From bea189a8c2d8def080e32550ee6493cac926ceef Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Sun, 21 Jan 2024 17:33:29 +0000 Subject: [PATCH] Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot --- enterprise/traefik/25.1.13/CHANGELOG.md | 99 + enterprise/traefik/25.1.13/Chart.yaml | 39 + enterprise/traefik/25.1.13/LICENSE | 106 + enterprise/traefik/25.1.13/README.md | 28 + enterprise/traefik/25.1.13/app-changelog.md | 9 + enterprise/traefik/25.1.13/app-readme.md | 8 + .../25.1.13}/charts/common-17.2.26.tgz | Bin .../traefik.containo.us_ingressroutes.yaml | 275 ++ .../traefik.containo.us_ingressroutetcps.yaml | 218 + .../traefik.containo.us_ingressrouteudps.yaml | 105 + .../crds/traefik.containo.us_middlewares.yaml | 924 +++++ .../traefik.containo.us_middlewaretcps.yaml | 72 + ...traefik.containo.us_serverstransports.yaml | 128 + .../crds/traefik.containo.us_tlsoptions.yaml | 113 + .../crds/traefik.containo.us_tlsstores.yaml | 99 + .../traefik.containo.us_traefikservices.yaml | 402 ++ .../crds/traefik.io_ingressroutes.yaml | 275 ++ .../crds/traefik.io_ingressroutetcps.yaml | 218 + .../crds/traefik.io_ingressrouteudps.yaml | 105 + .../25.1.13/crds/traefik.io_middlewares.yaml | 924 +++++ .../crds/traefik.io_middlewaretcps.yaml | 72 + .../crds/traefik.io_serverstransports.yaml | 128 + .../crds/traefik.io_serverstransporttcps.yaml | 122 + .../25.1.13/crds/traefik.io_tlsoptions.yaml | 113 + .../25.1.13/crds/traefik.io_tlsstores.yaml | 99 + .../crds/traefik.io_traefikservices.yaml | 402 ++ enterprise/traefik/25.1.13/ix_values.yaml | 441 ++ enterprise/traefik/25.1.13/questions.yaml | 3402 ++++++++++++++++ .../25.1.13}/templates/NOTES.txt | 0 .../traefik/25.1.13/templates/_args.tpl | 194 + .../traefik/25.1.13/templates/_helpers.tpl | 22 + .../25.1.13/templates/_ingressclass.tpl | 24 + .../25.1.13/templates/_ingressroute.tpl | 34 + .../traefik/25.1.13/templates/_portalhook.tpl | 24 + .../traefik/25.1.13/templates/_tlsoptions.tpl | 13 + .../traefik/25.1.13/templates/_tlsstore.tpl | 26 + .../traefik/25.1.13/templates/common.yaml | 24 + .../templates/middlewares/addPrefix.yaml | 12 + .../middlewares/basic-middleware.yaml | 57 + .../templates/middlewares/basicauth.yaml | 30 + .../templates/middlewares/buffering.yaml | 26 + .../25.1.13/templates/middlewares/chain.yaml | 21 + .../middlewares/customFrameOptionsValue.yaml | 12 + .../middlewares/customRequestHeaders.yaml | 15 + .../middlewares/customResponseHeaders.yaml | 15 + .../templates/middlewares/forwardauth.yaml | 29 + .../templates/middlewares/geoblock.yaml | 29 + .../templates/middlewares/ipwhitelist.yaml | 27 + .../templates/middlewares/modsecurity.yaml | 14 + .../templates/middlewares/ratelimit.yaml | 13 + .../templates/middlewares/real-ip.yaml | 15 + .../templates/middlewares/redirectScheme.yaml | 13 + .../templates/middlewares/redirectregex.yaml | 14 + .../middlewares/rewriteResponseHeaders.yaml | 17 + .../middlewares/stripPrefixRegex.yaml | 14 + .../templates/middlewares/tc-chains.yaml | 24 + .../templates/middlewares/tc-headers.yaml | 57 + .../templates/middlewares/tc-nextcloud.yaml | 20 + .../templates/middlewares/theme-park.yaml | 20 + .../3.1.12 => traefik/25.1.13}/values.yaml | 0 enterprise/vaultwarden/25.1.10/CHANGELOG.md | 99 + enterprise/vaultwarden/25.1.10/Chart.yaml | 41 + enterprise/vaultwarden/25.1.10/LICENSE | 106 + enterprise/vaultwarden/25.1.10/README.md | 28 + .../vaultwarden/25.1.10/app-changelog.md | 9 + enterprise/vaultwarden/25.1.10/app-readme.md | 8 + .../25.1.10}/charts/common-17.2.26.tgz | Bin enterprise/vaultwarden/25.1.10/ix_values.yaml | 152 + enterprise/vaultwarden/25.1.10/questions.yaml | 3621 +++++++++++++++++ .../vaultwarden/25.1.10}/templates/NOTES.txt | 0 .../25.1.10/templates/_configmap.tpl | 111 + .../25.1.10/templates/_secrets.tpl | 37 + .../25.1.10/templates/_validate.tpl | 17 + .../vaultwarden/25.1.10/templates/common.yaml | 17 + .../vaultwarden/25.1.10}/values.yaml | 0 enterprise/velero/3.1.12/app-changelog.md | 9 - .../velero/{3.1.12 => 3.1.13}/CHANGELOG.md | 18 +- .../velero/{3.1.12 => 3.1.13}/Chart.yaml | 2 +- enterprise/velero/{3.1.12 => 3.1.13}/LICENSE | 0 .../velero/{3.1.12 => 3.1.13}/README.md | 0 enterprise/velero/3.1.13/app-changelog.md | 9 + .../velero/{3.1.12 => 3.1.13}/app-readme.md | 0 .../velero/3.1.13}/charts/common-17.2.26.tgz | Bin .../charts/velero-5.2.0.tgz | Bin .../velero/{3.1.12 => 3.1.13}/ix_values.yaml | 2 +- .../velero/{3.1.12 => 3.1.13}/questions.yaml | 0 .../velero/3.1.13}/templates/NOTES.txt | 0 .../{3.1.12 => 3.1.13}/templates/common.yaml | 0 .../velero/3.1.13}/values.yaml | 0 .../cert-manager/3.1.11/app-changelog.md | 9 - .../{3.1.11 => 3.1.12}/CHANGELOG.md | 18 +- .../{3.1.11 => 3.1.12}/Chart.yaml | 2 +- .../cert-manager/{3.1.11 => 3.1.12}/LICENSE | 0 .../cert-manager/{3.1.11 => 3.1.12}/README.md | 0 .../cert-manager/3.1.12/app-changelog.md | 9 + .../{3.1.11 => 3.1.12}/app-readme.md | 0 .../charts/cert-manager-v1.13.3.tgz | Bin .../3.1.12}/charts/common-17.2.26.tgz | Bin .../{3.1.11 => 3.1.12}/ix_values.yaml | 2 +- .../{3.1.11 => 3.1.12}/questions.yaml | 0 .../3.1.12}/templates/NOTES.txt | 0 .../{3.1.11 => 3.1.12}/templates/common.yaml | 0 .../{3.1.11 => 3.1.12}/templates/crds.yaml | 0 .../4.5.2 => cert-manager/3.1.12}/values.yaml | 0 .../cloudnative-pg/5.2.11/app-changelog.md | 9 - .../{5.2.11 => 5.2.12}/CHANGELOG.md | 18 +- .../{5.2.11 => 5.2.12}/Chart.yaml | 2 +- .../cloudnative-pg/{5.2.11 => 5.2.12}/LICENSE | 0 .../{5.2.11 => 5.2.12}/README.md | 0 .../cloudnative-pg/5.2.12/app-changelog.md | 9 + .../{5.2.11 => 5.2.12}/app-readme.md | 0 .../charts/cloudnative-pg-0.20.0.tgz | Bin .../5.2.12}/charts/common-17.2.26.tgz | Bin .../{5.2.11 => 5.2.12}/ix_values.yaml | 2 +- .../{5.2.11 => 5.2.12}/questions.yaml | 0 .../5.2.12}/templates/NOTES.txt | 0 .../{5.2.11 => 5.2.12}/templates/common.yaml | 0 .../cloudnative-pg/5.2.12}/values.yaml | 0 operators/metallb/13.1.12/CHANGELOG.md | 99 + operators/metallb/13.1.12/Chart.yaml | 45 + .../4.5.2 => metallb/13.1.12}/LICENSE | 0 operators/metallb/13.1.12/README.md | 28 + operators/metallb/13.1.12/app-changelog.md | 9 + operators/metallb/13.1.12/app-readme.md | 8 + .../13.1.12}/charts/common-17.2.26.tgz | Bin .../13.1.12/charts/metallb-0.13.12.tgz | Bin 0 -> 24427 bytes operators/metallb/13.1.12/ix_values.yaml | 25 + .../4.5.2 => metallb/13.1.12}/questions.yaml | 0 .../metallb/13.1.12}/templates/NOTES.txt | 0 .../metallb/13.1.12/templates/common.yaml | 5 + .../metallb/13.1.12}/values.yaml | 0 .../4.5.2/app-changelog.md | 9 - .../{4.5.2 => 4.5.3}/CHANGELOG.md | 18 +- .../{4.5.2 => 4.5.3}/Chart.yaml | 2 +- operators/prometheus-operator/4.5.3/LICENSE | 106 + .../{4.5.2 => 4.5.3}/README.md | 0 .../4.5.3/app-changelog.md | 9 + .../{4.5.2 => 4.5.3}/app-readme.md | 0 .../4.5.3/charts/common-17.2.26.tgz | Bin 0 -> 97960 bytes .../charts/kube-prometheus-stack-55.11.0.tgz | Bin .../{4.5.2 => 4.5.3}/ix_values.yaml | 2 +- .../prometheus-operator/4.5.3/questions.yaml | 45 + .../4.5.3/templates/NOTES.txt | 1 + .../{4.5.2 => 4.5.3}/templates/common.yaml | 0 .../prometheus-operator/4.5.3/values.yaml | 0 stable/rsshub/11.1.23/CHANGELOG.md | 99 + stable/rsshub/11.1.23/Chart.yaml | 46 + stable/rsshub/11.1.23/README.md | 28 + stable/rsshub/11.1.23/app-changelog.md | 9 + stable/rsshub/11.1.23/app-readme.md | 8 + .../rsshub/11.1.23/charts/common-17.2.26.tgz | Bin 0 -> 97960 bytes stable/rsshub/11.1.23/charts/redis-11.1.9.tgz | Bin 0 -> 103666 bytes stable/rsshub/11.1.23/ix_values.yaml | 62 + stable/rsshub/11.1.23/questions.yaml | 2613 ++++++++++++ stable/rsshub/11.1.23/templates/NOTES.txt | 1 + .../11.1.23}/templates/common.yaml | 0 stable/rsshub/11.1.23/values.yaml | 0 stable/wg-easy/9.0.3/app-changelog.md | 9 - stable/wg-easy/{9.0.3 => 9.0.4}/CHANGELOG.md | 18 +- stable/wg-easy/{9.0.3 => 9.0.4}/Chart.yaml | 2 +- stable/wg-easy/{9.0.3 => 9.0.4}/README.md | 0 stable/wg-easy/9.0.4/app-changelog.md | 9 + stable/wg-easy/{9.0.3 => 9.0.4}/app-readme.md | 0 .../wg-easy/9.0.4/charts/common-17.2.26.tgz | Bin 0 -> 97960 bytes .../wg-easy/{9.0.3 => 9.0.4}/ix_values.yaml | 2 +- .../wg-easy/{9.0.3 => 9.0.4}/questions.yaml | 0 stable/wg-easy/9.0.4/templates/NOTES.txt | 1 + .../9.0.4}/templates/common.yaml | 0 stable/wg-easy/9.0.4/values.yaml | 0 stable/znc/8.1.11/app-changelog.md | 9 - stable/znc/{8.1.11 => 8.1.12}/CHANGELOG.md | 18 +- stable/znc/{8.1.11 => 8.1.12}/Chart.yaml | 2 +- stable/znc/{8.1.11 => 8.1.12}/README.md | 0 stable/znc/8.1.12/app-changelog.md | 9 + stable/znc/{8.1.11 => 8.1.12}/app-readme.md | 0 stable/znc/8.1.12/charts/common-17.2.26.tgz | Bin 0 -> 97960 bytes stable/znc/{8.1.11 => 8.1.12}/ix_values.yaml | 2 +- stable/znc/{8.1.11 => 8.1.12}/questions.yaml | 0 stable/znc/8.1.12/templates/NOTES.txt | 1 + stable/znc/8.1.12/templates/common.yaml | 1 + stable/znc/8.1.12/values.yaml | 0 181 files changed, 17387 insertions(+), 120 deletions(-) create mode 100644 enterprise/traefik/25.1.13/CHANGELOG.md create mode 100644 enterprise/traefik/25.1.13/Chart.yaml create mode 100644 enterprise/traefik/25.1.13/LICENSE create mode 100644 enterprise/traefik/25.1.13/README.md create mode 100644 enterprise/traefik/25.1.13/app-changelog.md create mode 100644 enterprise/traefik/25.1.13/app-readme.md rename enterprise/{velero/3.1.12 => traefik/25.1.13}/charts/common-17.2.26.tgz (100%) create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml create mode 100644 enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml create mode 100644 enterprise/traefik/25.1.13/ix_values.yaml create mode 100644 enterprise/traefik/25.1.13/questions.yaml rename enterprise/{velero/3.1.12 => traefik/25.1.13}/templates/NOTES.txt (100%) create mode 100644 enterprise/traefik/25.1.13/templates/_args.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_helpers.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_ingressclass.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_ingressroute.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_portalhook.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_tlsoptions.tpl create mode 100644 enterprise/traefik/25.1.13/templates/_tlsstore.tpl create mode 100644 enterprise/traefik/25.1.13/templates/common.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/chain.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml create mode 100644 enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml rename enterprise/{velero/3.1.12 => traefik/25.1.13}/values.yaml (100%) create mode 100644 enterprise/vaultwarden/25.1.10/CHANGELOG.md create mode 100644 enterprise/vaultwarden/25.1.10/Chart.yaml create mode 100644 enterprise/vaultwarden/25.1.10/LICENSE create mode 100644 enterprise/vaultwarden/25.1.10/README.md create mode 100644 enterprise/vaultwarden/25.1.10/app-changelog.md create mode 100644 enterprise/vaultwarden/25.1.10/app-readme.md rename {operators/cert-manager/3.1.11 => enterprise/vaultwarden/25.1.10}/charts/common-17.2.26.tgz (100%) create mode 100644 enterprise/vaultwarden/25.1.10/ix_values.yaml create mode 100644 enterprise/vaultwarden/25.1.10/questions.yaml rename {operators/cert-manager/3.1.11 => enterprise/vaultwarden/25.1.10}/templates/NOTES.txt (100%) create mode 100644 enterprise/vaultwarden/25.1.10/templates/_configmap.tpl create mode 100644 enterprise/vaultwarden/25.1.10/templates/_secrets.tpl create mode 100644 enterprise/vaultwarden/25.1.10/templates/_validate.tpl create mode 100644 enterprise/vaultwarden/25.1.10/templates/common.yaml rename {operators/cert-manager/3.1.11 => enterprise/vaultwarden/25.1.10}/values.yaml (100%) delete mode 100644 enterprise/velero/3.1.12/app-changelog.md rename enterprise/velero/{3.1.12 => 3.1.13}/CHANGELOG.md (89%) rename enterprise/velero/{3.1.12 => 3.1.13}/Chart.yaml (98%) rename enterprise/velero/{3.1.12 => 3.1.13}/LICENSE (100%) rename enterprise/velero/{3.1.12 => 3.1.13}/README.md (100%) create mode 100644 enterprise/velero/3.1.13/app-changelog.md rename enterprise/velero/{3.1.12 => 3.1.13}/app-readme.md (100%) rename {operators/cloudnative-pg/5.2.11 => enterprise/velero/3.1.13}/charts/common-17.2.26.tgz (100%) rename enterprise/velero/{3.1.12 => 3.1.13}/charts/velero-5.2.0.tgz (100%) rename enterprise/velero/{3.1.12 => 3.1.13}/ix_values.yaml (94%) rename enterprise/velero/{3.1.12 => 3.1.13}/questions.yaml (100%) rename {operators/cloudnative-pg/5.2.11 => enterprise/velero/3.1.13}/templates/NOTES.txt (100%) rename enterprise/velero/{3.1.12 => 3.1.13}/templates/common.yaml (100%) rename {operators/cloudnative-pg/5.2.11 => enterprise/velero/3.1.13}/values.yaml (100%) delete mode 100644 operators/cert-manager/3.1.11/app-changelog.md rename operators/cert-manager/{3.1.11 => 3.1.12}/CHANGELOG.md (82%) rename operators/cert-manager/{3.1.11 => 3.1.12}/Chart.yaml (98%) rename operators/cert-manager/{3.1.11 => 3.1.12}/LICENSE (100%) rename operators/cert-manager/{3.1.11 => 3.1.12}/README.md (100%) create mode 100644 operators/cert-manager/3.1.12/app-changelog.md rename operators/cert-manager/{3.1.11 => 3.1.12}/app-readme.md (100%) rename operators/cert-manager/{3.1.11 => 3.1.12}/charts/cert-manager-v1.13.3.tgz (100%) rename operators/{prometheus-operator/4.5.2 => cert-manager/3.1.12}/charts/common-17.2.26.tgz (100%) rename operators/cert-manager/{3.1.11 => 3.1.12}/ix_values.yaml (87%) rename operators/cert-manager/{3.1.11 => 3.1.12}/questions.yaml (100%) rename operators/{prometheus-operator/4.5.2 => cert-manager/3.1.12}/templates/NOTES.txt (100%) rename operators/cert-manager/{3.1.11 => 3.1.12}/templates/common.yaml (100%) rename operators/cert-manager/{3.1.11 => 3.1.12}/templates/crds.yaml (100%) rename operators/{prometheus-operator/4.5.2 => cert-manager/3.1.12}/values.yaml (100%) delete mode 100644 operators/cloudnative-pg/5.2.11/app-changelog.md rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/CHANGELOG.md (82%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/Chart.yaml (98%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/LICENSE (100%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/README.md (100%) create mode 100644 operators/cloudnative-pg/5.2.12/app-changelog.md rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/app-readme.md (100%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/charts/cloudnative-pg-0.20.0.tgz (100%) rename {stable/wg-easy/9.0.3 => operators/cloudnative-pg/5.2.12}/charts/common-17.2.26.tgz (100%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/ix_values.yaml (77%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/questions.yaml (100%) rename {stable/wg-easy/9.0.3 => operators/cloudnative-pg/5.2.12}/templates/NOTES.txt (100%) rename operators/cloudnative-pg/{5.2.11 => 5.2.12}/templates/common.yaml (100%) rename {stable/wg-easy/9.0.3 => operators/cloudnative-pg/5.2.12}/values.yaml (100%) create mode 100644 operators/metallb/13.1.12/CHANGELOG.md create mode 100644 operators/metallb/13.1.12/Chart.yaml rename operators/{prometheus-operator/4.5.2 => metallb/13.1.12}/LICENSE (100%) create mode 100644 operators/metallb/13.1.12/README.md create mode 100644 operators/metallb/13.1.12/app-changelog.md create mode 100644 operators/metallb/13.1.12/app-readme.md rename {stable/znc/8.1.11 => operators/metallb/13.1.12}/charts/common-17.2.26.tgz (100%) create mode 100644 operators/metallb/13.1.12/charts/metallb-0.13.12.tgz create mode 100644 operators/metallb/13.1.12/ix_values.yaml rename operators/{prometheus-operator/4.5.2 => metallb/13.1.12}/questions.yaml (100%) rename {stable/znc/8.1.11 => operators/metallb/13.1.12}/templates/NOTES.txt (100%) create mode 100644 operators/metallb/13.1.12/templates/common.yaml rename {stable/znc/8.1.11 => operators/metallb/13.1.12}/values.yaml (100%) delete mode 100644 operators/prometheus-operator/4.5.2/app-changelog.md rename operators/prometheus-operator/{4.5.2 => 4.5.3}/CHANGELOG.md (89%) rename operators/prometheus-operator/{4.5.2 => 4.5.3}/Chart.yaml (98%) create mode 100644 operators/prometheus-operator/4.5.3/LICENSE rename operators/prometheus-operator/{4.5.2 => 4.5.3}/README.md (100%) create mode 100644 operators/prometheus-operator/4.5.3/app-changelog.md rename operators/prometheus-operator/{4.5.2 => 4.5.3}/app-readme.md (100%) create mode 100644 operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz rename operators/prometheus-operator/{4.5.2 => 4.5.3}/charts/kube-prometheus-stack-55.11.0.tgz (100%) rename operators/prometheus-operator/{4.5.2 => 4.5.3}/ix_values.yaml (97%) create mode 100644 operators/prometheus-operator/4.5.3/questions.yaml create mode 100644 operators/prometheus-operator/4.5.3/templates/NOTES.txt rename operators/prometheus-operator/{4.5.2 => 4.5.3}/templates/common.yaml (100%) create mode 100644 operators/prometheus-operator/4.5.3/values.yaml create mode 100644 stable/rsshub/11.1.23/CHANGELOG.md create mode 100644 stable/rsshub/11.1.23/Chart.yaml create mode 100644 stable/rsshub/11.1.23/README.md create mode 100644 stable/rsshub/11.1.23/app-changelog.md create mode 100644 stable/rsshub/11.1.23/app-readme.md create mode 100644 stable/rsshub/11.1.23/charts/common-17.2.26.tgz create mode 100644 stable/rsshub/11.1.23/charts/redis-11.1.9.tgz create mode 100644 stable/rsshub/11.1.23/ix_values.yaml create mode 100644 stable/rsshub/11.1.23/questions.yaml create mode 100644 stable/rsshub/11.1.23/templates/NOTES.txt rename stable/{wg-easy/9.0.3 => rsshub/11.1.23}/templates/common.yaml (100%) create mode 100644 stable/rsshub/11.1.23/values.yaml delete mode 100644 stable/wg-easy/9.0.3/app-changelog.md rename stable/wg-easy/{9.0.3 => 9.0.4}/CHANGELOG.md (87%) rename stable/wg-easy/{9.0.3 => 9.0.4}/Chart.yaml (98%) rename stable/wg-easy/{9.0.3 => 9.0.4}/README.md (100%) create mode 100644 stable/wg-easy/9.0.4/app-changelog.md rename stable/wg-easy/{9.0.3 => 9.0.4}/app-readme.md (100%) create mode 100644 stable/wg-easy/9.0.4/charts/common-17.2.26.tgz rename stable/wg-easy/{9.0.3 => 9.0.4}/ix_values.yaml (93%) rename stable/wg-easy/{9.0.3 => 9.0.4}/questions.yaml (100%) create mode 100644 stable/wg-easy/9.0.4/templates/NOTES.txt rename stable/{znc/8.1.11 => wg-easy/9.0.4}/templates/common.yaml (100%) create mode 100644 stable/wg-easy/9.0.4/values.yaml delete mode 100644 stable/znc/8.1.11/app-changelog.md rename stable/znc/{8.1.11 => 8.1.12}/CHANGELOG.md (84%) rename stable/znc/{8.1.11 => 8.1.12}/Chart.yaml (98%) rename stable/znc/{8.1.11 => 8.1.12}/README.md (100%) create mode 100644 stable/znc/8.1.12/app-changelog.md rename stable/znc/{8.1.11 => 8.1.12}/app-readme.md (100%) create mode 100644 stable/znc/8.1.12/charts/common-17.2.26.tgz rename stable/znc/{8.1.11 => 8.1.12}/ix_values.yaml (82%) rename stable/znc/{8.1.11 => 8.1.12}/questions.yaml (100%) create mode 100644 stable/znc/8.1.12/templates/NOTES.txt create mode 100644 stable/znc/8.1.12/templates/common.yaml create mode 100644 stable/znc/8.1.12/values.yaml diff --git a/enterprise/traefik/25.1.13/CHANGELOG.md b/enterprise/traefik/25.1.13/CHANGELOG.md new file mode 100644 index 0000000000..a7fefcc681 --- /dev/null +++ b/enterprise/traefik/25.1.13/CHANGELOG.md @@ -0,0 +1,99 @@ +--- +title: Changelog +--- + +**Important:** +*for the complete changelog, please refer to the website* + + + +## [traefik-25.1.13](https://github.com/truecharts/charts/compare/traefik-25.1.12...traefik-25.1.13) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/traefik to v2.10.7[@1a1f160](https://github.com/1a1f160) by renovate ([#17471](https://github.com/truecharts/charts/issues/17471)) + + +## [traefik-25.1.12](https://github.com/truecharts/charts/compare/traefik-25.1.11...traefik-25.1.12) (2024-01-21) + +### Chore + + + +- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) + + +## [traefik-25.1.11](https://github.com/truecharts/charts/compare/traefik-25.1.10...traefik-25.1.11) (2024-01-21) + +### Chore + + + +- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457)) + + + + +## [traefik-25.1.10](https://github.com/truecharts/charts/compare/traefik-25.1.9...traefik-25.1.10) (2024-01-09) + +### Chore + + + +- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986)) + + +## [traefik-25.1.9](https://github.com/truecharts/charts/compare/traefik-25.1.8...traefik-25.1.9) (2024-01-02) + +### Chore + + + +- force bump to ensure up-to-date catalogs + + +## [traefik-25.1.8](https://github.com/truecharts/charts/compare/traefik-25.1.7...traefik-25.1.8) (2024-01-02) + +### Chore + + + +- update container image tccr.io/tccr/traefik to v2.10.7[@769efdf](https://github.com/769efdf) by renovate ([#16807](https://github.com/truecharts/charts/issues/16807)) + + +## [traefik-25.1.7](https://github.com/truecharts/charts/compare/traefik-25.1.6...traefik-25.1.7) (2024-01-02) + +### Chore + + + +- update container image tccr.io/tccr/traefik to v[@966a49c](https://github.com/966a49c) by renovate ([#16796](https://github.com/truecharts/charts/issues/16796)) + +### Docs + + + +- Add notice about TCP/UDP ingress ([#16745](https://github.com/truecharts/charts/issues/16745)) + + +## [traefik-25.1.6](https://github.com/truecharts/charts/compare/traefik-25.1.5...traefik-25.1.6) (2024-01-02) + +### Chore + + + +- update container image common to v17.2.21[@cf65ff3](https://github.com/cf65ff3) by renovate ([#16752](https://github.com/truecharts/charts/issues/16752)) + + +## [traefik-25.1.5](https://github.com/truecharts/charts/compare/traefik-25.1.4...traefik-25.1.5) (2024-01-02) + +### Chore + + + +- fix some refs ([#16749](https://github.com/truecharts/charts/issues/16749)) + + +## [traefik-25.1.4](https://github.com/truecharts/charts/compare/traefik-25.1.3...traefik-25.1.4) (2024-01-01) diff --git a/enterprise/traefik/25.1.13/Chart.yaml b/enterprise/traefik/25.1.13/Chart.yaml new file mode 100644 index 0000000000..92f09a48fb --- /dev/null +++ b/enterprise/traefik/25.1.13/Chart.yaml @@ -0,0 +1,39 @@ +annotations: + max_scale_version: 23.10.2 + min_scale_version: 23.10.0 + truecharts.org/SCALE-support: "true" + truecharts.org/category: network + truecharts.org/max_helm_version: "3.14" + truecharts.org/min_helm_version: "3.12" + truecharts.org/train: enterprise +apiVersion: v2 +appVersion: 2.10.7 +dependencies: + - name: common + version: 17.2.26 + repository: oci://tccr.io/truecharts + condition: "" + alias: "" + tags: [] + import-values: [] +deprecated: false +description: Traefik is a flexible reverse proxy and Ingress Provider. +home: https://truecharts.org/charts/enterprise/traefik +icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png +keywords: + - traefik + - ingress +kubeVersion: ">=1.24.0-0" +maintainers: + - name: TrueCharts + email: info@truecharts.org + url: https://truecharts.org +name: traefik +sources: + - https://github.com/traefik/traefik + - https://github.com/traefik/traefik-helm-chart + - https://traefik.io/ + - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik + - https://github.com/truecharts/containers/tree/master/apps/traefik +type: application +version: 25.1.13 diff --git a/enterprise/traefik/25.1.13/LICENSE b/enterprise/traefik/25.1.13/LICENSE new file mode 100644 index 0000000000..4139714f20 --- /dev/null +++ b/enterprise/traefik/25.1.13/LICENSE @@ -0,0 +1,106 @@ +Business Source License 1.1 + +Parameters + +Licensor: The TrueCharts Project, it's owner and it's contributors +Licensed Work: The TrueCharts "Traefik" Helm Chart +Additional Use Grant: You may use the licensed work in production, as long + as it is directly sourced from a TrueCharts provided + official repository, catalog or source. You may also make private + modification to the directly sourced licenced work, + when used in production. + + The following cases are, due to their nature, also + defined as 'production use' and explicitly prohibited: + - Bundling, including or displaying the licensed work + with(in) another work intended for production use, + with the apparent intend of facilitating and/or + promoting production use by third parties in + violation of this license. + +Change Date: 2050-01-01 + +Change License: 3-clause BSD license + +For information about alternative licensing arrangements for the Software, +please contact: legal@truecharts.org + +Notice + +The Business Source License (this document, or the “License”) is not an Open +Source license. However, the Licensed Work will eventually be made available +under an Open Source License, as stated in this License. + +License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. +“Business Source License” is a trademark of MariaDB Corporation Ab. + +----------------------------------------------------------------------------- + +Business Source License 1.1 + +Terms + +The Licensor hereby grants you the right to copy, modify, create derivative +works, redistribute, and make non-production use of the Licensed Work. The +Licensor may make an Additional Use Grant, above, permitting limited +production use. + +Effective on the Change Date, or the fourth anniversary of the first publicly +available distribution of a specific version of the Licensed Work under this +License, whichever comes first, the Licensor hereby grants you rights under +the terms of the Change License, and the rights granted in the paragraph +above terminate. + +If your use of the Licensed Work does not comply with the requirements +currently in effect as described in this License, you must purchase a +commercial license from the Licensor, its affiliated entities, or authorized +resellers, or you must refrain from using the Licensed Work. + +All copies of the original and modified Licensed Work, and derivative works +of the Licensed Work, are subject to this License. This License applies +separately for each version of the Licensed Work and the Change Date may vary +for each version of the Licensed Work released by Licensor. + +You must conspicuously display this License on each original or modified copy +of the Licensed Work. If you receive the Licensed Work in original or +modified form from a third party, the terms and conditions set forth in this +License apply to your use of that work. + +Any use of the Licensed Work in violation of this License will automatically +terminate your rights under this License for the current and all other +versions of the Licensed Work. + +This License does not grant you any right in any trademark or logo of +Licensor or its affiliates (provided that you may use a trademark or logo of +Licensor as expressly required by this License). + +TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON +AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, +EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND +TITLE. + +MariaDB hereby grants you permission to use this License’s text to license +your works, and to refer to it using the trademark “Business Source License”, +as long as you comply with the Covenants of Licensor below. + +Covenants of Licensor + +In consideration of the right to use this License’s text and the “Business +Source License” name and trademark, Licensor covenants to MariaDB, and to all +other recipients of the licensed work to be provided by Licensor: + +1. To specify as the Change License the GPL Version 2.0 or any later version, + or a license that is compatible with GPL Version 2.0 or a later version, + where “compatible” means that software provided under the Change License can + be included in a program with software provided under GPL Version 2.0 or a + later version. Licensor may specify additional Change Licenses without + limitation. + +2. To either: (a) specify an additional grant of rights to use that does not + impose any additional restriction on the right granted in this License, as + the Additional Use Grant; or (b) insert the text “None”. + +3. To specify a Change Date. + +4. Not to modify this License in any other way. diff --git a/enterprise/traefik/25.1.13/README.md b/enterprise/traefik/25.1.13/README.md new file mode 100644 index 0000000000..0eb2123c77 --- /dev/null +++ b/enterprise/traefik/25.1.13/README.md @@ -0,0 +1,28 @@ +--- +title: README +--- + +## General Info + +TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/traefik) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +_All Rights Reserved - The TrueCharts Project_ diff --git a/enterprise/traefik/25.1.13/app-changelog.md b/enterprise/traefik/25.1.13/app-changelog.md new file mode 100644 index 0000000000..7ee2db0ad9 --- /dev/null +++ b/enterprise/traefik/25.1.13/app-changelog.md @@ -0,0 +1,9 @@ + + +## [traefik-25.1.13](https://github.com/truecharts/charts/compare/traefik-25.1.12...traefik-25.1.13) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/traefik to v2.10.7[@1a1f160](https://github.com/1a1f160) by renovate ([#17471](https://github.com/truecharts/charts/issues/17471)) \ No newline at end of file diff --git a/enterprise/traefik/25.1.13/app-readme.md b/enterprise/traefik/25.1.13/app-readme.md new file mode 100644 index 0000000000..02206fafcf --- /dev/null +++ b/enterprise/traefik/25.1.13/app-readme.md @@ -0,0 +1,8 @@ +Traefik is a flexible reverse proxy and Ingress Provider. + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/enterprise/velero/3.1.12/charts/common-17.2.26.tgz b/enterprise/traefik/25.1.13/charts/common-17.2.26.tgz similarity index 100% rename from enterprise/velero/3.1.12/charts/common-17.2.26.tgz rename to enterprise/traefik/25.1.13/charts/common-17.2.26.tgz diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml new file mode 100644 index 0000000000..bd137f410d --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml @@ -0,0 +1,275 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressroutes.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRoute + listKind: IngressRouteList + plural: ingressroutes + singular: ingressroute + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRoute is the CRD implementation of a Traefik HTTP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteSpec defines the desired state of IngressRoute. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: Route holds the HTTP route configuration. + properties: + kind: + description: Kind defines the kind of the route. Rule is the + only supported kind. + enum: + - Rule + type: string + match: + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + type: string + middlewares: + description: 'Middlewares defines the list of references to + Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + items: + description: MiddlewareRef is a reference to a Middleware + resource. + properties: + name: + description: Name defines the name of the referenced Middleware + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Middleware resource. + type: string + required: + - name + type: object + type: array + priority: + description: 'Priority defines the router''s priority. More + info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + type: integer + services: + description: Services defines the list of Service. It can contain + any combination of TraefikService and/or reference to a Kubernetes + Service. + items: + description: Service defines an upstream HTTP service to proxy + traffic to. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client + Host header is forwarded to the upstream Kubernetes + Service. By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to + the client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, + in milliseconds, in between flushes to the client + while copying the response body. A negative value + means to flush immediately after each write to the + client. This configuration is ignored when ReverseProxy + recognizes a response as a streaming response; for + such responses, writes are flushed to the client + immediately. Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the + request to the upstream Kubernetes Service. It defaults + to https when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as + JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie + can only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only + be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round + Robin). + type: integer + required: + - name + type: object + type: array + required: + - kind + - match + type: object + type: array + tls: + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + properties: + certResolver: + description: 'CertResolver defines the name of the certificate + resolver to use. Cert resolvers have to be configured in the + static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + type: string + domains: + description: 'Domains defines the list of domains that will be + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + items: + description: Domain holds a domain name with SANs. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain + names. + items: + type: string + type: array + type: object + type: array + options: + description: 'Options defines the reference to a TLSOption, that + specifies the parameters of the TLS connection. If not defined, + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + name: + description: 'Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + type: string + namespace: + description: 'Namespace defines the namespace of the referenced + TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + type: string + required: + - name + type: object + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store defines the reference to the TLSStore, that + will be used to store certificates. Please note that only `default` + TLSStore can be used. + properties: + name: + description: 'Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + type: string + namespace: + description: 'Namespace defines the namespace of the referenced + TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml new file mode 100644 index 0000000000..589fe31c18 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml @@ -0,0 +1,218 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressroutetcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteTCP + listKind: IngressRouteTCPList + plural: ingressroutetcps + singular: ingressroutetcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: RouteTCP holds the TCP route configuration. + properties: + match: + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + type: string + middlewares: + description: Middlewares defines the list of references to MiddlewareTCP + resources. + items: + description: ObjectReference is a generic reference to a Traefik + resource. + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + type: array + priority: + description: 'Priority defines the router''s priority. More + info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + type: integer + services: + description: Services defines the list of TCP services. + items: + description: ServiceTCP defines an upstream TCP service to + proxy traffic to. + properties: + name: + description: Name defines the name of the referenced Kubernetes + Service. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + proxyProtocol: + description: 'ProxyProtocol defines the PROXY protocol + configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + properties: + version: + description: Version defines the PROXY Protocol version + to use. + type: integer + type: object + terminationDelay: + description: TerminationDelay defines the deadline that + the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, + to close the reading capability as well, hence fully + terminating the connection. It is a duration in milliseconds, + defaulting to 100. A negative value means an infinite + deadline (i.e. the reading capability is never closed). + type: integer + weight: + description: Weight defines the weight used when balancing + requests between multiple Kubernetes Service. + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: object + type: array + tls: + description: 'TLS defines the TLS configuration on a layer 4 / TCP + Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + properties: + certResolver: + description: 'CertResolver defines the name of the certificate + resolver to use. Cert resolvers have to be configured in the + static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + type: string + domains: + description: 'Domains defines the list of domains that will be + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + items: + description: Domain holds a domain name with SANs. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain + names. + items: + type: string + type: array + type: object + type: array + options: + description: 'Options defines the reference to a TLSOption, that + specifies the parameters of the TLS connection. If not defined, + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + passthrough: + description: Passthrough defines whether a TLS router will terminate + the TLS connection. + type: boolean + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store defines the reference to the TLSStore, that + will be used to store certificates. Please note that only `default` + TLSStore can be used. + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml new file mode 100644 index 0000000000..c35ee4dc20 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml @@ -0,0 +1,105 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressrouteudps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteUDP + listKind: IngressRouteUDPList + plural: ingressrouteudps + singular: ingressrouteudp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: RouteUDP holds the UDP route configuration. + properties: + services: + description: Services defines the list of UDP services. + items: + description: ServiceUDP defines an upstream UDP service to + proxy traffic to. + properties: + name: + description: Name defines the name of the referenced Kubernetes + Service. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + weight: + description: Weight defines the weight used when balancing + requests between multiple Kubernetes Service. + type: integer + required: + - name + - port + type: object + type: array + type: object + type: array + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml new file mode 100644 index 0000000000..5e14f93fa5 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml @@ -0,0 +1,924 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: middlewares.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: Middleware + listKind: MiddlewareList + plural: middlewares + singular: middleware + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareSpec defines the desired state of a Middleware. + properties: + addPrefix: + description: 'AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding + it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + properties: + prefix: + description: Prefix is the string to add before the current path + in the requested URL. It should include a leading slash (/). + type: string + type: object + basicAuth: + description: 'BasicAuth holds the basic auth middleware configuration. + This middleware restricts access to your services to known users. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + properties: + headerField: + description: 'HeaderField defines a header field to store the + authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + type: string + realm: + description: 'Realm allows the protected resources on a server + to be partitioned into a set of protection spaces, each with + its own authentication scheme. Default: traefik.' + type: string + removeHeader: + description: 'RemoveHeader sets the removeHeader option to true + to remove the authorization header before forwarding the request + to your service. Default: false.' + type: boolean + secret: + description: Secret is the name of the referenced Kubernetes Secret + containing user credentials. + type: string + type: object + buffering: + description: 'Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + properties: + maxRequestBodyBytes: + description: 'MaxRequestBodyBytes defines the maximum allowed + body size for the request (in bytes). If the request exceeds + the allowed size, it is not forwarded to the service, and the + client gets a 413 (Request Entity Too Large) response. Default: + 0 (no maximum).' + format: int64 + type: integer + maxResponseBodyBytes: + description: 'MaxResponseBodyBytes defines the maximum allowed + response size from the service (in bytes). If the response exceeds + the allowed size, it is not forwarded to the client. The client + gets a 500 (Internal Server Error) response instead. Default: + 0 (no maximum).' + format: int64 + type: integer + memRequestBodyBytes: + description: 'MemRequestBodyBytes defines the threshold (in bytes) + from which the request will be buffered on disk instead of in + memory. Default: 1048576 (1Mi).' + format: int64 + type: integer + memResponseBodyBytes: + description: 'MemResponseBodyBytes defines the threshold (in bytes) + from which the response will be buffered on disk instead of + in memory. Default: 1048576 (1Mi).' + format: int64 + type: integer + retryExpression: + description: 'RetryExpression defines the retry conditions. It + is a logical combination of functions with operators AND (&&) + and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + type: string + type: object + chain: + description: 'Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + properties: + middlewares: + description: Middlewares is the list of MiddlewareRef which composes + the chain. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Middleware resource. + type: string + required: + - name + type: object + type: array + type: object + circuitBreaker: + description: CircuitBreaker holds the circuit breaker configuration. + properties: + checkPeriod: + anyOf: + - type: integer + - type: string + description: CheckPeriod is the interval between successive checks + of the circuit breaker condition (when in standby state). + x-kubernetes-int-or-string: true + expression: + description: Expression is the condition that triggers the tripped + state. + type: string + fallbackDuration: + anyOf: + - type: integer + - type: string + description: FallbackDuration is the duration for which the circuit + breaker will wait before trying to recover (from a tripped state). + x-kubernetes-int-or-string: true + recoveryDuration: + anyOf: + - type: integer + - type: string + description: RecoveryDuration is the duration for which the circuit + breaker will try to recover (as soon as it is in recovering + state). + x-kubernetes-int-or-string: true + type: object + compress: + description: 'Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + properties: + excludedContentTypes: + description: ExcludedContentTypes defines the list of content + types to compare the Content-Type header of the incoming requests + and responses before compressing. + items: + type: string + type: array + minResponseBodyBytes: + description: 'MinResponseBodyBytes defines the minimum amount + of bytes a response body must have to be compressed. Default: + 1024.' + type: integer + type: object + contentType: + description: ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least + the default one can be changed in a future version. + properties: + autoDetect: + description: AutoDetect specifies whether to let the `Content-Type` + header, if it has not been set by the backend, be automatically + set to a value derived from the contents of the response. As + a proxy, the default behavior should be to leave the header + alone, regardless of what the backend did with it. However, + the historic default was to always auto-detect and set the header + if it was nil, and it is going to be kept that way in order + to support users currently relying on it. + type: boolean + type: object + digestAuth: + description: 'DigestAuth holds the digest auth middleware configuration. + This middleware restricts access to your services to known users. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + properties: + headerField: + description: 'HeaderField defines a header field to store the + authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + type: string + realm: + description: 'Realm allows the protected resources on a server + to be partitioned into a set of protection spaces, each with + its own authentication scheme. Default: traefik.' + type: string + removeHeader: + description: RemoveHeader defines whether to remove the authorization + header before forwarding the request to the backend. + type: boolean + secret: + description: Secret is the name of the referenced Kubernetes Secret + containing user credentials. + type: string + type: object + errors: + description: 'ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + properties: + query: + description: Query defines the URL for the error page (hosted + by service). The {status} variable can be used in order to insert + the status code in the URL. + type: string + service: + description: 'Service defines the reference to a Kubernetes Service + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between the + two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if + the only child is the Kubernetes Service clusterIP. The + Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in milliseconds, + in between flushes to the client while copying the response + body. A negative value means to flush immediately after + each write to the client. This configuration is ignored + when ReverseProxy recognizes a response as a streaming + response; for such responses, writes are flushed to + the client immediately. Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport between + Traefik and your servers. Can only be used on a Kubernetes + Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can + be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported value + at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object (and + to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + status: + description: Status defines which status or range of statuses + should result in an error page. It can be either a status code + as a number (500), as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), or + a combination of the two (404,418,500-599). + items: + type: string + type: array + type: object + forwardAuth: + description: 'ForwardAuth holds the forward auth middleware configuration. + This middleware delegates the request authentication to a Service. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + properties: + address: + description: Address defines the authentication server address. + type: string + authRequestHeaders: + description: AuthRequestHeaders defines the list of the headers + to copy from the request to the authentication server. If not + set or empty then all request headers are passed. + items: + type: string + type: array + authResponseHeaders: + description: AuthResponseHeaders defines the list of headers to + copy from the authentication server response and set on forwarded + request, replacing any existing conflicting headers. + items: + type: string + type: array + authResponseHeadersRegex: + description: 'AuthResponseHeadersRegex defines the regex to match + headers to copy from the authentication server response and + set on forwarded request, after stripping all headers that match + the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + type: string + tls: + description: TLS defines the configuration used to secure the + connection to the authentication server. + properties: + caOptional: + type: boolean + caSecret: + description: CASecret is the name of the referenced Kubernetes + Secret containing the CA to validate the server certificate. + The CA certificate is extracted from key `tls.ca` or `ca.crt`. + type: string + certSecret: + description: CertSecret is the name of the referenced Kubernetes + Secret containing the client certificate. The client certificate + is extracted from the keys `tls.crt` and `tls.key`. + type: string + insecureSkipVerify: + description: InsecureSkipVerify defines whether the server + certificates should be validated. + type: boolean + type: object + trustForwardHeader: + description: 'TrustForwardHeader defines whether to trust (ie: + forward) all X-Forwarded-* headers.' + type: boolean + type: object + headers: + description: 'Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. More + info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + properties: + accessControlAllowCredentials: + description: AccessControlAllowCredentials defines whether the + request can include user credentials. + type: boolean + accessControlAllowHeaders: + description: AccessControlAllowHeaders defines the Access-Control-Request-Headers + values sent in preflight response. + items: + type: string + type: array + accessControlAllowMethods: + description: AccessControlAllowMethods defines the Access-Control-Request-Method + values sent in preflight response. + items: + type: string + type: array + accessControlAllowOriginList: + description: AccessControlAllowOriginList is a list of allowable + origins. Can also be a wildcard origin "*". + items: + type: string + type: array + accessControlAllowOriginListRegex: + description: AccessControlAllowOriginListRegex is a list of allowable + origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). + items: + type: string + type: array + accessControlExposeHeaders: + description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers + values sent in preflight response. + items: + type: string + type: array + accessControlMaxAge: + description: AccessControlMaxAge defines the time that a preflight + request may be cached. + format: int64 + type: integer + addVaryHeader: + description: AddVaryHeader defines whether the Vary header is + automatically added/updated when the AccessControlAllowOriginList + is set. + type: boolean + allowedHosts: + description: AllowedHosts defines the fully qualified list of + allowed domain names. + items: + type: string + type: array + browserXssFilter: + description: BrowserXSSFilter defines whether to add the X-XSS-Protection + header with the value 1; mode=block. + type: boolean + contentSecurityPolicy: + description: ContentSecurityPolicy defines the Content-Security-Policy + header value. + type: string + contentTypeNosniff: + description: ContentTypeNosniff defines whether to add the X-Content-Type-Options + header with the nosniff value. + type: boolean + customBrowserXSSValue: + description: CustomBrowserXSSValue defines the X-XSS-Protection + header value. This overrides the BrowserXssFilter option. + type: string + customFrameOptionsValue: + description: CustomFrameOptionsValue defines the X-Frame-Options + header value. This overrides the FrameDeny option. + type: string + customRequestHeaders: + additionalProperties: + type: string + description: CustomRequestHeaders defines the header names and + values to apply to the request. + type: object + customResponseHeaders: + additionalProperties: + type: string + description: CustomResponseHeaders defines the header names and + values to apply to the response. + type: object + featurePolicy: + description: 'Deprecated: use PermissionsPolicy instead.' + type: string + forceSTSHeader: + description: ForceSTSHeader defines whether to add the STS header + even when the connection is HTTP. + type: boolean + frameDeny: + description: FrameDeny defines whether to add the X-Frame-Options + header with the DENY value. + type: boolean + hostsProxyHeaders: + description: HostsProxyHeaders defines the header keys that may + hold a proxied hostname value for the request. + items: + type: string + type: array + isDevelopment: + description: IsDevelopment defines whether to mitigate the unwanted + effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, + not your production domain. If you would like your development + environment to mimic production with complete Host blocking, + SSL redirects, and STS headers, leave this as false. + type: boolean + permissionsPolicy: + description: PermissionsPolicy defines the Permissions-Policy + header value. This allows sites to control browser features. + type: string + publicKey: + description: PublicKey is the public key that implements HPKP + to prevent MITM attacks with forged certificates. + type: string + referrerPolicy: + description: ReferrerPolicy defines the Referrer-Policy header + value. This allows sites to control whether browsers forward + the Referer header to other sites. + type: string + sslForceHost: + description: 'Deprecated: use RedirectRegex instead.' + type: boolean + sslHost: + description: 'Deprecated: use RedirectRegex instead.' + type: string + sslProxyHeaders: + additionalProperties: + type: string + description: 'SSLProxyHeaders defines the header keys with associated + values that would indicate a valid HTTPS request. It can be + useful when using other proxies (example: "X-Forwarded-Proto": + "https").' + type: object + sslRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + sslTemporaryRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + stsIncludeSubdomains: + description: STSIncludeSubdomains defines whether the includeSubDomains + directive is appended to the Strict-Transport-Security header. + type: boolean + stsPreload: + description: STSPreload defines whether the preload flag is appended + to the Strict-Transport-Security header. + type: boolean + stsSeconds: + description: STSSeconds defines the max-age of the Strict-Transport-Security + header. If set to 0, the header is not set. + format: int64 + type: integer + type: object + inFlightReq: + description: 'InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and + served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + properties: + amount: + description: Amount defines the maximum amount of allowed simultaneous + in-flight request. The middleware responds with HTTP 429 Too + Many Requests if there are already amount requests in progress + (based on the same sourceCriterion strategy). + format: int64 + type: integer + sourceCriterion: + description: 'SourceCriterion defines what criterion is used to + group requests as originating from a common source. If several + strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. More + info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position + (starting from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the + X-Forwarded-For header and select the first IP not in + the list. + items: + type: string + type: array + type: object + requestHeaderName: + description: RequestHeaderName defines the name of the header + used to group incoming requests. + type: string + requestHost: + description: RequestHost defines whether to consider the request + Host as the source. + type: boolean + type: object + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + passTLSClientCert: + description: 'PassTLSClientCert holds the pass TLS client cert middleware + configuration. This middleware adds the selected data from the passed + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + properties: + info: + description: Info selects the specific client certificate details + you want to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + issuer: + description: Issuer defines the client certificate issuer + details to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + commonName: + description: CommonName defines whether to add the organizationalUnit + information into the issuer. + type: boolean + country: + description: Country defines whether to add the country + information into the issuer. + type: boolean + domainComponent: + description: DomainComponent defines whether to add the + domainComponent information into the issuer. + type: boolean + locality: + description: Locality defines whether to add the locality + information into the issuer. + type: boolean + organization: + description: Organization defines whether to add the organization + information into the issuer. + type: boolean + province: + description: Province defines whether to add the province + information into the issuer. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the serialNumber + information into the issuer. + type: boolean + type: object + notAfter: + description: NotAfter defines whether to add the Not After + information from the Validity part. + type: boolean + notBefore: + description: NotBefore defines whether to add the Not Before + information from the Validity part. + type: boolean + sans: + description: Sans defines whether to add the Subject Alternative + Name information from the Subject Alternative Name part. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the client + serialNumber information. + type: boolean + subject: + description: Subject defines the client certificate subject + details to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + commonName: + description: CommonName defines whether to add the organizationalUnit + information into the subject. + type: boolean + country: + description: Country defines whether to add the country + information into the subject. + type: boolean + domainComponent: + description: DomainComponent defines whether to add the + domainComponent information into the subject. + type: boolean + locality: + description: Locality defines whether to add the locality + information into the subject. + type: boolean + organization: + description: Organization defines whether to add the organization + information into the subject. + type: boolean + organizationalUnit: + description: OrganizationalUnit defines whether to add + the organizationalUnit information into the subject. + type: boolean + province: + description: Province defines whether to add the province + information into the subject. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the serialNumber + information into the subject. + type: boolean + type: object + type: object + pem: + description: PEM sets the X-Forwarded-Tls-Client-Cert header with + the certificate. + type: boolean + type: object + plugin: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: 'Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/' + type: object + rateLimit: + description: 'RateLimit holds the rate limit configuration. This middleware + ensures that services will receive a fair amount of requests, and + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + properties: + average: + description: Average is the maximum rate, by default in requests/s, + allowed for the given source. It defaults to 0, which means + no rate limiting. The rate is actually defined by dividing Average + by Period. So for a rate below 1req/s, one needs to define a + Period larger than a second. + format: int64 + type: integer + burst: + description: Burst is the maximum number of requests allowed to + arrive in the same arbitrarily small period of time. It defaults + to 1. + format: int64 + type: integer + period: + anyOf: + - type: integer + - type: string + description: 'Period, in combination with Average, defines the + actual maximum rate, such as: r = Average / Period. It defaults + to a second.' + x-kubernetes-int-or-string: true + sourceCriterion: + description: SourceCriterion defines what criterion is used to + group requests as originating from a common source. If several + strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote + address field (as an ipStrategy). + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position + (starting from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the + X-Forwarded-For header and select the first IP not in + the list. + items: + type: string + type: array + type: object + requestHeaderName: + description: RequestHeaderName defines the name of the header + used to group incoming requests. + type: string + requestHost: + description: RequestHost defines whether to consider the request + Host as the source. + type: boolean + type: object + type: object + redirectRegex: + description: 'RedirectRegex holds the redirect regex middleware configuration. + This middleware redirects a request using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + properties: + permanent: + description: Permanent defines whether the redirection is permanent + (301). + type: boolean + regex: + description: Regex defines the regex used to match and capture + elements from the request URL. + type: string + replacement: + description: Replacement defines how to modify the URL to have + the new target URL. + type: string + type: object + redirectScheme: + description: 'RedirectScheme holds the redirect scheme middleware + configuration. This middleware redirects requests from a scheme/port + to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + properties: + permanent: + description: Permanent defines whether the redirection is permanent + (301). + type: boolean + port: + description: Port defines the port of the new URL. + type: string + scheme: + description: Scheme defines the scheme of the new URL. + type: string + type: object + replacePath: + description: 'ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + properties: + path: + description: Path defines the path to use as replacement in the + request URL. + type: string + type: object + replacePathRegex: + description: 'ReplacePathRegex holds the replace path regex middleware + configuration. This middleware replaces the path of a URL using + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + properties: + regex: + description: Regex defines the regular expression used to match + and capture the path from the request URL. + type: string + replacement: + description: Replacement defines the replacement path format, + which can include captured variables. + type: string + type: object + retry: + description: 'Retry holds the retry middleware configuration. This + middleware reissues requests a given number of times to a backend + server if that server does not reply. As soon as the server answers, + the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + properties: + attempts: + description: Attempts defines how many times the request should + be retried. + type: integer + initialInterval: + anyOf: + - type: integer + - type: string + description: InitialInterval defines the first wait time in the + exponential backoff series. The maximum interval is calculated + as twice the initialInterval. If unspecified, requests will + be retried immediately. The value of initialInterval should + be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + x-kubernetes-int-or-string: true + type: object + stripPrefix: + description: 'StripPrefix holds the strip prefix middleware configuration. + This middleware removes the specified prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + properties: + forceSlash: + description: 'ForceSlash ensures that the resulting stripped path + is not the empty string, by replacing it with / when necessary. + Default: true.' + type: boolean + prefixes: + description: Prefixes defines the prefixes to strip from the request + URL. + items: + type: string + type: array + type: object + stripPrefixRegex: + description: 'StripPrefixRegex holds the strip prefix regex middleware + configuration. This middleware removes the matching prefixes from + the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + properties: + regex: + description: Regex defines the regular expression to match the + path prefix from the request URL. + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml new file mode 100644 index 0000000000..85302fa823 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml @@ -0,0 +1,72 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: middlewaretcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: MiddlewareTCP + listKind: MiddlewareTCPList + plural: middlewaretcps + singular: middlewaretcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP. + properties: + inFlightConn: + description: InFlightConn defines the InFlightConn middleware configuration. + properties: + amount: + description: Amount defines the maximum amount of allowed simultaneous + connections. The middleware closes the connection if there are + already amount connections opened. + format: int64 + type: integer + type: object + ipWhiteList: + description: IPWhiteList defines the IPWhiteList middleware configuration. + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml new file mode 100644 index 0000000000..d6fc3a92db --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml @@ -0,0 +1,128 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: serverstransports.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: ServersTransport + listKind: ServersTransportList + plural: serverstransports + singular: serverstransport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'ServersTransport is the CRD implementation of a ServersTransport. + If no serversTransport is specified, the default@internal will be used. + The default@internal serversTransport is created from the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServersTransportSpec defines the desired state of a ServersTransport. + properties: + certificatesSecrets: + description: CertificatesSecrets defines a list of secret storing + client certificates for mTLS. + items: + type: string + type: array + disableHTTP2: + description: DisableHTTP2 disables HTTP/2 for connections with backend + servers. + type: boolean + forwardingTimeouts: + description: ForwardingTimeouts defines the timeouts for requests + forwarded to the backend servers. + properties: + dialTimeout: + anyOf: + - type: integer + - type: string + description: DialTimeout is the amount of time to wait until a + connection to a backend server can be established. + x-kubernetes-int-or-string: true + idleConnTimeout: + anyOf: + - type: integer + - type: string + description: IdleConnTimeout is the maximum period for which an + idle HTTP keep-alive connection will remain open before closing + itself. + x-kubernetes-int-or-string: true + pingTimeout: + anyOf: + - type: integer + - type: string + description: PingTimeout is the timeout after which the HTTP/2 + connection will be closed if a response to ping is not received. + x-kubernetes-int-or-string: true + readIdleTimeout: + anyOf: + - type: integer + - type: string + description: ReadIdleTimeout is the timeout after which a health + check using ping frame will be carried out if no frame is received + on the HTTP/2 connection. + x-kubernetes-int-or-string: true + responseHeaderTimeout: + anyOf: + - type: integer + - type: string + description: ResponseHeaderTimeout is the amount of time to wait + for a server's response headers after fully writing the request + (including its body, if any). + x-kubernetes-int-or-string: true + type: object + insecureSkipVerify: + description: InsecureSkipVerify disables SSL certificate verification. + type: boolean + maxIdleConnsPerHost: + description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) + to keep per-host. + type: integer + peerCertURI: + description: PeerCertURI defines the peer cert URI used to match against + SAN URI during the peer certificate verification. + type: string + rootCAsSecrets: + description: RootCAsSecrets defines a list of CA secret used to validate + self-signed certificate. + items: + type: string + type: array + serverName: + description: ServerName defines the server name used to contact the + server. + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml new file mode 100644 index 0000000000..73667667a3 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml @@ -0,0 +1,113 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: tlsoptions.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSOption + listKind: TLSOptionList + plural: tlsoptions + singular: tlsoption + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TLSOption is the CRD implementation of a Traefik TLS Option, + allowing to configure some parameters of the TLS connection. More info: + https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSOptionSpec defines the desired state of a TLSOption. + properties: + alpnProtocols: + description: 'ALPNProtocols defines the list of supported application + level protocols for the TLS handshake, in order of preference. More + info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + items: + type: string + type: array + cipherSuites: + description: 'CipherSuites defines the list of supported cipher suites + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + items: + type: string + type: array + clientAuth: + description: ClientAuth defines the server's policy for TLS Client + Authentication. + properties: + clientAuthType: + description: ClientAuthType defines the client authentication + type to apply. + enum: + - NoClientCert + - RequestClientCert + - RequireAnyClientCert + - VerifyClientCertIfGiven + - RequireAndVerifyClientCert + type: string + secretNames: + description: SecretNames defines the names of the referenced Kubernetes + Secret storing certificate details. + items: + type: string + type: array + type: object + curvePreferences: + description: 'CurvePreferences defines the preferred elliptic curves + in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + items: + type: string + type: array + maxVersion: + description: 'MaxVersion defines the maximum TLS version that Traefik + will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, + VersionTLS13. Default: None.' + type: string + minVersion: + description: 'MinVersion defines the minimum TLS version that Traefik + will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, + VersionTLS13. Default: VersionTLS10.' + type: string + preferServerCipherSuites: + description: 'PreferServerCipherSuites defines whether the server + chooses a cipher suite among his own instead of among the client''s. + It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430' + type: boolean + sniStrict: + description: SniStrict defines whether Traefik allows connections + from clients connections that do not specify a server_name extension. + type: boolean + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml new file mode 100644 index 0000000000..12f0ad37d8 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml @@ -0,0 +1,99 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: tlsstores.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSStore + listKind: TLSStoreList + plural: tlsstores + singular: tlsstore + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For + the time being, only the TLSStore named default is supported. This means + that you cannot have two stores that are named default in different Kubernetes + namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSStoreSpec defines the desired state of a TLSStore. + properties: + certificates: + description: Certificates is a list of secret names, each secret holding + a key/certificate pair to add to the store. + items: + description: Certificate holds a secret name for the TLSStore resource. + properties: + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + type: array + defaultCertificate: + description: DefaultCertificate defines the default certificate configuration. + properties: + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + defaultGeneratedCert: + description: DefaultGeneratedCert defines the default generated certificate + configuration. + properties: + domain: + description: Domain is the domain definition for the DefaultCertificate. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain names. + items: + type: string + type: array + type: object + resolver: + description: Resolver is the name of the resolver that will be + used to issue the DefaultCertificate. + type: string + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml new file mode 100644 index 0000000000..0dcf470034 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml @@ -0,0 +1,402 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: traefikservices.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TraefikService + listKind: TraefikServiceList + plural: traefikservices + singular: traefikservice + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: - Apply weight to Services on load-balancing + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TraefikServiceSpec defines the desired state of a TraefikService. + properties: + mirroring: + description: Mirroring defines the Mirroring service configuration. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + maxBodySize: + description: MaxBodySize defines the maximum size allowed for + the body of the request. If the body is larger, the request + is not mirrored. Default value is -1, which means unlimited + size. + format: int64 + type: integer + mirrors: + description: Mirrors defines the list of mirrors where Traefik + will duplicate the traffic. + items: + description: MirrorService holds the mirror configuration. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or + if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + percent: + description: 'Percent defines the part of the traffic to + mirror. Supported values: 0 to 100.' + type: integer + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in + milliseconds, in between flushes to the client while + copying the response body. A negative value means + to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes + a response as a streaming response; for such responses, + writes are flushed to the client immediately. Default: + 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between the two + is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the + only child is the Kubernetes Service clusterIP. The Kubernetes + Service itself does load-balance to the pods. By default, NativeLB + is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host header + is forwarded to the upstream Kubernetes Service. By default, + passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. This + can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards the + response from the upstream Kubernetes Service to the client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in milliseconds, + in between flushes to the client while copying the response + body. A negative value means to flush immediately after + each write to the client. This configuration is ignored + when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https when + Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport between + Traefik and your servers. Can only be used on a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can be + accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. More + info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can only + be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy between + the servers. RoundRobin is the only supported value at the moment. + type: string + weight: + description: Weight defines the weight and should only be specified + when Name references a TraefikService object (and to be precise, + one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + weighted: + description: Weighted defines the Weighted Round Robin configuration. + properties: + services: + description: Services defines the list of Kubernetes Service and/or + TraefikService to load-balance, with weight. + items: + description: Service defines an upstream HTTP service to proxy + traffic to. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or + if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in + milliseconds, in between flushes to the client while + copying the response body. A negative value means + to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes + a response as a streaming response; for such responses, + writes are flushed to the client immediately. Default: + 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + sticky: + description: 'Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can be + accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. More + info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can only + be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml new file mode 100644 index 0000000000..89aaee7595 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml @@ -0,0 +1,275 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressroutes.traefik.io +spec: + group: traefik.io + names: + kind: IngressRoute + listKind: IngressRouteList + plural: ingressroutes + singular: ingressroute + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRoute is the CRD implementation of a Traefik HTTP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteSpec defines the desired state of IngressRoute. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: Route holds the HTTP route configuration. + properties: + kind: + description: Kind defines the kind of the route. Rule is the + only supported kind. + enum: + - Rule + type: string + match: + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule' + type: string + middlewares: + description: 'Middlewares defines the list of references to + Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware' + items: + description: MiddlewareRef is a reference to a Middleware + resource. + properties: + name: + description: Name defines the name of the referenced Middleware + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Middleware resource. + type: string + required: + - name + type: object + type: array + priority: + description: 'Priority defines the router''s priority. More + info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority' + type: integer + services: + description: Services defines the list of Service. It can contain + any combination of TraefikService and/or reference to a Kubernetes + Service. + items: + description: Service defines an upstream HTTP service to proxy + traffic to. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client + Host header is forwarded to the upstream Kubernetes + Service. By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to + the client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, + in milliseconds, in between flushes to the client + while copying the response body. A negative value + means to flush immediately after each write to the + client. This configuration is ignored when ReverseProxy + recognizes a response as a streaming response; for + such responses, writes are flushed to the client + immediately. Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the + request to the upstream Kubernetes Service. It defaults + to https when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as + JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie + can only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only + be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round + Robin). + type: integer + required: + - name + type: object + type: array + required: + - kind + - match + type: object + type: array + tls: + description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls' + properties: + certResolver: + description: 'CertResolver defines the name of the certificate + resolver to use. Cert resolvers have to be configured in the + static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + type: string + domains: + description: 'Domains defines the list of domains that will be + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + items: + description: Domain holds a domain name with SANs. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain + names. + items: + type: string + type: array + type: object + type: array + options: + description: 'Options defines the reference to a TLSOption, that + specifies the parameters of the TLS connection. If not defined, + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + name: + description: 'Name defines the name of the referenced TLSOption. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + type: string + namespace: + description: 'Namespace defines the namespace of the referenced + TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption' + type: string + required: + - name + type: object + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store defines the reference to the TLSStore, that + will be used to store certificates. Please note that only `default` + TLSStore can be used. + properties: + name: + description: 'Name defines the name of the referenced TLSStore. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + type: string + namespace: + description: 'Namespace defines the namespace of the referenced + TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore' + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml new file mode 100644 index 0000000000..82f61ac24f --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml @@ -0,0 +1,218 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressroutetcps.traefik.io +spec: + group: traefik.io + names: + kind: IngressRouteTCP + listKind: IngressRouteTCPList + plural: ingressroutetcps + singular: ingressroutetcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: RouteTCP holds the TCP route configuration. + properties: + match: + description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1' + type: string + middlewares: + description: Middlewares defines the list of references to MiddlewareTCP + resources. + items: + description: ObjectReference is a generic reference to a Traefik + resource. + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + type: array + priority: + description: 'Priority defines the router''s priority. More + info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1' + type: integer + services: + description: Services defines the list of TCP services. + items: + description: ServiceTCP defines an upstream TCP service to + proxy traffic to. + properties: + name: + description: Name defines the name of the referenced Kubernetes + Service. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + proxyProtocol: + description: 'ProxyProtocol defines the PROXY protocol + configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol' + properties: + version: + description: Version defines the PROXY Protocol version + to use. + type: integer + type: object + terminationDelay: + description: TerminationDelay defines the deadline that + the proxy sets, after one of its connected peers indicates + it has closed the writing capability of its connection, + to close the reading capability as well, hence fully + terminating the connection. It is a duration in milliseconds, + defaulting to 100. A negative value means an infinite + deadline (i.e. the reading capability is never closed). + type: integer + weight: + description: Weight defines the weight used when balancing + requests between multiple Kubernetes Service. + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: object + type: array + tls: + description: 'TLS defines the TLS configuration on a layer 4 / TCP + Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1' + properties: + certResolver: + description: 'CertResolver defines the name of the certificate + resolver to use. Cert resolvers have to be configured in the + static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers' + type: string + domains: + description: 'Domains defines the list of domains that will be + used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains' + items: + description: Domain holds a domain name with SANs. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain + names. + items: + type: string + type: array + type: object + type: array + options: + description: 'Options defines the reference to a TLSOption, that + specifies the parameters of the TLS connection. If not defined, + the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + passthrough: + description: Passthrough defines whether a TLS router will terminate + the TLS connection. + type: boolean + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store defines the reference to the TLSStore, that + will be used to store certificates. Please note that only `default` + TLSStore can be used. + properties: + name: + description: Name defines the name of the referenced Traefik + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Traefik resource. + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml new file mode 100644 index 0000000000..27c50185d0 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml @@ -0,0 +1,105 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: ingressrouteudps.traefik.io +spec: + group: traefik.io + names: + kind: IngressRouteUDP + listKind: IngressRouteUDPList + plural: ingressrouteudps + singular: ingressrouteudp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. + properties: + entryPoints: + description: 'EntryPoints defines the list of entry point names to + bind to. Entry points have to be configured in the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/ + Default: all.' + items: + type: string + type: array + routes: + description: Routes defines the list of routes. + items: + description: RouteUDP holds the UDP route configuration. + properties: + services: + description: Services defines the list of UDP services. + items: + description: ServiceUDP defines an upstream UDP service to + proxy traffic to. + properties: + name: + description: Name defines the name of the referenced Kubernetes + Service. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs + or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + weight: + description: Weight defines the weight used when balancing + requests between multiple Kubernetes Service. + type: integer + required: + - name + - port + type: object + type: array + type: object + type: array + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml new file mode 100644 index 0000000000..5a4dc3640f --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml @@ -0,0 +1,924 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: middlewares.traefik.io +spec: + group: traefik.io + names: + kind: Middleware + listKind: MiddlewareList + plural: middlewares + singular: middleware + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'Middleware is the CRD implementation of a Traefik Middleware. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareSpec defines the desired state of a Middleware. + properties: + addPrefix: + description: 'AddPrefix holds the add prefix middleware configuration. + This middleware updates the path of a request before forwarding + it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/' + properties: + prefix: + description: Prefix is the string to add before the current path + in the requested URL. It should include a leading slash (/). + type: string + type: object + basicAuth: + description: 'BasicAuth holds the basic auth middleware configuration. + This middleware restricts access to your services to known users. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/' + properties: + headerField: + description: 'HeaderField defines a header field to store the + authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + type: string + realm: + description: 'Realm allows the protected resources on a server + to be partitioned into a set of protection spaces, each with + its own authentication scheme. Default: traefik.' + type: string + removeHeader: + description: 'RemoveHeader sets the removeHeader option to true + to remove the authorization header before forwarding the request + to your service. Default: false.' + type: boolean + secret: + description: Secret is the name of the referenced Kubernetes Secret + containing user credentials. + type: string + type: object + buffering: + description: 'Buffering holds the buffering middleware configuration. + This middleware retries or limits the size of requests that can + be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes' + properties: + maxRequestBodyBytes: + description: 'MaxRequestBodyBytes defines the maximum allowed + body size for the request (in bytes). If the request exceeds + the allowed size, it is not forwarded to the service, and the + client gets a 413 (Request Entity Too Large) response. Default: + 0 (no maximum).' + format: int64 + type: integer + maxResponseBodyBytes: + description: 'MaxResponseBodyBytes defines the maximum allowed + response size from the service (in bytes). If the response exceeds + the allowed size, it is not forwarded to the client. The client + gets a 500 (Internal Server Error) response instead. Default: + 0 (no maximum).' + format: int64 + type: integer + memRequestBodyBytes: + description: 'MemRequestBodyBytes defines the threshold (in bytes) + from which the request will be buffered on disk instead of in + memory. Default: 1048576 (1Mi).' + format: int64 + type: integer + memResponseBodyBytes: + description: 'MemResponseBodyBytes defines the threshold (in bytes) + from which the response will be buffered on disk instead of + in memory. Default: 1048576 (1Mi).' + format: int64 + type: integer + retryExpression: + description: 'RetryExpression defines the retry conditions. It + is a logical combination of functions with operators AND (&&) + and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression' + type: string + type: object + chain: + description: 'Chain holds the configuration of the chain middleware. + This middleware enables to define reusable combinations of other + pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/' + properties: + middlewares: + description: Middlewares is the list of MiddlewareRef which composes + the chain. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware + resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Middleware resource. + type: string + required: + - name + type: object + type: array + type: object + circuitBreaker: + description: CircuitBreaker holds the circuit breaker configuration. + properties: + checkPeriod: + anyOf: + - type: integer + - type: string + description: CheckPeriod is the interval between successive checks + of the circuit breaker condition (when in standby state). + x-kubernetes-int-or-string: true + expression: + description: Expression is the condition that triggers the tripped + state. + type: string + fallbackDuration: + anyOf: + - type: integer + - type: string + description: FallbackDuration is the duration for which the circuit + breaker will wait before trying to recover (from a tripped state). + x-kubernetes-int-or-string: true + recoveryDuration: + anyOf: + - type: integer + - type: string + description: RecoveryDuration is the duration for which the circuit + breaker will try to recover (as soon as it is in recovering + state). + x-kubernetes-int-or-string: true + type: object + compress: + description: 'Compress holds the compress middleware configuration. + This middleware compresses responses before sending them to the + client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/' + properties: + excludedContentTypes: + description: ExcludedContentTypes defines the list of content + types to compare the Content-Type header of the incoming requests + and responses before compressing. + items: + type: string + type: array + minResponseBodyBytes: + description: 'MinResponseBodyBytes defines the minimum amount + of bytes a response body must have to be compressed. Default: + 1024.' + type: integer + type: object + contentType: + description: ContentType holds the content-type middleware configuration. + This middleware exists to enable the correct behavior until at least + the default one can be changed in a future version. + properties: + autoDetect: + description: AutoDetect specifies whether to let the `Content-Type` + header, if it has not been set by the backend, be automatically + set to a value derived from the contents of the response. As + a proxy, the default behavior should be to leave the header + alone, regardless of what the backend did with it. However, + the historic default was to always auto-detect and set the header + if it was nil, and it is going to be kept that way in order + to support users currently relying on it. + type: boolean + type: object + digestAuth: + description: 'DigestAuth holds the digest auth middleware configuration. + This middleware restricts access to your services to known users. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/' + properties: + headerField: + description: 'HeaderField defines a header field to store the + authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield' + type: string + realm: + description: 'Realm allows the protected resources on a server + to be partitioned into a set of protection spaces, each with + its own authentication scheme. Default: traefik.' + type: string + removeHeader: + description: RemoveHeader defines whether to remove the authorization + header before forwarding the request to the backend. + type: boolean + secret: + description: Secret is the name of the referenced Kubernetes Secret + containing user credentials. + type: string + type: object + errors: + description: 'ErrorPage holds the custom error middleware configuration. + This middleware returns a custom page in lieu of the default, according + to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/' + properties: + query: + description: Query defines the URL for the error page (hosted + by service). The {status} variable can be used in order to insert + the status code in the URL. + type: string + service: + description: 'Service defines the reference to a Kubernetes Service + that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service' + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between the + two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if + the only child is the Kubernetes Service clusterIP. The + Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in milliseconds, + in between flushes to the client while copying the response + body. A negative value means to flush immediately after + each write to the client. This configuration is ignored + when ReverseProxy recognizes a response as a streaming + response; for such responses, writes are flushed to + the client immediately. Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport between + Traefik and your servers. Can only be used on a Kubernetes + Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can + be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported value + at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object (and + to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + status: + description: Status defines which status or range of statuses + should result in an error page. It can be either a status code + as a number (500), as multiple comma-separated numbers (500,502), + as ranges by separating two codes with a dash (500-599), or + a combination of the two (404,418,500-599). + items: + type: string + type: array + type: object + forwardAuth: + description: 'ForwardAuth holds the forward auth middleware configuration. + This middleware delegates the request authentication to a Service. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/' + properties: + address: + description: Address defines the authentication server address. + type: string + authRequestHeaders: + description: AuthRequestHeaders defines the list of the headers + to copy from the request to the authentication server. If not + set or empty then all request headers are passed. + items: + type: string + type: array + authResponseHeaders: + description: AuthResponseHeaders defines the list of headers to + copy from the authentication server response and set on forwarded + request, replacing any existing conflicting headers. + items: + type: string + type: array + authResponseHeadersRegex: + description: 'AuthResponseHeadersRegex defines the regex to match + headers to copy from the authentication server response and + set on forwarded request, after stripping all headers that match + the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex' + type: string + tls: + description: TLS defines the configuration used to secure the + connection to the authentication server. + properties: + caOptional: + type: boolean + caSecret: + description: CASecret is the name of the referenced Kubernetes + Secret containing the CA to validate the server certificate. + The CA certificate is extracted from key `tls.ca` or `ca.crt`. + type: string + certSecret: + description: CertSecret is the name of the referenced Kubernetes + Secret containing the client certificate. The client certificate + is extracted from the keys `tls.crt` and `tls.key`. + type: string + insecureSkipVerify: + description: InsecureSkipVerify defines whether the server + certificates should be validated. + type: boolean + type: object + trustForwardHeader: + description: 'TrustForwardHeader defines whether to trust (ie: + forward) all X-Forwarded-* headers.' + type: boolean + type: object + headers: + description: 'Headers holds the headers middleware configuration. + This middleware manages the requests and responses headers. More + info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders' + properties: + accessControlAllowCredentials: + description: AccessControlAllowCredentials defines whether the + request can include user credentials. + type: boolean + accessControlAllowHeaders: + description: AccessControlAllowHeaders defines the Access-Control-Request-Headers + values sent in preflight response. + items: + type: string + type: array + accessControlAllowMethods: + description: AccessControlAllowMethods defines the Access-Control-Request-Method + values sent in preflight response. + items: + type: string + type: array + accessControlAllowOriginList: + description: AccessControlAllowOriginList is a list of allowable + origins. Can also be a wildcard origin "*". + items: + type: string + type: array + accessControlAllowOriginListRegex: + description: AccessControlAllowOriginListRegex is a list of allowable + origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). + items: + type: string + type: array + accessControlExposeHeaders: + description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers + values sent in preflight response. + items: + type: string + type: array + accessControlMaxAge: + description: AccessControlMaxAge defines the time that a preflight + request may be cached. + format: int64 + type: integer + addVaryHeader: + description: AddVaryHeader defines whether the Vary header is + automatically added/updated when the AccessControlAllowOriginList + is set. + type: boolean + allowedHosts: + description: AllowedHosts defines the fully qualified list of + allowed domain names. + items: + type: string + type: array + browserXssFilter: + description: BrowserXSSFilter defines whether to add the X-XSS-Protection + header with the value 1; mode=block. + type: boolean + contentSecurityPolicy: + description: ContentSecurityPolicy defines the Content-Security-Policy + header value. + type: string + contentTypeNosniff: + description: ContentTypeNosniff defines whether to add the X-Content-Type-Options + header with the nosniff value. + type: boolean + customBrowserXSSValue: + description: CustomBrowserXSSValue defines the X-XSS-Protection + header value. This overrides the BrowserXssFilter option. + type: string + customFrameOptionsValue: + description: CustomFrameOptionsValue defines the X-Frame-Options + header value. This overrides the FrameDeny option. + type: string + customRequestHeaders: + additionalProperties: + type: string + description: CustomRequestHeaders defines the header names and + values to apply to the request. + type: object + customResponseHeaders: + additionalProperties: + type: string + description: CustomResponseHeaders defines the header names and + values to apply to the response. + type: object + featurePolicy: + description: 'Deprecated: use PermissionsPolicy instead.' + type: string + forceSTSHeader: + description: ForceSTSHeader defines whether to add the STS header + even when the connection is HTTP. + type: boolean + frameDeny: + description: FrameDeny defines whether to add the X-Frame-Options + header with the DENY value. + type: boolean + hostsProxyHeaders: + description: HostsProxyHeaders defines the header keys that may + hold a proxied hostname value for the request. + items: + type: string + type: array + isDevelopment: + description: IsDevelopment defines whether to mitigate the unwanted + effects of the AllowedHosts, SSL, and STS options when developing. + Usually testing takes place using HTTP, not HTTPS, and on localhost, + not your production domain. If you would like your development + environment to mimic production with complete Host blocking, + SSL redirects, and STS headers, leave this as false. + type: boolean + permissionsPolicy: + description: PermissionsPolicy defines the Permissions-Policy + header value. This allows sites to control browser features. + type: string + publicKey: + description: PublicKey is the public key that implements HPKP + to prevent MITM attacks with forged certificates. + type: string + referrerPolicy: + description: ReferrerPolicy defines the Referrer-Policy header + value. This allows sites to control whether browsers forward + the Referer header to other sites. + type: string + sslForceHost: + description: 'Deprecated: use RedirectRegex instead.' + type: boolean + sslHost: + description: 'Deprecated: use RedirectRegex instead.' + type: string + sslProxyHeaders: + additionalProperties: + type: string + description: 'SSLProxyHeaders defines the header keys with associated + values that would indicate a valid HTTPS request. It can be + useful when using other proxies (example: "X-Forwarded-Proto": + "https").' + type: object + sslRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + sslTemporaryRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + stsIncludeSubdomains: + description: STSIncludeSubdomains defines whether the includeSubDomains + directive is appended to the Strict-Transport-Security header. + type: boolean + stsPreload: + description: STSPreload defines whether the preload flag is appended + to the Strict-Transport-Security header. + type: boolean + stsSeconds: + description: STSSeconds defines the max-age of the Strict-Transport-Security + header. If set to 0, the header is not set. + format: int64 + type: integer + type: object + inFlightReq: + description: 'InFlightReq holds the in-flight request middleware configuration. + This middleware limits the number of requests being processed and + served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/' + properties: + amount: + description: Amount defines the maximum amount of allowed simultaneous + in-flight request. The middleware responds with HTTP 429 Too + Many Requests if there are already amount requests in progress + (based on the same sourceCriterion strategy). + format: int64 + type: integer + sourceCriterion: + description: 'SourceCriterion defines what criterion is used to + group requests as originating from a common source. If several + strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the requestHost. More + info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position + (starting from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the + X-Forwarded-For header and select the first IP not in + the list. + items: + type: string + type: array + type: object + requestHeaderName: + description: RequestHeaderName defines the name of the header + used to group incoming requests. + type: string + requestHost: + description: RequestHost defines whether to consider the request + Host as the source. + type: boolean + type: object + type: object + ipWhiteList: + description: 'IPWhiteList holds the IP whitelist middleware configuration. + This middleware accepts / refuses requests based on the client IP. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/' + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration used + by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position (starting + from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the X-Forwarded-For + header and select the first IP not in the list. + items: + type: string + type: array + type: object + sourceRange: + description: SourceRange defines the set of allowed IPs (or ranges + of allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + passTLSClientCert: + description: 'PassTLSClientCert holds the pass TLS client cert middleware + configuration. This middleware adds the selected data from the passed + client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/' + properties: + info: + description: Info selects the specific client certificate details + you want to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + issuer: + description: Issuer defines the client certificate issuer + details to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + commonName: + description: CommonName defines whether to add the organizationalUnit + information into the issuer. + type: boolean + country: + description: Country defines whether to add the country + information into the issuer. + type: boolean + domainComponent: + description: DomainComponent defines whether to add the + domainComponent information into the issuer. + type: boolean + locality: + description: Locality defines whether to add the locality + information into the issuer. + type: boolean + organization: + description: Organization defines whether to add the organization + information into the issuer. + type: boolean + province: + description: Province defines whether to add the province + information into the issuer. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the serialNumber + information into the issuer. + type: boolean + type: object + notAfter: + description: NotAfter defines whether to add the Not After + information from the Validity part. + type: boolean + notBefore: + description: NotBefore defines whether to add the Not Before + information from the Validity part. + type: boolean + sans: + description: Sans defines whether to add the Subject Alternative + Name information from the Subject Alternative Name part. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the client + serialNumber information. + type: boolean + subject: + description: Subject defines the client certificate subject + details to add to the X-Forwarded-Tls-Client-Cert-Info header. + properties: + commonName: + description: CommonName defines whether to add the organizationalUnit + information into the subject. + type: boolean + country: + description: Country defines whether to add the country + information into the subject. + type: boolean + domainComponent: + description: DomainComponent defines whether to add the + domainComponent information into the subject. + type: boolean + locality: + description: Locality defines whether to add the locality + information into the subject. + type: boolean + organization: + description: Organization defines whether to add the organization + information into the subject. + type: boolean + organizationalUnit: + description: OrganizationalUnit defines whether to add + the organizationalUnit information into the subject. + type: boolean + province: + description: Province defines whether to add the province + information into the subject. + type: boolean + serialNumber: + description: SerialNumber defines whether to add the serialNumber + information into the subject. + type: boolean + type: object + type: object + pem: + description: PEM sets the X-Forwarded-Tls-Client-Cert header with + the certificate. + type: boolean + type: object + plugin: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: 'Plugin defines the middleware plugin configuration. + More info: https://doc.traefik.io/traefik/plugins/' + type: object + rateLimit: + description: 'RateLimit holds the rate limit configuration. This middleware + ensures that services will receive a fair amount of requests, and + allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/' + properties: + average: + description: Average is the maximum rate, by default in requests/s, + allowed for the given source. It defaults to 0, which means + no rate limiting. The rate is actually defined by dividing Average + by Period. So for a rate below 1req/s, one needs to define a + Period larger than a second. + format: int64 + type: integer + burst: + description: Burst is the maximum number of requests allowed to + arrive in the same arbitrarily small period of time. It defaults + to 1. + format: int64 + type: integer + period: + anyOf: + - type: integer + - type: string + description: 'Period, in combination with Average, defines the + actual maximum rate, such as: r = Average / Period. It defaults + to a second.' + x-kubernetes-int-or-string: true + sourceCriterion: + description: SourceCriterion defines what criterion is used to + group requests as originating from a common source. If several + strategies are defined at the same time, an error will be raised. + If none are set, the default is to use the request's remote + address field (as an ipStrategy). + properties: + ipStrategy: + description: 'IPStrategy holds the IP strategy configuration + used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy' + properties: + depth: + description: Depth tells Traefik to use the X-Forwarded-For + header and take the IP located at the depth position + (starting from the right). + type: integer + excludedIPs: + description: ExcludedIPs configures Traefik to scan the + X-Forwarded-For header and select the first IP not in + the list. + items: + type: string + type: array + type: object + requestHeaderName: + description: RequestHeaderName defines the name of the header + used to group incoming requests. + type: string + requestHost: + description: RequestHost defines whether to consider the request + Host as the source. + type: boolean + type: object + type: object + redirectRegex: + description: 'RedirectRegex holds the redirect regex middleware configuration. + This middleware redirects a request using regex matching and replacement. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex' + properties: + permanent: + description: Permanent defines whether the redirection is permanent + (301). + type: boolean + regex: + description: Regex defines the regex used to match and capture + elements from the request URL. + type: string + replacement: + description: Replacement defines how to modify the URL to have + the new target URL. + type: string + type: object + redirectScheme: + description: 'RedirectScheme holds the redirect scheme middleware + configuration. This middleware redirects requests from a scheme/port + to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/' + properties: + permanent: + description: Permanent defines whether the redirection is permanent + (301). + type: boolean + port: + description: Port defines the port of the new URL. + type: string + scheme: + description: Scheme defines the scheme of the new URL. + type: string + type: object + replacePath: + description: 'ReplacePath holds the replace path middleware configuration. + This middleware replaces the path of the request URL and store the + original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/' + properties: + path: + description: Path defines the path to use as replacement in the + request URL. + type: string + type: object + replacePathRegex: + description: 'ReplacePathRegex holds the replace path regex middleware + configuration. This middleware replaces the path of a URL using + regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/' + properties: + regex: + description: Regex defines the regular expression used to match + and capture the path from the request URL. + type: string + replacement: + description: Replacement defines the replacement path format, + which can include captured variables. + type: string + type: object + retry: + description: 'Retry holds the retry middleware configuration. This + middleware reissues requests a given number of times to a backend + server if that server does not reply. As soon as the server answers, + the middleware stops retrying, regardless of the response status. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/' + properties: + attempts: + description: Attempts defines how many times the request should + be retried. + type: integer + initialInterval: + anyOf: + - type: integer + - type: string + description: InitialInterval defines the first wait time in the + exponential backoff series. The maximum interval is calculated + as twice the initialInterval. If unspecified, requests will + be retried immediately. The value of initialInterval should + be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. + x-kubernetes-int-or-string: true + type: object + stripPrefix: + description: 'StripPrefix holds the strip prefix middleware configuration. + This middleware removes the specified prefixes from the URL path. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/' + properties: + forceSlash: + description: 'ForceSlash ensures that the resulting stripped path + is not the empty string, by replacing it with / when necessary. + Default: true.' + type: boolean + prefixes: + description: Prefixes defines the prefixes to strip from the request + URL. + items: + type: string + type: array + type: object + stripPrefixRegex: + description: 'StripPrefixRegex holds the strip prefix regex middleware + configuration. This middleware removes the matching prefixes from + the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/' + properties: + regex: + description: Regex defines the regular expression to match the + path prefix from the request URL. + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml new file mode 100644 index 0000000000..8623568f5b --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml @@ -0,0 +1,72 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: middlewaretcps.traefik.io +spec: + group: traefik.io + names: + kind: MiddlewareTCP + listKind: MiddlewareTCPList + plural: middlewaretcps + singular: middlewaretcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. + More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP. + properties: + inFlightConn: + description: InFlightConn defines the InFlightConn middleware configuration. + properties: + amount: + description: Amount defines the maximum amount of allowed simultaneous + connections. The middleware closes the connection if there are + already amount connections opened. + format: int64 + type: integer + type: object + ipWhiteList: + description: IPWhiteList defines the IPWhiteList middleware configuration. + properties: + sourceRange: + description: SourceRange defines the allowed IPs (or ranges of + allowed IPs by using CIDR notation). + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml new file mode 100644 index 0000000000..803b56395a --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml @@ -0,0 +1,128 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: serverstransports.traefik.io +spec: + group: traefik.io + names: + kind: ServersTransport + listKind: ServersTransportList + plural: serverstransports + singular: serverstransport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'ServersTransport is the CRD implementation of a ServersTransport. + If no serversTransport is specified, the default@internal will be used. + The default@internal serversTransport is created from the static configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServersTransportSpec defines the desired state of a ServersTransport. + properties: + certificatesSecrets: + description: CertificatesSecrets defines a list of secret storing + client certificates for mTLS. + items: + type: string + type: array + disableHTTP2: + description: DisableHTTP2 disables HTTP/2 for connections with backend + servers. + type: boolean + forwardingTimeouts: + description: ForwardingTimeouts defines the timeouts for requests + forwarded to the backend servers. + properties: + dialTimeout: + anyOf: + - type: integer + - type: string + description: DialTimeout is the amount of time to wait until a + connection to a backend server can be established. + x-kubernetes-int-or-string: true + idleConnTimeout: + anyOf: + - type: integer + - type: string + description: IdleConnTimeout is the maximum period for which an + idle HTTP keep-alive connection will remain open before closing + itself. + x-kubernetes-int-or-string: true + pingTimeout: + anyOf: + - type: integer + - type: string + description: PingTimeout is the timeout after which the HTTP/2 + connection will be closed if a response to ping is not received. + x-kubernetes-int-or-string: true + readIdleTimeout: + anyOf: + - type: integer + - type: string + description: ReadIdleTimeout is the timeout after which a health + check using ping frame will be carried out if no frame is received + on the HTTP/2 connection. + x-kubernetes-int-or-string: true + responseHeaderTimeout: + anyOf: + - type: integer + - type: string + description: ResponseHeaderTimeout is the amount of time to wait + for a server's response headers after fully writing the request + (including its body, if any). + x-kubernetes-int-or-string: true + type: object + insecureSkipVerify: + description: InsecureSkipVerify disables SSL certificate verification. + type: boolean + maxIdleConnsPerHost: + description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) + to keep per-host. + type: integer + peerCertURI: + description: PeerCertURI defines the peer cert URI used to match against + SAN URI during the peer certificate verification. + type: string + rootCAsSecrets: + description: RootCAsSecrets defines a list of CA secret used to validate + self-signed certificate. + items: + type: string + type: array + serverName: + description: ServerName defines the server name used to contact the + server. + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml new file mode 100644 index 0000000000..10e0a3f0e7 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml @@ -0,0 +1,122 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: serverstransporttcps.traefik.io +spec: + group: traefik.io + names: + kind: ServersTransportTCP + listKind: ServersTransportTCPList + plural: serverstransporttcps + singular: serverstransporttcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport. + If no tcpServersTransport is specified, a default one named default@internal + will be used. The default@internal tcpServersTransport can be configured + in the static configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP. + properties: + dialKeepAlive: + anyOf: + - type: integer + - type: string + description: DialKeepAlive is the interval between keep-alive probes + for an active network connection. If zero, keep-alive probes are + sent with a default value (currently 15 seconds), if supported by + the protocol and operating system. Network protocols or operating + systems that do not support keep-alives ignore this field. If negative, + keep-alive probes are disabled. + x-kubernetes-int-or-string: true + dialTimeout: + anyOf: + - type: integer + - type: string + description: DialTimeout is the amount of time to wait until a connection + to a backend server can be established. + x-kubernetes-int-or-string: true + terminationDelay: + anyOf: + - type: integer + - type: string + description: TerminationDelay defines the delay to wait before fully + terminating the connection, after one connected peer has closed + its writing capability. + x-kubernetes-int-or-string: true + tls: + description: TLS defines the TLS configuration + properties: + certificatesSecrets: + description: CertificatesSecrets defines a list of secret storing + client certificates for mTLS. + items: + type: string + type: array + insecureSkipVerify: + description: InsecureSkipVerify disables TLS certificate verification. + type: boolean + peerCertURI: + description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) + to keep per-host. PeerCertURI defines the peer cert URI used + to match against SAN URI during the peer certificate verification. + type: string + rootCAsSecrets: + description: RootCAsSecrets defines a list of CA secret used to + validate self-signed certificates. + items: + type: string + type: array + serverName: + description: ServerName defines the server name used to contact + the server. + type: string + spiffe: + description: Spiffe defines the SPIFFE configuration. + properties: + ids: + description: IDs defines the allowed SPIFFE IDs (takes precedence + over the SPIFFE TrustDomain). + items: + type: string + type: array + trustDomain: + description: TrustDomain defines the allowed SPIFFE trust + domain. + type: string + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml new file mode 100644 index 0000000000..b86fefe0e9 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml @@ -0,0 +1,113 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: tlsoptions.traefik.io +spec: + group: traefik.io + names: + kind: TLSOption + listKind: TLSOptionList + plural: tlsoptions + singular: tlsoption + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TLSOption is the CRD implementation of a Traefik TLS Option, + allowing to configure some parameters of the TLS connection. More info: + https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSOptionSpec defines the desired state of a TLSOption. + properties: + alpnProtocols: + description: 'ALPNProtocols defines the list of supported application + level protocols for the TLS handshake, in order of preference. More + info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols' + items: + type: string + type: array + cipherSuites: + description: 'CipherSuites defines the list of supported cipher suites + for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites' + items: + type: string + type: array + clientAuth: + description: ClientAuth defines the server's policy for TLS Client + Authentication. + properties: + clientAuthType: + description: ClientAuthType defines the client authentication + type to apply. + enum: + - NoClientCert + - RequestClientCert + - RequireAnyClientCert + - VerifyClientCertIfGiven + - RequireAndVerifyClientCert + type: string + secretNames: + description: SecretNames defines the names of the referenced Kubernetes + Secret storing certificate details. + items: + type: string + type: array + type: object + curvePreferences: + description: 'CurvePreferences defines the preferred elliptic curves + in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences' + items: + type: string + type: array + maxVersion: + description: 'MaxVersion defines the maximum TLS version that Traefik + will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, + VersionTLS13. Default: None.' + type: string + minVersion: + description: 'MinVersion defines the minimum TLS version that Traefik + will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, + VersionTLS13. Default: VersionTLS10.' + type: string + preferServerCipherSuites: + description: 'PreferServerCipherSuites defines whether the server + chooses a cipher suite among his own instead of among the client''s. + It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430' + type: boolean + sniStrict: + description: SniStrict defines whether Traefik allows connections + from clients connections that do not specify a server_name extension. + type: boolean + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml new file mode 100644 index 0000000000..47b46854c8 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml @@ -0,0 +1,99 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: tlsstores.traefik.io +spec: + group: traefik.io + names: + kind: TLSStore + listKind: TLSStoreList + plural: tlsstores + singular: tlsstore + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For + the time being, only the TLSStore named default is supported. This means + that you cannot have two stores that are named default in different Kubernetes + namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSStoreSpec defines the desired state of a TLSStore. + properties: + certificates: + description: Certificates is a list of secret names, each secret holding + a key/certificate pair to add to the store. + items: + description: Certificate holds a secret name for the TLSStore resource. + properties: + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + type: array + defaultCertificate: + description: DefaultCertificate defines the default certificate configuration. + properties: + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + defaultGeneratedCert: + description: DefaultGeneratedCert defines the default generated certificate + configuration. + properties: + domain: + description: Domain is the domain definition for the DefaultCertificate. + properties: + main: + description: Main defines the main domain name. + type: string + sans: + description: SANs defines the subject alternative domain names. + items: + type: string + type: array + type: object + resolver: + description: Resolver is the name of the resolver that will be + used to issue the DefaultCertificate. + type: string + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml new file mode 100644 index 0000000000..0f3475bda4 --- /dev/null +++ b/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml @@ -0,0 +1,402 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: traefikservices.traefik.io +spec: + group: traefik.io + names: + kind: TraefikService + listKind: TraefikServiceList + plural: traefikservices + singular: traefikservice + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'TraefikService is the CRD implementation of a Traefik Service. + TraefikService object allows to: - Apply weight to Services on load-balancing + - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TraefikServiceSpec defines the desired state of a TraefikService. + properties: + mirroring: + description: Mirroring defines the Mirroring service configuration. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + maxBodySize: + description: MaxBodySize defines the maximum size allowed for + the body of the request. If the body is larger, the request + is not mirrored. Default value is -1, which means unlimited + size. + format: int64 + type: integer + mirrors: + description: Mirrors defines the list of mirrors where Traefik + will duplicate the traffic. + items: + description: MirrorService holds the mirror configuration. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or + if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + percent: + description: 'Percent defines the part of the traffic to + mirror. Supported values: 0 to 100.' + type: integer + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in + milliseconds, in between flushes to the client while + copying the response body. A negative value means + to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes + a response as a streaming response; for such responses, + writes are flushed to the client immediately. Default: + 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between the two + is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the + only child is the Kubernetes Service clusterIP. The Kubernetes + Service itself does load-balance to the pods. By default, NativeLB + is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host header + is forwarded to the upstream Kubernetes Service. By default, + passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. This + can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards the + response from the upstream Kubernetes Service to the client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in milliseconds, + in between flushes to the client while copying the response + body. A negative value means to flush immediately after + each write to the client. This configuration is ignored + when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https when + Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport between + Traefik and your servers. Can only be used on a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can be + accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. More + info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can only + be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy between + the servers. RoundRobin is the only supported value at the moment. + type: string + weight: + description: Weight defines the weight and should only be specified + when Name references a TraefikService object (and to be precise, + one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + weighted: + description: Weighted defines the Weighted Round Robin configuration. + properties: + services: + description: Services defines the list of Kubernetes Service and/or + TraefikService to load-balance, with weight. + items: + description: Service defines an upstream HTTP service to proxy + traffic to. + properties: + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + name: + description: Name defines the name of the referenced Kubernetes + Service or TraefikService. The differentiation between + the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced + Kubernetes Service or TraefikService. + type: string + nativeLB: + description: NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or + if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the + pods. By default, NativeLB is false. + type: boolean + passHostHeader: + description: PassHostHeader defines whether the client Host + header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + port: + anyOf: + - type: integer + - type: string + description: Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards + the response from the upstream Kubernetes Service to the + client. + properties: + flushInterval: + description: 'FlushInterval defines the interval, in + milliseconds, in between flushes to the client while + copying the response body. A negative value means + to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes + a response as a streaming response; for such responses, + writes are flushed to the client immediately. Default: + 100ms' + type: string + type: object + scheme: + description: Scheme defines the scheme to use for the request + to the upstream Kubernetes Service. It defaults to https + when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: ServersTransport defines the name of ServersTransport + resource to use. It allows to configure the transport + between Traefik and your servers. Can only be used on + a Kubernetes Service. + type: string + sticky: + description: 'Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie + can be accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can + only be transmitted over an encrypted connection + (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: Strategy defines the load balancing strategy + between the servers. RoundRobin is the only supported + value at the moment. + type: string + weight: + description: Weight defines the weight and should only be + specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + sticky: + description: 'Sticky defines whether sticky sessions are enabled. + More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + httpOnly: + description: HTTPOnly defines whether the cookie can be + accessed by client-side APIs, such as JavaScript. + type: boolean + name: + description: Name defines the Cookie name. + type: string + sameSite: + description: 'SameSite defines the same site policy. More + info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' + type: string + secure: + description: Secure defines whether the cookie can only + be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/enterprise/traefik/25.1.13/ix_values.yaml b/enterprise/traefik/25.1.13/ix_values.yaml new file mode 100644 index 0000000000..d3efd64d50 --- /dev/null +++ b/enterprise/traefik/25.1.13/ix_values.yaml @@ -0,0 +1,441 @@ +image: + repository: tccr.io/tccr/traefik + tag: v2.10.7@sha256:1a1f160572eadb370fb6204387838df968c2f1586e0ddd1b9b379012c6465f28 + pullPolicy: IfNotPresent +manifestManager: + enabled: true +workload: + main: + replicas: 2 + strategy: RollingUpdate + podSpec: + containers: + main: + args: [] + probes: + # -- Liveness probe configuration + # @default -- See below + liveness: + # -- sets the probe type when not using a custom probe + # @default -- "TCP" + type: tcp + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + # path: "/ping" + # -- Readiness probe configuration + # @default -- See below + readiness: + # -- sets the probe type when not using a custom probe + # @default -- "TCP" + type: tcp + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + # path: "/ping" + # -- Startup probe configuration + # @default -- See below + startup: + # -- sets the probe type when not using a custom probe + # @default -- "TCP" + type: tcp + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + # path: "/ping" +# -- Options for all pods +# Can be overruled per pod +podOptions: + automountServiceAccountToken: true +operator: + register: true +# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x +ingressClass: + # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 + enabled: false + isDefaultClass: false + # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" + fallbackApiVersion: "" +# -- Create an IngressRoute for the dashboard +ingressRoute: + dashboard: + enabled: true + # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) + annotations: {} + # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) + labels: {} +# +# -- Configure providers +providers: + kubernetesCRD: + enabled: true + namespaces: [] + # - "default" + kubernetesIngress: + enabled: true + # labelSelector: environment=production,method=traefik + namespaces: [] + # - "default" + # IP used for Kubernetes Ingress endpoints + publishedService: + enabled: true + # Published Kubernetes Service to copy status from. Format: namespace/servicename + # By default this Traefik service + # pathOverride: "" +# -- Logs +# https://docs.traefik.io/observability/logs/ +logs: + # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). + general: + # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: ERROR + # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format + format: common + access: + # To enable access logs + enabled: false + # To write the logs in an asynchronous fashion, specify a bufferingSize option. + # This option represents the number of log lines Traefik will keep in memory before writing + # them to the selected output. In some cases, this option can greatly help performances. + # bufferingSize: 100 + # Filtering https://docs.traefik.io/observability/access-logs/#filtering + filters: {} + # statuscodes: "200,300-302" + # retryattempts: true + # minduration: 10ms + # Fields + # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers + fields: + general: + defaultmode: keep + names: {} + # Examples: + # ClientUsername: drop + headers: + defaultmode: drop + names: {} + # Examples: + # User-Agent: redact + # Authorization: drop + # Content-Type: keep + # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format + format: common +metrics: + main: + enabled: false + type: servicemonitor + endpoints: + - port: metrics + path: /metrics + targetSelector: metrics +globalArguments: + - "--global.checknewversion" +## +# -- Additional arguments to be passed at Traefik's binary +# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ +## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` +additionalArguments: + - "--serverstransport.insecureskipverify=true" + - "--providers.kubernetesingress.allowexternalnameservices=true" + +# -- Default clusterCertificate generated by clusterissuer +defaultCertificate: "" + +# -- Add custom DNSStore objects +tlsStore: {} + +# -- TLS Options to be created as TLSOption CRDs +# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options +# Example: +tlsOptions: + default: + sniStrict: false + minVersion: VersionTLS12 + curvePreferences: + - CurveP521 + - CurveP384 + cipherSuites: + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 +# -- Options for the main traefik service, where the entrypoints traffic comes from +# from. +service: + main: + type: LoadBalancer + ports: + main: + port: 9000 + targetPort: 9000 + protocol: http + # -- Forwarded Headers should never be enabled on Main entrypoint + forwardedHeaders: + enabled: false + # -- Proxy Protocol should never be enabled on Main entrypoint + proxyProtocol: + enabled: false + tcp: + enabled: true + type: LoadBalancer + ports: + web: + enabled: true + port: 80 + protocol: http + redirectTo: websecure + # Options: Empty, 0 (ingore), or positive int + # redirectPort: + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false + # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support + proxyProtocol: + enabled: false + # -- Only IPs in trustedIPs will lead to remote client address replacement + trustedIPs: [] + # -- Trust every incoming connection + insecureMode: false + websecure: + enabled: true + port: 443 + protocol: https + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false + # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support + proxyProtocol: + enabled: false + # -- Only IPs in trustedIPs will lead to remote client address replacement + trustedIPs: [] + # -- Trust every incoming connection + insecureMode: false + # tcpexample: + # enabled: true + # targetPort: 9443 + # protocol: tcp + # tls: + # enabled: false + # # this is the name of a TLSOption definition + # options: "" + # certResolver: "" + # domains: [] + # # - main: example.com + # # sans: + # # - foo.example.com + # # - bar.example.com + metrics: + enabled: true + type: ClusterIP + ports: + metrics: + enabled: true + port: 9180 + targetPort: 9180 + protocol: http + # -- Forwarded Headers should never be enabled on Metrics entrypoint + forwardedHeaders: + enabled: false + # -- Proxy Protocol should never be enabled on Metrics entrypoint + proxyProtocol: + enabled: false + # udp: + # enabled: false +# -- Whether Role Based Access Control objects like roles and rolebindings should be created +rbac: + main: + enabled: true + primary: true + clusterWide: true + rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.containo.us + - traefik.io + resources: + - middlewares + - middlewaretcps + - ingressroutes + - traefikservices + - ingressroutetcps + - ingressrouteudps + - tlsoptions + - tlsstores + - serverstransports + verbs: + - get + - list + - watch +# -- The service account the pods will use to interact with the Kubernetes API +serviceAccount: + main: + enabled: true + primary: true +# -- SCALE Middleware Handlers +middlewares: + basicAuth: [] + # - name: basicauthexample + # users: + # - username: testuser + # password: testpassword + forwardAuth: [] + # - name: forwardAuthexample + # address: https://auth.example.com/ + # authResponseHeaders: + # - X-Secret + # - X-Auth-User + # authRequestHeaders: + # - "Accept" + # - "X-CustomHeader" + # authResponseHeadersRegex: "^X-" + # trustForwardHeader: true + customRequestHeaders: [] + # - name: customRequestHeaderExample + # headers: + # - name: X-Custom-Header + # value: "foobar" + # - name: X-Header-To-Remove + # value: "" + customResponseHeaders: [] + # - name: customResponseHeaderExample + # headers: + # - name: X-Custom-Header + # value: "foobar" + # - name: X-Header-To-Remove + # value: "" + rewriteResponseHeaders: [] + # - name: rewriteResponseHeadersName + # headers: + # - name: "Location" + # regex: "^http://(.+)$" + # replacement: "https://$1" + # - name: "Date" + # regex: "^[^,]+,\\s*(.+)$" + # replacement: "$1" + customFrameOptionsValue: [] + # - name: customFrameOptionsValueExample + # value: "SAMEORIGIN" + buffering: [] + # - name: bufferingExample + # maxRequestBodyBytes: 1000000 + # memRequestBodyBytes: 1000000 + # maxResponseBodyBytes: 1000000 + # memResponseBodyBytes: 1000000 + # retryExpression: "IsNetworkError() && Attempts() < 2" + chain: [] + # - name: chainname + # middlewares: + # - name: compress + redirectScheme: [] + # - name: redirectSchemeName + # scheme: https + # permanent: true + rateLimit: [] + # - name: rateLimitName + # average: 300 + # burst: 200 + redirectRegex: [] + # - name: redirectRegexName + # regex: putregexhere + # replacement: replacementurlhere + # permanent: false + stripPrefixRegex: [] + # - name: stripPrefixRegexName + # regex: [] + ipWhiteList: [] + # - name: ipWhiteListName + # sourceRange: [] + # ipStrategy: + # depth: 2 + # excludedIPs: [] + themePark: [] + # - name: themeParkName + # -- Supported apps, lower case name + # -- https://docs.theme-park.dev/themes + # app: appnamehere + # -- Supported themes, lower case name + # -- https://docs.theme-park.dev/themes/APPNAMEHERE + # -- https://docs.theme-park.dev/community-themes + # theme: themenamehere + # -- https://theme-park.dev or a self hosted url + # baseUrl: https://theme-park.dev + # Sets X-Real-Ip with an IP from the X-Forwarded-For or + # Cf-Connecting-Ip (If from Cloudflare) + # Evaluation of those headers will go from last to first + realIP: [] + # - name: realIPName + # -- The real IP will be the first one that is + # -- not included in any of the CIDRs passed here + # excludedNetworks: + # - 1.1.1.1/24 + addPrefix: [] + # - name: addPrefixName + # prefix: "/foo" + geoBlock: [] + # -- https://github.com/PascalMinder/geoblock + # - name: geoBlockName + # allowLocalRequests: true + # logLocalRequests: false + # logAllowedRequests: false + # logApiRequests: false + # api: https://get.geojs.io/v1/ip/country/{ip} + # apiTimeoutMs: 500 + # cacheSize: 25 + # forceMonthlyUpdate: true + # allowUnknownCountries: false + # unknownCountryApiResponse: nil + # blackListMode: false + # countries: + # - RU + modsecurity: [] + # - name: modsecurityName + # modSecurityUrl: modSecurity container URL + # timeoutMillis: Configurated timeout + # maxBodySize: maxBodySize + ## Note: body of every request will be buffered in memory while the request is in-flight + ## (i.e.: during the security check and during the request processing by traefik and the backend), + ## so you may want to tune maxBodySize depending on how much RAM you have. +portalhook: + enabled: true +persistence: + plugins: + enabled: true + mountPath: "/plugins-storage" + type: emptyDir +portal: + open: + enabled: true + path: /dashboard/ diff --git a/enterprise/traefik/25.1.13/questions.yaml b/enterprise/traefik/25.1.13/questions.yaml new file mode 100644 index 0000000000..d6e4abd22f --- /dev/null +++ b/enterprise/traefik/25.1.13/questions.yaml @@ -0,0 +1,3402 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: Workload Settings + description: Workload Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Postgresql + description: Postgresql + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_tcportal-open_protocol" + host: + - "$kubernetes-resource_configmap_tcportal-open_host" + ports: + - "$kubernetes-resource_configmap_tcportal-open_port" + path: "$kubernetes-resource_configmap_tcportal-open_path" +questions: + - variable: global + group: General Settings + label: "Global Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: stopAll + label: Stop All + description: "Stops All Running pods and hibernates cnpg" + schema: + type: boolean + default: false + - variable: workload + group: "Workload Settings" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type (Advanced) + schema: + type: string + default: Deployment + enum: + - value: Deployment + description: Deployment + - value: DaemonSet + description: DaemonSet + - variable: replicas + label: Replicas (Advanced) + description: Set the number of Replicas + schema: + type: int + show_if: [["type", "!=", "DaemonSet"]] + default: 1 + - variable: podSpec + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: containers + label: Containers + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Container + schema: + additional_attrs: true + type: dict + attrs: + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: command + label: Command + schema: + type: list + default: [] + items: + - variable: param + label: Param + schema: + type: string + - variable: TZ + label: Timezone + group: "General Settings" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: podOptions + group: "General Settings" + label: "Global Pod Options (Advanced)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: expertPodOpts + label: "Expert - Pod Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + label: "Host Networking" + schema: + type: boolean + default: false + - variable: dnsConfig + label: "DNS Configuration" + schema: + type: dict + additional_attrs: true + attrs: + - variable: options + label: "Options" + schema: + type: list + default: [{"name": "ndots", "value": "1"}] + items: + - variable: optionsEntry + label: "Option Entry" + schema: + type: dict + additional_attrs: true + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + - variable: nameservers + label: "Nameservers" + schema: + type: list + default: [] + items: + - variable: nsEntry + label: "Nameserver Entry" + schema: + type: string + required: true + - variable: searches + label: "Searches" + schema: + type: list + default: [] + items: + - variable: searchEntry + label: "Search Entry" + schema: + type: string + required: true + + - variable: imagePullSecretList + group: "General Settings" + label: "Image Pull Secrets" + schema: + type: list + default: [] + items: + - variable: pullsecretentry + label: "Pull Secret" + schema: + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + - variable: data + label: Data + schema: + type: dict + additional_attrs: true + attrs: + - variable: registry + label: "Registry" + schema: + type: string + required: true + default: "https://index.docker.io/v1/" + - variable: username + label: "Username" + schema: + type: string + required: true + default: "" + - variable: password + label: "Password" + schema: + type: string + required: true + private: true + default: "" + - variable: email + label: "Email" + schema: + type: string + required: true + default: "" + - variable: expertIngressClass + label: Expert Mode + group: App Configuration + description: | + Expert Mode contains settings like:
+ - IngressClass
+ schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: ingressClass + label: "ingressClass" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + description: "When enabled, ingressClass will match the entered name of this app" + schema: + type: boolean + default: false + - variable: isDefaultClass + label: "isDefaultClass" + schema: + type: boolean + show_if: [["enabled", "=", true]] + default: false + - variable: logs + label: "Logs" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: level + label: "Log Level" + schema: + type: string + default: "ERROR" + enum: + - value: "INFO" + description: "Info" + - value: "WARN" + description: "Warnings" + - value: "ERROR" + description: "Errors" + - value: "FATAL" + description: "Fatal Errors" + - value: "PANIC" + description: "Panics" + - value: "DEBUG" + description: "Debug" + - variable: format + label: "General Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: access + label: "Access Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabledFilters + label: "Enable Filters" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: filters + label: "Filters" + schema: + additional_attrs: true + type: dict + attrs: + - variable: statuscodes + label: "Status codes" + schema: + type: string + default: "200,300-302" + - variable: retryattempts + label: "retryattempts" + schema: + type: boolean + default: true + - variable: minduration + label: "minduration" + schema: + type: string + default: "10ms" + - variable: fields + label: "Fields" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "keep" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: headers + label: "Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "drop" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: format + label: "Access Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: middlewares + label: "" + group: "Middlewares" + schema: + additional_attrs: true + type: dict + attrs: + - variable: basicAuth + label: basicAuth + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: users + label: Users + schema: + type: list + default: [] + items: + - variable: usersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: username + label: Username + schema: + type: string + required: true + default: "" + - variable: password + label: Password + schema: + type: string + required: true + default: "" + - variable: forwardAuth + label: forwardAuth + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: address + label: Address + schema: + type: string + required: true + default: "" + - variable: trustForwardHeader + label: trustForwardHeader + schema: + type: boolean + default: false + - variable: tls + label: TLS + schema: + additional_attrs: true + type: dict + attrs: + - variable: insecureSkipVerify + label: insecureSkipVerify (expert) + description: >- + This disables all TLS certificate validation on communications with the authentication endpoint. + This could be a security risk and should only be used if you know what you are doing. + schema: + type: boolean + default: false + - variable: authResponseHeadersRegex + label: authResponseHeadersRegex + schema: + type: string + default: "" + - variable: authResponseHeaders + label: authResponseHeaders + schema: + type: list + default: [] + items: + - variable: authResponseHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: authRequestHeaders + label: authRequestHeaders + schema: + type: list + default: [] + items: + - variable: authRequestHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: buffering + label: Buffering + schema: + type: list + default: [] + items: + - variable: bufferingEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: maxRequestBodyBytes + label: Max Request Body Bytes + description: Leave empty and it won't be set + schema: + type: string + valid_chars: '^[0-9]*$' + default: "" + - variable: memRequestBodyBytes + label: Mem Request Body Bytes + description: Leave empty and it won't be set + schema: + type: string + valid_chars: '^[0-9]*$' + default: "" + - variable: maxResponseBodyBytes + label: Max Response Body Bytes + description: Leave empty and it won't be set + schema: + type: string + valid_chars: '^[0-9]*$' + default: "" + - variable: memResponseBodyBytes + label: Mem Response Body Bytes + description: Leave empty and it won't be set + schema: + type: string + valid_chars: '^[0-9]*$' + default: "" + - variable: retryExpression + label: Retry Expression + description: Leave empty and it won't be set + schema: + type: string + default: "" + - variable: customRequestHeaders + label: Custom Request Headers + schema: + type: list + default: [] + items: + - variable: customRequestHeadersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: headers + label: Headers to Add + schema: + type: list + default: [] + items: + - variable: headersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Header Name + description: Name of custom header to be added to requests, eg. X-Custom-Header + schema: + valid_chars: ^[a-zA-Z0-9_\-]*$ + type: string + required: true + default: "" + - variable: value + label: Header Value + description: The value of the header. If the value is empty, the header will be removed. + schema: + type: string + default: "" + - variable: customResponseHeaders + label: Custom Response Headers + schema: + type: list + default: [] + items: + - variable: customResponseHeadersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: headers + label: Headers to Add + schema: + type: list + default: [] + items: + - variable: headersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Header Name + description: Name of custom header to be added to responses, eg. X-Custom-Header + schema: + valid_chars: ^[a-zA-Z0-9_\-]*$ + type: string + required: true + default: "" + - variable: value + label: Header Value + description: The value of the header. If the value is empty, the header will be removed. + schema: + type: string + default: "" + - variable: rewriteResponseHeaders + label: Rewrite Response Headers + schema: + type: list + default: [] + items: + - variable: rewriteResponseHeadersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: headers + label: Headers To Rewrite + schema: + type: list + default: [] + items: + - variable: headersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Header Name + description: Name of a header to modified in responses, eg. X-Custom-Header + schema: + valid_chars: ^[a-zA-Z0-9_\-]*$ + type: string + required: true + default: "" + - variable: regex + label: Regex + description: The value of the header to match. Accepts regex expression. + schema: + type: string + default: "" + - variable: replacement + label: Replacement Regex + description: The new value of the header. Accepts regex expression. + schema: + type: string + default: "" + - variable: customFrameOptionsValue + label: Custom Frame Options Value + schema: + type: list + default: [] + items: + - variable: customFrameOptionsValueEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: X-Frame-Options Header Value + description: The value of the header. + schema: + type: string + required: true + default: "" + - variable: chain + label: Chain + schema: + type: list + default: [] + items: + - variable: chainEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: middlewares + label: Middlewares to Chain + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: redirectScheme + label: redirectScheme + schema: + type: list + default: [] + items: + - variable: redirectSchemeEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: scheme + label: Scheme + schema: + type: string + required: true + default: https + enum: + - value: https + description: https + - value: http + description: http + - variable: permanent + label: Permanent + schema: + type: boolean + default: false + - variable: rateLimit + label: rateLimit + schema: + type: list + default: [] + items: + - variable: rateLimitEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: average + label: Average + schema: + type: int + required: true + default: 300 + - variable: burst + label: Burst + schema: + type: int + required: true + default: 200 + - variable: redirectRegex + label: redirectRegex + schema: + type: list + default: [] + items: + - variable: redirectRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: regex + label: Regex + schema: + type: string + required: true + default: "" + - variable: replacement + label: Replacement + schema: + type: string + required: true + default: "" + - variable: permanent + label: Permanent + schema: + type: boolean + default: false + - variable: stripPrefixRegex + label: stripPrefixRegex + schema: + type: list + default: [] + items: + - variable: stripPrefixRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: regex + label: Regex + schema: + type: list + default: [] + items: + - variable: regexEntry + label: Regex + schema: + type: string + required: true + default: "" + - variable: ipWhiteList + label: ipWhiteList + schema: + type: list + default: [] + items: + - variable: ipWhiteListEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: sourceRange + label: Source Range + schema: + type: list + default: [] + items: + - variable: sourceRangeEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: ipStrategy + label: IP Strategy + schema: + additional_attrs: true + type: dict + attrs: + - variable: depth + label: Depth + schema: + type: int + required: true + - variable: excludedIPs + label: Excluded IPs + schema: + type: list + default: [] + items: + - variable: excludedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: themePark + label: theme.park + schema: + type: list + default: [] + items: + - variable: themeParkEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: This is a 3rd party plugin and not maintained by TrueCharts, + for more information go to traefik-themepark + schema: + type: string + required: true + default: "" + - variable: appName + label: App Name + description: Lower case, name of the app to be themed. +
Go to https://docs.theme-park.dev/themes/ to see supported apps. + schema: + type: string + required: true + default: "" + - variable: themeName + label: Theme Name + description: Lower case, name of the theme to be applied. +
Go to https://docs.theme-park.dev/theme-options/ to see supported themes. + schema: + type: string + required: true + default: "" + - variable: baseUrl + label: Base URL + description: Replace `https://theme-park.dev` URL for self-hosting reference. + schema: + type: string + required: true + default: https://theme-park.dev + - variable: addons + label: Addons + schema: + type: list + default: [] + items: + - variable: addonEntry + label: Addon + description: Currently only supports 'darker' and '4k-logo' for *arr apps. +
Go to https://docs.theme-park.dev/themes/addons/ for Addon information. +
Go to https://github.com/packruler/traefik-themepark for more context on plugin + schema: + type: string + required: true + default: "" + - variable: realIP + label: Real IP + schema: + type: list + default: [] + items: + - variable: realIPEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: excludedNetworks + label: Excluded Networks + schema: + type: list + default: [] + items: + - variable: excludedNetEntry + label: Excluded Network Entry + description: Network to exclude setting it to X-Real-Ip + schema: + type: string + required: true + default: "" + - variable: geoBlock + label: GeoBlock + schema: + type: list + default: [] + items: + - variable: geoBlockEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: This is a 3rd party plugin and not maintained by TrueCharts, + for more information go to geoblock + schema: + type: string + required: true + default: "" + - variable: allowLocalRequests + label: Allow Local Requests + description: If set to true, will not block request from Private IP Ranges + schema: + type: boolean + default: true + - variable: logLocalRequests + label: Log Local Requests + description: If set to true, will log every connection from any IP in the private IP range + schema: + type: boolean + default: false + - variable: logAllowedRequests + label: Log Allowed Requests + description: If set to true, will show a log message with the IP and the country of origin if a request is allowed. + schema: + type: boolean + default: false + - variable: logApiRequests + label: Log API Requests + description: If set to true, will show a log message for every API hit. + schema: + type: boolean + default: false + - variable: api + label: API + description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL. + schema: + type: string + required: true + default: https://get.geojs.io/v1/ip/country/{ip} + - variable: apiTimeoutMs + label: API Timeout in ms + description: Timeout for the call to the api uri. + schema: + type: int + required: true + default: 500 + - variable: cacheSize + label: Cache Size + description: Defines the max size of the LRU (least recently used) cache. + schema: + type: int + required: true + default: 25 + - variable: forceMonthlyUpdate + label: Force Monthly Update + description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month. + schema: + type: boolean + default: true + - variable: allowUnknownCountries + label: Allow Unknown Countries + description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed. + schema: + type: boolean + default: false + - variable: unknownCountryApiResponse + label: Unknown Countries API Response + description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested. + schema: + type: string + required: true + default: nil + - variable: blackListMode + label: Blacklist Mode + description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked. + schema: + type: boolean + default: false + - variable: countries + description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode. + label: Countries + schema: + type: list + default: [] + items: + - variable: countryEntry + label: Country + description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode. + schema: + type: string + required: true + # Allow only 2 Characters + valid_chars: '^[a-zA-Z]{2}$' + default: "" + - variable: addPrefix + label: Add Prefix + schema: + type: list + default: [] + items: + - variable: addPrefixEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: prefix + label: Prefix + schema: + type: string + required: true + default: "" + - variable: modsecurity + label: modsecurity + schema: + type: list + default: [] + items: + - variable: modsecurityEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: This is a 3rd party plugin and not maintained by TrueCharts, + for more information go to traefik-modsecurity-plugin + schema: + type: string + required: true + default: "" + - variable: modSecurityUrl + label: ModSecurity Url + description: It's the URL for the owasp/modsecurity container. + schema: + type: string + required: true + default: "https://someurl" + - variable: timeoutMillis + label: timeout Millis + description: timeout in milliseconds for the http client to talk with modsecurity container. ( + schema: + type: int + required: true + default: 2 + - variable: maxBodySize + label: maxBody Size + description: it's the maximum limit for requests body size. Requests exceeding this value will be rejected using HTTP 413 Request Entity Too Large. Zero means "use default value". + schema: + type: int + required: true + default: 0 + - variable: service + group: "Networking and Services" + label: "Configure Service Entrypoint" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9000 + required: true + - variable: tcp + label: "TCP Service" + description: "The tcp Entrypoint service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: web + label: "web Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 80 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + default: "websecure" + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: websecure + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 443 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + hidden: true + - variable: portsList + label: "Additional TCP Entrypoints" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom Entrypoints" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Entrypoints Name" + schema: + type: string + default: "" + - variable: protocol + label: "Entrypoints Type" + schema: + type: string + default: "tcp" + enum: + - value: http + description: "HTTP" + - value: "https" + description: "HTTPS" + - value: tcp + description: "TCP" + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name (Optional) + description: Defaults to chart name + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description (Optional) + description: Defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: icon + label: Icon (Optional) + description: Defaults to chart icon + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: widget + label: Widget Settings + schema: + type: dict + additional_attrs: true + show_if: [["enabled", "=", true]] + attrs: + - variable: enabled + label: Enable Widget + description: When disabled all widget annotations are skipped. + schema: + type: boolean + default: true + - variable: custom + label: Options + schema: + type: dict + additional_attrs: true + attrs: + - variable: key + label: API-key (key) + schema: + type: string + default: "" + - variable: customkv + label: Custom Options + schema: + type: list + default: [] + items: + - variable: option + label: Option + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + default: "" + required: true + - variable: value + label: Value + schema: + type: string + default: "" + required: true + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: overrideService + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + show_if: [["certificateIssuer", "=", ""]] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: scaleCert + label: Use TrueNAS SCALE Certificate (Deprecated) + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: Use Custom Secret (Advanced) + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: "Allow Cross Origin Requests" + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: namespace + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description + description: defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: securityContext + group: Security and Permissions + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: container + label: Container + schema: + additional_attrs: true + type: dict + attrs: + # Settings from questions.yaml get appended here on a per-app basis + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID of the user running the application" + schema: + type: int + default: 568 + # Settings from questions.yaml get appended here on a per-app basis + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + show_if: [["runAsUser", "=", 0]] + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "0022" + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: pod + label: Pod + schema: + additional_attrs: true + type: dict + attrs: + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + # Settings from questions.yaml get appended here on a per-app basis + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: resources + group: Resources and Devices + label: "Resource Limits" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + hidden: true + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 10m + hidden: true + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 50Mi + hidden: true + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: device + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: scaleGPUEntry + label: GPU + schema: + additional_attrs: true + type: dict + attrs: + # Specify GPU configuration + - variable: gpu + label: Select GPU + schema: + additional_attrs: true + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + - variable: workaround + label: "Workaround" + schema: + type: string + default: workaround + hidden: true + - variable: metrics + group: Metrics + label: Prometheus Metrics + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Metrics + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + description: Enable Prometheus Metrics + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: prometheusRule + label: PrometheusRule + description: Enable and configure Prometheus Rules for the App. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + description: Enable Prometheus Metrics + schema: + type: boolean + default: false + # TODO: Rule List section +# - variable: horizontalPodAutoscaler +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# type: list +# default: [] +# items: +# - variable: hpaEntry +# label: HPA Entry +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: name +# label: Name +# schema: +# type: string +# required: true +# default: "" +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: ingress + label: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: gluetun + description: Gluetun + - value: tailscale + description: Tailscale + - value: openvpn + description: OpenVPN (Deprecated) + - value: wireguard + description: Wireguard (Deprecated) + - variable: openvpn + label: OpenVPN Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + show_if: [["username", "!=", ""]] + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: auth_once + label: Auth Once + description: Only attempt to log in if not already logged in. + schema: + type: boolean + default: true + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: The address on which to listen for SOCKS5 proxying into the tailscale net. + schema: + type: string + default: "" + - variable: outbound_http_proxy_listen + label: Outbound HTTP Proxy Listen + description: The address on which to listen for HTTP proxying into the tailscale net. + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: string + show_if: [["type", "!=", "disabled"]] + default: "" + + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + max_length: 10240 + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true + - variable: warning + group: Documentation + label: 'WARNING: If installed, be sure to move the TrueNAS GUI to another port (not 80 or 443).' + description: 'See:
https://truecharts.org/charts/enterprise/traefik/how-to for more info.' + schema: + additional_attrs: true + type: dict + attrs: + - variable: warningconfim + label: I am aware that I will brick my system, if I did not follow the instructions. + schema: + type: boolean + default: true + required: true diff --git a/enterprise/velero/3.1.12/templates/NOTES.txt b/enterprise/traefik/25.1.13/templates/NOTES.txt similarity index 100% rename from enterprise/velero/3.1.12/templates/NOTES.txt rename to enterprise/traefik/25.1.13/templates/NOTES.txt diff --git a/enterprise/traefik/25.1.13/templates/_args.tpl b/enterprise/traefik/25.1.13/templates/_args.tpl new file mode 100644 index 0000000000..06e39a4689 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_args.tpl @@ -0,0 +1,194 @@ +{{/* Define the args */}} +{{- define "traefik.args" -}} +args: + {{/* merge all ports */}} + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{/* start of actual arguments */}} + {{- with .Values.globalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- range $name, $config := $ports }} + {{- if $config }} + {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }} + {{- $_ := set $config "protocol" "tcp" }} + {{- end }} + - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}" + {{- end }} + {{- end }} + - "--api.dashboard=true" + - "--ping=true" + {{- if .Values.traefikMetrics }} + {{- if .Values.traefikMetrics.datadog }} + - "--metrics.datadog=true" + - "--metrics.datadog.address={{ .Values.traefikMetrics.datadog.address }}" + {{- end }} + {{- if .Values.traefikMetrics.influxdb }} + - "--metrics.influxdb=true" + - "--metrics.influxdb.address={{ .Values.traefikMetrics.influxdb.address }}" + - "--metrics.influxdb.protocol={{ .Values.traefikMetrics.influxdb.protocol }}" + {{- end }} + {{- if .Values.traefikMetrics.statsd }} + - "--metrics.statsd=true" + - "--metrics.statsd.address={{ .Values.traefikMetrics.statsd.address }}" + {{- if or .Values.traefikMetrics.prometheus }} + - "--metrics.prometheus=true" + - "--metrics.prometheus.entrypoint=metrics" + {{- end }} + {{- end }} + {{- end }} + {{- if or .Values.metrics.main.enabled }} + - "--metrics.prometheus=true" + - "--metrics.prometheus.entrypoint=metrics" + {{- end }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress" + {{- if .Values.providers.kubernetesIngress.publishedService.enabled }} + - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.labelSelector }} + - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}" + {{- end }} + {{- end }} + {{- if and .Values.rbac.enabled .Values.rbac.namespaced }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}" + {{- end }} + {{- end }} + {{- if $.Values.ingressClass.enabled }} + - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}" + {{- end }} + {{- range $entrypoint, $config := $ports }} + {{/* add args for proxyProtocol support */}} + {{- if $config.proxyProtocol }} + {{- if $config.proxyProtocol.enabled }} + {{- if $config.proxyProtocol.insecureMode }} + - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure" + {{- end }} + {{- if not ( empty $config.proxyProtocol.trustedIPs ) }} + - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}" + {{- end }} + {{- end }} + {{- end }} + {{/* add args for forwardedHeaders support */}} + {{- if $config.forwardedHeaders.enabled }} + {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}" + {{- end }} + {{- if $config.forwardedHeaders.insecureMode }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure" + {{- end }} + {{- end }} + {{/* end forwardedHeaders configuration */}} + {{- if $config.redirectTo }} + {{- $toPort := index $ports $config.redirectTo }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- else if $config.redirectPort }} + {{ if gt $config.redirectPort 0.0 }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- end }} + {{- end }} + {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }} + {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }} + - "--entrypoints.{{ $entrypoint }}.http.tls=true" + {{- if $config.tls.options }} + - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}" + {{- end }} + {{- if $config.tls.certResolver }} + - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}" + {{- end }} + {{- if $config.tls.domains }} + {{- range $index, $domain := $config.tls.domains }} + {{- if $domain.main }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}" + {{- end }} + {{- if $domain.sans }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.logs }} + - "--log.format={{ .general.format }}" + {{- if ne .general.level "ERROR" }} + - "--log.level={{ .general.level | upper }}" + {{- end }} + {{- if .access.enabled }} + - "--accesslog=true" + - "--accesslog.format={{ .access.format }}" + {{- if .access.bufferingsize }} + - "--accesslog.bufferingsize={{ .access.bufferingsize }}" + {{- end }} + {{- if .access.filters }} + {{- if .access.filters.statuscodes }} + - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}" + {{- end }} + {{- if .access.filters.retryattempts }} + - "--accesslog.filters.retryattempts" + {{- end }} + {{- if .access.filters.minduration }} + - "--accesslog.filters.minduration={{ .access.filters.minduration }}" + {{- end }} + {{- end }} + - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.general.names }} + - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.headers.names }} + - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + {{- end }} + {{- end }} + {{/* + For new plugins, add them on the container also + https://github.com/truecharts/containers/blob/master/mirror/traefik/Dockerfile + moduleName must match on the container and here + */}} + {{- if .Values.middlewares.themePark }} + {{/* theme.park */}} + - "--experimental.localPlugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark" + {{- end }} + {{/* End of theme.park */}} + {{/* GeoBlock */}} + {{- if .Values.middlewares.geoBlock }} + - "--experimental.localPlugins.GeoBlock.modulename=github.com/PascalMinder/geoblock" + {{- end }} + {{/* End of GeoBlock */}} + {{/* RealIP */}} + {{- if .Values.middlewares.realIP }} + - "--experimental.localPlugins.traefik-real-ip.modulename=github.com/jramsgz/traefik-real-ip" + {{- end }} + {{/* End of RealIP */}} + {{/* ModSecurity */}} + {{- if .Values.middlewares.modsecurity }} + - "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin" + {{- end }} + {{/* End of ModSecurity */}} + {{/* RewriteResponseHeaders */}} + {{- if .Values.middlewares.rewriteResponseHeaders }} + - "--experimental.localPlugins.rewriteResponseHeaders.modulename=github.com/XciD/traefik-plugin-rewrite-headers" + {{- end }} + {{/* End of RewriteResponseHeaders */}} + {{- with .Values.additionalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/_helpers.tpl b/enterprise/traefik/25.1.13/templates/_helpers.tpl new file mode 100644 index 0000000000..1345dcea39 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_helpers.tpl @@ -0,0 +1,22 @@ +{{/* +Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice. +By convention this will simply use the / to match the name of the +service generated. +Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride` +*/}} +{{- define "providers.kubernetesIngress.publishedServicePath" -}} +{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} +{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}} +{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }} +{{- print $servicePath | trimSuffix "-" -}} +{{- end -}} + +{{/* +Construct a comma-separated list of whitelisted namespaces +*/}} +{{- define "providers.kubernetesIngress.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }} +{{- end -}} +{{- define "providers.kubernetesCRD.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/_ingressclass.tpl b/enterprise/traefik/25.1.13/templates/_ingressclass.tpl new file mode 100644 index 0000000000..4213783865 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_ingressclass.tpl @@ -0,0 +1,24 @@ +{{/* Define the ingressClass */}} +{{- define "traefik.ingressClass" -}} +--- +{{ if $.Values.ingressClass.enabled }} + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }} +apiVersion: networking.k8s.io/v1 + {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }} +apiVersion: networking.k8s.io/v1beta1 + {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }} +apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }} + {{- else }} + {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }} + {{- end }} +kind: IngressClass +metadata: + annotations: + ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }} + labels: + {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }} + name: {{ .Release.Name }} +spec: + controller: traefik.io/ingress-controller +{{- end }} +{{- end }} diff --git a/enterprise/traefik/25.1.13/templates/_ingressroute.tpl b/enterprise/traefik/25.1.13/templates/_ingressroute.tpl new file mode 100644 index 0000000000..8e1d0f4e3f --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_ingressroute.tpl @@ -0,0 +1,34 @@ +{{/* Define the ingressRoute */}} +{{- define "traefik.ingressRoute" -}} +{{ if .Values.ingressRoute.dashboard.enabled }} + +{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels }} +{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations }} + +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard + {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} + labels: + {{- . | nindent 4 }} + {{- end }} + {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} + {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} + annotations: + {{- . | nindent 4 }} + {{- end }} + +spec: + entryPoints: + - main + routes: + - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`) + kind: Rule + services: + - name: api@internal + kind: TraefikService +{{ end }} +{{- end }} diff --git a/enterprise/traefik/25.1.13/templates/_portalhook.tpl b/enterprise/traefik/25.1.13/templates/_portalhook.tpl new file mode 100644 index 0000000000..ec69a695ca --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_portalhook.tpl @@ -0,0 +1,24 @@ +{{/* Define the portalHook */}} +{{- define "traefik.portalhook" -}} +{{- if .Values.portalhook.enabled -}} + {{- $name := "portalhook" -}} + {{- if $.Values.ingressClass.enabled -}} + {{- $name = printf "portalhook-%v" .Release.Name -}} + {{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $name }} +data: + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{- range $name, $value := $ports }} + {{ $name }}: {{ $value.port | quote }} + {{- end }} +{{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl b/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl new file mode 100644 index 0000000000..163b536442 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl @@ -0,0 +1,13 @@ +{{/* Define the tlsOptions */}} +{{- define "traefik.tlsOptions" -}} +{{- range $name, $config := .Values.tlsOptions }} + +--- +apiVersion: traefik.io/v1alpha1 +kind: TLSOption +metadata: + name: {{ $name }} +spec: + {{- toYaml $config | nindent 2 }} +{{- end }} +{{- end }} diff --git a/enterprise/traefik/25.1.13/templates/_tlsstore.tpl b/enterprise/traefik/25.1.13/templates/_tlsstore.tpl new file mode 100644 index 0000000000..17908e2920 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/_tlsstore.tpl @@ -0,0 +1,26 @@ +{{/* Define the tlsOptions */}} +{{- define "traefik.tlsstore" -}} +{{- if .Values.defaultCertificate }} +--- +apiVersion: traefik.io/v1alpha1 +kind: TLSStore +metadata: + name: default +spec: + certificates: + - secretName: clusterissuer-templated-{{ tpl .Values.defaultCertificate $ }} + defaultCertificate: + secretName: clusterissuer-templated-{{ tpl .Values.defaultCertificate $ }} +{{- end }} + +{{- range $name, $config := .Values.tlsStore }} + +--- +apiVersion: traefik.io/v1alpha1 +kind: TLSStore +metadata: + name: {{ $name }} +spec: + {{- toYaml $config | nindent 2 }} +{{- end }} +{{- end }} diff --git a/enterprise/traefik/25.1.13/templates/common.yaml b/enterprise/traefik/25.1.13/templates/common.yaml new file mode 100644 index 0000000000..d00c5ec4cc --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/common.yaml @@ -0,0 +1,24 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.v1.common.loader.init" . }} + +{{- $newArgs := (include "traefik.args" . | fromYaml) }} +{{- $_ := set .Values "newArgs" $newArgs -}} +{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }} +{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}} + +{{- include "traefik.portalhook" . }} +{{- include "traefik.tlsstore" . }} +{{- include "traefik.tlsOptions" . }} +{{- include "traefik.ingressRoute" . }} +{{- include "traefik.ingressClass" . }} + +{{- with .Values.ingress -}} + {{- with .main -}} + {{- if .enabled -}} + {{- $_ := set $.Values.portal.open.override "protocol" "https" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* Render the templates */}} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml b/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml new file mode 100644 index 0000000000..4713823364 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml @@ -0,0 +1,12 @@ +{{- range $index, $middlewareData := .Values.middlewares.addPrefix }} + +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + addPrefix: + prefix: {{ $middlewareData.prefix }} +{{- end }} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml new file mode 100644 index 0000000000..ef4671254e --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + compress: {} +--- +# Here, an average of 300 requests per second is allowed. +# In addition, a burst of 200 requests is allowed. +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + rateLimit: + average: 600 + burst: 400 +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-chain-basic" $.Release.Name) "chain-basic" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + chain: + middlewares: + - name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml b/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml new file mode 100644 index 0000000000..1bbdc462b3 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml @@ -0,0 +1,30 @@ +{{- range $index, $middlewareData := .Values.middlewares.basicAuth -}} + + {{- $users := list -}} + {{- range $index, $userdata := $middlewareData.users -}} + {{- $users = append $users (htpasswd $userdata.username $userdata.password) -}} + {{- end }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%v-%v" $middlewareData.name "secret" }} + namespace: {{ $.Release.Namespace }} +type: Opaque +stringData: + users: | + {{- range $index, $user := $users }} + {{ printf "%s" $user }} + {{- end }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + basicAuth: + secret: {{ printf "%v-%v" $middlewareData.name "secret" }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml b/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml new file mode 100644 index 0000000000..eade09784e --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml @@ -0,0 +1,26 @@ +{{- range $index, $middlewareData := .Values.middlewares.buffering }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + buffering: {{/* Only render if its not and has a value of 0 or greater */}} + {{- if and (not (kindIs "invalid" $middlewareData.maxRequestBodyBytes)) (ge ($middlewareData.maxRequestBodyBytes | int) 0) }} + maxRequestBodyBytes: {{ $middlewareData.maxRequestBodyBytes }} + {{- end -}} + {{- if and (not (kindIs "invalid" $middlewareData.memRequestBodyBytes)) (ge ($middlewareData.memRequestBodyBytes | int) 0) }} + memRequestBodyBytes: {{ $middlewareData.memRequestBodyBytes }} + {{- end -}} + {{- if and (not (kindIs "invalid" $middlewareData.maxResponseBodyBytes)) (ge ($middlewareData.maxResponseBodyBytes | int) 0) }} + maxResponseBodyBytes: {{ $middlewareData.maxResponseBodyBytes }} + {{- end -}} + {{- if and (not (kindIs "invalid" $middlewareData.memResponseBodyBytes)) (ge ($middlewareData.memResponseBodyBytes | int) 0) }} + memResponseBodyBytes: {{ $middlewareData.memResponseBodyBytes }} + {{- end -}} + {{- if $middlewareData.retryExpression }} + retryExpression: {{ $middlewareData.retryExpression | quote }} + {{- end -}} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml b/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml new file mode 100644 index 0000000000..17d8853fb0 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml @@ -0,0 +1,21 @@ +{{- $values := .Values -}} +{{- $namespace := $.Release.Namespace -}} +{{- if $.Values.ingressClass.enabled -}} + {{- $namespace := (printf "%v-%v" $namespace .Release.Name) -}} +{{- end -}} + +{{- range $index, $middlewareData := .Values.middlewares.chain }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + chain: + middlewares: + {{- range $index, $middleware := .middlewares }} + - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml new file mode 100644 index 0000000000..9b9f2b6606 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml @@ -0,0 +1,12 @@ +{{- range $index, $middlewareData := .Values.middlewares.customFrameOptionsValue }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + customFrameOptionsValue: {{ $middlewareData.value }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml new file mode 100644 index 0000000000..3c43a131a1 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml @@ -0,0 +1,15 @@ +{{- range $index, $middlewareData := .Values.middlewares.customRequestHeaders }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + customRequestHeaders: + {{- range $index, $customRequestHeader := $middlewareData.headers }} + {{ $customRequestHeader.name }}: {{ $customRequestHeader.value | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml new file mode 100644 index 0000000000..a75db8a338 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml @@ -0,0 +1,15 @@ +{{- range $index, $middlewareData := .Values.middlewares.customResponseHeaders }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + customResponseHeaders: + {{- range $index, $customResponseHeader := $middlewareData.headers }} + {{ $customResponseHeader.name }}: {{ $customResponseHeader.value | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml b/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml new file mode 100644 index 0000000000..787fa79682 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml @@ -0,0 +1,29 @@ +{{- range $index, $middlewareData := .Values.middlewares.forwardAuth }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + forwardAuth: + address: {{ $middlewareData.address }} + {{- with $middlewareData.authResponseHeaders }} + authResponseHeaders: + {{- toYaml . | nindent 4 }} + {{- end -}} + {{- with $middlewareData.authRequestHeaders }} + authRequestHeaders: + {{- toYaml . | nindent 4 }} + {{- end -}} + {{- if $middlewareData.authResponseHeadersRegex }} + authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }} + {{- end -}} + {{- if $middlewareData.trustForwardHeader }} + trustForwardHeader: true + {{- end -}} + {{- with $middlewareData.tls }} + tls: + insecureSkipVerify: {{ .insecureSkipVerify | default false }} + {{- end -}} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml b/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml new file mode 100644 index 0000000000..2a647778e5 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml @@ -0,0 +1,29 @@ +{{- range $index, $middlewareData := .Values.middlewares.geoBlock }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + plugin: + GeoBlock: + allowLocalRequests: {{ $middlewareData.allowLocalRequests }} + logLocalRequests: {{ $middlewareData.logLocalRequests }} + logAllowedRequests: {{ $middlewareData.logAllowedRequests }} + logApiRequests: {{ $middlewareData.logApiRequests }} + api: {{ $middlewareData.api }} + apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }} + cacheSize: {{ $middlewareData.cacheSize }} + forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }} + allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }} + unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }} + blackListMode: {{ $middlewareData.blackListMode }} + {{- if not $middlewareData.countries -}} + {{- fail "You have to define at least one country..." -}} + {{- end }} + countries: + {{- range $middlewareData.countries }} + - {{ . }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml new file mode 100644 index 0000000000..fc876aca5f --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml @@ -0,0 +1,27 @@ +{{- range $index, $middlewareData := .Values.middlewares.ipWhiteList }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + ipWhiteList: + sourceRange: + {{- range $middlewareData.sourceRange }} + - {{ . }} + {{- end }} + {{- if $middlewareData.ipStrategy }} + ipStrategy: + {{- if $middlewareData.ipStrategy.depth }} + depth: {{ $middlewareData.ipStrategy.depth }} + {{- end -}} + {{- if $middlewareData.ipStrategy.excludedIPs }} + excludedIPs: + {{- range $middlewareData.ipStrategy.excludedIPs }} + - {{ . }} + {{- end }} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml b/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml new file mode 100644 index 0000000000..07a8d5d358 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml @@ -0,0 +1,14 @@ +{{- range $index, $middlewareData := .Values.middlewares.modsecurity }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + plugin: + traefik-modsecurity-plugin: + modSecurityUrl: {{ $middlewareData.modSecurityUrl }} + timeoutMillis: {{ $middlewareData.timeoutMillis }} + maxBodySize: {{ $middlewareData.maxBodySize }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml b/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml new file mode 100644 index 0000000000..cd9117633f --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml @@ -0,0 +1,13 @@ +{{- range $index, $middlewareData := .Values.middlewares.rateLimit }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + rateLimit: + average: {{ $middlewareData.average }} + burst: {{ $middlewareData.burst }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml b/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml new file mode 100644 index 0000000000..2877d9ce7f --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml @@ -0,0 +1,15 @@ +{{- range $index, $middlewareData := .Values.middlewares.realIP }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + plugin: + traefik-real-ip: + excludednets: + {{- range $middlewareData.excludedNetworks }} + - {{ . | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml new file mode 100644 index 0000000000..09f3093998 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml @@ -0,0 +1,13 @@ +{{- range $index, $middlewareData := .Values.middlewares.redirectScheme }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + redirectScheme: + scheme: {{ $middlewareData.scheme }} + permanent: {{ $middlewareData.permanent }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml b/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml new file mode 100644 index 0000000000..30f44f9081 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml @@ -0,0 +1,14 @@ +{{- range $index, $middlewareData := .Values.middlewares.redirectRegex }} +--- +# Declaring the user list +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + redirectRegex: + regex: {{ $middlewareData.regex | quote }} + replacement: {{ $middlewareData.replacement | quote }} + permanent: {{ $middlewareData.permanent }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml new file mode 100644 index 0000000000..d7bfdcdbe0 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml @@ -0,0 +1,17 @@ +{{- range $index, $middlewareData := .Values.middlewares.rewriteResponseHeaders }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + plugin: + rewriteResponseHeaders: + rewrites: + {{- range $index, $rewriteResponseHeader := $middlewareData.headers }} + - header: {{ $rewriteResponseHeader.name }} + regex: {{ $rewriteResponseHeader.regex | quote }} + replacement: {{ $rewriteResponseHeader.replacement | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml new file mode 100644 index 0000000000..6fd4c8c997 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml @@ -0,0 +1,14 @@ +{{- range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + stripPrefixRegex: + regex: + {{- range $middlewareData.regex }} + - {{ . | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml new file mode 100644 index 0000000000..5566d77c14 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-chain") "tc-opencors-chain" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + chain: + middlewares: + - name: {{ ternary (printf "%v-%v" $.Release.Name "basic-ratelimit") "basic-ratelimit" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-headers") "tc-opencors-headers" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-%v" $.Release.Name "compress") "compress" $.Values.ingressClass.enabled }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-chain") "tc-closedcors-chain" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + chain: + middlewares: + - name: {{ ternary (printf "%v-%v" $.Release.Name "basic-ratelimit") "basic-ratelimit" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-headers") "tc-closedcors-headers" $.Values.ingressClass.enabled }} + - name: {{ ternary (printf "%v-%v" $.Release.Name "compress") "compress" $.Values.ingressClass.enabled }} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml new file mode 100644 index 0000000000..b0500afc70 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-headers") "tc-opencors-headers" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + accessControlAllowHeaders: + - '*' + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + - POST + accessControlAllowOriginList: + - '*' + accessControlMaxAge: 100 + browserXssFilter: true + contentTypeNosniff: true + customRequestHeaders: + X-Forwarded-Proto: https + customResponseHeaders: + server: "" + forceSTSHeader: true + referrerPolicy: same-origin + sslForceHost: true + sslRedirect: true + stsSeconds: 63072000 +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-headers") "tc-closedcors-headers" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + sslRedirect: true + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + sslForceHost: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml new file mode 100644 index 0000000000..fcb09becb9 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-redirectregex-dav") "tc-nextcloud-redirectregex-dav" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + redirectRegex: + regex: "https://(.*)/.well-known/(card|cal)dav" + replacement: "https://${1}/remote.php/dav/" +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-chain") "tc-nextcloud-chain" $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + chain: + middlewares: + - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-redirectregex-dav") "tc-nextcloud-redirectregex-dav" $.Values.ingressClass.enabled }} diff --git a/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml b/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml new file mode 100644 index 0000000000..16abf2e2f3 --- /dev/null +++ b/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml @@ -0,0 +1,20 @@ +{{- range $index, $middlewareData := .Values.middlewares.themePark }} +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }} + namespace: {{ $.Release.Namespace }} +spec: + plugin: + traefik-themepark: + app: {{ $middlewareData.appName }} + theme: {{ $middlewareData.themeName }} + baseUrl: {{ $middlewareData.baseUrl }} + {{- if $middlewareData.addons }} + addons: + {{- range $middlewareData.addons }} + - {{ . | quote }} + {{- end }} + {{- end -}} +{{- end -}} diff --git a/enterprise/velero/3.1.12/values.yaml b/enterprise/traefik/25.1.13/values.yaml similarity index 100% rename from enterprise/velero/3.1.12/values.yaml rename to enterprise/traefik/25.1.13/values.yaml diff --git a/enterprise/vaultwarden/25.1.10/CHANGELOG.md b/enterprise/vaultwarden/25.1.10/CHANGELOG.md new file mode 100644 index 0000000000..e8630b88cd --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/CHANGELOG.md @@ -0,0 +1,99 @@ +--- +title: Changelog +--- + +**Important:** +*for the complete changelog, please refer to the website* + + + +## [vaultwarden-25.1.10](https://github.com/truecharts/charts/compare/vaultwarden-25.1.9...vaultwarden-25.1.10) (2024-01-21) + +### Fix + + + +- Replace old variable name "smtp.ssl" with "smtp.security" ([#17465](https://github.com/truecharts/charts/issues/17465)) + + +## [vaultwarden-25.1.9](https://github.com/truecharts/charts/compare/vaultwarden-25.1.8...vaultwarden-25.1.9) (2024-01-21) + +### Chore + + + +- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) + + +## [vaultwarden-25.1.8](https://github.com/truecharts/charts/compare/vaultwarden-25.1.7...vaultwarden-25.1.8) (2024-01-21) + +### Chore + + + +- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457)) + + + + +## [vaultwarden-25.1.7](https://github.com/truecharts/charts/compare/vaultwarden-25.1.6...vaultwarden-25.1.7) (2024-01-09) + +### Chore + + + +- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986)) + + +## [vaultwarden-25.1.6](https://github.com/truecharts/charts/compare/vaultwarden-25.1.5...vaultwarden-25.1.6) (2024-01-02) + +### Chore + + + +- force bump to ensure up-to-date catalogs + + +## [vaultwarden-25.1.5](https://github.com/truecharts/charts/compare/vaultwarden-25.1.4...vaultwarden-25.1.5) (2024-01-02) + +### Chore + + + +- bump common ([#16751](https://github.com/truecharts/charts/issues/16751)) + + +## [vaultwarden-25.1.4](https://github.com/truecharts/charts/compare/vaultwarden-25.1.3...vaultwarden-25.1.4) (2024-01-01) + +### Chore + + + +- increase common version for oci fixes + +- remove non-existent template refs ([#16738](https://github.com/truecharts/charts/issues/16738)) + + +## [vaultwarden-25.1.3](https://github.com/truecharts/charts/compare/vaultwarden-25.1.0...vaultwarden-25.1.3) (2024-01-01) + +### Chore + + + +- bump all charts for OCI test push + +- move everything to consume OCI-hosted common-chart dependency + +- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733)) + +- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732)) + +- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704)) + +- lints some docs, uses front-matter instead of # h1, and fix list items in changelog ([#16589](https://github.com/truecharts/charts/issues/16589)) + + +## [vaultwarden-25.1.2](https://github.com/truecharts/charts/compare/vaultwarden-25.1.0...vaultwarden-25.1.2) (2024-01-01) + +### Chore + diff --git a/enterprise/vaultwarden/25.1.10/Chart.yaml b/enterprise/vaultwarden/25.1.10/Chart.yaml new file mode 100644 index 0000000000..95374e8426 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/Chart.yaml @@ -0,0 +1,41 @@ +annotations: + max_scale_version: 23.10.2 + min_scale_version: 23.10.0 + truecharts.org/SCALE-support: "true" + truecharts.org/category: security + truecharts.org/max_helm_version: "3.14" + truecharts.org/min_helm_version: "3.12" + truecharts.org/train: enterprise +apiVersion: v2 +appVersion: 1.30.1 +dependencies: + - name: common + version: 17.2.26 + repository: oci://tccr.io/truecharts + condition: "" + alias: "" + tags: [] + import-values: [] +deprecated: false +description: Unofficial Bitwarden compatible server written in Rust +home: https://truecharts.org/charts/enterprise/vaultwarden +icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png +keywords: + - bitwarden + - bitwardenrs + - bitwarden_rs + - vaultwarden + - password + - rust +kubeVersion: ">=1.24.0-0" +maintainers: + - name: TrueCharts + email: info@truecharts.org + url: https://truecharts.org +name: vaultwarden +sources: + - https://github.com/dani-garcia/vaultwarden + - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden + - https://hub.docker.com/r/vaultwarden/server +type: application +version: 25.1.10 diff --git a/enterprise/vaultwarden/25.1.10/LICENSE b/enterprise/vaultwarden/25.1.10/LICENSE new file mode 100644 index 0000000000..80e4ab93f9 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/LICENSE @@ -0,0 +1,106 @@ +Business Source License 1.1 + +Parameters + +Licensor: The TrueCharts Project, it's owner and it's contributors +Licensed Work: The TrueCharts "Cert-Manager" Helm Chart +Additional Use Grant: You may use the licensed work in production, as long + as it is directly sourced from a TrueCharts provided + official repository, catalog or source. You may also make private + modification to the directly sourced licenced work, + when used in production. + + The following cases are, due to their nature, also + defined as 'production use' and explicitly prohibited: + - Bundling, including or displaying the licensed work + with(in) another work intended for production use, + with the apparent intend of facilitating and/or + promoting production use by third parties in + violation of this license. + +Change Date: 2050-01-01 + +Change License: 3-clause BSD license + +For information about alternative licensing arrangements for the Software, +please contact: legal@truecharts.org + +Notice + +The Business Source License (this document, or the “License”) is not an Open +Source license. However, the Licensed Work will eventually be made available +under an Open Source License, as stated in this License. + +License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. +“Business Source License” is a trademark of MariaDB Corporation Ab. + +----------------------------------------------------------------------------- + +Business Source License 1.1 + +Terms + +The Licensor hereby grants you the right to copy, modify, create derivative +works, redistribute, and make non-production use of the Licensed Work. The +Licensor may make an Additional Use Grant, above, permitting limited +production use. + +Effective on the Change Date, or the fourth anniversary of the first publicly +available distribution of a specific version of the Licensed Work under this +License, whichever comes first, the Licensor hereby grants you rights under +the terms of the Change License, and the rights granted in the paragraph +above terminate. + +If your use of the Licensed Work does not comply with the requirements +currently in effect as described in this License, you must purchase a +commercial license from the Licensor, its affiliated entities, or authorized +resellers, or you must refrain from using the Licensed Work. + +All copies of the original and modified Licensed Work, and derivative works +of the Licensed Work, are subject to this License. This License applies +separately for each version of the Licensed Work and the Change Date may vary +for each version of the Licensed Work released by Licensor. + +You must conspicuously display this License on each original or modified copy +of the Licensed Work. If you receive the Licensed Work in original or +modified form from a third party, the terms and conditions set forth in this +License apply to your use of that work. + +Any use of the Licensed Work in violation of this License will automatically +terminate your rights under this License for the current and all other +versions of the Licensed Work. + +This License does not grant you any right in any trademark or logo of +Licensor or its affiliates (provided that you may use a trademark or logo of +Licensor as expressly required by this License). + +TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON +AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, +EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND +TITLE. + +MariaDB hereby grants you permission to use this License’s text to license +your works, and to refer to it using the trademark “Business Source License”, +as long as you comply with the Covenants of Licensor below. + +Covenants of Licensor + +In consideration of the right to use this License’s text and the “Business +Source License” name and trademark, Licensor covenants to MariaDB, and to all +other recipients of the licensed work to be provided by Licensor: + +1. To specify as the Change License the GPL Version 2.0 or any later version, + or a license that is compatible with GPL Version 2.0 or a later version, + where “compatible” means that software provided under the Change License can + be included in a program with software provided under GPL Version 2.0 or a + later version. Licensor may specify additional Change Licenses without + limitation. + +2. To either: (a) specify an additional grant of rights to use that does not + impose any additional restriction on the right granted in this License, as + the Additional Use Grant; or (b) insert the text “None”. + +3. To specify a Change Date. + +4. Not to modify this License in any other way. diff --git a/enterprise/vaultwarden/25.1.10/README.md b/enterprise/vaultwarden/25.1.10/README.md new file mode 100644 index 0000000000..95ae8ad979 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/README.md @@ -0,0 +1,28 @@ +--- +title: README +--- + +## General Info + +TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/vaultwarden) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +_All Rights Reserved - The TrueCharts Project_ diff --git a/enterprise/vaultwarden/25.1.10/app-changelog.md b/enterprise/vaultwarden/25.1.10/app-changelog.md new file mode 100644 index 0000000000..1a317f1df0 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/app-changelog.md @@ -0,0 +1,9 @@ + + +## [vaultwarden-25.1.10](https://github.com/truecharts/charts/compare/vaultwarden-25.1.9...vaultwarden-25.1.10) (2024-01-21) + +### Fix + + + +- Replace old variable name "smtp.ssl" with "smtp.security" ([#17465](https://github.com/truecharts/charts/issues/17465)) \ No newline at end of file diff --git a/enterprise/vaultwarden/25.1.10/app-readme.md b/enterprise/vaultwarden/25.1.10/app-readme.md new file mode 100644 index 0000000000..08d9cc8b1d --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/app-readme.md @@ -0,0 +1,8 @@ +Unofficial Bitwarden compatible server written in Rust + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/operators/cert-manager/3.1.11/charts/common-17.2.26.tgz b/enterprise/vaultwarden/25.1.10/charts/common-17.2.26.tgz similarity index 100% rename from operators/cert-manager/3.1.11/charts/common-17.2.26.tgz rename to enterprise/vaultwarden/25.1.10/charts/common-17.2.26.tgz diff --git a/enterprise/vaultwarden/25.1.10/ix_values.yaml b/enterprise/vaultwarden/25.1.10/ix_values.yaml new file mode 100644 index 0000000000..849e008bf0 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/ix_values.yaml @@ -0,0 +1,152 @@ +image: + repository: docker.io/vaultwarden/server + pullPolicy: IfNotPresent + tag: 1.30.1@sha256:ab9fe547277245533a28d8e0a0c4a1e1120daf469f983fd683fc13556927d4fe +manifestManager: + enabled: true +service: + main: + ports: + main: + port: 10102 + targetPort: 8080 +workload: + main: + podSpec: + containers: + main: + env: + DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}" + DATABASE_URL: + secretKeyRef: + name: cnpg-main-urls + key: std + envFrom: + - configMapRef: + name: vaultwardenconfig + - secretRef: + name: vaultwardensecret +database: + # -- Database type, + # must be one of: 'sqlite', 'mysql' or 'postgresql'. + type: postgresql + # -- Enable DB Write-Ahead-Log for SQLite, + # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled + wal: true + ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port). + # url: "" + ## Set the size of the database connection pool. + # maxConnections: 10 + ## Connection retries during startup, 0 for infinite. 1 second between retries. + # retries: 15 +# Set Bitwarden_rs application variables +vaultwarden: + # -- Allow any user to sign-up + # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users + allowSignups: true + ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set. + # signupDomains: + # - domain.tld + # -- Verify e-mail before login is enabled. + # SMTP must be enabled. + verifySignup: false + # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled. + requireEmail: false + ## Maximum attempts before an email token is reset and a new email will need to be sent. + # emailAttempts: 3 + ## Email token validity in seconds. + # emailTokenExpiration: 600 + # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations + allowInvitation: true + # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display + ## Default organization name in invitation e-mails that are not coming from a specific organization. + # defaultInviteName: "" + showPasswordHint: true + # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting + enableWebVault: true + # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users. + orgCreationUsers: all + ## Limit attachment disk usage per organization. + # attachmentLimitOrg: + ## Limit attachment disk usage per user. + # attachmentLimitUser: + ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key. + # hibpApiKey: + + admin: + # Enable admin portal. + enabled: false + # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token + disableAdminToken: false + ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page + # token: + # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration + smtp: + enabled: false + # SMTP hostname, required if SMTP is enabled. + host: "" + # SMTP sender e-mail address, required if SMTP is enabled. + from: "" + ## SMTP sender name, defaults to 'Bitwarden_RS'. + # fromName: "" + ## Enable SSL connection. + # security: starttls + ## SMTP port. Defaults to 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL. + # port: 587 + ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'. + # authMechanism: Plain + ## Hostname to be sent for SMTP HELO. Defaults to pod name. + # heloName: "" + ## SMTP timeout. + # timeout: 15 + ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks! + # invalidHostname: false + ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks! + # invalidCertificate: false + ## SMTP username. + # user: "" + ## SMTP password. Required is user is specified, ignored if no user provided. + # password: "" + ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication + yubico: + enabled: false + ## Yubico server. Defaults to YubiCloud. + # server: + ## Yubico ID and Secret Key. + # clientId: + # secretKey: + ## Enable Mobile Push Notifications. You must obtain and ID and Key here: https://bitwarden.com/host + push: + enabled: false + # installationId: + # installationKey: + ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging + log: + # Log to file. + file: "" + # Log level. Options are "trace", "debug", "info", "warn", "error" or "off". + level: "trace" + ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds. + # timeFormat: "" + icons: + # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero. + disableDownload: false + ## Cache time-to-live for icons fetched. 0 means no purging. + # cache: 2592000 + ## Cache time-to-live for icons that were not available. 0 means no purging. + # cacheFailed: 259200 +persistence: + data: + enabled: true + mountPath: "/data" +cnpg: + main: + enabled: true + user: vaultwarden + database: vaultwarden +portal: + open: + enabled: true +ingress: + main: + required: true diff --git a/enterprise/vaultwarden/25.1.10/questions.yaml b/enterprise/vaultwarden/25.1.10/questions.yaml new file mode 100644 index 0000000000..7983fc3702 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/questions.yaml @@ -0,0 +1,3621 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: Workload Settings + description: Workload Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Postgresql + description: Postgresql + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_tcportal-open_protocol" + host: + - "$kubernetes-resource_configmap_tcportal-open_host" + ports: + - "$kubernetes-resource_configmap_tcportal-open_port" + admin: + protocols: + - "$kubernetes-resource_configmap_tcportal-open_protocol" + host: + - "$kubernetes-resource_configmap_tcportal-open_host" + ports: + - "$kubernetes-resource_configmap_tcportal-open_port" + path: "/admin/" +questions: + - variable: global + group: General Settings + label: "Global Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: stopAll + label: Stop All + description: "Stops All Running pods and hibernates cnpg" + schema: + type: boolean + default: false + - variable: workload + group: "Workload Settings" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type (Advanced) + schema: + type: string + default: Deployment + enum: + - value: Deployment + description: Deployment + - value: DaemonSet + description: DaemonSet + - variable: replicas + label: Replicas (Advanced) + description: Set the number of Replicas + schema: + type: int + show_if: [["type", "!=", "DaemonSet"]] + default: 1 + - variable: podSpec + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: containers + label: Containers + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Container + schema: + additional_attrs: true + type: dict + attrs: + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: command + label: Command + schema: + type: list + default: [] + items: + - variable: param + label: Param + schema: + type: string + - variable: TZ + label: Timezone + group: "General Settings" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: podOptions + group: "General Settings" + label: "Global Pod Options (Advanced)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: expertPodOpts + label: "Expert - Pod Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + label: "Host Networking" + schema: + type: boolean + default: false + - variable: dnsConfig + label: "DNS Configuration" + schema: + type: dict + additional_attrs: true + attrs: + - variable: options + label: "Options" + schema: + type: list + default: [{"name": "ndots", "value": "1"}] + items: + - variable: optionsEntry + label: "Option Entry" + schema: + type: dict + additional_attrs: true + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + - variable: nameservers + label: "Nameservers" + schema: + type: list + default: [] + items: + - variable: nsEntry + label: "Nameserver Entry" + schema: + type: string + required: true + - variable: searches + label: "Searches" + schema: + type: list + default: [] + items: + - variable: searchEntry + label: "Search Entry" + schema: + type: string + required: true + + - variable: imagePullSecretList + group: "General Settings" + label: "Image Pull Secrets" + schema: + type: list + default: [] + items: + - variable: pullsecretentry + label: "Pull Secret" + schema: + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + - variable: data + label: Data + schema: + type: dict + additional_attrs: true + attrs: + - variable: registry + label: "Registry" + schema: + type: string + required: true + default: "https://index.docker.io/v1/" + - variable: username + label: "Username" + schema: + type: string + required: true + default: "" + - variable: password + label: "Password" + schema: + type: string + required: true + private: true + default: "" + - variable: email + label: "Email" + schema: + type: string + required: true + default: "" + - variable: vaultwarden + label: "" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: yubico + label: "Yubico OTP authentication" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Yubico OTP authentication" + description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: server + label: "Yubico server" + description: "Defaults to YubiCloud" + schema: + type: string + default: "" + - variable: clientId + label: "Yubico ID" + schema: + type: string + default: "" + - variable: secretKey + label: "Yubico Secret Key" + schema: + type: string + default: "" + - variable: push + label: "Mobile Push Notifications" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Mobile Push Notifications" + description: "You must obtain and ID and Key here: https://bitwarden.com/host" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: installationId + label: "Installation ID" + schema: + type: string + default: "" + required: true + - variable: installationKey + label: "Installation Key" + schema: + type: string + default: "" + required: true + - variable: admin + label: "Admin Portal" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Admin Portal" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: disableAdminToken + label: "Make Accessible Without Password/Token" + schema: + type: boolean + default: false + - variable: token + label: "Admin Portal Password/Token" + description: "Will be automatically generated if not defined" + schema: + type: string + default: "" + - variable: icons + label: "Icon Download Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: disableDownload + label: "Disable Icon Download" + description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)" + schema: + type: boolean + default: false + - variable: cache + label: "Cache time-to-live" + description: "Cache time-to-live for icons fetched. 0 means no purging" + schema: + type: int + default: 2592000 + - variable: token + label: "Failed Downloads Cache time-to-live" + description: "Cache time-to-live for icons that were not available. 0 means no purging." + schema: + type: int + default: 2592000 + - variable: log + label: "Logging" + schema: + additional_attrs: true + type: dict + attrs: + - variable: level + label: "Log level" + schema: + type: string + default: "info" + required: true + enum: + - value: "trace" + description: "trace" + - value: "debug" + description: "debug" + - value: "info" + description: "info" + - value: "warn" + description: "warn" + - value: "error" + description: "error" + - value: "off" + description: "off" + - variable: file + label: "Log-File Location" + schema: + type: string + default: "" + - variable: smtp + label: "SMTP Settings (Email)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable SMTP Support" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: host + label: "SMTP hostname" + schema: + type: string + required: true + default: "" + - variable: from + label: "SMTP sender e-mail address" + schema: + type: string + required: true + default: "" + - variable: fromName + label: "SMTP sender name" + schema: + type: string + required: true + default: "" + - variable: user + label: "SMTP username" + schema: + type: string + required: true + default: "" + - variable: password + label: "SMTP password" + description: "Required is user is specified, ignored if no user provided" + schema: + type: string + default: "" + - variable: security + label: "Enable SSL connection" + schema: + type: string + default: "starttls" + enum: + - value: "starttls" + description: "STARTTLS (587)" + - value: "force_tls" + description: "FORCE_TLS (465)" + - value: "off" + description: "OFF (25)" + - variable: port + label: "SMTP port" + description: "Usually: 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL" + schema: + type: int + default: 587 + - variable: authMechanism + label: "SMTP Authentication Mechanisms" + description: "Comma-separated options: Plain, Login and Xoauth2" + schema: + type: string + default: "Plain" + - variable: heloName + label: "SMTP HELO - Hostname" + description: "Hostname to be sent for SMTP HELO. Defaults to pod name" + schema: + type: string + default: "" + - variable: timeout + label: "SMTP timeout" + schema: + type: int + default: 15 + - variable: invalidHostname + label: "Accept Invalid Hostname" + description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!" + schema: + type: boolean + default: false + - variable: invalidCertificate + label: "Accept Invalid Certificate" + description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!" + schema: + type: boolean + default: false + - variable: allowSignups + label: "Allow Signup" + description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users" + schema: + type: boolean + default: true + - variable: allowInvitation + label: "Always allow Invitation" + description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations" + schema: + type: boolean + default: true + - variable: defaultInviteName + label: "Default Invite Organisation Name" + description: "Default organization name in invitation e-mails that are not coming from a specific organization." + schema: + type: string + default: "" + - variable: showPasswordHint + label: "Show password hints" + description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display" + schema: + type: boolean + default: true + - variable: signupwhitelistenable + label: "Enable Signup Whitelist" + description: "allowSignups is ignored if set" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: signupDomains + label: "Signup Whitelist Domains" + schema: + type: list + default: [] + items: + - variable: domain + label: "Domain" + schema: + type: string + default: "" + - variable: verifySignup + label: "Verifiy Signup" + description: "Verify e-mail before login is enabled. SMTP must be enabled" + schema: + type: boolean + default: false + - variable: requireEmail + label: "Block Login if email fails" + description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled" + schema: + type: boolean + default: false + - variable: emailAttempts + label: "Email token reset attempts" + description: "Maximum attempts before an email token is reset and a new email will need to be sent" + schema: + type: int + default: 3 + - variable: emailTokenExpiration + label: "Email token validity in seconds" + schema: + type: int + default: 600 + - variable: enableWebVault + label: "Enable Webvault" + description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting" + schema: + type: boolean + default: true + - variable: orgCreationUsers + label: "Limit Organisation Creation to (users)" + description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users." + schema: + type: string + default: "all" + - variable: attachmentLimitOrg + label: "Limit Attachment Disk Usage per Organisation" + schema: + type: string + default: "" + - variable: attachmentLimitUser + label: "Limit Attachment Disk Usage per User" + schema: + type: string + default: "" + - variable: hibpApiKey + label: "HaveIBeenPwned API Key" + description: "Can be purchased at https://haveibeenpwned.com/API/Key" + schema: + type: string + default: "" + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10102 + required: true + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: scaleExternalInterface + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + additional_attrs: true + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + additional_attrs: true + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: tcp + enum: + - value: http + description: HTTP + - value: https + description: HTTPS + - value: tcp + description: TCP + - value: udp + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: persistence + label: Integrated Persistent Storage + description: Integrated Persistent Storage + group: Storage and Persistence + schema: + additional_attrs: true + type: dict + attrs: + - variable: data + label: "App Config Storage" + description: "Stores the Application Configuration." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: pvc + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - value: iscsi + description: iSCSI Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: iscsi + label: iSCSI Options + schema: + show_if: [["type", "=", "iscsi"]] + type: dict + additional_attrs: true + attrs: + - variable: targetPortal + label: targetPortal + schema: + type: string + required: true + default: "" + - variable: iqn + label: iqn + schema: + type: string + required: true + default: "" + - variable: lun + label: lun + schema: + type: int + default: 0 + - variable: authSession + label: authSession + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + - variable: authDiscovery + label: authDiscovery + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + + - variable: autoPermissions + label: Automatic Permissions Configuration + description: Automatically set permissions + schema: + show_if: [["type", "!=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: chown + label: Run CHOWN + description: | + It will run CHOWN on the path with the given fsGroup + schema: + type: boolean + default: false + - variable: chmod + label: Run CHMOD + description: | + It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770 + schema: + type: string + valid_chars: '[0-9]{3}' + default: "" + - variable: recursive + label: Recursive + description: | + It will run CHOWN and CHMOD recursively + schema: + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage (Do NOT REDUCE after installation) + description: This value can ONLY be INCREASED after the installation + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: storageClass + label: 'storageClass (Advanced)' + description: 'sets the storageClass to something other than iX default. Only for advanced usecases!' + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "" + - variable: static + label: 'Static Fixed PVC Bindings (Experimental)' + description: Link a PVC to a specific storage location + schema: + show_if: [["type", "=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: mode + label: mode + description: | + disabled: use normal dynamic PVCs + smb: connect to an SMB share + nfs: connect to an NFS share + schema: + type: string + default: "disabled" + enum: + - value: disabled + description: disabled + - value: smb + description: smb + - value: nfs + description: nfs + - variable: server + label: Server + description: server to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "myserver" + - variable: share + label: Share + description: share to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "/myshare" + - variable: user + label: User + description: connecting user + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "myuser" + - variable: domain + label: Domain + description: user domain + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: password + label: Password + description: connecting password + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: volumeSnapshots + label: 'Volume Snapshots (Experimental)' + description: Add an entry to the list to force creation of a volumeSnapshot of this PVC + schema: + show_if: [["type", "=", "pvc"]] + type: list + default: [] + items: + - variable: volumeSnapshotEntry + label: Custom volumeSnapshot + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: 'WARNING: renaming this, means deletion of the snapshot with the old name!' + schema: + type: string + default: "mysnapshot" + required: true + - variable: volumeSnapshotClassName + label: 'volumeSnapshot Class Name (Advanced)' + description: For use with PVCs using a non-default storageClass + schema: + type: string + default: "" + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: hostPath + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: iscsi + label: iSCSI Options + schema: + show_if: [["type", "=", "iscsi"]] + type: dict + additional_attrs: true + attrs: + - variable: targetPortal + label: targetPortal + schema: + type: string + required: true + default: "" + - variable: iqn + label: iqn + schema: + type: string + required: true + default: "" + - variable: lun + label: lun + schema: + type: int + default: 0 + - variable: authSession + label: authSession + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + - variable: authDiscovery + label: authDiscovery + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + - variable: autoPermissions + label: Automatic Permissions Configuration + description: Automatically set permissions + schema: + show_if: [["type", "!=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: chown + label: Run CHOWN + description: | + It will run CHOWN on the path with the given fsGroup + schema: + type: boolean + default: false + - variable: chmod + label: Run CHMOD + description: | + It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770 + schema: + type: string + valid_chars: '[0-9]{3}' + default: "" + - variable: recursive + label: Recursive + description: | + It will run CHOWN and CHMOD recursively + schema: + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: storageClass + label: 'storageClass (Advanced)' + description: 'sets the storageClass to something other than iX default. Only for advanced usecases!' + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "" + - variable: static + label: 'Static Fixed PVC Bindings (Experimental)' + description: Link a PVC to a specific storage location + schema: + show_if: [["type", "=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: mode + label: mode + description: | + disabled: use normal dynamic PVCs + smb: connect to an SMB share + nfs: connect to an NFS share + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: disabled + - value: smb + description: smb + - value: nfs + description: nfs + - variable: server + label: Server + description: server to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "myserver" + - variable: share + label: Share + description: share to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "/myshare" + - variable: user + label: User + description: connecting user + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "myuser" + - variable: domain + label: Domain + description: user domain + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: password + label: Password + description: connecting password + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: volumeSnapshots + label: 'Volume Snapshots (Experimental)' + description: Add an entry to the list to force creation of a volumeSnapshot of this PVC + schema: + show_if: [["type", "=", "pvc"]] + type: list + default: [] + items: + - variable: volumeSnapshotEntry + label: Custom volumeSnapshot + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: 'WARNING: renaming this, means deletion of the snapshot with the old name!' + schema: + type: string + default: "mysnapshot" + required: true + - variable: volumeSnapshotClassName + label: 'volumeSnapshot Class Name (Advanced)' + description: For use with PVCs using a non-default storageClass + schema: + type: string + default: "" + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name (Optional) + description: Defaults to chart name + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description (Optional) + description: Defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: icon + label: Icon (Optional) + description: Defaults to chart icon + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: widget + label: Widget Settings + schema: + type: dict + additional_attrs: true + show_if: [["enabled", "=", true]] + attrs: + - variable: enabled + label: Enable Widget + description: When disabled all widget annotations are skipped. + schema: + type: boolean + default: true + - variable: custom + label: Options + schema: + type: dict + additional_attrs: true + attrs: + - variable: key + label: API-key (key) + schema: + type: string + default: "" + - variable: customkv + label: Custom Options + schema: + type: list + default: [] + items: + - variable: option + label: Option + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + default: "" + required: true + - variable: value + label: Value + schema: + type: string + default: "" + required: true + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: overrideService + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + show_if: [["certificateIssuer", "=", ""]] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: scaleCert + label: Use TrueNAS SCALE Certificate (Deprecated) + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: Use Custom Secret (Advanced) + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: "Allow Cross Origin Requests" + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: namespace + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description + description: defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: securityContext + group: Security and Permissions + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: container + label: Container + schema: + additional_attrs: true + type: dict + attrs: + # Settings from questions.yaml get appended here on a per-app basis + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID of the user running the application" + schema: + type: int + default: 568 + # Settings from questions.yaml get appended here on a per-app basis + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + show_if: [["runAsUser", "=", 0]] + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "0022" + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: pod + label: Pod + schema: + additional_attrs: true + type: dict + attrs: + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + # Settings from questions.yaml get appended here on a per-app basis + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: resources + group: Resources and Devices + label: "Resource Limits" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + hidden: true + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 10m + hidden: true + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 50Mi + hidden: true + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: device + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: scaleGPUEntry + label: GPU + schema: + additional_attrs: true + type: dict + attrs: + # Specify GPU configuration + - variable: gpu + label: Select GPU + schema: + additional_attrs: true + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + - variable: workaround + label: "Workaround" + schema: + type: string + default: workaround + hidden: true + - variable: cnpg + group: Postgresql + label: "CloudNative-PG (CNPG)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Postgresql Database" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hibernate + label: Hibernate + description: "enable to safely hibernate and shutdown the postgresql cluster" + schema: + type: boolean + default: false + - variable: mode + label: Mode + description: 'Cluster mode of operation. Available modes: standalone - default mode. Creates new or updates an existing CNPG cluster. recovery - Same as standalone but creates a cluster from a backup, object store or via pg_basebackup replica - Creates a replica cluster from an existing CNPG cluster. # TODO.' + schema: + type: string + default: "standalone" + enum: + - value: standalone + description: standalone + - value: replica + description: replica + - value: recovery + description: recovery + - variable: cluster + label: "Cluster Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: instances + label: Instances + schema: + type: int + default: 1 + - variable: singleNode + label: singleNode + schema: + type: boolean + default: true + hidden: true + - variable: storage + label: "Storage" + schema: + additional_attrs: true + type: dict + attrs: + - variable: size + label: Size + schema: + type: string + default: "256Gi" + - variable: walStorage + label: "WAL Storage" + schema: + additional_attrs: true + type: dict + attrs: + - variable: size + label: Size + schema: + type: string + default: "256Gi" + - variable: monitoring + label: "Monitoring Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enablePodMonitor + label: "enablePodMonitor" + schema: + type: boolean + default: true + - variable: disableDefaultQueries + label: "disableDefaultQueries" + schema: + type: boolean + default: false + - variable: pooler + label: "Pooler Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: instances + label: Instances + schema: + type: int + default: 1 + - variable: createRO + label: "Create ReadOnly Instance" + schema: + type: boolean + default: false + - variable: recovery + label: "Recovery Settings (Experimental)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + - variable: endpointURL + label: "endpointURL" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "" + - variable: method + label: "method" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "object_store" + - variable: backupName + label: "backupName" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "" + - variable: provider + label: "provider" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "s3" + enum: + - value: s3 + description: S3 + - value: azure + description: Azure + - value: google + description: Google + - variable: s3 + label: "s3" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "s3"]] + attrs: + - variable: region + label: "region" + schema: + type: string + default: "" + - variable: bucket + label: "bucket" + schema: + type: string + default: "" + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: accessKey + label: "accessKey" + schema: + type: string + default: "" + - variable: secretKey + label: "secretKey" + schema: + type: string + default: "" + - variable: azure + label: "azure (EXTREMELY EXPERIMENTAL)" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "azure"]] + attrs: + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: connectionString + label: "connectionString" + schema: + type: string + default: "" + - variable: storageAccount + label: "storageAccount" + schema: + type: string + default: "" + - variable: storageKey + label: "storageKey" + schema: + type: string + default: "" + - variable: storageSasToken + label: "storageSasToken" + schema: + type: string + default: "" + - variable: containerName + label: "containerName" + schema: + type: string + default: "" + - variable: serviceName + label: "serviceName" + schema: + type: string + default: "blob" + - variable: inheritFromAzureAD + label: "inheritFromAzureAD" + schema: + type: boolean + default: false + - variable: google + label: "google (EXTREMELY EXPERIMENTAL)" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "google"]] + attrs: + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: bucket + label: "bucket" + schema: + type: string + default: "" + - variable: gkeEnvironment + label: "gkeEnvironment" + schema: + type: string + default: "" + - variable: applicationCredentials + label: "applicationCredentials" + schema: + type: string + default: "" + - variable: backups + label: "Backup Settings (Experimental)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + - variable: endpointURL + label: "endpointURL" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "" + - variable: destinationPath + label: "destinationPath" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "" + - variable: retentionPolicy + label: "retentionPolicy" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "30d" + - variable: provider + label: "provider" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "s3" + enum: + - value: s3 + description: S3 + - value: azure + description: Azure + - value: google + description: Google + - variable: s3 + label: "s3" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "s3"]] + attrs: + - variable: region + label: "region" + schema: + type: string + default: "" + - variable: bucket + label: "bucket" + schema: + type: string + default: "" + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: accessKey + label: "accessKey" + schema: + type: string + default: "" + - variable: secretKey + label: "secretKey" + schema: + type: string + default: "" + - variable: azure + label: "azure (EXTREMELY EXPERIMENTAL)" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "azure"]] + attrs: + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: connectionString + label: "connectionString" + schema: + type: string + default: "" + - variable: storageAccount + label: "storageAccount" + schema: + type: string + default: "" + - variable: storageKey + label: "storageKey" + schema: + type: string + show_if: [["enabled", "=", true]] + default: "" + - variable: storageSasToken + label: "storageSasToken" + schema: + type: string + default: "" + - variable: containerName + label: "containerName" + schema: + type: string + default: "" + - variable: serviceName + label: "serviceName" + schema: + type: string + default: "blob" + - variable: inheritFromAzureAD + label: "inheritFromAzureAD" + schema: + type: boolean + default: false + - variable: google + label: "google (EXTREMELY EXPERIMENTAL)" + schema: + additional_attrs: true + type: dict + show_if: [["provider", "=", "google"]] + attrs: + - variable: path + label: "path" + schema: + type: string + default: "/" + - variable: bucket + label: "bucket" + schema: + type: string + default: "" + - variable: gkeEnvironment + label: "gkeEnvironment" + schema: + type: string + default: "" + - variable: applicationCredentials + label: "applicationCredentials" + schema: + type: string + default: "" + - variable: scheduledBackups + label: ScheduledBackups + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: backupschedule + label: BackupSchedule + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "daily-backup" + required: true + - variable: schedule + label: schedule + schema: + type: string + required: true + default: "0 0 0 * * *" + - variable: backupOwnerReference + label: backupOwnerReference + schema: + type: string + required: true + default: "self" + - variable: immediate + label: immediate + schema: + type: boolean + default: false + - variable: suspend + label: suspend + schema: + type: boolean + default: false + - variable: manualBackups + label: manualBackups + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: backup + label: Backup + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true +# - variable: horizontalPodAutoscaler +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# type: list +# default: [] +# items: +# - variable: hpaEntry +# label: HPA Entry +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: name +# label: Name +# schema: +# type: string +# required: true +# default: "" +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: ingress + label: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: gluetun + description: Gluetun + - value: tailscale + description: Tailscale + - value: openvpn + description: OpenVPN (Deprecated) + - value: wireguard + description: Wireguard (Deprecated) + - variable: openvpn + label: OpenVPN Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + show_if: [["username", "!=", ""]] + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: auth_once + label: Auth Once + description: Only attempt to log in if not already logged in. + schema: + type: boolean + default: true + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: The address on which to listen for SOCKS5 proxying into the tailscale net. + schema: + type: string + default: "" + - variable: outbound_http_proxy_listen + label: Outbound HTTP Proxy Listen + description: The address on which to listen for HTTP proxying into the tailscale net. + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: string + show_if: [["type", "!=", "disabled"]] + default: "" + + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + max_length: 10240 + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/operators/cert-manager/3.1.11/templates/NOTES.txt b/enterprise/vaultwarden/25.1.10/templates/NOTES.txt similarity index 100% rename from operators/cert-manager/3.1.11/templates/NOTES.txt rename to enterprise/vaultwarden/25.1.10/templates/NOTES.txt diff --git a/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl b/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl new file mode 100644 index 0000000000..2749819b03 --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl @@ -0,0 +1,111 @@ +{{/* Define the configmap */}} +{{- define "vaultwarden.configmap" -}} +enabled: true +data: + ROCKET_PORT: "8080" + SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }} + {{- if .Values.vaultwarden.signupDomains }} + SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }} + {{- end }} + {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}} + SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }} + {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}} + REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }} + {{- if .Values.vaultwarden.emailAttempts }} + EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }} + {{- end }} + {{- if .Values.vaultwarden.emailTokenExpiration }} + EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }} + {{- end }} + INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }} + {{- if .Values.vaultwarden.defaultInviteName }} + INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }} + {{- end }} + SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }} + WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }} + ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }} + {{- if .Values.vaultwarden.attachmentLimitOrg }} + ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }} + {{- end }} + {{- if .Values.vaultwarden.attachmentLimitUser }} + USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }} + {{- end }} + {{- if .Values.vaultwarden.hibpApiKey }} + HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }} + {{- end }} + {{- include "vaultwarden.dbTypeValid" . }} + {{- if .Values.database.retries }} + DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }} + {{- end }} + {{- if .Values.database.maxConnections }} + DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }} + {{- end }} + {{- if eq .Values.vaultwarden.smtp.enabled true }} + SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }} + SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }} + {{- if .Values.vaultwarden.smtp.fromName }} + SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.security }} + SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.port }} + SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.authMechanism }} + SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.heloName }} + HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.timeout }} + SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.invalidHostname }} + SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.invalidCertificate }} + SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }} + {{- end }} + {{- end }} + {{- if .Values.vaultwarden.log.file }} + LOG_FILE: {{ .Values.vaultwarden.log.file | quote }} + {{- end }} + {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }} + EXTENDED_LOGGING: "true" + {{- end }} + {{- if .Values.vaultwarden.log.level }} + {{- include "vaultwarden.logLevelValid" . }} + LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }} + {{- end }} + {{- if .Values.vaultwarden.log.timeFormat }} + LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }} + {{- end }} + {{- if .Values.vaultwarden.icons.disableDownload }} + DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }} + {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }} + ICON_CACHE_TTL: "0" + {{- end }} + {{- end }} + {{- if .Values.vaultwarden.icons.cache }} + ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }} + {{- end }} + {{- if .Values.vaultwarden.icons.cacheFailed }} + ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }} + {{- end }} + {{- if eq .Values.vaultwarden.admin.enabled true }} + {{- if eq .Values.vaultwarden.admin.disableAdminToken true }} + DISABLE_ADMIN_TOKEN: "true" + {{- end }} + {{- end }} + {{- if eq .Values.vaultwarden.yubico.enabled true }} + {{- if .Values.vaultwarden.yubico.server }} + YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }} + {{- end }} + {{- end }} + {{- if eq .Values.database.type "sqlite" }} + ENABLE_DB_WAL: {{ .Values.database.wal | quote }} + {{- else }} + ENABLE_DB_WAL: "false" + {{- end }} +{{- end -}} diff --git a/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl b/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl new file mode 100644 index 0000000000..262fcffa1b --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl @@ -0,0 +1,37 @@ +{{/* Define the secrets */}} +{{- define "vaultwarden.secrets" -}} + +{{- $adminToken := "" }} +{{- if eq .Values.vaultwarden.admin.enabled true }} +{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }} +{{- end -}} + +{{- $smtpUser := "" }} +{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }} +{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }} +{{- end -}} + +{{- $yubicoClientId := "" }} +{{- if eq .Values.vaultwarden.yubico.enabled true }} +{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }} +{{- end -}} +enabled: true +data: + placeholder: placeholdervalue + {{- if ne $adminToken "" }} + ADMIN_TOKEN: {{ $adminToken }} + {{- end }} + {{- if ne $smtpUser "" }} + SMTP_USERNAME: {{ $smtpUser }} + SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }} + {{- end }} + {{- if ne $yubicoClientId "" }} + YUBICO_CLIENT_ID: {{ $yubicoClientId }} + YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }} + {{- end }} + {{- if .Values.vaultwarden.push.enabled }} + PUSH_ENABLED: {{ .Values.vaultwarden.push.enabled | quote }} + PUSH_INSTALLATION_ID: {{ required "Installation ID required" .Values.vaultwarden.push.installationId | quote }} + PUSH_INSTALLATION_KEY: {{ required "Installation Key required" .Values.vaultwarden.push.installationKey | quote }} + {{- end }} +{{- end -}} diff --git a/enterprise/vaultwarden/25.1.10/templates/_validate.tpl b/enterprise/vaultwarden/25.1.10/templates/_validate.tpl new file mode 100644 index 0000000000..e4832c2f6e --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/templates/_validate.tpl @@ -0,0 +1,17 @@ +{{/* +Ensure valid DB type is select, defaults to SQLite +*/}} +{{- define "vaultwarden.dbTypeValid" -}} +{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }} +{{- required "Invalid database type" nil }} +{{- end -}} +{{- end -}} + +{{/* +Ensure log type is valid +*/}} +{{- define "vaultwarden.logLevelValid" -}} +{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }} +{{- required "Invalid log level" nil }} +{{- end }} +{{- end }} diff --git a/enterprise/vaultwarden/25.1.10/templates/common.yaml b/enterprise/vaultwarden/25.1.10/templates/common.yaml new file mode 100644 index 0000000000..66c6adab5d --- /dev/null +++ b/enterprise/vaultwarden/25.1.10/templates/common.yaml @@ -0,0 +1,17 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.v1.common.loader.init" . }} + +{{/* Render configmap for vaultwarden */}} +{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}} +{{- if $configmapFile -}} + {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}} +{{- end -}} + +{{/* Render secrets for vaultwarden */}} +{{- $secret := include "vaultwarden.secrets" . | fromYaml -}} +{{- if $secret -}} + {{- $_ := set .Values.secret "vaultwardensecret" $secret -}} +{{- end -}} + +{{/* Render the templates */}} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/operators/cert-manager/3.1.11/values.yaml b/enterprise/vaultwarden/25.1.10/values.yaml similarity index 100% rename from operators/cert-manager/3.1.11/values.yaml rename to enterprise/vaultwarden/25.1.10/values.yaml diff --git a/enterprise/velero/3.1.12/app-changelog.md b/enterprise/velero/3.1.12/app-changelog.md deleted file mode 100644 index 351d65afea..0000000000 --- a/enterprise/velero/3.1.12/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [velero-3.1.12](https://github.com/truecharts/charts/compare/velero-3.1.11...velero-3.1.12) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/enterprise/velero/3.1.12/CHANGELOG.md b/enterprise/velero/3.1.13/CHANGELOG.md similarity index 89% rename from enterprise/velero/3.1.12/CHANGELOG.md rename to enterprise/velero/3.1.13/CHANGELOG.md index 86c1e89ea7..8dc57ee443 100644 --- a/enterprise/velero/3.1.12/CHANGELOG.md +++ b/enterprise/velero/3.1.13/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [velero-3.1.13](https://github.com/truecharts/charts/compare/velero-3.1.12...velero-3.1.13) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) + + ## [velero-3.1.12](https://github.com/truecharts/charts/compare/velero-3.1.11...velero-3.1.12) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog - increase common version for oci fixes - remove non-existent template refs ([#16738](https://github.com/truecharts/charts/issues/16738)) - - -## [velero-3.1.3](https://github.com/truecharts/charts/compare/velero-3.1.0...velero-3.1.3) (2024-01-01) - -### Chore - - - -- bump all charts for OCI test push diff --git a/enterprise/velero/3.1.12/Chart.yaml b/enterprise/velero/3.1.13/Chart.yaml similarity index 98% rename from enterprise/velero/3.1.12/Chart.yaml rename to enterprise/velero/3.1.13/Chart.yaml index acdb366ab8..a217777f47 100644 --- a/enterprise/velero/3.1.12/Chart.yaml +++ b/enterprise/velero/3.1.13/Chart.yaml @@ -42,4 +42,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/enterprise/velero - https://github.com/truecharts/containers/tree/master/apps/alpine type: application -version: 3.1.12 +version: 3.1.13 diff --git a/enterprise/velero/3.1.12/LICENSE b/enterprise/velero/3.1.13/LICENSE similarity index 100% rename from enterprise/velero/3.1.12/LICENSE rename to enterprise/velero/3.1.13/LICENSE diff --git a/enterprise/velero/3.1.12/README.md b/enterprise/velero/3.1.13/README.md similarity index 100% rename from enterprise/velero/3.1.12/README.md rename to enterprise/velero/3.1.13/README.md diff --git a/enterprise/velero/3.1.13/app-changelog.md b/enterprise/velero/3.1.13/app-changelog.md new file mode 100644 index 0000000000..189af55363 --- /dev/null +++ b/enterprise/velero/3.1.13/app-changelog.md @@ -0,0 +1,9 @@ + + +## [velero-3.1.13](https://github.com/truecharts/charts/compare/velero-3.1.12...velero-3.1.13) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) \ No newline at end of file diff --git a/enterprise/velero/3.1.12/app-readme.md b/enterprise/velero/3.1.13/app-readme.md similarity index 100% rename from enterprise/velero/3.1.12/app-readme.md rename to enterprise/velero/3.1.13/app-readme.md diff --git a/operators/cloudnative-pg/5.2.11/charts/common-17.2.26.tgz b/enterprise/velero/3.1.13/charts/common-17.2.26.tgz similarity index 100% rename from operators/cloudnative-pg/5.2.11/charts/common-17.2.26.tgz rename to enterprise/velero/3.1.13/charts/common-17.2.26.tgz diff --git a/enterprise/velero/3.1.12/charts/velero-5.2.0.tgz b/enterprise/velero/3.1.13/charts/velero-5.2.0.tgz similarity index 100% rename from enterprise/velero/3.1.12/charts/velero-5.2.0.tgz rename to enterprise/velero/3.1.13/charts/velero-5.2.0.tgz diff --git a/enterprise/velero/3.1.12/ix_values.yaml b/enterprise/velero/3.1.13/ix_values.yaml similarity index 94% rename from enterprise/velero/3.1.12/ix_values.yaml rename to enterprise/velero/3.1.13/ix_values.yaml index eb9477c198..5fa667032c 100644 --- a/enterprise/velero/3.1.12/ix_values.yaml +++ b/enterprise/velero/3.1.13/ix_values.yaml @@ -1,7 +1,7 @@ image: pullPolicy: IfNotPresent repository: tccr.io/tccr/alpine - tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9 + tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc manifestManager: enabled: false operator: diff --git a/enterprise/velero/3.1.12/questions.yaml b/enterprise/velero/3.1.13/questions.yaml similarity index 100% rename from enterprise/velero/3.1.12/questions.yaml rename to enterprise/velero/3.1.13/questions.yaml diff --git a/operators/cloudnative-pg/5.2.11/templates/NOTES.txt b/enterprise/velero/3.1.13/templates/NOTES.txt similarity index 100% rename from operators/cloudnative-pg/5.2.11/templates/NOTES.txt rename to enterprise/velero/3.1.13/templates/NOTES.txt diff --git a/enterprise/velero/3.1.12/templates/common.yaml b/enterprise/velero/3.1.13/templates/common.yaml similarity index 100% rename from enterprise/velero/3.1.12/templates/common.yaml rename to enterprise/velero/3.1.13/templates/common.yaml diff --git a/operators/cloudnative-pg/5.2.11/values.yaml b/enterprise/velero/3.1.13/values.yaml similarity index 100% rename from operators/cloudnative-pg/5.2.11/values.yaml rename to enterprise/velero/3.1.13/values.yaml diff --git a/operators/cert-manager/3.1.11/app-changelog.md b/operators/cert-manager/3.1.11/app-changelog.md deleted file mode 100644 index 8a2a4a350d..0000000000 --- a/operators/cert-manager/3.1.11/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [cert-manager-3.1.11](https://github.com/truecharts/charts/compare/cert-manager-3.1.10...cert-manager-3.1.11) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/operators/cert-manager/3.1.11/CHANGELOG.md b/operators/cert-manager/3.1.12/CHANGELOG.md similarity index 82% rename from operators/cert-manager/3.1.11/CHANGELOG.md rename to operators/cert-manager/3.1.12/CHANGELOG.md index c983ffced7..0b5c7acb08 100644 --- a/operators/cert-manager/3.1.11/CHANGELOG.md +++ b/operators/cert-manager/3.1.12/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [cert-manager-3.1.12](https://github.com/truecharts/charts/compare/cert-manager-3.1.11...cert-manager-3.1.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) + + ## [cert-manager-3.1.11](https://github.com/truecharts/charts/compare/cert-manager-3.1.10...cert-manager-3.1.11) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog - bump all charts for OCI test push - -- move everything to consume OCI-hosted common-chart dependency - -- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733)) - -- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732)) - -- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704)) - diff --git a/operators/cert-manager/3.1.11/Chart.yaml b/operators/cert-manager/3.1.12/Chart.yaml similarity index 98% rename from operators/cert-manager/3.1.11/Chart.yaml rename to operators/cert-manager/3.1.12/Chart.yaml index 02506053c6..713536b05b 100644 --- a/operators/cert-manager/3.1.11/Chart.yaml +++ b/operators/cert-manager/3.1.12/Chart.yaml @@ -43,4 +43,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/operators/cert-manager - https://github.com/truecharts/containers/tree/master/apps/alpine type: application -version: 3.1.11 +version: 3.1.12 diff --git a/operators/cert-manager/3.1.11/LICENSE b/operators/cert-manager/3.1.12/LICENSE similarity index 100% rename from operators/cert-manager/3.1.11/LICENSE rename to operators/cert-manager/3.1.12/LICENSE diff --git a/operators/cert-manager/3.1.11/README.md b/operators/cert-manager/3.1.12/README.md similarity index 100% rename from operators/cert-manager/3.1.11/README.md rename to operators/cert-manager/3.1.12/README.md diff --git a/operators/cert-manager/3.1.12/app-changelog.md b/operators/cert-manager/3.1.12/app-changelog.md new file mode 100644 index 0000000000..7864868f1b --- /dev/null +++ b/operators/cert-manager/3.1.12/app-changelog.md @@ -0,0 +1,9 @@ + + +## [cert-manager-3.1.12](https://github.com/truecharts/charts/compare/cert-manager-3.1.11...cert-manager-3.1.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) \ No newline at end of file diff --git a/operators/cert-manager/3.1.11/app-readme.md b/operators/cert-manager/3.1.12/app-readme.md similarity index 100% rename from operators/cert-manager/3.1.11/app-readme.md rename to operators/cert-manager/3.1.12/app-readme.md diff --git a/operators/cert-manager/3.1.11/charts/cert-manager-v1.13.3.tgz b/operators/cert-manager/3.1.12/charts/cert-manager-v1.13.3.tgz similarity index 100% rename from operators/cert-manager/3.1.11/charts/cert-manager-v1.13.3.tgz rename to operators/cert-manager/3.1.12/charts/cert-manager-v1.13.3.tgz diff --git a/operators/prometheus-operator/4.5.2/charts/common-17.2.26.tgz b/operators/cert-manager/3.1.12/charts/common-17.2.26.tgz similarity index 100% rename from operators/prometheus-operator/4.5.2/charts/common-17.2.26.tgz rename to operators/cert-manager/3.1.12/charts/common-17.2.26.tgz diff --git a/operators/cert-manager/3.1.11/ix_values.yaml b/operators/cert-manager/3.1.12/ix_values.yaml similarity index 87% rename from operators/cert-manager/3.1.11/ix_values.yaml rename to operators/cert-manager/3.1.12/ix_values.yaml index ca3a924d47..91ebf37a73 100644 --- a/operators/cert-manager/3.1.11/ix_values.yaml +++ b/operators/cert-manager/3.1.12/ix_values.yaml @@ -1,7 +1,7 @@ image: repository: tccr.io/tccr/alpine pullPolicy: IfNotPresent - tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9 + tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc service: main: diff --git a/operators/cert-manager/3.1.11/questions.yaml b/operators/cert-manager/3.1.12/questions.yaml similarity index 100% rename from operators/cert-manager/3.1.11/questions.yaml rename to operators/cert-manager/3.1.12/questions.yaml diff --git a/operators/prometheus-operator/4.5.2/templates/NOTES.txt b/operators/cert-manager/3.1.12/templates/NOTES.txt similarity index 100% rename from operators/prometheus-operator/4.5.2/templates/NOTES.txt rename to operators/cert-manager/3.1.12/templates/NOTES.txt diff --git a/operators/cert-manager/3.1.11/templates/common.yaml b/operators/cert-manager/3.1.12/templates/common.yaml similarity index 100% rename from operators/cert-manager/3.1.11/templates/common.yaml rename to operators/cert-manager/3.1.12/templates/common.yaml diff --git a/operators/cert-manager/3.1.11/templates/crds.yaml b/operators/cert-manager/3.1.12/templates/crds.yaml similarity index 100% rename from operators/cert-manager/3.1.11/templates/crds.yaml rename to operators/cert-manager/3.1.12/templates/crds.yaml diff --git a/operators/prometheus-operator/4.5.2/values.yaml b/operators/cert-manager/3.1.12/values.yaml similarity index 100% rename from operators/prometheus-operator/4.5.2/values.yaml rename to operators/cert-manager/3.1.12/values.yaml diff --git a/operators/cloudnative-pg/5.2.11/app-changelog.md b/operators/cloudnative-pg/5.2.11/app-changelog.md deleted file mode 100644 index 89f5ac902b..0000000000 --- a/operators/cloudnative-pg/5.2.11/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [cloudnative-pg-5.2.11](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.10...cloudnative-pg-5.2.11) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/operators/cloudnative-pg/5.2.11/CHANGELOG.md b/operators/cloudnative-pg/5.2.12/CHANGELOG.md similarity index 82% rename from operators/cloudnative-pg/5.2.11/CHANGELOG.md rename to operators/cloudnative-pg/5.2.12/CHANGELOG.md index 54ddf9bdab..e90deb6cc3 100644 --- a/operators/cloudnative-pg/5.2.11/CHANGELOG.md +++ b/operators/cloudnative-pg/5.2.12/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [cloudnative-pg-5.2.12](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.11...cloudnative-pg-5.2.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) + + ## [cloudnative-pg-5.2.11](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.10...cloudnative-pg-5.2.11) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog - bump all charts for OCI test push - -- move everything to consume OCI-hosted common-chart dependency - -- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733)) - -- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732)) - -- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704)) - diff --git a/operators/cloudnative-pg/5.2.11/Chart.yaml b/operators/cloudnative-pg/5.2.12/Chart.yaml similarity index 98% rename from operators/cloudnative-pg/5.2.11/Chart.yaml rename to operators/cloudnative-pg/5.2.12/Chart.yaml index 8987050295..3f082a244b 100644 --- a/operators/cloudnative-pg/5.2.11/Chart.yaml +++ b/operators/cloudnative-pg/5.2.12/Chart.yaml @@ -43,4 +43,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/operators/cloudnative-pg - https://github.com/truecharts/containers/tree/master/apps/alpine type: application -version: 5.2.11 +version: 5.2.12 diff --git a/operators/cloudnative-pg/5.2.11/LICENSE b/operators/cloudnative-pg/5.2.12/LICENSE similarity index 100% rename from operators/cloudnative-pg/5.2.11/LICENSE rename to operators/cloudnative-pg/5.2.12/LICENSE diff --git a/operators/cloudnative-pg/5.2.11/README.md b/operators/cloudnative-pg/5.2.12/README.md similarity index 100% rename from operators/cloudnative-pg/5.2.11/README.md rename to operators/cloudnative-pg/5.2.12/README.md diff --git a/operators/cloudnative-pg/5.2.12/app-changelog.md b/operators/cloudnative-pg/5.2.12/app-changelog.md new file mode 100644 index 0000000000..8e055282b6 --- /dev/null +++ b/operators/cloudnative-pg/5.2.12/app-changelog.md @@ -0,0 +1,9 @@ + + +## [cloudnative-pg-5.2.12](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.11...cloudnative-pg-5.2.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) \ No newline at end of file diff --git a/operators/cloudnative-pg/5.2.11/app-readme.md b/operators/cloudnative-pg/5.2.12/app-readme.md similarity index 100% rename from operators/cloudnative-pg/5.2.11/app-readme.md rename to operators/cloudnative-pg/5.2.12/app-readme.md diff --git a/operators/cloudnative-pg/5.2.11/charts/cloudnative-pg-0.20.0.tgz b/operators/cloudnative-pg/5.2.12/charts/cloudnative-pg-0.20.0.tgz similarity index 100% rename from operators/cloudnative-pg/5.2.11/charts/cloudnative-pg-0.20.0.tgz rename to operators/cloudnative-pg/5.2.12/charts/cloudnative-pg-0.20.0.tgz diff --git a/stable/wg-easy/9.0.3/charts/common-17.2.26.tgz b/operators/cloudnative-pg/5.2.12/charts/common-17.2.26.tgz similarity index 100% rename from stable/wg-easy/9.0.3/charts/common-17.2.26.tgz rename to operators/cloudnative-pg/5.2.12/charts/common-17.2.26.tgz diff --git a/operators/cloudnative-pg/5.2.11/ix_values.yaml b/operators/cloudnative-pg/5.2.12/ix_values.yaml similarity index 77% rename from operators/cloudnative-pg/5.2.11/ix_values.yaml rename to operators/cloudnative-pg/5.2.12/ix_values.yaml index 8a3f0de35a..9c5292b70d 100644 --- a/operators/cloudnative-pg/5.2.11/ix_values.yaml +++ b/operators/cloudnative-pg/5.2.12/ix_values.yaml @@ -1,7 +1,7 @@ image: repository: tccr.io/tccr/alpine pullPolicy: IfNotPresent - tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9 + tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc service: main: diff --git a/operators/cloudnative-pg/5.2.11/questions.yaml b/operators/cloudnative-pg/5.2.12/questions.yaml similarity index 100% rename from operators/cloudnative-pg/5.2.11/questions.yaml rename to operators/cloudnative-pg/5.2.12/questions.yaml diff --git a/stable/wg-easy/9.0.3/templates/NOTES.txt b/operators/cloudnative-pg/5.2.12/templates/NOTES.txt similarity index 100% rename from stable/wg-easy/9.0.3/templates/NOTES.txt rename to operators/cloudnative-pg/5.2.12/templates/NOTES.txt diff --git a/operators/cloudnative-pg/5.2.11/templates/common.yaml b/operators/cloudnative-pg/5.2.12/templates/common.yaml similarity index 100% rename from operators/cloudnative-pg/5.2.11/templates/common.yaml rename to operators/cloudnative-pg/5.2.12/templates/common.yaml diff --git a/stable/wg-easy/9.0.3/values.yaml b/operators/cloudnative-pg/5.2.12/values.yaml similarity index 100% rename from stable/wg-easy/9.0.3/values.yaml rename to operators/cloudnative-pg/5.2.12/values.yaml diff --git a/operators/metallb/13.1.12/CHANGELOG.md b/operators/metallb/13.1.12/CHANGELOG.md new file mode 100644 index 0000000000..55144c70ad --- /dev/null +++ b/operators/metallb/13.1.12/CHANGELOG.md @@ -0,0 +1,99 @@ +--- +title: Changelog +--- + +**Important:** +*for the complete changelog, please refer to the website* + + + +## [metallb-13.1.12](https://github.com/truecharts/charts/compare/metallb-13.1.11...metallb-13.1.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) + + +## [metallb-13.1.11](https://github.com/truecharts/charts/compare/metallb-13.1.10...metallb-13.1.11) (2024-01-21) + +### Chore + + + +- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) + + +## [metallb-13.1.10](https://github.com/truecharts/charts/compare/metallb-13.1.9...metallb-13.1.10) (2024-01-21) + +### Chore + + + +- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457)) + + + + +## [metallb-13.1.9](https://github.com/truecharts/charts/compare/metallb-13.1.8...metallb-13.1.9) (2024-01-09) + +### Chore + + + +- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986)) + + +## [metallb-13.1.8](https://github.com/truecharts/charts/compare/metallb-13.1.7...metallb-13.1.8) (2024-01-02) + +### Chore + + + +- force bump to ensure up-to-date catalogs + + +## [metallb-13.1.7](https://github.com/truecharts/charts/compare/metallb-13.1.6...metallb-13.1.7) (2024-01-02) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@12e0f84](https://github.com/12e0f84) by renovate ([#16791](https://github.com/truecharts/charts/issues/16791)) + + +## [metallb-13.1.6](https://github.com/truecharts/charts/compare/metallb-13.1.5...metallb-13.1.6) (2024-01-02) + +### Chore + + + +- fix some refs ([#16749](https://github.com/truecharts/charts/issues/16749)) + + +## [metallb-13.1.5](https://github.com/truecharts/charts/compare/metallb-13.1.4...metallb-13.1.5) (2024-01-01) + +### Chore + + + +- increase common version for oci fixes + + +## [metallb-13.1.4](https://github.com/truecharts/charts/compare/metallb-13.1.3...metallb-13.1.4) (2024-01-01) + +### Chore + + + +- ensure everything is bumped into oci + + +## [metallb-13.1.3](https://github.com/truecharts/charts/compare/metallb-13.1.0...metallb-13.1.3) (2024-01-01) + +### Chore + + + +- bump all charts for OCI test push diff --git a/operators/metallb/13.1.12/Chart.yaml b/operators/metallb/13.1.12/Chart.yaml new file mode 100644 index 0000000000..bc8da8ff2b --- /dev/null +++ b/operators/metallb/13.1.12/Chart.yaml @@ -0,0 +1,45 @@ +annotations: + max_scale_version: 23.10.2 + min_scale_version: 23.10.0 + truecharts.org/SCALE-support: "true" + truecharts.org/category: operators + truecharts.org/max_helm_version: "3.14" + truecharts.org/min_helm_version: "3.12" + truecharts.org/train: operators +apiVersion: v2 +appVersion: latest +dependencies: + - name: common + version: 17.2.26 + repository: oci://tccr.io/truecharts + condition: "" + alias: "" + tags: [] + import-values: [] + - name: metallb + version: 0.13.12 + repository: https://metallb.github.io/metallb + condition: "" + alias: metallb + tags: [] + import-values: [] +deprecated: false +description: A network load-balancer implementation for Kubernetes using standard routing protocols +home: https://truecharts.org/charts/operators/metallb +icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png +keywords: + - metallb + - loadbalancer +kubeVersion: ">=1.24.0-0" +maintainers: + - name: TrueCharts + email: info@truecharts.org + url: https://truecharts.org +name: metallb +sources: + - https://github.com/metallb/metallb + - https://metallb.universe.tf + - https://github.com/truecharts/charts/tree/master/charts/operators/metallb + - https://github.com/truecharts/containers/tree/master/apps/alpine +type: application +version: 13.1.12 diff --git a/operators/prometheus-operator/4.5.2/LICENSE b/operators/metallb/13.1.12/LICENSE similarity index 100% rename from operators/prometheus-operator/4.5.2/LICENSE rename to operators/metallb/13.1.12/LICENSE diff --git a/operators/metallb/13.1.12/README.md b/operators/metallb/13.1.12/README.md new file mode 100644 index 0000000000..07b6c03032 --- /dev/null +++ b/operators/metallb/13.1.12/README.md @@ -0,0 +1,28 @@ +--- +title: README +--- + +## General Info + +TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/operators/metallb) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +_All Rights Reserved - The TrueCharts Project_ diff --git a/operators/metallb/13.1.12/app-changelog.md b/operators/metallb/13.1.12/app-changelog.md new file mode 100644 index 0000000000..2e0e199871 --- /dev/null +++ b/operators/metallb/13.1.12/app-changelog.md @@ -0,0 +1,9 @@ + + +## [metallb-13.1.12](https://github.com/truecharts/charts/compare/metallb-13.1.11...metallb-13.1.12) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) \ No newline at end of file diff --git a/operators/metallb/13.1.12/app-readme.md b/operators/metallb/13.1.12/app-readme.md new file mode 100644 index 0000000000..ef8e745914 --- /dev/null +++ b/operators/metallb/13.1.12/app-readme.md @@ -0,0 +1,8 @@ +A network load-balancer implementation for Kubernetes using standard routing protocols + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/operators/metallb](https://truecharts.org/charts/operators/metallb) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/stable/znc/8.1.11/charts/common-17.2.26.tgz b/operators/metallb/13.1.12/charts/common-17.2.26.tgz similarity index 100% rename from stable/znc/8.1.11/charts/common-17.2.26.tgz rename to operators/metallb/13.1.12/charts/common-17.2.26.tgz diff --git a/operators/metallb/13.1.12/charts/metallb-0.13.12.tgz b/operators/metallb/13.1.12/charts/metallb-0.13.12.tgz new file mode 100644 index 0000000000000000000000000000000000000000..9e8367bda3002b90ae0b2eb0c933d89e731da9f0 GIT binary patch literal 24427 zcmV);K!(2`iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POwgb{n~}APS$qhfje+*XbILNRiZFo88|1Ng^rBB~cP5S#npa zz)X-#6Pd^YKuYxRt$vVuU#_3zE&w^tlw{epH*?i0iuIK+6oeKdoV zS69%)|MuihtyZh;@9xTfYqeVR-`f7mm;YAZ-IM?AHfsM?t2g!=JO2i1PmfCcSuhUi zzttYyRgYv&;NJ>>ec$| zYOPZHxuhuKR4FmCpqe70+uGFNv&Fco5z__i{#)WJ8#Mv6ZER?=^Q9OCA3grz`HzV< ze-gF|J$dtgr&f#3|Gk&B&HR6kCpx#+ox#QwG2R4h1{-_(&9SzlH{e)@+TLD6--oYW z?T_`kzPGc3(Bw7T-D#k`SGCu$rt5GQzS`4X>S%YOPa3t?yP7_(m8Qr-6mq0DLAg{RNtN~1QY?>G1Mn|piJot>SRJN5eB%m1o1nzdT_@e|-*{Bh_165<77-$nt*p8t); zej_^ncWQg}&HR6k=LKk?30z3v| z0xhIrND){#TV$PufSN^&{9SYX^o8bzEn!G}NO zQhB~alo~pc@@BHYIQCK~2ZxSsaD*Xa@~yy>2*qS#OcxY^Gtq<7!!6M?Fc*viW+Tm* ztiXA<4afxW83Gf6F}V}U0>2}r7l24jMBqoqP-~U|cmXtuAV*GZ12J$nLwts)=%ryX zK_>t$9V{3Ey~BeeKo?ka5jZuQfYSvkm265(QE|Z(T&7WIBLFRnD8+^)w*hq>TzGZG z$WTL*5a5E7ibgO-npBK}pf~|G(ODJr5t4-yv<)Al;Gbhm#@iHO1R1I{s`YK1XbVsK z+D7+KsAIt@mAR*lRaYjK%?T!gKqHhQW(#f6ng)B}j+2C01qYZTYC&!+5njn5lR!+k z0(a2jqBnxPV#oqO&TX+$5Gu?5lF&hoP((tQ5~s?qipvQ_z$SNyP8JGnlUQQ46WB&j zJef#NNv0}=q%Xy>w2SB@@k3s>&`bOC%YpbOtP@J z6cFm0)2>Z)Ro87l)V694ujGJOgaex*hAh4XAYcej05hf*QV=vmxiJx%Gjf_-Fr>?I zP;EI_4^I0^3MoOdF5&_DJqPZ7bLr^&91nDYEcP=8Gq_aP*oc}26H1%_>`EbwWq+9s zHN*fT;0}SQu|&Y&$u*o6;%5ekC0Io8l|Lz5q36<)A-Xg)1fZq~;>pf{@hX6*EK1Q| z3xgtE$Uh5|L3N~*62DkA+zxp2Mz#dXl6Mnp*hD{5)7rID-^eP22AZ!r7$%k!im&ti zKy@I_DUxymZy{2A{0s(kWMi^&#`Op8q1TIW=j2Kq;6W*N#0M$$$52zkM6e|^EJS@? zxL=8tE^I_hHCi>uwx~N^7+6PC{#_AODiV^c!r@f89~#w~d|@vzz987pR!xOk!a4vh zJUR$=@~NWGc;U!Ez!tU?wW1@*%L#Cb>H+yI04V(cVzDSo|A+V+!!g22ZL&iM0IwLt zr?OBJeEu4T6 zzN%|j9ML7jo_Lb$Mr5(m9bJ)y>j*w~1r+e!Hr*EfU5P+Ik-}K5tx`*YwvAU(t|+|% zjL}3a%Z4TFO0o1x7z#j7)iGUVSmOEG7#nW9&tG+~j+BxoM z1`1l@ln>ANpym=r$bpb30vl86|K?rW&&)|Y_ zr%jmf;b9HSK`%vt4jG)HEP#AQ5t|XL2Y^3s9+mBfm*ZrU0WQ!c}m#U|gu4#6o~fn&3}}@t<4ZPaTaHQ}Ksk zO^Enc41o9-QA+5a!iN6SA{P3y1O&KK0j&u{VdbYGrU@;*3ATOAyV>9r;wxRs>)ZkLsL8s zj)uRU0p^qiqHI;crD)>shljNQooGxTs3DuP?K?u}m_VHcaAw;+^z9cecm)_$rw;1w zd*>%mo83Kv#hNyhy>PzJ;5)ZC04BWeFX$9CL1XVfgKvixTtWj2n)}~`#SmyQt-Xk! z$5nP>o_XlnHcm;vW@LeN!D7nq@5t2P9)N;1i1-#GaFnk*s7^`8kFyP7Fb9eNxCNks zWH8|En>qmza(lzsKJj*5WL>qvD|d5~R9UG%8hjk_L+2oH6}B4eVj z{4zs^XcO%3?d|N!mlJkO$-?$uQRId|xSI0|fDO~&%(nwHd(i~-TFvy{n8=j#q+Y9? z86_Zfjy}RjllqDT#0f^!?TOTfY-$kM6AT&a`n{$LiyJ12zJ`;DVM&oD;n_q#h!F<| zjS6fmktNm{O2*Edj*HF-H1L9=fxFB!!H%Qt8r*=mg)m(8kwz??iSDUcj;KNO=v%hX zG{jf{l2WZiU&w;{#U+)YZv2qAm0oyO=b8(GQ?2v@cv^Y26tLIhi-9kk-MY>a(RVQT z*6V}AljsbJrOd<3MCKS#Y%rcSGA2GWEZy15dA+;uyi|Vv-_hy<@>vsVwvq=DgaUlH@_h;NwUXbTKZCLxvf$!e24BBc ze26Yfya-nOG1jBV!Xp?|f)c!9Xft=c0-C6&Hi2Cq>UgF0^oaDKq%3TkmFyeg#yF&W zVXuo>V)J_{Y=W-6EOvT5fAek23%+m{S-P-UY`=Wbh*wT;Gtt z2QLVl5WkQf!B8(r<`brk>!OaKI-%|!d}0BODyKq}z)Oe?T@GqTF^5AXAbvi3JYyvO zk7+Yx!sYhP~VbWmowU98ht%fzau; zPT_=CYA?6dyBB34Ys%c<7>Q~sD#3ZVvgJE6{)jZL-swm#a$*H4H^FB)U&_9FRCy}?vt%Ye-BN)hUzBBkDgpXf~acWr8 zGWhDZScPWY>-)`6$FfeV?98^%97Wc`R5J@= zT;38QXuOz;KZJEI{uQRY_*a_p;tyfSyYnxKf>esukr63$aE9Jhs$$>by$XH)x)p}R z;WP;Zv{vVn5M#Mdl8oBQDrGG&4$3k0{E>;3ulucuT6pA{;4=knf+N@7Mpk=VL+ut z{YX{~xC*jBIXzsHdYW|;d(J1Lcg$w;vo=19*ih}pC}UIruOYJ!V(;GnHQ-6`P*^a_D(SW{*C`?^C4`zEk%x`0X-PsvgxL#Cun z{h%7He1CrgIWt*VR}mpWz^=LzJaUvlM7IdgW{@f$XPj`sPPp(V3yiyKwjt`Qz+Vf9 zjfsJD0Bw7X7L_aM#5y&stk%4}_n_w~-a>F9x-G;`WyMv+M9kG6II2~$yGoT zm%?a+Z52->+6_zVbUihZhkVmEqj$k`UD1L{ycC z%d9}1@UeyhD8==mOwG0Ih2-TI^$sZHFhk^MLJA{h4N}%Xfw(1*tDC#}ewL#lRZ;Nb zs&l%XbGG7XIvy|wvl#(|Ww?h$sG`$)tezXsT8y}E2vx%?jvxPHJKh@58l9`j(s&!PVPOY?I$xcCA5oDekqcarUa z&}da5)i4WfGQ{9S;+`J`D=D7&sQ}7Y<^rCR7)NFdRdl#wAM+eVAlU_1_T#Gaz$Q;4 zkUf=(^t)K^-BK#bI-^K}b3eI7S=2Nv!<62{T2?7|@06<7YAMAMsO!{D+_y?WIg>^p z!%WUmHA9#tzE8nFVz#^VPjIXz0gk?jHIlu#mQt-84v2r$#0><){~(JR=83uNfeC#4BW{SNY_JCGpRL&H8QJl2Vo4+ixX>WR5sfL8JNyl^AlW~s zI$WIC$fsF-!%?S?cK!P?bbpt%$B&-P0~_0=%?2Bazs-Z4v?T(PL{}#DW5K*Xk|7nINXJwJ_a+Z~x?Uh`-Vw$fP!unW96PhR>B4X;q$#WHoH3Wv`h1~h) zed2@l-I+6CDtnvxxdMFKM^EJdO|*sA^PhUP9^gmy>iWTkDb~`r(U6=o6=m>9#&bg} zzs2+q?FAR0Ox_G}2I$8_wUBlfQwS1NrbxIC)w6ajj(V-9+LB3$2}<6RIqJ1i{1ch6 zLn-05Ic+*+fh`NW8R+f|KJ(&tt*Lv;GX<^esHBsrMJN)gsAwx`RGb|pZ`0R5IN|H1 zF|Bkhoitq|^-s};g2f)N$;;9f`s~S*J$2HT_?!hk&-0hPw1;O|sw~Xf!VW z%>TVceUtzDS)R|Iw|@gm!)(fv!V?1{p?1761zEHiYJ%UkzkV%=Ql<924J|#E99M?F zRZC8}3Xn=C@=xTdh`fsbRi59istYH&0+5^2G#GdXz5q@amIn5B3!CjHu(w2Ew|^!zK?1 zBV7qNgMnY1bGWT;UzC*>lGsT5wOTrv04JBW0^%R;^kN2u3=JLXg$zK6yn}5jVf~}d zE^&>CN6TpLbeCqS-;2;2GY`&B68Gkt;sfgA=utrdsrD3!R9zR((91QEv#DY62`K+3 ztNbS`M_{Q&i?dhqpCP6TjHZ|&&Mg^YB!kDaRVle^mocicls}}=t^}#9{&p^&0bktA zYM}gIWl+8?uRn!|X%fph8=j7#v+pQToFQyh*=$>4El=Vbmh@Q1I#g9n#=kQs^8VBT zTMclE)5QbtRwD5&o|(|QmgMv2geqUaUkk!fq|0$ADilJmj8_Vf%Qa5iPa?_OV*|NF zi}tdTh=S$jGl)@1P4sFq=JFx}OG9D2gVQOAYh!{umYmW{*savG45sxHP=(_*yJ_+% zwMNy+R1sM(ehEy3fGG=piBZZIi`8F$Ezq77BvU|$xGk5RKg#RE%9a_i9P{C1tc6MM z=3FUA_vGRQi0*m|3R66#rS-{O1kjqaMw}bgl!3mN*nh#YmfFCMizF%lKuk4{PC+pp z*f4znt=x8s3h#>QYY1hTB3WfW&}~9_s*(^&4F=)AG6@MatN2AcugqH zM9rnhgwizJCX{BO=YKAz^GGJ$9!4`Ef{T<5&VlrLWPe{kgqoO|1&)4YMHY+r!-Fgl2B;dY?jp$m7 zJ&WQCunbE_76-e)S-#_1w6{an1d#-+0y>4(6oH@SXtf1?lG$>E^_xI9Cy}(TC5SrU z>sQ$)r)H=h3ce%yn2qGkV;SnQn>J5Y_L7>)8k}516KB?nks{DI0Ir$hJk?7N*@hvY8Xc&Vd2&hl`W074TN+UW7OBx;0D90xEABuex4*fJD=SX*EH zt+_xsgKVp!O;F}^5jZCtE@aE}Q{^I>Kskh-H-7#rxmUeL*WG$93k8PoRTOrpx!8+n zvgoy0Ce+?K^YoE(weWmR=(am=^T;2K1@l41)AtEJh&P=$0HNlhC&B%qv3nOw#fLuD zZrtKb5&1dZfvOLZBWfC!WX)p=HFOcql2^<0B7_nb2hogVG!{6f%gG3sFCa*X7!AB| zIFFRx6}oZOREhOKV0s4{mLIGBc~HTDStU7~f-h0;YuHhiBEVvx{B$kBS{|>s`RTH- zNd}Q3nv!vG!YP7<-3-0~5miY+BcXOe>yS=EiT*1UA#&doGQEOe(`L7us3=%ow1UaB zA~OxkrgD%J6*NS7#hEM>!BB6!TgO$*i2E^(u(1RAF_gv?nNc*@`OHdd4Q3#+CEBpt z0h8$HP4Zx-)K0(vSs~QLjC? z?H-)916(OriDbuZ&~;SJ0^Vw0oSt8wwY!5v!0Tz!MTabCnin9z;qk@o;QAt=>wYHC z#Af9!UdKkY#Pq9;>THqNysXC+$u_3rLY0Jds2IEMn{lIj>I8o^C4IJ)rOF9}|l z=uE6wp+3l)Kvgd8ZEo7z^H;1A2E8q3sWp}JnZ@uBZv!tWg8I3ISD~vnvSwK*?M>47 zC1mzh&x~{X81e80BDU&^f2nNXlO$&1a3v<$O`g|bd=n~$)zL_f+#)bTRl?AsDSV57 z3)cz5i>C@M0x?=E3^SfCxCqQ>tp`i(aN?sRhDyrE{5?4;g7MR^R0Qawc`5?$DVQn( z@@cp#0`viFm1_04aqeMWa*r_No1pbtPV0&HmZ%3}OztkIu{1E6qBheYhUzM^U=An{ z5Wqb`c*nqqtr$mUL>vR4K^u+@Y;Xfbu3*wBvBPgF;NbK$?6)YoJKzFPYemvMxggP~ zh+igrze+bO5=#r?qM#{|SU=eu2y5S-X3PoWI-)f4MbV_9EY!OD$ zUkk)|L^L?JNSL9Q?nM#}b&rI40#1-K#F&_RUWRy#$55LO$SIk!bE{1$p-(n=$!cyu zSyy#qx-1AO!hul>mB~EUbS-AB}iDg39w-;?h7qPL6}eE0ZnVl&5IfE zF}wGDJjVBy)np(YX~44pGkO{VNA6Gu04o6Q4TeaL2deE(NRHbolbNWXRSMq( zJ^!&E+5c_Sc6K)Vzt8f-jX`h3T|N?a04Vo4r1H??gc1`hYt{NrwFW}v%&@D#u8D6s(iBjLM&}}km?nUm^S2w)Uj95Sk>=Mv45^7KL4GR z6BXR3sL_3N7)ajy-`}rC;y?CZ?$3@r-U8@#WtW zkAHmr+eCM~a?cb0Roj0VyZ>qLh zhz)z*Xs=w7`04Uay%>^sU_rsUUXa0VLPS_mgrY$`p;)HEs0E-zu}X+ibMw)rSuFv` zZqcyG_k+Znd5cj$j*ncC+;t>*sgf;`XQa?DyE%Q`Ub?>v zj6k$%#9Yj6I+n861r+3D@N0Ew!S;%gNy_>55FlbmtY`73p{*A<;Tg3$worjJI6 zE--SK5!%KvB?~*?TXt?Wk8SG+&eaubE)g9E-cJ$t{&p@JS3mB=go!N=1^anuSh|=V zkMAzQsD~z^zT4dlBuW4TX#Kz@*+S;?a)_+ph3}}BH1c4(sj5IZadR$oxxKky9E_23 z)J+F>Gh`LCUEaKr8&BorEx=GK&Rhw5C^FIXihe5$t)PH?%0qJr_P^JvoGVY@1jx1j zWB$LFwZ_K&f0id>Aqi#3ey9&11mt1z?9sYz;Xbaf#^%(2xGEa~{0Mb69Z~_6cIqvV zmEr?dm4ZX9r0#ONMrQ-5=A$8q6?IQZ6F6zh`hHPY%S}4LWvVa=f&8C8fBp=9QtTqM zaPajjsJP%j;G3W5`0H0dtl%e`=z+c4uV2AT=IoJpJ3C_XR>gmSIxr1u!O_oudTKbj zx2fk5zn#Bgw;DE(#huO8TM6ZMObGt`k&NGzvy*|8zlvp}?!cZ9+5~koZL7W*$)jhY zl8$q&6|Io)vk)Id?iI-6g`;rs@68Vu;Xvj%)*sFbs{WeHPT<$~h2YqCrmRtpgCTTf@3tFm%fahZy|h4ItJp0_v}s zm1OD1@=xM0eM=^KFc-(>kQ*Z1boJifFc zgl1L}5RKjYdLq5pHRNkPm47fJ7(8ZvE+Khp6g{M#^` zSnAN#Ad;@;f@c&6LR9-p;6pij*gbsTNJ@Wngpv9yGGeNuTkh3U8H4y8`X1(u4Ag7` z-E(9K>{u#F+JbRnx~~HFe;1qe^i0N&jKUlw!>8GBCOVy%k zLi<7RBI`*Aa&WzRYS@7V_Q^pz%kNXejV{vP0Pk-EQq9+Id&WZo6??v-})L+&bFE{&t&+()u zgG{|4Dk>;EaS&nbf@|*+DJ$RQYKW|CND=yFhw$ca=O+jKr0Lvlbj8iu$4!dDdGN85v<4o2{G@BL@EEawkT}Xb$rm36vhL4_<(`uc z<)JK0k<^2~iAR6qL4prxATzA65_(gp3kj!!Bj$s4*IG;{ujhcEYv${&aKHp~=f zrlddf(`rQ8O-`**Fs(&SVvF1a9S>G&y!(9eEVPgg6*EY3E}eVq%Kr_Q`mmbzcsf2E zjG~IBtE_~XWbKqK>nfg_a@L<*G(neGs1(YCo_1JRtnH(w6Qj})W4)Hm8qjY;NF`bLoE(otMFu+aU#&-%JDy|MjT&}elVpt zU0{D(3H?yjID?>11m;;)-q6n5-&yNjPci)AQ|hg!Ha`B=Fb&T+*O97C*|GT^2Xw;(l{~NX4&HnFmJjFaP zFF>c)1L)osVgPUgW^joBpCN{T49f=OPRxt(3QQ<%PACP$0)n!9VOL8pz+1R9tf{DB z0>c8(zb-^w&&j|-!ZnF*OjclwW^ic`%9=7`2)c)+jS-L-2{gF(AH zI63b&L$9xdpoJPYmhu=qfKG!h24G@P#^pV{TL5~=_Y91-09qnT@V3E$!5nzVwE1dF zrmNvZAZ$~_1j&Dcmj0V~;W4s+zF>&T`{ZRFL{OekTHXT4y*2iQEaYHxXJ9O|zKxM0 zqyi%^L=;+HRTurQg24;{8&N0G00V4B7Fc)SjS*P9p?6!;H*|}7NBa7**3XWz- zo2zcv&{VzH0-TWW0E%u&eM)ecfcFWFDfIXQQUoBrgDd6|Cs=(vwe>eEN1r3ip6G8Z z;{Dk7eo?~?{%uXYUj{Rn_ro?!?{BR8Rje8He;{KT_%#;O(EBA=*8gUYsb6lQ`Qb*ZAqOz3V z0jL}R?^<0@Vc@m18kW6L4wjA-w}DemGC&&Ga)2!YWhw`t*>pY%E=g^t9AKW5`jVHj z+ZP;`(}ZBWoFbARvl~)e8b&lyM6qsW5yj7$MFf-Qpv$=6%0Q_ETqb%R6lc<8L6H+F zoh}YPht?$E91sgmy$Pka&g(a2PND0^FDHB!i>QVyj%c|Qk!uDMlU7VF6W$xA(TA2sOj9gZvJ^uA3P_B|X$h7>hm$MgiY%y8ogvY#GtGrmP+FW?OfjTW6zGmT zz34CB46eZ8@rBcqvxE1yomT%%z1G+*1*E<(sYT_0A|V$7xgdpP*%VobLhi4xLijmi z&uPS6Lj2M9##?kuN8`nGDv-Aq)FuqEE!i=lelQzpLV1Lsd`F>O27*{nNi|7-U|5VJ z=&rS7qFy_Ssk@Hr21Odjt1W=4)2b^Hmk>{>Vd+BKl=8{ZQ#^4cntW513eVWEw%zh& zw=wGBDJ3k#_*P*lx&<+I$ro#y=gh>}6=#d3?HY4Rlr%SH%C`=sHOD?KH zyA}NwZw+fAXzc*Yz9hrDb1^x>7TPxRJx?t;c70ShL_hWZpdZeT0ioopKh4o<3;d*H zTJueeTH(};pFhhA;Oke}8>d?2cIkvo&y=B1=hypO@b=WXyF2`@nY5>uQa$Tnz>jh1 zkIOa=4gt;r{`MlFi7qd>opKP^$%s@QhFBusib; zn9XgBE-bMUC0t`4{Sw-M&99y~7@=V|OgKds3yjs>?tvahzdRxdt+#*&&TBpVfR}hU zqNZU<9zCW|Ll=k|MDHVwSUPKZX?ewh+C}`1(0M5QK61zZS~+7}D)?9KyQKm%C4S?6 z?9Tn1BrlF71~_Cp`Dp%(2zio|r0 zmOfLW%@JpT#-;nMWzZ)0oKnSev*z^hq2AkglcIs5C{iS^WS~XM2k*2?EuOLDDOx-6 zF@w{-n)@kCBFa=WL_-uW!1)hpIL0Nyk~?w}h6jYx3vfhi12NCsGawFnEt!&k;wv?# zGahn{N`nMR?*-BwDN&7eU9;sFOK5?9N`aXupatv7uT_d{!VFHRTt_mCaySKF+=&IM zM>9xy^}x0rJv}TSWL%TMSArtwK0S}p#`+0(7p>Y-^MjkPBDP?iQC zlX;dZn)ttFg9<&JfNgHt(hB*_H%Mf@9QRQaJd?-z!#HKnLGhTP)`hyN(P<|YLS#xs zt2?+Q^N2ge5(giQ5x+yOtJ5(Og$?W0O5~1&S)0xr1sUT3Op!N)6CkMKVOwQ0k5sqr z%XP;yq3bE5aT_Zd8Wu;s0CX?3;6SMWo#WE(2PU)IA+P_=i*+d+?{pf0!zCqOUr?eU zr6oG1c;rxGNXBY0`RXDORji+%?kQS=f@3c*z987pR>3NsMyoz$pqpGj#f(b8!u50o zO1fN93XW(30trEUhnyw$$#9-Os=qZtv(wwdlWyzw zpw;Ra|bL4_fWs?Zru}Fhox&u?;39N(x^%wq*-pxbhrN3G@gfn@}r4o3JM< z7htG-7!)^5L>9a_tZ;>hg}IO!>j&ZIY$7}{pIyqPSY7q9T~%V zL5-z>(G<0r2C;O8H^BtD!Gb<7pIdmVCi)Uss`vAQxeY zb#=NN$4nu&%zB6v8jfOn4RQRO(%GmzYC|F5RV*?O)2B_!lsIUeopf`iihA3>?x&WP zwo1R<8=V}r3;1BZwf{MTz>oFE1@>m-9Z{Q9ZGSbWqT=!y!I04YM z5mb(B4h?z2!QjhD=;xQv*laUVgBz9sDiw9u02^bu@1YA$aP~65e+!EO&XH+z_9ndd zvaq;;!G{mhLmZ9g`tk+*g<*tjP>;Ozn*8aPUjl&s3)I1{ zzlN80br95lrPJa(>G`CwX!*-rb}`uAyn}S9Yd{RQ*yt`m?rT=BKNEGnUYvqOqPPuII(`R zKu($^m`pigTt|`NuT&IG)D<~a#kt+>O$zE61a#poY{n^q<{P0hG`F{Z`X#t~{A&u} z@Qm7yz~q=!G{c?=gJfZF#NG@}`?u|**4y@NuYYiRbuxH+d(iIR)*G*GkB`o7`)>~# zd;42{srFGTr(6uq(cw`cIEm#lprx(Z>%}elgt4iygdA1oXeDF#-ngzMDM&eH)j3)v z5fo9LQbD6UYk6NwZWiYr5Ee!<)mWYvBqcH-b-zD-$G<>)LZZ;3=&uE0(dZ`4UNk|y zW`-pyG6`KZL8EqNcpn0x-)D$1ApxA(-+>s9p*A0oQ!-`eR+~~npN4z#7NfLi*hCj* zY~^r$^bxOof}k$!*j!(7SAr|uHTGX zUtG9bM2}?36i+!E;zn4x39w-;?(EoUvS8FYnoN+!o1jbj+6?In>~jLK z1$;uApnY#J&Wgczk~mas3cFS)Nd)3Eeq)N72+^ zoF?Z!9YJj9G8@~K;*_Ic9-f4>6mCq3!&sG2-kwLLmT+0MS*rNR_t4TncTT6AoTbaU zOc`t-i@OQCfqx7-oT@sCuAed)#L|bRWyJ>m?$T0`3sqdW2B|FTW5i+IwP|cZaLL<0 zN-(iBsnP!GWKOFR9j`WNh%07%cmTLGbhGRtg`n2MYd|B}Cs1-~Bk z+6RNS^J93?a(_fL)JhOtvC1+-M{T)aGAAMO-*HqMmGRWJk<>LFKcWt-XBf@KV@K0L z^`B=X>lMR(>KPh>_;;A2A%y>##&$flp}s_v8w{C9rm%jJ=^6t1cNpO)&i_n+iU+L{jz#-a|_-y#N-P zs(j7A*c45Sd!#E5^MCwW1?LuC0bh58m=utJbQuKYo$B+|BK6 z!<<&x%s^O|OXwKtQ?%_AuE?^LP{QN?$@mJRHxmqbh5faF6#WYRmdcxwa1%no@1E}A z+~2`Cv~);yK*>U$2Xm7zuu|!_-`)}v*>H-Qzx@XOhl{tX3@j{Ti6}!=KKVzf^x_5R zOAQhn5gnCEfeKTD&lY2OXRtfHoqtump1Sl(shK4o#U}XkA8$atT7O-wRce2hN?$Kd* z*fD}HfN?5D@eBCVGH`kw8l-xRu*7cCRbWBS7+5t$cFi z9Ps%93`@4UlV3UMXq8vLUdsm%KK-&*)!0!dzjl7*$g!)Os%|E)5Dy4}BS-tlD=ANU z%G_R6aOT`SCln(xX@Wl?#(!>sKjl>j;tx?@{CfwfCH_T}68a|~6#QusON?9?i%{T6 zK6gYiP#35W3l0c%H<7VZl7Qs%U|u$fY$hy_%p-@DGLv_#S9eW5%+B^5R8}Xm z3n3h;XBDKcbF)B|tA#UAzDF=Ntm#nRK#*8D7%%iiUEcBq{Q2Pzzbw^R?hMRw#Dx$N zpL{&r+|1|B?H_5Kjpad4#5A6eFa=zZCIdl=KDAp?u<{W`COH{l9=+6<^gqX&&s3<4E0o)Fx=pTPy=NY9&`YeG|cVwIsKqDo^9(ieiNZef!*@xO6+2{%#$grjlLO9%vji`pK;1u3_B+&Zv;9gI_{ncY}Z{*DV0znsV8 zn)jT-13`$j#VX?vBejS5aEb(hJeV4hEBNz~NIW7{U|~!==TI-6yTVL~v09Z%+id6MZz&x5)JV=jW6z{;s zBe^8y1Xapx67xI99*vz8O6gkkqQV?->8S^EDh4wF7ARWSE1Q`ZB+)H9p^lqg{8i2X z6qB8=s(aN&a*Z?taVN2KuB#?9WkpV%wMn<0H`~qgo&qMzj~%)AEvFxAd9VxSr%Lb~ z7EcS7PRWRRo7?T&e1B)*hPHnDOWq@l`iU4&&jKuL%;|4)7Qw1oyFd3d(w-hsLo*UwSDLr zsjqUzuXw?N{&p`3+}eKYl$ynqgf%?YnMwQdn#s(Q=W}749Ws*QdDZq}wIaugbFjC8O}!G{^bW<@6&1Iv1~9*T|#1Pxe( z-VvgI-1drZQx(X_ww-#v{vBeQHc$TJs%o~>|F%PWgj4b~ZREs%*6WR(==tBqCjRqz z9w)dHn9#6Fr5C`B)K9n~xTGU%^}%G*Kfvb_0ET5Rcy(@AI(YL2lv~KgWMv|YmrF?( z41?wyr;5C*%RO(dekC*p!5I&f4CYf_E#!5hGAYFK>o zOWFUJ1oP+rWIqF)ASN4?F{=RG+ej1gRAy@_Z-Ec-ihulC`Wm8|(Eq&PbvK@y$yi!$ zSSqkqTQE*cp&~N?DH68*($JB<4t)ihsniTAp&#NIO8$`WWR?=2P(cEPlvs}{ZgBd~ z|0@Raf4NytelC|bDIES*PelGpZ_(39e)Z(Z|D8rH8vp-t6aV`>PgMSoTuFA(zW_*O zrZFsVgcm|D?h%YYGjMJuQ)C4ymA$X7N~$aeQOse%W>|i!((-85haD-hK9~Nz?48dl zH^GOpV%qW_Tcv+5d-j#{MR#L?WFZ5wa4~rzM;1+3K4i%yqGMHJ!H`Vi`_-40L3+gT zj|)vfP0^RKS}%%F*)buWl*ECH7yo|rb&$^{?)RQgf43(h|9x-86D|Qc^1sp8ZA9e% z?(WN-jr@O(=jrr+h)iPj(RWk-1F|im`@4eUTPpsEx5|QFeBbh~A@couI`#fNQ@8i; z0RK??ql&EMhrK_1IiG&FZMpRCj%anMfvlz9a|dk3<+uQHpqeW`pUo5GsUO+o36dk| z8*~Bi8FJ~to`)a-EI!oK@(#*#v?@12IXg#Uc?*n z1PxLlM$c>nnt?VqEBZHnyn{zGNIBcqsLr-kCg>+i|Cf9Id*|hD)c;r8+1P*2@`REe zG)gdhezLw(tv5=#e;Tg|&IH4p9)hD@i}}@%b3CE^pSFSSIkIGWn^@k@BdM|U9Q(e7WUN>;<7Z&^S*11cRf5VC zS=B&vsstX8H7~2R5>R(q8pIkHCSn|#b`w|&jFVDavS1b;H_6PDl7-z2r|pr4Y!o`G zD+hiMx_m42^WURiP7S6q&D(fEA#O&~RRX{aYr4RYhCT`FMiFN0zNgSGi9G3ivu{}h>GuWm)~z# zgNF-C$EXQT`!#;ruOIb>`n!Q~*y@em4g15JcbB!!uqVIOc0onTh+CpXT)|(>@&4&+cz_^!9LsfA2S5 z!~WH*ab4Rx91cfktxNl8IPB~Uuk6mCT|b01{qSrw>Rg($?qyv+zS)@_kJ_E#rKz8f z=I;)#YxQ<-^p0Jb_2aXvcPGOuy?18b-QA3Oo$FftXzbK)UD~ai9ep^Q>sR9uz8+cK z`DN{0`}*U_yK%@cXE%e()&T0rDOV;oE~@`>t2(4z!^@=wF?D>UBDu z%Xz0a8g>r5ZQN>I+HJko*|}-x@A|dQvOnw|4u{?QQOCYNySnLVN3WOHa~&gV*6!EH z&iUwYr@MN+3qQTPLl`e0?tVJM^H1aY&2``0V?Fb1_xj@qw=QiHHg0Y%t?S0v(wTNu zpQEe2i_?ZZyXqXmOS5;`@4srmj($FD9nSU94C-xuHLP`yhC_RG^QpZ$KkmLC?{sQs z$K649$37j`M|SJdUTVWSzpPy@d+$ewsMG1*e4O=eTAhYgpDsrj&u?lr84Yd@d+*gS`Yy}jQ2Rby!N_*Lg-*t)b0eSXgdthE zPo4ei`Hj_oKiX|wlKN@ge*b&p9fgC#Mi1NgYX17>yfwTZ*KMZFJHzg$cgwTZ$!_;; zcW`y}deN=fZ*N97^Xr{18CtWwUVUWuJ9dBYNuR^_H={voG!XPXYrHf2tbic@ zy8JY#b*~0jy~S`iYILtg@cj7ICv-JBg*!KNJioad9*^Fg4PPIQKkCQh7Vh*$-EOa; z&(4oKuzy@1_WE4RV|MxppY=_>b^Y*d)GVN!LUADjx5qRGw=7$tec~Lquw37Kb&7)ptTj;eO z>kUSK4IBFE>|?Ljy0mNPxcmNe#Twlmeed^Av&AJo*%`jq{~8TCCj(0#^*$bcLhas_ z-oB$Z_3qnIyJz*=qnkdS-5`9u9MtwcovmK)4(2u)b-EY*`F*!_X%qCmJJMI2!($z4 zbA2`*>hHC;qm$9F-WnQwIk1?3YhjWcyetc&QJDs>YF1H#>P=CaW<^)j7Gh~oAx_vfNxHQ zgI=d+>b=p`>)H@^Plo2}ldC~{)$82s_G;ZDy*;zX^=aeA9Ca?=>nD00w@3Ko4$j{l z-R$Vc<637V;Od=sgMR1Tvfr8CpUrz$sI9jyt=TAfC3=djgl*sX43bTz=2J8*Pe*LO}<y&(D@9teqC!_+A}oYt)IW|endmNrsLTe8uIhgMt2X+ z>pj%!ox+cYCuf~$ZG81^fBb25(;f0pS6BRcG^{Pp+no#j>gG&q>$QHpdptUx(tf)m z!aS=(G0eGbksU%^y=@9&s)Q~UVGi?HAcJR`Hg+{{^t5>cz-&=_-b4qHO}7m zeiv}{kv{Cz?Yl0Rb;8vv+z;Uya|l_q1A%j0X6x z!N-GI|D!%St@oC_R>$tXZSRaM%z8s@uXRc2s6IOG&bz0utskPnyA#-+-Hj}5H8}2& z^Zsi*{G{KU4R7k#!ydgdXBRiebqtT|hv!H9Fa2%z2Ac1nZuR!g%zFO{cWT4o&8OC- zJsj3Y!{NtXdpztl#-q_iZ`3nUpWD5+`lsI;z4_JqQFmayJ4U0?^{AoG&n)}!a=5$F zN4P$G+c~~&*gdV&y*O`mK8*(N2E(1+PV17~k3Jo&(2!rBAHQo~n>QW(Vv13Z{B#SWF#NzdihR^W>5{}Mpa6_Fg2E;bgeqFDbgTEdf=)e z_oYFsD|IX}XzKviC$K zx+*VIUr93}U^0P&i<7Dc$fm?blpEpussh$%;BBPYp9N-44k}%kp-8pukPqojXOx9v zFhE7`nVXj@1Q>`y&~oCWt1^!&q71MZSzz5Uz&M~tBU8)xjaxkLQSMljyMdlBIAedoI5LJUHqnZUwWa&0BEM<)iGtJ{4qIjrKc`^Yf7j7j$p*2Me5b11~8QRQq zG0z|aaKUHt+)FhE8h~rE02;IuRC9s3VPoV1G%UfMhBd_q2m!Puy1P?XewIWi2PjSk)uAyV7{%y1p4tbYgxNW~cQr$nkn|@P zQgA5*+|v?L!YC%0kvmuV8&Sa`+eLs=XfZ5n8x|+v@c2SHJ{OjzQ2C$52Q+ zNBg-1tv6m3q3F4-&X{kxHKmSFZ@dD(7*$jS774cgYbrsFi3)wOk!DN`q(6pY`2-1E z6Om4cKraQahp(1M>_Zy62hmEAV!}QJR@sK%Nto-s+h#oypU%8pMLx1z7PfqGEj&>su;N zVj%?sle-{@Z#niUszmT(68YVHwK?MU!YSr1nC?=c;)JA>l?FmUY=W3}D4`My#mRuI zMeOoid5Z#EAsVNMyyYgPlL>4{Rf61z3S9B^oXC5ZCWTZrd3$d`Wlfe1scU2`_hpLc zYl#TNyH=5+rj%MswHHti7$;O-M=sNms8@?|?EYb=qu}$`N0_s6Un||3-4YfWGjv4N z2}h^tlZ)sMpKI~@S9Ltr;Pp)wM|}yawQ{&1ciG?5Hv%KX2{;WTFmxRcteW0mX-STe zFs~@GG1R2c3cw8Yd}D2ItnD!MH`eyX+TK{((Fz-DJJ6x0v9?>(SRy9XJY{pI8QiYy z_igHg4kTOIYYgPZ%2vm6a{JD3nOXh-S!1%zOVHW+Q}e~1Mehwpj~#u|sNz)cD@4u=sujpxJ1H0bz{%Dbbt zyYax|i4K^`gY9`h0-QcZj=lpiUd2{4C`GzcedE5^xG%!g-?%TH!F}OR^?dJzU$&_8 zLPw(8XUcnEAey6@s51-;>LDO%i@9ui5X9sX@2P3Xt3$OpN>T_hVXP_*GKx&Xon2h# zx@_QO%$5#|G4kO{MKggJ#iJNG)IL{-8Y~A*(P{u|ZkUM16{Ktp(S-NPAZzUH#Xq{% zTD)GCPKmS`IdS^D-Vn$JA(jw?s6)mwg_eol9>~=UWh=&!Da3*XZFyLPOu!6UIu_!< zuz+b`Y%rC$vFct8m^28SfW4X-|5A{s`?XrFmQL1s{97Jf&xnq4Xxf(NV;CS5=mt}N zOK~NL8X~4ibX1ks?k03ye3Tmm3Wj7=$1GOsh%|B4ZN0*(ai$HJ5u1sHdtoOyQL@}X z4p{~~k7<7H5b8JPuILO93$NtG+lr-pj#`*r-i3sY4hE;nbtSk3x-A$s$RD4RVf5n@f9*L&~Ef zNbrHIeg_RMsTihO5@X5r(?*DbF`CGwPArB~!;<#*;8xiT@=mZ9qhP3y$ zTpxl2WkU*0p-y`qg~Q_uaFFcC-Z%y}j)9G1AY%xg)G-i|1_j&$ks5^~9P+ngvo>NM zwFL`SWRak{th4zV)^i$Fa7E~x3Ed_E@X5t;*WasHTkU+9ky2=bHgjwCnP^;ZyedNE zdgGNtIt>$Fq%a3;QQV_bQ4CQqz)kh?i!!750WN?Ov)@zr3n0_xDS-lE93>niPwP0V6{~^+smP}kO@wL@uXe)s zyx5>#cAL^PAXC6 z=%iZ!f;n0#^;PJ|P6|oo&Y?)Ez7c~V`pnTvR(G`A)RK8a=|Ri-93hNo+d15h<3mi5w6W4 zlbL%BD84+gwm_F~@sG+AngdsiZi^t+C0v$&5;7?S*C3LrAlcngE0gGF&^Tdo1<2-B z5Evl=>%8^3yQ>|l^_j+jpdO)go;8#ZaO$$ zl=-X98|Vv34wwVdNpNOpz(jP4RA#U2zU9a(^%NZY{Gc?D8aotxDq@age07H*wMb^< zRxwNi%WE2<{uQ?u1!Q0W8pc;MXMLAzfeCFfGd>H!E*b1Au%SWa>a2pmQ`-*Kan#Eo zcmdg9K#a>0VzKxLkz)abedk)z<7y#+HFpc#%?LwMU{4H$rLRHeK;8*&2nefGB$4v#MsnqDAg0wJH)4tsEvRdmz2P^?wvzVjyH z>U%|8$@%k`Kr6wu@=YkdO1w=9tCG#BkqSmr*$T)r-O`|LX7Da)XlyQN*j&=Exujup zNyFxnhRr1nn@butmo#iHY1mxSu(_n+?|MnYlby2=HcZMT3et?(+@7#G_pmwl@V(AG zh}oHc+(DEodcjT5gJI>rw{DO2D8zCymbO&3&MilfqN4t%e^|aIGiG7_TWJ7E$(b|oBH6MwA zxjN`~^Wx6?z*?AN<=|Z~x7A=wQ-+Ed<5 zKF%$?a*vfO@og~0Uc_=EK4y@sodlU9E%Ar}pCRUN{XS(5$D*+YIXh)fv=9EIyU|a$ zXZy7Kgr;GgNPwxyB7*?G`+j02Z%6lUy5abZcDo>BcZ4PkNHk6DOsv#ShFQ0kl!KHk zF13~~r*w5GsTIY)f;$jJ@#LrZPhO%;ln z*HtI!GbcbdAO?4G2a$0&#s-_YYG!H=b4YzbD9_srC6qt3b&rDe{he1C=~>nzp5n-p zRu1Aqi%>$?$#Q1~1{18R)65(&tn;#{DA zTBu8|bH{e}hlf6wD>B zxjdq%@Br*HCiZ5F>WA2(auZv=e4UNmX8+22ew_U)0G2d2nTzK`yhAdDy*%cGUl!oohEO|Eg z!RIOCx8(b$Dns95XDh=9sA2R@ScX16W3u{iPS$UDJ-=6GvnjjTl-+E~W(>hoZpwzH zcmCFFsQBh){msq#KkCi;a7hgPa50^(PA(Gp&gqpOrIg;SASkypEU@GuOBYg2s=(En z6zSEZO9eqN&|tiJP`{kz^1!1|-kfrl-~j<9oD06U)w&&^F(>YY?V9f(NcPig6K}=- z|JXab-nMNnj^~=6f`u=h#;7GZP5Rty9nz%O3UouzbiE0Nfsq(ljVx-S?5w-kXCL?~ zN~R=Q4T2;fF~qAazDlIepZxip!0N0ZXCe29{OE=P;X-F{1pr z*V9!VU>Wwvv44Hi+Htj^|EP zVTiUU%eni9Og152;rP~4qB`7{IkH^F7hsPVC6)e~?5WMBrM~G7y%H;l88=8c$)vS5 zPWW93%%0i$-R|NFZE>>zHnqholJQL;G3FI260)AMnZ}>I0gwRp?oldPxuY?U6I(m5ATK&9<7OAViAWp}7L3-EZIL8a&bY9zLOWSH0mD_GAvKjIavO@sQh~!m%I0rb1b#N$D9@X#1JHY*h&V_q`Q`iTG z{#odRLH@y^$X!BWkb!V0v5%7I=OA3>K`$vWg@u5wJOteD*>K|`pc5MbNBIco#z;Un zPQtbI4!i{1o0)*_<2;d_7_3@x6?^j&!yPi&3Ri|=utW=A;mA=87CX#XxS12qB+kGk z!;hafl=m{}8&kezniF;GEba52CaW#zx<>J;ZvX~YlF_GnxYJ4=Idu6#2~n*`(`<_i zQ-!cTGg(<0!o8>6gzs!gkv`CH`$;HlHW~I2VwasPeN69|3X@eU4c5BT>YnN!YP3ef zD=n|I%;c4pwOp^XywdVY%PTFfwCv6DN~J95d3R{8$x>SU$dkA1*khVX-W(u@T;r8$0STq1Y%|D}d!ubNjcS#a6U{$*p-i3yDq2XO<^d#>>qqiI0g@(f* zc^4Yqg+?cN7aHD$#bjOx$QTHV1zs0CBV90+Cg`5DxbOsnhb_;O#`u!a~z^GN+GmQqsMp+L91?YB)wJc`C8}r}ZlN*Tg3{foPoHoB2 zBm0h_Q;Q$eENY%B7lWwh(Rv1^(7~fl(wqt76{>0)##KVYV1@H_mKLPK_fkg`MbVq% zWBwXNQTH`Ed3|!QJU-$79Unyp(emWzI68pQz0^LEHnc|7LG;~qbvyS&(hOdpni(YA zXc0GEcxvUgG+UKQ6yKs0(*VrGz6afuC8=s=2;n@3X-=-S`=3{G$85`YHCD#^s7SyJ z7C05YoL&lNV>l5mj$RxFBH#`wcuv+N9>pln3LJpo{PNFBHn+fxFBPPKU(POJl2sH0 zX;z2)uV_99uK%e*{#U)RN<;QX{gZBsuqo&o#kZRh-eftZU>?xB63l~ZbPMJ|y=MPU zsw@Tbf58lXK~+XJ6n;2=PeD*tgfBrsmS7Z$%PaB~1X~)D1c#4&>holq|DWEUp8xtj zSSR;X$H@F&E~Ec<=Kt~QH%mYNA0o{lyX649xYAlZ3ZfwThQ-#cCjcm?j%T0FDFE~NFJz5NW^2sn@CQ|!+9cQ%8IvnGsBhi^Fqfc02mq4tX^%dgP5#UUiJEx`zYQcfzwS*Qe5DQ$0^{_h|g}V8l+dSEA}3s6ZC!c&W(|-W~0RR6a*PF`#ngRf; C0eS-f literal 0 HcmV?d00001 diff --git a/operators/metallb/13.1.12/ix_values.yaml b/operators/metallb/13.1.12/ix_values.yaml new file mode 100644 index 0000000000..9c5292b70d --- /dev/null +++ b/operators/metallb/13.1.12/ix_values.yaml @@ -0,0 +1,25 @@ +image: + repository: tccr.io/tccr/alpine + pullPolicy: IfNotPresent + tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc + +service: + main: + enabled: false + ports: + main: + enabled: false + +workload: + main: + enabled: false + +portal: + open: + enabled: false + +operator: + register: true + +manifestManager: + enabled: false diff --git a/operators/prometheus-operator/4.5.2/questions.yaml b/operators/metallb/13.1.12/questions.yaml similarity index 100% rename from operators/prometheus-operator/4.5.2/questions.yaml rename to operators/metallb/13.1.12/questions.yaml diff --git a/stable/znc/8.1.11/templates/NOTES.txt b/operators/metallb/13.1.12/templates/NOTES.txt similarity index 100% rename from stable/znc/8.1.11/templates/NOTES.txt rename to operators/metallb/13.1.12/templates/NOTES.txt diff --git a/operators/metallb/13.1.12/templates/common.yaml b/operators/metallb/13.1.12/templates/common.yaml new file mode 100644 index 0000000000..995efb03eb --- /dev/null +++ b/operators/metallb/13.1.12/templates/common.yaml @@ -0,0 +1,5 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.v1.common.loader.init" . }} + +{{/* Render the templates */}} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/stable/znc/8.1.11/values.yaml b/operators/metallb/13.1.12/values.yaml similarity index 100% rename from stable/znc/8.1.11/values.yaml rename to operators/metallb/13.1.12/values.yaml diff --git a/operators/prometheus-operator/4.5.2/app-changelog.md b/operators/prometheus-operator/4.5.2/app-changelog.md deleted file mode 100644 index 5ec5673722..0000000000 --- a/operators/prometheus-operator/4.5.2/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [prometheus-operator-4.5.2](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.1...prometheus-operator-4.5.2) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/operators/prometheus-operator/4.5.2/CHANGELOG.md b/operators/prometheus-operator/4.5.3/CHANGELOG.md similarity index 89% rename from operators/prometheus-operator/4.5.2/CHANGELOG.md rename to operators/prometheus-operator/4.5.3/CHANGELOG.md index ee6be1e0b6..d804dc1f72 100644 --- a/operators/prometheus-operator/4.5.2/CHANGELOG.md +++ b/operators/prometheus-operator/4.5.3/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [prometheus-operator-4.5.3](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.2...prometheus-operator-4.5.3) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) + + ## [prometheus-operator-4.5.2](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.1...prometheus-operator-4.5.2) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog ### Chore - - -- force bump to ensure up-to-date catalogs - - -## [prometheus-operator-3.1.6](https://github.com/truecharts/charts/compare/prometheus-operator-3.1.5...prometheus-operator-3.1.6) (2024-01-02) - -### Chore - diff --git a/operators/prometheus-operator/4.5.2/Chart.yaml b/operators/prometheus-operator/4.5.3/Chart.yaml similarity index 98% rename from operators/prometheus-operator/4.5.2/Chart.yaml rename to operators/prometheus-operator/4.5.3/Chart.yaml index 14a8064f28..4f773a4f8f 100644 --- a/operators/prometheus-operator/4.5.2/Chart.yaml +++ b/operators/prometheus-operator/4.5.3/Chart.yaml @@ -42,4 +42,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/operators/prometheus-operator - https://github.com/truecharts/containers/tree/master/apps/alpine type: application -version: 4.5.2 +version: 4.5.3 diff --git a/operators/prometheus-operator/4.5.3/LICENSE b/operators/prometheus-operator/4.5.3/LICENSE new file mode 100644 index 0000000000..4dfe12ac30 --- /dev/null +++ b/operators/prometheus-operator/4.5.3/LICENSE @@ -0,0 +1,106 @@ +Business Source License 1.1 + +Parameters + +Licensor: The TrueCharts Project, it's owner and it's contributors +Licensed Work: The TrueCharts "MetalLB" Helm Chart +Additional Use Grant: You may use the licensed work in production, as long + as it is directly sourced from a TrueCharts provided + official repository, catalog or source. You may also make private + modification to the directly sourced licenced work, + when used in production. + + The following cases are, due to their nature, also + defined as 'production use' and explicitly prohibited: + - Bundling, including or displaying the licensed work + with(in) another work intended for production use, + with the apparent intend of facilitating and/or + promoting production use by third parties in + violation of this license. + +Change Date: 2050-01-01 + +Change License: 3-clause BSD license + +For information about alternative licensing arrangements for the Software, +please contact: legal@truecharts.org + +Notice + +The Business Source License (this document, or the “License”) is not an Open +Source license. However, the Licensed Work will eventually be made available +under an Open Source License, as stated in this License. + +License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. +“Business Source License” is a trademark of MariaDB Corporation Ab. + +----------------------------------------------------------------------------- + +Business Source License 1.1 + +Terms + +The Licensor hereby grants you the right to copy, modify, create derivative +works, redistribute, and make non-production use of the Licensed Work. The +Licensor may make an Additional Use Grant, above, permitting limited +production use. + +Effective on the Change Date, or the fourth anniversary of the first publicly +available distribution of a specific version of the Licensed Work under this +License, whichever comes first, the Licensor hereby grants you rights under +the terms of the Change License, and the rights granted in the paragraph +above terminate. + +If your use of the Licensed Work does not comply with the requirements +currently in effect as described in this License, you must purchase a +commercial license from the Licensor, its affiliated entities, or authorized +resellers, or you must refrain from using the Licensed Work. + +All copies of the original and modified Licensed Work, and derivative works +of the Licensed Work, are subject to this License. This License applies +separately for each version of the Licensed Work and the Change Date may vary +for each version of the Licensed Work released by Licensor. + +You must conspicuously display this License on each original or modified copy +of the Licensed Work. If you receive the Licensed Work in original or +modified form from a third party, the terms and conditions set forth in this +License apply to your use of that work. + +Any use of the Licensed Work in violation of this License will automatically +terminate your rights under this License for the current and all other +versions of the Licensed Work. + +This License does not grant you any right in any trademark or logo of +Licensor or its affiliates (provided that you may use a trademark or logo of +Licensor as expressly required by this License). + +TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON +AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, +EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND +TITLE. + +MariaDB hereby grants you permission to use this License’s text to license +your works, and to refer to it using the trademark “Business Source License”, +as long as you comply with the Covenants of Licensor below. + +Covenants of Licensor + +In consideration of the right to use this License’s text and the “Business +Source License” name and trademark, Licensor covenants to MariaDB, and to all +other recipients of the licensed work to be provided by Licensor: + +1. To specify as the Change License the GPL Version 2.0 or any later version, + or a license that is compatible with GPL Version 2.0 or a later version, + where “compatible” means that software provided under the Change License can + be included in a program with software provided under GPL Version 2.0 or a + later version. Licensor may specify additional Change Licenses without + limitation. + +2. To either: (a) specify an additional grant of rights to use that does not + impose any additional restriction on the right granted in this License, as + the Additional Use Grant; or (b) insert the text “None”. + +3. To specify a Change Date. + +4. Not to modify this License in any other way. diff --git a/operators/prometheus-operator/4.5.2/README.md b/operators/prometheus-operator/4.5.3/README.md similarity index 100% rename from operators/prometheus-operator/4.5.2/README.md rename to operators/prometheus-operator/4.5.3/README.md diff --git a/operators/prometheus-operator/4.5.3/app-changelog.md b/operators/prometheus-operator/4.5.3/app-changelog.md new file mode 100644 index 0000000000..36cf480b85 --- /dev/null +++ b/operators/prometheus-operator/4.5.3/app-changelog.md @@ -0,0 +1,9 @@ + + +## [prometheus-operator-4.5.3](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.2...prometheus-operator-4.5.3) (2024-01-21) + +### Chore + + + +- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470)) \ No newline at end of file diff --git a/operators/prometheus-operator/4.5.2/app-readme.md b/operators/prometheus-operator/4.5.3/app-readme.md similarity index 100% rename from operators/prometheus-operator/4.5.2/app-readme.md rename to operators/prometheus-operator/4.5.3/app-readme.md diff --git a/operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz b/operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e5258f6f3129524d5434c8a1ff4b4a1e6c82fde9 GIT binary patch literal 97960 zcmV)3K+C@$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ(avQnPFuK2a6)0*`vG#}*zbP?s>Xjv}SMSQQ9#QrtCvQpt zXFw9sa46i(P#jT?nZaRBeNL^_m8JA zX7vS}1>bG{X*3#*UZ*4eZ8RF$e;d7a>$_&B+ikbn-4=h}Y;}6g??B@TaLGLhWibA( z@#wa)o%==}7~zj7rkI2SFmF|06q%m^WQekgkEj>ph>3SUCZWgw0s$VyFkXN$iNST8 zATfbxWlCmf0H%yZbg;ia!EBn0>K>Wxvp7MXD6nJDgcO&L&N~|eax3V41oL!0yshepYHOH0r>o7c?B4TghBp} z*Rp=)s_GhivCs&5NPNA1fAW3+j*~b>Aqy6Ok{JSI^dICg3VZ@W!T?R8h{O!ADW+<1 z3IGF8tyTb-AqInB#CxXNJMw)hU!T9RaRQ70isCu;5EZ4N?+@kgBO7zRyej~(7@{%0 z%>q`h%K(E{cT*IC5FsD=yK6MVVV{O@6d(#n417%G-)xG&7=J=Om|@=!&>f6tg*dE@AjO{g!oj|e!-%ch00+=cq`f^P5_a(h#UX4U3 z^hiu=qQ@`PS21_r;SkS~83>7wF8Oj2e1WeY9A2n*18~@AG;|F)DaG7oBmy%+8Hk8a z0StY>_iMSE0vvil;^S}vyfB)G+CD*4tX=sH0m@+L*I+Ufu7>5WzUL%GRbR0lRFW?LTHie34BLoso4lcOx8GHHhm{v-s>gC5{ ziGTrTHztN6ipdB8zL{5m{BbQdb}j;B%c{i z!iA`_%N$-@pr8zeUW#4%N>+~MUbfm5;-jTH9?d=ZThl&M`10d17~(i5`Sbw*;G3DK@>v68cmmpZOF8*u!G` z7m`BCNxA_@Lu84x6K{4?BLR)jAlB4-OmM zPP>QNZ4b8lO*r;?TOJt$a;sM|2_;BSA?)1ae(N8GBmTq3$b5b#(0hcG(o4-g8`Jv zr)EKXHLK6Q{gxunBeUo-CSx2RJ#D3$b(MsCDk}aUK6x;LBOG9c(+wH={s8>*U+R}1 z6Epic%Q-qfujsw@7cRT;S;&Y)VGm%n#lVD-8D!XlL9j3tpznj@pWgp+u?L2y*B{PK z#J_L(zdyeJ<>K^e51bqw-@N~LdUbVna%$??XoB|_=l=jgY&6v8RHgt@aP|KEwMJZu zhQr=5jHpc_F&8dBoShVp`dZ@-1b}oz1LP z9|Onjq>FZDtB~8}D$X zVj7b2qo{E4@$BU6=;rw7a;SGv7z7G+RnDdE652+@w?IpYR|zWTIJ~u{-IP#vf!H01 zZ{3%dd>Yv=&MuGL7o4A1kmwY~TvX!w!$r#7_2(FgElUsPQE&$re1`ZT)$f$J^dpWb zlV6TWIK~r650ZAs7SBVUFlzXK5Qhh#+N>%hj{*!S($j*A%|jF*j}gTgZ<7&y83|CV6;APndQ;>l0g5jK5#)XpVYo1fAq>bwK> zh{TMlKb1xTzI>@>fJ8zAF*=BR%@$b948R7dLon>D1 zVm*)xmFro*aRpvz+GvjA#oZLeNEl79$9qt@{=Wy{!}YPVv=w-JWvf^BU)TaWO+9yU z7SphJVMazT7y7)$=NwaJZTk{^OTD(cV7(sbJOTkDm&`Zds1F$bE z%aUTCB*zfe5d~uohbSwhu8w~V2mC+vR-@6ZH9B>V z%~@(m$(d zi3n19M`B-<&_Anr7-t&23^4P)0BW{Q?tRt9{{&Ny%kYbDt_O3Ety%$dkLBmTVwF1p z_=^zEuvd%b-YQ7Z+*<}|$x^i%srit>p-}Fgt~~&9tpIR~Lq1lQddFcONstJ!9M8-E zs3Aw6Fl9KLTz)(jpY-pV$4jq`xUMGJPy^{%?cKX$8elYk+5rP#E{JoHu7Jyr0%^)1 z!(J^M)2GHjwq%BHMtrVqj;VgZr47WF$390-{xahz+EAE_zis5{Z1f_?)7j_|$ct%B zgtR6<$sguhBFu}1!I<|2e99(pIgt%6rt*4VAsvUMtw`^Xj13t$WK6ug&}a^H%|r)77F`BSOV!q-}r=J)X6api} zDSKQJE2IBE|Mk>u2t(pV8ahTX!(;40wjqFW7->$^6xN~3BnXDcixJnt{oP9DrI?!c ztyHMjdV*Rr7>OF@SFQmnKq$4n5C!U(0c{0ey~@>yN6-`H_#b(A9t==!cqQDzPr1H{ zV%E5&b*-1h?Y_PIkd}UX`9Z_Jcz=C5tg}z75)vkDc2fj>&d~pB{7GPV3l=01!;VAB zU=ZMN0zQ8Rb?J*M+!nrk0i%WGURW3QV#z9`J%^Ehz*%6-I?9ZsOUU*%l!WGrK0;G_cfDF9i9|YJhUv?`1j0s`Z%-aDc#7o3s7Drc}<^>2+1iUHY+eyO2NTzcR z_;w9Il#!>z!&Q8HAE8iERZJbi`I`{y!5wB(IVGkji1t9F+9n~zK8m#mAD=-f2Fn`U zrx6J$iPiGNf0yUUR2uHMGy^Q(R^cXhE~$P`31#LRiPhhckld6Tn=P~HqbZ=B@k}Y>USz#d=Ht}qK&<~NN4To`yO(-Z z3C~Pr>6J%{IMghqUa{O8Dw7~VED6sF9Wy*Hu4A&#|J_#wjSoh<-tN~M+6SYLn*Br6 zL0-Gp@ce!gBGm8oJKb&@js5mP!-oynZ*&e}qcLjr4?D2qA2fO`uhTtfbsMm^%QFk_O90z1d8$JQ%fo=r<3&Ll2HeoemuL+6P_KK0Ndqp4V%(Mh(wH<9@3( zZg>0bgHC%i8aJD5Z`|m4<8gB-mJH%R>_e;3G(|0smToWgXz~2r3tP^l$Wi^ z!Uok&z12ub+HH>xQMWbj_FAxUaEQiDc-ZQ74o2O>Zfo4=dcA{2t1;^Mu<18i-PWjw z`iIavIE2lv-x#5#sKOw^;TrUm<*cdMJWMfcb`Tu5$6l*w>vR!FMo!)IZ?*={wPha=c( zjr-kxv(f8z{l~xTK*z^zDtxj{? zYqa~z8RiVe82Y38VyvnaBiw5pbPq-c&BNxX*K75gJ^!F{&}obh{KHY(JLvVgopH0@ z?H%-*-9xY2>h)pMJLon1es|nHJn)wy93vm!o4}${F|z2e(`+3aHoe19&pYgmo6TmY z?fC}>;K9g8hi!C#`duhCsrF&3 zHEO~U7e$)=g9C)RYh%Fa3nD?_)ztn4$LMVWWB~ zy|x;yX5+BgF&yBaJvtcmJASW&Mt-9|K0NGpo1K2QeR$CBcr8918)JmJO}_=(y)o?f zMu%_&dk2TTMsqY?2ZwtRS(}iM0A=D{lp``ye#lc4qk3fr9HsG4X;DwQ)bTqYO@3>A_@f!IcqI?*TpK~64 z2XB=jKqx!XX+qZouY?wWL*=iu2ZRY^4-F8bf^#O!1+j>g5lSta!Vokym_0D# ztx!o_DBZc!&!QHLZ;=lm)hN_U{6JKP6)a3`AW%36>aNz6fAX&hjK(p4{S#<>jf|vUP3mlgLP3$tpNL(x6(E}2}#UX ztTa+tLDArEuR*ik?9>_s(4Mlp+8Q!Uy~FI!OR)&ytQ3_T9C2iIALzmpZe8f9p(eAXT%QlK^R^D&5H&CK%}3#eI; z(iNXiq!9uhnT>GBTf-c0ZBkDQd#Qn4B4GtwE`^n=m{u~)xUl4UuUOQtl`dBtGBnYi z(Awb_#q1pn;RMA6ZiMMpu)JHDKw(hoifFheXP$RxBqAV?Rf)xmhzRFx%h9t|Sad}& zFHlj%e1D{T+^ubdPYQ~dDJNXhug`~hY-18pFyiymM0@){kTe(ID<_{FAPeju*(^18 zN+X2jP%e)X2KSAi1rLj(l@;@m!~B`qbT>PWTJ#G0*`j8h2-+p?g}<(FZ~SG&BK)Vq zonnGkPJ1(F6@$nJ8aq_U6}Qrim_knKk>biB0h5>{k@+@}Q9jF>!k*QJOgCZ`zr+3n zv4KMy7eIz|%I&&ZRD&;IEpT!s1R7Q;ktxKfr_SxHH$wUm?lX+xa59kAbsdrI*1Mf& zYu32_pz7SBMdqssWwBsZyv(sDFR0arouc92Ddu?`Cf3|}$L7IWoZ%&u*yGOgJWzQ! zeXaJi6i6od1SpV#rMC9w^!jL!5x^#pp*y$$F-h1uikm9;IIT?p;eget8;2wlC~$dP z%HW&_0|euM3;7Jn!&SaPBgm2%?YW0@+La@LF$@_}S`PGB0)t=y?nrzql*BiPqsa-O z0%c*iFPMlYBH*~vCXR3u-iFv{Ny0d2>>+bdrxI->6oDiR_^e)#1l++;%ycGoL&!jk z>1|~P{PUkN8vpBGuS`N9N%9(uaGl}_t=}Gqm?$GK(R~^rZ+}M>tcNme42Kg{^iQqv zya|J73R}CSny(=8J@j5teyP^0RVYzXxLK-iA7Oxf9XAH}K)$`YJig+^_P|fq*O%(g z>tplR`B44!;Y7X@prq@jsqv%=;l`9zcR}fhMvGFAG3ZT2#tfyP!x)9^3XM%1KNn6p z&(=N!YA!GXPOCGDvzJZ{BVPZELw_YSN$$0khd{7N?}6w%Z0C9r+_|B)nc4B$)*} zg5E6(eIe?_2#8Qx&UeoNQGr}RJTy*)UER0odU zC7(NlCsU^LFo3MK?vYTg6U$m+I)y`z%Q4eM0cA=mPg8!R+TH@rbxNny$4I_P6({-jXD(C7KR+5l zBxAfu%`!6_9?c;RI1-w~Gx+I42<^9(J2aXSB2=R}=c!PLJ7pbEe*dOmMGm6?p{M&S zVe0_V#quC36(`(P`FgtVgx92wYf&zgj+bxN$(J)KS**bORu5}aCJ{665SoeM)%NI1 z`R1J5q4-kaqY6s}%m}QqxAK!KP79&WdL_I&#KiDo1Q~L&-pG7XKAOSMuQ=&&BvIT9 zIh&lOo}@xfGly5uqlcG zl8FUg(Ou1NM@8TO4FvDyC~zr9i&JwHpqOw0N_ZvCoAus4jBt%lY`QN&sgVg3sQpS| z3&!s=)k%exqcvh-G*dSJ(Au>mFg^T0x1u<|!ocSDjBtShoQ+lX77mn4l#vuk{5{ho zEC;UgILUdcj6w#psuBsSb)!(!i#x5RQ}MUTj@eB#MheH+A%va>WytDEb$cQBDAr(Q z3Om)h?cF^}yj#Qyi7vm$bXyjgaah+Dd%tcV$Ar5s|33aY0T-F2g~Nym9z>}tAuK90q{u>eWP zDJnByYYDL0R7VM%tgsBPI&I*fYPAmNW<&kntXp~aNkfw6qcf`x8ewW}&h z`Bsjb9`Ag+1+Angr0J}Hk7W7-L;)THxuS)Rc^6}bByBM*n_l^LcT!V2NpocFi9dy4 zqR)K%B<6!T!`j#>jCL^+q@@~Mis>MQroMSG@=?ez4D5kD`enFJ+tx?z^B5%z;7}w$ zkFM%Wrd)217h0B?kChgb7C;ZTx@#&;LsuaCPwN=r_J0lQ3B9TDV(f9E??aIyfQy5GA7k zdv1?yZSL*yWqR5vYinj|j)Y2=wB@5jrRgO_U>v|n9sEdQ&7M`IV=|kGa|e8jG$U0smSXM*?PcBv zWI|KFZ0P&a1Qx&vsMR#$HQvt}3usMlfhi`1T^m$(%4EflPGr^Ng~fRxyoX7PZh&Aa zE*7_8$%|R>@V_>nm9>Een-viCducfv2@55Iw#X{mwSZV$#+Dc%_Ar{Ud)4L(h&X+{pI1yos-UPZcliJypDb5mtFg2X?94Rw>>u z*(&9V%1q6??sfk?^K7jB2zhN7P@+je!M|Nfmdp%UsP1&?-*Q+fm)Uc>vOLQ#*psNMnmS3y za1doJH*<5gK;e7<#zb2>Y~y@+Dc$w}R2!fHe&GM7qoxyz-rt2NzA}d=XQAw!iwZNx zX1W>1f&r+uI*n->flafzu}&zb3#bImzA<=Pc-Iulw)v%XkC}808=QF-&{!Y82R813DH|`{V7h_gwtGp zHD~TBpd0zhq$1l8?oM;1Bjh<7(C0Gm;H@~*4{KwRgm#-#82hy`#DPAp;D5glPve+# z0v8H2lLUQYF|?rY4Nt`Sjuj(HNASHaq-M~L040P!PC6lvNt>fE2||6PMoM_hDU*c0 zj8xY*ZYT$hRnYW>870uP_uQJ$Qr=VsFfFkzOfMjbA3}!bs1{Ai;JT&OhK*uYn@KOj zQpi>r%e{q*h4LmJH67J5=Sub*#W3JwTq7Z^^P<%F3v1~O`O5ApX7nvult&dn-&c;2 zD_S;wF&{54RP%Lk#@1+>gU&W?1#$CL6xnVac1#CvjBl*<0?!OBsqFz3PrRptZT5f( zR^j}|4w03PNiuwiujXG&K^Uij>&OQ_ielu6nC^6U*G*PZY_B!&vgjOHvY7hvo5=-$ z!!b!6mkOX1-NdEaxBeOhWVFvk1!)?%J)rw>64vQd9qp=espkUc!3mp6?TzTu0L_Lu zt=yw|n6RnPIL#sc4mjegfK$(du}Ge-R232I5h9roIZi@=MfQnU-vtCzA}HmmX!)Y@ zR&Gd`ed~EBVmE%6aW0kqToy_`qU;9So(7b7x7{0)$V$H!9Q6jq6Q?%hGTcq!HT|z zP!@%newnQEaxsY`C^yZ;*z`>XhgqrZ$9SUe%97jo+>&Z{fXQt86(elycV?88%*jPg z6wb|i+eK7)h^GBosN68}^e$Mat}QHfBn-?loe{7sB6>Wff=`{vWna z%-_U_4+$5W6nI4l(Va3CU*4LUmIX3!S~&aTISS>8DU2cs!gBlI?*+q-;MAmM!!c#nyp-nG zcf6GJe3W>dV3Dy^Z_nBI%5(ujb0VGUA6d>&&)Nemshs6*uTxXr-jwxiZX{+x*NJD) z3J`Kq{O8$4dD~#gJsg>Y|JDa#Pi?l^t)?W76``% zPda0U6C7$+;f%w+69p;Phl*P!KB|`oFN172vaX%65E}&V5mRi#FNi5NcPjy)lWQ&8 z33Qn!*#->o{2m}O!ENTLa4AgqMtHXW3zdRr6r-9J&`4}Ms!5M76rs>Zp@$I#JDbF+ z;)T)VL5Cq+QcIXT)a5|*IU^sLDdsa-^86X`WflE0lVZU-&XuPSLMDP4ZCUJoycKmZ zaHU`!lxxl>h_aY06teQBVS_IdhL#Bu^X$&N7Fk;(jRB@{&D)~Xmvk3hZ>8J3q-?({TfM3Vzh zZFPHZadi!>?qINCr0!raTo5b#Pdx?LbrOxL0SdI-EyQ*c*Hp9;|r0+#I6 zzyg!@c*tVN&}8vd^mzcV>9e|S75U&*64E5%Y6%yI467Fun87fC0eF=bNX^ryQtTBc z>MpKSb=ng0f!)Z!YF$-PJGUkV;nN!ib}AtE$@g3n)lbLJYTj<#_+hEu>2F$#Mlsi! zN}3i6Go3Fk-uB{B0pikoKvS0yeYoWiMDL(QvrEsQfm0)$Vb>ztjbgxm1_7CX0L@Xb zSDa#8+BXIO#W9KZz#WXa94fR9GWWDl@7Jw6J^)|S_E%JYUuUHeW4`}^)0u=2W1jX3*CzTAfqzA@qN`#bg(0>`<{(n*S7vm92Zd&$R)Dm z6}9Tzi>%$mNQml7yOEyS<{`?2MulDRPp(j5$m%bCSFdjS&up22_*GUMe&0Ss?d zqAqn}rB{eUmeIo4rLZ92#fS6rdO9-dVqA@#yw_f-NT!f8(z+cbcMt#P9GEP~o117_ zsxO*ksXAayu{VS;&JLrq5VMmv+A-QILVcvmnzU4c_Bh1MAL$6B$92avvA8AA-G5~s!Rf6lWxiH@&MkFHO_>EEwUFNSCDFTmN4;Ntx?IQ{$C@OlX5!a(?! z0$4|B+VuN_6_(sj42gi(zodGt5?|#^wB2Hqm!r}Lg#V$5m)08oCGp?MPp*)vmZkEh z{GSBH7-bIFEM5-IEfn#^8J5sYp|!7b$|?}B|U zQ{>+MUzwsYg8r_6CHe?{yn6qRt7YQSD00JD!wnPGroXuTw>(kPmwYlPoU$K)P|dj9 z465fxZ%)sv1qIwla653xH|n4IBU`;DJFukLw?`k|o~~^4m=8LbVg{^1-vQbtlDZ0F zb=ol{6iGV~XCSGntkZVt>kU=2J1OIm9^VGC6mnC2)7TA+A!jB^SeD%%z`v#L%oTG5 zh^yeXHm~(?@lM4Ty}CTRzS4(i$lnDQ){&}8#3ghi%PMBxnbZ|^8xN`8-w5@74Qxg* zp25&H3S_Zz;5(**Wev)-=L<0Qz$sb%F+8G@QlIYFRf&c81N z|Gs>?2hbdavQH#oB0MZjN$S{9fEvAl8iPuz^IZ}gGC^WIvqoDU+oWN4MZ%`JS_8BA zT9i*00EadJ)hfq=1I8h^`ti8kZXW`9VqqB`@}cv>Q&nIhx|aq%aiYnti21GtM30sH zX|7r~El5TQhGL+Lr@R`#3)k0XCzH_9gc%t>B5gR+uI5g%m~^cS+vz4u+x5T7fS143 z;SBypLU>2(9+??WDg{ej2?BP&IpS)NxJj2&AoZZu%@5nA*1b`WMDEm5v}t>=zyDVm zN&dIL^1^>h*~D*2Y>5|tbwfk{R{yIy4&!9~Tiqius^8(zCwH_SBDVimi|Sd>ZwZ+M zXaFX(ta%?%rf$f;w6AorLd^he3r8z4zi4|8z~6+5JrTgQ#i^Z6TNQ|8r`1uZ0_<1n z2ATczjXdiA*>UCrN(pe^3JeBIK&43phD=Bv4n#Nhw%}6^2l;vk={31UZr99_&_y;A zp*3y;Fbc@Xe8J%q#hCpVlbIO(qmxWTgB-Ud9V{T||yoB3mw!#v2W^#b!?( z$|yZN5-L(n92bnVaY$~QCCq5caef~hCyhb$-zbJstjYNh2aB5GMx0OKU;!WlGwg?W zGG&fNkcn&5k&P?sN$_si;{Z?;jGbawXLHJDsRe*0G(w^41i&XJ<9$!V2CMCcZwXd4 z@J`xTby$t!iCX9sAD2^z5g#rbRB}gF@^!iMhXyr5V-lke(oXykkY&5c<>U=XLa*?s zE+QnbPwHwlZBsBYv?|yrnv4__d95k*g;T#=$XW~)6|Ua9L&V#V*=DG`ao=w3ey2Rn zS)PVs1$tU)$P9kEky#{eIENU3YO~R3RIL(N!Nz-LaQLscxKNX}VU6&78pu1_-f#3WNBkXJlCfCRGQnk0~gzfKZ(0rqaEBoW>V_oPBv zcRfO+<-bl^P!h!Vrvk54*nj@vn1~$qP4!dy-yJ1v%2%jP8&C~}EiXqeUgPVe)VUic zD?P`=`6h}2vPjbl#z-W=u84xyQ6RSY@4oFv`up$e91(P1#&_D6Z|>iup0#xr1@~^F z(P%V!oz8bMsc9qoZ@1m+eb?-CyX{uH+v4wA%~rSd9cVmBk26m~8H~ScJi4uH=f08W z^XL5^Dmt;gG)9Uzjf}f82`gvHRbAx)0s8=pi|y6YP)18Lk=)xRgu}WH@2LE+|K&^N z^XHmMy9lbxtIwNtIT!1qxw;)-Q&YvicRlRE;5FZqahR6CV{;X{ghT80=r{^C3%6r}_=AM|nM6z8(>O7$Gl3i@G6J zIZQJ5vJ1FVNH3-JLWiRcUMp)?T1j60{ym+07ve;Z|E2EEAG|iBrehl%y!F5hUV~S~ zWDfACo-iEfF|LAFKK4=-)_$rnA?%oas)Fx9Rqi@m8>?Cv71!e$VAb>hR6Q63oJQ4S z;v*4>i((y+TP+454oR!|sj0eM-Q9IByvJjJeoYBbpbcoElBcx+p3P(tNTxW!IyG68hz!Yy7vI_4L zrO6Dbs}x7_b~fvRL!#2ch|pI%Zcg>LV7S~)(KXwa8v{JD2&J+bQ{L$f% zIGiXBiNi@sR>SMFRD2R9xr|L3w90BKMyWbd!YCCfiW%h+R;jx0u*&tAWy&s14+`03 z>8RxxW_}4TXQE3u%31NKmQK;t9HnB`%Q<3zM(~dB;!`LSjLU0dSh^-M&1Gks%Y9sA z^4zEF@0XUkzn*7J{Z9#B4^sbD>3^+GJE#9OdcCdw_Z*MZ|FWV}HXL1fEa8x%m?8hZ z8l0_d@a5;mo_u27ZmWfKjHw<1!ZWazoT$Is94g8%4o1$(9?w+rIyQPx_Vt? zAvV8+eFCV$nL=N_44jv;?0>E+z+Sy97ZzEouDg%o6Y^SmUlQ4_PO2(`f z8r%KxO?>u`4H`)RV9i_`0yqmy@M7tWijqhFS7mRY;D z8KiGyuQX{m9<@_0qr%f~l%=h&wNGw#e_GA|4R#M@|10@_v)Rq^|8}pt<^Rv|e6{C) zdfMId^sjtjzto{y(Kh(C9=WANUwYuSHLLw@o-+PFk3u2(%l!He=l$QU=Kqauqvi7d zX1~+wZ2A9lJVyRk31P>0BBVZ*nAZsYGI{8Fta~2mD}QD%Dw6qq$l##VZo#Xo=Ico$ zg{~y3)9C>Gw`N!xXQ3eueJ=lXvU1T{uzhkDO6dHrd%^$xFukSgU!}=EexwCp#rkhI za{7O>vDN>d=P~PFjrE3ff4f$!kMDJs>QH5= z7H$L}igC!sp!%oz-k;{x6qZO@s%XjO+2ga5tCFvD?uoCvS@pgEufjyywzpso%OWIm zh3Z!0mM(ukJbKIUnD-ux2>?HyU7h}Nbbf9IQNOr(|Ka-0`wtf5q9%D9t- znl)FLwPi!rQ$jUcZjuoM2gN1xtIK>>iogwKkMY^spYs$ z?!UQxv;d@@6#BNOrG-r9JpuXS<;Bg>hwGojPWvhqa{l7TgpX}&7Zh%)>x-~Bns2WKoKdG#~mZ5T~{3j#vA7}hu!~WlHWaPhQuix38 z|31rO?u77j+=;JiN z73;s#?PvWznw%wU*Z(s-X8m7hFPhze259Eby>!5;siyqxet&wP>-3n=cwgMOCEOnk zsYZmbB8_ng8B&6q3z8MGsg~JnG_s1O{c7#A2NkX0lJ8!AkP5=8!wrY(57vh(Vx|uf z13!Owb9ys8J-#}<7HP3XmOv`f!KquGJY-z~uJetEJM=Vm@&Y3!e5PXP-QsXkul#~V z2&lP()cvmSpZzlfFt~#YTDc9$olb8Iqe#Y)CL;f>xC2bCLtnUERX7g%+E*RjtuoaK zL0I@^1qjMJNnnt~NG()#UUNOXv3jmD#9a?>hVPGm=D+vnFy4=ou;_wtzfOsFtIA&= zU7y~ZoL#9Z0UlXZM4x3ruB+d?zc@aX;`Y+%YHsd!0ktsOoBT1NP)}czttr`DnQI1?vVlpOM4vjXqO+WE1Iy?52U!zh7S+ z-5g!L)r2WjT<=Gq?CtNSvFoF=^WpK)`RU11w5u-GPbWHGbU&Z|qlj!{ILi-FB~^_5W)$w(-Bu@)-GFjx~6t??T}c3tw8wTW&X_ z1OOb$3#RlHZtH6WYE~)0mVfsMQgjK~bV=@r928xr3hKgg?`jtEc1z=nSRvLmBJ)Vy zJWnh6J4U4JsUibqKGJHV-|tr|n4wv!i>!2AtjXI+g#ThiN94+11xE~Pcq=M^%4N}j z)W0oGlfRDob6KpW+*2I)an0a3tCRBeJPNg-EiRXqIixw~GXuAZ;jWl#a-cRp)g;^v z&olwZ5JK#tHXSlEQ4KJOm)N)pE%J66MKP*kN=q$c*#zafkC-XC0V^Whyegk|`G)Pa zlMk*fu2Z(KY^5=?CM7KjY8o;+b4vlq4908gd{FFVqPx{}gmzO>P6-v2D*BJI?n%tJ zhUx?j&!bSp4eRRi9_uPESFON=kxLZMu*hZXCf-%*uQw%kq4_0mRh2$`lhmQ_MV56+ z&yB2WFeZVI;>|B_3HKQ`lKV~-ftM{6ZfZJwb*w#|1Jayg6cjb+_Z?DGzsO!F2SYS; zg5!-7!?ayMlDx%Zm4>lif797#xp&&rSn-+KmoGAS?G4w6#7C|Jz2~dUO{0c>E$sXv zLZEtwV>C%%>{s0bXwx8X4>51wEm+j@FS>-?yx__!a8Uk6%P_Eu6t(?Uxh&Z&JNk19 z?)Me6vB77#{>Mk_k;>m{{jc9|b+hNc?Z!6$@3TB*@xPp*yhz-yW^-CL<;C=sL)B7t zQcKgo7R$3r1WB2V8vs0y!u-j1dbuslOYN-lhX|1c2&}B4CqJ2@u3Li`_iJieHOGxu!9a>s3g-gkq0$oMXv}83k z2ULq7JeaVS*6L1LEo3O>1-|lvJP=q={3t}C#C+?q?6_DM>(zTEhStE_`Y=0;0r*k zpxXWq;54L3jMU9&z$h8^b;L7>Ll6;PUTKQQAPG4-c5aD$q6^{sYGu19^#WLx?Y_8$ z`{uhZ?tGptxrsEaOcPdb)!EAOyw~VgOJgWJ5z|tDHPmaT=qQO+{k~{|Ez8t#k8B9?T z;9yCTYqRi(|6bfKNI_NH%Foqo*Rw&~s#h(_4}ZVGEp$ZsI)~RDq=yW$if4GDRZdEKx zSmh)OgMi#!#(0hcG(o4Fi>M3v^tsY<$JwI~Cui3;zg(SNpDuBx9iCo)I6JX_zCC-+ z;L_pg<G0;w(eclx7bgQy4ae*rSw{f)`Rx3B_{-V# z@lOMFS4U~QUniT6|m!Xb}%K&&FSBd&p(`;o?M(>|MLFo=i$xS z<;PBO5|DW(n+D`wv6j}+%{Lcpxq@K5Qpe+BQmjZTyN#dxI^rk4^(QC)c>$z!W2qm- zvqJuB^;?bX`Cq5EJ^y=_M<`jx=D6dSk3LWm9{&P^Kt`kJ8Nzq<5*12J9s86<-B(t6 zgID@PxZG4!!2#d`DgPm)Q1nS$&nqm5d=ITx(t3O~%Ny}|6~Uf#Q8R%n>HX}yko>!_ zm~(48FKfLhtRR9}MM?fwVG)j#h)GFNlp!j)!r+xOhrwW1%Gl*Xc8=1Prv1I5qVQAK ze_I=CN<2}*`uXKcrB;s15+NwFC#^uo0Na-@;xoaGu3M~>&sJ`7W&NCbAAb}>|zfj z*ij1NS*Zq{cCB9-`q}JY9U^}DVxrrH(isKdl@c**%K3udS^agS4`uhd<~)~okAJ`v zOi?WFJokM7L5S`^z}bS)#UCo9l(WAB^3FVCljx$I#^$GU)6os$gXOsT&2v*Sm9OEA7Oxf z!FdcJmk}?!YmXrFru*sMEqnh>?A#L7?Y_O;x1V+2rV;W6_g<#M2zd{f?;Krs%jZwZ zV)ap-y*Qv*bA)L0tKkL7gVS3*JWLLN-tqyYmV&t*E_`&|9`Aq|XcO4*JRM5;k7zO=j!0 z-azakYiuNf4?Jizd5>%)8xKn^P^SOMd=_*A+5cARf4yca8~@+yZu5UV&m;7_6EWCB z#5SP;`X~y>VunKYl_`OymusqlW(mB6B4`?aq$&ubh^CsLA;Gtx3mRm%+Td0j{F=2v zvsO2z4^k_b8GspN-t^oNyO(43jM_;?3{lylU0pV>$3B-1`#k#V*QUFE)q3l*>#SLQ zHM{%|KnA<4n)*^I>a(k--;!$jG-~M!s-%VL=vs4Cy|OjX=hi-ZUtwmu?X%8Ps{b1; z?(qhImHL0Xm&^a(*xvv2ERWRx&0zn&4FKt!Uef|#_2dOi0H*cL+5imLZ^8(W4#Cz6 zu(bkw%~k+2Q@3V-tr=iz2H2Vbwq}5>8DMJ$*gjwLQ>Oo;(2oe-g!aEi{8uM;|6jYa z)&HO6QCX|xU~fYE*AwUYbbl&S1_|YVPhO%V5>^%)0aSt^WieRO5Ri7tQm&pP&Popj z{T7sSjqFx6->T-%tC}YxikQ0P0Q!E6C`D^(#b#$S^)@K{@a7{Dv-{#A>b!&ywrc+$ z2H1P-4L~dQ|4yUb%-;XgZf^JgXL+3cUkvspg#ZEYcPR;|o^9+@z-$YWDP1ojc}u&! z6K>@NZQEGwu95gTE5rGidSs5`Mg8`G)-l=733USVZ%MEN za+-gQ;+>VlP&HV+O-3jV5krFdiW$_xoPAQzcPl9V5d=kRNy}wsbDl3>DoR#cPfDXg z7TTbw){++uDd_h@!~EJHDqGXtAMPoW|EDCzzmbr^;F9=92_qse>C@c*-)ZFYfA+Wc ze?H5j@_$;wy^x|21&{&=MnQsv{3WuprISJ=u!m+^C>fecnH$Ckcrk(u`IUrJ$Vm#ks|fTvtV=(l=E7d!VTa^>>{T#(H_PK1Sq1dlotwWRewUwT+ zCekzNFH2xp(m+;XFV|wNWT~9W^|Th(UcY=%g8fg$T(U&O*T@!#_9km#njb6`;>^cM zKt?bqDRYHHX2tr2`MOeQPY3?7!ur!miO(-oXXg1vgz2ZG&r^xdHOmJ|%bZS$dM!dL(2q;o7M5IH?13MxL%G2fV!&tZhP6 zn&I#YMFI98b!uAgt?Erx34SWBl)kqrwN)j=V(eM;#p4W~$Cn>IFdX3D#7JDC*h3+M z6QsLW1M+&yD?~{Wdq^?&Sp7_$0wf*0C^2tj14nZd!wIq)DWKLWEV2$Tg7le z^Obr2s}8Pd<2QZSxOJb-JzZqUrf=4sb0yYeed>yBr?&Z5I)fr#9gI{{d|jbl*z&bd zZv(&~Lz7sEBCZL&q)DfS5U@(slw}RuBG6jxIx?B$zGmIN_RAE7V8}=Wj)DMS$~(Qs)pid78z87sMxqG$)e7LtWPuRV z1;lI-D@MIY<*>~4(o3dq!f;UMZ5#zbHHUgR8LG^yY1EcnB(!qbSaYiGp_sjcA)G9? zK$otcbpm#Z+GR0BV|@GAHpTU~d0J&DC7JkG47z;12YeDT%>t)nh9WKr*=mn-Nz(m# zr{O)adnH=Ax@rN3liWd?;^W`K5t>5vt2{f~o_PI!PrS6oo@E+xiR4&GO1KaQ>T;tb zKvr|=f{|&~9brl+qp6<9e~LEbZZ;L)E$;8!55k`*V^OOAMUYKtHi4RIT3inO{j@I1 z6lW0Bg34NQ)d+gGDD*`lZZ%4|fPmN#f+O@?mrvax2HPLrL zIzhQe^fPTX(_Q}29A}CYtWBjSQTM9{$VUX#&IycY0wi&JJzQtwTCn7P+ z*9Ra>W+N24FnC!PMv?8o<`8nPgMjbtc#J*B&>5u(iuwL0#d;rLdH?*~lmteY+2g8# zJfd)g8F3MgBY&k*sVzdRRj97+`%)orL4GM=|I^;;1to8GH%r%8zG;mGwDu>zz^CCA z2Q8uqnH5qZ;HJY-TYr%jP+s4Z33<;rj=cXi;U$Uny%vcikdZ56WRqS4vpd4UuAm&t zQjP^Qdk&IP&k@&weQ{&mDwK=#vc4(rD5reRJu1^9Ru?AIV-&L$u&sd=Rn{Ed(suL9 zV(s=H+j5XlhT`KCfi;`9P_BtPgyY(uXjM(pLb!RYA{PjiTS0c)Ws4)X;W2kvW*5-1 z4Q@3j`wHxlW%j>K-Tm<08uveRJK6l7-S#&B=kq**sc-1+hp+G6hxPA#c%l0qHh$N` zH*(Lz_Kt_GX8e`s^VsD54%Svd7~4b`+e8>&*Hfnd%@R)haPkWpO$oU@ zwyin$RSZ|?f9-ZVbN_Fv)!D{>KF=d`y?09ndlQP`vdQ$aw*)Wi`SOc{SJhnSF5y)$ zimw-5RcqCa!%OSm`x4^iW4jTJx+tZkKf{#&8KViNOd+2=E?(BtZ$V2|cyBf3t)~2} zn)02TcT{W3$|9~_XHQ>rY1dh}T-s8TT6fL-Ht_SkEfBE^hW?unxW2NdO#V|&I7f^@ zZ#qLEJKG;32-G4d5kXW%fEG1tSt`f$!SZ6;HktkE|7U4u6v<3b|kZla%{c@!EEWUm5FPQ zm%lP1%C{?xZAh|u7J59xiG*I{nR%|(`+os7o&_5haaQdAmn6X6;z{#=HQT*zHvXsI z?)SI*|8qPd{{M{=Hk7}F zKHH#vSL%p}KeR3w`Rs;xTVGQM!rz<`-s7TzyMiV~Eo&!HCuZA)U#MS5!ej#>*8rnq z883;?;plNHO*_EHWr~6b#k6iMIgcrT6c3;R~Yx%Mq zWXAK^vCW`bt(G9C@-r4pY0d_8>NoQl{aRF_YNCKe+4Kt?fPb3ku771FcnK`D1k|a9 zv>qshR&5zbjoltdp)V6W@}!c`C2;w7#ui*qt_B#%dhFL3$;b&*aOpARy>uf&qf!2g zL9C9WHv#c(%fHk;?8jO8ivxWPSe#fHDOCB?tAJM&o450IM#>H5Ob|4iu45!=$uS77lpikC^9*+Tu3+vUbwJuJB@p&P(+AMf6 z1+rt3gX7YYQ-3)&b_7uYM>0F(awz`=YI93>v1V%>f2bu0+O)`FX?b7{rJA!yo~of+iSo77n!}}6Cikzqlj+O`qNw^&yq7s8YeHnqZD%5mZM&guH?-}B zw%yRajtyK2Fo83k1w zihEt$U@X~2CJmWt_;o?aa_!>#73O) zHbonw>i?-uQ8261>AueFTazZ~|5L4k>McT1QAWSzFr#_hz0fCRxPEQ4a2L1DjK5hg zAQ(XpvxTfj8HwRUEi=8KrLjM=G_P!KB+I)DO4L&DGWoy?*Dv%uMCm)?+iAecsTj?@ zx>ehT0kU`1Lf>z9rdqw2ktAd?ghk2a_M2QnArj@12{{n*x*LgDT^Ni~<;=;> z^g7L4!;9Xch2_OA-j_^BdHPtN!CQ0|viI=?AyL(8Z`Xq3Dk_eqsMCmL8wYDCH$}fP z6sCN7d#3`kUHviAFJVL#Ti0_-h9*M!;hzgjW zLocfn7ES7LClC52Z-au!v)cK~PMC_Pm`fRqZ;IDpH1Q^;Ls6mg;cgMl3zdPQ3m9fNJeorsz)^sdPn!KIO;*gv zki|HhxGI-bG@Gw@eH7rQ462e*mQA8{L?uWxp8eBy!^Yt ztiGhxr#K8+BLBZ5A!g)ZSAIIrD*32vfi`T$5MhAfZkdYX0al>ZjJcLipob>miu@!fy6x}M=0V@Yv4BEYE}`vt!1g@g zSbA;NY|~(Es(iij(1$#3YIGZq9sm?t$;c*N-U=m8IRF)z*54j=kHmM(9bX{q3+xqr5RifQu?peG)?eNp5U zLUZA3Wri1*dHd>>O{CxZh-{_(jXtIF|J-}7`(HbacGmx++iq3jAf9a| z2)O9}#Al5HK3)|De7t@fuqav*T>J4j7f%boT#)mk5H0hy^}g zD;U@c{8D(!H$a;EWfXE9ygC|D6tcC$fW0S(15Sf`9}x;{%-SPDf;D1*Q!w`o1O67{ zc*WBGCT!{1KtLc+-x}3_H%4_X`ev7~!uScojK2*N{(5&5>wrTpq|t}pQJf1o+=|zK zxTj41k4JE03cw2azuRqR?|RN&Vo){*#i zSuaQ^L-8-zN0us)DNg#|Z&TsR>FiT_{Z~qkLDE0DL)_m9HaP zKy|I!TWR%MmR7$F`O#Q^mkW?$MT@c<6dgCmHs0XS$KgbA5A*9KnTS#FmmKMBm-}|P zKl5@Y0lGqCUK~dFZA_AA$-1im@aWxo#qu%|&3Y_|qIixybmVy?35$}0Jd_u$*SbRX zkE}kI>VG6*k97Mo&kFso-)Q%;`d_ct+UkGL@re8Xu5B$3@I{FzfD}M5a&89X8sQb6 z80tnq3fL4f0AmEa7(s^o3g?^Zd_qnw5a3Y^<3)X~>jTBKtD0!{0*5bA!W3BPTY8bA^Gf%tLUCdhIx(_oAGVQ8x8mg%GGL0LE>GL7eEhWovAh7`1)pDP80R>IHC z9v8?ZiJ75T2A0gszVqG>(->#3#Kb;TDK7BYbwbEf7LmYrtdKfPV0}zNfAt1S@ShTPH zM0cwetX*f^j9aGEpmcks3Y(d+UyVDa&E)?OUYKjDX1P7>3A`_hw4&$s#k|j9+37NU6VwTodU`P(NKy--4-8kUy^os{#+(Z^eYM zeID_Y*?%bV;zy)>cAi!KzwJ&g|68Nk*xG-d;}QDnPz?4aJOJdhd08I-HFcMI0ivN!D~=`AHiP}RL#U3@_o!Y z3lNm4dMIXij6KMZ8*pjEd=08@PAe8TmOJ|{>|6_Y1}Eq;34)>3`L$Z{iFb=)kA!19 z`41&wQIom$%AuDOUB^9FqF#~HiYvJm;QJkGzLd{{BL3DbcYE^rY$ut|9FVdXe3OrwJTbKr)9Yj(DwlZA-V$r-x0+YS$<&i(lXZ9{FKZ8(lEXW1z@@S-)uMfIr+cY+xq`L z%cJCfd8n}w1wdJJo+8#*K0?c;h!X_} zW#!)qWf#&yUHCoH`B+VISgYg80vV}vs(bR!EE(hxUd^?diIQ~`@-AhsY?k|=ykt$5 zi((#joGelJ2w$u`YI4@?N;J;W>#w~?eVqDSD;`+-Jg$|;aiYPucZV~bKz?j5hrx9L-XP0|`63xRYxFaD0EMBBh(R{f1?327e z0pd+$yREM37t1db0Bm8joB8FImlABYhOpDyy{htcS>4^uFJC>gUmL&5v&-t5E4Y#; zqhJG=s=X;sJOJq(3Icb+^VwvxkxUk=@LS~CUAre*JY;6hV9lVv}TuHptEZHpWxO_wYGza!^Zxbn;ssikoB$<&m)SS&vQJ^`Hvdy4W0v)NA^CeLzpv{S2%`c%dY1j zmaCO8@{a$wCb!5<;W!gCwoaoo*%>ct(#PEAXv&cJsZzjXEn=#{Z^$sFC-+xlAln+8 z{s5jzU%pg0ClE{CT{?;{WR}aa!WK>CY3nA$u@(FOM(zM#<^SDkv~u^qv^v}U|2dxZ z_LnEU1Ke%np7+1Fl{1dXFMt1wi{3iP0^AxebpK1ikmLip3kp5u{V#5FW%s`f9lli} zpA=wTAfmiXz;WS>`9nk=uP1MmuaE8hFMp`}!mW%M54|&7f!Nr+;n@TnnfEVwe|X8U zcmd`s?-57a+rxi9PpSORAVcFMpc@DRT_OMXI-T78kB$B||JSoT(*CCgd$^e(P#;AB zSatx+s%K30rrJZV2HYmkXacU zMiEW(u3CinCQNuKx?A(z)_nIB-pEn3VuugEnZpf+b0zjClo{9dB`EWz%$z4H`7zx% z1pXGkv8*er*K$Psp>UikT+>VaP1pB2eT-M@`mIF7Uw04+=f|e;dHR`=;{fT4;)fR^$pRX&nX(-7I z2|yH+?2W0JhF-6%zxoVNZv@#JVultUy6-J7Tl>J)KJeuBfhZ<(%;zwQbJNlKrbUX} zt-leB;S4bpi>QP2*Fa^!d4KYLV29DF)CsqH;QP5?2JX_F!$2(jDB#}>1yptL{Vn+N zWr_7p9+K5(@D`ng?0tMeNF-0?++?{$F5zFkRASEC@a$4t%94}QC zhXj;iI%V_}-cvGro}j4xJCgvHL`+gpbg3q;#o=`0@3WLE?5>nA)%{fOh@WRjxe|7_ z&t@~^W1URuWdzPL`ERbw&Ee!1G@24}du-<%xSvG0O8#qiGyY$#R=>GD|9O^2Fqx0p z!FCf&Y(OZ?O(&;?mlYG2#fQ+x&p$z^N_9@=cn>dhyDyx z{%4FPn6kL|y20E$cbM9@a1y5Q-kySOrQBzga_{84%Suq{bvALAF1=>3vnp=7W_}y^ z`Q8?Wu5P0h@BNg@e?o8_hA^U2^0e`P?M@@-|I_Vk?SIem2!T!xHdTYY5qZyn_`>p? zgUbqeE?0If`7Kv#rQGG#xWAm0q3=`4RR+T{``kx|Pkaj^REBh0Nop%ey_7#u&UoeS zx`Gd{?PH9FD^ApOP`uvk|UKzp|(w0h&Va?Aa=ddN>S?OuD>PYc?TAn>K%pY`28EPV2 z|Cmw*U9$+>EyK)bQMw+bWl=t*`TPf#R1)IosR+Tz~pI*FR?W++83#k;J!qTU&cthaQ zCdc<+-lOP(cf21u?khvzcP;>auZBLJ(eu1|wS)@gm=P^`zVXZV0Z{lPhMXibCEjw10I6yy?yp86Wx}wB8*2c zyMjFqN^t{QKGm4l8LMKs*2%Q+G73B^!`_S3@)l!q+cmXTc&RMAc3**We;6fwBP}6sN(NBUBF^y-Jn)>o zgX%9d08Juo=-~;+#RwZbTA_}W7sI4a1|Hbn+i5jwLNO5s{08Fe`Q;n%6CZ$fm11M1#we|G8 zx}veT3W}2Klt?jD5Z}f7^9F|t=Cu7@waCTjj*eNl(h}tyGnJ`|*|s17uu}dLO+M}Y z@2!J_{jI|N@7+lG8sMj-wElM!)lYqz2*7Ja^4N=I(!J`F2KSl{OYVwTRBCawO z+g(Y&!wAz-;&}BxM=*aaBz-7$ZM?8{KDq83vDjd`&4$#W6A2N;9yJ1H#JcfxPFan`Y6_&nEBF&?oSk zWIloY2^*bJf+1&>_tfrd8TsVKR|#- z83Ye-f&u(QX>$*ID1$OTvmXSM@_sS_cy!OpIkJAsSmef3Hzv2TAi4APD(+*+y6&`a zuI7en(l%>RD?fXqLJ4TrqAWaXbCO@t)yw=KnlxLiG=KAS&CG&vs^G)xz*or;Dk;K=UG4A0fEDs58hV!@R}B9m`PrZbs(ePpDIu&0AcMQ-vQ zl$qxyVqb)F=OEX2Sh~R`t_0)~xi>I@nQ!3c2v}feUtn)4dR;+G_r_sBcNcLtH%)6| z&na(96qui*QLaIReoG#6Gev}ZHQ0@eNkCG5QI+%|o^@%hg(Weutikt|S78go5O8PN8FK`7- z+I1vQ&86Lfu-lY(Bq)Sh*F?{1W@V0*ITbB@wQ|$Wd)YA?zSdz?W{T-|$u$6ws{kd_ z5c5p0ZvJO#5iOhhSxSa`4i<`42w={XyCfPy9QZK|@4Z?K=mvhArWA7VvkO$orb}hD zN_MK|v+&HtxsIc2NVDy8xxDCrD;2jQ=qZiZLJ6;Tdn#ChpVgwB+YU-i+I-*-nfy|1 zxHiStAJ%g1w%=wbj>T|iei9zX>A*i94Z)u6mMrP2Nr!xr=;C6*F{jE%?vSp35G(mK zW^w2K%qeSc@C<}gxaH;Da&NH~7gHT|g#60al#o1mF(rqxZ%T6!w+)mcQ=y-zy+Cmz z2Y2SUsuC49Hyz*v>1~&N4xq$oUv9N3Xq+8Z&RPZTJ>7lh)7?7&@W9VtcqcyJ#qzrY z-8i~utA?B%>dIu1;ax(1dWDGdORZrh%a0Zgr;K3a4-4mx9My5o3<-=0H@BrF8NfozBsz4%;2|96Bufnk&hi2)0(M^Jcp)08S;8S8?m7 zrfOj6n{w~fU-F1v@BGxkFFrDRm=lH?O?e!(_L2J*we13sg`bojN_EzxytEj$(vbGG z!}+nisyM$AD3?fs<<%eH#M7O~s}5 zOWb}*B?WZ~=u93VyHyO$uSL73%sv;)6D>{veIB3?0X}vfpmE`iceMRc^mL{T;vOM_ zNycZKMjK|ubDXBtt#|#%wWEM{bU-u3#n1V=)`=KH6W}I>T*>T5u39~ zm6SqG{Q1bWU8Rn@yuLW^3&9M15q_2n$MD*pd+ zp3e>ZKln6QivKTfs^I^N+x!FHFsl52<&>SIi*x|i(0UeckV`%SPwD{7`{=GLs5%`C z39D>g;?7NFWyEX?StTtCB{*St`W)v)Y?YjWJBaOcUef`#I%vJaFm+wRs%{$Iw^ME+OP;9Ix|$dLJSUkALF=y&|srTBRc6fxDt4T?WL5C|bTi<-vi^{eqv4nZ#uGf*@E9`bprZVNYl{jHZ z)k>y*nvF85x=ouLZW(p*5_2hZ*QRLjJzVs3u+35(Z*}E!b>;KP0|SZqSeRrQD-%V; zNfRUD#bd(a?!XKtK~-f}aa}h{*jW-k*XL}D1CuyeUO2t8795BBxBZmq7KMLi|@ z-x$U)Lox!4@ELfEf*G>^)t~?D?jP9s|8}-ESNh*F9wxR4xs;D`EJk@D5y06r>Nw#) zZ)iv-O4UIkORF>q7g<`lE^wr~;`9k)Do3LIL_sA*tHr<|7DxFW0!z9{w~8vciYoaW z!Xry99hT*s4y8Y|+dDXe6nf+fui*T*CCGJjPb%p})#0}8hWGcFeO@%f{;rJ_uDO`` zNeI?UGS-hciZi(?V#PB*7)jBIz=2zpc*OQ%nt{ z%!NN^@Z$(3ffxnH2N!5Q;h6ut^AIQhWJZMd!{4)rNJW8HF#KZgN5KOm1$aiu4lm>i z=3eNiSuxFEFH)gG`7hDE%E<7IfCoN{7A*Zp*{|~aK|iGKQX~IM1#~VSu)6qZ0AkpBiSPGN?- zcQ6^h9;NVP0E375u7K9ae_MMy+qV60cYAgIzm$gyc65xvX)*>ql!4cyG-mmkW|sZ< z9MYnf=yPcrsSkKOM2QF1_#Yxz!P*0yu+=?-K*);n-+;ME69n!d)u}`JCuixruEM`2 zO=C@e7wRtGR-~XM#Ge`nc72C_vaZ0gD=PFo{a1$;j#5a6p6`Ufqd1TBa3To;+H`hB8A^t9FZ)fzE(af8;#&|U{9lqqd6GRb8Vk)TBDvvkk4(6g$K~7$4UJBxTf4e|A|L;R`i869Ux8^71 z|2z9Th4Y`?{nh!;QXaSbrPoBPIB%@ zR~>zsqHxv?g9_DR;&m_#Mp;BAB1URQpNCUh44!m|MCKW>fr$YV)Si>+IM}aeYf&66NdVnzu2rOLl5Vu0kdO%i-u!tBH zb~+vNo+jN=L@^aZMTJ>IDMBKC)`#R;mb3yHbzgzwBxEx;!a#LH zgQpR!0AE|R(6tYpnmQd4l=nZvY6rX@5!oFPywKSjQ%&UM7KCt# zx@3*BfNKUpGiM>4!hF`Ti71KBIg*VDg_>7zO(4}NTI>dKnU^jOy&fM~x-2zAgI<9C z*>aF7>H!rnnDEpQMnh%|2PQ`%ldt|x&*>W_#L=uZ02($Z}1jtdR^35UyI&&g% zJ~~s7GrAdf(kbQU4wq8Nfl2p$sj$fux^0(%)60&^HPKn%%WFx!hF0^p}K zj)I8969(}bDPcMA6OgH!du-{2Q3eANPd2D3GW1C>;Fm<;z#m6wl+mf}s}(@u(K&%e z#KJ+zi|andqann=8(}C#Mz3Xx=EmMBhuKq|^vpQ>Qerg}fCSkXCdng0LQB0yVmX#xj0o5KhKt$=Uj7KPe0C62w zP4nEV+9ZV#QB%aCo-!#lbm>V7P`jX-q$qSuQ}cU;OkTQf87g)K#@&fEDX}@n=*Y9# zg%YPu)p#06vXtrxvk6PeLIK9S%_sp>USf+N%^>XyWHF7jBpy1BO2GP#4{Dz1X(az$ zOTG6=;{WXIZEf4}fA+WcR`TC6o+|lIzFw>hD4_l*a-h|nrOJX>Z+l*O&;-^*CX{t4J2j|4_(NtM8ql)(H!~x6%Q1hz3{e&|ibJ*u-!liDG0X@I6^|f@9hCTeKT3d)Iahj& z;uv6(MJb4(AJVOY0>gQe=cD00%y15n0y+iKB@^6Fct0p4)s`PW`V%bA!5N42pvR<1 zKOivc(2e?$?iXU;rjKX=kO9K%0-+hp+fQU)m@n)vKIRUO7d=7n7FcI_>b)o-9{d0P zt_M6pM6cD7)n%&gOMZdc+w{P?7&FSjxcg%(FE6@*Ss#ie!50vtN0_k+hTJGi<_A=T zb4#t|`^A4m7yI}+Rle(K*xaYQ1B=ga_7$N%@Y?ff4HJDa;J{=bYz7mAo? zPnu>Z%~*)H{0avXk+sy-)lM(Q)Jah&GD~%Gc=|@d)Gjmq6v`mN6k2z@~=6z0396C$j(UZtmIlKR5RdR_FgqdAM0OA8#ss8|IAJ?7rFzas@hX zm;UJ&O7Jj-KIUpoG>~=j~xm9UMZ-TsyG93*{4^8p^AlfX9jD>>B8tA|tKL`4F z4*YY?{P4-~md1<^htptN9&b(KIoB}AAdxAQi)L=iYiH257xEi_HE}K|?LTeHjJTOKZ2hvZ=SS&ir{E zxBO4VsO}v*9TSEi62&tcg6ix)y9N1wYjbaVCI2tuDc5J&y>DHsHN@TljE7Qprh@H> zuKxa#f9%LY#kwbmCx-F<&rauWon6n80Xrv5n732SDB)!ov6iDGgr8i6SweC)lW_-S z{q8VI?r6(*V^b^7&rm5uows*if#WodC%^|8jQvkA1fs4uIJWK`86C@$R{ftNmbF%g zUe0eV85qOim;xN8eg@43^dV^3eUXRCJZVoS`o!oXZk|<24{F1t;8lOA2*3q`9vUUw zVYUO_r~S+iA-Ks#@cj51T%R1jJp~unUQ1*5|L1wo z=FR@yApYy7eg3<@v%3GgoQIotq=wNOB?0H2J(PhyOkn1dDCzTHOF&vov@65JimJu< zOpUGD&a}tV>S^3haC7DXBF-IIw46~Afc+g2IOlrQV>(^ilZIZm)tBSg8^!UwcuE*% zpsYmXC~THhFwq>La$c`gJPxgM1*skaJBANT-rA9~g!|Z4RM1kX)7{9d&kL1qM*Q=l z2I6Cw%ryufLo-rY-m?zvSw+|;$2hc1O7Ng-UqA-anEvJcy9c~GZwX2y#AJLh>mAXq)k-5wMIVkZxq^N8=^gVe^#13A-~MB> z{kPlo_4YsH-|c_2Udg{(|5)=l<}I)uL;7DLe~b28Rkl1fMRoT}Mw||KH^S1;LJ^}l zGy8*|06$I#eli-uEDHFv4SWoB*Nij5oKmE{<1g*Mbl6pJ+B;?rBw&az0WZgSE!+|P zP-weIR-6ha8KkN>8(+>WDZWye@iC7ra6idS*gTxtlyiptU9vRzqSx4}_*+Wnb58l^ z-o;kWtWTxuD^mHl@qPd)z+@3ko5EQ%qW2~%tZa-}C}pI>CAe>Cu* zQvqu4FMW({rk?s3KcdVGCqLpQu$(^~GX7-d!^sp#otwT!Bgz=PmmcMw5C?wBubD;( zfmw=T?i1-Jp}6h{l`kYl!BE%`lC1#8QMwKZE#VeAw;2#Q&Ev(wF#f zZ+B5u-6R}eY5|nmM zFJ!OF@~GxqqvJ%CJE&LO4@>K?<;n-4gNd>Ex+{oPE2^+x^_A#K<%?0&lS{Y0s!?sw zs0v@oq6+S)B}O zun1kIlzXy3!2ZN{t&aTr>(>_|hQ=X_XZ%8@n!<#q$AC5Z|K`r_P9gs9&MN-fQl9!XIusLtPlx=f>KcC`4Xz#S zXUV$EuY$jjQG)1dWHGAVYWd?>vk~g%5XFMDS_o4VC4^OKGd_0+1hPN&nqA~mvHqn| znTgL&yZ$$e>wk6scPUSU^B%oauohmWTeu6w@YO- z$^rC}BAuVz^pCz_FZd~6|Mx6Qc=ryc{$m2OIT%3Q`R~?#;r{>T&dUF1DNh3#U5r1U z4+{)&YF?G*;B70vXtXo*laU|u#Pztz(J`+mA`0>!y5+b*U6o>2)D{VQ8`n28&I%yD zb(`r${gqKR2%>srD1~N$bE_NVX`;0z=V+%?;eYNqzk2egp8r32{Flu_{+I2|y{*;# z&!s%|{NKTP7T^Vx^XH=Hzjtze`37)iUlK%wvT~j|)VV|4@&E@ef1wp4GM=jSpAG%w zf(_X7r%x6kq#qtOE?jW)zz?g}%aFRRyM@6d|Oi{x_es{*CUuvtP-=J(-o5TH>~eOI6D zlPq1qKha2?MdK6(QEvi1yu^HQS|D!$%GgH>rCSfIb83G9fj@+C;A7aL{akyfjZ&oH z?+o8Q2l6?*C&pZ5G+r3)2E@f<@0i63MHzL9U5jO*Jv)z45~4>IWV8Dcb2lj0lq-&- zi$3e?{B24b&Xc8jU9V-`80>n5P-&X|{{7WkZphQu>esI?tiJIwc89-yeZeT5d#bYI zfB+>4WH;HlRgj-6`}3O|%&%}VC5T^7|Cv|6_VEpRfXS3Fu8*(pZZ3X3JugbXQ^|jQg!=LH z0$`o|x4FG(%YO&^TPyi*8PELkADllp}idt;j8$HkRNb zmTAVMwk9IIvnap3s!^6lBlF_Ujju1;T{p5L4uzr9|W#Qwz3RPrC* zndu0iPX602od0fZ?yk;%m-5Un|KXjL?1y(&mcNzA^-YLec;{KfExhv-;#QHEWy5L^ zGJ}0R!obXgy93ZW7ymCRj<*e$_j}OHr5};w4L5w4m9D@EIQ7YcUB*-QyVXu!*uebO1*$3&j zJVR9g{)O&wDgN}Mwv}!J?S7OHO3VBx)pt2e-B;jeNP+=SUzljE$1jjVH_riI1e&+1 zZ%tANR~y`H+69v*a`;m_BLXkvuUIcUx@CJxrfg|}&vyTu-a$?HKSG#fetIP(`vsr> zZ0&4sTl{}}YsLSU^N9G&B7Bt04YL7QW|y4f*L)+LdT~{g{M#L-EL1d%(I^Yxp~!p3n5!J{6HcEpjmz0m8jA6*?r6eUe}K2Tm2fz28KFHXZNkR7RD&XpE2qwRpJx1@7#qOpCjzs?kHze% z-4AN{za9T^dvE7pb^gDU$K?OL3=IJ^hZiqxSLj$R>$}8)(rix6K5b&~%f_64S29$m zMv+^A$^`YCYnqaJy{uj*t*db=i0j{hz^()bU1Z;1?F4f_)A0Xm;wPaWqhv}Kup0iq zd$4Z+`alK0+kdwAw+~kQe;Lm#{2Hryu<*;EYf%!B@ZJ$?ZY@QaoFx&t{!eyH7Dw3m zS#DM}#g21FijtC)|C|h9@PJ1{T;i2wgzYNo9l+z=DUae+QKu%TmnELdQ4;hsnk(t^ zQ3ZfbNuAv4q>;-pK#gEG1*i{cBfxqEX9I3}+CFyW4H$8hkxMFYg#~%|+G8O}8 z`sSiO%((-kFQ~W2orK0{ULyx@2cTPz0#$_%DBHB zs)Z@yI4}q1NekG8p~}Cp?BW6UIEbZ+If6vA%(c zh4H|HM41pAohO^z&T1bHqKOIl=96yxqF2)D0y-ZhROb$$9S=I{ zftY}GymduvwqUFsbHE5Y z%uptqlaqY)xR9b{$)PD=dF!pRZaCF%>eJo&>q09r` zqn{-#>Y^7VJ>&r|g!d!*lVpAX3(%@YMDFMk6{Be#&{P9tL!D)?Bnnm7+C8-$Y_-vA zHX>;j4gGBLJ`JhFO){Ur{-k7h#OKIlJ);z6;|Rl$$}x%dbCywYqEl#o?qPB^Gs~Fi zI5qCi(+=W0cA8f*g#4p1evc6e26UTX8wN`$J^#@0cFaZ>J8B&0OnZz(r(rJ^K3oO6 z_)Inqo0#?(Nx7`kl0zLOgmF-^zv}_77bBnk)iTFrrjc=Cs3gaPrIG5xtW0$5w2E^> zr?S>Xl!0|B^>vhl*8=N(MYzLig3Cpmxwa`P=XLzV&!TmV?5G7%yK*M(*7OQij|jYQ&G!yXDH=8 zC6mF`=?@mrg|Qn8Zf%^Nrp|Uwwq56E=VZ%M&IApfH7RDB;!dGc-a0Ex3c3p2_uyDC z?JD1T*DlHZ@(iVbZwqvKX0QjdHq*H7i;_~+47FM|+G?~p7NbIbFk#N5BS-|wQ7zj6 zb;4z^4?l@J1&2q#`=1Y6?Z4fA*lhpp_SJ{*ad^ANrUXCJJ3(m#L+)`kN-@cxKg?Zu zij=&fz~A{K7?=$;xZp4^VJ&cs!tB5bFhm56bNbGM-xLd_)TX_9nm^_Cf1Yh)3Gv@| zb`Na-|IN*VRsPqdJoWZ}IsSV77s>DzjF zed^`EC(r+|bztZJ+TPsTUB!Q2%2O}@IXL6g?jO!mM!M)J7jKyYSgGwmAX0vwSfbeq z)>e6#INyPyhFM9v?@Ft<+}Nf#D)_&+!-Z$g`yrni{=dDuyJhqL z?N$Dd}pVV>#dY6Vv}6L%Yd?CW9t zdiqaCeafKg>#C^g4hS+(dnuTLC3C7lDA|l%>Cj&oCj{&4FvLZymhsIV4#y^2Yc_W0 zp18QOOW18m*2yUnGQ9KS7IyboU4V@+(*g(r9~iJ(S2#W^gj~slbDXC*sP!wHv|R7y zfID}M=}7e}oVdtjHM9^amCGsYIH|BGN+$UfT}DYfQJZ2}_cy?@yZ)oAd8JRI{hyD< zZ?h_bb^71tuI>N7y}P-J|Fe{5imk_<1yksO(uy=qbh3t)W{F+Fa;FYF%gkkY0d`oQ z2XysVn2XFan3$Irmu-4>C*k*%_@qMsqd8@NPemtwl>Sr*#Obv;XaF+UGwzyZf6f{=bZ83Z}^! zzw`&1Uiz=`7AhwFuz0SP45YwYFC_!yQxu3f3fkZt$>W|!AA^20hDn8u$WT!{_pV@h z7}X}LXsW>!^{eI{2s-ACB0meag*SAw7(l=~CwG`A5eAq}4%KvI;pL}|30+L?QR1=R zkYcj-qG?tWgs+rns@~LOD-X`+GGsQ3)ThYw5*w0EF*;vqC_b6ghW)E!#4hTr&wz-O z9*am=ZRNfnrS5-%iAWC+4!Y<7q9^KkiB+N=mrID4mKt)MA6$HDwEq{^*;Kk$)L<1J7lm|ShQ|fNsS3cX zRzkcpw}miAZhE7jqBnC0n8^l+cbYpy}O0T1tZ zz~cuY)o$jw9Bjg@63tom(3}^()X&^&oquK58D)x|z-O8w=)fOFVd~0uI8Yr~D zG?y(^Q}X1d;jK%n$?sNhor3?*ECtr^|DDZ!`}}u%XL}|8E#+yz|0@>bv=;##(U=@T zm@K{XTCt;|2C9W&N?6>bNOOU-w~1Q-6Ox}bR%pcf*^uOC3f!D{N-zt+)peOr;VU!5++D61d~P$|AZ5o$yGy7{)!XBGzf?-MXA^E;Q_h8(g-lBJT%R8;uA&!!E<1tJKn55u+eY`!)TUR*g294#=N9gfTp4MRH3w8NH3J0c!X1!gmX|+K$w@70?ZO9 zDG^@uebUwQeLZgZkEL=P`tt~V+EaV}vs;M&wY|4G|6j@@ViAh*2Km{(Oy^2J`*94& zAi_XSlfxIEKUXPn65iDDbn@SaF96_r^&z+!K=HR!ee)Jx0H7(&ysWN8yDG3lDOQqc zw#6c>?=?q7&OR;Af729uD*vSBP<;P#?HwsNZ@&0X0Wv3@hZl{~m&EqU-0$^2vbx5<&Y+ijCfS5Xg0 zPLEl91CM9^Q)%QnrCH=mUu^{?jsoZ@f7raB=!c)Nz?Ehr>}`2Fw$kBxvr-~Ze?*xTD$@&9E!2LBg>y}&I%K>Q(g0o9iUZv+ljZKOaEgJSSi$9FfI ztzhLYAUf9-jJ*bx@_l5*xxa&_j{n1CJg@j)$N%>a_ALL8t^I@DmHfYy$Kd~`$#^kr zA131;g5|S*JdxbLA(K993>GHi1{Wa*FizQiq@nqGltPw3eTKNvz{6;i(JjGa9ri@t z+ZJc^Dp~y6gNwzx4NGHJ^0g5(uGN-7h!SQ}Q&6~f%0&`S*p8DMy%VF{{fyQkJKz;A=KNoH8g`q~(L0S|D3TRZ`onRrco z1z$if$}nkhR2;d$3RXrwsSPV5Ovbld`Sn2tdvtLR{Bh%BTh_Av#=sAwj2y@5z;Csh zWcgwKV)-=Izd2R<8j=?Y67_&Qt{ihv=PSv0&J^?K1K;K}v!1;pr4yIg632*q~G&0^-AaNdAD3G|Ax z9{a&YxTGC9S&icvvq*!v8YP06QK2N0&LJUqiFw9(PK%I7iI*Yz`3!EG_1oql;Wz6H5%O$OVx2z935;Y!;W!f5rqxmV?%9=wxb2}myLXsDd zccZ;XthIpUhMswk$YA=8h{2;;EFCyD{wA{8A+H=uTFj{^(s6U?axex;P$$LG0kd> z_ru^QPDMzx=T@O|M>l*OBHe=E6^p1ILie`P?iRiojpfpm(hWvaoQg(>Me! zGpig@ozUXO<-CU=06#^TcnaCtUKLfR3M;c)qk9fhvw4mBB`)c4Zi{YgR??Z#V)d!A zq0kfwb}q^$wY1XZ`jv*4+vVmN++G^U|8FBqp49*2U}v)+|L?EP|CaI;PV*x+5MjWMarid~uBzAFywbtxW)2a^iCBZ@n)6%uok&+ zx;2ePqa^w`g2G9q%00n>h-+8^F(C4)KpcBiy&t9{LN~_|iQ+KOIB?_JB8z zLWo?(!@%d!bu`jAB#r!LKP}HNn8hIICe{r1?>PeWpJ~zzV;GzW{&9H3!ixU~MoFb6 zsFpp3!6=K!L;&anejJP_7n~(OzY!mJjZuYS6z6gt`*8DLwlJs&c=KOcluLVM-u#yi z<^8+k>t9O&@vr5u3jJ0T;Wf2}F5jQME^UW>oTV97v8}T~Wx;khij_6pYJqk5kq$Mf zCQQmB31+V5NBHygn+%OoDm$k>ruz_`d29*B}g`ct(I*LZcb&vQ(s@5 z{dRgqS?lpnXK&AL&Q7m6*(Lw1*l2`Ph~{U>!n8&SxIQ_4dunNY`60ixnENrh_haDM zRJJs#X?peB+4b2^Z%^-DpZ<1sB75XffyryK1BhvM)&tonNus0=e9Q$(I*Hgy79nWY zHv!6I-uu=DdzV4B{s2tIwn)Z!5y~{?l5aAdY?K`1_ZVi3v6L5K%bJ#Hf%QHVh1?9O z5zS~-vD7$}=|Q}|KE1k|AIjViC`Xha-pmH#&DF*G%e(o(I3biwGK9#_*K|r{&=1){ zy0`)%f|yBDV(x8#7!rW@b4>(ODd-_VkAMt(0(w}2U~;56^H63^B+<|nZ90k}o?rrp z#kqEl5?W*i0$lIkU7a4kzPmVo`_H?piwnWcy)CaoSheh09BBJFZAZEGqZyBiF7E7Y znX#s1cPO#eFk?|`vF4hEKXvw>Xz2IhHH=|E&_OqWyvx_zUjUugo>MLd%jxSLh1(Py!qZ(>2FY5vCtapycWd<=!NM-Ux zS|NhEmCLN^9mkLU1XKM0j=n{=>LNit(mERyS{p@Y zga0G;XcpMVG~*Q5EiEp(GTS9jh0`tgK*2QNtvW{)Ewg_c+~btHTi(l#kzjZ_rwSc+ zmTlO!dX-~fQcy>Q5A*!Q+y7^0YbF0J9+^5W=76$4|4+~9v|6V@CR&Q)x**3{y1&)Wh?YbLLWxD+EOzl}~iXL;F7cTV%g_Q|>{R7v~&?SXK*G*yc*%!@wN-Mw`FG6+swwn#P$Ym8d0_)7(-F%y0geo>$b`^^R>1Bop z3Q(-uD@c%*nJbLysi-S2m985UkRQw4%X)qs-}}MCYyMsBof4;(JFJ%?rJf&@w`KOo zNlR7sNOaUqF6-b~a#MazY*1cgyEX=cm69z92su4QX$mt?XqKCSG!hOFCOJ6yi-GGD zt22&Zl}tu)JpCf8+JvkM=81Xt6}TB?%#(-Wa1O~M${qkpHb6u`z}$DRLJ#;Of`&ec zs75?tPCG=@jtEO`2vDz=J80xiW5W)(hJ?s=7%=!LjiVqUF>_j_9S4t592>P*Z*JJG z;%5+GLJI^whM2o{C}5G^Vz|Ma+~6mFn8t8}&b$d4aaUp=+?-r8)Zf3p(UQdYZ&#f~3P*1J? z&o|}Y=1Buo=l`*@vtP*nySuvovy?~X|B;SpKlwNc7MBJ{s?YW;n#FsbZ2?m$?Zs9b zYv?svzH<6YA`=rOFF9!)tEa6&M zF05L<eXp^K8Y+?vo~->vn^JV&u>fbT3=!Y?9aU zL=CS6*4GNdT?oF>eFc8@qnHBB^}RTQemDWXYCQ+a)MpKkE4i+Dg?yP$An>AAjk$Eiitfdv_aB` zoyQW&QFVA)7^FJZ8<$PwWTPT@9og)-~Lm-|D$_2=K(_u()6xNSn{1;tWwA%-ROLczTG!jQ+m_Up@;L$BA5`WWKN=B*a2EqW` zSiT^JRYjUw`dJ!y;^e*Ma`H3maBLP-b8VLs1g}_?gwPC-trMVa3L4BY!pd_c5p$)x zYT^&N0Bd?0WK34BTZT?DOq|zk=M1PpnP4pj?W4ePx#GEW_!O`^g9fKZPd{ zJF8J$Dw=tx?EwkWYZN>@XCL?$F;6Ergy+J4$zEl1;P2oCO$Dl(Xb92B=~PjPrdp_; z!RbqIt=R@Gb;}kYfkbkFf@DR%zf*ZK@6n>fN?WRAW%6IT4rhZL{h%$Mzk}`Y?x(e|EK3a*KlH ze#wRAh}-dA!`Po(!vG~Am7VEUJIdhAAcJ^-;*iSWqac77>#s!fd9@T~5ensRNAMLX z|1u;DHy(bNqf)u#J<}5`xTFV_Uza<>y;H8G7C;Fn3@hr@%F~7@ z<(Pf^NLO{kQG!;qC#Y4+{!FXbJ+P|SpJ^3yf?E~LkF>Zk{jJi*H}I`og8mafb@snJ z*2z=d|JvH#+1oDM|Jqx{e_hIBh;LUa=FUPSH#K*D2&ql$&7uu~d8{K_9{K`@Ho#qq1^GqbIT8e6RQCjlVX;e2ml51 za~;XpAdZBSG*5A%h-e~Fl9H|9`yjnRxRX53pi*|fqovuMonG@=51nquxZ#xw_Zx?g z{D$}|_hLX{*Wq!Zn>U$Xh5I5%wby)Q7fMf4u=}ouu{_O4VfvSnRn|n~XH(AN4c64A zAn8ojTXe30Jl%=8)>UIDD@ilWqVy4T&3xwB8_(&IJ{`xn1s|AOSotjHv*k5P{z8BV zhl_&&3`a2pn{+F4q_>WGpihLMW84Cp@-&9szvih0=T9T3O-75WRt$q9h-Cw}ZoWSY zH$8~8(4Pc>p-+MV@ImSm0<#7ABhDg@PO*inTB4-t4_~)4ZqZ}6AETi>IOKIosmu3= zfSt4*cDotu!%thAthsL1eZBh&8l82wa<8uLEAa00U1^2$^UL41U+WbZ5`DJx6wboK=$h2TmM)yJtSb3q3j**m!qbkw|*J>Q3B2q0{d)f!+r;BwKl-|&oT0e zc(K{pqp#jYaYUtm{&H_~bJ%hx2+NUQ=b4RR$ffzy?q&C;`=Sm04TWr#in^Ck z_a^GTiMsEi?yr$58_~ih%25LDCv*vkGMn4Gw9x6N6eU!U7O!`9;eN~X15wk+b|>Ma z5q)SmB(uOLu#Yl5<+;?hJS~0y?>sKAA7cdkFa#dgU_8KGGJD_=f=53gT(ISSiR?~* zEf(djA)3Z2k(j}*t+DNVt?|fBMX1j0QxJkEhXaF@ZQH9=b)cdbYj(7adAnovsMtV* zy`ajM#~yh#zAd*E;zXY{HXRD?IJ%auYFcNgO-I2(C>Jlu$*Cev^4)v;fLt zFXy|Ll<-X#aSNO}&bgwz^c|}xaiYvsAfgE=M*A&ycDN>|8}>Z0Gj`IQt%u?mJ#0&yJMZPa~~cOg(t9-{8wOa;p`Bws&0=J-%N2*{oIz;Z}X|M|JwojXE_C^vHu_J z@7nR-wssD7SN8v9Jci{gXAjq6*nv!(u@JG_noK{$u|T0u3q2e#uNbKW5*`n=?*YVf z@EEfAHt05<)7HuJPZOfOfNIki(=+WNq5acC9@cJP1O%H zcwm&u;@(>n`0)T?;_<4n{4E==X*A{k0^5}#@KgUjiX#$1c6ySVmx6pwe@;Gv@6amJ{xz|X#?QHts{7UHHKk^QVxOs)fmUT+B8VACW=@VttBUNVJ@9( zSMr4Ko`37TTl6t6749$d1@E{LDoyz?!x1JhQ9+@!H|575S|L;Eg1N(fZJu>rv^>dr zy~nAIstbrnt!#BvbEmbZvdgw2(ynVjyjDSPWG4oa0Ng%ltG&{f*hXBi$`FpD02VE{ zYhx6TME3gWc3EEW9U3L16JZ%6MlC0cDlR$|aCH&BA}xlCa&9G8bW&-zXFcEp@sedJ z;qe(*jEEuh6A|db44yOaG4K=MV;uFVBFstZQiSbAGUEwM(_@E**~kpY&5i(SVV2*M znqTOv^dYJ4rNrQ346`f>g@dkkBd~Wz2zyxR?s0fyg;07pF85mn-7I4ccpakJEKuwUh*lh#yVb3wr`y<6+O1P;<=U2MX(y{BIejOxh{Z_P|%hY_^CJv+ptR&(xy9f zp))3!!qwnXjMjt(te=%#jS>X6;d1b*H&Qfq`l=z31Zd3?fD$p|6{aO_Vom3^Zb_JVX6rzvnAZdj(+fkN z6>5p{pYqBh>#EQ^C9X?m_yUxXE5=D1+9`RWy`lswB4sjIjSZD%KU>zCWZqW_!A^`G z!Fnuj7a8wc{FvR+kaD5=(N75TWVw%$5coWV-~T>hwb)7c`RUEwPiN<^@2*d;emgs{ z(ygxfVR#~vbywNLs$@-1Z{qB?lT%NEwYLM=n(65!UV1jBWs|&Oi#4aV=ZB%frCii! zAm1TOjFg#F&CEtgo>nu$;2sA42t%rjQk|0^5Dd^`!T@k?eGhvmg8)B9Bp5_VpO*0x zLgw!u$qHZi5-*XcSyeC0P(kyK2pqbkVYBUe(HO_fw8!8r zd`)R`GVPDsTSBc2hC(w>Bi4JjUy&XBxiga!5p4i7DX?h=d3)7e>=euxO#;!gZiNu0 zryoat%r~|7N%T<;+N@(YbstAb^pWcAt{!TFam6^g1ujjOTS!X3sh&Fj4+67cl*}6W zl|OayU$?gQ?E9a)2dnsROL@%vzxiM<=IBrZ_(L2P8vR-H@t{uqTj zo|nIn$yH6K+=3}yhpO`=RtlnzMUmqU1VHb*; z*X}18)cAky9qeq{`~Uv_%KvjIkFo!2gT25k za2nJfLI^PWvuGh;jAFjnTz8?@0u;h)n2lj})=y9d!@_MHl=Pzh&`&+!VHjkPc)%M6 z#CdaP|fMnABZn z+cSwpPhZckI+yq)@gZGL3YVaHEW~T#6WANY*N|9_J@UG#x@|gSt6j~TE{0hENp~Eu zn^<(hVK(6$;rUHeoj0w$9Dt`^%P#3x$pm+}CaHz;9lBptxLWZpwTo_1IbSf1cKLgE z^#wRf32vbiTx&K5(|tvyU^*Y{drp>Usvvo6@@cAs`qWWhN|XyHI6S&{0u%420ma+T zQ0n)k`szY3FW^#CbhERgXH_PvOP$F&9n2J*Tdzj%l1r84WPrWs6Y#p83!`c)S_w)T zBJB1$@nwoCAM{Z6=w~6ov5yDfL$?;ywKS)wy|6$WIKV@y>Gzt1i zv3JTXq|k7&16JBRRV7im^VEE_O5_WV6_agPrQ~a1^q8Af3Jisn5kKs#d2Y^Y0V+%~ ztq1wrYS5o6;wnrl&>H)pepGMmfGo7E_0C;9mm@pHx6_HoC4R9o`J*ENlfGxM&0TBI z#q~?%#kO_G+r(8|-USxE&X_77c|JTkd3>x;k9vH}Q~F+{26To6s@+8$sO9rs&m>wX zrtr#3d4{J_mH*^i$XLx76T4=gceEhaW*K}ZM7iqSAQex@VKNWITCff&qLd~Y6DXo? zhSVxv9T6F8wa`k(am;hpinwnWPz^psA?|8U6m)X&>ULd~6m#f5K!9O_Axlz86$3{C zD94Jh05WBzTAwi{m*{FCeo^-oxP}A-BTUc`uoZ(6=BJUuY#3q8ywgj9E9t72TVb&P zc`X;xw9uv2TEVbfU&oo5x}xKa7oFUeyX+rlPbZ zxUC2eP6ZiV$+jKTu33gCt8|87W}{jVvk8M%)HfAB`~%&VZ_5P2T3jjxTt0C{zWrkQ z_0Lws@iL!A7t6M&`UO0|Nx>;=O^#YF195+qT6pD=?W(;#_z0TK)}3NC8?lZa^qmh{ z!4smCfVuORfmnkBt=wtLpyW(F(sbuy-^$Ui#nO>K)0ON0bABPFIy&LH-CHrcT8-^& zCV9HA0J~wubq^sWGw(@$UFse(u0}U^mQ*^0LDY+as*IRxJxGE946jQjxYYqC&Q2TH zRMtc`Gn|+>qdK~AE{@RW&uZ#(BA^OKB7mF#QB@CdKqs10s9l0yamqqnh(ymc^nSM?Dx!f*7_%s-*56 z`~-uh=fO4pUt2r7Th{sS&ffki{{K=Q+m)F+DTcna3rrU>kV<(U1ejZv(}s5JmU;YZgJJTXuU}u#QY=J2 zubM|mX);ShrNzXG-(C46P4mpk|NB|GIR3x4WAp$0&CM16U&dqbe>$j7!vCw%TmC?s zfSyA0={JG0U4UIMoO27HFgX9GeX8OAx`CQCZs$Rk2<1DMeNAPpfHZ%@)9UiS*NPMr zyAQ>YZaK6VKh9$nRy#rcGb{fWDR&!f0X6)8XY;_$|Fyfl^8Z}UWAJ}5s86y5l;>#v zfi?iu$!Ass7P|$|UM*@1kY#)_pk=(SK`R^#Aong1`N5xT*JxK3|*jig&pe4ntCeE#(M*0i!hK5o5~`A|(9<`XS7)z$<@Ii1e9oA88ed$8yL~j(##4 zeDQ>$cH!}4F=`YACb#zeZABaabYH041&TflmZGtq+lI#hQZ%=7#WeITdhVTT^(^9< zRsK^NT>}ZQR{uY+?Z3PGn=AQmDUW&oR}SjR2r#=0sCDzlvILM|VN&2z83GjTSJr@r zkCXq0Fr~{O2_lHQcR?Hl4+Av9@GSWkcbJ&&B4`c&-`(H0_5bbN-4*{|$|J&S-RPVh z^kD)s7F*t@!f(j@EHQpW89%Rw2_9t-gNOj(%7lR*WC&w0N?8uSE({|c^-OW&8fL1` zxlTUiI`S5yl0Ty!kT(&vVy07{?JGX^vxt5-y~CN$MIzkUB~yHf+d0@EgCX`n=L*Kq z$FO7jxrg^@2FDQ^@#~rhJ&aP|jkkCJbB4E37pHyz^@g3WP#jJJ&MV++K)v)a!;TK* zahwkP^U)COZ94orGYI?)0@Wo>db|M`zAB7z5`qv0*(4=Kf;QGI;||#8V|eOm*Z}lZ>M&pQ5HMv9KIa? z-**;y#8ke{&ySS4SvF;H9x2F-Lwe8bW(^ z-vy`v!-Ja63o3teDJL<5$;M_L^eE}sl?6Ej^8%Coof{yV-0OV$&q_5kOk>Ehn6MQw zBN#eiDF`-^4H!ak${^iRnP(;Ar(pdA4TmrxJQrpf`xCa$q8L&!J3v`Rbrhavk3>no z#b>D4;SQMt+Y88U+Vc3N=gb1cE`+?G42d~n6geB0g~hbsb~HH$<)>eifzBART#D8T zL`h$~r-Q)Wjk1`(qV!~M*m7pC7=0>T)~1&YA|a2OHe^oa!=n=Av`*0IfG_NB*+2bZ ztictL-YIBfpD9ccIm)_3@v-H&F={Kuba`G0$7Z_k$h zH#fIe{(nn(DvcW>);e(HmPkmiZM<0Q2%sVF0`+iHI_WU}xTUZJn1@({GrTxrMtybxcUWW5j54 z%9r+f+Ke}nK0~Suh4%{@Hvw%ma(v_jIi76nP|`<>8#@kdHFjd`I60nb>`JW_vksrG zL;m0+*mw*zx%Y{N5u-R;&;U|UKm5=&95_mgg$~(T2Jt8+whPKR&)UlqIlYL6ejmzveTRTm zI*B8gkTd$_g%y3AD(_kvNxv3OIG*_gF2DyXc>;$?X)$V~UOyvJTn~^2oE)=@tD8gM z?e84?&3mC;xoHEhdmklTJn;ChcEJDm!ho`G_dXtg|NX!Ja(eMIZwdwj1iaHvFc^_2 z>4Vol0Xn;Jr_7PLCL+_-i_iV&JXO_o8Ho1Q{}jQH?iB5h;L8`s$F~>9 zug}ikfGdh5h%lfWSXrih;!|!HC141LD4TfT_V4sdqFQE@6RTNFK{k4MGu8**&=va{ z!f=D~INBa%q&dU%laM6)fn2`@q0?Q}ZeI);#$40|X8 zTbp!YX)OSN>36WTDPHsjW*j?%7>%-k7tY|v5yV7P z4ARjd*xDSjAAABIg1yam(F*|LXc!sgb~iVzl7D>@$^GEn@zvS!>z|ggBZ%Rx-xDNK zR~HvIOWPVMv6H5T3?Y*55l_AyFm5gI7*6oV*bj$M0@@?yht(c!tI3p%gjZWJk|i>di}N=Z%VH#acpESh zfz<2co8zC3uTKww_xW?dz$gAyN9JF@EHm9)Nb6x%sbs)~Wv$wA)Pf+dkObI?z5!D$oKSM-e1Xwrp*Wi{>l$ zu@6@Zb}0+?}^Uvl!RClvc zeR_3%{O+^_i1L9eR9u#BP)>WO;u)B*dz2HN8#^Wt+ZGJY`hrmwgLa!;MrgN3 zm~%S^?Z0}5<_As4mmj!7aQN51{dK2HJKmKa*!=nGb(t=~+#xmgDSLU1;tW)qDO?QH zWT83}&Bw9W*KZT$UNoCH#ZDroW9TWuq@Tf+`Fk0xeM)V?(iJ{`wywRhQ?kP&^VCco ztMHSjB<-t%Gx4dGnSB1tE6T9)6*tP*oi2(F?({}+EP}ObNaTPF_iJ`a#C(a>cjK-s z$MH2J{07w3?;u4ehS>%n5HqaRE8vg)DCVO)aq3MR*o~+dO8pHb+&j`l^Xu0(huh8` zS)hA-{eF?U4NpbDa>h2ju{5MQYEK_xPZ(kcw>JLY_-gizlZPS~R6lJ*Bi8*Hypt>b9Qx+@5~!r-A>curtnh`K$i^*Z$7lzUBY9 zb+EO%|Fx8d-T(T=ZhuJ!#j2}cZYRe1?tPio_HX>smx*lS8(-RW_}%tLOwF2zj={N3dGKi?Kw zU}tWNfKETZ{;3F`SDUqk>PvsJ=Av%=8SvC}pY>*)8`_mv<`SY>_Orm$E+h^b->GxK z$ZsRg2WPfxgJqCryEAA((=Yoe<}(W*$u-2SLC!&D0aSi(a0&oy;YuicZO;r!vh{Ui zDStaR8tpx_c%9L?EAnD$ftmLd)l`tL*?6iujC^z(-iNgBQs%+VT$do}Uv18J)fYa1 z+GoKw^8#W}7IBSIPJ#LFP}<`9qApNQ;TrQicPD>@r-}a0T@jv4|KHo&-7Dz-yIU*$ ze;Lm=ss9Tfm`eTMc@b_-{oiom`PTJ+1KA&3{}&hY7Nh?QU`y5i7t(b@#_= z{hv8|ISl|#MOQ$sR1-_w<4nC?hpYp2nHEfdP1N{CC|HICZb@LS`yNNpEKXu<6(=#a zi`VGE0qDC$u^BU=!wSdawh=OnR^b&Ww6+38WeIU=!L*L2oP=e0B>6 z&DGxm5E5engwFn1fPAB|cWiF&&{SRgyHZnC5p_7t)k~$Iax$v-l%%D~XN9g>tLM(E zc8U>PfZAzEiAz#Db+PLQP&*swf9yux?Al*_{Lh_(U0eU#-CpT`OL@LU{f~zgs?z>k zfrsYP{q#$?OVa!rsA=K-8B+o@zboE#_J1XMexXG5M==53ruPl%Z{{`T26_sMv=Bzj z39zK|N>VpiJ&S;yS8ad&D#=6$DA`7w%P`2~XyNfh5&`CN0b zN5JzOsMl*)&0>RUaRsXND|P|g6&BReffztr1Je3aRCd(N(|}TmK+ahW2?o&(PD89( zcj4o@D9uHKCi*_B)?z@KDez|z!YnaAi%@3ME!=Qs(=6OQql=uvQj=wRSfeauwDO$~V(zGz)oDakNqPe+&FGn!fHt-)nEMMBwK>o)l&gK#S zYxDo@?{C`j|MvdDO8#HQ^DWB%{E}6L`0oh8HlOsb-K8oO{%M)TiT^sZX^(z1Y%Pe( zKGHF0VsLSVO|BN`g@s~Z+*GSMgRv<#O>_ClNs|^A9qT{8`&uo||MhQwbw~NH3D`f% zV&hDscu6s*Pw_m%x>Q*&tg{M>lGSryoKCu=u8?jdL+X%b64eU;W|7nlAcEA>%ho!S zZ&DmKmXS!hC`YSK@Ljmr%BVHJ)M{)y%Mn_0PX1gnt5g1iNtmK2A>BJa3^Rx^#B+py zug(9ryLVv9e_IC!`#UT7Zy66`BBx@!K^v$6pC|X9oIf1}&5`m?CUGmv{KvW6A~OAn zk{D*=D1clNt-j{$>VV}vGjlRO%UG$U$Ag~;-LK=bOM|)ayW?_iFU_#;v-DKEYiKBbdfNCZm zEbWip3z4MJ2Ol_+w;SMoL_i-AmYvY!ow(?g;ch1=WIx&yIm68h^2iGOI5K@I<> zqdOPx|6ld|e|vXt$L9ZAd)q7izl_J`|Ce;Y7sC75)cIcdzCeD#Jb#S@>1Bop3J~}A zT8|@4C?2UNGv2d*^61*13;D+>YFx;4rB^l8a4N3m<;#MarvfDgPxMX7u{}SI@BQFG zM7f}XEu*IFM!q|U5|m}jN%}y*EsLIx@b{uJU1DoRRApj%y+0axEj;8G zXF7hPY}5n85hlO*SgU5vK^=Ut0X{Kp6pH;5TdO-4y)%KoXhXc0EgA{?OKIb$ssp^F z_CoFJ8eP7C7(Loh8>SNYq4)m(Rk!~$*{pjff6gih)aieFn+JCOuY>)))&9SX$Jqa+ zEUpH85rP1wK=WVUsYFod#Y!FgA=E+5;=vzZaHS4@-&?-%xc7f4@FWCgJ)g<|V?T~U7A|$+_y2dd zcZ%`<_E+~mmhuSB$j2L~0SCXS@t#W#uqRR{pGQg{sNDUlc6EY)00#jX_(W!{!fdmb zZBsTYI>obDj569jN;-|?fXW`spyjcEtJ*Hjw<8%N8LXSS7?nP}it?>iQ8&zWs^YNf zij@gTQ?95K(nz%`!KGZu)GH4VCK_Tz4Yv||P0cj`HPCc*B%;(G&eJxnKSPrpGD+v^ zvjS4p_!=#s3zp%4NtT%SBnk|fQW^o2fZ#-!1Ds>ZJ zUO|jb$ii3ijj|{`PuXh?*e!?>*NB(P-%j-UK7o(^WPa2Hpy|+4)c4@{Roq6a;;pKRl;=TmOml`y64^R@4_TN zA>{XR2;CNG7as>GR_@?tIo%iEr(leGFo!R(Crnz}7D=hcGAr<_1Zrg51=Urdyx ze+U5TKo!5dbp`)WfoXwzAH)6KJQI?XO1{4MDwe-kSyzyZGQNl`+WHv$2bNsXy;Q#d zf>@cS_Ss+L(`^5r$NE?A|FOSci2u2}+W(jHEM@G3Glt|GRWA2f$Af zM7W~JYiKVjsy&^oFsHfD*0>8>A=l$rE;T@#1%exuXqZ0nr*Q@u`l(lFzsdkqi3o3A z85-$Kh*08Z6W#VRE-^N;mMb<^aV+}4w^d>B%B2Er^Y_$7C3lsU%h0jjhYs4)2J9og zDM+A=1+#LQ;FhlzyZL|8&mhL#J8`-@tKuh~I{j~JtKk2!xwpFizm%t%m+^Vfx%Yzy znD8sq(|AGPaiBPy{9EUNW0+-82ssCoKXh4HrumyGF`z@c5}JkHlu{{VJ00z+zWBs% z!^#YW>*bh?NECPS(qgyEMdTXamk#g*?)0C$THwbq%sk+o@d5FG_W&vPl0CWR>y%5l zt(I={6k!ppSXS^;D!a3$`kU7ft`d|HLKx~^8Jgu-ql(8P)#_Za`wILtBA^##n1Ema zg9loVdEtx$s+Fc$H1xAc!Qq2`rc`F!*K$7*{D|Y+(wskZ9a%$@0_(_zlxxaaPd2{6 zZmFwTrlDfd=}4Q4mQ^$6v40h4x^=k0|2wE{#lA0`w<@~qHmQ~yyww_1in5qtvQ3Xi zlIrMwE-tlI!l7D@x)lArXgRB=?5W=W%>&+9MSz<9e}8kk;QznBz4HHG%A=V*u<((L zxuhz2Ey{8SJ{~+VXWNaW2XhiF-iuOVEH**5dFZUp^CXkoY?VkSmI0Evmz90P<3Mhm zULmTB^+k&sQSS1QiyGZm;CBcH{uqK>ZRD;kD2XRv3sCJQ!aS9=y)7%uj=*|Fb6+SB z48AaDz@O>%Z0a9*KaPqjkOfONX+hBToXTC?s9iW`HYLUqU5n2#UBluiY7>|$T6E^Z zPZ1_w3C_ihQ+mfXk@$E~TimM`_+%gTDq??@gIN^*^uk;W6f4bZIVcJ9o;akmdFXi$ zf$DfIQFT!%pY1R4c9qNCzAzWKnpCBWymWcjv+CIhs%Ti?){O|s z)O#3S=km^6CK%_;FDzAO(?+aDrWV^J)Ep`AkAAI1g-hp`Yz*`$^OR$pU%U|aa4bnl zyBlGAcPh}9nCei-jV=k9l^r&(YZ&ocF9cn)8!9d1d|Tk-<*2nPaabwyfA*(Z|DW&N zS3cGH|JL4~eg3<3aB#4)|1aec24cRMEa>!C=>3jU-+XVK>IAr{{}%xEbrIP!{=V4( zt^@rAn=G2z0~(yiT30ZpRqo0!feih0o;x6==4er{a9g#^N)f}vrpS7q=zzA&UeDHP zCUnA2e!ycEK-#?C{g4Twvdx-a%A@EFur{vgXWQ1@m~=EQC>hgss-p|jK9An(fwhOq z69o61Q&(Zf#e1-`qE#8iVeKKGY2#MaecFoia_34DYx^YjF+MLG^F=}8^2jSxvcy_L za-=Xk60|WvX-Z}7rmCIY3L_I8hkFP<r8i5(nLQ!`hspa2s(h-dw#$$-rL1MG8qW4mw(* z)2YeFD%ag$S(8~>*)$ammd(iZfsZdU*o!`?sNo)mF#S%Up(v*&6`cq_RR18r7ZUIK?=?wWab~9W z&B{r^BqU*(A~*yk$7_=RehV)WFTNy7iD!hWnOGzqjRx4=X!L_UeE*P&yBo0)ZPLxP zi^HO#%?Zmce+fFW%?Swf==yK=C5xZf4@*xdj zj4n}Tiz`JIMe}ZL5|djP5Ao+qcGkX>=Wj2`&@l5Mk7+s5N1hmjUuEASCaFejFTKy^ z=*`6qxVgOe`K3*DTVJK*mRQz)r5K2&_}Y={<+kM7`fOB;+?wa*me^X)^MvT?M@=Cx zG%lhCX(-9F2kr~(!(KJPHig$JTHRW5ZHZ_fv@6K4RbOj+Id%A!_&^F%+<;YQA`;Be6{T~2MHj|%nxpKpd}a9p?2t64 zH^LE<_rK>FCXiH+Tpb=4!TeS==e0fY#MCg)xmk`(yi`2pLv$yMlN{_8eQ;IU0F1g) zDNe36VNQ}Nit;+KPQ%5(cp<^5CSZS5c|ANabk*1L;;>(xwY-k}Rnz_M@WDGMjy-+s z>G{|6By~J)pYBu0>4%uv`E!wUNmnmVA$?h1aF?&Wp#dd8d~Yf?uAc4nZtDch%X3S? zFUPg(cd(9WuyzvCs+u15n8*B4YaF99sS?T0c{(gdF1|=2eW(gkb`^eR3Mu!&RV@Np zKNx`B9c$Ovq+$OD@QQt*SY_?w)_)m-(Sv6Cp?Y>q%bBRBZK-Ba_O1HbRhLX+yDf}% zT81Cd$Mm7Fn`Fx^RDYl244J19Yxd6s!XNCF*Oo$G+Fc?26oC2y_mp_K&<9onC>$}8 z?Lkr{CHvNwep;!$|HVm;CNk{K{wGG#U&91WP)AGfCjYO)BRl`=;mPUo_WpMhr4>ih z_Q6ow1^oxV&^osdvHD)rfv|6T^j&HPxaD;kWq^v=staM%&WE{Vu4TLiZ92MJGM7yE zW^x!z_N7$1hozWmOv({sO?kEZXlaHQFh_fL=wUCD)%H>n9>bNVV`v00s~Fque5u&{wLNydLhAr)`w0B?5PEOjzEc+Yr!F1% z|CG#73MZ(uDOiL3*XYcN|8Y1v+Q$FbNa;+r)h_6t`Kz95$#_v|&z0@ftKu)e08n1a z@KagQEV#$f1i9BgewONoO7)?8ja8|y?s24@<%>g7)#LflW`NJ*Y#=llo zg$8G08U)WPTQz8zI*C)o5M3j}lvq=4`X#vhN$Co{Tije2xt70x5YA8>LTY=fMTmxG zkL*c?x%Ns=FrfP7Hz30oTBSYHjEE#=fBZ>hM^~ZUgRH17q^t%uz;pDr=dZU8ZGVeVgus`l!!Ah9>CqJCw#SL>F-kf`9(=xBnBEwF1i? zK34$STZzBW5TJKr^dK|cI~}m+M#X7{#%4|a#CtVVywSG)Smob$4SO`tNT=1cyl@un zr7b~C1LM9!wDBA4_%5{hXr4=LV*oa{(mz7o1U#kt+)siJwkx{*0`d&c%8Tfh1|>S` z<)AV|gN{1Ov%tQ?{liG*QPa-4as5NNSv0nDGh_&ILF*k?W+;a|y97G@De%SlG&X)DpAc5vQ}icwiH zaz$9|lIS8lnL3|gcUVL}0oWZH9!vFmS{YgEp-Ewy4)5l-C`(X|=n#{AoX{L5A$tCl zK1)e7jPV$S4`GY|PQY%8vKdTJk`KzS*Axe879u54g?V-fn--~sjn20|8~7<5G=QV- z!U8a?xC2`O;VFssXc1_k1lK0)y5zU|DwjN7?fP7|dUHsjz_-a)RvmqwslcqfS9g`Vli{pMU$G(A(MB;Kjs z*^`o!9rCNqHBNYVhaP~OvmC6qdDq@g^{NB)o`*WCK)WBDpR^`?UM-}sdm45(c=AG| zkK5W1s+xHE)u>IMs&Agc*~;IruelqYwspU%0I3&@XkT>A+E+GS3tsLP9gM=O0IO%V zlFH#6&1xvSLGJWJ5^Kjvl1*9K7$Dvul~@m=5f-$uuy z15f_9t^Ri-r8CQtyP$vduk5&%iK#k!{(v8v4pmnSt5$_7RXwOtp{mX9s7{SBpF0)n zN$%v0MR`4K*^>12%+@l?{h{}W^$gonF(Pj?Fmal5r7%5KT2OtJ4EpuUpiY(^d zeNhMKuIx=Q!yzX7ixG^|DI5hLC~J#&ruO}UuzoJ#VCNC~3}k2zQi>-crOg6nn0-1G zcFG>W+($#+v#Yps+dgm8+N+b>{{dXHRpJ=lLlKy#bqJM5H*s!r;c!4LZjfi@?T^1E zzZ3FR7ca~<`#*q7o*N86Kxh0;NbD_6=(#6Fu5ygrBXAFs+!GGm-J+&fi2L4*Bqprs zwF|9sBHf*A#w44;Ja7JF)H2{mV5^qsz0oln1isA-L5XEd!2~Z*A_A)OfVl1+X8l&K zj6Ll0>grW{lE-%U0+nYEASYmqlL%lRXk15NjPF1Bs;OS zi^+ObvJ81*eEV%ZfiEEto4;9$s2~1i_$`K zE>ZA`6A_JwJ513_W=yi@tzsrj_hYt74#pxN}nKbj>5v=g*ih+4kE233!} zD#kYAmrjyfiC^CFyR(qyOT9wqks1&4t~Vp|oLlo3!k~VQ>X%GgFJpi3Y3McJt6#;c z4M;NWz)i9cz5n^93`3!vwrWN5zUG$4)N3-bmRm7b$JO~tY)NIJernSXD{XE>JndGz z4Ds~XAy9w^oQ@YnO()MLOw6hkE=yuU>#;i~W?mxJ2@|!df+lp>jeEk0-EDWoIDmc2 zgml}o(c-=TQ|H|MPcV)zN@lTS5a0&?&x4bZo&WvdY@7dQGex?ym+}BVTr&wBMiG-8 z34n1da#;`;1XP|=3-~Z1%P%?H}mO>v6lMk zRa5q@O;J1>(&;{r{Cy5;hu4!+@W189%lg>M&;nCT65dB)Bm7Q21z*7LbCM%g-8Dky zdFI=XE!49^e_zU=*@T1JDtqfMP*#F19D^>>^jGn;9&F+J9qrvdn1iXfe4^2kNXvu6n7BROUVL%X4+w=||<-UAq~#6(Q6Ud9yJu#v0)Es5A7ik~vq zX+5|+Z=t*-xAQlYfq`}BM70&|>W+H0k7*_{I3Kqox+M!F6h3l}Do9qlDeALuv*@h` za)X{twC1-p*8Q^5!dW{Me|EMfy(GyPPv$~LW{fR-9lCZQz}fTJ8x-L3Pti35_z~qA zwr?K*O=Fzril*RKs`)PdyeFlmJtj}>9Sl510iv7p=c1dRxyjXDpo8H+aKUyu4)6GQ zF{C*+3jst}gKz{_jU(3eXVykrN3(lja3bf2DZpC4WGtQ|s5^{cezvp|ND2xVT89~#5H`rcJbttXA{}olhjo<&_$iDwM8g2c*Hd3m- z|5&JmJAeARj<%PtK2};l^MeG94o%SK*Dw#KAo#x@;NHIv_WtYR?(W{-)Zcr58~mXD9{g>`^eEVk5&JJO z9-bZz>cY@IrC<+~>!;f)bF050cs-{o$q9p#O@ZSCCV+dzB=Z@{a45pyg^&t;E)RD% z1XtqPUm3an$KHPoxi&-vYKJ+P5t@V3qp}qp2E~?k9VRLa!#X8N`oo_R41eCMcF|Dw z5~}$~q*%%33BZX+qy#7d_lTo`-r-dE*FhZ5UE}L68J~tBZZJT0 zmUi(GAf*gZ8EHS@&wC$%$e<=H;rab%9D7qjRWD1E5wc&?Xnsq7Y4M?f|EI=n#hUED zj%@pn!-KQq!!7^cL}_9F)#p`TYTbTywF0r*@A0d?IF@!88BC%J#vR_wXW&G)g7_dNv8u$C4VtH_ z@>z=!;`e!F^0~{5B>zor0}!zP56lb9@~&9KM^x>tcnM;(=O9q;YZ6546rm+GAYPy} zCJ!@|JibBf*9(YdB)QR|oL9hBhODdruBgzQzCt!~P6NTUT34_K-m4oZ zl@=5N5k`aW%EFJ4;z=U*rWAwi;lF-;Vg%sid_h96p#MTKw+iuZq5nBJbM!xl zqpkh#MvBz`vQ?%4inIk}Y^i@&qWdj$yE{so%SY?;nrO$k7;2Zt(HTS|`4TUTp~yeA zm-?L<#M+SU`zC`kO zI;d*xcJ9E}ubk$((P#@{+_c=#=4)DRXfJl|DlImaR00Sjxl6Q0OkG%ead~v<8^Fbx z{Sw6^bSf3brrJ+MmlZ?O+V7av{`f;nJ|caQ^y-oiIjxFgRZsp;1wxwLp!}&D zwx_rrO9TBco^ui|PdCbyhg(t4U^;vPbkjvqR~Pbq4H&GVrtavYRq1kQTq=`8twDtq&014b zN+j%hvKBbCny=%_I3uD(8AyaJ9VQ9P9`slui;v~aY!OqWdR)JL(4LZ!2c&*p`q93_ z+JBRes9>3>S1{ZDY7lhed*mPh<2rK=TPS#Lhu*vot(^TmNYp5Lf6OJUXy6p zLiTT-RNr@1#b{=j(83oe!8wL8{x>SqeFnmaCjcZZxq5l&V+BpO41iJ+y-kJTN8LoN z8=?|Q*QvB+k2MZYMG$Ay6dTlw~< zk^Y|^jO_cL)3d{aE&bm_G3fuLTJlwieX(~QEoIkc&^H;!GdMwSZ~w)qct&RbO-TZF zYg8!3hsayr6!{%H=czS>)SVn)Zn_3M*8P$-aWOJ{NI!RO20YiV>rN zROe6q4T?*rR`_KPVG=EaTbby2AcmD4ofo`p2)=*>ClN|=aO^tgb_En>lNP$%CMa1i z%YdkF;^7QY%GMj^Q@Nn!%h%;Q5t^ubxB5W?efVC0X9X z7U12i4afzF=QG65v#W!ub=DQ)RtU|=Em{Sm8X$*DVJkzF%(HMMASAAeu38~VkX97V zGn_w2mxJ>TsI!{(gF_8QJ;4X>c}y}ubCTg?0#LH}4+CyxLB;o0{5zmX!&_-d(FGW0Nx z&2rN`{_}q^k)G86?F2y{f$dlK8np|j*mHva6(hWXGxSXRE!4EOKZH_phUGS~Tw3iO zhIXP`b-`IEn9iRI`^XmvrI#dqaJq0p<*Br7?QBiP^EkHbO&kkO?wjCX+p(7vBR>a5 zrXiJP&BP_BFs$@vWGS&>WNx$O?X9mFH(3z0X>A41^hPdh+0V5=TF@qPU{xQ6p_l1_ zqq#v}s-#rvZi9WMmc0K=eD${vKuMKOqA4#BA&kR0BXQBIn;$bWPyH7LPBnW^Ev*#w zf5k-$kGOZx!eY0DfLG1`qow_Q?b5*iPmT|4|G$%yqb>j6NHO&PFW%e$spf)71Vn7Y zRYiiRB7*N@kOHD)4K9bN!0`EV5M0J{nxpI$&S-9iRuQN_e_pBpmb~Wm1}f3+VWWh~ zB{wcSC6J}(L!}EvZP#)O8C}b{)pXtZp4W+zqA2ysv-0=3^mJZ+PDR{dKE5`C5~N-3 z0V01YtPaejAA>2O`5O^)6JQFYoFyZE&M5-=mii6n)1O2GV@%mey)?!4zc$*^qGus) zkxYi1DH3Gm8TW2g@C?8%`n`lsq?;QItXA?qzi3nb@ezvA#kXmguUY!|RX~9-(Ze_nF13-UxO5J2%T1?h*6ghCEY2N-1 z;5W9RBz!V*c1{4B63+^9haM>R70A% zYL7uMBN_M7PQZtwk2)f?!9Ln%m2w~-3i$)A?YR?sTi&qkDZja);Z)FSK|HuA@K}eK z)8!CzY9L09)EO(P;igccwi<6Be^idmMlUY(ISk^2?7*Q7G+Z#Lp?t-Eo_i+Yafh_0 z)A}Ra>b}cTef|@og|uh;87Fs39|s%#KTc0={qM=)HvY>-igEsPmweU3pWEZ3Jq!A# z()ZEOvj7`6^>tyeBx?_lwU)k~`kS%uU2-O^da5}*R8;;xIZieGXUD3G7(C(zZOtQqTXdt}lDI18h3~9i5%n{y&GO+xx$b z6qo;BU0?RW`>(DqA2r|S@b}I0WyhO8)X9OZ^N#|j_V}hMb&wC1Ke9E#S>2}QM5fo+ zax$aT(|>vQx8C#L==kW+Isa|#KQ~ic`mb)6d*A`pSI3Ws4-|7)2QQG9@SEoaa#kKX z%Rp-62WpROMvvDD;QDqA%z^ds*JKX$^#A(m#kZ3GxB9=06qo*AU%lvq_FrGUc+_;C z!@mxi&+z+AX#Vxp3lI5Z;55>ER%v7Me=VHVZ5l|ts`1w&@wKI%{{KQzwz?H~6a7DR z>Hpa_|I22IOaJ+rZ#jV6{OjQX0>>^F5YAM!o+m#Q%^eac9zO?pHb-s9^;)Qa+U9@VNHOUD6|Hy`(WzBEmMv`bKViDPLQ#nw%q@$Fa&KvTH>(sEaOD8(v``z#2Hl zQVL9OObFrBn8R#>auL|_B93_q7bYXSdCH5<>?XEXj*Uz+OP2Mr#K@i=tYQBL@RA+R zun8f_7=TbLjs+r;^-CYe7>6kE!%Z^RQO!uj=?%=#s;iZe;B&IERxKg9vvMS}P$fK^ zWKJFx7a}E572@i{Nc1!%Q^|W(iI?QqhUoeulCMip=@@4#F0eT>9K5u$42I!3B1d zl)|buMYWO)+lgmT5&cR%76?zJvlwjCRXF+wSNcZL zv;SyT_^kcMpiU}~b1Mc`N&5Ke`M_z2HC76CW|!joX$o3UIVUlbZlNILh$bLa@eKNo z;AR{-Rz7uDxOAhTZG*2Z8GKErMeopzERYEM!SjShL=d1fjUNC>0He(yv}A~;@wGVT zTBzd&m}PWqr@{UY;Jp-50OB791){R3E7*Jl&;li#ut|c`0#X^0n*qE)38JM-o9rYI zbkEuHb$w+BM!2uem=v4O)7q{cMKnEw0g5ACPNbvMSl?i`P-dy+`_%@FiK~`C#iPVn zB1Am_)TUS4P7p$M0JVnJqxiMH^wY0QRr1p-dL`s2qZ?cDshnydg*j1l))%#K#rggs zq{SuYYs#A6*L>U0Ldw#EmiIM1O<^UFxzztH0sj8gF5gY5*8e0VDsm02_x}IvXyn}g zpKb5|H&TrIpEo2zpipwJs0GsZ&!g4;n3L#R>r>{}-$0;GeJbXCPzgrIH~^i(0IWEE zkuA99tT@kcJft~EFXC7~Bl574_6a9=0nv;kH;D17uV0@8TsQC;(;O$0;9M$A_}D@h z;tC;m&%n-tYl_M#cu)R23!idDB<0_^Q>pj4USZKOaGQWnga}xI?^V-(wr=KmU_J4_ zMkj}-PX33}!;>xj-$XI!|22t#T5}*5eN{HloRR5qZ~|u@Ju?GEDJ%kR4a-0=$bisy zvW4?&IX&$^Rz|+<&UAJt3e`qA7x%EGKCtCf`e83t?>2`ipcFv9M%e_h0q--MBcnnM z2ilpW^NT1Fw*$JOTjL2oUjL$9HrOZ#VT^vf{zZdMT0l%uhJ;yxVkJNXjE+R~-B_$_ zq2^GB=3+R@9Khv6^;QMD)jfUTT0d7kU1Gz3e_${yYntNjf*M8wa;{2$X-u`9c|a{x zjc4+m2rY1kxGGA!%{l?218{f%4v&rOsiJb_Zm2Tzx87c(jAELjBt+W%nTWnRgDDS# zER2l;{z1RMSpb5F+$Z-ii!QFO0CsFt0`l|(CK4)fv=}K^uX|4b`%U8uYg_m z;>{Db+J(H?qDf!S+8aAYI2r~ZS!trg_gQ0ouc=ZKO=$$eM_bxV*CjDEbfUN@Sq7(V zt}gXnoTcWG&|N(6BZwd(p8Hgty41o|cgt8Ys*m`1sC%WyO7nTd6)RrDI|S%FLm(kM zR2c~JDNZId;6dcMXjYM-fPGLkl%$6=1q16l{ljwAZ3%(j-);HPWuTyzqx<76Ej79f zL9bva7GuZsw5{JKf0U8yy4z^9Pd=t3w@Y0u-7S^5EteMeQr)%D^5S~{OrF57X~Q{$ zaZK*7GrYhtnxL0VG!(hm-Kwdo6?tBUFom}`#yLiG2&1U@ig)>W!l|Dj7`;v6hj)bJ zuW*dS1;e1S`aHRyZ%D$b56Zsd9PCz9W}5+g0XWGAU^J+$Dz5#?x|S%nywe<`%7q|k z?3eONPm}orI#1IW%}|oVSO|at*bPY%LZjl)ttVx+<6|&7I2(8z*V}ky3V?N@zh0OP zQFm#W*M-ZI)BhX{JZIzG2%+@l?{gS8_QQDKFA4s=q2iz};fi&r{@^y}MmJNqK!7Ci z1DGfH_c;=AMQNS&O*@!;7*9!-zvFbYC7GL|n27-nk(;3WTJ^OY-%vn`lN~It=D|Ho za>|u1IEet{ncczv^Bjy04v#@N<>2R21m;Oe*gmmJpSTr+<)bU4Sq1AbCih@BMr_Wx z^?blb7?`Kd_fwby`ar`xRtHapbCR(&y`Q2)rBu?=DLKdN1Z_wJsWw0`zA!!=_F3t6 z2l}oO6-+O^AVK*Mr;FnuPCr%PJ^%sVzJcZ#vIuNE54zp#>xT`Ta4$mhBNz)tAQbhx zIl18$j{Yh^;Q3~26kxJptdV)zL=?Z_i#rFO*3YeV$-fg% z60?>Q*4tN4-k5AH{<{M1$7`ot4q=0I`oTdA$=X_tkK5?HqA)&QM&|M}r ztO*n?FSI;^gAX5{_?o!WkyMLyBmO*Z6iYnQGWO@tW7XO81+gX{0ZzaN35I4S>^u6Z zp+rFOZe#H_O@qnRs!Oh98YanMfrV^lpq-}JO)$@e(4wBJm%SXJWn*L{qp9qBzx{?8CQ~ZykBRl@z z+39E-|9d0Fp#Sg0lB*o>E0TU=13g-@Z_T1_lCLF$SEueqsvn6A(=_Np@Qrzxl(k5e z-JR0w?n8y*6ORjDt2T7MKgj&rj5lb(ulY5t#w&>9dA641+{SD?%8Fj{b9;QQU!XK5 z5A5I_=%%e8xXEFT#`9Phy6)Mk)m^sp6>5rcy)j5~pR;ObTzn9NeFS5Y`7q*+*o=&{ z+&fzy->KB_|9O(*8Cw1L*Tnyi&PFHp`EQ&5aYM!A|6<8|JpS36=<$jH&P4i_1mp;9 zkABMu0oE)`ZmS^pW`aPk&~Xkoh4dfDHANQZW)R@dmu&l3Hr?foytmoVY&C>Y^k#u0 z4Bu(++s0Ya_@&7nSQ~seN$2djZ9s){HY)%HmWRWk?)waMD_BbLB=J~(>J@EI7B#A2 z{;1Hg@WCT=%kpY9I0yjA*ao(M@&e{D>+|W@E3Mvi*z|rY;5RKE8{(%~2uew0+bePD ztJ>_^8QyY2(jvOa&P(hHQ|W5!Zx3F}&!gS0O`I+3#D1$^kD4_B)wYD{}~+} zAKUt$lf!NN*NqfI{<~32-iz#KY@kOg_*t{)Tk0#iU%$%Vn2BXXTR^cnb$_qm7>%}S zfcB+^{-cbWqlO`wC;2K&py~X7G&;7=|0joA{r^UaN&m%?1G(n?Z~<(Nj)%4kPMlXbss*9CEAAM&~`buFo~_E9!{FeGXt0jm&3z>k3X@Gnpl0ly~T{ z9fCTbsOE6`?L(LMwGS$$*m!otV=&3h?nZ6ya$pW-gtE#vCfN{#6)M#WNw~p(#4mG( z;P3Mse0aL}2<}l<)~X77se@H_-6N5>mGf3FHS*sSX6QO2AreXtn!<275wPj}e|mIa z$A3Q@oo(g6O%zl9V@nR?nuB7|R~7+%JL&OCf&SU_E(rRD*?i()FBq1`pdZxQq{99t z9dr%LCv;qCMs546V_uc@zXdO=rvEw0W;o$4$vKI3| zo8ovaFunYo!XyHg?~-v?R@ptYP6u_v@oVG0LFa1}kNNZ=nAt z2M5mm-_gOA{%@q1^uJv4l}UZs)#D}X`W*Tu<67r#rpGl9a&0(M)2qE`Nw!OPQW8}I z<0IWGLQyEW{T-EbTv(u)aU6C?%GwYSxt>wy-C^{qL1 z!a}NSD1NtUipFEMrOUSRL950&i4|AmmP!TAbYAJAN4F|}`5Duk1|Z;JSL~qvw#9sb z&9W~$rcafrxXx`<<8IdT+K|QH&6fk*1fE-FDcFmt?vhLfMY=-|Dn1flyMcFBfj7&P zHm^JM@R1K_Je3~c{F|vj14UfV`hi1M;f&riDY1|PwHsTlif0a8pyfk4(HSHP>n9;M zzTw6}UVcX5JVychTbZf^Ah^!Z7-iZcXP5F2GV;sWHMgvMs>buLY{PyPZ94|0Py?#J zT5eSiy&FuW{L}{nYl^(~+p$qc;S?t#Jzsu$9DraP6UhD=EQJM!yeNb~kj!VdDATdA z_-F#{OrED!ReMT=$tX6nR#k8sMv3{uJ0wGD6i@u-b)uPEd;VPfEgI|3>)MMii9asm zEmXwFaBt3*Sr^f_gJ}V_M(+JP>5oU1nRZ(?QR>crDT&GC;U>)xj4nw+^94o=Hbx;`Oc?9l1=tA7~Ta>0Epo&ij_f&h^ECux&6$Z%kWxq zZk6Bf4COH5h8nUT(YQIxp-3$%lmzloP14f=j{_T_BnPKLfJsP%F2-Y=;QT?wOZ$l= zB$Myn^VK%rtc=LJ`7O#4lp{LCWPeI%&aK-1in#Qd6N%3>G`~U_Y4h!ix94RFR>mTp z0ZPC<0wGKQj3PkEj600sNL(_(jLee=AV?n=C7!`M1ZJ4#@D9--_?g`EkVK{$X9&K4 zocs@*#o!A_^SN&&+%~0J{#%fEK0~YO{{L6A{C9SAV#$A_)8pgQt^Bu%V#t5L ziX~rF*poZw(Ta8j{5=bDrh)dKG|ft4=2nqgYMtp+bnrY`=^fx}vOMcO8EM`VUov@G zm0kyErp8hm${>HHww>5uKC^NSfEG68p3Eh-MSJN?%l?G(oTMn5VM;ae8(4JV;g4RRcmN@ zhwC>em8p1ISk7A!ly!okMN&5VDPr+3ir}iLm1eRA5Z5cf@dIz?DzJNp9%zT5TC9An z;lF>GZR`JwICfXw<6Pd|{=ZeWAq#3Ye$}=U&L~duA=&taAUN#Xmqe#BZN9oRWRDpY zHJ5}vEiWByHZ_KEd<(<77cwY`&bP|M`u5I1zk?uMgn=B?LmOI%8AIMf%ZU4_p7H1l z$TK`M4iU~SDk)-sKMP*ABDiHY8-ST7?1A}oMVQNOHUP6qc()S7s*?@Ct0n7O31qFG z4M1IH6I==CvYQRSoQ&y;;PM_eK`UrT@v4ME^sxbGRTjFHz*U{B3tl(hT}#KetsbbZ zRO)}^A$b2&L6_DQ|NZ3Xz_$NCI6B+yiR#BcDr4c0XLUv%gSI zaU)FCx=}w>)LubFRsN{aP5G4?g|4dD{x#aFa{ZkYbzD+QHIc2Efgx42Xh9C2dqsGI=w8Phzd2G%v}({_#<*`Y35 zXKkd3fe!@lww8GD<>c0)MQR^tpqeu$Kx5`0jt3q=hZpjuJm8@DP)n~jR+ z-sUw(jL`TsiS$6FrLKotT58=%g#oW`+AbFEH2&Ilj=6Sd(>f?HCkASTJ7fH63^=9= z`Ya73D^$58RBzHMk}1cm>aVo$e1|6J^J|!gQxN>$4+ney_3@A6uRB3ewHGw<6qmP% zk$^GDW{|Vr5C04f&d$#M85pSj{i8OvH6d>2P$aSPQ)AvBRD@Vus@qMd_m%9yAXmMNcbUqxnBzKkXK3%sO zHHG-ZMvwF-AAM@TQ#*^Y?PF)iC2E`@tE%y?%I`U1kV!pSa>#0D@OIM%pX( zGXTL23GaAHAbr6MAU(#;=A|IUup$^H-E2LBtKgK3_p z^n8CmLlg9Qbifh5pY6YSbN%b#i~W&l@~;OPFcn^-z5n{iwO&8$et3EP{>Rt<_=x}Z z1@TA!XYjY30PN=EhHC%?ERJjQj?idv?i%dg%*SK=8ASpcFZZwa-|zpp|9bx)U=N_l z5R85tJOg$uynl`N-{bus@&0SP{|{W$#jNsm3~>Ukk{nG?25r@$LMrm%M8`LwB)30j-}2{@=&(l$0Ux)J;Q^Vu#dAA*bvC76Hzo{QMuKE z*J#G&58tM-?>aI>$vg`Y9maTub2^;y#?3lVIoNK3oPn1SJwz9_(DBdUpTRRAy0wtR zg?mK^lz1;88GvOa4>?1U6_XN(<1f`{=lU0+>d6_4Ut$>ZjZfSxK27&#KJ3QISf8VSa@?UYx=~e!#u^xSF@?SZXt?F-8)t{zM z`|~OPnkTna?QB&$-$7~S|J)9Fo%#Px4&C^lCtLsD%@l+G^QG>W`Bz!7KQ_)U=dpg9 zPq7Beuvgylqrw5>Lh?xi3v%sS_!mE>u6)5mH@v#BgQuX+`EdY(&tn>ZAj!wnI*ISd zzRoLjN3NEKvmn{Z7Zd8!6q`kqL%`u2x0TC{9V*${i1{NtVNSsg>6|a3)!^ z@|6(b-;?FG;O|Mt@jbB&9cbct(m__!z=`MWz>&K&o+tc{&07?AC2RP!Y$LN8;+OIkg^{29>6-cNh&Pmo>V*+E&SYhisBSy!x_9oS4sXhdqYSnc5e%$@c&;WIm*T` zEaqT7E$#Ze==KNFbVuS5&2p0Irk=(_ZJbpGk}O766u(+bLH-PdrY^}h_K6fN(PsI`}p zxx{FraITN+Q3UI+YjnZ(Ewmb*E_d8ftv>>ssGJk+X5~|Eo0cDA9vaaj+e^t4N1va8 zorGjF9{M%B%t|js};@0l#Ihf69evzh#`*5kp z0@ohI`sCM^j$8WY#f=q|m!`2T=|?^}q3qz(WP}xRH_yVv!QR8>KGF0dYC?4`bNyY# zl-r0a@kPXAeP-=0Xxe|F+Y6fQ1HJBnJ~opv;#NIRHMw3&wogA`>< z{#yozqG`kEt$A58rZyW(H5MiY^D1`b6m-SoS{YR{{ZAL+n(6=1=)|G_+x*X)DF*$& z{`In7`tOg;`Pk?`pGDsapL7u_T}Cx3X-+aY;SdZH*d}ObO;U&&wAXln@Y5qsCYLe9 zmWPR&LW4(0YpPkq1kA-IB==y^LK z%JR1jeS|PZmnh5e7>6)NO9c)r$LTwipq%11j^H+q;5LrnHjdz?;|L1!bFSGcz1fBm z+=dd|-UF4T>iqWt(>$B=E&TU+G(q|Pr!sG2$HQQg{nw#=|8sbFaGywtw5260#Z|MwRGD$h!|O=|%IN_yzc#7HI>=8I z;8Y7V&Z)&to90vq=QJlXk$rci=_*qRbHryrA3)(iKLYu7i3q{sH@R+<>8jViYTm0& zJAU}~b9dyac``*X&ZiI8Bzn2PAsav>HMUgO>=`!fdalMliKYUe00bBDJ$#@SaZK(5 z=P+#;rj#gbu~()J3e{T)a1x`rlb4eVS(2>6F%T0dF+cI4g` z5Ool@;qF_Kx-Fu3>3?<$!~IWOq|X*OL>FO5=1IP+9dHBvKRO%P`k#Z-v+e!=Mv8U+ z&zBp>^#(sP8ayT$U>jl;jSy?kO&iP2^nFVn8Q8M0%geCWKL016+xw-x9<>}CK|p`uR*`Ue2x5<&11Bx>lZIg z^55~%$g=-DJv`i=|2I+$`R^TD@%{upzJa!Ko{f+78<6sWS`bmqDx(Cj1)ZxMN|}kk z6#tl!d20K`cL1gA<6}^3g{HF&8MiU1dDpzG5ti_Wd6~iA}!Q_R0t6 zR(t{t@w~@9PdFbGjrd!(C>`xucgnK{uR}tHS!;w zb27iW2-tN0b9`p||D2v39&F{mO%zlACs({jouBM+D+PK`(f|-a@4mAj=n7|QDE%NR z>EmvOexKtEMa^PLK?hg|9|OSu9aPZQM32q6%pj}-Hi%H8`3F%F&PoHRPS{}T@2Ua+ zymx0c^ncZB|DrU}|Fc8;{C~DR|8J-W`p>?ZYpE>k#|D^xYf}ICt7bT`!@rvrR}8@NCn^1ME4yYuSCqrXTCOt^rgH;FkX9aL^v~Kq*rCHW4|>$r_c-Y zr2c*NmLA>RJ-my0k?-$_H(>?AS(w0u)CwbbHZpp%1Bg=ct*@Y3{*IU*{Gt{kOeJ zxh;UOEM9~C*Wu~ufqnmfcDlX)-$>yb|3{Pq-HDh>mMai{d;bjO_Gu1ZQW2Y^kJEsv zS%THV|G#=Bt)=q@317Wua9zFNrf+4&THRAH8W_atHM~QB&NE|1!jsz8U=_^3xWfkl z{;bW6dL5J9V5fQ$uhvuFNL68T^-ii)pQg2*e-<`G5|8zEdKDn*h~%CHA8_=M`=XX% zRB_^g-x;*=;*$qWWs41bUj6<#d8CtZ3@4hkWQG>x4n+Y7(C3sLhg`P>VFAxa=dG7Q z6kE%uv<6>+1g$$_Oy2-GFKwWJOEU|YqdR0L{8c+eo1$gj-)V+&w>}looohCSe@}3e z{tojucE%TwlmDhNPs=(_oGtnPN@u~Q^WWj2o&R-oa=i8b+(;1&UfbLK9RD1?+1~%t zarbP&$y@nl*22`ott<9K>~6yiqq-Z{uHKz9m@e(wSpjQ>Lnj0uW-#r|pYzY9R(mwX zPyczWjNUYWP4xfd)Y1Q)9&Gi08!4Q;tGI9dkbV&_a0P;2>)$WCZ|U4$*7ke$tM_f# zhdZw&m%Mfq)Y<^>J(|Kx0RY{!2Yog8oJ|0as0|Kj3%k4J)ufBrkr zmU}f`z&jq!M7LV6OQ-@t0QL4e+OOWVgc9&4wLE44GYoHI1Tr*68A?L*jL|eGjObZ6 z3Y}W3cC4lvZG9OH$V&QrSS|gxuCJm~n4w69f>_nBN8Dz~Fd;y6%_Aqsdmt53AVpbW zlz|qAz02S(CnQJ-`JUmWR6K47Uv09MDmCOJCbuvK0bjEC*40e; z8w_RrA&esBB4Dk6cH#AjA)lh$TsAf4aGu}=$|xG<<9!&%~at||>ZQ{YbGt_Yw z6Bzv+#xMy{c6D9z%Jn-^f{CIiTErOc=xnxs2CV+8>aScmXwLBE;s*krd;5pBCh zDluScXECqCOpE2ksdpV+v-rx-lC2a@Jx+=pD4I2iGCo4U`(7?kjwPlWve5esqA|Yf zTNcViw=HF%o#{f1jRg&wraJ7R|dR zg*d$$mE$|-d$9LVC%F#fO2Xc=dG<~orq>zCNl0Qn#8Dom@`EqFdrz=DX@|%_lja*1 zkLN%;bgiskWpnk@zAJjVqCTtW3P@s3&!sHI ze>6$OZeyI}^6v^DwQ08jwXE&|SnEp$oY$UMr{o&Yjc)h^thMn>qgabJlTejCQz-h8 z6DWSS2Vd)g1MlA^O5vdISMBStc7l52RXNy)l_CH}(aae~sF#zql2U4BPajc$u|GZ!uJoU5zO^6p3@vkfyT2z@bYtxvINE=Ib8Ac>e`O?>Y$Tx z|J};SuKaZYR(Is_D}N_wYfa47VyH?}10UW>{~;w5coK{y$Rqcdh|_21o+0Z`kLLN& zb8_^<>N;VWYsEWjx9L4q2g?aEo}OCo{AMUBB|9Z)@-EUEQL_$sJ;%H1=c7lg^~;t@ zG`BxPp>UW-m1+mi7Vw^F%xe`R7lPGFPmG{LWiM%`MO8g@`zo#RO+bBH%$EwwbH!05 zt2!Pv)yxCceOG2{dXNszQ)9w7QQ3B@?5SOED71HBc$r=aVplPYL0!v0bu=S6tk~7|)Zr%0>0w8=d zQp1sjlch<{w^p%y*QHkfC;w%l@+D7!xc?~>XZTMzZLbk*xc@&mJFxRV933BS?Y}ot zto#2^sc8CO!C|TI*{~gesRHEo09}q68sL3s0c-LVmiYeq^-1yL+!MueO*F3S_m2v7 zTzk8q#_#{c&i{3EGTQq8ZKPP=zqY)6PynsF$3_DT(0jfMaL9m;c2{vb6c_XrG+{OC zz-7Px_Zb|IaVS!bHBf>k|KH;y`};pRIoZa4-AJkU{*C4BlM)ymKUSJxO=8V5f`3hP zU#3(%I$7A0lV(nXLhV2KJ?V~XP$*fYDT zEr&%Wlk%67%EPq8+~GCrwqn(0yt-Z-2mGJYz}`2`P7|YecG>bc?YhT!4?e?u{(zst zB$#XW&Duoi%Ky{(ZH(#k4awgj7(HA>QHCh3&lA^l{u?>^pVPx_{*TQRi~m8&2uz~&`9h}WD>;JovV$uH_vAjU7Zy$8u+A@!g+&kc}`&4KR zXp(EFo;E1^WIbEmhf$Jq`};Q}K~3krVl1tLHVkE_rrC~MogB{)nR6qnq5S&>g(Qi5UY&RhT>o9!fzN!p zc&VIsynI7a?O_aqZO zj%tL10oa{rzyI^}_~5{8z2q(xOIs|WwMc3Yt8io=4#1uO!1aqP=Ixu8f9s0D*@;|@ zFHYws5Yn?&PQR1cy8lT_d+~40v9_hp(pLVvNl{1(^Dp*A^r!zHjU4;0gQKng=SGSp z{}nEJfGv10(qD?g$7=~@L*Lg4KYvKkd5P^ORcCEZ>vO%>Hp6Tk8J)wI@{`hHc~A9UwYg3D*%-H=21!jI{1Bw09%&-7h?JSnLqZ- zgO{ZLZ{Q5|W&eM8e0u8G|8L{}Y^GGuf408s;Q%5!$s^_gdU%z-u6jM$o4}~qCTZzv-DmM2mPqyDJi~X)kNB*w| z;qQ(ApB;@H|KGE%|KCQ6#sBrNZ2j{8*a-Oc2>HJ`fqoUiI@+JWI3^*?k^WG{$CI~y z8sDw0twq}v)?-_K+~2v=F%Qsp$PJliA$kXsiLkV;dRJk0y_C1-W8l(j&_91K0>ZZ! z)0PlXI`V%Nr@2!&;3ocm?7WXyz%^Zc zn~0evT%O3l>P=-BO(-k02o$Vl-%DUkZQO2ggVl_D;e)O9Su*IR4dSZtH;XlJ!wRb* z9#0rf1@aohahCY1jR350w++kr7>l3(=Olv@wEqc)A)@p(iRvA^8%h)ZKXC5<4-QVZ z{C^{b6P)W`FWFbl7aQ=^UWMPMi*TrIobMqCXu1g7h!+mzeYyI{N+FD6#C^Gk@=x7) zS{vC;&!WFF9l#yWFuQ8OrSuodBT#=>6GcRsC$#LlF^#C(kI$K$pE@o~q)6wncL+wm zWjIG~lMn^sH)HCrVe$}YukGKg`ZbBlIA@wDS2?*EiBN;PrQS#-9Qa2W&174;mU{k=X-M(q6m|&q?I{iX|LEZ4 z%+CLJa&)@o|C=cF$8E6>hI|_g!zoNVU+J z+0}=0in2sErIX{AS^GI8K|-QJP0TweS_UGs)zFi@*?Y!o0aOYpy(gJ-gl`5)wOj*G zYQ92yl9OzClzqa<8nLzlfU1l309MIGeo$Xv8j=Od9@=ixqCxA88Wk-lN+OY@j;?LT zmhiRRvo-LoVe`89YrQ*KAhO?m?BcQySbN&iVxTV|C;v?)mE8({f8tUv|0QF3d2_Xr z@Yg2(`^eJ&j83=tpEp#vis#L%8*q7ZwbCVz6cxpe@#uVNls%04ETQaq0zj1E1Z}s$_&TcnA|4;1ue@6ee`u~j-asU7N?|spKv11-P{bva2O#ju?|J3w< ze?ts_o5&ku@9#fd>_1(|!%Z_w7*tm@c)&owk&p=8+h4-G|+$X$7KvD?d0-plm_~LJUTkI?Z3A7zZ)vr{qK!fY`|9= zl=NUlhG1=>@9H|Z9bI>3(6bJ_=303F2To(I#z2PxU@F0m07>|iOuop<4*&#v0mx83 z&k_oP;2F4|;&2LP2qqL{==V9IIZh@3g6m(o!ivmu5V8TZE^aO_etx<4|Gl~?yJF*U zgF3F7A_3U$T|B6szN)uk0JVj46`6ib-U6f)f}QlhfM@-5PI#$KW0T zM#OOfU;@k$p8*)(!w0JOYy)AV&+Ne*sx(nE7eRG_3j{b9-Fp3JB|KP8<|^T)TZD}O zLP$|jCn5P1CzB^Ye1gSJDd0bU4g!56TB>LRP~$e+cys>T$0W51rUuapq06?{j&~#n z+~*+pXYkJ;Fcpy!!K^E7o7HuxED&Q|M2i^YyYv4(nbR2U-)ogd0F&f z7g-(tD9y+MQ%n++`ApP}ql%x-Ydw7Q8l&rGhSzRx)ORR{I0-=T0>vmVlO=eht&E`v z&pc`T9K*oMRwf(`X%?!c|H0_9W2yxUfJ#ui+$Qrr|BjQ$w&45?;`|lKUg3-~rby>A zo`&{nHbW7H_2?EVBi1WUCamMuD0f?05H5>%r{iUCuR&1@bejce%ZKaf|B8-(vNYNM zo!a`J(b?JQHvj8JiqQX{jAELjBt$*={H0}&2IG*rpISwasmf@p_5r|F{Ae)9cf(dr z02QG3%=32ght!~m=^_k3un6-21e}Gvz>Fd$V;X>fTMq>wm=c;_!+gpfeg2gbh5!VV ztE>YMggkS|45k4HBDBDvLq{t~BLhbQRhP(A-zqu*WDPsgJUNyPM74Vmt81FuK}~$PP9LLVg7i7Vie{ivr;v48dzPs zHd%8ejWfDXDEYuxnu`rj%H|3X{`i(2vTfzRON!sTx>?Kp-_eni|Nr3Z^mr@(ZK81T zPRe|!e?vf@@b}GaLS|&1@2s z5AV=J!v|6T#H!-NfQz;lLJJE5j(XOYbYw2TXy?z&YZfcF5>}}rOD>$OnT{+eMm1N| zM6$MlwjRsvO9%Py=Jns#BmbR_?E9aCv(v5r$3}`N|MhMN{MVBIRxlg>^T>ZUum4^p z|EcY@cKHtkr4MXSxSM_hsj!@J|5BkY5LQTpV&{79PYbYK;E2x=aqz$g(Zm%DYa~Ml zm}=>?8z{YtsDFEeGOBL}eN!3L1JL7>Q5&%O*O5`%%73QDx|X#aC)$A3LMJw4mX zf14zQe)}itUb6}ED?UU}ES72f1f=nkXkKgg zB&xi(ZlTSsz{R>Geh48vSTn3da;ZyxE@2E@%jW6neHip&!x6Gj$C(U3DRfa>|y zXgT`N4WRnU|1}z&+UNhH)01uf=Z%yO6mackpnaHPMyv)VNk>~ut63LgOq&q6#(`$% z{aIz2{dT`nF!~aX#LfK1XL75!j_Ab8b-uNnyDk3GK>tfV|6bMTt^;nM|0jnBcK)Z) z*~wP^-$;=G=Y?aZ{MPw;gJQw^&<6W9QfGy5A0EJh_RcAa*q<3nB9!sA*Cgtqwe?S^ zXNG7dnOKCm(7g(UrKyh9ja?0+M^q-UsLA6r&vC30O2~C7JSEH0=(Amb=xZ$0v3xcl z5WaOm!C$OB7x+53Ll62XBt*f$^-JZsD$wuc#DhGWGm$|&Eg%#IuiW0&Ia4e`enR1r z!V84bOOiflO^tjO;t;}Zy6jXTT7@!@AL~1yQ%L@JgwAf^o6&p zL@$|(G$0b%3;WW$Na=h_C)69Jz3Q{u{b!6YF$6!$P{a{9B)%upLKFko`#s=aGH zVg8e*C_HaPhV^a5TD6YFqHP@~|K2h1e$?*o?Q!rsEVbvqbP?`7ux|noB?Z?nZ?D*AN2>qvfepA!`(t^+Wg3qpNee+ zlLr9f9A)Bii)4Vp1Ph}3U7apVR4HOvd7jixlPWOKQ2S|BsXB1}A@kTx%M)f0SVlK& zGAL4mXn|Jtp0cxiyQ9T;9>?-5QG^!Kz%Mns!Yy@7vKc534MqmXRnIc|jEsapJOPfb ze=Z#ZYc$W&D9F+{`~4M#n_#ma;jDBaG>)4}$kp4iXQfQjDF3F5u#kUs0o)EB$v>wY z-r-~daFUZE-=8vzOCn+O_DqwL)d$DO1UrAgWWw4P7h;4KDLFCay6BWpif?07#Jegc ztL;jA*YS-fu+cpprE_|0~;)PNHhZ{5zSVn3PDnM6RWsx6@$Q*8x9HCPKD zib9H8-xuhcf(--48JP)_%F-W{qCCgRgfhB^5<1UV?F8NP*n*gXkoORQ`zcBQ)LV*! ztC_a4h0|&CzNlIY+f}mKZMDV~Stq&AE$V2J2n`Gee)bW=C`Q@QA)U{v>l%YOt7{C- z`=|uGVD^0d*!pN)>)CNF7P1xC|D>f^{$~fpwaWj8rw4ZahqI%T(N_N7MDfV~(3byi zQWW+i|5s=o9?!i`If*WkdF4HiDb96~+5Ye)8PZgiWzSwcrKUl8qGg&qZ(?jcuOdmr&`KiVN<&TR zz#c;#SKx+!26p#+2E$sQ+sIJ@%f;Ez2-opP5$jdRN)>S`EMb%n%`N!UhSqN<^#L8} z+61Nr&O2+!wGoU(7!K+}vudA9iAS~>8Ct|ba0Kz{WypAKugE6Q9LM{g;5;WO z%4Vyi{^q5g|Bpr|r*{62v(YyG`(}z@=_JV^mXW>LvhT5V$2?&o1^*(qpqW8(3xZQOwoPa5bBOz9lJ&CqvDpTIY zj|7kf%8YPiFp0nf^040tLJ_iiGYvmx%9Og=*hAMg@#@N$L;YkcbFD3EN!SEh?e~}h z*~4%+EG}WynbzB9F{GncAz4+Ea7ylz>X$R(x#i`C8%$iPmXk{SupQ^U)D}bL_G^8N z=ascQx7QUmrXsAG{R#L?0ZgmXi+N6fv0y-UP;R7LT9S`R#@7$%UoFg#$8CwnD0keK zT<|2^iDl(cKXZw#OeSMrW{&^EzHWXKs=j1xPW$9OK^dLmluvgCbIhcr2Q?`ncof4I z=1lFUvHt_Oh$2AAOenWNh9)qJa54e+Q2!Ze$X##_(hTk4gyt}gpYb2_bdtdc z*;V)M5uQx*;2Z=;f%B3ZC8NER+aw3)fIp=3FywUZ*)1BA4DIo!TqlT0@{IptdjmyJ zQWD+B3+)VX$4_D2d=B2A1wji$HCHscvaz)vLF^y?OagJ~U2fqQrQHa|5C%9ttb2WEZv_X80XW661fOQcmw0`jXY1+I*QYF5A5IKWS>s8 zCwpo%m`$i&^@}zD3a11FHwh+L02R%31Paj4!G|63 z*T?22aGWzP^`U9H6`DEoAe6Bx!|4+4Rjy&pM@;!BrXD+6BuI}7m5 z$0lRXA^>}-?`hRGEb%Eep#Z{zN9`8eJ0Aga@nP(Z`QIEDU%#F^6KVC0*ue2Is$r8V zbKia{_hid&r)=Q+aw>LE=a0ub0lWDtoM1XdQ8llxJ%6;+3Jw27ZVe}yf05fZjwza2 zX=ebwa07(@fwS1UX=lBu8Lx0CD9;1daZY`s_awWE35-Bs9T)-~hVM_;>nk<-Uw*45 zZ`xK;0XOJ>Pu=|gXQ$iz|C=es{V&grDLp)XQ=44gqPElk>zgJp>`tyTl)?;^+Em#w zCF~0Pc44%n5n4i)zWV*APbabI6?s^pP3#r`kPefpal^P zFuf*O4&$IWiJRtu>h`$><#MLf?ee=MbtVK3O#(q^1aK>0)K}m=qk-cXP5`DNIu^eV z#|gN++W#fNIe3p~PT7jwBM`y_@O%>44CGUomwjTYq^0-)Oi+R{sJZIc5{UnP)xs`tza&;irW1O&N?1&xQxXgWcuHTW>7IP6Voo1 zKPv5F%{e;Z~I*ybDE>Cla4meN| z%28NGrt+`im6o#?CzA|O`i$EnaGp|FuUc-9@&n_~u0$(khtNRe;eA8ZCwa11^wTv_E_Ec&&UpPhl4Kv94AOsH9V*Q~>u>vOwa`@0Wg zwsyY;F&N{F=08cAsDe1^C@4ZP(in#*07FJyoJnc@JO{hGqLM~YSkH`8vm*shXV(~F zQR~sgU-6C)M;ndNRO()+X}vN`*$vv^%y)P- zaKrm|hE|lns3Hh|yB(%44oo7pzjHLnq|1r%YnW#cjq#nmNwhEvmiM#P@2(8P>+i9U zV+JMeZwZM5e|>e`?pX%~%=7w|&HIEQ-K|`Vl4lPo!P4wuw`#1iR=EMB{l`7JYcf|4LkKM%aUCN55^edJf!vLVXy z*D!$-lvTf}*c7G6DJ4$oxSn{i=Y@4A7mnt;yTd&0KtmZdA{lQ!6uIt%s{{WX!Wdnm zEEhl7jF`*@b96=N9LZKv;JGZ{I%K|wi8hNP2`MF#dj$BwHYe;H2Bg$v$(cM(S1p^9 zV!@4Q-cn?dgS8h~EJiLztCSSfWIWJWAzRvtEv4Y1`gWy^Mc4?C`ol|Zcn=~S z22GxUm!ET#B{1f*iU<;(f-+J&5Di@O8)JO68~mf$sH=6*>$+Xb4a@0nBW({1Lk}Ilw|ouoK9htT)5u7v&`=C zY?}@^RQ!aA^1H^sV#j;|Il0L*oJDf+)_)6-exuX{e9p8CT7g4!Y<2`%mdPcSkNzDA1vk zWYzXJoKM+DcacQuZ0>ed-Pukty+W59Bbb1B%E4vxFmzoyZ*VrP_HFVCuGGtC`&|4Z z+>~zSW1a!zyrFJ}(ijTqP)@^^xT`So-21e3kCigMXY&}7*N<=wbFZ&j0ch_tZWyO6Q%i!*>6@S5GzsC zk-hL8&wtAaYTriXy&c=@h55jDd^f*|Qgi>W{6ALo{%Vf@e&WP`Iz2hs=KtMD`J?g5 zv$$Q=cvbyPrmWO(8!8k1XnBVC<3ybogeR&l1Z%Z~mn?5D|I|NpO&P04WBtR-g{FJm zT9Y&mIfaag6CO;+OmF4U!dg05Pi<3#apT3BelkyucAqt=*z|Z(hAh;zY zHf@IrUQrHE!E+3lYT1s~RR!nK``Rq?F)?1ne`@HzigNrjrt7r-Js6En4{Z8>a(ud_ z|C=by^q*}5wgujk7dXtj^8lD6gtfN=R%+hJKbHn5ya^Bc?Q0|Affv=Q(;4Z3z72v? z8ky>Z--yz!U0Au_sAnu0F}=kwD%^R+2xis~j?)r*jolk_-hqO5?(mcg2J`ceCfq1X z#5WHor@a%)k>bjczE|0ITWaaQyd3?cnN+ML|Nm%oGP3hOjkfupHdCCCpjz~7WgyF~ zYdX4tAbxcy4GT2V&ibN;A2X}!)7}&{Eox~xfb-U@J5k*d*ZJ!z%chd586%40$FRM; zyCdZ=-SN2wP-8F)UfoDgvH{eqjPIrDh~N zTKZ&^8G=AW?!{*ivklF?-WeQPLw@O^15*b=(ayC}ui(};AMGH0EXQVB(El0AGaRmw z{+}KkJM@36|KCh$Bmc_{(2?$|ZR4Z+sz>b{pdNXS0=&9S>a6YpsDrdSy%kQ|>Qca#9z(F31~6P_Y#l;bUlm zMK^H&cW~g`lf4urf|2U?{Wmao1w1xt8*X`;@9oZd_Cw z&l3@o15?07&Ipw0f;8Tus1P@)=RwQC1TRnmlw+e{FvGSSroxS}z5P+)*2pWAzdF-z z<;hp}So);(aq!@u;I}_@6c+eKtNJ4ccciO5Z^-rIz4K(lMI3~l4j?J<-kYrF^uY%E zmPZd`jlSP=$F_VQr3L@b$b8wGe^Hvwe~0e*@8D<~|8XOw&H0aSfR3j>v1$A~d7dL= z+5m_VJV!sRa_!MibRaZ)^>Ho)4CTXMW_dE&B{=TRNHTF`$L?tWj<8$v8sU%ohLEo7N|QvMYJ@^P3KCk7og60?y!7 z*FQz8+WVj1tkqck0;q)SPjdxSOsVxHP>F=fYarKMQ;VhQF0YC5iyXuV(%itf$XRl0 zBfTob*0*6N+w#at4gb&31oJ5IBt;p_Nw%y2(8T|bZ2RxSgVVFE{r5&nGe<90U+o8- zmEmz=z~R)>4-g^@F6OyIn1n9U%mUR0gi{pWarvWoR0M5ApE1pKU+(=Mz;6gd!fE{; zCOjuMr<^1KGHES+CdK};Lw?AB!khY*2|9?PBnM7%>)|`Zs4p5`(JKk3#T7{UlEFk< zgjy}IvOpOg`+}^3fTSY2!p@K`!AZ8$`Kd*HoN(Hncg{5G5pbF$$Yl~-eXfFtWpiIcaLo2e@@Rlr)mcG7d z#LWfxH+PGGh(>@Swo`*ld|!NGdm^z9|1%Hw#A=v}T$>lDXtU$>KHs_^Hn0TyVaSGWZ$OBmiOVr?D2+nT_y?B z5YwBSq^YX|a0m8rtoR#y5psIZisavf1UyMdhW>x{-h4Td z8_64-zw;@u*_3rrOJ?!rT7A}I%VJRyd#Xq-NtIfoPo_pjAej&&1JOW4va%(u^=quz z_q|*{$r`Q*0D-vjVjT&aX%#bYI4<`e91i!(2CDk4Lk{RNt@vKe{+EblVf5b^|M6h| z(0%{EcX+(f|E(o;!2fbRIIO^T0FW6yz7Ai04ZbBp&ks!W&!qA_MiL(k1wz3iT*MU2 zakng>UBgth48ston8Yx;&YQ4qGxEonWtU7!IVUl>?WjP%RJFjhN1V0mN#D1n2R;<{XuZpk=KG zMnxrR8j*6i82{i{aV|?`Trz8xR=KPh$)>C)tQzHN`b$IZ)5Q9J5zDb$V`+9<&q5J0 zaF?Qy4#(Q*m}oyD>9TCyCmb!7tu8Y6vh}ywe!vn+CMX@FjOC}gh9z9?zg43{$Oxsu z7=_n~K1wfBt0Dhkg#D?|Xgoow?-`LS4lC3cHlbywd#dVhq%tU)iE^D^A$LK*|}Dy6q^3$?3MbU=f`cVWilY zWKk%iN&WTi`pP+ud#@z&C75eZoK|G);lDBxd%}g3&*b?u>NTgU-ZkUpTaloJlS&bi zlTaA|8U}u4Pr=xD4qojK!cZVr`q(<3Jo>LB!KJ@O#Uz3f8x+KqN{p>h7DYmBk?UEu z^pY>rU8lpymrq`i2=Snoh}-9Ru6ryN(HZh}igBDXoPqkMc`h*(r>!WUO-wCV#`XqTCz;8(WMLrwm0Sz*0hG_-_7HDZ&gDosFHR7@jwG zx}ZmnW2wJ|zD@Vl-$#?R=1rGGuDGSupY362;IM|T+n*FoKO6ftC6XJ)B;J+L=6{k| zIIAJ1cH7I0OCnVbV!jAPSSXwDvhKKKGNu);ZEDc!Vz1m(oLaJ{{Gwz6`LFWUqpz9K zU@-8=(imy824k1D8unt0i*e5>P%p^ru}*fA{dYHkMl`CjT9bFTgC7CWu3isJe} z{j0S{X6MwMGYIAjHJJ~P2TbEQL?3p*Rxqh$B7OdU+XI}Ui3eqG1ry&!ms9Jxe{rq> zg)EjHkarV zlu14WnFRK(K1?C?lyIDGwym(0zmfcul{X|Eh)bQD1ZHkaig0h7u+1&oC!4(b|0#+P zB`<#&!r(DW?ovYG1A0pWVK@Cgx1er&BhYaFcesDxzW+Ns-RS?fNHsAijPi3$lJx+h_(QVg;_p{I0MtS4 zm9TB#e*himO&K`Ib72nvqnya>rAB)p=t(1p+S79DUUfJ?*ZS12_ClXfGQ}aHmOzr` zq;g(?nplv}tZ{}i&PlqWpX*~Iy6p!Pg(yxjj25P#sA_H+2BkNTixDE~o1dB@z|B&K zc|@}YTCBJLL4X*0N1V{FTVj3kpJhyb87KG_!SFhcW_|fjp>nDSgOdjy_P1r!?;h-I zl-gn#ek$tyS?N?sEZ!+|=(+=jSqdIVs(|c^UkQ#ue+Tq!BK(AQi)`agvizr}ebG6# zYU{Y%tg?e)7CfSKxdf?7y>xA$-=~>s@t+n2cPOA}ejiXx_TQ(6d#?S*(ed#H|E(jn zfj4>?447C4jcBGVm{FM$ibh!0p#EuI8E~=343n~6u6lSxfMpbc9QoiP44570T4!*g z3FW^#huVV23jYft3bfAJhfl1(T_xw?ljHJ9QeS&(;SMrc_$jhUm#>KlTf(WwG8fbnjugB7*!MN--4lC+;Yi`dj z4i0>^bIe|4i0(i4be*W?#c9@h>M7=ox(u&3{J{R;c=)o0662{^zHrQu#lZOsnJn#Zl_zFZ?vVBK_aq z>E3ba{nx=J{>NHUC;gwPk}-{GwTf;~=r#%mGynK6G!tLt1rrYY>L^>(pzO;YrB^>y z!Ur{_RhDRE>#_b;Ny)Su%^jr{nk@1H@TB{Ey~Bg{Yk=!HVW z{N4lLCuJM^a}NOc#D0-CPrp2(*)KT!%WuD_4h?W96{kFp9AqP_k&p9}4SoDUStRIYHC@KRR&F{|Cn#{I{M|yZ_ZX7*s3+iwRWZ5p1FA zTk}0aMafq-COz{to_;krb8pd_{8^ zjbz@8Miq_lEOXbdy+eo`>W^0fOz?9?MT^?4uCx!g*qAIQtejgEmM?nT8h*WAKwE`Kzh87v^;j5fExV`)-N!;>W;_wfqIlUga z_@NK_lPs10+_ujLwl%%1TU4~YtYN6OmzNLVJ;P#I(JN}ie{06eGntAI*0CqL*a{}q zHCtd27VkzqM0XwkTB?PK0$&v^ho94TJ@V64(>*2lRaV#J)jJ(}+BCr)_xsI#7nfuU z&Q_^IYFDWmwPz8r8!ckD9M0nJSG^jteOD{$aeLok0IV)Hj7FjJ6qDPnbEU;Ete*R# zy7G(or4NPJ19_VrM#2wAeNl?68TY88+V{;Yyr#L8___u4$|756qDq0UT6YoQbc`tY zDWlQPfKc$0s;OrBBvuFu9yTQDc#*j@y=xf3y{t|-9we&zt7qR*mYJE_&b(Q{@@Kwc z1giTWb#{w(MAWkS-Yl?NO;tksK8jLn+MiX}!RkT%y>#a;bi@sou*^Y(O<+3-lWS+{ z<|hxeW2;Q&kR-b7Dwb#k!*PlC2+a=UuMP*a>wuw4>P~-A__@e0v{c=x&&#fn_${II zG7o#_(no3^^mAWvVITCrE;#}#snOgX%epnz9k@r$(g+r(M_EwO=5yuKLTK=^HQcE4 zNz!IX#<5aUDgUt)nPMX--r0 zW>1W2&8lr4#BFtHEwf}(tUA&en%fg2Ud}BxEkzafyj*;MLD~oXi+^Nz3L_M!?I*{o zbDr5T`n8t1aR{Dwa?A&wLjPncuC@&XfN(rjma5*_YcWDf3HCD(4SB}sX^djd(%q&+ zAR=}CSPqtR`fTXu+V|L5uXP2hRUPu&Ai5}!k8ZtbN-$vWE5YIs5Z$} zotTHsDW$WU z+gG&;am=M1j?8Oj5M#3MhimA(XE1(S`02|gHQxW{v$T)} zScCo7!O_vad;foMe6+d$Uq@KEj5h{aw4^i8!J^T3$(H)ZU znB+8h-zh>r)oZU)A(Y3;bnb@9;F zse|nbLVLb(T>s!$bP|jRoxpSlFoeK3O%wL&A7x(1(}&ua`Xgpa*!P zK}IQxgPE4vXHi6+cEC4;4so~x2nDw&iC};R;EjCiD*}IsYy$;WQ219eWZz+y5;}W} zCpeW9#@S?uDDRTY1x7f=Y>YziD;bJvC`uuY?W*^AwJa0QgGX7^RCSTFUG;~e`V`U> z#}9813?m$)90Xh^GPWiN)fYaxOu>c`p?OI$OTUsKKd|Bya5;@wJ}03-7oq@+XMiHe zh(kw=qk%#p|0J=RQ~j3;DP!i>v9<31y9dDksTQCJpwLsRx(@7m7w_(p%w4r2F=HaW zpJSG%e=Y(kxzVxsnZF?@UmmF0jd?G3H`#~(dDu>UQF`M2M|3n5P}n^!&V1(9w* zKHX1i<|BGFztMSBfnETA{L%ZB4DWNE4ggC~P(Y~`41N*j{yR|6 z>u8C73^r-L)PVm&h$bXvC|v{rHtBy3_g(*Ad&j4n_kU|i0_eRFvwVlr|AHL30ZO812!lrnhA2$Y!%S9_cP{^(m&zED)d(yo z^e6$rIzGj7&^J>r3JVfVFqB{2`)GD3wY^kR^P7Q?1jHiL=M>W^)1SZ(-^XwY zaRi4EufJWHyNo`d{`R)g2b$ks+1ERrNze~0?Vrn2VOBD*GlR;Tmu_UqUK#|6ADT%K z*{X>s>x#ZWZO!sill(_XL}n8dF9HCXG+uQhmT1%4hKcD3#0sw2}tQ`Re z$kHgc`jr?Cn z5>kGtcR$Z_@54nf8I8PBoT8Ls#J~`Z2t^`Pyu6*jOk7V$g|B^;a3b%1CP{>(`yM6I z8Kx-oUads4;&MgEa((;3#w3eEFhqc6v5@ed%bWyK7)2<;Y$BVQzz=wmO*~EdD(5xB zR9vJy;3CO$lX8Fm)}EXZf@wyP%_82B5WUhnH z9cV8Ft0n0lfAo|Cma`xrSuEbc2)0%|jC{kD3(a+y;*6D}FJ8%=RpmW-L~#p3>Wa@x z63t=`sLvzFSj+Kni_F`!A(m>;0&fvd-~+nJqUf$$@KM{$C8c;G8g{BP+_Zv$Ws2-# zjxk~B6-xQiY%xwo?sgWkZ)Y=kqqi#*m^LO86=L%5s$6 zunB$T<|RTNCe$u^i{nSuf`W3Px%V6r$92Peu3^KO`B%T&wEZ8QcXMx>Hik6kDwR)F z+7OjcOejug3vnGmSgEGPiHk{?zpz-8Ihl18jH!k%bt5$;35m$V>@J}QhUX+^DTO#r z=UdDM-IW!upc9-2okbY3`e!(8$Tq545ux!Si&a-J?^`cUL|Ff(t5*BlVPPqqA13j) z6b9%9QA|SZMqu9l*VelD#!X42{cJ71{-d&Q`Fc3PP>=~uB*FEoRLw%<*IWFw0db5dQx@myuQoQ(oVvWkT>_tCvm$u!pO0B6&ZFY}}x4P)gQPt?>U)nQYlD4Tq|HD$4qEQwtWC7mv{%`N7WdF5) zvU&fvmL!xtcWRcGY60#noiEV>%ou`on1Gc={Nu3|-xz`|(-2Im1oES#Szb8Q_&5ye zcUNpPmOz?f5tQV!HX19sS%lzIzcdh&=i6A-Z&F37$A3lOpWGG1`|cs3n(Y7gkKOlw zhbMa*`@gj$%l|_$x6AYb@!p6Yr7++M0H14R!3#U46{@%_=e6%M%_vH_OD1}z8HJO( zySst+^TgQls{_jK;Vt}9{_Nm6e|f`HrtGR#_`2v9ukHKFBSwGQ1q8M?)N)gK?e$?4 z^pdp#wz!qGaD!_4I4xQ((^ctA*z>0+3|8*qz^p~|$k&sY#Jj?^DELVi{JHOu(c({I z|0*>U15lbr#tesO2QUJj5Kz2aT22asOMaRma;JBB_}_IuZ;-@CoZ8F({2g*<1kfb^ z_gw#v2S@t{2OIgnj^w=mUorylteI6}09X5>POl|NZl4oX8|I;FerfLQ@q+R^?}+Wr zr%4-Q3vKnYEw-=YH^P>>Uq0d2itW4&quP3TT`V!ni@B<&qo6h$&1vZCR#y5I{dUep98ef_EA=eo^+Sq&HAq4nJx62Hg;Z&stLc{(s4Wf1~$r@hW$zI)AInj>6yi zR?_yDO4jM?t;{+UrhcVrK3Q#$ZDr-XS+ffURHZwhXrLU?%&ww2{2%&9sY69qN;mbc zO5a>FMP^g8U)@Ef`^QkK;vKsEFW$uK&j0KZRTELS_Wg7dokoeJ(%FQ|Hi%>WslEJH z)@5^C05qQej}Ob||Bd`#ODfraE*S?HHi=)12B4zPAFT>teYXJSLfhy7TIm3)hHRq* z*rX+-_VQo<*j)+GB>#^Nj$He{)6>oU|5}m|??0%i1+O8)!LlJhLh%IBnJEgl1VicK zlcQXRX#jN@;}i>TW!kdIuxi>GLv|y}bN=l{*5RKo#8dmw{;VtimH;wE6lh}1x+#nw z5ZH?01nq#WJO>x*Dke_;n;{)I#iOD=%#^pWyy`+a1zJ6|d)*Q7wCqqQamyI^Y7tVWb1{j_trNg}=<(VVpRbw^{Ey5(56Kljg%5%K@ z8l1(UH4SQ+71Q9E2%X37{L8O}r$3%G9V3dQ%Q=c*I0G=R*Ihz(6UI6sko#+Y8m z(M$|sUa4{)ryA>*rpFnh^6v1BQv2h(8irf+j|@`;U@E9{yS^il(ac@)CT21wPT(ek z#%+%Ur8OuhuQ(r<+^?iPFdN;2SN;`x$&Qmj}A8PKi87P zmVF0t3{afXSwe7}ikN)T`{|J8?66u;ixo3~QPj82R(@n4GvgSieK2U9A0|mO%L{y| zn{@@LdjIngUk(Ro*#9R7rTFhBdz<$^>q%n&za=o_a3umvI(uL(x4hhyHWL381t|zJ zmXe7G$~?jmVmkmbRaFRZtWf%31}9PT0|Z6X0DVX)yicOO<+5SVYX2f;88zGvg9K3( zAe;fi%?IQVP0;E6Ddw9R}=H#~PSOxT!o+ltDAk1E=^t?mP6H`sREaQr|~ z$Cgx?7PWs1Q}hI9;OyoS+>)##&!oIWn`XWv6#tV8&PezPKFd-f_$}?$uW%7Og&^;h2!eZu~};X|qo$nV@uxG6vqE zl;WV<6isBAmV$cs9gN|FEw#I~7j%)>FYiza5<>Yp%+bqEu4cu5yAj`*&>)@N+LU$VO z)cfSF&FXi}-j+7!`?aOY^FNMpx+Dc)!}b$oJov^oE;BU#sHu(&@nO>EjJ z1Efl?QK1)%QSdkjU;>9Y!YP&*#5zVJ`k-4@)Nr1jN;};NiPg7I2e)c_o-QdJUw#d4 zAY}+dn5D86m?WI@q{MTPSgWBFRk*b)ZNxpz&^f1>Dblqe6OKoOPE@ch1`5Yf?KKjj z!a)0GwVUTy?E%Gz!c;`nN;$OrM+6ec*b|{46Bm65g>7^oxzvu6hraZJ>urak5VQH3 z2oWEA6bBfwfv9I7bu@(5wK#zk!*IBSHdRgSS|#xVSx&36rdF*65e^>5Bx7g^4HuQQ zYMYUWE}>OkO;vlh=mE17QE;8`HVN(0O1>wEDmy)&gDv zMNy+<-{-&Dq4E9ARWof|41|~oGWss1(e(-6znUBAVw-8HW&o*>FN!;S;gwP=WBn3Qg%n2xT}t(a2MbuBjZ z9oV~8GWF^n7OZ8V(n6hTRk1n1e=4cO{}s%C`3uMS>)`+Ud#4BG`~QQD|BtmKL!~Dp z9`k8ek6u^-u7HzzkXmFIRQ5HqQKlQ7>)Bqs)s)y%e16{(pX?Lw|1;wxa0=6{f z6F=DRUQl7++vNURWmRvK3@gkcRmU~tP5XTr5K7K@#;ts0oZMGxRNKAc!(?@NC@?RX~LXt69&SkJ_2*AHTVi{T+tD z?Ux+p%MAa8gcW>W|Gg`#tH_;Om$)lLEf2Xu%y(ycuZgnn6A|*5C7?gu=UYgV*ausKTNEM4&>)Z4SJ4&MeB2p7!6icU0SrWFQL`(x z&&p-rMuY|^EG7&~Mv7R9!ogrrHu5*dPn5mYB^!vOFb>b6WDKve2{>*bOgs8fic~e$ zw!wNqvuEr%r8Wf)dH#K373nurK~W&*sX<1FJ*E3F&{gWCtRs!6pYPPqPSbs3R{PEz z{|-i!On!uusJfH6xXH(|V%r$Ks+pqPC4rVz{gh^?UwYwRFTExxg&d0ClQ%d>+dZ^3 zUqmQoBd-?OOMSf;svkTrBShc`U*ryTv*<*NP`~=#v)IDT(_+&Ih-IPihi<-8EaFOP z>IR|{St=%-)U8n^8be5pLUI3-XMWv@Y#j?90 zBtq0MBIr1{i6}q!keZ~ND?DHk^73o_IIbc?Bc%!m45l3)!+Z9e6Rc$-{Fi7B)ZZ>; z(4RPu7?V&p_={L5efKq&cWD_IC}pzqx*; ziOR(X6GN;Q$b`f=C0uX~q%rmXlOc)`vt@Ew%zq=Gle(7@QcM}4I)E`8-tY`%r09WI z+7Q);uU;5uhK%u%al;Xn9=Pka9hBAAS4({^e}^YWAqpBW%?0Mz1)vxSSt75CB%FDI z9M6P9IShPIP&m+!)5HbuBSMK-68eHG%rCb9q$G>W&oK#=yUG^P+j)<6ZC-IX${(W< z3RE6Ni<}y{5q9{-DwZg7<_nl_GRsY=#=d79ON$L=bc9eaf-*iC@3ZPEKR?9ismNB^ z$;BMmzJyf%A|llb3xu8=RBcCtQenxZYtoeEKa4PnLbvl3*fL)+*06ZE`J2~#yM-uD zF^rhn5j)@sM-hM#BkC;x2q+50g^k?o;;(KDJ{*c-swKtg{8C-n%ug_P34G$yKkvhT&-)VNt$z!pVNuR_ zp}#7{Vcu=yy?*iIGieZY`<>K?xelaOmzWQ(tz&9+@+@f`wS`zdUM|bF6_GC-O{6YX zg13%J(os6<+4zvaIMjI>CnV2ZH79LwT)9x^$*7$Odn$?!8na6kCKgX6;v!r0&jp2JpI4c(Uw z^?5TTe;C!xI?ohdRA(p4Z(%Uy~<*usy?)rF(&v1z&&RhbC6~K6o zGg~1~<~p#|fUeKulDiuJmEP0MjRPC--@(CwWB+rocYL_<|FD)MkI|)!Tj z0HLRR8P8!svH{}61GNjcXbWpZ&UDKQzlr;b_O}hh>RJe1ktgtkq-fKxxl|`!wdkAH-GU)YVX_0o%6wRfR-aERC+9!oAA% zNnIt>QUV;k*#g(;z3#HKNs_Afm1k)RgYg8#=^MUnvDN=Bvi0*5rJrP~mH)!q#^N?$ z4f22Q_;k;;|2jF{_~R!V|FS=4(qwX~b5O8aRva3Ef`F@96wmHcQs(I`+fe3}Ue?=mfhY=rgtzIpVf%D161DTs&+Qhm2LH)7 z&P#X#+VK8!|M0Z*{`2@~qyJk=QvRRBR4?t)FZW^D4ejYt%SU;p-M)BBNaAP)_VeHr z=!0+o)yhGK-WQc&ZTz@W4Y7$R)laKIk~J7ow(I7vz>R8B+}sK$s;?e=m_Jd-L86GP z)87U!Gz9~#@2QV~rdOw-AJ#+n(^q*URn^P@-1EgMA1Y%8Ld5VxEDgS&2z`_@FKpa( zCAwtaHICXi8X zK}1DGB@{6dO_2Z-B2Z4*YTmNRE4Wv)@twJ0T(Y-S6dcnK-;IU?j5i17TEk2zAT^^? z?(J~OWPeivav~dg^T}EmeoV)v1&=g(#kW7EDNgHYZmx5S7xh=LwNDo7=Rjock&Zb|d1 zx&R_Sr4cKd`&mR@6To7KK*nTtFt?BcYgNvqVFZC6p$^S06tGSAgJEnZs3c- z14>&dC)8&g_C3S5t>3@@m63ScOSvG><26Lov71J0_p7k{5|Bf`@B{cA;5gl`>G}2W z*SzySXzM3C*Ik%?#Vb&5PJW58xCNBXMNf$JxuOq?N*PU@f9RJWT+A^pNf+>D zB$O6p2U5JFX+PdoS|tJBg)&)h6AQc4li5w5Q%7HJCSo!nWAS;IUDN(q@y?lJ0|3w; z6X63e@1pp-oUPRJe$A+S3Hzwj>F)a}sNYI+E!*<8GFn;2-m>C4EWE+uumkca|GlwB zs7=-SUlk2x<@(>fgS{iy|NqJH=Kb$_Qpx|H=3cedUoBk#<^g4@4Zu_u)YAS-WjEER z`X|@sORwJwyD#CSCa_zs|SOdV(+lZ5eRi$O?SCvZ6WhdUDDO0u7jQ28_|zh$kHCT6)Uw<`*LRkf+~cyqPumi4w> zQol*pE@xpV!+{5ol@zo7Q?f&U5z6T{i^^y3+5yXpQW0RMM7XQc-U!PtH&x4j_2B15 z1XNoH1vJ@zA0D{!|Mc`|dp3Yca-)8g z))@A;?+CMNAk@jhM-cQAn2w#_VLCQTX4Gl+dm8=xy{}<&*&P^<@}CH*JgX%*idU{rTH*- zslL74Og@PvHs%d+(jM2fFivUj5!4w3n<)G@xr#iIV74-bu1JV3Z+v#Y7TTNK|waLMMyJ=uK;Qsk+r24b$4<@-Y~ zAi;OLo(Al)YtZ(Z4O)6%a~s&l`t_-NP2xH!f31nF*ZP|MT&lj;8rg1|UbEKA&8kix>P|yjI6~*fDn2~RpXv`S5Zdj}+SVm%XuB2XAk9cPZGJ*%@hi)CC@Qt#wH|O_$ zmOPuwHW@E5n(wOF=)+QE)(S75&Baz43~>)5cB|kNcqIHs=+y^f{{J)Sc#ModU+iah zZSk+-T=gQtER~r&j|aqK3cm2ZgA9}wj;zJw4nz3w!STa+1o6bDt@A-5-j}lOt_}*- zy~Iulg%5}`vq5Y|`7h71rDv;}_}14Wb!f{PRx3(>3R4_-ev(my#bcF7!6>MxrNeXsXT9DDcfH8{V! z?DA65Tr+GkJiohKhL4WMu@M1c873m?GVj_TV0iHOf3X23ejf$iiu3~NhZIjMt16F} z9Z_05H7&(hHJXK`iRU;5Yaig?7Dc*WH>cZ=|fc*LHESHvT>EMDQOYL3B{VbQ&;rd^+W`=I!~ zKo30?%TL~}mYu-3@AGfoyUV3fAu(NGU6>PKcBK%kzJ9D&^f%peF8iKXpx6b5u$aO3 zV%Y9tn6NQPJ@>`xz&j-o&*b_&nmWa6){1@9lLeV7=vzU$$%-SN`dWrwN@eg(7DaM3 z08Jj?fBRa}WO#g@2<5Yj({$q%sI5^wYG%#YE{!X` zzQHUYQ$%Mz4%O<&|1lr>7dZAWaDJNi^t9Bo(~3?`+Cki7HbgW=DdPC^rC3k9!MG}V zzEy)dc{Q&Ixk^Q?bJ&;)&wCBjv==0corBE!H=dV1vs8WmM~84p7l2LnUx)jy{nzp7 z>BjzRElK)+dVO}jEUPcRY&u>5$|B3R@sgHp!tZqf%D{-w{O*Fc%m(fJ{)_$4&FMcc zVqRK`zjvSG(J*hh%Pl2e5w+KoV$PmFEEFfB(J-vS4ZC)+VSo$mCjB$DoLY$q)Vl5{ z#gc4i>?HQt^V&FFjzAD)EJZ)y5P?TD10g}u7r(fy+yRg=ekhmE1N`1!UW_68FEn!o zL{v+8z5Uj=gk~YHC-TxFU9N$YWbvPnUDTJ7YVaS)QnVBR*y#Ujuk`-+;9z6_wU$)! z|9Q)&eJS2Q#R9U7_sbr?WFE)Wmr=sOQ-U@VP>CNL-(GUzR`~Q19}Qn#vIdv)wRZVw zR5!Q7Pf2fEcb{elR^`k~w9&WP>f*dh7q>#=`^0J%%jZ)j5qaybQo+(Ge4N4bKfzSZ z|4Xj?=N1J`=l|oAQ#bze;o*k=uO&&KXZU|#mL0IWd^+j`%Eedz2F!GWZwMKel;=6Y z8^m=v$lr0|%?YkO)t5$nnJ0W>1UsGaje?uN&(HpJsdI#v^;t z|2jE5-uQoAOEM(U@}QsELEQkK5odn2Fi%;Zn+Q+-@+`Pcw%rNR$&sqXaWcyi(OX44 z|61TC%Y1(C_NykKdhqSx|FRzHf1)r~O23Z}+^WUb?jo#W*KV-cCxOk@k?QcDh<~*D z_-{uCr>_0a$?-=2x1OX}hYWYWBoiRDaykP*Rq8nmf%IZ;X9}cqce4gkrEK6Se|je5 zDH`tvJ>?wLV^5jq`Hh1VC1p{08RJw-pV$+8=UEVH({$C~)cNPEcGfzf)|X#{3z5YG zLgXUn6&00G#7Hzn0uu;dmbHFjtF5^F?+?Tct(R<%_W-qx-D_8A#bfnA8t`ZTBf;xIjG&BmQnIEG##j)nWkC!lI;lQiM;hum=Y|ALanvX4uaNgzK`A2 zze)T@=;_~%l|4xqF`2TzR2ZtN{w~pj-mbWwz=z1RO1Owf|s|SM4 zC>T(%(govM(V$IV7d+_t|EoiUPG6S^3agz7Hp4=@?B@pz8>gtn^nA(aaBhE}9|c70 z=t6S+R;RWP+m<-AVZVQ}n$WHuH9uw)*cSgSq6Tcjf2XDQ-~0OqoB020Ngn1IV zAa_D}bv1o{aIbQ@YNqPT1a+UZ&7q#=cA%)1Z$BeCsv92-E0*%2Mg^ATB&JDJ4mq>6 z=uNQPJ2HHYrZ|4^#IUJDcX>HAPk}j4i-ZFO8!zrp`&NrEf>pr(3R4}bL1>5BF9V$bo|CtvUF9{J?i zyFKsG#jFE`{_S~A6uS9Nrw2V%wZ{jYX^H2De5^X16?CaGtjhh7yV$Csp_RS$sfXPg z)V&haoiEf@u)A_;bb;7bBOFc3Cb0CvPh!3zVX7Er2uNJ`-`@cllRq&Op&%u+tuC}t zsj0i0knk=+0bm5+RD>>x|D1vm#1U^c#t}#ej#DivO6%SmxkOd!iCQ8m&ZhzFf{PCc z3Q`n;pH!irMGTdc$ml8krhPCs)OSx1{WmCy$ZUe*v>T=ljdIID_$AWrQkbGq7Tuwa zv@unX&Erd}C2?;cnvl3NX`v{#O2Yn1hTTZ|l^0kMG3S)Toe2ski5Demb28hc|EN3v z1&F4*6Bxq>ei#fEi38DS|Kpzj4)#wE_crIhbtG^6hb0^V6N(AN>1-Z@pOPQ))!zH? z=FH<*;DmZu|A~xK(B(A7=MTJ-d$o0}hoBth0W_Y^41`&G;Nq2kewQ%q$GLippZ{h? z`Za^5_kQVA_Fipoeh5+LjvWBQUo+-+lZQtZqN%R0)q&S2zKa>l5S6|A@{YaF^3Jew zZMP>NsE-P=M2Bggmsev;-YsnQWB=8J-z)Lo6h(-Vm%j{Q@R%j)*<(ZkF{j-yV3Yp; z;KcF&aBy&Xyz&3LmL%4)caE250WMb3z}rYyQ}EiVRu2_r!|F-)TVe(GcE8C%d>#Pl z($dKuT#PYzEvf+8VS(;YEu{1g!7{b~{)O7ul3wLH)!QhKjlF4CQUaku$Fcw193TPX1%xK@}+Q)&rLABia z)NJ<`gYA`*+zLszsdRpHMWyA2@GikvkzR+V&&wuFpDFbY`hXVxRJh z*e@$Jp8pu%PFb`_9GIr}ABV?f|1T#S|1WDvGTgnI<7FTDbiMPP@`}={KiK6XV8wlw zzdf7xKh^#mhqpUDbakh-ynh`|Xk|I=`2Ex4*v;pkD)sr@7&OjD?Oc4B4>*9ulRh;# z?=Y{A@ELBt7+Y%FtG4udj|H34f49?rG0V$4?yuwsQHc4?sbT%85&zqsBi_z)0n~i| zZc_`-Q4{w zc=t1%>+Z)tJ0IEQPZbE;oZ~*7R674nh0uHX3y$$ZPXCS6aQ@rhE5(00J~`f;|JIVE z|1U%z)Z0=Z=O5@m-g14YZwkdQ<3M;nMxd{_LtnpMHRVi%hZNG;yk|&B&Va8*&PbXM zidKQ*IEY8Z`wrP9^TETG{7q)yqRTos)E49eQ&H{(nc!5H27NV1_EU?k2_O5=u0hPl z^%T)3ic{oJXEkY6l?&Yg=*#c@lG7}swe2~~g*WLlOO^azL5)T3{dH>M|HozjFUNZu z|1WDvR+J{r_GcOo3iku*@xOrA0f|$HV=zY11RzRtw*yKLV1C-pU=+8zI1hfL(vXJF$eVlp%ev?DLKvx>IA+YB9K7FPxvVT{gnI& zCsBVvNu$?&9}IG7(VA}+^c%%oFfxZ|~{`VBol#kVqXYbzf zj{WuS`l@f%S1^6))h5oRc1i#nlPCSBI6!eBEbCVNEoeNa53)Hyi1qx$DtyoqQIO7Wi0*Y7`r5u;2 z)i`hp@2oKD8@yXMVUZ7U-{|K{`>DNDwRrp)X zIvouf@&BnC|KV`|bQAw!EvbpMRW1OF*QukvxDoMOo#61p4%iwpgCXi7wXbJ*J0&f= zzSGIMz>r0|e7Oq!@{5$*rIhbv-fCHmEm&ef%D{PDYPO;KQlp(N`@6BbRr#!<++?9K zYgdKjqK))b)?4vjNp{_stIZkVvrY~CKSWa;psozxNlpC!@Zh*)|9iCI|7%H2{J&TL z-5I_tTg~%}x_#a!%+ktRlKjbg|7J-9nXiL9u-aO+NJtQ6n58HVP&Ywf7F?M98|Hl*ffNruVk{&(g69i5Ce}BL1|LNpt!~fTj8ujSq1<+j(IF(dO z1W#+t_&>>_NM6x)JqCE`S~>rBTJ0tS+`Jt~w}2o_ad! zgjD&i;-lQ`7popB&tw}NQUAuMNhyfL%;gFqHWru8Rq7#e=iJ|DfL4>5_&=d@Dt(O9 z!2b^p4jufze|oa<|FNFb$p6&>sAT;5-^OP)4GLC2DE=};#8x^^+;)K{?QzSU7{ z%pJ5EDQtA3pN~~avnrp}UTJLLjl4P+XxM{bLJes3dy${ZM%$y8Cb0HhzUq+a%f*<4x@Y*Rk8}9*s(SBNLV@j20J9-L z{kg3)of03knawgv(1T}!1U3!47(q5wF z>cs!&JO(z}e;m8#zfJtdb)|0ne=V&4vt;`VvHYd8`wgq#B$>ML|M?z(HsgPn{~sRh zZ{okLC3WQg3q1gx);$2NZfGTdx6#1=_l^&p_n-R*C#M_yzn1hTa0Am6(O5VSkt+Z^jZqAS8ID5EM-v!4!Ux0# zy+27WFDy&s#V#A8C;|@=8A|6JIDXgx6h$z_Qv?#2j*Z`89QOVMV)P)H%nRuu5rvW? z{~y}}`EHQJq9i8?B#43t$7s+Syt(`3E+rK8{shjY8?N`~cOb-+^#%_(eJTD|lHVH) z|4Cnp|J6T?A71kR(SNdO{IaM>K7va1}J6-><{*Py&Fj31f__wUQd1?^p$n- zct1wqo@PjR;$h%M?uZ?L(?2sng!6dm=;zPU%MQiEEG3kw>QD%NAoTH7MRomio=B0}LZTQ9>9_37zeL0H!b^4}efr z@gS!jMvQ<7d_*9jcnVX0=qCUsB$V;OIU`Mp=y8c!F$94cf}M(*1g951vaK;1^eXc6 z2^x_oB2Qd01dt&HAVoVM%#fl4QxL;6<3IBLR8*u*eIWyXF52a!{8_9R^dX6GfO&@! zO2&AIQxv|csB9O!&f+io6t4?Ux5fc!07)@X@-RROEw_%q1U@2DGpGt$CqUlCwn2f9Fid8ZS4Tn)W84r zzf_KY|LcEmYZuZm2GmL!RJ9EQP7uf`Zn!`Sj>Mr07E`!XZ%nFiydXU>h9l?Vo~okYf1eH8>|U zAyf|f*>DG(MG?5=SsA!R4AChH2fcs)>wi^@(ZB!ozxe<_kWv_;38asFsrV}&^m@C? zOub&M2)ajf!sG;N2?WN7qTviYaMsVjjAUX~>z6OhUcPFd#yA-BEdc^DK}@*)yG5PLgO=Fl&nbkzp#? zQZL9TXWY?@w~5582>*qM1r!g?PalalR0cgo_I` zEc|SP`BD`dK;Q}#+U4X#6dOoLMAq|->kbD4fMv>qD6#pOJU!~|4U;6oi1iraGnt}j zCd2@O!MJ`o>SbZ<3bFsDkj{GTs-Q@SmyknrReab%t+E z(M~>qoD1mj<1ENKKm#C`CZH%ld@Ref;n=LRm)9x6VJHY%NdB4Jb8;W?kqJmF*$)#c zzY*bFLao!DIrcL?KlUzxshC^7P~utj=E1QCQ|PLNID}bBI0gu~MC|1|Q#NNZ0lTb* z0czig{=g^#0*Lk0j50qz<}$*lD&OFOYltC-@k|K`;UjcrN;?W7@<0F?6)aswl_~Zl z11~h(mqRr(&K$6zGRQchrHJwMqS0+;_4pUT-?69yuZJA z1780K&TekrUY?)5etQAlp8c>R@~LzC8}P&R?SFyGJ8*M*{r>XJ#T#&a)jPZ5DCg`B zT;6dB|N89i@@}AtT;GE4E^aSg{|Me(-krZayL@*C&fdNSKb+m(o?YEvUfhARt2f~M z`s&T){pI!5-A?b~Z#TCWcX#0W7F@o&d3$;BW(QneoxlD5&E?g%;KdJ@_upNAe-GYX zzPr3X<7KwZ+OEIpy}P(Q|L*MS{_OST+speOcfdE7_gB2eZ?12_8MrySy}vyF{_WW< zxcUC}=KAhp2V7lW?OtAeb9;I9?Zvx`tNR^JRqy`t{_Vw}*V724ENFz7WlWuqwUr6fnMVr?pHAXp6HT$L|TBAwi7rdrH&Euz}#sdFZud`^=qYR<_N#e!lo zDum_`MdXPibKloq?=lw535SRp`_Di>)qT}`)1bOn#(_fjFS6=x?i9oYIZ-Lm_%I(W z7)3pKWTGg*2}X+e@_9TZ!gaIWO$HNw)$8pKz&%mOWX8v?3=PCj-`>0h?-i3j80-l- z8P7ljQ$#iQ7iTm6A(y<;t2Gmo0aMIjk(dx)ZJxTG_)_B|Sd{03HbF3EvTml1Fh%z? zqbv0yfa1tDM7d{X!I^l;2MT4xs>=F&1oPS~ng_r_sQI842-PM@x{M~7ux}Um6e@MV zftVG9`TV{DFW`1jS!~uP*)17qE}ySRSa=fWmE%c5INyvdYAE6eRbpX>G28|?W{9RrRDMYL3|^6#&)uNcJG57v2`mP^-q8SD5wW%8k-`>P zN|Y#70h|p!1*NZ%l>Ybj;_S`4i@_vZMH`Lx|0k#J{mDrThYYX4-?zTWqUZ`v(BH*}YrYql`TOpc zU4hKI3vOSZozGDjFQ%(d70*wSuIPq@Y>rxPNT_Q#mtN#mmi#Z{^9Vn@gNa>1{&Ufz zfTGl;mH(FK2w;T3Iiji50wbqJM4hY`AA|-j0+(@$=m-Y91pctQbt}(7vYZHe`1fA# zKLM{x0)gHC1b?@43C*{x{y#-P29Zzjcl04ZC}iN|P{a#@K`PFv;zW>+DS660^M7JY ba+5Y`lQ!uyO#goX00960fEe!O089)3&)c^G literal 0 HcmV?d00001 diff --git a/operators/prometheus-operator/4.5.2/charts/kube-prometheus-stack-55.11.0.tgz b/operators/prometheus-operator/4.5.3/charts/kube-prometheus-stack-55.11.0.tgz similarity index 100% rename from operators/prometheus-operator/4.5.2/charts/kube-prometheus-stack-55.11.0.tgz rename to operators/prometheus-operator/4.5.3/charts/kube-prometheus-stack-55.11.0.tgz diff --git a/operators/prometheus-operator/4.5.2/ix_values.yaml b/operators/prometheus-operator/4.5.3/ix_values.yaml similarity index 97% rename from operators/prometheus-operator/4.5.2/ix_values.yaml rename to operators/prometheus-operator/4.5.3/ix_values.yaml index e6f6e7a90d..1b78b12193 100644 --- a/operators/prometheus-operator/4.5.2/ix_values.yaml +++ b/operators/prometheus-operator/4.5.3/ix_values.yaml @@ -1,7 +1,7 @@ image: repository: tccr.io/tccr/alpine pullPolicy: IfNotPresent - tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9 + tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc service: main: diff --git a/operators/prometheus-operator/4.5.3/questions.yaml b/operators/prometheus-operator/4.5.3/questions.yaml new file mode 100644 index 0000000000..e4653ab8c3 --- /dev/null +++ b/operators/prometheus-operator/4.5.3/questions.yaml @@ -0,0 +1,45 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: Workload Settings + description: Workload Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Postgresql + description: Postgresql + - name: Documentation + description: Documentation +questions: + - variable: global + group: General Settings + label: "Global Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: stopAll + label: Stop All + description: "Stops All Running pods and hibernates cnpg" + schema: + type: boolean + default: false diff --git a/operators/prometheus-operator/4.5.3/templates/NOTES.txt b/operators/prometheus-operator/4.5.3/templates/NOTES.txt new file mode 100644 index 0000000000..efcb74cb77 --- /dev/null +++ b/operators/prometheus-operator/4.5.3/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/operators/prometheus-operator/4.5.2/templates/common.yaml b/operators/prometheus-operator/4.5.3/templates/common.yaml similarity index 100% rename from operators/prometheus-operator/4.5.2/templates/common.yaml rename to operators/prometheus-operator/4.5.3/templates/common.yaml diff --git a/operators/prometheus-operator/4.5.3/values.yaml b/operators/prometheus-operator/4.5.3/values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/stable/rsshub/11.1.23/CHANGELOG.md b/stable/rsshub/11.1.23/CHANGELOG.md new file mode 100644 index 0000000000..1ae0f4d05d --- /dev/null +++ b/stable/rsshub/11.1.23/CHANGELOG.md @@ -0,0 +1,99 @@ +--- +title: Changelog +--- + +**Important:** +*for the complete changelog, please refer to the website* + + + +## [rsshub-11.1.23](https://github.com/truecharts/charts/compare/rsshub-11.1.22...rsshub-11.1.23) (2024-01-21) + +### Chore + + + +- update container image diygod/rsshub to latest[@1b05e63](https://github.com/1b05e63) by renovate ([#17466](https://github.com/truecharts/charts/issues/17466)) + + +## [rsshub-11.1.22](https://github.com/truecharts/charts/compare/rsshub-11.1.21...rsshub-11.1.22) (2024-01-21) + +### Chore + + + +- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) + + +## [rsshub-11.1.21](https://github.com/truecharts/charts/compare/rsshub-11.1.20...rsshub-11.1.21) (2024-01-21) + +### Chore + + + +- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457)) + + +## [rsshub-11.1.20](https://github.com/truecharts/charts/compare/rsshub-11.1.19...rsshub-11.1.20) (2024-01-21) + +### Chore + + + +- update container image diygod/rsshub to latest[@e924ec2](https://github.com/e924ec2) by renovate ([#17335](https://github.com/truecharts/charts/issues/17335)) + + +## [rsshub-11.1.19](https://github.com/truecharts/charts/compare/rsshub-11.1.18...rsshub-11.1.19) (2024-01-15) + +### Chore + + + +- update container image diygod/rsshub to latest[@e4c9c9e](https://github.com/e4c9c9e) by renovate ([#17276](https://github.com/truecharts/charts/issues/17276)) + + +## [rsshub-11.1.18](https://github.com/truecharts/charts/compare/rsshub-11.1.17...rsshub-11.1.18) (2024-01-15) + +### Chore + + + +- update helm general non-major by renovate ([#17105](https://github.com/truecharts/charts/issues/17105)) + + +## [rsshub-11.1.17](https://github.com/truecharts/charts/compare/rsshub-11.1.16...rsshub-11.1.17) (2024-01-15) + +### Chore + + + +- update container image diygod/rsshub to latest[@406fe63](https://github.com/406fe63) by renovate ([#17226](https://github.com/truecharts/charts/issues/17226)) + + +## [rsshub-11.1.16](https://github.com/truecharts/charts/compare/rsshub-11.1.15...rsshub-11.1.16) (2024-01-14) + +### Chore + + + +- update container image diygod/rsshub to latest[@7018239](https://github.com/7018239) by renovate ([#17123](https://github.com/truecharts/charts/issues/17123)) + + + + +## [rsshub-11.1.15](https://github.com/truecharts/charts/compare/rsshub-11.1.14...rsshub-11.1.15) (2024-01-09) + +### Chore + + + +- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986)) + + +## [rsshub-11.1.14](https://github.com/truecharts/charts/compare/rsshub-11.1.13...rsshub-11.1.14) (2024-01-08) + +### Chore + + + +- update container image diygod/rsshub to latest[@6c3ece7](https://github.com/6c3ece7) by renovate ([#16973](https://github.com/truecharts/charts/issues/16973)) diff --git a/stable/rsshub/11.1.23/Chart.yaml b/stable/rsshub/11.1.23/Chart.yaml new file mode 100644 index 0000000000..1e30e16fac --- /dev/null +++ b/stable/rsshub/11.1.23/Chart.yaml @@ -0,0 +1,46 @@ +annotations: + max_scale_version: 23.10.2 + min_scale_version: 23.10.0 + truecharts.org/SCALE-support: "true" + truecharts.org/category: media + truecharts.org/max_helm_version: "3.14" + truecharts.org/min_helm_version: "3.12" + truecharts.org/train: stable +apiVersion: v2 +appVersion: latest +dependencies: + - name: common + version: 17.2.26 + repository: oci://tccr.io/truecharts + condition: "" + alias: "" + tags: [] + import-values: [] + - name: redis + version: 11.1.9 + repository: https://deps.truecharts.org + condition: redis.enabled + alias: "" + tags: [] + import-values: [] +deprecated: false +description: RSSHub can generate RSS feeds from pretty much everything +home: https://truecharts.org/charts/stable/rsshub +icon: https://truecharts.org/img/hotlink-ok/chart-icons/rsshub.png +keywords: + - rsshub + - rss +kubeVersion: ">=1.24.0-0" +maintainers: + - name: TrueCharts + email: info@truecharts.org + url: https://truecharts.org +name: rsshub +sources: + - https://docs.rsshub.app/en/install/ + - https://github.com/DIYgod/RSSHub + - https://github.com/truecharts/charts/tree/master/charts/stable/rsshub + - https://hub.docker.com/r/diygod/rsshub + - https://hub.docker.com/r/browserless/chrome +type: application +version: 11.1.23 diff --git a/stable/rsshub/11.1.23/README.md b/stable/rsshub/11.1.23/README.md new file mode 100644 index 0000000000..5f716c0ae2 --- /dev/null +++ b/stable/rsshub/11.1.23/README.md @@ -0,0 +1,28 @@ +--- +title: README +--- + +## General Info + +TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/rsshub) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +_All Rights Reserved - The TrueCharts Project_ diff --git a/stable/rsshub/11.1.23/app-changelog.md b/stable/rsshub/11.1.23/app-changelog.md new file mode 100644 index 0000000000..680848ae1e --- /dev/null +++ b/stable/rsshub/11.1.23/app-changelog.md @@ -0,0 +1,9 @@ + + +## [rsshub-11.1.23](https://github.com/truecharts/charts/compare/rsshub-11.1.22...rsshub-11.1.23) (2024-01-21) + +### Chore + + + +- update container image diygod/rsshub to latest[@1b05e63](https://github.com/1b05e63) by renovate ([#17466](https://github.com/truecharts/charts/issues/17466)) \ No newline at end of file diff --git a/stable/rsshub/11.1.23/app-readme.md b/stable/rsshub/11.1.23/app-readme.md new file mode 100644 index 0000000000..88624b986e --- /dev/null +++ b/stable/rsshub/11.1.23/app-readme.md @@ -0,0 +1,8 @@ +RSSHub can generate RSS feeds from pretty much everything + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/rsshub](https://truecharts.org/charts/stable/rsshub) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/stable/rsshub/11.1.23/charts/common-17.2.26.tgz b/stable/rsshub/11.1.23/charts/common-17.2.26.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e5258f6f3129524d5434c8a1ff4b4a1e6c82fde9 GIT binary patch literal 97960 zcmV)3K+C@$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ(avQnPFuK2a6)0*`vG#}*zbP?s>Xjv}SMSQQ9#QrtCvQpt zXFw9sa46i(P#jT?nZaRBeNL^_m8JA zX7vS}1>bG{X*3#*UZ*4eZ8RF$e;d7a>$_&B+ikbn-4=h}Y;}6g??B@TaLGLhWibA( z@#wa)o%==}7~zj7rkI2SFmF|06q%m^WQekgkEj>ph>3SUCZWgw0s$VyFkXN$iNST8 zATfbxWlCmf0H%yZbg;ia!EBn0>K>Wxvp7MXD6nJDgcO&L&N~|eax3V41oL!0yshepYHOH0r>o7c?B4TghBp} z*Rp=)s_GhivCs&5NPNA1fAW3+j*~b>Aqy6Ok{JSI^dICg3VZ@W!T?R8h{O!ADW+<1 z3IGF8tyTb-AqInB#CxXNJMw)hU!T9RaRQ70isCu;5EZ4N?+@kgBO7zRyej~(7@{%0 z%>q`h%K(E{cT*IC5FsD=yK6MVVV{O@6d(#n417%G-)xG&7=J=Om|@=!&>f6tg*dE@AjO{g!oj|e!-%ch00+=cq`f^P5_a(h#UX4U3 z^hiu=qQ@`PS21_r;SkS~83>7wF8Oj2e1WeY9A2n*18~@AG;|F)DaG7oBmy%+8Hk8a z0StY>_iMSE0vvil;^S}vyfB)G+CD*4tX=sH0m@+L*I+Ufu7>5WzUL%GRbR0lRFW?LTHie34BLoso4lcOx8GHHhm{v-s>gC5{ ziGTrTHztN6ipdB8zL{5m{BbQdb}j;B%c{i z!iA`_%N$-@pr8zeUW#4%N>+~MUbfm5;-jTH9?d=ZThl&M`10d17~(i5`Sbw*;G3DK@>v68cmmpZOF8*u!G` z7m`BCNxA_@Lu84x6K{4?BLR)jAlB4-OmM zPP>QNZ4b8lO*r;?TOJt$a;sM|2_;BSA?)1ae(N8GBmTq3$b5b#(0hcG(o4-g8`Jv zr)EKXHLK6Q{gxunBeUo-CSx2RJ#D3$b(MsCDk}aUK6x;LBOG9c(+wH={s8>*U+R}1 z6Epic%Q-qfujsw@7cRT;S;&Y)VGm%n#lVD-8D!XlL9j3tpznj@pWgp+u?L2y*B{PK z#J_L(zdyeJ<>K^e51bqw-@N~LdUbVna%$??XoB|_=l=jgY&6v8RHgt@aP|KEwMJZu zhQr=5jHpc_F&8dBoShVp`dZ@-1b}oz1LP z9|Onjq>FZDtB~8}D$X zVj7b2qo{E4@$BU6=;rw7a;SGv7z7G+RnDdE652+@w?IpYR|zWTIJ~u{-IP#vf!H01 zZ{3%dd>Yv=&MuGL7o4A1kmwY~TvX!w!$r#7_2(FgElUsPQE&$re1`ZT)$f$J^dpWb zlV6TWIK~r650ZAs7SBVUFlzXK5Qhh#+N>%hj{*!S($j*A%|jF*j}gTgZ<7&y83|CV6;APndQ;>l0g5jK5#)XpVYo1fAq>bwK> zh{TMlKb1xTzI>@>fJ8zAF*=BR%@$b948R7dLon>D1 zVm*)xmFro*aRpvz+GvjA#oZLeNEl79$9qt@{=Wy{!}YPVv=w-JWvf^BU)TaWO+9yU z7SphJVMazT7y7)$=NwaJZTk{^OTD(cV7(sbJOTkDm&`Zds1F$bE z%aUTCB*zfe5d~uohbSwhu8w~V2mC+vR-@6ZH9B>V z%~@(m$(d zi3n19M`B-<&_Anr7-t&23^4P)0BW{Q?tRt9{{&Ny%kYbDt_O3Ety%$dkLBmTVwF1p z_=^zEuvd%b-YQ7Z+*<}|$x^i%srit>p-}Fgt~~&9tpIR~Lq1lQddFcONstJ!9M8-E zs3Aw6Fl9KLTz)(jpY-pV$4jq`xUMGJPy^{%?cKX$8elYk+5rP#E{JoHu7Jyr0%^)1 z!(J^M)2GHjwq%BHMtrVqj;VgZr47WF$390-{xahz+EAE_zis5{Z1f_?)7j_|$ct%B zgtR6<$sguhBFu}1!I<|2e99(pIgt%6rt*4VAsvUMtw`^Xj13t$WK6ug&}a^H%|r)77F`BSOV!q-}r=J)X6api} zDSKQJE2IBE|Mk>u2t(pV8ahTX!(;40wjqFW7->$^6xN~3BnXDcixJnt{oP9DrI?!c ztyHMjdV*Rr7>OF@SFQmnKq$4n5C!U(0c{0ey~@>yN6-`H_#b(A9t==!cqQDzPr1H{ zV%E5&b*-1h?Y_PIkd}UX`9Z_Jcz=C5tg}z75)vkDc2fj>&d~pB{7GPV3l=01!;VAB zU=ZMN0zQ8Rb?J*M+!nrk0i%WGURW3QV#z9`J%^Ehz*%6-I?9ZsOUU*%l!WGrK0;G_cfDF9i9|YJhUv?`1j0s`Z%-aDc#7o3s7Drc}<^>2+1iUHY+eyO2NTzcR z_;w9Il#!>z!&Q8HAE8iERZJbi`I`{y!5wB(IVGkji1t9F+9n~zK8m#mAD=-f2Fn`U zrx6J$iPiGNf0yUUR2uHMGy^Q(R^cXhE~$P`31#LRiPhhckld6Tn=P~HqbZ=B@k}Y>USz#d=Ht}qK&<~NN4To`yO(-Z z3C~Pr>6J%{IMghqUa{O8Dw7~VED6sF9Wy*Hu4A&#|J_#wjSoh<-tN~M+6SYLn*Br6 zL0-Gp@ce!gBGm8oJKb&@js5mP!-oynZ*&e}qcLjr4?D2qA2fO`uhTtfbsMm^%QFk_O90z1d8$JQ%fo=r<3&Ll2HeoemuL+6P_KK0Ndqp4V%(Mh(wH<9@3( zZg>0bgHC%i8aJD5Z`|m4<8gB-mJH%R>_e;3G(|0smToWgXz~2r3tP^l$Wi^ z!Uok&z12ub+HH>xQMWbj_FAxUaEQiDc-ZQ74o2O>Zfo4=dcA{2t1;^Mu<18i-PWjw z`iIavIE2lv-x#5#sKOw^;TrUm<*cdMJWMfcb`Tu5$6l*w>vR!FMo!)IZ?*={wPha=c( zjr-kxv(f8z{l~xTK*z^zDtxj{? zYqa~z8RiVe82Y38VyvnaBiw5pbPq-c&BNxX*K75gJ^!F{&}obh{KHY(JLvVgopH0@ z?H%-*-9xY2>h)pMJLon1es|nHJn)wy93vm!o4}${F|z2e(`+3aHoe19&pYgmo6TmY z?fC}>;K9g8hi!C#`duhCsrF&3 zHEO~U7e$)=g9C)RYh%Fa3nD?_)ztn4$LMVWWB~ zy|x;yX5+BgF&yBaJvtcmJASW&Mt-9|K0NGpo1K2QeR$CBcr8918)JmJO}_=(y)o?f zMu%_&dk2TTMsqY?2ZwtRS(}iM0A=D{lp``ye#lc4qk3fr9HsG4X;DwQ)bTqYO@3>A_@f!IcqI?*TpK~64 z2XB=jKqx!XX+qZouY?wWL*=iu2ZRY^4-F8bf^#O!1+j>g5lSta!Vokym_0D# ztx!o_DBZc!&!QHLZ;=lm)hN_U{6JKP6)a3`AW%36>aNz6fAX&hjK(p4{S#<>jf|vUP3mlgLP3$tpNL(x6(E}2}#UX ztTa+tLDArEuR*ik?9>_s(4Mlp+8Q!Uy~FI!OR)&ytQ3_T9C2iIALzmpZe8f9p(eAXT%QlK^R^D&5H&CK%}3#eI; z(iNXiq!9uhnT>GBTf-c0ZBkDQd#Qn4B4GtwE`^n=m{u~)xUl4UuUOQtl`dBtGBnYi z(Awb_#q1pn;RMA6ZiMMpu)JHDKw(hoifFheXP$RxBqAV?Rf)xmhzRFx%h9t|Sad}& zFHlj%e1D{T+^ubdPYQ~dDJNXhug`~hY-18pFyiymM0@){kTe(ID<_{FAPeju*(^18 zN+X2jP%e)X2KSAi1rLj(l@;@m!~B`qbT>PWTJ#G0*`j8h2-+p?g}<(FZ~SG&BK)Vq zonnGkPJ1(F6@$nJ8aq_U6}Qrim_knKk>biB0h5>{k@+@}Q9jF>!k*QJOgCZ`zr+3n zv4KMy7eIz|%I&&ZRD&;IEpT!s1R7Q;ktxKfr_SxHH$wUm?lX+xa59kAbsdrI*1Mf& zYu32_pz7SBMdqssWwBsZyv(sDFR0arouc92Ddu?`Cf3|}$L7IWoZ%&u*yGOgJWzQ! zeXaJi6i6od1SpV#rMC9w^!jL!5x^#pp*y$$F-h1uikm9;IIT?p;eget8;2wlC~$dP z%HW&_0|euM3;7Jn!&SaPBgm2%?YW0@+La@LF$@_}S`PGB0)t=y?nrzql*BiPqsa-O z0%c*iFPMlYBH*~vCXR3u-iFv{Ny0d2>>+bdrxI->6oDiR_^e)#1l++;%ycGoL&!jk z>1|~P{PUkN8vpBGuS`N9N%9(uaGl}_t=}Gqm?$GK(R~^rZ+}M>tcNme42Kg{^iQqv zya|J73R}CSny(=8J@j5teyP^0RVYzXxLK-iA7Oxf9XAH}K)$`YJig+^_P|fq*O%(g z>tplR`B44!;Y7X@prq@jsqv%=;l`9zcR}fhMvGFAG3ZT2#tfyP!x)9^3XM%1KNn6p z&(=N!YA!GXPOCGDvzJZ{BVPZELw_YSN$$0khd{7N?}6w%Z0C9r+_|B)nc4B$)*} zg5E6(eIe?_2#8Qx&UeoNQGr}RJTy*)UER0odU zC7(NlCsU^LFo3MK?vYTg6U$m+I)y`z%Q4eM0cA=mPg8!R+TH@rbxNny$4I_P6({-jXD(C7KR+5l zBxAfu%`!6_9?c;RI1-w~Gx+I42<^9(J2aXSB2=R}=c!PLJ7pbEe*dOmMGm6?p{M&S zVe0_V#quC36(`(P`FgtVgx92wYf&zgj+bxN$(J)KS**bORu5}aCJ{665SoeM)%NI1 z`R1J5q4-kaqY6s}%m}QqxAK!KP79&WdL_I&#KiDo1Q~L&-pG7XKAOSMuQ=&&BvIT9 zIh&lOo}@xfGly5uqlcG zl8FUg(Ou1NM@8TO4FvDyC~zr9i&JwHpqOw0N_ZvCoAus4jBt%lY`QN&sgVg3sQpS| z3&!s=)k%exqcvh-G*dSJ(Au>mFg^T0x1u<|!ocSDjBtShoQ+lX77mn4l#vuk{5{ho zEC;UgILUdcj6w#psuBsSb)!(!i#x5RQ}MUTj@eB#MheH+A%va>WytDEb$cQBDAr(Q z3Om)h?cF^}yj#Qyi7vm$bXyjgaah+Dd%tcV$Ar5s|33aY0T-F2g~Nym9z>}tAuK90q{u>eWP zDJnByYYDL0R7VM%tgsBPI&I*fYPAmNW<&kntXp~aNkfw6qcf`x8ewW}&h z`Bsjb9`Ag+1+Angr0J}Hk7W7-L;)THxuS)Rc^6}bByBM*n_l^LcT!V2NpocFi9dy4 zqR)K%B<6!T!`j#>jCL^+q@@~Mis>MQroMSG@=?ez4D5kD`enFJ+tx?z^B5%z;7}w$ zkFM%Wrd)217h0B?kChgb7C;ZTx@#&;LsuaCPwN=r_J0lQ3B9TDV(f9E??aIyfQy5GA7k zdv1?yZSL*yWqR5vYinj|j)Y2=wB@5jrRgO_U>v|n9sEdQ&7M`IV=|kGa|e8jG$U0smSXM*?PcBv zWI|KFZ0P&a1Qx&vsMR#$HQvt}3usMlfhi`1T^m$(%4EflPGr^Ng~fRxyoX7PZh&Aa zE*7_8$%|R>@V_>nm9>Een-viCducfv2@55Iw#X{mwSZV$#+Dc%_Ar{Ud)4L(h&X+{pI1yos-UPZcliJypDb5mtFg2X?94Rw>>u z*(&9V%1q6??sfk?^K7jB2zhN7P@+je!M|Nfmdp%UsP1&?-*Q+fm)Uc>vOLQ#*psNMnmS3y za1doJH*<5gK;e7<#zb2>Y~y@+Dc$w}R2!fHe&GM7qoxyz-rt2NzA}d=XQAw!iwZNx zX1W>1f&r+uI*n->flafzu}&zb3#bImzA<=Pc-Iulw)v%XkC}808=QF-&{!Y82R813DH|`{V7h_gwtGp zHD~TBpd0zhq$1l8?oM;1Bjh<7(C0Gm;H@~*4{KwRgm#-#82hy`#DPAp;D5glPve+# z0v8H2lLUQYF|?rY4Nt`Sjuj(HNASHaq-M~L040P!PC6lvNt>fE2||6PMoM_hDU*c0 zj8xY*ZYT$hRnYW>870uP_uQJ$Qr=VsFfFkzOfMjbA3}!bs1{Ai;JT&OhK*uYn@KOj zQpi>r%e{q*h4LmJH67J5=Sub*#W3JwTq7Z^^P<%F3v1~O`O5ApX7nvult&dn-&c;2 zD_S;wF&{54RP%Lk#@1+>gU&W?1#$CL6xnVac1#CvjBl*<0?!OBsqFz3PrRptZT5f( zR^j}|4w03PNiuwiujXG&K^Uij>&OQ_ielu6nC^6U*G*PZY_B!&vgjOHvY7hvo5=-$ z!!b!6mkOX1-NdEaxBeOhWVFvk1!)?%J)rw>64vQd9qp=espkUc!3mp6?TzTu0L_Lu zt=yw|n6RnPIL#sc4mjegfK$(du}Ge-R232I5h9roIZi@=MfQnU-vtCzA}HmmX!)Y@ zR&Gd`ed~EBVmE%6aW0kqToy_`qU;9So(7b7x7{0)$V$H!9Q6jq6Q?%hGTcq!HT|z zP!@%newnQEaxsY`C^yZ;*z`>XhgqrZ$9SUe%97jo+>&Z{fXQt86(elycV?88%*jPg z6wb|i+eK7)h^GBosN68}^e$Mat}QHfBn-?loe{7sB6>Wff=`{vWna z%-_U_4+$5W6nI4l(Va3CU*4LUmIX3!S~&aTISS>8DU2cs!gBlI?*+q-;MAmM!!c#nyp-nG zcf6GJe3W>dV3Dy^Z_nBI%5(ujb0VGUA6d>&&)Nemshs6*uTxXr-jwxiZX{+x*NJD) z3J`Kq{O8$4dD~#gJsg>Y|JDa#Pi?l^t)?W76``% zPda0U6C7$+;f%w+69p;Phl*P!KB|`oFN172vaX%65E}&V5mRi#FNi5NcPjy)lWQ&8 z33Qn!*#->o{2m}O!ENTLa4AgqMtHXW3zdRr6r-9J&`4}Ms!5M76rs>Zp@$I#JDbF+ z;)T)VL5Cq+QcIXT)a5|*IU^sLDdsa-^86X`WflE0lVZU-&XuPSLMDP4ZCUJoycKmZ zaHU`!lxxl>h_aY06teQBVS_IdhL#Bu^X$&N7Fk;(jRB@{&D)~Xmvk3hZ>8J3q-?({TfM3Vzh zZFPHZadi!>?qINCr0!raTo5b#Pdx?LbrOxL0SdI-EyQ*c*Hp9;|r0+#I6 zzyg!@c*tVN&}8vd^mzcV>9e|S75U&*64E5%Y6%yI467Fun87fC0eF=bNX^ryQtTBc z>MpKSb=ng0f!)Z!YF$-PJGUkV;nN!ib}AtE$@g3n)lbLJYTj<#_+hEu>2F$#Mlsi! zN}3i6Go3Fk-uB{B0pikoKvS0yeYoWiMDL(QvrEsQfm0)$Vb>ztjbgxm1_7CX0L@Xb zSDa#8+BXIO#W9KZz#WXa94fR9GWWDl@7Jw6J^)|S_E%JYUuUHeW4`}^)0u=2W1jX3*CzTAfqzA@qN`#bg(0>`<{(n*S7vm92Zd&$R)Dm z6}9Tzi>%$mNQml7yOEyS<{`?2MulDRPp(j5$m%bCSFdjS&up22_*GUMe&0Ss?d zqAqn}rB{eUmeIo4rLZ92#fS6rdO9-dVqA@#yw_f-NT!f8(z+cbcMt#P9GEP~o117_ zsxO*ksXAayu{VS;&JLrq5VMmv+A-QILVcvmnzU4c_Bh1MAL$6B$92avvA8AA-G5~s!Rf6lWxiH@&MkFHO_>EEwUFNSCDFTmN4;Ntx?IQ{$C@OlX5!a(?! z0$4|B+VuN_6_(sj42gi(zodGt5?|#^wB2Hqm!r}Lg#V$5m)08oCGp?MPp*)vmZkEh z{GSBH7-bIFEM5-IEfn#^8J5sYp|!7b$|?}B|U zQ{>+MUzwsYg8r_6CHe?{yn6qRt7YQSD00JD!wnPGroXuTw>(kPmwYlPoU$K)P|dj9 z465fxZ%)sv1qIwla653xH|n4IBU`;DJFukLw?`k|o~~^4m=8LbVg{^1-vQbtlDZ0F zb=ol{6iGV~XCSGntkZVt>kU=2J1OIm9^VGC6mnC2)7TA+A!jB^SeD%%z`v#L%oTG5 zh^yeXHm~(?@lM4Ty}CTRzS4(i$lnDQ){&}8#3ghi%PMBxnbZ|^8xN`8-w5@74Qxg* zp25&H3S_Zz;5(**Wev)-=L<0Qz$sb%F+8G@QlIYFRf&c81N z|Gs>?2hbdavQH#oB0MZjN$S{9fEvAl8iPuz^IZ}gGC^WIvqoDU+oWN4MZ%`JS_8BA zT9i*00EadJ)hfq=1I8h^`ti8kZXW`9VqqB`@}cv>Q&nIhx|aq%aiYnti21GtM30sH zX|7r~El5TQhGL+Lr@R`#3)k0XCzH_9gc%t>B5gR+uI5g%m~^cS+vz4u+x5T7fS143 z;SBypLU>2(9+??WDg{ej2?BP&IpS)NxJj2&AoZZu%@5nA*1b`WMDEm5v}t>=zyDVm zN&dIL^1^>h*~D*2Y>5|tbwfk{R{yIy4&!9~Tiqius^8(zCwH_SBDVimi|Sd>ZwZ+M zXaFX(ta%?%rf$f;w6AorLd^he3r8z4zi4|8z~6+5JrTgQ#i^Z6TNQ|8r`1uZ0_<1n z2ATczjXdiA*>UCrN(pe^3JeBIK&43phD=Bv4n#Nhw%}6^2l;vk={31UZr99_&_y;A zp*3y;Fbc@Xe8J%q#hCpVlbIO(qmxWTgB-Ud9V{T||yoB3mw!#v2W^#b!?( z$|yZN5-L(n92bnVaY$~QCCq5caef~hCyhb$-zbJstjYNh2aB5GMx0OKU;!WlGwg?W zGG&fNkcn&5k&P?sN$_si;{Z?;jGbawXLHJDsRe*0G(w^41i&XJ<9$!V2CMCcZwXd4 z@J`xTby$t!iCX9sAD2^z5g#rbRB}gF@^!iMhXyr5V-lke(oXykkY&5c<>U=XLa*?s zE+QnbPwHwlZBsBYv?|yrnv4__d95k*g;T#=$XW~)6|Ua9L&V#V*=DG`ao=w3ey2Rn zS)PVs1$tU)$P9kEky#{eIENU3YO~R3RIL(N!Nz-LaQLscxKNX}VU6&78pu1_-f#3WNBkXJlCfCRGQnk0~gzfKZ(0rqaEBoW>V_oPBv zcRfO+<-bl^P!h!Vrvk54*nj@vn1~$qP4!dy-yJ1v%2%jP8&C~}EiXqeUgPVe)VUic zD?P`=`6h}2vPjbl#z-W=u84xyQ6RSY@4oFv`up$e91(P1#&_D6Z|>iup0#xr1@~^F z(P%V!oz8bMsc9qoZ@1m+eb?-CyX{uH+v4wA%~rSd9cVmBk26m~8H~ScJi4uH=f08W z^XL5^Dmt;gG)9Uzjf}f82`gvHRbAx)0s8=pi|y6YP)18Lk=)xRgu}WH@2LE+|K&^N z^XHmMy9lbxtIwNtIT!1qxw;)-Q&YvicRlRE;5FZqahR6CV{;X{ghT80=r{^C3%6r}_=AM|nM6z8(>O7$Gl3i@G6J zIZQJ5vJ1FVNH3-JLWiRcUMp)?T1j60{ym+07ve;Z|E2EEAG|iBrehl%y!F5hUV~S~ zWDfACo-iEfF|LAFKK4=-)_$rnA?%oas)Fx9Rqi@m8>?Cv71!e$VAb>hR6Q63oJQ4S z;v*4>i((y+TP+454oR!|sj0eM-Q9IByvJjJeoYBbpbcoElBcx+p3P(tNTxW!IyG68hz!Yy7vI_4L zrO6Dbs}x7_b~fvRL!#2ch|pI%Zcg>LV7S~)(KXwa8v{JD2&J+bQ{L$f% zIGiXBiNi@sR>SMFRD2R9xr|L3w90BKMyWbd!YCCfiW%h+R;jx0u*&tAWy&s14+`03 z>8RxxW_}4TXQE3u%31NKmQK;t9HnB`%Q<3zM(~dB;!`LSjLU0dSh^-M&1Gks%Y9sA z^4zEF@0XUkzn*7J{Z9#B4^sbD>3^+GJE#9OdcCdw_Z*MZ|FWV}HXL1fEa8x%m?8hZ z8l0_d@a5;mo_u27ZmWfKjHw<1!ZWazoT$Is94g8%4o1$(9?w+rIyQPx_Vt? zAvV8+eFCV$nL=N_44jv;?0>E+z+Sy97ZzEouDg%o6Y^SmUlQ4_PO2(`f z8r%KxO?>u`4H`)RV9i_`0yqmy@M7tWijqhFS7mRY;D z8KiGyuQX{m9<@_0qr%f~l%=h&wNGw#e_GA|4R#M@|10@_v)Rq^|8}pt<^Rv|e6{C) zdfMId^sjtjzto{y(Kh(C9=WANUwYuSHLLw@o-+PFk3u2(%l!He=l$QU=Kqauqvi7d zX1~+wZ2A9lJVyRk31P>0BBVZ*nAZsYGI{8Fta~2mD}QD%Dw6qq$l##VZo#Xo=Ico$ zg{~y3)9C>Gw`N!xXQ3eueJ=lXvU1T{uzhkDO6dHrd%^$xFukSgU!}=EexwCp#rkhI za{7O>vDN>d=P~PFjrE3ff4f$!kMDJs>QH5= z7H$L}igC!sp!%oz-k;{x6qZO@s%XjO+2ga5tCFvD?uoCvS@pgEufjyywzpso%OWIm zh3Z!0mM(ukJbKIUnD-ux2>?HyU7h}Nbbf9IQNOr(|Ka-0`wtf5q9%D9t- znl)FLwPi!rQ$jUcZjuoM2gN1xtIK>>iogwKkMY^spYs$ z?!UQxv;d@@6#BNOrG-r9JpuXS<;Bg>hwGojPWvhqa{l7TgpX}&7Zh%)>x-~Bns2WKoKdG#~mZ5T~{3j#vA7}hu!~WlHWaPhQuix38 z|31rO?u77j+=;JiN z73;s#?PvWznw%wU*Z(s-X8m7hFPhze259Eby>!5;siyqxet&wP>-3n=cwgMOCEOnk zsYZmbB8_ng8B&6q3z8MGsg~JnG_s1O{c7#A2NkX0lJ8!AkP5=8!wrY(57vh(Vx|uf z13!Owb9ys8J-#}<7HP3XmOv`f!KquGJY-z~uJetEJM=Vm@&Y3!e5PXP-QsXkul#~V z2&lP()cvmSpZzlfFt~#YTDc9$olb8Iqe#Y)CL;f>xC2bCLtnUERX7g%+E*RjtuoaK zL0I@^1qjMJNnnt~NG()#UUNOXv3jmD#9a?>hVPGm=D+vnFy4=ou;_wtzfOsFtIA&= zU7y~ZoL#9Z0UlXZM4x3ruB+d?zc@aX;`Y+%YHsd!0ktsOoBT1NP)}czttr`DnQI1?vVlpOM4vjXqO+WE1Iy?52U!zh7S+ z-5g!L)r2WjT<=Gq?CtNSvFoF=^WpK)`RU11w5u-GPbWHGbU&Z|qlj!{ILi-FB~^_5W)$w(-Bu@)-GFjx~6t??T}c3tw8wTW&X_ z1OOb$3#RlHZtH6WYE~)0mVfsMQgjK~bV=@r928xr3hKgg?`jtEc1z=nSRvLmBJ)Vy zJWnh6J4U4JsUibqKGJHV-|tr|n4wv!i>!2AtjXI+g#ThiN94+11xE~Pcq=M^%4N}j z)W0oGlfRDob6KpW+*2I)an0a3tCRBeJPNg-EiRXqIixw~GXuAZ;jWl#a-cRp)g;^v z&olwZ5JK#tHXSlEQ4KJOm)N)pE%J66MKP*kN=q$c*#zafkC-XC0V^Whyegk|`G)Pa zlMk*fu2Z(KY^5=?CM7KjY8o;+b4vlq4908gd{FFVqPx{}gmzO>P6-v2D*BJI?n%tJ zhUx?j&!bSp4eRRi9_uPESFON=kxLZMu*hZXCf-%*uQw%kq4_0mRh2$`lhmQ_MV56+ z&yB2WFeZVI;>|B_3HKQ`lKV~-ftM{6ZfZJwb*w#|1Jayg6cjb+_Z?DGzsO!F2SYS; zg5!-7!?ayMlDx%Zm4>lif797#xp&&rSn-+KmoGAS?G4w6#7C|Jz2~dUO{0c>E$sXv zLZEtwV>C%%>{s0bXwx8X4>51wEm+j@FS>-?yx__!a8Uk6%P_Eu6t(?Uxh&Z&JNk19 z?)Me6vB77#{>Mk_k;>m{{jc9|b+hNc?Z!6$@3TB*@xPp*yhz-yW^-CL<;C=sL)B7t zQcKgo7R$3r1WB2V8vs0y!u-j1dbuslOYN-lhX|1c2&}B4CqJ2@u3Li`_iJieHOGxu!9a>s3g-gkq0$oMXv}83k z2ULq7JeaVS*6L1LEo3O>1-|lvJP=q={3t}C#C+?q?6_DM>(zTEhStE_`Y=0;0r*k zpxXWq;54L3jMU9&z$h8^b;L7>Ll6;PUTKQQAPG4-c5aD$q6^{sYGu19^#WLx?Y_8$ z`{uhZ?tGptxrsEaOcPdb)!EAOyw~VgOJgWJ5z|tDHPmaT=qQO+{k~{|Ez8t#k8B9?T z;9yCTYqRi(|6bfKNI_NH%Foqo*Rw&~s#h(_4}ZVGEp$ZsI)~RDq=yW$if4GDRZdEKx zSmh)OgMi#!#(0hcG(o4Fi>M3v^tsY<$JwI~Cui3;zg(SNpDuBx9iCo)I6JX_zCC-+ z;L_pg<G0;w(eclx7bgQy4ae*rSw{f)`Rx3B_{-V# z@lOMFS4U~QUniT6|m!Xb}%K&&FSBd&p(`;o?M(>|MLFo=i$xS z<;PBO5|DW(n+D`wv6j}+%{Lcpxq@K5Qpe+BQmjZTyN#dxI^rk4^(QC)c>$z!W2qm- zvqJuB^;?bX`Cq5EJ^y=_M<`jx=D6dSk3LWm9{&P^Kt`kJ8Nzq<5*12J9s86<-B(t6 zgID@PxZG4!!2#d`DgPm)Q1nS$&nqm5d=ITx(t3O~%Ny}|6~Uf#Q8R%n>HX}yko>!_ zm~(48FKfLhtRR9}MM?fwVG)j#h)GFNlp!j)!r+xOhrwW1%Gl*Xc8=1Prv1I5qVQAK ze_I=CN<2}*`uXKcrB;s15+NwFC#^uo0Na-@;xoaGu3M~>&sJ`7W&NCbAAb}>|zfj z*ij1NS*Zq{cCB9-`q}JY9U^}DVxrrH(isKdl@c**%K3udS^agS4`uhd<~)~okAJ`v zOi?WFJokM7L5S`^z}bS)#UCo9l(WAB^3FVCljx$I#^$GU)6os$gXOsT&2v*Sm9OEA7Oxf z!FdcJmk}?!YmXrFru*sMEqnh>?A#L7?Y_O;x1V+2rV;W6_g<#M2zd{f?;Krs%jZwZ zV)ap-y*Qv*bA)L0tKkL7gVS3*JWLLN-tqyYmV&t*E_`&|9`Aq|XcO4*JRM5;k7zO=j!0 z-azakYiuNf4?Jizd5>%)8xKn^P^SOMd=_*A+5cARf4yca8~@+yZu5UV&m;7_6EWCB z#5SP;`X~y>VunKYl_`OymusqlW(mB6B4`?aq$&ubh^CsLA;Gtx3mRm%+Td0j{F=2v zvsO2z4^k_b8GspN-t^oNyO(43jM_;?3{lylU0pV>$3B-1`#k#V*QUFE)q3l*>#SLQ zHM{%|KnA<4n)*^I>a(k--;!$jG-~M!s-%VL=vs4Cy|OjX=hi-ZUtwmu?X%8Ps{b1; z?(qhImHL0Xm&^a(*xvv2ERWRx&0zn&4FKt!Uef|#_2dOi0H*cL+5imLZ^8(W4#Cz6 zu(bkw%~k+2Q@3V-tr=iz2H2Vbwq}5>8DMJ$*gjwLQ>Oo;(2oe-g!aEi{8uM;|6jYa z)&HO6QCX|xU~fYE*AwUYbbl&S1_|YVPhO%V5>^%)0aSt^WieRO5Ri7tQm&pP&Popj z{T7sSjqFx6->T-%tC}YxikQ0P0Q!E6C`D^(#b#$S^)@K{@a7{Dv-{#A>b!&ywrc+$ z2H1P-4L~dQ|4yUb%-;XgZf^JgXL+3cUkvspg#ZEYcPR;|o^9+@z-$YWDP1ojc}u&! z6K>@NZQEGwu95gTE5rGidSs5`Mg8`G)-l=733USVZ%MEN za+-gQ;+>VlP&HV+O-3jV5krFdiW$_xoPAQzcPl9V5d=kRNy}wsbDl3>DoR#cPfDXg z7TTbw){++uDd_h@!~EJHDqGXtAMPoW|EDCzzmbr^;F9=92_qse>C@c*-)ZFYfA+Wc ze?H5j@_$;wy^x|21&{&=MnQsv{3WuprISJ=u!m+^C>fecnH$Ckcrk(u`IUrJ$Vm#ks|fTvtV=(l=E7d!VTa^>>{T#(H_PK1Sq1dlotwWRewUwT+ zCekzNFH2xp(m+;XFV|wNWT~9W^|Th(UcY=%g8fg$T(U&O*T@!#_9km#njb6`;>^cM zKt?bqDRYHHX2tr2`MOeQPY3?7!ur!miO(-oXXg1vgz2ZG&r^xdHOmJ|%bZS$dM!dL(2q;o7M5IH?13MxL%G2fV!&tZhP6 zn&I#YMFI98b!uAgt?Erx34SWBl)kqrwN)j=V(eM;#p4W~$Cn>IFdX3D#7JDC*h3+M z6QsLW1M+&yD?~{Wdq^?&Sp7_$0wf*0C^2tj14nZd!wIq)DWKLWEV2$Tg7le z^Obr2s}8Pd<2QZSxOJb-JzZqUrf=4sb0yYeed>yBr?&Z5I)fr#9gI{{d|jbl*z&bd zZv(&~Lz7sEBCZL&q)DfS5U@(slw}RuBG6jxIx?B$zGmIN_RAE7V8}=Wj)DMS$~(Qs)pid78z87sMxqG$)e7LtWPuRV z1;lI-D@MIY<*>~4(o3dq!f;UMZ5#zbHHUgR8LG^yY1EcnB(!qbSaYiGp_sjcA)G9? zK$otcbpm#Z+GR0BV|@GAHpTU~d0J&DC7JkG47z;12YeDT%>t)nh9WKr*=mn-Nz(m# zr{O)adnH=Ax@rN3liWd?;^W`K5t>5vt2{f~o_PI!PrS6oo@E+xiR4&GO1KaQ>T;tb zKvr|=f{|&~9brl+qp6<9e~LEbZZ;L)E$;8!55k`*V^OOAMUYKtHi4RIT3inO{j@I1 z6lW0Bg34NQ)d+gGDD*`lZZ%4|fPmN#f+O@?mrvax2HPLrL zIzhQe^fPTX(_Q}29A}CYtWBjSQTM9{$VUX#&IycY0wi&JJzQtwTCn7P+ z*9Ra>W+N24FnC!PMv?8o<`8nPgMjbtc#J*B&>5u(iuwL0#d;rLdH?*~lmteY+2g8# zJfd)g8F3MgBY&k*sVzdRRj97+`%)orL4GM=|I^;;1to8GH%r%8zG;mGwDu>zz^CCA z2Q8uqnH5qZ;HJY-TYr%jP+s4Z33<;rj=cXi;U$Uny%vcikdZ56WRqS4vpd4UuAm&t zQjP^Qdk&IP&k@&weQ{&mDwK=#vc4(rD5reRJu1^9Ru?AIV-&L$u&sd=Rn{Ed(suL9 zV(s=H+j5XlhT`KCfi;`9P_BtPgyY(uXjM(pLb!RYA{PjiTS0c)Ws4)X;W2kvW*5-1 z4Q@3j`wHxlW%j>K-Tm<08uveRJK6l7-S#&B=kq**sc-1+hp+G6hxPA#c%l0qHh$N` zH*(Lz_Kt_GX8e`s^VsD54%Svd7~4b`+e8>&*Hfnd%@R)haPkWpO$oU@ zwyin$RSZ|?f9-ZVbN_Fv)!D{>KF=d`y?09ndlQP`vdQ$aw*)Wi`SOc{SJhnSF5y)$ zimw-5RcqCa!%OSm`x4^iW4jTJx+tZkKf{#&8KViNOd+2=E?(BtZ$V2|cyBf3t)~2} zn)02TcT{W3$|9~_XHQ>rY1dh}T-s8TT6fL-Ht_SkEfBE^hW?unxW2NdO#V|&I7f^@ zZ#qLEJKG;32-G4d5kXW%fEG1tSt`f$!SZ6;HktkE|7U4u6v<3b|kZla%{c@!EEWUm5FPQ zm%lP1%C{?xZAh|u7J59xiG*I{nR%|(`+os7o&_5haaQdAmn6X6;z{#=HQT*zHvXsI z?)SI*|8qPd{{M{=Hk7}F zKHH#vSL%p}KeR3w`Rs;xTVGQM!rz<`-s7TzyMiV~Eo&!HCuZA)U#MS5!ej#>*8rnq z883;?;plNHO*_EHWr~6b#k6iMIgcrT6c3;R~Yx%Mq zWXAK^vCW`bt(G9C@-r4pY0d_8>NoQl{aRF_YNCKe+4Kt?fPb3ku771FcnK`D1k|a9 zv>qshR&5zbjoltdp)V6W@}!c`C2;w7#ui*qt_B#%dhFL3$;b&*aOpARy>uf&qf!2g zL9C9WHv#c(%fHk;?8jO8ivxWPSe#fHDOCB?tAJM&o450IM#>H5Ob|4iu45!=$uS77lpikC^9*+Tu3+vUbwJuJB@p&P(+AMf6 z1+rt3gX7YYQ-3)&b_7uYM>0F(awz`=YI93>v1V%>f2bu0+O)`FX?b7{rJA!yo~of+iSo77n!}}6Cikzqlj+O`qNw^&yq7s8YeHnqZD%5mZM&guH?-}B zw%yRajtyK2Fo83k1w zihEt$U@X~2CJmWt_;o?aa_!>#73O) zHbonw>i?-uQ8261>AueFTazZ~|5L4k>McT1QAWSzFr#_hz0fCRxPEQ4a2L1DjK5hg zAQ(XpvxTfj8HwRUEi=8KrLjM=G_P!KB+I)DO4L&DGWoy?*Dv%uMCm)?+iAecsTj?@ zx>ehT0kU`1Lf>z9rdqw2ktAd?ghk2a_M2QnArj@12{{n*x*LgDT^Ni~<;=;> z^g7L4!;9Xch2_OA-j_^BdHPtN!CQ0|viI=?AyL(8Z`Xq3Dk_eqsMCmL8wYDCH$}fP z6sCN7d#3`kUHviAFJVL#Ti0_-h9*M!;hzgjW zLocfn7ES7LClC52Z-au!v)cK~PMC_Pm`fRqZ;IDpH1Q^;Ls6mg;cgMl3zdPQ3m9fNJeorsz)^sdPn!KIO;*gv zki|HhxGI-bG@Gw@eH7rQ462e*mQA8{L?uWxp8eBy!^Yt ztiGhxr#K8+BLBZ5A!g)ZSAIIrD*32vfi`T$5MhAfZkdYX0al>ZjJcLipob>miu@!fy6x}M=0V@Yv4BEYE}`vt!1g@g zSbA;NY|~(Es(iij(1$#3YIGZq9sm?t$;c*N-U=m8IRF)z*54j=kHmM(9bX{q3+xqr5RifQu?peG)?eNp5U zLUZA3Wri1*dHd>>O{CxZh-{_(jXtIF|J-}7`(HbacGmx++iq3jAf9a| z2)O9}#Al5HK3)|De7t@fuqav*T>J4j7f%boT#)mk5H0hy^}g zD;U@c{8D(!H$a;EWfXE9ygC|D6tcC$fW0S(15Sf`9}x;{%-SPDf;D1*Q!w`o1O67{ zc*WBGCT!{1KtLc+-x}3_H%4_X`ev7~!uScojK2*N{(5&5>wrTpq|t}pQJf1o+=|zK zxTj41k4JE03cw2azuRqR?|RN&Vo){*#i zSuaQ^L-8-zN0us)DNg#|Z&TsR>FiT_{Z~qkLDE0DL)_m9HaP zKy|I!TWR%MmR7$F`O#Q^mkW?$MT@c<6dgCmHs0XS$KgbA5A*9KnTS#FmmKMBm-}|P zKl5@Y0lGqCUK~dFZA_AA$-1im@aWxo#qu%|&3Y_|qIixybmVy?35$}0Jd_u$*SbRX zkE}kI>VG6*k97Mo&kFso-)Q%;`d_ct+UkGL@re8Xu5B$3@I{FzfD}M5a&89X8sQb6 z80tnq3fL4f0AmEa7(s^o3g?^Zd_qnw5a3Y^<3)X~>jTBKtD0!{0*5bA!W3BPTY8bA^Gf%tLUCdhIx(_oAGVQ8x8mg%GGL0LE>GL7eEhWovAh7`1)pDP80R>IHC z9v8?ZiJ75T2A0gszVqG>(->#3#Kb;TDK7BYbwbEf7LmYrtdKfPV0}zNfAt1S@ShTPH zM0cwetX*f^j9aGEpmcks3Y(d+UyVDa&E)?OUYKjDX1P7>3A`_hw4&$s#k|j9+37NU6VwTodU`P(NKy--4-8kUy^os{#+(Z^eYM zeID_Y*?%bV;zy)>cAi!KzwJ&g|68Nk*xG-d;}QDnPz?4aJOJdhd08I-HFcMI0ivN!D~=`AHiP}RL#U3@_o!Y z3lNm4dMIXij6KMZ8*pjEd=08@PAe8TmOJ|{>|6_Y1}Eq;34)>3`L$Z{iFb=)kA!19 z`41&wQIom$%AuDOUB^9FqF#~HiYvJm;QJkGzLd{{BL3DbcYE^rY$ut|9FVdXe3OrwJTbKr)9Yj(DwlZA-V$r-x0+YS$<&i(lXZ9{FKZ8(lEXW1z@@S-)uMfIr+cY+xq`L z%cJCfd8n}w1wdJJo+8#*K0?c;h!X_} zW#!)qWf#&yUHCoH`B+VISgYg80vV}vs(bR!EE(hxUd^?diIQ~`@-AhsY?k|=ykt$5 zi((#joGelJ2w$u`YI4@?N;J;W>#w~?eVqDSD;`+-Jg$|;aiYPucZV~bKz?j5hrx9L-XP0|`63xRYxFaD0EMBBh(R{f1?327e z0pd+$yREM37t1db0Bm8joB8FImlABYhOpDyy{htcS>4^uFJC>gUmL&5v&-t5E4Y#; zqhJG=s=X;sJOJq(3Icb+^VwvxkxUk=@LS~CUAre*JY;6hV9lVv}TuHptEZHpWxO_wYGza!^Zxbn;ssikoB$<&m)SS&vQJ^`Hvdy4W0v)NA^CeLzpv{S2%`c%dY1j zmaCO8@{a$wCb!5<;W!gCwoaoo*%>ct(#PEAXv&cJsZzjXEn=#{Z^$sFC-+xlAln+8 z{s5jzU%pg0ClE{CT{?;{WR}aa!WK>CY3nA$u@(FOM(zM#<^SDkv~u^qv^v}U|2dxZ z_LnEU1Ke%np7+1Fl{1dXFMt1wi{3iP0^AxebpK1ikmLip3kp5u{V#5FW%s`f9lli} zpA=wTAfmiXz;WS>`9nk=uP1MmuaE8hFMp`}!mW%M54|&7f!Nr+;n@TnnfEVwe|X8U zcmd`s?-57a+rxi9PpSORAVcFMpc@DRT_OMXI-T78kB$B||JSoT(*CCgd$^e(P#;AB zSatx+s%K30rrJZV2HYmkXacU zMiEW(u3CinCQNuKx?A(z)_nIB-pEn3VuugEnZpf+b0zjClo{9dB`EWz%$z4H`7zx% z1pXGkv8*er*K$Psp>UikT+>VaP1pB2eT-M@`mIF7Uw04+=f|e;dHR`=;{fT4;)fR^$pRX&nX(-7I z2|yH+?2W0JhF-6%zxoVNZv@#JVultUy6-J7Tl>J)KJeuBfhZ<(%;zwQbJNlKrbUX} zt-leB;S4bpi>QP2*Fa^!d4KYLV29DF)CsqH;QP5?2JX_F!$2(jDB#}>1yptL{Vn+N zWr_7p9+K5(@D`ng?0tMeNF-0?++?{$F5zFkRASEC@a$4t%94}QC zhXj;iI%V_}-cvGro}j4xJCgvHL`+gpbg3q;#o=`0@3WLE?5>nA)%{fOh@WRjxe|7_ z&t@~^W1URuWdzPL`ERbw&Ee!1G@24}du-<%xSvG0O8#qiGyY$#R=>GD|9O^2Fqx0p z!FCf&Y(OZ?O(&;?mlYG2#fQ+x&p$z^N_9@=cn>dhyDyx z{%4FPn6kL|y20E$cbM9@a1y5Q-kySOrQBzga_{84%Suq{bvALAF1=>3vnp=7W_}y^ z`Q8?Wu5P0h@BNg@e?o8_hA^U2^0e`P?M@@-|I_Vk?SIem2!T!xHdTYY5qZyn_`>p? zgUbqeE?0If`7Kv#rQGG#xWAm0q3=`4RR+T{``kx|Pkaj^REBh0Nop%ey_7#u&UoeS zx`Gd{?PH9FD^ApOP`uvk|UKzp|(w0h&Va?Aa=ddN>S?OuD>PYc?TAn>K%pY`28EPV2 z|Cmw*U9$+>EyK)bQMw+bWl=t*`TPf#R1)IosR+Tz~pI*FR?W++83#k;J!qTU&cthaQ zCdc<+-lOP(cf21u?khvzcP;>auZBLJ(eu1|wS)@gm=P^`zVXZV0Z{lPhMXibCEjw10I6yy?yp86Wx}wB8*2c zyMjFqN^t{QKGm4l8LMKs*2%Q+G73B^!`_S3@)l!q+cmXTc&RMAc3**We;6fwBP}6sN(NBUBF^y-Jn)>o zgX%9d08Juo=-~;+#RwZbTA_}W7sI4a1|Hbn+i5jwLNO5s{08Fe`Q;n%6CZ$fm11M1#we|G8 zx}veT3W}2Klt?jD5Z}f7^9F|t=Cu7@waCTjj*eNl(h}tyGnJ`|*|s17uu}dLO+M}Y z@2!J_{jI|N@7+lG8sMj-wElM!)lYqz2*7Ja^4N=I(!J`F2KSl{OYVwTRBCawO z+g(Y&!wAz-;&}BxM=*aaBz-7$ZM?8{KDq83vDjd`&4$#W6A2N;9yJ1H#JcfxPFan`Y6_&nEBF&?oSk zWIloY2^*bJf+1&>_tfrd8TsVKR|#- z83Ye-f&u(QX>$*ID1$OTvmXSM@_sS_cy!OpIkJAsSmef3Hzv2TAi4APD(+*+y6&`a zuI7en(l%>RD?fXqLJ4TrqAWaXbCO@t)yw=KnlxLiG=KAS&CG&vs^G)xz*or;Dk;K=UG4A0fEDs58hV!@R}B9m`PrZbs(ePpDIu&0AcMQ-vQ zl$qxyVqb)F=OEX2Sh~R`t_0)~xi>I@nQ!3c2v}feUtn)4dR;+G_r_sBcNcLtH%)6| z&na(96qui*QLaIReoG#6Gev}ZHQ0@eNkCG5QI+%|o^@%hg(Weutikt|S78go5O8PN8FK`7- z+I1vQ&86Lfu-lY(Bq)Sh*F?{1W@V0*ITbB@wQ|$Wd)YA?zSdz?W{T-|$u$6ws{kd_ z5c5p0ZvJO#5iOhhSxSa`4i<`42w={XyCfPy9QZK|@4Z?K=mvhArWA7VvkO$orb}hD zN_MK|v+&HtxsIc2NVDy8xxDCrD;2jQ=qZiZLJ6;Tdn#ChpVgwB+YU-i+I-*-nfy|1 zxHiStAJ%g1w%=wbj>T|iei9zX>A*i94Z)u6mMrP2Nr!xr=;C6*F{jE%?vSp35G(mK zW^w2K%qeSc@C<}gxaH;Da&NH~7gHT|g#60al#o1mF(rqxZ%T6!w+)mcQ=y-zy+Cmz z2Y2SUsuC49Hyz*v>1~&N4xq$oUv9N3Xq+8Z&RPZTJ>7lh)7?7&@W9VtcqcyJ#qzrY z-8i~utA?B%>dIu1;ax(1dWDGdORZrh%a0Zgr;K3a4-4mx9My5o3<-=0H@BrF8NfozBsz4%;2|96Bufnk&hi2)0(M^Jcp)08S;8S8?m7 zrfOj6n{w~fU-F1v@BGxkFFrDRm=lH?O?e!(_L2J*we13sg`bojN_EzxytEj$(vbGG z!}+nisyM$AD3?fs<<%eH#M7O~s}5 zOWb}*B?WZ~=u93VyHyO$uSL73%sv;)6D>{veIB3?0X}vfpmE`iceMRc^mL{T;vOM_ zNycZKMjK|ubDXBtt#|#%wWEM{bU-u3#n1V=)`=KH6W}I>T*>T5u39~ zm6SqG{Q1bWU8Rn@yuLW^3&9M15q_2n$MD*pd+ zp3e>ZKln6QivKTfs^I^N+x!FHFsl52<&>SIi*x|i(0UeckV`%SPwD{7`{=GLs5%`C z39D>g;?7NFWyEX?StTtCB{*St`W)v)Y?YjWJBaOcUef`#I%vJaFm+wRs%{$Iw^ME+OP;9Ix|$dLJSUkALF=y&|srTBRc6fxDt4T?WL5C|bTi<-vi^{eqv4nZ#uGf*@E9`bprZVNYl{jHZ z)k>y*nvF85x=ouLZW(p*5_2hZ*QRLjJzVs3u+35(Z*}E!b>;KP0|SZqSeRrQD-%V; zNfRUD#bd(a?!XKtK~-f}aa}h{*jW-k*XL}D1CuyeUO2t8795BBxBZmq7KMLi|@ z-x$U)Lox!4@ELfEf*G>^)t~?D?jP9s|8}-ESNh*F9wxR4xs;D`EJk@D5y06r>Nw#) zZ)iv-O4UIkORF>q7g<`lE^wr~;`9k)Do3LIL_sA*tHr<|7DxFW0!z9{w~8vciYoaW z!Xry99hT*s4y8Y|+dDXe6nf+fui*T*CCGJjPb%p})#0}8hWGcFeO@%f{;rJ_uDO`` zNeI?UGS-hciZi(?V#PB*7)jBIz=2zpc*OQ%nt{ z%!NN^@Z$(3ffxnH2N!5Q;h6ut^AIQhWJZMd!{4)rNJW8HF#KZgN5KOm1$aiu4lm>i z=3eNiSuxFEFH)gG`7hDE%E<7IfCoN{7A*Zp*{|~aK|iGKQX~IM1#~VSu)6qZ0AkpBiSPGN?- zcQ6^h9;NVP0E375u7K9ae_MMy+qV60cYAgIzm$gyc65xvX)*>ql!4cyG-mmkW|sZ< z9MYnf=yPcrsSkKOM2QF1_#Yxz!P*0yu+=?-K*);n-+;ME69n!d)u}`JCuixruEM`2 zO=C@e7wRtGR-~XM#Ge`nc72C_vaZ0gD=PFo{a1$;j#5a6p6`Ufqd1TBa3To;+H`hB8A^t9FZ)fzE(af8;#&|U{9lqqd6GRb8Vk)TBDvvkk4(6g$K~7$4UJBxTf4e|A|L;R`i869Ux8^71 z|2z9Th4Y`?{nh!;QXaSbrPoBPIB%@ zR~>zsqHxv?g9_DR;&m_#Mp;BAB1URQpNCUh44!m|MCKW>fr$YV)Si>+IM}aeYf&66NdVnzu2rOLl5Vu0kdO%i-u!tBH zb~+vNo+jN=L@^aZMTJ>IDMBKC)`#R;mb3yHbzgzwBxEx;!a#LH zgQpR!0AE|R(6tYpnmQd4l=nZvY6rX@5!oFPywKSjQ%&UM7KCt# zx@3*BfNKUpGiM>4!hF`Ti71KBIg*VDg_>7zO(4}NTI>dKnU^jOy&fM~x-2zAgI<9C z*>aF7>H!rnnDEpQMnh%|2PQ`%ldt|x&*>W_#L=uZ02($Z}1jtdR^35UyI&&g% zJ~~s7GrAdf(kbQU4wq8Nfl2p$sj$fux^0(%)60&^HPKn%%WFx!hF0^p}K zj)I8969(}bDPcMA6OgH!du-{2Q3eANPd2D3GW1C>;Fm<;z#m6wl+mf}s}(@u(K&%e z#KJ+zi|andqann=8(}C#Mz3Xx=EmMBhuKq|^vpQ>Qerg}fCSkXCdng0LQB0yVmX#xj0o5KhKt$=Uj7KPe0C62w zP4nEV+9ZV#QB%aCo-!#lbm>V7P`jX-q$qSuQ}cU;OkTQf87g)K#@&fEDX}@n=*Y9# zg%YPu)p#06vXtrxvk6PeLIK9S%_sp>USf+N%^>XyWHF7jBpy1BO2GP#4{Dz1X(az$ zOTG6=;{WXIZEf4}fA+WcR`TC6o+|lIzFw>hD4_l*a-h|nrOJX>Z+l*O&;-^*CX{t4J2j|4_(NtM8ql)(H!~x6%Q1hz3{e&|ibJ*u-!liDG0X@I6^|f@9hCTeKT3d)Iahj& z;uv6(MJb4(AJVOY0>gQe=cD00%y15n0y+iKB@^6Fct0p4)s`PW`V%bA!5N42pvR<1 zKOivc(2e?$?iXU;rjKX=kO9K%0-+hp+fQU)m@n)vKIRUO7d=7n7FcI_>b)o-9{d0P zt_M6pM6cD7)n%&gOMZdc+w{P?7&FSjxcg%(FE6@*Ss#ie!50vtN0_k+hTJGi<_A=T zb4#t|`^A4m7yI}+Rle(K*xaYQ1B=ga_7$N%@Y?ff4HJDa;J{=bYz7mAo? zPnu>Z%~*)H{0avXk+sy-)lM(Q)Jah&GD~%Gc=|@d)Gjmq6v`mN6k2z@~=6z0396C$j(UZtmIlKR5RdR_FgqdAM0OA8#ss8|IAJ?7rFzas@hX zm;UJ&O7Jj-KIUpoG>~=j~xm9UMZ-TsyG93*{4^8p^AlfX9jD>>B8tA|tKL`4F z4*YY?{P4-~md1<^htptN9&b(KIoB}AAdxAQi)L=iYiH257xEi_HE}K|?LTeHjJTOKZ2hvZ=SS&ir{E zxBO4VsO}v*9TSEi62&tcg6ix)y9N1wYjbaVCI2tuDc5J&y>DHsHN@TljE7Qprh@H> zuKxa#f9%LY#kwbmCx-F<&rauWon6n80Xrv5n732SDB)!ov6iDGgr8i6SweC)lW_-S z{q8VI?r6(*V^b^7&rm5uows*if#WodC%^|8jQvkA1fs4uIJWK`86C@$R{ftNmbF%g zUe0eV85qOim;xN8eg@43^dV^3eUXRCJZVoS`o!oXZk|<24{F1t;8lOA2*3q`9vUUw zVYUO_r~S+iA-Ks#@cj51T%R1jJp~unUQ1*5|L1wo z=FR@yApYy7eg3<@v%3GgoQIotq=wNOB?0H2J(PhyOkn1dDCzTHOF&vov@65JimJu< zOpUGD&a}tV>S^3haC7DXBF-IIw46~Afc+g2IOlrQV>(^ilZIZm)tBSg8^!UwcuE*% zpsYmXC~THhFwq>La$c`gJPxgM1*skaJBANT-rA9~g!|Z4RM1kX)7{9d&kL1qM*Q=l z2I6Cw%ryufLo-rY-m?zvSw+|;$2hc1O7Ng-UqA-anEvJcy9c~GZwX2y#AJLh>mAXq)k-5wMIVkZxq^N8=^gVe^#13A-~MB> z{kPlo_4YsH-|c_2Udg{(|5)=l<}I)uL;7DLe~b28Rkl1fMRoT}Mw||KH^S1;LJ^}l zGy8*|06$I#eli-uEDHFv4SWoB*Nij5oKmE{<1g*Mbl6pJ+B;?rBw&az0WZgSE!+|P zP-weIR-6ha8KkN>8(+>WDZWye@iC7ra6idS*gTxtlyiptU9vRzqSx4}_*+Wnb58l^ z-o;kWtWTxuD^mHl@qPd)z+@3ko5EQ%qW2~%tZa-}C}pI>CAe>Cu* zQvqu4FMW({rk?s3KcdVGCqLpQu$(^~GX7-d!^sp#otwT!Bgz=PmmcMw5C?wBubD;( zfmw=T?i1-Jp}6h{l`kYl!BE%`lC1#8QMwKZE#VeAw;2#Q&Ev(wF#f zZ+B5u-6R}eY5|nmM zFJ!OF@~GxqqvJ%CJE&LO4@>K?<;n-4gNd>Ex+{oPE2^+x^_A#K<%?0&lS{Y0s!?sw zs0v@oq6+S)B}O zun1kIlzXy3!2ZN{t&aTr>(>_|hQ=X_XZ%8@n!<#q$AC5Z|K`r_P9gs9&MN-fQl9!XIusLtPlx=f>KcC`4Xz#S zXUV$EuY$jjQG)1dWHGAVYWd?>vk~g%5XFMDS_o4VC4^OKGd_0+1hPN&nqA~mvHqn| znTgL&yZ$$e>wk6scPUSU^B%oauohmWTeu6w@YO- z$^rC}BAuVz^pCz_FZd~6|Mx6Qc=ryc{$m2OIT%3Q`R~?#;r{>T&dUF1DNh3#U5r1U z4+{)&YF?G*;B70vXtXo*laU|u#Pztz(J`+mA`0>!y5+b*U6o>2)D{VQ8`n28&I%yD zb(`r${gqKR2%>srD1~N$bE_NVX`;0z=V+%?;eYNqzk2egp8r32{Flu_{+I2|y{*;# z&!s%|{NKTP7T^Vx^XH=Hzjtze`37)iUlK%wvT~j|)VV|4@&E@ef1wp4GM=jSpAG%w zf(_X7r%x6kq#qtOE?jW)zz?g}%aFRRyM@6d|Oi{x_es{*CUuvtP-=J(-o5TH>~eOI6D zlPq1qKha2?MdK6(QEvi1yu^HQS|D!$%GgH>rCSfIb83G9fj@+C;A7aL{akyfjZ&oH z?+o8Q2l6?*C&pZ5G+r3)2E@f<@0i63MHzL9U5jO*Jv)z45~4>IWV8Dcb2lj0lq-&- zi$3e?{B24b&Xc8jU9V-`80>n5P-&X|{{7WkZphQu>esI?tiJIwc89-yeZeT5d#bYI zfB+>4WH;HlRgj-6`}3O|%&%}VC5T^7|Cv|6_VEpRfXS3Fu8*(pZZ3X3JugbXQ^|jQg!=LH z0$`o|x4FG(%YO&^TPyi*8PELkADllp}idt;j8$HkRNb zmTAVMwk9IIvnap3s!^6lBlF_Ujju1;T{p5L4uzr9|W#Qwz3RPrC* zndu0iPX602od0fZ?yk;%m-5Un|KXjL?1y(&mcNzA^-YLec;{KfExhv-;#QHEWy5L^ zGJ}0R!obXgy93ZW7ymCRj<*e$_j}OHr5};w4L5w4m9D@EIQ7YcUB*-QyVXu!*uebO1*$3&j zJVR9g{)O&wDgN}Mwv}!J?S7OHO3VBx)pt2e-B;jeNP+=SUzljE$1jjVH_riI1e&+1 zZ%tANR~y`H+69v*a`;m_BLXkvuUIcUx@CJxrfg|}&vyTu-a$?HKSG#fetIP(`vsr> zZ0&4sTl{}}YsLSU^N9G&B7Bt04YL7QW|y4f*L)+LdT~{g{M#L-EL1d%(I^Yxp~!p3n5!J{6HcEpjmz0m8jA6*?r6eUe}K2Tm2fz28KFHXZNkR7RD&XpE2qwRpJx1@7#qOpCjzs?kHze% z-4AN{za9T^dvE7pb^gDU$K?OL3=IJ^hZiqxSLj$R>$}8)(rix6K5b&~%f_64S29$m zMv+^A$^`YCYnqaJy{uj*t*db=i0j{hz^()bU1Z;1?F4f_)A0Xm;wPaWqhv}Kup0iq zd$4Z+`alK0+kdwAw+~kQe;Lm#{2Hryu<*;EYf%!B@ZJ$?ZY@QaoFx&t{!eyH7Dw3m zS#DM}#g21FijtC)|C|h9@PJ1{T;i2wgzYNo9l+z=DUae+QKu%TmnELdQ4;hsnk(t^ zQ3ZfbNuAv4q>;-pK#gEG1*i{cBfxqEX9I3}+CFyW4H$8hkxMFYg#~%|+G8O}8 z`sSiO%((-kFQ~W2orK0{ULyx@2cTPz0#$_%DBHB zs)Z@yI4}q1NekG8p~}Cp?BW6UIEbZ+If6vA%(c zh4H|HM41pAohO^z&T1bHqKOIl=96yxqF2)D0y-ZhROb$$9S=I{ zftY}GymduvwqUFsbHE5Y z%uptqlaqY)xR9b{$)PD=dF!pRZaCF%>eJo&>q09r` zqn{-#>Y^7VJ>&r|g!d!*lVpAX3(%@YMDFMk6{Be#&{P9tL!D)?Bnnm7+C8-$Y_-vA zHX>;j4gGBLJ`JhFO){Ur{-k7h#OKIlJ);z6;|Rl$$}x%dbCywYqEl#o?qPB^Gs~Fi zI5qCi(+=W0cA8f*g#4p1evc6e26UTX8wN`$J^#@0cFaZ>J8B&0OnZz(r(rJ^K3oO6 z_)Inqo0#?(Nx7`kl0zLOgmF-^zv}_77bBnk)iTFrrjc=Cs3gaPrIG5xtW0$5w2E^> zr?S>Xl!0|B^>vhl*8=N(MYzLig3Cpmxwa`P=XLzV&!TmV?5G7%yK*M(*7OQij|jYQ&G!yXDH=8 zC6mF`=?@mrg|Qn8Zf%^Nrp|Uwwq56E=VZ%M&IApfH7RDB;!dGc-a0Ex3c3p2_uyDC z?JD1T*DlHZ@(iVbZwqvKX0QjdHq*H7i;_~+47FM|+G?~p7NbIbFk#N5BS-|wQ7zj6 zb;4z^4?l@J1&2q#`=1Y6?Z4fA*lhpp_SJ{*ad^ANrUXCJJ3(m#L+)`kN-@cxKg?Zu zij=&fz~A{K7?=$;xZp4^VJ&cs!tB5bFhm56bNbGM-xLd_)TX_9nm^_Cf1Yh)3Gv@| zb`Na-|IN*VRsPqdJoWZ}IsSV77s>DzjF zed^`EC(r+|bztZJ+TPsTUB!Q2%2O}@IXL6g?jO!mM!M)J7jKyYSgGwmAX0vwSfbeq z)>e6#INyPyhFM9v?@Ft<+}Nf#D)_&+!-Z$g`yrni{=dDuyJhqL z?N$Dd}pVV>#dY6Vv}6L%Yd?CW9t zdiqaCeafKg>#C^g4hS+(dnuTLC3C7lDA|l%>Cj&oCj{&4FvLZymhsIV4#y^2Yc_W0 zp18QOOW18m*2yUnGQ9KS7IyboU4V@+(*g(r9~iJ(S2#W^gj~slbDXC*sP!wHv|R7y zfID}M=}7e}oVdtjHM9^amCGsYIH|BGN+$UfT}DYfQJZ2}_cy?@yZ)oAd8JRI{hyD< zZ?h_bb^71tuI>N7y}P-J|Fe{5imk_<1yksO(uy=qbh3t)W{F+Fa;FYF%gkkY0d`oQ z2XysVn2XFan3$Irmu-4>C*k*%_@qMsqd8@NPemtwl>Sr*#Obv;XaF+UGwzyZf6f{=bZ83Z}^! zzw`&1Uiz=`7AhwFuz0SP45YwYFC_!yQxu3f3fkZt$>W|!AA^20hDn8u$WT!{_pV@h z7}X}LXsW>!^{eI{2s-ACB0meag*SAw7(l=~CwG`A5eAq}4%KvI;pL}|30+L?QR1=R zkYcj-qG?tWgs+rns@~LOD-X`+GGsQ3)ThYw5*w0EF*;vqC_b6ghW)E!#4hTr&wz-O z9*am=ZRNfnrS5-%iAWC+4!Y<7q9^KkiB+N=mrID4mKt)MA6$HDwEq{^*;Kk$)L<1J7lm|ShQ|fNsS3cX zRzkcpw}miAZhE7jqBnC0n8^l+cbYpy}O0T1tZ zz~cuY)o$jw9Bjg@63tom(3}^()X&^&oquK58D)x|z-O8w=)fOFVd~0uI8Yr~D zG?y(^Q}X1d;jK%n$?sNhor3?*ECtr^|DDZ!`}}u%XL}|8E#+yz|0@>bv=;##(U=@T zm@K{XTCt;|2C9W&N?6>bNOOU-w~1Q-6Ox}bR%pcf*^uOC3f!D{N-zt+)peOr;VU!5++D61d~P$|AZ5o$yGy7{)!XBGzf?-MXA^E;Q_h8(g-lBJT%R8;uA&!!E<1tJKn55u+eY`!)TUR*g294#=N9gfTp4MRH3w8NH3J0c!X1!gmX|+K$w@70?ZO9 zDG^@uebUwQeLZgZkEL=P`tt~V+EaV}vs;M&wY|4G|6j@@ViAh*2Km{(Oy^2J`*94& zAi_XSlfxIEKUXPn65iDDbn@SaF96_r^&z+!K=HR!ee)Jx0H7(&ysWN8yDG3lDOQqc zw#6c>?=?q7&OR;Af729uD*vSBP<;P#?HwsNZ@&0X0Wv3@hZl{~m&EqU-0$^2vbx5<&Y+ijCfS5Xg0 zPLEl91CM9^Q)%QnrCH=mUu^{?jsoZ@f7raB=!c)Nz?Ehr>}`2Fw$kBxvr-~Ze?*xTD$@&9E!2LBg>y}&I%K>Q(g0o9iUZv+ljZKOaEgJSSi$9FfI ztzhLYAUf9-jJ*bx@_l5*xxa&_j{n1CJg@j)$N%>a_ALL8t^I@DmHfYy$Kd~`$#^kr zA131;g5|S*JdxbLA(K993>GHi1{Wa*FizQiq@nqGltPw3eTKNvz{6;i(JjGa9ri@t z+ZJc^Dp~y6gNwzx4NGHJ^0g5(uGN-7h!SQ}Q&6~f%0&`S*p8DMy%VF{{fyQkJKz;A=KNoH8g`q~(L0S|D3TRZ`onRrco z1z$if$}nkhR2;d$3RXrwsSPV5Ovbld`Sn2tdvtLR{Bh%BTh_Av#=sAwj2y@5z;Csh zWcgwKV)-=Izd2R<8j=?Y67_&Qt{ihv=PSv0&J^?K1K;K}v!1;pr4yIg632*q~G&0^-AaNdAD3G|Ax z9{a&YxTGC9S&icvvq*!v8YP06QK2N0&LJUqiFw9(PK%I7iI*Yz`3!EG_1oql;Wz6H5%O$OVx2z935;Y!;W!f5rqxmV?%9=wxb2}myLXsDd zccZ;XthIpUhMswk$YA=8h{2;;EFCyD{wA{8A+H=uTFj{^(s6U?axex;P$$LG0kd> z_ru^QPDMzx=T@O|M>l*OBHe=E6^p1ILie`P?iRiojpfpm(hWvaoQg(>Me! zGpig@ozUXO<-CU=06#^TcnaCtUKLfR3M;c)qk9fhvw4mBB`)c4Zi{YgR??Z#V)d!A zq0kfwb}q^$wY1XZ`jv*4+vVmN++G^U|8FBqp49*2U}v)+|L?EP|CaI;PV*x+5MjWMarid~uBzAFywbtxW)2a^iCBZ@n)6%uok&+ zx;2ePqa^w`g2G9q%00n>h-+8^F(C4)KpcBiy&t9{LN~_|iQ+KOIB?_JB8z zLWo?(!@%d!bu`jAB#r!LKP}HNn8hIICe{r1?>PeWpJ~zzV;GzW{&9H3!ixU~MoFb6 zsFpp3!6=K!L;&anejJP_7n~(OzY!mJjZuYS6z6gt`*8DLwlJs&c=KOcluLVM-u#yi z<^8+k>t9O&@vr5u3jJ0T;Wf2}F5jQME^UW>oTV97v8}T~Wx;khij_6pYJqk5kq$Mf zCQQmB31+V5NBHygn+%OoDm$k>ruz_`d29*B}g`ct(I*LZcb&vQ(s@5 z{dRgqS?lpnXK&AL&Q7m6*(Lw1*l2`Ph~{U>!n8&SxIQ_4dunNY`60ixnENrh_haDM zRJJs#X?peB+4b2^Z%^-DpZ<1sB75XffyryK1BhvM)&tonNus0=e9Q$(I*Hgy79nWY zHv!6I-uu=DdzV4B{s2tIwn)Z!5y~{?l5aAdY?K`1_ZVi3v6L5K%bJ#Hf%QHVh1?9O z5zS~-vD7$}=|Q}|KE1k|AIjViC`Xha-pmH#&DF*G%e(o(I3biwGK9#_*K|r{&=1){ zy0`)%f|yBDV(x8#7!rW@b4>(ODd-_VkAMt(0(w}2U~;56^H63^B+<|nZ90k}o?rrp z#kqEl5?W*i0$lIkU7a4kzPmVo`_H?piwnWcy)CaoSheh09BBJFZAZEGqZyBiF7E7Y znX#s1cPO#eFk?|`vF4hEKXvw>Xz2IhHH=|E&_OqWyvx_zUjUugo>MLd%jxSLh1(Py!qZ(>2FY5vCtapycWd<=!NM-Ux zS|NhEmCLN^9mkLU1XKM0j=n{=>LNit(mERyS{p@Y zga0G;XcpMVG~*Q5EiEp(GTS9jh0`tgK*2QNtvW{)Ewg_c+~btHTi(l#kzjZ_rwSc+ zmTlO!dX-~fQcy>Q5A*!Q+y7^0YbF0J9+^5W=76$4|4+~9v|6V@CR&Q)x**3{y1&)Wh?YbLLWxD+EOzl}~iXL;F7cTV%g_Q|>{R7v~&?SXK*G*yc*%!@wN-Mw`FG6+swwn#P$Ym8d0_)7(-F%y0geo>$b`^^R>1Bop z3Q(-uD@c%*nJbLysi-S2m985UkRQw4%X)qs-}}MCYyMsBof4;(JFJ%?rJf&@w`KOo zNlR7sNOaUqF6-b~a#MazY*1cgyEX=cm69z92su4QX$mt?XqKCSG!hOFCOJ6yi-GGD zt22&Zl}tu)JpCf8+JvkM=81Xt6}TB?%#(-Wa1O~M${qkpHb6u`z}$DRLJ#;Of`&ec zs75?tPCG=@jtEO`2vDz=J80xiW5W)(hJ?s=7%=!LjiVqUF>_j_9S4t592>P*Z*JJG z;%5+GLJI^whM2o{C}5G^Vz|Ma+~6mFn8t8}&b$d4aaUp=+?-r8)Zf3p(UQdYZ&#f~3P*1J? z&o|}Y=1Buo=l`*@vtP*nySuvovy?~X|B;SpKlwNc7MBJ{s?YW;n#FsbZ2?m$?Zs9b zYv?svzH<6YA`=rOFF9!)tEa6&M zF05L<eXp^K8Y+?vo~->vn^JV&u>fbT3=!Y?9aU zL=CS6*4GNdT?oF>eFc8@qnHBB^}RTQemDWXYCQ+a)MpKkE4i+Dg?yP$An>AAjk$Eiitfdv_aB` zoyQW&QFVA)7^FJZ8<$PwWTPT@9og)-~Lm-|D$_2=K(_u()6xNSn{1;tWwA%-ROLczTG!jQ+m_Up@;L$BA5`WWKN=B*a2EqW` zSiT^JRYjUw`dJ!y;^e*Ma`H3maBLP-b8VLs1g}_?gwPC-trMVa3L4BY!pd_c5p$)x zYT^&N0Bd?0WK34BTZT?DOq|zk=M1PpnP4pj?W4ePx#GEW_!O`^g9fKZPd{ zJF8J$Dw=tx?EwkWYZN>@XCL?$F;6Ergy+J4$zEl1;P2oCO$Dl(Xb92B=~PjPrdp_; z!RbqIt=R@Gb;}kYfkbkFf@DR%zf*ZK@6n>fN?WRAW%6IT4rhZL{h%$Mzk}`Y?x(e|EK3a*KlH ze#wRAh}-dA!`Po(!vG~Am7VEUJIdhAAcJ^-;*iSWqac77>#s!fd9@T~5ensRNAMLX z|1u;DHy(bNqf)u#J<}5`xTFV_Uza<>y;H8G7C;Fn3@hr@%F~7@ z<(Pf^NLO{kQG!;qC#Y4+{!FXbJ+P|SpJ^3yf?E~LkF>Zk{jJi*H}I`og8mafb@snJ z*2z=d|JvH#+1oDM|Jqx{e_hIBh;LUa=FUPSH#K*D2&ql$&7uu~d8{K_9{K`@Ho#qq1^GqbIT8e6RQCjlVX;e2ml51 za~;XpAdZBSG*5A%h-e~Fl9H|9`yjnRxRX53pi*|fqovuMonG@=51nquxZ#xw_Zx?g z{D$}|_hLX{*Wq!Zn>U$Xh5I5%wby)Q7fMf4u=}ouu{_O4VfvSnRn|n~XH(AN4c64A zAn8ojTXe30Jl%=8)>UIDD@ilWqVy4T&3xwB8_(&IJ{`xn1s|AOSotjHv*k5P{z8BV zhl_&&3`a2pn{+F4q_>WGpihLMW84Cp@-&9szvih0=T9T3O-75WRt$q9h-Cw}ZoWSY zH$8~8(4Pc>p-+MV@ImSm0<#7ABhDg@PO*inTB4-t4_~)4ZqZ}6AETi>IOKIosmu3= zfSt4*cDotu!%thAthsL1eZBh&8l82wa<8uLEAa00U1^2$^UL41U+WbZ5`DJx6wboK=$h2TmM)yJtSb3q3j**m!qbkw|*J>Q3B2q0{d)f!+r;BwKl-|&oT0e zc(K{pqp#jYaYUtm{&H_~bJ%hx2+NUQ=b4RR$ffzy?q&C;`=Sm04TWr#in^Ck z_a^GTiMsEi?yr$58_~ih%25LDCv*vkGMn4Gw9x6N6eU!U7O!`9;eN~X15wk+b|>Ma z5q)SmB(uOLu#Yl5<+;?hJS~0y?>sKAA7cdkFa#dgU_8KGGJD_=f=53gT(ISSiR?~* zEf(djA)3Z2k(j}*t+DNVt?|fBMX1j0QxJkEhXaF@ZQH9=b)cdbYj(7adAnovsMtV* zy`ajM#~yh#zAd*E;zXY{HXRD?IJ%auYFcNgO-I2(C>Jlu$*Cev^4)v;fLt zFXy|Ll<-X#aSNO}&bgwz^c|}xaiYvsAfgE=M*A&ycDN>|8}>Z0Gj`IQt%u?mJ#0&yJMZPa~~cOg(t9-{8wOa;p`Bws&0=J-%N2*{oIz;Z}X|M|JwojXE_C^vHu_J z@7nR-wssD7SN8v9Jci{gXAjq6*nv!(u@JG_noK{$u|T0u3q2e#uNbKW5*`n=?*YVf z@EEfAHt05<)7HuJPZOfOfNIki(=+WNq5acC9@cJP1O%H zcwm&u;@(>n`0)T?;_<4n{4E==X*A{k0^5}#@KgUjiX#$1c6ySVmx6pwe@;Gv@6amJ{xz|X#?QHts{7UHHKk^QVxOs)fmUT+B8VACW=@VttBUNVJ@9( zSMr4Ko`37TTl6t6749$d1@E{LDoyz?!x1JhQ9+@!H|575S|L;Eg1N(fZJu>rv^>dr zy~nAIstbrnt!#BvbEmbZvdgw2(ynVjyjDSPWG4oa0Ng%ltG&{f*hXBi$`FpD02VE{ zYhx6TME3gWc3EEW9U3L16JZ%6MlC0cDlR$|aCH&BA}xlCa&9G8bW&-zXFcEp@sedJ z;qe(*jEEuh6A|db44yOaG4K=MV;uFVBFstZQiSbAGUEwM(_@E**~kpY&5i(SVV2*M znqTOv^dYJ4rNrQ346`f>g@dkkBd~Wz2zyxR?s0fyg;07pF85mn-7I4ccpakJEKuwUh*lh#yVb3wr`y<6+O1P;<=U2MX(y{BIejOxh{Z_P|%hY_^CJv+ptR&(xy9f zp))3!!qwnXjMjt(te=%#jS>X6;d1b*H&Qfq`l=z31Zd3?fD$p|6{aO_Vom3^Zb_JVX6rzvnAZdj(+fkN z6>5p{pYqBh>#EQ^C9X?m_yUxXE5=D1+9`RWy`lswB4sjIjSZD%KU>zCWZqW_!A^`G z!Fnuj7a8wc{FvR+kaD5=(N75TWVw%$5coWV-~T>hwb)7c`RUEwPiN<^@2*d;emgs{ z(ygxfVR#~vbywNLs$@-1Z{qB?lT%NEwYLM=n(65!UV1jBWs|&Oi#4aV=ZB%frCii! zAm1TOjFg#F&CEtgo>nu$;2sA42t%rjQk|0^5Dd^`!T@k?eGhvmg8)B9Bp5_VpO*0x zLgw!u$qHZi5-*XcSyeC0P(kyK2pqbkVYBUe(HO_fw8!8r zd`)R`GVPDsTSBc2hC(w>Bi4JjUy&XBxiga!5p4i7DX?h=d3)7e>=euxO#;!gZiNu0 zryoat%r~|7N%T<;+N@(YbstAb^pWcAt{!TFam6^g1ujjOTS!X3sh&Fj4+67cl*}6W zl|OayU$?gQ?E9a)2dnsROL@%vzxiM<=IBrZ_(L2P8vR-H@t{uqTj zo|nIn$yH6K+=3}yhpO`=RtlnzMUmqU1VHb*; z*X}18)cAky9qeq{`~Uv_%KvjIkFo!2gT25k za2nJfLI^PWvuGh;jAFjnTz8?@0u;h)n2lj})=y9d!@_MHl=Pzh&`&+!VHjkPc)%M6 z#CdaP|fMnABZn z+cSwpPhZckI+yq)@gZGL3YVaHEW~T#6WANY*N|9_J@UG#x@|gSt6j~TE{0hENp~Eu zn^<(hVK(6$;rUHeoj0w$9Dt`^%P#3x$pm+}CaHz;9lBptxLWZpwTo_1IbSf1cKLgE z^#wRf32vbiTx&K5(|tvyU^*Y{drp>Usvvo6@@cAs`qWWhN|XyHI6S&{0u%420ma+T zQ0n)k`szY3FW^#CbhERgXH_PvOP$F&9n2J*Tdzj%l1r84WPrWs6Y#p83!`c)S_w)T zBJB1$@nwoCAM{Z6=w~6ov5yDfL$?;ywKS)wy|6$WIKV@y>Gzt1i zv3JTXq|k7&16JBRRV7im^VEE_O5_WV6_agPrQ~a1^q8Af3Jisn5kKs#d2Y^Y0V+%~ ztq1wrYS5o6;wnrl&>H)pepGMmfGo7E_0C;9mm@pHx6_HoC4R9o`J*ENlfGxM&0TBI z#q~?%#kO_G+r(8|-USxE&X_77c|JTkd3>x;k9vH}Q~F+{26To6s@+8$sO9rs&m>wX zrtr#3d4{J_mH*^i$XLx76T4=gceEhaW*K}ZM7iqSAQex@VKNWITCff&qLd~Y6DXo? zhSVxv9T6F8wa`k(am;hpinwnWPz^psA?|8U6m)X&>ULd~6m#f5K!9O_Axlz86$3{C zD94Jh05WBzTAwi{m*{FCeo^-oxP}A-BTUc`uoZ(6=BJUuY#3q8ywgj9E9t72TVb&P zc`X;xw9uv2TEVbfU&oo5x}xKa7oFUeyX+rlPbZ zxUC2eP6ZiV$+jKTu33gCt8|87W}{jVvk8M%)HfAB`~%&VZ_5P2T3jjxTt0C{zWrkQ z_0Lws@iL!A7t6M&`UO0|Nx>;=O^#YF195+qT6pD=?W(;#_z0TK)}3NC8?lZa^qmh{ z!4smCfVuORfmnkBt=wtLpyW(F(sbuy-^$Ui#nO>K)0ON0bABPFIy&LH-CHrcT8-^& zCV9HA0J~wubq^sWGw(@$UFse(u0}U^mQ*^0LDY+as*IRxJxGE946jQjxYYqC&Q2TH zRMtc`Gn|+>qdK~AE{@RW&uZ#(BA^OKB7mF#QB@CdKqs10s9l0yamqqnh(ymc^nSM?Dx!f*7_%s-*56 z`~-uh=fO4pUt2r7Th{sS&ffki{{K=Q+m)F+DTcna3rrU>kV<(U1ejZv(}s5JmU;YZgJJTXuU}u#QY=J2 zubM|mX);ShrNzXG-(C46P4mpk|NB|GIR3x4WAp$0&CM16U&dqbe>$j7!vCw%TmC?s zfSyA0={JG0U4UIMoO27HFgX9GeX8OAx`CQCZs$Rk2<1DMeNAPpfHZ%@)9UiS*NPMr zyAQ>YZaK6VKh9$nRy#rcGb{fWDR&!f0X6)8XY;_$|Fyfl^8Z}UWAJ}5s86y5l;>#v zfi?iu$!Ass7P|$|UM*@1kY#)_pk=(SK`R^#Aong1`N5xT*JxK3|*jig&pe4ntCeE#(M*0i!hK5o5~`A|(9<`XS7)z$<@Ii1e9oA88ed$8yL~j(##4 zeDQ>$cH!}4F=`YACb#zeZABaabYH041&TflmZGtq+lI#hQZ%=7#WeITdhVTT^(^9< zRsK^NT>}ZQR{uY+?Z3PGn=AQmDUW&oR}SjR2r#=0sCDzlvILM|VN&2z83GjTSJr@r zkCXq0Fr~{O2_lHQcR?Hl4+Av9@GSWkcbJ&&B4`c&-`(H0_5bbN-4*{|$|J&S-RPVh z^kD)s7F*t@!f(j@EHQpW89%Rw2_9t-gNOj(%7lR*WC&w0N?8uSE({|c^-OW&8fL1` zxlTUiI`S5yl0Ty!kT(&vVy07{?JGX^vxt5-y~CN$MIzkUB~yHf+d0@EgCX`n=L*Kq z$FO7jxrg^@2FDQ^@#~rhJ&aP|jkkCJbB4E37pHyz^@g3WP#jJJ&MV++K)v)a!;TK* zahwkP^U)COZ94orGYI?)0@Wo>db|M`zAB7z5`qv0*(4=Kf;QGI;||#8V|eOm*Z}lZ>M&pQ5HMv9KIa? z-**;y#8ke{&ySS4SvF;H9x2F-Lwe8bW(^ z-vy`v!-Ja63o3teDJL<5$;M_L^eE}sl?6Ej^8%Coof{yV-0OV$&q_5kOk>Ehn6MQw zBN#eiDF`-^4H!ak${^iRnP(;Ar(pdA4TmrxJQrpf`xCa$q8L&!J3v`Rbrhavk3>no z#b>D4;SQMt+Y88U+Vc3N=gb1cE`+?G42d~n6geB0g~hbsb~HH$<)>eifzBART#D8T zL`h$~r-Q)Wjk1`(qV!~M*m7pC7=0>T)~1&YA|a2OHe^oa!=n=Av`*0IfG_NB*+2bZ ztictL-YIBfpD9ccIm)_3@v-H&F={Kuba`G0$7Z_k$h zH#fIe{(nn(DvcW>);e(HmPkmiZM<0Q2%sVF0`+iHI_WU}xTUZJn1@({GrTxrMtybxcUWW5j54 z%9r+f+Ke}nK0~Suh4%{@Hvw%ma(v_jIi76nP|`<>8#@kdHFjd`I60nb>`JW_vksrG zL;m0+*mw*zx%Y{N5u-R;&;U|UKm5=&95_mgg$~(T2Jt8+whPKR&)UlqIlYL6ejmzveTRTm zI*B8gkTd$_g%y3AD(_kvNxv3OIG*_gF2DyXc>;$?X)$V~UOyvJTn~^2oE)=@tD8gM z?e84?&3mC;xoHEhdmklTJn;ChcEJDm!ho`G_dXtg|NX!Ja(eMIZwdwj1iaHvFc^_2 z>4Vol0Xn;Jr_7PLCL+_-i_iV&JXO_o8Ho1Q{}jQH?iB5h;L8`s$F~>9 zug}ikfGdh5h%lfWSXrih;!|!HC141LD4TfT_V4sdqFQE@6RTNFK{k4MGu8**&=va{ z!f=D~INBa%q&dU%laM6)fn2`@q0?Q}ZeI);#$40|X8 zTbp!YX)OSN>36WTDPHsjW*j?%7>%-k7tY|v5yV7P z4ARjd*xDSjAAABIg1yam(F*|LXc!sgb~iVzl7D>@$^GEn@zvS!>z|ggBZ%Rx-xDNK zR~HvIOWPVMv6H5T3?Y*55l_AyFm5gI7*6oV*bj$M0@@?yht(c!tI3p%gjZWJk|i>di}N=Z%VH#acpESh zfz<2co8zC3uTKww_xW?dz$gAyN9JF@EHm9)Nb6x%sbs)~Wv$wA)Pf+dkObI?z5!D$oKSM-e1Xwrp*Wi{>l$ zu@6@Zb}0+?}^Uvl!RClvc zeR_3%{O+^_i1L9eR9u#BP)>WO;u)B*dz2HN8#^Wt+ZGJY`hrmwgLa!;MrgN3 zm~%S^?Z0}5<_As4mmj!7aQN51{dK2HJKmKa*!=nGb(t=~+#xmgDSLU1;tW)qDO?QH zWT83}&Bw9W*KZT$UNoCH#ZDroW9TWuq@Tf+`Fk0xeM)V?(iJ{`wywRhQ?kP&^VCco ztMHSjB<-t%Gx4dGnSB1tE6T9)6*tP*oi2(F?({}+EP}ObNaTPF_iJ`a#C(a>cjK-s z$MH2J{07w3?;u4ehS>%n5HqaRE8vg)DCVO)aq3MR*o~+dO8pHb+&j`l^Xu0(huh8` zS)hA-{eF?U4NpbDa>h2ju{5MQYEK_xPZ(kcw>JLY_-gizlZPS~R6lJ*Bi8*Hypt>b9Qx+@5~!r-A>curtnh`K$i^*Z$7lzUBY9 zb+EO%|Fx8d-T(T=ZhuJ!#j2}cZYRe1?tPio_HX>smx*lS8(-RW_}%tLOwF2zj={N3dGKi?Kw zU}tWNfKETZ{;3F`SDUqk>PvsJ=Av%=8SvC}pY>*)8`_mv<`SY>_Orm$E+h^b->GxK z$ZsRg2WPfxgJqCryEAA((=Yoe<}(W*$u-2SLC!&D0aSi(a0&oy;YuicZO;r!vh{Ui zDStaR8tpx_c%9L?EAnD$ftmLd)l`tL*?6iujC^z(-iNgBQs%+VT$do}Uv18J)fYa1 z+GoKw^8#W}7IBSIPJ#LFP}<`9qApNQ;TrQicPD>@r-}a0T@jv4|KHo&-7Dz-yIU*$ ze;Lm=ss9Tfm`eTMc@b_-{oiom`PTJ+1KA&3{}&hY7Nh?QU`y5i7t(b@#_= z{hv8|ISl|#MOQ$sR1-_w<4nC?hpYp2nHEfdP1N{CC|HICZb@LS`yNNpEKXu<6(=#a zi`VGE0qDC$u^BU=!wSdawh=OnR^b&Ww6+38WeIU=!L*L2oP=e0B>6 z&DGxm5E5engwFn1fPAB|cWiF&&{SRgyHZnC5p_7t)k~$Iax$v-l%%D~XN9g>tLM(E zc8U>PfZAzEiAz#Db+PLQP&*swf9yux?Al*_{Lh_(U0eU#-CpT`OL@LU{f~zgs?z>k zfrsYP{q#$?OVa!rsA=K-8B+o@zboE#_J1XMexXG5M==53ruPl%Z{{`T26_sMv=Bzj z39zK|N>VpiJ&S;yS8ad&D#=6$DA`7w%P`2~XyNfh5&`CN0b zN5JzOsMl*)&0>RUaRsXND|P|g6&BReffztr1Je3aRCd(N(|}TmK+ahW2?o&(PD89( zcj4o@D9uHKCi*_B)?z@KDez|z!YnaAi%@3ME!=Qs(=6OQql=uvQj=wRSfeauwDO$~V(zGz)oDakNqPe+&FGn!fHt-)nEMMBwK>o)l&gK#S zYxDo@?{C`j|MvdDO8#HQ^DWB%{E}6L`0oh8HlOsb-K8oO{%M)TiT^sZX^(z1Y%Pe( zKGHF0VsLSVO|BN`g@s~Z+*GSMgRv<#O>_ClNs|^A9qT{8`&uo||MhQwbw~NH3D`f% zV&hDscu6s*Pw_m%x>Q*&tg{M>lGSryoKCu=u8?jdL+X%b64eU;W|7nlAcEA>%ho!S zZ&DmKmXS!hC`YSK@Ljmr%BVHJ)M{)y%Mn_0PX1gnt5g1iNtmK2A>BJa3^Rx^#B+py zug(9ryLVv9e_IC!`#UT7Zy66`BBx@!K^v$6pC|X9oIf1}&5`m?CUGmv{KvW6A~OAn zk{D*=D1clNt-j{$>VV}vGjlRO%UG$U$Ag~;-LK=bOM|)ayW?_iFU_#;v-DKEYiKBbdfNCZm zEbWip3z4MJ2Ol_+w;SMoL_i-AmYvY!ow(?g;ch1=WIx&yIm68h^2iGOI5K@I<> zqdOPx|6ld|e|vXt$L9ZAd)q7izl_J`|Ce;Y7sC75)cIcdzCeD#Jb#S@>1Bop3J~}A zT8|@4C?2UNGv2d*^61*13;D+>YFx;4rB^l8a4N3m<;#MarvfDgPxMX7u{}SI@BQFG zM7f}XEu*IFM!q|U5|m}jN%}y*EsLIx@b{uJU1DoRRApj%y+0axEj;8G zXF7hPY}5n85hlO*SgU5vK^=Ut0X{Kp6pH;5TdO-4y)%KoXhXc0EgA{?OKIb$ssp^F z_CoFJ8eP7C7(Loh8>SNYq4)m(Rk!~$*{pjff6gih)aieFn+JCOuY>)))&9SX$Jqa+ zEUpH85rP1wK=WVUsYFod#Y!FgA=E+5;=vzZaHS4@-&?-%xc7f4@FWCgJ)g<|V?T~U7A|$+_y2dd zcZ%`<_E+~mmhuSB$j2L~0SCXS@t#W#uqRR{pGQg{sNDUlc6EY)00#jX_(W!{!fdmb zZBsTYI>obDj569jN;-|?fXW`spyjcEtJ*Hjw<8%N8LXSS7?nP}it?>iQ8&zWs^YNf zij@gTQ?95K(nz%`!KGZu)GH4VCK_Tz4Yv||P0cj`HPCc*B%;(G&eJxnKSPrpGD+v^ zvjS4p_!=#s3zp%4NtT%SBnk|fQW^o2fZ#-!1Ds>ZJ zUO|jb$ii3ijj|{`PuXh?*e!?>*NB(P-%j-UK7o(^WPa2Hpy|+4)c4@{Roq6a;;pKRl;=TmOml`y64^R@4_TN zA>{XR2;CNG7as>GR_@?tIo%iEr(leGFo!R(Crnz}7D=hcGAr<_1Zrg51=Urdyx ze+U5TKo!5dbp`)WfoXwzAH)6KJQI?XO1{4MDwe-kSyzyZGQNl`+WHv$2bNsXy;Q#d zf>@cS_Ss+L(`^5r$NE?A|FOSci2u2}+W(jHEM@G3Glt|GRWA2f$Af zM7W~JYiKVjsy&^oFsHfD*0>8>A=l$rE;T@#1%exuXqZ0nr*Q@u`l(lFzsdkqi3o3A z85-$Kh*08Z6W#VRE-^N;mMb<^aV+}4w^d>B%B2Er^Y_$7C3lsU%h0jjhYs4)2J9og zDM+A=1+#LQ;FhlzyZL|8&mhL#J8`-@tKuh~I{j~JtKk2!xwpFizm%t%m+^Vfx%Yzy znD8sq(|AGPaiBPy{9EUNW0+-82ssCoKXh4HrumyGF`z@c5}JkHlu{{VJ00z+zWBs% z!^#YW>*bh?NECPS(qgyEMdTXamk#g*?)0C$THwbq%sk+o@d5FG_W&vPl0CWR>y%5l zt(I={6k!ppSXS^;D!a3$`kU7ft`d|HLKx~^8Jgu-ql(8P)#_Za`wILtBA^##n1Ema zg9loVdEtx$s+Fc$H1xAc!Qq2`rc`F!*K$7*{D|Y+(wskZ9a%$@0_(_zlxxaaPd2{6 zZmFwTrlDfd=}4Q4mQ^$6v40h4x^=k0|2wE{#lA0`w<@~qHmQ~yyww_1in5qtvQ3Xi zlIrMwE-tlI!l7D@x)lArXgRB=?5W=W%>&+9MSz<9e}8kk;QznBz4HHG%A=V*u<((L zxuhz2Ey{8SJ{~+VXWNaW2XhiF-iuOVEH**5dFZUp^CXkoY?VkSmI0Evmz90P<3Mhm zULmTB^+k&sQSS1QiyGZm;CBcH{uqK>ZRD;kD2XRv3sCJQ!aS9=y)7%uj=*|Fb6+SB z48AaDz@O>%Z0a9*KaPqjkOfONX+hBToXTC?s9iW`HYLUqU5n2#UBluiY7>|$T6E^Z zPZ1_w3C_ihQ+mfXk@$E~TimM`_+%gTDq??@gIN^*^uk;W6f4bZIVcJ9o;akmdFXi$ zf$DfIQFT!%pY1R4c9qNCzAzWKnpCBWymWcjv+CIhs%Ti?){O|s z)O#3S=km^6CK%_;FDzAO(?+aDrWV^J)Ep`AkAAI1g-hp`Yz*`$^OR$pU%U|aa4bnl zyBlGAcPh}9nCei-jV=k9l^r&(YZ&ocF9cn)8!9d1d|Tk-<*2nPaabwyfA*(Z|DW&N zS3cGH|JL4~eg3<3aB#4)|1aec24cRMEa>!C=>3jU-+XVK>IAr{{}%xEbrIP!{=V4( zt^@rAn=G2z0~(yiT30ZpRqo0!feih0o;x6==4er{a9g#^N)f}vrpS7q=zzA&UeDHP zCUnA2e!ycEK-#?C{g4Twvdx-a%A@EFur{vgXWQ1@m~=EQC>hgss-p|jK9An(fwhOq z69o61Q&(Zf#e1-`qE#8iVeKKGY2#MaecFoia_34DYx^YjF+MLG^F=}8^2jSxvcy_L za-=Xk60|WvX-Z}7rmCIY3L_I8hkFP<r8i5(nLQ!`hspa2s(h-dw#$$-rL1MG8qW4mw(* z)2YeFD%ag$S(8~>*)$ammd(iZfsZdU*o!`?sNo)mF#S%Up(v*&6`cq_RR18r7ZUIK?=?wWab~9W z&B{r^BqU*(A~*yk$7_=RehV)WFTNy7iD!hWnOGzqjRx4=X!L_UeE*P&yBo0)ZPLxP zi^HO#%?Zmce+fFW%?Swf==yK=C5xZf4@*xdj zj4n}Tiz`JIMe}ZL5|djP5Ao+qcGkX>=Wj2`&@l5Mk7+s5N1hmjUuEASCaFejFTKy^ z=*`6qxVgOe`K3*DTVJK*mRQz)r5K2&_}Y={<+kM7`fOB;+?wa*me^X)^MvT?M@=Cx zG%lhCX(-9F2kr~(!(KJPHig$JTHRW5ZHZ_fv@6K4RbOj+Id%A!_&^F%+<;YQA`;Be6{T~2MHj|%nxpKpd}a9p?2t64 zH^LE<_rK>FCXiH+Tpb=4!TeS==e0fY#MCg)xmk`(yi`2pLv$yMlN{_8eQ;IU0F1g) zDNe36VNQ}Nit;+KPQ%5(cp<^5CSZS5c|ANabk*1L;;>(xwY-k}Rnz_M@WDGMjy-+s z>G{|6By~J)pYBu0>4%uv`E!wUNmnmVA$?h1aF?&Wp#dd8d~Yf?uAc4nZtDch%X3S? zFUPg(cd(9WuyzvCs+u15n8*B4YaF99sS?T0c{(gdF1|=2eW(gkb`^eR3Mu!&RV@Np zKNx`B9c$Ovq+$OD@QQt*SY_?w)_)m-(Sv6Cp?Y>q%bBRBZK-Ba_O1HbRhLX+yDf}% zT81Cd$Mm7Fn`Fx^RDYl244J19Yxd6s!XNCF*Oo$G+Fc?26oC2y_mp_K&<9onC>$}8 z?Lkr{CHvNwep;!$|HVm;CNk{K{wGG#U&91WP)AGfCjYO)BRl`=;mPUo_WpMhr4>ih z_Q6ow1^oxV&^osdvHD)rfv|6T^j&HPxaD;kWq^v=staM%&WE{Vu4TLiZ92MJGM7yE zW^x!z_N7$1hozWmOv({sO?kEZXlaHQFh_fL=wUCD)%H>n9>bNVV`v00s~Fque5u&{wLNydLhAr)`w0B?5PEOjzEc+Yr!F1% z|CG#73MZ(uDOiL3*XYcN|8Y1v+Q$FbNa;+r)h_6t`Kz95$#_v|&z0@ftKu)e08n1a z@KagQEV#$f1i9BgewONoO7)?8ja8|y?s24@<%>g7)#LflW`NJ*Y#=llo zg$8G08U)WPTQz8zI*C)o5M3j}lvq=4`X#vhN$Co{Tije2xt70x5YA8>LTY=fMTmxG zkL*c?x%Ns=FrfP7Hz30oTBSYHjEE#=fBZ>hM^~ZUgRH17q^t%uz;pDr=dZU8ZGVeVgus`l!!Ah9>CqJCw#SL>F-kf`9(=xBnBEwF1i? zK34$STZzBW5TJKr^dK|cI~}m+M#X7{#%4|a#CtVVywSG)Smob$4SO`tNT=1cyl@un zr7b~C1LM9!wDBA4_%5{hXr4=LV*oa{(mz7o1U#kt+)siJwkx{*0`d&c%8Tfh1|>S` z<)AV|gN{1Ov%tQ?{liG*QPa-4as5NNSv0nDGh_&ILF*k?W+;a|y97G@De%SlG&X)DpAc5vQ}icwiH zaz$9|lIS8lnL3|gcUVL}0oWZH9!vFmS{YgEp-Ewy4)5l-C`(X|=n#{AoX{L5A$tCl zK1)e7jPV$S4`GY|PQY%8vKdTJk`KzS*Axe879u54g?V-fn--~sjn20|8~7<5G=QV- z!U8a?xC2`O;VFssXc1_k1lK0)y5zU|DwjN7?fP7|dUHsjz_-a)RvmqwslcqfS9g`Vli{pMU$G(A(MB;Kjs z*^`o!9rCNqHBNYVhaP~OvmC6qdDq@g^{NB)o`*WCK)WBDpR^`?UM-}sdm45(c=AG| zkK5W1s+xHE)u>IMs&Agc*~;IruelqYwspU%0I3&@XkT>A+E+GS3tsLP9gM=O0IO%V zlFH#6&1xvSLGJWJ5^Kjvl1*9K7$Dvul~@m=5f-$uuy z15f_9t^Ri-r8CQtyP$vduk5&%iK#k!{(v8v4pmnSt5$_7RXwOtp{mX9s7{SBpF0)n zN$%v0MR`4K*^>12%+@l?{h{}W^$gonF(Pj?Fmal5r7%5KT2OtJ4EpuUpiY(^d zeNhMKuIx=Q!yzX7ixG^|DI5hLC~J#&ruO}UuzoJ#VCNC~3}k2zQi>-crOg6nn0-1G zcFG>W+($#+v#Yps+dgm8+N+b>{{dXHRpJ=lLlKy#bqJM5H*s!r;c!4LZjfi@?T^1E zzZ3FR7ca~<`#*q7o*N86Kxh0;NbD_6=(#6Fu5ygrBXAFs+!GGm-J+&fi2L4*Bqprs zwF|9sBHf*A#w44;Ja7JF)H2{mV5^qsz0oln1isA-L5XEd!2~Z*A_A)OfVl1+X8l&K zj6Ll0>grW{lE-%U0+nYEASYmqlL%lRXk15NjPF1Bs;OS zi^+ObvJ81*eEV%ZfiEEto4;9$s2~1i_$`K zE>ZA`6A_JwJ513_W=yi@tzsrj_hYt74#pxN}nKbj>5v=g*ih+4kE233!} zD#kYAmrjyfiC^CFyR(qyOT9wqks1&4t~Vp|oLlo3!k~VQ>X%GgFJpi3Y3McJt6#;c z4M;NWz)i9cz5n^93`3!vwrWN5zUG$4)N3-bmRm7b$JO~tY)NIJernSXD{XE>JndGz z4Ds~XAy9w^oQ@YnO()MLOw6hkE=yuU>#;i~W?mxJ2@|!df+lp>jeEk0-EDWoIDmc2 zgml}o(c-=TQ|H|MPcV)zN@lTS5a0&?&x4bZo&WvdY@7dQGex?ym+}BVTr&wBMiG-8 z34n1da#;`;1XP|=3-~Z1%P%?H}mO>v6lMk zRa5q@O;J1>(&;{r{Cy5;hu4!+@W189%lg>M&;nCT65dB)Bm7Q21z*7LbCM%g-8Dky zdFI=XE!49^e_zU=*@T1JDtqfMP*#F19D^>>^jGn;9&F+J9qrvdn1iXfe4^2kNXvu6n7BROUVL%X4+w=||<-UAq~#6(Q6Ud9yJu#v0)Es5A7ik~vq zX+5|+Z=t*-xAQlYfq`}BM70&|>W+H0k7*_{I3Kqox+M!F6h3l}Do9qlDeALuv*@h` za)X{twC1-p*8Q^5!dW{Me|EMfy(GyPPv$~LW{fR-9lCZQz}fTJ8x-L3Pti35_z~qA zwr?K*O=Fzril*RKs`)PdyeFlmJtj}>9Sl510iv7p=c1dRxyjXDpo8H+aKUyu4)6GQ zF{C*+3jst}gKz{_jU(3eXVykrN3(lja3bf2DZpC4WGtQ|s5^{cezvp|ND2xVT89~#5H`rcJbttXA{}olhjo<&_$iDwM8g2c*Hd3m- z|5&JmJAeARj<%PtK2};l^MeG94o%SK*Dw#KAo#x@;NHIv_WtYR?(W{-)Zcr58~mXD9{g>`^eEVk5&JJO z9-bZz>cY@IrC<+~>!;f)bF050cs-{o$q9p#O@ZSCCV+dzB=Z@{a45pyg^&t;E)RD% z1XtqPUm3an$KHPoxi&-vYKJ+P5t@V3qp}qp2E~?k9VRLa!#X8N`oo_R41eCMcF|Dw z5~}$~q*%%33BZX+qy#7d_lTo`-r-dE*FhZ5UE}L68J~tBZZJT0 zmUi(GAf*gZ8EHS@&wC$%$e<=H;rab%9D7qjRWD1E5wc&?Xnsq7Y4M?f|EI=n#hUED zj%@pn!-KQq!!7^cL}_9F)#p`TYTbTywF0r*@A0d?IF@!88BC%J#vR_wXW&G)g7_dNv8u$C4VtH_ z@>z=!;`e!F^0~{5B>zor0}!zP56lb9@~&9KM^x>tcnM;(=O9q;YZ6546rm+GAYPy} zCJ!@|JibBf*9(YdB)QR|oL9hBhODdruBgzQzCt!~P6NTUT34_K-m4oZ zl@=5N5k`aW%EFJ4;z=U*rWAwi;lF-;Vg%sid_h96p#MTKw+iuZq5nBJbM!xl zqpkh#MvBz`vQ?%4inIk}Y^i@&qWdj$yE{so%SY?;nrO$k7;2Zt(HTS|`4TUTp~yeA zm-?L<#M+SU`zC`kO zI;d*xcJ9E}ubk$((P#@{+_c=#=4)DRXfJl|DlImaR00Sjxl6Q0OkG%ead~v<8^Fbx z{Sw6^bSf3brrJ+MmlZ?O+V7av{`f;nJ|caQ^y-oiIjxFgRZsp;1wxwLp!}&D zwx_rrO9TBco^ui|PdCbyhg(t4U^;vPbkjvqR~Pbq4H&GVrtavYRq1kQTq=`8twDtq&014b zN+j%hvKBbCny=%_I3uD(8AyaJ9VQ9P9`slui;v~aY!OqWdR)JL(4LZ!2c&*p`q93_ z+JBRes9>3>S1{ZDY7lhed*mPh<2rK=TPS#Lhu*vot(^TmNYp5Lf6OJUXy6p zLiTT-RNr@1#b{=j(83oe!8wL8{x>SqeFnmaCjcZZxq5l&V+BpO41iJ+y-kJTN8LoN z8=?|Q*QvB+k2MZYMG$Ay6dTlw~< zk^Y|^jO_cL)3d{aE&bm_G3fuLTJlwieX(~QEoIkc&^H;!GdMwSZ~w)qct&RbO-TZF zYg8!3hsayr6!{%H=czS>)SVn)Zn_3M*8P$-aWOJ{NI!RO20YiV>rN zROe6q4T?*rR`_KPVG=EaTbby2AcmD4ofo`p2)=*>ClN|=aO^tgb_En>lNP$%CMa1i z%YdkF;^7QY%GMj^Q@Nn!%h%;Q5t^ubxB5W?efVC0X9X z7U12i4afzF=QG65v#W!ub=DQ)RtU|=Em{Sm8X$*DVJkzF%(HMMASAAeu38~VkX97V zGn_w2mxJ>TsI!{(gF_8QJ;4X>c}y}ubCTg?0#LH}4+CyxLB;o0{5zmX!&_-d(FGW0Nx z&2rN`{_}q^k)G86?F2y{f$dlK8np|j*mHva6(hWXGxSXRE!4EOKZH_phUGS~Tw3iO zhIXP`b-`IEn9iRI`^XmvrI#dqaJq0p<*Br7?QBiP^EkHbO&kkO?wjCX+p(7vBR>a5 zrXiJP&BP_BFs$@vWGS&>WNx$O?X9mFH(3z0X>A41^hPdh+0V5=TF@qPU{xQ6p_l1_ zqq#v}s-#rvZi9WMmc0K=eD${vKuMKOqA4#BA&kR0BXQBIn;$bWPyH7LPBnW^Ev*#w zf5k-$kGOZx!eY0DfLG1`qow_Q?b5*iPmT|4|G$%yqb>j6NHO&PFW%e$spf)71Vn7Y zRYiiRB7*N@kOHD)4K9bN!0`EV5M0J{nxpI$&S-9iRuQN_e_pBpmb~Wm1}f3+VWWh~ zB{wcSC6J}(L!}EvZP#)O8C}b{)pXtZp4W+zqA2ysv-0=3^mJZ+PDR{dKE5`C5~N-3 z0V01YtPaejAA>2O`5O^)6JQFYoFyZE&M5-=mii6n)1O2GV@%mey)?!4zc$*^qGus) zkxYi1DH3Gm8TW2g@C?8%`n`lsq?;QItXA?qzi3nb@ezvA#kXmguUY!|RX~9-(Ze_nF13-UxO5J2%T1?h*6ghCEY2N-1 z;5W9RBz!V*c1{4B63+^9haM>R70A% zYL7uMBN_M7PQZtwk2)f?!9Ln%m2w~-3i$)A?YR?sTi&qkDZja);Z)FSK|HuA@K}eK z)8!CzY9L09)EO(P;igccwi<6Be^idmMlUY(ISk^2?7*Q7G+Z#Lp?t-Eo_i+Yafh_0 z)A}Ra>b}cTef|@og|uh;87Fs39|s%#KTc0={qM=)HvY>-igEsPmweU3pWEZ3Jq!A# z()ZEOvj7`6^>tyeBx?_lwU)k~`kS%uU2-O^da5}*R8;;xIZieGXUD3G7(C(zZOtQqTXdt}lDI18h3~9i5%n{y&GO+xx$b z6qo;BU0?RW`>(DqA2r|S@b}I0WyhO8)X9OZ^N#|j_V}hMb&wC1Ke9E#S>2}QM5fo+ zax$aT(|>vQx8C#L==kW+Isa|#KQ~ic`mb)6d*A`pSI3Ws4-|7)2QQG9@SEoaa#kKX z%Rp-62WpROMvvDD;QDqA%z^ds*JKX$^#A(m#kZ3GxB9=06qo*AU%lvq_FrGUc+_;C z!@mxi&+z+AX#Vxp3lI5Z;55>ER%v7Me=VHVZ5l|ts`1w&@wKI%{{KQzwz?H~6a7DR z>Hpa_|I22IOaJ+rZ#jV6{OjQX0>>^F5YAM!o+m#Q%^eac9zO?pHb-s9^;)Qa+U9@VNHOUD6|Hy`(WzBEmMv`bKViDPLQ#nw%q@$Fa&KvTH>(sEaOD8(v``z#2Hl zQVL9OObFrBn8R#>auL|_B93_q7bYXSdCH5<>?XEXj*Uz+OP2Mr#K@i=tYQBL@RA+R zun8f_7=TbLjs+r;^-CYe7>6kE!%Z^RQO!uj=?%=#s;iZe;B&IERxKg9vvMS}P$fK^ zWKJFx7a}E572@i{Nc1!%Q^|W(iI?QqhUoeulCMip=@@4#F0eT>9K5u$42I!3B1d zl)|buMYWO)+lgmT5&cR%76?zJvlwjCRXF+wSNcZL zv;SyT_^kcMpiU}~b1Mc`N&5Ke`M_z2HC76CW|!joX$o3UIVUlbZlNILh$bLa@eKNo z;AR{-Rz7uDxOAhTZG*2Z8GKErMeopzERYEM!SjShL=d1fjUNC>0He(yv}A~;@wGVT zTBzd&m}PWqr@{UY;Jp-50OB791){R3E7*Jl&;li#ut|c`0#X^0n*qE)38JM-o9rYI zbkEuHb$w+BM!2uem=v4O)7q{cMKnEw0g5ACPNbvMSl?i`P-dy+`_%@FiK~`C#iPVn zB1Am_)TUS4P7p$M0JVnJqxiMH^wY0QRr1p-dL`s2qZ?cDshnydg*j1l))%#K#rggs zq{SuYYs#A6*L>U0Ldw#EmiIM1O<^UFxzztH0sj8gF5gY5*8e0VDsm02_x}IvXyn}g zpKb5|H&TrIpEo2zpipwJs0GsZ&!g4;n3L#R>r>{}-$0;GeJbXCPzgrIH~^i(0IWEE zkuA99tT@kcJft~EFXC7~Bl574_6a9=0nv;kH;D17uV0@8TsQC;(;O$0;9M$A_}D@h z;tC;m&%n-tYl_M#cu)R23!idDB<0_^Q>pj4USZKOaGQWnga}xI?^V-(wr=KmU_J4_ zMkj}-PX33}!;>xj-$XI!|22t#T5}*5eN{HloRR5qZ~|u@Ju?GEDJ%kR4a-0=$bisy zvW4?&IX&$^Rz|+<&UAJt3e`qA7x%EGKCtCf`e83t?>2`ipcFv9M%e_h0q--MBcnnM z2ilpW^NT1Fw*$JOTjL2oUjL$9HrOZ#VT^vf{zZdMT0l%uhJ;yxVkJNXjE+R~-B_$_ zq2^GB=3+R@9Khv6^;QMD)jfUTT0d7kU1Gz3e_${yYntNjf*M8wa;{2$X-u`9c|a{x zjc4+m2rY1kxGGA!%{l?218{f%4v&rOsiJb_Zm2Tzx87c(jAELjBt+W%nTWnRgDDS# zER2l;{z1RMSpb5F+$Z-ii!QFO0CsFt0`l|(CK4)fv=}K^uX|4b`%U8uYg_m z;>{Db+J(H?qDf!S+8aAYI2r~ZS!trg_gQ0ouc=ZKO=$$eM_bxV*CjDEbfUN@Sq7(V zt}gXnoTcWG&|N(6BZwd(p8Hgty41o|cgt8Ys*m`1sC%WyO7nTd6)RrDI|S%FLm(kM zR2c~JDNZId;6dcMXjYM-fPGLkl%$6=1q16l{ljwAZ3%(j-);HPWuTyzqx<76Ej79f zL9bva7GuZsw5{JKf0U8yy4z^9Pd=t3w@Y0u-7S^5EteMeQr)%D^5S~{OrF57X~Q{$ zaZK*7GrYhtnxL0VG!(hm-Kwdo6?tBUFom}`#yLiG2&1U@ig)>W!l|Dj7`;v6hj)bJ zuW*dS1;e1S`aHRyZ%D$b56Zsd9PCz9W}5+g0XWGAU^J+$Dz5#?x|S%nywe<`%7q|k z?3eONPm}orI#1IW%}|oVSO|at*bPY%LZjl)ttVx+<6|&7I2(8z*V}ky3V?N@zh0OP zQFm#W*M-ZI)BhX{JZIzG2%+@l?{gS8_QQDKFA4s=q2iz};fi&r{@^y}MmJNqK!7Ci z1DGfH_c;=AMQNS&O*@!;7*9!-zvFbYC7GL|n27-nk(;3WTJ^OY-%vn`lN~It=D|Ho za>|u1IEet{ncczv^Bjy04v#@N<>2R21m;Oe*gmmJpSTr+<)bU4Sq1AbCih@BMr_Wx z^?blb7?`Kd_fwby`ar`xRtHapbCR(&y`Q2)rBu?=DLKdN1Z_wJsWw0`zA!!=_F3t6 z2l}oO6-+O^AVK*Mr;FnuPCr%PJ^%sVzJcZ#vIuNE54zp#>xT`Ta4$mhBNz)tAQbhx zIl18$j{Yh^;Q3~26kxJptdV)zL=?Z_i#rFO*3YeV$-fg% z60?>Q*4tN4-k5AH{<{M1$7`ot4q=0I`oTdA$=X_tkK5?HqA)&QM&|M}r ztO*n?FSI;^gAX5{_?o!WkyMLyBmO*Z6iYnQGWO@tW7XO81+gX{0ZzaN35I4S>^u6Z zp+rFOZe#H_O@qnRs!Oh98YanMfrV^lpq-}JO)$@e(4wBJm%SXJWn*L{qp9qBzx{?8CQ~ZykBRl@z z+39E-|9d0Fp#Sg0lB*o>E0TU=13g-@Z_T1_lCLF$SEueqsvn6A(=_Np@Qrzxl(k5e z-JR0w?n8y*6ORjDt2T7MKgj&rj5lb(ulY5t#w&>9dA641+{SD?%8Fj{b9;QQU!XK5 z5A5I_=%%e8xXEFT#`9Phy6)Mk)m^sp6>5rcy)j5~pR;ObTzn9NeFS5Y`7q*+*o=&{ z+&fzy->KB_|9O(*8Cw1L*Tnyi&PFHp`EQ&5aYM!A|6<8|JpS36=<$jH&P4i_1mp;9 zkABMu0oE)`ZmS^pW`aPk&~Xkoh4dfDHANQZW)R@dmu&l3Hr?foytmoVY&C>Y^k#u0 z4Bu(++s0Ya_@&7nSQ~seN$2djZ9s){HY)%HmWRWk?)waMD_BbLB=J~(>J@EI7B#A2 z{;1Hg@WCT=%kpY9I0yjA*ao(M@&e{D>+|W@E3Mvi*z|rY;5RKE8{(%~2uew0+bePD ztJ>_^8QyY2(jvOa&P(hHQ|W5!Zx3F}&!gS0O`I+3#D1$^kD4_B)wYD{}~+} zAKUt$lf!NN*NqfI{<~32-iz#KY@kOg_*t{)Tk0#iU%$%Vn2BXXTR^cnb$_qm7>%}S zfcB+^{-cbWqlO`wC;2K&py~X7G&;7=|0joA{r^UaN&m%?1G(n?Z~<(Nj)%4kPMlXbss*9CEAAM&~`buFo~_E9!{FeGXt0jm&3z>k3X@Gnpl0ly~T{ z9fCTbsOE6`?L(LMwGS$$*m!otV=&3h?nZ6ya$pW-gtE#vCfN{#6)M#WNw~p(#4mG( z;P3Mse0aL}2<}l<)~X77se@H_-6N5>mGf3FHS*sSX6QO2AreXtn!<275wPj}e|mIa z$A3Q@oo(g6O%zl9V@nR?nuB7|R~7+%JL&OCf&SU_E(rRD*?i()FBq1`pdZxQq{99t z9dr%LCv;qCMs546V_uc@zXdO=rvEw0W;o$4$vKI3| zo8ovaFunYo!XyHg?~-v?R@ptYP6u_v@oVG0LFa1}kNNZ=nAt z2M5mm-_gOA{%@q1^uJv4l}UZs)#D}X`W*Tu<67r#rpGl9a&0(M)2qE`Nw!OPQW8}I z<0IWGLQyEW{T-EbTv(u)aU6C?%GwYSxt>wy-C^{qL1 z!a}NSD1NtUipFEMrOUSRL950&i4|AmmP!TAbYAJAN4F|}`5Duk1|Z;JSL~qvw#9sb z&9W~$rcafrxXx`<<8IdT+K|QH&6fk*1fE-FDcFmt?vhLfMY=-|Dn1flyMcFBfj7&P zHm^JM@R1K_Je3~c{F|vj14UfV`hi1M;f&riDY1|PwHsTlif0a8pyfk4(HSHP>n9;M zzTw6}UVcX5JVychTbZf^Ah^!Z7-iZcXP5F2GV;sWHMgvMs>buLY{PyPZ94|0Py?#J zT5eSiy&FuW{L}{nYl^(~+p$qc;S?t#Jzsu$9DraP6UhD=EQJM!yeNb~kj!VdDATdA z_-F#{OrED!ReMT=$tX6nR#k8sMv3{uJ0wGD6i@u-b)uPEd;VPfEgI|3>)MMii9asm zEmXwFaBt3*Sr^f_gJ}V_M(+JP>5oU1nRZ(?QR>crDT&GC;U>)xj4nw+^94o=Hbx;`Oc?9l1=tA7~Ta>0Epo&ij_f&h^ECux&6$Z%kWxq zZk6Bf4COH5h8nUT(YQIxp-3$%lmzloP14f=j{_T_BnPKLfJsP%F2-Y=;QT?wOZ$l= zB$Myn^VK%rtc=LJ`7O#4lp{LCWPeI%&aK-1in#Qd6N%3>G`~U_Y4h!ix94RFR>mTp z0ZPC<0wGKQj3PkEj600sNL(_(jLee=AV?n=C7!`M1ZJ4#@D9--_?g`EkVK{$X9&K4 zocs@*#o!A_^SN&&+%~0J{#%fEK0~YO{{L6A{C9SAV#$A_)8pgQt^Bu%V#t5L ziX~rF*poZw(Ta8j{5=bDrh)dKG|ft4=2nqgYMtp+bnrY`=^fx}vOMcO8EM`VUov@G zm0kyErp8hm${>HHww>5uKC^NSfEG68p3Eh-MSJN?%l?G(oTMn5VM;ae8(4JV;g4RRcmN@ zhwC>em8p1ISk7A!ly!okMN&5VDPr+3ir}iLm1eRA5Z5cf@dIz?DzJNp9%zT5TC9An z;lF>GZR`JwICfXw<6Pd|{=ZeWAq#3Ye$}=U&L~duA=&taAUN#Xmqe#BZN9oRWRDpY zHJ5}vEiWByHZ_KEd<(<77cwY`&bP|M`u5I1zk?uMgn=B?LmOI%8AIMf%ZU4_p7H1l z$TK`M4iU~SDk)-sKMP*ABDiHY8-ST7?1A}oMVQNOHUP6qc()S7s*?@Ct0n7O31qFG z4M1IH6I==CvYQRSoQ&y;;PM_eK`UrT@v4ME^sxbGRTjFHz*U{B3tl(hT}#KetsbbZ zRO)}^A$b2&L6_DQ|NZ3Xz_$NCI6B+yiR#BcDr4c0XLUv%gSI zaU)FCx=}w>)LubFRsN{aP5G4?g|4dD{x#aFa{ZkYbzD+QHIc2Efgx42Xh9C2dqsGI=w8Phzd2G%v}({_#<*`Y35 zXKkd3fe!@lww8GD<>c0)MQR^tpqeu$Kx5`0jt3q=hZpjuJm8@DP)n~jR+ z-sUw(jL`TsiS$6FrLKotT58=%g#oW`+AbFEH2&Ilj=6Sd(>f?HCkASTJ7fH63^=9= z`Ya73D^$58RBzHMk}1cm>aVo$e1|6J^J|!gQxN>$4+ney_3@A6uRB3ewHGw<6qmP% zk$^GDW{|Vr5C04f&d$#M85pSj{i8OvH6d>2P$aSPQ)AvBRD@Vus@qMd_m%9yAXmMNcbUqxnBzKkXK3%sO zHHG-ZMvwF-AAM@TQ#*^Y?PF)iC2E`@tE%y?%I`U1kV!pSa>#0D@OIM%pX( zGXTL23GaAHAbr6MAU(#;=A|IUup$^H-E2LBtKgK3_p z^n8CmLlg9Qbifh5pY6YSbN%b#i~W&l@~;OPFcn^-z5n{iwO&8$et3EP{>Rt<_=x}Z z1@TA!XYjY30PN=EhHC%?ERJjQj?idv?i%dg%*SK=8ASpcFZZwa-|zpp|9bx)U=N_l z5R85tJOg$uynl`N-{bus@&0SP{|{W$#jNsm3~>Ukk{nG?25r@$LMrm%M8`LwB)30j-}2{@=&(l$0Ux)J;Q^Vu#dAA*bvC76Hzo{QMuKE z*J#G&58tM-?>aI>$vg`Y9maTub2^;y#?3lVIoNK3oPn1SJwz9_(DBdUpTRRAy0wtR zg?mK^lz1;88GvOa4>?1U6_XN(<1f`{=lU0+>d6_4Ut$>ZjZfSxK27&#KJ3QISf8VSa@?UYx=~e!#u^xSF@?SZXt?F-8)t{zM z`|~OPnkTna?QB&$-$7~S|J)9Fo%#Px4&C^lCtLsD%@l+G^QG>W`Bz!7KQ_)U=dpg9 zPq7Beuvgylqrw5>Lh?xi3v%sS_!mE>u6)5mH@v#BgQuX+`EdY(&tn>ZAj!wnI*ISd zzRoLjN3NEKvmn{Z7Zd8!6q`kqL%`u2x0TC{9V*${i1{NtVNSsg>6|a3)!^ z@|6(b-;?FG;O|Mt@jbB&9cbct(m__!z=`MWz>&K&o+tc{&07?AC2RP!Y$LN8;+OIkg^{29>6-cNh&Pmo>V*+E&SYhisBSy!x_9oS4sXhdqYSnc5e%$@c&;WIm*T` zEaqT7E$#Ze==KNFbVuS5&2p0Irk=(_ZJbpGk}O766u(+bLH-PdrY^}h_K6fN(PsI`}p zxx{FraITN+Q3UI+YjnZ(Ewmb*E_d8ftv>>ssGJk+X5~|Eo0cDA9vaaj+e^t4N1va8 zorGjF9{M%B%t|js};@0l#Ihf69evzh#`*5kp z0@ohI`sCM^j$8WY#f=q|m!`2T=|?^}q3qz(WP}xRH_yVv!QR8>KGF0dYC?4`bNyY# zl-r0a@kPXAeP-=0Xxe|F+Y6fQ1HJBnJ~opv;#NIRHMw3&wogA`>< z{#yozqG`kEt$A58rZyW(H5MiY^D1`b6m-SoS{YR{{ZAL+n(6=1=)|G_+x*X)DF*$& z{`In7`tOg;`Pk?`pGDsapL7u_T}Cx3X-+aY;SdZH*d}ObO;U&&wAXln@Y5qsCYLe9 zmWPR&LW4(0YpPkq1kA-IB==y^LK z%JR1jeS|PZmnh5e7>6)NO9c)r$LTwipq%11j^H+q;5LrnHjdz?;|L1!bFSGcz1fBm z+=dd|-UF4T>iqWt(>$B=E&TU+G(q|Pr!sG2$HQQg{nw#=|8sbFaGywtw5260#Z|MwRGD$h!|O=|%IN_yzc#7HI>=8I z;8Y7V&Z)&to90vq=QJlXk$rci=_*qRbHryrA3)(iKLYu7i3q{sH@R+<>8jViYTm0& zJAU}~b9dyac``*X&ZiI8Bzn2PAsav>HMUgO>=`!fdalMliKYUe00bBDJ$#@SaZK(5 z=P+#;rj#gbu~()J3e{T)a1x`rlb4eVS(2>6F%T0dF+cI4g` z5Ool@;qF_Kx-Fu3>3?<$!~IWOq|X*OL>FO5=1IP+9dHBvKRO%P`k#Z-v+e!=Mv8U+ z&zBp>^#(sP8ayT$U>jl;jSy?kO&iP2^nFVn8Q8M0%geCWKL016+xw-x9<>}CK|p`uR*`Ue2x5<&11Bx>lZIg z^55~%$g=-DJv`i=|2I+$`R^TD@%{upzJa!Ko{f+78<6sWS`bmqDx(Cj1)ZxMN|}kk z6#tl!d20K`cL1gA<6}^3g{HF&8MiU1dDpzG5ti_Wd6~iA}!Q_R0t6 zR(t{t@w~@9PdFbGjrd!(C>`xucgnK{uR}tHS!;w zb27iW2-tN0b9`p||D2v39&F{mO%zlACs({jouBM+D+PK`(f|-a@4mAj=n7|QDE%NR z>EmvOexKtEMa^PLK?hg|9|OSu9aPZQM32q6%pj}-Hi%H8`3F%F&PoHRPS{}T@2Ua+ zymx0c^ncZB|DrU}|Fc8;{C~DR|8J-W`p>?ZYpE>k#|D^xYf}ICt7bT`!@rvrR}8@NCn^1ME4yYuSCqrXTCOt^rgH;FkX9aL^v~Kq*rCHW4|>$r_c-Y zr2c*NmLA>RJ-my0k?-$_H(>?AS(w0u)CwbbHZpp%1Bg=ct*@Y3{*IU*{Gt{kOeJ zxh;UOEM9~C*Wu~ufqnmfcDlX)-$>yb|3{Pq-HDh>mMai{d;bjO_Gu1ZQW2Y^kJEsv zS%THV|G#=Bt)=q@317Wua9zFNrf+4&THRAH8W_atHM~QB&NE|1!jsz8U=_^3xWfkl z{;bW6dL5J9V5fQ$uhvuFNL68T^-ii)pQg2*e-<`G5|8zEdKDn*h~%CHA8_=M`=XX% zRB_^g-x;*=;*$qWWs41bUj6<#d8CtZ3@4hkWQG>x4n+Y7(C3sLhg`P>VFAxa=dG7Q z6kE%uv<6>+1g$$_Oy2-GFKwWJOEU|YqdR0L{8c+eo1$gj-)V+&w>}looohCSe@}3e z{tojucE%TwlmDhNPs=(_oGtnPN@u~Q^WWj2o&R-oa=i8b+(;1&UfbLK9RD1?+1~%t zarbP&$y@nl*22`ott<9K>~6yiqq-Z{uHKz9m@e(wSpjQ>Lnj0uW-#r|pYzY9R(mwX zPyczWjNUYWP4xfd)Y1Q)9&Gi08!4Q;tGI9dkbV&_a0P;2>)$WCZ|U4$*7ke$tM_f# zhdZw&m%Mfq)Y<^>J(|Kx0RY{!2Yog8oJ|0as0|Kj3%k4J)ufBrkr zmU}f`z&jq!M7LV6OQ-@t0QL4e+OOWVgc9&4wLE44GYoHI1Tr*68A?L*jL|eGjObZ6 z3Y}W3cC4lvZG9OH$V&QrSS|gxuCJm~n4w69f>_nBN8Dz~Fd;y6%_Aqsdmt53AVpbW zlz|qAz02S(CnQJ-`JUmWR6K47Uv09MDmCOJCbuvK0bjEC*40e; z8w_RrA&esBB4Dk6cH#AjA)lh$TsAf4aGu}=$|xG<<9!&%~at||>ZQ{YbGt_Yw z6Bzv+#xMy{c6D9z%Jn-^f{CIiTErOc=xnxs2CV+8>aScmXwLBE;s*krd;5pBCh zDluScXECqCOpE2ksdpV+v-rx-lC2a@Jx+=pD4I2iGCo4U`(7?kjwPlWve5esqA|Yf zTNcViw=HF%o#{f1jRg&wraJ7R|dR zg*d$$mE$|-d$9LVC%F#fO2Xc=dG<~orq>zCNl0Qn#8Dom@`EqFdrz=DX@|%_lja*1 zkLN%;bgiskWpnk@zAJjVqCTtW3P@s3&!sHI ze>6$OZeyI}^6v^DwQ08jwXE&|SnEp$oY$UMr{o&Yjc)h^thMn>qgabJlTejCQz-h8 z6DWSS2Vd)g1MlA^O5vdISMBStc7l52RXNy)l_CH}(aae~sF#zql2U4BPajc$u|GZ!uJoU5zO^6p3@vkfyT2z@bYtxvINE=Ib8Ac>e`O?>Y$Tx z|J};SuKaZYR(Is_D}N_wYfa47VyH?}10UW>{~;w5coK{y$Rqcdh|_21o+0Z`kLLN& zb8_^<>N;VWYsEWjx9L4q2g?aEo}OCo{AMUBB|9Z)@-EUEQL_$sJ;%H1=c7lg^~;t@ zG`BxPp>UW-m1+mi7Vw^F%xe`R7lPGFPmG{LWiM%`MO8g@`zo#RO+bBH%$EwwbH!05 zt2!Pv)yxCceOG2{dXNszQ)9w7QQ3B@?5SOED71HBc$r=aVplPYL0!v0bu=S6tk~7|)Zr%0>0w8=d zQp1sjlch<{w^p%y*QHkfC;w%l@+D7!xc?~>XZTMzZLbk*xc@&mJFxRV933BS?Y}ot zto#2^sc8CO!C|TI*{~gesRHEo09}q68sL3s0c-LVmiYeq^-1yL+!MueO*F3S_m2v7 zTzk8q#_#{c&i{3EGTQq8ZKPP=zqY)6PynsF$3_DT(0jfMaL9m;c2{vb6c_XrG+{OC zz-7Px_Zb|IaVS!bHBf>k|KH;y`};pRIoZa4-AJkU{*C4BlM)ymKUSJxO=8V5f`3hP zU#3(%I$7A0lV(nXLhV2KJ?V~XP$*fYDT zEr&%Wlk%67%EPq8+~GCrwqn(0yt-Z-2mGJYz}`2`P7|YecG>bc?YhT!4?e?u{(zst zB$#XW&Duoi%Ky{(ZH(#k4awgj7(HA>QHCh3&lA^l{u?>^pVPx_{*TQRi~m8&2uz~&`9h}WD>;JovV$uH_vAjU7Zy$8u+A@!g+&kc}`&4KR zXp(EFo;E1^WIbEmhf$Jq`};Q}K~3krVl1tLHVkE_rrC~MogB{)nR6qnq5S&>g(Qi5UY&RhT>o9!fzN!p zc&VIsynI7a?O_aqZO zj%tL10oa{rzyI^}_~5{8z2q(xOIs|WwMc3Yt8io=4#1uO!1aqP=Ixu8f9s0D*@;|@ zFHYws5Yn?&PQR1cy8lT_d+~40v9_hp(pLVvNl{1(^Dp*A^r!zHjU4;0gQKng=SGSp z{}nEJfGv10(qD?g$7=~@L*Lg4KYvKkd5P^ORcCEZ>vO%>Hp6Tk8J)wI@{`hHc~A9UwYg3D*%-H=21!jI{1Bw09%&-7h?JSnLqZ- zgO{ZLZ{Q5|W&eM8e0u8G|8L{}Y^GGuf408s;Q%5!$s^_gdU%z-u6jM$o4}~qCTZzv-DmM2mPqyDJi~X)kNB*w| z;qQ(ApB;@H|KGE%|KCQ6#sBrNZ2j{8*a-Oc2>HJ`fqoUiI@+JWI3^*?k^WG{$CI~y z8sDw0twq}v)?-_K+~2v=F%Qsp$PJliA$kXsiLkV;dRJk0y_C1-W8l(j&_91K0>ZZ! z)0PlXI`V%Nr@2!&;3ocm?7WXyz%^Zc zn~0evT%O3l>P=-BO(-k02o$Vl-%DUkZQO2ggVl_D;e)O9Su*IR4dSZtH;XlJ!wRb* z9#0rf1@aohahCY1jR350w++kr7>l3(=Olv@wEqc)A)@p(iRvA^8%h)ZKXC5<4-QVZ z{C^{b6P)W`FWFbl7aQ=^UWMPMi*TrIobMqCXu1g7h!+mzeYyI{N+FD6#C^Gk@=x7) zS{vC;&!WFF9l#yWFuQ8OrSuodBT#=>6GcRsC$#LlF^#C(kI$K$pE@o~q)6wncL+wm zWjIG~lMn^sH)HCrVe$}YukGKg`ZbBlIA@wDS2?*EiBN;PrQS#-9Qa2W&174;mU{k=X-M(q6m|&q?I{iX|LEZ4 z%+CLJa&)@o|C=cF$8E6>hI|_g!zoNVU+J z+0}=0in2sErIX{AS^GI8K|-QJP0TweS_UGs)zFi@*?Y!o0aOYpy(gJ-gl`5)wOj*G zYQ92yl9OzClzqa<8nLzlfU1l309MIGeo$Xv8j=Od9@=ixqCxA88Wk-lN+OY@j;?LT zmhiRRvo-LoVe`89YrQ*KAhO?m?BcQySbN&iVxTV|C;v?)mE8({f8tUv|0QF3d2_Xr z@Yg2(`^eJ&j83=tpEp#vis#L%8*q7ZwbCVz6cxpe@#uVNls%04ETQaq0zj1E1Z}s$_&TcnA|4;1ue@6ee`u~j-asU7N?|spKv11-P{bva2O#ju?|J3w< ze?ts_o5&ku@9#fd>_1(|!%Z_w7*tm@c)&owk&p=8+h4-G|+$X$7KvD?d0-plm_~LJUTkI?Z3A7zZ)vr{qK!fY`|9= zl=NUlhG1=>@9H|Z9bI>3(6bJ_=303F2To(I#z2PxU@F0m07>|iOuop<4*&#v0mx83 z&k_oP;2F4|;&2LP2qqL{==V9IIZh@3g6m(o!ivmu5V8TZE^aO_etx<4|Gl~?yJF*U zgF3F7A_3U$T|B6szN)uk0JVj46`6ib-U6f)f}QlhfM@-5PI#$KW0T zM#OOfU;@k$p8*)(!w0JOYy)AV&+Ne*sx(nE7eRG_3j{b9-Fp3JB|KP8<|^T)TZD}O zLP$|jCn5P1CzB^Ye1gSJDd0bU4g!56TB>LRP~$e+cys>T$0W51rUuapq06?{j&~#n z+~*+pXYkJ;Fcpy!!K^E7o7HuxED&Q|M2i^YyYv4(nbR2U-)ogd0F&f z7g-(tD9y+MQ%n++`ApP}ql%x-Ydw7Q8l&rGhSzRx)ORR{I0-=T0>vmVlO=eht&E`v z&pc`T9K*oMRwf(`X%?!c|H0_9W2yxUfJ#ui+$Qrr|BjQ$w&45?;`|lKUg3-~rby>A zo`&{nHbW7H_2?EVBi1WUCamMuD0f?05H5>%r{iUCuR&1@bejce%ZKaf|B8-(vNYNM zo!a`J(b?JQHvj8JiqQX{jAELjBt$*={H0}&2IG*rpISwasmf@p_5r|F{Ae)9cf(dr z02QG3%=32ght!~m=^_k3un6-21e}Gvz>Fd$V;X>fTMq>wm=c;_!+gpfeg2gbh5!VV ztE>YMggkS|45k4HBDBDvLq{t~BLhbQRhP(A-zqu*WDPsgJUNyPM74Vmt81FuK}~$PP9LLVg7i7Vie{ivr;v48dzPs zHd%8ejWfDXDEYuxnu`rj%H|3X{`i(2vTfzRON!sTx>?Kp-_eni|Nr3Z^mr@(ZK81T zPRe|!e?vf@@b}GaLS|&1@2s z5AV=J!v|6T#H!-NfQz;lLJJE5j(XOYbYw2TXy?z&YZfcF5>}}rOD>$OnT{+eMm1N| zM6$MlwjRsvO9%Py=Jns#BmbR_?E9aCv(v5r$3}`N|MhMN{MVBIRxlg>^T>ZUum4^p z|EcY@cKHtkr4MXSxSM_hsj!@J|5BkY5LQTpV&{79PYbYK;E2x=aqz$g(Zm%DYa~Ml zm}=>?8z{YtsDFEeGOBL}eN!3L1JL7>Q5&%O*O5`%%73QDx|X#aC)$A3LMJw4mX zf14zQe)}itUb6}ED?UU}ES72f1f=nkXkKgg zB&xi(ZlTSsz{R>Geh48vSTn3da;ZyxE@2E@%jW6neHip&!x6Gj$C(U3DRfa>|y zXgT`N4WRnU|1}z&+UNhH)01uf=Z%yO6mackpnaHPMyv)VNk>~ut63LgOq&q6#(`$% z{aIz2{dT`nF!~aX#LfK1XL75!j_Ab8b-uNnyDk3GK>tfV|6bMTt^;nM|0jnBcK)Z) z*~wP^-$;=G=Y?aZ{MPw;gJQw^&<6W9QfGy5A0EJh_RcAa*q<3nB9!sA*Cgtqwe?S^ zXNG7dnOKCm(7g(UrKyh9ja?0+M^q-UsLA6r&vC30O2~C7JSEH0=(Amb=xZ$0v3xcl z5WaOm!C$OB7x+53Ll62XBt*f$^-JZsD$wuc#DhGWGm$|&Eg%#IuiW0&Ia4e`enR1r z!V84bOOiflO^tjO;t;}Zy6jXTT7@!@AL~1yQ%L@JgwAf^o6&p zL@$|(G$0b%3;WW$Na=h_C)69Jz3Q{u{b!6YF$6!$P{a{9B)%upLKFko`#s=aGH zVg8e*C_HaPhV^a5TD6YFqHP@~|K2h1e$?*o?Q!rsEVbvqbP?`7ux|noB?Z?nZ?D*AN2>qvfepA!`(t^+Wg3qpNee+ zlLr9f9A)Bii)4Vp1Ph}3U7apVR4HOvd7jixlPWOKQ2S|BsXB1}A@kTx%M)f0SVlK& zGAL4mXn|Jtp0cxiyQ9T;9>?-5QG^!Kz%Mns!Yy@7vKc534MqmXRnIc|jEsapJOPfb ze=Z#ZYc$W&D9F+{`~4M#n_#ma;jDBaG>)4}$kp4iXQfQjDF3F5u#kUs0o)EB$v>wY z-r-~daFUZE-=8vzOCn+O_DqwL)d$DO1UrAgWWw4P7h;4KDLFCay6BWpif?07#Jegc ztL;jA*YS-fu+cpprE_|0~;)PNHhZ{5zSVn3PDnM6RWsx6@$Q*8x9HCPKD zib9H8-xuhcf(--48JP)_%F-W{qCCgRgfhB^5<1UV?F8NP*n*gXkoORQ`zcBQ)LV*! ztC_a4h0|&CzNlIY+f}mKZMDV~Stq&AE$V2J2n`Gee)bW=C`Q@QA)U{v>l%YOt7{C- z`=|uGVD^0d*!pN)>)CNF7P1xC|D>f^{$~fpwaWj8rw4ZahqI%T(N_N7MDfV~(3byi zQWW+i|5s=o9?!i`If*WkdF4HiDb96~+5Ye)8PZgiWzSwcrKUl8qGg&qZ(?jcuOdmr&`KiVN<&TR zz#c;#SKx+!26p#+2E$sQ+sIJ@%f;Ez2-opP5$jdRN)>S`EMb%n%`N!UhSqN<^#L8} z+61Nr&O2+!wGoU(7!K+}vudA9iAS~>8Ct|ba0Kz{WypAKugE6Q9LM{g;5;WO z%4Vyi{^q5g|Bpr|r*{62v(YyG`(}z@=_JV^mXW>LvhT5V$2?&o1^*(qpqW8(3xZQOwoPa5bBOz9lJ&CqvDpTIY zj|7kf%8YPiFp0nf^040tLJ_iiGYvmx%9Og=*hAMg@#@N$L;YkcbFD3EN!SEh?e~}h z*~4%+EG}WynbzB9F{GncAz4+Ea7ylz>X$R(x#i`C8%$iPmXk{SupQ^U)D}bL_G^8N z=ascQx7QUmrXsAG{R#L?0ZgmXi+N6fv0y-UP;R7LT9S`R#@7$%UoFg#$8CwnD0keK zT<|2^iDl(cKXZw#OeSMrW{&^EzHWXKs=j1xPW$9OK^dLmluvgCbIhcr2Q?`ncof4I z=1lFUvHt_Oh$2AAOenWNh9)qJa54e+Q2!Ze$X##_(hTk4gyt}gpYb2_bdtdc z*;V)M5uQx*;2Z=;f%B3ZC8NER+aw3)fIp=3FywUZ*)1BA4DIo!TqlT0@{IptdjmyJ zQWD+B3+)VX$4_D2d=B2A1wji$HCHscvaz)vLF^y?OagJ~U2fqQrQHa|5C%9ttb2WEZv_X80XW661fOQcmw0`jXY1+I*QYF5A5IKWS>s8 zCwpo%m`$i&^@}zD3a11FHwh+L02R%31Paj4!G|63 z*T?22aGWzP^`U9H6`DEoAe6Bx!|4+4Rjy&pM@;!BrXD+6BuI}7m5 z$0lRXA^>}-?`hRGEb%Eep#Z{zN9`8eJ0Aga@nP(Z`QIEDU%#F^6KVC0*ue2Is$r8V zbKia{_hid&r)=Q+aw>LE=a0ub0lWDtoM1XdQ8llxJ%6;+3Jw27ZVe}yf05fZjwza2 zX=ebwa07(@fwS1UX=lBu8Lx0CD9;1daZY`s_awWE35-Bs9T)-~hVM_;>nk<-Uw*45 zZ`xK;0XOJ>Pu=|gXQ$iz|C=es{V&grDLp)XQ=44gqPElk>zgJp>`tyTl)?;^+Em#w zCF~0Pc44%n5n4i)zWV*APbabI6?s^pP3#r`kPefpal^P zFuf*O4&$IWiJRtu>h`$><#MLf?ee=MbtVK3O#(q^1aK>0)K}m=qk-cXP5`DNIu^eV z#|gN++W#fNIe3p~PT7jwBM`y_@O%>44CGUomwjTYq^0-)Oi+R{sJZIc5{UnP)xs`tza&;irW1O&N?1&xQxXgWcuHTW>7IP6Voo1 zKPv5F%{e;Z~I*ybDE>Cla4meN| z%28NGrt+`im6o#?CzA|O`i$EnaGp|FuUc-9@&n_~u0$(khtNRe;eA8ZCwa11^wTv_E_Ec&&UpPhl4Kv94AOsH9V*Q~>u>vOwa`@0Wg zwsyY;F&N{F=08cAsDe1^C@4ZP(in#*07FJyoJnc@JO{hGqLM~YSkH`8vm*shXV(~F zQR~sgU-6C)M;ndNRO()+X}vN`*$vv^%y)P- zaKrm|hE|lns3Hh|yB(%44oo7pzjHLnq|1r%YnW#cjq#nmNwhEvmiM#P@2(8P>+i9U zV+JMeZwZM5e|>e`?pX%~%=7w|&HIEQ-K|`Vl4lPo!P4wuw`#1iR=EMB{l`7JYcf|4LkKM%aUCN55^edJf!vLVXy z*D!$-lvTf}*c7G6DJ4$oxSn{i=Y@4A7mnt;yTd&0KtmZdA{lQ!6uIt%s{{WX!Wdnm zEEhl7jF`*@b96=N9LZKv;JGZ{I%K|wi8hNP2`MF#dj$BwHYe;H2Bg$v$(cM(S1p^9 zV!@4Q-cn?dgS8h~EJiLztCSSfWIWJWAzRvtEv4Y1`gWy^Mc4?C`ol|Zcn=~S z22GxUm!ET#B{1f*iU<;(f-+J&5Di@O8)JO68~mf$sH=6*>$+Xb4a@0nBW({1Lk}Ilw|ouoK9htT)5u7v&`=C zY?}@^RQ!aA^1H^sV#j;|Il0L*oJDf+)_)6-exuX{e9p8CT7g4!Y<2`%mdPcSkNzDA1vk zWYzXJoKM+DcacQuZ0>ed-Pukty+W59Bbb1B%E4vxFmzoyZ*VrP_HFVCuGGtC`&|4Z z+>~zSW1a!zyrFJ}(ijTqP)@^^xT`So-21e3kCigMXY&}7*N<=wbFZ&j0ch_tZWyO6Q%i!*>6@S5GzsC zk-hL8&wtAaYTriXy&c=@h55jDd^f*|Qgi>W{6ALo{%Vf@e&WP`Iz2hs=KtMD`J?g5 zv$$Q=cvbyPrmWO(8!8k1XnBVC<3ybogeR&l1Z%Z~mn?5D|I|NpO&P04WBtR-g{FJm zT9Y&mIfaag6CO;+OmF4U!dg05Pi<3#apT3BelkyucAqt=*z|Z(hAh;zY zHf@IrUQrHE!E+3lYT1s~RR!nK``Rq?F)?1ne`@HzigNrjrt7r-Js6En4{Z8>a(ud_ z|C=by^q*}5wgujk7dXtj^8lD6gtfN=R%+hJKbHn5ya^Bc?Q0|Affv=Q(;4Z3z72v? z8ky>Z--yz!U0Au_sAnu0F}=kwD%^R+2xis~j?)r*jolk_-hqO5?(mcg2J`ceCfq1X z#5WHor@a%)k>bjczE|0ITWaaQyd3?cnN+ML|Nm%oGP3hOjkfupHdCCCpjz~7WgyF~ zYdX4tAbxcy4GT2V&ibN;A2X}!)7}&{Eox~xfb-U@J5k*d*ZJ!z%chd586%40$FRM; zyCdZ=-SN2wP-8F)UfoDgvH{eqjPIrDh~N zTKZ&^8G=AW?!{*ivklF?-WeQPLw@O^15*b=(ayC}ui(};AMGH0EXQVB(El0AGaRmw z{+}KkJM@36|KCh$Bmc_{(2?$|ZR4Z+sz>b{pdNXS0=&9S>a6YpsDrdSy%kQ|>Qca#9z(F31~6P_Y#l;bUlm zMK^H&cW~g`lf4urf|2U?{Wmao1w1xt8*X`;@9oZd_Cw z&l3@o15?07&Ipw0f;8Tus1P@)=RwQC1TRnmlw+e{FvGSSroxS}z5P+)*2pWAzdF-z z<;hp}So);(aq!@u;I}_@6c+eKtNJ4ccciO5Z^-rIz4K(lMI3~l4j?J<-kYrF^uY%E zmPZd`jlSP=$F_VQr3L@b$b8wGe^Hvwe~0e*@8D<~|8XOw&H0aSfR3j>v1$A~d7dL= z+5m_VJV!sRa_!MibRaZ)^>Ho)4CTXMW_dE&B{=TRNHTF`$L?tWj<8$v8sU%ohLEo7N|QvMYJ@^P3KCk7og60?y!7 z*FQz8+WVj1tkqck0;q)SPjdxSOsVxHP>F=fYarKMQ;VhQF0YC5iyXuV(%itf$XRl0 zBfTob*0*6N+w#at4gb&31oJ5IBt;p_Nw%y2(8T|bZ2RxSgVVFE{r5&nGe<90U+o8- zmEmz=z~R)>4-g^@F6OyIn1n9U%mUR0gi{pWarvWoR0M5ApE1pKU+(=Mz;6gd!fE{; zCOjuMr<^1KGHES+CdK};Lw?AB!khY*2|9?PBnM7%>)|`Zs4p5`(JKk3#T7{UlEFk< zgjy}IvOpOg`+}^3fTSY2!p@K`!AZ8$`Kd*HoN(Hncg{5G5pbF$$Yl~-eXfFtWpiIcaLo2e@@Rlr)mcG7d z#LWfxH+PGGh(>@Swo`*ld|!NGdm^z9|1%Hw#A=v}T$>lDXtU$>KHs_^Hn0TyVaSGWZ$OBmiOVr?D2+nT_y?B z5YwBSq^YX|a0m8rtoR#y5psIZisavf1UyMdhW>x{-h4Td z8_64-zw;@u*_3rrOJ?!rT7A}I%VJRyd#Xq-NtIfoPo_pjAej&&1JOW4va%(u^=quz z_q|*{$r`Q*0D-vjVjT&aX%#bYI4<`e91i!(2CDk4Lk{RNt@vKe{+EblVf5b^|M6h| z(0%{EcX+(f|E(o;!2fbRIIO^T0FW6yz7Ai04ZbBp&ks!W&!qA_MiL(k1wz3iT*MU2 zakng>UBgth48ston8Yx;&YQ4qGxEonWtU7!IVUl>?WjP%RJFjhN1V0mN#D1n2R;<{XuZpk=KG zMnxrR8j*6i82{i{aV|?`Trz8xR=KPh$)>C)tQzHN`b$IZ)5Q9J5zDb$V`+9<&q5J0 zaF?Qy4#(Q*m}oyD>9TCyCmb!7tu8Y6vh}ywe!vn+CMX@FjOC}gh9z9?zg43{$Oxsu z7=_n~K1wfBt0Dhkg#D?|Xgoow?-`LS4lC3cHlbywd#dVhq%tU)iE^D^A$LK*|}Dy6q^3$?3MbU=f`cVWilY zWKk%iN&WTi`pP+ud#@z&C75eZoK|G);lDBxd%}g3&*b?u>NTgU-ZkUpTaloJlS&bi zlTaA|8U}u4Pr=xD4qojK!cZVr`q(<3Jo>LB!KJ@O#Uz3f8x+KqN{p>h7DYmBk?UEu z^pY>rU8lpymrq`i2=Snoh}-9Ru6ryN(HZh}igBDXoPqkMc`h*(r>!WUO-wCV#`XqTCz;8(WMLrwm0Sz*0hG_-_7HDZ&gDosFHR7@jwG zx}ZmnW2wJ|zD@Vl-$#?R=1rGGuDGSupY362;IM|T+n*FoKO6ftC6XJ)B;J+L=6{k| zIIAJ1cH7I0OCnVbV!jAPSSXwDvhKKKGNu);ZEDc!Vz1m(oLaJ{{Gwz6`LFWUqpz9K zU@-8=(imy824k1D8unt0i*e5>P%p^ru}*fA{dYHkMl`CjT9bFTgC7CWu3isJe} z{j0S{X6MwMGYIAjHJJ~P2TbEQL?3p*Rxqh$B7OdU+XI}Ui3eqG1ry&!ms9Jxe{rq> zg)EjHkarV zlu14WnFRK(K1?C?lyIDGwym(0zmfcul{X|Eh)bQD1ZHkaig0h7u+1&oC!4(b|0#+P zB`<#&!r(DW?ovYG1A0pWVK@Cgx1er&BhYaFcesDxzW+Ns-RS?fNHsAijPi3$lJx+h_(QVg;_p{I0MtS4 zm9TB#e*himO&K`Ib72nvqnya>rAB)p=t(1p+S79DUUfJ?*ZS12_ClXfGQ}aHmOzr` zq;g(?nplv}tZ{}i&PlqWpX*~Iy6p!Pg(yxjj25P#sA_H+2BkNTixDE~o1dB@z|B&K zc|@}YTCBJLL4X*0N1V{FTVj3kpJhyb87KG_!SFhcW_|fjp>nDSgOdjy_P1r!?;h-I zl-gn#ek$tyS?N?sEZ!+|=(+=jSqdIVs(|c^UkQ#ue+Tq!BK(AQi)`agvizr}ebG6# zYU{Y%tg?e)7CfSKxdf?7y>xA$-=~>s@t+n2cPOA}ejiXx_TQ(6d#?S*(ed#H|E(jn zfj4>?447C4jcBGVm{FM$ibh!0p#EuI8E~=343n~6u6lSxfMpbc9QoiP44570T4!*g z3FW^#huVV23jYft3bfAJhfl1(T_xw?ljHJ9QeS&(;SMrc_$jhUm#>KlTf(WwG8fbnjugB7*!MN--4lC+;Yi`dj z4i0>^bIe|4i0(i4be*W?#c9@h>M7=ox(u&3{J{R;c=)o0662{^zHrQu#lZOsnJn#Zl_zFZ?vVBK_aq z>E3ba{nx=J{>NHUC;gwPk}-{GwTf;~=r#%mGynK6G!tLt1rrYY>L^>(pzO;YrB^>y z!Ur{_RhDRE>#_b;Ny)Su%^jr{nk@1H@TB{Ey~Bg{Yk=!HVW z{N4lLCuJM^a}NOc#D0-CPrp2(*)KT!%WuD_4h?W96{kFp9AqP_k&p9}4SoDUStRIYHC@KRR&F{|Cn#{I{M|yZ_ZX7*s3+iwRWZ5p1FA zTk}0aMafq-COz{to_;krb8pd_{8^ zjbz@8Miq_lEOXbdy+eo`>W^0fOz?9?MT^?4uCx!g*qAIQtejgEmM?nT8h*WAKwE`Kzh87v^;j5fExV`)-N!;>W;_wfqIlUga z_@NK_lPs10+_ujLwl%%1TU4~YtYN6OmzNLVJ;P#I(JN}ie{06eGntAI*0CqL*a{}q zHCtd27VkzqM0XwkTB?PK0$&v^ho94TJ@V64(>*2lRaV#J)jJ(}+BCr)_xsI#7nfuU z&Q_^IYFDWmwPz8r8!ckD9M0nJSG^jteOD{$aeLok0IV)Hj7FjJ6qDPnbEU;Ete*R# zy7G(or4NPJ19_VrM#2wAeNl?68TY88+V{;Yyr#L8___u4$|756qDq0UT6YoQbc`tY zDWlQPfKc$0s;OrBBvuFu9yTQDc#*j@y=xf3y{t|-9we&zt7qR*mYJE_&b(Q{@@Kwc z1giTWb#{w(MAWkS-Yl?NO;tksK8jLn+MiX}!RkT%y>#a;bi@sou*^Y(O<+3-lWS+{ z<|hxeW2;Q&kR-b7Dwb#k!*PlC2+a=UuMP*a>wuw4>P~-A__@e0v{c=x&&#fn_${II zG7o#_(no3^^mAWvVITCrE;#}#snOgX%epnz9k@r$(g+r(M_EwO=5yuKLTK=^HQcE4 zNz!IX#<5aUDgUt)nPMX--r0 zW>1W2&8lr4#BFtHEwf}(tUA&en%fg2Ud}BxEkzafyj*;MLD~oXi+^Nz3L_M!?I*{o zbDr5T`n8t1aR{Dwa?A&wLjPncuC@&XfN(rjma5*_YcWDf3HCD(4SB}sX^djd(%q&+ zAR=}CSPqtR`fTXu+V|L5uXP2hRUPu&Ai5}!k8ZtbN-$vWE5YIs5Z$} zotTHsDW$WU z+gG&;am=M1j?8Oj5M#3MhimA(XE1(S`02|gHQxW{v$T)} zScCo7!O_vad;foMe6+d$Uq@KEj5h{aw4^i8!J^T3$(H)ZU znB+8h-zh>r)oZU)A(Y3;bnb@9;F zse|nbLVLb(T>s!$bP|jRoxpSlFoeK3O%wL&A7x(1(}&ua`Xgpa*!P zK}IQxgPE4vXHi6+cEC4;4so~x2nDw&iC};R;EjCiD*}IsYy$;WQ219eWZz+y5;}W} zCpeW9#@S?uDDRTY1x7f=Y>YziD;bJvC`uuY?W*^AwJa0QgGX7^RCSTFUG;~e`V`U> z#}9813?m$)90Xh^GPWiN)fYaxOu>c`p?OI$OTUsKKd|Bya5;@wJ}03-7oq@+XMiHe zh(kw=qk%#p|0J=RQ~j3;DP!i>v9<31y9dDksTQCJpwLsRx(@7m7w_(p%w4r2F=HaW zpJSG%e=Y(kxzVxsnZF?@UmmF0jd?G3H`#~(dDu>UQF`M2M|3n5P}n^!&V1(9w* zKHX1i<|BGFztMSBfnETA{L%ZB4DWNE4ggC~P(Y~`41N*j{yR|6 z>u8C73^r-L)PVm&h$bXvC|v{rHtBy3_g(*Ad&j4n_kU|i0_eRFvwVlr|AHL30ZO812!lrnhA2$Y!%S9_cP{^(m&zED)d(yo z^e6$rIzGj7&^J>r3JVfVFqB{2`)GD3wY^kR^P7Q?1jHiL=M>W^)1SZ(-^XwY zaRi4EufJWHyNo`d{`R)g2b$ks+1ERrNze~0?Vrn2VOBD*GlR;Tmu_UqUK#|6ADT%K z*{X>s>x#ZWZO!sill(_XL}n8dF9HCXG+uQhmT1%4hKcD3#0sw2}tQ`Re z$kHgc`jr?Cn z5>kGtcR$Z_@54nf8I8PBoT8Ls#J~`Z2t^`Pyu6*jOk7V$g|B^;a3b%1CP{>(`yM6I z8Kx-oUads4;&MgEa((;3#w3eEFhqc6v5@ed%bWyK7)2<;Y$BVQzz=wmO*~EdD(5xB zR9vJy;3CO$lX8Fm)}EXZf@wyP%_82B5WUhnH z9cV8Ft0n0lfAo|Cma`xrSuEbc2)0%|jC{kD3(a+y;*6D}FJ8%=RpmW-L~#p3>Wa@x z63t=`sLvzFSj+Kni_F`!A(m>;0&fvd-~+nJqUf$$@KM{$C8c;G8g{BP+_Zv$Ws2-# zjxk~B6-xQiY%xwo?sgWkZ)Y=kqqi#*m^LO86=L%5s$6 zunB$T<|RTNCe$u^i{nSuf`W3Px%V6r$92Peu3^KO`B%T&wEZ8QcXMx>Hik6kDwR)F z+7OjcOejug3vnGmSgEGPiHk{?zpz-8Ihl18jH!k%bt5$;35m$V>@J}QhUX+^DTO#r z=UdDM-IW!upc9-2okbY3`e!(8$Tq545ux!Si&a-J?^`cUL|Ff(t5*BlVPPqqA13j) z6b9%9QA|SZMqu9l*VelD#!X42{cJ71{-d&Q`Fc3PP>=~uB*FEoRLw%<*IWFw0db5dQx@myuQoQ(oVvWkT>_tCvm$u!pO0B6&ZFY}}x4P)gQPt?>U)nQYlD4Tq|HD$4qEQwtWC7mv{%`N7WdF5) zvU&fvmL!xtcWRcGY60#noiEV>%ou`on1Gc={Nu3|-xz`|(-2Im1oES#Szb8Q_&5ye zcUNpPmOz?f5tQV!HX19sS%lzIzcdh&=i6A-Z&F37$A3lOpWGG1`|cs3n(Y7gkKOlw zhbMa*`@gj$%l|_$x6AYb@!p6Yr7++M0H14R!3#U46{@%_=e6%M%_vH_OD1}z8HJO( zySst+^TgQls{_jK;Vt}9{_Nm6e|f`HrtGR#_`2v9ukHKFBSwGQ1q8M?)N)gK?e$?4 z^pdp#wz!qGaD!_4I4xQ((^ctA*z>0+3|8*qz^p~|$k&sY#Jj?^DELVi{JHOu(c({I z|0*>U15lbr#tesO2QUJj5Kz2aT22asOMaRma;JBB_}_IuZ;-@CoZ8F({2g*<1kfb^ z_gw#v2S@t{2OIgnj^w=mUorylteI6}09X5>POl|NZl4oX8|I;FerfLQ@q+R^?}+Wr zr%4-Q3vKnYEw-=YH^P>>Uq0d2itW4&quP3TT`V!ni@B<&qo6h$&1vZCR#y5I{dUep98ef_EA=eo^+Sq&HAq4nJx62Hg;Z&stLc{(s4Wf1~$r@hW$zI)AInj>6yi zR?_yDO4jM?t;{+UrhcVrK3Q#$ZDr-XS+ffURHZwhXrLU?%&ww2{2%&9sY69qN;mbc zO5a>FMP^g8U)@Ef`^QkK;vKsEFW$uK&j0KZRTELS_Wg7dokoeJ(%FQ|Hi%>WslEJH z)@5^C05qQej}Ob||Bd`#ODfraE*S?HHi=)12B4zPAFT>teYXJSLfhy7TIm3)hHRq* z*rX+-_VQo<*j)+GB>#^Nj$He{)6>oU|5}m|??0%i1+O8)!LlJhLh%IBnJEgl1VicK zlcQXRX#jN@;}i>TW!kdIuxi>GLv|y}bN=l{*5RKo#8dmw{;VtimH;wE6lh}1x+#nw z5ZH?01nq#WJO>x*Dke_;n;{)I#iOD=%#^pWyy`+a1zJ6|d)*Q7wCqqQamyI^Y7tVWb1{j_trNg}=<(VVpRbw^{Ey5(56Kljg%5%K@ z8l1(UH4SQ+71Q9E2%X37{L8O}r$3%G9V3dQ%Q=c*I0G=R*Ihz(6UI6sko#+Y8m z(M$|sUa4{)ryA>*rpFnh^6v1BQv2h(8irf+j|@`;U@E9{yS^il(ac@)CT21wPT(ek z#%+%Ur8OuhuQ(r<+^?iPFdN;2SN;`x$&Qmj}A8PKi87P zmVF0t3{afXSwe7}ikN)T`{|J8?66u;ixo3~QPj82R(@n4GvgSieK2U9A0|mO%L{y| zn{@@LdjIngUk(Ro*#9R7rTFhBdz<$^>q%n&za=o_a3umvI(uL(x4hhyHWL381t|zJ zmXe7G$~?jmVmkmbRaFRZtWf%31}9PT0|Z6X0DVX)yicOO<+5SVYX2f;88zGvg9K3( zAe;fi%?IQVP0;E6Ddw9R}=H#~PSOxT!o+ltDAk1E=^t?mP6H`sREaQr|~ z$Cgx?7PWs1Q}hI9;OyoS+>)##&!oIWn`XWv6#tV8&PezPKFd-f_$}?$uW%7Og&^;h2!eZu~};X|qo$nV@uxG6vqE zl;WV<6isBAmV$cs9gN|FEw#I~7j%)>FYiza5<>Yp%+bqEu4cu5yAj`*&>)@N+LU$VO z)cfSF&FXi}-j+7!`?aOY^FNMpx+Dc)!}b$oJov^oE;BU#sHu(&@nO>EjJ z1Efl?QK1)%QSdkjU;>9Y!YP&*#5zVJ`k-4@)Nr1jN;};NiPg7I2e)c_o-QdJUw#d4 zAY}+dn5D86m?WI@q{MTPSgWBFRk*b)ZNxpz&^f1>Dblqe6OKoOPE@ch1`5Yf?KKjj z!a)0GwVUTy?E%Gz!c;`nN;$OrM+6ec*b|{46Bm65g>7^oxzvu6hraZJ>urak5VQH3 z2oWEA6bBfwfv9I7bu@(5wK#zk!*IBSHdRgSS|#xVSx&36rdF*65e^>5Bx7g^4HuQQ zYMYUWE}>OkO;vlh=mE17QE;8`HVN(0O1>wEDmy)&gDv zMNy+<-{-&Dq4E9ARWof|41|~oGWss1(e(-6znUBAVw-8HW&o*>FN!;S;gwP=WBn3Qg%n2xT}t(a2MbuBjZ z9oV~8GWF^n7OZ8V(n6hTRk1n1e=4cO{}s%C`3uMS>)`+Ud#4BG`~QQD|BtmKL!~Dp z9`k8ek6u^-u7HzzkXmFIRQ5HqQKlQ7>)Bqs)s)y%e16{(pX?Lw|1;wxa0=6{f z6F=DRUQl7++vNURWmRvK3@gkcRmU~tP5XTr5K7K@#;ts0oZMGxRNKAc!(?@NC@?RX~LXt69&SkJ_2*AHTVi{T+tD z?Ux+p%MAa8gcW>W|Gg`#tH_;Om$)lLEf2Xu%y(ycuZgnn6A|*5C7?gu=UYgV*ausKTNEM4&>)Z4SJ4&MeB2p7!6icU0SrWFQL`(x z&&p-rMuY|^EG7&~Mv7R9!ogrrHu5*dPn5mYB^!vOFb>b6WDKve2{>*bOgs8fic~e$ zw!wNqvuEr%r8Wf)dH#K373nurK~W&*sX<1FJ*E3F&{gWCtRs!6pYPPqPSbs3R{PEz z{|-i!On!uusJfH6xXH(|V%r$Ks+pqPC4rVz{gh^?UwYwRFTExxg&d0ClQ%d>+dZ^3 zUqmQoBd-?OOMSf;svkTrBShc`U*ryTv*<*NP`~=#v)IDT(_+&Ih-IPihi<-8EaFOP z>IR|{St=%-)U8n^8be5pLUI3-XMWv@Y#j?90 zBtq0MBIr1{i6}q!keZ~ND?DHk^73o_IIbc?Bc%!m45l3)!+Z9e6Rc$-{Fi7B)ZZ>; z(4RPu7?V&p_={L5efKq&cWD_IC}pzqx*; ziOR(X6GN;Q$b`f=C0uX~q%rmXlOc)`vt@Ew%zq=Gle(7@QcM}4I)E`8-tY`%r09WI z+7Q);uU;5uhK%u%al;Xn9=Pka9hBAAS4({^e}^YWAqpBW%?0Mz1)vxSSt75CB%FDI z9M6P9IShPIP&m+!)5HbuBSMK-68eHG%rCb9q$G>W&oK#=yUG^P+j)<6ZC-IX${(W< z3RE6Ni<}y{5q9{-DwZg7<_nl_GRsY=#=d79ON$L=bc9eaf-*iC@3ZPEKR?9ismNB^ z$;BMmzJyf%A|llb3xu8=RBcCtQenxZYtoeEKa4PnLbvl3*fL)+*06ZE`J2~#yM-uD zF^rhn5j)@sM-hM#BkC;x2q+50g^k?o;;(KDJ{*c-swKtg{8C-n%ug_P34G$yKkvhT&-)VNt$z!pVNuR_ zp}#7{Vcu=yy?*iIGieZY`<>K?xelaOmzWQ(tz&9+@+@f`wS`zdUM|bF6_GC-O{6YX zg13%J(os6<+4zvaIMjI>CnV2ZH79LwT)9x^$*7$Odn$?!8na6kCKgX6;v!r0&jp2JpI4c(Uw z^?5TTe;C!xI?ohdRA(p4Z(%Uy~<*usy?)rF(&v1z&&RhbC6~K6o zGg~1~<~p#|fUeKulDiuJmEP0MjRPC--@(CwWB+rocYL_<|FD)MkI|)!Tj z0HLRR8P8!svH{}61GNjcXbWpZ&UDKQzlr;b_O}hh>RJe1ktgtkq-fKxxl|`!wdkAH-GU)YVX_0o%6wRfR-aERC+9!oAA% zNnIt>QUV;k*#g(;z3#HKNs_Afm1k)RgYg8#=^MUnvDN=Bvi0*5rJrP~mH)!q#^N?$ z4f22Q_;k;;|2jF{_~R!V|FS=4(qwX~b5O8aRva3Ef`F@96wmHcQs(I`+fe3}Ue?=mfhY=rgtzIpVf%D161DTs&+Qhm2LH)7 z&P#X#+VK8!|M0Z*{`2@~qyJk=QvRRBR4?t)FZW^D4ejYt%SU;p-M)BBNaAP)_VeHr z=!0+o)yhGK-WQc&ZTz@W4Y7$R)laKIk~J7ow(I7vz>R8B+}sK$s;?e=m_Jd-L86GP z)87U!Gz9~#@2QV~rdOw-AJ#+n(^q*URn^P@-1EgMA1Y%8Ld5VxEDgS&2z`_@FKpa( zCAwtaHICXi8X zK}1DGB@{6dO_2Z-B2Z4*YTmNRE4Wv)@twJ0T(Y-S6dcnK-;IU?j5i17TEk2zAT^^? z?(J~OWPeivav~dg^T}EmeoV)v1&=g(#kW7EDNgHYZmx5S7xh=LwNDo7=Rjock&Zb|d1 zx&R_Sr4cKd`&mR@6To7KK*nTtFt?BcYgNvqVFZC6p$^S06tGSAgJEnZs3c- z14>&dC)8&g_C3S5t>3@@m63ScOSvG><26Lov71J0_p7k{5|Bf`@B{cA;5gl`>G}2W z*SzySXzM3C*Ik%?#Vb&5PJW58xCNBXMNf$JxuOq?N*PU@f9RJWT+A^pNf+>D zB$O6p2U5JFX+PdoS|tJBg)&)h6AQc4li5w5Q%7HJCSo!nWAS;IUDN(q@y?lJ0|3w; z6X63e@1pp-oUPRJe$A+S3Hzwj>F)a}sNYI+E!*<8GFn;2-m>C4EWE+uumkca|GlwB zs7=-SUlk2x<@(>fgS{iy|NqJH=Kb$_Qpx|H=3cedUoBk#<^g4@4Zu_u)YAS-WjEER z`X|@sORwJwyD#CSCa_zs|SOdV(+lZ5eRi$O?SCvZ6WhdUDDO0u7jQ28_|zh$kHCT6)Uw<`*LRkf+~cyqPumi4w> zQol*pE@xpV!+{5ol@zo7Q?f&U5z6T{i^^y3+5yXpQW0RMM7XQc-U!PtH&x4j_2B15 z1XNoH1vJ@zA0D{!|Mc`|dp3Yca-)8g z))@A;?+CMNAk@jhM-cQAn2w#_VLCQTX4Gl+dm8=xy{}<&*&P^<@}CH*JgX%*idU{rTH*- zslL74Og@PvHs%d+(jM2fFivUj5!4w3n<)G@xr#iIV74-bu1JV3Z+v#Y7TTNK|waLMMyJ=uK;Qsk+r24b$4<@-Y~ zAi;OLo(Al)YtZ(Z4O)6%a~s&l`t_-NP2xH!f31nF*ZP|MT&lj;8rg1|UbEKA&8kix>P|yjI6~*fDn2~RpXv`S5Zdj}+SVm%XuB2XAk9cPZGJ*%@hi)CC@Qt#wH|O_$ zmOPuwHW@E5n(wOF=)+QE)(S75&Baz43~>)5cB|kNcqIHs=+y^f{{J)Sc#ModU+iah zZSk+-T=gQtER~r&j|aqK3cm2ZgA9}wj;zJw4nz3w!STa+1o6bDt@A-5-j}lOt_}*- zy~Iulg%5}`vq5Y|`7h71rDv;}_}14Wb!f{PRx3(>3R4_-ev(my#bcF7!6>MxrNeXsXT9DDcfH8{V! z?DA65Tr+GkJiohKhL4WMu@M1c873m?GVj_TV0iHOf3X23ejf$iiu3~NhZIjMt16F} z9Z_05H7&(hHJXK`iRU;5Yaig?7Dc*WH>cZ=|fc*LHESHvT>EMDQOYL3B{VbQ&;rd^+W`=I!~ zKo30?%TL~}mYu-3@AGfoyUV3fAu(NGU6>PKcBK%kzJ9D&^f%peF8iKXpx6b5u$aO3 zV%Y9tn6NQPJ@>`xz&j-o&*b_&nmWa6){1@9lLeV7=vzU$$%-SN`dWrwN@eg(7DaM3 z08Jj?fBRa}WO#g@2<5Yj({$q%sI5^wYG%#YE{!X` zzQHUYQ$%Mz4%O<&|1lr>7dZAWaDJNi^t9Bo(~3?`+Cki7HbgW=DdPC^rC3k9!MG}V zzEy)dc{Q&Ixk^Q?bJ&;)&wCBjv==0corBE!H=dV1vs8WmM~84p7l2LnUx)jy{nzp7 z>BjzRElK)+dVO}jEUPcRY&u>5$|B3R@sgHp!tZqf%D{-w{O*Fc%m(fJ{)_$4&FMcc zVqRK`zjvSG(J*hh%Pl2e5w+KoV$PmFEEFfB(J-vS4ZC)+VSo$mCjB$DoLY$q)Vl5{ z#gc4i>?HQt^V&FFjzAD)EJZ)y5P?TD10g}u7r(fy+yRg=ekhmE1N`1!UW_68FEn!o zL{v+8z5Uj=gk~YHC-TxFU9N$YWbvPnUDTJ7YVaS)QnVBR*y#Ujuk`-+;9z6_wU$)! z|9Q)&eJS2Q#R9U7_sbr?WFE)Wmr=sOQ-U@VP>CNL-(GUzR`~Q19}Qn#vIdv)wRZVw zR5!Q7Pf2fEcb{elR^`k~w9&WP>f*dh7q>#=`^0J%%jZ)j5qaybQo+(Ge4N4bKfzSZ z|4Xj?=N1J`=l|oAQ#bze;o*k=uO&&KXZU|#mL0IWd^+j`%Eedz2F!GWZwMKel;=6Y z8^m=v$lr0|%?YkO)t5$nnJ0W>1UsGaje?uN&(HpJsdI#v^;t z|2jE5-uQoAOEM(U@}QsELEQkK5odn2Fi%;Zn+Q+-@+`Pcw%rNR$&sqXaWcyi(OX44 z|61TC%Y1(C_NykKdhqSx|FRzHf1)r~O23Z}+^WUb?jo#W*KV-cCxOk@k?QcDh<~*D z_-{uCr>_0a$?-=2x1OX}hYWYWBoiRDaykP*Rq8nmf%IZ;X9}cqce4gkrEK6Se|je5 zDH`tvJ>?wLV^5jq`Hh1VC1p{08RJw-pV$+8=UEVH({$C~)cNPEcGfzf)|X#{3z5YG zLgXUn6&00G#7Hzn0uu;dmbHFjtF5^F?+?Tct(R<%_W-qx-D_8A#bfnA8t`ZTBf;xIjG&BmQnIEG##j)nWkC!lI;lQiM;hum=Y|ALanvX4uaNgzK`A2 zze)T@=;_~%l|4xqF`2TzR2ZtN{w~pj-mbWwz=z1RO1Owf|s|SM4 zC>T(%(govM(V$IV7d+_t|EoiUPG6S^3agz7Hp4=@?B@pz8>gtn^nA(aaBhE}9|c70 z=t6S+R;RWP+m<-AVZVQ}n$WHuH9uw)*cSgSq6Tcjf2XDQ-~0OqoB020Ngn1IV zAa_D}bv1o{aIbQ@YNqPT1a+UZ&7q#=cA%)1Z$BeCsv92-E0*%2Mg^ATB&JDJ4mq>6 z=uNQPJ2HHYrZ|4^#IUJDcX>HAPk}j4i-ZFO8!zrp`&NrEf>pr(3R4}bL1>5BF9V$bo|CtvUF9{J?i zyFKsG#jFE`{_S~A6uS9Nrw2V%wZ{jYX^H2De5^X16?CaGtjhh7yV$Csp_RS$sfXPg z)V&haoiEf@u)A_;bb;7bBOFc3Cb0CvPh!3zVX7Er2uNJ`-`@cllRq&Op&%u+tuC}t zsj0i0knk=+0bm5+RD>>x|D1vm#1U^c#t}#ej#DivO6%SmxkOd!iCQ8m&ZhzFf{PCc z3Q`n;pH!irMGTdc$ml8krhPCs)OSx1{WmCy$ZUe*v>T=ljdIID_$AWrQkbGq7Tuwa zv@unX&Erd}C2?;cnvl3NX`v{#O2Yn1hTTZ|l^0kMG3S)Toe2ski5Demb28hc|EN3v z1&F4*6Bxq>ei#fEi38DS|Kpzj4)#wE_crIhbtG^6hb0^V6N(AN>1-Z@pOPQ))!zH? z=FH<*;DmZu|A~xK(B(A7=MTJ-d$o0}hoBth0W_Y^41`&G;Nq2kewQ%q$GLippZ{h? z`Za^5_kQVA_Fipoeh5+LjvWBQUo+-+lZQtZqN%R0)q&S2zKa>l5S6|A@{YaF^3Jew zZMP>NsE-P=M2Bggmsev;-YsnQWB=8J-z)Lo6h(-Vm%j{Q@R%j)*<(ZkF{j-yV3Yp; z;KcF&aBy&Xyz&3LmL%4)caE250WMb3z}rYyQ}EiVRu2_r!|F-)TVe(GcE8C%d>#Pl z($dKuT#PYzEvf+8VS(;YEu{1g!7{b~{)O7ul3wLH)!QhKjlF4CQUaku$Fcw193TPX1%xK@}+Q)&rLABia z)NJ<`gYA`*+zLszsdRpHMWyA2@GikvkzR+V&&wuFpDFbY`hXVxRJh z*e@$Jp8pu%PFb`_9GIr}ABV?f|1T#S|1WDvGTgnI<7FTDbiMPP@`}={KiK6XV8wlw zzdf7xKh^#mhqpUDbakh-ynh`|Xk|I=`2Ex4*v;pkD)sr@7&OjD?Oc4B4>*9ulRh;# z?=Y{A@ELBt7+Y%FtG4udj|H34f49?rG0V$4?yuwsQHc4?sbT%85&zqsBi_z)0n~i| zZc_`-Q4{w zc=t1%>+Z)tJ0IEQPZbE;oZ~*7R674nh0uHX3y$$ZPXCS6aQ@rhE5(00J~`f;|JIVE z|1U%z)Z0=Z=O5@m-g14YZwkdQ<3M;nMxd{_LtnpMHRVi%hZNG;yk|&B&Va8*&PbXM zidKQ*IEY8Z`wrP9^TETG{7q)yqRTos)E49eQ&H{(nc!5H27NV1_EU?k2_O5=u0hPl z^%T)3ic{oJXEkY6l?&Yg=*#c@lG7}swe2~~g*WLlOO^azL5)T3{dH>M|HozjFUNZu z|1WDvR+J{r_GcOo3iku*@xOrA0f|$HV=zY11RzRtw*yKLV1C-pU=+8zI1hfL(vXJF$eVlp%ev?DLKvx>IA+YB9K7FPxvVT{gnI& zCsBVvNu$?&9}IG7(VA}+^c%%oFfxZ|~{`VBol#kVqXYbzf zj{WuS`l@f%S1^6))h5oRc1i#nlPCSBI6!eBEbCVNEoeNa53)Hyi1qx$DtyoqQIO7Wi0*Y7`r5u;2 z)i`hp@2oKD8@yXMVUZ7U-{|K{`>DNDwRrp)X zIvouf@&BnC|KV`|bQAw!EvbpMRW1OF*QukvxDoMOo#61p4%iwpgCXi7wXbJ*J0&f= zzSGIMz>r0|e7Oq!@{5$*rIhbv-fCHmEm&ef%D{PDYPO;KQlp(N`@6BbRr#!<++?9K zYgdKjqK))b)?4vjNp{_stIZkVvrY~CKSWa;psozxNlpC!@Zh*)|9iCI|7%H2{J&TL z-5I_tTg~%}x_#a!%+ktRlKjbg|7J-9nXiL9u-aO+NJtQ6n58HVP&Ywf7F?M98|Hl*ffNruVk{&(g69i5Ce}BL1|LNpt!~fTj8ujSq1<+j(IF(dO z1W#+t_&>>_NM6x)JqCE`S~>rBTJ0tS+`Jt~w}2o_ad! zgjD&i;-lQ`7popB&tw}NQUAuMNhyfL%;gFqHWru8Rq7#e=iJ|DfL4>5_&=d@Dt(O9 z!2b^p4jufze|oa<|FNFb$p6&>sAT;5-^OP)4GLC2DE=};#8x^^+;)K{?QzSU7{ z%pJ5EDQtA3pN~~avnrp}UTJLLjl4P+XxM{bLJes3dy${ZM%$y8Cb0HhzUq+a%f*<4x@Y*Rk8}9*s(SBNLV@j20J9-L z{kg3)of03knawgv(1T}!1U3!47(q5wF z>cs!&JO(z}e;m8#zfJtdb)|0ne=V&4vt;`VvHYd8`wgq#B$>ML|M?z(HsgPn{~sRh zZ{okLC3WQg3q1gx);$2NZfGTdx6#1=_l^&p_n-R*C#M_yzn1hTa0Am6(O5VSkt+Z^jZqAS8ID5EM-v!4!Ux0# zy+27WFDy&s#V#A8C;|@=8A|6JIDXgx6h$z_Qv?#2j*Z`89QOVMV)P)H%nRuu5rvW? z{~y}}`EHQJq9i8?B#43t$7s+Syt(`3E+rK8{shjY8?N`~cOb-+^#%_(eJTD|lHVH) z|4Cnp|J6T?A71kR(SNdO{IaM>K7va1}J6-><{*Py&Fj31f__wUQd1?^p$n- zct1wqo@PjR;$h%M?uZ?L(?2sng!6dm=;zPU%MQiEEG3kw>QD%NAoTH7MRomio=B0}LZTQ9>9_37zeL0H!b^4}efr z@gS!jMvQ<7d_*9jcnVX0=qCUsB$V;OIU`Mp=y8c!F$94cf}M(*1g951vaK;1^eXc6 z2^x_oB2Qd01dt&HAVoVM%#fl4QxL;6<3IBLR8*u*eIWyXF52a!{8_9R^dX6GfO&@! zO2&AIQxv|csB9O!&f+io6t4?Ux5fc!07)@X@-RROEw_%q1U@2DGpGt$CqUlCwn2f9Fid8ZS4Tn)W84r zzf_KY|LcEmYZuZm2GmL!RJ9EQP7uf`Zn!`Sj>Mr07E`!XZ%nFiydXU>h9l?Vo~okYf1eH8>|U zAyf|f*>DG(MG?5=SsA!R4AChH2fcs)>wi^@(ZB!ozxe<_kWv_;38asFsrV}&^m@C? zOub&M2)ajf!sG;N2?WN7qTviYaMsVjjAUX~>z6OhUcPFd#yA-BEdc^DK}@*)yG5PLgO=Fl&nbkzp#? zQZL9TXWY?@w~5582>*qM1r!g?PalalR0cgo_I` zEc|SP`BD`dK;Q}#+U4X#6dOoLMAq|->kbD4fMv>qD6#pOJU!~|4U;6oi1iraGnt}j zCd2@O!MJ`o>SbZ<3bFsDkj{GTs-Q@SmyknrReab%t+E z(M~>qoD1mj<1ENKKm#C`CZH%ld@Ref;n=LRm)9x6VJHY%NdB4Jb8;W?kqJmF*$)#c zzY*bFLao!DIrcL?KlUzxshC^7P~utj=E1QCQ|PLNID}bBI0gu~MC|1|Q#NNZ0lTb* z0czig{=g^#0*Lk0j50qz<}$*lD&OFOYltC-@k|K`;UjcrN;?W7@<0F?6)aswl_~Zl z11~h(mqRr(&K$6zGRQchrHJwMqS0+;_4pUT-?69yuZJA z1780K&TekrUY?)5etQAlp8c>R@~LzC8}P&R?SFyGJ8*M*{r>XJ#T#&a)jPZ5DCg`B zT;6dB|N89i@@}AtT;GE4E^aSg{|Me(-krZayL@*C&fdNSKb+m(o?YEvUfhARt2f~M z`s&T){pI!5-A?b~Z#TCWcX#0W7F@o&d3$;BW(QneoxlD5&E?g%;KdJ@_upNAe-GYX zzPr3X<7KwZ+OEIpy}P(Q|L*MS{_OST+speOcfdE7_gB2eZ?12_8MrySy}vyF{_WW< zxcUC}=KAhp2V7lW?OtAeb9;I9?Zvx`tNR^JRqy`t{_Vw}*V724ENFz7WlWuqwUr6fnMVr?pHAXp6HT$L|TBAwi7rdrH&Euz}#sdFZud`^=qYR<_N#e!lo zDum_`MdXPibKloq?=lw535SRp`_Di>)qT}`)1bOn#(_fjFS6=x?i9oYIZ-Lm_%I(W z7)3pKWTGg*2}X+e@_9TZ!gaIWO$HNw)$8pKz&%mOWX8v?3=PCj-`>0h?-i3j80-l- z8P7ljQ$#iQ7iTm6A(y<;t2Gmo0aMIjk(dx)ZJxTG_)_B|Sd{03HbF3EvTml1Fh%z? zqbv0yfa1tDM7d{X!I^l;2MT4xs>=F&1oPS~ng_r_sQI842-PM@x{M~7ux}Um6e@MV zftVG9`TV{DFW`1jS!~uP*)17qE}ySRSa=fWmE%c5INyvdYAE6eRbpX>G28|?W{9RrRDMYL3|^6#&)uNcJG57v2`mP^-q8SD5wW%8k-`>P zN|Y#70h|p!1*NZ%l>Ybj;_S`4i@_vZMH`Lx|0k#J{mDrThYYX4-?zTWqUZ`v(BH*}YrYql`TOpc zU4hKI3vOSZozGDjFQ%(d70*wSuIPq@Y>rxPNT_Q#mtN#mmi#Z{^9Vn@gNa>1{&Ufz zfTGl;mH(FK2w;T3Iiji50wbqJM4hY`AA|-j0+(@$=m-Y91pctQbt}(7vYZHe`1fA# zKLM{x0)gHC1b?@43C*{x{y#-P29Zzjcl04ZC}iN|P{a#@K`PFv;zW>+DS660^M7JY ba+5Y`lQ!uyO#goX00960fEe!O089)3&)c^G literal 0 HcmV?d00001 diff --git a/stable/rsshub/11.1.23/charts/redis-11.1.9.tgz b/stable/rsshub/11.1.23/charts/redis-11.1.9.tgz new file mode 100644 index 0000000000000000000000000000000000000000..11d1005f637643d55b1aba5025ab4e6e44a58048 GIT binary patch literal 103666 zcmV)+K#0E|iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POwydfPa%D2n&rdI~H#Yj@l~iz0QGW-`BVY$xs0j_qwZ>6zVU zJ`Y4f62=t4As{)Lbk28PYwM>Wjb_994!BQ&O#Ycu29xjH z2e*|c?sxLQC?X6pOd>j{05F4}Z>SGLbhAJS#UvVlM$_?Jr@=qssQjZ_0e~fQv6v4Tnvi5U00Crh1Su+(;W$lEI7?ftHXW~70*xbB zEZHb2$r6a80SHixq5wtyvI1lLN!MC5Dlm@C&#u#OS`||kBRZ(mKm=!K0DLl=k*ESd zf?`536SNQ?59)R1`-y`|J#D%IfWge;P#cX(fT*9~n2DDcF^T{s^TbC700s*f`6vLl zXjxmpaE<_FBtcGPN_f*##$w9b$+1-YSx-r;i#cAwK5t<~B|Mwdr-X$#x~-9038Thq zP+8lFqeJY2hD#S%fM;@%K8Jqa)3{c@nOopdyP)v?K>b6T0*Sv*~=~_+(ZeVHUv|*8kQ5 z;@_gArYS0^kv65d%Myg@Ge{XqRx&&V#o@?S1h~YYAPcf(j0OP4afp2}6)Wi|@f^?T zSDtSE+wwmo{_Rt=u|fX3%|EwfKFkf-5HEquCX#X^%(kPT)3LomSxWTO-(jE!1s!9n`2yP=pf5P%r@1 zhTCY>T(9P}uHDX{(HeLSr`>FKI^BM=^S`Q3I9dLHkDUKPgwv-|0N2lduiBP&>%O{v&$0z@jMJKNr?UB0Gy7`3A;=XMG@nA6`Uvq>91<8d;Ol@cRg=3 z9=CfV)NOdZPNUK8HO9@Z-wL{o(WoyFy(z-zUAf7ESxKJ?n1pmIl&+mOIO z>Z3T~{|fy0@<<236Tju6Ib@Kb@jM(NCf-uUrNm@809PaoaWwfD2aqB0EhfP*M!p0G zfKO6Y1gIx%PCh7F*gpZdIypWa-dvqro}C^YUY}l^-+Z_@J{bV13S^2No}FF%d~@>Q z^7`*LmxsgQ&lgw615jNeS}g&2d2w|;0M##Ffb&UCMv9UJ_L0MJa<~>v<(~{D6T~h_ z!ob(BrJ!_UnQs74>;wh9T9Etu%NGzQIAUW^{cl?PZ(0S;6$%lg$l-K?s=$IbO{=P+pyB%h4Yz1HP{nJp!rG=Z zPRIz+ENer&KoO!e&u|pMQOK7w&c@s~IkeGdOw>XMj8I7KGG(ZQm8U_pb0U}m*c9nvvdP~O?(II`Gka;`+ZbhaZ$S0(;{1IT{Nqo20NMi^`BMU_V~9f(07iI+M#yJiPH{8=T9OSw zjtz$T0Z1FN!G6X}EynyAW4q@Hg5{;-Hg+7Rv-t7s;_&$N{5`nh2m(w2*Nu3`aWTVZ z3`Gp!2+YuoB+J$Pzk461vrnowyZ7RU!{PPG)oz`cuk$p0nr-aIi($V1($3WgU0hw? zoPYfA_T=ix=I8_F*-IBaau*MOB<+=D!SkQK6LvgC^ z%mrz}38gGGmA28QvPO$E#9ptk!+r%?39d$jO>s1-f_-5SNo87^SR^r;LuC(KLE zAL`2hR=Qu&Z0hmW2q7=+23IL=4T6-^GOcDTjTPU#{{y?}Fok|9~0jO3h zS!++cQr2?TXCSO*&4R3LFSn&S&2HbkN)2oEVL`(A3>}3K&#uud4k44)UCP)Z(`RHJ zu}jFN15nMn`Ky%}B@|PJB42r2c%Q7-h^0ATRA}*zST?$>U2Ivtm!n+u<_8jRqu%Yd z+wwhTXlA%mlh*BuDW9@Uz+Yd=2343fWsp`CD#yvpp7luOie?(LDZ@2f$J%zKt**@K&L1S!6YOjFoVpW;%IUJ5)?v)7f4to)_WKQl|2xliP(1o zuj2%b@n;l(JItowzxEw)5rs=YB2km01Y(qc5J$+VILE`AAtMQ@?13X8pTMW1Aqa3n zE6xP7y7;d|zv7Jklhnn3^^57G&i|u-(nVBH0ga%4JCDH_hlo~waOhoJ`N0{%+sY3P zo5htM{;$d&_yiM7<`kSBpU{dECxn~e6$b|h)@8Yb{Hx+Ds80gKVPE`wesVPwK!tnb zr}+pa5n_l|(Qv_r_ zLjSAyzaJ0J-=Caaymw~7BLK}k>*s%`>9q^E;4I91Q?&!6O=y?x7&&{FdJrKR792l+M zt^=dhD;pROnEzfsN181G-0tqAd6Kkde^=6){Swl=ZNZe0*2|LS^&d!@t4QnaOj@^$ zv~4@TjI?f!wB9zPt(Q{GZ6`=dmRCmBw!*HAtX7V!j!jnkUdz#@ZtdxAb=$kr@3!~% zw`ig3c>M=8QDE@{);BM=zIpcg=C+=M#a+iME*IXtmJ1wFJejhZ>$py{og*c)Xf$`7 z-(ANmt{UD0Rt+z=YIvDd!+R=L%eAG^*>!DcbjsEi?*VIzn_F8v_t6-zR+Ke5+ajIP z?v~K*K49^2bBm9gEL)+p%dcD7}x>`EHSj2P}7PZn<+? zHW39yX)7WgiPE0zX?I(z&h)g~EbHlSj7iT<|GkXkj5?9$Leu6#=RP{M*W1+!@_J=f zkoy4B+Rd5PZo?+4pd~$;2=h9-D!X2%OxblGpnU6(JfQ@VWJ zUjggq^e@-7$$u&Zw38>He}6TqpVgxJ{pTQ{CHt?ntC{b$y0$&Ies=8aAMwikBmG^K zJ2oF7nD|q?z?8|X3jd-ck^(S0Tl&4V%-+n$hT`L{0^Vzt2>AZ}wYYv(iR;@socEyB zZG9JS?YlCBdu3gGe-*Bu)!_QJ0_Q!AH>K-%1p>BR2Uf4l*(I#sw&^IiEVk(zx3{gj zr2EG0wMzQt{z_Lrt8MgcmCJiN)7b6qYFN1462qeZaBV9mY;0v~l6|lifFstlrS~*3z)4Z#vqbcembxF`d&W@i6!A zr4VK4%V`z1T2%Bh(>TNoz#tH(CL%y*Fbq+Wh6Qlqn*HvM(w^7YT3v9rcEcIgdG0pQ z^UU4aU@4CLUY4spTUUEJXJ515-O?ulzSl2VjC=PFd+24O9(v73BYv$&>h*S9=y;71!tbwz z^s-t=uVEAZG@E=Kr{KBWnho1nr;Y61aL=U*_pIRp?t^D!=g&e7|U{mqIUt^JQ>;yMXsXqR;d*OZo|IfP*^Nq8xu#Nn}odsq;&0&lwvUMRy1vWWXjOwmc+Ps?!T|y$%evq?0xOs z6BD%MiLz#AYXwBp)#;j8$r*_zBpB5i9G@Ktv+Ht2CIibR?OsBqv+HSnUZaexT~!&o zZZk(#s=D-^>a>2_=}7vUy9O|Kn%gBFY3nRaHf6i2LhHEHTFa&F(L*yI`co9h*|PKS z%vKj8GzW1TJl7A>t&?w=PHLEyFOT5E=xY_}vqx(&V0&{v$YAA;w=<32DjIhlW!dV@ zB8{yF(%4iq?ksFPcLj~RYB9O$UXjLzP2;`RzIJEV(BpQ;gdY1L_HU<~Ag*Gn^EeyIQ~P^l)_n%?Fa{m5`a~$$PB$t|W8k(-H0TbVLEo2a@TQ zkm*@u79IAR2CVwP;6$FGYH!^YhFouDukNam=IZxLsC8{>cRmN#a=d0Ks=Ml$x$3n>cbdZ)})l5%tXd(tRQk%)i77RT_m!z4Uub?+}5tgT6qnj zzb7aTp^w17=ZMNnxnf>U=G@L6FKum|0>(7rt`dzKXETiBl`L!(S(s{{-8GsSnIRD3 z=vLCx*nCP^V4TSaBtAPL}LIrf>fSFbdL(twDmuC_#~rC$a7f*=)F8zv|w z6f=@6w;ddty$o6Abyn%s8}-ap%yUmG|b_DbpN@#&XcPj&FEs41a;AYLEZi(ISQFh=Jg24<4tdEhr zuaoO*B$B#XIj;8}%WjE{<7RD~ZmLWxwJ$;G(1i?!M2=lG0`(GJj_HF2POk(}cMYN= zKIs?%D5CQO0qaT`fGLO*L{Y>zYx%^KH++_2y-}50hjgcibkD|lmHQa`TsPv=)@$!J zZN0W!3pM$Eh+s620SNg71Xzj)OXfWuaUL}S;myv zQq*~y4=3k%CLCUWh9H77^ro68qxzRW*Wq6zu6YLCTeWnHs->G#EyecUDy&-Tu)4SM z=PI9f9$p@+y`qSgV-`n@h|8yi{FT?m$WGau|1H}oGW**q@|)|(zqe}U7F9Dhr<$$p zl*T%&9=50yv1+XElr2qw;NVz54P6zpl9)c0#O~Fk>k{Jwdz>nOp zRHaG6zaR3&iA3Ud_w&P{RIi=NkK_(5Py$F4E;T?X{Zw? zbE$B1NHWphu+%n^;Tijt$`3z?d-CKWfGLOw6W7lRYcl|&rD)3te080i&=g^`1X5@! zAKg?hCUi>XVZb?`Kul2pewm^K?dGzJ&|Tf15<=1b4?l=r9!mCcF@I?@hRhT2%fIK? zzpe2J!oXyX14PALc9{-Y$(|XE<}j>_LUmcYPJI}n8je^(_MJ)%3=t9({_^vBUULQe zD8=g-Q=cS3S~`#~oXMolKGDnTAAi1P39ob!qX6$`Wtlbaf1 zEThkuGVM#?6be^DfJY$$Xgnqf17s|Sp$v}4PDL}HL=no6AZ z`BW1d0eCcLyz&V05iZ+L$Ji3w!6jIdImhlL<$E!Ruxg~c;CL12Vg1ZP+R79Q!Y({Nh9{MGCC{Qinu{p#C3Ut1Ftkp+kR z`jusIOOv!ywWq<#-?wDtKeFQ1?YYVxb{HWKzZ@&M%*~#Dk-e`C)^Zz*> z(f^l_(mRp_15jm%vRM7BzAW~C_(#rv6CUu$GhaR%=6}0Uu>YG)_vQZgXLe(-25)5PH z+pmm5@B!ke^ut@eR+WA^3>Gl*QBeBvNNoM)TE7rme)MYvfErl91jA8?1|TCBD*yl> z_%i_2!#D;K(mWA{Syg-v;RuBTP`wgr%cT*a{2TSBXa)!3ZvfabMgu@uf}@Fg6`(Pk zhim|qDPzlyEZTxyC9GTZIZL?k2dyrelFun#MWcN3g9}pu9iY!Kp@>TFmeK#kC*_Ev z#gSTkHZf8@l0P_FPn0zYJI!u?L)lH!^W<}k5+*0V8|m7Ql405M7^rVK?sDl7@sw>(=Z z^5+R=%Oeso^qFNvX^~sWJUXNwDM|`sLNm^kC=S=6c;)3zj{zA=Con|`Zz0m&ZkY13 z2yOL%UpL6jz;1VXo9KMcSGo0siXz)kDpt(XW8-`OO=xykcl?o-JZlC=nL?2(a!G=9 z!)LsKr{f(N3fL5y-2ieIfy1*iK;?{eo@B__DjX&A#7ER-2P|Qcyvru5g$2^NoZ)ta z7@g*%!eVKriuP-L)<37s&V|;ou64iyv{}C<0P5z%wvyrp^_@6KK-*Y@L#-I2~ z$z{x3?H6Hw>%Zl~qC-FCZjiWW-8q=D1QK_j==gRGT zgbbMM84X4p~CP7y={~y~4ymtP3UbpS${Xgwy^Tq%BEYBXO)xdk<-2t-SE7I4) zH3soK+&egjC=)10~Ysf(<#x^4{m=VfA zOahucWkUfLDm}OQ{3xD?+5tf_K1zN=fHD{bH5ifz2^bY1fF6e70E}TsQKd5Gvl#lf z$C4S;h^k{W#t{Ngn?pw-r1TulkhGZu(?-Jn420ssN9^UNBU)KGR4+drNdycyyD`xf zaY9B&7*iD>e_V@&ovQ%(vc^}K5Jr3wa@g{fe#6JY%4*lL5miMta}>_G5_Ni6z$#1y4D33K3h}p z^3zeB7e4fTL@D^dtwz3Hh@aw@oI5pfcIW2=GjtL81;kXR;29!wp_R#wQNJaK5HC=K zsF{p7!VJUk7=>^-L_UcE%8^uGW0YVL6yK{h%!jsmKZZD*C+K>bAUY*skba?aL5%gq z6JHVp1N?0u)R5a23?^(I-wU1g3TzrHvFW&L_*0Q`=5rikAB*K*XbP!}Mi2daNoQ}^4yObxF_%aVC1F-NM&vm@N z(kX1TJA=*$jmEu}@Akb>JAkdA)oAoa<6hrwx0)T)Z2GX-_2Ag=jGLpN-57bDUSrg9 zgKlTkXa=ZK5eO?+636cF^77-=nG(n`364&WuhcKP@XfD^QkbMG3Mc@ToNvlVE92_| zx`YtS=rc2tFcs9R<)JB40qNgzfEXue>Ss*dh1NR+gNrC!UJ=6H;SkACUQ4|Y>*ZyF z7dS){bV7Y7LxNKg#Ambm9N2Fu@_jOkFB3AxA4FS{ zU;uvkhu)S;NNju156{jjdaeDL>u!7$G9pnp09Y+CaL&jKGVH@JT$&0n2*A;g7eAjL zfZ@sY$J1l+?|c65yNjRCPp%HY@!`?U#ix_2tJC8XQ_n^dT%4c%9SF72I=niMD1a1P zU0hsi#HDID>>R15v#=5@C;e#$QByTzdm@uhP7LOjEIUGn4k0JL1!or#|_G!v4lCl<>DiT!!IsFy3)c0b@s z#WbWgxOs*1Pp8MHhc`!umqWdZ!Z1{*t8!WHuHkLEcg|r+jd!T`v7%dR*i8v#=ZM{r z!JOEX%s*pSkF{DTj3$8Zny=DpMc0NK$gcza@CUuzj z(*dZ$SjasH93q~h@Gm?S<|VJCzS{g{hO(Ish2g;cAD3^FvHheO1uWf@eA?|vxi zrZy^xNk}G3`TB@NRGj2y8f`{GlxTxfyrKRS1@jOk=Yk1xJxVYU%Zt{m)%!$>*ZgZC z3CTQS+N$+^{_C3DB1@h#l+3UUa(|ydA6;fuiH@sA=<9&^w623p(nCx875$F$d&bpO z%aRSOwI!CJ4b~gEI;6}MFN4v~5Hq`;j8f6#A{B4x>X0@opJL-mPb#3Gv@5Qim~kV2 zW~z}9%5CB271&Kpr}S38d@;F$lr`aS0-Ts6jH*ACMFPHl&F?D3!UE(#UTuQHU@}2W zn32C4>vdz(ym-FZf_nVNCO4;i??5c`3!910MuD8D+|K$BH{gY(jTR_b-c3HdHJPvMo-GjE87;QIq$-gM=g ze}Fxryp*~+{&zIs|8W|w>($(rb^5^)+<&r76X^#vHG8oeAa^S%UXzE0tN)y7{OndE}_ zcSpg(XPaig!e_yztjSS~FFxMrr|Ma43wsr)v*@LMs5= z;)wUvrCxE^ClbzuT8?L?15}rbBdR!>Tz)zdpY-pV&r5HOxUMGJP#x)8?d?pM1{g1% zw!;8e2Ys(AMN9`NMph3-_WCFy?)UoU)nW&nY9b--I8sX@h4%7MQOi zh78Agm9ikg3sXY=FyHpTkpKyfhNpbJ6Du2u0N1Z|8NSwoFJI+s5=(APj&&Nrm`=$? zf%@=SHB>E8!w>CDsm_)f4Qoxv*0TKwX>p&wt%BED*VwOAa#6lgB@a+mMK6IZ*i-Ue zRw{feE1#C#E2lX{T=QTZk#e9I&e&AS$}}tL!5)aQe+x)tx;@?Bv*o^NAzt`mdFR%O z+H{>D24Kigf`WYmC5NR9w<>go)D)!oa~k~%`3wazDY4Ack#3h)_P|9H%1|+rXi<(= z{Q2ZFLLoZviQ5p4#7Al92qg@Uu@BiJ0hHZH3znwv4qeW}aESZ_aVtF7 zujF2ep}A|NQoB~B%$&hk)G)sa4Nw6>neC-0(2N_ejI17ziN4b%73EAG4FExP2 z#)*UfCM`c+SmLt>jz|hCg9h)7{5HdqBF94!(f5y4L)q$B&sBn-(N ze<|}YdQZ~6gQBIx}5w7CfMT{cJ z)qF-Ak<&;Fi75)LWK25kjf&voBPhjSU4uINjhdeLZ*o7GO2-}7W`GsWszRZZZ=+&{ zotnCPdwUh}|2Fx<82MZdfGa{6xR4Qtve@39YE}jw$w)i}T=bJXH>pw%M+gNXbZmr7 zI^v)ri*pkBe9HNk(v4fO|Aqszt8M&}>i3jTX18oP)QV_nchZO!KNyeQ z(WukvqNd*-wcG99sL|~P$VKj`?0U_H=k-Uh(HM8z zUC-^b+kxBjTdq6u(b#JTzS|r3ksGX^*D;}t%jcsIqi72>gHi1cVph}j?5MRA;?YsTU0`iuM_lIy_P%f1^rRe?{zxu*4XQ|JH3wA?)&XV zrwcv5*Kvbxd)(~zg0%>XBQU$7D=L*Ei~23E(d&DDf7J2&ow4V6t)?IJdgFHB^@DM< z-58C#qjtONj=f%^J??ZzZREj55Fp>%#9ete;?CTa)yfg>H#$AkX!aXjzXeA@e-yY) z4~;tw*n`cE-|iu=-RyY&xH;~4-M-s#8~rhCjXL8-+wXe*T7*?>5sE%tp3Cb1xGv?} z26$x;{8jJV)MQe~5ems&g)10~IMolN_90-%6q>34@C7?e(8Nl1sPZ*gep`r~XXS#a z(epa}zUMZ)cB|pG8slcmhmBUNH|oLOC_w!t>Y;8Mibbl~Z!|_89C1~|>-KsGwYSEA z^B2T|!JE1LGfvR^IZT3G`F)2IG~pFjb3BE;k=X{?7I1793-Q`;8=l+u%tG4fHAlTs zw-t0+XcV~JalhYgd#!G}+3z)5euEE3cZ^Wm3mUN58N+U8)Q2P3>GeCVHyUq)!%j@r zE+nMVd#ZCUDiB#GZJnY7Ih8$dn4X79i>gGrFbHH)SQrE{=VyS$AxoGn!7W+>if1^4 ziB9GD{S4yhdkx1~*_&Fk&xB4`=QWClh>FL6f$hq zIsn22asUwX9mm;s6r5AxE|51v2&0xwVFWx4<^ariD^zk9%5d)Vv#14=TbX)Tq2R2D z15pGkSeV*Cpa>Auq&g}-S!edJ2}hq}7zNV!ldjNwOl?9II6(HnH+eEn*?=>+6sda^ zblFzs?A&TV_W7|j(28g3tW$MX_X@wW46QN+?6_^7V#h&PrNzgA z^#T|SFCm*cU|ZBuFF-x_R{EyJ1ucPgQdx(h!C&40&+%F{w*;Du$+%3=7=JDUd!f7) z)XwE&xwp-D(wz&RpK+M?&j>UzD&9FoF}5l!OtcOTl`watDRM%1}fjJ-P6_ zLnCnl0$G(2u;5}8y2xmNUZJv zFsHo(AXr*B;4258eLxo2hh+2I+*^4ltD%xu1!6-P~a zh5c+Eft`v$}X+}(;YzCy#$`O%S zk<2%prg2SE*tgn{=|-&LcQ}|JHpuWM3n0fj6?R=MtHCF*Ryes301(y7r9g7YCqRi7EUmS-C)bCAoB}q14Bf#cNXVRR zW4Nhu53||?5Dr-Fx^YM{fdbdZr4G(zFhDQ~xsuPI++5`gG=glNpo8q@oDSuf!vsbQ zDJuv1Y!1V43GPU8D~!aqh@;6Fp$^Kzs4j$vO#IJ{HnD{}=WU3EmdqIkjeTS`>Qtf) zabHyw@=?7cb8rVEG18f|4Iu*wrni+n@XId=8vnz}zb;u`gE4j}o>1quC(cBr_ixr| zjQskZD(FP=*cgr`s_1_=#tRRI@f0@pS6aS;$vfD+qWoH`SDR3xqzJQA-#)<*2m0KY zxRB=k)#cF@FLnTayuQ9ve_kJ%zs`p0uaC#_od6|6H%*NvH3%QgSj|o-eWKCg6l4tg zQ;{)48R#%U5xYWTbB>=Yry{SNiXl*Aff;bxoKcc}<RQ^GzAK(jJT(=iJzT(Cl{`0S6bx6CTDg%4ZYt@tWF9KP$9s!& zGGn&e4jz5-NBT&3z4VY|9_$GEwdu% zuDeg!f7W}ub4s}mGIp1I?hu|#na;xi^47XfA~{biZ;2raM?RU^)H!K9mzmA!;Zac! z<@9!8pl23mtyOSiKVxR=N3GoTN+l-2F{a5}h@iJ~t-O?+mdeRA6-TQ5E#OS2bV_54 zE$a!3z#4v#~#Kb{x8PqJ?wBnF~W=JBk)TnR5n3SQDC!b>& z$-H_tm&LcYIO3Yy2N9=zI-8*YL#B&}z-N8FT?O{-flGsmQ5WAr|8^d$jLBz2hP=F{ z`;H|*X7iBYI7F7ZNZ1r50LjDxuj#&)x1%y}fQCZ$aum3hqt&Se3QrK-DXyEtt5^)Fu^Hj<$$}(@gpNBWu-?z;yQm-HMX@3Iki-Gr|=L za5`4mTlDpKu~bQd1Jfj24P51MlH)W;FUk`Dt4bxTI>w-I%86FPsr*}I&#WdIBZXs< zVT2wBtB}=|9D5=JDA8bL3Om)h9o;>e`?rXdGF^U=>9#C33}J7~|rwQ(+w0%913rtZms++KqbEAkjOqW=H$ek=RUBwjAGThdC3LYmGB1W2YoKosCHkTY7?n0EiR%T zR}HUXyL+iCouoOk4#b~AG0}TI!93xeIm6o7sV?sqtfd-Uis>MQroQ23#OrYp=JWeOqn>PU7(K>CWClcTtwT>+U%vbSXLWA*S zD*j`A6aJ21JPF3RPkWguq)-ry5Z7@U7U$$ZI*e>tV1whfzOZ>!RtRc0Acn0Ze@^XL z$?-HjW;q!&8*1fS_l}VNBEA=n$RZWcTnq(B#P)HdwCPsYr%1pUqcD)mmWaR2%O%;2 zwZiW4MRsDHdEEnmHs6uNM_el%vSo-epFSp`_4{^4e?rUCU|@rjhKx+alfJ*6B9Lap zr}L4~Nit&t;?^q`(oYkGR%6_0m}~50FG=bsY2N z#h%3Q7RT3T!%t!vQCkaYYH-!;K=qsmdZ9Q#TIy2idPxx&hj8M6cO=o`SyehBvzgd; zz_&;XQpIDb=8n)o?tMrmG>yxKK_FdVA)J6(O(S08bkt1V|`ZJ@#C6-51Bdd^0|L&@MRDkw4qrPOhp z6{wXS$y=?~QC*g{#(S_gpFS{bS9YcuvAclli3#J9etikJ49Dqg@C ztGuKGyHsJR6z|t8m2yVqhGx5xtAq6NzwzKTY_6=cL>Ke=Wm?|^G6718Bj?}VvL!CrWt57o% zVMdYz5R*XtZMh$-*-|=aC9wSPIv&b$&{E@PRogKr3NjHPHFapqzQs-)!&<;_0NTbO zP5lJMIx({SAsaL%dA0~bJYs%8QViqb4nAH4|6jR zHk`HFG`iG`$aM8l)4G4O`6)K(j}@l2W5Poc9g}D=3g%Byqrv83o4uDVr*!Whr_JY_G3KJcV)?Cd|_#| zd%$G2{e}@X{yWplO6TM%CyEy4y&WQ|B1BWVmMS-l+`S8zinOIAj)a3*rZWPTM@09h zH1KI=w5^3Yk7bn2?xbzN(C^z!AZHR`uMXfN9- ze1Wt$sfGAR`cH#_De2H@t}uU-Al@ZhZBpPBBLq3CSP_|wk=kp>M}Eo_?b(n+Ulr9U zvN9m0Q7vz-;#lKIGFPZPI?i5r7C|*lWKorOpV4&xApOQ+@z0+w&&z_OOaz^<(j|B+ z9hjwRM1hv;qSP%8!{Hrf{?uCO&}ZeKk%5u)=JayWGLyXQYe$7S6?Hj%y=PIIv$Aq1 ztxnJ{uWRDNhCZ5>m-4X?!)vaO&LWgvilU+d$GFHvvRe_Dy3VV2dZZ#LW_1Yj}|D4MgQM<%C}H2OiU#+P`J9Jdx= zVWUGUWno5K#ffYr!+i}%2CS=#8Iy?>iCU|170~>QNQ5kUa|l>psw&4_-C0oHV%4Tu z2nA@3Eo-YVBO1!jujULC6|)Qk2kcwvxZ-8b=Gjy;b+Igv2d71_KVG2dK;NA%L0DlQ z{Jjv^F`SyzY&fCJ8kf@j`hk~{k&hCuV=OYZ>g73qzA~MF(CkR3_D5baIC+1drIoY7 z?R9F%+l#Wk&5a~X*gDA!S_gzODgKM%Vs+bK%{?5sg#XqD;ZOA%&4wqLW1X)rFefsn zeso=>L%60kXL3`Q1JV18yl1AEk7OzHXC#nS^vhg| z1#3H3?m`Hi2Qxei^z&}gakLJSv(Ojq@qtr0_Jfbe%e-r=mSNmlR{09$Z*I(Y9J7( zmxeK7dwnG^#S|N+91$GoP@M6nAjKYx=1lFbirtS)8!Dvfzz$4BoTLSYAfDXt0VIn^ z8dSP=16*_XSPeEE`5<2F5jX%<7^~eVm5bf{E_2oxU>et=FG_t$SJCZex-Cmqt#_p} zoi}klpN;t39m}1X$TwSB=Jxl5SNrHXFp%Q^q)L{Eh=~{e_tYxlZ*YIRMp0yYn7bx4`NShL4QY9Sn!t;#I53^cGUEao)RJ`LLH4 zOl>`HPg+(Q5pxrxJlUlk>ju7cQ=@tJ0kNsH?PbnmAsXXJ0s~YyH-{1(Yz;v|WTIy& zXk^xoKpg6YV?IIn3Z{ez1yi^{V1!VV_LaOFcRUaIqAy?sw!KY-Q-I45@LCDFeIQay z*WwWR2)tH9a9?Ym3ek@OmZWN6fk`PIvIH_TS$-2V4*)hatLs)#0A9}{I*++o!qp)o z>IDa8Fq*> zV~)Sq_v|YKjtYxqCMkj~j>K)m!nYirVeWL`Dc-flTI(z>xO>U&y6D zR8DAf#6@d`VyQRldzxM9G!r6f4swYsd1b9;?nTyNVkAP&S~AjI+ag4n(5RFYU*21B zAj83sxSUz+vzH(d92g9ECo^7d6vF6MCF)W;R(ghH*fLrgzZ4b>JpXuh=A=ENF2>c^ z$$RaUiDU|8dRn)m^zPyRJOd^R^5YFOt<{$eveX=~hS*y|7#D}}X@uGFTOAnfm!Uq= zWldTt!FwEG7L4=>q=%7Xny5c2TMSr5nxRnt;MQ~u96N-)Z8u**Fv^C=UPW^MzDCpSLyr|4#i z*^L-Q*4q*HZ-Jn^Aa6Im-K>&UK2y+y7s#Xo6s{FJK88!Mm%A58Nyhmqw8r zE*fr_@HYJ^OTQI~n!e!b1rYC7ZugO0fTJ{R))^8Eoo3lvG3$efAeVQEUzj2{K4-W#Ys zsH8UECBYFBEXFgdx8=4?dhD)D*)&&cV3u5q^63QN&<3Dd2eOF5!AZ*Vbj#w8TDA?PF;yMZ4T=7Kg*NkfB7>n{FhWr{AZq6>cyY4M??SO{8?>> zakl=&@kxT5I~)b%jye%y^*>u&&x3wX$RtDqFrllO4-jSQhWtzWN*C*>8K6xOXeGuM zZ5{ylA7Nro1aR$fYNo?h9YnIz>Znu!_A7OROg()gxB7p|1oHu91Z3X|3v) zWWTK;u!NzLTXd3cGUc-pLeFYPE=D;cF_?)(mg$cq$7&l?T2$L2t7$|yTL7A8_nY!{5Qb4V_nD}>RD#Q9@L zob(K0@KyXkw652a;wVL)Rm@~BMuu(i2DJb$< zQy7S#emRk~8Y(JWU1Yn6w;{95Pb4aGX>X_+B2`1wX=k+|U!VgRb1 z>$+8|gp!Xp9KRd04W&zL-g->EF(#zLKKKu#0L+t+a_c6Zi|h5&6@luE7B8$p2{2bE zz%&i{SZ;a6i@3LllU|a?mm?>)ROZUVFRtMb$!MwWJAfoP$HDqg%RI0})Zm8R%cIStxSjv$?u&^pDNUCnnGWf(S zQ!J2IJl%r@vf`F3kcGcZ7Wg6dZ>MA~q8E1LLRxn_Mx^DxOfr{ zhrOqM%J{p(Ih*nss?!EkBjL*{@Qc^@HaT^cJtr$8$He|7ibJwY(+eg@B*CtTg4b~< zmig~~-;Y=i>hctJT?YTxb;1Z*mxn#=n>gz?X_&3U;&7WbT-S9wt=4xksi~X)x83Y? zzVlk`w%h4;U9a<<+h}$=?svd_dh);fZcZ6YzH=YkR-U-u$@Aq){fCN9tS_CB;+#e< zT$x0bQx&SN@_>Lkz~W+iH8qse(u|$#Z4)A3T_5kL{80b;wesalO{HA~RpvVj&ymB= z5zRUF0h^jC{wf<`4+d}envA2g1Rk5K&?Ow|*yA-@U0$_a2Kdd6Q0!a6bGNM*>nkB- zny>!=4r4B-3vuF^BM18MKuBOffncFRJ}owQW4dQOPaRXI3LNmOa6OC5)>EEvR;G~c zYsp`k9CL#=V1ii6Eb}4H&`k9kUXSv6y1WyUU>GAmMT=&SSQRkI-ODcEP9eRN-V1#k zb?`=cyV6SX>i1W4;h&2gJ^q)vJAd%T^qM}~kilDb+~5s(UC!nZkDNKfq3+`D~|bQK`t!h|2ARWhyQW1*PJ0Wv>+kW^oFy7ouw< z%4vD8t{kG9B}&E2movlwjo}?%#ivjv7?;<^uyju3n#+&2tn|quQFJHFM;>6it`-51Hm5i~s%@PCy{M?O-BN#gA;d3-85(K1| z^H@?;T=lLBTv}J2Tdn5`JL%2nydjYS8?)sRi5U7U{PxK_I;0=P`7l@il$mVP-{&N{ zBE;H`Ow6tP{yd`x|y!-h%ChBm+(&jRXA7Z z>(@c%r7Zg^`1hPJQ>O+H*QTtcYz%P-s_L>oop6Q&tV;ko!-Sf7W#^BpTP$qCN4b^} zrl?}z?E!eT5bR3{zBN=XY|6?S{`$2dQ!k_-S2xc~@)|WUs>(o%kJVa@kKQW(^Ff2Z zs#;nJAWe1vel=ko)p|8g?QboepZ?iu{nuyT@3Z)CUjMyLx3K6`|Ej1-- zt$dyp4*(y=aD+q5us+TXgCI?IbAEDtb9nsW^gQ$C>hR}vi)G%gZ93_9vR0Zj91mJ4 z*Ky(L7s{2bZ?#T7?)tQ&{5PoXApSSXf6r^@E*JMO!S@wKxnE7lh(6!zK z%ldklV_{3r!Oorn+uzXc^d90n(7!+YbbfJcehvRVy!mi({PFChBE1U$9G?$wemXh1 zyg5Joa56l(`gC$N096uI`L~N}{`YuXUDtVO7Hi!fuXL8`NM)%OVFVyfaKy%-`rnI# z|6Wv6SVC+mUUGf*==At%#aFuU#n=73d0&E8X(DYqTCjj+8IpxUj@7tj%kPFqXB{4k z&b=`K;N9uf$y4OtHf)$D4Q zj9@^tNWDdT0;{=PHk0j@f3w?5LH|uWUbP)vUR*P~kGE?*Z?&&UC(z!G#eXQ>=jGW& z|5F#kJc0h#Z8r=0-;4eCJkJyAe`>(&r2nZp|C{T7*3QvW>v4~{{ub8J5|DaO=-Zyw z7BZRl1msVb=QoERuYVLP?dw#@`BO$Gd}v$ypmb5)UWLW+q7|-FJ4&@nywjLe{j&f2ERWIu^tF-t(lnD0 z_+IXRS$(zdUtHlTHVLv$_u|-B_^ffp|JE%0T|e8;e{&P*&KBT?`QK`H^YI_euIIhX z|L1tj{J+j$H2Vk^pcyhd*??73O~u>&@$A5C(BqsYb#ddC2!AxJ8WF-MYNh+_WU@w&8=J zs;kir*yEGo_08$!gW=j2tQ+8bL=M|GdQb6zO{5pHn+8t)c71htb9nV$Gp5vV-Hk!{ z+uu!N*N3NP!=uBqljEmoS6!^14s<^0emePk8QWe=?(I!(9SELrqU;a~Uf%AvXSr;z z|H}(wpTPcaH#^{!EMj%@JgpS(7?HZCIvFVQ zkyhPqw_B}XhGwZPvN3eACT}MZ@rxCGB3J$@*<#otT2TR1A&Um2{%uK`;&s$tR-M(9 zYf2`3TnjiZ>ZE?Xh$F3Ni_4{D4rwm=Ovh~!xEscr?5M{dY7*`vk2C?uFhZ=NHXm{$ zQFSm$*7&$eJ@R%MMbWEbNJ}eY-2mmbj~FSs0qaD#d9`}j6&tqaPVsPUd7V`g%QhNw zb5io6q^4nGW^5@Sxz2cF?GK9OOORVlduTsp<&;oSsiOZ_MV`crTd0{s!;3f)=Z1B4 zd5?9Km#bFboRLeE%&^F1oK3u|%wK;>?jrL`-l{5N_$FyU-)}OlQ+__myar;|-Hkhh1JU(XgSYx!qg!fswj87?3Oe3a|-T{b!g)epB?N! z-gUbhf1B;UZnu%&|8cwCOa9+yc~+hOxK%m#(hQuUSk-9B)k4*x3``@g z)|w!e)w;qhuq)ZR9fJxCo-08P9i!_ zkh&QS7$d{Jj(7%f1Y#1%D^2kj%p;DDom--q=t9K4TG=jEMgeTfc3+FMzl_Zt1%vKUHt#IzP*b@kRMI#!%keN{HV)@AD0AzO!2th8m04xu2G zHvXk7D;Cy&0Pjx!_TePGuW*9dbUxzDD~l4SV@l_U)_Y#Bw|*&uG!tCr=5->q{?1ChSX?zKDVKAo)2Gd$5ODLK>gZL;zHv&8aw zJP8X8{68EMH|P_)ilF?OQtnyYtYf56On4VH!$NhfrjY@^ld@rIilC|L3Q%iUyUOvn zgZ;m~|Hq8m$BzGPwuo*vsj-=99`;nLyB<>A%g z^~KcyRR2`10C0MFefak5WO(!T@aU(L^Wy=iMq{=^))4@HIz2lZ{(O3U^y5I?)v@xt zUn`%EL!X9ruW&JLz*xjFgU(b>o2ljHM~>z^;Kej47KUVdtoCjnWs z@@YVJI%{cd-TdwjTW(-jXJz1VIV(1#m3=us`E8t^{JlTx^*=v^ls+W&qj)yxe~oU# z&BuSb-Ix8pXL*E?b!4_Xj(CRyrQz`}Fbw5s6g?>Ts=mU65~Ic5rBU~lt-Qf2{UJhb zDyrZBaD|lr5LzhuEUxDj9z;G)ol07d&t`ceKCdFglP+q;Y$d&)ofndSmln(1+Rn>b zFG?$j!>pnt|EshJ$4Q(?Nl}zXR0@T`Yv~Sy;l9+dS1Z{CPFt4tE5$_-r>_6D7S@z` zqJ;JH>(@%HR;$1mf8u5;R~{E$p!~VK^>T6`^iY{;|*3v;@x-)oRqQPH9>iGh>hWHN3Km-IHO5DTrs~ z8qBn7{mSvr76;of@#|M}x?LEZaR^>36~pFSAmp7zZ$|r2ey?jTb2)kZ1Eye#5_#u& z5C8}wbO%B%7K|-^UnOO`^*^>po))c-D4Zi(v4y8W_lKkK?pW8@EZo~FYX`S%#_9Np}a&!1Gp>a99^ zzNXKXb3*UumCua~#MRFu%%DeXDJFq#>0Ug43Y@6gxY!o4>t&3ppc<2)s$ZSUYpSij zqf?TI*ZXC&DmxUOO)BZfmQFSz_5|}9paj+I1=Z>MZAF(J(rZN6mOZn61}(0kMm0v5*Kk zaIfCv6xm3+_e(CYmHj7^ThRMu|J!K)b-YI5{J-~-|Lb`kVdou-{v9Ir7#3iF;*cz7 zC}Q835ooB~(hM}C{~q<$&tt!SYqsk*ZMQzV&6>AY^V7cva@gg~ z)ZfZPeRlKo_hgzrjam8|nxv)X=vHG@y|OLP=e9mO-(Y6DmuH)2JNw_5boX)qY_$KI z`TIY;ruTCH)3ZF%{x|*m$94du!+1*%fJMn~-~uqMKdukJfc;%K0n#pb@dCVf0lsA~ zfElSTZh#jzz>6E;#SQS{26%A;ytn~go^Sct%Kk@D5EFb)>wk;$U#Enkepu3cg>)nCAG8wDC&oo?6Ru%YDMpY zs5JNED5T%{rp3dOat!D{`yTLq{m)lt-oOl#mLS6SxZiwiG*rMG81d6s#E?9bi%zBM z;N(jR0|G_zs9RHw%-LU`g9DiH`H!}jph_GKCSp6r865y=?Pj6erYS19?vnj)c z5f0ECX7|I}f5XEFZCFAb!~91Q>;Nb8?@_!{Vi<}Bz1!Ih%o0c-8-2kH))UJ<$;P)A z6#ou_qOzpjz928jfah%w>R~3W~n&1kfb)C7c4N@|`EYVKTpnOgBk=BQ)~F$G^jSFa#dY zc*qOtxv|)WJ5;~tfC`COw)Rqq`s|iq^&Y&*r8)sYN^yFzBV87eWmVZj@0g#2U{&-^ z;^xsoJfFiXi$W?}N+{}UUF(oT{890!)@)k}}cHd=hrVQdD9cqBf*S}L-*QQS+`9Dg=RB3*k z_-|XA``gy}|Ndql|8*%3v+$qt`R&5;FG%G(^ZXYbY-r=p`_Q>{AI}3>q+-+0mz$On z>!Ch%ZriD9{^ib~Fcb$PUV*PJ)H7SY6zWv~Q9|H26QYQ2LN94jtHA`UQZ=QjVO0cb z)UGBol{6~{OH2n_98%NsDo$Li@)|zY*Oy?G9llgSkTY!to?ln8ul+HB3AiFC1xIlV zB1}8IM%DHJ0u>tcn&PWswX&Xmz>{+On z4}(X7b%|OEHCieFj-S`XG)-`UWykxN-Wi)M}P(vSIZCJQkxYM6c@7a1HyU%Wvn zBryz!M&HG`x%paUw4(b8m(`yXWyG!zKr)-&z)Xih%jz&(wg;6%@V(9lbZ?JFQQ#AJ zit!9)bpPXGeF!3+fBtTQ;#`E@PiyiQ`g{ycQ}G^|q4>=q$Wu9Psi#dNGUU!;zamzgqs+B1qH?Y}zk ze28UUiy0rFT&~QZI`k5l+7Sx2X5@%DawNv)IY=>jnz#ewmJs|hP|F1#*hrL}R{^!=gK_CBf zIS*s%9p!%b{_;LF&-w5~`5rpY_3(q_dFXRI^qTQ^9?zr8{0@B}j6M)X9|)rlgwY4W z=mTMVUr!_bZ#tthk&ORiTU`;+-u59)s*iz-C?OM3yZjTZJxf!(z>&7xwIvST6Qh}ox`_#>kzRV zQ~yH(@`~;UQA6>sHvZTCfp!0Hf49&7yp)HDbZ2~iK{3Ig znBgu2zzPC-TKTWC=hXsWZPg|cU@Z`SjLz%xzh%`(S{$0mX_Zs(SYjF#$buvq21zi| zB(t+}Y<>j6ta94Q#I=XZUxtYC<4R*4Nmff4k0qQ)$VG0@xmfRi0i1glbS~nw+5az4 z90m7X$N$>e+21qw|Lx7qy?*~+#>4La|DxUUSN0`7md?(_G+pkxGA+zhr#+OZ~dkk)rTQNigzNzv8WYEg&#|bAo7(T?GehOk6EXCsFOr zwhrH^U+{r3FG4l|BkwX^ppe3m^HdskfX>SV#wpD3Fo(&i%Wa^AnmQ;$CEu--cZHXL zto4YAUh3T!3~Uu&mVYzmbLrR`sCr%raw0yXgQO`NkfGo5&+xOWgqPm}W@U>n_z--^ zZ+Cq(2)qOqtN?W)AvFUf&|0qoDY07v1@tPx!yYOQodf588@6CaxphF0>9Ic~$dD5- zx7a>RyF`b&(0+ww2NAPO^6{-Qu%0+P*?h!moH;Z;B@vQ1nERoW2z z62Mfuw8G!G+{h~`F+cKQwYN>%H#){lv;&2>k#oucSY?-~+4z_~^w9{Q%vo=!taS#X ztjNiil+p#;YEAHr1k5?H;OJvXN52{y^#+lHBjr0|HI%=A*xZU;Y-_uTKU4*R>R4D< zDj%Dos=`|U-v#JL6$P46j#9&>8S7&ewNRdvU}fYCsRaOgM_Ml}R5EjA=r$#)vic7q zr^;b!MM#y9Iwv6qNfnwi3!W;WD}nN*)N0|fUnciA-N|HR16EZ0aPMVW$#o_&TH6`B z$JTFX{f5?WX#IxveQap`e)bdZXPuw-m`|hgpA=>|!UQJdJ&I@3wkcrh?tdO^nf|}q zdt1H#$5I~V(Q#qSZx=2f>HKLuJ1*W=yKnICO?)(X$uvXrh_V=%@si35KoE<2AWzTC z@npWdSu~eb`QK)(07uUN$RP2fr9@mB&D;ExE*KnPqhz^uv68_c_M@pd@;iJ9*d3tk9(WuzmbX5J z1bTT3YV~v;T+w-H*j-lEI9u17^#6Ds@NOYYT@n4NVW#t;p3tXYxZ(QE zy}r0rX8gl?0r{yPMC6{=!vtmiSS&NSpt-T%SelnAH{#`W2E}R#ct$)h=lb=70AlxO7DVimOUttk)x%$QmD1=fgn2-j+*4CN%gX;;aOw7wPxY+f?L z-JzU}@MEF;Xv$$T{SSq&BAm_GqWEPNj$x}*;5GW+?*4(P|Ltt;^zna|@-X!-MPZoF z?+u&ZPE^jH@HxKvo&1Gumo z{}KHEFHi^yynz_C{+i~`qW=6Cii2DvSUVZ84EqilE|_70rf*bFV(^HuXi8dkME$V4 zygIOV_`LvkF6oUuuLRr}N>!HReubz?Fbu8YM?_KZ^aE7z&>> z^;Hq9n4l|?MafuKxs;-2yyE64_+Q>7zKMkPvJMTca6KZHC2p2XpdXXT{RIk7<`IjH ztLot8-*e1{6|FwTVNg@~|1C-)f*Pm%)Sf!|e`|Bs%>Tc=*WdqH%2O{KPWj9~&Rw1Y ze#?tIMa6Dz@rcB2UEJR(P-}8|rzrhIH+PIFu&?bH1s*fiX3R;L{vkJYEcu$m-{nq{Fhx+`+uw!Cc7BLs0f8`ILj8F_ ze;%;Z^8hBcS<8Yut0?L1`36NRq#1ZVXxhys zU|0UcrQQNQuDb?&-25IeD_U~7_WiMSpB8{Q8_qK)YWy3^T^l7KAV{t6d4mRbfsY$q z239V93B36mz|H;q7V;3R9^GJ=kjB@5gGaarTwLybz*XSftbKz}+~5vy0jA|O;2-fG zFI(C_ge~2?2nZPJy;1$AF{)G1*IdE^<43q={9~B#o8>5$7Y?ahh8NFKY+X6*#p}P_ z(@6f$Zv2NR05$Ue-rkOx|6y};x4-|nl!r<7m%khxcOmXmI(b@opHXV1z%NTQk@#iV zAf90Yvp=E`D#ExZ03s|4fV(J!0A(OS?EWUV#qfSHJBR@n&sdkFST26)r5Z`&eBdAJ z(k4U1pOFd5qCef4Hotx?V&EL}!MH>*^nl0z(XN0MqX|lrE|dnA5xy%G0H01~rRzu) zP<5+zFRlK_(&~>PKjzloY5|h1XjZmE(Xl(W@k^A1Q8E_XBmec3Oe9zED~|N~<=!v% zB`4XeU8`Cipo;A7x}8!a;+)d(*s zEr^VO7?6oifS*ASWY8xtd`9`EIG^Cu1mfr>^RxS5qx6A{(!Bh(yTjp&mBxL=7MYc|rUrZeyspmr1a$e&k~+#?9!X?m_9K2%~X}GW74I6yj*#rWHq_TKE?A z=s+$|M)DCeVDZT8jpvz`wq_g81IbOSq0%UUj<2cyjC}&{{Ck;mQoG>d$LYl1)}|zZ z>e}#LUtS#Z6)>>A6|2Mkc70s_>CIKyr+2UNTE(=E{3r&iavIMN0X|^&gaGHBY|*Yh z#{*A+HPGfQcgy4&lx(k5VaqA@yK%=JGO<>qiNzu3)(eUzJ2KL71>kaJczTjkrq+m-7j`(>ltQ;P;KZ*&Xe;)8O zvj1QhWbHyeYfqj3@6N6n|7~-3YrnVuEaPGN>lK^dE<6A@r97<W|^YERL^~&Npf$M8Pf00+fuR@jo$2 zTuoZ-l|wHn+QdDVqyCJO6;*N-!0nDTpUUS!41VvH+n;8 z7@WxB8r;qx7g-CQ#&94p9tJ{l&|+Ayqtl{zaa?$_zYCL~sC^6Vup1$dy%EiQ0&n5H zyYeC&l2sgf2}Fa$nG;2ntRj>xvi@&lWvma)F)r=k4Mt>gdYb0E9(n2^s+RniaTHjBqCt$XOVvsL#(pNm5GmkyS~1-l1FG}h&WaNVN(7b zVRFVT)XwjzjK`V>hgCW*ERd-Pr@F@fG>3s7;jQadGgfj46WS#+Wi#Igd6G3=F3k`@ z0gBbbWlznd=1mAmm5?yGgs%;d$nL&wnbOwXDaP~jRa)7bh;d{msuU~v!riL;SlMXF zR&2N^;1mXtA5+5MGA5UZPQEbrub2mt&3~R=DCd70FMxaxn7MVM_ z4^YBRwNn(z^KXULWVFFtPLouxp{HKT6i4b8CU!g%+bm-ubJ1PL%B*r9Nl`dd$~Nv>j_Sa~ z^^XZmG(;oJZt;nEOHsH6Mkr%D4f85Iy;uVnNgj^D9ZCow*?n;bx-sN{`~$Q~0xP zb*aGJpJ2Av40blH=3H$}~9p%EB9xPqGXRoF_ z>J3L--sg5&A>JTA{Kb#`B!HRDX)10w3yqT^6TkUI!()L}QelWH;~tWY<}zSA#7XAE zQFPl7@dfbv0nBvfefARiDA|VU$Cv___Y-LCF7xiz+SVRI)eP}i1F%%w&rrx58WzGk z$ty1vXI*Dm0B@)PcoN(fByp%z?;P(|Oht2-eE>3op)fG*E&jSTX^ys`RkDii9672? zpa~ng%S@RKTd(7^W|t<=shj^t$oiP8ZMpzdl3KsSJ*a-SFQfI98HQJ}aBkddvqQHlSj)r-#_2a)8_m~T+{42 z{`>a9mKpzLduwyIKmS?Aqn-bV3GVP5sQhN{QXRrH@~v?UGs`w}5VLB{2zpC@T%%j4 zhj5&-F;-5aj@zq8%%|I2uq?Jtj-16*&TW&Rhv zvf-Hg^!ZP3e%NuS6;4t1lW&ZGzV{r%OwRyy0pFRBNd78=p z#3yhxi}7NYKx^dx{oP$N|Krx)W*`4+DG#^*iTSCIO(Hnd>)@NEDlgi{nEH6ePV6l*bKm#h0^l#Z^%(4 z#a3|E1{2tdcxyRurw!(wX$gVZ$PeHJ3LoaH+m^bUNK<_s6*5F zZE`=3(cOC#pL|Ju9$#DWvsHbkrK@d}uz0?@*e0ROrjP-`5i&ET8V$XytzUlzC^rH# zL(G-JdfH}r>Foo(ec;jU18Iil5v5_6S>&jElOlzc^*8l1e+miA*sX)&*P)1jbN=f5 zP`ySgLMPm=ft5L92Kv&R`!QSiX-vQ8BOt1Sm0R%bTZQ$GACe8H{w+LB$a!{#P|8o` z^kBIzm+)`jo@JD`MbitGl+_vz?W-D*fv13F;fY+_g99>{PT6=e?@JrtMSiNcD6|=pRYL9d>2wOiNCuO78iBKs{5Kc2=Vbf` zyqO?$d#nZ^sFeuoci^>dVr~BbF!t~D!jw4Jmce+7~&NV*vBbZ$yREaR2F(K0?toYq!_VN1lb($ng^Blh{UJbPxC->R50)I_-c zIUN;r#UgMIG&7%;qqP_4x_z3+e*w(M`qWSSG0ZkTDOrsg3W0U;KMpp{{4YBP`~CUv zQXVebDT%5&ko&YWSx+hNsiayd=NSc?$ahASI)k5D+_Lu72!vKD#mBJpsf%0_xD?{} z5zKoOUGSFoL&d!}^!?xh;E!tP;~72As#i;xFk7B^zB(~aRwoD(CHuM*pH?Pi5|ef< zM5Gk_9p3X!`0*HJ5t&R6!O8Kft0OK_M}NXYu)Vj>er2NDQkFc5@BDlG41fsZ8O$!> zh=aO{{Z9S`};Yr+2>Zi3u+0nYqsl#I2sguE#kKuL)>$3O7EbLI}J zzEA)(iL{}HC!E_6Hh8o`6)P`>$(T$$u)Vi4Xw*c`L>%xNh_h!GufZ>T0tVXXy%lh^ z@k2NNRDulF$+PN|@i=z8B{v8@3b-EBO)U^-Si4dXFF~=F=wFonx;mihO6caFW-!G@ zB5c_hRREI%)ePuOGjQdR?y7+~22cHLj!S7D9V%mrFd1hMe~vkyP_;%5phRI**3;AK zirV6`6eZaykz&Xa-^Kg028Rne+5V_nWH-8_g9>{sQPP;MOjS@@M*?7T`A@Xp`Tg&$ zgM;Cs%Z~tA&(?tFgGvBcQC_+dl3x<$hv0Htpm{+pco30}mT1p(R{^ty45pT*W8O$(2Q>6sUOl`GyHA`Xk4#UiGn|&opE;2*~5O)(9oMCwJ z{@7JD&0viD@J)1+`DGZ~`SBGUX)2BhVk^zSJ`V^hs|NCZK;1Nprhaz+E)9JGuSn(- zIKF4IGfOZXl6iz-=#^G^3&{k9d^+zU5=_wCSidnEzkzeeE(?26GD4oNT==&T;8_O2 zExgA7exYM?14k%>GC#8)1a##62p^n-T-{;m2AjANkW1uV!vto&hMOZ`fth`Qy{YJR#bCNO4h_1yh`YHqt%*IS zye&~+p_cOPN&}z2ttJsgXsMovyqI=x(ei~Ha@phpg#xk~HqI?9y|gQ7jhLq?jz*ob zmDRFa0()6fy%GnW8ATV=jMnsz%`&6p3zy0~iqzQ?>98*=~Sh%#fP{L6%j^UZb6%=XL zkwCSOb}eDIDep*72$imhp4Cugft5~*2EIzUwsbE$X2MrGoR?`qeivK=0EG%rLWY=U zdUf+ZU5gl)+|N)l+%#wvs}R7PDR)UUg*fnI7~Xib7|;#;C`~D3`?CvF$)-zXwMurH z)3fl*#f6TeYDkOibA`O;HZ9CNCS=L_BntOr+vBA=0W4kuyV#KaPR5vJD={}0e~ld2E$L{^QTyTcc2?b zH*D2VQlcy8T@rm(VkockxruJtqN(u&r&Pp|DP)>MQ{oYDrCf5TODv67Uw{(gM+wY^ z8RR!(7m122$-!8MImqVO*~DJXE2Q&4_o!=N>5>M6b7g>fjfjnLW%2BcDxq9JTV9`xdR61t1GQDLs_xtVu;_F>R$G?Q5s= zb9q&9ekD*Ykp|1F-@Ot*6!KF*XYvTyEju*7678Nc`$8~JlsEzOxrIUm_&mIY+J!gX(e=-wrweTmHwY0- zGEQ;I*f1-e<20>qy{kvA!yNcf1+-9H{DQA5orp2i@y%d><}kZ|AhrdVx?EK@Vh?OG zPf8&P|6#+mU8Rn@yuLW^3&8??5q_4P*${|`R%OY#5ZO`Bf7FEG)Jcz9)Rk;Hx87F?*&5JZB3S(Qc5hA3K>7Wl`^O44vdr< zb@et%myNQ{-e}YE-_YFH+6%YN+DG>xJ1vB=M{%3p_y*0AKsHRjJF^Lhit@Xv$zaIB zUwcKLH(r1VAt^rG*a%`Y3lpD2bGXizR)~Vx6efJcHnxUadm8~t5*X0mOw@~#@y7o@ zM{He-w`_EZ5)X2XxzeS9AK{{>gKd_op8b{2{>ta02L=-KXc3vh%0vJPLG`{7ani&F z@%%1fad%(_lc1`ytGKE%ChRPUpX+nB#eqp4#?@QNE`)lUa}W0QscxK|!*hteO~?H!y!3O(|LS8(y$5afocCzbS~8gdhS!~1*e*g!PH{;rJ_uDF=_NeEU; zGS<%r1F)JvuquOw(^tUr6urf8T-Hl2>ciZi(?U+VPl5}WMbc&5d|REj$4(8Dn+t!< z;O7}k0x=7Y4=&K0;F$ls^K7a3q(_AJ!#}c!NJW8H(EMU=X2C5a7Cf!wkQZ_VbGJIG zS4=ZFit{ogIpr2BAX(RtjZM3ZqSY7DOsrwLb^1+wJ@EF8*^6+8zXQ@ z%|&I(vguf&g!$gdOMV1-lVc7f>flXp3hw34-W2>dHwFKw;%&A3H-T{qGraK$Ci7Rb z6dq4taNGI{XpQ{0wYRfv+W$7U`}6;$JY2A&(+WRhxAX*(s|t+|C%(7HT~_> zU4A_u3R*(^seoX&is&cf3M{)hL*LVXRcPTXg>>ra{yR3pn23Ie@m6X@qoSh997lc> z7m*&0<$!>7N?lQgk}2KG-iz4f;KOtL5kv|9mt+y20yKwN7KM;ag0mi(_yj~4_;CjP z@LtSHC_!-o$p=beDn@Hi9&gSa%tajqNxTMKioyBuc7cZce+1r!5ef3F=4XSZ_#){|4vaxFz_*s#tC1YgekZ81$U&Yj=oG$ zxafvKg=#@-Lkxpi7Lj`qBXy{fUTcfNqwWtED6HEVns=5;EiKe9$J*c;bOg z;Kk_91Do8Wq6y$s$X^317-sV*aAq%%pY&S~Fopqv)-?}tE97(pWVHy3h*9BiIMlC? z(k(?4%VVf0afc)%GJzR`;{)C-$_h9(B;sddNUmf_BaqR?3viT#jB+Ck@@^>ba)|JA zDNuLZB1a^oya6MCuc=z7+J`!t>Nq5*=zoOs9q?vGWOqdHLT7JuHIbL=2;mZS$(UyW zR}X@wQz0c`PIZhB<=}IUWMV?078P6sly{02yGC5*rHezY$7hxF?pqgi7D6l_q&_2q&S3}bXR0IM+(U6!pd*aPu0 zFDYJ|eYNDIg3)lcQqk+y2vdeN0ITB$7}KH)pv+lfTbxZgucdsKs99j~7a-_AFiM`n zkkDNIyAo@b?t1Mcz&iPF=fINxcJ}-8pQSuJoVVQ6!D~o>oMMMIR@(mfl)z)n*cBaB7_((AA{kbR+i8k z*EasekPr}>BC+uT{4t4Q2<{-bP0$@D!CVR)WoQcYX;=d>B>#fhUK9}kzoc;#L?pgv z5U)@!EC+r9vi#;ATY6!X!GOf~Yg84P`Xrd}OCoUM&m%O;C~5oo3ZU>PO`sVuaLDDw zRUhNo6k_1bFq9&rH_%0MZSR!R?B$*G^f>!cV$~FY1eq8VLhBkGJC29CfN6;tj*>Cg zE`^kuYneIpqZlI!KY?6B3)nV3LK&FOViKjXtQq8+#)D*F(r%Xx>U3yXuXx&mxQWQGKRR3Nflb5brhKgB%ad%=6CDv(-&ODWxd)eZVHXLb+pQu zTd}}b?B*X;fGj5xb;Q08K~l%{=Mp9x%70V;7M>>LJUc_EP3TAV)cOBxZ|z(6|2BL7 zpQSu?J}uhBYvPR(p;cL6Vr8y_(}b|~^&5<*j7i);03$MC=fz}={%?O5pbU&+u3=1-U*%7SKb$Tr~{=Abi&8G&KWBM4##CH~lt65wObmF}WA2AE_~ z3S#JobgQ7iaM9%1Ym@1@C(%5rUzEVoKX(O-5&=M~W@!NmH z{BqI5kp2y2(Vui1j4x1lG$V**Le7AH>x17ej#_kMlKR!i`vQ8Dj5p@nHrh*D|MmPo zfEkHK%prW^Q=#m3XaC*Z+%xZg?rd-N=l@H2xLLQDVk&)W=8VPcz6#N}0-ZN<-!#m; z&j4s@$(3=63iGhqL;kIiy|=6z9eeakTcvtis%ZHX;~C6sH+zo-FM8`I{upLj57)uT zmz0|?6O^pOX-e+F2MgrK(iHDblqLuh{BSfFm$X947iXn46 zoD{Td;HRpQ6GGC%jSY`i9#k6An;>tZOlO0Rhobm@5N%pBW1!%&20F0EPk}yu0RDw$ ze)#BkOJl}|!#3EK$6Hf)&J_$YNMs6S+svKc@Epnu#{8FdXV$a_H(wO2*pZIeK zd;((VV*;3&e*`{oOxD!fxgWg}1GL(kF0+4BjG+?XzH9_mOKT6jGScg3_f&5Ru zZG7TMaTdt_+93YlrfL7*Jm~L#E$89lz1(3&vn1eQ7N|Zvh6&7k5+!3EYy(J%S-CPs zjHoKdlv-+R6=tR-o>obbo`wv{kevVuyEBWHFiQfkzas)CT+K#oPha<>qVLxFIgWXf z@dw~3Vd#NUWXAYrS)~%?AiR)w^DUl38(u=X55b{!2KrS=rtT`?HoJ=oN-Evw*fZ*{ zBnA}YszTD`M0^gD2Tj7~P>)no^lV6bRuQ(tF%JWMBzVxBzd#1lnEvJcs|UPK-XeV# zdNjo9+G*TNQ`t0$ZD`Ec3eQ8vK8Ziq)pI4LVrU=qdM|0$YBe$@qD^O*T*5K@@|O9Q zc>nvsU;lG+{og;XuCD(>{=NQ>!3+8K;2$d<$9w=*V@Ur?k)!PzGMf~RGe|`-Hou%%Qheva^5|oJxAf+|Fk$d;IxT62{avy&_@Y&qZ#hpB?m}l?<12Mr>;(EOEY`41 zrC^2$nzpPoLWn3WS&X=*YZB3djWbi2bjjm1&kKPSB^cMH>HO8CG1Zk@;f+TJnG|F#YedjG$rJk_iuNylmiKd+0EEh+b| zyS>NN;9qlje(uF^><9N1hej)EqCw-(MbniwUVx*Nk3G@0OKQ6r4BjiAdbRz)p8mB0 zR^7Dq_U7e3P5FO#bDW0;<>v^^m4O=mzrSt8|K8c%>FvKudFuIpc%wv#Wl^l?KZV^5>4w zNKr;62oq1e+$Ni~_a9NqRim`f{4@n8n4NYqlIb z$u>Q)I=pMQ!(e9 z0*b3jEBu8txDJ({B`l-33iwP$iJ**v#VC2BzyGzAr@{FT%hfdX)1jmR8Q@yA;fYToSO7ES>8~7x ze-{}^)Zgo+;v?k%YDtmK$!xlpC0acV*Z&Pm8N2Zbr~X|6vvv%i?)-Oa-?aa4@9y^g zKTCNUs1IVwISF(a;!eLR$HALse$nV~>L)Wl=821OlcQr^QACvDKh$&J26giki=wtj z*x0zfo^enBQ8O88H>YaMccOabRoZ5O6RR8KX+o7IAJ9&zE#j$ZzJH3RCI5en`~RDE z{QsS;?aiM5FXO4_{|?sEffrE0pKZ^7@A&NEH4s_q-IvHIE9aTxoIAuve!UGG1|^Z^eNpx0_4*mU_%B4>e_iW%@T8hIM(Qn&aZm4aT~s zdpJmQ*1O9$v^h^3(GX%1C5-!C`23oeUf|YxB~q5L;q#=9Yim3x zIH3Jpxvh;-q2TWf-}?aM3wV!=d7ja-Gu$-DKxhK_i*H%G$+nvXu76=Vxap$JeLlXP>UFFHg^2vtwa( zY#IW(x<0==dVTWg==k{j-Pv^k=687C62$K(|5a4K^6@pgg-J^oS4UT$uFrozIkTnT z#pS;-LgToR09YsgZEl&4Js3}pm!GYf9vL&Zgv<)C;#>7^wl!}c(Ef1ryZ25ljF;iYi0uLWz@%c8p?k{ z2-x@}ya77(|J&WM{Qq}*|NrGYZR9_7AAY#3$Kf5SmsnjJF;54|xdZ>3agHG{nIHfe zB$Ridgr}Y19L53CD90;X;w@)YcYb^*Hjw~L(+px9q2v&Z|BO=c9wtF{pAz=^=;Ug9 zZ=ZdTe#;9~1>m3P2AASbKPp@4Hc+l^38A#ik23!*r)lE__!W|10`f0Rv{o+8=0Z2m z0c-;;T2;3uDTL=6++x}VlP3!Jt(_5p7xGuE7arZRy zDaHJUpZ{#_Y@7MtclUb!znn+JXBOe3WNv^pz%mPj;BEpFFhwEDvYbbmY7m!JTiXZ` zMl{1h<7>K0$Qp;aENO_4ie_#HP*9^wu@+_62#dGM54;$1MQfzLBUa@D}bv3Kfx=(7O-C)x&Z@`b=G z@nb~ zHT-|~VBfU=>}~Jt_56Ps&m#O9=TqPLWzdxr({sBokxDM|Uy@dO69cs9i)URhd1F{fO|YmAG`8~G} zquUvx4L>}k3Kz>_O$n+QQ3NOnd{SCql@6l}>3Dp3a&&zHPX6!p$=TKE`58F<6`Y-4 zgOmSzdUbsTl-B=`S9!MQM4knQjPMg6E?WLSUc2(22ue|m#`ldYj%I)Ud5=lPV&JrI zE*it^(-@)vg)p;+_}jNxoA8;xJNM33(^%e4_dSf=Pfv5%q&v)7dZA0l|7> zm@%RhdyHb1Vv|+VUUdSU5x5GQM@V`IG0It8QhEF$?lBL7SxW66d z3sb~#U=GZcfT#lX^()UuGB3o2#>O5ST?@y0#2yhFb@$P*Qa;pRXMuPqmZfS@Tls&H z007nU|JL@-=7H(|x3kmx|1ITdF8@Cy0KiHHKhL5JhQGsm9-y5GW1ieMJP~eL-N3}c zxaC2jbO;X5AJg8!YStvmKD&6W#uxC_2m{aYM{o=8Jp)ep5>wU4(5Z$5VB3(+CA8-Nc2h|GyE(_lZxc2@jGHkL(HeoxWDG-a~+a57O> zX=lOVq+k{qPSK``Q3t~*Hb#3WDlI}W8oz;a7<=Y8aCF%>buM6*q09r`ou4Hv>Y^7V zBjf=ugf}z#lVpAXEofCUB6oC&iq^CWsMQ3SP#2jji9!{&W=~BATV?i|%}AO>Q$M?Z zmxfg0CYev*_`YO%#OFw7J+l;M^9aL`$}x%ZbCFqbqGL7x;AwI;v&fvOI5qCi<4)pR zcA8f*h5Vy7e|HfHCUl!%8wN`${qU*d?dXkmJ8K;1LVJuvr(rKTpDxQTzL1T>987bL zq+B)}$f=GJ!Z;||-}QhuijhzM8tC(~(9Ae7%q7Q!%0qArvog_fIIw9$9c879CKo<~-TnQM8lya2D*DzMNwrtvSBc0GF!=ICr9+T z{4CrditusCT_Vc#LkU7?iIuCNjPXeSFvIP@OUIw6R-AjOHWjr@cZO2lQ$h@`PJb|f zcE)ZDxV3S5nmXG#*>;_uos%uMqyzL!(2#5kO-8cTDAkK1DC-u{37lY z9KHnJ|9;q7|M!m{HrN0CNLkBa?J2iB z7uCcze1XEZ{GFwn>WDRj(p;W!`yBB>E4(c4is{{W0p9Zy9|$gZG1cFsI$XWT;O7We zUl}uAHhe`;3XbB~mA?^XZZmsT2Fw|W;vps|J&NPP1ywUo(;b-^x>@qb%RgkFc~d}l zvaOAsFNtx%*!e1Xsf3XW57+0f&JV%6BqD%7OfVRsOkyl@beXcmik88vCQODa?~~|D zk%Xy1j$k!|s7dezLCV~rqD4D-s0mw19cpx|&M46&&19PegFIadEMGO%wDZuFqqMJ* z@p&m3FOiTtCFSprm=_>t)Rvsv$i?l%;+FE?W8{C>I|m}H;u@@h_RX9Q$0l2AHg@NpIKMPYm~Bbc$wwq)co)Yl?Cx=X0XD)+<|YVy zV8A}Q!tog)5AO!1Z2ExO3NNH&nmFd)F`-4Rta~<#Gx;PO=t736Zzx zGD_n6d{Zpz{u)?z*B_!n{m@VQ{hv?G`xc5|o&LAEYx@81ZEp4Pf0pvJ*m}%~Z=nZD zt4*8eWDPCN54Y0v+g=lzjSE&t!N^uL3HKK{c}o)-LHO#I>s zU`hT7Ref^jx9D7p5?xtHjZ$R)5^US6N&+7@yamNw4%4X+^_;zb#M7St%RjFeAGm7Z z5L9RX+uJnHfA%-`_j~@ojHdHYT*4+@r)}zu}0<+Fg%XO%T4)LCfp49=7t}d@e&~vq*jUFg?eb zq+>_tD-FdbliILpkTx+> z2(na=8~)_tQ~UkjUUYT3V6FbQZ^r-L+uhvi_y1))E%tvGx9!RT=;pXfHvtygkzoUr zmw-C30@lT0ZGA7R%o1pgX>SVbAMmPm#{(YT@qotXNzf z0=)HaA@D(f(tFBN$OHlfux@5f;N7`4A(YR(f-pU%wO6d!5ltM0A%mL_uQ&y8rI{(Z zr#I%Y%EHj1PNnW(T5ZuW=C}4Xq=v!(w7IF9HziMQ8s2m?n*3n}*G2h%8!51c|L<(> zoBlt$2RnWIhow9X_Yj@NpOVzh%;TZsm(#*@MTC}SIJCtH2nPzJjVSTSTDsuL*1A#cy_3~WAWbM86 z%fw1rt-)bWzL`z^)U(>H^h9tWz?;o?B09qnO8o3z-HhfXn-OcV_cwUbrxE`rew4s$ zVNk2s0=|8FCdzU4 zOn*?mOyC!ivuR4JLv^QMMMZ=&#yvSZnqe5yKQowwES3#p@dCGJ4YHLR9ck{$-iY<< z`K{!^6>G_ZUr6R3(Z6+$%-wFAWV(t*KyrG_;v0B8^Ix7uZdjT{PWRQ$p~O)Dz1$zR zC@A{jXDo1~-UxeJ-j1nrJZ7M?{&7C7_&@#bCt>IQU-tdat-XVu|1aaw_`jIn4z~aS z@u%1Y^1gJu5ja@2mI6ggipEzR-`#Asf|a{~s9aYt_8L^m_mQ4+{{T-b{tuJ+0^)xi z|KC5@GyOldcJ_Mte<_c~|4)*6H*6m!^Phs{vwl31+`lH1J}V3sCi4atAtx|S*?y#; z`D&IzmOy=hSk1u0XqM3}!DAivMBdv0XY_fp_?251i+3BA=C0&xGpJpwErSpx%%qk> z;od3dNqob9PrE0;gDwJf>HzWklG50pn zuFiO1HSnh}4txw{PZSi*<{hg{^mK$~NoeM~(aTs;Nobu#Ip_JdeEAy9zhoD}N}!pk zE^GTFr-Q@pd_HJ@*n~t$+1%v)?r4$(cTv+&JjY%Y)8GOzt%rxBSsaTsEz{e$(XcpR zA>J_zS{rF~8KKy@3Q&3KQ4SSap0bxhSqKbHn@+TQ+mr^!}6L^fP$lTYEhvSF(zRu zMlIALWiX9Ub6N>*ud|G4Mq|7m8b@&|LZUsl3RO6|sk2<7QVG0XD&Ar){M0yb49SAe zErOv4{M81%D6Q6$*8C?jfVr7QF+1uwVD%@er2w3YwgM3{8#|8cNm z#(&-3I_S^;mhxEg|C`QyKLoY>Eb>3^%i|md!o+nH$fm+^A&C|@g}zp%5w?hhl;>bL z{Jia?IAQ}42JA?#NgCwGJ)PvUAa(^g4)&c!e$vPa@L$F-T1S9(N!Kx8QOY_F)b@aa z=jT(Uas2KM1|PaJwBrAx=nD)_T04Q%@c)B-%l~_OXQ#javy?~U|G(1t?am8ClFLuA z0~DRNX}Ds!)kc;{`A%9(Wm31iz~yeQQgmS-eDHcu~wRW*|e$yeK}wugz3rWnICJA znTx`^B>Jqr9n{==a#)L8IDOQOMzbXPJcGhXrOG|Qfrx8b0x==-sz4ljRK1_3GeS4V z8HwVE+U7XXHV9|tqa1sBPQuf+#mVWUDZiVHc9 zeYpN_Qy9z#@cO@%D3|8Sy#8+$%DcBmSHG76;$O>QS^dsOgx6FWx_Ec`sw8H~C9i=HnLc9}HdFui1`oAd$@F+p49H3ccHqD|w`+GqU zpRP`>-C#Cefa~*D=ZD~YG=dozr!#Qgj_Y_z>-1fm2-Aq3HvV=6faYV(YJmJ>=nPsmXlj?>vf8coIo zu3uO@36jm=U|^bqn~$>Ksjn_i-=ADk)_U~I>6_E*(~~Pc?2><0Y&60tMDep^VOpaE zTpb_1IWe@p;*j51%;Ol{_%ZOzQ8qNHHoba(dUg8Co0CtkPTrp$%N}`DVDg&m0D{a; zMe#U?Y%X2}tL zhhfGTOL-BttZA76SRF%A$jy)%jTx;fmKulB9>lw=lgm#Jhw@+ulp{(IuNMRH`ttnU z#ixgZaY85|GK9#lSCphO=!a|}onL|wLCmBnL3?W;h6LdKLKDGM3c5|u9Uv2*fDx7; zm>j879?En=5)EC_rlT0*draWernNJa&>{;Az}5bz%afy5pU%(T{MV<;^K-$?y)Cao zST*cg9O(K}+KvkCM=>7RF7E7YnX#s1cPO#eFk{i6TXRk4Pb>RRH1)^u3dS%Xs9ES& z_SD#awhy+=`2RaQJN^C7r97Jbhe}Iqj+HN`LV>7{v@v&z2Wmj4uJS{r#+#QlVtTB=0a$|NJjP~oea zpQ8)#RSDI^xr)Sen86g`h@i}o456_{O@WUB@8g0P5r5nbD#RZzibFb!;|ml=!F`#z zF`sI$DC+_5baaNuMFufUNM-UxS|Ng}l}oSc9mRM4J*N5roGaldohB<6-gy)4Eq=-v z766+>de7-wwPY1|xbUnp1LkA=7a)ikvK}H#wA%mUXas}%pk4Ow2JwFntn;6}tv>(v zQXXyp&*!(BO+N?sQ*8K3Z@S*>CkWlDOfSvg6`?wWmm*BAh@TOS)v+v{;nLRgs{WX_XBMt&O6y#{Us}Gz;vbn{h05ON)!HEOyB=$LS;ZK*2QNttv+q zEwg_c+~btHThYs*mSDJ@Q-z8<%QkFUy~;7rM^HtDPxHeElczs!HJGAh6D8NUvK1tz zzqpxNm{hH932HTa)hMD^z>gd`gofq-g^mla-eNTm#I-~47f7Ncgb4xLW;cbuYUxag zW$0Xgi}jGgcnw|7Q;*h3(^I|VQ0@D$Tl7yiPb>K^MHyKj0AyYKm+k!>GycoLb}#=e z<T+4qIl9zpE&I;%{c#1-9;en2e-tv4x z){HO^SvrTqp>?{aV=xpYb?Jq}BNLc0XgJlA| zdeyOOM8G95t0-8b;=GIHv~19Gc`I5LhZ0Jz7~7KQ3l0J)rR|3Ft##T-`=sZ^$)VMv<3b zmASj?Z;OjicC%$yu}F|!WQd>u#j3r61ZkPMLaUyNy7E%#sx|`hW4U|T$dBV2Ke&Cx zzvp|W#A)CT>y;0snje(6rT54=mU-EiqNDENG7g?4H|6KV+Q^G+*V<&TQnDohp%{-@ zn!*fN&2lr4GK3R^NdZp&V&H~$b;c2llF2NN+b^=JO~|OApO|mF0N1mOdGb&k&LFu% z*)2fH8i)u8nEMXS(F6XBps7zHsuABaryU|{M}#Fe1ZXrW95f22vFQ+8K|*9Z3>f^9 z#!(QFm^rP|j)S`>jH`i=e@iPc8p#=gTL(E+}a$u3#Vz|bf+~5~~n#ORAQrZ(ueQ@$n{*mRE*=p?CvjOB}Ao*_5Q!LxxHoje{OH~{-4WvH2ePro8PXsdw*Szj4<+CNyJ>~u9~<+2=3(y<*GrfFh=P1Z;Aby_}db@ih(S@Servp zhhu^6aSU2Hd8q9bKWgIFtwgHOsu^Gn`=dyg%m9~(i;*HNmXs_#peX7ZQc$rjT*qgY zO|U3!z!By$hLzJdNNK3Vf4ai{<)#D%Oj+0qdH)DnprG0lglM+-QQ`Dc5bw8dZ1XVO ze_Wk&`pPWVS%!~K;U^;)d<#z?c2<*j$u{%0?EwkWD-_&5Wgqw!@sLh%2v3FolD*0v zfWLzmG!>|>qbWo)r&C2Gn)yQYG)`ZFYt1%js9UB02_%vo3X&E5{z2u*qDNhcm8Mk5 z$`rp;$&<(#I^>r>UqP52qx9Y#U$bP#lrT)u!5#kvr!WA;CG$DV?y`tLzRAk-W1>+` zzRl*ZIks z*P~q|{QvvAo|WjPx%~W5O@`o$(pej4Mz!D(Iil#mid`hF?(QCF+bBPI)NJ% z^pCW-M*c==?Hl-BEFiL1*Ot)a=V6e}xNFiBPEmGWT8@7P>H(HgERLoTVfzyQ>+qRw3o=WJ zX1Ppz;bR;nW3ai#Jz=s>&iPK=QuLT881=%RGHs6oymPi3x=qxOs_BA zRosXO{20<{cW6jOP1;A7>|cAXA;D7s?uglnc^sE}vx_B~VW>Dyk8e9WS9YQFGzGiw zdT7g2j})eUDOqJrG=4^M25&G(n}Vd2thVS}14X(MeXZw>p{yj$G>g(l&=vEUXKy^G zOL{ww@ezDrZeitA&Z*@UO8$ia5e^pz6By272sY_f=16ZHjlh@)L&tmoHsxsyyMN77 z3qCxJphAoWSFM-^M-a;fZryx;7H)bFE1^FL0#ly^6X1i?Cj@34`6DhOj<(ps^ID>0 z-XFeh7u=%fZa+p%d2q<>$TnW>{)T3!8(W1}*TxI* z_T+78g|oAZ_uH@33Ji%cWO9HzHDAiU!oLpSLe*62!=pTPU_Uc~;|5(vIBw&`I>@6Obqo$y@ zdJ+3k0!|YG$82fC@ephc*1+noG4hFcu{qqMuii#+M5TZJa&L2UI&dclE0AC1nT=t{ zrTLSMi;e4z*Bfs)ewS^%rjU(N(Z)rzaUE^EjyB##8^1?+*@za_QH~ODb5EC$D6_e} zOADQRNl`)tY4Lhz7w!*qKaiY^Om`AKG@=g!hh!G`1ddUrraYJ0mZzle|AWWn^<#{H zABMo=8jJ_HOXdjNL2&0MgbTLZFOl5|FvX(6HAK-^B@zqRwH3BqtTi6F$%g9OKE*(g z+~GhQ%5~GLHSa)0FILQG8xQS{(IdNo275u3FONC%`TP#tR)}MjYRqx4+;LPbJ+En; zp*Ecb1CjSKS&WXwap^$W7`>NyW0U~OVlU^rmz3~z7jXkzew=ejdFfkLQQ}0It3X5% zQndC5?(A?)PB%61iNFMv2!0D5``zQl>Ap75$R6n()_4|BU+5gRG{S8k6YV7|9`@3fRx82Rn?cV;sj7PJa73|?k%ruaRGddBw z4f^>hjs>hfb$U3UUopxPNO(Ndz6TJ`!K2CI-%+{~I%i7saju+}g(jDU-(i@!OVTfS zF%~`FU5@9=paq@L(d|m^AnM<~J@e_VcacT&D28KrLiKv4fmtBR3bF%n`8u?!6`$DI zJPZOfO)oMuielzVNq0@Fl3t9vrm6=TJTOXSaqkTZ{CI*e@p#o({+5l`G@9~%f$7Q+ z_^E#r#Sw`hJ3T4POF=lJ4fU$r~yv;pwpqa%2KHHKk^ zQVxOs)fmU3S{o!;6E>E%wd7bX%%yYfN}lk;^KZ3xT_5vO;r^mn@Qy2?(v%M~9AN^J zJSdd%ru-O0DWof1uyEL~&9lynmM2-S_c%3Cbpa8nm5q)n?zAQ;yKE~W?YaWQ8(4ZH zJ28+0!0nT!+ADpDO~eJO4Bm6R0PXra1E5I42-QZ3%KDF zP=at7peD#0?6$%16kYM`qveNSxZu>*SL5q=vvGO8*7FKYZQts^RP@;Bisx27yI?iO zMa;Qra_xYTP|$`I_^~(%+ptR&(xyAK)fpX(bv3vYqZOe6t7m1GvxG!bDDKI4nwIUo zO9GT|sFi6;YBcw}-S!zwnsvSTT~UEX4aU_OW?I@RTn=9KMvBHxUo}G{0UA^SP$DQk z$F#&vtSN1)mV|{VTLsdBt_hr`=bAn%)RNqP$}5kon}_Bpab42G7odz>GEUmiPRSGP z*%GXXl*wQ?S z{-2ku7CQ+)JGuV!%jwyxPgf_G?@y17bgL_V7#@pc-BtFmDp}K0n>c-ceBw#4=5`=k z(>=Y!OV7l#jL0jtSe>*zKMZqR%0+z!@-4zdOPNX4%xsnvX*DAZZeZZgFr>;T)j0_Q z!35nU3;^fWH*kb92=HA*f=QH&X&FC3WCAlV!!YAf3g1A2+2rUEB&iy9{M-2-XCUxX zTGEw3xLnW$rq`Won=UmdM%cfJ;nn`}f?3$B_=66;&Gz01-D2l&*1NhG6fM?7)pk*V zaGPbpD8fo}Tv_GnXL@_w(CV>95d4%gV*_*QsiXXAGfzezA_jJ%{+}*@7;byX7K0XLQX`q z0nDVprXA$%Rd;b{nK7CKqG#O-Axuv`&-|EgYVVThvz)X==dN`hXG!##>g}!`DuQvv zJh}xgMVIR&rC+P3mH!8U*)&R8M1JK@UHsRrtvxgU@8&@t|7|Icp8vO)-)@c$6@Wj* zVWHNau8#-R(J!>FDa6UsYZOBdc)yB(CD-T;8sqciB+F3dI`%UHaFynW zZ6gw>Oj7G>TLVjxAvV>L!aB#d*`x`Ykv%P$Ew@#m0Jr>Is(&8qX|?|==hkgPK-Bnu z?j7uGn*0CuLGS;$lt{%i3hxSK%6&sdN(8QJ$Gc`liA9}NOXJS1-O3m>hciCSfu|7 z&JY3bkFS}ygJuL=U0+$3nDV>Kre_k1p1xXKbuRHq;#0bsSeKxAEW|6~6F8d1SCANv zJ@UF~e%o})R(no28yIE*BpdU9-Nd2I&WHg1prUImR-`X5(0O)Cgls| z2Xw!xaJAxHTDRSz3cjEl?TYvA>K!;s32vbdxYBF^X5$5wf+;7Cd;!{+K z{L?W1QleZq!Qt7B6PS441{7~UL#aQO>Z=REqJT?LQO(Ydo>iHwE>tG#bTG@|eDrGc zF1b`$P6jxNz5s8-b753%MJqu`L4@62C%#Nk<%1E*?))qSIQH=beAuW(btNrE)ZE+7 zP(qcv-w-C(DA&C_;QbPXQ3hEMS3kCc0{ZGYvFB}7R{|?0*u<^IE310E3RvwA-gPW0 zaBfH#rlW`iCtXt(>!+-(ohCs)v3r-hg;)*S9Wc`7tP_ip5Y^8S%r+n&;-c1|W;blpYjst3iLQh^x?6pw;$6^{C$10a<8S;<|Cj+r(8|-USxE&X_77MLs-AJU-4*k4AjX zQ~F+{26To6s@+8$s1+5N{|>6qLAl zb+c}s6m#m|LV#g{Axlz86$3{CD94I005WBzTA$H~OLWzWU$pT8TtNbY87627*or|3 z^V3LSHUP9hOTUdUX5Q%~!If0i%dM~&fV_bVX`rtFDH(Pg#)ojLwYS4E+X_hBM=>QhaUm9W!4zvoVEo~$h>XD*5+kGoX zzZOeJ{!CY{|F6Y`nCj?+t7dNnbqyNZ+4SMrcmdcAE3SJ8DVcds^6OGJka0D-xwE9w zDGZ`f6jWuzTp2+UOkj9bLf}RRoH#peV6Ci)j53^w%U=(GTI4pRs zz%|8A;lAmXe=b3;@fOu&FNsDVB3NwXrdhY)p6w*F63om!j80b(5R>u_%9{O}bg*9^ z9ul*3e0yvXm`l<$z zy>S71K(wPa=f5na#rprp-kUeKjUX^~4VxC&IyS3v(Kg-<{ z@8{NYKtPei3It#jNSR~%yT7Otb>Si*+HwOC-4=m5va+hOGPCjsg9-FjUI_avZ_@q; z_z8L?_rVqRU!(EiNW1?%9-VaY|F`le_rG`^0iD%$u6`>rYn3>t^BcMy`p0*B8LW=5 zt=nLJ-Al$!3a~%>rI|Z1gsyf9Gz%GsxxDwRnH!SR1`q6pSo}+qq0*kOU!UMoBt$>0 znny{gvr1T{c4EaJb~Z^(o>u7pG)*?5|3_n;{vQmFJNmzkN1^|C9v_7Mm!-G-feryV zh33N_0!60)aWLHQ2*7Pn`j5v{LH}h1HR)W>gUkWSPcGd}Wyb)TzM*M#>EAmh2HEL@ zVZ=ucE=I5ONQLessD4_Z|1AG*(GgHV|Hs1oV|3yw}tx3H_+nEl? zr7wGzTj3BOS=dqv@E5R15*jhK2%s!Weub_NQ^erPUl@@-BWfcpBJpSjIl|D7M}s$S zC@MD|O%@|&kwJ2!`)>>603h2!!NRca&=D|Pb>VN z5bx|9V5R(jqU(Q84n`gSx0Ofr|K;=8DFN2!0i|L7Sek&$YmEzhC`Ew4eWwkm`Bc+? zA0~KjL|y>V{s%7%yt`SvK=3m9A8I{O=?Gdu{|}Fkb@~5jc+}DVtvoEe);pQ9gDH$) zN@B~qnECaIoh3r|aZ2y&VT2YbL?FljGi5@+_0kw2ut-P_zkTQjH0qh4#uda=US@-Q zl?}KTqu@V-3E-ZHQZd!2Pq!6cx@myFtJdMf<|1O|?3^e*Mg6>4FNHpGz~C(mp^M-^ zw{!PzlN2t4ctPDY9N?nw=9+W$_wiSndlja-)UZvG57ZK?2M4pGq z%zeF>gQKCvzB7fuO(76NqNqoEfWRxlC`Ufpx$=Tq z_Ma~GH6-<{`dP$jW;Ss8*U`b)5sk~`u|y}8#Zu$x{{GYDev%)jdZk4gTI-xXUHkH*&^|MaU+&?!@vbJ0?P zAeyrGcoN9FMHJT;gI^U&^T?Qd$?SMO=c|NFQ9bc5QN|L9ZB{~wGGkB>F} z|KRX&*zy0{cuJKUK1|Ty-VGF0hQxo9#bfx>P+f)4Efj70KDRrZu*7E%Oh!0>sKcfgW&zD9D5|1X=UGOZ&X2n(Sd(WEO63YM{0R9D_?cs2$iHoA-dJnh%+Z-+=yN73<6b62RXSaUg&}3CnF7 zPU+RlhgaQj%SXv{qZPCB7?w=^-5w>=b{0)NLDb5!_6^~jX6>bkoSp=8cM7>*-zgxK zF2Vpt*(Lt+M2kL-g?A|p^3m~M`3sitn7t{;Y)txR6-3r$_OdvcG1VOaAZIG(@64pc zJT0-B?&t{sdh%a6>8_kU7l1xEfBEtWjF$Mt+vm?NuRr|y=K3A|OvT`Tz|~tg;T4MX z9rP=;f%(hl&lN&9K|YhWzkdA-t9=Jor@1af0CaVJef`fjZ=Zcbpr{pXGoc-G%+D9{o{_1=5k1wQA^6l0|Gw@&k^_S;wUeK-~jv~eWEDy z!a#WoKz}BNfLEHMe@^ldzIkhWPJ(DEUi8>s!34Yq&JG9B0cU5xxq9>Z7YE#cFJCMl zU%okicKP}j@D>9J0t7Gx7Mf`{b1}6GA~1*ZI9)m5=0EY5Nc2oF$96MYf@JpcZnO`y zqqpR%5B)t%<8XhNkmdx_jeKfYh(FEUAj)kZc2Q3(1VAocnstqj5?TWHI~WYWbqFC* z8BXF9jD~n)Nj(67@OLm8vKNzpuZW0t{rt^~wWzfaRGZOjR;{Dhgkq-<#f#LVg;V%( z0a3;(ddcDxjD~aagD&7xa5Q`sJOLmK=7Cb~a5&UT{`HrDp9inb-(H?S`*|xT0-N6I zGl2v3_RX7jTRR#`q2sECG>)_UjCkBo$u9JED9xYnd0A)(beLb63d^5*p~Z?;89 z==9bgBn+r$=kLycKEHl`3Y^cM4FwL?B5R3 zMRY*{+5LlD#Qx#*9Pov%Z!`n_J~8v(`7C4qE9mzL?{{!A9GyrXITmn%kBb0i54LS} zi;Ma@_kIey4ZD>Md-3w};vc`h`R)4ohpWrizdZDwHSS>bZHu}7f?emPQ*>(Ed-Zl1 zSyX(@gML3t1BlK>px;MH;KLL+JD)Xde0Baamy2jG7kB`_;sJm@h+-ivNnG{;#$O!y zNMf?t#!~l{rA62CU_u7r#Zg2fEF)*F-A7fO-M;%i_uciImv6UnO5$ZueMAy)F5bL- zeytvkMD>pUcM+!$ku#AMe*XIW=abkGm|| zI)C=+^7V(`uAjeseg5isK_kKj&ZxL8*`OGeM3pWCg7yg*(|Z&no+>+55a}8WO8UG- z8iIbGI3x7?3q+}%1@~W_Q}u(yg*F)f|x@}aR}2rkU>PC7O#N2bc2x2^2#bV(Z=4fiawX$;)q&D zs$hQo+E4HK4o#*X0)!X#3iN*?5&sEk{Q4F2ee%=Kg+b7tSz6LXrz4falc$NYc5mMl z;oyylgEtR{gSa&u#ML;Eyr;{4$<=k4^IKc(wf8i&|71$X`p#d~{$I!ABi;VL?_oZsvzjLQA71-JyUy?iW<8ch*Hyy=3TKceRG^Sje zJg}cxI|DG=t22iBo@=vOo@>fIYPs9mcsx9IM9Wfn?t3GbM<2r?FEqZ{*}paX&$Jpg z&$C4uMlnKRDGYx{D4fSWJo5vD3CRP)Wc7waA43{)+vXJ4u<=)`>;Lbi(F3`2Yom4i z`Pt8A`?T7+J(N5B@tSRU{3-2;<-V?GoxQcUY@72I#kOCkP01l~R@Cy38F4RNZ$yap)+S*M|5zrh9#kd4b*p?iDnrZ`#ORkrf?udB&oyuM3^$+h%~56K+ACt27>hBrBGODvY=Z7tH!DxQ2(o?azk1)(&} zFq$U+u3(CO6S!LQrl~dNoKC~$thsuCZ-+6L4)7mbL@m^NhpEA#&y9}hMD ze|&s$)ban@c)myepE_BUu>Y12Y@2cak}p*u^N-84$NtN$HNEn5TIw|J( zG4C@pr^;$(om6OxSI--xc#=7F0dy@MQf_H2R^4b|9Zp?ogrT}QZ!Nd-U9!W*t=|lz%*lTT$jeO6A(f^v6mfm@WekQckqo z&Dk~p&3b0-WPX~mQc8~pKV|s54ll11;zE7L`5aw`fd>l`_T>%S*z}WX&$~wIJu4_= z8YnyPCJI*oAM_yvmscP_04)-Hut6Vqi!_B%7OwCiL)Jv>7)Yc&Ha5=3PTVlOb-g0P#KFgXKaDye6gUwc396`*S<0WP+xc`ZR2snGd5&c@BDqnSY zyY0rQS(PH;^6EmO36W*swA|ZxkzojSBUpeN9jo=HRi08iR5xT8?+tiv!2JwH3R+oU z`1iC}#nOZyD+Z%W57xC@fJv1nTxWe3A;UIkeZa<$W$v+Tjy1Shs$hfbWyl!#B*-;A zC{6CU;i#p?Za@&(X1tjHwt_cxGkEW=HV2J0)Eumi$NsLLYW|<(aJX88AvHa<%bVOq8ku(g{l|amly`XRv$_svB5Lm~ljIiL4 z_H!KSwa@s1;sCM%*Z_8t+_`|1F=3SsN%L{w+zmornf#Dj$M|$8T1$9R0s2268M_sU zVt6|i-LkMX*VhVxKq%Ukj>M0iypo;(KwQ7jEM9~@NFiE;B>yyu=P;WE(G-Ni9VC07 z=9~G<5X8DV6)ynE1Wo%;UIS@rPJy!{e(cFb#LVC#;)ha%A|HRJe<>dc?oWZUE80I5 z&Gf*ni{SBLo(YL_C10O>W!s*q;wN$xOEZuZ^WsheXD)}Sxm}2w9S5-&l=}{ zL+xL+{m1dK5&v`8o&Vc;wsQV&p!9nJKtcoKZoM){tJ5RC_pH zVMBGHE^!-2A(i7uE;WF=1&kUMNSJQsHZca7yNP4;U#0*m1%!4l6peT#1aai1D_Qrm zEKoL*o=Xl^b}f2Gk5#7e%DDpR@OQ*P#ZQ%=X5dKLK{&`u zv(qkTkt=Lp2EbvkU zAI^>#Z(f6$N?<|=p)XryNSb2_D-MlRD^tb&pTN(H3`~L)Wx$(3?+(`^Rya!!OQlH~ z%-wWl7<}N*7|VqEYUU@51W}lKlJSQuBTHc7#s<72VVZI|;hpahFLklXBv3Rwok?p^ z(`tq^_OECfA077Q{{vL^qWcTyy|N+ORjS1bZ?Ol3pv+bn@6(}?qz1B`i%o3h?O-WK zI7L4eDW`jio(AW?dfVH81*kaxkB0|_{r|zZv;W`9BdI+Qvylubr^;zbhy)ijqUj4ncBw$fVA3IFTFn3b+$Z0ZGiuioT(x$B$0Oi0Yz!k)lQvn|$P~ z#{N&>pAgL4B?P(HNKISfC|rRNz|u{CXew*{SQe0-f!&hszTid>_(F^UU*O|el|S-v zoS7n!))wzlYe715N>6d6wsFs_a*PGC7F}bqghfG=7BCjH@XCds0+cxgFq;P_w~npD z@zJ6>yI0Nd@iEF(*!j#S(`5eS!juhUJI(1?FbVUKSh%!J@OcY?7UsGJIWdK03${N4~|1nQ-Uk zr0W&}9AKG4*3Ex&nzExYzn0y;W0`>BxlS|_Z2NQz`)}5bX4b9`34bjZkBz|D24%Bf zD0(xC~7vu#DgWG_yEYwVqz)RpZ;jlCBq9;ewVx&_WGMq_#16189hxjpv?Ojc(*F&hlp+T){A(Dvq(7(?4osCp5)|GE; zRcqHutVSXh>m|e*DISmP)*`~CQzsh*JWM?K9OsS~%nwK7lqBB><-1jY*4R{wK&}jl z@vP*sc~^pndc9=vHStjCDfin99w!H_R|-QX%>UV+2J(O7dtd&P%m1UJBjf(};BeUK z|F`lm1u;ELTDtvZa=+!)H$Ph&-2m6M{{ldF7vUqL@9SOQTEK5vWl>ijP~$#UbHQjT z+!Z^4%-v)YACN+IG%IL$s}^Y~LKx{7*_~!`LnC$6>kXPPo$!EGx#@*JU@t9W4zZqv@aqGBfSc=)DfuxhuUvu&+7c3cED@VAln!G>XH{ zUB1$my)u8=lKXP&PGfufB6JaYZCvvOUSzY#Gb(9pt-?9tHk{1sqbyDm%xl*b?ety< zn(#c_LhwFs@Me$F;sAjZVn!eOU=pX)$t`k2ut3l*_?6jv=zdwqW@2IjtvO+#Mqx%w z*EZ5dsd0$~Z?t1+P2qNHQ7+nDwMEHH-@+z_I2vaIDbZwRSGA;ClNK=p)E8&DI^g2(!{J&MlaRhv*yjstoCNx!4^Q#14D{709AOII;U-d z$eIQ3Pn!T{S%Qh1&Ft=1b=DxMU9|{{HZ$vdU3}2KYwu;=TfNgbA=}uFo*n%1-72AX zH*_KDq?>3L2cn>U66Q^?ttpi?wrAnlyF<9nD^^kV-Q++y&oPtY0OxX^gm4ZcYTS68 zKrfgm{)g&R<)I%0RBB)A9PZMziP1K6?bLw~@YUc{NLfJ(DZ-18y^|0GUWYEK!mR~` zHuUKYnh4~$mxvptYPgA>MY-G@-vrk(ZL<(Hv$t}kwS3=jIRS14Lg=E5%qR5;2qK^v z9!UXQ27`fqBf&y;4D?C`=o%DUG&H1PdUvGRN=HQ%5)quGT}W`Vja(+{F>{R2WroNR znqh#l0rK1sUcgjmS40*?^=@q%# zX}$nEagw2H>WE3&@0*4RaY9M143CLma;ut=(w2B)yqhy(mctS+iMOPS=7e#YfnCuC zQKj|3s40~q#1o?stcD z-av6|X`?UaUz3y6k+^-bPa&ZnbY!PzH0hG8UY@z=d49p2f3}7OWB`%1$&YdVuHU+? z6HqVDH3dKGS1;edI;O(fiE^uac!9+{=5wiWjC@GtNIoO!unfNVJo4qP3QXB~_?elD zhz~BW;jr>f5A5z}t41dc`#*sfc!vf&Yag-xOQGwpB-0PxvSC_|Sv_efiqcQ3j_h2G9NnOy6I*kvoOemf%(XUk777|Lf7{eligHZI8S#^#He|OeGIcFj{^g4D0zY=Z9+^uR$7) z?3PS8)Bc=w6U6(BEA0o2O;rYEu(2w?+Pt?U4VG>O`*(2FPg${k5{H3@PuuhG-d!Qb z#+@1TZQX?=p|1&Ix*va936J?KeqBTCfj`C+duqy%cW#o6zZG2J^v*B zvNHhrr3{hEL^bC=@Tbtc{;?macBpt8ve#IV`szOLC0SkwNk!757!>USI9w9%<>$j~ zOpJfEq8tszz$6IH3TstpnHsTEqKl>xVREc-H~k!3@+Nl$-xW6(O0MNEz;ov?^jxHS ztN9RlYK!rOKw00&!j?q)r=^P)b_}m!iFwAy#-c~Ur1}^*>GqS`@9~J zlIQUf5*Zk?BABYXUItS{QdzU~>?|z5;&Tbesga80;Md74{>fTG*SyOd@N`eWAX!co?nG zoD^|!M~k+&Vas@7^OngXZ>?pCy7Lam5ztx(nB4Q03F)`DOwA%h&1o7hl3J`sY3HOF z9;33L=Yp`De~o&1Crj;p-64yWRxosOcHHrJyh}OLk-6tgR8+m= zrX<#(-syv4gB_5o%?BLt;0~?;8#C*ywQ-l;PqnH8waP<{RiMoU=O?uZpH&Mr$PeH*G% zrOz{?U^&U%{6d;{x9(;1B=`jVSAp+`@ZL?S7ldKgxI^NLUBoG>EJ;W70=KFgtchU@ zyjxAmfy0-Sp`SK@HA6lzvviIYqlVU^3~ps(QsI&&t+=Xe+ghtcFy8+Oyy0PM8Qyj& zd_7~#gslr>&kYUZx1G9(vZ21Rt{rZsMCM?V+A@svg$}85_n~cAeM&0#uU^4eY1+D| zxdLj97Y{@p=v<$vYzBdKITTKwC|zgPnyxg0jVxW!^w-pZK%gUkFI~7$yX$*+i=eki z4GZdd0S(D9cJ9;2Uc0zAbLTKD`{+1%jzEnT69e-w3?2 zR_qYIa_=BOixh%;2>dw8XcPc{kyxN4+`SKB^8Dih6P5V_WxqwiM`acCv|sgj{EK*g zOLBVi?JKVz?hfEDl8{)2Ad3~b+-a5GFpT57MN)ZSC2oqUPe43HcijvV0RrD;4<{eFR3Kj&~@c?9i&6!u+&f+g4u+0#|sJ2!{L62aBW(p-gn6a+?W<0jjt` zo~yS%_LAgI$X1+wQ0wgf1TIK!FyI0-CwD@0Z4p9GJSj4sW8@x!dpF7~;lRx$s(OW( z-_=NB)S6zp(8>qW+{tDVr*k*Us<#ZEhQO!TDkXZaWz0H`Z85tb$8vzcG+4rj22>{j zam_W1+bx_Kz1y?m;zetc#CEp=m8C0?#b6RdJ_u}}5gmcjzX9DOUPKlaTEi}NVmB9n zRS8QX+0msf25VKxV&u{O^{?dwK8JvM2IXGBAc(+x5oSRW!W?C20G@xs9~ksII!T&WnLR&5ovY{*!{mQmrO_q9Kn=uML4@-H;S(_dyr}H$*Y;1C)gB zie|CpX9&&Oixx=|ry2CYE}Q~CUG>vN)U(A%Z7?IaVQE%~aR?vxK(4^Dz}-SX^Bej! zdBdP^Qfg?<846wyA|erS<50Ac8I|l=i>L_`{&#*!=%v1+&3V2Fs!bp4y=iPfJw~er zt7Yq~SM=JdVywe{$t1ZJ`(^FF`4LimsVA5ortwhkdeeB35o>wiefN?4b+;Qr`cQ3E=FcgxsRmz&THMT57R+EtjxfL^YT#c{9)>J0SQkyKS z)VUF{)Z6ef#L{AeKmitT8eR}pNuE`hm=`Nt*2IL=VslK)twgL5CQ4NWRp`(ww}cbD z+2)8b0Q;5+>AGjDPxbvD7kc+UxM6snpB(jr09W{b4v$7g{`Ya0|7SZ7b7#-_0U}&u z4&C*A%sa-w4MP?`7i|(^K`2kuW#oVzz~d{Fatej@Ic>r~Ez%T5Sh%ED>zMF)ZiL4I zFo@}%p3|=U22S)zb@@uS1MnkI!G`<)CCR_rYW(lv=-^o2{|5($-TvRoL$(c_)$MG3 z+SgjUo>#?tZ3e^n0L|#iJq4xR%gHIo-)!^ZHu@=C1}KOl(uS}Re#_p1FW}=M&LA#s z8X=QB^Y#0t>e+$4EpE`P!a;16t>u?6&B3OQLFY;GJAGRYHue4X`?o8#Gai?ZR$3FO zDQ(O?j7HR!PxkSmbK^OmHD-VmR z^_)#D5OZ6>6eh8Moj|XZQ^8nQSFx|KT9)h)xc?c;Vnh-eOv&RS{JsD;P1HGcAw^W9q-UBF~=s;Ako`(qPu*InWE%Nas z(w{8XX*swgZy~!R*Yh{zfq`Y`M7|XD;)Z&*jbTPCI3KYix{a5RDty=&d62AnLzG8h zX3^UW6r8@z-avp$wxVeW z@C(c&Y~QW`O2Qz^I86y&@ant4r#|DF`k0^U4|^7)0NTvy8ExhzF}dnHG8hH~=Xj+D z-W};LbWujkLO@KdK?s72`l0js64#ODQEi?YoUri)2n15Q@r1sIh-)M9!LcW=LVGUs zU;_A#+6^M!drwm$LSp+{JwN`s8%e#9s1V%&!7Ei!v7meu$p?HD*f;H(1`ytJm~VjZRIiYzYDA7 zoM<#)cP)BS`6{hi7D!>_!_><1yNdQzHLI7t^}6e+22b<--&_S;x&IGFy8id%p!5IQ z%2TxeL#h&Py!B-rZ7aJz7?JkBIoo{%l*Br5fPd0=eYoyH85wd`2`(dta>=8hC49OI)sLE3DnL-oB)b zX|Zi?s6<@su&DeNPT{9lZsyH^^MBvF{eKPnf4kY;?f;$s-T!;nkT!EOlg zf06R?c-$)sL;DngKFH@!wpAupe*^Gpfq0S=3@07}!HF9I;uRAu<}eLB8V1jE5!L6C zaCZZ6Nw596k?UXje;E*M2oKcmW?&wp3>=U1T4>;iC2cxP6c~mzN|N;1o)Rqh)Gv0? z;P&GIV(ufcNSzc%;Np_1=6#xCC0#@yh-e}ufMReD2^!E{kWl|RHwYJ|@pY4oPXjNg zFhDk@c6kFJSBCJ6wC{sY{To0ts8LIJa{n2I)|61i(^6%GY}YiZd+ATjJ~TQ16Xoin zJ^Qb*VgE569}T!^y`V#H-tEm-;UcXPS`ofUeVWe*4pX1Zv^s9sj?Tr`-Ol<*mQ2?Uz)whVanLQG|yqmh)xuu*AF&Q8q}P zs@!KSgpl0l<;mwR(m49>_|^dq{(n!sz|8N8X?#RpUyGMOdpiRT|6Y9Qlz?~! zlQ3S*VU#(*xz5}SP8Q)c#J`@oa2`k3Qk3%o*z%B-1;B{{)#)o(B|{o;uK2uyK6uA( zpmk}maCpi}w1l>7cJWc37)zUR2{x$SJ!xLTq zGde!#?0>iNF#Ru{SOi>}wjiEp>fep%ehuC34%gg91XI*~{|!wWu8 z*q_oz`OXZNkbgH&dLam-m!cod4u*U^S3A;8yr}L-flskq5%FsWniS0gf!yiAYCqc& z$=}JK^10i&17E)qnrlX*70kG5xgm{LwcLfp6X{H{WJ;*V^irTr_206lIriM#Xf(Ql8-Q7B)K>{hm2Z6tZK>sNg$-!4a%On zp_AfTe45bzJV<>r8L*1}A06rR|KMoY`TuO?p>d4Z6t|R2Ur@#RS>EytO6;zWs-5xz zr%wPAN>2$1XVMLK&-$Del*~OSbZ2&(f?yJ|NFsk)Y1QK zJc|7%p5=MLEN^lkV8*+wZL1!yFraO9vK0heqPu)8SnU^eSvKUZZAE|p4 z`-2+1fAyf+zN-?wsbNBeFHjU@fg1+@f_b`6hZ^xXAWrgAJ-_tPf~IQ*KuPSsNvN$y z*+8`$q8v)oskCN`B@Ry_2tLu@C9(e(RBvpuV-{j*auwDopB52Ge;EQE9I+C{pG10Qvg$NgoIWl5XituRX|k$#*Gj zE=hODaX3g}5~CoC)0OlxbEi@RSBo&bio?L8;coI`iTFTEXW7aCCd*b*stbDPlENtS zgUBdO-r6gOOQ%}+#V_5+UkA4=(Q}V>%NjZrXW0OJ0Z|b7Fv`H8>73gXP&b{{(B)P^ ziCb9*M0pVp<`5w~-)=Tz6PkZ~m4Bn5iJCVnuN1T4e1VlWT??tgdS!FW=7um2wE~hj z&01Ijq?rc;av6tkb||bl|mFRQg0(57_LN9wGc%~ zEA$p=kgb@@!D$23X;s_7p#-Cx;DfY0iBo{GI1QpHfYI_V2%s1Q)cxcZb1TrhgFY$7 z!@|pFuq`|{aA352wn(5uyI5xeVYGaa#`Ddmk2O?(@?f;g3)caaL?3=0E!&za#oMMH zs=i^@F9X!tD%IE3A}U^4T^x??`L{LX|LerPZ>k2Uvj03eGW`FKPdfR3D-V_N`Rs0F z=%I+sY@IxQ`CkmAWi>!OMvz2c``x@oZE{ldjo^Qxhu7{L?n%F?npXFR;7U#}UnZJM ztKPyuPjt&KIE8}g^o-g^K7%m1h?AAkgb^x_r){feYcg4cp=NJlSa1^G1OwZKy(I1V z3@Dj~c$zg8m!QC~(w>ne$A*%*O&hnhyky*@K~Sf*7Ch4$xv*wCR}^VZoydVjZ77Cb zst1nb27SSkQt`VDyiGNJe~<3^+ZEtkrIBdL3WVo|-U5?2|Hbt$X}n167Y0T#eNC;c z6t(YSQNzOS4Qp8J)?n~zp8tLme_#EnIRB3hhr0jYa5V1D|E)ZV{{PwQYrxc8ZsY?R zn{ZQ>z%Pj4`xv+YKY9R{!-Qh^^b9x`;R0naeG#N6Q$wpz)SsT^Du6Ywd98s;q*S_a9qNH$2z455*ZLU3>=bsW9cbN1qjUWeU zmw14%pB$?_b?PTz7NhJnjkyT|1Q?&iB7QCq1oD#lXOPW)r4^JuStI4#6kh*QZ)>xj zg58Q!7IH=;$jVaU-OAzVfnE49hmNM3>-Dr+>^@)A$^WuXwNrqRQmes$&qJZQfs*8C!0_CKflhUt732=C5b+gA;m1Xg<_Y{iOSxxhZHkAS50?F_;7UR<;oM=m zgeh`>gP@ywGl>7B8y`8kOu+FuW$YZ@hq%qE9GP-#-ad=XD|YwbDY~IVKt?nh|9d=^ zn}K6=Q|3mcsz^nn^ztx~u9fnQ!bUTYP$J$jY>3|+QLJ$~ic>A{wWU1+m(z^KaT@f% zxIPBKJWh$1b_Cv!Z)8MDo!#hWm8>Hh3dswp?x_)bo87SWx!>GCaVn@aAr{;SJeDEm zcs;}%D~RDeHO30BxGj|MrA8{SABBD6-o=GJfq_cM1{_jHgC*t~@=xUFsbvrrcSwCW zwKrj>`_7-5@*m|hm~q?7Ai8TJ4p#bq93Sicf1`sg{>xS#MgB8qc~jxfZ1K^`g0`Ww zEgD)TVC$y7CJY*9Z2_{>($`XcJNCV6j-*ygCBj2N;qUXrsY(B_jCCFcE`n?50juu+ zhR0(w{!2&yxAG|T9}BU7P4lLdUs^GbmgFmAXx*EG;n@h_(!P#Q8i(fAz+OJ6E^d?F zg{Hu@G{D6FL7?BmR7?9oazkYe5J%v>1mVrVv1dOwdc~C@OM0m4&T&nW>4)V?ssRD9 zmJX6!G71t+uoB>$YDyLf&?*seqno7ed5lkk^Z)YdV!b=SD*11GqUZk^9v^r2e_MIX z^Z)YdqK&iv^6KJIpZf&g+$a^qBOY-!8Xs1{7Z%Kb~_yjNu{90(J?%{j-3L%0g!` zNR{USUnASmjyby2oOE} zo~BME?H;9QNM+X)4|F0GjH#@2TZ2)mKEV0afc{7BoMirOd<0a{|AV1%|9{fa|Lr^$ z{f|3`ZIFNJ()ft!KOMkBkbmyV>NvF=Pec`i;xo_G28n-ntc}(4skMZ2W`3)@(UMrd zYR4TH{+&EE>Awi1b`8B0X0675Kd{7qKRoR6zi#DG=>H|2Wq_v{(0K+g1C(ug7-(zf z(Vhv$INClMg84LW-kRBq8AC-hYy&H= zJ;PXvgK3QkL7f^iH=V+a2DUs8Lz2P;^T=kNa?zMxMfb|lk*Q|M(mv)G>C3?y_J0D; zv3M4!5XLD6(4~{3fe2ao+{ZBtJm}crj#JZ7O-aRR4a`uhsg03fbF$H9Es8T^=HgUC z74>jpIeBmbj1KKbuqc{Evd{V%-=}73crS z_)w4kG(I}$^1p255jPJl27$6ImdAVQTL;tn(J%Kx-OdTRfP+>jgL8+RHWGQaKMroE zep!^cVOY2LBAKSH4{32FsuW2XE&IxIm>D>EPofdE{v4)L=&R$m3BnqdO!{0Wu$9r7 zatiElE(I5@ifY9UY$KjQLG&yBnhNaVry{q@XYBbT!|OE(L6Cu4=*4r0`3~C69yxzq za2v;=ewcCxeBJ|%q+p(-5eZWu#er{Ef-Li>|=Y z-?@|*ik$sNvckvpZ=5o&fQ?Ob%#-wy*|ULD5o;`G?9?Xd{;3LDP&g(!l4hYGSdS_o zMez*Uj^L(<92-j=8ZOOfXkGBNHG{9owCF9I$4f}Vevmw&eoP5al7uS|M*!1i;AuQW zRsT|)b1Bqu1P`YO<`LecB==wohjbSb}TO_4TJ&I_0$^l44x-4dnQWJTB-MTDGEm^NRV3=Li z7%CDaMq?q$37|B*(t4B-asgE9T8`pZ`_fOoGUdrnFVQ9Cqm*WJ&Zlswf(tXE=saB1 z!VSm!8|4<)9Iwi2eqZCQKMKZ6_iEnPv^0c`Kqg%Ow*>h6SG#;SPfh(#6#F9aQ0w>q zCu3dzGdelx?*F&)DEB|FV;=&c2aI{#yDC&3^=9G2)NcQ z21OwQRNsjw&aUOO)W0c=eB1oc*+J0b3+0sF!{++HnnP*lc+pzdPZ$9u1@aY4rx15| zp9UFJ3Y45cJJV!w?)&t1Kvr~1XTmR6ze$%3Itn~Dguh(N+l3B+EQn@CW$Gb z6XK#|9h}y=x|CZnrkX@TH}OD35K2TW_o*^*)jJD8&tVXgv7>t0mamh~dE~n0HX8Mlk8#fJLRL#ROJ%O}rQ%+yxi*?zeD{EQ zCSYvpa1PusjPI|~U>SsP3ZG-vkmh1Hizd93Z~5rCiF+G_K^8zXaD89w;$0$780Ayw z`fs9e^)`;P7eNT=1w*f}_#!$-uj2?8@8xZW8Q3i-j28p=0)i;(fl;rtD82T}%WACL z`c8A0DhozXSugpOp2YJzXptl#oWm${L&^X;VAqQy&s7Qz%yNupJ3IuV;YrWpxL(IA zlL9Og{fC8FVRhGr`Jr%mbo|#|&mtS|`Vc11KQ7#`vK@Q|{uTuvD+>0?60T@M^?S2A zF}j(#O9r(3$jlvNz7^vSgv0@czdp^^YGqXAqO~b$g%$_Kyx?qX63o8Duz%i$CXZUZDUzG z=T$j?I@SI9^$9CQ?q=+}pHkPs+`WUBQT8T%9mfT8o;N3VN>e~pU{2G0mY;lIzdkYF z8X=*jNYG6NHYf=c%`UVoorCu`Pi$4p;V`O&o1uT6RZkHTV=_WwERd~9wiD{QQ?x=WYb_yp-wv02tjMn%wO}E zD-RpeE?)`5X#DskeU4&kqI!eQO|NG^!FHhoo+FkB8>}#WFo8(K$;JMUYN%ei2VH!D2 z2);57m9mOd+07}v>^>wEpTR`@!egE|`@B{a)1ix;a#f)F7?181u2h(JM-|GfcL54>KT#DtvU?BTG1KA1| zpzl?AqvFb3&3Ly0OM{>{3(dV(V`UUi0lyZ`DS|k~Lz#mCr}X zoPc6mOvw<_Xv-KlFOB)sD7FOQn+8i5?E#leJSOgj@%Y1Gso|0>e%H{NQW`}I{BBMD z4|y}_FG6ax*RuX+G(J4k`M=S)i~qWnN8$gj`7F1>`zdSY(K3G8DB9-wMDq`?@>fQp z8PN(Twx{lI6&$5frv|A1)TRG0CAO)a7cZi$;UQ2Z|BpvH{U47GI{p7v9+m#nSq5yH z+c^b{mGgLy0?SZZKM!1S|H~wNr4Rb~g3Qk885qiS)!^VNuvTYOwS+=}@dR@~){V`V zbIGcuqugte6Q}6kj8L9`+mTaFScDNS8fsm(5{F!Cv(kBw&Fh&2enA;Jxo5!j{gL{v z|4_lnO9r!MjPeF8)ipmF!BNNmZR1h-KRnBTO*0VlyfF)CTRe}K3$%}>bw<$E&Gr)q zTfxvg2JN7hCKa|NNXmI0Y&K<62-iQe=eC|yO5_CTl@Roe%{H1Ff# zb;hM*Q)#9QSHn1x%@oHE0@L$Pi5vMq^IcMeWuDzbYP46@9SP?szpA0cmWyxYNT^Hy z;}E7UTN6z)z*o@!qv253|Bg;Z9sS?RqtgF;mNzE#c~g&byG;uf71LZYKc- z^3cHwly`6?)y2PRRihSCc}4oWR#iBe;3b{cWiM(~&f<`tio{Y$;7mR%P4viC<&w6qXNyEquj|BYyq~dW#G?_-}5i;sEC=g%g-cuZ&enLddY4v#Tyy_Llc& zpV^A_O6xWZOu;+kf7M*71bQ==O1{;5J#C1j^qYxNhT}AdXnMZv_|O5)B#d4BS8pvW z803W`#0Ak}ehX6>8_OFNXk+jswJKjzG)#tA%u-Q$(qKwVUfw|#QbWA4o7d55Z0^Z> z`ZujCzb~s#cM^G>$6F|fkzwAPtursQZ3EL3Y>C|4SJLN4m6^7Cw(-=K|B^V2r>pBE zg|2@QM<`3(Aj%M^Ar4mB{~R7`^55a{acBRzl}C~Pif4Iqaj>A}M=Tr`j;L)>(UT@( zE23i2Do~^g8LEfO8`Ca0R2&OP+RH-s*(#UWV&~Yr?Oqv*neax3M0uUL`|0`)-k*Ze z6F}k;{uUuO3(zERZ$o%0Y_rd!)xEnSTmZ$(KQPZjq6bncK8Vxle(HL6&JzGa_ZEiS zpoK=$BB9(~;`c1P78_gP{++|j^@*VdYll{@4s%FTi&7;4dsUM3v`6B=`Y_7CF=b$) z*oWtnNe~6uipNX)HICwxeS1e{Tm7;zBJUQrFpXda(IANTXEDl%RokBtmo{@Ex=lTG z7qUp3Z=St5%~P=ABVrGr7~DhPxe;)EAE0l1NqK48RwV#s9~hhu{l{*eHj<*zO&NTj#0C|1INiF^6mD{{O9-|2r8U z>HOblcy!qDf7^Hz{_l4>%bPNLY_U9A)=t3RG9#xNX#b#TRw6aG3R_YSnNCFp&ytni z0KO#4v)q!B<~_0{lSf7Ab%11Q%(S5x@;$!n=mN8ul}iBBuqn4>F3~O8b7xxor@P4F z1g7%5zB1rP;3P}WVVzoN zLk%`#Kw797aX*nW9(@5>8q5_T!dOK)MRbBs^eo#D+`O4Bz)TYMxY=w&nDb_~05eZ` zw-Lm=kuAV0CF|P=WT~AkK%Hk3+z9BrnJvH^P0)tmk`}f>E0BkRO$h~UV++voEOZ-z z%Nuzpc+GrwH67nNJy6+GPyfRt;{6YTNVORM{b)SY?f=KaVdwv~l}FM4T#(s)Fn))D@M*0DcNk z<`e^Kn)OL5$BgVymaVfi(nQY&f^}Ilyx4MbOVJ{w4eIbJMsP?)abvn0ZZrk&d2OMn z!5tJUYHa-$Ot>>7lhc>AJ zfjQbyE!-*n7h}LMRgg!iAep1eB%yMZT9Hf%W_f$Lh38v1g`ZxznKuK@|9wB~|Lx}U z;ny8U6m12KB*o<|#3W!6r*oGazwiHWh9@T{e>e(iKi)`vYXc&74kC$_of?x09w)@~ zQeCf-7nJ9Ner$|iK9sguzd7`S#oS=}c2MvylNB^H60Eku2C{cGBB&QMO1f5>BySq!-`UX` z+5ZV#2mgYnV3uVGI^Ew-;S_!v4GF^c)BV@4uYNyxwm(u${^dXes={m3|Jx1Gdi}Kf z{`u9rUtay=CiwdoNM8L%@9#Sf*v;Z=q5-6^7_QAbRHH>sS7-NnF_{FPpii;!eE(|y z-Tp88ulD}|`T$M`VDw9G59pUI9|3@Io2DtE5=mrtEj50WdDF`BP zyUH-{LCXve4soI9pOQF&QN~}758-i7=NXF6()=XFW6X7S>0eG-RZe2?+K2W&f8 z1vV(M%2*W1Sd=X_=M|h2{=>Ft^t+A}qIi*d5Dmg$9%N`RCzY#ppscgq2pS!)!+Ovr zbf)7E=MQHO&}KCx5$2u~0?ytuNP1vh&V!9GPQ{=o;>btd+o`-GcsVv=`ipj>ezCEe zVr#N@`0tl^9%uvdr-G?h0Rx{qvx`UhH01v{L)#|*cW~74f8Xp;_&*`$w95aLSdTt7 z{x2U&r~2De^(X1memv!0_24?yPN&-W4xWbRKQT&fIsf0$ff4`nVAT2lZs$?Xe=@u6 z9{xpE?2ql_XXAKyn@>6i>m0A7<_*UIK84tuiX+IhZy}p}f=vE`gl>3otp`tmpRz*- zIG-lS0Zx=nkS2-mu(nPMbVsI^ha5qymeT8b=5(~B8yzXljw2Ne23@I&q>`OtEtVY(_XW;KT)x2k|D ze^C5VO(YdIoP%RDoqw`6j>lb(ha%q#Mj1>et|!KzzRm6Wtmw7}(lmP_5zVqVl}$aBmr_5Qbi|GrR*?RxF$DJ0 zo4Lt(zIW*Il{b@CPHcp{WWG1llQ2%zmUirWjO*BmyQ^@xXx*+}k1oZv#-!V~aB?c_ zAo6W2!Sr~=qaXfhD*rL>^)~gthlfKw{?oznQRn}+l}DBT*zC3}0v1O+cyv;r7|Nei z|BG>o;QB6!QhmmmGmKU;=W@>$MX>z2L>H{zLi6s?dg2bReFK7s=bWfFDw}d!wfvZn z(1;e^o^hUm|7j2GL~%MNp+^8eAK{rqpEu-;@^w_w5GKz=4`AOEbt4M@RMKnRx2U=2KOOY6M6s2c(($It= zX<$B4XB-v`BA8KmYR>dwGf~qRtXKkVmG<2 z4Le+Y`>`AR)FPTeH_T?MtJr_O3_RQcO=_&EuJOA-vFo{<{7S1*fE?hQ zhxhIZorht3?-;_gVvMt^D!_Yr2Nhylx-@2K3a44u{ZFqi#igqkt_?5Vo{9}e~S-{YgBlaBx2##7G8vZ?p* z)ITH-OMR=a%tQGqg_uOXjPGH3#h`J3^BOK;s$0ye`BzCj`{{2unwM2nL8~~<8H9lB z71jDlYq#O)tpQO6ah=n>BdOg(pKAJ_-n!oY2g2W{%fN%@o)<5otbrYH1^pkNjCB3a zcs%Ux|F`mJ_y1&u0h?m*64T&GoC3TCHqi*-`oy#`Uq9cMMZnvi&o6{M!2VC*%1seO zfPoBLw&wSUs7>;MBYceDYV=k^q~La=6$5Avs_hG`h-v$9Rohp6n^ci3a_4YQuV8a1 z(@H3^HFB#B+sf}@)yrO*;au)-03$3^8W~}^yrY#aPR8y&zzuR#BDINE)Mw2NLyf2c zyr-}%YsvC1o%xoE=HRpfsu!C6mE%H(@;M9htCtTDaOo;4$cCTm8$+60STk~#8Z!lO zTwic!5wSU`TYclv+wP3CdBcm$G3USmaS9x*ZD$X-2nExK&>6lIHNrxuk)W|AGV88r zg9|o`JqUgZFjiYZq4#H+JrPP#|45vB4J>(C#7bBcdla)E+q3f^1x&+cs;htQ3B zd&XKPvPkcy#CD32PrV|!sK)!?6sX-jkpg9~+hjsf5*|TC(A&2V4-*bv^Ut7NX1*@} zmo7rMhU*u3s`$Ud@krzUhQ|k;{J)h);s4&^Np6qfBWtGP^K^VXya6fcs0I<0tTJ){ zYtXsUuDF?qn*_h4@gmXv;v0aHw{hc?TA}eiMN)wc`V?){>~jgz+fDi-^$Yr9Xy5+{ zj1Zq1_SdyQR&M z{u$Mxb@@NEAT)n17O?96=kP@L{~3)BjywKu8;`30W0TyX&X2X&ae)?;w9E*a%o*=W z7DO3++)d%fMUXWDXjJL7*B zb@=1nozsA^YKY2FLDrJ^!W|9A0>@>ZiJ6&4ri4f-ke|? z#+oUk2^&NX5mmP=4|?I z!>9(41%9K`%8O4DG!;)auzB^{$7JD7CZRi(tR+*pjPIcD00(|busCG8El>-1(mScW z7NYQ6K1C(?au{gM5u^GBuyIKpIfR>8x*5EKdct46Qluej=KYOE$X4r98r`{MaoE=c zG3jqGer08R0a^Uth~;T{NQrZu^S`MqSS9}*9O&`i4o63w|L0a7dcaF-yB+b*I5+G2 ze;V$dHBRzcewn2(wQ%biSR!`UISu`?8`q}ZopU!?+qJU*)&hr47rdXlNo)R`KbBhU z(L6QiKM9<%i3YHW{vRFd`oDvNVW8BwAHz4?>{{5`^n$G=sX}f1X z|6b?#FvqpVp+U5B*0d_1XZb*#=AY5e=IO#Ft~l4q4Tw|jdXHOac+?QMDh?Q2ru0}b zfn=cZbHt}^&2GAq50hn4a3#6F;$iICf^d-#c$R1YnUTq}UYN1?^#AB&r00J=JUTw;=>IkzM*r!>cb`Op z319vUq#54qEFcXJ=CoO<)iqRsz;WgJJJPS#wS)}tC#7f1(oF;RHiRIB6PUutgL{~! zxzvarH^b2>)v9;Y6r-&zqXAY(9uF=h|CaStXy&HSXQ3cA_3NRxSu9KlpiPs=3G5z- zhZIO)DvUDV65?;!J%kaMFTyNHLN=p{zS9T^l0)8Cyp+W2ityFy(Nd&_oQCnO8v=(+ zS$Jz|rtB34to*?BeeNQl&46^_^#LOv!AzYt-sfNu1xuJBILIdZZWzY*eLBc~fRAhy z59XbrjI%Iy{h!^?jXaoMUX^?@{f;PCJDwI0DP3ZiKUdlfEMS}lFpdLU0*lqIzZo7+>-+S(F-wGlQe{;mpc!bU5=if@qpT zga&tuTbM>LgJ=-MT)1Lse-QF!5Hn29EXxv9ORmy5i@i9MLmXvZ!Zy6v_m*IJ z%nlKQ#>_XgGoAo#(6zjLk=bFwK(a-7nBYU$_3ob00N5hz10Mzu33yovd~EPafVaFy zIWO@W1W2&=8b?RqC6GvflXn`_^hW8*Qd;_=)rn#s+G>dRIz#%Lq;~+Mf0OkzS$$m4 zWRU2X&KNI6epGSAX5}Et*xv;}O2e)LYF^v|u+$a{I4`}?q~sFNm1f8Qw7IbiL(D~; zLGZ$sA&7R^0L1V5;7d&q;O)zVD;(tYD(wz!CGam+m4hy?@9_&*BneDunS7#YDQV)r@NoK~O)0E~RB=y~%i_W< z2tOKXeBiuh6XjUriV)SmGM6e23-uS$%?hth^6T*Kgr-W)vtwdjT@mvjdM%M9vd{_? zMN&!2uy#XvSaQ4T39Gbx`qt*JzuYU z_fG@w;7m!2Q9sKt3(OrdJ!&A2Gh$c2RJV!ZJr~Y*}!@JDT8U`hBP^x_<4Dy z$9pxe-GX<6eV-d9QJu2el(U~%2 zx%8;Yj~2<%4y);erOp*;tlpxx6z#3Y$XHscz4EJ}DCF!or%9SfN?6S@;N=|eyqy~h zTWjYnIcu(OL#l9C_=Rc*%M!54H0rgAk_$nrB_~FZq0*@x=b@5-f@)YcUWk%bi1WLn?l_qF|cwipE zJ}0s-Q$k;z7I-qrr2^ZH9J!D4+|cP+Ro3}+8tbTLc4M37-a44IQyDXW%=kKAzdo_{ z#EqG96#mJ@#*OHIki2l`L1-cQ%2PrA4~~v>`|qQ}aTot*E00G1`HZ$f@_Ad2jmqb6 zKQ!CNd$MJypSbg@GO{jtvSzM#CsXxn;?Q`FUppj)?gXaK7H-JjFg0KPsyw;91Pbe` zIoVf7+K}G!PIEx41YhlgQu-Y9B7+NyAqi^;ACCzPR?pIP-46&H}+U4 z;Gg^1i2fspP!LDwlSvQ-S)mwMLH{we*W|yG;kfhv-O8iU|7$v4&wzevKp|zub~%5zRjyMm;lp% zmo;EBpB5jv^Dg^oaeXZ`FEU!9{=3#*Wht7M$gRP-=*qtI_*$HVv6~%Z(J+X_zm8$# zFPe{2>f^|J81}&KRQmnb=QJW;bhIu%$_e0R90GNJ}V%)ZI*_STu z982W9e=41;Krqi*HvC3r>-IM_?ZvKbX4mYs>KR7%-Htheq_&?iu3g|zc(uX+#XmpZCdf>IS;|WGcrKM=Q)OxHtkK2= z2hcx%FAT!BXVcbTQ8qdMdC=ynaKKgP|Jc<3jywPV?L6A~FG6^?diF;my6Yo6_jBOe zJ@YxLy94>pqzLZL-cC6Go}Sw0|GDSIizr(s4M3&+*NJZbKR!O`{J*yHDCa+$Q z@?hVVr{eq{507;JuY=LyVR!y-<0%)n>C_L%%n!Von>5Hi})ftsLulA#Y>p3>Mm1Jq4q-c zMGXWapC+k854K`+`0B3N68Iiq@tXLny*g?jvfXuT;<61`TUyezqc0$f{~IwX+cADW z@Y8_*izeve`m!nWS111aNZ0?2y8O>udWeeW^^0q8aecYbB@bg2=_0Y{d`gr(nEI@t z?0Eu!p9V{q(n{peWQFPb!4p8V)Vu`!8@SX$f_$C1DP$kk zNzz}&;bIPn-v+xppl^O96-m#zisC8yUr&)^1BGGN_JyEU{y^qR>gqhp(%^QHaeGKU zYZgBftvAg$l1*qyJqn9d?azI@HK6}!e)}-=|H!!iAC0^GAKQ88{r{_<+oJz;kvw+# zj}g+C{_~;#(DZ+QO9uckkyrZO-+#K?f4XGCP4$t`D=w&<0X+&w6#MWxbEohcdMV7_ z!U=^W;tr2?@M!^*xC~lx_wkluc<`Ek{yxu|CiI{FaS^%*Rk?gCPX+xy9E}fk`>*c) zcT10S|9eg67mx`CIX&3$K+smrcXb_HkFFadXjundaxJ|76QMDe6CgtY0>r@fK^&1G zspleoegeShJ0OMGB8?DmoIP+q3%nVaLpMSog&!9XWkECrF1Y%gD6HZ|20Yw>)Wr40 z`OD}1|Nq5x-W2YS7}OEfR2%_z&pQp{TQ?j8pDyrBT+rDu(3iIjo`(psR_P$pU>Zbj zC4fZH5yY&u9CyX_+y7 zz8-A0D$rU=X4H*Z30`?yR;aWK15cTb?~lXnp0a06{{QzTP9RnKpOZtK|35q#cJ?1z zdFpV$WQPxynwLczc9F&5kCHTA1}KOlnA%L#6;Z`b=cN{Itj6fFncTD$*Z*MJ&=o%t4D8#WmJ>h$=q;alJJ~8xC}Oho9N;Xy%mEHL!kz_~B1RMB0Ebu)Il!64 zD7$jA8GiNYcS0B(;2@&1c7WrN%pr3(ae(8)W#Acfw2(Ana2QZ!iA?3CA`?Jdu_4W4 zed$1y`yuGLTB%CkrsbdO2LmOt`a$Fei1@Q%G|q1Y!o3B`;(1kuq=H_hp2`oDB5X>H zt#goA4iTxv^$i?-H*;z5BC8N@Ejh3lGg2n5Xz*HHjsU^hIpvmj<f9(D1aw9jEC<@PSJ_WvPIlAOe zqVB34+EFt{R+Vk_)J3Nx+vD+exWP0XH&1c`w@d(uyipWY zRVHGlT}lEA3%7N{!diJwsGzKt+e{au0#)%55{sd#H4-wMn0`m-)z3RIM>2nX**e5q zZxIiQm!fquBQ3{PGK??g0dc{D)rIp()MU^GG{zr5v={cj5kn6JbO@m)D@*JI{p0Gr z!cTkkma@Gs!Ogpu@6Nz^nv#1!vUCAhj$%BKDfc<^SFP``>&bR$In1+8nuE@K2fV@^Euycz9}l?(wq

u?H4>rPxqJ@AuiQWXpvB*O|a z_0nlSR8}sc{@W)gqlR|Slgg+8gg!kPwPjZSJTmH1@}FzIZj}RD{eKSq_g^Q6&rde; z-#Ut}<$wd(d!6)UXcd1B|(jFsrwx+&ubK8&Eg@f;kVt*JPFnnK1D!*vvpAlG?nId@aSr4Ritnf{Hb(a8qfLjO+=_x=1& z$493d`F|}%2b@9-6Rw9m@C_>GFZCiSlijvae72$5{rgBPBV^ElTbphOYu^&EUj<03lu|*l{r?9 z21M#@T~zQFZ_h;`0C#9%Yaua;wyW<_Wv&YJk8A}5LZs8_0* z4q0SHIX!V z-X5O}s&2Nw7g462ZRYcMm~{%8@iuTi>xlEVol15qg(H+Io+4W7Kg-0yMPz1Yh8lQD zao81iZNgo378xX*Jb$#N8*bt1#|wi2y6$6~RzP9^`|F$f;&>fal6@FOhU^}l=`@BNbXiTh+qi~e`K zU$OrkJU`y(e`_g@{wE(kaB-*|$xAHy3Ut5*X6A9R@{eYPu&j3`b+{2^uFsFw{7h^k zm@NQIIil)vi%`H|h85BMsI<#+stmEL)h8`&(gX$?T7P;~>J-l3bRN4&sbNNu=X4_m zgA&t;6=-Gm3!%$*Q!U1`G}XF95n9MXzqIVCXQ^XCr=V0CoD7Z+)n)7vISGMe0vy}^ zTs{nJusmz0AkX3)ey^yW3AVo@oR&`r9d*+Pxpq78t(0k6<==cB7xJ$yfcxPi<#FQh z4rjLjXPgxI{)}5(mMEXM9ZOC&2TqU)p?|>aRw$&IIGqklZgiuUSVB#Khp9(VB;* zC}z0xeSy6xL^ohe$yB*imhV9s;v8qUOwc`)u^AP$GjuOw3t|Rh2_XUZ6O;jHw^WL& zo3^sUqto_%QMVTUQ_1>gs|`<)ZIb)KqmC|#u+XUBFAgzGQbdmq*=$;0*XgXXx=!a3 zMlIq6vzO~9*2e;EXUFwe$VOoQOiNGsUucc1mj4e=_bd4yo}WD5$p7mo0r?;L^8a;? z;uXpNHCBgD=ia9rL?6k#_MXQT=laNOzlD+vStiR8a?nm`S&#-+rpdEb+4|wxT`dFu z)%O=sz@&62R~;#@CyA4eR%@bztHn?Ox8)d%Ay=lvif;bLAA|C*B1y#1OCnK~hT6=5 zD-3m9GdJ=W_~7LThK)#fk)zZs7rLVpuH&~N)~k}0YT{IQ!l>+8dhnSIZQoAX9af}k z7nu%o-rGWM_24YRaJwlqt94w;c@&#bOp96wIYF{|88Y7L>?1XSw)6iP$LZcLaK=fF z=(K0*Z&{l8|G~k@X(j*1$tM2$dWvG{B;ye4$lhY5cg0d;nJ|%oU&#oxGf3${Q0$V( zVsGMue363^-`m&*Jzs2Nz_f3<^jIAvxre9r<-SW8D0NIhaWnuf3Mu zkXgp%-UXbHVl-PL$dEul8oc)83y>0b(P4%;fX2a1QW#FagrtcQD@sVJt((eJg7}62 zGDp-2M+UP5+(H@lJ3}ZzJ~Y?yV`^Nf>zzGpYm=;QoH@*&Vr8zZMJ)-NnpXdJ%z%b4 z91e?1SfkShVHRCh>?(xTHHjzWKCAz6N&>gM(s4tGOZ9S6IX_~@1uwN#m)!r^?&C#m zt-$SdjgP4ctL7hpkSl=eReC<-1UL%@G=Op=aqUSyCRDB;uum8-PBmbD?w-hGGuey7W z@a=?0XCOL?DnCl6WVD-0pXBHa$d7Cm$CA$NjL?`+v@5?#n;<6Hj{HmP4U`OWl3eQx zZHnZ>Pvzcx2Hv7Mq5~k6KZwOnP};y>LTo{i&hBhMUBPSirPsz>s=M>4zG+7o=Nq2N z^g+rY=M2C!#~Hd5A9V$W;u*z!pmn3J7W8E&e`1aioZ@q6X&o6#?_x-E)?=N4z@_zdI z-4AbHz1JTd4Na94Pce5eiu2hSINaagpIRTMXiCK79e#t0`6MG3&>UrmIiS=|MjudY z!za@z%qruGA@{!Q@oBy{K``Z$MLD?$CU_0~$c;S9AGMcC+g-3X!r301SYLKcZ;;+H zyXx;&2PmEp5M2wLWquf+xBN;*!{N~O(d1+nPh6xb@Xj5Y9TQ4XEa6*ZJxlD4WG5aA z@qA)QDn)^k_}SA`3T8&eD{bd0mslwPT1=t}W5!f|o+$E|n&mu5QkgHhQo#oCqM=@p zB^AwYDVgPt)Z-D8VNR0an0+JbH6eK$tl@O?qN!#xo?WJi3d|Xv`;wOhDEm4@41 zD}|m+CI|lbL;l0Yy3!u}{=3HgYso{+Wt@ZYjEOH2MgURO+@3&%`Wg6XOa1HT_9k%5 z1(*7%ZMZd{q8>~At{@pL3oX=(z6)K_qve-*cJ{?>`%0JCHmA(_;}1K!MUntXL1bPk zPRPGiCqb3H8KZkl@PKU0jz1*ymwTMSI0d^9sHxfgM&hVWy53q8{0@XJAUB^Fj6aG9 z?B=1bb=$C2yYXBjIic$3o?io*#j^|(7n20}+k2T*m)&A0-pxjcW{4y9i#heu2fWtVQF^=dj zF;1ut-7M(x&>5n093vNcz?yBpH?;JduW^5m|JO5wfgJ%iK-On$pmt&AT+3z64-n8%Uzt_W_JB>jw0_a(WB<20dX zT|*Dy<}ihd!$-|iR=pPsxZd&$9jFZz^N)}VwP;^;>+r_znKLz&aRYUNpCC-zQ?ytCfphI9=ofYqy7Ib$yk!$_=3XKkm^;nz4&W4t5844E!x< z1FPCL@EDkTcMEb;D_b&h1ta@+^DM&#-Usae*bhR@s&iWZM*bmNHb#`cff>9-wEmZx zO;L)RTH<7trzgSL3*x%P)kE`V&xSnhK|=*KB2+dXs$6&Kse}AGhAFy0l&e3*h=j}r zIl5$QhIA_}@LZI?R>=Gc2HGx;WTccx?h%lREhj<`16peGRj#4Z7U{uRd@@ zGnmRzB?PILf;v(=Pz|c?H%|X%H-vlhr>^mVUf=CnZdge-0^7aJ~GGNZ{fDy{i(|iK!Sis7|qp&h?tWq#%Z~N&}KmGad8Mj7rmN`9SwdoHCdsDl513EH zp*znKqnlSj)dSlqhF92S!o($IHL< z0Ijo8dv7Q9df`6s5#P}bbXK}k~@v7#V zOkJtvHdH72vGNSb&zaE|)Js%b2)1geSF*Cb{-=G=En}=5jrBJ-7n=R*)*GawU#RRw0`(CB zCcl`TCY2@0eGtAvs(dvJ2Rq5tbB?et%) zyjb-c@)F0qKM#OeMnro*V5RjM`E}`lBAdvt-=Q`t9(Yl`KAn*r=-VMUrIV>m_?;-- z)`eB|j0XDB5z{+#W5S)+^x$UwkaJqjUMqNK%v(_L&Mld8!C`*k-qbV7a^l;&)5G3M zbx&z+Pamu7yD8o2zrHE`#qzIMRsR2jgOdY4|NqG*|I>O(B_ya7J=-|QO7EJU&p?p8 zI@FE@7HJo-nDdTVR1H~gikcp^bRU4r)&iWW?uqO2=Q_`(lBzj9D)nR7UEbZ&0PH{$ zzjB!U@VNm|r!x;<+euKhh|DBz>%mkru-G`fu<{9Y71mXDf7RY0`vpvu(newYJCH7x zwG7gRv?2T-ed$gAv;21T^1q+|@9^+wL;u%Oy3l{I=6&hE*d`(RFMeQlEHeo_K>o#d z)Peqs=7Ov$z!my0@aRhab(fFD01T#XZ;c#4G;uh9HLXv;0bI;CoZvGked)h>>(qw@ zwA%lV{P>@T&rdh@|Fx7R`fuo_AvoswS3g!zc^%i`exMg&#pMIKx(92)OG*LNvf6eq z^P8cx-}yc;)oN?RXpKp=VK~X^m0m&ffZ#ih(`tYdonTeNwx8tuR^zMJdV#B71lk+G zs-f)M79KxLaH?Z<+~YKrfm81(=F;M>9#KGQN3@#~D(b@w9QfOG2VkzeeqjbMV{Rlo zR=&w7GX#Nz+^b`diVZDay$d|7hVs(IMy3gcqFvQXy@p%+e6)x3u^gN2OaG^cQyj0B z{-5sq_rHhFH}?PalrHkWUh|%G-|UnS-8T>|J-~blr~+@w+Ksw^1$D~?XA>iXRac$B z^lf6e2EeXBH?T4HI`#%o=mw^Vr5;pCueSys>D4g_T)DseQIfjoO+nsBhKj8q2%nfH zSY#6(s_-H@ofn(sIiVaS!>ZeU$OV3d^sqsnQ5@@8iZXwix4}WJKIP~>W?8H^DjiV! zcom|)^k1y%itRs#2Zt5;|8Nuke?3KcR4BTt11sa~77TTEKKZnmSx-x4#C^t0CO0Xn zjc1vP$$=S=B4+~1bU_wxF;qyp)XSjd;1#ylHNHwyrgPcizy89r5{N_UF z(<^=Hzmd6DdjGTkylVg3-2bel)W-j1j!xEFC3~#P9##e(stfV6BAv?&<>}QfjY(h4 z%gjfk@}(=SOxN-@z@w{My1%E?xcue$q?E3{^xwq3@52Dv?0@@*e*E{NgTqb!@3oXw z$A2&OM~DL$n9AN(q)`aS{Z7qB$-lr;aD=j%FaDcfI%@zWD1G(wgN^PAbpdApmCoy~ ze~MO(_dh>)tMTv)pc1ps<_f47Qs+ycauRBjLn8~;D5_YU3)rj- zj|&HmNmbd_cnm^L7up!iP8AH}C4Xe0W78MohZ?|lh=Kp;_%*6(2^ zb8<_{Niv|5*0LQf_Ll&qk^$9g>X8t15JMRUmE_jL_efA*G`wV&8c&Zako=XviFF9I zTFlBEQ9KR>Sp^ZvRdj`|p-ikWtcDFJq6n9xk+Z^f)VMj3m$x{ZAzS^h6t@E9isoi9 zo+6mQJJX9yt1Q+mr3fYqvv4RGf(t1Tqzf^Z#b-dWxN#({F>#9wD0|=K3FIo$p2`^W z2IgKmkU;vMntU*IMdyhz%fjPbGsC+|y9U4+O$#^=xD9TOD8nQxC+B4cj%@N*I-xJ;Bhf%OqhMVs_0* zo>y%E)s90PYwt_&9Yf<;DqWaj$Pfc5z7sS~g`D2?BKfyX0=~@%MVBpDMV(U)m^Pj0 zUf1)l#Fu5H|JMAEhX+Ug`~Sn|CmZ|UT1pT3Uu^-86oeE2RWT6jaPLd-4Uu+!U`zi@ z8Q(Lcu+tz==(P7(~CQEPIaG%{LET?3O_yo;Z zq1Cl);p+Guh#n$i#N!D{-sMJ>UZqt-{liN8Q)AJ%hsxeFCbKN5F=M!hR)g+o&|fQK zP`Z%qKIAEmF;5o&vOAPiFKF#!?DLW_#Ob^26{TKsmlm@L`x#6i)9kF&u%&~PHz!TU zQB9LKY<IB~fg_!g}KMqH+)ajgc&nE~KiH7t3h& zoB_RS=gW68LCYYOG9@RWDgiW%!^WPHu!$N1><`jWpfLKlHlHH9GCN6V4z=+x!YCVA;^b4;980?IJ*V+ zDC6LslI(WaeFfCu%`l4_511uj3h7D%g(Yf!A;|5EW-B zvew*$)Gbe16NvKqK>w?AL}pLxE(in*rJ5`zC?HJZEI}W3z*anMBqEXczwIIBXc~~R zx8iB&psS?~+`o9&fRY!h2*{$NDyMaisOhZvaMm5qVC&$)tT~!pPNXB>)}G07{wga} ze{8>&XCRpg`B%s}*3x@)kcH`B%}FfA`zCnmLV5M-58eaMR^@!f(|#wb>2&o_m0OLn z{@N8g#!-Oe1n!s}jyY3w2r?zu`}Qy`sdFOabh~dYTZKC*w5*~d6+m3s+>~JE_oNXI z<_X)}vVF3p-TpsEDWYWWml2HbX8AQI6yBoOB$iIp-xu!G4L1TU_kTwRhyMG&)1!_3 ze?3LghwtSQgRep>49X?8UiDuHNkY2ro6T}I`0cj_vys|GL$!&R>LS%$3`?i{!jj}X zfGGb^WV!tNYyf~()Xt=DgZKlOL~q)`LFt790IYVhau6F6gX1q7Fk+?xbp6fnHcptgNL&S$dKI^mB7=M8E%-q6B3e!}P%zl%STzVOV+d z_%K8yyydYe6Wpu>nLD&-!Nti75XXqIH^fW*x+V9g_^fjBt31K)5lr4?=^|49lqRQ| zG&n`#;c#CTd|$D1rPL17@KXu*XKhm@nS7@#MAscKnsIPTxE5re{Yr2Kq8$*qNQ4pX zm)XW&Wc5#j`$N~*f!1@oIcvgLrL3zfZGtm;Vf3xJEHWy<$MM`F}q@ z^7H>3?VlcP?6=rm$oT4#S5cEIoD+9synB`J7C`=D`2(TGN zppblUnFh>FbZshl*@TMko>E)VSQ&poW`Q}dV-z>Xeq8a#vQ z^IigAu?KfRtbC<~-l4GftgLz}9K2LT$Blj9S+^oP)8DSn0WS}WJsa{q#%^jd zPE`{(*|nVXS2Zc6?E2~k$Sg`qW=W*SWjf!sy%9vL-M%tdcmB`BR-dJ) zlgY;^E&TuBc)#-g>vR+UaXrPh|6J=8UaiT;?3*XE@)!h`Fzf_ze|%d`fpJxR^Oq{D zwiy5|Dr7JT?u?;#_Zgz^(HK#b#fV*IN@;9KhdUx9b=gNfDAyv;KDM9gK^cR9%K3_5 z*2PhNqps@Go&L{BI-8>F4CZV?c%KV^Hv0ek(2xIgdV09g|JG7$`u}}!g;&cB)GlJW zk0-wY$Ps0jaY0a)U=JMz^Q4AnV-rUoZWz zX5}3sP*X>eg}UF`?-6QRp1Fjh4!#7xD-=wgr(jt2ve5@k>2dz!6r+qQN8gpk|2?YQ z{~ewlZutLNN~iO0ue{6otsj&CV1H;o-gfmf`;NrkYBBt3mL(}tr`G&+W{!1D<)X{q z!9Qk%qw1Nj>25|-Rd+_ynodNOrQw_C5VD5;<4g(@LeHq_(S+4i{^1T8Q|+XebBD(2 zMUM~Rw<4lOuwf4Q#8egkJ`0dkXBxup(M>%N%8MQd<)I!nM!iQUJ?KB3rKn%xM_tBoHmG!5rIiUZus*ssIWN zFeK*H&?NmQ%<(sr%<}qP)Xxv;Lp{5wA4>WALwcczkr|CqO((_AOZ8Eu;1Vc{NnX^I zfAr=G8`}N!r3d|=_rCborJ4R8oE}y4KOUVPZ0P?wN+=6Re%;(-svk9Txe(xAC>~Bd_&R!^)+DCCK zaET*+u-)m+%w@L`h^8~H{<-by2d+20f-M1UuWB0V{pHmI_`tL{Ui2Cp`QL{53M{5Z zg!LSWY4!+<>botl6w7y`0i^rRe-)c9#^v&vineL;P|8OF#*mHTV|uQdCJA@ zH@M2?mtN121Xq0#zw)V&XQ1e_$4rF9(NLBmXT<~NsP1F48?R|?m3-X+d+m`eEm4)k zSDlB5FrOd_ewxwrXFw?UNkeK_J|!z8B@G)9K6%Jm+R-(vT5VH8_c6*=YdW8GvV${%=6mVhL+B|tILxvT zB3uN!ahSq7)3iQCsvXy4vIHkFZ69Nc)({*Y`2f@Gf&Syk0o?{**^>I>Up9U!^h+yM zf9#94Yeara8og{~??S~$jX+eyic2C8eOUA*BZ+XiaXTa$E2lBHG}EY&|&!c$xcN(^>J(G^K?TuG3etFKLyEb9p%5(0Ks`%;E& zk3jS_#Azt|n!7N%HwW4>61Ov?wXBkhu^vco(cE1a`Eu@I%Tj`H*X7j*81o23ul_N^ zbC{xxcV8R_<}#~ejcYAy;~~84;@A&7rTxh^Ty0wt0K(Z^d#VOkufq&!BiPSCb`+SS z`w7YfN%y;wiHNlRu^L&<8?$Af>po&{zcw|j+sU$OU?;ytbIDCE$8QlzP||%LI}n%I z$HCcu{O#=Fy&77>aDrZq$0+8N0NhA^Zl^Ui2y1;vCg{KT&%5j;UA&)V?MtM)v_USj zKvwhhuxcA!J&0wHHt}=u+Rhsl5?BUx{a5ZNEzu<(G>aO_a_(P z`i0?Qr&M$|f2?{J;!JQmobl7+2t?zQK=H5bWj0l}u?vMX132U87SUBGrQX20&DFD% zgJ(G7_49M^s8et&U$j$|8Fzn)Y3Q(r8%BTIHu|IeM;(5O7*k_ETEpN2lkwYwpT2BL zzx)4U$@+SLwfKJ>9v}PppAJq>4>$M!>nL6B|D8*J>tfOT-og88*K=+S-`*8qnzVRX z$@x_4ELwFps@Fng73;&&Km&rmtXciObQiWbDyvu@mImrlV%5g|CP5Et9i3~R{0v1L*fUOkgwwPE%(m?d7(%0IOX}!@4o2>`7IfUoopJdSi4z_8 zKcROifyv%4F(uirWOSXQc$M#ejt&nh?|)A>@t@aIbaXC~{f&%(SlNffcraUKXzi5F zfxG+=4_$*gxS=3SN1SXv4>}+ojWy5=XhjWx*I3)CTPyDqf zst*T1bQ;enMOnNsT>Cst$^8!an$QtWb^xK^J<3xUqak>y-ulYKU$WXz3o9u38yT^0 zG2?_TUgIg|3d3wR9U&@)q-udN&M=#x1pG=y5)4Hg;>-noAi%Pjd>%ZWrEQ?gn%%%3 zN$?y}j@qDjj0r7T%2oQ6jD*69IS_mrv0_aUDP710 zFk1kMAR`_g8BT{<3i&6=^qQK#bV?b!zR9h1^Pd9%{{MOd$^;4ny{nsq-QeckU6H%1 zF(l5I%fY|_l{4w~IjBW~=4gkwhT#8a12>e5c z`|m)DUdJnpW3Va9l|J%c0@0LY4Dp^4V4MBt=)jNvb#%DDdH=VTA_cvda$&C#U!4T# z?3FdkfE3L!!z61GiAb7AsSU^Q8gWY!690lias!m4=?KPmN*JP$quYf7Qw*;7E?UhP zQedPksPdHwDJUliQ;Kbd?g7aV8}<=LyqR3JKw<{qOC;vI#Y*3kG{xDiilZwzYIvqS zW)-UBGrpOGd2MD{2z?9vqOe5K7KVze`w-3^rf!sKYX4?QNK(WiG!zumYZFc3hwm~t zhd70!RKV}n=6XhNQMA3S?Sc01XYTb*ZxqY}OZRhiDQqA^w=$@`dFh9i8l{Dh{Lqey ztX7Xi)mHQ;wAQS?^y2?0Psw76vYrA!8~=ZP;@f|Yjt@5RpVm?o|1TDHg#v)HS=KHA zNY2iDu5Z2%*CHj9v$_s3!JF@=loOCjg5XAs&{Hn}9Jq#!P!wuY-3{hkLV4kd82WSF zy}}C2Csx<{RpUvy;{=~8>aJ2oVjJmbBOR?;I_ks!m%01-mv;VteE9s-zyI0aKiTmA zbri|vS9lpQGyx+7=q!^QK5&_nLkiOrrI<}sS5x=_PiNCWmm%N+ zGUW0ir2Ga?5#STZ z3v{M%A^k&TH)g_R{RQJ_3e-Xf7>G`BCa5Cj{}aq%IzwPOW74ZOCk)H>+Q)PVF2^!6 zj=B=sDesjS$j}_o5?TV1nZi+duE^^np6Y>~k2#`W>qR;PH#e_CKY&zhA~h8$9wT{8 zMaBTib0UX3fvj9?^Z~^)IbYB8gX#;lZxA39d@VQEwj6`pabt|qM4-+P->E|mz_D^J zMY2=f7ux}ti>4^Ww^(o`?T$O+WC}Tsq1c595`8B_@WVuG1Pua<{V%q?{&`0x7Z>A; z7jcTf?F>?wafBFnhK9F8(I-stKM`fyD(n6TfeFb76`(7FnPqA?y0?3h{gpSM7Mct( zn13QlN+=@~lPRhUS3?1KIza+RBmowyNfeMkk2S`NyHnHpfj`d`fqu$q7K%C+=DBU*fa$|aX2W9 z@8pzl5W`H2@9%F(c9|vU14{l5o@p6yTWqGko6o&egU7nev}jgGsorYg3HCNDFH4{G z%Oi^SE&>4w-{ml#yk`Gs$?YfV0@K|hmD@{a$5?t)xeX#0PW3|2-c==p49ifa4sQ_+ z?Xmvx$Do!#dY#nKD(hzSaNl?0w6n>Dn2(I|9Og=4Z^MnbZZehhv1+5Glqo@2h4dwWTst6d$Q{Z$Akx%) zS(NB369V-`3K{D-AAXZ%ySCU;gR~%e#8Y^Su4ZX^-7op5>*m5Kp306ra8{UBFmzmz zeVJoI7=Men*qR;Y$*R5V6bTSlmoGbZc6IskAst;_U3Bc|^6FyQj@SfJbVZ5K(%(9P z(pwH;sNJ$iC}l#QqSrXPV;wN4Hd^}3A*rrg?sF{%&aVIXr_K2P(Pa6{46VCXB$c<8Ore@Po@qYT|4?eE+A_*z(Qd1ViymQX(Z>pLJSIuh9e0_Hh$? z?K_5O7iL)0eHc5!Zb03fB=SZ}Xd4h`h%)VQuK()d6D_bST3qMwK0^FY`q+OMha8P(X z{_phgVB`O{mg2;JD3^1UQ6RpzvPWqd@DT()-^)TY_FOA;bJZ^B-)Fl~RBBgT^lUc@ zuXg`%1K%%`V=HV9sJ@4H7m4l!X$%qQJFRqY`fBF!z^t$_MfIK z%m0hl#vKHJcK+|b|2uttbh_dH>nQ&F|5XbBfqnA1O8~(kf3zY%`B?waMSyabZDfFM zGC+97HbTIrtg0-@|2y0M|D^-}KRnv^`2We#;pY9%T1xT$f5nV{WB2dyDtDzee`m;^ z!Qc6XX8vM&s1pgW-KpqkOl1<{`V5B;MupmHdc zn|j}*Z||A1vTfO~A0jj3V~Fc~hyM7>H}PihKl?~EWYleZKi!6>)ncW1w#j81iDUg` zN&c^0&AMFxwCevSM-~15c*FnKQY!wRE0zN+pTs|n1)yfkAFT;seYXJiM%&l`I@ti~ zrfg#b*pwBNCHcSk*vSac#{Z8G{rDfJ$NQW6|Fsm!-ha@m3BH01$Ey|ra*C&rE^Jn~ zB?(HOm>g9Ywgc2zp{nH;X$6jK?KB%yhJ|0(8lpiWx99JcUoDuD6+aX)}%- z<`G#}%8}IhqQdvAJ!^S^hRl?&I&IA_T#VdKFuces%Du2EEP7We6;UspAfQ?@Jl!PgLa-M3D+PM-faG02XllE#!7#?Nb}Lt*Tpd z`YuZsataHeI((e&EUGMzH%Hae5t^m$>bstX_vjxpOc8)wV&@NiM@dEtf6Lo4leKVC zZnALP4tP*HlY$Ds#k>@8CEbbH*dE&XKY zOOZ$R4a6Bh8K;Y!;Ec9w9GK6UwIl5I?GEkLqhIs^ro$JFqPZvdl zKkH$AgwpZ+i|JpQ0<@g})5D7Y@BZ=T{m*)eJpZo=OoX_S0;YmJu#QJwok~{{{}sg? z#52apR3>E};}o$S0GS4r0Gw$leYk+rwEY2sMrw#Ya0+koG;%^V>^uFx%GiurVTVDE zs7?^hfEDHg3K31>>WLuDZ-WI~0g(-V6$12@)At*Ahk)!}iGZRHA-)J{=g0FmuK}Wz zP}bg^o*naIBQnZ_CuhkBhbqPR8<;<1+uf%!maU{2s(vnY4<>$9oI=KW_2RVb(9;E? z9FK7fIqKC9i(!ha#vQs+k@))cqGJKJ!oHlsTLi9VX{x*FH*1yPgB=DVAA|!PpRr$e zZnVh`y}keH{GwM6bOhrLa9@4kh-NSaml;QN4C8*A0O{sM>keHS&7oIEMz83;FiR~+ z2k?v&3U5_l%zj;{hF#C))%X1tJfC-2Zxx2;I)gczkbXx|NAS^2d-v6U!rTtK&Ku5d zDeBpiZqot!H;|)yxB%x@m*72_^`x0pwCK{!w}j$<3dWhrIKk&LP9(jh{l+!PVTaCi z_)_^2bI}WaX1DCZ)kyLZGdh#W%)go?w>`N*pnZp4@6l*N$X!2rquO*ir<6<)pP(57 zZxE+A?zco!)utn(-hBfzcZS?!Km2Ub!&M;rz0NA4c%V2Mw{(rdf|5;CQuFqh3e`dSbbTbAh zlb)jwBYJBA!G5#+Hd5higZ)U-uv`}j5|fXz7$Y{6aE8j*LTFQuQ%EsP zMl0x3L+aKm$!^JNdR34*^%|!*zMGI4Lo4XG1lFlGi{{n+iVn4*!u#R2W<}zgz}))(wypm_$W!; zrUXhe{nx6(-Y-H|cqICNu>bt9djEg8iT|;dVwv<*#$&P4`q2w3WwOztvpK+3FD;6) zHJ+uZj8A>`qCsv_uX;p1HZ(1qn|9ypR$_ei0&E#kQGRgWy`a*;w=Mj)uBzWCSzefB zsn2UDx(+wd!;s^TVwk2vgpV%XUVRgV8{DBq1R^<$`mILkJ$xZUb^r)sk}q7RVef6x zbjJ8ggz^hfajTdaul8HLD#ms93$`n&?tZ}{YuOa?E+*GVCI6N`xrqECATq?=c0 ztbR*;1iT5MTtUNXLy}DA7&q=CBrEq~mmZk_`PQ0#w?jREIGss-wevu91DzVIVLuDf z=~ixj{N^wAw=hdm1SpEh9MJ_}oZ{@(!_oXIkAT28sszke75*JbFZjs(y{o|0)GoYB z{2ijVhuR_byE8M{ZjTk`_tHZqr)ZAJjM=w3W5nZ$&I<30Q)P)s3Avl)AetYDBVd?#-X15()YMhBCFNJ(R|0ZVMxSnC^S!BCf@zX(D=|#XLYO!cRG;NzZLHaOoU`dZU?B zGRH~b?Pk#KgC&UgB1e(g0F}o@m8Ux8w!0!EMbvU4=sCH$Y`^rB+NfM;dB8zr?@RMI zuBJjOrdkjf&U-$F51ctKS<6($FEJD-+OAYEKM5K!A&Kem7r9X)|20=|YgsbLQ*SP7 zpzYi1qU3yL*%Zibt0(=vob`Ly7Q1=(^4*z1s$d^XPO;e_Q<7m$1mhYiXX^iZhA2kN z<;hhx|FsmI^mUfxV%iDS6Bv`xm8eja6aylbaYPNtSI;b+VaCMF`00o$58O@Po|F}t z8>vX}-_hxDg5nmL<`ovQ3qTo?yhPnHDRJf=3V9|Osc8_Cf|8+moF?yu?-0u6mN55X zNpU9zASJV``W%x`b*fwzyWVJbbj z3?zeD@nMWnn)rjSku8fI<4j9{n!o%?9Jd5z9K)396R`vCahd{{GNRuCfS960-t(x# zF8}IB;FFPTrhC$qF3jbXg+wXkZCP;x7gj5Y($LlZSIF8+7y(=TfA)RAC9zU4UP5Op`N>iWTZ7Q`d0cXLl>aJ^>-xxnE%M*t z;i2#Ub98XDiT|*cqSWZh%gdDsf`M0=y#&HQ`>H&LCCZi%Cm*Q2@|$*WViZKTy4TyN zuk3%@l30Dm!nfoe+#|)>%&YDMVABEH0aU%JDXE;+JH3Hs3Hq=j{%eM04H|!_jF>4F zFr&&d-IZuv`AiPWxfujeOy-=wv&Hav}B^ znFoK6SCMnyLZv5c+Z|V(B+_AP^c5=ntK1OR)l7{O;MvU{aGgHr&r91lseWI1&N+-H zQ~tR#K5-uzte*gkNzJDk#Ix**HDz7LM33CwEwKY{8Nc#*30-)Y5n+j zf_QpccIa4FTwI>$cF;ku&kbQ^i5qVU{fU42`$A{nZFh#9F2g>St1olnKCOE%pCNpF zw_nvAU-d)Nd#(F0l>tq4`w$O6oiRp=l>&)w7jB6HoLGs1fNxrquk|^p()5mfX!pt> z>213}l#M_x`V9N9eYzKkCiv&)c8l0m{!q%cN1-;YO<1nfQ*29=`qSe` zk_|GX>esJdBRA?r@oQ^2QU4l{4~r)Xg^(yS>qOh&nZaOa>^;pH(9G_%?89d2e)^)w zq^i3af*Y|})k9^>K!O;)&6LCUJ)w7M<)x3i0b*K4zN^%-kF@IVPF08f1YgytDneXl zm>WhGGCh6resnckuW|GB@}ZNS54j0RXA3eqEQkbD0-=bJbdIDjArs|Pz2+UCypnpg zJKxy{#z%WwXTh-@@%?N#zSYK$p`Q|z!~3e82P)=uf^a)qHP%M!ggWD6|a$U3-l|5#c!Z( zE@nZTpKHeOP%dMT3s3zDn2SBf748C_l^Y@Ii$Y~X_CO^#o9^RXZB>%uyEG=7W8%mz z&1m+s=QQD0xQWD{&HLZ= zluG<@;p=^8LU36a~Pu z+eppA0qHn;ZG&f-iJ#YIWHWdd*^0NetC_YfE!iE&V>yczOX>C(NF0v-;m?G;l8kba z=$Izex2#Rv#BR6c4@FB~b$x0(-ctSgZG(MR%x@~R%XyNhbl@>$6~k;;OZM@Pg1+@8pA07Jq|M2K!6aRfJrQ-kX ztn_Mpz`fLb^}>Ktv712PqHBo-?hn3j;O^%d5y7cs2?|xveci>~fi^jg2XN@@LLS2Z zvE&1%uPE4e9|v=9%WPcDAFFhv|AB0m-MK)!|F`e|b9DTC^ZsWoMUt$XBuTNlBe}XO z^92g#N$uqq6ol~jp5S>hviV5>3x_DJ%>_J9MtvN=uSfz)#DSi_Cg<}Jha(* zdBo(&=<^F2)p40RE>SNxn2n=HdkBXvkRRsT5#9jZJTST(sWp0IG)+=SkmxgC<&mpS z%?e#Wf;{JQ^ZovpKJp*saJlFYt@7XT>9PO*?_mF6^ZsuwMG;h$R(*9MpUS4*Q_53~ zEbG9#EL{LP%M=16Q?4{#e#nmgJOTMm4cbl|q(4>UhLuWojk29Ypsrb+)bS=oDxoAl19bIhA_{s^jGDL;r{k5VJ-why&7T$L6k#2@xDVo zv0Kil*X?&S{Q>idXn&q1PW9jvkc@FUi+T8&XHZrz#7!QnnNdQgFKU*Ht;188m}Mc~ zTw6Y|zbE!Fd+9x+YmqLO4^+A~-{aPfItME)rnwLJ?tU}HB38&)FvUrCxvqnAO81DM z-Xyq4;r~#(D3A$eYsS!9lAz10kl(LEcfC^#qOFW1=og&(4x=927MENX9sD0xEhI<& zY|Hae(N$!1`&p1FYeJ+sUq6W`gn;r#cj6k@)zBE%i?)&7iN|t3Dqp3p@;}9dV!n{6 zURQkocXWE{$A3LMIyv6R|LZ7<<>}Q0a(P!3`@`%RNq75d18&^_)@|6i!UV`K~>d7k~fC4QB9)w2{ct||o{56H(9V&i=a z8K`U=1tky;L&opH+3iIN@ib(u3yDNxELGcGlPJ{m5}OkWZ;>Eo!_3a|UtML#&Q`bZ zov%llq%CJ!oh&?7 zB%Mu>WBo7R(FR@^YHC_HUN#+tUhms-?Dd|!54L2cEh_g!F%AP8hSSNv24I?lN_T#?>2Av*qb$jYxqSE-%zlm04W7bA1-hO@k z5L%Iq+0)R9Y|K_gD?*@_m~536JxFT0jVW{v%HJO_!T@0PQ*fx&ATa*>{HyQ%?b2$H zm_J}&*b86}rDUw3aXd2XZ@cGQ^*ynaVjnPtw^=*couW!^X<=I(sQC#qRqHu&Z}qu}Hp?MT3siVGotZ-a#QW4UHna z)7sW*Dm$Sg2r{E_sfQKHI9IbFRmHH95M=-LOXSW`pM?sqLoYJcPRLyJ+G$z^zYyWA zCB<$tR@V*39(@b7bZ;lXX-iiC@xUzx}%g^vYWG$JZDeq<8(O&aXMoh{eTk$ z?$81x1gTj3^0IOVK*oepuAT>kqrW_xK=$uw;Z2AHO9kAh^DUv>C>V*nvPoC#Af-tB zC*&9PXDMCfKQiNJSpl#${@1?${&)ZMXygC2mQsoT`ChE_N}_+tJ>xj?xe;KvDI0oo=@3G6utXK1;?iFaVFFM1WQNyUy1AAhZVHx|0k!<{r6wbk2myx zEky}>R{Zx>`2qVorl(Dy+Whg~fZ1X2Ehgim@-!N}gMd)@p1wRBwI%F$;$Mfv8!^-{t@yYXz{J)Ok z$p3nISF8tUsLQDXMdK&b3IJ3{bbTq{9hRlE1hW)XWx@RNlsbdPVF}g2?6EE?gsJ+` zXc8Ks&4YtKleAdu*nZNSrWv1|R96t>jd1rll&h%@>V7U`jN+aiGhCO#}@>>S+GRG+7OIul?Gk>`pAQR z{J$oN&>QP2g~Iw^g6(3V+xGJl3|p6|!}9!@rNgD;eSQ=oV$Tqg>-Rc!W7u|-LtD=K zCu<4q8&UIPmI9ZO|9YAM+vLCJmG|FACr6w7|7$4$;u#l7KvypWE@Kc3LRhyrSTPR< zPQ*tc7xp$5dXh&6qhVm^k0&NBVL}W5`0NG77K>url5IpsXS;mb@?)*-?4uAO{VltU zEcr2*HXlu(T&r!dqx^S|MiWBr9_jthVfFpb(I)=yT8iAtZ)O~FoZbGQR$1M&%&2mR zTa_TFw@^>vuW0r70^hW07A(n6qx3}5UK5sm#6I1=QP4A!ze3@zaguvUc}i zxf+)0&neV>(msb~nY#%^jdc47rK6_#F_OeeUexHsvI0e(r`41*TMxYnR%b`0uQ3>B zw}BisP10S_POnpJuhT=)0oz&f6pn@{_QSA=ls*VQn<#uF2G31#N>}-x(7TktWGMxp zMgBk8KRNd0|D(f={J)kWsp1cMbyxN9$LyBAvVPI*DIWV2TfEyNpQ3ud=RKyGqfnS{ zPoq(o?t5tuW~mz02UBT<`a>~Sy>tcBsw!3$@yLDIs->exd+XCIc5kHaN0GXVjoL}< zuH71aL~N%MAx*0;u!_P@GO;5e*90>GBrD_Z?|>OopBPF}%n9vk3vD%On&IXoxz14x z7y+2e)Fs(pIT%Bnif%KUf}G%t8&*--_rc618fYMEi3D6M1K0(xKIACoC;>m|MnB6O zDx9e7DN)-wSX$KgHHhdX%2TqKqKx;GsS~T+Y9#y$YS$ccG@hl`s3&erH)PAi(&~uZ zONgc<>y26>n>{9Ce8 zC?Q(!*a0y4b;iPB^6=P^XzJm0Qh2TAyO^;VqH1)1KDGBr-Wk^J?d}M~%~?TK7%=Vg zifZiey9c}dxPP_D@7?6TIZ6>Fd%uied^gMW8_1Nza)DcAz&88;;i(`0;pFIa6aRND zMegO`vaZepTyCCWu#>*7;EkXjUsO~b>nGW-iId#h|4mKe(+H40F1`H0%4YPEwl;!+Vv3%tc_5&1G?rMv--D&_HoGFpq_7iYQFmq6WePSxsxQ_ zjh?PquvUa$3;E)-3h6pw^0GdsWR4R=cLW`h7ghR$iOoHQJe~->6^piM3fLXam3ST) zTEmM9C21J&OJp7aQBKhqe-N~lrT&6+=sPTI_kGs!NIFZiB=#x4i2ZYwe)=C1XKR-B z%mdT*{^RJR8vo__CjQG>ib{8{mvz-DpMkramRGiZe8sMq0VnUX`u1ee|8)OLC~wzh z>YB8*VthR`v?`zW;{KU=>=*M-xBC2U3|iNtaV`Fw4>*8BlRhC{YOzDN;bdI8rEO>$^UK`iPs%3fZFeWeEI+6fi_I=ydTD9{%G61zPUvr<|A1 zR?+CbdfiuUbMNzMNq)6^;Pbio2~&elO;ucNG^L(bKOG6`=I-Z#cR%x`?ta3n^O0Tt z)Cpl5J?_&f&HCS5a=^V`aEAK^{kKYs{&%on$^W!}c(T#|)>2gbFGO$k+ftyG9GFDj zYD?(fv=qZEh45yAK%}WdWL~e@d?v*s3h8259a5n)6ags^*6$lo5R!I9(P>bsgLquN z?@&XsA3SWSZ>oY|U5?_=*icMNO}l4gin(bGB0Wj&Q;V&snES+qAlKvF9MOAqk_yPU+Uy9c;$vDIrn4okD5T!-f0nG@o(6(nVO&1`B8JNI4M;U-)jwldx2WPj2 zyGVr`W(Cbxp$>2&`=KZkLVZjqMR96#j`I>bDc_F}$RQINJ|`gJkORYQTfoI*GpP(jaz@49b40nAs~^wbycPrd+x5G*kqxgT z`YNhTR&Z@j0Gp6|^QTmx1QS-U^|;FjH|8~1g5;{*BXCb;gS6W`n{^V=K4S6fVR@fq)`5OSzCs^llt_4aKAvLp=lk zEBjv=_+qa9dyUK#z!8}vJ;OtLT|)fyqi3j{=zoeCXXf>f=OX?Zvo_VBRsMhO=YKdk z-QVPYSW9UmZMAFe&^oQ^%Nvov)d@~M?0~Hivk0PT()fBt^i#3In>(F?3XE8~D|V=~ zFF)htnp1I-MXyyewj_xqDnsvesojSeOM`W~8t=v(R_(KjYL}(OtQ!bLMO*Q!g`?Rx zyS0v%q&@}j-yDvh>h<6UPG67B5^_WtW*lWP>cG zm$D^LO9|d(=>q(up#2Qw(g}rdgo1%|M@IU)fH`D zH6V!Bqtkz{*M2;}Z~S0B-~lweAiQK7virG}Ui3e^rHHZK3P7v<=V0HL|DT_1=>J+u z`#oy0=1b6h)wqG)m(W{q*mfqleRS1*o9m&h&3+_oh@!ANp^p zjJy7uHV)l%T1xclydd2^B3acTj8#&i zIhUw`b!`FuL;Ad?SF^I zmH5wx&reP^{C^##jsII~-bwc}r1M&}>&tT5n9X*TS+jZkRtNF21qxrG(OtMa<Qe@x1EZ`&FdCZc+eqMSy0#t+Jd-KIpQVRVl$t zo-HJ>c^s4xR97{VrG9La5bSNy0(IP%4aW{^x^+*tcZ&gcDxI0_5axS_5YKjgAM;*OKIc(HEZ7A4y=Q( z)RXj@p4$CC=DqI(9b6vWpc@!iKf`Vaz=I9E0iedv>n_zsPy3w9^7OyE8rbUpapLQL zoBWUKD*fpHT1fwAN%kK^@>fpoH>7@3RCxgX@B9F?UHBR#pa-Dy zrU#()9X$#wSla{8x&VvIbA#1A0j-HzYIwuu4d~}zLiB$)LFp9VW`v@Z^wC29_fL+z z_n!wRhtD_i|60mlz!l^i(M$#pQHu`lCny7>8BP;HM{^k8!CS1sA~yJP$nNvOm%|af8+&uH*Z?9jitdHjNe{gVec<7z~8OJm{5_#}0B0blB$>sc;SPWdq$Ily-lPKYE9Nojl0H9Cwmv=P)HVv`zBWIV<(hAE&ZCk%5!7ds$^9H!(J5UK$W3+!Ra2$;e<1agY! zkcU%00Wc+r$`>vODJOEo6>Q}c#Ci&LY9L8UFJojob2J>()E5ghCTU9U1!ssMLkvKQ zc0e*i8WT)G2Kh{U6yvD@WL$kA1Ai_16{!4G?ilnTPjQUJfO1MEc!W7h&T4?|g0E&- zl1etC?iB@ggn|UKJcSDr*vZ)ybu)tbY9xCz1UBKJVlTp6`3pMXCOtlF#W$c zogu}mhJ@Y@25$++F&YfSwydLM&*YF363;|mJ3x2!-~aW$b&dc2um7`cLP*05yvtEG z&@jwIfp5t@nj^X+n>w^hMWRDx5XfTuU>@;W(JxPrihg=;& ziR(Mj34mFK=ZG>$i&Pn7Oc@9HY?R_ST?~qS2#WD)S^xpdQ7kwK5FiQ);qP#@ zf5p}u6ub6*g5!xe5+Ej1#8jvD@d&OHReMqb9EiGHEU)R+B{e%m3}W3%!ZF80C{>4}mg?77;J$tvJ@j8iOW0m?WQWL>T|obd^v z_@5{lP{dH0BC38Ux}#`JAnJ3B{@nLk_{jjPnx%**%sERkmqj> z>0;0g1Vxg)B!Y{YB^V9{Kbq-`Nyc&<&&Z6W3nN81gAqql_ESutpaN$81PKaG&=9Dt z2`Gw@n9C||IJ0363Yan-h896f&c9G+PMsq$Gcm~&`C-!JHztBg=zTh{=YAp9$2}#G z%e567C0o=V9-IYa3IkfQLpb9^$N;h6h=bx}s_twe;I=hlfIfF}JTOgx6vPI4MOm00 z3m##CDh{}$8gj~Ew$MyM#t2>5+>U~j+!8>>B}rFVWy&+jz%wK6tEpO8ItOe42APm( zDPm$jX&RGg8LmKjTMXhIxcT-Kc=aDQuioB(t5@&eT;ANgdI`Sz5u9ILy}rCS|LXNC z@cR6R9a&GS>My|$@817AxV#2e@85lY`SR6E@b2y4{H>63&ac7cwczkyonK#G4|S7w z@4>gP-oN_lNAU9U`r`HZ<(q48{`xie;r#vk^S3vbudc!Q+n3C_{?&aIB-(SA{=GB{5Z*O)4R)d?%o7b;~gMpDys*FamS;n+}q_o0vqW}B9{$HkK zDozUNRqjnK8%PpE1XUGVl&B!LhNzY+-6&D*478pp7GL1xvziMsN14Q!j7z3DLMgcy zl6mOY!Qe8J#0e*eTIbJ_e(J|+=%$7BpehGS+rO-8hPhKB7Z*rzV&ubOwqTkLl*&X= zjB|`M@>PAD6B)YMoF%*R}~H9r*E!agYPwwKOF8$KA9~*3OS;N z`b*tR{7`US71f%_#ef_Ou}CgR2wDKvz1V7E2Fvzh(xwPzOu=Sag(-(;2wi0qF_bFX z2o;f;C1nyVZz)t6t7_qe5EjrJoQJ@XP>V?|B~%wB6*8L4q<_1VPoXvk9LiNeSgh|E zcm}siV3`e1ky|o0RKD1eu#6-wfa7US1l`OWY$y^Es*;7Z?5j4mBm3C`7nHvAqGCww z{-0u6o{hEv&KROxv&s)#tl(RciM1OJ21o9WvjvOcU~oJHZ;3owN~LgFmS!c|Q~(#l zPr>MGm5}}S{j2krZ(a?j$%^`Dz5hRb?%RKl4>$h5YbnJo$ZM6SWia^5U%*>970m8B zo}eij40eHj=5QXzWR~%>0RX$;N{;xKL5#b(P{T>*q1PeFJkBK=HX8QA`o{aTVW+ z8Zk@}xImOED=_jPBI;Fr^+8(TQgE4ZM8_}|E%1lkt@la~Qtf2g!@my({|W>wB?#>P zEBL!xOIp4a_}k(luh{z S%l{Vu0RR8-Y}QTy{0snja)rGB literal 0 HcmV?d00001 diff --git a/stable/rsshub/11.1.23/ix_values.yaml b/stable/rsshub/11.1.23/ix_values.yaml new file mode 100644 index 0000000000..377db8394f --- /dev/null +++ b/stable/rsshub/11.1.23/ix_values.yaml @@ -0,0 +1,62 @@ +image: + repository: diygod/rsshub + pullPolicy: IfNotPresent + tag: latest@sha256:1b05e6312e31c0ef29f68806ce5990a108861c549bb0e42472d5034527c99fa6 +browserlessImage: + repository: browserless/chrome + tag: 1.60.2-chrome-stable@sha256:7db5e3aad20c201abaa03bbbc868a55ef96574cda0e67ccb7e4e032053ecb87d +service: + main: + ports: + main: + port: 10191 +# Enabled redis +redis: + enabled: true + redisUsername: default +additionalContainers: + browserless: + name: browserless + image: "{{ .Values.browserlessImage.repository }}:{{ .Values.browserlessImage.tag }}" + ports: + - containerPort: 3000 + name: main +portal: + open: + enabled: true +securityContext: + container: + runAsNonRoot: false + readOnlyRootFilesystem: false + runAsUser: 0 + runAsGroup: 0 +workload: + main: + podSpec: + containers: + main: + env: + PORT: "{{ .Values.service.main.ports.main.port }}" + NODE_ENV: production + CACHE_TYPE: "redis" + PUPPETEER_WS_ENDPOINT: "ws://localhost:3000" + NODE_NAME: "{{ .Release.Name }}-{{ randAlphaNum 5 }}" + # User defined + # ALLOW_ORIGIN: "" + DISALLOW_ROBOT: false + TITLE_LENGTH_LIMIT: 150 + REDIS_URL: + secretKeyRef: + expandObjectName: false + name: '{{ printf "%s-%s" .Release.Name "rediscreds" }}' + key: url + HTTP_BASIC_AUTH_NAME: "" + HTTP_BASIC_AUTH_PASS: "" + BITBUCKET_USERNAME: "" + BITBUCKET_PASSWORD: "" + GITHUB_ACCESS_TOKEN: "" + GOOGLE_FONTS_API_KEY: "" + YOUTUBE_KEY: "" + TELEGRAM_TOKEN: "" + LASTFM_API_KEY: "" +updated: true diff --git a/stable/rsshub/11.1.23/questions.yaml b/stable/rsshub/11.1.23/questions.yaml new file mode 100644 index 0000000000..79557e61b0 --- /dev/null +++ b/stable/rsshub/11.1.23/questions.yaml @@ -0,0 +1,2613 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: Workload Settings + description: Workload Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Postgresql + description: Postgresql + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_tcportal-open_protocol" + host: + - "$kubernetes-resource_configmap_tcportal-open_host" + ports: + - "$kubernetes-resource_configmap_tcportal-open_port" +questions: + - variable: global + group: General Settings + label: "Global Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: stopAll + label: Stop All + description: "Stops All Running pods and hibernates cnpg" + schema: + type: boolean + default: false + - variable: workload + group: "Workload Settings" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type (Advanced) + schema: + type: string + default: Deployment + enum: + - value: Deployment + description: Deployment + - value: DaemonSet + description: DaemonSet + - variable: replicas + label: Replicas (Advanced) + description: Set the number of Replicas + schema: + type: int + show_if: [["type", "!=", "DaemonSet"]] + default: 1 + - variable: podSpec + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: containers + label: Containers + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Container + schema: + additional_attrs: true + type: dict + attrs: + - variable: env + group: "App Configuration" + label: "Image Environment" + schema: + additional_attrs: true + type: dict + attrs: + - variable: HTTP_BASIC_AUTH_NAME + label: "HTTP_BASIC_AUTH_NAME" + schema: + type: string + private: true + default: "" + - variable: HTTP_BASIC_AUTH_PASS + label: "HTTP_BASIC_AUTH_PASS" + schema: + type: string + private: true + default: "" + - variable: BITBUCKET_USERNAME + label: "BITBUCKET_USERNAME" + schema: + type: string + private: true + default: "" + - variable: BITBUCKET_PASSWORD + label: "BITBUCKET_PASSWORD" + schema: + type: string + private: true + default: "" + - variable: GITHUB_ACCESS_TOKEN + label: "GITHUB_ACCESS_TOKEN" + schema: + type: string + private: true + default: "" + - variable: GOOGLE_FONTS_API_KEY + label: "GOOGLE_FONTS_API_KEY" + schema: + type: string + private: true + default: "" + - variable: YOUTUBE_KEY + label: "YOUTUBE_KEY" + schema: + type: string + private: true + default: "" + - variable: TELEGRAM_TOKEN + label: "TELEGRAM_TOKEN" + schema: + type: string + private: true + default: "" + - variable: LASTFM_API_KEY + label: "LASTFM_API_KEY" + schema: + type: string + private: true + default: "" + - variable: DISALLOW_ROBOT + label: "DISALLOW_ROBOT" + schema: + type: boolean + default: false + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: command + label: Command + schema: + type: list + default: [] + items: + - variable: param + label: Param + schema: + type: string + - variable: TZ + label: Timezone + group: "General Settings" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: podOptions + group: "General Settings" + label: "Global Pod Options (Advanced)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: expertPodOpts + label: "Expert - Pod Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + label: "Host Networking" + schema: + type: boolean + default: false + - variable: dnsConfig + label: "DNS Configuration" + schema: + type: dict + additional_attrs: true + attrs: + - variable: options + label: "Options" + schema: + type: list + default: [{"name": "ndots", "value": "1"}] + items: + - variable: optionsEntry + label: "Option Entry" + schema: + type: dict + additional_attrs: true + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + - variable: nameservers + label: "Nameservers" + schema: + type: list + default: [] + items: + - variable: nsEntry + label: "Nameserver Entry" + schema: + type: string + required: true + - variable: searches + label: "Searches" + schema: + type: list + default: [] + items: + - variable: searchEntry + label: "Search Entry" + schema: + type: string + required: true + + - variable: imagePullSecretList + group: "General Settings" + label: "Image Pull Secrets" + schema: + type: list + default: [] + items: + - variable: pullsecretentry + label: "Pull Secret" + schema: + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + - variable: data + label: Data + schema: + type: dict + additional_attrs: true + attrs: + - variable: registry + label: "Registry" + schema: + type: string + required: true + default: "https://index.docker.io/v1/" + - variable: username + label: "Username" + schema: + type: string + required: true + default: "" + - variable: password + label: "Password" + schema: + type: string + required: true + private: true + default: "" + - variable: email + label: "Email" + schema: + type: string + required: true + default: "" + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10191 + required: true + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: scaleExternalInterface + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + additional_attrs: true + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + additional_attrs: true + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + show_if: [["type", "=", "static"]] + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: tcp + enum: + - value: http + description: HTTP + - value: https + description: HTTPS + - value: tcp + description: TCP + - value: udp + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: hostPath + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: iscsi + label: iSCSI Options + schema: + show_if: [["type", "=", "iscsi"]] + type: dict + additional_attrs: true + attrs: + - variable: targetPortal + label: targetPortal + schema: + type: string + required: true + default: "" + - variable: iqn + label: iqn + schema: + type: string + required: true + default: "" + - variable: lun + label: lun + schema: + type: int + default: 0 + - variable: authSession + label: authSession + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + - variable: authDiscovery + label: authDiscovery + schema: + type: dict + additional_attrs: true + attrs: + - variable: username + label: username + schema: + type: string + default: "" + - variable: password + label: password + schema: + type: string + default: "" + - variable: usernameInitiator + label: usernameInitiator + schema: + type: string + default: "" + - variable: passwordInitiator + label: passwordInitiator + schema: + type: string + default: "" + - variable: autoPermissions + label: Automatic Permissions Configuration + description: Automatically set permissions + schema: + show_if: [["type", "!=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: chown + label: Run CHOWN + description: | + It will run CHOWN on the path with the given fsGroup + schema: + type: boolean + default: false + - variable: chmod + label: Run CHMOD + description: | + It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770 + schema: + type: string + valid_chars: '[0-9]{3}' + default: "" + - variable: recursive + label: Recursive + description: | + It will run CHOWN and CHMOD recursively + schema: + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: storageClass + label: 'storageClass (Advanced)' + description: 'sets the storageClass to something other than iX default. Only for advanced usecases!' + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "" + - variable: static + label: 'Static Fixed PVC Bindings (Experimental)' + description: Link a PVC to a specific storage location + schema: + show_if: [["type", "=", "pvc"]] + type: dict + additional_attrs: true + attrs: + - variable: mode + label: mode + description: | + disabled: use normal dynamic PVCs + smb: connect to an SMB share + nfs: connect to an NFS share + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: disabled + - value: smb + description: smb + - value: nfs + description: nfs + - variable: server + label: Server + description: server to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "myserver" + - variable: share + label: Share + description: share to connect to + schema: + type: string + show_if: [["mode", "!=", "disabled"]] + default: "/myshare" + - variable: user + label: User + description: connecting user + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "myuser" + - variable: domain + label: Domain + description: user domain + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: password + label: Password + description: connecting password + schema: + type: string + show_if: [["mode", "=", "smb"]] + default: "" + - variable: volumeSnapshots + label: 'Volume Snapshots (Experimental)' + description: Add an entry to the list to force creation of a volumeSnapshot of this PVC + schema: + show_if: [["type", "=", "pvc"]] + type: list + default: [] + items: + - variable: volumeSnapshotEntry + label: Custom volumeSnapshot + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + description: 'WARNING: renaming this, means deletion of the snapshot with the old name!' + schema: + type: string + default: "mysnapshot" + required: true + - variable: volumeSnapshotClassName + label: 'volumeSnapshot Class Name (Advanced)' + description: For use with PVCs using a non-default storageClass + schema: + type: string + default: "" + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name (Optional) + description: Defaults to chart name + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description (Optional) + description: Defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: icon + label: Icon (Optional) + description: Defaults to chart icon + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: widget + label: Widget Settings + schema: + type: dict + additional_attrs: true + show_if: [["enabled", "=", true]] + attrs: + - variable: enabled + label: Enable Widget + description: When disabled all widget annotations are skipped. + schema: + type: boolean + default: true + - variable: custom + label: Options + schema: + type: dict + additional_attrs: true + attrs: + - variable: key + label: API-key (key) + schema: + type: string + default: "" + - variable: customkv + label: Custom Options + schema: + type: list + default: [] + items: + - variable: option + label: Option + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + default: "" + required: true + - variable: value + label: Value + schema: + type: string + default: "" + required: true + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: overrideService + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + show_if: [["certificateIssuer", "=", ""]] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: scaleCert + label: Use TrueNAS SCALE Certificate (Deprecated) + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: Use Custom Secret (Advanced) + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: "Allow Cross Origin Requests" + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: namespace + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: homepage + label: Homepage + description: Connect ingress with Homepage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: name + label: Name + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: description + label: Description + description: defaults to chart description + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: group + label: Group + schema: + type: string + required: true + default: "default" + show_if: [["enabled", "=", true]] + - variable: securityContext + group: Security and Permissions + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: container + label: Container + schema: + additional_attrs: true + type: dict + attrs: + # Settings from questions.yaml get appended here on a per-app basis + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 0 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 0 + # Settings from questions.yaml get appended here on a per-app basis + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + show_if: [["runAsUser", "=", 0]] + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "0022" + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: pod + label: Pod + schema: + additional_attrs: true + type: dict + attrs: + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + # Settings from questions.yaml get appended here on a per-app basis + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: resources + group: Resources and Devices + label: "Resource Limits" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + hidden: true + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 10m + hidden: true + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation" + schema: + type: string + default: 50Mi + hidden: true + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: device + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: scaleGPUEntry + label: GPU + schema: + additional_attrs: true + type: dict + attrs: + # Specify GPU configuration + - variable: gpu + label: Select GPU + schema: + additional_attrs: true + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + - variable: workaround + label: "Workaround" + schema: + type: string + default: workaround + hidden: true +# - variable: horizontalPodAutoscaler +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# type: list +# default: [] +# items: +# - variable: hpaEntry +# label: HPA Entry +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: name +# label: Name +# schema: +# type: string +# required: true +# default: "" +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: ingress + label: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [{path: "/", pathType: "Prefix"}] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: integrations + label: Integrations + description: Connect ingress with other charts + schema: + additional_attrs: true + type: dict + attrs: + - variable: traefik + label: Traefik + description: Connect ingress with Traefik + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: true + - variable: allowCors + label: 'Allow Cross Origin Requests (advanced)' + schema: + type: boolean + default: false + show_if: [["enabled", "=", true]] + - variable: entrypoints + label: Entrypoints + schema: + type: list + default: ["websecure"] + show_if: [["enabled", "=", true]] + items: + - variable: entrypoint + label: Entrypoint + schema: + type: string + - variable: middlewares + label: Middlewares + schema: + type: list + default: [] + show_if: [["enabled", "=", true]] + items: + - variable: middleware + label: Middleware + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: name + schema: + type: string + default: "" + required: true + - variable: namespace + label: 'namespace (optional)' + schema: + type: string + default: "" + - variable: certManager + label: certManager + description: Connect ingress with certManager + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: enabled + schema: + type: boolean + default: false + - variable: certificateIssuer + label: certificateIssuer + description: defaults to chartname + schema: + type: string + default: "" + show_if: [["enabled", "=", true]] + - variable: advanced + label: Show Advanced Settings + description: Advanced settings are not covered by TrueCharts Support + schema: + type: boolean + default: false + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + show_if: [["advanced", "=", true]] + default: "" + - variable: tls + label: TLS-Settings + schema: + type: list + show_if: [["advanced", "=", true]] + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + + - variable: certificateIssuer + label: Use Cert-Manager clusterIssuer + description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.' + schema: + type: string + default: "" + - variable: clusterCertificate + label: 'Cluster Certificate (Advanced)' + description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.' + schema: + type: string + show_if: [["certificateIssuer", "=", ""]] + default: "" + - variable: secretName + label: 'Use Custom Certificate Secret (Advanced)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: string + default: "" + - variable: scaleCert + label: 'Use TrueNAS SCALE Certificate (Deprecated)' + schema: + show_if: [["certificateIssuer", "=", ""]] + type: int + $ref: + - "definitions/certificate" + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: gluetun + description: Gluetun + - value: tailscale + description: Tailscale + - value: openvpn + description: OpenVPN (Deprecated) + - value: wireguard + description: Wireguard (Deprecated) + - variable: openvpn + label: OpenVPN Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + show_if: [["username", "!=", ""]] + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + additional_attrs: true + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: auth_once + label: Auth Once + description: Only attempt to log in if not already logged in. + schema: + type: boolean + default: true + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: The address on which to listen for SOCKS5 proxying into the tailscale net. + schema: + type: string + default: "" + - variable: outbound_http_proxy_listen + label: Outbound HTTP Proxy Listen + description: The address on which to listen for HTTP proxying into the tailscale net. + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: string + show_if: [["type", "!=", "disabled"]] + default: "" + + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + max_length: 10240 + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/stable/rsshub/11.1.23/templates/NOTES.txt b/stable/rsshub/11.1.23/templates/NOTES.txt new file mode 100644 index 0000000000..efcb74cb77 --- /dev/null +++ b/stable/rsshub/11.1.23/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/stable/wg-easy/9.0.3/templates/common.yaml b/stable/rsshub/11.1.23/templates/common.yaml similarity index 100% rename from stable/wg-easy/9.0.3/templates/common.yaml rename to stable/rsshub/11.1.23/templates/common.yaml diff --git a/stable/rsshub/11.1.23/values.yaml b/stable/rsshub/11.1.23/values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/stable/wg-easy/9.0.3/app-changelog.md b/stable/wg-easy/9.0.3/app-changelog.md deleted file mode 100644 index 5b3d0ddd7f..0000000000 --- a/stable/wg-easy/9.0.3/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [wg-easy-9.0.3](https://github.com/truecharts/charts/compare/wg-easy-9.0.2...wg-easy-9.0.3) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/stable/wg-easy/9.0.3/CHANGELOG.md b/stable/wg-easy/9.0.4/CHANGELOG.md similarity index 87% rename from stable/wg-easy/9.0.3/CHANGELOG.md rename to stable/wg-easy/9.0.4/CHANGELOG.md index d7a08d9bc9..456e1dc3f1 100644 --- a/stable/wg-easy/9.0.3/CHANGELOG.md +++ b/stable/wg-easy/9.0.4/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [wg-easy-9.0.4](https://github.com/truecharts/charts/compare/wg-easy-9.0.3...wg-easy-9.0.4) (2024-01-21) + +### Chore + + + +- update container image ghcr.io/wg-easy/wg-easy to 10[@da89743](https://github.com/da89743) by renovate ([#17469](https://github.com/truecharts/charts/issues/17469)) + + ## [wg-easy-9.0.3](https://github.com/truecharts/charts/compare/wg-easy-9.0.2...wg-easy-9.0.3) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog - update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732)) -- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704)) - -- lints some docs, uses front-matter instead of # h1, and fix list items in changelog ([#16589](https://github.com/truecharts/charts/issues/16589)) - - -## [wg-easy-8.1.2](https://github.com/truecharts/charts/compare/wg-easy-8.1.0...wg-easy-8.1.2) (2024-01-01) - -### Chore - diff --git a/stable/wg-easy/9.0.3/Chart.yaml b/stable/wg-easy/9.0.4/Chart.yaml similarity index 98% rename from stable/wg-easy/9.0.3/Chart.yaml rename to stable/wg-easy/9.0.4/Chart.yaml index 483cbacf2c..07acda0d33 100644 --- a/stable/wg-easy/9.0.3/Chart.yaml +++ b/stable/wg-easy/9.0.4/Chart.yaml @@ -35,4 +35,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/stable/wg-easy - https://ghcr.io/wg-easy/wg-easy type: application -version: 9.0.3 +version: 9.0.4 diff --git a/stable/wg-easy/9.0.3/README.md b/stable/wg-easy/9.0.4/README.md similarity index 100% rename from stable/wg-easy/9.0.3/README.md rename to stable/wg-easy/9.0.4/README.md diff --git a/stable/wg-easy/9.0.4/app-changelog.md b/stable/wg-easy/9.0.4/app-changelog.md new file mode 100644 index 0000000000..d39661aa92 --- /dev/null +++ b/stable/wg-easy/9.0.4/app-changelog.md @@ -0,0 +1,9 @@ + + +## [wg-easy-9.0.4](https://github.com/truecharts/charts/compare/wg-easy-9.0.3...wg-easy-9.0.4) (2024-01-21) + +### Chore + + + +- update container image ghcr.io/wg-easy/wg-easy to 10[@da89743](https://github.com/da89743) by renovate ([#17469](https://github.com/truecharts/charts/issues/17469)) \ No newline at end of file diff --git a/stable/wg-easy/9.0.3/app-readme.md b/stable/wg-easy/9.0.4/app-readme.md similarity index 100% rename from stable/wg-easy/9.0.3/app-readme.md rename to stable/wg-easy/9.0.4/app-readme.md diff --git a/stable/wg-easy/9.0.4/charts/common-17.2.26.tgz b/stable/wg-easy/9.0.4/charts/common-17.2.26.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e5258f6f3129524d5434c8a1ff4b4a1e6c82fde9 GIT binary patch literal 97960 zcmV)3K+C@$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ(avQnPFuK2a6)0*`vG#}*zbP?s>Xjv}SMSQQ9#QrtCvQpt zXFw9sa46i(P#jT?nZaRBeNL^_m8JA zX7vS}1>bG{X*3#*UZ*4eZ8RF$e;d7a>$_&B+ikbn-4=h}Y;}6g??B@TaLGLhWibA( z@#wa)o%==}7~zj7rkI2SFmF|06q%m^WQekgkEj>ph>3SUCZWgw0s$VyFkXN$iNST8 zATfbxWlCmf0H%yZbg;ia!EBn0>K>Wxvp7MXD6nJDgcO&L&N~|eax3V41oL!0yshepYHOH0r>o7c?B4TghBp} z*Rp=)s_GhivCs&5NPNA1fAW3+j*~b>Aqy6Ok{JSI^dICg3VZ@W!T?R8h{O!ADW+<1 z3IGF8tyTb-AqInB#CxXNJMw)hU!T9RaRQ70isCu;5EZ4N?+@kgBO7zRyej~(7@{%0 z%>q`h%K(E{cT*IC5FsD=yK6MVVV{O@6d(#n417%G-)xG&7=J=Om|@=!&>f6tg*dE@AjO{g!oj|e!-%ch00+=cq`f^P5_a(h#UX4U3 z^hiu=qQ@`PS21_r;SkS~83>7wF8Oj2e1WeY9A2n*18~@AG;|F)DaG7oBmy%+8Hk8a z0StY>_iMSE0vvil;^S}vyfB)G+CD*4tX=sH0m@+L*I+Ufu7>5WzUL%GRbR0lRFW?LTHie34BLoso4lcOx8GHHhm{v-s>gC5{ ziGTrTHztN6ipdB8zL{5m{BbQdb}j;B%c{i z!iA`_%N$-@pr8zeUW#4%N>+~MUbfm5;-jTH9?d=ZThl&M`10d17~(i5`Sbw*;G3DK@>v68cmmpZOF8*u!G` z7m`BCNxA_@Lu84x6K{4?BLR)jAlB4-OmM zPP>QNZ4b8lO*r;?TOJt$a;sM|2_;BSA?)1ae(N8GBmTq3$b5b#(0hcG(o4-g8`Jv zr)EKXHLK6Q{gxunBeUo-CSx2RJ#D3$b(MsCDk}aUK6x;LBOG9c(+wH={s8>*U+R}1 z6Epic%Q-qfujsw@7cRT;S;&Y)VGm%n#lVD-8D!XlL9j3tpznj@pWgp+u?L2y*B{PK z#J_L(zdyeJ<>K^e51bqw-@N~LdUbVna%$??XoB|_=l=jgY&6v8RHgt@aP|KEwMJZu zhQr=5jHpc_F&8dBoShVp`dZ@-1b}oz1LP z9|Onjq>FZDtB~8}D$X zVj7b2qo{E4@$BU6=;rw7a;SGv7z7G+RnDdE652+@w?IpYR|zWTIJ~u{-IP#vf!H01 zZ{3%dd>Yv=&MuGL7o4A1kmwY~TvX!w!$r#7_2(FgElUsPQE&$re1`ZT)$f$J^dpWb zlV6TWIK~r650ZAs7SBVUFlzXK5Qhh#+N>%hj{*!S($j*A%|jF*j}gTgZ<7&y83|CV6;APndQ;>l0g5jK5#)XpVYo1fAq>bwK> zh{TMlKb1xTzI>@>fJ8zAF*=BR%@$b948R7dLon>D1 zVm*)xmFro*aRpvz+GvjA#oZLeNEl79$9qt@{=Wy{!}YPVv=w-JWvf^BU)TaWO+9yU z7SphJVMazT7y7)$=NwaJZTk{^OTD(cV7(sbJOTkDm&`Zds1F$bE z%aUTCB*zfe5d~uohbSwhu8w~V2mC+vR-@6ZH9B>V z%~@(m$(d zi3n19M`B-<&_Anr7-t&23^4P)0BW{Q?tRt9{{&Ny%kYbDt_O3Ety%$dkLBmTVwF1p z_=^zEuvd%b-YQ7Z+*<}|$x^i%srit>p-}Fgt~~&9tpIR~Lq1lQddFcONstJ!9M8-E zs3Aw6Fl9KLTz)(jpY-pV$4jq`xUMGJPy^{%?cKX$8elYk+5rP#E{JoHu7Jyr0%^)1 z!(J^M)2GHjwq%BHMtrVqj;VgZr47WF$390-{xahz+EAE_zis5{Z1f_?)7j_|$ct%B zgtR6<$sguhBFu}1!I<|2e99(pIgt%6rt*4VAsvUMtw`^Xj13t$WK6ug&}a^H%|r)77F`BSOV!q-}r=J)X6api} zDSKQJE2IBE|Mk>u2t(pV8ahTX!(;40wjqFW7->$^6xN~3BnXDcixJnt{oP9DrI?!c ztyHMjdV*Rr7>OF@SFQmnKq$4n5C!U(0c{0ey~@>yN6-`H_#b(A9t==!cqQDzPr1H{ zV%E5&b*-1h?Y_PIkd}UX`9Z_Jcz=C5tg}z75)vkDc2fj>&d~pB{7GPV3l=01!;VAB zU=ZMN0zQ8Rb?J*M+!nrk0i%WGURW3QV#z9`J%^Ehz*%6-I?9ZsOUU*%l!WGrK0;G_cfDF9i9|YJhUv?`1j0s`Z%-aDc#7o3s7Drc}<^>2+1iUHY+eyO2NTzcR z_;w9Il#!>z!&Q8HAE8iERZJbi`I`{y!5wB(IVGkji1t9F+9n~zK8m#mAD=-f2Fn`U zrx6J$iPiGNf0yUUR2uHMGy^Q(R^cXhE~$P`31#LRiPhhckld6Tn=P~HqbZ=B@k}Y>USz#d=Ht}qK&<~NN4To`yO(-Z z3C~Pr>6J%{IMghqUa{O8Dw7~VED6sF9Wy*Hu4A&#|J_#wjSoh<-tN~M+6SYLn*Br6 zL0-Gp@ce!gBGm8oJKb&@js5mP!-oynZ*&e}qcLjr4?D2qA2fO`uhTtfbsMm^%QFk_O90z1d8$JQ%fo=r<3&Ll2HeoemuL+6P_KK0Ndqp4V%(Mh(wH<9@3( zZg>0bgHC%i8aJD5Z`|m4<8gB-mJH%R>_e;3G(|0smToWgXz~2r3tP^l$Wi^ z!Uok&z12ub+HH>xQMWbj_FAxUaEQiDc-ZQ74o2O>Zfo4=dcA{2t1;^Mu<18i-PWjw z`iIavIE2lv-x#5#sKOw^;TrUm<*cdMJWMfcb`Tu5$6l*w>vR!FMo!)IZ?*={wPha=c( zjr-kxv(f8z{l~xTK*z^zDtxj{? zYqa~z8RiVe82Y38VyvnaBiw5pbPq-c&BNxX*K75gJ^!F{&}obh{KHY(JLvVgopH0@ z?H%-*-9xY2>h)pMJLon1es|nHJn)wy93vm!o4}${F|z2e(`+3aHoe19&pYgmo6TmY z?fC}>;K9g8hi!C#`duhCsrF&3 zHEO~U7e$)=g9C)RYh%Fa3nD?_)ztn4$LMVWWB~ zy|x;yX5+BgF&yBaJvtcmJASW&Mt-9|K0NGpo1K2QeR$CBcr8918)JmJO}_=(y)o?f zMu%_&dk2TTMsqY?2ZwtRS(}iM0A=D{lp``ye#lc4qk3fr9HsG4X;DwQ)bTqYO@3>A_@f!IcqI?*TpK~64 z2XB=jKqx!XX+qZouY?wWL*=iu2ZRY^4-F8bf^#O!1+j>g5lSta!Vokym_0D# ztx!o_DBZc!&!QHLZ;=lm)hN_U{6JKP6)a3`AW%36>aNz6fAX&hjK(p4{S#<>jf|vUP3mlgLP3$tpNL(x6(E}2}#UX ztTa+tLDArEuR*ik?9>_s(4Mlp+8Q!Uy~FI!OR)&ytQ3_T9C2iIALzmpZe8f9p(eAXT%QlK^R^D&5H&CK%}3#eI; z(iNXiq!9uhnT>GBTf-c0ZBkDQd#Qn4B4GtwE`^n=m{u~)xUl4UuUOQtl`dBtGBnYi z(Awb_#q1pn;RMA6ZiMMpu)JHDKw(hoifFheXP$RxBqAV?Rf)xmhzRFx%h9t|Sad}& zFHlj%e1D{T+^ubdPYQ~dDJNXhug`~hY-18pFyiymM0@){kTe(ID<_{FAPeju*(^18 zN+X2jP%e)X2KSAi1rLj(l@;@m!~B`qbT>PWTJ#G0*`j8h2-+p?g}<(FZ~SG&BK)Vq zonnGkPJ1(F6@$nJ8aq_U6}Qrim_knKk>biB0h5>{k@+@}Q9jF>!k*QJOgCZ`zr+3n zv4KMy7eIz|%I&&ZRD&;IEpT!s1R7Q;ktxKfr_SxHH$wUm?lX+xa59kAbsdrI*1Mf& zYu32_pz7SBMdqssWwBsZyv(sDFR0arouc92Ddu?`Cf3|}$L7IWoZ%&u*yGOgJWzQ! zeXaJi6i6od1SpV#rMC9w^!jL!5x^#pp*y$$F-h1uikm9;IIT?p;eget8;2wlC~$dP z%HW&_0|euM3;7Jn!&SaPBgm2%?YW0@+La@LF$@_}S`PGB0)t=y?nrzql*BiPqsa-O z0%c*iFPMlYBH*~vCXR3u-iFv{Ny0d2>>+bdrxI->6oDiR_^e)#1l++;%ycGoL&!jk z>1|~P{PUkN8vpBGuS`N9N%9(uaGl}_t=}Gqm?$GK(R~^rZ+}M>tcNme42Kg{^iQqv zya|J73R}CSny(=8J@j5teyP^0RVYzXxLK-iA7Oxf9XAH}K)$`YJig+^_P|fq*O%(g z>tplR`B44!;Y7X@prq@jsqv%=;l`9zcR}fhMvGFAG3ZT2#tfyP!x)9^3XM%1KNn6p z&(=N!YA!GXPOCGDvzJZ{BVPZELw_YSN$$0khd{7N?}6w%Z0C9r+_|B)nc4B$)*} zg5E6(eIe?_2#8Qx&UeoNQGr}RJTy*)UER0odU zC7(NlCsU^LFo3MK?vYTg6U$m+I)y`z%Q4eM0cA=mPg8!R+TH@rbxNny$4I_P6({-jXD(C7KR+5l zBxAfu%`!6_9?c;RI1-w~Gx+I42<^9(J2aXSB2=R}=c!PLJ7pbEe*dOmMGm6?p{M&S zVe0_V#quC36(`(P`FgtVgx92wYf&zgj+bxN$(J)KS**bORu5}aCJ{665SoeM)%NI1 z`R1J5q4-kaqY6s}%m}QqxAK!KP79&WdL_I&#KiDo1Q~L&-pG7XKAOSMuQ=&&BvIT9 zIh&lOo}@xfGly5uqlcG zl8FUg(Ou1NM@8TO4FvDyC~zr9i&JwHpqOw0N_ZvCoAus4jBt%lY`QN&sgVg3sQpS| z3&!s=)k%exqcvh-G*dSJ(Au>mFg^T0x1u<|!ocSDjBtShoQ+lX77mn4l#vuk{5{ho zEC;UgILUdcj6w#psuBsSb)!(!i#x5RQ}MUTj@eB#MheH+A%va>WytDEb$cQBDAr(Q z3Om)h?cF^}yj#Qyi7vm$bXyjgaah+Dd%tcV$Ar5s|33aY0T-F2g~Nym9z>}tAuK90q{u>eWP zDJnByYYDL0R7VM%tgsBPI&I*fYPAmNW<&kntXp~aNkfw6qcf`x8ewW}&h z`Bsjb9`Ag+1+Angr0J}Hk7W7-L;)THxuS)Rc^6}bByBM*n_l^LcT!V2NpocFi9dy4 zqR)K%B<6!T!`j#>jCL^+q@@~Mis>MQroMSG@=?ez4D5kD`enFJ+tx?z^B5%z;7}w$ zkFM%Wrd)217h0B?kChgb7C;ZTx@#&;LsuaCPwN=r_J0lQ3B9TDV(f9E??aIyfQy5GA7k zdv1?yZSL*yWqR5vYinj|j)Y2=wB@5jrRgO_U>v|n9sEdQ&7M`IV=|kGa|e8jG$U0smSXM*?PcBv zWI|KFZ0P&a1Qx&vsMR#$HQvt}3usMlfhi`1T^m$(%4EflPGr^Ng~fRxyoX7PZh&Aa zE*7_8$%|R>@V_>nm9>Een-viCducfv2@55Iw#X{mwSZV$#+Dc%_Ar{Ud)4L(h&X+{pI1yos-UPZcliJypDb5mtFg2X?94Rw>>u z*(&9V%1q6??sfk?^K7jB2zhN7P@+je!M|Nfmdp%UsP1&?-*Q+fm)Uc>vOLQ#*psNMnmS3y za1doJH*<5gK;e7<#zb2>Y~y@+Dc$w}R2!fHe&GM7qoxyz-rt2NzA}d=XQAw!iwZNx zX1W>1f&r+uI*n->flafzu}&zb3#bImzA<=Pc-Iulw)v%XkC}808=QF-&{!Y82R813DH|`{V7h_gwtGp zHD~TBpd0zhq$1l8?oM;1Bjh<7(C0Gm;H@~*4{KwRgm#-#82hy`#DPAp;D5glPve+# z0v8H2lLUQYF|?rY4Nt`Sjuj(HNASHaq-M~L040P!PC6lvNt>fE2||6PMoM_hDU*c0 zj8xY*ZYT$hRnYW>870uP_uQJ$Qr=VsFfFkzOfMjbA3}!bs1{Ai;JT&OhK*uYn@KOj zQpi>r%e{q*h4LmJH67J5=Sub*#W3JwTq7Z^^P<%F3v1~O`O5ApX7nvult&dn-&c;2 zD_S;wF&{54RP%Lk#@1+>gU&W?1#$CL6xnVac1#CvjBl*<0?!OBsqFz3PrRptZT5f( zR^j}|4w03PNiuwiujXG&K^Uij>&OQ_ielu6nC^6U*G*PZY_B!&vgjOHvY7hvo5=-$ z!!b!6mkOX1-NdEaxBeOhWVFvk1!)?%J)rw>64vQd9qp=espkUc!3mp6?TzTu0L_Lu zt=yw|n6RnPIL#sc4mjegfK$(du}Ge-R232I5h9roIZi@=MfQnU-vtCzA}HmmX!)Y@ zR&Gd`ed~EBVmE%6aW0kqToy_`qU;9So(7b7x7{0)$V$H!9Q6jq6Q?%hGTcq!HT|z zP!@%newnQEaxsY`C^yZ;*z`>XhgqrZ$9SUe%97jo+>&Z{fXQt86(elycV?88%*jPg z6wb|i+eK7)h^GBosN68}^e$Mat}QHfBn-?loe{7sB6>Wff=`{vWna z%-_U_4+$5W6nI4l(Va3CU*4LUmIX3!S~&aTISS>8DU2cs!gBlI?*+q-;MAmM!!c#nyp-nG zcf6GJe3W>dV3Dy^Z_nBI%5(ujb0VGUA6d>&&)Nemshs6*uTxXr-jwxiZX{+x*NJD) z3J`Kq{O8$4dD~#gJsg>Y|JDa#Pi?l^t)?W76``% zPda0U6C7$+;f%w+69p;Phl*P!KB|`oFN172vaX%65E}&V5mRi#FNi5NcPjy)lWQ&8 z33Qn!*#->o{2m}O!ENTLa4AgqMtHXW3zdRr6r-9J&`4}Ms!5M76rs>Zp@$I#JDbF+ z;)T)VL5Cq+QcIXT)a5|*IU^sLDdsa-^86X`WflE0lVZU-&XuPSLMDP4ZCUJoycKmZ zaHU`!lxxl>h_aY06teQBVS_IdhL#Bu^X$&N7Fk;(jRB@{&D)~Xmvk3hZ>8J3q-?({TfM3Vzh zZFPHZadi!>?qINCr0!raTo5b#Pdx?LbrOxL0SdI-EyQ*c*Hp9;|r0+#I6 zzyg!@c*tVN&}8vd^mzcV>9e|S75U&*64E5%Y6%yI467Fun87fC0eF=bNX^ryQtTBc z>MpKSb=ng0f!)Z!YF$-PJGUkV;nN!ib}AtE$@g3n)lbLJYTj<#_+hEu>2F$#Mlsi! zN}3i6Go3Fk-uB{B0pikoKvS0yeYoWiMDL(QvrEsQfm0)$Vb>ztjbgxm1_7CX0L@Xb zSDa#8+BXIO#W9KZz#WXa94fR9GWWDl@7Jw6J^)|S_E%JYUuUHeW4`}^)0u=2W1jX3*CzTAfqzA@qN`#bg(0>`<{(n*S7vm92Zd&$R)Dm z6}9Tzi>%$mNQml7yOEyS<{`?2MulDRPp(j5$m%bCSFdjS&up22_*GUMe&0Ss?d zqAqn}rB{eUmeIo4rLZ92#fS6rdO9-dVqA@#yw_f-NT!f8(z+cbcMt#P9GEP~o117_ zsxO*ksXAayu{VS;&JLrq5VMmv+A-QILVcvmnzU4c_Bh1MAL$6B$92avvA8AA-G5~s!Rf6lWxiH@&MkFHO_>EEwUFNSCDFTmN4;Ntx?IQ{$C@OlX5!a(?! z0$4|B+VuN_6_(sj42gi(zodGt5?|#^wB2Hqm!r}Lg#V$5m)08oCGp?MPp*)vmZkEh z{GSBH7-bIFEM5-IEfn#^8J5sYp|!7b$|?}B|U zQ{>+MUzwsYg8r_6CHe?{yn6qRt7YQSD00JD!wnPGroXuTw>(kPmwYlPoU$K)P|dj9 z465fxZ%)sv1qIwla653xH|n4IBU`;DJFukLw?`k|o~~^4m=8LbVg{^1-vQbtlDZ0F zb=ol{6iGV~XCSGntkZVt>kU=2J1OIm9^VGC6mnC2)7TA+A!jB^SeD%%z`v#L%oTG5 zh^yeXHm~(?@lM4Ty}CTRzS4(i$lnDQ){&}8#3ghi%PMBxnbZ|^8xN`8-w5@74Qxg* zp25&H3S_Zz;5(**Wev)-=L<0Qz$sb%F+8G@QlIYFRf&c81N z|Gs>?2hbdavQH#oB0MZjN$S{9fEvAl8iPuz^IZ}gGC^WIvqoDU+oWN4MZ%`JS_8BA zT9i*00EadJ)hfq=1I8h^`ti8kZXW`9VqqB`@}cv>Q&nIhx|aq%aiYnti21GtM30sH zX|7r~El5TQhGL+Lr@R`#3)k0XCzH_9gc%t>B5gR+uI5g%m~^cS+vz4u+x5T7fS143 z;SBypLU>2(9+??WDg{ej2?BP&IpS)NxJj2&AoZZu%@5nA*1b`WMDEm5v}t>=zyDVm zN&dIL^1^>h*~D*2Y>5|tbwfk{R{yIy4&!9~Tiqius^8(zCwH_SBDVimi|Sd>ZwZ+M zXaFX(ta%?%rf$f;w6AorLd^he3r8z4zi4|8z~6+5JrTgQ#i^Z6TNQ|8r`1uZ0_<1n z2ATczjXdiA*>UCrN(pe^3JeBIK&43phD=Bv4n#Nhw%}6^2l;vk={31UZr99_&_y;A zp*3y;Fbc@Xe8J%q#hCpVlbIO(qmxWTgB-Ud9V{T||yoB3mw!#v2W^#b!?( z$|yZN5-L(n92bnVaY$~QCCq5caef~hCyhb$-zbJstjYNh2aB5GMx0OKU;!WlGwg?W zGG&fNkcn&5k&P?sN$_si;{Z?;jGbawXLHJDsRe*0G(w^41i&XJ<9$!V2CMCcZwXd4 z@J`xTby$t!iCX9sAD2^z5g#rbRB}gF@^!iMhXyr5V-lke(oXykkY&5c<>U=XLa*?s zE+QnbPwHwlZBsBYv?|yrnv4__d95k*g;T#=$XW~)6|Ua9L&V#V*=DG`ao=w3ey2Rn zS)PVs1$tU)$P9kEky#{eIENU3YO~R3RIL(N!Nz-LaQLscxKNX}VU6&78pu1_-f#3WNBkXJlCfCRGQnk0~gzfKZ(0rqaEBoW>V_oPBv zcRfO+<-bl^P!h!Vrvk54*nj@vn1~$qP4!dy-yJ1v%2%jP8&C~}EiXqeUgPVe)VUic zD?P`=`6h}2vPjbl#z-W=u84xyQ6RSY@4oFv`up$e91(P1#&_D6Z|>iup0#xr1@~^F z(P%V!oz8bMsc9qoZ@1m+eb?-CyX{uH+v4wA%~rSd9cVmBk26m~8H~ScJi4uH=f08W z^XL5^Dmt;gG)9Uzjf}f82`gvHRbAx)0s8=pi|y6YP)18Lk=)xRgu}WH@2LE+|K&^N z^XHmMy9lbxtIwNtIT!1qxw;)-Q&YvicRlRE;5FZqahR6CV{;X{ghT80=r{^C3%6r}_=AM|nM6z8(>O7$Gl3i@G6J zIZQJ5vJ1FVNH3-JLWiRcUMp)?T1j60{ym+07ve;Z|E2EEAG|iBrehl%y!F5hUV~S~ zWDfACo-iEfF|LAFKK4=-)_$rnA?%oas)Fx9Rqi@m8>?Cv71!e$VAb>hR6Q63oJQ4S z;v*4>i((y+TP+454oR!|sj0eM-Q9IByvJjJeoYBbpbcoElBcx+p3P(tNTxW!IyG68hz!Yy7vI_4L zrO6Dbs}x7_b~fvRL!#2ch|pI%Zcg>LV7S~)(KXwa8v{JD2&J+bQ{L$f% zIGiXBiNi@sR>SMFRD2R9xr|L3w90BKMyWbd!YCCfiW%h+R;jx0u*&tAWy&s14+`03 z>8RxxW_}4TXQE3u%31NKmQK;t9HnB`%Q<3zM(~dB;!`LSjLU0dSh^-M&1Gks%Y9sA z^4zEF@0XUkzn*7J{Z9#B4^sbD>3^+GJE#9OdcCdw_Z*MZ|FWV}HXL1fEa8x%m?8hZ z8l0_d@a5;mo_u27ZmWfKjHw<1!ZWazoT$Is94g8%4o1$(9?w+rIyQPx_Vt? zAvV8+eFCV$nL=N_44jv;?0>E+z+Sy97ZzEouDg%o6Y^SmUlQ4_PO2(`f z8r%KxO?>u`4H`)RV9i_`0yqmy@M7tWijqhFS7mRY;D z8KiGyuQX{m9<@_0qr%f~l%=h&wNGw#e_GA|4R#M@|10@_v)Rq^|8}pt<^Rv|e6{C) zdfMId^sjtjzto{y(Kh(C9=WANUwYuSHLLw@o-+PFk3u2(%l!He=l$QU=Kqauqvi7d zX1~+wZ2A9lJVyRk31P>0BBVZ*nAZsYGI{8Fta~2mD}QD%Dw6qq$l##VZo#Xo=Ico$ zg{~y3)9C>Gw`N!xXQ3eueJ=lXvU1T{uzhkDO6dHrd%^$xFukSgU!}=EexwCp#rkhI za{7O>vDN>d=P~PFjrE3ff4f$!kMDJs>QH5= z7H$L}igC!sp!%oz-k;{x6qZO@s%XjO+2ga5tCFvD?uoCvS@pgEufjyywzpso%OWIm zh3Z!0mM(ukJbKIUnD-ux2>?HyU7h}Nbbf9IQNOr(|Ka-0`wtf5q9%D9t- znl)FLwPi!rQ$jUcZjuoM2gN1xtIK>>iogwKkMY^spYs$ z?!UQxv;d@@6#BNOrG-r9JpuXS<;Bg>hwGojPWvhqa{l7TgpX}&7Zh%)>x-~Bns2WKoKdG#~mZ5T~{3j#vA7}hu!~WlHWaPhQuix38 z|31rO?u77j+=;JiN z73;s#?PvWznw%wU*Z(s-X8m7hFPhze259Eby>!5;siyqxet&wP>-3n=cwgMOCEOnk zsYZmbB8_ng8B&6q3z8MGsg~JnG_s1O{c7#A2NkX0lJ8!AkP5=8!wrY(57vh(Vx|uf z13!Owb9ys8J-#}<7HP3XmOv`f!KquGJY-z~uJetEJM=Vm@&Y3!e5PXP-QsXkul#~V z2&lP()cvmSpZzlfFt~#YTDc9$olb8Iqe#Y)CL;f>xC2bCLtnUERX7g%+E*RjtuoaK zL0I@^1qjMJNnnt~NG()#UUNOXv3jmD#9a?>hVPGm=D+vnFy4=ou;_wtzfOsFtIA&= zU7y~ZoL#9Z0UlXZM4x3ruB+d?zc@aX;`Y+%YHsd!0ktsOoBT1NP)}czttr`DnQI1?vVlpOM4vjXqO+WE1Iy?52U!zh7S+ z-5g!L)r2WjT<=Gq?CtNSvFoF=^WpK)`RU11w5u-GPbWHGbU&Z|qlj!{ILi-FB~^_5W)$w(-Bu@)-GFjx~6t??T}c3tw8wTW&X_ z1OOb$3#RlHZtH6WYE~)0mVfsMQgjK~bV=@r928xr3hKgg?`jtEc1z=nSRvLmBJ)Vy zJWnh6J4U4JsUibqKGJHV-|tr|n4wv!i>!2AtjXI+g#ThiN94+11xE~Pcq=M^%4N}j z)W0oGlfRDob6KpW+*2I)an0a3tCRBeJPNg-EiRXqIixw~GXuAZ;jWl#a-cRp)g;^v z&olwZ5JK#tHXSlEQ4KJOm)N)pE%J66MKP*kN=q$c*#zafkC-XC0V^Whyegk|`G)Pa zlMk*fu2Z(KY^5=?CM7KjY8o;+b4vlq4908gd{FFVqPx{}gmzO>P6-v2D*BJI?n%tJ zhUx?j&!bSp4eRRi9_uPESFON=kxLZMu*hZXCf-%*uQw%kq4_0mRh2$`lhmQ_MV56+ z&yB2WFeZVI;>|B_3HKQ`lKV~-ftM{6ZfZJwb*w#|1Jayg6cjb+_Z?DGzsO!F2SYS; zg5!-7!?ayMlDx%Zm4>lif797#xp&&rSn-+KmoGAS?G4w6#7C|Jz2~dUO{0c>E$sXv zLZEtwV>C%%>{s0bXwx8X4>51wEm+j@FS>-?yx__!a8Uk6%P_Eu6t(?Uxh&Z&JNk19 z?)Me6vB77#{>Mk_k;>m{{jc9|b+hNc?Z!6$@3TB*@xPp*yhz-yW^-CL<;C=sL)B7t zQcKgo7R$3r1WB2V8vs0y!u-j1dbuslOYN-lhX|1c2&}B4CqJ2@u3Li`_iJieHOGxu!9a>s3g-gkq0$oMXv}83k z2ULq7JeaVS*6L1LEo3O>1-|lvJP=q={3t}C#C+?q?6_DM>(zTEhStE_`Y=0;0r*k zpxXWq;54L3jMU9&z$h8^b;L7>Ll6;PUTKQQAPG4-c5aD$q6^{sYGu19^#WLx?Y_8$ z`{uhZ?tGptxrsEaOcPdb)!EAOyw~VgOJgWJ5z|tDHPmaT=qQO+{k~{|Ez8t#k8B9?T z;9yCTYqRi(|6bfKNI_NH%Foqo*Rw&~s#h(_4}ZVGEp$ZsI)~RDq=yW$if4GDRZdEKx zSmh)OgMi#!#(0hcG(o4Fi>M3v^tsY<$JwI~Cui3;zg(SNpDuBx9iCo)I6JX_zCC-+ z;L_pg<G0;w(eclx7bgQy4ae*rSw{f)`Rx3B_{-V# z@lOMFS4U~QUniT6|m!Xb}%K&&FSBd&p(`;o?M(>|MLFo=i$xS z<;PBO5|DW(n+D`wv6j}+%{Lcpxq@K5Qpe+BQmjZTyN#dxI^rk4^(QC)c>$z!W2qm- zvqJuB^;?bX`Cq5EJ^y=_M<`jx=D6dSk3LWm9{&P^Kt`kJ8Nzq<5*12J9s86<-B(t6 zgID@PxZG4!!2#d`DgPm)Q1nS$&nqm5d=ITx(t3O~%Ny}|6~Uf#Q8R%n>HX}yko>!_ zm~(48FKfLhtRR9}MM?fwVG)j#h)GFNlp!j)!r+xOhrwW1%Gl*Xc8=1Prv1I5qVQAK ze_I=CN<2}*`uXKcrB;s15+NwFC#^uo0Na-@;xoaGu3M~>&sJ`7W&NCbAAb}>|zfj z*ij1NS*Zq{cCB9-`q}JY9U^}DVxrrH(isKdl@c**%K3udS^agS4`uhd<~)~okAJ`v zOi?WFJokM7L5S`^z}bS)#UCo9l(WAB^3FVCljx$I#^$GU)6os$gXOsT&2v*Sm9OEA7Oxf z!FdcJmk}?!YmXrFru*sMEqnh>?A#L7?Y_O;x1V+2rV;W6_g<#M2zd{f?;Krs%jZwZ zV)ap-y*Qv*bA)L0tKkL7gVS3*JWLLN-tqyYmV&t*E_`&|9`Aq|XcO4*JRM5;k7zO=j!0 z-azakYiuNf4?Jizd5>%)8xKn^P^SOMd=_*A+5cARf4yca8~@+yZu5UV&m;7_6EWCB z#5SP;`X~y>VunKYl_`OymusqlW(mB6B4`?aq$&ubh^CsLA;Gtx3mRm%+Td0j{F=2v zvsO2z4^k_b8GspN-t^oNyO(43jM_;?3{lylU0pV>$3B-1`#k#V*QUFE)q3l*>#SLQ zHM{%|KnA<4n)*^I>a(k--;!$jG-~M!s-%VL=vs4Cy|OjX=hi-ZUtwmu?X%8Ps{b1; z?(qhImHL0Xm&^a(*xvv2ERWRx&0zn&4FKt!Uef|#_2dOi0H*cL+5imLZ^8(W4#Cz6 zu(bkw%~k+2Q@3V-tr=iz2H2Vbwq}5>8DMJ$*gjwLQ>Oo;(2oe-g!aEi{8uM;|6jYa z)&HO6QCX|xU~fYE*AwUYbbl&S1_|YVPhO%V5>^%)0aSt^WieRO5Ri7tQm&pP&Popj z{T7sSjqFx6->T-%tC}YxikQ0P0Q!E6C`D^(#b#$S^)@K{@a7{Dv-{#A>b!&ywrc+$ z2H1P-4L~dQ|4yUb%-;XgZf^JgXL+3cUkvspg#ZEYcPR;|o^9+@z-$YWDP1ojc}u&! z6K>@NZQEGwu95gTE5rGidSs5`Mg8`G)-l=733USVZ%MEN za+-gQ;+>VlP&HV+O-3jV5krFdiW$_xoPAQzcPl9V5d=kRNy}wsbDl3>DoR#cPfDXg z7TTbw){++uDd_h@!~EJHDqGXtAMPoW|EDCzzmbr^;F9=92_qse>C@c*-)ZFYfA+Wc ze?H5j@_$;wy^x|21&{&=MnQsv{3WuprISJ=u!m+^C>fecnH$Ckcrk(u`IUrJ$Vm#ks|fTvtV=(l=E7d!VTa^>>{T#(H_PK1Sq1dlotwWRewUwT+ zCekzNFH2xp(m+;XFV|wNWT~9W^|Th(UcY=%g8fg$T(U&O*T@!#_9km#njb6`;>^cM zKt?bqDRYHHX2tr2`MOeQPY3?7!ur!miO(-oXXg1vgz2ZG&r^xdHOmJ|%bZS$dM!dL(2q;o7M5IH?13MxL%G2fV!&tZhP6 zn&I#YMFI98b!uAgt?Erx34SWBl)kqrwN)j=V(eM;#p4W~$Cn>IFdX3D#7JDC*h3+M z6QsLW1M+&yD?~{Wdq^?&Sp7_$0wf*0C^2tj14nZd!wIq)DWKLWEV2$Tg7le z^Obr2s}8Pd<2QZSxOJb-JzZqUrf=4sb0yYeed>yBr?&Z5I)fr#9gI{{d|jbl*z&bd zZv(&~Lz7sEBCZL&q)DfS5U@(slw}RuBG6jxIx?B$zGmIN_RAE7V8}=Wj)DMS$~(Qs)pid78z87sMxqG$)e7LtWPuRV z1;lI-D@MIY<*>~4(o3dq!f;UMZ5#zbHHUgR8LG^yY1EcnB(!qbSaYiGp_sjcA)G9? zK$otcbpm#Z+GR0BV|@GAHpTU~d0J&DC7JkG47z;12YeDT%>t)nh9WKr*=mn-Nz(m# zr{O)adnH=Ax@rN3liWd?;^W`K5t>5vt2{f~o_PI!PrS6oo@E+xiR4&GO1KaQ>T;tb zKvr|=f{|&~9brl+qp6<9e~LEbZZ;L)E$;8!55k`*V^OOAMUYKtHi4RIT3inO{j@I1 z6lW0Bg34NQ)d+gGDD*`lZZ%4|fPmN#f+O@?mrvax2HPLrL zIzhQe^fPTX(_Q}29A}CYtWBjSQTM9{$VUX#&IycY0wi&JJzQtwTCn7P+ z*9Ra>W+N24FnC!PMv?8o<`8nPgMjbtc#J*B&>5u(iuwL0#d;rLdH?*~lmteY+2g8# zJfd)g8F3MgBY&k*sVzdRRj97+`%)orL4GM=|I^;;1to8GH%r%8zG;mGwDu>zz^CCA z2Q8uqnH5qZ;HJY-TYr%jP+s4Z33<;rj=cXi;U$Uny%vcikdZ56WRqS4vpd4UuAm&t zQjP^Qdk&IP&k@&weQ{&mDwK=#vc4(rD5reRJu1^9Ru?AIV-&L$u&sd=Rn{Ed(suL9 zV(s=H+j5XlhT`KCfi;`9P_BtPgyY(uXjM(pLb!RYA{PjiTS0c)Ws4)X;W2kvW*5-1 z4Q@3j`wHxlW%j>K-Tm<08uveRJK6l7-S#&B=kq**sc-1+hp+G6hxPA#c%l0qHh$N` zH*(Lz_Kt_GX8e`s^VsD54%Svd7~4b`+e8>&*Hfnd%@R)haPkWpO$oU@ zwyin$RSZ|?f9-ZVbN_Fv)!D{>KF=d`y?09ndlQP`vdQ$aw*)Wi`SOc{SJhnSF5y)$ zimw-5RcqCa!%OSm`x4^iW4jTJx+tZkKf{#&8KViNOd+2=E?(BtZ$V2|cyBf3t)~2} zn)02TcT{W3$|9~_XHQ>rY1dh}T-s8TT6fL-Ht_SkEfBE^hW?unxW2NdO#V|&I7f^@ zZ#qLEJKG;32-G4d5kXW%fEG1tSt`f$!SZ6;HktkE|7U4u6v<3b|kZla%{c@!EEWUm5FPQ zm%lP1%C{?xZAh|u7J59xiG*I{nR%|(`+os7o&_5haaQdAmn6X6;z{#=HQT*zHvXsI z?)SI*|8qPd{{M{=Hk7}F zKHH#vSL%p}KeR3w`Rs;xTVGQM!rz<`-s7TzyMiV~Eo&!HCuZA)U#MS5!ej#>*8rnq z883;?;plNHO*_EHWr~6b#k6iMIgcrT6c3;R~Yx%Mq zWXAK^vCW`bt(G9C@-r4pY0d_8>NoQl{aRF_YNCKe+4Kt?fPb3ku771FcnK`D1k|a9 zv>qshR&5zbjoltdp)V6W@}!c`C2;w7#ui*qt_B#%dhFL3$;b&*aOpARy>uf&qf!2g zL9C9WHv#c(%fHk;?8jO8ivxWPSe#fHDOCB?tAJM&o450IM#>H5Ob|4iu45!=$uS77lpikC^9*+Tu3+vUbwJuJB@p&P(+AMf6 z1+rt3gX7YYQ-3)&b_7uYM>0F(awz`=YI93>v1V%>f2bu0+O)`FX?b7{rJA!yo~of+iSo77n!}}6Cikzqlj+O`qNw^&yq7s8YeHnqZD%5mZM&guH?-}B zw%yRajtyK2Fo83k1w zihEt$U@X~2CJmWt_;o?aa_!>#73O) zHbonw>i?-uQ8261>AueFTazZ~|5L4k>McT1QAWSzFr#_hz0fCRxPEQ4a2L1DjK5hg zAQ(XpvxTfj8HwRUEi=8KrLjM=G_P!KB+I)DO4L&DGWoy?*Dv%uMCm)?+iAecsTj?@ zx>ehT0kU`1Lf>z9rdqw2ktAd?ghk2a_M2QnArj@12{{n*x*LgDT^Ni~<;=;> z^g7L4!;9Xch2_OA-j_^BdHPtN!CQ0|viI=?AyL(8Z`Xq3Dk_eqsMCmL8wYDCH$}fP z6sCN7d#3`kUHviAFJVL#Ti0_-h9*M!;hzgjW zLocfn7ES7LClC52Z-au!v)cK~PMC_Pm`fRqZ;IDpH1Q^;Ls6mg;cgMl3zdPQ3m9fNJeorsz)^sdPn!KIO;*gv zki|HhxGI-bG@Gw@eH7rQ462e*mQA8{L?uWxp8eBy!^Yt ztiGhxr#K8+BLBZ5A!g)ZSAIIrD*32vfi`T$5MhAfZkdYX0al>ZjJcLipob>miu@!fy6x}M=0V@Yv4BEYE}`vt!1g@g zSbA;NY|~(Es(iij(1$#3YIGZq9sm?t$;c*N-U=m8IRF)z*54j=kHmM(9bX{q3+xqr5RifQu?peG)?eNp5U zLUZA3Wri1*dHd>>O{CxZh-{_(jXtIF|J-}7`(HbacGmx++iq3jAf9a| z2)O9}#Al5HK3)|De7t@fuqav*T>J4j7f%boT#)mk5H0hy^}g zD;U@c{8D(!H$a;EWfXE9ygC|D6tcC$fW0S(15Sf`9}x;{%-SPDf;D1*Q!w`o1O67{ zc*WBGCT!{1KtLc+-x}3_H%4_X`ev7~!uScojK2*N{(5&5>wrTpq|t}pQJf1o+=|zK zxTj41k4JE03cw2azuRqR?|RN&Vo){*#i zSuaQ^L-8-zN0us)DNg#|Z&TsR>FiT_{Z~qkLDE0DL)_m9HaP zKy|I!TWR%MmR7$F`O#Q^mkW?$MT@c<6dgCmHs0XS$KgbA5A*9KnTS#FmmKMBm-}|P zKl5@Y0lGqCUK~dFZA_AA$-1im@aWxo#qu%|&3Y_|qIixybmVy?35$}0Jd_u$*SbRX zkE}kI>VG6*k97Mo&kFso-)Q%;`d_ct+UkGL@re8Xu5B$3@I{FzfD}M5a&89X8sQb6 z80tnq3fL4f0AmEa7(s^o3g?^Zd_qnw5a3Y^<3)X~>jTBKtD0!{0*5bA!W3BPTY8bA^Gf%tLUCdhIx(_oAGVQ8x8mg%GGL0LE>GL7eEhWovAh7`1)pDP80R>IHC z9v8?ZiJ75T2A0gszVqG>(->#3#Kb;TDK7BYbwbEf7LmYrtdKfPV0}zNfAt1S@ShTPH zM0cwetX*f^j9aGEpmcks3Y(d+UyVDa&E)?OUYKjDX1P7>3A`_hw4&$s#k|j9+37NU6VwTodU`P(NKy--4-8kUy^os{#+(Z^eYM zeID_Y*?%bV;zy)>cAi!KzwJ&g|68Nk*xG-d;}QDnPz?4aJOJdhd08I-HFcMI0ivN!D~=`AHiP}RL#U3@_o!Y z3lNm4dMIXij6KMZ8*pjEd=08@PAe8TmOJ|{>|6_Y1}Eq;34)>3`L$Z{iFb=)kA!19 z`41&wQIom$%AuDOUB^9FqF#~HiYvJm;QJkGzLd{{BL3DbcYE^rY$ut|9FVdXe3OrwJTbKr)9Yj(DwlZA-V$r-x0+YS$<&i(lXZ9{FKZ8(lEXW1z@@S-)uMfIr+cY+xq`L z%cJCfd8n}w1wdJJo+8#*K0?c;h!X_} zW#!)qWf#&yUHCoH`B+VISgYg80vV}vs(bR!EE(hxUd^?diIQ~`@-AhsY?k|=ykt$5 zi((#joGelJ2w$u`YI4@?N;J;W>#w~?eVqDSD;`+-Jg$|;aiYPucZV~bKz?j5hrx9L-XP0|`63xRYxFaD0EMBBh(R{f1?327e z0pd+$yREM37t1db0Bm8joB8FImlABYhOpDyy{htcS>4^uFJC>gUmL&5v&-t5E4Y#; zqhJG=s=X;sJOJq(3Icb+^VwvxkxUk=@LS~CUAre*JY;6hV9lVv}TuHptEZHpWxO_wYGza!^Zxbn;ssikoB$<&m)SS&vQJ^`Hvdy4W0v)NA^CeLzpv{S2%`c%dY1j zmaCO8@{a$wCb!5<;W!gCwoaoo*%>ct(#PEAXv&cJsZzjXEn=#{Z^$sFC-+xlAln+8 z{s5jzU%pg0ClE{CT{?;{WR}aa!WK>CY3nA$u@(FOM(zM#<^SDkv~u^qv^v}U|2dxZ z_LnEU1Ke%np7+1Fl{1dXFMt1wi{3iP0^AxebpK1ikmLip3kp5u{V#5FW%s`f9lli} zpA=wTAfmiXz;WS>`9nk=uP1MmuaE8hFMp`}!mW%M54|&7f!Nr+;n@TnnfEVwe|X8U zcmd`s?-57a+rxi9PpSORAVcFMpc@DRT_OMXI-T78kB$B||JSoT(*CCgd$^e(P#;AB zSatx+s%K30rrJZV2HYmkXacU zMiEW(u3CinCQNuKx?A(z)_nIB-pEn3VuugEnZpf+b0zjClo{9dB`EWz%$z4H`7zx% z1pXGkv8*er*K$Psp>UikT+>VaP1pB2eT-M@`mIF7Uw04+=f|e;dHR`=;{fT4;)fR^$pRX&nX(-7I z2|yH+?2W0JhF-6%zxoVNZv@#JVultUy6-J7Tl>J)KJeuBfhZ<(%;zwQbJNlKrbUX} zt-leB;S4bpi>QP2*Fa^!d4KYLV29DF)CsqH;QP5?2JX_F!$2(jDB#}>1yptL{Vn+N zWr_7p9+K5(@D`ng?0tMeNF-0?++?{$F5zFkRASEC@a$4t%94}QC zhXj;iI%V_}-cvGro}j4xJCgvHL`+gpbg3q;#o=`0@3WLE?5>nA)%{fOh@WRjxe|7_ z&t@~^W1URuWdzPL`ERbw&Ee!1G@24}du-<%xSvG0O8#qiGyY$#R=>GD|9O^2Fqx0p z!FCf&Y(OZ?O(&;?mlYG2#fQ+x&p$z^N_9@=cn>dhyDyx z{%4FPn6kL|y20E$cbM9@a1y5Q-kySOrQBzga_{84%Suq{bvALAF1=>3vnp=7W_}y^ z`Q8?Wu5P0h@BNg@e?o8_hA^U2^0e`P?M@@-|I_Vk?SIem2!T!xHdTYY5qZyn_`>p? zgUbqeE?0If`7Kv#rQGG#xWAm0q3=`4RR+T{``kx|Pkaj^REBh0Nop%ey_7#u&UoeS zx`Gd{?PH9FD^ApOP`uvk|UKzp|(w0h&Va?Aa=ddN>S?OuD>PYc?TAn>K%pY`28EPV2 z|Cmw*U9$+>EyK)bQMw+bWl=t*`TPf#R1)IosR+Tz~pI*FR?W++83#k;J!qTU&cthaQ zCdc<+-lOP(cf21u?khvzcP;>auZBLJ(eu1|wS)@gm=P^`zVXZV0Z{lPhMXibCEjw10I6yy?yp86Wx}wB8*2c zyMjFqN^t{QKGm4l8LMKs*2%Q+G73B^!`_S3@)l!q+cmXTc&RMAc3**We;6fwBP}6sN(NBUBF^y-Jn)>o zgX%9d08Juo=-~;+#RwZbTA_}W7sI4a1|Hbn+i5jwLNO5s{08Fe`Q;n%6CZ$fm11M1#we|G8 zx}veT3W}2Klt?jD5Z}f7^9F|t=Cu7@waCTjj*eNl(h}tyGnJ`|*|s17uu}dLO+M}Y z@2!J_{jI|N@7+lG8sMj-wElM!)lYqz2*7Ja^4N=I(!J`F2KSl{OYVwTRBCawO z+g(Y&!wAz-;&}BxM=*aaBz-7$ZM?8{KDq83vDjd`&4$#W6A2N;9yJ1H#JcfxPFan`Y6_&nEBF&?oSk zWIloY2^*bJf+1&>_tfrd8TsVKR|#- z83Ye-f&u(QX>$*ID1$OTvmXSM@_sS_cy!OpIkJAsSmef3Hzv2TAi4APD(+*+y6&`a zuI7en(l%>RD?fXqLJ4TrqAWaXbCO@t)yw=KnlxLiG=KAS&CG&vs^G)xz*or;Dk;K=UG4A0fEDs58hV!@R}B9m`PrZbs(ePpDIu&0AcMQ-vQ zl$qxyVqb)F=OEX2Sh~R`t_0)~xi>I@nQ!3c2v}feUtn)4dR;+G_r_sBcNcLtH%)6| z&na(96qui*QLaIReoG#6Gev}ZHQ0@eNkCG5QI+%|o^@%hg(Weutikt|S78go5O8PN8FK`7- z+I1vQ&86Lfu-lY(Bq)Sh*F?{1W@V0*ITbB@wQ|$Wd)YA?zSdz?W{T-|$u$6ws{kd_ z5c5p0ZvJO#5iOhhSxSa`4i<`42w={XyCfPy9QZK|@4Z?K=mvhArWA7VvkO$orb}hD zN_MK|v+&HtxsIc2NVDy8xxDCrD;2jQ=qZiZLJ6;Tdn#ChpVgwB+YU-i+I-*-nfy|1 zxHiStAJ%g1w%=wbj>T|iei9zX>A*i94Z)u6mMrP2Nr!xr=;C6*F{jE%?vSp35G(mK zW^w2K%qeSc@C<}gxaH;Da&NH~7gHT|g#60al#o1mF(rqxZ%T6!w+)mcQ=y-zy+Cmz z2Y2SUsuC49Hyz*v>1~&N4xq$oUv9N3Xq+8Z&RPZTJ>7lh)7?7&@W9VtcqcyJ#qzrY z-8i~utA?B%>dIu1;ax(1dWDGdORZrh%a0Zgr;K3a4-4mx9My5o3<-=0H@BrF8NfozBsz4%;2|96Bufnk&hi2)0(M^Jcp)08S;8S8?m7 zrfOj6n{w~fU-F1v@BGxkFFrDRm=lH?O?e!(_L2J*we13sg`bojN_EzxytEj$(vbGG z!}+nisyM$AD3?fs<<%eH#M7O~s}5 zOWb}*B?WZ~=u93VyHyO$uSL73%sv;)6D>{veIB3?0X}vfpmE`iceMRc^mL{T;vOM_ zNycZKMjK|ubDXBtt#|#%wWEM{bU-u3#n1V=)`=KH6W}I>T*>T5u39~ zm6SqG{Q1bWU8Rn@yuLW^3&9M15q_2n$MD*pd+ zp3e>ZKln6QivKTfs^I^N+x!FHFsl52<&>SIi*x|i(0UeckV`%SPwD{7`{=GLs5%`C z39D>g;?7NFWyEX?StTtCB{*St`W)v)Y?YjWJBaOcUef`#I%vJaFm+wRs%{$Iw^ME+OP;9Ix|$dLJSUkALF=y&|srTBRc6fxDt4T?WL5C|bTi<-vi^{eqv4nZ#uGf*@E9`bprZVNYl{jHZ z)k>y*nvF85x=ouLZW(p*5_2hZ*QRLjJzVs3u+35(Z*}E!b>;KP0|SZqSeRrQD-%V; zNfRUD#bd(a?!XKtK~-f}aa}h{*jW-k*XL}D1CuyeUO2t8795BBxBZmq7KMLi|@ z-x$U)Lox!4@ELfEf*G>^)t~?D?jP9s|8}-ESNh*F9wxR4xs;D`EJk@D5y06r>Nw#) zZ)iv-O4UIkORF>q7g<`lE^wr~;`9k)Do3LIL_sA*tHr<|7DxFW0!z9{w~8vciYoaW z!Xry99hT*s4y8Y|+dDXe6nf+fui*T*CCGJjPb%p})#0}8hWGcFeO@%f{;rJ_uDO`` zNeI?UGS-hciZi(?V#PB*7)jBIz=2zpc*OQ%nt{ z%!NN^@Z$(3ffxnH2N!5Q;h6ut^AIQhWJZMd!{4)rNJW8HF#KZgN5KOm1$aiu4lm>i z=3eNiSuxFEFH)gG`7hDE%E<7IfCoN{7A*Zp*{|~aK|iGKQX~IM1#~VSu)6qZ0AkpBiSPGN?- zcQ6^h9;NVP0E375u7K9ae_MMy+qV60cYAgIzm$gyc65xvX)*>ql!4cyG-mmkW|sZ< z9MYnf=yPcrsSkKOM2QF1_#Yxz!P*0yu+=?-K*);n-+;ME69n!d)u}`JCuixruEM`2 zO=C@e7wRtGR-~XM#Ge`nc72C_vaZ0gD=PFo{a1$;j#5a6p6`Ufqd1TBa3To;+H`hB8A^t9FZ)fzE(af8;#&|U{9lqqd6GRb8Vk)TBDvvkk4(6g$K~7$4UJBxTf4e|A|L;R`i869Ux8^71 z|2z9Th4Y`?{nh!;QXaSbrPoBPIB%@ zR~>zsqHxv?g9_DR;&m_#Mp;BAB1URQpNCUh44!m|MCKW>fr$YV)Si>+IM}aeYf&66NdVnzu2rOLl5Vu0kdO%i-u!tBH zb~+vNo+jN=L@^aZMTJ>IDMBKC)`#R;mb3yHbzgzwBxEx;!a#LH zgQpR!0AE|R(6tYpnmQd4l=nZvY6rX@5!oFPywKSjQ%&UM7KCt# zx@3*BfNKUpGiM>4!hF`Ti71KBIg*VDg_>7zO(4}NTI>dKnU^jOy&fM~x-2zAgI<9C z*>aF7>H!rnnDEpQMnh%|2PQ`%ldt|x&*>W_#L=uZ02($Z}1jtdR^35UyI&&g% zJ~~s7GrAdf(kbQU4wq8Nfl2p$sj$fux^0(%)60&^HPKn%%WFx!hF0^p}K zj)I8969(}bDPcMA6OgH!du-{2Q3eANPd2D3GW1C>;Fm<;z#m6wl+mf}s}(@u(K&%e z#KJ+zi|andqann=8(}C#Mz3Xx=EmMBhuKq|^vpQ>Qerg}fCSkXCdng0LQB0yVmX#xj0o5KhKt$=Uj7KPe0C62w zP4nEV+9ZV#QB%aCo-!#lbm>V7P`jX-q$qSuQ}cU;OkTQf87g)K#@&fEDX}@n=*Y9# zg%YPu)p#06vXtrxvk6PeLIK9S%_sp>USf+N%^>XyWHF7jBpy1BO2GP#4{Dz1X(az$ zOTG6=;{WXIZEf4}fA+WcR`TC6o+|lIzFw>hD4_l*a-h|nrOJX>Z+l*O&;-^*CX{t4J2j|4_(NtM8ql)(H!~x6%Q1hz3{e&|ibJ*u-!liDG0X@I6^|f@9hCTeKT3d)Iahj& z;uv6(MJb4(AJVOY0>gQe=cD00%y15n0y+iKB@^6Fct0p4)s`PW`V%bA!5N42pvR<1 zKOivc(2e?$?iXU;rjKX=kO9K%0-+hp+fQU)m@n)vKIRUO7d=7n7FcI_>b)o-9{d0P zt_M6pM6cD7)n%&gOMZdc+w{P?7&FSjxcg%(FE6@*Ss#ie!50vtN0_k+hTJGi<_A=T zb4#t|`^A4m7yI}+Rle(K*xaYQ1B=ga_7$N%@Y?ff4HJDa;J{=bYz7mAo? zPnu>Z%~*)H{0avXk+sy-)lM(Q)Jah&GD~%Gc=|@d)Gjmq6v`mN6k2z@~=6z0396C$j(UZtmIlKR5RdR_FgqdAM0OA8#ss8|IAJ?7rFzas@hX zm;UJ&O7Jj-KIUpoG>~=j~xm9UMZ-TsyG93*{4^8p^AlfX9jD>>B8tA|tKL`4F z4*YY?{P4-~md1<^htptN9&b(KIoB}AAdxAQi)L=iYiH257xEi_HE}K|?LTeHjJTOKZ2hvZ=SS&ir{E zxBO4VsO}v*9TSEi62&tcg6ix)y9N1wYjbaVCI2tuDc5J&y>DHsHN@TljE7Qprh@H> zuKxa#f9%LY#kwbmCx-F<&rauWon6n80Xrv5n732SDB)!ov6iDGgr8i6SweC)lW_-S z{q8VI?r6(*V^b^7&rm5uows*if#WodC%^|8jQvkA1fs4uIJWK`86C@$R{ftNmbF%g zUe0eV85qOim;xN8eg@43^dV^3eUXRCJZVoS`o!oXZk|<24{F1t;8lOA2*3q`9vUUw zVYUO_r~S+iA-Ks#@cj51T%R1jJp~unUQ1*5|L1wo z=FR@yApYy7eg3<@v%3GgoQIotq=wNOB?0H2J(PhyOkn1dDCzTHOF&vov@65JimJu< zOpUGD&a}tV>S^3haC7DXBF-IIw46~Afc+g2IOlrQV>(^ilZIZm)tBSg8^!UwcuE*% zpsYmXC~THhFwq>La$c`gJPxgM1*skaJBANT-rA9~g!|Z4RM1kX)7{9d&kL1qM*Q=l z2I6Cw%ryufLo-rY-m?zvSw+|;$2hc1O7Ng-UqA-anEvJcy9c~GZwX2y#AJLh>mAXq)k-5wMIVkZxq^N8=^gVe^#13A-~MB> z{kPlo_4YsH-|c_2Udg{(|5)=l<}I)uL;7DLe~b28Rkl1fMRoT}Mw||KH^S1;LJ^}l zGy8*|06$I#eli-uEDHFv4SWoB*Nij5oKmE{<1g*Mbl6pJ+B;?rBw&az0WZgSE!+|P zP-weIR-6ha8KkN>8(+>WDZWye@iC7ra6idS*gTxtlyiptU9vRzqSx4}_*+Wnb58l^ z-o;kWtWTxuD^mHl@qPd)z+@3ko5EQ%qW2~%tZa-}C}pI>CAe>Cu* zQvqu4FMW({rk?s3KcdVGCqLpQu$(^~GX7-d!^sp#otwT!Bgz=PmmcMw5C?wBubD;( zfmw=T?i1-Jp}6h{l`kYl!BE%`lC1#8QMwKZE#VeAw;2#Q&Ev(wF#f zZ+B5u-6R}eY5|nmM zFJ!OF@~GxqqvJ%CJE&LO4@>K?<;n-4gNd>Ex+{oPE2^+x^_A#K<%?0&lS{Y0s!?sw zs0v@oq6+S)B}O zun1kIlzXy3!2ZN{t&aTr>(>_|hQ=X_XZ%8@n!<#q$AC5Z|K`r_P9gs9&MN-fQl9!XIusLtPlx=f>KcC`4Xz#S zXUV$EuY$jjQG)1dWHGAVYWd?>vk~g%5XFMDS_o4VC4^OKGd_0+1hPN&nqA~mvHqn| znTgL&yZ$$e>wk6scPUSU^B%oauohmWTeu6w@YO- z$^rC}BAuVz^pCz_FZd~6|Mx6Qc=ryc{$m2OIT%3Q`R~?#;r{>T&dUF1DNh3#U5r1U z4+{)&YF?G*;B70vXtXo*laU|u#Pztz(J`+mA`0>!y5+b*U6o>2)D{VQ8`n28&I%yD zb(`r${gqKR2%>srD1~N$bE_NVX`;0z=V+%?;eYNqzk2egp8r32{Flu_{+I2|y{*;# z&!s%|{NKTP7T^Vx^XH=Hzjtze`37)iUlK%wvT~j|)VV|4@&E@ef1wp4GM=jSpAG%w zf(_X7r%x6kq#qtOE?jW)zz?g}%aFRRyM@6d|Oi{x_es{*CUuvtP-=J(-o5TH>~eOI6D zlPq1qKha2?MdK6(QEvi1yu^HQS|D!$%GgH>rCSfIb83G9fj@+C;A7aL{akyfjZ&oH z?+o8Q2l6?*C&pZ5G+r3)2E@f<@0i63MHzL9U5jO*Jv)z45~4>IWV8Dcb2lj0lq-&- zi$3e?{B24b&Xc8jU9V-`80>n5P-&X|{{7WkZphQu>esI?tiJIwc89-yeZeT5d#bYI zfB+>4WH;HlRgj-6`}3O|%&%}VC5T^7|Cv|6_VEpRfXS3Fu8*(pZZ3X3JugbXQ^|jQg!=LH z0$`o|x4FG(%YO&^TPyi*8PELkADllp}idt;j8$HkRNb zmTAVMwk9IIvnap3s!^6lBlF_Ujju1;T{p5L4uzr9|W#Qwz3RPrC* zndu0iPX602od0fZ?yk;%m-5Un|KXjL?1y(&mcNzA^-YLec;{KfExhv-;#QHEWy5L^ zGJ}0R!obXgy93ZW7ymCRj<*e$_j}OHr5};w4L5w4m9D@EIQ7YcUB*-QyVXu!*uebO1*$3&j zJVR9g{)O&wDgN}Mwv}!J?S7OHO3VBx)pt2e-B;jeNP+=SUzljE$1jjVH_riI1e&+1 zZ%tANR~y`H+69v*a`;m_BLXkvuUIcUx@CJxrfg|}&vyTu-a$?HKSG#fetIP(`vsr> zZ0&4sTl{}}YsLSU^N9G&B7Bt04YL7QW|y4f*L)+LdT~{g{M#L-EL1d%(I^Yxp~!p3n5!J{6HcEpjmz0m8jA6*?r6eUe}K2Tm2fz28KFHXZNkR7RD&XpE2qwRpJx1@7#qOpCjzs?kHze% z-4AN{za9T^dvE7pb^gDU$K?OL3=IJ^hZiqxSLj$R>$}8)(rix6K5b&~%f_64S29$m zMv+^A$^`YCYnqaJy{uj*t*db=i0j{hz^()bU1Z;1?F4f_)A0Xm;wPaWqhv}Kup0iq zd$4Z+`alK0+kdwAw+~kQe;Lm#{2Hryu<*;EYf%!B@ZJ$?ZY@QaoFx&t{!eyH7Dw3m zS#DM}#g21FijtC)|C|h9@PJ1{T;i2wgzYNo9l+z=DUae+QKu%TmnELdQ4;hsnk(t^ zQ3ZfbNuAv4q>;-pK#gEG1*i{cBfxqEX9I3}+CFyW4H$8hkxMFYg#~%|+G8O}8 z`sSiO%((-kFQ~W2orK0{ULyx@2cTPz0#$_%DBHB zs)Z@yI4}q1NekG8p~}Cp?BW6UIEbZ+If6vA%(c zh4H|HM41pAohO^z&T1bHqKOIl=96yxqF2)D0y-ZhROb$$9S=I{ zftY}GymduvwqUFsbHE5Y z%uptqlaqY)xR9b{$)PD=dF!pRZaCF%>eJo&>q09r` zqn{-#>Y^7VJ>&r|g!d!*lVpAX3(%@YMDFMk6{Be#&{P9tL!D)?Bnnm7+C8-$Y_-vA zHX>;j4gGBLJ`JhFO){Ur{-k7h#OKIlJ);z6;|Rl$$}x%dbCywYqEl#o?qPB^Gs~Fi zI5qCi(+=W0cA8f*g#4p1evc6e26UTX8wN`$J^#@0cFaZ>J8B&0OnZz(r(rJ^K3oO6 z_)Inqo0#?(Nx7`kl0zLOgmF-^zv}_77bBnk)iTFrrjc=Cs3gaPrIG5xtW0$5w2E^> zr?S>Xl!0|B^>vhl*8=N(MYzLig3Cpmxwa`P=XLzV&!TmV?5G7%yK*M(*7OQij|jYQ&G!yXDH=8 zC6mF`=?@mrg|Qn8Zf%^Nrp|Uwwq56E=VZ%M&IApfH7RDB;!dGc-a0Ex3c3p2_uyDC z?JD1T*DlHZ@(iVbZwqvKX0QjdHq*H7i;_~+47FM|+G?~p7NbIbFk#N5BS-|wQ7zj6 zb;4z^4?l@J1&2q#`=1Y6?Z4fA*lhpp_SJ{*ad^ANrUXCJJ3(m#L+)`kN-@cxKg?Zu zij=&fz~A{K7?=$;xZp4^VJ&cs!tB5bFhm56bNbGM-xLd_)TX_9nm^_Cf1Yh)3Gv@| zb`Na-|IN*VRsPqdJoWZ}IsSV77s>DzjF zed^`EC(r+|bztZJ+TPsTUB!Q2%2O}@IXL6g?jO!mM!M)J7jKyYSgGwmAX0vwSfbeq z)>e6#INyPyhFM9v?@Ft<+}Nf#D)_&+!-Z$g`yrni{=dDuyJhqL z?N$Dd}pVV>#dY6Vv}6L%Yd?CW9t zdiqaCeafKg>#C^g4hS+(dnuTLC3C7lDA|l%>Cj&oCj{&4FvLZymhsIV4#y^2Yc_W0 zp18QOOW18m*2yUnGQ9KS7IyboU4V@+(*g(r9~iJ(S2#W^gj~slbDXC*sP!wHv|R7y zfID}M=}7e}oVdtjHM9^amCGsYIH|BGN+$UfT}DYfQJZ2}_cy?@yZ)oAd8JRI{hyD< zZ?h_bb^71tuI>N7y}P-J|Fe{5imk_<1yksO(uy=qbh3t)W{F+Fa;FYF%gkkY0d`oQ z2XysVn2XFan3$Irmu-4>C*k*%_@qMsqd8@NPemtwl>Sr*#Obv;XaF+UGwzyZf6f{=bZ83Z}^! zzw`&1Uiz=`7AhwFuz0SP45YwYFC_!yQxu3f3fkZt$>W|!AA^20hDn8u$WT!{_pV@h z7}X}LXsW>!^{eI{2s-ACB0meag*SAw7(l=~CwG`A5eAq}4%KvI;pL}|30+L?QR1=R zkYcj-qG?tWgs+rns@~LOD-X`+GGsQ3)ThYw5*w0EF*;vqC_b6ghW)E!#4hTr&wz-O z9*am=ZRNfnrS5-%iAWC+4!Y<7q9^KkiB+N=mrID4mKt)MA6$HDwEq{^*;Kk$)L<1J7lm|ShQ|fNsS3cX zRzkcpw}miAZhE7jqBnC0n8^l+cbYpy}O0T1tZ zz~cuY)o$jw9Bjg@63tom(3}^()X&^&oquK58D)x|z-O8w=)fOFVd~0uI8Yr~D zG?y(^Q}X1d;jK%n$?sNhor3?*ECtr^|DDZ!`}}u%XL}|8E#+yz|0@>bv=;##(U=@T zm@K{XTCt;|2C9W&N?6>bNOOU-w~1Q-6Ox}bR%pcf*^uOC3f!D{N-zt+)peOr;VU!5++D61d~P$|AZ5o$yGy7{)!XBGzf?-MXA^E;Q_h8(g-lBJT%R8;uA&!!E<1tJKn55u+eY`!)TUR*g294#=N9gfTp4MRH3w8NH3J0c!X1!gmX|+K$w@70?ZO9 zDG^@uebUwQeLZgZkEL=P`tt~V+EaV}vs;M&wY|4G|6j@@ViAh*2Km{(Oy^2J`*94& zAi_XSlfxIEKUXPn65iDDbn@SaF96_r^&z+!K=HR!ee)Jx0H7(&ysWN8yDG3lDOQqc zw#6c>?=?q7&OR;Af729uD*vSBP<;P#?HwsNZ@&0X0Wv3@hZl{~m&EqU-0$^2vbx5<&Y+ijCfS5Xg0 zPLEl91CM9^Q)%QnrCH=mUu^{?jsoZ@f7raB=!c)Nz?Ehr>}`2Fw$kBxvr-~Ze?*xTD$@&9E!2LBg>y}&I%K>Q(g0o9iUZv+ljZKOaEgJSSi$9FfI ztzhLYAUf9-jJ*bx@_l5*xxa&_j{n1CJg@j)$N%>a_ALL8t^I@DmHfYy$Kd~`$#^kr zA131;g5|S*JdxbLA(K993>GHi1{Wa*FizQiq@nqGltPw3eTKNvz{6;i(JjGa9ri@t z+ZJc^Dp~y6gNwzx4NGHJ^0g5(uGN-7h!SQ}Q&6~f%0&`S*p8DMy%VF{{fyQkJKz;A=KNoH8g`q~(L0S|D3TRZ`onRrco z1z$if$}nkhR2;d$3RXrwsSPV5Ovbld`Sn2tdvtLR{Bh%BTh_Av#=sAwj2y@5z;Csh zWcgwKV)-=Izd2R<8j=?Y67_&Qt{ihv=PSv0&J^?K1K;K}v!1;pr4yIg632*q~G&0^-AaNdAD3G|Ax z9{a&YxTGC9S&icvvq*!v8YP06QK2N0&LJUqiFw9(PK%I7iI*Yz`3!EG_1oql;Wz6H5%O$OVx2z935;Y!;W!f5rqxmV?%9=wxb2}myLXsDd zccZ;XthIpUhMswk$YA=8h{2;;EFCyD{wA{8A+H=uTFj{^(s6U?axex;P$$LG0kd> z_ru^QPDMzx=T@O|M>l*OBHe=E6^p1ILie`P?iRiojpfpm(hWvaoQg(>Me! zGpig@ozUXO<-CU=06#^TcnaCtUKLfR3M;c)qk9fhvw4mBB`)c4Zi{YgR??Z#V)d!A zq0kfwb}q^$wY1XZ`jv*4+vVmN++G^U|8FBqp49*2U}v)+|L?EP|CaI;PV*x+5MjWMarid~uBzAFywbtxW)2a^iCBZ@n)6%uok&+ zx;2ePqa^w`g2G9q%00n>h-+8^F(C4)KpcBiy&t9{LN~_|iQ+KOIB?_JB8z zLWo?(!@%d!bu`jAB#r!LKP}HNn8hIICe{r1?>PeWpJ~zzV;GzW{&9H3!ixU~MoFb6 zsFpp3!6=K!L;&anejJP_7n~(OzY!mJjZuYS6z6gt`*8DLwlJs&c=KOcluLVM-u#yi z<^8+k>t9O&@vr5u3jJ0T;Wf2}F5jQME^UW>oTV97v8}T~Wx;khij_6pYJqk5kq$Mf zCQQmB31+V5NBHygn+%OoDm$k>ruz_`d29*B}g`ct(I*LZcb&vQ(s@5 z{dRgqS?lpnXK&AL&Q7m6*(Lw1*l2`Ph~{U>!n8&SxIQ_4dunNY`60ixnENrh_haDM zRJJs#X?peB+4b2^Z%^-DpZ<1sB75XffyryK1BhvM)&tonNus0=e9Q$(I*Hgy79nWY zHv!6I-uu=DdzV4B{s2tIwn)Z!5y~{?l5aAdY?K`1_ZVi3v6L5K%bJ#Hf%QHVh1?9O z5zS~-vD7$}=|Q}|KE1k|AIjViC`Xha-pmH#&DF*G%e(o(I3biwGK9#_*K|r{&=1){ zy0`)%f|yBDV(x8#7!rW@b4>(ODd-_VkAMt(0(w}2U~;56^H63^B+<|nZ90k}o?rrp z#kqEl5?W*i0$lIkU7a4kzPmVo`_H?piwnWcy)CaoSheh09BBJFZAZEGqZyBiF7E7Y znX#s1cPO#eFk?|`vF4hEKXvw>Xz2IhHH=|E&_OqWyvx_zUjUugo>MLd%jxSLh1(Py!qZ(>2FY5vCtapycWd<=!NM-Ux zS|NhEmCLN^9mkLU1XKM0j=n{=>LNit(mERyS{p@Y zga0G;XcpMVG~*Q5EiEp(GTS9jh0`tgK*2QNtvW{)Ewg_c+~btHTi(l#kzjZ_rwSc+ zmTlO!dX-~fQcy>Q5A*!Q+y7^0YbF0J9+^5W=76$4|4+~9v|6V@CR&Q)x**3{y1&)Wh?YbLLWxD+EOzl}~iXL;F7cTV%g_Q|>{R7v~&?SXK*G*yc*%!@wN-Mw`FG6+swwn#P$Ym8d0_)7(-F%y0geo>$b`^^R>1Bop z3Q(-uD@c%*nJbLysi-S2m985UkRQw4%X)qs-}}MCYyMsBof4;(JFJ%?rJf&@w`KOo zNlR7sNOaUqF6-b~a#MazY*1cgyEX=cm69z92su4QX$mt?XqKCSG!hOFCOJ6yi-GGD zt22&Zl}tu)JpCf8+JvkM=81Xt6}TB?%#(-Wa1O~M${qkpHb6u`z}$DRLJ#;Of`&ec zs75?tPCG=@jtEO`2vDz=J80xiW5W)(hJ?s=7%=!LjiVqUF>_j_9S4t592>P*Z*JJG z;%5+GLJI^whM2o{C}5G^Vz|Ma+~6mFn8t8}&b$d4aaUp=+?-r8)Zf3p(UQdYZ&#f~3P*1J? z&o|}Y=1Buo=l`*@vtP*nySuvovy?~X|B;SpKlwNc7MBJ{s?YW;n#FsbZ2?m$?Zs9b zYv?svzH<6YA`=rOFF9!)tEa6&M zF05L<eXp^K8Y+?vo~->vn^JV&u>fbT3=!Y?9aU zL=CS6*4GNdT?oF>eFc8@qnHBB^}RTQemDWXYCQ+a)MpKkE4i+Dg?yP$An>AAjk$Eiitfdv_aB` zoyQW&QFVA)7^FJZ8<$PwWTPT@9og)-~Lm-|D$_2=K(_u()6xNSn{1;tWwA%-ROLczTG!jQ+m_Up@;L$BA5`WWKN=B*a2EqW` zSiT^JRYjUw`dJ!y;^e*Ma`H3maBLP-b8VLs1g}_?gwPC-trMVa3L4BY!pd_c5p$)x zYT^&N0Bd?0WK34BTZT?DOq|zk=M1PpnP4pj?W4ePx#GEW_!O`^g9fKZPd{ zJF8J$Dw=tx?EwkWYZN>@XCL?$F;6Ergy+J4$zEl1;P2oCO$Dl(Xb92B=~PjPrdp_; z!RbqIt=R@Gb;}kYfkbkFf@DR%zf*ZK@6n>fN?WRAW%6IT4rhZL{h%$Mzk}`Y?x(e|EK3a*KlH ze#wRAh}-dA!`Po(!vG~Am7VEUJIdhAAcJ^-;*iSWqac77>#s!fd9@T~5ensRNAMLX z|1u;DHy(bNqf)u#J<}5`xTFV_Uza<>y;H8G7C;Fn3@hr@%F~7@ z<(Pf^NLO{kQG!;qC#Y4+{!FXbJ+P|SpJ^3yf?E~LkF>Zk{jJi*H}I`og8mafb@snJ z*2z=d|JvH#+1oDM|Jqx{e_hIBh;LUa=FUPSH#K*D2&ql$&7uu~d8{K_9{K`@Ho#qq1^GqbIT8e6RQCjlVX;e2ml51 za~;XpAdZBSG*5A%h-e~Fl9H|9`yjnRxRX53pi*|fqovuMonG@=51nquxZ#xw_Zx?g z{D$}|_hLX{*Wq!Zn>U$Xh5I5%wby)Q7fMf4u=}ouu{_O4VfvSnRn|n~XH(AN4c64A zAn8ojTXe30Jl%=8)>UIDD@ilWqVy4T&3xwB8_(&IJ{`xn1s|AOSotjHv*k5P{z8BV zhl_&&3`a2pn{+F4q_>WGpihLMW84Cp@-&9szvih0=T9T3O-75WRt$q9h-Cw}ZoWSY zH$8~8(4Pc>p-+MV@ImSm0<#7ABhDg@PO*inTB4-t4_~)4ZqZ}6AETi>IOKIosmu3= zfSt4*cDotu!%thAthsL1eZBh&8l82wa<8uLEAa00U1^2$^UL41U+WbZ5`DJx6wboK=$h2TmM)yJtSb3q3j**m!qbkw|*J>Q3B2q0{d)f!+r;BwKl-|&oT0e zc(K{pqp#jYaYUtm{&H_~bJ%hx2+NUQ=b4RR$ffzy?q&C;`=Sm04TWr#in^Ck z_a^GTiMsEi?yr$58_~ih%25LDCv*vkGMn4Gw9x6N6eU!U7O!`9;eN~X15wk+b|>Ma z5q)SmB(uOLu#Yl5<+;?hJS~0y?>sKAA7cdkFa#dgU_8KGGJD_=f=53gT(ISSiR?~* zEf(djA)3Z2k(j}*t+DNVt?|fBMX1j0QxJkEhXaF@ZQH9=b)cdbYj(7adAnovsMtV* zy`ajM#~yh#zAd*E;zXY{HXRD?IJ%auYFcNgO-I2(C>Jlu$*Cev^4)v;fLt zFXy|Ll<-X#aSNO}&bgwz^c|}xaiYvsAfgE=M*A&ycDN>|8}>Z0Gj`IQt%u?mJ#0&yJMZPa~~cOg(t9-{8wOa;p`Bws&0=J-%N2*{oIz;Z}X|M|JwojXE_C^vHu_J z@7nR-wssD7SN8v9Jci{gXAjq6*nv!(u@JG_noK{$u|T0u3q2e#uNbKW5*`n=?*YVf z@EEfAHt05<)7HuJPZOfOfNIki(=+WNq5acC9@cJP1O%H zcwm&u;@(>n`0)T?;_<4n{4E==X*A{k0^5}#@KgUjiX#$1c6ySVmx6pwe@;Gv@6amJ{xz|X#?QHts{7UHHKk^QVxOs)fmUT+B8VACW=@VttBUNVJ@9( zSMr4Ko`37TTl6t6749$d1@E{LDoyz?!x1JhQ9+@!H|575S|L;Eg1N(fZJu>rv^>dr zy~nAIstbrnt!#BvbEmbZvdgw2(ynVjyjDSPWG4oa0Ng%ltG&{f*hXBi$`FpD02VE{ zYhx6TME3gWc3EEW9U3L16JZ%6MlC0cDlR$|aCH&BA}xlCa&9G8bW&-zXFcEp@sedJ z;qe(*jEEuh6A|db44yOaG4K=MV;uFVBFstZQiSbAGUEwM(_@E**~kpY&5i(SVV2*M znqTOv^dYJ4rNrQ346`f>g@dkkBd~Wz2zyxR?s0fyg;07pF85mn-7I4ccpakJEKuwUh*lh#yVb3wr`y<6+O1P;<=U2MX(y{BIejOxh{Z_P|%hY_^CJv+ptR&(xy9f zp))3!!qwnXjMjt(te=%#jS>X6;d1b*H&Qfq`l=z31Zd3?fD$p|6{aO_Vom3^Zb_JVX6rzvnAZdj(+fkN z6>5p{pYqBh>#EQ^C9X?m_yUxXE5=D1+9`RWy`lswB4sjIjSZD%KU>zCWZqW_!A^`G z!Fnuj7a8wc{FvR+kaD5=(N75TWVw%$5coWV-~T>hwb)7c`RUEwPiN<^@2*d;emgs{ z(ygxfVR#~vbywNLs$@-1Z{qB?lT%NEwYLM=n(65!UV1jBWs|&Oi#4aV=ZB%frCii! zAm1TOjFg#F&CEtgo>nu$;2sA42t%rjQk|0^5Dd^`!T@k?eGhvmg8)B9Bp5_VpO*0x zLgw!u$qHZi5-*XcSyeC0P(kyK2pqbkVYBUe(HO_fw8!8r zd`)R`GVPDsTSBc2hC(w>Bi4JjUy&XBxiga!5p4i7DX?h=d3)7e>=euxO#;!gZiNu0 zryoat%r~|7N%T<;+N@(YbstAb^pWcAt{!TFam6^g1ujjOTS!X3sh&Fj4+67cl*}6W zl|OayU$?gQ?E9a)2dnsROL@%vzxiM<=IBrZ_(L2P8vR-H@t{uqTj zo|nIn$yH6K+=3}yhpO`=RtlnzMUmqU1VHb*; z*X}18)cAky9qeq{`~Uv_%KvjIkFo!2gT25k za2nJfLI^PWvuGh;jAFjnTz8?@0u;h)n2lj})=y9d!@_MHl=Pzh&`&+!VHjkPc)%M6 z#CdaP|fMnABZn z+cSwpPhZckI+yq)@gZGL3YVaHEW~T#6WANY*N|9_J@UG#x@|gSt6j~TE{0hENp~Eu zn^<(hVK(6$;rUHeoj0w$9Dt`^%P#3x$pm+}CaHz;9lBptxLWZpwTo_1IbSf1cKLgE z^#wRf32vbiTx&K5(|tvyU^*Y{drp>Usvvo6@@cAs`qWWhN|XyHI6S&{0u%420ma+T zQ0n)k`szY3FW^#CbhERgXH_PvOP$F&9n2J*Tdzj%l1r84WPrWs6Y#p83!`c)S_w)T zBJB1$@nwoCAM{Z6=w~6ov5yDfL$?;ywKS)wy|6$WIKV@y>Gzt1i zv3JTXq|k7&16JBRRV7im^VEE_O5_WV6_agPrQ~a1^q8Af3Jisn5kKs#d2Y^Y0V+%~ ztq1wrYS5o6;wnrl&>H)pepGMmfGo7E_0C;9mm@pHx6_HoC4R9o`J*ENlfGxM&0TBI z#q~?%#kO_G+r(8|-USxE&X_77c|JTkd3>x;k9vH}Q~F+{26To6s@+8$sO9rs&m>wX zrtr#3d4{J_mH*^i$XLx76T4=gceEhaW*K}ZM7iqSAQex@VKNWITCff&qLd~Y6DXo? zhSVxv9T6F8wa`k(am;hpinwnWPz^psA?|8U6m)X&>ULd~6m#f5K!9O_Axlz86$3{C zD94Jh05WBzTAwi{m*{FCeo^-oxP}A-BTUc`uoZ(6=BJUuY#3q8ywgj9E9t72TVb&P zc`X;xw9uv2TEVbfU&oo5x}xKa7oFUeyX+rlPbZ zxUC2eP6ZiV$+jKTu33gCt8|87W}{jVvk8M%)HfAB`~%&VZ_5P2T3jjxTt0C{zWrkQ z_0Lws@iL!A7t6M&`UO0|Nx>;=O^#YF195+qT6pD=?W(;#_z0TK)}3NC8?lZa^qmh{ z!4smCfVuORfmnkBt=wtLpyW(F(sbuy-^$Ui#nO>K)0ON0bABPFIy&LH-CHrcT8-^& zCV9HA0J~wubq^sWGw(@$UFse(u0}U^mQ*^0LDY+as*IRxJxGE946jQjxYYqC&Q2TH zRMtc`Gn|+>qdK~AE{@RW&uZ#(BA^OKB7mF#QB@CdKqs10s9l0yamqqnh(ymc^nSM?Dx!f*7_%s-*56 z`~-uh=fO4pUt2r7Th{sS&ffki{{K=Q+m)F+DTcna3rrU>kV<(U1ejZv(}s5JmU;YZgJJTXuU}u#QY=J2 zubM|mX);ShrNzXG-(C46P4mpk|NB|GIR3x4WAp$0&CM16U&dqbe>$j7!vCw%TmC?s zfSyA0={JG0U4UIMoO27HFgX9GeX8OAx`CQCZs$Rk2<1DMeNAPpfHZ%@)9UiS*NPMr zyAQ>YZaK6VKh9$nRy#rcGb{fWDR&!f0X6)8XY;_$|Fyfl^8Z}UWAJ}5s86y5l;>#v zfi?iu$!Ass7P|$|UM*@1kY#)_pk=(SK`R^#Aong1`N5xT*JxK3|*jig&pe4ntCeE#(M*0i!hK5o5~`A|(9<`XS7)z$<@Ii1e9oA88ed$8yL~j(##4 zeDQ>$cH!}4F=`YACb#zeZABaabYH041&TflmZGtq+lI#hQZ%=7#WeITdhVTT^(^9< zRsK^NT>}ZQR{uY+?Z3PGn=AQmDUW&oR}SjR2r#=0sCDzlvILM|VN&2z83GjTSJr@r zkCXq0Fr~{O2_lHQcR?Hl4+Av9@GSWkcbJ&&B4`c&-`(H0_5bbN-4*{|$|J&S-RPVh z^kD)s7F*t@!f(j@EHQpW89%Rw2_9t-gNOj(%7lR*WC&w0N?8uSE({|c^-OW&8fL1` zxlTUiI`S5yl0Ty!kT(&vVy07{?JGX^vxt5-y~CN$MIzkUB~yHf+d0@EgCX`n=L*Kq z$FO7jxrg^@2FDQ^@#~rhJ&aP|jkkCJbB4E37pHyz^@g3WP#jJJ&MV++K)v)a!;TK* zahwkP^U)COZ94orGYI?)0@Wo>db|M`zAB7z5`qv0*(4=Kf;QGI;||#8V|eOm*Z}lZ>M&pQ5HMv9KIa? z-**;y#8ke{&ySS4SvF;H9x2F-Lwe8bW(^ z-vy`v!-Ja63o3teDJL<5$;M_L^eE}sl?6Ej^8%Coof{yV-0OV$&q_5kOk>Ehn6MQw zBN#eiDF`-^4H!ak${^iRnP(;Ar(pdA4TmrxJQrpf`xCa$q8L&!J3v`Rbrhavk3>no z#b>D4;SQMt+Y88U+Vc3N=gb1cE`+?G42d~n6geB0g~hbsb~HH$<)>eifzBART#D8T zL`h$~r-Q)Wjk1`(qV!~M*m7pC7=0>T)~1&YA|a2OHe^oa!=n=Av`*0IfG_NB*+2bZ ztictL-YIBfpD9ccIm)_3@v-H&F={Kuba`G0$7Z_k$h zH#fIe{(nn(DvcW>);e(HmPkmiZM<0Q2%sVF0`+iHI_WU}xTUZJn1@({GrTxrMtybxcUWW5j54 z%9r+f+Ke}nK0~Suh4%{@Hvw%ma(v_jIi76nP|`<>8#@kdHFjd`I60nb>`JW_vksrG zL;m0+*mw*zx%Y{N5u-R;&;U|UKm5=&95_mgg$~(T2Jt8+whPKR&)UlqIlYL6ejmzveTRTm zI*B8gkTd$_g%y3AD(_kvNxv3OIG*_gF2DyXc>;$?X)$V~UOyvJTn~^2oE)=@tD8gM z?e84?&3mC;xoHEhdmklTJn;ChcEJDm!ho`G_dXtg|NX!Ja(eMIZwdwj1iaHvFc^_2 z>4Vol0Xn;Jr_7PLCL+_-i_iV&JXO_o8Ho1Q{}jQH?iB5h;L8`s$F~>9 zug}ikfGdh5h%lfWSXrih;!|!HC141LD4TfT_V4sdqFQE@6RTNFK{k4MGu8**&=va{ z!f=D~INBa%q&dU%laM6)fn2`@q0?Q}ZeI);#$40|X8 zTbp!YX)OSN>36WTDPHsjW*j?%7>%-k7tY|v5yV7P z4ARjd*xDSjAAABIg1yam(F*|LXc!sgb~iVzl7D>@$^GEn@zvS!>z|ggBZ%Rx-xDNK zR~HvIOWPVMv6H5T3?Y*55l_AyFm5gI7*6oV*bj$M0@@?yht(c!tI3p%gjZWJk|i>di}N=Z%VH#acpESh zfz<2co8zC3uTKww_xW?dz$gAyN9JF@EHm9)Nb6x%sbs)~Wv$wA)Pf+dkObI?z5!D$oKSM-e1Xwrp*Wi{>l$ zu@6@Zb}0+?}^Uvl!RClvc zeR_3%{O+^_i1L9eR9u#BP)>WO;u)B*dz2HN8#^Wt+ZGJY`hrmwgLa!;MrgN3 zm~%S^?Z0}5<_As4mmj!7aQN51{dK2HJKmKa*!=nGb(t=~+#xmgDSLU1;tW)qDO?QH zWT83}&Bw9W*KZT$UNoCH#ZDroW9TWuq@Tf+`Fk0xeM)V?(iJ{`wywRhQ?kP&^VCco ztMHSjB<-t%Gx4dGnSB1tE6T9)6*tP*oi2(F?({}+EP}ObNaTPF_iJ`a#C(a>cjK-s z$MH2J{07w3?;u4ehS>%n5HqaRE8vg)DCVO)aq3MR*o~+dO8pHb+&j`l^Xu0(huh8` zS)hA-{eF?U4NpbDa>h2ju{5MQYEK_xPZ(kcw>JLY_-gizlZPS~R6lJ*Bi8*Hypt>b9Qx+@5~!r-A>curtnh`K$i^*Z$7lzUBY9 zb+EO%|Fx8d-T(T=ZhuJ!#j2}cZYRe1?tPio_HX>smx*lS8(-RW_}%tLOwF2zj={N3dGKi?Kw zU}tWNfKETZ{;3F`SDUqk>PvsJ=Av%=8SvC}pY>*)8`_mv<`SY>_Orm$E+h^b->GxK z$ZsRg2WPfxgJqCryEAA((=Yoe<}(W*$u-2SLC!&D0aSi(a0&oy;YuicZO;r!vh{Ui zDStaR8tpx_c%9L?EAnD$ftmLd)l`tL*?6iujC^z(-iNgBQs%+VT$do}Uv18J)fYa1 z+GoKw^8#W}7IBSIPJ#LFP}<`9qApNQ;TrQicPD>@r-}a0T@jv4|KHo&-7Dz-yIU*$ ze;Lm=ss9Tfm`eTMc@b_-{oiom`PTJ+1KA&3{}&hY7Nh?QU`y5i7t(b@#_= z{hv8|ISl|#MOQ$sR1-_w<4nC?hpYp2nHEfdP1N{CC|HICZb@LS`yNNpEKXu<6(=#a zi`VGE0qDC$u^BU=!wSdawh=OnR^b&Ww6+38WeIU=!L*L2oP=e0B>6 z&DGxm5E5engwFn1fPAB|cWiF&&{SRgyHZnC5p_7t)k~$Iax$v-l%%D~XN9g>tLM(E zc8U>PfZAzEiAz#Db+PLQP&*swf9yux?Al*_{Lh_(U0eU#-CpT`OL@LU{f~zgs?z>k zfrsYP{q#$?OVa!rsA=K-8B+o@zboE#_J1XMexXG5M==53ruPl%Z{{`T26_sMv=Bzj z39zK|N>VpiJ&S;yS8ad&D#=6$DA`7w%P`2~XyNfh5&`CN0b zN5JzOsMl*)&0>RUaRsXND|P|g6&BReffztr1Je3aRCd(N(|}TmK+ahW2?o&(PD89( zcj4o@D9uHKCi*_B)?z@KDez|z!YnaAi%@3ME!=Qs(=6OQql=uvQj=wRSfeauwDO$~V(zGz)oDakNqPe+&FGn!fHt-)nEMMBwK>o)l&gK#S zYxDo@?{C`j|MvdDO8#HQ^DWB%{E}6L`0oh8HlOsb-K8oO{%M)TiT^sZX^(z1Y%Pe( zKGHF0VsLSVO|BN`g@s~Z+*GSMgRv<#O>_ClNs|^A9qT{8`&uo||MhQwbw~NH3D`f% zV&hDscu6s*Pw_m%x>Q*&tg{M>lGSryoKCu=u8?jdL+X%b64eU;W|7nlAcEA>%ho!S zZ&DmKmXS!hC`YSK@Ljmr%BVHJ)M{)y%Mn_0PX1gnt5g1iNtmK2A>BJa3^Rx^#B+py zug(9ryLVv9e_IC!`#UT7Zy66`BBx@!K^v$6pC|X9oIf1}&5`m?CUGmv{KvW6A~OAn zk{D*=D1clNt-j{$>VV}vGjlRO%UG$U$Ag~;-LK=bOM|)ayW?_iFU_#;v-DKEYiKBbdfNCZm zEbWip3z4MJ2Ol_+w;SMoL_i-AmYvY!ow(?g;ch1=WIx&yIm68h^2iGOI5K@I<> zqdOPx|6ld|e|vXt$L9ZAd)q7izl_J`|Ce;Y7sC75)cIcdzCeD#Jb#S@>1Bop3J~}A zT8|@4C?2UNGv2d*^61*13;D+>YFx;4rB^l8a4N3m<;#MarvfDgPxMX7u{}SI@BQFG zM7f}XEu*IFM!q|U5|m}jN%}y*EsLIx@b{uJU1DoRRApj%y+0axEj;8G zXF7hPY}5n85hlO*SgU5vK^=Ut0X{Kp6pH;5TdO-4y)%KoXhXc0EgA{?OKIb$ssp^F z_CoFJ8eP7C7(Loh8>SNYq4)m(Rk!~$*{pjff6gih)aieFn+JCOuY>)))&9SX$Jqa+ zEUpH85rP1wK=WVUsYFod#Y!FgA=E+5;=vzZaHS4@-&?-%xc7f4@FWCgJ)g<|V?T~U7A|$+_y2dd zcZ%`<_E+~mmhuSB$j2L~0SCXS@t#W#uqRR{pGQg{sNDUlc6EY)00#jX_(W!{!fdmb zZBsTYI>obDj569jN;-|?fXW`spyjcEtJ*Hjw<8%N8LXSS7?nP}it?>iQ8&zWs^YNf zij@gTQ?95K(nz%`!KGZu)GH4VCK_Tz4Yv||P0cj`HPCc*B%;(G&eJxnKSPrpGD+v^ zvjS4p_!=#s3zp%4NtT%SBnk|fQW^o2fZ#-!1Ds>ZJ zUO|jb$ii3ijj|{`PuXh?*e!?>*NB(P-%j-UK7o(^WPa2Hpy|+4)c4@{Roq6a;;pKRl;=TmOml`y64^R@4_TN zA>{XR2;CNG7as>GR_@?tIo%iEr(leGFo!R(Crnz}7D=hcGAr<_1Zrg51=Urdyx ze+U5TKo!5dbp`)WfoXwzAH)6KJQI?XO1{4MDwe-kSyzyZGQNl`+WHv$2bNsXy;Q#d zf>@cS_Ss+L(`^5r$NE?A|FOSci2u2}+W(jHEM@G3Glt|GRWA2f$Af zM7W~JYiKVjsy&^oFsHfD*0>8>A=l$rE;T@#1%exuXqZ0nr*Q@u`l(lFzsdkqi3o3A z85-$Kh*08Z6W#VRE-^N;mMb<^aV+}4w^d>B%B2Er^Y_$7C3lsU%h0jjhYs4)2J9og zDM+A=1+#LQ;FhlzyZL|8&mhL#J8`-@tKuh~I{j~JtKk2!xwpFizm%t%m+^Vfx%Yzy znD8sq(|AGPaiBPy{9EUNW0+-82ssCoKXh4HrumyGF`z@c5}JkHlu{{VJ00z+zWBs% z!^#YW>*bh?NECPS(qgyEMdTXamk#g*?)0C$THwbq%sk+o@d5FG_W&vPl0CWR>y%5l zt(I={6k!ppSXS^;D!a3$`kU7ft`d|HLKx~^8Jgu-ql(8P)#_Za`wILtBA^##n1Ema zg9loVdEtx$s+Fc$H1xAc!Qq2`rc`F!*K$7*{D|Y+(wskZ9a%$@0_(_zlxxaaPd2{6 zZmFwTrlDfd=}4Q4mQ^$6v40h4x^=k0|2wE{#lA0`w<@~qHmQ~yyww_1in5qtvQ3Xi zlIrMwE-tlI!l7D@x)lArXgRB=?5W=W%>&+9MSz<9e}8kk;QznBz4HHG%A=V*u<((L zxuhz2Ey{8SJ{~+VXWNaW2XhiF-iuOVEH**5dFZUp^CXkoY?VkSmI0Evmz90P<3Mhm zULmTB^+k&sQSS1QiyGZm;CBcH{uqK>ZRD;kD2XRv3sCJQ!aS9=y)7%uj=*|Fb6+SB z48AaDz@O>%Z0a9*KaPqjkOfONX+hBToXTC?s9iW`HYLUqU5n2#UBluiY7>|$T6E^Z zPZ1_w3C_ihQ+mfXk@$E~TimM`_+%gTDq??@gIN^*^uk;W6f4bZIVcJ9o;akmdFXi$ zf$DfIQFT!%pY1R4c9qNCzAzWKnpCBWymWcjv+CIhs%Ti?){O|s z)O#3S=km^6CK%_;FDzAO(?+aDrWV^J)Ep`AkAAI1g-hp`Yz*`$^OR$pU%U|aa4bnl zyBlGAcPh}9nCei-jV=k9l^r&(YZ&ocF9cn)8!9d1d|Tk-<*2nPaabwyfA*(Z|DW&N zS3cGH|JL4~eg3<3aB#4)|1aec24cRMEa>!C=>3jU-+XVK>IAr{{}%xEbrIP!{=V4( zt^@rAn=G2z0~(yiT30ZpRqo0!feih0o;x6==4er{a9g#^N)f}vrpS7q=zzA&UeDHP zCUnA2e!ycEK-#?C{g4Twvdx-a%A@EFur{vgXWQ1@m~=EQC>hgss-p|jK9An(fwhOq z69o61Q&(Zf#e1-`qE#8iVeKKGY2#MaecFoia_34DYx^YjF+MLG^F=}8^2jSxvcy_L za-=Xk60|WvX-Z}7rmCIY3L_I8hkFP<r8i5(nLQ!`hspa2s(h-dw#$$-rL1MG8qW4mw(* z)2YeFD%ag$S(8~>*)$ammd(iZfsZdU*o!`?sNo)mF#S%Up(v*&6`cq_RR18r7ZUIK?=?wWab~9W z&B{r^BqU*(A~*yk$7_=RehV)WFTNy7iD!hWnOGzqjRx4=X!L_UeE*P&yBo0)ZPLxP zi^HO#%?Zmce+fFW%?Swf==yK=C5xZf4@*xdj zj4n}Tiz`JIMe}ZL5|djP5Ao+qcGkX>=Wj2`&@l5Mk7+s5N1hmjUuEASCaFejFTKy^ z=*`6qxVgOe`K3*DTVJK*mRQz)r5K2&_}Y={<+kM7`fOB;+?wa*me^X)^MvT?M@=Cx zG%lhCX(-9F2kr~(!(KJPHig$JTHRW5ZHZ_fv@6K4RbOj+Id%A!_&^F%+<;YQA`;Be6{T~2MHj|%nxpKpd}a9p?2t64 zH^LE<_rK>FCXiH+Tpb=4!TeS==e0fY#MCg)xmk`(yi`2pLv$yMlN{_8eQ;IU0F1g) zDNe36VNQ}Nit;+KPQ%5(cp<^5CSZS5c|ANabk*1L;;>(xwY-k}Rnz_M@WDGMjy-+s z>G{|6By~J)pYBu0>4%uv`E!wUNmnmVA$?h1aF?&Wp#dd8d~Yf?uAc4nZtDch%X3S? zFUPg(cd(9WuyzvCs+u15n8*B4YaF99sS?T0c{(gdF1|=2eW(gkb`^eR3Mu!&RV@Np zKNx`B9c$Ovq+$OD@QQt*SY_?w)_)m-(Sv6Cp?Y>q%bBRBZK-Ba_O1HbRhLX+yDf}% zT81Cd$Mm7Fn`Fx^RDYl244J19Yxd6s!XNCF*Oo$G+Fc?26oC2y_mp_K&<9onC>$}8 z?Lkr{CHvNwep;!$|HVm;CNk{K{wGG#U&91WP)AGfCjYO)BRl`=;mPUo_WpMhr4>ih z_Q6ow1^oxV&^osdvHD)rfv|6T^j&HPxaD;kWq^v=staM%&WE{Vu4TLiZ92MJGM7yE zW^x!z_N7$1hozWmOv({sO?kEZXlaHQFh_fL=wUCD)%H>n9>bNVV`v00s~Fque5u&{wLNydLhAr)`w0B?5PEOjzEc+Yr!F1% z|CG#73MZ(uDOiL3*XYcN|8Y1v+Q$FbNa;+r)h_6t`Kz95$#_v|&z0@ftKu)e08n1a z@KagQEV#$f1i9BgewONoO7)?8ja8|y?s24@<%>g7)#LflW`NJ*Y#=llo zg$8G08U)WPTQz8zI*C)o5M3j}lvq=4`X#vhN$Co{Tije2xt70x5YA8>LTY=fMTmxG zkL*c?x%Ns=FrfP7Hz30oTBSYHjEE#=fBZ>hM^~ZUgRH17q^t%uz;pDr=dZU8ZGVeVgus`l!!Ah9>CqJCw#SL>F-kf`9(=xBnBEwF1i? zK34$STZzBW5TJKr^dK|cI~}m+M#X7{#%4|a#CtVVywSG)Smob$4SO`tNT=1cyl@un zr7b~C1LM9!wDBA4_%5{hXr4=LV*oa{(mz7o1U#kt+)siJwkx{*0`d&c%8Tfh1|>S` z<)AV|gN{1Ov%tQ?{liG*QPa-4as5NNSv0nDGh_&ILF*k?W+;a|y97G@De%SlG&X)DpAc5vQ}icwiH zaz$9|lIS8lnL3|gcUVL}0oWZH9!vFmS{YgEp-Ewy4)5l-C`(X|=n#{AoX{L5A$tCl zK1)e7jPV$S4`GY|PQY%8vKdTJk`KzS*Axe879u54g?V-fn--~sjn20|8~7<5G=QV- z!U8a?xC2`O;VFssXc1_k1lK0)y5zU|DwjN7?fP7|dUHsjz_-a)RvmqwslcqfS9g`Vli{pMU$G(A(MB;Kjs z*^`o!9rCNqHBNYVhaP~OvmC6qdDq@g^{NB)o`*WCK)WBDpR^`?UM-}sdm45(c=AG| zkK5W1s+xHE)u>IMs&Agc*~;IruelqYwspU%0I3&@XkT>A+E+GS3tsLP9gM=O0IO%V zlFH#6&1xvSLGJWJ5^Kjvl1*9K7$Dvul~@m=5f-$uuy z15f_9t^Ri-r8CQtyP$vduk5&%iK#k!{(v8v4pmnSt5$_7RXwOtp{mX9s7{SBpF0)n zN$%v0MR`4K*^>12%+@l?{h{}W^$gonF(Pj?Fmal5r7%5KT2OtJ4EpuUpiY(^d zeNhMKuIx=Q!yzX7ixG^|DI5hLC~J#&ruO}UuzoJ#VCNC~3}k2zQi>-crOg6nn0-1G zcFG>W+($#+v#Yps+dgm8+N+b>{{dXHRpJ=lLlKy#bqJM5H*s!r;c!4LZjfi@?T^1E zzZ3FR7ca~<`#*q7o*N86Kxh0;NbD_6=(#6Fu5ygrBXAFs+!GGm-J+&fi2L4*Bqprs zwF|9sBHf*A#w44;Ja7JF)H2{mV5^qsz0oln1isA-L5XEd!2~Z*A_A)OfVl1+X8l&K zj6Ll0>grW{lE-%U0+nYEASYmqlL%lRXk15NjPF1Bs;OS zi^+ObvJ81*eEV%ZfiEEto4;9$s2~1i_$`K zE>ZA`6A_JwJ513_W=yi@tzsrj_hYt74#pxN}nKbj>5v=g*ih+4kE233!} zD#kYAmrjyfiC^CFyR(qyOT9wqks1&4t~Vp|oLlo3!k~VQ>X%GgFJpi3Y3McJt6#;c z4M;NWz)i9cz5n^93`3!vwrWN5zUG$4)N3-bmRm7b$JO~tY)NIJernSXD{XE>JndGz z4Ds~XAy9w^oQ@YnO()MLOw6hkE=yuU>#;i~W?mxJ2@|!df+lp>jeEk0-EDWoIDmc2 zgml}o(c-=TQ|H|MPcV)zN@lTS5a0&?&x4bZo&WvdY@7dQGex?ym+}BVTr&wBMiG-8 z34n1da#;`;1XP|=3-~Z1%P%?H}mO>v6lMk zRa5q@O;J1>(&;{r{Cy5;hu4!+@W189%lg>M&;nCT65dB)Bm7Q21z*7LbCM%g-8Dky zdFI=XE!49^e_zU=*@T1JDtqfMP*#F19D^>>^jGn;9&F+J9qrvdn1iXfe4^2kNXvu6n7BROUVL%X4+w=||<-UAq~#6(Q6Ud9yJu#v0)Es5A7ik~vq zX+5|+Z=t*-xAQlYfq`}BM70&|>W+H0k7*_{I3Kqox+M!F6h3l}Do9qlDeALuv*@h` za)X{twC1-p*8Q^5!dW{Me|EMfy(GyPPv$~LW{fR-9lCZQz}fTJ8x-L3Pti35_z~qA zwr?K*O=Fzril*RKs`)PdyeFlmJtj}>9Sl510iv7p=c1dRxyjXDpo8H+aKUyu4)6GQ zF{C*+3jst}gKz{_jU(3eXVykrN3(lja3bf2DZpC4WGtQ|s5^{cezvp|ND2xVT89~#5H`rcJbttXA{}olhjo<&_$iDwM8g2c*Hd3m- z|5&JmJAeARj<%PtK2};l^MeG94o%SK*Dw#KAo#x@;NHIv_WtYR?(W{-)Zcr58~mXD9{g>`^eEVk5&JJO z9-bZz>cY@IrC<+~>!;f)bF050cs-{o$q9p#O@ZSCCV+dzB=Z@{a45pyg^&t;E)RD% z1XtqPUm3an$KHPoxi&-vYKJ+P5t@V3qp}qp2E~?k9VRLa!#X8N`oo_R41eCMcF|Dw z5~}$~q*%%33BZX+qy#7d_lTo`-r-dE*FhZ5UE}L68J~tBZZJT0 zmUi(GAf*gZ8EHS@&wC$%$e<=H;rab%9D7qjRWD1E5wc&?Xnsq7Y4M?f|EI=n#hUED zj%@pn!-KQq!!7^cL}_9F)#p`TYTbTywF0r*@A0d?IF@!88BC%J#vR_wXW&G)g7_dNv8u$C4VtH_ z@>z=!;`e!F^0~{5B>zor0}!zP56lb9@~&9KM^x>tcnM;(=O9q;YZ6546rm+GAYPy} zCJ!@|JibBf*9(YdB)QR|oL9hBhODdruBgzQzCt!~P6NTUT34_K-m4oZ zl@=5N5k`aW%EFJ4;z=U*rWAwi;lF-;Vg%sid_h96p#MTKw+iuZq5nBJbM!xl zqpkh#MvBz`vQ?%4inIk}Y^i@&qWdj$yE{so%SY?;nrO$k7;2Zt(HTS|`4TUTp~yeA zm-?L<#M+SU`zC`kO zI;d*xcJ9E}ubk$((P#@{+_c=#=4)DRXfJl|DlImaR00Sjxl6Q0OkG%ead~v<8^Fbx z{Sw6^bSf3brrJ+MmlZ?O+V7av{`f;nJ|caQ^y-oiIjxFgRZsp;1wxwLp!}&D zwx_rrO9TBco^ui|PdCbyhg(t4U^;vPbkjvqR~Pbq4H&GVrtavYRq1kQTq=`8twDtq&014b zN+j%hvKBbCny=%_I3uD(8AyaJ9VQ9P9`slui;v~aY!OqWdR)JL(4LZ!2c&*p`q93_ z+JBRes9>3>S1{ZDY7lhed*mPh<2rK=TPS#Lhu*vot(^TmNYp5Lf6OJUXy6p zLiTT-RNr@1#b{=j(83oe!8wL8{x>SqeFnmaCjcZZxq5l&V+BpO41iJ+y-kJTN8LoN z8=?|Q*QvB+k2MZYMG$Ay6dTlw~< zk^Y|^jO_cL)3d{aE&bm_G3fuLTJlwieX(~QEoIkc&^H;!GdMwSZ~w)qct&RbO-TZF zYg8!3hsayr6!{%H=czS>)SVn)Zn_3M*8P$-aWOJ{NI!RO20YiV>rN zROe6q4T?*rR`_KPVG=EaTbby2AcmD4ofo`p2)=*>ClN|=aO^tgb_En>lNP$%CMa1i z%YdkF;^7QY%GMj^Q@Nn!%h%;Q5t^ubxB5W?efVC0X9X z7U12i4afzF=QG65v#W!ub=DQ)RtU|=Em{Sm8X$*DVJkzF%(HMMASAAeu38~VkX97V zGn_w2mxJ>TsI!{(gF_8QJ;4X>c}y}ubCTg?0#LH}4+CyxLB;o0{5zmX!&_-d(FGW0Nx z&2rN`{_}q^k)G86?F2y{f$dlK8np|j*mHva6(hWXGxSXRE!4EOKZH_phUGS~Tw3iO zhIXP`b-`IEn9iRI`^XmvrI#dqaJq0p<*Br7?QBiP^EkHbO&kkO?wjCX+p(7vBR>a5 zrXiJP&BP_BFs$@vWGS&>WNx$O?X9mFH(3z0X>A41^hPdh+0V5=TF@qPU{xQ6p_l1_ zqq#v}s-#rvZi9WMmc0K=eD${vKuMKOqA4#BA&kR0BXQBIn;$bWPyH7LPBnW^Ev*#w zf5k-$kGOZx!eY0DfLG1`qow_Q?b5*iPmT|4|G$%yqb>j6NHO&PFW%e$spf)71Vn7Y zRYiiRB7*N@kOHD)4K9bN!0`EV5M0J{nxpI$&S-9iRuQN_e_pBpmb~Wm1}f3+VWWh~ zB{wcSC6J}(L!}EvZP#)O8C}b{)pXtZp4W+zqA2ysv-0=3^mJZ+PDR{dKE5`C5~N-3 z0V01YtPaejAA>2O`5O^)6JQFYoFyZE&M5-=mii6n)1O2GV@%mey)?!4zc$*^qGus) zkxYi1DH3Gm8TW2g@C?8%`n`lsq?;QItXA?qzi3nb@ezvA#kXmguUY!|RX~9-(Ze_nF13-UxO5J2%T1?h*6ghCEY2N-1 z;5W9RBz!V*c1{4B63+^9haM>R70A% zYL7uMBN_M7PQZtwk2)f?!9Ln%m2w~-3i$)A?YR?sTi&qkDZja);Z)FSK|HuA@K}eK z)8!CzY9L09)EO(P;igccwi<6Be^idmMlUY(ISk^2?7*Q7G+Z#Lp?t-Eo_i+Yafh_0 z)A}Ra>b}cTef|@og|uh;87Fs39|s%#KTc0={qM=)HvY>-igEsPmweU3pWEZ3Jq!A# z()ZEOvj7`6^>tyeBx?_lwU)k~`kS%uU2-O^da5}*R8;;xIZieGXUD3G7(C(zZOtQqTXdt}lDI18h3~9i5%n{y&GO+xx$b z6qo;BU0?RW`>(DqA2r|S@b}I0WyhO8)X9OZ^N#|j_V}hMb&wC1Ke9E#S>2}QM5fo+ zax$aT(|>vQx8C#L==kW+Isa|#KQ~ic`mb)6d*A`pSI3Ws4-|7)2QQG9@SEoaa#kKX z%Rp-62WpROMvvDD;QDqA%z^ds*JKX$^#A(m#kZ3GxB9=06qo*AU%lvq_FrGUc+_;C z!@mxi&+z+AX#Vxp3lI5Z;55>ER%v7Me=VHVZ5l|ts`1w&@wKI%{{KQzwz?H~6a7DR z>Hpa_|I22IOaJ+rZ#jV6{OjQX0>>^F5YAM!o+m#Q%^eac9zO?pHb-s9^;)Qa+U9@VNHOUD6|Hy`(WzBEmMv`bKViDPLQ#nw%q@$Fa&KvTH>(sEaOD8(v``z#2Hl zQVL9OObFrBn8R#>auL|_B93_q7bYXSdCH5<>?XEXj*Uz+OP2Mr#K@i=tYQBL@RA+R zun8f_7=TbLjs+r;^-CYe7>6kE!%Z^RQO!uj=?%=#s;iZe;B&IERxKg9vvMS}P$fK^ zWKJFx7a}E572@i{Nc1!%Q^|W(iI?QqhUoeulCMip=@@4#F0eT>9K5u$42I!3B1d zl)|buMYWO)+lgmT5&cR%76?zJvlwjCRXF+wSNcZL zv;SyT_^kcMpiU}~b1Mc`N&5Ke`M_z2HC76CW|!joX$o3UIVUlbZlNILh$bLa@eKNo z;AR{-Rz7uDxOAhTZG*2Z8GKErMeopzERYEM!SjShL=d1fjUNC>0He(yv}A~;@wGVT zTBzd&m}PWqr@{UY;Jp-50OB791){R3E7*Jl&;li#ut|c`0#X^0n*qE)38JM-o9rYI zbkEuHb$w+BM!2uem=v4O)7q{cMKnEw0g5ACPNbvMSl?i`P-dy+`_%@FiK~`C#iPVn zB1Am_)TUS4P7p$M0JVnJqxiMH^wY0QRr1p-dL`s2qZ?cDshnydg*j1l))%#K#rggs zq{SuYYs#A6*L>U0Ldw#EmiIM1O<^UFxzztH0sj8gF5gY5*8e0VDsm02_x}IvXyn}g zpKb5|H&TrIpEo2zpipwJs0GsZ&!g4;n3L#R>r>{}-$0;GeJbXCPzgrIH~^i(0IWEE zkuA99tT@kcJft~EFXC7~Bl574_6a9=0nv;kH;D17uV0@8TsQC;(;O$0;9M$A_}D@h z;tC;m&%n-tYl_M#cu)R23!idDB<0_^Q>pj4USZKOaGQWnga}xI?^V-(wr=KmU_J4_ zMkj}-PX33}!;>xj-$XI!|22t#T5}*5eN{HloRR5qZ~|u@Ju?GEDJ%kR4a-0=$bisy zvW4?&IX&$^Rz|+<&UAJt3e`qA7x%EGKCtCf`e83t?>2`ipcFv9M%e_h0q--MBcnnM z2ilpW^NT1Fw*$JOTjL2oUjL$9HrOZ#VT^vf{zZdMT0l%uhJ;yxVkJNXjE+R~-B_$_ zq2^GB=3+R@9Khv6^;QMD)jfUTT0d7kU1Gz3e_${yYntNjf*M8wa;{2$X-u`9c|a{x zjc4+m2rY1kxGGA!%{l?218{f%4v&rOsiJb_Zm2Tzx87c(jAELjBt+W%nTWnRgDDS# zER2l;{z1RMSpb5F+$Z-ii!QFO0CsFt0`l|(CK4)fv=}K^uX|4b`%U8uYg_m z;>{Db+J(H?qDf!S+8aAYI2r~ZS!trg_gQ0ouc=ZKO=$$eM_bxV*CjDEbfUN@Sq7(V zt}gXnoTcWG&|N(6BZwd(p8Hgty41o|cgt8Ys*m`1sC%WyO7nTd6)RrDI|S%FLm(kM zR2c~JDNZId;6dcMXjYM-fPGLkl%$6=1q16l{ljwAZ3%(j-);HPWuTyzqx<76Ej79f zL9bva7GuZsw5{JKf0U8yy4z^9Pd=t3w@Y0u-7S^5EteMeQr)%D^5S~{OrF57X~Q{$ zaZK*7GrYhtnxL0VG!(hm-Kwdo6?tBUFom}`#yLiG2&1U@ig)>W!l|Dj7`;v6hj)bJ zuW*dS1;e1S`aHRyZ%D$b56Zsd9PCz9W}5+g0XWGAU^J+$Dz5#?x|S%nywe<`%7q|k z?3eONPm}orI#1IW%}|oVSO|at*bPY%LZjl)ttVx+<6|&7I2(8z*V}ky3V?N@zh0OP zQFm#W*M-ZI)BhX{JZIzG2%+@l?{gS8_QQDKFA4s=q2iz};fi&r{@^y}MmJNqK!7Ci z1DGfH_c;=AMQNS&O*@!;7*9!-zvFbYC7GL|n27-nk(;3WTJ^OY-%vn`lN~It=D|Ho za>|u1IEet{ncczv^Bjy04v#@N<>2R21m;Oe*gmmJpSTr+<)bU4Sq1AbCih@BMr_Wx z^?blb7?`Kd_fwby`ar`xRtHapbCR(&y`Q2)rBu?=DLKdN1Z_wJsWw0`zA!!=_F3t6 z2l}oO6-+O^AVK*Mr;FnuPCr%PJ^%sVzJcZ#vIuNE54zp#>xT`Ta4$mhBNz)tAQbhx zIl18$j{Yh^;Q3~26kxJptdV)zL=?Z_i#rFO*3YeV$-fg% z60?>Q*4tN4-k5AH{<{M1$7`ot4q=0I`oTdA$=X_tkK5?HqA)&QM&|M}r ztO*n?FSI;^gAX5{_?o!WkyMLyBmO*Z6iYnQGWO@tW7XO81+gX{0ZzaN35I4S>^u6Z zp+rFOZe#H_O@qnRs!Oh98YanMfrV^lpq-}JO)$@e(4wBJm%SXJWn*L{qp9qBzx{?8CQ~ZykBRl@z z+39E-|9d0Fp#Sg0lB*o>E0TU=13g-@Z_T1_lCLF$SEueqsvn6A(=_Np@Qrzxl(k5e z-JR0w?n8y*6ORjDt2T7MKgj&rj5lb(ulY5t#w&>9dA641+{SD?%8Fj{b9;QQU!XK5 z5A5I_=%%e8xXEFT#`9Phy6)Mk)m^sp6>5rcy)j5~pR;ObTzn9NeFS5Y`7q*+*o=&{ z+&fzy->KB_|9O(*8Cw1L*Tnyi&PFHp`EQ&5aYM!A|6<8|JpS36=<$jH&P4i_1mp;9 zkABMu0oE)`ZmS^pW`aPk&~Xkoh4dfDHANQZW)R@dmu&l3Hr?foytmoVY&C>Y^k#u0 z4Bu(++s0Ya_@&7nSQ~seN$2djZ9s){HY)%HmWRWk?)waMD_BbLB=J~(>J@EI7B#A2 z{;1Hg@WCT=%kpY9I0yjA*ao(M@&e{D>+|W@E3Mvi*z|rY;5RKE8{(%~2uew0+bePD ztJ>_^8QyY2(jvOa&P(hHQ|W5!Zx3F}&!gS0O`I+3#D1$^kD4_B)wYD{}~+} zAKUt$lf!NN*NqfI{<~32-iz#KY@kOg_*t{)Tk0#iU%$%Vn2BXXTR^cnb$_qm7>%}S zfcB+^{-cbWqlO`wC;2K&py~X7G&;7=|0joA{r^UaN&m%?1G(n?Z~<(Nj)%4kPMlXbss*9CEAAM&~`buFo~_E9!{FeGXt0jm&3z>k3X@Gnpl0ly~T{ z9fCTbsOE6`?L(LMwGS$$*m!otV=&3h?nZ6ya$pW-gtE#vCfN{#6)M#WNw~p(#4mG( z;P3Mse0aL}2<}l<)~X77se@H_-6N5>mGf3FHS*sSX6QO2AreXtn!<275wPj}e|mIa z$A3Q@oo(g6O%zl9V@nR?nuB7|R~7+%JL&OCf&SU_E(rRD*?i()FBq1`pdZxQq{99t z9dr%LCv;qCMs546V_uc@zXdO=rvEw0W;o$4$vKI3| zo8ovaFunYo!XyHg?~-v?R@ptYP6u_v@oVG0LFa1}kNNZ=nAt z2M5mm-_gOA{%@q1^uJv4l}UZs)#D}X`W*Tu<67r#rpGl9a&0(M)2qE`Nw!OPQW8}I z<0IWGLQyEW{T-EbTv(u)aU6C?%GwYSxt>wy-C^{qL1 z!a}NSD1NtUipFEMrOUSRL950&i4|AmmP!TAbYAJAN4F|}`5Duk1|Z;JSL~qvw#9sb z&9W~$rcafrxXx`<<8IdT+K|QH&6fk*1fE-FDcFmt?vhLfMY=-|Dn1flyMcFBfj7&P zHm^JM@R1K_Je3~c{F|vj14UfV`hi1M;f&riDY1|PwHsTlif0a8pyfk4(HSHP>n9;M zzTw6}UVcX5JVychTbZf^Ah^!Z7-iZcXP5F2GV;sWHMgvMs>buLY{PyPZ94|0Py?#J zT5eSiy&FuW{L}{nYl^(~+p$qc;S?t#Jzsu$9DraP6UhD=EQJM!yeNb~kj!VdDATdA z_-F#{OrED!ReMT=$tX6nR#k8sMv3{uJ0wGD6i@u-b)uPEd;VPfEgI|3>)MMii9asm zEmXwFaBt3*Sr^f_gJ}V_M(+JP>5oU1nRZ(?QR>crDT&GC;U>)xj4nw+^94o=Hbx;`Oc?9l1=tA7~Ta>0Epo&ij_f&h^ECux&6$Z%kWxq zZk6Bf4COH5h8nUT(YQIxp-3$%lmzloP14f=j{_T_BnPKLfJsP%F2-Y=;QT?wOZ$l= zB$Myn^VK%rtc=LJ`7O#4lp{LCWPeI%&aK-1in#Qd6N%3>G`~U_Y4h!ix94RFR>mTp z0ZPC<0wGKQj3PkEj600sNL(_(jLee=AV?n=C7!`M1ZJ4#@D9--_?g`EkVK{$X9&K4 zocs@*#o!A_^SN&&+%~0J{#%fEK0~YO{{L6A{C9SAV#$A_)8pgQt^Bu%V#t5L ziX~rF*poZw(Ta8j{5=bDrh)dKG|ft4=2nqgYMtp+bnrY`=^fx}vOMcO8EM`VUov@G zm0kyErp8hm${>HHww>5uKC^NSfEG68p3Eh-MSJN?%l?G(oTMn5VM;ae8(4JV;g4RRcmN@ zhwC>em8p1ISk7A!ly!okMN&5VDPr+3ir}iLm1eRA5Z5cf@dIz?DzJNp9%zT5TC9An z;lF>GZR`JwICfXw<6Pd|{=ZeWAq#3Ye$}=U&L~duA=&taAUN#Xmqe#BZN9oRWRDpY zHJ5}vEiWByHZ_KEd<(<77cwY`&bP|M`u5I1zk?uMgn=B?LmOI%8AIMf%ZU4_p7H1l z$TK`M4iU~SDk)-sKMP*ABDiHY8-ST7?1A}oMVQNOHUP6qc()S7s*?@Ct0n7O31qFG z4M1IH6I==CvYQRSoQ&y;;PM_eK`UrT@v4ME^sxbGRTjFHz*U{B3tl(hT}#KetsbbZ zRO)}^A$b2&L6_DQ|NZ3Xz_$NCI6B+yiR#BcDr4c0XLUv%gSI zaU)FCx=}w>)LubFRsN{aP5G4?g|4dD{x#aFa{ZkYbzD+QHIc2Efgx42Xh9C2dqsGI=w8Phzd2G%v}({_#<*`Y35 zXKkd3fe!@lww8GD<>c0)MQR^tpqeu$Kx5`0jt3q=hZpjuJm8@DP)n~jR+ z-sUw(jL`TsiS$6FrLKotT58=%g#oW`+AbFEH2&Ilj=6Sd(>f?HCkASTJ7fH63^=9= z`Ya73D^$58RBzHMk}1cm>aVo$e1|6J^J|!gQxN>$4+ney_3@A6uRB3ewHGw<6qmP% zk$^GDW{|Vr5C04f&d$#M85pSj{i8OvH6d>2P$aSPQ)AvBRD@Vus@qMd_m%9yAXmMNcbUqxnBzKkXK3%sO zHHG-ZMvwF-AAM@TQ#*^Y?PF)iC2E`@tE%y?%I`U1kV!pSa>#0D@OIM%pX( zGXTL23GaAHAbr6MAU(#;=A|IUup$^H-E2LBtKgK3_p z^n8CmLlg9Qbifh5pY6YSbN%b#i~W&l@~;OPFcn^-z5n{iwO&8$et3EP{>Rt<_=x}Z z1@TA!XYjY30PN=EhHC%?ERJjQj?idv?i%dg%*SK=8ASpcFZZwa-|zpp|9bx)U=N_l z5R85tJOg$uynl`N-{bus@&0SP{|{W$#jNsm3~>Ukk{nG?25r@$LMrm%M8`LwB)30j-}2{@=&(l$0Ux)J;Q^Vu#dAA*bvC76Hzo{QMuKE z*J#G&58tM-?>aI>$vg`Y9maTub2^;y#?3lVIoNK3oPn1SJwz9_(DBdUpTRRAy0wtR zg?mK^lz1;88GvOa4>?1U6_XN(<1f`{=lU0+>d6_4Ut$>ZjZfSxK27&#KJ3QISf8VSa@?UYx=~e!#u^xSF@?SZXt?F-8)t{zM z`|~OPnkTna?QB&$-$7~S|J)9Fo%#Px4&C^lCtLsD%@l+G^QG>W`Bz!7KQ_)U=dpg9 zPq7Beuvgylqrw5>Lh?xi3v%sS_!mE>u6)5mH@v#BgQuX+`EdY(&tn>ZAj!wnI*ISd zzRoLjN3NEKvmn{Z7Zd8!6q`kqL%`u2x0TC{9V*${i1{NtVNSsg>6|a3)!^ z@|6(b-;?FG;O|Mt@jbB&9cbct(m__!z=`MWz>&K&o+tc{&07?AC2RP!Y$LN8;+OIkg^{29>6-cNh&Pmo>V*+E&SYhisBSy!x_9oS4sXhdqYSnc5e%$@c&;WIm*T` zEaqT7E$#Ze==KNFbVuS5&2p0Irk=(_ZJbpGk}O766u(+bLH-PdrY^}h_K6fN(PsI`}p zxx{FraITN+Q3UI+YjnZ(Ewmb*E_d8ftv>>ssGJk+X5~|Eo0cDA9vaaj+e^t4N1va8 zorGjF9{M%B%t|js};@0l#Ihf69evzh#`*5kp z0@ohI`sCM^j$8WY#f=q|m!`2T=|?^}q3qz(WP}xRH_yVv!QR8>KGF0dYC?4`bNyY# zl-r0a@kPXAeP-=0Xxe|F+Y6fQ1HJBnJ~opv;#NIRHMw3&wogA`>< z{#yozqG`kEt$A58rZyW(H5MiY^D1`b6m-SoS{YR{{ZAL+n(6=1=)|G_+x*X)DF*$& z{`In7`tOg;`Pk?`pGDsapL7u_T}Cx3X-+aY;SdZH*d}ObO;U&&wAXln@Y5qsCYLe9 zmWPR&LW4(0YpPkq1kA-IB==y^LK z%JR1jeS|PZmnh5e7>6)NO9c)r$LTwipq%11j^H+q;5LrnHjdz?;|L1!bFSGcz1fBm z+=dd|-UF4T>iqWt(>$B=E&TU+G(q|Pr!sG2$HQQg{nw#=|8sbFaGywtw5260#Z|MwRGD$h!|O=|%IN_yzc#7HI>=8I z;8Y7V&Z)&to90vq=QJlXk$rci=_*qRbHryrA3)(iKLYu7i3q{sH@R+<>8jViYTm0& zJAU}~b9dyac``*X&ZiI8Bzn2PAsav>HMUgO>=`!fdalMliKYUe00bBDJ$#@SaZK(5 z=P+#;rj#gbu~()J3e{T)a1x`rlb4eVS(2>6F%T0dF+cI4g` z5Ool@;qF_Kx-Fu3>3?<$!~IWOq|X*OL>FO5=1IP+9dHBvKRO%P`k#Z-v+e!=Mv8U+ z&zBp>^#(sP8ayT$U>jl;jSy?kO&iP2^nFVn8Q8M0%geCWKL016+xw-x9<>}CK|p`uR*`Ue2x5<&11Bx>lZIg z^55~%$g=-DJv`i=|2I+$`R^TD@%{upzJa!Ko{f+78<6sWS`bmqDx(Cj1)ZxMN|}kk z6#tl!d20K`cL1gA<6}^3g{HF&8MiU1dDpzG5ti_Wd6~iA}!Q_R0t6 zR(t{t@w~@9PdFbGjrd!(C>`xucgnK{uR}tHS!;w zb27iW2-tN0b9`p||D2v39&F{mO%zlACs({jouBM+D+PK`(f|-a@4mAj=n7|QDE%NR z>EmvOexKtEMa^PLK?hg|9|OSu9aPZQM32q6%pj}-Hi%H8`3F%F&PoHRPS{}T@2Ua+ zymx0c^ncZB|DrU}|Fc8;{C~DR|8J-W`p>?ZYpE>k#|D^xYf}ICt7bT`!@rvrR}8@NCn^1ME4yYuSCqrXTCOt^rgH;FkX9aL^v~Kq*rCHW4|>$r_c-Y zr2c*NmLA>RJ-my0k?-$_H(>?AS(w0u)CwbbHZpp%1Bg=ct*@Y3{*IU*{Gt{kOeJ zxh;UOEM9~C*Wu~ufqnmfcDlX)-$>yb|3{Pq-HDh>mMai{d;bjO_Gu1ZQW2Y^kJEsv zS%THV|G#=Bt)=q@317Wua9zFNrf+4&THRAH8W_atHM~QB&NE|1!jsz8U=_^3xWfkl z{;bW6dL5J9V5fQ$uhvuFNL68T^-ii)pQg2*e-<`G5|8zEdKDn*h~%CHA8_=M`=XX% zRB_^g-x;*=;*$qWWs41bUj6<#d8CtZ3@4hkWQG>x4n+Y7(C3sLhg`P>VFAxa=dG7Q z6kE%uv<6>+1g$$_Oy2-GFKwWJOEU|YqdR0L{8c+eo1$gj-)V+&w>}looohCSe@}3e z{tojucE%TwlmDhNPs=(_oGtnPN@u~Q^WWj2o&R-oa=i8b+(;1&UfbLK9RD1?+1~%t zarbP&$y@nl*22`ott<9K>~6yiqq-Z{uHKz9m@e(wSpjQ>Lnj0uW-#r|pYzY9R(mwX zPyczWjNUYWP4xfd)Y1Q)9&Gi08!4Q;tGI9dkbV&_a0P;2>)$WCZ|U4$*7ke$tM_f# zhdZw&m%Mfq)Y<^>J(|Kx0RY{!2Yog8oJ|0as0|Kj3%k4J)ufBrkr zmU}f`z&jq!M7LV6OQ-@t0QL4e+OOWVgc9&4wLE44GYoHI1Tr*68A?L*jL|eGjObZ6 z3Y}W3cC4lvZG9OH$V&QrSS|gxuCJm~n4w69f>_nBN8Dz~Fd;y6%_Aqsdmt53AVpbW zlz|qAz02S(CnQJ-`JUmWR6K47Uv09MDmCOJCbuvK0bjEC*40e; z8w_RrA&esBB4Dk6cH#AjA)lh$TsAf4aGu}=$|xG<<9!&%~at||>ZQ{YbGt_Yw z6Bzv+#xMy{c6D9z%Jn-^f{CIiTErOc=xnxs2CV+8>aScmXwLBE;s*krd;5pBCh zDluScXECqCOpE2ksdpV+v-rx-lC2a@Jx+=pD4I2iGCo4U`(7?kjwPlWve5esqA|Yf zTNcViw=HF%o#{f1jRg&wraJ7R|dR zg*d$$mE$|-d$9LVC%F#fO2Xc=dG<~orq>zCNl0Qn#8Dom@`EqFdrz=DX@|%_lja*1 zkLN%;bgiskWpnk@zAJjVqCTtW3P@s3&!sHI ze>6$OZeyI}^6v^DwQ08jwXE&|SnEp$oY$UMr{o&Yjc)h^thMn>qgabJlTejCQz-h8 z6DWSS2Vd)g1MlA^O5vdISMBStc7l52RXNy)l_CH}(aae~sF#zql2U4BPajc$u|GZ!uJoU5zO^6p3@vkfyT2z@bYtxvINE=Ib8Ac>e`O?>Y$Tx z|J};SuKaZYR(Is_D}N_wYfa47VyH?}10UW>{~;w5coK{y$Rqcdh|_21o+0Z`kLLN& zb8_^<>N;VWYsEWjx9L4q2g?aEo}OCo{AMUBB|9Z)@-EUEQL_$sJ;%H1=c7lg^~;t@ zG`BxPp>UW-m1+mi7Vw^F%xe`R7lPGFPmG{LWiM%`MO8g@`zo#RO+bBH%$EwwbH!05 zt2!Pv)yxCceOG2{dXNszQ)9w7QQ3B@?5SOED71HBc$r=aVplPYL0!v0bu=S6tk~7|)Zr%0>0w8=d zQp1sjlch<{w^p%y*QHkfC;w%l@+D7!xc?~>XZTMzZLbk*xc@&mJFxRV933BS?Y}ot zto#2^sc8CO!C|TI*{~gesRHEo09}q68sL3s0c-LVmiYeq^-1yL+!MueO*F3S_m2v7 zTzk8q#_#{c&i{3EGTQq8ZKPP=zqY)6PynsF$3_DT(0jfMaL9m;c2{vb6c_XrG+{OC zz-7Px_Zb|IaVS!bHBf>k|KH;y`};pRIoZa4-AJkU{*C4BlM)ymKUSJxO=8V5f`3hP zU#3(%I$7A0lV(nXLhV2KJ?V~XP$*fYDT zEr&%Wlk%67%EPq8+~GCrwqn(0yt-Z-2mGJYz}`2`P7|YecG>bc?YhT!4?e?u{(zst zB$#XW&Duoi%Ky{(ZH(#k4awgj7(HA>QHCh3&lA^l{u?>^pVPx_{*TQRi~m8&2uz~&`9h}WD>;JovV$uH_vAjU7Zy$8u+A@!g+&kc}`&4KR zXp(EFo;E1^WIbEmhf$Jq`};Q}K~3krVl1tLHVkE_rrC~MogB{)nR6qnq5S&>g(Qi5UY&RhT>o9!fzN!p zc&VIsynI7a?O_aqZO zj%tL10oa{rzyI^}_~5{8z2q(xOIs|WwMc3Yt8io=4#1uO!1aqP=Ixu8f9s0D*@;|@ zFHYws5Yn?&PQR1cy8lT_d+~40v9_hp(pLVvNl{1(^Dp*A^r!zHjU4;0gQKng=SGSp z{}nEJfGv10(qD?g$7=~@L*Lg4KYvKkd5P^ORcCEZ>vO%>Hp6Tk8J)wI@{`hHc~A9UwYg3D*%-H=21!jI{1Bw09%&-7h?JSnLqZ- zgO{ZLZ{Q5|W&eM8e0u8G|8L{}Y^GGuf408s;Q%5!$s^_gdU%z-u6jM$o4}~qCTZzv-DmM2mPqyDJi~X)kNB*w| z;qQ(ApB;@H|KGE%|KCQ6#sBrNZ2j{8*a-Oc2>HJ`fqoUiI@+JWI3^*?k^WG{$CI~y z8sDw0twq}v)?-_K+~2v=F%Qsp$PJliA$kXsiLkV;dRJk0y_C1-W8l(j&_91K0>ZZ! z)0PlXI`V%Nr@2!&;3ocm?7WXyz%^Zc zn~0evT%O3l>P=-BO(-k02o$Vl-%DUkZQO2ggVl_D;e)O9Su*IR4dSZtH;XlJ!wRb* z9#0rf1@aohahCY1jR350w++kr7>l3(=Olv@wEqc)A)@p(iRvA^8%h)ZKXC5<4-QVZ z{C^{b6P)W`FWFbl7aQ=^UWMPMi*TrIobMqCXu1g7h!+mzeYyI{N+FD6#C^Gk@=x7) zS{vC;&!WFF9l#yWFuQ8OrSuodBT#=>6GcRsC$#LlF^#C(kI$K$pE@o~q)6wncL+wm zWjIG~lMn^sH)HCrVe$}YukGKg`ZbBlIA@wDS2?*EiBN;PrQS#-9Qa2W&174;mU{k=X-M(q6m|&q?I{iX|LEZ4 z%+CLJa&)@o|C=cF$8E6>hI|_g!zoNVU+J z+0}=0in2sErIX{AS^GI8K|-QJP0TweS_UGs)zFi@*?Y!o0aOYpy(gJ-gl`5)wOj*G zYQ92yl9OzClzqa<8nLzlfU1l309MIGeo$Xv8j=Od9@=ixqCxA88Wk-lN+OY@j;?LT zmhiRRvo-LoVe`89YrQ*KAhO?m?BcQySbN&iVxTV|C;v?)mE8({f8tUv|0QF3d2_Xr z@Yg2(`^eJ&j83=tpEp#vis#L%8*q7ZwbCVz6cxpe@#uVNls%04ETQaq0zj1E1Z}s$_&TcnA|4;1ue@6ee`u~j-asU7N?|spKv11-P{bva2O#ju?|J3w< ze?ts_o5&ku@9#fd>_1(|!%Z_w7*tm@c)&owk&p=8+h4-G|+$X$7KvD?d0-plm_~LJUTkI?Z3A7zZ)vr{qK!fY`|9= zl=NUlhG1=>@9H|Z9bI>3(6bJ_=303F2To(I#z2PxU@F0m07>|iOuop<4*&#v0mx83 z&k_oP;2F4|;&2LP2qqL{==V9IIZh@3g6m(o!ivmu5V8TZE^aO_etx<4|Gl~?yJF*U zgF3F7A_3U$T|B6szN)uk0JVj46`6ib-U6f)f}QlhfM@-5PI#$KW0T zM#OOfU;@k$p8*)(!w0JOYy)AV&+Ne*sx(nE7eRG_3j{b9-Fp3JB|KP8<|^T)TZD}O zLP$|jCn5P1CzB^Ye1gSJDd0bU4g!56TB>LRP~$e+cys>T$0W51rUuapq06?{j&~#n z+~*+pXYkJ;Fcpy!!K^E7o7HuxED&Q|M2i^YyYv4(nbR2U-)ogd0F&f z7g-(tD9y+MQ%n++`ApP}ql%x-Ydw7Q8l&rGhSzRx)ORR{I0-=T0>vmVlO=eht&E`v z&pc`T9K*oMRwf(`X%?!c|H0_9W2yxUfJ#ui+$Qrr|BjQ$w&45?;`|lKUg3-~rby>A zo`&{nHbW7H_2?EVBi1WUCamMuD0f?05H5>%r{iUCuR&1@bejce%ZKaf|B8-(vNYNM zo!a`J(b?JQHvj8JiqQX{jAELjBt$*={H0}&2IG*rpISwasmf@p_5r|F{Ae)9cf(dr z02QG3%=32ght!~m=^_k3un6-21e}Gvz>Fd$V;X>fTMq>wm=c;_!+gpfeg2gbh5!VV ztE>YMggkS|45k4HBDBDvLq{t~BLhbQRhP(A-zqu*WDPsgJUNyPM74Vmt81FuK}~$PP9LLVg7i7Vie{ivr;v48dzPs zHd%8ejWfDXDEYuxnu`rj%H|3X{`i(2vTfzRON!sTx>?Kp-_eni|Nr3Z^mr@(ZK81T zPRe|!e?vf@@b}GaLS|&1@2s z5AV=J!v|6T#H!-NfQz;lLJJE5j(XOYbYw2TXy?z&YZfcF5>}}rOD>$OnT{+eMm1N| zM6$MlwjRsvO9%Py=Jns#BmbR_?E9aCv(v5r$3}`N|MhMN{MVBIRxlg>^T>ZUum4^p z|EcY@cKHtkr4MXSxSM_hsj!@J|5BkY5LQTpV&{79PYbYK;E2x=aqz$g(Zm%DYa~Ml zm}=>?8z{YtsDFEeGOBL}eN!3L1JL7>Q5&%O*O5`%%73QDx|X#aC)$A3LMJw4mX zf14zQe)}itUb6}ED?UU}ES72f1f=nkXkKgg zB&xi(ZlTSsz{R>Geh48vSTn3da;ZyxE@2E@%jW6neHip&!x6Gj$C(U3DRfa>|y zXgT`N4WRnU|1}z&+UNhH)01uf=Z%yO6mackpnaHPMyv)VNk>~ut63LgOq&q6#(`$% z{aIz2{dT`nF!~aX#LfK1XL75!j_Ab8b-uNnyDk3GK>tfV|6bMTt^;nM|0jnBcK)Z) z*~wP^-$;=G=Y?aZ{MPw;gJQw^&<6W9QfGy5A0EJh_RcAa*q<3nB9!sA*Cgtqwe?S^ zXNG7dnOKCm(7g(UrKyh9ja?0+M^q-UsLA6r&vC30O2~C7JSEH0=(Amb=xZ$0v3xcl z5WaOm!C$OB7x+53Ll62XBt*f$^-JZsD$wuc#DhGWGm$|&Eg%#IuiW0&Ia4e`enR1r z!V84bOOiflO^tjO;t;}Zy6jXTT7@!@AL~1yQ%L@JgwAf^o6&p zL@$|(G$0b%3;WW$Na=h_C)69Jz3Q{u{b!6YF$6!$P{a{9B)%upLKFko`#s=aGH zVg8e*C_HaPhV^a5TD6YFqHP@~|K2h1e$?*o?Q!rsEVbvqbP?`7ux|noB?Z?nZ?D*AN2>qvfepA!`(t^+Wg3qpNee+ zlLr9f9A)Bii)4Vp1Ph}3U7apVR4HOvd7jixlPWOKQ2S|BsXB1}A@kTx%M)f0SVlK& zGAL4mXn|Jtp0cxiyQ9T;9>?-5QG^!Kz%Mns!Yy@7vKc534MqmXRnIc|jEsapJOPfb ze=Z#ZYc$W&D9F+{`~4M#n_#ma;jDBaG>)4}$kp4iXQfQjDF3F5u#kUs0o)EB$v>wY z-r-~daFUZE-=8vzOCn+O_DqwL)d$DO1UrAgWWw4P7h;4KDLFCay6BWpif?07#Jegc ztL;jA*YS-fu+cpprE_|0~;)PNHhZ{5zSVn3PDnM6RWsx6@$Q*8x9HCPKD zib9H8-xuhcf(--48JP)_%F-W{qCCgRgfhB^5<1UV?F8NP*n*gXkoORQ`zcBQ)LV*! ztC_a4h0|&CzNlIY+f}mKZMDV~Stq&AE$V2J2n`Gee)bW=C`Q@QA)U{v>l%YOt7{C- z`=|uGVD^0d*!pN)>)CNF7P1xC|D>f^{$~fpwaWj8rw4ZahqI%T(N_N7MDfV~(3byi zQWW+i|5s=o9?!i`If*WkdF4HiDb96~+5Ye)8PZgiWzSwcrKUl8qGg&qZ(?jcuOdmr&`KiVN<&TR zz#c;#SKx+!26p#+2E$sQ+sIJ@%f;Ez2-opP5$jdRN)>S`EMb%n%`N!UhSqN<^#L8} z+61Nr&O2+!wGoU(7!K+}vudA9iAS~>8Ct|ba0Kz{WypAKugE6Q9LM{g;5;WO z%4Vyi{^q5g|Bpr|r*{62v(YyG`(}z@=_JV^mXW>LvhT5V$2?&o1^*(qpqW8(3xZQOwoPa5bBOz9lJ&CqvDpTIY zj|7kf%8YPiFp0nf^040tLJ_iiGYvmx%9Og=*hAMg@#@N$L;YkcbFD3EN!SEh?e~}h z*~4%+EG}WynbzB9F{GncAz4+Ea7ylz>X$R(x#i`C8%$iPmXk{SupQ^U)D}bL_G^8N z=ascQx7QUmrXsAG{R#L?0ZgmXi+N6fv0y-UP;R7LT9S`R#@7$%UoFg#$8CwnD0keK zT<|2^iDl(cKXZw#OeSMrW{&^EzHWXKs=j1xPW$9OK^dLmluvgCbIhcr2Q?`ncof4I z=1lFUvHt_Oh$2AAOenWNh9)qJa54e+Q2!Ze$X##_(hTk4gyt}gpYb2_bdtdc z*;V)M5uQx*;2Z=;f%B3ZC8NER+aw3)fIp=3FywUZ*)1BA4DIo!TqlT0@{IptdjmyJ zQWD+B3+)VX$4_D2d=B2A1wji$HCHscvaz)vLF^y?OagJ~U2fqQrQHa|5C%9ttb2WEZv_X80XW661fOQcmw0`jXY1+I*QYF5A5IKWS>s8 zCwpo%m`$i&^@}zD3a11FHwh+L02R%31Paj4!G|63 z*T?22aGWzP^`U9H6`DEoAe6Bx!|4+4Rjy&pM@;!BrXD+6BuI}7m5 z$0lRXA^>}-?`hRGEb%Eep#Z{zN9`8eJ0Aga@nP(Z`QIEDU%#F^6KVC0*ue2Is$r8V zbKia{_hid&r)=Q+aw>LE=a0ub0lWDtoM1XdQ8llxJ%6;+3Jw27ZVe}yf05fZjwza2 zX=ebwa07(@fwS1UX=lBu8Lx0CD9;1daZY`s_awWE35-Bs9T)-~hVM_;>nk<-Uw*45 zZ`xK;0XOJ>Pu=|gXQ$iz|C=es{V&grDLp)XQ=44gqPElk>zgJp>`tyTl)?;^+Em#w zCF~0Pc44%n5n4i)zWV*APbabI6?s^pP3#r`kPefpal^P zFuf*O4&$IWiJRtu>h`$><#MLf?ee=MbtVK3O#(q^1aK>0)K}m=qk-cXP5`DNIu^eV z#|gN++W#fNIe3p~PT7jwBM`y_@O%>44CGUomwjTYq^0-)Oi+R{sJZIc5{UnP)xs`tza&;irW1O&N?1&xQxXgWcuHTW>7IP6Voo1 zKPv5F%{e;Z~I*ybDE>Cla4meN| z%28NGrt+`im6o#?CzA|O`i$EnaGp|FuUc-9@&n_~u0$(khtNRe;eA8ZCwa11^wTv_E_Ec&&UpPhl4Kv94AOsH9V*Q~>u>vOwa`@0Wg zwsyY;F&N{F=08cAsDe1^C@4ZP(in#*07FJyoJnc@JO{hGqLM~YSkH`8vm*shXV(~F zQR~sgU-6C)M;ndNRO()+X}vN`*$vv^%y)P- zaKrm|hE|lns3Hh|yB(%44oo7pzjHLnq|1r%YnW#cjq#nmNwhEvmiM#P@2(8P>+i9U zV+JMeZwZM5e|>e`?pX%~%=7w|&HIEQ-K|`Vl4lPo!P4wuw`#1iR=EMB{l`7JYcf|4LkKM%aUCN55^edJf!vLVXy z*D!$-lvTf}*c7G6DJ4$oxSn{i=Y@4A7mnt;yTd&0KtmZdA{lQ!6uIt%s{{WX!Wdnm zEEhl7jF`*@b96=N9LZKv;JGZ{I%K|wi8hNP2`MF#dj$BwHYe;H2Bg$v$(cM(S1p^9 zV!@4Q-cn?dgS8h~EJiLztCSSfWIWJWAzRvtEv4Y1`gWy^Mc4?C`ol|Zcn=~S z22GxUm!ET#B{1f*iU<;(f-+J&5Di@O8)JO68~mf$sH=6*>$+Xb4a@0nBW({1Lk}Ilw|ouoK9htT)5u7v&`=C zY?}@^RQ!aA^1H^sV#j;|Il0L*oJDf+)_)6-exuX{e9p8CT7g4!Y<2`%mdPcSkNzDA1vk zWYzXJoKM+DcacQuZ0>ed-Pukty+W59Bbb1B%E4vxFmzoyZ*VrP_HFVCuGGtC`&|4Z z+>~zSW1a!zyrFJ}(ijTqP)@^^xT`So-21e3kCigMXY&}7*N<=wbFZ&j0ch_tZWyO6Q%i!*>6@S5GzsC zk-hL8&wtAaYTriXy&c=@h55jDd^f*|Qgi>W{6ALo{%Vf@e&WP`Iz2hs=KtMD`J?g5 zv$$Q=cvbyPrmWO(8!8k1XnBVC<3ybogeR&l1Z%Z~mn?5D|I|NpO&P04WBtR-g{FJm zT9Y&mIfaag6CO;+OmF4U!dg05Pi<3#apT3BelkyucAqt=*z|Z(hAh;zY zHf@IrUQrHE!E+3lYT1s~RR!nK``Rq?F)?1ne`@HzigNrjrt7r-Js6En4{Z8>a(ud_ z|C=by^q*}5wgujk7dXtj^8lD6gtfN=R%+hJKbHn5ya^Bc?Q0|Affv=Q(;4Z3z72v? z8ky>Z--yz!U0Au_sAnu0F}=kwD%^R+2xis~j?)r*jolk_-hqO5?(mcg2J`ceCfq1X z#5WHor@a%)k>bjczE|0ITWaaQyd3?cnN+ML|Nm%oGP3hOjkfupHdCCCpjz~7WgyF~ zYdX4tAbxcy4GT2V&ibN;A2X}!)7}&{Eox~xfb-U@J5k*d*ZJ!z%chd586%40$FRM; zyCdZ=-SN2wP-8F)UfoDgvH{eqjPIrDh~N zTKZ&^8G=AW?!{*ivklF?-WeQPLw@O^15*b=(ayC}ui(};AMGH0EXQVB(El0AGaRmw z{+}KkJM@36|KCh$Bmc_{(2?$|ZR4Z+sz>b{pdNXS0=&9S>a6YpsDrdSy%kQ|>Qca#9z(F31~6P_Y#l;bUlm zMK^H&cW~g`lf4urf|2U?{Wmao1w1xt8*X`;@9oZd_Cw z&l3@o15?07&Ipw0f;8Tus1P@)=RwQC1TRnmlw+e{FvGSSroxS}z5P+)*2pWAzdF-z z<;hp}So);(aq!@u;I}_@6c+eKtNJ4ccciO5Z^-rIz4K(lMI3~l4j?J<-kYrF^uY%E zmPZd`jlSP=$F_VQr3L@b$b8wGe^Hvwe~0e*@8D<~|8XOw&H0aSfR3j>v1$A~d7dL= z+5m_VJV!sRa_!MibRaZ)^>Ho)4CTXMW_dE&B{=TRNHTF`$L?tWj<8$v8sU%ohLEo7N|QvMYJ@^P3KCk7og60?y!7 z*FQz8+WVj1tkqck0;q)SPjdxSOsVxHP>F=fYarKMQ;VhQF0YC5iyXuV(%itf$XRl0 zBfTob*0*6N+w#at4gb&31oJ5IBt;p_Nw%y2(8T|bZ2RxSgVVFE{r5&nGe<90U+o8- zmEmz=z~R)>4-g^@F6OyIn1n9U%mUR0gi{pWarvWoR0M5ApE1pKU+(=Mz;6gd!fE{; zCOjuMr<^1KGHES+CdK};Lw?AB!khY*2|9?PBnM7%>)|`Zs4p5`(JKk3#T7{UlEFk< zgjy}IvOpOg`+}^3fTSY2!p@K`!AZ8$`Kd*HoN(Hncg{5G5pbF$$Yl~-eXfFtWpiIcaLo2e@@Rlr)mcG7d z#LWfxH+PGGh(>@Swo`*ld|!NGdm^z9|1%Hw#A=v}T$>lDXtU$>KHs_^Hn0TyVaSGWZ$OBmiOVr?D2+nT_y?B z5YwBSq^YX|a0m8rtoR#y5psIZisavf1UyMdhW>x{-h4Td z8_64-zw;@u*_3rrOJ?!rT7A}I%VJRyd#Xq-NtIfoPo_pjAej&&1JOW4va%(u^=quz z_q|*{$r`Q*0D-vjVjT&aX%#bYI4<`e91i!(2CDk4Lk{RNt@vKe{+EblVf5b^|M6h| z(0%{EcX+(f|E(o;!2fbRIIO^T0FW6yz7Ai04ZbBp&ks!W&!qA_MiL(k1wz3iT*MU2 zakng>UBgth48ston8Yx;&YQ4qGxEonWtU7!IVUl>?WjP%RJFjhN1V0mN#D1n2R;<{XuZpk=KG zMnxrR8j*6i82{i{aV|?`Trz8xR=KPh$)>C)tQzHN`b$IZ)5Q9J5zDb$V`+9<&q5J0 zaF?Qy4#(Q*m}oyD>9TCyCmb!7tu8Y6vh}ywe!vn+CMX@FjOC}gh9z9?zg43{$Oxsu z7=_n~K1wfBt0Dhkg#D?|Xgoow?-`LS4lC3cHlbywd#dVhq%tU)iE^D^A$LK*|}Dy6q^3$?3MbU=f`cVWilY zWKk%iN&WTi`pP+ud#@z&C75eZoK|G);lDBxd%}g3&*b?u>NTgU-ZkUpTaloJlS&bi zlTaA|8U}u4Pr=xD4qojK!cZVr`q(<3Jo>LB!KJ@O#Uz3f8x+KqN{p>h7DYmBk?UEu z^pY>rU8lpymrq`i2=Snoh}-9Ru6ryN(HZh}igBDXoPqkMc`h*(r>!WUO-wCV#`XqTCz;8(WMLrwm0Sz*0hG_-_7HDZ&gDosFHR7@jwG zx}ZmnW2wJ|zD@Vl-$#?R=1rGGuDGSupY362;IM|T+n*FoKO6ftC6XJ)B;J+L=6{k| zIIAJ1cH7I0OCnVbV!jAPSSXwDvhKKKGNu);ZEDc!Vz1m(oLaJ{{Gwz6`LFWUqpz9K zU@-8=(imy824k1D8unt0i*e5>P%p^ru}*fA{dYHkMl`CjT9bFTgC7CWu3isJe} z{j0S{X6MwMGYIAjHJJ~P2TbEQL?3p*Rxqh$B7OdU+XI}Ui3eqG1ry&!ms9Jxe{rq> zg)EjHkarV zlu14WnFRK(K1?C?lyIDGwym(0zmfcul{X|Eh)bQD1ZHkaig0h7u+1&oC!4(b|0#+P zB`<#&!r(DW?ovYG1A0pWVK@Cgx1er&BhYaFcesDxzW+Ns-RS?fNHsAijPi3$lJx+h_(QVg;_p{I0MtS4 zm9TB#e*himO&K`Ib72nvqnya>rAB)p=t(1p+S79DUUfJ?*ZS12_ClXfGQ}aHmOzr` zq;g(?nplv}tZ{}i&PlqWpX*~Iy6p!Pg(yxjj25P#sA_H+2BkNTixDE~o1dB@z|B&K zc|@}YTCBJLL4X*0N1V{FTVj3kpJhyb87KG_!SFhcW_|fjp>nDSgOdjy_P1r!?;h-I zl-gn#ek$tyS?N?sEZ!+|=(+=jSqdIVs(|c^UkQ#ue+Tq!BK(AQi)`agvizr}ebG6# zYU{Y%tg?e)7CfSKxdf?7y>xA$-=~>s@t+n2cPOA}ejiXx_TQ(6d#?S*(ed#H|E(jn zfj4>?447C4jcBGVm{FM$ibh!0p#EuI8E~=343n~6u6lSxfMpbc9QoiP44570T4!*g z3FW^#huVV23jYft3bfAJhfl1(T_xw?ljHJ9QeS&(;SMrc_$jhUm#>KlTf(WwG8fbnjugB7*!MN--4lC+;Yi`dj z4i0>^bIe|4i0(i4be*W?#c9@h>M7=ox(u&3{J{R;c=)o0662{^zHrQu#lZOsnJn#Zl_zFZ?vVBK_aq z>E3ba{nx=J{>NHUC;gwPk}-{GwTf;~=r#%mGynK6G!tLt1rrYY>L^>(pzO;YrB^>y z!Ur{_RhDRE>#_b;Ny)Su%^jr{nk@1H@TB{Ey~Bg{Yk=!HVW z{N4lLCuJM^a}NOc#D0-CPrp2(*)KT!%WuD_4h?W96{kFp9AqP_k&p9}4SoDUStRIYHC@KRR&F{|Cn#{I{M|yZ_ZX7*s3+iwRWZ5p1FA zTk}0aMafq-COz{to_;krb8pd_{8^ zjbz@8Miq_lEOXbdy+eo`>W^0fOz?9?MT^?4uCx!g*qAIQtejgEmM?nT8h*WAKwE`Kzh87v^;j5fExV`)-N!;>W;_wfqIlUga z_@NK_lPs10+_ujLwl%%1TU4~YtYN6OmzNLVJ;P#I(JN}ie{06eGntAI*0CqL*a{}q zHCtd27VkzqM0XwkTB?PK0$&v^ho94TJ@V64(>*2lRaV#J)jJ(}+BCr)_xsI#7nfuU z&Q_^IYFDWmwPz8r8!ckD9M0nJSG^jteOD{$aeLok0IV)Hj7FjJ6qDPnbEU;Ete*R# zy7G(or4NPJ19_VrM#2wAeNl?68TY88+V{;Yyr#L8___u4$|756qDq0UT6YoQbc`tY zDWlQPfKc$0s;OrBBvuFu9yTQDc#*j@y=xf3y{t|-9we&zt7qR*mYJE_&b(Q{@@Kwc z1giTWb#{w(MAWkS-Yl?NO;tksK8jLn+MiX}!RkT%y>#a;bi@sou*^Y(O<+3-lWS+{ z<|hxeW2;Q&kR-b7Dwb#k!*PlC2+a=UuMP*a>wuw4>P~-A__@e0v{c=x&&#fn_${II zG7o#_(no3^^mAWvVITCrE;#}#snOgX%epnz9k@r$(g+r(M_EwO=5yuKLTK=^HQcE4 zNz!IX#<5aUDgUt)nPMX--r0 zW>1W2&8lr4#BFtHEwf}(tUA&en%fg2Ud}BxEkzafyj*;MLD~oXi+^Nz3L_M!?I*{o zbDr5T`n8t1aR{Dwa?A&wLjPncuC@&XfN(rjma5*_YcWDf3HCD(4SB}sX^djd(%q&+ zAR=}CSPqtR`fTXu+V|L5uXP2hRUPu&Ai5}!k8ZtbN-$vWE5YIs5Z$} zotTHsDW$WU z+gG&;am=M1j?8Oj5M#3MhimA(XE1(S`02|gHQxW{v$T)} zScCo7!O_vad;foMe6+d$Uq@KEj5h{aw4^i8!J^T3$(H)ZU znB+8h-zh>r)oZU)A(Y3;bnb@9;F zse|nbLVLb(T>s!$bP|jRoxpSlFoeK3O%wL&A7x(1(}&ua`Xgpa*!P zK}IQxgPE4vXHi6+cEC4;4so~x2nDw&iC};R;EjCiD*}IsYy$;WQ219eWZz+y5;}W} zCpeW9#@S?uDDRTY1x7f=Y>YziD;bJvC`uuY?W*^AwJa0QgGX7^RCSTFUG;~e`V`U> z#}9813?m$)90Xh^GPWiN)fYaxOu>c`p?OI$OTUsKKd|Bya5;@wJ}03-7oq@+XMiHe zh(kw=qk%#p|0J=RQ~j3;DP!i>v9<31y9dDksTQCJpwLsRx(@7m7w_(p%w4r2F=HaW zpJSG%e=Y(kxzVxsnZF?@UmmF0jd?G3H`#~(dDu>UQF`M2M|3n5P}n^!&V1(9w* zKHX1i<|BGFztMSBfnETA{L%ZB4DWNE4ggC~P(Y~`41N*j{yR|6 z>u8C73^r-L)PVm&h$bXvC|v{rHtBy3_g(*Ad&j4n_kU|i0_eRFvwVlr|AHL30ZO812!lrnhA2$Y!%S9_cP{^(m&zED)d(yo z^e6$rIzGj7&^J>r3JVfVFqB{2`)GD3wY^kR^P7Q?1jHiL=M>W^)1SZ(-^XwY zaRi4EufJWHyNo`d{`R)g2b$ks+1ERrNze~0?Vrn2VOBD*GlR;Tmu_UqUK#|6ADT%K z*{X>s>x#ZWZO!sill(_XL}n8dF9HCXG+uQhmT1%4hKcD3#0sw2}tQ`Re z$kHgc`jr?Cn z5>kGtcR$Z_@54nf8I8PBoT8Ls#J~`Z2t^`Pyu6*jOk7V$g|B^;a3b%1CP{>(`yM6I z8Kx-oUads4;&MgEa((;3#w3eEFhqc6v5@ed%bWyK7)2<;Y$BVQzz=wmO*~EdD(5xB zR9vJy;3CO$lX8Fm)}EXZf@wyP%_82B5WUhnH z9cV8Ft0n0lfAo|Cma`xrSuEbc2)0%|jC{kD3(a+y;*6D}FJ8%=RpmW-L~#p3>Wa@x z63t=`sLvzFSj+Kni_F`!A(m>;0&fvd-~+nJqUf$$@KM{$C8c;G8g{BP+_Zv$Ws2-# zjxk~B6-xQiY%xwo?sgWkZ)Y=kqqi#*m^LO86=L%5s$6 zunB$T<|RTNCe$u^i{nSuf`W3Px%V6r$92Peu3^KO`B%T&wEZ8QcXMx>Hik6kDwR)F z+7OjcOejug3vnGmSgEGPiHk{?zpz-8Ihl18jH!k%bt5$;35m$V>@J}QhUX+^DTO#r z=UdDM-IW!upc9-2okbY3`e!(8$Tq545ux!Si&a-J?^`cUL|Ff(t5*BlVPPqqA13j) z6b9%9QA|SZMqu9l*VelD#!X42{cJ71{-d&Q`Fc3PP>=~uB*FEoRLw%<*IWFw0db5dQx@myuQoQ(oVvWkT>_tCvm$u!pO0B6&ZFY}}x4P)gQPt?>U)nQYlD4Tq|HD$4qEQwtWC7mv{%`N7WdF5) zvU&fvmL!xtcWRcGY60#noiEV>%ou`on1Gc={Nu3|-xz`|(-2Im1oES#Szb8Q_&5ye zcUNpPmOz?f5tQV!HX19sS%lzIzcdh&=i6A-Z&F37$A3lOpWGG1`|cs3n(Y7gkKOlw zhbMa*`@gj$%l|_$x6AYb@!p6Yr7++M0H14R!3#U46{@%_=e6%M%_vH_OD1}z8HJO( zySst+^TgQls{_jK;Vt}9{_Nm6e|f`HrtGR#_`2v9ukHKFBSwGQ1q8M?)N)gK?e$?4 z^pdp#wz!qGaD!_4I4xQ((^ctA*z>0+3|8*qz^p~|$k&sY#Jj?^DELVi{JHOu(c({I z|0*>U15lbr#tesO2QUJj5Kz2aT22asOMaRma;JBB_}_IuZ;-@CoZ8F({2g*<1kfb^ z_gw#v2S@t{2OIgnj^w=mUorylteI6}09X5>POl|NZl4oX8|I;FerfLQ@q+R^?}+Wr zr%4-Q3vKnYEw-=YH^P>>Uq0d2itW4&quP3TT`V!ni@B<&qo6h$&1vZCR#y5I{dUep98ef_EA=eo^+Sq&HAq4nJx62Hg;Z&stLc{(s4Wf1~$r@hW$zI)AInj>6yi zR?_yDO4jM?t;{+UrhcVrK3Q#$ZDr-XS+ffURHZwhXrLU?%&ww2{2%&9sY69qN;mbc zO5a>FMP^g8U)@Ef`^QkK;vKsEFW$uK&j0KZRTELS_Wg7dokoeJ(%FQ|Hi%>WslEJH z)@5^C05qQej}Ob||Bd`#ODfraE*S?HHi=)12B4zPAFT>teYXJSLfhy7TIm3)hHRq* z*rX+-_VQo<*j)+GB>#^Nj$He{)6>oU|5}m|??0%i1+O8)!LlJhLh%IBnJEgl1VicK zlcQXRX#jN@;}i>TW!kdIuxi>GLv|y}bN=l{*5RKo#8dmw{;VtimH;wE6lh}1x+#nw z5ZH?01nq#WJO>x*Dke_;n;{)I#iOD=%#^pWyy`+a1zJ6|d)*Q7wCqqQamyI^Y7tVWb1{j_trNg}=<(VVpRbw^{Ey5(56Kljg%5%K@ z8l1(UH4SQ+71Q9E2%X37{L8O}r$3%G9V3dQ%Q=c*I0G=R*Ihz(6UI6sko#+Y8m z(M$|sUa4{)ryA>*rpFnh^6v1BQv2h(8irf+j|@`;U@E9{yS^il(ac@)CT21wPT(ek z#%+%Ur8OuhuQ(r<+^?iPFdN;2SN;`x$&Qmj}A8PKi87P zmVF0t3{afXSwe7}ikN)T`{|J8?66u;ixo3~QPj82R(@n4GvgSieK2U9A0|mO%L{y| zn{@@LdjIngUk(Ro*#9R7rTFhBdz<$^>q%n&za=o_a3umvI(uL(x4hhyHWL381t|zJ zmXe7G$~?jmVmkmbRaFRZtWf%31}9PT0|Z6X0DVX)yicOO<+5SVYX2f;88zGvg9K3( zAe;fi%?IQVP0;E6Ddw9R}=H#~PSOxT!o+ltDAk1E=^t?mP6H`sREaQr|~ z$Cgx?7PWs1Q}hI9;OyoS+>)##&!oIWn`XWv6#tV8&PezPKFd-f_$}?$uW%7Og&^;h2!eZu~};X|qo$nV@uxG6vqE zl;WV<6isBAmV$cs9gN|FEw#I~7j%)>FYiza5<>Yp%+bqEu4cu5yAj`*&>)@N+LU$VO z)cfSF&FXi}-j+7!`?aOY^FNMpx+Dc)!}b$oJov^oE;BU#sHu(&@nO>EjJ z1Efl?QK1)%QSdkjU;>9Y!YP&*#5zVJ`k-4@)Nr1jN;};NiPg7I2e)c_o-QdJUw#d4 zAY}+dn5D86m?WI@q{MTPSgWBFRk*b)ZNxpz&^f1>Dblqe6OKoOPE@ch1`5Yf?KKjj z!a)0GwVUTy?E%Gz!c;`nN;$OrM+6ec*b|{46Bm65g>7^oxzvu6hraZJ>urak5VQH3 z2oWEA6bBfwfv9I7bu@(5wK#zk!*IBSHdRgSS|#xVSx&36rdF*65e^>5Bx7g^4HuQQ zYMYUWE}>OkO;vlh=mE17QE;8`HVN(0O1>wEDmy)&gDv zMNy+<-{-&Dq4E9ARWof|41|~oGWss1(e(-6znUBAVw-8HW&o*>FN!;S;gwP=WBn3Qg%n2xT}t(a2MbuBjZ z9oV~8GWF^n7OZ8V(n6hTRk1n1e=4cO{}s%C`3uMS>)`+Ud#4BG`~QQD|BtmKL!~Dp z9`k8ek6u^-u7HzzkXmFIRQ5HqQKlQ7>)Bqs)s)y%e16{(pX?Lw|1;wxa0=6{f z6F=DRUQl7++vNURWmRvK3@gkcRmU~tP5XTr5K7K@#;ts0oZMGxRNKAc!(?@NC@?RX~LXt69&SkJ_2*AHTVi{T+tD z?Ux+p%MAa8gcW>W|Gg`#tH_;Om$)lLEf2Xu%y(ycuZgnn6A|*5C7?gu=UYgV*ausKTNEM4&>)Z4SJ4&MeB2p7!6icU0SrWFQL`(x z&&p-rMuY|^EG7&~Mv7R9!ogrrHu5*dPn5mYB^!vOFb>b6WDKve2{>*bOgs8fic~e$ zw!wNqvuEr%r8Wf)dH#K373nurK~W&*sX<1FJ*E3F&{gWCtRs!6pYPPqPSbs3R{PEz z{|-i!On!uusJfH6xXH(|V%r$Ks+pqPC4rVz{gh^?UwYwRFTExxg&d0ClQ%d>+dZ^3 zUqmQoBd-?OOMSf;svkTrBShc`U*ryTv*<*NP`~=#v)IDT(_+&Ih-IPihi<-8EaFOP z>IR|{St=%-)U8n^8be5pLUI3-XMWv@Y#j?90 zBtq0MBIr1{i6}q!keZ~ND?DHk^73o_IIbc?Bc%!m45l3)!+Z9e6Rc$-{Fi7B)ZZ>; z(4RPu7?V&p_={L5efKq&cWD_IC}pzqx*; ziOR(X6GN;Q$b`f=C0uX~q%rmXlOc)`vt@Ew%zq=Gle(7@QcM}4I)E`8-tY`%r09WI z+7Q);uU;5uhK%u%al;Xn9=Pka9hBAAS4({^e}^YWAqpBW%?0Mz1)vxSSt75CB%FDI z9M6P9IShPIP&m+!)5HbuBSMK-68eHG%rCb9q$G>W&oK#=yUG^P+j)<6ZC-IX${(W< z3RE6Ni<}y{5q9{-DwZg7<_nl_GRsY=#=d79ON$L=bc9eaf-*iC@3ZPEKR?9ismNB^ z$;BMmzJyf%A|llb3xu8=RBcCtQenxZYtoeEKa4PnLbvl3*fL)+*06ZE`J2~#yM-uD zF^rhn5j)@sM-hM#BkC;x2q+50g^k?o;;(KDJ{*c-swKtg{8C-n%ug_P34G$yKkvhT&-)VNt$z!pVNuR_ zp}#7{Vcu=yy?*iIGieZY`<>K?xelaOmzWQ(tz&9+@+@f`wS`zdUM|bF6_GC-O{6YX zg13%J(os6<+4zvaIMjI>CnV2ZH79LwT)9x^$*7$Odn$?!8na6kCKgX6;v!r0&jp2JpI4c(Uw z^?5TTe;C!xI?ohdRA(p4Z(%Uy~<*usy?)rF(&v1z&&RhbC6~K6o zGg~1~<~p#|fUeKulDiuJmEP0MjRPC--@(CwWB+rocYL_<|FD)MkI|)!Tj z0HLRR8P8!svH{}61GNjcXbWpZ&UDKQzlr;b_O}hh>RJe1ktgtkq-fKxxl|`!wdkAH-GU)YVX_0o%6wRfR-aERC+9!oAA% zNnIt>QUV;k*#g(;z3#HKNs_Afm1k)RgYg8#=^MUnvDN=Bvi0*5rJrP~mH)!q#^N?$ z4f22Q_;k;;|2jF{_~R!V|FS=4(qwX~b5O8aRva3Ef`F@96wmHcQs(I`+fe3}Ue?=mfhY=rgtzIpVf%D161DTs&+Qhm2LH)7 z&P#X#+VK8!|M0Z*{`2@~qyJk=QvRRBR4?t)FZW^D4ejYt%SU;p-M)BBNaAP)_VeHr z=!0+o)yhGK-WQc&ZTz@W4Y7$R)laKIk~J7ow(I7vz>R8B+}sK$s;?e=m_Jd-L86GP z)87U!Gz9~#@2QV~rdOw-AJ#+n(^q*URn^P@-1EgMA1Y%8Ld5VxEDgS&2z`_@FKpa( zCAwtaHICXi8X zK}1DGB@{6dO_2Z-B2Z4*YTmNRE4Wv)@twJ0T(Y-S6dcnK-;IU?j5i17TEk2zAT^^? z?(J~OWPeivav~dg^T}EmeoV)v1&=g(#kW7EDNgHYZmx5S7xh=LwNDo7=Rjock&Zb|d1 zx&R_Sr4cKd`&mR@6To7KK*nTtFt?BcYgNvqVFZC6p$^S06tGSAgJEnZs3c- z14>&dC)8&g_C3S5t>3@@m63ScOSvG><26Lov71J0_p7k{5|Bf`@B{cA;5gl`>G}2W z*SzySXzM3C*Ik%?#Vb&5PJW58xCNBXMNf$JxuOq?N*PU@f9RJWT+A^pNf+>D zB$O6p2U5JFX+PdoS|tJBg)&)h6AQc4li5w5Q%7HJCSo!nWAS;IUDN(q@y?lJ0|3w; z6X63e@1pp-oUPRJe$A+S3Hzwj>F)a}sNYI+E!*<8GFn;2-m>C4EWE+uumkca|GlwB zs7=-SUlk2x<@(>fgS{iy|NqJH=Kb$_Qpx|H=3cedUoBk#<^g4@4Zu_u)YAS-WjEER z`X|@sORwJwyD#CSCa_zs|SOdV(+lZ5eRi$O?SCvZ6WhdUDDO0u7jQ28_|zh$kHCT6)Uw<`*LRkf+~cyqPumi4w> zQol*pE@xpV!+{5ol@zo7Q?f&U5z6T{i^^y3+5yXpQW0RMM7XQc-U!PtH&x4j_2B15 z1XNoH1vJ@zA0D{!|Mc`|dp3Yca-)8g z))@A;?+CMNAk@jhM-cQAn2w#_VLCQTX4Gl+dm8=xy{}<&*&P^<@}CH*JgX%*idU{rTH*- zslL74Og@PvHs%d+(jM2fFivUj5!4w3n<)G@xr#iIV74-bu1JV3Z+v#Y7TTNK|waLMMyJ=uK;Qsk+r24b$4<@-Y~ zAi;OLo(Al)YtZ(Z4O)6%a~s&l`t_-NP2xH!f31nF*ZP|MT&lj;8rg1|UbEKA&8kix>P|yjI6~*fDn2~RpXv`S5Zdj}+SVm%XuB2XAk9cPZGJ*%@hi)CC@Qt#wH|O_$ zmOPuwHW@E5n(wOF=)+QE)(S75&Baz43~>)5cB|kNcqIHs=+y^f{{J)Sc#ModU+iah zZSk+-T=gQtER~r&j|aqK3cm2ZgA9}wj;zJw4nz3w!STa+1o6bDt@A-5-j}lOt_}*- zy~Iulg%5}`vq5Y|`7h71rDv;}_}14Wb!f{PRx3(>3R4_-ev(my#bcF7!6>MxrNeXsXT9DDcfH8{V! z?DA65Tr+GkJiohKhL4WMu@M1c873m?GVj_TV0iHOf3X23ejf$iiu3~NhZIjMt16F} z9Z_05H7&(hHJXK`iRU;5Yaig?7Dc*WH>cZ=|fc*LHESHvT>EMDQOYL3B{VbQ&;rd^+W`=I!~ zKo30?%TL~}mYu-3@AGfoyUV3fAu(NGU6>PKcBK%kzJ9D&^f%peF8iKXpx6b5u$aO3 zV%Y9tn6NQPJ@>`xz&j-o&*b_&nmWa6){1@9lLeV7=vzU$$%-SN`dWrwN@eg(7DaM3 z08Jj?fBRa}WO#g@2<5Yj({$q%sI5^wYG%#YE{!X` zzQHUYQ$%Mz4%O<&|1lr>7dZAWaDJNi^t9Bo(~3?`+Cki7HbgW=DdPC^rC3k9!MG}V zzEy)dc{Q&Ixk^Q?bJ&;)&wCBjv==0corBE!H=dV1vs8WmM~84p7l2LnUx)jy{nzp7 z>BjzRElK)+dVO}jEUPcRY&u>5$|B3R@sgHp!tZqf%D{-w{O*Fc%m(fJ{)_$4&FMcc zVqRK`zjvSG(J*hh%Pl2e5w+KoV$PmFEEFfB(J-vS4ZC)+VSo$mCjB$DoLY$q)Vl5{ z#gc4i>?HQt^V&FFjzAD)EJZ)y5P?TD10g}u7r(fy+yRg=ekhmE1N`1!UW_68FEn!o zL{v+8z5Uj=gk~YHC-TxFU9N$YWbvPnUDTJ7YVaS)QnVBR*y#Ujuk`-+;9z6_wU$)! z|9Q)&eJS2Q#R9U7_sbr?WFE)Wmr=sOQ-U@VP>CNL-(GUzR`~Q19}Qn#vIdv)wRZVw zR5!Q7Pf2fEcb{elR^`k~w9&WP>f*dh7q>#=`^0J%%jZ)j5qaybQo+(Ge4N4bKfzSZ z|4Xj?=N1J`=l|oAQ#bze;o*k=uO&&KXZU|#mL0IWd^+j`%Eedz2F!GWZwMKel;=6Y z8^m=v$lr0|%?YkO)t5$nnJ0W>1UsGaje?uN&(HpJsdI#v^;t z|2jE5-uQoAOEM(U@}QsELEQkK5odn2Fi%;Zn+Q+-@+`Pcw%rNR$&sqXaWcyi(OX44 z|61TC%Y1(C_NykKdhqSx|FRzHf1)r~O23Z}+^WUb?jo#W*KV-cCxOk@k?QcDh<~*D z_-{uCr>_0a$?-=2x1OX}hYWYWBoiRDaykP*Rq8nmf%IZ;X9}cqce4gkrEK6Se|je5 zDH`tvJ>?wLV^5jq`Hh1VC1p{08RJw-pV$+8=UEVH({$C~)cNPEcGfzf)|X#{3z5YG zLgXUn6&00G#7Hzn0uu;dmbHFjtF5^F?+?Tct(R<%_W-qx-D_8A#bfnA8t`ZTBf;xIjG&BmQnIEG##j)nWkC!lI;lQiM;hum=Y|ALanvX4uaNgzK`A2 zze)T@=;_~%l|4xqF`2TzR2ZtN{w~pj-mbWwz=z1RO1Owf|s|SM4 zC>T(%(govM(V$IV7d+_t|EoiUPG6S^3agz7Hp4=@?B@pz8>gtn^nA(aaBhE}9|c70 z=t6S+R;RWP+m<-AVZVQ}n$WHuH9uw)*cSgSq6Tcjf2XDQ-~0OqoB020Ngn1IV zAa_D}bv1o{aIbQ@YNqPT1a+UZ&7q#=cA%)1Z$BeCsv92-E0*%2Mg^ATB&JDJ4mq>6 z=uNQPJ2HHYrZ|4^#IUJDcX>HAPk}j4i-ZFO8!zrp`&NrEf>pr(3R4}bL1>5BF9V$bo|CtvUF9{J?i zyFKsG#jFE`{_S~A6uS9Nrw2V%wZ{jYX^H2De5^X16?CaGtjhh7yV$Csp_RS$sfXPg z)V&haoiEf@u)A_;bb;7bBOFc3Cb0CvPh!3zVX7Er2uNJ`-`@cllRq&Op&%u+tuC}t zsj0i0knk=+0bm5+RD>>x|D1vm#1U^c#t}#ej#DivO6%SmxkOd!iCQ8m&ZhzFf{PCc z3Q`n;pH!irMGTdc$ml8krhPCs)OSx1{WmCy$ZUe*v>T=ljdIID_$AWrQkbGq7Tuwa zv@unX&Erd}C2?;cnvl3NX`v{#O2Yn1hTTZ|l^0kMG3S)Toe2ski5Demb28hc|EN3v z1&F4*6Bxq>ei#fEi38DS|Kpzj4)#wE_crIhbtG^6hb0^V6N(AN>1-Z@pOPQ))!zH? z=FH<*;DmZu|A~xK(B(A7=MTJ-d$o0}hoBth0W_Y^41`&G;Nq2kewQ%q$GLippZ{h? z`Za^5_kQVA_Fipoeh5+LjvWBQUo+-+lZQtZqN%R0)q&S2zKa>l5S6|A@{YaF^3Jew zZMP>NsE-P=M2Bggmsev;-YsnQWB=8J-z)Lo6h(-Vm%j{Q@R%j)*<(ZkF{j-yV3Yp; z;KcF&aBy&Xyz&3LmL%4)caE250WMb3z}rYyQ}EiVRu2_r!|F-)TVe(GcE8C%d>#Pl z($dKuT#PYzEvf+8VS(;YEu{1g!7{b~{)O7ul3wLH)!QhKjlF4CQUaku$Fcw193TPX1%xK@}+Q)&rLABia z)NJ<`gYA`*+zLszsdRpHMWyA2@GikvkzR+V&&wuFpDFbY`hXVxRJh z*e@$Jp8pu%PFb`_9GIr}ABV?f|1T#S|1WDvGTgnI<7FTDbiMPP@`}={KiK6XV8wlw zzdf7xKh^#mhqpUDbakh-ynh`|Xk|I=`2Ex4*v;pkD)sr@7&OjD?Oc4B4>*9ulRh;# z?=Y{A@ELBt7+Y%FtG4udj|H34f49?rG0V$4?yuwsQHc4?sbT%85&zqsBi_z)0n~i| zZc_`-Q4{w zc=t1%>+Z)tJ0IEQPZbE;oZ~*7R674nh0uHX3y$$ZPXCS6aQ@rhE5(00J~`f;|JIVE z|1U%z)Z0=Z=O5@m-g14YZwkdQ<3M;nMxd{_LtnpMHRVi%hZNG;yk|&B&Va8*&PbXM zidKQ*IEY8Z`wrP9^TETG{7q)yqRTos)E49eQ&H{(nc!5H27NV1_EU?k2_O5=u0hPl z^%T)3ic{oJXEkY6l?&Yg=*#c@lG7}swe2~~g*WLlOO^azL5)T3{dH>M|HozjFUNZu z|1WDvR+J{r_GcOo3iku*@xOrA0f|$HV=zY11RzRtw*yKLV1C-pU=+8zI1hfL(vXJF$eVlp%ev?DLKvx>IA+YB9K7FPxvVT{gnI& zCsBVvNu$?&9}IG7(VA}+^c%%oFfxZ|~{`VBol#kVqXYbzf zj{WuS`l@f%S1^6))h5oRc1i#nlPCSBI6!eBEbCVNEoeNa53)Hyi1qx$DtyoqQIO7Wi0*Y7`r5u;2 z)i`hp@2oKD8@yXMVUZ7U-{|K{`>DNDwRrp)X zIvouf@&BnC|KV`|bQAw!EvbpMRW1OF*QukvxDoMOo#61p4%iwpgCXi7wXbJ*J0&f= zzSGIMz>r0|e7Oq!@{5$*rIhbv-fCHmEm&ef%D{PDYPO;KQlp(N`@6BbRr#!<++?9K zYgdKjqK))b)?4vjNp{_stIZkVvrY~CKSWa;psozxNlpC!@Zh*)|9iCI|7%H2{J&TL z-5I_tTg~%}x_#a!%+ktRlKjbg|7J-9nXiL9u-aO+NJtQ6n58HVP&Ywf7F?M98|Hl*ffNruVk{&(g69i5Ce}BL1|LNpt!~fTj8ujSq1<+j(IF(dO z1W#+t_&>>_NM6x)JqCE`S~>rBTJ0tS+`Jt~w}2o_ad! zgjD&i;-lQ`7popB&tw}NQUAuMNhyfL%;gFqHWru8Rq7#e=iJ|DfL4>5_&=d@Dt(O9 z!2b^p4jufze|oa<|FNFb$p6&>sAT;5-^OP)4GLC2DE=};#8x^^+;)K{?QzSU7{ z%pJ5EDQtA3pN~~avnrp}UTJLLjl4P+XxM{bLJes3dy${ZM%$y8Cb0HhzUq+a%f*<4x@Y*Rk8}9*s(SBNLV@j20J9-L z{kg3)of03knawgv(1T}!1U3!47(q5wF z>cs!&JO(z}e;m8#zfJtdb)|0ne=V&4vt;`VvHYd8`wgq#B$>ML|M?z(HsgPn{~sRh zZ{okLC3WQg3q1gx);$2NZfGTdx6#1=_l^&p_n-R*C#M_yzn1hTa0Am6(O5VSkt+Z^jZqAS8ID5EM-v!4!Ux0# zy+27WFDy&s#V#A8C;|@=8A|6JIDXgx6h$z_Qv?#2j*Z`89QOVMV)P)H%nRuu5rvW? z{~y}}`EHQJq9i8?B#43t$7s+Syt(`3E+rK8{shjY8?N`~cOb-+^#%_(eJTD|lHVH) z|4Cnp|J6T?A71kR(SNdO{IaM>K7va1}J6-><{*Py&Fj31f__wUQd1?^p$n- zct1wqo@PjR;$h%M?uZ?L(?2sng!6dm=;zPU%MQiEEG3kw>QD%NAoTH7MRomio=B0}LZTQ9>9_37zeL0H!b^4}efr z@gS!jMvQ<7d_*9jcnVX0=qCUsB$V;OIU`Mp=y8c!F$94cf}M(*1g951vaK;1^eXc6 z2^x_oB2Qd01dt&HAVoVM%#fl4QxL;6<3IBLR8*u*eIWyXF52a!{8_9R^dX6GfO&@! zO2&AIQxv|csB9O!&f+io6t4?Ux5fc!07)@X@-RROEw_%q1U@2DGpGt$CqUlCwn2f9Fid8ZS4Tn)W84r zzf_KY|LcEmYZuZm2GmL!RJ9EQP7uf`Zn!`Sj>Mr07E`!XZ%nFiydXU>h9l?Vo~okYf1eH8>|U zAyf|f*>DG(MG?5=SsA!R4AChH2fcs)>wi^@(ZB!ozxe<_kWv_;38asFsrV}&^m@C? zOub&M2)ajf!sG;N2?WN7qTviYaMsVjjAUX~>z6OhUcPFd#yA-BEdc^DK}@*)yG5PLgO=Fl&nbkzp#? zQZL9TXWY?@w~5582>*qM1r!g?PalalR0cgo_I` zEc|SP`BD`dK;Q}#+U4X#6dOoLMAq|->kbD4fMv>qD6#pOJU!~|4U;6oi1iraGnt}j zCd2@O!MJ`o>SbZ<3bFsDkj{GTs-Q@SmyknrReab%t+E z(M~>qoD1mj<1ENKKm#C`CZH%ld@Ref;n=LRm)9x6VJHY%NdB4Jb8;W?kqJmF*$)#c zzY*bFLao!DIrcL?KlUzxshC^7P~utj=E1QCQ|PLNID}bBI0gu~MC|1|Q#NNZ0lTb* z0czig{=g^#0*Lk0j50qz<}$*lD&OFOYltC-@k|K`;UjcrN;?W7@<0F?6)aswl_~Zl z11~h(mqRr(&K$6zGRQchrHJwMqS0+;_4pUT-?69yuZJA z1780K&TekrUY?)5etQAlp8c>R@~LzC8}P&R?SFyGJ8*M*{r>XJ#T#&a)jPZ5DCg`B zT;6dB|N89i@@}AtT;GE4E^aSg{|Me(-krZayL@*C&fdNSKb+m(o?YEvUfhARt2f~M z`s&T){pI!5-A?b~Z#TCWcX#0W7F@o&d3$;BW(QneoxlD5&E?g%;KdJ@_upNAe-GYX zzPr3X<7KwZ+OEIpy}P(Q|L*MS{_OST+speOcfdE7_gB2eZ?12_8MrySy}vyF{_WW< zxcUC}=KAhp2V7lW?OtAeb9;I9?Zvx`tNR^JRqy`t{_Vw}*V724ENFz7WlWuqwUr6fnMVr?pHAXp6HT$L|TBAwi7rdrH&Euz}#sdFZud`^=qYR<_N#e!lo zDum_`MdXPibKloq?=lw535SRp`_Di>)qT}`)1bOn#(_fjFS6=x?i9oYIZ-Lm_%I(W z7)3pKWTGg*2}X+e@_9TZ!gaIWO$HNw)$8pKz&%mOWX8v?3=PCj-`>0h?-i3j80-l- z8P7ljQ$#iQ7iTm6A(y<;t2Gmo0aMIjk(dx)ZJxTG_)_B|Sd{03HbF3EvTml1Fh%z? zqbv0yfa1tDM7d{X!I^l;2MT4xs>=F&1oPS~ng_r_sQI842-PM@x{M~7ux}Um6e@MV zftVG9`TV{DFW`1jS!~uP*)17qE}ySRSa=fWmE%c5INyvdYAE6eRbpX>G28|?W{9RrRDMYL3|^6#&)uNcJG57v2`mP^-q8SD5wW%8k-`>P zN|Y#70h|p!1*NZ%l>Ybj;_S`4i@_vZMH`Lx|0k#J{mDrThYYX4-?zTWqUZ`v(BH*}YrYql`TOpc zU4hKI3vOSZozGDjFQ%(d70*wSuIPq@Y>rxPNT_Q#mtN#mmi#Z{^9Vn@gNa>1{&Ufz zfTGl;mH(FK2w;T3Iiji50wbqJM4hY`AA|-j0+(@$=m-Y91pctQbt}(7vYZHe`1fA# zKLM{x0)gHC1b?@43C*{x{y#-P29Zzjcl04ZC}iN|P{a#@K`PFv;zW>+DS660^M7JY ba+5Y`lQ!uyO#goX00960fEe!O089)3&)c^G literal 0 HcmV?d00001 diff --git a/stable/wg-easy/9.0.3/ix_values.yaml b/stable/wg-easy/9.0.4/ix_values.yaml similarity index 93% rename from stable/wg-easy/9.0.3/ix_values.yaml rename to stable/wg-easy/9.0.4/ix_values.yaml index a34478eb9f..ea66922ff0 100644 --- a/stable/wg-easy/9.0.3/ix_values.yaml +++ b/stable/wg-easy/9.0.4/ix_values.yaml @@ -1,7 +1,7 @@ image: repository: ghcr.io/wg-easy/wg-easy pullPolicy: IfNotPresent - tag: 10@sha256:f1485fa7be04653546f66cc58f23114d5be73f3932e8d0a71a40c6e961050f4d + tag: 10@sha256:da8974370d38556ae7abd4b4bc283bdc196d92fbd40af2e1561a85b310b7371b securityContext: container: PUID: 0 diff --git a/stable/wg-easy/9.0.3/questions.yaml b/stable/wg-easy/9.0.4/questions.yaml similarity index 100% rename from stable/wg-easy/9.0.3/questions.yaml rename to stable/wg-easy/9.0.4/questions.yaml diff --git a/stable/wg-easy/9.0.4/templates/NOTES.txt b/stable/wg-easy/9.0.4/templates/NOTES.txt new file mode 100644 index 0000000000..efcb74cb77 --- /dev/null +++ b/stable/wg-easy/9.0.4/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/stable/znc/8.1.11/templates/common.yaml b/stable/wg-easy/9.0.4/templates/common.yaml similarity index 100% rename from stable/znc/8.1.11/templates/common.yaml rename to stable/wg-easy/9.0.4/templates/common.yaml diff --git a/stable/wg-easy/9.0.4/values.yaml b/stable/wg-easy/9.0.4/values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/stable/znc/8.1.11/app-changelog.md b/stable/znc/8.1.11/app-changelog.md deleted file mode 100644 index dc3643c97a..0000000000 --- a/stable/znc/8.1.11/app-changelog.md +++ /dev/null @@ -1,9 +0,0 @@ - - -## [znc-8.1.11](https://github.com/truecharts/charts/compare/znc-8.1.10...znc-8.1.11) (2024-01-21) - -### Chore - - - -- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409)) \ No newline at end of file diff --git a/stable/znc/8.1.11/CHANGELOG.md b/stable/znc/8.1.12/CHANGELOG.md similarity index 84% rename from stable/znc/8.1.11/CHANGELOG.md rename to stable/znc/8.1.12/CHANGELOG.md index 7709b9bd33..2f50be7e2d 100644 --- a/stable/znc/8.1.11/CHANGELOG.md +++ b/stable/znc/8.1.12/CHANGELOG.md @@ -7,6 +7,15 @@ title: Changelog +## [znc-8.1.12](https://github.com/truecharts/charts/compare/znc-8.1.11...znc-8.1.12) (2024-01-21) + +### Chore + + + +- update container image ghcr.io/linuxserver/znc to 1.8.2[@bd1bd2a](https://github.com/bd1bd2a) by renovate ([#17468](https://github.com/truecharts/charts/issues/17468)) + + ## [znc-8.1.11](https://github.com/truecharts/charts/compare/znc-8.1.10...znc-8.1.11) (2024-01-21) ### Chore @@ -88,12 +97,3 @@ title: Changelog ### Chore - -- bump all charts for OCI test push - -- move everything to consume OCI-hosted common-chart dependency - -- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733)) - -- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732)) - diff --git a/stable/znc/8.1.11/Chart.yaml b/stable/znc/8.1.12/Chart.yaml similarity index 98% rename from stable/znc/8.1.11/Chart.yaml rename to stable/znc/8.1.12/Chart.yaml index e6767f55e6..30203e1edd 100644 --- a/stable/znc/8.1.11/Chart.yaml +++ b/stable/znc/8.1.12/Chart.yaml @@ -32,4 +32,4 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/stable/znc - https://ghcr.io/linuxserver/znc type: application -version: 8.1.11 +version: 8.1.12 diff --git a/stable/znc/8.1.11/README.md b/stable/znc/8.1.12/README.md similarity index 100% rename from stable/znc/8.1.11/README.md rename to stable/znc/8.1.12/README.md diff --git a/stable/znc/8.1.12/app-changelog.md b/stable/znc/8.1.12/app-changelog.md new file mode 100644 index 0000000000..3538e0ffd7 --- /dev/null +++ b/stable/znc/8.1.12/app-changelog.md @@ -0,0 +1,9 @@ + + +## [znc-8.1.12](https://github.com/truecharts/charts/compare/znc-8.1.11...znc-8.1.12) (2024-01-21) + +### Chore + + + +- update container image ghcr.io/linuxserver/znc to 1.8.2[@bd1bd2a](https://github.com/bd1bd2a) by renovate ([#17468](https://github.com/truecharts/charts/issues/17468)) \ No newline at end of file diff --git a/stable/znc/8.1.11/app-readme.md b/stable/znc/8.1.12/app-readme.md similarity index 100% rename from stable/znc/8.1.11/app-readme.md rename to stable/znc/8.1.12/app-readme.md diff --git a/stable/znc/8.1.12/charts/common-17.2.26.tgz b/stable/znc/8.1.12/charts/common-17.2.26.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e5258f6f3129524d5434c8a1ff4b4a1e6c82fde9 GIT binary patch literal 97960 zcmV)3K+C@$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ(avQnPFuK2a6)0*`vG#}*zbP?s>Xjv}SMSQQ9#QrtCvQpt zXFw9sa46i(P#jT?nZaRBeNL^_m8JA zX7vS}1>bG{X*3#*UZ*4eZ8RF$e;d7a>$_&B+ikbn-4=h}Y;}6g??B@TaLGLhWibA( z@#wa)o%==}7~zj7rkI2SFmF|06q%m^WQekgkEj>ph>3SUCZWgw0s$VyFkXN$iNST8 zATfbxWlCmf0H%yZbg;ia!EBn0>K>Wxvp7MXD6nJDgcO&L&N~|eax3V41oL!0yshepYHOH0r>o7c?B4TghBp} z*Rp=)s_GhivCs&5NPNA1fAW3+j*~b>Aqy6Ok{JSI^dICg3VZ@W!T?R8h{O!ADW+<1 z3IGF8tyTb-AqInB#CxXNJMw)hU!T9RaRQ70isCu;5EZ4N?+@kgBO7zRyej~(7@{%0 z%>q`h%K(E{cT*IC5FsD=yK6MVVV{O@6d(#n417%G-)xG&7=J=Om|@=!&>f6tg*dE@AjO{g!oj|e!-%ch00+=cq`f^P5_a(h#UX4U3 z^hiu=qQ@`PS21_r;SkS~83>7wF8Oj2e1WeY9A2n*18~@AG;|F)DaG7oBmy%+8Hk8a z0StY>_iMSE0vvil;^S}vyfB)G+CD*4tX=sH0m@+L*I+Ufu7>5WzUL%GRbR0lRFW?LTHie34BLoso4lcOx8GHHhm{v-s>gC5{ ziGTrTHztN6ipdB8zL{5m{BbQdb}j;B%c{i z!iA`_%N$-@pr8zeUW#4%N>+~MUbfm5;-jTH9?d=ZThl&M`10d17~(i5`Sbw*;G3DK@>v68cmmpZOF8*u!G` z7m`BCNxA_@Lu84x6K{4?BLR)jAlB4-OmM zPP>QNZ4b8lO*r;?TOJt$a;sM|2_;BSA?)1ae(N8GBmTq3$b5b#(0hcG(o4-g8`Jv zr)EKXHLK6Q{gxunBeUo-CSx2RJ#D3$b(MsCDk}aUK6x;LBOG9c(+wH={s8>*U+R}1 z6Epic%Q-qfujsw@7cRT;S;&Y)VGm%n#lVD-8D!XlL9j3tpznj@pWgp+u?L2y*B{PK z#J_L(zdyeJ<>K^e51bqw-@N~LdUbVna%$??XoB|_=l=jgY&6v8RHgt@aP|KEwMJZu zhQr=5jHpc_F&8dBoShVp`dZ@-1b}oz1LP z9|Onjq>FZDtB~8}D$X zVj7b2qo{E4@$BU6=;rw7a;SGv7z7G+RnDdE652+@w?IpYR|zWTIJ~u{-IP#vf!H01 zZ{3%dd>Yv=&MuGL7o4A1kmwY~TvX!w!$r#7_2(FgElUsPQE&$re1`ZT)$f$J^dpWb zlV6TWIK~r650ZAs7SBVUFlzXK5Qhh#+N>%hj{*!S($j*A%|jF*j}gTgZ<7&y83|CV6;APndQ;>l0g5jK5#)XpVYo1fAq>bwK> zh{TMlKb1xTzI>@>fJ8zAF*=BR%@$b948R7dLon>D1 zVm*)xmFro*aRpvz+GvjA#oZLeNEl79$9qt@{=Wy{!}YPVv=w-JWvf^BU)TaWO+9yU z7SphJVMazT7y7)$=NwaJZTk{^OTD(cV7(sbJOTkDm&`Zds1F$bE z%aUTCB*zfe5d~uohbSwhu8w~V2mC+vR-@6ZH9B>V z%~@(m$(d zi3n19M`B-<&_Anr7-t&23^4P)0BW{Q?tRt9{{&Ny%kYbDt_O3Ety%$dkLBmTVwF1p z_=^zEuvd%b-YQ7Z+*<}|$x^i%srit>p-}Fgt~~&9tpIR~Lq1lQddFcONstJ!9M8-E zs3Aw6Fl9KLTz)(jpY-pV$4jq`xUMGJPy^{%?cKX$8elYk+5rP#E{JoHu7Jyr0%^)1 z!(J^M)2GHjwq%BHMtrVqj;VgZr47WF$390-{xahz+EAE_zis5{Z1f_?)7j_|$ct%B zgtR6<$sguhBFu}1!I<|2e99(pIgt%6rt*4VAsvUMtw`^Xj13t$WK6ug&}a^H%|r)77F`BSOV!q-}r=J)X6api} zDSKQJE2IBE|Mk>u2t(pV8ahTX!(;40wjqFW7->$^6xN~3BnXDcixJnt{oP9DrI?!c ztyHMjdV*Rr7>OF@SFQmnKq$4n5C!U(0c{0ey~@>yN6-`H_#b(A9t==!cqQDzPr1H{ zV%E5&b*-1h?Y_PIkd}UX`9Z_Jcz=C5tg}z75)vkDc2fj>&d~pB{7GPV3l=01!;VAB zU=ZMN0zQ8Rb?J*M+!nrk0i%WGURW3QV#z9`J%^Ehz*%6-I?9ZsOUU*%l!WGrK0;G_cfDF9i9|YJhUv?`1j0s`Z%-aDc#7o3s7Drc}<^>2+1iUHY+eyO2NTzcR z_;w9Il#!>z!&Q8HAE8iERZJbi`I`{y!5wB(IVGkji1t9F+9n~zK8m#mAD=-f2Fn`U zrx6J$iPiGNf0yUUR2uHMGy^Q(R^cXhE~$P`31#LRiPhhckld6Tn=P~HqbZ=B@k}Y>USz#d=Ht}qK&<~NN4To`yO(-Z z3C~Pr>6J%{IMghqUa{O8Dw7~VED6sF9Wy*Hu4A&#|J_#wjSoh<-tN~M+6SYLn*Br6 zL0-Gp@ce!gBGm8oJKb&@js5mP!-oynZ*&e}qcLjr4?D2qA2fO`uhTtfbsMm^%QFk_O90z1d8$JQ%fo=r<3&Ll2HeoemuL+6P_KK0Ndqp4V%(Mh(wH<9@3( zZg>0bgHC%i8aJD5Z`|m4<8gB-mJH%R>_e;3G(|0smToWgXz~2r3tP^l$Wi^ z!Uok&z12ub+HH>xQMWbj_FAxUaEQiDc-ZQ74o2O>Zfo4=dcA{2t1;^Mu<18i-PWjw z`iIavIE2lv-x#5#sKOw^;TrUm<*cdMJWMfcb`Tu5$6l*w>vR!FMo!)IZ?*={wPha=c( zjr-kxv(f8z{l~xTK*z^zDtxj{? zYqa~z8RiVe82Y38VyvnaBiw5pbPq-c&BNxX*K75gJ^!F{&}obh{KHY(JLvVgopH0@ z?H%-*-9xY2>h)pMJLon1es|nHJn)wy93vm!o4}${F|z2e(`+3aHoe19&pYgmo6TmY z?fC}>;K9g8hi!C#`duhCsrF&3 zHEO~U7e$)=g9C)RYh%Fa3nD?_)ztn4$LMVWWB~ zy|x;yX5+BgF&yBaJvtcmJASW&Mt-9|K0NGpo1K2QeR$CBcr8918)JmJO}_=(y)o?f zMu%_&dk2TTMsqY?2ZwtRS(}iM0A=D{lp``ye#lc4qk3fr9HsG4X;DwQ)bTqYO@3>A_@f!IcqI?*TpK~64 z2XB=jKqx!XX+qZouY?wWL*=iu2ZRY^4-F8bf^#O!1+j>g5lSta!Vokym_0D# ztx!o_DBZc!&!QHLZ;=lm)hN_U{6JKP6)a3`AW%36>aNz6fAX&hjK(p4{S#<>jf|vUP3mlgLP3$tpNL(x6(E}2}#UX ztTa+tLDArEuR*ik?9>_s(4Mlp+8Q!Uy~FI!OR)&ytQ3_T9C2iIALzmpZe8f9p(eAXT%QlK^R^D&5H&CK%}3#eI; z(iNXiq!9uhnT>GBTf-c0ZBkDQd#Qn4B4GtwE`^n=m{u~)xUl4UuUOQtl`dBtGBnYi z(Awb_#q1pn;RMA6ZiMMpu)JHDKw(hoifFheXP$RxBqAV?Rf)xmhzRFx%h9t|Sad}& zFHlj%e1D{T+^ubdPYQ~dDJNXhug`~hY-18pFyiymM0@){kTe(ID<_{FAPeju*(^18 zN+X2jP%e)X2KSAi1rLj(l@;@m!~B`qbT>PWTJ#G0*`j8h2-+p?g}<(FZ~SG&BK)Vq zonnGkPJ1(F6@$nJ8aq_U6}Qrim_knKk>biB0h5>{k@+@}Q9jF>!k*QJOgCZ`zr+3n zv4KMy7eIz|%I&&ZRD&;IEpT!s1R7Q;ktxKfr_SxHH$wUm?lX+xa59kAbsdrI*1Mf& zYu32_pz7SBMdqssWwBsZyv(sDFR0arouc92Ddu?`Cf3|}$L7IWoZ%&u*yGOgJWzQ! zeXaJi6i6od1SpV#rMC9w^!jL!5x^#pp*y$$F-h1uikm9;IIT?p;eget8;2wlC~$dP z%HW&_0|euM3;7Jn!&SaPBgm2%?YW0@+La@LF$@_}S`PGB0)t=y?nrzql*BiPqsa-O z0%c*iFPMlYBH*~vCXR3u-iFv{Ny0d2>>+bdrxI->6oDiR_^e)#1l++;%ycGoL&!jk z>1|~P{PUkN8vpBGuS`N9N%9(uaGl}_t=}Gqm?$GK(R~^rZ+}M>tcNme42Kg{^iQqv zya|J73R}CSny(=8J@j5teyP^0RVYzXxLK-iA7Oxf9XAH}K)$`YJig+^_P|fq*O%(g z>tplR`B44!;Y7X@prq@jsqv%=;l`9zcR}fhMvGFAG3ZT2#tfyP!x)9^3XM%1KNn6p z&(=N!YA!GXPOCGDvzJZ{BVPZELw_YSN$$0khd{7N?}6w%Z0C9r+_|B)nc4B$)*} zg5E6(eIe?_2#8Qx&UeoNQGr}RJTy*)UER0odU zC7(NlCsU^LFo3MK?vYTg6U$m+I)y`z%Q4eM0cA=mPg8!R+TH@rbxNny$4I_P6({-jXD(C7KR+5l zBxAfu%`!6_9?c;RI1-w~Gx+I42<^9(J2aXSB2=R}=c!PLJ7pbEe*dOmMGm6?p{M&S zVe0_V#quC36(`(P`FgtVgx92wYf&zgj+bxN$(J)KS**bORu5}aCJ{665SoeM)%NI1 z`R1J5q4-kaqY6s}%m}QqxAK!KP79&WdL_I&#KiDo1Q~L&-pG7XKAOSMuQ=&&BvIT9 zIh&lOo}@xfGly5uqlcG zl8FUg(Ou1NM@8TO4FvDyC~zr9i&JwHpqOw0N_ZvCoAus4jBt%lY`QN&sgVg3sQpS| z3&!s=)k%exqcvh-G*dSJ(Au>mFg^T0x1u<|!ocSDjBtShoQ+lX77mn4l#vuk{5{ho zEC;UgILUdcj6w#psuBsSb)!(!i#x5RQ}MUTj@eB#MheH+A%va>WytDEb$cQBDAr(Q z3Om)h?cF^}yj#Qyi7vm$bXyjgaah+Dd%tcV$Ar5s|33aY0T-F2g~Nym9z>}tAuK90q{u>eWP zDJnByYYDL0R7VM%tgsBPI&I*fYPAmNW<&kntXp~aNkfw6qcf`x8ewW}&h z`Bsjb9`Ag+1+Angr0J}Hk7W7-L;)THxuS)Rc^6}bByBM*n_l^LcT!V2NpocFi9dy4 zqR)K%B<6!T!`j#>jCL^+q@@~Mis>MQroMSG@=?ez4D5kD`enFJ+tx?z^B5%z;7}w$ zkFM%Wrd)217h0B?kChgb7C;ZTx@#&;LsuaCPwN=r_J0lQ3B9TDV(f9E??aIyfQy5GA7k zdv1?yZSL*yWqR5vYinj|j)Y2=wB@5jrRgO_U>v|n9sEdQ&7M`IV=|kGa|e8jG$U0smSXM*?PcBv zWI|KFZ0P&a1Qx&vsMR#$HQvt}3usMlfhi`1T^m$(%4EflPGr^Ng~fRxyoX7PZh&Aa zE*7_8$%|R>@V_>nm9>Een-viCducfv2@55Iw#X{mwSZV$#+Dc%_Ar{Ud)4L(h&X+{pI1yos-UPZcliJypDb5mtFg2X?94Rw>>u z*(&9V%1q6??sfk?^K7jB2zhN7P@+je!M|Nfmdp%UsP1&?-*Q+fm)Uc>vOLQ#*psNMnmS3y za1doJH*<5gK;e7<#zb2>Y~y@+Dc$w}R2!fHe&GM7qoxyz-rt2NzA}d=XQAw!iwZNx zX1W>1f&r+uI*n->flafzu}&zb3#bImzA<=Pc-Iulw)v%XkC}808=QF-&{!Y82R813DH|`{V7h_gwtGp zHD~TBpd0zhq$1l8?oM;1Bjh<7(C0Gm;H@~*4{KwRgm#-#82hy`#DPAp;D5glPve+# z0v8H2lLUQYF|?rY4Nt`Sjuj(HNASHaq-M~L040P!PC6lvNt>fE2||6PMoM_hDU*c0 zj8xY*ZYT$hRnYW>870uP_uQJ$Qr=VsFfFkzOfMjbA3}!bs1{Ai;JT&OhK*uYn@KOj zQpi>r%e{q*h4LmJH67J5=Sub*#W3JwTq7Z^^P<%F3v1~O`O5ApX7nvult&dn-&c;2 zD_S;wF&{54RP%Lk#@1+>gU&W?1#$CL6xnVac1#CvjBl*<0?!OBsqFz3PrRptZT5f( zR^j}|4w03PNiuwiujXG&K^Uij>&OQ_ielu6nC^6U*G*PZY_B!&vgjOHvY7hvo5=-$ z!!b!6mkOX1-NdEaxBeOhWVFvk1!)?%J)rw>64vQd9qp=espkUc!3mp6?TzTu0L_Lu zt=yw|n6RnPIL#sc4mjegfK$(du}Ge-R232I5h9roIZi@=MfQnU-vtCzA}HmmX!)Y@ zR&Gd`ed~EBVmE%6aW0kqToy_`qU;9So(7b7x7{0)$V$H!9Q6jq6Q?%hGTcq!HT|z zP!@%newnQEaxsY`C^yZ;*z`>XhgqrZ$9SUe%97jo+>&Z{fXQt86(elycV?88%*jPg z6wb|i+eK7)h^GBosN68}^e$Mat}QHfBn-?loe{7sB6>Wff=`{vWna z%-_U_4+$5W6nI4l(Va3CU*4LUmIX3!S~&aTISS>8DU2cs!gBlI?*+q-;MAmM!!c#nyp-nG zcf6GJe3W>dV3Dy^Z_nBI%5(ujb0VGUA6d>&&)Nemshs6*uTxXr-jwxiZX{+x*NJD) z3J`Kq{O8$4dD~#gJsg>Y|JDa#Pi?l^t)?W76``% zPda0U6C7$+;f%w+69p;Phl*P!KB|`oFN172vaX%65E}&V5mRi#FNi5NcPjy)lWQ&8 z33Qn!*#->o{2m}O!ENTLa4AgqMtHXW3zdRr6r-9J&`4}Ms!5M76rs>Zp@$I#JDbF+ z;)T)VL5Cq+QcIXT)a5|*IU^sLDdsa-^86X`WflE0lVZU-&XuPSLMDP4ZCUJoycKmZ zaHU`!lxxl>h_aY06teQBVS_IdhL#Bu^X$&N7Fk;(jRB@{&D)~Xmvk3hZ>8J3q-?({TfM3Vzh zZFPHZadi!>?qINCr0!raTo5b#Pdx?LbrOxL0SdI-EyQ*c*Hp9;|r0+#I6 zzyg!@c*tVN&}8vd^mzcV>9e|S75U&*64E5%Y6%yI467Fun87fC0eF=bNX^ryQtTBc z>MpKSb=ng0f!)Z!YF$-PJGUkV;nN!ib}AtE$@g3n)lbLJYTj<#_+hEu>2F$#Mlsi! zN}3i6Go3Fk-uB{B0pikoKvS0yeYoWiMDL(QvrEsQfm0)$Vb>ztjbgxm1_7CX0L@Xb zSDa#8+BXIO#W9KZz#WXa94fR9GWWDl@7Jw6J^)|S_E%JYUuUHeW4`}^)0u=2W1jX3*CzTAfqzA@qN`#bg(0>`<{(n*S7vm92Zd&$R)Dm z6}9Tzi>%$mNQml7yOEyS<{`?2MulDRPp(j5$m%bCSFdjS&up22_*GUMe&0Ss?d zqAqn}rB{eUmeIo4rLZ92#fS6rdO9-dVqA@#yw_f-NT!f8(z+cbcMt#P9GEP~o117_ zsxO*ksXAayu{VS;&JLrq5VMmv+A-QILVcvmnzU4c_Bh1MAL$6B$92avvA8AA-G5~s!Rf6lWxiH@&MkFHO_>EEwUFNSCDFTmN4;Ntx?IQ{$C@OlX5!a(?! z0$4|B+VuN_6_(sj42gi(zodGt5?|#^wB2Hqm!r}Lg#V$5m)08oCGp?MPp*)vmZkEh z{GSBH7-bIFEM5-IEfn#^8J5sYp|!7b$|?}B|U zQ{>+MUzwsYg8r_6CHe?{yn6qRt7YQSD00JD!wnPGroXuTw>(kPmwYlPoU$K)P|dj9 z465fxZ%)sv1qIwla653xH|n4IBU`;DJFukLw?`k|o~~^4m=8LbVg{^1-vQbtlDZ0F zb=ol{6iGV~XCSGntkZVt>kU=2J1OIm9^VGC6mnC2)7TA+A!jB^SeD%%z`v#L%oTG5 zh^yeXHm~(?@lM4Ty}CTRzS4(i$lnDQ){&}8#3ghi%PMBxnbZ|^8xN`8-w5@74Qxg* zp25&H3S_Zz;5(**Wev)-=L<0Qz$sb%F+8G@QlIYFRf&c81N z|Gs>?2hbdavQH#oB0MZjN$S{9fEvAl8iPuz^IZ}gGC^WIvqoDU+oWN4MZ%`JS_8BA zT9i*00EadJ)hfq=1I8h^`ti8kZXW`9VqqB`@}cv>Q&nIhx|aq%aiYnti21GtM30sH zX|7r~El5TQhGL+Lr@R`#3)k0XCzH_9gc%t>B5gR+uI5g%m~^cS+vz4u+x5T7fS143 z;SBypLU>2(9+??WDg{ej2?BP&IpS)NxJj2&AoZZu%@5nA*1b`WMDEm5v}t>=zyDVm zN&dIL^1^>h*~D*2Y>5|tbwfk{R{yIy4&!9~Tiqius^8(zCwH_SBDVimi|Sd>ZwZ+M zXaFX(ta%?%rf$f;w6AorLd^he3r8z4zi4|8z~6+5JrTgQ#i^Z6TNQ|8r`1uZ0_<1n z2ATczjXdiA*>UCrN(pe^3JeBIK&43phD=Bv4n#Nhw%}6^2l;vk={31UZr99_&_y;A zp*3y;Fbc@Xe8J%q#hCpVlbIO(qmxWTgB-Ud9V{T||yoB3mw!#v2W^#b!?( z$|yZN5-L(n92bnVaY$~QCCq5caef~hCyhb$-zbJstjYNh2aB5GMx0OKU;!WlGwg?W zGG&fNkcn&5k&P?sN$_si;{Z?;jGbawXLHJDsRe*0G(w^41i&XJ<9$!V2CMCcZwXd4 z@J`xTby$t!iCX9sAD2^z5g#rbRB}gF@^!iMhXyr5V-lke(oXykkY&5c<>U=XLa*?s zE+QnbPwHwlZBsBYv?|yrnv4__d95k*g;T#=$XW~)6|Ua9L&V#V*=DG`ao=w3ey2Rn zS)PVs1$tU)$P9kEky#{eIENU3YO~R3RIL(N!Nz-LaQLscxKNX}VU6&78pu1_-f#3WNBkXJlCfCRGQnk0~gzfKZ(0rqaEBoW>V_oPBv zcRfO+<-bl^P!h!Vrvk54*nj@vn1~$qP4!dy-yJ1v%2%jP8&C~}EiXqeUgPVe)VUic zD?P`=`6h}2vPjbl#z-W=u84xyQ6RSY@4oFv`up$e91(P1#&_D6Z|>iup0#xr1@~^F z(P%V!oz8bMsc9qoZ@1m+eb?-CyX{uH+v4wA%~rSd9cVmBk26m~8H~ScJi4uH=f08W z^XL5^Dmt;gG)9Uzjf}f82`gvHRbAx)0s8=pi|y6YP)18Lk=)xRgu}WH@2LE+|K&^N z^XHmMy9lbxtIwNtIT!1qxw;)-Q&YvicRlRE;5FZqahR6CV{;X{ghT80=r{^C3%6r}_=AM|nM6z8(>O7$Gl3i@G6J zIZQJ5vJ1FVNH3-JLWiRcUMp)?T1j60{ym+07ve;Z|E2EEAG|iBrehl%y!F5hUV~S~ zWDfACo-iEfF|LAFKK4=-)_$rnA?%oas)Fx9Rqi@m8>?Cv71!e$VAb>hR6Q63oJQ4S z;v*4>i((y+TP+454oR!|sj0eM-Q9IByvJjJeoYBbpbcoElBcx+p3P(tNTxW!IyG68hz!Yy7vI_4L zrO6Dbs}x7_b~fvRL!#2ch|pI%Zcg>LV7S~)(KXwa8v{JD2&J+bQ{L$f% zIGiXBiNi@sR>SMFRD2R9xr|L3w90BKMyWbd!YCCfiW%h+R;jx0u*&tAWy&s14+`03 z>8RxxW_}4TXQE3u%31NKmQK;t9HnB`%Q<3zM(~dB;!`LSjLU0dSh^-M&1Gks%Y9sA z^4zEF@0XUkzn*7J{Z9#B4^sbD>3^+GJE#9OdcCdw_Z*MZ|FWV}HXL1fEa8x%m?8hZ z8l0_d@a5;mo_u27ZmWfKjHw<1!ZWazoT$Is94g8%4o1$(9?w+rIyQPx_Vt? zAvV8+eFCV$nL=N_44jv;?0>E+z+Sy97ZzEouDg%o6Y^SmUlQ4_PO2(`f z8r%KxO?>u`4H`)RV9i_`0yqmy@M7tWijqhFS7mRY;D z8KiGyuQX{m9<@_0qr%f~l%=h&wNGw#e_GA|4R#M@|10@_v)Rq^|8}pt<^Rv|e6{C) zdfMId^sjtjzto{y(Kh(C9=WANUwYuSHLLw@o-+PFk3u2(%l!He=l$QU=Kqauqvi7d zX1~+wZ2A9lJVyRk31P>0BBVZ*nAZsYGI{8Fta~2mD}QD%Dw6qq$l##VZo#Xo=Ico$ zg{~y3)9C>Gw`N!xXQ3eueJ=lXvU1T{uzhkDO6dHrd%^$xFukSgU!}=EexwCp#rkhI za{7O>vDN>d=P~PFjrE3ff4f$!kMDJs>QH5= z7H$L}igC!sp!%oz-k;{x6qZO@s%XjO+2ga5tCFvD?uoCvS@pgEufjyywzpso%OWIm zh3Z!0mM(ukJbKIUnD-ux2>?HyU7h}Nbbf9IQNOr(|Ka-0`wtf5q9%D9t- znl)FLwPi!rQ$jUcZjuoM2gN1xtIK>>iogwKkMY^spYs$ z?!UQxv;d@@6#BNOrG-r9JpuXS<;Bg>hwGojPWvhqa{l7TgpX}&7Zh%)>x-~Bns2WKoKdG#~mZ5T~{3j#vA7}hu!~WlHWaPhQuix38 z|31rO?u77j+=;JiN z73;s#?PvWznw%wU*Z(s-X8m7hFPhze259Eby>!5;siyqxet&wP>-3n=cwgMOCEOnk zsYZmbB8_ng8B&6q3z8MGsg~JnG_s1O{c7#A2NkX0lJ8!AkP5=8!wrY(57vh(Vx|uf z13!Owb9ys8J-#}<7HP3XmOv`f!KquGJY-z~uJetEJM=Vm@&Y3!e5PXP-QsXkul#~V z2&lP()cvmSpZzlfFt~#YTDc9$olb8Iqe#Y)CL;f>xC2bCLtnUERX7g%+E*RjtuoaK zL0I@^1qjMJNnnt~NG()#UUNOXv3jmD#9a?>hVPGm=D+vnFy4=ou;_wtzfOsFtIA&= zU7y~ZoL#9Z0UlXZM4x3ruB+d?zc@aX;`Y+%YHsd!0ktsOoBT1NP)}czttr`DnQI1?vVlpOM4vjXqO+WE1Iy?52U!zh7S+ z-5g!L)r2WjT<=Gq?CtNSvFoF=^WpK)`RU11w5u-GPbWHGbU&Z|qlj!{ILi-FB~^_5W)$w(-Bu@)-GFjx~6t??T}c3tw8wTW&X_ z1OOb$3#RlHZtH6WYE~)0mVfsMQgjK~bV=@r928xr3hKgg?`jtEc1z=nSRvLmBJ)Vy zJWnh6J4U4JsUibqKGJHV-|tr|n4wv!i>!2AtjXI+g#ThiN94+11xE~Pcq=M^%4N}j z)W0oGlfRDob6KpW+*2I)an0a3tCRBeJPNg-EiRXqIixw~GXuAZ;jWl#a-cRp)g;^v z&olwZ5JK#tHXSlEQ4KJOm)N)pE%J66MKP*kN=q$c*#zafkC-XC0V^Whyegk|`G)Pa zlMk*fu2Z(KY^5=?CM7KjY8o;+b4vlq4908gd{FFVqPx{}gmzO>P6-v2D*BJI?n%tJ zhUx?j&!bSp4eRRi9_uPESFON=kxLZMu*hZXCf-%*uQw%kq4_0mRh2$`lhmQ_MV56+ z&yB2WFeZVI;>|B_3HKQ`lKV~-ftM{6ZfZJwb*w#|1Jayg6cjb+_Z?DGzsO!F2SYS; zg5!-7!?ayMlDx%Zm4>lif797#xp&&rSn-+KmoGAS?G4w6#7C|Jz2~dUO{0c>E$sXv zLZEtwV>C%%>{s0bXwx8X4>51wEm+j@FS>-?yx__!a8Uk6%P_Eu6t(?Uxh&Z&JNk19 z?)Me6vB77#{>Mk_k;>m{{jc9|b+hNc?Z!6$@3TB*@xPp*yhz-yW^-CL<;C=sL)B7t zQcKgo7R$3r1WB2V8vs0y!u-j1dbuslOYN-lhX|1c2&}B4CqJ2@u3Li`_iJieHOGxu!9a>s3g-gkq0$oMXv}83k z2ULq7JeaVS*6L1LEo3O>1-|lvJP=q={3t}C#C+?q?6_DM>(zTEhStE_`Y=0;0r*k zpxXWq;54L3jMU9&z$h8^b;L7>Ll6;PUTKQQAPG4-c5aD$q6^{sYGu19^#WLx?Y_8$ z`{uhZ?tGptxrsEaOcPdb)!EAOyw~VgOJgWJ5z|tDHPmaT=qQO+{k~{|Ez8t#k8B9?T z;9yCTYqRi(|6bfKNI_NH%Foqo*Rw&~s#h(_4}ZVGEp$ZsI)~RDq=yW$if4GDRZdEKx zSmh)OgMi#!#(0hcG(o4Fi>M3v^tsY<$JwI~Cui3;zg(SNpDuBx9iCo)I6JX_zCC-+ z;L_pg<G0;w(eclx7bgQy4ae*rSw{f)`Rx3B_{-V# z@lOMFS4U~QUniT6|m!Xb}%K&&FSBd&p(`;o?M(>|MLFo=i$xS z<;PBO5|DW(n+D`wv6j}+%{Lcpxq@K5Qpe+BQmjZTyN#dxI^rk4^(QC)c>$z!W2qm- zvqJuB^;?bX`Cq5EJ^y=_M<`jx=D6dSk3LWm9{&P^Kt`kJ8Nzq<5*12J9s86<-B(t6 zgID@PxZG4!!2#d`DgPm)Q1nS$&nqm5d=ITx(t3O~%Ny}|6~Uf#Q8R%n>HX}yko>!_ zm~(48FKfLhtRR9}MM?fwVG)j#h)GFNlp!j)!r+xOhrwW1%Gl*Xc8=1Prv1I5qVQAK ze_I=CN<2}*`uXKcrB;s15+NwFC#^uo0Na-@;xoaGu3M~>&sJ`7W&NCbAAb}>|zfj z*ij1NS*Zq{cCB9-`q}JY9U^}DVxrrH(isKdl@c**%K3udS^agS4`uhd<~)~okAJ`v zOi?WFJokM7L5S`^z}bS)#UCo9l(WAB^3FVCljx$I#^$GU)6os$gXOsT&2v*Sm9OEA7Oxf z!FdcJmk}?!YmXrFru*sMEqnh>?A#L7?Y_O;x1V+2rV;W6_g<#M2zd{f?;Krs%jZwZ zV)ap-y*Qv*bA)L0tKkL7gVS3*JWLLN-tqyYmV&t*E_`&|9`Aq|XcO4*JRM5;k7zO=j!0 z-azakYiuNf4?Jizd5>%)8xKn^P^SOMd=_*A+5cARf4yca8~@+yZu5UV&m;7_6EWCB z#5SP;`X~y>VunKYl_`OymusqlW(mB6B4`?aq$&ubh^CsLA;Gtx3mRm%+Td0j{F=2v zvsO2z4^k_b8GspN-t^oNyO(43jM_;?3{lylU0pV>$3B-1`#k#V*QUFE)q3l*>#SLQ zHM{%|KnA<4n)*^I>a(k--;!$jG-~M!s-%VL=vs4Cy|OjX=hi-ZUtwmu?X%8Ps{b1; z?(qhImHL0Xm&^a(*xvv2ERWRx&0zn&4FKt!Uef|#_2dOi0H*cL+5imLZ^8(W4#Cz6 zu(bkw%~k+2Q@3V-tr=iz2H2Vbwq}5>8DMJ$*gjwLQ>Oo;(2oe-g!aEi{8uM;|6jYa z)&HO6QCX|xU~fYE*AwUYbbl&S1_|YVPhO%V5>^%)0aSt^WieRO5Ri7tQm&pP&Popj z{T7sSjqFx6->T-%tC}YxikQ0P0Q!E6C`D^(#b#$S^)@K{@a7{Dv-{#A>b!&ywrc+$ z2H1P-4L~dQ|4yUb%-;XgZf^JgXL+3cUkvspg#ZEYcPR;|o^9+@z-$YWDP1ojc}u&! z6K>@NZQEGwu95gTE5rGidSs5`Mg8`G)-l=733USVZ%MEN za+-gQ;+>VlP&HV+O-3jV5krFdiW$_xoPAQzcPl9V5d=kRNy}wsbDl3>DoR#cPfDXg z7TTbw){++uDd_h@!~EJHDqGXtAMPoW|EDCzzmbr^;F9=92_qse>C@c*-)ZFYfA+Wc ze?H5j@_$;wy^x|21&{&=MnQsv{3WuprISJ=u!m+^C>fecnH$Ckcrk(u`IUrJ$Vm#ks|fTvtV=(l=E7d!VTa^>>{T#(H_PK1Sq1dlotwWRewUwT+ zCekzNFH2xp(m+;XFV|wNWT~9W^|Th(UcY=%g8fg$T(U&O*T@!#_9km#njb6`;>^cM zKt?bqDRYHHX2tr2`MOeQPY3?7!ur!miO(-oXXg1vgz2ZG&r^xdHOmJ|%bZS$dM!dL(2q;o7M5IH?13MxL%G2fV!&tZhP6 zn&I#YMFI98b!uAgt?Erx34SWBl)kqrwN)j=V(eM;#p4W~$Cn>IFdX3D#7JDC*h3+M z6QsLW1M+&yD?~{Wdq^?&Sp7_$0wf*0C^2tj14nZd!wIq)DWKLWEV2$Tg7le z^Obr2s}8Pd<2QZSxOJb-JzZqUrf=4sb0yYeed>yBr?&Z5I)fr#9gI{{d|jbl*z&bd zZv(&~Lz7sEBCZL&q)DfS5U@(slw}RuBG6jxIx?B$zGmIN_RAE7V8}=Wj)DMS$~(Qs)pid78z87sMxqG$)e7LtWPuRV z1;lI-D@MIY<*>~4(o3dq!f;UMZ5#zbHHUgR8LG^yY1EcnB(!qbSaYiGp_sjcA)G9? zK$otcbpm#Z+GR0BV|@GAHpTU~d0J&DC7JkG47z;12YeDT%>t)nh9WKr*=mn-Nz(m# zr{O)adnH=Ax@rN3liWd?;^W`K5t>5vt2{f~o_PI!PrS6oo@E+xiR4&GO1KaQ>T;tb zKvr|=f{|&~9brl+qp6<9e~LEbZZ;L)E$;8!55k`*V^OOAMUYKtHi4RIT3inO{j@I1 z6lW0Bg34NQ)d+gGDD*`lZZ%4|fPmN#f+O@?mrvax2HPLrL zIzhQe^fPTX(_Q}29A}CYtWBjSQTM9{$VUX#&IycY0wi&JJzQtwTCn7P+ z*9Ra>W+N24FnC!PMv?8o<`8nPgMjbtc#J*B&>5u(iuwL0#d;rLdH?*~lmteY+2g8# zJfd)g8F3MgBY&k*sVzdRRj97+`%)orL4GM=|I^;;1to8GH%r%8zG;mGwDu>zz^CCA z2Q8uqnH5qZ;HJY-TYr%jP+s4Z33<;rj=cXi;U$Uny%vcikdZ56WRqS4vpd4UuAm&t zQjP^Qdk&IP&k@&weQ{&mDwK=#vc4(rD5reRJu1^9Ru?AIV-&L$u&sd=Rn{Ed(suL9 zV(s=H+j5XlhT`KCfi;`9P_BtPgyY(uXjM(pLb!RYA{PjiTS0c)Ws4)X;W2kvW*5-1 z4Q@3j`wHxlW%j>K-Tm<08uveRJK6l7-S#&B=kq**sc-1+hp+G6hxPA#c%l0qHh$N` zH*(Lz_Kt_GX8e`s^VsD54%Svd7~4b`+e8>&*Hfnd%@R)haPkWpO$oU@ zwyin$RSZ|?f9-ZVbN_Fv)!D{>KF=d`y?09ndlQP`vdQ$aw*)Wi`SOc{SJhnSF5y)$ zimw-5RcqCa!%OSm`x4^iW4jTJx+tZkKf{#&8KViNOd+2=E?(BtZ$V2|cyBf3t)~2} zn)02TcT{W3$|9~_XHQ>rY1dh}T-s8TT6fL-Ht_SkEfBE^hW?unxW2NdO#V|&I7f^@ zZ#qLEJKG;32-G4d5kXW%fEG1tSt`f$!SZ6;HktkE|7U4u6v<3b|kZla%{c@!EEWUm5FPQ zm%lP1%C{?xZAh|u7J59xiG*I{nR%|(`+os7o&_5haaQdAmn6X6;z{#=HQT*zHvXsI z?)SI*|8qPd{{M{=Hk7}F zKHH#vSL%p}KeR3w`Rs;xTVGQM!rz<`-s7TzyMiV~Eo&!HCuZA)U#MS5!ej#>*8rnq z883;?;plNHO*_EHWr~6b#k6iMIgcrT6c3;R~Yx%Mq zWXAK^vCW`bt(G9C@-r4pY0d_8>NoQl{aRF_YNCKe+4Kt?fPb3ku771FcnK`D1k|a9 zv>qshR&5zbjoltdp)V6W@}!c`C2;w7#ui*qt_B#%dhFL3$;b&*aOpARy>uf&qf!2g zL9C9WHv#c(%fHk;?8jO8ivxWPSe#fHDOCB?tAJM&o450IM#>H5Ob|4iu45!=$uS77lpikC^9*+Tu3+vUbwJuJB@p&P(+AMf6 z1+rt3gX7YYQ-3)&b_7uYM>0F(awz`=YI93>v1V%>f2bu0+O)`FX?b7{rJA!yo~of+iSo77n!}}6Cikzqlj+O`qNw^&yq7s8YeHnqZD%5mZM&guH?-}B zw%yRajtyK2Fo83k1w zihEt$U@X~2CJmWt_;o?aa_!>#73O) zHbonw>i?-uQ8261>AueFTazZ~|5L4k>McT1QAWSzFr#_hz0fCRxPEQ4a2L1DjK5hg zAQ(XpvxTfj8HwRUEi=8KrLjM=G_P!KB+I)DO4L&DGWoy?*Dv%uMCm)?+iAecsTj?@ zx>ehT0kU`1Lf>z9rdqw2ktAd?ghk2a_M2QnArj@12{{n*x*LgDT^Ni~<;=;> z^g7L4!;9Xch2_OA-j_^BdHPtN!CQ0|viI=?AyL(8Z`Xq3Dk_eqsMCmL8wYDCH$}fP z6sCN7d#3`kUHviAFJVL#Ti0_-h9*M!;hzgjW zLocfn7ES7LClC52Z-au!v)cK~PMC_Pm`fRqZ;IDpH1Q^;Ls6mg;cgMl3zdPQ3m9fNJeorsz)^sdPn!KIO;*gv zki|HhxGI-bG@Gw@eH7rQ462e*mQA8{L?uWxp8eBy!^Yt ztiGhxr#K8+BLBZ5A!g)ZSAIIrD*32vfi`T$5MhAfZkdYX0al>ZjJcLipob>miu@!fy6x}M=0V@Yv4BEYE}`vt!1g@g zSbA;NY|~(Es(iij(1$#3YIGZq9sm?t$;c*N-U=m8IRF)z*54j=kHmM(9bX{q3+xqr5RifQu?peG)?eNp5U zLUZA3Wri1*dHd>>O{CxZh-{_(jXtIF|J-}7`(HbacGmx++iq3jAf9a| z2)O9}#Al5HK3)|De7t@fuqav*T>J4j7f%boT#)mk5H0hy^}g zD;U@c{8D(!H$a;EWfXE9ygC|D6tcC$fW0S(15Sf`9}x;{%-SPDf;D1*Q!w`o1O67{ zc*WBGCT!{1KtLc+-x}3_H%4_X`ev7~!uScojK2*N{(5&5>wrTpq|t}pQJf1o+=|zK zxTj41k4JE03cw2azuRqR?|RN&Vo){*#i zSuaQ^L-8-zN0us)DNg#|Z&TsR>FiT_{Z~qkLDE0DL)_m9HaP zKy|I!TWR%MmR7$F`O#Q^mkW?$MT@c<6dgCmHs0XS$KgbA5A*9KnTS#FmmKMBm-}|P zKl5@Y0lGqCUK~dFZA_AA$-1im@aWxo#qu%|&3Y_|qIixybmVy?35$}0Jd_u$*SbRX zkE}kI>VG6*k97Mo&kFso-)Q%;`d_ct+UkGL@re8Xu5B$3@I{FzfD}M5a&89X8sQb6 z80tnq3fL4f0AmEa7(s^o3g?^Zd_qnw5a3Y^<3)X~>jTBKtD0!{0*5bA!W3BPTY8bA^Gf%tLUCdhIx(_oAGVQ8x8mg%GGL0LE>GL7eEhWovAh7`1)pDP80R>IHC z9v8?ZiJ75T2A0gszVqG>(->#3#Kb;TDK7BYbwbEf7LmYrtdKfPV0}zNfAt1S@ShTPH zM0cwetX*f^j9aGEpmcks3Y(d+UyVDa&E)?OUYKjDX1P7>3A`_hw4&$s#k|j9+37NU6VwTodU`P(NKy--4-8kUy^os{#+(Z^eYM zeID_Y*?%bV;zy)>cAi!KzwJ&g|68Nk*xG-d;}QDnPz?4aJOJdhd08I-HFcMI0ivN!D~=`AHiP}RL#U3@_o!Y z3lNm4dMIXij6KMZ8*pjEd=08@PAe8TmOJ|{>|6_Y1}Eq;34)>3`L$Z{iFb=)kA!19 z`41&wQIom$%AuDOUB^9FqF#~HiYvJm;QJkGzLd{{BL3DbcYE^rY$ut|9FVdXe3OrwJTbKr)9Yj(DwlZA-V$r-x0+YS$<&i(lXZ9{FKZ8(lEXW1z@@S-)uMfIr+cY+xq`L z%cJCfd8n}w1wdJJo+8#*K0?c;h!X_} zW#!)qWf#&yUHCoH`B+VISgYg80vV}vs(bR!EE(hxUd^?diIQ~`@-AhsY?k|=ykt$5 zi((#joGelJ2w$u`YI4@?N;J;W>#w~?eVqDSD;`+-Jg$|;aiYPucZV~bKz?j5hrx9L-XP0|`63xRYxFaD0EMBBh(R{f1?327e z0pd+$yREM37t1db0Bm8joB8FImlABYhOpDyy{htcS>4^uFJC>gUmL&5v&-t5E4Y#; zqhJG=s=X;sJOJq(3Icb+^VwvxkxUk=@LS~CUAre*JY;6hV9lVv}TuHptEZHpWxO_wYGza!^Zxbn;ssikoB$<&m)SS&vQJ^`Hvdy4W0v)NA^CeLzpv{S2%`c%dY1j zmaCO8@{a$wCb!5<;W!gCwoaoo*%>ct(#PEAXv&cJsZzjXEn=#{Z^$sFC-+xlAln+8 z{s5jzU%pg0ClE{CT{?;{WR}aa!WK>CY3nA$u@(FOM(zM#<^SDkv~u^qv^v}U|2dxZ z_LnEU1Ke%np7+1Fl{1dXFMt1wi{3iP0^AxebpK1ikmLip3kp5u{V#5FW%s`f9lli} zpA=wTAfmiXz;WS>`9nk=uP1MmuaE8hFMp`}!mW%M54|&7f!Nr+;n@TnnfEVwe|X8U zcmd`s?-57a+rxi9PpSORAVcFMpc@DRT_OMXI-T78kB$B||JSoT(*CCgd$^e(P#;AB zSatx+s%K30rrJZV2HYmkXacU zMiEW(u3CinCQNuKx?A(z)_nIB-pEn3VuugEnZpf+b0zjClo{9dB`EWz%$z4H`7zx% z1pXGkv8*er*K$Psp>UikT+>VaP1pB2eT-M@`mIF7Uw04+=f|e;dHR`=;{fT4;)fR^$pRX&nX(-7I z2|yH+?2W0JhF-6%zxoVNZv@#JVultUy6-J7Tl>J)KJeuBfhZ<(%;zwQbJNlKrbUX} zt-leB;S4bpi>QP2*Fa^!d4KYLV29DF)CsqH;QP5?2JX_F!$2(jDB#}>1yptL{Vn+N zWr_7p9+K5(@D`ng?0tMeNF-0?++?{$F5zFkRASEC@a$4t%94}QC zhXj;iI%V_}-cvGro}j4xJCgvHL`+gpbg3q;#o=`0@3WLE?5>nA)%{fOh@WRjxe|7_ z&t@~^W1URuWdzPL`ERbw&Ee!1G@24}du-<%xSvG0O8#qiGyY$#R=>GD|9O^2Fqx0p z!FCf&Y(OZ?O(&;?mlYG2#fQ+x&p$z^N_9@=cn>dhyDyx z{%4FPn6kL|y20E$cbM9@a1y5Q-kySOrQBzga_{84%Suq{bvALAF1=>3vnp=7W_}y^ z`Q8?Wu5P0h@BNg@e?o8_hA^U2^0e`P?M@@-|I_Vk?SIem2!T!xHdTYY5qZyn_`>p? zgUbqeE?0If`7Kv#rQGG#xWAm0q3=`4RR+T{``kx|Pkaj^REBh0Nop%ey_7#u&UoeS zx`Gd{?PH9FD^ApOP`uvk|UKzp|(w0h&Va?Aa=ddN>S?OuD>PYc?TAn>K%pY`28EPV2 z|Cmw*U9$+>EyK)bQMw+bWl=t*`TPf#R1)IosR+Tz~pI*FR?W++83#k;J!qTU&cthaQ zCdc<+-lOP(cf21u?khvzcP;>auZBLJ(eu1|wS)@gm=P^`zVXZV0Z{lPhMXibCEjw10I6yy?yp86Wx}wB8*2c zyMjFqN^t{QKGm4l8LMKs*2%Q+G73B^!`_S3@)l!q+cmXTc&RMAc3**We;6fwBP}6sN(NBUBF^y-Jn)>o zgX%9d08Juo=-~;+#RwZbTA_}W7sI4a1|Hbn+i5jwLNO5s{08Fe`Q;n%6CZ$fm11M1#we|G8 zx}veT3W}2Klt?jD5Z}f7^9F|t=Cu7@waCTjj*eNl(h}tyGnJ`|*|s17uu}dLO+M}Y z@2!J_{jI|N@7+lG8sMj-wElM!)lYqz2*7Ja^4N=I(!J`F2KSl{OYVwTRBCawO z+g(Y&!wAz-;&}BxM=*aaBz-7$ZM?8{KDq83vDjd`&4$#W6A2N;9yJ1H#JcfxPFan`Y6_&nEBF&?oSk zWIloY2^*bJf+1&>_tfrd8TsVKR|#- z83Ye-f&u(QX>$*ID1$OTvmXSM@_sS_cy!OpIkJAsSmef3Hzv2TAi4APD(+*+y6&`a zuI7en(l%>RD?fXqLJ4TrqAWaXbCO@t)yw=KnlxLiG=KAS&CG&vs^G)xz*or;Dk;K=UG4A0fEDs58hV!@R}B9m`PrZbs(ePpDIu&0AcMQ-vQ zl$qxyVqb)F=OEX2Sh~R`t_0)~xi>I@nQ!3c2v}feUtn)4dR;+G_r_sBcNcLtH%)6| z&na(96qui*QLaIReoG#6Gev}ZHQ0@eNkCG5QI+%|o^@%hg(Weutikt|S78go5O8PN8FK`7- z+I1vQ&86Lfu-lY(Bq)Sh*F?{1W@V0*ITbB@wQ|$Wd)YA?zSdz?W{T-|$u$6ws{kd_ z5c5p0ZvJO#5iOhhSxSa`4i<`42w={XyCfPy9QZK|@4Z?K=mvhArWA7VvkO$orb}hD zN_MK|v+&HtxsIc2NVDy8xxDCrD;2jQ=qZiZLJ6;Tdn#ChpVgwB+YU-i+I-*-nfy|1 zxHiStAJ%g1w%=wbj>T|iei9zX>A*i94Z)u6mMrP2Nr!xr=;C6*F{jE%?vSp35G(mK zW^w2K%qeSc@C<}gxaH;Da&NH~7gHT|g#60al#o1mF(rqxZ%T6!w+)mcQ=y-zy+Cmz z2Y2SUsuC49Hyz*v>1~&N4xq$oUv9N3Xq+8Z&RPZTJ>7lh)7?7&@W9VtcqcyJ#qzrY z-8i~utA?B%>dIu1;ax(1dWDGdORZrh%a0Zgr;K3a4-4mx9My5o3<-=0H@BrF8NfozBsz4%;2|96Bufnk&hi2)0(M^Jcp)08S;8S8?m7 zrfOj6n{w~fU-F1v@BGxkFFrDRm=lH?O?e!(_L2J*we13sg`bojN_EzxytEj$(vbGG z!}+nisyM$AD3?fs<<%eH#M7O~s}5 zOWb}*B?WZ~=u93VyHyO$uSL73%sv;)6D>{veIB3?0X}vfpmE`iceMRc^mL{T;vOM_ zNycZKMjK|ubDXBtt#|#%wWEM{bU-u3#n1V=)`=KH6W}I>T*>T5u39~ zm6SqG{Q1bWU8Rn@yuLW^3&9M15q_2n$MD*pd+ zp3e>ZKln6QivKTfs^I^N+x!FHFsl52<&>SIi*x|i(0UeckV`%SPwD{7`{=GLs5%`C z39D>g;?7NFWyEX?StTtCB{*St`W)v)Y?YjWJBaOcUef`#I%vJaFm+wRs%{$Iw^ME+OP;9Ix|$dLJSUkALF=y&|srTBRc6fxDt4T?WL5C|bTi<-vi^{eqv4nZ#uGf*@E9`bprZVNYl{jHZ z)k>y*nvF85x=ouLZW(p*5_2hZ*QRLjJzVs3u+35(Z*}E!b>;KP0|SZqSeRrQD-%V; zNfRUD#bd(a?!XKtK~-f}aa}h{*jW-k*XL}D1CuyeUO2t8795BBxBZmq7KMLi|@ z-x$U)Lox!4@ELfEf*G>^)t~?D?jP9s|8}-ESNh*F9wxR4xs;D`EJk@D5y06r>Nw#) zZ)iv-O4UIkORF>q7g<`lE^wr~;`9k)Do3LIL_sA*tHr<|7DxFW0!z9{w~8vciYoaW z!Xry99hT*s4y8Y|+dDXe6nf+fui*T*CCGJjPb%p})#0}8hWGcFeO@%f{;rJ_uDO`` zNeI?UGS-hciZi(?V#PB*7)jBIz=2zpc*OQ%nt{ z%!NN^@Z$(3ffxnH2N!5Q;h6ut^AIQhWJZMd!{4)rNJW8HF#KZgN5KOm1$aiu4lm>i z=3eNiSuxFEFH)gG`7hDE%E<7IfCoN{7A*Zp*{|~aK|iGKQX~IM1#~VSu)6qZ0AkpBiSPGN?- zcQ6^h9;NVP0E375u7K9ae_MMy+qV60cYAgIzm$gyc65xvX)*>ql!4cyG-mmkW|sZ< z9MYnf=yPcrsSkKOM2QF1_#Yxz!P*0yu+=?-K*);n-+;ME69n!d)u}`JCuixruEM`2 zO=C@e7wRtGR-~XM#Ge`nc72C_vaZ0gD=PFo{a1$;j#5a6p6`Ufqd1TBa3To;+H`hB8A^t9FZ)fzE(af8;#&|U{9lqqd6GRb8Vk)TBDvvkk4(6g$K~7$4UJBxTf4e|A|L;R`i869Ux8^71 z|2z9Th4Y`?{nh!;QXaSbrPoBPIB%@ zR~>zsqHxv?g9_DR;&m_#Mp;BAB1URQpNCUh44!m|MCKW>fr$YV)Si>+IM}aeYf&66NdVnzu2rOLl5Vu0kdO%i-u!tBH zb~+vNo+jN=L@^aZMTJ>IDMBKC)`#R;mb3yHbzgzwBxEx;!a#LH zgQpR!0AE|R(6tYpnmQd4l=nZvY6rX@5!oFPywKSjQ%&UM7KCt# zx@3*BfNKUpGiM>4!hF`Ti71KBIg*VDg_>7zO(4}NTI>dKnU^jOy&fM~x-2zAgI<9C z*>aF7>H!rnnDEpQMnh%|2PQ`%ldt|x&*>W_#L=uZ02($Z}1jtdR^35UyI&&g% zJ~~s7GrAdf(kbQU4wq8Nfl2p$sj$fux^0(%)60&^HPKn%%WFx!hF0^p}K zj)I8969(}bDPcMA6OgH!du-{2Q3eANPd2D3GW1C>;Fm<;z#m6wl+mf}s}(@u(K&%e z#KJ+zi|andqann=8(}C#Mz3Xx=EmMBhuKq|^vpQ>Qerg}fCSkXCdng0LQB0yVmX#xj0o5KhKt$=Uj7KPe0C62w zP4nEV+9ZV#QB%aCo-!#lbm>V7P`jX-q$qSuQ}cU;OkTQf87g)K#@&fEDX}@n=*Y9# zg%YPu)p#06vXtrxvk6PeLIK9S%_sp>USf+N%^>XyWHF7jBpy1BO2GP#4{Dz1X(az$ zOTG6=;{WXIZEf4}fA+WcR`TC6o+|lIzFw>hD4_l*a-h|nrOJX>Z+l*O&;-^*CX{t4J2j|4_(NtM8ql)(H!~x6%Q1hz3{e&|ibJ*u-!liDG0X@I6^|f@9hCTeKT3d)Iahj& z;uv6(MJb4(AJVOY0>gQe=cD00%y15n0y+iKB@^6Fct0p4)s`PW`V%bA!5N42pvR<1 zKOivc(2e?$?iXU;rjKX=kO9K%0-+hp+fQU)m@n)vKIRUO7d=7n7FcI_>b)o-9{d0P zt_M6pM6cD7)n%&gOMZdc+w{P?7&FSjxcg%(FE6@*Ss#ie!50vtN0_k+hTJGi<_A=T zb4#t|`^A4m7yI}+Rle(K*xaYQ1B=ga_7$N%@Y?ff4HJDa;J{=bYz7mAo? zPnu>Z%~*)H{0avXk+sy-)lM(Q)Jah&GD~%Gc=|@d)Gjmq6v`mN6k2z@~=6z0396C$j(UZtmIlKR5RdR_FgqdAM0OA8#ss8|IAJ?7rFzas@hX zm;UJ&O7Jj-KIUpoG>~=j~xm9UMZ-TsyG93*{4^8p^AlfX9jD>>B8tA|tKL`4F z4*YY?{P4-~md1<^htptN9&b(KIoB}AAdxAQi)L=iYiH257xEi_HE}K|?LTeHjJTOKZ2hvZ=SS&ir{E zxBO4VsO}v*9TSEi62&tcg6ix)y9N1wYjbaVCI2tuDc5J&y>DHsHN@TljE7Qprh@H> zuKxa#f9%LY#kwbmCx-F<&rauWon6n80Xrv5n732SDB)!ov6iDGgr8i6SweC)lW_-S z{q8VI?r6(*V^b^7&rm5uows*if#WodC%^|8jQvkA1fs4uIJWK`86C@$R{ftNmbF%g zUe0eV85qOim;xN8eg@43^dV^3eUXRCJZVoS`o!oXZk|<24{F1t;8lOA2*3q`9vUUw zVYUO_r~S+iA-Ks#@cj51T%R1jJp~unUQ1*5|L1wo z=FR@yApYy7eg3<@v%3GgoQIotq=wNOB?0H2J(PhyOkn1dDCzTHOF&vov@65JimJu< zOpUGD&a}tV>S^3haC7DXBF-IIw46~Afc+g2IOlrQV>(^ilZIZm)tBSg8^!UwcuE*% zpsYmXC~THhFwq>La$c`gJPxgM1*skaJBANT-rA9~g!|Z4RM1kX)7{9d&kL1qM*Q=l z2I6Cw%ryufLo-rY-m?zvSw+|;$2hc1O7Ng-UqA-anEvJcy9c~GZwX2y#AJLh>mAXq)k-5wMIVkZxq^N8=^gVe^#13A-~MB> z{kPlo_4YsH-|c_2Udg{(|5)=l<}I)uL;7DLe~b28Rkl1fMRoT}Mw||KH^S1;LJ^}l zGy8*|06$I#eli-uEDHFv4SWoB*Nij5oKmE{<1g*Mbl6pJ+B;?rBw&az0WZgSE!+|P zP-weIR-6ha8KkN>8(+>WDZWye@iC7ra6idS*gTxtlyiptU9vRzqSx4}_*+Wnb58l^ z-o;kWtWTxuD^mHl@qPd)z+@3ko5EQ%qW2~%tZa-}C}pI>CAe>Cu* zQvqu4FMW({rk?s3KcdVGCqLpQu$(^~GX7-d!^sp#otwT!Bgz=PmmcMw5C?wBubD;( zfmw=T?i1-Jp}6h{l`kYl!BE%`lC1#8QMwKZE#VeAw;2#Q&Ev(wF#f zZ+B5u-6R}eY5|nmM zFJ!OF@~GxqqvJ%CJE&LO4@>K?<;n-4gNd>Ex+{oPE2^+x^_A#K<%?0&lS{Y0s!?sw zs0v@oq6+S)B}O zun1kIlzXy3!2ZN{t&aTr>(>_|hQ=X_XZ%8@n!<#q$AC5Z|K`r_P9gs9&MN-fQl9!XIusLtPlx=f>KcC`4Xz#S zXUV$EuY$jjQG)1dWHGAVYWd?>vk~g%5XFMDS_o4VC4^OKGd_0+1hPN&nqA~mvHqn| znTgL&yZ$$e>wk6scPUSU^B%oauohmWTeu6w@YO- z$^rC}BAuVz^pCz_FZd~6|Mx6Qc=ryc{$m2OIT%3Q`R~?#;r{>T&dUF1DNh3#U5r1U z4+{)&YF?G*;B70vXtXo*laU|u#Pztz(J`+mA`0>!y5+b*U6o>2)D{VQ8`n28&I%yD zb(`r${gqKR2%>srD1~N$bE_NVX`;0z=V+%?;eYNqzk2egp8r32{Flu_{+I2|y{*;# z&!s%|{NKTP7T^Vx^XH=Hzjtze`37)iUlK%wvT~j|)VV|4@&E@ef1wp4GM=jSpAG%w zf(_X7r%x6kq#qtOE?jW)zz?g}%aFRRyM@6d|Oi{x_es{*CUuvtP-=J(-o5TH>~eOI6D zlPq1qKha2?MdK6(QEvi1yu^HQS|D!$%GgH>rCSfIb83G9fj@+C;A7aL{akyfjZ&oH z?+o8Q2l6?*C&pZ5G+r3)2E@f<@0i63MHzL9U5jO*Jv)z45~4>IWV8Dcb2lj0lq-&- zi$3e?{B24b&Xc8jU9V-`80>n5P-&X|{{7WkZphQu>esI?tiJIwc89-yeZeT5d#bYI zfB+>4WH;HlRgj-6`}3O|%&%}VC5T^7|Cv|6_VEpRfXS3Fu8*(pZZ3X3JugbXQ^|jQg!=LH z0$`o|x4FG(%YO&^TPyi*8PELkADllp}idt;j8$HkRNb zmTAVMwk9IIvnap3s!^6lBlF_Ujju1;T{p5L4uzr9|W#Qwz3RPrC* zndu0iPX602od0fZ?yk;%m-5Un|KXjL?1y(&mcNzA^-YLec;{KfExhv-;#QHEWy5L^ zGJ}0R!obXgy93ZW7ymCRj<*e$_j}OHr5};w4L5w4m9D@EIQ7YcUB*-QyVXu!*uebO1*$3&j zJVR9g{)O&wDgN}Mwv}!J?S7OHO3VBx)pt2e-B;jeNP+=SUzljE$1jjVH_riI1e&+1 zZ%tANR~y`H+69v*a`;m_BLXkvuUIcUx@CJxrfg|}&vyTu-a$?HKSG#fetIP(`vsr> zZ0&4sTl{}}YsLSU^N9G&B7Bt04YL7QW|y4f*L)+LdT~{g{M#L-EL1d%(I^Yxp~!p3n5!J{6HcEpjmz0m8jA6*?r6eUe}K2Tm2fz28KFHXZNkR7RD&XpE2qwRpJx1@7#qOpCjzs?kHze% z-4AN{za9T^dvE7pb^gDU$K?OL3=IJ^hZiqxSLj$R>$}8)(rix6K5b&~%f_64S29$m zMv+^A$^`YCYnqaJy{uj*t*db=i0j{hz^()bU1Z;1?F4f_)A0Xm;wPaWqhv}Kup0iq zd$4Z+`alK0+kdwAw+~kQe;Lm#{2Hryu<*;EYf%!B@ZJ$?ZY@QaoFx&t{!eyH7Dw3m zS#DM}#g21FijtC)|C|h9@PJ1{T;i2wgzYNo9l+z=DUae+QKu%TmnELdQ4;hsnk(t^ zQ3ZfbNuAv4q>;-pK#gEG1*i{cBfxqEX9I3}+CFyW4H$8hkxMFYg#~%|+G8O}8 z`sSiO%((-kFQ~W2orK0{ULyx@2cTPz0#$_%DBHB zs)Z@yI4}q1NekG8p~}Cp?BW6UIEbZ+If6vA%(c zh4H|HM41pAohO^z&T1bHqKOIl=96yxqF2)D0y-ZhROb$$9S=I{ zftY}GymduvwqUFsbHE5Y z%uptqlaqY)xR9b{$)PD=dF!pRZaCF%>eJo&>q09r` zqn{-#>Y^7VJ>&r|g!d!*lVpAX3(%@YMDFMk6{Be#&{P9tL!D)?Bnnm7+C8-$Y_-vA zHX>;j4gGBLJ`JhFO){Ur{-k7h#OKIlJ);z6;|Rl$$}x%dbCywYqEl#o?qPB^Gs~Fi zI5qCi(+=W0cA8f*g#4p1evc6e26UTX8wN`$J^#@0cFaZ>J8B&0OnZz(r(rJ^K3oO6 z_)Inqo0#?(Nx7`kl0zLOgmF-^zv}_77bBnk)iTFrrjc=Cs3gaPrIG5xtW0$5w2E^> zr?S>Xl!0|B^>vhl*8=N(MYzLig3Cpmxwa`P=XLzV&!TmV?5G7%yK*M(*7OQij|jYQ&G!yXDH=8 zC6mF`=?@mrg|Qn8Zf%^Nrp|Uwwq56E=VZ%M&IApfH7RDB;!dGc-a0Ex3c3p2_uyDC z?JD1T*DlHZ@(iVbZwqvKX0QjdHq*H7i;_~+47FM|+G?~p7NbIbFk#N5BS-|wQ7zj6 zb;4z^4?l@J1&2q#`=1Y6?Z4fA*lhpp_SJ{*ad^ANrUXCJJ3(m#L+)`kN-@cxKg?Zu zij=&fz~A{K7?=$;xZp4^VJ&cs!tB5bFhm56bNbGM-xLd_)TX_9nm^_Cf1Yh)3Gv@| zb`Na-|IN*VRsPqdJoWZ}IsSV77s>DzjF zed^`EC(r+|bztZJ+TPsTUB!Q2%2O}@IXL6g?jO!mM!M)J7jKyYSgGwmAX0vwSfbeq z)>e6#INyPyhFM9v?@Ft<+}Nf#D)_&+!-Z$g`yrni{=dDuyJhqL z?N$Dd}pVV>#dY6Vv}6L%Yd?CW9t zdiqaCeafKg>#C^g4hS+(dnuTLC3C7lDA|l%>Cj&oCj{&4FvLZymhsIV4#y^2Yc_W0 zp18QOOW18m*2yUnGQ9KS7IyboU4V@+(*g(r9~iJ(S2#W^gj~slbDXC*sP!wHv|R7y zfID}M=}7e}oVdtjHM9^amCGsYIH|BGN+$UfT}DYfQJZ2}_cy?@yZ)oAd8JRI{hyD< zZ?h_bb^71tuI>N7y}P-J|Fe{5imk_<1yksO(uy=qbh3t)W{F+Fa;FYF%gkkY0d`oQ z2XysVn2XFan3$Irmu-4>C*k*%_@qMsqd8@NPemtwl>Sr*#Obv;XaF+UGwzyZf6f{=bZ83Z}^! zzw`&1Uiz=`7AhwFuz0SP45YwYFC_!yQxu3f3fkZt$>W|!AA^20hDn8u$WT!{_pV@h z7}X}LXsW>!^{eI{2s-ACB0meag*SAw7(l=~CwG`A5eAq}4%KvI;pL}|30+L?QR1=R zkYcj-qG?tWgs+rns@~LOD-X`+GGsQ3)ThYw5*w0EF*;vqC_b6ghW)E!#4hTr&wz-O z9*am=ZRNfnrS5-%iAWC+4!Y<7q9^KkiB+N=mrID4mKt)MA6$HDwEq{^*;Kk$)L<1J7lm|ShQ|fNsS3cX zRzkcpw}miAZhE7jqBnC0n8^l+cbYpy}O0T1tZ zz~cuY)o$jw9Bjg@63tom(3}^()X&^&oquK58D)x|z-O8w=)fOFVd~0uI8Yr~D zG?y(^Q}X1d;jK%n$?sNhor3?*ECtr^|DDZ!`}}u%XL}|8E#+yz|0@>bv=;##(U=@T zm@K{XTCt;|2C9W&N?6>bNOOU-w~1Q-6Ox}bR%pcf*^uOC3f!D{N-zt+)peOr;VU!5++D61d~P$|AZ5o$yGy7{)!XBGzf?-MXA^E;Q_h8(g-lBJT%R8;uA&!!E<1tJKn55u+eY`!)TUR*g294#=N9gfTp4MRH3w8NH3J0c!X1!gmX|+K$w@70?ZO9 zDG^@uebUwQeLZgZkEL=P`tt~V+EaV}vs;M&wY|4G|6j@@ViAh*2Km{(Oy^2J`*94& zAi_XSlfxIEKUXPn65iDDbn@SaF96_r^&z+!K=HR!ee)Jx0H7(&ysWN8yDG3lDOQqc zw#6c>?=?q7&OR;Af729uD*vSBP<;P#?HwsNZ@&0X0Wv3@hZl{~m&EqU-0$^2vbx5<&Y+ijCfS5Xg0 zPLEl91CM9^Q)%QnrCH=mUu^{?jsoZ@f7raB=!c)Nz?Ehr>}`2Fw$kBxvr-~Ze?*xTD$@&9E!2LBg>y}&I%K>Q(g0o9iUZv+ljZKOaEgJSSi$9FfI ztzhLYAUf9-jJ*bx@_l5*xxa&_j{n1CJg@j)$N%>a_ALL8t^I@DmHfYy$Kd~`$#^kr zA131;g5|S*JdxbLA(K993>GHi1{Wa*FizQiq@nqGltPw3eTKNvz{6;i(JjGa9ri@t z+ZJc^Dp~y6gNwzx4NGHJ^0g5(uGN-7h!SQ}Q&6~f%0&`S*p8DMy%VF{{fyQkJKz;A=KNoH8g`q~(L0S|D3TRZ`onRrco z1z$if$}nkhR2;d$3RXrwsSPV5Ovbld`Sn2tdvtLR{Bh%BTh_Av#=sAwj2y@5z;Csh zWcgwKV)-=Izd2R<8j=?Y67_&Qt{ihv=PSv0&J^?K1K;K}v!1;pr4yIg632*q~G&0^-AaNdAD3G|Ax z9{a&YxTGC9S&icvvq*!v8YP06QK2N0&LJUqiFw9(PK%I7iI*Yz`3!EG_1oql;Wz6H5%O$OVx2z935;Y!;W!f5rqxmV?%9=wxb2}myLXsDd zccZ;XthIpUhMswk$YA=8h{2;;EFCyD{wA{8A+H=uTFj{^(s6U?axex;P$$LG0kd> z_ru^QPDMzx=T@O|M>l*OBHe=E6^p1ILie`P?iRiojpfpm(hWvaoQg(>Me! zGpig@ozUXO<-CU=06#^TcnaCtUKLfR3M;c)qk9fhvw4mBB`)c4Zi{YgR??Z#V)d!A zq0kfwb}q^$wY1XZ`jv*4+vVmN++G^U|8FBqp49*2U}v)+|L?EP|CaI;PV*x+5MjWMarid~uBzAFywbtxW)2a^iCBZ@n)6%uok&+ zx;2ePqa^w`g2G9q%00n>h-+8^F(C4)KpcBiy&t9{LN~_|iQ+KOIB?_JB8z zLWo?(!@%d!bu`jAB#r!LKP}HNn8hIICe{r1?>PeWpJ~zzV;GzW{&9H3!ixU~MoFb6 zsFpp3!6=K!L;&anejJP_7n~(OzY!mJjZuYS6z6gt`*8DLwlJs&c=KOcluLVM-u#yi z<^8+k>t9O&@vr5u3jJ0T;Wf2}F5jQME^UW>oTV97v8}T~Wx;khij_6pYJqk5kq$Mf zCQQmB31+V5NBHygn+%OoDm$k>ruz_`d29*B}g`ct(I*LZcb&vQ(s@5 z{dRgqS?lpnXK&AL&Q7m6*(Lw1*l2`Ph~{U>!n8&SxIQ_4dunNY`60ixnENrh_haDM zRJJs#X?peB+4b2^Z%^-DpZ<1sB75XffyryK1BhvM)&tonNus0=e9Q$(I*Hgy79nWY zHv!6I-uu=DdzV4B{s2tIwn)Z!5y~{?l5aAdY?K`1_ZVi3v6L5K%bJ#Hf%QHVh1?9O z5zS~-vD7$}=|Q}|KE1k|AIjViC`Xha-pmH#&DF*G%e(o(I3biwGK9#_*K|r{&=1){ zy0`)%f|yBDV(x8#7!rW@b4>(ODd-_VkAMt(0(w}2U~;56^H63^B+<|nZ90k}o?rrp z#kqEl5?W*i0$lIkU7a4kzPmVo`_H?piwnWcy)CaoSheh09BBJFZAZEGqZyBiF7E7Y znX#s1cPO#eFk?|`vF4hEKXvw>Xz2IhHH=|E&_OqWyvx_zUjUugo>MLd%jxSLh1(Py!qZ(>2FY5vCtapycWd<=!NM-Ux zS|NhEmCLN^9mkLU1XKM0j=n{=>LNit(mERyS{p@Y zga0G;XcpMVG~*Q5EiEp(GTS9jh0`tgK*2QNtvW{)Ewg_c+~btHTi(l#kzjZ_rwSc+ zmTlO!dX-~fQcy>Q5A*!Q+y7^0YbF0J9+^5W=76$4|4+~9v|6V@CR&Q)x**3{y1&)Wh?YbLLWxD+EOzl}~iXL;F7cTV%g_Q|>{R7v~&?SXK*G*yc*%!@wN-Mw`FG6+swwn#P$Ym8d0_)7(-F%y0geo>$b`^^R>1Bop z3Q(-uD@c%*nJbLysi-S2m985UkRQw4%X)qs-}}MCYyMsBof4;(JFJ%?rJf&@w`KOo zNlR7sNOaUqF6-b~a#MazY*1cgyEX=cm69z92su4QX$mt?XqKCSG!hOFCOJ6yi-GGD zt22&Zl}tu)JpCf8+JvkM=81Xt6}TB?%#(-Wa1O~M${qkpHb6u`z}$DRLJ#;Of`&ec zs75?tPCG=@jtEO`2vDz=J80xiW5W)(hJ?s=7%=!LjiVqUF>_j_9S4t592>P*Z*JJG z;%5+GLJI^whM2o{C}5G^Vz|Ma+~6mFn8t8}&b$d4aaUp=+?-r8)Zf3p(UQdYZ&#f~3P*1J? z&o|}Y=1Buo=l`*@vtP*nySuvovy?~X|B;SpKlwNc7MBJ{s?YW;n#FsbZ2?m$?Zs9b zYv?svzH<6YA`=rOFF9!)tEa6&M zF05L<eXp^K8Y+?vo~->vn^JV&u>fbT3=!Y?9aU zL=CS6*4GNdT?oF>eFc8@qnHBB^}RTQemDWXYCQ+a)MpKkE4i+Dg?yP$An>AAjk$Eiitfdv_aB` zoyQW&QFVA)7^FJZ8<$PwWTPT@9og)-~Lm-|D$_2=K(_u()6xNSn{1;tWwA%-ROLczTG!jQ+m_Up@;L$BA5`WWKN=B*a2EqW` zSiT^JRYjUw`dJ!y;^e*Ma`H3maBLP-b8VLs1g}_?gwPC-trMVa3L4BY!pd_c5p$)x zYT^&N0Bd?0WK34BTZT?DOq|zk=M1PpnP4pj?W4ePx#GEW_!O`^g9fKZPd{ zJF8J$Dw=tx?EwkWYZN>@XCL?$F;6Ergy+J4$zEl1;P2oCO$Dl(Xb92B=~PjPrdp_; z!RbqIt=R@Gb;}kYfkbkFf@DR%zf*ZK@6n>fN?WRAW%6IT4rhZL{h%$Mzk}`Y?x(e|EK3a*KlH ze#wRAh}-dA!`Po(!vG~Am7VEUJIdhAAcJ^-;*iSWqac77>#s!fd9@T~5ensRNAMLX z|1u;DHy(bNqf)u#J<}5`xTFV_Uza<>y;H8G7C;Fn3@hr@%F~7@ z<(Pf^NLO{kQG!;qC#Y4+{!FXbJ+P|SpJ^3yf?E~LkF>Zk{jJi*H}I`og8mafb@snJ z*2z=d|JvH#+1oDM|Jqx{e_hIBh;LUa=FUPSH#K*D2&ql$&7uu~d8{K_9{K`@Ho#qq1^GqbIT8e6RQCjlVX;e2ml51 za~;XpAdZBSG*5A%h-e~Fl9H|9`yjnRxRX53pi*|fqovuMonG@=51nquxZ#xw_Zx?g z{D$}|_hLX{*Wq!Zn>U$Xh5I5%wby)Q7fMf4u=}ouu{_O4VfvSnRn|n~XH(AN4c64A zAn8ojTXe30Jl%=8)>UIDD@ilWqVy4T&3xwB8_(&IJ{`xn1s|AOSotjHv*k5P{z8BV zhl_&&3`a2pn{+F4q_>WGpihLMW84Cp@-&9szvih0=T9T3O-75WRt$q9h-Cw}ZoWSY zH$8~8(4Pc>p-+MV@ImSm0<#7ABhDg@PO*inTB4-t4_~)4ZqZ}6AETi>IOKIosmu3= zfSt4*cDotu!%thAthsL1eZBh&8l82wa<8uLEAa00U1^2$^UL41U+WbZ5`DJx6wboK=$h2TmM)yJtSb3q3j**m!qbkw|*J>Q3B2q0{d)f!+r;BwKl-|&oT0e zc(K{pqp#jYaYUtm{&H_~bJ%hx2+NUQ=b4RR$ffzy?q&C;`=Sm04TWr#in^Ck z_a^GTiMsEi?yr$58_~ih%25LDCv*vkGMn4Gw9x6N6eU!U7O!`9;eN~X15wk+b|>Ma z5q)SmB(uOLu#Yl5<+;?hJS~0y?>sKAA7cdkFa#dgU_8KGGJD_=f=53gT(ISSiR?~* zEf(djA)3Z2k(j}*t+DNVt?|fBMX1j0QxJkEhXaF@ZQH9=b)cdbYj(7adAnovsMtV* zy`ajM#~yh#zAd*E;zXY{HXRD?IJ%auYFcNgO-I2(C>Jlu$*Cev^4)v;fLt zFXy|Ll<-X#aSNO}&bgwz^c|}xaiYvsAfgE=M*A&ycDN>|8}>Z0Gj`IQt%u?mJ#0&yJMZPa~~cOg(t9-{8wOa;p`Bws&0=J-%N2*{oIz;Z}X|M|JwojXE_C^vHu_J z@7nR-wssD7SN8v9Jci{gXAjq6*nv!(u@JG_noK{$u|T0u3q2e#uNbKW5*`n=?*YVf z@EEfAHt05<)7HuJPZOfOfNIki(=+WNq5acC9@cJP1O%H zcwm&u;@(>n`0)T?;_<4n{4E==X*A{k0^5}#@KgUjiX#$1c6ySVmx6pwe@;Gv@6amJ{xz|X#?QHts{7UHHKk^QVxOs)fmUT+B8VACW=@VttBUNVJ@9( zSMr4Ko`37TTl6t6749$d1@E{LDoyz?!x1JhQ9+@!H|575S|L;Eg1N(fZJu>rv^>dr zy~nAIstbrnt!#BvbEmbZvdgw2(ynVjyjDSPWG4oa0Ng%ltG&{f*hXBi$`FpD02VE{ zYhx6TME3gWc3EEW9U3L16JZ%6MlC0cDlR$|aCH&BA}xlCa&9G8bW&-zXFcEp@sedJ z;qe(*jEEuh6A|db44yOaG4K=MV;uFVBFstZQiSbAGUEwM(_@E**~kpY&5i(SVV2*M znqTOv^dYJ4rNrQ346`f>g@dkkBd~Wz2zyxR?s0fyg;07pF85mn-7I4ccpakJEKuwUh*lh#yVb3wr`y<6+O1P;<=U2MX(y{BIejOxh{Z_P|%hY_^CJv+ptR&(xy9f zp))3!!qwnXjMjt(te=%#jS>X6;d1b*H&Qfq`l=z31Zd3?fD$p|6{aO_Vom3^Zb_JVX6rzvnAZdj(+fkN z6>5p{pYqBh>#EQ^C9X?m_yUxXE5=D1+9`RWy`lswB4sjIjSZD%KU>zCWZqW_!A^`G z!Fnuj7a8wc{FvR+kaD5=(N75TWVw%$5coWV-~T>hwb)7c`RUEwPiN<^@2*d;emgs{ z(ygxfVR#~vbywNLs$@-1Z{qB?lT%NEwYLM=n(65!UV1jBWs|&Oi#4aV=ZB%frCii! zAm1TOjFg#F&CEtgo>nu$;2sA42t%rjQk|0^5Dd^`!T@k?eGhvmg8)B9Bp5_VpO*0x zLgw!u$qHZi5-*XcSyeC0P(kyK2pqbkVYBUe(HO_fw8!8r zd`)R`GVPDsTSBc2hC(w>Bi4JjUy&XBxiga!5p4i7DX?h=d3)7e>=euxO#;!gZiNu0 zryoat%r~|7N%T<;+N@(YbstAb^pWcAt{!TFam6^g1ujjOTS!X3sh&Fj4+67cl*}6W zl|OayU$?gQ?E9a)2dnsROL@%vzxiM<=IBrZ_(L2P8vR-H@t{uqTj zo|nIn$yH6K+=3}yhpO`=RtlnzMUmqU1VHb*; z*X}18)cAky9qeq{`~Uv_%KvjIkFo!2gT25k za2nJfLI^PWvuGh;jAFjnTz8?@0u;h)n2lj})=y9d!@_MHl=Pzh&`&+!VHjkPc)%M6 z#CdaP|fMnABZn z+cSwpPhZckI+yq)@gZGL3YVaHEW~T#6WANY*N|9_J@UG#x@|gSt6j~TE{0hENp~Eu zn^<(hVK(6$;rUHeoj0w$9Dt`^%P#3x$pm+}CaHz;9lBptxLWZpwTo_1IbSf1cKLgE z^#wRf32vbiTx&K5(|tvyU^*Y{drp>Usvvo6@@cAs`qWWhN|XyHI6S&{0u%420ma+T zQ0n)k`szY3FW^#CbhERgXH_PvOP$F&9n2J*Tdzj%l1r84WPrWs6Y#p83!`c)S_w)T zBJB1$@nwoCAM{Z6=w~6ov5yDfL$?;ywKS)wy|6$WIKV@y>Gzt1i zv3JTXq|k7&16JBRRV7im^VEE_O5_WV6_agPrQ~a1^q8Af3Jisn5kKs#d2Y^Y0V+%~ ztq1wrYS5o6;wnrl&>H)pepGMmfGo7E_0C;9mm@pHx6_HoC4R9o`J*ENlfGxM&0TBI z#q~?%#kO_G+r(8|-USxE&X_77c|JTkd3>x;k9vH}Q~F+{26To6s@+8$sO9rs&m>wX zrtr#3d4{J_mH*^i$XLx76T4=gceEhaW*K}ZM7iqSAQex@VKNWITCff&qLd~Y6DXo? zhSVxv9T6F8wa`k(am;hpinwnWPz^psA?|8U6m)X&>ULd~6m#f5K!9O_Axlz86$3{C zD94Jh05WBzTAwi{m*{FCeo^-oxP}A-BTUc`uoZ(6=BJUuY#3q8ywgj9E9t72TVb&P zc`X;xw9uv2TEVbfU&oo5x}xKa7oFUeyX+rlPbZ zxUC2eP6ZiV$+jKTu33gCt8|87W}{jVvk8M%)HfAB`~%&VZ_5P2T3jjxTt0C{zWrkQ z_0Lws@iL!A7t6M&`UO0|Nx>;=O^#YF195+qT6pD=?W(;#_z0TK)}3NC8?lZa^qmh{ z!4smCfVuORfmnkBt=wtLpyW(F(sbuy-^$Ui#nO>K)0ON0bABPFIy&LH-CHrcT8-^& zCV9HA0J~wubq^sWGw(@$UFse(u0}U^mQ*^0LDY+as*IRxJxGE946jQjxYYqC&Q2TH zRMtc`Gn|+>qdK~AE{@RW&uZ#(BA^OKB7mF#QB@CdKqs10s9l0yamqqnh(ymc^nSM?Dx!f*7_%s-*56 z`~-uh=fO4pUt2r7Th{sS&ffki{{K=Q+m)F+DTcna3rrU>kV<(U1ejZv(}s5JmU;YZgJJTXuU}u#QY=J2 zubM|mX);ShrNzXG-(C46P4mpk|NB|GIR3x4WAp$0&CM16U&dqbe>$j7!vCw%TmC?s zfSyA0={JG0U4UIMoO27HFgX9GeX8OAx`CQCZs$Rk2<1DMeNAPpfHZ%@)9UiS*NPMr zyAQ>YZaK6VKh9$nRy#rcGb{fWDR&!f0X6)8XY;_$|Fyfl^8Z}UWAJ}5s86y5l;>#v zfi?iu$!Ass7P|$|UM*@1kY#)_pk=(SK`R^#Aong1`N5xT*JxK3|*jig&pe4ntCeE#(M*0i!hK5o5~`A|(9<`XS7)z$<@Ii1e9oA88ed$8yL~j(##4 zeDQ>$cH!}4F=`YACb#zeZABaabYH041&TflmZGtq+lI#hQZ%=7#WeITdhVTT^(^9< zRsK^NT>}ZQR{uY+?Z3PGn=AQmDUW&oR}SjR2r#=0sCDzlvILM|VN&2z83GjTSJr@r zkCXq0Fr~{O2_lHQcR?Hl4+Av9@GSWkcbJ&&B4`c&-`(H0_5bbN-4*{|$|J&S-RPVh z^kD)s7F*t@!f(j@EHQpW89%Rw2_9t-gNOj(%7lR*WC&w0N?8uSE({|c^-OW&8fL1` zxlTUiI`S5yl0Ty!kT(&vVy07{?JGX^vxt5-y~CN$MIzkUB~yHf+d0@EgCX`n=L*Kq z$FO7jxrg^@2FDQ^@#~rhJ&aP|jkkCJbB4E37pHyz^@g3WP#jJJ&MV++K)v)a!;TK* zahwkP^U)COZ94orGYI?)0@Wo>db|M`zAB7z5`qv0*(4=Kf;QGI;||#8V|eOm*Z}lZ>M&pQ5HMv9KIa? z-**;y#8ke{&ySS4SvF;H9x2F-Lwe8bW(^ z-vy`v!-Ja63o3teDJL<5$;M_L^eE}sl?6Ej^8%Coof{yV-0OV$&q_5kOk>Ehn6MQw zBN#eiDF`-^4H!ak${^iRnP(;Ar(pdA4TmrxJQrpf`xCa$q8L&!J3v`Rbrhavk3>no z#b>D4;SQMt+Y88U+Vc3N=gb1cE`+?G42d~n6geB0g~hbsb~HH$<)>eifzBART#D8T zL`h$~r-Q)Wjk1`(qV!~M*m7pC7=0>T)~1&YA|a2OHe^oa!=n=Av`*0IfG_NB*+2bZ ztictL-YIBfpD9ccIm)_3@v-H&F={Kuba`G0$7Z_k$h zH#fIe{(nn(DvcW>);e(HmPkmiZM<0Q2%sVF0`+iHI_WU}xTUZJn1@({GrTxrMtybxcUWW5j54 z%9r+f+Ke}nK0~Suh4%{@Hvw%ma(v_jIi76nP|`<>8#@kdHFjd`I60nb>`JW_vksrG zL;m0+*mw*zx%Y{N5u-R;&;U|UKm5=&95_mgg$~(T2Jt8+whPKR&)UlqIlYL6ejmzveTRTm zI*B8gkTd$_g%y3AD(_kvNxv3OIG*_gF2DyXc>;$?X)$V~UOyvJTn~^2oE)=@tD8gM z?e84?&3mC;xoHEhdmklTJn;ChcEJDm!ho`G_dXtg|NX!Ja(eMIZwdwj1iaHvFc^_2 z>4Vol0Xn;Jr_7PLCL+_-i_iV&JXO_o8Ho1Q{}jQH?iB5h;L8`s$F~>9 zug}ikfGdh5h%lfWSXrih;!|!HC141LD4TfT_V4sdqFQE@6RTNFK{k4MGu8**&=va{ z!f=D~INBa%q&dU%laM6)fn2`@q0?Q}ZeI);#$40|X8 zTbp!YX)OSN>36WTDPHsjW*j?%7>%-k7tY|v5yV7P z4ARjd*xDSjAAABIg1yam(F*|LXc!sgb~iVzl7D>@$^GEn@zvS!>z|ggBZ%Rx-xDNK zR~HvIOWPVMv6H5T3?Y*55l_AyFm5gI7*6oV*bj$M0@@?yht(c!tI3p%gjZWJk|i>di}N=Z%VH#acpESh zfz<2co8zC3uTKww_xW?dz$gAyN9JF@EHm9)Nb6x%sbs)~Wv$wA)Pf+dkObI?z5!D$oKSM-e1Xwrp*Wi{>l$ zu@6@Zb}0+?}^Uvl!RClvc zeR_3%{O+^_i1L9eR9u#BP)>WO;u)B*dz2HN8#^Wt+ZGJY`hrmwgLa!;MrgN3 zm~%S^?Z0}5<_As4mmj!7aQN51{dK2HJKmKa*!=nGb(t=~+#xmgDSLU1;tW)qDO?QH zWT83}&Bw9W*KZT$UNoCH#ZDroW9TWuq@Tf+`Fk0xeM)V?(iJ{`wywRhQ?kP&^VCco ztMHSjB<-t%Gx4dGnSB1tE6T9)6*tP*oi2(F?({}+EP}ObNaTPF_iJ`a#C(a>cjK-s z$MH2J{07w3?;u4ehS>%n5HqaRE8vg)DCVO)aq3MR*o~+dO8pHb+&j`l^Xu0(huh8` zS)hA-{eF?U4NpbDa>h2ju{5MQYEK_xPZ(kcw>JLY_-gizlZPS~R6lJ*Bi8*Hypt>b9Qx+@5~!r-A>curtnh`K$i^*Z$7lzUBY9 zb+EO%|Fx8d-T(T=ZhuJ!#j2}cZYRe1?tPio_HX>smx*lS8(-RW_}%tLOwF2zj={N3dGKi?Kw zU}tWNfKETZ{;3F`SDUqk>PvsJ=Av%=8SvC}pY>*)8`_mv<`SY>_Orm$E+h^b->GxK z$ZsRg2WPfxgJqCryEAA((=Yoe<}(W*$u-2SLC!&D0aSi(a0&oy;YuicZO;r!vh{Ui zDStaR8tpx_c%9L?EAnD$ftmLd)l`tL*?6iujC^z(-iNgBQs%+VT$do}Uv18J)fYa1 z+GoKw^8#W}7IBSIPJ#LFP}<`9qApNQ;TrQicPD>@r-}a0T@jv4|KHo&-7Dz-yIU*$ ze;Lm=ss9Tfm`eTMc@b_-{oiom`PTJ+1KA&3{}&hY7Nh?QU`y5i7t(b@#_= z{hv8|ISl|#MOQ$sR1-_w<4nC?hpYp2nHEfdP1N{CC|HICZb@LS`yNNpEKXu<6(=#a zi`VGE0qDC$u^BU=!wSdawh=OnR^b&Ww6+38WeIU=!L*L2oP=e0B>6 z&DGxm5E5engwFn1fPAB|cWiF&&{SRgyHZnC5p_7t)k~$Iax$v-l%%D~XN9g>tLM(E zc8U>PfZAzEiAz#Db+PLQP&*swf9yux?Al*_{Lh_(U0eU#-CpT`OL@LU{f~zgs?z>k zfrsYP{q#$?OVa!rsA=K-8B+o@zboE#_J1XMexXG5M==53ruPl%Z{{`T26_sMv=Bzj z39zK|N>VpiJ&S;yS8ad&D#=6$DA`7w%P`2~XyNfh5&`CN0b zN5JzOsMl*)&0>RUaRsXND|P|g6&BReffztr1Je3aRCd(N(|}TmK+ahW2?o&(PD89( zcj4o@D9uHKCi*_B)?z@KDez|z!YnaAi%@3ME!=Qs(=6OQql=uvQj=wRSfeauwDO$~V(zGz)oDakNqPe+&FGn!fHt-)nEMMBwK>o)l&gK#S zYxDo@?{C`j|MvdDO8#HQ^DWB%{E}6L`0oh8HlOsb-K8oO{%M)TiT^sZX^(z1Y%Pe( zKGHF0VsLSVO|BN`g@s~Z+*GSMgRv<#O>_ClNs|^A9qT{8`&uo||MhQwbw~NH3D`f% zV&hDscu6s*Pw_m%x>Q*&tg{M>lGSryoKCu=u8?jdL+X%b64eU;W|7nlAcEA>%ho!S zZ&DmKmXS!hC`YSK@Ljmr%BVHJ)M{)y%Mn_0PX1gnt5g1iNtmK2A>BJa3^Rx^#B+py zug(9ryLVv9e_IC!`#UT7Zy66`BBx@!K^v$6pC|X9oIf1}&5`m?CUGmv{KvW6A~OAn zk{D*=D1clNt-j{$>VV}vGjlRO%UG$U$Ag~;-LK=bOM|)ayW?_iFU_#;v-DKEYiKBbdfNCZm zEbWip3z4MJ2Ol_+w;SMoL_i-AmYvY!ow(?g;ch1=WIx&yIm68h^2iGOI5K@I<> zqdOPx|6ld|e|vXt$L9ZAd)q7izl_J`|Ce;Y7sC75)cIcdzCeD#Jb#S@>1Bop3J~}A zT8|@4C?2UNGv2d*^61*13;D+>YFx;4rB^l8a4N3m<;#MarvfDgPxMX7u{}SI@BQFG zM7f}XEu*IFM!q|U5|m}jN%}y*EsLIx@b{uJU1DoRRApj%y+0axEj;8G zXF7hPY}5n85hlO*SgU5vK^=Ut0X{Kp6pH;5TdO-4y)%KoXhXc0EgA{?OKIb$ssp^F z_CoFJ8eP7C7(Loh8>SNYq4)m(Rk!~$*{pjff6gih)aieFn+JCOuY>)))&9SX$Jqa+ zEUpH85rP1wK=WVUsYFod#Y!FgA=E+5;=vzZaHS4@-&?-%xc7f4@FWCgJ)g<|V?T~U7A|$+_y2dd zcZ%`<_E+~mmhuSB$j2L~0SCXS@t#W#uqRR{pGQg{sNDUlc6EY)00#jX_(W!{!fdmb zZBsTYI>obDj569jN;-|?fXW`spyjcEtJ*Hjw<8%N8LXSS7?nP}it?>iQ8&zWs^YNf zij@gTQ?95K(nz%`!KGZu)GH4VCK_Tz4Yv||P0cj`HPCc*B%;(G&eJxnKSPrpGD+v^ zvjS4p_!=#s3zp%4NtT%SBnk|fQW^o2fZ#-!1Ds>ZJ zUO|jb$ii3ijj|{`PuXh?*e!?>*NB(P-%j-UK7o(^WPa2Hpy|+4)c4@{Roq6a;;pKRl;=TmOml`y64^R@4_TN zA>{XR2;CNG7as>GR_@?tIo%iEr(leGFo!R(Crnz}7D=hcGAr<_1Zrg51=Urdyx ze+U5TKo!5dbp`)WfoXwzAH)6KJQI?XO1{4MDwe-kSyzyZGQNl`+WHv$2bNsXy;Q#d zf>@cS_Ss+L(`^5r$NE?A|FOSci2u2}+W(jHEM@G3Glt|GRWA2f$Af zM7W~JYiKVjsy&^oFsHfD*0>8>A=l$rE;T@#1%exuXqZ0nr*Q@u`l(lFzsdkqi3o3A z85-$Kh*08Z6W#VRE-^N;mMb<^aV+}4w^d>B%B2Er^Y_$7C3lsU%h0jjhYs4)2J9og zDM+A=1+#LQ;FhlzyZL|8&mhL#J8`-@tKuh~I{j~JtKk2!xwpFizm%t%m+^Vfx%Yzy znD8sq(|AGPaiBPy{9EUNW0+-82ssCoKXh4HrumyGF`z@c5}JkHlu{{VJ00z+zWBs% z!^#YW>*bh?NECPS(qgyEMdTXamk#g*?)0C$THwbq%sk+o@d5FG_W&vPl0CWR>y%5l zt(I={6k!ppSXS^;D!a3$`kU7ft`d|HLKx~^8Jgu-ql(8P)#_Za`wILtBA^##n1Ema zg9loVdEtx$s+Fc$H1xAc!Qq2`rc`F!*K$7*{D|Y+(wskZ9a%$@0_(_zlxxaaPd2{6 zZmFwTrlDfd=}4Q4mQ^$6v40h4x^=k0|2wE{#lA0`w<@~qHmQ~yyww_1in5qtvQ3Xi zlIrMwE-tlI!l7D@x)lArXgRB=?5W=W%>&+9MSz<9e}8kk;QznBz4HHG%A=V*u<((L zxuhz2Ey{8SJ{~+VXWNaW2XhiF-iuOVEH**5dFZUp^CXkoY?VkSmI0Evmz90P<3Mhm zULmTB^+k&sQSS1QiyGZm;CBcH{uqK>ZRD;kD2XRv3sCJQ!aS9=y)7%uj=*|Fb6+SB z48AaDz@O>%Z0a9*KaPqjkOfONX+hBToXTC?s9iW`HYLUqU5n2#UBluiY7>|$T6E^Z zPZ1_w3C_ihQ+mfXk@$E~TimM`_+%gTDq??@gIN^*^uk;W6f4bZIVcJ9o;akmdFXi$ zf$DfIQFT!%pY1R4c9qNCzAzWKnpCBWymWcjv+CIhs%Ti?){O|s z)O#3S=km^6CK%_;FDzAO(?+aDrWV^J)Ep`AkAAI1g-hp`Yz*`$^OR$pU%U|aa4bnl zyBlGAcPh}9nCei-jV=k9l^r&(YZ&ocF9cn)8!9d1d|Tk-<*2nPaabwyfA*(Z|DW&N zS3cGH|JL4~eg3<3aB#4)|1aec24cRMEa>!C=>3jU-+XVK>IAr{{}%xEbrIP!{=V4( zt^@rAn=G2z0~(yiT30ZpRqo0!feih0o;x6==4er{a9g#^N)f}vrpS7q=zzA&UeDHP zCUnA2e!ycEK-#?C{g4Twvdx-a%A@EFur{vgXWQ1@m~=EQC>hgss-p|jK9An(fwhOq z69o61Q&(Zf#e1-`qE#8iVeKKGY2#MaecFoia_34DYx^YjF+MLG^F=}8^2jSxvcy_L za-=Xk60|WvX-Z}7rmCIY3L_I8hkFP<r8i5(nLQ!`hspa2s(h-dw#$$-rL1MG8qW4mw(* z)2YeFD%ag$S(8~>*)$ammd(iZfsZdU*o!`?sNo)mF#S%Up(v*&6`cq_RR18r7ZUIK?=?wWab~9W z&B{r^BqU*(A~*yk$7_=RehV)WFTNy7iD!hWnOGzqjRx4=X!L_UeE*P&yBo0)ZPLxP zi^HO#%?Zmce+fFW%?Swf==yK=C5xZf4@*xdj zj4n}Tiz`JIMe}ZL5|djP5Ao+qcGkX>=Wj2`&@l5Mk7+s5N1hmjUuEASCaFejFTKy^ z=*`6qxVgOe`K3*DTVJK*mRQz)r5K2&_}Y={<+kM7`fOB;+?wa*me^X)^MvT?M@=Cx zG%lhCX(-9F2kr~(!(KJPHig$JTHRW5ZHZ_fv@6K4RbOj+Id%A!_&^F%+<;YQA`;Be6{T~2MHj|%nxpKpd}a9p?2t64 zH^LE<_rK>FCXiH+Tpb=4!TeS==e0fY#MCg)xmk`(yi`2pLv$yMlN{_8eQ;IU0F1g) zDNe36VNQ}Nit;+KPQ%5(cp<^5CSZS5c|ANabk*1L;;>(xwY-k}Rnz_M@WDGMjy-+s z>G{|6By~J)pYBu0>4%uv`E!wUNmnmVA$?h1aF?&Wp#dd8d~Yf?uAc4nZtDch%X3S? zFUPg(cd(9WuyzvCs+u15n8*B4YaF99sS?T0c{(gdF1|=2eW(gkb`^eR3Mu!&RV@Np zKNx`B9c$Ovq+$OD@QQt*SY_?w)_)m-(Sv6Cp?Y>q%bBRBZK-Ba_O1HbRhLX+yDf}% zT81Cd$Mm7Fn`Fx^RDYl244J19Yxd6s!XNCF*Oo$G+Fc?26oC2y_mp_K&<9onC>$}8 z?Lkr{CHvNwep;!$|HVm;CNk{K{wGG#U&91WP)AGfCjYO)BRl`=;mPUo_WpMhr4>ih z_Q6ow1^oxV&^osdvHD)rfv|6T^j&HPxaD;kWq^v=staM%&WE{Vu4TLiZ92MJGM7yE zW^x!z_N7$1hozWmOv({sO?kEZXlaHQFh_fL=wUCD)%H>n9>bNVV`v00s~Fque5u&{wLNydLhAr)`w0B?5PEOjzEc+Yr!F1% z|CG#73MZ(uDOiL3*XYcN|8Y1v+Q$FbNa;+r)h_6t`Kz95$#_v|&z0@ftKu)e08n1a z@KagQEV#$f1i9BgewONoO7)?8ja8|y?s24@<%>g7)#LflW`NJ*Y#=llo zg$8G08U)WPTQz8zI*C)o5M3j}lvq=4`X#vhN$Co{Tije2xt70x5YA8>LTY=fMTmxG zkL*c?x%Ns=FrfP7Hz30oTBSYHjEE#=fBZ>hM^~ZUgRH17q^t%uz;pDr=dZU8ZGVeVgus`l!!Ah9>CqJCw#SL>F-kf`9(=xBnBEwF1i? zK34$STZzBW5TJKr^dK|cI~}m+M#X7{#%4|a#CtVVywSG)Smob$4SO`tNT=1cyl@un zr7b~C1LM9!wDBA4_%5{hXr4=LV*oa{(mz7o1U#kt+)siJwkx{*0`d&c%8Tfh1|>S` z<)AV|gN{1Ov%tQ?{liG*QPa-4as5NNSv0nDGh_&ILF*k?W+;a|y97G@De%SlG&X)DpAc5vQ}icwiH zaz$9|lIS8lnL3|gcUVL}0oWZH9!vFmS{YgEp-Ewy4)5l-C`(X|=n#{AoX{L5A$tCl zK1)e7jPV$S4`GY|PQY%8vKdTJk`KzS*Axe879u54g?V-fn--~sjn20|8~7<5G=QV- z!U8a?xC2`O;VFssXc1_k1lK0)y5zU|DwjN7?fP7|dUHsjz_-a)RvmqwslcqfS9g`Vli{pMU$G(A(MB;Kjs z*^`o!9rCNqHBNYVhaP~OvmC6qdDq@g^{NB)o`*WCK)WBDpR^`?UM-}sdm45(c=AG| zkK5W1s+xHE)u>IMs&Agc*~;IruelqYwspU%0I3&@XkT>A+E+GS3tsLP9gM=O0IO%V zlFH#6&1xvSLGJWJ5^Kjvl1*9K7$Dvul~@m=5f-$uuy z15f_9t^Ri-r8CQtyP$vduk5&%iK#k!{(v8v4pmnSt5$_7RXwOtp{mX9s7{SBpF0)n zN$%v0MR`4K*^>12%+@l?{h{}W^$gonF(Pj?Fmal5r7%5KT2OtJ4EpuUpiY(^d zeNhMKuIx=Q!yzX7ixG^|DI5hLC~J#&ruO}UuzoJ#VCNC~3}k2zQi>-crOg6nn0-1G zcFG>W+($#+v#Yps+dgm8+N+b>{{dXHRpJ=lLlKy#bqJM5H*s!r;c!4LZjfi@?T^1E zzZ3FR7ca~<`#*q7o*N86Kxh0;NbD_6=(#6Fu5ygrBXAFs+!GGm-J+&fi2L4*Bqprs zwF|9sBHf*A#w44;Ja7JF)H2{mV5^qsz0oln1isA-L5XEd!2~Z*A_A)OfVl1+X8l&K zj6Ll0>grW{lE-%U0+nYEASYmqlL%lRXk15NjPF1Bs;OS zi^+ObvJ81*eEV%ZfiEEto4;9$s2~1i_$`K zE>ZA`6A_JwJ513_W=yi@tzsrj_hYt74#pxN}nKbj>5v=g*ih+4kE233!} zD#kYAmrjyfiC^CFyR(qyOT9wqks1&4t~Vp|oLlo3!k~VQ>X%GgFJpi3Y3McJt6#;c z4M;NWz)i9cz5n^93`3!vwrWN5zUG$4)N3-bmRm7b$JO~tY)NIJernSXD{XE>JndGz z4Ds~XAy9w^oQ@YnO()MLOw6hkE=yuU>#;i~W?mxJ2@|!df+lp>jeEk0-EDWoIDmc2 zgml}o(c-=TQ|H|MPcV)zN@lTS5a0&?&x4bZo&WvdY@7dQGex?ym+}BVTr&wBMiG-8 z34n1da#;`;1XP|=3-~Z1%P%?H}mO>v6lMk zRa5q@O;J1>(&;{r{Cy5;hu4!+@W189%lg>M&;nCT65dB)Bm7Q21z*7LbCM%g-8Dky zdFI=XE!49^e_zU=*@T1JDtqfMP*#F19D^>>^jGn;9&F+J9qrvdn1iXfe4^2kNXvu6n7BROUVL%X4+w=||<-UAq~#6(Q6Ud9yJu#v0)Es5A7ik~vq zX+5|+Z=t*-xAQlYfq`}BM70&|>W+H0k7*_{I3Kqox+M!F6h3l}Do9qlDeALuv*@h` za)X{twC1-p*8Q^5!dW{Me|EMfy(GyPPv$~LW{fR-9lCZQz}fTJ8x-L3Pti35_z~qA zwr?K*O=Fzril*RKs`)PdyeFlmJtj}>9Sl510iv7p=c1dRxyjXDpo8H+aKUyu4)6GQ zF{C*+3jst}gKz{_jU(3eXVykrN3(lja3bf2DZpC4WGtQ|s5^{cezvp|ND2xVT89~#5H`rcJbttXA{}olhjo<&_$iDwM8g2c*Hd3m- z|5&JmJAeARj<%PtK2};l^MeG94o%SK*Dw#KAo#x@;NHIv_WtYR?(W{-)Zcr58~mXD9{g>`^eEVk5&JJO z9-bZz>cY@IrC<+~>!;f)bF050cs-{o$q9p#O@ZSCCV+dzB=Z@{a45pyg^&t;E)RD% z1XtqPUm3an$KHPoxi&-vYKJ+P5t@V3qp}qp2E~?k9VRLa!#X8N`oo_R41eCMcF|Dw z5~}$~q*%%33BZX+qy#7d_lTo`-r-dE*FhZ5UE}L68J~tBZZJT0 zmUi(GAf*gZ8EHS@&wC$%$e<=H;rab%9D7qjRWD1E5wc&?Xnsq7Y4M?f|EI=n#hUED zj%@pn!-KQq!!7^cL}_9F)#p`TYTbTywF0r*@A0d?IF@!88BC%J#vR_wXW&G)g7_dNv8u$C4VtH_ z@>z=!;`e!F^0~{5B>zor0}!zP56lb9@~&9KM^x>tcnM;(=O9q;YZ6546rm+GAYPy} zCJ!@|JibBf*9(YdB)QR|oL9hBhODdruBgzQzCt!~P6NTUT34_K-m4oZ zl@=5N5k`aW%EFJ4;z=U*rWAwi;lF-;Vg%sid_h96p#MTKw+iuZq5nBJbM!xl zqpkh#MvBz`vQ?%4inIk}Y^i@&qWdj$yE{so%SY?;nrO$k7;2Zt(HTS|`4TUTp~yeA zm-?L<#M+SU`zC`kO zI;d*xcJ9E}ubk$((P#@{+_c=#=4)DRXfJl|DlImaR00Sjxl6Q0OkG%ead~v<8^Fbx z{Sw6^bSf3brrJ+MmlZ?O+V7av{`f;nJ|caQ^y-oiIjxFgRZsp;1wxwLp!}&D zwx_rrO9TBco^ui|PdCbyhg(t4U^;vPbkjvqR~Pbq4H&GVrtavYRq1kQTq=`8twDtq&014b zN+j%hvKBbCny=%_I3uD(8AyaJ9VQ9P9`slui;v~aY!OqWdR)JL(4LZ!2c&*p`q93_ z+JBRes9>3>S1{ZDY7lhed*mPh<2rK=TPS#Lhu*vot(^TmNYp5Lf6OJUXy6p zLiTT-RNr@1#b{=j(83oe!8wL8{x>SqeFnmaCjcZZxq5l&V+BpO41iJ+y-kJTN8LoN z8=?|Q*QvB+k2MZYMG$Ay6dTlw~< zk^Y|^jO_cL)3d{aE&bm_G3fuLTJlwieX(~QEoIkc&^H;!GdMwSZ~w)qct&RbO-TZF zYg8!3hsayr6!{%H=czS>)SVn)Zn_3M*8P$-aWOJ{NI!RO20YiV>rN zROe6q4T?*rR`_KPVG=EaTbby2AcmD4ofo`p2)=*>ClN|=aO^tgb_En>lNP$%CMa1i z%YdkF;^7QY%GMj^Q@Nn!%h%;Q5t^ubxB5W?efVC0X9X z7U12i4afzF=QG65v#W!ub=DQ)RtU|=Em{Sm8X$*DVJkzF%(HMMASAAeu38~VkX97V zGn_w2mxJ>TsI!{(gF_8QJ;4X>c}y}ubCTg?0#LH}4+CyxLB;o0{5zmX!&_-d(FGW0Nx z&2rN`{_}q^k)G86?F2y{f$dlK8np|j*mHva6(hWXGxSXRE!4EOKZH_phUGS~Tw3iO zhIXP`b-`IEn9iRI`^XmvrI#dqaJq0p<*Br7?QBiP^EkHbO&kkO?wjCX+p(7vBR>a5 zrXiJP&BP_BFs$@vWGS&>WNx$O?X9mFH(3z0X>A41^hPdh+0V5=TF@qPU{xQ6p_l1_ zqq#v}s-#rvZi9WMmc0K=eD${vKuMKOqA4#BA&kR0BXQBIn;$bWPyH7LPBnW^Ev*#w zf5k-$kGOZx!eY0DfLG1`qow_Q?b5*iPmT|4|G$%yqb>j6NHO&PFW%e$spf)71Vn7Y zRYiiRB7*N@kOHD)4K9bN!0`EV5M0J{nxpI$&S-9iRuQN_e_pBpmb~Wm1}f3+VWWh~ zB{wcSC6J}(L!}EvZP#)O8C}b{)pXtZp4W+zqA2ysv-0=3^mJZ+PDR{dKE5`C5~N-3 z0V01YtPaejAA>2O`5O^)6JQFYoFyZE&M5-=mii6n)1O2GV@%mey)?!4zc$*^qGus) zkxYi1DH3Gm8TW2g@C?8%`n`lsq?;QItXA?qzi3nb@ezvA#kXmguUY!|RX~9-(Ze_nF13-UxO5J2%T1?h*6ghCEY2N-1 z;5W9RBz!V*c1{4B63+^9haM>R70A% zYL7uMBN_M7PQZtwk2)f?!9Ln%m2w~-3i$)A?YR?sTi&qkDZja);Z)FSK|HuA@K}eK z)8!CzY9L09)EO(P;igccwi<6Be^idmMlUY(ISk^2?7*Q7G+Z#Lp?t-Eo_i+Yafh_0 z)A}Ra>b}cTef|@og|uh;87Fs39|s%#KTc0={qM=)HvY>-igEsPmweU3pWEZ3Jq!A# z()ZEOvj7`6^>tyeBx?_lwU)k~`kS%uU2-O^da5}*R8;;xIZieGXUD3G7(C(zZOtQqTXdt}lDI18h3~9i5%n{y&GO+xx$b z6qo;BU0?RW`>(DqA2r|S@b}I0WyhO8)X9OZ^N#|j_V}hMb&wC1Ke9E#S>2}QM5fo+ zax$aT(|>vQx8C#L==kW+Isa|#KQ~ic`mb)6d*A`pSI3Ws4-|7)2QQG9@SEoaa#kKX z%Rp-62WpROMvvDD;QDqA%z^ds*JKX$^#A(m#kZ3GxB9=06qo*AU%lvq_FrGUc+_;C z!@mxi&+z+AX#Vxp3lI5Z;55>ER%v7Me=VHVZ5l|ts`1w&@wKI%{{KQzwz?H~6a7DR z>Hpa_|I22IOaJ+rZ#jV6{OjQX0>>^F5YAM!o+m#Q%^eac9zO?pHb-s9^;)Qa+U9@VNHOUD6|Hy`(WzBEmMv`bKViDPLQ#nw%q@$Fa&KvTH>(sEaOD8(v``z#2Hl zQVL9OObFrBn8R#>auL|_B93_q7bYXSdCH5<>?XEXj*Uz+OP2Mr#K@i=tYQBL@RA+R zun8f_7=TbLjs+r;^-CYe7>6kE!%Z^RQO!uj=?%=#s;iZe;B&IERxKg9vvMS}P$fK^ zWKJFx7a}E572@i{Nc1!%Q^|W(iI?QqhUoeulCMip=@@4#F0eT>9K5u$42I!3B1d zl)|buMYWO)+lgmT5&cR%76?zJvlwjCRXF+wSNcZL zv;SyT_^kcMpiU}~b1Mc`N&5Ke`M_z2HC76CW|!joX$o3UIVUlbZlNILh$bLa@eKNo z;AR{-Rz7uDxOAhTZG*2Z8GKErMeopzERYEM!SjShL=d1fjUNC>0He(yv}A~;@wGVT zTBzd&m}PWqr@{UY;Jp-50OB791){R3E7*Jl&;li#ut|c`0#X^0n*qE)38JM-o9rYI zbkEuHb$w+BM!2uem=v4O)7q{cMKnEw0g5ACPNbvMSl?i`P-dy+`_%@FiK~`C#iPVn zB1Am_)TUS4P7p$M0JVnJqxiMH^wY0QRr1p-dL`s2qZ?cDshnydg*j1l))%#K#rggs zq{SuYYs#A6*L>U0Ldw#EmiIM1O<^UFxzztH0sj8gF5gY5*8e0VDsm02_x}IvXyn}g zpKb5|H&TrIpEo2zpipwJs0GsZ&!g4;n3L#R>r>{}-$0;GeJbXCPzgrIH~^i(0IWEE zkuA99tT@kcJft~EFXC7~Bl574_6a9=0nv;kH;D17uV0@8TsQC;(;O$0;9M$A_}D@h z;tC;m&%n-tYl_M#cu)R23!idDB<0_^Q>pj4USZKOaGQWnga}xI?^V-(wr=KmU_J4_ zMkj}-PX33}!;>xj-$XI!|22t#T5}*5eN{HloRR5qZ~|u@Ju?GEDJ%kR4a-0=$bisy zvW4?&IX&$^Rz|+<&UAJt3e`qA7x%EGKCtCf`e83t?>2`ipcFv9M%e_h0q--MBcnnM z2ilpW^NT1Fw*$JOTjL2oUjL$9HrOZ#VT^vf{zZdMT0l%uhJ;yxVkJNXjE+R~-B_$_ zq2^GB=3+R@9Khv6^;QMD)jfUTT0d7kU1Gz3e_${yYntNjf*M8wa;{2$X-u`9c|a{x zjc4+m2rY1kxGGA!%{l?218{f%4v&rOsiJb_Zm2Tzx87c(jAELjBt+W%nTWnRgDDS# zER2l;{z1RMSpb5F+$Z-ii!QFO0CsFt0`l|(CK4)fv=}K^uX|4b`%U8uYg_m z;>{Db+J(H?qDf!S+8aAYI2r~ZS!trg_gQ0ouc=ZKO=$$eM_bxV*CjDEbfUN@Sq7(V zt}gXnoTcWG&|N(6BZwd(p8Hgty41o|cgt8Ys*m`1sC%WyO7nTd6)RrDI|S%FLm(kM zR2c~JDNZId;6dcMXjYM-fPGLkl%$6=1q16l{ljwAZ3%(j-);HPWuTyzqx<76Ej79f zL9bva7GuZsw5{JKf0U8yy4z^9Pd=t3w@Y0u-7S^5EteMeQr)%D^5S~{OrF57X~Q{$ zaZK*7GrYhtnxL0VG!(hm-Kwdo6?tBUFom}`#yLiG2&1U@ig)>W!l|Dj7`;v6hj)bJ zuW*dS1;e1S`aHRyZ%D$b56Zsd9PCz9W}5+g0XWGAU^J+$Dz5#?x|S%nywe<`%7q|k z?3eONPm}orI#1IW%}|oVSO|at*bPY%LZjl)ttVx+<6|&7I2(8z*V}ky3V?N@zh0OP zQFm#W*M-ZI)BhX{JZIzG2%+@l?{gS8_QQDKFA4s=q2iz};fi&r{@^y}MmJNqK!7Ci z1DGfH_c;=AMQNS&O*@!;7*9!-zvFbYC7GL|n27-nk(;3WTJ^OY-%vn`lN~It=D|Ho za>|u1IEet{ncczv^Bjy04v#@N<>2R21m;Oe*gmmJpSTr+<)bU4Sq1AbCih@BMr_Wx z^?blb7?`Kd_fwby`ar`xRtHapbCR(&y`Q2)rBu?=DLKdN1Z_wJsWw0`zA!!=_F3t6 z2l}oO6-+O^AVK*Mr;FnuPCr%PJ^%sVzJcZ#vIuNE54zp#>xT`Ta4$mhBNz)tAQbhx zIl18$j{Yh^;Q3~26kxJptdV)zL=?Z_i#rFO*3YeV$-fg% z60?>Q*4tN4-k5AH{<{M1$7`ot4q=0I`oTdA$=X_tkK5?HqA)&QM&|M}r ztO*n?FSI;^gAX5{_?o!WkyMLyBmO*Z6iYnQGWO@tW7XO81+gX{0ZzaN35I4S>^u6Z zp+rFOZe#H_O@qnRs!Oh98YanMfrV^lpq-}JO)$@e(4wBJm%SXJWn*L{qp9qBzx{?8CQ~ZykBRl@z z+39E-|9d0Fp#Sg0lB*o>E0TU=13g-@Z_T1_lCLF$SEueqsvn6A(=_Np@Qrzxl(k5e z-JR0w?n8y*6ORjDt2T7MKgj&rj5lb(ulY5t#w&>9dA641+{SD?%8Fj{b9;QQU!XK5 z5A5I_=%%e8xXEFT#`9Phy6)Mk)m^sp6>5rcy)j5~pR;ObTzn9NeFS5Y`7q*+*o=&{ z+&fzy->KB_|9O(*8Cw1L*Tnyi&PFHp`EQ&5aYM!A|6<8|JpS36=<$jH&P4i_1mp;9 zkABMu0oE)`ZmS^pW`aPk&~Xkoh4dfDHANQZW)R@dmu&l3Hr?foytmoVY&C>Y^k#u0 z4Bu(++s0Ya_@&7nSQ~seN$2djZ9s){HY)%HmWRWk?)waMD_BbLB=J~(>J@EI7B#A2 z{;1Hg@WCT=%kpY9I0yjA*ao(M@&e{D>+|W@E3Mvi*z|rY;5RKE8{(%~2uew0+bePD ztJ>_^8QyY2(jvOa&P(hHQ|W5!Zx3F}&!gS0O`I+3#D1$^kD4_B)wYD{}~+} zAKUt$lf!NN*NqfI{<~32-iz#KY@kOg_*t{)Tk0#iU%$%Vn2BXXTR^cnb$_qm7>%}S zfcB+^{-cbWqlO`wC;2K&py~X7G&;7=|0joA{r^UaN&m%?1G(n?Z~<(Nj)%4kPMlXbss*9CEAAM&~`buFo~_E9!{FeGXt0jm&3z>k3X@Gnpl0ly~T{ z9fCTbsOE6`?L(LMwGS$$*m!otV=&3h?nZ6ya$pW-gtE#vCfN{#6)M#WNw~p(#4mG( z;P3Mse0aL}2<}l<)~X77se@H_-6N5>mGf3FHS*sSX6QO2AreXtn!<275wPj}e|mIa z$A3Q@oo(g6O%zl9V@nR?nuB7|R~7+%JL&OCf&SU_E(rRD*?i()FBq1`pdZxQq{99t z9dr%LCv;qCMs546V_uc@zXdO=rvEw0W;o$4$vKI3| zo8ovaFunYo!XyHg?~-v?R@ptYP6u_v@oVG0LFa1}kNNZ=nAt z2M5mm-_gOA{%@q1^uJv4l}UZs)#D}X`W*Tu<67r#rpGl9a&0(M)2qE`Nw!OPQW8}I z<0IWGLQyEW{T-EbTv(u)aU6C?%GwYSxt>wy-C^{qL1 z!a}NSD1NtUipFEMrOUSRL950&i4|AmmP!TAbYAJAN4F|}`5Duk1|Z;JSL~qvw#9sb z&9W~$rcafrxXx`<<8IdT+K|QH&6fk*1fE-FDcFmt?vhLfMY=-|Dn1flyMcFBfj7&P zHm^JM@R1K_Je3~c{F|vj14UfV`hi1M;f&riDY1|PwHsTlif0a8pyfk4(HSHP>n9;M zzTw6}UVcX5JVychTbZf^Ah^!Z7-iZcXP5F2GV;sWHMgvMs>buLY{PyPZ94|0Py?#J zT5eSiy&FuW{L}{nYl^(~+p$qc;S?t#Jzsu$9DraP6UhD=EQJM!yeNb~kj!VdDATdA z_-F#{OrED!ReMT=$tX6nR#k8sMv3{uJ0wGD6i@u-b)uPEd;VPfEgI|3>)MMii9asm zEmXwFaBt3*Sr^f_gJ}V_M(+JP>5oU1nRZ(?QR>crDT&GC;U>)xj4nw+^94o=Hbx;`Oc?9l1=tA7~Ta>0Epo&ij_f&h^ECux&6$Z%kWxq zZk6Bf4COH5h8nUT(YQIxp-3$%lmzloP14f=j{_T_BnPKLfJsP%F2-Y=;QT?wOZ$l= zB$Myn^VK%rtc=LJ`7O#4lp{LCWPeI%&aK-1in#Qd6N%3>G`~U_Y4h!ix94RFR>mTp z0ZPC<0wGKQj3PkEj600sNL(_(jLee=AV?n=C7!`M1ZJ4#@D9--_?g`EkVK{$X9&K4 zocs@*#o!A_^SN&&+%~0J{#%fEK0~YO{{L6A{C9SAV#$A_)8pgQt^Bu%V#t5L ziX~rF*poZw(Ta8j{5=bDrh)dKG|ft4=2nqgYMtp+bnrY`=^fx}vOMcO8EM`VUov@G zm0kyErp8hm${>HHww>5uKC^NSfEG68p3Eh-MSJN?%l?G(oTMn5VM;ae8(4JV;g4RRcmN@ zhwC>em8p1ISk7A!ly!okMN&5VDPr+3ir}iLm1eRA5Z5cf@dIz?DzJNp9%zT5TC9An z;lF>GZR`JwICfXw<6Pd|{=ZeWAq#3Ye$}=U&L~duA=&taAUN#Xmqe#BZN9oRWRDpY zHJ5}vEiWByHZ_KEd<(<77cwY`&bP|M`u5I1zk?uMgn=B?LmOI%8AIMf%ZU4_p7H1l z$TK`M4iU~SDk)-sKMP*ABDiHY8-ST7?1A}oMVQNOHUP6qc()S7s*?@Ct0n7O31qFG z4M1IH6I==CvYQRSoQ&y;;PM_eK`UrT@v4ME^sxbGRTjFHz*U{B3tl(hT}#KetsbbZ zRO)}^A$b2&L6_DQ|NZ3Xz_$NCI6B+yiR#BcDr4c0XLUv%gSI zaU)FCx=}w>)LubFRsN{aP5G4?g|4dD{x#aFa{ZkYbzD+QHIc2Efgx42Xh9C2dqsGI=w8Phzd2G%v}({_#<*`Y35 zXKkd3fe!@lww8GD<>c0)MQR^tpqeu$Kx5`0jt3q=hZpjuJm8@DP)n~jR+ z-sUw(jL`TsiS$6FrLKotT58=%g#oW`+AbFEH2&Ilj=6Sd(>f?HCkASTJ7fH63^=9= z`Ya73D^$58RBzHMk}1cm>aVo$e1|6J^J|!gQxN>$4+ney_3@A6uRB3ewHGw<6qmP% zk$^GDW{|Vr5C04f&d$#M85pSj{i8OvH6d>2P$aSPQ)AvBRD@Vus@qMd_m%9yAXmMNcbUqxnBzKkXK3%sO zHHG-ZMvwF-AAM@TQ#*^Y?PF)iC2E`@tE%y?%I`U1kV!pSa>#0D@OIM%pX( zGXTL23GaAHAbr6MAU(#;=A|IUup$^H-E2LBtKgK3_p z^n8CmLlg9Qbifh5pY6YSbN%b#i~W&l@~;OPFcn^-z5n{iwO&8$et3EP{>Rt<_=x}Z z1@TA!XYjY30PN=EhHC%?ERJjQj?idv?i%dg%*SK=8ASpcFZZwa-|zpp|9bx)U=N_l z5R85tJOg$uynl`N-{bus@&0SP{|{W$#jNsm3~>Ukk{nG?25r@$LMrm%M8`LwB)30j-}2{@=&(l$0Ux)J;Q^Vu#dAA*bvC76Hzo{QMuKE z*J#G&58tM-?>aI>$vg`Y9maTub2^;y#?3lVIoNK3oPn1SJwz9_(DBdUpTRRAy0wtR zg?mK^lz1;88GvOa4>?1U6_XN(<1f`{=lU0+>d6_4Ut$>ZjZfSxK27&#KJ3QISf8VSa@?UYx=~e!#u^xSF@?SZXt?F-8)t{zM z`|~OPnkTna?QB&$-$7~S|J)9Fo%#Px4&C^lCtLsD%@l+G^QG>W`Bz!7KQ_)U=dpg9 zPq7Beuvgylqrw5>Lh?xi3v%sS_!mE>u6)5mH@v#BgQuX+`EdY(&tn>ZAj!wnI*ISd zzRoLjN3NEKvmn{Z7Zd8!6q`kqL%`u2x0TC{9V*${i1{NtVNSsg>6|a3)!^ z@|6(b-;?FG;O|Mt@jbB&9cbct(m__!z=`MWz>&K&o+tc{&07?AC2RP!Y$LN8;+OIkg^{29>6-cNh&Pmo>V*+E&SYhisBSy!x_9oS4sXhdqYSnc5e%$@c&;WIm*T` zEaqT7E$#Ze==KNFbVuS5&2p0Irk=(_ZJbpGk}O766u(+bLH-PdrY^}h_K6fN(PsI`}p zxx{FraITN+Q3UI+YjnZ(Ewmb*E_d8ftv>>ssGJk+X5~|Eo0cDA9vaaj+e^t4N1va8 zorGjF9{M%B%t|js};@0l#Ihf69evzh#`*5kp z0@ohI`sCM^j$8WY#f=q|m!`2T=|?^}q3qz(WP}xRH_yVv!QR8>KGF0dYC?4`bNyY# zl-r0a@kPXAeP-=0Xxe|F+Y6fQ1HJBnJ~opv;#NIRHMw3&wogA`>< z{#yozqG`kEt$A58rZyW(H5MiY^D1`b6m-SoS{YR{{ZAL+n(6=1=)|G_+x*X)DF*$& z{`In7`tOg;`Pk?`pGDsapL7u_T}Cx3X-+aY;SdZH*d}ObO;U&&wAXln@Y5qsCYLe9 zmWPR&LW4(0YpPkq1kA-IB==y^LK z%JR1jeS|PZmnh5e7>6)NO9c)r$LTwipq%11j^H+q;5LrnHjdz?;|L1!bFSGcz1fBm z+=dd|-UF4T>iqWt(>$B=E&TU+G(q|Pr!sG2$HQQg{nw#=|8sbFaGywtw5260#Z|MwRGD$h!|O=|%IN_yzc#7HI>=8I z;8Y7V&Z)&to90vq=QJlXk$rci=_*qRbHryrA3)(iKLYu7i3q{sH@R+<>8jViYTm0& zJAU}~b9dyac``*X&ZiI8Bzn2PAsav>HMUgO>=`!fdalMliKYUe00bBDJ$#@SaZK(5 z=P+#;rj#gbu~()J3e{T)a1x`rlb4eVS(2>6F%T0dF+cI4g` z5Ool@;qF_Kx-Fu3>3?<$!~IWOq|X*OL>FO5=1IP+9dHBvKRO%P`k#Z-v+e!=Mv8U+ z&zBp>^#(sP8ayT$U>jl;jSy?kO&iP2^nFVn8Q8M0%geCWKL016+xw-x9<>}CK|p`uR*`Ue2x5<&11Bx>lZIg z^55~%$g=-DJv`i=|2I+$`R^TD@%{upzJa!Ko{f+78<6sWS`bmqDx(Cj1)ZxMN|}kk z6#tl!d20K`cL1gA<6}^3g{HF&8MiU1dDpzG5ti_Wd6~iA}!Q_R0t6 zR(t{t@w~@9PdFbGjrd!(C>`xucgnK{uR}tHS!;w zb27iW2-tN0b9`p||D2v39&F{mO%zlACs({jouBM+D+PK`(f|-a@4mAj=n7|QDE%NR z>EmvOexKtEMa^PLK?hg|9|OSu9aPZQM32q6%pj}-Hi%H8`3F%F&PoHRPS{}T@2Ua+ zymx0c^ncZB|DrU}|Fc8;{C~DR|8J-W`p>?ZYpE>k#|D^xYf}ICt7bT`!@rvrR}8@NCn^1ME4yYuSCqrXTCOt^rgH;FkX9aL^v~Kq*rCHW4|>$r_c-Y zr2c*NmLA>RJ-my0k?-$_H(>?AS(w0u)CwbbHZpp%1Bg=ct*@Y3{*IU*{Gt{kOeJ zxh;UOEM9~C*Wu~ufqnmfcDlX)-$>yb|3{Pq-HDh>mMai{d;bjO_Gu1ZQW2Y^kJEsv zS%THV|G#=Bt)=q@317Wua9zFNrf+4&THRAH8W_atHM~QB&NE|1!jsz8U=_^3xWfkl z{;bW6dL5J9V5fQ$uhvuFNL68T^-ii)pQg2*e-<`G5|8zEdKDn*h~%CHA8_=M`=XX% zRB_^g-x;*=;*$qWWs41bUj6<#d8CtZ3@4hkWQG>x4n+Y7(C3sLhg`P>VFAxa=dG7Q z6kE%uv<6>+1g$$_Oy2-GFKwWJOEU|YqdR0L{8c+eo1$gj-)V+&w>}looohCSe@}3e z{tojucE%TwlmDhNPs=(_oGtnPN@u~Q^WWj2o&R-oa=i8b+(;1&UfbLK9RD1?+1~%t zarbP&$y@nl*22`ott<9K>~6yiqq-Z{uHKz9m@e(wSpjQ>Lnj0uW-#r|pYzY9R(mwX zPyczWjNUYWP4xfd)Y1Q)9&Gi08!4Q;tGI9dkbV&_a0P;2>)$WCZ|U4$*7ke$tM_f# zhdZw&m%Mfq)Y<^>J(|Kx0RY{!2Yog8oJ|0as0|Kj3%k4J)ufBrkr zmU}f`z&jq!M7LV6OQ-@t0QL4e+OOWVgc9&4wLE44GYoHI1Tr*68A?L*jL|eGjObZ6 z3Y}W3cC4lvZG9OH$V&QrSS|gxuCJm~n4w69f>_nBN8Dz~Fd;y6%_Aqsdmt53AVpbW zlz|qAz02S(CnQJ-`JUmWR6K47Uv09MDmCOJCbuvK0bjEC*40e; z8w_RrA&esBB4Dk6cH#AjA)lh$TsAf4aGu}=$|xG<<9!&%~at||>ZQ{YbGt_Yw z6Bzv+#xMy{c6D9z%Jn-^f{CIiTErOc=xnxs2CV+8>aScmXwLBE;s*krd;5pBCh zDluScXECqCOpE2ksdpV+v-rx-lC2a@Jx+=pD4I2iGCo4U`(7?kjwPlWve5esqA|Yf zTNcViw=HF%o#{f1jRg&wraJ7R|dR zg*d$$mE$|-d$9LVC%F#fO2Xc=dG<~orq>zCNl0Qn#8Dom@`EqFdrz=DX@|%_lja*1 zkLN%;bgiskWpnk@zAJjVqCTtW3P@s3&!sHI ze>6$OZeyI}^6v^DwQ08jwXE&|SnEp$oY$UMr{o&Yjc)h^thMn>qgabJlTejCQz-h8 z6DWSS2Vd)g1MlA^O5vdISMBStc7l52RXNy)l_CH}(aae~sF#zql2U4BPajc$u|GZ!uJoU5zO^6p3@vkfyT2z@bYtxvINE=Ib8Ac>e`O?>Y$Tx z|J};SuKaZYR(Is_D}N_wYfa47VyH?}10UW>{~;w5coK{y$Rqcdh|_21o+0Z`kLLN& zb8_^<>N;VWYsEWjx9L4q2g?aEo}OCo{AMUBB|9Z)@-EUEQL_$sJ;%H1=c7lg^~;t@ zG`BxPp>UW-m1+mi7Vw^F%xe`R7lPGFPmG{LWiM%`MO8g@`zo#RO+bBH%$EwwbH!05 zt2!Pv)yxCceOG2{dXNszQ)9w7QQ3B@?5SOED71HBc$r=aVplPYL0!v0bu=S6tk~7|)Zr%0>0w8=d zQp1sjlch<{w^p%y*QHkfC;w%l@+D7!xc?~>XZTMzZLbk*xc@&mJFxRV933BS?Y}ot zto#2^sc8CO!C|TI*{~gesRHEo09}q68sL3s0c-LVmiYeq^-1yL+!MueO*F3S_m2v7 zTzk8q#_#{c&i{3EGTQq8ZKPP=zqY)6PynsF$3_DT(0jfMaL9m;c2{vb6c_XrG+{OC zz-7Px_Zb|IaVS!bHBf>k|KH;y`};pRIoZa4-AJkU{*C4BlM)ymKUSJxO=8V5f`3hP zU#3(%I$7A0lV(nXLhV2KJ?V~XP$*fYDT zEr&%Wlk%67%EPq8+~GCrwqn(0yt-Z-2mGJYz}`2`P7|YecG>bc?YhT!4?e?u{(zst zB$#XW&Duoi%Ky{(ZH(#k4awgj7(HA>QHCh3&lA^l{u?>^pVPx_{*TQRi~m8&2uz~&`9h}WD>;JovV$uH_vAjU7Zy$8u+A@!g+&kc}`&4KR zXp(EFo;E1^WIbEmhf$Jq`};Q}K~3krVl1tLHVkE_rrC~MogB{)nR6qnq5S&>g(Qi5UY&RhT>o9!fzN!p zc&VIsynI7a?O_aqZO zj%tL10oa{rzyI^}_~5{8z2q(xOIs|WwMc3Yt8io=4#1uO!1aqP=Ixu8f9s0D*@;|@ zFHYws5Yn?&PQR1cy8lT_d+~40v9_hp(pLVvNl{1(^Dp*A^r!zHjU4;0gQKng=SGSp z{}nEJfGv10(qD?g$7=~@L*Lg4KYvKkd5P^ORcCEZ>vO%>Hp6Tk8J)wI@{`hHc~A9UwYg3D*%-H=21!jI{1Bw09%&-7h?JSnLqZ- zgO{ZLZ{Q5|W&eM8e0u8G|8L{}Y^GGuf408s;Q%5!$s^_gdU%z-u6jM$o4}~qCTZzv-DmM2mPqyDJi~X)kNB*w| z;qQ(ApB;@H|KGE%|KCQ6#sBrNZ2j{8*a-Oc2>HJ`fqoUiI@+JWI3^*?k^WG{$CI~y z8sDw0twq}v)?-_K+~2v=F%Qsp$PJliA$kXsiLkV;dRJk0y_C1-W8l(j&_91K0>ZZ! z)0PlXI`V%Nr@2!&;3ocm?7WXyz%^Zc zn~0evT%O3l>P=-BO(-k02o$Vl-%DUkZQO2ggVl_D;e)O9Su*IR4dSZtH;XlJ!wRb* z9#0rf1@aohahCY1jR350w++kr7>l3(=Olv@wEqc)A)@p(iRvA^8%h)ZKXC5<4-QVZ z{C^{b6P)W`FWFbl7aQ=^UWMPMi*TrIobMqCXu1g7h!+mzeYyI{N+FD6#C^Gk@=x7) zS{vC;&!WFF9l#yWFuQ8OrSuodBT#=>6GcRsC$#LlF^#C(kI$K$pE@o~q)6wncL+wm zWjIG~lMn^sH)HCrVe$}YukGKg`ZbBlIA@wDS2?*EiBN;PrQS#-9Qa2W&174;mU{k=X-M(q6m|&q?I{iX|LEZ4 z%+CLJa&)@o|C=cF$8E6>hI|_g!zoNVU+J z+0}=0in2sErIX{AS^GI8K|-QJP0TweS_UGs)zFi@*?Y!o0aOYpy(gJ-gl`5)wOj*G zYQ92yl9OzClzqa<8nLzlfU1l309MIGeo$Xv8j=Od9@=ixqCxA88Wk-lN+OY@j;?LT zmhiRRvo-LoVe`89YrQ*KAhO?m?BcQySbN&iVxTV|C;v?)mE8({f8tUv|0QF3d2_Xr z@Yg2(`^eJ&j83=tpEp#vis#L%8*q7ZwbCVz6cxpe@#uVNls%04ETQaq0zj1E1Z}s$_&TcnA|4;1ue@6ee`u~j-asU7N?|spKv11-P{bva2O#ju?|J3w< ze?ts_o5&ku@9#fd>_1(|!%Z_w7*tm@c)&owk&p=8+h4-G|+$X$7KvD?d0-plm_~LJUTkI?Z3A7zZ)vr{qK!fY`|9= zl=NUlhG1=>@9H|Z9bI>3(6bJ_=303F2To(I#z2PxU@F0m07>|iOuop<4*&#v0mx83 z&k_oP;2F4|;&2LP2qqL{==V9IIZh@3g6m(o!ivmu5V8TZE^aO_etx<4|Gl~?yJF*U zgF3F7A_3U$T|B6szN)uk0JVj46`6ib-U6f)f}QlhfM@-5PI#$KW0T zM#OOfU;@k$p8*)(!w0JOYy)AV&+Ne*sx(nE7eRG_3j{b9-Fp3JB|KP8<|^T)TZD}O zLP$|jCn5P1CzB^Ye1gSJDd0bU4g!56TB>LRP~$e+cys>T$0W51rUuapq06?{j&~#n z+~*+pXYkJ;Fcpy!!K^E7o7HuxED&Q|M2i^YyYv4(nbR2U-)ogd0F&f z7g-(tD9y+MQ%n++`ApP}ql%x-Ydw7Q8l&rGhSzRx)ORR{I0-=T0>vmVlO=eht&E`v z&pc`T9K*oMRwf(`X%?!c|H0_9W2yxUfJ#ui+$Qrr|BjQ$w&45?;`|lKUg3-~rby>A zo`&{nHbW7H_2?EVBi1WUCamMuD0f?05H5>%r{iUCuR&1@bejce%ZKaf|B8-(vNYNM zo!a`J(b?JQHvj8JiqQX{jAELjBt$*={H0}&2IG*rpISwasmf@p_5r|F{Ae)9cf(dr z02QG3%=32ght!~m=^_k3un6-21e}Gvz>Fd$V;X>fTMq>wm=c;_!+gpfeg2gbh5!VV ztE>YMggkS|45k4HBDBDvLq{t~BLhbQRhP(A-zqu*WDPsgJUNyPM74Vmt81FuK}~$PP9LLVg7i7Vie{ivr;v48dzPs zHd%8ejWfDXDEYuxnu`rj%H|3X{`i(2vTfzRON!sTx>?Kp-_eni|Nr3Z^mr@(ZK81T zPRe|!e?vf@@b}GaLS|&1@2s z5AV=J!v|6T#H!-NfQz;lLJJE5j(XOYbYw2TXy?z&YZfcF5>}}rOD>$OnT{+eMm1N| zM6$MlwjRsvO9%Py=Jns#BmbR_?E9aCv(v5r$3}`N|MhMN{MVBIRxlg>^T>ZUum4^p z|EcY@cKHtkr4MXSxSM_hsj!@J|5BkY5LQTpV&{79PYbYK;E2x=aqz$g(Zm%DYa~Ml zm}=>?8z{YtsDFEeGOBL}eN!3L1JL7>Q5&%O*O5`%%73QDx|X#aC)$A3LMJw4mX zf14zQe)}itUb6}ED?UU}ES72f1f=nkXkKgg zB&xi(ZlTSsz{R>Geh48vSTn3da;ZyxE@2E@%jW6neHip&!x6Gj$C(U3DRfa>|y zXgT`N4WRnU|1}z&+UNhH)01uf=Z%yO6mackpnaHPMyv)VNk>~ut63LgOq&q6#(`$% z{aIz2{dT`nF!~aX#LfK1XL75!j_Ab8b-uNnyDk3GK>tfV|6bMTt^;nM|0jnBcK)Z) z*~wP^-$;=G=Y?aZ{MPw;gJQw^&<6W9QfGy5A0EJh_RcAa*q<3nB9!sA*Cgtqwe?S^ zXNG7dnOKCm(7g(UrKyh9ja?0+M^q-UsLA6r&vC30O2~C7JSEH0=(Amb=xZ$0v3xcl z5WaOm!C$OB7x+53Ll62XBt*f$^-JZsD$wuc#DhGWGm$|&Eg%#IuiW0&Ia4e`enR1r z!V84bOOiflO^tjO;t;}Zy6jXTT7@!@AL~1yQ%L@JgwAf^o6&p zL@$|(G$0b%3;WW$Na=h_C)69Jz3Q{u{b!6YF$6!$P{a{9B)%upLKFko`#s=aGH zVg8e*C_HaPhV^a5TD6YFqHP@~|K2h1e$?*o?Q!rsEVbvqbP?`7ux|noB?Z?nZ?D*AN2>qvfepA!`(t^+Wg3qpNee+ zlLr9f9A)Bii)4Vp1Ph}3U7apVR4HOvd7jixlPWOKQ2S|BsXB1}A@kTx%M)f0SVlK& zGAL4mXn|Jtp0cxiyQ9T;9>?-5QG^!Kz%Mns!Yy@7vKc534MqmXRnIc|jEsapJOPfb ze=Z#ZYc$W&D9F+{`~4M#n_#ma;jDBaG>)4}$kp4iXQfQjDF3F5u#kUs0o)EB$v>wY z-r-~daFUZE-=8vzOCn+O_DqwL)d$DO1UrAgWWw4P7h;4KDLFCay6BWpif?07#Jegc ztL;jA*YS-fu+cpprE_|0~;)PNHhZ{5zSVn3PDnM6RWsx6@$Q*8x9HCPKD zib9H8-xuhcf(--48JP)_%F-W{qCCgRgfhB^5<1UV?F8NP*n*gXkoORQ`zcBQ)LV*! ztC_a4h0|&CzNlIY+f}mKZMDV~Stq&AE$V2J2n`Gee)bW=C`Q@QA)U{v>l%YOt7{C- z`=|uGVD^0d*!pN)>)CNF7P1xC|D>f^{$~fpwaWj8rw4ZahqI%T(N_N7MDfV~(3byi zQWW+i|5s=o9?!i`If*WkdF4HiDb96~+5Ye)8PZgiWzSwcrKUl8qGg&qZ(?jcuOdmr&`KiVN<&TR zz#c;#SKx+!26p#+2E$sQ+sIJ@%f;Ez2-opP5$jdRN)>S`EMb%n%`N!UhSqN<^#L8} z+61Nr&O2+!wGoU(7!K+}vudA9iAS~>8Ct|ba0Kz{WypAKugE6Q9LM{g;5;WO z%4Vyi{^q5g|Bpr|r*{62v(YyG`(}z@=_JV^mXW>LvhT5V$2?&o1^*(qpqW8(3xZQOwoPa5bBOz9lJ&CqvDpTIY zj|7kf%8YPiFp0nf^040tLJ_iiGYvmx%9Og=*hAMg@#@N$L;YkcbFD3EN!SEh?e~}h z*~4%+EG}WynbzB9F{GncAz4+Ea7ylz>X$R(x#i`C8%$iPmXk{SupQ^U)D}bL_G^8N z=ascQx7QUmrXsAG{R#L?0ZgmXi+N6fv0y-UP;R7LT9S`R#@7$%UoFg#$8CwnD0keK zT<|2^iDl(cKXZw#OeSMrW{&^EzHWXKs=j1xPW$9OK^dLmluvgCbIhcr2Q?`ncof4I z=1lFUvHt_Oh$2AAOenWNh9)qJa54e+Q2!Ze$X##_(hTk4gyt}gpYb2_bdtdc z*;V)M5uQx*;2Z=;f%B3ZC8NER+aw3)fIp=3FywUZ*)1BA4DIo!TqlT0@{IptdjmyJ zQWD+B3+)VX$4_D2d=B2A1wji$HCHscvaz)vLF^y?OagJ~U2fqQrQHa|5C%9ttb2WEZv_X80XW661fOQcmw0`jXY1+I*QYF5A5IKWS>s8 zCwpo%m`$i&^@}zD3a11FHwh+L02R%31Paj4!G|63 z*T?22aGWzP^`U9H6`DEoAe6Bx!|4+4Rjy&pM@;!BrXD+6BuI}7m5 z$0lRXA^>}-?`hRGEb%Eep#Z{zN9`8eJ0Aga@nP(Z`QIEDU%#F^6KVC0*ue2Is$r8V zbKia{_hid&r)=Q+aw>LE=a0ub0lWDtoM1XdQ8llxJ%6;+3Jw27ZVe}yf05fZjwza2 zX=ebwa07(@fwS1UX=lBu8Lx0CD9;1daZY`s_awWE35-Bs9T)-~hVM_;>nk<-Uw*45 zZ`xK;0XOJ>Pu=|gXQ$iz|C=es{V&grDLp)XQ=44gqPElk>zgJp>`tyTl)?;^+Em#w zCF~0Pc44%n5n4i)zWV*APbabI6?s^pP3#r`kPefpal^P zFuf*O4&$IWiJRtu>h`$><#MLf?ee=MbtVK3O#(q^1aK>0)K}m=qk-cXP5`DNIu^eV z#|gN++W#fNIe3p~PT7jwBM`y_@O%>44CGUomwjTYq^0-)Oi+R{sJZIc5{UnP)xs`tza&;irW1O&N?1&xQxXgWcuHTW>7IP6Voo1 zKPv5F%{e;Z~I*ybDE>Cla4meN| z%28NGrt+`im6o#?CzA|O`i$EnaGp|FuUc-9@&n_~u0$(khtNRe;eA8ZCwa11^wTv_E_Ec&&UpPhl4Kv94AOsH9V*Q~>u>vOwa`@0Wg zwsyY;F&N{F=08cAsDe1^C@4ZP(in#*07FJyoJnc@JO{hGqLM~YSkH`8vm*shXV(~F zQR~sgU-6C)M;ndNRO()+X}vN`*$vv^%y)P- zaKrm|hE|lns3Hh|yB(%44oo7pzjHLnq|1r%YnW#cjq#nmNwhEvmiM#P@2(8P>+i9U zV+JMeZwZM5e|>e`?pX%~%=7w|&HIEQ-K|`Vl4lPo!P4wuw`#1iR=EMB{l`7JYcf|4LkKM%aUCN55^edJf!vLVXy z*D!$-lvTf}*c7G6DJ4$oxSn{i=Y@4A7mnt;yTd&0KtmZdA{lQ!6uIt%s{{WX!Wdnm zEEhl7jF`*@b96=N9LZKv;JGZ{I%K|wi8hNP2`MF#dj$BwHYe;H2Bg$v$(cM(S1p^9 zV!@4Q-cn?dgS8h~EJiLztCSSfWIWJWAzRvtEv4Y1`gWy^Mc4?C`ol|Zcn=~S z22GxUm!ET#B{1f*iU<;(f-+J&5Di@O8)JO68~mf$sH=6*>$+Xb4a@0nBW({1Lk}Ilw|ouoK9htT)5u7v&`=C zY?}@^RQ!aA^1H^sV#j;|Il0L*oJDf+)_)6-exuX{e9p8CT7g4!Y<2`%mdPcSkNzDA1vk zWYzXJoKM+DcacQuZ0>ed-Pukty+W59Bbb1B%E4vxFmzoyZ*VrP_HFVCuGGtC`&|4Z z+>~zSW1a!zyrFJ}(ijTqP)@^^xT`So-21e3kCigMXY&}7*N<=wbFZ&j0ch_tZWyO6Q%i!*>6@S5GzsC zk-hL8&wtAaYTriXy&c=@h55jDd^f*|Qgi>W{6ALo{%Vf@e&WP`Iz2hs=KtMD`J?g5 zv$$Q=cvbyPrmWO(8!8k1XnBVC<3ybogeR&l1Z%Z~mn?5D|I|NpO&P04WBtR-g{FJm zT9Y&mIfaag6CO;+OmF4U!dg05Pi<3#apT3BelkyucAqt=*z|Z(hAh;zY zHf@IrUQrHE!E+3lYT1s~RR!nK``Rq?F)?1ne`@HzigNrjrt7r-Js6En4{Z8>a(ud_ z|C=by^q*}5wgujk7dXtj^8lD6gtfN=R%+hJKbHn5ya^Bc?Q0|Affv=Q(;4Z3z72v? z8ky>Z--yz!U0Au_sAnu0F}=kwD%^R+2xis~j?)r*jolk_-hqO5?(mcg2J`ceCfq1X z#5WHor@a%)k>bjczE|0ITWaaQyd3?cnN+ML|Nm%oGP3hOjkfupHdCCCpjz~7WgyF~ zYdX4tAbxcy4GT2V&ibN;A2X}!)7}&{Eox~xfb-U@J5k*d*ZJ!z%chd586%40$FRM; zyCdZ=-SN2wP-8F)UfoDgvH{eqjPIrDh~N zTKZ&^8G=AW?!{*ivklF?-WeQPLw@O^15*b=(ayC}ui(};AMGH0EXQVB(El0AGaRmw z{+}KkJM@36|KCh$Bmc_{(2?$|ZR4Z+sz>b{pdNXS0=&9S>a6YpsDrdSy%kQ|>Qca#9z(F31~6P_Y#l;bUlm zMK^H&cW~g`lf4urf|2U?{Wmao1w1xt8*X`;@9oZd_Cw z&l3@o15?07&Ipw0f;8Tus1P@)=RwQC1TRnmlw+e{FvGSSroxS}z5P+)*2pWAzdF-z z<;hp}So);(aq!@u;I}_@6c+eKtNJ4ccciO5Z^-rIz4K(lMI3~l4j?J<-kYrF^uY%E zmPZd`jlSP=$F_VQr3L@b$b8wGe^Hvwe~0e*@8D<~|8XOw&H0aSfR3j>v1$A~d7dL= z+5m_VJV!sRa_!MibRaZ)^>Ho)4CTXMW_dE&B{=TRNHTF`$L?tWj<8$v8sU%ohLEo7N|QvMYJ@^P3KCk7og60?y!7 z*FQz8+WVj1tkqck0;q)SPjdxSOsVxHP>F=fYarKMQ;VhQF0YC5iyXuV(%itf$XRl0 zBfTob*0*6N+w#at4gb&31oJ5IBt;p_Nw%y2(8T|bZ2RxSgVVFE{r5&nGe<90U+o8- zmEmz=z~R)>4-g^@F6OyIn1n9U%mUR0gi{pWarvWoR0M5ApE1pKU+(=Mz;6gd!fE{; zCOjuMr<^1KGHES+CdK};Lw?AB!khY*2|9?PBnM7%>)|`Zs4p5`(JKk3#T7{UlEFk< zgjy}IvOpOg`+}^3fTSY2!p@K`!AZ8$`Kd*HoN(Hncg{5G5pbF$$Yl~-eXfFtWpiIcaLo2e@@Rlr)mcG7d z#LWfxH+PGGh(>@Swo`*ld|!NGdm^z9|1%Hw#A=v}T$>lDXtU$>KHs_^Hn0TyVaSGWZ$OBmiOVr?D2+nT_y?B z5YwBSq^YX|a0m8rtoR#y5psIZisavf1UyMdhW>x{-h4Td z8_64-zw;@u*_3rrOJ?!rT7A}I%VJRyd#Xq-NtIfoPo_pjAej&&1JOW4va%(u^=quz z_q|*{$r`Q*0D-vjVjT&aX%#bYI4<`e91i!(2CDk4Lk{RNt@vKe{+EblVf5b^|M6h| z(0%{EcX+(f|E(o;!2fbRIIO^T0FW6yz7Ai04ZbBp&ks!W&!qA_MiL(k1wz3iT*MU2 zakng>UBgth48ston8Yx;&YQ4qGxEonWtU7!IVUl>?WjP%RJFjhN1V0mN#D1n2R;<{XuZpk=KG zMnxrR8j*6i82{i{aV|?`Trz8xR=KPh$)>C)tQzHN`b$IZ)5Q9J5zDb$V`+9<&q5J0 zaF?Qy4#(Q*m}oyD>9TCyCmb!7tu8Y6vh}ywe!vn+CMX@FjOC}gh9z9?zg43{$Oxsu z7=_n~K1wfBt0Dhkg#D?|Xgoow?-`LS4lC3cHlbywd#dVhq%tU)iE^D^A$LK*|}Dy6q^3$?3MbU=f`cVWilY zWKk%iN&WTi`pP+ud#@z&C75eZoK|G);lDBxd%}g3&*b?u>NTgU-ZkUpTaloJlS&bi zlTaA|8U}u4Pr=xD4qojK!cZVr`q(<3Jo>LB!KJ@O#Uz3f8x+KqN{p>h7DYmBk?UEu z^pY>rU8lpymrq`i2=Snoh}-9Ru6ryN(HZh}igBDXoPqkMc`h*(r>!WUO-wCV#`XqTCz;8(WMLrwm0Sz*0hG_-_7HDZ&gDosFHR7@jwG zx}ZmnW2wJ|zD@Vl-$#?R=1rGGuDGSupY362;IM|T+n*FoKO6ftC6XJ)B;J+L=6{k| zIIAJ1cH7I0OCnVbV!jAPSSXwDvhKKKGNu);ZEDc!Vz1m(oLaJ{{Gwz6`LFWUqpz9K zU@-8=(imy824k1D8unt0i*e5>P%p^ru}*fA{dYHkMl`CjT9bFTgC7CWu3isJe} z{j0S{X6MwMGYIAjHJJ~P2TbEQL?3p*Rxqh$B7OdU+XI}Ui3eqG1ry&!ms9Jxe{rq> zg)EjHkarV zlu14WnFRK(K1?C?lyIDGwym(0zmfcul{X|Eh)bQD1ZHkaig0h7u+1&oC!4(b|0#+P zB`<#&!r(DW?ovYG1A0pWVK@Cgx1er&BhYaFcesDxzW+Ns-RS?fNHsAijPi3$lJx+h_(QVg;_p{I0MtS4 zm9TB#e*himO&K`Ib72nvqnya>rAB)p=t(1p+S79DUUfJ?*ZS12_ClXfGQ}aHmOzr` zq;g(?nplv}tZ{}i&PlqWpX*~Iy6p!Pg(yxjj25P#sA_H+2BkNTixDE~o1dB@z|B&K zc|@}YTCBJLL4X*0N1V{FTVj3kpJhyb87KG_!SFhcW_|fjp>nDSgOdjy_P1r!?;h-I zl-gn#ek$tyS?N?sEZ!+|=(+=jSqdIVs(|c^UkQ#ue+Tq!BK(AQi)`agvizr}ebG6# zYU{Y%tg?e)7CfSKxdf?7y>xA$-=~>s@t+n2cPOA}ejiXx_TQ(6d#?S*(ed#H|E(jn zfj4>?447C4jcBGVm{FM$ibh!0p#EuI8E~=343n~6u6lSxfMpbc9QoiP44570T4!*g z3FW^#huVV23jYft3bfAJhfl1(T_xw?ljHJ9QeS&(;SMrc_$jhUm#>KlTf(WwG8fbnjugB7*!MN--4lC+;Yi`dj z4i0>^bIe|4i0(i4be*W?#c9@h>M7=ox(u&3{J{R;c=)o0662{^zHrQu#lZOsnJn#Zl_zFZ?vVBK_aq z>E3ba{nx=J{>NHUC;gwPk}-{GwTf;~=r#%mGynK6G!tLt1rrYY>L^>(pzO;YrB^>y z!Ur{_RhDRE>#_b;Ny)Su%^jr{nk@1H@TB{Ey~Bg{Yk=!HVW z{N4lLCuJM^a}NOc#D0-CPrp2(*)KT!%WuD_4h?W96{kFp9AqP_k&p9}4SoDUStRIYHC@KRR&F{|Cn#{I{M|yZ_ZX7*s3+iwRWZ5p1FA zTk}0aMafq-COz{to_;krb8pd_{8^ zjbz@8Miq_lEOXbdy+eo`>W^0fOz?9?MT^?4uCx!g*qAIQtejgEmM?nT8h*WAKwE`Kzh87v^;j5fExV`)-N!;>W;_wfqIlUga z_@NK_lPs10+_ujLwl%%1TU4~YtYN6OmzNLVJ;P#I(JN}ie{06eGntAI*0CqL*a{}q zHCtd27VkzqM0XwkTB?PK0$&v^ho94TJ@V64(>*2lRaV#J)jJ(}+BCr)_xsI#7nfuU z&Q_^IYFDWmwPz8r8!ckD9M0nJSG^jteOD{$aeLok0IV)Hj7FjJ6qDPnbEU;Ete*R# zy7G(or4NPJ19_VrM#2wAeNl?68TY88+V{;Yyr#L8___u4$|756qDq0UT6YoQbc`tY zDWlQPfKc$0s;OrBBvuFu9yTQDc#*j@y=xf3y{t|-9we&zt7qR*mYJE_&b(Q{@@Kwc z1giTWb#{w(MAWkS-Yl?NO;tksK8jLn+MiX}!RkT%y>#a;bi@sou*^Y(O<+3-lWS+{ z<|hxeW2;Q&kR-b7Dwb#k!*PlC2+a=UuMP*a>wuw4>P~-A__@e0v{c=x&&#fn_${II zG7o#_(no3^^mAWvVITCrE;#}#snOgX%epnz9k@r$(g+r(M_EwO=5yuKLTK=^HQcE4 zNz!IX#<5aUDgUt)nPMX--r0 zW>1W2&8lr4#BFtHEwf}(tUA&en%fg2Ud}BxEkzafyj*;MLD~oXi+^Nz3L_M!?I*{o zbDr5T`n8t1aR{Dwa?A&wLjPncuC@&XfN(rjma5*_YcWDf3HCD(4SB}sX^djd(%q&+ zAR=}CSPqtR`fTXu+V|L5uXP2hRUPu&Ai5}!k8ZtbN-$vWE5YIs5Z$} zotTHsDW$WU z+gG&;am=M1j?8Oj5M#3MhimA(XE1(S`02|gHQxW{v$T)} zScCo7!O_vad;foMe6+d$Uq@KEj5h{aw4^i8!J^T3$(H)ZU znB+8h-zh>r)oZU)A(Y3;bnb@9;F zse|nbLVLb(T>s!$bP|jRoxpSlFoeK3O%wL&A7x(1(}&ua`Xgpa*!P zK}IQxgPE4vXHi6+cEC4;4so~x2nDw&iC};R;EjCiD*}IsYy$;WQ219eWZz+y5;}W} zCpeW9#@S?uDDRTY1x7f=Y>YziD;bJvC`uuY?W*^AwJa0QgGX7^RCSTFUG;~e`V`U> z#}9813?m$)90Xh^GPWiN)fYaxOu>c`p?OI$OTUsKKd|Bya5;@wJ}03-7oq@+XMiHe zh(kw=qk%#p|0J=RQ~j3;DP!i>v9<31y9dDksTQCJpwLsRx(@7m7w_(p%w4r2F=HaW zpJSG%e=Y(kxzVxsnZF?@UmmF0jd?G3H`#~(dDu>UQF`M2M|3n5P}n^!&V1(9w* zKHX1i<|BGFztMSBfnETA{L%ZB4DWNE4ggC~P(Y~`41N*j{yR|6 z>u8C73^r-L)PVm&h$bXvC|v{rHtBy3_g(*Ad&j4n_kU|i0_eRFvwVlr|AHL30ZO812!lrnhA2$Y!%S9_cP{^(m&zED)d(yo z^e6$rIzGj7&^J>r3JVfVFqB{2`)GD3wY^kR^P7Q?1jHiL=M>W^)1SZ(-^XwY zaRi4EufJWHyNo`d{`R)g2b$ks+1ERrNze~0?Vrn2VOBD*GlR;Tmu_UqUK#|6ADT%K z*{X>s>x#ZWZO!sill(_XL}n8dF9HCXG+uQhmT1%4hKcD3#0sw2}tQ`Re z$kHgc`jr?Cn z5>kGtcR$Z_@54nf8I8PBoT8Ls#J~`Z2t^`Pyu6*jOk7V$g|B^;a3b%1CP{>(`yM6I z8Kx-oUads4;&MgEa((;3#w3eEFhqc6v5@ed%bWyK7)2<;Y$BVQzz=wmO*~EdD(5xB zR9vJy;3CO$lX8Fm)}EXZf@wyP%_82B5WUhnH z9cV8Ft0n0lfAo|Cma`xrSuEbc2)0%|jC{kD3(a+y;*6D}FJ8%=RpmW-L~#p3>Wa@x z63t=`sLvzFSj+Kni_F`!A(m>;0&fvd-~+nJqUf$$@KM{$C8c;G8g{BP+_Zv$Ws2-# zjxk~B6-xQiY%xwo?sgWkZ)Y=kqqi#*m^LO86=L%5s$6 zunB$T<|RTNCe$u^i{nSuf`W3Px%V6r$92Peu3^KO`B%T&wEZ8QcXMx>Hik6kDwR)F z+7OjcOejug3vnGmSgEGPiHk{?zpz-8Ihl18jH!k%bt5$;35m$V>@J}QhUX+^DTO#r z=UdDM-IW!upc9-2okbY3`e!(8$Tq545ux!Si&a-J?^`cUL|Ff(t5*BlVPPqqA13j) z6b9%9QA|SZMqu9l*VelD#!X42{cJ71{-d&Q`Fc3PP>=~uB*FEoRLw%<*IWFw0db5dQx@myuQoQ(oVvWkT>_tCvm$u!pO0B6&ZFY}}x4P)gQPt?>U)nQYlD4Tq|HD$4qEQwtWC7mv{%`N7WdF5) zvU&fvmL!xtcWRcGY60#noiEV>%ou`on1Gc={Nu3|-xz`|(-2Im1oES#Szb8Q_&5ye zcUNpPmOz?f5tQV!HX19sS%lzIzcdh&=i6A-Z&F37$A3lOpWGG1`|cs3n(Y7gkKOlw zhbMa*`@gj$%l|_$x6AYb@!p6Yr7++M0H14R!3#U46{@%_=e6%M%_vH_OD1}z8HJO( zySst+^TgQls{_jK;Vt}9{_Nm6e|f`HrtGR#_`2v9ukHKFBSwGQ1q8M?)N)gK?e$?4 z^pdp#wz!qGaD!_4I4xQ((^ctA*z>0+3|8*qz^p~|$k&sY#Jj?^DELVi{JHOu(c({I z|0*>U15lbr#tesO2QUJj5Kz2aT22asOMaRma;JBB_}_IuZ;-@CoZ8F({2g*<1kfb^ z_gw#v2S@t{2OIgnj^w=mUorylteI6}09X5>POl|NZl4oX8|I;FerfLQ@q+R^?}+Wr zr%4-Q3vKnYEw-=YH^P>>Uq0d2itW4&quP3TT`V!ni@B<&qo6h$&1vZCR#y5I{dUep98ef_EA=eo^+Sq&HAq4nJx62Hg;Z&stLc{(s4Wf1~$r@hW$zI)AInj>6yi zR?_yDO4jM?t;{+UrhcVrK3Q#$ZDr-XS+ffURHZwhXrLU?%&ww2{2%&9sY69qN;mbc zO5a>FMP^g8U)@Ef`^QkK;vKsEFW$uK&j0KZRTELS_Wg7dokoeJ(%FQ|Hi%>WslEJH z)@5^C05qQej}Ob||Bd`#ODfraE*S?HHi=)12B4zPAFT>teYXJSLfhy7TIm3)hHRq* z*rX+-_VQo<*j)+GB>#^Nj$He{)6>oU|5}m|??0%i1+O8)!LlJhLh%IBnJEgl1VicK zlcQXRX#jN@;}i>TW!kdIuxi>GLv|y}bN=l{*5RKo#8dmw{;VtimH;wE6lh}1x+#nw z5ZH?01nq#WJO>x*Dke_;n;{)I#iOD=%#^pWyy`+a1zJ6|d)*Q7wCqqQamyI^Y7tVWb1{j_trNg}=<(VVpRbw^{Ey5(56Kljg%5%K@ z8l1(UH4SQ+71Q9E2%X37{L8O}r$3%G9V3dQ%Q=c*I0G=R*Ihz(6UI6sko#+Y8m z(M$|sUa4{)ryA>*rpFnh^6v1BQv2h(8irf+j|@`;U@E9{yS^il(ac@)CT21wPT(ek z#%+%Ur8OuhuQ(r<+^?iPFdN;2SN;`x$&Qmj}A8PKi87P zmVF0t3{afXSwe7}ikN)T`{|J8?66u;ixo3~QPj82R(@n4GvgSieK2U9A0|mO%L{y| zn{@@LdjIngUk(Ro*#9R7rTFhBdz<$^>q%n&za=o_a3umvI(uL(x4hhyHWL381t|zJ zmXe7G$~?jmVmkmbRaFRZtWf%31}9PT0|Z6X0DVX)yicOO<+5SVYX2f;88zGvg9K3( zAe;fi%?IQVP0;E6Ddw9R}=H#~PSOxT!o+ltDAk1E=^t?mP6H`sREaQr|~ z$Cgx?7PWs1Q}hI9;OyoS+>)##&!oIWn`XWv6#tV8&PezPKFd-f_$}?$uW%7Og&^;h2!eZu~};X|qo$nV@uxG6vqE zl;WV<6isBAmV$cs9gN|FEw#I~7j%)>FYiza5<>Yp%+bqEu4cu5yAj`*&>)@N+LU$VO z)cfSF&FXi}-j+7!`?aOY^FNMpx+Dc)!}b$oJov^oE;BU#sHu(&@nO>EjJ z1Efl?QK1)%QSdkjU;>9Y!YP&*#5zVJ`k-4@)Nr1jN;};NiPg7I2e)c_o-QdJUw#d4 zAY}+dn5D86m?WI@q{MTPSgWBFRk*b)ZNxpz&^f1>Dblqe6OKoOPE@ch1`5Yf?KKjj z!a)0GwVUTy?E%Gz!c;`nN;$OrM+6ec*b|{46Bm65g>7^oxzvu6hraZJ>urak5VQH3 z2oWEA6bBfwfv9I7bu@(5wK#zk!*IBSHdRgSS|#xVSx&36rdF*65e^>5Bx7g^4HuQQ zYMYUWE}>OkO;vlh=mE17QE;8`HVN(0O1>wEDmy)&gDv zMNy+<-{-&Dq4E9ARWof|41|~oGWss1(e(-6znUBAVw-8HW&o*>FN!;S;gwP=WBn3Qg%n2xT}t(a2MbuBjZ z9oV~8GWF^n7OZ8V(n6hTRk1n1e=4cO{}s%C`3uMS>)`+Ud#4BG`~QQD|BtmKL!~Dp z9`k8ek6u^-u7HzzkXmFIRQ5HqQKlQ7>)Bqs)s)y%e16{(pX?Lw|1;wxa0=6{f z6F=DRUQl7++vNURWmRvK3@gkcRmU~tP5XTr5K7K@#;ts0oZMGxRNKAc!(?@NC@?RX~LXt69&SkJ_2*AHTVi{T+tD z?Ux+p%MAa8gcW>W|Gg`#tH_;Om$)lLEf2Xu%y(ycuZgnn6A|*5C7?gu=UYgV*ausKTNEM4&>)Z4SJ4&MeB2p7!6icU0SrWFQL`(x z&&p-rMuY|^EG7&~Mv7R9!ogrrHu5*dPn5mYB^!vOFb>b6WDKve2{>*bOgs8fic~e$ zw!wNqvuEr%r8Wf)dH#K373nurK~W&*sX<1FJ*E3F&{gWCtRs!6pYPPqPSbs3R{PEz z{|-i!On!uusJfH6xXH(|V%r$Ks+pqPC4rVz{gh^?UwYwRFTExxg&d0ClQ%d>+dZ^3 zUqmQoBd-?OOMSf;svkTrBShc`U*ryTv*<*NP`~=#v)IDT(_+&Ih-IPihi<-8EaFOP z>IR|{St=%-)U8n^8be5pLUI3-XMWv@Y#j?90 zBtq0MBIr1{i6}q!keZ~ND?DHk^73o_IIbc?Bc%!m45l3)!+Z9e6Rc$-{Fi7B)ZZ>; z(4RPu7?V&p_={L5efKq&cWD_IC}pzqx*; ziOR(X6GN;Q$b`f=C0uX~q%rmXlOc)`vt@Ew%zq=Gle(7@QcM}4I)E`8-tY`%r09WI z+7Q);uU;5uhK%u%al;Xn9=Pka9hBAAS4({^e}^YWAqpBW%?0Mz1)vxSSt75CB%FDI z9M6P9IShPIP&m+!)5HbuBSMK-68eHG%rCb9q$G>W&oK#=yUG^P+j)<6ZC-IX${(W< z3RE6Ni<}y{5q9{-DwZg7<_nl_GRsY=#=d79ON$L=bc9eaf-*iC@3ZPEKR?9ismNB^ z$;BMmzJyf%A|llb3xu8=RBcCtQenxZYtoeEKa4PnLbvl3*fL)+*06ZE`J2~#yM-uD zF^rhn5j)@sM-hM#BkC;x2q+50g^k?o;;(KDJ{*c-swKtg{8C-n%ug_P34G$yKkvhT&-)VNt$z!pVNuR_ zp}#7{Vcu=yy?*iIGieZY`<>K?xelaOmzWQ(tz&9+@+@f`wS`zdUM|bF6_GC-O{6YX zg13%J(os6<+4zvaIMjI>CnV2ZH79LwT)9x^$*7$Odn$?!8na6kCKgX6;v!r0&jp2JpI4c(Uw z^?5TTe;C!xI?ohdRA(p4Z(%Uy~<*usy?)rF(&v1z&&RhbC6~K6o zGg~1~<~p#|fUeKulDiuJmEP0MjRPC--@(CwWB+rocYL_<|FD)MkI|)!Tj z0HLRR8P8!svH{}61GNjcXbWpZ&UDKQzlr;b_O}hh>RJe1ktgtkq-fKxxl|`!wdkAH-GU)YVX_0o%6wRfR-aERC+9!oAA% zNnIt>QUV;k*#g(;z3#HKNs_Afm1k)RgYg8#=^MUnvDN=Bvi0*5rJrP~mH)!q#^N?$ z4f22Q_;k;;|2jF{_~R!V|FS=4(qwX~b5O8aRva3Ef`F@96wmHcQs(I`+fe3}Ue?=mfhY=rgtzIpVf%D161DTs&+Qhm2LH)7 z&P#X#+VK8!|M0Z*{`2@~qyJk=QvRRBR4?t)FZW^D4ejYt%SU;p-M)BBNaAP)_VeHr z=!0+o)yhGK-WQc&ZTz@W4Y7$R)laKIk~J7ow(I7vz>R8B+}sK$s;?e=m_Jd-L86GP z)87U!Gz9~#@2QV~rdOw-AJ#+n(^q*URn^P@-1EgMA1Y%8Ld5VxEDgS&2z`_@FKpa( zCAwtaHICXi8X zK}1DGB@{6dO_2Z-B2Z4*YTmNRE4Wv)@twJ0T(Y-S6dcnK-;IU?j5i17TEk2zAT^^? z?(J~OWPeivav~dg^T}EmeoV)v1&=g(#kW7EDNgHYZmx5S7xh=LwNDo7=Rjock&Zb|d1 zx&R_Sr4cKd`&mR@6To7KK*nTtFt?BcYgNvqVFZC6p$^S06tGSAgJEnZs3c- z14>&dC)8&g_C3S5t>3@@m63ScOSvG><26Lov71J0_p7k{5|Bf`@B{cA;5gl`>G}2W z*SzySXzM3C*Ik%?#Vb&5PJW58xCNBXMNf$JxuOq?N*PU@f9RJWT+A^pNf+>D zB$O6p2U5JFX+PdoS|tJBg)&)h6AQc4li5w5Q%7HJCSo!nWAS;IUDN(q@y?lJ0|3w; z6X63e@1pp-oUPRJe$A+S3Hzwj>F)a}sNYI+E!*<8GFn;2-m>C4EWE+uumkca|GlwB zs7=-SUlk2x<@(>fgS{iy|NqJH=Kb$_Qpx|H=3cedUoBk#<^g4@4Zu_u)YAS-WjEER z`X|@sORwJwyD#CSCa_zs|SOdV(+lZ5eRi$O?SCvZ6WhdUDDO0u7jQ28_|zh$kHCT6)Uw<`*LRkf+~cyqPumi4w> zQol*pE@xpV!+{5ol@zo7Q?f&U5z6T{i^^y3+5yXpQW0RMM7XQc-U!PtH&x4j_2B15 z1XNoH1vJ@zA0D{!|Mc`|dp3Yca-)8g z))@A;?+CMNAk@jhM-cQAn2w#_VLCQTX4Gl+dm8=xy{}<&*&P^<@}CH*JgX%*idU{rTH*- zslL74Og@PvHs%d+(jM2fFivUj5!4w3n<)G@xr#iIV74-bu1JV3Z+v#Y7TTNK|waLMMyJ=uK;Qsk+r24b$4<@-Y~ zAi;OLo(Al)YtZ(Z4O)6%a~s&l`t_-NP2xH!f31nF*ZP|MT&lj;8rg1|UbEKA&8kix>P|yjI6~*fDn2~RpXv`S5Zdj}+SVm%XuB2XAk9cPZGJ*%@hi)CC@Qt#wH|O_$ zmOPuwHW@E5n(wOF=)+QE)(S75&Baz43~>)5cB|kNcqIHs=+y^f{{J)Sc#ModU+iah zZSk+-T=gQtER~r&j|aqK3cm2ZgA9}wj;zJw4nz3w!STa+1o6bDt@A-5-j}lOt_}*- zy~Iulg%5}`vq5Y|`7h71rDv;}_}14Wb!f{PRx3(>3R4_-ev(my#bcF7!6>MxrNeXsXT9DDcfH8{V! z?DA65Tr+GkJiohKhL4WMu@M1c873m?GVj_TV0iHOf3X23ejf$iiu3~NhZIjMt16F} z9Z_05H7&(hHJXK`iRU;5Yaig?7Dc*WH>cZ=|fc*LHESHvT>EMDQOYL3B{VbQ&;rd^+W`=I!~ zKo30?%TL~}mYu-3@AGfoyUV3fAu(NGU6>PKcBK%kzJ9D&^f%peF8iKXpx6b5u$aO3 zV%Y9tn6NQPJ@>`xz&j-o&*b_&nmWa6){1@9lLeV7=vzU$$%-SN`dWrwN@eg(7DaM3 z08Jj?fBRa}WO#g@2<5Yj({$q%sI5^wYG%#YE{!X` zzQHUYQ$%Mz4%O<&|1lr>7dZAWaDJNi^t9Bo(~3?`+Cki7HbgW=DdPC^rC3k9!MG}V zzEy)dc{Q&Ixk^Q?bJ&;)&wCBjv==0corBE!H=dV1vs8WmM~84p7l2LnUx)jy{nzp7 z>BjzRElK)+dVO}jEUPcRY&u>5$|B3R@sgHp!tZqf%D{-w{O*Fc%m(fJ{)_$4&FMcc zVqRK`zjvSG(J*hh%Pl2e5w+KoV$PmFEEFfB(J-vS4ZC)+VSo$mCjB$DoLY$q)Vl5{ z#gc4i>?HQt^V&FFjzAD)EJZ)y5P?TD10g}u7r(fy+yRg=ekhmE1N`1!UW_68FEn!o zL{v+8z5Uj=gk~YHC-TxFU9N$YWbvPnUDTJ7YVaS)QnVBR*y#Ujuk`-+;9z6_wU$)! z|9Q)&eJS2Q#R9U7_sbr?WFE)Wmr=sOQ-U@VP>CNL-(GUzR`~Q19}Qn#vIdv)wRZVw zR5!Q7Pf2fEcb{elR^`k~w9&WP>f*dh7q>#=`^0J%%jZ)j5qaybQo+(Ge4N4bKfzSZ z|4Xj?=N1J`=l|oAQ#bze;o*k=uO&&KXZU|#mL0IWd^+j`%Eedz2F!GWZwMKel;=6Y z8^m=v$lr0|%?YkO)t5$nnJ0W>1UsGaje?uN&(HpJsdI#v^;t z|2jE5-uQoAOEM(U@}QsELEQkK5odn2Fi%;Zn+Q+-@+`Pcw%rNR$&sqXaWcyi(OX44 z|61TC%Y1(C_NykKdhqSx|FRzHf1)r~O23Z}+^WUb?jo#W*KV-cCxOk@k?QcDh<~*D z_-{uCr>_0a$?-=2x1OX}hYWYWBoiRDaykP*Rq8nmf%IZ;X9}cqce4gkrEK6Se|je5 zDH`tvJ>?wLV^5jq`Hh1VC1p{08RJw-pV$+8=UEVH({$C~)cNPEcGfzf)|X#{3z5YG zLgXUn6&00G#7Hzn0uu;dmbHFjtF5^F?+?Tct(R<%_W-qx-D_8A#bfnA8t`ZTBf;xIjG&BmQnIEG##j)nWkC!lI;lQiM;hum=Y|ALanvX4uaNgzK`A2 zze)T@=;_~%l|4xqF`2TzR2ZtN{w~pj-mbWwz=z1RO1Owf|s|SM4 zC>T(%(govM(V$IV7d+_t|EoiUPG6S^3agz7Hp4=@?B@pz8>gtn^nA(aaBhE}9|c70 z=t6S+R;RWP+m<-AVZVQ}n$WHuH9uw)*cSgSq6Tcjf2XDQ-~0OqoB020Ngn1IV zAa_D}bv1o{aIbQ@YNqPT1a+UZ&7q#=cA%)1Z$BeCsv92-E0*%2Mg^ATB&JDJ4mq>6 z=uNQPJ2HHYrZ|4^#IUJDcX>HAPk}j4i-ZFO8!zrp`&NrEf>pr(3R4}bL1>5BF9V$bo|CtvUF9{J?i zyFKsG#jFE`{_S~A6uS9Nrw2V%wZ{jYX^H2De5^X16?CaGtjhh7yV$Csp_RS$sfXPg z)V&haoiEf@u)A_;bb;7bBOFc3Cb0CvPh!3zVX7Er2uNJ`-`@cllRq&Op&%u+tuC}t zsj0i0knk=+0bm5+RD>>x|D1vm#1U^c#t}#ej#DivO6%SmxkOd!iCQ8m&ZhzFf{PCc z3Q`n;pH!irMGTdc$ml8krhPCs)OSx1{WmCy$ZUe*v>T=ljdIID_$AWrQkbGq7Tuwa zv@unX&Erd}C2?;cnvl3NX`v{#O2Yn1hTTZ|l^0kMG3S)Toe2ski5Demb28hc|EN3v z1&F4*6Bxq>ei#fEi38DS|Kpzj4)#wE_crIhbtG^6hb0^V6N(AN>1-Z@pOPQ))!zH? z=FH<*;DmZu|A~xK(B(A7=MTJ-d$o0}hoBth0W_Y^41`&G;Nq2kewQ%q$GLippZ{h? z`Za^5_kQVA_Fipoeh5+LjvWBQUo+-+lZQtZqN%R0)q&S2zKa>l5S6|A@{YaF^3Jew zZMP>NsE-P=M2Bggmsev;-YsnQWB=8J-z)Lo6h(-Vm%j{Q@R%j)*<(ZkF{j-yV3Yp; z;KcF&aBy&Xyz&3LmL%4)caE250WMb3z}rYyQ}EiVRu2_r!|F-)TVe(GcE8C%d>#Pl z($dKuT#PYzEvf+8VS(;YEu{1g!7{b~{)O7ul3wLH)!QhKjlF4CQUaku$Fcw193TPX1%xK@}+Q)&rLABia z)NJ<`gYA`*+zLszsdRpHMWyA2@GikvkzR+V&&wuFpDFbY`hXVxRJh z*e@$Jp8pu%PFb`_9GIr}ABV?f|1T#S|1WDvGTgnI<7FTDbiMPP@`}={KiK6XV8wlw zzdf7xKh^#mhqpUDbakh-ynh`|Xk|I=`2Ex4*v;pkD)sr@7&OjD?Oc4B4>*9ulRh;# z?=Y{A@ELBt7+Y%FtG4udj|H34f49?rG0V$4?yuwsQHc4?sbT%85&zqsBi_z)0n~i| zZc_`-Q4{w zc=t1%>+Z)tJ0IEQPZbE;oZ~*7R674nh0uHX3y$$ZPXCS6aQ@rhE5(00J~`f;|JIVE z|1U%z)Z0=Z=O5@m-g14YZwkdQ<3M;nMxd{_LtnpMHRVi%hZNG;yk|&B&Va8*&PbXM zidKQ*IEY8Z`wrP9^TETG{7q)yqRTos)E49eQ&H{(nc!5H27NV1_EU?k2_O5=u0hPl z^%T)3ic{oJXEkY6l?&Yg=*#c@lG7}swe2~~g*WLlOO^azL5)T3{dH>M|HozjFUNZu z|1WDvR+J{r_GcOo3iku*@xOrA0f|$HV=zY11RzRtw*yKLV1C-pU=+8zI1hfL(vXJF$eVlp%ev?DLKvx>IA+YB9K7FPxvVT{gnI& zCsBVvNu$?&9}IG7(VA}+^c%%oFfxZ|~{`VBol#kVqXYbzf zj{WuS`l@f%S1^6))h5oRc1i#nlPCSBI6!eBEbCVNEoeNa53)Hyi1qx$DtyoqQIO7Wi0*Y7`r5u;2 z)i`hp@2oKD8@yXMVUZ7U-{|K{`>DNDwRrp)X zIvouf@&BnC|KV`|bQAw!EvbpMRW1OF*QukvxDoMOo#61p4%iwpgCXi7wXbJ*J0&f= zzSGIMz>r0|e7Oq!@{5$*rIhbv-fCHmEm&ef%D{PDYPO;KQlp(N`@6BbRr#!<++?9K zYgdKjqK))b)?4vjNp{_stIZkVvrY~CKSWa;psozxNlpC!@Zh*)|9iCI|7%H2{J&TL z-5I_tTg~%}x_#a!%+ktRlKjbg|7J-9nXiL9u-aO+NJtQ6n58HVP&Ywf7F?M98|Hl*ffNruVk{&(g69i5Ce}BL1|LNpt!~fTj8ujSq1<+j(IF(dO z1W#+t_&>>_NM6x)JqCE`S~>rBTJ0tS+`Jt~w}2o_ad! zgjD&i;-lQ`7popB&tw}NQUAuMNhyfL%;gFqHWru8Rq7#e=iJ|DfL4>5_&=d@Dt(O9 z!2b^p4jufze|oa<|FNFb$p6&>sAT;5-^OP)4GLC2DE=};#8x^^+;)K{?QzSU7{ z%pJ5EDQtA3pN~~avnrp}UTJLLjl4P+XxM{bLJes3dy${ZM%$y8Cb0HhzUq+a%f*<4x@Y*Rk8}9*s(SBNLV@j20J9-L z{kg3)of03knawgv(1T}!1U3!47(q5wF z>cs!&JO(z}e;m8#zfJtdb)|0ne=V&4vt;`VvHYd8`wgq#B$>ML|M?z(HsgPn{~sRh zZ{okLC3WQg3q1gx);$2NZfGTdx6#1=_l^&p_n-R*C#M_yzn1hTa0Am6(O5VSkt+Z^jZqAS8ID5EM-v!4!Ux0# zy+27WFDy&s#V#A8C;|@=8A|6JIDXgx6h$z_Qv?#2j*Z`89QOVMV)P)H%nRuu5rvW? z{~y}}`EHQJq9i8?B#43t$7s+Syt(`3E+rK8{shjY8?N`~cOb-+^#%_(eJTD|lHVH) z|4Cnp|J6T?A71kR(SNdO{IaM>K7va1}J6-><{*Py&Fj31f__wUQd1?^p$n- zct1wqo@PjR;$h%M?uZ?L(?2sng!6dm=;zPU%MQiEEG3kw>QD%NAoTH7MRomio=B0}LZTQ9>9_37zeL0H!b^4}efr z@gS!jMvQ<7d_*9jcnVX0=qCUsB$V;OIU`Mp=y8c!F$94cf}M(*1g951vaK;1^eXc6 z2^x_oB2Qd01dt&HAVoVM%#fl4QxL;6<3IBLR8*u*eIWyXF52a!{8_9R^dX6GfO&@! zO2&AIQxv|csB9O!&f+io6t4?Ux5fc!07)@X@-RROEw_%q1U@2DGpGt$CqUlCwn2f9Fid8ZS4Tn)W84r zzf_KY|LcEmYZuZm2GmL!RJ9EQP7uf`Zn!`Sj>Mr07E`!XZ%nFiydXU>h9l?Vo~okYf1eH8>|U zAyf|f*>DG(MG?5=SsA!R4AChH2fcs)>wi^@(ZB!ozxe<_kWv_;38asFsrV}&^m@C? zOub&M2)ajf!sG;N2?WN7qTviYaMsVjjAUX~>z6OhUcPFd#yA-BEdc^DK}@*)yG5PLgO=Fl&nbkzp#? zQZL9TXWY?@w~5582>*qM1r!g?PalalR0cgo_I` zEc|SP`BD`dK;Q}#+U4X#6dOoLMAq|->kbD4fMv>qD6#pOJU!~|4U;6oi1iraGnt}j zCd2@O!MJ`o>SbZ<3bFsDkj{GTs-Q@SmyknrReab%t+E z(M~>qoD1mj<1ENKKm#C`CZH%ld@Ref;n=LRm)9x6VJHY%NdB4Jb8;W?kqJmF*$)#c zzY*bFLao!DIrcL?KlUzxshC^7P~utj=E1QCQ|PLNID}bBI0gu~MC|1|Q#NNZ0lTb* z0czig{=g^#0*Lk0j50qz<}$*lD&OFOYltC-@k|K`;UjcrN;?W7@<0F?6)aswl_~Zl z11~h(mqRr(&K$6zGRQchrHJwMqS0+;_4pUT-?69yuZJA z1780K&TekrUY?)5etQAlp8c>R@~LzC8}P&R?SFyGJ8*M*{r>XJ#T#&a)jPZ5DCg`B zT;6dB|N89i@@}AtT;GE4E^aSg{|Me(-krZayL@*C&fdNSKb+m(o?YEvUfhARt2f~M z`s&T){pI!5-A?b~Z#TCWcX#0W7F@o&d3$;BW(QneoxlD5&E?g%;KdJ@_upNAe-GYX zzPr3X<7KwZ+OEIpy}P(Q|L*MS{_OST+speOcfdE7_gB2eZ?12_8MrySy}vyF{_WW< zxcUC}=KAhp2V7lW?OtAeb9;I9?Zvx`tNR^JRqy`t{_Vw}*V724ENFz7WlWuqwUr6fnMVr?pHAXp6HT$L|TBAwi7rdrH&Euz}#sdFZud`^=qYR<_N#e!lo zDum_`MdXPibKloq?=lw535SRp`_Di>)qT}`)1bOn#(_fjFS6=x?i9oYIZ-Lm_%I(W z7)3pKWTGg*2}X+e@_9TZ!gaIWO$HNw)$8pKz&%mOWX8v?3=PCj-`>0h?-i3j80-l- z8P7ljQ$#iQ7iTm6A(y<;t2Gmo0aMIjk(dx)ZJxTG_)_B|Sd{03HbF3EvTml1Fh%z? zqbv0yfa1tDM7d{X!I^l;2MT4xs>=F&1oPS~ng_r_sQI842-PM@x{M~7ux}Um6e@MV zftVG9`TV{DFW`1jS!~uP*)17qE}ySRSa=fWmE%c5INyvdYAE6eRbpX>G28|?W{9RrRDMYL3|^6#&)uNcJG57v2`mP^-q8SD5wW%8k-`>P zN|Y#70h|p!1*NZ%l>Ybj;_S`4i@_vZMH`Lx|0k#J{mDrThYYX4-?zTWqUZ`v(BH*}YrYql`TOpc zU4hKI3vOSZozGDjFQ%(d70*wSuIPq@Y>rxPNT_Q#mtN#mmi#Z{^9Vn@gNa>1{&Ufz zfTGl;mH(FK2w;T3Iiji50wbqJM4hY`AA|-j0+(@$=m-Y91pctQbt}(7vYZHe`1fA# zKLM{x0)gHC1b?@43C*{x{y#-P29Zzjcl04ZC}iN|P{a#@K`PFv;zW>+DS660^M7JY ba+5Y`lQ!uyO#goX00960fEe!O089)3&)c^G literal 0 HcmV?d00001 diff --git a/stable/znc/8.1.11/ix_values.yaml b/stable/znc/8.1.12/ix_values.yaml similarity index 82% rename from stable/znc/8.1.11/ix_values.yaml rename to stable/znc/8.1.12/ix_values.yaml index 712891090f..368d8c8c62 100644 --- a/stable/znc/8.1.11/ix_values.yaml +++ b/stable/znc/8.1.12/ix_values.yaml @@ -1,7 +1,7 @@ image: repository: ghcr.io/linuxserver/znc pullPolicy: IfNotPresent - tag: 1.8.2@sha256:ad8a2972fd32c2ffc4678e6b0f94ccb8e1340d03b0588a41d2ac8099412b7e79 + tag: 1.8.2@sha256:bd1bd2aa8741af7da6305b4e10d3fdaf6929329c7aded61aef6a7071b643b957 service: main: ports: diff --git a/stable/znc/8.1.11/questions.yaml b/stable/znc/8.1.12/questions.yaml similarity index 100% rename from stable/znc/8.1.11/questions.yaml rename to stable/znc/8.1.12/questions.yaml diff --git a/stable/znc/8.1.12/templates/NOTES.txt b/stable/znc/8.1.12/templates/NOTES.txt new file mode 100644 index 0000000000..efcb74cb77 --- /dev/null +++ b/stable/znc/8.1.12/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/stable/znc/8.1.12/templates/common.yaml b/stable/znc/8.1.12/templates/common.yaml new file mode 100644 index 0000000000..b51394e00a --- /dev/null +++ b/stable/znc/8.1.12/templates/common.yaml @@ -0,0 +1 @@ +{{ include "tc.v1.common.loader.all" . }} diff --git a/stable/znc/8.1.12/values.yaml b/stable/znc/8.1.12/values.yaml new file mode 100644 index 0000000000..e69de29bb2