0qFS+fHC0C{A>PrG*o681j2uO4O-gJF z?>Rxe#bnBl59$Lf?8~}oTYudz`)&AXIZwRpmFC5;Ql&CIz>4_mhGy3(qP8~rtn|-kAYK2vEj}^B^xTfU&ZJ;BcuV*a_JrH==!=YSB%uxq|PVfFW?3#u? z(BS%v>RF3!SahOf!zP^-rZRF<2K8@jnMxwXil9&Te2ltHX^sg5=ipb^l%wlFtE_B^cN27;;}4l)*{wUy;+WU3h7y z7|cu~&k#euU_xaLJm&^)Uwf=WBOgLFF8pmToIu&~l7$6Ws@Br@ z@&ED@C3Lh$8W$j!j{^?Gm)Ex1DO!7-ONoOBQrrsHC$9buO#$4I7^fL=L&5Ib}QBD zsJMb9;oz6bL?8J1WfpMajgvoEHb9705tPtgbq4bE<8P9`{OT8kDrMfQ+&_&Q<~dzc zz3;)}MhEtGcnL>&`fx=v^87MhoqrHCZUW?skU1dfT}ki}24_6neS)~}%TWp_@`7a0 z{4#{G$U!x?C^(14IQD7B@9AZU@GbK32QuvJV}fu7KUMm580m@lazFR8KsP^R;%UKg zDM@dw)97v=RO=UZwy3MAMe=VYe^X2qSz`>5BJBJYy*Z1E-2;_q(x32uF>yoYG?jkO z!N1{a4vY79*^d1r*u_P<*CNO>n^cxOe)NYxMiygFv72mk zsZ#Ei&ke@Pby=^|*Zpwa-b4K#5s>JXF_}K}UK5q*!<)G>enNL4O!Cf0A^GBbV(`wl z3YEPAIEqyCqOG)ax$&3O_ca9| zrid2n+p4$KDz|gw^_N;$Fh@}bp0XjXg?SkLaSU>^fXoH_K%*t;mm?PGc)+mWNL>fH zlLY?L9dY%i;YXM4*NrTZK45|xYc|t<7=2ZTK0yQY@>FKyB`65Qo)@|;0N?6KGJObM zKFbH2iI}?HJ*8Rp!nFU5K@`9yeMCPp&%q2*@c`J`XxbMdxV{GdSJM&2eH%7JVe%BD zQGBhldN-TxoJwp^7|K9VQY`6I5;r2St!78;+J4Q_R>`Nb36*M2MU*x&<4NmYP`UL9 zOm5-@t~kN5DK0>K9!uR(_$D6m`#3VZ^`<`ZBc)fJFvrcs{;SNhSp(~~72SaTow3&8 zreJ?arTuDRX4dr+`*8E9iuFdR+uXjV7!+2xM&xL@ddP_A?5yH8jeQm%oX-G(q`*(UOKkt_%I{fQot1FyV%+VbYWPEM2Khf*`Hy1|KAtuS? z18r{ZL3u&l@={31`9I!VrAIV8NGfy&6m51+#R1BTKR!|GJ9{xio+}i| zP%A6;HCX}`a0`2G6~Q`1%tyKL`Y}JaPv*_J9d}|nZfglktXO4U=)V@=?4u~^Fy)3q zZq~XN1tl>pjpP#+bwL}}E|~{F>LD}jubSV8l3IR+J|eIj$;fB!KaoFqjVrDO1SX?Z z%#G{RnkyN9y^_?vbsy!2z4j&L4@@9HCRT_!okOcL80CHjw6Aa-^j%;7$Ieja=LJYn zVcljzy4a*!fa(MDX)Zz6+s)H3omtv``!v*el0H;im8mkNo9f5291M9THWfr1VVdq< zsc8T_%Qdn`p@=nZSu3&(>`dZ*xeN(*3K&^YP03fC_W+~y|CqZ60oBKIrvL?(hQMhC zBUSj(L1-h=VpGj`SC3z3I0A()>)B`O44(b{n+o;25k zS&&p?rmYCk zI@A%(vg}{FTBPlRA^c+uB(lls-)k1zOo~?i`Srl zq(e8xqB!sFo-;{tl4TKNiRsKadx7C@Pm}4-?97vzA8wPUG)I8cpH8W=D6~=d- z(!m#@@^ma1;lBK1}&>X5aDXZ); zk0L8?xGh2yF52syz0zRw>-x<1Ia^(0M{~)NFRGW33@7DpYQ5t$Rwg#o2A*|ztLXI> z{n-L9+2A`%-tb``#;_H4*H5<7h;o_%?_(*M_#j;ZAn9vujgS2)pey3y11N~HJ~ag! zCSpP;6Nwv~wAPDTC5DAFBU2-z&8vieGpbb+u{!+fI>pGrKs>VGHNX9L8_i~4UY&TZ z1<#vXiF(wCcL6$F3P18adco%vfZ&k_g4cC31M%S<3Y`>yKV)hhn{e>&=w8s4@ z;zfXGoPc^xG#LSR$pnw~c0|>BxyhzBmQ6{5Q=hrYU}=B z#?(epm)5~s{F`d0{$A5bkQheGxPpb|Zy_fSpAC|}))FiXo^3nVyKiZy^9y^r?66#D zOc}1pIkaIgFDtyaG`>5}fOti6=_Uy-T>>&<%vAw#G-o9?(4b^opk*w*4b+^@DC*CjQ;P9zj%>T5*MJNA&BkiM@U z#9`fMr;)(~4k+Vl`$G4cekNbT`=yv>p^xeLlV9q&Opx->-r3SzrQ`nt(Tp}LjTt1R zFX`dlg5S$9-09jcu2IV+BP zKa~fpcHfGUtgjGBCF1jVd4H-FE0`1UtsB}sp4KE1YvQk^$U6o>azvo-Jr#-PUlV|4 zjjz&6Ew^^4lr4F5)&0X&Cxj|E5FO|^er<1`r=ctSOxZe!qSH7OoRS|mu#{66m?>&y zcJh(KtB>mm^-HMQYAjJbR^oTpsKfb-f@Dyr6i23QrSb}>j zAKjq*3plZ3SRZGe&+%(ZObi4a9}yJ5-}zp+ASNXIT385w9^xytFBW@L(K)_!{(o$p zRZtymu(fe_cXtTx?i$>k;K4n(TX2Wq4hilAcXxNU;O^}C`RY{tbuLcT-0hm0eK9p} zcdymYVqCWl6J>=zCs?Rd`?Oa}#2^Ft_r3Op<|GCZLAA#8jRCD>O-4W zv5^ZM!FRP{ffME_(YPVK`j^9*V+HH6`rdhZiv9sXd~E3g}=35elS7tKHk7} zZ2B*k+s?JQ9#~C(*Iitvp0=t!ry?wwpNd6<7skowv^t zGjlK$CqSGKNLBpB7jTSd>q}U)Gev?x9tw?yT~@0#!$skCMmjLylf(P4P_vCw)`0}jI$Whq z0&`bcH^wL)Ps{J01G`uN6LXDuUE6u|Z3VBpkkP)u-waPWxo+^@e&=MHo6(wH$kRR+ z`QVB`a)udPK5I#Ij>q-Tc$GEK4uGmI3g|au9lOIKb#%1)e9JEH{{=c)t=AYEcdhz$ zbr$(tR>U2(DcP5OD#jXhkMl?C4dYq3H6Tyik6ZjXZD8@mqJLiPS_Wt~Y~jh6i^;9t zI(je{O+IRv<^5k=j2YxvSJ{O(^s_y35*UZS>K(iP@g!H! z5Kk{}@@cg9dAqJPyG1&*`tF>RB#dJt<{zH)AS~(}b2-WziPEm5#YbRQo7q4YtiMy? zz!7xY@`MlvuU`*lcAXaFX;lja+=KqvgTpMHKv;ARa$`^M3>QP<93pz6s?rDy;&6Y^ z=?N@Vx_a?#nLXm#N&|bQFo#3CS0h*Hv%Gtt(No&tfor=H1k;`QH5juG-aLzEk={+_ zQQ(5)eEkJ@T)xTEy0w1K!*bO-1Q;enNC^RLH;bxQeXWPGlld-@Lu0?=r9U}MHphgX zX?#E!OJCAwf{gzsl+U>~4yY^qbl44sHv53ITPp>d@48RMjPKuR&7yYqXnxE44M9hu zR~VcfnY2K2O}Fm!Wx zRQy8HqyS%UlP`+mDCoILl1*}zB!0L+OuL}{n z1NExmZtaSuC`BR|JLXTxQp7X-9lb@VT*^-&%veDW7LJe|-u)h#Gd-O(;=7EAtzLbN z)N%18b=&V`0@_sc$(;U2LAC|X%>tU5iNoJ}i<}tp*)g8xkCj=$TYh2H*!NArpkqIh zLcpr1WFSC zTd&*S01dGRG*I63e#te^kNNa|{Cw@{_aA(45ODNwHDCr%VYOf8o9=}4oXXpD%{M-}mJC?qnKfmiB`+y`l?JsM!+tCcb%dl_eOU>f_us=y3 zV3CpyyAAO12?||b0+pYH)jQr7;3be*8)_k3?RBm=@N#6|5h{)7QH-K1?xj|A0#>f= z6%Qect#I%R2aoOREOj9?$u1s_b-^{drocD~T|rxG98KN-zfP?&l0LE-8{mL9Z(z8JC~n#ED_;rs26V_EZG5~SpA$*oDf;JsPy_VvAIe!eFtgEAj3<<@%$7*upTDL zunA?laRQcL>?9XT`jcH;bo1|<9NZoOFNCt%*si82Ew*M&3!ahwA?Q8Vt2eO>eg!2Sp!oN78dG3ISFWtEnv)dM$KUJU#qwi6+ z8lpL=e|-5B-(m;(;;|??o?GkAw)msGtVStpCV#kTO0h{9#jcP?>L@JAUp?D!f?R1= zg;!8`8Ok-XjqeGsXS= zku2!l9HcNWcnmpQHjOsQn3;I4zklGUo=6x!g8hr6cH(Y6BvC`onylE%HjF;=Z3d8;wk z7Xv2a@W}exj2Cg;?{4r8aMM=Z21Lyoj0>$V)Sg#8zl?}nC&BvrZh)Vip3H%$f zE?#o(DM&qG#Ud7<{^Mr!2Jp!`LD4*sk`sy z@ij;0jk^K*fm!1ABSwl{uSM?!^_SQl5!2!t~dfi zBDX9oHufTa>t$j4G*pL;Nu<3wn-SYT-!>ekt8|T=henW3aBcz~>+B;n1n;nNoziV4jq7F&GY# z3azkQ#X;9Y_uKBsAg`Q6oIT(RNceJo2$)9cd?SsJp|u5lI?Znbx-1=1>a6*MMNO;d z-{w)n@5W1Yc!)c!Pr*`<9IxnG$DD$sSkZ`mW$2w=ophe)-F$_D&coO#_47h-oXL^+ z&NLq#Z`NyF<=XQ-qw!~szVk#jftlggAV+5h#XINP>yfb37u$(vJ^BjNT}R9w9~XKS zBgm|q*v=PMq-zIU(Lbj#R_jD^Muq<3DS@MT0!y=ROB?$W05f{lp^P2iU-cmaRf}h7 zpkXVxeqIX#i=bPY#-m>#BbT&WFI@dcEVu3RBT$it$PBOLe)la_?vjj;d4h(^O)T?Y z3^w>0(^+T-E%1Y-A+o{bpQ{E7+}e3SS(yXqc>d$#;pKCl%XZT(0nO@22S0fWKCzuc z4ap_PPg}&p1KF;yhJ2EQtw($bEIt)Ccx)B!o?Q{uR2=u^{Tb6SF_MsN{$lxn&?OT% zS-wc=r5MfU`x^^p37^%H^pQ-#8U9e4p_$gVJSW3np3a5y4~l|6(4+f1TeK5~Os@B8gc{D8pV_mIT%*&o@cX#nwKu>EJtAi)C~|2I1N`u@56 zk99q?VKntPot(9K72vrn#4mfR^u$i!tk?IO5JmF*oB}zy6tktPMWB?`_}NAVxta@? zpX}KS;jU!!_}TT>Vpm2P3xKQb=A#F;{tWyi1rF~`>;e5zO7;5Rtt{i;KG+#%Ao2Y7 zKZK#X_7A)MxIJ6ufwrW4pFi|Ot>MlLSS$HgP<#{8k8;PSyWCVEwMlJ1Y(?pw{{+ve zFTi!^K_Ris(`orqVcY1%QQhic7C)7;{#urDU|p}c8q%Wci+~HlY(>_=3yLOezpjcD z0BMq&Qg_QBd^31gq@IrH;#^(I0-`DBI)AXr)gt9OsaCZS=+5*3@sHC6AHey}XG+dz z8L1rN+Ad!q5^~fm$yark7Dl#>L4&QfoN`y$6{n>; zeS}%KZsSL9W~!CAGcURE#~@qPWYgXzyi=E_rWNO3TuQYqBrrKN8REX584pr1$gKlq z_zY--CWX*#Q38`Xf?~dd(i9@Dvbygv?!O-90bLDX9NsVuIKG)J@B#UBbO+Qf0a`b_ zw|n6!d-vZk#3$mXcRRFgU4(Qx`}{^Pe`QH!Z>y*!WE5LVCOcYj%RAkzuImDnr) zy}#}%kXaoQi8&j=q^tQMOW&y#h860h32yZwIcXC00Oi=(D_i8U{yzDEZcvmrAPg6ZihA zeoR;>na%Vd{faSgd}U07_=jOg@$3b2xz->g9AT{nr^0@05j9V~Ll8Q#(-6%} ztP4|{n>a3tTR~_MzY6Fwt_xh8j5L?VyZ_siwwXIGhgbl-1D}Co+bx8f?xZDoS47Tg z-~pq1oZBNIt)7*Z)H!XV3i^xJ^r66FxOa{IJLH5*mocWrpP;mom>@u6_>}1z!SbKj zC;^MV!3)e{_gPj$kh4t$<#e7k1{t8ry2kJ2$Q61N;Y<~6ZILxqS&TpaSZ3Sj-9E-- z?47TfD3}(8@qk&5incVXHR#i9%shB5xBYWpIw@?NQ@Zw~a8T~~x?*XlP_>vGo~mnP zIVZJ{GOuZ?Z4q)j;H^;q+)xhMJ_f7R1w>Xv_=Rt8MJg}4E4-LK0(4;m)nffu;7yjl zfPr1oh~9mB>Dph-jlWG=1h6CiA>G_-!W?aw-#u3)^F6TV)IrQvWWhIT?(Am_;gG?sGE$b+o}-%DR_yCsQqc7!)q%dG6kqBctPvm)gV=NVrv8qFR@b zC3KQWfOihlWUmSYpssfKG(N=#<(T1V0~p~#S`a!da-?)^of#CEfeT(oEoQ0}tKSvX z14jroCTR{PiQ);Smcg62EA?#_Hw?q)c32f`CQ*Xu(KhB+j9RpqG|JNO@fHWhi06z# z{*XWDrz*X17Z%XtL^WIuhW%OA6pHt@nuW?vmM~nht=%v$*Fb(Wr0x~-v6*;GoON*o zPs3?~HGr}Utb3EYgg7N!AO zNLjlRYqbn|R`HLjjMlRPHTVr z!TaM&@R!e29;-K{_p73heRt6EqTtj^K&2w*I9ji>#g%RyX`np>76{C*nE+;QycUA{ zfbsXq$IZU<%f2Am$wi{)#_f^_1G0OyvC7%22%pMy!5MGIvL{|nb{^!4!oN?`AE*|^|HC{Ig+Npih4C!^TWOw)MQi9Wr zO(yfdp9k))h9v^INY~JCJYjEIBZsXNZYQKq3_u+Y)W3 z^4WYdAaH#yA_Gfn-1cFm8@1@-t^3A%+wH*3bST*j^O#;ry6|N7m#|lH5zUdz)5g{) z3LhhBE$KJPCjwU6n)9|2GZ5xj3UejB4;)yVzI_ZpVhfk^U?bQ?!ad@y4FgCo^4i{k zo#+4QwEF?aLox`VsPUb*se$LYmCgu|*%d+#jJ*f)!#a*x9>a0w8|xUtZa{z{`$F>- z<2rl(!}crR=D*+RSzprOpj!fz1Y7`ZkKRk#*U4w|guzSw^%2>r;|n#(Cb7!EH3tD3 zHv~Z`bDHc*nA0nLtYjwm&C>zOo$YN+F!9UzLm59W?GGdazbbc@Te8u&_Fk5ceQ+w*j6=q1jeh2_UFH^!-D)u}&A%foe69B403&$KGf zLKt-!aB#(HnEQyXN$q<4w8l>Zwx8fbz?C|_=#xir4@SCFVjaL2)oq~6iu-19aUK0e zl%u_{RlaVENYiaPKSr9L@2Q7B5hmR5@H{14ziEGW{&+gX`W3Z@l&oJjxE_M&_3=IK zi8rmDSe5F}^(w3otLKW1r_MSme+nW`rxr@rj@9?uZoT?kh#5;jL_pBx5ZLWq12rTK zCjyK1Z-)$Ei|5Z2Tws_V7Qex469HU|mvPqsgL)(*exN&CePJ2^uAlE0?f~OqKzCBT zA9$e?j)O{=mFqIWHwo9)T~c)<%Su@_*v}bNX+&$Nhf}kPt-$~EF&X7mdX!n_AY+<( z3H`<~z64avRKK(n(MNyN6;VhAexuJ+f#FgTs z9iLG2C=ks{(@<$k@~j1Pa~y+)cmK_T_(9|HBnqI4Z+_X4l?c!5reZvSubk-W_8kz3 z1rO< znDQ<~8O5UKb6qTb)9oH8t9fUE3o~ncLK$K+J;#>gmqf5m20o`fyQ830Jy6X7I@0k` zghJQYU;+eNDQe==iy#T!{JyI!MAq~^^J!SbOMSKXA91#?>QtAvs0(>Vhh9Y%JVNm= zqbOiIn@DcaX=-Ed`HrEPEQEz4)=w#MwfgfTuTJ8&#GBQR$>{Bb;wV?Ea+ju@tR$!=gO-QtsVIIU)J&FX;crW^l8|{d;A05h z+y1Uv)2w$eRq>%c%$^Zi;VtMR0g1DAOUm0;sxLL5*01Dd;OWX|-xGmhnTYClkxdc( zw}8q6wgaGwNR4a=>r-`!IDe&X3=&WkW^~VAT~S#N>2m3o`eCht_?U};G~!?*73YI{p7-_xfr9|CXBN8H4UVThFZMb=HUWY&IaVz~bVmnE^{-yp!?@D2)S~-8mLT3Z7aYT{u8OF_v zGj{Aczz_CVj;((JFC1vU6u{P<;lD_J5gL1Ssm9z})@*V;5a<xvcRyTLRBL6-|C7C{qw=@|LFW@J!Xw(~78?ihOTZ=N{s3g;x zf?;b8H|rG9J@~Bnjg3H0AN}(UnA4z^fX1ay6kp0K;4<~7K z09=+xe(c^}BrWX-G7GP+WerQ^H60hO{ZOrPX&Y&RV^)tW+o?*6%5ytn3IbS|0B9~K zHhH~;?+{;Z0rTx-!0PQS!uG$Vdp;uBd4)+V<6vx7PD6;a9vJ2(D#Uz)B#v+l5UrGM zaB=KOI8_LVbgxrHS|!JdlJs3`ffzl@>Ww|lB>$re#<|O=V79y>#KzE`dw#=RoAj{2v79zdKrn)U5Am6T0aGL_( z*ZXr#SE-oB39f%ND}>m48~k^TW9T~7=DKdKb5gdoKTzeYUn=vJv)tL<)lN;!$I|G` zaOp2?mEXP&H?sQ6q>mp%B|9-^ zpOK;#N;?*cDuXT|OR>M!llI^oTT?@G1^gjG%Ga)c8*E9k;5ztTUN`Wt?}Yol zKi?L6#E!75MLrn2Px-cFk`R26#!)gdj&;ltVDhgg8a&Q%4!FKCk?Hz(KV`2pF(y_k z0)|I|cbt;}D$G^xe8nJui^^zy)ZhE9^fb0@F+FZUhvRk;B-)vLx;F7z=Iwn6SVAj3 zZT0Gkxk#1~Crff&0VpU+N~qZ%+c&+dYoPWd8HY1jEz!!Ut(Tq4+u6arY9h$)By#I* zyqjNabhOeM_>9~y(fAcQXM3K$Ptl+*><*i3u$r}F4op=_GcZ?a3=8PCLm+8Pp zIXT5-?)hqWky5aS{mUXOqdK3g_5Bo`Nr6+0=PL%Oe-_=4U$60T zHEt}D!`@cy_I2%lueFoqei#yLZc?MI;jJzWMeB+Ma+!#Nm(!?$AN=ZzRAKY)F=$Gl zNDS^%k|h^}mNZ3REU1sj?Gtc)?3fhNUML*H|B)yR8qjW05qps5er=SwWS3lpIxcKi z*DS`I=~uh!sn&=)?{415*bKPoczc&RggYaGy@Afr7eQfA^hkV4zs7~5j_;^c|x&{=i)2_ z-g3#kQ69(B*(P?;$|%_8{??6POz>8>l%=y;;kXnA$eH56nBW?KJ|5zir`nHk)31zx z>%GaWier{+p=$Dp*%GZ@ikkNpH=%tb zvM=g>-dJk4!2HYjB?Yh&h~9(-o}}$Fy-OIb-ZJ8&z=VvPBmEl0B&0{(3L9)N6Q_@Y z_6@1B`nj55J%COgr`m1^X$JL)A zKNm!Igu^N(XiJBSC1>%#M%}P6=S^hEJ|f4CS9c}(_cNfe7ek9LoDirLil z#$pE&*|cb5JASy@{Nt9oLTc?meRQA(Q)jb&>F>V~tz*s9=67}>S{j`n8Fs&^G&fjRvx;5H2n4niFmy!I(b-M zo;J=ygw|w5+a)qWyA|=H7_o93Iw9GoAS0~XM}_zM5y631W`YYLm$`Wb73We=@k^?g zG|&-xU}HbW*#|vnQ}Djo0Y~dT#Z`p@J-^7A4)Z*I;I9F0JLOGF{@`%@v5^e_7j#^{ zS!p2$22l@dVNF-HsfeW}bxpXc>`eRxpBpHF9W4OIDnn64jpdZEg_Jl}Jj8f(hMy8h zMG8}?ZYgiqDw(vuhQ(85|A1FgKgNKFDD`;{6cTG9cJgrbj@?3k6{cndPi!!b{7Te? zmh~e3Xsjy!V&ujO-m(&a8n3kR957r~W($0J*V2IaR>HEW_JD;31FvbfMzAdPBE2)8 zPpjzmIi=sq_lUhwdU{zV%@=DmtiKoX9OPd!M2bTC8+t(|0Zt}F<%lT;_C2c^6f|CO z8%s`1lS&F@VT_tn{pxuyZ_sZ0+XdpV-&W~S6ZzhnbBLL&`J2aI8ls}PYq#O$T_soZ z@2ly^WsUG$cGtF=YYznMdT8fVBCxyL5?}AIuvrx&lm-ayvm&Y*yQNtm!CMtkVOr8K z<5q7JFp^L4=|-v|v%z58mt*uI^kVFsva1riX6F}%Iwb|3{XQiK9PAs(;HDy-mzg}S zY{lqB-Juw&Mw1YBwRi$a?)X%zG=;G-ixAv7vn!l+hm#c!)+6=>XeP9}SCfaFWPEyv z=~4;FoUUVx#>JFC-Q#aYbLutIq9&|9-{iy8zKhzfJV9+7A-WZ0t=yIO=I8~6R8wa zeCrNA8ROPJEyUU%El8F|KY*GUMuSdDGq!w6YW#X&;i-`WBBs<=S=f1hVR-a1TMv&_ zQOs*S0($C~r{+?VNMe9#3q9Mj4?IjmUr_^li_M(a{6Y!!nf*KWYiKfP3{aQ=>OC_G~A-DEF4e)jvMHlcIH_IMqs4+LlT&+qpwIo+0 zDBsC7#xo4syJ9(b1*Zqn9w???s9L)0yg5dU(J!tf9M7g@t&m1r5i;r_diVzD(RQ-~Gd#G-M-N+RgWU^?>#!40*5(IPG(QBD#% zn4!#(>odXEoQM+X5aLTk({USUU5QFW8gS+#_!$KU!*^=tr^d$i1k2Uhnu1Iga(s%U=yqjKKbu+)l6IIy2Y7`9BRx6D(_MrFf&ad~U6?<#LksM{>u?r71bT!-gjWv~mpHMBM(|DXgMr9DmW>yChGz7k)VN+M1%f4fO|4uFNFtp=X{ ztpPq#@!tSkhR&7z6IQRW1mB<5vrl+nv!-Z~P+gAS zCwoWts#(!I7dG6hc%v2z@0XCWLi*nmD2ASTs^Pm~R4dqEjXyI?%D;s!Z*%@U^^o4Z zo@muvhks#5N~?6F*QWmJ)vIp$9$&0 zA#K+I!V`WkB6;}aplK1-JLYIG5)0@|77xte!D4@J>J>rl zXfnZ@Bs^fsf)U;|Q9WY{qV55&Ck;|ijW0dv*=5;!?&1)hL_4{RF!**w{fj zC9MAeu_E+QUEG_hTcAp|GiE$wJ(P;rdh@)Fi>&z;PeuH-v6DN?Jha+63O?dKPf1O~ zPzN!3`pydt(B>i;1C*cQm)`+QA;afxf}`AbW92wBU>PmeFVG*`1XS~9F1B(zu`n63F71Z*d=ntX1LLkXShXa_Qi zO-V8J?0xM!IT3pom$@FMO`LEasVmt#vv2g4zez*k?RR-CHd{k*l+T>J( z+7u(MnQ!GyR|;ziqrW_Zr8Q(>N+p*Y;iak93zLjmk>d{Hxur$94A@u{lH#Pri#s*; zQ+}f+!@(4_B77VcKc+@ep7Sq$^F4g5&xIWgkhh$q1#Z7L0WWXeAOA`Iqw^L3ZTR2g zOJ$|lgs(WpMB{mO_I((DxYs z%$b}gp2HEQ=D{17C7PC|_SxoyYnb8AiiLDp?jVDL^M{hYo3<#%o>Yv^jQbd(MBTK| z>d4B&_u~&iSqVYgC#z ze;^rg?oVa~^a)GOVjx1w9Hc+ztYIOAiF=Q2hY~iOE!Qc82!GLylSO{txpEP5is5M` ziiV`lSJLZ<7BO-x|C{Il{Nn>ELhmYGHhYZ2f<&G zjC}8mctUc4qnA(ab6>-|x!3FCTge%)yw$q!YGW_0np9y!YJ#XSh`ss&@={oB=>X3fJk$)t3Cp>Z{1k`jrUe7I@n#%dVX{4 zW{fwkIw)p1i43+UWkUn6!g(!xBbgy9o!!CC_ zrnFR!ZBZmbfxGTt3q0m<)ZoFQ^Q>Klp8uv85zNBZL+^K=W4aasM6rA6mODC)-a!v~ zf>Gb^h8G!&WccZpuV3|_5R@anS5z;JRR<2oSKvZ>0K+DDQ1iRV?QW;0ufls4TkG#lDdzpmnhDS0Z~iVz%RW1jN? zTlEp>@9K^*)MXFm^~>qZPiduZCzzx;$7K!r`m@0%;tSCMQ6}dX89AD=_0vEpH-Fd- z@*W!VG#V3#W4QPI$A_i{VpI~j6!qH1T;8e?K}NuY>TVY4e02QVf~!)<)1fL0M1!61+Mgm7ryECBHpOo!9>_@bdXz&))@h}E zcB*T-+z%;^WALZztYiPwAu!099I!2u12PwQOe4F$|K3Z=6n({(El>OCaM=qn8 z_9!iM-O*2Kqt;DWX&vD`gETA|`|D_=p2(T{v-~XB>a4S*8OAuhw=tF~cyTA%E||K| z`@UJCw?Edtu18{MqiMnXSFvaZZd=_TopY}Wf6`BI48IRa{5~YioGO87whp^1x3GBh znyqt33&(jsdm#{W0e4>_48S z>*1`p1{xh;f7Q{dVWW@B(FN14N4_9`iiNTwKy%U#YCwL+ZQGeH# zb@&r@0)sW|-fxl0{M(m8Q&DhDW~yKBufZ~@rZROIl`rOG49jZfF@I4kjjI}I&=zlk zUTxbeV#ik9-}s;>26Zs#^1nvwoC}z6soD^t%)w_n%o1DUwyy3CP)2RPZEERX9xtnrd%jr-!}r=1-qdM zPd-;Bh4n^VVy-cl3%VY>SSsr;+cyPgfUAd#TWvE?v-f=i>CY_50#b7mOC>#}N3i>6 zlaxv-;;^tF*dp}(YzOhWedlRgEV0Z)rK$eN;8oY{W0+oAm%OPfVhG^pzugldA*q`F zM3lJc0Y@h5v%ayYrvLO<*3w&a-#0j;Ga4AfwSN2rEtP)YQFx&;4hAvX>4uQn=kBIpnZbHAxwSBEkZhL@f?S(oRNZQ5qMq8i)_mHSFwmVr&01B<7x|b-+J6GGx1PkoYU$FRS z@tW!Z^XOSX-qOpD@%Bz)En)rgwOV7FbPho(X2LqghJap#Wg&dJ7g_};xr2$(|2_@D zcI)F`p41CKRLYCa@lfOx!!7MlU@e(YEg`a#Dy zZU@jT*Tt@h$QMsw_SAT$)__m-XcHXL-qnbaJHjEOqsas=5eG4p_^CgO2aUaO{8n$L zbAXBKeu1S?mI>XDD>dMb6XndozMZ!B3Ft}O$ehx-`7xrAg)#G3Kf)@x$3Tw{uMVK# zO(C$-NO^$~kRh(TrtTm~3Xn0>p#$7AjI0?5iKQ9I1-U0S@vP;UJ6FzW25e|`SkbN_ zU~_)|wj&?V!0B$ye^7}GUp>&pXiGe$>}X4s9BYp|oqU^zgRM4hdCJlDKCxc(dZmwC zYmlszMqE{lXb62!72{l zO>PrcyQw9or$NP6m~Zck{AuAnc0*QvRzu=9uCsL1fKT9s*>fw?6%O&>m%!Z~;UOvN z^}Z!&(v(>mdg+JNq}3>V<_22A7gZ6d8M|M_)}El z6@eB#GS@pUKNo+}RVukAwOYXGbNCNku~}4E?u7W)#T|{H!vT`#v@^L;H>s{_L1#=P zjY8cHIqHXp^enQR^EtHa)Zsb}MYIc1WME*`Y!`u5Xd#^Bws>}Uq2nrKkzPaomqKTK zL%mVDRlJJ0d#%ZfAoRFIRKhfbP$6a(;hxq=(fhp?{M>#l3#q5xIumAge(7#4c5alu zXp}e`r9wzoRGYXGkCKWcJeuK?nR4QdVycEu^;aFJT)+4 z29ebmD2pyxM8i>BTMM4{o3}_WL~Nea2QtpzW)b*F$%d{jQ*kd0cBF(+{j3Cs$apMD8P(ETqq&_-Bo|dckHwc6~8GAV|_N2(qG^-lQuN*YG z5wWFWa1kMq=|F|Wfd4MdS9c98HX|mag`+o!kSZ2?zhYe-s+X!OdaBnp+lBprTbKX0qT?4ovy zOePkk^9;Gg8nOn<9p|N^xK5_yRvAN(|NL*~R~gu$TipZd2C_&Et8S5WS4m9J(!Bk4 z!5G(!_z0|6*l1SVCy*#BJ|8qE4w7T%Dt%2y zpf^ohu1nnly}^J1Et!FP5FgS$ubI~en}$j472H%)8Ie~Ej&Mu*A2X#IysPGxUz z7z%7h7=gK9pC|ace7K`RE(+MVs=;qHV!U^Wj5kuz-$uhbH6^xwanpUT#t^e9=1ABV z1SVM@$0t3pfWM1(Z5PmzBtz#tJ*cx)XzE3f&n2W)38}_8jFem{M@{jaqLG`ZUta?+ z6AeIgnM77eDwV+N{!DrbgC^KkV6`|Nd+JzWUHkQNF}4puN*$je z{!)ThAj4t(Bx4&1S*~0sREsvH$-R*N{n`)a7_H1H!{vGNbYtoSPilRAjKtbsq$U1` zcTqlz&RWe!0c#M_d0+nHK?$i|eL9Tzo|FJXp^gwnSJerNb(Jotq4izHOa3#U!&Vz? z?EqN)X$$aeiWm$B=#5ey2JodRXn<9|)VUyw%6c5h`+fM=VtgqmJY`sbirC6iQx>gr zimRoRrkisGgKhrSkIP6lH+aGNgq>m)7gb=ioWsb}>ubu{c}1xF2Y>j`K-c3JKZd@o zjO~T>>e_7IZTJ4_G+><$3`bZwfS&gM$AKt5#`17}JfHpMg#J~!C?BiL*OU?_+**ur#OM{MNz1_*CWTII#vG@UE&n0l-#v7b!QEVb|}+w87YInFd8`jcxWgp z(a}LdAEy+(rTXdumVeLuD(8$j9B%{?qH_ZKkZa0M^(0XaR_1FWuOka#6VFi1;!|^) zn&4l@{8%LvIam<`<8X-g`b_MJf8L>pa_F&MOe{DucM9Ky7-z6Xf_7NZa`s|er3~Ih zOi@q99!K$2hFNxT0Sb>i*jv=TaUf)FOYioWfPZYW&hU@ zEBA%dSb{iH$G&=ZpSy9&KTq5c;K*6=Q7!bg#Tp1Bq9%s zpmADhLX-DXr2MAV_mpa=`LDQVmn}==H?qi%A-QZ<%9j4fzeZQh?N_5ew{PWs`f{hM z15C@+7r#$i!A4Yr0^HiVA3wocl=E8&=3cJ>N=Z(_J^UpBY&phQsok2nOa+7!857ge zs%do4r{Pqc10^S-Kj?K>#<{_Yo1J7jyp1dTbep9I@BOx3 z0k;bM4h=buy}HOp6Ns9)3t zVl_7_)vkZ@d>KhOTrzq%D?9qMPF1Kuq!y6*mn*<89svPPdmDhjnuyS+EwSpLZcjvm zvUP$EO$2YXC%f4$0l9JTyAvkKk40+OHzlO2q_o4uvj9H zpQl2=jflXjL2K78!+yjc>^kPc(`LV73RB7TYH<@8iH9tP0-iF}8TBRkl|6_vG?>L0 zXT7HLeNDozyw@BFFcnD7CgSKq2oF@0tJQE{5W42DyW=3(_1-y`YS^pUz)F0~hn#{v zJ_96Czz6F}j*FdI58Cl5w7v5_u@cL7ddbf*c@`tUZMe(-3&Jct(~SnuCja-{_>V^i z2S=xC`M-+Cx&Oap4InTx9#aQ!tuJc#>Pd2YpQzd}H(iTM^I(r3D9_7|*x`KItTDFG zRMgEspkHZQ; zyZk?O<^R#~@ml_`;&Jc)FIxc!OpQOg1`zD>XR88Km-QcA1*m4(S_kN+1B5BIRsz<~ zvYutg|0di2|L7q950Ca8|Bth?qjmhBl|1GB|0N6lwcWqNt=y&B{H-oK27l|DXYKcD zHreZ~!a5bEzNKnjS#6PRzVY6K>?#8a=nkkF@H3j(AllRaq2Ig?RbBB;>Rpq*IcKWE zre(jri%j>Ap+e<5bo*c3iPxR~#YL(iqi*B<={7u#8cW5qO)pz(9IJnpA^(-%S?vKp z>;C`b$lL#)tmXeo9?$=C$$Eg{llYgh0MzvPvo!&%?i9eBXlollCmTQ=$<{`I^|OR$ z8S-DhtTO_%$^YZSV^{v~@2}7QSMmt){-YW|@C{@*UbYI5Q#^(A-V}wKf}!+@$>GB= z9iXl4AKWpIM5kTgM0*#Cbo5F02z-9)g zXa{VTCAd&mIdRH&hIHTv^BqQ*>f|&@O|!W?j0%594W6FvvKHpd}GH~1ucu-nI zK_%dlE@fOvn=otJLr?inV1nr0JD8?jBY(-KMgH#}?YsG(508)5_di$ih$Z_9;tZgy zp!Ye!Ss`-r$>^s;TC&4>K`rLR0H$eV?XAL^fh>$OTtr~dxjfAC^uDa{S6!@+@GP?a z`B?Pf04?kP_~gu8|3~|WXY2L9ibt&fmjotUT}c6xAuL$OB`;T{t%-|>eDRDGWGa#} zk8q0E4uDL7N&wE3mOi+L)3p5pfIec84alKHsY$t?hRon1u$U1NfUC`VB-r?=lWJ8&kx3&RJQf z1N84;f$rcvxVX6jZ^*3YN~gR=muCJ>DE=pB!l{Tkdoe4B;1aZ7za}~C(3lE^DQ@-M z_ky39H9NGFljJ#ObS4sGe=|$QJ$YE5euq}?&~QS?`+loL*6A{fDVd^Tf@Tc7l8Rxk zhLkedQM~NFf*Bm!vZh~qaUVIecZ&*;6UygdDG7Hr6Z3g6)-qME=9cvH@ zEMHKCbhw+6OnpmqmYS}Lv1dKldkStKWeB906|xnWi(Kag37iNtni>QM7rNS3yrnaA zDVB#qU3(lpzWWkshbua{adyeedB z#$-9IN=ThrjZ+-IpO6_tOK7+P)~RhqQo4jzIheZk-k>pN1)|_}&f6rkPb=k`Agc0! zDsWCKKOl-n_Z&2prw$3wRpb^wr-*R@yg-w40b2wDv)Ys=6CfrD+LalD08ElyzVHn+ z>{AV`S->PA85{7rvTAv(XCC_n5foL8no%g?t%KtaH`ndBaekg)CeVmnOy_wfkNkE! zA~?^pE|_JgU=u=$-lWqN`w~vqYeeos%8UdSa0nR!cMun*(WoFYL|>=bl%SjqID`mn zg3na@TS)&C0&)hTVL^_)g&W;vpaGwLixFEQ(O#G|Sv zNG4S1SBvR94E?Gp%ZOF&vs|B#{q$J>N^jhIXY92*v4J-KuY*H3{_pY8>DvEmC68eh zkr^+I!BxJ`tP;(``_8+KLu;WQAJz=UA z1yx?p5v4dm+h8kG{c4SGD>_vA!fbB)eq5XHIJO)ovxkw{V5A!BawDk@X}{f)SkHj= zB6~95eKL=XPaU9jLq(n(y;c0J4>D1l&iHNwGd4qXSF^~ZJ5hoo6sM3ed%+knvqcg$ zHUCT0BBS(`z(#!?cppGCAwrhR@8SoDY$E874r#)!;$ZD5{^dUl$^R@LFHiqJ*grWs z^7a3<|JO<$U;bzLcsYV!m=`sp2*~LyAET~MFfH=2E5Did=pOv6ApZhz2EGz) zJ(0JGIpRYEMBGp%i0YiAgOW-0Uw54q6lde8>YAh1R6Q>8wEDT}`&i3N=6MQmQD*dp zK*HaV4l-a!Nb2f6`iiy&9Tjwje6MB`6Yah1klY0%CP*VBdkVEs&ru{oc=Ng^VzMP~Hi@OO6iD4VNZbxCinmO>vElx%WJ5B%flMsOC^8Mk zo5?VzXpYHDd`t;>Kg&ThKZro2-MlsjZ%~RLLxVEis4@Sau-zGxO1C|S!8Wkv51|H= zG}<+%W#vD~*?uV&r8cgXsIO$jBF)aT#P3dX+DA1vne<|1l#pPr(m-}$nY(L$kl=8`QF}>`T3Li|9Udt zrFZ8i$47^IB`;BU@bM^7^oGTJQQG-M?|++-0=WooW`wb{FGBy5v2;oj^h}+rJSKuU zp#|T|xi~&y8lm9itOHjIsuz@BlVR*a;qT5J%GC~HcT$+ma>~ke+ag>!H<7DqAeXP= z`Ew-#ECC}&Dk_JJBQT<5`V*X{9*Z_{sJE&NEE9w$PeV+l6zX6*+(^xOn$fg3NoZP$ zK~^M@T$Pbn3z1$Ek)C;xF$p8}LjK@G9?99zLbMXehtN!*T~9N=jT({#rB_T*!c302 zRZfVyRnP>dB5U_LHvPNT3k_8F+UAIMuVoB92w35&@>7!Gg7Ce7JNC5&)$ZzsB(LN< z;N6zol)8d4X>dH-=DsRgDj90}%bzOIbQ?$9_IQJfmOq^}ivE0dTd-!c-9NAY4()tJ zv5r)4UOx)4NEc#xnDwF-=}Ik^3qv1Dv2&SJxD?^N0R%D0%Q$G&EOqUFc4#sY z0pvMC`6aJh&A4qZ*oLg9ZGBsY@PER!@^T3W=SNNMSM(u=S@ODs>=P~!@6xRlh^1j7 z`^-DD^=V#nj=T31+#ot4bPB3)NYYFLY`)6C1kU*wOyLJ{`~gywjf)8%j>D59@5H|o zkDL4P^c2f8x);fYBHoNg_4;PYH6CcBF=$^G=u=cczMt;_97Hipg{oPxtZ3UCj$0&6 zXM)77Q@v6z&4zp$)>@9uYM#;ETZdeZ3Tq~3nlk9V5n-^~98lKKN=kZ3wOhs~#6x~x z2SWMFK8xu8-ksi-eL$Q4-{Ik*qyL|r9Iwy+SMo@weD99;(l!Et``^7b1cCa#K92>; zh7vC>6~Az+cDTgA#gjk1+vJpJe>)UbO7Z?{atH2^R04EVhXi2V0NVjnUWTpYL3P|? zb~H=ShaLW}?vl}I{K4xnlfrUF<;^sEM`LSxqFWV#>J-PSWtb%(pA}rU#u>2F$ByvW z4rNy(G-c7qRWr**wu2~pN+$lW%k|8;ds?Rmwr%&TPG{>dHTtSw7XCH*i4y+>0d5-q zE))!FD;xc_jy9b`-HE>_3K&nOC@Y@xWs9x;_t8SuO2=pMEGYj)9G>m2O)E-+3ET6A;gz;ztv^6PeuC3A+{i`zu>%xd2ls zc@G`_B^0KVHwhbFy!*dba&VV&1-Ohqyo$IVsw%u{H5LT**{~wGfb4=x zj0R#gy>LJf-M_9eLF^7M9u}k?d%ty)cK%gT^J_P-?N*aOFP)ZpTU^TZU<2=Cd8t77 zE_7mExcx6u2DZT#2+S9CK~;qZaj|fYoQu?$;h{#nAuG~ys&9D_REkuRAweI2KiT-~ zC>sofGVxvd9vD%@L(ra5x+~k^fGbU?mQh!#LNfG<-)rqLs>ZRZP-apPBUxUC7^h?i z(*gbH5qe~vPeYUP@ zV79&1+s^shX3pZL{avBE=`j}EjJ7xQKzB=H@r0+=4MjPm{+1B98`cpe(|<6MH3=k- zDq~di-nfS7({FPM>Ncq60t)rDaeL~;LaS@d@?Tx3#iq?^OVy?gDp+8X+B`#-uu%oA zF5BTZCeJOEyi#)v99EZ%NGr*^;45A43HusgCJ&25cFUhNq+bM!jbWxPN>ssi9bfoQ zag4Ia{!icjThjjTaR2z!+y9-cc6)(~Jm@!<5<+%HIZ4zN?!Yyk2GL;F zb2mNa9jj2ADmw5&?Yeb?ZQB6%o`ScppT9l_7fB-10mqPeJ^?kmVH^J{{mz?N>hFge z30796vlImocW;lakM94v&m!_)xdPva^jICVfHwcHqeEBzAD^A9?Y}E|JpV6iaF^o) z=A=`rR|c$t-4p^FT|+IfKe)<)J%wvj1gnstDEOfJx{KKzZE_q7;LzEHEQJ4K=?7L@ zQLybkW=?0ytX<6>>sf^V2htTbN`V&sf4qNo?E3#6?63L%N*=+oa*`zFfDXlgF6{zf zFt=qdFR&nl$M*!wlc6b30$5l~sdIo34!3`3kUSZ73kqTsY~QfBcC8zdfU1{3ce86~ zkPu^7M<@PLV}yjbLNEWsJQ=RzgmgNKdc1R}$2=Mea*K{pIl4@)6}sIu5h=vg`p~O7 z%EAW-YLvFZ0;n^Yof1qzfI24&^j4L&yp$rFijhlneeB~S$3zK~ z+^Pb~p+y9*-D*%DCMeAjWrMPj5`<$ys}<5lKeo4lH|!L_1f&EeLzu!WMigA#Ffbw% zaP=-thdyc4mc!|iIy8GpVDgOu6$P~7J6ufsx~Wm?>c**NPOWF4Ah%+Br4n!2g&ghK zG^(O$PADI0RuBruNc2%mMWN7%fHZ^_fteu3_(sp#z|_;-amv_Oe2a>BBHOT&%G=z> znNgyA%~}`DJ?mB_xPQ0dv>Yv~i6p=q2h2Ls`#e_qu{*X^EM;CuPg`$A1Uwp@6geSc zKLcF%_u3RVTHOoGih@w2X25JZ)RN0*RnP1;Yv>z5wsGodH}7t<@2YY*Z<>I9vCtgU zP4}3FzEgS-J%2LRRcxA%6|^SSSmS-(G?5xkhlVfXEB-E)JVMeWFhoMOEt+|*)wcl%K@IJu-YJt5@1myxLo{2D+n zswzgn18z)gK4yuYpCVw)~a+!-IIv)V&_r}x;p?9HTL4m$isgd%P=McR26kOzadJpu5t42=h&x3O8 z1D0T8UbIxGo#Iwo9>=yhdPBi(@I4L3QHSaaHYnjR!v$ujc0VCt`Fq0dORKJ574U!E z?*zLO=+a&94U&=>+)Yph@V|i({(u-5&c+PH6tW4QW#4^&1xO}Ou!5T2-cuKCLcx~0 z%_DlCk<{Ja2Kq}yxNULAr>>G$htp#l1TQ?Op$;gUE>|`a%h{EkH5RZrl=p?cfAcc9 zyu#ZbzSTGG@v-y0y(jGa2@|5M?6X`B5`?rWbW=iu(8HjEK!bBdS?8-@9fI$LcN{Ra ztq!``$Qn>HR~D}o=~3laMGCoSMtL>fr4Ujj{ewY7!iR1pWr|oLD>Vp})Xk%26%wrM zPkDYV4mCsZIn47G^S!!oV-U&j)bgY1FZ+nCHvUL!L!Be*msIZqzVm@zHKwhR^%v1x z``;02JKpLM^WLGHjTHVjIrT#3(HTS6BtcgC+14`oOb{<&mwo|aUSs$1{rM1Om=!3qqvo5h zJ%1_VW50-QCe(gDQ&mOZcdF@f@s@Q|c%LKVu&w0OBbcT`7{7n6jtI@(zrD{JqQH%X zr+&Ja1CvR{fMU|wJ7uXFP}rrZ!ZhH>^g2uLfta>p$>0&d1p|6w@I9L#JQ;yVOzN7; zg6KE(-5s)Rb&=5WQp2pk+4wSrcp6a47Wb!X(X}5*aSo|uA^)&Y?1=@P!Wt_!Uv^)< z8Y{+q;TU|4Zk`MIX)PlE=@9l(0NUjL>Cu7f|FeIv&i}KLN8bPb=HhZ$5nuV_=&1n6 zD$CaZL~Ii298$3+ap>yI9-Fv!K;|MhWPC%83OPs;>GfY z+8na&pk$Wpaz&GNyzw2MOt0yl9^QW$=V`v?I{HeBY4d4gl3tB~j28AIPLR0ykr2eh zln@%q4uFi!rbt;$!j~DhLcaSd2pNYPHO4uptJHWKVq-Bm-X_H*$NDokS1%<0$*gG0 z`DZ?@_rLeu{NG21$Lst*D|x*5FK_tZE+zVlm?l>6PyfcZEaP1DHflKXRN!U`RPn-4 zhlM;9)3fGcnD}Vi<(3d!R?#`+ive!ofG-l?uHjzH4m{RnZqY_$wbkeHwytiaMheNH zStgCaCK6@q?k>l&_kNzql)k`c5&rMR=xY%LE&Tsz|HQTbo*W(TulfHf9;q1_AqJOa z2X-e(&pn}E{qZftW~4;&2G5t@4 z3s_G4|Ko!LPyahvpZ~1pQHxAo;9rsph?*b06+l(%Q#gX?Dc#K#q>Q7`%NvAMfkP_A zvkEq1$$H(wD%?U;TR!i-%5b6CStv%a>pBwTlgiZ;NZBpQ7DTF3E;ysec~IlRqp%Nw zr%VJhiq)v$4f;j!TAhLAvq0^j^I_ngbx227lc7mTcQ9N)Tkos`DXp`vS9?!6p2F$X zlh3jvTsN+2Q^ZI*M=Uh_LEWv!6Df=*$HTt2W!`-I%Q9C`aXKAWQPxN9>w<@m!mCbR5MrCut*x;754ANP5H{(m7CO8YjT z&Hwx4(AED>_D|RP|4JT9|5qcr+ zGw5blxOGrXu6@ftF9l1l=gwxeKeqx@vXZqPR6UEx|2s4k(Vv!O|2y^M|Ix|u`u^8S z94UZR~GMQ-qY2r4TXN^>0f0dy%ez$UN5Cf*Yag=d1u!Zz%30un%%Ei z#rw-DPkQ-u)1GPvuaBl=H8Lqvv0!oGCvFvY!+^CWaWH<#PYPp@_;rEt+6$)s;$3y@whr!(Xex)jXEjGRd zkwG)uUH&qHR!D8gRRp8wC{M}#6lFy})hIFQEk{xFP`l;I$7q(`qMo=hRgo>?JJ}Jr z=MYUv)*H1%RC`Rs{y~QQQ2LcucqC*lDam>x6jPEt6sa#j!T!vj9{Rt`HMI8*XSm1Z zuMY8F_K%L-_^+p@>->)^d8GXx(Xo#0qB2Tpzdkt&)HgdMicFv|K_F5KJJNFBR5MaM zq-A=({#%N~RO7~qoG>-@w#XD0pbT}b zh_r13m~z@DHUu#qujh!~QCuJgJF7_xRH-cuKvYI_aV)DwYug5S)-kmIqR#^SUu{m7 zcK_qx#EbuObaHsO=KrgB1V>i33&Hm9_0B?U+|;&7?1o~J6%c1&g3>8Kl$IMdB?vGB zGd6>1dJkflfr;>(22dQBalV7Iv6e0(%O1>1o-a3vI1%ko5seJQgi;izrsTM&u)D)) z3Wf;eknvq)K|oZHpWrl&9w=$_?2f>ols0X`rmABYu3(y0TzyL-2L{`weu_t$s0>7c zqWt$9(Sp?f0Ec9b6om)oxP;{CXD?9u^ZyjH zg6+La&>Y9;C1&k=fj0hsbm+!^JUKWyUGx7{JZ-G48fJ^Rsm;2uVh4=fIQg&xHf3Ea z*rKSV_2~+>>nwwQvui6mgM8(h%{DXl=wFr-w&ATRgBeafYHuB6$ zSzUh{$ub_=y#`V4ZUS_>U`j+U+RiF!vV#s&c&qFrc?Gbyaqk&%Yk5-NNC~dAn+@A79s%9?a9rgy)i< z+vH!f%=P0x3-fTw$oO$;Dqtmtj|4N=V{%;I(C*9xR8V$Ui z&11#dEs^0Wp=NkIlXq8(tDe6b3$UHNH?nr+h&w^?dk#4&<0(xb0}zyoP&W^9Pp*3I zkD9bm*@ejHP8VCaM{FrYUGXl*g@Phi5inFKU~sOlO!Z) zbkBRs8Fy#KY66}$Z05>I)-H7(bDo7nTg@UZ$+a0&{MNg)&+=)N|APrir+AzZiWY67 zMgH%fxck3@v$OrR|L;nke*rhJC=ktr^N<{8a5q627|w8-aIT)i_&ppWHrV(V>E*>{ zxm0S|1f?k$r(`IdcSHyTic(nMIRZH>CdPZ1B^&<&GBlP~@3wM^M)(6tBrE>Ewg>Xu zm}H_RM+xMJf)r~ipLvI|G$lY0Y5;B z$&7)k=P%gCAgAP46c-x4=s2S1USaP*roq;4H3@OOm12RH*cCCM!26?Xt+ASKy&0|Xz) z04@M#oVlR5Nbdm?q)C+5s)=Au$s8vrsR2bsBOGIx0*Z3Na6#z(4v1j^Q!)mGD!_vh zdzdl;rtm!iImL5Wpc=SSlE@5ZoRJnpM%Hn$6(ooi33h5A2~IEWVOlgAY}AzJ12iIO zO76I1h#^A^K#F!iGD8XzOhE>V8Gp(9Qv*nw`XK{wL{7uXl^dV1ijCqH0N+x)S z3zVGK0NVxM%(5gEVn%Ai96Lfmf?1xzd+pe1&5AmT;9|0cvuyw~QcMulGpImW!sh^? zz{aAQ?B~v1b*{#Zi%$O!1hqS6{HwG{{~zVniCcH=3=-5F47dd z;YAsEgZKswC4-Is{;&UCL!xyUb@}qfrFCMRdyK z0BZ>ZCWxZpJs5M=&%iyIiBXZHDTtucj^vS?-O4M|2@)I?&(Q{7(2VP;31(6tA)%d0 z&YO{J*I8=nCYv?v1I`Ldp(wbws17p_l2AL+ZG4BTv{PJ&1)bt4XKEXEYlDrA7o!o1 z#d1;i<&9NZ&fgK4(P9E%mf<;~4AL_E!w6GWfP6Mgah%?7l=Bdj{Z+gG0+yqgOA^3A zlpMmH;d1`+sku?k+PevkCwxf&83Ii-YA%o9I8iw#1;7oF{*w={Zq;TrJLMfjRZGCp z%Y<(dC>&FmPd21SJ_m&}Sa1qnjd*jkcJ$0kEz>-`ub8z;Loe9UMm(dOai{mZO(aG| z++RQ}rg-SD*d5Wy=}eHH#uLuL;09Nu5fyrX;wMs*Fln_T5)8o62&Y)^0+bb)vvo1v za8^tR#s5Uf21N{|DWdX2*&Ib93UMX@&zKf?_LSY&;Cvw_ITsg-EPQW+`BW7PKnH=LO;H%gcyV2M&eE6IN^*PL8OoH8-VB>Q2)S~nt`OQ?CeVbWg2 zp|Dp8EX3IIiIUydFCLr)bP5exh(kCl2-g8(E)h4%l_{GunSfnas{v}=iT=Pe1ws+q zP$SC1{FuuK15~-d1=kQHhuOUn65@`~y(#S|NXeK0GOAcQ*JaE#$-tIY_a&+BjXei! z0R|b@XenZRJ}DlPC>^dudYgCRHF*2?7vROey?t^07Tmme^XlsD+ZWHlH$Q=ko12$c zmlxl>d;wlw{J0~^sonW=@Z;+@|1Y?@1vhVA|8VvE#dGlbdgJ1nYdIIU;Odr3_-`(5 zuWkpb%Ii1a?=RlG_~s|@{Ob1d<;B&jTX6C6CHV2;&6|tsw^uK2!Nv7+aQXWB`PJL2 z*Vnf@8!!It=FN-STk!e~xO#Q-^6JI&9dLDh`SSbcSJ&Txtsk%6{{8j$Z^6r}S66Q@ zc%5w%+UsvOUcGp8`S*+Kw-?`By}Ww+(+>Fd>g_d$`0eXA-~!xSym@y|*`8n^Upd3T&F?5>QY)b=f}QRvg!zl!e?msezor%>tzGV^VvLfq7(oQfPwYyY*_&&z!cdb1_9*yMrqA%v=i zZk{y4Wl<=n13!$TrOHyU%VZ!c<^_1+H~n#^DReXJrj`=!32~On@7gny6^`8|HK437 zqg(mIEBW*El7E1uiul!KOV9S_P`M zjBULO({wK=x{Y3Bid?oS#K=t2OxW_?sEP%932&Rgh}Mxgl^uo}2eo0SU6D9sR6jaG zLVl|Jalkpv3KTfMJ$a;#8?d^K$Ldzkf|idfQZAVd-#i19Bd^n{d2xK6PrCx@RO%W|kHm{7r2+zYmypB#1pxNaiH zAFum6fMK%$;emG-DFBUhZg)T#={z9xIf~p@iGQ_DHo? zZ-&333mN!TJk;;7%m8vLFE8l6AeA}tQ^_N64@NIyWd0jdlKZqz`?OF0VfqsQ0RR6x K7A{Btb_oEy6iI>r literal 0 HcmV?d00001 diff --git a/enterprise/prometheus/13.0.18/charts/node-exporter-3.0.38.tgz b/enterprise/prometheus/13.0.18/charts/node-exporter-3.0.38.tgz new file mode 100644 index 0000000000000000000000000000000000000000..a0fa13ddbb48a0f2c1045adc444883ee8893001b GIT binary patch literal 77638 zcmV)gK%~DPiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ%a@;twAUwbM6xg!o8_TPr>Rysgc;m>D+O2I{s*q%Rdi%_$ z07+C8M=XL3fF-MKZ=BcoB6eTyJjoZh61>$#F3WaL@tkR^NFV_u5{b-2A~VJTYN8Jb zCJd3i<0&M}y@#{tFB^PXtyXK$>xq9`tyb~hc5l%BOS{+abcVyhVA%OftKDn0TYmwq zO?IO0NhyQmFRd?bt2nqH7fGvBPsGZ5l|PC$==oR(d*MDO%qNZhoHef zH_F9)$j}6n`$I58jD$Wd7nu+kphNK1fl2rd5gOw75X?IcOcL|6?GD_w6QBge0gC+) z(L<*RVmL#Gz{j&0jvW99N-zzXXl=?^LJ#-$qR=Cd+&5Kw`KBEJ=B9<7+jVss`|J6d|8sLS1Ky`CxRvi)a*o?imE!@8wpf6Z*WrHI>8JWN(UD6vnqr zd@Er!c@3I};wJILxkdMPm;?g9i5WjfcCNuDnBkb?I^=ay51Fa@+y8jccH0BD)olIE znZYn-FpLoq0MQJF(IE)qG5+_`RLI%9CMgoUhEqyPqPkHzvUt8%6sN?Ow4rNFLN-l3 z*T*vpfW{{y2<^=vNUbpACE?u8)ADe&2N(cBxw|la1{FYhu~~{j@gJHieknkKR7uAb0N(AyIS*pyU$5r z*c$}xcE2C=`@_MYJLtCttuBJS&OU;E(CPTSRsaW`aR>R`)^OkJ`5hRbwg(-DA~Fws z(NivN@P7f|y`l0?`?dH)FvC7pl127f$gu|p?Uv)*VR9Q`8029}3E%{x8IG?IQ|$y- z3Gy{`A7|o@2Appl07xd({tZAAG@A)zQn(+UV!~uME2bOZr*UwGD1wh z3cNiDn7^3CZ0|SN{Nt$kzgo?M=FNZnhx?EJz88LIT0$D#bN~C!v!|c-b{ea7cubpo zp6$*)gDJyf`pFC9@r>QfLh66=Cj_U-Cm+Y-a5AQ!0_3Ig-+98sKWvta>8Ei@k!PPQry7zNjQG;$LOEDCRm}VCw1iMSaMo;+6iP$0inzdSTcB$I3+<-5XGxa30o( zVIIYX%!g8A^qxMfEzN_9P3iZAmK>!|=eh3_&}@QJ(X!CH<SAjGR5dR%gaEtC;1^3?rG=^!!cmr1m0ZY_bINXM6OKHLlRXC8`PSae|rm6xJ zXEu>V_SMvgosap*z-6wF!K2LN(L9{~kO zFklKP2to>z1VMrVFeZ3bL2bN@&pEmood!+Q*$i^QDF-&BAi#HVzA*ZbkVEjP004@S zJWG?0|HR&l|J`t(ryNo<5s=*HjnCl43((%lRU2b+2>P?!J2i{N{-HVI8_Xf_NytJU zMx65z1|wb)Cnzo~c}W=GS~lH2U;oMLe+>1_McYC{@?Gn z`dj_)F`kbfn;?vZ>H62A;e9_9J?v2OWe7$D-pC~5!~Y#08Y^vSP(cZ#B!Gzx66jb-b9FzlD? zzn$)O{XfR@1dJeKh{O~y4CK^-#U;Sb_+2jAw zKj}Q)%K&-MzfBV$%!AHzm)<4LbJv5n&U2T|66g8LC&%hNvSyIZpszY|Q}s6qtS2dG1ay zn11k%v|E9k7GtcFJ+ie1r7z^y)d>`gKNAZa13ME06(K>2E<$ENExDF1m02v zUJ)3xL+~q3!3^GmlpDn&vA%hW~08A8M*YqAn6oVPOMIa&J95Pe` zcZP#-tPVdo-{vDO^;V$3S18!6fh1Uc$`O^rk?Yiy=QA|MQH1aK*5E^mD1Zd*f*?hz zCm{hbWGR2i$5R6+K;tk*0mt^=vUYh_{w7EUeMq9v5BY!+f~TPuG87a|{Q7BvmuVbC zVxN)XEbkpAAP8v^!F&FzL=|-y3EA{n81DcWV>U%ZQxHROz-a&zkne9TYWcp#TZKsi z35uBl0`M4&p&v#egN*kK#=#yYHBb_QXIK==w+g&_z@{MyKmrL15e1gzIseQ<97$5a zV`-sPcyJx(cnaeQ0w<6mYh`y@{Z_NpZnoN{gj%q=P`Bwvkay$d)rkh@I6q+`{JzLc zwg)|&G5{mKn@gcU78Ro=gae+Tm}R!)D?Da*oSvK{LXaYP*6OoE5TOZ-ivDEIIcA}c z9EX!-9V>e#h8$o&qhM%6fuHdmnj^9+ zs^*v%xC^5QpgD?J3Zv*AcnHj3fB>AsFoIr$9BCU@pbOm-+=w#BZ6vC~%$s`p^GU zgQNfY&;QF200AQ~Kr={gIjK|wcO9p>$;WXP?m^dx%&44Ty#;|OBFMW36VCc6xW}oO z6^R;#1)g>#kL2u@Ajl91kl?7{9EpQ}$_3RRq;f|>LOhk6H^ypIs%Z0P|DFW6iHS{~iDPdCp z<2alnLLs@={TzpcGLWQR6#CJI!TWfYME4o9Cg}GxB$6#Teo8pwj_!GzNX!afuJS0!E3epHG00ge&`Q#NNafqY$aq%7B+7!QmhAOtb(icPEeG2bIBP-cM(t|3qk<9oG9 zgt7Qx?REr2c!B{QXDpq|GWMFJ;F%WpC93W%odYfb2F1kzf+(ja#bW{`!z_}->EEwU&#%Gg^zzNw_4Vlqc=;$B4yZ-s&?KOCP_U7#Rh}YS%p$B@$cfn6**XJDK zPZyWq2#k&{ug{L(zCOAHqqmo%i>uRJaDH*#JUjpC^6dQ8>6_E@>s{U}=lbmW^{MMP zT0$vrG-8{jROv@jE6fo6U;p|4Q7Ka~Y@}B~n@TniECzF~%1IP+g)n2P*-S5#sCFHt zXY$GCeJXA>$9Rrn(PKQ$Hcbyj_>N2FRbL(FEEdcu3=px_pC$d&k5%(ctJh9h4vgVU z`lgs+?q;3yO{W;v@}a>Nj3P&>Oa%F15+c?4vOdl*my*qDvY7Cp8KqPf4&&G-ki^NN)lQZX5jg%8;6Yxshtck!`JjRY=nK^wJOD;tjj3Q~Z^Dvu&=P@QT7(KTPv=m5j z=O{@iU&9>C`Oy^+cS&7G8Bzd_g;pg1N{2mbht1WIkfi6fQZK~$6AD~uahhR*D$Gt| znI0v{F3`55De`ZntrYuI^A~HFzuh5^h7A4V*~&LGcO2*Wb0K(2H%MhhGFKv%jE6v) zP(~1(0d;sJW!v~3gp{U=?^^DZbc)j`;7BJhs}`4qpkwqQq|7pb^ZlHlKu8y8%vCVHBl5ve2FGL985!%QkmSG& z-U^#2_$|P(AmUm?Q`x5-AjC0sq{1tE(7)B~XGC_-Hzg^4!uY>A&hrY>AZXSch9_JBk?zbEjH04eA71^iIg9zHI z05No3w+iwOc$VGU-QhiW0)7fVI3jicA``x`0_mSV#rPIXF-suxrw#xP0N)y8f37FL z{(nyq6|&eyuK+Ju|NT~fP+b45t^fDqJWs%xG(CJ2cOB_x$I!r`V||RU2cyr{8-07W z>fH%SB78qXG5hRTp9vB-Hfh_gqwdz)ugv}0H!zGVKfHuAtgdnt%wg=K;IrdYeU|r` z3hk>Kfc9H;<>wM(mfeAEf;l81^deNa=%w!69D)Y#F}RYI?K_mY%SR0^Y>h}bgXG>^ zF2b=qQWN6a6v2p1rD#slnC=2RW=QHQcgTBtX2Yib6wP4XH6k;q+(5<%wXU`4M_z9W zLO*{ASr#v&;tI*jqpvXxUc!hYnN(m*7d!pH2&A7YJrWk+(SE9M3PxO(*0<7xpxmgb zUWJx5QM3ZODo|JVIX`frhSe9%hR;V_H%9psi7TW6x{6dJ?Wbl1$WKc5rDaMjKg$p) zABmqZUOXt__XE?29fE^)tF@%8J||IAQzEw04+$bnF4CHh6(3%QH22!N(p&r##uI`l zeHa@!la(KFsjBXtNEBBL;FdGPHUEUqsY~ko$xEW#fFs_twP& z6-8DVso1B#;ZSR*{8+P?1!Pf0P=z8R92B<=8=vDP$Q-YUNp)x=&29KD7KfmeVFD+} z{VE8|Nkl4`nT-#1Up&X6a`(9HFR%ikFbE3bjE@6p>dDPbj2N93nCCpnNnF}%PLR{~ z4$zIS35suaT#`jG6HwE=;h@)Q4g39ENXx7-rwMZ5 z>YS#IZTAhsS*jk$4MTO$DMrnEr1@X8{x=m3Zt?o>4~PBY{hwj0*WRxG$9P1Pmsi5N zqoT(+($>R8oF_793(NU;$g(ofh*O9gv!H?%nZ?P+X(?9KHTYto3G|WpdVO(naR`o$ zLoUTL1hDWkr69oK)Kwh}OIJsb0XPJWhHm002q>5#2BX(6?QQ^uwK^<17zA%*p(DGi zN;S(MF{wK(hNKj%T1aogIGm+35$9GIIK)gi0L;SpT)jI42Q8s6+aZK_OAIGqhA9IH z4vYt=;$PNf7(Y%XqPB62)c3wAgK^M=k+^w@1Kwv2^eBpSAQ)#1qsW8)taItFTz`-SM?9 zIQQ9tf}?lGd%WS{l--S79)|R8is3BG*Jp5IMICLovaqAwLD1=-p0^L%{oXNbO}0D}M=|9tWOd>34uUcWs%5&yp8|NbQI`0s*~qvM;4 zcc+(^XD6qop50AwasK*Oc?mbO(33Q#08(&yadE9X9#X#HUk#37LTwZYS{S`OJE@-a zmF67?0NIQRm~Y=4UH$S!Km~+D&}g+f9V32?a8OUMO8TgQp5Q<(AUT8MA|a|5(s@@e z&5M}R<(rVslm`J2Qeq@7c)>{2poT)|J@r{6f6MiFsV#KQ(lHxj9`B#Kh%77bbKJBOgrZm2FEMIod}PdS&k^^v6n zbZY{2@T~_De|iWSa25=DhKApAX_jGt;xQ&ZmwqRhlXb#bp+I+b04^o+D+U=Fr_mK+ z6nOXA9_$#)@Rg`*m?pysj_~AOzCOk=Wdw?Nqq5r!N9y{Aenb5!3epIXbAbf8*N_m4 ztwRgt>OGOHv-nzYIh@8!P5P1V^IzBa7FoPn-{lH%{E9#yjq*~+prxqqS%7`Ir#%8P z&+?s`xZCCUtBE`zFGXa{kSksW-g_7_yWaZIy336#5v$Y%C75x6z|f8SnX9&X#N@iB zv+*`o3D>QZ8SwdY@ytS{?)mr;JY5EbK{7#1XrP}oWv&`2Jl||>WamHUaBCt^uP|8V zmyW6)Z3J?mauw|luKNom9nBHBmzSK>L82ES=lXvgg16VlxuvbZ+bg>=NdGDedqE)o zY8+NC%tFwA$2#!0wshHjOEb5JP>Am>_OM`aKx{Ni*!@W;g&sTlwX7^liiwgOLl{;R zj5#C`o-B#DUE6?&pN}VWSra6!or@J(AZe_`kswTGhv1D6OBS}tX2}B^WV2);1@5xI0gR@Nl7wdeu1*i;(sEa=|Dm9^2#g>f(YF~5xPu7IO76>xL7I- zMSQ6_;fK=?B1TGd7BfV~&_^`q2xx$I@-rxK<_F>5ljy4K6;c3+L&W~E<^ z-fGw;uCybf3X2>H2nNUmMSlXWr!c-1H&(_XoRGL87RD3s8k_g>5dwK^w$1SGBjI{Zb^4PhPrxybW8{llHb`Mj z83KNl7i+Rx*PsXIxvd~oE33}3WTu?h~N=?M-e%6On*dZr1~y3K{hs5 zzvT5$9Ed2*_V3Ti59`U3N(^2p{kGV)ET+EZ8m?^7ym-pT1`c0n2-c~GEAHLd{R_w9 zC_>h0ntU@E90TTOJVRAO<3E49LP*{MjvOmq7|glH0IYV|n!{i5?IJ<3x^rK+Jti&y3UZjD$hx$suZXF`ElxdI4;D43 zZ;GkK8U9^b=BN~t_*QA>ivXU8ha#_CP{)v*TDVW1JaNST+rz)o(St5AX5c~|#>rw& zo~UN!36XR{Rlvn8NoQxteL;*+Kvh%#liqEW6b1a1uw;aRu@4$4Q2owwv?$qHikw0u zXf#SYzcvH_pgbK-DRT~Fy-~t?X1*0`zrj1)P~+Xrj=#jArJcA)goKmq#C0q~u``KM z#M1a|#q?aNxUqwG-R{6`X*+n!54r=dGaUP4zti>(pf~L9!~Q`J?xWsthz@$F*BJ*x zzXSW7e)nL|?t5Ox-}j;435I>N(A=%P$X4yDE^qqUa@*~!uV?@}gU)`h-)(!HUTc5Q zhb^z$4%+_yez%YI5o+%bI>Unlf4@CwwR@=N_YeGbuhoVgYWw|#ePu9=#E!ITXH5m` zgrVQbdb{5mpfU8vL%-Dzy5peZ??b=q!-GL z4|_oib%x``2MNY&Z`JPd8ckWnbhziX_bv4H5B3LbzccK2dk3w9cFS+=dww_Y`UtiT zI^CXs0QXz4JN7;3@3&inPP?_=^M~!>zK?odYhj0Bl!WohxRs?Xl5Ow1J>Adt&<}<~ z)Zti#`<;WJJ=pgl@_T_d^t`^;@AwFL2i<aD``z}!j^3so@>#TMM^$l)Ry!6K=ytl$8$#GcLm%z;{8pzIjE4t7Yup|5 zI{O{J-R|~#2M3*l{c*qNp$-gCZ_sb;!*+Y%_q>HYy_=wwIRG!K``C6{Sr6O8LCXiEidTz`W>$Y4+fpicz@99jQd?U9HIg2w+Ed;+aDu7u3%vg6HFQB z=f_cq;+6Xvc+EQ)vZk(`_1ofEus!Jd!~O0c7JAl2;{A5WxNZ zpz8&G*KecY!d|PB9u&VDooCS;eOs@0%1O9Hj46i;Df1+gF{A{eqTq_I?j_kT>@HRr;_hs+~d>IvHC-h~=dWbW=o->pZdJKxIW$1REHrcw;aKWWbF; zMw^1<9^9gPK*L!WL89Ym{A~uq_-`7HTRW**Rj5m5NL4Uu`L{KSDy1f?{081Cvw{rj zA+L<8s^FOwx7$N>7YLKeE?0or4qeRnwYZB zq822#GU$)$f?Hw7w}-5Nh17-u#R;z-tgD67ijl;PK5d|Muc znsO_*28_+|ue5&NK`B;fGWaR{fPy#1E=o)26+S9c1db75%{MTH6GVV7kIF?b8&X1x z^es?+i=v3sG7ZevAr&ENGJ7o5VRn^=tNrD6pIVM!9DzYl;Ux0}9E;e?RD_5#W}pnK zHcSx?DM?TqNcbuOp>VD>ZBe~0vzqdwYENFO4x{^wI`W~UbYC+T@rF_kB45$A|>)6h$mtE zp{6K{XcPLvV}dVAwSuGz{Fe{(3NZys-_H(=tHT~uhX53@y+C9qrz$&n9g-BN1^9V* zP0Q;)-+zlY3jdN-*!2@|DS=ZfO%4!Oat<8J5NA28fG40KCdx1|P!aj^liBhK$$fjARa;fCSC)*W4_iO~&)CH?`3DjiamM3{KZMe4H zTUV*T|9HWbpI)<7f+YRlMj=A&viJ-n(oGJ){OsuU@d`1j1c*R+i`ttx zUti-einOyqL@h=HnpU#~Dr>Tc8pb63F8PFd2>5vBiSUIo2CY8x%L43LoCI#0lFzY#S4hZQVL zqPz){(52yoy0`mc>okjs?s0{A?};kt#?p~Aj3=t-UpwP@8%D_#c6MqNE`j7V)GblI z?gS~fdx?_ZHjD%H?H!E5Kzo~t0Hm)jN5_{~qz(D``g)}PygoL6y}nX^y*-id1Sk&k zFst#kB%F=x>J@BFX2*~|&K9O1W6+-pAyKJ?BH7U;8k>tloP&v23p!T0qy=Wc>3wG+ zJ-Ta2!-!?SgffrPLTD1-uOu*2RdC03p}9y@N-?){@i$9gJ?P&Gr9rw1>MW1O zo85|EOHs@+xk6RUs6)b66W_3XA?5TbXJn^-OD|y^ZvzjxPb5Rc!BrqXM6(k7ht;VIY3aQ8_3VV)|;NT>rBo!>^Wg1Kn ztMRcc@U&y$=mPY?Hh8UX?Ph*5@>RCW%D2Cu`$P5TJENo&PRX<2N3$?K(n*Fiif8b{ z+Zft!ojc@BF}^(%PKi+%i0o&z1CZFs3OaHc1qe;DWAa8$6BrRXd>oIWuZ z5cJBK;W%WN?1BUb>TjzPjeIFB=LFVjq&mi0HcixETQOx62MHEe0US+Q!Ue&OL?xUG z<}f-0eM6SiCos|XG3^fpDSwJ%-GTi0?FclQk}D9Un7FNQ^I>vzS1xkvCI4TfY#@T+ zv0(!(gZJgJH+9?;_IdD1;)B;!N&5Q?AnZDrB}Ss?sw` zv|(X@!-P8eufyCOdkBn^rrxu3L7Ajw5^}A=zKsfnfUQf30~A@PaIN|sA~Lzs9a4!) zRAwI2r{X+H+X{#u2c`|7hRr$T`#MKuW8J4B-`p6dvEAkrlAt+;VWgQB|NA07 zC4_T=JQQe%1btuxT2L5Po@-;ph_V^H(1jEQJrSV9*2hr?0>~g`CKoi65fdUWLp)bj zc(0|;rTVO6IV^*wO^h|r)aO;9WxS~lU{+#Pn0|!QK<2D$CX+h2`BE#xMuatI%5Yx? z*(zgs*j|fJjv{Tf$`fF6aih7&-2j82iDN3#6H;T|(MOY3Hky!f9k%{ROGXhhE3v+1 zqaD8+ovY?uaK=_>nu9JjZn-4#Rg~DuoqeLn8{-?RTcMvR%`eym$}etLANcM9b5ttw zC|d4aybXPj&R6q$QxKBO4HE?*KnX#<@K6L+a7NjrWe~d7!0S$kWyxyn%WuZ7HH^nN zGhb9dsS3HI+qeGmBJAyPQ9&dW-@DzXdnAorI#mLmDwpXm^3-f9%pD@Nrf`JTY?$LJ zFQCJeO>epIXhiuZ;E1mRjy)fWJclOQ9v7lxBrj8vGzOvYqb54&3xCY-+*Kdm$_?Vk5ULcWH9ji+LqUjFj(P*hBv)Hl-)}0v;gorN5#R9n zxJd~9aDNkt%Og3AaI9Ji{@5l(jVV2-f`*^b*AlOfWz?lsL~g2&2?|imLKxA-v#rja zg;B2wcMJ@n7s*{cft2215^%IvWcP6%s zw9=_A&XZW&p8$oan$6avPuLj*-l*xbL{bxl^g)xfF`$ z=6(5G${LqSA7bSgw>YtCcN|9Qz7CMLZpYyyn@<@-j^?OsA=EUHRWgtO+x=eLmqP*2$KvKxIX5XHA#8?8&BQ%|DfDtQzH zppiLYH)M`ODi7Wzri8jw7; zQit_qV%ejcO)dhOpD~V+HQqu8tS=39`*Y8oQ{JM@6>RN79XkNgeLIpJmzvBOtled% z!hZtkaVO5}!a0g}bx>{zLazhuQNy`y0;l=Z?HN(Yi=J&D@D9h^lI;@IszOf%ud6nWjp(Be|fFfw+$8q;3(Ymw>}7C zXuH$xv?X#Z&&(2XV&eq326k-CqT0b|Ef=H0nOniBgcG;&4#5F(7rBU3IDVLehk_G_ zpwV@GIBLB(Ou!@y!*b`7mOI6$S+;NH_Sy2e0^h400Q5z%MSFrS^Hnwk1H8N&h)a$# zoxMKQ^NkS{&rmZVNK06lfU!6^5^+m~9B2|qhDh9(bo@A(Jm?I93rHzbIX>cKqFpRF z8m1wqLCI=oIFMEJOH?{6iqn~g2raS1(@ zi$xgGvAjnv3joTvd^@=}?c~55YS&5wQS)ehUW#KMiEvvWb5OA!o$Uxr;hgK;C+yn9GY2ktrD+(D09JPhxi%By<07RKz0F^d$E- zSzdEBD&m+nI{m?`P%CS9Fe<+mjS06YVN?;+(&Eg{UKAm$xz=m`9midLRvy?;>;FKk)xK*rfMk`}JFI@1|Fo5)G z{XH@#F{%_n<19LP-h9nBs+|0}*LK?ndl{@7&e8UsuqkS0FPn=0DJ1IGmd*MS1tHB? z-u;UAWW+VFED~K%IJr@JN2)l1xWgcPs;DMJF-b9INV&Ycy?lLT(vcfYhST54OTNq7 z2%W(=93#q#-o%? z`3m(_M5RWI8&&w?HNHs^Irr4ifhSvMU}0313b}6ueF%A)i;q|6i2vRhFA3FVRue;6v@EFg>k9*G@9YacbQwZ~2K@rBW zbEb?SI&Hun2t`0IMR3Y*!qAM0C!;R12vdl*`Z>?{K7V#Ter$q3rVnT^-<`KzNp`Mi z&b95XO;!A9UQ+~zFZfOu##xDQoCQskMC;mgny)US2~`1pu_hEd5K}zdOGOw46bKZm&S%9AUzq7xj8oUtX#f{|5+T_{G^q?H9F-YlJMz*~ z-3{K}1hEWR=0g#ox#~B(9+#yJAXmj~b*&gCxy^c0`3%2l~q-rQXamL{L`u= zqgy?tbN?L9(60DP1qVBPQH-5gj8&BtF3e(e8LcU1Womo+Lg)kqXjRd?YKG5=C@52q z9*0FP3u#mP02fCmdaXW|u~iGFZr<~d8hK)AETkSCF|3TjLin)S*3_&t@))necLt+K z7kT2$H?ZCeX$$14Go($4l{2J1t};Wq-I^K7Lu%MJsvG&yTfyJ;I94Vl`e(T5>t^<`WXeYz!KIoj2`fo>en8;r#86(a z^+EL1hNrm4%`SL4#Z-XJqsowx`hGT%>Y!ioW_-HmsdsI-``p!`j>jXME+Mh z@-p#%nf%}Bbq7WHzddYi<^RWcr2Jo$8j7dX%C{qoDIyF7>q_vpw8>X^{Q_Y^ZzrwI_(Hmp5y48sUC)J>lWdpu7qnz6#t7`c3XGeNul%o}wo988Y4HZ4O0<`$pXf}nQ z!~gsu;%}&yY5`e9QQ@(FA*581IS82u;xR#XmGcC;?$S4&#vBFBcZMdf0)?E<`}Nt2eX=Z;y=Mgv`FO~|Di`x3*# zik5@5Ed}Mg{13Jr=-+RCIlnkDzpj40x_NVP^7i$qBdrSnoSa|X{Bn9ax;a03b9!}p z`R?@c5HxVy;NLE;`QPJlW6|Vgms|CGJk^(1RpdY6!|=><3E2JXyph2Y>`LL1%d^L4 zCzmx}>D(7zcZ%wLMZYTV*V^7`0d0#<9e zY9-q{|8ldJg8oe`Ud=U4UR*MJh_!1mZndpR->Y2>#eXWeBmU!3!X|DNch<5R>b67Uc9|Nz4`c21Qd{^K|4E= ztC78`$GcSCUMOxKz5tCz`F6pYO2w+;{J&L-^Yeib=nI*#7ov1M1PGK5z5wSH(&JWE z|EjY3N`}hyi@!uMSKlHQy`Zs|}SJnWRtp8qrSoHts_gek!`hSeatpDp`{Mij? zfQD4o(g7R!Ed7l?p&pobdQ2(V6S2I6`=ddXhcT~;{FHf&UG@n_*?g3>)WIhm4 zwtZwp2G>y>M07sgJ0a|el#GB8=!+CZ&il}$c&qrX!_xkZsZ6-eZH({uOzHrEBG6z; zMaHU->U9_hw=0MDK}UntQJ9Z>AE&X5#wvWXA_PT*iZP5*g49A)=QYh&?eO?S+R z%Fox=qnpv?#ovFud3|iXtv^u=)P zxa$Tur^u`RjXqQS!X~mf?WTd#zh7S--5g!M(uk>4T-QTTF(|xg?E2{JwaB+}@-^C3 z@%A%9=Zo%_(_gF5wpF=TSGlz#c+QBjhAVh=yWgMYvcCK;L(*tt-na*jkt=^y95Jlmt*8Jhmqi0o|F$?yIR^d5y1SZkPszEDYX-+z zos_SwWFaDK^++_#IiH!hWej%-t;vbnJgG^z8>Tb?$RI-OqBb51l&B^clLa=eN{hT5 zoKDQDAZe*(EFw^@`v^+W4OlnA&8vE{D>rPfo$}?{>N<4`%T^i-Yf|E(qNYJ(j5ERlM%+Petw#^-IP{mOgxw%%Sg_Eb9!P8(G&XTgm2^w}kr$8_Bw)BD1qtQsJh^ z;k#q)84XBtN|wz^PR_bhYU)?n3*}^phE77Vab%RTpjjv>TRfI&7^{spqdv>M(6mh6^u`f~>E&vj{IgUKR$)4D}T%Nzu~Y`JpbwRTD`6Q z_ZUyz{a=;K^YQQfYBr~3Q(jCb*KE|X6Dtg8wLGgtkc`>nF96$F#LUUJ%Gpm4qs4HA zvdog3zxF|R#f@JpVyFaH7c?*nJ}HVdjFj9cRW0+t%;RdI3Sw!k%aqVXI82j0QO3GH zn577u!K8@DEV1(nxU}vRE<|SrbQwmol8ww9(5Qm&V8mKl!2wIxYcB0E`r zWxYamUIF2Wb!WW};dbY8bX*2ejq&E=(Q<)?>+z}zu7_AdY>PQV26|o8X4G5(WEJEt z(`y#tP9>&XiaJ?tJof18G>1Calq_vz5gmpV9A@ z#!z`8rlkODs#gxtQFB}MX%&Gjiqx@2v<|miX~h^FLO`l){9{$f@JtnJSW5LuDBODv zemeX6o72Npvx|q6rikwCxA*t6bzT~sS$H_OP)XYxBG(pIv-6$}*Z3C2jjGV->rHN@ zBhvRdz4jzMWRlf=hOe|rD(>`rpJ;seDzR)HUj>B*{+|wsOXP`lSx|9LskSUGmoYLg zrf?lG!|LinNh1e-En&md6i!o(8c+*RTW5G&L;qjj{$uEOQ~tl*UitoKue0_4f0XAd z-v6v*bW6Q|O|5^;JD~EYryS2?nUgGxB78R@;XI7c1f6m&qSBn{bEUnQ$cFE8HFIt#)^?S9f*(f(yKK1xVS`%7<7!ka z2`jt3Kly#!pZw9E)#N{s_Gj}Jdv#n zQ2;4`z>88OSfW^+Fp9u2BCM%Wm5LvVAhL9%Q^)`$NTm!99KI}7QhrHTAPPMK$^9}> zQYM?Sh|Y5HAsEZ#AL0-5I#x-1*y#bFq&Wzvgzy)oF1QC9f_ARV|=GS z5WfhP8P9d{nUM|Mb`jOQxv6?AtDQk_sX9uH`gJyLqXTl znt+@qw!=)ciJ*rf89Hy4QuYRs2?EdR!MUnJHkm=_vzNqSvB!!wgeQ*27XFd5ZP9}>&q$6`KC&jE<61iFIuqpPa*vU-2=Be7pTR}T>EFEG zlGunmRDr&dNTP9QQM@D}dkIuu=l??Vt}aI{N3>Rz!k97``-ocM)u?OUT4?PkCqxfp zMj3(X&>@UN7I<1(<3sQuMLB5trG1+TCP@Pr&WrD2L~?afib#EVsgWF-v*tx>y~#m2 zQeB%ta{o37xMa-;WN31qYqYY2-HSA)X@bZ+q$p@8d{Bl7oG7&@nfrM?X|>r`F!aC2 zd`mnRskxtlG95?*$O&YyVY;qrf*nl@7P1OJ?Hl{{_GVr{-$#_b!2zNfiksjP!Qed! z8M=slq}~%maY}rcid;F%K5B4V$(bvNpum$0bF-X5bB2W} z;{*9U$|{Ko%NUj^ksUI~smKBT9u(rW^}i9u(R%9N(){o3L9clKXV~4^{~zU9MgL30 zl>gb)zhW8lu24=cfMV$+d;1O4%1kgUb*V;Z{E9kf*5C`!+NipzMpUD1%898~HnU^> zra0Cw(nbMi!VmEg^-(SMD}B0f*ifx07gU4{>*A}tBW(-O#gQcw52vxOTjSql90`iV z?R5DT5;#K)5hJS1;D;MO3Q^2%d>qGzpwVu%S`Dpe$Z_6qXgBhVrO|FRzKgAH`&2yZ z?f+}1eiYBL{eRdgp8t3HgRTAdQ6AxBeQd5f3IzzLV|o4sMv;t0$&AWY&#SauxR}tH~E^25sGq#CBYTK+Vi zN?1QDHs^U;n{q{4Z(vem%+0{Kb*=_0SlLX4nnO!IlsXau4If5APHh-^ZtN_#_F6sP z;5j(&X~hZd=FV>gDi&LIZ4>hn&9=Fkk=Mf2S2^^49IUNsur1k`mzxLl!Z0=grTyEO z3k1Kj#+&m#RQFzlOBNp<{}56zMMQ*WfI$Eth|wL0I9o6dR1cM{*4zIHj{k|hHN$@_ zKmQ$+_W#actN%aBBX@a%^`D7e(c7x&O+WDk(*Q70HCxRReTa+*kD& zHnOW)nszPoGPm$l)9+vu27>b#L@q*Jao6@B^QU{+-YrM}L+sqLtJ{5hyKg`0zO4-~ z>n+o(1o;o3ci!Fnmd_tnI1>ZFUa#4+;+oL+d8^k(4r2YYffcmDmJ%F1QcF}_N7T(N zo8s&H1T{b-!9hd6l1G#FjL<12;`L6oZ>K%MkH%~CllPj=G$ zG@&kFOe@ap>hrq_6We&B=mSF}hS6Ef5E(-sjc}0b#e*2h*XwUm=-whupFQ7*=j*4! zRXOX|YQ${4*4u(zWQFZP@PP--rtnIzI@$W#DFfEh|74O2x?c9brTX8X)i1?=9BlJ{ zJ|P{no+K(1{!Mr7K)&0{0mh6;wZZRM8#HTmWBMSqf|&y_gUp}4E?sN;F7%j!z@n~!<#pMz9{X52?BnRKkE6SO z*Lv%t>#Rk6wYaGFL7{g=HT7GmsE@9m{z$6n*HKHqp-Nh*j;=(j>Xog5KDPEb_}a?n z_W9<|diuXn?KbKEJ!qBuzq_s0V5|Q>#v}EAGp~Pc13*T;D_Q`ok$eLafN6cRHUIedXfH3MwT09!M_21s&i2H2Vbz}5_~eZJPSmi~|8Ai?39 z+W!jozk0>^|D9fMtN%aBqq0`XdEJEeuW97*bbl&S1_|YVSB9Sz2`j6O04l+dvKXvr z2*?IyDOX?Ro|T>o`Xeaky0cr=e5;y2u4sG?@_L?lJ}_w8@H*4NQ@W~*jKBd8JA3Wg|J6k3F*%( zAz4dVE;D;=fBx(!A!Rl3go^!sgEERZ-!RbE>xTKY!LI!4TDR7c|E8FPf8dzGXoQ2K zlwpyq@=NnS_Ij;S{>Of+wUz%K<5?^JPd5J|fjKl3P@nuKrC~gIaPFUJ0&^x8nIv4t z-dhkLRLF-yCUD1T6v?g7wL$UM8v!&;pa}+OfG!M`I8ESYA|+}-nX37qK#9`?t`ePa zn!pvK66RCPJyWC8eQR(eUd$08VZcQ!J1C=mU5H|@Q2e44$4`G*0ORAAh8~I{yk0>^F;_uO&q`?bKbIuCE36HOa85 zT+D#UcV&g1lwA9lFb*taKC4-JlGk#5pJ1+(N#6t)nA6m3J>|gLYr)zkM5S36U!o)m zeVC7@Z@ssww^b$hp}JD`-m279l@KGLZ{e3~o$rjdB zp*t^CWa>f?@nUd&KS|9S*}%~p5ja6sBNfxf@Jf6Mwl>-x*|MbZCsrgcuPLI()&q)1>#5p;__hMUwzd5P=L6ml24@;cZEjsw-%zcLg3% z=*Ek+VAOLHrzGB~b#Joa=wjv0D~&Y#aLk$Su{xz&*6(MUzQPa9ztTo+yZOWdxrFky zC|NXwmGJO%9DYE-n=l9>bO(vt3L3>}R?Wz?I6oC@Soqp|4$j8F$Ap5As&qTSE+8n0 zc#k>1(KI{q`e0R*t6|ltX76ufBlnE-;G?h0js#f?M1o zt!iy&Q`T3lbJkd3l{!*makT~5@5bty7u&a%*AiyFLH#Q0LY`h4dG`;3 zQ-+9(Vn*)OL3z$zmVL0ji0+U_k)IOOSg#q2E2w5{KJmlkTU{mqi+aVkh1{%FRmuy% zYNdw8n7yb9TkjN8M&B6=g~{5*UuQN~@l)GYo0=r;%A!U-IixHtQ@EPZ6*fbu4cc6_ z!32Yl+xt$n`8c=9Xsc~Rmyec3)>z9`^`UTN3_8z>nrn6U3K+_@ZQ9HuHHS&J3Ug(l zE1U2PXf0nUp}wet+gLYaE=xDz7)YVQYE+!w93#T{=VH~ZEJZ%$J?6L-3$gey(+@Agyv0l(?GkFMg0TLS_S0E1;gIWF4quA5+GXY*{6cO=&THu585> z->L&g)6A$=WqGQslPFVCg@s8Nhbn7Hl*`77-wSwHVpo>3_47&s{uukGv_yw=&IgO2m9FPz;yd|L=B-{-1+>dmI1fQ68b|y;(4? zn@|iF(apEb62EBVixbB$tGP-p`DHMw)5|ZbwJhWO!uo3`p*X><)Ou*$|FR& zb2+adn^=&|>?Q=j1%&f$<-dg^Un~GFt-6W?xD<#lWENRp{;jKq+BUJ8oVIWZzLuEA z1u{PlT|f56Imzt2zBfODV774D>cq7#m%j=k%8x6JZAh|u6ns3wiG*I{1v*#j{S%l)L@iTqUU@mFEGNV+^1~SKI^%?zMRia@6 zk%+R{7kUVOYp837jeisfyapCp0P0jjS`C!yR&xlf`+%TMS2Rs8YW)eTe z3(MgcU{YDnwbr_TQCH;jL&E7oY_&!3f&_|lQi5|>yy?HBH}>U$3XWuU#>G%R>06uG zF4pd>;yJaTgElToy|g~A+Ep9g1N!>_`msfU)hNfRQKp&F$3@h_c~VR*%oU^-0LnX3 zv$jyp%++;wRidh^|3&1q5KU_l(n3fZC!q?G$~0#g)kl@G5~XOVwbYkEo!q}>ESua7 z-s-(9SF$NY#?p4iUv4+F?S{79(6$@ece0^v_p?9oezx)Rp5n9C`A>p_laP{BcnH2s zg9%zG73i}34})RR|F<{jZ0~}~$RBrr7@c$U$0A&3J3Ts<8-L0GMW4e#% zMM86uVM(z2SWXJ)rjM1nHipGcv$47JxLKA{eph{RjuA^UxQ0D5PJAs8s*`&0~%5GbQ0$(%LTGmuuyx);wK{a|pp|=%k!nbkNDpAG1 zgrC-Gl796X*!pMz@K5ZC2^SgG3K4iYX_ln_!s!>S@Qtc+;-ZT@xXK3U3dMixskK>Y z{!2WyO7gq-$)z{B%bjMKmlqL*$+TQS6<^&jy?q|#Sx^2ac!t;%rSvk5(8@Z%GWow# zivK9Cgly&iM|hUW|7ONX%9ZM`q66gGSXU3oRsQ~Tfn4`i(g$)izLic;o{|c^pj_yy z>IS*yYW0I0i>lKR%02&n^n@yk+3E^4_}S_Ud3|9*aGI18DsbxD1y9A-ETe)eOXr=I z7Oaq_xDAyHPH*DJ7Y-2Yrd&}d=i(tnPMsiSwa9Pv@L>>y^2l>DEmi!~i7A2#EN0C= z0H0h}v&W*)%j;CXR%)2YZWO3jHj@7AGqP1YHu|h5|Ihue5dXc`X&3GP?OuCp|9_N6 z`1Xw69dE?nXI>R8`4RnlM(>Un`}3#*tN8DTqN_R3@L_MnVa5iM%>7HmU>FOzUxCp= z=NLwj2mRX}v+solUKCGBmueT8uMvMk8H(9E9HldK9Kmq*LwFmRjsw|qAiBQwH~Q1~8*wSH zxP(=YvqV{TryBp!n4)Or(&-*S6sN>TDsSL_G#a3Bi%`<2wMzUL-c4GifxeF@eS-sJ z`!m&cp35j!l`mX*?~WVwu?IEgRlf-OJw;YpIm$4B6RiL!{#DQO=3;4Q#)$0qO3opx zO|9ya{?}wH+#H(Jgcln)wC)Bys)PIXS@^6a{}T^BL;+YL|M&adV*ICezq|GSf0Rea z`j;<{HlhG<`uMgQfS}NYDu6DriVmR5stk_r!vGzE_fy2CD!&vj079w@fV(h2022^n z;lD3!F>+kO4pM+iQ!yk}ME}Z{T1f?wi2qtn`=TQ-Wm8PTKdK{b^9>4-7?OL?IF`t` z#1U$MhWsbz0-RwJ)COIu6u_0JB(Ce#1N?S^I$uY&RGznLZ$1~($cDXo(6L}Q^QC*doC(`3QA za{&0_-FnILG7`;dEJ&pdKJtB>##NU?AIghXYh87AgYEus>g;;@A5PioZeQkEqW=xs z?c)9K_OQRz{~qNL@qe#vEl;HTMif8_AnRIItxS3J62W_N}=r%!Q{W!5>7??WfH0=v=n}csPaHYm@tj7 zA}krOW##GTrOQMx_cfC#p^DCZ<(^+LGxEAYNl}_WhVJ0Kj!qrMlT1;9Q8I;{+$_b& zUPX;pm!o63R(49?vUODcc70s`>Gf6Jr?)4jRyNaP7)Ickp4oHE0Oa%@20-#zvAm!C zmF_ewSUb6?G!C3n*V66Ps&V#q*-GG{ho#d1=-3r z-I9B7NV76rJpAh%2$r5LU$abifSY$5&9B&HP01y=etXu^1y(3Bip16X^IVUtm-4XE zF7*kR6f6}EilrYlta<^Qk11d4^Uw}|Oi5fPUO7PZKw4JELy=Eb3;CCOmihm7d!_gv?RIBt|9Ol@=&4s?UN_+ZASvYA`T!^@UFZdnm086P zAS=!86V)RBtNgt>ykGWxSwufoa_t~~8t)r(LpC?!Ib4x>;_wA%TqN-K6g3KW4*Bk6 zodpQYG<-x@I1YWtQ2xTD4f6$PqyW%d-c$3imu|5EW7SVvf`?%1$ez<&2Q!Nppd`yMc$r#KHAA={*D93+s}}e zm*KN0q^!V+N?b!)5A-5igQtl;u!y?8(g*DF0zp>s?6}Yy^ib?)wQtdVb?tGVQ>Yd~;nF}jYXko`D#lq<=uf6vih=VCkd;C*K z!4we$7zQv100c3*0};%h1Zi{<}zXV4xL<^RrLu$BKG<5BXz zJiXY60-)?PkDviauUXZ1&QW&ddGuWvMZiNKr6}OsLT*$7h#skgvZ8mb8Pmou`O&$r zW$P06wvHo~-KbL?ywWtLRCbqU$w1buPBCH*QhDXZRN+w^o$_Ak7uBumj|&^E z*@_D;3N%4}2qTdgP{^24B0Bvb+`l4~M^XPg8(F7%d(VM>4}=kQFZ+Eq0s%%;_)roQ z-2)u||LnbMbKAy}0J@+3E2dD&M$C#7^*%=%J6DkvM>n>mD=9v;>*IAn#E`@hh=DO6 zWggrA{nk7&FT6;Iwj81=F$K)@^t^hyd-_3duM-rAdv0Z|abwGzPZO(NLr?WYmkKv4&`fsp}%2w*&=SV2DzB(on0y^UE!O zk)Yui+@m-HSvn_F`!yuN zBm2_pbnNXbR`yeAS9yNv)!e~P>|vy2AjJG^vIh_N_#Q@)zTnAfQpt!B#i|^|Vv+(( zcT{zWXEaEmgzdC)P;?%2wjYObgYVdHM7yCxQL&#o@D~gsFF7DR0;TG)uf~yIYh&8< z40nq5FOeVo>PLP&fT_NHOPqhX_(qV4UjC}#vA`}V(e4zH4?&wGW7Q1tEcM|qysL@$ z0{A@w-IroTQno${XnXY-6X3$=pVV&0G`^-vf00*%?w z43mh24jg)6y^2#qTpE;orFnFuAf$6YR}Tx zkG;cwf35#t#iQx}`NXz(4^Zscxl)55ZP`{B2AO5+83Q}H&W+{`Ahhd*5fyd z_s2T_$6qR6pb{Bj(VT%CL~D5i%}5Kz`>&Zlu;2#Qfq7*fLAcHy`29T1`2Wn$;BXq@ zW=?<={Qu$Jk){9JIoe1Tn}6d+VL+JzIjCg=Y4X^9lHfeRXRLkmU1a!Y+yC$6!>#&4g)|kLX zOR|!#w%VXHjfyjv4*dbVM8R^#qMZlBH8D^tJ9P4?{t8DAd933H)LpCml{kz*CDE4$ z65Y*hn6ey#`W9_G%g`*(vvwn7$>j~)Tu|$t=4-`+@idbEXIut}NB@AgV}$NbRY#;k zl|Y63zqfZ_-v1r-ch>U%N**fXzcJ@kcQ9)~C19-_t%a{^9#oE7xw%kv-8$w&)ll4V zg{tdS#T%-C&^QiJ)jU6xeUcwcLQH<9a1`P!b*CG#*11N%9)l)?o! zb!P?!<*!Z0eNnomUj{EOyC(mZ@a^6fXXX5MY^xu`Q;+}Sccf^7CmD(V$fe^L%W%^axAlhcQfh>auCV>;aEu z*!92$`vJT=IQPKD9h_5Q_Mq2AIsO&7ODg)S9763xjbTGUO7Ncwh>XXRF(VO@A*1if zzbdp~nm{u38L;o2D@aFVQ{38MPt(Jsge6Zx(mO z$2c6tYWJ=fBppC=P*aLmwMd;oGeWpp#`1zOx968i5}$=;jNIFe*$1z+#DVCdQLv(Cbw45_;nWfnl2i534#F&&Q;63x93~j}F-YMMrZl)I-FiWo z!a)|zw`d>%KO2l`d$(}x&q6d!$PrfA)`dkJkL(DxNa_PrPoI2dr|s zd}Mr}(Vdm@f>>>PS$rdco7iknQM)Q*-Zb4xb(hTZ&wGLXfKL>;kjgOSv6{l1vV zhWy{ezk}y-c9FhDD5-k^TxI{WYvq61JL<3Pe^&BT*|caAuCX_C3sKHQ-C%rYcENd^ z(f##1j3$&w+(H0D8Urzmvn}$!!+n5KFpQ9&9q#vJO}@{ljR%>WjPWu5hAAQ>Xc`6d z5Wb}bIy0DNFpxANL-eA=ANgSne9Wj4%?E|EG)zDQ{eT=51Q^bnd_A4q!W8EK37|6| z%p}3>ob`i1l5P3Xy+6m|9-LB04|j>0NEH}ND$By<@mAa zi;Trgvy)ti5G@^%!-s~b_2?*iz~h7Hb%b{ny-L{}`}i`2!|)^U`X1Qib4DoGHNB+j z`x`!#Ppz)2OWPU+q-CHW^PeUK`Q;+^f;qCVOZ17$S$W=Q6 zNR|A*yK`jH|NZ{nn*OiiQJErY*^?wGO488J$Zz3bL0RNW6!5TWpxo$1TO|n!Tp`jRVl|dW+}J`w$iz0IZSy{uS*n#gLwmVIVK6Mw`!z+M``$P za$rZ7C^(sB2oL-Srog}R!S9zR4Z1N-{Bq=d4n2%V+q2!}&_0D})_vv2{s^W($&TD; zosfFn2?L_0ST65|R;z^>Xs0W2G7`CV%F#~{&dB!o5V1<%R1Xq_qLw=FwU5KU+*6;6E|MULZ{(ChKyVeo1-*6fanCl~<5F;4Fl)B3@e^(%GNEDOt z%y6bYC99-@f|zlkW0`%5(~KU4LZjvixs$s4P2&ML+~b~q*V7>tY`dQAdtu`!VoxuF zXCA*=y@ZJy#lTkMU*}@K6uucWEpD(bMaL`_v#W$#?2e7#&A9sm_Kfua2dvB3Gb6<0a)xA@@mop{W zpKG!8j2YXAU_8pk^b`NtRrN~rDop#J*LzC3R=5B}dN3MXd@{w^6&%5jujt*9_kVBw z?!WupzrWku?EWHtcYo>pBz|{(+3*k?7^NCd}o{&^D*-+xt-^i(agoY;hLep3$_N^^a@$! zzXe0MPV%WAc9o{dNA2l{|H*3(ACLOJy8PR$~l(8mgk# zq|#uDGc;*fX^2p!v}6(DimnMnb23hSaAe{Ky4G1CEr@yFy!@@xnCM_>W315fjfsIN zZHyHvZ|rL?(Dn16PXqcNC!_86OxN>@WyopA|EIs#?_2&qdu#unl|1F7Bu+*m8xq&@ zF^a-1k&dZX=#y-oz+)OWR^*9#qJ}KC0u~DeAcOc?MB3`*e*@ZvOf%7?Zs^B=qax|k znmjH2G~NHxG{V<#kT%HxQMLc~53TqQdk5?NzmlhV|6?}WWa4vu{RYkg7Jw#`aaA{B zgmJ{Q6ZDsOPZrmh2-D<~{6l<|U$nRX3T_AVE&XAU91*4uX8}*?mGL0Cv}yKEV!@K4 z6Zpq6ID%*mfc$;_jHZ9E zFMZ51G4h|{i;|;pmRtV2I0ijE*{zSmLD!#VW4XIYn|UBko>z*zZ_#UO40_bRb zhgQL z%MpJb1(ksNwj%b`j_B&@NL#MGddNK{3KELgY^rB#W}s`&(( z@yL2Ka6aLcvm^pNH8S~!Das(w{punNH7F5HAKSBB@_0Y|bi|y2)JEvr;&z()^sOC7 zT7MRz|Kz(L*A4$w&Hwk!``^98gSG$1N*;~=^LcIY2;dOEi&H@MrR9Ub6*^MklEtKG zbk*_QO=e3-xeG|wc3`hSrT83KQ|?FbEJXidJZmri_fEgRXZe5k_tx}(C67k`&*E7- zWFN+}?}FshemoH0zXdjCX5t)Zq*G`oy+(C@DUr>Rlho-M0r5W<+M)Fc!Zx#J>^=JdqLm0tXQ!3uEA+j>ey*bywnI&EjJa47-?J#T0E zDAo%}LSIl2B^kopF&3mpy?vS*2RR>VrLo^qG*J_TZlrLC75Q=?lz4x@`4t>`z+=}t z^3P!iqk#N$2$VEJGq>N~+?avS;114lrvr96Jl=qeSs=fH&tMp)IO{M}9JyFaQiez^ zBaCOyxN$c~;gD?Zu|I==hT|Dh<8W2sh~If&^Is^8fwu)b-m>~e!w;i0JBgC9-|3j0 zcEmTACir|AKe6MN>mq%{klOw!vhB=4=B_k? z0cT^V(FL;x{FwML3yFE`2%#^BVN*;vnMaS+y2ul7yCa$xlTCu03B-nB*Bb?-zK;7dp}GaB^Z5+aXZP)}M70D5K$mua6d83Cf$I zwIHI84Ku=yBoPQnUj}FbX&MXK_7?4-4{i~P%-C71ZIOjSY0x7}%BwZAj>V@RDkf-} z$fF)?J?FBjEg*E2bf9pdf<)ttjfzKe!i@ zvmHU*wEH~0NR5rccfm8dV`QYi0Q`V?(k#mH%IJuj1AhV|>g>dOqM%qbId)HnXc{}R zxu|6FRk$)OYE+g-W$yqtl6T4RnaFg9SnBs^FfIi&t_IIH?rR?O%gwjHVrSY znhub;Gi#n@#EFJ=Wajb!_X};P)z_KIoYl#BPXSB3I5znsI+L@W_|AS@`igU-F{!mU z2OHco&&lq~SF#|tP;y~ZFg}FXDdm;m46>k_;Mf4K6kqyQWv!h13qOnM|A?U3(*4iD z(T-*ReR#Nz|GkpO(*Kc(ZA}SCfPF8DK-QO*m4Su&8C6rDstFXQ9q+8P4q8Gvz?&RxnHhkB+uoHxDXvXFP9-6q!2+^uK2McKG{ zNBHEWaL9r{llj+?Rg65uT#{l=MG=`dmo8@^)d?L%MVsSn)R_#8uRp2iNFq?C9jT)m zF*GB+8fuYJrAQ5hh%MMwsX_`BA+4)H_}sWuA=WgxC8Wa1YorEQTnVzA3Z$6=q?Y<) z0p&+M)ko9OuNZB9uIcF=v=VtjaL>e9k-Q1XF%B4K|9E?D1xarAtZw>(y~Oc)su&Nu z@KYy&BAFk1i(trVH$snjG&ymr(kF0S7FH+-Wr32yJU@yu1mMRIXLWbZt`$Qru+v z8)-V}=H*q9L#5m|8S8i!S3#fSqN*G?NBygC4 zP|9>O% z+MX4lSSH`a36OWD)gyq{8IAPyryiPA_=3!$smAvnk{E(Gfkis z?sXOhp?~Tp*p;VD4#`DAJ#2fg-<&@`KY4$8a(S(S33X>rNi)pi5^JT|r**43&=&(1 zK$x6;nEH_hnVP8m8HXR#x254n-P%GIPS13u;WQ3EOd&T?EHh7YAmW;q0iO`zDi%c^ zk>@ALG$V)OGz+6Jn|r_;rG7FF2iODNEDRuWDUSz!LMK-l8V9E#4f<$#ioqfZVfSE3 zJ?m|4Lq3K8`Nyqgbq^edgHujFj-S$Wi!^^*ndm3CJ%)p68fJ42pf~WN!IV(JMKYIm zG_>fb5R9Un&!Zo1{?}v%;wSFE&oh<@yMI zyMB?PX+n7C#K+_uVu?P-P|ab^ntNf7pbf}gJ1mFeNsyk${4b#Z9$8Q- z1*lh4~B6EtIaLcMSZ!Wf4E1mQ;-_L#3W&p2nyCS6Zd{AvZy)HD;tL-)am>a}a-CpIyCQ9?H@X z2t^biUMvRU#nr{1m+zMcOc(!~`B5M*)d`P!q&odG_~B@s-x zAf6f8&%h815R{M9R~}0Bg~S`WB29-8#B-d%iM`fdqnH#~U;wTU-(Q`bJb!=j`sM$; zzq+{K)ZE+gN|;qcuf>3NzozaemwpuGk?rC{-xeur3QmUtZ4Ffxb=pfW{m<^v?!KY_IavFDuIRDyv(UL!0y(v#3er~0ccBk5depXE7zKa9yt<^i zCKqUVj`icGz@sHq1gQOxDoSXm>L-AN^wf0bFVnBM`9B4k)`si~_fM;+W!co!)iMY+ zlv~Nji*pXX>c^GA!~kW8b9<;g5k zH_EB@^0FTA&WEp2c9}v9!4pGPLhRjO9E_-ZwKRV$(-%TC&35NfIely&S4{D>wo@$%i=;ay2kWHisZemK_HF1b)=xXnLi`^o-5>yP1^;)rd$?!Xf9~(D z`M;Gs8vjSW%f2(G1#}raK>^e7Ku6pL zaX%qyh8XaC9KBx8y4}+;=<$*|_rl<1W0+ECK9EAL;v808}pV(HvL7%twmBn>B0 zy=wH#K>U&yZ4d3@NB}twDrlWk;LA4Q!@0$NDhpPh6-HG|v^M1Ca<5x!NGlevj=Dfc zTfOSo)mp#>Fw0i3wu)sJi`TNTo{L*i*90zD$t7c3768cYH&fu(Sh>EnPCHk5(MoqN z^LG1G&nr(Zj)EEF=LwlC_X4zWb?jYP=#s!8`^K7m`bDvxQVP(=Zb4++iK%P)dPMwx##TIhL~QQ{GYca2XfRf|{~>Vr}GE0ev!PDbW&#kdMbS zNkoz?wOOVHQigDhaF&A;f3a+wc6CY-jFRy*ikfe-vO~zIpx>Bp{{(KPDYfJwIJ}10 zJxcEYinlEp;^r66CAb@6?-U7zDa}bxrVkU*<%&K8aPDHr`4tk2gp(5@vZdc=Uh16uJ22{&D zQ?N4oq_F3z-oO%!95RAxWh;zL@;V-`;dQ{~hBe(C2RHwlA4UXVF7HJt^n*F@W$QV3 zCr7VLrOnRScSIK=YETY#;K$?~7VQxRjT~_i@&k92!LAiDM?u0hxV1z4i3N5AKTJcy zs$?L7KF%n{)_`oWshFFqLYX9W+F2~A994&LzQ<1+Ho^l)?)lv8b&5d^DP zmV{PMkf07gS7$V+VT6(AP$1??cUZ?Hf>SMS9;!uV)*zNBBXs?@z+Ft%gMf}2zP-R**1+1Zeyru4K3~&*<7%JRiLCL}kioCAD1?Bs~ zb$w>(1oP4c9Ih^-SUGKjl!glIr%Uu-?v+4+DI0qs>mR-r2&m=@f;XH0QDXFyFWxU- z=;2|Q|F}Bmw3S({u?!oZ+)joQ_y(3h^sYvB$yW0=?Ljt3uF>G`YxaR15zBOfLHJtu zuh^<=3H%+jpe{po6HXwSI*lqy(Ucq2(J(+~yXZ%6PI!T(YuG&3G{nIltq%-%7EI!C28V{P2H@`Y;)My4>7 z4~g)i7X#Nb=c@yDmg%|)P7K5jKrxHsN{f1x{IteOIaVLL(v{tClpqz&1!~kXKa(nE z4~#12XHrF9;6?@gBPp&ef1|Ya4SXw3(0}1)A^l$-0Hp>0ubth!gI&x2>u??abtR9+ zzFoDr)^tYHL472Z{%P!2ezy$i#@@N{j51^wGupSKey~@C1N6Vz#0l$Hms{e2bkYUlX zeGt|l%t)SRnkn$_=qP$;r`5dDL#Np>uIWG}3fZq>E@6L@v@s<6WA*Oza0pQ{xp5+g|Y06K<-`wjr!fUp%zS(}U{c8IU(bfwB*(eomUxwQ^;r5Gg`&GF8M<~mN zq_B>17=zn6*+RTbe|Mi0I{TQQm@v}(_1-=_?C5qNav7QCBy4DSA36@sY~W{bgqVpd zuOp-_R-P@Xf3Uc`euNS5g8+C;g7E+|$sB@v2=4tjV~j1cOQb#lCR>!7hA0xNKw<&C zwnDb^z4ils=DDCck54`jnKU@ihO%o~waN~Z^kTz|wy|t?j2_ty)Hn;uY9VGAhgx?Q3`E|DWHCAxr-cJ$WAsMkjZp$9^Rt|tUV_8dO~egw z@;c{=(9&15qQHp|SB{9nq-gDT-09%z+-{ib#LU=APPQS6B6Lrh9invNXV@L5OekpAC{+Fx-CP@(@n+C4Diza8u!t?hqT z@@Sf~oIG6f83rP8Mk{Q$v2MPLYXPfItzHi3E=DqegvUbddjPQ8~>Fr6bUK-?UDlgI_q5y^A2f?w)QCC(1pj&ch z@k#SpCk=qN?;OGV%P|a6lrRY7S8W{gYE6)&P1so4+LBYTF;`BtOKHNRr{8Mt+P>x` z%>8A);T6=!54fU|G_ZEfbp3`J9B za=6*-#9>#4&l zVHW!gEzbaz+EbMGQebc~gJ~KD+*nn)9&@yAh1xZm(A6Ods&1aO{K*ZSj$pk!{+qH_rebHN>roWEo$4I7@#>6e z1=_b=HRm}uVSO9M**o2Sm7Yd~+^I?p);|N&X11-Z<%`lsJ`caI47#VX)}D3HSob=$ zpeW?W-NORbHdg|VVGNWHgdItza0?W&&y=iEZLo1cUVv~BpgPDKGf?N}QSM#})_)0c~hRABvLD1G`W- zt9wFQozcNqZnA|KZE$H&y*Ij=##uOl+-JnoBu?+ocz|LCwKRoCg%m5>ZJy1eUf1jU zO>#6UFfPxw(ok-989P-A?6nP`Duze^G*$^fF<{!w{n}g+1BPp!fN;|!u9b->YOC*V4 zFGBZVGZLOQ+WQW>ayBHSoTPy@6gFxa^ z%<5B+uMp0(^pQl&Os8?4Vlu?w77qL=hC~=8GG~UsV2ti#3V>1TTR2211o%G82IDXu zkurXavN24-6vLE7?0X3_OeaT=rbxuF)88-t@fr;Lgp_n8(=BFnfoXx}I;IPiYa#Y; zBY1syx?o1~GWwuHZ*siXLN`D8>-DZG9z%mYQFdIEAlzhI&=p~&{4K3=eRe|=#x|_; zqG_GqF8=ZQ?5bIv=O?G{FW#J8U7bHK*x{{j@dA#TR`r4uS(0~{!HJ6-*4wUTjd4U( zdlX*ldrIMxNq^jy19E3j6zW;s(B8XkY|KE&y@d>FNCTMc^x7R{?Ui@2XQ?sj1ZAh) z3Ls3*K1}@xY)<3wgP5>I=dE%7NTWn%clAzTic99u&1@-hTq~*V)=!ORA^VRErjszP z5&4xpRqQ#DA&4vP@$@{m=^3Q&`rK5XJ=FpIzF3v(5s3QTW>N?B&)WXu-C^=-LS2q zdbZf#!U%f6`;7-Ixj`?{2w%i!X^K+MJR9u*T!lGeo3KGDan$9_h)uMlu+H(V zH)(v$h@KYAmRl2&gIk}@-_Ntq`LEpB*9iepVgGrscerDo|3`<1>+^pVk9Phm^V(t- zI0fo=!31diX`2a{p@{7(moN0j00r zSDMj_uJnZ;Otm!&vv-~O85~ZdYiL|SFxa{pg}(CGfSpEuIJprdrGAiDD@ax|BPmxz zGiM0dx>iy^x@=01%?aHxa_qM;Ob3v9GLZ?xbi$l&oRt5Ne$7r_WiJQesgBJB7Fq>M z#PSZ&7Te=B+oBWc>>Rh(V*TqnJY$rtrZ3w3eGvfL>dN)5u_YE?*y^k($mC$QeNFH6G3ePS-_2icVF5U?aPj8*T`1>ZHSoZ$B#HUu~fKLT&tbD>zSx6^S{Fr)6`nJ;oe z`Cy3Bdp`{Tj(j`@Z@1qqj{8QEkGXlwyhbsRvwlZ7yFpS6@__ei7=$UL@l^fDj?d?- z`^%o$Oq4M2VK+f0!xm+|=6uWGzFb z2l?A_(4R_zAT;GZwS!l+B`}U!8VA;R=PsVJO+EW~!6g%^&$+?X2^X(La5M;4!tWgo*KTQdoH&+`B}V*pj2 zlpH2Cv8)8^ z;A9HNL?I$J>U#Vv+fRh2r&Z!8okS5!P|Jh7VL-(71O<3ou@WJRi&Z!4$_$tj{|*8S zV+?6V%Gn@uWqWe$2m|0|%q2Lt@Mi@DpdGbB6>a|nu3-iSQ=Fj*p!)^I)C?to=_JIM z8s8VhQBosDxg{$Dkk@hbj1;<5TB{>88g&YU$ij}--g4rU-=;6|_75|g@HMz*E=+t( zUg(3Rt_l&bs?kUrjNy9V!5JS$S6*$$Xjg1Plq6Xp^2PGOpdn2HmK{){$7!l?4A&?j2Jewr|tyHD7I=+Uhe)i$~q97@yBsPijiZ ze5Y<9r2*t1q}i4eI0%Q~pe$A7#t>$MF$}H?7QE2`C(cga!$wL%x4$n!KrYxtcZnro2xd6G^1icRB4Tm7iFhBN8eQnJX&biDAFf%DWnXWui zBq1t#pE3$Cp9Lh-+@Q4;wt-HhQ$9z|BaTi!Rlr&ZNG;f;lObpTw(vUv$t>F z{~jG4t>gc%HjEA7NY+LdnWxq>hG@U|0*7h{*(E85c*%1-ts#-1k@Co4}S<0odVRUa>*lr zz+m*B^r?dWt2%4ixS0o8Ae5h6rfbfIg*1D^((1C`8}yx1R zX_fx-JiO)+P(lCq`bS3ouf6`>+WvDjk4FFb{5{AKP@JRrJ30VlC%>{F(C!gHdeznu zAjp`Z8N#2zG)Y***dm0oEcqS!0ZcK+D}P}{`iz;Cv5Y=s*!W2MLlF($zL2Thcr00r zoJEewGt*~X4h{gSc~x#zMIH)EjETA{?#d$!bo8OlvARDyC1wND_K#u)d8&LD9PyYj$kUbI) zLWsBD52A2zH%3zo&*OhF>ybi7&jY`?U2*xm_vE_Zj z{07wc661T6GP492<7o;p2s6MfxG?YsDZ&^`6Pm+s8wMeZ^d_ls1u<2ZS1(^(J?_Pr z^Pk}mi0I8qG2PP7v@@UiX-K~7mgUs6B<2?Kxvf+;2Rle%fIZN=f)VsF?3tG2!EKVl zS%{|0T@#_ZX#%|2jt9JJj<;49C;kAc4Lf0>C};xCv+&iRUiz3~M<((lO2+={=>#0~ z9Y&ui1bzyE>=GM#yagz}GIVqtfB+8Cd6H=f+JupaGA0@s=a@VNn_(Qlk7~hQz)pJE zkFHp5UI%;zw}<-y9GFHTdRt`7>Nba>pmB?a$J@{Ww^CY<@Bp{I7KeJ{U%~A_MTY!+JQ%Y+Ftb{<2V(rWuO>zlC=K@z zP+KKCVGCdc{3O9(O4FhDlcbPyvPo za$Ocw{^n9FVhWSa%`)hbp{HI9VhWZ8Ci=THK)Sd$+45g>)X*e}AkAVzcf^8V$buyx z=t9-5xu$Tz@(C!%US7X4qDE}Ya{=*L|Gyk!tod4h5+dn)sjfkWe9fWeOLB*Q8m>&waEJ24XUR@0v;WVE*ts6UN_D1 zBgSV!grVTJrFrAf)-%Uujt|F!%^iwIsJ*#k(AIOu=Z+1>L(N^GwqnugQ)S5Sd=%mjM`Z=^#oBT%i6VsbC$K2C9irCPW%xR?u*BORyvJB7-#3? z%M&B&IuYKLG{^^se-kfw!ejoXAhR)TpI4Asm-)-$WX4Q)0DzjQSiG~75{tCNdWxqf z0GP>t)ug*>`dk3I;N<1YCorCo7guM`&#&MAesO)nJ~J`+4>-SqLs6kf-@(2z8<-zI zeX0<;>ELsD`^%RfdF?wmKhAX_5~0hJ>+649Ts{AaNHIA;C~$JjF0O8lfp@rf^mp%x z;&Rgk-u7)6Z{xAY{^}0ckIxh+{dVi)G5GoCAI~m+V@<)q7y<9>BOFY#Fdl*DzXGzl zaj)0&Xo0tHK{p28hCV7Dc=rzc=YImGJ79>NzC3?_^5@O(Pp!iL{e+JfDf{yL&Dm2r zQtUNZMiKBf$a`KgKztZdh!YfJ_;h1ap*3XLp=k!X80>*v@K5Cv8?r$ZYHtDPj%63f zO7qOmN#4VYE9-L-#v}Qn!+(WC@D_L*0!0rzeG0tGi`Oqa@D6lfgP zAPGVY2nCj!X+QG`wF_e~ffJO@J@D?o$(LBROh=CIX1)aJ?B&fEA6P?I^lJcvEkff+ zdxVhY1k;ZLW>`o*P5dyCtl;pF(Q969O|dD(P9a9qbifLy@WT}1j8_~a(_^sH zpU^+p0zL)@{a4`=0HSabYUTF(eWT>xUWDR2cy)4he)9a+m7EBCdaKU_fz;K-#m&l& zhEnW=sv$)v%g=}hKMp9h=6Foz_(S9elQ0I|DYe7uj=haf>I8oAKsQm|Y2)|Bqm)$= z+yDH}HbCOc&!+glIm`fYlCs+tArV@WhJ=JwTN9EM5|WG8FD_O^NZ9n&AS4{A=O;HO zzn)y59Ru&vCriP{|CLwfU%sq>(^I$h?-#Gmo^G?4)|Ahqm4n+}I*m^mBAfrD7qS2J zIv)7U);Au5ZkL+*Z+ucm{|o4LDet#?)ZaN$K8jHw1wKqem_69GH7zdc@7((lTyNNw zY}nJ6=cj-Ce(~q^+55}$*DoG=&suk|=C&nVf5EQv(-A&)?Y(-tj4mp%=0Ufcr6I&m zcR;s`lQ4iO@HRdfqw&T2?_4fot(=k${7yOmx*$eUT2i>|T{3 zFn|f|!~n%H3+s%%g?1lPb*}f_x4G}GFJ4})!e_5fetmgHl@DjHZ_ZCoZq6@W7gRo@3-Dx0BE z`sCGF0T5{eXH{I4Y*0LuRFy6Tg7yg**LxHXJX3beAvQG_jPwnrX#~1m>Wt9sPBEi) zjSa${{FYUZPM{=@qw6791N^i-IpX#?}@>+%6 zJjKaKUYzkymBi%JCst8JsxR>nbmal+6^TUYE^4uvmF<>{mVj$!<6f^5c9nCLay6L^xp~>id zh{?j9gYKU+i2x;yU%r5DK>rMKVGwl34oIfxbf9y1>NGLd?&_jw3@+?3xOliRK&_1d zsvZNyd%El|wYn*Der>D0_MS!UKe_U;+WD*6|Lbt?z_kB7?C-4ozgF^4|F3V%`%4%o zmbrepjTo2n`_i@T-?-D4j%;m@FU1}C@i>Nwn~q{1EwfuSfN9qz5A0{wP6upwb^1`> zb8TG9b4|NPEq7bn+v^{C60%ZW_}-}H@rS6$3r%cx{%;NcGoyyf^K6<%F~T@1#o-r> zqX`P&(;&ozkUTI>PH#B;A!3omT~2Wgfxntx|9>y77U-Q@8_>z;=fB$US+zx5D0li3 zHQVy|)8NVFzNlxN8`>4$<^rPJ_KUz&91_R1ed=5=a&N@t;4J1gSOjS?pFsnf>g*?p z&mw>X)!<%(jDjozsMv3?0RXyj1r)Zo7X~HB`lhy(za5W8^9;4!8J(vhD<(IX?x!f1 zf_P2mQ~EHn*{$ghY5G#;!OmPxkmOgF(Ovn4O`!6blg+#UpOiM-D8&+3-iOj;*V}TS zY+xGmb$lnkhi75=pV=q0A^#s7>>pV2|Nh=u{$IuOP0Ih=2BuX0cRIo?DgSFGJm0$f zuOa)L%m3UluO0cH16!&5-%1B;cwa^SSIr;G<$r4Ipqc0yZH4%T5V zCI>rUEF=dz;4CNy7eHE24%VS96!gY`!B#hiP+$DDfMgNoK*;J}1jsiUd&i{q4oTHT zze^=m8BvFgxqK-FR5pzAJsHwM;j=_mt(0?@6+8J1wjg#IT;htvPL=KY4#dty3NmoH)%=4cAC zbWRo}op#`ZIE+}|$x^-#qey(g;O97uo*8LtbFfc==Q&WXmayu@236t;l*?Dt0o)Z9 z)R2KFKvM!z`eO?_a^)#N2}dB-tbzoE=mw`CRxZ1+d2LH_QK0d@FDkWYkQNI3X+u~f z=BEv1G1+p{#_d>_Dzn}f;UaA zG3RU=mS@fN1AH}%xpIJi2WO{GS*I1+;?;9t zY@Ae1T_RnJhg2ag#Hw2W7U9%2AbhBs^VTYqZ;~C>wh>RdC}yjQ@ok-LrK7bx*Qy;m zt6^GmO8&KY*82P(jDrM)akl;54}uh83~{~i@0I!g_79HC`0xG0gEjxRiiZ-BGd{JT z3*_7`llxCBm7av=Ncks{xD{poV^pq+3ognc=HXD%~7R|{aL)S_a-s%ceJ^5f^f7D*^B#l0J%aDAx1#YJq7@-Wj{Q>2cbZ}(uG|6?VO zN&hd&+_pmd=_+}wbe|*NGR@z}2FYcLGBiNU-fJ@oaYpb+JdyF9{*y=7{$%AJC#W$d z)0JLT7sCm=nwKvMYMyYEC_LUb!N(5$D7y6rcRb1kVQlGWif-hm11~{Hwx|RI|0rkE&*XMQ?@8CjdkU8h<=%`D3xk!4MV7@$-(+6sq`Q;>ktW1Ht_ zJq4R~8rqIAo{sSMyfWEh8#byUF}>O!Wq1ud#205eeywac1d}Pwe)q9bO<#j5c)J0% zFijNf{_&&Lor~U?z@N9l--{Ntg#CqM<0rBMtfcZnp6klEd;97by*PYCiNF+vX{-1rTQ#^lr_FV3aE@_Fs7U(&ipJKXgsA* z0!RkIi7*4W#FER==Bo|GkTBBRY$hlCQ9w9Y!J>bPZgRF zJ37wFU7=}4FxZS?!PuCiT7O#ADRpD@jCSK^3!i7;ehg!6Sb1Rhx2)K^@}&tsRCLCa z9-M2rU?g>(aFO+0G#IWSQS+VXyR5!2q^1M zZ4sbCahUr(k3yWK^J{6kEEA?nv;1i`CTHI5;XaH9D1gi_CnLuq>EituMbaExFQ?k# z`vi>U2Xp)b_P9z*IU>pE(KHOql|asnyP$Lx$_swx7&!Z>^|0WO4)QTHYd;kWN+8HP z;6m6-a_0hC#>Q1SB<;t86F-bZW%`E-os6f)hP8wzm8ky#Y2TfLD7&}e&@D?_b91dw z45Xr6Ye@dlQCHFv0I2I19;0a#fE40sMDtH$G=bSTj7J~}?;zd#EZ@v0K0v&wWBCHm zOwgAg_M`#xim$;CD0A@x5u0^zs~3yw)Bg#~d@=&t z@BJt`$#>P#_J93@9ZUY}@2>6tR`M``LZOlLBE?T3@B<<+WC#%I&vwC5HX&mD^z`M! zGx(K<2Pm!I%>w|OO0zSz#|Tv!_%Z1VASkBH@&H093(@^vjq@l%x4zzN4}1^Wss;D| zOL`8soAIBHj@J1V#RTXiqL#cEX255WgQyaPhGWuP zKf)pCnH3EaS*;sSso^S*Mx=jY9nsM`i!d~CL#ae94#*_3KO-iUm!m5}P?4IJy_U;j z28*R=7B>|Kt#mWyMl=L_{}#<4)28q~CTTeF(|OGG|ZW{ZgbOh zV}*tvt>uX|QxUCgcB#}91VhJV5|X1!x1wSHu>BKw0W)Q^Z|49fQAi^$vDd$e>YL%m zF6WxMgrDm6JE~>67#$G^nu2*rwOd_JMZ?12gsk*%a7WvVe4K$WgA?YF1=#=>wZrE1 zC8?v#qYnOjsPr$yAXMO@A$!jvhTZamV@q9y^m5K>UoleOr1tR?OvhMT4m)*a^*9zK z`%pMomKBZDUM0eCF{>tN;$<&4d$m1tn=m={44Z>{2*&=5>|W8&Ep`>`2W+5K4LA?U zNNB^rk0Q1h)!>gtfInsMzI=Id_cu(>xj5_%;=z!LKrp*U=^cw?t61#m6?Np-y!^NG zEW-a=%CP0`|N47Y{=b8R-F5uel|0I|H{+DqAA3|A zLOM&e5gC{uoPoo=ycX_xa!IQ_DI3Oubryc47jmau-|Vt28vFP%g~RY8@WPK>&(WgP zvrrS=5CarPbFNL9Vi*7vgVS@Snhy|#noeU7#^Cz&f34~%xBqH+>o02irBq$tAGG@{vj3U3 zrhWkUD*3;EWbOaGo%Q}-$;0)3WI{1_$pC0*sQ;GQ_ce5T8$z2$TWj;0U_-kY5LBlo z*%6H>3JX3i$4>#*K&l_rI}=hu{kwtE149_Ul*i3+?uVf5KwXc@9g!>_`e6_^ZNW>!Q@k7ey`3&mpUpjOW^t|BD(zy}}K~dE>Lz=Ct`NLjP+Ae&A0P{XaOc;=k`4t^Ge% z@=%)oicf7z;U6SbtRMFQcltKPW|-2#pKHdnmn7FOD6{ z2Vt{3WCItjE3aeoFb%9moj?r&Wmmukqh0q6s@WxVt}6PaiuMgUr&L?Ehb{~rnZ#6| z{wFBde(z5+^a@SmjQfh73KG%A{^& zFrA3d<&9BMDldkJks!#hbY<5bw7>Mb5u;X)VK0RV!eNHex$-jeM+$(;X%t*eG zCwZ|%eqg1uY;GZwWpgFR6gzZjVVnhFY!#<(-4*1eQ?2nOFa0=JC~Mkhkfq_I!i^rC~e*FrNL00Y)HX?gzJoTY-Z+7|>$DG=UiWw5^`Oc`R>L7YgIq^JxM- zXJGVN6A0tkZz-BAKYbif{mFyzEH7LK)nWJ%250fCt+~>?E$R)`S8V!ah+A8w=DM23 z#Vc!VN4b9fV+r~HI`Qx8ssXC(KaUP9|L?t{wfw)5N5p?;v$~X_hbA`j_3`-Sf7y|i z)d2MvK^lSUjeU*UG>Ntz{7ts-n&ps|e-|Z^W=hUMzDx|4MiW9&YH3-FhG?HmarPX- zhx%hwq-BLT2}Mqbg2%4WtY*$5)>F#s{P1W zzI-%1j%uujrYbJ47&jRh)TwO*Pjp7Es|n|l4VqUca$FG%&CrW!UDWiLT=UQP?jXP0 zAlua7_qW)tznufYRa*JPok$G)XfP!tF8J;GMT(}0`@+B~X0EA)m7?xlENeK}y?zag z-5LyD!}C9=AJ+BodLs06ad*z0?aCgo=CM@nOZC_0yCQ)MP^!T58{zE0& z;~3%WHH*0jLJT;c#UnmWF$C(8`bU_Je`gi6HaU=TZi=jbrL~1wPswhfl!qLV+0C;w zj7OftrvoW2r@qqUl z#jrffwwP_vUU_P5nMFw~?uJ>k^HzAng{FDiKY@Rc1;z2>k&`n7NSA0exy_-JK8S6A8=4ILA(a#LR$2ZOVAAX#eZ>nOh(``!h6QVUXv z@K8|r+dOd^(tjdrokXFJVFNv2)%{=paLtdvJf^0hv+ z?#;o+*$Uv&zK&1nhvC-1Up}ZVZkg7lroeXq;NpKTH1A=mrTs8@#$*kEV(_zq;j^CS zPRDGuN-D*U^gz{(lbSTs3(u8P0|RO;9VWSC6efmXCDA!Hlq?FORU+b2H%aT~F+K~N z|6C#5+WEh;zi0aY@2%~BR`l5Czqnm!;ruVYI(R(izwATX=f83ZvswX9>6IZ536x63 zIrRo=HF8`ngv;xdh-(7IU-Ot-fc{^eKW}COQbqswj?DaDyL*Rg`EMnUP5&>?pSMB# zFVCMpYPwJHe+ZgS#`mkx{LAy_4)RIRsigO$Py<@O9H}qGv$#$Li5DgQdL+K|S%Cf% zS&|$8wGV+R`oG(^^nd#YYx=*E$HD*0yu8aD0L-NM5uX680}pWo2vc^?t7Uj5t5`&l zTc$Ti{IuZ&R?nv15zdXo&RSg zk4FE`$?O6$y@1Uxcqx;_FMb#pYv$3O306PaJ{rQwCqKJlYPN%LsbrP6a z#k9&Z2UCxdZ+y&0q^mk>ZT|$$h>#ZQ7^0LQ=(EW&P=vgEZsQz<1L(Q&MyYM6O6p4U zV5ehNEl^7jg3HLxn6(&X*36;Q7%FDr$YXK~zpw-aMFUsvM%GfdocDUA*&_JHGhpj6 zj2v-azI`^Q>G>ar*=bWB@QU;QXm8*2|328=S;v1~$s;vSEjod_7Rlp1^_`t*{peR) zVQwdMxPXV}ID-?9o;C`3cRwD1Q@w{Z_BJ(g64mhF(=1FCrqY6TV-Re3|WDOA2T9-n~ z_1gAXTX^=8gI^sqhmVgn8D!BFIQn?!>OxVYe=Alvr2aFnj4R-MlMRa`9d!0w=v2fS z$Qe5wB-=k#PD_P-Vm)c*3dUR15h?O#YCD31CUPt-br@r5M?+W#Usy2sf=Y|7-~`Pe zbNf?Mj{8Xx%>jx5q0L}m@DNq)D{&5$P-hi5^XPb1h3%if4QEn#!f^~(VOEwM^8tV} z7*oQ=2~G`6c}PBj@C?Qf=O(Qjh{x!jwdBiSrO*$;wt&%0`O~Bn)T4-|p&fusq{|RD zlpLxH?AGU5s_1$(5hLuX!B9~zQGkur|)SJnV&ha_p zqckuk=Tq2K$%R>7v=0}xWXb;i$+*P@`>XSs-&TL?_k#1%otpPGEp=fjlquK$H4*;y z)h^%6(@_6IiVM|VYxn<0d#3(pZ~th0|G$z)yZ?EO0tlp%dr2*jx>O#m_DAnT+ghJI zzvc=8{it2h?}KtQ8u|e>asyhjeVHw+L{^+;VbsGJN=~9kl@V!J8B@aXp8Ifu;%i9G zsxM!jcvLs=F~nIIkGx~9G@)%XU5L$u$n?-k7o3v6mLys#SE^D#*V3Ud{FsZ-0_R>s z`cEcP7ZR5C|KHi!JGAcqk9ODjzgF^S^#2kCKuj;-^SkUZP#ux|ahwEJKUzKv1f?(t zxX~;@MI!@D-$^FUt>r9%^QFvsjZHrET*>{2_&i~-#|X(W~m$yYEP zLDJxT8fH){P;wG&jFRa|5U^VURpG6i4KFVLR4yINAsF}(d~x}wf*rSn7{e4Y^8#_C z02VkdU{SatHp5cgA%thyoM9GVpGW1^1)If?K2z~(&ZLoqXp}JObUHt7u zUAi`95xDhs8?U%w^`u4>TSJhkxsI9OwLI0AX_WVd_VfaL981GY&sg6fDhwY%mBv z+tuj>;@F=-fZ}Klrg8XT3R#QS{QMN`^mq3O>q*cjywNmH(r^|=a0G+*q|keMBV%|# z(QMbU-@ORkgUtw%K4-@J4sD^MpPV;iKLdD<2U#QzPcr62b_>A$7{($ztP&d5VijUo zHpVSPeeKxx24y>pc86>$^$tZ{Rjh#Sap1);>xIc|zZWL&3&!399$mhkV&ppW%yI5C zyQM&BZrd5g)FVRQ1Vc=hK2thuX6Tw)Yq*Peo@39JF!Q`(DdYYpzp^8XQeN8$c}-*4 zUAd|TEDpS?zp`t(Y-&%9`G*WD}=IFA)ffzU|b%T zx1tNR;`N#&*VUJWy-q(;mSEjss99UIPE})kKFUJD8qr*hsILsOqQWKf#RuA+r1gbh z(bH7_n}&$8UXhRSYwieK)kbyv2P^;A!OmL$yOKxO|MJ-dbb4Fy1hy8;qg4PqdeZiN z;6Q*jorBxI4YYcr%i%dDb-jz1j}zEBN?N7$G2na}(*G1v(TZ_%bqzqO{D1fMtoRQ{ zJN-5NU&W)*|0_1TA_vrxq+eSrkCyBky=a@{E6JdQq*_V!1D0V1drb(w)(@Ss%2YYc zDZOewER}`fP}*A8q5JJ&=GFkbhBKIYnkL{kKa8g7gCytCdt=G>t)%C1xLiGlNrdJ^ zR`pcN7T{fHeg=orh}pSxO>N{RS@>dPWV=oml41=)AanG##uOljl{pI^MCJX$Bh5CzmEUDqDMdf+3dC`{+a9L@v;F{N808Dcnft! zzr~mUqZj&VD=_$Kj6kc{(Ial`<3FHng2d!z;DsMg$?`F5y7GH!XSJSQtLF#7>sc6t z{*{8iz(d#hR@wn6jrT^$l)PsH{mQ?C08dj0!i@9^_-vGWy`Jj(q*=dU9FAhsEX62j zTC$2(ExQOZ95WX_Ok2yZBfY){P)ZiCfs_+5r+J0jz`~kf6E_uZ0sivhZsI2%sED6p z3{Zjs)2E!WU*!fXTJwexvJ%mS1J6g7nMf5|eL2Q8-yZc=ZEP)BEA~tIe3Z;dJzFgc zmep}lnlP#{as=TSg)_rP4Z$thM55_QFN-oBatd+%^}9sg}5kH-I9i`i|3_tVzOqh1tN>a=E=Ea-8xWh zwa9rxwr@u$&A)A^A*UU}h!72pCR>R^YQU@vN6P2*se*n%88*33fgc1r`n&E!1t%@( z%z`mW8$hf#Kn;edL^%EWp-bCZ2L)ZMlpR?%dkx%9oy#0Q0~3Tv;cK02Fv98!)eDNL zk$ga}b9&&{DNAh+?qQmjDhhk0qE&X`!v}HA=Pmy<<^RTh3NKSMfJ_sD6Ms<20#?cY zhkJc9{_EcE&YJ&Q#iR3oWOf0cULfapX%^76XdW*Y=h3T*Eq`>(*F#mlQ5<^U|yvD0A9j0q#;329291RucZG6 zrv2Yhe;xm0HIGLBZ}Qm%bb0}sU%)4L*@K{T^*q`Gp`ur99}J_sjfdA6m-bDknJQin znos^ga60>#_;EnB%>^fljP9)f?UXe~!#Sz1YACVQ;ww24n$mw1!PMt#qow@c2mQWv z|F_>?)Blw`I{nXQcWF|egL=G#UF}2LWLyDmXL@=7LasEYYkHLrHOY34PlAGCWL%_s zNi3w2+YKnEf}T$hCwzZ}#M?&w#7jsZ)L)I#9#%4$hUjJBvFw@9>{=?mEt1dCn{o zO26*l{26Ufd&_;Q>7FSV1`Mg5^)1Eho!h;;s#9ztJ7P7~niWSMnqW(tv?3btAuR6% zU-+6E2Ri!*2h$9CUTe=FK^&uqndWpx_{a}W)R zUp1F1#oi7;l5h1+$LJz0eKFL^h%pUgmYyd&-1mStjF3-$bru>0i@b;d@j*PD+`?2H zjoCXLX{+-zwVGH{EVP7N%t}#q(hy2aU*16;hC;q^o7b^weD3Lc_M25!-AJBhx| zBN!CKm9THl7MT|Y+Zt(xwnFaRE9uiZBEtGHp2qTDf+94UUneQ_gHsgaEcL@U!=OYQ ztg`>v**i4kzr($Q_5IIE9!>r$p55ie!2-ySSU4=~QQM;8K$(b@h>At4K$9+1tR6CM ze7or6oD>b^W;$i?$nc6YZKtS^>R1apow5<-vKs3F#ia`-{>SS(cz+Cbo&XxV@6QmEu++o?ae^PT_@`L{3<1}rS%6b*Ow zlDy|3sQ54x?$-&-{D2x}a5$`TbtpiVN{lH5_$xcf8ME2?48k~oaRv?KkiSm~FBBt9CNeI@@S9==re=`(KC$NF;|39kvzr&rQBZL3jJvdm$e_6?+@qcgF z>@Lgf@kR1zSv!e;%Z!|EpuMsH@M=Lv)>aElNftyEl9mQFb|qVteyc7AWMPWSwS|PA z*%H&jCctHOtsqdt=32C`_!*lP-?_6X`RPwHl)!WnVyv*IrlD`4Bd@2|$CXj_d!)i; zUcq7VTv5X@=M^KM7b$a3EwPSgX66`XTVODTgFAv|iMR5nf}sCp-qZCg%{OUA+7g%@ zx3zi6z?9mJyGOw^9zTg9dte;C$<58j3-K<&nzUauE6kUHf76@W{s}y1`;lx7z9$Q_ zu8KP+o+EoxpAzymzq2x_+|ZArTYqr(oX50K$zGn9)m$0y1MrgBfM>IIZJipYRF6Wa z8RT3+i}2oA8cx7x5KB(jT17d*@WPMmbX^kN9Lx%ECL+oG~1vL?T}b zV*z9Z_zqA!3`aB~#Zo9Ma8`gdy%~HSrb{B7gINL2@enVGE`_iHOhrzfrH~as9tvOc ztf}pZv{n#&Lr*jLpG!vD?1=PN@tQ`;z(ux?6D}OcNpJ!=MRRhj!4SDrvgk%3%;{J?s?`4Tpl$MXV zC9@kZhfVVaq&9f6axSOvZWjCKu$mX{ZmV#g)~V*c{87PZ;Q6AFY3&UmMUI|2I!;rg zO=TWC+Fxw+=&g_+l^fX3 zFB!xD4qu@_jUt(AQm7f60*;I0w7hOuCVd^;rOl*S^@dFWAV-chRBPq%+a0EZT^0UDhc>njd-~Ic$Py1gsJXy4rVWc_xZXqE7 zLzGT@dN#iOr`JC^I{K%l4ef__O4~+<=%uvG+2dBW(Fy~>B(Q5xvr1l2oewcK{Daa5 zx6vH`Q!IF40LYiW1zy26%-}>Cz|lX{>spa|$)RYZNs;cLD^X|N1D7^O&3tXmuS?M? zT21_HymYe!NI|>&Rae?a(x6&*N?_DH*E|7}m!X*1h1_IoE#N)AXF>S@&OkB0k0}>w zUISOz{~hj_`TzHhjtACJM??RT}hCapWie)^o2RlQxZZ0^cV zvQaqg+_->1qlN@3*sgiymk)g+ot((NzINj=GG;ovB11j*_4^{w^>-@+XxNr z?4iJc2fQ))Up$*QbGB5D3WZFEMQfwkxX`MN2IkkivE@d_%Jveb^!j;zk)Ec|r#?~g zod>+%!U!s#$e$kYuF>F*=7dovOheLb%jEy+V00sfVsq}Nlwep{UKg8ZMjxN9Zte~az;I%b2kiV-DLAwAbZCV3K-!#gk;C7x7-h-9t z@9vXAXCD(3!#ESK_x9mo$K)A`&(i!PC4J1*g8U36>wSo#2;Gx$5FK`%ta3EiVAW?) z1h>Ff-DV8sZ|@bH5Vm9i#^5aj@y=ig{^|YG+X4)%(FMwSi)|{HZ;nX^EXo(~9->rs ziY;vVQM7ifS?BU{yvOV>){Oqe#SF@g!{3qLFT+X5{gc&Cj)~#f&=thMr?m~n`f)xB z@_&M{ZG->YJ=nMN|Lv{gKdt1^_&+J;w95aLn14Pt{x9#!TJ^WA>QB+9eSgZo>dviI zJ8RX>H}EWY{tGvRHqQV3{k|FhV}Bk0V?~d4{)<^{_xvw$S$S;df8Le9==o2^6vM?$ zQkD9Q3lJk($pxq_I~W1=a|thC8g+{1@j|_kwV#177BMI5^~%NE{QvB|Yj+#Bk|=sU z^H<>Z$ZJc!67`m5>Bc!nk)3Sq>xY)*B(o>8R|f0`NyN=Y2WV2(PJGw=kaPar{F1xy z>c*>I6h+$!du7F9H&7@PfT}{FP-R>G#$=u)Azw&!riGIayI?CLbS6T-B!4v^b?c_O z%4(8sdjuH@K^^*9lZ9vSK4R6oXN@p>nVG~e%0|t6xpxRm2p|i!ysI8_P3I1Qgk%L6 z<17JC#`4&e!)%8LRkX0<>^O&st+aJvJp){;y3BJV+ywP&N$UV%Lnfh)zJccQ66P@N z2y9JD_O@j z?P_^xQ_IGzU7+PPwzS-{qczIzyr&5*?_oac(vJWI8KMhBm!hGp+Cs(7vMd`jSB&L` z2$PMKUiN`5m@fB^DyWv^|M?L^f7kL@{Qu^MtJU)VaB!6`jsJ^Y ztlHp{FJf)WSp8K?npRY?8 zy5)_U{@Blw{9gvhSf$Dv#3q`=CYr=1 zn#8)JNl5l{q0A!u@7J4v5}SY$o1>aFJ-zmS&oL|LTr8Sz=E(#V`#*~WbRrj7{bsPu z|Le#*|2aF`$gh(=&b{vl``oneNCj zZS!~7^6R-C|5a9%2t^>eOz+@5yG&DZ*OK{o+cuEzR1LK330oIaeTRDb>Qo2~dtB?> zQv2kiyhyAQDxJXa2)Cew&z>6Ds5sHbUrkU zPGz24X`pd{?szJ0&q3lMLQijw86kN^Gm?F4ocwJna^n%XBGUtw zJ1jtopl~Csa&h-q*yc>+|;U!ANz;w2zY(r+EUG%&+A0!?KhWK<$2Kl zQ*Z+*LkuXC0aSB+SEyPdu@B?il~%v2;I zZhl4;dt#apRLL^2Z#U%Ca2f8O|o)r@;Ez9ublvnCpu59!?mmZJrKqMOKz(kEBzY4*x+xc8$ zQ~C@N=J-2G=DB+>vIi;^jIX0c7YE%YMU2d;AKJA~nG$R6P|xyk3R|dbK@tr$YbUHE3L6HKDKkXLGUkd#M0z_dia~ zUHN}}aCEeh|Lb^c`;Qvj7213h#EljZAjygq0be-lrp%3qVji z*AWo^?$ofLa$B=(BOCy4M4C~;jc5t?poTOM-kAQouE9U9Gg4pv-^Jg@ecJf{`H_47 zvPZ|E`%Xxy~_SAej9c!X%`f4F$3B>?FO+HU@YUcVUaWN zG0wA1%j0F1luc;Uo^K}>{xJIdTojK~;b;eJZ<%!U^6KwD1>bVT6$_C@kudY76v5;k zz_Lx(Qd#xSAbFklsp8LXwEu_z7Q>8-YK>=`9o8S<5XJf#BZV3ygotfhG&{X3>3i=E zu<3?l4CA&we7`Zt9VEx4*`$UpNHd$WB0!r}osf6u|L#2&aTYAyjamdjoBi+X%+3FN zdT_ou|6R)?CjNJ*0Ok!Pp;cZxkKwFJv-T)|E=Yb0^XS0tJ(f}a!w- zfry=5q+!x@;@0pxs*x3Kp^2n5ID(=f_SicMn^ZR1;Nrjr0BZ<7$1nIpgOcr&K z8_f3VyRjXL@F7Cr1a1QsM&RPcE_^HEj(=5%Sjq2^LKqi+QOPr-FHN@f;s4@vbpL0V zBv{5xxU3djlPqZA|HlXCuKs^^bh?TEyOu}se|hk|CvJkLFTVlC$UaOK2*AUc1ZzND z!W0N1Xx85{ey!X}s1P4C%9sVD7>-f|C>kS*vKZ}ho(828H3y@~Y1HZ_YU;_hDyIQe z$m|adwBn+JO{Ek92#_w0Xo(l=K<9c4vvVGuM)TCH)Erz<> zeJyreW{nfmU$J}U zRuShnloTW;sTnt;h;zknOST&bmZAKRIBM$n_QHH>y_7jbvHnnfJ>F&B3D-e8uG3*mY2T)W~GMbxGxEO1ttdK;+=!Fv?$*MN*iCC zI-J#oYLxF?f2$WFXe2!oH`!J3O*7&Ij_N@9yF2;@2!VWfn&=IO zIbV&{;mid6CAj5qz3Ive&}B87h4>zJW&@J1)H%}GZ=7hISrxIL&_YGz=RKG2R2%BO zZt-_8&-s2$l&J<HY)Cx zEw+f?Ihj+h(m5*-y}pS+^pe2j8<@f@Ml>>HHi%w)C=ktH`dXNd%b(Xb!3?Rc^mme^ zx}Qt5`V%jl9o(~FMR%4{WCD;n&-`{QYBf8pX$lZ|gR0qtyqV)s!}&U()`oRUt(v>bP#PTO zNv+u-Fa?5p8r$pEiiPUbG6SQUSh+*mYfv?$eyh@H-$pbv#X@oRy|_^Ix~k_5vV^j zT?*74e9*l>qoIyh19c7ScA!ISmm_q$AE+TOdquFC{^cz}4e}8#3M$mv=J1W=6W$yQ zX||Rjd8dw3tm0OpYUvR!CRT$Gyql;8r0?}ahud%txHgv4l6S!0gYeyi)Qs%Igg$$U zx_Q%Y|FBjD7f=wF<7_qBr2iM%NLKgV)o|1-{m7QvSD|AX@bH~#ne=_dc{dLHNeKh`Fi zRfyoYviGdn55P773V(n;TMYy8RagNV@|9Hd{`hfF{ zpB}mE|Lkyc|7R_av;K{dTm=U(z!>j>d7F+IO? z`RbzPCWBcDhfd_gd0Y(BXeVg0u8z}GLmji5g)H~M&MckEOd;gQ*ZBBx5Nt_1GgTz~ zlW!YW!vAspEu7)>zQ!Mk*m0ps^3SHH#CBt^IUbp)ataU<&a9H#n>GV@ihnv+`^sHnF3vwgd# zJ^8(Ev_d4v@a;Avr>{`&aqC?H;-b=VPw-P2Rb_j7lvGu#tMGgPD^kD)SDZk@f!@_k zIo`L5WH=Dh-}c1Z5+$3aV%=oCzFC|^;-9m~oj2Z0ldS}1+43~)JI4fskYm1hA$DO3 z%@ypvKK-*2`Jc~6DQ45xqoBO|Oc^v+KD@PLOp<)nBtvcczOpR?TK}z|)197rx!H1wP;mR_v?KR_Wf$yz zqF;?q23hRBwT+Bqf8H)dR2#+$sO`3+MyJ3tMCQWDYN-CcMKQ^e(5+592LAnB1t8=; zU4GP;ch%3p)z@10A`gF6*1sU_CtS>^K}{qHtMF)Q7__%d0_{(pGr`F|ZAZ|;At z<#F`C@`@hdW4jXVFGum0>j~y!zp5R6ai61$irRy^y|!TTYc{R?4ho8AmBC!-Guw~v z>?7OVG0$$VZw$lq5d01@oFynLz>#my?|6@6CEF22q6(h_&;x^qt%irS{h&j+aMK&* z;0u0MA^)q@8dd<>?EmLSZv2Pyqw|gZXDyE-|Et^ft5pE1De^^X04DmYQUNw1|4$_H zSLgn?Vi~+j{{I@z&=UUtM<-`){`d2F)NE8b=J6=f$E0t^~q{?YStN;5X+S&jmdt64-ok7m-MH(% z)i`x8b(Qo>Pyrsnxc#|kAD>Usgu<{Q~vA3i;LQe45l7h3wCC5U^2?HpZFH>FF*1FXNcZvtD`NTmApe-S|(Z z$LE{-e`|Rx`LD+IaU!xR;H!uQ-2m#-L`=2u3Pgt1UuwgsLRFwcplIFul>}Bb+U*xN zTK6avKH3?dC4;WIC_Xg)YB>geSZUqFmlK9nqx^{BSSxxpMu66|+k|EP5}zLOzaSJ& z(EiUbjuB(8NP;?Mfo+rj{`t?z;n_z1ujLU8=jMkizRJb80x_@;k@xu`9vXAxb4UW4 zFXArhg@^g7u6n9MF-%h=?(z@SpXTLxqh&WekNL?C0N~vWbc>c!%KV^jgqklKqR43X zl#Z}l)5!X8Lcs*Y2IJBuin=`b7Qy64iVO56i%}$hbD{nUX7`ct+5OFn-;kt=b7!b> zwVj)h1hrhZ^{&o}I$jT&FV8+<){R61pRWPR3VPpub5_qV^9HStgupI%hgOES5y*d$ z(QGzP-)9N=ul~47A!BtepVreN|4)vOT={=`c((EXSj%I`|64h(KnyGpetZwv^-E|& zceZ?1>Oixxp|%Ho<$jCq(4ZFVKNT$cdJIe~%na%z6J0WTtpvr(lL)#sEdX&JincHUSXa{2(m-WL|)nH(-Fcy}Eq)V(;I-y{$m;_JlzNFvRzS zz|K^RKV0#VxRRsekx#+ie!5dazkT)1($Ht4Tc-iA{o(_hcF$KVbDND;spfElo{*#$7YgZIpY>~`NBI2(f9RAn5o zhhKxhC2{;r{YLrS3LmUGbDasJ0pTrx7&26r$w)E9*<=9Z;xFfDiT}kj5SdE=+i?jk zL@hna`f{NY;@4HRbL2b0JNU%j3by2-`wT??5&cKxq{UMN=AeuT-UL$Xz>aR)ZO*qu zGPE^6!;iZgbm8IsQ`wJySd*nx3PUjs8>l7*XSvP>Rb*7zSL@pg&VXQmih(_loiGil z><=E#)sJRi#6qDu9%Zyz$lAze?1kEjUNfv9R?Y@7wuWP~KUwBkLjPZJ{`Z5Uv-49g z|NHsjM*m;OQ|kY#IqS<2WtbHx`-J)5^F`bz_j?`6D-QFvRXAyw^Fd zo{MVVMYYc9BG)3gN+F(scUm-l(wVaY{=ba;7laUWD9O;M3AD)n(*sZbpB7cWl3gP2fPAU*}&O@Aka}|Z_56=X2w4#cBxd0y~))sN$<(Q}iC}#^tf`tHQ5=q`{iF9}1GgLr6;kuv>V!E_pqH_)y*HVSYVQsRc3D|y*?pX+y7tGb3 zF@~>HgO8Q&ZAQW!283E4F4NSfL5*vhW0MNnGxJ*Svd%qe?Hk9kX_(4yZVQ~~xA>nZ z#1TCEiZ1H{kyj1HJa<1kt<;`@1NRtNPk(tBk?Eij_G+?n*rjlUQpwtQA@#GmzbclF zshzc5O(<8OWb#etPO`B`BVk=f;LXX`7sjZV_Yuy*mnXGrM3#|4tpBQW=DYRu&}cET zaPsIuySN<-0UM@qiplc5V>YY?KX4XH{(|!LpFL1j5Gn^MBM|9TF^;0~}`@h4()3ZZo z|95K@8)IP`9! z1Yy?fDP``4nkw;>+-3D2XC$EW3OhDerD`=@gFbx51yy|6WZ`}`+jv%6s`f63XMdMQ zcXtVdHb%C!@p4`eU=0{h0IG>p0C}b`CRB_cFjp<4NTi^!6H*9I0g;%(N~r9ir|{04 zJ#TZ*6}6~x#$Be5f9I=PsGxc!8-3a*cNwB=igVH387weYn(lR{q|#Y7ucl+vqZ|8A z!DW&FMrKH^NQx$qCODgbyD2OHjHS{pX+0)%=HE&(EFOv{NJB@$Zt&Er_`x!n;O6N>i4+n6GO&93;x=LSj!IZ1BSPJ$vXn+u)K z^)*@`Isn4x2Qi-sQoH?^kXVqcv%6T33cnIxYHYOfY|~S|Q)U6{9iG7n(&mW^0Mi_2 z=$gM&1sICwR3>;S(1)T@&gne6WUoo~mXP8?+R^N9-!nunz(M&khB+MJR3t{aFcw*Y z8OQbZ>OwgaX!BQM+XN7Gvnn9%?Kyn(Ra9{CmGp*7AQl^0wrfM`ha2+KAFv6=JhLv zh4W^=nC1IZ1k+-AUlA9<1h1hTF_Gu_qqgGJ-2?k0ob9uz@n%oA2I+*EMSnLMK=G7- z=$7Lw{6k&Y@(URahr`J144KDM8z~RorNy&jLMe&`e1olLiP?~7#1SEmO`N1c6{wh> zNv29M(>h+|q_x<8vWN@?&=3+nj5(A3xl!Z@HN%uj(xE8k7BE3PYbX~KNoDm3CG*_U zdK_jl%t_+Mno2g~*@aA$W6tox)w~QK&p@=d6^2sN_Wn~#m9WIJ zi-1%ty|!DXsks8U$|bML=*ji*qq8LVBcgdIBS_;*L{GqQ^^7@bRNG z*ce!Q^}+AIE8M>oGL$PH9>#OV-v}51L}hi8fN)%Jk@M4*?885L)M)8#4XCKcNWUpL zM$0(!-9_JVuGrD?qddQOGHD;^3fpGC)sG)Vuiw3S{^mj`sDgnA=kS7%|LGG!KKpY< z_Zb%f*_fStNa)XZID>Ht_8^d?+51l5C>Oe#Srq&Z_*Ov7J>D6&7ZKRYLvQP5VMR|l z2PF~#IvR&E!Tv~`%XP6g7Jmy`eEfLfb)?f0agh^k)Z?ZCWQXQcH7DhKXk9y1h0w~W znL)i5Pp|`S^>1;8*%T%9qP}ta(a|V0{Dq9HGxA@^NC@S6i@Ix7+S&oXgE1wuzr$JT zTteW`bdMjfC#bdq&TdYx(K|xlrvxS-a`p?6iNhCSGw*Bv6(yA0MOPDWi~aZL_|%R6 zcYJ=j@&8%NWBLDxyK(Bg`$s*?mG?|X3$QsqsH;NK8*nzEh)JF!w>2C~v(wUP;aZjR@YHAiegWP1 zcc{=oSa!=pWX`^AX9o+Kj_q>stm2{#?01UN98oqby(>xxk{5R~JGuhGju0B+NR!L8+lV|M(K#H4x#3UVtVCxBtyHKW#{ z79$%RXKSQy^fa|`FVPNu-+v0eMMXT7VC^VYKJ;e|XVYSJmN6p^VtYdr|-E0Z8are)_Ith^wjG! z5E#r}n5{HbkSc0!H7#RB2dztJG@M2)9wTTVrYm2v6=$&s;<^f%kU+qdNPVw4v(erg z3Hsny;ixd+=GrzFl_=7|^@(#ZA#?bM>C3vhe|xwGPm8Y~DM78If}ejhv(sw+IK8Vnp3RUe=A2GP+^EIfFMRQ1)o>eg#xd(6!G~4gXxrz_k6;nguI{UAX*$oAd<<}Ux|wW z6-rT6BdT-JGCVQ$J?)GDqbc8$Puw{5ak4w776wdHP~P@ofpaEam38e;%=BI3b%WlXytwvq-WIG+fQk}Wz^JyyD^$QxE$#6ZtXYP; z(@ol-d|M(H1~@GcH3n_(X}w9w1UJmwS!tCO5%$m+e+bnwCfA;C;|vbZGqGj8%yT}; ztuI^N4Dwe*`}@$_`ZLlwLo%)crmO&P0ddNuNX^`@2x#IRI&}9I1{c0U2AMSvmSdn> zhCty`;|`642_1!`hA$?|x}HCR@h!l~f;GcP^M>1)gLKFiOTsHU6i3zuKEd^+bf)EC z{AOMb4_6+Rgl%ZOXXWNW_J4bNU)6G{@NboRVyS7t3>TQ8z>Y+eH8+^<&NZ}g_3t)T zp#Jrs1yVC0Lcz9($|@l0stSc2^}57)XQ#HbUHD%QBIgdACRHV23K zAw`Vufn5`R4Wd?K4!%~PeNn>*ufJsy)$NSJ;hAx(wiEJY7%W-eQm#sv@`9(t_;Sw30K`R~Eu;hBH_d%WTQYk9ixe?HcI`9Gf?A^y)lF!L^p03Klf z{5|Tx|9N%JRwZDM|8qRL@_*IjV+jC_soh$m1mIOH31E=*6G#9X^Nl3<13b&}e|_rN zMFh0*|D%%wH~!zr#{XwMPZ$2LPh|Uv0PkGf;0)>;vUdX5J^ikv!L?bTQ6S*TU&d(0 zl?%A>_}do^Rr`-59Za;nHk)LGu4sx0hxDILQdC{o2#e42S(g9LP(g9L8vcKFaI)e5 zpXlkr|J7Lc>OC0nzNGW*&yPcxUCG!qAtd)|MMAO6ayKu<(){tpUsC~XN zZdv}HH{|KnC3q_cS8N$n{->3bb-@cIA**KV5~8Y+Q*T&!M6dH?$y`we64`ucZT{ zWbhh2?U}3SeF3(gu$`!+ZbLZlZqlzLS}l^M;FF#zO;S(Lc6pIk62lgK62e6#o zoG6+^^}?{6lJ)UOJ`1@h#-OuQlp|Iv6aBETd=!GC9UciQ0kN0>I@_>67CJ9+c#`%b z-RCQ}SM@9_|0$VwIQf@PtNqX4{~aE0 z|Ben%ef!_Z@rM7e&8$6H?=4wqGbX>O&6fTVVEVU4!A7pns@u$47C>NK<&Y?K zW&LIAYQLo$S+NK(ad%s;+xqA_jk_Ob2p(?pD=GVjG5Tpjci!KWBeUEV#~WCi+}7?! z+d{${9QUqLUn1EAa)q+jmkP(%Ra^nCl<38zXXKd7vm|syWFzN4?`K*0uY=%pQ2^TH z|ACkP{p9RuBmdX(tUCTnIWIyQfQBhmfHIC!Kn1W$HtGN+o?MVt)m$w=f9b3SRG^d| z@S}qmjsO2zo_2{|4zwP6QsRas8uwl@KHa3HpGU6;f;eDfkhAgov+qFcVSF1m`3fP(kb2 zF6WUJz&o6#0H)#&@`x)sh@s4h)g><1zD1n-qTw~WR(Lv6f#feZPC_|pi4Ij#Wq~Lj z--mNv<|^#gP+Y+t`sY<;n3<|Kf+}oR_PZeB@E&J#6o@*5el<{z3OYx=M7Gb{-so0D zS_M94DMc{3*8_)=A-ED6L3+<=S-u7&iyM1VFQBTym7xOnzt0m`$Uq}yP#Y)ymz_mZ zk`_c|;s+=Eedv*aXn-D;BHq&!-jfL+0kC@00?q+$f?FWUL>5R5?g#n83b?TUROFo) zx_C%1)bL;*?vg zxe)^BLk_b0r{ABVL=_*xFCh}msH^4zxp_zid2LWx>mERX5C{-qkzNBeJ&|9p7t#(y|DIo;U* z*7Eew|K-p-tRS=jkOe(Uo0SdE)c(1i4hxY9PvvJ95U`mHS?S%f!b{Aoe0XllFiCKM zNe0t5WfOa544v{auAQ>nFwRMx+zwQsZz@~Lb-3^UN0-G4hIp!F$= zQ!-C7Sl|WP%O_EjzP)GNJ?ldc?1Y%@KoVR=!CjIn;WoPyMn#=#qlgNjbyWqq2@}VP z#pKm-(QKGne%)al2GmUDdi;CmD7P95LG(tq^C(oo#r7x~%Y12F?U>ad8JA}IOk4K~ zPlsu%t1LZj!)d3GKM&Plf9sn zxGB3D%_i(0U<#QMXVnf{ILJ9PXz!WYJ_}lH9*Uol4 zcqCCy!P0u-v?BAY{Ed;!M>DV|FNaajISqQx3mNdRGUl$OCd(uR z;=Ry~Ek=n8hSIT243OySC(00JnCNWXd4b_od#5XWjCl2Ce=B>N?rXS@CTlI5_C&5Y zrPZHpGPH2mJ@Dc~E&?rspA=62FxG8BBsa`RwkLCU|0IiWRzpndc90o+B2^KwoP;8H zvW>WJJ9Z&%X~Sz52-;j6l$(lEOZHSAl*}N1D^EQl&5VY_VJHwi(ryjLD(yt}ipCY) zOAOQvLVLQ3GX&n)5ZnqiMkIklSpn`S$tJ_@BOp7kyIG!iz$^hXNZ(gYLKfB{Dh3o# z|1kj%OM%k>;%=p8=D!hEo1C6@ht6r0)>`^_rSH~ zt*?02Z)G*Dt{z+ERztBncIAw*Hb8=ayLyJ>f=NCEnN;judzjMH3&Qnuvu&kYg&Qe% zS!F{^#Kf02H>sGpEh)r*uL9_APTBqdPj~zO9U4sudB6WNOjN?lw`hUUojS&D2nE!3 z{&#ZZ`v07r9iDIO|Lb@fH-l=(hczQ^?F(zlh@D{Fx0Y??$B%=WnisYwZ5@08eh>Wi z8z}M=469Z)oJ&7Ttp7O0C@ZAGx03i@$H!j$$K#{T`Tts;PV3(saXXr?@j)zI>qYzW zHj7`FW)X9W#qgVXmZT~vxc+samvv3yvdQ1UuX9o$f6do4H>asAJEv()BfQAc@b#4` zQ9_4Q5tUH&{JWKF@I!{rzz>n%_RC}>P0z6Z{zP|&<+7ascSIDrk>~37#amYxgQUyc{Myq{e(IGj*@v^--`VFkT&GD zyS^*c_lLAX5hHUNqnbv_&r7x8b8rEa#UwAwiXXkD!iIN$`ezCLzkn%D#H3wG{HMdS z1Ls?m7`!~6cZPflzB4wTce#NVN z4R8j&(kMS!d<_bDLuiD6I0Cfp2vjNUo5B|gR4$%Lo!UilD{%bHKQMVZA{=)#<+4cx zqS?HVf9}}(1CHeOY|e_mLZ;f3fOb|zh7l51Ny%84`gg%-UVsTH$^*~DghAB=e~+`|nt_O=SezRKknT(WMyy8&K#?cABl$Ug zZ^mJ~8oH+hzbYy{zgmVv51U3faQ(Wy@4V7ON2|`$PeIh4C1N#N$Zk2DCETxOGi3L! z*1&Ol--7^F7h9-N**wMI_UoKC`NdIAB*6J6qAMqbSOaC7Jt)z9-c~!}0drLMzL}NR zG`3Q|?ts0D4Ja&8LpMTI=Pn{#Oc4cN&1w2IAQXJ1ATsKE@QSVK^@G0ioFg{m0V- zx^=*?CH2R@s{E6hl;c1I1Z<7=^&}${MIibX;xrU}%N`ijngwkcjoa$dT1LsnSaqbgYHkmVaEyG| zuv8%Iae46p#zh387r)N&0;VV{x(|*8bD7aG`n8s^aS&d1aCE3~^sBNznTD$!LjyoK zTaZ`?is0zAQs^gb1p5aN4FzZ<63cw$H}y5ZOz%HdqsuvcHtciVd+f~DriyhlSriS- zj#eJ$()zl>`%UgOtk1s0T}sp~D<*=>4Rv z_s0j1+WizUCi{N8hRz3w@tb?4b>ls-%(KM#e>rqrJ-}N0zm85$-1tAo$ERnT^Z#`` zUC#flLx1C7QGf5?{k7*fw}wyeN-#~kcu~lDRqHJ3yBpQ-LPZhd#nM0nioYo7zhAlu zQympWj2BA-wK=h@W4{xihqaE*wfFK{uaS7sLp0)1ZI!lj&mHhPC@7wR-$9161Z4#{ z>V>TB^IngkT`qWb_h4L<|7ATAs(^bA(b%j#`sE4HEt2tgXdcQ{KM z!0ed5fFU%Rrliy(Y>e!8E$G;VJLB>vQYU)Ie-(#*|L2&J>=!b+%~8CH`#;A=ho|2C zpH2L~^*kyX4$1yTMu3l~k-GT`rm4*EtY^Z-;J4qJ_?1pKVa$*wwpHyDtWAU51*lRN zB4jcDAp$<24~33fEW^DFs(PFmuy~4+d5UB;{fqBocqhS_&>1Xt0YeB(iy~(i`}-&x z-r@H+M+t^QLMQwD*FG;k901;EJf{?8@x7MXmuX7wcEPuVj&QOI2nBCZp28Rn!E+f0 zMFf5l#fC~*LCN39i2W6_g3$Yyc!mp!VK$$Q5anHxrN9_xm`zavejy_PhN1%E%m#hP z!LoTABgV$_v<-AsvK#ng0lt8=z}e(Ef=P-qR4M^)av56@B9}vL=;?q>0ela13uzVQ519FUU1FKuMa8VEkSx zLlhQhaxcM@oh#q-T62aZ7@-TwcvV~r%1OfH#x_HDfMkdb`=}!hC0DJG=nl9ViGFX0 z(zhf{aW;`bGlfJAQ`!+$p+c_Un+uq?n#x@1yH_^~D-=y-s64t4;p||#W20k!Gc+Wj zVi8)MP}bIoX7I!J8C*b|!cofMcdK(drxO(I>?nJn`TfE^-sz2kzF=v;_J_g*GPDbW z+LM=lXvtn02#FW%sEA_qNcgs*KcTf|_0LlBALS{zpP{Uy0?;P^&re*>YXCyBGgs>C_rtYl2^Ce>p(Z%={*-zGiiLB89Wg?Yo&z|v4I92# z0g*0lhqnI(PHGAD?dWzpm#IQhudpKcD8@hl^k`9tWj3MFqu(fe{)LibSYzc{+iaIG&IO zU;8NGOrHJB@)XJNJxZiAOi>a%T1oG#!xbUR_34Mo&M`uO&NCt51BW>|q%ciUirGvy zHG?1UY(5J#83N8B!$KUSOz;9_;*=!N42%oBK%RM-4;UU}6{$Lz%d24Kxei6CNGHW1 z@iM{!{SJ#vq$)oFM`s2_K3Lg|Cb%en&k8gHav(SiL}xhTToD)l4_Lr-j>-h*Ibm4T zS3agga6J~uGvtxbZgsB2K!z5GR?rfV%q5P}b445<6{+gz<+wofTQx`*;N82Ip${PC zlSq;x#bYFnsmK^Wu}(yHr;t^HjXt1wF6gzbE>vI1d4m9gEL03m{Vl4h*u;*7kcQ`Z*j097uJ;Afg6&TJOzkU z0~E&Z1xX4J!;JUuKVOsVI!n+8l>8^yRyyDgpG^O$U-#M?Jl0{R!LvGQ^+pXxu{UAa zy1n`35!HJefq;f@OBhFAGd~)7`>8y@w5N!7dTGrVV;@ybgUE*C9|)SWs)CSV5z5q( zExe-H*N-0uwG7f}q>fh^C!0eIg7e(c7l_yK+26HC!vr&{KN`bl|NiT6J zI?!DT)=Scl9|tM`%Vivsc_!|`2)0&FM!vTEN=t2~IAi777YA}{fqX~aqpSlWP1To0 ziOw^wP+z5xv5xd`t1R2JA(k4n1>Pc_!3nyVr(E7qR4nP{Qcye-4LjhBFs)!{xgxtd z$CR+*H7fYj>_8`@^s*%4Aa1UocWmtD`uVaAu_>hJh7!Jcer?4sZ&@3mddngqb$m6s zU*haN>wtk@Y3Zea#4g(KYHL{sX8Ffo1llc+F1zM-OxHhJF810RBwdioDJB#b_YYzQ z0x=KL!;$04l)h~6P@ZAJs`y0%yXc2%L2{Ck$^C6k5lpT~#tI5?RxCG}4ZLdsKSC!s z54ub-WX-o@x}a@o}qXyIFZzOFFK8;Q|SR{hjGJp=-Hek;><^7_(YT` z-)!}(i}x@`yR31W!@CSUgiUt3P*&3ooZ;fi>WclQYj><#YwA*$3B4fceD-jzsKDqM z=}qH}UFJ)Fma+e^0v2dIPrG`6x846cIPv_yj?OmrpS3)~*mJ7}bfq5P&Mf&edVm=u zSceOkNAb_cSA63Lwn|4ZX?rO5tY&=?P~-D(sNZ{JpRpX$0*j<1e`u$%s+&~`KJ}&r znX=r*tA6v;JWJ?*RW_h96vPjWDWTf@{|`^y`+w)>ha3ODwLDh*hiVvC83p18BYTw6 z0Utr(bGP_-h~MO59kk5ojAXvb9u>}aTdQzi7~GzxmkS_xZRU>(AsnlVnRmVLZxg9!(I z2GU@aAr4F^qDP^gWF*@Yp+&)0y5iSSKt_w7#`;ypH3pz`kIWcO&@NyE+##UYw)C77 z4wrm4L*z>DbMe3LdfsRfpYiiR`Cnd6ZqfkSa{Jl-(=5)FLmVa@EZYQ zES=NEcG-pjwpm_RQ_PBDuHf_()Mle4Ev-Jz|EpF20`udKt^owQ{Mo7i)n)xhR{^S7w$TB)=>TDhZIpn`v#RHT^1s#g|35m& z|D)pr*ZzNSxQYL>mZ!Y`zhc3^vHN$pmAg`#ztv^O;BS5Nto>fiCVRbASf|3&w^Yq5 zt1Yt4H{P3&U1dN4-33(xenvAJM0@%_^sCpQsw>_}y=&4p=S)@DwCvY+k?H<1RH%H1 zZvU%0@w)T>aFJ@rsM~mdx(!dG#!B&Q)5|s*$NHZK%75i@)_efay8k~t_V@oA`M;LO z^Z#729$@$+{%I@#HGTeUO#tgV1u!St#s<*I22e+`jS*n;tl)W|{MRoVjR0-(|K#Yz zmH!9loAdv*JVLzxs74Wd0~wB2tpel}&mg@wMd6lUD1Bmb_%KWdsOt8u)hvkOiVZBV)p*Fq1zTkaF4R>{obsI^ z9XQ703La)E+E@v?l1?QBbO~p}CsNm&!o0E>N0#u2j3ebp?D?Y7_pCi@d5MO|lrI}? z%`aT`+)OZhpL?5oN6Irt%B#j~96F>)HV4+oc~q9ze+n+M#2N-Q&8lGt41_LYcYgn= zi1f#c7E?r#3^_*;Ozr_J;kr}EZo-(SCUA4BZqW2imfi~zmOxebIMrC>4Ua=3e|3bY z)P4J|$nX~ZI>!_NSP1OguJ20C=-!?3rp{yxoY0#L9Crd9lonA?3Am(78CTLK%*OW6 zUH%i8AiDoEOw(SGzvR;*{|}B2-2Bgnr$?LnpKE!;vynnJZA-&iKNV9oFcXhAXA_cfHS3~ z5AWeDZNGq^kQ$;71%>bOG_nFw99ZqY$k?13VTVDEs7esdfDya|aurSB>Zl;icY`@x z4v`Ii;R^JY)%Gj+9s$w3Q~`M#Tz%o%&fhOzy#$C-LRouriaPqnMx-|rj-DkV9Lf~q zuVB8-cDj=?7PW*Ks-Bj*1w;!x#xX2VuQpf=Q)E=`(3Fgi*RK^7p|2J8^$boBxS6M^ zYKHY{#|sJAp)=x|Hc(L$`!#3Bfb7uP+ixzfdbL1DFzx{N#fJjX45r{ZD-a#SxZfl| zs(M+wLz7yc@70jj_PYGk+x%|C2M}RK%RUoEJoJ3EHn;(;RkaOohS}xBBjT!OzT^9a_ps@*Fcd z7m2aInJ1H;JSc z^)~>t=>Ny3XYT#~!}HDg|9T$Fd=4x7xp~CiZ8IRZ^p-x1=tP51VEKY7q{H2eWa?X@ zv($7|j6LhY{!?%RDMKK|tdOn1T;w`0NZ>@E(bOP7xX{(M;vJo%E3rlt>e?d#XJbNV zDr*h{RRoysTMGd&*3lg8=DDDppbSx1i1auGm+QZ#Acu_I5t=Yzu}3KBvY9DaW|mJP z885a^5DPeOf8k1W}cTRDp9^`2kTpzUQE+ zJatHbt|GViIYo>M;3b+|2-qSJnAN5{nE){toHAn&fJw5)7rudpeX5}~3z#G%V?$n7 zRxOY9%wxYGf}*NXGYUn#b#VOQ=5;%6oS!F{2{a-X(?y=iBfq_l2rlxh3uYNA*p!f> zH|cc6zJ$~D8j-t{G9!Tn96^S_9mIucG%AP;(bs7VHRvN1OYfYkAtVI;9P@p3^AJEJu`aMxDjzC1%}@cvRH{$%G31YB8OMp+r~p|9gCLy7B*7%VStYWX4Nlgq80zt3>nY zzVogyXqYj)uEz5;6~Rg`o;3(j>Eg}Hv7xTv9=m*})mr{B5glLvvYsiT>TX9`}R$ZOTls?)9`5<~tr*zqKmo-kF5f+}woh*F%O9k89L zeznH86&)&lVYYUBKd!BxIkp@pvxkw{V5A!BawDk@X}{f)SkHj=B73sfd$Nd(PaU9j zLq(n(y;DrC4>D1l&iQTxGd4$bPxHy7J5hoo6sM3ed%+knvqcg$HUCT0BBS)Rz(#!? zdLKYEB|?_V@8SoDY$E874r#)!;$Y(`{^dV?<$sn>R;>RY9-JN@`}+UJ|7$IeFaNWA zvKqlJ%!`^)1mtv|zDgYAh1R6Q>8wEDT_`&i3N=6MQmQD*dpK*HaZ4l-awNb2f6 z`iiy&9Tjwre6MB`6Yah1klY0%CP*VBdkVEs&r zKhHt5IE+A~-MqGjZ&8XML&GxNs4@Sau)R5xO1C|S!49zH51|H=G}<+%W#vD~*?uV& zr8cgXsIO$jBF*_ zT#P4|X+DLo=QD721a|6&PQhk{km1_~k*fpGi~ap4i;E|V|Mg_CNAE69PmYiFOJ1Vz z;NwxE=naecqO|ji-v2r$1#%JG$_Qg=UxfZAW9f_}=$SfKc}xVk=FazWE{;!_MkqKr z>%i55>ILPOWE8tl_`3^-ary-_N3U#m(Zlq>C&1u@3Bs8tWAS;qcuF6QPg-EZ7 zNYA{;n1qpfA%E~8kK}AtS;&TU~+SabtOWkmV87*ttw9T#4}B0D_q0WgN6>mb&&oJ2aVy0P-B6{EAnuX55Y! zY(v)5w!Upc_&?!VdAWpx^P?vBEBcVbEO}Ex_6Zk=cj;CN#L_U4ede9n`ZTXO$K8Jl zZV(+4Is;WqBx$ArHeY363Kx6~X7GbJ{s1Y;CdHHw$I{$1RekGeP3ksa~mn-mZE{MqzY_{8rFj2qatH2^R04EVhXi2V0NVvrUWTpYL3P|?b~H=Shh6@!?vl}I z{K4xnlfrUN<;^sEM`LSxqFWV#>J-PSWtb%(pBG%W#u>2F$ByyD4rNy(G-c7qRWr** zc7iB-N+$lW$MwvGds?Rmwqy6JPG{>dHTtSw7XCH*i4y+>0d5-qE))!FD}(-8N1M)} z?!;df1&pUNloikUvc*>a`)DB>rQ@@B`pbV2f~S`cVB7tl({nff%hCDy#{RdKr;7kq zL6`Pi=R91XnJIvDQOEN^Y|uqndm|--H@@JNgpnqk09yn78gLMiX9xNCaj>_y*Jwu) zZCgzX!;yHsWkqQ)VSC;%ywbL;^*boY-{CCXX{g_DI`A2Bxt{BPS_W{rAxRa!rI{VH ztpCG9H~+)Y*}>`IX8o_@;Yz~5^8YO@!i`SAZ3z*qP(2M!z`C`Lj=<9#njEKQI(m0_ zra7#;!ZXdG;jhWzhwkPmleq9|vRo7kBEIo@w$5g=zp|B<3ow;2 zJKgMeQW=z0H@8B*{HG`XccS2RQv+N0|MB60%l}V~Hupc*^GK&tFEpaC|E$3L<3&yE zW&H7KKmM68o=vI-E$fPni+}!R)eML0U-4<2)#6G{3Q;Hool)5>+?I^@|L2P zn_(+av!Q!8rP)U|yVQY^ni49{kx+&>65S5e5(zjl(pz~3F%e^?AU-GR*oL}O5M&r_ z2ZW*$$a$NrPn%!BL7@(gyE!G?JmIIW{wL$6^t%GwqW_(qow?_KM`x#-`0s0Zy!*e` za)eiM1-OhqypFgZsw%v1H5LT**{~wGfb4=Rj0R#gy>vhj-M_9e zLF^7M9~Pt@d%ty)cK%gT^J_P-?N*aOFP)ZpTU^TZU<2=Cd8t77E_7mExcx6u26n(U z2+S9CK~;qZaj|fYoQu?$;h{#nAuG~ys&9J{REkuRAweI2KiT-~C>sofGVxvd9vD%@ zL(ra5x+^>3fGbU?mQh!#LNfG<-)rqLs>ZRZP-apPBUxUCn51L`(;@yKLegHTP_&lX z?(RGN=uV=wId52;LB}Lx1)cNv0c{v`@EvGXfN>H5qe~vPeYUP@V0OIL+s^shX3p}b z{avBE=`ohvjJ7xQKzB=H@r0+=4MjPm{+1B98`d!;v%fKtH3=k-Dic)n-nfS7({FPM z>Ncq60t)rDaeL~;LaS@d@?Tx5#iq?^OVy?gDp+EZ+B`#7uu%oAF5BTZCeJOEyi#)v z99EZ%NGr*E;45A43HusgCJ&25cFUhMq<;t&8^cUpl&FI3I==9q;uxjp{!d^0Tjl=m z=-}kc+y9+x;=iutdDQ)1nFOT%09Y02x@$8o^tx9<-CdiWsx`Yd_1W09nShqsjaeX< z-i?)aYdh}7?2bIvVR1Q>c6)(~Jm^=K5<+%HIZ4zN?!Yyk2GL;Fb2mNa9jj2ADmw5| z?Yeb?ZQB6%pMrO9p1-*Omq{Yi0mqPeJ^?kmVH^J{{m$EY>hFge30796^ArUTcW;kv zj_&`wPfz);ynt^+W~{DSK%4*9@sTV4PYzBt_TRNUp8uCM!mIHCbJD5RD+5-+ZVG{o zuAvs#A6(_Yp2syRf>p>+6nxNq-No#VHaU(3aOmtp7Q+9r^aHD{DA;x%Gp93UHm+um z_4MTbflP(%QlN$ZpB$W@IQ;+g@O;Dn*YXIKm6IeXM|C7db!8U-gSjnxd4UBXJiaGb zo{UU+62QV@N}U6QaJc}?gM_%lCOYw#8Y3jc z6?*w6=E-OiC#2I^)Z?8)J?7C+kXv+&%F$(Vt!$GC>0rX-FnW~+D?Ve zs#F6xB?XCzAYwEviaelZ>ImS`7UvB=<4_siXHn+l2{@vaIDAMFR~&1tHF z^zRvYHA-7y0o0kyZV9F!K%J8XdaFuXUP_To#mFVPKKAjEW1<8~ZdC#0&?17@Za1h8 zQ7#I@@xO$hSBcC*C%i(lM z9h$u)F!@G-iUL~k9WJJR-PEXcedAO!r`9u2kXy06Qi(V1LXP%q8dcFOCzKC0D+q-X zB>E_(qEP5WKpH}ez)X;1e4}S=VCw1aIAv@szC}emm2KEb(al0v?S{ikuL!p8>A>du<9Ft?mV8 zML{T1GhjX&Y02fYs%LhaHS`T2+c@>Kn|HU_cU?K0H%&mlSZEIFrh807-zhzao3R)9utnof?nn;Z_Q&Y+H=XY?bn@55>ah6^UY|W(N)OFhqxiC9r0(Lorqi(At zEp8?0Eqt)!L`XLoswfkrnb+0t)LvXnRX&MjP%qgBloj+oCs-%UcgS5(h{pJRl?R8< z(IVbs_sj~-Vv<0QMVVG#0SS4qHWZiEj~vFXnWh1?{=j^DPW`*k_$oSH@%^~YMOEL& zu={qm?zzFwqIP6LPO;t+Zfdc;yZxvcoLo|yo)Yrj%g9s(ehr`(RTU%P0XHT#pR;#p z#85n^DDv`+lp3;9kXd+I`zyO_z_%hA9|KejR}C*<#n?Skh2~kA^~ozPlRuegxy;29 zoeu!?TVra4(7RBvpg`ZQ)JXZta|qsl3NG_Jy$5>3RU;?$=V3Ya0ZXtkFIpqr z?xrXM_}{=7e?Sb3<`V{D3fYv;vhTjX1|*XwSV2v1|EY^MpW^8Q&-8W!|AaDf)^gtPzRJvmn)lzgG|i3JF&Br#!zFhnk`I9Oik8 z`CeVPF^J@MYV}d|SAE1*8-Jv=q0W)@ORDz)-}ykV8q?Ou`pamp{qG319dGrBdGAop zMhgF%oO&Vi=$xU~Bth3Vz7q$qg^^sd4HnW0ly~soqy^)Dy9sd*@yC+14ug zOb{<&mwomH_xT~ zw0g>aI)eQbfHwJmc6{ji{~R7{^8c*mk@vs9xx89c#8*B;dMW_2%IY-$5t~Fhhg7Ud z9C~S%&0A(e^LAN%b7JbNL&_fvPS>Dv@G7RRA%1&Gh5)>dc(J^pHiv9GD48X@T+yT* zZ+yom(`&k?hxebxd77`ej=s`j+I-rWq}O90qlNv56C`eaBm^-rC4`2u3m{|j8B$i0 z@MXsBkng?b~-y%!^Jr|IDZL{`Y~K|NH3p zXp{eEEsq!fEHO4Wt^+tMh!=v3fxSADqa}su#l%>j@DcZ6CaJc z+!BJzDmsUJF~BVy@I~U=HQbBYfycVcE!v2zw)$M&*43@lNFg~i&!jQfM51in-Q`&J z-p@0c(iiyjZP=yt zN&L~Y5|)ao+Bcr+C)iYP5`Ao*PyO`O|9Yf-E1x#~@BGxW|DT*~;{UAWF@*Z+RKI0% zy|J~Wcw=5}Hx@|g);XS!s@y-M53@4GHAnSfepWeSkKZ2HM<=c88p%hsw+Y_!r3UY* z$z;~JsbH&1Bxue5KUT<|FM1#Jxu!j|avip5@S7}st5e>4>whXzzzXC4pBx@~`rp~+ z{AWFnT4eG9|B75d)FkPx0IFJ_!VyHz>u#I^KO1!@PK4+HnCLpr*e3{6V9gW(d|dS@L-X`OYw+JDON6i%<6e3l*Ix^Y#TB1X~$ zVxi#=>TWfjNMSrV9wx4yBduDi0T0+~2W#opqP?5cWfxqiI3EQ8C1Nc-*tkB`DSMLB z_t9G=JA8=qc)M09#~;QqnP-0}^->Aejd6JMxX*I>|D{|b9k&5({@gg%}@6bpDep;#h@640`M`y>I`(JB$#9DhbFJOVQ$&Ye$ zWgL(>l>%{9r^0IL^i%`NT91D&JZqwYA%_)8OCA?Dw$lF)xd~jiqvb9T`X4y|sEO3| z#94Ee&5`q$dgR^8C6sE(X=GSm_oMLmF9ufq^!4`g0qq-`?pPnUsb^Ws1r!e-FQ@fjy zuPolryr-*K8w&l-)4$3_dMRQhyk1I|uI0<#^3JX+fLj`RG`nB3iub2gp7iqRrajdT zULQ@#YGhibV!`q*Im!5(fknCPBUyEed>71_e8p6z32zLRwH@A;Ne+_R9L0bUzFSKO zV%c8`xltt<$Z!fo)N(t;!*4ACD-_UxkBI|uq0*&YCE$WFIQx(}VzLOo1dk)czWW7;KM7766 z>~Cb$52astg-1f>iju51LNO)TLy`Id6ztFZ>8Ah7G(-D8;|%w`{M8};%fa!n7ytEi zlmBrokF@_II?=IRR7NT7*C(ff`euhjkqH#02t;aOM_TTiYDS7jv`o*}e@n5@shqHI zAZXuASQV;$1Rj^_w(62;{M?f7s<<$gYTQ_n6Q-u#Hksi9l%cK_k#=kVGfw-&h9Jh{ z%>vOoiVNgmXEkYoDz&8{h{}jAj%C$oZO0(bCWiK(^y$a{)xKo4_dgC#z4$LjXNLzH z{=be#aAak>5N!Wm?<~Z|O>LXRZYU;M0dWSVD4hXBX}Mujf&eoxXLFdQ_aKHDmz;MUZPw`k2m4Qf5l>c5JT5wwZ{qogI z-m$;kzIh#)@G7P+ty) z0&V>N_{fd_cye@dvf=;hc-mN7HP#k$Q=4^R#SR#|aq?joY{|M-utiZz>(do%*I5Sr zYS&hF2KmZ0n{8$8(Z4JwY{T1C1~Z&|*zpcfWio54t>B@&Y~-1hvbz2@l4U%!dkv!8 z%Q0XzWQKaIuPB*lD=xLrth^VpbM|;yz9GK*h|P$fi<&?VrA(9XlZ5sU8R3a51f$CR z2WOxfd?`;RqyRrXVgHB%Bfk^$RN3rYR`4vt|5e`C&H|v-{&RTX#eY26#D84N({4v8 z$GX1&P?hT?fC0UgsjISkd=mCx?G_G?&f8UM{rI}B^kAM|COnt?+$R5qWo{n-S%&`` zszWCk(60ZVJN*Cjc;o-So~MofJ7e8n1{eV9<$%+QyB)|-08Y<6fvVqEeE7}&X}1Ud zNOsvHm?_ot20@Hmxj|r4VRWk79tfM09}a#a&Q|g)#s3K{x?6wR`TyCmYyUYuKi|av zT+7qS|J7JGGk*1+E#ivD5365>Y}lGYrW`SE2rb;}Qik}*m6O-5{L>H~C18OabESn* zyypIrQ>fPI(7`o)C8twvV!vzGQaU#F%#(#BQEbshXjrbPc6N3=&rdveutf7GOn$}U7kce>cZ zJz`5?(}mW)$WdcuNgTF_g91l3RU>cY#}4AANz|BZ`QehLnj|4XqkG<4&bT`>Ruk~7 zVKY}wvUaKSnDZVEUQ1qZSTIB!1sk{F>JUc(% z`2Viu`4?~livrP1I1kCe26t1GfzceN3FqoLjNiivV#C3|NG~ro&!tk!rYKFpBqby1 zydy#&P?W*~FA&IKF*V-9EE)U@$k0Syz1z+y8siTrk*xUt+8N4oW0HxQ93_w=3R0Y* z;b8du_UGGzP&D`#a3$Svf4I5@38ri?oZw<#{9mF!7>@o)_r?G9i|J&a|4;v9i)_CF zG=lN_c@D-nMQreN$nNsN)8PodA3PlvGyXTBcrtkU{|){H`~WE?a|W)TzhHx5PRTDQ zE(SxKAh<7!Q}WATxL`3!(EgXe-HbuWw&GxQ*uZe|UI$5UNa5y|13~nHWGgKhT1_Swl&27lbke4khC5@kI@|=t|uy_$x|hK)f7WCJE*Y1g7A7hQN0e zX2k{gJDCedzd1wd)`0?lN9cQiGmuk~%wt}07eEG5l1&C6_&^450Wjmt1;s^r511fL zqP$j31anFjI6+AbC^8=77{e4$loN&vLhpA$3=5c&2_RGf9+ud{lo2q4?-9r;Ucds? zz@3pqW-#N7v>-CFj*G1zL99ryTLVdOdT|faqS0_rQ=Sjdn4~GWL`MX={C-G0L(}+MO4qA0%ZxG1B3z_-&)dY=UbTPkfN+m zKmZwoF^qAFWz-4Y-F-r9pyZUyh$v>aDibnent&YA0wV@+Rs&*zNh+s`xRQgJro(VB zxSEPR;&WIaV__d1oF42Q9PS+)mL=4B)rF4t;#9c*eslX=gBuLK6;8%uLT9o)I3n`` zz?2JfsT0VeqSsVxPiH7An4l^r)h!tpcYHn#@)SXaq-SniT!0i!VEVuKPEX3HA)%AO z;58|5j0OWfE$cYhw&-#~;yG_?7pSKG`@jCTD)Ha{^?!DB)Nh!9H#y1%3Wg>W_$#?X z3q*HCRf~5?Pjs|ESs}fkM+nSdf&g4VoWfCx26N%hu0T8J32r2AvWg`raD7=0kM2W( zJ{01LKgE-20k-2EaCC5Z4qicu;q!066`?s%fp0EHyWlcS!CPLGfwzcn&`>fQ{P%zT z?;0BY_kaB#P5=lB3KKMg^gW*{Vc^5TU~iSrV9+Rn-XS_;a)7l20#iiM=pIZs>u2De z%*Cik(iB9{X;<<{&Ti$E=>!RmiWg|W7c}E~YJ!;*NJwa>lJjOH+jEwhy2)k@`;fE3 zQYZ@UEvmx|ge26ibQ|C0D(wsxVnL^P#+ll{Zf!UiycmyBES8J9FK?{Ua{i9VoEB36 zvkWf~WssKPAI6xn0_5{iisSTtP|ib8_E+%&2w09{E=d3fQE~`(hRgZOr{CfU*K}wl2mS&WkCb_@5{lP{dH0A}T+W z%~3R_5N8tboN0k)PuanM^M#n?TwEx!@VyP@Q&lVgp;w^9t|tegT0lY~vO$QhyIdIn zY_4t)5u2aM-J@RKFwawr*nlBEk_AfdWjGcXPn)Nso)*Tc5bJLN>HVM^2#SPwNw^f% zLogf+{;tUxlZ@p!o|8FC@3j_Tb%rlZ(N0M~&IL66I136AXb9xg1Qf-H)6&NcXC}-+ z2~z|tQ7UL9`S0bLlk136CMKC=KTKHb#)NYTHBSd7?L{04dzHXKj4hui*?s-u!C643 z(4d7lg!6)M9U$fsaZs*I*__D)?7CVFQ0q?g2c{_yir7GnC=2srE+Y(3e zzIprqg6msw^Y+aT*Uw)(2X9^vE?;vk=kgX@-*O56&E@U&?NC*D^A`N|#oHI({2e^M zzP);RdHw1ZT)un>e!P79_VV?+>le4+^7V6Y_2%{S>vz|0Uf=ExUi{n5+ZVUD;LTfb z{p#lB^^51b;QIB|%kQ6Gzy1zv|9JiGuW!D82VP#k`v2Lxn$@;}Abj7aSV#^DSfWWv z3N8c`S55`CY!s!?n>W%p5lGq~DUEZ>YZUr)d6F`-Kay-Gg%k=Y-dpzP%k1CGH!II> z5PR6>u!}Yuv#B4AzItKood=U3{yyO2APy06Jd3!;=Ux;CqpOJ*@%dFWpI!O`9?n81 z2**(nUiec#j0Y$ci-UOLyNnrzvT10@%+|H`kCa!~4)pWW&suS+Mq2htYg2OrQZW*> zDlSo}g4~Q!ZD;ybMm1pC&&0_`nbu9sNdAD5B$mt8XkJ4uACQ@ED`hMwNjYUHRGt0T zVLvbT)#%NR)NGRn(uWYLYPvaSg-fhZjWqnwj+V%Crd*~9lI$)6E&QfG-bf1FG`p#z zgolhBxjdGdnLOgyZBhfux|mP+H?8E4-4A3Z%SWDz1}dZd$v49SYk5^vYfY0Onha?X zO~^L1Em#k@)Nlmb_Bdz-h_Y7LwRU0J?ioe5(ThZo%XSSmGLtkDw!EoCp#*ygZ=1k~ z)|1)gJ%(xrwPmP%kyOa2yl)5z`Ki#y0mn2ekm39e`GGiW!OAY4Qnzwxw7gxBqKza* z@T|C#s5i@=G!-C2Ra{teU$wA%+^0$bsZj^d!sjiVKW1vf!{8Y0h-ISegn!}rUqf8qR4d>`&XxU zncYmqT_3<^w>?TKXx3%LJX<3XIq(rwjXDK}HAJY^s`@KBfy;SNHc%}^f-SO@vmYrx zNVUt#6jlqy&NyNzBH*0yMZXrEd@J}fx{yJ=iii3gRtZ2_^V1W$FGwT}`Kja)G`E#} gu#x%iOiAw2F747T{fFsy00030|0qLvC;(&$0Clt!M*si- literal 0 HcmV?d00001 diff --git a/enterprise/prometheus/13.0.18/ix_values.yaml b/enterprise/prometheus/13.0.18/ix_values.yaml new file mode 100644 index 0000000000..02850478b2 --- /dev/null +++ b/enterprise/prometheus/13.0.18/ix_values.yaml @@ -0,0 +1,1367 @@ +image: + repository: tccr.io/truecharts/prometheus + tag: v2.47.2@sha256:2a50d1820e973f231fef764eb8d078db823ce55d14a844498ef03d42c6eda5d1 + +thanosImage: + repository: tccr.io/truecharts/thanos + tag: v0.32.5@sha256:4cea5ca36f1567993344c3375b9a80d8073dbc8d530656644d36c90683f96464 + +alertmanagerImage: + repository: tccr.io/truecharts/alertmanager + tag: v0.26.0@sha256:f0bbf30d4901be33855b0fb4b71e3d7410b872a33b9d08cd2d7ed576505e40a8 + +global: + labels: {} +workload: + main: + enabled: false + podSpec: + containers: + main: + enabled: false + probes: + liveness: + enabled: false + readiness: + enabled: false + startup: + enabled: false + +service: + main: + selectorLabels: + app.kubernetes.io/name: prometheus + prometheus: '{{ template "kube-prometheus.prometheus.fullname" . }}' + ports: + main: + port: 10086 + targetPort: 9090 + protocol: http + alertmanager: + enabled: true + selectorLabels: + app.kubernetes.io/name: alertmanager + alertmanager: '{{ template "kube-prometheus.alertmanager.fullname" . }}' + ports: + alertmanager: + enabled: true + port: 10087 + targetPort: 9093 + protocol: http + thanos: + enabled: true + selectorLabels: + app.kubernetes.io/name: prometheus + prometheus: '{{ template "kube-prometheus.prometheus.fullname" . }}' + ports: + thanos: + enabled: true + port: 10901 + targetPort: 10901 + protocol: http + +ingress: + main: + enabled: false + alertmanager: + enabled: false + thanos: + enabled: false + +#### +## Operator Config +#### + +env: + PROMETHEUS_CONFIG_RELOADER: + configMapKeyRef: + name: prometheus-operator-config + key: prometheus-config-reloader + +podOptions: + automountServiceAccountToken: true + +rbac: + main: + enabled: true + primary: true + clusterWide: true + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - apiGroups: + - apiextensions.k8s.io + resourceNames: + - alertmanagers.monitoring.coreos.com + - podmonitors.monitoring.coreos.com + - prometheuses.monitoring.coreos.com + - prometheusrules.monitoring.coreos.com + - servicemonitors.monitoring.coreos.com + - thanosrulers.monitoring.coreos.com + - probes.monitoring.coreos.com + resources: + - customresourcedefinitions + verbs: + - get + - update + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - alertmanagers/finalizers + - alertmanagerconfigs + - prometheuses + - prometheuses/finalizers + - thanosrulers + - thanosrulers/finalizers + - servicemonitors + - podmonitors + - probes + - prometheusrules + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - "*" + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - services/finalizers + - endpoints + verbs: + - get + - create + - update + - delete + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + +# -- The service account the pods will use to interact with the Kubernetes API +serviceAccount: + main: + enabled: true + primary: true + +securityContext: + readOnlyRootFilesystem: false + +probes: + # -- Liveness probe configuration + # @default -- See below + liveness: + custom: true + spec: + httpGet: + path: "/metrics" + port: promop + scheme: HTTP + + # -- Redainess probe configuration + # @default -- See below + readiness: + custom: true + spec: + httpGet: + path: "/metrics" + port: promop + scheme: HTTP + + # -- Startup probe configuration + # @default -- See below + startup: + custom: true + spec: + httpGet: + path: "/metrics" + port: promop + scheme: HTTP + +operator: + ## Create a servicemonitor for the operator + ## + serviceMonitor: + ## @param operator.serviceMonitor.enabled Creates a ServiceMonitor to monitor Prometheus Operator + ## + enabled: false + ## @param operator.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default) + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param operator.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param operator.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] + + ## Prometheus Configmap-reload image to use for reloading configmaps + ## defaults to Bitnami Prometheus Operator (ref: https://hub.docker.com/r/tccr.io/truecharts/prometheus-operator/tags/) + ## + prometheusConfigReloader: + containerSecurityContext: + enabled: true + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsNonRoot: true + capabilities: + drop: + - ALL + + livenessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + + readinessProbe: + enabled: true + initialDelaySeconds: 15 + periodSeconds: 20 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + +#### +## Prometheus Config (Spawned by Operator) +#### + +## Deploy a Prometheus instance +## +prometheus: + ## @param prometheus.enabled Deploy Prometheus to the cluster + ## + enabled: true + ## Bitnami Prometheus image version + ## ref: https://hub.docker.com/r/tccr.io/truecharts/prometheus/tags/ + ## @param prometheus.image.registry Prometheus image registry + ## @param prometheus.image.repository Prometheus image repository + ## @param prometheus.image.tag Prometheus Image tag (immutable tags are recommended) + ## @param prometheus.image.pullSecrets Specify docker-registry secret names as an array + ## + ## Service account for Prometheus to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + ## @param prometheus.serviceAccount.create Specify whether to create a ServiceAccount for Prometheus + ## + create: true + ## @param prometheus.serviceAccount.name The name of the ServiceAccount to create + ## If not set and create is true, a name is generated using the kube-prometheus.prometheus.fullname template + name: "" + ## @param prometheus.serviceAccount.annotations Additional annotations for created Prometheus ServiceAccount + ## annotations: + ## eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT:role/prometheus + ## + annotations: {} + ## Prometheus pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param prometheus.podSecurityContext.enabled Enable security context + ## @param prometheus.podSecurityContext.runAsUser User ID for the container + ## @param prometheus.podSecurityContext.fsGroup Group ID for the container filesystem + ## + podSecurityContext: + enabled: true + runAsUser: 1001 + fsGroup: 1001 + ## Prometheus containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param prometheus.containerSecurityContext.enabled Enable container security context + ## @param prometheus.containerSecurityContext.readOnlyRootFilesystem Mount / (root) as a readonly filesystem + ## @param prometheus.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off + ## @param prometheus.containerSecurityContext.runAsNonRoot Force the container to run as a non root user + ## @param prometheus.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped + ## + containerSecurityContext: + enabled: true + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsNonRoot: true + capabilities: + drop: + - ALL + + serviceMonitor: + ## @param prometheus.serviceMonitor.enabled Creates a ServiceMonitor to monitor Prometheus itself + ## + enabled: true + ## @param prometheus.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default) + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param prometheus.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param prometheus.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] + ## @param prometheus.externalUrl External URL used to access Prometheus + ## If not creating an ingress but still exposing the service some other way (like a proxy) + ## let Prometheus know what its external URL is so that it can properly create links + ## externalUrl: https://prometheus.example.com + ## + externalUrl: "" + ## @param prometheus.resources CPU/Memory resource requests/limits for node + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + ## @param prometheus.podAffinityPreset Prometheus Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param prometheus.podAntiAffinityPreset Prometheus Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param prometheus.nodeAffinityPreset.type Prometheus Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param prometheus.nodeAffinityPreset.key Prometheus Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param prometheus.nodeAffinityPreset.values Prometheus Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param prometheus.affinity Prometheus Affinity for pod assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: prometheus.podAffinityPreset, prometheus.podAntiAffinityPreset, and prometheus.nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param prometheus.nodeSelector Prometheus Node labels for pod assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param prometheus.tolerations Prometheus Tolerations for pod assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param prometheus.scrapeInterval Interval between consecutive scrapes + ## + scrapeInterval: "15s" + ## @param prometheus.evaluationInterval Interval between consecutive evaluations + ## + evaluationInterval: "30s" + ## @param prometheus.listenLocal ListenLocal makes the Prometheus server listen on loopback + ## + listenLocal: false + ## Configure extra options for liveness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param prometheus.livenessProbe.enabled Turn on and off liveness probe + ## @param prometheus.livenessProbe.path Path of the HTTP service for checking the healthy state + ## @param prometheus.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param prometheus.livenessProbe.periodSeconds How often to perform the probe + ## @param prometheus.livenessProbe.timeoutSeconds When the probe times out + ## @param prometheus.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param prometheus.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + path: /-/healthy + initialDelaySeconds: 0 + failureThreshold: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + ## Configure extra options for readiness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param prometheus.readinessProbe.enabled Turn on and off readiness probe + ## @param prometheus.readinessProbe.path Path of the HTTP service for checking the ready state + ## @param prometheus.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param prometheus.readinessProbe.periodSeconds How often to perform the probe + ## @param prometheus.readinessProbe.timeoutSeconds When the probe times out + ## @param prometheus.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param prometheus.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + path: /-/ready + initialDelaySeconds: 0 + failureThreshold: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + ## @param prometheus.enableAdminAPI Enable Prometheus adminitrative API + ## ref: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis + ## + enableAdminAPI: false + ## @param prometheus.enableFeatures Enable access to Prometheus disabled features. + ## ref: https://prometheus.io/docs/prometheus/latest/disabled_features/ + ## + enableFeatures: [] + ## @param prometheus.alertingEndpoints Alertmanagers to which alerts will be sent + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#alertmanagerendpoints + ## + alertingEndpoints: [] + ## @param prometheus.externalLabels External labels to add to any time series or alerts when communicating with external systems + ## + externalLabels: {} + ## @param prometheus.replicaExternalLabelName Name of the external label used to denote replica name + ## + replicaExternalLabelName: "" + ## @param prometheus.replicaExternalLabelNameClear Clear external label used to denote replica name + ## + replicaExternalLabelNameClear: false + ## @param prometheus.routePrefix Prefix used to register routes, overriding externalUrl route + ## Useful for proxies that rewrite URLs. + ## + routePrefix: / + ## @param prometheus.prometheusExternalLabelName Name of the external label used to denote Prometheus instance name + ## + prometheusExternalLabelName: "" + ## @param prometheus.prometheusExternalLabelNameClear Clear external label used to denote Prometheus instance name + ## + prometheusExternalLabelNameClear: false + ## @param prometheus.secrets Secrets that should be mounted into the Prometheus Pods + ## + secrets: [] + ## @param prometheus.configMaps ConfigMaps that should be mounted into the Prometheus Pods + ## + configMaps: [] + ## @param prometheus.querySpec The query command line flags when starting Prometheus + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#queryspec + ## + querySpec: {} + ## @param prometheus.ruleNamespaceSelector Namespaces to be selected for PrometheusRules discovery + ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + ruleNamespaceSelector: {} + ## @param prometheus.ruleSelector PrometheusRules to be selected for target discovery + ## If {}, select all ServiceMonitors + ## + ruleSelector: {} + ## @param prometheus.serviceMonitorSelector ServiceMonitors to be selected for target discovery + ## If {}, select all ServiceMonitors + ## + serviceMonitorSelector: {} + ## @param prometheus.matchLabels Matchlabels + ## + matchLabels: {} + ## @param prometheus.serviceMonitorNamespaceSelector Namespaces to be selected for ServiceMonitor discovery + ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + serviceMonitorNamespaceSelector: {} + ## @param prometheus.podMonitorSelector PodMonitors to be selected for target discovery. + ## If {}, select all PodMonitors + ## + podMonitorSelector: {} + ## @param prometheus.podMonitorNamespaceSelector Namespaces to be selected for PodMonitor discovery + ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + podMonitorNamespaceSelector: {} + ## @param prometheus.probeSelector Probes to be selected for target discovery. + ## If {}, select all Probes + ## + probeSelector: {} + ## @param prometheus.probeNamespaceSelector Namespaces to be selected for Probe discovery + ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + probeNamespaceSelector: {} + ## @param prometheus.scrapeConfigSelector The scrapeConfigs to be selected for target discovery. + ## If {}, select all scrapeConfigs + ## + scrapeConfigSelector: {} + ## @param prometheus.scrapeConfigNamespaceSelector Namespaces to be selected for scrapeConfig discovery. + ## If {}, select all namespaces. + ## If nil, select own namespace. + scrapeConfigNamespaceSelector: {} + ## @param prometheus.retention Metrics retention days + ## + retention: 31d + ## @param prometheus.retentionSize Maximum size of metrics + ## + retentionSize: "" + ## @param prometheus.disableCompaction Disable the compaction of the Prometheus TSDB + ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## ref: https://prometheus.io/docs/prometheus/latest/storage/#compaction + ## + disableCompaction: false + ## @param prometheus.walCompression Enable compression of the write-ahead log using Snappy + ## + walCompression: false + ## @param prometheus.paused If true, the Operator won't process any Prometheus configuration changes + ## + paused: false + ## @param prometheus.replicaCount Number of Prometheus replicas desired + ## + replicaCount: 1 + ## @param prometheus.logLevel Log level for Prometheus + ## + logLevel: info + ## @param prometheus.logFormat Log format for Prometheus + ## + logFormat: logfmt + ## @param prometheus.podMetadata [object] Standard object's metadata + ## ref: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + ## + podMetadata: + ## labels: + ## app: prometheus + ## k8s-app: prometheus + ## + labels: {} + annotations: {} + ## @param prometheus.remoteRead The remote_read spec configuration for Prometheus + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#remotereadspec + ## remoteRead: + ## - url: http://remote1/read + ## + remoteRead: [] + ## @param prometheus.remoteWrite The remote_write spec configuration for Prometheus + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#remotewritespec + ## remoteWrite: + ## - url: http://remote1/push + ## + remoteWrite: [] + ## @param prometheus.storageSpec Prometheus StorageSpec for persistent data + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/storage.md + ## + storageSpec: {} + ## Prometheus persistence parameters + ## + persistence: + ## @param prometheus.persistence.enabled Use PVCs to persist data. If the storageSpec is provided this will not take effect. + ## + enabled: true + ## @param prometheus.persistence.storageClass Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param prometheus.persistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param prometheus.persistence.size Persistent Volume Size + ## + size: 999Gi + ## @param prometheus.priorityClassName Priority class assigned to the Pods + ## + priorityClassName: "" + ## @param prometheus.containers Containers allows injecting additional containers + ## + containers: [] + ## @param prometheus.volumes Volumes allows configuration of additional volumes + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## + volumes: [] + ## @param prometheus.volumeMounts VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## + volumeMounts: [] + ## @param prometheus.additionalPrometheusRules PrometheusRule defines recording and alerting rules for a Prometheus instance. + additionalPrometheusRules: [] + ## - name: custom-recording-rules + ## groups: + ## - name: sum_node_by_job + ## rules: + ## - record: job:kube_node_labels:sum + ## expr: sum(kube_node_labels) by (job) + ## - name: sum_prometheus_config_reload_by_pod + ## rules: + ## - record: job:prometheus_config_last_reload_successful:sum + ## expr: sum(prometheus_config_last_reload_successful) by (pod) + ## - name: custom-alerting-rules + ## groups: + ## - name: prometheus-config + ## rules: + ## - alert: PrometheusConfigurationReload + ## expr: prometheus_config_last_reload_successful > 0 + ## for: 1m + ## labels: + ## severity: error + ## annotations: + ## summary: "Prometheus configuration reload (instance {{ $labels.instance }})" + ## description: "Prometheus configuration reload error\n VALUE = {{ $value }}\n LABELS: {{ $labels }}" + ## - name: custom-node-exporter-alerting-rules + ## rules: + ## - alert: PhysicalComponentTooHot + ## expr: node_hwmon_temp_celsius > 75 + ## for: 5m + ## labels: + ## severity: warning + ## annotations: + ## summary: "Physical component too hot (instance {{ $labels.instance }})" + ## description: "Physical hardware component too hot\n VALUE = {{ $value }}\n LABELS: {{ $labels }}" + ## - alert: NodeOvertemperatureAlarm + ## expr: node_hwmon_temp_alarm == 1 + ## for: 5m + ## labels: + ## severity: critical + ## annotations: + ## summary: "Node overtemperature alarm (instance {{ $labels.instance }})" + ## description: "Physical node temperature alarm triggered\n VALUE = {{ $value }}\n LABELS: {{ $labels }}" + ## + ## Note that the prometheus will fail to provision if the correct secret does not exist. + ## @param prometheus.additionalScrapeConfigs.enabled Enable additional scrape configs + ## @param prometheus.additionalScrapeConfigs.type Indicates if the cart should use external additional scrape configs or internal configs + ## @param prometheus.additionalScrapeConfigs.external.name Name of the secret that Prometheus should use for the additional external scrape configuration + ## @param prometheus.additionalScrapeConfigs.external.key Name of the key inside the secret to be used for the additional external scrape configuration + ## @param prometheus.additionalScrapeConfigs.internal.jobList A list of Prometheus scrape jobs + ## + additionalScrapeConfigs: + enabled: false + type: external + external: + ## Name of the secret that Prometheus should use for the additional scrape configuration + ## + name: "" + ## Name of the key inside the secret to be used for the additional scrape configuration. + ## + key: "" + internal: + jobList: [] + ## @param prometheus.additionalScrapeConfigsExternal.enabled Deprecated: Enable additional scrape configs that are managed externally to this chart + ## @param prometheus.additionalScrapeConfigsExternal.name Deprecated: Name of the secret that Prometheus should use for the additional scrape configuration + ## @param prometheus.additionalScrapeConfigsExternal.key Deprecated: Name of the key inside the secret to be used for the additional scrape configuration + ## + additionalScrapeConfigsExternal: + enabled: false + name: "" + key: "" + ## Enable additional Prometheus alert relabel configs that are managed externally to this chart + ## Note that the prometheus will fail to provision if the correct secret does not exist. + ## @param prometheus.additionalAlertRelabelConfigsExternal.enabled Enable additional Prometheus alert relabel configs that are managed externally to this chart + ## @param prometheus.additionalAlertRelabelConfigsExternal.name Name of the secret that Prometheus should use for the additional Prometheus alert relabel configuration + ## @param prometheus.additionalAlertRelabelConfigsExternal.key Name of the key inside the secret to be used for the additional Prometheus alert relabel configuration + ## + additionalAlertRelabelConfigsExternal: + enabled: false + name: "" + key: "" + ## Thanos sidecar container configuration + ## + thanos: + ## @param prometheus.thanos.create Create a Thanos sidecar container + ## + create: false + ## Bitnami Thanos image + ## ref: https://hub.docker.com/r/tccr.io/truecharts/thanos/tags/ + ## @param prometheus.thanos.image.registry Thanos image registry + ## @param prometheus.thanos.image.repository Thanos image name + ## @param prometheus.thanos.image.tag Thanos image tag + ## @param prometheus.thanos.image.pullPolicy Thanos image pull policy + ## @param prometheus.thanos.image.pullSecrets Specify docker-registry secret names as an array + ## + ## Thanos Sidecar container's securityContext + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param prometheus.thanos.containerSecurityContext.enabled Enable container security context + ## @param prometheus.thanos.containerSecurityContext.readOnlyRootFilesystem mount / (root) as a readonly filesystem + ## @param prometheus.thanos.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off + ## @param prometheus.thanos.containerSecurityContext.runAsNonRoot Force the container to run as a non root user + ## @param prometheus.thanos.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped + ## + containerSecurityContext: + enabled: true + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ## @param prometheus.thanos.prometheusUrl Override default prometheus url "http://localhost:9090" + ## + prometheusUrl: "" + ## @param prometheus.thanos.extraArgs Additional arguments passed to the thanos sidecar container + ## extraArgs: + ## - --log.level=debug + ## - --tsdb.path=/data/ + ## + extraArgs: [] + ## @param prometheus.thanos.objectStorageConfig Support mounting a Secret for the objectStorageConfig of the sideCar container. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/thanos.md + ## objectStorageConfig: + ## secretName: thanos-objstore-config + ## secretKey: thanos.yaml + ## + objectStorageConfig: {} + ## ref: https://github.com/thanos-io/thanos/blob/main/docs/components/sidecar.md + ## @param prometheus.thanos.extraVolumeMounts Additional volumeMounts from `prometheus.volumes` for thanos sidecar container + ## extraVolumeMounts: + ## - name: my-secret-volume + ## mountPath: /etc/thanos/secrets/my-secret + ## + extraVolumeMounts: [] + ## Thanos sidecar container resource requests and limits. + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param prometheus.thanos.resources.limits The resources limits for the Thanos sidecar container + ## @param prometheus.thanos.resources.requests The resources requests for the Thanos sidecar container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## Configure extra options for liveness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param prometheus.thanos.livenessProbe.enabled Turn on and off liveness probe + ## @param prometheus.thanos.livenessProbe.path Path of the HTTP service for checking the healthy state + ## @param prometheus.thanos.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param prometheus.thanos.livenessProbe.periodSeconds How often to perform the probe + ## @param prometheus.thanos.livenessProbe.timeoutSeconds When the probe times out + ## @param prometheus.thanos.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param prometheus.thanos.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + path: /-/healthy + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 120 + successThreshold: 1 + ## Configure extra options for readiness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param prometheus.thanos.readinessProbe.enabled Turn on and off readiness probe + ## @param prometheus.thanos.readinessProbe.path Path of the HTTP service for checking the ready state + ## @param prometheus.thanos.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param prometheus.thanos.readinessProbe.periodSeconds How often to perform the probe + ## @param prometheus.thanos.readinessProbe.timeoutSeconds When the probe times out + ## @param prometheus.thanos.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param prometheus.thanos.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + path: /-/ready + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 120 + successThreshold: 1 + ## Thanos Sidecar Service + ## + service: + ## @param prometheus.thanos.service.type Kubernetes service type + ## + type: ClusterIP + ## @param prometheus.thanos.service.port Thanos service port + ## + port: 10901 + ## @param prometheus.thanos.service.clusterIP Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. + ## Use a "headless" service by default so it returns every pod's IP instead of loadbalancing requests. + ## + clusterIP: None + ## @param prometheus.thanos.service.nodePort Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## e.g: + ## nodePort: 30901 + ## + nodePort: "" + ## @param prometheus.thanos.service.loadBalancerIP `loadBalancerIP` if service type is `LoadBalancer` + ## Set the LoadBalancer service type to internal only + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param prometheus.thanos.service.loadBalancerSourceRanges Address that are allowed when svc is `LoadBalancer` + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param prometheus.thanos.service.annotations Additional annotations for Prometheus service + ## + annotations: {} + ## @param prometheus.thanos.service.extraPorts Additional ports to expose from the Thanos sidecar container + ## extraPorts: + ## - name: http + ## port: 10902 + ## targetPort: http + ## protocol: tcp + ## + extraPorts: [] + ## @param prometheus.portName Port name used for the pods and governing service. This defaults to web + ## + portName: main + +#### +## Alert Manager Config +#### + +## @section Alertmanager Parameters + +## Configuration for alertmanager +## ref: https://prometheus.io/docs/alerting/alertmanager/ +## +alertmanager: + ## @param alertmanager.enabled Deploy Alertmanager to the cluster + ## + enabled: true + ## Service account for Alertmanager to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + ## @param alertmanager.serviceAccount.create Specify whether to create a ServiceAccount for Alertmanager + ## + create: true + ## @param alertmanager.serviceAccount.name The name of the ServiceAccount to create + ## If not set and create is true, a name is generated using the kube-prometheus.alertmanager.fullname template + name: "" + ## Prometheus Alertmanager pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param alertmanager.podSecurityContext.enabled Enable security context + ## @param alertmanager.podSecurityContext.runAsUser User ID for the container + ## @param alertmanager.podSecurityContext.fsGroup Group ID for the container filesystem + ## + podSecurityContext: + enabled: true + runAsUser: 1001 + fsGroup: 1001 + ## Prometheus Alertmanager container's securityContext + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param alertmanager.containerSecurityContext.enabled Enable container security context + ## @param alertmanager.containerSecurityContext.readOnlyRootFilesystem mount / (root) as a readonly filesystem + ## @param alertmanager.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off + ## @param alertmanager.containerSecurityContext.runAsNonRoot Force the container to run as a non root user + ## @param alertmanager.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped + ## + containerSecurityContext: + enabled: true + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ## Configure pod disruption budgets for Alertmanager + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget + ## @param alertmanager.podDisruptionBudget.enabled Create a pod disruption budget for Alertmanager + ## @param alertmanager.podDisruptionBudget.minAvailable Minimum number / percentage of pods that should remain scheduled + ## @param alertmanager.podDisruptionBudget.maxUnavailable Maximum number / percentage of pods that may be made unavailable + ## + podDisruptionBudget: + enabled: false + minAvailable: 1 + maxUnavailable: "" + ## If true, create a serviceMonitor for alertmanager + ## + serviceMonitor: + ## @param alertmanager.serviceMonitor.enabled Creates a ServiceMonitor to monitor Alertmanager + ## + enabled: true + ## @param alertmanager.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param alertmanager.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param alertmanager.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] + ## @param alertmanager.externalUrl External URL used to access Alertmanager + ## e.g: + ## externalUrl: https://alertmanager.example.com + ## + externalUrl: "" + ## @param alertmanager.resources CPU/Memory resource requests/limits for node + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + ## @param alertmanager.podAffinityPreset Alertmanager Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param alertmanager.podAntiAffinityPreset Alertmanager Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param alertmanager.nodeAffinityPreset.type Alertmanager Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param alertmanager.nodeAffinityPreset.key Alertmanager Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param alertmanager.nodeAffinityPreset.values Alertmanager Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param alertmanager.affinity Alertmanager Affinity for pod assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: alertmanager.podAffinityPreset, alertmanager.podAntiAffinityPreset, and alertmanager.nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param alertmanager.nodeSelector Alertmanager Node labels for pod assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param alertmanager.tolerations Alertmanager Tolerations for pod assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## Alertmanager configuration + ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file + ## @param alertmanager.config [object] Alertmanager configuration directive + ## @skip alertmanager.config.route.group_by + ## @skip alertmanager.config.route.routes + ## @skip alertmanager.config.receivers + ## + config: + global: + resolve_timeout: 5m + route: + group_by: + - job + group_wait: 30s + group_interval: 5m + repeat_interval: 12h + receiver: "null" + routes: + - match: + alertname: Watchdog + receiver: "null" + receivers: + - name: "null" + ## @param alertmanager.externalConfig Alertmanager configuration is created externally. If true, `alertmanager.config` is ignored, and a secret will not be created. + ## Alertmanager requires a secret named `alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}` + ## It must contain: + ## alertmanager.yaml: + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/alerting.md#alerting + ## + externalConfig: false + ## @param alertmanager.replicaCount Number of Alertmanager replicas desired + ## + replicaCount: 1 + ## Configure extra options for liveness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param alertmanager.livenessProbe.enabled Turn on and off liveness probe + ## @param alertmanager.livenessProbe.path Path of the HTTP service for checking the healthy state + ## @param alertmanager.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param alertmanager.livenessProbe.periodSeconds How often to perform the probe + ## @param alertmanager.livenessProbe.timeoutSeconds When the probe times out + ## @param alertmanager.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param alertmanager.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + path: /-/healthy + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 120 + successThreshold: 1 + ## Configure extra options for readiness probe + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param alertmanager.readinessProbe.enabled Turn on and off readiness probe + ## @param alertmanager.readinessProbe.path Path of the HTTP service for checking the ready state + ## @param alertmanager.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param alertmanager.readinessProbe.periodSeconds How often to perform the probe + ## @param alertmanager.readinessProbe.timeoutSeconds When the probe times out + ## @param alertmanager.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param alertmanager.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + path: /-/ready + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 120 + successThreshold: 1 + ## @param alertmanager.logLevel Log level for Alertmanager + ## + logLevel: info + ## @param alertmanager.logFormat Log format for Alertmanager + ## + logFormat: logfmt + ## @param alertmanager.podMetadata [object] Standard object's metadata. + ## ref: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + ## + podMetadata: + labels: {} + annotations: {} + ## @param alertmanager.secrets Secrets that should be mounted into the Alertmanager Pods + ## + secrets: [] + ## @param alertmanager.configMaps ConfigMaps that should be mounted into the Alertmanager Pods + ## + configMaps: [] + ## @param alertmanager.retention Metrics retention days + ## + retention: 240h + ## @param alertmanager.storageSpec Alertmanager StorageSpec for persistent data + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/storage.md + ## + storageSpec: {} + ## Alertmanager persistence parameters + ## + persistence: + ## @param alertmanager.persistence.enabled Use PVCs to persist data. If the storageSpec is provided this will not take effect. + ## If you want to use this configuration make sure the storageSpec is not provided. + ## + enabled: true + ## @param alertmanager.persistence.storageClass Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param alertmanager.persistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param alertmanager.persistence.size Persistent Volume Size + ## + size: 999Gi + ## @param alertmanager.paused If true, the Operator won't process any Alertmanager configuration changes + ## + paused: false + ## @param alertmanager.listenLocal ListenLocal makes the Alertmanager server listen on loopback + ## + listenLocal: false + ## @param alertmanager.containers Containers allows injecting additional containers + ## + containers: [] + ## @param alertmanager.volumes Volumes allows configuration of additional volumes. Evaluated as a template + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#alertmanagerspec + ## + volumes: [] + ## @param alertmanager.volumeMounts VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/pi.md#alertmanagerspec + ## + volumeMounts: [] + ## @param alertmanager.priorityClassName Priority class assigned to the Pods + ## + priorityClassName: "" + ## @param alertmanager.additionalPeers AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster + ## + additionalPeers: [] + ## @param alertmanager.routePrefix Prefix used to register routes, overriding externalUrl route + ## Useful for proxies that rewrite URLs. + ## + routePrefix: / + ## @param alertmanager.portName Port name used for the pods and governing service. This defaults to web + ## + portName: alertmanager + ## @param alertmanager.configNamespaceSelector AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. This defaults to {} + ## + configNamespaceSelector: {} + ## @param alertmanager.configSelector Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. This defaults to {} + ## + configSelector: {} + +#### +## Exporters +#### + +## @section Exporters + +## Exporters +## +exporters: + node-exporter: + ## @param exporters.node-exporter.enabled Enable node-exporter + ## + enabled: true + kube-state-metrics: + ## @param exporters.kube-state-metrics.enabled Enable kube-state-metrics + ## + enabled: true + +## @param kube-state-metrics [object] Node Exporter deployment configuration +## +kube-state-metrics: + serviceMonitor: + enabled: true + honorLabels: true + +## Component scraping for kubelet and kubelet hosted cAdvisor +## +kubelet: + ## @param kubelet.enabled Create a ServiceMonitor to scrape kubelet service + ## + enabled: true + ## @param kubelet.namespace Namespace where kubelet service is deployed. Related configuration `operator.kubeletService.namespace` + ## + namespace: kube-system + serviceMonitor: + ## @param kubelet.serviceMonitor.https Enable scraping of the kubelet over HTTPS + ## + https: true + ## @param kubelet.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default) + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param kubelet.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param kubelet.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] + ## @param kubelet.serviceMonitor.cAdvisorMetricRelabelings Metric relabeling for scraping cAdvisor + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + cAdvisorMetricRelabelings: [] + ## @param kubelet.serviceMonitor.cAdvisorRelabelings Relabel configs for scraping cAdvisor + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + cAdvisorRelabelings: [] +## Component scraping the kube-apiserver +## +kubeApiServer: + ## @param kubeApiServer.enabled Create a ServiceMonitor to scrape kube-apiserver service + ## + enabled: true + serviceMonitor: + ## @param kubeApiServer.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param kubeApiServer.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param kubeApiServer.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] +## Component scraping the kube-controller-manager +## +kubeControllerManager: + ## @param kubeControllerManager.enabled Create a ServiceMonitor to scrape kube-controller-manager service + ## + enabled: false + ## @param kubeControllerManager.endpoints If your kube controller manager is not deployed as a pod, specify IPs it can be found on + ## endpoints: + ## - 10.141.4.22 + ## - 10.141.4.23 + ## - 10.141.4.24 + ## + endpoints: [] + ## @param kubeControllerManager.namespace Namespace where kube-controller-manager service is deployed. + ## + namespace: kube-system + ## Service ports and selector information + ## @param kubeControllerManager.service.enabled Whether or not to create a Service object for kube-controller-manager + ## @param kubeControllerManager.service.port Listening port of the kube-controller-manager Service object + ## @param kubeControllerManager.service.targetPort Port to target on the kube-controller-manager Pods. This should be the port that kube-controller-manager is exposing metrics on + ## @param kubeControllerManager.service.selector Optional PODs Label selector for the service + ## + service: + enabled: true + port: 10252 + targetPort: 10252 + ## selector: + ## component: kube-controller-manager + ## + selector: {} + serviceMonitor: + ## @param kubeControllerManager.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default) + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param kubeControllerManager.serviceMonitor.https Enable scraping kube-controller-manager over https + ## Requires proper certs (not self-signed) and delegated authentication/authorization checks + ## + https: false + ## @param kubeControllerManager.serviceMonitor.insecureSkipVerify Skip TLS certificate validation when scraping + ## + insecureSkipVerify: "" + ## @param kubeControllerManager.serviceMonitor.serverName Name of the server to use when validating TLS certificate + serverName: "" + ## @param kubeControllerManager.serviceMonitor.metricRelabelings Metric relabeling + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## + metricRelabelings: [] + ## @param kubeControllerManager.serviceMonitor.relabelings Relabel configs + ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + ## + relabelings: [] +## Component scraping kube scheduler +## +kubeScheduler: + ## @param kubeScheduler.enabled Create a ServiceMonitor to scrape kube-scheduler service + ## + enabled: false + ## @param kubeScheduler.endpoints If your kube scheduler is not deployed as a pod, specify IPs it can be found on + ## endpoints: + ## - 10.141.4.22 + ## - 10.141.4.23 + ## - 10.141.4.24 + ## + endpoints: [] + ## @param kubeScheduler.namespace Namespace where kube-scheduler service is deployed. + ## + namespace: kube-system + ## If using kubeScheduler.endpoints only the port and targetPort are used + ## @param kubeScheduler.service.enabled Whether or not to create a Service object for kube-scheduler + ## @param kubeScheduler.service.port Listening port of the kube scheduler Service object + ## @param kubeScheduler.service.targetPort Port to target on the kube scheduler Pods. This should be the port that kube scheduler is exposing metrics on + ## @param kubeScheduler.service.selector Optional PODs Label selector for the service + ## + service: + enabled: true + port: 10251 + targetPort: 10251 + ## selector: + ## component: kube-scheduler + ## + selector: {} + serviceMonitor: + ## @param kubeScheduler.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default) + ## + interval: "" + ## @param kubeScheduler.serviceMonitor.https Enable scraping kube-scheduler over https + ## Requires proper certs (not self-signed) and delegated authentication/authorization checks + ## + https: false + ## @param kubeScheduler.serviceMonitor.insecureSkipVerify Skip TLS certificate validation when scraping + ## + insecureSkipVerify: "" + ## @param kubeScheduler.serviceMonitor.serverName Name of the server to use when validating TLS certificate + ## + serverName: "" + ## @param kubeScheduler.serviceMonitor.metricRelabelings Metric relabeling + ## metricRelabelings: + ## - action: keep + ## regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + ## sourceLabels: [__name__] + ## + metricRelabelings: [] + ## @param kubeScheduler.serviceMonitor.relabelings Relabel configs + ## relabelings: + ## - sourceLabels: [__meta_kubernetes_pod_node_name] + ## separator: ; + ## regex: ^(.*)$ + ## targetLabel: nodename + ## replacement: $1 + ## action: replace + ## + relabelings: [] +## Component scraping coreDns +## +coreDns: + ## @param coreDns.enabled Create a ServiceMonitor to scrape coredns service + ## + enabled: true + ## @param coreDns.namespace Namespace where core dns service is deployed. + ## + namespace: kube-system + ## Create a ServiceMonitor to scrape coredns service + ## @param coreDns.service.enabled Whether or not to create a Service object for coredns + ## @param coreDns.service.port Listening port of the coredns Service object + ## @param coreDns.service.targetPort Port to target on the coredns Pods. This should be the port that coredns is exposing metrics on + ## @param coreDns.service.selector Optional PODs Label selector for the service + ## + service: + enabled: true + port: 9153 + targetPort: 9153 + ## selector: + ## component: kube-dns + ## + selector: {} + serviceMonitor: + ## @param coreDns.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used. + ## + interval: "" + ## @param coreDns.serviceMonitor.metricRelabelings Metric relabel configs to apply to samples before ingestion. + ## metricRelabelings: + ## - action: keep + ## regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + ## sourceLabels: [__name__] + ## + metricRelabelings: [] + ## @param coreDns.serviceMonitor.relabelings Relabel configs to apply to samples before ingestion. + ## relabelings: + ## - sourceLabels: [__meta_kubernetes_pod_node_name] + ## separator: ; + ## regex: ^(.*)$ + ## targetLabel: nodename + ## replacement: $1 + ## action: replace + ## + relabelings: [] +## Component scraping the kube-proxy +## +kubeProxy: + ## @param kubeProxy.enabled Create a ServiceMonitor to scrape the kube-proxy Service + ## + enabled: false + +portal: + open: + enabled: true diff --git a/enterprise/prometheus/13.0.18/questions.yaml b/enterprise/prometheus/13.0.18/questions.yaml new file mode 100644 index 0000000000..255dbc88be --- /dev/null +++ b/enterprise/prometheus/13.0.18/questions.yaml @@ -0,0 +1,1418 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: Workload Settings + description: Workload Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Postgresql + description: Postgresql + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_tcportal-open_protocol" + host: + - "$kubernetes-resource_configmap_tcportal-open_host" + ports: + - "$kubernetes-resource_configmap_tcportal-open_port" +questions: + - variable: operator + group: "App Configuration" + label: "Operator Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + show_subquestions_if: true + subquestions: + - variable: logLevel + label: "Log Level" + description: "Log level for Operator" + schema: + type: string + default: "info" + + - variable: prometheus + group: "App Configuration" + label: "Prometheus Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + show_subquestions_if: true + subquestions: + - variable: logLevel + label: "Log Level" + description: "Log level for Prometheus" + schema: + type: string + default: "info" + - variable: retention + label: "Retention" + description: "Metrics retention days" + schema: + type: string + default: "31d" + - variable: retentionSize + label: "Max Retention Size" + description: "Maximum size of metrics" + schema: + type: string + default: "" + - variable: scrapeInterval + label: "Scrape interval" + description: "Interval between consecutive scrapes" + schema: + type: string + default: "15s" + - variable: evaluationInterval + label: "Evaluation interval" + description: "Interval between consecutive evaluations" + schema: + type: string + default: "30s" + - variable: disableCompaction + label: "Disable Compaction" + description: "Disable the compaction of the Prometheus TSDB" + schema: + type: boolean + default: false + - variable: walCompression + label: "WAL Compression" + description: "Enable compression of the write-ahead log using Snappy" + schema: + type: boolean + default: false + - variable: remoteWrite + label: "Remote Write" + schema: + type: list + default: [] + items: + - variable: remoteWriteEntry + label: Remote Write Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: url + label: URL + description: Remote write destination URL + schema: + type: string + required: true + default: "" + - variable: basicAuth + label: Basic Auth + description: Basic authentication for remote write + schema: + type: dict + attrs: + - variable: username + label: Username + description: Basic auth username + schema: + type: string + required: true + default: "" + - variable: password + label: Password + description: Basic auth password + schema: + type: string + required: false + default: "" + + - variable: exporters + group: "App Configuration" + label: "Exporter Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: node-exporter + label: "node-exporter" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + - variable: kube-state-metrics + label: "Kube-State-Metrics" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + + - variable: alertmanager + group: "App Configuration" + label: "Alertmanager Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + show_subquestions_if: true + subquestions: + - variable: logLevel + label: "Log Level" + description: "Log level for Alertmanager" + schema: + type: string + default: "info" + - variable: retention + label: "Retention" + description: "Metrics retention days" + schema: + type: string + default: "240h" + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The serving the Prometheus WebUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10086 + required: true + - variable: alertmanager + label: "alertmanager Service" + description: "alertmanager service " + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: alertmanager + label: "alertmanager Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10087 + required: true + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: scaleExternalInterface + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + additional_attrs: true + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + additional_attrs: true + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: tcp + enum: + - value: http + description: HTTP + - value: https + description: HTTPS + - value: tcp + description: TCP + - value: udp + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: hostPath + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: autoPermissions + label: Automatic Permissions Configuration + description: Automatically set permissions + schema: + show_if: [["type", "!=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: chown + label: Run CHOWN + description: | + It will run CHOWN on the path with the given fsGroup + schema: + type: boolean + default: false + - variable: chmod + label: Run CHMOD + description: | + It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770 + schema: + type: string + valid_chars: '[0-9]{3}' + default: "" + - variable: recursive + label: Recursive + description: | + It will run CHOWN and CHMOD recursively + schema: + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: certificateIssuer + label: Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below' + schema: + type: string + default: "" + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: entrypoint + label: (Advanced) Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + show_if: [["advanced", "=", true]] + required: true + - variable: allowCors + label: "Allow Cross Origin Requests" + schema: + type: boolean + show_if: [["advanced", "=", true]] + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: allowCors + label: "Allow Cross Origin Requests" + schema: + type: boolean + show_if: [["advanced", "=", true]] + default: false + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: service + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: certificateIssuer + label: certificateIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below' + schema: + type: string + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + show_if: [["certificateIssuer", "=", ""]] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: scaleCert + label: Use TrueNAS SCALE Certificate (Deprecated) + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: Use Custom Secret (Advanced) + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: entrypoint + label: Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true +# - variable: horizontalPodAutoscaler +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# type: list +# default: [] +# items: +# - variable: hpaEntry +# label: HPA Entry +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: name +# label: Name +# schema: +# type: string +# required: true +# default: "" +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP diff --git a/enterprise/prometheus/13.0.18/templates/NOTES.txt b/enterprise/prometheus/13.0.18/templates/NOTES.txt new file mode 100644 index 0000000000..efcb74cb77 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/enterprise/prometheus/13.0.18/templates/_helpers.tpl b/enterprise/prometheus/13.0.18/templates/_helpers.tpl new file mode 100644 index 0000000000..1f44049ac4 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/_helpers.tpl @@ -0,0 +1,210 @@ +{{/* Name suffixed with operator */}} +{{- define "kube-prometheus.fullname" -}} +{{- printf "%s" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Name suffixed with operator */}} +{{- define "kube-prometheus.name" -}} +{{- printf "%s" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Name suffixed with operator */}} +{{- define "kube-prometheus.operator.name" -}} +{{- printf "%s-operator" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Name suffixed with prometheus */}} +{{- define "kube-prometheus.prometheus.name" -}} +{{- printf "%s-prometheus" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Name suffixed with alertmanager */}} +{{- define "kube-prometheus.alertmanager.name" -}} +{{- printf "%s-alertmanager" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Name suffixed with thanos */}} +{{- define "kube-prometheus.thanos.name" -}} +{{- printf "%s-thanos" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Fullname suffixed with operator */}} +{{- define "kube-prometheus.operator.fullname" -}} +{{- printf "%s-operator" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Fullname suffixed with prometheus */}} +{{- define "kube-prometheus.prometheus.fullname" -}} +{{- printf "%s-prometheus" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Fullname suffixed with alertmanager */}} +{{- define "kube-prometheus.alertmanager.fullname" -}} +{{- printf "%s-alertmanager" (include "tc.v1.common.lib.chart.names.fullname" . ) -}} +{{- end }} + +{{/* Fullname suffixed with thanos */}} +{{- define "kube-prometheus.thanos.fullname" -}} +{{- printf "%s-thanos" (include "kube-prometheus.prometheus.fullname" .) -}} +{{- end }} + +{{- define "kube-prometheus.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common Labels +*/}} +{{- define "kube-prometheus.labels" -}} + {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} + {{- . | nindent 0 }} + {{- end }} +{{- if .Values.global.labels }} +{{ toYaml .Values.global.labels }} +{{- end }} +{{- end -}} + +{{/* +Labels for operator +*/}} +{{- define "kube-prometheus.operator.labels" -}} + {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} + {{- . | nindent 0 }} + {{- end }} +app.kubernetes.io/component: operator +{{- end -}} + +{{/* +Labels for prometheus +*/}} +{{- define "kube-prometheus.prometheus.labels" -}} + {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} + {{- . | nindent 0 }} + {{- end }} +app.kubernetes.io/component: prometheus +{{- end -}} + +{{/* +Labels for alertmanager +*/}} +{{- define "kube-prometheus.alertmanager.labels" -}} + {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} + {{- . | nindent 0 }} + {{- end }} +app.kubernetes.io/component: alertmanager +{{- end -}} + +{{/* +matchLabels for operator +*/}} +{{- define "kube-prometheus.operator.matchLabels" -}} +{{ include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ )}} +app.kubernetes.io/component: operator +{{- end -}} + +{{/* +matchLabels for prometheus +*/}} +{{- define "kube-prometheus.prometheus.matchLabels" -}} +{{ include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ )}} +app.kubernetes.io/component: prometheus +{{- end -}} + +{{/* +matchLabels for alertmanager +*/}} +{{- define "kube-prometheus.alertmanager.matchLabels" -}} +{{ include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ )}} +app.kubernetes.io/component: alertmanager +{{- end -}} + +{{/* +Return the proper Prometheus Operator image name +*/}} +{{- define "kube-prometheus.image" -}} +{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }} +{{- end -}} + +{{/* +Return the proper Prometheus Operator Reloader image name +*/}} +{{- define "kube-prometheus.prometheusConfigReloader.image" -}} +{{- include "kube-prometheus.image" . -}} +{{- end -}} + +{{/* +Return the proper Prometheus Image name +*/}} +{{- define "kube-prometheus.prometheus.image" -}} +{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }} +{{- end -}} + +{{/* +Return the proper Thanos Image name +*/}} +{{- define "kube-prometheus.prometheus.thanosImage" -}} +{{ printf "%s:%s" .Values.thanosImage.repository (default .Chart.AppVersion .Values.thanosImage.tag) | quote }} +{{- end -}} + +{{/* +Return the proper Alertmanager Image name +*/}} +{{- define "kube-prometheus.alertmanager.image" -}} +{{ printf "%s:%s" .Values.alertmanagerImage.repository (default .Chart.AppVersion .Values.alertmanagerImage.tag) | quote }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "kube-prometheus.imagePullSecrets" -}} +{{- end -}} + +{{/* +Create the name of the operator service account to use +*/}} +{{- define "kube-prometheus.operator.serviceAccountName" -}} +{{- if .Values.operator.serviceAccount.create -}} + {{ default (include "kube-prometheus.operator.fullname" .) .Values.operator.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.operator.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the prometheus service account to use +*/}} +{{- define "kube-prometheus.prometheus.serviceAccountName" -}} +{{- if .Values.prometheus.serviceAccount.create -}} + {{ default (include "kube-prometheus.prometheus.fullname" .) .Values.prometheus.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the alertmanager service account to use +*/}} +{{- define "kube-prometheus.alertmanager.serviceAccountName" -}} +{{- if .Values.alertmanager.serviceAccount.create -}} + {{ default (include "kube-prometheus.alertmanager.fullname" .) .Values.alertmanager.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.alertmanager.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message, and call fail. +*/}} +{{- define "kube-prometheus.validateValues" -}} +{{- $messages := list -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} + +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} diff --git a/enterprise/prometheus/13.0.18/templates/alertmanager/_alertmanager.tpl b/enterprise/prometheus/13.0.18/templates/alertmanager/_alertmanager.tpl new file mode 100644 index 0000000000..ed5e24e9da --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/alertmanager/_alertmanager.tpl @@ -0,0 +1,174 @@ +{{- define "prometheus.alertmanager.alertmanager" -}} +{{- if .Values.alertmanager.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: Alertmanager +metadata: + name: {{ template "kube-prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.alertmanager.replicaCount }} + serviceAccountName: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }} + {{- if .Values.alertmanager.image }} + image: {{ template "kube-prometheus.alertmanager.image" . }} + {{- end }} + listenLocal: {{ .Values.alertmanager.listenLocal }} + {{- if index .Values.alertmanager "externalUrl" }} + externalUrl: "{{ .Values.alertmanager.externalUrl }}" + {{- else if and .Values.ingress.alertmanager.enabled .Values.ingress.alertmanager.hosts }} + externalUrl: {{ if .Values.ingress.alertmanager.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.alertmanager.hosts 0).name }}{{ .Values.alertmanager.routePrefix }} + {{- else }} + externalUrl: http://{{ template "kube-prometheus.alertmanager.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.alertmanager.ports.alertmanager.port }}{{ .Values.alertmanager.routePrefix }} + {{- end }} + portName: "{{ .Values.alertmanager.portName }}" + paused: {{ .Values.alertmanager.paused }} + logFormat: {{ .Values.alertmanager.logFormat }} + logLevel: {{ .Values.alertmanager.logLevel }} + retention: {{ .Values.alertmanager.retention }} + {{- if .Values.alertmanager.secrets }} + secrets: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.secrets "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.configMaps }} + configMaps: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.configMaps "context" $) | nindent 4 }} + {{- end }} + resources: {{- toYaml .Values.alertmanager.resources | nindent 4 }} + routePrefix: "{{ .Values.alertmanager.routePrefix }}" + {{- if .Values.alertmanager.podSecurityContext.enabled }} + securityContext: {{- omit .Values.alertmanager.podSecurityContext "enabled" | toYaml | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.storageSpec }} + storage: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.storageSpec "context" $) | nindent 4 }} + {{- else }} + {{- if .Values.alertmanager.persistence.enabled }} + storage: + volumeClaimTemplate: + spec: + accessModes: + {{- range .Values.alertmanager.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.alertmanager.persistence.size | quote }} + {{- with (include "tc.v1.common.lib.storage.storageClassName" ( dict "rootCtx" . "objectData" .Values.prometheus.persistence )) | trim }} + storageClassName: {{ . }} + {{- end }} + {{- end }} + {{- end }} + {{- if or .Values.alertmanager.podMetadata.labels .Values.alertmanager.podMetadata.annotations (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }} + podMetadata: + labels: + {{- if .Values.alertmanager.podMetadata.labels }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.labels "context" $) | nindent 6 }} + {{- end }} + {{- if or (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }} + {{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }} + {{- end }} + {{- if .Values.alertmanager.podMetadata.annotations }} + annotations: + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.annotations "context" $) | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.alertmanager.affinity }} + affinity: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.affinity "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.nodeSelector }} + nodeSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.nodeSelector "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.tolerations }} + tolerations: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.tolerations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.volumes }} + volumes: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.volumes "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.volumeMounts }} + volumeMounts: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.volumeMounts "context" $) | nindent 4 }} + {{- end }} +{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }} + {{- if or .Values.alertmanager.containers .Values.alertmanager.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }} + containers: + {{- if or .Values.alertmanager.containerSecurityContext.enabled .Values.alertmanager.livenessProbe.enabled .Values.alertmanager.readinessProbe.enabled }} + ## This monkey patching is needed until the securityContexts are + ## directly patchable via the CRD. + ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947 + ## currently implemented with strategic merge + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md + - name: alertmanager + {{- if .Values.alertmanager.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.alertmanager.containerSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.alertmanager.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.alertmanager.livenessProbe.path }} + port: alertmanager + scheme: HTTP + initialDelaySeconds: {{ .Values.alertmanager.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.alertmanager.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.alertmanager.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.alertmanager.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.alertmanager.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.alertmanager.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: {{ .Values.alertmanager.readinessProbe.path }} + port: alertmanager + scheme: HTTP + initialDelaySeconds: {{ .Values.alertmanager.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.alertmanager.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.alertmanager.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.alertmanager.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.alertmanager.readinessProbe.successThreshold }} + {{- end }} + {{- end }} + {{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }} + ## This monkey patching is needed until the securityContexts are + ## directly patchable via the CRD. + ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947 + ## currently implemented with strategic merge + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md + - name: config-reloader + {{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: reloader-web + initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: reloader-web + initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }} + {{- end }} + {{- end }} + {{- if .Values.alertmanager.containers }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.containers "context" $) | nindent 4 }} + {{- end }} + {{- end }} + {{- if .Values.alertmanager.priorityClassName }} + priorityClassName: {{ .Values.alertmanager.priorityClassName }} + {{- end }} + {{- if .Values.alertmanager.additionalPeers }} + additionalPeers: {{ .Values.alertmanager.additionalPeers }} + {{- end }} + {{- if .Values.alertmanager.configNamespaceSelector }} + alertmanagerConfigNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.configNamespaceSelector "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.alertmanager.configSelector }} + alertmanagerConfigSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.configSelector "context" $) | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/alertmanager/secrets.yaml b/enterprise/prometheus/13.0.18/templates/alertmanager/secrets.yaml new file mode 100644 index 0000000000..9a6f518f35 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/alertmanager/secrets.yaml @@ -0,0 +1,13 @@ +{{- if (and .Values.alertmanager.enabled (not .Values.alertmanager.externalConfig) ) }} +apiVersion: v1 +kind: Secret +metadata: + name: alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }} +data: + alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }} +{{- range $key, $val := .Values.alertmanager.templateFiles }} + {{ $key }}: {{ $val | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/alertmanager/serviceaccount.yaml b/enterprise/prometheus/13.0.18/templates/alertmanager/serviceaccount.yaml new file mode 100644 index 0000000000..a6f438889a --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/alertmanager/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }} + {{- if index .Values.alertmanager.serviceAccount "annotations" }} + annotations: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.alertmanager.serviceAccount.annotations "context" $) | nindent 4 }} + {{- end }} +{{- include "kube-prometheus.imagePullSecrets" . }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/alertmanager/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/alertmanager/servicemonitor.yaml new file mode 100644 index 0000000000..ef0e02d387 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/alertmanager/servicemonitor.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: http + {{- if .Values.alertmanager.serviceMonitor.interval }} + interval: {{ .Values.alertmanager.serviceMonitor.interval }} + {{- end }} + path: {{ trimSuffix "/" .Values.alertmanager.routePrefix }}/metrics + {{- if .Values.alertmanager.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.alertmanager.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.alertmanager.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.alertmanager.serviceMonitor.relabelings | nindent 8 }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/common.yaml b/enterprise/prometheus/13.0.18/templates/common.yaml new file mode 100644 index 0000000000..61364503a7 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/common.yaml @@ -0,0 +1,13 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.v1.common.loader.init" . }} + +{{- include "prometheus.prometheus.prometheus" . }} +{{- include "prometheus.prometheus.additionalprometheusrules" . }} +{{- include "prometheus.prometheus.additionalscrapejobs" . }} +{{- include "prometheus.prometheus.servicemonitor" . }} + +{{- include "prometheus.alertmanager.alertmanager" . }} + + +{{/* Render the templates */}} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/core-dns/service.yaml b/enterprise/prometheus/13.0.18/templates/exporters/core-dns/service.yaml new file mode 100644 index 0000000000..359c945de4 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/core-dns/service.yaml @@ -0,0 +1,22 @@ +{{- if and .Values.coreDns.enabled .Values.coreDns.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kube-prometheus.fullname" . }}-coredns + namespace: {{ .Values.coreDns.namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns +spec: + clusterIP: None + ports: + - name: http-metrics + port: {{ .Values.coreDns.service.port }} + protocol: TCP + targetPort: {{ .Values.coreDns.service.targetPort }} + selector: + {{- if .Values.coreDns.service.selector }} +{{ toYaml .Values.coreDns.service.selector | indent 4 }} + {{- else}} + k8s-app: kube-dns + {{- end}} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/core-dns/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/exporters/core-dns/servicemonitor.yaml new file mode 100644 index 0000000000..8906b87f8e --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/core-dns/servicemonitor.yaml @@ -0,0 +1,29 @@ +{{- if .Values.coreDns.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.fullname" . }}-coredns + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns +spec: + jobLabel: k8s-app + selector: + matchLabels: + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns + namespaceSelector: + matchNames: + - {{ .Values.coreDns.namespace }} + endpoints: + - port: http-metrics + {{- if .Values.coreDns.serviceMonitor.interval}} + interval: {{ .Values.coreDns.serviceMonitor.interval }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- if .Values.coreDns.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.coreDns.serviceMonitor.relabelings }} + relabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.relabelings "context" $) | nindent 6 }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-apiserver/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-apiserver/servicemonitor.yaml new file mode 100644 index 0000000000..7cfbb53f37 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-apiserver/servicemonitor.yaml @@ -0,0 +1,35 @@ +{{- if .Values.kubeApiServer.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.fullname" . }}-apiserver + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: apiserver +spec: + jobLabel: component + selector: + matchLabels: + component: apiserver + provider: kubernetes + namespaceSelector: + matchNames: + - default + endpoints: + - port: https + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: kubernetes + insecureSkipVerify: true + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- if .Values.kubeApiServer.serviceMonitor.interval }} + interval: {{ .Values.kubeApiServer.serviceMonitor.interval }} + {{- end }} + {{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.kubeApiServer.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.kubeApiServer.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.kubeApiServer.serviceMonitor.relabelings | nindent 8 }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/endpoints.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/endpoints.yaml new file mode 100644 index 0000000000..13aa60ebf6 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/endpoints.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.endpoints }} +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager + namespace: {{ .Values.kubeControllerManager.namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: kube-controller-manager +subsets: + - addresses: + {{- range .Values.kubeControllerManager.endpoints }} + - ip: {{ . }} + {{- end }} + ports: + - name: http-metrics + port: {{ .Values.kubeControllerManager.service.port }} + protocol: TCP +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/service.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/service.yaml new file mode 100644 index 0000000000..6a45535983 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/service.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager + namespace: {{ .Values.kubeControllerManager.namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager +spec: + clusterIP: None + ports: + - name: http-metrics + port: {{ .Values.kubeControllerManager.service.port }} + protocol: TCP + targetPort: {{ .Values.kubeControllerManager.service.targetPort }} +{{- if .Values.kubeControllerManager.endpoints }}{{- else }} + selector: + {{- if .Values.kubeControllerManager.service.selector }} +{{ toYaml .Values.kubeControllerManager.service.selector | indent 4 }} + {{- else}} + component: kube-controller-manager + {{- end}} +{{- end }} + type: ClusterIP +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/servicemonitor.yaml new file mode 100644 index 0000000000..d3f56c4991 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-controller-manager/servicemonitor.yaml @@ -0,0 +1,40 @@ +{{- if .Values.kubeControllerManager.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager +spec: + jobLabel: component + selector: + matchLabels: + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager + namespaceSelector: + matchNames: + - {{ .Values.kubeControllerManager.namespace }} + endpoints: + - port: http-metrics + {{- if .Values.kubeControllerManager.serviceMonitor.interval }} + interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- if .Values.kubeControllerManager.serviceMonitor.https }} + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + {{- if .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }} + insecureSkipVerify: {{ .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }} + {{- end }} + {{- if .Values.kubeControllerManager.serviceMonitor.serverName }} + serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }} + {{- end }} + {{- end }} + {{- if .Values.kubeControllerManager.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.kubeControllerManager.serviceMonitor.relabelings }} + relabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.relabelings "context" $) | nindent 6 }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/endpoints.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/endpoints.yaml new file mode 100644 index 0000000000..dde3d8b911 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/endpoints.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.endpoints }} +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler + namespace: {{ .Values.kubeScheduler.namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: kube-scheduler +subsets: + - addresses: + {{- range .Values.kubeScheduler.endpoints }} + - ip: {{ . }} + {{- end }} + ports: + - name: http-metrics + port: {{ .Values.kubeScheduler.service.port }} + protocol: TCP +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/service.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/service.yaml new file mode 100644 index 0000000000..aad5969f5f --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/service.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler + namespace: {{ .Values.kubeScheduler.namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler +spec: + clusterIP: None + ports: + - name: http-metrics + port: {{ .Values.kubeScheduler.service.port}} + protocol: TCP + targetPort: {{ .Values.kubeScheduler.service.targetPort}} +{{- if .Values.kubeScheduler.endpoints }}{{- else }} + selector: + {{- if .Values.kubeScheduler.service.selector }} +{{ toYaml .Values.kubeScheduler.service.selector | indent 4 }} + {{- else}} + component: kube-scheduler + {{- end}} +{{- end }} + type: ClusterIP +{{- end -}} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/servicemonitor.yaml new file mode 100644 index 0000000000..7cbe29f86d --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kube-scheduler/servicemonitor.yaml @@ -0,0 +1,40 @@ +{{- if .Values.kubeScheduler.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler +spec: + jobLabel: component + selector: + matchLabels: + app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler + namespaceSelector: + matchNames: + - {{ .Values.kubeScheduler.namespace }} + endpoints: + - port: http-metrics + {{- if .Values.kubeScheduler.serviceMonitor.interval }} + interval: {{ .Values.kubeScheduler.serviceMonitor.interval }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- if .Values.kubeScheduler.serviceMonitor.https }} + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + {{- if .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }} + insecureSkipVerify: {{ .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }} + {{- end}} + {{- if .Values.kubeScheduler.serviceMonitor.serverName }} + serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }} + {{- end}} + {{- end}} + {{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.kubeScheduler.serviceMonitor.relabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.relabelings "context" $) | nindent 6 }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/exporters/kubelet/servicemonitor.yaml b/enterprise/prometheus/13.0.18/templates/exporters/kubelet/servicemonitor.yaml new file mode 100644 index 0000000000..b109d78c45 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/exporters/kubelet/servicemonitor.yaml @@ -0,0 +1,85 @@ +{{- if .Values.kubelet.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.fullname" . }}-kubelet + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.labels" . | nindent 4 }} + app.kubernetes.io/component: kubelet +spec: + jobLabel: k8s-app + selector: + matchLabels: + k8s-app: kubelet + namespaceSelector: + matchNames: + - {{ .Values.kubelet.namespace }} + endpoints: + {{- if .Values.kubelet.serviceMonitor.https }} + - port: https-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: kubernetes + insecureSkipVerify: true + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + honorLabels: true + {{- if .Values.kubelet.serviceMonitor.interval }} + interval: {{ .Values.kubelet.serviceMonitor.interval }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }} + {{- end }} + - port: https-metrics + path: /metrics/cadvisor + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: kubernetes + insecureSkipVerify: true + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + honorLabels: true + {{- if .Values.kubelet.serviceMonitor.interval }} + interval: {{ .Values.kubelet.serviceMonitor.interval }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }} + relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }} + {{- end }} + {{- else }} + - port: http-metrics + scheme: http + tlsConfig: + insecureSkipVerify: false + honorLabels: true + {{- if .Values.kubelet.serviceMonitor.interval }} + interval: {{ .Values.kubelet.serviceMonitor.interval }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }} + {{- end }} + - port: http-metrics + path: /metrics/cadvisor + scheme: http + tlsConfig: + insecureSkipVerify: false + honorLabels: true + {{- if .Values.kubelet.serviceMonitor.interval }} + interval: {{ .Values.kubelet.serviceMonitor.interval }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }} + relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/_additionalPrometheusRules.tpl b/enterprise/prometheus/13.0.18/templates/prometheus/_additionalPrometheusRules.tpl new file mode 100644 index 0000000000..121048d87c --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/_additionalPrometheusRules.tpl @@ -0,0 +1,15 @@ +{{- define "prometheus.prometheus.additionalprometheusrules" -}} +{{- if and .Values.prometheus.enabled .Values.prometheus.additionalPrometheusRules}} + {{- range .Values.prometheus.additionalPrometheusRules }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "kube-prometheus.name" $ }}-{{ .name }} + namespace: {{ $.Release.Namespace }} + labels: {{ include "kube-prometheus.prometheus.labels" $ | nindent 4 }} +spec: + groups: {{- toYaml .groups | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/_additionalScrapeJobs.tpl b/enterprise/prometheus/13.0.18/templates/prometheus/_additionalScrapeJobs.tpl new file mode 100644 index 0000000000..3c5f85140a --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/_additionalScrapeJobs.tpl @@ -0,0 +1,13 @@ +{{- define "prometheus.prometheus.additionalscrapejobs" -}} +{{- if (and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") ) }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} +data: + scrape-jobs.yaml: {{ include "tc.v1.common.tplvalues.render" ( dict "value" .Values.prometheus.additionalScrapeConfigs.internal.jobList "context" $ ) | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/_prometheus.tpl b/enterprise/prometheus/13.0.18/templates/prometheus/_prometheus.tpl new file mode 100644 index 0000000000..e4c20bc6eb --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/_prometheus.tpl @@ -0,0 +1,363 @@ +{{- define "prometheus.prometheus.prometheus" -}} +{{- if .Values.prometheus.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: Prometheus +metadata: + name: {{ template "kube-prometheus.prometheus.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.prometheus.replicaCount }} + serviceAccountName: {{ template "kube-prometheus.prometheus.serviceAccountName" . }} + {{- if .Values.prometheus.serviceMonitorSelector }} + serviceMonitorSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorSelector "context" $) | nindent 4 }} + {{- else }} + serviceMonitorSelector: {} + {{- end }} + {{- if .Values.prometheus.podMonitorSelector }} + podMonitorSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorSelector "context" $) | nindent 4 }} + {{- else }} + podMonitorSelector: {} + {{- end }} + {{- if .Values.prometheus.probeSelector }} + probeSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.probeSelector "context" $) | nindent 4 }} + {{- else }} + probeSelector: {} + {{- end }} + {{- if .Values.prometheus.scrapeConfigSelector }} + scrapeConfigSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.scrapeConfigSelector "context" $) | nindent 4 }} + {{- else }} + scrapeConfigSelector: {} + {{- end }} + alerting: + alertmanagers: + {{- if .Values.prometheus.alertingEndpoints }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.alertingEndpoints "context" $) | nindent 6 }} + {{- else if .Values.alertmanager.enabled }} + - namespace: {{ .Release.Namespace }} + name: {{ template "kube-prometheus.alertmanager.fullname" . }} + port: http + pathPrefix: "{{ .Values.alertmanager.routePrefix }}" + {{- else }} + [] + {{- end }} + {{- if .Values.prometheus.image }} + image: {{ template "kube-prometheus.prometheus.image" . }} + {{- end }} + {{- if .Values.prometheus.externalLabels }} + externalLabels: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.externalLabels "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.prometheusExternalLabelNameClear }} + prometheusExternalLabelName: "" + {{- else if .Values.prometheus.prometheusExternalLabelName }} + prometheusExternalLabelName: "{{ .Values.prometheus.prometheusExternalLabelName }}" + {{- end }} + {{- if .Values.prometheus.replicaExternalLabelNameClear }} + replicaExternalLabelName: "" + {{- else if .Values.prometheus.replicaExternalLabelName }} + replicaExternalLabelName: "{{ .Values.prometheus.replicaExternalLabelName }}" + {{- end }} + {{- if index .Values.prometheus "externalUrl" }} + externalUrl: "{{ .Values.prometheus.externalUrl }}" + {{- else if and .Values.ingress.main.enabled .Values.ingress.main.hosts }} + externalUrl: {{ if .Values.ingress.main.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.main.hosts 0).name }}{{ .Values.prometheus.routePrefix }} + {{- else }} + externalUrl: http://{{ template "kube-prometheus.prometheus.fullname" . }}.{{ .Release.Namespace }}:9090{{ .Values.prometheus.routePrefix }} + {{- end }} + paused: {{ .Values.prometheus.paused }} + logLevel: {{ .Values.prometheus.logLevel }} + logFormat: {{ .Values.prometheus.logFormat }} + listenLocal: {{ .Values.prometheus.listenLocal }} + enableAdminAPI: {{ .Values.prometheus.enableAdminAPI }} + {{- if .Values.prometheus.enableFeatures }} + enableFeatures: + {{- range .Values.prometheus.enableFeatures }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.scrapeInterval }} + scrapeInterval: {{ .Values.prometheus.scrapeInterval }} + {{- end }} + {{- if .Values.prometheus.evaluationInterval }} + evaluationInterval: {{ .Values.prometheus.evaluationInterval }} + {{- end }} + {{- if .Values.prometheus.resources }} + resources: {{- toYaml .Values.prometheus.resources | nindent 4 }} + {{- end }} + retention: {{ .Values.prometheus.retention }} + {{- if .Values.prometheus.retentionSize }} + retentionSize: {{ .Values.prometheus.retentionSize }} + {{- end }} + {{- if .Values.prometheus.disableCompaction }} + disableCompaction: {{ .Values.prometheus.disableCompaction }} + {{- end }} + {{- if .Values.prometheus.walCompression }} + walCompression: {{ .Values.prometheus.walCompression }} + {{- end }} + portName: "{{ .Values.prometheus.portName }}" + routePrefix: "{{ .Values.prometheus.routePrefix }}" + {{- if .Values.prometheus.secrets }} + secrets: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.secrets "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.configMaps }} + configMaps: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.configMaps "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.serviceMonitorNamespaceSelector }} + serviceMonitorNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorNamespaceSelector "context" $) | nindent 4 }} + {{- else }} + serviceMonitorNamespaceSelector: {} + {{- end }} + {{- if .Values.prometheus.podMonitorNamespaceSelector }} + podMonitorNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorNamespaceSelector "context" $) | nindent 4 }} + {{- else }} + podMonitorNamespaceSelector: {} + {{- end }} + {{- if .Values.prometheus.probeNamespaceSelector }} + probeNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.probeNamespaceSelector "context" $) | nindent 4 }} + {{- else }} + probeNamespaceSelector: {} + {{- end }} + {{- if .Values.prometheus.scrapeConfigNamespaceSelector }} + scrapeConfigNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.scrapeConfigNamespaceSelector "context" $) | nindent 4 }} + {{- else }} + scrapeConfigNamespaceSelector: {} + {{- end }} + {{- if .Values.prometheus.remoteRead }} + remoteRead: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.remoteRead "context" $) | nindent 4 }} + {{- end }} + {{- with .Values.prometheus.remoteWrite }} + remoteWrite: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.podSecurityContext.enabled }} + securityContext: {{- omit .Values.prometheus.podSecurityContext "enabled" | toYaml | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.ruleNamespaceSelector }} + ruleNamespaceSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.ruleNamespaceSelector "context" $) | nindent 4 }} + {{- else }} + ruleNamespaceSelector: {} + {{- end }} + {{- if .Values.prometheus.ruleSelector }} + ruleSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.ruleSelector "context" $) | nindent 4 }} + {{- else }} + ruleSelector: {} + {{- end }} + {{- if .Values.prometheus.storageSpec }} + storage: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.storageSpec "context" $) | nindent 4 }} + {{- else if .Values.prometheus.persistence.enabled }} + storage: + volumeClaimTemplate: + spec: + accessModes: + {{- range .Values.prometheus.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.prometheus.persistence.size | quote }} + {{- with (include "tc.v1.common.lib.storage.storageClassName" ( dict "rootCtx" . "objectData" .Values.prometheus.persistence )) | trim }} + storageClassName: {{ . }} + {{- end }} + {{- end }} + {{- if or .Values.prometheus.podMetadata.labels .Values.prometheus.podMetadata.annotations (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }} + podMetadata: + labels: + {{- if .Values.prometheus.podMetadata.labels }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.labels "context" $) | nindent 6 }} + {{- end }} + {{- if or (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }} + {{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }} + {{- end }} + {{- if .Values.prometheus.podMetadata.annotations }} + annotations: + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.annotations "context" $) | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.querySpec }} + query: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.querySpec "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.affinity }} + affinity: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.affinity "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.nodeSelector }} + nodeSelector: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.nodeSelector "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.tolerations }} + tolerations: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.tolerations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.volumes }} + volumes: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.volumes "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.volumeMounts }} + volumeMounts: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.volumeMounts "context" $) | nindent 4 }} + {{- end }} + {{- if or .Values.prometheus.additionalScrapeConfigs.enabled .Values.prometheus.additionalScrapeConfigsExternal.enabled }} + additionalScrapeConfigs: + {{- if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "external") }} + name: {{ .Values.prometheus.additionalScrapeConfigs.external.name }} + key: {{ .Values.prometheus.additionalScrapeConfigs.external.key }} + {{- else if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") }} + name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }} + key: scrape-jobs.yaml + {{- else if and (not .Values.prometheus.additionalScrapeConfigs.enabled) .Values.prometheus.additionalScrapeConfigsExternal.enabled }} + name: {{ .Values.prometheus.additionalScrapeConfigsExternal.name }} + key: {{ .Values.prometheus.additionalScrapeConfigsExternal.key }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.additionalAlertRelabelConfigsExternal.enabled }} + additionalAlertRelabelConfigs: + name: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.name }} + key: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.key }} + {{- end }} +{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }} + {{- if or .Values.prometheus.containers .Values.prometheus.thanos.create .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }} + containers: + {{- if .Values.prometheus.thanos.create }} + - name: thanos-sidecar + image: {{ template "kube-prometheus.prometheus.thanosImage" . }} + imagePullPolicy: {{ .Values.prometheus.thanos.image.pullPolicy }} + args: + - sidecar + - --prometheus.url={{ default "http://localhost:9090" .Values.prometheus.thanos.prometheusUrl }} + - --grpc-address=0.0.0.0:10901 + - --http-address=0.0.0.0:10902 + - --tsdb.path=/prometheus/ + {{- if .Values.prometheus.thanos.objectStorageConfig }} + - --objstore.config=$(OBJSTORE_CONFIG) + {{- end }} + {{- if .Values.prometheus.thanos.extraArgs }} + {{ toYaml .Values.prometheus.thanos.extraArgs | indent 8 | trim }} + {{- end }} + {{- if .Values.prometheus.thanos.objectStorageConfig }} + env: + - name: OBJSTORE_CONFIG + valueFrom: + secretKeyRef: + name: {{ .Values.prometheus.thanos.objectStorageConfig.secretName }} + key: {{ .Values.prometheus.thanos.objectStorageConfig.secretKey | default "thanos.yaml" }} + {{- end }} + {{- if .Values.prometheus.thanos.resources }} + resources: {{- toYaml .Values.prometheus.thanos.resources | nindent 8 }} + {{- end }} + ports: + - name: thanos + containerPort: 10901 + protocol: TCP + - name: http + containerPort: 10902 + protocol: TCP + volumeMounts: + - mountPath: /prometheus + name: prometheus-{{ template "kube-prometheus.prometheus.fullname" . }}-db + {{- if not (.Values.prometheus.storageSpec.disableMountSubPath | default (not .Values.prometheus.persistence.enabled)) }} + subPath: prometheus-db + {{- end }} + {{- if .Values.prometheus.thanos.extraVolumeMounts }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.thanos.extraVolumeMounts "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.thanos.containerSecurityContext.enabled }} + # yamllint disable rule:indentation + securityContext: {{- omit .Values.prometheus.thanos.containerSecurityContext "enabled" | toYaml | nindent 8 }} + # yamllint enable rule:indentation + {{- end }} + {{- if .Values.prometheus.thanos.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.prometheus.thanos.livenessProbe.path }} + port: http + scheme: HTTP + initialDelaySeconds: {{ .Values.prometheus.thanos.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.prometheus.thanos.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.prometheus.thanos.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.prometheus.thanos.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.prometheus.thanos.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.prometheus.thanos.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: {{ .Values.prometheus.thanos.readinessProbe.path }} + port: http + scheme: HTTP + initialDelaySeconds: {{ .Values.prometheus.thanos.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.prometheus.thanos.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.prometheus.thanos.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.prometheus.thanos.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.prometheus.thanos.readinessProbe.successThreshold }} + {{- end }} + {{- end }} + {{- if or .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.livenessProbe.enabled .Values.prometheus.readinessProbe.enabled }} + ## This monkey patching is needed until the securityContexts are + ## directly patchable via the CRD. + ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947 + ## currently implemented with strategic merge + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md + - name: prometheus + {{- if .Values.prometheus.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.prometheus.containerSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.prometheus.livenessProbe.path }} + port: main + scheme: HTTP + initialDelaySeconds: {{ .Values.prometheus.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.prometheus.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.prometheus.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.prometheus.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.prometheus.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.prometheus.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: {{ .Values.prometheus.readinessProbe.path }} + port: main + scheme: HTTP + initialDelaySeconds: {{ .Values.prometheus.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.prometheus.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.prometheus.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.prometheus.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.prometheus.readinessProbe.successThreshold }} + {{- end }} + {{- end }} + {{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }} + ## This monkey patching is needed until the securityContexts are + ## directly patchable via the CRD. + ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947 + ## currently implemented with strategic merge + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md + - name: config-reloader + {{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: reloader-web + initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: reloader-web + initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.containers }} + {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.containers "context" $) | nindent 4 }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.priorityClassName }} + priorityClassName: {{ .Values.prometheus.priorityClassName }} + {{- end }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/_servicemonitor.tpl b/enterprise/prometheus/13.0.18/templates/prometheus/_servicemonitor.tpl new file mode 100644 index 0000000000..20744f2c92 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/_servicemonitor.tpl @@ -0,0 +1,29 @@ +{{- define "prometheus.prometheus.servicemonitor" -}} +{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-prometheus.prometheus.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: http + {{- if .Values.prometheus.serviceMonitor.interval }} + interval: {{ .Values.prometheus.serviceMonitor.interval }} + {{- end }} + path: {{ trimSuffix "/" .Values.prometheus.routePrefix }}/metrics + {{- if .Values.prometheus.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "tc.v1.common.tplvalues.render" ( dict "value" .Values.prometheus.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/clusterrole.yaml b/enterprise/prometheus/13.0.18/templates/prometheus/clusterrole.yaml new file mode 100644 index 0000000000..ae96e2d45f --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/clusterrole.yaml @@ -0,0 +1,41 @@ +{{- if .Values.prometheus.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "kube-prometheus.prometheus.fullname" . }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - nodes/metrics + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - services + - endpoints + - pods + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - extensions + - "networking.k8s.io" + resources: + - ingresses + verbs: + - get + - list + - watch + - nonResourceURLs: + - "/metrics" + verbs: + - "get" +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/clusterrolebinding.yaml b/enterprise/prometheus/13.0.18/templates/prometheus/clusterrolebinding.yaml new file mode 100644 index 0000000000..7ca10743f4 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/clusterrolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Values.prometheus.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "kube-prometheus.prometheus.fullname" . }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "kube-prometheus.prometheus.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/templates/prometheus/serviceaccount.yaml b/enterprise/prometheus/13.0.18/templates/prometheus/serviceaccount.yaml new file mode 100644 index 0000000000..39539fc119 --- /dev/null +++ b/enterprise/prometheus/13.0.18/templates/prometheus/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }} + {{- if index .Values.prometheus.serviceAccount "annotations" }} + annotations: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.serviceAccount.annotations "context" $) | nindent 4 }} + {{- end }} +{{- include "kube-prometheus.imagePullSecrets" . }} +{{- end }} diff --git a/enterprise/prometheus/13.0.18/values.yaml b/enterprise/prometheus/13.0.18/values.yaml new file mode 100644 index 0000000000..e69de29bb2