From bdf8daa467db9e3e738ef6a49971e58dc08e2eac Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Sat, 3 Sep 2022 19:07:21 +0000 Subject: [PATCH] Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot --- incubator/authentik/4.0.0/CHANGELOG.md | 99 + incubator/authentik/4.0.0/Chart.lock | 12 + incubator/authentik/4.0.0/Chart.yaml | 35 + incubator/authentik/4.0.0/README.md | 111 + incubator/authentik/4.0.0/app-readme.md | 8 + .../authentik/4.0.0/charts/common-10.5.7.tgz | Bin 0 -> 48175 bytes .../4.0.0/charts/postgresql-8.0.69.tgz | Bin 0 -> 56436 bytes .../authentik/4.0.0/charts/redis-3.0.67.tgz | Bin 0 -> 57080 bytes incubator/authentik/4.0.0/ix_values.yaml | 224 ++ incubator/authentik/4.0.0/questions.yaml | 3582 +++++++++++++++++ .../authentik/4.0.0/templates/_config.tpl | 84 + .../authentik/4.0.0/templates/_geoip.tpl | 20 + .../authentik/4.0.0/templates/_secret.tpl | 70 + .../authentik/4.0.0/templates/_worker.tpl | 52 + .../authentik/4.0.0/templates/common.yaml | 25 + incubator/authentik/4.0.0/values.yaml | 0 16 files changed, 4322 insertions(+) create mode 100644 incubator/authentik/4.0.0/CHANGELOG.md create mode 100644 incubator/authentik/4.0.0/Chart.lock create mode 100644 incubator/authentik/4.0.0/Chart.yaml create mode 100644 incubator/authentik/4.0.0/README.md create mode 100644 incubator/authentik/4.0.0/app-readme.md create mode 100644 incubator/authentik/4.0.0/charts/common-10.5.7.tgz create mode 100644 incubator/authentik/4.0.0/charts/postgresql-8.0.69.tgz create mode 100644 incubator/authentik/4.0.0/charts/redis-3.0.67.tgz create mode 100644 incubator/authentik/4.0.0/ix_values.yaml create mode 100644 incubator/authentik/4.0.0/questions.yaml create mode 100644 incubator/authentik/4.0.0/templates/_config.tpl create mode 100644 incubator/authentik/4.0.0/templates/_geoip.tpl create mode 100644 incubator/authentik/4.0.0/templates/_secret.tpl create mode 100644 incubator/authentik/4.0.0/templates/_worker.tpl create mode 100644 incubator/authentik/4.0.0/templates/common.yaml create mode 100644 incubator/authentik/4.0.0/values.yaml diff --git a/incubator/authentik/4.0.0/CHANGELOG.md b/incubator/authentik/4.0.0/CHANGELOG.md new file mode 100644 index 0000000000..aacc334902 --- /dev/null +++ b/incubator/authentik/4.0.0/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + + +## [authentik-4.0.0](https://github.com/truecharts/charts/compare/authentik-3.0.16...authentik-4.0.0) (2022-09-03) + +### Feat + +- BREAKING CHANGE move to k8s integration instead of manual ([#3673](https://github.com/truecharts/charts/issues/3673)) + + + + +## [authentik-3.0.16](https://github.com/truecharts/charts/compare/authentik-3.0.15...authentik-3.0.16) (2022-09-01) + +### Fix + +- geoip disable rofs ([#3651](https://github.com/truecharts/charts/issues/3651)) + + + + +## [authentik-3.0.15](https://github.com/truecharts/charts/compare/authentik-3.0.14...authentik-3.0.15) (2022-08-30) + +### Chore + +- update helm general non-major ([#3639](https://github.com/truecharts/charts/issues/3639)) + + + + +## [authentik-3.0.14](https://github.com/truecharts/charts/compare/authentik-3.0.13...authentik-3.0.14) (2022-08-30) + +### Chore + +- update helm chart common to v10.5.5 ([#3626](https://github.com/truecharts/charts/issues/3626)) + + + + +## [authentik-3.0.13](https://github.com/truecharts/charts/compare/authentik-3.0.12...authentik-3.0.13) (2022-08-30) + +### Chore + +- update helm general non-major ([#3624](https://github.com/truecharts/charts/issues/3624)) + + + + +## [authentik-3.0.12](https://github.com/truecharts/charts/compare/authentik-3.0.10...authentik-3.0.12) (2022-08-29) + +### Chore + +- update helm general non-major ([#3621](https://github.com/truecharts/charts/issues/3621)) + - update helm general non-major ([#3619](https://github.com/truecharts/charts/issues/3619)) + + + + +## [authentik-3.0.10](https://github.com/truecharts/charts/compare/authentik-3.0.8...authentik-3.0.10) (2022-08-26) + +### Fix + +- some cleanup ([#3586](https://github.com/truecharts/charts/issues/3586)) + + + + +## [authentik-3.0.8](https://github.com/truecharts/charts/compare/authentik-3.0.7...authentik-3.0.8) (2022-08-23) + +### Chore + +- update helm general non-major helm releases ([#3545](https://github.com/truecharts/charts/issues/3545)) + + + + +## [authentik-3.0.7](https://github.com/truecharts/charts/compare/authentik-3.0.6...authentik-3.0.7) (2022-08-20) + +### Chore + +- update docker general non-major docker tags ([#3518](https://github.com/truecharts/charts/issues/3518)) + + + + +## [authentik-3.0.6](https://github.com/truecharts/charts/compare/authentik-3.0.5...authentik-3.0.6) (2022-08-17) + +### Chore + +- update helm general non-major helm releases ([#3484](https://github.com/truecharts/charts/issues/3484)) + - update docker general non-major ([#3478](https://github.com/truecharts/charts/issues/3478)) + + + + +## [authentik-3.0.5](https://github.com/truecharts/charts/compare/authentik-3.0.4...authentik-3.0.5) (2022-08-12) + +### Chore diff --git a/incubator/authentik/4.0.0/Chart.lock b/incubator/authentik/4.0.0/Chart.lock new file mode 100644 index 0000000000..759c1e6d6a --- /dev/null +++ b/incubator/authentik/4.0.0/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.5.7 +- name: postgresql + repository: https://charts.truecharts.org/ + version: 8.0.69 +- name: redis + repository: https://charts.truecharts.org + version: 3.0.67 +digest: sha256:a7b58cb33aa354a7d43b4870f6afa004db737cb9526084e9ac7374ed04da40fd +generated: "2022-09-03T19:00:55.161839592Z" diff --git a/incubator/authentik/4.0.0/Chart.yaml b/incubator/authentik/4.0.0/Chart.yaml new file mode 100644 index 0000000000..4cecd2125e --- /dev/null +++ b/incubator/authentik/4.0.0/Chart.yaml @@ -0,0 +1,35 @@ +apiVersion: v2 +appVersion: "2022.8.2" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.5.7 + - condition: postgresql.enabled + name: postgresql + repository: https://charts.truecharts.org/ + version: 8.0.69 + - condition: redis.enabled + name: redis + repository: https://charts.truecharts.org + version: 3.0.67 +description: authentik is an open-source Identity Provider focused on flexibility and versatility. +home: https://truecharts.org/docs/charts/incubator/authentik +icon: https://truecharts.org/img/hotlink-ok/chart-icons/authentik.png +keywords: + - authentik +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: authentik +sources: + - https://github.com/truecharts/charts/tree/master/charts/incubator/authentik + - https://github.com/goauthentik/authentik + - https://goauthentik.io/docs/ +version: 4.0.0 +annotations: + truecharts.org/catagories: | + - authentication + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/incubator/authentik/4.0.0/README.md b/incubator/authentik/4.0.0/README.md new file mode 100644 index 0000000000..163865fb0b --- /dev/null +++ b/incubator/authentik/4.0.0/README.md @@ -0,0 +1,111 @@ +# authentik + +![Version: 4.0.0](https://img.shields.io/badge/Version-4.0.0-informational?style=flat-square) ![AppVersion: 2022.8.2](https://img.shields.io/badge/AppVersion-2022.8.2-informational?style=flat-square) + +authentik is an open-source Identity Provider focused on flexibility and versatility. + +TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. + +This readme is just an automatically generated general guide on installing our Helm Charts and Apps. +For more information, please click here: [authentik](https://truecharts.org/docs/charts/incubator/authentik) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Source Code + +* +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.truecharts.org/ | postgresql | 8.0.69 | +| https://charts.truecharts.org | redis | 3.0.67 | +| https://library-charts.truecharts.org | common | 10.5.7 | + +## Installing the Chart + +### TrueNAS SCALE + +To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Quick-Start%20Guides/Installing-an-App). + +### Helm + +To install the chart with the release name `authentik` + +```console +helm repo add TrueCharts https://charts.truecharts.org +helm repo update +helm install authentik TrueCharts/authentik +``` + +## Uninstall + +### TrueNAS SCALE + +**Upgrading, Rolling Back and Uninstalling the Chart** + +To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Quick-Start%20Guides/Upgrade-rollback-delete-an-App). + +### Helm + +To uninstall the `authentik` deployment + +```console +helm uninstall authentik +``` + +## Configuration + +### Helm + +#### Available Settings + +Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values. +Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common). + +#### Configure using the command line + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +```console +helm install authentik \ + --set env.TZ="America/New York" \ + TrueCharts/authentik +``` + +#### Configure using a yaml file + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. + +```console +helm install authentik TrueCharts/authentik -f values.yaml +``` + +#### Connecting to other charts + +If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/Quick-Start%20Guides/linking-apps) quick-start guide. + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Quick-Start%20Guides/Important-MUST-READ). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can! + +--- + +All Rights Reserved - The TrueCharts Project diff --git a/incubator/authentik/4.0.0/app-readme.md b/incubator/authentik/4.0.0/app-readme.md new file mode 100644 index 0000000000..cfb42f121f --- /dev/null +++ b/incubator/authentik/4.0.0/app-readme.md @@ -0,0 +1,8 @@ +authentik is an open-source Identity Provider focused on flexibility and versatility. + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/incubator/authentik](https://truecharts.org/docs/charts/incubator/authentik) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can! diff --git a/incubator/authentik/4.0.0/charts/common-10.5.7.tgz b/incubator/authentik/4.0.0/charts/common-10.5.7.tgz new file mode 100644 index 0000000000000000000000000000000000000000..20a5750c094827ceafd7aded2f15dbf36e36c0e8 GIT binary patch literal 48175 zcmV)dK&QVSiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMYcciT9UC_aDdQ{cyBw(Ysr)3)q*CVQ@9JKa8=I6k(MzPqz? z9EgM@j46T*fO0hHeD~kMlK>wQ?;=JA1vI!EpGeUVpGN-1`&gJpwMJCu1DaKlSe2 zR65ruRC#)N_^njy(R ztTiPwbO5HDr|h8HonSuAMxBt%x}0Vxlx4awO<9*ygt{}xIHFzsUa?{ehoT_^0?r|a zlywxSj3FA5grkH@s9AS!xYO(H?e4a2(BhWRh#j=rAaAVIHkh{Mi&h)xW^S?(vR(b* zKVSDd{b8rq?)}i3L7Z@i6GSC2G=n%k05}HG|^6oq(A1%kiX95j{|TzJ|p~`A|^W2lF)v^6#bY%8m&w9 zTTIbJRII0a4!a@AEzAbcTtd(LonB|q8}xgx`a6c+ug1GWv^yO3(0(-Dk9MN%{oO$y zMSI(DCkzL##&EDR8t?Ay_j-Gy@dypKw^6Ux-`_z4G#Zb>COE7`>MMw27Qz^jM;U3zBuX_7ov^VJQ!rkGh z7s5dw!f+J58uoU3y;spb8tp_w7)H^~epore#rD^tZc52a^ln|^ntJuLwU8Tfu_?bA zmPg@1XV~c*@}iyIaIgPrZxC*yQ8eC*!rkFuv_A|7 zij%dauc}o~;S`2*T~1op3mc2BWAK_Tk{w zc+}h9+1nfJY;T8y{eFKGj$gsO{n6gu{`UT8e{T#|w%nAWvn=KqCwR%!mPOj4OjGLQ zHLBoI6k%2&IeVR6E;)C?K?uYbN8;%DE_0VwmYHu9v z>_xA(hdaH!ZPY`rkoeZCl$>tEP3bd<$q2?dT@VK_0c4IS#SxMVRwb0t7=Hm|EPsu& zI2MaDy`=k~OM6g6Ih1frkt_ouG!_ICEDS7w%9=2WWH}fEg&m0D2*s=eenRmKa5PJ$ zoCG0EzzBhip{UaWy3_&q`fWKhm?VVD$+QxrQ&hrjiRCmUag3-%86|KOBR%oWS5aAg zhz{feyGWY6C=e^#j{N=!#yA2*dJhND{0FaAg^;Z7r;&Ois zmJF{N|24p>3is{P9h-GKa+b|Th>F=2A%-c6KuRK}mmPrt(wrbh}4?k62&OwgaR1Hc0=b$E%}OD}_9qo+gCj@j@$-mL~>M z+28_5I>*+*e0F%LT5hQiMQt@f2~q~7(din1GB#&0brskc#>~n*OVxA8ryyfu{HH>T z&LPF30+S_E$fpP3hwcxhdZM){VSG#R(HA&NV{{-0senNcW{i^=I6aqjMcD(;e>Ldz zhx?u3ursU#2{XcHkmC@>@d8XBpCTbiaWbKZG1)&^Pro=PlplcMaOeo)tZBhZWFW=2@a$$^- z`-AND6j1o(;ehV2H@krTN4AD6b z5e!4oTJ0)c7duqNe6Ew=-oqPZFnQA7uLd^6`bA8fl#&r*TOc7^{DXMd>2#zWCcvFa z-l7O#24>0-g9+#tplyMfXp?2C00$(A7o}1X2BbGA0+1QJR73iQQD3BAiTW zS&NQf*qEV2;rp_YfKkUh68`!ub0PhD}*E`X>r`QKFo| znVn+(r!zY{@|hn+1`acGzT7_p4kuxpMVfiwh|H~gDGF+}0#tAv3+PDuWTiv>me3ou zY_e9rbQA(HD>}14Rsx_60<-+;b^3!|cd%2ad_gjf{3;P*94Amk zLIu5!{J*ZnOFk3G(JfpYc<`+c-~uHPlJkinaFWd1pCA>a1!=~))}J#m8e(W}vJs*Q z;z-atq=eop!cc$-qDAx~jOi3cmb-Q-$fGe$s^Yz6GaJfi0{9-(_2dx+2 za1)qC`U~)86PzDjUjA}?0Dk!T6?86;WQvZEQ{daTA6hTKkuB2Fy;m#k_b~k#EiTa5 zzBkHWeQ(cT+O{h<`P`tzf%uPkeOv-9S9NbGnK?ie8A@%L*3{=hOXarY)9DDBoNU_F z<<)FEaQ(JeYRMhQb!8n%;L$vy^0$@zZOnR~m z7diVBvc{Qm5o;etJ1^vka3PA0l?2z;q~cEjeS`!fFEMUCn-qpTgE5F8he9BY5Qqtk zq>*OrTnQU8z&ORpj4T9Ys{6U+04cgvavdMI)dPUXUfYw){v8i@i9iLqq zGP5nav2B(@Nkll)LKe*60#L+AJVzj5F(Efu3NT}tvNh!}{Ornno~2C4r8m|g3vLmB zF-0(1n2`s8YUOnw1Y01=kX-5uSQL>kRJi1=NPRCmsC1*4+ExiDHK#<21lsZ>T+k2n z{-_ECFuI;0NW&>|O%Ej|x{)IzdIJsdy z7aB+PIVGaLFtaE)Jq8=+A5V`rMbFxEDEg7grE$CvqBawvLr_>0Ism)F{T2Wp-ydH7 zd;ogAfe}&pX004XB#c*8_lP7Mec_!Drf`H~%&{2Ij58eBMg5N-PsJGf?s6q^j+|-& zjfj#|4xWtOfTh&A1TRF^JeV-WLcWV zNU#Eo`4$N)W1mty$1$3?>PpPF4@tZb z?Y_k^QZnD}g3B$Wb5rkxg)r7Oq6Hu*a7HBJwpv&i5pPVEk4lWkC|raws_U37;HbYV zX>>Yn=vy4eg4<}8Yzg%W6Mz%UZHX-aftVd){^A(|kOQ1B4&zw*JUT7?%kK8D2W}0C zwF-)`3=hcEZlvaPxv=ZB^geMV1}2UKCJWh8UP!KD1rEXx5@MV#0On}MI^aY!>6JDP zyD6L_fQ2-_O@#d@#FH>!3NXYc)z`@E0jPjs8X>woIKxM>rYFvRN!YkURh5?YYZ;a~ ztV&$ZDH)+sfLFWSM3i&LZlpk0tlmyZ)VBCK?_)eiiCArmiHYT3j6=$^w5|Ml-OXiD zrz5khYq!BW4N5r#3wReDF)(UU}@5P7N0%~qeK`?x0p?p z+g^?Sf@D+$_sRCa{9X-Zr4!a>cdbjRnVq>nADGoO?El4# zE*3nT{92qp|*4yM9R2Q&CZh82)8*!|0P?{$B-Csw7Ru4H3@CCE}RLSsUO zEh%RutDe#I6L;8awUosSz4$_Z=_7dya&SAv;Z$um<5>DU@;Cls=m!QIuwaH5gA-)e zBexWDj*^aPPT8r;%v6e`voJ)?$2LrH_m21-+(&QG_BeQtL_`_G*`qVkyh;49Ad~UDY21Oa5TM zti*baJz!mnwWK$3RWMAY#L-S{Wjok9~BW5xNYOWMkDu&d^mm1BmLOV!WtWXUOoI7d< zMe$nIP@^6^=8zx~d2TANBUUJdvO?a9esB_!xZ`}g%u)%%Im7f>tj|7gsedoUA6G}` z+5r4`eE!+3u9kA*lU~%N@HPQZtPJyL(If&B#B+@$1BV1FeY|)lze@d2Y0TUWH7SqYGKu^_Ub)FCVMSo4`lFLzSk$ebo|l%oP+)>Mob?{Mv-2YIm2Le zGfwOQHRU^Z)@nFm9Ki^XvD1zy{W+CQ$kFJC5vFQ=Bq$W=sVBxr2HL8jbIky`Jj`*= zu`cq1cNSjjW7Vpa!mj?7qh$29XA3ZwQup0?wVSL0vJ8(99n5E%!StYH(CRogp>|f= zvvQZCUV^F5j^NV33wG<@|Iu<P4?d69N?MQmT4i?vZCT^HGj7<+6<48nbQo?NHrEVQ1Q9EN=508tq)iSItW}jz94K=l;zdChPYL6>9(Hw_{E|;n zh5Ao~$+M;sDL=l!XlNPU?pR#vkgnA5Z5%CLnW2q}5VJ{1l(#dZL{_{2HcltZ+UI~&qo^UR6p?Du12VSWqqb5Da zozisHt(vofXr=%~1&=m{EKTxekevln!GODZcUfeY4tOIJwhAzo5!*sMD$Wukkm>+G z=#P#X4<5TGG;D~rVqcGI+T5NwaSy(^G1E|n?%Dk!U#EqLay*th16IfYd5HH2QSR+K z`s{BHE>tmb(ZEdwuP`nsyu|eWs3Q~gi9ndRVny@;sX#uV<`nhrz93_(7i*s9$T?ObUX%LK{B3 zV!dGztXgr{+UkH`;fSkW)ypyiRvnM^>sDC`5`ZnHjv$!i!UcJ356%GhSb-5-V?qwV z2-0Poc5g0gIEFfcuO|2{$H#839-Hm;01a#;`P2E9;D{}N zW+`7BW4fgk-c~;4wxqI>Nmm5J$ruS|Cn=q~%c?P%EU~fFAnK{!Er22AGvNy z7B@rJDLngI1x;ZE2Kof0n5C?*&GxL5ZA<8W0e5Ol)~~1CL#>`7VR3jv^Vr z)mA~=qOJ*WFG=M!9V)85<^GgQPAHrpaAZ$k<B*zlO{;}zu#WUpc^Na$bdk!!ik{!RfZ?#G@r_|Rxv{gQuRY zmPn5=iok}0#^x4Ch*wn_p)vqTZUl?TG9}hOQH8#0#D$?2Pi>dCbv)87REZua%H+u? zfWBZRSu%_vo^9o$tOJnjcQMnvHHovMWC|S#7_#vN$!J@Gba42nU4|h^{%I}|kS>eQ z9)QmsCyNFIEE}~|I9b9BAKH~bl+RG(gO`!)RAs4^$K35)5o6b8*+?!LG+JslQIf)m zKC$7+!9#gI=sj_>MjDC83%vS1cV!Z7$V=;3f&eoTAvtYnqfBi%2|H)(WMFXf zhv@)4&0*eBFtJL~Ftos73aK!z_$@*SfU$etqvbHiI=o>SLbexSy16_MR-h0S5=7b6 zrc%-d^P+a@s>&7KqZx{DCS9$8N;VYaS{DL7OUDdsTpYe{k6?Hs*vp={+B6eg1GQn2 ziZcyh!Jwipvs+?XcgpWl7^sGQ2`TsNF7dyR`uIk+{z*~nGZ-Vt#i&noA{SkUs=#%pr}*gx!%h=8$$p^=IyQV(w6~ z8qHE7FYnQ`Svu09^c{zp&(iODfdBo*_vvOo&FV7;Hkkc1OTI(a_}=;AM42n1doW)+ z&vaU+`;EK+Cv4;8BQHv|BQ#$z_69e1d5y!Vir&}04^gJPH0{_u9L+5enmbmW*$tH@ zT8iilGbX(d`asB(+$Jhz-E^k2Ml!_D^Ma)%ZpFG^FE|>m`t8{eF)W`A=AWyU>$AnN z+nY-_Gl;2pwMeCxN34FrDGG1Qxe87f+I!$*YH$+6d0fd^%VRk6jtBi|~|R0H-kF0A{quj=u`GqHjD%*wwLE9>QD&cStjrwX=b zCim$QrgQwCe_)5C)8EH)OR98>%5kVh;*$m`*875P_i&&X$)X%3>er=Ny2~9O@FMqN zAJ|vGxaX8tWoOWHKB>Ke*`jT71=aAC*r&5O-iBB?bky0X|S5_r*Yr8Fy})5Nq@-Ew$pjw);$ciZ0dPYqUT3 z5vyO`CSEv2Fm3C1Z5g|&seUFTh}vQj1P@8VIE7f|;9tw&Q5hw1GHIi^iZ1Cw#_%MO znU@k0q3(-B-gcZwDwz7{o|u~B;_{TZIx21&XfxSDJ12%PD(jkOHZ$xDe!09sw+G;F zIN@l5=zmJ~Fcp6mQvGi#7pnSlJ4MOIgh7tkSnf9!zRMtweAxb`r0RbbvWsy^1Wsao zbc;Q}m`Rv&d~&#w2DXtxx@xhOJB%@8$i{PN3m+w%V)eF*c-U28nu1zsDkSIWxry&p zh4PH050FO^Mp0WM(B?$)AmU+L;?NcnPyX443iIw}%jt(5SDZRoq5GYFucxGd#Z*bM zHV90lW=Lj%d3Sqz+wtD}$tX>>0<$m6Kv&(q#cFZ{c3L*U!9feW0KXuRu}t1HL{Ug) zGn7PTkJI=s^W;LhraDhRK#bsApBIuTLj=o*m}E>q4yOb=0dT_F=%_>^FlGecMCbx} zRB9>&K2srb4A3kQs@lmEsxQllG3PN7pe-U>fMwxSH2xkZSPXB+L_I{r20oa6IMuR5 z^;J=EOyZc_%KX7EKrF}VUe3AyBbF(*)F?Vd`-OtLz4ur%fyoytri;Fv z>-=LO#qVSgcUbO6vm?eZFvW#&OWIkR&3(HNXFsl zSf!#%>9X)P4`iCgu!+Sw>kO zB(P-*v4$%zq+iuXeb%K}(qXE1 zwwy=S!;DX5H1blK>KZWPQ@J9w)Oi68WsDb&PzdQ3z}BHIPl6^$NhqNQa3aYokE=Q4 zmcN}1X=QS!{5tY?dH|s6I)}XR2r+&wRkC@*NO-e*ZB~}{wY=o;THU6Y*On2w*M)EL z;|-4E%UjIDse>5$BCltObf$53eR@9MvC+g;Ux&q<8(Pr|!a7M@4gVBU8P{--Kg&U} zRx$o9j-A}x_Mp7VHf!={sYrFRd5|V%IGt?7ImgNcx#!K->wVEHb0O25VV zBrZpERBqtjX%EcX#GR*!`2UVTL4Qq%bX|CDKloPC`kP6m?Ic03pjBZBXf0b|3%IxC zD;+G2GZhM|PEve-HiCn66AK}fegP>eb4Jy9GHI41WlH2i3+H!nR(J}1kq48-lDh(2 z_;%apG2}$v-Mfhkr~czg4Uc$EtNJcsxv0tS`!$}*BO=4Asr5s)rBk>aK@QsyrYhlq z6W|*YoneI&kW$r%HyQ>|D0BC#o=H7vz0>Wsun6qWgd~m_C?eo|3G}IlZfDL!i$P6x zC%twD68$OUc3_2pC~UkbN_>>Lm>?RMz5!82_p88on5HJNyP6l~(7cd4DV&<2mX|a+ zOy&4#C2Wn?F{Uc{scZPE=;e5!?i4U01A-qhcW%O#7e+yObA`T3mf|_&2wYzNBm~Dw z^KpW?XUAQ@TUpn@F))BWp!9RWY-_i{8_3Xbr;QRp!Khffqwa)}`7rW{Ce{e@P=j<> z=r*PK2yYM*d=v^Z-6WH8T34+VaX2x@6ZCF@o{{2Bb#GM0ezk-{Us8EB5;ofll8qB? zg)jo2adb@?{A`4=hmyK4DL4BH2c}(ln5PQK?ewCC=&V%9equc-aU5>w6M`p(-bjDVNX$>a{!*yfpvoOYZ7FJ3%K&LRnzqVWNE*qlXP1MZJJ zhY{Ew_IrDZ51fQNB|b=O0+}@!!Cl2vC%gdbq`WAcqAlc00Q%}ZHFTY2*$*mm8i?9e z`3a;zT{k^JZGr-G@_s#|ETv>7R%?A;Chrit#e6D_j&l+{*yJ!cESnq_&&OCuSl|yiJ1o#U%??}pk=+b0 zUbJ-Hcb4xctF-s>%%m{ORGR{YvD}$RxJkhkp%f*;Xv2sJQ2G`i!nn{tzs7liMd?st^E~^LW&|57^V;XJJe*3IhX(h*+PqZ$yf>DNS~emc=7I1Ux4oD z1ThB3Zv^*dGqEFkYnPBW_w0^gA#bzDTg`c=QF!g%<#n5NFfaeKePkr2>-SF7YSu4N@~L|Cr|<7k=0Vq9_STjA z$KC7l#oisB#&>I@*X#9$J3I2O{o4IYOKN|c>_{$0bs)zm&QMBmqOxS2Xr=&`E9?!^>f&IE z?8VQS&03)&5oB>RCCRzE=XZALEt4$BJ^boyu=dGgV(k){&G@k#=9vV2uSUAy9HCM7pVszxY=i& zFu|QL3CCiQJ?{st8=OQ3K=0cf%G>pYA$M%^L$_v#LlvfIP66OA?XO?K%i>+(@}^tkY+pjgB4ubcm3kpSbn&w2M*G5>e=_V)bw-{0LG z?mf@{r+Ai4M#Tf(1k9&U)x>iOsJgWuI$ANC0xxw+XA_2T@LJ}XHYOw$pdzsFhWuZ`3Id`Bc8| z=I?aF1yE)jRUf{Ig|Yj_9Z<2<^yKh_c2v0LH{*0POd(!hrE&g2e9}F94L0Ph{*N&}Me*;L>J_Z5)(*CpH-0I4k6>8?C&LXX*^OTSq0a0ISAI$p! z2#(Bwv%qaP$ZG_7zfi*IA|=Am5FNWkBkAWt<*qp;Ew$Y0uPe(H30W3My4O-dIFQ}R z@OoJt(}-rt3i`NnWpkMV|D9!}udqHr@`zHgl zJrj7?YBXK>+p!xyMRZm-;%*A9ZYZs8q^cQJ-U!Ozr>m>;f&|FLsFtEZ#pLy+i-(vy zZe{7oW9E0K&=?Dr4xSl3m_%Ts$fa^PH^D~b*g8y6kh&E>UY0~b&190&&Y^)8iB*8* zw+g_*{Pyhcd0$)GR<2ao)(U9LZgWWtK$T9H-viJAzkx)|p@f4S(XfG+Z*L0qV8=st zO6`zYwecJHH6vUPy4pmQb;MBn-=t?>eiOa+z9}EUS4SxSd4ACC{&{}z=lP%KfrEl- zRDoB3HeFE5mj=aELXG_&BFekh;=jsKa<7HJ3j2T1-`g(O|9jj0!L$AU6wfmIUkrao z#a5_AfYQ}YzI18Imgbf^b~Dc6So|gCSlbm9AEe7bO99cwPb7{Im4&QWoI>_9TGST~ z-29?}uB*k3gWzj#KDEvN0Dyu1TILsjLAU> zBE$Ce637VQ8io!*C=>9Dfmpd>@n#*8W;tfp0 zp>VXpcSl?hIM@jew5GsPHI&nM747mk;5!n}(Rbe+_3lfoH3Wd2&j2R?e>uv(vSyUb zr$+@DJNBiv{S687EeEGTuwg!z2-DVTlD<_%TU3o2&3HMUBOf>4^imtuXxJkab zdk^vj(sCl%=Dhap4#;|S@fg%&Y^ShcM_Ik&lC&%dbs;^!#Qa<$5}!@S$9PKipE~;9 zbpq47*LfKKos7X%`@e%y{6~MV^SuB2B#(;!Fh-5Mi9ts177iwmq;;xKP#Hbb1vpXJ zxu*HOL)JcGU<4V8Oa!#LB}Ge*Ws+33)yWyIa`##Bs8h=BJ{mto_b=d3UVBnPp))`&a>1&|nOheuwc+TB$|xnnD+6~0g<{{?5U@8EL4dd@3rF*uzq;}^(A+b*3- z06kTwiE^sZ=l1d`dz8tX%#eAzJp$T4V0;GbgHz*2+3IH{(O$|3F zw6N)cso)QJjH;8@u4pz(DjQyJI84Y#)8R13yefx7e{3=wrrjE9`jA!)hlbGo3php` z(V0oasLloY*Tw#aIW1F87o~I{NpI8PP|dNbFP0=Scp|W!@w;d^toeM<2nPk! z8_tKk_I>8Vvx)z^J`L@ElQiy5zTj2<-(GL0X#e+yyU+IjQ#?BUyI>X+&#UPp@;G6L z$_y`SSn#enEGD+vOmj|#%kymqAo%*#O6L6QsrcA&avyyAcCe%%hZFGaTcBW`XK{Q^ zVjQYnt-3m?EhYo6%jYY-vz7YikCbGo_>GeJfg5$MPvb4uGp3NM=3x@q+ESb4ztqWi zS-9zTw(w92PONj zx4qYUw*Q{uvG$+Ix*9sEQq{OKYyGJ#mFro5C3j%^3B-8C@x4azT~)jL#8%&+Gpud93``TNoSWc72>ozy$N$tlca)0RT=^%6Yvz^~u~} zdMEARZnQjwhFIIsSGw?^iCeyQsgOqxuOm`j2>!yo0IyLfenEMCbx%flcTf#>hb`|) zDSe@ovxYGzS_(^;XIJhY=c$wbCi~RAoxcs_|8Qqml>fVfooD&~6pxkv^~uWCcm5h! z)vjOjwaW2pzO8Wk`o)?!ef=7~%Xe*`F90D-;Rwf=W2B`cjG{cZ@!84M_2KdR)3eqZ z{$WeCKc;usGSEZ$hFy9*zGqnHgFKMXx+9!)<<%E$&<^E4EJi2=I8pbCtw#C};-OnD z|80*RFaOi9l>cd`_k8~INuIj+KQ}Ar69@m9rk92OIkI6{;9o_~(1(rstI~9j9P^ix zXKBP=Lu0&d{+m3x(*9GIK|h-Px3fDa&Hv%E{r4n~wg24Q(_=hY-{)%pbS%Rxo4~fT zlQ*c=WxFin!y4;e(`F$(#CjfECqIPhzyi+V1Mr)@1R&3;Kjl2Vj%CQ_wMq-|s<&^F zoKI*P`XAL7Y4Kux`W0csm(I)Fer!o@} z04$_1MOp?pKJLm*Y^S}6O=r>u|0JVpJ64`K3gm@@IP~F*Ix1MuOD^A*myX0!!t#{- zuIpVr|0JWTcEodiokBjnzSb)aoueeE%;ECC#*5KN{y*;ee=yiB*?+se{DdE8DXPhI#uU?#O0h!qF#V{Z@~8ZYetA*P14L#uh{aku z#D5SM$p7kRwf?um`B?s+{@(6(DgI~odHwe!Po4kAy)NmA{XeGZwU&?7{-25ql^)jr zQ)THqvi~P1&)O$G?aI9VtY==NX}8T{7(C~HdXi^p{EuSThYS3voNH~l`KBFw_w(yL+ly;I zb@P9oCf)0Knmoh}5UcFJ?SAq8hv9bbIsW@eo;v&Q)A`x&VEWC|#IyQDnFuqjCkr;9 zB0(*$QS1Cy$mCE!wRK|KyTueuGDuhAxS~ZD&Z;(rz>{gG?%Adb zXIYzaxYlcPg^r#tC#%5 zoMU>V6~Au&2^ajf!)vei+5HncneMWOPUiG1wZDs}k^Fz;{2zP6y<+~4{_b=BzbAQ0 z=RY4{`?o?w=DWZ8W7X!b{({Grzhob41b&-0m;ZHn{r>3N| z{V_L;1q(gYUa_Xa<8Kq!Y%+-UZ*Ux6-eMk3{np-|UYz`L`0kzCTJYg4aEe@f_;_`4 z-SCR9_!WJthy5COcaZ#5-ab-Mu2Z=Ftbop) zi9f6${;)v({#~eF&!vPqcYHbM8L^u&L=$yy-_mj^WbBsENKpnQ^S6}DRIGxs;4aYE zNVc_ovPR51_?JT>oWKV+R3~>5bl4P96m@JtLrH~?`nrT!9Vdb}OxE>KioX!{j;Yxs z*g=$y@f;Rc15`P6>>V`z1)^5JvV0!2 zjp5KR)3^05SqN4BCHrxOhpAAmiI1sJrEtE$oGk}`4wMyY2pa?W|d6id7cC%uBe{`6KlP6=(B<^|`7j*5j8 ze!*ijX9@~7E)@QubW`XLOR=0F9{6vvG?I8XU6uQ->GLW1a`)=;`sa^tPOdLcjxJ8F zimnL1u2<{h<;lh6`Qgz?p-$EAzn${J3|4pjd+rSf?BUVT$@$gw@!91%aA6ptlwU^) z^8wc%fb{EAl5xaJ$Vit>36Yxfkj+|(5aZW4Ej4v~a(Q)qdj6noF%sVFUhA~X#Re}w z9Q}N`dwqFw@#*B^L7PQiIEB~d+>F=g$^W~$IJ`c*__0jXig8u)SHa!=0n6sU4M+VQ{C~U8{=X-A>imDdn6ZCS z|DO{8UG4wN(RzIUpGD@;{eMokzbF5nGyfmc|F>P%|NWiaXZ`;qkM;lMGwT8Tf0a`w zj{&ovtGsmf;|ecbpWE|;$B$Cv$l`tIH3FQ->WKY3#;PYTzDTJ6YC zD?i5UQR1$48pd7iRL5PFJ9&Nb|Bl{$JU%%-JGuJh!^O{+*Qe*7c1rA2hF_rlzkkeH zL)r~jdseHd@;m!s9x9Ft@zAkfZYRC}H4$CwJtg~3-tF4G{)tfhFQL2Ra}ph9oXCah zqul>LDChs}Z|^?m|9z52+kcqlcOS{U1O^}j5RBpsNl7KO@6<8{NJ#{sWeY&$Ex!!# zDdf^eqjuh+R>p8L(F;bwX&}ZU3h8305vlGMo~F>fF!-g)32EF+4Fge4W$|{cs!qex z6q>3z9Ot__-t5|0(-ant&rTtemy}dri0t}_-0v2UvL4;mURxYN;r8dRUn`F93e#>w zBVj=JH+gTG_Z|1Ozp6Eq@NVXo>dSmt0>cqp#aKYYNjRBw=L7Ays}Vsp&O3v^y*+or z@)R{?Ygdxz?3SyCbDFa5T!r^5gl$|m>nL9R87Gl*XXZvd=j936u4K{|tNPt8daxb1 z?#z&tW;nS(X^cb2yqeB?r@9VLpTRHHmGbvarEOgaaf(Bi(&GZ2N9P|uavbA-L5@js zj%bJy4kvcC&<4sgd!hAT%imtlx61X6t!ZZ8s0I$_h{6eS8mXYxDl95?B1=7ak7k4} z9To}Q*}XM+IUU+}pwE5Ul(oA5{cgIwX%_cFV-~DRVmd=~g20AB zL1}MCA4NFio0ZOdH{RcP{Wmu~J3+0t(im*ytFF!R0fB;=s6`GY3E@&IH^a~=UyY_y zAlI~O;;ZOwaW=S$*Lhh9(}46L)~!9CkMIAXpE~`IlLCb`hW18 z|NUv6we|n0VvNVp{+jC^O!sSeYifR7>tXc13+y}5`Yu(53FU^YMR+NpoHZn_D4LU4r@Wo(Ia2_BwJ_k-aU zu<6sc$VJsmw0a^{j*~ZmmK2wS)^si)qzT=0_E~AiE;$^M zqFXADHpoE!gV!L?*azN@u|ZLTI}%ddH{Xk(UORhV_)GiGf*b09Y?iE8s}%4T6urk$ z6r)>6mG};-QB!A7-WDquAzR4*Pyj5az6Mlk)060;MV0Qsd0m0%Yj5vw3&`pGf8~rW zl`Yb)gk5lxjSx)`M=YdKkUI^F`|AzSv8dd);e3tcua^qLIIA1M;;_srM`X6q$$1cP3egzf*skY%)xo4Ik4e!E zN;qAl1SgyYo&!4n;PfWAMI#wNWg>B!Hsg%AZpP(-QpC{H_*?GeU@`kfZY-76$jkL) z@vTSide!PlR(HE1*3*i|r7QcaMCCF2WLG}rssOaXlrZ-SJ_m@c+>vGSNi3>;{VGY< zk@WJ;SXJz_R3V=p@wNCuyE zF3=ncNl+=#@fdW9Cj}}{lq7Jw=RBF4Z@W3G#}O! z@~L+s)d_f#-`vsDdYk3TuPP(BU9OSpWkrP%EUn#&I*QP$A^&Rui`V&1sCi}AAxRk@ z7bB;t{Ozq@Dsb{RSJ6B*aZi%w@>a=8#&>z$%7wyrQTs~nAb$Ot%hq#>#`sI1fQ!#n zU`v<*FoNL?N}>brD- zXRF(1Ib*GCsz|cBDfn;f>#pM%qV9(_+Q@GAfBa4;UMo_bX59~uL*GaCMMxc?T1c?BkF&Z z5MRqIMEPP#7tc*qQBR#Xmz+Y<)*s&_u!+Y6k3aemO^@H-YM~tmjFX;YU*P0$H8*5 zVOVQ6G*nzB_QG|tR;wb|4Db?54-z5cn zo&PtThYu3_`=cOa_fZV->~W%j(|PD*jV^m` z-P>f_c>;*#PTLxnZ4nlzb=UfH)|5IYv9$ZS3lyQCXmTiN|DX&Slxg35LRhys>VR$rX*DicEntei%Qlw-u|N__+SR$D*JDDr)2-_>^$3lPx7o~ z{|TmelvFPQ@b{7HMPRaK0D+{+gTxJ3NcqzAcMTV?#3t!%xK*FAjAz+^=~C#`_Kb z8=OQqnS3`~P#YHV-Hm-SOeu+xPH|)|$XPN(EtBrZouG9C!ZM{TRGvVSklnpdNFrk^ z+f+%la@)U-=*(n{x2AOIv+1z)MXN0m6YHIywW+bqbr15-b&2^(v*?dt=hoSO_q_7e zdsgND>Fw+m&;R%O+t2pjQ#@1^l%;}j>8#SLrO}<_Fm;fM zo0x1K%II<@(E=C0om~xQfOIAoFKvvCRDY;+G3pPcGnW`05>~C%k(1)-&5m_*3l_|R zul8`lhDY&EN(m<+iT%OZ1i?>NSLc`ZEdKJN_+}8)C8CUlQzWQ1g)7+baEk8>e*%8rEbr5W=94OKe|o!gg+gDynwurQ7S5Yk)K0!| zL=zY*XN!Z1oL9P(e2tuve$oi%18COT>3OiCWCfem;8mbg>{K*#@ZWjJR~4_C6jkLf zSFP>|w`>$+ zHa#Q!0>Nl;7)3(%8#b)_>QQ$&h^odnq)}tT>eIJyhU0}A{!OrvpgOr?gq&Z+&xGQA zstJV{gZegV20_EcreFE*A}2H%0sF(ohkMBe!dWQ*BUDj|4n?oajNRu-u%cVfgp1VZ;Rm|>tHRW2b|7F) zchGmE=t}ZG#-naHg_L)%osQm10j!e$+r3i$ui@Z1|JRc|@`C*%C8b?XS3X$)LrR>> z9+qAF?Yd2i8!uXhsdEP98ReO)#rv17oJoujE*za#6IFZ>lknvnyi_yH+MiNHsPhQA zY?Vz~6TH=u6gqTJ7Lq9aC8z{RrGmA$tkM7rRDDIHF@1BBne} z8I?d};F`epW}kKD{Z5$RPMCz_4klf5iLmVXKM77iumyrUz`iq4?nn85SGEFH- zDHiLQ+^Up|nBoOS>vqgd6rcA?Es}z&1c!ltM3+2cD>#^1Z=^Uo1k?|UdHq}Y|4?y6a_prJBzkLf@Fii`wFmvbXkTUEF^Yh!c3Mey} zzzK@lqlJIi7inNb@|MzZhuw9h@+k4OPzfbbW*?jUPg-Ik0XDJ}aSUK+n8!Vf| z?%Z=6;!2X8x$a(dxtC`f8bA1_LJ|tkw_E}0HQ2DB3>BXX;?#9IZ`S7E%2y>);!DwB zTd|4a-DWD9-UPo1lQapza9jR~XP4P{jK6@O9aP)jts}W(0-(iUoW=11{F=cSkFk)b zX)4F0)A|J|=(0Q)ZHVz=#E!7Ywsu}aLCz>@(ek=NL+`YYEn$1U`=cB{uLNIEh zP%ybJYZa&(%Aj9koI1jp6DO-_EY=W*y+f-;*uzu#Hc*x0p5rRO>l$oJ}buDWdTL zgivsY;TEGsNx~_KV?<>TZUauS6|NR(g-69;o|jYSGlB@EF?z#|MasIQvy<71A4SL(p@n28#h>73*3%HshFoQS&cDPG7 zd^vjTFI_7%D)t9*p(-FA8GuUAw83g;PAP&5&rF)diaPRR?n&}1oo8|EoFuRt;Nn{+ zwI4xsyn<)}n)m?y!^;7BgOli#2~9?EG6{0$oOcUqO-MSZ&GxuPGS07V*78p_Fqpza zI??IM^;@W3s1PPPu_qI}9?L?$?SHR6HVuth)kP1dh|X}L(oxM2V`7R! zKGk&1Kfceu9h3%t{U#hCQPD^)U+S7^0f3UZB*a(m_y)N3;4H#i-dC5P-IL)4we zW&}IuA5V|-Lo`OPinm(4NYDO3S<2J^D&1OZKz_VDxww9Ks1F74tADbpu(cqZLTyV?i@#DpZkLQhf*SZ4<8Cl74(BzMCFOI zyx9=O=*RPq;6dnj*%G12P6Pm@-oXK*v*WQeAZXrfSHU@8OnTk7f?Aj0=Jt5N|_U6ooa~2@lyr%EhRGtw0&2RB*Se(6e$=B`^9na4eQmA zSHi2hzN$!JISVVuyjg@+VVwH=?iEy4TlezE%ca=mlc{P)zf@tl#j2+fO6KnbvpR=b z%q!pK7MjbHR$Oa;d1yF1>ld%+Mgc-WEmRrq(g7Hpt34~0q7aW4vcawbF(wpL&C6gJ zQRLq!nZMPS!IfOwAw~QomqKlw8&RiHRnHw(yES9tjKf=d6P?BhbZpbju#twUEuaUk zB5S{%%s{N_$9VD{rd|{7+qzcVGRqrUv7qwK(^o|m=8gwhR2}c(6wj8N@~I3@%mJw@ z4c?P1apCFt?S8bG0`i9HhI0k#l#Ea{?l#M8_b)8~-Xl6eOuA;SXok)XFTv%};ky$s zK?$OeqX-C-04HOjx++TAoaN?b3z-O~1=OyDmO%N(gV*}r2)TJI?~y3k9DYt6_XY_E z&}*Qw@;I-`sK|=mof~$TUKUE}^<k76Pr$B;1-v{-t%u9u62Qxs(}qBc{z`(j;aQ^NR} ziq{tS{f znu#T(x7~7UYAsWgLW+XAD-EoJQn|-Wyum3uO&Eu9?76@=V!VUx2ltbHo1>@G5NT_% z{Q2Oua+#FfJOartTj1plT8L5`H)z3@wDTLt68tOp4KPBvJWg7;ruSvO?`e{l)UejE1rNq z{k>0jp8Fn@`%Qcg)bBX!Jv`hg?<07J`R)Q(HJIU=YNZhUQKMY^@PjCliw_vrFiB;B zdREb?&%812Jp3Ro_0})LJRi%-&+Ct96__>F9F4qTMMs!^n{V^yO*JntNbVL%yDa46dJlB4FPy}K`^VBWQ z&$~AA?4J8wp9cOv%I|pyaMk(mz1>p&kKJeg-_tyDGvQpO0<{i5bG*fK_%(C)$!!Znna}jVWH}@raGVL61^=;dMdkASiyJ=W*Os$S~IJ6s&;$b zO;vSP1bq>;yA&l6qLQ{I5lFPgi`%s5Kt!bJ#IjTpN3A_2WoRO!_?&2zC9!_Cl2}QcLq1hI z^ma45AX>E^k-hR-K$Ky|Q4%8m2%Zdik;Se2)jt{X=(6m9?uL5v8{p(pN?&0p&x%J7 zOFFF3B?VREUVnJaQ4gB5-k}Q9<5?DSES4;%@^}PADPfosDpoTG_2oFUmuXb&f!V0l z1JJA8-mi%Ta2B}h>!R~%1}TQosF>f}kmmj2#p&Vko9mxGTwayp$gG{9f@Xe3 z3oqow1ik1cLW&~he7r%61CYiLCt?6ATfO-3;p+PQ@bdDP4;ROe(Y*fFriAcz3K_d4 zG^%qdI8>u3!mN&F7bnN3m-nKW1iuEoREzf|RDG-Ri%*|I(;qI1fx5%(y;ng4QqD*+ zAxjwW!`Y7??#qCxiFFuIw|abdb@=A+@}$r=ciwCC<-f;}!x5AQN|UaKF%EC0Bx9(q z_ebwekAD8?!^g{$>+{pIAMZ+lyrF6u;AGMOT}EPBhiGv5;oXHCq~NYd3h-+Tk!)vG~ssp;CSZWe_K4hi~4UTpxbC`sw8C>h$RF>h!}|1CS?@5QiC`qJ-m6 z>hkIq4v*iTo?U;uJh?bKe7}U1ENGz_wEMIc+q+%NGL@i7pgzajfPIA6Zqa~ zwYBDW$VI7nn&`mFw>ZwHl)m$&qOd;5kC`kOtSrePj%A3Sb5GAY{gBq;JWX_nC>RSg z^Su|yga7!C(yQOVgrXF*f1QKiEyS_PUNb=)oV~rA?|{RjcfntU zO`6z|RT$dO3`B^dkfUe|s9Om{8`n%Xz=<@gs_75>vTXa+wefKC3-?F003jF)Y?80X0rcsWgH(uGnmpzq4rU%yI_ z9kmuxClLSO?0sQ)Q1nfa{@XXnjM`yQ=&-QDnF-_mURcya{yvB|Wny~!<8N+mo~jF^6fTbIH6nn;2&G`qGA|O;uHh#=n7fTRIg7d%gai^U>JMqQI{iM*Oc8o%-t?dR4trE%s`*V86yN zn&AYrGqJ7%?P>7xtGkf>7Jzo@yz`cs-vVh5ga5G*|KmR%0x08=1rA8spc-^_eh9-l*m?bf_WYeA&g?iA(f)kPh7IW zHa%hOX_>|dB!uhH6|HwV9dIc)STrZ}f4?Wz99}y>^LW2!Uybn{_`QCmZ20k3mzg8?@ zzXb>W2S>=64@w{&?7!OI?h1sv=7U_Ye+#-&mUaa_y+JVKx+F0L%Q>!k7>Wbo4~5J1 z#NIN{PR{Ep9dL?&h{CREoS3UxUEeckOv$*|rt%?VDsK zZ~s-p3^T^bteE*(eUo?S{bn|KOYx$`c$k8UERMN1(r%Df5hbbb`~tR!ytY0s6&!xN z`Vf=~ySm+2nLAzt7(`QM#_*{~|tAqZv#&Pk%)G zAgCI&Vrk=iN~OIZ?}$}B6ECV#?bQKb;S>pLBnKgpt%XoaY}p4Mrk5nVS>B7KBsJY| zF7vPKw+vhpNN?z<2DhRg3j#J9bjOi*lG~hkxJGEyRbJWh`q0zWaI3i3K$WM`VSJ2Y zxUeT69S#x#q*GA{EFVz=UMz|-ims*ykes8$@Z2v#SBjeLQsS{jFP5>;u z5V9^^QZd}$p4`M7&FVreU1L-p%oBw>36VfOqciu(9K6os)4Ng{%9b{Z2MW-yATZ9L zAivNhNatao8*=XfsA%c6E@q(ATu0)BHmdSDge9QMclVdQK?g}f(Y8drV94- zU08B=(%qSqaJ};aiehf2xk3*-2bSyJD&$qJ@#;E|Odd^D!2ELa88m^SxHNoT?^*vp#UuTHtMz|VU!Xl9 zUN~f71fQ$v>kRyxgp6RT?P441(S+Y0$4t&9k z<76Vmyf0Yg73{Zg!9YsUSZ;3vzc?P-6E+NSldZ9Y>FZ@puDFA(`xo$mPZ7Pv3;~6P zyebfZ^G`?W=w6}OVh@w5+v$LxXJJFSm+C4>1E%b-bNaVYxHhffz|=OmSx#V_6c3!1 zJVy_NQ^82BYraV4F`>%CybPz6HL48OJk_eH%s=I(iSp@&;!iI}oNe`G;pn1qq86qa z2+%C$i(^dv>1N(~2eo|5&jmF@5zb2P zYDXPQ(q*f1Qd>Cnr<*iI2`$edMOB+}jZhN->Aa{#q1>wMSFo0p)pcw5?Odq`OQR@|Cz@jH+!w-gjDt#N1v-{+wUk@kp=A93v-hsuZQEGGXg~W`;8iJvNZd8W^-1|lH|V~Su&$cd)u`R!-nMuH$gk@Tf$AM-;Si^RU*vTxYf z$RscEGE;+|-lEiCMEq!BL%x(0)O15)?}8*}e?PHe<7{9(6Ip5^EU>Et1r4QF>dL3r z-k(?@MqHp+V?MPD9X~~pKe4CQ{|ixq*rW+C%8q|75)v=sfAfM#9i73w`5%sB_!*Fp4vrMLuNF1URT13drHUWcM zcK`;W9`&H^vQ-V2Ui)4G=B^|2Nk<{1P^Tn6csMu&AHiZe4pESc$kKHP1uQlgyo%wg z?FLL7L!uT{54bf@oc1U^gTLGk3n~WMoAP0hJjsNl^t`dtbp;lXO%fqm z628ym1nUZm&9N$Ba^@Al>WuIqFY3D2{*#B%dK!N%;{OwGV($OXyr=m8qdYbBpMGEK zPaS=%ntrWMu}TnymDhZ-^075)sYs8s?~)YVVzL#b5?dOc107Iqyw+N@U!;W4^3Q@J z6<^jUs54=K%nm3%ljf`{DwNx@Kr?1FP&xiKz)BU0Y9N|Oxz*8)#uA(ozLvl$G=^C67ZrI@N|PTOyr{Gft^prZvK~!R!uB*t8``{HN@fNCrx| z(^8!S_tQ%Z*N~q?uOmXdcmx6@@H!IYs|O@P#JYb-;4fQbF$N{1d^|Nb0T_M)Xs{_w zFt4SM$U$jRqb;zK%kiw+gzSMs*!d5SM>r`JJS`S&Ph=Lx?j2#_lRW!0M1D8&g&Xwj z5yX{7m(8jAy^Z<~PaFSFlvsH<|8MM?@qc&bKb`-4l;_j)|71a*yZCb#)tF&>bTwG|5+Kklm92d zmJ9;<6EBQawg~iMvF$B_a;sKOVATa|K`8SBd2OQKgJK$GJt(G8_WMw5^96OH>t@3J zVDISID%s!P|K=QY1>DA26A*GxeVsJ}%-x(dIT{_EHN7u-;Ariv-4Tz?S!*%EJ+axm zwR^`{@2>sc61p1?7N70@#mb+{WxLm>h5x6jdG>Yy_xOKPcV^!I;<>Y@{l7#=cjwK$=TNH`^h#ZCiO?!pt$_`f~uaUVr5#k;iuU zwOc3e;`0|^_PG7w;(|M^r^UUq17~3L2mh~rV(ET@1Lb=(YaICU2Ya0CDzrXsbq&fU zcX^M$%c1Eef%swS&*mj-K@W=|CSlQ0M)V(@5ftf1lGbo z;_W4vo?emY$ZlSYMs{cTZGD%!;IMft`v$ZZBAcJm0oju&dCyM^`!6F=dKdF=Z~a$q zQmOyy&7SPPM|nOu`;XuGRAc_NGyYiXTHDXOO6svqzv2#JQJ;WBX)oI^hf`R2?5C#f zof59XRLYxaR-FE+w7g1pB-fa6rT1kkt_`$$Gftze){v_rEt>SO%%0*o!tGc7Y0LgUdeXRc;2g!IW66c7qOUHse1!@ThpZ$!;_AG#HUvOZz+zB ze}>B?zfj?hw?FOA|Cl*b^ZqAq_Ei7pQ666Z{T6RdMOi-_AtsK#+OTd3*638!{5;@h z!fQmgX$&C9$dZDXgy>96k)2TLm|_wi{Q7I1g48AxYse(VlIGVY-Jsn748Hl{he2@% z(z6I>6b!yTdp%(P{pUd5g4AG0Sdg$*qOfX;!spu*$E&Mgjlyk&RB z>xLfyFqG9;Q5+yuVQ&Lzuzv9&Ns+j;`82P;IRrOI7BRm;vbMQ;NWu&%lAeMK{eD!z z>1pLA6;U&HBwm*xF+99ZddZb8H`fXXzDIbqrl-Iy2~uM;*Dww5I+_f|gO8>_!dj^k zd+i64LAc`go00SyrK)D)@Q*a24P$t>;mb#kt^EO0%WT;^)Hv!FL&$RavN|b8t5^MO zEk{NgOs$xrDqqPbPDj9^Q3SWoM`Xybi11goP^QzaIgzmI{J2XGd z4P}@lqnqslr7@x?8)0&sH#!v+c8fl)psT$?OO{~2LAxXH1z*SfR@_RTn-qN^q@KJK zg14)cQ5D3oa#u^jlnFW6Yc-B-1u`WGiO6dA4<>`l9m2c|hNGj3yVqq|Qh2}HvMe;> z<1NeXx_4N={O)z}o#=D2^~$^Zx~o}rJ=a|86=$HVuC|VAt<6enSX=kGtRBq}5yH%KnjSu*(|3J|K9*S6W2Nn_@A!{p<2cqr0WqSBf3W7YcNYJMXYqhUz2ncgrwjl5Hsk-( zvFknQ|HpVb=>LD@t^vp>j6>#Ai#gIX#pNtgEwoDhO}pr|qC)yilyK=uVi2MvB0F*E zwbF6AtH{$8vfH5iMGI<6?&e;CbI31k^#9(YY=0Wozr4MDh~rg?vO5TZJ?r0fXJ-8` z=V|}%ksiMOH66?iQnHl#m`?y8Cjb!FU^QI@9pS}@O`egOGZKXEYJVZKa4y6rC^PPR z)50f=m?Q9o!mnGP@+b4cMTJ*o`q(dSGl}5HtXIU9gpn%TgtBc!W!6m#+N(GX>Y229 zCT-}v;XrlaVZogm7=t@W&{vX|)|{xDwq<+0T>QMDED0`CI}cSUX)S(8-fEp(Bt_uKC$&jsO6viyJE(?b4dD80o2dO-W%jQ@L% zH+7%n|6@Eh`7Z~(iwaQlq(KW@iBI+`0)<}F1?neL9VoPIH9}6q11SZK^a{!*)u7tx z+QI13-%mm096afWKiAV<{+|T_*~YYo8rUcQy-NK*cj`RFe;(!8Bmd=~_fP{+PM7`K zKz`X;DJYt%xgC$7;1S@=tVsKS*2u9sJ0zQKpG{GhN zV6Xh=G%=}vtEy0?RiVhgYAxag;?9Cyr1d%AS%l&;tV2D&ZwYY(o~bmGR|E)(VTynv zkae-L{QrCKm+Zd>|7!qL#~F8ut82cyC>PadWrmv+32&jR58k1_yV4MZKdFj)ewySz zB`I9pA?~A|ee!>7-v8@Pr|why=TV;S`JZ~K)|Hqd;5>qvE$vE8qkw%=Ep0fXVd{`p}^UgcNiX$o(IEe65=lerjv8Q({CB3VDgS5gbo?a$ALHpH|Kkv)8Gs_^ z7SJ`MARsY?I4-hpM+a{*xI(8EZBR@qk@Q+91pafqD&RkL$*ZkmF)UujDJz;p>Ww;1rJMIf(VB9TXCrlXi<19>o9M8<^(Rr`q+$KPhiQ!C)!j3I_t}5W z*fZ_F+0*?mkMnd`|38ZP0N{dbsXVljk|^SbSKw;T!p~=uY;p}(4aa|86GHc_@mheo zxyO%xnrA;gf)uULhi`Bkg26ET@Ba?}_ZJ_tHS{La(*YMNKc2mQb@A%kQ}DXr4TOk_ z^C{1M{T1kkPJa9Cl>NfK`R%vEBaraJmJGKPkeC9TfsCdkUPU{QB1S$FN+F;Gz*~aD zYF}mm^P`n13AX{oBnBwH#VLt5D5j%>|Bd4%0c%Q=?DY6JBtbS>U>d^>W}R~^Wim>$ z<289dq~v(ZB{zj}IFwk149igaQa^U{dkdwf=h2>8`7d9ajYBXO};}dU5^p*B7sz|9ti0_1lZ{7yA;wrNyOB zno_KHi9ew5942QWKTOEaSQT%BZAQt)`kDi`z72Ow_yyMY3ib1pBu%(2?-g>(>jHcI z2YMMw6l_yWcgimNzJ#T^ma+_#keNzf|fedYKQF=}`2}}_f{Ov2?I^LLhX1Uo^3q^xdaQzja=@wZA zq!a688UC=Zu3 zXHi7ngN$qt;1!C%UDN#y70_z6JR9%>~HVw7^RoK<=fsvk*(W27F#s z_pkHFfJQ<|uk(^R`Y&4j9uD*J?fIZq5aiW`lG~sveXa1myW9hAO)`23>3UEmG(+?f zr5h~DONw=50aX5Uu&-^!)=?BRA}PqUe&0wlXh5!#@b!sy$SY?FSw0DIQI=b86Ec&VpPF8&XY8xKP>i6X zoC+!WWy_gbeq|qugV%0Tf+M)JyeGcGZ?Letf2Cf4<2YBOqsw($3SrXf~gA!XWOKh#-(7c{JAufw2sy&Z7_p!4(_5D9<6aVwf^*^;T;ZmZz4y@7$cMvu8O^e2lCG_8MTn`Xy92PCE`i6WGq z#WA6LgfnKqx0MR}*8gm5od58~&h*Luf0T!>f3BB+b)3O_OxN|V+vWu3ZAY+ZJYo~9 zlp8BW$E*0ul+wU&VP8`)A^4_dTQ5yG0x`Fmvz-UuXMKZc+PM+B1$r^x+76fhpS5m3mj7^D^%gZSoo~>ctmT zA}jJl$H!pQ84HFKu|TcJ5nYUM5OkA>%Zdy{6@trF1aD`KupQJ$*&H;up2&mEaptEf1iVKk*p36)?1Orm_Ztdrg2)Z9JDUxr zdsv~q&PQw@z-~#{97O}yU2KY{=a2JrlmGpE!2R(*Q~vu;^*oK!Va-h^u<9+TemSW7&G9RPZMo3fX7!bUw@lKlbHzEzPtq!Bwf<9jhuz;6 z`#+WS?@awC{r@OWY5mJ_R%<_PKHpbb_bKhXms7sbd0$|UVc73GdJ>PvK9j%-zN(nK zGOG3-rPso{^7gq`UKjr=?*Pri@><0njq2#f6QE4m*!E>{O?D3`1-#>0f|Gl#5EznR+qZ@W+96;QCiC4GD!{%eV{0f zVRR8wlrCXVUc-q&AsRBfh{>)n9FmxseJT27 zi&I|jt-e+f3_}uUBi33pt}{PtXyxs+W>Pj32H&ub$hViT+7QROJH#2MV_=eco5Z5* z$*>KDw@KWNv?L`P3USn<^HkGLU8fqgqb^1?TN6TiP^X%9qE0p1L*3U~9H}x|@e;2# zFxfxL6Zk$x=_qf(a9C$|fgwXdifC)_;`5fU3+=v7A1d&?lun^$nOOTdKAUsnp_baykm_3F=VAAvKFWKS1M(v^LQef&qjS+oM(wl@tIM~%t{Rc2vpPqYstoA?i zkM1b|u*d%Q#=d#~`()}ro&S22r_pdXOLyM2RA{rsP^uTIJLYz8o9|HU|G4?;srIcK z3l_EqW8Q(#zGeAt)eabI$}xAL*M5DA5kNWHQnFG(l!RoIskmPvkiaZ^Ptq_GUJD8< z=6J2iB|VGa;A0__hj%Tw<{O?KsKhDGVf7zJx zI6l9PfD*Aws}@Fc5>QDIa}UkxgX}L2n8#4sH?JlcHwPOUvK8B6ug`66kG66`rZr;A zamqgJ@4!HLr@wu#6**$9QI(5|v_(}{eyD3(TmSqac6Hi675Sf#FgyM^k3HRo2H5NW znfJfBQ-A!l|NAHp-~YK@<17#D^0Xi3%w^n{TSQyL<9hk-&vQOEt`N=lM(G+-08<2l z6hVr@gZG%Oaa^;9+_>*sj*Sk7!vmP$w@hY{_!Ph-$&PQ`gBu)&rv(uQ8$@9UDLg#@ zAch-sYFXp#T{c>7qlo>h6tCymPR~T5%`mQJ^+Ka|bm~<^+7Mf+1yZ7T-{+(EB)ws}zn)X= z%UEo6mdi5l!ul#kOpg!)_>X@3m4-x zQq5n=q19uiQ-MLP9f?7kk?hfXqZwme506-9l(C+agYSG=SdJ^@AA$6* z`hPNgy8q=-o<90NpBwjX0F*am_gDb=$4@4}lL@fL1V~X5;Q(g#mg2pheoa$I(P}3y z6chb8c#Xsiuie4UTj)t9{Km)_Y48dlhm|)Zig3JolZ4{6wi|BWVb7cM{dKlVwG}G1 z+jA6$HPcGH6H1Z+;l1=lnVlM4t@oc!xRGQa`vCpY#OX7Vf>E~RsqWht-a;I~MN}jN zln|WO*biEx0{;encvJi?2EV~nC_@y~=&-KXFD;R6L{lcEU0484+PzDBRb z-=kOZbXKzgsqyh-K|WcKk7YrY44=E0kw3)GQG_1QjMNu;3p;Yl(Oq@0Cfk{Y`^?Qz z0#l0ly`xRWV*ZtN1e<|AvK1#c*p8nRcL2a3Kw0)Z36VBb3`q`*(KaeR)3n6kHG<)f zDW>QLUY1Yv@Go1UJB3V^W@MWNWdteuWs5Re`i(iKB!w%T6^=c_|0&^}&*$G_D?Up~ zv;aK{BFL{(5Lpl9x`KQd2CIlHU^D<YR=jW#uJMjfS2Ha@IS5Ge0pW|gxDlAZPr=$M3mXwaH z!4bbIQvlXQWbtF!#3;Vb&j<}mN~-waZSHDlDCDsd@%8bSyubqM2PJ$MO+VbCG{qqT zlo-9pi$3ta($vQi#DrGxj!KY*hB_)=Y+9mspf?=ILK8ZV`tg|>cwq1YA8P?_0G`Pk+EI)RUK{=;?0e&zhf`04)lM|mDp{_`_+ z_bd6=3Djl&nxyzYB&IOBB;nbX5`I7~H8lX6%NE(cPM{|B8TdZ(p0#U|^f{K+GQObe zfuuVhoB~a2i7whb$?`wPW0(Ib5%$6JKRkb0$^U=K|9GT_OE_KrU&y-%8>N5KiGa%S z<|YLoKSHhLzq%^Xc3*5E^VR&d$bI=*ll=-#o&47hG1hKwb0J>>SrYUzLdzw0ZNMKd zMq7%bJo{W0UKxNd4iB5OM45}dnqt^bRpdii#@AY96zxG7wGs28kv1M?f6{6^PxU?! z=i<*%O2Hv`2EI^JLj-O{_`^AywetL8QSwjggOXY<)erp3?eH(R12CYG=l~Hu8&*JQ zb8eriufthE$+0#;+)I&>*-!y3JJQ4%?V`KuCQcLO`&~zr((gzVqI96)sqHpfkpl)I zFHZ7B?|h3Vo22ov>wj4(;*wX2xRVvI&;RpXGyiion>^|NM|mp#UuoFy!3Q)7jx-qq zrBB-$1Z8?Pv!MLKFb>L-+hQV=KGF<@GUPt)Vwuw>$FYWn)-Gfn{SV|!mQW39QMa}h zj2ZLfYChy+m;cFa@JR7L&#T7&rce1_kMdOH|E1dgq~I;za|V3V`5rU@uLM^w|C8Hb zue?`I!sXlZ#v5Wwt^xZx7w^x|FW_0eWz5Op??vS?{==bk<#@9XIHNdTasEx|rC+bA zsRl;euvU;)zHcqYtC&n7E?j_mN3V+%FK>NU@V1uVqH9Z~#fDEp{F8j_@;_a`dr|=V z<$tyQuk$4TALV(_{U1?_vB~6TU$nLK`L~+n=YJb^J)g7|bDq7^L^W^T$9U%rEjD`* z3@otqiv)5`+J*r&)*i^f7elEbYOM@p%O@-TlYH#*UxeNsq5g+EaVqD3{pr*G|D!w= z`G3WS{T_tB3f&INCl88?Y}o4;@ohPb`$hhHA*zK03L)hcdOM4*Jcew5ZY{x#AoQ=5 zTfD1!P1WFTsoKQn<*SeQFNS)PYto|N#9K|pNg#ccoSX(tp(!0*YiFiJ;{)j`W5Dk= z+JAD5)g=E#m9Gci|93s}{!e#0dCLENoTo}O)w?@tZnx4N{@1`2sMouFD(RfBp{uOZ}H ztD=Ba9iaf;K~*Ra`!z;g=J3NQiwDj+E^|L95O&oR1%xMsafe6B|Ir#n8@!51itZoB z9{KM~D))bQ)7ew~*GG9i2bYjil*Sp8Phtju_iGe`#TG{)j#nUo!3|uYY;^EB;FUtM zZ6dCa&(CJ#J-_<-ijou^d=Abt7G;b^=Eb)9~XcYFu2(!V2LA?9eg>;-X{lNju!Cd;L8!+uz!;juMWQa z{|-I}Z()kbHUk&WUt|ZPBqdD39gJ{@;Ia5TCI3Dc-DUv^(eWQa+{pER{@vNDZ(qFp z;oH$BymuUp>)&-IuJ4%Z-=FwT>;EyH&%ybc8B-Bi{cVx{{ovr>Z{j4=R|7FMhVzj- za>s+e|Lqw5{owP@KL2uGUOw z;eoBgd|QY4y*tb^I?UHQY}~!WER=gT%Dvu{y9VW6E#-3T&caaLq;s)>D{eQ-+Wb4X ziR4(dBc>QDuVJiQ8^>;Mjva$zw~1rAO9;Smet%Gk5+d1bM?t}++rXw{W7Fx&=G@@Y zxzmgkEKla$Sf0!e5Btydxus9q5mD16C*>}g>pkKaF%{f<({9{*Q~Q9Q zSa>_>%iFZf+es~N{RB1)L$FOFZVQqv1;0eh`OnA(0hlBpBq-xTJi<2!sLt{`t`5Ip zbxbXt)owg$I%`tytf|&n?yS;TOOgi0y?H5;%@TIEwc^ej){4!(>22N^){So5xRZW;+0j06o9q*tdD6=|p(vw6f8?9O z&%XzzosJX8VG~FodQO5&$(FBi8h#B^#H0!ocM{{pmYIG`{w}sFj?Fn~rwSD|=fpWQ zWO|A=>Bs1e{+Hvwu8z!&KV(V|PmB&#x*PMQWz!`Vr*BLkP zYqi(<@@raaI={Im@(qHNPp2p%@4<$o2wc9ocz*om;yEvK$O9VMv6zwca)YWMR9;KUinpYUWzsl#|+L{l4PQMbdA0$#HBa%PWp&Tciv4AvF{sru9KJIMQ@%RgJ)Ogd1B0ufTSr3D4P^Q zJb*RHs3|%)-_v#mSI+lz+`xC8gb*)!@;$ALwWISruE@%W1UI$Jvb7*eW%JiUmNGYx znI;g&NX~<4Cl`l(Z|#q%Z5~W}&x5Hk52odL;FdU;h)pe2bKab_BD2$HDjQ zgFm$m{6YD|SK{0=T6l!to8`nj}p6Q=)2~2%f!8fh_jDmFG#V7b9Nu z=GiatJkcB(Z|L?4@wg}RP6C~M-@vm)`AvE&zlovzCYti|hHmFThv0eE$^K>EH}Gsx zVw2uVY+?wuNlA%0{gl|rw3E@xzHi{!BD^NOh1bLoUXzmW>gVUUC(}+AF8jW1z{5S6 zbX+%+rgdYHkCWc=ajb{D1SGvbJMZWSp2r>M(0G1WD~MyRT``ORjtRxfo%CNs$97XZ zClkBk8P|s8#Eae?TUI<{Ei&h6)_Av$^*ahA-!72GHpMgUt$4s%LRU1+g~%`zoQap@hbo64Losb6mua-@ST!@%-ZK=eHME7hk`8@$>T+ zZ!gYYT%Cf!Ey3YHMx>cmn3$-T~v4Gb=m}D-#1Jci&Xb}OLecZ zNOY<0)=Kqn-(2wVDwk5@%ytWnv+ubFg+B1WS^yKcz!9cc=s$*tgLOJiK*w&~c(z67 z^{{_hRvk#p0D0 zi)RRckOX1_m97zBJi-VRw{$T3U=8`+0!Uz*A%0yDn`7b|-XYVLNo=Y^rmj8Q=Gj(~ z*Lx+ol@4+0J49Pa*Vq4b1g@^1U%cX7aB=w!++a2_O7o!OnsV&h3HAGr;zduk9X+#1 zKr-2`CB>=D+7T~$lTx-&9W8Ok?Hl}?o^%V`Oi%2A8^>nMI=ziq$1rA{k}=zt=h>_q z&$C$r&lY3W>21t9hB51ujM>&a*Tfe1PlvJ(x{2TE%r1T%n{n&(Hf|k5Z#yO9)|uDr z@QA}=GKXB+2FCugV zFi${NH&Ke7@Hz@M&nnm$*|j~vUi9vXk}hSC^q%PFfK1(v3e2@CFh-z_=blP?KJq38 z&r_Y}o~zvHIL^+j^-j*D;|}P=z5~jbxAkXFgJ3@L#zucm^#1H;5KKB6K@+xuor!KcIO7qx~1Uui`-A#ZWiIhwOWLXKnu?;_vh+( zJ}L9;&TDy=6ImHXJRvj0OP;1l!N0>r0JdrL*Nm@vbyy9@|K`S#m7Tg{NaDqv&Kk@N zmQHk*teX*)4Picf9aa6rX%N${&7^aCn{=*W(z&`x=a^!eraQ3Zd3F$FC=umVa_e@L zl5N5VFhmK8Llg%)KvRfgD?>JW&FyWkxrV*wPHP#m4;~w}@kzHuH$G`vbT%WZrR7`4 zq+vw4x)EhhFEW^%bqiaMXV$Rwy#5rocyXttXim>@FGjnWhhy96CQgBFDwTfM2&*1Q z;;HE{ii*8)JxQGsaD9IMT2R|D1TY?pb8RTjwkfKI4^srnH8E}vz63#pV7yI4%_Yni zt|%fDY*S2kAYl$F1Pe^n*$lxiKZ-2y4bxM%Je?MnXMc%iVbErA_BJ>TgaE&=Ml`ZS8R5!5IRBet2?j*{YiN-Kjb;hu5iPQ0-G)Y?27^oEIL9 z$?ztL@Dc~Sgq}P%`!%L9++e|a#~o+izT`SXz+zK()v zW))1fQ@_0r{TgR}XU)T>QqlRe)$`Gd>!sE(4kJ0BQl;=d=y+<(x1SobodE8A0C-x? z4w_jeKrWtif4sT@UCv#TcXjC38LHaLqFXwyY&ae%$Y8MJ z(Kz3JG|qPBzW0%P3ZOFb#O)RU4+U2}|{M}5II z0p|>AUiZ@VJGzoScO`A}yrYZm3l}}7lvY$+eP7n^A5Hq^=uXN?cru#meOa3$Ew<&) zl0@*`@hE_AKMF9hsM1MaRcaKOn3PnhJuTH3Sf}GGaT;cc*R9MR``(P*ip&VU_rNbP z0ODJ58daX@!|}@2#r0agcTo$Yrp2VB<+a_^+=|Z#7oW0x5!x(J3KEjhRf@7-B9Ib7 zK?1YvJxN0w5A}+?caaLCM#ZG0$lGqYd9!YoiZ`=bDz=goy(>}}1t}&aMP5@&;7WML zyZm5Lh?0oxnCpC0vZ<6c|AJodlF-=Lh z4P@K|UA{dR!_WTOeRo;z7`-DzIX}@I9i^ZBfVk~Eb?@WUzLCo`-qRmvVW@^*h8-B6 zq9W!?0>iIi1mggu;EeT)WWSpU=-DHszAdrI@15A>8;MQ6p4j9LotE)JZ`v&&>P@Wy zQQwyC;w@(elP5ZpEjOIJj;WcRJvGy}CjSg2XQTzhD#gd_%6 z=Vvcph#u;A+}5)nxAp6<)DSOvPXo{B9bfC6nwO;WAx!w* z1TX8ze0TOope|P7ec{f!tv7epki+D5+$eCxMnPSKUW`_Vs4P!QVvtct(Q+F_8KTzF zs5kiip4Wu%maZ`xo<17pUi3Lhb^w3i0TOA*k1G41lz?E3qfnI8x5SZsTke$KGk1!& zG#8#*&y2Lqm_p+tG5qH@S87oS{Z?U$S*v2yWH~3g=G!P4Sm9d~i>)NL<2H(G-$wCm zSyX<{EGpJ=Zgh{MchAfi>;HS3QIMqM7KaGDhbdoPocUnAAt6{oEVk3&mXZXe8=Pfa z`}3Zdbn|H3iPfX=EeTwH-vlmyWEik>y&J0WYUbJ9!j#DrIW2@oLsJAd5sncE7hs!4 z8GtKmO1E#xi1PbpL>bBWzLpUsxu_?@W<~ZkA`KgIR@<5Rl2aiAO`C1gNFMP}$35MS z2VY(L!B^iB3HAF%LXC1-{zx|%?ZRofoD7od2bd$|~ZpYA@ z9pmS&Jr&DVVXJq6Eu+4cKhjM#ej2}?44YZh+bS}QBEKCOHhZAIIZ!6UYe$AvllLXV z)Z^{Quqn)*`qDE8#c4x^txi$zGDSv}BCk9sV=Ec;gVMWjkWn|tD-VjDjQT<8U#`dO z4W|tm_1Bl2^u501WMmc%D))vh7u{OMr*CgKr5hbjihD$w>2Pd*ozvT|a}2-E(fm4R zE)sk#q|~n$r?*q%7*36&IW>DosUIGvx5@34O>Rdsxtl4eH+h|YCa;W3xMj=5DePWG z%ZZhidc)P}Yq&aP!__GaS4PIvN=Cim>hv{SjrvzkVYoJvQEyK6E`H^hgEDPLM!g-> zyEcRBEspQqz8Eq*&%Y;vT(7%7wCwIicm)ATMaWKZ+{y>8$Q0z7Nq3|3@_X8drcIHOJ8 z$NcD~mb*Wnck<8XbBlX6v#H%#Z?!u!)b7kwyY|aMN-o;G+y3+1w*5S_sq~-tUqiV))`B)zQ)q5Y@o~xJE_8+3hQu<9N5Cx10F&>@LL*}-NtY#J;XV%xpnU#H$C{{y2KIUiOvXy{IGbgoq1<;lLQmLwl+q(jnA@IBz{c@AB#c;ndz=n z9jxS;%f`TTb1-ZdVa+UF->k3KH#IK9nHe5mQLR{?rms;((``US(F;D=`Q0~6R%!{d zMOPJ5ImAlqbvw^Bw;ku2+HTaD_P$YP%I}xZ7XMVcQpf0)Tt$(TGT!s!!#5|{5YpkA z$aD$OO^oqw1wH1rD#wz_dd~Z%Scs-hiFLp1&p6haosvh2GFqfAVUh7W?^bzaZYw+@ z3AA$Ef57J^)0P1*R|wc9@+3KoczB_d&n2%(;Wc1jK({c8c5IS}o5AMY4*bpedB4w| zoTcnJRro3pyI8#)t#wd`S+4=O9X-pZ*T-tkU&aN8Xp0=##xTzJ=eBF`&TZ%_<88OO0et-eT)euvK70A{#dGld;`NL3>zDt< zF##ISq&-s?OId+gQNrYURmLxN%e!B1R4bx~z8dVd_O3CYmm!EiV{IEy0i8n4zg zW2PlaZ&3(_;JQ4;Ws>k8L<36szedq!C_@MLt^^w8zw3Dyk&#NGVz2KxhTkGatb}5R>lLyM#%1)qCt;B8sld z`l^s0mUO_uM{xa5@DXG*WfK1*csF=+eLi>xK7uPmL4LIByHCMK z8LDMKe*KL@;J2ji0E~CF-fjlgDCOt>n6t}XraOQs+GHc}0tV}P7dcy#ZIoZNmho88 z4cd)_W-4k)1TY2*v3W95R5PbjqmxPf1!DUDBNw779>oVumTAa9#wHVtSo*al9l)x!R@RCpJ4n5=dpsbQ=k>k>;v%twpx!kPB|9x};Yq zDIdxXJN{fF_^`fLM*Ql)k08PspFlqihC{fe>%q|=CNUcPOU+2FBN;ZnMsSP(Ojmq) zW+OIfGaRDgF3#a_o1t_VLJEf=PI+e)$89Nyh^S{KmZAV(>SP5-L>)5=3nKU!f{$Q9 z2pi0IOBiK{QT{^4CAV>09l~O2<5*rT7+O)>)~z#M9AF1fe2Y^Ob18KTQ_OH?@&>{J z9ba=+@Gr#x>)&%g>(+xq??5t2mc0cP@x^#Z}Sn1Zyhn-@D?OhFa~gG~4ESn}1? zcWl+zF^|NNe<7VUfy$-nYxtf+P|#XJ`Wj|vIQ&iHbXyS{SZ*)L`fTq{orpbrV( z=EK~>S|G6yW17n>1m5BB=QM-w8ieZz$Ey@&S&Ov@V<11)V&$e>wV{#6*K5!)Lte*{ zmkR8T?VsD7UOGmLMinoZ1qz z0w#%QtSlV4o;PG0(*&;7D&>xoCJ97#!uRYeotqfZY)wdIQT9-JIjBP8(Uff2#O6QC zi+uCaE|{+Q^1UQsOKn&~cPE*iQ@Br{YtZ|N^Bj{Y%XP^2B*}AJ9p!l5uB8-DQnH~C zNB1yQa!}e-$?cV;av)d0;FM|8 zqk-Dg9-I!2ZjWx(tn=E=#A-7)WbQcUf z1+SY-U~8kLIFOXylMs7&TA6iMBR&d`2gMAcBsMT+c0I5WbCqMUabQZZ^OU&<6vHT! z2_7-SD*0uouB5U1jIR}biN_Egf*;~YT?wY@)B&6U6qD_0Z4zQ;i!=&HrneMwEkvX^ zuD~jzqLn41(he&oHbcNZAAz?p!l9b!+^15Fj({2wl4?2E9O-h2V@!87tKd0W;+T17 z>XU%P8NU#Xf^^G+IY0fBqUFDejf0zf4URD368bnGaexw<9cRHBh1&?nt0B4-VYOrC z&aUENLc(E8LUjDO!Zn0(ID|39L-mUk(ouqAbit>hWp;^A8Yfo)WRz^9=#oS@Fnr^S zhA43Rh*gx4c%8_kXfA z^d{3&Z;nELeBwX{p|QW5!R7SCU7~Ojj+cSwPA2XYE|zXEb`cEGbnc%lylHq6%mXi& zO-}q~YB+XAQJszX!!1fvrpCDQ#=cN~rgGqlRl$L5DaisD2~P5X{hOM?e`lgD3;_h+ zkre-jwT+ky1p8bUqn7^XbH!L+G5K6Mumgq31Z`5KgD#B|>w!mmd?Oo4M{g%*|fwTKHhXqgTjv1z9T`_-4ymKBStGG%C|7&8Jb3n_jnlai+ax{$r>`H`N^iwO~U?VGX>Z75{)I z?#9&Ew~#5Up@rhTzF`K6UMv%R%@8L7oJ9DPU=t=sg&-SDJ{ z=bSSpm`(B#ymJ|jS6g0)m@GkvGR(ZpgoIhO@h#3UiNC`cle91KhKJ}SAfJcE1^g?1 zKuCNI*5Y#ziSG@Vgy*Nc;mMSv1f~=VU82d?7)PojG$z4oy(!R|HetxN=?dAP7rki! z-@p$*wrm2vjo~fC5uZzaP?Xx25iu*0qSej@w>)*hHd&=GL?CbW4N1ZC9CvoaY;PPY zXM|b4uhj))&!l!Z$ z&DEIoITr&9^H$qlE8|?O5R#T=701t`20_;+FB(I0Us_Y`anwxB6z612;>gznWSJUr&kKeA^#cNHY>!p!7b8#lvFuIue zt-|KXL|4m^9Gw0nUJgzNyjttvXuv1m;B?>)e*4$aAVV+>)+o!zMQs;?=dZ5R{%>}a z8?P!oPSk!CXut;UK#DRF-69ZY5g|9*MD0hASR8rL!Y3J`+eFUZFwSZ$Ub$AEtBepz zz~DUEW)!90;54HHfR{X;^D5u`0Nftn%c%6}kC?8%6JOS~VoFU=BGj66^*Q+Z5L}*JUH$m{6#VtqU%}|L zyn2A=WB&HrU%`3t0e?_@`%OwV@-F~JBQ+NM_lkN~FRzoRh7a|YCk)B<_1}D;D2-us z5mS^dVSuXs<(mx2j3_M6BtuGhY7XCE;F%O+-D3r0q_Q~K+I|mHbP9MX)MA&2V&^v} zSw0CA9VtAkb8opT%3k0?@F-KX*hFDMbFotn$_QNM*SED9Yl9HRfT&Lt2jXVjeEU_B&LOj<%qyl_ z#!r7Qt$BGL9Exd*#jnSR2FL8n3=F{rCJ7_!;*x!xqD(er@41Y<``U$JIF#szlMJoIj2f!)%5d^#eow2%c9`Lj%-Ec?p)eZ0^V7~MV-Ldld}kF>~~RNg_;(W-4`v!NN_^4GFV8bb*@!7NwT@H+e%d_)u!0;sX4yD|JI) z$$a9kxaB0GJ^5Eq^Z=Wr2xdEw;NV8N=SzO@SndBZcl`+9O+r!%V`^EMDkEcWEP*wZ zAEUkDgyO@#(S!}e@n033kxuG}z1rjb=37nmp6PqO3B-(t1sgw}`ybXJ*;2w3a^2KF z+fov-cUs2?>8$ck_|;k@rAHzwh{xvnMgDA-iW`M9y>$%%Lic@xKcMh?9EK5M(mktj zjdQbrC_5d-xqJp2)>byHN6{(1kg@S-^6iImlz=2H77 z=U@CEWzoTxOul`Y&Bz4KRE$;<< zb$j)at7IV-`795aVI30+m@-tSZvOria7XTV=(Itk^2%%)M_CSH=BuU6zs?IiNNI>O zv9H_#D?ggs8Y}<0HCFjYQAE7K*wVih`D`kIK1Y%ZDS1{Z(;X{*NNQfC!5WLJ5zzA6 zwz7FsFJ_bxtDydYg-nIzeU@x#KS9_++ayW!wFG0~Cy3Y#w-MQ*lw$VH>z7yT(`|;dgiXf4 z^RGub#>PG8{F+t!hO-W)-)^%)Qtz&n;CI+&mhJXnt6-?^ExXQWHuBZx^3{lc`!a%_)a^j)bcOwq3v7z`p0*( z5L>3{dM%rZm8My)#dY|>iI-_C5HN5aJTo){j?;5CBbk13|;hd2;{&$HsoJS1P7 zAQdM9M#3Qx4g--Zl)GlalG%_D<=&6X;uqbuBil5;P)VK!Pybi9= zfxH-~h9F=qj|%TpZms0+8GEHrk*4-)2wIXfK$XabPz?N?%B$lAfH`!I_DAL%#Nu2V z_k`3=PpbT73qor&gAG-bCvWW^CB9o3~8H2nL!qkLC{67bjIUuAYdrbAzBX?bF3Ck(A)aL*wLwW=-HQUpVu*ar6+tmDWSPqk#Y~ER*`kc*9MwuJ8&>_| z&AL#X#3eo`7n{ssUo81<8=DBjcSj)H#c+cIA>T4gVtHwx$~`VM$nPS2cT~zg%^Rb% zCeSU1P=}O}4HEYgq9{WG7(eh@zFbsqxsCZ2FABjk4fP>kk^*SFjiMtElj_}w%;e$X z9nmAeOZTW$ks1!{-M?Mf7UUZl)Cx%aZ&eA4$NS!uMB=-VoP*4cg&^B5hCDEfd2Ix7 z0$jyz!(vJ26+$u1M0rjNh1DFZJVMj&o=}}SUl<9l1mt9Zi1}19r!DdIikgv&-*JV)Y%$xiyb0gG0kMz`;5*=05 zW}BV(cDR8_)$i1_Xwi?d&&3fsCHD4H@X*4QPnw||4nN7>h7{YDo{}-%b1{M)R8Jd`F zoZAkvE^yrA{Aw+R`sFg+n8bXni&`BibNHRn(wfmVYc|UwN zm|Ld$WlkawE?ATIvA9)+UsPR-N?2a4C;t`y{1MkcL0>*mB@GX76qQ!@e4z%pZR^GFL_kkU@ zYz>XGl$gi4Nu_53ER%Bh09oh1|j7()*0UlQ7 zXZ1KBAi0t~TBVPojs1v!?=k1n3T+Z1D!IvitHWJ4f@+{Xp<(2tezJpj3sYI?><_Va zCApve;#Gux$^)Nnt=8%%IPU2-{)4P|N$jUO^mjf1evikt6B3^7EfZ2xvqP1#EVu7j z07L`!vVCoiN~`W=H#87e_7Z3BejO~cZ<(PzIGs#Sj?`c0y!5z8k{X;2e&E;aeUGyZ zq``V{G~l=I>FxLrZ!(n1zx4~a_;w){5)p@&(N&7FUn&Jg*5n6_B5V)S}`7m6#p0jj#qO2*76f?` zMR97DGM&t;5Xg$7GF?-q?~5ZXwrSB~8;rv2hHGcB@_EWd#T>@@9XAj8O})U?$@}oT)bf6;)|#vmN{QITXWMzj@V9J zDXXAfa^!XB_7-#(2P{fV)WI_1m|m4rj> zWSweLhcz=cPR;vG`1>VB;(m5E)>#qps+JBcb=OE`)QPl46oPkRY)*OckazOJGy#20 zqA*jiRIvmpt_`Sle3;24gX{B4)_+-^TEe@Jf5vOu$Arr0ZN5`q8Jm0p+j{6V3L$PY zIde$&J3Di*mFZa^Y&Aa%PVJrWxHGgsd(Ts}+-LVTM@_J`tUSmpmBQ85MOX6mo*62k z-0%F9Kr6FTA!{`^vl0U}P#$$&Dx~*3EA^hbw>en`TEoP>&qrR;zS;iF3-vcxpE{tP zwr9Dnf5q}FVd!Fa%7*(8R*_UKPH!|WDgwJR7da)X60kvK`L{rxqL zLsgxI!5Rg{yZx?u*}v7%)WMUu?f|xlTKTTgr9Z1i16o4A1K0vykJAuchK|8xkp+hWCU;=L|auQ0xrlcl3Qw_62~wI^4-rAg}BKS!&$Ri&f7nt zN1mdLY}24p){$2z%?78x4uWJmI30`~$Jq>y1|mE+I31jPiwD0Q4P-XH_N80?ZsL58 z2fvjfCkm%Z<ygOI;JcN)bOTSUxy2cl z<%VFqTaa)kkgHMDw)N%30ZSZ79jc0L8l!so=Hj^woW1$}?CKwbQ?E2Km$C-Kn+&Dk z;yHN68XN)?-wtnK3RHESXjei~AMfK?A(tt>#SvPe7g+!!KFwt;?P#DE0A1cfT|1As&-di|8GyoIsfi%mAh1h z8=cUHt=v^Yvd=QE3jVw^O;9-b25xYKYwFA}Llq}rsowLYRc!5x<1P6)VQmjs4i!wAL!O1VOKrM^=`AP?Q&wMb=NOP0aoC*m0shmE}1ifCP{j)_Ix^hOvR zD;{yUd&(VIs~t%qY}Jm$Oth9dva>)a2{`eZ@L2 z^Gk^*nIKo_YAv#0Y=6H?IAA^qym*qduUHp_Qs5}-tT?`&%Re5%u+56{erde`)Fk;H zIatNfam8e%i>i9m2-~x26#SM8C$ks($dynYT*|*Sp;XUgN;mD|vXn8QOG#Z(Z;}W- zW5RVIh3nx_N!A{L9NtkOb2T!~lz-P4k*IM7%k6vL%aX5pJ7`(R-kKW845#;N#Kv4N zo+<$r)|B#WYfxBjPrI&Uc$Q%c?{lOs<;{35M5rq7%Np%R016;DQ$h=cGKfd@!q9oO zOO3#eYp~Hq=U{2bQ{XFI`COG&EBaDP8WOi^lMtlaSd<)`q79YkyNKOx8f@M4vIq&#g}(2Uc@2t8|@0Ha(9}NghXVuyGoc- ze4ZCfs*YQ6A-7Y<=V{_u{O< zQuxxz5}j=k={-5RI27j(g&tOioZZ^=I?Nba}FzO_wKVIbOPp@oc>CJa2L0 zOlHWLy9?+n#%Qvfdh_{wFJ)pE8*S~~d$kpw2x<%)lUvQZcHjoFO zJw2b+Bd(4GU(l^=4!5GvM4m zDb;72QJ8+_+!>e2+#lo_4u=P89HP?$0EU2);DG&d@Ocq?W**QjM(+;}{>HC3Sf^Dc zVQyr3R8em|NM&qo0PMa0ciT3yING1}S77DtOPpg-q`q69ZQnY!+vYS)d~GNF?Css- zKqMq#O_3}C%F(8IfBQT5N{}KcQg+;SuX*n_76}Yy27|$1Fc?H3p^F%iU;Xas62{cp zz?J{i!#=ic+oQpN|7+WJ{$Hm*>V4%5`gVUX9`^0QSGLn1*v?nLeqcNbpM+2te`Vjh ztvqpmk_QGsNFl{xK&CAKXq+II$pNv#c+tH&J$ZfJAxRX4F`a@o``q3x=0XY=VT=)( zg5O#I0MG#*q;Lia+Ah6_p@*j6T?rt5jVyW z0nZ z1_&z(7Oh*fxeH^DQ?EW5f3lW3z>}=*0QUPfnIX-{XWxF~SkB0@JNC2I3gUo59H5xP zLo0~=DZs%z{QDN41go#(1aZAUS^y-mUq(?&6gTK6VG_Hd*Ho1Srpshzx#7yFt++^I zgt{w8D2l5Yo5H)hyR!^-F~+v&CPGsHqsYfD7weYp@QGzxqvO`^J>vdY&zAo8L-+Q9 z+t{K1?S6ll*Z=*|=t=)S#`72&7B3K?Q$UumHylmve&3zXz0q(m8Bbi>b>^-+nh)Gw ze>9&sp^cYfMkRopi+C971>)4Y{-@fiS zQ`?yi#@3`a=-bD~|J{BX>boCf{I8*(Ao2waz#Zd%JR0=#<9{?5KaKy#c<>4?&@?yF zsq4lT4$WEGn1BI@65qcFee7%-n?G@Q8zx{iH3JN5=>K5_e#i8nx#;W2XiJ?KIk_TgmEcV-Z^T5cH7IP`rKGfWRa zrvt7K1$2o(`U$Y9-{RljLmzt}KoojJu#H(7WD1-L)RKrBy?{`rxE32;^t&(yXBsbZ z1lAmFF$_7@m&lC~qzF9s&>SW{Jp?fDz-8$BI9R-kJV+(Q4AzxI`wA5TdmEe~A5pXo zA_XsiopA;+FaR%tFh+nbF=5{n{?jY~#s~BFl&=9aGg9W~+FikqAPL|aVjs?Y#A_M9 z1yAb&B1yauAoyQ79E?8A)s0|GF}D<11^r7)+NJ1W1|&vn%%(Q5#Dt9$;NumhTnfa8 zAH@6D?DZ7%TP=dzB*t`e8U_@7q+*~!?``03F2j(1hkZmggre0H%%M*Zs}ZlU%h6}% zx*&rszliwLe62oB!En&;=~ooS3q&u{53Pd(aQ*h|?G${6KXTceLH9O^I$_Y!qRG){ zp@4Dzop||@m(r+3p?6h4PZFGv@8ggav|Fup=qD?5>O;J`Mytq&6miVGnZQ{z;7$3e zkiS`lNkA_kT~0x}JHs@9D{SbScB{qv;UW%ad{E8tB8i1<&p-U~ON{3K{O5CJpRn~$ z93YAa(_wt2Mj^Q+T~!x#qR{KG;mOxR#(N*HQGf{Puuj7KFE%~UB9e}^f z;UZ)Uff@3{yOt=R#pbmH1)>7HS(#!e04N*`0Y2wE;~nQ`z?N{-P(zpi8iEh((+7a( zU=t?b4wEH&OCsdr`G&oVL3kHv;1?RUn-ChV@}RGmh*t)4jC>DBP7;ow)Hw4n=06pY z8PJvl^-ADFkdIu7Jn+G6?!%ElU$n6deUB)JIN(E+sbiBT8Q5j)1sroVe$dDCZ@|r7 z7r<2k8HXWlx6nsSC=M1^%n+qh&~9^+hW*_Fz>SfI0*awe%I0qPe0?aGSNKTFbJ|XzMwMVjR#pX#bUT3>LP*bASWaPdo(L)U|{U#$u3(HBWq> z{nZ8*ILvV17Hy`WUBKJ6LBW5$zWI|9lkZfMDn4+gplu+!JqEz%&zU-BFUxAEp}}h$ zRP(M7gchuA0LAsp@-1e_L!b459!A3M{-W!D!~a8-x!#q%^-!LmUH)HtXy^Pt!;$mk z|9OkOFWu0B!T+uK_tpjk%RTOxCdIdZjla{r>w9Ef1&~I6@f5%<^U-e?S=(7K)pJW|$ zQ$WHO2IkmDr1iogcTwwwHG{XU7ZzPbtr!1a>j1omF%A;~UY(tjmKDX}zmQ8?7WNSA zigI!Iua>nYZs;Kf`|Zzf&M&VxP`=LjQ9Gqt;#2DYu<_RMLYDwN^|oGEi;%7&zjXlk zmwD)WC~k2#R_g#@Hw<`a0S^v%fc`i4e}6c6^Zohjx8GYU?*SmEPv!V`?4CW`+W+Z| zp2q*9JO|)(34;al!$qsb9mT&G=C=r$NL{Oy5gcx~ieQYo`TAqavbJCzg6HYp?ICNJ zVZugds{>9F8g>%lp69^9<@w3kPv_tla*HG2;(xZ-x>}ZC!$=kr)(g{QYq9wZp8s;t zAN7YdNx+08h;&(v!^4_w3|nQ4n|uMrO)438A8g0>#CBAG?byJ!cibG?f#^S{-?aan z{^4OMrK5XNIxL`cbWckAl2W@drFI3Sb>+T{(m?^GLzB``b4q)h(&40OpAIKgeLA=& zrTqd*2PUP%=9D^u(owG|rK4U2rFHpMMrp5r(!NP)zd5D0pmb1oWNAtVqY6sv@~wmgv{Y_0hzW*X4y1R zN~Zik;erT~ow`$*CfS)Nl8a~_-ctn+3smsXRKd>RzBCVND^Er9U^FZj=HWe6@vuM@ z4^36gq?VA!uiYNc)*^qj_2Iu%sja|Rd|%m71k2C&O4wMr`c zi+HTls1l%?%n=zG23^F$qveTS;|HxWm{(U1Nj05)`T;mcU%v9#f0AR zDC-HRWO46!=QN*#J}hQ&JutOdJgj8#qf)kWjxHOs{VYiXlcdH=mVq@EWbIbvS+dF$ z`Of)xM~69C>iTu4tM0IILqQ*piYeQvt;;$rM^euuY0FrBnXDpiiwdBupVT=I8Oy}u zmUYl3h|wIyC~y%0UV>QpWwJm32X2fYK_HwPA?@`C@NVZ&mTM!)wH(uSnn7huv$ITd zOr|+|=*EXEw0lsE1cKioNEv?fFm^>8St5Gm`tOZTvMaFuu|biuWueQ{CYK0$ zD{%(rEIoM+!az7-3eekkk<-sEa{A^X#~JU#aOb!lE{fsK@uZO9d#sE^#Zi_bb4jEf ze$pWoqttwW6#AjCA0(M-MOuK|9*Y}MF}q&tk1CLxF=K~@00kt85ikO8045+3hv}G1 zFoQ@Qzn7Sg2KS6=1K?e^Fz86nn=`O>c$n zPrV~mOuSu6e6xwstlB%y6K_tAjf1>u%b6XR40#6l7*`dk+f4R;|;k zr)hNW_4=lCRL=uWGgp!0467t#T*}vGc0{J?D9_jN{rK9q>~ac5r4;Nxf%ozgc+Z@` z)xJgp3VJeJ!Py;xlIuOYs`rMawC_L3_Xc^|%}L%KmC;@)wf4A~achq!Rdf$Z>2Br# z%~Z`BH$Bq{Y7h6MyWWB}rQ4~ZyI)H8{-#YYZ`$-s)5ad`A?rd5+PnAov$T&YHC3r$ zRCA$PNPFHe>h)^TUft)ThJ8M&>~p7-?qTU^ed76sLsqu*%uW#y|zPpQSVJ8Hh1?!3k2^i8^(ua8*Ymy=Lx zI63$5HBB5VSLa8}Zb46H0Lf)Ej z?0ZvCu7*qPlKst+yj5ZvCC*+8&EBzHPao;wZx1Slf2rNDzuAzt8cd_XX>K&wG6c3a zX=sg2j*lw{FEtwWw;A##gK051%`FBd?Sk-0BlDY;uOPhC*4W?F$Xgnwp`rGI8cO-3 zp?N&1G>=QIll_g8ylrBdCVRMsZR=Rjy*n~HOZTv9iCJpX>~GTKEt)|sx~u!TW+1Mn zc~Ip#E463t;XumouNX9!yGnP^+-wOn8B{HS$~{N>8xMIuf=RQUc=?9(3$P4n1gXoD zyLp)K^j|+*obb)d0MWZJz7_di0hWOZ00$JsbLgTY6@P~Vjt9jvaprvmsa0-mlo}g* zQOwt-TgFBq$-0|sgdx2EWD~f28=mj4MJOhiP!zbi3~QWI(7%HlqH`nB5L~=J%`!Sh zeD7`r{dp4bGdMU{NRF=XLIM+UA+qKrnnRa{F{}Ra^8Dn-S8u)t;;g=q#F}9MS`zzJ zl2~d4?q>rQ_KRKJFAv4?$77tJvWRoy%l@o0?N0&A`%ckPl0I`+IyOX zHMa!Po-6Zx2oy`{-p?@PRR?*xhqdUg=(%w@1%(!#__99*{X7Mxk+8{f7oif8&u%MK$`nH=}5*l!E>3q<-E`GUBy| zI?qZY3X1niL}R5C>~Hb(^A?X0pS>Rij&P}rht1pz<6)V5L7-Vm`~J34KW{4;;naK5 zK9RIHn-#~U?j(U`Dee2)OZ~jPWQ1G~D|VTybxutKPSZUobD0VhOX=R<%IfE>tp32H zd%u;kO-BosDab&*uvNzqm zyw%k=t*(Oo%UV9g-GWiREcj!Pc^?XjL;b~<{VB*BfW6~d6jTc6s9DYfR=(bnw~C21^2SwfbYBX3b^CYRY`cCmF59jbgp_h;e-o^iH^F+Q3D$JWo^z)-L{2nTO2Pid zR4;E-^h{%_eDA%20=sViHe6PXDwkEoLEz%c{@lr%9lea%(J%y(ai@Iuqd1ydeA$}- zCqJ?F?0XVWz6nqqmMy;QPe6WNbu#nn9*(oI6uxHOXNdNZ?kG^{dvi-V`dm;Fi4&zsKpo}>>2=?w!#Mx}uw0?Sg;_n&Z`yeG#Q)grx2 z)s|yl>WkSk;+j{@n+uNVi`g^OWmMDgp7vU$z?K>Ud&X(=s(C}eF%1E`G}yPA?q(;b zS@|luOU;Kpm)7wwfht1O9vGP@Pmzq+0Mv}9tc}vQOBp+0G*mscK zOtTG3&%SaD%c$Pp{K{Kj$0p6&qnqdSkOP|2xBKpnEPbOY4OVJo?Qdh{O{_^FeV1sB zVk*Mt*kAh6bwnkZ4W)NfCB3Bv)&BNW-kcg2k|{$3=lG+fs@c}ha8$MRQ)(;iZz|<2 zrBM}CtgoQQdJhxifn`W2znxJ~+HAHNmd1*6w8|*GM@UeP(xFM|AV=v6-XeokO{orE zocWUMVZ+fmtQwu=fkgXz{qrFQRb+c%KzT3oi+7<9q8P7Wyy0Cf>1{Ynhn4#rrGD`J z-3@s!con^s0=+xie~!|s-OEzz=^n;Y-Yro`Y5Ba;a0xrCUc#1I3wzVIWg|7Dui-j% zSh-FuwTAXJhV1RVNV`~6d2YxTAWi~+13+-F@KI*=r0^CoF=s^E4TaV&7h1b?8`9o? z8`92iL)zvx}&VrNvNUSaC)=Lr?;{MVfOwB!t8v4Fgu$dY*2AVxVp=C-*1qk zyQ<5}_5=4$D`w}@irLw;VuO8mO9#izruV^d`Sf0v_RHQs?U$WT`(B@46nPZnn9lZDyYWMP9nPI#7MUt)ako$kxdr~9(A>AnVgY@+nURS>;F z!wt?s#Rg|t#xHySj9+#>&S(6xvl+hz`}(m5 z4VRgNie+Y5wl91CY+rUh+n1fq_BGfevt2p%rRLe*+qHInyEc=vYp{n)wr;=H+&Iwv z>QpM=QX6aUePBDk51h&BHQ3`!QBQ884jTHa2NnM6vcz8Y{)xTpd}1#_ ze>4Kh&?%kE_uini^ILqGv`_=%5R!CLBm{vOBujn?`2q#vzHxqWdpX{vQ`z2IbasA= zE|W^BzwgnbenXd1zrv+dmP*OqKb4Z5Po-pMQz;eF{SYCfJsE4zZy4j#uZZy}%hP1< zpQp*r=V`LDd7An~2b&&-KLg31W^1+nuxhPVw%@mR5-2;L1j^1Pfs*_wL#K2m+j|?% zw(=91u?<()TeU`U&2v+_7y4CFS~>^pKLzAxfMbJZez>dzl~Vn`zxvOw4I6t=LYBZo5ehsMxES$^z5;Y7Mrw?rP)bBIyQW`}nxQ0%j=gsl z9Xppr$IfKY>F;seuqVSV`ZbSXrDRvSU`w5a`&;;VSD{Jvwz~{^|4NA15fb#(^wnwl zdX+2gQbT=zWt%tC3+YpCb@VX`2?B8#QV>Bx?!wpubBufsgaKG2SQ6dPM(I`BC!i)<; zUE|flB1@*+h=s%M40;RHm8CnPa0dq>?H3LM=>NZjZhZ93+=sM7eobJE4#8i3x!y!* z3Sh*yAX&j3EwJ((qj;S*PNGPY;S8*yxzSqKNLryI%I|EY)w+;uyZW!!t=4s%AaPF@ zaA5#u2;hKF==;b6kbqf8m*7RfAo?%B56lXXrNfwgKZzp3rVIw=&B>L>2WGWe*Go)5 zEN+a$1n|ie1^^~BWVpG|_c!{QR8L#iiv)Xor&A(wA7}C3D zIr)#A=K^%sb(djC(BX?0{Bo|VFo|6RPD78|Gk>cEjm8LdSCCK?SF++;6XM<7opDn= z=jFE?g-i5nf@8Eo0VS>0kI4+h0iuXZ!G~|Z;i39=$Ns>Jo*8y^tMwbW)c4~Fwf>yr`qjbrmF6+YHY zT<*jjWEnAUwXQ=YsDLuT;3c<)18|qfz2$QJ%YP-G`&*nf#H$}MvgU(459a;ioHga-^D#6oo7$Y%ccofiwv@bujS|2`qaKnIv zK5C`w9O!w#&>Mu_|ExQqZg*;0t$^{TX68b(J#MF;tReP!T;LU=6bB2^YF#4e0lJLCWFh41 zmo@YgM63;5`Tu-wb&a2gV2*ucfmakPApr!f`8>eJB?{Qg5GE9mWU)Ym{gO3XZ|M@n z@)uaa4bz?p)1ADVw%e@MepxM{v>*IZ9EZVCqR|Fi%Q4WM9cUH|tt?UNOXu?xFz&>i?k7~i&e8Bjgk z3rK~4ah!`wt99a26bF#vHS#w{0D^y<{PdcC19S-~Ae;-_NwY*sPUc}O?i-wiYn1Xv z8$MASuCa$aaJOWDayo0IiDSbs_*$(_ zrz6-IF~N)t`P;JZ!@%DF^br%PavwALaNx$s%3zX3j|=6wc>XOLa~d5bU8C ztl+H}lD~LikXs8Cbp)J+3GEVr-XWV{-7ugro+VuB`K&8ZNp0p0xPu!m{VojtBB?y_ zeQ=2vOG>~cA}C%X4|Krw5}5|cg@Ezo_W6%~4FAus2_j4ig=&4kHmdzUj@|1Ia{iw| ze{4Vbe;(su>onI-JoIT1he<>}x3m~cTgFE}oI(Gy@rLW3(DzYX{Pv1Misp&$6GY7t zD*C+OonyWuG=>x{HraA+j37nDEuMdjP)w`7oqwb;Jc$=1UkKs=#llwl%xo{PhB0QQ z?vt0p1j_8KM-`cZAs?tNl=AmG6OSqN~?N_d;%-?1iqX+!*CX zNJe|0co~ND!O=5D2#VL(MXZ(2vTPQ2wi41GQnY@8H~?3oa@+WBoQs%(HnRpU{R(ItXDT?$h(P6BcS!Z}3&|8|FF?_Qa(vvi9GdL9-I)*DD^Of>(~M=;34 zF3r~D#kW~;g?!}FF#en=U4u2|Q^Y24!OXdWuHJr%C~Zh}4Gt7=qwI5Dp5t;zz#yMd zTt=gK^74WShc358iCk7oGQuFX1XBl820NV-C*Hk z8I;Sn`PAzo@zm`oMTps5TLWE8=UL5{sWyi`DbSVMCW8F%8k5ZHwVQ!nIcT?rXl_87 zLg38`6!O_ia7DuyE-KV9DI=zEzCQ!}BpOW~I2k|p*$6cp&8Ej4T0#qtso?0zo( zb|QyK$>%(;alj^6l7CH*o5YxIir$@u0Yx9FYG_*!a!N18YwV*1^0tIet2V{VCyUleFTdpm7GwPqZuRUy$$>gBj-EpBeEeBtx8e8l*IwJGtvsb3+~YO!#mBy zbK*i@_`1umKVcPst^v|2zYp(|;Do#h1IEizoXtXC1j{W8uTb1G<0|y7vZc!HL5@DN z?hAB~{#I=fvJ$V(KsXnBv;@TrYM|V^#zuWTWt5)}QoTQ#l+*A%v%kxT;2*20;P(5g zGvNScM*Nqj$1bF1UP{WmHXYJeFZRE~y8xWLehrA2PijsHmAz0UYef_7ZlkRvlu=Cy*GFqi|o6L|V^;sH9 z^Q@&~kzx)EtswTNJUZ&{xu^`lgFU7u0{}>3KSe)RK@^u52;D2uYpr#}8V{m*Eag`^ z{*7JM`?gUz{vBsH91ip2f6yB~jsM4Z4nRk2puWF&qc;5A>_wZc1Mqis!DdHn=gyEH z-nGIA1?wnywSo)8%nA-mg--C5sweIYe?BWl%! z3n*j*lEQ`3Tz@A^*c*!x0*eMmCyw^NBa``jcVL zLEg9z2d>*Yp2OZ?HXn{BwmqKBXK2*#BinW+1Jpya`OK|@LnBsSL+rEFC2GoQsw$SV zI)z=xYW20N|Ed8b$Kl?w)pL4^yR+lbc#I~_Y%+1++#RDKJhmsUH|{w@I2_Gv7xo+o z-I;ehvWK>P>`l;Y;EkZ`d4q{t*u(ku8*w*^!xf{hDRWi5a^7mlHKkaU-wi9n;hr_J z9K~KVut#I(c-(XQXy(nwo;w`%W|NWIn-3<(17`y5{_*j|gY&@vj(Zblf+oE|e||jb zkLJhYUX8XJaW_DeEW?mC<*uq%&Rq?;CU;f&-LT44F&g)sp=*yl_Qx^o_1yWyapz;$ z?|Jsb890tR^JWuo?o1rmhqlw}jVJx%nKS739cSp&XuF)dC;YBx$yYb@MC41{l(T8g za^A8s9SOcBdyOi!Aeu}bSR>0;JRZ#^v)Onyn0x(6&+&Sb{sc|Dp3`@bGoH=*!}0jo zJ$45DL2o=BO$G=#XfioI_8f2E*|S-_)*A^i^dlTJ*1n=vIg?KW)SCPi(00Kwx!Pwd z0GL{h)|W3FNmL+ z3D+o&v4?d0Y80b6{-`{E^ThXMzy$l}tt_2^!pfn5;#kJ`duYycopL9)0#H~p-97>W zJK^RdmN=3_(JJD4QpM0F1bJ3VIs?fReEM7s4F*9doMt;g8bvwWRvIItQAPoeMOWK| z;w!5xKBR#X8P=plxmVHR-`_(Ydm!ZA0|H=-j1c-G;6bzs1A-_Bd6Xm%7$S(tpxmoU zn zya>Wr9C=~i6#i^z#U=>hh1cY#JkGVWf*(N=Ky^NZ*D`)L0Yj2_Apr2da#fA4&DD)y zOtId|)4#N~xD-9gfW&Bx`RTGHCj8i$k5_y~Q6GK~?_aamQ_ydBx+hEX0R$0Sp)~NJVY-*{FKrd7=gmw2D#T z;_AE#;aRO`8wJg39mp6k>~9JPMk=1tXotzcsSYl=#w+yiFhH&A|DJ+(*Qc#k1gX1x z6@(PeH*z9rWz>Mm8_xOcZ=Y6Zi4XbNN*;q{RLMDA0uaXL3P$DxrnZB#T)lvFDG$o< zQz>erj_{HZq{}II)_t~BkB7sBgdPbw`UqE%kEV=~>eP*!5E`z)s|#M2m7N0TxMw+| zi8UHoqe74{38`_;7t$qSnpDP1s8Fs0_2MFo=@g7cBZHyUQ)Lu-ttj+P3Z}z?iKB4Z zXdM`h)oDRk9lK{cS@U&vMyroj@nn{PYM^q4D2i7&Km^<^kvKf0gjft2R#n7C@e`ld z*Z)w`WVI;WD3RI|9HAZ#Qh@wt79=0P;D<2A|7MVUa1nYu7Z!Ki#JN?}-#kn>tZ!RO zUF9P5(h6++tRN1=Jg_w|q&ylk$}J8&KD2m9nk-_r$)Irt^NnR*>PH-S#ze!-W;r@V z0pw+Eyc#eKcq<&>Rk8wb6(#{cZX?Z$XFRVEiQrvO0My~{Ryep+#>o9a+G2x$1wTF< z(1~r3eR}ck9mPKWHy=h9D0WdmVP+nGh-Q95t1#Y_v?L_)RM=QDat^vKYprw@FN>Xs zVp*x<;C_O)@{F*l{j=4;bAB$B$wC~?5IF)tNZCJ#x|U^eJB)#Q#bqnz*%DU55Q715 za?p;%9UUZz*w%mbUTxB@R3sEJ{Tyo>JDw*3kt$oDU4t!^a>J&+lkNG~0K?0=>2GsR%z(+xpcN3dX88u#D5CN( z<@@HynOxe2SB>gr!n>rH;Fx{PRXRg+KG`cVCCQARzszZrH*lqgSoYH!Jv!2n?|BLi zQDc6aJ_Qbo5GrDv&6fHluc*ZeP{1`Tp!B48faqNq-->0Ew)#c33pOgOs!fNqX2HlT z6ZTBK3b__mH2$}&#^cfCI!-OgHLI8b-;udtWTB1_775I#JvG?QG;A1y7_Ar&B@^f- zLc{`ZBPlV`;ywaM{wrT}#BVX;c~z0`NFL@XXaFf&-p4#`3n!kxlOCMfwImA0QtTa( zdeFl$a;d)okW%O_rS-|C6Sjv!HW4HQ5pX*pN~8!| z0rKMouM_}cIG)%tM}L@tHVR0;E&We8f~%?gTRQvN-qMZQC3R=9T~(E^!R)FMK>U1l zkvXwLbR_^fpski)w&nEfZf}sQd>JMbWvh6IP%KVrPeI$Z`2Te^Ui?`=itgZMnt`u< z0GBB6#E}bvzi|?Hkj5>Pd#-CfXnX><=*JoRx z`Ks=_I9wS(1sk^7Qmu*4xt6xu;*Vu9o}3@*)#denXIfTl`L3cwF`tm?B^0bV{%RGg znPp&K#-@%WW~-=4W6n6|0u##VLn{EDX~n~?mLg-Hg4cK>T*T6c(MbzsR5(*bXF`KZ zYf{K3gFZt{kSmPaj7dFxtNvGA>n=8d;a-=u5)lw+%LQ15P7|$2Aq(yhfPRdiw^2P0+M<e=}0)N7=^AYa7kN{ zsRg}&h`EssZ9NHyX-=pX4z!igaBZh8_eVu2fST(Gg0Z_qrs*NnMAtKPMAkuDI92h% zsB8;H`7gi3X#USMElN5iS~!%+2E)Kb5hYz!uOqEV94xvr(~p@zl5}Lj?g4aN#P5dd z&?Qo@4_iWAU8#eC!7a&3p>kAT#38HC&%}UNXW;q8yH{t2jIz!eGCCr@H1;Rt)AKg5COxn zhvMqsj4YBRlo5Z8-1oT04%uTH0qDyNX#a)mBLy%U9AN8@X} z_wgD9Y_-h>Cgy+f1ZPRq5q`byVO7-WOfBm=9q?L$5)Q!}-g!rP3Iza#!?tNG2B--( zYXs|K*2ZLlxk>YZefq$R5@s;nVX_o%d(r!wFo}65Dc~0xwovg~_BBCN`9K+QY^e`a-sViI}>SGlr`t_PxvgbET*D zLqT!`=~C4xYP#E&AqR9h)xY%0f$>FV+m}L8n5R$y%y7+c^a|V5M=nJk_@Fq+d*Vo- zDcV?uzDE>98TX~MQ6cOy$pIX5bqrJ9mVJhNxVb`Z7(5_A+BNhiac?5-S++f}ycYxiqY3<# zm=hX{yPQjkg`Jo{A6V2S?El4r&K5j0OoMeziRRgB?l4`3iK0?@Q}TQ}04FYA6oTuE z*F_je1bDzq`+ft>Z2Wu!0|XSV1@k!xw$~ z8)s;#hB-oO(HNubAF8g<)e}mkLdD&JF;6XVKKu@d|`I!!(|InBM+I#R~#B| zvWuZ-1Q=k!3K0SqNUulkVoWItEY+N_Q>)BWo&p#JE;2rLV1&DOVSMX{(Cg?F2wi5v zuAT0IUXXR1L$Y25QR~~EOxIf_WA=`y?)?6u@B!t zkqrGhd>t;x+u%Ho!}!DR#0C|iskT$4ng%#XB~5Jj@g&Y-lTY#jfkg~mo@#RQNZ51S zd8-#&^HqMmZmhkOnryVEY9y#C^#|+#d{TgdT+>0%6IX69G-cSUUP7{^EWs=6!&vRA zK4T*JOo7>nb%Q-%S)*V|tr;rxKruo)f`j%5@yNt<3cq|ZpW}}Lyqa4@*I|-jMD|2U z0Z2Uy$(?L56X+1+t;hy5^oLFS@~ht1zQU`>N6%k}(3?RY1}=&Zj{y7mQvN(r?(kO^ zN8nB9A)V1q7!vwxJ|M|Bl~8gnq4Z>eB;Z1%mM;rx6%&BG$3W%qv&!S5whl||iPm06 zCdx^Ypem^Gi-KVaHI7PO$!#a&ejlkCc9|5cTFM}UV&jOGiU7Ed;e3wWT-1nC6sd$s z`CvljLO+GMTV>OPhB1bI>gw+b4c);}_fT|TAvV(z)Nv$(G%Rxf1PdQsQRv>~EBV+5nLYz{3%kv!Yn-w54-5cdn&qyt-Hqj@W-kW)oQL zu@v;W@O#(jZeup!{k!*6z`Dwq3Tg?HGEmb=Vdun<$yi!2GwhfhI4^cg4F;S&X9vOY z(y5_jddLU|2NCddQ)wNxLdliosc54(q@f%7mhnyA17V(F`oPv_ACAPoSL~1L(+g<; zzB{}4U{)7PIrd2|>LPd-0LWH`X|!nIfd!)JjHS|xf_Im%`By%_rCWUl^#b83hn^!z zJGj%iNheFqubRbPeP$x#RO>rrjJ-bo#me^XhZOV&)?@0D6HhM7jBe0#GtTEsHP&i4 zAQV9lgma@EDlQIUP4M2ZSP#cyeZ)BA$)U&khzHt=t~1R5zC28EPqEI+L*^{JoR3AT zS__-=H}54iZ)a=)Vsh%fJFj|^l|km=5sbieq$y0NTL!I>4s^FY%Xc}-HJJEpC@u*+ zXSe?H&z8|@shKUy)UmVEqW3ejC7g0YTSfiVH?$QCKvno~u`X37kM3z{>*&d1U8-97 z;+D2%E~qfIPZApXIJh-=CqgGprO1T)NZj+NFN7lu0geUCa9*0E2@PN4;C7q$I%pzP z$4Oz3Mu4oa=lORqMrIFwhd(0kC-w#LPg|VfqbZz=+M>!gG%qRsebZfatu957+>>l>p8v9&yd&wk6M)3$WyZiVwWRR1O5mP#y?bN44rp zOo?O}d$P!h6i; z3Xj>#%%n8(TY_)D0gmMiI`$SMaXjII=R(PRG#q$aEvacT?xvj*i^RjyJH~w&g_&rKWs6 zO1~6xxz-CY)Mo=~tTc?W`z|#Eh-dP&K>1ojXHsC|!5*}6rR0tcXri6aOqxo}P&>w`1EJXW9-*E|fTU(P~?x6IDl?j&QkXlrA6%EU49(Z&1IBl+hK7e`DYjsRLkbaRH|BRSz6r9%DZ zoI;7&(k!9bQ6k>|#4r*Ka^!f_0D~xFVz+lU@Z1EO?lSP|$m0QA9TCJ0KpNn_rIi~x zR788#{uFuB5jfSSuTpKD0l@u7G9c(f=fe^3HUV5=SKKho>{@ZMMRCk4sK!l@&VPS* z#e;5)SRw@i#RX0TN!KCtZea82n3JBEVf1A2I+wSVk5N2uL#Ph;TA~ zX|jwylq&%*9ihqx&m-Amb%zg0W_ql!zUz==#up6|EisznFoFwtVk4smPx$$upF%Th zq|%5qC#yfDuFOyx^4vP+Ao!J1dd#HG{+SH^lijE8PLKa0fi`l&3mDxL!;Zj^sDn-& zh6NEWc&JI6f=dLwpJPnXTV}APGBB9=!(@P-l(5WFFwm2v5@?3Q62{E9 zqIU=d0Q%;6kCq`EO=Lq01aHs7@nLl!EJMM|C5Y0iO)*I;%=5ETS5z+W9<7jv6Ygql zi)2IXbk>D{uA(^s&o57Y>dc^f%fw5cxH?n=T>{l%l0q^SU?!lfF40?Ja_;2cxiSz9 zXEh|>v%A9oM&jd3-uipNu@7L5AZ5M2kcn_4KaSMZ>S~TpcQWz6h1ytga6nQcyC5AJ zG8ZB^0FD?Se+to9!`KfOWKY>x!???;KS{?UONY?aXcdM0@*c^X%ARJW_v~i6ivG|Y z{GZpqk2m_`q&#zAjnN+`!5>gG{^)XXF3c519!%HHE1A~mem&2?G26Jh=UJ(aht@m# zUg2ggud%xn(fiW(!OCneO)b5LBc;VdYs1P@yP@1fi%`76gm5o}JP@)B?*fssZn=_K zBMG7xX~C@}Zo#@=E;wqg`t{im)-4|t<{yfd>#NO~NzIj+8AMgQ-bCEX!&X1ya&>vG zg2o%^J;-9JaAMtLY_DbRQsg2h9X44GZ|A4V`4BiW8h8*?;K8=QirC`cQEr82s)qO~ z7uJ2nS5W-$Lag9EiSq9x%5r&`N^qIniGrP#%6(cPbcX-)PwbF1=>2kTNs(?*I1WWm zyq6%^dY|#_9u5?xS%jlR{JK(0cfR8T4pJZXRKL>K<_fRMpl2JO#9qN_(^0vCO5{rI zu+~a|fu)Duy zuD5!fEeh}M=}exuo!y*=`qagxD#}Y$l#blwOj?=lWP_m@l>F0oa--CO*9 z8v4Xj9VP_DdXo(30HW2V!*37ot~MQAq)Ml{sB%Xea{U zoF9wX7&wV^*^P7g)j>_Q)`5Z7fdR!G_2#gp{whF{hEeE;i_KNUg!=TJn5yIA{FJyj zDy|yn5Z*#3Wd<`U%bF)TGwcd}yt+kqQ}8z&P_#htw_H3_#UGhg|C`8#D!$w;QSdGx zkYY0D`%Ss;Jjf&Mw!aCj`fV<|80Ac$p)Zeakq78A4wLs!3YYUhHIIN|miZ?aLC- z6}NAZk{p3nOD8y(w!i`S8G(c({HCE8x#4Ps0#EI6D*t7gTu9aw=LtgKBe<65g?P#k zCh{&06T%?7%Mcp@aLn4UM4}PslMvv5%?13Z)RHNDB0}T{h?9U#)kdaJd0CE+DfJNp ztr0l_BypFl@t<%2gg|@0fLZriD(b-tb>M@d!>E=7f>y!BdFcD$9nT+p0DPt{jsW!j zl@Kb1(The=Cs%N2|AeIwsC=PpxX9bNF5cxb9`S(T?=Rj>b9LtM7V!{c zCLMg1R=Y%mk{0`~4i)4@RSHOP`cwR!&0N?5>O=0HEnZ(;?Kcn8YyP(C%MV#=<67RE z#^yYc*IxuuFe`42V(2saJNynznSD}3tmwpn9*@J3u}YPJlF;*XzWBryxbj;7tRwRzp=qQuI{EdUMOS;uK&&Hm zJ^m5UEdwS}#vSPThEG|?JjEBGfHhNcU9c!ue$HIBojPX3hMI>0ilGRClxcyL%ab*B zl}RGP)l3H-Y8cG+mG0RH5^@*Dp4jgRlZ85ipq5eE2MKi9T&&^F3+Z>!C|smkbaG*I zStx4GTVT3OW?XIxuBGqJ{BYJ~Q-qifZzrT1CxJx-b-G-JttSax@@V8rp2`|9p-a9Z z)!aD%Cp^Xrd&q_H5y0A^&QF2{NN6ZF58!~ammgO%*v)?%8`8q$j_8e--RS`!7S}nX zjeCgD8$KngHzag#hc{|vsbBL;4sXP5ifL^gp?j12#y{R--@m%U)Lj~gp^yA}7Efjx zCpWJy)&m_)T=aF6&$%Hddd65IiK~*ITq@%d3CfOgkgt`GfAf7KH@7}0FS5<5{8=JW zU2Psjf$B~p8*wVJd_kV^=F9ayqe@(}ITx35>WEN|vGgdcGd@^-rQ{zN;Y`pt$c2rg zV4b>%x34e+Te08i1vnnZd^<*8x=Oebn`w2ATk?o ziGnQ3lnoFGOx}RVqx(f*Jd7fh*jdj?>kP*t`Kf96 zis)s3BkmMXDg%P=F*R<&<`+gmeshJqOE$)9ND;WY`hh8qo#x{L(~KQ=3GaAa1xLXE z@_^EhIkTV_#R)G!lav>^Q?$8!2|!-GC%Vq6%6?Fg(}2}3%1^)*YSZ)tr3nhu$@^wT zSrmsWwu&_@veYQ^!-eo=k|mCSN(JMGx440&R&6k;_N&Y#jbmL~3Dh^0H0(kl_V+9b(u75DLi#rRNG(P z%#D#p+Dho%>>X-6#~cg*f@CArJr}GXq)48fe|P!%N?w3&%n7Uy&R#OeXi zrFH8On3jKB8cFEK&8cIx>e0nYJ{Cn^{qdeu+jcV!!mhslt;=_myEofceOom0>$G9p zwmljQ_`kMo=l`|GedjA@(6{@8@vv_XzOsA$;i&f&u)jR{UwxGj3gfTrd$*M*?oaZ3 z`qX{V;AhKkgOA!EC2J{Wn;^N>K>5HEeowY(nB)ofNwO({T ze{OyHqyseD)U|}XS$ucV+7_}l=*T*F4uJJu*o_N6oI&5hA5WRks%t)F!59V$1ir?B zhdv&GuQ5k-`i-uPKb~(jlesA#Fi4$Frv)P{7pYUwzMT-u4Y1_~?wl>M*G{{2ivw>8 zo5M9Hk<>c`ccsEnJtXXH)e;j zrDjGCFJeoCYkpQvMO^>yT@AJ`{J;WywpztvwC`WhT&At0Y14WeVeKO z9Pp`q4%+x*=dVn1iz^=%Ofz50EYe~)FT?PbL6n!;x7SV^v`^K6v$ol8JFU@9=|TaG zH&Mt84Mx}Ya4oxY^A+!ga3h}~ofPR%@AwLp~?>WWE@1Ja|?U{B4TZyKre=WV?lSgNF zBj%>i?uMe`Mv9sd<&~mr|8RYMk<$RF8kJhKT`+jF+9iXS*>Bt0llmk}POdT1uIxP3 zdob|8^SqSu?mPs~3;Wg(ik#Lh0P^*gDkvFDT-zBukSehVF#lEnn3>-h`+Mz3Yg_A; z0^3>uZRu?;jsYl|)A{!{u)uF1U}GqtV89wy@Y3x~Ha+P6;6#ZXGCghl27XOKDmz_l zqVhVdtFzy@XPDgSjn?RNjVp8j?H*LB-KK{P7B3qXe^sOqIbew9$$ z{&!JKyEp8=!gbPMA+W>#?>Xas&i?O>$D=3v|1q8_`=52TC1NYYB0$X5M!s}z%5IG< zaqMQE_&)oKjj@iYD&BIJfz$%5jUPhaLoqL;)#4J8AJL|~aNEo;+Lm>tx-k&^CNrKo z>i^rBLS>CuW*f{%VxQXO#dS`0aA*)?TAOvy%i^|Qt9pF1KeO}E4eK<*)<2+ag4D~H z6m(nZYLlGC+--9N1raGVYGIc{-ay^3NQxF^hKRy7#6DYnwE09LuI>;pI1q*6{{(*} z{}Z%9yVL3L`Lu9)5$dgAZee=cpi6jcv=`?RiIl8@)jG!Cf89&YckMVH-|0SX^Mr*`F{JMOrjA>ru;t_y}5#h1hkDu4e zrVDZRM5aAm@+!;eH{dzbm8*o%GlZhkFxnXYuyjh3<=X-m220+knwi~xM4LCl$G!V9tAPU0;~C%p;E$*2S5l9Y>F_9EqorR;+h4ID z-EuG*1kcsyErwbKBMsZ+aOWU1$>rBFscq@f?(6tcS1?M_%1BS-PzWWg$7f*!ZkaiBG2Emw0N}f8sEF*9cYb-lT#3HH^Vs z`@g-d_>aN3|Fr-6D36H$P(}^EiGfG&<_;!=LF<(~L8a!IF2I4v&b3VM9n$s@0W(OD zry`)mEh$oaRB2M)mX(TE;qJ4LNTZbAeN=vm?hA0juRYy5Wsyb?%P8IS)`&C(1>hJ; zheukY*xi*!+0qrn3ZG3S|9~q$>)tthX(C)C;n~1#@XTaN_y*6-@7#vn{&D$Of zDz3udROK*J0T9{Yru&e8e4m;TTzhLjiyi*QSKq&b4ru0aG9!{1}y$ z)-Gr^2?`r-)*UM3qi%PoV_t>bAwSmX4%Kc6H?xp-b%%t|eF4r8Me#}{Vie~Bv)9G` zKjOTiq*uw&+EtqihI83$rpQ0Jwdrt}lg_oPqJMVFw+QetK5#TU+p#S-M`<`tmQOO` zrIX!6)=Yga_w89J8AxIu8WJicR?wnZ!hcz81L zf7fSk`(LGztKkdY<^Q$qLEio!4xK0a|1lmJ|D7`n^5@m$5qTUC6!Q!(4J>%m9A*Ps zY^E6}!}&<`)hc4gg6+1F4I!9JP%2qO1MN?bW;R+67T;24yU)B){I zhZ_Uz&wHWTmMxV6NE4QT-*lb{BVd^KYmrH2B!M=PpvZl18silY`Z7PscrCRE?1`Sw zbtRsIFs{INfoZyct6NTF7^z!Yu9!1YsaJGdEX_>OaTwCBMaZ%%5{ig(+$v|Ze3v6~ z$6!e_uzvoWN#x3h9}W2$)eJA_-T$b_)AJwr>}mgzCNY3J>_4ZsZU5QB!IS;>7>~C9 zRMu73NR=vjnP}@zWT|Xs{cX7eJCC5o3y$yAitj4g-QSL8{QS9ND*H6lxOBn1BjD?8 z1bKgy%^zudxju5Q=I!2&EWP0iZFoD%@xK%|_PyHoGg9j1HD4(3M7W6ThZ z4Sg{ePV2bkOP301^l%fEYC^~^+;i}1h2rNXuTSR5sLUNyz2T^pxl&4AC}pf+)QOhd z66VR3`{#M;>wlGxs-g3@hW;N7^6|feo?}1h|HpW={x45f*4+84U=_Q5)z>1&ullyb z?VBxD$LX7`k#+et_W1(f!U)c=k10k{J3`M(a~r=ozrHy+`{~u2Rs;XA=GvdrJFErh zp?t$8Kfb(YSmuMAa%kNd4!Zp6iw@|x{2$^Y6agHFd&PDm{U`Cz?W6xSjSrRoX|xsp zXOEuFe?H1n7XN2v1%2e;Kh<yLkx zIhWgi;(F)@vi}Cd-q!km_+MtpcZhRi{c_Y$79NQC>tla!!7&I84aKG|6@Gc`u_pe|K?P%z5dr~ zxM2OSzU^55XN%QY|7UC5bN%07QE$w1f5t_%T{N%KSg(bxDux|4~ghT0R#0e+n*CdRYHYk)`v6{XZ#t z8lU*oEA#TRo@tS~WUIA){+MS9DMM@ey76Jpyo=&NPJL=p)?ezVXKu>>;s-t(EnxT2 z|BZrwYWV;A1@}MLPx+r7<*AJS5d!;gfj@;~t;09pq=WB%e!VAqvGG%X{I8>+d$W#$ z<~Km>vj6(d*8LCT(Np~QqdaBy-}{RAajne-t(J?I{GmF>^o3UZviV0` z@N0q_ulLFQ6FVt#$wMb|deYi|h-Xjz|DgFl#-qIbKNt<3^8Y=`vvvOS0k(e&RAjpQ zD?b)({>o1~_I@*^>TLaHD%>yGM}xp`_2%jyS2sVsJ$v{1yuq$9+>5YQ^FbdEN5id zmfdxF?N%n2n7Xf2FtbD`K8koedE+R#d3CWKWHA%Xe)_~ME_tD7uZS-tU9P*Nm?1?N zjEwt5)b~JsUyt~WZf#wna3_8TZRN1P0hv2U{tv%>q@bLYyZ$VP&fd%)6)=C4Vo&?;A@hIOqu$p3ztexZ|NBv%FO&ZxziRC4n~Rz3Y79zdxwcIpjdgQ3{Fm!fq~|DN{O6@^FUkjeP^4!?kh&mg<@nXU)w z|Gme50}s%S@jn=E&HqE^>HPoWJbM05N7e&)fC`6>zJn%vfvBEeNjeTX%5bQe>05i3 zG=w7mlK!~E!;~vm$H$bbk~?3Z&X$8;+K?>UN1$ztq&NvIvTXme)uL1dZ?_JZz9q{r z@jVbH0f@tp`iKwiqQb{5tQ7$kxr& zdUthxd3AAedY-FOwEM4zJTrsEUH=*Ph5`2E^z{7V`sVD-RTH?-bx}lbynti@mmh%4 z){n!4BC>@HciC(qQgR-$UP~S#^ae*;O`V-zUEjRAc+j>;=-v)*WLoBYgI8})f4myr zT%BLOKfip?X3<9)!y9#OCe!Ho|GmCExjDJ~ew(QU{nnhh5Us-CrUHTMlUJ|#rKM;4 z;qv68-}ce}0i5(-)PMM&=-aFF>}~%y@Br>w|Bs!m_5Z+rivN6+M_$x3SGV-Y*o|!q zKb>$4pWYX==efU-V|Ts8sVfr32>2oNWQeI=v~Yy0+>4n^yEQI%zh`1!1-;&!1{1oJ z*Ixo|AicZ(;pWHlf9R&yH9G%{b@|7Vc>$M*jj;`-#} z>+`FdmnWw`p1(QElnmyy{j_xbLoQvL$Cv&1>h{{*dWoep0wJ)M~&(t+Fv@ zUnK5oP&4joP#kx)P2|n_|2=*E?(F>R&H44uZ!dqmx_Nc+ey}A@+wgO||Id$EtI503 zZqI5lSAJ(d%tOU-A?g~|%H6{LUlY;Q?5Sb@@!MXzH$Q|i{x_S={fp2$NodHIt`Bhk ze{Vbg@6hf)<^O$@N7{dwq<0_jy#xXv0T9gm1aVEpXWyk30T6{AfLaJZ$Zz>2fG#2B zJ{qy}=Cu-ngN0l$GPwdip2aZUR2q@ue&J;V%?pFS7C9l6o2h0Xs;bQ1HmYhgyo{i# zn!+)@i{s6vowbZ$?)dBy5`IZZ@rB5ypUC{K0SW8TZ0#G3BgozU{OMD{@m*%xJ(ox* z5ZRl&57m3ie4Sm@Do$i>=H}Cv`ceVIP+a*~KqW~ySajDt>9{LVI3>^<^0#mZm*|XsAv z($6Iie}LIrBiwKf&*m??_e{Q>4($&xpJ#cqJ*#KG?>D#C&ElSGOoJ6kOjjsgAn;tF zAZBl4KJu_j4-1|7X1u@h`X3%<>;$piihS@qU3DF99}vh*6Q#((APDLI&)&a(w{2sK zU>iF7jde1yo1}0$%V~S)!$c`rI_iz6$JV*i{ zK#{bgq%-2`N-YxD*w_H}3mY4pE7!wNDQ`zpDNsn-hWHA4=QwA$ve!jf4l@I(Lv-1m z+vEGc>!-f_#}O-+Hc$VxM*jEvqe;)q|25g>f8Wg0SpJ`jY4CZZzno*wCi^A4hLT^_ zdLFs20{cp&zDkv{%vZnGkoXFMy9vPyNLJS(Vw{n5rtE;rKytf~#<$%i#bH*cD?u3> z?z?bF<2N|E|BOvYc`aM0nmXoy7~L-ojQ+i1fGjAK$H`KtMhoU7E46kR6Pl6LgqOsG zrZtJniWVf6DQ_R-nlS+H@3)xed-mC>e#mAE*w^W6&LaCHTECF2ci!2ryc zz64ZiQ{(8YMUn17d2K=TrMCC?0`TShfBA|ol{INs!p^&2-Xanqic+5hUg0z}_t$Hp zlcVy~h6@`>x0j4zT)0Ni9F~Q3L>3JPV^MD$7F9#Acmnm^?K=tIpt&;54TfqNe$Fiy z+KZfHt)rKH#+G5_v|yuBwTLPjOl^(rm-=h^9_$$etcfZl;BReMk37$ zixSMWT}vH7Xwi`V)xhFqu@joT%I%P-jE{=z48+RPO+PqMftPIG>%q;=w} zb3Nw^#&=fxhVLML{8;eTOM>q32TuTJpKV}Em;rDL{d*Jz$J)#FNQi4pvASKEJ?dE* zLFiIl0QhaDrMCb?%f&4sqByDegCfvOcVjr zjl96?{J)dI#LWNQn{M-eY~otl!r@aAu|?ad3@7QQ|qd#V>ZScuDcM-562JvDH($E}q6f<3=fG#CK4c1;UY? z+?GBRHUUn)4`ct{`JwCMfaqU2#Fsn^QDH2};)SZp>WLE!Zb)i7=!1_EO}7+pY$kI> zrH+=3#j2d@qqY8xj<9h42??4&ALZ+IAMEj)Avk&VOC1%7hD+7D%1RYEh8;!DJ|t{H zaQ?S%ia|E`=7^NwMe}#MxI9cADaT7CDjW9{B`7dVVE=wAmCJambif&Qem2Y(QtvB7-ju1 z|J3eKIAEs3mO_lV?*+4C!pu9=~dBuS5qP ze#*XRaj5Izek?LDK5h8F$5DWz*;g|QoM9nf-PqT|l*A#DDUPxWaw>*sCrfvvE>PEi zq)QI9 zvnw%QX%+n*^xXRTU!yBuwP#)apWbL}>VKo@bgTbu;%V&vlNUsM7KfjDwZt>%a{9d# zHMKd}zh}|s6j)!0MyHUZtkbEdRi2jWr|L@I(lr}Sskja4tmy)y1V^)1+XO$`r}5K7 z{)>}Q&z}FMHyE1vfBTcs*8j7Sr?LFca%Oxc1%Lyu-1SqB1U_ZQ&pcY#XtyuB_)5zW z^98p2G!$$ST}ck(f@E%DrVl=kE>{vQQ1)Bd)lddVW^&Qe#^jOe&y_Al{2^p!h0?)c zIkk?06q{E&n&uWX)Pj%s;em)<_uLyLs2@{d`=BDZi}u)I&_XP-p*{HL}{ zXB7JQF}qpfqjBCONA2tbMI?fuaJDF@@O33i@z+QxsV9w4K7e|yonLxuN?N9w122P4 zp;9rUgZ@rK-d5bUC~W1g`3CY8jAmJ`6W7;F{mj0-5&c*kH(>JXg^~?J z)0DJ9WUplIG6}CEGAras4Z3P(1F>PMXFcc^FV))u)VsR0)^cS+|Hvbv8ROLpaTUYk z5z&s1*Uqmur;p@^utp(h4M=% zKIAq^L=m}zK1zkhX-PN`9=OJ^y+2I55B;tm;jSO~cU>GGWS0o@p8q4p5%69BuLbPZ zL}^J6K?)Lwq2%lYM!`v#%;Cjy0mio5iNE#;yRZ9c#{ad<*|i10TK+$rn*4vX<^P*` z#6k|k_!0bRd5fg_1!xRz5r~Dh7NDqGwUDj()b9&usyxVC2HjJ&lG1cHLm^{U3Lsjs{hNtm&U4pW=*pNmmPoS z6Q(+zgBOur8hbgX?_W`uPZ^Z%Ns?qdULw&UGKv2&@YM4jd2avTe)D!mqBp%Q#Zc8&z6G4x8xNETT%)KhLK0v^i56+K!c+ zxu3^5mlTIzxjK$g3M1RWpRFCyjQ;K=#!&md!hXh6eSDZP6 zi0_2+o(+1{B39R);t&^{>_T<-ip#w;-7xcmzcZ3hXuf3&sFz?b4`r}?HrT1^bl!L7 z;3}*V&ha^G$Xm%1#jDL&n%)PWm`WP?U^3)?;>Gpy?hbzdUdOZR-#e###{|F}gS%xI zuE4KL7~(t3IBJscG3oC7f&_G4p0YOB_@v+#`EZ#ckj4wdZ8*XB#7N#@6b32ZoC)y) zQxq`Mj?Qrk_HI{vlwVz3v$8mvaZlEMcjx>L5Wyq`5I>G6#8E0I1b>Gqc*J4Iti)x? z@Js>Z$V+V3&YEJcMVUF#x*ZzJ?u;0SALPc&GtIaXxbmzk6)|RB*1`3&PsG?{)y;a& z_Btg+pt#MZC9pguqoc8rweMdOH)I1CZtLAW($N?ze+l~_C~8RkVfaX!NfP!h(g z1uFK}3n; zBBlU>2N>c2m~HNTo9=rqjBFg*DYDtndSY7s7x23L-#o>D2kw3iq8dW**B~lZY{3z_ zj3d-t5#>w4q;wj(vBKGY!lBK*3ZQ#M2C*U^E@D-kDR1;KGY6&7!3a|5$jE z^h%e@FjP(wT8tyF4(Mz!Nf)>B{9>C|-z|B{IuTCTKn8g>>EjNqwvv3$?C`8j?l-zCujh zXw&R?5|w9|DvvSd`Y8>v?6UmN1~rktB;uSBMIUH(;7NPgI%3VzUWo6Izw)ySMf0D} z*#<>qfg_QQYJt*}EpbTalCH(apNenCrNM9Bgu)~&jTHRF)yxh6D0<+8_^2J6Oe(MMIT7V2&WdJz7^2sgKbM=hcz6El{N(++^Xv2P-<-XFb@uN3^z7Pb z=OM;H(Uf)(i3a7>)%m-#tM{iTmnYw!zd64-FF}G~Xu&y$bMxnV19|i3@_?1Kfau|Q zqepii^e>7=fg|ea$C*seB|*O~F+lMP+b}y#5#p4B_zo;!l4dmk zR6O-rs*A4Pl!Khb9&Wj~g8Tv|8C=EfYI?F+wy46w z@xY6U<2{t%Ma3x}Yj|P-NL*>~Q@o5+cyfKKAM;EBMMJLPT!T7^Z;>7MJj?9CcRK+5 zgvbn~+%$$^TG z$1ml*5q$HQ-y>1dIrN-5>J1VKpqD^oS^Ks zP2!+g2+$h;Z*R~y^ZyPe{cZfuMjqk+-MN_~ki>y-=VFTEsKWo--KpyUPU66M7%cbC zie#~TVVm!Y{3}(SqjL7`^8R$S47Mf}ci0_eD^s*+^{X{S+}0k!F^3$&G|hq*OD~&x zxl(_Qf@O$Eo~d1Z(G=P|PU(e+*JmY^pY`39tWu^CW`EbfL(#~BC@nm7`47$UuNBdC z97kUiI5P9v516F%7fk0rijsy3U zA@jFZFMqi$P7V2^-rTL_uC=4i%PKEEOM@yk0LXr|ZA$r5WJi&KGjDJtPgxe~x%s(< zpLs^0k1i3xoVUbLz$+;wUY80u78c{)`IcK zj7l*-ENC{KA0-&I=SQ)aRQ3e)<*$8ez4kRIPh0pJs4uwcH9XWMuOrxEy{iD$4W{2v ztQgTB4&kDQ9|Qq6K49pWB-R4%sUlOKX=B`d{z0tt)>mO(jHUH+^AWXyX<&2I@`jm? zF!{FF<}aG6t@xjW7|Oh&%Fk!CqM|rJ*Gket_4hM21C>0q+279yp2kTW#2b3cOTz&Q4VK`B%_&t?l`uzY*%qGr7=rHsvj1zr!|%NOe^FzFR6*_ zQegq(C0Hy|dLkvWcqeLinr^C!vm)pNt9?LF6d=NBn?(W$;5l`(6s&3PUX`8Yz1YoD zwweUe18cd%OzyOqMw*%vdao2PS$tHsarDy_ZMq#JOMq|F7s@9f4rGX9W!C0V5r8W-nmmoNJ;Ak-7dxYqo-F#Kp4Zxy(%PBL+L6fG zOfjwRYicR1`3U7uT&_)9Wd*b*KMhIh`n$CL+wgzkE_$x~PyKO!V&4Bf9QOuW{=bQ* zGXE>%RC)$j_GS?;BYKI*0`uz-Qt*%XR^))iDIm*e=N8??Bs(4{eM-X5Syzr^4$1tM zp&5_jQ=(BSV*T<;%#yf-bS`%2^UZ97wMsd{d!@C2NQzU6A|L5T@Oa1zFP`&X`7=ct zU8)Y~?uj>_0FAFX_hpLm!aRall3_-d1XPK;`|z3~9wceCLls$%7t4@hX0n{~;}HZU zaf)e7m^E|kE=OU0nTBN#ERR|}20iEYz9SYuF>ssg3S^zh&>S*|CDpqW3Rl@{`n1--~7e1d{h`FM|3#~=wIj@STNTfKVw_U8TN z$@TRwZ?9f`j^^dJ4vAyhNnn~j#w2h#6%?uw6yVfFv#YaL=hsi77zf{gUZTaP63X2w z|Dw~!X!`Ay8K^rMPLI4Aq+G<&EUuV2^LUveSMN{XoS**b$G1OUpS{04zj)o207XM~8sKPF1Kl(Z zi3?Hh`t6%5K1g0$BpLVyL&O_AeS1}kw^jy+W6b_JjS1(UUKzyM#mVHOmT&(~*H7bibeOr;z&lMK>*>IC=H z#qOjw`%u9OwG)3G;2qrJ=pdbEczPW_`}328%uC$DbPoRb$NxNg`@?_A_sE~ez&lye zcmWv!!*B)sm=NSsCi;^?Y3O#lp6;C%TWgAkoRxY=A{kiu0}hKNCGUK(6qX11amovN zYfDmyLmuL%+|$#fA6#2}NFo^`3ho%1Mc?opi0;zShk(4FA$kY>5d6n~lwN%TGlCM( z`Sk&KKR_Ic>@_n)!Nm{P4Y;N62{u8c|M(Wr~PS4vzjB=(D=ug*sdb zpBaxPRbpTz3?(ZD)St(X(Sbi-#5$h*J?LBkhTM2^xDL7aF+wDrVvvRiC19|Vy@*iFt~*p} z6Kg^H;I>Pa(WwyYdw=zqGWb_--vgh7-ki=sr^B(^{irJAzkyDNI~51hUVo~5%yec} z;MXNa^uH~g`tKIKvRkTVuNJHH*ANB^9D&Y~*>#{Z_jW(3hU{-1=p@QJ&CLAG0{^L1-rWDd;`b@O2+MfXYc^rs%&_aszLdeenw1^NtaeCUKOam%Dq4ZV3Rz3luLY=%io>1`2&eC1zpz zAvWFvwn8!-xp`48kQ6XUw&;Q1E;4i@2%@Fp$%a_2re0%ZQ1Ak-8sr>QH z+ml!47q7t;Ll@wbUtF8r>l8o=nP|ZgSfE8rRv!49A*z6&CnZayyb}wtXsYx{G{|bG+ZnU)|vr^WAMJXY=uqsR)wcfKG=JjMA5V(CMTJ4iEv}?nlFz{>}Sub=r!K zp0b91WDPN+E6yjg($xX$WgG>%-r!``7P!#&QNl;bkE4ibQ*o4fHA!K!!t<%@wrIut zU7@r*DFp%jB?&>N!#B1%9j>c;yB{qE>~G$&{y|}K*$2T8j}MOyhX)MdgX{x0*njg5 zI4?b5^wb6+BiD5t5>P$k?89IVggzANtS|Ta>qfp0$<&@_aS~D{6SQMG3G#7=u$b}4*Vt;E}++y6- z&23Sr6nVwIdY-cH+S9_a^H#ubzwybW?Y~Nx{xYTU!p!_EzVSQsK4qJ{rFc;@9>x%n z=9p_Etp<6SC~75G%3ObZEQU zq;#yf&p&UXbX~vxg?+H2>CGukUL$(!*#^xlojIQpt}pOAVnxr`3tOr^7l72CBc_cM zAULv42u@=2K2Sfoj{W=UUR07a>xOcfzqQ{yaE&3oC!-qFih3*v*sswYh2Qbnro_Y5 zLc>*gZOhG}C+p$bW^o3UpGt?}D-^<2egaaNL5zWPErme!h-ToKQM4rJW=>E#kHer0 z+bmHNu=E5uQP#iL1e)jvK~0$2XFJ52;j8vPzqHP>eV*@Wq5rF^h9xL39Vh&VOIt!o7 z@yjAU{eW{r-qOB#paA^}yv!No6&JdA$%F67hSYliEG@m1#WE<4>qwN)Mp3?iPyxDp zcYoO%B*10r`Cf!n5MIaI7r~yo3ybegsymY$u6ABPP)yAbZQyCc;=XjRCwon+hZoc2i(^~#N-~Hd?{&Y|} z|1lhG<^Lug?*Cga|Lgh!^AqC6A&ZRhsgmBU0OVG6@w(!uTLsfAIJPP5RnS7_iw~Mt z>%qT}S%d4`#j{(|H}npCz$wMijI(*2vGOa}AK@wm2|;&!dmHG*@m+qxCPg&M)>y*y zWmS`F?qECk4!osvL>_U9fIx#^6^Ov)yHjy=&uG@{VPw0V4(NFn_PBe=Rf#JwWrv;8 zzdhsHw3-9sY;wPxz&J7woR&OC&xDhqq`I0n$$S?R;bE@AX>ARg!dj$S%_`G(g=!*v zx<30;%Mq8ix@#O=%$%skQUe}ZBy{x(6Mea5Z?%J3y5^^XTA%1^9ViB+de=Oq*MDZ0={1T5G%j;A~muyH?)pf|Bu8+3Ea{u=p)z zYq7 zP96|3IwD>=x*lpyD4Du;}%zz8x1;|dxaVI2-(j{T`BFz{?3ZPHoGzH5f;FAUgn5LNl!Dm*L1*uLi zH2@aN>7_+@R0qn6$cRFM^Uw(6P^ecF3~n!Bn#wQ|*@j4k7RK@YG6CL0-vge=NA1}z zTUFXpbKgtA+;n6%X*Ylrs+i;l550Zx3EWOb0rGPesa=Oqz+!{Jvlw117hv2oIBJpg zfNKNAX%Fr3zJ2HvSa`}8{V+%#WD*nlqkej%0^adqe=zha;W0zqh98e5I6gQiOnqZ? zBwf^XY-3{Ewmq?J+jb_I*tTs=FtItYZQJgC^Stj`-}-*^pW9uvs%~}Nd(J+4?=yIC zSAJ}qim;vZyDvynm>2N82h`d1|L9ZtBUiFN^LZ#E>EHb{(J`@R_3J<=Shsi6GQL~z z`Q%wp7Jo|6lQ)+j!^oTKmBs7yX7hlW8_Fc=njR(8u8O5J%uv4W_vre5q8I9nN4RJq zA6@lX+l~k8X<8+Hlx*;wbS$Z1?-iNQo*#l5nc?(C6t5j&)zhnXk(~qY`JR;rLQMFI zsq3tPrSyObra|}=n=htdOe?M5s=d318(R~9=1?$ofT2Yf*d^xS(eCquv<7J1WWozK zjsU?_cg%HdP-DloE2wEmC8(-o8;3CDU^(a^{#Z$Fj+Febw>wf;)TNA@yc{EW<3=70 zNxA7Runc)vOV*ZD09AbXk_zCPzȺEoYoP>ko#QZUK8dQ{_ zX4zaK`j-(N!(0P2wapMZBdu@@Y|bvlmSDY>8A~Uc^TT`bs=lyFZBipHd~o}>ZS^s3GO)f<8n4BLfEOFZ$hjic)c&*y_dF-pS#FEJ7Of86!qrK%e2Mr@^Q^wmEybm{lpi`TT&AWLNhs1m zOw?}`1PrYm5%TSfjg-W1%Mtzc0*xm{1eS(Kaaax{EEj~y&b*SwkWLYM@ z?-Zq3H0SR;;M)eOq)cTlZgi`;Xg+K=!fT<6V_L~4zRX4$LfGUVT&4*&a zt=w}yMC&qu4Oic?N&9=Q*qeZQ+yR0gGs_zs&-u-!icLUrEqRiJdM^`teKMuw;pG*W zN1c|Kz9v{LaAgbV`%Q5}FjL$z2Iey3cXMWswP4!$*34V}S}t}ww(Xs5z_EZ8Tzgz2 zCGlawI<75LMmdhH3p*~ZEiHr2ALR`#UlTq?)7lZ3HoGbFS^?i^57#SM*Ha6Br&YU| z84W;-T&tzO&RU@Mw_oBe?uX+yS>r8mB>Bz*=twrBX$hpUHp@2x!;Q3)r<=`V_FM?t zbzKd5`qyjr%oEca9A$eY6e+B4bw5MfkT$ZC;eg~OJNs`0FQ{d2Yn}O@wFSfeIWX(A z+WqUFj=eGAj|TNGF>gLXMCdFim0Z>i9puL4T62H*qV_+vDZgGjSlaA8mrFZ*4<6tj z&1+FL#%J?KRcgTJ%-?Xu+Z0nz$g~g-nn22)Yf2-n!P6=VTqx&2)Wq->@bf$vmRi{J z%Q@1!$B&0B?dHwh0`e@b(oQr-KXqTCqoI9I0_yc$vDfocqwVdlcZL@x04H47i(6m% zwm{@?fd{~ib1&D{IxyR-hxfx!@8u3+As@U!=c_bZoYVf6u1!I3_?W4$hUFtyi2(l2yQW3Ph~tvXz%ba_8WUEOv)KgW58hzC zZ6|*zV)}5CgRm~gVUsE@d#gG{{+o3vu+;hId3B)eLod=u>1X}Iod$4Y>|yCF@N=3f z`dw4;&9tSqBi}o9u}r;pAIT&!pBPD+Zi^{g)yn%)ed#%FS)-8lXbFQsfq|BT=_<}F z8n@hkrKO#B_R=ONI9olDj!Q?)x^O)63=EsznJTSnH1(#25x1pNI)?A>hAk697;#=% zC$+x;T>=l|R0>vOhE1d|xR3tQ@cMwph~sS~4e-0#2Ys`*MbK+fICrIZaUfLI9Z3R& zUKr;Dej~4Wz%NjyI0+pgeA1CP14eA^PafVMJVKuBSx%v+N#Y>E>^;TAQQ&T*ltVHw z?sCrfSAL&X=m`^x#+W#x?Zs~`(l1s=pf}-dj@|o6CEY0H7+&AN#S@D#e_=q<3E~cD0a^8~04_8tBVUN|s(J*0%446tJolCN2omOCQP-it(~sl@U3A_3yO9ht~JJ=Q&h$ z>g&i+{KUOD%SQ|9SyW8fPZA&$3FM&;n&Zo?elJa^TrLsGLG5MjIQ~e+6K~3i%-vat z(1_Vv2xB7RX?+%;Oj~Pu(>tgzKpQMr?n1B z?Oee>=;JX(gI?3ZZ|Eh9(v6izgNDj~Jdi+>qAq%CFF;P|%U{J0NX{fypYn%HlQ^3y+UDPERYyHYezwizh#H9^Vf{_T^!{%5 zV%%2XT*-5Rsly8SA)wO@(&#m_QyzVn?-ohdw&i>5r6G2Lxua2m!@yg3k(*3nE1{j6s zwzc{I7KQ->SvhBb$UY0Tz(6uZfe%CdJGVGt(F{kyVT49OlnJ!d3JYUa!v+ zb$nF{6Qp_X^bvhtsUr4U3u8ZcF-FYl^p@?PjJq&0`xpxuHBIb&TU~n&ca0Uod;h41 zx2fBjEGVKc1mpf1G3)FH(OyAF4g`A`WwM@Ln$t>{aqu*&mSAdWJCH<~TVqmHU6{nD5 zUur5wlvEhkH0devV(9=wKQ@edwZgPX?mCaN7Eyd9RY=Pqg(sj?-_?v7e`RW*SBoE7 zQe{@nu8<}}mYyWvE-8||F{R#FrUAR}Dh`1+@>IHS-&pOhPoSy;ZcxeqwGn4a2CBNM z-gIV7Skic}4c68KZON3l>9oKB3!*xAjp?hOjGB}0v%f(3NiD5i9+1KuhH-7jGIR?g}th`2KSWO-+0YXv$4`||x5gi$zC9nJzh`tk_j;c=w_00tl z;Q{U#bvyy>4z&lrPuhk8uA~t6G%uW1!+^n>Gtoryv5$hf=4Ve$1}ZBw7&m zI#!@nG8QRFYN(fSxV1i!!t}zv4|E~zRx}aCvjeX?01hT*0?oO%w}FkB-xs@v64IFg z0%P$CDzU4>2GcP`4<=|xOWsdG*N_Hu&B0y?9BWcaWK}&ZwQ2U6b21%a9C-IJViHe8 zvNepo=?vk9@YT*3mq36RNgz%j8T*-I4G4Vdkq4fC5h0uXX1m6ise5xE)nm;%Bd9|o z?+T+8r2EF^u_ zFshoX>YUbo8f6hJNtI+uhh)Ck6)M88P>>g*RWZlBHjFTkW*Tv(bAnJx~!C$!+c*#^m!q23cwl*Z2#d(-4g~}e4P>pz|d%?9fObRF{gQ} zFCkI1J*#DQFt1#|3LfIWC!zIiU{hv!|2t43Mlh)DE@?uHjvPrWzzcGEnf}x7dW@FK zNyGW`gf{Lhi^Bo3qRRL4wcPvp0G-$>Oz<JJ|2#a_QW9KRLcM z{5E`H>ZJaN2oVwWK;ug!1okvL?$}Gv%vJNxvG=MM1Xjpyd_4^TO*Ke0K?O~!*$EQn z+mo#f0|XcR73H8nZW6;N;7`&}|9m-j97q%)b7V1Ol$Ga6?{|SXgr`*6$Il66C}6#N zm^~Q&UxX{MH!JB`KYzgG?5oi@4_B!2Y+|jO79BxpiO=P+EL-VSb7MIr5NrN%w;LJV zD|*m^r(pROxM#J__0^kf54f4)&jAin#9}3w5QXhU!3QrSPrhJTa^3U_^?E%4-Y?I$ z-p*~T2LYllxEg9_o!^mGeY6^`D}s=;+GIc#{gRfl^V4rEevroPE6ih z^0yc4s?o0(@s%`ul2%$PYKeYp(T5Pyld1n8SiIMnU{{h9P9Ah+Lgpmwg>WeryZYft zVs74nk%Uv!HRs;|eeI0Fd;lf&PopVyZd0FFA{ts;;Xncm7HpfyFgU=G*(6Q7j#Imk z+9}GQ7b1l|(NvfnSqq81Qd}>d>K;1%ihZa=M2 zTe3zfm_N;qgE1R=ryhp*X*v?%UPQKfq-XB}b;@h(Eih@#F|Akd__J zN+|-ZAf-SFbsY^r%MbLfI!hhc?O>sPrHj$DJTO)K;93M?gx_!&kQ>)_7q~wM_Bvhz z<0*@40d0xlu35?7%vTXyCX`*As31@1n?&eEh74|F5332TnztTEudfH5pKIiOo~z-T zGPUI-Hl0v@KT==nU1x%VgDF?MWeA>PlX}AkyZk)=Q#$17Q+wY|Zmz)Ij81aw9y`l0 zk>vXF7SR-?N6z)C zPxyc*yJ z@Ll^6wdap5Ig>-3_SPsiNzuGDC&{?=LOc`hI0nnM& zLrnhGy*I=<$%g9H`Bq3ZO8WBVoj*a!USfWN*;lB4K z>6KP5Q~~!IQ)w|iXMUjgdG#3o`;&3!3jsw&;lNB?I~vwRHnrR9SL)(OQCYdv;tiwL zO-RwRNv4WIVjFSVhW0a%7svnz}uWxm*i88{-GE5X84V10@N20Dtwsrj;S%Gp4WdFGe7a-8&m9 zHq95L;ZgszCT^+p#Yb|t2X}+6SO`n-={sZS@gS+_Jj&QF|IozY2CYu4v}qaWprr*> z{8e^_$t(IH?-of_7npdr-u?L2tN|p-J`tkacp$>_sk!LIR(Cy{>^lE;F;Pr0XxWC` z4U-k1zpXJif_t=p=l|W7dZBByYc%>j=TJ!K-P{Qs z>9}oY(aqy?Np|uj{ylfnyr73w3cE zV*50JZU@Mk``r4xBS~of)hVUk0RHjv!!n>sug}&i_<}n@R;b~i%Rsr}K)fz!OUs^l zY7p(26R!~rw2g9)6(hDauSnG{e`n@F4PZD5rFR2ldjpzf15L%^bAj2MMrW$zfHO*vObG8tFGSbJ6}G+b>4)&gPZHv|9wgP zztS%Om+B$vH!x3=A_9&v`ADtDqV;%7<>2)=CAMtC-pPig8uKpSNto|T+Xz6>`YS%{ ztM+qethhFir)q7TYU$+TkGrDPK{x)F=!tur!1934hBNU7PJ;=W)?B@dEO>Y2`;Vi7 zFn10uO9RBLRZSjH40v0m$rr1Vc+3JB!cqL5jmfb|?3~ygZ_O*+OTXY0MyC9IP)jyxU=KKcSjj^j-4tM!(aU~*zqs-9I#$3}V5Msv+&EI5t_>{~g z-biU-^-CzuXnk31z#$ljkK6PkKk95lLZ#8_SlfHSp*GCEn(JEjKx~(R6tk>U_%?ZOC~v2Wml74TVF;=i|?j9Wj)XFUmK zn0@N2ruCvG`L92_6Bjf~5_N|C_gx@bqd88h_W$>l=kh zbT9~M*~{6IfTy{KEo$kH-sdpJn)lD;|JV1R#v7VZJMtTkZuaHCT1yTFZWA2HgSK#Ywg#%~ses(l`~h^6{cmRUNtiV@(U&;w{N& za#o9Um?9W6vHfLQeK&o_Mhc3Y*={@QIT`TS`BT|~KAFp#9I+|7!{J_aK83zorsH75 zRi8z4=nTWqc4*ovgpjSC5-S-YIC3Z$DRx;;uLVR>TfTaTQ3U_W*Osfr2eEzp-axIc zfluKfS8v~|XKGYuX2(NirD!z=6oX-fO-5&}eGgG%kJHnV>XWS|C4CL@NEdivfc%%k z5)^~ZJPTLoAmx8Cm;&J(gUJSUW( zXsWWsEdr{Lzs(4(+B^_A5V| zN5OT45&6S-L~p|W?}k%kyCKugm-n#c07uc=Hg&ET9I;3r6^shTCBF&pXrejtUzZ)t zmspSgYE`?QF_yz~EJ4yqg#3@5-?2SD*3ZlDf)!}Vtrv6<4C8F0X>7Bj^@{^e*d^1H z;Y@Mvvv|Q&9v|VSYJk{}7=a^!% z`LEiq7S`w_?uM8KuzOjyOUr=sNuVEiO(R%?BmkL8^#L&2Z}g}8`_U@mz2(pRw$uc9 zL|o&*6*lmy2D4KS;-Cc)k&f`s=&+5tv3cd7NGMv9(W9n3J=G^+8LZ`7^+x0v`@MsW zLjq|4YS#Nmfh2}M6`%lir@e;gdDC#R^akM7EuDbF+_>^a|46e=^+y*?0^L(vU+OeX zT%!F_8;T_cmj-{dRabm50qZzR3h!Vddj)ZZaU3Ki7Pj48EfS(mje5qq9h@2VWqHM{ z3Pw^kDjw*taI_I_%z>e<=vJ3(n>bx5j#*v?rt}q*!R>au?l|vk0*PW;0l+DKhR0r8 z9(2JF=%3Mo$)z4d_t`wnrt)i8!J-hVZX`2)?)5`A*P;Bm>b1hOU#m6=x`-~SxFuz; z{1UN#c-^8T?=dzd9kaHliL%?9?%?)Kc{c3|TbGmxO8;&MYE^zbs7#~QKy?^1C^$6f zvs+3oy&KvSOchZ(EVWWq*n_MNjK)3uHO~nRKshO0G4zEOE@vN$LYaK0N9La-o2|L< z_FUQq1@R{;JyUcJN+~pnJ?z7F*ec2(rRbuA2r+~yJ7rLuq@w=3VAY5f9g$t|lJ@Hc z4Gz#RO0l`gaK=UFR_z?nRlE~w@raL$GcdLEjZ3fs?YIa}Ff1o7B7E!$_QUSd#@-p2 z1@A0jNHaDkO$AMz)2yXVP;ngNEP4vtV<)}`A~-cEIMe0EV2wG z1~gWN)t75Lniave#Gl{cz<(=ij!YT)yp0r{M9p9SQNAFetwWHSR-a?6w%DiuS#us= z-q`nm4-f%y4@6&pu`Xb>5Wd4r;Lg~C_M4E9>PuHnV4iU5$&6_*5Jw6lEZy0usf0y{ zSV|7I&!R5mWd^;%$sei*vDfmcirar%#-7k{_bIcTk0_@oa~)rQapV3zFt!{PI3sGB z&jT=J&PjO$+JBCQ5l-)^0RkCsNNWxO>QrDdquJFELG-_E9)Oos;w%1*kTWwD)gd>N zGjKOEyQ{CgE)jDbf2T6Lpj1pB=fx&@+Lrd>9Xn;C2KnFhC=KrVt^on5DYL$f8Y*t< zkx_osPtP{dF-3y2*_?g`>}n%}B~%O_53J|l&Wr#IRJiAU!qus=FsDtoyKq%b+oQK( z(xZG)aCv&$H}GEnQ@@X0(D<-mkOBW?nqNxCo4m@7w#|#=jxBKeIx#V0Ve?j4hpqBC zwEtGJ<058>4w!|9RM#7mrcw`sevKt3U$(}zt)7#oDx$wJxk~BXZ=xdp337klX>c3~ zM3Nf(FOXAh0{#&RfWn*o$*od~U?p)u3&GnHrBe{doC5Ao%cllWn@~i3ny`@(?W0(Y zAO(-qBL5Q)kUyTWm~~$xzq0%z2B(>WL+E7TH;@V$V0i~bgfa*2c;NwC63d5xOwCt{ zaNBnRmVI2g`66hya!wwAeEwJ4H-8Iqy&k^WE)oqkM6I)&?r&tV-=N3*-`w7g#4!uN z#4yXHYaKdA1%Jv5D1TjQP+t`R6{a^jF(!Lt+kEFDONov}8MHNPJ23oId!y3X!qZM% zo2FCKY`$-J^nEGGx~noEH7CH*&)(v*Zw&G9t>#0B6w5SqVn$|h>Csy|^xC2Mu(GW~3py(NwrLA5RZslb;Vza~=a zwjOw0_7bqosMBz2As9IM!E+w{tL3BjU>+qxDynIh=ua8#~j@&Nf4Vx zvd4edXlS#W8D64^2Drn)X{Dj!^if4bAq@FM8b{*;{08>fqzEp$U!tJ0Wum|aG>rK7 zobQ3x_@VIp(I&xp>m#^;9lY$9z(=aV??UK>WS(OmMF~bCwfU!X4A*~v(I%ra_O2Ba z+Ud?9j!Y-t4oDsixjyAS+?!k60Ls6CR}K7MqjQ&##MHkrgoqP_c{R5OsaM~i#H~hV zQbM|a7w~<8LJlxI20nN0+GErS<#(Wds&NT=D zNp>se8+;4`(#`IiZ3B|=Zv&gL9@aoVs6H|U#i1b!bWeAf(4E4?Qm*}0_^&5IkgDv@XzJ&O8f;b`NyU=CkMK4#5!wQh{doIp$XjF~)KMok)@^f=@ zg`$$>m;_i*d8M`j+Jx=_C-Km?fgU|?$9T6`SA#px-^M9tcm4ec3vc&nuovJmX+IUH z@?1ybv0%whg=={(Jvwnq{2RDV5uv_4%h@t6ZyH*$J?w_B{ivFwgNUDRP(k-e6HvsR z7q$BWhs1vXK?99KX|!29Ji>)QnEF6pG`IJtK~BYj{i48j-TA-q?T>^Jh|8~|?0zHO zx+ScfGT9WuhWn2XKE_}~eF(f(%GEyNRV9km3Z8!a3}n3wWF6COE@mPvmUL53G>A2M z-V=E41E1!9Q@z2_N^$A}W>Jl}YBB0NO9ufLgfB6KFV#MBn$iePDLX{sN@$Y~%Yy}{ z7QIE;0-9XD_MP5lk4-NnI5Zvnf;P)XcXNP%kF|iq0%-wqdUBpcX_pd}63dtmCY0zJ z8}0$M#{g#Q<&XX$f!%MTI)c`#4e^_e!WPFXY)%BQ26B=W$O8(<-mrhKiU*Kj%+kUr z#VKreC_7{csJ5$4?g(@mqeCJ!J_p7m%UV>+;v^b@I;6|`a()Nf{J~~Ed{`5v&=XHX z8IVVbarf=GN4(X41JxXx%*7Ukcx#%oC@w8*O9Ry!HT2%)ZJ$PF9n_A>gdC(M!``KP zWrUn7scQeAf2)dcJi;j-@C3!meG#dY;^m3wW~)~f*|zTmDEnU$h)2{5+LN(&7&FgD zUvI8lMszO-meE7CZMz4zznM6&Izz}Xp8}MDSQc(MI4ueP(nu-TE>=qR4s+Gy4AMuI z4U88?mDN{#uCPTM7i)UEl_dgm-*q+sS?gKrJDX^4pdu6Hs@Nm(MyTizjDdoI?zazb zba}@Kd`k1`hw$Mew$E2jZ*+5C#%#4^T>LJcJEfy7Y6m{YPA{~bft`Bfn|!&#=QBqY zp4f}r62yHpU5LsGWo}5Ya3BigIOlii!3bhlI6g?MkL!th4IBCA{GH_s##S{C|A`p^ zZUJ|=Fha1ek+nW`^#!Me4szbP=OA@`zQlT`ftxM13GAJeDM(o-$W;HovXrZKIHg-s)h65IYmI)XqW^jvxy8%Xg;ouFb#(< z`(NYuUswAR;ynz;!-@!+CyO>fGsmmiG$C!@NDGA0-MpBo%{k(QqY&vl`>Nnx%x<&a{}qTXxP9rZNQv=AM$6gvpQ>eQwdPkc{5uJAXAR;XPiD58OiLjueSyrQq{D(WBuv|8dJ$XlAflJZa>Kp3s@_fPYlconc; z%AM05#2>w9#}bDp_&)esby)VrE(DQV1miKqEN0KzT<#u`<8fKsG^_9B0qImCX@?ig;(eHGUHL1fq7EIuWsmBb>{>wd!+G_;T1)e6-)91o<*n+BqI@ z@&4J?u+)2aC;*-2e-4@-UGVb1haZGpSm?Dl;D0)AW(mcqrKbm#%s1b~#hpG>?BU}Q zT)G)U#f67$`f{u_@x+OBwXBS{|WLUugW%Of98HUM?@&wqO!1y5B)?%)d|Fy&Lx@R zO>n1_Pl&&1nDKS#s3Q}@k|k`l7#9nnK*mhl)I`X)NNy~=U}-UocMJ;s@ZfkPw5@h@V6Dr zLSJh=7=t-FN6`GZkLMWbf5uhl%hT<|Y5%cR@Kl6{9qmxS)PaVGjz$&nn~rlY9afl# z`WL}Zi*MQTrQ2ZSf~#WAFWW{09j3HjjapFeCOFs##1a0Dzhq8e8UzPWFxuRhzl@OH zw!wZ9OQZHOMoh6NhoPIPuthMCjg{PZv?1!zSM-VWk0L6t2|t7a^lRb)}r}l$*TzDTID&8#XPk31;>le zYUH%&Qg+3*Ru-jfIr8R{uPO>?d#D+S6vS|9^blzxDOUYqh_0h{dHR zt9$cKp6uW6!yJ6WHm|KG>~F@JChS zTyf|v@!%SIRD)O`^!*)Z{=|2LG|rtwuAih;cda<(_%5vT@f?Kl6_~ytQD1aL=P_Ug z7hfBh&AQgiH|L5nJ5)f#ZpomC%`Tm!!SyS9GPA$)tGsW{U$Eq{XNw(3W7ap&fn5H# z+QbMVF9{Oq;4{Cu@3xVi(3|E#Kys&k*|%1*=5ceWW4qJ=S{I?d@2F>P=T}SbRU9+( z*Utpfw$2g6LC=xvTY|8zXhH^#(BkU?%h}@k`QqF%W(N=2kktCqW_?v7qV?y$fo6}| zOBnB0{4WOqY_U$8o;JS`M5OXcY{VHC*zrSkE8Ot;o0%ryH8y#e)d6jay2%&%l zvK>_m^3{YD2Ra>%tr2Xnkl*b|TOyW8rXwve@^F#K;0^e_;zqqY*9XhL=+o-=w#ck- zsde;J%|FR;%8$d*d*={9(8!4Ur0R9%CVFMwf+8pd7lB9s;FQ3e4=)pB4KLc3SKh;V zmh-jv4hi`=ZHfmiq8;3{T2A$3)a0jDmZila&#Prp_`1eU5C3Ft_^`Wo)W%^Cla721ou+ICS^N!lhlj(pUJ+fy9N!FkecP#NrOP-u_Q!tf=>S0?SwG3^J>m{oQ2Wxrrl_#|SCXsBD^9+#YAP9Jp)i?g>*5w5 zVcZ>33J)_!e{61==kExrUU>z6yl>(Ya>Dfliwi0ZJ`P(5sHD0B+JK#>T9c~_@u0=SrgL6+b+gswf))B5k-!xq9;z;=; zKlRfQf&6QHNvDa$8WuExaa0}~7Ec3o(S_HOm}c?fBws8#UWoOMWbRl$-I^Dk`mI;p zoen>#xMD*V;w#apa3kX8;o@~D#{N|RX%htDpDPY2i-S#QrdlFoaumL3w7suGdg2|V ze`z9?9ZbDK`jf%^SShXRZ&P%kimso}S`HOgvYe9enzrUfqUQ{!)FphUVmBs4>J<<3 zQpEJ5%fY~J!RMG!swnccctK;G@jy2x75{{&W` zIHcI({L<-A&5{b~%6eYImlf$$k^O2sH+bySXt3B>>}8I7CG%rh>N*zv1w9u2Wh)X( zMZCFNx6%Kh@5bXvECS2BEHH8Ts2`{}?t+^)O4KoP&>45oCKxNU9D5r%5{b!6eaYFZ z*>qKlQm1DzxoWHuzmc_Qx>Z7GOWAUSE%5RlY!0S?v&esA9=JN2g72a_&oP6Sbt-0D zbdoWj6w$me-xJ90fLF}79D3W%r)+H{9@|3Y|iX7rE;%?@v6XySrN zjkLEp7stx}LPoPNVAg1WI;6}GMDjwnKa3L^~jurq`hh#0~G2JGJ%eHicg!oQMuBHC6a*H>&Dj*5EYa0|0o$j=#p4#-`?=MeOELD9bnmEwcy!d zl12+kh<4|mJ{(`6A<}H&r$+m35lH%b3WI5T3SGyGr-y~><5_qLAz_7?;GR~;vzQ0$ zb_56P>?S#3HZjTTaT+STD!Kyd26_;?u*r{_I0)k2c4)l2@ z)f8Wc%s*-`slQtp!Qe5k(q)k;QkdiVp3cUz*+dG%M(v@m4_d`OQgOdycWY+m3O2P0 z)5y183@m`#^d|}x4Hzsr27&3#M95W@C!R-*f))Hj0KJ1 zig7mux9K)z73M)?YBXKxudoej{};}QSxgBII~<8&8$z7Jv&zFvT+=V0ei;Tic|ad1 zSbW0m(Ju<+kh(t&QRmLwKijgV$EWoPu90CET-eBwZr>?M%u+ohB zqdL?41qAkh#zhAvIt&d0izE&O#-TsyH%$NR*iTtP)=oOgVh)^-`7c|AT6GAzwdi&@Z!KZ^>gosOcUM;J zi$%*iiG>)57lnKC(CgLUytpAgR@@Zcy6kd12FQr%eRecV(8mRj=LLHcs*AkxiHW6F z1;`U)kzxKyI#fuk_fUwBBF@FeL@Cc_K5{nSzccRbIc&Ikq6pV#vrbSz)THlVi&fOM zdHjP%fE?{B{=Igh$dav}^~GTfSJ1nRvaPS(UthpnF(_SQ0Q)u)2xznL+Ma^0fHCRXh=u$loSX=jP|-n{e9ILm{> z!&2+bs06Vh0_>MbW$rd4WX($T3G7Q&?OJQ9aYj#5+Vi^clPQIE*|qy(cy?uBo9GD` zYVXJ9_3&QtAo1&5xtKIXG(wv+(^jMLs6ri;L)SzE98EKEarnn;ixeK^wZqqoD4nXR zmmN&-b8>%*Ek0(X>aI>IWpfmDqaP|srpwE?Z}{RY`Avc?WPgGMAY=F9*@abf0Y`CJ zNwZvxcWmD7vjo6>-9gjug~ca*ou6;EjzVLw%pTBHZX<+Iq=3?IVg1{1bN(nyG!Zw4 zsqfQ_Yux>RT2$DUQnM;67gKzO&ch>$oKp40TVv8_;O@7bf&M-FN<&Q5^D>*mzvl** z#Il>%?W^hK-673wPNhq)#|4KA$y)Wgo#oxc()fP*2cvfe`kl{umf1h$R@U9fA^MN9 zTA38@lSKX-Bf#q69JX55V97dB5F$0qg{308S)RY66kc+;gp!;deLM!iq+6qp2*tFIH zkJlnS|L#w5=u_=XXEkpvoy#G36VB*SZnQn@u9gQ0(S2yby&<3|al}wx6Gf3hYJMFl zoRATZPi)awoL+x`YIv1^eYH(vO8R8KL*7T7Vn%7=m9+PA01wD45A<)YQ@<#>= z&z}RyaLc%n@Hkul5OXw>eEHlM^f%V91fpR!c3!MEJsWA?T5+oUvgF5q(mI=Jv{l$8 z(doY{^VYwJy8xISA^Qzmo-Ve!WupjtQPP39mSAj(oaAZR6Br>F&|{XlCl$fOBkN;AEhop|mr8&pD!{V1U=a|vRrT)E_5Nxa}*8FDY4E_sUOMGxrx z-SkQ|k;)6D?ShJlKJlJMMARcB$Cu!7+=!5lVrD|%m^OPbmU^URVtwPifda4GQts|w zvB4%_IjyiJ6{Vu{o6#8c&UcaiVJwmEE<${E?cy0cz|3QvW!EPx$edI$X)vJ^>yH;boD7b&eZ{v28WbsV|kHyQr9aN#4m+-5HPOqrlaB!Y969)pl+}v+Bk(y4Jylu() zl?!=EG62w^-V)F&MEH#?5h3~x&bjel#sX$9;zzs3iG*)>c-ybF%P^9J9`iQS*8c8{ zf1~2*qvRRPn`>{zIFa0aC_89BHT07IlE}KzlASJNwvT*fAi|hlqnOAj-KlS$PY>09 z`eV7uLj+?mIl;jGBrc5*X9CGRV0Sz~E!*{o6l2VS-4Eyefg*(=k-%{>N(0#zAxMe= z+btV(vQ1l-C0(dE4ksKKHwP}}{9`a-kD9SA@Eh#WAK~jyZC8q7nRK%}QJmBjCly!r zK>z@Rm_9!DPZVx$x=!gNd@e8jz%;2NRpm^Z!16(mmp>r3Nd{^_Z>>*MrMv~Lfu@1Z z5hriX+}p?sWx2U{k_b6qFahFwU|or3sO4gw0X%;@xO=_)5gY=(y99o>kI>r+da!l6 zdxrXS^Kfwnci0ZTndy5QewrH3=CZ8stA40%UdZMGPU?33I5GD0;N4Bip92TrzrAdt zyiV53Uha6Vq7@po4uQ(RD=Xas9po&a;jtNvy>5XA9Cg~Uj?mpJUDG1_h#!JN7JxfE(lCbn4x~bx z9S5FJ>$#P%?L~?fBmrN1iveCXw?ON9uGM>>Jbz4hB)92^Ht)@A(9I?F15P4km+p zzc=}6K)?c4ND$U0p(+z_LbQ1J5rTUkU*uB2OfIomPOwxPxg8nkp*}{T@rz9CfWL`5 z6qUA#+)2@zf3PP34#!;Zmk`OwmZJvj!8Oj)s^LI%-Tgaj@{JX%(FuC{8`~>{iVXHB z5CU-h<>z|-Mc@av5)u4qqv{lbb(-(|8{2Hyjp14lGQXrc4fO35FTBrDS|1dtQ?U*2d=~g?=FOg>SdK{x(=!8x^KLN5tc}DSHmvPjjbkg zu5x$09l&664@9>t$`p!1&XQY52u_iw#BO@e<(BEJq3%76AH=Flp%4N6FI6=82799< zI|J}x0_6Wat9w?4NtF2Z3fj}T=Nr|HWbWV@DDQ1WC3^prG%K49)3( zl45mYe1=X<6F-+Wm^U#zFVvY-xmIE_NryLE$GUow9}`G7gg9dSez{URyRQZp`h`;N z2lh35;kKJJ-Hl~{AvN})%SnbQ+O+(N+m8yC@bC3ruG4P5j9YkEKPPvZRiXr47>*B= zGDmCJSr=|V>yQmyRyk-TA_o-BV03W~@>{~)N9BY!YR3!=fF8tP`8QKy=z=40L_%N2 z8F#o8{Hr+qtzWbznOU3y8%I^26ue%Uo9mNl7Ov z77p_Hw);HJWL~kR-->%G#ETw@A|_5QB@1(p+DwrU z;(k`4A1$!OYGX;{G?5;?`IHJivz>v_K2A>&BuMU;jqD14@gp)6doIV4)BHb~+2JGc$J-m@YACQe?PV|q!75eHhk?Bz!y&t}$Q$F*d{5z=oWHgp8?-Lr z;a{75##T~13fItDZ(<;!^TIgXh$t2iLq8xoAis?FH;rf~UGVPFrCmZUe)2fH6HpH) zr_{2_6;l~uf=`%W786NaDpW1|N$;tH&t8*xD8^f&$5s?|W4jM0sMOaig7Jl&(7$$i zPX_~-^Vl*b_$|c(Nb}g*;|_TiZhq#u{-T+1gEx?MYCTL6x!w&f7bXkU2QTo|aV3XS zYSVOtDBzkUz3GtN57F*1%fJo;dOuI+Q0%1aJE9?PWRnXrAa0~W^c11exRexo1i4Zw zETk3xPXJ9CvgL!?&Y9EMBymUgb@ETb7K)fL0!;<<-U^2~HqNg@-7wX(C8n8{c zls~}22eV=63X)k0?QswY6<9LBf`o!6vJ_foOk$Ti3uj9gm@{`rm-e98ZK~)=h1`0f zbG%@H6ujePg4i1eiUURI6A7^|Ppi=GYQ#rw@sL%=BxdWoWtot2w#ZK5D9$a7 z+;S1=5m#UpQDv1aqtgy6Dz-o%n!D&{9MM2?I@naYQw!-8VX2jK4M@X~#x&d3?1D=Y z(pXq$x{1$X4iBPbC|!dy=a*kn5`N4B2lr+Vx|D&0?)WVBNs{pn_m?DCM>M``lZ|w% zb%Z&47q=4@v||>K&NGdxjpLw=25q`#XQz%D4N(=p#~NScac42(C?Lfe_zfXjCU09j{@`#6##F$?<-&B8wjQ5OUV zqn}txe;0itVM3vE)ltF8&D5PtV!MHw8Kng5Va#HixAh!TMsoz$SilcJT!*a6Lj$+x zdYXkMJ<4kM)vW0D<^GM+D@e_s;dlsXviBkL@Hjjv zft+(O2%(ew3(dO%$GbHYB4!~92&clzOjy9Hoi~(I7XL)KkhE{;3S9IGP#;|568<$@ z5R$FYQZ`4CY+r)OAV1|6k}2H;rx}%Ji6viS8tI9!28pihuE^@T3j<%Lccck=KAR=r zEBqT$J$C_L$9RKj1ibVR6ovjpL_&+q$lbOHZjp7-I=M@6K#=M7ilyk%;N~r%d(%K0 zBSQ1N(hrcmP^ZHwxYi0(N^irpT7+v-3+R1(Ng|SwYWEzpi!Omh1qej%Vz5=0lvnm# zjaqL;;WP}sQMb3sIOjWrr3J16{NP2nzzJT^h-Q?OHob#`z&ZQnW6KFrmWY3W7`Vuz z)R5I6__b)XxV{aOtutX%YK!s5+t*@S7qcJ)IWnWRC>(zISU8WZg2T|R?ohr}bg5;= zu`N~va-yDxqPpxNJk8D4F+_lFuV0$nUh8~^7=QE8E1{ZTVjM5YfyH)Bu zTu!xGN$2br`O!IZpjxZba)9}qGpFl({@8Lj!KuF_+^mZZ7oy8|*E;^oTSj@+>2b35 zt3-oVc#BfPS+pT2<`HA}>qN&RSS+u+Snd-}vUQ@kH;8$S#;f+~rOpV+7;-M6HP1-; zil#hs5Dmef^Uef65aL{~T^=hj)4~_3S$^p^FiM$jgmb$GPcAiOpzp#U|CDDIARb#AkN4>=~ zuBY2YHx>2l8m_i!S#gHWPtnbPpP}2E3-t07&Cai{KU|)n=YRZx+$;6;0OVtS{`?$W zI#PUIXWoJ- zDn8I$@Mu*u526U6x!7t0#YHodEv7}9BvHsKf$uJ23mm!OI*No)Fow^LW0J%fO$pqv z5O`>us|^YoWomJ0WlQP;bHt)A+fD z8$fl;At(E zW-XZ&1ipEA$X{@&d{LO&y=w@NXWuLO8wuXhAc%;N?!3k{HfjOWdOD7cd`2tLS9PsN zag=|<@Jtz2SS2)1FZ7p~#_a{>)R)PHpaQc{Ql~noPLuTB?c# zTH%cPkY#oODl-S2*{pUx?>02J4w@t+4kToGQv{IaSh&f>F+Jr+>%3d*@(D$QK+~7= z-wRF>p{eeYlieU}~3wx=^wnZGNzEW^`6S@0;nf)&$xMy4^wBI|Px=D{DG&wB{f=UvF(_Z3;aoX-K(@D<6RsuI3($6LWkY6q7_8)^2fI3oOvrWJLoM{WZ6z12r>vwWBJZ2Z;7ob{zo$3b=^}Jy#{4E zC4!ih^d{jLbv1yNr8xr4ERMGMXXu5~dlHC~Qz5S*KZ~j?kt;GcZ?28{Vy57wIH6_s z>^uF|ztqiz>{5kt^j$nH*9xe2I)3an`&6eRJvGI{m}Upx4=FX?b1|gQy7@-P&61QM zfO@AgTr-lcXe=3&r2$Fz-yuY0-k~r}3T8n5bCp zOydETlb9nK5`XKLbEQ7dD|&I>QZKIH!&2N%KStW1Y3t9{!z$Idt!m`1(>gbVU-WFk zUc#}o6QpkjbVRW!m6*M~dUGwBt~s$1HpKugU%EENoiS(g%xZJM*#`5lXtPFAZ>|;K z9}#9&{q|t1V5r8HyPi9C`#QKh>W>HgMc2draMW8&!ciYDf_@O<-eA<5PW;hmJn=)a zn3C~uIQ2)v-e?#Oz0s&Y8HRp1+Cz^vAa%y?&eh4&iJObG#8)8e9cr?pSynX_Awwwt!OwraesCgm72I6Zl!KToCnt^@ldePtKSH zwkM`6S>LfhsNs=%Fv-dnd-6oF7}8iICDI3{QrvcK@&hstZ7>fL!8+H@k7({@DsT4! znj?0*>erUQ55rx-w`b!o{5~Fz7CpZ^9pb@a;FF<08ixzd?|IX(Kk@pbVXsRTLBBf+ z!X6$6qsd~>8!o2)V6y0Yhf$@se<6mpZ}Z!YAEzN6n5JWHR#=!-hDsB)`r>n$)@uGX zZvyQ~72_={SuoBO!NG@=X5@YBOULJV-qN__^Bbh{Mt~~~5@|3nwL`%)lbXzm1;kiC zDvMuE*OskQ^PrNt4W9nLQx-N~tHtCF!g6xJ5_`Dx=^>`sOfre`rBYWDMmX;u&N z0fO9KP0-hyK&wlJ7ZIkbI`i{&2=4w*I94@Vpg>-XbVuZio~_(ERiPF0T@0__Dzc8f z8iGQW`lRC7kOu>N(|L7J02rVH+7H4wh~>RDu!MA^C)M_H1HwjchFGe|Bya6sC5YBn zZY!v1`~a3%;Vyu>{-XRAMccwH1gqzre~2;u%EDi>CHYl${9)cQQIU+H=k4bzyMWu! z7wfFZ7}gEL#x;0imxSKc4cJnG1ITQzVQ(##X=o3sa<2mk813B1tHHwQ?7#A?E7KfGDzs#CaRgJQ8s1N(Id(Kf*d?Rg6Y+ZeB? zFXbDjELM*O>fGZ(2lE!;yj93PHJwRXli}3 zBtS1L)Tgi|CD3>sMJ*Jw>f4Ay%>px)K)n z`{o6aICm8f3OyDhzFxG!F-xH~g1iB)eYZirrA>uUnsHg4vw^~Dj#aYpb#hfzltc4M zcGX$_FnUY<^QT!0B^$qm$STRUmo#lDM_4P*J#FP>PQ`gIW7+j|u5hA*4^4W+Khqt*~P;#QGr`c*N+qPFYsoI^^DVootnsa%DPK&+$6ntsn3QW^h zi+l)UNG@yO3Jcm_f+6hje8rV;B>(}n@uHMuFS!~&D}16oOzcAxX00Vx6=TRiSMe*OJXiS&lw(?5mK%@9kX)Io!6u^;V6JTEw8FLr zk96K!L9suad$M)T99;#%X*r3kyt3N1p>BU?wQZZPpFfrqbA?vI-EH%gNcjtxO{Ebv z8_}}iP6Jv^5Ela<`myw%~ZTS2{0-_SAw zso(4(Zg8q9o&72Ht|Ir_-@Ka8Z+YR)a=luEQ|dgSOCNV_U7=~9F<HTsN0EoB!d2{70c^J7>euq@{nmfYReK zNy<5M-orC{Zz*5l%wIY!2VUQ^`@tV>IZ4&;_5)ndF2CzuOdr<7Ax)j;ikTTen&GIa zWFx4WpY08*^YT@{YScCdx+`Nu)mtfEGnW$!aIH#208c+F(j@g}d5fJ{&N-y7nCP4% z-I-`-jdDk>T?yF3((No%^{IAcEJtM9z4wLn{iDwAcGQU*JF*FC2T z8NJeNk#CYH@>{c+IFq3YfvPyF(lu53zP!@X#1;pH!7|M6;dGWeA5uQe!EXIMq8kzu z&fCHwr0_2&9==Z6k_H_&gI`?Tyos_m`a86*w1>I{(Aq1#)~U0$##45AKB`9h-8aikuA(N8xwGu2aP9O)7_zysoYNBrm7 zR7p6sZr15Oby#^Ra9V!f1ipuq$oJXBTJzlFRV^J@m@Zdm)XB6)5}>(Un=>dLGFK0# zN$5)!1zf|@#S)abE)B~xw)8$`Qs+F1f~y~L2dh(Wy*VNBK4KEF$~-^Lsulg z^bqDWke-%14cH2M<_Hhs&wQlKlkjypG)McyELxniC*#pF*xI3d5iV82wP}j3)#p7N zs-QeAe=49A?$pQ*;!R!{Kn;|y%9k4H6LY0KQ%}Z|MW8ijxPgAIWhxTa$ zdZ6xEtm|LVJPR0((K}VgeF&>asv2j{9pn{(yW=kLCV?LW-C*Q<(?u9g2UEX4_Q@a| zjEAGeln}4m?}d|KG8px{)5$2rxYz3sM?G9~wWCCkRyWfHZsc3-)j_Jh%@vE}O=9c! zmoyG^bs7Q7_49B0P4%LEYon=yr*J(2>@I56x1A>adDRl-BYJnEV*!NBJGbI7trHWC$+boCv zU(q5@31{onuatF!3Z>jR`@`{*wR7eSJkMJ>El0ZNoHJ+gBXvHv9F>i4wd@w#4ZXM2 z`CRavXq-BgpQDbfh{_wTc1u!?sn}$IRtr~|10XjuO?@#PO0G<^DGrx0l(1wSNqM8% zn<5nIkc2Z(Vsz0dXj5l_n_E-(hRzp?!J1#oR-FJ=+Xg;=iLtB-=Vg z?HUSITxZz7uV^VWQEHim$71pJG}(z(*0wLRGM0{0v_Cm7lSz6Iku)ES~q%PVp%tRCyXO29s%4v z<&GMw9VsH3svSvAY%F!uJOq|8ABeYvhcM1%VKxC(w{g+6ybNut0CUlH-je^n7XP@p zn9X6i=eL)$xr?NwFaDrx{se!D5k@x`vqIIwJCfx)70T3#{d0Tu2EM|+wt`B#29@FT zj%52dH?O&9wJ$kWq@%we>R|%Hl&z%xoYyplFW^R)=K$w$$xuH-rJM*he`)cg66Er; z+VU)v!r$`*0K+0c@g${Ri75({z|q=Setq4@KX73*aYZp+S}y=CNxnx8R&gA;V|d}A zst42v+p}vl`~x=*Z!Y#>4k6=QGHuIHs&_J#nf7{C$e6IDquIYX zYg@>`YvnT6BI8`!cRM{2HO64E|AXIUF}uDQv?^rZm>MY*r%y{F*4!?hssQHNl(uYZ zP&B-rc2mjlEW(!7r>h_3<&X;z=*s)5Mtcik350Sjv`CE*XwB}V@t>0mJDI#zA*y2S15ni;*p{nR~#u65>yX|!%jN%JZFsVwOevPlG z$3vdv({l$?Cg)9qZ*zd(&TBa7fO?kICU76UwQg?ytGKb$GcRAfgdxHH5|MzyYbk5_ zmW#d}E(D3BM&_+S$$}eGcCn_4eM8NI(yK3L_OmQ=>){d_2XsS&HI9U-a<5C4Ln%p~ zVe{s_d9`t8*y96D$&c{1$VUms5up#$b1%*sJT>_?uIKi=Ue}v; z2d2K&7?VLb@w$`#WH=$gs6U=AM&TqJkHQHF2Vr+H7!MY`UT-n+hGXJQy9?|s24onH zdeiB2FJ&?ca&jI;=!)JgGmft0^DhBv!*P3)uE_;$1U%9wv5{&Mmx_dN>>XhX@TlaqhI69>zbgx@>*;LT;4 z%hJ2fui^lpekV)mX6yQ#J7DH~?_}h+tOLKNB>LXr*)}44Nl50P&JQOi&z?c;-!_N~ z@$0i^&(O7xVDc zVQyr3R8em|NM&qo0POvJf7>>)Fbwx^eG07HJ&Ajn6scER*JjUg?X=CWdGTXA>9d>d z?LZ_XVNH=-0+gd|bAR^xhgX6WNs)@Oc;UY>fB2(~d z2LJ#p;6n;$kRbWfgWeKt*IXpfM^o^&17rLSB?L#|6s-Fl7{~hO#CGgq$44;=eH41E zm5v2MxI$ClMXOa5b^u6F91%>TWHSXzN@FtZ^#VLgV6w4fd-{+3uviTuYTI$R=-i^sU6lBo9RjAs5ajrEj2^g6XGnAN z$zPwjwmY^R%X!jSK^#(uLzHkJXa#XF1vs2X|Fgv{!SL%OMO<2t4ghHqR8i0o#RXb| zjl2m}dV%ROo!MTrGAb%w(FCF13KEKvO7@k4nqeBk6;}URe&pSv#4>A4dy<1V>UHQQ zMpFReIKUpC1RXsl2DW35C!ODVetzl4l>b5G-F}HScF2EcFqjnOe}6K0l>ZO$JcL-q z3qJQ5sKy!zaWXFIF&S z-KLHFy+=jSi3ZZ1x*u6}xRdENy-{|x@?zX1Bk7KVU-JbU@#=Jf6L56`v= zYhVc?F`ItRzJ99T0YLEzMJWXq0R!;03;tnz<6_710-SpbfVBjigk?l%@ly;G0&gy_ z3m+L9^ov9N7oLOnp!>DLuM7V440JEvy#Brme*V8~Mu!Fz+iuO zLl9sBf{0Cu1((}w#xOB~L$E@tDA`o^fBQbnW}jHvw(rGPr&rg{FWYryvCfz2(|lt; zytyj&U)H$_p*NS;H?QBm`u6$d7n`G>G0z^m=$^ai_d6T8Ji39QU(xBpDR|@KD8X0uIcDjdIYpkssW@)74nWNu!zs@T6DpYWn_2I9-<{*6i-;F?Me0RX$jQHC4 zSgl$fiVs@~tu-6Ar)q01FdHpF+{*G2FrIU0t2c)+y-z@{2};pk$3bWUn9&Z6<$+_>;n9f#?MjNS{6# z02E+hNpsfxh&GpKuBaByp(jQY=p!Z+hl?v-+935Qh!Y&rIq3eGSO#;u;3>eN7o$bGMU6Yzn$v*4vyP zj2gxVK^5nVA~1WcK25=RFgek$GSyt+oKIDiy!aM@_t9!aYx4e14> z%PHt;pEakY+v)I?$3+s&_%d>i7il6~)BMBx_X(Q+{PR=gjJr)|C{67kAlj#1zP$w|TylxysHln8|-iOhkvC8!qyAA$npQRIUU zW^*5o1p10e$Tq6Vj#i zn2=Jbd_)ivXvKJVoYD1i&q6WB3ZfWZ*Iu8grK zy8RW5v+*W7{Z-_nDR3sEk^Yhykd17>PoLx%dD7`HV+;nY5j|7{8-D8@lt1<(_W!7| zTzj%F?sX?{*Z#jVD#m{eNB!~R{@+79o$|RDM9@cx4TC_;!^c_nANq*-Z!b}>5*vPB zpp9Mge>@p&?f>@&kMsW_o&#_JDMd-hO(VJId$&X(n58)I#g3MD3m1skoda;qY*`r( zN&s1+AOMRXnt>Ih-V%q4Baol~QoKeWhIDDXhoRp&03lj%gC9JN6Ew#kkq_=LU4lOy z+JG51APRX+h7yQT0s-=-s9i#y-gGkDwi#-^*d^UeR;IRNiqf}@mx z7w6AO$BvWepU9&f8~X_MM7bpTXUAR>FY*zC{pP3F&o8eyP`--zQJY#F@u_nF*rcKRo>wr!h`4#CqbSnrUv#F}Q)v15VLltxx6f-*QraQXc7{MB>tp4{RXc=+cITc*kq zY~ILX!dzjZYb~M;!PEB#gYjV05OGXMib#*uI6Q3F#;8-msqwvWYFx{yrsx&%8}5(a zAdlbBz^{MO9>1aJB6rZXi`>ECVHs&n0V&dGIzuq=mUxW`6|v#}BvEKNwqv^|d142j zN$fxp>$E1;DJQnSPe0<2;Kh;(3Xk&?_Du@M?J4YY3P;CnyK{70(Vg!8Bh|^1=9;99 zDo7JY1b_%C4nP=%)(ZYJN(5PrvC(9W-Ey*;j(|p^bdo33X+mgCAG(s*rh_XZwqHu@ z=w$Cc9OZ}S=)@##(4I6$kTz^8pEYU2u_UcX+x|LnG|tmz>coDPq^}&G@&knnB4~7v z+tTPBmv`S@$}A^j3Y3~U&7HLE#i8vEOx;{NWrvftY#2@|*s#CO9OZT9$kdr`e;-LS z9JLj&!%?|_Z49V{tbU%XK`mL(_Zdy;3Wef?A@G*SyPZWJdjxs>1&sg<0>Fa)|MQa4mN1DLXWI@0@iB>vB!Hg4+)LX&SVbjU1nL3=5Gj%V$ zEULPBrkV=bZEgPzZC6P1VZZe}=vT~x{WbC^uaQS?6WZ$MLBFj=9`?&M^5|YQa^8p^ znHt%tvKwm&9ZcGe&B0_+uCj(ZM*@uFvhEw^?Tq2ErfRZ>H9WLW%8=Vh<~DLURWr=v zIB9}oJ?95I%@>Z6=KJ8Jbb#%)Id)K%m$t*PN!gZ_cTY>`p?%Dm&_8L0y<$TDWSn0> z*Rr^OvU7o6fIcc`aWgQDSv;y`@q<#f)A*>Gvw72FI5bIWZ9ot0i6CpYG|H1TDc6(3 zoyNzG4$CXc;h+h1^&K{8InXELa>{mE0974UAgOPXv}II%o33JRGYO!qpVWC+xfRb3 zdFcQMkf1qAQ0O57{FFydEYk%7IP?+(2?EjFIQrLo0`GQs<+(PNTq`hbr!uc%THdf2 zx+c@yJ!Ip37TP_j#sb0b5Tp#hd6ak}ej^nE|uiuz>~HMELLD9XF^1}6qZ?v{lvkLF$? z=&!_qA0^ zN#qVCMbdGSpv-)L6b6y7A0(M-U%CXjJr*~jVt&0g7}p>-W5y1R018Q(AYeqP08BtE zG7qpZ!3-jql}KW`io!+Y&n&k+uDPmgU7v?#;=7l{>F#zR=ZD8=k`0eMa{JRYDAHvv zeJWj)JOh;^qMev@M@&p+UFro0hG`6A}BpaCz+8EfsQA-6Hn=66`hl-!#yVVn5bx z=&jKGsrN_9iFYcAZ>Jc|s{NB9@uqTg-7Vs|S6GZ$9MXtueFj}d)d<2{dV5^%?P8WocIr7-^|-*-{z*Mwchlalrr@}ef_54_S9MaPAg9HhJtzIYiBoA1*3;e4zSeXP z26c2-+JgQ4Z9%ta3-(Q0(5bXp>gjH&k)2wN>{i-p?*6u#TeQ{O%vKv){mDLb_fJk* z*}$xPQ!A%`vODrE4|`mvC*4Zxad-4nHBXDyqkC-fv{GMG%1u`+s`@AG_Lf-rI@&8O zJa>N!&n;Sb?!=_Mz0PoJY=5`X!gKex@Z6$>=Z;MZ+AoP++pVUc(oSnAI!Y-h+G*~{ zq@ex!%dN4p-Aaqg-QVJJix!tVY(zo50fC#>~A&{tp?L*aN8RV zj*Q&wAGfr|j!#Z%2(L66_O}^|CWC1)xa}qy3GCq94JeSu0+?A^iNzT0Q5*4 z)Q!YSBXB<(u(V&C`hK}DmOmWh1eIl+6JPdcooRmxSSIgU8e=E+!0w+^Q&4J4iZA<9 zFey@Cnv?taulvXCV%b>vx}GaFCB>Kh=^hv9o;0Gnrss~UDJZoG#h3jl7!@fn%|d5S zv#{ZoK-P0rz7K(7CEfcOhP>*qNcX4_-8DTosivUR!V_Qir(jT|z%=sq+dJtWJ1ys& zGu|Cf!nrdR@Ef|TG<>(pa2716xznwHF+DS&d z_DCl%X+=T#UWsU|l7js$oru@vbG^)IXuxT@hgB|9fnp`y`&(IqqLnom znso2CvY9kA`!c$#HU|WXm2~fK1r3T;kP&D;s@WT?r@LXujHbI^36z!*h+lco1K5w`+n$cZnHCW8g7Q#*@nwGsiUwf+q!9(R19aRj=K(9@ zNFWHQ{sz3f*3i?g^chYXVemtq#t`~$D_lXjJq~W2$=Zy@mp(Y5%rdR*h?yRpmk8;>-TrDViPqoY~Pb1d?&5diSF|np=F? zn*g_{So_Xr5>UMfP#%^ozU)sxQLnl=y}F0vY$69=J8$xMRJVgu9z89->`!`8X}US3 zxrfJXEJ<%?_Krt&W^Z}$wD__==|#QiPCk?Lks!Tgpvbr~P()x^N&5Z@*DZQ-+;Jn) zt3+)z_LaVvJtMAp)uOrJn!cDlLtVxV9q(DM)ehK7LtxK1ZC&ILZK6Gc!gt#>ygj>lP7gVuIep`H5^OZClVFub*8VnD(Zo6~rSB50 zQ9?!d9Qz9-C=Rg4?@$+Hwj90Vy3t!{Q0;F|70szhDVZ`vaE?Dps@iS+jK+0aKb5x9 z{-#pVQX1D$#rg{RtoJZMK3GPC@@v)wrR}uMs4`ZZqg6%eXM_Y5C>@!U4hxj7;4Lyp z)s*Vs#aST9-hG`wp6pTG?5qwX+TZJ63^}MH+mAxZdzoMV3Ih-)cmlqjrwt(Wq|sveJ6`4CATjmMEpPTCcQR!j9^fu$9)r-t=wR zNG<7WxlSF`u2U@UNkf1`KybJSP)>VNc#GIDXGA+K2dz^* zXr0P!NN4|TNT;|B>6qJ)!?LYs==)%W2_qc*D~%`uQ3!k^?;U3LUkzHyd-QM(+K ztb83)D~8hE*~gq>_Aw`)eQdbLzII=pgc><5)tghT-l`IWIr}FFbBYPVoP2_?Va*xg z`Yv}`cDYm6tjhT1?4R+=DQ5g~@)^JCNUtBT?J}M9hn1PmoXU(}&i)y{oMOf= zC!g_axUV03*m9XUtXXDOW&3jW&-UdMvwb=FY+u7YGTT*SUumB0yaeB1dRXJHu1f6X?4Q`nDJJ%E z@`=4lNpBEB_j@Ct3Y|(_zV`;DQ{3XqrG*+AhmfS3A|(jSAX)Oux)&%E_j2NMf1W0%n5W6f=V=<09c;QE{tP95+O5?Fqq?fu?<(+Ta9LM!*f%*7Y22sv{DD`uL6o1;KZPrA1z^ugi*xXjDYS)I&7cu(=nfWC?r}qtHj8hY`Q%D@1oY> zGgM^JarVxl;}o*!IJqo3gFTKL_GQ?`py4sBjOQ@kDSgVVjy}c_K_H1D3SvmeU6lA>j#1!)C-J`XfF3CZ3+K4D6NvMcQy2#~BZY{9ng$ivLcW z;ovKGIB*8T$!IVbedV|=D-N75f=%H`35Cg5&S$q(B<>IL8~{E7I-Nhge}@u+qi_la zOkWx!AFmcRS+e;`Y#jAw&|jdQENzLx77j%wD;$L|_-{ft0eUtMAhpQ9QkbAa@Td3J zn;1<2jQOq_E4ZTtR^Bp-H)-QEjx`yRyyhxxBP(z5;yc^ubl$`$1SCom4;=yMuVLsR zAKapiwT3~80HINW>`v!8Ns+jd3V1LCGX!u*C=3GR14zIuqD$~i$Qld20Y5N}Crd{O z`+ge7go#H6=Jn~7$bH4YE-?X#xE&1>z!e7!0ZeJc(Dq;uZ1k0&zP2P6DfaoUoRU6gX%b6~yA|QXkAV;-0>k&;-F1h?D4_$fF{mRk#5{?1DQ? zm%N~WLzYn*_>A8Px!~+-?M2@KU`NZOkvRDVE){9*o5dAApYEUI1tjyP_|%boyPH@ zEih(ts(`2(oO-M#NK7Uk3-f{Z;)hP>!-o%E6p|=Foy^dOz7GsxqHr(euTf3d(&B|e zgtub=6T^o!%RAw1C<~Ty{+n;!#)|~{I9wco%Sd$Ax6r%g6H?dBbs?KQ*9;d{5gmaf z3W6D{5+%S#0iww4#d#8~9=;z1Rmf7fSpu=DPEA9zTV>a=wOSBu*u2~B#jHl2-DhT+ zKC=~Wl%B334tNmU6`~Y}3)1OaBIpCUOrmrlhS7VjbBMixtKjFScF*{E21C55axw}5{Nid z;*d~AVNb|}0`|H+DKR9h(k5?@i3O>(j8>>!o3eYe&S2E4Afxkt`ZI_n;l~cQfKnNJ0`5@_ZP6LXP5K_EG!R81+@VC=f zFZnk>myiO&Y3F{3B~qhf9wp*Ry;-zI8Ar6e6DQFc`^X1(O9rSQA9!!q;_#NW zC~Lh4IU9pub5F7<5b&89Ob)@ncoD)SAUEi2VVk6J93}jA;|pn`Wm0pij_9`>ardPV zR}2jpQtQ>*t80rbDi7_B1+I{|aQXdDXhtxtl-q|L3!G(`pJU=hiJz7B#S43}=+SrN z;`)c5u4%$5ag!W^_uP7Gvtl>wyiUimEWys04adY7dRxYP6b2iBK4L;uQeQ?Nzf<4m zX?@Xr9x=0I&PgE@&gXVVbxsr#?4ty%;H{X5@BJt&tcc1w0?wk8_J~05kf~5F3Tc98 zDIfJ*uS!%hQ+WgK;D(QW4~Bn|RGtO_xWtPkCEyYfl&p~tEO5OZ4y4NtDLqQ%8@5X~*~& zL^BwCGTv~}69oZE%HLj5NYOkE0)nVnLPb@VymQTWgeH)p#U@|QOAw@}yv64qW0cUk zZ_hu{1fC`fQY-{r~GdKD0hevn&5CDU&#dBQ_$_oH;Gu$`%}PFg2^D1tg(kKqlkWz zW%HObn^%9x@OlMt2(CosuJPRn_nv|-(*+muWQuHw*+h3s?1`1f62X8jg`tt8Avprk zoT89_yF;_LFHG2Zy2S&19}73z4Wu+7l0dVFV33bJny<-=Z?obG1<0dO@+nuk0c*^s zj7{KzDf5!P-hRp`ZAoT{lOZYNe3&B$jISJ5b*;&{P?LzlZfL@uD@+!CK6 zF+9lj;M;z7F;YB&KRB!>%9vN?#@tD7N;~>XLO$lsoWrW&n&%#` zi23TPWEK#?e1M5S2l@L7`4YumhMH3K+S$)-jp~`Fs8!>;s@xg|*uP<`M=}LZ{-1yJ zp1z0HzfY~dJJyMPWBvSpp8kXUcj48q|LFbq;o<-J`bl|D7AFV}7YQPy_?jRuO)%Y* zy*rCSiat^`Cbnm9K~p7ojRUkm{uZ5DN9iJ975OFlq`IF(56z+|K(NdbC`giOG!q2< zH({`0Tc$9-JUvb+HScC^yN#Xe|GBe2E9->*2+d?fb)enQL>CyXbKu^z?6i>h|$-<9&1Q}fNMx$LTmww343O=qmXi_X>T$fI?iM? z>fEBuU6lA_+Oa^^SjPgn?ck0j<4-!b=?rO7pJc%?PdYjRDdE7-3gTeOBccAM5NrW> z_{P*^003zcWat+vh~g3hA;%?powdS6gvC6RAT68!#{TNPv{5_%U3WAZjf(SsFnEmr ze30h=SYrS5-NkFQ%kSkckn9|Q|4|o5T4FbMhJxs>6U8W8$Ki_=Tp(tma9Aozf|+8n z0Pq5gLJBY|*a18|Nkp1W0rkAZ#*rx>WGze7Y6=%n$R;F(3njV!hb&=#G@iQi&(WZnRnvM$7848pNx->8)Fcs zK>%WY|7!>EU*a;@DR?n|9np&f5gs4Jq5Xst^nD5wzb)7AaDo=BVm040*bP~(VK#tf zGJ4H#%ys&%bK(vazfb0)F&d4>4m$Sd$NtbC9FO`g@+Sj0^t}Gb9QKE^`Dk+NIFs3Y zhQ@;davb+~i27(YpLtDiXvOMlhy%7#MQvG4RmEynXRu3It-kj3Uk!j1INU$6`)*%x zcXl$KOwh4AJ3e;d+?${gJaLXaf6{kHa5SDd9_+gidNcoI?2H`e#6L!}p+AP6?+=f? z(jG3h--^3&60I0@ZJDd;Rr6LuZa9in`Q5N`9PZm=+g0pELuWj3PbPhDfM))D;(McU ze|9|f`t#xO$?hl;typNEB z#^aO8+#gQ-lfiiCOa{n7Cy0G>N+qY+a8v$>P?d}?h@X#%)+kA^k95##oS-@WsJw{t zGzi$@OfKo($kI6|tQ-m{PGr=+kLEmwCwG`D0Hrmvoi`w`6D~tyi{m#Gtzs@GRp4w& zkZ*USW06e3FQ4k6!7z-318yfsqbP^l$zo(Q$|&Sv=W2&cd}Woz2VZX-=2(*zG6Lm~fDh3s3JIbh;z5!;V2B_#2IWp<7FA!)0D~O0wVl=J86bPQ ztvnN6VnV0j{m%lvT+fqeh2&^B5c_GVe9Qkdart}LKBeBn^g3;O7x|H!@;Hgw7 zhx}-YJgf4SABeFvEES=4g-U_F3D3m=l`Rk%cmeF3vx0#Eco9a4IMc$uDg4>gN=y*K zqp!)&cwA^{1wVo`gz6{=uVwsh1BRr@LIB`@6{;FtTc{hugkrrdsDEi`aVdI~0ZGsr z^Yda$O!z^v0I#@4Q6GK~?_aXlQ!wasa88E_L7%Cryxz)}%JfkFeWjX^wg}gnK!u8l zJx~!6k09BA7<)1(+sE@cO0w0xk3D(>u!?clibR}K`u^<;L5zYt1zrBT+mQ_`&0wA^ zc}fm79AyLPpoESr#HVrz445oPO>OqssCw%Aq6QANh*8nv>Szk#*_vk?1L@YdOzV9v>o3$MB;lYSWMKk};&qDR|O*vQ>}A zLq>!iiE;E1uHpbq86(wE8!sg^T7efAye=y{1@1}TcE`u|cx;bLLBcem#+hD7mxxJH z8GE5(`3}^JizuN}FdmN$hSsafIPyDjoWXpPnwR4;!~75sRAK#v`R?6ZrvZz&G&zxgz}K#7M! z3Uhk=KAL%jR#CF4Xi1F3Ght)N&`IcdthLHjyexJqiseTg2looz%0s}W^v_oVPx%p4 zHWrd-hR6{JBg+0k)U$1y+hGjc3qH0I8NL zQEvJb(V`JsA{u-QBXLayvwo#j&AKQ_(Gd^{ci8VN(L{C(RxO3~B9sFaQoGyD4cOfGH1t4H-R-jW$%WFboo775I#JvG?QBy5y`1g#hkB@^f-M#KhhVmV@@#eD>j{8zrP#BVX< zc~z10NS@{@X#go(KEON?3n!kxlOCMLwImA0QtT~}a?r;K@@TLDkW%O^rS-|wiCoO_ zVa6GYPj{YzOT@;c* zSNflD3|CY6w{-S({iPRoE9%Y?r>-htli5=xfcW|1B6nnq=t=-spsSW&j_vlHUVm7q zd>N$_<*WFJP%I8=PeIqQ`TzAaUi?`=itgZMnuD)>0GBBA#c2bA!1Hizy@Ls3Er?S} zrT$#8-e6sGtF!k2g1iJ#Fvkg@c1Qer9fvmCaR9D1 zA%!26XLi~-0H=pQEz%Fbw};^3^y=!T^C@`p%P+vb6zOVgo)_rTrzf2QaHflNB=usY z{R+lEqRl0m>-S3ei|^J7#+F{W@#hw8raXg|e0{zJny>1qd#+{0mhWmxl=BIxUP9rT zNJHiQ*wH^VSa^4P2NU1&VYom^loBgLqzXFv$QFB;W_PR+kvOPxppus;nJ(1AEJ5&= zaIc9<4Z?ItGxUTP4%+U9)-@;CZfXOhiR)J9jHuDyzlJbGxGv<(*+xSB}_N zI<3xMUnw?|BfYV$mO`N)Q6hybPo|V05(R4nLJ~yLZ5pc_c2Ow0;YU;E(=;YbE`6&V zvfvH@7$gY#8`blmD_VKxg6@&ZM#5nwDDpgkOV)}^Bj|@j=tefRwGt3&PKXu`w3Cx? zUAHUuM@1-r()9$v#9JcM^blgA=NmF2@1QMJReUlk+k#R4{(XYxKWAA{GL>lKNM;v| zLJ!51^i(}dT9Y_j^kkwRGm9j#WWnA6^gP7xJhSK$sn>@cA+D~}$BZX@=ZB0kYYiD4F<%-7n~pjY#5l|fsiQJ)U!7k4I0cT=S0XCgtmWN^ znDLrByPFa9_V{ z9mwYOa^ONZQVVBG_&%39m87W5PWY%d^ZZYe#&N)N7Q%pkPy)XV7#tuh1j8KB@1O0MC)P@d8vu zm@Z(bziV!E8gA%290WW~W*Qzb^$J6tfm)Y10#IFrNbw2*NOf+mC=51sNB+{gJ>;HS z_lZj}P;n$YQ)q~3R*0`+84k=4Vq!em08G(}*x)&9GFMtT z?3Qqi0A|wsE@bv26Hm;5DZpT#1g*Z>0}uhjiI0-{;EX(y6_gnJC0=8K$|}{-RflB; zs}$FZB$}bE058jGBFZTww_Ko$p>D;IZ)tpu_W@p`kgc}a#KinBp5H8uE#cSe9o9vi z&eXEbvcO9TN;m`yco!Yz8595%4%?=&n4l)uyb-Jq-5bgTbCc!+`}BbsCCp&D!(=Jk z_M-PUQJU~hQot`XY$4*e>}!Ik@_{nq*isqXFJg07bdA`D^nC5zMWA>M1O z>uFX#*!AZxGTJrt$Kl>)xaZk+&*Qxu`0s7NUkRPidbmqnQa;#;3G|+ax`h3|c%ZWd z4~?>5U2{b9^hI}=E~8XYsk|vgz8!#5k1qWMpcIvrs#!(4n}e(A%<7NkZZI+3I}GT!7DLr(}Wz=9Pb1TK(XkK84gQWV;% zIbo;PnW;PjFbX|ne6(PUdv{TC8${5zbUK9|Ghx?m??5leEccMD?<5u%Yzko+MH7;WuJ~iqKTs zsZvby%lOqu6B~X!hqKt^le|D+kwA~9n%q1P_8fQK>cy76Dz4X!wU-i;t@c!n3}u!6 zfE|EOOHhz&I_Uf2q78o>C{d{mLxt`s zMrcQH&>kTkxtLDjmrv(&{84~cx>a-?COJmrPn48^)LKaHWD8B8Ly)&38_dujrugMo zy|I0TS8;%zzKozhg8>XZlpG!b_VZi$^GLbFUtAo4*O8BON<(2t=&!|qB;!;<#kqva zlL?Z53z1L0DyUT`0C{DBO5$i&$3<-&me>=my^c&&lO#daP!p5|!<0%KmA{nRPR3n6 zQZ(!`DOk0PK?cRf5iJz~aGk*U9D9YR5hWIbs{+^J~ z7LI#|q615@nO2~VV;Q7jn-d^h1n7!F@Ae2>a4m73!a%-|*X!svBJd*q4z6&pQ4VSY zL?HkV$6(HiVztwj>2B^^%g}gnu^t|=|BlTju-aoO>2=}vZqVI^HsJlcw<=&=WvGHi zgGm{vnNrxP7;-6VOEkj{?ZA1lLp2z1_S6o7$3}K0KPrH_+VBSOF8yQF6v@<7XrvuhFP>| z=z|5KnZ{E2Wx?Cam;5W&Z`oF#LA^kD%AprX(hlxSH|cD-#Z|M|tIsJiPPM)+#@OrQ zU+jGEe#k(7U_GX8Hu2@M%;*NKn{hE|uCZ3bA)yHRAetNPu+kr5-UROroAq!a)<=v( zzMOijk9eT1=sMF3;LF1d_YCXec*vcFm-<+=s->{0zj-eyy`8fKh{>tX-FelUtPC;_ zk6;95GfiPS-7;v6)S|oXS-#6rEy2WRLvTsp1-teA&mE)HN;6xQX<}z*ML*BbmT;;K zZ58#`+|X7m0CnNR<+4)m`+jf-6J++_claanU$HNU zf7;>7*Y3R{<=7YYc>;~syK|p96HL8$g|b!$V=He3Vkb8 zIalXJ-bxu}vDuG9YX%AS@^Ra$?f(d_ugqbkf)jq9%Q~gJ^2$n0J09;h1>pjRA1jK| zfLPGuq4;b9b^qWC#d}_2DhGmOC=Y~eB3kveq{NJG<0%)#T?{5b9Rk_q9i>i0929i% zG9on7!=_H-U$RLmQ2!w!{H!TQDj(mVZ>xiZAj9Gkhjh7yw`4f19q2V{DN-?{%M2+7 zAhUnjCo_+)!t4Ulr45>)1oW;+FZWJ(kGZb!nZ3+RN+Z7|`0F#^+V0SDwjhb)2^TyU zO75fKz}sp`smYwPC+5L7GiDm{&^^6hRJZ~aB^1y3 z&VUv&fFI&LLkZ38JLZSKKDbaeh>HepA=!V0iThSYCdw0mFf_#qqXCIPKBndb_H%xf zbQ<#G4R5c$1wIl-M?TArH?ZBdzZ7zX)=M$eX9F6nG>o$QE;R&*C-SsF z^;$z`QeeZ&)8WHA)*BkZvK5D}Ee`ky;_<)heCeDT)aDz8UZAZ`G%0QW7a+|r>U+N<}c$SbbEnLd4$N$VT{?mv5`wd3J4M) z7kG_Ab$5p#YP)_Ka*r|c!BYc`!y^zzxvJa<5H3y$nN3U`W(KCyQZ0gbN;O(x%`NLI0-&Q}l)ztQqY98hs#w92JSlmv zpNb4*Qz^TcUKVFVF_)_Ai1kDiqwx8+SL)mqv+~%#TeZKH{me9tG&%iLY&kJIXKrL* zF!P7W06jUva!bKbD@iq=84gRBFyo5eArt}_nCCq@#^7i(HuQkt?fE!4tPg}`DENg0 zQF^s0l(fRUsGWMEa*6k7g?yZHS8G=!8|r3S7XrG9=L9^xJbh)&pm)oLmp*ZIs3y7u zs>3A3$W(yY0A+QF-V&3#lYi&JKs20}kbKYX3jZ64kKgjv-wBR=0CNN>>-B|9gd_QJ zq;6JMIzHRU#QzpzW5vM%Nsa7+Y--3{h~NOYVuJi3hQ=BuL9`%yj*T@;daU~6=y>4K zA!IdL#Sy=}NAjk&r&;MeyP2-y-*pH7=k@Qy&Hf~<&K%fa_9tohI~*Fn_i^!Dm@AAt zn5~^xGOg3+^*jT|Y~%W#XQeD3t#|aj!p&S>V{a*<_oeTHmDygJ+IkO1jus!S4J%LW zhH?`vM#%~j!o3jkK*%z>3q{Jh73 zJ=L%D6}-Z$GVD9XC$U$s+E^-AP{p`XJ8VscmMWXyb*Ua-xec-H&{4zhm!ToH3S?$3 z*-gB@`0!eim8C3u9KY4$x3tS;7{KoSmbu=Vb+#zHyQgz`;&yg(5$aobMpD)QY0YD?oe4*VImZU9N5di1>Sj@)2Nu7Rm=wU*=J&^j*IhC;^L^dYQQ4A1uJ6)Gb*c^Cpt6i3Vyu0 zMR!y17aUTwK*?YE@K6k~RJchnRJ*t)d?MNC!SB zI*e**C}v^b0-j_%e!?$wJ|!)oL5*50+lb6 zO&57P*TvgH#v>ju{Qbq-X`#*>-Xb1i%ti;-(rTB8P|{)l)uDpCs7e7TPJfEO^O*}f zKz%6Ov&HMHtNrFtcFo^befc48ZCuNH)0oZ^dHqEo1+(JTD1iZ^-{N;*%IuROVnrto z^m!bPj8&=)l!U&o^TpS;tivvpdC%@ja>}pRLh;^i{$3FtPWx$4%aR<7-;ZxQzPw~YlWX)7u7c9zE zpEH+jXO0=Mq2{BIVkm+jWm;h6@??!&<&ubSF=N3)4TIUf(mfkPLhho(7yCU?x=?2j z)G|u@Ab~Dhh&9}KA^k2Ig^N@VokAF09*WX=3rv^kjE|d=Yw3HlAe!}8kdoC_KUg|KlHt}_?$_7#R;EA~6P0LSN;Z^!6MR|ywlGcB>j z8eWwC4rh~iJEEg>19z`Iu-qo@Iu6H{ltY)|I12^9P^A;(#qPGQT3 z6k0w`M8X3jz&D6wh7}rtI1!EHdP4#7cC^W=C5dq^%SDt$4 z*=xdD>{euVl52Os(O*KUJC+%U%*I=yFpn~26GQ@&Hz4xpei0ZC<5(qj7xO|LnrCt+ zhD+7e{E{YPP#Jz&4qM`NjuVmm)HHlW^m4EfcM2$x0m1i}8aH9{3!@;vxkBD0o8UF1 z2wYwLzy!xm^KpS`&W^i;cf78GqhJ7eK75mt0=GZtyT;oxj6g14kIuayUs+610x~N);I`t0+|*A!Cb|ZC%gb{QeG5J(H8P00D1ME=sLSD z`$0)g16I2%KLHo0ZPOD}CMZxR@7oz=aT2ZAD%P;bGNUYr7Q&ZFmN*6~6-*G_;ue-# zy}_i~uQQi4j!kVP(A-qguuJWvJrh{g#_tfj!*t1wj*G~@x5=S!sGA%b&o8l%(7^9=c4(k` z%?@4r3%eN(4mvXLJIQvGMcR9QW|Em@qD_XvobOD8RHfkZQH(-nv|&UTD0vG|L@3ih z{|d4Ko2^@cDv}iFx@8R`?L0B$%@SglZ79c zv?yFedyyt8HY80Hepu4H0DHH~h!t*4T~@alfm!*7rIAEI(w;h2s~KIa*P)$i}& zvZj~w4fgcSZ#}-5+`HMn<=dul(6|l9ah&mR$p3X5r}(ck8Mt4$!+|pxPDX>l=qsn+ zA5Pq_fb&HumrqJ4OulkHyR9N|e~{;wUwYqkxc1k{j`(s^26D`T6vYV+MV74RavT6X z5cCbx;^N>0>5HFJowY(nB)olLcfRR;`qcU57agG4rJgMYoy~U_?d_4)1(vLX=K$F6 zgx$CZq8SWq{PB#9Ty@Q-ESSJ>fxy=|^wGy7@HOU$PM_(@_~Y}fW^y;h0|v>mtPYH^ zT%=Ax_x70BUWjck^yX}ly>`2uTO9gRAouM~DTUsW8FJ@3KXhk>C=_9e>J$L}X#MgF z__}ykIDg4;X05B+d}Nv}e!IA&D+U;}n)BwfWBv~( zlSyIzJMOsuIR78wshfG&&oi$o=__7v z$al(3Tmw9_Q;Gvs$d;hGz&w`fDQ-u^0f6bvYQ+jaU3biWQGAKl=%o6#u=91aHt?ZQ#Zt8m|_ zQ6ADIf8WdA$%YG{R6hzDKCy+d`Nr%}w$#kY;YDJLaLrH3>8J(;dwm@T*$4JXQuqu! z<+u9lLSKW!JOmUFq`_3cD16h^%1h^2YE%jRZRCZoCkIHe^ci?6_JKs9L;eq_gqizU zF55-lWci_4r%BVdYfLl2?P5Y*-M6{=PXSl$bI`>ftv|DoTVDCFM9q9Hvq+2Syo{n- z22oyW-(9<1&^=QJ&bns1-K<78qYH&J*~AeuG#FubXvY0qXqz;nq~?}c{aIAg z6PI=d52Q#e1I)jb0A}WQ&i-Dz(%RN?rNp)tKs$Pyi(>%FbUOdu1vdB z{}1uh+5fD^Z4p}`76C$68~M_?DZ4ed#Ic)s8U*YwHpeVeRJ`FX11SYq8$U#Wj}l%; zi^U}*KcY=_;jWoqv@7dMabqC(EH|Gl_5a;mp{hn~vkhh>u}|IV;yNcgI5dbct<5Ir z<#F4uRXxAipLu|vD=Sdl*^_IaknDVo-TQn<@6bN%4Fp#CG;Gj_$-PyhCeJ* zX|jA*;KE?Z8&z}K?MJkE%?%S-em6#0V|tgQl;j&3M5;k&LXYuO{SX{3%0u&SrntT8j<*D zI(~_#-u@Hk;Cn`tdhaHS>2GQb?%MzDZ^eHM#>2<`-v@a_{D(4X_)QEvdbe;eAqqP$ zD@==r|5kH zPWiQ`Tc<3t=wTV9o820brJw*DL+S9yYLvUXiYVK_}*Rq{8u3i1vv18mNDr7Z@7 z*lql}yiv>K(-y#-s*_B4A+h$UD3iV%EAZa5bi4fRaYk)>w>Pu zUTZ-DqNcqZnx0FVGc~m_~6H=?5uW4vuRk`aJ%kMAs#ijrP6j@F*qTrix=W;12}$*oO?!@}rXdn)>8 z_xKh8KE?-*rnMd0a&wf0NQ+G)s8!L{}4& zCsB>C=JP=!+%2Hqa6V+UKW9EXn)tuzvyc6+GRQUc1@H3zI?k|Y{}0E`qy7I7kBt8= zm<7f2YVwFY4hc$lhL;u=ylD=zi7htMjFaK~eA^UsfB8jA=IrYW_R%(SAAI^Wttm+1 z0(|<^6)-Q-Ah?JE?1^2isyeYQ#sjan&sXNoR?45>Cs7)+-zZ#9&8TyE8n0f@s6wWi zhoP@)b8VLW5+~z%VawQz%oUarSf1}QKa1MA&A#n8r8&d_=w9%>Or0l@0q$kT@{M#N zWhW^sLzLuSJgHhOPYMD2w@2XXweX*9(SBP(@OpO`jLd_eAm#EC=y7_XLU{Hy6hyF3 zE5Ez3%I7`M23;3rR9n_H!Agtjt@&S zQ*;tVv}Y5t?1_XT;vBci87@LZB1G|3LjB@d%$T}YeI z-y5RrfX4C2kNW4gecH=^dAIjH%71sbwf=Y9$Mye%JX-$CEsUq?c6}T!zyj0EtUW9^ z0RRp~%6Yjv^-kSkx|en^H(DM-L$o&Zg)W>nam!aO6|(5zHX_x8kYBhL;57=xFDS2H z%#%^MJE;1jaVK}Bl)O;NSi`6jErlh_qbv81^E8tGDizf}&ff;|e>^P4{|;Pt@+kiw z;?eTII$2qJ=dXfQ?)p_<%N)Pz+YYyHzE~5dZ@xy}<=fil3xEe>IKu&^7)j{}eLu@> z{QCLz&FT587q2@l{KJ}Se@ySN9zgfy8#ejz&B zdcRSBWt#2_$NXjNsg3w+XpA?S|0-!NxBtY=(D!No4M+X0_5bM6{(F!|+ka;6={a7s z_xUOSwjLvO6Ihov@&;A9Z0j;Uv{?75HVf$?+Ieh^{1AeG4O|6N@T zc*y6CNDFb|9IGVfizN2)AH^4L@nU)V9DC+CK!VgBUBx~9J-fxJ$`;Wm2GK26R*@HA z6za6mD(i$@nu!Pi;w3Ofa@rd{?$S+cqrHVrXJUbWMzb5;S2=SO@CygAmxs^lh+x57 za(RniIua}+lBMJ~UGL)gXEZBohdnnpF{I0z8@b|;IZC>vIb8nNcrn_`|9fBm_xq!* z^B>M+_$dD$;@Ot}_ptsqRl)Z9UyI?A^}qVIWBs2m)@1#kuko4d{}zjSL(lyY7xj8n z+}EPs+G(^CKIzP(5Pk2@I^^MCax!^idCgFIFKAM?7T2loG{ zrdur^%l$tk7b@Ma|EJ8-`NIC6j6JPSeCm~X^;yrXNK>-aTEBSAGlP_)HGAFquxHUl zaWAJnH7V;ab=0$<^1t|j&sGcAmh!)S@J|E(|Dfdl2lp}m(}O&<@jqg~-e2HP>0Gn; z=9_fzeV$+M(Ozu*G@AeGIPBf5<8aR#Aa>b*19$8Ghw^x%%a{C-I>+>dR{XO02VC%Lf?Kcm$>%3_Qsk2RPUiF|wSN~+d-;F=`9CJ( zqWwP@jUMy=J;<|l{_`HTe@jGUw)-nTmTmsZPdoO0bETSW{pKosUb2rCf#2%Q)!(je zUcEVg`|^2Su{?lAS1`PROBarykG)0Z#J z*1B(Aca0*KZ{A)%zj1RV+)3Yd$F^fTJ-6TO>QNdc#vNY}QQ1r;X+KH_W5U^Scw zxo*;~hpqSvX5y%tO@bX**#NImhzPkzq8V=}_o8XMgSDfTFB47C-u}Dy{2$J^U)=v6 zIK#*LzaQlJGWkD>t43?zgd7dT&DW;5X%X4|byZ~dyNlO1r*E%+*t(97E0-pMx0%q@ zcP0IntKr7;U;BRBdjNON|H)STuiJmj|L`DBmH+Qrb@#n^0Hw&-DL0G_hH~#-hSq2L z_q4yREIhJ+OwQML_ys(C2HB0zblp?`?=%0~dVqG!|KVgy{|}wV^ZyU?X#Jnftb6bP zl};Uf2TlG0QLSG|HV-UiI5f=kt-VVcLYaR_f860=DwJ#DV=7cBoG(yk%fb6DB+Kp* z=o-^0Nkf|~yFYh2l&awE&HDBG( zpShKeQ9|0LS-~|*X2n7RzwVc4P8DRsxKQ}X)=i;LYO!1(+ReX7W1r*QbXA^jO`cE5 zmb=$iH$T4p_W8}#^Rvt6*F{%EzHYA8+pFi7R~M&e&kJ?RcK`L1XJ)Xt>p$n-Fu71y}|KTQ|HgG zu5Vsk+-qAT@@_{rGA(nl!K*iCKVFS)uAX1MdwzMZ&7zMqfj8>hOs>)A|NraD)0@-F z@3)y+(r@jV3(+bHZ)y;@K7H|$-&}gWA1;qR`fVTm@4!j_Mg52WiN3ui&p!5lTMyu_ z_5Z}(TK^B+$N0|&dE`Ysb9GCPjNRC_@H2&D`1HP@Jz*y#5k!1L^Jc4>vzP|C?4-nWwNcSHb@NfX4G* z$EH4v|8Ml@|9g<9%K!J%|Ht0Dzr~GXi=y*0e}#^R-Wz&%74pmv%3ptJ%9fUvmZbI4(o#0uYxVyr0nm2; zUxC)s`~Pxep4|VZbo-n2|0(PLk^O(eviu+QMjQFRmM8cB6)Woz{D0P^Q^bJfpKV^c z{NoBQol&lim(HltBo=Hu**6?%;?0BO!3x{x^5p#J;^^wNW~h7rt%ekxo?jh3e|2*C z?)lO2&nIUuw35*c^){yKH)*;yk1zZA^wq1&Ur(=&f6~U7pA>e6T8((9l^$dEBym@x znsHYnd)!sIlkZOc&+)4_FHT;Zom~C;`r_xyccespj6VcV|sn-AaMX!7Beu@eH7Zc>+c^n)qY0RzG$GZQ2P|p85 zoQ^j6f7kLz{ST+b-A8;cAq6l65L|~##5on0zVmz@fFuq8%x40K`7OUGpmRvMk4Egg z1zXD$M>A|o2h0XYF3%OZB$ihc%HzlY5_<2 zE{->=de%IF#_`!XO!*}x_6w0!Kau)92PCvdwY6tCj=;G6`O_!M@m;3c?MNgt5c*Bt zyV?7$`dYVYGfHSTb93>PeW`$YEIK=;g6vxpyB0h>J zoaNR+2MEvXg_M6=`u2LURW5IAO_uo^(ZJCiB5;P3Ml94?g@t7&vec7b&>|-HkJ*_8 zhuEe+HE^k?C)ASvt+IX>&no%fFWvvx?``h?UeD7={=+cKz4Z%B+%liZF&woM`bP5b zN08n*!VP7(p1do3u%1aT~Zuog}M@yvEjZAmo$EbquVEJLdt8|LecRArEXS7dP_4^Jt(g&h(6Qy{(b;_Isb3IqDy5>+Lf^L zZkN}HM2Mo)CxKTu4bA=an&{-HJhb7$M$+viV;C2%5j2NoVI7f0!@*e88;3>J5G)=* zeRum#!Z&EHOml;wT85u<%Z2tL=UA)gWuLKSSUD}&s8lVYiUw0#W4opPn!X2n1_3K0 zEUHOXD4Z5j-F3JuR93%!hedgV*yg4vIS)KaAiBY~dDn}1)y451KPE-GD5B&(iE%_z zPjf&QAC%sBAJ8=qpvod~>NcZ{xNJt91Eq+e_4r#_IasoNBQ=&Pm&ny}(tNAY+bvo( z&Z=%#gmPKYuykc#&QWQYzRfM4a#a92U>>LH6?_ViymFV9DHbuS_URKRU6<2KJ7Z

YaXLVht~MeFRBZ4l;^CdIHOkj}LesY<{T z|E7+fl-p@xe%X}ZPPs-R%?gVW%(Y!h9YJW(kp9)c;#sj1n!U>Hkf@B0ijh*4|JLjm z3r^b16*Nz>xF=3?eygN);;VB#=L^PnR{M(YAb$E(@YZvJZtzD>0B4_VU`v<*a1H%i z6a|Oc%hgDTYfQ1aU70=VSs6j-Qe6P}ZKkES07T2hH6o%qCvT~4S!*&dI$Pa-T1>2! zO_?NfEy3Thue+B2SH>iYSn1|o;8p(L$zWpc|4yfy{2yz1xc~RL=H;bx1kThEm%d)% z>h)oyCIbV~)hpuuS9^HnR7yDDNAvS)6SSeXSF8ItKHoCPg1>xK&u^JdWxry%O#OXd zVKZryN3+KyY#hzHxBJ`-xa&Jit1=qjs)6;}+6T_elq3!=QHXpRlf$wJp?ozu=`112 z@C!r*E>0{ux?4cjUO?*4U)2rV>!z~tSC%-wiOb=n^^i@hLYw-OU#(&(;pH1syln9$ zJp_OCq>sS+yW#9`z(N(EPBKXKKuNSZRUk9$egFk@>sXX{PHypw9V}i_{B1Wz)N*X~ zl&*`XG0?bC${FzuRAzy2WGC094~0#DljmXV-#R~ZeH;+|D~I@uXCW$#C0V>sRarf8 zg24?*Z3lhyQKIRV;*HH@uBg<}vawi|Q+>2nztIsE&OaeR6X>IS-R^=Nelr9o&u*!s zBGGWET31=ABFC_!$jQfqO$g5ac1)zZyWpjhZ^}``cvcl zPk%b?Z_fX&-{z^Q|B-9>5Cw3R{x=?(=fBy@jsCZer;+~0=E0MsdSQUSja)AblZF8V zoGOnJH;_XrOw+F#E|3$WtRLo|+8qk#90e{Z&nU!I79}7+9v2UnDMjQW4qf@0a~uq{ zq>W+sw5}h)~_Qv%QD92s&wgd z*5TY2Ew)IqSnuMjjYBt=Jt#iA67!W-(QiS|t)>4pzw%XkR^|WcjmD<_H|k9``rkU9 z#{NHfLBx|d{M4%@9zmDW@1>}z&B^{fiaw{n`bIQ5g(PL2PCc#iuv9-)SNfK&*>Fn5 zO-N@=7Z@ctn!VU0_}M&-pPKSt9Ey6H{6D?H(9Hka8;>{spS3)V<$snlzU<;FEl12(*z(g*ut{_!IgAUExrv$H`8>K@Nwh%OZ)I0Q86cU- zMN1o#N2)(ox)||?keL-q2Z!a%J!gbN=d(+n23G)jD()_rktL8yI=<`5_+G1 z%o-NCh4X^teL6q;B+BPMwOu-+(5Fw?%@UuC^CmfJCm$&y5e$X1ML~tHD_M%aMoLLN zX@v3t)NAeZ+*?u7GR+)#8FUJjiWwdBcN+4x;)an?Rr2i#J*s?Ah{_8r~a;0RM$!FZ|fx7#XI0~L8_ zt)Rsx*GSmm)ER~nlQPM4dY37gZo@GM5-!gARs1$* zLY)!Ff8;TupNiuKOn&{KWW&%jC2bJdE1A1Y!t0343VBk4uA13EY?$g<54y!m^|k=@ zt}d;$T$#{6@`z~0c=bYD#qfAUwBzHY^Xt{|xstysdw&S7j?cGj5z$47qVpDH&1@=G z2wEFO1?A*%nLc7xYr^L&4tSCYCay))osiiaxk!H8Ep&$LmC}XmRneGZCfOF6h-|Nz z>$|ScOt9`s?&mxJoK~OyO)W=%D|}1NwPKu{X?NUr#Y!wxR;QBTv?)%aK;*!xYgIJZ ze=HFwU0$as+be@PLzced4v-3RS$5=;T#rhx&2y@_4gfCBQ?Qi%UQxDcCE2qbZG4Vj z@oD1!gJM&)u^Vv3{$GDGF#Ugn{wDrwJx?S5pT2YdB#~hHRQon!!qTSKf9XL8kF}Rr zg88lNDZ1_iOCNG2nCaHb!bKc%_>nIEvZ^|2`!&x8H1rOAJ-JuS|3iE&zU{qJy4h3! ztm6N}o|*q^Fz9dcf34-=7wjJkF0D>&;gbc>C$VzbL)FFKs@v4uc#%9zoHHmdAx&L1 z?_bXOOq4NUL?S9(5>v#PKcm2q} z>Ed`VyF{4x{GTz7fcFFNTEK2il$P`mq#$t^O3qGT6dZ-g9G)!~U~Idc_*;*#`?jCj z{9j9&-An+ih*ed=%>X-8W_6M8z z@3lOt{x1Vx8ms=9HO&@WcKn^sn(BBCUPO9n?B$%ke??tBW>C6ENs{q+iA0CUB>soM zQ_p+kx&6O<@wQ-+7_l&S%GDud*cSEk%NGlj1&rVf1)b}A{jkYpk+s}q9I5AxDy<@i zP4s9MQKjmiXH$CEoGA@$$4buJ&*Pj+io>s59Y-mJk?r8m#*V1X{{@|&;{NY(Z!k3D zf2Wg;|9>qHU(F{U6Bq?tapnvnz7fuQHu6=ASY3OHLtJpOGu7QIF89)O!^{u<)<{C3 z`Iar9o`Ib_l)>`ZV5h3ndDoePtFTHq$LFjeZzWF@uQp?8dKY|VDrw|{$&mkv7njSM z8~hP?9nY?RZyoa;6997zZkAzq58f|fh;K0Cs7b=dq`UPi63}^h%GzM#lY(pH!)1y< z8ZQvH;RNFoBYA^S7^Hl2Cd3O&QNT<)I>#y4xxVM4{Nn7AmBrDFd$M-BTcXdg~F$^{7mA#u%ki$R;_T>~iIZQe2Z+%_XI_Yj_Nl zzACIo{#|ID1SKK#5%B)Y1KvBYIitxsX0mu=N0-K|gR47ZJA|#xXZucQS8Nb#W4QXn zx3Vj{>jE6GLN&vf2$8qD35~$N`ssy+n<{rW8_i zvkW<48{|t_zy@0_egkm`cCrO^7E=Jh9Sm^*%r-qUWk|_GRsdUXg%hI zblv|!eXJV`wW^C6l12Z%K}_9f)9iQ>m1meLk1^)@DGjphvi#2mHIct0;+zsiA8B^r zNqgBkV$ITCh;NX8?`Ic^=06{^4T{JDM>rl7i~~^V*4hl@o6D1ncaIPCu^@iZPZs3xe>uARxnT>uP9@T;z`M(nt49L-5J2& zcW+NGPoKX!dH3Sv?dkE!rP0n^jDw;n?IIEl%8QHBwEA?s20>x9{{XibjDW>gmUsOwT1j@0XaM0C*_6!z7LtOs3sI zg5h}Cs|2xkk3T?xs7ijRlSDm^O)ZwQPMf|oI2_a5(=PaKxE}nUX@Yd6}3Az z@?qLGN=bXNPF9AEYrE=c=KoFNphXDK3jc3!&^Pn{_Q!)w{Lfk*;s4#bnj?_JfpF(y zisPul|J&WF>i|yTzFn(9Ktlsf)-0Jn|irYe~yA>h)ABPU479M+B{C_nTXeCC6u4_-Ic6TrV(a; z*T6&3$bu*>JazdG&GD}l(RCb0Ulcep^V*M?r1V!z=Rb*(h6>}TV9iOQg#84OJc8Ga z6LF-j{Dn_ek)+S^HARs4b0Hz~w^lEIxh+l&`J>+4t>vz@qt44JFP@}9l^OtKzuGpX z{3)`d$iSIbIFhF<3-#RmT*J>iBhW|Zh+xiJ;wa#iloBsX1sn^DaqoP~t**9APyz|^ zTvr<84ocx3%i;}A)6*!WFbp*p7)2@V;{1d9Nxm)6lWB;gwpjjr_)NG=%5ENpd^P`MPF+VJ5Hl80P7`5j|v6xi$1oY*veQLe-H7E~T_!_9M zxau`L)FrPY*kZk_09FmA-%zX=(H{=sqK6*@0XIHi=$Itd0`93IQ=e&L+gzPwSj41bJX&NnT{~|w%Fz`nyRh%AB7moyrRm_N3^1%I6#+5(n9t3BQ^t- zJha*0j|iT|NgT$r`^$tN7#zn@N(sb~FrJ+s9~FTRks@`A^0RFt8~5B-eVY3J2yK1{ zaMk(m>9~~tqrdV0t>@vJ3FkZ&XzuXKj<;wIzk2RIzU`tM&JsyRGXdRkY-!o9;$TW+ zmWWh8EM!k>D)X6E$ZcLy6WOK00>(42Sf=zyN@np+)b2FhR264M&_`B#kDw?(gwr;Q z1Q5V;>Sife)7-r(JIi~qou_Oy38V+sa)+7RX)}#9H7E2=DPXersBGitrz>7Bi8%O_ zf*|IqQ@TtzaafCi?9ok3l$6w6u#=Yn-=#k&pMW@!A&!+uZ&aa8DQC)MZApYIU)8c%<|x2|s6DIg&Xf^IL{yJc>_=MyZJP%PTQU;vCYs*rCrivklfN|cK5R}9zrZHjG%%Qs+h52O~mOZdMYV{EGoZI`3SOCSqZL%wn zg<6}=rv)S!2G?eO^NcjV99^6qy?Flar`MNPr8u%&PY^*fKcjmssKzCPi)I%m zFHSEXL@^G&0lh?v4<(elRsKb%kJ0q&3o}r6GMpZGHAuOLqgh-r0bifJeErY~D4J+8 z0cEQ%j;@ZLA6=dpeN)%HM4$iv1*GsAas{PM*ZmOtxAS!WM1MLrgQM8 zKmF&)>mUD9zDNE%2Hw$<#tX;@7>4)2j|o9OWuiYRl!k7%>*?NUv9+dn$XThoB$9!Z zKjN@hQu59hOJRACAE&&ax3VOKIOHLI$~`?z`oXouyCjk!qTq(1S@aFxfaoS2eGJIE z8KO7P55a%@N9omPFe4}do%eUZ`w`+$WUrYa3eJAKyc>a|<5%8)Go3WbM^<2%e@;Pw zDDo)^egNWD0@lX6R5n0ku2$LU5A?Df2#yX9$CLfTi(mf_*t<)jy=)Y~=g+d?OGG&( zmMJ1SIXL<&pwH@p7wT{&d}chFREdF=FqGUgp#D7m5bgQ%MXck=--FHtV91Rp`>T+P zKSYS6bDY>Z&A~HZv;X?=2)(?)RhurE^W+DxJx>esZD;nUPaI@d*h1n2;%|I< zUu1KT^-Yle%NITwrNhGLFw?@*ER6eGnW7r<4?(={Bqkp|J{f(gC%2-lBymb-1f}o8 z^4(3suQ_A$o-F|5jt)J;l2-syj_E8Tio?9`$?P3Y34*~r=)6&_M+J%EPer_g&Rkp| zC2&z(uR#pb5TOJNwz3xys@ZjiN^N2-Xdhg6$uc??Vtwat9#aPY=Iwgmv(THC}I>=#|}4HG8$VPv3_ySl|eBmdvgL zow>LDNi}4@c%YLg?=&;>i^uh0@V6Y|fBeT|08J^R%k+_GVYNR2`0HOmCj#EKZV!6k z?|)~V5FU47u^qoUZtKbk0RbGjxa64A(&E}Qb;%})f1QOq`Mlk)}%~r z1frPA(Pgc7yIpX}W-x1x$^U+j*&JFsK+f@gFMoA|Tg-R2rJT*j4@^an3Nlwg!T z>w``wO>lq+@U}l0#`G8Oztw3gI(p0+`iV8fjIKDJ%t}`Wte0^V=z4>bSzF*j-$w}_ zB|nZLrcK3B>eVEL%?i(_vfH8+^Yk|Lp;3dBdrE`nJ962rx(bJ@N4UfQr^*lDu|WXYC5!CZBjZ`+~=P+QM#^Q|H3}l(e&n&CNB{^^lXD>md>0{ z3D+0+9kHTk?1e4Wo(n+g&k@r`3J@GwCj=+4c^{~sT*m%wbuTJOnsr0D%-`B?9=OJk z-jPuaYDGO31nk!6j>7NwY*XUlYN6q(yt3uy(3910ZL>Io%1@=k@C6FteSQK`nL&(! zbS;HI^@wKRnNhSP=xR<-I*-Gk4BISG6R`9IIZ@WX*94mA2SH7k+Gjh&n&GSVKfkul zvUwiwX{P_HR(E|XV1@oa=nu{Ne}U8 z(ZUsKsVbxVU>+;njbaW|Q#uQu%;B>lK7EgKL*CM^d7uEj2VUk3@`?*xyyVXJWJBsb z0G5`X$zmB4$8{u1Xrm}!K&Sv+zPrEd4HDoo^?WBnDhRLR?TTPe-G#+>C)J%v4p%!b zASkA0nlpN!Ij~gsmXTN4;nh_jWqCA3f$W!>&!7$z(H#;eaF)d*ZDsDL;%zMqUDD4~ z`aZ3`fs>>uEL z3KD{D`1Ur?i{qR8giVTQmaVab>9eXPSKPt2_dR$`=ZJj3DFOlwepMg>=WM-GU?g4F zHXPfwor#@^IWw_s+jcS&+cqY)?M!Ujw$c6d{k$jt!GF*vRozuxRo#29eQ7zw4bKS{ zX*Gr=T)Fe-pJ=V_T~ljN*YqV5yZ-{ZN82n|qeM6U+j53D7!z>Rz9$mIkPl5fx8A0D zkdyr#){an?!extKlVHtNDZ7JH5pjF=eyPADt-F2R;^fNaQb-_!>}i=W`+=K&I>F>q zNxV4EC5*iY0qv>fOp7aB;_R49cc%4tagL+>$?}N6Qs;HOvi?JVbvc$dm1<($S^30q zvn-2B(nMKbJh;NEP|smSO=9SuPbb0Fu-z12*#t+%$$~b0-^>Sv6ON+U`evbti*VMW z_5n1Q#RU6K^SwD?a&+ss{7KmFVFxyyC?IXU)z=2{$c1qb1jr~`*b3cw0M{WEU))h_0k>X+B%#;bA0a8#_K+UCv zdSvIb+0RgUd0yHhbq~6ZpJoPyS)7Ef&SBwm=y&sT$ZtxZWxV`fJg7pFP>{;9>7ks0DDGPE;!i)Ssug~QX83m;AJwAhgcz<9)>x~e6(mW z*gKWHN}Vi(kc(oVRVF@~ueX|3{5g>dq#-C2NBg(5TYgn|G#wQ$Y78sNA8*P2-FKqW zawN(GyKq%YBcdH<%-yXg!QBYo#oVg~wGt+-mu{#@Icf7GcgPBt*4^Nszj5OUMD49PgO3P?6ya#0ws9+FKhKifbau)I{VDUELk&3;rC}=&J}Z-E z*d@MxffcXCAmLcFd%e>P9_;RB7a$3+CQ<*l%k&ct$rHMG@a7uO3cc;&fh0L0!2p<4 zs4-n!(W$Mf%#Oj~1#q-IPxw8rUWf7&| zl*UR4RIFc@4u5%8F_A>z-r0K4VRbY%WcK*3jpyr>HqbG{kI-^O`hK;ERL?A{au zvGCO|_YR>>B|a@=V~SP_x{X%3QCf2>*0vYNCZPu5+|!#OU)QVI zx@m(dwj7}SNcX_Ph_|Y$Nmc|IX{?+xm56ZE@l7#V3tDyCpV&}4lmbzrQK`m_b5JRy zs96J36MpnK(_c7;u~BjIdU?I24)^itY7vj-D%JNL zmsMftV}d1cxJ~t6rs@M_^p&;MChpv%pU77cJ(yzz_hF z?DE-w&tP`_N|;OXB;-;UdUmA&2!#-53jArvcqLpkr$&2*o8*jG&I$!#p)ZrkGmR zEuz!Z{EQeLFq^^7W~20lN$sH}AoiR_<$Ff+`hdVU!^-!tdv^f>6i(z~elyo*660!} ziT85}Co3I#$U8d|`;F@=8Ml{_6OGe}UzAme1;Vip39~+U?l_x)UT;#Jy^L4Dy*i6+py2rvE#XH1@eGdzFzP~x#PHn(Oue$# zHEFB^+5c$yU)bs=bULhM*eenS^BtW4DuqGRUj(ZTK}uWoi}VNH7tn(D}wm7%)szd}a1D-J1z<(_&uQGSX) zIhX-f`avj?8~fU6fQ?rV-&fquo2e4;oIaqcMeT*7Hc`9vTw_!8+dbwGxmC%>ks|_A zTzAF#_S`yyYDrgS;c&TR$#Kb6g00d)(@h7C25hEYjEZ9;gY%J86ay0{ABP@T2=(=l z@>AP=&XQ!2J5L12(ByOVryp%-!45v?Sx60!M|($w8#HvO`m6b?lW(sPYJy zxbJvF+||C<%E;OKW##rc+Qh?l7!bg|bqLg&7<}m6*&8nSaS2EjB)bSGda&WPt z?*uz9AFhJXbs~*R^6|ow+XY=Nmf*-aU>z}30R_#H3MJhr^FLU&XzlD<6mR5-Mvz(kpprbfRFDCx6ws zg~53_1_}#%4c}$*dUwxU*Qw;?N=A4nVKRZN1@YMxymGcommk4lu{0rfheh-R=vs^t zk=^eh|HyRjKc6w%t&r)mj zUp}VPgDy>!Ws@=ZM=LMhSC|N++3qvNhLX)e;}jn=O!D!)ux)9T%E|Edr?5Vi({GB* zIK=lK@SlIC_B1l!Db&~>5NA?;%}HlkRMha8BjB{Nr5+TtrwYz82_2frc+#nPwz`87 zLY}{M<_qc^uPGlsYqbEPp4#a$v9!FZHJOxx);Mjk z!I{D~OQ+h}IO3u}FQmHyk?OUsbnKTnoXlJn-C{DOhP{$6!hv=@v2WFF)R|d$c8E2! zEPr;Nsst()9g{OE2{_DT<&~$5S5wIrcq0Zq-GLkj{rsZoZvE?)bo(T3TGkLZl}r<2 z6g3W7+-cp!ANM|s!>zT`|JE6A_AaIy&b4dW*BPfR8@kpBYMS{OtBvghj~leJC@2Vg zhy*3j8^}+v?i0zpMW%vNuULyiM2IU``DhH&EIQS+(~A8LptD27=uUGuTfr%@`z2 zx%e8DbK6+#xU3=(ye!_*a5Xo@OLb?Mq@~yNcHNZn^;ZU?O!tYfGBQqBzwozC@*_Kr z)SskesIj9~*yEwIBZE{C1dn*fOKvHi9nitcd{tRyk;;-cC#Ie4UdfWybYn%yWswzG@QhV8v6m(qIJ}R5ENExJk z?#n$DLE{?7f1aYd1LU+BC-@akjkSw%7c8`{)-7L${$A>b*}MTRn3g0S^h@ z<(m6aK6@>Wfq0LwS)Xw>UgO;9hD^5E)PuE)Y3!jhCz8;u7CRa)-rE%e$8QcvqYtI$ z?4EPim~1addfoL5HPbeKzv-21tQ?#`+#$07Uwks}fmjLOFN;Q(fHDAJzp23bEznJX z8Nf2y9sxI2D)k4e4NFoTF}TW0634Vw)+wG#M}y*!S0F)AQIUm9i<+RpyTXx6^TS&Ug*k;yFMAmGcJ zt;PE}g@@bDb0=f*`71E8Cfm28{UsM-r^BIlE{+@1z@_nO8T@T4Byi)Pty4t~qJsC>BJdU|D4rCA;6`Uy?JBCFjaHs2L zzSj#l0g1mC{e8I6rY8$7E!x~WtP%>owjdH!ezumG6KbDO>26HH4xnHHVKMb7wAL62 zjQjNh62ElE04nWfzi_oCQlu&2W&b!qxT|#T1!K9qApx;6@MyaAQnYc!0%N3xGACm zOeKZa+&k9Rm z%#)aB)x(?VDXGT8j|AdVLy zaD_bJL+93DBX5C^D4I5m#DcMxL@zrhw_5-TS8_)r@Goy(!^0V-B5IEBoAcOq9lJr# zB>)V=e>Jh037@JItcTJ6c+Cn>X4S0L60E7DCn z8Ltq3fQP&D)AifgT9ii`Ev|z?oPs*Ezf6ow4sB-b3rv7SKbveUgnxQ`UOhw4`$X~x z;)w;y<{MX=#pH~K|4gR8=zej9-RMh|)96W|n-4e_GWC5L)WXLk^AZj=5`=VIUNcyH z8JuOXSReoHsiz#3D;o1R=fuvA+Nm&$<_j*%nbS%kcm|y&cedV^sNGJNGq>I#ZGD*x zm~l8uXV2@S{*gfo5qsCaTl>t#RkCSf?BdBh9f+VhCKkecb2ohLR||V)Ct|UsQ`neO z*AFt$zK;ct*&Af3N%n~)8b&N=`MC>=z(i_ir0`?#i6EMk@QKWb|8iIbvd{v!k>Z+Bf*fw^J}yjW)s z_bG=YIB{UY1=K#kB*9jMH0ya={Ug=xR|*_m&eG^RdMFd8#flx+>? z*s9q#X6mkA$X9AeAt$WA6XL>U9zJ*$90{s`W{JNogD4ON)2Q@mnmxePtAPFauE0S@ zkRpE>$WKxaNct^z^X<#QtJrLsnqtKr%zWQ%ipwDQ1iQWuB#Oe?CYLVy3FpTdHwcFA z2n%oS9eI7RFHf&U{?HXi`%#MNQ<|pO<$8KuahF^PMg_mO9sW-jx6hN=Mc~Jv+~_Lx@$y+&Elj*L`)ETQP3o&l7EHm{BD4RAU(ky!ck_{KwGI_#`Pr!OFfJql0u)cJ(0}xff zmDV#^x$U|1AaSO4p$BH)wm1kebFNk+;?UA3?y1+_0}T^fx>-r!sa4@~!GN;oRwVfu zSa$ZFM*sH$5y*ei`|AWax-drrT+t>m``QRocMQC5%@iP$(Yi+a__YeMKtA5V*2U0k zuPS$240~mIMB;eGrd@%!0Eqe z*KXb$Jv~xIPNs23Osw<-JlmyDEdZ?k0WTN>+%9_~GJqaKssqSCgF%&JVCj8XxBb}D zm9+t6=*{sf0jyrNAOaX8)(CqO|9aubiTIJe2DZ3d!lI^c^8npir=;FDu&kOxn(OkG zi{9;V+?nwwVa@~Lu!DYcP?-^D_LarhdzQ%)BS17&p<&KNy8CL``7NOf#+h~oX=okf z&1;l_cRWu3ex9cF%kieO7%aNFe=c!MyePcqOqlib`_P?7#qy>@i~luMH2*yfuBH{+ zQ1=f}n;=?lrPrCHs0F!g9Kg5(WY2iydEWW&?sbN#*Fk=~;8^%q==L#s24C>T%LvyU zbZIO7J&>pg+|smTof^b=<|eF%0B@z)W5>x8a!zV$IGtjxShm09Dp3%H5uO0mOA+D@kWWT_=Py3#rd`+X!+7Op!my@_&G!*24_nV%J#6~pfiO)no| z+Hb;>Pr}*q+|NL562GssOTeXCh}sR@(}bv?eRLj5%duE3;Zhl7Eq*abwc?euQ>;Gk z`-Qn~`_eiBQ1JRfh5651Ev*A|wrp%xsF-=Ny2za!@!@;_GhIpKQ}t)5s??ES{~31;N~ZSj;x+UM5Zg35a~B(yaj*ulD`sl0tH zD`4Ez1F(Dh7y!!a{xmN$Ad3Zyq-$3&CW`RMOGzdr@1cp`j9Mhsa~vNM$AfTcCYX^N zy1_-bdApK)EBLfYF9aJ}>z=YzEcSrK|6sj+j`5c%^BlO_;Gb$RL` zTtVw}|*l%fh4Sa$DVc)f&G9XF1!-aHJo@xAz!HpwBYwq?ysKMR$y_jDjZdox!TAy@N z2qIirPvVz5(+6geB-_s5mF5RlM2TTM6Zz@LfGm2Er$gbBMuj8bMO-Oprrfrq1g<>X zei?92ZpO_xQ0CXKmQ3MDxuM0=gtz}WZW2{5gPHWBd#X$eiLT5+#-59G(`g;$UU6t~ z6)SZgj6F!UI~UG}e3uXKtH5S6ZqAxdid?iCPxb$6rHAY1kJ-uplxGdd8xrk!VfK({ zP6lJV>Ye{`=svRqX%AAvZh*Q|PMMwVUaP1a$IA8-dZ6TjFYmYO8AKssX7s5SsWT#F zFn9IzBCY3m#uq=g9n1fbRsIv6>O{m4=~QRidI1+8dAU*05QwqD6G1?2 z1qW$tf~J0#MO_g3cm!RpmbFq-DJ-T#q#x>aoqUldiJfG#xZs_=Xfm$lEhY<*Fs zU#sY}3ijpBh1xRWeiz;YwR#6&>l==buFQMsXo2%el53cvwA*-rAXQwWudt;aM>hSf zs&_`drivL?3hlAwSX)vOGr zF$|3TI0gg+wA}$~Ppk@ndgEueP$Xnb@3N`uJrfScld)W825<=IvU3>%4@=!>y`2{K zuIkMY<&P#sqV}9)ZdUP``wwVb_im36e@@|-ez+B^%u=RxwNJpTn+h&DrgW^ykrkxx zeAh1dc3hH8sfp}5rJcQL`rT$ay5gyKoj+4jY4figs^SJ%-Jdw(W0whDL_gYTncALb zoIrW2cx>|2CoK}sROx)Jm51w!Zb-0qpNap>@mq31D{>4w^v>EYM|W-3k%Cq-zX^kqX}&5 zNqnqU1x*RnTVGTNY5QArtgMQX*oSc-^+(^RvBef~Vu;l4B$vhY#Eepv0zf9>X4n(}S-*y4?c2Ah2s@`das1s`RnTW^~G@4iLL?!#f}P z=`+ix<|Mm8n4+Hm*INJ%_6OD-X~wwDb`cacGKQNVF5b{jiA+9UYZhVxXayWxMCd$ znsDdl`h8FuB}~$&#W=%)Ll49vur$`1Abs7^JL&w6>dA=(g?8O25C5C}L_NY=C#!_U zt5OY3!`M`UJ6WoetkrH`)u?CPRpK`QD-4_>cRn`7wuTB8Ng_Afw9~C?Sc+KH{-22hwN+l)7I>*?sQnoo`_`i_^;02Qu3%N~Hp zFlN9VQ%qoUYS|EQrtwMvVf$XtqK_wsR21V@*3li1xB15S=4Vco-78qrMXt_)ta+B* zeUtxUNV~&+e0qCB@qial&nU;Ie?=)zA8XzPqQj}iO50wNVbl7&kWtI)UJzai=N;fFHG&DjETPI) ze_L4Nxp=fcdEOQefdi;7oNvPK2f1g!GdU113~Uyl1_b<*en(FaIPSPQrA3X5vRyq% zI+gc0us^v$RA=H<1f!ps-AH#k5;BE!wL>xIEf7wzzhj0p>pjlRi@J^{l$eW~S~@qLt6J zG0i^4ufD=N>+^0Zpn=k|tqWO`wFGQ6?A)1Lhz3qn@)1M^rF`@r%mZ%Pde?w@6Ds>a z5ad1dLpT?2%)zak9Jyg6>)-DxbuCU)gG&rCe>VgK%~W*!KG^U`q#^4FqbMSOexth~ zrBUyj?!x}k#KOQjP>{Z-?Pu?I={<;=vMZ-CIQ`;W=Q+_im?*t z%szi2@xQW4qqphrv-Zs)QO)-L;YfCG1;BZh#=B;OGafGRA&9dg9@scRkw`a^f{BtB zzoG;|&9~o^NcAt1ivBkLl;vCf3D?n2szkOa2DE8K1evM?!zuNX3ZO6~M8YW-x6XUo zd_8`e1h)X-VkLzVT1V5!`lz9ov=W^ij|J3!%P(6to}EvAY0RrTZ2gVZH$Y&uaByqDIuAM9fuoKd z5m_5;WYTM%&Q|AQ9Awjrjv-IWQ^4oK+}cEvMy-K6Zof&BQaj+I+bO_u6Sz$(C!I9) zZZP^F?I>U|u8KDUaFqjC*w|bs>{BgpC`^V2OJdv-bX3SHw;cDA;h(QQvDR_nO>VPN`08TzHB;E(%! zcL#hy4dHu&-ufcji8_nO#_Z?$^!o5uvdruOK5cMEnoHuPc$K2VnooLy*R9u1GpA0y z6{C+r5#X`+A0cqRjMt{T@vycoHC!7{&dqD>cu=GDpGi0=CDTS>r#b|LR=4bgH&BT< z%fo*Eq59zeiJ}_$80`eaHcn7OmQIh{Mx~kZ7EW)2_1&3k{c7>cI`!LVeXb@R3>5`S zr8?{|>?+>%8;b^V>XU&bK|!(o;=@F}V}ii14@K4(tuuC$B^s*WA;B?@aWj^~GJYzf zHr^T<;<=up{88HKQXt@-ud5KPrATr{7gwoN)0p`I`$VI|E%6od#b2p4VBezt4vTFw zT(Z-o?tpY9rDp$r;NE2WH}A3X5i`wu{@3>cx{@4F=sA1u9;Iu?iX+6+Dij8Ccla0Q z0n-c{e6Dyfo<`8Vys>Y$X$9#)@5%(eLv^cx0+xC8)3Z+}i~_AC`VRSRT>7VY`ka&b zq8PhQWb$N{K~iXvhccU&9)XU}A30KKHNA^w6R2*bM!>Ta_LtkajopWhwT*Rvi_D=k z6n&mNC{O_`DxJ&`aQryDowa}~Fh%Z>U;L85LPWr_)|ytvBJmP7)s(q?+qdPHMzW$D zbCEH)Re1?`a!zo(afK)sPAl3rQak|Ryk)oi5_}o+d{lH`ya}d%M-33zk@QSY`Nn2# zq(i^#11cUabLGPd>ZkJzvWY-(Z_gNT7Vxiss=aG!^G|DBV1FX)Q_DF8iuew02VuPp z+zrDishmv1&)uxSli#)|iuqc~Aq+2L#aCGNPhM8`2HN~C!haRnx5U|=KrRSe<5I3R zN|I`jp7cnzM-xqmQ_g);LyH3~xzR&hlBvq`)oL>~FP?~;6z+ zIaVD8nLl8spwJl&<}3(%u}HOF+ASX2YoEPrCsBoIpx%<@5c)~_1mw&A@q6~tK4H~# z?IbBl_SzAFzS7#wPpc{)>t1PUef$wXb#tRFQ@HBdXX9?kB$8$xkkL`j zV|v?hfANz*I^Kg};Y>)-&$uE^GntQb7O-QT;>~7C{_nQDui`Je3c4Y}R)Vi4OF|g& zi__0C-ePEAZN*OEMLNqDyhfXOBU;m#b0?yd(m0Gamk+Df!{Mma9|DW-0_sQ^qGdbd z!wWmYmP4~zZ;?XZfA6$4-x3lII8?#)g7&S>k-rPr6$2aYvHjfP>YZ%Jxw-K+G%=04 z-NkGJ=6{@-9WlON8tNY`PukeB*4B@7t*`NYef^|FPD`o1xIMjzBdp1CTIz7R9d)t+ z@G9%+LnQv18Trm%I8zkrV(D6EV>X1IR)ZG`Ce1d?^D^&`{@aem^Lf<1pQEAUXeey? z_Y(BXkGn}^EW0jzqcCLr`Pr#>Ddv6-YbH;r&|Q4`;IbY3XTldP|9nRps2f23o)|H& ztWr=_CD88A>=>FDr6gSW*UWL-Eh+He|KIX@M1Fg1OyoIFi9Nh~^hOw{0=9rPlb$d_ zKkv}C_-^km=p6A^$p)Q^U1ISEy3$u_r`*?>f1?`fR;@NP3ObiHQ=wF7H~~FH#SVVD zds|auA4D0}c46|`Ht#QbByoGkZ%Oz;;20Zn?F9+^9|vgYMavY%mf_(E6ckMWy6o@b znQmkkvYBM0JBE2Lhn{NEq0FfQwo{2=Fft?z-`Z>Ogr;ar#1A~QjXqKIzIm-?QllcL z3M^{g=kv)N`;qW)IF^~T27Py}-!rn|7T{dHRWup=3UT)%;ktbITQP$o_1$*LG7P4O z*gCq!E)RC<_k^n>sAak%7s@8tnU4Z`32!Dn`aTcazwKZ%h;3aVSn&O@sO%vZ$4eud zSV2zSXT<~1l%VvnAX+5Hs@`Kfz}xm-$E87z24 z;)}x#aEFf5=?3B1%khU&(M{()IyYcyQaCNU6W^(WA1|Sl)aRF$@&drpG(aX2UU>PL zfZvFdG@;z61U2QkKHvL$fOJAlm+lHN-!S4Q?RAvSw2It8zq`Mu1l9`hn`flF4Un#zsN$j4P{g+YKRwvZ;509QDVwg8%RKDu?Z-_-s0SNsvbTu%tQ)xUV!m`ok0$Q-Jb#f zqm-f#ROcx9j-K`vsQ3~Wl7bzBpRUOz2V;bUM%(S0+9KI8Qm=+BC(oMFhZHLp=76)G z@n9MHm4TVSb-ZsXTavoMniS1oHqS6=c-8LlzLYk5IFBHEh>TtnD=vHC3hFRGfzCRX zf1+7p@%@kCrXoB+X9`(pe&q}kc5ukGq2;4j@nd_*iiv;~ci2c0gT9dl80dU{BzS%# z6@J^TyoUD|eYKL)S|b8)=wfR-=2;8}5iTl!$WP84WbAhHzn>C*5o>;IT*E;w#6i(J zciL>S`dVC~>==!8p3W(&@SdW0!w9}J2(DWp9GI7}Yl6nC4KC>C0=v8qSgAZUxq_W( z7vXE31-MbaGN~~%*T?o_Kz8-ahc{^dvd~0CHocSp8Al(FfNWB50L+SzX5y`|O3!)Y zpf&G1twwD2Rz0ye1}TZ_vZ1xBmBCe_3rArS`D9pa!C%rBhE>;{lKCf{N>@Mel8Z_P zy&2PmK~5aD7+_bUx* zZBINnFcFV(LO__MQpKi&^Cm(b<`rBPPL+oLr-_ zkMkz1mbNWQ4!*12xp{wkZ0Fl_z_H}n^nh6>=6$Y0S-00BPA@bwyvip+`!}mXfXOR9 zN-n#=!TsGLoU|?)LgJO_W9{wx+=qGQbKN-lg)0C0^Y-nJr={)hIUL8g+)?g$9jFQ< zye$({DRS%Vvm?yMVS{CZU6`)n+m_(}Vc82f~m4_My!o0l%Klx=;57swvjVb{bb zexs|`t;8FCezq@9^;c3ghnvUf^bt;+ki6rKb{2##H6*LB4!u{q_|kqaPyLLf zV3YMPY4kC;!$QVzwMt{d5~+YL#;{s)lT3d6q>Dv|3-R8Oj2)||TeE^w-}Q>S)8Qv& z7d+?!B1L*-USxt?0>Tc3n09%vRv|EfxuTHLSorux+9eVe2a$_iC(b zMqXuo_iwEv73&&X_=;*`_5cL@N?o`W0L=Q4?6?v2K3RR%+y7SJl&_ijda9QrW-dtHHcFv`iMU!SXU3BU}|2YggBG?96Fs=NPRx|lWjw2TrhsIs!X4x|2&64(@DUUxetX7WF;ti)a>*To z$}vG#T-ns!ky`AQspfGhJbtYd?7=sJw=zh9bd2&v;~ajxne9Jp)9$O2wDI_uMlzE% z+*MqdgktzUlFy=M_X*JBhv;+AlY3CXBTNu5(o0E=G1}e@aSyALRPp#2Ml#82JCC^2 zxffJnRLV;CfBl@}r~H!;Z(IfMEW;cmV}!qR0vq*T%8VdKPQa|Ib-DG!RO10};b{@v z68hb)aF92mOIjjui68yrVv7wtY zej=N0xgAeV=LP5!oZ6ysphaJ(K?kv>u%y(a1{+fDAexjA#cueVqfIY+cNpk*lUgAP=jkbk4vo_3HJ}&%i})c zOg`6PUSyq7UgQ|OvI2sGVs~~#CB{j7G-$RXodmz0j*JF$39D>4+;V3qS5~W19Ap~# zLATS$NP?EwNCE;SC2=l>3JoX9f#zG_H8#UPas{Hf39(HG0daaWtW4Rkg{(OV#iBiw zLy@@hzd~=Ec-*?mgB8?fEA?U3CXJy|w#$k!Qxz1=^~IscCku7fLTk;Nd*UXI-cr)i z*3whIA1APma&>5!mi(v-s-ybEBtMSk#o?)=DINb)%SkBy-E-Oq`e?hF^)Cs1o%JR_ zLOMsnKG!q`%nbh#&cPHO`WYz#0S_HQ3Wj7j@IvFMEp6V}Nb2uik5DEVux{J^REEta z`xQzE?N_g4_%Itahk%xHW_18p{J#vLK`f;c%T;WE(S(hd=Tr|HNSDVs*?oGz+Yb9m z=@I`!vPWkfwuJ5WgcnKTmtPpE*J)%9K}&SbKG)Qrl~xa_b934JyM)uvqtOXlCHOb> zbF2mR;lKY}I0ljJp z`bhqo(tT8Bn0dg$AJ98%!$pN+K;e?dqQTYlC;p}nB^< z_?>{6si7Ie>NH-3k?nyxtsM!=s)edRU>_8;a>*m`y6!>hOUy4&FxZl-NSU)-SIH24 zeenId*z+rt1lY52aPzBUiT@-u!P#b2O^y4domkwS`!Vljt3a~`Nv9gq7XPg|R8LLq zpzQ9-vTd<&Sv#Qs3;Cj8Zyt8N5|W=F#M_dW+DnI1mQNoQIjzr@o(1+e|M5J3Z(L=O zUoIh`#4;asd@Lf=Pf?o|h5a4|`BBuV$cQxg`OI6^8uUJ+-X7E5t0(FYJr1jQd1Q@m z9UL(VI@XU(gv2jVJ`$i|y#2C6-=?$1V%1G>xaNX59LxZg;rVIa#%}Qusi?FJkBd>U z9#x^Xd35xBcGxZPLg^3f%ETdqFkFSlnzFUod{p&DDZRl#fc7pI;j+R#7ra?*k)Dlixb+G zhHhfUW2wF$o7EzEMuEkx^W&H(i{OE^;3g&%R80SH9zeeAJ zzDo>#mC`T2xlD|~l+|J6Qqe2V$owT&E?wmxPKR*Q7&VqU$1W+l{r$RkMuRBw)l5x0 zA}gKMyUp8DCAHKprKG$jUlv)gd{J<%jMsH2wUVbM!hX!zr(D6&_$5w(_Yu<{wz1@KZ2BMvhnpRGFw8Pti&9J3LqlqL5bijvqgKM=7&k4d9>>@HAT_ z7Ax-;KEem$G-LIPEPEj}>UI_jtQ9sY)~gB&crCrf`TG92@a013^VXeA*c|aAN}Z+& z6B`6V(@3CPwax8igxvKUXzv(i{9d(Cp*@i3i6%dkzC((cmJ~|Up4Vrb`&V{GCFqif z!;=!p0CToaZB$X_E(}*25M-avYx~l@xt@B)Chj>?EF8lTltD{~G4ahTQZy3suu(qz z&Jv5ndADQC`n=Am)Xpxu-2OlonXpV&HrFW|Ubz%rltkSNsaC+5*F;*f9c;gRrWelu~XJJ)5zKfXU`hRVRP*T?e6oI34}JAbQhdg-zY z|MPc!p+ji#DkGP}qU@4VlAcK{tuFjk&@$EQurI|^g5vbj?E_qx_4^f`qo8;ndjjo0 zqp>YSZGp5dnm;FjK|*>1tX&pK5}QcwvzL84;KDZ`fbJp7^L6g8AYZhx_LW{XQTOXn zaVH!}d5nJTN>;SgC$L+8<})BbfatS8nBY0I=**Ls2w1Q}8uNZ29Jo!{Z1DC?1>qm5 zH>&-_<)*{o8zpbbC{;S^=K8x6egtnHngQmI>vo#|VyZNyW~&(-Bi`5u(MC4Ohm!O6 zE8CWGA`IR>XpS@Cpy>5?(J>z1y>x5XJp(F9CkepvT7^84 zPa2IG^T~^o|i4iID!!R zVQk)RD2v+KJ{DSO3ys}#E>C|5`5ETgSp9B(FL3>A{cIwG?spD{JLT-Kt@ZOj7k??# zSC_*bXYt+Io3z#5t2%12e%lDhWSqkMUEo&wPo|Y46tO6ts?*{mup-IUnRXmoxQzy7BmV zUS?2BXOyB(O9z4WnS%J2rtq5>>GP)-QJJMj<-(aQ@gMTGzD7Q|4C{z7VgwOb-7^(k z7g$vb=_}>5R!QzT0`kdgGp^BU_z1!o#Gq#1z7Ts6TRZvCWL|egX1=K^~Yu zDzxgz)Q(+F3|ryevnbI%MEkh%v;eb$IpbIeBBxlgXA<_(F)f3W7 zO7R1M2HrpD3=LF{3RVJxJ@E+mWnt4##@z7LS!>L}lU zM_*Sj+anx@-#!FPu9}hl6YRrcnrG$>0&Ln-ls$O91+4kZAGg_2Kdkja$OMF|aUE_J z;V;Qpo6*bbUYLw0?r*uZQy{@x*X^VELP7%S)w?M>UxVO$_&d$cwpM#5XlpRH}1^FdZA zv%j&D{NX*&5l0*xmuW#ASOy7{fIsRJxe?eIwW)vP*B@8j@8%&olPw;C@%dc}wf70r zLW@eZ;7pLP&m_NN;F9=(j=Z3O}EU-4<2#3wA^2t)mqYN<^Khs9AD$K&!9NK29flR<}3v%b%%2* zadQ0vVSx_zTr2n&Y60vzz{E?nqX4KMKPHg^^?@ddFAn!t+Rpd1=vz+~xt?P|>!(UuQ~^sB=K7{A#~o^fMJGFZAZc28t=@!eCgQ zJ>W~excEixns&^Ay7I52vm;PJn!dpw0D^(GC#0vClgX$7p8DXERQ8Ojpab-FNm8_6 zV(Ba#R!khkk#g8BI_j$zUjC&z1DD29 zLgZrxVLl2L)`F;wm=dzQRnv@8>WURI+?{Vl^P{oNSa<-O? z4S&`T`P$MhR4ifp&RMkQY1lybK{DM^xJ#fr(C;VCEvBk0cOgHJB)7N@l;gJFo>Dx^ z*-BuVJOHa$P!6kD{U~8KO10)o3a=V~cAv0YdN`XHL^bWjsw+()k}C$efeW4zjS_Y(fNp8Sktji3 zy?G%4y?_=)*Sjp;o8>EpiDmd-=dbKp@=YoJHu2EE%hIFDumeTlGn$YxM|ye(cqj5S z?RX}r?VWhtyDaURzFzT38pGa+Ct-of04I^@FVsg11~`7MZEmcK-W%3m?lrZ@{C z=Sm|nCcI>UU+1ra_TdCJ3|~IDOTr;dHHeSG;vuPosEG|LoZSp8kfw5~0tZzoc9u)?Kv0};o#2s5 zta`i>)rD4epTJ&$M?8FdgkGnKc@oUjsY8?_lCt&9vPwubTV$(nl;@T~?zo7|h-E=jabXnNz5JLOjEN^|xm^)nXv zDT_$=vBBlzH1csOsBiwFg>;h9lspGkY~e1|WGizOK!R+YBy*O~uwolOk6$q{SEgQV z&QBEzwId`1lxYwZ=(!v9a-iQV!(7gg8(o2J+fh})3w%?Cdk3|W2LH*Icrc!v3}z%6 zj;1}_BV;s;k8wPi_G1!_qfs0V`r~nbf){Z=9Q6r~$YeI0E(Vim8qUH&cs!mCw^IYy zB}Gj-=Ic9>=kgc><4v|OcBV1lid_Lf)`Ia6Cu$^iVgF%R_(v(~q6lI13(M*6vTq_y zD0HejYB+_Nx|K;>H&8pHRDj)&SzPnBnPaMG4&WLG_#TLxkkxr;6byo%VWH`O45Ddo zK*qDhU@{wzdb7!RFvGYvCDY-8ETTcLH;V9NGKvYA;l(7J_4{NLkL5o{(>f??7^=u5Y+->jqlFfg_Z^Q5D75kn4J6w+&VJKU>$2)(U2F=S*9jTil8p`D z>%-`K1>$>6Q&6T=t4~3Zo8A<@ICZ{C`!RC7o8}FHMz9eUxB*_#3mQP;ZYnBq3!TCm zwNSj%Hsq*Cp6B}ztDl0Xllww_*fDaEvm_z;j;WN#G;*70ZMP_r+BG$wI1$|llNC!j z5nHe{YH47`I)z6+A7i_RPv;uzSuyRa{adG3l3F~&aUarD?|tUs^YG*Za?a%-q)zfD zy6#IHuhvkAn8hd}oJuP*V-c@+zN4J7^cTvdq?X$%LAKj7mZNivn|Gw{O(SEBNX_?+d4TMR zJ{^w0wN|21c^fYDB3zJ0K(Ettk`O`a-3!nGItLb&AP~Jt!B$;TUfXjGYP}tW*E0B4 z-QFqVTgBRfpXLvyqDk!OJdJjjDck=Fi$BS~7$$x^hdYN(RiWP~R=;xuR zDZ2Q>|ChJ9(!* zdM6%KYxO!FFrRng^}SE;J02%E50`}7bur;WbpGnX#D96mDz7FzPSt)@XwV98P);~Y z?g&bG!r1LPGw}$Psw*#!`-Bs*&NTN%DR0nt^o^ZhZ@St6;p0qQijqt1>xSLO%HJ>TV6i0T&qsQUP41|dn5NBi2k5efx*CR4@EZ>QWcfuSSEr%mQ9n4S=7WvH0mvVQJ&te3X)iilUoI9g?u{31x%8&{y!^6HYRzt&yV=A(A?_ zhHNaxwT`#zp-ld=} zG;IWn4x;nsA5BS8a|l~L2>5z%Fn+Uy35)Ta+!gt;%OJ3G^0;6;k@H z6n70PxFj{J)6nXRYY@=7?Y^>k)huR=5^JFTg@sIQ$h$PzQanNFLhD%Susc??hDcrh z*fg9oFQsM&y_Jfr+L;4E1)*uG-g)I6xi#hghzNrqI112nP^NPtiCHOc5>8Ry0O&ZH zBhbv!WK(>GUO2xckvusy@&@unQfG-mk-2L z;u*PCLcP`Tul-x!l6w0hUvk6B?6n6IOGj zK3&)J;-aNlT*-%(xSe^7v_;c4pPh$Q>Tz4$C|KuBZiuk#*@V4>Q)MS8-wf!8a#LzC zd-dkUg>1U!#7Wqc12}&gxEQy_ob5BK?Ez;O%>AOx21&EIR)T*(m|6GRfvtw29$W7B zg5zLlg3FWP@o2c{_i#9#3>MRPGQ^8$7{z!nnha*sa56cbhA~;p$nkhQ3n$~jWE_us zlgV&8j>CAegC1i*nvCDAt5c*Cw=Yi#Q0w}fCLi#I*J!Kc9aop84Eun!F&%dytRtx{ z56Bi_R%hHBN5j#uN224fAB~1FiTcxM5%v4W$BW|$2^W(%93D^l{ox`U^`qe^!h>Ni z9Q6ixG#!t35#%h-2bSO3soY^@g=5Qmh zGPoMZ!m;pqq$y6S+X7x4nDH=eGQtBLPv9qoazXU}^&fmvoSZ3(Tu)3@vc6)GRKpYf zV3LzB_TY(PDWtI|N|X;yr?_q1?O%$a?b`fq>Izy$6T66KaN^3oTo40`ul#20^RV*0q z4Z+ddoC@+f4VB~bv}kEv^2H5Obt52928l8lnBJjankh|Y#Uf&@ADzXorfb92xqVPc z-v-bBo3}GQMN6DQn32E`wuzB-&p*cSd!mV#~-gdHYy?*`riLuXBTi6`eH50jN#lcY+Zu~ zc1f6B-GVJAID*Xf2KF{$na1v*YWF&jgy9!PUIP|Rf3L9AY&QFu+G|BvEewmT{4j&b z$v@YG3p=7liPeVHeR#9URi|;O2IXRt7WVTPqHU59{Ob;iHYr}wP{}t=S*jlmG`Yv6 z4)!g=>rN^A)OIF$gQHt7p$mz#6;baKl7tfl3@*Hu9~X6du2Tr{k_bITe@Tl?TK-5gi1jdrYcG!wA}^f4ykikXPEN6|(gIOeHMv_g$An;&q^TQ0lQ5 z@%6$7$1H`~2_>qRNWUTQUd)%aw4nArO$%tlMDE5?w4vY@RO?0#WffKXM{5g1LK z+Qv2qQqtR%P-2$AEnH^fZE%o;y{_#@Na)d5lpT9;rn-t=!?a<`W> zu+yUGd6PA#b^V*yFFQEBX+ye!DmQghgUt~ixp!>G> zg+uVSuss}dzW6S2aFsWUWsonkW!5}@AkARS^S`8apl6`%aMHtii2Z0VZPgUY_`W!! zE1UEn(^6MMYqlWD@B-~C(2i++S?>7w7?LXsHP~iU0?d``oYvTO;8D(dCn)xZcS|Mn4>3ePG9;93^Eb|OB*i8>d5t*!P;r(r~$de0?A%FRL!CW zzpJK`)8C1?Bij_xkN~bP=H@NQkI{l06cunlLy7ZrY1N;H6ZD%Yx-B~82p=O6EWm)cj z&jKJ0uowH+=BV{LyzGVp;-bC8+4Ub@%zu`Ows$g~OgrYcGblZ-lBB#7?=?KL_mc7z z7U9zCc<}n3+YkP5#YwJzcOT$_cEw%ya{90#4jJkUSIq4Ia)Fb!l8vBhesVXc$;;RM z>QUPQ=(dazU2mm)&0I|^z;!AS0X!~la>D;vD=2HE-n?kBHOskx^c54G3#3~U?VM3= z$+fEhyI;DUgQ_{zu8QS=Y`dcCZnRCP8WNyO)wTMgNk1Cm#pJjbhvBF{8w|tQARZ2T z;cPhQO$YI0G9HrNuun)F^~10~=nsZCTJ#6KxEIz7wAHAxS#~*Pu(P+_b2?MeE7KN* zHi@FRH7n$q3{?np#ZjHEsnhq>m6kTP*dq)kFu#SYOjim!P`n72B96 zWewChAa6pqv!J`WU{M-G6P)UWM6c^9JpiL$E-&Z0r^z@nC2oKR!e!Lj7B`PZ!WVb3*l#`PIsw^6IVZ8hmn>)wDpp??P00^U7tLmaYnP%FHJ#5eG5 z8*zLM-P-OG*v~pfS|=nxG!2ursS<$~?2hP=T4cmA4nrILgm*u;sA80FH_M^_SG34; z!r3|xYh@jwLMiu7{_w(V?VWg|Uaz4}ikVwDrYID7iMxwm6(%C}Y_=QSwH&w?!!Q zAqi)o!Wf{Zx;C8hu?n~`@00_TClg7-e3R)5Qu<`=sJsk_Rzm3pNUXV|oa%BzINdB* zv{A^-Dmr0({cu1`6Mcr7Vw;s!onJja*N(HRm!}v1<(&*lD>K(M7_KTiem0vjp{n7S}~)$X$O|8}^XZM)B_++`})6_gXkD6#NmbqStuPL(cm!~Flsjsz zcBF}Dt9GO~v9;7u`w*C5ArS8f4{4mM!fX<%X%nCebs5@K0j_1+>yG;Wh5X0m+58%o z`}*p9ejOlX>B~Q8n?J)JQiRdv*}PQs@P>$Dr$U)pxqq(SynwH;ubrUMwm}J;-w?5j zbBmgbPWy^;MLGIQq8=t7&e=-o&qYmR_yTT(>jL04TrxDzP-!QE%U?!3=>)mrtadyL zmGJj<27qA^pm>tjujCX(THqM%thl~zRV z;dKg`>yUA3?7OWVi3Ve^-2dM1ve;eU4q6woZ%vJqiqnTBk!$W2Pt^bmZOT}-4JcY( zPrIyTc$Q%+>oYKq@^Z+9h)m^uU8B8&umVE45n3eDPCVfjhPKr%9Rd&BgIjfU04pL$ zfv-*Fxhbty%%zhwq+Zo#5z5!8Dmkhlm7cy)5MY^un;eH^PI3yV6D*C~w@7-|HsZPM zptrZ3osT}wXjdNg3B!?ZE&OiABLA-6eQYbK9lfv7v?8428`74s{Dlef`&&qAEiV1l zh+>I8P8(juHToS^mm-RmpIf{LAi|4w1ymiK7A#{4yV+c1(kMQ&1(WLJnb-K*dfewp zJ~MYPWoq6Gc%K7&zo_A40_s9ECU76TwJtCJr@XQBGcRAfgdxG<5|N0)Ybk5>mW#O^ zE(M9AM&+$R$%0E;cCn#~eM`-Q%BwFY?z1e{&ch`%jp!YX);N)-%B?9`4y7cy!1m31 z`)cFXu*X}Plb_*j$1QP>GN}6nJ_biAQmNF*+VC27|$3+8ZB}-mJgCy~T)(Ec_Ugm3Z2IEEZoXLfJ^xfY--_{TK@w=sWq`Ssn z8myuR!O`pWdXv!z{@?5Ms{ikeCdc3PN5kH5bUYpo$KUn(@ITah5bQgC)?DEHyWVHx zst)ci^5gsdqa}^V$s>e(Bv|-J{^il*!uKpKpgT%FJbLsGc;aB0llTYE9K3~03s`>B z{Y@SKH0+9;-fe=Aa}Ug%A3Q-miZ1+~ljH}Fi%mlKk`Upc?vIZiJ$?+ee|-=a^4G_Y zAES#9r&6Y@6Tu%ndi3Z|^opUEl$V6PJWJMTWZv$P^76#r_46lSEY4tqQ6BG*B;bB( iqUK+{Y=8g!{qy(F-#?%I^Zx+=0RR781qfIGwgmu2$a=s4 literal 0 HcmV?d00001 diff --git a/incubator/authentik/4.0.0/ix_values.yaml b/incubator/authentik/4.0.0/ix_values.yaml new file mode 100644 index 0000000000..327b2041e6 --- /dev/null +++ b/incubator/authentik/4.0.0/ix_values.yaml @@ -0,0 +1,224 @@ +image: + repository: tccr.io/truecharts/authentik + tag: 2022.8.2@sha256:ff1f86ee6a26866e2806321fa98f45d4bce01d89e622f505085edc8831518f89 + pullPolicy: IfNotPresent + +geoipImage: + repository: tccr.io/truecharts/geoipupdate + tag: v4.9@sha256:ce42b4252c8cd4a9e39275fd7c3312e5df7bda0d7034df565af4362d7e0d26ce + pullPolicy: IfNotPresent + +extraArgs: ["server"] + +podSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + +workerContainer: + enabled: true + +authentik: + credentials: + password: "supersecret" + token: "supersecretapitoken" + outposts: + container_image_base: tccr.io/truecharts/authentik-%(type)s:%(version)s + discover: true + general: + disable_update_check: false + disable_startup_analytics: true + allow_user_name_change: true + allow_user_mail_change: true + allow_user_username_change: true + gdpr_compliance: true + impersonation: true + avatars: "gravatar" + token_length: 128 + # Use single quotes for footer_links + footer_links: '[{"name": "Link Name", "href": "https://mylink.com"}]' + mail: + host: "" + port: 25 + tls: false + ssl: false + timeout: 10 + user: "" + pass: "" + from: "" + error_reporting: + enabled: false + send_pii: false + environment: "customer" + logging: + log_level: "info" + ldap: + tls_ciphers: "null" + metrics: + enabled: true + # LDAP Outpost listens on 9300. To avoid conflicts + # This sets internal Authentik metrics port to 9301 + internalPort: 9301 + +geoip: + enabled: false + account_id: "" + license_key: "" + proxy: "" + proxy_user_pass: "" + edition_ids: "GeoLite2-City" + frequency: 8 + host_server: "updates.maxmind.com" + preserve_file_times: false + verbose: false + +serviceAccount: + main: + enabled: true + +rbac: + main: + enabled: true + rules: + - apiGroups: + - "" + resources: + - secrets + - services + - configmaps + verbs: + - get + - create + - delete + - list + - patch + - apiGroups: + - extensions + - apps + resources: + - deployments + verbs: + - get + - create + - delete + - list + - patch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - create + - delete + - list + - patch + - apiGroups: + - traefik.containo.us + resources: + - middlewares + verbs: + - get + - create + - delete + - list + - patch + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - delete + - list + - patch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - list + +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-authentik-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-authentik-config' + +probes: + liveness: + enabled: true + custom: true + spec: + exec: + command: + - /lifecycle/ak + - healthcheck + readiness: + enabled: true + custom: true + spec: + exec: + command: + - /lifecycle/ak + - healthcheck + startup: + enabled: true + custom: true + spec: + exec: + command: + - /lifecycle/ak + - healthcheck + +service: + main: + ports: + main: + protocol: HTTPS + port: 10229 + targetPort: 9443 + http: + enabled: true + ports: + http: + enabled: true + protocol: HTTP + port: 10230 + targetPort: 9000 + metrics: + enabled: true + ports: + metrics: + enabled: true + protocol: HTTP + port: 10231 + targetPort: 9301 + +persistence: + media: + enabled: true + mountPath: "/media" + templates: + enabled: true + mountPath: "/templates" + certs: + enabled: true + mountPath: "/certs" + geoip: + enabled: true + mountPath: "/geoip" + +postgresql: + enabled: true + existingSecret: "dbcreds" + postgresqlUsername: authentik + postgresqlDatabase: authentik + +redis: + enabled: true + existingSecret: "rediscreds" + +portal: + enabled: true diff --git a/incubator/authentik/4.0.0/questions.yaml b/incubator/authentik/4.0.0/questions.yaml new file mode 100644 index 0000000000..a2ea7aaca6 --- /dev/null +++ b/incubator/authentik/4.0.0/questions.yaml @@ -0,0 +1,3582 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: Controller + description: Configure Workload Deployment + - name: Container Configuration + description: Additional Container Configuration + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: global + label: Global Settings + group: Controller + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: Flag this is SCALE + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: Controller + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: Show Advanced Controller Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: Please specify type of workload to deploy + label: (Advanced) Controller Type + schema: + type: string + required: true + enum: + - value: deployment + description: Deployment + - value: statefulset + description: Statefulset + - value: daemonset + description: Daemonset + default: deployment + - variable: replicas + description: Number of desired pod replicas + label: Desired Replicas + schema: + type: int + required: true + default: 1 + - variable: strategy + description: Please specify type of workload to deploy + label: (Advanced) Update Strategy + schema: + type: string + required: true + enum: + - value: Recreate + description: "Recreate: Kill existing pods before creating new ones" + - value: RollingUpdate + description: "RollingUpdate: Create new pods and then kill old ones" + - value: OnDelete + description: "(Legacy) OnDelete: ignore .spec.template changes" + default: Recreate + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Controller Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Controller Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: customextraargs + group: Controller + label: "Extra Args" + description: "Do not click this unless you know what you are doing" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: authentik + group: "Container Configuration" + label: "Authentik Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: credentials + label: "Credentials" + schema: + additional_attrs: true + type: dict + attrs: + - variable: password + label: "Password (Initial install only)" + description: "Password for user. Can be used for any flow executor" + schema: + type: string + private: true + required: true + default: "" + - variable: token + label: "Token (Initial install only)" + description: "The string you specify for this variable is the token key you can use to authenticate yourself to the API" + schema: + type: string + private: true + required: true + default: "" + - variable: general + label: "General" + schema: + additional_attrs: true + type: dict + attrs: + - variable: disable_update_check + label: "Disable Update Check" + description: "Disable the inbuilt update-checker" + schema: + type: boolean + default: false + - variable: disable_startup_analytics + label: "Disable Startup Analytics" + description: "Disable startup analytics" + schema: + type: boolean + default: true + - variable: allow_user_name_change + label: "Allow User Name Change" + description: "Enable the ability for users to change their Name" + schema: + type: boolean + default: true + - variable: allow_user_mail_change + label: "Allow User Mail Change" + description: "Enable the ability for users to change their Email address" + schema: + type: boolean + default: true + - variable: allow_user_username_change + label: "Allow User Username Change" + description: "Enable the ability for users to change their Usernames" + schema: + type: boolean + default: true + - variable: gdpr_compliance + label: "GDPR Compliance" + description: "When enabled, all the events caused by a user will be deleted upon the user's deletion" + schema: + type: boolean + default: true + - variable: impersonation + label: "Impersonation" + description: "Globally enable/disable impersonation" + schema: + type: boolean + default: true + - variable: avatars + label: "Avatars" + description: "Configure how authentik should show avatars for users" + schema: + type: string + default: "gravatar" + - variable: token_length + label: "Token Length" + description: "Configure the length of generated tokens" + schema: + type: int + default: 128 + - variable: footer_links + label: "Footer Links" + description: "This option configures the footer links on the flow executor pages" + schema: + type: string + default: "" + - variable: mail + label: "e-Mail" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "Mail Server Host" + description: "Sets host of mail server" + schema: + type: string + default: "" + - variable: port + label: "Mail Server Port" + description: "Sets port of mail server" + schema: + type: int + default: 25 + - variable: tls + label: "Use TLS for authentication" + description: "Sets tls for mail server authentication" + schema: + type: boolean + default: false + - variable: ssl + label: "Use SSL for authentication" + description: "Sets ssl for mail server authentication" + schema: + type: boolean + default: false + - variable: timeout + label: "Timeout of authentication" + description: "Sets timeout for mail server authentication" + schema: + type: int + default: 10 + - variable: user + label: "Username" + description: "Sets username of mail server" + schema: + type: string + default: "" + - variable: pass + label: "Password" + description: "Sets password of mail server" + schema: + type: string + private: true + default: "" + - variable: from + label: "From Address" + description: "Email address authentik will send from" + schema: + type: string + default: "" + - variable: error_reporting + label: "Error Reporting" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Reporting" + description: "Enables error reporting" + schema: + type: boolean + default: false + show_subquestions_if: + subquestions: + - variable: send_pii + label: "Send Personal Data" + description: "Whether or not to send personal data, like usernames" + schema: + type: boolean + default: false + - variable: environment + label: "Environment" + description: "Unique environment that is attached to your error reports, should be set to your email address for example." + schema: + type: string + default: "customer" + - variable: logging + label: "Logging" + schema: + additional_attrs: true + type: dict + attrs: + - variable: log_level + label: "Log Level" + description: "Log level for the server and worker containers" + schema: + type: string + default: "info" + enum: + - value: trace + description: "trace" + - value: debug + description: "debug" + - value: info + description: "info" + - value: warning + description: "warning" + - value: error + description: "error" + - variable: metrics + label: "Metrics" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Metrics Endpoint" + description: "Enables metrics endpoint for Authentik and embedded outpost" + schema: + type: boolean + default: false + - variable: ldap + label: "LDAP" + schema: + additional_attrs: true + type: dict + attrs: + - variable: tls_ciphers + label: "TLS Ciphers" + description: "Allows configuration of TLS Ciphers for LDAP connections used by LDAP sources. Setting applies to all sources" + schema: + type: string + default: "null" + - variable: geoip + group: "Container Configuration" + label: "GeoIP Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable GeoIP Container" + description: "Enables GeoIP container" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: account_id + label: "Account ID" + description: "Your MaxMind account ID" + schema: + type: string + private: true + required: true + default: "" + - variable: license_key + label: "License Key" + description: "Your case-sensitive MaxMind license key" + schema: + type: string + private: true + required: true + default: "" + - variable: edition_ids + label: "Edition IDs" + description: "List of space-separated database edition IDs. Edition IDs may consist of letters, digits, and dashes" + schema: + type: string + required: true + default: "GeoLite2-City" + - variable: frequency + label: "Frequency" + description: "The number of hours between geoipupdate runs" + schema: + type: int + min: 1 + default: 8 + - variable: host_server + label: "Host Server" + description: "The host name of the server to use" + schema: + type: string + default: "updates.maxmind.com" + - variable: preserve_file_times + label: "Preserve File Times" + description: "Whether to preserve modification times of files downloaded from the server" + schema: + type: boolean + default: false + - variable: verbose + label: "Verbose" + description: "Enable verbose mode. Prints out the steps that geoipupdate takes" + schema: + type: boolean + default: false + - variable: proxy + label: "Proxy" + description: "The proxy host name or IP address" + schema: + type: string + default: "" + - variable: proxy_user_pass + label: "Proxy Pass" + description: "The proxy user name and password, separated by a colon" + schema: + type: string + private: true + default: "" + - variable: TZ + label: Timezone + group: Container Configuration + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + group: Container Configuration + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: expertpodconf + group: Container Configuration + label: Show Expert Configuration + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: Enable TTY + description: Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: stdin + label: Enable STDIN + description: Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: termination + group: Container Configuration + label: Termination settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: Grace Period Seconds + schema: + type: int + default: 10 + - variable: podLabelsList + group: Container Configuration + label: Pod Labels + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: podAnnotationsList + group: Container Configuration + label: Pod Annotations + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: Simple + enum: + - value: Simple + description: Simple + - value: ClusterIP + description: ClusterIP + - value: NodePort + description: NodePort (Advanced) + - value: LoadBalancer + description: LoadBalancer (Advanced) + - variable: loadBalancerIP + label: LoadBalancer IP + description: LoadBalancerIP + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: (Advanced) Specify the IP Policy + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: (Advanced) IP Families + description: (Advanced) The IP Families that should be used + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10229 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTPS + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9443 + - variable: http + label: "http Service" + description: "The http service." + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: Simple + enum: + - value: Simple + description: Simple + - value: ClusterIP + description: ClusterIP + - value: NodePort + description: NodePort (Advanced) + - value: LoadBalancer + description: LoadBalancer (Advanced) + - variable: loadBalancerIP + label: LoadBalancer IP + description: LoadBalancerIP + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: (Advanced) Specify the IP Policy + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: (Advanced) IP Families + description: (Advanced) The IP Families that should be used + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: http + label: "http Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10230 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9000 + - variable: metrics + label: "metrics Service" + description: "The metrics service." + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: Simple + enum: + - value: Simple + description: Simple + - value: ClusterIP + description: ClusterIP + - value: NodePort + description: NodePort (Advanced) + - value: LoadBalancer + description: LoadBalancer (Advanced) + - variable: loadBalancerIP + label: LoadBalancer IP + description: LoadBalancerIP + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: (Advanced) Specify the IP Policy + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: (Advanced) IP Families + description: (Advanced) The IP Families that should be used + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: metrics + label: "metrics Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10231 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9301 + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: Networking and Services + label: Host-Networking (Complicated) + schema: + type: boolean + default: false + - variable: externalInterfaces + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + show_subquestions_if: static + subquestions: + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: dnsPolicy + group: Networking and Services + label: dnsPolicy + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ClusterFirst + description: ClusterFirst + - value: ClusterFirstWithHostNet + description: ClusterFirstWithHostNet + - value: None + description: None + - variable: dnsConfig + label: DNS Configuration + group: Networking and Services + description: Specify custom DNS configuration which will be applied to the pod + schema: + additional_attrs: true + type: dict + attrs: + - variable: nameservers + label: Name Servers + schema: + default: [] + type: list + items: + - variable: nameserver + label: Name Server + schema: + type: string + - variable: options + label: Options + schema: + default: [] + type: list + items: + - variable: option + label: Option Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: searches + label: Searches + schema: + default: [] + type: list + items: + - variable: search + label: Search Entry + schema: + type: string + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: Simple + enum: + - value: Simple + description: Simple + - value: NodePort + description: NodePort + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: LoadBalancerIP + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: TCP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort + schema: + type: int + min: 9000 + max: 65535 + - variable: persistence + label: Integrated Persistent Storage + description: Integrated Persistent Storage + group: Storage and Persistence + schema: + additional_attrs: true + type: dict + attrs: + - variable: media + label: "App Media Storage" + description: "Stores the Application Media." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 999Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: templates + label: "App Templates Storage" + description: "Stores the Application Templates." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 999Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: certs + label: "App Certs Storage" + description: "Stores the Application Certs." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 999Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: geoip + label: "App GeoIP Storage" + description: "Stores the Application GeoIP." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simplePVC + enum: + - value: simplePVC + description: PVC (simple) + - value: simpleHP + description: Host Path (simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: false + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 999Gi + - variable: hostPathType + label: (Advanced) hostPath Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) storageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name (Optional) + description: "Not required, please set to config when mounting /config or temp when mounting /tmp" + schema: + type: string + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: simpleHP + enum: + - value: simplePVC + description: PVC (Simple) + - value: simpleHP + description: Host Path (Simple) + - value: emptyDir + description: emptyDir + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPathSimple + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 999Gi + - variable: hostPathType + label: (Advanced) Host Path Type + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: DirectoryOrCreate + description: DirectoryOrCreate + - value: Directory + description: Directory + - value: FileOrCreate + description: FileOrCreate + - value: File + description: File + - value: Socket + description: Socket + - value: CharDevice + description: CharDevice + - value: BlockDevice + description: BlockDevice + - variable: storageClass + label: (Advanced) StorageClass + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: SCALE-ZFS + - variable: accessMode + label: (Advanced) Access Mode + description: Allow or disallow multiple PVC's writhing to the same PV + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: ReadWriteOnce + enum: + - value: ReadWriteOnce + description: ReadWriteOnce + - value: ReadOnlyMany + description: ReadOnlyMany + - value: ReadWriteMany + description: ReadWriteMany + - variable: advanced + label: Show Advanced Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: (Advanced) Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: These middlewares enforce a number of best practices. + label: Enable Default Middlewares + schema: + type: boolean + default: true + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: service + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: security + label: Container Security Settings + group: Security and Permissions + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: Change PUID / UMASK values + description: By enabling this you override default set values. + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "002" + - variable: advancedSecurity + label: Show Advanced Security Settings + group: Security and Permissions + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: capabilities + label: Capabilities + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: Drop Capability + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: Add Capability + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + - variable: podSecurityContext + group: Security and Permissions + label: Pod Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 1000 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 1000 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + + - variable: advancedresources + label: Set Custom Resource Limits/Requests (Advanced) + group: Resources and Devices + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 10m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 50Mi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: hostPath + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + # Specify GPU configuration + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] +# - variable: autoscaling +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: networkPolicy +# group: Advanced +# label: (Advanced) Network Policy +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: policyType +# label: Policy Type +# schema: +# type: string +# default: "" +# enum: +# - value: "" +# description: Default +# - value: ingress +# description: Ingress +# - value: egress +# description: Egress +# - value: ingress-egress +# description: Ingress and Egress +# - variable: egress +# label: Egress +# schema: +# type: list +# default: [] +# items: +# - variable: egressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: to +# label: To +# schema: +# type: list +# default: [] +# items: +# - variable: toEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: IP Block +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: CIDR +# schema: +# type: string +# default: "" +# - variable: except +# label: Except +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: Namespace Selector +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: Ports +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: Port +# schema: +# type: int +# - variable: endPort +# label: End Port +# schema: +# type: int +# - variable: protocol +# label: Protocol +# schema: +# type: string +# default: TCP +# enum: +# - value: TCP +# description: TCP +# - value: UDP +# description: UDP +# - value: SCTP +# description: SCTP +# - variable: ingress +# label: Ingress +# schema: +# type: list +# default: [] +# items: +# - variable: ingressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: from +# label: From +# schema: +# type: list +# default: [] +# items: +# - variable: fromEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: IP Block +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: CIDR +# schema: +# type: string +# default: "" +# - variable: except +# label: Except +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: Namespace Selector +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: Ports +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: Port +# schema: +# type: int +# - variable: endPort +# label: End Port +# schema: +# type: int +# - variable: protocol +# label: Protocol +# schema: +# type: string +# default: TCP +# enum: +# - value: TCP +# description: TCP +# - value: UDP +# description: UDP +# - value: SCTP +# description: SCTP + + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: openvpn + description: OpenVPN + - value: wireguard + description: Wireguard + - value: tailscale + description: Tailscale + - variable: openvpn + label: OpenVPN Settings + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: Sock5 Server + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type + schema: + type: string + default: hostPath + hidden: true + - variable: hostPathType + label: hostPathType + schema: + type: string + default: File + hidden: true + - variable: noMount + label: noMount + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: Full Path to File + description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: Git Settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: Raw SSH Private Key + label: Deploy Key + schema: + type: string + - variable: deployKeyBase64 + description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence + label: Deploy Key Base64 + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: NodePort + enum: + - value: NodePort + description: NodePort + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: LoadBalancerIP + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nodePort + description: Leave Empty to Disable + label: "nodePort" + schema: + type: int + default: 36107 + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: promtail + label: Promtail + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: Loki URL + schema: + type: string + required: true + - variable: logs + label: Log Paths + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: path + label: Path + schema: + type: string + required: true + - variable: args + label: Promtail Command Line Arguments + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + required: true + - variable: envList + label: Promtail Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/docs/about/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/docs/about/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/incubator/authentik/4.0.0/templates/_config.tpl b/incubator/authentik/4.0.0/templates/_config.tpl new file mode 100644 index 0000000000..671b022698 --- /dev/null +++ b/incubator/authentik/4.0.0/templates/_config.tpl @@ -0,0 +1,84 @@ +{{/* Define the configmap */}} +{{- define "authentik.config" -}} + +{{- $authentikConfigName := printf "%s-authentik-config" (include "tc.common.names.fullname" .) }} +{{- $geoipConfigName := printf "%s-geoip-config" (include "tc.common.names.fullname" .) }} + +--- +{{/* This configmap are loaded on both main authentik container and worker */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $authentikConfigName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Dependencies */}} + AUTHENTIK_REDIS__HOST: {{ printf "%v-%v" .Release.Name "redis" }} + AUTHENTIK_REDIS__PORT: "6379" + AUTHENTIK_POSTGRESQL__NAME: {{ .Values.postgresql.postgresqlDatabase }} + AUTHENTIK_POSTGRESQL__USER: {{ .Values.postgresql.postgresqlUsername }} + AUTHENTIK_POSTGRESQL__HOST: {{ printf "%v-%v" .Release.Name "postgresql" }} + AUTHENTIK_POSTGRESQL__PORT: "5432" + {{/* Mail */}} + {{- with .Values.authentik.mail.port }} + AUTHENTIK_EMAIL__PORT: {{ . | quote }} + {{- end }} + AUTHENTIK_EMAIL__USE_TLS: {{ .Values.authentik.mail.tls | quote }} + AUTHENTIK_EMAIL__USE_SSL: {{ .Values.authentik.mail.ssl | quote }} + {{- with .Values.authentik.mail.timeout }} + AUTHENTIK_EMAIL__TIMEOUT: {{ . | quote }} + {{- end }} + {{/* Logging */}} + {{- with .Values.authentik.logging.log_level }} + AUTHENTIK_LOG_LEVEL: {{ . }} + {{- end }} + {{/* General */}} + AUTHENTIK_DISABLE_STARTUP_ANALYTICS: {{ .Values.authentik.general.disable_startup_analytics | quote }} + AUTHENTIK_DISABLE_UPDATE_CHECK: {{ .Values.authentik.general.disable_update_check | quote }} + {{- with .Values.authentik.general.avatars }} + AUTHENTIK_AVATARS: {{ . }} + {{- end }} + AUTHENTIK_DEFAULT_USER_CHANGE_NAME: {{ .Values.authentik.general.allow_user_name_change | quote }} + AUTHENTIK_DEFAULT_USER_CHANGE_EMAIL: {{ .Values.authentik.general.allow_user_mail_change | quote }} + AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME: {{ .Values.authentik.general.allow_user_username_change | quote }} + AUTHENTIK_GDPR_COMPLIANCE: {{ .Values.authentik.general.gdpr_compliance | quote }} + AUTHENTIK_IMPERSONATION: {{ .Values.authentik.general.impersonation | quote }} + AUTHENTIK_DEFAULT_TOKEN_LENGTH: {{ .Values.authentik.general.token_length | quote }} + {{- with .Values.authentik.general.footer_links }} + AUTHENTIK_FOOTER_LINKS: {{ . | squote }} + {{- end }} + {{/* Error Reporting */}} + AUTHENTIK_ERROR_REPORTING__ENABLED: {{ .Values.authentik.error_reporting.enabled | quote }} + AUTHENTIK_ERROR_REPORTING__SEND_PII: {{ .Values.authentik.error_reporting.send_pii | quote }} + {{- with .Values.authentik.error_reporting.environment }} + AUTHENTIK_ERROR_REPORTING__ENVIRONMENT: {{ . }} + {{- end }} + {{/* LDAP */}} + {{- with .Values.authentik.ldap.tls_ciphers }} + AUTHENTIK_LDAP__TLS__CIPHERS: {{ . | quote }} + {{- end }} + {{/* Metrics */}} + AUTHENTIK_LISTEN__METRICS: {{ .Values.authentik.metrics.internalPort | quote }} + {{/* Metrics */}} + AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE: {{ .Values.authentik.outposts.container_image_base | quote }} + AUTHENTIK_OUTPOSTS__DISCOVER: {{ .Values.authentik.outposts.discover | quote }} +--- +{{/* This configmap is loaded on geoip container */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $geoipConfigName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{- with .Values.geoip.edition_ids }} + GEOIPUPDATE_EDITION_IDS: {{ . }} + {{- end }} + GEOIPUPDATE_FREQUENCY: {{ .Values.geoip.frequency | quote }} + {{- with .Values.geoip.host_server }} + GEOIPUPDATE_HOST: {{ . }} + {{- end }} + GEOIPUPDATE_PRESERVE_FILE_TIMES: '{{ ternary "1" "0" .Values.geoip.preserve_file_times }}' + GEOIPUPDATE_VERBOSE: '{{ ternary "1" "0" .Values.geoip.verbose }}' +{{- end }} diff --git a/incubator/authentik/4.0.0/templates/_geoip.tpl b/incubator/authentik/4.0.0/templates/_geoip.tpl new file mode 100644 index 0000000000..64a4ee9bc8 --- /dev/null +++ b/incubator/authentik/4.0.0/templates/_geoip.tpl @@ -0,0 +1,20 @@ +{{/* Define the geoip container */}} +{{- define "authentik.geoip" -}} +image: {{ .Values.geoipImage.repository }}:{{ .Values.geoipImage.tag }} +imagePullPolicy: '{{ .Values.geoipImage.pullPolicy }}' +securityContext: + runAsUser: 0 + runAsGroup: 0 + readOnlyRootFilesystem: false + runAsNonRoot: false +volumeMounts: + - name: geoip + mountPath: "/usr/share/GeoIP" +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-geoip-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-geoip-config' +{{/* TODO: Add healthchecks */}} +{{/* TODO: https://github.com/maxmind/geoipupdate/issues/105 */}} +{{- end -}} diff --git a/incubator/authentik/4.0.0/templates/_secret.tpl b/incubator/authentik/4.0.0/templates/_secret.tpl new file mode 100644 index 0000000000..c2f8dbf071 --- /dev/null +++ b/incubator/authentik/4.0.0/templates/_secret.tpl @@ -0,0 +1,70 @@ +{{/* Define the secret */}} +{{- define "authentik.secret" -}} + +{{- $authentikSecretName := printf "%s-authentik-secret" (include "tc.common.names.fullname" .) }} +{{- $geoipSecretName := printf "%s-geoip-secret" (include "tc.common.names.fullname" .) }} + +--- +{{/* This secrets are loaded on both main authentik container and worker */}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $authentikSecretName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Secret Key */}} + {{- with (lookup "v1" "Secret" .Release.Namespace $authentikSecretName) }} + AUTHENTIK_SECRET_KEY: {{ index .data "AUTHENTIK_SECRET_KEY" }} + {{- else }} + AUTHENTIK_SECRET_KEY: {{ randAlphaNum 32 | b64enc }} + {{- end }} + {{/* Dependencies */}} + AUTHENTIK_POSTGRESQL__PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }} + AUTHENTIK_REDIS__PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }} + {{/* Credentials */}} + {{- with .Values.authentik.credentials.password }} + AUTHENTIK_BOOTSTRAP_PASSWORD: {{ . | b64enc }} + {{- end }} + {{- with .Values.authentik.credentials.token }} + AUTHENTIK_BOOTSTRAP_TOKEN: {{ . | b64enc }} + {{- end }} + {{/* Mail */}} + {{- with .Values.authentik.mail.host }} + AUTHENTIK_EMAIL__HOST: {{ . | b64enc }} + {{- end }} + {{- with .Values.authentik.mail.user }} + AUTHENTIK_EMAIL__USERNAME: {{ . | b64enc }} + {{- end }} + {{- with .Values.authentik.mail.pass }} + AUTHENTIK_EMAIL__PASSWORD: {{ . | b64enc }} + {{- end }} + {{- with .Values.authentik.mail.from }} + AUTHENTIK_EMAIL__FROM: {{ . | b64enc }} + {{- end }} +--- +{{/* This secrets are loaded on geoip container */}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $geoipSecretName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Credentials */}} + {{- with .Values.geoip.account_id }} + GEOIPUPDATE_ACCOUNT_ID: {{ . | b64enc }} + {{- end }} + {{- with .Values.geoip.license_key }} + GEOIPUPDATE_LICENSE_KEY: {{ . | b64enc }} + {{- end }} + {{/* Proxy */}} + {{- with .Values.geoip.proxy }} + GEOIPUPDATE_PROXY: {{ . | b64enc }} + {{- end }} + {{- with .Values.geoip.proxy_user_pass }} + GEOIPUPDATE_PROXY_USER_PASSWORD: {{ . | b64enc }} + {{- end }} +{{- end }} diff --git a/incubator/authentik/4.0.0/templates/_worker.tpl b/incubator/authentik/4.0.0/templates/_worker.tpl new file mode 100644 index 0000000000..2a00d08c0b --- /dev/null +++ b/incubator/authentik/4.0.0/templates/_worker.tpl @@ -0,0 +1,52 @@ +{{/* Define the worker container */}} +{{- define "authentik.worker" -}} +image: {{ .Values.image.repository }}:{{ .Values.image.tag }} +imagePullPolicy: '{{ .Values.image.pullPolicy }}' +securityContext: + runAsUser: {{ .Values.podSecurityContext.runAsUser }} + runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} + readOnlyRootFilesystem: false + runAsNonRoot: true +args: ["worker"] +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-authentik-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-authentik-config' +volumeMounts: + - name: media + mountPath: "/media" + - name: templates + mountPath: "/templates" + - name: certs + mountPath: "/certs" + - name: geoip + mountPath: "/geoip" +readinessProbe: + exec: + command: + - /lifecycle/ak + - healthcheck + initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} + periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} + timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} + failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} +livenessProbe: + exec: + command: + - /lifecycle/ak + - healthcheck + initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} + periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} + timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} + failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} +startupProbe: + exec: + command: + - /lifecycle/ak + - healthcheck + initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} + periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} + timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} + failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} +{{- end -}} diff --git a/incubator/authentik/4.0.0/templates/common.yaml b/incubator/authentik/4.0.0/templates/common.yaml new file mode 100644 index 0000000000..b712df5a4a --- /dev/null +++ b/incubator/authentik/4.0.0/templates/common.yaml @@ -0,0 +1,25 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{/* Render secret */}} +{{- include "authentik.secret" . }} + +{{/* Render config */}} +{{- include "authentik.config" . }} + +{{- if .Values.authentik.metrics.enabled -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" ( .Values.service.metrics.ports.metrics.targetPort | quote) -}} +{{- end -}} + +{{- if .Values.workerContainer.enabled -}} +{{- $_ := set .Values.additionalContainers "worker" (include "authentik.worker" . | fromYaml) -}} +{{- end -}} + +{{- if .Values.geoip.enabled -}} +{{- $_ := set .Values.additionalContainers "geoip" (include "authentik.geoip" . | fromYaml) -}} +{{- end -}} + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/incubator/authentik/4.0.0/values.yaml b/incubator/authentik/4.0.0/values.yaml new file mode 100644 index 0000000000..e69de29bb2