From 10daafa5ecab8ed7c7f6f4a0f46c0af3b4bfa728 Mon Sep 17 00:00:00 2001 From: sonicaj Date: Tue, 4 Apr 2023 06:53:15 +0000 Subject: [PATCH] Update catalog information --- catalog.json | 40 +++ community/qbittorrent/1.0.0/Chart.lock | 6 + community/qbittorrent/1.0.0/Chart.yaml | 26 ++ community/qbittorrent/1.0.0/README.md | 7 + community/qbittorrent/1.0.0/app-readme.md | 7 + .../qbittorrent/1.0.0/charts/common-1.0.1.tgz | Bin 0 -> 53839 bytes .../qbittorrent/1.0.0/ci/basic-values.yaml | 17 ++ .../1.0.0/ci/extra-env-values.yaml | 20 ++ .../qbittorrent/1.0.0/ci/hostNet-values.yaml | 14 + community/qbittorrent/1.0.0/ix_values.yaml | 34 +++ community/qbittorrent/1.0.0/questions.yaml | 209 +++++++++++++ .../qbittorrent/1.0.0/templates/NOTES.txt | 1 + .../1.0.0/templates/_configuration.tpl | 11 + .../qbittorrent/1.0.0/templates/_portal.tpl | 12 + .../1.0.0/templates/_qbittorrent.tpl | 138 +++++++++ .../qbittorrent/1.0.0/templates/common.yaml | 10 + community/qbittorrent/item.yaml | 5 + community/vaultwarden/1.0.0/Chart.lock | 6 + community/vaultwarden/1.0.0/Chart.yaml | 24 ++ community/vaultwarden/1.0.0/README.md | 18 ++ community/vaultwarden/1.0.0/app-readme.md | 18 ++ .../vaultwarden/1.0.0/charts/common-1.0.1.tgz | Bin 0 -> 53833 bytes .../1.0.0/ci/additional-env-values.yaml | 17 ++ .../vaultwarden/1.0.0/ci/admin-values.yaml | 13 + .../vaultwarden/1.0.0/ci/basic-values.yaml | 10 + .../vaultwarden/1.0.0/ci/https-values.yaml | 100 ++++++ .../1.0.0/ci/other-user-values.yaml | 14 + .../1.0.0/ci/ws-disabled-values.yaml | 13 + community/vaultwarden/1.0.0/ix_values.yaml | 39 +++ community/vaultwarden/1.0.0/questions.yaml | 285 ++++++++++++++++++ .../vaultwarden/1.0.0/templates/NOTES.txt | 1 + .../1.0.0/templates/_configuration.tpl | 34 +++ .../vaultwarden/1.0.0/templates/_portal.tpl | 24 ++ .../vaultwarden/1.0.0/templates/_postgres.tpl | 48 +++ .../1.0.0/templates/_vaultwarden.tpl | 119 ++++++++ .../vaultwarden/1.0.0/templates/common.yaml | 11 + community/vaultwarden/item.yaml | 4 + 37 files changed, 1355 insertions(+) create mode 100644 community/qbittorrent/1.0.0/Chart.lock create mode 100644 community/qbittorrent/1.0.0/Chart.yaml create mode 100644 community/qbittorrent/1.0.0/README.md create mode 100644 community/qbittorrent/1.0.0/app-readme.md create mode 100644 community/qbittorrent/1.0.0/charts/common-1.0.1.tgz create mode 100644 community/qbittorrent/1.0.0/ci/basic-values.yaml create mode 100644 community/qbittorrent/1.0.0/ci/extra-env-values.yaml create mode 100644 community/qbittorrent/1.0.0/ci/hostNet-values.yaml create mode 100644 community/qbittorrent/1.0.0/ix_values.yaml create mode 100644 community/qbittorrent/1.0.0/questions.yaml create mode 100644 community/qbittorrent/1.0.0/templates/NOTES.txt create mode 100644 community/qbittorrent/1.0.0/templates/_configuration.tpl create mode 100644 community/qbittorrent/1.0.0/templates/_portal.tpl create mode 100644 community/qbittorrent/1.0.0/templates/_qbittorrent.tpl create mode 100644 community/qbittorrent/1.0.0/templates/common.yaml create mode 100644 community/qbittorrent/item.yaml create mode 100644 community/vaultwarden/1.0.0/Chart.lock create mode 100644 community/vaultwarden/1.0.0/Chart.yaml create mode 100644 community/vaultwarden/1.0.0/README.md create mode 100644 community/vaultwarden/1.0.0/app-readme.md create mode 100644 community/vaultwarden/1.0.0/charts/common-1.0.1.tgz create mode 100644 community/vaultwarden/1.0.0/ci/additional-env-values.yaml create mode 100644 community/vaultwarden/1.0.0/ci/admin-values.yaml create mode 100644 community/vaultwarden/1.0.0/ci/basic-values.yaml create mode 100644 community/vaultwarden/1.0.0/ci/https-values.yaml create mode 100644 community/vaultwarden/1.0.0/ci/other-user-values.yaml create mode 100644 community/vaultwarden/1.0.0/ci/ws-disabled-values.yaml create mode 100644 community/vaultwarden/1.0.0/ix_values.yaml create mode 100644 community/vaultwarden/1.0.0/questions.yaml create mode 100644 community/vaultwarden/1.0.0/templates/NOTES.txt create mode 100644 community/vaultwarden/1.0.0/templates/_configuration.tpl create mode 100644 community/vaultwarden/1.0.0/templates/_portal.tpl create mode 100644 community/vaultwarden/1.0.0/templates/_postgres.tpl create mode 100644 community/vaultwarden/1.0.0/templates/_vaultwarden.tpl create mode 100644 community/vaultwarden/1.0.0/templates/common.yaml create mode 100644 community/vaultwarden/item.yaml diff --git a/catalog.json b/catalog.json index 2b3dbbbedf..542b95d6b0 100644 --- a/catalog.json +++ b/catalog.json @@ -287,6 +287,26 @@ "test": {}, "enterprise": {}, "community": { + "vaultwarden": { + "app_readme": "

Vaultwarden

\n

Vaultwarden Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients

\n
\n

During the installation process, a container will be launched with root privileges. This is required\nin order to apply the correct permissions to the Vaultwarden data directory. Afterward, the Vaultwarden container\nwill run as a non-root user (default 568).\nSame applies to the postgres container. This will run afterwards as a non-root user (999).\nOn each upgrade, a container will be launched with root privileges in order to apply the correct\npermissions to the postgres backups directory. Container that performs the backup will run as a non-root user (999) afterwards.\nKeep in mind the permissions on the backup directory will be changed to 999:999 on every update.\nBut will only be changed once for the Vaultwarden and postgres data directories.

\n
\n

While the option to use Rocket for TLS is there, it is not\nrecommended.\nInstead, use a reverse proxy to handle TLS termination.

\n

Using HTTPS is required for the most of the features to work (correctly).

", + "categories": [ + "password", + "manager" + ], + "description": "Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients.", + "healthy": true, + "healthy_error": null, + "location": "/__w/charts/charts/community/vaultwarden", + "latest_version": "1.0.0", + "latest_app_version": "1.27.0", + "latest_human_version": "1.27.0_1.0.0", + "last_update": null, + "name": "vaultwarden", + "recommended": false, + "title": "Vaultwarden", + "icon": "https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/src/static/images/vaultwarden-icon.png", + "icon_url": null + }, "ipfs": { "app_readme": "

IPFS

\n

Interplanetary Filesystem - the Web3 standard for content-addressing, interoperable with HTTP

\n
\n

When application is installed, a container will be launched with root privileges.\nThis is required in order to apply the correct permissions to the ipfs directories.\nAfterward, the ipfs container will run as a non-root user (Default: 568).

\n
", "categories": [ @@ -307,6 +327,26 @@ "title": "IPFS", "icon_url": "https://avatars.githubusercontent.com/u/10536621" }, + "qbittorrent": { + "app_readme": "

qBittorrent

\n

The qBittorrent project aims to provide an open-source software alternative to \u00b5Torrent.

\n
\n

When application is installed, a container will be launched with root privileges.\nThis is required in order to apply the correct permissions to the qBittorrent directories.\nAfterward, the qBittorrent container will run as a non-root user (Default: 568).

\n
", + "categories": [ + "media", + "torrent", + "download" + ], + "description": "The qBittorrent project aims to provide an open-source software alternative to \u00b5Torrent.", + "healthy": true, + "healthy_error": null, + "location": "/__w/charts/charts/community/qbittorrent", + "latest_version": "1.0.0", + "latest_app_version": "4.5.2", + "latest_human_version": "4.5.2_1.0.0", + "last_update": null, + "name": "qbittorrent", + "recommended": false, + "title": "qBittorrent", + "icon_url": "https://upload.wikimedia.org/wikipedia/commons/9/9e/Qbittorrent_logo.png" + }, "chia": { "app_readme": "

Chia

\n

This container runs as root user.

\n

When a port is set to < 9000. Host Networking is enabled automatically.

\n
\n

Also NodePort services turn to ClusterIP services, to avoid attempts to bind ports twice.

\n
\n

Key file is stored in /plots/keyfile and is generated automatically, only if the file does not exist.\nIf you want to use your own keyfile, you can create a file called keyfile in the /plots directory and it will be used instead.

\n
\n

When set on harvester mode keys variable is set to none and no generation is performed.

\n
", "categories": [ diff --git a/community/qbittorrent/1.0.0/Chart.lock b/community/qbittorrent/1.0.0/Chart.lock new file mode 100644 index 0000000000..ad10850747 --- /dev/null +++ b/community/qbittorrent/1.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.1 +digest: sha256:ec8784f128039af68613a8268208bde360d5b178f811c4a16c79a1650ca8be92 +generated: "2023-04-03T17:54:32.688255209+03:00" diff --git a/community/qbittorrent/1.0.0/Chart.yaml b/community/qbittorrent/1.0.0/Chart.yaml new file mode 100644 index 0000000000..359cf235e4 --- /dev/null +++ b/community/qbittorrent/1.0.0/Chart.yaml @@ -0,0 +1,26 @@ +name: qbittorrent +description: The qBittorrent project aims to provide an open-source software alternative to µTorrent. +annotations: + title: qBittorrent +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '4.5.2' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.1 +home: https://www.qbittorrent.org/ +icon: https://upload.wikimedia.org/wikipedia/commons/9/9e/Qbittorrent_logo.png +sources: +- https://github.com/onedr0p/containers/tree/main/apps/qbittorrent +- https://github.com/truenas/charts/tree/master/community/qbittorrent +- https://www.qbittorrent.org/ +keywords: +- media +- torrent +- download diff --git a/community/qbittorrent/1.0.0/README.md b/community/qbittorrent/1.0.0/README.md new file mode 100644 index 0000000000..a5cbcbd098 --- /dev/null +++ b/community/qbittorrent/1.0.0/README.md @@ -0,0 +1,7 @@ +# qBittorrent + +The [qBittorrent](https://www.qbittorrent.org/) project aims to provide an open-source software alternative to µTorrent. + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the qBittorrent directories. +> Afterward, the `qBittorrent` container will run as a **non**-root user (Default: `568`). diff --git a/community/qbittorrent/1.0.0/app-readme.md b/community/qbittorrent/1.0.0/app-readme.md new file mode 100644 index 0000000000..a5cbcbd098 --- /dev/null +++ b/community/qbittorrent/1.0.0/app-readme.md @@ -0,0 +1,7 @@ +# qBittorrent + +The [qBittorrent](https://www.qbittorrent.org/) project aims to provide an open-source software alternative to µTorrent. + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the qBittorrent directories. +> Afterward, the `qBittorrent` container will run as a **non**-root user (Default: `568`). diff --git a/community/qbittorrent/1.0.0/charts/common-1.0.1.tgz b/community/qbittorrent/1.0.0/charts/common-1.0.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..60818764b0ddafdbe8c741c2d9d51988b2a7f1d1 GIT binary patch literal 53839 zcmV))K#IQ~iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvFbK5x5IF9e%eibOLr^cF(Ez9z?JGy znMugTue<9USZpj|PLoezr;{0GX57^f#-Hr#+&R{q@E zh)@ycaYoqhQ;>+NA*~8VI0y0nAG{ik;xL8@cmxSd@a4t?#wmeuit^%QV+W*gf=&R* zrznNR1_0AMIRRrrvf^ZS_xk#}FFy4{JlWmgrTGHhAU7F0k*#jbBw~C0L4R-KYY*}_ z{D}QOgUJ*XcSHah_W$v4@4(*w$HVphU&-@Vu(JcUA{-XGub-Sge(|I~iFzBC3BG^{ zB?t+;KuK`|KHqKtpc4!JW)i0_afHrrPENqjgTY{9!w+!;ljH)1SC7#MP7}h2O_t*e z^oDI*y2&>HC{R9&Lv)s7f+&dc19u4eO?fh%8zK0k( zyn6iV1iXMZ7YG!1g2*^dF9Avl^mo;EJVAKMkpUoyXDCI5_ys_m#w3QxW0b&~a}?q< zDo()OKzz+m9^=S;PdH5V;ZVFE!8n=b=*>7s#TX}1`K6eKAu0;(%O3lZBN)Zs20}yj zh3*tG%@#uEumYQ5B{oNcn(?VvW$^@FB8p#*GF-$2=Qk%H2qKTkj~7_jC5$fxOP@e-%6F(#bv zmapFyC@-tBS5I?1&9rw2Mz7N3hSvTqPEc`E5H!)?z$C%fXL&q}6Lg856d_C?mk&lT zDR`Moevb6F1qwqv$2b?~CP6r%E{N>2*n|SeP4AV;_=j0U|s26cDfg~JrM5kGnpb1I|OjwOVHCo&h zAxZe}iV4h7fv0)Mkxt@CEJ;zAO;5nVU@(}lpA$4;E9Y-dW44w)PElbL-LncF4qnib zFaLP<_}S@)N2h1!yzma4lPYX79KFhvB#2UYk)U%qwmtuknHk9ly+L1AW5#2{$SO@+J{)LhdPY@s&yve8N<>@&%e{}l%3H$tJ z4AU!cgQr|xP74B)gfgwqpFy8%Xs0Cy?lV~(+}?uIEbDJj=;5>=cya=Q&z}Lo{{trp z*zEtoL_2VMOS`Q~&>tg=iH_W398TF%rtsN2;|;@#jN<~pECV4-!36>%JWV42i4xQ4 zNc7`RoER`ky)VH3I=y6cFc;JLY{dH-Qvl#%dI{oG!QTd1f?$CFB>(`XATEk2(i{3u zoI|rAF&UJr{}-nSObZkNG(-8#^%&)df=%L(F6)gq|9b-7zIkL!A6?D~hLOG}#i95I^oS0J~bB#cU=dBR?UiyIJe8u)ino){vK zc*z#|86@Kqu*<>A(lEb7GEba`A8O(QS1C5A~Np@#QkV)3q zeuQSlcyebbL}<2Kj3>2d@P+g&{SOKWiohtx6HYO}B#xp4UBeu0{1s3>%=TxFMkuFi z3eY9L5r2B}iJ&}%$+MK8d;~)zXznx@y!hSwyKaM$-J+9*9-*AXqd0`5BY=P4WGa!< z_bd}6&!$Ooj=~&~qLePnmrkXSb$S9bR$Be?&<v!n z7cg|;g)l+REOEHrPfp)hF>UzEy4p*ByHC&FmZhJby_K-p_SvBP04A*F*VcvqjE}JY z5H!gWx~q0!mVFpa(~!v+yB{(t0Tl%oII_izLk;$y{XN_MI~*MCAFu5{t9U+t-u(%@ zMr4|&1rxKBpsfV()9&r<2CMoACJ7hXtE>;RtgnFyz*ZE81O#uNJr1bq1%jvQFUmaw5Kw%A9=N^TU?yI$#kB;O^iDXg zrKAkD1Oq;iZ+aU{|9$)HF%`H&rpy`rAb8^`E%CIjgy`%J~2$;a5qlMB)`{i%d=;~a}8#R~4 zsxdDvX zvbdgK8ZAt-g|bFS!-Zy%*c&pFgvVxO7@P)aDkD@`qRKd=S%V(^{_0;Z zne}WkfoY@+elWi*q~T;I6n}gX6;U|GAYc|Es-xrU6y?P@&L|gM(1juj%u46K`1wyJtkK#|17HCq)24pt8EJr)j>@tTD0{_7mloDRR@M@Ydx)(tL zFJOU|k{$(qN_0%&go=sf`+%#|FU|KmVU8mDmE&^;$v6PPuKfIgzYaj4xLW{(<+QI} zaWRy(Xo#VVwc-)$qdtDS<*1dCsVpE>e^z-bM<1tgjv@;hFCs^uj=9kW?Gs8#43lD` z?3aNXdqFTL2+k3!%?oaWnEY6<7YfTC3y`t;3R!!6v=a*h=hx~jHxcVNO6YCGXf=tN z@R~|#IJJdfUukVnPac#wg5XRdv;(;Hh7WXH09hsg{jzpX2da%NMMV3lq2sP44MO~h zneT#2j*I(l0n)e_&r8hf^Q}$CHzF}JVT*4TEeAs4rlfj zKp`|(V8!`w9#0^Z{EWAjTxpz>szP2Fkw2QG`18*{+aH9)Xnkpv5P2y>sui-0A=_#a zE*%F|qtA==!)ywK6fYks{d&vuk9rl9&VI}BL~n3M5P{cdWa0tD@fZcIt$Ga_b8)cx zV|qB$%^xT&*q=~n4uKGpEqr!BF?L?YIE2X<7v%p3A`FTIp$rV^-zf^L368(NZdu+I_q|h8j(B7d6s8l; zZz=lu=bwe8=;xn*?tw2LjZ?}9!4VKFW|NQ8uZ$A^17A=|%1>=}M2UC=#<2J&x^ake z5EpN`3=^2DyH&8S${EVL)AR#2S00-H`&;5fKkfb`&qXND$ z#UIIxhs=vcHq|A^^$=T&&{{;cv?lSVEw$C&{r>9w&8m`6svJQ=l?b7e;gJsK z@vpZ^Lko=B+2x05I?2G!PIN&>;DL_O>*u#%XNNgy&~edZybS`$mOcy>ks6b(+4S(?b7NdJ|Qh5#WoU1AX~lFeX(xGsCGtah^lglt7kTmJ?0!n^Dd`mF3#8|Aq-Hiro*TFUt~!U-2}Y z{|^uLEc@@?(ZSK${=1TgvlThnfVs&o%5d1y>8q8a_)U&6c|<-1U=sxR;y)-Pk0F5p z*eri={vryVfHz|V=nqEusZu8R0lQ7s-ze)*;=*Yet&(c2qg=q+Ef!jc|LrYi+;5>} zwHMwBRAAyI>0h2A4P40?G3|JMQ;Y^;Rx;d7eO0T|n_gX9(B|i2w zf$soR9Pw}JOQvS5^kNGRnC1(<(ous(yV@^n{2T?pVGwU`H{^PxuSk}FE$PLsja%HMF4^nU4w+~Ms+6fr{VYZQ_25xoc;%2bin-^ z`Tya;;n3#)dq;yc|6j$!xqOb(f8dKwxIbSvE8+dDDF4m*FIOAbwGV;;r(~?I=wMrZ zEc?(2H`Z*(mDE>WGm%aI0h2glq*D!K-Qd~W{sNM4yj${o-upGjUvvC#j^h`?20!2a zIL}a6hj8U)aij(Ml*Fwx6_-1ud|GY_ak5acIV_WM)ziTi>ae8@M=NTn5JoN8T+JA5+>y*g4~K3|FG%f})9I$rG-v-Y}BXR~FI7W{$H zfrVz1_DDx^U?1sxZAtxZo+|w>QeI)ptAI`V-_hZ|t^XYl*7v_w@-RKGbOG!_1uU1& zH>L%a-E64{>OEP#E?Bm{q&f(*tSGfX&EIpa5Uv%%d#(_co1{CPQ0gEYWftt`xgn(2 z(`it+U$O`ftF(&Q?{wmYTY974<%; zr+1^8enqv^tCF@_tKyZeg|1oyb$kl%MEvO)fTK65Ob)BB^t@WX`KD5?{mRXW(eQ2!@fj@;l^k;jj z^uLsc_dX>AhT{oJ$zv)z$8_z?trs@l|JXmW;{ObX`$ud2Zxs*I^+YUpP|h|er@ITy zux2%V-CH8HJ+Hqx(pa_4ZIVVH{B8)Z&;OQHW62%cDY&&$a97t(uKrf^!!+)PX*lY~ zxKvYLR%5e_`ntS;ZAnu1S3B)Uuv^J^tU&LS`^Z{KVoQAi#m6Zo=+7r&RPlcnPrM@o zaO3@tft~;F@L+#$&Hq>N@Hhp(o<8b=&C^Bmb@@44wzX_qmT1GBW!aGDt@&3Rp%d`0 zF(PAOU#0~>T*w08I*t&)IY=?-v)nTY642S7Hr!&$x+IFoUuLOR%$*PXU2$=S2%M5J z&g1{G5$aRMuJiNHp8?a^^BWL|EI+Stf&vime+-&ijwWqwPIe!USV*KAfE-Mbu`~uO z@*3}d|21MMW%@7WXNOy?4dQEq_=*G*P8%96;%x7+vfWrwhTU%PU*j~2(@U|>)vxt- zUvKyIb~m;=PLPPe1G89!Xsg_J8vrcLR~xpMl0DjyAT#|?hqS0&>jK#h+x>H?d6iF< z{wH!&b)o?_=zj-;!#(@{$6&C(*8f)VFjY^)DCVRVD)@p%enKpW0S(-;- zqs3UR6z97?AdvjtN|%#E*s(K`2=w+wq$CPnW$@z^1y({J^wD4ztdl`lW_SzCShpI? z2OzkbUZ6Zh1ToQ(Bt~d<7U{OC1uL`O9IZq+yh1rQOMq!lkExr?I%l!j&PD|F+po#pWi5_E-b{FN7>O{`+yCOqEuYa2D@fT2Lea+1gC zj@_@-%|0r-;CsvJ7lA*llt3>K3 zI+Gw4upNOQgh@ihvp_7IKuCF7R*(|M9i8jSAOu5n5L$#2*-oH&j6EK_YJ z!#OD=Alii4=XeC@GJt7RrbWHLI0=l==vlwa@?2iBYivFw?Nwth^(Ddp#)Tl3?!o}DxJF5$?_t_i9UW8mt{HxhviE_GEM1$% z9_2|H6fBB&jgrn5?Y+{*YyH*l@E(R@dkfyhSX&RiW9xx^rK>`Dt{|$_U6XnT1ujpt zXzgy!eOj6$U*ZTcO1lWssjA#L&c@*-yK{SQ_@at zyp)5rm7_ub7w5gpnE@K_e;nBUpT~!Tb^Py@Jcj-+X1hZ>K()WXN)H5$wcKzpXqRnw zKxo#Q$E=`+=+1M0oEr_^D;an#Q~n8L$`V*SwADscF} zFrn>!KU{htY#d{5MphATK{}=&zpJzmrn~ zJ`}Ws_)`Nx#Cd}4zCwqLy{G@`(4uLE=+skQb!pnxWIx1sTZV60QP+`2FiyZ$md7a> zfj}i;1v_+g#W_ydA@m>ONCLe3p?DACl>bZem`{Ns^K=rt_1G~_Tqq79?2!@_Um$9r zB&K4tde!z^uZ7VV1-W>wb=i|yU+){!sHXpyh#72O!}M~=W8en*zkhsWpZ^{o9Ix;H zt>iKC6hFt;s37d@;rIA*O#kL*7qBSe%ardNEbyBn_!_d#}ti0!aeI3rN zN8TxaIKxpBXK3HCPMHKhAYzaiUFU-~jxWan7=R$b*8v!CMcX*YO8Fs{JX1e;;G8|n zPnHWMKWnv5isdo%NS)Hhg-mSR@AsY4K-sWyET&GaI3&W{mniKoPm&cJ7ZQQFIt<3S z4p4wRO(V8)*{P@Kh6c|tZ&v{I9*J1#Im~f#&g2|!WVoi8<@h+Hxa@y0_{I*s~o>{jWV$86&pAWzm$rAIO+}iB$jsiY9@N~?YVql)#v%7hU z*7Os6-2+>4$YeuXW{I-7iX=9g6jqWkPPA&qbZ%rRIqZS0%NlHHkpRhS!~|*#`n^V3!fd?4 zp=ur^1cbIoF!!i9LEsvJs}x`JC8(spQI03ToCayBrW_+C0Da1mIE+bh!yuk3&pHso z6y#`xa^@b%wq6wHC?v_vHkAfgW)jxk1scOyjHfwW+EDEP3XiS{JS7$mN?zQ8MKPVA z0tC|nNs%$=S>2@%hrWSniD|(kpRq!%)G`(H z)1<%@eu}t;7BXf#!a0~s6B1{MtQ;eL`C%Kxbo`a^2&YIoDXL{YQ&G9ip->)wk#hKp ze0q`sjqUIublD)ofLL>gtG zptCY%vNE7j4ci1+j%Z)_g-p%IS;tX{L4S5{5BG88za+lc)$Uv|Igs;`g$2MS|Bs^s zJO1ZjFdVMszg0ZSSN)N8&yGnXOGtj&`ss`1v#`L|g#}NREYWIVw)1vkURkb69#pa( z%E`0G%nU*BIoI=b0WOYu1|56>uMjAvxzQPbKE(woEU#^3+EHz)i@^3vXY!QA z%*-l2*(%VN&klI2Mv)T&{6rIZ-ikk5X1ZwjSjOds+qV!%lE^qR>-D4|7>!LcXT%d=1 zwaSCZn#JK?6YSh^j{X}fquE^3`P0n*OG$W95unNcW4O0(^MCr!n*Xoh;S63|<$qX; z&+-z$Y>os+EloT+_%`;NDs<*`z3@b%izC+oq765U9{MgimF>VZsx##?=Qh`cFmb-486T zVh0fbn)JW@eJB3c{?S_hTgk)8J9p(Mz-XF=+$DL0b8v}LltV&w61Eh8q_mpL2(f(a zAJL@)T4+~HYvU^{WyT|o{Ph_W7Pu390SUfFIrA)@rXe`m7f#0K)6ppY1cIHwB_%G7 zqiK>Xi>HKPy6Q8iCv{i0-M;oMVjs#0;LwcFrKZ)MeShFB;kXOv6-wLp&JRUk)#rt( z)s}S0i4ZacD)e>Kdf07-Z4Z23VQ+G2=6U}bU7}Afn4vuQzjtuwzk{8h-*3r3cK-fl z=kM}I@AF{$Xzy13+zfaVb-a^}o_=`1aP5N^(}Dm>ShzD49Sx>Ez!bnF8^d%uL3teV z5e;F%tr##QDDQ)3gjr?9ngBoU{Mct+DzrO{1rspA1)&q5Y88D8+e$7g1iBnie$R%P z?_Y}Nj9(c6u;A`a7dNGah2MslbL!aN#;n=vP}}L^Z*gx0d;vMi5*Q*7{J#JMAAtRZ%htMZDYJpePdsH zfv%rBef;#F#VMM=tPAU33;W-}(6;{#57+UZSMo^xkI#2k);|ev8QWj&HSMy6mN&GG z3jQd~T9Gy;MQ5a8_X;WG$}Ef?xHiqW}DA&+Z49UoNczG|~V4fphp&==FM9Q&?l0^Q~I|_k$DgY>z1zfyxVghrO$$cu#_@c z0{VKy2$lR&bI=n3vJ{kr#e(ZQzI~z}FlRmqW+UuvbvyGq2b#auOrnFQiT=~?FkR~U zN3;Atu}?G zJFcsH11i;gWKFs6!P7+lQ94`t1fYTb9}Nd~{GX%ab^hnoJO=%LlFqsz`zW1#7bKtc z#&Tm)Z>J{j173@Bk_L2(oDpFV>fnAB(u<* z+-JRd#$oX+0aXL~TaG6udMx)GjSAg;SlX-piEdt_5esM?=7^}DqZlO-{nMj6F%LTg zwi1+rt<4$u0-o|w zu#{E)z&(5(298o*G0r}GT#T1M=L+34V545@S+x2*WtQ5P_8<$lA}NgWG2Aq1qSZeu z#RILy7uYKmx!K!oeHlJzRj+=Wb$H(PVuB_-GDw*>OuCxLg)6+FdUhMuMGxOyYTiIa zED2WefpMFmbn9`7%T;5X8O*(C;#80w$|==_;|Tmvh`?-&tE$V{TOpjFgn2EAo>+cT z4bvccI>OV`6ER3HvxzeW6gNca7a-pa|qwVIW31KH!oR8$@C>G`QpUpJ8ULrefgdL zaR$lQgS$GSYoy37IPE5!cPLarJ|13-D#nKrJFR>f6uK;^2a2}9YsHtg+^!7(-{{jq z|EGfXUD|&S4iEMn`|r`(|6?VOqyN*{?#u{4fqgHA0N$65jRBQPtF9gCs*xrZ37kAO z1oqmxBg+zsF`g#3v;y9a>JqsH{=ifwDJLHvfNsD=vV>)j>{dFOAk&U9J!Fn6@hOFBxlkYG~ zL6!iIMrc;4H7-;rjcpV^Q(dgDQQ4tdHBsxa6@<$uQHJRb0>4H~brrf0tZnaA3`Ki> zm9q3k)2E_B#T0lw&|JEF_~{w47?LG1S_DI0doJ{3!tGYdz0aR+aTQFeS6X24l0e9? z5M@;Q#$LIqWQ{4Io~(j@m$6@SCkx#P+XnI>~22FdR7!&OxOb zAcKTgo<-8)>|@oL;At)3?OKZ-x0=*e8lIwMmQ#4fJT)!KW|wyFnjIZ_cq*^`e` zm>7_m!^Yb*{;0pL4~*nB6Zvp@Xj+S=Y5Z}DM6lXAXAKV`zWE5nOvpO|NfLk{#FK2w zBI8X-oW$fN0KsJrvvC|20SIPsgs{(Q7{ZLrsx~wp5ktARu<{IpMJ$2-!BPgci`H%} z90B^zJmD4#6pCa!?3_8r6Bb>sPPK!?I%VU>%8)6?9X@^zZ z(FvfkT`MQEIA!u^P~CK|2e!~hI@hG85ExjblQmw~ql(qG`x8(rB>L_AX^y8EOTq&S z%7SoXI!8G7~b%r>NHh0sYt1e%kd+P_oCbpZ)RVH6>`L zzdn2Z?9H<$=e(;s`_)C*!lPw+VCxczLjFC|YTRg5u^2d%`9Zur zfAadn@=%tBK=-T!@pLf|PhY=!d-h>@FkT21iwtA(+c{lQIfBtEDyY1A4I+$qU^Yyk-v6%quKboF9F7 z{p9rVhgUD3|IdfluU-jy6YK>w0+nTS;Xrr3reUKL%{9x0>wnGOR@pST6=PnzMU(y? zPv9kzF+3ME0yOCV`@^9V|KoVL_WxMP;{-}%6Rrhv=*ARaETiwj9$@vTYrhZ%{uTFR zSL%AH*N7;A@FiO9JZXxsX9{g z8&E7<#Kz>nZ4*GbHdOo=qw#r0Fq1-p*(K*3c0D=q`%{O>Rl-P#e{kK>TDU7Gc=R9?1owPmGt1?!t zg|+YKX_EgkoReh(KsLyKhr_{v?fCQW?#iJN5DiNK33O5>WU1eaokFWMN>Ws#ffR!y{vqGicD8 zH`))+lapTKlDj{#TqhZh_~EDMl97#ClPzjN>jEzwAC>>wy`^A`U&U=Cj|hkC$OT%u z^TJJZ&IB&eHJRbt*E0+8v)W|fi=bV7OS{BD2W?6UDhE0r&TamuwqVU!;Z(&&Yg275 z|GIUCv|;g@s7rLbiPl>$;0l;^E7(}Ys*BZY*;>!lt>|l_s94E0V_OmE!m~gs*LKVG z&D%z4Ub)JvR=RhYciX4bO}X#6|ECs5#S995LMO|=09{-?dsh`Yqj2cHab}-=(R`@1 z0<3WtsxO$N*^qCztRfG<77OfSzAf)qxy@GH@*-h&mSciLoapun5@uEA3Zr@^>dH%{ zTgC{;kJV0QBbX!?FuZ!qzboD;aq2aMEK&-eYRl}AcPv%e2co0?;j+&5B{k&-_r}Qc z0_J3}QnDohp&XBCmZ98^*1?TH+5nDmK}ulq7X#J@l~Y_Z?RC7xs<2ifzm2C+|KmjY zk7d%pH0XcB{eA2H$8hiHVD100l1I<~iSh#c3X3@GE)9%SpX^n%h!ZuV6>}+VZmX>| zv<59t`PHQ{iD44|SGxNf&b?z;NZH-e$>irJLOiuaUk3as26$%Zttd4whX_eL&9&@SuFfC^M8D?Y!c9V{=YZaJ96^>92~6gf3D;)?7wGh zvb$pW6xR1){1sj4`q-breaSLnm#T3R&rphrA^-tpQL*@&C6k_JrW*hQ@W%25Ftlo^ zYG3AA7>JYCp3hCru*0xbP*1gehv2+oT@pGoD6~ERJEow)4#urKM-nk#x}!En;)0Y3 z_fR8hssXV^Yc=hk68mlOwt#F_idM0t2RP z?1j8P#9E-B=3fw^+44t?(?_{@Z*Lj%u-rdLtue#)# z`R45b3A1w?UVY6za2BylCpd(!h5w4Zik86NLkrppRBz%5!c*^|dM%o2qXq`0ufVl| z4O;4!EkFW^WQT%eO~3D{JX!XrE3wj+Dp{HGmo9k{IYSjG3aXf-tY%9K{>UFihC-m? zNxhn({5p>b;(S#e84_c$D9);0^9!IaP=1L@2<2yAdlgp?SPqm@PL8?h?lDT>%{dBj z8c}hXa@T2&-i&ipjByfC(R&((s3`PTqWQ8~hVmFk^0z1Kh7@@j5{BnSI-Oi_lO3Cg zvS)hw0-wO3uEcN%J=w8Qf+0CN2xu2c;3Rr!FDgF-zm&o<1iTsNf(S)Zq0m}}whq_C z8g+FbTkk1{Lf%Q21J<|asR#C!>ADS04#Xb7DGv_HiUy6MvmrHkRvkaRQ{C{CpcU0$m$#twz!^%P7&JeC?N_%I|f+eB67kust)+ zv2Qt;B^E-K%+bdwDoAm%0YI2dPeib02~B?PhuM^SsZ7uW=Qow*_-CM>S!uackE-9MjGVK{Gia5OlgKcmfCkd0!#7c|FHkcsD;`&TeR<}Gllilk3bLG~y zue!4w3fiF6VzG({O*Kk$JH7Mi*;^oy=$Ljb+@)`wjPZ_jdAk?_oM zcaRPs+%K9Z;;3@z?`fuHucNfqL$9Z4(b9|F|Hk7My)FJK9T#x4>v1yCEt<@g!teWE z?=(mj0z;m$lLS*^;wpgSE6NNV<~s7QK6*OrBxxb+fVAqRUz> z;)mcD=HXSHu8(I(zP%NR^cG4VVaL6p(^NeKo*;%T+-*5;6kc(t0HwS~Fql9RjsXN2 zBn0Ihx&JL93eLekRV`6c^@s171=-`w?>1=2>K<8{j?~%P6Tl9(PIh;5bcsIg4Onx# z`R?O`-|_U>?q2Ccwfhrz@#IBig_keS{un;iD=;K35#zyZ46WM|00bdr?ZN+T4gUS_ z{=2=MpWlCB|9>~w`T6}%y)F8d{`qC{_ugjUR_C%Ig`id2diUh)&C?hEd>{Y)3u3SS zU+?dmrb7bCbDX~@E~`<~(AzpoV4Q+yDM6QP`=QG|*z0YBt=|$1iFh&SAJSJZ;v}Y$ zH-C9J7)*LD;wJK2JZCS8xFr2#_iXpg?$g~DyZ@AJJ*AMXQt|Fty!$5JeH!n+hJ~W~aJ&#lrLV_-F zu4mPjnhr0|m(;%yb2x-afdPyn5OD1w0Nev|1g;UdhAH7fC3gcPV>EF@lF}1H(-tKX z3)q%5(pv7dABu;852}}SiGd*MeBT(#9ovaib)cpfn|5%6WxHeb$ZennFQ{{!v1eY* zZ_jT5c%-iydmJ3^7hOYEHFv!E-5Y1YLWD^SE*6g}2g=2WgDB6H(&Pq+fa08cN$J}3 z$o7Z@OlEvdY3U1AQQ}02t3X7{5@NL9^XK_$bHZS+6FWg70*(JHq({lENRH zi=Dmj2oyYDprpS7dkbfe5L9=o$9*%$!SL5MY_6YHPm}%M4%5EKDL{k$fA7GF|GKw- zxX%BzlE*NkmGtUdOgoVI6FSiYti|+Q91A#o>hy5HykexX2n3f2zJN&paK>Dh4CUY( z%6dWPObhVMHRG!2-?H%A0_Faa^ouIS0@VA<@uUf~pf>=yTge}%{PuPOQZ{^+$Fn#= zm*`0m!i1@W4v4CP?37%-j+|=cCw5?u!VpigvmB4&g!xiZHttk1i*eUf{d9u|#;7eG zJjWqS#<(B>ubRl;vhjvSGyX5I{To7peOIlxdB71aQE_udm9zaGOV#~Ft}|7wk6S#2I9SraanuKDJX+?Xq;+O;&{-qUZr zcO4(|D#K^XL^y^@*3MYj2($Wf#`2toDpQXU${yj&i4ES+ONqg&8OrlG5-x(O%#Vey zc_*l))rP4FYq1!`4nnxH1-B@O0_$GVD@%hZ-0SD zpwWPFec=2#1xVi!e6!@(`dGeUh$KL3l>nTI6|XRT-|DEWvLCv5xA4l=fwW)OUg8BK z$|k79XcMfMYA+soWp<&N>=#KKqJYEef%IRNzz&Vo zU&!W98z|^@Y~4ZLUVRt)4i}i~e1K=)>L%rza~RN+uxtK(po3Av#GGf|a~TT7WQ=m~ zP9eVyN+jR2gdGHfcY}F0wa&WN`6t-ZWd9{7pTy~+k)Qa}6#r>&@6h)DJ~&?cf3M^* z^M93--Hqu$1NdDS3yl7BY#!LuM_>9+fM9}(0$!psNX7vOg7Sq-Ph@%tI7+b&b;tHD z?rYF(FR(H%k`BVeXUn|w-oT&DCd*Vz#?^iP`s9Hhwo}y1w?wty00h5@+lz1Tb9`C6 zN}uF8&I6mhx)<;(vn0HO--I&S-)CeQ+PuE5t5EOG=241i$EPXVulxTF}5o#z_XhiF1j{Y*B?(K0Or+; z@_jigJ5Hd}C*mfFFF3!0r@VI3fT(qCNSnL5BpqrfeD`vUY#hFYWVQbVP!i^Mxl|cS zZGzPZwfZuVuN~WlIDuJUH}2N-=?y;=rov!g)z?FAyrTrs)e=HDK}iS;B&cxp&`R^E zg{HrUo*@3VG29sG`TMFJRlB{OqhoX7?}=~Rn2V$SGTD|r5>@L{G|!Hjx%w-ZAQ?j< z&W$e+qqUTpP;OadD2zvOSQU_1Tlk6&_z$$zXL$@@pzQ5g)%u;ADpgHQ!-N?$j4rwI zHl0kJ16zcTHp$zAA*{k;jt3wgv-;jy3?#mqNS=^#7e=ZRI9-XCiw`9kc~$1ClKrg zJ{0Ru+$<(iVn&$3xU6J&ej# zhbXZ!;)k91#!tO1K+ZDMdQiTt2mSdghOck1|FO_!J1URtjtG^x`vHAIVOx7(!};Id z{(&9;Y5(x(Xl?&n#ben2=%fNZ#od_x8X~J!+WyM8s+;_eZ`K%S_OL5!peV%q&I*V> zJswJ$2um@9mUKDa9agG*{vyCUWPuK8$KEqfDs3`$Y`1?}ip6WLzf| z!TL;Uo@Y_|f0<|9(f`AJoBkgS*7-kH@)-1=PU@Y||GMzz-w_kgL#W?96R6?>MrP0j zSpbE>=|AmL1N}D~uw^b&A3`PPa&nY9Nb@&5tpfjh(;Y#l|St54Im6LbBfxj8I+(yvi5OO>dE9Row=(?0M>}L53%CJx3ci9*;1nW>H{bgd8*m z2LRoaT3S%)!(gc~*5Vk6n}}-6?LdX!j&XAR-1)Pp{HHX!77}2i{(o%Se-DlZYx!>_ zk9q$?PU_kSu(%AUb@ThO1dy;ZDe$fg0cz~m)_|6em;R$q1m!7Ao}~okBN(FH4`npm z`ELO<(Eo$IBb)y39UrdG|5ow{&mlhFKux$7=42Tr;4CCx0O-oI9lA{$D7XNJxI>*F z#swqevTYEnPO(@Im(!fKk5fV3>*;%a59W36_jsdOKB-&Y3;31gdv*GxXIiWMPBo`f z?{$3TXqCMYTNYSnrtNK;PGDujy-n{?M&K_yxAT2yaUgIgD z?QW&0Vnpn*Y(JSYy?_^&hYasubSxf%>oH1=A&mKzgm=8y`}$>wJ~nj0_RF)^ZN;d0 zJk8oKNShgd!3-9~HO?cg;1_{`x1ZLvUoQ)f z$}zNSt2ikVK^c_9gK!{mlVx07t-DX=6QBu<6Iq%4(4o`u4EV6t8OF*BFV<8u09vk8 z@iiz5_Vi`20l*u&CyOzjCK1R{F--_%;{~1|GLF+rki=JrZCr7dC3+_sI#DkG2vi%! zYoLwm2?#dTk8Qn(8dh3F{V(xQt(d{m>#%*1v)w?ll@5f<96d# z>|L=fxD}i20BdAn0a&~eD}|C?$N$(n7_9AoD|uGJ|CccO zZ2*wK3zUf5Zv5{`UJd|EQ%txT$!lmYYO39xtgxiH(AL5oR><|eXS7v7n+1ZPRVbm5 zz!vr@>yo?Gew_iR77^aOGBnba5aSf)H@fX-R$*+6cuI*%)V(oMOQ}F({u*l)jL9Dc zm0g>*$KH&ZI`Onw@4$}#bUa+= z|5?ey6$*_;vV#iCKrJ7*O!P#pb0j zc5*a}3w1^NHA)aHQ2(`ftNTX6EbCuQFHoK$f{K2OcV{Rst3G0_oMzb{{B3>J2~6Q7 zigqq;%!bcVK8r(HX~B-=9GD6DrSJ}&i{i;4@2}lwzR#zD{yXjui%5e_{y)RPz`6gq zxAy;B$s^Kjn;$C83xcEL^BO79<#&NhXNldPz*9uD(Z09=MV7>bNSYG=CaZ77pLSk9dH&?| z{K?MC(-%*620b^JofyrN2OP|EX5HEebTk|cPU%XI!z=2*RaG$^o0uW>}iM3 z>vLL1n@2aqs_I`{fLMczNBli1q_vMSj%|GvvcoxF>{OLHjU}mJV0zZta@}6^)#F)| z{6pnnd4uUY&MkD0EadJaoxMEE&0TE|B%NhY99_Fbae})932wnHxJ!atfZzm|;1Ha_ z-CYBL;1Jy1-5r9vyADj>dGGgos-|kXdQP9SpS4%(G1PCnIL1Ir%C)&`uZ+a9K6!3v z{5^>g0oe2?M$sf=i*dt8sdGq|4?lNL91wS1tp8!nIZEHB<0sf=8xbfjO$$GaN7CQe zitMa;lI($oF5Hk0K|ycukFO4w9{;U!oR^>&oGos9>==Q5gSecpVg@#gh)*IcRl`^q zr{!B)?LD0jl}!%<*}K*aKpGD$-v#jd9N=5t)XN2`_DWZQojl)*%BnRhp_TiHdhtxs zUtNZm_vX2wZ@KRmBZUNkbus5D5Y{3DiizlE13#@###m05+Ka`1`d*M{(^4bIV$L1$ zj0|4wyTW1Kn{>#gYA+Jrlm0d?GRa$O#Vn+|w%YZ(I zp2clbB;aLr32Zw;TLm}op2f_ms+$$)yJ-|&jchiX;?MaCd8TwvXBDfhiIHd*tmS^1 z(X1Y45vL^~i(65?d|tPZR5#o0Q%=bqcG=VY>+})Y#!sAnEYn6XdG@5HMFRmI2e^AXD!(}_^cVYt?x(n z>4x>FWqaZJfLrdGd7 znn0m8XX>|=2HM7PVDwyIHxEA5$NlHFDJCbS!mi#qaUiYji2*uW2YFZx0Uyv~mmtt3 zSlUlsbd%fw(2%Zs>kv~(AM#{_3%!9eU1Ro_MFjT6Du;#T`y?OVGU0^%9)>XSf~qw^ z<|>TZZcPsr$&T%^Sy5iN=9?iRck2;(QWgfA6G${>4_2a%p+i?^BfQn7Tz$LgW_3(&+Iujas$cieb^=XhREK( z{JY&LfJgMtcGSQpcN;_U-`k&_ifm#CO-jK^M%_I0oQgXDHOJ_6FtglivoH)lb4x3A z=TB<2F`-X=Gv(0~uZwQ;@<)0m$AT$M!QXbTo@_#Igkz;YouhviBRqexFo(_%njMP| z5Hxph^aI~?4@nm8x}tw{WZ!osKsUb+XSZDiyW6Xfy2PP8AZ|SQHVO}1tqAz2FtsfP z{T<|No|_s%DW|16=n3Y4m%85~1;=S0QW!{7T`* zt-_n=5j*otlN&G0CEQ6`yKO$o^B)`*M}}9Ik_uZVpKqyAZ^v}??1fmEl4VrqiJU-z zk%5yub>V)DhqytLm$tf66hOo z4NMnp6D}jE_T;qZ%@gPpAB!#t9d`UZGy0!Op&1`nB%{#C--cH;yFTABb7=1X=kS%m z1wBWzp&)sdF7_*>Nsm}zRsXxgJj!(QMako{Avk>Ee&LgG#1t)6j}U4tmQ0Hh7_svc z;bwHC(ltpnK_~>Tx`h$FVgsip2xc8h+Amgtu@UoR%$Z1g^Tr2B&Lp`mF6h5cXkW!x z(Ejn_sqfk-f9}SsRIa_a8fX9ZT9^X?{pvX_9EZVp0j{2=TL5lh!&89S)9h76bU{JD zi`b^_8_%N=piO?fj6SW5ZH7Y(ag0+t+{U-R!dmE6_%-|W?Z85p&yJMOIdq?^rq_HG z`-L%t2&HyTCVAjn_#{*U^8W$X*&yt8@aUHi7e%3^hy*c8F8gvTW8UhtXKN)AY_? z2%`Cfi}UQ=X69%{mSYt!Vn^#RT9sHmL0OkCQKXcG@*=&`ytq_~y-ajYGY*IUnKoXL zk(4>Tl~{k^-(Q+&_R(Bm=<;_pVqcX#gX*t*#lY5EKo~OoDP(hFds`3!okjOSfTw){ zYzww@S!$N2T55@}I6bGLUtrZ*{mU(r-o$okd~RS6;u5VTR3UoVL>8^zE`0VTAe@Js zReTo-KQT!QL(-jhyEQ0v1TVBVU`h~KQ{!QE?<$d8PhAZ8+`97S6&^>iT(&QSpOdef zO)GpwutFrQ6=<8y#U@_)bnA0D*@hK9xFGisC zE2LqOkWeJ0ImD%UVD?%-03^dLQXL|ix{OGho1eE-XA^PjqgnhqCbl3k5I#?*Y?fk5 zGSFkac!eX^3>Igj!ad6caM&FY4kHtvhsVYKTC|h&|rNnGd>& zF+ylmHbyuh0#CKbIS{!BiR`&j;Qcv64@~aJ_SWPa&FJ*phnDvYLjbPg~_vf#tApLr5 z$d9SrJDcxr)z^@rnFKpPgzTd79*T^ILJpOmYe#d@t~X8sJO8>?l6cV@@Bi&&!%Q_h zm#AHwThj33g>;}j{2};5vj02(s%gZj>{v{*{6C+Gm5z|{-1Fv^)n*J(Qw06NmsTvyAn6{FJR_T{w^Tp|izFH%aD&ux3`zxVyb@w_-keXI#AkUyva+ zK}M=xPDcNP*81(=Q1LGSZS9hL2oPMR5PXI17V0vG_JJGM-|!G4Usp%aQ`d>q(yNhB zuuf%Q@%`v*7_EH6Nwyzc1BnQ<<#~T^GtY~%J2i4}ax6wb%6M%Q3k#)dx4UP62dt%+ zP5BR4Z`z)osWgy(h36kM{5AsGD8aKSobPl6K9qdKJjeSLk;-Evce<0HRk?4DI8i){ zH~IOARX&fm#&A3o@Ckk(^({N@Y84twTHZ8xt@_OlCBX$Dm+~KiAYug?m`B<0qQ_e; z^0-a>+|`7$9s4NCVyzY!*L$@HMrrNb`}W}cc6RULkn(*JUM1Z3HqK)=HdSo~-%brT zcdhQpOf#hCyczPiA{a-Chac7#12l`V?y-te@TOnC#fEQJu)F*i?EIQPEtmJCGghGU z(oE+R4kxx@AvQ>MbSiaI|VwB=G;ZNWOwpCOQ~Cp93VFFmZ~$xhj)w$Qy`L~~T4 zXV_+MS8bbdI~Qy>Sbg;m3_J{ElR$C@_tY5NVMw2VnFMkG)ZE0UKLpYnDX35)H-x*Z z%m$C$cjO#r-=9`GHkp3Xr_3{g8?@!wxd6ct+6u_666RW@2}EPF+yBG+N6VM7{Wf01 zNUG}Q7UR&e7P5#Ywh9 zhQEW7KMUhvk>w=wj*Ub42O-0HzB$^zuJwI;63MUcR-K;Blu~As&uUxc7e7D$6&3tI zWNSHpj9PkChxzMR!+KvbH7u_l(w7&@1n<@r2%ktbzryo8ZQXpLGpb4drE@vUXOJ1( z@6DCV&}lUz{bw|%{S>V}w7;u<+99UU`@Ng*qgzi~mEeqL482F_Qzcqz5mj&YteK88 zydx^(J;LvS-mKN7UPbE!3lc}do``JJHn9Lct|)$!tOA&J4)(E@9|+Uvh0*w^fpc&g zI5-j1!ct5h<>RPfX}4UbbZ*?Loe>I}nT@}O)6P{8&UZAA|8NvcsGum%hOEN1`BTfi z)2sSq@>REf@BL4?A(NYX1l3bRI}zn~g%C^LN~8P-&K`NGmYlL3o$F`?F(hKWgVM9I z#GGseMR#{=pAkssKG#OzTLWFcLuuFTxUM1#s6yzn`;Z_szG@L*%HcqnC0_^l1^>BU zfXFJ(fpSlDFaRw|X1h?*`|6mAyGVC}zau-o%+#QW4;Iv*KWo+D69f@Eg+wW58%>l2 z+*aQp-MwOd$wEZk4;0vbSXSq>UMYPUKq(by9Yai50QgSw}X^yAdZBKr~j zWpIp&pd7=_R$K_Z{XMbb#);m?lP(Fw?{wRUn&^_>C|B90zS0PKXDF%Y&~M_+vE?~+ z7h5{;mPd=IQ7KMCXXLBck++$gqc~y+37#`BSPt0NZ96DNVe%i7xk7Cw1=}479$vWP zD{a0Qr6=y$-0oXFoqr6C=|8i0p_%a-z4w~YEIofOV&|T!7WI`mLP_&ess|H~t*yXx z8dK6k=_=k1Pq1uHr=D^;3>M}I*Yghxeuk=*Oq=)eKGBKj`)s_;(tC=%x}W-6#@YYG zpE5j={Gbb`maTXcspiWgbv=C0s)YGwFX4!xq0XU&Ta4q+V#xWl4_hvifqgEt9zVx3 zwyTq!r-1L97b42BKdn!#S?8(|9K0_(&r9O#um6(QI#epor}eeC#gU3-)aY3+JoDkZzS3Pn3_b9vL1zhbdn6n9uC+YBwwcRTp6)FiVkPn}6fEBIYDyheHz${MC7(Wkx2-x6pl z-r+P; zumVC{KehVe^Lgj?=M%ZZsmPf3_HpCd)~g5vx$~X)72^=o+t`xzol`@O)~O9?HSd!3 zW1X|NE7SM+E5KTQ2gNJ7JKuxpB7k*K79QB7z{JXa0=#V@U5P_`fX^sw)~zyI;7ZgH zBobEnb89MsG}=Q)wS5RoIT3wR3b7BbM4rYOF$HnoPVTTs;1=?G*D{Kkebb!dX3HJf zhEAPwtb(I`mROS~-M-DAzPJw$^k{919spNX>fkWZ6>5M;Dl^P8Ba|sLziWa? z&zK|qi$?s-g1^?6@BLwAk(lMp}VOhGifgMU|dfV7e> z4@*-4RGOrFE?ncJ*QTyRC>DA8It5*co>lr;5KJb85@6QNT^-EDjkH@+;m{ZzEaXw9 ztb#y({T7FN0bk&DJIHLPPenHP6o`8XbGFh9X!UF3;8@zrCI>XZ7Z?jSYegTNyZed@ z@hy2*Mnt}%S?s!f<*dTuxnmx^8u5iO#y`)v{CRQWY@=jJ*j^xr-2W4vX9#;?*v<$z zvC%%w%a5{qm1T=Sv9F35K*NPLnpl186ET#(xdC*;NXP3~17Oi7w^6CJAlu}$!m}D)?}bY0~V{tSgxOjwbUHrz1aPP)(iU zowOn!cL1xMv@d8^b;5kNhn1MFn`Qq9!(~8Tr2uLu8}vmVi+pu2FSFvwS7@zZHmomG zbfj*f7HU^BExMI=_i$y1V#wVIgf1n&e6oA{JKtG*kC)7_d|zo2D<}KtYEQ%LtsiCk z&$6C=VRK@T>X=b|=WlE4e}{)3S}aQxK+;4`QeF(W)~iq7>aA6h4@)O#P;dKilpFIU zOoE=mEWP8g?cXQ2NEI`czk^zJJI8&(%eD064vw6`_c_>Tn~uA^Dx$v~<*~;qJU_&$ z@hBa|)se-h{_SwqVroO6{yCZ2Vm6?+@(W}^y2xB5R7}(ULlv^%T*`G;_=TjHh1NFD z;oflSgqr!y#w?ks?8^ zVU1R@3$c8_$`~{4zt;s)z>~I${vf;K5Oh2G0&acLo$Q^>YVRG|Y)GHvrXVZg?jdPB|jPG0J(FQPW{9zTNs%nJc$`(5I%W;M+0U+{VD7R5na)SL@p4qRn8gtt}- zppkWBh0?_jVgFMrMC`2&c0WlD&9kUhs;P+I7G)Lby1Az(KPKkPNr`#m?%<3RTj~9k z>fG@;j2snzTh+4G@j7m~JIdL4Ya9CFD!#as@cqV7M$(X9?G89)iz*iRnjciRjahXc- z%WJrLlfJUc2zLrC4?l3^$GI}NJka(YdWP0uXrH7R6Runv!Hn#pJi*QK$EeB&BZqQo zn?$K*4>eO-#z&|1w;Qh;}V z(F@{uF#U22^*05bu6$X>>MRAOdGKt_PeyWD-iQR?SU&_O0nc?|npEO<1tgv>L$g^7 zK_9VPG;C2f6({Y@!*jBp4@W3SEkz;Vq3(Ug+Qie4ZRd@Lk}L>LWN5J<{xdioHz$?K@* zVhMcO30e%ZXlvpw;FQ2K|7#(poUP#On@c^>JFHKY`|vN7toC4;Dx1`G)4fBkF;jxe zuvG{3Prkvm&F37GYH*D9YJ*IkjT(pf`_K%%VKE{;Z-{Rwa&4;V&M`Xd_q*j6E;~^IYH19>2qR8u8Ek>w_}Q-VHp#r{1=j=n@q>q2 zEVG0PbipCP>N*)we|%`m_tnZ3M8ALat-B;YX8UOREqmVz9|YH9uiAUdaV>vfK&{NN z<&;S59hB^D)F%ul0~f{V(FE?)T>41U(l1aazu7+Ond&d@P2|7T#4oYR@WKt#BY;_j zjUs+!g?>9^;)~Qp&)<&QNRB&#ERG_%c;PA`L8Q+-7f;20pqIqPgE z;2gyXx5F$mQc(=*06qM%fUqk?yAuND{KOxGu8kg+UO{wmJ;44~_pt}tAM=kf*J%dF znfEHH_$myTbDJzXKx@8#fmXz7C^6+m!@D$f*koQie=~=J$gbYz=x#G+nUl*c#7xzn zjWAN4LlW&x-$uHEK*($UK@I7srbEsrv{HoWcis7~(s$U0Wg0#{&3YMD=lxg9*!$9P z&+Hq~&xO4qia}T~Z(vX1h>*)n$cW1zReq{Xc)-*teEj`fAfO;{c<}^mL#;n<9RG}R zfr>rOr!L$Op?!dN1MM*eNHfqWhm4g$GDY9sn1G2Ky>h_z9w7C|eC~2hZ{vo59620c z#X^z)S1^UJ7q{v`jCP$oH=jT&DPl}Ov8is}fPs4bi#}>R%_<|}5vw->?3+sri*Xyx z*g;f?SAk6(58ckBQ=8#)FzMV4ckf(1o0}e)?fX$QmFx-OrDnSQ6rmi zfR8Hp@4VU8u~M1V!-WK^;-!GwdE#EoiG*1dPIEuZRR05;w<2AREdq5mF2_!3+qZ{5 zcA^sp1WufU2Pr;tBELO<*nJb8%Nsu^G`y{OK(Cm3oty2E-ZUJ)li?80{q}G$4;2c! z=s%dOCp-BS%okJN7xowNuE8JjCOUB= z)-~!B1`z`feGZESrdA zFAgOM0Pz0mIauZLq4Go3YnoBF<0E|AyQ(2CLmooKg4d?QClEO~Mdg3`fQDy^Um79q z!7k!N{aiPcl@9x)PmQ#_OHfUd`pwpb$`<+o;zxh+_u@6Mjqgv5IjKLA))92}Q-eD>(HJamfGW;`ZYM~j$C(JRAEm7F6-j2UGAj6|CT9@~;P)GfY0IOS% znNCX>QmG*D`&vUqrpZMMb`I4Vv|xI2`fZd9@8|P#lHw6{BuWKUAA-u^dgIG%$0Mf( zLm)bAfDkflx4=7=Wr>Uq1qGV#IE1n>_%UwCb?1@47Ja)Hj`1xLG`%cT~;fAU@YKb5Z47 z1mQ8;4u<}GR{t^^oo~j0pWpJQsS4+u{-i58Hz24_J#?JpnLU?2Cm67u1pM~;0X;BK zc~o=LMPG8Hyk&}J#d^51>-2~uy{L*tT~=C77l@U0tZ%2G4hq$I0{RoCtDyd9cdJ_* z>?L)7%P)e22>J&sS+fK<5|WM1cTOaSj5Zb;k(jD5Sn%DDbIo|l!bO(VcZlMo+ZOmB zn#4ZVg?I!>(j<^J@6+2$%=|RKC3v%b0R8$87b_5ozU>#tqx=VD;P{sS-eA7id_B9; zTgcln7VG!}{Td&-Bbx3pZ1wI`f*Jkm_GEE&yzh<2%_uPN}XfJoI zI800qoCluS>BCt6`sAaqi-Wv7A@*ZO1E&+r6Y~|1z^TMMGoF(LGNO!YeJzfU>1AxI zL7~mCd;`6Y`93xeMi=gfXLu%&^&BCIFBI98vVe;*JQqev^QNGgLa5FjaW!^PvZjJ? z)>-uh0$BEks3|R85HTL7U6faG)AQ5DGTx8oAE|T0+(;?kUfT5s9J5c9(a!~X z3>Jl0ZJu1uf-V@Q-y>Tk16U7sFCd<8W6+3nxi`%Zl%wjm&3-acsmgRY=T?q#LkdHC z1xJTSbo{)jenGTVil1JTenl(Yp7+qpO3p+OaE!G0NQgc%SB0tQmcU|?h{#E^kY;sK z;X1ow_^bPR`ADn4ty9tdv|TA>IbzZ>S|fe)2qIti5t_8?zwN^WSz8AUxr7Yw*^(%l z(7u%%_d1*v4YLP(HW^U`I4b(#Z`;GMn{1}V8{K}L1{J-#^c!~cdwj?ZdfV=<0m#Vz z9s?ggNB}L{rpVbdC`Pd_+^W8f&bptUn=&Mb7Aa)5-%Fk|wg-4G+4IwmPdY0)hU2}7 z;-J*QAec(-iG@fcR{T-pXV7hAe5=Tv$aWL|ol>PP#1)V@H8v!-NG<#2CwvK-M?Qi% zb}epve3O8bdRM7>&tbQmTHlpb0cJK>_R%2Y;i{lh?6($2eQo07-aOSCDvu~qkb zmL+f|p{uWsN3JxSHl%N2Nq1kFig}0$2c%6|>ehx)X6}U5OTx1Kqq3uhtio26ue%!a zo6GKTXlB%>ocItC164<9?up<|{i?fbkG2bqG1^(S^$MO@{%4_x{bq9odK_m8dZO zl?Y!1$2Xhm&zl+DFN@5Lj_PVvKW!eDD@Lxw7G*6EwajY=_zxA;>5TXCY3&7n{+|<{ z&?DV-f!LFpVmVh+?=~)6>_9?k7=GbvA@3+3@&0fBy*mO410LS0j=&|Kd|H|BQ|}|l zT#!oEBk%CfTe3Sn??fDR*+=QggsIcmU}{e?R8noE^^)KTlEWmT8dEBMT%y^-rpu=M zgt6>p)p$$tiFb*jqhr^Vuis9>a38ys8aSAn&uq zXb_G_V zh955gTZOxSN34kWsTuotejfVbw9|6r_F39}<1J1UC%Krz^XK9Qdx;YOMHb$mnf(I* zy*bW7c3y3HFeJ@jS$On$AyG8PVSmxH)^2*5f*SZ2)J#rYAHGLJwOS*)y+M`#j% zyLBEy3}h4h01*=w*8h(xFI@%(?|#ampm#r}(0|KmHhteC#<04vIsR0h6geO5Rl4j> z4c!+DV1CEFQ@mdgRf@-8Qhk7xxpfL?;&uroXV)Wo*Yf)oYD8^km9s2zeh2J%oweVI zP5K2T@mo_r4?;PHu;gXEn@!{9SO7Yh&j*~n+9;oK7kvwE=r-J0A4XCUkkn|iK@I*R)#lLrg%ew0l8G^X*=tG?c6Qacr)CC zZxU7+c&3uNnTaGH!y_)?UV+ozFy!xy8x{BS2P zL6QM$#nsXPj5`o$3yP24KW|2Uh=Sza9wR#YwdH{q6I&eiHY9+*4U**&N%~UHjXlc@ zqbmoU#D&sNo5dw^ml}4~(+Apb6&K@7X{W5r!R;rx3z$p5SE6yh{J2#HyKm#2yc6if z5wWSgW%p9B^LI43byEM;5fAPch(Ngo*u@E#TE(d%jWrpN?BzbdN9h z#CIOuJ1S3f>sizU^Ar{|eU3*O_~kihKY!(o*1)~{ap;0bc=&2x5G)LBs4AR4ZpLCF z!8bhwmM5u{W(wOn@2z%-?~(k*ZzuI9kM;MaP`_VVVh0lUV>FcX8>bqa@lc!!v|PKK zKbCKCdA~lZ?yZdj8DHp6Z$(8&37{`n|sZ$2WUEmZb;vFlR{7l4P%l-@zWhr97m+O_})w zK&B%B0kRKOZ(`cF-(HPE9FLRV#xz~nTR;&$P2)zG_nD7XoWDX67O~1gtT#c~j|61dtv|esTg`geW9mUio^&mo4A=D*=iPug{oeR|8pn&XWH`qe-UzFOsDhuU4wa@eAXor zj10f*439)FgxN2E-#iE5za(P?2~pC2U>W*e8X0Rq5CSZF&z(2hRZ7%@mNfDdM49QD zq$g%u+}b*HYjUJFuk*}D?1s#aUX5|uP&L6036#sk3dBMFUe`dl zD-~xc^9@}jr>_XU-95AOk2r<9JU`%amVO{ZzW7^meCKcV4KT*ud1rp`*}*gc%!Cl& zMN=RnciX@zSIa)Y_?GnVikzIAW1!bdKTeMFEVCb3-%k$vPk%2>FV#@+5|}7rKK;aq z`nyC;Ct+(9Fay8URf=L|^=3Qe`?zQ4TftY2M0N@a7kz!miXIhY%qD8pko7`f#_GNo zYmAw$l=WKm8MU28%#!Iq$lesRcy#C@pqXFhMaKs_qudGnDU-7gaM9*A{t(W#plF9? z?4}8SlmMg4``a%3!V9VST^QMx*vN!iBPX1=>E0n9A?wc(nV-Y@fNy&|q;2~ZOO-6~ zeP(|6#1uSF4lwkYp%L3WXv6Q3dWH=Jz2!#dtTx6#RGS+!SSoezx^&E1Rv8) za2KHTA$tExtglB%x|88e7p2&ygrr$36e6OJ|Gkzm%AKL1*|n8hh%d(H;cfFMQG+ddohvN;d+J?^2TDE{K7a-(JME^mE# ziZtewM{iz|>=1123$ibv)s^%ONhsz7;L9(>J4X+`WLL@r<}3X^mhUoq1>&O0_Wz_V z^1U&=zKRAuVuxMPZ*4tN{!aaEf2m%>j0r$6K28 z=%GmsVF{L=@IX=?dK5T~^nY^4_!?BdBLGTNCHn!wf_=P?j?Omr0zGRoyRvr&-=!Z--h?)wnsKMAs5vP z1KR>G+5gaagHjyVX(lGnZU&iicaS&)_Hzz(qecjs|7)6f0AJZ^z7UK8UI6x{iQi~h zGba;`#&9*(GYdMlgV0qsJDw;G{=4x*vD}9fUSt^=;5CDS+A*saK^C0~6=}Hb-Xp8` zC-v{OE!eQ%!*E}y6CI}uC;udz#oC+)NN?7V%-<_-7)RDpHWhzSgKkOKQ1j*MFw%p z#uuV|w8yEE^AGhpT5$M{7msEu`JtN*Wn2VNyptdIXcHyT>;SodkG3@&?(RJz4Tq}m z`KMe(nz!a8t7=zsEvLGMZ=AP)<|VmgiHJSDa3B^ zW!l4Xj5b9t95LU9mvjsBk@Zyf*8A{b{8amFt?R7_o_Aub_tO=K6NOM2*ysmx$j)&`K1atGgP@H9};9 zn)w6=oMW~TP}*-kyKv6=tZfyuBRgxtcq(0}&ch|NP94fH$yvmyd7wJXn3LSB>o4oG9LyRAaKDnAkdZ>33izm!J0zl2CJ0@*Y^D^bNA63u{Xz=b z=-Kf%?4Ju-7?5$DL!1Z}IJn1O%5w>`yAP>Cqdb>>oF-`I33|2E%kX5n6q+5GqimD2 z$j*@yeWngSz&c;-EZ4p3qkZ8F5N(x4p%2)JKezy~&U@w8OJ)Xt8C^zGp@sii9zlyq zC#Gc9j^j6osTWgpKjZA-I-fXmaM(yyV#YTwGzNPpmpN^+$3 zij6tewk?2W{1;KHy3cH*P)OC{eBmd&7eituHsK5cVi6jJxhIv15+k+JG{70WG>(6D zctO7%12JMKd}1#KlRi7J78(OhWNQv<@nycs(=u!@KNfI-zFd|LS!jKtE_cyYJBxkQhP(-`~qkFuhQg*ro zXU?h(p`z#OTc=>v7nH98dwCK-r1UNub9-%DN&$mxr03fOB==SdCVbx53iwL7rcK;oEaADY2V5Z002JwyPloxty69 z1iV=X8UZ~nw5?2@@;$gnLXQj-?PC`9Ooh@D^v*|e8ov8iiq*#GXoYu|!MF)mOlWbN3I3Y3Lx1i^6esSCv!hNEJJMmh zeUVCQ%k*gwAsRqsJ!~<3%I~EO9I24zJO8a^(-5kdWeT2BUCjkKnkMJM>PnoJiBo8HH1wM4zz6`x61CT!%#)^@s!MHm1n4a&YFL1w6_gq z#R3U`nmnFQ6|=<=SE$ERy^(pb|s=vAwt_-P3Ty=VpMuT2GYbuj>-8_9nF zQji+O^B9iHQ^4r1HN4Z<#wh2zJ z<9YY$@B0x~>yMqO z360T1u>e^42hko5{eL%lsiC(ZzzXQD1w;iz|Mi3P6mX)RdHZq1aTF{#dvNeLb^big zDJ9w^FCaIhbACYY^OF#Fb3v-*isd+kuX6Jx9@=IB8`njrX_YOB6+b!u^p^$aO05A< z?ZOXJpe~hq5nzUcpBxVMmrs&hbsibhw7x;C+9rqNNiodL7W)!!%q75n^?18f1tX7} zIBii5KQeUsF1n=Zy-gGvj^PI`rwvWlg}N((Yv0>+}aIwpRYe2P6;){{}b;* z{FnC83AQ<$SblK&@)Jad3+>GEnK+T6w&~Ko}Jl*wpAHlcF`{q&JV`+JWjyE?WmHlU29O^mNqFYTk$vU+ge9 zi`71De(7e6&+%hxLg@k^=?+MO-R!kzNdh&3ymooe3%d@J?BssuALtK0Q6!n6-Y|>k zs{1$DjNwcg@#eS}y3VO$tPscijeuM2&ZS0zA2vqb%De32kd~vki;0-uWSdAFLm1HS zB-lnidyiAn!l68Tx5*e`6E;iP%c@T7_U^ZF((VYu2A535a;3N*F>xxbj?v$E^c`Az zKjPAyGy9|0G0~$oEr(J9(eJA)%$BTc#u9CO}N)jvyH)V(5YzoPb)L-T5zV)>h zuRG&xTAFyK@e{ZGMVBb=>?sid8obQDGv%oP?p{{80Qhqj7-+y3xV~3qzr34rvt6Hr zytbVriS;e=Ki-Dz!;57Nug8MXO`7@)L5%_@cEc5<34 z-Fb!qM(!g=JP`d8&XmK<*h4*6WR_aad_94HvgZ7Db7DkF<&5wzqyZ*R{+ykxnOs`g z4z)I$2fu4&8*>=b_!(b4)40_heXshx!z2-yZlvkts?SZjY*q?1IX-vjYDwnIN2l}P z6RfIEPkg&;<$kAhCP527mcxzoHi9p6hKMV7Hvw_~PW~K?osS zs-Sy9okw`+ynRYWEZkSWsTi&Y&fA#c4kpWh*^)931nRh;Q$v&M@&NV6HUsRhtS7qk zay|$q8}#S12ike=&$Zf!3x^sFs+ohsbD551A9E>#WC}6Ui@KJ=CuU7S7!Y2`;cCU6?v) zAJad%NaN3|)fii9?{0ne3)UUoa&X^yT8?r#{+Geeh*KM_*7f~;diDlJ*S>Q1&niR& z;JR540Hit!IJ?$HK-aqb2a+Cjc7;Qg!-RY5q;M65T9HcZ<72W~pOCL=-W+r6R6Syl z-FQ*0mJZ4azMKY9&fA$B&8*s2b$19_TooM$jM5=6QhE-6ylQIzJry-@uIqw+A}ZxA z!PziONtGZY+#Q)+G3sGBrw#=ZEsI%jT+7P!A#IJg!6WufxA%y$ddyz-IUL((k zR`!3#5co`K8N`x1S2l6O{(Q<4!;6~tfG`ui$}Ia2-U20NKoh9F1u#-z$_8vI(#Da^ zB*+fFBiF{YxgdIl*?4OhD?PO|BPjK7)#Yt|y+&_c;jP6i8^J)nu5`in`rf4F>$Aq- z(^&kPf%y`t?h82#;MdLu-j03%{i(nd=BGnISDq7cnTQDyCRQt^5d$jvzUL~<#YT*` zl3&`Xgn@Nj?o7nCekhO`U3rJ-$dGBtcj#u;h~HFPE`-EOhg}uVSQyGn8n{gJxPP_ z_%TUb@KZWR+~*lM&~FWVDHGrgdw}29^L(Zt-}=uPf#b z@mLy@;&ndrb)D#7q4#q>J>9G(`28H)G>E0>yxs57$Db6pY5bx@gP6=92oc35v%=l9 z!v&PYiJCvzuk;=1+QesMR8)zXehk!S_GXO7Wl?5^QfK_hjQMp>#o)ELK=rga1H^V4 zUF-u@@$|6mRF8s+e=TF9xMBKD#Z(s{AdhCy!8uf6_Q7cV=@T`It}ZDC7=Vl~#cmmeRTx6F%%vhc%Tjc_^dF1J|o4ILCNZg^r$6FE?i5JIS$F-Bta z+xc79VNp=2`W}63E%0^)q60Sw!>23fw=s7RVy-RmhYe1;?7cnzmVe7fFiG~u{yco@ z$^KW=fHN^~gV2L*c-I^S(E`< zl0b0ZhqQlT@<*45;V&q$86KX$UdL`-UY%_0!Z?UOB`n z_S)3#xUi44F4@;#UQs$f*Ebd7;>oAbqnc$^jc=%7Gwgjpe)k7IW)AxgdRY2*X@SLE zo|}Em0OjPu1)4`jT26UkM-hp-OWfodeVCh{R1QflO$qGwzQ!%NK6tVCfD$7Y$pN~? zM(t7d6$<`8u2_3-J<35&TyWufmjAm+-D~J;5T~q*c|=f1ZYwv#aH@1Dv9boNO2WE| zRbUHG)pTj(EL1wxyTp@~9aMXD)F(AJ-Z|4+MN)^t`R9qjqO0JfC*Uh?=lBz>pWuuJ zC}?q7?i|PFms>0wlUWj98R$Zo7%*nb+-1AdgQ+}Ww5?ESLVXPqg5E0+rc9^5r(yi1mRCWfgp z^$C(|%kg)l&7(GM@6}_=Nfgrfai)kerPpyMmX64FLBUkS5pui|IdWtALWC8{J)6{ zh&*r@thn%AN@V)fV0-vbU-nCIs(4P0%^H5FlVc_tgJjho&wS)BA>Fj|^eCw66ah^A zI8r!!;=a_0a|aWryT7>Ej@)2lJ-4AScX|2K}$N~u~)?1fl5coZE+52`I9tn5>%E@duyGZ1fph!lT2suwkd@MPoV z@mpC>!$Dd@yNHu#@_V_DW?iplc9HeBW%6e=rj1TK%a=^;bVya3QNakOR)@^AmQPYQ<)hqFx)nkIcBi3`I@ zn0H_Ecd5gvmShOrVZBCeD9;m(r!LC4>?+Ec8_^Xe1CW2mE47J`Z_Ce2e*a|j5^T)T zB6G&&od$fu+D9>UG6LZ;1moleqo%)@YjyegWh_i$T4ntEjania&i_0hx0mt=w&TDy zM7iO=p}zOgqxb@I^tnu;qv{aZ{d?bHMZ_B6ok}AOq(%N7La~!2;xvBg%hg;-a0clA z`#%8wKmori<$v1W?Eh;irv4{$1T)6Fa&tH8$Spk~VW@Vv1V+Jm7*F7vbP7&PMa(y- zLHW8%tM%{07~Uv5ggG{VCjRg6u)O{^_kZgtivMG2l3nsABu=n!PtJ4?g7JF+kx;-e zt^29r{LBdxi0>$3UJfu<@ks4bAI34=yFcic^sK!u7-mk2T~W+FTse+c3^FuM!|rsX z>dSRda(*n84`dyNH<0<0z59b3#GnJuFTEuGRHfDauXHFY%Kv$ARPz5hJ3iRt|5!^g z`9Gz-r4yK-06;$>ls2z^tv%*TS6gj}c~f(}r__g@WC`2r>~ht;Ck>U)GwU-Tl;yE^ zm)@WxLJUz4lfBG(9&he{*HXk@_40G9{rw9`?xjV3 z)fQ!LE{+S^f%ccrHJt(W*>+wx(isx;d$mK0n@hbt@Jes*QIg;QiEE%V^15){4LwPamhQqhad0yeyvZ+pFq zF;JVj1d@4fN;^Usx+izCO_k#&6v!)V>!(G2<37*SFrqbRK-nBnRVv@t%#rLoP}iY_ zS=f3K<~U|#lR%2Orwj0Tp9^o>%;Ykf<(QaOzU!zp?EG|mGz+F`?HH4iZ&TVQ0a7_J z)hw5_1mDy&ITia^K*=DfIRWI~Im4KsID|d|{r}bn{ZIW?v(4<%3&c<|ro8#~`2W08>Cwwbi7fS95NS?N+O`NUe>cv{-X0BeBdP%!JnWC&<53 z^+HT_%+2k>ZfSlZRRupJWNM^?UllGgl3@^Xh}RUh!P#nz1JGhtP<67}XJO}U~}2vuA=yRJkkr+@YRcm4dQ zZX4#sXsFNoGWnbs7|TGZ->jvmnE=<) z;mb!qDu#t{-6Z%w*NTV z-|&BHDcU9=5iZAKj8#^dG|7YQXY-)V-YbAS7ckbl-zF#~6f=^{`k>F?Z6EaGGz>3E zi2aQ364(tv-|)Q1zXN~#Q6Xc;gfcB)?;78#=jubXmkx~z4Bmo2{^-kgFEexst{*v; zYqybWzy4#A%;^N&bpO9^=l?$3KRDaif3Bqz*T1xrUvT~F&xOf3Evg`MbA4s3Z*Zra zOZmJbjrGMokyoC3vkzYQq*k=R#EWBoEDdCT(0AGypVAVl&GqI?m);Q==#FZKI>eicFYKBWxL zX9U);{~sRg@0aX?HnuXfC~;xsJm$!T2m zWF1V9h+#(eC`%wix3fJBu1!DXlTS28zVdlc-~_&z8N)$#fu`S!Lq#_^G<|imkNWSB z^q}u&U#BrY*sj!PKmsuwUPWxxSF0tMF(YCUd`COYi0HxZL5;WJ7`~}efBr{^J&@!MN4I;Q zg87{PTIhd{j!XVO`-hwSKWiz{65`Djc;0HS$|r;uM6~ctKQ|2K?{a-c_Cp#^7v2>t zcGZ^>s`^s?kWSrMgpa(E6%b-$_S?18um1#5k|sW)d!KwXXY_|={mf7jV!yy3i_T+%5*_**nrUlJa>WuH-ELP|o8@exK~<3lN8fQu z^Rsr8d=wOXqDUa@*5)TvN!wmA7FlzJ_IcyCh;{wejLuZTI8JXu?B~_x=bkxoWy1(n zDNgV`Wati+boq}`>DGGx7sloD#eitM|Fiu+4iAnGHu|5n6tOn}0Khvn)W8^My%|;S zMR{d|{Tq-Z_wEuIur=^kygJQZ-o|Nxg%lc&3^-@{1bjNw++iJ1W!mJ&spKbaG%@aq`ZckYTa z*)G4y85M&YnPN(Dbju%e_@X100h~VZ_2(uE=vTWP9h1xh+dwkK&bDOE*7G>#OStgH zt3CHM8)AN;pBMAoy_Pk=UsUGAd=&a%Q273L@K1sx(BAYXgU^u*qjR;6M8XC#5QXzvq@<16|1^5g#;AKCGr5BEb#d7yn3*xEWAAacA&&-Y3 z{Z5}9Tsq$YPvHGj*iPG(b2!cfdt};_h&MF7$)Bqq`FDl4WvdiXCqXa}frZ5j{VRu2d|zdp(qyud zIq->zC~RdoVj?=J9+qmIRP}_VYo4GL%up8fx?--{6VkNhub9KGX_?Q;%Go2oB#Ep( zjoIu4PQa7wPenFaSw9?t-wJW3r7xi#r7T>xoHCw%{!${7#a7i*FG0ViI6;9jnd0Ld z5e6t?{lfQVY||{-wL2vAf@Y@pvz{&6#a#Y#wFB>6Z3K`(s+@^9}+Uf|4V}D=Que7%vJ|wY2l^&BVr;j z@x8*h-JQBd8-}54buZ;;P#C%0Gio;(ueDQ#MTG1aP~?!?`y52cj^x7Lv({M?Mw4iUsGwx|MOjz?-4)Cy$qA6gB;Mn{~w*5+VR$rw5|1_ny z;uEc#xroI14)h8Ef1w@_42jm4Kp<;~x2cS@4{q^2ia<sT7wcDW60;L0v5({oV$w+;l z?n&rCty5!JSp6~rB7Xk_QU_s*i(^jG8%@_c-DYcFBvCfFitlK?4K%Y9ar~3D=#jPL z^W~OlW{a!&32*6>4#(tVH|zP4}lYSc{tWadM$O7sNSqz(CxYjUWIMdV0o>+ zb}z&7HAH^?x8(ouXGMusW!7!X$>rWR^tZq#86ylK{cQ{^B>2s)drH^_dO|SN;IrY2yO|>kuT@#kw(?}Uq#yY ztTf*LpPt$I-}etT_MdAhTR;W>R(aS(g7G&pSm>2MK~vQ0?OKU^ha!#EWrC+LnGM0{ z$q#85@})BpFW#~VN~rmK_sLZ$lHjPf3*LQy{(KH#{4)(g0iGWv4d{{tbPgz&B+w8t zU6rWv+`O?-ugCcIHH?b@vd4Lk`~)!@R~^Yo)bL@5fMMTgK}3mF_2p-Vk_d+2B4Q{R zi=4?L{CW4uyF41cF+o zXDFdNGL|BnB;*0W2ndVHeLKjX{)ECQxYiDms;WX-{Ca_?pJ0LZ9PRdg2gBV( z3&?;Boqy(~_|RFUQ@g$2a}!lDraD`5SL%-f?6Z-iF8I&?_`mY;fByUb0fV=Z49N#b z6wbC~jnQv^jMS&+Svpam5)w0onF$}{S z=-=r*!HW}egVefg>cEH!7m!ig4onz}RR{EP7R?Dadhjqok=T8t5GvAC%k1;|vNS~Z zC~WG0ic5W|qr5D!17O5_y8}A>cNSHqsvEju;|QpVEykc@2S!U3_qXRKYFbQ-E`3NlB zfg<2`129hq)EF0fu#^s1fLAt!#t?^Tg03eCq7xDZOY1-haGNg7(E*zJKB9E_9Vh{A z*MZ*d?ryK=-U)`i-e@$M!D-klbVhoF-J=LmD(wgz3vdVy_N7gmIk&T?#R)S6C*r9+ z3i`R-xgj`EcCGkJB5~LQfXl5cjXR@o;>6&v0)x~2N;-^2BQ=UImDPbUZj!+r=23eD z7!h?`FxdJhi$fWVGs`(brYOtk*0%!o%nig~w1(K)HW z=CBf*)BPIyTa(h6G3=5R-r!u~U1!b1o9fq-t{iRMy2X5q1|LmUnAha{VK*%^3QO@xU8z~ z?KmiflDPO2th-PhzrWb&aSSNKVJM-9)WIU;ln{4`_C{b6G_ApFho1yKq)6bTG)40% zg$xx?Q3q7i0R3)ge->2!7;Vp?1~POvHCmscyV`=Kz$;w;qcw#y0n5c24NgRw(uKTccCoZ0^!qFWqqCC1GBt$TB>KCg}t_Qj($`eA_8ySAj_0fDN*8^P?Xcjkx6dJcLwQHd-jpxBP6N1F2_`F##tqVb4j#&}WrB8io&W zMgfC&B9e@c0u=dZy9#BPG9qlPiw0xY*#{~N5vY=8I_m|Z= z*2;-d3$z2uz5o7ScXz?{+ZS(#;9?plM8x#YBw-46cb^q?v8ER9`X58^{`$E)CKu4r zwvPAr_os#6T7Uf!3pJ@^zl^E}R>hP3*Sw~|pUBF){G{*YROV01$LmmrKw}- z7EX#GI2Ti~2Y?ZfR%z~jzzJpYO&)L-XbTsud(uAgQ9u~YoElUP!v0}j;i2}RA^7mI z2h1g|p4cmB2>L?LSu;!XKGjZ)AvoH1YN@V}pC*{ifLfayjntAgQpS>7scvd9Bc#>p zp$Z!$RWnW>2JI*}kDy@B?ONJZpy!qDI9G>WA*v4Th@N-({^CUydh;AK0-i%8OwuUA z(Jg=!B!sZ-mgv2IeSY;fH+pk%8_nww#;hclJ z3iN(VNE$y*^i*siKDa;N5YZWBX!>XdS9tYaCiotQ=oY=?hnbEK`WVoQHD!R*PPoQSou0XXdaee*P#1w~%5720;P6Ii&to zq8B72ehlcvq|u~!nGBUnC)|LZH+G(7CVF4&P&3ebF8nCU>ccO&ayfc5jpGmrUy;y3 z$1gnhJUXL3t9EW!J$mgFFAklH)tg}tfGx0VxEBIlLx>T21r)-AQSs4pLq<1%}|{^snNVV7-T+zrQau8$xf9G0#I0MKFKNnb!Q%oKZBMIk__fP8ENY z>plR;nH2MB@pRML8ku76om93cI!i^Av0v)SFbI@(h8Mnx4l@PME;xVnN{_-N399MO zccE&^$0XcTfi9--7SUSO#_tt= zRo(O!bqb1BzE6$Xhr-gA3Cpd8U2T_MwXQF0Fy%(fEaCO;2lb7-%fUDrVemHZ$^4C6 z=U^O-80p3rY2-2uL!jX-sA!g1*@ezllSipV8N5}0#YXbWP7D1uWY8Xj%$0L;Fl;GZdF02+vTy$k*vhLixPzZ93`luSjeAnEGO z2nng6NJ^31p;AVskYQh?`IqTMsn`2~Bsy@|4*2j6MdThb^l>m@ET+Rf;T-HG>hTQ` zX)5=oBuGO<_ogs{w99{f4(uluhDynwA*z1sTFDLcKMwf6*>}oRR3TCT{e(~|&O|=TgVHD$4iy=8Vf3H>@qb5P zil8?7$gThYroy8@$0iC?{eS;I)%CNwJMwJJr#Qe7We5g2l(8v)e=jvWjo>$8`}w+RfS zV}!Sopb4h`zd6a5*+x_R&;2ti{^!Bb*~#g~|9>52E00Uk;o__ElFR9YuNlUc_gwAo zxZ2%kSr6M@X$d^CCDBL^OO>I$%5||ksgzH-ppCxn^z}ec0I3M=O%00Vi!(o$b~(TB zu>q3?pRNp(pGX+c90|!tVQZ-BG0_p_73^BQaoI^%2z0!z4BxA#0*lf6iiHjMRXc42_S z%|I!9CXfOM;slNHXTIH!v|#RK!n!(PViH`%$RBkyqH1k3)rFJnWGdCwGO865sn27j zllOAXg@bYHbRSm5KdK7?#XjbAs6nE@vvs=dZ^f`FjGB-TYLY7yBA=0@@op>QOnwI= z@#QF^glt$UxC9Lt5el$2l!#^E$3-Y{g_zxSNP!8s2?@#q92s-MMxr2CxRH36AkF~r zuFJs%5-3T88l?pijLixYb16u0pg9W7JYv%>ULsj|26GR?NZVmVO-YfAtf? zNciKx_@Up2c#Qm+AEJ+g?9WU$nvferKMv&oGex8}0RK41ebsVRsCi*2bfSg(SXB>2 z_dg_L`f;HC(9g&CGYVct_a6uPFXIbQ+xYzoQzoAAKMXabgUQ#khI6-t8C1mz$9k0W zCvv7~{y3j-`R!nFbcaUDfpP<~l$(*Ium=w1Pvf;%!=;ZH(}2XC!`2qKh%htG^!DfQ zN={*SOYM*5l^o2~r!_W-S94-7dR7ZqJQCZ;Gw^~SdC$Q4g^^mN zBmVIY7-jpUcp!BCBe_M22i9fCh~qYrSSKmp&c}SaFE9quA%ek#p}^x`h<bc%HXWO|&m=`Cl;;OKPJ*{y#i8*)PlgoBYpf zDO=z?xuwe!{cD+WOD!Nb|7*imdX-E^+fraos*RIY!Gd&RRrng!bQ89Wdqqp0qKsBJ zU_X2;9I!CC9nftLT#Tj7iFC=^(SnE$sly9r*G6#Y)9cPhj%xh$y@}L;kM`Lyz#V zkZx@^d$Bo=A8~P?|G9=?8ErJ>|2aKAvd;gLS9;nhjJ}}*Zws9B+0Vzxc&hqoA9(8Vf&1}c8LS)=2Vnij>W@zM z{x5Z|%W9)x|35oDI<)1#lhe)p?^?3F;=E>;Y=DLNjtfI zzoawfbh$&bJ!v)7r4&&0GPA?Kq1ih$cA>fmRqtVf#r>#|NE;jLf~ptUQNJ4W@TSpU z1yyq+%o6a0P`$JFg+^41RINp|1biV>(dQUO!CR5yNrXUaxF9d0I^ryb=+iI86}bQj z1~3RRFQqgL1&M_L0pEeQEkjH3wuq{9N2!@Ri_O&n_-x|NM^zJ6d7>_5uF57lPtsE#oTgStI#vALRo?>tYdQI&s)?9Vo;i%b9k zRp#BEqg0>@WBfBpXo(LhqgqQ<3)L#9ZBgw#;|wQGNHj$e%f^P9>0(AGx*ui!RMdwN zf5F*~AQj=`nY5hgJp(t0Js=cGi)S_63`Zu)C7C^CEwZQ0OT>MrBP%VyT#5!`90e4> zXy)~vfswhOM)Ka*IuAIiYyw91Y8we3GDh?&Qt>dUNRN51vhxSRcdhqKdV~5bg?aKo zm>3d#6y&k)gcIo)qkxk^VCiUEX5|#ux}1s%6?N&4$HLL=0m`6zK8XbX4;2Y>3Iabt z0!@-KiUTCg{V|m}Jy)qr;FI9nQ6!+~zNjvE`R3J=v^lg#A$o!;6lcY^OqKxAypVy#jo;bD;1xkEE& z7mjTl%~e>&Up6i4)U>NA*o^{liBViXW_Sr3xf2@!z2%k>%Z`g7m?8!P$e`!MFW**& z;QnBZHzt+(A7!Dpj5ZqdKgaxCN&kPe(f_QY2>lP>gZ=oFK&1 z7((jdf?T$bpomfJI&8}vy=M+#Zw;c}w<$#N$@FarQoKj@-D|cpc9L#JnRH_a52KFq z#cp9!s*+9`1fwbeWYv;DCI7GdYnIVQll||>N!kAAaDT)9ucJu*pAYtziV?i#LIi4x$Q<~+cs~lx?D9{QLIY)pnaA1qGiU!Y)0OgmYS(CO{!?7 zeDx~0hmmS%l%)vO-M)H${_3SL%jHk{M${8iYy7j;8u#0(lVxjy@y zkL<%3D*a&R_{QzZ(*21<2eOmP8i8W;y~htXt~I4nWYK02Hxg z#<^x__~O-ARdDuK_ihFJZ&$Wg`^SGj%X+OD|lo7oXm~dG+^C@7})U?H`Pk zQLRY-HgczH7y*)ik(mg>Q1^1ke2wiC)>zxFWh;Dvo^g)c?1RosVW2G%CP<|BM;zfF zIi5ehd;9)UVEiM;_?k%F_E=ZvSm-4glK>1}VyQ?smalqkWW%&5Q6fic?lpF6U`nj*5_EwwM0?BNk3KW#z>!|C>?47H^|L z{y#ZBD(U~vjyCo`Ybjgcl^*LaF8_l9M{T+V^O7k9vS*8jnxCsQnFqBH_?Hx-ey$?$ z&lY$k{WB{KLsYgx$Ge}}RvUR!^NY%k5y-cwI6+s8#H;IpZlIQE3-y3dcEw=AzSS z?7?WSJO&*4(uSa73>b@lLNGuHZMzpWrLZu^z<`b;&T7ciVIYP$p`H7-(x4W3 zhavyd{!DmW?D7BE-{ljpjJ1(O<4+?JyXC(u`14ZQsF(i^j!%xxZ29l-Y$N}zrEGyq zG1iYp__K>!7?h&pq4Wr?oS4ReF=xva8!Ay)2EZHWphm>5}1 zwhLGl+>BansksR+BbEtiqB~2IlGRL7dwGcOQG{p%xgI~2IBBxJh`zOiPy;)sQi5QB z8_D!_P$}=rQpjXbNyH7eGyXe}`5LIC`?8#=WKv0{(r{+kDIfz3SDqD9NxK5I>WRt= z07wD?nHE4wpGzQA6_rf=k%df!5G{*IiTnfg&Z!cpDcK2zK!s9_kIx?S<2`dUY7}Iv zqLNe5RzObtLpx}EDydWzbY`t9POG`vltxt;-OH4lUA19VR5JBd7Bcl`oP$agYO*$E z-ZQS7x~*|;RZ)p@=}+VghT#ho!r2w_Nfc1Wifg2j>s`@Ua16un2KskOYNMV&oOQjekm;_e^&`YC|WsTT{P({3y#bR;A6>2O%pB7YN z62}6WmPn;}iDaSWqLNi*Q8Lw1X$*0gCg^&SAUYvouv{w5OQaH3f0VBQN_7^aQ!SNf z>idY&M@FR*Rt_qa>KIfSWTG%<2(>ITO(_E~e1O7j9vo~JskFk&5|t9`+qo%`9V*@x zXqwwM2vx8_;fjN{z2i`~7!w3THu+b_i;M$xlVLl@iI<1!rS1Gi4YKCNaV`$QfsHLF zo(#?!#a+=^#oiK}mFyK!s+6fdx(^ZaTVFzbGvreHMt5S(bthP!lFk_U;A^MwS8<2v zzW+0Gye{5Gll|xZ$*Fb!ce=m7iT}TrvIXAhv3?v^fQvYRiqd?G*YWPI_Bw7wKA#JG zEbz@1u#3J$7tiY85vn*HP6`f^8M~UluDiu5Am}CN*A!7k=R(l!43mM>NLu$I>TM;C zZUj9)P9?DR;Wuj06963yf8o6o$qEFgXiAb<2Lv1NQ}9Zf61##sXh{w*#8b>@%^a+C zt#l))U>Z)9g$qLQvSt#x5Yz+g7~&cP>(Dbs*o9#A09PQW=-mmyTKtR=b|P3gz}o8+ z`V*zeWE02$mKl_d=qtjJE^BwB{LLJmXnC}_Tf{(u;t={Mkg>IMPc{vCRO-@5#BkG7 zQ+TUAeVV8PQ zxTy#c47eyNtVeJ7p^1IQ@l}!WW?TsI1?o7-VUk1;2;HMd-2Mb+&l{YDZL=+50ew?aU<#GT=+alW8K0kclp>Y?y{9Qg+rNSW}{%=R; zkoCz{JMalo3ho`JLtu+ka@2?5;74r9#d0RQf$UE!z?|&A#$Sgxvnd^mTmG}%v=@^C z8|*(1kB{v5KWB&g8~e|-lr3ejH+;Rempo0ym1=1hloV2wIzcuF&AKi@m2i z6%i(7FzXyIkCBOJ8I z?y(l3MY~uXIT}tafDjS0D$B5Et)ztroblypA<;01QKp5gvIJr{Y2l34BIU$lnDEZD zXh{V(0%f_fqT&KMC2gc&7?Ov}1mEKj-J+M&hanVu_QJGiM~ce!OKOzLnsZUZMT=Mi zw~YlCpBJ*UBZ+}V)fzFXtZI!IQHxeViw@g`#v&(1dB4zg7N&-a7CwyO4GuBGmWFsq zXKFiI6tJkEMWN2hY2m>jDA1yiI%OVObf<*C!Kt_|)mn%ijkE}oJgCAlXfX#V1PaZx z5Y-kThKm*y`97J(mkAl;LcoOOtdVxqu#j+TyRAwKu99Y27-ssVR4LtQF%Kam1}??A ztDYk)?dZsjYr9e7Ey?(O%zgA-{aBeYB6GZUY9v5PbM(J>|37Wej%y>Xo=sCIigX&HWk>;sN-g@?EByoi z#>|2Gu?2z!tKu32em2r`)5B6fvBR}ou$6E(}Pj5BLW1zjYy&|J}?D7q-fjO zsQLf`-u23CUfG>OOahstS6s8`#9cc5jt8E@2u$ET0@E~PI1Z5jh7qlA98F_3Yv{2u z$Kb*qN25U^wkANP(1lap9~t0Ee(~goGz{OsDcXH{E91nVEL;o>{e1X@S^x^wg@!UleMpo?F$#uAEmZuAm(K-J)LRpz6ipSD?T! z<^PDVTK9`@8!~)h=48~l--W@6^xG5m+kv0Wn{Wo z`wE6q=k7?h=$2$@MHPN93c#2UrhJ8E`})Bm?JF3a`d`oC2;4MZqo%vTZ$$Fy8mOKP z!SCWc*aE+x&?lUOBjD=!`74=+{(1tVJ1`^C?-xgu!7${U(tqbi(R0r9c$~ojfBf;x z>j6bhkwYG+zU3{vAbvVUk>oYRv%(W~zrop34p%#pj!7B?05afto&xlJdJ7U1lY~j; z;9@LM#JnQ7NpEuomqXeCvEbBzuqT2Mz?7y)gUoOB9o$()E#0x-6*zsRB`5)F*w!mdR>T_!T+w8GbmjjFD z_Fs`--h7t~t+Nq_q!Z+N&Gv${kT)PU-fgQ!JmVPLobN$P1q)0;VG#ky#rFPE%@H~kX@MtdNaio$Uf-nBdrvcL7K&)0+<03*|cj<3)0o8YaP566s(oJ z!-`2DdTY)MqWazr;|{d&KExzw&4sO#796Jlz%f(aPn;~~TtRxOtb!IL3)II&i`?oq zn;9(#vMgGZS&{k9kx>PMGjh{{_pr!fEaKLJvto&~D6t}Qo~a`@hf}jg3M|GV#OP=PQr?+O8xVe?$;Yqd zenspfd^uJk%3HMoEyE7RfmnfPypCqbJmcC#Qf! z+-c{b&4`FlkH^?|H&K7FWGvBkW;2GWw!vh^s;SLoo`LHLp-AxOa(+ywBm$#5G^3-8 zn}7P$!0hQ$PAS8{lh@q=I2w~=Dz|LjYh^n^cK}6*v$kSZY2w`BNEqXpo05n1;P9M#_lkY&Sz@2!8v+a1=7hW94^u zkw`(4=1Of~ikeN3mq6l_@^vokk!{7(!bEn`DDOl5>0*Q7pzESU{nEE#f4)+6|7-5X zi?-2V|8;bDR`UNoJloiRt)*<`I{l8fzpbxy7xU9Dx7+Dzw(EWCvaV4ZWH55`Pvi?r z=8T%{FE?Bs1=%R-11N$`S|x*?H5YlGV;BW*b96gMfI8cB!LvXD1OpfZ`UD)OVJOgr zRK*zBw)!OA)+4Hp(bpuX3Qg6;XFNZb1;ByGsCR>MLwzhX6;sIgso&o}J3H%dx1%U# zXj-^_Zt#aFI{I6#5YnB1;~>GRC@G3;iw(Vi=-uTz!lHAOgHk>(?Qv|4sFBHdQA8_~ zBDX-a7|-Tsj2GQq`e0ta7Hs%F4l+xuZLeB3ak7k481LSbu%2_ww}1XD z-uWHp|7uDV z|Cfo$OK78k|2sH6JG1ToPB-!Y*HgB@3o+6in7`%4=V{N%EiWKX!&#!$M)o-}&oNSj z)v8%R*F}Qe7|lvpz1}l0lB;=?MR$x7#Mlf>Q<@b)~P_V`MLj(r1q55PTmJ|4yygrJRCQ z`@f-bUAT>={r~9n#FqaLjyC)MTFO?gI&5ql?;y)c8AKCdI4$n6H-+Iaxc=!GJ^G@7f zCGWT7L=SbFZhJm$U5OtWxIw;FNgCkPcI|f zv=2KF9tr59%rCrv-<(rIfb?LDm2Ka05zgR_q)eHIHN9T)|9lS zutIsR;@*c-p=~JbYzyzhBMn*7vVO;%17S}DH!u-iLV}3*L}u*YVNr zlXu^rKW~WGqN~&dAmP{!djMohq5j@v$-q_|X}N+qsizBFB+P%CyV>$i6D4I;sG#2_Qhg81LTl zUwL+>#%W?LyBsm~VpoYR`Mtohh9D*Z?Lut6VJ(HM(^=k`8XEq2E*?z%KlNdVo}+}} zG4>%_lJ{q${m03E$^QG~@Mxp|UrX5nSA5igG3<}OB-rx=TYLuBn-)e=z4_X7_o)%mB`qJBwI2Sml$Rwq$KIP}__w`jwD7qodh#ca*_GqST!EF9sm4iYHhz zl(KAg;8DLQ!G)g8K7HhBAU%+f@o|Jx_atyEDv7msN78Xh?wqbmV*J(yE z<%PUDXfj3@F)Z}-!5Rt5&s1@v*=d9-_Mn&-Ewcs zseZcj$jauk%rW|9g8hksma}IaOayCsG$E8#%)yeZYWB#utE=l#g`Z>A;tm*)SoQ`- z;K%nDASQ7d3MqA*kSTbLgCIl?FhL+eDxwwLuImww;k1elwn|`*9yxS8H7&L;4Lzzz zNVuXg5cz3SYL4n2BDQdY8DTfupx5Km-ttM8E)Aj)v0 zC*Equ$ZV^7*V^{z7BchzXBkGT?2&G3zJcnP-p6(JnK@#XlfI|k!eS>kv4}}v+f_I) zY-K~yCQDC6?=9V48_jHK{?zDa@#ozq@1!Pl;r;(FW)cQ z2dv5e|KQA)|BsGOHu)dcQndX4rq>VL%nnujD@bZh$pBKFvstHnqS#1*6d1!V$LD?28QniVO>Iu*ay>edFhA=@+ zPUzZBfm(}S0khjUt?ht||^J<3V`qWmZTs zNUHz(l9Lm2K(~z~5qb8)(hTdy`4lH-nd#XxvkzYB)YUNwzEjt8w}=54$0!PrWTJ$n z7#JNN3y1zuIf%80q0QMx&0>-VkPyN`M5&b*8TvkdsC(9e0sHat{iuOk`tkC;VuTs=R3^%A_l*fW$P^3wT9g2w8j=pF|cdOn%%aZsRt(C>bwwQF5! zJyL$?&sGZj-x6a!nWZuQ(|(EnJ3QOO|65Dh0$1(hKh0;bzN1Xf~Ts_h%1T$Nm)MsH*IYbx%zo~M+Nscy}67f^|TuzV*IEz| z%kiOpZ(@N&)pj<4a(`>E3d}3j>7YcVVK0xjROekGbxxAn5bKBv!D=|KsGqj{kIWba=So z|JG5qKsMU*>i#-xNJEZ?E_+Fe<>zG z%?;49smk%F=m?H~fKwdKE=h>}#)&sqM+%k*h1LdFIJynd6@&iW4!9I1Aum!Gst0P? zW>22+^w39=zEKc%Qn-t(k{d{3TX-;Rj8_Z z+6|SZmv%(*KIA_tmSCk}hHaJ66y2pz_1e5-T4d*6sI&~MtH>vV>gsS?^90mY-^yUR za!AxUi{tij7UJ|K#B}n8uy+Usv-2QG5T%HgLor-j4#C0Mp?7fV9qxOFM@MbHFCJq< zU>sxSdu%%D^X*kR{ABYhe|xa+9qw}+_PwKH6&awg=?t^I!1Y#cNgABqnR3m4af=!P zv30mE5P-g6lcXR??$ytKSQiTA;cyR$t0C(uBKw#mYzY3kZ$KlA_#_;H31hJZ?o!qM z>;6|P!vVDqO7Obmzc(a6ymM>v|3BS7EcyQ*oSkgszjc%?phtTn{#gRpM*Q1|e;e^{ zBmQl~zegbcbyy?IknUC|qP1BgOO(J`bmThWBkMQp!i%nvtUpXP2V%7kt3zf7ydpjf zE0;=5M}(x{eaK{lk6xsB8h1zRHPUU@;;@CJPz;8MKF5TjKu2$gNKoO2`3MACj+~Hn zTFbTaGBaZp!4l-y$0dq77sF6d#6uqZ zs1hrcWoy-?Zss((v$mKyZB9Swrs+hkkU5wL-_j6Acjipm0XH)pC{wD4Qi^P!!-Ys> z;nbiVtNpfX4kKr2%U?-!GL!#Dc>0ypiRJ#RoWHUNCRou$yS!NGq<@Wzy4MDkYa6qq z2INWvbLwVqW^0^vod}le=v04d?{S(4HnPW}G|`H;KB93+x4|1C+^_?=P8P*8g#-FPLkIDgeNn(jN3FIqYgY(gmOMz9u}ejRdlWJBKg4xkf~ zh5=uBPoKhjf&&yheYykENQ4o1`tNICbB{GR|zh z1S>?+P}~@%YEOHeQpPDrB9KM_N;1xkS407TH{`zYlD;Lus=`tX=r+LAj!U5eYQU6{ zT^0YMIxt0(Po%ssTthlDr7~{xsmy9=r^;vGdO|1?o0}Xp^V*Y(sxS<})2FI0PoH|d zXQp7w>+Jv>jY%?nTYpsV0ydpUVqRs-^YPr z2)X@@-i$f!e^frOb>08$pB(KU+4nzZrYbn|N4^YGY2(v$#+v{V?1LeNs&>1Of zDYtk=D66&lD~mFE-UkXR?i4zUxTP=?g~aDAZV2koD{1f-PhC}|hldp-SBsuLuB*|j zAKVMy_AA z*pB%(DsNkMkKgACa+!}iWke((Dt>xR?ocGCNs%Cv-Ym7WV6ANGiQH;puowa8a~xtH zvv4N9#}b5?l3Y@Vg(@Z(=%97m;098m?P3!!(oek)g`jp^_zkXN{M1``6pEti zG>2etv{?@pwCgjeVY3C@04?PbS(R4Qkdk>uh-Db<)ls9_?5=>_;ud(i)LOe_5ULab z3rzJ|YSc;ZW$e~XjZE)gu9Ge(JAl?vqtU{!fZZ}|=TvF6Qrv2eg*L%jYIMoO_C={- zYgOhYNi8)RZ37F~bxeX@S88m&atOwmqHmT8>t^r*#UYtZQN(t@^MpkIMs9Y%zmc2m zhW$Z`lr4MxWzG(*DOrlWcN=Q7+9$r~int^Jc-3Jus|4DH8g2H8^;3hB;C!B3k~KhE zQKLrrl4I9V6K^OvViLTS2_@Z4u}C)c#~&jw5U1?6q{ep?w83q;)R+*;-XO-`Rs)(- zbzMOfvq_T(1_VisHn=U98j|-^#D9gOJIAz~iy9TAaI{yVh^9sx+?Gp?1W^VPR_ozE zr$JZ+J&G*~Qk;hmaF!bcYHAc}db-*Uc!TayvIE{mKR_I&NjvkL)+$&f zUy-krCfr(=R@7i9nW}`6KPJ#emngv`&;dpA{&g`&t(X+`O^HczaJavnQ=<)T%cTaV z|9OZZtqHEv`G#%5V$KZ!8<1-av?Db<99LntVnfnWdtzb<@neKz5g&u&Nf#kaXKLtm z+L+FE<#Xew3=^5294$_j`KjT3;D2V?u=UT44`OnBl(Qp4YqSV$T2Uj2Xk!$!`KVE` zm*x$MeN!1R{(uvj`KsxCmUMV>pzN28I@fv}_%U@F% z?tqt{F=d_nH@Z{fuHw4MqQ-yz$N$}v-Cq|u?$B)HVJTdAXO!6*O?qr zFn@&P5Qr^Gkj~^lSA~hslBX97Ay!?#(lp(%PUilLgq#@F=B=aZEHPo3J z`QM#+^Cfc}MQW7r8hLX7Z6(E~5yMmTJcN|KsgRMDEXCR_igTsk-!>p9DYgY}%cTZI zewxUTXCj%Bn;MJUxSB+@}uS$oxq)Ni1psQ zYZ2EgrHso!Wb!6sIaj+n&~~TBjQY&Fz4&6(aNsg`S%ey%se@Z8Z{A85IEsXEtqzhP zaGIMA3g{x#Fd5S?Kn=-$E|VOss9~h&uEFjL*)$b$qc2!mQ3FSqJ#V1M7o$c2xdkaw zh|k;WJp-dm*OHl`i|akeun)sS?}87xtjDq0&lK)mHr@O?NLn;Q=RWiI@nJblR%ly#j3Ge>m7fqa6w7GGoB+*?!=kfA;eO zou^%A*L@`6r}3NoX9=OU{G)JQURtViK`8_l;V~s30`z%ZccD zzsJwwhU%mlU{`o&4Wy_Vsx(JumnpbQ?ku;Xf>7SO5)moe0_T2Hwpt*S(vzeq5FDv= z&7cfZu-OSq(no)0#w`0GZ}Z>qrc~xDgKCUqNWpgZjh-np52?mD44q`m%heW@%Vo19 zYm-axqqDdkcXWfgttaAj@-^6Px0~&)Jlm}PU&DAai;QdW-;zzN$A3$9OZ>N+q98ib%V*_I|Pdo6C|y!hN!HIR#YAr<)w07 zwV1H|T>hd*nYv=jhRWHm75R}A=otxX)@)f3^_Jb+Z46?6e>p|v7Is(ry{&(O3}ZWP z7!FZ^t!(tr+=k&0<)!io*03y5iRp0;m0e#9hbS+Vo2F#1!TWtT@gkUh>YYXdRLA!KJ29+=@l6rVN$?i)7d}h1B)Vmi&C&< z8p)s36tK^zc8&7er5BB7jTrJE)@nAxWsTTUJTTJ1<6=0x#jkG%F3Q=tUjg>JQm*s`|F=l@U|53)KLN&<1dx;Kke8VbcL_eu z<)vi7NSf=UmTNPc8aC)~b&It(Qpp}sUL)ApPnFQ7JWL0}O`eyr0*_T$VsiL+Dqu5g zmUULGmLD+{5W5gUK-h%1XKhVX6&UTl0>6o!(W2^@s#Wx;T6BcZ9|^obT(-ll2flO$ zIM7NpNEh|`v`YE*TC2qG=lX!8UYiV^uhp(Em~BwitJYogsT8l;i~w7S-25$bX_FtH z=F6Lb9Fl(b#1jHpzm1Z6J7L<#vr-qG|8FQS4JV)jm!}fvutlHj{|lzLA}XBTFgV@! zLkjrEp?^f~5)N8b6Xm4?(Z4)LhLtnnS*?a_UAPqhv{hi9_c=9!hOMpmZ^pHsFDBr> zP5jP`|GTXJ+$7zD(6yiGm`_4@{(vq7yM@5E08AFf(oRQS3OVaf%LWm$ehil2Vf`7{ zAnrAgU-KthgJ@RIwu^0TH;GpbVpRPAmLO97DbyhHbdH{##FoBlo|MyQuaQ^m4s@9d egYkw~Si>bPX-P{8O#cM{0RR6V`g@%K00#h5=Mz-` literal 0 HcmV?d00001 diff --git a/community/qbittorrent/1.0.0/ci/basic-values.yaml b/community/qbittorrent/1.0.0/ci/basic-values.yaml new file mode 100644 index 0000000000..abb2549d2e --- /dev/null +++ b/community/qbittorrent/1.0.0/ci/basic-values.yaml @@ -0,0 +1,17 @@ +qbitNetwork: + webPort: 31000 + btPort: 32444 + +qbitRunAs: + user: 1000 + group: 1000 + +qbitStorage: + downloads: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/downloads + datasetName: "" + config: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/config + datasetName: "" diff --git a/community/qbittorrent/1.0.0/ci/extra-env-values.yaml b/community/qbittorrent/1.0.0/ci/extra-env-values.yaml new file mode 100644 index 0000000000..aafc675a72 --- /dev/null +++ b/community/qbittorrent/1.0.0/ci/extra-env-values.yaml @@ -0,0 +1,20 @@ +qbitConfig: + additionalEnvs: + - name: "TESTVAR" + value: "SOMEVALUE" + - name: "TESTVAR2" + value: "SOMEVALUE2" + +qbitNetwork: + webPort: 31000 + btPort: 32444 + +qbitStorage: + downloads: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/downloads + datasetName: "" + config: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/config + datasetName: "" diff --git a/community/qbittorrent/1.0.0/ci/hostNet-values.yaml b/community/qbittorrent/1.0.0/ci/hostNet-values.yaml new file mode 100644 index 0000000000..0a6906efbb --- /dev/null +++ b/community/qbittorrent/1.0.0/ci/hostNet-values.yaml @@ -0,0 +1,14 @@ +qbitNetwork: + webPort: 30000 + btPort: 32555 + hostNetwork: true + +qbitStorage: + downloads: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/downloads + datasetName: "" + config: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/config + datasetName: "" diff --git a/community/qbittorrent/1.0.0/ix_values.yaml b/community/qbittorrent/1.0.0/ix_values.yaml new file mode 100644 index 0000000000..e8d0c68727 --- /dev/null +++ b/community/qbittorrent/1.0.0/ix_values.yaml @@ -0,0 +1,34 @@ +image: + repository: ghcr.io/onedr0p/qbittorrent + pullPolicy: IfNotPresent + tag: "4.5.2" + +resources: + limits: + cpu: 4000m + memory: 8Gi + +qbitConfig: + additionalEnvs: [] +qbitNetwork: + webPort: 30000 + btPort: 50413 + hostNetwork: false +qbitRunAs: + user: 568 + group: 568 +qbitStorage: + downloads: + type: ixVolume + hostPath: "" + datasetName: downloads + config: + type: ixVolume + hostPath: "" + datasetName: config + +notes: + custom: | + Default credentials: + - username: admin + - password: adminadmin diff --git a/community/qbittorrent/1.0.0/questions.yaml b/community/qbittorrent/1.0.0/questions.yaml new file mode 100644 index 0000000000..3b4aee8ad4 --- /dev/null +++ b/community/qbittorrent/1.0.0/questions.yaml @@ -0,0 +1,209 @@ +groups: + - name: qBittorrent Configuration + description: Configure qBittorrent + - name: User and Group Configuration + description: Configure User and Group for qBittorrent + - name: Network Configuration + description: Configure Network for qBittorrent + - name: Storage Configuration + description: Configure Storage for qBittorrent + - name: Resources Configuration + description: Configure Resources for qBittorrent + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + - variable: qbitConfig + label: "" + group: qBittorrent Configuration + schema: + type: dict + attrs: + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for qBittorrent. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: qbitRunAs + label: "" + group: User and Group Configuration + schema: + type: dict + attrs: + - variable: user + label: User ID + description: The user id that qBittorrent will run as. + schema: + type: int + min: 1 + default: 568 + required: true + - variable: group + label: Group ID + description: The group id that qBittorrent will run as. + schema: + type: int + min: 1 + default: 568 + required: true + + - variable: qbitNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the qBittorrent Web UI. + schema: + type: int + default: 30000 + min: 9000 + max: 65535 + required: true + - variable: btPort + label: BT Port + description: The port for the qBittorrent BitTorrent protocol. Both TCP and UDP + schema: + type: int + default: 50413 + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Bind to the host network. It's recommended to keep this disabled.
+ schema: + type: boolean + default: false + + - variable: qbitStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: downloads + label: qBittorrent Downloads Storage + description: The path to store qBittorrent Downloads. + schema: + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + required: true + default: ixVolume + enum: + - value: hostPath + description: Host Path + - value: ixVolume + description: ixVolume + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: downloads + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: config + label: qBittorrent Config Storage + description: The path to store qBittorrent Configuration. + schema: + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + required: true + default: ixVolume + enum: + - value: hostPath + description: Host Path + - value: ixVolume + description: ixVolume + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: config + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + + - variable: resources + label: Resources Configuration + group: Resources Configuration + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for qBittorrent. + schema: + type: string + default: 4000m + required: true + - variable: memory + label: Memory + description: Memory limit for qBittorrent. + schema: + type: string + default: 8Gi + required: true diff --git a/community/qbittorrent/1.0.0/templates/NOTES.txt b/community/qbittorrent/1.0.0/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/community/qbittorrent/1.0.0/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/community/qbittorrent/1.0.0/templates/_configuration.tpl b/community/qbittorrent/1.0.0/templates/_configuration.tpl new file mode 100644 index 0000000000..5be4e79e3e --- /dev/null +++ b/community/qbittorrent/1.0.0/templates/_configuration.tpl @@ -0,0 +1,11 @@ +{{- define "qbittorrent.configuration" -}} + +{{/* Configmaps */}} +configmap: + qbit-config: + enabled: true + data: + QBITTORRENT__BT_PORT: {{ .Values.qbitNetwork.btPort | quote }} + QBITTORRENT__PORT: {{ .Values.qbitNetwork.webPort | quote }} + +{{- end -}} diff --git a/community/qbittorrent/1.0.0/templates/_portal.tpl b/community/qbittorrent/1.0.0/templates/_portal.tpl new file mode 100644 index 0000000000..a9c110e08c --- /dev/null +++ b/community/qbittorrent/1.0.0/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "qbittorrent.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + path: "/" + port: {{ .Values.qbitNetwork.webPort | quote }} + protocol: http + host: $node_ip +{{- end -}} diff --git a/community/qbittorrent/1.0.0/templates/_qbittorrent.tpl b/community/qbittorrent/1.0.0/templates/_qbittorrent.tpl new file mode 100644 index 0000000000..712ef63cdd --- /dev/null +++ b/community/qbittorrent/1.0.0/templates/_qbittorrent.tpl @@ -0,0 +1,138 @@ +{{- define "qbittorrent.workload" -}} +workload: + qbittorrent: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.qbitNetwork.hostNetwork }} + containers: + qbittorrent: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: {{ .Values.qbitRunAs.user }} + runAsGroup: {{ .Values.qbitRunAs.group }} + {{ with .Values.qbitConfig.additionalEnvs }} + env: + {{ range $env := . }} + {{ $env.name }}: {{ $env.value }} + {{ end }} + {{ end }} + envFrom: + - configMapRef: + name: qbit-config + probes: + liveness: + enabled: true + type: http + port: "{{ .Values.qbitNetwork.webPort }}" + path: / + readiness: + enabled: true + type: http + port: "{{ .Values.qbitNetwork.webPort }}" + path: / + startup: + enabled: true + type: http + port: "{{ .Values.qbitNetwork.webPort }}" + path: / + initContainers: + check-permissions: + enabled: true + type: init + imageSelector: bashImage + resources: + limits: + cpu: 1000m + memory: 512Mi + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + capabilities: + add: + - CHOWN + command: bash + args: + - -c + - | + for dir in /mnt/directories/*; do + if [ ! -d "$dir" ]; then + echo "[$dir] is not a directory, skipping" + continue + fi + + if [ $(stat -c %u "$dir") -eq {{ .Values.qbitRunAs.user }} ] && [ $(stat -c %g "$dir") -eq {{ .Values.qbitRunAs.group }} ]; then + echo "Permissions on ["$dir"] are correct" + else + echo "Permissions on ["$dir"] are incorrect" + echo "Changing ownership to {{ .Values.qbitRunAs.user }}:{{ .Values.qbitRunAs.group }} on the following directories: ["$dir"]" + chown -R {{ .Values.qbitRunAs.user }}:{{ .Values.qbitRunAs.group }} "$dir" + echo "Finished changing ownership" + echo "Permissions after changing ownership:" + stat -c "%u %g" "$dir" + fi + done + +{{/* Service */}} +service: + qbittorrent: + enabled: true + primary: true + type: NodePort + targetSelector: qbittorrent + ports: + webui: + enabled: true + primary: true + port: {{ .Values.qbitNetwork.webPort }} + nodePort: {{ .Values.qbitNetwork.webPort }} + targetSelector: qbittorrent + qbittorrent-bt: + enabled: true + type: NodePort + targetSelector: qbittorrent + ports: + bt-tcp: + enabled: true + primary: true + port: {{ .Values.qbitNetwork.btPort }} + nodePort: {{ .Values.qbitNetwork.btPort }} + targetSelector: qbittorrent + bt-upd: + enabled: true + primary: true + port: {{ .Values.qbitNetwork.btPort }} + nodePort: {{ .Values.qbitNetwork.btPort }} + protocol: udp + targetSelector: qbittorrent + +{{/* Persistence */}} +persistence: + config: + enabled: true + type: {{ .Values.qbitStorage.config.type }} + datasetName: {{ .Values.qbitStorage.config.datasetName | default "" }} + hostPath: {{ .Values.qbitStorage.config.hostPath | default "" }} + targetSelector: + qbittorrent: + qbittorrent: + mountPath: /config + check-permissions: + mountPath: /mnt/directories/config + downloads: + enabled: true + type: {{ .Values.qbitStorage.downloads.type }} + datasetName: {{ .Values.qbitStorage.downloads.datasetName | default "" }} + hostPath: {{ .Values.qbitStorage.downloads.hostPath | default "" }} + targetSelector: + qbittorrent: + qbittorrent: + mountPath: /downloads + check-permissions: + mountPath: /mnt/directories/downloads +{{- end -}} diff --git a/community/qbittorrent/1.0.0/templates/common.yaml b/community/qbittorrent/1.0.0/templates/common.yaml new file mode 100644 index 0000000000..b8ef1222cc --- /dev/null +++ b/community/qbittorrent/1.0.0/templates/common.yaml @@ -0,0 +1,10 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "qbittorrent.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "qbittorrent.configuration" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "qbittorrent.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/community/qbittorrent/item.yaml b/community/qbittorrent/item.yaml new file mode 100644 index 0000000000..d2f9c8f26b --- /dev/null +++ b/community/qbittorrent/item.yaml @@ -0,0 +1,5 @@ +icon_url: https://upload.wikimedia.org/wikipedia/commons/9/9e/Qbittorrent_logo.png +categories: + - media + - torrent + - download diff --git a/community/vaultwarden/1.0.0/Chart.lock b/community/vaultwarden/1.0.0/Chart.lock new file mode 100644 index 0000000000..e17b6357c4 --- /dev/null +++ b/community/vaultwarden/1.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.1 +digest: sha256:ec8784f128039af68613a8268208bde360d5b178f811c4a16c79a1650ca8be92 +generated: "2023-04-03T17:51:26.178586108+03:00" diff --git a/community/vaultwarden/1.0.0/Chart.yaml b/community/vaultwarden/1.0.0/Chart.yaml new file mode 100644 index 0000000000..bb085b9a73 --- /dev/null +++ b/community/vaultwarden/1.0.0/Chart.yaml @@ -0,0 +1,24 @@ +name: vaultwarden +description: Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients. +annotations: + title: Vaultwarden +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '1.27.0' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ +dependencies: + - name: common + repository: file://../../../common + version: 1.0.1 +home: https://github.com/dani-garcia/vaultwarden +icon: https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/src/static/images/vaultwarden-icon.png +sources: + - https://github.com/dani-garcia/vaultwarden + - https://github.com/truenas/charts/tree/master/community/vaultwarden +keywords: + - password + - manager diff --git a/community/vaultwarden/1.0.0/README.md b/community/vaultwarden/1.0.0/README.md new file mode 100644 index 0000000000..06e50608f5 --- /dev/null +++ b/community/vaultwarden/1.0.0/README.md @@ -0,0 +1,18 @@ +# Vaultwarden + +[Vaultwarden](https://github.com/dani-garcia/vaultwarden) Alternative implementation of the `Bitwarden` server API written in Rust and compatible with upstream Bitwarden clients + +> During the installation process, a container will be launched with **root** privileges. This is required +> in order to apply the correct permissions to the `Vaultwarden` data directory. Afterward, the `Vaultwarden` container +> will run as a **non**-root user (default `568`). +> Same applies to the `postgres` container. This will run afterwards as a **non**-root user (`999`). +> On each upgrade, a container will be launched with **root** privileges in order to apply the correct +> permissions to the `postgres` **backups** directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards. +> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update. +> But will only be changed once for the `Vaultwarden` and `postgres` data directories. + +While the option to use `Rocket` for TLS is there, it is not +[recommended](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket). +Instead, use a reverse proxy to handle TLS termination. + +Using `HTTPS` is **required** for the most of the features to work (correctly). diff --git a/community/vaultwarden/1.0.0/app-readme.md b/community/vaultwarden/1.0.0/app-readme.md new file mode 100644 index 0000000000..06e50608f5 --- /dev/null +++ b/community/vaultwarden/1.0.0/app-readme.md @@ -0,0 +1,18 @@ +# Vaultwarden + +[Vaultwarden](https://github.com/dani-garcia/vaultwarden) Alternative implementation of the `Bitwarden` server API written in Rust and compatible with upstream Bitwarden clients + +> During the installation process, a container will be launched with **root** privileges. This is required +> in order to apply the correct permissions to the `Vaultwarden` data directory. Afterward, the `Vaultwarden` container +> will run as a **non**-root user (default `568`). +> Same applies to the `postgres` container. This will run afterwards as a **non**-root user (`999`). +> On each upgrade, a container will be launched with **root** privileges in order to apply the correct +> permissions to the `postgres` **backups** directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards. +> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update. +> But will only be changed once for the `Vaultwarden` and `postgres` data directories. + +While the option to use `Rocket` for TLS is there, it is not +[recommended](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket). +Instead, use a reverse proxy to handle TLS termination. + +Using `HTTPS` is **required** for the most of the features to work (correctly). diff --git a/community/vaultwarden/1.0.0/charts/common-1.0.1.tgz b/community/vaultwarden/1.0.0/charts/common-1.0.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..aafa51055c4d34b8512f9dd930b77a00d776a495 GIT binary patch literal 53833 zcmV)&K#ad1iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvFbK5x5IF9e%eibOLr^cF(ElWOk{F`LUlVmd4&EblZ+28YI z^Q2%Bvbd%QhJ@sJ6TkOw;Uq2|l4vE)h*dMONTAWU`a+{S#FGh5cOQ*mPWm@+lKiFn zXD}EHjt&mkzk|WR{&%o{aQK(u!NG9v@M!<|@c1u-;ojk3_!ls^16-VES`e83Ww3Nx zcIWQN1Je`}NMf88CmR5em?Y=~JYuT?JdZDOnBM@lIyPVy|AF!%#_0)|?QOs;D}N3* zB26eOZ*NUMSo&O!YD2d_q>IE-Ne9zg;Ve7P}!aY|sEqP#fS*a0b=pc6py zDN13n0l+j*PQaLutT@@-y}rKgi%>MloES|tiMDfc}hKrcs{N@A%0cC9PQv8)oljIC1ad>kA zo{e5&a+ae4rDS8{0v6+EJ_z)Kf^pD4=Fa2eQ|pJ&l3;~2CO*%@@aZnyu|5ij0xwv zt-ICSE)m!}Jo#IeEnf>P1{kAPL7D(P@??Xo6A#6IP>8jTSdW zND}_LVghqi;AtLmq?33OOHveO(-Uwo7z`%t=LAjI%K6*Vn60IcQ&bp5hgQME!3$dQ zRqo{ac(DgnxO2(@}iMk;7%<99J&jr4c5DnmQ(^oPdC>V2a0S z62k(?VJA32x#UpnP0p9gqXZVkO9qfp0XQXif~P4FJv%d>Zzfcn52?7LzH~AF3JUs{Jk4~RIVV~cO zVR{8_@RZBTX+dC;P^R_yGw5>-?X={;eI~1e+gos&W&I5bJ)9NYhdPDz- zb7(dsCWCVI|Kb#ZX@MeuW+=b89-|ylut^-!Wxes{e^0>MH;;_zqsuwLFw*yge8!92m2#hsxsgZVCPpb-%=$?gmZGRYd- zkI<|bPwotb2+ekj@uU_FzL1`!|3M)^5g6ro!YKxr#8H%>YnY>rzXHmK+5XJY2<3E5 z0lMTj;!jUL5tOGed6p8Ck6?%d&7J0g7r%Rd*KJU;TXfRUBb1YP6o-&>1n>`>OeJ#q zo@IjM*)&PcQJ5oAl+tDS(y0`(PETOQN~>QU+Ci&J5spFfQy0OMbm}5rIW_VN7;>57 z0){TU5GKf(B@Wm7$>|#_rVW2tS9|Gi_vzW&vh>rlw-PqnJ{y!Dz=YNO+Pd(c@e%eP zf+kr)chxS;vJaza8ZsGU_d`Y{prYUcN4A)8sKNfTKeX+?dxN9HqqY5K70>6-yFY=~ zh)naeU}9DplTwQWWDE%y#h*|Cw3PsU+P%HqU{xQ%B;i7vTtX)spFe{*4U=hvKoEcG z&xU=z%K9+N`Wl!3Y(;TMK=Ah2M+&h|ca%{vM}|ecHLDvK%eH$uK^7 z0Q&5YFH%6Dy<+$oh1H-_cFAg)Z?x)F?a_|Xiu7OY^;7Zssdz2k$0M+H6{pd&f+947 zNgM?n=bos|%Z*^1fZ$9Ult*fP?0|Q)!h5O?q?k~RfC)T0S}2XQU;b8&uFloGQFCcL zo<4g#SL;uoJzl!aw{y1nwndwCmOp>C7uD@;so6(L&gF6{EzOoGgTq7}E{o!v8^D+? zi|hHN(ZV!aC~Jf?Txb@F;T|(dcx+aN!D--_n+6_JRcR@zGD4Lls*FRLHR#drum1It zShU{vjL`<1p;hRfSm+_-APJzweNC#$M`x0JFhERsHnwJ{Vh)8VvHhA z<_w$zqoBU>;E15yQ=<`Ief58BCbxbnpGNsl7^@c+{u<@K;qYMp*p~l>hX-r$J$ZU97j&`QmWey_*{(~qEY74=>(%PV&JScGl!I?y82XN~RALzIMvP=N_W$m60R2y50i1t%M$6ZSrg!mIP z-wUCKL9t$Gh08In>_R!6$)=bwMJKM0A@`qC&N@=}IWD`Xo(w$&tD zIu5EvpBL+g*%SyVUOrO#^_J%!^(rWx{g&g2-r$ZP0%MWouC+7z2yak(|&t9FsdHVXv z`G>dXPhQ`GoiRvo2$L}`$o~&S7!(OY8Q7zLrzo%{IR5^+WqDiN_fAnc;*mvAm`*&u zrRe9Me-@UapMU8h1XDIJZ(+}8Od29mgZ;2EAwEL4h7o{xp3f)llM78{k`+`?;s}Xjkgc;EU%-px20VJ!aH30-?)RN*6km=>Z~}s1;Q1V(1QE28 zG0%hG1hALPlL$rZ2-M(omhZw#G(&j>3v|0(w=?e<7o3}AnAMwUv0c8N$SuR7_cS9E zeh0Lk90VX zf4x;2T42=9Es`|5l0iSYj4U!o31rD-Inflq8Rh&_S*{)XZ^50{qpU}X3#VnYN~*Drasg|%SZE>sx3`#azlE07 zUU(}|fr*!-e|d^Da3yENwBz|rF&d09$-gxYR1N|wq5ZtQ-PqaLG4JaQH?CqznE6z{ zfZ4_b5f~XmNZCONrk^UFz}gezM!DT&T96kgzeHe5uOLd4{F6?94{Z5YOA=r7B@TU< zB+psxpzQY-=Fj&(aFXn&$Wo zx5#EV3gjzp!PIA@7~@>)N`$*?&OX_#?ROx?_@(NpC1#Hs)jt=*2{qJ~hegA7E57YBX7r-u5z;fw) zV_IO@&6bLw-jmhqf@SMVs)I1gic%ZY{5{tS;aVZQ=L%uDNxIVsr4GVTX2E`*8$xC>-?;5ea^R5>%IfEuG2HVwLY}ght~SgGD~u;53Thf@Tbs+{%lW` z{+IIb-lv4Xa6CaNc}!*Jn690<^}@#cANxmE{GYwO!^5@yw~B}9dLouPC}$g#)7^z; zShJeG?k$npp4ZXs`x*PC*F|( zxbgnSz|Q}7cyKsa^Z!*mJWj!{r;oZ|^K{XCU4G7%Z7tiDCE9RjSvKT(YyK5S=mh+0 zjL2BnmuUeI7qS4jjw1wc4pL0|EcZ-;1a$VN4Y!!GE{P)YmszS6bLRtpS6rMS0;gn* z^Z37Pg!+`R>-_xlXTWs!{00Of%g<|^pa2B?AA{zWqe)wvlikN7780ojAO}-qER6w+ zyvF2)7uW=g1>804`>eqU^ zuebYpyBpgbCrCu#fmtjwl|wn5rjYly#s1@@4aNbwIInYqh|#OdCD0EX|{^ z(PAuDiu2tc5J-M+rOU}7?ARGe1bTZTQW6EPGWc1crGmwVSj=~^hgTcOlUOGU@+cUZU^U@M6WV$lF+zxH~1^rkte3HQ%Rihh_A zXGgFB(u$Xo+{MuWO2e}D6}s`)&hmH$3A#cz{>qEcCRVX;6CQ8-wT&8cz)+xKImzSn z^06_Ji$=m)AQqO1+FC~b?w@M;pXqz6i2rruiT}AbSo?phELv7EO_mY6O$y0)|(Q`FDlj z8!52LD2UI}n1C6~V|bCE!pQM3hQ;r=AZIuyW^xSq9T!A8r}(~SIO5pQugWt(HvAM3 zaE2owid;ZC6C(Yg^a=)BB3Bf=C|F8vJOVN48CaIBJYaIxKMI`IiB)5iWGFBCDv>&h z&LoHhY)2pnVUkesED#GP5K^9&6{N&*N9Ve72=svr^{nW!qn-hOP-73vaMahzw(gZe zQ*}Tf`mZrc4J_jV6o|;_%5by|MmT5Wff*Q|oo#~x%Z*onYn&25@*8#yCr%?i%T$}m za83#dh&EyNIUWJJ3}70SX;CjQP6A^zde$$qJeQa38e3G7)B6;Ve5xj|^j}pQ@PRU~ zK07nDPfJXb@%{PFoaGDN%!Et&HviM!&U_el%$~E7eG%o|LMt8t)=8P6h5-%6V!sAG zQCYrlJ<0XmZRDSEd)3%WeTguDaUqDMyD$JOu2GWcdzf}rN5|B?Ylh#W?0ujkOV_5c zM|n~P1&iWcqolJ%d#|+dT7UIByoaIK-hy{A*4BgX*m_`J>8enkD~M`!*QDM-fy)yu zTDzNbpO)sxmpDR<(k_B@sw#Jmv$1%a7KucPai1lS5etNYX}dJ+7%KI{cLx{7l(bVD zFXdoupI+3wH|Q0*_U(gQ(bEjJtt+GX1v z5Sq2-F)OGcy7Sy0=SG9~N(Nrblz#%5vP72ZoCv^#XZnIkg0BI=0MAgK#}NWCGf!kF zXL;%`U=bJFAVK8E0*qlEso^A8SgtM;d;yb0z{|^uM?ff6d2m5ROzmkXZcRI)5NjhU$_#RKQgq^o8ECTQ~ z)K@tm`}$g%M-~79PevGkP5uW6uFy>YHm}f4kGoagVf3I9{|%KW$ji?g`m5*m@8r~g z4+SkD{?tGaah_niuh1c5@9Dofv}l?kI`x!SU7EHv*$*+^mf>4g)OF+$j1#bx<#9?z zAW%tI!46$ragI}V2>pjRk^t|1DBgoO<^PgA=2M`^Je>q@J$B3!7m7m&d!z)#7l;}t ziK!T^UbQ{fYhg4-K`vfvUG`+w*Zamas_FkFVg}pSFuh#z7`TD{?;ju8=fB5?!}a~Y zl{`kC;^+7p6@;BV{2pJ9>EHb90v1JlneyGqj_lGKEyHiDPKp*~82Z_rmG``_ufw_Z z$UEf^XEwM70@#Q!G0}v$mIsgN%Xd4GvDL=%LXX+;poU>>7 z$#S9OXRY>0u{?$zsZ;v6kco}^{l0S=C>u78#nh=4heVkB5~cm+NwR|DLLx9%hru}4 z0Sb_(X~b48JM|RZ(BK*7?FyjYBM~b-hdEBpnViFo4A(TX93O`im;EnKQS|q$t-B!WAcr);tTi=BcE)3h5FqeGE1Yd$xm#JW&%(8<@&Hq9xK>xH;uZZ@YBWb-MH(AT>PvCcyOh7?!jtUT`jLw2lf*~o`344gs z8OjOZ0GTpNKY|N1!Z{UBCmCd4j2ZU!^8wf*Sz^AETbmu;QNTwBo{m{l49v58b~jJa zntp<>dtgfrnQUmwEKxRBk;F!m!b&p6iB`>+&W$W3hdr=$S%WPtvLL#g*v^Zuy@ML} zluw8)vG@WAWe~>!@QQ{tTXqe4g|W6 zoU!=ks}s~rV|;7bufbT~+?B3GH&KZDoUsDpPjhqo9Pcz6uW_91NBn2lFB zRLz5gfY25R<{lL%2wWp@mEvo@1eFvx%JBr4(;zL?lw-sMpify6hcQWR7{qhsSqDOx zf*g%d&fFu}){EjCg(SJzrqTe*Ov2i`Kw~(I@ieDP8>$^Z;n6jLr^LcR$%|XCD5eus zfM8l6DKZ8<%Q;c!aB`Xh)yV+#ZO;mGfVjA7VW7K_T_eEp&^ItGF)f(nGghdTTBd@2 zniQDAPZ8J9LdI-II0utyLgFlum1D#&KWu}Tj=wS<;S@S9M3*l!?R4y?=>=c<-TR8*cBLcC)T1Y%r!=5o~o_Vg=+Ex$;XaQ1m&6yl+MO#V2XbDrumITP|8aC+ z$NwA*4u)&_ZxxU7Rez-2vtts;5|W>`e)?khEG+PKVZoCnOSD>;?Yy0sSC*@i2bHXc za`NmkGeZ!3&h>ml91IYyF zU*hN?c=yA{_msV`p`{GR#ouYP@w&ifBvuRXiP-)=d9E9b5_rj$48NM2qZz)U0&9Ri zWpR$8pl44i7wK8+toA|!Md$K|qGr4Tf!h27BRVFID7{yX%bUDz_t;9&x~NVo7w92h zt@2>9W^wq}1Uq+}qyNUrXg1e${xtLdQW9QN1ZeXA*cq1xJ@j34D%*i+RAH0gi)`%e6?gTY$=Tgk)8J9p(Mz-XF=+$DL0b8v}LltV&w61Eh8q_mpL2(f(a zAJL@)T4+~HYvU^{WyT|o{Ph_W7Pu390SUfFIrA)@rXe`m7f#0K)6ppY1cIHwB_%G7 zqiK>Xi>HKPy6Q8iCv{i0-M;oMVjs#0;LwcFrKZ)MeShFB;kXOv6-wLp&JRUk)#rt( z)s}S0i4ZacD)e>Kdf07-Z4Z23VQ+G2=6U}bU7}Afn4vuQzjtuwzk{8h-*3r3cK-fl z=kM}I@AF{$Xm~4sZU(%GI^M}fPd_|hxc0$|X+Z!bEZmujjt0{nUSpga!w zh=#D>Rty*tl=s0i!mP4lO@JSFe(WjkWM8l-W+Is=B3WFl8)?iYsHyK815-RM3J_LBP$~H)6IL0Z= zZ*&9UtinLZT3nk2zv@#(|M}IP-48IoTv`QaqW}8?=l<7lxc2{D$zvGG=wt(S__`eN z7q?(3xNqymR_hzRzK(R|=395>&07l4Cz8Wc`nO4uc@PKdmag}_+jAeK&w_)nlrmWY z`g+6&mHbk3&=Uc&6qJO;g6liJeWD*QXFdsLBkXN;JM%gRn!naeqJyW2{?qR;UF!Nr zv;04>?LWtd$LssQD|rn1FDAP~79b#g7hFK~rDI0myE>?+^%9d}&{fZOKbfr|P_HHW#E(QE?NVHsno#|eEI8}Q0U;{ArDnTP?$ZtR>$W}!K` z&wBNY!{S*2ss{A898XU4SnfF*6}tPdv{(HT-MmI47SKA(5m7%!F-ju(r$={U9(D+9 zB`5`3n=|kQT%nty*8{_zaJ`cWlgh8)3mC$bSppjJjlQU*1Y&K?S90g$5+ zUB_cMLx5dU8!=}C$NBC*I8H&Z4Fb`!{>H$sz&SZhvN7yAq3}JS95&IX45s`>*NHcb zyz;>a0=u%`rMrGk+!536G0ZqHwMOL66Z@7LzW5Jql4;4Jl6#F#GraawH(W>S`O++~ zlvVz~J$xPpj#6GR&OUrxjF&*?3f(kdqh9J+wE8?{mfDy0APcu5DU9+l+%##T)juo6 z1Fgju*eeye+1qV>89r!LuYR0$c;5D6f+jpNNSQZGx|+y^E4-n4b{p1358qvC-athx z30CoeahsuZ>v4+9Rb!kP%)MyhRFECYDbeipz-)}Gs>|71A)KIuc`b>aSbkCs z(;#{}!qe0fF-R}tu*%3eAaTY6eWZM6}VY$j)Y`JMl9 z2FciiyE>w4q{uEf?IxUeC{#f{9$t(p#)lF+t$Z02x-6&%inhRO#h13+t_=X+=+i>~ zr-Jrf+J6rY5B6>Q@6llG|FM$C(f{decV+~jz`hql0Pjo3#(+wtRo9Mm)kqVI1Wq0s z0())Uk!1*#x{zdsV>&nsO(U!nyB^I3c_WSD8qCIfnOu0x(Zzg*0%R5hN3;c zN?CfN=~GdmVhX$-Xf9no{PYZ249SuhErKDhJr{a1;dU$K-sexZxC$oKD=n~iNg!lc zh%zdDW3OCQvc?qb*KogvJ=hGHMm0Zgk4uAbYdefiF}l?+tENIztk~ftTh!8gXy?Cq z>D4;FL*JAZ^8fR=SS|rrlmExT@sT6{4-eMz|0*6w{(s(??}u1A-;4au`*JsjfhhGI z1+uBwagW+)aa-t{%L>JIw2<;Vw2X(Edcumcqc#v1{AQ~avHdHYPV!k03`dTGb5N-U z$ROdBXOXlx`&e}*c`r$OtEY+nkK#`#da|4oNR$7^@sUISj}O-Ie^&As^#351Y|f)3CitAenucXoiHk#Oq)YRp7gQ@R@i7K+`}x6 zV)zJVg)g#gjyOFo`Y-=@_W0T9hexMp=axUC&d3x6v5PBowe}vgt?I#Bj#PwD_T=Lf zCI)2Yu<fZ$3gX6Y`Egk^~?K@g$qF z$aqr{Co#DRKyaDEY#fJ00D@T@A?&jnhA?BZstt`t#8B=ntUSYD5lf(du#|!AqP1HK zM}Yn_Pq@Vbg(BGwJ7>=Eghkh@(=OG1x3l$xFbSs#i$yqpBvT`I+9n$nicwMucszhpLRVHlA@FiO9JZXxsX9{g z8&E7<#Kz>nZ4*GbHdOo=qw#r0Fq1-p*(K*3c0D=q`%{O>R&w1+3I%#{VS7oeP z3v1ue(nfNYTe4)+EJw*Sxm{yP54N*+W0W0T!s^e+bQyAb|FPwvM1Q{-Y6 z38lraQu1<7&PBF<-HMUnNM$s4?$pa8AT6=BNI>21_bs2!k%fVgs#>uN4v&mc&Y(eW z-e^BOPfmJ`OYZ)}a-C#2;)kE2OGY+oO}3~7tqZ(#d{q8x_m+Y&eigToJR%&jBNu4t z&I>ouITN@<*JOroU(YPW&uWu_FM@XUE$tEq9keMas2u2gIJfzq+JZG_g;Nz9txdJL z{Oi^k(uT!rqAt<#CR%U3fGc3utzcsnt1ecrWotcGx1z6!qGBc2jBQ1r3(o?nT-z!H|4(P{-0VL6*DOK37ste0(5cp>|IspjKZP&#+iNgMf0K3 z3b4jqsJ>v5W<$Q=vWh$aTP(1T`L?`csx7le-mz3=ABc|nhs!$Km(-LW+#4g$ z3z(C^O39W4gmOHlS%z{uS_d}*X#+UM1u22aUkq3uR8DctwAb+#tHN4|{5GCO{f`sn zKbA=Y)1d$D?eAOnKlX-4M{EC&l{|X>Pm~wnS6IYhcWGdx`ed)7MVzP^t(Z$`b6ah# zp*3iE%C9bsNeq+tztY{`aPA$$Ldx!zP9{G;5#p&W`ZC~8F~BoJZ$+tjIYda}DVM@a zVa0MNrlNd?!oKFyr-}Pq+A$;@DK$H)q3--<3)Xg@H1SN=8y&&eBO~gLtkT(}tP_YD zK@V(gI@8_rNOQlzIH3Sbc|XY!jBWr_t(V}v5}h`cE<1P62wuskAtl%lrr-jp_9%nC z#`#r(VdRehw&R4%(2(#AZtL({a)G@@AE$B7GKwY$7KCB!49GU0iW_@XXp^K*JC7w( zqU!NgFox<>Z(KG}4x7w+S~qTM$ztKBng8R9Ws`u`^Z(≻w{&IXGP3|6Ivq*niL1 zWOv2#DXj0q_$#{7^|3#L`;ukEE>+_so}m;KMF0ZIqGItkOC~+dOg8`q;Em-AU})7+ z)xONLFc2rNJ)fJLVTWO>pq^^`4#9cFx+HXFP-uMsc1%Ho9gJIfjwE8fbVqHD#04o6 z?x9B1R0Cp-)@s^6CHC9mZ%6DZ2eSHprGlal#{%8s7|eCZueVqJXoz378S6r;VSxMW zjq}U^SBZl>mqRN+5eV<_>j1O`mo z*b8}oh_ygL&A%W-v*nK(r;l>+-rh3iVYz?!I_LG3Sgo@JAD_}sLJ;^lJVBVPUUkVe z^Ud1>5@zQ(y!x7b;4EU9PH+fc3;z{+6)l0khZeLIsNTdAgs0v^^;$I5Mhy%~Ux8}_ z8?@9dTYv--$qog{nttC?d9v(LS7N0tRkAYWFJ1B^a)v5W6jU)uS#QCZ`G9<=gQJhu1<`+O;p!^b*5X#TK_A0I(upB6*oE&r0-D8x%n{yQ6 zG@{}%<*w5ly&31I7~>?OqW3fmQBmlxMDt~}4COJ7w%$_?g}jq42dr<;Qx6Q6>ADS04#W`Plm`c8MT17s*^rt%tB#-Escv{m(2DlL zv})O(X%)K%Ru%g*tzs^0tAhEF7B`l?RoeIl)|Y&~&8Nx!R|em>tNTC0z2W}Qx&O1y z|GJvT5Z_+Q$?isSQ)}nDklM7~bZrP!pljo;)ks=q86{ejul-U~`MnO9k9*G*wrA!! z_ALjq#6rlDIr=z71u0H800^_`i3rv#p~=tvFq?8Ol?j^Q{HC%T{|xjqE3H@(Ph!IO z6aVXE!!-ZcB}KDbragm25vP}6unn%`Bw_NISZOiY1``BXT%T#m>Xt`mvRi$BuH4%8 zRd<#{K^wGMELIVrsYYpTr*}R*dkZ8I9n-FbyY#J-G2XGR93m9Ok&(7|iSnmT?=G{c zWHm+@JX2+QdiJ))2|k1gqSNltkjk30k3Jos@hC%rrvUsxk~NEXQSHDiwrE};&0lt; zlwZfcqQu@`MR$5KSa15}rBk z4$=XH`$h9a991s;J;{G9Z#R_4ofGh-JigVCod{1ynK1~$KGST0z={wF&@mu(7G)FKoC;a9{k_d;NSo5 zzZ>rS{Qe93|GUA?&+mWgZPB;%&o7g|_cjB!I+qP81g+ZEyC-LFp1%0!`}pr)5PS9i zdVk+E9THHU8-qu+H;}kqg3A$w44_)@bu(u7ieoHVU;>DnUNMF5(lbA~0 z{N>?bFzLC7o5*kRoV_UGlJt|^v)wnlPj_GJ{!_N~ltQ*j#k*(m?wfe`X}tR)-u-8+ z%Eq*?iE^BRiyOLyM47?f0WI|8Q-)J2#ERGZ2k5A0x?QMcWP5M$p%H!Pd8DEc5_E}k zJ*&3Vba;8br2d7N!y!xx3}6(2fNKu{;2w}8aE-tuEqlqJul%5!xwkVNU zz_zTB)^e}?P&^ELP`#{63uB1~d%v3OKDP%cIsM0u{1CO1F?6zAMaO4p`G zwnr>rGUIDXOJA^x5+_Pr1tMCO5TpH`KhIa269#*o*a;FTXB*)p!Pm6e5zZ%&6#n2` z?Cga{py2reCH)oHTR3}!pt@Tn(Y5}nD#|Z0UGT8!viP&>u~>g zo&Rekk6}hD>D9TIb|CX7bfO1Xi|M;K7I6C1>EVER#Ykll2rd(R0h0jWjJYlu%E333 z^@7fs7T}v}##Pb3W#P94%Katj7gdY}sP~uSNfT&6Zvb+)l0Q!Q?d=AnZ1^mXXK{iq z(UT&C2~!Cj5LE@)DY<+dIn~Nf?7$v{A)aJsIUdCc^QEM0+^J+1`vsQCmEC zjzgG?aX|uJHIct%;|+~w{9j=EH-s>Q7jY7k7_p<2($*A~YpN{Lr@9G)0i)=|7V#S^ z0kBhZfT1iZssZrsy(d0?J%&+^GY*0N)f&gL+B`_ICR{9C^UWiFXa152Kow2eJX7%NaH5`$MWl;?3ITm)5_9}8de zPEbp$4O0`=aP=RCYX$l>gH+xoF17(Iz%>Gs_;O5W!D+^kN~cL8wNE%AC)J)$C;&sFK9oJQiU8;COLF5a*mUx7`yI#G;78*PRS~UR1&mGDWNR| zbNXU}aqeqX`}hj6M7OBEo~9(8AmPaz7@|+`Hf5RfDb(6%>5>_RiyFOoP!0f*NGi82Iajb73I_>G%o+6Rh4yMqDNd;c+j9U7~@ zkjRNWNzYI|v5v2J>ucoprDCPq3%S{!36kiPJ?RKk=t2{?l-HX#0O34%hzQD|yWP zU*%+XV>-|Peiz09qdy&+2R8N5m;MtVn4qG7m*@j{lIfqL_^ZR+4 z`2P$i(+PTkr|IHp0Gi@I9ql{(|9G&D|G1LJ;Q!iWcbEl0gZf~$EbW$-o5Ze2+*ttivLs`A;{p&t~-{|V>dY0j+*wwDS&?b3xyRJ%;K7m&V6euka7~veuLVpB!c9X+J*9PnQ<7ouIyn0c- zFK1=P33U2I+$8Y@=Xdaw*G?J`wXO|mb61z7Lk)%RUXGEC!?%#E_P+p1!u&3mDnqGF zuo|IOUncUkW7`lXFbnL)-I_kV;fKOh7!0iXddQ7;lpwlVLI@`)31NW*6|NpyX+E{k z^!Lyc#NRfC8zVh`U$vuZx7TxYY%csg@r@gEanxTX+pd2dveR3*PrYuPGMZeCVQwqcc0YK}1k+%E1A zC00iKuoK_-ska5lS%z8<%D45PKYzvW^$qqv7TRn_<&oVHp)z+rpid}lYY%KV{~PWf z*zuqCj|PWp``;=a!~RDn74RwU#`M<^S+&ykSH@M{MaZK>X?P zP|`$LiXpV5%lYoGQswg(0p=kKbVxh)o_SJfld)sF{nJt`UK6icddat0C8AO{frAd# zXHxS#i_-tgJnN4BAMQK!f4I*7v69E2|8!FCg#OosH~)^9fF45q?wLRp7ceq|F318X z3{L-PpBm`D;eai3nfeeaIhT{8)IplR;b|54-<$3T3hqO3q%0>>$ucvM)^g1W8lFYz zzeu^ziUl;#|NX(SegFGlf3Ux%|EqWm`Y$H+PFO&7j*jn$0jN%XWksM{7C?K|6$_AM zAQ{s#!LBh@ML0%0ae>GWb7x$m&Sf&w?ZYLy6)ArFzW6>9Z)O;E+xipo$!KTUrPK8b z9l3|Cr^|I1)iWLGv(nK2+uIGX{7cfXALquk?T3yxbb*|K{bm46C>oHF*pF| zrqt4cN*@MGjj*vm&Mdd%G(Y25O8}P(Feo+Wk;Q!=3*Y zKm+|h7#`X5e|UVnKL1M%T9}h%n1Hj8d;y><&vxiGZJ^)+9O4djf*2Q! zjLWt`tUASFJzP$6+CEMNd9SDM^*xx^z2D=FX8ELUc`x8smhaW+lb&g<_B+*_PQBOh zm5)a=F4Y>btqf|2*}Z7MUSm@Rpt|hS9wg!nPL^q#)?c7WSIJ(WT?VACaTWwtchQQ* zEE#w~Ac@2JfG1vrIlv{BT#5F4cOgZ)Uaaa@9m^nL`FivIKRbJ*k%P4G6nTxOgtoht zqKXl*$Fluo%Jc$WTplvKf6=jc2(HH{HHI+eR}$XwV(;shA^OJH2pUHDC{UdK7(j+vh}Km|a4G zuA$Fac}}bZpt&%b+m(4OcYm{wSN@MD@DiO(ljIzQIU>6s!W=<@IM1K|4se6~zjxsH z{|)!|hHLqM6%Uu|8Tp;StRu1CT0i}A`7{ar+$I!Q{`?D=do}>m5qK4*Er_BvZf%r+ zy8g^-#Hlg_X{lY}g5)>6DdSSC3_*E1C1c7FFOCjS8sZ4?TQP((P1?olF-{ODH~_Pp z9=#Jz`59d47k=_XA+K6!43v&ue_Bv}GC|tR_zPyRD6VlHX$8Ls47~lcuKjvhcvOy| zU0cOTkqFA5Bp!qViJL6r;%eP}GM@lVV4TRx?1v7Wj%UD!wazeBUU;#lngP&qrHZdX zS+J)sgAD-Q&^=j<@id7*j*4kQC>t;E1d(x^UV(cf0@^GP1g$~|g#@;+ zS6P?bt@i5-K(&bQ=9Qt5u7nt;Fu&1lKeGyBW5iQRRHE*Uky=Ux8uQm!t6)t2FsSU> zv_1A_)YQ3$z&u_HJV97jt3!L~{{#_8JG=V0GBMiHPW=G$y@Bcybp`a4RhO`Zk8XqLHu-Fs27dH+9WEO+7HuPx-i!STS{|HI>> zgZ2HNl{{?Q@F`x+*5_?4wCiP6y4S`ine>bCF0=eFFOM2mBxW6=VnD(F7MqvC*vZi> zF4Pt6*C;`-K>gR^t?nBMv#ftLy+C=22rBw9-kqVmton$xa++m-@VE6xjgQaQV(b{#fJ|Nn1C^seNV72L}nd??98GD7spPc1c7>*=H z+x$>zUJx7|pVvrm0zJmT+BA+3Fsact|WkR8tXVyCLqX)H+%1JkqCmh1MSuO82$FniMZtiM(*g7noV_;rg)3#$YXza#ptj20=+qTUsYScJsY&&gi z+h}atYIN-{_w#9k8|=-azktf>W5R`*AFFoS$3hTb$bv~=NDHH=7%qy?+k2}pY70C3W2wQBV0ebUH8oEP@Ojko zeIyp=BrQjvSIPf^T%0#x8x4``9AY&=cIk6o^m3w7&(w2e>@6N(rDX^Ue}wYb=-Amf zy+fo}`QBZG*y0Rat$;xx@9z)KfJ{!sJ2UF)(dJ8AOjDA6t`t&H>(2ApgMs0r^)ird zT-{Q5xAji(^!8+R0kkKU4n8}kmUK+owyVc*8M16s) zFI69RLreygGQi+?j>34EMFO%HuQ+w@CCP`{w)z=}-%$Dki+CAFW9`KF{4w`jZXpm* z#DKCjIV;3>&sR+T03~B#t}lAcy@wNmt}`J>db3x4lw7qv7u8XaO+54;5iVfTJzI5n z{$h_S>^wvJuOQ03;h~|941!$&;Op!0cGY{s3x2X8u6-L0HrY`#-#QILPqQs&S_Op_ z&ee*xxXwnZBCcC5}ZLoG`Yvqh`$E~z$Gz+4rR;G@W8p>g> z+(d>xsBeNOv|qPx8%N14C3A*5)_K6V{u`zu=DQGo!yf2!SpWY-o(Z{$)1Hz`0M@J> z=xQ4C&^hO4V17r>^5dsGKoMp^i)K( zvxfyaVk@4;(>Be#f=LF_xs_o7Clwn++4B{QYoa7@Pjb)Ka{#hrJIQvkQOcfzo;3IW zr`uiGLa1Lr4UVs%t1l=|i}xQ(&>1XS>ZihbFwO$=HFc>shlcceV;B(VSI!*ip3KhB zl(cF==_=PL{GoLkFptafe;pBoXczt+84Mw&&k$2GH8l~n*;0RRV<(;NzwW_zyMJlK zcuCP}Q#fEGTjb{N`e;4IQ6$Lo_0PtMw|8l$53pk~t(WtNEVS^a8g(zWN^rh2Q|K~V zzB?8Hk|Fv2U{AM>?k1pWpY<4^U_W@<9S~%g7ur%Ct9i(?Wt$=o?P&Y=xp0>!=l5?> zU3>DA`ixtqQSuWucQW^+JU{Y6-Km%;4R2PlDvlWfdB*v)-{86{jc7K`uy-Q!mI%Zt z$A(lG0~?5`5^0yPByOzq0`)&~{@cZft z?*bPzqmWwkj2`lIQ7U9w>fT1aDtR_Rv1KKpra(ZuT1rhhv1OB%Of$t*z}Xo@>!Mi2 zGS9G4RFKs*&sZIl_003@eTvMPm}3@hB%oE$QRbdBb-9ah1t;-@O;xNa%bZ|HentDU zoja##66&giHo<0_@Aha4`3c#C*!?hAhMu?<6wa(q5NZM-ZPt;Xeon>uv7YP@BB=>y2X!e86^w! zwilAk0pK|WKxlgVLB-;~UisC(nNEOR>+HiI#OzH`a6y*G2hXNni{r@<(EM_;j69=& zW`>Rjc8XIz+QD+T{=Cp9n=_~OerTb?WlzZE5_Z7$r_X#9?S=LSE@Iuhc=DiD#MEd5 zX&m|(@y_`WD@K)`&;ZpLJ%aU8Jz1x%f--9NcH;DMpuL zQUO{8NET7S1&&aNsDC!`ouUf$mIIysGMgVj}%?`C*R=V6j*)b8SSthu1wVX zDK1fTxVxLst}C8F4cGocuh!ci03h@kc(N~guX2jQ(wo*zvg#n zU_!>#X*}G0s<>9@T_^+|S+Tct9E4-pQ$tpKV2U2k{uAlL9F{(yV~g}NM`pc`XW8WB zUshIk!G~nyJBjQ$RHCBt%$auMfOl7gD)=DxG|xor6oaO2>`wyU?0Ut5aLDl6F%3ko zY*xVw!%vqcbKi$@Y;`RE)|R7*0<9);f*QBUwRgm~pG>qtxe-~CEP47S%0VAMMepUO z{o_53smZ_J$v5)KCWrHrLxeP8&ny%9#w=->q0q1p4tMZog`S6)p>%0jpdNnuTMZx8 zevuJi4_@DRCy5HrLO6zId;ww~5B#@c*9<`vqZ|oe^VqoDy{pt5ux2y6zEPfLKtMZ9%_YNTSI(P2FCVY;S;l{Ye{#hMb+&rXGN zcZ~M8pcY&HguSqT6Ta*FtQYn{7#l-&QP)(Inv(dL}9hK+=?1)avHY|QbI0oBNrbiD?PlT`uX>SZ;AvtD&&Y;2%CZhJ?gJ>asslB~rkbG;E zT@xsI>wxwYc`T+kMQd>3S5hZhrQye9wC+k=9Hgk$86W?Yp;%0l6?d(hENpAinT7&9 zBV2I3sLg}iJyU4@bhrOA^v(Ha7}D?lw)Ni&14)z;&G5kc&GoweqI7V!Fk&q79mmWH zaGNC99W_VnV)C{e+jtcBHhfe-(j4cs$)IHWyPtBfVBp#Qd$F@?c=nWMh%K_@NkP~g zLpf0~;iA17x>AAUlthl6Chz$V5qiJ2;o)+$f4NwGlJHG^ie&x0v+OP!Y(U4PUtY0< zTCU1R`?wgs_sGn6QYR{s-IcpJEXubfBEI_8KscBp6mc!u zc&GIVxcJG#`6d)ITBvXd@$DM;?`Q{XI{jCpZAz5X&gAWYIo9QQNFu%5*ru=Cz)LF$PCt7Xj-Hl*!o}7O_jgpot_eGxilkHld)Lc zl_Y<$+9+uc3y$G6IK=kEIIyjesLajOuz?$VR*(#>DPVwPg~X*Dz!WQn+?@Ef7lo#0 zl(o#D&?Y{P(*kNA-{1%>Lu=T(9nJV!Ot)h0{;MkPR^Q)^pJ{QbY#v)>$MOsReCgcS z4~EYo*6-mWUsT~v17P7PMa$}~Z}aD!7V48L<>LMRa6LzBK1M#72`c){7DP(@;`3g@ zwL*ymS?6yN$Ud>1zFeLKdm6eI+!4rMBj4!aGRTXD@)VEO?Za(jDV-vI|M`QfvGzy$ z9Qh>2HbXEb54Hyg%FztRdElEQq?fTlit7qO9=;4d9TrR}Yza9zhPYRlidr(UIFwY+ zNlyL#nb84)gtKN(8Jcv7He;EubNb4*8@aZS2G4sVtOulcB3hGy{XkiR)hPRUV(j4l z8DidI=c-Q@n#}vOjZU}Ng=z4w50#4gVErzBY5+1z(}e1ZIu##JYTD)H+`q(k|8esU z*jHQGh%FV+QF>#V7Ff%3GiaI~`GcweRC$dtiul?-Fq4+6b%0xE4bZ&9dj!~tAbF02 z0S1nicj6t%mJ&QZv@KBq2iQljC;F}DJM^Rdc3)QeAksyAOcgcN-7zTSukmT1- zS<^Zen$`Y-LO%7$^dVK?h5i<9(9bECaC>CS%&C*>qAAfA-V0Qm-n7xc_bvFImRD-& z*hq$T#A%vL5r9B`R{%-8NxJJfh}nhuOO4hXdErAkz4P__!ID&WA-;=+YINaneD-=x z9hoq4W%6FK;34_!p`cP_jooMUlA#c%TmvJs!j9oa#cFZUC68H^`a-plX22RDCfL6@ ziv^OH=&$+h%7l}GK|SXJTk=0VD*Q2h8>h&T^w37T2-kE&DY7NSYtCgEH1TMyD_ire9OHZ1S$VQp{&_zHSq^6O z$kprJR6|1#B>r*|`1^Q4&c9Pjp`Q$|oad2Pl6=kh5DZ@O!K_AJG5ikCBh$t-RU-IS z*cTnV5Jncs+cz@g^mRjXj0kS+W^npfR!=RWX5QBFsH9z(fQY${hgPlOhBxRu zVSb-r6AKc-ptzQmnt9g*N}9VSj&W}0hX$);m4WwbofC4R56s0cFW+`DnVS~;9B+o7 z$AJ}5goVbD*bgu_j~@O0XL{|k4r}+eOv@2(5X6Do8?Pva*tp^%ShRRxOIWrcnG;{+ z8hP7v4R3^9tT%FkIfj2-NpLGz-8P(tx>X9QrY6y6eF|C$6jcbAMD-PYoOe`ktJy`4 zz=R>F;sGFH9qQ#8Q9<372ZM&8`GD!0*-hU6Y8#>eXtGpq2trTgjtgg|bK$kxz|H@< z78W{LuS*#Pcho$}D2J~{LWlt*jQ_Pdo20d-;Oq!Ds{v;%`E_(p0Ok z+n)G>fDmW4$tz0k%oRe(Z>N;}nZqJ`tYa8{q6hHpstjJl`kQsYr?#cp_!t(98oX`{ z>%MrQJim~~@u|s}NAYfW^^%kQCHjCy@>L znZPEOEM6Z@_I9d1rCwbe6hlYF)S&w7CCb9>S_!dBPk(7KmL=!PsDK)h#h$wwYwc%_ zd-}2KQGW;{ER;!4K2LX^#u9dG?k5v1Hqvk**;4G?0Th|iPgP1omu?Aw{gZGr>y@(N#EULE%)7S;&cR_EtZ9q_zM zme8be#FP>-d#X{E#GN>dLp%^B8LshG+S$4H@V>RcANKZClI7BKNOUa?Z?c&B3)VLE zZznbqq0d5NsF!xr?4m}C*Z%fuS2}rN>{9j+W*26bSTIu}mHG|hf`AE%Rc#HAhoU-Y zVfUX3a~H;=hA7}1>_VH;t3L!1;1;aA6C%F4BB?(4(Do;RQ&qb-%9%wr4Et)H@@?5_ zAPvP4ygGSQ=a&Q!|MuhM9|l+tt-M2xh7D7qOXj)Ty}>^b)>oma)!z7xVGA zB@HHhu!m6)Fp7c-#wLcL4FVQ_tx|rUujQ(vV)Hg9{1T`c zN26(4seN;AOl+r}6wB3u*Y~0j@x!sjd50!fiJL0Ie3Ae2Fl`3){jhed1nrUmPi3+` z6gr>fxL)0EwcWH(J<8dyrR;fhgKxBeO{*IIqY7n=Do!HjOtVj|rF+7!08X~CWMh9R zi2wLr9$o|=q=!v1dKXessnR5*WIiNe$$?7_q;l#d49^YCpIY=|Jjlg8=Lgsr4&c)m zfIm?a({*a|uG`!E-Cy6I(bD)t-e70%N=NP}{WI!3zHw}g#O6EwktGU##5PFL)N0@BW5ijifU}qenH`@vRQ3x2w97Ps zrP8~o(Zj&0tGZSfj%BdxW6>W+tnm+N(D34J=1SiON6l&&nXDGIpoPC9U6D#oy!FM- z%olG~vMq_n7h~s+zkfN5{y~=I=lMV8!2KH-KS=8=30kT?=>9bNKjO4grh4)0QbV%4 zdcoR|Q$Hdcy0C`C)ytkPZw|`G(&NrlXlp<>nMjXM)Y^i z;3n-(NNp=ceiA{Re@aQ0FI(|e{g;H6&h%YWfG9}qB6eTTC6j(IMDUR7LW zs7!&iJXwr&>VKlemyDX2F)#wS)$~P-Ahy{Y$K)w#fJPE0zOIu%)dZ{OirO-cM~nw_ z@LR5CMr8MvjTH;Ou0&5mEJ)Gyx5Ar{xM;YvSC zX^ax~r}*ZXUONenXbrCa#{n{+@QK%-yJCaa4P~j#;2dggoIHoWIno)_`ihvJrE}9|Tv`r4>RrfS=F&FZCPUN0F30HZbD5uBQkd=YXaloLe({cdvhAOw5)hY&eXT#%BU_V==*u&16R42XVYLy(i7! zw{)+V!;XsHs3wZ+XFw8Im5cLcIL6~S{DF*}e{j#8{SVI{J+%;kUb#gTY`E9ywDk|P z@~iQ*yXv&|WPU66c5A)0@ugb>=nnc&gv*Av^6dfe@X*76>6Mi~;7JwN3mm9ebNemL0pKQw)X*XurI9NO=^{p04AE&GN16w!Nr1KUG+XieqvWV&pHd>W&f~B| zpX+3*6CmN0u~_Wzvruu(h<)%mbOR$UV2QNxtOVh2#pjJhScdq|He0_kkoh~M7sfUP z%6^;(l-B4cb|?!(oO42@;%%odZ<@!I7rDj=hpIwJ@Vn!V=QK=~u5^$y4fS;-I=0bp z#8spGv?NGg>G*3axR?|4kPgz}O*>xuncjr}cZ@l{nMH8+%OiH&pemDX%2ADA;+)g2 z22)-x>5EMQe-*THhn|F7#9lALeNH3h%-YpVV_+A~O!ro)Huy-B=W+(H1pXb*+yL5Z zfX1EH4d_J8lm1TH?E^J7S;=mTlORsZgPZ~0{0%uKeTrGV~8=iK406i z>p!JwNWE4Ps~Qfg9H#vqpUyS=j;kzZgo01)#e3DXkb2n}m(GiBhJding8(rlV$_Q| zcCN2OfcWz_i%pSL6WEI3hD?+o z_rac`tin(3PM9nHSIeI^B?u**_LkM`{f<}uF_#P@rTPhoCvGHJTH5U28pcz#c#+&L@8`$izA?CjuXl^Ls#$<1r2y>6>t=f`vq`{h7Xgg>ocPJEz2F*WG23_PwbZR&^M9gIilx@I<2(3?dFH1>=mqC2xq>qG@CfUdWuoG0Z1mst zVlWymR!J%%Q?1>A{weTV-y|(qf-+pUf($YA8#Pd4bN%{2 zSe_4x#lnnFuh|yeaw0y_z!b|GS*$P?1*~$WO8UKJ@z^4WD$;Aha^~aZt6qzh1V{_=n5wR@pWIdrAt0 z#i6_lOd%nJdS+8`-Ffb}eRZ1BV8L#gBtnY>)1L2XDjJM8c6I%2nCFClo}&}wkWJ(U z8W>NrHxKuGO%;Fd)M+bFOyjAUoZPu!_d8c`(dF0Yr^_Mj;%DL%_*V|g0ya6JYk^C#&5zMlyVPcmMwUqq~fz`FnAP;!-vBh$BRN4^lFgUeOUqw$(7OROLS@ zL=xIf@G4TXTag+}38B`OE(@h%H!sVAcwK}v&Oo%9VL^HQoV2B{H`K6cp>E9LGh1u* z-8Xd;8s1!11>=CiSNh2cy9VOT5Fcbg!{r0r0zeN`~gHQ&6@;{)OdN4rW8pMwA*^%OWe^QY+tf-7YFK z{>LWAF|fjiWSdiZG@+{VYO)~h9O}pU*LV2o$5EpBMY~VRnZG5YcDyXn?C+;+Xmc1T?@Q1N{Um{;-(hrB4-()krsSa>y4Y}qRs#K97{hi-HKnFUjronajPu8gF0h)sE z;MSkU;jPGT1HLP}xGa-wl!7iP&LgkkWaVUiC?bGCYnFt^Z9f|^|Ryv z$z2}xevnPY9Kiu$^sSPx%S%)qQ%1&;L9eZ#a$>>nqiC^M9_YUg;yzK2dJ0?oFT~u{ zxaOFs#0j#v5ZVtDG_srp)uTb5#`^Qb*JL!Bo?x3HEBT#=*owS-!iVs&vPc?>^RIA3-_tJy_RW>$CLpY@_o`OS~BrH@GW{pR1>abnoA8 z*&uGChhD@uy5wZ(nwo7Va=EzI?{Y!iJ_v7P_gd*Kj@@Yt)5#eaCm1sB;9P#paP%Z% zCS&#?H)Qg3r)3t|>}~B3uC_+Wb=KLg63HdCUbfG!I@jlgj7Yic`J9&pQ%fJ174O{% z$zUUTvN0y5&^d91{#<@NRZKMRAryyT*ywPGxuhwx&EL0al3bn5u*|4!Izq_7IB#Jj z0#C8F-ps&bdd-%+MWz4hAcaC$#jT&V?`QvW=q3HAyb*{5mHSPpie3dEw4wrJITT;K zJ{(oIy*}K2mW8;N4L>q~8?7TCpJUdI3^TO2({eBXq69Ji8G54d)hfc%7`7_XLp}EC z;v($DdAIf0T~f?*^F8kWe9Ao*H<`!rx4(?Y7h+Vq zXGf=xPD6d-Z~@@r(@y$~vFKlTOSS3A`1nC(N^_MxASg_oj`(QTk+O8mmA`mr8BiZ* zb)gD7r4*u%ktiCIZy~gsK37<_W2dQgi-|XI3axPY^3rss#-v1eA$G06mEKdGqNK+0 z&wtl0K7iZ_V`CVfy72qh4wyB5S!*9F^$=(hDfZ`Vsx$JeHoJ_ND9Vw{W4b2&s?v>8 z|9P{ra!zUl5Iw))Py8Cvy{W1j9Cq8}93uVK!Ly81@&l2BZ>FmY%+3rr0ES%adNRA(E|18pY*xnb+($kg^r*A#Vao1 zL6+6QAm%HFZ;D14=WQN#Ac2tNmu3I_K+vV7!HZ#DL4>mpFTtR-+-i9c$~_3QJp+V1 zJa0u2{{-jWoxr*TwCBApCbl~6Z;Ajljo&LplJrEMn|haN##Roy@QTI$ZIzZuU#Z$# z&m3yLS6xofrJga;hjyIiE}$*}YPb^t1#zo1_F5BNoRi3P2@E z`&17f7H~nig=nP-R~n@$0+k)z^bl#qjK{aPHUCapUvy5c_Jwz!JUgpTbs89ydGll! z)csCI8@XjzC?(Z6qg65P?T%bwagN>`3PbrnHgDOBr>$62IOyib;L0S$@(g}km;KdF z;eCR9tPaA!FR_8XBq|R}OUyvxL5!-rUek1=3nrp-p@v(x%h$@S6-OJQg~i*oCvd|r zV2T|JXYBpwW%T7aAW8$wgSVYpK9spPTDQ4v1@OnAp5*W5v>n|!M&BOwt^e`M{~@@D z`Kq6Z{)(Nc(FO5g?>lESwV$35Ev3)%dhOx+vT{++KFP8HZzxPqiY|k=?0WIc$eiL< z5F0`E^#(tXhegYQi(%0h20z#cwxGjoJ@jUmR3^-<0=U1LG0OQ=ay8P)=bcN8n7vIAdONbgRV(L5?I+cZ ze1@b*D-?$ONVWku9k33CE$2U+IN=?#kX8oXTXC6`yZT>u4!jn^isDV1yJ!MPNQ3|y z?(kIlD1aM}nCGc`<%kn7?CrnX`akMo%0$?LYM>SeUZvkSM=M^v%=7&5k8~BS6GO@R z9`|QqmLXW45HljBdvMRFTQC&bH4G&r!gmjai8>z`^a8Qv*n(v==7hAJ&GjS~f02fW zRIQ^Pk;B*&ZpR`yn$A%oV>Wue(>NI^O-IWhwr)g=<6>ZmyIY1O+CwOmM*#?7{`jg) zQ;-?=-KN7}zGXgxSD<=-XJ26WMCf{OPQtL&;bpZ>yLi$QI*^>G&?@g{K*#Ey2&#i zmCoIJbP=Jf_$0{?91cOXB<%t`bO(f9roQIvGs#gR1gpxYWcQ7^s8P23`NMkA`6rx@ zs1QOljxq@vd={vAR2rp7E+mhE^_*@xD~^{KE^tjD?cn?yUJ7b6pF33W){Pi>j0;&g zCS+R|^%FRIeJ+>Pvih+08ks%PIC;uJxv!nlHi$KrCA$FPEo5CKy*WjM2wQ~2`8UUd zzt{;kN~Z7;=UR{u`Zm5CUMw{;8uE9d{E4??dj=PwAEZi-W(~B~UEipsAB*vdLGij> zg{E*8T3T^utcaodN&f=JnGu7NwYdR6C z?{tUH!57UYp#<$=K_-SwL4x6GoTH3Rmo{({6tl${<@S(OH8v0e=)#rM4Jfnv(-62j z@z8JZt(~LaBp|G!-`<7_2ANtXP}9%46;tOxTv-5Qlqj1dJJz2;@4%8f;C_E%5g@kT z0~|}r&gK1*pGj+DVG-EU35v$4-w1p&v263F-Fya8cMvcP$JPPBAEHv3o9zM3ReS+QhxbI)L z^sKpo)RcEX6$$7rEiHb_EtS-Ly^6td9;;P*1lU}Jgn~!C&iMy12QZ>(Tf|KhNm)Wh zvy&BAv3JXprK1Y=Ta({ECL={7&qEe)iv+1QpdPh4F;2NKzR%G~_d~3c#}_4V?|kX= zL&n4lqaARg&dlhY_DY!|l5Y!i9f?O2@d>_CrYtg(WS_D8NBoPDRM5z4!g^o_&YGMV z0=ZRCgls?8MT(q*4>!@F1!B4+-u!rCTMvc}ebOrU=Zovu4Dv|OHj5HlKl;`I>nrHs z!7m_0iWX;UFCrgNhTmIxDp|&ed5K;LE#EhJe+CMz2t)FOgz7ImgW8u)JoezgTQ!2a_K0vxCABDc-BCZ?1)PRvPpPCe~Eyv$DG1x^2$&-R(Cd4k+6t2Cb`wdBi;1a4l*qD zBd0}6n+6G9EZCw(MS-7Pg~W^!`(PxH$v(l2WO{YT8}lX1=wAo+E15x3qDylht60uS zc}O-s3Kv{yqu4N+Tu;3rQBj7w{PbfJEx!Cp3o&g$+Y_JfRCD}8TjJ~Ibu5BFWBwnn zWNni9Mo%oTl%I~;WVba8stZHM$WoTpp?+m%Y7X||Q;f{PU^hoBQ3{I++@ChjAddXt zr24!a1#_4KMQTWdcz*>W&2|?uONgN_0r?UgjE+Z}md59VGiTv+tX&zg0)QdEyx30F-iL28z>gc#3=V zbEm8C;RF5S#a6(4PzH{y`tUi*y$_5~xaAdISyO-y=w z``sq33;Vz~)lyVOnRJ0(IS+M)9>Z;wNgQ6o?97lO!naVBVF^zmzK0&vfW|)Aj1utT zLb?PS&$W*#&WKk2>ZhEX$gzvOaEGR{nn?Ue^Yh!rRB=#qgr!q(&0PG|Vc($%PbwTz z*3OdB(em{$Nhe+YIf{v&O;cWyvad3Rbd4m+6Ft!er+5Cf$2bWiKTmu-eRO46Si13| zA<(c5(}lpQH`Q*T8CM0hFgsq%STGw*PbJDMi*RMcnsM2}jUm$DW!3zszfeFzJ*$X# zKZ`BHf`}E~-~`y_FJcyB&ryo03>o;4do}w z)^EUlzZrRkh@fCf89lRksGJn1m*jih*Vy-ddGS~ERIAWena%t}QR(67T0fZdD+M*XZd8Me z!|1uuz4Qv)^(`UdxBK}KoUy+-`U;lG?{&5Db#kAv42d-=Bb1WUrv-0unY=MFc$61S zN&-*qonIT(L;|cT6K9`udEU#D`_tg^)4qJl>mZJ#MV%qegW*TOm13w_c&0!2Jc>Za z9o^Wran_d84F5pEbTJLA_mt5i&A5R{a&p#gK#B^@;4MPBruVHVZHT2JZ5mvqhMsY` z78y(LSv{FX<5gnDfSmUBj{St3ha#s$E`oy#-AI#xz1`7l!n0rJ>o$s)RVdJQ?+Nx3 zb>Cq$V9WN5?VB>l=5LZ6Oh;&#Ao{NT?J!&4M5bNRmq^;y7xpVRe$Z-I@l1c|$Hk^b zmpi0tv;N$uQpstyO1uUNn*+ZY$~^*#j8niKCLgeNGoMub4oJvY0L{B0Ao{1~-(%Y4 z6NbliRM)thzlz@HQr&NT^6REn6&=QP#*gdlF=vFj6S$|S0qCbdbm>8nSf}Gm?mQuX) zCdALfUw7U;t)SR^v-M47z$5_08AfR!(Ob@GKuiwj|LQ7WR}}F8MD+x+vytV^ z6~#B{-MXk}`1RU)g+s^}FVP%*#-L1-n?icK*nOZ6Obn%LSUDBGz2SwTIJFI1-TfY# z8ZMXhL@)&1wuY?zFw5RY>+{3wwgyM3?;7tlKHtH9f2+|-yba#XMi~BwU8p}#2qsL; z9E;lIjKW1SKe>)u37SNUuB$k18cucR>&~usDNds9adY6S3KbJXD!S+>-pj_2kgP?1 zx5I3ag&QAd(aQECbp1>qcdujIUTw2l4v;0Pn*cF00<1lg#7#{p#x)-S)G{LeaIWv^ z-Uo0Q1=N}R{z3S{qhkF^PObaX`!Q?LVyF6f{b~&dpFZvOd%S8FBrkTaUVj$EuNqH$ z6~+WW;QIzF;K->R%%xJ~AVgy0^ratO5E4iIosVZr1JNMM@KUo_kJSeIw)!87m<8xu z*6>cWSw$aDjRMRFBN)kkCQ>gh>u#sNf)w+D6uNu#_7Occ5?^!zp5dm%xY#}#IIM zF*T7;t3A17aL^-0@Y{J;{VZbAB=<3qf43MX6Dwf`^}4Wk;Lq{V%UW3!M$WhBB5lIw zNc&*uqIpA=evjU4&}_1aS1nfy2jJnQP-+|2Bp~lnIt1XAXP-M9zl{qXw`(|-V+$Iu zGSGX<7N0EEyt>I?V9SdzB-~aUy=IYo|4ObVU9Z*OR=VMWzGZ3Royv{(T7xWd*410a z12p=WS<~ey1D*kPxj?w(+A9!)#dGtZRC{?p?QXj<1%7KkO%m!~9NCC{ zMK)>fHvlyWoZ649aP#+t7}&;t8Sc27smLNSyht!-=#&K6*pFApJUkn!=rd2ib7TV_ zu4nICJ1Z-XU=W4)Ir)KX>@QZRSfqFbomV3h@TR z^x5-mL@!a|9%v|4uiRH-c=C>FtH8_jn^Q_FcQf5DF;Ms3ae$%c=rIRa@09h|QAX^M zt{Xf<9czIuPf$fmL5DdWEU7|zgcM94vW!`YA5$M#noPZHjhmdo z{KuUBVIA})Yp8h&b8VNnL{AhYj%I!#yfYqSh46{dK}+@;yA1K%|LBGeNoKrwUpv7X zSo2gRp3GJUij~!G5X6Y#mpTV-HKB_yJ=;mkbpAHVCH_Mg=#XD6o~#wVx;3x;R51R4G9i>_ z&^}^rLZI13%A1Y|jvN(@*rFN|f!KuU?jf`>!Q^#?odjPvd~Purw{0JEYIzYbh&AVN z2xjg|X+||64_FDgazTD$DMo&ef`+-AA%cNXX7v`M9v6V1led(5o=wqb_%UqF^FVSe z`x`NQjhQc7gDyTg?o&>u`@GeU@aFZluHDzf)4N@sAd;?EQM6KGw zd`z3k7Sb16ER`o0WE_2L_+C_sG;)irB7V^;*BuH2{EHKP(K>hx{=Mn8=rA}T>8W8q zek!~1%*@}V(F5_Z{w$B00N{CL5$wn=egT?OcNPB{IHCEQ0y?kjG!J3MwITbf@X}=o zijpBV{^#eBUhff{Z}~V%_V%36acS5(DTWF31xRO9N4bTqKbSDrqZ6{;lwK@AvP6li zfnYfXmA&U$z3WtCXo6`VDe+^aKmWJTi=Duge+*bj;$fY&Lcfd%UQS^jf2p{T58~Xx z-NoR59iIpeP#t7Hw%{7!Eu(HG8fcypIsUPs^KfIId%co#Ysq^||M3&$!td&R^yZRE z!!4WMfO|7vuwxO{9#C_W%HP(A{cPd?LMt;ueH0v6qxooJv&&xZK=&d%@#m)qj-}_mB02k{c0*)PiJQH z4j(Ay?UgSOuksvGfc89r@VSNIDzCkAjs;o?LQkrH>K{9W@BSufnryj>v<6 zfi@4-^oL512}N`8+i^NewviZtJO{OhRv=2^31f64%>);tCf$70$`lo3ZnmbHpGmk> zQX=N51v}HpXEZDGYMXuU-2RwId79H9L2h+HPfnQag!r=``w@Tr?q`tNv-?r27zR5JQlvVIa#sp1XOLOD&W*mPZOTNNm#I)Ar-kXXrKHissP z@JOcbP)vk*&i8iF+g}#gX2Dt!Bt7VZrpTKf+1h3}XZD`MgB%tyjV+ktdX9bhg52+? zNg}l$sCf+<+T%C(HB?Flx+D?z8ZdU|@F9VK_ec4y&}PGHi=#f5oarw!blx*UBrKUx zqFQ|#?^Ehjt0jEGCVz=r7}CNZy#mpb`VeLFrjgMoKdF1H=7@1mWk>`3=w)j9=lXel%>9S`M zOdDg}dkBY8tAz7KU~&xQDwBGa1081vtu-c*7!k@)--*a-k2+hxZj(~MK78A)X8j=V z02HXKnH;X(bKy7o*(>j6Kn8W7`=!^-r3aW5I`Malhi>};)+Y#IMMb|5xH%SG_ubv- zYv06-oBX#$*_*VP1k^S|2LvHf)4`@P8_eb4(uC%U3w(x0ARakIe3qPUFBL?b=`GZ| z*7&p3y{yv7lT}T5m&73dNOJJTOha?D_D_+Jj%BDjFVqABrT5)APWDoi>i!8z>>XxU zuA^gw(z_f9&oyip6xh7S`pAmh>pEg2McuiH+M=YcR>B*)f<^VF1|}YIj`05j>G%1c z_NOjQrS7GbY)|gMjtoCJabkP~Ka4ObvsT4{U=pLs5lOK3z)yB=Oyb~%yujqg5Kr0b`9x;!@l8C%NH^HI%H+=#gq zMj39|vDPtNkyw~Xr2!=fwENP)9egO)#9;gm%-;o(#Q8)mX4tOOIhS;8Heo13&S8*S z#Rs`AbEMTimN3!Mc!}^%F%~Q)%S+fiX}!sR(ojF6(q?QF4p5Bl8#Q~@riN{jTx{wJ zsPi(r>N%pr=c3o=2zO?uP|m@y>D)%Wrx2%WZ~5|ZcBbB`7bfI6M_?`0qBr_dnF)Z+ zKMy%~1rhn9NNzUa4GIEVogH2`FU4F)8p|K!evit`0Oz-Rt23ZAA(6yy`YhHRET?w- zki-A{u)C2t&LxD>J2{=YwEaAdd*#q`!0C1O2-gwdeRBx6-T^Dr0h8)jGKTL z(c<@X`#f3ME#N(OcCvvP{8^~bNy83o+JxfD`nPaCB=FyTU;^GNIVVr;i!`wfJYUCD z4LsAz6V`w=#@!vpxTtqxJjWqn?c7SZS+Kv;&t>TEE?n)eNbgswY^s*X55l#cF%-G3 z_+;ohQ0^WT_NsV8z1mD!2%U+Ck;J6fP)SOel(bU*FcxT%$l~$P50O#|nOwDTzEdr< zoKf5nNj!mItU}+|k{pcvuLdBAv^qkXMr8lK9Demq5-k0`Om9@tP z_4(iMfmj^!<{eN>ljTt+0>hBR! zQuE>bzND)x>aWVC!)Qm-YG0P>A2}?n`%tbCYQ5*qOT0JzBa^=#ai0FbAS~;fA-$3T zsrT($op;Y(tWPxNKDJu*5xPNRyh9=RKYkYC;y@iT6HtKCC^$(G@$x{2(0@Tp z6mt3o51zdclP2G$4K6Qbyi|lz)EPWymuk)4&r6AzJ&U&jM3v()r+=$YDEW#)xrt*e za?PT#3oprh5>K-wTL@0)}bbPYvg1PMAP^M-lUKfVqlC zYM1&jj_JYuQNN^T?RCL0b5iVzV)o(MalB@bp>Y~^rz2HgZi14FW2t-~>oB~9%%2|I zAKfAb9e94}CGn>!t@eMVLs?V)&!dx)|IgFYlWqQwjTDprQ`%cPg$W7(^b&??wcG8 zubN$-WDc&vUFh1vSk_kB7~LH+jEdtc^-&%NWC;F^_VdrZJ2W?b3H1=jZ&|Frwpxsu z(rW*g(_mfqzo%vU|EI_2+xy>*6tP#m{2Xh4|3Z>`X^~&GMVXt6Tr`Q zS=v1MOz9lRLOtnDj?*xlgMX$l#AD1)gg6#d_jQ@_=0GrRNxF_g?WN_Lb@xtd7=0z-?D08{F3=$6Z9&atA( z)vDH3P0fz0%pkD>x}TX34%%>?yB%q7D-{Zg5PK-hy-*rMiJcDy0f2x?pqaasv2Efp z$Y(pi6i`%cHR#g$U>nsiYzdYbjLJvNn z=pH8|5=zo;qCf-xe{y(a$A3RMdwR6x|2I)g`wwG;!97ecybV#c(l?tLp7Gr;>N8_+ zL(#o{D#ZSLC$qMF>QB)u3weqDisreISY{DsLhJieG<4$d%L&v2GTZW*L^XgpL=R@|U+1d0H8xkK}+ z5BS+)YsU1Mur6AOdJB@KTu~~7Dz2SfS0a_uzxw{We*ROp4fAp|)aQMfd`=9EWuVk= z)>70=fa~i@Oq6+oT~7@OU16BHAQ8A;}S&}VSc2mLq=!z&VEKjXUuc0Pjg;d0mv-_?u7CZxFgd416=ZI%uZ;B#?v!&WpZBD(zSt-7$_sB60+wT| z(8l_G4o+b%P3wh*e7|VhFTmsm{?dud{LH9Tc&<(C%^gLeG$oX2-!1*O0YyI&`-*9- zUxp-aS^oGVmze~FNZvt|FT%Gx;I`zYe*e#}BIv=Vl;OpUz#8`dX44#-X9U51y=HSHDDcw3I)n=19^e}vcrN$zkoIrtPT=KR+}|8sI$^8YzJ+2;S* zNRgHhZ?3`fR(n-GA-o`>g>U+~VK9G}>oc++(s;V?u3)jNzLZeam-2^n>dqp3g~uBCqcCy0_X@ew`v){CC&(HI>)wiVC1oAkrPwED54QgS}rR9;|b41_9lA|+j--;Su&2ty~ z1qNAk9vhVC&|lG9TXT|Ymf&czTV-vQvxx>(MIIb|$0^Ov+EMaRQ1ClN0%5ndIH5|~ z_KLB{nk%%=8=oN7^;-}FC zmoF9rqVfLE_Ww9OIz8Fye>PIY-UI*u@6=EOW1#hBRJ|AFl@0c9K$6_MOJu;-z+ds| zGPlaVje4_cJsj$-GcyhGton5<^;n zYB>g8WzCWb!R4g(rI^+F^)JtjB~-tnH1U5&C#Cqmr(6B+W{UK);OD+Dv4TLH`(zC6 z&|G>IDV~ipeNfnmQ1~)Rpl;UW@A9MJk zBbEW2KJoSECJN}Eb~`#InFn@(WQv__$(*eham<%+;f+^&?rS#0{6ar3=DB+?w#G7{v40Z@!YVGb|?1ieHrMS>j}Wj?5PviQ;y zds|wShW($B1WwSwCm6@q^6%Bh|2aLe<3ArCo}X^_|BV#o2_^GF#qlpBOlRmdNh1~Q zvDxxN&5_*f(6OJH8?pPHK0CN{z6ZX8_cLKTZCB3W zWLJ7DNs;(KF|0x65Gh)_pXJ6PWiPzU+p@8u;v7w@`6!G1Jmc71K{k~yIIQfEX;UKJ z(DXKcu72d-72cMuQbe5u!9WBS7BBR#97gedm2paw$x7zHCnln>mEnkq=%jjBs&!J; z6P9jxf>tm?S=8%_xoS^H)0V$t4!fphJ}WC{kNlD(vidA$^A|V)-(`O)vdPN&;Sl^* zh&wHP3H2yt;kxCN@$~bT5}7Qvs-AiY`e%w06eyD^KF$$gfFjl}d~e1!&7xhqLqacU zW{N-S*|J;A<-brn@ZQx%02!ppdB|$zyL%G8;4p^&O=eOqR2DQb9+>E6lO%hT0nW%> z>VsM=iBezwtjPUiLT31XNHF~zCue}!>YywwymWs;OavyrR~WauQ`cz2Fm$c%l^hKU zBe#1-?Iz>3cFM4bkR1bx9CCYKfGF9KT-ck|K_B^`E0G+mLwllqX`bq9DlPeczRU7G z;upD>VG?za0~+}Mlc(pl{rBQ1FSjA>$s%b8i;0KIl_^67~ah-v@n_7NcK01SJdPWzRCe zyy;Idhe+cPvsVJ@LBGE0-~qEKNm=%+Z#0+H7wP{$&FDmYqIENukvQLhULoM$s0Rc? zqV**Z$Qt5pDkJTK3BE@WhzSV+@+M$(FpJm$gVEgqB{RgUjsT|W%ZDjS5Tvr!i1TB4 z{gF`8VTA?y3}3XNzZ0(CA$_7{QJ($PyKaJ4VOup=UaPO&%dmV6k)Qu9`9J(wQDPnW zAI?tg_%DZN=iB)28!1KGq@3>)_e}V6wg7G+MFAiYP`ZVBW2JUl152OPxWRm9C@!?1 z8c?12k7L+s1Ih3EzAI=-G^|VrZVAhgFX!u#M%DUXN80zSG~WN8Keh9}AD(ROKQ~f# zfC~Pt^012p<8NfJ&})B+W~kTOw-WgdMH;QE1kYeHAA-?$Kc->Gm(EDMc*~|Jq2}}b z@2*Rc1V_Dn@a~6;=L-PipJ@;Z@ZubtETI!-pXPhJB+25hYgDm!BC*A{c_ph@oUGawd=P=l$>A<>A|%64-->X&(F6q`Mu`q2-uoT=70qpJO4sr`06^qJ zg2QG}Z+x5cHffcIc`UqJs2 zj2`LAVD$eS9v+V5uh%%jvvejhJp<9~g;X}SYT4+(7>403^zZbZ;Kd2KMQU9(bznq= z3&^N#2d0e0ssnmCi{^wIJ$RU+NbEjR2o-6nW%hY}SsJ2y6gG80#ihQ|QC?Qq0We~| z-2ol`JBun))eT*-aRgMw7Guz{1EVZU_{hp*XRf4|pr?*zkMZ!{Xs z;VkSGIwL*8?oos&m3D-V1vmsphtj6aoZH#c;)EH3Gx5|O1^wLa+z=coyH@-qkvQ%F zz~xq!#+^|(b7F8@fx-DstYP76xK4+C#wk;a-pTwXkqF^o)xg0?u@DG8fsxAz;4oSXRyWqaFYj6En=r zVl(K*WVWYs{XkaDrmFc=J)^27c4=yVNrdE-EKKu`=$utxb6knd`C$!x@(G{oMO5xX zLjoibh)F<=*r~nV1s4frQZ>1MD(hmH2)m0A%eyr$Ia=TDf!mY;A4cF70U{0m0~GPv zf;A<rBrg60>n>Es?=Say z90SU57)mH2b+8CICB$8#y%E?H&1&%4<0pX+DH1p-P0?aXAwvaJ)BzPWK))N>pCy$) zM%xRhfehVEjn-%AuC`<;@CrA7Z%yG$z;dw$IbZO*!4&)s_}=y}5~=$DtP*sgdz8$D z4V#?ozKC|wK;t}wo^l6oMmdv6x}f~7E&PVoT_{WU_-e?H7iG_n(+ZRqni!ivS$g(= z9VjR0pDCi1Q{ypC42^Qd)OgHPu9zB+5#=|(T)w!x`1JhZ>e~4c0HYAot`ozAIuQPM zn(GicFLBiWboHL^*fFFO1-p$X$0ShUa+>wzwda)Jc+uEPB}P+nyD)dO7?&*@+j|eb&ll^3n#@8T!^XI1HcGKt2B2% z;)F8!CJ#6Zw1tb-J!v2LC?JexP7NvtVgI0~P=yVWsu`ybgLaf#L{PBj zb}j8H(DO=noa;lc5LJhEM9;f=fBB*cy+sZh0nZ^4CTSGmXaXPw2_bB^C3^2)UtIsy zjow1sMkTz32A6Y07xWE@-VwrV^cLYPT9*#!y{F|_xZvQf1HGRTlE#k{Jr!Gs5AKgR zM08FWnmwAq6<)np3BJc6nxL2bFw^lt9|L-^#>_Sad>rUefYiTE^n!%Mj{&`yG@2BzlA&_x zgd5QF#?G_MMDL3oY6g1Gg&##(efT9;E=P~1aU3GyD-t^B_=V@5N9WXM)y@s;N3WgY z#i4VtdNb?+umkoD_d=j+2r)vhfI@gMDn5E{$mnUPeQ~mYo<unVm;^n*|COM}HiaAu zehA(Qa=*q@B>Pjgc-G3J8R}}*i{Ax3(B%wH5Uo{h{9fT#)lF|vr=V!%`_!m?C@g)M zu-sbM)pqGs>-y3LQ*Ok}5?=3qP~XVA9E_t81}Aw>7H{Mx2jghONH@MrBUfn{0u5(L zMYGJxE_Aka%qfigvAr4(f16%XwIg*MG;DkBNZvFC8v`Ns|E(62+ojb zc(l6*F#Dc@f25QFXdvqKF8Om9QUajhI%7;)qGKtH$5(qAU2D4tu?Q@PU&*Bry0m(0}EQ$-BHlc4~bbWPe&! zly&aMf%?OGZP@6392h^!4UO?+24m5X{4;OCPY~k`@c-+lS(1P0uune@>?an6O39xg zs($NQ$u0Ch4*0*>cgj@b<3Rsacw+$`0g-3yoO%$m5 z|L1>I*U#$i$+I<|;s8gKAs7HM1`teP68I!Qf&4VTo}h>UEN&!5RfgpwPckl1z-x-@ z&Rdyc82Tsxw{rs}JyV50#Hb8z1XK?=b}*Ez&p{eb5*SFw2yZPx6HNbqbCR#Jji&gY zhfl5epGPN8pPp^~|2I)~^0*`&F1{)+xtvb;nqh2t&(;2ptKEH;^|0-gmcS!h5{>k* zR2kZB=zqnS=q&k&uiO zwuY)66CF`r!LHRCmz{KlK*#IK5RMd(1iZjh{#_tY3rx(|2Gyfe;q#x-#NbpEKy`a( zPKpLh%pe6T!NdeuM5h6h05aHNp2!DvGgbgpRs=<&X#c*8I7Tp`0Lx=PJNUBNT1HhN zr$oqnBJ58R4PwwqO6O`O8~O>;kFDf{ z*3u2l;mx)&g3$wjuqjIR+jXl1<@ZeSF-t>+L5L%iJre2;*$$U+zVzv}Ez1^* z|Ffm3m9){o|DB(d^8cMaJ>ACt+eq2T^~$~81*Pc>Nq;TA87PI%6jA^|oS-rO%(wfI z7RG2?!&71M|DA< z*vFg>HAobAwobSGtr#|iQ4&Jw z60r>YxC|w(5wp7vDKG&yAwgMyBV$h3NE8GMHxdt1#2EnIbvd{|0wsx1qqIPRv3X%) zt^^4VG)JMCM{L?*fv3Ash|<3RpDQ$%V5@Q;JsS1nhCnirNrCtA3VRrOGG|6@XC9|!6W{d|l+qu^z9 z|8b!IGQJSCjo+^@W#SqC!%#yyn0!5JICoo^K~=19tVcP2B4?WBkMjwa-wqZ>cW9&> zC^sNWxfxjsd*D$1G+v7}T>6MH4M^NM?CgNc2s7hMZ+{N2MRonI~uC@m)l6A-q^NpIV>jPI?JAMSKSQ=bqM=?*XMN z-{t4ZGjN^8F-e%bgOJ;7LT2vEBe9J<11|`Y_Y9n07^zh{;vesUQMONt2SVpRl3S#B zU|oicIBp|}b&~S!e9X7|0%IT@A{a~<3OxRW=tqZ-1QH~YAxG5bUT>u6uqYt)xwpxE zwK$8G*;{vj=XqPzMEl~F{}nT_qBa`j|Kp>x!?OIp&HucSvI8!X30ts6GmI8B9ZJe|Y7Nira!q=##o3Ld(C|dFqWwgQp`{85ZfQ89qKzBWGIhHmj z(j{+C3nDs@ALIuHZ=nk%WlkuL>atjBNCMTHDWOO^E21di=#3c{H>U`UIB7;6cu&zd z4TXG_Qk3K!;phl<;HUSOYZXI1fyuWcqVVnv`M)L%J;K96y0!i6#r8OU#KnF7=Ng7p zw9%CR=lt}uIMj z`i2g?9dN;CKOZOKsp_YF;Hk$)?#IVvuyRZsfb}2iKRVs}ztp*|s*Q&I|LOV3u`U0d zA8zk|H&S-M%jo{gh=0v{b)}V|Wn{Q=>9AXvjkacps}~Wah!x#;plGd~qG6HeP{g9> zen5AHJmt&_&`eXluY9;eb9YV&3)L!(u`-nl=h6^K+R63%C7m&+%N?2@NUNzXrGToJ znH~NW&EKK13)N+)dJhvU?ni}0+SphZRK3WK`qiL^H;w)(sG1vLmVhsX>YcqWG@@Fh zYAvcI;7g&3KF2T$-ij1YA_Q8)1$hzG5oa+(pMEv2$OT9+fI*OXDWzd3NGuEp_zt{l z8Cr_BMO39bO3mC^Zmt%}q8W-q~%QS8MsC4 z0ij4*JgezuI5JT#$s8zakppdBBJMjKS!n_0QZyLjD4+mFbFcRdjLZc!lJ~yWdB9O+ zQ!uhu+erA3F``$Iiib%>ddz#3oj(x1YrSXE8`Nhh%##Pg#E{^lAdht?oJhwQ1)K~5 zOGn!>E2p^D3^5o$20bT!`L;R)_eUGNF{#x5C=0z+w9%md zIpyz4`v2pt{$~?K=zjno?8m1B+MGe6)oxqu&*qF1-D)2`Y|S*Z0v%P_ZoBk7qJ_m2 zJ_e3TDrqm1b~C1|hu#^-MTF7fMa?=yQ47ZfM7x5W{#pb(fn&yPwA7V#c5^`3D^GJuUk^1xIzxtE2-5K<2py`v6 z`G4hKvx+vF?0?VB9QHp?xBUMmisb+KV1GIOzis5f4s3pjh3^=9unniKPis!RyeFF5 zZe+G?^VX`%RihQfsmnHtliie}1JuY!9RsfI>bicsC{>*p7* zUJA2Z{-ke2Ju$V$zi6#-zpXl1w)PlQ%IiJsML)l(!=CrZKJ4X*nrTq2!&D{YacfoW zkB{9Sx6`=Vz)mWF^&hVZwEO%w9C26BMpOKc!z0`O=Zv!i+w*?|We5Do$NEuNfwhi6 z>?m1KVnm4=SWh^*s41Bm zgKU>F)0#JMEtOp`qkP`{9sE)5iP42X&9T7m2L87z z+pGQKf0$>z)+$1wTPp@Rtob1F{(&?KP+|~fx3{m; z9dun$%eTo_(uUi;KL7OY<;9CnZ{NK7+oyML-}3g4M#`vGq<06$Nx;ZV1YxLq zIb^=Z_6lpPZP&6DzC_PBM{f2(XQnXF76}t1(uX6C@J}4ipWeNFewz z^%s}_L4l(--GX_^6av|^ zys5=SWyc8QTU4B&YewSr^*}dJOSGkWKq$LrFkxS94?au@x%+73J(bAib~K%PVBIKj z_%fo|0DVUO9+)x~%YW%E7`&&_%N?pvpPbv}?*?>Nd_{L#_CP!5OEhc;eI2Erqafh! zg6e?zRu2|(*EdA6tWAAsw(IUeO!9dok<(c$fzbm_oUT2P(oe$nOtefY=a?-ui>8FK zMQ2g52iadn4>X@(vOPNWN?>{BS z5=R^iU~S?;V0+ zn^Jd&Tt@5537BPxuG0;3gYdbkvVI{}?ow@u3M!ZwSxmMISQXriT5YMh2`?j-32CA` zE0dDdOj3J!i0@H^Xal((Kb1IXvc8DEwS-UuJEu~DV1OIR^mR}v@5@TaWKc=O4YxD? zJCOMrsHFR{nyF+`Nv6_pX4xqq0}NN5HB(8u0=4Ri$_oHU0s@&9KuVu0AXF8VO#P9C zOob3Fi%E(61NF|S5~wR9E+w?4lDT_VX{h!9^W!}*Nn*c)vZ{(orjE)&#t~6ck-$=0 zEl(w_9_mD;H7UVdR5JBo7BZkhDaOa=fcf!(IT|$zvUO3(sc0)8C;p)wG(MG7stP)@ z(G{oFTy09DDvTav%FV9YuqrB<`YH>V`ZLZ!r3y7!o3iK`*G=8lIJc^(M7i`Qat6cj z1q$K(8u=s&sAI)7QpxqMXe>B}VR#GuJ0-PIPoQ#xXNaWC!pwz~w1>2E^4OJd1gQG6 zYpJDDj1o+O>jLPNQOUAK>_Vs_Udm#zxZ(;mmY`1yDlv&;flMo;(xODN&~j19sFPiYQge zR3F`ki21EAp}rY%sePk6u@<@$EKf;ijC}C5Q~0a6Lv-K&nK@pUZ==cn^YHB4y8k;r zJl@9t-$>a3@AOzdjw`@roIpiszQyZ!cUOBIw$8U*XmGe+2jVD$i3AgJiw3Bg+Yj1hJsSUJGj>lFG^rO9Md$N-iZl#S>s!jUd( zcclEy9G+--w73akAVF~meH6&p+PNp2hCC{DX(VE}>8UBa)t)>_)B*D3$sV{xK1?YR z5J}1aW_#c+y+uic7!rC;nf7`l`#u7YYU~wE5BxgC{#4vlga`&)6cyH^xBSq=KI8bR z$ar%ug!lq=oa8V`A_#=;Q6z4Ef;2>dz+Bf5c#~L$z2SJPdl40UuAfGtCJOrCcFvzN z98Kg+iXagMgOMMnDpt81z|pRVc6P`Q-*;$&K7-eg`BNeIe|UcN9>|9?{_x{KNU6hv zgM>dkIy~}xGCN2PUY!0+(#wM*k&3^|2kTTg>*=h$qK}x~B<8%mYkxGvG z5FGu4ExB0EWH*q*Sp}H0!`Jxh5NEcfV{yxWwwv~HQecDq=ke)@9slR)@$uIFb0cL3 zT&uALYOo)N7-*H>3!%V`;x++oEi8i8W}j;``0Qfu=?*#GPI6p{MdmuqIt3-Hy{B$O ztWeTMsWh9a3INn9NJTj+keL~)fc5fLoDN!eS?mZ0EwX#8WoXeZR!5G8QwtzO#H`9H z>{%;mAp&Q7d0I#`3}TdNA*-x_7*1L^qqRsmu^1-2Gc8(D!Hqy!uB@oIL{3Q?DHw+2 z;VQxRI7AcllKL=&V$WWh7VSt;*?vilQdx5$YPe_-Yv8uA;PUfAmUbjD(5PA?MwNA~ z5hH5RI%v^hyUAca7onHHkjGQ@Dvf+F81v-m0@V_XQB zu$nc}jv5vcZf&-i#$uU&Gul28_j<^N590Qo|5F%ctfgzHy`$jMbWC%XKeT)E!s&RYr9Gn7nF z(0gX#D1!GVWF`sFai9ADgW!Op@p0sVAJRN3CNTnq&ej?{-X5}VN1bl1oc`b*b zQzpg^!P)s=%CCe}=XmFoavbohL;zR*$(%)Yy)7{ceT(#sP^ zewYRbjGkXyeHtlMrPuqBBml{IyeHqid3p2c;>GLBH(83OTLeb=Q}0i6)8W?tGnCA5 zBxd3YEWn!b{~Vtl+4f&2CtLfkjg%d5laKY|Q2n>H09!8B-zu%T7SxFg9E_z_rbAmR znNo};18Ac-U}53S5T$T}RF?Z?vH%%aD4^0|&uvcP#)5>{cbGISiG_sfvRhgsi)CQ) z4Y5~7uZriqF^`7eAVBx#v9ceMiLMw1KQ-q6 zIXgYJ<3Al8A8yb8O_UvQ$wwXVVFz;DJBMh>wqAF(?iB~>?HV1)KGExr^ySZWfu6OH zT2jx-i(EM2nnSz_4`wlxaVpYjh?XG*94fWwXRq`R{2Ma|>cvQ5&)wLJU@4+XIU{mCf;x+@j&ni*Nx%yk=!8~~vlD_LyhWkg>e(9NrpTE_8bk$@ zb1qfrwMGy|5nEfHie znILwJLgcfHFl@>UUl}*5kRD#`a#a={5unF~ zYW{7Os(xfq$(^OXw$p=Au_FQmoX}WnPYHakE78b5nB@=Q|Q7O?~e>{ zCBOLY$21Jzz!}>A?y~riOtwErP>3Lvp%L~)YJB-8F4x|zmY=QK!(I;nds0@3((-iG zVyqDlID5e2(2*Tho{Ks?tZ@V`3krziDwnJE*)RnEOyS(aBzvPbG#6YU6Ktr|tC9+1i5_S=%Rx))~mXY)_l(Pw7b&3k6mPNfB6 z-_cX6CVx?=sd{cz6T5O=t+;}6^!JN;nWL%~$6tX0!<7Fc!d4gb*(lBW|5Ho;KRG(v z>i;)Vc7V8gE6Mz=-LNz3`6UeGZIQmSQ}r@N>7sQp^^Lx_RJ>m!q;5zu=0y46ana|^ z+nbly9;>rq*S(iZZz=-1bWnCX+E*|-QeU?3r<9S|a_uV^N}anW*`f)_(uyklU=)Bc zAx!xS%l7qyW!hITI`zMv!x6Y?zD7-VgWrhc)iqE(8-m}(d9VY1MWIhP2S>p5^NUw9 z5B<#)Mt5LNq~9-&D1%|hIi>%~kD}+C>G3#&1OE8qnb!k~oFa!jP<_i=ctQMhh9b#p zh-ZZ->VAW>r5vtyBps793IJrl^E?IUhjaoG6qAHW=HPNHQN+9=xJ@THgUcc9fmm>A zK-d$(2w+N6q(SDl`VQ_aqn7U2?}{v(ndTg7asGS-C+OE*%=14+3B{D5$VUh7US7O- z{c;oe|Bud&kL>s_+x!okDm&mRAN2(_|84fzs>^|8bNjE!FK@9+hF080n|p`__?b2N z<;kFm`4m|hg&VIts#EprQWFl>4q2L^@3;`@fN_x)-iLbJVe-XXd6Unx&Ae-)~OS~D3_msYH4+Q8Q`)Ic%EoLN**i}``@vgKe&I{8B z$XRMavF8`kIfk5jhGA%!&q!q~Oc0<#DbzH<+t4B*F`T%}zdF*Q+8}CKS{N8EL6Uk} z(DZh}S+OZvXbhL16-~6z#^VdpqVDo%$-Pt4BExV6#Aw(%t;?-PMGL-nK4e#Bf!<6p z1+owN`baBe>Xa1qEv*@33MLh~AnrgQ&i@!?*)2ybm!6 zT61BWqy@(*0C3Ed_Y)_JIaiRLD(j#{$pZCp(IU6H&1Oamf~<-bWmaUdb7WM(;Edd~ z;5{s|7)!cpu8TQ$vKWhyWM#A{u_6od7b7Q!Qx!i(2Kv8U#jIE% zElRA&f@kW;&EeFnkphdc3^6*|fRuM;(*}f}X!7xExnB|c2w#nri1Jo#K+CX$aUfP8 z8n2@nGS9d+(bT1ytDr1NeU>K3>tsk$jbCm^QiY_hk|EoB<{m4;=R-=-I1Qz<@|>jL z0ZK^n0D*u`At!ak;2G{2y=UMp=iMGKMSB92as^B&DtFp>Xfq-r)Z;Ps-A&YAEE!9* zo!N|`s%)8l0v`Hs)~;T{g-|t^%Nfm^8fm&)M9)bQ0?(hV_38U)I;8rY@%u0)ST!UT^#m+ zs#Rqeqp~O{5aLnB91OvM{8&8J`=ROj>$c7j*KZX#t9dKhK!Ov6`5@&xtl;2{HyKWL z@8pu!ZT_jS_q`6WXn4)GAU%lT=S+wF8U+x5P6RoAEuG8no22l9m_b4Jbfmm4mRf@~D^0TjU|t&%~{ znv1;8F^qz@Il3JrK%H&6;8`F6f&mNyeFBctFcj!Qs$vZ6T7434>k(DQ=xY*Gg{JD_ zGoGKz0^mSo)VoEwp*|LxiWy}5)bAfYefqS&+m51`p;_VjxxpWz=;&{`LP&Q4j)MfN zqNFIYEjRQ6qIZ|?2+Ph<4odmFw8ybEqDCg;Wf84RirfOxVmzB)FnX}0EHVZoQ}W|e z>4SOwTCm~!ILIuqcD-uZ#K|(wV7z}%!g|gz-~Rctd|xu&2r^3`)^1?3+Qxbrsudxg zi_y`X;lA{QxI^z|B;8dV>Iu$0!j;6IS>8cnn|}s?u5u%`p3!Xz*=LowK)#f8kw!hNR4kcj#HuA_ROKY!ZXaYER@|KfEEYE3h(ee9QlDr0f7a(%bz%5BNoqx|>^a|1ZM&Q}6%ybMwxh zO+}zW1}WO{H~TP-x4ZtzOV$2QR~Q1g(f*?p|Nrd#C(BACB4t}}Nps&;Bqa}i^vD_Mb7-r@&2xB9Mr8awDnR*y89Jh8Jf2v~g zf5|QM*AV`(DgM*(>4}~H;rQv6|JzL20q=gec;1QotK|Jwoamu$({0bEZ7T6Y12@Rm zR$J;Wp9n&V;^1kK1n0J{j4%80Th`ML?Zy|R#Z*`WjLm1 z%C0dx+z3+_w$0*MyDSA3mgS5EPCV-=oTMRg?dfHNoAzM`!Xp8Fl=+1h@LO<72#_9( zv9j%3Ey5Yxk(7xw=IwgY24U}m$kXt#d+Lwuua}XL&&5Q!bE!c%L6oG4k5*0L4DPBa zoB>`rg$h&o~0mO4Z@KKNU_VJ@G1!BP0(Vf!77Rwz(M)}88P^wWQxFxut;t4IhjmS+BCi3<>Rd%yim@=X z;>qxt)DVG%SE&xYa-}og<}p~RL$2)h_Q4wx?K?i&|L)xn7tb3aw&*G~0Z2Hu!yW+H z5^0|i*pSp7bGoDQQZld=M_R66&bTNu>cqZGlpssS1z0tjQZ4}?PPgJ$6Qwrq07WDO zg3OneY@7{mSuF9RN*!e5|dFPJ(iEw9w~jfN_8`!1xs5Bx)iPJDSixQ*4|CcozQ z6C`+o-Dadrt?a5bu~kL~jYyfw(Y0t>9hfyDg#&X=HA+F&oYGRz<%=u~hcS3K0{FAh zFwKzaJp&gSUCsN8;YERz7LG+wKq-Q#1j`f&SKlERv5nh^|LCjuBfLUx|!uNU|eSafx9zBb8gRJP-0%|pscg{M1!B+{y-9#*CGi<_dVh^gx15^@YJNGCTY)xB}Adq)886Tgg(=GS5oa(1bkF0Dys~n?Wr`VqwXgPb< z!9=j8M^i#s#T+cjs%DRjySlm_Rron(E$)EX8I@dG%aGt4tFkm0ocjDOF84m$@V4cR6~yt@b+g)#Vi^wxmsbw^ znAMC?-mA|2=+L8gBxNPbwKbea3h_iXxBeb^0ip~?dg85jjLf#Wcdc!YCXk^AIL|Oz zXODDSiw#uA^ggb$&&(0Cn)E&O78ZNCiA78T+pfZaVJjPoHd%TqdT;6W+Gu7=^QT5X zi$Cvw_fBeKrIr>)0s1@w1N?cvprt)*(#e)u9rgg&FR}qcef`X5kJg+>m6&>A&h#Pp z@X>f^ZMymEopQ1jcOI5pwXFWKeeZZRh|Bs&9^8d-{({28TjT9~a z|8(_!(d_?gjS0D^;J)Takp%(#r>plJ>7`kou72MwMQszaE@@*8p{5ZtExi0H^yfvd zhH8S;U{;&NbrG7~Oi{K4i&Sl*p?U(eLa&@xwINK9lM}kJQ=r!3SHNr%r?uU%2v-== z8qD;N-l!qGLvwYp9Ybv9IL1+K*j2@WWjqLPz03+p21)f_UvhF{4(P6tBqGmVSejwo zIG^I=EHga^X7<5row_NhV5Iih z00|*1M3h>2k)iMNhq`Ai7_gtN-j5o%rJt_eOa5pQrIE${w(bL0}~YrrN$C%2mk) zYVAKq|QlFTY~3X=i~Id;ltp7k-3tz=xzzb?-}bSl$IdGQSNua&}XI^ z+46y3vK0A0;r4T&-1si9R>TT6`G1@p+3}ywPEL=u{NE$34thp@US6sJQ`JHdQ$u6&=Cxk8p;=`4tJV z-#GCW>PW#7q0rjk8b^~5T{Gz4?SU&{67nL2p?aXEZT4ihMMtnRFpHxj?IVBIbfjf# zj`rJh#QUJ>RTuiJeb~*Kj?BT}^6LI{4_sc|pLa0~sp$wslwuNHjD?)jG`E(WTBeZIXaho5YImq zJRI&JaWw(b4=wOyT}5OclY|YyUk(jugb|;FLoj75w!mGf+J8Cxie*@r{P%_gh<9#7 z{{QEP$7TQjqtmVYw~4X?^k{FzKT81Hiho=2Z!7+7#lNli_Xxzl4r^o;(%t$*v^HyG zg%Vhcj@%@CWc`L+c-b|Q^@qvkK&5#S#51EYc(TfyMy~1-Wzpi2|FdmnMQzl}|3@dMXZHQ?>FM#-|6?O%2dIFn%ZUHo z>;hdSvlVoMUv(^q<;xOkhQ-Vn+mI9vNL{Ry+9c@}&C9`vNH&AW+y4a#vzSIz`Dos-U zZD#{mSE-$0Ri?UMid?k>YYe5bS%Q@i%&YVem;C8M9Wl9xMN|EhzxD<&joEo%awcmElVdN}r`74P|X7c|C zPrs5nvD}}v^H&zZ1S`61mzOJ@^sjMI_u8OxZDW?yfLw`SPTlP7e1o&D6TxyFo$62R zJx&wBM)p{gCR*{HK>PaSQexB7V&*7u$-|o{iML35yQE8Mb~+b z8K!idS${hELmB=sV;F|F(7#hU2&z*;Ug;+O_+#XlVHpO4DP!@T(7Dn*!2Ea*q(Qvv zfx$&ci6oesdAYy8+y-G3a5%S!%J0Pk0SLfERKG_FQyG^0m>i7*0B zo?QHJ{r1)So0qTt_T&kOkdG)`D8a8Ar|x@L#+hxFV1-B;iW|dJ?P;%5$~Xl{1kxx# zNyfSHiYNf^mfSa9(zhg7RalAv-36H1aVbr@l%oJ>Sy*+@VF-c}J1|Huqk-GHU z0~DcB_%t`Sf6Y)L{Om8>d>knGy`#3NRA$Pygn=!}zkIDzOsr#S9vy;OU z+y3+La2x+&BPF~40czMEVfH6;dwpzqpxk#HIwNH*<(AI~Wwlm+Wl=`Y`#@pEokC|3 zw-jcgkodgC4M81xB@O=asjI5=@UUX!YSGijbv1hRgPWswjhGuBNP*o-YxHb&{_1mV z)zhv4JzIIcrfgd^IM$+Phn`B(_;JTBU7mjUGuFEhil-*AZhdCP6vo zTGigxH3V;~u7CMJyheiK)dk?K>wCvAyoK*K$n~oh+cEz}#u-SrcfL3ye ztV%0tNXa}S#43#T>Zs9dc2~e|c?&#UYOP%|2vv%JC8l~UHR`1IGIpD$My7W#*GU(Y z9YE`-(P&{pjDQ-2#Qk!5cHM(SC`=ZpawJM8}q?Q_uwt)rgIwnD{D>XJ> zIRxWO(Kkzlbu)N@;*iW|C}Mlyc|xLpC%1dx-^uN6!~P&e%9g$UGG~X@l&r+wyA3s3 z?Gs;gMO={pyy~!-RRV28jW+wl=BdF+aIr`($r_-os8OSQ$+7FGi8quSF$vzvgp%&2 zSR|YJwL{p;;ZmXq6f+&LttM%|-&>*aW9>o>~DK5eXIL{3NH8lz~ zJzZ@Nyg~OU*#mE*A0ZCYq@8(A>y;vO{dIs=X&%>#ugF(Q6K<_bD{3&5%v3_jpAzV! zE0kao=zt=5|GJo?R!oZero<#UIzHUZsnG_v)l!4g|02YY)&$q-e8aY6G3N$=4al_y z+L0O_j;pX+vmt4zJu$I__%XtyYXq|1<|Gd1)&ZA@po_POzMhKWp1j+Up&;?(dy z@INzc*yiWP2QfK5%Gr^jHCl!?t*8-1v@wd=V$`VEOY;WBzNw5Df5ZvReAV>6@#4)j zxGDzQ5%uWDiQPM(AS!|_Loi0YBf+in6?iSjU)VOJZ zTkF!58Xk%HpJl(b7J7^ouauk)-%~Ksc#Xi|@}t{$oy$FNi1psQYZ2EgrHso!Wb!6sIaj+n&~~TB zocheVz4&6(aNx3VS%w;(se@Z7Z{A85IEsXEtqzhPa9WrS3g|M_Fd5S?Kn=-$u96(B zs9~h&uEFjL*)$b$qc2%nQ3FSqJ#V1M7o$c2xg{x5h|k;WJp-dm*OHl`i|akeun)s< zE-cC`R4F4RB^fthhEoK121YjLIFgd}!z*Lw!=7(kH)AJfdkLHJ%6PSm`mYafOP7>VI2VzjAU7zA%hO^~O z;vEjYk@A+;4?Ye&FAqqN`w0lNF3nB2s^$*gs62o7tSAxw`t#fvJIGjCWd;^Dw({r*ybGI*!=jx;dC+-4emf3wLdLy87-weieQz! zAni#)(L{GaNeib*AN6i4+!dq(~d0A7XIa<3+ zz|HE$ay!Zi<-IErk+Lmt?l)np1yU&;Ntyt`kxJJL$}j=zt*|70^k-(wvhT7c{{wGI zWxmp@#z=+)Y_?zPnKJW`XpBSONyfZfZBe;gHcPTLxdcC2i|cSlJE+@wB3`aOf$e6q z-dxMG&FcTvk2jOZxD@|wwT_MW-^)4v+f~vn-=iGr{v~;PIfK3NWcYN2I&cO0Xj$E` zhQqoUDcH-(JwL2=P)jD@k^$Dnv3P+}wC&MeBZ7R?j$3?d@xd`gmUy6#rcq~FkhDFSOBDPs&@~RGwG%Ib=}YG{8lZ9-ua<-3oW%`NlgIzjB3{?zg>FKc-DX+_hPMP z(_hwzEyV*P={+v`!(06Nw&$Xpo%(`*7?6eMZaCfh57&b^Hx9q zWxMa*AnmqMa&IS0yLeXW zqVsf zB0Q_rkgW?h0)Vy(%=7+Fji6y`EB>2s?dOXT_-`G5Hsk-!>pxdXw;*)wXFTSU5S~Av z3&Cz7uq^moC4Fo0RRC1|8qGj IC;$Kl0Ke7GT>t<8 literal 0 HcmV?d00001 diff --git a/community/vaultwarden/1.0.0/ci/additional-env-values.yaml b/community/vaultwarden/1.0.0/ci/additional-env-values.yaml new file mode 100644 index 0000000000..976eaff776 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/additional-env-values.yaml @@ -0,0 +1,17 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup + +vaultwardenConfig: + additionalEnvs: + - name: LOG_LEVEL + value: debug + - name: SIGNUPS_ALLOWED + value: false diff --git a/community/vaultwarden/1.0.0/ci/admin-values.yaml b/community/vaultwarden/1.0.0/ci/admin-values.yaml new file mode 100644 index 0000000000..c4654d5d26 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/admin-values.yaml @@ -0,0 +1,13 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup + +vaultwardenConfig: + adminToken: "super-long-secret-password" diff --git a/community/vaultwarden/1.0.0/ci/basic-values.yaml b/community/vaultwarden/1.0.0/ci/basic-values.yaml new file mode 100644 index 0000000000..845deffc82 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/basic-values.yaml @@ -0,0 +1,10 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup diff --git a/community/vaultwarden/1.0.0/ci/https-values.yaml b/community/vaultwarden/1.0.0/ci/https-values.yaml new file mode 100644 index 0000000000..588faf86a4 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/https-values.yaml @@ -0,0 +1,100 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup + +vaultwardenNetwork: + certificateID: 1 + domain: https://vault.example.com:30000 + +ixCertificates: + "1": + certificate: | + -----BEGIN CERTIFICATE----- + MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL + MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV + BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX + Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1 + P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW + 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H + PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t + AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3 + AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB + hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E + AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww + CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH + DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB + FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/ + BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD + KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR + h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx + fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj + x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz + MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx + CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE + CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB + IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt + 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf + iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd + M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL + Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H + VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID + AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE + wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T + AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw + pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL + MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG + SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr + zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql + PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX + TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d + 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/ + +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w + M7Y3vwxshpo= + -----END CERTIFICATE----- + privatekey: | + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT + HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk + H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI + 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d + NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB + +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7 + A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu + eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5 + N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe + EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL + PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR + 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA + 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z + FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo + L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL + d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA + 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu + MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2 + wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd + DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7 + wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc + nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S + dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P + //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY + qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc + 3G15AKCXo7jjOUtHY01DCQ== + -----END PRIVATE KEY----- diff --git a/community/vaultwarden/1.0.0/ci/other-user-values.yaml b/community/vaultwarden/1.0.0/ci/other-user-values.yaml new file mode 100644 index 0000000000..ed43f9bbf9 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/other-user-values.yaml @@ -0,0 +1,14 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup + +vaultwardenRunAs: + user: 1000 + group: 1000 diff --git a/community/vaultwarden/1.0.0/ci/ws-disabled-values.yaml b/community/vaultwarden/1.0.0/ci/ws-disabled-values.yaml new file mode 100644 index 0000000000..7c6d1015b2 --- /dev/null +++ b/community/vaultwarden/1.0.0/ci/ws-disabled-values.yaml @@ -0,0 +1,13 @@ +vaultwardenStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + pgData: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgData + pgBackup: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/pgBackup + +vaultwardenNetwork: + wsEnabled: false diff --git a/community/vaultwarden/1.0.0/ix_values.yaml b/community/vaultwarden/1.0.0/ix_values.yaml new file mode 100644 index 0000000000..d188a7a6fd --- /dev/null +++ b/community/vaultwarden/1.0.0/ix_values.yaml @@ -0,0 +1,39 @@ +image: + repository: vaultwarden/server + pullPolicy: IfNotPresent + tag: "1.28.1" + +resources: + limits: + cpu: 4000m + memory: 8Gi + +vaultwardenConfig: + adminToken: "" + additionalEnvs: [] + +vaultwardenNetwork: + webPort: 30000 + wsEnabled: true + wsPort: 30001 + hostNetwork: false + certificateID: "" + domain: "" + +vaultwardenRunAs: + user: 568 + group: 568 + +vaultwardenStorage: + data: + type: ixVolume + hostPath: "" + datasetName: data + pgData: + type: ixVolume + hostPath: "" + datasetName: pgData + pgBackup: + type: ixVolume + hostPath: "" + datasetName: pgBackup diff --git a/community/vaultwarden/1.0.0/questions.yaml b/community/vaultwarden/1.0.0/questions.yaml new file mode 100644 index 0000000000..2992f23a86 --- /dev/null +++ b/community/vaultwarden/1.0.0/questions.yaml @@ -0,0 +1,285 @@ +groups: + - name: Vaultwarden Configuration + description: Configure Vaultwarden + - name: User and Group Configuration + description: Configure User and Group for Vaultwarden + - name: Network Configuration + description: Configure Network for Vaultwarden + - name: Storage Configuration + description: Configure Storage for Vaultwarden + - name: Resources Configuration + description: Configure Resources for Vaultwarden + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + admin_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_admin_path" + +questions: + - variable: vaultwardenConfig + label: "" + group: Vaultwarden Configuration + schema: + type: dict + attrs: + - variable: adminToken + label: Admin Token + description: Setting this, will enable the admin portal + schema: + type: string + private: true + max_length: 20 + default: "" + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Vaultwarden. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: vaultwardenRunAs + label: "" + group: User and Group Configuration + schema: + type: dict + attrs: + - variable: user + label: User ID + description: The user id that Vaultwarden will run as. + schema: + type: int + min: 1 + default: 568 + required: true + - variable: group + label: Group ID + description: The group id that Vaultwarden will run as. + schema: + type: int + min: 1 + default: 568 + required: true + + - variable: vaultwardenNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Vaultwarden Web UI. + schema: + type: int + default: 30000 + min: 9000 + max: 65535 + required: true + - variable: wsEnabled + label: Enable Websocket + schema: + type: boolean + default: true + - variable: wsPort + label: Websocket Port + description: The port for the Vaultwarden Websocket. + schema: + type: int + show_if: [["wsEnabled", "=", true]] + default: 30001 + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Bind to the host network. It's recommended to keep this disabled.
+ schema: + type: boolean + default: false + - variable: domain + label: Domain + description: | + The domain to use for Vaultwarden
+ Format is: https://sub.domain.tld:port + schema: + type: string + default: "" + - variable: certificateID + label: Certificate + description: | + The certificate to use for Vaultwarden
+ Using the Rocket method for TLS setup is NOT recommended
+ Prefer a reverse proxy with a valid certificate
+ schema: + type: int + "null": true + $ref: + - "definitions/certificate" + + - variable: vaultwardenStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: data + label: Vaultwarden Data Storage + description: The path to store Vaultwarden attachments, icons, etc. + schema: + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + required: true + default: ixVolume + enum: + - value: hostPath + description: Host Path + - value: ixVolume + description: ixVolume + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: data + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: pgData + label: Vaultwarden Postgres Data Storage + description: The path to store Vaultwarden Postgres Data. + schema: + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + required: true + default: ixVolume + enum: + - value: hostPath + description: Host Path + - value: ixVolume + description: ixVolume + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: pgData + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: pgBackup + label: Vaultwarden Postgres Backup Storage + description: The path to store Vaultwarden Postgres Backup. + schema: + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + required: true + default: ixVolume + enum: + - value: hostPath + description: Host Path + - value: ixVolume + description: ixVolume + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: pgBackup + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + + - variable: resources + label: "" + group: Resources Configuration + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Vaultwarden. + schema: + type: string + default: 4000m + required: true + - variable: memory + label: Memory + description: Memory limit for Vaultwarden. + schema: + type: string + default: 8Gi + required: true diff --git a/community/vaultwarden/1.0.0/templates/NOTES.txt b/community/vaultwarden/1.0.0/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/community/vaultwarden/1.0.0/templates/_configuration.tpl b/community/vaultwarden/1.0.0/templates/_configuration.tpl new file mode 100644 index 0000000000..bd5cd15fdb --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/_configuration.tpl @@ -0,0 +1,34 @@ +{{- define "vaultwarden.configuration" -}} + + {{- if and .Values.vaultwardenNetwork.domain (not (hasPrefix "http" .Values.vaultwardenNetwork.domain)) -}} + {{- fail "Vaultwarden - Expected [Domain] to have the following format [http(s)://(sub).domain.tld(:port)]." -}} + {{- end -}} + + {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}} + + {{- $dbHost := (printf "%s-postgres" $fullname) -}} + {{- $dbUser := "vaultwarden" -}} + {{- $dbName := "vaultwarden" -}} + + {{- $dbPass := (randAlphaNum 32) -}} + {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-postgres-creds" $fullname)) -}} + {{- $dbPass = ((index .data "POSTGRES_PASSWORD") | b64dec) -}} + {{- end -}} + + {{ $dbURL := (printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName) }} +secret: + postgres-creds: + enabled: true + data: + POSTGRES_USER: {{ $dbUser }} + POSTGRES_DB: {{ $dbName }} + POSTGRES_PASSWORD: {{ $dbPass }} + POSTGRES_HOST: {{ $dbHost }} + POSTGRES_URL: {{ $dbURL }} + {{ with .Values.vaultwardenConfig.adminToken }} + vaultwarden: + enabled: true + data: + ADMIN_TOKEN: {{ . | quote }} + {{ end }} +{{- end -}} diff --git a/community/vaultwarden/1.0.0/templates/_portal.tpl b/community/vaultwarden/1.0.0/templates/_portal.tpl new file mode 100644 index 0000000000..e723ae3d94 --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/_portal.tpl @@ -0,0 +1,24 @@ +{{- define "vaultwarden.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + path: / + admin_path: /admin + port: {{ .Values.vaultwardenNetwork.webPort | quote }} + + {{ if or (hasPrefix "https://" .Values.vaultwardenNetwork.domain) .Values.vaultwardenNetwork.certificateID }} + protocol: https + {{ else }} + protocol: http + {{ end }} + + {{- $host := "$node_ip" -}} + {{ with .Values.vaultwardenNetwork.domain }} {{/* Trim protocol and trailing slash */}} + {{ $host = (. | trimPrefix "https://" | trimPrefix "http://" | trimSuffix "/") }} + {{ $host = mustRegexReplaceAll "(.*):[0-9]+" $host "${1}" }} + {{ end }} + host: {{ $host }} +{{- end -}} diff --git a/community/vaultwarden/1.0.0/templates/_postgres.tpl b/community/vaultwarden/1.0.0/templates/_postgres.tpl new file mode 100644 index 0000000000..d1fc9dba86 --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/_postgres.tpl @@ -0,0 +1,48 @@ +{{- define "postgres.workload" -}} +{{/* Postgres Database */}} +workload: +{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds" "resources" .Values.resources) | nindent 2 }} + +{{/* Service */}} +service: + postgres: + enabled: true + type: ClusterIP + targetSelector: postgres + ports: + postgres: + enabled: true + primary: true + port: 5432 + targetSelector: postgres +{{/* Persistence */}} +persistence: + postgresdata: + enabled: true + type: {{ .Values.vaultwardenStorage.pgData.type }} + datasetName: {{ .Values.vaultwardenStorage.pgData.datasetName | default "" }} + hostPath: {{ .Values.vaultwardenStorage.pgData.hostPath | default "" }} + targetSelector: + # Postgres pod + postgres: + # Postgres container + postgres: + mountPath: /var/lib/postgresql/data + # Permissions container, for postgres, container is named "permissions" + permissions: + mountPath: /mnt/directories/postgres_data + postgresbackup: + enabled: true + type: {{ .Values.vaultwardenStorage.pgBackup.type }} + datasetName: {{ .Values.vaultwardenStorage.pgBackup.datasetName | default "" }} + hostPath: {{ .Values.vaultwardenStorage.pgBackup.hostPath | default "" }} + targetSelector: + # Postgres backup pod + postgresbackup: + # Postgres backup container + postgresbackup: + mountPath: /postgres_backup + # Permissions container, for postgres, container is named "permissions" + permissions: + mountPath: /mnt/directories/postgres_backup +{{- end -}} diff --git a/community/vaultwarden/1.0.0/templates/_vaultwarden.tpl b/community/vaultwarden/1.0.0/templates/_vaultwarden.tpl new file mode 100644 index 0000000000..97f4c7a365 --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/_vaultwarden.tpl @@ -0,0 +1,119 @@ +{{- define "vaultwarden.workload" -}} +workload: + vaultwarden: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.vaultwardenNetwork.hostNetwork }} + containers: + vaultwarden: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: {{ .Values.vaultwardenRunAs.user }} + runAsGroup: {{ .Values.vaultwardenRunAs.group }} + env: + ROCKET_PORT: {{ .Values.vaultwardenNetwork.webPort }} + WEBSOCKET_PORT: {{ .Values.vaultwardenNetwork.wsPort }} + WEBSOCKET_ENABLED: {{ .Values.vaultwardenNetwork.wsEnabled }} + DATABASE_URL: + secretKeyRef: + name: postgres-creds + key: POSTGRES_URL + {{ if .Values.vaultwardenConfig.adminToken }} + ADMIN_TOKEN: + secretKeyRef: + name: vaultwarden + key: ADMIN_TOKEN + {{ end }} + {{ if .Values.vaultwardenNetwork.certificateID }} + ROCKET_TLS: '{certs="/certs/public.crt",key="/certs/private.key"}' + {{ end }} + {{ with .Values.vaultwardenNetwork.domain }} + DOMAIN: {{ . }} + {{ end }} + {{ with .Values.vaultwardenConfig.additionalEnvs }} + {{ range $env := . }} + {{ $env.name }}: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: exec + command: /healthcheck.sh + readiness: + enabled: true + type: exec + command: /healthcheck.sh + startup: + enabled: true + type: exec + command: /healthcheck.sh + initContainers: + {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" + "UID" .Values.vaultwardenRunAs.user + "GID" .Values.vaultwardenRunAs.group + "type" "install") | nindent 8 }} + {{- include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait" + "secretName" "postgres-creds") | nindent 8 }} + +{{/* Service */}} +service: + vaultwarden: + enabled: true + primary: true + type: NodePort + targetSelector: vaultwarden + ports: + webui: + enabled: true + primary: true + port: {{ .Values.vaultwardenNetwork.webPort }} + nodePort: {{ .Values.vaultwardenNetwork.webPort }} + targetSelector: vaultwarden + ws: + enabled: {{ .Values.vaultwardenNetwork.wsEnabled }} + port: {{ .Values.vaultwardenNetwork.wsPort }} + nodePort: {{ .Values.vaultwardenNetwork.wsPort }} + targetSelector: vaultwarden + +{{/* Persistence */}} +persistence: + data: + enabled: true + type: {{ .Values.vaultwardenStorage.data.type }} + datasetName: {{ .Values.vaultwardenStorage.data.datasetName | default "" }} + hostPath: {{ .Values.vaultwardenStorage.data.hostPath | default "" }} + targetSelector: + vaultwarden: + vaultwarden: + mountPath: /data + 01-permissions: + mountPath: /mnt/directories/data + + {{- if .Values.vaultwardenNetwork.certificateID }} + cert: + enabled: true + type: secret + objectName: vaultwarden-cert + defaultMode: "0600" + items: + - key: tls.key + path: private.key + - key: tls.crt + path: public.crt + targetSelector: + vaultwarden: + vaultwarden: + mountPath: /certs + readOnly: true + +scaleCertificate: + vaultwarden-cert: + enabled: true + id: {{ .Values.vaultwardenNetwork.certificateID }} + {{- end -}} +{{- end -}} diff --git a/community/vaultwarden/1.0.0/templates/common.yaml b/community/vaultwarden/1.0.0/templates/common.yaml new file mode 100644 index 0000000000..a892f75b24 --- /dev/null +++ b/community/vaultwarden/1.0.0/templates/common.yaml @@ -0,0 +1,11 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "vaultwarden.configuration" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "vaultwarden.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "postgres.workload" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "vaultwarden.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/community/vaultwarden/item.yaml b/community/vaultwarden/item.yaml new file mode 100644 index 0000000000..d7fad19236 --- /dev/null +++ b/community/vaultwarden/item.yaml @@ -0,0 +1,4 @@ +icon: https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/src/static/images/vaultwarden-icon.png +categories: + - password + - manager