From 956ba0034be01f05474bf8b7cb51f0f2b263fd6c Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Mon, 24 Oct 2022 21:58:56 +0000 Subject: [PATCH] Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot --- incubator/meshcentral/5.0.0/CHANGELOG.md | 99 + incubator/meshcentral/5.0.0/Chart.lock | 9 + incubator/meshcentral/5.0.0/Chart.yaml | 34 + incubator/meshcentral/5.0.0/README.md | 107 + incubator/meshcentral/5.0.0/app-readme.md | 8 + .../5.0.0/charts/common-10.7.1.tgz | Bin 0 -> 49150 bytes .../5.0.0/charts/mongodb-2.0.35.tgz | Bin 0 -> 55114 bytes incubator/meshcentral/5.0.0/ix_values.yaml | 1008 +++++ incubator/meshcentral/5.0.0/questions.yaml | 3436 +++++++++++++++++ .../meshcentral/5.0.0/templates/_secret.tpl | 117 + .../meshcentral/5.0.0/templates/common.yaml | 8 + incubator/meshcentral/5.0.0/values.yaml | 0 12 files changed, 4826 insertions(+) create mode 100644 incubator/meshcentral/5.0.0/CHANGELOG.md create mode 100644 incubator/meshcentral/5.0.0/Chart.lock create mode 100644 incubator/meshcentral/5.0.0/Chart.yaml create mode 100644 incubator/meshcentral/5.0.0/README.md create mode 100644 incubator/meshcentral/5.0.0/app-readme.md create mode 100644 incubator/meshcentral/5.0.0/charts/common-10.7.1.tgz create mode 100644 incubator/meshcentral/5.0.0/charts/mongodb-2.0.35.tgz create mode 100644 incubator/meshcentral/5.0.0/ix_values.yaml create mode 100644 incubator/meshcentral/5.0.0/questions.yaml create mode 100644 incubator/meshcentral/5.0.0/templates/_secret.tpl create mode 100644 incubator/meshcentral/5.0.0/templates/common.yaml create mode 100644 incubator/meshcentral/5.0.0/values.yaml diff --git a/incubator/meshcentral/5.0.0/CHANGELOG.md b/incubator/meshcentral/5.0.0/CHANGELOG.md new file mode 100644 index 0000000000..1fef750cde --- /dev/null +++ b/incubator/meshcentral/5.0.0/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + + +## [meshcentral-5.0.0](https://github.com/truecharts/charts/compare/meshcentral-4.0.16...meshcentral-5.0.0) (2022-10-24) + +### Chore + +- Auto-update chart README [skip ci] + + ### Feat + +- BREAKING CHANGE - Rework to add support for (almost) all configuration options ([#4137](https://github.com/truecharts/charts/issues/4137)) + + + + +## [meshcentral-4.0.16](https://github.com/truecharts/charts/compare/meshcentral-4.0.15...meshcentral-4.0.16) (2022-10-19) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major ([#4122](https://github.com/truecharts/charts/issues/4122)) + + + + +## [meshcentral-4.0.15](https://github.com/truecharts/charts/compare/meshcentral-4.0.14...meshcentral-4.0.15) (2022-10-12) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major ([#4071](https://github.com/truecharts/charts/issues/4071)) + + + + +## [meshcentral-4.0.14](https://github.com/truecharts/charts/compare/meshcentral-4.0.13...meshcentral-4.0.14) (2022-10-07) + +### Chore + +- Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - update helm general non-major + + + + +## [meshcentral-4.0.14](https://github.com/truecharts/charts/compare/meshcentral-4.0.13...meshcentral-4.0.14) (2022-10-07) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major + + + + +## [meshcentral-4.0.13](https://github.com/truecharts/charts/compare/meshcentral-4.0.12...meshcentral-4.0.13) (2022-10-05) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major + + + + +## [meshcentral-4.0.12](https://github.com/truecharts/charts/compare/meshcentral-4.0.11...meshcentral-4.0.12) (2022-10-04) + +### Chore + +- split addons in smaller templates ([#3979](https://github.com/truecharts/charts/issues/3979)) + - update docker general non-major ([#4001](https://github.com/truecharts/charts/issues/4001)) + + + + +## [meshcentral-4.0.10](https://github.com/truecharts/charts/compare/meshcentral-4.0.9...meshcentral-4.0.10) (2022-09-27) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major ([#3918](https://github.com/truecharts/charts/issues/3918)) + + + + +## [meshcentral-4.0.9](https://github.com/truecharts/charts/compare/meshcentral-4.0.8...meshcentral-4.0.9) (2022-09-25) + +### Chore + +- Auto-update chart README [skip ci] + - update helm general non-major ([#3898](https://github.com/truecharts/charts/issues/3898)) + + + + +## [meshcentral-4.0.8](https://github.com/truecharts/charts/compare/meshcentral-4.0.7...meshcentral-4.0.8) (2022-09-22) diff --git a/incubator/meshcentral/5.0.0/Chart.lock b/incubator/meshcentral/5.0.0/Chart.lock new file mode 100644 index 0000000000..f74612b64c --- /dev/null +++ b/incubator/meshcentral/5.0.0/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.7.1 +- name: mongodb + repository: https://charts.truecharts.org/ + version: 2.0.35 +digest: sha256:2fb9d45a5b3560f858fd2e0bc2f158130976195cc054b4318ca214a719310bfb +generated: "2022-10-24T21:57:13.728503665Z" diff --git a/incubator/meshcentral/5.0.0/Chart.yaml b/incubator/meshcentral/5.0.0/Chart.yaml new file mode 100644 index 0000000000..eff5119a0b --- /dev/null +++ b/incubator/meshcentral/5.0.0/Chart.yaml @@ -0,0 +1,34 @@ +apiVersion: v2 +kubeVersion: ">=1.16.0-0" +name: meshcentral +version: 5.0.0 +appVersion: "1.0.85" +description: MeshCentral is a full computer management web site +type: application +deprecated: false +home: https://truecharts.org/docs/charts/incubator/meshcentral +icon: https://truecharts.org/img/hotlink-ok/chart-icons/meshcentral.png +keywords: + - meshcentral + - teamviewer + - rdp +sources: + - https://github.com/truecharts/charts/tree/master/charts/incubator/meshcentral + - https://github.com/Ylianst/MeshCentral +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.7.1 + - condition: mongodb.enabled + name: mongodb + repository: https://charts.truecharts.org/ + version: 2.0.35 +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +annotations: + truecharts.org/catagories: | + - cloud + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/incubator/meshcentral/5.0.0/README.md b/incubator/meshcentral/5.0.0/README.md new file mode 100644 index 0000000000..d5cdc1685e --- /dev/null +++ b/incubator/meshcentral/5.0.0/README.md @@ -0,0 +1,107 @@ +# meshcentral + +MeshCentral is a full computer management web site + +TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. + +This readme is just an automatically generated general guide on installing our Helm Charts and Apps. +For more information, please click here: [meshcentral](https://truecharts.org/docs/charts/incubator/meshcentral) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Source Code + +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.truecharts.org/ | mongodb | 2.0.35 | +| https://library-charts.truecharts.org | common | 10.7.1 | + +## Installing the Chart + +### TrueNAS SCALE + +To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App). + +### Helm + +To install the chart with the release name `meshcentral` + +```console +helm repo add TrueCharts https://charts.truecharts.org +helm repo update +helm install meshcentral TrueCharts/meshcentral +``` + +## Uninstall + +### TrueNAS SCALE + +**Upgrading, Rolling Back and Uninstalling the Chart** + +To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App). + +### Helm + +To uninstall the `meshcentral` deployment + +```console +helm uninstall meshcentral +``` + +## Configuration + +### Helm + +#### Available Settings + +Read through the values.yaml file. It has several commented out suggested values. +Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/truecharts/library-charts/tree/main/charts/common). + +#### Configure using the command line + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +```console +helm install meshcentral \ + --set env.TZ="America/New York" \ + TrueCharts/meshcentral +``` + +#### Configure using a yaml file + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. + +```console +helm install meshcentral TrueCharts/meshcentral -f values.yaml +``` + +#### Connecting to other charts + +If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide. + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +--- + +All Rights Reserved - The TrueCharts Project diff --git a/incubator/meshcentral/5.0.0/app-readme.md b/incubator/meshcentral/5.0.0/app-readme.md new file mode 100644 index 0000000000..f2bb671e55 --- /dev/null +++ b/incubator/meshcentral/5.0.0/app-readme.md @@ -0,0 +1,8 @@ +MeshCentral is a full computer management web site + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/incubator/meshcentral](https://truecharts.org/docs/charts/incubator/meshcentral) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can! diff --git a/incubator/meshcentral/5.0.0/charts/common-10.7.1.tgz b/incubator/meshcentral/5.0.0/charts/common-10.7.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..468f3ef2f3acf18cebd2ed59f5f3002bf39044dd GIT binary patch literal 49150 zcmV)%K#jj2iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{cH20TI6QyrDey6wZF_#!)$%2t$)0uFPPb1dj*so6cXxJ< z1Cfw~F-5QeP>v>@cmEEq1bC4s-#Xo6?rg^*fkL5BC{z^+g^&9t`ERe+EB@Qt-R}RXKinP+hQqzx-rk>j{lRc=@F&oF1YAl_#yF&Z>fO7o zV&{G*4@~h#L>VT@0hkY3Fiq{x7;?mTD?%)!IOX!)n=A>%Um(UK3h4rj2?bX)Lz015 zYf5J508BYg*+I8E!F-yHIw6^LIn7Wg%XDFyvM#3xb!U)qM7#REV#O8?MMDMzoI?&N z>nKneLo_4_M+uiuv+myRu-Dt$*=gON#Vw%`J7~2*-dL+`Fm1~htv1lj++-tUyZYUK zzV3JWyPaOU_g!lSal#=^5S75t4C43z;ABkxD+k;mbkYJKfug?-0RYHooTFc;po(h@ z_##CI2EEqY;L`7P_B#F66OF%~|8p2;h&_@3SUUgv{k`qoVR8QN4TsP3|0$jqpxp-V zQKLad9As*upgd`c`Nk*ZV>#Y~yzalh-S>l*T``Zx;qw#Kk7>>rneKZ&jUcDOhN4w)58p9siAMA{W!@coNxYO^Ac6UbM ztKN8bw>KEr(v| zQ#273>*=1uZb)(qvjH@h(DQz$*BSH%{obqo(9rwUcxM;w?C$o^el*^XhSB!^&Y+K? zy=^!Q!@;XD91KU}oxS~DZ*Mdnq229m)a&*4hiHIC<5AcIhqXw31#!$m7^8Jb%}vF6 zQs=NMNo~G%?OzRm6ezsC-RZwF#NFS4!&l+146_xI8M zV7NVgwY$ALeziAf(Dqu?O%P{OLioDWHTCMLYautJt|`A7R=p%fd)xh;u(ub9KVHGX zARO=a!|@*69z?zU{;=NX4MylyIM^OHYke&yhH;9MwS}*$ zRZrwY1+^i46|_}wT&ivhgJ59Dy4UZ&+8_0|L%4$=+#U|Y-BC0cMZK^O2d~DX-u`fJ zZ!p~64hQ@F{wN&3f_wX;y}kYI{n7s37_Mx&DMe>l%rQ>zlBq3=v_+Yw)X8g9!J{a` ztU_}3I=!6lcEbMl?%sHBxHH%b_rhr08$`YBVYD~sN4;ndhW#BF_V&j+aMT;^jbHV9 zyZxO(*xNz9o$cLzrIzJ3+>}0(n2cbY(* zv_KP664o>&ag3-%86|KOBR%oWS5aAghz_KE zT_jCj6bQq%Bfo!yF^&L{&I1M@6;w-OvY4TSZ-EG+8A%x8fKb3ViXcZ|LoX|bfF?BE#-wgg@YEc)2c;R$Er*WaB8T<^g1kNFj#nh9voZst! zVHuq$0P?RwRcB}mbyG;Wk#ZpaWu?W18c_j+qB&-mBw&h}SZY9wXL3a`AAVHt--_1< zV7t}A-WsL^eZExr>y}?CUx)nnwabLoMdYdpE>Vm^PAGtJOm3N66%b?#kmB$LCldfc zgvVnRUcmJ-Tg!tFwGd35;p1pM&fRCUHcJ^+FI9q4w=!k}4wHiJpD!8R=z zqXLOpAbpQ5T}aO43K)=1*pk}fvs3jjic}4pSP26-F_1DjrGOay(ZWFMv|fO7if54G zcu~<`^qEt5=(m$8rV#~?E{?yGQe-MtB=w>70$fco0}(+CoV~vSI0@q{vW11bNKq1@ zB*cgb1oWEYpd~R8OUew!AVqXc=nN(y5=~vv44oZbDkNJk!12k)v-ejgLiuL|uozFK zJYE18b3_r7XySx%7{?$c6C6tNfP^GqL=lvna0?eXATT%p$CxRU1Re>w1&n}OBo|s? z>j*TU;(Qc=#0o;CX#uG+z&KvC6h)3Mjt{^X#tdl+iivb&h7nxh8TuDVQ0wY{55R}3 zqgE@0Je-~;gyZo-uf#1+j;3gr7=1XW3GTf5N3>% z88|(cbw$|&(0?`P^mq3=ySts;N{}!kd**Kggz^Kh zySwWUbh)mPlBkuE=&(Ycs91R`*WK0&r?Dn2D79_1x}a;m^;LrAXjN+i9#jXFW5f}i z;RG>oJ4J%fxhzsbM^ptgOBlGtdN}rr^Wfgp9E`zV?4r14p9E|K}rb-ek2tC zOF)XjIf=kw#)L;8;&Ppxq4m~?n0TlU4as!wSyctgLESmv1BU!=)WUZfl$Hd~m zQh1wG0PV|nGn`x)ZSMXcdp!jdettNh`#q=IN9P|ta2(@*$!TF-wq8^Qn-6DOr)gxD5H z2p9h#9(Fn%smKa&r;@iQ0+@lB(qv%*`UPlPU?$pRnJOTbym(P6C1F5%gCYQ#!Amuy zf0*Sf*F=?v$eH!f00o*(fK5pjN5ZC6%6?Qe|8kIy

8FqsXW|1;DaO$vn1juBOPF zenqr65jM6%$AoaHPYLrun#Gk>6OlPMp!Fe0##Bw2z(}j;3&=* zNA!Zk%2aWFe~*(0CzD#%q9YhKW++kkzHB65)G?2Qzdp;H$bn~oP@qM&Lc0N3mhz2Q z`VPzMu>(ey4fEgbn&^S?SI{L8N~`=D*qBZgVe0qmBj-}73~xEA7nvNA>JC%!u~6w4 zjpbr**py|Xf1;2VCCV9`*(v6KI~FH2ad?x%9o;`RwlH9 z>u5kn+NmvfByI`4QFf=bo232^#H{En+qKDSR?N&gX7}nX;cKNuDQF*AVaLT$w?8kkf2z#+Sku!I7NW`c&A2z-$u)&cKR%`sZz-U3Mft6#L$Z#Cm( z)hp=;41&4_kkRF1EKEk#dHGJez#7-mC^*LK2d3p@&ksOxVzfCNMrV0GQ*s6K0P6Z~y|7u2%EnFOU@Pn2fkqeYWNX{pQz)3Q1e}q(!7Ni;H zdi|V<(GWv(lZ_Bf5J!UEAw?XFF=f2dQol};xifv=L1{nCF(rvq*RAc^0atn*&h3jA z;Bt|0_}RF&4_Yt4;U+Lf`U~*=COAL5y!`q20DSl53+P-R$rK$Sr@+^*-?d(VBU_}U zd#^0*cQE}4EiTa5zBh}%`re+wv~4Xn`P`tzf%uPkeOv-9t-3dq%p9PK45hYAYwB~M zrE**H>2w55PByJ|dG)_u%Z4m(mXxTb6EdTOlDWj+Sh1E^4)%3qYU|FFin@I)DCd%4 zh+aOd02os;ldeF+Mb1W#tZ}A%?AnLX&I@@WT!2^%uNIK|227;>m#9Kpoc)qtn5Q8>-AFMzr$obth>6cdX1 z0)#PS$_1JGO1VH=&YzLm!eikSMVTU#6>N zLHY=p^qPQ4hL!dJ1*us!%bl`9;2V%k%oOv(7=%AhQDWR?gz+=Anmc;(f@IQ`h!SQN zR02L}W#)|#YCmH>{ZZBZ)N+6n-75JSAGp;6fX80jn5l|VcMfV=s;VW_^G?emDhI=@ zZd}=^c3K^uT^cg8EgKnNOrazqoM|BoW^e&0VkDj;kg%ALn=A#Gu}tZjau|McWj@bR z=|lcL_Z{CN0Aq?^v@jzN0@cdvJ_xozlp$&A3s@A9FjTnYt;qFWc2KR2Vrtt(KrM4h zv`C;WPr?QLKyNUsSPHY&GX!ZkMXu_h#6&l8WQ6aatz4?)WHh>k==tCOPSN-u|JX3$ z$oZ1k!K53Jkaa_ngec{#YwESNHi?so_?V!Ow_z&%AhMfnU9kHCh9P2tZQFc`%6u4kHrEtEziM5{^FeP6$&t!ZGGp3~0s~j;vAt!-v!I zE`ky{M@}_?Mnp-fhYv>XCQWV!$lVg%I?&BqbKqP#QZIe%5`y^h7cHiI_DVcA>2;?5zxv6);LKtfu(E<<@I3p5qTP-Y%h&Lw7MDL+CUSSjme>Lih}j|LFP4k z#cZnF_G7=+ErF4!iqgdtiRA2L7!v{H0nG)@FCTmQ*u4bAdiEt83W* z#*8iu9!~OTXP2W>Lb(idWmSF{C40isq-Fw~N=?SY;)Rk;3umo8OMrcf^ z&?V)pWYsgee&X)-S}mn9LoYznH+>{;K@M)GIGn2OW*keONB+h)hQ4FK0Sjh`F*rfi z9=WBMbCh&Ub4pKLrlwLPorNKCKDJ?sySIei!~{ldiWtdgh*(#su=9TRg*C|9{Y_!t zX)Mmg6tDv8G>LF1jGQUCZQhYQpdck_CN%b_E_nTuuwFk&pV+52FpftsytyK8$%MU6 zPADbx({Dru6XI&NQ?-}|ILSFpZTNu%A;ouw76?oz4AD4?8B)-@`Y)P|u#4-_M`A~@&{As${#r}E2Z<1zlMz?-#I4IO44A^amb6(H>@q<6B_ zN?>ESOOXw3=#N!^IlMvC(Eg*h=uYYbCclhb~7C0jjI#*$+ zMv<^zivdZ_v5uO99koY0bO+8UnTt->1huLKU803qxw;OU=r#Vs((TSg|xXaPGJ| zD2mrE4K>Sy#~c!bI&YEJ5f)0JtdO^&ADo0F?l|8rvsA)x4uO3V_SvT`_3x$lb^U#c9T^=mf;bigZWG|m>!fAS{=tGmYvo5 ztlZ_Omtg9%Be*p1g5LV~f3%!dYt?LBriq@N7rmdNt>M%w+9v9+xuR`I0G5RhSIbg! z^5~wLwvC>wmZheZN7uA1alsN*`!M4q#>tIKI~6+V3Pr)(TVO=^RGsIM;z=MNv49@s zwMv?C@)jpIW!l@I31ZIU!X%FXnc*mkZy`nQ2)@CeQS?rHLGn|HGIBPNv8t`g7^%i7 zL}Ps8e!1CaD$FB=Au`7f1j6<-nue^R&E#fou43mDaA686!8Ap}mKX5FZ{2j>mW|%c zYpRdBz5F<*9Z4_P!Qz_F#0?XNvFV{>9Es?2N|=qj)UBf=YG+KZ!{Z`twG3;E*^iU< z2r?Y{aoeWtKLpihE?b%4gm2TVGmDqMSea=jd@+H7-?^dq zz$T_~AZUWhK*%Pd^@XvUm>b_FQ&zrG=8Xf;hCl{#pv;Mg7lpNWN*K@AVRucFU-C(+ zQ2&uIdDc`S<;ORe6+6mPyZX zr&c=aR?S&KG*f`0f=3%emMVEO$d18OP~fiKUKZJ<1HKmvwhAzo5!*sMD$Wukkm>+G z=#P#X4<5TGG;D~rVqcGI+T5NwaSy(^G1E|n?%Dk!e@zP!<#;T22CR?)@(}M4qTJhe z^x5AYT&QB=qJo+-6FT2;PTPag}pLhF?n+Oq)-EDfjZT}=%I;yZm>px)N7nG^(jg*JS6 zg}q@Btg<+4ZFRt}aKzQG>ZR!ctB%L|b*nT53BVRpM-WVM=7K!72WNnLtiTAaF(C(F z1nDwPyEm6L977$!R}=h}<72m1kInXa0aq_xLT<9M&eE`nbRHTJ(|{}7=0wlynBze; zO_@W%=a}=4N1E^dfExw2)3Kdhh5pv*dF4TJc8f|I%LjrT(-@t9JlfKK{&>D6IARN+ zS;`m3m~QC>Z!4d2TXM0INmm5J$ruS|Cn=q~X4RO`&}JV>Wo9eU7l-se<2aV8kF=YT zh0T#iwHrX0a{^AqaoeAzr-Bo;SgD8)5@$1HEH-~L-VoS5lJcqhH-XMI8DH}$x>nWy z^V60ts*j0?lHawz(@Q9GTN-8DpC#)3JAsjEP$DOz1_VSM6IR6iv<0F?0%tfBYMDyM zrB1dOibWOGqzcmh-#3>s=*Ed9G9VDGa3bh_mEnmw&8PCLRm_kAIl*(30H%7SI#sTp zCDLPzBCz40vAG2j;#HMOs0=`o8^L0-Oo{bRRH3gLabYOqsqON%jz_wMD$xT)nLHT< z&}YmfONKGTv#orTbpVq6E@ql%lQ=s{rqGdqAsb(ijJ7362Zs;ZWf+p=pXL$<>9Y9b z0r=E$vS>iSvQb-wlO@dXp|u2}e1;kyyo_Y0D$TDv=5FVT7`ryhM$%}|XsOvmNeUq@antVl}WTBFSTO{0?bH+?3~G+{UaUxr-x6CYlP_kr-82J zgjX=SIfiY8Au|V^+5!uvT=39#?EqXL82wB!NAHEgns;9w&$Ovz434H3Vx>VW-?FHs z4a5IJ2jJDKS3lsQFM&wgMX{th#5q+`JxfUfKB>fOi9TlXNsB5`up&>2@AWg0fnqA9 zkir?_h#D(Qu%ef$YfFp-Nl|k0{iQi~CA2*8Z>je8dYr{dqgBo*Q(I1mnVF+9Fu3`{ zbby}bFwYcB>>_CxTHr8+R47;c7NG>d*gfyja+qTs-mnZI+lw&WTpkE3P>2c%qO7&4 z7HNZdadqmd$`#(D8H#WwU9EviHWcKmE(Cm*jv3gvIDFS0!SF_~mpyT{X(qY`YQrQI zXBxnQK}B6=x5V_?DZfi$pc?iiq};Q+#Q#F-RI zlUIr5JDK=jN^Hy|IG}r@hajICI+-MR0s3l!{4Q8y4rxp#?2f!KhqNoIKXbNkSmVVO%{Kp&LrjiubBS^H`m32!>KyK zq5WT?OxZo5NMPzKZgDhyvm-9m^c2wPgua=6oohDYz?Oi?LqP}H8_c3 za<*6_63Wcj+J~$2PLqWB6fWl|EBKKlG1l-Rnc$N$!>ai5-;i&Wcd`Nd8aL*B*;n=W z;hEULeP-p~h?TXAA?M&azEcI;Gn4;z3DY?~@ZYgh+Uf7(xu#XhP31gRBk@s#Oi?J^ zllO3<8OfrYW$M?Zao+%-0NZ_x1N#aX7p?NF4F^5vliDwuE!rkuR1II5UDhV7Wy<#Wk$m;Rd`Tm*>wko`O zq`h2$D~GuV^?8VEMO2iFC>y;ii8OP!6dZzj!eei5uTt9S;ZorO<M0Gm?q87>7xS zIxU5x+#xjCY?)4_D#LMPR#eZy06CN|-JPz$+v*DBceOnwE$kOBz1QY+4DyVuC4=u-W?M*D*wu=?d~SscNsBK0;@Q@^oQ;6j~ z3~MPoDyt|?CT%oV5k_6e7@j0D`&L3C)P0f2D?`kjxZ6;f2 z=fn_7WnJ^kW(S_Z&zCpo_5l11Cmc->{ZGjrrs7XRs{c*p!&P5yrzrW5Fvu|*%RR@! zcNyrD58L0ARQ=CFhB+>Yz)7r+@399MGYM0UPYzeoz&27ySuSk3!x%$`Y)qfl@KM4k zR&TqAhg}t_E2x#GLUNv-n;36ZD9>8^0J%hA6ty)1ZB8T)A|AFS4s9XvSgTO@VhGZ6)cel5<9q+xLkkn+XFnjY1bk#*(tR_!n zr)85|9JIg-@G}A#%j9iS6oq6qLrG-zxsCraPcWrxsxu`7#0bvynK79*MzDN{NyY@^ za7wTf1SzzQj!HHIV@3c@#9APa%T0yAXXd&wnk8bXcCy9l3zK5Zd5i>Ti^vvWSvVDq zzrzU@!`m^DFA=f9FQy+(wJcG6Ra6|4I3~9;hx7{&3vsapVD!(7adk!rGLRr4(;;1K z$0L1{7g6B0jIn{(?DP4DGx{D zWK6cSkBnp-{GDVJ2(hF@)1+VeE2c9g1vT?a~wsXgf+B}O;!ZB2VusSugae0cyF1*Ae_HOF&TBm5}}sEn|;=$S<+#uceb2I*29cXWkmW?n(7)b<5OvoTI#$2hceC& zM<|4J3t;O|m#2Xfq$HGB2XG?ED~~KXPnBi@dz<~Eth2T zhLP}Q=h|47_O-k!^jh6Xn%9<5+SireN{181F7KP}8hopQ&TnuWU*2LKPMyA?&+?X^ zNGGgk*Qe+6p$$r}`np?8-J*2`F*Z&vV8eoijMz0y=nD!^tW^x7jAJLoyUn+tk`|jZ zZ0f*+*?&kALn0@sbpv&%Mm$n=nD?2tj_2QY0}iANA1Q7AXfuR_H4?fGYh4=W?LD`(L>Se5Y+RZy$J` zCgT4)0tNjwA=3Ndwf*3`QS0wVm3E{Ay@FPSGNBjh3UwkRk-C)tQLR=;{Z2&`s{=XT zo|@qx-9*UcGbNtqJ4(8BqZt`*KkU*y4LvE<4L7rxy&dJH*{clU1M z!m0nbQo|#j)2hDITiQkW#oNZ&c|>HCKDDmQw)88vBgkPp!c^tWaN@*cq7(IS0#d3P z@kYY{3gs0Ls%LVkwGQrfTPPLwXF?K33=|P?z6AR4Ot&*r>f#4w1)|TXykQHQ9SX_D3AaKRfloNPrVM^E z!q`JeUAvXr28DC?t~|^$&g80oafRrtT$26#j8ft_-0me?b~4BrTgJ`dR+ip*p##t# zY!CX*+bWEJml({Xpw`&t39p=XoB}UiJWA>-37Des0eINdS6&0|k31C?*xv2;_7opD zd7Vmpkk~v#YcPUq2vz4z0qbN=DICTwq}>4e21hk?on=WhDpF&J+Er;Tq(EIa%SCOT z3zNWMJ*6zAWG3u5M1|^x`0r@(y zckIcl=x#BeN~PnRL=QGO3=YdChsEZPvlO{L}W4k(jREJ5j4yzeLHW>d~K`ANwf1q-!rL?8?3G?sfTM`VLRy zyS35l^?JL*q5QYk>lOd)?QQq})E{mS2E*arZg1~Ty+N;DP#9=fwtPsTW;f9l=4 ztzzeXC(oBJ-M_S?+F_G*Njq2vp^V}Tr4%PB%iD=&3Shay-jJ>?zNW}tT%OsiD>|Cu z!)d4Wm+sfEtuJ3}aB0B9j^em(*47&$7v= zc)**0`4p;}cuoOTxAsFvYXqjiOP!M3gpeG(miHu>O7@B(oX9PD7uOh%IvK~YDb&%R z0?^qkf|rg<4ZF}}N7>`eS`bC^b~Yj$au6t6Fen1v+_VIIiIWKx?W<{SiD}Zp-=GC6 zz5P{fWjIjee(%9+5WGxCgsyQKSZ6b!nfZPL(7oBd?rH9w0-~*I+|!K&e8T@*hwO)B9O1+tt|Q`OU?kX`MT8rkSF4 zF(I@aTd)2GkW2d*1o(6N&w_KSD{odTGcR=(bTyr)gxm;-F(Efu3W9k*0Kt(tEEl-# z26>Gj?-xoqU8F=P8lq#jXe1qMsN6NDq@|Wy{dHxzA|cBHN%vYx2nVt|8D1}|V;a#c zSwSCn&TMEAP%hSyc~spVZMs}iKd@l%2d4FnP_JsluTaBhG ze>--ksff<%M%>+~)eWW9jZ`(G${Rr${CIVBUXTE}7}ZiVsF=LIbny^#$E_?qdCdIo z6dGf}(!n#M2a^bF6uDFm=O);w99xGe3R1TM$jg!_sF_Ss+Br1PBC!gv{8j;2sNbIc zJ@0F6+sc&+-C6-{+5I(%0jOHj<@W$|z^@l2K@_kjYJlOG&ol;wKcG>t9 z{E`u_2VL#n$~t1G{cmzhL4Fgx_P#0S#1}^>|9O7U?f!Xw@aOrT=YfNQYE*$&fHqxF z%T0r#l~AMqhluj-wfL{{(A>)qSfT$9`g_|2{eN$}zw@mBKgF|5{};pGQ9&Kb2vBRa zlkZ=uvZcADjtq^nI2M12Io5VX#e3;8&{9CO@gs>NL}ei>7N?N?gckLM12;czpzCUJ z;~@Cjn@?@?zrZV0*GR{0Lnuk&Q&3;r-YEb!ozA%0W)t*$-0s$@o!{b5e?7VugT{pY z0|FPMHDhwnfsxg2ch;tEAQ4oZ$a`Z9y8`kK>W)TIWt2HA3g-~V!ukm0LZYsoQ7|MB zgW~@se`f!e1R!X)+j2dvTwavGt5{ov+;;kh)y>QPOM_1J{|m$^Msp-%3%hcUPDozo;v9gP z6I!y`k6)C_t_yMXLS{W(`YP6g*I+})%2~$vF+%APNf(YkEML-e`9R?!VCfryz18g} zv^bNBi7vkyqr5S@OH$e8YaP96LFYnG(A4};6fVj`_iwRqxdWr5xs1{!-oP{*3THL= z=7+s zQ^6nd{8lHgUD0foR5rZcaF~#fro&;*msJjj{@7$VOuIGI^dYSp4h^CE7jTR?qBE03 zQXNS2uRHz^bx>0G*YMFiG@A>KbJ=aC%0F4!bl5C#=R7pgKdbp$1^750B%1AVY|Hgl z9**PFNk_c2{Y_*`)D69FFG}e^lHR7np_*e=Uo1&v@I+uc<9E?;So8Uy5e^EdH=GZ7 z?fcA!XBGc9eH!ZjCgI(ke8H>yzrEhDsQ>r&de8d*Q#?BUyPy^n56bDY`8Z*S%G5Gz zXz;E&EGD+vOmmK;%Y$_XAo%jdO6L6QsrcA&k}iDxda$G*hZFGiYoK7BXK{Q^VjQYn zt-3m?EhYo6%LhBXL!J8P50qr7_>GeJfg5$Mj{z=UXG|e?nTJVaYs=Lv|D}%P%ffAE zGtw)pC9pnN=zdnUz0JOIoYENL7zF2XFVp6D6o9*VJ^&|=N!1a~+7KoEmrMw^lqQ7$ z{+liEa<2SmrM}-(ba=ix3`QqlFp#{&2$oOJO$g6j6$KUS<0WQLNmugD)q@r#<@p1N zK~0z1AZWLxG9doE7pj47sTM$0-40{ZuF7Ph4v?FC z*ZN(dlPe}mo;~*KS1$>zoPL~08`TXj7~KD;$n*0Dd>ZM0?0zwTEA+qqprrrxw)eK5 z^}nZhto~;*#)eLsS2ga;YJVy{=6c#+$sO2!0x@23e6LY_SJm!*Ihyh7*S0I{^HAej zgLy^3*ZUOylA+aJZl5GVS(W>O$GRJ8C0U`l_%Mpvh1Ln9J44h1&^R9XdHwlqpGNXu zUq}B~^1nYU$^YTt+5Uf$$I5@bg|R`=7*UjjIGKP6=DAwCS#SaXoTzm9dUxuhxqtOe ztAo4I@)Rq?+KRqf3lEyO%7 zd-QnupLR?6pN75X^Pf-h)W!d~=}4bA_|G)GEcDNj4a)-mDw35xY}8-XO83Yye>r)U zM*KBY#_Q(4Nzg0xKXsAyqv?Ocok3~-?>_5)Px4s(&rNzg#*_7Zz6LWDS@wY);x%1KWj2ue{+rZc9PhE$3bs)y-E4V6Dp1f%y!ywEoUJwRkugIKJk zL;O2&f&5!PtJi-!oR8)I>F@1qm*RhRp6$OUdFuQ>?mbOU?Ef)MuVp?~`+q8Ka(Y<* zPnD+g$o`+4JZqo$w3d1OSx*Z@XW-|6zB#_Z1fNJf;ws(sunq-i!#BoK7E}T_u3V|onPTjLj z7tXRa<#4Un<_f)No+d^ks(_|Gy}>c6QV##Uob-?QER+9w0(7r6r#zPZKj`fg^}oUJ zS^s;Ir%wKx<3MWYfmsBg&012hr(?`GAmd8Ax&@O+)`S(Oi-c@Z&gU_1w7Fo#a<$1% z%sHkA@GTmhloy_T3YJU??Bl-Wx`9Jn{_lo&H`n%8h|DNP2 zo&S7*?cWL!neYDUk5!w$`qPTNU$0b?tzWOg{gQpG5%_K1T>j7H^}F}SAKsp&$dU5je;oG-vYr*@oz$tR^{=?PD zb>Az|-y3xLyPaOA*X<92mX}M++*hiIS;G{cRXm=)ag<%3p3jFqW~$jQU!=yRFBBbA z(WPd{?T}OxqzZ#w=YA3MJ<;FiyYfc2z?P`oiC@vTdf2alcL&K|z6p4U=^}l;SUhzGG@O z33d==V?0L*V(grfk!;9&(KOzny`q)JiKb|z|2=O0kKXQ}wEsWcdA|SqNuI~a|53CW z+jmXK(Lmh1bj8gYk=-xrBD+7HpIsk*xcael9iLoWnh4%zLf77v^jliP%jUmz_ukV3 zxXS<6+wPU(fBVn=zbAR>{C`(w>>tDfs71z7nc-|MRD1Svl^beM&NpSP2>F-6|ncb9A&>OA%uH8mFbEj!!PHu20V&v@J%$o1JT& z!MfPs<@=+bE_bdkPcA;5Ts&yA=rgDA+8i33>tZHl3BX5z`r!73q(sqyE$0Nx_>@rmFUT=TIyd|B%KkiY zNt`i`=mm*UwSPOOtdzF*NhJ*cOcKJOO&-!rM{p{+>pM?lu#ttFR`h>D0t@RhZ#h?nz5goZ7Ly90r!F|D+0)oy?q3=o>{dbjEOb`$9Us)PS zobJaB-{U00$>a~t6eLF41T&+zgib90%9Ey!DlC)NifNWJ`$+Pllfy6+Dom?j^}#bo zWt3A~*j-8+xx&K>^|LzT+{eMsLRImRGx~u<#uhPr* zg1tFhEgs#u{JRy7--vi=I{)tz0kUfT@AXUPfAFJ*+p?rMtjP!vcJhzX4J5ktFaArW2{UgF)fQX^Li-rf7i76ZMZNXhv0MqTLw zq}TVu)sNRdo&1mWzvYo4l|tn1GGy8Ox5p75H~yoyyI0Qtw)=el$CEsD@gF~%v46<; zkCpp|&H>o!7?2#T$BzNA$UJ%sh|}%HIei~!{2R{y$K3zlF0cRn;m-5=|0Ivy|IcUE z1ML4-PM!P=ko{b>OK(4}*rhL&YqCpUsItykpq<_Q!uGa$bMNy&`G(Ks$@$^M;njO@ z_c8dZd!*#_{Oa)gwD#xLKc8M5{pgLc z%oJ67)MhA;+W2RT9_8H4u;ICzVfDG2awo4({`=_dhvSpuvy-cz-(UQ6d3}2Raadxf zGW-JV|M+K?8q#ieb+|}1Res~m<%c@QgLvrZFSnE4zs-rB^`4Uc7simW?)8s^;(v*? zJ3c4TVaACxRPS~GeAWJM`Tm#w_RjPDFHiDl{SUMJ?pqlk#QE3yDXHY@JGD#! zQW61Z*#Z!?9Rv6ja_OT{TX#__V>p>;gHdoAi1CO*x>%}2N*?S?Qy4f#&`WhEfN?W5 zJcwv2i??f4bsC&P!lTht8G!h0xAo}`#jwrc|z_hne@{x{caaM*bZEGX2?o2oLrzZ#vx>0P3OH+T^~=L!Ozu| z^7l@qZCwd*ibI#u;{u*X=N~?B9P7Q_b3{Xwa5%BnLK`U0?1f(cG^?BCFu&VF(IHGT z`$jczI7bvtkkd#7wN_zK5nfs9$vZS7bn%d#nMsIu=}!Y(n&}C3>;L_4eafFz>wmv^ z|9^jXxcBV;eUfLb^&iG2_wqZK*01?u9mC1p7X8BIQ4g?sTZGqK!~Oi#_g=}%>9D_n z_1vdTc~$qn-)(JgdW%<~F$-2*VlhK>g20ABL9O1-dKBT1Z&o_<-SghY>%Y0_=?Qn) zzh8o!8z9gGL#KQ-nuRchJH;C)dRv?guHtoGR>CwOeTa3o=N~#c>W}}_t^YWgP{i0n zq<>zq{`dRC-ClA1A3Wdx^)%1g>;I`@jK^91HP=1Z+OOfQx$^5;53}yOz`l`H-=#`< z&3C^xSn(YMU#1k#AYJGnK0(rnvjfib>&itMk2)F0u_@Hipb8uAFJZ>XTb$fHViS73 z)-5b!o#KELx?dU?|ND{wsz9MUP8Ee3v`}QSQfudgazoZ4yp&MR8WL9&%}K1UJelh` zQvkfVc?UkC?B!Mb%8SdLmVhlQ)5u6qkh7bS@yI3Egz|S!u^EIUL1x zlG5F(He#t`>S%AN0X2)FTbhT%AG`*E#y;?Nj17t!+>wytzWQDS_1f9{!k^oJ7Tiz= zWV58j+C>3>M$tPQMKQXCREh7P8Z~vz&YNNdBV-Ht{|bQR)YpJYZF&-2w5ZbkIj<`a zeeLc2Z2>u*|4Yv3QrRNyO4tQA*$B}Dal}Fz1-a9(xWC>I9gE6+8_sPc-(D&V)Wp-{2I-bXRdZ|^mZgOl zm1UD?NrSAavCUF{i@t~I404r%Ft4UXp>kSib+^W4;fngFcUY7+h^yQbCFeoFDMVv@ zW4oU7RR@!<%>6(+DB*OG5}a@rcmTUVM86K`{Dae*;1-Q!0F{ZvY1)i4;<_1^2TBn` zPvdX7lY_zz?1yuj-Fn(S#Ew+DZ%Y>jZ~Wz6-uzwb}Q;ALaT=S zuLUe#=R2Y1m9;~XGCnRwPF4BavtKH3@;Fz~JT-AolIG%9HRHRyZskJZyQqC7cM!jP z$z|&~MPvLqP{76KDzGKY02smW1|`vf_i{B70B9lM0^a8K)|LzV7`9J!5!`}1# z&rkA5|L^ynmzPfwICFs)xuZsI$?cvpYl}f-5=I8aebxm)tSNCCj zzGaZPeECg1zhyd={fgx>&G&tk&EzqUXOC&vIGH%fF{(|gG8*5if%W^^2R3F(N}@{? zqmUDNP&Of)uZ2$5mQZB`u{18VShRh&fUZ4*JeWjTvv!X;`H>PCS{0ln(e-E^eAoxeY*---vEdh06ATY|xawT?4W)g3c6MNU4af+3{*+bk}FV(^P2Qi5YCX-K~u8CRJv ziIW`A3Mdr3E}Ge zzv=w$`JRidjfN0|rUD290UIMKlAJalf2DSK|6 z1Ov9%N~dj&%eDv$)Vgc^IqOZ|m+3rQ+lBow4qgpKENmN&v&btMw1Yw*q`|lB1vX!n zHd&-Y-WwY;N2s?aTxhkrSPm`sDOa*x@tje$C)qUT(uq*pHborb1XMX~>z%Gn7j=D2 z)?kX_S%*!#=FDeXZ*?4i8-&tU#Zvxs{^RBj;|dqI{n7Y_%^JtK=SGe_UF9DBY#4@! zv3Ddgd6?QNP{b0`es{x`E)a}U&t&@(JvWtLSh&vRHmq|F6CvVF-Blk~Gxy zb^jhD4%mV9t*G!hNh;KM=d{xOQa$NASDIb3QmX_!hx9gdfpUtI$?#QyxhHkieJj`npF#@3Z4uJX*TeZm+rc%*zq< z8*KS{C{(TJPI90+NX1QTHV@_L0w>W17r&idEoXpqCLb?tkUgpJQ0aoyA8O59b$4W~ z){&Fq>D7*Pb4ylSOsP(RY?Oxl|ntmIEsyGcp!azHZPS1l)uz_YNU)YbPVU=6j7A)`6hUSwhZ-08bw1q-n zzL=Xuz7)!$9jQU483t%SDL`MM>9sq2OrvnvY6V;tr;W#!}S zeX1PriptB{WGb}ta6HBd=DI@Rr5|rmRbe?$m4~oOe#3@!Up?wB2T|4dhE!_ov5NE!oZ)z(hJO=m zB&bfV7$N6Z@iXCgpK3y3#-P59nnBQTvFTU-yT}PmM!^2CF~VQ+<0fML+H$g?c$$(o zh~kybU8mu-Rb~yF)S}~Nwoums_*pMH`Ahe<2=}fwuQjVo_#b6Nyb!#8A*o^nG9td_ z<7MsFtD|!#f0=oI0IrVCTU8P9d5OI9704E|=~P1S+Q=(7C(q0DQC#gUK4&D7Nk+tS zt)ec~nk|t_^vBIyXE3jvE|^z&V>O&qHPO_`h9$hdS@&5iteaZ;)gAz6%TIr^ilg64 zd`q=+rEqfUZpXb>%*0$}tyMB=ZHkj5QaR9?S`}+-x0VRRvJpdOYYJylF#t(Vaa=X-$dz={yTb+!eo&N~0*p?!|bUg?`N zAuctG=>y&1R-vynJJqqKPv?)YT9xE~j7QyY3MubiJ2bl20B0=l$3TSiSo$;7*gU~_Oa~Zch_xN+<4IfP@OX=PexB&E#ALvWmIA$cp-Iyn&aY& zn7=RQ;H8?JR{xaJMV&{{Wvg`3nz*-?q|l**vY=EPgIhvxVge(1Rr#6}>X^#%=uhBo z3fW6YK3f|l;fRi5h?w#?WmE!@F@FNvn|;=q_d8*NJ7E%zJD7CMCDO9z|0Fm8!4?Sa z0Q=5Fxg$LkDJY3!y(mzaM2B%Yg=g6e>{Q)O{T!TlpJ$o;_wuCQV*ywx|F=u}|K79w zf0{>4j_Pu?zJEtuJ`zwmhiPhLyhfr;^(77mAaIY$*t;FRehpeMO$)Iw zbLZ-qGVBWV^Xu0NC^MMA35wdIg?~=xGS6CHXB@f5tCm_tH8#KkFk)bX)4F0)A|`H=(0Q)ZHVzA|kaEs$uScw@E zcrpMb@*3NfT$69qIGmHL+TN+y+ED}XM(^r85XY6kmAS4|q`-NmgR8ku#n_nY#d@{v zwM&XXew)!9f!UahLe>V$0jeE;4J{@{RhU$lDK+3%%J2J=7lZmRUM3|-OVTRZnW(BY zn~y-xM~BgcVAM*XU~|dfJXRw@sJA#3$ z96hBy`OT`F1^46c-&%wEeLvOuzh$)UwHEz?=k96mObY&>NgYr%Wsj6ep7)cg}dXpw@&WgW7D5 zYb4|R;$|)XXahqjJfstyu3W!`>V=Aap%WXK?)6v}@^!y^^|5JG&8jYXNap?f1~IKi zo15b)T%TcCdW_8mqVdRNmz966Q4@t3Rp(SV`pnIN7w_erW1lM8i}4tRi_lysYJWat z8ywLYPE_`#8DdOKamc5duKCAz`L~18;IH3=BP1#s$>mF3Gc5p6GM9w-;)U;%+*Fg9 z?!Ce3&@4G*9~h$UJT@cPIsb5aoFAevf>pfL;zfFP56V)e22knNS_AUK<;lhM!$W;2 zh+q83atr_6;pI)MOqZNzC5{lAi$5#4L>xcaz%qy??0S3=8ZeH z@hISZuBlo^S&{w-M(>k&aX|=wgJZ-NjH4N-8VzsA&PXDvln3W>_xj@G@c8=u+1vlQ zzIgw>z*Ip$s6|wsILez1VT^t_|4?q??BnV2>EZRq)63KE-=16_pL{$$I=L*gGbcF8 zoANFq@t_=EoPIpHxIQ{OKm7jm?djEN2@;Is3Y;yRtN(2_kXQd(9a^`z@<>C(VGng8s;;jpQdrKy3NmjNp;aiS{=RDkmDSd*{PA)rcKKwg+R5e4SgYT&A?*TKmgG!{J%Kcttk~5DLpemEtZvYQeeMvtTI- z@pvH{>?#mrLP6EM43-f^{*99P8+{qv7e7E(r7=6nrBGYv#?zTY)pG}Hw`NS7ad=~I zqSH8mj%~UbHd0Zw1@ypGWbN0J83?O>j3@74>NVlMt!u?Cv%H}d29SPF~c(&w#NM(3h4oF>T@Q!4O3s28)_oF>2o;OrCoGVbLWQ3}5w+ULie`x{m4$%o> z(lv8MGjw)%2`-Ng-=2U8N)Uw{ML?(oI2jYwRZ-GrG&eU}$V4bDpxpdg0_7hMUh8`! z)fq4S}fRi1e)k*I9YDo~X! zyme_*)gHw}LXIJ02Cve~bscIfoT4a;5w$tc-52XZn-a#)RA{&;;rwjw85Na`@@f8V zfQO^}MG4EDg7$~E$KVz5)v21kIB;~5uQ!-7{xjy&A63bMwp3H0GW~@UVGhxCmi<}-RA6&&(h9C{6YB9END>oF%ZAohAAI*5Tk!QFXby?PV@hAf$`AS~U=wSdl$ zThau8l!2C<8x<6K4Pcszf)(GKHmVG2XZOcAVM;KXEmyVt@gbd17@;zMWcGvmNx!Y* zkMid`@<$oaefXmc?Kk6(GAcQLRG_&wf0SS}=8t?bx#9`<)8G4a=eh4ex!=V1K>dcZ z-owM4@;-uhnC~utRf8F>xvUfdO==bwKhhzJq@4rf8YZbMP|qql%a%9BorfR9r5gjw zFwe)b^7Hy5S_Nheo1>BAt>|;pZ}W(Pys5^D|6z=wPGRZ%d_XHIArZQC^5eO`AFvtd zq&zi$KOlHcQWBHN;xeTOMn@!JoI;!^JH7VfgCY+xySiyJ=W*Os$dbw2ZRPFYlFk1M>-s5Ry@J_G+GBb5UbGeEPXH9})T z&G9(x=uytcrt66D653m4CNhf8iAGrx>t`zo_5K|4soJ5po7n}?s@D3DTdLgnBUrv=H21N>EZGB*FV0$yeh?!Sv^4o&HRKGUdW3HdeKdU6h+MWc!L%P zAdMkT!~j;ddh!1K)%E$|<>k-sFODChdHtoA~h z_4x4W@cYBdlS1Fzd9Trz{~kjQM^Gv#O}ZY&IJ}vXjG?;TAH6+2`sv5_A1+U>&ri>O zxGMqjhN@|RlSu<~8Hs5fqL=UAUfgSp1n@NmNVa$M{-P9Z?F@~?SN!LQP$@lwGKiD2 z!|&goTpxb8`tjuK>h$RF>h%3t1CS?@42Kz?qJ-m6uH@dR`{$;Y*9#Vi1(g&%Jbrh2 zcKzY<SoOIdLpdGYB^XIR+ zAz5Ms*%bWkZ{MA~fAgJwkHRSd!C}V93<{#g@dAW|QWSEbM5MX;(dl#o-}$U|&Kw80 zC^b(L9isUL$NA*cw}(^|)@ST7lLdp7B{{^g3>I{5d|9U-QtzCni4HaeV}WMgH#`Q( zm<>Ni^m>B$7=|(UkN+sW`V~wlN!Z+Nq0ciD5dN*OsE7Q05O2!F^!D?k(PuexJ9Ms04WdYMDV?s0EL?({9HXj4#+w1lO-I-w(sfW8Z(Muv;gf7t{v(ik^kwe_Mkmg zR}m>(94Br>0E-by!JuVcB&cE6Yn1aM){6Ggs6(^lNGAYS!TYEX4o#kB0!tIOG|7AX-#fvH<-3@1UK4;H7U_ z2H+q65S>uIdu96_y*-uc^XpP!gN-iz_VnY)>oJTO`m0NB5WEy$f*g0-F^X795{6#C z+;CJ)063l@l5x;xU>gh^`l?F8Rt;lZcn`!3F*ph`2jv23-sATd6$PxJq@GRtHy(q( zgW#n>H~_C-gW&xA*$)BuhY(KXk8j@}9-p5504@Z&05f?7s<|O3f*gva1t(yJW`r&R z@Q=b$1r$9w&5-j>O~kyZ(kIp2h5Q}~(T@_@Do!xZqaB1&%s8Y{l=>-9HrS>oti4sH zF#-wUdUQqWolXZ_3Jw;{iS@tV6DEk)4$wT_@7Y&ldk7Cq3{fga zDI`fEv?-FXpdl%$?0L(|_13ZCUum)ynNkrj%xDbSZMj9(ZcAM~c=@Hmp8Xme_#Yf0 zXFe!_c(DI!f4eIX?wSwM`2QMor7Z0VdU}Ik$aP6#3YK$R^)M6%!XFBk>&w0Vwvo^0 z%@;2lhj>ojziHK+;wx?rEZ6zlHCG-2V0E~IN625o;s zt$CWLw#&5gthr*Ro}+jk@@cUDOGfw10=+8#b8mN8y8mlu@Vx)~6pxDkkz=f{1I8o) zF`3}7`EIQ`v26EUQ;KJhE=;m}9qe2T_NfX0jq#|HaU7dM9SzFfbmGE4*O5PgcYju~ zbvGEvsiy<5{lYqis2OH5F3#e&q0UJ=_W@UD#9Z1#l_i4(MZ7jQD}y>-O3KR%jRhHG zEK1v)e$)$?EOMqprNrOf7PlIAcXL}6Dn(w2uR-AKyY{?TY1<0;`c*QMxBsePh8g2z zR?PgXzR5e(el?rCr6A5?JWOF>D~`E0(r%Df5hb}w`32l94YyQq_~Gh(P%7;9LXO01 zuk}30r>d1gCgf!hmtyN_zSYW()3N+MciTkix_1AI_)v{zFy%b`0r7*NYS4tY5<&2S-|-~(6y5zq3D-L> zpeW{Mnk)3cb33_CsX|`m8egmf$>h;g1Z#ziotJ-Rf6V z`pU6R%kPMAz!xUKJoG}1)wDT^A)Z|sL0mPCqF&K~=#An=u0sC*?EPzZ+cx$njQ6!a z1&*3o6Zcp$sjKBRo&Ry2H1(M@^*>J1=Qo{M4Mai`#uUMlkQ2?M&u4!YZX^H_6iHv2 zcFY%vMFM+o-1ZF{8*)Go?RGPjk%4iJXZdRfh2haT_d9tS%K!Vk|9RrihNbf#lhLF6 ze~5?s|MtuOroO=Z*tT`ZLNPvF(z_La+^Q~K*Bo`LVR{9}wuQY8TF89y!SHI`1S)}8 zlgn+Ml=Ka=0UvQjalGPe-ej!&3hobZmw_ZjOTH-$%;I>NpRmagRoNO#lzv@@a?c%H z$6tXT=o+OTaE5>&gI^Vgz~#Ghadgi@Yqv12x}6M|$q$}#_mZm;S76ExJFR_Bt!uLy z4vZ7!VL5?uY#%r+d5-RgCQC_mp|`tvNmAiquA^yhjVgt;NVTde(|3hxB7C|5`_o9= zmScTl9bHsTRBNe$9@->y_Y9}za#L@OgIcEMr-Ry{5N}KFrM6c$Fc6*1eA|lwmcWCsxxUDzm zba^K8d|GP-_<3I>&I0O8n_F~j?yE^{ATIzoG0S|{+M6e!WW3cjIzJ>Vev8>!Y|Lwr zE4LIx*N9r;?^pZkn(A2W znO9Ih1>Qti4n+?9+&q@^#S*yr=h}9vQrxvKOEPluj&t_h{szTMbqXb3W@^yW8ZlucLZUd^rp#WXia})R>i=yL@@a%ZOfzLb@Js-87NkDm^srSdC!7)C zQ6JtaQ$ObtoQFnOheCTr!EkX2vrLAONE{+RSwzV7HUYgGzXy6EA9b(l_EHU(p8H+` z=B6XFNe3aMP^Tn6J=i-0pTJ@|4pES^NaH$$0u~z#o?7tLb^|7!#Zil_2V5H{&S)4< z?@u@Vf{LE@#XQ212bqwRerKNfsDXES;txl?T6oM*ucD8~5}Y0%m*MfKQTvFAg11d0 zV8JUOo&M?O|5U*H(+wlBVj>lP=I2dR@0-|b>uP7C1&#j-7eTqrJ@)!ESXZ}M(rCB2 z-|rv51k1ajPr;3UaE;^e6o@H$ut5~Esm7EVel@ig)LIpf#EbN*?ocRnXKgk8`s;y$ zUNMzLaoJ&fQlmI9Z~Ms4IG+OD$d~iBrVg8jdOdyuNX<=0Jshu2f%WiuYz|h}*``sc z3a`WFS#=dYj8#?muvgVNFwMyFWD*Oa_gJ}TMMz=FSjl$ajd3DDIwH+En1}f%Nhk$DlCxE0Yx#X&Z?wB zxh@MdWmW@~<8K1Y$WT-P(MHO(j&?K}a14A6ft6@%ueq1Irm|3FYwL9^cf$&7RW%JK z8drpPU*u7@zeKuHEwP-AM&6WbtM(d`|2Nd6ty;Mbt;WAfQ;SKKwWIR?mu1n0gy?H| zi0Q$pwscv8bk5E=rEZ>93)cm+JvgD$8j$#_?3YM7O1aTeo&$H&OAJ?^pC7LxLVS1t z0wnM%66B|QBtrPQe@NgjTjWp%C8T^jH8TNNb^@r;DQz&XC6mZOXi?$;&N5k$MVPTUz{XAHHJMx7Y^z;GPl}4A#sQRsy`W8Q$R|M?)#=V$-PG(5Ml{{)C?`>&kk=fUkiJw@lO>^}|AZ)N`p67IHtbgRp9E_t1o9P6XJu*xda~H&8i84> zkr7xn0UHp?>_DDT=(nJlMp*}nX_Wmo6uWFeo#?8Wa5van8n%k}celTJ3)%v1Vyp=W zIjFA2ng!-|#+n?Bmd2Xi7aedkHr8&5$7QTF7~ziCT-Ms1W2`pUerpcht_=>G?e5vi zAIoIB)2D&`r*d$1HURh7e^Y-pw&TD2+2j7-gFK&|{ih{=y@d&ArJuE}!0I%&4{ZqE zg$>xu{7Y8%Vf+=nxYz!Z1T=*v|EvRBfqakY<{-BO%|_k=Y!%&|4a2<8DvP+!I&NY5a{!fAf9d{@hc@`NTPJU0^A}+DnEm16f*Y-; z#l5pVuV?iK|5rb;bT`fc^B&C#1KupK$H*>2>ta?{psX{O_t?7}nywOv7t_&fZfFBq zH}BB_@&Vgx;jlK8tQ?(;F6g^&nehuy9SiYpthHKT4eTRcUxMjq6^V{)XT@k_w}#); zcDW4>m&LMgKszCF*(oiMJ*tv-{4~)2G7_b?QUCVle;t+X|My4U_)-6Ri08A@|M*Q! z73yCz<&V{_)cx!WpdMQFD=rci`3XprcGCTFIE9wSUe#^y7`O^mDX*q!ae7gyc^MZS zSEzBucTk zzL@BT-4!ARK!7pSA*~zt%6Q(icKVPayFK)#+E68iN43HARLcJ?#nJK4aJl3cD%|q+ zr~UCCGjD3&|1|O*^Zz`^!}Gu2;LWK>>xU!6c*oZp)-Ayror;{F2V6~fjp#Ow0R$OY zQV^36orx*36G9zROyYz8{HIDlYLkgoWXpR=^J|l?(XI!2-~RAJueby0X@oNhdf%MA z?y-OW-jlZ=)hH4UB&?Q5teT?m**3-T>MB^Ha2w%xb+L*`{`&bx6l{6k@B;w)G8-$3 z1EezSZ6FQS&p#$95?3vs=J_}K;2Oy!=GRE(HdhZxm_kL;Q*fc*YARZKTDnO^hv!K*gojyOOCb0G;nkX+0^i_z)@ZI_8s2s^8H{@$O@V~fQYrSD4<>_f#qT#G z=^K=)oQeJ4(}>oL;q8VmA33)6drXG1WpiKSs9y{r)9K6Xq#UiD^|LV_8E7!IWQr<% zC7(Dg0gFloVD0WT$2f4#n2=D7#WDLkrnuACBqX%>WI#3viBU}RaX}wx3cqJ__@y#I zr2b@o;ki;N`bhIk)y>9CqaruPayksxat{oO4|&-V9aVBExRc$0c-?S7^x;?AK^_1fKA9%5qGD{(hzvR*|IDo;=?V=_OiEMz5MQU z@tx>%vhm8h{kp4Ibsg7S;}vJ2EU&hfYpuyjt65ujxvU;c5fRAlMi0>h<+7YV7|Y4g12O+s*BtKYQ%|@yr{R?EmTG`Hu&As#i*WOL35f12G3QF|*u8kxH%G z;Hry3Rq|c|^!)X+T4(&Z%I0tQ<8zKDjI%O>v(lI5^#1y5KS;yu000=rgz_80B-iY% zQM4Ik>*F;c*S%9_`uB01Q5Z!>{Kqy~r7%S0!hNBE^iDyqKj~F`4-pS5Oh|--UGEg| zm)SN55DHOvv_MOeqCS5cq=*xxdGOUe&XBH;z>~#}A}*>2-{J^mgBKB5fF5hq@mGT# z+(bR)MHf}TCqPrYxlGX#f0PA#xrk9f_)XZXw8Lj^kI#Zhu;YA`{x4blPR3_^SL2f< zC}4yszA3K|kZ*y!P5=k!EC|Rp*6xz1Xe@h}w1zlFsi8C1_K|w<2CigR%f-cnctE2I z_QBNE^$QwLEiZ&XW&!7lT5$>8F`~h7MUmnbKbmfl_L1=f$R^28JxNvXh$~ysj{VVJ zvVU`^y?-9)bhhsc>-rD%?5&$3CI;vwp981hhxl7@-EV2?rwbSi;FhjQivP{$!r=OZ z>q-UFinbX=>1z_9(z5v7GNg1HiQ(u2nBW&F*(MnqRG47&k)oLU&SY1}QA|-rwkgv~ z!B6rI3-zkd3)PU{pmZS$GK`4LiWQ>lKc?rg|35IM!~RJ4AOF1N(0qgA5XY-O&pfAlvd=aO5OVo8>x_J7}=fn#hKly?Fy&!H_lnh<^(KdGE7OjQ?|+=M?5G# z78NL5S*6&UPsQz$s$_B9-zj$tS(rGW+I<4ng+n@QE1c1ECxgiV7c}5$h>{cqkfQJuY%>H(FmZ!mcvwFnlA?yS%5q1UbD{Z1?r+1xVi~GJ;&;O}X%KdYU5RdBw1t!nrrcA7 zMF3+~-&v(jzVj~A9r}&Bse+`t^YGO_HS%A&-tS%hdy}yp|1%x?lSldg5KjyF|F?W= z0Av)#AxuLV8e2ETFT{U<5jz;xHg@hU~xEf~R`_3!&LJO8iu82|S`4`2V9 z4CV?cSxR}#CjgKW0ElaFLEZ9E`vz*xND%r~+Y=due<6wpceZxlv*z?>#2kSq3cs#_ z%2)P<>k6-m^mkv}Y!kteIj@K|n2}1{in47)Wz>BG+RHdC>KV6sDs||*Vo!D9VbMA@ zFjng%L0`+ZG;WF9Dp&ROdIijDw96`*@Cht&n$Zg2CV+?1XC9w+PXqqXeTcWw0{8NN zZ*1@XPDYRU-yh^D+hBsVutAp$zgAyT44+Su8g9?N@8|R!tH$Q}Z=1(+R81MYz3 zU6E@dtK;gthR)LUe*5kCxgh+Jm;d)Y4fwy@$-YPZ-}e6xz2Wrn{O^N2F8(hEy^RP^ z^Q1-!$PK*xf7@`r8SJyakUk;*a$- z=l^ooy@MFo$Nz_={NMi6fAs%6$g_w4%R%oT2B4fS`=x;_*;ptjn#!_4eQ}5gHG^A9 zik!at6&PBxTm&=_9|}r^6ge|T4d9xm6%5V47@P9dNeojbAZ?z4$kN=OxcK%1t zd%XYeVICL%XM+xwBn1$x@C}Mp?46VZgLW1HpFuT};F1;C%l|n|jO*X1EVOBvDe_W{ zS-e2pnz4&xJsx-(q1c3VsGsjyLL7moD$L{+0fJ(fBA^IlU92?!fAs#8{iFB4dO&sD zE4V?2z#yWna8Z3`Hn>iZ@EW@K;2rv#3k^Z|qo}y!r;h(qlET$3{66a0$N$H}i5>qj z^&kB|5Aw8+|I|aZuEZ1p=Ml_YVOMGz1*}XFYb8_1p*TR*VW3(8Ef^H+3#qcu_4QnE z8c0=+Q*IsveTseoy?)PK{LtW6`Bm9k331%#AH9DVoLQX+ z#iSBJuZ2M1ud77?f7K?gwv5Hncv&MaGR9I;9ItxPq_DFr&?Hh{R5}G+y)TkhnpK_- zRPF{!{s(TN!|K|fMLNQo_5T5;F^*Taj{x4M|1o3V(*I_U_dh<&(_;PqDCPrz3$ms1 z&`L_8h#y{ot33-ppG~sL8@Q@D{_~m;x@V170@T$#p8mx?`|$~+XoWt0i{lXV`sqLZ z5&rKdpRzR^PNt_l&Q^Xrd;RL-)r(W`x@a2+5f$fCp8n@QKtFWy>#wKm4J-5OuZKq< z;YSM@Zpk1q1vmp4O-a0pb|6KJe8!YQKnZ|11c&9m%mC)8RZIpJC~1CG}%B zzco{Od>-tnqub#j8`J0PZ&wjpo{`%d;`SX2&-%{h!Cyn9jUE+@@Jcr3y$PW|pGgie{ks!eN znFDuz4R?(B1Db+{eh6>`Vt0(*4b<+&M{af4%KD^-;-++83;n;Vp#lT89s z1bTn@8u;FD%q+89ZK{N#!6{n(HO~O!7!bn)mIF;{3722H)0}jscHfT!ZP!UbbTK8# z6nZvS?NviP{t5(SvtVqNb=HRzQv_fX0e!784N@JU=FC}QF8E+T;s8>U_ZpnVqSAn& zxS0)vzc+b<%>(tpdQy5>k?g;QqktY;Z@mIe-?`eKl$y~J6AZ&%4yAVKMh z_X=;4sN-JHKKtMIOZPwe(?|X9K_1R&&Z3BX02$dJz%!JB-V$D;9?-X7NWwGY@C|Fe zZvkGsy#N`T7I=vRo}#9qhG^^>@Of3}& zo1n~no$$W9+yib+GM*)^XA+trdWq5v7U|{1I&uIqi}v=_E$KRnf?6a6na=Xs$pQD+jYnNz*7R*%GRbMqP9Dj|V#Cv~XLX-=;QXlJio5c%B6? z;*zig>vQFmwd-G6sJGGmzG$%i$J3JkZ{$7h|2)W3tN-PP!0t}>Qz4=I^uCgFWRK2w zCE?X-XfFv2zkv~q1C+WnzyC4~r+)o!lO#eL6jK<9l&|-4|Lf4c|83}xJ^yk2Kg1)} zf0D52t*-wl54+5{l*+Xof|YpPaLt$C^@>>F51*cUYR8{FCDsh;rg~pw&ib%>V$8CqqL7=ic+RCX)TcGa9r5}y#bmA zlaTPrQhX|UrMh8XcZFg(9pzL=(Jx!xs8v1`6+mjWLd#cOp{5;bud8DK4=V>sjWX~( zF!aE1e21-J8XS6Y`L-P`Fde#L5=AIID{jbO3Vc(puy6g(#@6|d;npYBOA1W#AoH zPfQ)w8tba41bP}YL$5FiI&7m$v|9fnzjd3X&!4^e|HL}~F&sXg|9GIMa{U+MY%hJ8 zSH1PB=ZVtm*1G`Qa;ZlJo%O3+gWhg|M{rTQz6AviRPI#`dMed@VTukGB4+$60WI^0$UOK&32qhW8OI^|cm$qciZ)fL z-c@m)=AEKVp5sM*cv2>^#7}g53`Ui*U~v%#)Dj=j*$4+gH;K5c$U;;i*wi9;Jr~w0 z`dEKCRRayhVbSF}oxgt@=JDzNH0S>vmA@wT-_*|kI~-0Q^M5_aQ|AA+@@Kqm$@Qz% zz7`DM&G8Kmx?g(~0QM-1WoS*bMT5^vg|I}Sp-37mzFuLJ?7c!=ECAcC&tt!63TPW&_hB%l7BdBChs*cV9)me_Ru+0lP z8jKCrzjg$pn+>?n{wv-8G8_+wkM`e#JlgtqkF#J0)!#du`KfaO@8Joq<3KL`pql3W zib4}7at-X(YJ+VamZ-0?5o-u=YZ5L)(ZY2bo#OHN{XFgXe>WR&zyHtX|D(tJ9}o0Y z^MBh0EPd+0^*h;ux8V18WD{0HyuDqh!L6_jtFgAS4^0G*{QU8$dRp@TPCkHr{J)(4 zf9Uy-`@awJIQW0g`7hZ^!GAljeA^X}ptO@Kz$WeUb_b|d*0}?kwOczZv8TzR9nEJozY2aWn=*=Q#$X?+EqFLEUYPp9!|%LT?(?X98~+q+4Z*bCjQ@ zR?=wwr}P%PzYX?(O6%X7jvnRzgFMFim*cF~ep-LN&sg^0R2F%3;r%`M7d1M6zI&%7G8v9IzD&@8NBBj2NyK30G#c^q^2ZZ9J*V{tZq z=Uu&T@zK%v`92N!zg(yH7XRaWz8(MP`~GA6--A3F|JTM@NC3s4+humD(EJ*)ZnuPR z@b0dx`+@ypReZb2+0rLjdQ;X?)tJ=t>)iU3#SNaFr8l3YD*E{R22Yv)6BwfO_-7bJ zx4-#QJbUf`iGBWmGJd@O`C%S@v(xtw#{k7N-6aIa;@)R18zie^J^SxE)DuQ81;%vZbi^^5%X9caio>oorhC<=%R}uN{@>LV!Sa*jw z<8<_FQg4!2q&?|3q3|Y&n~|2JWJ4j2I&_|@+N$eRrDoK{h-Pa-Xb0+4)mGH0N_(jL zW{V@0Mk`+8)dnW}XL$lY#3&u)H5d-(>@F~5C`b`)3|w?`@gHAPF}6}c0%0#HM=L4UDLy|bYvTCpki>e%MyXiFz#8Y6Zbr|eSy77Z|W`kVJ!5hKdijwX-$zYp^8{hv2$oaL@v9`?hGxs2O# zi)f3uUoYSNdB*3)6{7jxC|yGeV2VJHB1lnq@Bz~`jw|+%YxjLk-)O(zKY$5-$9NWr zPXSDl?D)n%xW;jKS`cxtK@^6N!qWo)Vz@!4jy2A{WrO85ir8OM!Nc>Q2w8z@XNS#GuVc_UOG)kFlzU2dpzp ztS6@PolgtLaizQ<*gp;ySS_Y4pSuRIZe4a_(`1wXQcIQ4p7IjyYA)4Kt<9o@gcT#K zf&8r*_8mVi`JZoh-GKtINB)ndv#BlrC)3CKUmoP?BLDNbapwwvxgonp1IPu)~R4!z2BHK>I90zVcP6ZtZqQT86wBUsx*xp%fL02HFknummbN z5EUMtikRNYqkZ|t%Z0xe`u%Ndfv%&zb6%dlzMY>=zx~q7g1+2HPlkEj{i9Ere~=%t zzRYD@%f;Qr6haKbwTBtCeO7l~w^F&&mFfgdt~{3Uaaf1K7V)9`PS~vXVK11Gv%HlF zZ$ftY;*t5iRcPzR%uDup?VJ+&Qj9%r|Kv0$r8&jx@J>Ok92}FbRJ}}p_&co2b5tlp z;!Rg*me@e5dq!oin+?-KJK=!&_u8&s`FdE!vf&kM6QDEqkStc7+d5q?K)nP4noqn? z32Z7bl5o*;Y!s0eN`=o@eYYbh$`7FO6Xc#RX|!`OLc`L`4YHuff|0&!h0$0y=?+p# zt@By^^=2Um)CfoI-`aP6ZJJeRBfCJsAMM?+yOjl~si2p&TmvzV;a){nP`G z1X%G8)hE4ofA8SKUA^RGu>X9So(bSrzK0AtWw`Smcx4>7`1tvoRwIx;Fzo+g>G8Fx z_{63;RMZKK#l)T;XeDwt{1*SHlmXT-OBj+?9-@#sF$;bRji>tEIUx%R8^YsCB!%xc zgiKTCt1uZh_b>n}rHn%)5U~`+a|U`tE$dAqC}R$F)9b(3GML~|Um<8GU%Q$VLH59Q zK4M0-8?X)UUHz*S&z*{+fX$n2T(}Cl3XI68>J7zRsY3G8faB~2-~jk`0l`212)l{9 z0_-H69o~ICLwH=Ld;^$W+$LUEpcXy8GK*h!NJ<&nN%q!Kk$eT{nn;1NCg8Sv0$U&q=vM#{YM77U(e1xMK(^Lw>$>ePiM`zd(tj_w-dq?2lwDJY+|g+%yL$a+Qzii;3rmJ=tU z#5O#aU&SVVx#vCv(?fYh$$`SRC_IYF!W_0gtuoH6ruz@WgnRi5P+=PESI}?gh3^Gf z_y=<#ksD*IFg$7&aZXC-4%wq&u6)9cCzW${C6Ab?F8yjxot7pyVVl3@RO-T4%%F~Fi<;`H=|@(GfAtUa8K^QCKycR&wULOD|9Gl)5K7um9N z{O9elGSggt@R1tRqr%&W?a#0=vx5PM3bv#JY8 zzZ(hA6X4r{^ZSPQ+b{m)&$FKh-7r^5UW$3;8K42{Lkrmzzb z376Al5019l?g8QCRc-1=YRE*tFfcqr&=bu%*u*b6c5Bz}5zmVE(25+0%3%hlA+gxdMoP7D)J zpLz4N+a_(Lj`r**HifMokBELo5$tVbxFB-gOCs4|^P;0;778bs^K-0hrZ8AHl4_cu zz8!O4LDJP+U-S*$Tkl^z{QqvgAIg$OUUtGfs9t(n^)Knb{AFVPm;sFn(Q=d!)b8WW zA=RP)R>o*v&4RSio)el)(kie2H1-N?Off0IT3OlUq0C}5SIv63ik<2Q6uB=$tK7aSiOcY!*AH8sO;$T-KMi65AveoP_k zpCJ-aw>TsC?`N`-cm7c38^-U8ARfIyX$eZHgXlYQM$q0c*2q4?s3L?B>iFJWtQrM2 zju)g`8NxL-MD`{PFkAAtWZPm=Xm7l@RtYVBx@LYJ9s3Nkk#^0-X}%54T=XAssStVbs#` z0Diw-A%cc_7L2}XJ?sDAHu^2jT$1t80nzH)cggl5iBoXDSjPKEz;$EM>^}CXgSH#^ zC85;9b-($+cZ1#NM~<<9qR-@-K?ISIMmOQY*oW`dQ{*Q4;lkK9_y?c9JolO%zVUxw zUoJ(R(EGVFt_His7P)@DZx7;oJiXz|md0It6Xw$Qy=GD>BWiw{Bz!&Y?(Wj>lPs+8 zGP1q_0{Cx7x_Z8jFn*3t(D#7xW8#0kI?Gxl=HTJiGU(c&%ShobI7hXHrsD##xq;V6 z7(_=rr{?q-7zl6!%Y^MXF1?Dr>^OwoY}p=uO=4~h~XhD&bl^!g>J zpnaqH8HfCs$1klT_yhlh3t!jj>~nyf8U=zx3e8?T1H}sC2uLa2K9tdi4XhO_YTKvU zD7sFLbt&(W;M>o4Uy0<}6wBP;prqx-P3+(DW<}KhP8=Z{ zOY%(2sy6l8wr;2(ygwnARcj31viIw1 zDbAo!S?xr=ncY95T#v^F+fI7uVknAWvNUL4k4&Dd)?G+Va?@h=(8bbr3z@EiFV5gr6+)#oEhe#m(1ZPZv5KF&|2uR)SngZQLdaw>(WgFjR5tE%&#NH&BKm}$*K zCt7WZm{qn*l zR|7yyU=ay2P8OmMuP@7F*$B6NZNVHuZTIY~vv5rX_cJ8x=YK5Ax!czc5$a+jtu@v( z+R#L*Y~M8Ql+2(RmLLw%hdk-cOb!|zW_~id0R43jJej{946G-8v)6HrG)B_zQ#-(u zEfQ^3;w-Lh%((`@ooe=+U~oU+8lvdA+DnJ?dSba=kTI#Gqqj;z)%5qy)T`|S*&dLqa^LVbFg ziiH1pEK7Zx{I_P9G%aLp$k-e~IM`_`bZNXUb@tza{-31jNh?Ff+K9f+_BGD0v41I{ z6XWbI?l0s?sTZb7Ew(rx4)YoOu`X$8{>9H`7r3}{#|{&mEV=kM+FqMnZRv ztnvAaUV|I#k2|> zxrzH&wn@dO(1GgnVzO>i2!m5rLAbE=Qzv9;4xZIO7V>;w!a@H!c&^>n<>}yff882d z8e*r<`~J9m?T7-LsF&rt3EQtG;Z>yjqo>&cPXkRdbsCCc-5~ZHDFL=FJui_I52lGM zts~0o$qGMWJ7m8ui?^uKa~A)CgoR_dp(z?ki^Q-Z9zBOOevVwwIMZVIaqGlqn+OA6;MJ^jpT zd}ugUG)?326Zw=doai%kYr&4Gjn&hLb>Q}YDt(DzSDH+Afa070?yOeW&4eh}IIhOM zgrQJzaO|g(t#uyTwPOd}EZk_<#f-UF8ZmAr44V};_zkGEHGA8eYI{~VnuLcgv+$oS z(0`D3q>@Y8b+Wx1Rdxd5FMC90C!8El<;){^nmAs@_LsIDHGJoj zOJOCVg-$L#iB&!BUVS4IG9|;<8`G@Q<4(}OeGX%rfXM6vh-K>I{a_FwE}F9abG17# z+tIe_0EO6EQMTrE?MnD$l#&WqSF6E0WI#T}l$Qg}DG(>)VlCMmxnBD)x=|*p9`!JP zhnQH;l|pa}vjLSI}2tz#pYI)zJNgH~0-WPDmW zY)-W#2d1gV=v~6qw+PpzJORgkvAs)KX6Uu<=sG&S(Cq25Fh+R)bd+xorkm4^*)f4ws#je8Pb0isARpg;J?>e}?OUbWr*cXsn4u+j58~>P@EH@@=&M266 zG<&dFtsJjamrlW%EMHVldZsd6V2)cKu&KYGy;KRWL0qlgI3Jt#=)Cc61_YI#fyP3=L;;*sKj&=py49E?v;5@k&>FhH5;vbHbJ$q}t%EG_4V;c1fIcDO*Z_2^APG0A=Vf^bs^n z?v6-E90&m9?1Ef!8et$k%;wC*Cgy4)Uk9J#)gNC1lemq%1ruMfqvZc82Rsbv+|*Vy zn+qR`Ts5WKHHE9*w&IxGrFoE(EjfWZ8{q|!%(}glhl?8cs?X8<=2ZA>#vYmB?Y0Y6C zWt4rH=9aC}apUt%6@$UH^$kVrbokKjrELQfuMS)T{kMeE$j$4_e=s{4tpjctcQs$9 z<&={U!ZYXadN*;lnf=9E6)^vK7)zNT@3T!)Uz?VVHIy$~JkQ8IIbs}lIaq|mvvbFx z?@p>Ve2g2HGt?V2j=jKD@u#i7VV(gcxDiSp-2gT zNLOstf0SI_K*GuS93l>Npe!LAu563LoBzLpU7@|Ylt$4+9Q0`8?Us?(q^S>DIqMU3frkg1%L*bRdCbKcvA@l+Wgc!ET zh)$4>q18zc|GSeO&j5-V_^b5XI@Fw=KT<@wQ>#Gb*KQRcxQ5W&jVvN%g%%H5W1{!( zo%YP8EcyX5gO)R@31Dd#XsmZXgn^Q#MSK zeHJsm*LkGdgwOWQ?b5(k#eNNuspl0|xqm>X8o9-tSY}HcT-7*e1OAj}`T89`d~N

n+7-R1Ri*t%UZK1MbX1v&~c;VtfBi+f# zd7f_8)_EW1Ul#XM^|5YC^>MQ~rW%_9T)6QmCMl&(0RYl;jhc;HJsiI-`iF+C{j~JT zJ@@9C`BXlQc%j18-n@M;@#=YzGmYuxz9GsTy%|RS6DeQmv654X?B(7y4qoX~86}HE zhzID;VZ_`fLHx7tUpAX`V%pR9BhR48+;$xCINWyNbBMl@T&d?}9C;eV(e4>^VJ4c1 z|M`I*k`Leg-sPBS{>yf(LtBp5nN$;GhWp6N2vO?|#8Ae!YMN{v=`#pPr!Y7aEak@+ zKd_R>IF%he=5pQwDA2o@ys7qmQK8_Dp@hM<*?iPNV8h3@zlEHmj{8z=t%KBJQQ6ayk z3_7A@C8gA$&!!9J)(JteP0)afeUFdODMmT!iYbaM{&Brn03+K$C9JHBnTa(X@8va` z$d{BlZ?>PzryTaga#hJID|=;OX)fOl2+m#Vb>Mb!WpS-+{C_n~h=;P!r$aeGW7fK( zxz>bt^X!XBpA+Ke<%su+z7QX`{SX+%CO7J4JKLA78bPo-vYAi%`SwjPzf_vCBae@S zcb@JG4&Rf77vu%VJgjVu3y7F4DlbtRJ5l=+CT%jfB+vP!;@oty$3cb)>exA_TKZM8 z-E6@rz@N9G)Y8N7ti&3R?RgP=C}iHU^$Wh4d=U#e7 zpu%d77^<0vJ@=#YeM`z6&Wezf1w%s#4;yyYm3`*^wK5sKU^eLFz+hwNl)}q2$l_py z_+FZKf%(~`P)osWPRWpzB11#S`%-P&0ZndM6AmX!s+we!9A+gAC`z(Wg4$71ds3PM zUEewi5lIo(NoPJLXUhspz*M6XlJbLM@Hve9I%CM5B&>2d+FOpYszwGCS?Fx-DU7cY z9Sq|TNhqQ}VyI?l@a73!FwfcS`YHAt{8e!O?ciC9%TfAiwxOZ*bCCKPyyek;dMU{! z_`F>p-A+!_o>`CUj&3Gykz26D33+=F>9Z3)f?H16wRg6s@eotY^TUWHM&(|bEyS{1 z0wRDkV2_<4(7|8He)vt4ttaO( zB5tbk!qQ4IMr*oEam%}M*-^YDX6n8=H1;uc9qOzFbDXzDM(g}tN=O?$ASCl?q9hDW zO2W|I#rNsH?X)0u#3tbM3^9e^49<{ zkZ}5K7gX+Y!rJwvcs`xlp3mOQ`d@ZGHROTAmQ9M=Au+*}us_ji;pH;&(uVPh5_68& zqL_u#bLDC;;<&X?d#pZIETM1at6p;_Bx}GQ3EUFJMEn$2K}sNjtg%7~N;`Yvct3V# zFy z{f-tzu^Ng>#SscBH78q_xH7kyNvw`0qSgre zXn|Is4VG~r9ZunP@!0Tk#g%XhY7D<(QIRng8ScwNp;GNYWWSByy zM(w5UYm8SNJ25fo0@f7&z+DO6WybG~D=%`&CZv>@o5PK-N{T(^JImo1AHiZ}2JMp- zc`CG*UDSIGSP6+eK9Z8_*3xrgu1W??ZrcwPaxc6%U%}3_&fOKaiWld?&6uosZej5k7< ztVc&%@|HWMr|y_Sq}ja_xMU+liB9z~dX z*^_e+%kmC?os*??_2aWM$(uTX16Us;bu>;Jx|v37Wzf2ArG;RSt#@vH0XCaHd7L5u znr04sjf1a~XeZqV?!yq-g-d9qggp?^JFv|{D%;=6m`p?pZRI!rygg)R3jgT!mhd3l zJ!xfsdbzzy4MR7)LQ%f>3rOtqD|Z{*I)|MS5@`P(Rr*tLW37Zrp6;S%XjnLhx@#9LJc?c(Lhx+m{?rRuR~j{lxnJ*Qj$@TKS{$|vB;Ntn@1OPImoI;gIi=3sUi&M0AKbB3GV2!WUsb@tCl!5nD{D;bjO zJe_pC!*D{3?W@SAId9n6pB?Vt4!XK7~{HR9#g$ zMWq!PRKT7Ls>6|XAh{a?>eZ!dzM@$d>wCBLYE{=~K^5jYe||gZ?YQ5%%)Uv62)DYZ zm`xGS82mwzTQb+yK2wtFydpJu&FqXclUqC_TT&RgZWrDcF$)HB;=>bl{VYPyyECHR>{C7-WoPrqeki>3yu@* z3%ayduY^;(A2qSkU&q9#iK;V&tFl{OI?vKd+nc0`svT9UmS0$*C^}=yCp!C;clmLR zJxtvMv{qOZS%G6n`naBRlGzdKB&*AQF2lW3&V2MNZ64)Usas*>B28B)A*HziI2c$V z*TkRy${e+anv<>GyF&7u)YXh7O0~k9Mc?ko`Ra3<}yFqWI4!Nn{g-&CYGt zZhGe3=kDc$4v#S@R*#?G>**8FN7f0ClY8Q^aF_ml!;cBub30PBXU~%>+qH(C z%l{CXMDOp0Ke#%>R>bhx-@!`P;n0(GB5h9?C&^&oZhw2lhUVap_@|g*%R%;7wq5ju zDbQ9gfO;}+%|F~e3_&?CvUXq1jm-DxhIB6z5)5;D7qXNfAi0o*55zg95oZJ57+zLYKHuP{|P-))~sh5S`T3#X_S9vJuyFVW7m-RllrbnyLy zsv5HVusH47b&2Ke@k0yc`12UmX73G|$}x5NbDiqY_XMNs zo;;e6?XVm7{=Dqtn_c8l^Kp(Z^4sp`rzwvc-WRYMgkP^qrMs}(`F=?ljH8)nTAMz< z`6Sh8LGSbQIKh0S&*6IA)h(_}^<$KLzv3`EE{)nj(+g$UfMyKpYSJYNXK}A`axmdX{SM&(TzWE)?)O81wh40g) z{HOuIQ#pjJ$riwWMyIqlJb0Igb7Ytnn74WfBS{cKn`A>W3Z7XpU4ph&>NDM1a+;`C zP~1t+efc6CvpaD92lKWHls^E{%p2r$@#1+ewZ==lD}Av1S)P@+Db{%P1*?w{ghBW2 zCZ_q&iFSIBZhH9*n47a zO}A0iaEu2*><9F9HKWS3tlj`TPGI0N!aO^J@PflHp1XoLLpA1qg7Cd@RwzNg3ao5) z^IMyq!k?X}pbUe<56vYbK?bd%4)t}(EYuC19=ND-L(capg6Tk$tJMNM9~2>)vx0=-RDBYakc9C29cey zr1Ge%cw;}Ju>aU%M`}}$pbJVu01a`DLdI{^JcQ*e-zx1T{tR)cji*f)`ozU zd!iklCg@VDZf|+KuOP fFtfbuERZ!x-?(ziq+^)QnEG0 z;2f?@3QjVcs^cdG5p{u+ZUbNR7k0MIl1Uzcd})G06%wHL8H73@5CQH_kG_ z8@3ZinWyXp!kxM735TX^Cy%aFC)-}~5LxytE2!cN8JT!g{@t-zNYfJ_=NM`cBGAXD zN9iA%B)y_am*oDi@-~yqJ=FJ)ijYp4k9vq7p67Chf>>f0w<)FCbX_ z8(3L&grp$~_<{I}UPBO?*~BTR%=^S-$V)>L!FIgcG0oPZzpSHbSu&nVL@k+T|IA=` zz-n>j^{t8sx#N?!5s^Fmv@%@P`}lrGK@7nZlCag8y0X>*Gp88UJLo&r1Clc!PzETH zfbkdys5T}PbR|umDfOs7kmC4w!1xCf+L2_ADnL0vDabaK*2xBA(JD-0Wo#)AGovJ$ zTEQknM5U$0LU2=6tV8`#@%`Nx`U^78HcORKV*RlY6D=86aLybfjAYzUt9CK9_R}@Z zDkTK=qxHhY1ly0Mv-5nV=I--`hWlK)!6DM^;e2r7IRv1lVjJ~i`fY*_RPnbUTh!=VHa?D5{hgec1=iCr2>acGe?}Ppg3I)KhW9(~@ce5zi%h>wg!P-s)jiK??)* zxseQgo4OF23I#B0D)v)OF0M-!b_8r94}mP(G@KsWJVw{g{Yz)Xx&;rficdM2b!WhF zxBQ(0GsnPl7i!L=2U7+Z`|+!i4{!!=Lvdl!&Jy8xZgT`LoViEL;?R}$Z9dPra~k-? z%3~>%949o0Se7NyJg{*8csU~_gho&})V0hLJoEsq_93Zbv%p!dnT>iW$?etg)ls?y z084G~74tN^9chCHGvNK1#L@uCDwRBNQEShor=g6el(o2m<1H08NR>cX!VuKkNUcsF z_|2G#CObl54Pl5OFPi}vlsNGN4`Ii>^^56(dw9 z%AuzYkpI!b7P4wkHL=(ZTSkc6#m!yqCDji%sH=E%bT@ioRt&M?=t>|rWjzdB-4=(B zWH*X2hq-$nCK{YxaVP_j4{b(46E%f$b-R7hPh_A8GZ);zG z2^F!bMI8_#?$KoW50tm>^~VK4lp{lE=3cC#iI)(yi2JO%sAemd4Mv;Kez)bLcUb`M z^u`G+SA%xP?7Cm0MQkInb$ti-)WCU)s?3aQ?eb#n^!610QN|^HAo8_t>9Ia!Ef8J{_fN ziMP~yTxIbO1_YOEP03V+D(Y@%1G>3-iULyXr?J4AF(CiVa#){gpPp8QG;T+#>zHm( z-G~~BGj>r>C)F`pdrY>Gego9i^+pzVwRFh6bKn-`dZ(Fm>S<}b-O7PHRo9-r_E+d+ zOhkPm;WFoogzrht>&LZyQ$9kjck}P$+4u8AkzSYqc9~*gMAQa7(5$v*@ypINnYxyW zNAA!U)w~z{S|E}MX^Q~C43ThUL*z<4UIWKtZj&6da6@Ezn_-%YKuYcNR9)N1+14svdcVd*{jkxsUMr5o~OQsx3Dp(^a^g|j)&&<~3K!XZv zf3{UZn`{fyR@~9yK!v(dZTWn{2M?zL%G<8ex}InS*;wfq)r%TQd1Sigp2$_j{XA zV-b{8vqZuY9+ogWhFgi>_1E^r_G#ZIHvlz`~7*t>-uX`4UW5MhRy zhIdaGbGzv&lLGkG`iTq;baa|$C?*Y5@6#TaS1WWd1KlD!Wx*Y#2(WM2fnN|ZD<3m_ zD9-r!$F!<4RfTzeG;qnMq*1}>+zqH19Zt5=Q0_PSNjFZ(q;BOnRgDxx_{q%a?~`-l z!x0R$l@+su;Ls}`>?D(xE5B--G%#2nnLI={UiB9he1X3%q_z;u%jG|iSF(d!$mxHH z!q-Vg>NkTz!PTUAbRR;*Eq&25ulzV%Nk~c{wN`OYvXG5R~!ItUuf@{WL<1rJ;~VRh7T3r6mWuEpUlj8zcGm z)U6Vd@gm9zuCq?iUmG>4Y*D5k)=|MA*Pdy=!uxL=FvP+go~!#=rk6kpADl5xJ}|8{ zbTyl>M5({U_{^*|CYTCD-3{tOIj-sTLqQRBMpgA2P!`92J5uMABGBG7eT9rMOhX}K z5DclV0of1?0mm_MpHMjsyBvG}i}GD5xI4&~4BS@`KqD9BmXLI#C0pWE#x>1NIuFv)_Ett$@_p$a=9g46UW~p ziY&Hjq(+Lf`mBrcSAjUWq0Y8+$Wd#a|g%O!wM+l;cltSNq2?fo7E`?}$*j z+DHf(IrMySO0Ng}s~7*di!5A4CqsIlVoGq*yXl|D8P8nMVJHXk`#5dgeNkIX{r!AQ z{W!iT(jAtGG(GkHnhKClEQy)YeYHv{w%SMhVy8^d0=oJS#&oT;(?fa6G#RNX|0^~_ zref@!Mbn61@Kk7nbiv>`+8io@mEO0e=xW4s-mD^A{=`+ln z0RsjOVmFX_fzoi$I+z`5xK|x0mSrkoL1y1v-TSyn-!n#tjFa^K_q~NmE>Z{);P^?$nz7*+AOaQa%Ey`<r4(^njIP?op#jF zu+0`J*hCDxS>CjL8mmzK>;o<$%@m|rKJRZwsMPIK@o05pShts10kQS2Gn_r9OI>@_ zL1)by)$uA>R^T6K8I25Q^Q3eH+}j{xO8%<3y3LB*>b7Kc3ikQGO2xz?O}K(0+r!A>vNR-5nBUBK#s99 znh(I&4M;X>oAtabWS3}0MO4?q8e&RVc+=YDSUC~wP~ry(Vf~uBVFzLd*(R(d!x|9+X%7pWJx|?76X8Q;uR0|>-xH>eO1FkFlYbd zM_VcG(&l)TlDfo@mvsFK4GsNu>;Sa`DFWz`{woP&<_c@*hwsQN)tP)!W%6wkNqtR2-u-#hvd{OlT1QG zqJOzwtQWLmccyjnA%uoray8IoZde2N;wVc`!#EIPXBrEQuM_Fz;vO6Kpc|%1Pvd%D$_%9MPKMpex^)Osdy^Uod~H6*SVH2Nk5B zS%8b^c5}}}sRmv4jy}#EzO_UD<1u!}6YQ*D;-^pD-1-I{W-^18k4FbpMFgupRy4>N z|C{o`ZI!!6H9z?0m!Nbac=_QPLSTTOvV#i`Fhkh%+}CJykVdxEL2CT^nPf`WrNHTf zX8Xf<90upuKHLtH#Y$IwX+#(gW3QnHHET@zN3oP?7a;H= zJq!<24W8yva1bijmU81eytpog(RoqrnpWcD3V@q)wrKhBZ@| zPyJzsjWyB34t{_=`T#5(nBN3L#8F8A)zfNu{Eq0$*JwE36m`+R{yEw(g|OrVSfpp< zLJDCJ4E|foKXjEVo5S8w=pnlmp>Of@lE5t6Vsk$_(N|lM(tG=-*i*#a3NMv%2~p_H ztsdQ0v_tK)#orPi^eIqL@9*2#G!d%2!PBH}3}Yo_GmPwWho8#$RM zv~P+}Z5%>ntJ}W6ud~|jB^T0yHjNF#HILI#vHtN72G4E){D~P6fG|`}1SuK22F*K@ zUNk(m>vd5~OGwjDjqm~*dZ$5McM_r?X>?ooYg5c9*I&i^} zU3=?Kwv#YwN*9^5uv}7A9mOjtEt!O**+|l32__NxruPgS2Yzq%bgR-g6FDL{I*law z`c~CYJr&&uDf2%uvq*!!L^@qrZ zzNwRJ(l-*!tEOi+O5E|hyGU{knr`)YsHIx6eS>Z{$hxb=e`TaIVE?WMGVH+?*9vfz z9vQT)Sq}$ML$h+kl^-&&w>xPWZUl*Q+%(D7e?RY$yF`rttX;nG*nQub zuFUj&y~#^6rkVfR^vs$eI)c|{)1-C8o-5S<3rx%1knm`|*JTz&t38nX{!sNCe;;Hx z9#9mo0OG#HBirtvsOn1nHS7?=K}(GgxZVdI;;!8$pC1Tk0`)UZ_WDP7R--=24tYwZ zX}WuM(RlL?J?cTSqp@y+Vgu*WgNe_5hNDWb5)Yy#ZL6A8*MCEGHhJ5Vz(uUxRMH33 z+0*|m7C3CjLE8^Ay&Xgv_)(dGiVc#hFM3S6mO#5RF{(0%x@&9Vs}=_e(xBQP{u99V z&jJ7LhUYk2yFgY*gp7U7PPMg4OaXS$j3qjIamE$FPM?Z7=acRyL-`q?*BLoG}#34_vUuhRj9wQ%R-3C(Y0J9)$}tKN`OV5KI`O|V#zYk zRT$LaNY3Hui@(d{DUkA~tupp-DDla4QZXVLuX6M68MMdr#w+_jaJa4_ydEF<+7Z3Z zDFrIO3v~NC$01EOW^WBd2ox7fHJxKv3Cd_4O6<1E*Q#y-Rh{l?_3b8F|7FqWQE%#F zMyI)YoSM{#@PUcbA3_m*NpM5tg)SPYWl=V?1U$y64#8j8e+ycg$W~^+7ihL+1(k43 zjrIS+o2e_W#kE5!iGbEeYmVZ|d^rN6&L*|N`&RSd#rwQlabi04`LI062acS%FbVAr ziT}ZT65NJ;*@F#)@IR#fQIMNeE2N5RkY?PY?zqlgXj|=4G7*f2P(&#+rA!**fex7D zpc-H`dFkeu-_JyYZSJF(tZ8#bqs|NSJ`U9N!r#M2DWbVxjzR$RxZmH}%%iiE`!IhQ zJRqZc9Bf1W9XF&;GuBWo3HI+qiDp1(H;p%QiF7v8*r27k88|0QM`ZG1L%bq^T zKHiat9r(GiFRE|dQ2H*Cs*O?vx=(9l2x^w2rmPT<3_E$@eGS zIUml*mr6s14a^yH1*3{{(*!2BXVB$4ZBy04#lPD8Ns`DWS@!h{I#4hvGpGX>ytC=4 zuw8HA%A|5fTA}S-R;2D(%6u?0u@ewJZ2{8my|BkBoSMDU*@HvU1K7C?nrQ!-a`{Qs zq2R@o!W)Il%@id7kSY zrbP4RfxnAj?Pr~CGy`DkD$2E=d6e@ar?uT(JJzMecI1(&hGmBx;(e*S}0&-N@Ic;*nlb7-N$qvr@{gGuYCTu ziffL!89~L<^IduT1j^1XmI`e&9M6?8>U)VL|7gi@I^40+Xnzb$#b}A!-M0TFE(W#hm9GkpnvDs^}B#1TE z;)Y~g%D8P=0u)djcUS=Z;WmlM;rvP_PFSV!7gqQEg&%5J~dtUtOXS+Pz zZhRnvvqtp!WBJ`M41wF@kNHv0R-u0y6+E)E+WdBUJ%@U)?aOQ_=UAc!?Ly8wleCU> zmPfQFk@gSR)wyoHOr+Qa{OFu9ujtoe?s`DpGw_&|R^`RWf_Zw8ykkIZLTXmIzpUQh zefog`g1ci$#lA!B6v;5+7G^_tkJ;Z2=%H3>>F*^=FbW5UUN8EX;uEMznCPl5qlnFB zOB64#=yJz$PYKWkn{CNyO$Es_#!}2z`}5)Hvu(w6mM=%qBZao+MP!f{nf>UYhr+H{i6$Yuv)b8T$_gF{|kpW6GqxLRm_wHotz4Tv^yj zA?A`<8~DI2mULpqg+Qtv`(zY-LJ9zbnMGO@C~)1C=VEZpxK<#pI>IiWpW@KKdO&(t zQ0G-FT8ipf3JUM5*&qcvV@D+yAtgFI#`yP!dDKZ6_|qvydYpnq2!GNc-S~7LXp)}- z7N*xn_+)Mwk)IF)4ES4a^=_Y0Wy|h-!yao1U13cM^Wp&XTTmmu@bY#O7Np8 zkR%6Ha;348`;vkG!3A zjgG53V!1hJ-xi~(?l7pzjbZVCa?g{2{yD=7;@UQJvtPN9?pXos7@opAS?>otJxef! zclUz;c`@=NWE45^##h639?j{}3FLn`^q)iSY=2GNAKipCtdvS&`b zD3Ln|Aj}lO{v0f2n(j8WevyLt(An-3YdcSGK+`GrgWvB)jhp~H2bbnX#znb){Ah6l z03JK8AIvT9Oyl?S@WLAUmpcni>_}q;`+Gkitnuy;dUuPL^2jVpG2M4>3oGr1Q9QPA z^9;YtAyNhb^Z-oS2khl^YqIBMiZ%-?h7Sk#)nCh@QD*+?A`i74SO)vEMgElm1%!jM zfU2W cyz%lzPVU+s0pGuXfWE&EzZvv^-oSwV2lD1$1poj5 literal 0 HcmV?d00001 diff --git a/incubator/meshcentral/5.0.0/charts/mongodb-2.0.35.tgz b/incubator/meshcentral/5.0.0/charts/mongodb-2.0.35.tgz new file mode 100644 index 0000000000000000000000000000000000000000..1f4d1306ef98a5bbf49a4e1f6257255ea29e0295 GIT binary patch literal 55114 zcmV)kK%l=LiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{ciT4dIJ!UUufRv{-o!noBI-Oy^FaGUxI{AOy!Km{$x8Ljb+>zVu5B}D1yTfkpZ=iGks1%=sG8q4@bLY15 zo%>227>0yFhDk`r4FFi2Adj;GZIO7^K0i8qed5q0ib%}HpvgZsi^V+1;Eco=(J}bF z0RR9F@F9Z}NKvu$EQUTBgZB*>;SVULn1o}n>^5K&nV-W}r`2uvC_(ZwLJ=Sl3LQ$4*h3&B4*fN-J4{!Up+&1PCmdgm zT8<1p@n~EAZkvv-+G;{Ju*Wf~sEZe~_MET)hu03dmQWmCgX;RND4aE}(dvf8zM!3k zYmJNpLPCEH8rR7L8OlHV?uFZOhpmp&dDd7!95RSQ6bl$=0dX(}IGmDy7APwR=ORv! zkR`MMKoSR4U1-SS8Y@Xk(TFZT!)%^RS{_+gRW-p_j8J<4DMRrZ8m7QFB%gTKC>8+Y z_5`yKE^tXvt6g14{p&~wPO;9-%}q-a-Xn_!TSaILU=#(|6O*f9_^#XPw0eWaA3g8& zla>Dg@viT`jScd@)9Z~2^51oz95%4239$4EbZw>~^|c z$L%=o=%ORP;Z#4$5rf&&5jS)p5Zce)dI)c1$}sM8sC;IQ9wy@Ou2 z(eOyfViE)>=2-3k#{uVv0X9b<{RH@e+Y;YDzySMz2#t;c7$e}LC?Kl^3fUg;AzF}- zA_hndD1!`5lYku$QmPA6~1(b22 zHCu_I-;)>|8@%WqSPHb|EEHIuAumRdA@JNsQz za0#(cu|+NGx1?!ZKs1SG5`_3Ghl4eyxw;XI85a5(uV8)|PCJt$%z?yciTSby=9uzX z0s_3iOmKnx@S}YHn!g@{UZX)#yu_YBhU?K1DZY`S@=yD<{xk;NQO6ybcMQfe#7?a* z4T`)Z#%y&&LWVvvId`G|E(}&@gs|^%faLyT45l!ksL_ase_m242@mNHF-f8^=rkHj z5+nZb9ORLOwA5SnTJ-n*~Wib_&^i44Qe3y4h$55}w9nBId&s z&yrXw!{Wm)zr<+zpZ`49Y6ahg#35pca?vApM-0+y+SYZE6A|CxGfV79toH$4q7YH) za6(}57nkZRiJXWxPushV9q>=Z>5?rFn4o~%G-LrY;;$7b5S8G~%alU_K;vNX-iaWX zkOx5qYy~+j34$r#XZ@jBjn-fioc5ixd{#MQv=&eC?ktJ=!-cL zmBAFFzz2$wR3NB?#gxS2r|x71bW4GHCGnvsKpsOrxU!qO+LP$ZHs&PosfLI{F}t`V zwP})pT}56XFxQg>eN6ubLR*EQpS}RV0qqG6+Y?CVnYRw|GQW{GC!pz1T5%E{Nifg< z-HdQJ`*(A<34WIwR5}NaGbfaRfOs$ve>o1HuX0j?Z$7Xx}3Mn=Lcaf1N{NGD+~Lc*{dA*pO?SRrNrBsyOg9X=Phaj zt>CODVe z(Zf|*M^isn=k)OW{O5OP$C6Bvx<8@S8JcRs$)S8^LClVe)urbkigC!Mp!s*|SmVY4j zFyL4k-jyo#AH8e8zen4DnAZ8*igNd83EE`;?F{nge}hiH^JM>djOWuQr)=H?1o|j$ z!64vs=JV%25ywA0_M_*2YmS12wD{b68=L0;a5N~`e|v+c`TrQt4mgF3p*R$KLS^#1 znWGR)5*+wAoPh{>*KmettFZ$vxVEkQ0Vtqz6a-)vkO^2o=FM?96UXO};UxkQWOM61 z4E@Fq2+>SzNx<_cMpOI|`QQe#IryL57I+s1D?ma~lcNM86oUYVsMTm4pI@Fc5~Icr zI1(ZXd^kD>K8|UlHN&he{wvXMv?jmBZSi0IVm@p0|LC7|8MaeE6X;zh5t!lt(Z;te zdJ{FiZB5{H5t z4*T8DZ%@w71yHfi`N>$f8uC+P2k(l-K8hQ{9@f|a z*dw8E4G`!1_b~qE{P)Mhw?CY`e)mIb;ok$;%(H&}4|=`A`A>JyeLDYrlxGJV&0#o0 z0hu)#jmFLn_(f~O!c(E28fe!#WO!r|!5FnOm3ysLD+_HGJU2(SgI(SpM}SYth64^0 zMw~=i<^@=Ac5-<9<^=pguWrqohll*ccDQiPXpJcLFd7Ex+Cc@tjolP4#Qp*9qN*_j1Jv{JRLd~9Xg|j;f2zE zbPw**kNsRfx(D~zkIL~Jwp>>ZXtypmngQ*)6$9GczY8Hoc|z>lgt)DMqfvkvfWA*c z3UCPM0?Gq>t?_Uw^bSUK$52s$*Vx^yFFrb3Q@K+~<z}2SUH||QS-Wa zHLu&ZXwW@)u<;y7I`r!@qoG58SVf1ssEFOXirDShbl87LUg*^o{e}j;{VE#VMMdo9 zRm5)Bror&Rc%d)p;BKiZ^BPrjxQm+D&8vxB*QUcmZGDCtJ>3ebg=C- z9vyV*?}mE&wYM-vOms)}#e`adYMYu&BfahxofwU_g+Cf;_;ORK{BzHRXOV_F*m9%D zYg8=`0XLa|s=M{gQVoyB$#KT`~u_xwyV$LV7`%1a)E^Y`#uCv_` z+}nC`eZB1TmmcohdRsjHq3vILoNnt8@-zT{@Blnfb`xa_PCkDUlHJ8e&dvMCxwem- z+p8eix|6U9PoKMZvAKCKHrMuIb064|qZXU=w{`Fu^{X7bzC=>}scG=&ox6)Cqnr0+ zbZt+@;-#O>Gxney$-B52=DiGE+sm+cDQ7c|`*IL!UoA0%(B0x%LT|M7@%Km^f0xnk zE}o6~J219i<3nBLkp!qc>V^Pr)wQk%BS1kzdhDLv#lbS~UunBnc5boUjzsThx~yxDAKfdeRSv+LOM}wYwP6^15YeLfgOdy^=NKJCs!DZF{$5 z*c;UL5FC^e>rOX~bHwVeCDv9LqJ;;&Ir5zz=eMozJ!Pwln@>52bx>W;vbArmn8E61 zRD~Rlck5!m*hQOli`RiRkA}S4F|57uFx_<5baQKV%U16dyV<{EH+!m^+b$eKvv8F4 zb8E#mTiq@8vupSBR-4?xaNF(ZU}$egy#RaHbCOWxxVPDn=IirKX#r-PUas4hs-AAU zogWOlYkIovXy)s?B|XiI=Pgu%j_m2y*YF0JYj_1r@7U8$Nl#s?r^REaO`NMfFgTN! zmIt**!}Qo)H@4eufO7Q@N;=%JJ6urYHw|sS<@Tzu-B#PqRo^cndtl>QxJzq+5>Dv-JAgJM62b^5t>Iqq*8gM!yk+J20p0D1`g znjk7uE=0Vf4C<8)^3d;WD=+(Sl6Znbf)m8)ra{V#6&AYTbi+T#-UwBl9bgC*9j$Nc*F$pX{jHW0?p@%5&6U58UlNkay^kM`l0%U4s<*7dhHXA9j z6dWowyo7)oRnjT~b}F`29h-uMvjd@tq%}B2(yV@f#Sn*kAV#8C7ffOVuW>j790@^M z^@(yJEfN_(IT+AmD5fQS?9|#*t?guPCUmkps!_>4L*<@1L(pHyj6BC_5=uZqsnS(p zduyKVlH+g z0@?yhK_rt@aq{vhs!~*zE#UUdi&xVl2GH9(Fmfl87L3UVr2kVEWx2FHM*4R2ljjfZ@*ftDHcMV#1TVRT4 zb=MC|4UJva5Q6ht{tr0fE&M1J-6WzcMsOi?4>gAM7%Lsa{`xU=En?+ASzYVsu6>Un z6Fu{N8&i&3XLHD#3~n6}@aB(>y8GokI{vd{kp~F=ygB~+u-|d>@t@tnQ~u9Kd3H<+ z?#8`jKR3D08)+tR;K2|~_{N4Z7zD@%kb((ebMS3Q;sp%81wZnAp(;&c{{4_IBqS6G z#or#DOQo2DontC;do6@s_uqsv07C#1Mi!7^4+g=??7MuUEX)$@BMwg?!S@X$i8BrJ zZt`YZjqgbe7D96jryN7BhwOnU5Zf{#vA`U~XlzcfQyG*Bo*G%+cN>jwzZE@_f*Mm0 z5(Z4#bstPtVp%mpS%sb#xWaG+q+C$A0IYUT2^ebVl~Eu3-uT_Ip5HV7@V^?r*GsJp ze%CgW-&JaD@Vmg~Rm#$w1q3%sB|9^D8jTC0*UO6Bx7wn7?;Bd@{9D>>L<6hf%cKlF0F?m%~Z(uVLpH$vG#oXzr%ly68u!(b;ha5QB0pw^j9En5K zC?=sjj%KW^#J$B~OY7vRdz8svXtg91!b6=V7@Q-VDp$Hv$>UJP$aSv zc{p0&6$5if0Yyu(Ch*yWLcU6ngaMk&W{C1%s$%0Eo1<7KD_p=8m!}Drrh@dmiC?TX zHc8j)+}3gthgvF9#yh0aZ`t|Scdho608p?>o4nqq4rI=pEYNmssu4|T&wHyGRHZ!> z=~x<#bCo3&L2nKs7{di(D7K1UISxe(T%*+s(UV{H%%A_c0x+J5{k=#-YR|i?R*^^Y zQ}W*p03>u2E?XD>`=WWcKr!}U`z^Ww|03~qQ6XdDI%#i2-J6Rh?C z1phjG^I9fzVROh-mQ;*N(^h6wq>Xe5i;0>)I)dRcCrFba{dV~gTk^1Q~Ou*#}huR=k} zAXsfLfdUE2;XAlp@T(AMA|t6(=UP%Lk=ckE4F{Ym1uYeWg*tMWGX1#4lC}_;0Ym1z zd4GQ4@V(P+t08lUifQ^Yno!ItW$tdn0Y@p4$C!E~_S4e7e9@ZC+Ux^8z4-Cx3l{TA z?;;ce2!0VN+BW-MOPOml9LJHAi#Vgj7E2Yhb`l0FAd)faBMRO>aYEr^E`QN@;*(HF^h%mjiPJ7$^MvyOo+N^S#X_jsPnF;mxPc;B zF~|0QRM!rJ0G#33oKbLwD2kWJ2Qne8)w@%b!|9LSfc?Rb-v68P`}<7%sGjxvf49@` z_VfAQhHm$1|Nj^d-#v)zkDq2SNh12WVK`yjus#N40)x-io76L?{Ovh|3{8_DporNe zViX0~gS6zGYrmt6Z{TOEY&kDRkfHJxPd-K{X6wG4XeXz9A#olnHG?+E25>dn!@eq-~IIbc?_C-p*)T80>&$SnV9Q- zH*@UCjny2%fX$_r6(=Fx17yljD8AjG$@^C}>}GzF(z7b@Y4;!{SJElE^^TqUHd z`kd{!(5S16rrqZ~uIi(F^2~*)fDX{dh)}hIN_}F)Cn9-?7CE)}Y$Bw5BzS4%Be75mM-@KvK{bQhPrWgcPu-Ey9m$MWVZzIGKPxCR^<+Nxih3my}G|mGg=OerC+{>e<>Pp)2Ic9Q!^B zOJq?&E=MS)m@*W4=q04s`&|C*P|cKz&v|O&a26v<^RFrLk{Gj9*}EeWGW3z@hKj6^ z6MQjV;sDK%U*JC@@=Ou1AbyE>s%Cdd)(Ig2f@KR!jxDRvj1lzTg~5t<=X)F=dFob) z@|h|Qgkq9b_(O1qK|pQ{5l_T1qpw6&-{#VD+F3Pq3hwo3Pv^Ueru1st9Lm98-;V`)g!Qt!IfXelx z=8~{>6xQ)t8ArxQIuT^{aw0~y& z4L|>-OoH0}mtH$skgzRmr1xeC+~EJy8TRu2KZD+=|78Drj0Z+oIVz07vfF@BWPXa9 zTda|hCEq8ZynU!n7R_mjIzO0`1sa1I=Mp7uA(HnR*y9ap5O4_@jA=`P;!>CINKnWG z)TBKc_B)-?V9>Zms~Zygblh-2+E~K@nKRIaqkJeD*U1E#u0Bg0Jf1a-_f0H-p#{Xj zSa<^cGv`A9gkQqgCIA3Q9Hi*yD#+pr11V4ydX1&VMP;ymr13AG|JHHhJ+!fQ{=4p| zH_Y4r2gCmGY5qUPvjZG?toY&dtv=TF)O988eX#@nsg`+O_#7cHK>@jGkO+m#D15bm zGsJZT0ZY3Ei0!8=0K5RBkO9mKHh^`hX$+X>#Vt&1`Jie!vQ}NVfI&VX8Jua!^-ns7 z-NA6|PWO90^8D%0?R%4He;;-G-GhU!I~h(pXbL-MzdM-r`=jZ=8@Qdxa4_)>I@95> z)9sFi`}?&qh>{=x5ecxjY5?);RQwo&SJStIoysdHjfQ~sGmg;@35@-1seXfFG~*Sk z>7K%_Npb_T1~i+{OL6h9({(!sZeP>;U^*D0!Eo3?`~Gy_@B6*|LDxn8s0aI=*FBiR zZhtZzjP^U7(PTP7!(I<{I_`cSbmBs_u0I@3d^B+ne1F)Pb|-GHJB8i^xe#@_69}O|b!)V}6?OII zWn1d%dezi5kZV#`m){JlS`wpC&mDN3kQ2ys*X>Q~wZ0V-!yv-p*1}iTswVQGgj$on651v>HdT9kL(tV^9l7qo{>1HhaDX7} z_50p%;&&&0$8%x#U^?mS_eY~{zt{7+`>s3jrU!7eKN*eod;639(G+fMxh_Q)Nx(1; z@tUbEia5MXUFxJY%HYMw$FxLpiu+ocKm*V14M)>af6yIyBhR09x_+nE_eWjV@AxC= zxdZ5R_NN0l=}bn`1Gh7D2VJi-K%GHv=$2|(cEfe)BRy48x*%~qge*}UV;>nO%_v4w z{83x;rb!SeuL=IoJ5@RZg_lDi!?E&4_tBISOd75=fYO@jp%9SRNz)x|$=fGsloaJC zno#7o8p^;&$KccF_0V7#5^1~I2+}Gl;5Jeh8G|wkg=e)s{gYpLW%(g>n8=XEjufRA;T`T3@q)Sc8*Gcy$g@!m5Tz16ubm>EJ(q@02Ob5%`xTQH2!>Q#Wo0O zSvTEJX`E|m0Y8Eyg!;CFsAc`$1`JK&nFJvI%2l<7Hdi--F~jC~&ipdc;!KVx2NI(t z7FV9;n2Nhl0bYm|MSu8FzJJYMk3p}|z?n5n3i?dQ6KmbdmP*&5?EA`PLg^x6)dVIv zf;fwmKH=hmV}w2Bs_f&bh|Z!FOCNh|4`A*2Z5EO=F^?#xA&)^*{BEjt^}=9Zrg%`pAtX=Je#v%1z^CCc9GEcD*`gZo*)kh zNtgzgxq+(`5a^Dst043lCiG`N$bwq>_$@$0!p%H{CD3DMYU=XYtk|IZE z$NI#%VP@lzak{y{3-lWaQRCu&$Kd_NQKJz-=FMM)gyHE*t;CIt9F3Igo?z6Vc-^5P zKjfEtb!AqBppi~E!%~niA5`Cg%W+h%n^)qI^*3F@O& zt_@_MTBsZ&hT;Vd5d}AMBrh6iCYC~nSCu|v;&SK3#lJK+wHl1AvXfwIaFqEtOaY3Y zS&%{kf*(nYf8&q>a7ug;DnnSl;@md$AHJI9-!>F3Vi-7AP(h1T9_D$AFU<% z8i&4^TEbON6|vjo&;)_SX}c)(6ApcAr55`RH9KViB8Gg2bzemLw-0NhMV|6hhDAtyP*qRIx)@EX#EQ+#7hU?giV@KU)nv7xz{< zFT`Ym=pG0O$W$%fPqy?mvbsJT|DXFW6?=!#BOXalM2`(^Vl1!+l65i!^Iwc3*dEUFZ?#|F;D z9A&0o9xWLe!=htIn9!$0$Uiyae2C%%?Ex7UhyP9kRit-kwJjkHuf~B&soiX5nFxZT zAfXJ!XC#nY73=p)9Qrt%RkBt*fnIHf;)UJ^9cCcv&@MYco8&2iEN2>4YI7| z8@}`%7T047j411+zwI?K117tIu7OZk<+s2_cPbB4z26==n@UA^>rp*R#E_JCIOZR7 zm5$L=EcTjBX)+NPJaZD|EnJu>mi_eB%#L*C`@V)l^_(yEPlHn%5o+DwR`Mk;sO1(~ z!nHJ@^gelr*bRxV<-XJGn`B@MJ}X-5PHobfB{Q>%*)#Rl@U_&U@o%b{aMIIR0u@4r zR9t~~R5Te?$dSyVfLXQ27TLLkC9w|0sffT<5uz>dE>aw$H10is)W7P5BY(>oFRES$ zL!i16Rnh>`x_p2|Fc#5y@lKh*YS&UISex1RRLMaf$H)^KN5-HxSK23EPSkc-+@6?1 zPmHa){X9Vc-oO}*<(7A{iXf$kg6n;%S&H&Kw77QhN&}#l<&JN2%!e^(qLB8Q%7BL> zxEQOym9@0#&%LNwQFjt|)>Wl^GJCoNkUw9YX09?(QwabEH1+nY({j6=cDJ9ad`1$6 zvQ>OU8J73I$Dr8}F?Ks`gO_+_kf9s68fV})8)`((Q0U96C=`K{aOr%2F()mE62{c} zxsbsKA-FaXd;mpWj2M{Wn6g$w{yGVl*7OzExKOynF$smbZuYJ%aG}=Wbbqk}&Q~FW zAGK+F+}Ht!yFhQ!cfiYCaC&%t{`2t|Jp1$sw9aH4o0fvvU*AHCm1NfAs6)0%) zAR@8&*fU&Y9rTDAZ>5c0*)W{6P)3AvQKalhN}H7Y$)QgWXXG`?ZAK@B9!sDMzs3d9 z1c87+Unprt&lRvCRo6|A_06Ika0ElWuLdj%w8E*EeGb%K;iL^FiZO{XTLCYCRGJ`D zTPfpci}|Ahmr-wy{Dg0?b-g2AO|I8`85j3ZoRIj)@nS5DHG0P`ZL{*&c$KjO8K`0$ z8|J403vaG(VC*|S3}+}N33XCLs-UBfe6xp{kexySr!u%uV@F3i(K1~w3&KW7Ww>b- zTtsNJkkVw48fCe_*B~jMDf)-r5dJ(zp*EWl%HGP=+|rX*BoTWFKcsp=CE!XaGv9Ne z_A_SlA7$OEh6N;VR!P_Rrd_=W@HEplrm~{YotqUcmDS?vd8=U%6@y_{*QV@98Lf`r zo@+AGJ>wamw?d&$7*#@6L|}>$CBYJbkOqWYCy|bSM?yIaKiM*$C6TZpzf5h%HweHW zM$ljBkq1rL$_p1X_jHgG0V_tt^CT{5D=G}3A5ytC@~LeW0lCac(IS90G7_%oHq`;M z^rg^iJw-6~=Ezn(q?l;?mW;?6XiJwWF&VXP!F&G8FEN__Ck?ieE{QEnRBS>LdMIMF zt?M~To5bO)t)c=s*5wxJsDkYs=y`~8wsqJX>DRjrDXz}-eaY~e7A@RN+%YG-zPKm^ zULAwyr|(}K@A95GOUU~XiLG(4YUs;NoWi`2zVq|`&Efe^W6ACpK8AN1`*nsgr^PD@nlKs9f+ z1EO^%~-13(VR;`Jt5zTJ85q)T|nl| zx5HYP6VpQ`TEsrRKbbC9<(CzW8$s25Kns9%na))6awC!%ll7w#;3@J}UVy4PW(ru# z--S>*Ei?2D4gwKkGYR+j@(M$7x?@W00SNf);PV$R5P-}aHjyw`wHoS|IqjkM+?t5a zhI}miE7ZxH;&c^lOdYhBVxS#yM3m7Gv$T-d#c~|DBE-dbyaJe^1#N*7-ejhfy?09%$%>v>=Ote44wY3}*ROS0rm#wJ zJ&nl(6+Gk|r;aFRkX{RcE?M1)i0>GDt@i<5qLA;l`NYKHFA*Uvi5zLyYwxae+nwlb zo#TMl3Y0Vm=J3uN%2Ox+XdH^Fv7Deb*sKz4?w(tV2^K2N75{X_l@hKn-C#PGW_vmM zE0V-wkTmd916zvtf__aA(>74vIlff}H(XZ>3Co{Mrif&+Vgb{=Lorb8eRQUD@RbvbnBP)^xk6d^Xs8Y<`)Y1E&j^VicH^ zG^NoDHNXtjEJLr460oCH4A5S8PcmPVzpt2hS;%=O(=b)J5V z0=POy9tnLq2ClwB8=)ABMK<@IOGuJ1^I@RgPazJH7+uU`L^;CzOX}$2LwqY5C9dPK0O(D2AeO-ouLO?joH19Ui?8fhTnw5dRk4cuFOkMSU zM|rm`5DY26GT1Z(3;0pE6_6N+*m zq`k8~IxxcR8xmg!1p1DN3(@8(?9y%Tm<^fZ?(+Se!s3)q0VA+pg+BIVmd=~{9Z4Mu zA`&HBWB03^*RS~Q^-9>puD*vdD*6R^O=k36coN4XzWRg6pj}+`ajFv20Ea23$pb$T z@L3-6DOw;fi=ih%b*>%>dx5)X^|Y{F<@f8>-b;(gt8J|vR zmrtfs{856}YpWbOOf!VYUdbr|X;vY1k}X#PY_MH__`R0>`#C6Lu)>yDfD z0Jw=Cc&A0+}94RM_ zmOTN&S%A(N^se{7saPeB6Bwu$D#ea@BONcI@8JRmD{Y{*K;#_oa0I5jDAp%!>Dn!f zYbhG9PM7^X{@?(MF_F8-u z>sxx%XZ2npJQmP%T`~slbZs(0Wb?abc~+lU$V9JAjv4E$Pkd=*NB1fPeZ@yir$X`7 zw#*s^vo_;=ELm%>hC|8_^Z}V#?eNl9k!V7UMvISdEcZv8LcW@Me2j#ntsFXA4G`PI z6!#SCJU?WD38?j0wrZrXy?%>P((86c7oaw!?t1cS4p}*5;U2*|n9ekf>A0ZKS}{^L z>$BpNqgsN=&z9g)z;k-*FaK#+tyZeps!Sa{J1u%QMO(qCRRNPxp@n|9K5(iV!Gx%XsFNR#`Gas&hxFhhBz zk|vD2#^H65_Qq*~==-=ZOg%sr*!P1Q7$bWGzsDbu|Av1-;!}Y#Vm6VftS!rEsm5Z6 zruf?aa=lNbn@0paq^})hGE^$a(%VcN=B6rkN&y?DNcb2qenLvuY ztlze7`%gjjh0RvlIpNFP*6GD7yIARIC;a`!Ae`awV?|LGPzQR#6`xO_=2yN^yyq>Z zHXta13P;E~qSd4(rM7>Y2w8a`w>K6*;{w?f1Ep_7?Bv$sIiW0FhwU{@d`Ty%MEyrX z#a&Z@RMx-2q_=~VB1_|vmvqGn?nGpX`9d8naW#<}FYU zC16fX+L?FKdMwropXE!j82H4Za(PV9?sw$C&au6yRZD3=u##SBly$$$|uBDpm>LNUvnJ7(G6 zTwEw);=F>J%UV#O;=Wg&iRwlm3~jN(`+%e)A7ADq_EV9HItj(~hWF<$fsf?Xkvr+} z7PduQUbaxF%Gc}ZLm`)Iy%a-pH=xE&!zz2*t%d~gOx+f!-fNgh3Y@(><37A$zhMw8 z+i{rM@`7LPifguNCQJ|5bUij(w@gzI08BA?1wjXA&dFnQaR%7e3bf#w5;6u87_Z~B zJ9AmhF;pIW70z!dKIVA!SRb$FaLxEjh(lJ|TI)6uEj=w_YH)?!9M-8nN|@tbHBAvi zA*&JQU>fc@M zsiNwd2rv1}d8U?7YPU2=Saz1k_is2xvO$5I@EYI{l}~K(bOTRqu<0p-sE&N$z~x9M zZU9mT_kvX3(x4*STW?QM>7T%nxqX#N>kI&4KT-}sSI*TQ@K+&RU{B_u=6bEX*`g`t zmsArfi1WYSp9`lO%a=%lKyir?LG`N$kI!i~7k8}!iX_MxUZPMZA(5Rb)=xrVF-AUk zZlSTe2SSpmDwI&+fFurr`DB?BW1lEPUp8XHkeesR=56JVbOU9ehZrT|W|T~fEF7r< zh!=b5C@Tjf^PSJM%$~$LQPPEuI1JJFiX^ckKw3DwS0+P`g#Xn^7=+2fHKDRPll(aZ<8YKkXUFr&5~9UKQu8mFbpBu^Krbp-Vv6g;O7EFncb#bq&4RG)u}BjmspP$ z$j6B=wKiq2p=P@3LckW$l!E7Hhi{w-^sYI3nHyKTdZH_!#!XUkrUuLzl-H%^NKCDr z;=2$Avf-?R6lZql_%|d!z7(y0kQBQDQv?|w^_dEUqv)}xbGPd?K0V3Aze%yN5a597 zjT(YAxTR=F@qFTe?Rels zs;s=Hw=nVGHLA6*-h5cA6F}m^n&pKWfui)AD2P2k~LK(wJYB znQRuTW4kx!c61nB@nRJTOCR3>dvoMn>$^29UMUMw7E_HAA13RFHIob1XnM2W{`>Z*;@@iiEgf>@3bJ{;RlL7?gDneh9_dW1z>UM4hx#sD$`NVx+l!TBij*>F zIHfhXGn~?ztQk(}-T6`mp-b~#5`nlVgQ1674T+;TA=J@qsS2ek+;K!y)Qo`v zGALf!Ctc0VQCCxZm&a3LhrP1{-o-$ije-DEW@Q`Ud-NnKv|_zBXN_!*&gI`*wBP*! z%U_v;TyKtG^VO;L@s@?s zsI~VHOBDLPqY!Wy5j=>P=Lj4eF7d>l4wRU;cNwwxfjw$YNoW?(=Gz#(4?#C5qj z7x+}C8;g^WFV$AGSd}m-z>EcmgEoll0h)Mo-uN3FVm`br?fK#p0Q3d%3HqH(YSlUUrUfm4QJ@GPbA zGm#ZljEGc_yeJuiey7t}C>!)bWVqe`0gJF}aultiZm!^<^9Jk8b;>iFPZyQr?(}^w z>XmRB|KargI9F#1uaR&w=iDJyX?;>i8Ex?Y8h24qREGhTH-P2e+31xGpg-htt%>?N zKjxIAxiSm&)rYLMaiOvg@-08x&3%p`Ang%MBr??!6!ztNQHZqbh@C!*|z{QdjS>v{lQLXEJ z>Okhq$wJ70Hc4V9&2_<&N2$i4W;tpcxwe0K?8tg zWZx#Wm2}=ukt4S(Kdy4d+Y|mY%P8Cfre(lcO6Tggb_2SOeUmdnA#bK4=e8_Y9cw_f zof>B3;hB#@hM{zXRiUA^$&)vBo(Uu)#Eb)X4GgaPD)VdvDZL@FFVA~OGSl}^^ft=a zAb}~H^EbWFgt%=VrHRzAPR^Aw3q`MaGtB16MDUFn2B(+E^Y&dNJ=Qa4&YFbS6o@N z$SrN5(_>e)z$FYo?Vfl#%LJ_jRUdK3=F?4O+SvtXsMBxFs(INwaA272r(u=%f zP$WQ6DT!megbac6^B=k3*r8h(1Ol!xq*j6oQRIW`r;TSJ=OdDZJ9cID?W*yOr(@a`*0Sd6-6=Nmc#)3enoQ zBxmC@3W;NJdnVYj6+uq#W$YMkMd_Uu8Uwf6>$=w4GK@ebFqjTOt*}i4URmu}1$K5G zB=nU49HZ$N+;8ZsOau0hG!z!-4c*R2@_`lCslW%Ji9@snBiI|E^0+Bro5(4-%h4 z^1N9YjTan2hJVEAoMblj9{Lbxh*bL097jsTlFF!`ZBNy6r;2pUZMSMix()} zvTGAbn!KyC-NXnHqjMr}U+akxlZ5ktcpaJ?dm|7me~`;)myHX$u>C(Q*pQvG9AgyM-d9S(uNV` zpj0v`LK$CyehtzBt3qF6V}Vz|)tGjsE3NycqekshQr(rs5N!3SkHkq$?%v z1!IMTAr*q*{n_htl}F!N6ZjY$zvSGT#DR4beTIBYx9?WWtJUj~DEhdaT5!hpC);;R zRjk)BRrry+M#34nRo7(2nq8BHAGd2>fW7NE;f1&EU0SzZ2h;M8+eb=*c>CV*TJ`$H zOFmYQ{`T~kM@^V^#w^)3xeMFkD7<}H%v0ZDQBbpuPN&lu_WR=BPN$Rqw=?Rwe{=i2 zZqFUL-TvTjoo=tw>HQ6K9=Pw~NhpKy-#T}0E8n@Vlm5D<%x;9qP!{IziKtUZGZmU`1Hv*mo}N#k}TH}2Yam| zpEZG_>fk8=tq)RRodsk9gBJdH#Q9dIsZ|AI7|sy*28TZSxCg$$0@3jcQyG6eDKvAG zIm6+Q9LH(E2&>)k7&Nc1E7fIm8)K7nuYx$ebFfirJiXQNVK;zV|Q)sxSkpNVdw(APcA{mCg-bNp-0f4*6P z!4`Agem2bi{%ADH&Hqk+)PI`)kMXRVjB?O36EK}ZWfRXTAnR6sXeo_A7x+enB-bt^ z;}-yoKy$w$PlB#wQWW7(9MRjj26)m+7!GuymIBoTt=&9$VYpPVb4|A7e!N}_ylC3a zb02#QH055fnFqYPYY6xa4reiMUruvFOdS^f8m(yI?eFp^!-68td&e(8^P7zrKiq^aKB-diVl72P_KGLf?ShECdu#WWZFw$bB=_%1dWSYE=pSBJ$G6lmVnk z`T{(c2T-!muJ{L3!p!_Em+f+F()i|l(3H;Iw5FM)c0M4q8QV<#=Rhp&Q_#d8oxgL= zEw8*=vdny=qM*y^JSXIuLktMHP9o4;x=qkL(wF6$cDv2AMl z7}!v;YgS1^ExY=Q(sFr176p>(wU7`NWP38aSXW0kqFAzoKK7h>u0%kwSWCoFwR^N{ zb4d=NTfkYvUU&-7uWByjXM*)TCpbm^)TTZcYG$xiXxj3(Wloy%=xlDpK8@PkP*mPX zSu?V{7L?5&FD_1V5+D_$N{Tj1CT~`{WDv8*ttdTNK(pP+HAb6j2TzY441MrC&!u8G zcfs@0v9*{YCv{7Jd{Ynw6_ZIwJBtQNB$fdd-%0>;^*f_~FI}Z=8@W=VTT7q~bG{}p z0A*{s_}&C9@H+_k910oe^M*CN^jwuM4`w_>r{vL`SvGzLzb1sKL6@huq7EPG>^E_w zAinWlXTC|}#3xHA|9v@bxBtEz|9$!QWz#}IHY&kOK)W`m^;?7dE}@?O@1dBrFZq9^ z!DhRSzy|%l>yCOk{lD9FM^F0yV?68he?HzV>C_=N0dlRj;{6L%wlKHkm7!@81pF^P z#~fQ!yb~q^B?WjJKa#*lu_$E3;vCYS(5kv{(~ghZRCSfOu@HQbnNN=XUo%svs*#r6 z23L~!r)G6=lT!ffTAi`A%{u61al2isW`6TOv+L0%A2iDMKcH!YG~1XIbW_V}yE|J` zwmok)A5H+DJXEz~WIq-;}Wu_#w#lkMRim{~2O2MoT1o3)|w1j!RxEaSp)LaxK|x$Ir`U+l07zAv2aP zm5O!z0zBuka*bY8 zOXa<4K&L{F(^UVE6wb>-`)|H**#je`x$x2@nSrS}6xM3+#Ss@YE$lc48dYHJGL+JI z6YWw5fM!CTL=I%p8*a5{& zAZW`Xq@|neZk%LxcSTw;?Pn&lq}1x-hOT|1a1(rU`yQklr1eBH&1Kp*Cm`F^#Zyp? zv6;e}9Yyt)P12$yRE5<1;`4KjNPJQqAL7}h|H)hYZOcKveVJY-sHY5WI{)n!{6G5c z;OYGLQ6B04p_LkuNkq5}=Waxhu<=S=-O}q!8{kkz7MrJevy6U3!30v|Yu9U;OWrB%wDK59Ef`&)1*()JdvccgC1$~`#EdXk3E00Kj0@JMTvo4fKT zw@d}O!{#8AA@K_umc#B93b|3_YwRQ=U_ zwDk1hf@NH`n<=wT77iVDbKJS~wD-?u{+13t)(3&6Q}k`Q+)LeYvUE}&FHZIl*%0-) zI=APglp{%J*Wyscv9d3QB*J;3X*!ebqUNyr^Fblp%%NU$KBTqpG9R8){6F-$o&K-m z-_^4PZ?gY(I{m!=_h{68(*GahQU2dKwIF{{PTkGNAw{tWEwhCNZ>z(6V#~uc>q@$~ zST_dEPoIorPQSk5A6r(?h0mYIYYH+r1D`)PCCt+#2u?|WJ$b5CRVOmVgyVJbVrS-3 zr~3IrOp=KIM&WX7d!4Imfa}*8UC3VMVd$IMVl_*D$t(GyuwxxYW(q3_tS%PXpJnaL zVPDZtX$o-wny2C{)5Lh>fZJ(204t73*%i)87bW$V2ne^9COHTG>pk$zQrgc7eZMa0 z@N%;oj0(V@A!Pz17(PAKE``s^g6`d~iab4k!sj;nAKlUiaD)Emc8mI7cQkm?{~qHp`k#&%>seu5 z%T{mJl{+i8CVbD;AGV!Y(~UM>HwveW&dH{<8ejxFp{SL4bJ^9F~ncM<$GL7T1I zS(0#NRh$bRt8U1ZWP|3Cg^|}Tluqd18loD2+WyE->(3wi+(!PZ?DY30|J{B;{`b01 z`~OFIjQm$e7|&xgMKKCJ9L~TDvsA6!%^3jz4rRD}bvpGy=U=_m>R=zVJjM#KwW2TA z!f_q5eC1Xl^&Z|vq}mX&8}}T%TCVuH#p{!OGb)omt2-DrGU>2XGAwHkqi?k2wlGho z+^^@UDgSj8tnH1zHRS)WpZEXm^?UA<{C|wc$p7jnY1Rw z>KJ{qHL@n(t!=&lcrbz!9AJi#l8(^#)1b<4PcAMGkKep{+t|WBY^e5iT89k--Is0H zrpLouhE*WSv4GZ|;IJ*yb~wQC#6L7ZC;~W?Ing#F{gqhgwwC{)u78$nSm*dx60G!oz5dEpx(D|8OUbj=ciq zg@@SAVr#{RkR4dTMKA`xo9qK=F#kDY(Pbc9J}+fhh=b0)j;=n7BQN_=ei0fkR+;no zGsOXtU2U^P)HdJK^ifs1h(R$R*H~*sUVu?(;#KRY6RpxnL;z4Ph7nSe-m-C*9%5VV z%}h8G2mF^zF3nhF)KMUkC1NiNpVyJjf|;oHj>vWr%n40%0obN@`TUnm%G%-2aBI|YuwZuuDGvFy-kmY-_&pLx-!Vr_PLS^Rg165FGLD$ zBN#LKK(pZ0q&uUFDM$rhp=y{}uc6|n7(xGC7_3x=pnLGls^N>Zc8I?c6Ubls*?Rpq zqkC`mA9pm!$N%behfn*zM|rC3KX#s`N4EdyrnlNYmfL?yGCAF^{ijURd0_ibN}jE6 ze43qk^j2CI7)Md~UUY-CF){ z>-41VAR}soC(CAmt zBoPV)sP#1}jsFsv6bdNUPE30@I7YJs#v5_m(4q}zQ=44iiLg_5Y}1Cbu1zsq+qJnt zFIq;S)`&`=$xq+o0F^0+e=Q^Z13p{Ge>ET4mx^)jZU4`OeQy8n4xaSCM|rB`zrGG6 z#~SEG0Gg;Jx&3s2DFb9$y031)&=)mf$?YO8Tcq)MifbJ%7_nTw_UrzffXMLf5W|MwmLV>Ha`|NYMJDgNK1Jcaw8_i+4MA|lh% zU-hx<@K=4>aQ2%iRp;n8Q{isGKDKcD)^E=Lb$C8l2+nUX^XA#szJGOg^7G;A*LG{ocW;|kk+XO2FHSDqObK_?ZMnl% zr`2h@-DV>bOHAi0mBg%IijUGCPh}jXm#(nYV9kxd>8vLtm2t zbcwJWA8c2h)JV{xa~LDPWeRFaN_^zkHOy)m5i-MMOb-SB3$EbknsuBVc-a6iQHUr# zjmbnblzCCt-@)0?%ENe5+(!Sq=lCC;VYhJp-y1yT|9+I`Vd8(}ca6?%19H?5H{aOe zW(&{mZ>l`IKb*e3JbZugV<8=%SX}A|-g-jUZK{-At|b=O<_9r-w%;xjHpREMp0>z#bkQot$1=9=|=`1}^kG6tPP`q*=h# zcSW=HW0EjL3&;rTRsoTUtE2T=@)2d1I4U%Cd~$wq`Repu+oHs~9$cyj*7*j{-yQvQ zKDazTIs0&OcCXE%k1U3l`ifDe(Ubpsadvolc=kh)s3qgJJ#isgknnO10vCs`UW*j3 z$G5}f={Tc!obd&mXFRB>_0MPq{mVYL)BpJ{^ZxFC_lxo0x`U_t-;eTSwD_DA!FXDJ z!+)>U*9Dtwm6%EH1mJ@}z4!fvphVt)EhYg>*qp@pH^?vvTi5#{Wq%sDBuFSj@fitF zxqUmOtdO>M2_+2x3`4@82_8~UN3bf{>pP1A@H`c#yG3((X7!7c0I8J*Mp$eBtY{w1 zrn;eQNo(~*9WlrPOB7G+k6w%*L(RK_)de`6twPTV8vV0UEM|x`(_cyC3!Lu84KH!% z<8byTX9^M^wFT3ow}ws)0E&~QiYhb_X~h)F>2oBJ=;YAzxC+zA?fT$bOJx*OobS7& zHgtxB64-jHU;lOVgxjtE6mD}7Xyf^B!T-BE>Oa~49_1-t|0%Rr|9fAh*PR7t=5V=q zwCD0yD;&QN@p8-gzm*5brujc|3-O*z<*q z5ZGPJaq5Z!V*~;MeRajq99js3*SVKuGObj|m7I0=F0w^KuPIUzHoulBU4XFqzQ6eK z@~4x38T(u6DN-s#ZZAW&nE&Q>;ywF+bcUm1{I}s#{*Om_s{B8G)`NYY{vR994Xq2X zGbN-*sta~{BFP%E+ z9U$|$?3CVo+;B>tD_7@~K38R%yFi2Ce(rc%zPa;#p!C4!{N(iT?C|1U=Jc`of9xwI zuTC!xU%oy$zkGRk^wY`P<4nnL%9>B-abM(l-1hg2etPx#_4&`QE{=Z8jIoFmRe9B> zFRt2T?-)JEy_Sj*?5Fd~SEnEP1$HXJ&(Z$R ze`l#C?S`A(Marr22Oloq*F7G@JWFA@nRWg$H+r^vHtBy}04Z%>{zzi{8(+$UQ{o>c zjEH?}%?se0&VP&fU;5p_Q~sAnd6fQ#X`1_1I7m?dDS%)SBuGdqvHH#p7l4TP02)33 zL>|WgHit~uXynnI-$*D9XKKU9SqlVs62o}4R*4i$*P2JLX>EeOkvRdhnW^SQL|vJ` z-Kwh9@H{dG@Dz^qU52-^^{jaWbK#TbkcuRgp!rUaN)~KpHjPqF*xwBxsXf}Qy)Zat z_lP2Bb1{4qSM8oFBs7R7@9VoIiev1f=B|F#*Z|Ea}?3`QeN+t2%CGov?Y1NN3e!Ghq*cM!SW{64)9G;;lz#gQTn$~-(y1JgcfFH{%rSGju zJyi*@7<)FQr#U>2PT#+0I8bN3rzrMN$l%QE791cgvuA4kQ>?C+!!);tq=OeF=8bIN zaEW3#Lslat)Y^naiF;+CCvVV##H;)4%tAoCO@C_OQcq8)x&GfG>r?t{TL0Zb{(rYO zdb0mM%Cpt_4+9;0`3;P!*L=Q?;qZ2gelB^`J*?ga;VswjZ2amwujIvW*k8bUo~2E3 zRnLCE-P&F^i&w5O16C%nSfF@@z;lg)T)nOJ$j2VrEj8xb_r0~%e|I;dC*0=zehqTA zgFqb&t@7n)=G+u+PAZE)7O^4Dou0aJs_Laf?*{;9pA{`^nP^&f|`7*Tqw@Xs68 zf7k5~^Y{N<_bLC^<2+lh|F0w`Jk08^*zDfceg$vKm0#7mpLO2`_JyqaHdTsizWuev zifseJMdutsiqLgupOJR-oWV&@B`NKr zYAu#px{k7zYETQ`zll?K`0)$SRMa>w723>5bl##2_h-E>LG(rD z>~9Z<>HJSIqYGv8v@2lOyiO)44iQ7ti~VM5G|Zo`*F?vla@U5_JyLeRlpDrH)d=Q? zWl=gJi!BFZQEwa;>xN))2kKY1UrG2ank&*gCs0dO3;oU89?B!gl?uYNni7T5Xra{I3X_E`>L1@=Q9K|nGgB0d2Tc}3G{x7Z z>nUHgFlmd}4{-~HEM7$fhm1Be2I%yI)tlxGng|Cf?TJ&j8EeEK3)897b<9w@*{X+SpW{WK~n}Pi*V1Y5!GTiPBqoTPyG;`|q%ukN?r_xlj3@ALSAD z-y@Tn4~BLyXrN5J((iw>g;z0BBmm!=oj1dtTUvWFb??XKTLhWP zmp|0;URB|#QCQFsm>}YL%lSNn>|5_&KjhVN* z;JL^QD9E#0=%`FIQ>fOmW~$6FQ&HsPW5gLk$iLnEGROx%KOzMyfdQ`GPn} z0d0U%BEa0P1-nT4P3YN#DBx&)tc$1(Z+mQS!8*3Euf;T0g(ABYK4uxEU>ORjMYi0! z1xmJ!PGzCYhEES#6|Qx;sjB`R_-HMKw&I|*knWpz3cQpFfFTbxRWb2nyk2b>R;mp( z7cT94VH;V?m#$1nM<`x})r-G;TECvwuc!5^w)A;gzn<2wuX+7?%;oFT9}*C*ru{cs zZV~S}|7?o?;*Rq7e>&an)BWE^dA9cdJ=M4R*#{8^;3$B2@i5-N(bBWB#uP2LR)7Ih zY@^Y(!epC=1uD(8**Tk;zTZSkZ)+3w{TO%^6uz)Mw~R%Zl1-qL+?TlHAPZR>)<{YSv*F+CdhJ$p^U^Le3j*`L-B8! z1`ZAme!$HNMF*6Iu1O}XEc1s*r2jw0v$g$KB?x&CgRh-h`aFO%o`KaX34E3h?ywZ2i<;|K+u~ zhlu~w>GtyWKesb{I{$r?XY2J}$4q%31wa5_d+KXn3BAjSZ~kiOR;Rr>@mVHD&>wK* zn?a#$MYneHooZPFq$2rb!Uma}3ilN*Nd6($%uTr?|9|%0 zy}xbTS`_Wy{uDTz%&t8Kmb6?LVa-d zfcMk&^~F`5i=jFdLpBI};nO7X7l`%RB2DAOk!nCtlFbwo`6~j0A7Kb1AJLo!HY{Oy z(_KZFVL{z=whzOQeCUYlA38X8CG4n3?EV#0wtH<;%l_LXRK#gyUFb>Y(b9ofj!k4yirct>Bkh&2y)}eQ%T|LN|xfU zky27m8lrpv^{|~?cpFMurkR5-qn|>hV%87(JB@f-aoeJ>mA~Qv1eY+HXSr@%Uo-VT zn^PO1H9B8c(J`)OWMg(s;cSNe;-;)(oV8EZ0k>4H!kLKB&g0n(M>v%gjF)=6g{?w0 zP?3k&3R-+}jf5Reona_3DYKi-E)uBAc`y+6Da{t>fU6F%o8;7LZ9xE4{DLS}Q~BKdKz&>6BvMn@m zvY}$G@3}rR!MZ28pYs5CQhoY6u^j!b@GUvlig9wP-Er>?E3r^nol1t&rZ|lPkpr!+ zRncI(wbVh$>Lx+i)*#Fovh*EyfK-snvLm15`l*E4Jg1850N~<01xq>T6=kbdl0Dni z*5~*YpJx6)D7L5@x&b%r|MkbcshR(0G~V9-@+eOu|DPVH@I@j4^)R}}iV1Xj8P#yU z2iOj@ga|g-7POsp{_3H93eVo?o6AC69K!U0Zg8{cEA>uwH1z5GD@dzN{6EC<+x|PH z%bE#*P5gh@E9HM154Z8(kMc174^9M^Ru_rz$pYw8qFnY-b@99EHZ?b1Bm)%ZOv;N< zQ&-LVw{sp9WgOf{ogmgY`@+`mlRNN4EY4j2ZHM>Ju|hKIsW1c| z2)zvn4ER;$4ST4YRpv*3Jatnjzl7vtZlgpgqBH2DM0lK5lmp>0e~jAOgQR=c@A?t$ z`jJ2DVzQrIBF$U=4}v4$Jq2D1*sVLIWq*jSpd<{XP@pghj>C8X&sR$@w%ty>4Nknz z(}4eLY15ksfQ|frSknI|TmJtzk66fINIrl+uWpdk+(1ge4FW`HdI5^MRSVggPye=n zrpklNWzaoQD=DbE83`G)QUDp-)+Rr?MCppkbfj@iNlY=bX9|Us8!_euR!tkGUKCKY zOBhL>Ey1Oy9|lU$@($4xvW)qq4u9%*`-h%&CvtPYcJ=ezl876WLJg}e#f0dxlLhi` z^DaqJfp6WoQ;KV3I_5TUs|y(Rs=HFE>vUzi4`(YF8axg7zx2d54*}c6|3`gO|L>1R z+xYKCc~t#h2EH^_{WC+HEx0WG0iQF~@f^H}4Cb(xbNc=jb@_xr=^n>%#^WUs9V#zz zI0Bw}R3^XM;qzy22gb1x3v;Jj9aDyFQ9nO_wm@0J2+mQ^xmoMybgqi5^)BN`JziC5 z6*+982eXJORsTGj*8S#8X=ppv?#x|8&bg$-1(mDgC`n;tJ2SPlBO363(bErq|NCgz z8<_lmFx}q&`X~=y&8Ht@7zJE$<_v<&g!7(_d(|RV*Ph}{7o6-|brp-t-K>Y=-x^6s zG{3Y3)HAS~hcZ|`8|>6}qP*-@FRT*I@i}YAvE&y8sAw#x_rNEnl14t54EdjUd9|9& z@JHZvJiGqAbHaB_0L&?vt-^2(-mhSYXP9x+IOb#0-T4Ix=)8Q&aIo=7zzy=@DnTG2 zOT=wB!T7{T&M*ptgm2D-c!^UKFw-tw-~{a6tobNEKfhvSaWvn-fnKS& z?~h*$s>65^l^|85Rm@kSs8(-10=XWQiOv|KR0`Q7=aXHo98rpEGMl-i)OHPzfznom z^~k>qt&^fSggye^e|o@s=QU?Es&6EwBt|q`10S-+WR1(1K8aFF!Vpm&Gg_lzd4=nB zY;gc&Q?V!~juUtRibJwqqR2?(A-x#SOP_z!1A*OuAzG3sK@Pb5>lJDYHc4TMW~-0` zwn4s<1#Ga@;xmXtu$ztlIY|KocQC{OFmdjFpX_-qifjzUDPh>qdV+iYC-A!b-#nRs z2WIbss0Pn|A4J6jD<*K4O<f`}r!g_=gKF#UP$!0L9Af zfX&8y>7Wl@W@#2Jb@<1^lb~0+ScRbyNuFze+6Ez}>_I-nty2(zn<0+{;!%}&SEe}LXgDkr&|Fc0&_XA}=R@L15nbX)WM5jMBwQR& zQJKp)0F`d7%|O1nI=y`N@K7HL;%|Cnc@F>QW`O~uisqMo*ON3d=c>atg(sF#O!|rgV#~Gz9b}lfkTw6lN2q1Z8WqY zJ0}sVQXZVE$-B$bQpTGK_cbBhU80cC$0!OK*A7?Q=R}{TpVTuCaq38}%5-pibyMq+N zn=p%}4{?$LG6PE(Cs_>u6;ExJ>Y%Hma&%|0hgUAH5Wj?R23K*rnO;#@K;&HT)Mgqz zm7O5!+97716dTwVlq?m{`8!LJ1QiD>Vkip-<~Znz^=8N$;n}XQGJBY>LQ6OAnb0iC zslM-O>1DBX%YQtnq^?*@wjJH7lUJ4>av7oM?iHJ?%87{Vm9BF$$(5BBvo`;wk)h04 zy||?r1_VPa*c5l}QS&auo<$NPAJ5ht;l2PdBNW)yrB~G{{BIQ9y^xo|{iX-#iZo`Y z1sCeb+;}o`sCZgfyN)qY#^FVN6P=_9baT}8sNsrgUO*0sysS7NVhv9#0EsINekQ9(g(ugy`Y}H#ULbM} z=LXU#xj}Z?^8~H?KkNYTGoo{paM#Q=U7_>iD{ysk{OT0UQG_T=Q2>}qfTI}^O=TtX zjON+R7CaHk4iIjB$$^TGN6+NF5q$HI-y>1dIrN+=>J1VKpl3j2Wl>(0N#PZ>J2&!S zdSaB4_GFz?`CDIc)zj4f8+AyCV}%XQ0|`<$wK+UHs2NbH>x~G<;2x8kr`~8nN79C^;4VNr>&omSB@^K zcN6F#bUKuC>zT(=7nKcK0m|yaYuZOPd=wK7IfO})(N%ic)S;I63lywEMDrZz>Wik( z79>f}MQAuHq5Q1x8D*6+7eqy91DvHihOsku3}D63@P$l7Z2pVP~nNoVg=5UvnWYn7;4_O6eVdF=O5Hh@@+w$ z%y=Ue)AHw|XTm#E_9!tTKRyLdZqb^R+Py{Vqyo<;u!`_|@ChV@ru^ihaU<}PVv9A) zm+6MavD(}Y1(a^22VqGp?-=w1sU@=jkTTGcbHma@&j5^LR?zZI!C^C~mEE7r2~&bm zPh2_Y$D4RgVSvi>W0ikUKgqYQ`BDDda(04w4b)d$^%@=OlGh1rvEEexn+DTwC{~O>6NhloBOQW(+c_|F zOcHAW_f(NtwzM(sKKvk7ZVXgWUW}#nbMq0kfoWiK)N;I;J~#Qch$tvf)mHqELkwjK zOXcSST2T=R(3O%OPyPLXXrPkvH2eDj!KWl9A(^kQVv1mJLZT$45J$pJcYb_O0zyQK zEFsFzwn(;~!1B}F|3}lNhrl+S|DBG@`QL`y`yU?V;hPB;JQZZ_@XL-jXb!)6?moWl zq8!cP-X*{)(>nq1~)(+`W-(^|@WmKDO3m(=8Fsjz_Y3@lekdMw4IcqeLi znr^C!!x!iytG!QA6d=m`Hj4xh!1LbCQg9}@Gg3B|x8g~jveWD!J+PL0vE)vhX*sDm zfp<#*lf_468%IB`@OnkX!IuOCgzGcOD(0QTFb1+kGeVV=#9gqPmjK@V@D!mGsUpJuc@Ul<|C9tarql< zl@-vMP&34v>+jO~Z_NLN1Lpzr|MbU$X(|8Pbg&j8BaEXgWLFA!Z~ zo(?|&{~$La2PjSeT}3-LXhvvuJWe`#g!8ek9Lcu3bqg2HD<&~Ive*x2l z*rCrivklfNcnX(_RIX z(lJLxh8ax~P$li|(_o5tkX@@Cs>oWrT!krScElM!9zjt|5}XpsOpGIUxfJG?DOfh9 z@~G7#&~t9@J7NJ8tFwu#J`1%rJwi)JF$`|Z{MK35{Cs?QcKrOucR#(px-P|$<$8h$ zn)x$YYauUL(2GRjQxqi1$6K^M0&xg�Joc_44)W>vtE&S69EhzI^^A(93TfN=Vv? zVUm0xG;mq^O0Q8A;KbEum#5FquI|-i9DIZR5*Y8>QEsgKi{3v5>erWMpzdTiJ@jgH zr4+W#3HbW_YnSIoj3J`*a^9cpQ<0C!(L;T$UVVIvns z*0X~h;O*bwXg^tGWP2Sy`}31T#7o@3WC8y4r$3&)e(^{79{CFbyyI0$mXLL77_Na& zC`EqCl!&-cKf2wnr#qj;&Y9u>XQl4qNQP*>z+tgCF`#a#hfH)L+ zQ06EF=P$1AM&S75mG@svyN&XJ78K^66A+*j`6&vX0+HXI;dqxw1S#PPn!W#lUbX|l z@zK$Ea&UC{%l`-V@8W1b8wK#`lSF)lQr;7*1W~;^IQbi(&+CF0ighJ?W`>%*LV&en zQo3e9{RR0D?fZ)*(dp#xLFW=M;>MGMO~jE85u(Wg$F@du@C?}eKR-M`D`&WBPbG81 zJOxh{@sc}Z3{|}C%>L~+4zeq(Dsh(acRsx@vpLAxCc6IfXFeIF>%(X;)8~^cApBdI zq8jn{A-wJ+rXN0jvHq!^+=|{4lO&x}l)Mkiw*Uzb>731bwg8NqBJ^B6UI9os@Ux0i z9OiA0=kIVr5e(L#^G3Bp6(Wj16=@GT3vm^Zpha=w1_UG_LNOTZWG^CAv*`}y+@xCc zeQ?vItLQ|C_1(XEOs)K@x95RRLIY10pwr>hJ^4*l>pz1|hr1^S(_Vk7e9W|OR^a^# zqx8Qljry+^t+Ly^W~-L#~YN+{56O8 zAOGD-Dyk*`DPAJ7NdyUCu$tTic9n}CR!)N4DsmT@L;&l2;R>=aO3~8x6gU$ zKI>0y5VG#NA|VCUGtNE?=0NB}q0ahptG{jHi*@sxmW_iwr>|e^I8O1In*-H4f5&m< zApp4!cVyM`^|{JFC#xI%qkK^SD3z#kJbZ(;f7V-faU^h;`%1Is%tmdacpma;zW+;Z znr4CCl>fOm8I|t;8jrU7zmM^V_#Zx~@;YElA`p@}_UrG~iWAHEzH3bJ64G^+>|O>t zo54P|0MHQMbXO@3vqD`7D!=JOg?}L`5Q}$hZTC8-A1$_R@CzH1SDq;GoBqd8T^RM{E?@;@cZSt0aIL&w%L$H}+ zu8p)B?$&nmz%@qnu8e9>E9$WzV6R4V6n=MMT=-v$3|Hli zn43e7H^a5f;tVQ3l@7z_D1__$SfVn67z62A3W4eo&A>BLW<}BUf}&(W!k`S>EKw7% z^xrs1*1y*T8tbPsO_2!Pl z`=dNOKK-pYR#kBVpz=aMSGpuK+&@1~iBq(6g<7i0C_gR73U?#Ifoe);;Ym4qR>Y_8 zb8g5n?U@G((0kxzE*!78(8G)Gd`}`$6YE|zJO2xx_t3_*@q** zW$O8Egj5h-$J-OZp1R|S?4%8o8^C9UtoT0+c;#AF+Nq&yA^=ksxDqv9CfQ;dIiTeg}n+|$b9iZ^J?AsSpu;- zm)krk=^J_jKH?(u z{{UX63q(KQ1OY(?zbX!ai?=7@=$?VrY++=(oeb#74|chG$yJFfFlC3G(!O2e+N_!b z<3zbvPGB6F2Tn_#qX(kNP*Pp!&2F9%Dm=_pG;OS5Q&@{st6AmrZK0Y7pRUjT)DpMl zSf3b27c(cSvDAQvmT|g%j;X%fvbWknEnV|dK`l{$S0#6Haa1Y?=ZTV@MZd1bkl=r! zS9podbH7$3d0`tKaV$xewdJJF;kZvX$sQ%NyoN-t=81N_Jy#JC?C$Mp{Vs0n%{g73 z$vmIdN&$Y}7m2fgD%0i`9h>{vq}GrZ0Gya*zH8;p6HqeVDjS_25*EM3Y%MnC70A{t z1<^I4miYU8Q(avhF3%q+a(*U3UQc;tGfirNWqqB;9`GMW%H*s(EjMxN@0AO-Fq(OV z?5DsRXO=^e13x#9<$N&&ZvMHlomnaF+Lt96IeEu9dv0@sqFHtdC7LDKpwl}`UUQ9Cvkz`l@ui}8u8x-I)$qWcSxvDHkb%v>7t60u3EyANZ zyj7-t&LubxjW7;{dPTwD<^m>(3?q>^M1Hc6klR%Zyt}>!Jduyuv)x{*;8JtnOTgT8 zWHxCxfGJcd$xjb@d*BnenT!JD=PXjY4xxa>27{*-JYOxrxMy(GBI^Oy28uHp+T(qH z*D0v*lrQ=bjy%YO(DWz$%tr;hql5ln=vBgFhPsVD9!qevzh8#OqejgmCK7m35V~(SpW*1UG)U%^rJwbo3K*;F zJrpoDm>Mu;bXx;dD7+s)&VkInlk=!4FrO^r5TzRP-IWupDJ(X}%7n?8R{*mq;Y_AB z*Z<^+vbxG&4gddmFgEnR(PXgo|3AuO$^Z0qwZH7ZVp;X8efCs>D73ul^N^1%QMDvJ zQooBSy2E58QYF?@JUtaquDn_`+9#BdRDUg6l=+tx3T!GYkkJ7}F{#dGNriG<7AVTB z0xHK}2bh+j$O6$s%C(MWG-_}(d^LfUXl$;zm%GMV$lBU!9n0OY0-LR-=0xL)5bujT z>h^u8D%BFp(Qw$CaBbCGWAgu+nzT_X*P*lVw`pn-Ns?w%{y#|)E=ho%$wN$!PPL)S zYNT^^#wm64v`V-xn9acnomPXyUnTED=_ut!OL-1FOfNB99e#e?MuhnA2n0yrHWK8g zFGz&&b-#|``xSC1gA!6co{E_O3_Af-=#(ayOUWd1Pzu+m3rsUPcAHJe7C3~S|K;%r zBc+6=#-eSB%+at1M_AY-yWa-OZ$`c_gLWT*T`6?AjH<7#)Hirq*ngtN1KNM1zUluT zvEp0%?-8DF&;FBXcof}1L-D{ z%|fFFr;+{VqVdbwf40_cu>YJ5yO;eZ!Dqo~`_AnQRaGG`Ih< zl$`Yqzzz1_q(3$D|BQRn?f&1RJl~xCrzC&9hY4t;pEa#Odz#zFHUuBS2CQfP#q%#= z{1v^p(f*SJ)P*MhtO9F6zQJ^JkXwRgB5wfJMt5t&Fz+*K5m);+L|<)cXNI+fd04@2JY0v>FfI#VYRg)hm^NUs3Myw34L~)tG0ov=hpDcm`7qdA_9mMXUl66s z==?Hh?Uv^^$NXEji;D+)<9@GAa~RrRl#6X`?%&1J-2Ug64m8;P-Dv+0hduND@6mAB z+uHw+@qBakzqq919;QDBV72;7_kTRL!LQspc^{j<0JFjD4{px5(Rx(eJL~m4qd)k+ z>WQU?aSrJBXj%+-y}$+|y9}+3S#3dCWiD^9cR4gwB@izr!|9=>4Jh5bK?leOY@>z4 z+EB7`R5IG2Z@*>6FFa?Sjrm`PrThO!gWhDT|2@X@&FO#qrY4K}S5Nt4wXM3J zc>&a8tA52r!XiHb327_cFNafTdF)ly_Kt?DP?hp(iWa99m714!(XmC1)4uCkTpeh3 zHBO<;s>qd*7FAkka%Q>!220#zwW6V>%at#mE)d&YCC1I%b+w^QLSIbuz4i(b10cX? z>X6cn8)ZCiS~GnpBfB~Dy4sKx!&Yr@J$2;&D#hXcJ2;#1`xTnr{@s4Lp)-C=59f_QuJ6uh;MCpn~0D^?fQV@{<9g8`!7D64T zm_$3j{bm!8%Iskk+47#H`L#*6Xzc;-#p~BzaR<_Fh?5j}KOSFt?BBn5@)o2DMZ$rE z)e?zSDGHviD30b={sIN75J&T~c|`Kpryr5O;(5b&0O-hUtSItPmSJxRQ-5*#F{Vgd zwS1K4-|T=}B$JrmBAMGfdq~U_DngIInR=_KXz5YuCKZu0w<|vDkQg4GCtVXBdUYj% z;0J`~i}VQeHLhoj<^s~-zN5)teDTo~NLZ~b#a{ivWDu_S{bqz-Bbwz*?EIcav|>Cjxu9_SVy^0Fm5lq$Sgd!S5fdzM}FJzM74Qsnkow*HItxhzmjePeKD zO&4u!V{9e=$^%loUm4b=FfU%-riXKL%SNxXGDe z$9=ynMnayDjLJX;=M{(e&zhDXb~JR-!o+;L&DM3F-LEEZg@5h_@le{-cYoCLPFC4; zoLJX$ftz`?ul z13uRc0r6!$3tx;One z*2CnkA5>2-^y1MvpURyg6A~lnMA>A0-bpmK)EcdS**}U|O#ml~J$=^|t{k`Uhwt%M z>ze5#6i^HB0?={&muF$^H*IWB=ZKG8j;RbV!+;}~LLZ-gx6)v%uxc{#$E47TKXm?W z2vKz+%y{@9CZ9=3YB>$UVa&e>RWO`(Gq2#dqcO-$#WVHc{8K$NP3z%$m~iiT#T>+h z!%-Wxm?fw`;?KRV0LU@t4T8qsqq{fUY=Q?={qvs&mZ6f74D&JbX|amp`Bxx{d9|th z2{o_uT+V2w*~c`=o0W}A7h~bkJzj`<*M-%T3B6CC-y}X6Pfr01<~X-sUxmLuXH9KS z02j#6|D#A;Tmve91at}!0W;#NmIOjPFt%lZIjo<8$XC%e+kD>-NeQal%;1aSoaEcC zL1I>W)1uDcqBoe;9G7ln9jPM!Lz6paY*X#y+I4*CXi6OIQ;Z!1FxzCz$$wvd$F-Y` z^$&rn-Jmxx(7hwoph4yK$d>%B>Evxz&TD7%a#_W|ydSw|oNa86@YE008=F@u`t7NQ zQL*ZFPm;-tj4`qeMiKDq5>HjBEk;d3o2K#~_oUDdM;a()>PPZXC5Eump+0d8nA8un zX{V%x76b}#-MPSRkYS8BCUGGCL=KZO5>-Sc^k|G3UStfG(JsuiR-K39q%^2$)=@mw zG54;py$j_t%rXTRwadO*@@oy;oxC$-AFj-n={S#u4h$>#Vur@;KExyQVy=E!?ne^A z%%H~CQaWG(9q{kIkCPztPVmbppfeS?)UqW20%qEvgp&SJ1+pa+Hma%U%4gSvJ11+X zVbrFojqxX^INnH+pcHVCUD~6O3Z^?^sjXPLG#*J)$5_cguR^?_c$ zSE5Q`^ZOAN$yz{GLHW`In*Fl)r{4rUs5utEIDvB6On?Iuj{QTQ;Dk!+0ECTEF&(yl zX>SU%uK+DgJO4*-=AugtT=r?79Ko#8ve`ed+n>fa*d07gG<7pJ6?A&nZS|wGko!9N z-?uMprvPV@58@|45+GnL-*y(L(>Oc;IHzPs2HF~{N`iI-wP~T4o?&Vw^so#Ihqu;= zjaj{lhzJw+gf>aDnLeqW8@isaqN8}hx3U}LD`2SpoU4rY&?7-o$g z%4n|HS`fYys*=I*>V~9%Q#R(hfONCMQnRu#nPu}kFej4{hPbE4e)~ug{FOZKUJEEE z824tTWEU`q;RKQd)Ui&k#ZSP6U;gLvhXKJD&kY{KJi%O~C5>*Az#^_Lxuhqen(sfP zuL}`TlwM3sudhEJv&c)ftxsFAtiTdYEzvE$lJx1Edvs-0{a69BY`- zk`FoM_jv~_bGf*aq%`Y1E?b>4GS<-~1a+?UD)12%KRjyoFnoLdRey=%L$Ot7 zr?w5O`xRk5s%8egM63dOSGr*FjlnEgFO`l_cg#_f%6SezwioUUv;r0ZkL6Y5V!{;s$X8tWUXG4tgYSTrvSD!VsoYshi!)SA) z^;Z*acz!FHA}rI4ICk(#CQV*g?e=#`s(0$PeOebWIRHF;KdJ^Yrkz3UHtQ3&*2ieJN3KY2LqDJMFSfXB8UCvt*w1WQUuvLvVj6_4>9NdZeh z1G$Akn()g6nNq1%M63D4NQNo+AH72<#ogl@U4j+thZPQ`1TcepmwbaLPuf0IZF<#Qdh>KXkLS}Ma^cHEAZ8yC3HLN`yB`oy zY_%H$IJ3J2c;!Sq1hh+!qm`{i7`2}S?;X7!Y`>j9brH_aMKEWBrV*Zc$I9>YjZ5=Ijo53yb<6zQ+H_|9?NiOs{l*0nd{KWw{Y zN@4O}Hs}vFKGeNk3HmSCOZOX-Yz@DJk_TNFkvRzX!JUgm?S6O=o0)Y|m$;-jm-rZ_ zpPCzvAjW0Xn$i|`bO{Bgc|_(Vm?2Pu?d0bL`8zNfr)kx3Xcba9Mym@RVjJRt7kTwN z7dVmc-`n_P9j+|dzc&_N@tC3L$x5+6&K_0e;a_|s_ft;dj+kp%_!V%8gM%i=JUBYe_7I;%W+%islgv2@Ln^q=sf zppuLic2znHZY*##i5R9llbp%HfMDIb-BYU}0Cn#maaQr3@GRhIWU;UVz)E2M5&)zC zd;(G;)&h-vh0DmzK7J7XpaKImex9H$8##ceLBm)weJz_&BVuu8>Ple?Yf7R|Tvn>6 zuK&IhD$n_05AT|_6fWzmZ%QPOP8hC>mS*Tz-Q6_)o(^S0x_yhxz5=jRz6T(BZ+_)V zc+oudeWI)lp8IP_o>BDFAK|SRJm^Vzrs8b;KSsGy`pJt!**=>#pqdM59!;DYK^$r= zq66Tj*a@&>yFzTc1TYgcejjGY-Cn)N-*Zjo$f(v`gG>!yX4&*Y%+eYMy##>3c8emF zIKlY+AujkAOn zr!JDUP}U}z-yhomYXOahLQmeCQ1qqiF?LvMZdF7mFV2Aj(zNb=O+OSifK)EQAsV!Z z%WbOYZ<>I-)PSePvYfs27eGT5L)#)Q?#)g9=4{zW`f0zCWUM`&7W1oMH=Dy1V)JLr zG=5IafiaHFjP9Fuwv@C4ZHhY8@G&ej-)54=*;@E%0IdT0+b+wei_7Qf+!Ej;+3xf7 zkS}N8Gv*BMuKhdVl?j8h^)yqhSV;G9rab(ULM==hagRY}Ib0(|?d`@Q zP|;W9z|D-FB9dOseH@LpGFDtpA-*D@$+Q+ZdSg;8>7KyLFQQ_v4N8rM2QkIkrF)v8 zYNB$U>AJ)Ch%lX;LmS|~vGxoQ#Ru&6>jFad9euum%aHU3fW9y6m@L%Oi{4^L^d0PG zVlO#14pgUfbPN0a=L0gECO}qA?s@l(Oqv>2R4o2CJZpx)?Gaq|3cwZkqt1{m*ZBa- zhkL&}birnVAPF5i8v^QZ(KA-BY1(RB-LBHTuVJkLK`vp`59gI*NNj$NJ0tlgisV z8cr|{IP?cTeABCavLbpKudCbuH6DN<$S7erVNdED!MAkGazv2}OA-l=Y5fyp~jZkSF20D?!#7QeL zs6wovPW+!YLk-8fW&pPuIOMSY{4q^#UjVN8$DaW02LKRG#s6?HJ^|prP;P!2#NVg9 z^;Lda)#Ez*b#1H$?sswbjtFzw#Dn!ig*777#SnH7DRX1a|4_DVwsm_(T+K(I?CP(nQnMd(4_#+@blXj-^&4j-L8N7TQC`* z(E27waNhV3un0xxXFc$wvmX4i_kwJSzCpaR%b>caZ7a&V^6R-U&Tw+JE&jTL5Kw;# zzBUAyd;_wezTE*pQ!r@2EH?nshx*k4KFy&M%vemP159?I*Um#|WrD^-sK=c)f}Dd* zE9G+pS8pn~30W-lk-LFLFfvU@H{B<`#p|2#-=94InPtNZAcE&ku=ERX=g6{s4;b}S z{WieSto*dOy^ID$Q;m2(SGSARmrXsR z(0XV>~^`}Hd5ys+7IrxzQXb&ofWGTFA` zL!-?GVkY-TyQeZEx~e|WPY5GkS~rY$-yO>wKzCkT7J6c0}W&tHY0um&R^cmKX)rucSrtvvHt?h48tJCuw0v`fJKz+e_XoD zz(C*HPj(WnGnyZ6y3M2sNS*0v$xM%wWEq^Ul+)GSU4`!WC0Ct2zroG^`c^OuJp1Ow z3a7XK#+d!}5nu}p=@8pq1O;aX9o*ls4`2$YN-s0^B)2|lN=M{u+fo? zV1|~h`F^7I8BpmyZ2rC%ed7d{Lnd19SvW$1rb^HfueyytajAnJR7@rP5DZMG62T~w zq#zFBv(TCvi~Mv;t3QhHQ&Uf2EJ~Ua*G{Ty`dLg;UUu$fBS70S;KQKuf`*(kE}*xPnHNP)=MT0bQ?ueaSS%_JY9V(^h< zq${{Ul%(ug>Cr!odiKS9Rt+K~P)sU)`A4eVMR}OIzCtC1muTTXH(RmZ9gmqx+$(iIvtWCus!pn%Tbz_ zQyfho-vzY9F)^&Lhn&lM?3ToC@}0F35vhcnBv)jH9IaaO!hW^bMlmQc&PwV>p%;-y zp{YWfDLo2c0jV&St#I50v63wdsg~@LtRpDytjQlawSr~w`yd&QSN~()TffL=Yx6d4 zRkB8%AwKGjv2<{_bz|!&t82S`nztsa{5ljzOw^KirFm)RQ z?Ow%YCJ&uWUm0VU{fp}Ii`6<=O-;fWFKCf3pr?BkB9rz4GiTwdpWp9&A#VLr(>!h^ z z##mchgq0AgKWh#5kptC1s-jkq8w0wCsv))sT|lcT?n6T#zb&yb(D(Z?p;R=!UF1K^ zJ_Ekym-qnl*}!Ri$ma`4M`U?9eAt9hCULiF4pYL1D1kM$FI3AyS*`?iA(Z~QI3_x@ zwh$HnW2|@eyms<#DMM*$P3n$UZmR+yK%DbECH!E0hh=loBt_jU%zLcz$iOx(j&f@Oc?fCx8&MIw(8Sw zzxhs+_u)$4b}TyssRJ=U^GPy_3{S!3e{wZl5o_FhT=dS%mp6l(e5T#eq2YsKjgEio z1)Tnn7*G-(nn5dN3Z&-S03`~RaXr#JywX|7t^J$uRr+@6^=GjT=Fhs@Xh^_>!#=!)L(=D1F6$6USmwx>KH!uV!qNGwNkVu z4PLC+Q|0ak_=RL%wY8~IuUBO%f@;a~j< za&P&!{w+!%9AkieQ|leT8lhb4OCR6F;;(PufDT}S_=&oQKqdU#sRGf#Gz@_gQo=JP zq`1jC=)&>ORn91S)7GV;c%SbQGY;4BXn4S}PJr!WW)Xqw1{>2qhldr#o8FDQRKV+_IQ_V^O{Jk#wQW14dZt^X`Jf0T1OMxD9<_t_yGH#(fqV;wCBZLnN2A3xU2#rM zoo~qxbAUHe)D!&&C@4-a>F@6XRhoZ{`=gx0KFqI}Rl!I~ip76BjUB9o8gpQ%ynU); z>{I6*B(Q7C0n|#u^cekecYTMw9e~|@+b=-;!=E`o-I3`l7y%LeyKI`bbNcR7Cce!? zuObFXMuCghNwp8PzsKzHd5txsvel@1$d+|Ne5tT?^sL{~*y_9sMiFDhuPXSSa02RJ zuzDQJN*Y1k5Kl2;e@TkZgH}`7lM1OC$SlBjsy8 z&d%WAVES6rEGinkkjEFw{UwIjQb?Xg0&)l^@;D*_|GyH9{O_(8M27`{*%nvdvr3ML z*S`P~TtUWu zFkCl~5(M47 z>RSWJg?t4kUxAPxPk}YIvtCkCH7{BrN>Hx`X ze7;HL^dWp_FN()$h)O}_^t^ZvJtJV%)A|8G$MC#=C7*tEEZlL+^==fM!{+#HnB+Kr0Xj=_Q31&ccHasPhB}}PnSkt< zfS0l_dO$$R>F*mrq;8BFjUcU(#^R|N=FDsWt~Y;vDUw^BpNb}X{mw71Q%rmwpM3ACsYn#W}7XtX#{xobr!u;nnH66hTz-3fq`3C;Y~s&NlF-97O=?ox@#p zt4(-Y?Bdx}bq0PzyI2Qu3?dPM=mwamltF(`ot<%1JIYjDTVkPkegrTd1apl`ZM#A z2)0{*+?1Pu8^r(ErS~bXeR!uP%rnT8Q1?1|){-FzUaXl3%QU~kuYT)^jMd8vgHE!L zfO{eO6H@zK``+>^RPh>2^SPmz>gUvpk5W}pDgh> z%@2(+N_dQLLxLn+CkO(Ghw{K8l(JW(AgnU@WB!=n+*_g0lTTUhwOHz`{dg)A`$9m= zDr9}JBckMx4NHA!1XeaOXsm5)cvdH|5$DY^`x|feLB$#Y+?hRh~$EShtxBSaV zzH2@pyGL{CWnFN6_K0DF5oB8k;EoxBjil7{Ajg6V%2l=(Ob1db6Q%&Jq5vNYi&KRIvPD*fsjwNNw%zOa zZov1Vz~^o5ZSM!tXO-XU<_*wM;m9%|AZ~H^B3$bHE2S1}TVVzE=SP+lQcdkZTdtg@!Myw@@MH?dm#?Ni~X1vlF-1*X=yE zXBQ1dmq@r+_#CRdwoBcEcqz!bDahI?JDgO6n$+ng9(WMzay%9?T&Ld6Q`3FnlZtU_ z{KnCZII1yfyUPdump@)&e!Ns`=hT^iIi~CqiYdvOvR*1FvNapbPvuo-_Owp(v1zY& zt;S%;5fF0N+`l?H)PLCux;{$rlhElo7kG>pZjkbuYy|{qnyL+=%8Oq@C!5z2%5H)C z?^$jNZ??)kw&H7UuEZG)5`oa-IO`?UDE|{M9SIOggX!mj0u_d}I3Vs7C%UXL8eC?s z(ZolWuvo@Lma&L^n#rQdUCvMAvH4Zuu$3*5DC=-a;&nyTk%!fsz_%bpppmR=!Ty4L zDc5Qn`5po7rrsR7ZCm?@OuG^-(`Qw?gS8P`we>i9{oYjQzfixRpnD-jdrc-TwSny( zLGgeqAXMywNU0bvM-+6%eU}{5_8DpQkF+Gx36tuEY=o1x?49}Br#Z{TwkO29h-q+z z_v{**FSm%iLv-&p^jj}uo{ZI+IJaI*+I*!>YH*ylGNYRzwzlVQS$uI--O~nh@J@x6 zk56&*GtW~?>ot1|drMCT`90V`ib6RP8DW2tA_T)u4*za|%X3aS_YqQxDgN8v!n-6t zAFpR!wtzL+>T^Wo?P-s5C;H{~JnpTYiId%$H0BriQKqM#&P%)qG*T!qj$jTVDIO|K zff$e=qfNLMcj-mA;dSKHh=|v2Ndo$LDwXvoi)@`!t|}&1$nx zm>An`H$-wETBWc^C`7E!NMvI_;}};^+1+lsN#FT>Bw#w}`H2Po+`tX5U?fz%2WPIY z27q$HNVxn9`Y%^<9In`Zg;TlGAVs=PdcrHsDyDQ)9BSc@nJY1mb`Uwh9d{`9s8*l3 zb@_zntiU$4tWldmUcb)yUS*gbGP75J*mXt7fi70#E1qrlsqAaHeUdkS(z|ie$Smk9 zLVd5oK@H&p0-sbuak+P$x1`d3@2>C*^Sadu=C07Ji?X!wrt+E~)zeJ!Q^&?+T^psc z>CIw5CKG#16+M!a>~x?cF=}vv_rv5M3p#n_!O(arBuW4o$~*v%5>{se*b$~(lH)r3 z`8A`#0m4q`fCHRQsmlSv>gUA35{_1b1@vH$el=+kyzM6SonF z^R!7dCaJ(5`v*mv2Tf*Es9b;Ap9+Az22@dtW7>@?6#v7OzYexAeT^iaz+)y75ta{s z62B)WH2$m;4~^7@t*sf_n#cjISzsGOq)1ECQ|m38L%d>jSnC@Hx<_yxtSwF-ktt%? zbk%$728#oj?Az@})GkK`2uEw*4kg{ZU?r^sICkby?FiU&M2iRcX-VVSU5A+RJcv>^}xUsq*XU8tm&NIM^bVB{0M-U+Z{3zYqKJ`}lqQ-9K-x z*O%Ah>*aU(1^s|&DQ`E3Zr)&U1@96PFn#@QP%cm=sed`xR^1Zsi0Rt9({&OIsO;AC zMZdx$ai~eEcAeWQ1^I!1LK(DLbw6>@uUhe?F%%_Iaj_>}@I|C__aB-EWMOSoMy;H2 zNf_b8oLuU6Ie$T-uFJOOBy+BvA|sV-P?_1ph9pr@wS6#Va#5#o64)uC65}n_PU*SV zml6tplOyXi9~BNHMZn42(1t5CkFU+W=Bi`$iT;!!Xf+=f4IxKnPvf(kN%G1bokrL? zU$fgo(zEqk%R)p(N+khs-1Cux=C%SVrI!+iji*v+lFt<7M&E z>c)bzlKI`jN~_>ar^4J}7q06xL=R+F6AA~u?vq%Ya&tX5u#Xbp;Q3TI0T+deuk(U= z3M^U!W+OaZzqPDtWa-~x#}|II8Ub%7G4bhn(y^SanKn78r#~>>$M9|bmnL+I4*N8T zxs9GhXO^&(XK4{A`;G{yxl7%T6;#L3 zhOrT`J+Nl^AZF(>skURoHPd5totxt{h(Fip1D(RYvz$+l89aDnX!>}nc|Ge6H_%>) z#^z2d93!NWtwRF=ym-#?LDI@arhe3O!4@f&Qmy-M9Y_Om?Is`72A}Gtuc1@_(Q43c zWKMI8momnlSZmvQ*@Wl8ma5TE$Ht~IF0f1QzkHxqo?ChU_CJ!&V|Hw_+hg^zx<}kH z9q4_{E2{v{@ctF>xcqHdP92k-J7Ea?ZP~73tVOii-4No~sk4Xq^Ui*?@5++mz2xE$ zlg`bbWPP}_auA*Yk85wzQ974l-33m8%z9>+!+oP}y&8%S3R3tkTSP27J|frQac7(G zhLZ_wUDgaNSuO-^ke!-~S&3#K8;B|i-l#R4_sW!BwyB@LhfA+&sCDLzm#K6@(Gpld z3kMq~>XWb9pQh9p3j~5jD`6Cj8HA*W;Bn&~Ev&xRKDG1~)<03MKy^UJ$8MYztQX

&wjN6T}6 zK~`0j^k~4)5=tHvo--l*?r~z5>)Wwm8RUe(EZb)i@5sbw5gC)>;lTsiR^yj$}w zHcyWr@_-pWqARsUtsAQ-J1#9EUd9Ij(s2Uz>oyGU6^?y<;s$1!6|qQJDMuo9AaR_1;^Le*S01z%U~aS_-G+ph zkA&Z-nAD;7*CK-`Jf0O)nt&Z$Nwthl;?8+r0n5dS_5h3c_0V;e?oYTwYs=!jFO}2^ zu+KkLM%5`~s(?!<+eA}$7;)&qtad{ycZ->la~ug0dH$x7T#<@Si+kOU62;E?qZUrl z$-*|DLj3ZaK6nc#UeGmv)B}Ii!4D^(26rDl7M=F1pkZ@Lf4sF#q}@G}-Xubb-`++! z-Ywa?CUYsxGbxS=3M~Y%3i^?sc6bF3MhD*j9v)Ocx zZkmAB;oV-`6k^wBFC7a+Nj>LRs>Qn_n}=JY-b9cyXh z$B0El6jD6pR9=K&(von-8DxYoh`M$S@b@cHG%$kY2%8)8=928uw2iM3c4-zv*gWYn@9@^TZX#0kYKfRQe?3KpI!6J*z% zLvGdIF;(W3(B4wkSE&x7ergI-1W*KKSv0aE0T1FMsfZuiyOI8u6c|v@z*UoWRO}K1 zowS+Id&PfDogq$HIyjZ_i{k9yItt7G+2(68Y=_xeBGT2rh!@9M@CDRq)$3wqv@+rs z-J+#v03Nh3$LGRz{{}USaW4teD{45?Ju2jAje+Syc4Z)VTe<5QoGnf(k}VESken!c zL*?%I^5ah=ifO!}kf=ps9@j8lM4fQnyDXLBL}+VL8+$H9oN#lbt-?%EjhMv-x0uDb zNGF^sW_fGUW|Wq{IiN~H%DtHDr`6fixWXw3n(dOQqy-^TtSy#IPB?X<8mdbTZmLUj zkNH6rS1==3UK%{_c%%x4*yttb1Q7&>CmFBXYvM8yEMV z6#gv6EKn^gCr6b8qWkMK2@$voxI{bVxe?Hu<~SRtfe^-5O(2eYj%W zRsKBKp_t4t?pBekHR&C(P3ir{E~St*+Io#8I(nIpt+Tw`eRc`!63{HIjH2Qk0S+M` zG?D((p}S8r31o`s$EKBIDlk|imq%mx@=}P&)?)i=Tr9%o0c#Jp18)!46Aj{5?JB&g zH&5HfFNrB1vm&O;N+D@Sa0(T21XpL11@H0j{re0AO8ylSx`~SAE z-y1x^4Yy<=bn&e7ys6FNrAYC!TzM;AZpr?#F4HfBW@gb{38fWOo_v&iFmA(>^(qFZw%AkpxCLU(RgW;P+&I<030JrfO43M;rpJ!6@Sj4Ie!Idnrvz|k~|gp7Z(zC`X`UORlVgwmy= za@ENQKQH@d(EMXIqVD>%QYJ@1=l4S;@l1Ic*DY_Hg>OH`v_=BdCjpZ`=New={Wqb_ zSftQ#QSb8oF}n}c(*+pAaZsds+ricD=5H5l#<3Gh*#T$>Ftjh`V_c{%o0J>SCTY;j zaoVR`xhAJzE1OdDDq40Gl}hTC$Yo@u=)Z36sOvP^2s0A4w z;V3IJ_CH^vUa8ZV4}UR}3rM47O6ce>{iv`&LCW6#<$u;01AGj2xt-fcWgV+LVs2xZ z%fALK&;G(lq`796!;1TcKWkAxbJytz4i!U99BnNoGm>}-_J;r>M3F=NP2@%Tsrfa< z82&@fk2vBV_?^LDWk_m18|usEn25u|i?|b@3^|i`WdHsK^=NKWt!g#I`M)iWlWQ7F zAJ4_%;^%SW5pvZ%A*wq?`f<3i$RAB&iTGp8&YkIQpDN32*pPd_Sn){B=9CP}l@>+M zy8*Qj7nR${e=iM+urVU8{S$OHS@_LiR%PGI$+;loHqDa*}h%{HxC!+!5MTkoBVK=t{gj*$Z~wS+_Hu8Fr`b3RWw>;+fE0 z#zMO9DCg3+dHRk>5;ilt*?8n#0y6vz_a9>6GLiPihz@CUhjXdNn#xuVUYjWJN-gE= zeifUn{1!9v>mxvyD%8$U@u6Fz<|)#Mx*^geA&crwY&eFF6BExvaNk)Z?5;=@CX0yYR^Mgq>BBo+rAkqcgk);Rg9$-*9ydwdRA zaDjULUT};13<&gaUS3A^#7J<2{|GbF?3p&5B9tt__9{WNQ}OG8362pcD#6k92kIUa z{>Qi2`&lp$u=)om$|!?u;%we<3y|{8c!Y*v_Uc?mMVTc26(+DwDMc_Wt^!iZjv))k zFybP&XnP%P(Us=PXXUPl1%3Tzafw`%Or~tnzc2F*z7^8%H%30zqw&EH)s%8*fWWc?uf= zSBywNUjU@h&4Df}i_-hbS^XcpD>yKDx5JIRhu>Q9EbXToWK0ENxJh_;BsR0;d){lB<;N``49GE==4G8+w zv4{D5_YeEpMA9Ll&Zu_`OcKGs`0SH8^9_J4#zc4l80a5HFTeWF`HWv)y}aih5&<2G zRHnkd_?ZUTq`H7N3PW+YsqfpPMbmsDXPL3 z8>5&=9^@lEj`tx#W6J*k`-#nbeSr!@Qq+g9 z`Te^+oU4>Oy91PtVaf>xc5rofXkW=R5H>|HI z41=fy0i!W`&xv)Q^7Aa`!768rR}{`oMAb}v*7W7NmV{m_XNXK@yG zE?jQR#g{;V4MvRR&vcWn7DeESZTpb{7pOnuh+4(h6=8q1`Y)iJrZ4& z==z-u3AhQ~E<|9_e%m=ix?jg12e#xlaXVr};%X-2nd;Hk4~0 z{Y;~NF{s*gpZ|#jjri7KJw}x$$>`7qLIOsJ=X8?wyh$p14+PW0$(^SfVqP9ZWet|; zI9Cm?O-@)+On|i!1JbiLnN{fTWd>IkQBFMQD}+6aQOMg1HUjz(m0+s>xEe-kL_@{~ zSCR%ilstw5(m`A!nJccF@bb7uM={;7b2wb^*VD*;`+l$<#4ufKsHw!SC-(Y>g|!A0%jdT z867N_%i$fWvs@CEI8_2=s%m(e^Yn!+6iHIFijJ{*Ki7{`Rz!)qQ*teFD}cLUr+Hfo?5F6B?6gA%~^3mb^NI~VJgfzmyW4# zInd^XxMO&_Tq?Yxr03{DT0UA&s}anG-A)i{Fzjam5QGmui0G$R*$j=nWg4C-R~m=@{`lTk^v=Xddj$_|t4JuKk) zfG?eVH{~E7n!x?$z;f2oT?6G6EJ89rF;5qC2Q|4&p~qHbllT6Aeqz;^nE4sZSNL8C zKRB`5$tEt!4@{84XJ6s1TtqYRege>=UQ=r}ho%mAPen+_Wj#3{cl2{Swx`ceHve_* ztwdUgeKz%f2Lpw#_KjJYQ9h){b@u(8j#2@E!SOHQMYNIQMX3?O{i=q{p!Rby(@`n+ zNz|xo!xO>hMU#{k`*9pAL^^gX=TcF+yo**dSe`KYta<$_zvSGBsQrj2o{z1}Hgd!K zFn%CMV~I)CI852{HZZWJk~TUSIya(EOaWb2nG!(>PzPx?Cl&Ri%z##~nEp``&^JM= zN*Q{vX~&h|T%c4W)o*{vhGKqHn#Rf6n~h=qR9ZPeqr+Fz)@IRKGm;uMhta%a@Prq| zGiA-)RMjdiC&EP)NzJf{bL9XgH&@ft{^3nK4%IZ*L@E@88bqdnbso&*7zC7BKDQYk z?r|7|=*eqW9!oGMXL2vd>(^U@51%Rx$WK}ylQ z>$u}3gIE%0F$&_NS7_oilp3HVxb=Vk1&6M2+8#Eqb4xLXR%%>4m;{N`z(9cxp@o9x zR(0vaJ-+=duZdXN#?-IHNre>%bHTsCpG{?Z-5m!*8c8l5AchMs4k5TAX2Y2&bL8MY zn^j~&`o$VBM;QNs?#X)jQ7jM)nuUjiY!8*Z*Dv@8{q5?@R8tmiVu7*lI<@K%sZ24_ zem5d*>TYh{k69fIu2o8QXGEo)gnX6XME$uNvkVCuxJM~+C#bcZkg2$*sh;8p$J*kY zRAEo_BE}rpl1*3TWs}cLkp>cJWK!4}G{|K{%9v z6gD?E?b7!pdgDdA&7Y$a8s>sf(H^W_qWy3jfz*HcX|3)%dD5bZg|Z3D3=B@op2f*tpO zsURk6P9y|tu5Kv=PfoB^tw`w~4!UJBIw{hE{A3xlspqXVoUi-d z!%%FQVS|1s25CliG2ms|YT8@<;p5S|RH@n~pLZvzYb(oCFv4*$6}2o820I!vCe?dP ze{6VC95D2(vz&~ZF@tg{E(^_3FCH)WAD@T{+|Fn6~gKxDB&?9YiCr=e#w}4+Qc6Y@_BO zk$+8-54>I2=qW)%CXLIoWy+k%u#PJO`7R;(REEcTS97^<`rk?{1jdP&l$S8zCbTd(c*l$e0O<< zzW@DqfhYv zQ%B#VTlX?rPsCYn2#-l~i(upFNroYt+ii;K|T1>MvNuuCa0^e=Sd>p$` z5yyfl7{zDLF-ek~W&|=U1Rk1{VuON4xnjQc&0;q@1|d!m(@pdn$eVGE`&E$+ki}Mp zis>!$XFpfcyt)sLBzZ>VuRW3nJ<*b*F52KU6=c0yh}Ie5s;hVoJofQ>7l&b2q3`Al zOj9HexXm)&&ekbp(^SvM5SX43`TXRxUBwA+}DyT*q~4{aBKZ%chc zU`2d_M<6*#YmaG#WGYkwgk~t zH6{nm31!2FS`#*yCf{o~u1%^d9v#qrjjO3yGyMooAR#>XV*ViZKWsu$5`cVtu$*yiCPf3ZsCjl$gS-9Ugm`(DydBz!}|FeZY#^9I$} zhy_f`={Pa`8Er&g)wLPLz3dxi&FsR8>V%fzg~1xrr0Zi&0~uThA~1_2b*h7MrRNzY z5&d945oZ{1!W0KYb5$`x8=TVsqRcKpWac0xa^w1)Gh^ap=l!+bl{!We>4S2Ex>L0B;f1r)dd{M zk}bk24~1ZzupEiQP-orz{Rh-{`=hRR3?dy@)^_4($w97sy|tmWDfFPYA?4Dqd=IRU zntL=>XnizR^`$H#zDL-y+sb%09YAl87$&81rMRtFL6X$GPD86Lu7N?Tw#V}3O*5O( zLac`R2WB$0S3V@kR{RN47Ahhk!ycH?8X}qev28eK-U!JKdP@;mw$lfKbVAca-t)>k zVrz>3NFKPZd+MTBAWUaO5VMiiB%GkW2GFr2N1&M{@wR*ny>Rw{gyQ5>$Q#JdLWo1@&ITkKN{w=yXp@P4zIQ`O*0y zJB<${hE!U&XM|j@$u0yC?^J|qPO=S6@de)<~MwwF>-uxS3VI1K4U9>b~W^=T6$ z!w3&XlfirzOeWJ=5D|Y)rsMHEn2ZOLaWwWOli_R}1<~XHJz9a(5x;w9rwk`A7DI2uMI?9W0! z?DwZre>x$7KZ%0jbkgq+{b1A&hocY=hF&o826!|Zj}H-KP0vS`eK13LK*O#!Z#pJw zKwYA>_v&dU#1@w65>~1a%n4P3#SWPJD}g&NR|8oZ79K~MTuF6Zz^Mb%7N%`VxU2jL z{Hzo%i27gs&?V)`nXu5d#O!j`w=5K5c&si=vf{;_JWwowFcwLPw85zmx4oPEh{!`5 z%)?l)jc;t@)G7cuw$oGPQ zH;;xhZ#Wqb`os^1{Ye-N@HCvv{Lx_S&x6s-A9}}8rMG{@hjwW5+l?P5As!i~V=^l& z%ql{qjar@fyi036ew(*}cBP2%hV5uD&K1GoyNu@K=OmDZ&-1dSG0B%1q%tGGl?sVe z7?|3jpqfcZX2U{av>z44FNbT(ip*T7q_V-Y|98LbEPMA#s=BIVtagQU1%7_oIu`qb zp@iyL4TxI&^TIT12KfL+ZqFvj>usP_lHo;+>845jd=-JY|07OR%@!z-mmu8{1)^uC z)J~Oa#XJ|US1}b?$6f>itc;sxKGxUA;dlg;4ZRmcHR~LqrVc0qcPi&IVySfEiMsNs`?G4LYvt=6DFICIyKmta$ zRPq|IaQfTMlA6!wKT?xcgyqDr$nX#SG8y?-L3nQ7sF7o}VYM&bY%cK$mj>$C<4Ol}7vZW?i9R)*N!DQKR#Rw0;%r0Y{e&du zL;{0^*Xre>cF!UK7cU9Xa|`t;Y)J_;DdM<;5>~$(QHVUi-bvm;P`XEliZr}I`|uZj z+lIVRMy-G)|EnuufxT~4VTmhOtwABjV#Eu-3x-(=wGm_nxVGJf<(4)TLTS!rdCnFJ z>oHd8U7&-j>Z}}^*P^S=%8SuE>d&7R9hBY$9Yi*1zP+SbM;XF8W$bCEEORQ(d+Ez= zrgMW+?R;pHBmSWtvk2-k=y2wZ$z|RP_0PjS?U#}RRX@!(TiLd|!D(IZv`*1-9Mzc1 z6gtiJ4pZ=@nJX-suA1ay7KU79Evv$U_NQ17_WOLrnQ$cl0kt(zN-i%s8~;@JM0*(6 zhX~ACO0EmW5P{;;)&#qs7|(&J%IXM=CRS}@69Xye?FlFmiy;e_8UMJf9^Mr~A>)Sn zhYHk7&%#j}pl;JMswl{A}Wc6wCfc(`)49(lcfmkF9 zPi@<%)9m1;fpv-F0`~Drzt5_fppe`h#SP4`NP3=T;@T)`n}m?uJ;fy07+MTl|C#*Z zMoL?j%hz5dO=SXpnG{FRc5STH=1d8w`@EeVLPtgA3N|V?Ku`7&Fk;Mo&N z1_jUlkkWw~fwsd*z1CCgM~!K(q)^58#TUBNN$;gvs%mJ>8blSIt84|zFs+j1rqd|| zSC(S1iKqma8{0UoupPi7jrW#Q?04q_**a&At^(n7oK#j`*=)N|x4*a9cFohz?{@@q zg;v7duk-DY@+VN6cHXF6iIxrbD$r^mkJ6rZ@P1*1jjwSAHvMKFl1UWP1{{qfX9&8Q zGU=6zs`#V$8{i6QRu>>7weE(5v}p7b=%7Q@B4@~XLpChiI^}x9DBq+JN6)X$-*kNp zJQ5sBTb`56sckodxl_hb4RVchBzh@VH47W;u8K}het&&H#>=UI8&9*{t$atk^Aj$UQOt?Jn>o4Dy@El^PUySA7sZX zV!zd?e{=@;6Q*saEIdD0CZwTehc0DV?f<|6AQrIK$Jgel^}2uA4GYAwy~Nq-cPHXM z3PIaB8&75({p|uukINt_=gj#TuGxD-`3C2~+UYoO`<~qoez@TzQ{U|ixS(B`>s}2X z*2E!Aon93S^8#6pi%wSN-Z<+Y;!$h!It9rJ80g2NvL3m52Zy&u=rr z|5Ym}tGV8yY_T`WxrFo;1D#8xdjsvPx7-tJw*%~9;dU0P=1{v`Ecb}EE4v;>+k~ni z0J>6Lt3R6b!y)!3Q!fgFQGY%d2J=BQ9D2cgIPhkJXfhcOi8t&M5{3OB=nwjXArAfi zz>B<~UZAZ;m5H*;D1)87FVE>hdara_6qq22GHW&$XEIbFP!&g2xTXr!^o}Hi^RCbcDf|V+!;7>lY0!Q%_~Pp3ZIr#%&!K(OTCKuy zwRgWkl?C=frHU`Did4mXQN9MzMa|e&Un#4hE&zEGx`PGXWr9WJC7R&uCL}sNN6G;h z{d9f3P(5|TkuGrqYd}2jiGP-+O2Vm?S*QCnVdXoH)7|?`;CV!eyq{gnH7_k*_0oZr z;c|6EoeXOvAzI0~IfLRMD|KO-guZ5R$TcioEJ3mB9jHz3u^U|CTwg52_;C|j0>cN* zptgO&a%H_Wp8DF{m<8N6LRTcj^q9qIAU*BsG+=AXvqX5*`YhkHeGtCx3N6t-@e-|$ z*^{l&U9gR>@kgS6-k2%2!>N8tD_SN_(W9 zY)w{yHoU}>uSY0pzhC||h5GkMpEjTe%AVD_{x!+7g5f@Lr|NhJVI4_b;vBf6vLbMQ z+9%#D48pJUoZnuW8`WZ0k2CK1Mi!Eiho;D*$W z9fGvDnfbVN-D;~2QuS@FSS&M%t?w^r66)$S0+t(;&kn2VRsGgR(*#f9dIZ>g)T(ED zRr>R~HQ-3-j{sZ3dq6hCeWng-g}0D+1<&>o#|!AzmQP?FD<5f{5Es!ThzngM0{iTa zD3@BO*)a|RbLJ7>Q;L0ULx&dBq;jni?Y zdCoa=Wm`!oGoS~GZMJ)M^YHx~As6!IYK#9>sFH~(fX=BYHW8NwUDo!Sn1lcxK z2~z50?Z~(c@K!?U1_-RVqnxU8Lpa&`EZj=udKN9WzPdOdqOm$db+OHzSzX+`x>Sa< zn>Xjn|L>d)Dl@ZCH5hI<$N@eZf~48r2T>u5jNZ|h+>(Fr z0LQS*l`XB~*abkv@~Kx6?Kr9KADV934}8T~{?Zt|^`$6aAAHNejwpY-k1epFqJXXo zb5!jvQ~&RP$=S4fT;(oZ;l?KP%U15HAUPx%*BQSV%w144eTg?TrVVvwgrG`O6zS)% zwMy5%Om8uH$gdW6qmKA@(u!o;B&aQ+P{lIG!H1fZLQ^G{S$M4W9khU)lgk3f>IYT6 z$NW;K)O+$=jNa+80Z^xDrhwmTlybSKAp9=tH-~I?vO6+XA3Jbn(hM zQhPuqEF_DTVpElX7~M{WWNBXUn&I#Tj&Tx@3=V|1x}BZ^m305uB9*3=tbhj@@!};; z_r6elBYo!xJzg ztV)0@NHWydP$?sVy}mSiQUP-1S#4PscHG~q6ad2{K=C9cUx^_K6~oceS((0W_#c=s z+Ezu?U)sz7Elz%b57u$qbI0(?MO6=|5q4nLX!u8N9Nu2+!yH1!xMbSyLaFCuDmCrZ zq7pG-b4mN4-lQ>kE|{yYnCoe$!fQLo!0VJe*COLw>vwxC5)H~=wf}?fWih+H9keQB z-x?Yz1gDQ{BIevKo~i(r(v;S08&I^|o_1Y}@T|g?+NY~8<>e3y5$ekOsz!SUVF`qC z&9q3UjCi?S7}`|3v+z5)`SjSqkjZh=;JX~)cgq@1+M%B3jRD;E-dfk! z|6Sc!>YA4?Uc!*zV2wyf;kJ}Q-sPgR!v!Oe)X2CsC|PiA$}Tokv2Uq)uygCnnSCwG z%DT9OCLz6}VS!_zs(jET%b}Dc&#}4l-rU-_*X{9+X5>e>+i{QIqYCO_j*k*iv*%+6 z$30vhrsqMN4R{*jZCuYCc!Rz-?~hDbQ_p8$vFdER6+g8x0w+x_1gO{U-VN5jFe zKkW}jgB~No%cH8?^8~`-vIg)KRG!$`8RsY&>PAt%wC)& zMH1?}dj!8c>mK_28!(n/ or mesh// or tag: strings. When set, the link will only show up for the specified devices, device groups or device tag. + filter: [] + myServer: + # - Allows administrators to backup the server from the My Server tab. This option can only enabled when the NeDB database is in use. For other databases, this option disabled and the setting is ignored. + Backup: true + # - Allows administrators to restore the server from the My Server tab. This option can only enabled when the NeDB database is in use. For other databases, this option disabled and the setting is ignored. + Restore: true + # - Allows administrators to see the server crash log the server from the My Server tab. + ErrorLog: true + # - Allows administrators to access the server console from the My Server tab. + Console: true + # - Allows administrators to access the server trace tab from from the My Server tab. + Trace: true + _passwordRequirements: + # - Minimum number of characters allowed for the account password. + min: null + # - Maximum number of characters allowed for the account password. + max: null + # - Minimum number of upper case characters required in the password. + upper: null + # - Minimum number of lower case characters required in the password. + lower: null + # - Minimum number of numeric characters required in the password. + numeric: null + # - Minimum number of non-alpha-numeric characters required in the password. + nonalpha: null + # - Number of days after which the user is required to change the account password. + reset: null + # - Set to false to disable email 2FA. + email2factor: true + # - Set to false to disable SMS 2FA. + sms2factor: true + # - Set to false to disable push notification 2FA. + push2factor: true + # - Set to false to disable one-time-password 2FA. + otp2factor: true + # - Set to false to disable user messaging 2FA. + msg2factor: true + # - Set to false to disable 2FA backup codes. + backupcode2factor: true + # - Set to false to disable single 2FA warning. + single2factorWarning: true + # - When set to true, prevents any changes to 2FA. + lock2factor: false + # - Requires that all accounts setup 2FA. + force2factor: false + # - IP addresses where 2FA login is skipped, for example: 127.0.0.1,192.168.2.0/24 + skip2factor: null + # - Number of old passwords the server should remember and not allow the user to switch back to. + oldPasswordBan: null + # - Uses WildLeek to block use of the 10000 most commonly used passwords. + banCommonPasswords: true + # - Allows users to create alternative username/passwords for their account. Set to false to disallow all users, or set to a userid array to only all some users. + loginTokens: true + # - Maximum about of time the to wait for a 2FA token on the login page in seconds. + twoFactorTimeout: + # - If true and user account has FIDO key setup, 2FA login screen will automatically request FIDO 2FA. + autofido2fa: false + # - Maximum number of FIDO/YubikeyOTP hardware 2FA keys that can be setup in a user account. + maxfidokeys: null + # - If set to false, the account reset option on the login screen will not be available to users. + allowaccountreset: true + # - Number of days that a user is allowed to remember this device for when completing 2FA. Set this to 0 to remove this option. + _twoFactorCookieDurationDays: 30 + # - Type of user authentication to use, this can be SSPI on Windows or LDAP. If not set, username/password is used. Options: null | sspi | ldap + _auth: null + # - The LDAP value to use as a user's unique account identifier. Use "ldapUserKey" or "ldapUserBinaryKey". + _ldapUserKey: null + # - The LDAP value to use as a user's unique account identifier, when specified in this field, the values will be HEX converted. + _ldapUserBinaryKey: objectSid + # - The LDAP value to use for the user name, you can also compose the name by setting this value to, for example: "{{{givenName}}} {{{sn}}}" + _ldapUserName: displayName + # - The LDAP value to use for the user's email address. + _ldapUserEmail: mail + # - The LDAP value to use for the user's real name, you can also compose the name by setting this value to, for example: "{{{givenName}}} {{{sn}}}" + _ldapUserRealName: name + # - The LDAP value to use for the user's phone number. + _ldapUserPhoneNumber: telephoneNumber + # - The LDAP value to use for the user's image. + _ldapUserImage: thumbnailPhoto + # - When set to a filename, for example /opt/meshcentral/meshcentral-data/ldapusers.txt, MeshCentral will save the LDAP user object to this file each time a user logs in. This is used for debugging LDAP issues. + _ldapSaveUserToFile: null + # - The LDAP value to use for the user's group memberships. + _ldapUserGroups: memberOf + # - When set to true or set to an object, MeshCentral will synchronize LDAP user memberships to MeshCentral user groups. + _ldapSyncWithUserGroups: + # - When set to a string or array of strings, only LDAP membership groups that includes one of the strings will be synchronized with MeshCentral user groups. + filter: [] + # - A list of LDAP groups. Users must be part of at least one of these groups to allow login. If null, all users are allowed to login. + _ldapUserRequiredGroupMembership: [] + # - LDAP options passed to ldapauth-fork + _ldapOptions: + URL: "ldap://1.2.3.4:389" + BindDN: "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local" + BindCredentials: "Password.1" + SearchBase: "DC=meshcentral,DC=local" + SearchFilter: "(sAMAccountName={{username}})" + # - Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent. + _agentInviteCodes: false + # - When enabled, all newly installed MeshAgents will be instructed to no use a HTTP/HTTPS proxy even if one is configured on the remote system + _agentNoProxy: false + # - This section is used to indicate if parts of the meshagent.tag file should be used to set server-side device properties. + _agentTag: + # - Action taken if one of the lines in meshagent.tag contains ~ServerName:name. 0=Ignore, 1=Set. + ServerName: 0 + # - Action taken if one of the lines in meshagent.tag contains ~ServerDesc:desc. 0=Ignore, 1=Set, 2=SetIfEmpty. + ServerDesc: 0 + # - Action taken if one of the lines in meshagent.tag contains ~ServerTags:tag1,tag2,tag3. 0=Ignore, 1=Set, 2=SetIfEmpty, 3=Append. + ServerTags: 0 + # - Enables the geo-location feature and device location map in the user interface, this feature is not being worked on. + _geoLocation: false + # - When enabled, activates the built-in web-based VNC client. + _novnc: true + # - When enabled, activates the built-in web-based RDP client. + _mstsc: false + # - When enabled, activates the built-in web-based SSH client. + _ssh: false + # - Path where to find custom email templates for this domain. + _webEmailsPath: null + _customUI: null + # - This section is used to customize user consent prompts, these show up when asking if a remote session is allowed or not. + _consentMessages: + Title: null + Desktop: null + Terminal: null + Files: null + # - How long in seconds to show the user consent dialog box. + consentTimeout: 30 + # - If true, user consent is accepted after the timeout. + autoAcceptOnTimeout: false + # - This section is user to customize user notifications when a remote desktop, terminal or file session is connected to a remote system. + _notificationMessages: + Title: null + Desktop: null + Terminal: null + Files: null + # - Use this section to customize the agent branding. + _agentCustomization: + # - The name of the agent as displayed to the user. + displayName: MeshCentral Agent + # - The description of the agent as displayed to the user. + description: Mesh Agent Background Service + # - This will be used as the path to install the agent, by default this is 'Mesh Agent' in Windows and 'meshagent' in other OS's. + companyName: Mesh Agent + # - The name of the background service, by default this is 'Mesh Agent' in Windows and 'meshagent' in other OS's but should be set to an all lower case, no space string. + serviceName: Mesh Agent + # - Text string to show in the agent installation dialog box. + installText: null + # - The filename of a image file in .png format located in meshcentral-data to display in the MeshCentral Agent installation dialog, image should be square and from 64x64 to 200x200. + image: null + # - The agent filename. + fileName: meshagent + # - Foreground text color, valid values are RBG in format 0,0,0 to 255,255,255 or format #000000 to #FFFFFF. + foregroundColor: null + # - Background color, valid values are RBG in format 0,0,0 to 255,255,255 or format #000000 to #FFFFFF. + backgroundColor: null + # - Use this section to set resource metadata of the Windows agents prior to signing. In Windows, you can right-click and select properties to view these values. + _agentFileInfo: + # - Sets the agent icon, this is the name of a .ico file with the file placed in the meshcentral-data folder. + icon: null + # - Executable file description. + fileDescription: null + # - Executable file version, in the form of 'n.n.n.n', for example: '1.2.3.4'. + fileVersion: null + # - Executable internal name. + internalName: null + # - Executable legal copyright. + legalCopyright: null + # - Executable original file name. + originalFilename: null + # - Executable product name. + productName: null + # - Executable product version. Any string format will work, but a alphabetic character is required for this value to show correctly in the Windows property box. For example: 'v1.2.3.4' will work, but '1.2.3.4' will not. + productVersion: null + # - Use this section to customize the MeshCentral Assistant. + _assistantCustomization: + # - Name to show as MeshCentral Assistant dialog title. + title: MeshCentral Assistant + # - The filename of a image file in .png format located in meshcentral-data to display in MeshCentral Assistant, image should be square and from 64x64 to 128x128. + image: null + # - The MeshCentral Assistant filename. + fileName: meshagent + # - Use this section to customize the MeshCentral Agent for Android. + _androidCustomization: + # - Displayed on top of the MeshCentral Agent for Android. + title: MeshCentral Agent + # - Subtitle displayed until the title on the toolbar. + subtitle: null + # - The filename of a image file in .png format located in meshcentral-data to display in MeshCentral Agent for Android, image should be square and from 64x64 to 128x128. + image: null + # - If set, a user from a banned IP address will be redirected to this URL." + _ipBlockedUserRedirect: null + # - When set, requires that a browser request have set HTTP header to allow user login. Example: '{ "Sec-Fetch-Dest": "iframe" }' + _userRequiredHttpHeader: null + # - When set, only users from allowed IP address ranges can connect to the server. Example: "192.168.2.100,192.168.1.0/24" + _userAllowedIP: null + # - When set, users from these denied IP address ranges will not be able to connect to the server. Example: "192.168.2.100,192.168.1.0/24" + _userBlockedIP: null + # - When set, only agents from allowed IP address ranges can connect to the server. Example: "192.168.2.100,192.168.1.0/24" + _agentAllowedIP: null + # - When set, agents from these denied IP address ranges will not be able to connect to the server. Example: "192.168.2.100,192.168.1.0/24" + _agentBlockedIP: null + # - When set, idle users will be disconnected after a set amounts of minutes. + _userSessionIdleTimeout: null + # - Use this section to require user consent for this domain. + _userConsentFlags: + # - Enable desktop notification for this domain. + desktopnotify: false + # - Enable terminal notification for this domain. + terminalnotify: false + # - Enable files notification for this domain. + filenotify: false + # - Enable desktop prompt for this domain. + desktopprompt: false + # - Enable terminal user prompt for this domain. + terminalprompt: false + # - Enable files prompt for this domain. + fileprompt: false + # - Enable remote desktop privacy bar for this domain. + desktopprivacybar: false + # - When users navigate thru the web interface, the URL on top will change to point to the current screen. This allows a user to refresh or bookmark the URL and come back to the correct screen. Setting false here will disable this feature. + _urlSwitching: true + # - This is the text that will be shown in the remote desktop privacy bar. You can use {0} to display the account realname or {1} to display the account identifier in the string. + _desktopPrivacyBarText: null + _limits: + # - Maximum number of devices in this domain. + MaxDevices: null + # - Maximum number of devices in this domain. + MaxUserAccounts: null + # - Maximum number of user sessions that can connect to this server for this domain. + MaxUserSessions: null + # - Maximum number of agents that can connect to this server for this domain. + MaxAgentSessions: null + # - Maximum number of sessions a single user can have. Each time a user opens a new browser tab or opens a new browser on a different computer, a new user session is created. + MaxSingleUserSessions: null + # - Values that affect the files feature + _files: + # - When false, removes the 'SFTP Connect' button from the files tab unless this is the only possible option. + sftpConnect: true + # - Values that affect the terminal feature + _terminal: + # - When false, removes the 'SSH Connect' button from the terminal tab unless this is the only possible option. + sshConnect: true + # - Indicate what terminal options are available when the user clicks the right mouse button on the terminal connect button. Options: any | root | user | login + linuxShell: any + # - Indicate what string the agent must write to the shell after starting a terminal session + launchCommand: + # - String to write after opening a Linux terminal. + linux: alias ls=\\'ls --color=auto\\';clear\\n + # - String to write after opening a macOS terminal. + darwin: null + # - String to write after opening a FreeBSD terminal. + freebsd: null + # - Values that affect the desktop feature" + _desktop: + # - When set to true, the remote desktop feature is view only. + viewonly: false + # - List of local network Intel AMT scanning options offered in the user interface. For example ["LabNetwork 192.168.15.0/23", "SalesNetwork 192.168.8.0/24"]. + _amtScanOptions: + - Network 192.168.1.0/24 + # - Information passed to the AMT manager module that impacts all Intel AMT device managed within this domain. + _amtManager: + # - When set to false, MeshCentral will use TLS to connect to Intel AMT, this is not recommended. + TlsConnections: true + # - When set to false, MeshCentral will not attempt a TLS ACM activation on Intel AMT v14+ + TlsAcmActivation: false + # - List of username and passwords to try when connecting to Intel AMT. + AdminAccounts: + # - Intel AMT administrator username. + - user: admin + # - Intel AMT administrator password. + pass: null + # - List of up to 4 domain suffixes to configure in Intel AMT when activating CIRA. + EnvironmentDetection: [] + # - Specifies a certificate and private key to use to issue Intel AMT TLS certificates. By default the MeshCentral self-signed root certificate is used. + TlsRootCert: + # - Name of the certificate file that is in .p12 or .pfx format in meshcentral-data, use this with certpfxpass. + certpfx: null + # - Password for the file specified in certpfx. + certpfxpass: null + # - Name of the certificate file in PEM format located in meshcentral-data. Using this with keyfile. + certfile: null + # - Name of the private key file in PEM format located in meshcentral-data. Using this with certfile. + keyfile: null + # - List of WIFI profiles to setup in any managed Intel AMT device with a WIFI network interface. + WifiProfiles: + # - WIFI profile name, if not specified the SSID is used. + name: null + # - SSID of the WIFI station. + ssid: null + # - WIFI authentication. Options: wpa-psk | wpa2-psk | wpa-8021x | wpa2-802.1x | wpa3-sae-802.1x | wpa3-owe-802.1x + authentication: wpa2-psk + # - WIFI encryption. Options: ccmp-aes | tkip-rc4 + encryption: ccmp-aes + # - Password on the WIFI station + password: null + # - 802.1x settings for this WIFI profile. Only required if the WIFI authentication type has 802.1x + _802.1x: + # - Identifies the authentication protocol used to authenticate the access requestor to the AAA server. Options: EAP-TLS | EAP-TTLS/MSCHAPv2 | PEAPv0/EAP-MSCHAPv2 | PEAPv1/EAP-GTC | EAP-FAST/MSCHAPv2 | EAP-FAST/GTC | EAP-MD5 | EAP-PSK | EAP-SIM | EAP-AKA | EAP-FAST/TLS | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 + authenticationProtocol: null + # - Determines the comparison algorithm used between the ServerCertificateName value and the subject name field of the certificate presented by the AAA server. Options: Fullname | DomainSuffix | 2 | 3 + serverCertificateNameComparison: FullName + # - The name compared against the subject name field in the certificate provided by the AAA server. + serverCertificateName: null + # - Indicates the activity setting of the 802.1X module in H0 state + availableInS0: true + # - A credential used by the supplicant and AAA server to establish a mutually authenticated encrypted tunnel for confidential user authentication. + protectedAccessCredentialHex: null + # - Optional password to extract the PAC (Protected Access Credential) information from the PAC data. + pacPassword: null + # - The domain within which Username is unique. + domain: null + # - Within the domain specified by Domain, Identifies the user that is requesting access to the network. + username: null + # - The password associated with the user identified by Username and Domain. + password: null + # - A string presented to the authentication server in 802.1x protocol exchange + roamingIdentity: null + # - Timeout in seconds, in which the Intel(R) AMT will hold an authenticated 802.1X session. + pxeTimeoutInSeconds: 120 + # - 802.1x settings for the Intel AMT Wired interface. If set to false, any existing 802.1x wired profile will be removed from Intel AMT. + _802.1x: + # - Identifies the authentication protocol used to authenticate the access requestor to the AAA server. Options: EAP-TLS | EAP-TTLS/MSCHAPv2 | PEAPv0/EAP-MSCHAPv2 | PEAPv1/EAP-GTC | EAP-FAST/MSCHAPv2 | EAP-FAST/GTC | EAP-MD5 | EAP-PSK | EAP-SIM | EAP-AKA | EAP-FAST/TLS | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 + authenticationProtocol: null + # - Determines the comparison algorithm used between the ServerCertificateName value and the subject name field of the certificate presented by the AAA server. Options: Fullname | DomainSuffix | 2 | 3 + serverCertificateNameComparison: FullName + # - The name compared against the subject name field in the certificate provided by the AAA server. + serverCertificateName: null + # - Indicates the activity setting of the 802.1X module in H0 state + availableInS0: true + # - A credential used by the supplicant and AAA server to establish a mutually authenticated encrypted tunnel for confidential user authentication. + protectedAccessCredentialHex: null + # - Optional password to extract the PAC (Protected Access Credential) information from the PAC data. + pacPassword: null + # - The domain within which Username is unique. + domain: null + # - Within the domain specified by Domain, Identifies the user that is requesting access to the network. + username: null + # - The password associated with the user identified by Username and Domain. + password: null + # - A string presented to the authentication server in 802.1x protocol exchange + roamingIdentity: null + # - Timeout in seconds, in which the Intel(R) AMT will hold an authenticated 802.1X session. + pxeTimeoutInSeconds: 120 + _amtAcmActivation: + log: null + # - When set to true, the certificate common name needs to match exactly the Intel AMT trusted FQDN or DHCP Option 15. If false, some flexibility may be given to the matching. + strictCommonName: false + certs: + certfiles: null + keyfile: null + # - This is used to create HTTP redirections. For example setting "redirects": { "example": "https://example.com" } will make it so that anyone accessing /example on the server will get redirected to the specified URL. + _redirects: + example: https://example.com + example1: https://example1.com + _yubikey: + id: null + secret: null + proxy: null + _httpHeaders: null + # - Key and values to add to the MeshAgent .msh file + _agentConfig: [] + # - Key and values to add to the MeshCentral Assistant .msh file + _assistantConfig: [] + # - When false, users can't set the clipboard of a remove device. + clipboardGet: true + # - When false, users can't get the clipboard of a remove device. + clipboardSet: true + # - When false, removes the local recording feature on remote desktop. + localSessionRecording: true + _sessionRecording: + # - When enabled, only device users with the session recording feature turned on will be recorded. When false, all users are recorded. + onlySelectedUsers: false + # - When enabled, only device user groups with the session recording feature turned on will be recorded. When false, all users are recorded. + onlySelectedUserGroups: false + # - When enabled, only device groups with the session recording feature turned on will be recorded. When false, all devices are recorded. + onlySelectedDeviceGroups: false + # - The file path where recording files are kept. + filepath: null + # - If true, automatically index remote desktop recordings so that the plays can skip to any place in the file. + index: false + # - Maximum number of recording files to keep. + maxRecordings: null + # - Maximum number of days to keep a recording. + maxRecordingDays: null + # - Maximum number of recordings in megabytes. Once exceed, remove the oldest recordings. + maxRecordingSizeMegabytes: null + # - This is an array: 1 = Terminal, 2 = Desktop, 5 = Files, 100 = Intel AMT WSMAN, 101 = Intel AMT Redirection, 200 = Messenger + _protocols: + - 1 + - 5 + # - When set to false, hides the username and password prompt on login screen. + _showPasswordLogin: true + # - Connects MeshCentral to the SendGrid email server, allows MeshCentral to send email messages for 2FA or user notification. + _sendgrid: + # - Email address used in the messages from field. + from: null + # - The SendGrid API key. + apiKey: null + # - When set to false, the email format and DNS MX record are not checked. + verifyemail: true + # - Connects MeshCentral to a SMTP email server, allows MeshCentral to send email messages for 2FA or user notification. + _smtp: + # - Optional hostname of the client, this defaults to the hostname of the machine. This is useful for SMTP relays. + name: null + # - Hostname of the SMTP server. + host: null + # - SMTP server port number. + port: null + # - Email address used in the messages from field. + from: null + tls: true + _auth: + clientId: null + clientSecret: null + refreshToken: null + tlscertcheck: true + tlsstrict: true + # - When set to false, the email format and DNS MX record are not checked + verifyemail: true + # - Makes MeshCentral send emails using the Unix sendmail command. Allows MeshCentral to send email messages for 2FA or user notification. + _sendmail: + # - Possible values are unix or windows + newline: unix + # - Path to the sendmail command + path: sendmail + # - Array or arguments to pass to sendmail + _args: [] + _authStrategies: + _twitter: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + clientid: null + clientsecret: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _google: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + clientid: null + clientsecret: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _github: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + clientid: null + clientsecret: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _reddit: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + clientid: null + clientsecret: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _azure: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + clientid: null + clientsecret: null + tenantid: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _jumpcloud: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + newAccounts: false + newAccountsUserGroups: [] + entityid: null + idpurl: null + cert: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _saml: + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + disableRequestedAuthnContext: false + newAccounts: false + newAccountsUserGroups: [] + newAccountsRights: [] + entityid: null + idpurl: null + cert: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + _oidc: + # - If set, this will be used as the authorization URL. (If set tokenURL and userInfoURL need set also) + authorizationURL: null + # - Required, this is the URL that your SSO provider sends auth approval to. + callbackurl: null + clientid: null + clientsecret: null + # - Full URL of SSO portal + issuer: null + # - If set, this will be used as the token URL. (If set authorizationURL and userInfoURL need set also) + tokenURL: null + # - If set, this will be used as the user info URL. (If set authorizationURL and tokenURL need set also) + userInfoURL: null + # - Then set, the user will be redirected to this URL when hitting the logout link + logouturl: null + newAccounts: true + groups: + # - When set, the user must be part of one of the OIDC user groups to login to MeshCentral. + required: [] + # - When set, users part of these groups will be promoted with site administrator in MeshCentral, users that are not part of these groups will be demoted. + siteadmin: [] + sync: + enabled: false + # - When set, limits what OIDC groups are mirrored into MeshCentral user groups. + filter: [] + +probes: + liveness: + type: HTTPS + path: /health.ashx + readiness: + type: HTTPS + path: /health.ashx + startup: + type: HTTPS + path: /health.ashx + +service: + main: + ports: + main: + protocol: HTTPS + port: 10205 + # mps: + # enabled: true + # ports: + # mps: + # enabled: true + # port: 4433 + # targetPort: 4433 + # amtprovisioner: + # enabled: true + # ports: + # amtprovisioner: + # enabled: true + # port: 9971 + # targetPort: 9971 + +mongodb: + enabled: true + mongodbUsername: meshcentral + mongodbDatabase: meshcentral + existingSecret: mongodbcreds + +persistence: + data: + enabled: true + mountPath: /opt/meshcentral/meshcentral-data + size: 256Gi + files: + enabled: true + mountPath: /opt/meshcentral/meshcentral-files + size: 256Gi + web: + enabled: true + mountPath: /opt/meshcentral/meshcentral-web + size: 256Gi + backups: + enabled: true + mountPath: /opt/meshcentral/meshcentral-backup + size: 256Gi + configfile: + enabled: true + type: secret + readOnly: true + # defaultMode: "0600" + objectName: '{{ include "tc.common.names.fullname" . }}-secret' + mountPath: /opt/meshcentral/meshcentral-config + items: + - key: config.json + path: config.json + +portal: + enabled: true diff --git a/incubator/meshcentral/5.0.0/questions.yaml b/incubator/meshcentral/5.0.0/questions.yaml new file mode 100644 index 0000000000..3616ea6d06 --- /dev/null +++ b/incubator/meshcentral/5.0.0/questions.yaml @@ -0,0 +1,3436 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: Controller + description: Configure Workload Deployment + - name: Container Configuration + description: Additional Container Configuration + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: global + label: Global Settings + group: Controller + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: Flag this is SCALE + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: Controller + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: Show Advanced Controller Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: Please specify type of workload to deploy + label: (Advanced) Controller Type + schema: + type: string + required: true + enum: + - value: deployment + description: Deployment + - value: statefulset + description: Statefulset + - value: daemonset + description: Daemonset + default: deployment + - variable: replicas + description: Number of desired pod replicas + label: Desired Replicas + schema: + type: int + required: true + default: 1 + - variable: strategy + description: Please specify type of workload to deploy + label: (Advanced) Update Strategy + schema: + type: string + required: true + enum: + - value: Recreate + description: "Recreate: Kill existing pods before creating new ones" + - value: RollingUpdate + description: "RollingUpdate: Create new pods and then kill old ones" + - value: OnDelete + description: "(Legacy) OnDelete: ignore .spec.template changes" + default: Recreate + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Controller Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Controller Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: customextraargs + group: Controller + label: "Extra Args" + description: "Do not click this unless you know what you are doing" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: meshcentral + group: Container Configuration + label: MeshCentral Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: settings + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: aliasPort + label: aliasPort + description: The actual main port as seen externally on the Internet, this setting is often used when a reverse-proxy is used. + schema: + type: int + required: true + default: 443 + - variable: cert + label: cert + description: Set this to the primary DNS name of this MeshCentral server. + schema: + type: string + required: true + default: "" + - variable: tlsOffload + label: tlsOffload + description: When true, indicates that a TLS offloader is in front of the MeshCentral server. More typically, set this to the IP address of the reverse proxy or TLS offloader so that IP forwarding headers will be trusted. For example 127.0.0.1,traefik.ix-traefik.svc.cluster.local + schema: + type: string + required: true + default: "" + - variable: trustedProxy + label: trustedProxy + description: Trust forwarded headers from these IPs or domains. Providing the magic string "CloudFlare" will cause the server to download the IP address list of trusted CloudFlare proxies directly from CloudFlare on each server start. For example 127.0.0.1,traefik.ix-traefik.svc.cluster.local + schema: + type: string + required: true + default: "" + - variable: WANonly + label: WANonly + description: When enabled, only MeshCentral WAN features are enabled and agents will connect to the server using a well known DNS name. + schema: + type: boolean + default: false + - variable: LANonly + label: LANonly + description: When enabled, only MeshCentral LAN features are enabled and agents will find the server using multicast LAN packets. + schema: + type: boolean + default: false + - variable: webRTC + label: webRTC + description: When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser. + schema: + type: boolean + default: false + - variable: compression + label: compression + description: Enables GZIP compression for web requests. + schema: + type: boolean + default: true + - variable: wsCompression + label: wsCompression + description: Enables server-side, websocket per-message deflate compression. + schema: + type: boolean + default: true + - variable: allowFraming + label: allowFraming + description: When enabled, the MeshCentral web site can be embedded within another website's iframe. + schema: + type: boolean + default: false + - variable: newAccounts + label: newAccounts + description: When set to true, allow new user accounts to be created from the login page. + schema: + type: boolean + default: false + - variable: browserPing + label: browserPing + description: When specified, sends data to the browser at x seconds interval and expects a response from the browser. + schema: + type: int + default: -99 + - variable: browserPong + label: browserPong + description: When specified, sends data to the browser at x seconds interval. + schema: + type: int + default: -99 + - variable: agentPing + label: agentPing + description: When specified, sends data to the agent at x seconds interval and expects a response from the agent. + schema: + type: int + default: -99 + - variable: agentPong + label: agentPong + description: When specified, sends data to the agent at x seconds interval. + schema: + type: int + default: -99 + - variable: agentIdleTimeout + label: agentIdleTimeout + description: How much time in seconds with no traffic from an agent before dropping the agent connection. + schema: + type: int + default: -99 + - variable: plugins + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: autobackup + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: backupIntervalHours + label: backupIntervalHours + schema: + type: int + required: true + default: 24 + - variable: keepLastDaysBackup + label: keepLastDaysBackup + schema: + type: int + required: true + default: 10 + - variable: zipPassword + label: zipPassword + description: Leave empty for no password + schema: + type: string + private: true + default: "" + - variable: setupWebDav + label: Backup to Web DAV + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: webdav + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: url + label: url + description: WebDAV account URL. + schema: + type: string + default: "" + - variable: username + label: username + description: WebDAV account username. + schema: + type: string + default: "" + - variable: password + label: password + description: WebDAV account password. + schema: + type: string + private: true + default: "" + - variable: folderName + label: folderName + description: The name of the folder to create in the WebDAV account. + schema: + type: string + default: MeshCentral-Backups + - variable: maxFiles + label: maxFiles + description: The maximum number of files to keep in the WebDAV folder, older files will be removed if needed. + schema: + type: int + default: 10 + - variable: relayDNS + label: relayDNS + description: When set, relayPort value is ignored. Set this to a DNS name the points to this server. When the server is accessed using the DNS name, the main web server port is used as a web relay port. + schema: + type: list + default: [] + items: + - variable: relayDNSEntry + label: relayDNS Entry + schema: + type: string + required: true + default: "" + - variable: domains + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: '""' + label: 'Section <"">' + schema: + additional_attrs: true + type: dict + attrs: + - variable: certUrl + label: certUrl + description: HTTPS URL when to get the TLS certificate that MeshAgent's will see when connecting to this server. This setting is used when a reverse proxy like Traefik is used in front of MeshCentral. + schema: + type: string + required: true + default: "" + - variable: title + label: title + description: The title of this web site. All web pages will have this title. + schema: + type: string + required: true + default: TrueCharts MeshCentral + - variable: title2 + label: title2 + description: Secondary title text that is placed on the upper right on the title on many web pages. + schema: + type: string + required: true + default: TrueCharts MeshCentral + - variable: welcomeText + label: welcomeText + description: Text that will be shown on the login screen. + schema: + type: string + required: true + default: Welcome to TrueCharts MeshCentral + - variable: minify + label: minify + description: When enabled, the server will send reduced sized web pages. + schema: + type: boolean + default: true + - variable: localSessionRecording + label: localSessionRecording + description: When false, removes the local recording feature on remote desktop. + schema: + type: boolean + default: true + - variable: nightMode + label: nightMode + description: 0 = User selects day/night mode, 1 = Always night mode, 2 = Always day mode + schema: + type: int + min: 0 + max: 2 + requited: true + default: 0 + - variable: siteStyle + label: siteStyle + description: Valid numbers are 1 and 2, changes the style of the login page and some secondary pages. + schema: + type: int + min: 1 + max: 2 + requited: true + default: 2 + - variable: agentCustomization + label: Section + schema: + additional_attrs: true + type: dict + attrs: + - variable: displayName + label: displayName + description: The name of the agent as displayed to the user. + schema: + type: string + default: MeshCentral Agent + - variable: description + label: description + description: The description of the agent as displayed to the user. + schema: + type: string + default: Mesh Agent Background Service + - variable: companyName + label: companyName + description: This will be used as the path to install the agent, by default this is 'Mesh Agent' in Windows and 'meshagent' in other OS's. + schema: + type: string + default: Mesh Agent + - variable: serviceName + label: serviceName + description: The name of the background service, by default this is 'Mesh Agent' in Windows and 'meshagent' in other OS's but should be set to an all lower case, no space string. + schema: + type: string + default: Mesh Agent + - variable: installText + label: installText + description: Text string to show in the agent installation dialog box. + schema: + type: string + default: "" + - variable: image + label: image + description: The filename of a image file in .png format located in meshcentral-data to display in the MeshCentral Agent installation dialog, image should be square and from 64x64 to 200x200. + schema: + type: string + default: "" + - variable: fileName + label: fileName + description: The agent filename. + schema: + type: string + default: meshagent + - variable: foregroundColor + label: foregroundColor + description: 'Foreground text color, valid values are RBG in format 0,0,0 to 255,255,255 or format "#000000" to "#FFFFFF".' + schema: + type: string + default: "" + - variable: backgroundColor + label: backgroundColor + description: 'Background color, valid values are RBG in format 0,0,0 to 255,255,255 or format "#000000" to "#FFFFFF".' + schema: + type: string + default: "" + - variable: TZ + label: Timezone + group: Container Configuration + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + group: Container Configuration + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: expertpodconf + group: Container Configuration + label: Show Expert Configuration + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: Enable TTY + description: Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: stdin + label: Enable STDIN + description: Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: termination + group: Container Configuration + label: Termination settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: Grace Period Seconds + schema: + type: int + default: 10 + - variable: podLabelsList + group: Container Configuration + label: Pod Labels + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: podAnnotationsList + group: Container Configuration + label: Pod Annotations + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Service + description: The Primary service on which the healthcheck runs, often the webUI + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 10205 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTPS + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 10205 + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: Networking and Services + label: Host-Networking (Complicated) + schema: + type: boolean + default: false + - variable: externalInterfaces + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + show_subquestions_if: static + subquestions: + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: dnsPolicy + group: Networking and Services + label: dnsPolicy + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ClusterFirst + description: ClusterFirst + - value: ClusterFirstWithHostNet + description: ClusterFirstWithHostNet + - value: None + description: None + - variable: dnsConfig + label: DNS Configuration + group: Networking and Services + description: Specify custom DNS configuration which will be applied to the pod + schema: + additional_attrs: true + type: dict + attrs: + - variable: nameservers + label: Name Servers + schema: + default: [] + type: list + items: + - variable: nameserver + label: Name Server + schema: + type: string + - variable: options + label: Options + schema: + default: [] + type: list + items: + - variable: option + label: Option Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: searches + label: Searches + schema: + default: [] + type: list + items: + - variable: search + label: Search Entry + schema: + type: string + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: TCP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: persistence + label: Integrated Persistent Storage + description: Integrated Persistent Storage + group: Storage and Persistence + schema: + additional_attrs: true + type: dict + attrs: + - variable: data + label: App Data Storage + description: Stores the Application Data. + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: files + label: Files Storage + description: Stores the Files + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: web + label: Web Storage + description: Stores the Web Files. Used for web customization + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: backups + label: Backups Storage + description: Stores the Backups + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name (Optional) + description: "Not required, please set to config when mounting /config or temp when mounting /tmp" + schema: + type: string + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simpleHP + enum: + - value: simplePVC + description: PVC (Simple) + - value: simpleHP + description: Host Path (Simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: hostPathType + label: (Advanced) Host Path Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) StorageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: (Advanced) Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: These middlewares enforce a number of best practices. + label: Enable Default Middlewares + schema: + type: boolean + default: true + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: service + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: security + label: Container Security Settings + group: Security and Permissions + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: Change PUID / UMASK values + description: By enabling this you override default set values. + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "002" + - variable: advancedSecurity + label: Show Advanced Security Settings + group: Security and Permissions + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: Privileged mode + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: ReadOnly Root Filesystem + schema: + type: boolean + default: false + - variable: allowPrivilegeEscalation + label: Allow Privilege Escalation + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: runAsNonRoot + schema: + type: boolean + default: false + - variable: capabilities + label: Capabilities + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: Drop Capability + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: Add Capability + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + - variable: podSecurityContext + group: Security and Permissions + label: Pod Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: runAsUser + description: The UserID of the user running the application + schema: + type: int + default: 0 + - variable: runAsGroup + label: runAsGroup + description: The groupID this App of the user running the application + schema: + type: int + default: 0 + - variable: fsGroup + label: fsGroup + description: The group that should own ALL storage. + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + + - variable: advancedresources + label: Set Custom Resource Limits/Requests (Advanced) + group: Resources and Devices + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 10m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 50Mi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: hostPath + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + # Specify GPU configuration + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + - variable: horizontalPodAutoscaler + group: Advanced + label: (Advanced) Horizontal Pod Autoscaler + schema: + type: list + default: [] + items: + - variable: hpaEntry + label: HPA Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: target + label: Target + description: Deployment name, Defaults to Main Deployment + schema: + type: string + default: "" + - variable: minReplicas + label: Minimum Replicas + schema: + type: int + default: 1 + - variable: maxReplicas + label: Maximum Replicas + schema: + type: int + default: 5 + - variable: targetCPUUtilizationPercentage + label: Target CPU Utilization Percentage + schema: + type: int + default: 80 + - variable: targetMemoryUtilizationPercentage + label: Target Memory Utilization Percentage + schema: + type: int + default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: Git Settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: Raw SSH Private Key + label: Deploy Key + schema: + type: string + - variable: deployKeyBase64 + description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence + label: Deploy Key Base64 + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: nodePort + description: Leave Empty to Disable + label: nodePort DEPRECATED + schema: + type: int + default: 36107 + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: promtail + label: Promtail + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: Loki URL + schema: + type: string + required: true + - variable: logs + label: Log Paths + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: path + label: Path + schema: + type: string + required: true + - variable: args + label: Promtail Command Line Arguments + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + required: true + - variable: envList + label: Promtail Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: openvpn + description: OpenVPN + - value: wireguard + description: Wireguard + - value: tailscale + description: Tailscale + - variable: openvpn + label: OpenVPN Settings + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: Sock5 Server + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type + schema: + type: string + default: hostPath + hidden: true + - variable: hostPathType + label: hostPathType + schema: + type: string + default: File + hidden: true + - variable: noMount + label: noMount + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: Full Path to File + description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/incubator/meshcentral/5.0.0/templates/_secret.tpl b/incubator/meshcentral/5.0.0/templates/_secret.tpl new file mode 100644 index 0000000000..31094ccfd9 --- /dev/null +++ b/incubator/meshcentral/5.0.0/templates/_secret.tpl @@ -0,0 +1,117 @@ +{{/* Define the secret */}} +{{- define "meshcentral.secret" -}} + +{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }} +{{- $config := .Values.meshcentral }} + +{{- $isScale := false }} +{{- if hasKey .Values.global "isScale" }} + {{- $isScale = .Values.global.isScale }} +{{- else }} + {{- $isScale = false }} +{{- end }} + +{{- $sessionKey := "" }} +{{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }} + {{- $sessionKey = (index .data "session_key") }} +{{- else }} + {{- $sessionKey = randAlphaNum 32 }} +{{- end }} + +{{/* Inject some values */}} +{{- $_ := set $config "$schema" "http://info.meshcentral.com/downloads/meshcentral-config-schema.json" }} +{{- $_ := set $config "__comment__" "This file is generated dynamically at install time, do not attempt to modify it. On next start it will be re-generated" }} + +{{- if not (hasKey $config "settings") }} + {{- $_ := set $config "settings" dict }} +{{- end }} + +{{- $_ := set $config.settings "mongoDB" (.Values.mongodb.url.complete | trimAll "\"") }} +{{- $_ := set $config.settings "mongoDbName" .Values.mongodb.mongodbDatabase }} +{{- $_ := set $config.settings "sessionKey" $sessionKey }} +{{- $_ := set $config.settings "port" .Values.service.main.ports.main.port }} + +{{/* Force disable some functions that are not appliable in docker */}} +{{- $_ := set $config.settings "selfUpdate" false }} +{{- $_ := set $config.settings "cleanNpmCacheOnUpdate" false }} + +{{/* Disallows administrators to update the server from the My Server tab. For ANY domains defined */}} +{{- range $domain := $config.domains }} + {{- if not (hasKey $domain "myServer") }} + {{- $_ := set $domain "myServer" dict }} + {{- end -}} + {{- $_ := set $domain.myServer "Upgrade" false }} +{{- end }} + +{{- if $isScale }} + {{- $config = (include "prune.keys.scale" $config) }} +{{- else }} + {{- $config = (include "prune.keys" $config) }} +{{- end }} +--- + +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $secretName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Store session_key to reuse */}} + session_key: {{ $sessionKey | b64enc }} + {{/* The actual config */}} + config.json: | + {{- toPrettyJson (fromYaml $config) | b64enc | nindent 4 }} +{{- end }} + +{{/* Prunes keys that start with _ */}} + +{{- define "prune.keys" }} + {{- $values := . }} + {{- range $k, $v := $values }} + {{- if (hasPrefix "_" $k) }} + {{- $_ := unset $values $k }} + {{- else }} + {{- if eq (kindOf $v) "map" }} + {{- $v := (include "prune.keys" $v) }} + {{- end }} + {{- end }} + {{- end }} + {{- toYaml $values }} +{{- end }} + +{{/* Only on TrueNAS Scale */}} +{{/* Prunes empty lists */}} +{{/* Prunes int and float equal to -99 */}} +{{/* Prunes empty strings (Does not prune empty strings in lists) */}} +{{/* Prunes keys that start with _ */}} + +{{- define "prune.keys.scale" }} + {{- $values := . }} + {{- range $k, $v := $values }} + {{- if eq (kindOf $v) "string" }} + {{- if not $v }} + {{- $_ := unset $values $k }} + {{- end }} + {{- end }} + {{- if or (eq (kindOf $v) "float64") (eq (kindOf $v) "int64") }} + {{- if eq (int $v) -99 }} + {{- $_ := unset $values $k }} + {{- end }} + {{- end }} + {{- if eq (kindOf $v) "slice" }} + {{- if not $v }} + {{- $_ := unset $values $k }} + {{- end }} + {{- end }} + {{- if (hasPrefix "_" $k) }} + {{- $_ := unset $values $k }} + {{- else }} + {{- if eq (kindOf $v) "map" }} + {{- $v := (include "prune.keys.scale" $v) }} + {{- end }} + {{- end }} + {{- end }} + {{- toYaml $values }} +{{- end }} diff --git a/incubator/meshcentral/5.0.0/templates/common.yaml b/incubator/meshcentral/5.0.0/templates/common.yaml new file mode 100644 index 0000000000..70e8b2dd97 --- /dev/null +++ b/incubator/meshcentral/5.0.0/templates/common.yaml @@ -0,0 +1,8 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{/* Render secret */}} +{{- include "meshcentral.secret" . }} + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/incubator/meshcentral/5.0.0/values.yaml b/incubator/meshcentral/5.0.0/values.yaml new file mode 100644 index 0000000000..e69de29bb2