From 212c05925ab3dc6c4bf187f26a09602ac2bd64f5 Mon Sep 17 00:00:00 2001 From: Kjeld Schouten-Lebbing Date: Sat, 14 Jan 2023 15:04:09 +0100 Subject: [PATCH] Delete enterprise/authentik directory --- enterprise/authentik/7.1.0/CHANGELOG.md | 99 - enterprise/authentik/7.1.0/Chart.lock | 12 - enterprise/authentik/7.1.0/Chart.yaml | 35 - enterprise/authentik/7.1.0/README.md | 109 - enterprise/authentik/7.1.0/app-readme.md | 8 - .../authentik/7.1.0/charts/common-10.6.4.tgz | Bin 48411 -> 0 bytes .../7.1.0/charts/postgresql-8.0.88.tgz | Bin 52595 -> 0 bytes .../authentik/7.1.0/charts/redis-3.0.85.tgz | Bin 54485 -> 0 bytes enterprise/authentik/7.1.0/ix_values.yaml | 258 -- enterprise/authentik/7.1.0/questions.yaml | 4091 ----------------- .../authentik/7.1.0/templates/_config.tpl | 143 - .../authentik/7.1.0/templates/_geoip.tpl | 20 - .../authentik/7.1.0/templates/_ldap.tpl | 48 - .../authentik/7.1.0/templates/_proxy.tpl | 48 - .../authentik/7.1.0/templates/_secret.tpl | 109 - .../authentik/7.1.0/templates/_worker.tpl | 52 - .../authentik/7.1.0/templates/common.yaml | 45 - .../7.1.0/templates/prometheusrules.yaml | 160 - .../7.1.0/templates/servicemonitor.yaml | 44 - enterprise/authentik/7.1.0/values.yaml | 0 enterprise/authentik/item.yaml | 4 - 21 files changed, 5285 deletions(-) delete mode 100644 enterprise/authentik/7.1.0/CHANGELOG.md delete mode 100644 enterprise/authentik/7.1.0/Chart.lock delete mode 100644 enterprise/authentik/7.1.0/Chart.yaml delete mode 100644 enterprise/authentik/7.1.0/README.md delete mode 100644 enterprise/authentik/7.1.0/app-readme.md delete mode 100644 enterprise/authentik/7.1.0/charts/common-10.6.4.tgz delete mode 100644 enterprise/authentik/7.1.0/charts/postgresql-8.0.88.tgz delete mode 100644 enterprise/authentik/7.1.0/charts/redis-3.0.85.tgz delete mode 100644 enterprise/authentik/7.1.0/ix_values.yaml delete mode 100644 enterprise/authentik/7.1.0/questions.yaml delete mode 100644 enterprise/authentik/7.1.0/templates/_config.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/_geoip.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/_ldap.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/_proxy.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/_secret.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/_worker.tpl delete mode 100644 enterprise/authentik/7.1.0/templates/common.yaml delete mode 100644 enterprise/authentik/7.1.0/templates/prometheusrules.yaml delete mode 100644 enterprise/authentik/7.1.0/templates/servicemonitor.yaml delete mode 100644 enterprise/authentik/7.1.0/values.yaml delete mode 100644 enterprise/authentik/item.yaml diff --git a/enterprise/authentik/7.1.0/CHANGELOG.md b/enterprise/authentik/7.1.0/CHANGELOG.md deleted file mode 100644 index ff497d12a9..0000000000 --- a/enterprise/authentik/7.1.0/CHANGELOG.md +++ /dev/null @@ -1,99 +0,0 @@ -# Changelog - - - -## [authentik-7.1.0](https://github.com/truecharts/charts/compare/authentik-7.0.2...authentik-7.1.0) (2022-10-01) - -### Feat - -- cleanup GUI from unnecessary services/ingresses and add serviceMonitor and prometheusRule ([#3961](https://github.com/truecharts/charts/issues/3961)) - - - - -## [authentik-7.0.1](https://github.com/truecharts/charts/compare/authentik-7.0.0...authentik-7.0.1) (2022-09-27) - -### Chore - -- Auto-update chart README [skip ci] - - update helm general non-major ([#3918](https://github.com/truecharts/charts/issues/3918)) - - - - -## [authentik-7.0.0](https://github.com/truecharts/charts/compare/authentik-6.0.7...authentik-7.0.0) (2022-09-25) - -### Feat - -- move to enterprise ([#3902](https://github.com/truecharts/charts/issues/3902)) - - - - -## [authentik-6.0.7](https://github.com/truecharts/charts/compare/authentik-6.0.6...authentik-6.0.7) (2022-09-25) - -### Chore - -- Auto-update chart README [skip ci] - - update helm general non-major ([#3898](https://github.com/truecharts/charts/issues/3898)) - - - - -## [authentik-6.0.6](https://github.com/truecharts/charts/compare/authentik-6.0.5...authentik-6.0.6) (2022-09-24) - -### Chore - -- Auto-update chart README [skip ci] - - update docker general non-major ([#3860](https://github.com/truecharts/charts/issues/3860)) - - - - -## [authentik-6.0.5](https://github.com/truecharts/charts/compare/authentik-6.0.3...authentik-6.0.5) (2022-09-22) - -### Chore - -- Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - refactor Services SCALE GUI - - fix prometheus annotations ([#3841](https://github.com/truecharts/charts/issues/3841)) - - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) - - split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - - - - -## [authentik-6.0.4](https://github.com/truecharts/charts/compare/authentik-6.0.3...authentik-6.0.4) (2022-09-21) - -### Chore - -- Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - refactor Services SCALE GUI - - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) - - split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - - - diff --git a/enterprise/authentik/7.1.0/Chart.lock b/enterprise/authentik/7.1.0/Chart.lock deleted file mode 100644 index 0acb6eb85e..0000000000 --- a/enterprise/authentik/7.1.0/Chart.lock +++ /dev/null @@ -1,12 +0,0 @@ -dependencies: -- name: common - repository: https://library-charts.truecharts.org - version: 10.6.4 -- name: postgresql - repository: https://charts.truecharts.org/ - version: 8.0.88 -- name: redis - repository: https://charts.truecharts.org - version: 3.0.85 -digest: sha256:30efd46858717b8c1689ca9990a510b87c2e9eb223e6297bcd93fdafbf86ec1e -generated: "2022-10-01T12:24:45.894049262Z" diff --git a/enterprise/authentik/7.1.0/Chart.yaml b/enterprise/authentik/7.1.0/Chart.yaml deleted file mode 100644 index 6eaf6aa484..0000000000 --- a/enterprise/authentik/7.1.0/Chart.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v2 -appVersion: "2022.9.0" -dependencies: - - name: common - repository: https://library-charts.truecharts.org - version: 10.6.4 - - condition: postgresql.enabled - name: postgresql - repository: https://charts.truecharts.org/ - version: 8.0.88 - - condition: redis.enabled - name: redis - repository: https://charts.truecharts.org - version: 3.0.85 -description: authentik is an open-source Identity Provider focused on flexibility and versatility. -home: https://truecharts.org/docs/charts/enterprise/authentik -icon: https://truecharts.org/img/hotlink-ok/chart-icons/authentik.png -keywords: - - authentik -kubeVersion: ">=1.16.0-0" -maintainers: - - email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org -name: authentik -sources: - - https://github.com/truecharts/charts/tree/master/charts/enterprise/authentik - - https://github.com/goauthentik/authentik - - https://goauthentik.io/docs/ -version: 7.1.0 -annotations: - truecharts.org/catagories: | - - authentication - truecharts.org/SCALE-support: "true" - truecharts.org/grade: U diff --git a/enterprise/authentik/7.1.0/README.md b/enterprise/authentik/7.1.0/README.md deleted file mode 100644 index a2cecc2105..0000000000 --- a/enterprise/authentik/7.1.0/README.md +++ /dev/null @@ -1,109 +0,0 @@ -# authentik - -authentik is an open-source Identity Provider focused on flexibility and versatility. - -TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. - -This readme is just an automatically generated general guide on installing our Helm Charts and Apps. -For more information, please click here: [authentik](https://truecharts.org/docs/charts/enterprise/authentik) - -**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** - -## Source Code - -* -* -* - -## Requirements - -Kubernetes: `>=1.16.0-0` - -## Dependencies - -| Repository | Name | Version | -|------------|------|---------| -| https://charts.truecharts.org/ | postgresql | 8.0.88 | -| https://charts.truecharts.org | redis | 3.0.85 | -| https://library-charts.truecharts.org | common | 10.6.4 | - -## Installing the Chart - -### TrueNAS SCALE - -To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App). - -### Helm - -To install the chart with the release name `authentik` - -```console -helm repo add TrueCharts https://charts.truecharts.org -helm repo update -helm install authentik TrueCharts/authentik -``` - -## Uninstall - -### TrueNAS SCALE - -**Upgrading, Rolling Back and Uninstalling the Chart** - -To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App). - -### Helm - -To uninstall the `authentik` deployment - -```console -helm uninstall authentik -``` - -## Configuration - -### Helm - -#### Available Settings - -Read through the values.yaml file. It has several commented out suggested values. -Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common). - -#### Configure using the command line - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -```console -helm install authentik \ - --set env.TZ="America/New York" \ - TrueCharts/authentik -``` - -#### Configure using a yaml file - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. - -```console -helm install authentik TrueCharts/authentik -f values.yaml -``` - -#### Connecting to other charts - -If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide. - -## Support - -- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ). -- See the [Website](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) - ---- - -## Sponsor TrueCharts - -TrueCharts can only exist due to the incredible effort of our staff. -Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! - ---- - -All Rights Reserved - The TrueCharts Project diff --git a/enterprise/authentik/7.1.0/app-readme.md b/enterprise/authentik/7.1.0/app-readme.md deleted file mode 100644 index 018a3b30e0..0000000000 --- a/enterprise/authentik/7.1.0/app-readme.md +++ /dev/null @@ -1,8 +0,0 @@ -authentik is an open-source Identity Provider focused on flexibility and versatility. - -This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/enterprise/authentik](https://truecharts.org/docs/charts/enterprise/authentik) - ---- - -TrueCharts can only exist due to the incredible effort of our staff. -Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can! diff --git a/enterprise/authentik/7.1.0/charts/common-10.6.4.tgz b/enterprise/authentik/7.1.0/charts/common-10.6.4.tgz deleted file mode 100644 index 2a39fa03ab219bec2da674eaf644f63cccc67271..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 48411 zcmV)$K#sp3iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{cH20TI6QyrDey6wZF_#!&6Z`yGug9l+v)b{#PPA6^zP2i zaUc?sFs2AL0Lsy%^X}ill>jdikAO?*$ry+9PrZA$ zRqWjF7-iiT~0F;$}(M;rmV{;Lfsi;9MP_RuUN5#L(z}{0q2lI z$~p>E#t;oj!coE{)U3NV9Q1m7ySuF$w74ZSVh61@$Qx_54W@1RqSXevnVW2cY*)Yg z&)5A?zf1c<66Fe_KyA9r_ zDEWAP23U$hJjNjiNixQhj6yNjTQ9(WMQ9AOn2W-f2!Rob$!&|ID4D0p=?qTLK??v0 z>r%p406s-P7XV?5QNjTh1zP}6loEzHp^F2+!;p3`api-q)mF8d!UY_P3CZEaNUr~4 zQ@Fi5Jm`=2cOn!<<6(agj>dz1v_05<^=i968jgEt40~vQdv`n-?2UKB-F|O0+#Q9l zdgI}+x4peL+~04EL7K%eNJ)&tMGMGZ=kmt^I31r6eohe+9coEvKVyo1$RLf@rTQ(V zXd)`s(>;gXkmMF-186Rx=lxEvv)$Y7_g?h}hTgBnyF;`)9QM$DG~SN}(a!$vb{|E1 zJ8%$&+porOdoUXB?(O$_d!z9P4R>}>uh-unplvi7kHRK6tVQZ8h+`JQ7_CccZYtK3 zI)`0JYV);g|7rlFK;fN!r{C)v>h2F-!B=~5dwcLI8b)Y1*dK+_tKGfv?jC$Kg8O@e zeYm}c`or<|?tV1b3wxvO!S1W!&H$qE_Gs9o{k5o@QZf_0TbH<|UOjCs{#-mL2tO%f3>$A?x0aL-iyNB;r3{M7;cXT`>zK5ec0Q1^=dzYy3{rG>ZxlXH>9p9zZzD(C`Nlb{oSy)7l}V! z!R_sEyx$MUdvIqv>h1Rj{eC!#M*GpYzu$*Du-D(--rL`KHR=y`cKZF@euK8_se2gT z!UfZG4M~I;qH{#orEFfap0=V)TZ3;%UZ+YUh%S)_oxM)a(6~1q?Y@dedk7BE818TH z?S^5r|EjmQz1!P<1z+_>qtWheINCvI4Ey`LaMXJ>?Dt;1+8yl;20O2swZ0Y;!#Kss z+R|6msweWHg4&S23fd|-E>(BLieTH2b+6xlwLj|bgm4!@xHA}p!%?(7ih5xmZoe9j zdi#UDz3suyPPo0_?~lUqE4a5m+S}XT*&prijp53cn^JU^#T?@VFPYl1NL!R?N}aq$ z6+DU}%qk>juhYvV=Wf{F8Sahu2D{sP;a(Vxd)rZOXAtde_oH642gCj@414=y!EmF! z@vDAs*x%g_d%LK&yEE)pnptkcP3bd<$q2?dT@VK_0c4IS#SxMVRwb0t7=H$2EPsu& zI2MaDy`+1uOM6g6Ih1frkt_ouG!_ICEDS7w%9=2WWH}fEg&m0D2*s=eenjyMa5PJ$ zoCG0EzzBhip{UaWy3_&q@^v{hm?VVD$+QxrQ&hrjiRCmUag3-%86|KOBR%oWS5aAg zhz{feyGWY6C=e^#j{N=+#yA2*dJhND{0FaAg^;Z7r;&Ois zmJF{N|24p>3is{P9h-GKa+b|Th>F=2A%-c6KuRK}mmPrt(wrbh}4?k62&OwgaR1HVFTwhpVGjD}_9qo+gCj@j@$-mL~>M z+28_5I>*+*e0F%LT5hQiMQt@f2~q~7(din1GB#&0brskc#>~n*OVxA8ryyfu{HH>T z&LPF30+S_E$fpP3yY6?TdZM){VSG#R(PubIV{{-0senNcW{i^=I6aqjMcD(;f3@A| z5BEF6VP{wg5@v+YAjct$;{}*NK1D*3;$%V*W3qp;o_=voC_ezh;m{%Ia#fjA0bV zRn*@i%p|P;Y)x&Ia}wnh#Qd2-oG3j|ni!fN9gT8>lSoc2NGDS3iz05D0-7YS_@qkx zgp3Sq}|R zpy>qIlw@%vmSoCSjjHBf4$_gFVhmvv8KqqSEUT1OcNWgo6nWFHh!!VeiRjQVAzWGm z!ur)#wHP9rp)CLvD9nu3MUmEY?poR|LM2cowS&NCA_$J+jB!LSNUSVv=lAzGiEuKh zWi2{_VPl38h40Ho0!AJ4Nciis%!wR$CKkY2WGl2AkYy>~2-SC3*2fMQSvJgnyE@SW z<7?0*5K3Bp4Qx!OiZJ#2^^tR_RED=4)r(9HNp***_*kfPjK)&g8#ZOx=$|O$MTv3- zXLgGDpU&*;$Y*{O892<$`EvgZIGluW7HQ^zBQm%0r6{P?3Q)myETALpla&tjTS9Nt zvdLQg(oqP+tmrJ;bjWK~%*;Aw_v$U-Yh^{_f9Yx|iR?PgEXggYgaNN&J^<5&+KO2; zFsJr`Lv|ry2?Z3*1PwJ2_##ED1Ky{aW3c2uMInzD0CEn)skT0aI?;)^OLdFmSH~Y-66cZ~zL=zaF8UW03Jc(tF{cr#Rl(3yZ`=4+MX9xOk?d%Jp zX_y8zbw{+ftSS?eIW#4J`gwYOxm(GWv(lZ_Bf z5J!UEAw?XFF=f2dQol};xifv=LAidIV@eWfuG_V12V7}AoUbolfXhX~;b-HSJ!riE zhnv7G(qDk@H^KSg<>k-E2jIIeUqI&qNv7xsIR(Cc{jT)_9N8i*-Fvmteh1T^(BcA( z?R%sA)%W%crfs`&lg|xW9Eksz*T*H$a#i<+l9>Zkk)hO4eNEp=2)cH>+4nEC>5KGPQMQN=4m17L0SrFhr{lD*(on%%msF zaFMf5A#0o|7qRwXwDUrq2p6L0SV?egO)CBr&__rx@)G0Lvq@pdGZ=#iawr7S2!WWu zNE&I@&Xuqs1B_FgOpYOk8paV!%(@!zG&TmOQTqa@tKpOnCZ(8A%oiYxAyW>t+||bg z+H(Gk)D9F2rzpzA0^8I(64jKx7HWLKIGVK+5}|fTv2@m$6}xgRs$I{8=LfP-6lq#(kAoXRsQVS!B;0=>r6EMlJ zvL2uyHOpqXOHl}X1CoiEVt$wf;m=c)7`GW={7h+c$4*|5Os*xOgc*fOz$b0Yyb(g} zXUwNRs=A+A4v?Z-CD-wRTRi}H?6r-Vswi#epr)m&TEaZFx=|K5u0kK)$!S- zAv4>u8{1|nlthFxEo8wAE&xT0#B&4^787!lr2sRQDO*zx!%wcv=UK{xT>9QRWWg;0 zFs2Ab3p4T{P_4Y~gJ26p8IntV0gECMh6m`Xp0>}FdR?7o0uh?rp8HlHH%db6d()usCR7AH5% z=R)JCKBq*~7iJa(r^jI9{KM(-rs!FF4n;pwxipR!LeyqLbO;KILI+@XxZeWc!@I-F zpAJB;w{1jJzF8}W5eef})jc8!N1u5ogee^17;`KJG~*0Mc2WPshf^`ezPntBoFk{2 zKqI0g)x!rPcZ(rk2S{JPZXM|6?Q-B;IZ`iu?BqUImK-uc6Vpri;s;8y)Vvw{KUtQh zF%ql*WBI`_mM(WR6;jYl$oI(wA^aU?Gswf~dRR+$V!lPf%GjqA&vA?D<&iVIhpQjc5S~3Y-y%xUCizM#LMF<)aegF$x!9jOsdO3pncU zN*bMx8~PT8ugoGHU3xGMAu?{#9O?st` z!)^-a2w)-2ZxdlZ3h^Wim;wy(N%b`{djKk6m_~>$56)LJbR)bOw!2;ezM|lnf0E0u>G*%PT1?wBZdis084_KNspTwt6!YC02(=BFG z<+fL&zaSZvgJgi8Ti8m(m+WhXxbcCC&WWWmxD~cqLU?g!GDpD29tm6p|!j2cX~6UsFV}RI-KlLPC;^+Yh_?{TSjnqv&c%5fccDFL|6s z1o54C-A=P=X1AXoh1)IkXLetQ-F>n>Fuzv=|JE4(Qt5=X*-`9E`udVW_oG7DMh-y0EeMm6oRYsw^bNu1Z2QWaKDM>HvYiVtP1o) zOtRu++Sc!1yil(G8G;D|n1iXX)4>dWmSF{C40ivr(|g_D?TJ;Xs4Ll6U;np1Y_GBcGT=`0M9^RW$6+`T3ACMGayQ^ZI{L&Unmgq`=hFYJP>-QN`J zJB`J;m;zQ{ohA_u#Uf`)Zku-`4=6}UnhA?Ns*An;Bv!AVq)+VA8yLqU7~Wiww`9WJ zCnuB=`sp_!gNe{I+o@Vi1DxcXrZ)UQf{@}nLkk2Z6ozP=#qr{au$Q>YR?kcNs<>Wv z)?P+TuC=Gij2}uzz*YGJRscS%KtZqRU=*PUjMTbPhrQY*q*%%_Ji{@hW>@t)!IIw@ zFe|ZMV-Hx@s8Fd5LxmnFMrcKF&>ccNyqHeqm(Rvy{8@oFx>XGwW*#B@6D1WOtrpTd z*-8`G5ad#1gB$uI6uLRnBtqvZ z4AmGC_G>X9$vKr!b1tFwWP6)Ncr2uAdA>B;qmkd)S3Txt`N{1!xh}NBs zOw@NtgIdy?xGET?QsQVQwz8dYGA4AU1gjDat4s<}EhmuEW9NvLi2%5wa6HCgA!@`3 zik!nVe+Z@uVVuKUEwXvW3B@qZUHx4pq1!m^ZmI#S#O9y|b)4!TjgC73l1Yp%ISg;M zz`4{C#~FNZ-I2ju*y3?SLo*;NcXEMNw>a+H&13oohK7r|0v*miX_` zZ33G;mWokVe(wgu?PvozzIRpyVyGNd(1@9gfto9Ym5L!X@})*Itk4dU7AsVP1Luy~ zK~cO`HPomFk2xfWM4p?<>xdOfp{$U%q92@uB>1Tk79S@yFHC zxi$bl9G`!3tE;7)_@ozgDZEVp6f46#S~Q8k1o2#B$-p7ON*^xX%CAztl2N3WWzH~I z-Ha1^Ku!71owXWH7)LMyWbCvfN`Fda6LK^}P@Pgg?_kXmUR%^{{U8aehofo~Ip{?Q68`>u7ueqUZNC1|F4_C`l zbMok(mbQ(atd^ywl}ERW`pAhCcR z<+Vwgaq<=?H)Yz}pb27*lfopA0GZ(^ifXDZAig&{J>4g|vXG@6F2qRr%HZf;`d6mVe*D#0{GVl6M=i{HBGye%8O zo7Yqyb$j_?L_3mRu!F@lpNShL4r9|p$2bzv=aeuTd8u1RNz~4m*2Ci>ZM6(*i`kEp z_6RZ@`f=N)?LP$7XD(Zr;Dm2;S!a}&udK|plkt8BAerFgb4^hmvo;K6D886L!S8&b z_`pj{<3P{^m4T2=MC%K)ZenhHn@qX*N-b|3fHnj&kOO5-M7${I;wfP~*Tb$(lV9>l zs!;!tFnQKgBIU<77!57M+Z~Hb9nzH=zOBPyJF#7}Rw9)`KFyI50CM|Re9BimIcDdO zPdlI)O2F=#biH@Vdn|QDB45Kr!d3ysGGbeZN5xrU1X3N~ z2mR4eO`F>@C+@*FH)a~j&^^0fAP?~#A()sg_8Yn`8|k` zIy!PMJKn*zY|E<_YEAiOJ$)?X3awXSXwL>TSZO$A@4D1bAimS51?txtHj{#2uh51M zuUKzb1glmYwzfLpS2*J8SM{>YfK|t1{km0_f&^fTsUrv`xo|-q+k-Q}Jyu`@*O-t4 zFoJX$r`?;&8jhik;HwFK%ki<>tH)-0y@0D1FCjNsS!Ze3L^=?EagcUd(iG_<*MQkj@Z^u;0l&p3{y=_A)o z$-<_1quLFimU9A5#c|u8rKf@urL0uM2Z^&8GAlNJGu{x`J(BXN`!|8kH5p&?DY{nG z|MSz9E~<}-h?3v6ztbv|xh;({?#~kS{++-`H7JpjQ3C>^j)^VrZs4&CHs58C)lnn^ zxY{a+ThuiH?j@bi8Fb^s5*ZMPRyYxKzsm5$oaR$`)+%O5ft=tuN&r*6Qk^Q- z&l2e|MiJO>(AeAp3Gu2*BUA<;$&Fw!S*FDLC#uj_jkqw>;;HTOwvI=-g(}elMVUMq z1<+^ABuj=d#Ivn@lyv}-{Vryjw0EE~y1gGNiuCQ4E` z(I+-MId~|~2fZV1)<`1}d4X5o<*rPk4S8uDOAug2B4p=G?(84w;6FWlYFr~k|33|M zEhoH!(akYzD-4-A=+qWiFy(@WwrdCA0>S8KiaB~O4A#8+@_43AC1Y?jy%3rPv3$#- zmNpFk3mt%0uU`Fti@pRR*Di`B)gjKQlImGX67Wgp;K~wx%;b|6Ria=;o)q8fXCec| zR7xR*GsF=!t1!WeUaGDwF%l$2$;tPZ=G>LA^2EQT+TZJO7MezzoKdE>oP?b-b}}%y z`NMR8p5`!bDVSI#X&74IFojeYSNs;C1i;um@6mFYV;$bG3?bW#Fx^}p2rE#C3JId@ zYEvm`gLzRqbyejG@6ilJIFqi{KqVUra;*yipQU34HZBg|wMQ_#5$t78Ty2_(u7TPx zNyV84uwYP8m)R{btvls+DGXG@zJ!!}c9-~HNPYZXw*FC3>=PIx$i=8nbRry0k1Z)! zLum3Uv3w^J|4WIDnFI%PZ}br4Q$y!M1TR2eO_1LOYs?{y$%NgJH|CIbMfGRycw+8Q zvKq}&A}{aJv{^dRqVyeyna|R1dVv3U3_4VturH)J3Uwgyt*ezroFQvEXp3 zPH<@dmnc(qPbdOEW!1bcPv|o+y1NXi9Dqm9}s?)0smV;^%q6lAEK# z_oEk`4Lv{he2^HHPX_Z(RW6&^;@IuYrJEhbRJ>ZG($gnaz~K~yH|A^&rwi>t@-a0y ziD7cKSR)e3yw2K(OQ><$`4leaC@c7pBr(?TBAMWmGQ+C)^52kem3OiM`x-aqec4y_ z_~Dt@z0y%f)rT|PtvqerGym4}Z{?8dP>|K*t@Hgg8*Ej0 z^+zsA$gHTIg8_0VU%ES8fw$Ea$nR=rA31de>F#yN%Xw<^N zNu^9*JD+0{)J$t_m_%)uaNIU;He2Se3M4s6NlYe-%TzG+(LFIWDFbAt0F^GlG|*CgKiJN-*Cdw1kwML>|rYYB&7P^R6bnw<#vja4+(=Dv$5QB zEPR)NKKZcyO-a@NEM%DDk_eo{`uHAufH9LW<@n@qB@JvNg_PxDEq54W$dHZc(-uBT zIK}F17xA#GLUjeT(o{&!({mH!tqSE?Yabw&D2$@EMxf1!bWL@pgn$^qxjr){)5Zvv4>8G@ zfE-Qj){DUhz))*{cx&fiR!DO;+VuSxs^GjUw~MMi!A`7e`buUGeVGo1PPfA z>0(QEUMJ;OOHmpxz=+CIHE_%k1>fZ~{!U)%DMv&ZNMV{CfI+X z|Jra-S=6KfRVRSe-+uPW7BC+Qcdg0#=6c65$*+1W)z=?guT|H(>R`Mr8Ba4$lPzFd27;xW zd+_Zouey$Vk~2k#Xr|`MXjQI0*MM$2cg(2Gvj`;|Llp?CQ$rhhpFD#avoU^Gd`6O=}T#L zA*5RXTZg(l4V)k)p@bg5i6pN)vgnXo{&sdAmC2p*>&V~f0f4G2J@UpQ#Q3#T$>t3s z;mz)~Sy|fG@}kRYb)#lpTSjSLSAHuUP8hqqZ@O#ntqMB7!EtE)W<+Yrz$1JNsWTkBZe?P>#yCC1t*G56fK_GZ#=7-8@10Vte4 zK*>D!GM8_{1f?Sc`8`UJ#JqgeLwj4K92{ApuiOBt^c$SZf%5KudL`WiaD*>X~tdRDdiYQhGa=tw? z!$G=;M?9xheI>PA7vIqXU;^6K~0h{z5E9f{VC*jV1GLQdVZ1aRyPCHJ47cU+q^_2un(f9y7Z0ako0ry9q3JdHE`@KEI2Toq6 z5+5Ws578Qo;4Xx!^QM4xGN%*{V;9nH0DXg_8oJK1BpMZ|F+}aEG#65!uAAkeHqV7g z;IN)imQpek>o~_E%Z;*_Oq4s6O>qiLMxmJ8;596@ zbS)pY?nO+@VPKmmMq4?eLiaBnQJ`|kZd@e!U+Dr^eGQk7#bz<+> zlULE*Vm_5d$2o}}Y;qVJmQ4vxNaYR!5ii#~0qW`eP!(fZxe6`OTT7k=Wdkz_*d)HPMHVb@gQr|nu8-BoW!9f1o>-CEN_V#xAf9el*`h%VA-MvBoPrdD4Z*TA?(0j;^);$^Hkp8K6@3xAa z`<*;rzI6Z6l4{!~yOQfj9mFw;Gn7)Cs4QtGnkj(g3VXx2x;UC5d+~Q>vzF*+gb$~k z)?d0`zqY=7vB8-E4?BtjJ91;JQ)asWv~?Xk2B7m%8GMtNj9}cspO3`S(p>YZ3sRU& z5O|4`2z}lHFR?`Q;I*xcKcAGEIr8>E1f+Jm-GV9BtIGor-0ZVXnBY#Bgk!Nfp7(>+ z4Njs1pf}tOIfvm?SYXFCKX_|~I8-5u<^%x#-2U0XL@~M2^&EM&U3!uz6sy=)b zD_ZxBJD_5X=*i&;?Wj=Auf|(wm_oe1O5^;4_@sOI8f*Zb#(ANaVAF?yVumc38W@Fd zwpw**pQKKeBq}4XoHQOFL(6K>5r&57*ex1K2Nf!J%_(WA`sQ)%j%d$G)q>{ z$DK19S_G7fbz~k=w?~^UmlP1X1Dqx7g~tH>qUSYi<8kl{Rz{6If>B`@Z z-Ki;}v$_#?H)nN2X>}u2&8YH5PzFC^P%;>=+0vkmxmBYCSHY&%~VTyv(tpM_}BnoOKlazK24YWwC0xZ8(02b!AXMfN8 z+S;~qrNXvWKwEZyN@4)2bh`W=fDZT-Bw`LF91KLm2421|Db#}<57{ZTwPn@Dui%$V ztm5T2wfiaSh@tksNte9*CVK6CQ;YjAj!^#d{Gi+Y^Zek?^FPl62L;ur0M1Y@9p$^&-VXQJj?8VG5j4B6rmOYN>@Ai z@}((Tnp^6~%{Yr=@t2rmZC6yhmo5V>1w#)HeSMyh3%2blf(Ckt99^^~G&Yez56u#GWe$tNImEG8eFRdGsHxeVR%F)GrLQtQcnvm$tejuI;2(Be!Q zCc6A;jPl0pE=gsVuXXgN1)U2$K~wWXQMf1%-M@w6atB69a~b7Iyn$&r6pl9d=7pu9)o&}?G!fbD64l|l9nZ*E~Mv|n4e2T;Xfp(kH$~Y{R=ph*WQ+nN919@I=nW&H6%|z z0VIan;gQ#X5 zf9mA5E1J!c%7)h)4ioaxbU4iUtjgigADaw^X}5-&KBQH{p&@kt0*(4=xMzlm&#x}o>&MJXLf(%W=6RCBEAizSH+o(ODb{4N>}Yd#+|!a)J`hVvn>eV_U8 zY~uf>Pec3PB#gV0FL;&zx7QmK?f>3z=h^;$ibuzP7tDgb$((;Z6(2iJ(t@vF50(_76_vRYxFeLzMJiGNIa1niK-~Z??e8 zx$>Wt`hHW<;rZ$?7@fetK=Kj`SUx>BAv||A6jZQ}m)JlhEy+7q4_cIz=MN+XHC<|h zpxu_nfcW!Xs0O;FS^#;b5%8-`5a9$2%WrS*#0<4U`tlWgf`iKc|`ZilgHS7icG2e3`PX#K9x z$rY0&&%XNgtCz%8PCriM8r2Oi*uMW!k>}?R_%yQr*!^MvSJ;33?UMc1+Zhg@?Z2mZ zto>&)u7*yUR5k9*T7N3NU^7`VQjPmZE+TI z#++y=EMcBqxxb&MPX3#;QTKNKHjw|r!LTU*cel5n<^NMWR{qy#8C&1^YhYEoe$Ce^ z$FKRe!tLu9YvT0vYxpkTwSB$-gfN989Al1=mX0ur@}$IPCs)^p$L~(hT5I@+E!BRX z-eJo?59J$n>GAlUVV%hFKtk(|aMG36UbI0wl>e|8p%mam-6^&j>EDTmZngZkJ$k(S zPs39Fr$O)e{O6NAb@6|0I?pE#{xeN43;lCs!?M7?ie#S;8}(PE=^i=eFDK8^h`)x$ zc-{Or32vqRr!IniH2ZI`yIq?9!)N>NNgiwexk;nPc(T6F*8u2PhFLa&ZD}WOP_4^$ zS;mJo*1e|9LVAexJho1L2-SfFoW%#=SDU>*Pli9`JiU%($mg|63-PMAZ?cn5Xd3z- z)fZ{;Vtw>qMtA6A=I`q%cKV z1~@+M%1vyiy@^d{(gyz|qiZ`>o;eESWrH~M;fp#dSkTJ~-7r-T|NIK zqpEhqbA6pcKE1xyD-NBbB&f{c@^9nCXe9q1cm2P;y<4{b_V%9T|5H3=`Tqdxe^(Wh z*Z)=wSFHcdw-xJuzgUy?zhC2?>;E+t^^TtVJud1kS3K0B-lfOmFX~rBU0Gxr$6P5z z)e$=RwY-Ab%1O^22ue{+rZc9PhE$3bs)y-E4V6FT*YnF8b{-%yt3fQ*(joqxxIq4` zpVj)`4(DU}fBJj7JEi!a-RJe+lRS0)ANQW4C-(oCrq^0NR{MV{ZbEuk|4)^r^T__6 zoIGov__QnY`m>&Sk*3`?YyILe&m5B1*ZlR`hdqlfiU&FMX}dCitfQUC7%^EByR z&(q`~Zh%;2|LydP_dg7`_nzawpX8~t|303d{RXDrJWV{SPn3x;(|WRC14`~(q{vs$ z=ob)>6eSYW@*1_ye}zmA1yoxnw!K?S(IkU(C5|gvbm6ROQwThncIuvOx^R}YDTiyl zHdok1^E5FQQ3W*h=?#uim2vp*<)nYaXPNxh6QFyoIpwj||J%LYqW!l$c((tZ**LX4#>E2UEP97Bx}No(?vqIDChGSH`-jVV!3+BPs}-{M_Tdg z=AUrEZ#%s9dY|1tv6Ja8d+20N&rr*!`F0k(fD zL}b4Et3Ot4{_0OF_I|xmO}2i$3inI)u}0vxd2{(cm)Gy!AAfjzvc|5lpx*Cu!&tD; zL+ur7Dm?x+am^-!X#WPs@#QV%;nZ*K&FRI-&xdc{x~&E8&jP2&#rqFeC)a(iM1OC) z(;s$vonE)U9kje$V&=Y5Ma&we_^jgb^o^tJ`t*E0@G(=(e)%FTE`6csb`@P}hTING zH9@K{7&`ZhnD6?&e>NY=8{Gn1qH-sGMc?XSzXskNB!88+k5rWF6s|ujpmS&94=ad2 zEKt9H7wXq@DWT3CUk-Xk>}CwnMBUrBv|I`qyCpPIltIb-4J9)btDr2n3p6&8ZEc^d z5%UiI<&X#`@WBn$$(;lpHiZ;L9b3>)QsJY%E@4*3iQo;Bbv=~gFND2gYBmXW5M^UL zM+su=oRX1j$a~Q=-l4ssmB)#uXk`CAZvKznaJ#hsKNvjU|NSJ-fZ!@85?@IbDSHsKZzjgQC(*wB5|JN($ zf7tCm@Bci>Q|JG?GGqTB9zZQJmdXrgbD`R^m!ot~-=6i=RfR?tkn#L{n~&h#bGls# z&ks_=Es{D)g;|dRBpm{?Tf2Zi4sAj>-BpZcb}qf2vFNr8svynf+d`=*)Cqosr~%5Uv}~ zj}nNNV)4utjH8)zupsvfu5g$7;N`_)OW>>T-VwyL5^XebVE9+K>Z3flXW;7c`lk=y zpIl#_99^7T6}>ioU9Z-M%ae=C^TVT)LY;;q=6Qk~u!l!SC+An!$7h%8z=dImQhpsJ z%m-Y5R@ARgNyZT?AtSw8B}8hDjy7v4LX2PIwA9q`$>r7c>G^}U#YlLwd#y8A7aP2M zfArJk?)Bx##mAG22W=L8<`iC=BSv1MC;xqQad>@r@k5!Y72~!(aUq(K z<&Ce$cf;j*JEOdv@eS-}JgTepkLU*dw|yGg|6)1$Xy?BN<@|3ugXi<#Px5$He8GEQ zBQ0Nw-%IUv$u(@N4TAI)NUUCE;Vt`dt0;z9l^OCyQX{kY+K zoJ2U8{K1)m#7Hl}%;+tlQwxCdq^Y9{%jC6Un&r$slDz2TFbstW(<-d`;F)7G$|)|^ zUCJ7|K+*{8oSE1EK6XMw{mwgAa?f>9fdf8sEH;1dm zqdS*>x5Duo5id>W|9v7rR?Yvte(C)0-t+$N(>(g3*0H&zRmbj^J^ZCjLq|S5hCg4* z2#MX*6z8ERkRlKh80jO1cGE&4yez!LyJ@9Ht`xkx_mM3IdP9+t@#&4a(gjGb?}w`& zuYWrEAM1b1BSk8O$lYbgviWb1BR+2YM{l@Sn*Y1I&-Z^k$x|2q@v|BGhm8MNxo_wk zfUS-J$dNpzTT zA{VN6I{?0F|F?YqOMhqg`TmzDd9?k9S$_Ae43J^~G62CS&XAN;Qu|IVQ-G9209v*H zL~X|aK80NRXw=qS)XEr6CVIgrI1R*jL?K-)H6kSscBUx|oJG(}btiyvGc`PjXex`h zYgKg`o~G6Tp2KmztMpc`oi$BiA$`&mGI>cQ2;NIlse*yGXjF2-{cZs%>(OoPwZ+k2 zBg$C+a{4A=+HGhg42VGV_5B=CiX#+kn)e;|wZE!0lyJO!^R`r9=F1Woj^HZ#{|zVM zWYV2)YsX!U2&!@383gX_xf7PBs3}{!l00YQNIjg>ly&Foc(+2>p6g{D#j8KzBm%#h zYc;_}J?G^Kxvyl>PpkUfE_$#XxbDo5m1a1(KxvFa$h?})d#AcSo;-t}t1IR2ok}~p z65Jde&leBe0Nd%fp~hA821Vpj`opggk|TK{QQH|j9I+e6VIOf&mNHE=jb z6i$%SNCmZ4VNnrYS?b9To}Q^}RKDIUV*lpwE5Ul(oA5 z{cgIw=`CJ`#w=KMiNy@j2?84i1*N?meH7u4Z&o_<-SghY>%Y0_*$H>qzh8o!8z9gG zL#KQ-nuRchJH;C)dRv?guHtoGR>CwOeTa2y&p&i@)F1z;)BiY`P{i0nq<>za|NH&H zuvgUo{pb6?p5|Fw|DP(xcpUAox$ePqzlOJ_=GV0zM(?}8z7ehOQl+f(-LDNazJuV) zl;Rnr3mwEKNIG$Lz?ptssig6!lW`oILLCjNu;Km^W}Ljm$;~4+q4l+HVHxWb2c*#b z(!luNmkdw^3gvOCDAb^ZB9oO`J13MIvKHZ`gmTu9xT0uIVtwVwT+f*T;LXiD@cBkH zce)=8w}4HbzC|voW}?*-sdAjW3ACiRB($b;0U=H3rnApVJ9f$8D6W%~?pC!COC3{3 zdrJ+dSrpyUJRJVuH3&5JfwyC9P}Ja#gcSG9_adm*&fXXP-2SuRhB_ddB`ek{1^gLB z?{E~w=oV5XzJqGi)HOSAiWQ8IE#&_z0G3l<11h!YNp#VoO84iyu0Zs)xA(UNPE0QEVIfHnXNe( zvu5KkTQ&ro$ChDPT8L3uHi?!r$f_FK zEcLhOd#KJJS1AbdYFZR3r-e3mYg`ttsDFBgMR|j`%1u#n9t501G{!f!>p5R_FzL$N z543|4P8TV`31@-lfX+WSy$Np7NCr@uNSvn4I3uo`ae1H=G4wS4mOD9E%)XHuOJz0k zay?mm>(RSjwR)1(-L8oBwBm8;%62PJdCWfAl~1`U0BtZO%)Nr$0b(n6WSM*ti)vrK zNYZsAy}ZN`6+10C@;OYo^LB(N&kNb8R8qVs(5@I!`@PqLe3#d)Tqt}OwXft3;+HSEY(1xFj6Vko zxcFQJwuBh~BN*PGBs%b3u0{d?O@v}a|E!E6bg3=?f^_Ao03_LLgs7@6$y=&hwwekU zovm)4<&3qmsUpehrr;mg*InoT)nSM#Jo=tq;8p(L;dUYaM}Ke7d%pkqNgnC{{oeEP z@+ksm?(l10uX6QFxFEK8(+|3^JE5zp3Z9 zOsBG6v0SG4zOPy{dCcRj$24r5Oq}Ex)k~`~8sF*y>-V(}Y?di0i7ru$LQd#Gc?scs zEp)QBgeoJ5rE#gnqV2l{bnO}B;q-0Oz`YLBjlZpk;~UmFoV*?i#>%a!FZOE9iV}g{ zn384lFYEyPJ)aQb~r!kgL;oe)RV|0*HAmibHb#gZAs6$!!OH4pHjamg-H_l6gs`wwGeE(m3@;YxNr+Vdebm*rYdh-fn^oc{89S z&t|Ek>Y|xawT?4W)g3c6MNU4af+3{*+bpUIjq&-&|GfBl~I*HfymFTY7bxH|uDI=_3q=i;*} z|4VZU1XZ!j5?~^=h$N!$2Q~ms-%mZ)~Lp*z&Xy9}nI=9A@J-1GR0b6XP)3(NC zTZ9E_-L?Ll^``I3bRMql!hRSBuZAKN+lJ#T@=6Bnpb!XY@GX0R&6lN37U_`p#>UJM z>g@>^TCFaYL(6^2m26i$XH@M;HqE(oBGk4`5r;SdRZiP_r>oONU0;(mn4);rVbiWT z^V!y09S7hBp|n+@%Ad}E+}vSY;o`PG8sD&4<2d)+$gyXu+{2#@!w@m{jzlI8Q(Fa! zSYq1mZrIWVg3-?ubM!t5Q6MknbT;k_nZ+skB|}a~4C92#^i@u@4#WTQ8hG{U)ektR z31qUBQe<;GR`=gMgjE`wsxi>GDM=cD4WI(B9WfW=VrCMP5sU@TY*q#osf;iAB+7q# zeRqmgU2F|ZCZum5?d|iUpE~>RUKf58o)z}rptsvE+JA$c=l%aDdDgQ31XDaps+at} z5p5#eCm4V&&(`AJWzsN2K=#{f;bW-`^D>wFR@oiH2%Ki?&C&9b^3kFPSY7fLwlepN zZ=f1XEFG(AmOO5@`TQtKkpv}m^S~6ayi=xu{dBie^55KLG7n~}6-KAhoc^ZG-x3{U zJT7o=y=eybOP-SQ_i}qoGcKr&llkVxz8R*!?~7}y78ttK{BvD)!4l^`8|#1Qr_TPr z*M%R2XI1{E-e9+w|Do6KKimIL@vQCt)fa?3io@5vTI3-X0^YqO4Q+khzXyo}c3^!g zCVWnk3Nzk0t#rRsPx{W4X4kCL8UfECy$xNUoZ@71{G8zF`C0p^*Z=Aq+!N$~>TT~7 z{eQ#$@Ol6DNuIU!zsZ^MNCtoezI4~uJra7K9pB>7(zSMb&BbS4j-cOQ%hyApN~1f; zf$AU?H?i3~l&1@vL>pZEc6PO#0n(X#ytF~~q{2g`3sQe5ow@4n$Xcr-C&km79qZrK`fWpLZ zO0n^`1V-P(7$za276&mbaXji|2^OuO4j*@69FyC&y8fY!)4GHmOA@>P1}59Rwy8D! zHV9R58is^{b{?Ic2b*96%~HOwA5Ft5x3n!--lq-CCsp45^mb_rg}!_-H;a5JoHw$l zoqXnqCQvS(0v8oIuXHK-8aXBXq#@1+(5$u7^I%2E3O1|3t3apNsc7inzw?l)x=0D=pcOiZquy06CkH$1fx+FIx9mJp_{8)nR|C>)P*nBSC@kF)owa=*);!4o!Q{6~Z!)Y=MB_UNL)9E?$DSLYEt_Pd1THOg0+Ma()#* z6OQ+(CKP52>f5Lp1PvFPe&xT5oX}(h><=3w{3SnbBJ|gmlMThQl)OO{uXOG@4X>>- zYuKa~9XGRux)#9CdeO;Wy0=BRceQz~S!2TgC?n#9;Pneh6C;oj@iiYWYrkF{ojdu< z%=-gyb#&gUiipok@%ubeKJS9xPKoK!W@)X9b=yuMlYSt!;`E&XZ_fV1VNzgfl6?5r}0YhRoI=v;tZCj@v*R$YtGOncP2>&{*ay zlR5y@NuFG!?Dz7r%Vtt_wyS5K<8Sz^@c%)zCw)IR;EMgf{%&utnEz*Y@O=NvlRRtr z|NKCOM~MXV!|0wWCa~7a=!Ww>z;<9oh~PTgf>mdofAi2jM`o||&6yCF8fE%GH@H>U zE6q-Itm)JFBWSCV{EzXd8%`nR-D`(N_fi0>cqG{T%=OB#)5);7CbncakWd zEPx>;&Sf9VE`E32rp1jHEdbRylk#Nr%+=!k+g3&;MuHboC#X3tzKHqzat>aq$!YCR zDP7cg6kWE;CasBkYe@Y9hxmxdlIE zBcv@izzG;3K$N8yp`^2HB3I_qzsaGw`oOphI!A6Lr|FJC!3Zk{P+{A;D32}>&!|pE znx>Sb6pQstZjj1FOz{G%bvx!>6p;5zEs}z&1ebw-7>J?S9MK~(OXZ~wf9rSpuY$^* z$klZ1_~*Gb5+lT+*J@RY2}QD_DGF~aNf=k{E!HMVevM4KxJ`Vg3m7(+lTw@OG^@G~ z=UFkV@hp@7+Vy(x5U^G9f6y=5|HIv#=lJg@d0hKn2fnOr`kRHgm~bZjfn=fO@f@;< z4(6yXSL^$C%;h5irE{33M#gI-+EicSZ~y}LsEoba;p^9+1=F+;3p01Fjw!>gFh9S3 zt$;Fv37nv)JzDtZbT0F(^>vFQ_juLPRZ-2F=)qP*OHF^9P3wLxgCYUy=6F?|&cc^tOxge`ol7|Lc=HayFlQPGJ&B!&wRlGFHxe z!3N7Fu{-x1Z@Q9XXRfPQUG7$SDE?z135n;It^oBKY}inSiq8dcT6Lnl>{icLB~s!` z(O_G#7X`S@R5ZN_eibHZ5`y85{1eYEv+)>z20=Thw!d3Pa>oQfi@`XH;|2I7gE1as zAyLy*j!CEWGg8oHc`n)zvRmL5|Ro?ND>Zl!Zbt3cbJ1)9LHjnm@$DT15hHbv0ceE z`9_VyImxQ+orq zjmaovZLl1m+VOR0F)^ybq`FM00l!jy-=Dk~)Q9mhDM4D2R?*HxRjt{41bRL?j4lMD zHVOrkOJ>(IN0pM6%xWpAt=)ph!0D?adi3A9)k#qr!w`Ys{{O+uZmw z+YIV3suC!*8b%Clprq&j13^dr*CrDP!1$LaX&|$IiISYbat7`Q2Cj1Sl=kE|t8y0H zkH3Fw3+ng%RNMcS(Yn`K^b4N5>q20~`M>_oZo&Vv-P_rDw*Q~x5i_a#7jQL2U~NQE_;M7(U%GY{R``c=DJ38t8Gvf$w!!MfeCePMo|!a@6?Npt+>_u}I?v+Ri6plh zpyFF6wI4zCezj-;n*Cw@!^;7BgOli#3DrPxG6{0$jCTuaO-M4R&GxuPGR`k<*7A=w zFqFbWI??IM^;@W3sOT3uv61Osk7Xg>_PbXfn?}{F>Y|5a-oI}U(|WYIIiAAx8J4BT z*lZvgk4$!1`R5unQJ7J6PKBe-+#GoEUfwzOsiM6Yk5RY?&4r@&=R>x^5uM>gWnY>h z#>5nde5&c1e|(pJJ17nQ`b{`OqN0&pzSK3-0stj*Nr*3A_&&*(YBJNkH#i-dC5P+- zL)4weW&}IuA5M?+Llj1^inm(4NYCy;S<2J^D&1OZKz_J9xww9Ks1F74iyv8T;lDe) z{AtY=WSyl*ivrh|Csz*y_|duHho)4nXmHGA>a%6^_~GLHhx5j~amO|u1-#ESRce$K z>5pLaK8Y6>gzz^wMr^@2nt`g(@P_P+B%(@ra4v_}7bl0u*YD5X{?GNr`}YN=3i?4U zqVmL1-fReC^uzgwaua7CPmfOzuRoq%o__!KsNAY~ft}Z?l2C`rq<^m92ne{;<)5FX#Rj$D+Uq5B%dS zMb8yQzhs!A2m~mZV@i^l&}nl>F&xDvnm)#i12P6Pm@-oXK*v*SQXO>srfSHU@8Ok; zJIK#qYT!CxulKC5b8Qd2?Kv$(PJISR`Tj$2pnM2icht+P)m^kC`#@cuO~AQtNJmXyo0INg!{Ix6}QathE^=7yz|smQDwQ~K^9dfLpa5=B?m+* z!_#s=>PmxmBuiX)dVaef?Md;xp}OH*fjT84RE@h$(Axb=3xIcsP7sr>nJb#1v%^bp zd35;p1WZtZDC8&t!X&`Sn5eFbk~X8cx!FP{LTLfz=GPJ^|9J3P-y0z}59K`)C7Z*~ zsp8%s;Q)FKR8|(}RT&jo(YtfQ4%5p*DZQR-aw`AXSG??5>Hkehbl(t=75?Ae&R(w= z|J{GS|KVvK<^OG6O%X^*q};ifW0EZK|8`nU9l$AxY7YZh|Ex+DDkpaFU7mkqndhjS zxLPMNgLlo$=B~v3Q=8JK?Vpf$jxM@)6Zj!?K9sY{Gmj+_l^3)MRHX}VT^d!jM=_C* zW5}4ntMqbRhZ+l~D9U0)Z4Pwz#k$a@gz+;K8ZJsWKbw0-MI~c=n!g+1;TV5W!g8me z{o(B~ctw13s-`av9G&Fr4W^9$jQR9ORkC0$)l{fVf8j)!M2SA_)gh@my;c4qr-#Z1 zSMil0NW-a8#`bOHhC;b5Ne%s@8Sggo3|FHr%Q`O}r9qb(0GMBQZOZvmi5VR<{1zwr zKwrKRD1L6>(w52XS%6H6!xySvxaFsCSm6a{q`4_IHQ^2C`~ zfm3#xFb?C`^R{uscn8}L?kD{=M^9(G(S~XH^TBK7ohf^i1d^Y(z{?x75T!P5(1I;# z=U0#=_!saiV1#mca3<|ngEb8(2{eb zfjD{V`6M5{zc*s+K=Kq!S7wROXM&esDkOw{`qc{(MLNCj5{$u zJm3HDB#+!oIG3p)t;5e8Z}1#`&D?!*+r>GYqmoP-t=X>G(yF?OL0EFe&E_8#sZMLD z^I0xYrn01`M@xkjjMre6F@C7krFy4ox7XcNRfjLoXHmOLQ4%34X=@?@6mUyjlY*03 zXQb||?8Qr)va?7aKd@GMvGh(`apmOZ1l}kGOy(b*Z5;o&!uyP>gD(t3MA|bfOC@nc zi;?cpm{2DraR+SJ65!8l%lQP<2?uqosIqyK2jFTm!=}-#PH^nxMK*NulLdeA^BUKs zG_K8NT$9MSm}1!9*Yr{t%Mr3r>imsWl^xKYQY)ypy1z^Ff3^Hq9-GI@|I^>?4+q8g z|6YIaEdQV4S(^V-NGd-AsCY9YS;Ef|one^{pMigpk;(yz8K7Cx8lf?v=6IZT^eE?J zQ$1q5g!Y!1iHzcNqEVK_`q@gtyg!G0s&?q@W_CfeYCR%*<+Xq)!;GUOME;pJ8S)~F zTluShGUU-^*#XTB_2yT=$)%LO!g^IuO2-@>9aiX)f~s+^KMm%n2TfYi7 z>xff%Jc6Q>Fw6-RON@j1ava*r6e>2RY}D!j=+$oT*Te!itIl;?^(NH1=nldgv`4sWI;W2mn8M{iG$e){qKhs%@e^V72*?n;2Xp=ui7 zWYPd#Mq*lrXmI)d?S&kq;I2pt@M{c_Z1Cv)MJe9e861hR_|FlcQho+y5GQAc-@iS% zKKyX?CxfU>HD(=AWtMA4l_PQ3CE$-<<%`59=|(1yZ&%_a&dO}ZV4+{&_Xk4 zpJpw%`%d;+YKsp`M4@-$uML9k2q#@OHFyT?(ERzUhAc~rAe(}}{q4Jx_iw(_?@>4< zAUMo8nL$CoI9`B|P>Mn>RDYTq4V_LW@Lk4gzsqr3i&FD6(Sen3aGXymedk9-VSO?l zGg&ZLS&~B>%Md^3o|bj`A+5!En&=QwFcxU$eZymrjM?CGM6V}^k6{>t|M-v6t6#x{ zq7<}$nS@iy}6tZz~Rx`;IG0aP3*`j4DDwIBE(V1QM3hAR(jFKHPa1n zBF(C5`UAgg8-l}wgWci&!Nt%24Z8C*>6%dhzy7KlzC>J7B4dd9=GvebZ--GrA5XkKg_g5iDZWBb=6sJ|4mf!`j$^W~3 zfL@OAvYim)JlO&-r|C?(Pznb0T{-*97YVYX)-a_rHU70)m(RdN2V0_=o6(^0=!N+tJ%oY4W}< z6*k!D(r-^cp1dBzn4!PAM{w;iL1r6ghK^~(*%wgiCV86p`6Z3cG0wnJZ4 zNvtr#7#H3HF+&WFa(PiMkmfype^F7uE^pMcY5&G!@OKcrGzbUa^=lBEzd!pS0RIre zsr>Qn`@`eYvmd~PKo?*pFD^Cr`b3aJp;~YPW@tv}A^`s=s4Af7$!Uh1cWNT$O_e^W z<}T#-NQi!v$X0QJc^;!6jAF(im7>&7T(ZG7Jz?!>nZ^htgzM22t#>*da49%gG$-_b zzbDolUOPbZc)w>~jqx4$y?&)^`0-Yl2wLEPcAHa-*y}!Mw^@oKL_zTKOJOnnHTbK` zwyL8?qM;u}Lt@cIEHgV@-4?whN#xrNwZggrE(}AI%25hQk_c;xBrIr1imFw(W##%6 zt>WJWVr8aO1Pn78gLYePY_;3cRu5i&saU{%4G#Pdj*v4Slt4V#f3?5U6$p3D2f1MX z8g!*B?FxE&gJ8&YNn#3?b6oW>6bHf|3YY84z5ce5&*#k-FNcPBPTs$1)ttR6y7ZUZ z{Oy{H3IVV-+(D(C@AIns%(9XHQNPFmlu9hyK>h~T{)SrfG*NArY2~fvik*6nz4wnj7b7wGQnZ<-CA{G+3vfh6we@C zm}K`l*tr<&QxyOj<54H$I5vek8kD{1#D#yZBYy(#{;Xo_ZZMKlPX}Q8g>?*3Gt6XM zoW*ZLos)L%1Fp`9xwMBWO9l&ycx`T026eoYl$RG83o^)9l(sqjs8yjXa;8J2#NXZ) zw;FeMb6XWEMP7-oLE!AW_PkhW+Y0#lRWg&e|Eghz8RKMD%>1jq$vf13HJiMpAkJbu zOhH8!$J`rfH^{4qlGJy80b4{~Tb`E+4nJJI4@!mIUdWMn?X{i<`Bb%1$b`HM;!jW97geeD>Hx5C zii9;n(eOA_8J@5NG*nr=9kxmWgE2CfODH*{2kThWgN0ho&saj}6aPo=~77{zd5k0m-BBm_vOq7Ya)W zsAqKMKAD5pd3<_TN<-PwX7NA)`UM2W85HCfdIae_40Jyzx_t3_*&C$58S{K2K`w}(9c-##Pv3HIH}wVDW7~y87Dn*7n!eruu&e6)^^&7*ON3r7v5U&y z1+8?x`rvuB=AlU-*5q=VmnD0{@4#owI8G)~%=>~>Ucr3}7Yw8njpg<>@QdTIJz>KT zH`y9Xn7&@t}x}6O8$qzQ9d#SFH zG+@dOJEwmeg=@1K4oq#6o8<(?N%6pG$#e8TI2DZ4y5@^y9uulO%*$|ES)5iChL(KJ23{Vd!_03;}qzBKI!AKF+1_TISd z8#Xqc<3!(X@>lJmmah4!pw=kBo02=ZxGI%{>+zbs3jMksLyG@{Ug0%1@BLOH$tzdk z;n$Kx-Kw0_IUM`#CNZKUDeoaZs(GT_-l44ukCX2mYU9pd>&-b`p2<94)=C9--xu+_ zfGX2w79Cyta#3r@3jkKkBHy+0%TrJ?-fBCYUlQhj^VM1$@hgxkj}-XO@K*fauXnZ8 z)#38`5hCY166EcapQ=ogMque!=TQvok5grF*4~zz*!B0?4ODeENSA2W%Ok0B5N*AXp}VItx-=aB2W777I>`@Td=z6{(+d3C=R05j8(+N6U3W>BRh zzj)X?1fRfsG76BNvq;}z!;0Sp-;iB zdvJrJ;1uvBdayB|Nq&9*I@yRlT85=+4S+`t{cX3B6(|^Xg*2*rG;} zufO(@-*7$!s*x|&ZA}}x4%K$-E|FZDmUcK=o&uw=c61F^x7j3NsR?UC*I9KFHjPzH z*tA!*Ind3>@?zo}qWJq#@(S>*7+wbMFkfUf;0BcV9vjAqdMD9Wq?D#zah zn3kca0-}kOX&voo)Zl3N8UicP*j{rl4^3sI%HG!NSoV$;*s5A;PBf+nv9ZXbZhsC{ zrCMM)^*m?7v{iGDiT^j$q>Wa&4lU=uN>htSnzp0z|4P$vO#<|lxDNH`R2#aiMml3> zj8Z#KtA%TW*&ZC%X*Edfr}XDgI7*q(QeFf1GfEU!pWQ^SB7%Q-1Of!`DiXw}2PA^~ zy1$R%&l_Y>1_h*iJ{2ObK`C6LDKO3Cc-C$~cEG{){D;TGjg%6e z2Aj4cGE2wq9bsXUJo`LYemnBH8T9NC*p)(;&8YgVmHHN?iT%e@tUR3kH*!t?zdQBz z_dg${e17(yNa%AH`;UXDw*Sicf*#%eQ&V)_$^KIS{Z{rLC*hv#KLKo~{bwNEWwKS! zsKIGv|Ji7KIQy@vw>#`VYscYgd9{?W6c0_H)BoA zMoVK&9g7Y)8XIeO#A7qo8q9D zDDJfX1OZK8RTeK7WJ0>@>n^8T$QLicKKe zEMH^LtC!0C4Oj!?vH+&`tfPrp1uRxU0f*Gx+#k;dTr)P`@`>%Rq z>3*C8`a7Bx2E1Njhml=|*2S!@Kv`!l@340nG*u3%t!Ld&B+)gA9>xC&J%Z>DH*YE_|mX>TM~sBzkNU5jf1ty+y! zXscA@%1DbQ9W*&JT>yo}-^5b&xbmCT1=4CaiSZ_PckPA3;De{>E=r$w3S>r0JLQFM zrbgo4fZkMfsl>3C@sC(4<^Lwb;qgy!v0x7>-0}6N-SHn&XJWqpG@S19|2#@z`QLBx z`jn^j!y%&V=&Lmy7Jr3KdCt!RrY5{W*(Qkq1Swf$AR+-e<4a`Ag*whKi4K1GrAk05 zi-|U*9AlB?&nDfVZ4dOm`TqM}@dnbf5T_aFeSP+(NB{eeo_GbRMv<@}p{;mg)dU64 zHwliGSN;kGn-E9Ki)BRepI>}L{)XiZKLDUFvazDbM>50S8fO0L#m6{7{L$vqJpX1N z+#r#}{052K=CY8ODpVvn1sCf3sJy4ArI%EA&fEe2tV5!BSe|svl-8Ro2?ReNyj*3c zz||P3F`Fxx1b3ZH3gf|NlOv(6WQx7!lSv_5vG>hLa*Yz1GqL}Bn$em$yxa8UGe`G+ zkBViwZ60bK)rTQOI(?Cyl%Z9#em3SK0|lm%Oi`wk7%l%aHh$#LH3lxNs2#<+y8@(C@G zg8c?tHD*egoEWtV!?pxDBQXida{D*R zgY^NS)&<4UQpDZsw$udPZ?-K9iTHTivc2r>S8u<2-FzqNnryuD?!NCTc3sCk*LcSn zD9gL8EKT04ObVKH`KlTzsP$5e>O`r(wddi=e#-9u9}$UDovJjeVUGUa)0F+0lX z0&9x`^|>BaMT&D!WM*E$^lxaJgDTpVvFb=mH5H4uVj>GTH4~{+ddPVcTj4qJZ%_g* z*sQ)mOPprORvab)CVIiM0L2ONVTOWJut^ap%~OJ+040~3FyswWfTJ`+FgUDV5OLAM z*k!q(v~D!_$o_43SZqUCiT~YjPilnS<4_{11;C6>rtqo2;s7(PAFR?K-}{iM3Vowt zsvzn9Bz%3Tk^e&VesKBkj7O&be=>5Nz5IWS(n9|KEjJB7n!zZbHZ@-(bxT~VBH2R8 zopostC^cS3C>rT!5U(Wvg?~w}I|B4J|3Mp9#dCV375DNhCXRzv?f)4R~ zKo`$It{DMBHMO6LD4Yvk1*OJ&Z;Jbb5_1HeO8lw@DtugKHj@a3%=$!} z#*Ad*CX{Z%Ohnx@puLRKpq_H8XF`Y08}{T79u~cm6JzvF5cHMkOXHr%m$pTFwOs-8 z25r-dE_?zDoTOO=a2>#7=`;J%t~B8P$sGE3(gJt#e`jRIe~gFw{Ev@P$~G8hEp*Za z!>`qsB*SNmq=wtm@4GoY!>X`(_P5F78LFlXp5uKW<}S(Ak=1c^)bU)O{G1cM z=jH!>r2+p>QF4oY^nm)m>Hi-(!|`;_{~x2+_`jI+HX=Z-lNu>-#jETV1QNX>3*=9x zIFM+YN`#z-2NDVj=_QnPqCvJ(rGqh~zny@{d$5-gf2`7+|DX9j*+f|fF|dpO4@>#~ z+=;XI|2#_B!T-gicMtJNZAOiE{m0nT0ATGeuUbF^lJjTQhbZ*5`m{A&PWZ zhiZJ^0^$%nlVK*W3E&jN1OZ7P9b&2Z|Fid}^q;-|=>a)##+%~uneR5jMUI)?;W|OW zTBzcK4d`z!G&tdVQE|_uj{j#Qfy+DiePr3i|3~KgzwTt>?EOEFQrgFVs-ap}e2IYb z5T>@UE4hq(TBnG$5~(9lZ&MYIs8M~!OuFlV1z3Bhro2wdRpeeRLr9B{`^YmD~0seTt zf=PBRE(DlOO$u9}YcQZ%xVjjCCS)og9;(kqgwcPcw5Z|#SsV&Q>y8p&2mf~_uF3zW z?qs;<|Bq2x@&715NeUp3xdqt@X22&=260qG-wqDmrf`W)Ez+P^R6OXl5D4t&YEi&` zY7ein{ zhLf88{{bcuj+S?i0N$nlIisPe|4sMrzdTN9vHySI>jA(y*<|9pI*PX{^{$B z*Ux{tdhzDn#rca}f!{*oQWuTp>s{cFC^(1lS->t6vO8AASAUacWNrP-fLp%?Tgv== z>vxIzc|zhk+?MYWx#e?#y}E*$h7$Rk1ZP`mmufo<27#r=Uv&VGrwC|6LO?rU>3BmT zbPzTw@*%f%Ut14fHE!1epV3!+5!7O=>|*|GSAuUZh1Y!nwY-)h4U`ekWbxdKi;bsW z0ddfwc8j@?WSv0TS0&~F!eG>UF(|NDPSqv&Q7?PWrK-lj( zZ!meFI$2LkKUU-qt>Gx3NB3K=fYZ0`_NS$8w8R91pqE1_;rRoq#kKmM;@-W&>p1Lq z7PQO$ciqzaFYaWo|2;}!oaQVH$p?^PFYBLQ{J2hbIs(gN(dj=E|G`Y@F>Zrdc`Fj}5%XjC!N=A@p7m9EFGWWH@ z`}T4NxD`pWOPH;CI-x1bE>W_^JiR2}M;1VO)!weQC0$2SP>ZA>(^|is6#N5n#s8jC z&;JvAi$k0Oc=cNSkBK2X&Bw-2G z=gKQ<_rI`E@1pyC(P00NCMEyhaJoPLd6ZJC|K*p!?oaoVA)&kUzLIlfht78;;MHnq zuLumjh9Qi6l-M-C|1u4ye*bUcI7Dj{WiWi1kWJj}6kx~x9}dm;ABL_s9qsr3V-&vs z3JVdPE05EQm>(S>Co*<+qY%BDSwkx$LtUsC4CfSD4{x&(gT4GN0mKLJD_MV zF$t~=#iwFasyp^oS15+lQ7nZ7{k&nFTIN$x0i;$dGT<| zp|nORE-yIHtJ?Ak9sBV7&!yDL|N9C5+#Ubvx#jq;z5V|vg)x}#P_jfUu0JF`4Ec+V zd1lop;LkX+l_I_gRiRb`xRt5eaAq;{1xW4okAVCxKm804iqA>Bt!+gGaYd77WQ~>7 z#=K=ukEnmTro9h}*6U50u@U+H7A2hD8dRz1G*GI|@lGbH&#BQc9ok~#AD1Q8?|(nL ztL^_q6aU}P-2cyzKxMjR$mrX(57@IOHn@?3##$D^w$}9R}3k8Sty%%5{*^rdL{1TufzP z16WT?9o8D_s%Qjy3N%fx&@sZ{R&VxG;d zFY>Cl-t{a|dfk5KfLm_$u%NSkmn+cQZSWAzYxg&&z=F!Yt3gkuy06^DA)L3`#CIqS z_P@wF-BI{Ax&LL}{~vnZXrKSfbzG7JV2%_w}^cu>={P^`gjDM;tZ{; zQoYOSEX{j{)_IN>`Qd4q$PzzM@lhC6%7Vc~EKo~)L}eokM7ECkV?_p{62ZC_!P?od zR?$bt%c>eEC=QDuSLyuy+c5jmy)@_l9hJW(_TR+J|2rIx_xZmbrIh)hbasWFN#xk@f+M>qiL*-ppl|oIC)L4AI!YJ5#g}PV(HeJbW+*2*~ ze}|pV%g+7pd8PP&Z-4&tD5YZmn>)Ylo;Qs=94+g2W<4KZ^k}Cnk$493S)Lh);_Uy4 zWtZaM)GPn_)h~maFfhOVs;0AJKYdm4{TKbs>0qM=Z>O5>zrMMTc5 z+2jQs4aNrhU%7(O%?8|M|CQc<8IFeT-u`=(qU?YBJacwX{k_ATpE?)t4xV7U4rJ30 zs%hS>C^T^**T8PAHkjsNiTWxVv4#M}Q`+(WZZ_a<|DVbKy?y?V zM=I6)-?RZspE_{;PPX73`29WEgw+u5ZWk(WD{RARtgY-r9l@TT?@Lu_$^Sd~0Cw^J za{m9J5rWMc3}CYD!X?8QrgfU(2Sn>N=<5D1TFK)olNF zKl}ZnQT`8e|GVCFZ~s3^(f5DJ?w3Ec*!7lBzZ}&4#`x)A8*cQbQGGh_hC#YjrZ_|S zS!yMX_J5My;qj&{~x7j`(Mnn-1|xW{XT8qCt2&W9Q{G(U5-79VYlr# z6nKWTngCYxtBh%=qiSwZ4jWik!(Hapu#J6{4}fA}4IB9$jr6e`RLSF*!?$}GSsjD3 zu{ZDPeT#cXt- zc=wk-dD&_IkIno48=f^4RWvA~TjsS|XWE&G4@pqqS|30+Cgu{{3jS1P3q-RXK9}C3uM8-s;$9Bw7t-vNWQ z?|<5n`{4jP_W#K7MrQsW$KA(&KT2Wy{|fme3g{MBm;l{f^3`v?C``Vx~Fp(KLgMUXzPUw~W1j@5PxT_o zyMmxkBC7T!=;sYiSiZOFTtzSlNR$p}Yu>m@{j8vswNsi2-cTrf{VF2gUA}HY93Ace zr;LuCN$PDJ@w6xXCKTSrQ8Uuwgsd}&!w!Qdo3znMNyG;N=>|yH|M(KSU@Q*_8rq{vTD))+jm-Vk;n-FL}D37)0WDa33& zCCpfXzE3t$4Mkc8vD|52HETTgPq{A71{9z;B-=HjxHMa@f=0D&i7wtQ&q!X26QVVV zQq%-xQS~ku(+p;4u?ZQVok+FXwP-a+3(63lNt63E-G5Xc!vQeqdG@FDuxF$8(6p(w z8_WGBizt~x-?nt>+O1;PrCDxZw{MzXPkHxD0Q~T(i8~{7?{~GfM2Sh7Q4#lZ2x6F~ zA4n3U+-gBVNgc0LxwvZwvlC_sYk;GFBR?ZaJ@NzvIK4Yw2Bsm(HB2xJ=66Rb05wHR zq9wT(v>Z@Fw0?;Fn-$rl=!bMp+|hJe^8fAS z|Kk*P{!8ba`SICn1R3F{v~pwA2LWkjuxZc@N6Rp@3dv$Dc zbF`%!GK~>iu2Xhte}@j}C;iPwt%wn8j7m=`(iBxy`k}UMZR7L1IMr!hO8h@2L3;dC z?t8iq39!@tGv9x6C*Ej({`)9}o&Q{~aGJYzS=bLX=2B+M&BG01e!cwk=Q&#&S18NR zMza;n089|@69h999DKmp3P%-Z$hGIbx^J}K?;pSzzoR^hM5h48ae92~9^Bw4I4y`c zSfdOEFoUND07P(&PAz+!eoF_7O&HRDY5sZ^?evTX+B~zzgMZ3j$fEM`5In2mBqI9z zDfk2y30eOguERs&*5uz#8OkgU*<1DWI~agN)my;Wf_K{8n_nsxAkdqL3*vr_8myhMB+O zVg0A|zHmNY1KIqQm|E3mI^h`P-Vqp-6-kRa8ub{fMtDF6L&tieJKx!|uv}NlD}vqg zV1QL(+VZul0qZtoCnilM`LC2z3GFE_(Jt3g4b{pjib+s0!wSgXnql8_vC04Zxa%Gi zfF1JRn@lIB{2!0^@4q}s=_3F0wQ=tXfPNsmLj%Yw?^S@k3a~>3NKhPNAEx$}{JR={ zoh2|s%PoIUjE`gQ4dN@j@&r3?p$3_-7b7F2z$<_pmcEcM#L@C?9PrP|X}JA_J#Ws= z*Xb@*b|^n?&ruv!EGzkq3rPxujnY%SI~B589Y2+DBgjCE0s6VFr_V?N2I+={x^E(Q z3vmeNVG$6ZAvmqjACyJ~{x$sgw)mY-evPW2L*&$`u&(GY4WLxq2q;E-uZ-@M(a%R2 zwdj9J7|`7nz+LgbW7j31YR%2ZJ#IWS7wps1!u ziQXFogC7!{q3>B*K0d-fZ-{CXQeK*pP2%ea67=&1rJ42{HBLzamugoS_7wj|!#kVJ zUScagOGq>aJ@7-wo>Sma4|-lfHVwUHNair?fv2VT^xwU2xTOD!Kymi$C%<;`(C`1d z!=V}fGj&G$`+tv8nEuZ%-PEmsri=IVAp_a)%fzwrRsaUluHE#N@jFa zU)K`ckv2GDPi1nzDvKpp7e;7{s`z&_;zl!1G-2ZUhkypC^G1|ZX{wU=^ z`9Hf;cfXu}6+@NhuSkObL!u0Zmn1mbWQ1LiOH2ts*RqB8uVScheG0w{zo+f$IDL+# zF^@0kdLZu3CZ|Btn4|M{dtUy>D0coY17ROL{$uD(O7Z{u_>V^_jKit?|3bV)Sj+wE zZUmIBH`fUP@H-F008t4w=Ku1kMB96@1<#l3*TVP3XNC7mI92>#xx`p`xXqZn22x}6 z!b8hAccsH0&j*_fhk5k5NW9VmPY)04q=ep!osy#8O;qGlspD%bGK%&LsQIdf}@C-baOM^RZ2KeJSUA5x=Vv+Js83Ro$Yxx8Jbld;aZ4dOa zkPiTNpY=;1lr^_Y)K}pwp=4O=Anv5dh-@g$b}`&l3#X3q-KHZ-vTsQkprohZsT?+2 zk^>4NPfqf*bG*e~C#fxV`7bg>T(V3NchUlO*?*pE#(z$yqrLoplv1+)v}wNw8_-BN zQl|`PRhudVI=zZopnouw1ATE@R0OS(qA2K)yO@i5PwNcF3K|-lkX7_QkTI#D>Q$m{ ztSuNTW^ZafWU=%A_||_U|KD&}_Ww=x@n4TpO8oy)9)D)w9XoRd?9llhBmv6=SIz(9 zTYo3Nmqxul>?2My94%S@P41;W zud0X!N?gB^k(cT>X5(c{CKKl-K((RQhKuV*-zB__IXE9$EwxyG&%{5=V(0(K9Nv=v z*vrWrCUkvdk_M}C?@vn-A6F|BMIk61tTvIB##>R|B;{(YmW5Vw? z+kbG0RmcB%mahjt|96Mx`=9P)ypR8VoKnI6`2%D3Apk^b^g07TRBFK~Ie8WDh?aOI zU%ysn$v$h`vUrcQExVL$cbWwn+HRJC>{wIdK=0{;@mw+4I=U8ISGNDJV7s49*~$OK zYaDkG13S-uC#CnFU3Y)}`zWQv|HZVQ@oB$5F_6FN(m)zWN}K-RFOOl=1{z!Yo5clv4i0R{;31LJ^p6a2Vid31aBqz$Hot2TuUY z6q0UY{)BwGLSYD&A(`_l@Hko?fdqvx!?y^;Fk30V!zeg-0wT0zcgn%DI6({i5e3{W z^go9K@O>0+0f|^kN)m`s0zw?2!NK79)lXL$NzlO)aL)6IygR=F0Z!6`!4hZ3?7y7+ zgTeei$uaw{{9&~`rvH(Drnk{?0cZ~Wn@tQBI7I2emxJ^}eDLL94sQ;=9Asx^B`G55bWcK7@LG0GEgzM{%hNS1$@Cx1OSIQR>{$@Eo^FOB|e z;11kT@2`J3hJQVH^5hBlQTy<(XR9oW)6?VQCC*lxIhE4KS+YS)LrjlZ&K;kuW0;_0 zwWT*03^YiG;Mvd_4*QPRA5IPrC@xAJ-LVH>itHjFApQ+X0DlN11QCh)Yxr-Hi0a?q zkF;`@Y$-ci;E$je;DGrn7dQ$4`WPcWLjmaZdjLlP_F+a6@a)GY!{Kz?s4qB8Hz+-( z^$!mZYy;-m2F&X`U_)cTJaxcE?FY<4`OrrBuruYZLHV$faxr&jK_Fk!xmd#`)0;(Z z{w-XGVy>DIQ_R({X0BXYkKN8ac8ngobv@3uF#$Nr-w#SqOhh-EQBZW#t?8y?>!#DS zn=_-A&Ye~y@A7!ouFK=u;bHgHKC_HTGa@R6%(JTD2xq+a!%4f| z4=45sKe6=fq-)~+wB#1RkALYOE&5~hrPMV2A ziOo524h^23pf$Ng;5|v+b2FMqqZTI14Nu8T`!#8~cqcWB*QT*`SJ?D)+9mT^6ka*9>~`&w2N~c3O?&&FtN`>2V#^ILDlBr?&g^%{pe@=@@4IO3ZqnLM15z0Z!pOMENkK zE0~}F;8+YpGyYNxgJ&BC$1)5~w_!LLxKo{HJNh_y#y*jOJv zNfP8|bWw2j09GW;OxD5rJ!z(J<^7(FYWiKpA^3-m{hpNO+EM#GD)GvY_&1fErF(&= z%4VNAFQsN6RZSp{kXQ$kRwfRuZyk?`Z5>QHuY-xP4kr3K7@Fg8mZo%TU;hKZ{D_pf zc6evKmXq(C3eH|)Eu9UZ*S z(^mQ~tzXk;ix3-k7Gh(Av5hq$=5!NcCzDo6FRfqGXAAQhcV=E=gL#cL=GD#4aZe_# zG+bK0sl&rP8MoXw8rcNTsI%Z18G>h| z2p+fZxvl#wK4fso1@FnQQ$yqDG2{ayyxlfb2{fBOfoY&w6sc zt0SI`C3~G&vS+YlPhrWfV)(RMj4h4dX^rvg*;umInI(G$OZGIDJZ#UBS)a%44BYA1 zZs2-0Htcm~!=Ay0J&g^!vu=GJwe0h#uFn=m>vd+dp2286jnQ`P^RS(8nGR>>$qG~B zzyb;1dy29QM@uC_d_fZVE7-)~?bX*HKtq#Fx z{h9@1;p$#zu0AYn5|yjFm0bPh+Y2^ddMY*6*>5L*J8!z7vFV2TrYntMoRAnL;g&A=O$^Y-EP;KPEc4)8(dm{8$FVP* zp>4AaJ8zbuu~~-tW*Hg`ARsw;eUIh(j{FT}g^l8MVVdbS6dDP#q<3$L;F;o1Cln(cqbakE`&{8$U_Tv-F=)qrCsRB7b!^J5 z(^bhtVt4?RJ>KJ0x(Zs6L&1o!>U5T>jv+)GO{#Wu7f#y6@6h@+eYQxD&aoS_!EkEySx68nKKjF1mEe>DlBx*s z2qY*Xw{#pB^bF5KbObO9K$kC3@{t&}WNbq#W20nOjs*SCc_cJhN+GEu(aivvxGe>k zYZYLWKwFUc%90zf}>?(@*-v#0j? zq{0D{KLu*PGU^W=KMt_Hu{q1&zf$B$mC~~`N z+%kM;Y!Ba|#M{QBqoyz$3>{-UTy;FUX$s?Zw=!t`nm$)+3iLzQKD#rc&#I>2cJthi z-F6z`*tKeelt4?L8=lWq_4!2avpcKovslPdF=7Fk0bZ~$%?$iInEPOpgnv%iu9uh9 zaP)7c99g?lbq$GsxYJ#OsnMkqwM*8+h|+;Do4%H!e(cn+Y1gLGxt&!y*HGzPRi$%G zHk~C~uwij_5Tq#P=~Z&=cA1b(%qB2EF^U2d`CE`B5J%Py+4MEHv%cmU`kFhb?2vu( z=&X%S+HJbgN!_NiDNzkI->Oa;N|dWAQTFg6qm$EiZtKz1>b9O$-{R&U?z9!nUSpP#?s)V6d1j7I!k8;a6Rf~w)e z1OYuK#_hqEzz-3OHZjk+gxSXBNre1Og0n4%seuZ?9B1-w2JbJsij*aIxkQN!z?b(4 zZBx+hP7Zxj;P6N%eJ4ds0(57*A zRyYlTUZ|UH-?Msu?t{x(I%reQI_qYJYBp9nI5f{aVE6%UQxRbasU{8ANL*$US9r(* z_$bNxGV3>q1OXm{v5vfuHTSx&-cT@S)$1H9u++^tI`ovCXpZ`dTuksg*I=ZvA$?^lRMtoz_pE3`J+lR*gq5o|js|ClJu9W=EpfSf(4_IUXKT8~{5Z*{288Oq$td{|oUYalK8k2RCJ;u<~k`hrai&MDM9@1^UtG$lP|O4`WzUjN=krC|dfjwdXcwK%QRov;r(b6`=)l$B5QVS!e#aNT_%4uq@#ixX^ zPm#U|t>-8KF-fy!g3_NukPwoA7^dk5k_5IsR15OXNh*vS6=O}1H$8G2PTOfJ!>LtM zv8ANwoRPvvNHNv~c||UPD{dKY^NU3RibJxcrt^`eQwvp_9iE+&C_^84sLt@D9a9*d z)G&o=q2D=Gg^{UZtO@;!!C*J#f&gcjL@)#}#4t?}m;20xkS85lX=B63p`B0|o>=|1 zwj2|kQ%sD^ad0ZfLGD}}WeEv3zVMr%%XjB|`srWWZ!h(MQ3ryj^W($OlKa^&h}-T{ zcfL;T8L>>G9piBp1akU?+ky6zXT*F(VDL2zVdSF(oY8R+-EXG?4(*;&&lcF^bq;Lu zjKC&O4Qz7zPD6j;aMI2pI-FP?qMj|>$?F*I#9B^`PM)ZpYQBKW^2y^cLJuXy|Q)2lB*euV8&GOXPth%8#wv^X$J$ZHOsanhR?i!or7#$s{9W@iuZ&H+d zZmG0X&y~2g&I1b-?UzXpC6tgv;OhMB)eAmCEw9@S?bmI+>L)e$htA7jXpD}hj7~+& z|0RF$r~kqaahxI$!z2U4BLD*!v$F}7){)xo^bcP?tir~^ownO=?zAR`$!&R1;PQil zDi1xMtpH^rJuQhqn!yY$Her~e%sLy@3cuI!nGn{}HD+U|&W3pweNN&nz#o}|L@4ru z(m7~GfWN|Fz*Fj5{K%dycFOA*JH=X>8_%uojL^-fKw~q}|Hn61a#L~nR_YYhR{5-n zbWYid9iyaRiEmNFkCNP$$0)A-7{#+iQF$GssA$WXF+7esJX2$?|L;wjfjA+zI6&Y7 zOxX5fo%dI35`YE7{5TD6G7_U?jnkA#e>M{1b{360wpuivC4kH88o=cZ3z;1Qi?6Qz;;U!zgnC^)p+-6_Z=foS_Uk+Lq)`+w`0i7mi}|s9*Sklu+=%imXTk}8>p%pyNzE>hD|N% ztQ8qbk=Kk2n?BH89ni@bHY39-$-9za%JF7o*aT)rc{wyE#c4u@El*MBG(|?1qM<%1 zBP$uzlhQeHkdZfNs85QWjOt10p039n4W|hi)z6olbbY?$WMC!@(nrG^7Db@SM>1@o*> zc+F_B z@saLqL?>g|jErhY(>b+}ky*$oBuzaTHdc0*D_E|%N}S!aOex7#tCfG~Le12WdmNHN zifcahx`sChu&900S&^bFWtTho9c}U<-Tr|rvHItKOX1}^1+h&DI;?%%u1*CJk!u1}bO4+sP#`g6t(44!RKb_mEO17snd z)VFr2iW5vbD>YMHshOHeO{qt;eTXs?ZskK{n`o1wAnzUX-{(6HMeMOEt;T{RbUbW5 ztWuVyU6rM&uAoc}J*m_^(I*mGV$0PR*LXKXz2nqRa9r&lpIY>tX;*z`s_Q#bL*J>G zG=5NV8%Jj3j*Z?b#c0}9F`DX%(bQ0kEa^#ED+?K&JYclpNGD@lH*A9Uz$hXayDsz! zrx{=2?D`4+lW$|njpBs(C{0BkZShcBpx!~4wR??xW_yf$YS9^|U3JE(t}{*zow1>F zaMmt7V8){Z^sLM{s=X}DPvZGtwu{G@@o)@=?P47#fTiT{@Bz`67mpUBxprI@|Es)ROL6i9URqPU4u0w0NnMH!+5e zY!a$^YVU)v_HWPv^2>H#ilc3j9y5enD*ZDe1!kUXh;Or$Dh4SIkWV|o=c844$jtVT z)zo6+OuO1RQ{Bdy8a7UOFj>ZNDoCj&1X)<+CCpZNo)#`&7dS*L&>6viT^7%!GaHO{ zoM7x#=Eg`i(OLSML~jUTb5ZahGu$tSW}DDH|=WmO^nBIriR5= zWGhye=^K=0$;Quk(hIiO+1odiS1JLr#ZVPXIlxltwY$$Xvt8$!*k06`bbe81!rqrq zHvdF58s@meVFxEM1)K5VWJ&xm(XKo%W^EJtnPW&5DVVa(Yo&G z_KaiA*(v&%p)@N(moSg`owdt6GP5Nf5d>O$-F?DmW~VI^u4f3?#NsA744HdDi{}#0 zq_7+?(9bq747YTV@Rz}6?JoSy*nPh*_T_g`_)0o{^WyCJcP|F(;3050j^j*5BldsC zam@d_V{iC{JM!F-Hylq#?iY?bbcW6szf8JF3)-${7_F2pqnDhv+} zzS%@P4lu;?1SVUi$y_HJbS@(3c2&5-?3xV-33CWhC8+qyUv;PASNy#oOcQ}1#cLeG z1jI1QP!b)1Y=zSt#|M~#`38qfG$)8%>R3Y@WhjCaolnvX%u)6Mp@{2U96a+@QPoTc z{Vdr6=&vxkr6ev13@MHL;ri!q{yw0*6TIOMN>OH+9vu8_Ge=2;GL)Wz_kaD$We-31 zo%gKjb47X_9DD+AP)t&skz@-#0T!(H3A{rIwFbbagHL^>eA50$|HU9)TNJLrD={qmcId$mXK!9#yncBKuD`vw0_WeJy}1S#SK#&c*WkMsXRoip z_4nZG7vSRc)%Dq{S1+D}=NE5YoL|5CJHvRz@53G(^uZ;&qX+yI@^6?S@Z--L?BDe1 z7RkVJg9DTnqM+da1ClI{*D%_^@c92>Ev{&bKMkFitj)3G_RoR7 z6HskLS%f|u`zu0Hba>G3_Ycm(5WK<5RhClK5+%1N0DW++FL4nh{5z3=g8#2jxb6$r z!MzKCTK?}kBX>MC_`m15qdotBj6!)Bk29v6rT>mCfrA5OJ>wL_30}hlhg-&k1ImP% zLb+w@{`J|Fh)1T}eQ@wC`G9Uwas)mgaeJ26g<&Z8e+tqJMgdF$j+J8?fQyK;{rsgb z3IVT~J*GbXB}1e6f(1BY9D$!bNT$eGCfn1r2h4{*-xhL-HekeLB#$gkVT6h-3CvSU zme}V~L5|EP@Ha%c`}H=a++B_y{TKJ5tGvF<;g z-h)rz3S}UF+7w*lHTn;U5QVImuEpD@;FECGQXs$l${?^;Qnvs`+e&LU1uK-W`+wBf zr5}?mz!_Sn1MmX+t7;QDU6DvT0_zKCoG9i}@qLu0V1YwKS8~>Xz;8&x-IzF9kfU7eX5dG< zIs@VhVM}Ej@za4~sxzrYHc6i`ZXvpaRVXO$ivc@+q7ZyoJt_nCbl@it;*>3*AA9{i z++?fXQ7itWuNM#@?HnvA_gaAyIY`GT$#?m?BE~3*ndCL{WJPi=~Yt@w8xI zMR8lT&scJREkMyNPDsSK)GbUf#hHp12n%#<&so90;uDb10~>g%b`$``lqPl$9$TEe^2SARJJ5b<%2JDb)_Zu?y~2RLiy67WVzKHSmMmKzrT+;C*g8{ zs{DMvK=2Z0ASv|b`IaS95Q)Jcl|9Ute0B9L-8FX11AgV7b7zI2GH&_?eqazJw1$wr zhAEniD&X-CeH77_feCs5epsOh%t^LVCJypfYmeACCxReK2v3d{C&)+CmOvKPrIU8W z&veVAz4(Yzwq3-jub6oHi#Y<<(ozEGW6X~EFtf1ch;PIw%Xt<8?{V-`lEU{j%yodH zWrEVQ!Cr(B5S0~Qxye^;XvFpP3N%!aSFz-&0^1|`K$06AEuZ5=ALQenDqJZ{Q4=uc z#^NKyo+L4fP#|t9sSGV+n$^VuL?q+4w)m=mam*V_4M*(fHQ7X23|DfOGQ&yX1Ux$7 zJ6cQaO@y*^MM!B=b`W|ws6ygp3E9wv&3+aS`R1uzaJFLG_mTt+rC|l#t$2D);Vy=* zK<~!Rb4(^LS0UdMC(m)UnKC9pPYPJv&)<`n4N)?ALsTyrYqds=fju9j;qZ`X3o4cMYE z>85KfhS@6R3uMVIcv3W+*;xSH;0lpQLA`zRiUNAYY7|Xx$$#L<25RYGx!^T$@J2~eXi8SHq5_os{dSLI)AU}rJ1-C{# zCE|w__E&6?$+bmWN)vZ320`@Q5f@(O-({N+`R}*j{0ec=X{R_&y5d zlVCDW9l$9-5!ozPCLw0DNG)@ua!VptTtu?RC0IJDth8lh*kMVD0eA;P9LSZ< zY%1C42*?>Bi4t?okS-QD!r8WB7d%G`98v2`R`E%cvIo&JkZhPU=f@utwD?zXaB!3F z!2u?WLm&Gj@==_n$Em+U!6wAfvX5@LTkV*dv&*O-lb|1w03AP(xcV>(`Y_6HU;ZMP zbQt3ZU9hESSzWwJ?cyqc4B|}~UXl>|hHZSYculfPZt9iB{EVaEJAy(0u>fH}Pt;Q{ z1^RO3Cv=3=(-qdN9+e3`gG(LmEz6ZO{NHp1hvUiVaE1bJbmBk+k!o}poU7%nb zj28aT9gp1!oG)B|;M4=2HiKl6wFbbR8~Q^T-RimG(X?{86(P%*}gH(Ep5 znbLqOb_D~n$w=zMkoP2?*uTgn{8!5Af&f79ElKcyXxosQP~c276mSYNwRVxHZXo+Y zF@SYjEUI~1y<$u>Emn;JyaD1WWaTw98Vm=HTtX*9Gz?ChAsWx-!^vzsa%Pk9a0a1s zf=;|Sng>J283k}M87&Z+!TH3Wxh@(l#`K?~lLl1DbtEm3+NC5aJxdRFET|%q(6R*1 zr50Lb-d8*>OrfPRbU>G#;_R0-g)Yk_>wH`2yvmWm4cg|%_d*!`nS=PVplP7fD%7Vz z5u09hd~v3HrS@Z>csJ!60+nC`n86BoMJrZ;1@1-@eezCo+TsznPZ!%Immp5f?18gJcX9PWlEK`iE+c7p08pTK*U;&{DbiHOMp1SrMS z%8W^nmK)#V6qD#%oKjBv3a^=qUI6l#Yn;QsVi$yXZLs3iLCEVHFbRuKdCP(+2Qf@C z%w>tfUn3mKflxXL-l$E1(zFgkx=EJE2E7ViURuOp&b zWQLYo8(e+qf=#?kV1Pj0>>HAR=Q-~5i0a-rkj4nreBa0i$es!5aL8P18kOAJa3v<; z3RMF7K6;Kql%aC-0`vepXG@fV0C*WOTXlug(w?hO>+@dpESs2>e2EGcDY%*$8N{jL3 z+Y7p_^(Y8R4v(nSnZu9&(&Vv{aG2Gr63TA{U1FMHq_P!?9EsHVne3hZ$UpW@dn{XP@2JNX zU+=W%_I~}>Q7=U>@mDC#=S3bDg6FTVMlkceM-QQRjf$~LiBy+M>#XuM*tK9><883DcXaFb>z`35Ix)&qFK{5h}l!w z6r3G`>wlbrx7X+3>qBsPc6If`^HcEWUw#3DH{$657LWPsuYU&TMFmz+bo)(0*5WS! z1_L=4?Dvv*mmja=u%aLGD+?GB?W^m2%uo`+@FL1kvVcA++m~-sBqE})xRVUCjD_Z~ z0|pjJ!S_9uKn603lkV*gFhQq)g+k4@F;8}WbCTwZK+=)GvnunJnWFRqE*OtgMTrq z=3Cw@YPBW^VFZY*B74AJ#?6mk1?dbj-O4Oux@G>Z8HMiTiE3L9A(KJD(31e49N%S3}!xa^pSERoE6Pv=n#d4 z>%1ERX0_`A*EuY-mTH~6q3L|kT1dYD`|C=+5U8n7>=VrV z^Xwsix=Q(r!l~N2f&ec2zQG?+@Es0<5K-=)R+z@QT0o?p4x^kugEeg{npUG|<=@EH zj0tN|CbS4I^j8o^{W(mr&w~q@3QQK9I?+HJrDq953w)z~p)!nd!WjBUa#cD(YnWl5 zMVXy5l{sZPb3WU}xU10Eb5J>up_4h1A zG1b=4p+*R$j%-*o7DhP# zOjZgP(*-7WDN`4!HbRb$ozBaDR0T<0vSZ780bf2|y<{SpvqiSb1FBd@Bm-0!%3C*o z{R+4Pchq;9Ad+!qHi;uO2fp&<)@HTyL=S=+;*_5&x4_D-<~GL4YB$Cz{wR`&*C<>Ne%g>uNS5l~@V&cg$o;UEZb1YUc@D z7uqbS4!dJUONjX8k8OpV`HpIKtTk7Wc|9o*_#rfo_&cxZ5#5^fe<-bUY>{6XtdTMlGjI+k~LyXEhE{15e?KeWMSIC6G z)H@O3nxSNkBfdaM5};)F9TM?aU~RX=^^l^93=c^*(Gh!EfoFlpYaFrbr_qvXOqfo0 zCh@Q($1#U^f&8s+#!CJAzN8lyHRa^eb!eR1$;U`7nzsC`Jgibaw-uEJo21GO;p?7F zwwGYU?F8#yR^6mX3D~3^c>eW3#aMghoIkT_KX6vTbUSU9NUF^> z4StJbX3=g3wi1T&*|O^lrUOqNE>FDa$eX(k^v9Fo{A4ll;5_hx1sskh!`X>HnM_ao z1)9&$bUdE1$$T^%&u9MVWbQf5sFK@XJ44&G`PIsI(-0em>Et&n6wD$*#YU~X_-xWzj^9pg zpa)#V_>LGBOz#bX!4C<}(D#wg9iL}K&D22cK{-FD`!j|-~$B4w;R3hPt+>7jKj>Vu)E>8S@qUA{Zdt5t*S zz{u6vWcs=dw76t=9zwjXGCwaC%-#P1Mj~emOOO`<*%0`&?zs7)xq4 zo4v&OwIawThAeXaAv=?xpEoGY@*Y)kEE`t!;ms;noxsH_=*cE?*cS_S+C~>b|NRjN zwh>%opYyjAlSn)oC}WSc2Kifr?~k-N_$F58`o6fMS4j5)tTC)wU^ z3LcudvPIJuliXxs@Kt766$-RJ#DY-!^N2Gs-~cF8>qRNPy!dRq6ZmL-Hn3e3W~n8Y z6=N2GGRM{ncHfdTV@#E2M<6&-avSF{kd)qI3S~h;b_a{r`d$Ou;;)C<7C-t>?CjtaBW7xW8J7p?bUYSS*r)r?hQ^ zG~2mp*t&$_hVA3`vOn*u2@23{BW{on3#aFPCeB8YZ4v@>dmodaVz4;2ew+Klm6TeR z%VV#SDy}F`B@L#?NNB|pb0jIsE|vG0EO9^VG?;0o>SInk4$fbZ4-tP=hCNhWiHd7p zjTiqFtNw_4pr9{bsDg$E*$@@zKJR^@5d1l84~3iu-z5qzeY4~X2%71D+@I^ zkEmoY*Q#?`VB3L*JMWc4v0r*OXxlsO$t)1Pqh8E2udKIymbd?Sz3t~;fBl!CmA;alG6GoBJWaax zP*r*-{>E?xI4LU-oZ7(}1$a|=P9TF0MU9Mr-gjtCl5MY8ZxCebc#(o|kk|W@vq=`pwwf3FoK;xq=y>t;A6^2`c=qg3c8G2gy6KRYw{W!22uwAH-?=n$g0| z;PgFMAjqDYS<)$B306d2k}cV=vy4)eOps`i!QLk^0$A;w?->rnBG0-WBA2{+m}4`Z-U0vaxEbpW(bGo9K74 z;{~yw>(t-*2KYT*+m1{avJ9Hmz6({3mruIwq!-v82D zq%WzW-8&smPLAYX=PdO&50dJg_P%G&?0tvRHO%}~@2JOK-&5PMAKs=Y5r3->aIt#D zU3WcvSP};$b#hf)<{d~f7}`=cGF9_eb%V;de9^9aYFhxUix?64R`hG;d|(+|B@+>Y zmuAZZr9YPv%1W+xS=6YFaxNe}VxV(@v^LOA>19oxn$4(8W?2YC#!(TjDZ=;pl@{Bw zXmAXc!SsenXTI}U$Y(CtmES{riz1Y!eQFV6_Aiz^d=vLM4f5QK{V|Z$ZIr!|-&y^t zwW`Az$kY7_QqR5bWB3TGbCTxTJS|eo4nK z%|lDr@Udzvw|zu1;l0gI>PvHzFJRjUy+HxQO%`Vk>3&yd4z{#B3xtiXgVDt<6;HKn0XXU6&H+ zJ+Df2r0#7^>OdqfI zMny(ocj_YNB=Cd44JN)bn=cl#(aiUzJ{m1X)A3|JL&$Nx;o>AX8BIKQb~0H&I2?N8 z$q-gt?Jx+E>Si*B)^#hrIzZ&Nc|$^elUVutYa9hKI}L?3@QZJ|O?BPARnb(z6S(dG zwvJlyt=6PJD|-VPLcasp0$zvP5N)Q8h;FXcewYf<~fl#Whj3Nj(JAZ)N-|(lbV}~ zHUqSrxGEO_g_)V>7n4WHrD4vK!({}-B;JIa--!Bo5(*(CnGEC@2jFXw8;<)}Gj?NM zNe4y~8;c84Lb4w5xD0k$$x=74z?xf}Vv%kLM%y_Fwj8;fMdesuJRGpVp^%|6 z*`_h8mv1kg3&+{p@6N9N);k?)Gjl0&FuYAs0xq6|XSBf~K+$dg7A8Pu*9o^8l4^e+ ziwe0+@GTC}61_-$7_wz9d}&8LH32AHKIKfJN4;3K5AtU69QX|(**Ce1sYMFvZ zsec46*`1T;8yJcoMEaimmohE)o3uv*eb3j$taHX+YihJFuGHj8I9iZo%|%{mXKkzJ?);e3USO@LJZBQy?zg z-!(~Po=cX(V>jYyCk|`-W=o=VEe9szdDClQw9I(K;Od4*& zk`bQ~uP_g4ob$wN6soK<09X7nw5kHUr*+>S@&8}Ze_WqmzGu_@{_XS2_XEH!efop2 z`D6GY0uWrEUuszomnbWCDoayK_s`omuh>_%ua!fkx=v*^Ypearx}Nnpv7 zgnmVbC=d)sYG=ju^_>4P7lv(B=;x)?3{c_ZJNRH3N6Q_PY7bR)$Pu<<*GTvcH%@9# z_K^#r+_{w3HKCO6WC}Cw;!=y4P`RWksMm3bo>AsH7tHnWNaM9fAcuEU@LYwAGil$| zdL$~0LA`zFcUkgXZwDuJ}e2u~e0w>}5* zQQnlrLIg7NzR1yj1Rw{3Q^~YYAe?xanix9IcBv59au3$(=nQNYun_ptP(GKb)rzrH zf`<63+9UwUCgLea1tjh18xDa@^I(}kA6=pZv(O0=1?pQQ&inktvrf?Gx1E)beHi0o zD(pi7gMMz|AIBu<-@3<7@=R)n|0>b6MrjI{$QH5uzy$T(8j`HZr5}wb5(;rz@hYy= z?;yVvQPjL^@*)P2y=YfJ6{ph~iAhM7+pCxw#pij#q%wK(H9lL5E>H5wv13EV$4!Fo zrwo3-$l)Xp)U&KIfV=h9y1xFqzOlqJFAtu=5J7(hP=MKMDI5Nli@Y69840I`$E~rH z1=o4n#fmKUmYfI1t1qYOvn=nGhf8o2;9DGQU`S1s8=114rIJiDn7?_SzuH)P?C}Fm z&`b8VW6imT4yxP1M}esNKAMi^!{Km#;*6)rnYnZ5%tvUvm<(sL*-py%DagTD z7=kx=xyn-ThClxjfIbtq*U1K*v;Kn1gwTmR_+no^ufm^>K9(-h!8*8q9FF5SlhKI% z-*FuC|ITPK{lXo2?#LUCrz7_Z#~n^b&KJPBe^Sb2lV&ja!nrdpvva?b((m^VRyaVX z2LSXzM*IW%%fXYv_e?FITZ}#&9Q=hnaj;6z;;Wt%yai7ikYsuM6BPj1Kh6?-yB+vx z+GA$USG^2<%#PXL2@1dJrP($_=?bB&2af-GaPZ^_%l+GD?1KLJ^bluekW z2L}fSpTKJZzQd`;?5Ql-M1g#}hw{tQ{;u+gVJu{@#7MPusri%f9T( Toy-3p00960lqro=0PF++-7&B& diff --git a/enterprise/authentik/7.1.0/charts/postgresql-8.0.88.tgz b/enterprise/authentik/7.1.0/charts/postgresql-8.0.88.tgz deleted file mode 100644 index f2b07311182b7590600be8a8607ba256738dd8de..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 52595 zcmV)cK&ZbTiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMYcd)qd$Fus55Q{d3qU+umob+u&cZ1y>h?Y4fJCO)>4zI%H1 zaUc?su%-x>faIuYexLn)a3y$?DBqfN#j~feNMJA+3x7X_Z1+*R+kJ4vO8BG4t zdT?9$&V3~hj3UAy!z7}^1^_IXBcJmD^++;lUY#7jK6B|jj!D9Xz~P^rVlf{wI3Wo} zbO?TL004js0?6P9QdBHGNnn76;9Ud8_&rJ}CeaWqIt>`d=4ZR-9eAxqfMOH{DDpYz zh6^G%Lqp(`*^ERD01^}viWy0kLoj75ro(14#G?czOIJ0RZMy-$!ZgwH`d+UQAnGSL zX5!t2nhjU~{kkzFye$nj*N1@kv?+f#4U)@dI-45U=Kw3JnnCXHLPydy~oqzomi37f*ZySwu&a&f{o*fK^#0OL5szF_Ny8Sq1|9jf>w{_%p z`q%BlVf%2{>wEo9e{k69v^xLeY$yA=$D02O7|s!W0tIl*{2%mt-TeITA9S|!|2ZB! zgA+8&&2;AbiHC{3N?Qvs0P#EwFGz^}Az98)#P&e|(TqeCF+dVP z8DwZY4=EDZ3+*BMPBiysJ{zF~kTD1l#R&>POady&#x)H(1nm{5&10eT0?N4Hnk+@p z???hp4PJB~ECkwe8Vam0k)I&Q5ZDdS7|uhs2VfL{OA>}Sn!Jkx$W)IxtSg1~6)FYx zHabNiVyFlr1uub}3IcI308b*4Ai$=W@^2ddVHNmlei8Wj2S1heG{i5U9Glc7t!fsQlA@tv?OHL9g2}uNX`wh+U)~8aq4S`t9l4A@~k|6udct{_Q+= zN#q*V6lgS1#3}zyzI-K08PsADT$S`^9v#!~6T%C&8jS@B=QDH?LOi=hvp9qd3Cx3$ z#91~F48^WcyqS@C#4aG44uR7gVHUv|w&ab|XozvRNXSS`sxh9-6RF#a55N49pz%Nd zxvTXPzW+%g#1Q2&OzhMcq_?!G>moNMfy<|-*b7yfX84-=HL#~DSu02MJu$%j^FVUB6Oi36}4G~9TigIym( znEnlf+6$u~eF1iuBoN1Q8eFt8Ax_Ena{r%*bO8SmA*YcFn*ic_v5n!_a=tO2pM-G?^e5n)EbK>SopRt` z7w_m{lY(kv#!&*UoNcHLw1R22GUAzJM7kzkKuYgO!gs(7Q5Hi=9qaQuiW0ez7oY7< zr^+l__!MVBCWJ7jfj(l&a5TB%iYOZb#}O(G|GNQzpP&Fm48xFCt?dD1P?IV}!c80d z=F=yz3%vJo?^*02_}#FFgJv;XI$#fc{`^e|O!enl;PE=p4HPXn(q@1zj<2qMetUT; zdm;(&BU)afvF@9sHg8Y2mL;9l)-H$>9I-KQ{z_eogbvsRIP$}JfPlk%PugHS4w-u6 zc^LA)9N>Yy3XKSK68UpxV6>6K4n<3(?{n0G~f+>YTo+s-dTb zsIjw}cBLQ;V-*3E*R#tvxFQcjJ_cqQNxl0?_y3mthiP@asYdIuEJ5q+zpaB-&i-@I z?`-Wq&+;@reJY!%A%Ou(JQ#+2l79ZYHKhJYA8Y=5Qxwjm!RK+?SU3OsgM)(ow>{X- z|L1sizy)LsC6U*mIUm^2^!;%C;)euO~HTcdEjjnE&+)|O^y(RTo@vS$4w~cQ-Hj5kI{{M{~@E#_Z%qciOJ);dTPRPHI&l(;M z5NyhF3HevUTTq__h{JyS^P98FD*;sObAB{NsfPU2*a3XLxdHJhFiUUaTW>D4zee zw(I}1JUifI3Zn@M$)wQ`hT>l=^;@`13{unTN)Ha7%wm|JX1;#k^SlDgJ+N!eZV&c& z!yFSnI~y)Io-^XkrFmWe2bX8Zr$3#6U+684fsg;$;QMM-f=?q=OlmJ&k}bsHa~tgb zveP|0>elQ6rgV;Ilh@eWYg7@W|3HEqln|uR70)Mb6{)2(WpT;3(K%ISG30uF0da&twH8@zc zUOl)+Y-i}R%+S_$hHj_c zcIs`X-d9{~JEyjDO3tbF(RNO4C(CxSY$wZh7Hnt1zwa#AviH}*-gRlb346C}_8xpq z?ENTwyXC9r;H$$gg0Hp=@x?Gi|5-d`wj=%Zj`Vg2zuY0*j!n(685}-vYzD=#864VU z)2$erRj2-~N^~FSKRYP#pB>o#v+XB#ldHuzy-i(g2fY<8wqGvIo`V=OH1nZ9MSUZ26aYxUh_EU6HX_LkhTno8_|m9KlZ1aij$;Z)BtnS3 zIlhv11h3H$SI80sgBb#tf`82^126(`&d3Zh?87iz0u$rU$e+m^2Z+N{NZ@D!$UMn3 z45L6a>ovY337C-tiQuNmOk6qJ2XTlXMZgcSe+#B4K|_1xNd?-b!Cvmd{gNvO zrXV5=m~g8B7%fE~g5V6O8)O1w7%hR6lJY8?h#e;2&?%XR0jGQdF+~CRg(JP0 z;Em8-)1MMT(cZV;iuL76L}mpiBtVVEx8QG&8lLsMgK2F?)p9jIux;P=MwuJ!z$`G^12_`O~fOYpl^ z@O}sCBGK;xoAZ?U_%I2+lgnp@%^Qttq8U|2C=n$K(*gKXk`Oh73Y?&r02l;Tcwj@l*y zCa#;RAaCFm^l!y9Gj%hA$LGW~(EB`Xd(sh9f!AD(hAVNX z8qRrS52!t8R;;|@_@&iKXnc~19Ave(!~ZatW7npDeZZ0HJhq{ zL*gQIqj9A|Zz1SUK@1Z(LkuNW@ei&`5d*hq`BL=cmwof+KR*DNOy(kfA|v2~JqJH{ zMK&p!p8v}?L81W^ExhahdFdR_P=bBfe1q=5KS*-xh%#XHL@wzn1cqH2jpLA^Bof!i z!{t7J;2+07y_T1$*%UGrfDEJ3a8htY#O-rM8>79%30dF(1>kPV0p+BD7?*lPDD4_> z$2Q+*dm161iG~Oug0&?VG#V>3{FsYMyQmK$J0r>v$LTOp4U@X*;gO%yWJyyG! z2$>Tx_osJP*Dl|_?0F3t$xBSxpV5e7Rw;$|8ZJ0VkvzrJCrOZ&4&)1OGHJ5+^y2!5 zpRZZME4__T1R(fDXjton52sp*F4kzct}7`Qb9PJYQ2Tk+n?&Ifh!{*Dm?J*Myni_I z6BJ-Bi_v&YxOy=bU7-w)$6iB^1BoaOPy%M~R!+2E0ul-7UP*H*aoXdnpa^4&M{~iz zVrf+Er#kEs+(8iykYoEFs%yt#2rltt$|$%*6eSB302vm}>fMEkr0_>?gZ^zFYybc2 z98nQ5`LRQQuipQ+Titd$xBu^T``h?0&+_msjfnpAX_An6Og}da8w?xP$B>L*_}O}s zMz=11tD{ke6fwJm4wzl?u5G{5p{BFtWIXKh7SBG$C}FF$IfvaXEkO=d=B9Vg+t(&m~wolDnC(wie@G#qK-J8;Ao;= zsn~i$;LMgfi;kndC354OhFB~|RR_Pj7plDS15llt>b23;!5;60?u8W@a3hpALNdMw zikF12M@P?^A@Zn=xAM7>MjK6W=lcyS5UED%Cx|2M-s4!`GntSazEEEzcm|WDKGfs7 z=iLtZE*QGCkCvLT6TkgJ4r zRiE?BpHxEvR`+?2tNJLPJab_xpab+VCRFX?j3kzyh~y<&y?*7MKW(d-O z;lGa4%tCgg&o-oR<2dUieA6EB4q^7Crg!s6+7ed)TKb1CFuJJ#8e_Exz z8CP~?T)Q92d@j$G$z24FU%v)at|v8@gq5SPir30GGC?X&=;sp6Df=!UQKnQtd~uW^ z2)+$aeb2|T|D|qZGZH;!Ht4nSpSyYcU%!3O-`fA4<5`h|Sp+0z*#ybo%_Cpvk?MTY zoa3mIi)_;56(=Gk{v;~tXf|;&TtEgB>Pb*s=JL%5ikN^pZw~ssR%>u@kV%xBHr8-K z<|MY^>fEM(V3uTsffT0-y+%H3>NAah<@|rdY@jRWf4kl9_j~#I-|KGUKR?SOay7k; zQS|=ejXqZQ3t9Hc6D5%tMTrR382N897WZh-t?+;8{%(YSYrI=#-(QKvoXk6UOATj;QJFz)pR;{*So-5T`| zM*dN2-0!zKok9Qbur>zqT=)ru*k7(nk}9(n{)`j!{TwF2rc}Sf37YVV)pSo`*Ce@t zSp%9)=tbLWd7W0L-8yRbG`)|;2YqzV@3+ulFg^@=LHF>W(?-Fd3wyrbIU2)GZ!|s_ z9JX46(RhUV-7adi+J`;VL8I}=uY2=3P{ceAJH0ac5dn4*b zh|wt_Y*Xs$dezi5kZV#`mtPO7S`?!}w|(HZ1_A%$2zEOD_^|Dd2e8`-T8HgkyX}vH z(P1!dAGTo^w%VP};IMl%YWKR`cKe`RqwQ+y9*1{uNfljv5=f_%WK+tfHLGdM%eV@B zP4Ze*YC*J#-17!$y6x6@bZ``m1_<`i7#?;82fiO19<>IYgI4DV9<@fJ(ZPW~>LN6T z?ZX2&Y9004t)ruZ(V*As9@T4oBPNDnjH8XEudG!~4M-jt`@{v!Ij5dG)P+BuR5dsoBX}P1GyuD(w z|7cIuIYoijQ1(4K1fM>yh6baENITeCkXBIvw=B0lO7p*_U%f^#zvq)@;I6(o3NkF9>67F9zw|^A_nWXf}2}~6IjwImJAVc?gAF#eN zAb9Ii`G>Yn;)5c|DJ)RJ=CsHDX_QEsl5MD0Fi>1z)l4zI2fHkjZHE2L~dn? zzsQqsgRrtK^X{iK&b2gyAHh6=`qG7{W&Pd+44o$v2|)ant7;8xu5JtyhRx}m`87;a zmWvVPKoYdT;v&`*Q*lEp#51v?=np^0_pkZuA?P+5IJ1UHL7y&F*>x*hDqV-N?<OOe z)+>X3sbiP!6|!I(XN!hTHO;4T2@IG_iaE5?+WfOs^*9J*4ICK}qdmFxtq=Q*|9h-2KpJZ&Z|wA)5}t zH_dMf^@KYdp=@9B(MLFoLp0=s)OTBC(sFQqA?ot7L(o3zc2>SiLMbOntWlVxbOoHQ*<*;PoC|x!hJ62Z4V@m}Q_^sGK5(k{ON=1$R>)wS<>hNd|omO%Pa|6^l|oVx1{p8Z)@stY)VyfP$=!R|BR6Z-yg0 zo6i88k$EJpzbN(M8I&&3)3*JgZV1b!b#9##4IcWP}#@nRxL|rEo z_p9=y1Pqwm%4i1)FWHd#p_i{zkuuj3^{j`+cUsZOy3;Rp)u3$tr64WI$;S`|fnKz8 zfJK$U?#{ruo}$e3%cI2z-y&Lcj0h9j0M~w%R?UYfnWKFGB`8d-I1T9yRJ|28n@|B% zN^Qr+u6%5Q*;?o=M8dcQexHkFF-R-<}3 z7ei9s;e>z8RXRmuvDj-irSp-v8kv(QZ{W;KvFxWeW_F}AKL|7&s^@&Me;S<1;ZLm_ z&`Q4K1-0A(O1PE=l-|dV5W6GEt=u*ltzSlq;IqP8b?A`RESZ^A%$}*Yg0H0(jek?s zgo~MuGp7(Tq!P)sRTvdj$d$~ZfLXPN7TLLkB?(B-jMGpNfh}W1J@7VG9HTVueSp-z z>V+$R%NZ}KUJE;xy3AA30MfdAh(&}G(RuMsS#WCCQYctkv3FF-!2l=7XWHBCILrM_^w}(`-6y-ZWabw_I1E7}SiEnev zhaqrKM7xf%Kj9e8hU#x+>~n&tA3GIwM@ef{Rmvx`uS)>=^ZX)n35S|W0Jy->+pm__ z?zEbnUas;bnKP8F5+KU3yg5AtPRkSj*ED#EX95|zgUewCzOeyZq9~BJC@2DF(ZYQX z6HZzX&lywe=ZudAADUYe76(w|Cy0SDPAKyl^4D3ku%@rLfP|t2PDmuwb+dQ%z_nV3 z)BVK`xLQUGe$` z6ltj5%boU5F#ZuOFVWb%*NeaW?#^KBnw^_?Zqahc|D#`@7C?(#-FFF@SwJNj3T^4u z} zLZ8iH2m;6;7f2%nLIMM!q!~R|z=l*^lsttDDi|j)()((_;!rD`dfDed?G;YiVB!Rm z1hXaZLrA3oEj9Hqj<%RTDq)jAO(6G+^P~?Hx=4H-OOuC1g(B6p3o)&6uH3HASs_I`iI^S{yasIHk%R3-pJM5(vz2DF7^^Z zMD>D7zz3zwe8+{_&zMbrkaa&aEFgKaO1j27c6A5fai(odWksPoI~6UJ)#B>8*D#2R z!LX}qLu{;!R;O>SG@0qXIoQ@)p(r4XDj_T47$u03aDhNXLqcxnu@3x3A~_5{+A^Qb zW6I^yD`SuacL=~RK`>bAkq3@!lfY9 zEEj4+^+iH>eR0hNoS%Z-i+AUzd%S1v0`h*uVrv{O8~SPvr!X(1Z>+rg>G<{w1_(p(K{J*rcQWNt zP*2FW;zrd^n9d;cr<-9d%!%m{2`yru-u_FMtMaRM<`lf@Hk$>&x(a5h`MD9vjLGUz z3Go>DOFu+a9Ww>2uM2U`IE^M(QKcc z>yryywMLf%7qd;D_t$3)KRqa_Q2>7$Khc_a^_(m08;NWS3*ern*j9(@jUY z9I)xo{4zTSP8Tr7C=4`Hmqr8B05epx482k}4Ux}K06u6+ijmltXv#LGBn+sAsQkXP zG%AH%#W_G=u5VTfNH9D_AzWS|pF{y2g0{W@8lwb@MK<@IOGq+j=EH${KZZD*C+K>b zAj%QuUs6Af0OEV`x|wF>%x*qE3AY>QTXx@s-LqtSWPUFP{-rVem0S}xW_PuglruZE zfj%;;E7IuwLc&>(<^& zi^+}7RIQj(mG*!&fR9U1PNlJvztLdUV!go` zu&PnAq}Fs5dL$pAHO@izaPi3abV|GYd_2Y z$OX>^+x3Sp{OYSY*uKKEI7GXz2@FOmfa2ahu;VH2YjgPd#XfjL0%U^JNkzhZ%{wGn zw-PGuB~;!_P#w6C0o<#cTIB+uvIXd{d|tI*RN=D3J<+4yjn^itH;(AE$sntoxt%J`#G->EhthBQ~bf1%7nOb*pGD4^%MWDMNt+GOIN=6B8VtUj}l ziC&vbE!J6|_~Kzp zkB@L7_eY#Uftq@JjD(}D96DPK5Zl8P_Y~_qKVvl#Lpf;r* zdh%)xSvh3k9>F`9&NPkbu%OUd5kA-Jv*MJaT7t>Xmf%vrb9(D9|7=*TR;t;mOdUNt zE&4D;TfwPTw6)h?eMMW70IYH!E|;bH=FtN+ZR0&zE=zSQPp)Yj;(`^b_VJvN5J$H* z?WF6ZEfhI(@5_{kCZQVT2nZ}-hVn`!oip+pN4G`V8>b1Puam+k^#GaSAPDbZg6t9e z4u3?!Py7oKp9+)_vx$slZCOT3HI_g$#<%vD+e0edJYwi0eeEEVpix1V-e%%3H&wAy z3fM43ro%W!d@s-8^WUoJv@PSko7R*cReR}WL^G1vY-}3WbSCaRs-dF&Q3#20k zO5cds$*sjxLRq>F+iRNml1@^I`VWMPyQTuEtbc<^4+kklmc}J7>53KJRqn7}X!fk7 zNX3v%Q=~Y6RR86l>~OjovkSl$(7ESRZ~{r&E%j+=h51bg-TuzvbAB#DR9@Xuk!5T zfmeLNmJY_kW1EXd$ys~^V&&imv!f%&gN61D4dbFM**C*AE;Dyd?2B)<&omUSd*-|- zmthno43EXhfDtl4T;e@J3Co;2X4&6dTqtAWyn>sHxnH5;zEhrw>P8@pY_Y=ofTSZI zU*;tCW08q@9*OG>@2*~f0LiN(57Of;Y>T?QY@t$>uh-M3LN3>ODTd~5K#iS-RrbDH z4GH2Kbz7i%uVEr7aQ5z>6 z@lEWUSOjL`eX&UYGY&(c`iOl~v@{{!5@iOE+c^%W{I#VAE3uQ5^-sfyu9eGrjMRiT6m2PAP2%qPo~82dyS`mzxl zhTJ^4Hg79`q&p}BJtSx@Zbr$J!ora%gm|`}jR!;8{^LAfWS+E8WRN5@Y3ksCEKDIzzP$UU;%6IxP>K zkIY=*W9QQONNgGuT5>ieB!&}pVbAlOq%N5qN z`{H`02_>U()V<&&}9ET}PxN^nr5Q+c{?fV`Li#ayo4Z{$ky#ObB zs~urE3PCPFl-X^{MOtH?U!9t=a*6e5h5|enrdCG=8*d9{=QypnuER z%iOry(-U0*HExoUGc{n&pu8?MM`CL26yJp~kPT-gq&Ty?!oMN;@s()(y`ODUizNH%x3WyJ-~my@qND8pUkTx2iBPV$vpZ3S>vnb z3l6mzphc5TXV0b}%Bz`jT5LO<$jg3pG7P$qZ8}EK%xG(3IRoGHl^=rXq(@ z#4gf;1v5v9?MH1oYg&HH{UAOpA2jA4%1k!1<*D79D?2)ju6VtSg{6=0fMtSxb+?8k zOJzaIVybcC!(<(?W>RDdmQzN%EQO0P%5rujL5vNoNZR?N$gtAC{14&dYzW_NuC$YmadK$Rl!&Kl(i0P z>9X0Aw`%^%9Euj*hb`N0iiSKcQqkGeFp2u|!yDDDG;H0Lf2;YobjXz}$olbC@&4)! zwk*7Uq%*Ms*A8UM}LMO2WADC4~=h%~d06fA;fgvVeoD3x|UpQe=Gkl!lKY zmSFj|iJ0G%uDYCBam*#>`GxlJmW9%&wT}=>6b6B-5O5h0JcyX@3LIQ6@x-4ll$ba7 z8dg8dxZ>D~4BqzIt(KGm22&}?T;OPLU7ySx{qFAW&da>d1|-!HEA-hs1x=ZOjaI~o z^cp6}#jpW(z|RQG>0D%+N{~-xGZY2-oLk#3(*RSdro2-^K#1T%-5C>MV>rwEn9M1M z>`w`{oFKWj;mKe#Fr);oA5YfhQGBLpdk5SQsN zS?-I@tDyXHE1HB$FiOO&8aQSs0pFxF{zfGA6eA)PBtM=HL9f+n&6Ev#CK9wBevd`i zH93k_(RQxjLF*^1m_Wyj<2xgDf44cFop zD1jmGzbo>fstBagYsmzU41_P1@>g5wEDM9cWR!P%NL|R>DVYfw&?NK3O>BViW)VmGz_biFOIdmF zO_okJ3bHSSRO7nT4X)ya{I0`AG1M z83^mIQAkEjzC_67@b-{4lX>J(**jA%L)POtn+lKgl{8f~;G9jxj?_?R2OJAOKO7(* zCi?&zgSxm493d&8_&R_iL0)lX(IU6_ZJj(yl{;oPLH48vfJCPBNE;6jWjA6;)^8~B zZx3$t&eFUVi7szsM$NRg@Y231{Z_b~Ft&MLcUR+E=5&6G!|>`3Gkp^pw=nVi#>hjKtP!cc&}u(*0Id(Y8;CN#>yzM$e3|WX3{Sh;mq9wkh^_= zqD5+DE@r|6g)0PU9;HBFUcBm|tSv$gj*QTkW&m0GJDkda;^}|s8SuT1(K6@2i#X!{ z?{O5=*N6z~N2cvZKaJY_JgRUa#p&fVN|Xt;P?x9^J_%%20+cAVLg;tWqgY)PmRe)rc3rMin4b}eEHRKr!205-%QH=HL3xW#MUXJH{Raa5DP(3~xsJ)z z#3_ohC^J4m6fl)YQ(O{}_bXr=>-+$6Ug+2hT<*khs)t(S`m&hHGW81B3a?X~$QZh| z?kt_)!=+43p+yD+-(zMaR2O;2ph$qCQW7V40T}{US3hvUu~q|}V3tt@FX5f2tKn!E zK;3iuF{k;tE_ekg>i1j}aS8_c+MY};B*Lns6OC^(#N8NS^H6OH4HVuY%K6CWn!b)n zX08h(5+5!xq*j6oQQ-W`r;TA8>G!Q20R$;|xkN z?N+)s$lbfQ%xfsvsIAp)q*vvM?7ypl%xFqB72f4&bnv zQWhs<#`kfSMwTjNA(=>XD4pUM=!ilgxy2i3YO56{-To?d$>3O5R|54_B?G%uPr9dC zWPsjFDKfR6Q6;iST&57EdP*jVE9bCxm#=xZUz1xbK5*_R2BDXcWCZg}%x!V00;pP9 z*s2#H(U*Zupctj)@CwauJzk)6%dSl%Y4WbtW)mYqj82KXeXS=(Lgt(Y#Oui9*b}Mf z?l7AQrQ?DGk2X0p4yz`I!Sg9L5(fBV&JF|gUbDm0equAj&Q3$651{Fxw9K9$uHJIB zOt#5U7>mP=i0Mdf0g6$?l{Snh2c?op5z6=q^lO+FSQe5?Rm8e5bvZW_1fIThZ1k^S zVgj%Ip4n~G0_DufY0kS>+D7mO7VhExcKcbBiPR33e6P2gj2`igV!JPEC%=t~q} zx_P$}Uaek_MA7H%)QmHBFxtFZs$#v4slw0PH4;t8y}BkV*6f-r{JdTBL+sy92`{{H z@6x*UI+&J!-ab+iCY$$;*Q(bqUh=tm^p{6`QZd=gSoWGG{a;g@CO2=2sop&nhjrR$ zwOXxyuP6R(wOaXqTZ3-RtAUb?$D&vo5g=S7NXCNGs>$(jXW3{^+0_XOSdVYjGKk~x^v!s*3AFjU@*wd|90n~zn%Zj@vNGRa>O$eFr7kW z6VECj>sEg7)QYMLyig&%wF}1ZrN}d&E148OI1)$PHm)Had2@zCUC2|Q9N_Kc!3)Em zf}Ly9ll$3vE%2ggJG%k)8F1uY%E<%X+cN}wful*n+n3Ya5L1U$zeP)0c>B9N3b3Gv z^U~o<;Jk=PfNpT?r2SMK?De`<-=&3BR1ro^t2|^=@xGb9Qw`@p>2Z{O_{?{-_8WUZ z`5rMNhbM_AT{S;zYoTTe{`xu&(+~WU>fuYU3s@Ycg^H?{VV6(^2&Q9%ghTEMO;qjDIvEUVo1pCJO<99?EvRQUp8~>cAd0_llBWm zELp~cD;m6GcW5LGRH)cBtE8cpUHxTgxjZ3@0!j5+NC*qEJsDoEs-qiGELlPyd(P}C z5l}4Vi8!QokM?XX$su$PI4jr-j{*8s&4v6-u)gO6r^r9*=yMe(gRMf-mcO1ksmY_W zz7hL0XMIC)c_U@b$nsiHIzL=rU*se}Dn^wQbxJ00R=Q*mv&XF{Jy}Sz-N`jZot1;9 zM-N5;*v)gP7|uPgTROHDQ{<#>36K{BQBX0NgtW70phRLBVDYU4Fjv1b`uC!(v~43- zN_1-pv|-Mt1O}jNO&8xC;DO&k#OF}NK#w=9;ic!2e0ebAAvz_Gw#>5eJNR|Zck$wz zJpB}P_)urR36s3|#(SOlCO7w=ETR0@#jx4@>tguV#a|bWg@SBUf|r2yY*4GW2Kik= zZT;Uz32WZ)|4N(31{;Aj`hTZA=;rtTtyX)h|3AmGO8@7B?MbHyxe1VKwG}U4sIrB* zC9m9!=V8eI;&aTkMa5fTGEh>0xA6lB1C)qDMl4Pt{Shsz3p;jvSx41X;>JSoWoACP z`hQNQP*o$I-3C{Z_$Q~jxQWRR_N>m>+GZW}vbf!^RWrZ&pV{^3h7TI$`yb%gAk8)= z1?^~AZFgs5>N)~J*@?6_dSjPE-a_5dNXj;47K_3K#3A2(IAS4@saqrr0YsztztLam z|3(gQT-O!rY3cGJ#aqeR!sWKrFKMwcR-8*DL-I;e8~2FK79Z)NQ^-kU79|!^&sXcq z8luGWQHcE?(NYrScfiP%xDN<^2cv!uMSgbu;h=?UehtvlBdRWJd%d}bg=+ge<#Uhq zzqZ|9KWobY88|D3JK&L{F(^UVE6wb>-`)|H**#je`x$tr&nSrS}6xM3+#Ss@c7IvHi zjViEm8A@rqj&`X7?>&iUt#@A>^&U#B4FrIh&j3dNe>_RQ(t4Ckr$-4HJ@ZoO{+a~o zk%QGB*wvp41obRJTDr;J+DT@2SES|Aep)iiNUbie>Dmj0o8X)K_aNOMttOIbF4Mj_ z0oklB9)oI(%@o$`D5`rlNsE$D6;kty&(9SiajQB$#ZyE7lNaHemXCS!CiTd#p$x7& z|Lqj~KYD}i_Wbu*9_jy~l^T(WL%7}MZWNHHajvdD>2;$1#}qol_wNh;d%QuZo6eU=<)l`^M~+D_5@795MTw}tBwsoSq|uT8Utq~Rxkz)%@H z(i-LFt~|<~sUUawd@1<{oP}8fmjyOsyfPYt)!8C`j%d`i=~MuiS?Ux~&K3I1Bp)+( zko1)b5wkl(0Cg{_X76)gwfQgYxB^#Vva`$~treZHMpo5JqoAjL^4URDB{uEDdlUL| z~u3@C_cVV)t+^5DhQT?lr!}@dErn3pu)7N;5xY$_A+2f_(R-(^3vKR z&Ca9JhBq4y?ebA~IQ0Fj(&11a>kNl(w}P5kNb80}L1=ypP7y=NOb20<7y7d4g8x5x z(NOhQ^U=cBhYOZ**>0xHK3O<)*voO}!q?tE>-k$c_*fqVnr_jz8&^*Wmh08U6j;cBB0tzn&ce#Z}$MEKv}=R zi-okG75aW#(&5E=Hy9PbKtsv|7BGBzp|QjuM>^!kQkX)256BA}?U;c+u)z zu9IsfOB#Lk^XE(uS26t<5qnhIy`b~(t0LRyPx#zZ|D&7u0It#h+MS~Q*E$$%^}pwM zjQ*!1uKHG(R5{AjXn!)iun5woulBM7fL4#?hR25Ky82I?fUb_KKGRWD#82X z$p3b)AphH~?f(B+9wYzN5yozU#wbCNkE02gV3w-2dpRQjz>y3$uTH1l>-?qnS{>|z zmgiU@HdgfIS~#p@map6@q~61uh*TRwcH^FdSIZSYw|ITBZ$@SEPjwFZjZ8Wzl}yUo z!{{3=xh>4rl>7BO_2s_~B(EmO? zf9eV#Jsi3kAdCoo28 z##=V-(nD;ky@?5D;(~vX(Ty3aj5-QLvO(-;;qyAuSuhh7-WAzG!YQF?EPdPbE}wsq zQCU0uxw(lUo8H{09fyih;*`d4`M0rR+*AHP=KjCaIVk9V?LliR|DWS2%Kt~$|JzGJ zasO|`aLN8(e_ONv&lan*|IgNV;QoJuO}(|weT|!X!xfLUskiCz^qcxMURMU0+CEou zq4M~e{8FT#Hc~O84>$#{CfylbOhGF63RT0*dJPpnrRn)ahMh<7%&OswwQ`8R5);V3 z^>d%~-wg2M*nirCgM9q2UaPm=|2@l7W&g4B96huBM>oCE_OaalQ<4ekaqT~4n$8p3 ze^T;neB;yX%&YHurbX&@TkrMr*E~~5nZBm4H@@tdH&HywtxwaH#Zz7N%q{s(e&KVY z4eWj7|3=O~HSGW0lKcY3~jvXflV%S{&E3Xv108CKq@j?9>C>wBf93Qw-N; zZLZOa7ICCCq7rEG(|0&TWy;~dmy!MnpUvdIni9<$#XFC)|L?R8^7`MPyVd`m<*AbY z`Z|ytXrLDXXrh+n_R}Gz43Kf@zPbUUK-7dKw~M%Jk;dmSu64Lz#B%wTpXhr`PqgD# z%|GLY-*kB6{XTtoU?<&O`q;sowo?0xcATlw8=M+*>V2ID#+-#7 z>#SH&;pvZwD-IcW`?oj@ukJAOr`guNJHI^p`S|r~yEW(S8^3pS$V~bwNDb~1jkRRk*e0vR zyoG^%xW1CGQ(s{4+Z}VuHERGb(|e|*$^*K zgebj8$VfDlc~RHj!ClkJ(|A+dQ~!I+_#dr)r*Qt??r!scKg;tp@jvprM)$q}IckWT z7q+|*{<(9n^r3c#fjIFNBH8O`x#?H6*1lB#P+okX< z5oU0r(6Mi9lod%v&|h09HR^56bN{B#z2*M~7Qi*~ztt%{6UZ9OF2sYp#FFB>O^~Tb9grtCcrq+OOV_=#mho8c(kh z@Rxk^OqZ0QnRT%swF|B>muA6>#9}Mp%kP;hh#LjksAIs$rf^kPc~Z;3_0`Rf?_QnV zT%DaeP`0GC`l5~)WPt@rM)pTPL69Nmpxu? za1`KZ@+W5s5+bz))1$Y7P7MHxlctI)bS~10DVEdcNFve6vF~#grjgtA!8ex5D5f~y zcS&vN5(y>Hd!t|f`{)VxUjHeqeGzEw`ESwx`=GP6|2@l7zW!5aul|p|O0PN#&dlL* z@o3NGuU0sIA>!r!^S{0a$h!GIXcyu?^|t4~&-186tz(^~Rr&50E&PQ;LrXq9g*{)$ z2!Y-86sN8zFhL+BFi=+v&7p-rc$IreCeuoVT*+B?A0k^c^qL}N&Zf6Ar3(;N-*?wP z-28a<4`Y8zJw-}|$o*x=X7k@%P<%}Pk5+$BnE##LHvh-7JXQW5KkJcxO#hFy=Z4k= z*m56`6s@QC0Wrutxetid?b{$cKTTfTYleW3Kf=j!a@`11JrZRYgR`A_>w z$@#_g@vGNoS2wSYPkuambDAj`jhVAOkNYCe<2Juv^yB&K*H=HEU!VMt8DkMCs`9E$ zPh7Rh-Z6TTdpEtB_ilRS_il=vygB>7C$Ha~o}IoqyZ-s@<&Rf4=NIpL1$HXJ&(Z$R ze`l#C?fUE8Marr22Olm!);%7?d`nxoo3#FIZuD&S)X@L@5K`K_`GF+(H@=#O7bG~I zGa|OGbuNIfJO3@_e>rINw)tP4siwn=E5gUAr(m~f%8_7N)~i7n?@-o?C%DU)E@2DUK$*; zdqm;uUku;GRl8k(NmAosNh`e~MayNemv7F>H~h)OdYU7|R|KBSqN)_beEx}H3PAImGH@2yH* zRSB^K`!=P=IXq7;-o0ZuRA;>xDDhFm;Kb|}Tp%s8mume}tge^CG`EMOgCEb$8`;3| z0wr*QtVT+xwGN9C_sT*~enK;nEFZHoGXe2F{i%UVJw2iR`oC$`r}SC3{Jy>}nL`>TRt@0ruHmsWIQa@2#!=dwUr@;Xdd0E0D7t z1nOXDl`ls#=caHke*;NxgR{n!zfQ{vm>OgjV%6UBPwgG`=YQ(2|2X31=;q;{*R22T zcCX*c$A9i`^M5_hv+??WF4^E|R)57~kGA$JcpI+#s@CJI`!=vIWYxE+Qe5-xuQgVD z3&9t0f@d&UDknZp(us8fPSxwuMH-L1Im4kYk}z76xV&geVwLh_q2^2u@ZR1% z_PUgf|qo}~0a4DWu-}9heT4!JQqx)CR4OKw)3Rh>!Mzd>_Fn&$*+$?ywlIm^5-5^Ej3$~m?O%g}<4%Bo4U zqCr~L*j}N(dD}yI1i4Z{m{wDwP#P_ix?5qgutojz8!UWDL;h2dg*E9U2J-D(#6=w;5~1RWmjZ6g-BW$KG-;1B*U4 zvVEz{ioANA%)iahyLxHONLKr}B2?3gg@u&uMxwHizBfCcVpRZKFeTJZ!EOODl|4}= zoy5G_r%!@(o}gDIa74*TONx97Q=Gh=poFD`QrG-KR7N-ZzuXSSVPY!D#lXQIeUvb# zys;PN9^fTfU@i$tB|07hFMm^@1VupttDGT5xzH{dQS-xGuC+#BQ9^z>VrlFASJ@y; z8H>|ljUk(6Qs`R_PvVGrEk33iJ$VzsR(QG$iGTT(|7S~isZn#1B{dJ?K% znSDr9#K*?Ssw#eG_AezkWjI&TJl1|sg68~JIpf>BZsbDlJFk5$P7ptRN@eRsg2wox zBZ2eJWnc@K0WgC8EsBC+=H+@M08m88SIpj(k%TVP1%Q*TSQUV1J{zG#Ru|+g)GcaF zIgH+{Z=a@&wYI4|$*QK{pV-!2-~Ou{6Q#rSMpoc;_TPRdAOEA<8f^1FKg%QRzppY@ zUN%MGjXl`P)+OPLmw+J$oFMp`z zw@9a=U9niE{<*K*Gi8`3vmaBiaWt`lW0Y^LifDYP8?3ME99VBtViH`T5c!NG!{Qdg z`kL!xWeHh^6HDPziG`ar3#i&N$o%Q+x{iAuRgJ$c@#E`P8JsdbZKiCvPxRL$cdJAAJ;ObW8cBY|Ff&lA8%JS*o07M{E6?EW*(Mk$!#6c?|JvQ$YcqtPALmq0XV&cbewc60HR2yn8T-x`- zHnNs4U73=uP`nDO7k{~3zqaewcKxa?eYWe@cK!OA*RSVXzCQgS0paS~f8#~nc+dG~ zUHq5!Ab||31sJvH$OdzSYm(i#Px$A;hz%@dl0;zLhnmXt}il447hTjkXmg z+dM2#X|B!A+068P5ik6WP1uiP;8jrg!nSJ}i!vo0*U33TYJ7`UVEtuflX*I%y)iy> zB*~l!=UOclR%eRBnMbEh zedp6vM;$|Oi%{GsS<0W!eq7&RTw>xjKWb;#tT3Es%*bIzS9yRv8~Q$?^d}PNI83f| z6fwj!-)*<0O9X?T6U@-t$VZMy%4r?k=OT+I=+`;2Tw*9Ai3ne1dFxR8Tc&}dqoeP! zQ{l*DD#ggeb}a9|eF>{DHf3X=aFdeM0lPptU|V9&NyW@0BqJDdp4lsPD3TFh(n*y5 z&h*_XR+iWr=txLkK-k;uqn`Tu-v$Xka?cw5uh%-r$A4+JJKOXBXL&Z#|2PXgNvM}J z--uEX9^wo@S4V5HbD7k15fJ^(wD7)AhGrs{XSK3>x)E5-R;#1ME#;GW574UMFLZ6} zm#l)SF)?&3t68wPndZ~0D0vbTmYYYWfZ?4Y4a}$e-ID*}lF2-pu9h2}Qg!-^R(}h0 z5dOHp&U#Z1?x!>)<=2uurXCkm`pJB8V_y%`uRC!~*#<+kntrZ|E?D6Ft+M{7e(LN0 z8zlV5J?r8>wR-vdKkb87XRH4|$Fs5hS0xB}5`(XuTI4Y{0-3xdHFbT}zen){wqSiJ zDtt$4q%51wa5_dFpFl34O?kZ~kiOMyI_x@mVHD&>wK*n?a#$MYneHooZPFq$2rb!Uma}3Xc^oNd6($%yqdVE47Z46wj}AY#Lj# zBr&DD1+tr=xECjc5ub$F!Px`O57*ZhS0)z2>QD@N5X8h!DD|g^Q*FvvOe;bSNK7=R z9U0=xeKD%*pOsTKWp zNh19;GzlGLJUYK{_P{Qh#cXLl>V{=(X;ZLxPV4JWvb_13Ii<}N`t(U>7WtIBZ)8wA z`^ZodL9uyqY*fU&Ql-ReWR=VY4Y59edaa#bIBQCluvrCOIXZ<_MNNn7yA1MW#mgo| zS@|pBKyV48iH>zs^;N6?ny1!6+vtAX3c^%%Lyy^Y0>@+QraVco|scIz3;nW$1f{@CS>HLCbDSLil?+5GeTJ0N- z^HGTD^bKK`2nNgJAmFlJvtiZO40Tt7C~JIIC^hCl8d! zM%FMvEj&B2g-i>Oje6mwFYRm*cCNNeYet#KeiR<@T<~TK2^GT;9`O|)uPVP@pIlh+ z%k=vpxIVdPlzGIbCDP89Ae)b-Qwkx|Mq0tTd0wQC$OvDqrPrlgvjuXI z`nZ?s4EmMT1^p^*tb&uuCYrq2u!7h3sy_3Dbx%pZ$_wCh_3dw3a`k(KZK-mu8KtZc_FPzrK!?J!K9y_HZ~ z=B$!B08~kyRHPiX(z2^&QhBtitHOR;R>2$aGU!LXJ z$o`jgRCp3kz^ohHbNK{TS{ZG3zDGC?EO8Os;L^M510SoL`rFUl1Q5@ zfPO-(WFM;%zuRWh{K1P7fbyP6aWZDq)qMVKBcmcM!E>P#&D_AqJcB+{bi{~|a7&OUJN0sG!WxhFj&DH0Nf zYEejF6dZ@~6uz0yz(HAd>aBC)L!Qm#eyrXp@0=Vpp=7_B0AwSXqE_$JTjybcxtJQQ=7A zI3aO@`F8drvr&pB~gcB8y#R!?^&LgEY2U|KPW z0_Jl(laY(s zU^qawlU+mefl(zUMY%v8%8GGX`1~pB2wV*q zq8W)Os(>rLUZIV_QU)0s&qD#Y4DyvKPzKvBK8831yL$ZJ5C$Mvzz_!@-{$UL>7G-C zQJFxgTw(aoI#PQ6AK-Z6zb2S~1IE7wQ4N{>YY?RjmNKx%8Mw^QQ#g~~D~nn1F#i6d zHK?!qsjL4R)@$CV#ej2Ry^X+{`+x23LEiq;YjwB!|Fb-NCN;kW*HZ*$5J$iaZXv^$ zwJ?0!G_$b8KAcJ^4)H_-lrz@_>o@a-i#~X!!z`B65g$`aLblSyJPa*Qa&rL6zj?9w z2+Gf^c?(dV533)U7@)T}3eG8C8vY-9@7mtBjWvqSXa5RpHS><$9m%@O_B)xgT_;U_ zCUt!5Bt7qR=1CzEk}#$SmV}&mnx5Z&9^6O(1Spbr+;m3#kXR(J*1~Pwu&|Kgc-bkO zGsZ2bo{(hV&Gy(J8Rsv0*7A3GU}y?Y)1^#TF5g1&LPWo$%RDmOXfZEj>VEfXW8J8l zZA~>{RPY!$$ zUZCJEP#22kKOYhYMd=#HBKy)BWf@!IkgjCE79YPazMYf?zc~txNjQ)c{Kbc64*(S3 z@{ah$2;V1#sm3$i8-vqJH}PrqHbbetj@1bEF5jL%FAh;C#>(DG_QE~8CuJ_<0aUuR zR)Ktb{o?BV!$W;2h`*STSs z`CECw%345t`>@f2Pj1aGnnrTy7n#r_Vm|{4OR5X2r zGYZH8tYMO=8USjZT9xXcXQJ|SXR(J@F0K*3hKYi!x!r89s4O6IE_C!}T0Nys5cS*; zl_$jo_S=-KHPHDxN0I~`2P<|oAqM84tNLV8N( z$W42mp!M+UJpjH(=@Mn!HS;Fjpo`OMaD8_A>IGP$7^RS+5HOVh#|t8w%1Y)L&DG5o zJQ2zs5N>|Sfr^hO&*Z%keDjdsBT>>h%$zFv4H6olXFz0S(O#8F;T4TLH}YY6VwIBi zWSvv_J700t)58Cokg!<@$QJ)^e>Cgc@gLLO{SS}x2>B#h;0uO3On>8>doC+o?$oX zysY-(vmn%a0|51_Eh_C#!DeL8@GBh41AT=hV1KUR(q5)8K$j@RoVSoT-XMU8S{buu{OiD379Aq}0A0-&I=SQ)aboK9bIDT3h{i8Go)91A<$`|&{uh)`N&3DJJG zMY8h*mY-JszmzsQ1h(z`?`%@e|2Ev+|L`ae-%PmVsUUNQpE}-PIQ;6l`}nqtb~r~Q znN(7<>)FzBUB$pOIptLltT!1wmEuyo6SccdH&w;q z3-poIK1@*@qLlZoiUbhA^WIe{IJ4XtDI3dM@gz^#X?KtrSj)Xwa;MFoeIV;hn=UhO$Kql4>c5dtg5=0sfdh)jk1n!a*D>a-v5? z0IpOs@-({c1jkxlWYte*vfy9LyvDwi#@=kkou3cqg2HD<&~Ive+lVI?9k_% z*%oV+a)h_az<|;WXB5Q&GS9T}kQZJ&=fCo2hKzoxI-t2P-h2X-TyyTrv{wP8bj(qc zVOEm_R7t!4G?*qHWY-#pDpZTtn}}j&N1XHH5h+SYhAByziE-jDM`3=Mf@5PUk6Jwe zeed?ZCl)}nI-9uaRj9S?5n96(!*Firw^m*A{pr>D>GN;ifA{+OO(~8n*Aqn0%wN%+ z5%QvfUL=YjMPa6Wyg_#-Ac-K3*#J7RUcG+(=KbaA_4N<0ubzJn^zvIbC4_bpm}MVG z8u~1Kt=Cc%;>_1)S1+EQU*D_8IQRzrB{1H%qx@L;7qfpX)UU7XK;7wRcHF7am1`0& zNyP+weev@3eJ7wm(PRQjtj|y1oPKk9{laRSzV0RY{Qu{W!a3v$N}Z+$5e{xvWRoFZ z>(5@DpZ)c_*Ke<1yuUoZc-giC3PkQc!11yMxfzL4AEBM=*RQVlAa&Xj$-p-lB98Fv z^;Id}S{ocrG5hC?q?~_t${=1`oPP7_#rxB@Z@znR@#g&O^v(I}iy9zb@Qyg$&=ra) z4!A6LV>o^O{rScFx7RPOE>6F%m`XWlCK;qp(+lpti{0DX>_Y`BG*0|=LFaIeT=6l)Ur9QCOag#~Cl!*;jQ7m0o=U%M>M``|~a6d<$_TvX?9o1sC65-;TlQ z*{jZfGo3WfM^;dnf6hRNC<-VFp8}DUp5b_(Nd%N|waVT9z%1K^;Pm8VGCexE`r-ct zhqp<5s73*N`XmuwBg%VXlcCh?4o?0S=*zm`g*sdbpBayKuMptu7@FQOpuviKh!2C+ znwWI*_n>V3MZ~cbMOq<@_&DLfL1PW)lP_Vo;(FlR>_*XP%H(y z?acn=7Y?!~Y$0(1@pnGGuhbl5Z4+Jp>#uw=N{5BjV5WsI5={DU#4^2b-NPoJM(yaZQ_T!1rvajCl3 zCxjF-(Sl>JMr)GZb-+I?Q3XVQ(sYBgcVZzHs7jv%x-0%YWUL>>94n47En*ayQk+qk za#m_4F4@lx3}$Uenc4)zgv!xn*n7PmxMnk$p=0uY&}TM>fd|MrKIrGK7P!TH_gl(p zK7L>-f@C$t{8AJ3PL&S_Ol22x>sYBLE z5{IVV;APehxG)G%!bd3}am=(S5@(&7UE#9A^Qr8&XvO@!Ls@xJiVh4mX#~1mzOmKq za$UXi<&Pxwje;R|Jy6c)mDX5-t z?qRS8!W;^H)|XrTWfNbln_r9^8ti%T`rAFv**n{%U#;_ZJr@-Mkn3vU}rnn#}xn?;dyUEaij|M zB&htR6CM7gjQr^s_h;GI^sh?UeDI<#AD(i&FW=bob|UDs}YVISON zc2<-oFA+WIxCYHGt(;E@*BAKxqM~K&g)7yb4?q^I5Yt8q5S&;q1aD{aHqaosCc#a0 zD=NEGHAB11-Pvv)xWR2VQCNm;m#7I?dV;(po8M~!P0Z7o zHcaEQ8)D7yRrjC2wa&789`0$O|LdlAEh}J){y!XyMt1(^$z*r``=dNOKK-3IR#kBV zpz=aMU%Dha+&@1~i78t9LM?S=l%JMkg?lmKKn6t91pm?sM&_WwU`2s=(=<>zyWp9uGr_}TP80jE7-Ohms z_B35se0NgcndESd^8%vB^h|SB3k(OA?%uNUDto-T8YGoRQxs6Y^dtjypor$AB!Np6 zkF=-UQN`O@6#Ar}t@Qn}{Z0$xjtC9BwE%7dBh*+do3jYw^&7=@UE|2=*{(=q6!!}i zQV!^W-EO8bGBDopEPrjGFznoXzmuo6{C~LnpC^NvegE5NGMeq=|6@Gd|F>QK*YySF z$F{9Q7K-udlHRWXm4~AFkHc$z~>RfK~q@-_{4fu#N zisL0`^Cn~ES8#uTcNs`hwBXy@z$}gz`3aj0QI)N+MCr3Clw0oLI{X^ErYn?wz!?I9 z41QG{0+;X3#L+zqt=+=dbvqd_lOODJ_mZy?S76ExJFR{D*0otR2gZx?pq#)swhx?^ zJVy^ilcl8k(A(X-AgS;$SJAY!hD%{BQmv}W^j)Ev2%m1i{xlM|rJ4 zc*L%zSS?0Ue-aG*%v+#Z8dZb_cAcQ0A|Hw?eY*2P!V)p!MnZ@BRL^z1^CEv?PfhzTL>d5tQK!L9KheLMg2bTHice;?(M$>hxp04jrg1|T!wLb3+xlpJ?L zqBz^6%wD95L1gOc|4kC|NrOU6Gi5;VnN?*$>eEXPfW>lp84(`UfwD67b1uPoXoPhr zv{Mue=a(?cWEhFWA@Y+&gxqWr(77FSKu6@G?znC*)o|&#?Cuc9*;k@534A6n=}FzyaLk6A8-GU1KuBR z8HtXGRQ#ErTv5GmVy~>LosAYW{xh5hyu#RZnLD(ZgaQW-Gd31cSE0m+ri!q zj>8imrs&=pQOKqmQ)>9t)LM9~D;|j#>A3DtD0F9SHU0YQo`UX}%A&aJFg~eK9GJI# z>rj2fE zfEtDO1IRg$-FI>xH3b%sbrKmlDooYAgLu9#5;K{MGRP zPlgjq|C@~aJOBTqJdXTNzpeJCjy{%EzuKo*C5S@Ht3Fxz*b>!9(j)b|Bt^HFY(%QW znu=#f2b3$XPL1|SN(ePyixw&WvPOYRg#|J?peQEQS(Q{M*JXjG%xa)={B?jC8HyYb zZKPc5Xhx#}$G}$;Sc%5wntQoxoQ0gNt=6&p4J)v@Y8p;7t_bnI$fIt5j&!A3VmTR& z`ctm0+G|YyUsIE|YUMh#8h@9j7LzP%M&x0=GoX}|vNc>gyb0i(5+-ND!frsfOhO5g@qPvI?A0B}K3EV}3{PY=#5Weo$3H*73 zJj$Sil#i!oCIHJ$02Ml=4dzNRi5!&1HR=L0Opg6#6S4&kq33^oJiAe7mGJU7vAK{1W8 z78KJc`)w%p*@8OJu9@&K*c%$Qiubp-zj+Iq0ipq0qhwgTM=b06CfdXgyddWf@bE$gcrlhU@50`X;2?%M9G+w1;~&)=XeTaB?VjYM+%h&33_f&bf z4y$2Y7QpnDwKOqZz!Du)&LkRuYG`BH!_y8^T}$&}u=(swHYYwKN}tjBdCH36LD;Q#6;mLA4AVBVwY zFyPGsTa4^7v^Hk717(%Dyv5$-&~%kRyqJz=$A&hbb@LV-ARn-;77lAe$;#2mXoJ4} zmKnbQ)w2*E##*ZcR>MBx^(B~=R*~q)W>$W zCx)Gjf5fMz{NGR<9lnQ)1;1jU(d|#$<3DEosU`o1v*|AX&!ap%|NAXopNO=6I6{ma zJzKMG30CMtOhR-jCd8c(>X>2@@BQ+NOF(KLCeJs7QJO&h`6IMN3agH>rr6xjpgOgv9XhJn4ohZC2M32!23#xuPdvU@%f^G*>VU z?>m|d#%CW*frQmkDfa3QCWCOz?>8gq8;7I>y4R4MQ)7cbQrGX4(Jsh z^0Fm5v?{z=2cS%AdzM}FJzM5#DRTQvt^ZxABE{dQm%%@t*sB)yx>9HlX$DC=Qzm{&Rx8Fq_4E}?T?p(RtW-=Mpv;0a&H z{8rpjpW75Y5nNAR3c>3+c~l8;tjtw|nKC9Pd(C0kmLOA-kccer{>pf;*&)ojU^p6z zxCdR9hQRyHmSrIkA8%PUm%Uy0@_W$5ccjnB+AHt=>&~(2TCTa;E6ze$UTqE6TAh_v zv9=y^Sv{H}B9J|d9-;}z2USC~6~0XiX>b2Evj6cKE*skZf2iUApHA%a|HDCl=l_3{ zr=I<77ag+{+R7ijPGF3YS(X_C~vvRh2BR`#9l(!NSA=RoV%x z3yZ!3n~XtcFEc43tGiQ`>WKT&ws%cYA#W`I@*InM$h7OZ<>+X;3%o80_3L_g5hcz+ zk(qe~v%jLd98^)ajMYS1Dydn#j)5%TR1Bn6=yQ&vTnf)gaD!5C&PVkMEpbNEJGq$z zxabA@AxcsdK#IZ>u*nc8jZ=!^5T%!!C=wMjfa8oJ7#>tlh@_}tt+HHDdKcQ@ssG#X zpjd{gkoaA5O&WwfU{@lh1whIMQ~Fe3v4NRYcUGyBAH2(Sg}zodIY@dq319s*lK)Z} ze_;9FpNvcX|3QDSlmCzLG?4#)%}oQ4Q5c8JrWP}zYKqG_qiSfG{Hu1+ovcFIOq6i$ zNn#M9BqDd>(rYE-bW@RsD`dBUS)vBDhPktEjI-o-JiQkxNM zS^tB<%+~)$yZygMdieU+WH47q$wJCwKHNYKHxSogRb2%g;dzfum7ba*5`=DQKao*5 z=b{M8tozl&zhWnZ|c@Ty23|HW-K5geKKia3KAsl-hv+eB1G-PEAH zjMJi?ajSi)L+2GcstXT_)~SK9S|Pw2@^C?lm?b-M3 zoStLV*gXGj^LUP`E`t|%KNE9TsufCnTi}wgI>C|Iyga|1z5F?*Dk4$H)KK5Q7Ct0R&5Yi(+tX7zDj$76G3x z6_VhR71+xEIZce~->NKBX_+bVQngvUK-`$Ii?F^v*pEbo*0@QY-yj#0|9nbo5BX@YILX( zt}Z*E4w)K=&(&rt!stIzS~TMSG>N3@)kp$t;s5>Vpv3>DlhKa(aa=^-_V(UpaEVSl(x8|^BIvac2>i8M6!2F~;%duSERB~n@;qZKCB^Zw zBTWkXlod@P^+g@0($)JSX^mNBzo*V_QSv`<9UZu9e-Rl@8m<2iFpY7%Y#IT)P5IR0}*2;H*Aod9)p zk01ZE&whLYDO#eB-{Lp~oo@Q~zlZ<($){`uhm+|^hqIL*POmP`FJ7L2tDjhL!pC*Mp}Z;fF05Zpk1q1vmp4O-a0r?m&td`HU%rfD!<22@cDB znE}j?R;DD}1Qe4Pp!gQ2BwnMK_V)faju!;1C{41H!^4mSS#OSM4A+=-&Y|SVD9sL6 z{jN|yPf1dR+w)x^_k1p}y9?-P zC{eIUF}+iEsj;457CJ!)p>@g78t1ce$_m#(a2IyIuo)R$I+U zP>Ipm#QfT>6yIJ-uK?yi8Nd4i8hI^c8YnBE$>X_~2OCeG0lCqkH;cQFRGA)y=@LEcNfUe`WB^UWSzhifzF?wfkA&bW|mp5HaVeaaEewx12o+r z&wv;nupDSoNx1ylp5~-AwcCE|X}eAeqK_#_rqHpuYR3)r@M{o|^_;O;)>$7?Oc8)l z1oXAWG)Q%XnlopKx!{8Vi33PY-fM6ci%J8A;$}7w{@&ybHV@PX>q+UQBY$WGM*$tS z-Z}-Gu6MORDK(=ZCK!gD97+k#zoA;(Q2)~$zSnr2M78#Uw%PxKfxZ7fo=$f9-=jR7 z)0{>T`2aGqMu2B10-XiCK^>rP!H|U6p&8$>=KB`l<=bc{u-n!9#37F}Of!NowEX!wSV9M9f}!#nf1wflY?Onhf98xe7#94mO{X zrcqY1B~%@ay87xL4|K|D;kH1xNo~j^=cNMiA`4)|C1DBHm&z*}u77E>*4O?1P-Fd% zrzQX2Y`WY3d6cJ8|H}`7J)G{RLPEFceI@6}7M<@}!mHHKUJ)3610xs*DD`Q6|6v+V z)Aheek_fF)OkwmgC7YzqF2I)cKOC0sf0*>Alim7%j7O~hBw^EArT;Atvdp=Z%C#MW zrFdO)&6nVHidf*ouR#WHkq2oK!2qpD6rvQ|!W1(-#q@P?rL$Es*GN>}-MF08N8QNO)~2K8{{-H|$wkD3;Sv zPK6Zxyy1;n=0o8CQmGYMzG{b>cA&j>#{eEU2TF}H81%ug4~F9hYz@=k(96rWwc3&w zZq|}wTFI7-$6(N(HFN~K7mUjtoNba~8XL}B`P!ICT1RV?Rw%{g2?si^C9l!33(x;j zo`&+jP59^b_|K88{}0Ez_|M0AID`2frAx%)`Xds+NZi<%XI70vag8IN7xJ4_6)H7= zTa~H}Q;(T1K^mujB;K7%34eiJF4uHHP%uai<%uXqW;O6wLUCruQwUx zJ@Wb%rGnpDRO#ppP`b_WP9>_(sWC7e_+sQAmnAk`{{d}g`~RVi|8H2b{|Cd}`JYF5 zD((MwB-*UeSp@O=jk+E70eu0tW$@Wn$AGKSW9|(7oB0Qtt$(JiW{2+s64R7K5lT7+_oxaEQ2thv2dI?g9xh;AD@CJn4+~S)w?Rr)4Wr(&U3t|4^PTOmiUQ| zkHK&$3lHPiMFuSMy zb07X+OZlr~|4r@uzmwT`m;dWgo-+Tpl|SQkL$2>u`x-EOKgTyX=yvT<0NA21mZ8S6)db|p7)Pu*+%Z(aG~*}DEmcKqjfI^6C5Jj&x( z|Mtpny5?;o568>um08UPI6cNLODwN}+|M%uF`V5$^6XLqoPOj#Kl){H6AtFrU-fi$ z{M9qZ_g~CAm&<&Ew@}m<4e>AwMo`J1R2`iIsY?7v5OwDs>FRlyG2-&>sdsd52t;R(LuKtBDzP4jj|p^g)|0(N7y!8Q*|)VplN z3IhC^gwIg4aNS3z*ge0W=f3>Ejt#io|7Y|6=`R1rBRy{ZZ`**SPc689D_ig${QiM# zLN~dM5$yQ+?r}Z$=KnQ(0NeO~IsgA;JlpO6KFZ_a|2gNsWG@B( zZNc(wS3rW&R;~b>v@hEopjuhw4ye~|?Xbj_CX13^c%zG1Q1*f7l0FAkb}?w&p^w8`Wn5uNkE4GQ~N{FH$RMx&BjHd-u1-{!eNBk4M9u z{C||kSpRZV)!I+1&-WSYKBbNKa?A^zw>kD0hV8cFP~sV~ViH)>fiK@OuIjmt_ z4Y!$B!zT7s-T|70HLT@(w9>~4P$iFJ4&U!(EXC9W|6wz|}<-(m{be1T7xIty8>31caX%Op88^pT=8hS7OUQM!PE zxrUur3I{Mky>dOa?!YGyGc_-!pl>d2ndLYjA?h-{i1Ds4?2?$NeJT2RgHxXG&7G?V zh9QZw9;+=XyVOqyt-PLAP4b39;p@7He0OVAZvUI#sD2bupsZiV)g@I#sn1b*j=9>b}|FNTtz=7kIgb$@W>Ezz;D> zdwC6p!#leR3>gYiL~DZ=#cRSYr295`sKE17I)#|6ri2?SFbK#duAs=sAeKArU85#) z|CGy$Y(ODOB67Dz43}Z+IcU_&mgo}o@{Ht_I3Ze-I74+%7DexaF{6;8#U|o_wjwo3 zSE4l_Ef_=CS0?ubTYpR+!y&Ng+5cm9(D6}wVB6HjiREscNtDiE;F~&C^;QXNQ!O{J zn^(;b@_2-nU-B{AA4bh8N~AHOA4qzWkO&8N4yu0#D(mifz^8%!&n%`^4uCEC|8P9A z_x}c?;qLs`qdb+0yPdl8zNtd1H3lPJsBW11t!=&^vAuBh)l>CrS0*g155~R&p?*#C zZq)`D9qE{x(Cfdx#d4sWZYWtQCrZIvKmxPu14+Y7SS=_lspC$SOSpD0-(gm;dN}?k z3Mfgdk*6rc+5PcyFf~!GVTxfmzduq5s4iL(FUfWcnEUbhZ3L8vU0Ss;s)K+G zLCh^QuMM(2HDK;Tsb9SuWL)iRsEAgqi`^aDTpw-egiLM3p5v5l>ffUQ=1zb8UMph6 zYNIlfiqu8rNAz^m-KKDj7mjGMszta70!~STu|NAHp-~V~D z!ddRxD?>5#*~k*qw%h?0&s>RuE?Bl*YXqU(0px{uD!@(!*rEcYD2Z?YGk;C-T@SyeDWqt5CoU8d{n)ueVum|+u=5&vkO{vr zGDaG_0?0w>3yC5eFW)Ai_^j=Q`*+y$>U@8ltx|1;itY9s#erj5sc%9^G9bK{o|w&X z$ZEa+bi%D51K9`Y=c<`e_QjuQbzZ|{`Roih66D5JIYKP@n*sRFny{&zC4_y33Eo&W!Fo)-Gw zwVVl`!2@JOpUF~BZu6Tt)v+e^B}EZ}8M=^XzIs>Ucke=;&Z<@*wRY?@$ejlHSQ@0E z_}oX0d>ubW5&Dd3q`uH==#d+a?z(|CSx+_Grf&8Um{QE|9j#Ip^HSastOokXTAbWu zyJ*ggs`bCxI+{aK+^KE%P}=}-g^!)&bIUpleJjpOZ@=~yfNp7!H6fBsnlfTdydlNr}!Cg5eJ-rsy?K%O`sH=MB+~LdHuovPlCI zL5hCfpo|*tm~l!{xYV1%v1j;S2HxZ2+4~9cK{%1HD?au!_%ER@4aTqVt&L@2jlU%pY z&ri+oLO6l%Qv5FxQy5*6@N`27 zKOmRd5`fKI5ARekx>Q!<297}B;U(ofLxH})50!?j>F6!-g`M<~0g#WA1 z*awdP7>=eT{eKt#@kkHna611#mv<3Xa{sCm0j1;3RRTa3Lbdt7x+>9kUu?ni)ok_f zefe4A{R)nY|7(XBotxX7$r~UIMlU_IoO3%J{&?QoP#opa=Q8n12Ru1AsFD(9E4E6C zZaYzt52cB(w#X>z0~597^P-V99(I4yvOiDtJ`m^P&rnLi0oVsm)YK4;n;!mn#%8TN zzgVRF)B3;=%SQgdKi+o#c-sLT8i@`N?z3(Qgf{24iFy~#5=xG>3gT9ZtjLDaXcyh> znmARIZ#NxLO1~pfh|-RR$JuSZBnJ#co}A=K>v)TuPEz?ak^eGx#3j!i(Lf8>X8(-_ zcKqjPJl@IwM|n#2pE1Y}U;|nSN2-(oqi9`)z@%4G3(OCea$rtnkBVRv(i8;~avO8e zY-yF@=%Ast3F)H$GZ~Wxs*V$NZEeAtF*{T9b3RS@e{vgq7XROHSoZ%-cJW`2@|5`h zrP}_a;2qy{27J@`0VDy>1n1`e$!)Ne-zy{G^4(eG4Y7u4z)I)reINY{_VX=cP7ePr zGLP{W2hx<|)jr~k;&{p1Z*wpGdR0v{FygvSMqVmkn~j$-*-TuR0B%FC2^TlFzDsy( zb8ykMMryI{j){MfPZR#1&S5J7u$}*x^8b!!JO2MD&u88L5xE$vRDM>XuBOk+YMh_{ zw)A>FMLp^~`=+sKUcHU-&MSI!_QDxhU~A_I#-Q;t$tr8W?>E~2<`SzJ{}*|`9(ezMFf85wIUMfde;?;@@PBc^ z*h2^anHs&y0FZ?ma7sa*;~voxuN1S@%Pje4gIgB&kv3(Qs_s^^z(Cv1GEfbxYaEy@ z{cJo}4z`J|0oPUa|0CG$7xT2>|MGs0`eI<~{_oW0|D)+(xBvSnPl^A_K|U3O{BU9* zztyFNG*HN!$plraEE?1ow}g;iy@CRkWrPBF4^g2&Y?m0W$l<2KLao`_GUGD`ADf-f zDG)Xl7zKo#+-UQ7`G0SPqBUN|Bt`edv4#KlC-(gxgXw6x%m4Z)&sX3QQi{?zWBf^s zH~6qZF_>>~6ykUZ5*XaTCCYkxUjd#eB-q6jP_G8aeSalCvAQWQaoZxKi! zU1{%O9PWJuVzlIE%E5k;q6PklLg5zrUk5$#I*#rDiFr*%5=c-AA{?XMUhnz!`)f*4 zwD%P_6Zu5mon3)ssR?0wy%YxXxu@pA9$|8MUr@D8S!Y%*~E{6)6cOH#sE+g=Zc2p)>! zDf#DK?=}lahz@@be8#)}&%Qgoc=_Vh>zBQCcuyRa>wnOn3`Tu>{rAVi-THrw=PPiw zV#-uRmVch7f7#pH`?EO7^sFN$Lie~g=ncl5zx??S{$=m0uf7658Xx|#zoInBP7V*3 zn65T+CZ!K)xhkDIXuh%mm9f18|e>m*+N8RD{V2|Nq)Ug%2_qEI} z0zwkppcIIUKq3&6xVwh`B&jU^E&j*~)AWw9vjzSLIw20ZzjA@&5TK6<3MdLer`rKI z4sie}Nx}Y)Uk!(|Nv*cvEZd;$kd;3;*z z;5ffOC`Ad8&8$a3(ab?bGyA?~_S-h|*lK0}UNcfOd2-yW$&=%QgZ8ui*wZKVh;Vet zk=Z53dXMz2asL5gkyQ=Hn2Od9r_EYFocag+$kVo?wr!i5Z98(dtsTRLVF)&9#C1Wk zq2T9;8UGnsBLI^Ggal=riAVSb0o7TfhO1*#u{x%n&Z;*aj?S8xoi)`uYcMNy)`Fyg zb#GpZWO_Rv$rBIB^~9Ki&u4v$)HL<@u?@Rv=fRl+8y;qHuD=jK%@H&Cs3bFAc5#P2{Of7zQJku z4NMW^Dp1@>jOQDs`Z4}H-z+({{!u+qsIc{q`Ue(IPtls(BJdMQe-dUiQARCHmm86i znYC-$aPm$oCa+IpYp<}G5q>6&G+eXE!DWbJ>31u z=Fd0lgnOqGNQ0Fe^)7=-G6X`L!Fh!8Zpv0LMIpe6?1p;$rRau{uN(TFZs@n`hNIqK zX7cR5*$*RYoqu!n;`FcQ7cYVElYsBps^|I&if_BOFwFqj&JuQuOUvKxg#495b+&CM{)`Cct%|8oX%FIBfnm`;QIS;0dOdM9;+aFWk zJeang2UBYvOwD;PwEN>U%h=L>^EUwVEmH2<5se)+9Q=`g@Tb1PpSB+SiEbYWNP1%j zB|RYw0o+g$;rNENnk0<-Q=)R7h&B%!IkH%JZ<{AhD@J^1-R6CM~F>Y3$cmC*d~S$>$ekP zN7F`1FDqZsW)Jh4v}Rrti+N29=GD&585~U;X}GL>U5CfuXwq=qOsdw6hd)kQ^T)C7 z@)D5r{%pLXBicM}IETi^2Tn#DbLom<1aM3!UffChMRaU4!E-e63!bslEhj#-?pRas zj5W{PP}9bnb?m4iLmK%R(%2_>#;pa<*b+QrP4Eo5qe0^~%MTPTh2T9JHe9Gfk0~mM z^|imP5E@%TXsih#z5QyA3;*#?7w^uWpP#;ecYb~T&8rvhpTBr_e)i(}1axi*4m;8# z6%+9C@-4s_fLVr@%t+%sGHAHe27Y!u_KB!*YY{cJMATRlQG=GdO@rA{vsExVs#*me z5jActqQ;hp8fzkI&>h-#xU{pt8fO&Vpp4nxIL;`HB5rVOl4S}*B(|G!LnHIH$0H)f ztwqGh5)orfL>TSSIJY92H9$2cOHhCpIN&Wg+t!egk0p;&XReXC(R7p*~D+)j(lu*)S3;CEH*qc*zn-EU7N=Z z+dQsnvxm`+S~J>_#b`$cqix&fVKd<}8y?#`D_o5O3nYE-8KM-&OD#ftK~nV=Y!dMH z`Wp};ez?fnc^-~EYR$1n7RMeL9J}2v>R>i(vci3^(YgA-$<<%J zJ?GqR%T7TwTX zbfrE_Qj(xFx?>Z5lK}LQrmzdsWgeU>8{Kf?^!*cO=vyqq){A9mEta9VScVn@2uUC| zQ0WQ*)+lIcCG;F<+2Bi+^ zyE{Z%NpIf#&r@*y=K1*r?}GEoZ{ZrViDArxhHI+t-%fDvKZ*}6o88wViv%RQ*-ldW z&Zr&np*1O{hT7KxcLr^pf77F8j+^O`-*MCTDYO07%52|KX8VRR+qTWKS+h3JW)*Gr zD6{?6%52|KX8VRRTf5B;-vWPiAp4*h`<>4G?6>bzZu_m3+rA~Y`-XDcKX&Z$Mr6sY zE^!qbYvQzF6Q@;8^oZ4dYq8q5#A@FVtNnIPgXy?oo5xjc_DI!!YpL3|gh=0zsx94x z(`NBItb9eAJrbmK?8b3#IJ4R;B?uEA-QlrIa4G@GR0Q}Gq$no0tRFaZisun}3NQ~q zS2t0Lo)|V{Y(p<&V`Mvff_-S+6NW5hko2BtXMjux4F%Z1E5I0mzBacM+Q+@&#A@?Y zZ*$94-fuY0{aNjuoJqqS(20Kslr`ShpDh)F06}jCtX&AmU@rUm);(h(mQd2nY z4f|Gq4D|kJrzuRDoyuV4E86VV6xfHhZ5|w3ZPqn~K|9a=WYA0_oD94gAtTV!=9>F+ zt~MW;Z5|vu+bk!tQjB;&W{4L&Op}6thVuYy(&$eaU-jy+8jkL>jQHa+mEbc5C^-M~`m2D(bux7jpJ@4$w~*+Gz@M5I^A zwcBM%HVGfV5G5!MQ5@U>nnE0V8|2g12CenAfu*kvrp^ZW2ak=~_^8>U8y{6II-e3% zQ}cB-(o&)Zx)S9NFR~grYv#5d&%AEyWA`a;@!?)e(Vm{;Rt;^Y9*%vdn>Yo!s${&^ z2rC~*;-TpJO-1u!0qb8RTjHYsw$hbaPPPK?{VuR#zY7;h4h za|!c>E0PEWn-tSKkT3%kf;pz@Y=&qrKZ-mdmguWqYb|#6H*DW3kSi``r z@%Xq3STntHJRVg5YiPiahqEeR4JjKMl*zF&_&1-0Axbiyn1oHc71hkZGw+C<8FU@eT5te?F&Gd!Lm_??|WD>#;EB z=IE$dpxx-m8)$dz*|R!syJdB3i|7##z%mX|%5T|M z=kG-8n`zpkDo3nW>1f+}%Of?=Tkmzw*u&c_+F|5BJbCQdsyc4FQ*~qyZ{OKKwNG`v zP9nr(Ubr(R!|No%3motidh*=tH<-q7jYZQN?l_P9JI+U*u{~-#wnygJ9+_i1C~@74 z$TQ^J<`LP5al8aL&a-W+jX7Tn+=F-2cJQpDzDMTZl@9>s)CZf4l6A3<7{NJ;xR_As z&wFzC8ZxGtmofQH{kA^zYn}O>RS%yEMd#C2k4G=Ams-I%jO2hyk;40+;i<8a|J0c8 z1aRvEz*93iXy%y!IeXIW@$v?=8M`L$>d>zYVN1vLu)u*PWJ~cJ< zDSK+*SZYm4O6JU_i{Ksa0gBg%Y{Z8A2Lx|W3bMP5qO~V}cj{4wrfrp>si_Q24Q0r` zJ!DCrNki!~@k*bmM|+yK)t;uN_B1uLr-Ao`p4Gr{Gj(<}_Nuc}kM=Zet36o<^rwdQ zm&EpiTkO+g$Mq`3mKwn?^bNz-156!g9zevp6Oqtb-4}x zBw0?w^Y|nGd3@h-{MM)OC#DfTH8`=>4;s5w_KMoxir}5kY?*jW>PcIZdSaT?6T_r- z9HZx6U$9BQ8H1YVy&Q}hnvx@KO8Vw`Llb=@O!S;mS`u;YzI5*&P1?rjPD~*@=}q;% zbjC=FZTZtA5$$ex6ky~(3NZ1A(n(uUY9*PN7^2i4mTC=bzu_$DSIm-Ovow3GyzRRc zkr90FfnQ<(L|JhfRi5d?@zU4DZYke7sfCr(Vq!>nZ8tU7;xoe8r%Ydj)^n7CB5gKE z385f?S@waXp|1^YLEbt^g_WaXVhHlOTW-TyGfibU^J*%-loYKqQdkKoCWat)6oy9?Ou;SmTc@h9GF40rq3`Gn zeo`(BF~uZ?5r7efS%!q%=Prai>CnpP8_^HVgu?L1>$mmgm}s41Vr=(A-`Njp<>Hv8 zB-{kjZ-Or0or&RRzwW-fG&@G`2$9ZDbVoz(=RY9sJ5SyEIQ7ViWg2hkkJB(z!!O+q zteqkw<|_ijZ(s!D0HxrR^^0tNGZk>?_mqx&flZ^)S7h%7lT=|^){GQ#4rsSZWIi}MuE#iFGedwRHmmTF~}&S zXt9Z+3{mfBxE20U%WFb-&4D!MdC853xHB)Wh5_F63}A>T@kV%n-0HJQ$duJ|@e2A231#bPUI z&~O`N;NM0W`J$*sEu*Md&10*3`g-@wtg-&THyH&%f2Tb>#7cj@o)ct#n$Wo~|(ZkMH=C;td*l{0DxIzc1-l>zrFw z%B@jPSK0jMb}YHs(0@Mghhq6MY_(3XW#!iz^>kH@pT>8S;ZuuRYekk)G^$62PakNn z4wz&N>yhD=h$jTcu zGzY~`hI>%jr|YqMqhE&%_w^-5ZLcpm>e)$y%--nEo5aD>KBrxnhYN+yU!7%#wQol19qFzU*}kZxG;7 z`?j+pLp0-uJH;7o@*(C&H?`RPr#wnZ55-LsTj>H#mJMMl-Kf*(aHnHDvnJuCRN=gc@K2~d{FJlgW2wopHVaNO)R@?+m+q*5l;Ls1j1MhEL$S_Rr%RnOyNf?N3T(|-?1;) zZ{|_8XKht&R?$)%485To;KI2aPXaF-*sIN4yUv1j^vmzguD}|nsT|r#qr)@DlOxZy zzTqZ`aKNUH;zWUrA>>E#ERD|BeLl6My;fp&pP`fV?MYhPR4S@iT}L)4Q$3CQL3sTu zw1DEU-Pdw!Tc*d1;2o3xlqi9jCmRyWEMtm6hC>vvMu_of6drQyyU1$hv2kW?ZJe2D zNPvhb?iINHTB)7Gi`mN&XnITp)LNYcBPKhExCvy zDP?WXj}PA*WnDq}Q@n||74@ZCK4Oz*fR^CsP(GZ{g*t-v+r$811ExI>63LB&^bt2-0F^7n#pO$34ruWnlz6-Kv=#3g|dqfuO3|NQEIdW?61D{-L|W0u+8-d{I!l*Wjn>;(MumuCZh@pHHT z6EFH)lOB6}pTHGLNQNm%@4zR(gY`avcPM4n0Qj``sjEGojQ`kQ9O8L?9FDhxchlb9 z8`c>(0}yf-$3|bUcn+SQU%fbc^Xh*%#%pmNc5kl>F8LWf5Ufye!wrESf8OBWrpuNH z1cvkIcAxZ|^(u0o|hXDfoco=~+=0Mv>(I8OSJ%LzspFtH9I)=dob>`AuI8 z0$y`_Ouzg~g+`0%32@9gg4ladOp&upKBZX;xDS7RSI8w+ffGYX9$B2h7!_F(xTlmX zaUi6E>X}dAuZVH?H+Ko+?yC3LU&4#7^ZGKA?;0{-?-O|QH}DB$G-VwB6Zom~_RU%6 zC-4beBMS1XO~D(yM*ku)Vvse{wYd8fe3GtO2IQAtIRt)7>K%abozvRQzzU`O{2w!R z*~jz_V2ajR54?cE%55TNE3%35tJX5^E4o2y8IDFws*`z20n>a+Nm_VGM0%j%-~)HB^!U|*pFo5&K7oGhbh~gv zSDmMwn8c{_4>cpTj%3*Q8o@CFFkSNHnf2JD&2Wf{yEwbuO@`8L2r2A_IOUyH9Ji$) zA|jueSc(F?(a8#s@H%FmCJ5(a2tI*1A#5;zTEHknjPe)KFS&{1@(>nN8^`i$!O)B1 z*0s)fa)3L4;#-`Om~*LHm|})AlQ$3+==hrRf`26jARhyaXL)1qRz?glI|^{wyMiQptc4ltEp ztQQDgVhYkiZ=T=rWC}7d7-X`C`;xD(zhkS$kGUs~{0r`^F;vb?uiys`K|!kt=^L1# z>DU2JeCVQ>)eLRWJ@CT{#b8e8N*g#RZmoUF`#F^aF+xOgv?N6VVzvbGur8CdYq6(W zChf&Xoblx%cYWo+vp04Ryit}CKpzvn&4;;#HAiA0#x&gV@_h|-ys$i}?95Y=q ztFabg3}j)=S8nrF9~yal-GPQF@;a70RbX=@A4qzG+cbI^+l98x(GG}B*u7J)7lcrBQYE!#&(mA|M;zL!pQ+#5^aOb4MU~!XyOCnXD zijO%MKI1Q?%?)L8T>LL2;#X9+iJ8TB&V@#zOn5d0-d$ew{LSg*+wi8~Hi&0L{IJ5o zicc~%w^&VO;?AYqH4RuFF6j@@@bTWzbOkY4jPfuHnF=f>z#J{uoS-Q$Nr}KNRu-hI z9-o|rJK9=D;DLm7W4M zA|%yft~t`h0>_x%Iaa}Qw7@a5&Qy_r#2LR3je>N;ojE`Ln4-l$ij9Mtd=2(6;T-xf zAaQ^anjL1r3Wb{p$IC9d6>hadX3j3-ZbHItOhR<{mBQ79aoB}1#a;DAGU+J6F*@f{ z(KEY5k;=(c0O=*0D7qvO4lLXFd~reOr7-nMeSRuXh!w#gfJB0@pr`t-mj->g3R2cX z`tAy^R*lLAPvO#pd&_er4gXKJg2T!5WO$6i(fFtj`v{Fkiy2%@j|K}APQvjb7!D?r z!4%FHgJ3*BFhtYi(b0T34UdB3U>M9MN26+LICe&nOUHbDi_(;dF>buE63Wh023)Z! zIFJn`SpXx^l6+wQtfuf^7^@3I0Ks=8#s6Y;BW6N@Q&~~MDa_Q$Nus-f{1e3j)^4)s z=B<0i*k~He8Vz_2#4cpzIW+DKdwn&9j)rI$9`%Q4ay%bSk0;~)@pLjghOmExjz)7d z4~PB!IE2&bc!AI{oKJ(}!2pdH6ZYr$s0LMP9w|$taw^F}``N*k2~|WAdZxgc(n5>O z`#8DRjUqYViU*a5tvbzJ&~74LuZZwGA^+1kY!6h?Q4Cl*xT1 zK5S_@O-U4?bW2wYs@Y8_dxY+PS#AE?NlwoFNCM3+t zm2Yu|N&Fqo7^i)O*W5)f0gbq8T)@BP2ZTgvuoA^VB+6Sb36D>C%Y!L<2}~&#vP9#r zF^*J6XpIC{dR3rRt-_FP(k1diFM87gzJ?!xtXTzo6T@4GBR-efpfKv2h?o{h(elm* z*POawlPpshB9K@6mZac$jyrqGbZ;CgV}xnGSLy}0f@73+KG|t5eA*nH|IDYO$ID-kC z;|NoXtVQ2}Vc0qO@gGk+VM-GA7iR-!#V$3EYGCu#G+KIr4wGysGb)wE`10*JTh?Y2 z1S3a8)SArU$A1{|SW7s}%ejQ|TS=E3W*F;ig&{}sdMK>YF7m6n$tLDIKyR) zrmOEnNmnf<)C46$tVu)u6^?H*zp`;C6%BD{T%;|N?hL;pxwvtvky$Hib>%(}j+ckh z0nvqtI26T(x+@DFekJ_<%nqh2q+TD$HoDwV-$NX`>F$9yCH3r@A8k{-;sl%?fH!|T z0dL=&fo~4L<>~eH56@4)pMLoT^seO913Vt{*I)kx&WZy3LGkUkDOt;30Q7olEcpA9 zcvm0aB$1;X>MIWzlJ(tXK2ns%FglMZN*6FdW&84NhGaw(mS>V7r93o;Z!qvk3bF37 z0@71aoNR4>fGIiwJQQkvmxyHNH%D1M2^1YEJaw73+!SRWaKU(#Dq3u!Fs3=bQwB;8 zT;|bYilqq>8NXuqmJyl5sJGZe5n~Fu;Zq?dQA}})_z4S!2gillAfe$*GT-uI(TmkV z2xCB05!C{5Gj6{9DoN*%*;3{i(>>#-f0x?4yblh=G{xfWA)>({E17{VSi>Y?WSw8K z(kaShRra0p*!!(X;Dpu4l!7`%DW+9x?LBz z%3)#D)XU@*ZRdkgL-_^xuWNNfprJnTPh4{n-k!V^6g|KuDT3J@NN{kY%<~05c&zq+ znYsQH;B`V$3S;V7nJOYB$JW1qHIzxh^^+cN#Y zH-VV)FlXb(WB)@Jk_{zHAiJji>4uVsebYKdaAy^N!mrjMDSaxUg1B#<70%c!6*mfJ zdTj>*LiT-&Kcet^9EK5M+&y!c#<^NRl%5XboIis#t1GLzQ8e;zgck-Y zh~w@YW;hVRgbPr#7sVkDq%8L|=h{E^|H1z-SqEQ|UGx#IlL+-962OQv62@eeaIsxra+Pv* z!L<-_bbNPS{ox9dy5!rI4+6fty?V(-vS5pRmWNESjtK=!7^+h@e|ZK5y}`KKuY*X% zmH8x&(j3IhS4*3h&J#UIZiq9nuiOADKbl(`D=%FetNc+U5wB3T^s*wJO$E^BNOC46 z&q`&wVZ{$g9hYhF`r;f6T9&QLo7ZkOqm)<$^>@rSE%*;BSO*?))zyVT@_*^C4E@EeAu4(*6@6Z&t{Lz|}h$;Yv}u#<7^7 zBn?rz{S1k`EU>a!@_0y5M1_Z>oA@ceT0vxi$V)us$4}!W)0i+DZmRI`DJL*Tc!7eu zz>byr^{0|vT$EIU%jTiAZ>KIJ^=R7avv#pcdEZtR>TOb&8zL}0n|v+7Sl9`|H^X&A zwkRc=eS7ulnibt-NDJ6x4S4=dPsdof=bT@&>fdnI!L-|LR!H3DngPGTHnXg^1zQP2 zd2e~p@6CE6wYfYU&Bmkopbvw|bT~g+Oh<4Yj=}{Tj;F)pqhLCn9R&+CKSs03CN)ZCUv9U<4=A`7jt9PvCey4$vf+&KC22Fzg>MMo0b8bTS;Ec{mzO!^IHJ!s*d` zJei!+P1~77rvi{STjr~KUtw+mJupGYSqDKo7QstcIE@!6Dr2{ z#Ij&IR|tkbq?n@DaUdL@r$x!!C10E%6(<6E!XOa_1Cc9~n`T0jS(6au){l(h7u|J7 zHfesLk~|Hb{;y`sS=2r(sOrj;v1%)<%kXCh-oB^~hGM3t84z{(?kq3n2HAp<>!Zo_ zbsuPX$nY$JcI@foNMEjklN`p^Eb0t?i@4ck4^16=XO5 zz%4Q3EPy=zBK;PoZP7C}tA9HDGi&2}vUpEd=)I`;m!F>IyCRf;KXv~kqYE+}`g}vp ziJ_e^^p3#;yCl@A_Fzj940&X`V|pvLj2C*NO6NKNgV8OFJO`Ex|I3sE;~*#=l4aTB zOhpfgC4$`zpm8<2f89pjHpFY{iusMvD3nP9mG5!k1)Ym<(JpwO>X%7UVd$1!Xi{R) znuz>_Bw$1kgMim!a#8cmEQBjw;-R+&>vI^Af@qipK^uipIX5ET^1$>?(l!F<9_1=h zQG@#C&z5xq@?ILX+$j8yLc#)j-=Z)jF1k_&`92mSmMuGAn5BS?AR@q(?bgeOv_=S} zDHHIVH4>J6tm2KUoU6)HITSB>S6$|b(cALRpJr_oZ`?K_>p0zB)1)m8VeQ=aw4KA8 z^7UTaWmn6&#<9A5sM|+;FCRxf;4&z8=CzJxZlwCxnLW))iH0h#X6vme+gandeC{+> z(YzgHn~M-SHSO(};JGJPP@0bHWV&!So&k8BQ_4Ro^zc}~-DbrRKef=4!| z=me8PjbZE0i65?%v_@TCT1%>CMRhB=Gbw@ykD3xS6GqaRk)Nr??+0#!VP|S4a}s`V z?kf5mimWn_sJfDs*m)hS{BtP&f@2_;Pb;dF;aLVm1-sWhE)0QR!|*V~dG=9a@G1@# ztsu`cWHOeVXlIbIpt&}U(~{dBKEil!T#Ef}eIi@y(o!f8R@;gN^2&PK0o?xH zdfU-Yzx=whF_&xw-R3jjjwpYDW7AHJ>JQPPVB-N=HsnF4=N-P!d|+cMoPbTg`VL74 ziYWt*Vvl;St zI`$cQd;9LDv&1k*!o|{-rDT0>+RdQvq;XV{T;UY)x8zlI-C;$RduxY=L}&A=S(S?*af=k+>w=D1*BUraZ0?n3W+`4+tSyE7_uD`BJj3 z5Ai>`&tbMA>o^ifZnE8~cvtnH>Zn)LjUei)?ZgdEB+}VeF?OZ6uYd3=L0@ynCt2-o z^%eGel7(N%h?l~?)~tiq^-VP0ra?VlCmzXUm(ri4P|Sbx+|+~LH0fKJ^10Ckwkts z6L3MfJl4JFKCFa8N;;(#GhKls#X%ipBWyLlm;+S#<;(ZVx3)RaCXW$`w^9r<7Yz$^ z4J0CZ8+`3{h#lu{XRxYvwcF+L2yeUm)%|R% zSXDSc7tpnw;mGj@csUx|zUvO1X@B5O`~F~HyVF76p7j0E=wd+ZfkTMzIj-yUo&ErO zOQ&!9wp#{hD@moj>=GKm$Zm>rx)Qfnsw{G~6Ga|1oANaoPzWUAsC3tq?)xI7rA{pl zxCTox`vj}A82RAxsTX$R_keClNEqwz6Cs7a06aX4J3 zI$d?UUvZR$>4l0TzOX7%>GMU|3brn?$F?e^tfD#t=2h(W0=kO;i$W!;=<{Bm8+=#4G?^JPRI~S+B`Ay)tPl?FS&ik6>7OygN zV4=CX%A-!WH4+akMBiKjc*sH~OcT^sQQ$E}OMxZG>3WB1RXui{ORT%A8E-$PT}z<( zpcr7=hfyl6xB8~O)Hhmz>ssiRc$gldoSM>UwNsNVsb|jcApOj1THgpStD!mD6RT*k z%}%DHyJRb?@+?{^C)c_rn#;#~G*nVKt$s?PCGAwq4$@6ls6Yjk7u8F}^u$_ew$#aV zvPiU|5+~P3fV6Mke`=uqhTW%0=*Yci5!b)8^DJ<9%)V2;xQ}6(NqNWF?+$ZBU}x+Q zd*ZpC=XfL6o-TcVI-I(Lu}g;jaC|XZP6@G{LEoQvli_IKOeZ5B<9>f|G3w)r(2gB} z)OIsj;#$2`RvjeqZEmALL=qd{-_y`j=ro*G*Ug{pKdKkcwIv31Lx|xFuLeKqzI_JuR$o}A_;4t;Mhg)B{rO}v8E6)Z@_`_m5GFIvW;bc zlw4Wc!Y>1ED*?Iz9BVd|Q3*GM!|gKiwt~6pMdMmuCJyjvAlFa@wz<=*v-=O%(r|Wv z^KSk(>#|?ynVH03xMw6mAFk0`{=zvT;ij{}2~y}f!M4Dp+TI6VA+v;TXh0sw_sqos zsJXPIwJj3>l&en}NwjUn>U~eYrtX1nqbU7B8@*Lh6tEBe9DyBC{Pq}IUf}A0zC&#{mvqlE8xSvnr>$KnC4E6{J#Q$#QxS5zi}e-dMLf z5Uo4aFrmOrZ=~@^#3P`)2kxjA?MMnyhjt`1u@>s6z6wzqxgfkTdGN!z0A}MlO>PB?0JmWQwF`43DOby`up zFRh*cjhTGUJXq%O$PvQ|iK>pk2-`Di6#WAS4yy%O}^RoLtY_g}JtkG`)5{=Ne+XQ|G%zi$uj?u=xJbd0F(RuO}^m>}y>k z`Nrw|wiPUDvZvjZJUolE#p$!FlJYX}h42*ezQky6BP@terY0@o zNh4lr0z+%GOGCg%j={z~I*?60aDgv1<+XxV%iGd$8WLHxBM&86C?H2Ar9$c(K>@nC z`;cIl%t%7Pbs`EqGZ%@y&^Mk<3%!nZHXe3xOnZE>4U!RKGk;6WTM>^`3?j6ogBkSU8tvNr33e)ht}QQzlsA( zrg?dG2t$J16(SymY$=(@<)Wg)`9vb55q@g`S#YOe7b{TgYcLOXvc6oJX;~IV;u0Eq zbVI!i2mGk=NkNtalq5^B&Uvr1Ha1>+{DUUsN678iaPLthb=<{A&Zzq4V~58hu0Hge zdwEvysqnYy+TFh0ckHP%)c96oOosl%b|!<##e{gH!FakH`4fLU@+ZU}`p$AV9xnU+ z{&HepjEOyUme^hn$%Q}aPp8wpl8IZ8*1I4;xAb9^GIT4_zj&wv%k5o~kt?V#nk5nM z$kv;0pV#%tU8#D7WYRrlH0`dvr}D6E+a3*v@V{-_yZ_t6(fExs95}54b`!`Dc zVQyr3R8em|NM&qo0PMYcciXtpINZPWDe%bYFYz9ex=Xg6rf0#;)D*!Ipd2;H``O=vE5VyY`L@}udD@Ld0)xR|Fc=I5GcocpZ5_>F%-j`R1b=#j zr`>M1hyA|zx7}{%|Lyeq?LT$;y-vS39QKE!KeapEUZ?*j(0&YL@=rn;jQ`ZWcU$?+ z{Z1YjhJ-H09c$Lk23>xNjz&^938$nacB}nBxYmKZp~qWk zI3R=zGzK17EJ)Y@AVv|Pn2~rj26M(DI&QTBJc(hva#VZSrW*h(bqk%gJ9PUEA5kyH z5fks;M<@i8B(aC~0Q8qI^pFp3(8^iDAVGjK5+k=UCmapkVy<^S@n}o_ZW;VnEivaB z*yGJq)WnNfYfe~z!yAX(NEi;UL1k?>3TKTQw7Mm+FUTQbIvhcPU&9)Kn`D9vHDCVq zb;s=t-L}(y*;qgvGKfPI3m|9#aWDoroRYs4s3i%087D|c3)%o6iG!*hG-Pp!mL#KS zLYJOlHcuw5M;2B^O)C~7)LKBwP+UpAQcx4jLb$;CU&klj4T>GR#<-;@h)Ju#RuLKl z7)1g0#3X1Kp6I!4cYo0Mt>@=sKeqf2h+_owZ4zccMk zCd1C~VAAO!)R>_V#gHL?44U0`x9hYIobK?lvp?<}jJsWTf4@H%4o1WM|7rf=r|-QV zIse6yK_5#2TtELi{a(A1pZ|kF_j&$5#e)}chQ_&>&O9&X>!YCbH^bvx6)P<-I_ecE+JQ$4j zd&nE?_u;gAu-}30eXrN)4LZ~5^q|r3NXTLm1SsY>?f}OD7l;8iMxp&E8f?`0Xz(*9v z$OjSesU#TJ8t52w)}WR|Ld6A?agjA!iK0J{7#thC=pI-KwB;-mSf3*=Mvx)!%12X} z1Z)?;&rU0-{MglOV)jIUKAp&DD)y z%&^eRq{Dr6BSI~T+@oR$rdJURq@8A8{1poMNKBGem3i9RzG^Y>;$Onw@$sQt)frR34 z1|mo)-;|9(jtr*vV~{pvgZ+e=;(Go}u|0ADUZUrL+iu`^KZ_sVygxiXefJ|c=LiB! zK|uJVmuk!Ji3CRUoq&?CV1uJ_;vHeD<8*v ziwv4C+RfdxHQv@0*EACPx^3PzU!;{=6-#iFkKvau83-@_pIRUcz8hc&LcFj(Rxd42 zMTf$Iwlx`wQ*~=9a2+j1Ld)`EYjTL1F%XYdNRALTY$d_7Yi!55%( zY|sn|o8xfS1iRqt*O!e33YQ$BoOS0XXKzlA4lhsNzq@+-{`h1JWX~D^9KLz;{+Fwh zw`Z4sH)3K8nkz(`raGUkW6=Ek*`PsDyu==I7Z8Uomp@eg$zVJ~?2HSfuU{gp>H#W-YB(EKxXEaEo7D}X~UNPGmE%yXro z$>or#J57Rs|J4L8*i|%=E#IKk7&Nm~Z#EhkLXSa{AJE8KVE5D+)Xk;aflca_H1$9z#zS$EnOEm z5%C?qAr)qR>%E>pju9vhWiVz**Lq_(=}g=RwMzpn9liI8X*r)SNvTJ$ZcqV zpBdO*LK#`)L0`_1s0^kU1wK%eqyj;;$DWc{E?BCQ8PKi*bt>_pC_o-VKDf4Mj!EgVHBTt1RL&99 z23o-n&lCIJL)eH=Ofh9Blnbb!pj?k-U0@7Ta(UY@%hQTgi=;HjN?N9a_RAc_h)-V8 zh#V`i0`px0|HYSZV3s>g$76|y6b7xoa3$l4Ot07+UCHWyz1~wrDPm0QKnQs0yadt= zOYN2>2?IW+9AW$YTaJ-iT;OFlo0eo!atBXssB}(}zy}i~Ya?IGYKMfuN&?l^Lv1fK z@Qyhz$=M*u1wJZ}oVz)}RM{HJgGWLSMU1v6BQczzmc)+h0vv|?bz$+I9QL;`O8HF< z`di|oF=&ql1M?+SAZzJ>U%x6IdD&=iWef(q5yL8y48QdO%J2M<=YLGAt}Qhf4|)=~ z>HNPv$oqfw2fe}b`QKAKjq=GD5a^@Wg+U-E;`227gFbTpyK@vQE{QpUw9dHI2Lvbi{BX#I|J4YdyBslQpk(PG@XNbCu9dOB&S>+E(0iB~D0JDHh zzydOFj>Fj=h*1C;ULp`dHn-lx&~NO35Y2?f4_-wvn&MB$2e+8b!GG<#fNM8^grX)# z2}CFc0S=MdaE~vpE*ObXV+R}w5d}UTT>u})wBgP$Yl;6#^c(Kv-*HR)SHGCgTKqry zCtZfE6wm~EH%SDhI6$=Vol9?{#&_-n-ZZ{**&=Fu_y09^z(*Kkl2CAZd_o&;6qA1< zk2PHEBiNGVV)D<1yQCiR5r_T$mv<-U7Xql*M*M7at%m&6*a3XfIb7`mX8mn^=gtUQ zL_uQ*h%ZwT_$Y1&?X0l_ut!4SIVv1LA7K2I|KCrC?|wXa^ZrM7;XeS-+_QfE_j~P5 zKR^Gw?cVeJe~M=Z9L-@kLjjpJ8jZ%z4)|5>&V>JKKiw>>b=dXDB7!k$Syg+k>)McZ z!7JmeH`wJZ@uvB7Y&hUBVZ=$KSB3xy&QA`H-=2V9=?#v6hyT&w`&3ne&l^=tsw-S{ zErqvX2fX@qr?-F5tBE+KG(oh*YwYeeN+?hlPzeRPSqk(XkOI=L8Awma0E8rT7Vw`W zmc8HaY}@<&PI>RUckg{C+xxEF`~IVif4i&~b;+T7!IBAru{Xy{Oqp~Z|0gA(({|f# zx1a4-$L?3}j{SPb!5_4@9sEIicefUK2X3cZM&G(E7P(|}kfmnZre^n%xTK;Rql3G5 zW02{_=-?r`@m%b8R4hhQ=rIz53wg*$fw(#ae*AD+d+Lr3ww=18gWS|zFB-a|ZAC+O zR9`fxrMFji%`lDhx?6N&G};#aXw)rT+#YMbcb@0_@3>gaiTn*rgl}J3Jk><5i|FQw zJbIqU-+Zy(!&3Y0Gk5!$xu3cAnQQ-3i#@aB1F&P~;F%qt`Rtj`o*C$wfu1?zkvU`d zV4N|uIb-yD;*19w@^5}f_P>cC`D4&>_}ibz{c(x($LM|GDE^7NHF(I=>8#hqXt1`U zF1J`2O{vUz46l%cn+8;@1Bokh=f+UXQ*iks2fmz3{rEgHKA+iV`TK7kvF6Sxx6-Q7cH znDx*Z*&aIWyDgpVt@m8*c4@bUcR#@&?q|9+v`_HccUVeBqHDw2I*RVva5S{Kwjkk* z_!FngQQER^c3rOSWMJ97yOWd|4!0e&;jmrNvuza~yKXPnvsA&^cY1d{9oRg)LrH{Q zUDOQ`dV|^yG=oxNZL2h`BUXPcv9`hxEkrtesyMVocI1q0pY(df%=cDC+jXH7S^X18qhUa_0~dv>#@y1BLd>1g>=*3WHK zom}-!v7cSLpLbdq2g7aswg*GoZ`%v7cQYpmMNY?UyR{iZ_c33etEvT9^Yz;$J?&UMEuIu?;#~EC z!5Ni3u00y2$DMU!yRGV)tA9|^;kMo3f&qNf(DvO zzxFz&2d6(AR1ePn{kl6Uc6Z^h%_5=RJ+Y+WR^ohmrFrHCq6VqX@?9jtRzm){;Z@Xvf_ea$P-u5^! zSAAF{@W>|c);eHcd$;zxb;sWHv%6p2&utaRT=hY*pTj!+T)Q0iyW1|u{ccBT`!R|F z=ppd01W_4^I^reeRabM_Q#RAyR$lhoYvkp|`3<9}l8*f%9aAlJv_^d+3j_ij-pDR> z4>nRxV4*wIJ?PZjCG{=KP#*XDbi72>>DwKDtP6{MWlHKEY@7i(iVe3gBy|t!aYYJ! zjm+PuRc=Y=-dZ|8dG|I>#&z8*(IdNd_qJ9e`^vD?-Ru~W?c!+7qEc^iR&=pUfwa3= zShK%R7LizzC2-y|oxno{4-#SNO~@t?qbZ6}=phRHM8tZUCo=?a=*0+91jy9NRZxEp zY&KG4DL7PWcnJYFs-#r}Y*%cn+BO9X=5nElq%}B2(rie8#Sn*k`Yf*tCNY9HIGh2F zgdnZ@M2QLsg`pe_=rI)2l0LR;?WxvwGB*?2*&WrWWS^m8@}DE}IlUQ_Lh0s0J7}jH~bPW6J$FO4&EC0#rT3dJR z2LzeuneW?}a@^XRkLxnHwZ&oGZyk%~`FZ+B#($Di;ZcG=ZI1so>~^}j_)neTp#2>G z=_#Ham7=v#Gv93^O#ll#7=j7knNbFV0Qmq?Fd=LXz6(jbfWdd*C%&;&rAf@cAM%xu zgd&gZyTc2q)pM|OOht&>g-}fYnNS8`2w=j<0y6BuAXu4=qi?jGS%Q7U;VC5e#)l+v zreUt=@n+q|4{ShL|EB{K`??&U6@}+m<&cgreQ= zz7tCBg&1&fM0~MG{^g<4^ZvC0*t!J0rjDJW_pbuYbM&tS$HF_6HX3Oxy)n2>(-~ij zqQ_Q3(?;V9I5)Ne@CCes3k1FZl?)ktX?$_4=S$`v{#WBmy{xC;i#FVR0V)pJ7lF-b z%9ea61xHFvKQjRujZ30gSOyFiB?}Wpo_7ci|MmY(uy^B#pz7d9J`L8h>jH)e3}i;{ zKX==FLbOus92h!>QMBty{w2Ib%iDRP295UGfVl!@1GwIX!UL!G%1T*&z8w9z<6&DUYBx2N8_n z0x=X@#jhQQBF5MA*P6=NwRO=8MtT*!6sefHSpuJlnqzc{;BE5p3)!W1Gq! z5u$85NlU1hDq54utqMkk5vFrdoJ*TGI249pRqHeqWDJ7U_EIO1pd7ww+y(yB_T>wAHfynu^z8DdUoKh9D+z5Gf?tJVwar%BQo$Mx$8jX( zBF<#7#ZU!3n}op%h^$unRD}0W9E$ju%Uv{`60R{!MOP?;)2Z9g<3K`+eH4R*IvN1K z`Xm&RyprZr;Q`L0^ZlOq}!?FD@)wRPQ0Oxo%XB3UHz`|6Z^29RK}E9==5p*&ja7Vv4s= z1U3(b?qzuoi9^eBy&@{D+bDruroW+RJ{A-H5B*tu2_U?#;41Hp{p(0D<#9xe; zI6yPx7ue7UK2roNh+iV4s<~cLZ$e0bVA=ALW6x?dbzVT;ogZ+3=!!D5s6_c(6$iXL zNGtp%xWgbIw}yx()PsS}2U?E(A+G>T4Uks(ZD^l_hx8o@IV~%3whKK9mIcMIl-)D) ziuf1VQq^jtK>q_3iO5U4#=ossBzcL`W1Z@r!%TRJh$E?LX=Dngt14!Z7!MmY|LK|9YLA{b$e~ zb)M}%Pw~JAtJCl?SausQip)=OM~O8u0_2Azl=tk^L6$M%E3@^SEYKL#Fo&1;5J>J5 z+3ivga0wZVsVhNoQOkEDC}aX^(i#o>ZINU62CZ&M?9*|>0cm3m2V{=i8jd=sZ`>pk zWV-q?^&)uLFs>T00EQM22V>zf^0(Ykwa#d45deTB4pQ`U6=ZRRfs~>Oy~a}GBK!yX zPbJ36=D&4@^&oAmo&TNAa5&88{~PrB&-s6! z6rL{NEKLfpPolXZqzV8pz$jz@^MWG%yLQPL1Lk?Li-|2CR4qr=stXq|$R{L&GcCFP zM(40Q7>+yB{hp6Je>&{+y~(t{kGlQt!9lk(8BW`13fpMEJDB$Sqv^mKblQ{QVB#IL zr^8{p+Z_$}_iJMiB|!ip5@2uD0OHq~_%Q~j(|3fO$;%dvhRkG-WAtMJV}Dz!-{Kg} zc*SbEr?6|1+`y~>%_j6xTybl6JMDu`U(@?wIvAqCaM(us{&e5(`@Q`^w}bpq5B5E; zdoYFF{$x5B?YG;b$#jB-y&h_}JNtdqMU&~otAoQ@5Am0b%xXK zVBhbLy!NEq9~=yOeTb&r$*@lQTTwTP$%6N8TjJ_^)wDH`YjUwJzZq7B!d-Xh8uFrk zdpPPGjJjSAP5kM|_Xfl6WPj*&r~UnderF%Hdj|*mKAiUZaMa!J?4$i|zc)P?_J-4g zQMX3hTTwSejLr#R+frB8tER4jT$8%G{AO6yq8N>Ooq^XL`TUOq*zJ1L{f;*s!Cu#I z?|1s0jyLfq`~I}E-+?{Y?sU7O{ocW()9>{y&StW{0qLkYDeeI>L_aBQmf z_>Q2f$vWzE4)!OVo(BgA!d}1c4JUqg;>f-f?fw2})b00rUU$FKnRwF!ING0# zM*F?}$^K{xH?~}tqKhP87>9Vx)D}e?UZyT}(i&y(q<33Ua*C@-nm_}u(;JSaqyC^f z@gW99SgqbVntG*@c?r8U#T z6dx?kK^cX@lUE=8 z$*;V!{NS6jpbTm3pg5}tx#Igr7+@ceNCrWHF|vG*_ka)4f`k+?K!nSha2TP8^PoCh zN*$HU31D?cpH`-IS{BHbX)8;FH<+?9`1KzWzS_@IvOtO(b^wq*o${^t)5hig7_1py zIsRLKl@;#Wr#m)lcjR5Nn4p-?E+0`GBOgS>r&10H_n$H7tYIMKZ4a~)kSO{CiNUc! zhVJn`VC@_(cJyY7h*-xAAXYW-|*LC&}%esW(|{qJ`>%;TDP*L z(sd~NzH*sRx`$?89}-N5%!detdFN65Q$bSeeAJ4fVIc5SxC|pB%+*# zJO)kiyV+0;>y^Rw-hV}R4IHfl8E=b*DkP?I2@ELWl2z8`pRKBgzAtOw(1;lA#;e`` zDd59DS!rl)V@ElG;b2wLVG|zBYKQZ|k#QKg#0&Iq5~9ZC|BS(h%cDjkg3OzrhJ@ki zN-ZRfj2MWN*O{PmQ1lXS$Pf9|O5F_Ir{1LfM|=qfc-V1!&9(sjoA531wsfPR~SLUUm#R2VJ)_+;@jV zcUTG%CWKj+A0e9~E=iT=gLco_(J#(O%*J3i99jfjzf?xVZ$!jDELjdq7LL+oqp@Q( zR;LB2b!=YkRLwWp6|Fv6<%?Mcs)foiVklnV5K(YDNAiA#W@0&Icvb1|ByPZ6UjAKk zliOfyrCI8Z;3)HPm;w|(vmnL%1wWA(|C>V!z!~vHPy=DOiF3QCzxbF6SbuHIO_ej^ zrxp18SwI}hb)YaY6hB%k$_);EF|~x7nJQwp$)O1Xiz8xD>SrAK)3kipD4{t(T)MGF$IDq519cqDZ!K z;BAV4NWu+5T&~HN5-?zVBk#2mIk%RsFL0mx8n; zr-*Ip`+CvN0TxvXyE_Bta*i_7FOL=@e2Zw&F(gcA10pz^9C1EGaf0@M3}C{4r#JG` ztA=_joCd<;K&8}fHnU6w!BLPTXI7xuE0AgbcQPANM=#MtlDFX>|DZuX^Fg-*U!_s+Yo!rEc?-G=Q`&A7Bx&LUdldQx=@swG;~0R_p^+a?r;y z@>s9}kTK}ZmG;S(6SbKWp8r$miLq6eMkffsTNtA;5Z5&(s|ZqxD7e|Dnx!b;0g5XF zry2mY3{QNUV?K;Q6NR+bRQ4wv!Npkpt&Dw5f9^%iin^1yy{;tV6fSX0 zLZPmky{ii@)jFK+FLuDiDrE4Jw#<$jJK%5^=uP?#_Gg_Uasd=v#fBD^6z{oK>H}Tw{)mVfYQm>B-pvA84 zhnOrZppp!QwsdRqbFQUgTjFtDPLq>ev%9?fpG?b|EI+I%QBEhMM+t>Xfxq6x8e&=4 zSCPq4ohcNx`8>B0$2FhGhAeyQ-~Vxq={JBFr2hdMuc-wbSx#f(k3N; za_AGp8F`Izo6$+3#}XKbyDnTHO%MnO^o5dU^jrZOQgu`ESYM0T0Y@;@`)a_VKr5Vj z+2=s*6;9e6w z952SgSfh9B(zGZ~Jy#h!kbx@3v0;81u<-Wg7RJ8g!*GUTl29i_qzXFv#5a4G3E3$W za4KW5G^zG+u)0zA#Mjj60CbmwM8 zOJ%jVdhRw1qGB-Y>e>(+DWlc#y9-Tbx@Qiy^;RhK38PBLihwmSq9j-%5Ym8#s4I{v(Z1kuHfYCMpaY2|W}s+S2tLrA^{+)>6S#9P35~byUID4)i=kIompHj`Zu@ zh7?y9`m$emL$h3{4b^8c;q}Gs7I1nDUY&h7J>KO#bC!_zBNAKVVAaq!ayW%~A$?Kh z!`s7)pU0rx?rIU09@dIsL|l2z+?{Ye7{Lh+FvEO66GlYeJ4owGQD4;-%PVVX%a;;^)L*? z2hCWj+|is%K|LYgi;GlmF#$5=mEw99lL;y~csWiTQO+Q}5dvMZx)TxKG5A{V1H42b z-)-}WiN#+cuv8K`(yrIqUFUT=(c3!50dEv2X%Nieoi~)HPyo<46jft6L2a;ECD`1f zwiXjCRGMr4>6$AgTw%J!bS};Ia`aauiNzpk;AaN56!8W9nj)rcpuBT@s|;?rt`-uO zKbcGs&Gxx@d2}X?7jmb4d32UGa5@DL{B(JFrdq&ME?wFfBg7N`-s1ncFiZQc>~aLz zT-PaUy46%J2W&nzzs$~o(*;a13QY2l(g1K8V1{azp;zjr0rD8~!L_EO7>PZJrfg$Q z0-tJ#%I`}{qf*#aoC5^r`a-3E1cPG~z|{rvNa)is=;(W&5sI-`WOMJigd_(d9fwlq1Z)q<$Jc#CPI#GtJ7G-F$u&Za2`M*?k*!&ywwd`Mn(Yx5n@na!uHp z-PKxB&g|3%`oOHNVE+d*I^Xaxk~-_!94#W!++sE-iSDJgrsV0i0}eg0DFl~iZ^|%G z2ndIn=KUs`-S`7fvog>RG0F0isjJ@a>_}7p0>O|1EMxORuz;V0TLGDZ!FRp(>&~Ff zccr|pU}F)}Gl{?iO+{>VCT1lqpV8G5ci3(;q{a+0{)O4CkKirHtUzQk5G=9YWH&=E zDX_qT1)>zrklByi#+We_y1F^3r>;{|O@cD(qXQ${x+U>VK%noKUdjglp`rmN5c`3P-r4!VPjN5-d9+U1k!6n~Q7_1Y?j4$}-FvNuXfK$=xZon*_E zz_=h6JR5A+AHMLbujXL;0xzNfy?R5SKT#1BclUrDP;pP2!%xrlz&qk26Qxcn66R~( zA<4RxP;oDz@@9hSz?qEMUFFm&7XTF&UdQEgtNo%1mnH6q)}5|QRCh^%TGN}L%o(Os z;^>f+LU*!~o+#0b1tRBwha)iMMX^3a%(;5grTZxh@$4ce*y20I2z0vplQM zEM%hBCMAb;)+fHW+0ngDL0|I`)7c|@wJo!T!K}?V9|zUitKpC`1bslJRy(}(btIY) zqv7%qj^+M{Q^;3SkB^aXw3S0=s{vwrnBtydo#%(lU3j$~%T|pPw%2blN_ySS=mONH z)O}B0%^@p?EZie_2h*9RF&!5aS}U;UW_?zia#Tw&`PmX&3V2R${q-LWtJO+1Ta~G! zXQxH)r)VoU)rz+E`m3*KYZ8EU?!)D>RNp+hr>1SZC(C82ZspN6Z9`nJM%6w{7zuEA zW7AH$PTE3|GxwfMerFP7QI3GX0%j<$RMLczH#od0(%v{t5Ph8#hN%b00{eb&3u9!D z;1Bo{^560=NPH?#M$9HMm9=FVE!9{I(G=gf2=To#KzCPFUC@cK4D;{w?f z1Ep_7?Bv$sIiW0FhwU{@d`Ty%MExg1#a&Z@RMx-2WCVkhB1_|vmvqGn?E!j82H4Za(PV9?sw$C&au6yRZ zD3?GI#SBly$$$|uKwRQILNUvnJ7(G6TwEw);=F>J3$3VFoZkeVa0GML( z3W5$UoRi1q;ta5_6==aVC1eaHFkZ)L_vW&iW2ij%DxBX^e9ZCcu|8hU;hOQ65QnVP zUF$XxEj=w_YH)?!9M<_NN|@t8HBAviA|@xEB3{{;tuP<_O{DO{NlZ?Q51$n6}5Q*zz*7h$PjL@rj+VLi7Q$^J^5nl48^HMFL)NW~#uW;IBfsz@ALq%k^4$vqe+PFR3O}5a)k>xDZY^mM@V8f#MP)g6dZh9-q@} zF78?d6iJXXyhNeSoFO|^te=F!VvKz7%0gpz4}>IBRVbmt0ZAML^T{$N#y(MozHG#X zAvaHs&D+W!=@!aB4>3x_%_x~qRya}x5HI%9QC1E}<~yHhnLUYhqNEEQaTucU6-i=8 zfV6PbC5|QP2^=)d(BubGN+OYs3l0%s} zlN$Rc%K1+XpH500|Ca)~l@VUTXr&lB5<{vlIyoE*DoyavbZrdI5%hnFF+=aU!kTtp zT+cM2WHgSt7ks6W+1WSHhT?ytF*rCl_z~xA2}JB&BumOmoO3DFlZb>W5xL1nf2~9n zFIW;MC2RH5o`HNSrOCflan6dFP+fa`BuIq9lkYF|y(_Ne@qY`ozgOeTR~n^q`iVSp z;(E^1iojsU4^s|$io-Hn!O$#{nxQ!ka~N~wirpd<0vOo$JsK8sY{MIdAw+vVj(68P z!g3V+T!1LE+mws6#yr0|wPfWI>(K)FI1#4SrVKXJOjlh9*dm%z@ap{Vtuuk%4QDTN z<7!t=bOqG7NlMPtfH{Nmy3`zrskKvl7s5a`oRyH`%iF z{h2$Sm^-AbMvI7un{pKkWYNpWV2Wu+r7E4qr>Qmm#auv`uGl5X4qGEYgoKe z7Njhu8YezX))8waGp1lUWwgsuxEP}>XGapm*usjWollAkEB(uVL%x;P$r|jd&6xLP zU)ke_XJQTanU#MdR#qm4l!L4IP8M_)I{xh%rn79|zhk4c)!)Z6P0Ns*(s(RK;-dl? zAy1em?_osKl0_QJn!hrKqDA*%%l4b1A&-kxbT&0iqQ3m_PIW5{TldVr)%;sJ2J2E5{TmWzcX+Yj9^cr8QYIoYMRAr3^xs=F#Z1U3JBMJ@su3 zj(5x?-Ah9fP_jV$@8&a~uMuS%&h@O^VM-vSE)Lh06B!PDyu`i;1B&U5PR1hwaZv_C z54jDAqc|bd(QK&-r7GNUL{!v_fdMioUfL&J&CF3(Q+$`lQ(}j`vjg78K%9+&08?gV z8{vEOBr3FGy*6i!Y>qDE-&?fb{SnJwnS)$!j$q`dcaHF1R#bn-C5Sv`9GApO4YySBFr&C1V#dNeUCoCmmcQ ztbUkr#gP>myyJG-Z7Br|rc#nQpsBreJ+f%(cel5eDR5Ke$oA~swJW9tEA$T1Od4fF{F1uz{SNLfc`%d%H$m(NI{6WOo#Dm zPjp@d<(FI0I9P#6EN<1nDMK-MnbP>BNa`s@L@G#Ll#D^Y-EJ?G4SFFGwC?|iMc6et zidNB1uHc~k7Aq#uF=P33Q5o9KKIEca38(QN&pwQEb*AtJ2{&`j9b%Q%Cxw*J2LG>d z7ZpWy7*KfwSpJ=jUfBTpLoU~vsISvIPDz^Tu~1)q$Z8vxDt8`V^JH!Z=}g15xFw2V z!29orJg6!Hsq|Vh!6SX)i>3V4);h~V-#0k}*0yY1bU&WGQ_Z{Jl+|b&s7#dNawHC? zWKY@1NW#FcB#8kROHyQwTS7*;H~Z9q%$bvgkO3`{#7>&)g3Bh6qXxG<;8J#1s6dBfMsOgCbgAx-cOO@wJg1>a>m;e{xr)d+yka%z*)-5gKx6D zsyg;f&IpCPnTnLrvRrkn0o8VDn30EPJ_;Fz(h*jLhSnxe-q=MZkc<#B4%{^`xbCaW zvk|29mc+h1?;*)d-$T*cC}V>JrfkmNG|jnx$399EsbQU*D`ggnUh`&{&6A1X8#55r zUz31LT6~F+%i+yFZN*9GQrSCGE<@JCgw2IV`dXT*8ZcpVu_HCq*#U>b&ky^^gYh1~ z#-J{41BXaTD83HhP>@$#S+vM4ep@GxQss`=m7hK70U(wsJ<`T~MA?;ClJy%(yqm$5 z-dUR0BGKiQ%&3{x7GBy{rQZsd6Q(xr>+WiN%bd<{a1dPFV&=`QzM)Sd%a5-D*3+xg zvt{2nrI&pj=0mqAU4f5{6$@CiU@jtd1rufk1<2RRyHNH@5*TaZDEbr?2z;X$82 zM4={;71TOqdaQ});g8BU5#V0z*re2mKigy$xQkUBb>Q=0CKkvP`FI3 z%*9NYpm2pC&7TA3gW+mT$_X33IXQX^IgxhvZsNkK|F}{k zLp-Zhm6BTQi_)~w+SqwSgqMD7Oqq_bD?2`9(D89B<7QZX;sH^CdKdvwEE~y;h6dz` z6cDm!VyQI-ZpYzDh4~qh&=LcA1gtMjb$O=cE-7!ZSrH^mZU2Ele-4=$SgvDoHF1u@ zEXs^e5Cu#n(iE3O<$xxOr>vP``Kw!-Te$1;YltvgF6 z_+TYdQ)rO^!H<|(3Drg3F(?wCsFcJpUP6Yz#l=rtaBS2-XP9MF!E<;k>S{O|22l6h ze$Hurjsw1j6b<_h3ONP+d~H{z77}4q(uu~m8RBk?uz9F9g$4?55aoR2aZO*xB(qwV zt>tkz(YIXGfrFZn{7rdpWa0<83q+qHkzot#6AHn`Au~c4fotqv#S~s^VVprprrk>S z2Dy9pwmeKD&ZMe-euZ#1F3H*Wj6&jA+@1-xY(mp_u2X>zLKBB* z3r4UvLgjH&z&4Rna+k4lVK;!v;3$XAT^B^7Bs2!ET^8m-2-Iz(TvW!n&;cB_Q_7;4 zEciao(#TS!EFd#!4yAJ(0Uc2&AUAjmO>Moxq}yMoE*Tu_>Pn!#s$^i7>PdH0iww{^ zDMhCC6RJcOiOUqCR8PqyapfHL;rtEn_8W48#RtwE#US)Dl8j)UnYk@4RRC2h3tROf zAo?<}2^6EW9A2UIoy!Z9ZrQboBu(Dc-fm)qh|xKbx3BfYh)KeEK)eo3jy;iz?iRDT zP&&?t|6r3trHT0;@uDsft(^rY`4(g22<4j*b51PrMlU zw5gfi%ckNJp$cIL5Tq+5?ge9ogdr7z;lufx3zbLTS`+vf9DmQbH;Du5DEb`vm~P*# zm{+UUBT@8eJGJ19?N7Gvma15PaYr@t@lFZY$rp-^ug& zbL+c?Shh{DE3uDMP8^dUK~aoD871vR@c}T5U^0x$#L+P_iN6yQwM2O%d^mL*-?hGe zZG8T0oHLuub0yQc;$X}za#|BOst%q4;C_?}-z*>#7`XV;5$9Z;=2aDpVK_tJ1rB}m zX%D=>0@3knQyG6cDKvAGIRoL49LH(E2&>)Y7&LG8sq2N<^+IpTcgM?4vvGq%e+<-t z+aY7nn{y59*u)2KED(dzMN!`Xz@MDYpTUcKu6XfM;LKas*_>3EHIZFj_2lc@hT!*(cm4sMH6A5LdC9GB@MOg>aR=7jx$rAe5 zbLN#20mWjjh(l`kXxHYF971=1vxdF!6rg{pxsaa;*7uy?6!}M+`dp=%!B(MZ%U{== z)a23G+=zXev$>(DypghIWO*$pn?GG%p5-J!Dn^wQZI(>ltaQmBW{+D@da{6KyOV2- zHrEcG9z7WP;8mVW#c=L|SEXZXF-1=5mH>HC5Cs*JNk}`321+EB0T$m%0CV*_qkk_u zO4~Mar9`)uKpWq7Xv-`cU%aH@Uh0YzgH*FUPIcpO@o5FaNx3S}4dyC3p#F*9NtI zYmnb1)Y1Pv6tmV9|F1N6Y`YQIp#OI}qh3z`?~FSAXZ`;vo^|>^A8}VYMaWHnT&t~k z`9hT~%q@B4W|{;6|BKHt#}*aug~>ok0p7+>B=Auz3K_9DhxBK(sxI8L#I@VtN)rFntS)Y1@`GKgGq$!_2fZwAcWc$mZ~kX?J-Xt9M*02+ zG;NS(8at#E{D8@x}}knZOSYbg-eJ7zWZp3g+!)qkuU@h zjpF}?f2RK%HbK*I9I>93E-zBXm8>mXZd?7578_&5IY%-iuOzi`kJxVUkuExgoHS-p zVgYqMwZ3d1N|a0j?EQ>Zk|;F?c!v24bSd7sU3E#YyIOF1y*GfDCFtuDW zHrw&@a@jT^ZeGZYrAwtU9lr*zxU5_xlpP}!9g%2d*~8K$O_gs-TsSP1Q8%-?{ft)c zgkqw~Z^kHX%$$;xcKJ$qe;UxK(Bm}KKO}|o^3eX9FI@J(NNFy-TuEkNY7T|98hmra z1x*V(&Vfc1Si20RG~PtJ)PeVo#Ix4BZ;pERCDs-Kz|3cWLx4XWrC(`1N~Y7Jgp96v zsdRr$g7nD2Y7o5Ap9=(aEkatl$?nEUW_MSl<=^NY{VH6rm@b$pCxz5XZfz_%>-^43-A zj9*t7+;sliE%<-*hJ)wx-zRyb|A$s;L?#a5cAL9VK*GkUy85KonHIpIjLbDp^G+H4 zh=K{E$k(pRGE0t<9_u8jXvI2tr-*W@ z&}Sz3n7Muep98DSe`&`RxDu0{We#bt>4Y`1s$LoeJ@u2%4x%ct zZ67|G(4T9^QbAuokajk;rflH`rS1cYg`3)b)ii;|nxN_M*Q7 zqnclw4BD^4qSV@HrX3)%)6I;b`1mnZdp5zTAXpAk&eYq?3x^T_6{bxEx0!2UHv^`G zKg9hfH?3XLY!a3>yxnkUmyf!`q3>sv4u|?!XE=1b71Yc^+B6&rLhCzlj2Ma+ItZh@ z(3edY{D0&{L)Bl+M@vs1E?CB8yO}ckWZ}?ZH^-ezPkaAt=5OiXV|@^4Iz``>tG(16 zCrc;g@#16;kquE_sdIZ?N;#6WcP$Q894q@`NFtmknx-?^E@}>|KOYpr%^d1A=R;ci zKJ(#O#s5v8yXgNqdR$#w@Fx3jyWP+0|NNh4{r?Fb<^P>i3-TAu)ZKO*QWT5OEL&*s zwmQrwwmeL;u5^owX=Bj*{Mkt6^y?}A=vqMwzJ49ADahaqeEr&#Fwc@8I3oe}gSI!Nh1Cmh0C$+b*`?_tzTz!A$ysJp>Jx7)hzubue6K8j&&HB zDXb*0x|nBwmbEj7eMLW|DZ~M2o{6(e6C;rWZl(9>tvDcMS0F20l+<4$pxRoRKM)vH zbjblt#}Uc^|MOm`HdRZN0MbY!;EM?mVL1$oaV=BHtN_qf^b&RM&0@R|PG9yX<*%hT zfn7QBxuL{UK;kv{&M-?iaCOVc&>(e7s~vNOE6t8hu%#U(Iwpj*TuSFH83{yQz}E4i z)w^6LH%yi^`s&xOnINuW`Y|H*sJ44S_x@K!o}WM9v%UUDxApl>e=@w}cG_RT9OyiO7%#cLSIfVv>~z2A&G_}JV+;G#)wpuQ zyusn?eFXoNpv_k9EJ?VsD$WIuRX5~HvO#mn!pLhEN+>U8R(&R=?` z)xkb!d5RTcYeiqKh2uJA`O2+A>OH)TNVOqkH|{xjwOsLYi`QrSW>hBsRCh3JWYS5g zWKz~1M&D@3ZDF2Gxxb&Mmi*T-r0!z;ts(!1{k;EguhShq%m1f%jQp>TGPb?(SHmhd z{pzn}hF|?{gV{G*td7w)TO(`o-P-00fCnQu!2xC%Dd`A(KMhL!?&R|7@c8ZNyT%sw zVMDdwr*+sc&_mgVZF)SuWmpAr91Ccz2@YE#?S%szPy9mzgd%`LnNw^t(!Uc6-Ins- zbnijqKMf21f9>}3{m&{HL2<=lW;KhINjACBZ%)*6XiqrF&$bzmz;{ zJ^pGc{bKbaN!A@#rhpj(*#!)N{PNgkvB*+HYHc(%RGR|9YjkF1-(rnD6| zsM2J+F5<%$`(E80Ar9L6Iy(6* zj=bzg`9)~FSY@8$&lCqpcD2P8QOkT!(=S!&A_m2P++eL0c>zYDiTA9dPPnC!hyb8o z3?rnby=CJrJ;b)!o0)JX4)`aTT$!=TsG~q68^m4~KCdI41v63M9g!_0m=l`D(zi|T z^7$v3l(oa3tE&jI`PG%$ai|z2&C(by|1nmK?dAW2@Bh2qK|%lPw0qC;|0$lL{C|M` zzr7R`_y0x=m+b%bw+;LMY_U4~|7?wW?*F&g)LZM^?{QOaxZ&hTg z+viFyR4!kWUyBsfMl@#hfo8$0Nq0sUQ;-V2Le(&{UPHxCX?lK9SxrMe^2sM*?;UjM^9}3(M@l)eJr>Clw?ABSo=?z zrt`@5pOidX-}p2;^Xj{vX_30!)_eW@HO~}MrmyMituK4#O%xAu>(g{)`B+yyb4&iC zU-;Z=1G}aC-`@GBhW)=+%>U5uKF5E0l4q^|k7U?~bNnftYmPX4QwF~K+4Y|F#jT%O z^M4tIt*d1e-Z2BjCjGD1Ddc|`wV(aJpX901|303*`wdjTWfW$#K3>MhRIQUa9Z)dj zDni)>8vP42NrXZHYJH7L_6*& zPx4gBe|;TDjyBMX05nlca{K83QwGSibYIHa`|GmNRIsV_1Jcaw8 z4{-cjA|lh%U-hx<@K=4>aQ2%iRp;n8Q{jHWKDKcD)^9HUesT5o{qcu4CtI8vbL#y* z4~#hrJ=9sTqQc`J6IUEE@b+(T5M111=FPLM{cw7I^2_0yH+E~y_wSlkk@NQ-E>EsH znG&5**X<15w%cxXy3Ix=mYB|0Dv4Ra6rZF&p2|2%uTIaF{VZm(+0UPa#-$R9cFX8e zG2~`Q$_Y}2!O+StqQ9$r|8zMN8Qq$uMCnQVhQ3w9eho4?Nd8-7A1Nv4=F*?#(77}5 zhb6=x=BVGf3-znHl*Cq!FAF^_b`y%?Q0DDhTP}i>-jdjtltJP0hnOs+uY%Oz&e2p$ zwykZlTFhJc7hNJO#|PV0Cp8kdbPi+WyQZL~q{K&lUBj%F5g{{7#`I9|zu+p4u35*~ zftL;N5`~D;vzSaoLzx$K{T-YQtvrr5#rFE&gUA1954-vE|6Y6Wod5etp2vy*k>52s zcMZrJRXF7B()3#@9b!D!RIbFEdQV6 zG5TLBT_3;#SSmhE4x(%VS)*UkR2Di~GS!UqZmf$2LYaNheB5AR%$2KSW6V{_-7nFx z1;DRONaxKx(6pvgoP;i&H~-OSFs7aNi-yVSJ#I>Cu7AoT`$C*smdsAOoi}FMuilaH zoDilOPp=a2mwfX~SCpZJb+I6|3vMu%X2FZZVr$^b@0lxzTLs#vW5CF!a8*}%Qp>>Q z#nsOrzCXFTI5|2$xy)N_vUM}HK3trfUz{Bto#g7&9I=cg$O3zKbaZldd3F5mVjH;7 z^H9XD{E%h=SKk%Q){jZT5G^1htXl;{Dz1*!Ysp8HUE!$E)bYv1<<;rggSJJ9cQd$B z5v=nKUc5j0`C@Q&adQ6ghS!>B2i1mZF}NEv>@Tt z8U!v6Pv3|nug7=8<@q?Hc%1PKoM$|$sr8R&2K|qH?xO$mz2!sR|Lzy!zja50=lkDJ z@?^C5ob|wXTE5`F*XrwnQMO9VBzFSvQJ_Bf{z6b9Z@?DQ048isV*GE&FbUn8eUY+1 z4O|i=l%e>X1gPA;ol;gv+xvu)1^|X3VbBB*siz}YmF)GMMFDt~iqqYqxjeJ_#YuqF zN&_P-HUL&Mk7iTdP`0GC`l5~)WPv4$C-z4#Mv$TAeZlGioX%FEmj#XfWhoXj#G2`^ zB=QAL_v41|ap>c4_6KJQ5+Jn&)1$YBP7MHxlctI)G!bdV6wB#zB$4Rk(DS$o)5z`m z;5$oY6jPkq=`M#RgV=Kq!+Ae-j@s8fjl)O$YveVRulYMtsVt;%=5XyGp$ z8d~zbOFng0)b{@*LE|NZvhdHsKq$DIGC zGwT7)|4XM%dI!jSE<2?+A2*!R=gQSNrO#E_<}T1+xSu=TmT&HTA1FQWxi~pHJU_gA zpE-SO{7gygO9{qgs?l@C2oU-QgdE7U79=HAdqMuLSyt(-0^z!JZ z%ovMEQI%J1`r@ih_Kwk`+`H-5ym!+tzjssYlHa&wswSIz9W? zFR)V)evbBk{5wlEX*b;LE>cdF-}rF(q3-b@=2elh+ijT?(EvexwV>suE%`_H0T|b9f$|efYp|pw4>FQ0$?Q!I{}DI6zuv&(->;SY0oNX>Jcm z2QNy@8`;3&62)+atVT+xwF!$7_sT*~-l7GGR}a~lg@AaM{?x#wo}N%^{l8Pzr}Wvh z{&x!b|2ysBv;Fr;o~_n@80gr`Z(&ru=JRz7hj&}_bIGF~VD&Z#Z@GqN<5%B%B`=1< z{sz|bENzObdiML>*7mwtymE~huri6o0>v`~UTGBM>TRt@KK9sdsWIQa@2#!=ySo`Z z;V$R*Yml=Y1nOXDl`ls#=caHce*;NxgR{n!zfQ{vm>OgjV%6UB5A7ZG$A4glCUJSul*B6K z$x_Xk9N^vEJMj6da_+Q0Xl?9c3-mpccM=8>jB@a}(Dg+Doe z=G;&PWVfKjnneMBLjGIq`vJOzu@v9Ua@1s+ogeZQw2;lk|H}auQ(plpw3(6UyhR!A z&w5>g=oSHP}$lT1(?B8I3J`_0s7m_J{yiH znkHUQ@(OBX^Gemv5P_$uOfm&Mw=M}bo#;SP4gB_gaeiK#HrhiHR7rnn+FOW zLr-IGxs!oKpBve}RAxn9zfR`gX6RkLv}Po$eOwW!X~lv<%621BSwKIUolmhU01lWF zYNuegfSAgzD3eZNUhVT|K{{8^D-$@PZ#g`PZ}#Y^b(^N!uQDarDb|S8wxUD{7TRt}9Z6`} zQ1)vMi`VH%sD5SkAz=|88zZZ#_?_9ml;D)%TuJjt`#lMo^IzqRZ}Ym53%T#S_N6#M z{QNnUt!FWs;!jNpoPRC@Tfhu}3G{AI=#MimHzNUnB0|1m_O6U1bfGQ)oOH#i0EEe6 zf?`=+khf5`s5Rv&g)2)wgLT-kc1sn>&{9Sj;MQ?K;<-)!MktP}~r4`%1hFzA-n-b~$x zvH2E3rt;-Cwfq+8RJ1D=%hW&jm3yWP^JMm83N{XBR&b2+tyK|?Z*_z9`#J~K+mwj- z7brj;Bk{Png|NQnI$2plmf^%wxKv`{WX%Gq_5w0*{-&O@1T2TGyktOKdB+XE@|(y=JW z9JAw>Cs?AS{JVTJVwdByC%^Y}837q-M1>$0Q9m;ua5O1=NcRLd`aU4uP2~sI!+xCo zDj>cV@k`Uqk}966s=S`O!B7p!ZU=qxP?XUv<(slC^O{OdCd6c^a+)2j&2O>@OXHtw zg5H>Uy9-{4%z%PCyM>O*L^FkIt~FC-j+u%gC!ZqD5JLX#=9fV}`1uhjz%i86q+gGW zt;`q1NeXBKloA2f=~}Rhq~C;|O^5=H*2lVt+VHl=_71FL3;SA3V^t`!OW|XdQ3{r! zkXmHRty`dE+vrpl%53=bpjF{omz%2U--D0VQfMmM$4_@J?EcI@n1Tl-2I=MTW;ascb#ZqXgO}Uiq^7o9&Ey=n$n@%J)ZO4c~9D*{VZMD(W z>Y}Qz$l9EvVBykvOW*l))KSM6+#nP+N|y4cvme(t7?+s1&5zm{HY*J088dQ_(N*qY z&xW3dD1A$O9f!%0jv|Jb=DY2-bdI3^ON<$MA9|=Ml5$!H_qoX8G5S}6ESDI{NG!rv zS>8Gn|2xyb!NI|gxLM)IWGY3-#C9z2zkLa-Fg9glpm39tv40sCxn?S6W&xSN zfb-05sY8*B_>xYd^mnH3R`Ub+@K0oTIrT=Z4@FVwZ(Es}FK|cOVyWM*} z|9_HaEB%l2!J~wFN%M^;72!V40Cat{7CVFp36#Y+oE<+0czS-e zerm4&@>1O6#D8jcdj%Wef@<ZpA+Bw)zYm_dv)To zOpKu4;K(_9%JMAxpNk~FX5ex}AQIkBM{rTZS5&!{;q#Y;IExt%B5?E{Dwr*Hh zAe8td)CXq|ct2lXUtHz67^+h-WP`vLev+pC0R0D#NY^IpVUlADm1Vb44 zD9LGH!xDx!-BpAc7SyG)eHe!1Lq}Zy(7~}QVMj$`_iv!G-D{g#_TMf^M4U#}g`RXC zon3f)U>7Z8y3Rjlh(&JcykL2s*3UkP^7&6~m)0os=~H&I$S32xQBK}Lu$^6a8%kQHnS(B)pF*W#)(`qSjd)ve+oG_Qzv2M|moS=V zxo%uvGxa~4QyZZ*I$u}OF|KB0V|Jau*$n%|O_GZmqo$FmuZFqIXI zmwLQ~twJ?Wk%!m{T6}VigdI+uVJI;vvzyK?QoU!-E>wH4zSXLpa9rJlI9;3*dWm4L zJ`MuL`?G22`l|JAH3%E>U9QyR$136%aEZgU82&x58zC28$(Wp8MbCtzeR71t%zzt* zV-O@yry5e_8ha2wb0B?ARjW zixNfSEySAHbgU3G97P4??}uFp)c?n&ZiT@9Z4eG{jzzzF<{c&$<=KtxBw)ek0%G1dIrw1y0l}JE6jP9{w z0-at)HJtAOwgW98f=#vsZD*aod1#-)vp4$YvJe-CFnypK+${P^y;B_xeLDXR(yE&O zhxkT(+kdBYSW^M8iT@9KrTlM$!8ZQ;Q69$s!HM9~>LL+7SpfZnD3^UyUHq=PP0fuL z$pFPUlk#HJ)K&BT?VLwN83#8~Cx|u9zOeQC7~QDj-0PU?tz+u=QQ ztdPulDh$B~lH7&_2K=h>hCS5HD)Xa1p1LWNUqbRRw^1UBk{R?-Dm+fBgahF*e~jAO zgS30s@A?t$`jJ2DVzQrIBF$U=Pl6-hJq2D1*sVLIWq*jSNJtn;p^(5RI1b|lJYOxr z*mgVhHaPJc^`d~HUBXE6YzZzs{V-69mUk#QAhR}&w}0qacOp0UYga$dEs3~66lz#) zDJDdhoh*=ln|Db{1-^CTPARUD>6qKZtuA2LtL{pvt|u$oeK=de(BP@f|D_+cO$gW~ z{y*xQ`hUMa+{S-D%A@N4GVrCb>Yo|nY{6ye5BRL9j_2S-WH5)loYVKOsLLk|O7}R9 zGafIA=p^zIha=#rM`iN69lm_=c3>PEu`qYa)iGt*7WMPX7YmdnjNlvvotw3OPUot~ zTJJKB)Zj#3IE+nK4Y9Z{SA zi+=tZ_rH&Zy@473JDqOte|?mPujbQ_F^mGPICBO;X2N;TM!sqht7}j3rVCDXuDXiF z)O+AFQ%NHq zOoseVyu4b?X80rUI-Xts-Z|krCIIFX%vNEz2Jcre#52q|Y8>-1>F)fB1aw}WG8}At zQgDNOxJnU7$r5oJPB1<(k~56LAmy7gAzosN0%qFL1x~^4&6cbI|?I1HJUxJntFDS(`KN$tj2Q*6{IGbh@#y<^$h5d-l; z?&>_yj4OdF&$?0(W9DTI+&ue4j7?VEtmnknDJcTQZALAD zO6+Ay2=q$DeSiF7P#wmTs067Ztzy0sMYVeC5yrcWZ8kT66E zj~T7eu)M0L39$FHvM9@{nGP=cUh|^gv)YV2G9^N|6ID|9XWQ zgH0)oEsS-=KcEk1)d1iRVzpA!loxPu`MfQfVWkLjN0qR7TjoDzl&ttYtW ze*&+||IL#LcwqKEh-&cc_d!%luwnvt*#x#ZdP;lpd$ybf_nY6}T7&w1KQ;9KeAey1 zlX8Gfzy^lEhVy^@;kdN_I~{HH|3`V)O4|PsTrUtn3xmP%6v|CUeA<4j*?Xf{J&QEIA^0#?lXabLuxlC6s-$L<1M872S zJThHtF)yU+e)no)-Kd&PP1J}i+V>q&>L#0J$5W_0!%}&SEe}MaL6%*X|Jk4>@>hvC zr$W(3njLu2Ubc>XvfvBx4Ebw6yHGU$`H(m$N|rbh*_W0mP1zEMbRqk-`1nil?Wi>P z%~2>!!h)pWFD^7Y0HElOcf=@bE74WuL545H8wGtn*EPp@Hz_DmxRz4I7I0> zrDzFkqoEDiIf+=6^59%e-d&y^KY#c7{MG-wyL|oHm{eZha}vr=92IDN7^0UKZ^|gn z-<~}`JAU`}?CR{NSEuiupT0diIlVIQ+z}iUsI-enG$_w6&)%M1zB@U-IR5GE)!Fq~ z2@(uL3(Yy4>%Z0;$m_qB2du0GM0XDxJ^18K|DtFVIHI0@oW=B9CFuPMCnx|Oitcbi zq9v1QcQC>5Cd{JgL!44TW?%{9G^+ui;;GG29dvb6j_xe>@XEy%;+HVa;3{r6(<>?q zh@1wi-5hm2YPh1B7mx#I$=WX$GhkNz z49|aov4%o@>%yXzsYbNHpwiA$+oH+}#{(}aPKM9~FDnj+Si{o_K;lY+U&ty_;mP%_ ze#}pb7l>TLxqbVkDkeUBlzYazel2^bLcr$)EgueK+k~4%A&j~ zlfo-%cW&gv^u#D7?a4Z)^0&U?s;8O%Hzq-g5ReW2-`;TAGvoip+xs6L=Mnzjo$Cbx zF$sh_7gJ243jc3+r>+AyCV}%XQ0|`<$wK+UHs2NbH>x~G<;2x8kr`~8nN79C^;4VN zr>&omSB@^KcN6F#bUKuC>zT(=7nKcK0m|yaYuZOPd4LTI%FNo5@DVYDz_87Dxx;o`(ivmX` z`Feqql>Un8;%8CP(3Tt(tm!Y52$LX^r@gu)7N@t$U-IO>{-`&1Yk7w4r1P@Mi?4!E?F|63Uu{t-e+o7ugN9$>NFL}bECKU#4VU&jfj+uG z3Ff?oL;*9gj7b-k)S**ZWdKRS=hN0$dqbQ|a zoPSV1$+rc0GUJU@Ov|5-o(b`boZZ&5!cumh+%)Se&3Vp7=?(3ijVsrA~|pxkfaYoNa2s@LdHm%L73i}kJo*ff}aL$P86nmB}u z9_bJS+|GfaW0F`4xTlKDvZal2_u&Vza$}&1@?tElpPP@U4NL=@qn6{%^ts8mMMOb? zsQ;;2`oQN{eKBV>_Q+ApiqzBe= zFP7YCGc6}IC-815V6ynAY~$$16<)6raquMt0pa>gx{7({FpPn0(TpTYO5!fq%}ank zrcaemK%8(8$BL}zQ4xSE)r>riu06rAk{3DaCp}s4Cq1vRE2XhBo3SI2v6*66-`CVq z81oUzp}72ww#o`GYc5cv&B-!ye>F5#8$GUPP^AhH_%*=TdpAwBy z5$l&%V(R?`qzkb_pKoRxtX0Yp-YN|PN>ZFs6!}O$)5b$yc=4S7%AYCH`lafC=B{}2 z8BlV?xi8aR1(eb;M@5DiO%hNg?e5cHig=J+s~xJyTD)9^6f-;Gj319kP)t%xNy1Ew zBX>Cp^UD-08&i4I>JjKUxAz^f0E*Sw#8sb#TALoBB}_03Zp{4FS=an>e0g^K{HJ$6 zzrMOI#gXNDf(V-V3tDR-FImuwMByhWNR^MbXnh3Y5aNgppcU)o>(|%sE{?CRetmuU z{A-|>-#Q5)v=hTL{XmkyW$7!u#wCQS&n{1&pIzOn$2j-~{UtEox1-!x`4_!^4AieL z%|PABaC+#~=*lID=A>c*zCM5X`o0rTplC7yCD!N1*T+8{U!59lQ`fyDpa1_HQg{Qo zf>NjHeu(|s1zDxY)%ufHXD5I8`SqKt({~qV=P%oKK!M2K2RNG7AU7pp;v&?$dj0B> z50clGNCv*a5OIVjuP;mS*2>^;irGIWB;owiD}y*aKmO^}>AT}M*FT@0U!R>EU!T1` zuL1Iucf|3EE>J|V&t>s^v8wL(Cv0T-DNEHyA-!ID|Ht~GO+Rm4vQrv@BFY7mM7zJ$_siMOHznK9^$9m z)6%3JTwA=0BN-wJW{k|DZFmNvSvvX{B=6>k&Y&NH|M-v6tIuGbpcr)C-vRFh#G%Mu zGDj4gzqq;^f#Z``-hVNjG|ER-P?&#CL4YXoDGHtfk(Hj|c$Z29lyJ4m-v2-^+kxQt z=x97SIJ*4x{}1->;%Gk`1@QT^M0|xP?}=5461_V(`5U0m>w*{Ra3y?ZJes{ifVE?2 zvSvX21^E!|`->&f>E!Q0=MpgD#*>3h#E}mXO40?6ZH?yO8L;_(et3XZ&T!RENaj3w z3Z5+DC3m413Uu3<{pk}2*%h{sIDz;(pWc_*9As@1UH|0^pN!IBVKkU&;b|7e{k=?4 zjrjWzUUw2FA3lDy{;8hainbDyl+F{Bz7NZH_Xxk{oXvZ-0F3(`^b9**0Z2Kfvx+DV z^R~zHcQ{QD4A!9YMztOlB8op1@eVo*ae9 ze>?=xltQ{nAE+;^_9p4U!A=@ zeKvz(ivCOOZs0v(U%Z0$ykQASV-lt4*^^yGw*-LVB_b;dIw=@}fzrRC60Z+`K3kh>I4#zO)p`%^UIT<$vQD_zieZGJ-wu>>2PbUZ218z~32jDt~}mI{T{P9G(14g z@qRCVHN!3DyW3LE=HmyZB1nb$t{2}ATV zL&S_Ol22x(sRPzZ5(T>6;AGYoxX|}e%ty&5QN*+<5~W_vuCQ6*`BZjWv||3QQCgmq zq67U^5`s>LZ)|lsTvzv=e6kp@U%VszgTmyp4}u{c9ULAE_Zh+a*#~a0fARJ?FWqPT zsSQHbT~{PbK=q8X4}&=n`cSB|zTE2XoA_egeA04gu;=vkiyg<=JJY3Kt@C#r7Zn1K z>u^U_Jzt-z{Bydx(Lc%;1%OhCstx4t(Du)I>n@H2?s8vg)|}a>ZS2kW`83`CB{$8p zKyS+b+$-<@4#xfM{_kTvBL0UDtGo^vlL&-lj{W+(wc^BbzV8|*cnOnrmh4^zJDb5i zwgAu&-*i_LhgqSn1eM=(qQbwBkw2bxf0l_|4MtMx$pCDjoZ+(#cLgN>Rv*oXb!t_P4ghEyi8l+!lpO zkyq@i=PCQHJuOx`#{#~5;gd<*f0Z!(RZ7Xy%=|09@jKK$XPdmGAWkzL#t@O_m}?`g z26>qzae1c~$cyl6%ZpOp@tf<{Ua7F!3O*9gH0(u?j}42F3AqYlCAFFkZC9I=h86d@ z=O{|owd-Hl2RoVGg3|aUqDP)>(9F`A^C{-~0>58Ww2Zy5rP^}=Nc{z3+DHL{6YGTF z>}=i!>c>~azpZXXWtV2nP%d+~wwnj8F`{>6RD)Vkj|BmHHJYRFy9?vO|5{|YDsRNx z9D2MNu5A`)Q2D8J7(PcKT<6CUl^MhsNY_#bRF7x|o*6}}1YIu@lrBgZlwq4CY66y? zAScQC_nJUs{dA@YQ~PX(STlUp{^z&WS+>u^Je=CkvRh$5*yb#cpF3Ak{&yQ1Lik7ZWOH~==r{!4TZbUdxP3bIrGDpvf`1F0w z4LPPg^FRT554_A7QLx3c~Andm`9VcVY3}Np)wE!`03Uh#pfj%^5Aw99XJ*%gC$j@aig%vOJoiK=w;b zGEfJKXih?6IM3pdb~1NV@wOI)F6n0~eV;bpX`$T_p@26Qz@4v!8jEFf5<(u z{|H{w1xh~P6ahg7zbX!ai?=7@=$?VrY++=(oeb#74|chG$yJFfFlC3G(!O2e+N_!b z<3zbvPGB6F2Tn_#qX(kNP*Pp!&2FBNM0l91XxdoArmz;NR+>{FA`?~Ri@1?IyU#SNv$C-05~zreAmjGC!l1!RW>?5BrJZ5*;;JzE0C>Q z3ZiR7E%EpHrnDInP9DRfGn16(heQABrt~y7fZB5;5XNLW}xT&vm@@ zB7bMkX8SKdF=8{w$0*%@S41bCMgQa}jW!#D8{PG_9D#~M4DawzlsAsb5MY3ni&v$dR1AF>Ks!8V6mKIT7*Y+ zpsY;&oJ(*X8etp?^@@VQ%>_(T8Ac*;i2P(BA-Ag-cz1mdcp@LQXS=;r!KLQDmw>tH z$ZXPX04Y={$qycSd*Cy;nT!JD=PXjY4xxa>27{*-JYOxrxMy(GBI^Oy28z=j+T;E4 zu2WFqDPQ!%AbF4pN$Ah|>5&R}M+g1E(5r;U40RiQJeJ^Sf4>Zm$Df*qRWf+1Bm@S$ z0@BeR@BXg^-XHH6iI#~}{F$Fz$$DSMURhT;8!c%3XK>?}+w8H|NB+XzW=W&j=1!-x z17j@jhCTv!{heDJ1xG+k(VZotkWDqF)bOjRmGD?wJQ6SB+3rv%bZ2EXefhGJLAOk0 zQCxNypVTPw_1ix36V69KHS*=Wt*FE1p<0ihCCcWeqaKdtN5FV^JvImJbyi7Os>18A zd1kM|htXDr54)|-j&4SlCzDtZ#qW!ZSAgB3dpWqhe3Dgw>oVd!-i@A4=5E&St$?w* z-a`RngQ)>iMz=LUg~Iy*33 zss1NVrqx&eYWV-hgR!CijfR7*|Nl`QOa7;CtNmq1AIqv=?Nh80M4{zXpR9ariK->( zk@{VnpgT-fB2{8d#nV#(<;ts7qkWPPLiN|8MVWtDp}?lX0vR1p6qD*~mQ*O$Wr3p1 zDxh-wb%1FZiYyRKq+IK0MxzEt!&ehniN@xdd%0_@g{-Zu*0J0TE3nyWYECq+2=Tti zqi)}as!}bn91VxP3D;K5H75VBsYx5PaveGwf19Qjku+^a<^Ly5!zBsOGkF~9(Wy3c zS&ekg&N!uRo>mFh1+zIgq0?%R_^b4NC>^ETXerNuhv_ATtHV#C+lUY!9)SP}+(v@@ z^c9H^zV6pCe7`~tWl%!O$5SyAfMF+q3Z2pfb19ib4ocw~b%ALn$8NI;*#d{q^S?eG zVWgDs)L67FkvSUn;0OzwWcT}E`OU}|X3*{w9WB&;dcKffKFX++jKQ%??z3e{)(6_Sx1PKph|4CpQ?LPzQ zCX>xVqXwsu{pX_b>)C&{)^4!>oDI8|{U^a{3W0pZ6JzNbftoC~zDA(es$~S0O~4w2 zGCPpxCi)f>(=cs8F%8piL$S*iREf6DgonZ2(6G&Te|!6zx1cHDI>wrSkb`P#tQlbL zXROK5XlSgdebE9(ZDZ}8cwEL>jS+5%&1J1UI7Yj<_N_T|vo<(vwufgc|6V5BgFa2| zzbv(969aIA{Ws}P&HO*3@pQZY_bAVIXa6Z_Wba`D8i{O8E6|=W_puGZhp++bnSb&8 zYZ!k;FK)E|Bms4y$v>;WT99ur-5lhWpqa=UfVI)x+Az%f%v!|N{teMro7$OSZDAf3 zuvPs-c{?5r2bu;_oie&w53$y*WqoxbQrcF^Kz!en+qOIF_PTrH^Bc5fqY+lg&>zN9 ztOLoU;jm}k|2^sr z##{UUF`ndE zS3R-xFwOz}9!-k@uNT;0WS60}F{>>otIXvM_AZB}ss!T2WH>$4v;n1?H|PNQfNivJ zSQ|=Kj!H%w^zFCI_ywqrh4?VmS|zX=_7Sfy!L+oBL`OEWVid9)!>?<*+y{rtV%apH ztq{5Flm^JQs^kMdP4&N&gh@m7Z)5(~!MK$Fbu!)Re~dhZL98Q zUM2O|s$X#jvB*zA!lae%m%}NvJoc(;dq=}ns7iS?MT=95O3h2VBiW+HY2S4%t`0Q2 z8mG`^RpiP@iz+QNIWt`VgC*|7QuVmC3? z@9^?Sr1irgV(jSIl68x}Ku03y=MGmBE)iWN5r7~iGYTRSpkpyB)61-B zD)Wa`WE^8g^J|lC(b@yvi`TEc;tr(U5T_J)KOJ9s?BBn7@)o2DMZ$rE)e?zS6BImO zB{-U2`3n@RLLAM{<`KzXpMFICisudA0iYwZv7*RFS%$qOr2gXcW1JvyY4cH@f3pK_ zkxXKKi)3!|>>)8zs7P`I&eZ!+MN5xLH>rr6xn1#Dhs5ykJn5P#tyfnP2!23#zMw~- zuQ5_%G#4-l?mL_f#qT#G$u&x{oQa*^(}-4#;r)g$A33)6 zJtmgfviVx$s9p>q)9K6Xq#Ui9^|Lk~=_)XlWQtk(NvLJ46j^z#SN8Gm-KEya zvM<$3y81m(%3Pgiy0fbDh~jK zaI;T+yL)N%}J~BiLoG z+qmB$iI+PDIyk3YP4ikU2OD6kstG%?g}cT_CJ941kv83DHk0_r!-yP zx)~7`FT6Yw<#U3`*d8EC{Y5SaeyX&^s7vY4RcLjm1^(FmiTFqL)F!T27hxvSKN{U( zSn3IV%277CWm6tP_c3S-YzY3IRH7eEs{}4(m{vq3ASqfMCn}1zPem3D@wt*(Tz8RK zLz|H%_gf8c@yo7W^T$AS!mFOMf^~?1p(a@=wD35L+WSw#hQLe>ca4f<;_iu`p?@{F zw57ec;SIhPQ-P`|K)m~2E~3;=U=P5O9!Pv(MFIpSWy6q^Fe79rFqBFxVWwkHR~4Gx z*R4ymH6mECsr>7pjuZ~qPpBR$S;>r1Q;;C4P1t_(io{#AK0cNVavrVIee}OjaT9V~ z>Fplx2`=^wnm3Oz9C*KZDJumCtzH8K<_A`K$$~pXWzAKI9#~+VCIj1Hs?O<7L9O|k z&zbpxc#yKf6*Viui9DuAh2u{4zM#<{KeQ6-XC(}sK_)h%xkr;U@yn1M6&gY2Llk!` zu32QZawkGXOlO6NH*T4Tz=1}WYWOt0mp1k_R?P&=uw^dAX{IeGo7$AiZsOg#2jZAP zr!0-i2Zk-@&mx2_?5)=O?+Bth zs~U{s2T^~=R0c3gu!X}S7On`2+`pVt5;c35z?NJMp<^#r=MqrE@y2RsGi?iS@(A?tj2)xzWLQ;I!cJP`@mo)K(C1X z1<*6a0uq>huqlct%p=Ar2dUlIsyu2*HxYIjEhcW7+*Nm~FF9Hc<14$~Qz^-UB!GxZ?lB5=3sQ~*Q<>3Yo@uDh?g zPeDK7KN;BR?zPI{iH1A5Oe5{!{rNL(-+(6k zv9JD^1r*TAgPRbY0hq58MW|8|k9O`S3J52sqohbto)kg)-vav#HbC_LC5qbCn4wt@ zZSon_VO4a3DFG|hjIwG=0&|1LgP)aN1{5`ORhMo}O}|n;QFOz+pVxOJ!jd~LfROTJ z1XI5x!0hLNUd4eOfbfkE1ELeFdVoKc8dx8GW6}MrtmwZ4V*S7eq;Ep`!j0n`Ihq8( z4vLW9S_c{dm7OE;{#h16g27Nzb0gT?2mvcHfakVdp?n`jYzO8%0?(Y9PcI)&KR3WV zobGo!NbsV4pYiK5C1C-V`=bdo?}2fjx5gLD!Owci0R~)(Qm`_T68OmDJv@qt#F-3L zFdFdNxZQ%yblSd8OEb}+R3(;3u>YIOM_Ia`2syHo8;V%v5MABC4k~qVWk@IxXAuV{pS$bN$M-EIi<6lhyF- zNd9_~QI4EjAN*Xeh1$`RuKPf=_GB=_qaiOC+v`Y&#gESe@0cs(jP6QkWYt4R<|!gL zBU*)S<3`AE3??_HUmLf)W=tqLB9v7eWetOe*v`)n^s{F+PSdXC)GnlPh|&;(WY;Dg z39uxpC$Q9&Y5!c$J8tJ_$@aUX=~BcM$5u;{?`P|%v_Bw;IK!xNV%#ErB>bv)Vi&ht2~aAz z2e@A2Dof8E@+wsn|5dqvamc{7SK_B9A8q|R?`89929A#QAFIw| zj?1=+Ye*H={(T>T%yrUfXPC88#b+J!Obp~!@WpYG(F%I%xgUSOFvzMxa_tpb)B+aE zi~+f>>|Q|I=ZZz(y_g|N*@qcvVfN$SBxlp$X?My!b!*EyI7Gi7(ioqVcJ^MN8J=SB zQ*YD(Duar+(JL!yRr@nzU)YlnPRg}EPQ%Q`6A&(53+Omm>YfH@Bn_`w$Ak+$M#c=ME9nNnjR+Zx4ny_lml{*jJ?0CVl9Rr-m)X@UBf)?shr7 zF1gs?*H7&=`#Iu+K|o1}sglB+D`OQX9!_raZ4rhBPhLKVUhJ;nF{;OCW?hseC(enE z;`A$u%Q_Dw6k57O!}7I~!FoOKew_%i-GZ>(HbtZt7Dj*>N5Ie~114Nwzq?{7t=pj~ z4Rb-Z)s!9LYrDCSeD$xP?e(q;7WRUc^YQq~y1Xi{PGPesEu#|m?pj*6=m;l2(A)ET z0=T@FpM4+{UJBSD{(T@se6ojljGZ!x7Jq>fi6Z7`Vv?uLfiTDs=i@YLuc}_Y2zK50 z(=LN|(g$9Z?~9zYcgkG|GGreEy^h|7MZ~tEQ7%nO#_or;mzVfgGNp~L@}hpN>bUpe z6QL|rFGsoRoK?Zk>;t>Ba=|jmf##E_M1S41Rl~23=Flr(I4`IGj{$Cw+D`uaBb$Lc zNe(UI)TDzG7ng3Uu#eE2sr_a6gpjSW@f~cB_Q%BKJ%G%jEYM;lBaVR{M#B?FCi>=3 zCZAomi;%qxbTQ2XX2g_&`c@Eu0MMZeFB;%al zSG4I0ewv^^=Q+^i;d8{p8*q?Fbn(sq1gzNd=vjkij(1EOaQ z0%cF(2!vR0D|cve+&2DvSym_bmn|9nN~E;##H6OYf(>w;_D`J##+Ma?$g@(ODNpvq zI{o0|JJ$CBKg>GBF6oVCxDjSY%68#PEv@99@~}>adGs4ml*Yx=UL&L8`|D}H z!C*TIGu)x2#yX(7;6_hGA&OH5xiSQ;I2*Ohjl54(;L*@LM=@%ieSU2)Z`eGL zC><&^i>#vI)jCwA(LK6T3yf25Okq>aZpFVRl_@Xw!ryY(A9-Zp3NTa5pY~*5`&nwU z&3^B|UZum|mSMP7{cw9CP-5p5X9tYX+2+22T) zIWV*q655b|C`;8JootLeZ-xU`p1?s{%A-$Uv5J2e@Pj5k7o2Z5rzLFO+^~WZ=pRo8u96xR(Ck!tFDp4RFpI;p_5eGh+Rx3 zJ&SJaw~^X@)5)oYGqT4U{K02f&#@w8qi%y-Z}b)KCB_CQ<2tuL=p{bdy8t4*Q6Q|M zYi5A`(p#(9F(%6J37pB|{ia#+w5Khu!W#VdZ&-~c!UwbXmXkp1 zb)N+)3kOqCK^fEU%%fFm@N?##h`U;n(}ai$UwE(HfABLe<}>P0!2#k{=}X^J?as?W zHT0D#s653AZ(VK0|Mqa#i4j~}gO%kV&rm!u#)+>dD-t5y?3WW+If|xX?$=A4n5pBt z>S|s(jNzKO$MK6$o}aQ|CYWB+Gn7uu zC(*(0rqRc6Bi-T}8$je&Dp8AAvzBddfB-dUMF>&Nh{hcY+nm;9FG?NNqcE5S+!Pm- z#_jCCW<-m1TE)}L(=90K2I1$D#Az#o8)>|VV`xJ$r!+`mo6#yXI?-!jtcG#^{Wf>X zZ+aSeWFY`c&f5|y_0Ef47g#7=R{Y_9E?;yA^Ilt_rf!cmz`5iE+2y(PNfIw+*+EI% z^kuYKT_lc2`W{Hp#sc5a+p7GxyJ11b3Q=x_d`#U1Rw0c>$$2XF-+vF)T6RJ?v} zPA%rXC}8Q-uvor{st;`1**z#kPK8$0$f8MS?q_cA5K@INXVgKT8VfGK3a~DE61&`C9Ho@a`JCRjEcPV z&xH7?1aKDoX!-R2np@-t&f(h~futEez;q@_f<1^37j9$OWi(9brui&bjVi^0DK!aOVbm0aa(9b5Ebu_4<*K&}4>O z2ZK9CE$Yj~QJ2unn@hVW`wo7|H)(Kr)LRTFS_C&i!_K}$Gn5Xe9nF_mH{M)AoP)L) zi^Nm7K5oUAn|D6Y);*>854nex2g@=&G|Q%o zI9OoLPQuXP0nuuUBRcNa7nBc7Q^*e>EaQN{*)rx%9Jef9_-C!xGoedAQC))P{x~+? zQnA_;nQFKe19pVuUFrT73Pp!m;3 zT&iI^A99txjX0KcldSS1!)Q^KGURvR)w}7r8P1y~0cB-UXLIh+uhw)c3v@CiSm1w< zR|kA9BYp(t>)Z?Nd{~!(*(Lx7#umGQ4LkX^H~yX}WwD<#Wdp(VVDDj*L33bfksLA?n@;n z&@o|uJQ>GfW`K@KmQm#Fd0gd9>*qdmbXIK*t!g!*5xi-g5MLr<9W~>-IJz?Dj9FAy zE?N1lCyc0L|Fjm*GWqG}fWo;sR~Y=z=k^?(84J@9LBDlDeD%Q zbEszB4W$JM?APn6ieOtz)2#b`_v5jRJ@{z~j5eCFcJ@)Ag(p-Nhk$+UIxkqkO)>jd zD3mlVT^I%Iu;s<~AxzpmJu;lnEJKiSdb3Ya_)cAfH72WmR+9Su1swXLU#MzjkI68t z%&x8-!bsk}zm*3H3W|X-wV;%AGuYOX*l3*^stSsizK9^=|4`V+zGPLO_nU1l-5TIT zxuf4z8F%nK)-~uZ!I*z4`LnO*0libgFM#{Z`jt6K@6f{?zw`6+JGG3e?2{SA*&D7xIpnYJBY*vbyo!b25VIyXU^lx+u|WG8pp5Yf%pqB z+6}DY!m+>c_fI*gy7%`hy*AUDXV7wM z^H^RVvVz6ytnesjFin7BR5Aq5f@sxo)tcJochD2td2$yt4KXmy1F~>jC(ax{SqtI6+^tgr~rC`9B=+k zkQ?6urapUffNlTrsPBE2zK9c}8)T0xD9^3myQ}}bz1fS^ojfcSPB+;jR2?sE(A;zv ziCHk^1VXpE(uFGk zu$Z3`;6Ehw4xZtE+}YyLz&4s_1?oIJSdbt>aJtrkYpS#&R+4I|_5UPB7^p z>QA?|ua{<{jeMO|q=30nC%A8qct@39DApHQ7Zs5#ybj01gH)-jM%TGM93y$4nWR1( zuw&m0oTAjQ12C!j`Nn<$0R=8Vi{9Q?pl{B|Kj09w2?{Bgsr4frr0{p^K3ZtcG;eXa zZdG}0>ZZedj^EmwQtK&t=B`{>(0J=^X(G$@ox_3K^L4|{M}`-tcn(|D03br^#}@z8 zYj1Z}aUsrXJCKj%4QR*@nmh=OtL+1w{=^SS3+3R9+PhYeBC#G$nTl#u{lIHva)T%B z<%Nd+F%f~dDr`v{Yc>Tcoiar_=+at;BkzruhH%!Jm zelmD3R08~0e|y_);2bfE_r_;k{QV~wBS{HOr0Q_~U_mg-H_X6nEM!Q6DG|i4U))kw z?kBK)Y@vUuv~)@H8I^H@Jf(jRqInQZqwZ2{olUcB zod6N;-8;E}vd?e5YtchK`CrLj@;60a5VJ^+_L?jid#ELRLT(Evchm7(_#RykCh3f8 zI~4s7xx~QyT;jf88HSCr{c8^kE@k-CAq}m$jL4{)*h3iiGr8A#=gDAKK%&nWqQjU|$+z%3Db=F`Wp+pbi2a=+sEBA`QPjlprVt=S zZntxw{ufaAzF_&zYziN|e3Bw_21b8Com zE!V{6r%gNJk=7D`>%FFZm%(IwO{v!Fmc}iHXbb?BOdA8v%%?Jq%4gw=O z9ia?%n=iwCqFYF*4dnG!yP~$MzV%i&M0^-7_*pfec~P4!>2|4M_!fTQF^%R-avy3NRYdaXjOyS;80VQc2AQwCfpgE-JmNzemam zSe4`|r_4{+^RZ{{+=An6*>DGX*+RgJ&qU^%cOOybKne9jvD88gCx2^@8mY2ri?xl(|NIg_Qx2PFg16wlHVbiOZTV*UAix@l|AWGsf2R{40$w zuB?4pX9?Oa*Y@@7cxa5E(C1!%0FhltG7L+|Ci$@ppdCDdRar zPH_Px(G}h$`FeXk>$3Z=%2%Bsp=?dLpE)utwde6{_KY9zRHw1LD2^n&f8#kPgh~Aa z2gM!AMLOO^tJenw4K~t`;@1%aHSR>x$~=Hy2;y12r3;4KB$$sj-~*nEvJ zw2YZh`5u(Hw&D-X1t;ZvOG-M&uRDQM7_i2nT4R(f*(f#Xo?=cTk{GX=_onWmAC!hF zg*fd;WK{dtdgzDe)ZaNx=q>^m7+AYiGhlrtiSZHry6r*wzSsrl zOAP1B5@&qu+g>t-h@e@rXgzE_2`z^~L=mXxq)4E?p3?t(s17-zYF;;e!bWi|VE%8tkEe&5ud8klewKVXKE)zNm#=~E< zV@`PyoG5rajar@-*&`bCl0KGO$A!zs4aTF0yk8oOd4PT+^04V~&E_@I&*7TTomEsn z6Ny(O-ml>}8XEdnhqF*GS}=@ZlO<)D=ndw~VIT0?%=Jxz zJ!3hJm!_xBh~@FD+N*u^!li(Qn+{tsRm-u#LUF$yMiS5O(GwN{w%x_#>-^T-;gaFr z8j=K#XHiCQ4&pR
qUyseqLJUCs@Go$Be7{og6)r=mJQ5L@oEDxr5-BuGwk+u-6 z4$=9GmxC-!;qns6Jl=DSdL6TmU=dD4Z;24`7#9NvFtG+Z*LO7FVi8H%RYMZi0k(19 zfOkUwKSEeuh;73DKxzS1G;k)SZLl1Oj8c#381`-QuQ0iq8}k+N^a#9`?<(YC;<1=$ zOZFWbi}^(Czn~X_E7f;VRf?C%tW6`z6UmC+a|5ly<@mn+aFpF+kj=b`El&BzdTDt21Y;U2V{&+a`|K&F$jM=PYCJZu z{KM0-{;=?0(nr+Zf-Ng2yI&dB@XhQ{Qh1H_{jA}bSS%$z;cY6CG&dWu;oUp=d66YJZ$*!G=kRr^f!~cJ#WA1f82E zaxuip{Cz^$;0I(dIMg6Eez{8^m<>6ih@%|r0?PM<8-@TJD%$-O=ms9D@mu7~MMUEX zUekH^t__&lRCddrr1ui!vo$_(ZJCu7-~*!`m(%9KMQ6@D{QrBrWyAK4;a1bT5hbf(XKZoG&zte6bw#J+3fHNtjJB;u zY=Y5V`grpkU9+KqN)eCKQFTc?T+^ctR^NLE{`Z`U=#2a(aD!DVo>C2BzMI1(SckHpBFT&b1MPGq4&$C6!xiro zBJv<6A!nPiX(W^o@mN~}lN(qXYXtg1>ms~D8mqLmQZt({)mIoq^$n(BjId_*FNCXs zYeU;+&!X0jBf1+7f|Kp$XT|CEJ>=8X9>{ULoAa48gnlD;X4ZG->SqhSP{U1Sc)YGu z63K$9DF&<{(1$IXJ^wU!l&qNWTXBXDC)4R0X@aeWFWV8}*b!CQ3D$EP-e2_Di%)A0 z^S_~qu5FuV(;Y-QtA(PSSli3l?bh?1;$IPJZERe_K`z9LYaY6-v>UxnuM++ph;V~jV}1Vl}S&{ka)ed!{4%5dkORXivQ)nk1f_=)7?5GMp!D_ z=6Ysr-KU@p^uAqF&S<9bAS5d!|AA2!<|kYGT|XT>Fy&r7pHO39PN>7_&^GQ0C+XFp zt_eo1SO(TQIVT&f1j$Iy2T9_qU9-RRgE6&sN2lZhpH9y}{mhFhyL1e%+9QV$iZ)8Z zD^<5Em)aET0US{|rU*;|fHw=ZKe|Se{&(5FrtS&Jw??Reb5y{?c2N>`>igDdf%RNR zN_kdRT}@&b`jTcUjk`zU+^7{>+mq$F%P-<}CC6x#7oDi%M}ih>OSUJ6L*A`HT4i<0 zs~%CUH(_)Xg>WOS%UDo9of2@7oGd3|Cx+c;Nip40NTWwNicCxecgn+Z?dAvN7h%{O zB{5AoiCrsAc36ilzd~XTLkGo`VQ#@D?)|1hk+u6qK&cJp=ax6i0W~#E(QscmWCCV` z)6RiMr~z(Msu?FafMAG(^g3s#16@sO1{urBqk#uJZekX89LGqmx8gE*-Otex7j(&W z-Yy|(6M`GNSknl+;h@njDzm09(l;f$;ZRERNG>1LE{!q zh5NqCZXsllPbo<9;^5LL2X0s5-xw8kUSXZrgO_FD9d~S5Aa`I}f9czqCaGd?q?>tjN=?j%TGqPpw;Kb5ICOyl35PQ63uvW=C2L z_B&}4Ek--0$W_q~ERh{jEH%iB5wx1;H}ZZt7HJ(}o0%;p~-1 zhs4tW-Spvgq$XLsxXBlb_7`Hk!<@r>;^jqkAH8JnY}QgZA1g7``vRo3&Od)_P?9=CPrG_sVUtK0r;9+h1S^+5nY zd?9a>HX;UwlOK=Eg*etZx5M7|aGTpvXs+F1C)a~if_$?CJ=cZd?ZV)bM2zu#=$lpEU!d+TPcF@#i4?KLt2%L?ZW z=BmHq=A7%8w1##=M5Z3}pTm(9#z?s+^&YwlBLy+3ycB5}BDuW{)?ea>?Mz%oI#G$- zsjUrkO#TeDemW9FyK(U&FuM>#fr=zyvXG3%a2`3_BkJeHL?t;CV5Q@QT*a2X5Ey&8ysvdZ{(odk9jHD>spCG zt~R8F@t!ulOML{&UX>@qfxt1&D3u=dy%rr!MrLUKi}p1uPlJe@15Uk414{nMF~IeAudd zn7bl&Qgji)8Acqu(1*TpMw3g8Gl+(=!6A`ON*FfT+?!eL!Wbs>atk!nFBArg19~VW+1^S3)T{KKFmOvoV8ZV zpG)57dRN=!*@!8;$_8z9J-Z(jMgwo`)mchz4DKE~tJQgPvx)1o$dzkEvmN9^7FjOd4 zO=!?DN*ECX0Y(WN(QxvG%0oxWysL@W&#eLBCK}MZ=5?V&Z=CUt#D(x~T-0Ht+F)8uIdOPtHv>2hEWJRX*m!|E_qsy{?3dIy_ zaxwI7OR|*F(cx^A>Ip(d9x+?#j3jRG%j9Rfjy}RiW z0M!2ZRpa~{m$ofTPuu@fS-`~Aj)HkFh{-Ws zg)MR2Cn2|=6(+{y!hII8%C8-{jMXP(y zJ0w81i7pca#b^k+4^Y(?kj`i#z9 zNu{HTwxO!K$BnM;QSQ-oszmd&CngP&n!#MY8pPFWWh7lRu2|Bi6n8$2Nl zwPYc7@viZ{sm~Ck$Oy1rdMSe(cOfeuloY|F{jZ3#qY1|beaj1!1!%HL3`aU$S zP?Tx5O4i7enCOOU$Y1gM}Dw9NAFr#Hg>m;*s7p)+e#0$ zq*^y>`Z^I?d45==oGz;wdRs(2QB%u#Ask^7+=ZIbWQKngF#P;o&r@^{AhsEe5I!pU zyL5lV;SKY24#9X77@^U&f4Q>}?TpJbdQAOi7ZL(I5+ME-)_;vRCm^hWnULA7y0b=s zPo2@KVO`p(%EpnJr5dgEg{p#C+Y~*jF-IpMvdw$lJEKVu^=hWB6NxLM<=?Jjsg_o1 zms(O$TOf}lP_f9rMupC6Jh6noBF<*o@wKSrVEYoUMEE}4T=SQ0=_$9O@J0(p!S?6o zP$F)}LD5Pnj=~0=q?#T}7G6{$xd3h55lL|>Y>Ya=nQ2T_r@}oEjzq})foPqB>=5F~ zh|-`^Lkuog6vlord#Y#ik%V2K7tCJ$n%!Y|?Zjvqa<1dLhDFXf@4@0Mt_?3NN_HqL zLDVUj06kkA9g19ZuE$*F)IJNc1UJlxTWbu4(+GLas{tHTB92z8_+r)lf~)wR)DNjT zmFAs7`c?aL<(4u#bvunYWdin|LW13Y9Rx}cOa!aZOR-M5&=;raLixHul#1v)%?Fa< z7RV#8aW=le>IBC53b`>DZ>(Vn#6xWCyqYf^i%HKqk=wpmit}vLR*q^F<;E_A+LZE7 zi`TGwPfT-&Q3Gy5<281fL~J28R3L-{$~@0j`bSd=EetJk!VDhiaIuQVXyFA}RmH$? zW^0RMX=f}Ohi#6N#eK|yd;+Ti+L zkB6l-<{Z5gi{wOKwJ`Zd5#3AH`elhaY!T(zAO~F0mKTkl6gG5xF%DRBDva*1)}ofI zydqVzs(t8^^l!(eZ~hu}tHLKRbXI1JgHQj_Z+ZZgkpo?fl~~^7Wv+Ai*Dv(({d^kD zbDXWDXqqJD<>$}W+bfavz~&|rR$WmS3>%N85TfwfA0tV!-V+;PS`n23HD_X5d1pM% zZsVM)Df475@X--F1Lm1h$a;}d6oJzkZN#@?O>=SJD{N5J#-2$8VVgY#L(XG1svgKV zrwdq!102~D`{wln=CAl;%U2xk`N_Uh5MXT`e% z@n7=Z{Qda}J`08Lo}~uHOxZI5g)79dFvUUv+mL&8J{q*4W5ixB!)Bbl z3enw7znTmU7H2;jipr*TOqZJ8g^c`^6RZ8-X9f}+ygM8VW%(=JZ&!KX8ta+)>eR)DjbWMX2{PpYb4fS5=p0D8sC?=^=dyNtR4p#S02>w=?tp zxqqT~L)?ApEa7!|=>wBaLq%Ikp&dLE0DIvJW3TeB8vNGt#97Ky&<5Dh%RSii$xUDn zdsCX5YqN~Y4UPI4^N-SlvP&WddF$=z_5Snn^9ZdS@OFui1A^&2k)~_=-Y#rzC(iEP zINJS?{CJ@)PBd3W>hyC3VP`-dG)lDwUnnCUl+y#(mo9zKLdCG3(D(Koq_-O%SkLx+ zwvo!r276#7p)@qF{^=ACUz9N#%$q>q9iC?OFfnXTdiS(n-3|{j1i=*FknZXZBuHY> z+_eC%33qo4c&7h5#E9t4N9drM@Jvu9C=*oVLZa_-^5FZ<*#r8GD>hm6vUMhy;BbBi z5S5WM(X-*c{vy&*&mgwM^t2;RkQ~3kY)VBMO@|oxX@HGy)C9@iP9#+G9S|BJo$yS` z1CCUA3?vCs@#p7w1$ywF+Wp76j|q?DHW}9DwSOzWxuki(EhAC9MW^D{b*3Ur!QqSOcPToGfy znVd*-0F9s}tAZGUDrctQ=()Reikr5I-yCr`lP+x)6tp20Gz}U?1jbL2t9J_2PhOV0 zs%zEQDEX(+vjE)ya5$X$xDcv{eMYPuDJukXZgE?x1w5#~B#{m#`<9Y<$HwVFJFAz7 z5lo>B$#x)Oe^kYE$#-o^!s#lG=dHvPchm4IU;%2k#Z4+>FYhfIoZ~q4ti662q^8TB zz!Mod>CMer%un7VqXQc#DY!n<>2!;Avt-U8aJuXLOBW4VSzhoz^%%P$?i!ApX+a4Q zKIX=>2)8=a76BnEEUxS#+{BQ#xSOc|U>=Csa7rUo{OG=ts%Yp?j96M6DeAr>=FnW* zUc^wtYC&Rd?S+Wv$ZhpQvE@{B2i6OZtmI&P(zAfQao@&SSWAH`>-)t(fS*Gmi*e3` zbSOr;@Es3Oe0j^Vv6<1ER1`gw)YdLyZtM98sAg<6XEf+~Lmp>zF27u8IiQomW{fi} ze}iITftD%c+Nt(rh0er5WL+EZ9n;hlYEnNK-o%muK)Y+;(4CZ~-$I5bh*ZI!QD+p5 zjY25-oEAhZAU^ZUIFrGH0;~@$9fN!ZZQ&0M^?0o`jg{Ku zK^D(B_eW&zzDIpcT;?dc7HR0h#3p~I!aG7;g9k-pET@}5a~9-nO4?5;Xy>ba%e(^i znuhO2P^Lyhn!oSWvGF{8wt~WF@9EO`)eW5~h^3vPi{G4cPIJ3&D*mPRr%-}h{N@)F zt(8G9hJ(KUlQcd{vr;_`qEGzHSx0Yz7;Y%fvEp_TU;s z6ITAG=kQ!sF-lLn0m6p$1oL&tSut??_w-T5Bu|;BUja}0fi?HZy%*AnZn_de@^8)+ z(CoD$gT&ddFS!tHavJ>f`!8`a$fx6bEXc>GbehWTA(bmydmO5_5PxsSyosb6*}EA? z6h3#yW()Q%dN`jzu|G4?O0{4&5i$#9`mGgLgq|OuH}jXCqLe0ap5ypoqO%co(aoMJ zUNeIC*Z`vIo61xpLqJh7KgtVEmZsO~j#+6|j68+FHtZ8UcjwMG&Thtbj(uFTUdH;~ z-Q*wHzpBm6_qU}xs_^R>b?1o-b`N?APZ5k8Esu;)nX$Cw1Mt~RoP(&kDJUVjw6qf# zJAItKUt5|WH7-#l=cSCcu;m`d1cvW&9KhS!EtQZ$bev8A zdMzSBJhJ0h+JcS1sI#>?=)^LN+&tGz!Uw(NQWF{P+J80P~$Hwl6(r^6nBF+T~>hf}LtJQ;xq)j~srh@gan^eVdcqMbeYCS)Y= z=eqXRdZ}Fg7IWIQ-JM@^eivB!jT=WP4knxiCl1-GK77`aJNw_-VS$iXKR3?Qr-(oQ zwbJfX^-cUc9E_zCH-9^>d=MmXmiTqyuD?DDFD_Tbbb-ZSr;x(PI0oOoTHM^i97eZ+ zjynO1vI0eHF3HCbn4_=ZHdg%q>p|kg}N>DAYoKSP`JnkCd+?g zV7;Ly!mgcV#a%aBP;`8@pe$jer?{Bvob^m)2>#VP-F8#L{GJSUM=hhKS*Bj8v_;0b z)#~e5?PK5jZh?i zO@C)3Hen_D50w(XGbz%l;Ctfw??eh$p^3K?vQA>*W(t)kOX%-aX~R=mly|3JES&;A ztjk)@vKrgfH<$X7){aP0`19gdyk8DN{P6oMC)H^3)SzNJXTd$K$&bd883|-r)>G;DlQ-W$MUaR z|56#F*3bhK4BX+8K8Q0k<5;GYc^w-(iDQ&?W99}5Tuwpu-fSsVq3uS}bV997z?!`{ zp(C~;G=5zI?jCF1hl`fj1i_7;$Q#1sr z-6Ciuhl^eeQ9Y!3zrHH4DJabS9XTCTFI6APVK@z3i%Tx5n8%`6i&>j+4F2+%Oz6Z1 z86HMN=;ZQzKD#Rr(Zh#(@?H>*Jg>Gj}=*4DtR0mtvZKT9G$sE=aTo+rG-G|=9KGhj_=;1RpX{&ggW2-@TrH% z-~YS>jtT%#^44y;5xV>Krrrw77Mx05`N6Mv=!a$5hh8fZq>8>xidyoY*9`YYJV_$= zeNnrTs<>uDPLD{64!eGbM!p3aX$sg4g>DHZC6hyvD#|YI%Sp~jHgUiOqz|r@g#VDs zT@#H})lf)Qfp`Rm)oAa(IlFTW&gYUMQsmg^X0!R+JvRz$E=3Mj8?&0Y&6EB)9|K+z zUgq!NMXSp0ru|>UA-(x){VsuxE8dNt9TLF1c>#jT_qvhjYz z7iK1onaDF%PD8>DOMr+fL;5VBBCLxwH1_gLIDS_FU8uZg&JdOBpTW`the^o8d!cGC zf^~!-!>qr;=Zy@1FiE8W8`g+>?mTMAZ`D#-3k03JH7EJ~Y7(9> z#BXuorm3qWg=kcn_TEhyQ_mt1tkIQJ=SYK7?dxB3GN7zFdaircAU2*De$|eGv&}AFNY|ZrjdUIjg(c;iH63;$HD)N;y4EQS&gD5(P3$G^<2Z<%&Yy|S zWU4>6ex9O+OSEcpQB3|`fL=4NFMnd+IE_;{5UUAq{MOed=PG8X;1eW8!UJy;|2uRL z?p7iSZ9~fj-B1@qd3UEq1Q|kR?;T43NMUq5XqbnF%pU3LJ)yzBB+xcq$|D15l+Yl^9eu0 zfD^7!gcVoi6SP7Fi6F}C97JXYGP9oTYTQj|kPfSzhkSd>W_cct*+EQUbJ_DBQQ{y*F7o=pYNYb2UU$y_OBDprsrHE+|*?@0N{vR$P z*L9Cw>lFyoIp)Nygf$6emahN|49O8_rdhhF9z!pbf50(6IVJKA@{6>+Bq~AX>h+}- zU-S^X;3u?*o_(wC`WLb}=UuW;j>^STe65ChtKr9NvrBY3&{9)Bj7hO~en_M7j>M2! z>;8<8s~g;e0OFmDa4m4YBAHmAG>>tFq)1>q3@w+5)8vx5{yt7kKzOk$H8zu zi-KS}ixM2p@pLkoN5NzmOp=Kg1f$s`iIQLkJxYO85x-k!rwS+TpPm|^-uXF8@6d*| zXlukBH>ai!`+&Jo9d{vYBWXBFj(byZJ@oX~LMUXK)cQpT?hjNF8U2ooXOtgTySZVL|(~gTR zG*>08WFwdpA_a>En8TI8#>=%pR)&R#ktSABTNkj~z?6k)v&PJo{seYf2^U!YFMn`w zb#i7jHZ3tt&iaXPaWj{v%-w$^S-;RwRMk6!{!eQjkCukgwBRq+MX%c$T(3>ZtnKue1Lm!9n z$PeOVh^BEc3&+DrIFH7&aOCYrmD>I_AKI?XZ#I6Igt%vzj?SzwFv|#)K5A9sbCcF~ z{5IEF0orfM+VM4hjGRbU^!_D+ig#YXeP4d3tiCFZUqqwPx_CN_Fto?pXqF zeJfi*4&!^!#A>+!GW|u`E$X_3TXR+~PyWW=@pqd1Ufkf{MaLhP1ML+lsP(<`y^Jnk zCiJi@>I=ijFzlU!M>a{QUEPB%$0&x#_KxMP*fL4Xmuls8SR95^DR~`O82O{Iq~`Pa z&qSvcAu%yD(fmWbOpgCqVpixk>f~5`Sj~$!yG(TwmuOHgHmPC1O2FI37lN}KSn(!9 zD-sF*#t6;irGYB;xYj}6MYtT)qEB^aoOc+yxqm1#P#GTOcyk&8UQ-f=OopmdK473p|`{^2jfz76?K8nq&t{lBV& z1@^vWjU_H!xdyo$i!4@#4j5($)J6~);L3IzS6fJH92=jeD<4m{$0EgO}C?%Gcn2mo(e7rpj?0p1gB_+27V~9Wr zNpFJPFO(I)R7G_JN;0Fiv5tY{^qz1i2~8mjmummGs2=Wcp^!37{e6gkb|Yyywyu7C z`Ku+PX+eykAWQ#`b%U4{rW|G5#N7AheTl3g$?lQA+KHiiyVwwmWZ-FS8+n@T+%&K* zQCh-2UaI$5b`uoi+r7Af9u`5*<4jy1MSYVHydnL+>(is|;LJ-HA#_UVAV8OKAQX z_drFTUZ|3WC)p4k=)UZIVG#T!Y!8E+C*LIouKH%t3*>3GOv&;`k_<|gf0fdK9D%;W zNxs%&>_>%ZtE5oJ_v8y*=%fd!ma-aJw+2y%=So|FG)&86x#@HY!IhO5tRpG`=E^iq zOKdyv2;;rs6#LWufH(H3t*SuS1A8qhudFr>)a^f6Z5;jd({ByIT%r|lx9fZjQvL#J zQ{#>Lm1xm$s{$$SPLrgjvro&fYj70v-vDr41|a>e#fK z!Q4sXr~-L|3XAuWu4)>0*j*)^jQoLBj%=4pg9BJzl0UGZ@deN#)L^!>5{%%gnQJ}; zP+&#YCE3std>KqdTv=dNhFm=WWXZRZBig2~z^ncg|9j6la4Wo8Q&GuHj$0S*t{GGl z^#x5Mkov_=;w{Q$rL(VM?@DsN{LQNf{gNj>FMFlcFL2)TGW$w)yd?HZo%#o7fIni| z_L|0LJIjQ0)a+2DEbIO6SpdWU_Im%?9Ial5m)$TxT=thZTmES$>}M`$+ozLYHc;Qr zq4c;2lCn?jU*Vd)H-xQF5#87W8*bk-`@s+I7|!K)^8zktSLM3b!-o}dmZDCriiLiG zyg+GR$wm-0Kbad;#pTO>ZLe(wbX&xTthZ86GZzC3aE(et0FM>dIcEQC6_iz6Z&9__ z8s%I;`iz0j71FJNcE($7iM4A0yI;7SfvP*yu8HMV-D8{3H$}c!^^cJXi$DL_~NSOeU!ac&!K(STCKxzm3O~Gl?C=fgo-b$ zibTeI5q1Nji=45Ix>8m_T>$bfbUO>Wiv)|>OLW0$CM4P?wvYpm^~=@OLiSV$7^({z3S>E3`uU$V;?7W{3Eleg3G`#>BW)AnS|p3oQdNmSA-%=Yr4}o8jG{<;KjGfb zEut7<+tqUD{~0y%95Y(xQLC&YR48Tk>7RDAF6~o$?0MeG9@xS>XP?@$pNaixV9RKH zqorSOH}T#O`%}$wqHwBEerBDBim0q7wOf#?RmDC9v|YGL9{`n_sq2d=S8{8Zb#b_Y zT5Gy4Q^9X!dtHP=9+Ged3XHDxLe_>8Hr4_%=8bZo{A9velyBBDK}w#i0}+=2-byIl z0D(2Pgb`V82xXg)#v6fL&7$Gfmlp>lB$a2VDz@2})y2D4FQwt^-J7$^|F%zuwV7GS z8Vv6k&aGE3t>?VMv4yi+=N9Fbs;-l6YDl{6eGnD0$jL29@iqQCi%<&7T-wqGwpjp_ zFQ0ZL(Sf~I{bSut`GGGeEq>BQZ*?gO*azQIup^4!4zUGxR1{EkVfL!srR)FgFgfdX z53AgzD%_ZaK5gZ$8j@X-ahvh$!EAye>z~kyq@<(H3>Q?%+Dg=O*jklqU!=F_Jmgo4 z+wp+^8}uUCbO~ygP^jXvK+%VmltR{0EHm&J?FZHZa!y{BD3w3R@;&;OHZ6}^w5JC8 zk<-O`=Sa>dETQ>I9C@vsA%Na@Tig`IdfT=D==WW`qK?!SkQt5fqNmtY zEg(j<6CqiOSG=Yuet}YyML358;jLlO9N)1dV z>ZWgnabU$GfV-pIQE#;)Nkm_@Be4>DOC9yU0xf6+#2d_mE9asx8;7dexYngehBifj zC2zYNi2pD7A6Ms#B~177-OI(&wS=b6e~>!=8r@|UvaZe-wW^2LxTtn2l&R(W=iS9? zcnbU4a4KzksRHHKxY)IFtD1{O`-X8v82W3h9tI%E=}O4YRZU}f0%n9|1#k&ThUywB zX+$vBmts#cK(0Eg4a-8q{k>cRV3-6bo+RZfK18u(I7&LJ($_Wr0~1Eys;K)*yBVOt z$#?L#469vKb&nchJ9dqNzvsqb{lz}?A*78GZy~9-xb$Zuil*{7?YI?J$#+O3MN};xTD%A#!i{znROy{A=$fYVdULtv zO7XcanA9du-Nx6~<33mNsj-706XT}9I}G4ERShTQP%nzk0Pcgg*45Sj);E^C=HMBEybEV$BT7dxuh_tZRS-1>5AUdysHE-oQiOm0bB zqLiyDA5_V5C?&}Xr0=}fw>EBdd%Pz({u%Ce+~W7BgSwyNqe9f}`Doxc!1bYf?!?)F zrz76R_1vL1^u4)1*7dEX2#=GQ=g&s7$qdKAXgUvrWR^^WWQLP*;)mnuI2;a#;mn&% zu{ZZa?U`IzsNB^?kQtJ(2HD=Gxk}`|c-94ONo;tfe{{oEF r8LTk!;~jzo%tu|+{HLew+vnTo+vnTo!JmHz009606s|-g0EPtsWF<&B diff --git a/enterprise/authentik/7.1.0/ix_values.yaml b/enterprise/authentik/7.1.0/ix_values.yaml deleted file mode 100644 index f869883d90..0000000000 --- a/enterprise/authentik/7.1.0/ix_values.yaml +++ /dev/null @@ -1,258 +0,0 @@ -image: - repository: tccr.io/truecharts/authentik - tag: 2022.9.0@sha256:e3ccba4164bd4f8715eba5f28e1dfeb80b090a60875732b68a1e7e857c6e27a1 - pullPolicy: IfNotPresent - -geoipImage: - repository: tccr.io/truecharts/geoipupdate - tag: v4.9@sha256:ce42b4252c8cd4a9e39275fd7c3312e5df7bda0d7034df565af4362d7e0d26ce - pullPolicy: IfNotPresent - -ldapImage: - repository: tccr.io/truecharts/authentik-ldap - tag: 2022.9.0@sha256:7a105527dfd259a7d77a1516ee9729658809279101070a11172c4aa7dc398d33 - pullPolicy: IfNotPresent - -proxyImage: - repository: tccr.io/truecharts/authentik-proxy - tag: 2022.9.0@sha256:b3756005a151b03de939f1c7f3034ab0ec16d18c9f11e025e60831707d5188b8 - pullPolicy: IfNotPresent - -args: ["server"] - -podSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - -securityContext: - readOnlyRootFilesystem: false - -workerContainer: - enabled: true - -authentik: - credentials: - password: "supersecret" - general: - disable_update_check: false - disable_startup_analytics: true - allow_user_name_change: true - allow_user_mail_change: true - allow_user_username_change: true - gdpr_compliance: true - impersonation: true - avatars: "gravatar" - token_length: 128 - # Use single quotes for footer_links - footer_links: '[{"name": "Link Name", "href": "https://mylink.com"}]' - mail: - host: "" - port: 25 - tls: false - ssl: false - timeout: 10 - user: "" - pass: "" - from: "" - error_reporting: - enabled: false - send_pii: false - environment: "customer" - logging: - log_level: "info" - ldap: - tls_ciphers: "null" -geoip: - enabled: false - account_id: "" - license_key: "" - proxy: "" - proxy_user_pass: "" - edition_ids: "GeoLite2-City" - frequency: 8 - host_server: "updates.maxmind.com" - preserve_file_times: false - verbose: false - -outposts: - ldap: - # -- First you have to create an Outpost in the GUI. Applications > Outposts - enabled: false - # -- Host Browser by default is set to the first ingress host you set - # host_browser: "" - # -- Host should not need to be overridden. Defaults to https://localhost:9443 - # host: "" - # -- As we use https://localhost:9443 it's an unsecure connection - # insecure: false - # -- Token is only needed if you accidentally deleted the token within the UI - # token: "" - proxy: - # -- First you have to create an Outpost in the GUI. Applications > Outposts - enabled: false - # -- Host Browser by default is set to the first ingress host you set - # host_browser: "" - # -- As we use https://localhost:9443 it's an unsecure connection - # insecure: false - # -- Host should not need to be overridden. Defaults to https://localhost:9443 - # host: "" - # -- Token is only needed if you accidentally deleted the token within the UI - # token: "" - -metrics: - # -- Enable and configure a Prometheus serviceMonitor for the chart under this key. - # @default -- See values.yaml - enabled: false - serviceMonitor: - interval: 1m - scrapeTimeout: 30s - labels: {} - # -- Enable and configure Prometheus Rules for the chart under this key. - # @default -- See values.yaml - prometheusRule: - enabled: false - useDefault: true - labels: {} - # -- Configure additional rules for the chart under this key. - # @default -- See prometheusrules.yaml - rules: - [] - # - alert: UnifiPollerAbsent - # annotations: - # description: Unifi Poller has disappeared from Prometheus service discovery. - # summary: Unifi Poller is down. - # expr: | - # absent(up{job=~".*unifi-poller.*"} == 1) - # for: 5m - # labels: - # severity: critical - -envFrom: - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-authentik-secret' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-authentik-config' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-authentik-server-config' - -probes: - liveness: - type: HTTPS - path: /-/health/live/ - port: "{{ .Values.service.main.ports.main.targetPort }}" - readiness: - type: HTTPS - path: /-/health/ready/ - port: "{{ .Values.service.main.ports.main.targetPort }}" - startup: - type: HTTPS - path: /-/health/ready/ - port: "{{ .Values.service.main.ports.main.targetPort }}" - -service: - main: - ports: - main: - protocol: HTTPS - port: 10229 - targetPort: 9443 - http: - enabled: true - type: ClusterIP - ports: - http: - enabled: true - protocol: HTTP - port: 10230 - targetPort: 9000 - # LDAP Outpost Services - ldapldaps: - enabled: true - ports: - ldapldaps: - enabled: true - port: 636 - targetPort: 6636 - ldapldap: - enabled: true - ports: - ldapldap: - enabled: true - port: 389 - targetPort: 3389 - # Proxy Outpost Services - proxyhttps: - enabled: true - ports: - proxyhttps: - enabled: true - port: 10233 - protocol: HTTPS - targetPort: 9444 - proxyhttp: - enabled: true - type: ClusterIP - ports: - proxyhttp: - enabled: true - port: 10234 - protocol: HTTP - targetPort: 9001 - # Metrics Services - metrics: - enabled: true - type: ClusterIP - ports: - metrics: - enabled: true - protocol: HTTP - port: 10231 - targetPort: 9301 - ldapmetrics: - enabled: true - type: ClusterIP - ports: - ldapmetrics: - enabled: true - port: 10232 - protocol: HTTP - targetPort: 9302 - proxymetrics: - enabled: true - type: ClusterIP - ports: - proxymetrics: - enabled: true - port: 10235 - protocol: HTTP - targetPort: 9303 - -ingress: - proxyhttps: - autoLink: true - -persistence: - media: - enabled: true - mountPath: "/media" - templates: - enabled: true - mountPath: "/templates" - certs: - enabled: true - mountPath: "/certs" - geoip: - enabled: true - mountPath: "/geoip" - -postgresql: - enabled: true - existingSecret: "dbcreds" - postgresqlUsername: authentik - postgresqlDatabase: authentik - -redis: - enabled: true - existingSecret: "rediscreds" - -portal: - enabled: true diff --git a/enterprise/authentik/7.1.0/questions.yaml b/enterprise/authentik/7.1.0/questions.yaml deleted file mode 100644 index 74f8d99c76..0000000000 --- a/enterprise/authentik/7.1.0/questions.yaml +++ /dev/null @@ -1,4091 +0,0 @@ -groups: - - name: Container Image - description: Image to be used for container - - name: Controller - description: Configure Workload Deployment - - name: Container Configuration - description: Additional Container Configuration - - name: App Configuration - description: App Specific Config Options - - name: Networking and Services - description: Configure Network and Services for Container - - name: Storage and Persistence - description: Persist and Share Data that is Separate from the Container - - name: Ingress - description: Ingress Configuration - - name: Security and Permissions - description: Configure Security Context and Permissions - - name: Resources and Devices - description: "Specify Resources/Devices to be Allocated to Workload" - - name: Middlewares - description: Traefik Middlewares - - name: Metrics - description: Metrics - - name: Addons - description: Addon Configuration - - name: Advanced - description: Advanced Configuration - - name: Documentation - description: Documentation -portals: - open: - protocols: - - "$kubernetes-resource_configmap_portal_protocol" - host: - - "$kubernetes-resource_configmap_portal_host" - ports: - - "$kubernetes-resource_configmap_portal_port" -questions: - - variable: global - label: Global Settings - group: Controller - schema: - type: dict - hidden: true - attrs: - - variable: isSCALE - label: Flag this is SCALE - schema: - type: boolean - default: true - hidden: true - - variable: controller - group: Controller - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: advanced - label: Show Advanced Controller Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: type - description: Please specify type of workload to deploy - label: (Advanced) Controller Type - schema: - type: string - required: true - enum: - - value: deployment - description: Deployment - - value: statefulset - description: Statefulset - - value: daemonset - description: Daemonset - default: deployment - - variable: replicas - description: Number of desired pod replicas - label: Desired Replicas - schema: - type: int - required: true - default: 1 - - variable: strategy - description: Please specify type of workload to deploy - label: (Advanced) Update Strategy - schema: - type: string - required: true - enum: - - value: Recreate - description: "Recreate: Kill existing pods before creating new ones" - - value: RollingUpdate - description: "RollingUpdate: Create new pods and then kill old ones" - - value: OnDelete - description: "(Legacy) OnDelete: ignore .spec.template changes" - default: Recreate - - variable: expert - label: Show Expert Configuration Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Controller Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Controller Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: customextraargs - group: Controller - label: "Extra Args" - description: "Do not click this unless you know what you are doing" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: extraArgs - label: Extra Args - schema: - type: list - default: [] - items: - - variable: arg - label: Arg - schema: - type: string - - variable: authentik - group: Container Configuration - label: Authentik Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: credentials - label: Credentials - schema: - additional_attrs: true - type: dict - attrs: - - variable: password - label: Password (Initial install only) - description: Password for user. Can be used for any flow executor - schema: - type: string - private: true - required: true - default: "" - - variable: general - label: General - schema: - additional_attrs: true - type: dict - attrs: - - variable: disable_update_check - label: Disable Update Check - description: Disable the inbuilt update-checker - schema: - type: boolean - default: false - - variable: disable_startup_analytics - label: Disable Startup Analytics - description: Disable startup analytics - schema: - type: boolean - default: true - - variable: allow_user_name_change - label: Allow User Name Change - description: Enable the ability for users to change their Name - schema: - type: boolean - default: true - - variable: allow_user_mail_change - label: Allow User Mail Change - description: Enable the ability for users to change their Email address - schema: - type: boolean - default: true - - variable: allow_user_username_change - label: Allow User Username Change - description: Enable the ability for users to change their Usernames - schema: - type: boolean - default: true - - variable: gdpr_compliance - label: GDPR Compliance - description: When enabled, all the events caused by a user will be deleted upon the user's deletion - schema: - type: boolean - default: true - - variable: impersonation - label: Impersonation - description: Globally enable / disable impersonation - schema: - type: boolean - default: true - - variable: avatars - label: Avatars - description: Configure how authentik should show avatars for users - schema: - type: string - default: gravatar - - variable: token_length - label: Token Length - description: Configure the length of generated tokens - schema: - type: int - default: 128 - - variable: footer_links - label: Footer Links - description: This option configures the footer links on the flow executor pages - schema: - type: string - default: "" - - variable: mail - label: e-Mail - schema: - additional_attrs: true - type: dict - attrs: - - variable: host - label: Mail Server Host - description: Sets host of mail server - schema: - type: string - default: "" - - variable: port - label: Mail Server Port - description: Sets port of mail server - schema: - type: int - default: 25 - - variable: tls - label: Use TLS for authentication - description: Sets tls for mail server authentication - schema: - type: boolean - default: false - - variable: ssl - label: Use SSL for authentication - description: Sets ssl for mail server authentication - schema: - type: boolean - default: false - - variable: timeout - label: Timeout of authentication - description: Sets timeout for mail server authentication - schema: - type: int - default: 10 - - variable: user - label: Username - description: Sets username of mail server - schema: - type: string - default: "" - - variable: pass - label: Password - description: Sets password of mail server - schema: - type: string - private: true - default: "" - - variable: from - label: From Address - description: Email address authentik will send from - schema: - type: string - default: "" - - variable: error_reporting - label: Error Reporting - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable Reporting - description: Enables error reporting - schema: - type: boolean - default: false - show_subquestions_if: - subquestions: - - variable: send_pii - label: Send Personal Data - description: Whether or not to send personal data, like usernames - schema: - type: boolean - default: false - - variable: environment - label: Environment - description: Unique environment that is attached to your error reports, should be set to your email address for example. - schema: - type: string - default: customer - - variable: logging - label: Logging - schema: - additional_attrs: true - type: dict - attrs: - - variable: log_level - label: Log Level - description: Log level for the server and worker containers - schema: - type: string - default: info - enum: - - value: trace - description: trace - - value: debug - description: debug - - value: info - description: info - - value: warning - description: warning - - value: error - description: error - - variable: ldap - label: LDAP - schema: - additional_attrs: true - type: dict - attrs: - - variable: tls_ciphers - label: TLS Ciphers - description: Allows configuration of TLS Ciphers for LDAP connections used by LDAP sources. Setting applies to all sources - schema: - type: string - default: "null" - - variable: outposts - group: Container Configuration - label: Outpost Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: ldap - label: LDAP - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable LDAP outpost - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: overrideHost - label: Override Host - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: host - label: Authentik Host - description: "URL of your Authentik server. (e.g. https://auth.domain.com)" - schema: - type: string - required: true - default: "" - - variable: insecure - label: Insecure - description: Check only if you accessing Authentik in an unsecure way - schema: - type: boolean - default: false - - variable: overrideToken - label: Override Token - description: Overrides the random generated token to provide your own - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: token - label: API Token - description: You can get this from Applications > Outposts > View Deployment Info - schema: - type: string - private: true - required: true - default: "" - - variable: overrideBrowserHost - label: Override Host Browser - description: Overrides the Browser Host, by default the first ingress host is used - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: host_browser - label: Host Browser - description: URL to use in the browser, when it differs from << host >> - schema: - type: string - required: true - default: "" - - variable: proxy - label: Proxy - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable Proxy outpost - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: overrideHost - label: Override Host - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: host - label: Authentik Host - description: "URL of your Authentik server. (e.g. https://auth.domain.com)" - schema: - type: string - required: true - default: "" - - variable: insecure - label: Insecure - description: Check only if you accessing Authentik in an unsecure way - schema: - type: boolean - default: false - - variable: overrideToken - label: Override Token - description: Overrides the random generated token to provide your own - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: token - label: API Token - description: You can get this from Applications > Outposts > View Deployment Info - schema: - type: string - private: true - required: true - default: "" - - variable: overrideBrowserHost - label: Override Host Browser - description: Overrides the Browser Host, by default the first ingress host is used - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: host_browser - label: Host Browser - description: URL to use in the browser, when it differs from << host >> - schema: - type: string - required: true - default: "" - - variable: geoip - group: Container Configuration - label: GeoIP Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable GeoIP Container - description: Enables GeoIP container - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: account_id - label: Account ID - description: Your MaxMind account ID - schema: - type: string - private: true - required: true - default: "" - - variable: license_key - label: License Key - description: Your case-sensitive MaxMind license key - schema: - type: string - private: true - required: true - default: "" - - variable: edition_ids - label: Edition IDs - description: List of space-separated database edition IDs. Edition IDs may consist of letters, digits, and dashes - schema: - type: string - required: true - default: GeoLite2-City - - variable: frequency - label: Frequency - description: The number of hours between geoipupdate runs - schema: - type: int - min: 1 - default: 8 - - variable: host_server - label: Host Server - description: The host name of the server to use - schema: - type: string - default: updates.maxmind.com - - variable: preserve_file_times - label: Preserve File Times - description: Whether to preserve modification times of files downloaded from the server - schema: - type: boolean - default: false - - variable: verbose - label: Verbose - description: Enable verbose mode. Prints out the steps that geoipupdate takes - schema: - type: boolean - default: false - - variable: proxy - label: Proxy - description: The proxy host name or IP address - schema: - type: string - default: "" - - variable: proxy_user_pass - label: Proxy Pass - description: The proxy user name and password, separated by a colon - schema: - type: string - private: true - default: "" - - variable: TZ - label: Timezone - group: Container Configuration - schema: - type: string - default: "Etc/UTC" - $ref: - - "definitions/timezone" - - variable: envList - label: Extra Environment Variables - description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." - group: Container Configuration - schema: - type: list - default: [] - items: - - variable: envItem - label: Environment Variable - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: expertpodconf - group: Container Configuration - label: Show Expert Configuration - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: tty - label: Enable TTY - description: Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled. - group: Workload Details - schema: - type: boolean - default: false - - variable: stdin - label: Enable STDIN - description: Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled. - group: Workload Details - schema: - type: boolean - default: false - - variable: termination - group: Container Configuration - label: Termination settings - schema: - additional_attrs: true - type: dict - attrs: - - variable: gracePeriodSeconds - label: Grace Period Seconds - schema: - type: int - default: 10 - - variable: podLabelsList - group: Container Configuration - label: Pod Labels - schema: - type: list - default: [] - items: - - variable: podLabelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: podAnnotationsList - group: Container Configuration - label: Pod Annotations - schema: - type: list - default: [] - items: - - variable: podAnnotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: service - group: Networking and Services - label: Configure Service(s) - schema: - additional_attrs: true - type: dict - attrs: - - variable: main - label: Main Service - description: The Primary service on which the healthcheck runs, often the webUI - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Service - schema: - type: boolean - default: true - hidden: true - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: LoadBalancer - description: LoadBalancer (Expose Ports) - - value: ClusterIP - description: ClusterIP (Do Not Expose Ports) - - value: Simple - description: Deprecated CHANGE THIS - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: ports - label: "Service's Port(s) Configuration" - schema: - additional_attrs: true - type: dict - attrs: - - variable: main - label: Main Service Port Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: port - label: Port - description: This port exposes the container port on the service - schema: - type: int - default: 10229 - required: true - - variable: advanced - label: Show Advanced Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enabled - label: Enable the Port - schema: - type: boolean - hidden: true - default: true - - variable: protocol - label: Port Type - schema: - type: string - default: HTTPS - enum: - - value: HTTP - description: HTTP - - value: HTTPS - description: HTTPS - - value: TCP - description: TCP - - value: UDP - description: UDP - - variable: nodePort - label: Node Port (Optional) - description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer - schema: - type: int - min: 9000 - max: 65535 - - variable: targetPort - label: Target Port - description: The internal(!) port on the container the Application runs on - schema: - type: int - default: 9443 - - variable: ldapldaps - label: LDAPS Service - description: The LDAPS service. - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Service - schema: - type: boolean - default: true - hidden: true - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: LoadBalancer - description: LoadBalancer (Expose Ports) - - value: ClusterIP - description: ClusterIP (Do Not Expose Ports) - - value: Simple - description: Deprecated CHANGE THIS - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: ports - label: "Service's Port(s) Configuration" - schema: - additional_attrs: true - type: dict - attrs: - - variable: ldapldaps - label: LDAPS Service Port Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: port - label: Port - description: This port exposes the container port on the service - schema: - type: int - default: 636 - required: true - - variable: advanced - label: Show Advanced Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enabled - label: Enable the Port - schema: - type: boolean - hidden: true - default: true - - variable: protocol - label: Port Type - schema: - type: string - default: TCP - enum: - - value: HTTP - description: HTTP - - value: HTTPS - description: HTTPS - - value: TCP - description: TCP - - value: UDP - description: UDP - - variable: nodePort - label: Node Port (Optional) - description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer - schema: - type: int - min: 9000 - max: 65535 - - variable: targetPort - label: Target Port - description: The internal(!) port on the container the Application runs on - schema: - type: int - default: 6636 - - variable: ldapldap - label: LDAP Service - description: The LDAPS service. - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Service - schema: - type: boolean - default: true - hidden: true - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: LoadBalancer - description: LoadBalancer (Expose Ports) - - value: ClusterIP - description: ClusterIP (Do Not Expose Ports) - - value: Simple - description: Deprecated CHANGE THIS - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: ports - label: "Service's Port(s) Configuration" - schema: - additional_attrs: true - type: dict - attrs: - - variable: ldapldap - label: LDAP Service Port Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: port - label: Port - description: This port exposes the container port on the service - schema: - type: int - default: 389 - required: true - - variable: advanced - label: Show Advanced Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enabled - label: Enable the Port - schema: - type: boolean - hidden: true - default: true - - variable: protocol - label: Port Type - schema: - type: string - default: TCP - enum: - - value: HTTP - description: HTTP - - value: HTTPS - description: HTTPS - - value: TCP - description: TCP - - value: UDP - description: UDP - - variable: nodePort - label: Node Port (Optional) - description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer - schema: - type: int - min: 9000 - max: 65535 - - variable: targetPort - label: Target Port - description: The internal(!) port on the container the Application runs on - schema: - type: int - default: 3389 - - variable: proxyhttps - label: Proxy HTTPS Service - description: The Proxy HTTPS service. - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Service - schema: - type: boolean - default: true - hidden: true - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: LoadBalancer - description: LoadBalancer (Expose Ports) - - value: ClusterIP - description: ClusterIP (Do Not Expose Ports) - - value: Simple - description: Deprecated CHANGE THIS - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: ports - label: "Service's Port(s) Configuration" - schema: - additional_attrs: true - type: dict - attrs: - - variable: proxyhttps - label: Proxy HTTPS Service Port Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: port - label: Port - description: This port exposes the container port on the service - schema: - type: int - default: 10233 - required: true - - variable: advanced - label: Show Advanced Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enabled - label: Enable the Port - schema: - type: boolean - hidden: true - default: true - - variable: protocol - label: Port Type - schema: - type: string - default: HTTPS - enum: - - value: HTTP - description: HTTP - - value: HTTPS - description: HTTPS - - value: TCP - description: TCP - - value: UDP - description: UDP - - variable: nodePort - label: Node Port (Optional) - description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer - schema: - type: int - min: 9000 - max: 65535 - - variable: targetPort - label: Target Port - description: The internal(!) port on the container the Application runs on - schema: - type: int - default: 9444 - - variable: serviceexpert - group: Networking and Services - label: Show Expert Config - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hostNetwork - group: Networking and Services - label: Host-Networking (Complicated) - schema: - type: boolean - default: false - - variable: externalInterfaces - description: Add External Interfaces - label: Add external Interfaces - group: Networking - schema: - type: list - items: - - variable: interfaceConfiguration - description: Interface Configuration - label: Interface Configuration - schema: - type: dict - $ref: - - "normalize/interfaceConfiguration" - attrs: - - variable: hostInterface - description: Please Specify Host Interface - label: Host Interface - schema: - type: string - required: true - $ref: - - "definitions/interface" - - variable: ipam - description: Define how IP Address will be managed - label: IP Address Management - schema: - type: dict - required: true - attrs: - - variable: type - description: Specify type for IPAM - label: IPAM Type - schema: - type: string - required: true - enum: - - value: dhcp - description: Use DHCP - - value: static - description: Use Static IP - show_subquestions_if: static - subquestions: - - variable: staticIPConfigurations - label: Static IP Addresses - schema: - type: list - items: - - variable: staticIP - label: Static IP - schema: - type: ipaddr - cidr: true - - variable: staticRoutes - label: Static Routes - schema: - type: list - items: - - variable: staticRouteConfiguration - label: Static Route Configuration - schema: - additional_attrs: true - type: dict - attrs: - - variable: destination - label: Destination - schema: - type: ipaddr - cidr: true - required: true - - variable: gateway - label: Gateway - schema: - type: ipaddr - cidr: false - required: true - - variable: dnsPolicy - group: Networking and Services - label: dnsPolicy - schema: - type: string - default: "" - enum: - - value: "" - description: Default - - value: ClusterFirst - description: ClusterFirst - - value: ClusterFirstWithHostNet - description: ClusterFirstWithHostNet - - value: None - description: None - - variable: dnsConfig - label: DNS Configuration - group: Networking and Services - description: Specify custom DNS configuration which will be applied to the pod - schema: - additional_attrs: true - type: dict - attrs: - - variable: nameservers - label: Name Servers - schema: - default: [] - type: list - items: - - variable: nameserver - label: Name Server - schema: - type: string - - variable: options - label: Options - schema: - default: [] - type: list - items: - - variable: option - label: Option Entry - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: searches - label: Searches - schema: - default: [] - type: list - items: - - variable: search - label: Search Entry - schema: - type: string - - variable: serviceList - label: Add Manual Custom Services - group: Networking and Services - schema: - type: list - default: [] - items: - - variable: serviceListEntry - label: Custom Service - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the service - schema: - type: boolean - default: true - hidden: true - - variable: name - label: Name - schema: - type: string - default: "" - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: LoadBalancer - description: LoadBalancer (Expose Ports) - - value: ClusterIP - description: ClusterIP (Do Not Expose Ports) - - value: Simple - description: Deprecated CHANGE THIS - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: (Advanced) The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: portsList - label: Additional Service Ports - schema: - type: list - default: [] - items: - - variable: portsListEntry - label: Custom ports - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Port - schema: - type: boolean - default: true - hidden: true - - variable: name - label: Port Name - schema: - type: string - default: "" - - variable: protocol - label: Port Type - schema: - type: string - default: TCP - enum: - - value: HTTP - description: HTTP - - value: HTTPS - description: HTTPS - - value: TCP - description: TCP - - value: UDP - description: UDP - - variable: targetPort - label: Target Port - description: This port exposes the container port on the service - schema: - type: int - required: true - - variable: port - label: Container Port - schema: - type: int - required: true - - variable: persistence - label: Integrated Persistent Storage - description: Integrated Persistent Storage - group: Storage and Persistence - schema: - additional_attrs: true - type: dict - attrs: - - variable: media - label: App Media Storage - description: Stores the Application Media. - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Type of Storage - description: Sets the persistence type, Anything other than PVC could break rollback! - schema: - type: string - default: simplePVC - enum: - - value: simplePVC - description: PVC (simple) - - value: simpleHP - description: Host Path (simple) - - value: emptyDir - description: emptyDir - - value: pvc - description: PVC - - value: hostPath - description: Host Path - - value: nfs - description: NFS Share - - variable: server - label: NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: path - label: Path on NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: setPermissionsSimple - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "simpleHP"]] - type: boolean - default: false - - variable: setPermissions - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "hostPath"]] - type: boolean - default: false - - variable: readOnly - label: Read Only - schema: - type: boolean - default: false - - variable: hostPathSimple - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "simpleHP"]] - type: hostpath - - variable: hostPath - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "hostPath"]] - type: hostpath - - variable: medium - label: EmptyDir Medium - schema: - show_if: [["type", "=", "emptyDir"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: Memory - description: Memory - - variable: size - label: Size quotum of Storage - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: 256Gi - - variable: hostPathType - label: (Advanced) hostPath Type - schema: - show_if: [["type", "=", "hostPath"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: DirectoryOrCreate - description: DirectoryOrCreate - - value: Directory - description: Directory - - value: FileOrCreate - description: FileOrCreate - - value: File - description: File - - value: Socket - description: Socket - - value: CharDevice - description: CharDevice - - value: BlockDevice - description: BlockDevice - - variable: storageClass - label: (Advanced) storageClass - description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: SCALE-ZFS - - variable: accessMode - label: (Advanced) Access Mode - description: Allow or disallow multiple PVC's writhing to the same PV - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: ReadWriteOnce - enum: - - value: ReadWriteOnce - description: ReadWriteOnce - - value: ReadOnlyMany - description: ReadOnlyMany - - value: ReadWriteMany - description: ReadWriteMany - - variable: advanced - label: Show Advanced Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: templates - label: App Templates Storage - description: Stores the Application Templates. - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Type of Storage - description: Sets the persistence type, Anything other than PVC could break rollback! - schema: - type: string - default: simplePVC - enum: - - value: simplePVC - description: PVC (simple) - - value: simpleHP - description: Host Path (simple) - - value: emptyDir - description: emptyDir - - value: pvc - description: PVC - - value: hostPath - description: Host Path - - value: nfs - description: NFS Share - - variable: server - label: NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: path - label: Path on NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: setPermissionsSimple - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "simpleHP"]] - type: boolean - default: false - - variable: setPermissions - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "hostPath"]] - type: boolean - default: false - - variable: readOnly - label: Read Only - schema: - type: boolean - default: false - - variable: hostPathSimple - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "simpleHP"]] - type: hostpath - - variable: hostPath - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "hostPath"]] - type: hostpath - - variable: medium - label: EmptyDir Medium - schema: - show_if: [["type", "=", "emptyDir"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: Memory - description: Memory - - variable: size - label: Size quotum of Storage - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: 256Gi - - variable: hostPathType - label: (Advanced) hostPath Type - schema: - show_if: [["type", "=", "hostPath"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: DirectoryOrCreate - description: DirectoryOrCreate - - value: Directory - description: Directory - - value: FileOrCreate - description: FileOrCreate - - value: File - description: File - - value: Socket - description: Socket - - value: CharDevice - description: CharDevice - - value: BlockDevice - description: BlockDevice - - variable: storageClass - label: (Advanced) storageClass - description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: SCALE-ZFS - - variable: accessMode - label: (Advanced) Access Mode - description: Allow or disallow multiple PVC's writhing to the same PV - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: ReadWriteOnce - enum: - - value: ReadWriteOnce - description: ReadWriteOnce - - value: ReadOnlyMany - description: ReadOnlyMany - - value: ReadWriteMany - description: ReadWriteMany - - variable: advanced - label: Show Advanced Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: certs - label: App Certs Storage - description: Stores the Application Certs. - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Type of Storage - description: Sets the persistence type, Anything other than PVC could break rollback! - schema: - type: string - default: simplePVC - enum: - - value: simplePVC - description: PVC (simple) - - value: simpleHP - description: Host Path (simple) - - value: emptyDir - description: emptyDir - - value: pvc - description: PVC - - value: hostPath - description: Host Path - - value: nfs - description: NFS Share - - variable: server - label: NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: path - label: Path on NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: setPermissionsSimple - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "simpleHP"]] - type: boolean - default: false - - variable: setPermissions - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "hostPath"]] - type: boolean - default: false - - variable: readOnly - label: Read Only - schema: - type: boolean - default: false - - variable: hostPathSimple - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "simpleHP"]] - type: hostpath - - variable: hostPath - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "hostPath"]] - type: hostpath - - variable: medium - label: EmptyDir Medium - schema: - show_if: [["type", "=", "emptyDir"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: Memory - description: Memory - - variable: size - label: Size quotum of Storage - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: 256Gi - - variable: hostPathType - label: (Advanced) hostPath Type - schema: - show_if: [["type", "=", "hostPath"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: DirectoryOrCreate - description: DirectoryOrCreate - - value: Directory - description: Directory - - value: FileOrCreate - description: FileOrCreate - - value: File - description: File - - value: Socket - description: Socket - - value: CharDevice - description: CharDevice - - value: BlockDevice - description: BlockDevice - - variable: storageClass - label: (Advanced) storageClass - description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: SCALE-ZFS - - variable: accessMode - label: (Advanced) Access Mode - description: Allow or disallow multiple PVC's writhing to the same PV - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: ReadWriteOnce - enum: - - value: ReadWriteOnce - description: ReadWriteOnce - - value: ReadOnlyMany - description: ReadOnlyMany - - value: ReadWriteMany - description: ReadWriteMany - - variable: advanced - label: Show Advanced Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: geoip - label: App GeoIP Storage - description: Stores the Application GeoIP. - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Type of Storage - description: Sets the persistence type, Anything other than PVC could break rollback! - schema: - type: string - default: simplePVC - enum: - - value: simplePVC - description: PVC (simple) - - value: simpleHP - description: Host Path (simple) - - value: emptyDir - description: emptyDir - - value: pvc - description: PVC - - value: hostPath - description: Host Path - - value: nfs - description: NFS Share - - variable: server - label: NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: path - label: Path on NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: setPermissionsSimple - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "simpleHP"]] - type: boolean - default: false - - variable: setPermissions - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "hostPath"]] - type: boolean - default: false - - variable: readOnly - label: Read Only - schema: - type: boolean - default: false - - variable: hostPathSimple - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "simpleHP"]] - type: hostpath - - variable: hostPath - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "hostPath"]] - type: hostpath - - variable: medium - label: EmptyDir Medium - schema: - show_if: [["type", "=", "emptyDir"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: Memory - description: Memory - - variable: size - label: Size quotum of Storage - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: 256Gi - - variable: hostPathType - label: (Advanced) hostPath Type - schema: - show_if: [["type", "=", "hostPath"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: DirectoryOrCreate - description: DirectoryOrCreate - - value: Directory - description: Directory - - value: FileOrCreate - description: FileOrCreate - - value: File - description: File - - value: Socket - description: Socket - - value: CharDevice - description: CharDevice - - value: BlockDevice - description: BlockDevice - - variable: storageClass - label: (Advanced) storageClass - description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: SCALE-ZFS - - variable: accessMode - label: (Advanced) Access Mode - description: Allow or disallow multiple PVC's writhing to the same PV - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: ReadWriteOnce - enum: - - value: ReadWriteOnce - description: ReadWriteOnce - - value: ReadOnlyMany - description: ReadOnlyMany - - value: ReadWriteMany - description: ReadWriteMany - - variable: advanced - label: Show Advanced Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: persistenceList - label: Additional App Storage - group: Storage and Persistence - schema: - type: list - default: [] - items: - - variable: persistenceListEntry - label: Custom Storage - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the storage - schema: - type: boolean - default: true - hidden: true - - variable: name - label: Name (Optional) - description: "Not required, please set to config when mounting /config or temp when mounting /tmp" - schema: - type: string - - variable: type - label: Type of Storage - description: Sets the persistence type, Anything other than PVC could break rollback! - schema: - type: string - default: simpleHP - enum: - - value: simplePVC - description: PVC (Simple) - - value: simpleHP - description: Host Path (Simple) - - value: emptyDir - description: emptyDir - - value: pvc - description: PVC - - value: hostPath - description: Host Path - - value: nfs - description: NFS Share - - variable: server - label: NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: path - label: Path on NFS Server - schema: - show_if: [["type", "=", "nfs"]] - type: string - default: "" - - variable: setPermissionsSimple - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "simpleHP"]] - type: boolean - default: false - - variable: setPermissions - label: Automatic Permissions - description: Automatically set permissions on install - schema: - show_if: [["type", "=", "hostPath"]] - type: boolean - default: false - - variable: readOnly - label: Read Only - schema: - type: boolean - default: false - - variable: hostPathSimple - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "simpleHP"]] - type: hostpath - - variable: hostPath - label: Host Path - description: Path inside the container the storage is mounted - schema: - show_if: [["type", "=", "hostPath"]] - type: hostpath - - variable: mountPath - label: Mount Path - description: Path inside the container the storage is mounted - schema: - type: string - default: "" - required: true - valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' - - variable: medium - label: EmptyDir Medium - schema: - show_if: [["type", "=", "emptyDir"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: Memory - description: Memory - - variable: size - label: Size Quotum of Storage - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: 256Gi - - variable: hostPathType - label: (Advanced) Host Path Type - schema: - show_if: [["type", "=", "hostPath"]] - type: string - default: "" - enum: - - value: "" - description: Default - - value: DirectoryOrCreate - description: DirectoryOrCreate - - value: Directory - description: Directory - - value: FileOrCreate - description: FileOrCreate - - value: File - description: File - - value: Socket - description: Socket - - value: CharDevice - description: CharDevice - - value: BlockDevice - description: BlockDevice - - variable: storageClass - label: (Advanced) StorageClass - description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: SCALE-ZFS - - variable: accessMode - label: (Advanced) Access Mode - description: Allow or disallow multiple PVC's writhing to the same PV - schema: - show_if: [["type", "=", "pvc"]] - type: string - default: ReadWriteOnce - enum: - - value: ReadWriteOnce - description: ReadWriteOnce - - value: ReadOnlyMany - description: ReadOnlyMany - - value: ReadWriteMany - description: ReadWriteMany - - variable: advanced - label: Show Advanced Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: ingress - label: "" - group: Ingress - schema: - additional_attrs: true - type: dict - attrs: - - variable: main - label: Main (HTTPS) Ingress - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable Ingress - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hosts - label: Hosts - schema: - type: list - default: [] - items: - - variable: hostEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: host - label: HostName - schema: - type: string - default: "" - required: true - - variable: paths - label: Paths - schema: - type: list - default: [] - items: - - variable: pathEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: path - label: Path - schema: - type: string - required: true - default: "/" - - variable: pathType - label: Path Type - schema: - type: string - required: true - default: Prefix - - variable: tls - label: TLS-Settings - schema: - type: list - default: [] - items: - - variable: tlsEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: hosts - label: Certificate Hosts - schema: - type: list - default: [] - items: - - variable: host - label: Host - schema: - type: string - default: "" - required: true - - variable: scaleCert - label: Select TrueNAS SCALE Certificate - schema: - type: int - $ref: - - "definitions/certificate" - - variable: entrypoint - label: (Advanced) Traefik Entrypoint - description: Entrypoint used by Traefik when using Traefik as Ingress Provider - schema: - type: string - default: websecure - required: true - - variable: middlewares - label: Traefik Middlewares - description: Add previously created Traefik Middlewares to this Ingress - schema: - type: list - default: [] - items: - - variable: name - label: Name - schema: - type: string - default: "" - required: true - - variable: expert - label: Show Expert Configuration Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enableFixedMiddlewares - description: These middlewares enforce a number of best practices. - label: Enable Default Middlewares - schema: - type: boolean - default: true - - variable: ingressClassName - label: IngressClass Name - schema: - type: string - default: "" - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: proxyhttps - label: Proxy HTTPS Ingress - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable Ingress - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hosts - label: Hosts - schema: - type: list - default: [] - items: - - variable: hostEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: host - label: HostName - schema: - type: string - default: "" - required: true - - variable: paths - label: Paths - schema: - type: list - default: [] - items: - - variable: pathEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: path - label: Path - schema: - type: string - required: true - default: "/" - - variable: pathType - label: Path Type - schema: - type: string - required: true - default: Prefix - - variable: tls - label: TLS-Settings - schema: - type: list - default: [] - items: - - variable: tlsEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: hosts - label: Certificate Hosts - schema: - type: list - default: [] - items: - - variable: host - label: Host - schema: - type: string - default: "" - required: true - - variable: scaleCert - label: Select TrueNAS SCALE Certificate - schema: - type: int - $ref: - - "definitions/certificate" - - variable: entrypoint - label: (Advanced) Traefik Entrypoint - description: Entrypoint used by Traefik when using Traefik as Ingress Provider - schema: - type: string - default: websecure - required: true - - variable: middlewares - label: Traefik Middlewares - description: Add previously created Traefik Middlewares to this Ingress - schema: - type: list - default: [] - items: - - variable: name - label: Name - schema: - type: string - default: "" - required: true - - variable: expert - label: Show Expert Configuration Options - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: enableFixedMiddlewares - description: These middlewares enforce a number of best practices. - label: Enable Default Middlewares - schema: - type: boolean - default: true - - variable: ingressClassName - label: IngressClass Name - schema: - type: string - default: "" - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: ingressList - label: Add Manual Custom Ingresses - group: Ingress - schema: - type: list - default: [] - items: - - variable: ingressListEntry - label: Custom Ingress - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable Ingress - schema: - type: boolean - default: true - hidden: true - - variable: name - label: Name - schema: - type: string - default: "" - - variable: ingressClassName - label: IngressClass Name - schema: - type: string - default: "" - - variable: labelsList - label: Labels - schema: - type: list - default: [] - items: - - variable: labelItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: annotationsList - label: Annotations - schema: - type: list - default: [] - items: - - variable: annotationItem - label: Label - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - - variable: value - label: Value - schema: - type: string - - variable: hosts - label: Hosts - schema: - type: list - default: [] - items: - - variable: hostEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: host - label: HostName - schema: - type: string - default: "" - required: true - - variable: paths - label: Paths - schema: - type: list - default: [] - items: - - variable: pathEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: path - label: Path - schema: - type: string - required: true - default: "/" - - variable: pathType - label: Path Type - schema: - type: string - required: true - default: Prefix - - variable: service - label: Linked Service - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Service Name - schema: - type: string - default: "" - - variable: port - label: Service Port - schema: - type: int - - variable: tls - label: TLS-Settings - schema: - type: list - default: [] - items: - - variable: tlsEntry - label: Host - schema: - additional_attrs: true - type: dict - attrs: - - variable: hosts - label: Certificate Hosts - schema: - type: list - default: [] - items: - - variable: host - label: Host - schema: - type: string - default: "" - required: true - - variable: scaleCert - label: Select TrueNAS SCALE Certificate - schema: - type: int - $ref: - - "definitions/certificate" - - variable: entrypoint - label: Traefik Entrypoint - description: Entrypoint used by Traefik when using Traefik as Ingress Provider - schema: - type: string - default: websecure - required: true - - variable: middlewares - label: Traefik Middlewares - description: Add previously created Traefik Middlewares to this Ingress - schema: - type: list - default: [] - items: - - variable: name - label: Name - schema: - type: string - default: "" - required: true - - variable: security - label: Container Security Settings - group: Security and Permissions - schema: - type: dict - additional_attrs: true - attrs: - - variable: editsecurity - label: Change PUID / UMASK values - description: By enabling this you override default set values. - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: PUID - label: Process User ID - PUID - description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps - schema: - type: int - default: 568 - - variable: UMASK - label: UMASK - description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps - schema: - type: string - default: "002" - - variable: advancedSecurity - label: Show Advanced Security Settings - group: Security and Permissions - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: securityContext - label: Security Context - schema: - additional_attrs: true - type: dict - attrs: - - variable: privileged - label: Privileged mode - schema: - type: boolean - default: false - - variable: readOnlyRootFilesystem - label: ReadOnly Root Filesystem - schema: - type: boolean - default: true - - variable: allowPrivilegeEscalation - label: Allow Privilege Escalation - schema: - type: boolean - default: false - - variable: runAsNonRoot - label: runAsNonRoot - schema: - type: boolean - default: true - - variable: capabilities - label: Capabilities - schema: - additional_attrs: true - type: dict - attrs: - - variable: drop - label: Drop Capability - schema: - type: list - default: [] - items: - - variable: dropEntry - label: "" - schema: - type: string - - variable: add - label: Add Capability - schema: - type: list - default: [] - items: - - variable: addEntry - label: "" - schema: - type: string - - variable: podSecurityContext - group: Security and Permissions - label: Pod Security Context - schema: - additional_attrs: true - type: dict - attrs: - - variable: runAsUser - label: runAsUser - description: The UserID of the user running the application - schema: - type: int - default: 1000 - - variable: runAsGroup - label: runAsGroup - description: The groupID this App of the user running the application - schema: - type: int - default: 1000 - - variable: fsGroup - label: fsGroup - description: The group that should own ALL storage. - schema: - type: int - default: 568 - - variable: fsGroupChangePolicy - label: "When should we take ownership?" - schema: - type: string - default: OnRootMismatch - enum: - - value: OnRootMismatch - description: OnRootMismatch - - value: Always - description: Always - - variable: supplementalGroups - label: Supplemental Groups - schema: - type: list - default: [] - items: - - variable: supplementalGroupsEntry - label: Supplemental Group - schema: - type: int - - - variable: advancedresources - label: Set Custom Resource Limits/Requests (Advanced) - group: Resources and Devices - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: resources - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: limits - label: Advanced Limit Resource Consumption - schema: - additional_attrs: true - type: dict - attrs: - - variable: cpu - label: CPU - description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" - schema: - type: string - default: 4000m - valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' - - variable: memory - label: RAM - description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" - schema: - type: string - default: 8Gi - valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' - - variable: requests - label: "Minimum Resources Required (request)" - schema: - additional_attrs: true - type: dict - attrs: - - variable: cpu - label: CPU - description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" - schema: - type: string - default: 10m - valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' - - variable: memory - label: "RAM" - description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" - schema: - type: string - default: 50Mi - valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' - - variable: deviceList - label: Mount USB Devices - group: Resources and Devices - schema: - type: list - default: [] - items: - - variable: deviceListEntry - label: Device - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enable the Storage - schema: - type: boolean - default: true - - variable: type - label: (Advanced) Type of Storage - description: Sets the persistence type - schema: - type: string - default: hostPath - hidden: true - - variable: readOnly - label: readOnly - schema: - type: boolean - default: false - - variable: hostPath - label: Host Device Path - description: Path to the device on the host system - schema: - type: path - - variable: mountPath - label: Container Device Path - description: Path inside the container the device is mounted - schema: - type: string - default: "/dev/ttyACM0" - # Specify GPU configuration - - variable: scaleGPU - label: GPU Configuration - group: Resources and Devices - schema: - type: dict - $ref: - - "definitions/gpuConfiguration" - attrs: [] - - variable: metrics - group: Metrics - label: Prometheus Metrics - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enabled - description: Enable Prometheus Metrics - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: serviceMonitor - label: Service Monitor Settings - schema: - additional_attrs: true - type: dict - attrs: - - variable: interval - label: Scrape Interval - description: Scrape interval time - schema: - type: string - default: 1m - required: true - - variable: scrapeTimeout - label: Scrape Timeout - description: Scrape timeout Time - schema: - type: string - default: 30s - required: true -# - variable: autoscaling -# group: Advanced -# label: (Advanced) Horizontal Pod Autoscaler -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: enabled -# label: Enabled -# schema: -# type: boolean -# default: false -# show_subquestions_if: true -# subquestions: -# - variable: target -# label: Target -# description: Deployment name, Defaults to Main Deployment -# schema: -# type: string -# default: "" -# - variable: minReplicas -# label: Minimum Replicas -# schema: -# type: int -# default: 1 -# - variable: maxReplicas -# label: Maximum Replicas -# schema: -# type: int -# default: 5 -# - variable: targetCPUUtilizationPercentage -# label: Target CPU Utilization Percentage -# schema: -# type: int -# default: 80 -# - variable: targetMemoryUtilizationPercentage -# label: Target Memory Utilization Percentage -# schema: -# type: int -# default: 80 -# - variable: networkPolicy -# group: Advanced -# label: (Advanced) Network Policy -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: enabled -# label: Enabled -# schema: -# type: boolean -# default: false -# show_subquestions_if: true -# subquestions: -# - variable: policyType -# label: Policy Type -# schema: -# type: string -# default: "" -# enum: -# - value: "" -# description: Default -# - value: ingress -# description: Ingress -# - value: egress -# description: Egress -# - value: ingress-egress -# description: Ingress and Egress -# - variable: egress -# label: Egress -# schema: -# type: list -# default: [] -# items: -# - variable: egressEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: to -# label: To -# schema: -# type: list -# default: [] -# items: -# - variable: toEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: ipBlock -# label: IP Block -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: cidr -# label: CIDR -# schema: -# type: string -# default: "" -# - variable: except -# label: Except -# schema: -# type: list -# default: [] -# items: -# - variable: exceptint -# label: "" -# schema: -# type: string -# - variable: namespaceSelector -# label: Namespace Selector -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: matchExpressions -# label: Match Expressions -# schema: -# type: list -# default: [] -# items: -# - variable: expressionEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: key -# label: Key -# schema: -# type: string -# - variable: operator -# label: Operator -# schema: -# type: string -# default: TCP -# enum: -# - value: In -# description: In -# - value: NotIn -# description: NotIn -# - value: Exists -# description: Exists -# - value: DoesNotExist -# description: DoesNotExist -# - variable: values -# label: Values -# schema -# type: list -# default: [] -# items: -# - variable: value -# label: "" -# schema: -# type: string -# - variable: podSelector -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: matchExpressions -# label: Match Expressions -# schema: -# type: list -# default: [] -# items: -# - variable: expressionEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: key -# label: Key -# schema: -# type: string -# - variable: operator -# label: Operator -# schema: -# type: string -# default: TCP -# enum: -# - value: In -# description: In -# - value: NotIn -# description: NotIn -# - value: Exists -# description: Exists -# - value: DoesNotExist -# description: DoesNotExist -# - variable: values -# label: Values -# schema: -# type: list -# default: [] -# items: -# - variable: value -# label: "" -# schema: -# type: string -# - variable: ports -# label: Ports -# schema: -# type: list -# default: [] -# items: -# - variable: portsEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: port -# label: Port -# schema: -# type: int -# - variable: endPort -# label: End Port -# schema: -# type: int -# - variable: protocol -# label: Protocol -# schema: -# type: string -# default: TCP -# enum: -# - value: TCP -# description: TCP -# - value: UDP -# description: UDP -# - value: SCTP -# description: SCTP -# - variable: ingress -# label: Ingress -# schema: -# type: list -# default: [] -# items: -# - variable: ingressEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: from -# label: From -# schema: -# type: list -# default: [] -# items: -# - variable: fromEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: ipBlock -# label: IP Block -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: cidr -# label: CIDR -# schema: -# type: string -# default: "" -# - variable: except -# label: Except -# schema: -# type: list -# default: [] -# items: -# - variable: exceptint -# label: "" -# schema: -# type: string -# - variable: namespaceSelector -# label: Namespace Selector -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: matchExpressions -# label: Match Expressions -# schema: -# type: list -# default: [] -# items: -# - variable: expressionEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: key -# label: Key -# schema: -# type: string -# - variable: operator -# label: Operator -# schema: -# type: string -# default: TCP -# enum: -# - value: In -# description: In -# - value: NotIn -# description: NotIn -# - value: Exists -# description: Exists -# - value: DoesNotExist -# description: DoesNotExist -# - variable: values -# label: Values -# schema: -# type: list -# default: [] -# items: -# - variable: value -# label: "" -# schema: -# type: string -# - variable: podSelector -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: matchExpressions -# label: Match Expressions -# schema: -# type: list -# default: [] -# items: -# - variable: expressionEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: key -# label: Key -# schema: -# type: string -# - variable: operator -# label: Operator -# schema: -# type: string -# default: TCP -# enum: -# - value: In -# description: In -# - value: NotIn -# description: NotIn -# - value: Exists -# description: Exists -# - value: DoesNotExist -# description: DoesNotExist -# - variable: values -# label: Values -# schema: -# type: list -# default: [] -# items: -# - variable: value -# label: "" -# schema: -# type: string -# - variable: ports -# label: Ports -# schema: -# type: list -# default: [] -# items: -# - variable: portsEntry -# label: "" -# schema: -# additional_attrs: true -# type: dict -# attrs: -# - variable: port -# label: Port -# schema: -# type: int -# - variable: endPort -# label: End Port -# schema: -# type: int -# - variable: protocol -# label: Protocol -# schema: -# type: string -# default: TCP -# enum: -# - value: TCP -# description: TCP -# - value: UDP -# description: UDP -# - value: SCTP -# description: SCTP - - - variable: addons - group: Addons - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: vpn - label: VPN - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Type - schema: - type: string - default: disabled - enum: - - value: disabled - description: disabled - - value: openvpn - description: OpenVPN - - value: wireguard - description: Wireguard - - value: tailscale - description: Tailscale - - variable: openvpn - label: OpenVPN Settings - schema: - type: dict - show_if: [["type", "=", "openvpn"]] - attrs: - - variable: username - label: Authentication Username (Optional) - description: Authentication Username, Optional - schema: - type: string - default: "" - - variable: password - label: Authentication Password - description: Authentication Credentials - schema: - type: string - default: "" - required: true - - variable: tailscale - label: Tailscale Settings - schema: - type: dict - show_if: [["type", "=", "tailscale"]] - attrs: - - variable: authkey - label: Authentication Key - description: Provide an auth key to automatically authenticate the node as your user account. - schema: - type: string - private: true - default: "" - - variable: accept_dns - label: Accept DNS - description: Accept DNS configuration from the admin console. - schema: - type: boolean - default: false - - variable: userspace - label: Userspace - description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. - schema: - type: boolean - default: false - - variable: routes - label: Routes - description: Expose physical subnet routes to your entire Tailscale network. - schema: - type: string - default: "" - - variable: dest_ip - label: Destination IP - description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. - schema: - type: string - default: "" - - variable: sock5_server - label: Sock5 Server - description: Sock5 Server - schema: - type: string - default: "" - - variable: extra_args - label: Extra Args - description: Extra Args - schema: - type: string - default: "" - - variable: daemon_extra_args - label: Tailscale Daemon Extra Args - description: Tailscale Daemon Extra Args - schema: - type: string - default: "" - - variable: killSwitch - label: Enable Killswitch - schema: - type: boolean - show_if: [["type", "!=", "disabled"]] - default: true - - variable: excludedNetworks_IPv4 - label: Killswitch Excluded IPv4 networks - description: List of Killswitch Excluded IPv4 Addresses - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: networkv4 - label: IPv4 Network - schema: - type: string - required: true - - variable: excludedNetworks_IPv6 - label: Killswitch Excluded IPv6 networks - description: "List of Killswitch Excluded IPv6 Addresses" - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: networkv6 - label: IPv6 Network - schema: - type: string - required: true - - variable: configFile - label: VPN Config File Location - schema: - type: dict - show_if: [["type", "!=", "disabled"]] - attrs: - - variable: enabled - label: Enabled - schema: - type: boolean - default: true - hidden: true - - variable: type - label: Type - schema: - type: string - default: hostPath - hidden: true - - variable: hostPathType - label: hostPathType - schema: - type: string - default: File - hidden: true - - variable: noMount - label: noMount - schema: - type: boolean - default: true - hidden: true - - variable: hostPath - label: Full Path to File - description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" - schema: - type: string - default: "" - - variable: envList - label: VPN Environment Variables - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: envItem - label: Environment Variable - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - required: true - - variable: value - label: Value - schema: - type: string - required: true - - variable: codeserver - label: Codeserver - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enabled - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: git - label: Git Settings - schema: - additional_attrs: true - type: dict - attrs: - - variable: deployKey - description: Raw SSH Private Key - label: Deploy Key - schema: - type: string - - variable: deployKeyBase64 - description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence - label: Deploy Key Base64 - schema: - type: string - - variable: service - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: type - label: Service Type - description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" - schema: - type: string - default: LoadBalancer - enum: - - value: NodePort - description: Deprecated CHANGE THIS - - value: ClusterIP - description: ClusterIP - - value: LoadBalancer - description: LoadBalancer - - variable: loadBalancerIP - label: LoadBalancer IP - description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" - schema: - show_if: [["type", "=", "LoadBalancer"]] - type: string - default: "" - - variable: advancedsvcset - label: Show Advanced Service Settings - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: externalIPs - label: "External IP's" - description: "External IP's" - schema: - type: list - default: [] - items: - - variable: externalIP - label: External IP - schema: - type: string - - variable: ipFamilyPolicy - label: IP Family Policy - description: Specify the IP Policy - schema: - type: string - default: SingleStack - enum: - - value: SingleStack - description: SingleStack - - value: PreferDualStack - description: PreferDualStack - - value: RequireDualStack - description: RequireDualStack - - variable: ipFamilies - label: IP Families - description: (Advanced) The IP Families that should be used - schema: - type: list - default: [] - items: - - variable: ipFamily - label: IP Family - schema: - type: string - - variable: ports - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: codeserver - label: "" - schema: - additional_attrs: true - type: dict - attrs: - - variable: port - label: Port - schema: - type: int - default: 36107 - - variable: nodePort - description: Leave Empty to Disable - label: nodePort DEPRECATED - schema: - type: int - default: 36107 - - variable: envList - label: Codeserver Environment Variables - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: envItem - label: Environment Variable - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - required: true - - variable: value - label: Value - schema: - type: string - required: true - - variable: promtail - label: Promtail - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enabled - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: loki - label: Loki URL - schema: - type: string - required: true - - variable: logs - label: Log Paths - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - required: true - - variable: path - label: Path - schema: - type: string - required: true - - variable: args - label: Promtail Command Line Arguments - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: arg - label: Arg - schema: - type: string - required: true - - variable: envList - label: Promtail Environment Variables - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: envItem - label: Environment Variable - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - required: true - - variable: value - label: Value - schema: - type: string - required: true - - variable: netshoot - label: Netshoot - schema: - additional_attrs: true - type: dict - attrs: - - variable: enabled - label: Enabled - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: envList - label: Netshoot Environment Variables - schema: - type: list - show_if: [["type", "!=", "disabled"]] - default: [] - items: - - variable: envItem - label: Environment Variable - schema: - additional_attrs: true - type: dict - attrs: - - variable: name - label: Name - schema: - type: string - required: true - - variable: value - label: Value - schema: - type: string - required: true - - variable: docs - group: Documentation - label: Please read the documentation at https://truecharts.org - description: Please read the documentation at -
https://truecharts.org - schema: - additional_attrs: true - type: dict - attrs: - - variable: confirmDocs - label: I have checked the documentation - schema: - type: boolean - default: true - - variable: donateNag - group: Documentation - label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor - description: Please consider supporting TrueCharts, see -
https://truecharts.org/sponsor - schema: - additional_attrs: true - type: dict - attrs: - - variable: confirmDonate - label: I have considered donating - schema: - type: boolean - default: true - hidden: true diff --git a/enterprise/authentik/7.1.0/templates/_config.tpl b/enterprise/authentik/7.1.0/templates/_config.tpl deleted file mode 100644 index cc02f68e54..0000000000 --- a/enterprise/authentik/7.1.0/templates/_config.tpl +++ /dev/null @@ -1,143 +0,0 @@ -{{/* Define the configmap */}} -{{- define "authentik.config" -}} - -{{- $authServerWorkerConfigName := printf "%s-authentik-config" (include "tc.common.names.fullname" .) }} -{{- $authServerConfigName := printf "%s-authentik-server-config" (include "tc.common.names.fullname" .) }} -{{- $geoipConfigName := printf "%s-geoip-config" (include "tc.common.names.fullname" .) }} -{{- $ldapConfigName := printf "%s-ldap-config" (include "tc.common.names.fullname" .) }} -{{- $proxyConfigName := printf "%s-proxy-config" (include "tc.common.names.fullname" .) }} -{{ $host := printf "https://localhost:%v" .Values.service.main.ports.main.targetPort }} -{{- if .Values.ingress.main.enabled }} - {{ $first := (first .Values.ingress.main.hosts) }} - {{- if $first }} - {{ $host = printf "https://%s" $first.host }} - {{- end }} -{{- end }} - ---- - -{{/* This configmap are loaded on both main authentik container and worker */}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $authServerWorkerConfigName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{/* Dependencies */}} - AUTHENTIK_REDIS__HOST: {{ printf "%v-%v" .Release.Name "redis" }} - AUTHENTIK_REDIS__PORT: "6379" - AUTHENTIK_POSTGRESQL__NAME: {{ .Values.postgresql.postgresqlDatabase }} - AUTHENTIK_POSTGRESQL__USER: {{ .Values.postgresql.postgresqlUsername }} - AUTHENTIK_POSTGRESQL__HOST: {{ printf "%v-%v" .Release.Name "postgresql" }} - AUTHENTIK_POSTGRESQL__PORT: "5432" - {{/* Mail */}} - {{- with .Values.authentik.mail.port }} - AUTHENTIK_EMAIL__PORT: {{ . | quote }} - {{- end }} - AUTHENTIK_EMAIL__USE_TLS: {{ .Values.authentik.mail.tls | quote }} - AUTHENTIK_EMAIL__USE_SSL: {{ .Values.authentik.mail.ssl | quote }} - {{- with .Values.authentik.mail.timeout }} - AUTHENTIK_EMAIL__TIMEOUT: {{ . | quote }} - {{- end }} - {{/* Logging */}} - {{- with .Values.authentik.logging.log_level }} - AUTHENTIK_LOG_LEVEL: {{ . }} - {{- end }} - {{/* General */}} - AUTHENTIK_DISABLE_STARTUP_ANALYTICS: {{ .Values.authentik.general.disable_startup_analytics | quote }} - AUTHENTIK_DISABLE_UPDATE_CHECK: {{ .Values.authentik.general.disable_update_check | quote }} - {{- with .Values.authentik.general.avatars }} - AUTHENTIK_AVATARS: {{ . }} - {{- end }} - AUTHENTIK_DEFAULT_USER_CHANGE_NAME: {{ .Values.authentik.general.allow_user_name_change | quote }} - AUTHENTIK_DEFAULT_USER_CHANGE_EMAIL: {{ .Values.authentik.general.allow_user_mail_change | quote }} - AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME: {{ .Values.authentik.general.allow_user_username_change | quote }} - AUTHENTIK_GDPR_COMPLIANCE: {{ .Values.authentik.general.gdpr_compliance | quote }} - AUTHENTIK_IMPERSONATION: {{ .Values.authentik.general.impersonation | quote }} - AUTHENTIK_DEFAULT_TOKEN_LENGTH: {{ .Values.authentik.general.token_length | quote }} - {{- with .Values.authentik.general.footer_links }} - AUTHENTIK_FOOTER_LINKS: {{ . | squote }} - {{- end }} - {{/* Error Reporting */}} - AUTHENTIK_ERROR_REPORTING__ENABLED: {{ .Values.authentik.error_reporting.enabled | quote }} - AUTHENTIK_ERROR_REPORTING__SEND_PII: {{ .Values.authentik.error_reporting.send_pii | quote }} - {{- with .Values.authentik.error_reporting.environment }} - AUTHENTIK_ERROR_REPORTING__ENVIRONMENT: {{ . }} - {{- end }} - {{/* LDAP */}} - {{- with .Values.authentik.ldap.tls_ciphers }} - AUTHENTIK_LDAP__TLS__CIPHERS: {{ . | quote }} - {{- end }} - {{/* Outposts */}} - AUTHENTIK_OUTPOSTS__DISCOVER: {{ "false" | quote }} - ---- - -{{/* This configmap are loaded on both main authentik container and worker */}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $authServerConfigName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{/* Listen */}} - AUTHENTIK_LISTEN__HTTPS: 0.0.0.0:{{ .Values.service.main.ports.main.targetPort | default 9443 }} - AUTHENTIK_LISTEN__HTTP: 0.0.0.0:{{ .Values.service.http.ports.http.targetPort | default 9000 }} - AUTHENTIK_LISTEN__METRICS: 0.0.0.0:{{ .Values.service.metrics.ports.metrics.targetPort | default 9301 }} - ---- - -{{/* This configmap is loaded on ldap container */}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $ldapConfigName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - AUTHENTIK_INSECURE: {{ .Values.outposts.ldap.insecure | default "true" | quote }} - AUTHENTIK_HOST: {{ .Values.outposts.ldap.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }} - AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.ldap.host_browser | default $host }} - AUTHENTIK_LISTEN__LDAPS: 0.0.0.0:{{ .Values.service.ldapldaps.ports.ldapldaps.targetPort | default 6636 }} - AUTHENTIK_LISTEN__LDAP: 0.0.0.0:{{ .Values.service.ldapldap.ports.ldapldap.targetPort | default 3389 }} - AUTHENTIK_LISTEN__METRICS: 0.0.0.0:{{ .Values.service.ldapmetrics.ports.ldapmetrics.targetPort | default 9302 }} - ---- - -{{/* This configmap is loaded on ldap container */}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $proxyConfigName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - AUTHENTIK_INSECURE: {{ .Values.outposts.proxy.insecure | default "true" | quote }} - AUTHENTIK_HOST: {{ .Values.outposts.proxy.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }} - AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.proxy.host_browser | default $host }} - AUTHENTIK_LISTEN__HTTPS: 0.0.0.0:{{ .Values.service.proxyhttps.ports.proxyhttps.targetPort | default 9444 }} - AUTHENTIK_LISTEN__HTTP: 0.0.0.0:{{ .Values.service.proxyhttp.ports.proxyhttp.targetPort | default 9001 }} - AUTHENTIK_LISTEN__METRICS: 0.0.0.0:{{ .Values.service.proxymetrics.ports.proxymetrics.targetPort | default 9303 }} - ---- - -{{/* This configmap is loaded on geoip container */}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $geoipConfigName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{- with .Values.geoip.edition_ids }} - GEOIPUPDATE_EDITION_IDS: {{ . }} - {{- end }} - GEOIPUPDATE_FREQUENCY: {{ .Values.geoip.frequency | quote }} - {{- with .Values.geoip.host_server }} - GEOIPUPDATE_HOST: {{ . }} - {{- end }} - GEOIPUPDATE_PRESERVE_FILE_TIMES: {{ ternary "1" "0" .Values.geoip.preserve_file_times | quote }} - GEOIPUPDATE_VERBOSE: {{ ternary "1" "0" .Values.geoip.verbose | quote }} -{{- end -}} diff --git a/enterprise/authentik/7.1.0/templates/_geoip.tpl b/enterprise/authentik/7.1.0/templates/_geoip.tpl deleted file mode 100644 index 054ec15477..0000000000 --- a/enterprise/authentik/7.1.0/templates/_geoip.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{/* Define the geoip container */}} -{{- define "authentik.geoip" -}} -image: {{ .Values.geoipImage.repository }}:{{ .Values.geoipImage.tag }} -imagePullPolicy: {{ .Values.geoipImage.pullPolicy }} -securityContext: - runAsUser: 0 - runAsGroup: 0 - readOnlyRootFilesystem: false - runAsNonRoot: false -volumeMounts: - - name: geoip - mountPath: "/usr/share/GeoIP" -envFrom: - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-geoip-secret' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-geoip-config' -{{/* TODO: Add healthchecks */}} -{{/* TODO: https://github.com/maxmind/geoipupdate/issues/105 */}} -{{- end -}} diff --git a/enterprise/authentik/7.1.0/templates/_ldap.tpl b/enterprise/authentik/7.1.0/templates/_ldap.tpl deleted file mode 100644 index 0d8f42742b..0000000000 --- a/enterprise/authentik/7.1.0/templates/_ldap.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* Define the ldap container */}} -{{- define "authentik.ldap" -}} -image: {{ .Values.ldapImage.repository }}:{{ .Values.ldapImage.tag }} -imagePullPolicy: {{ .Values.ldapImage.pullPolicy }} -securityContext: - runAsUser: {{ .Values.podSecurityContext.runAsUser }} - runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} - readOnlyRootFilesystem: true - runAsNonRoot: true -envFrom: - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-ldap-secret' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-ldap-config' -ports: - - containerPort: {{ .Values.service.ldapldaps.ports.ldapldaps.targetPort }} - name: ldapldaps - - containerPort: {{ .Values.service.ldapldap.ports.ldapldap.targetPort }} - name: ldapldap -{{- if .Values.metrics.enabled }} - - containerPort: {{ .Values.service.ldapmetrics.ports.ldapmetrics.targetPort }} - name: ldapmetrics -{{- end }} -readinessProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.ldapmetrics.ports.ldapmetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} -livenessProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.ldapmetrics.ports.ldapmetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} -startupProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.ldapmetrics.ports.ldapmetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} -{{- end -}} diff --git a/enterprise/authentik/7.1.0/templates/_proxy.tpl b/enterprise/authentik/7.1.0/templates/_proxy.tpl deleted file mode 100644 index c28161c585..0000000000 --- a/enterprise/authentik/7.1.0/templates/_proxy.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* Define the proxy container */}} -{{- define "authentik.proxy" -}} -image: {{ .Values.proxyImage.repository }}:{{ .Values.proxyImage.tag }} -imagePullPolicy: {{ .Values.proxyImage.pullPolicy }} -securityContext: - runAsUser: {{ .Values.podSecurityContext.runAsUser }} - runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} - readOnlyRootFilesystem: true - runAsNonRoot: true -envFrom: - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-proxy-secret' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-proxy-config' -ports: - - containerPort: {{ .Values.service.proxyhttps.ports.proxyhttps.targetPort }} - name: proxyhttps - - containerPort: {{ .Values.service.proxyhttp.ports.proxyhttp.targetPort }} - name: proxyhttp -{{- if .Values.metrics.enabled }} - - containerPort: {{ .Values.service.proxymetrics.ports.proxymetrics.targetPort }} - name: proxymetrics -{{- end }} -readinessProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.proxymetrics.ports.proxymetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} -livenessProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.proxymetrics.ports.proxymetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} -startupProbe: - httpGet: - path: /outpost.goauthentik.io/ping - port: {{ .Values.service.proxymetrics.ports.proxymetrics.targetPort }} - initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} -{{- end -}} diff --git a/enterprise/authentik/7.1.0/templates/_secret.tpl b/enterprise/authentik/7.1.0/templates/_secret.tpl deleted file mode 100644 index 5f78c0dc3b..0000000000 --- a/enterprise/authentik/7.1.0/templates/_secret.tpl +++ /dev/null @@ -1,109 +0,0 @@ -{{/* Define the secret */}} -{{- define "authentik.secret" -}} - -{{- $authentikSecretName := printf "%s-authentik-secret" (include "tc.common.names.fullname" .) }} -{{- $geoipSecretName := printf "%s-geoip-secret" (include "tc.common.names.fullname" .) }} -{{- $ldapSecretName := printf "%s-ldap-secret" (include "tc.common.names.fullname" .) }} -{{- $proxySecretName := printf "%s-proxy-secret" (include "tc.common.names.fullname" .) }} -{{- $token := randAlphaNum 128 | b64enc }} - ---- - -{{/* This secrets are loaded on both main authentik container and worker */}} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ $authentikSecretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{/* Secret Key */}} - {{- with (lookup "v1" "Secret" .Release.Namespace $authentikSecretName) }} - AUTHENTIK_SECRET_KEY: {{ index .data "AUTHENTIK_SECRET_KEY" }} - {{ $token = index .data "AUTHENTIK_BOOTSTRAP_TOKEN" }} - {{- else }} - AUTHENTIK_SECRET_KEY: {{ randAlphaNum 32 | b64enc }} - {{- end }} - AUTHENTIK_BOOTSTRAP_TOKEN: {{ $token }} - {{/* Dependencies */}} - AUTHENTIK_POSTGRESQL__PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }} - AUTHENTIK_REDIS__PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }} - {{/* Credentials */}} - {{- with .Values.authentik.credentials.password }} - AUTHENTIK_BOOTSTRAP_PASSWORD: {{ . | b64enc }} - {{- end }} - {{/* Mail */}} - {{- with .Values.authentik.mail.host }} - AUTHENTIK_EMAIL__HOST: {{ . | b64enc }} - {{- end }} - {{- with .Values.authentik.mail.user }} - AUTHENTIK_EMAIL__USERNAME: {{ . | b64enc }} - {{- end }} - {{- with .Values.authentik.mail.pass }} - AUTHENTIK_EMAIL__PASSWORD: {{ . | b64enc }} - {{- end }} - {{- with .Values.authentik.mail.from }} - AUTHENTIK_EMAIL__FROM: {{ . | b64enc }} - {{- end }} - ---- - -{{/* This secrets are loaded on geoip container */}} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ $geoipSecretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{/* Credentials */}} - {{- with .Values.geoip.account_id }} - GEOIPUPDATE_ACCOUNT_ID: {{ . | b64enc }} - {{- end }} - {{- with .Values.geoip.license_key }} - GEOIPUPDATE_LICENSE_KEY: {{ . | b64enc }} - {{- end }} - {{/* Proxy */}} - {{- with .Values.geoip.proxy }} - GEOIPUPDATE_PROXY: {{ . | b64enc }} - {{- end }} - {{- with .Values.geoip.proxy_user_pass }} - GEOIPUPDATE_PROXY_USER_PASSWORD: {{ . | b64enc }} - {{- end }} - ---- - -{{/* This secrets are loaded on ldap container */}} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ $ldapSecretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{- with .Values.outposts.ldap.token }} - AUTHENTIK_TOKEN: {{ . | b64enc }} - {{- else }} - AUTHENTIK_TOKEN: {{ $token }} - {{- end }} - ---- - -{{/* This secrets are loaded on ldap container */}} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ $proxySecretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - {{- with .Values.outposts.proxy.token }} - AUTHENTIK_TOKEN: {{ . | b64enc }} - {{- else }} - AUTHENTIK_TOKEN: {{ $token }} - {{- end }} -{{- end }} diff --git a/enterprise/authentik/7.1.0/templates/_worker.tpl b/enterprise/authentik/7.1.0/templates/_worker.tpl deleted file mode 100644 index 64c3b583b0..0000000000 --- a/enterprise/authentik/7.1.0/templates/_worker.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Define the worker container */}} -{{- define "authentik.worker" -}} -image: {{ .Values.image.repository }}:{{ .Values.image.tag }} -imagePullPolicy: {{ .Values.image.pullPolicy }} -securityContext: - runAsUser: {{ .Values.podSecurityContext.runAsUser }} - runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} - readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} - runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} -args: ["worker"] -envFrom: - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-authentik-secret' - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-authentik-config' -volumeMounts: - - name: media - mountPath: "/media" - - name: templates - mountPath: "/templates" - - name: certs - mountPath: "/certs" - - name: geoip - mountPath: "/geoip" -readinessProbe: - exec: - command: - - /lifecycle/ak - - healthcheck - initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} -livenessProbe: - exec: - command: - - /lifecycle/ak - - healthcheck - initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} -startupProbe: - exec: - command: - - /lifecycle/ak - - healthcheck - initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} - timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} - periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} - failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} -{{- end -}} diff --git a/enterprise/authentik/7.1.0/templates/common.yaml b/enterprise/authentik/7.1.0/templates/common.yaml deleted file mode 100644 index 8d610c2e55..0000000000 --- a/enterprise/authentik/7.1.0/templates/common.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Make sure all variables are set properly */}} -{{- include "tc.common.loader.init" . }} - -{{/* Render secret */}} -{{- include "authentik.secret" . }} - -{{/* Render config */}} -{{- include "authentik.config" . }} - -{{- if hasKey .Values "metrics" -}} -{{- if .Values.metrics.enabled -}} -{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}} -{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}} -{{- $_ := set .Values.podAnnotations "prometheus.io/port" (.Values.service.metrics.ports.metrics.targetPort | default 9301 | quote) -}} -{{- end -}} -{{- end -}} - -{{- if .Values.workerContainer.enabled -}} -{{- $_ := set .Values.additionalContainers "worker" (include "authentik.worker" . | fromYaml) -}} -{{- end -}} - -{{- if .Values.geoip.enabled -}} -{{- $_ := set .Values.additionalContainers "geoip" (include "authentik.geoip" . | fromYaml) -}} -{{- end -}} - -{{- if .Values.outposts.ldap.enabled -}} -{{- $_ := set .Values.additionalContainers "ldap-outpost" (include "authentik.ldap" . | fromYaml) -}} -{{/* - if .Values.metrics.enabled - */}} -{{/* https://github.com/prometheus/prometheus/issues/3756 */}} -{{/* TODO: Figure how the pipe works to connect it to prometheus operator */}} -{{/* We can't define multiple ports/endpoints with annotations */}} -{{/* - end - */}} -{{- end -}} - -{{- if .Values.outposts.proxy.enabled -}} -{{- $_ := set .Values.additionalContainers "proxy-outpost" (include "authentik.proxy" . | fromYaml) -}} -{{/* - if .Values.metrics.enabled - */}} -{{/* https://github.com/prometheus/prometheus/issues/3756 */}} -{{/* TODO: Figure how the pipe works to connect it to prometheus operator */}} -{{/* We can't define multiple ports/endpoints with annotations */}} -{{/* - end - */}} -{{- end -}} - -{{/* Render the templates */}} -{{ include "tc.common.loader.apply" . }} diff --git a/enterprise/authentik/7.1.0/templates/prometheusrules.yaml b/enterprise/authentik/7.1.0/templates/prometheusrules.yaml deleted file mode 100644 index b3a37c57c2..0000000000 --- a/enterprise/authentik/7.1.0/templates/prometheusrules.yaml +++ /dev/null @@ -1,160 +0,0 @@ -{{- if hasKey .Values "metrics" }} -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "tc.common.names.fullname" . }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} - {{- with .Values.metrics.prometheusRule.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "tc.common.names.fullname" . }} - rules: - {{- with .Values.metrics.prometheusRule.rules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.metrics.prometheusRule.useDefault }} - - name: authentik Aggregate request counters - rules: - - record: job:django_http_requests_before_middlewares_total:sum_rate30s - expr: sum(rate(django_http_requests_before_middlewares_total[30s])) by (job) - - record: job:django_http_requests_unknown_latency_total:sum_rate30s - expr: sum(rate(django_http_requests_unknown_latency_total[30s])) by (job) - - record: job:django_http_ajax_requests_total:sum_rate30s - expr: sum(rate(django_http_ajax_requests_total[30s])) by (job) - - record: job:django_http_responses_before_middlewares_total:sum_rate30s - expr: sum(rate(django_http_responses_before_middlewares_total[30s])) by (job) - - record: job:django_http_requests_unknown_latency_including_middlewares_total:sum_rate30s - expr: sum(rate(django_http_requests_unknown_latency_including_middlewares_total[30s])) by (job) - - record: job:django_http_requests_body_total_bytes:sum_rate30s - expr: sum(rate(django_http_requests_body_total_bytes[30s])) by (job) - - record: job:django_http_responses_streaming_total:sum_rate30s - expr: sum(rate(django_http_responses_streaming_total[30s])) by (job) - - record: job:django_http_responses_body_total_bytes:sum_rate30s - expr: sum(rate(django_http_responses_body_total_bytes[30s])) by (job) - - record: job:django_http_requests_total:sum_rate30s - expr: sum(rate(django_http_requests_total_by_method[30s])) by (job) - - record: job:django_http_requests_total_by_method:sum_rate30s - expr: sum(rate(django_http_requests_total_by_method[30s])) by (job,method) - - record: job:django_http_requests_total_by_transport:sum_rate30s - expr: sum(rate(django_http_requests_total_by_transport[30s])) by (job,transport) - - record: job:django_http_requests_total_by_view:sum_rate30s - expr: sum(rate(django_http_requests_total_by_view_transport_method[30s])) by (job,view) - - record: job:django_http_requests_total_by_view_transport_method:sum_rate30s - expr: sum(rate(django_http_requests_total_by_view_transport_method[30s])) by (job,view,transport,method) - - record: job:django_http_responses_total_by_templatename:sum_rate30s - expr: sum(rate(django_http_responses_total_by_templatename[30s])) by (job,templatename) - - record: job:django_http_responses_total_by_status:sum_rate30s - expr: sum(rate(django_http_responses_total_by_status[30s])) by (job,status) - - record: job:django_http_responses_total_by_status_name_method:sum_rate30s - expr: sum(rate(django_http_responses_total_by_status_name_method[30s])) by (job,status,name,method) - - record: job:django_http_responses_total_by_charset:sum_rate30s - expr: sum(rate(django_http_responses_total_by_charset[30s])) by (job,charset) - - record: job:django_http_exceptions_total_by_type:sum_rate30s - expr: sum(rate(django_http_exceptions_total_by_type[30s])) by (job,type) - - record: job:django_http_exceptions_total_by_view:sum_rate30s - expr: sum(rate(django_http_exceptions_total_by_view[30s])) by (job,view) - - name: authentik Aggregate latency histograms - rules: - - record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s - expr: histogram_quantile(0.50, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "50" - - record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s - expr: histogram_quantile(0.95, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "95" - - record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s - expr: histogram_quantile(0.99, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "99" - - record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s - expr: histogram_quantile(0.999, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "99.9" - - record: job:django_http_requests_latency_seconds:quantile_rate30s - expr: histogram_quantile(0.50, sum(rate(django_http_requests_latency_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "50" - - record: job:django_http_requests_latency_seconds:quantile_rate30s - expr: histogram_quantile(0.95, sum(rate(django_http_requests_latency_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "95" - - record: job:django_http_requests_latency_seconds:quantile_rate30s - expr: histogram_quantile(0.99, sum(rate(django_http_requests_latency_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "99" - - record: job:django_http_requests_latency_seconds:quantile_rate30s - expr: histogram_quantile(0.999, sum(rate(django_http_requests_latency_seconds_bucket[30s])) by (job, le)) - labels: - quantile: "99.9" - - name: authentik Aggregate model operations - rules: - - record: job:django_model_inserts_total:sum_rate1m - expr: sum(rate(django_model_inserts_total[1m])) by (job, model) - - record: job:django_model_updates_total:sum_rate1m - expr: sum(rate(django_model_updates_total[1m])) by (job, model) - - record: job:django_model_deletes_total:sum_rate1m - expr: sum(rate(django_model_deletes_total[1m])) by (job, model) - - name: authentik Aggregate database operations - rules: - - record: job:django_db_new_connections_total:sum_rate30s - expr: sum(rate(django_db_new_connections_total[30s])) by (alias, vendor) - - record: job:django_db_new_connection_errors_total:sum_rate30s - expr: sum(rate(django_db_new_connection_errors_total[30s])) by (alias, vendor) - - record: job:django_db_execute_total:sum_rate30s - expr: sum(rate(django_db_execute_total[30s])) by (alias, vendor) - - record: job:django_db_execute_many_total:sum_rate30s - expr: sum(rate(django_db_execute_many_total[30s])) by (alias, vendor) - - record: job:django_db_errors_total:sum_rate30s - expr: sum(rate(django_db_errors_total[30s])) by (alias, vendor, type) - - name: authentik Aggregate migrations - rules: - - record: job:django_migrations_applied_total:max - expr: max(django_migrations_applied_total) by (job, connection) - - record: job:django_migrations_unapplied_total:max - expr: max(django_migrations_unapplied_total) by (job, connection) - - name: authentik Alerts - rules: - - alert: NoWorkersConnected - expr: max without (pid) (authentik_admin_workers) < 1 - annotations: - message: | - authentik instance {{ printf "{{ $labels.instance }}" }}'s worker are either not running or not connected. - summary: No workers connected - for: 10m - labels: - severity: critical - - alert: PendingMigrations - expr: max without (pid) (django_migrations_unapplied_total) > 0 - annotations: - message: | - authentik instance {{ printf "{{ $labels.instance }}" }} has pending database migrations - summary: Pending database migrations - for: 10m - labels: - severity: critical - - alert: FailedSystemTasks - expr: sum(increase(authentik_system_tasks{status="TaskResultStatus.ERROR"}[2h])) > 0 - annotations: - message: | - System task {{ printf "{{ $labels.task_name }}" }} has failed - summary: Failed system tasks - for: 2h - labels: - severity: critical - - alert: DisconnectedOutposts - expr: sum by (outpost) (max without (pid) (authentik_outposts_connected{uid!~"specific.*"})) < 1 - annotations: - message: | - Outpost {{ printf "{{ $labels.outpost }}" }} has at least 1 disconnected instance - summary: Disconnected outpost - for: 30m - labels: - severity: critical - {{- end }} -{{- end }} -{{- end }} diff --git a/enterprise/authentik/7.1.0/templates/servicemonitor.yaml b/enterprise/authentik/7.1.0/templates/servicemonitor.yaml deleted file mode 100644 index afa560ff34..0000000000 --- a/enterprise/authentik/7.1.0/templates/servicemonitor.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if hasKey .Values "metrics" }} -{{- if .Values.metrics.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "tc.common.names.fullname" . }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} - {{- with .Values.metrics.serviceMonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "tc.common.labels.selectorLabels" . | nindent 6 }} - endpoints: - - port: metrics - {{- with .Values.metrics.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - path: /metrics - - - port: ldapmetrics - {{- with .Values.metrics.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - path: /metrics - - - port: proxymetrics - {{- with .Values.metrics.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - path: /metrics -{{- end }} -{{- end }} diff --git a/enterprise/authentik/7.1.0/values.yaml b/enterprise/authentik/7.1.0/values.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/enterprise/authentik/item.yaml b/enterprise/authentik/item.yaml deleted file mode 100644 index 351e1c3fe9..0000000000 --- a/enterprise/authentik/item.yaml +++ /dev/null @@ -1,4 +0,0 @@ -icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/authentik.png -categories: -- authentication -