From 45d2f09976964060359adfbf56e4bbdd9a839bae Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Sun, 7 May 2023 18:37:13 +0300 Subject: [PATCH] NAS-121719 / 23.10 / Add Zerotier to `community` train (#1164) * add zerotier to community train * lib * add email * add metadata --- library/ix-dev/community/zerotier/Chart.lock | 6 + library/ix-dev/community/zerotier/Chart.yaml | 26 ++++ library/ix-dev/community/zerotier/README.md | 3 + .../ix-dev/community/zerotier/app-readme.md | 3 + .../zerotier/charts/common-1.0.6.tgz | Bin 0 -> 54956 bytes .../community/zerotier/ci/basic-values.yaml | 9 ++ library/ix-dev/community/zerotier/item.yaml | 4 + .../ix-dev/community/zerotier/metadata.yaml | 32 +++++ .../ix-dev/community/zerotier/questions.yaml | 120 ++++++++++++++++++ .../community/zerotier/templates/NOTES.txt | 1 + .../zerotier/templates/_zerotier.tpl | 89 +++++++++++++ .../community/zerotier/templates/common.yaml | 6 + .../community/zerotier/upgrade_info.json | 1 + .../community/zerotier/upgrade_strategy | 30 +++++ library/ix-dev/community/zerotier/values.yaml | 19 +++ 15 files changed, 349 insertions(+) create mode 100644 library/ix-dev/community/zerotier/Chart.lock create mode 100644 library/ix-dev/community/zerotier/Chart.yaml create mode 100644 library/ix-dev/community/zerotier/README.md create mode 100644 library/ix-dev/community/zerotier/app-readme.md create mode 100644 library/ix-dev/community/zerotier/charts/common-1.0.6.tgz create mode 100644 library/ix-dev/community/zerotier/ci/basic-values.yaml create mode 100644 library/ix-dev/community/zerotier/item.yaml create mode 100644 library/ix-dev/community/zerotier/metadata.yaml create mode 100644 library/ix-dev/community/zerotier/questions.yaml create mode 100644 library/ix-dev/community/zerotier/templates/NOTES.txt create mode 100644 library/ix-dev/community/zerotier/templates/_zerotier.tpl create mode 100644 library/ix-dev/community/zerotier/templates/common.yaml create mode 100644 library/ix-dev/community/zerotier/upgrade_info.json create mode 100644 library/ix-dev/community/zerotier/upgrade_strategy create mode 100644 library/ix-dev/community/zerotier/values.yaml diff --git a/library/ix-dev/community/zerotier/Chart.lock b/library/ix-dev/community/zerotier/Chart.lock new file mode 100644 index 0000000000..10260f8a0c --- /dev/null +++ b/library/ix-dev/community/zerotier/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.6 +digest: sha256:2f1f31c15fb7f92db141a66adbb8d23a8598727730050a3883a211763a4e5472 +generated: "2023-04-27T15:56:00.724376021Z" diff --git a/library/ix-dev/community/zerotier/Chart.yaml b/library/ix-dev/community/zerotier/Chart.yaml new file mode 100644 index 0000000000..4bef6a5fb2 --- /dev/null +++ b/library/ix-dev/community/zerotier/Chart.yaml @@ -0,0 +1,26 @@ +name: zerotier +description: Securely connect any device, anywhere. +annotations: + title: Zerotier +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '1.10.6' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.0.6 +home: https://www.zerotier.com +icon: https://avatars.githubusercontent.com/u/4173285 +sources: + - https://www.zerotier.com + - https://github.com/truenas/charts/tree/master/community/zerotier + - https://hub.docker.com/r/zerotier/zerotier +keywords: + - vpn + - zerotier diff --git a/library/ix-dev/community/zerotier/README.md b/library/ix-dev/community/zerotier/README.md new file mode 100644 index 0000000000..3c256798af --- /dev/null +++ b/library/ix-dev/community/zerotier/README.md @@ -0,0 +1,3 @@ +# Zerotier + +[Zerotier](https://www.zerotier.com) Securely connect any device, anywhere. diff --git a/library/ix-dev/community/zerotier/app-readme.md b/library/ix-dev/community/zerotier/app-readme.md new file mode 100644 index 0000000000..3c256798af --- /dev/null +++ b/library/ix-dev/community/zerotier/app-readme.md @@ -0,0 +1,3 @@ +# Zerotier + +[Zerotier](https://www.zerotier.com) Securely connect any device, anywhere. diff --git a/library/ix-dev/community/zerotier/charts/common-1.0.6.tgz b/library/ix-dev/community/zerotier/charts/common-1.0.6.tgz new file mode 100644 index 0000000000000000000000000000000000000000..04f43a20d565a66feb1fcfdc9b0d5891832dd68f GIT binary patch literal 54956 zcmV)iK%&1NiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvFcic9zFb>b(`V@FM$}{R*snyzV^u(T{$d1Q1UUa-<-g|xh z_&_AO8zVMBlW55rTi^Y6uo4@WUeu1A<~fPgBv7crQm85vs$w#kkZkvS3=7)7g_HCz z%YO!g!QlAtkpDXv4BUSQ2Zu+0**iSk-#%<=E2C^5-S!S((I%=7B! z-bRATxWGB(zt2D_tH!J<7?J|u|37#+9O4+m6r4i}Q!?6^K%7yCGgOqP8#^F_6Lbn_ zF+~|HHvpIx=_wdfnwO`$yEivCefg;$lgaLeC@m)N2EEPEscLoOS|PUAAM}qmzIG@7 zfgid4uVFexz*a$-$!Zf{v@zo z620LImo4%Q07_I`;}~5Ogp!z~r+~)BYf(uTh3d`3nG?VTxh;2&M4$HHt}= zl&4^CAiw6Qz$EeCQvp+dIFj#&5U0}uy%`s%9FsJuzLe8AMrCPy+2dad1QYznKxm(T zVJn4B^SRJDs=;Qz7MtTiL;uvwGCYAJ#PBOnPD)HkaeE4)h;3|eB>&2%X?j6Y9N(UT zr^6S7UKFTA8Qs{pgyr~Y2m&(B`}b_$}wfHwy~G0o1(7bJT{2o?Ko z_4;jzimEDq^`s!v+<1pz@-j*W0*oA9}Hny ziZZ$SoS1J*6vt$eUle4BQ=}%G*yCSKGd77NBjKN7n8Qn)Vv3PoEHFt8zD6&FL_5j$K?dlcq|Z|=6Q-HD5EgtHA>xRd0WOb z6~Ai+us|i57O_A&#S^SpQJhat!Qo&qnDCzyG~qMnKc8Semp)EWX%*db3LXufvyv}< zfBNX@*@yG9i`Sy?4jYp?Y;uyk%(WzlGI*Jy*Mjpt!`W3?4bYgB^aY|fq`0bH7Krl) z)mdlh4ZLM@JjqJ+PO|P_aZyt7<(y$lpA;1noN;(h3K*jc zo2ebx+g(N|DtTA(zZfB71QWK7zHkEm3jT@Gm`o6$1iUGx=*8J<@cR7h*<=3s%@}4^ z;Fe5fr7UoaK3cgF%m{B_)$n5Pkj(DEV(VNx^3S zcP`q2yE{g}v{fO!sLn1M?KhGd#008%Zcv!3YV zPl6e6Nxd(@|1uqMK3K@%d^!}gVg>+QPDcP|8vZuOQv^!{7y|$>1Gp@w$ZY6exPW#; zaxmDg{%?{YFfCC6&^0PddQmo}xy_Uk%UqLyB1>!vEuRtw9#Td0n^O(N|m$x7hJn-+bJhen1`I1la z3rNSOU{`=wrC~8b^fgLROwZC(^X<#^JFhL}iCvwxwOq67>JG7%gDOmLE<=mr*O776zwb5}+bx&U&^an79^x3%B?0`Mq*H~Qxn{W_ zc`;4X*C;L!Ei37=dg)b)InfiC^V0fPfOoL!N`&K(!rVn}N+x%aue=(?C5(kkaS3A| zUJO&@jgo*H{N&Nbiy7Tt)iqv*+kJBJwkrMP;;n+sm(K><4`9k`er;X&&-h6D4@Hwa zWvglz=J|)=G>f^6vHKxs5>QzRfg_*KIMibQIojJhw(URrgX6=Kwf$!m&*#s(KY~|? zPK&JMVpfJ}r9}cdh7=6(CsYDsCV(Gz@9s8u)pMApLTFP{=yc=rXMnRfohArG_*4IS zuP<-)Can?%H&K;BGSouwk@#zE5 z=YM=r0s^Co<7XAtozAvPUdw)CRIh7qLK0Dv|6x>sTp6>EwoJ?SrXbUGSMy0Y8?ZonrFUmwq z3XovNZo%#(qq_+%cyD1;?*90HK|*u`cnIEs{~y>%K(v|QA_DLKFQ8+T=>hIZAkA!-jZ1Eee!TU`{5Ifp-Ft_oo%O zl0pi0Vi5f>1wV`;iK>DpXD|9F*_Y&V;O-9aeedZI@b|a`{L8lZ2jq}9&-#h)8&;QW zZmC9pn9BBgU=PuA!b@19g|tVBpH>|+IALmH^*$0NwHNmLowz^= z`zr9cfOH&zXjgsyAYMlx(!yQ@lSqba1vGR+v^YAs~gdZ`$IP zEMw~KY*I4GfR53GYo!P!DCrwODpEPP9{8Q9DB_T@Jk?SL|JcP2pl6|>QD;h>&s;4& zRN9yoOxaeQ45ACwqdP#DpT$hUB~WD|(64HnYVf8pIT#|wPXir)F?bNF!K=Vj?+jQ{ zST+FQPy7H=YC*id^U5e(&9d4)sHPkfL5(i3S1XgGvNlcd5z13?J3$#0J^`CohK{+sCVE{6KYv_X)*z7f8L?!Dk1QWAD{Y?7fPn8O15cM;~y>2Im&+yak(| zFJ8WW^W@dz*B{=#e*EeV?2JK5VwjFeNtt>L$`qj-?EhabcSp_uRW`@~qqN5FU+bbPA%qDDXK! zDWYg6=e}3bDc~=;FC~+L+?~$x-g<$qQBku6`eZk)%x`QLoO#QztGDxFw|p~`TV#vg zH>}d)QJeAp6MRoQZh+Z3jMibYm3dh_UAe9C?jJ8-zq#|7uHB)+URNMUnHnWk3o!^`cJ0E>Wrjs1(>?D`02OgLhy?S;Bc6PX%8tWHBxW2pFwZVVb+)5xt;6Hx& z@0}keJ3k~Je)z}E56^dgc-`xlA5-wt9X?A$=l(7;}?;bMPljgk^@iGY|KORyyT6EaG|)&!1Ii%DSy zqkv1IZx!GrmTejkCh<;+tLThblvmkBvuLn8td-7cY*!_Y%}Dj zK}0V9g<|>$QW$~F>WA1xWx-SMW{d#)!S^?&lFD6=-zM&FRP`7O6&#yY$&3xMn!v^_ zMpj7t9V}+uZ)9bS7r_clTofhQUx6Ymd#~4HrpuM=4Zi)Vzm0vi>I7cG_<47?v9q&d z-`C#TxWa7v5kvhP<{J}4VPbV5+w>|h{Y>wCygk`(Y)_v|OZprYBLue03bI5cC9vV| zfvxatN%3W0;n0U^`i$3(D!RXLfA0T=lhktR;-^wwU=}D#P!X7gs(~m~O^QF5+)4{P z=?SXkq|w52-wySoiFAK5FK zr(jFnVlsLz;q1boSAp9H+KL3;FqXy0<3^*ByZbZQ2_^}EAVW7GWvfvi>HKM>n%e!p zAlbjj^i|00)5+5N@5S;^kdi;CZ3{}sv+zxGE7 z5S)zHl>~O(j};9|*^LbgdM)==*9=wD{1}?EPTi4Bo#*cMmypKe-D=Ml)US8^^^X6C z+wn_z0x{eAc%7rT3E|qs;zkbm@?526aX1F`x@QSXXo)T5Bw0~Q zr8M2C=Gw;ijj%`OB#G23VW%}mq#Tn%niB(y#U9|5F&p)mOvgmTTsM3Bu3v@ChwS%V zIg*;F4Vjg@EcbMt3|Rrolxl@ z0%acT?U^N{H{-TKUB(ewj-`*GrO*1h?5gzG)#$LR(O>`2y6ejIR##_rm-T-F2Rm0) z{aR}3%2m{FNj<$E)$}W>r9qXn(_EFWOf7WP8mQ+vc`x#Ro&LA1v%kM|(Es*NT>bCp zV6fKzR`PHqZ%Jo=f4pAY|0XMO8)zO`ES9jJ9nJ>y&JLu-9#tq(0SCD;1U zS|0*`3VrC$_SETrnMm(&Mk$QP6O_?MOm@a>?#!$gw%-3ZaO3~(?;jqo^}kg-T-TGi zJU}(tpc?LFXod~5>FeGSX{5aQ=16PRF1JZqfrz^yqQ3ZBRmEy|?55y04#9n0JGuJL zvL9!-A7}Bfk4dGbzNp7$5%qO(0o#$JzFqBfNrK%<`eOxpr&>qORFX^T3n)KM2}OTC z5u?epAYDU#6npDx^T%1M$%)GxbKr_Eh-{C(}> z91%FBV^ZLM^B(H6josYOKYs>XXD@C+B(uD|A}NYMB>u5@Zq=KtwHdd2nO&d(pa4_m zJdF*HJ16Mxzd}5vSpS9k?Cln7gZSDYz9PXy@P<~4IA43b>~gFq`^#P6zu+vv*+{N) z{cFA4*UNpq+^ywKQY7OH!5qr~b+zkm1AvA1)t2R@Wshzw$WA}EL|)Xbb&2c}+x>H? zd9_cS{wH%3E=2=u(f2K ztI{IY94p3CM|t1F0fE%_PP&}x!X-N+$#8aWWJ~il~C|wJs_bZgzS^9LcMt1?oe2*3n@YZXuXGU+Dftv{bthDUM z1@%@0?;xXiCCObLAEGR-YG0w-aP7Rn*N~zsbQ`Wb4{zcX`!3@Nw%^#OH3l37CYI9z zXQM|}PtF?&YmQi0Hfn1b`MZDW<$td4ts?%{aUlNZ-pShkV53lDkjx-FHThXakq za=k`9Sy{dCJ;}}0ZDrr_scNOtoFW_`E+w<{CkBA!4N6mU4Kq?rbZp(bq5A{M-UrsR zY;Ia>RHUTPuo&JAN;;pk-;_4q=&yc{_b~LfH|Jf9we{dTwjQ`wx@wf?8m3xLn$kNM zaCM@^YA@&9r=vOY1xXO+wDTaH>B>vT*_ymhFHLB>A5eDvXquz*F^aG5b^qTxI&kxUoE#pk_y3hVVt;323?66KJlEi(X`b@) z*11IhF^Bp((`DbBOS8xVAQCATBd{s{0MQk?jlkv=y6p+K%6p6+RN=p&69onL^A>uI z&0#sG2BIri3Hhf1g39v**L{U`8Gq0IHK8Tb9I>Hid)3IcttmQWe>;Y6RngRuhY+V= zD=%70gBp9s{@V|AXTLPyahS zS^Iyk6`ogzIPg^8n%wb^r@AAM7jGCgdFb-8?SYo?Mpw# z=2Q9BO{OJ%giwA?@>^*IaO6G}&kyu_-gYjzw(ABLvIzW8f}LuDF+oL`07?!-3NexH zgMP17marSIaj2RF2??Pq65KrsrwH62aFvl8F$J|0I4sBn*u$VK)od@q6rfLeiepUE zTMqHH_N)Uj%s_#LsNn9AeCZ{)Kru~kx0x!!Gn4T4F3}iXV=^t+)P{NmFnDZEkSTR= z(DLFIEX(Nxl^~jyNQsP5&v8yP_f9p;ktQ+%eb=+X?jRwqIvAL4WH$&1Jj?~mN=!?f zjf8e7rBtnDYUpQaNf`VL2@Ngg+xUG{4qS zx$Umd9)F2;_)9{1k_O~?_OTj)X=;COkjZP;El0(zz_~khCS_^QF*fpic9AToQ+1vO zs#|LHg!zOeZJ}VJ!rH_cVDb`Q1bKlNE#g9^;p1%Ls0FM)ySIn`c=BJ0FL#YQS6mJh zd&%4aV4MHP@u3_4b1*pAU(0{1c(kwjxpB{qOC$?Oe#ZRi%jq+>z_$zwo+??P)xm5R zBw|)su1+4*vK}hv(?{G4LCI@wIIsjbob)U{_#9p#P)-Yr7=S+El9rCwwQ?S}Hzr1? zG1O(``lWMu%Gu29Dk0e_GN;cDc>F0B!c|7H9W=@5E%@06@-XaW?_#nQrozQY_M_|G z@0>=3Q8YV}3(!B~c2a>WGJ2z|>VQslSh=nE63GMUY|TZ zQw$RIY2_RgirK0TCL1P4cuw$h#~J9iX2w@A1hwz~l_Wf`2+-#LvA=iV?*GSwwg1OT z9`c`de^JUJkq9V3E7l#=i0s z=KoBj-u=MiDlQ=cK%4$|aNx!NIyhPDe=B(edl#-8B^XY#Shyq)NdZPELj|NvC*e~8 zC{Am*j8Mnd{+vx6&_TQ6TAP?*88;po?61$E@W7qm3rNWgD!6CyG>gIUfpju{Jsl45 zClKvKJ}dEY98S}8Q9Kn4+f|=KJ#D(O?bF(Kn0>4UKtQuXm)cf){{2C)gy$|`R;X;> zJ3o|>Q(qLSS6i|L2SUmes5IwM=Wcg5Y`5e48hd+}=AQSj&HU`aW9RQ*cK)t@^ga)^kN57>&&^0Q(X@B+-ZKvmIIey0d|Fb#7>jVGV!gq&2bckv z=3|&mC#b-&=+PLK!ioW7ii$pXO1V{5&I$0hoxk%LX*nZEuS*%}%=e4*p0$?fJoi1-H3yZi7G2_tjzpYVo=b^FE<=^t&3itvFl&3I8 zAo`C8L?5ErX5QCktl!Afxc?Kniv53YaOmy-hkJ+X{eKltm!(X!ov<}puc$FbkY6F{ z&r&I#mXu6ptTZHq8ZCKTuZ1*)XvH(R50e84Zu(2^wXz|8W z$22x33N<(OwI}HMxz{Jm|9PCE3Cx#a{p(==JKT5efBVO4|NoUdO8*n%y)5gWg13n6 zuko68)k4P`+E#^dlxCwy7n5R;#w8dOlj;c3GAZ)*p2NJxpvbDVm=v2$hKU}88arVK z0nx0s4YCo&B!k7RX&}6=F%a?=*Ji=5`qc4%akXdn11v@hs{n2M|6t(8|2)|nto?si z@>qs4HrRk4zAnc6$ z7GDi~53|_@RvrSf;sj0M|tL78|ij@m4(0HHAQy`Afa8+*^p(I z832AQ$mG=Qy#ftO(>Gcf<9y8UV_0J(jX~O;tD2Cj95P_`}WngRb8him) z=(g7d)mQKZ3~^D?oeCv7c6+4V!|2>}W;WQ%kRuMyxk@P^!z z!t*Tr7r_~bwm~FYHs4tIm876&X+DNMFV24;PQ@nrl*3G1S33>H$kz@gQRG$*`>QvP ziQi+!C5>wVOwSSZ^VGe9M=t-xn&c(`S;@a6Xjql|nIDU!^LQENWhMvwAl#Q8MxMo? zrk_Lj_!uvM&K0_C!A8F{Q-t+JJ}|v5-A`9drP5IHNi7Q>bdTtxeEtb$lanV3c2o7HHfpt}*@>%kV zt65_mh|D}`a3Z>ID2y%BXW(WY9Oyw_-R!DR;?|lsHacEyExw9g=Al2!~{r z@#KKSJN@zc1ASzhaP2yBnhyl+@p11=lNt^Id+FoB=ux+BYQ{#>y`({s%Y4i6Noxp_ z8}rbU`UGg)pk=AI9vA@>Rs^s-PJK+W~JBU)U`DEn7D_=>JR>y-)k^;nCrN zXa8Nte_YMu>HloBmu3WDz`hqlfS_f`#(-MA&Qu^w?ZJ>7Bu)Vv0)M?@>*ze87-#!x zNo(Le=Yxqv%RSmUEsw!@2v8=|!nsObK&@+!^uvwZ9`a$dmx*le9MlC^&nv_AY6NJkuQHAM_qOj7)#CbLmoMj)>on(7qt*i1zGl!x^3zK*~ zFkHGq_?a29IFc1Jng>HsdnWW$!tGA_Z^)l+el105AVy&Eib1Hb5LHzAR;qk$tHBf; zRsz3W0G5J^0}zpVZ32=H|b75md~+L*JAR^8Yhj zE|vhS&Hv-@cOyD-fQ^7&T6|&7mewdPRW~HrfmKaE%iT&tYDMBHI>7 z@Z+-o;`gVIo}PU;Kf8GC_%oUtndTsFagDCg-h-}H19+>RN)XB)f1JY9g3Nsy-e< z`L;PQQqW8k!s(%HEt+Qd;}mH(mU@4N03xCBh~-GAI|6AMfhZ=Ee99x^O({+>y^TOL zDqudwaT$T=8YhT^tcEen`KTIQ6A&@92M90EF_^~^815`>V7u(>`5_Qs|I89@u|%;< zw!@EN3o_x+^_sLxz24nyJuytb--SLP zfA)yj-)DKwu#oTMyu6A)^yYsU4~W>5GI>C^%6y<@eg5~HAU?c){H6|!Ff4XjiPeTP z%BOQF5CxZSe&Hr$T1-)|2O{>bt^IVPOmebEub%$?_!VPlXTLms_Vmru$FBvcifc8n zcP~cMEDitu^!3wUo<08X=<)AQ&sC!l6Ct9|9s+a({$iSCOxuB_5UJRr;xihHR0LZC zKngJ8fq{zNHh)(jJ`DlNu3e#ouSrrEi>%_d{bHJ(m2XQ_@C8<1gwJkPrU$l0NEQk& z%uap8s>&HBpv(^9?d!*{J}eGpVF-*dC=gHP1M%e5%eNOF76%iAP&3I0p})RnQ>s8P z;eNd@Ux9=m5gtpO)tZAsC@ zpKC8j#){0*0k4lgyn1~0=)=nw&;I+vtCue&Q;YV3D=uu=5kPmoruC$f{|)nr@8r$j z))`KOspQXM9QhMGZT25Lfg_}1xXx(=YO((u?C*Q=Urr9z{y!^uyg-?Jz>Pp2%P|F6 z)9Aaf2RRfi+b@WNe<_^(wYjF!Yh@JZ(+42pB~1jpEMOL@_Wq|KJ#a5`Hkny!QcG0O ztTr?$4?<}VyjnpKxr?zuX_h~f_7S}bK;3FN(wO!Ol#>!uVq{>N-J_<$$AI^6PK+oV zEe90}N3-FuOTIONl(|0e%j=}6c15+8>i_0@_!u+PEK6;Z*T8pE&r|JvE)BJ z*vk?6G`R0V;4`RMwy-xQ_K^ZY0uX!O+}LGk&??Wxc=s&kimF@ zLe6vdMx=XFp)OR`OW#A0O-`Mt|e* zz6;?`QgT1uzcLrMOeijYRg#zQIU!PaTULymBs!zL7j{6M&KZf-Wdibkzwh|;4jl}v zRONcR5b#8R9$fO2^M2m&Fgz!b-Hv_rYWGK;>n10OIG2_rS=q=9*`g7&De$uX(fQB) zTPjxn)!ar4h;Yaa?qH<5Fa1RKT;P(VsSNKS${fTm8k51#gLeHz_6i3Rv@I#<9QdL; zx5b~vgtbRSa1|G=O})6n^VaLqmdR_QuFwf4+V4DpYhX6bU~3j@66@!(GoR~QG3P{C zGm{(owk8%xV1m@n?T+(Xw2iW&c9z%8^x!mKE=|rgykJpda@35V+)vnGg(skoYhdl_ zLKh4UTQ}b5^Dl-Eol$@{?n4a)6SW%(b(d4*0odZPkLfFu|%G3mVg+5Mk!86LH2$qy%>~+Yt z7>ZkWRv3e14!ejYRG}L1Rj|71%xqjWQFWWjdfU`*Ysq5nr+xn?my0HWZQlR)27AX| z{-?vE!FvB+#beojFZf_DYs+V_z7ONCBxTvh{v7TLo)NuLjZ=J$GE|lkh}af|<=;G+ z_%yfO062g*jxT_vRV!6{ROE3aPhNW=H#y4=!)HM=*A5+mi;7K22<^DpW(Vxpf(Abr zck)~*#6sz=x*Um1Rwms;t-!Jt#0IU^wtp(@x8>iS*j068{ry@E#q5qb$P*aMbjWYE zSN&*-U$==(q17_LeGZ1g=78(OMQlimH6?2e)Ky(a3aZvc==j95300*XIMQIku?qTz z7!B3eI-`wEFt=* z@{^DZeg;nvZmZWM`DVUZDWGxwn#5OMlLoOxEJB2U@U`$?u~*Ro_y>4FSApsco**&} z9;!E@sTXQwarzouTed+*-Esv;ppaamAlX3oH!4q76fH}vbfrpOrut<{o>YxcO%{i` zO;S~JrG;?hmoi5&(DB4xUZdisz!ZsnRUH{pYqIE_RlgQ@bDyJPgenNt=TLh!R}Xla zm`YB@!gTitrSSGOib<9*ahdI|(*nI27pNSQG-0CmG>%bOny+N@Rka)ym?Y|VAnb|~ zc{vi6=SDW2TndvNABc)FGs8njV9-}$1caU@RRadBR0jk6L?l|?p-Xf&C;8aKK0g{Q}u)Jv0Dmq(I zQ()GK(>qN@paiSvPE4nk`~U&&*MZ?Du~FGq6IbLYE|+6-!zZ3xt$8{_RYNLqFoEm~Bs z!%|fBy$M)o_ns+i({gY_7)eq-NZfswZvlt3Sr!``+iU?f|N^>{8^U1|qppaNH@0y#WKRO!|ge}V< zLUSAyX-$-;Vm_s>x^!=>V-q845fD5Dt=U zSj5YE2WGiMixL_BvO}%>dj1s^<^d<;iU{q2oxE^dKSXDB0Au%<;~4^gXK`-pGCqh? z=@%;!X6R0|k*LWD=eav52N2;GEfTTRx%Br8Q*+Q!+MqD#X^HHo|^hek8M)U2{Dnm?a%4sUR#HUr6Kve{yA z4OGcf?6s~NQ^7;Lq|ZDop_SV?3VI>W#xWj(pSdSk{VW%=imV@xD}}l7f)ko%teQ(HjF|bj%EjsU$H$)$2?SmO5~&jOdyTN z0D>G+ii#z9AkHI=&ai{)TC$|3M=aYpcj)V|=c1)91jKdLQx|Vf0Y6(i-Q6wF2z}Zc z@aA@l-A9N2Ak(M2dzBy8?vLR4?OTnylS=v>$UAc~oE5&gfd z!TurOrUsD39d@<-Bu~*M= zika{)ULFkwlb(;bjr^9#tc(&N%s<|}*nPA6WcT^*Z>p^)46;)S?_S{DH+c66-hGaD zf5W;gW`%8(aRx4L*%Fdv2K$Gs(Bn@z$(S51UmqNzE_iMY=rOiKb_l7L7kFcA<=m_u-bzzt+vkjb^e6OoS5#FL6DXAnbS zRY=TX-Zr>)wbp(pA4Val!QE4K1l2AER#)!0eyo~+1}Zk)_zH`X<51)`&|xoV^4@Vr zUXO1tY=k&BXN}tro&%1lr0beH!7Ti(qu?OIg%%%+^V*K`F%lrEqpd8xReQPEy_A4& zJB2&o^l8p3#!H{`iV7#jTqPogjAFIl3#Xdva>(J%6E{aE+u4RBP00;wc1Vf|q-8ih z7(f0IK`=zhO2vOA_72Vg`Ksw+k^g3fv+1vGTm2TEHv7LDrhlGOfEN4z-k}%&b?@MK zo&RSgk7Y)yn8j;3>_FwuSc(wtOs4PRSiqxcsfPph6(gNRA{wRS5~dL#Id@&MB=bK| z))O{nM(lN=s@4T&SB2k}s0f#2Uvx2^J0M(6B+Xz2gR$ZLO5qUlcXu0*?SU5szQ!pU zp~p8jDBI zNDR|4DQP6Crs}t9yrt1x{0m(Fh8X7X5~rAA#E()cTT@)ksj5hyDFz${Op;SqzHY4q zz)r&fhBjyD2Ee=bfz$=f7$ybD1qAk2XB?|)vmnWv@Uir5C+BKmuAFN(@`P`mf1A`T z`IuK5K078tvh<;DM#xr}^_Mdi-)Wd8^9Z5*oaA0?@D?f+1~0EsQQ$J*RBfJRo`?+zj7;l$3Qz; zCFcfgmoimMfxh;6ymmC;IgJ-es!*NEC5L77oadw|`)+wYnhkx5GrEc{RSd0GO6bbL zJX&lp-hHilA73e!nC8q^(~RN?lAg?wCHh2fvzTN8YGX9^7I8|qJ9}XEZlrg=z$4LU z!MHha{)_@-=m@@Da_oF8-_k`2pfgJV$>faJn7;3HPE|{XDc;RJvrQn~=XH>I!GvuS zOk#8y7G~N@fM3}pw6py(#W9Kmyk)Q`OF%aG6{9C?S*+4NFci9351$kdQT}fq3*ce#eD<1 z>jhTjMKVFy_-xsi-dpx(yU8jQlXZ1pygq#phV2!#^DQy$Hv-YG^7i5z@{Ekim)YZ@ zAVuVEul@!6+AK@62t6jpv}m1GmalRwd>#g(qdD`~> zYm!bU=sB5Y^QQr5i~n?d;O+m%C+ql+D|xK_-x%yAW&tpueiuT3MbEN@fNPS9#TL34 z;a*|SQBmTOqAW&1N4?rh=j#4IRbRz1s@_z0FG3Ll4C{g3e`<~pRB&eB7s{g8%5)ms z(saovlaVZJ{JYc?nXk>O^$mq5>>nxV_+8W2pN$CAktb#ZA(zw3dbslA>`>J~Kp3pf z$X>za3U?>ag4TlMaHPcf+8(J&1xT=F%Mcha>LdFrGlbt@D7?Rp-)`JGIZIO!!ChX7 zD*@wYIZ4W0A>J0W1c!fZTvJ!zIDZq6cjsVYZa`@=FV0~veg8|rAFRJ&| zsO)%wP9MvgB%$E^9-ivjNeiORwIO5dnv!(rt_a=Bv9fW5CX&U1PY_)3eiR998>N&p_Br_y^(}x8~w#zD%~|_C($Ml+E*_W}*JdO^}WumFLEn zi1S*;P1tT(<|xKP9M=UTHYUF21K|U0{aGCYSSSZ6tDCqYlW-bSl|h>laob<0uU zl!QMM;i{75k%M413%S~b#KXj=$jN)7t7JO)jh@R+iE8okVyX?NlvZ=BE)aHck16po z@`s!FCd|DZK;ASoD5%~xgZ}&#!`HXi|9EJ#9i2yZM~2GW{eV89xT`&|<@|5&;Be2e z{~a8itm8kefE=#p5-Js+E^~msuh!Ehli$;rdK! zmSWF z1pj9=weWw-0bAuV4IxzRTwab+4{7m6q*V}qZ~8qbcOQl$+j4T9EHjsBE!R6i%QG+k zmnj!IZ2>L(|6p+9-v2(_KRI0U|5ZE||CfV$FIzx;j*jnW1JFc%Wkq1QTL7bKSzCZA z1L>HRiFU2ND&sK{i3?`3GTa)4^?28{V@#dCMx2r#)7>sU~T{c`l zvz~j{dANLsQ8Uw#IVvsm-`#D<>3>=WdQ3_q*)-p&9gr@>(4G!Ju5E*PWyIr1%4_Qa zVJi=I7$HjYe;}BkqLg@5FT9)HGRvyI4d~eO^jU+74di={wk|voIZ%(H#Ka0EXmt(% zrYW_upt6U<(tT_OIuth%b)UPD1OGV2$@O#Z&%E-V*62D&fUWxfiEIBoJl@5>TEz$YA<3qo^3d80~(jLeb8C z3!sJnAMPI2#c&vxfv|#O%OtSZ8{@zT%tnU2*Z#2gzbt`xQzqWj@NuLZ1YrWs8;dC0j zj<0<@+HtAZh+SpSK+L701$$$gvH&$@pAH~_b2wR~ZB~DdCVeG)j&?barp9>$R?|f* z8S`Y|C505n%>hq>2n&DLDlNXAhr;;AV_6t6Q73NrJ?!7|OOqM&iwwqzIG( zfL+dv-U+AT46gDEKmDOpS1pV!lJ#DHTC#m&f{c*~7tCQ<-jE_O3Vx9o1nG3H{RTJb zr0PSrwvLmc5L7`)0tiP6H&w>R)w%m*KM|ThoT|$FhY6kaXC%6{$uL%3cyWfB12A%> z%CAvXuxCz#4FKM-HCc|yG)+K(%4tg3_FR$)qGOzmK#H#rU%2utOHwBrI@K=#h;$p) zYhd*2DTp@pk8QJv?p9Vr|FDXPo@3v|U)D$7ai<{K((q3;m>#%MP6KS2~SVs}5lG(D>p(3}CFTKNCqXwS?4e{!(S z|Fe=uC=>>db*Vb2yg&{R93Y5|G zRvJ|qSK&DblLRmni*3HR5z@L)^BpDKrpSU|HOt+Y1 zM7?!TTVL0|jk~*BaY}J_cP~z{BE{V$xKrF+TBI%R7AVEti@QT{hnzRx`}xhhGfDo* zOlFeI*?X_GuFrKK59(jBmmWZR*O%7sqI~&O%$oR?s`Yi3jmXP9XE}yC*RK1!MafK3 z+Pq?7VZS{Ze=tS*Tp_vCHm~1gRzlE+cV{-z`rUcU1X-?pQIRF(t;_?k|FS>Ue`w^K8r64g5HnUoOKDKH4CTt`fIF ztdpUMm4-K-_W-9{(x)>_wPu!Kx)3^PB7xGn%&zu5cosum;KeV_}wgpS=>?Ze@PjKf9vV!De9$1bk$5pk5VhnJ^s2K9sK4@jBrxERPC5 z7V;SLvE{PWFxQU5ZZ06i_bfFNVwK8U{mZ+-Eu`4_bHakv9cB{7 z(lRx4K?Zw#crH~PF49EyRZ+UnDw9WDot=q4fcH=0S=+(+12W%-tYS8jcdGX~qPFX8 z^_x=6PH~}AL^;UAndyToL_kpRb_$wjSiA;Usa_yUB(PjNM043vYnXqPCg#3*f0A75 zM~i!%Zs-}MG~xX#&~vv49q5P_ECOMSTZ?z#i)R26I=DCl*!)fw!J=P^{EqYZSHAsx z{%A;Zj>utJyYyVDG4?#g?l2%$08ml99D)@b0BG?+ISI`VSJ-VI)^{Ew4uRbFxpp8bevXhnI zy0r@HH}pQolz~ka$Z1L^=abL#Nb8PWG0K z{O=*FQRYQPY{)8ZZ81uCf_W_f?;u) z$U-dzDN3_?fX~Nd#c%TRbY-+wcK0-%AmXddH{16mP z&rfonI$~uhFaGA!b9lI2uF6)XO}GA@^Mn$`~zYi89<`|BMrd&C}Qz}~e=%aL?lx2rjl?OFB5O%oRd`uXt-31B-BtdQ$)2R91V9jDv-O6z0SC|9L#dRA)L2Y9wN2(>MHwHT}_h>Z;%>STgcz zh6QBs^Zf>%R$UQ;Y-X!K#8a^=_!Iu5hA%b^A2)?Sda@Q=_D%cV{i#wp$Z{Td4@{Ns zmwiw3B?pHN7X)}nAKsf!4*`SR_cj62pLbBmgcVXjauP`) z_P*IrJ=etySc-VRj4`c-vxiF({E(z&yUg;sMcoleO!ut{!am*m+-@GCt}Q# z_ErmtLubz>q%!UbrvR!8pr%bPN_$;|-;Nv|F85FsSW4gKRik_$n1W3i(!29tMaQHu z;@>U5a3zn3`QUuV;7W!nOUNnPQ!PLjYi|?HSjpk?C@w_eS#^#ug)0By80Apf(`cT- zU6C?DfUct0&WmgAUDe;OCjZo{8!=l{Dg8jkKcB~pi_4XHe#?sCLE#aW&u$~NwM7J0 zxzX4dU6%jyb61(kOb0sTCD+J3U4zeQwiYgck+p|6=yC{12vZ0?0QXjTsy)k{qnF+o>?N?Ms}$3dlDVaj_hu<9Z-(;VBBK$iL=fqGaow6lH$}Xju)MlxZer z3Gx7W2aotdqcu9jzdOf|UHRaK9IC(4)NE&TP}pStRH%8+uct=mjgac3^1DJV9@F*c z-_e3E91H%%GwIV$<@i>ryAS5$gyVX0*LZBSej24P&w>My1xAYBiPD?pBtE)d9(I_&nYb$q@Uf1f$TEbJlxOyV*oE=Yq2A+WE>k@M~8wHi;O)jI2hxN9%34v5c{3@hscOCs9 zSRD^E*~wvtn-jgA;SV+n zWQk(8+@dj2(w~OSNW3)Qk4gM;D82N5x~xkb@zR9$%)I@b=Nh{48n0jAs{WP}Ag61h zn^jpg$Tm#f?9{k;7b-r~Hws3~58lPRtIe6$4BC;T-eVYZ=KR9~U zUZ6Jl7uKtmkapo~=EFhl_=k=bLjv}o$LgQoJgoq8@{wU(PX7{g#SAQw2B`Q(eW6|)&CIp=&MfK4jd3v z=-9q2IbnGJat~gqJ0~Fu4FEuaToo3;6sMTkC}nTv8}MIk2L`wL)O`h7QWcEzGJR1w zc|Cg8KS?N#&$b3P5^j5sccROlsr-2$3vZ7uiWxFepQ{Pop!nz!~;MD2B+^RJ-)^(s>>d!v^<;`PGX`&l;^arDWGmtroX0)4DFs+SERT(qg`H}aaBf2?gBD$+)tV<(SYRO?ij z(;_aPPUr^9T?GSC)11u4$M9}x}xkwXvafvyQ8Ab z<@U=Xoqs$*S%bvo55JPH4$7A@Z~(>INpAaWVTi$ldha1&RC4VSKw4BsIxDsg2#Ske zUQ1BcUI4WR^=AMyl4(C4N^vWf2z!qE)PpG!qA--I2E$5~_<7hT*SgYRT#?ztaqG9e z9(;auvp}(}kL1dGt)GnJRdqvpaY_oQnS0J>A+1T`7`%v?Q(9coKL_&QbgT%!xW@+H zT+fW@xMtE9=l?&|7veicg^aFtgipI98Rn;7$j>la`ov!@>X2JZZI0R7NXt}-`xrv3 zV-<1;DkB6RTW4`v{VBeGxnsw_+bmAKPQ6TJLE?Ik>!5E{o$}}F^)czxUV!~7VgltQ zbkyF@x{LJ@L+2LCTh2sYciAMM(PK${H07oFO-{d4&$a+Wc`Z(uy+5+0G)~bHNvN}Jwq7@11KDm}+%!p6cV!sFinsb2&bis$T z-0DHK?^@A~@c2_oh1dR&`k==Z;K*$BVK-lWvpQ4o8e!RXO z1uS+pel}S+7Fe5189{`DfqLS|OIXF@Qu8=Dcc#d!e&)<#8#t^UaR0c**}`~zPtH9K zlzc{8NN=m)GdAv0H~!p^lxL|YXu*_!NdVW_@f&lOL1cxxJVOLy{uDsm$&1R~MHdQb zeF6$F)?Ou;h64UCVDScIkhl}VyGl)L=1Ok<+_=!JKMM!FBPm{~G+uDcG5MZg(+*9G zZ$H9UYuc^94yzHai-K|1>ep-%j4AIuwf<&B8ydj;Co#b_44bZns{eLO!y1?8eRn3b ze>Wmh@KTkCGPJ59xW?}E-Tb}PyLC8{Qjj4N#w*I$@+tlGAbKGe;t1|rW`S_HLowto z8qyawS>ES1qtd&s6{NsP_KepqBdRe1JhFShPW}p^prY=**>HgQP4i3xK#jHbV)hdL z_68MuFeG&Y@wCW+<5}*w;{~#tH6&ZO4US5ZEn6Gt#x*!wnidx=XyLVtDDMeHdax5L zp2)A0X#Pkck)L?*2j%ln0;+4(i>(fK7O7orgQ!up7_Xm}nCx6!8tcdt9~7RNxMjto z^-+mVP>?iYR7=^zP{J};a*AM&;)I2W+ z6>lo}5=>hA@v$=%+E^#7dJ_<8{v}-UjkfF$H?sGM477tybKNYL!03kKWEu&)gk}Si zO~H_CjqX=7qnvT#85pBIAUwQVMgnqb1c6dSBLKGzL-OYy0?ghb`OTkLIM8#GktFKE zgbBm8u~W>{VW6iv^)S6;-&h}igVY07X9R;|BW!SeLWJ=@yRYH;1!fV>o8S_YpjBQO zbp+@n0Zmx#!#-65eB+&P1H}?D(lej+pDl41PNn-ZACU(yq4v;hp$q0In0jO6iD@}Z z%Y!9wN7qk3O&LpKa0za6-?>-4uQVECxmBdus-q02-W&+?THXIa=BWoeI45o%X$y%^ zx2hvRfYC^;MRPgULCX88!W6>ez9zw9p7234v|UATBz2iix^);7Fr-lP<^xy-0RenT z3_y2P6vZVMvgLFr#T``oGRSf_5f{n+k=_=FE-HMReu*Y4c`v zKRuP|SSxEcvt9Ert=k@$9{VI6Tirb3f3SmIUsppcs_XG}HACtDCeShiURozh2G^WE z?uYpJhQFlGltVh#1k$Z5q1O(lQ(TB z>szO|aj#*rKG6@I1^spCNMz~|4ftnbRtn|0<{)BcgtYS?*d%);uYjyYKaLc&9md{`(Mzz$P{!rCu{lmrP zN0sg+55>K2W>~+tbq$!vLcjcvxGUQ*nGbN3^Flya_H>U$bAii_X_LK4_P75KyGrbj zM=m#j)i1~i@{8P4!+c{5lw_?Q;X1q+*eq>$>Z$5UX>91g(ezO3Z_S?Mrh@yv)DQP5 zygS-<@(_y{{bc`t(|Pnm$g@h;EAXNY8S38cFZ&->kogL9l3dGKgM>VK4BO3i!B#n& z;>BbCZz_MMUzaFd=#h(DY=+-I@t!n>{GjjH52iXVm64eZPv7J5!w<53uG*IItlyX& zsrKu^B>&U4W~kOUd#N&eYW5@WkzpbNJTI{WrgyMvw$m&92&0#gP&V z+crH{-X&`_y9mzmQMko5{>Gbe!b#E!93XRarD~k)IJtDsU+$nJcD`z}!Q>3se%BAv zUVsJs?%pbdDg0Ko$px!lKjmdXDw2;nsi?%}gfZ4pk3Y0{owxoQ+96KKj!n=VT{a-! zR;kM3rrH&IZ`DdZqtKE%a8KXQgw#<#Rx@AQJKnehhB4YgeT3uAXJ9Uyh3_Y0YnLUN zgd)UHH6{9vNvI+0&k@^0MXX67*l`H498WX-Y)5 z&m&}&q42ve)>h&wpV?@msTpPdq+~@_lCdNJ`RkWhU83voVIcKYR!i(DMe+T^4%O^C znJP)l)cteLX&TCNuJ&ij+;d;K_{~wl=7C2%E|;Sp8U>^FtRnIT@$?yNLA6OGl9VI5 z4~5Gjeek%5RU?^3JpQ`xUYlgr3;T1#a?@dMQL}ifhX(kha%DQ!nk2-LN=P$`w>?r3 zW;eL*lF5$}VKY|XYt8eznu+Dxn(Ti6TRWB@he^MBF8DGmu+4Vr^y%g9(^f%T?nfh; zZ_lGUB${IdDQ)!qFXoU+hNy-DsQg0O7p{hJ8ElvZywE5>|JuL>=9x8zwqnDfgQfzyC@ zaV)uC97F*(dsi4jbry4`tJR=hDR$uE)Fu6zW5z5>1ajsI{#Wq{LX5UbHzdh^4M1i}0w5ml4Xu+vXX;QY zFrXREZtZfyu8&=*`v&G?kc4iN`@i>cz>f8}OGMQ04 zSQx4sG?ipE7Ej+{DbZTXf;=t?ay}@3Hh}sjV>>72A{*uAg z%*%J=Z@2J z9s{J61I^dJ;-^zA?DeN;S0z44zd0gBh|Tv$l{~CuXmRB5>f(tun0~N-{LeX5{%CF^ z#OKku{$*!i;Nm68`=M(dmM=5DyP#;p<7Obq_=3u;%kTQN_2Kct3a-3@k;*F$iB zb=mat(aC0f#G-KOF2wR1cby?m^5O8_JQH6I>Ukmm3;SgrIY7gIwU<58hvV`edDjcV zh4@e>*y0mW<8NY?Kcv37TD;PTy`*hj-zq=;|J7>0rj>G2$rrKXwx<962$1pAOO&hco2R#3*NeK{oblkbC>^8t-7f;W)BTSB)#VmE z!;fQ5iPv`YEwc)*hn`W4v-a%LaHvOLHa3>sMA6!zBGV`HJrfHNSe6GW{bHBlpm_TF z_J*NRcdNrEfruoJl*5k$U$himaLV-91kJ)sb_+bY07ugzz`BG<5df8b>`DAWW7mZ^ zT$(;F?t$adn~!a^=8`Nlo*)Sl=YM`pNI2X~QE%C80vY{hZv%ih1x3IMF!Kz7&Qcrz zeVOjHH*nwXv+*jxrVS~7kvN^ho481|nJ3l`IhoO8>2(yMLCG#6w}M@&QsFb3luN9c z;87dNhF`BlLltP*cTxOqsB@y8AGm^)N6Nw|sw{hr4X-W0ZS85-c-jKhxJYZh^vqjr zld4u5YCRO=9;n(diYJt6@m$|w!o7nVZZ_E<98jHYm!g5{c4SgoQkZ&IiTWL*W0Hd` zqW9|Fd{$l-BN@0Ss#U)}Hy@o!4n?U-Q;OA%?+;8^jOtA1X70SH;#$PpiwCeAB_4nxPm%3=;<^FN$& zhn2;?F`pH+cJFX0cNK`VEh?(Lb7gMl$FY=#p4CVG@1d$)WgsNYNC*NOn6Vj}u{}8# z7QdRA{Pul-$BwWZd@d3oGRT8EbT**)hy*D`?LHKhNqhnoZl_*Tv^Yw?FU78VR`1D? z$dtc4$!hfYg?$D=`CzV9il>+kn~rXtcM&AYs5v4?`Gc{Ap3(r>rWLOQ^~(}R7-i#G zBO-Y)&Dy2A2eK|pLT08=B}?Q~RO>_2AxQ(*rV8fC)90y(i~TmrwU=2WHj>QpdAZk!8{=x&z2FCjYLFtC>tLcS|J{&exv-bH zf^MnOyTs&v13`gV(Z!4L8Xo`5n9pNpMY&X`f%&^Fhk0Ux6@0RCic)bj5=)Ykd!E{O zccH`ZV=C%UAxLj$@AGm8J-r;~sZ)SQ0XZb#g4~fQHK>EIJ+p7IuPTktuD`9|gD&i( zmOF{cy7bkmeoRX2GsnE`)^=U;mlYa-aL$uu+syb)LgQ=qW32-)MJT2Yc_7Fb!+(54 zFdFl72Cac%a|Gr?W67SqBe(j!#h0LgNSIy<36^1ApQ!;`$!}p-oD{bkPL2Pwi~A5s zsN|8!5AoM(xwR_>bOoy!H>~=A5OiIxM_P2c1-)MJ6TTke_%v;oL1z!WLo6kjS&H7! z_sx_`WWkq4KTo|E2H0CQTQL$oW1mPmU^ZJ4FnoKBR?z*GD`jal9QPG!)N~R76;ihn`wa zT#Oa1@qZ0&MCFxMmI-8%kZ9a3;NIRKSsL{cZF1Y(wWW{K1ec{YMbs)h4S6+vtuZ$f$@QjozyTOjB&!bny0r~qRP-E) zYs)Ch?AepVpgI@Y9u?2x|m8!^ z1YGv+149AOcr-&2$_U+?c-HTyZ(vuNR`p+9QwP6jhh1QxYToor>2hKaTf149t+sh4 zE^F#^Y}g<=*t1j@p@v*=Q^ZjbwjYGj$`#fs?aN;)a%3i{L z>xY&3*tfsFmj4keo^2g9H`bpg_{^~C`Ps{EWNRu5_wh$8wAqez;8DTXdD0R(!JXS^ zN)cRdc^E!~h`2935wB4dQGkb>?}Lnb+)FD!L3M^L`Z6^#lMB@Dq`aDuhF}Mh1@;xvJUeGTjIARSxUN5vj$oyrk?K!D zINDsF5s-A<>z|YLbI7|{Frb`N)iev^BKYKFBqDii&ySAkdq;wa(la|@F?1C*)ubR& zrrfpbq0yD*H2hFKz+s+ysK{tngJkrbwFYTJ5tG^CIhNG0&*{_G)D?zdkNj0>+8EQ} z(73Q*Ym?-rL2j#WmEM1nVQQ*xUUaL4f&$Gq8tr*3R9)|Xo2vwt3aR?0r>bP%Po&cN zw9nIzMUcBEd01N~8HCHy-XvXp8Q0J-A7lv9|JTZFXOQ#EsY95eqpthwQwC3wV@=Tq zjmB3n1-vHoRp9UH=EFaL>eoJWe3|(Qeh;6FQ%2kf!7({h#wJJcl$opWS2cJ3nWJMH-yCW5>*;D{?0HK|f)37S=*j*-*8Pnk2Xsj%wIXM_Ee_}{fWGeNYKY6ur~tA|Sh;oU`FaI@h~qKUD@?T%N(Wpe zY|a9C?>2wJ=C1^3d-N4Hr3m#xdbHl@p)uyt>&AxPE$AD@2b!~qq2-Q|urX@~3cvV@ z{XvxRWAnY-7b0t03e&G~FMAG~m_N1)A{*NcCzo2j{46polz%CD%^Ep86m7l!7j1BK zN$t9^PWRUxA|XiHb|ry@we+;9cO!TR)N{|gmtl-y3z&*~gK@;Cc|gvVd*H$`iz2L} zHPK(#geF0rhwQdWm&CZ%4VNUIWwlcJZja@Bz{QJqpr(r&pbQFPLC<5hZ{+=*7+B^Z zFN?k*kVyG4#jaC9mDr%P1{(;eDhGlRIuqVG7B2ttmaT z^*MxvWTXX(gnQug#d^!?U_H`y`=XBd-YqNJ=dtT{&>N58uClhB&*2uK$iiH~NSrxd z>hyOMBG?rz{RNPK&kYI>$Aj1i*p*HSNA#G0iNS=P2-VrqG5>z!FY=OCXd@4M|D^3N zwum?_dl1mQ>!?J|V@>}WJ_h}JKooBXwt|(b*B;+&pu=r3%D=ChTfXFg?Yn^$;O?@< za%`!tr}>k3f55t9k+YK1ar?SIhONHts=r4!%wXUiMisfp{JSMR;hR+WYO$^G%^FqTXIiNuw4K|VZUlh9*B5!b@JLdstn{;s3SRjW*ztA~W& zm;x-KNJbWvp`IBp!vcT5okKKmzhy@d?{Z;rIWQtEoXJ;l zV7(7=7!7n-4T631Qi;?He>x{Sso)zG*PYUPupr>J22qy^w{tj+g)ExhHg?RVatIi! zpBC~83*&b~B)tda zWGEV(r})J+`ce&^`R#|pss0v_fPp}7ZW02psjK%Wts3$a8HJdS3vPfUGXgcTxfz}2 zZM5pk=}8u}S2oyAU$dH}?MH>Wul1wDOgMdi>Wqmn%H9}q9>AgY1U^Oau_B2Wv{&&MJKg+t?)sR@G9R}GoApSO=ojR$$6 zZ#;YY0gn#aE>n>6WniN4O)bx~;OQ_E+0d>^7|?C_{jFbeVH7yLf1BFAG7kX2DXAiW z7u-a1Ta0nLN*1cR7VOE7!Aed%Mtyo^?`N-5**Z)*{kBvZa^V;6!VUS(b2!5zs`ed2 zgWbkr;c>DRuj?0l^ahMO!n`0+3q1lsT%CW2UptFM z7}7sU@t?cj1~W==%Y2&7KvnE0K8+2qOj#&9eb@~|r?XFn#p4QYB*G5>GTtU4!ZUJFcXk9o*SdszO(X$( zvIo8igZke*TbhAY#gx?m)!*RM)o&R+{u{T6c8y8}F32z^YAHnsipQV@ju4p{B~HdG zj0Q1DTsXSHgUccNPzIx!c)~w%CyQ3Nu=qCfhR7)o(1-+?2hr- z1uS0p12bANR1%7fv`-#YIVg3>jto6Kw%&4NH|pIi`9|gZ;Z(J0Wj^?n+T2SLovogN z4Uu!M8aE!J!MZ8N7Ba~7r7HEzNAN0c%$?|^M!&=u#E4EKMtO$C(y|Y}{eahA1h@4= zfZHgY*Ni+(@J%~m7Cg+pIl~3d^Zw`1UH0Se8l}MA{VWnG<@ch}6t1ei-Jmqh#3~2_ z9?{;ZL&?iQ5hV;HJ~t$45q!Poqp>kKaPWlR{rd4zmfJCRZKG9hi!YZ zokCf+FRz&R-i1`qXgIIZ`}FIxH}LErE}i(PU$UMpOEOD_HE$2PP4mGYlpJXf%(uW~ z>hpzAp%+`@uS6Zy*oL6H^}<5p*EY(@-@))on|gnqG0!rwi5|b*WKuZ>J4}M8V6D0f21p@2=B!v_ zF^?ZNTBD9aRrH%S59S+=yQ{<5?oM^Z>PlxTrV@3w#fU%B%Iug7NBv&0xkC@Q@JUkH z-nIO;6I?4F-iWg^S^%$v+pO8`9wt`7SM*!L4MPE}GT=yhlq;u~<H}hibcvztEh1)h8CHA_65lw zW3wy_;SVxKl2D?ciA3x^VhHWh5Oc_@4wh1c&7t%xCh^uXK?6YnX@0yUV=1Ycs}@L| zG#6F~hXN_iR&cLV)CQ>SDx7l0K^@o$py1|}ax*hc=lO>BckC98AmWH>fRvZ|G4_wv zvjXZJEc!rLI-OiE5&`yw_rQDzjU_ zo|f)ROBBzUp)+#*U z9=VNh^)iq|WcmH6rBA~QYfl*YI%=(?4wg>0h$BurKO(=xpGs1he6}BAHS;~Mo%fRH z3PXKb7w>Z2#JJ3i4o}n};F2TP{Ik0?CuxoO@z1t+0j_gC5w)X98#3dF{*}t#x z@3y1kqrDwAblIOR@Ot7(qH8o0VrvD&HIZ!=l;snN7o9H>$0b!;1c-UUESHyd+{_h8-SJg;F53ziliiQoM{M7JoUI;wf${K&{2S1UA0*mq^gVLq@D@#IMf+JSeBE@xvWB;RD~v4v1!S7I{}b z!2ICS1#?WXX~XDZ2z{9b)6cYxq17Ha?;pjcSek+!$B#9>Q4I2;44i4g?B6LW)+gP= zFl=UQFZ}MkADCDU8gGeucWOhnL4Dmx-i7yCfzXk z*!P8K##*0oH7%mSt2+QAoXX#%1*ECFCeN*#L6)DJV{Kedrm+WLC z3A+w&2tSZ~>WA|!+GK_AR;5J7P#^8!q(#wXl2k-JA^mKuGh05jA|^DN1ugz<%5lf@ zP-0opaOR8hC9kamk7y!?UYsqZS=12q{Jj1R!VG$p$*f zj4t1m|25`g)16Q`>k<~taZ=bt#w>_Ixv{@Aw= z((?(72b<`W5v#$PzssFfQSIVyHY?dYstGR?8i$i{JAd|EUH7+}P^aH-6eyitOZsS> zq1t-&7;Xs%lb5;X+gd3U8$6D%u<1{*#z;|f|AiAg^5;a+Ttocyna(R9($Jl-EM}~g z?lna0T_7LvAXm;?MrxfqGbWvC^6yGH6vR9V4e^^y7Rx8+r)!zbI(nrS_e3ikCbye@ z#eFLunL{&gsikIr^k0{#b5@4!#;mHXHtQ8Sct5_NS;i9Ri)|iu!D!=_DCZ84Es9NK z#y^S^j;;Rb`|D$kV)TG1Kk!t$@J>Yqw)q*{`0nMEI^XdE5YXQHvn12qF()zit6Aiw z@nTd1LSVeRHbq5*{pv~AD)LV!<{T^FZTY^km9}E{5(V4;my|cf&7{l^Pxrt^h0OX} zs<*0U_8+YKhaf4hZcb`V9|$$&@;xYgF6|t;y2SmJi_4;5`;0(AO!JEbZsMv5At{;SE(^+=xAH%PivBA8s+R5Me?w~#}KZkp|MExCL8{YrFU!51@^=jv-T0PKCfB7Uk zt0?=r!CQB<#dbTbSi=?qdoB=f!uZ{-3cWNfXR9b%6sk=&r$E?JyF~9Q5#}%9)7QM% z{C6KR*4ou#j1m1~b9dh$bC>aP$HDiMhH+;}?D4};FFM}n^k#ihFJ&%#5e+M2(y&!K zGR?OU3>Jx%()e$eg6!WR@Sjlm4_rItD(1KmQ?Ilp8(ZzkeqCN>8ZQY1nrR0^=Bx)G zP4gQ7HPJPgqR43%a4fIvmam)tG5a(pXBA|`v@;jxsG%b3-x2cOj869>)%dN0;$;#b zSe~ToJcWAdWqYnS9_VSi(DJkAV*&7c*8vgZzgo)Q<^?D!a6Sk4b><;VpZN64;S_@q zjk#e?eh|gMh$-Y%!Fis0ufW{t7G5PMQRGKETHxEmE-dQtT*erdSU(ZA)2-B*xc7d9st*J2FX5s6`DI<#eV_v76;h*bQ z8@vrJX~o^v(d}%Gj&FuFU{>ezTFn^CZo}M{05uu2w>7hcdO$(!?#|uWcP&djdXWmb z12?#QjPbFDD}$?enSi?)5+wQieb+RVVr8JLR*0xg1hPq{&-A*kT{bKO439-U4y4!0 z!~!o22U!w9d_ly_0!svwh(I&CUYgdtKE+rn_*OMros%w+(H>vqeJ|3;Ez#f#{y|>* zn?$0!rz@8)&o{qh2iKXQB)aHhk!>MG1Ay zBabf8;k&!iudR(vkfFqMhMlHZ4VUjIo(rr;C+8cYpMH|eIvI|d^tLh;7v_uy)wv)Q zOi9bdd^pdW^t#T8;}m&yp&9zD8$67vbG`l{$0Bp^*EuWQ{^wPR9JiGhKNL&RjrFoe z+CdD%zx%msKK>~8Qu;j{zIwU8+9~wFVzA!EnXKPlz}`Bhz#FiATtx|7oZVhJb^6A{aSQ4(Jp{2;_0mU@1IWaxX*# z^N;4NDbh$oEIJNVmSJ8>DfiJXQUv8q%?l}rNxiWJQDj@N727X+QI5E;u?5jPR0?_J zd)+ki$|^6_TFS&jrIOE2I`M?2r=BEs-7*`x*_cN`n`PNMPV|IGbcY9s0sJr5l*f z67gZ?ih9T0y&ioTXYg{wVp0~Bb%b;FNQc}K&Iw=eVysf_`R{*W3(d^cVD$kQfGrBd zlLG+D=OSEYuAOqW2YHy}!_rW_gjU}JWxIV!plJ!wqnm|9CfeAU(Ur<&0J&nQ1@iFd z2`%??8sKYaJ~Lwt9MB@0+W2>=xo+Js;7VO!spFjcc<+7CNMoksDhpB9!U<85bl%?? z*tWv{!yJOKdGjkrE%A`^Rz!qG7Qd>0J<*bP&@7q5rwUj*wQaAVi^Yr4#DJqH4Xyxo zo^SZxah;rn9HwFdPfvW8ZmJ@0s5ZzuX0gE)pqGnB$=4s$s!YhQ)Ng4U(a5C5#z*T6 zxFowUGm~@TK{3J_FRhm~H%(JEuP%7IN{7e5(lV?>KS^3d*cdT~T?O?(M3G#9_&u&@ z^1|oqT6Lh%|BnK4l6#-=fGJ?9az3@~$dFTHRn-VEAAp3!#n(rn>j>v>iLz`S14D9u3igH8nxg%LP7yAwP2iRpqEiQAF_&6s_8cPY~IghQm#n2GdqE zP-h|GJ0oSq@oU5QQvxWoTu@C8zV?qHIydmEdeH)qByH{3E!xQgz3( zeLE_Ss!91t1-P7yQj%1?e7Swe78?3{=H3+va-P1fk~3#i13`Ei zSpEe8-MqJuFAp0hRkMCMyZ-TlkLlS92q$N}^eK$VGujfHF2^Z3_uY*;GXX+od}Lf? z$ck=nWLlm2(u=!h-sS|>`cx#K z(-3~)w@^P>6pL0cIadJ!`vUjZ=RauMp2qh1d?8u!4+2})WL-f%@EcuSz5(#g8==%@ zVPmaJ0>rgu;6PYYlOE91>%pBwq4>Gy?LXAMA#kyIrVB);1Ji@6NuvT;{OSny9qzrX zy}RjMqv-z!2toJ0)DCudon9YYvL7gjk~re$C6(;OC7Ioj+UN1K> zq|!SlM;>?P#l}VFv&yXqw7+1zeg_OFRbJs!z2dOdGG0 z@fd%}-Q<}~m|iLOGUT-RT7l|kkb0`YoQcH~dhgxLBZ0C0MA)7ErfqCMw|-xBZ>TwZ z%)PG|<~g_j*&Ci|I-_xvH9>lL2-LNv_1+1F_umCmD4dk(tzpd~ZUsu~7!QUPE{^}07sR^xcTH*H(QONoYYLdpj@o6aZZGx7H@@4q8#B2_I>XrJ>{YW*a_x0@H&TZJ5HF4X5{=s&{KUOK<{{wt`AddNi&jz=(hW&qV zcz#^S|Fn(&yqRL^e^N&;G(f|F@Z<_&=7!=_P+mq8JPJLmh&j4mB9;sdG!YHB#_lMnrp0(2k!_-N!EsE)fYsc}LL59Xj(4LM|eYpur zE{>)0fvm#t7BX*oaDRA<7Cw7B}>>`XP2q&`_fSPBDFpPLRlX5?~+>- zhlnBC$K)V2;NxO&;S&dA>VzT<9sK>F)B)<{a;Rlb>07-6z%`dk50GuzZ)rHuX_0<(*FLrB=^!Hzif*# zHy6i+?XLEh&orGr_E;~g8|n-R`n}qr#m%MO9(bj9_b86BkHj@l5_;h5SltN8J66!$ z@Ag3Jd)=_)LN{!2lPg);Ec#6097sbw=}wN5Aee(+5*Xky<|jfF399!ye@C)=qCVrD zdPGz2#VqF$#QnQ5WDDR+jFMixMzhWA(hI~;JmV97P9FtHeN!y76HT?ha;Lwi$et3FzxaI#hQB3;}V}!vyj4`|o zP`T1Kof>`PyPwr(#@>d)d;L_1{n<`tZTr-lqFEa968#O$Gb6FoBFu!=^`^+XQ}qH& zbrzbX)_ty#%*Jw1&5_lP17FEej3}z`OEFM`LGbd? zkBVU-Tsj0OymvdT)XqPRm}xUxH3nb%B-)m*QJV9Acm^knIRVw#f1Mql+x8#Fhg<${ zBSqT;#KPrRjIqiplf+rD{d68Q*?R?$=K{uN_uCjngknbGc^7mUoOD4qN`l~u1lUXY zE`i+;bPdmo>^t!L?(jgd%e>uIrT0tcg(ipG%W4OX=wou{HZ`TdLQ8j3`NB57C3q9$GN^L%sgzY*1MLM}uwtmyMJ>3&Y|B z9gLw0Hp7P;kFl^v#T3AMhy!u0heLqBJkQ>i-;$;isLz3YRyTNSPz(26S|0g5NAz7J zIXdI^EwAC#Ja@idU^k7SYff^_VjNC-W!7dHn`lr~63YVZHf3-(_pTmEk|MeI!g0PtQ7H82KRZ${;NQC8Vt|8_~7 zd3T8n*c$k2UY({dCsC4PA%%t`1j;P$6Xc{22X`Aj(t>JAwM)V3x!4bnpf{9otqj{?+SWo*PT3 zenqL{{|=7}@qbUY`rpkI>1V;uePLn+fjIZc7~G+`^eR$38)y2Uutmotgz>yQI(5OT&@Xm7Iwn~k^nhfF zoo&gStrt4@VexA>B_eRzLe^Qwfvr*`R-Q4%TfqxMkg6V2*U<3$yiC&5XJ2J|=U+rY^wI}wrG%7XwKO-@mpo7maimv6~tB?P4 za%{(cJ{p`IZ}4@=nY9i745O!@anFQ8gD z=fqRHKm5?KpP3u6`<*^JxOBb;p1}K=u${ImXK>OhJr*ZOe4rRsKXr%{t=-QuW09g4 zUg~XGTT$_Yrqz6y#(ti0?5-f2$`>3~`pC2?5pQU6n>|-QvhQ+li&iP3PK=;00t+kl zR{qLhj+lr}s)waqCsjUS>4qn02{V*Ny)K!n_JlNT`Ag=o zYg%TrvUK*yFG(z`&muN|fn)F_{Zo-mR@M)P;MZK-Y3WO-M=1^0EvHOhKYuBaNn@+( zsmDbm93x+uO!09J2?G?dZtiO(#kEC-`FX`B0_o$D00Z{eF37R zM{;g&S_ggPgSJF+unx_M_O*GcZ>coo|M@P<_lTe6UWQ57LJp|m|BuhlZ2Rw{lfl;i zVN05<{u=tj}bcO_y%|41+;H9+3Z;w;|&m z$a8NNvM%USeiC+lbl(MCl@_C$KLjNU)K8zKfO*rOBMy;90cNiS)Prty)!hforX*qM zv#!xxT3@99|2(4;@rl;WT!!L&2YQ8oKhZuA42jm4Kp<;~w~36j4<`5?g&-m%0H{9! zqk~z<4j2sY4k(!+UUdX8RbM_#QH&s!wMLvD%j%DWk`5~@&=)w10z~^FWQN@Zt!P8P zfL&p2pLTfAleF)F-GG5z{rEQ!ps)vy^Pn_1p*=FlVmGIgmXx$t99auj7b-`^+D*`D zfYKpHiTSsmWu(5(_atzj)~c~ItbP#z5x;*5se>^2#jzmiji#%eZqv0dk|-No#Sb*w z2I^UgDEf=F=#jPLv*ng*X7j8032*7M4#(tVH|zP&;hJ5T|t=$ zP_-lKhD(^fbYw(?#Kp%(e7^kXX!ji5mHZ_aA2HF;Ma{5P4}lYSaX2 zmvjN#LW+DqLZEaD)y7KAv<8+wt9FBVVkj=Opz2ed`Hy4RXamXa`<~=9B^p*L1UH1` z$d~i&NTX`~uOsbyT59kA&(7`q?_2xt4V4|Bf`6+#>>|PVTNy0$+MA*o>U8$4M7~3j zM(ZlZGZ@c@VD#jtBnbG@8HpF~*c8Roe7^tWx)4cl)Y%8`f4q3U05JZU2B82ij*7$9KSH(C%;Y*l^v zg`qfv0k{kqipL^n@(6#~fAT(yMz}Bc-%+RY4E&^{yn_8_V3e;V0%A(=&%i}Em-R#z zSoFn1$fr7RE%X?Q>7ItmGd$tF&sj^IK-3D#lc2Yi>*Zk&it#lGFwN@qhofeEc8( z=YN6SccBc)2S^yqd$Pvp*WX9#(~C5nC{T$WWcKhV3g&#;z#vHTiaY6Vb-+vuz3C2I z7;QJ}g`)#A9Hu#!+jIbj9Dmh;|MS0q{u>xQ(v`vJ{}~JhBl+tM4)H9RiA>KxG2 zG}SWuyuK_A&^-$3I-ufGU+E|>E9?LmG0*OR4*#7-l_~3nu2?$)s$zpNXxV{Lnk9VX z=s@Kdn8??5AVM+4l%cS;6Ky-7O;bj>DU>x=-3hZ|gEfF>h$OBZEY|^R7pj>;*9d`I z6p#nU8qn>jTZPh9&}0P64)i~YpP#<@4)k$|8HT|N6u|j4@<`~@*4wDF11`X|y;z_F z5sESKbqm=DEZu=T;AR7`NC(sy=X$V`4p@NKHigCz2T6=>rZJ*Z68J0YKml-*E-cUi zns^?fboCu50B+WS&i?*>r{mrUhMmr6G@8R%(8+a1dW7Ah5K-ka{%Fy!DtTw=Z8BT-q+m1;m}hq zb_h7r$;q5&3x|Mt#$#DE<&Qc5SWL_?HH%H58)EdoRu{`)B8wFPTR`~yqQ=}YYlrht+?Fei!ldJ69mfPms~ z67bJ($hfSk?(H}zg_5}V6Rf*X9e=po>u?Mx!$BaSh}6L%1F%Zah3-*27dC8ivU?)hMGcL!5PHfTydLFLB58y2`=;<~ zT6du=-Q&w4KVFpkUX+xeywJqh1j^E5{@XxVJN}n_^av-0M!95aJZ37FOpV8g^4p&; zUtC^%etvOv?feLUQGjXNiD5$B75;ac>kv9Gan!%M`oMSW2vUmtUMAmVj0TSK$k^%N+^3P!|%C1S`6iC zpv$5hBf-6^aDNVz7g>JQK$k^1i%#hLXfc$lfvx~$6%Emi@qpO z(FIYi2D&WDj07kyy=z<$RDt=z$uK`a}qN2 zMP-kM!2_IAz~G&TB;z3;g&yjap$rp7gspYnVC;t6p>W|%t{UjFRF+9(#UQ?lp@*(= zDs^#xS*~L(ofwrsTcF(eum5>}AKbiq@ooq%XHiT|ySt7=jBi z6*~YJ0cn-y?k5~mCf{TMXMwhG(Yhz?BOm&N(bTCyolxkUs8du~_Kt^~b);f`~C=;fm7(3a@+uRdJ9C_`_NgGRt}h=g$xhB%x6NI^^p z>or90!<&oizq!#{h}$TIx6t5nj_88ECEDjdlln*9H0q$$qzFfAM`Px7ir9FQ^3c89z~ualX?hV`S@O!4B-xmdj!b^zD``-XcV&^3e@p;tgIJQx)pJvU_ZB+$M%X+TdShpE(X za9LmoPS5@COS+NJp16{^=mx}SHv%;Ki`GQDIXEP z1NgrZ^w_45W5Ex>J3;O@n2Kb7$`;RBc{D{`&3f@Wrw6*6!3m<3s*T@D{HogNEvgh0 zjeMVKwGX+aFB6tq3%lGdy=+}y+F*)}m|4QB-4Ci8d7puCG{WE{>&fDc++<)JjTq_1 zmuciG2?C(uEU9RgS=oioR+C4mMH!r^zak@f`sMg7VOKITy`1U)P-;b`KZKd5mViw` zB0{LMDFS1{w;KM-BjG&?#V(WK@<8G{6kjfl(T%Wp!ZiGW0T|BNl(#5Csd1!2rM2XA zl3~@r?kI#aBpM#|_5fx-Q1GvWG5`%k`<+Yv90rsCsJ|4K}1s6$Dza#ldz}8-|(W#`I` zyh3_vecDa`w5llU+)ume59_sIqx)&s_)%c4VtjGzFjhVdjuBkNC)!pJvw+6fuCsjl`(T zuzb{)j7#YAn&P_iR;Cz+9`eEM+(1dsRN)UXDuNpU)dP+l3?%DwkVKOh`qD9?zm}j0 zrvJY=$yeD%UHs3%xfTEOP=o~C`u}gB>|}9CT3mdUUUE5|@HNBO@Sdyr9appaEbC#@ zD=mRXx+H4pVW~2-SGg{hCzbLk7qrpWot_>D3Lq7sy{SQwY;k7i(mv-GKGk4SO^Kw|I$Q~7s}Kn*Z4V;hu@PKnQd zN)v-qQ2^ELojECLFfoG^tOOGiU>=13a;-GXMeG5hh0K%py-fz~e0+ioU#m6iO7zP0jQTj-zJ7hat z#`)T(*S0KMEdI}yrdHBM4gYs`T*&`-a(=vx|F@B{lj)T^oeN5n8It~5d^1oApDCmO zf+$8~{Dp7#BQ2QsQ(;}5FcI;uBjk-*8c{X2nQFsHwlbA!YZ=vuiPYz@(#iKT&4q(; zYjq!1#y_eH0>wUNbf`cg$FsG%?Qg`eDU9ln5NeWZ6d;e0xb|)<k5c!bTz|Sh$gRm?F*q@UF|j1rjKU zg&L&+5{%7r6LTd|*yN^}%P=Dtk#eBefGovkWXbJ;L;2HqE!J@1BgQl!ap$nJ11>|%j5EFYIlPur*xgd| zqj@a{bNOkFP2yFY*vp>PxpwmBwUb&kc%_GU-JxZkoVCYy9?6C9V(ENpe4;z)CE(=o z+2ud?w7z@~C|!AvpDWM6brMA+X7Ua~ZnH6&xi62zHu4O-AV}UbaDHK=R_Ta;yaz_< zJ}Djuo&QK~k>Y`M88YIyjU?7_!ngA=-|lmafpmyqFlNZ_^Djg{T6`psAfXI7qCW3; zMv4xL0#cv%H@UCoXVEfy>kjDm`&-pS^Wv8O6*IA-HfrSmqr=ldQU2fNf7?je0T=Ov zu1@r?WXdhIfZY6V3|r}SG967zjyWkePFe>G(u!5#YgE%s*fJjEEqU@XTJC`T_$hb5 z!g#Vvdwp;@mNqBSC2vm)B07*CB|ZD9$><(Gl#xs}GlJ6+`<1lkZ1F;oTYXe@z&Agon9wYy0Vo z?Q#5wi~Ib~Gz_a~qb~o?*~zhW{-2&4ZO{LW6q)}4hW^)J0loqQV4Ut>;cQomS3&Tl z4@3p0-O;_)(@tUZ9UXW(;DXP7K2F9{)ld7tQ;!ebkB^FA<(N1C>p#|ibh`I{sdHUb z8#Vj?`PuQ2E&rXKZ|{FMQg*=0@c!$FfAxEHsg$im-d7_<;)9EPgB0He7r+*cTNcl)iRB-GL;MF(hy17$#uI0oiV4& z9hx6VtEo06hiX4HJNz4(zei&is>@LI9>!SQj|z#jwy`#-_Cq`BSB)OtH2N!{YG#C4 z0KOEeclN$ei)x;#m8cegFNG@l62Z`aCsI6#5NI_Qr^K2N$~wB5>R-bR~Ni|`}60w7jIr34#l58U%dYC(plli;RqnM3hf7A ze{h^{2-rNO{ThHBAiOvAij$K`W^(;OZ|#;l!4Cx>GB#$uR-uycFv#lMp}DgQCpM1e zDlFnJo0fGd+Eo?oMuE7*$gdwWyo8P1sf~c%a*K$i$HfrL5Q9EsuwmXqU6oUyEQTa7?+4 zhPtxWPA(PDo6^yQ(ppJYJJyzlW)(QLRXMG4tP2XK&NB{42C#8R9+;{o_tLN!Lh9jy zT)K~-kWuYAY|9*-XAWU+1ESvdDMazf^nD3ZyhrxkYq~SGl5R$+bYln)qn7f;er{7L zlTK;`qcQWQf}{#k2{yG_-}vbD#cQeN+2FZ%gi9rnCO_F*qi z)Kr6N9i}QFk6Wv1e|+TrxS7V)26kKmtowLPpxx)c;fT9}HtOPk3=VDopVQNmlkNGx ziLwKJ;$!_NtiT#aAa;~AD6ylg+GVIrKiE3HakH{=e|UsNu8gQUoXrt`eZGEq)5~|kOii`wE(q9SOiH>SDpdD? zSLuTf*Dv3HzI?F zcokL^oc-0kTLb^wmhIL4@juSfUTYPh(5>Zyb0b%e1iO6m&!KC*?kb{5sY3+t4Xybg z^8SG&^igaOrq|im=?>bisO8(_D`~^+UY~t_|MKF+=XY;k|Ks!fckg)nha+WFE7HG> z-02!dfW%;ACW0{3y&N)MV|%$Z*0gKs3SXjUoFg~;pfgh#Xp4ji66wK+Bm9cv`Re_< z4_5-?R~+LTB6ZtiU7cg0mt;hIu=^5AMY^$k)oUXorZi7p1S_=_ym){4^UL>qN4WU$ z^7ZA-<;&|~!;NNjRMc_C1$vNDJPD=pGzV>+a&3y+_aoTqF6AX#zOQvJW+=uUJa~&9 zKL3NncX^SskSRAS!qX^9SYElDrExjVLz3BEx`Rh7oNmk7i(CFTqk=8pMveS`dU9OQ z|DT_1?SD2>cED>r)?Z!z2RV+~bPMJsRS2ZdmJc<*P^mKyY9R2hC`A22Mc|(<@KXAx zRvLz=Y=w?@KeeqkvZfXnl^r9HZBbE-t{I8e*8|-^CDE4Z0io=g!I*usJ@_~!8FKMQ2gI2kBo%4>7uBV(Fvq}vjzi9B$kbsVf;gtF`?l7g7Fp!S???Ph`;?a< z)iGfUmNJtj-+u~@C5|{4zzlkk2d|GgcLRK=trvW^8G=6#{yeZ=@I^cX0r6nK|Fl07 z9v27vKl{6E;uWzrl4$&4L}Iu6mj-`cNgLJj-{HyW@wqMk9S^qh-$u#~xDsRiXoNqz zxP?Jk@*-jO-XRz^DOGpKMYO)2fLWC2THP?$2%oDe>lb3>F4dH%poEE$#bmpHRl&`u zRhEjI@FHTVkS4mbGAUWjB(;|Z_#TCb){yJ*Q;Cx%?ThGJLkJbHGb+Uh`nZ-%-v*Vk zzN~~y29-qIa699_1DS7uO1dwrnMx*=WGW43mYp0jz;NYRGnKR}P@|rxya0g2z?W$O zr1ZH0LX}a;)E`;MlnBwXn3TvqQ16^7fvPg%QbJ=YnY(wHhH4KmFWLi>IPzL3tIDWk z>ZmMa91$fI2`shM@>J65p;lB{lM>8DB~uS(Ap=U3VtjlKm=_(GqfwzCTNjm_inbhb z;vd>V<5NndvY;~?U2$5?)uhy_!stP&+-$22E2EOBudluLgiXD|$2pa9OVkw-$GI#ygQm0a)g#)4xQ1h>$;Q&Jo43si3K43UIcn7NRW z_K;Ri9=j3_0abstEtOP?P>hLxoddlxDp}TuZ3vaeOIa-DS6r^f67*?6B_?sqk!gig zT9il@S}rPCRhA`FC6&ey2T6=>rZJ*Z68Nj7(xOBvVD)?P8lX^TIXYERi6)+hD1Bs9 zDq!WHQlXAPrQK8%<_w{hWo8Lw00s|GxXpvZUY<&8yev^EvA&<164{~rU4f>#eS=U2 z8|1DyXwy3mb&D}YFksVvx4g(WR5uy6bDVg2q+Z(2Z`2@bRvhQz5FFarg8a$gtdZXp zomK2D!CA>(5rs;r>ZAP-F|Y9@)OSNJwQsa1)I&ugCgvTmdfQ1S(4XEndsJyUOdhHTirl@v*=+UBE8- z=3P9?gGZ?1bU4X5NT%#+_PXj8D~Dh|M!zJ8GP)3gZfBSjq(;)Z7g29Zadact_o74s zYaV{15XoVK(GouV}xA@mJe_Vf{Na)5Uj+{7-1)Zr30+JPN6qdnoKr@ z3}Bf-*@(U(9O=?_N6O#K;fa<-i<=+@ViX0?L%xiyoq4ip$fH7+Mk0oro|?j2?dj84 z9UxDi?txq6!Gt0Kkt7UYwg>K#TNHn5S7iTp0Oo%5#*hZA{|B1lBR?#PQ06{}nh;HW2}oelWm`yNfu7w`r$Zz=@;kI%0@ z0QqpnAAZ^uQtI&FAm$Gb2Zw!+%nss%7bkxq$>qVJNX6gggLNt#vf=-JbPj2sY_$WQ zAcf%GQ8EO!NF_&o2o7IiOD>i(*$recD*BT8%YOgZ((fK&$+g3k7Zzw+U!tVG%So`&^^JXB&G@cgXQ(lH*D& zGS_L=DJWs>Jyj!Og_1T(so7Ln0H8)eDvD8o%*nu$T7cD#(!CM?)hAj>8iq6z#w8&vm zLW^9TwbP;xeLqKwT@J7G1?;jB^1KR#ll^u#oSQ zkl`6pqTe2Ptv!kNz=u%8It;aKc?~V1bbjP%k!7hC8sW47X;<4@g4ZfRpvY^LRCJId z!&6)Rrug=Wt$!(X#4W((7{F|Y5b-h%43Ui8H-f$|L-6tKV+2T8j@#3x zZ{OWKeJXIAp?HG)&NB-~5xhSpGf9A!``kz9`v)A2PoqBgG0CE05+hLPY^}lL?IHVq z)ah2w^15%6*K!y-rDE(5oSyx;_)181j(1Ke#{s`g1aRe_%vfaC+x%j8M_71W7B4}4 zBuowu7&%Z6`v0ON%+)n#t=$In{UP}H$$H9XwaXan;`M8BrH~H{EAmR|JFNomm(7zs z5ThBI-O6NEdU@i|3lblJ(esO|&m*O(?00@5F+g%2@5y&>U*3Gac=6`)ZJOfg7J*Ur zwEu^>>2T}+8H#5(6fJj$;SF|sQ#N;fGrp6Zeu(0UQ5T$T}RF?Z?vH%%aD4^0|&uvcP#)1UcbC@(O ziG_sfvRhgsi)CQ)9kEwNukz=-F^`7ez(@Dyv9ceKiLMw1Kh@^{IXyYD<3Al99&XS7O_UvQ$wwXVVFz;DTZd>$w_bO)?iB~>Z5tiQ zKGCa=^ySZWfu6OH8dA^7i<~>*>O;H=4`wlxQ6kc5h?XG*94fWwXRq{+{2Ma|>Zb+> z=B$b<5c~@Xe46D*m8uwAox8Cf!9qlpVn*a@1a%f)9p{7s5`z~q&8f)=UmFrYm6WaL&C&qOjn1X3A7Z;h6wtQ!IpE-ieT$lBm$_)JY7n{ z76|rZG{KbFX4wr9bcEPV;Z-5o2El})SS9>i34$rSRUsHbN*_q78DT2RVG*KvtbB+N#MMXN%}@_ z%0n=lf95~ZH+nY|Z}^Y&jo607WB$i~S32^(N3IJCPQMT}Mx?n*2qsrs}y>P3+29wfqXo(BIGNWe&?;9DM@{3{(CO30qyz zXQR~X|4%IW|M>7^tN-6f*#Y9}tswI^cEe7s=a(>$w?+EaPSwj8rHj_Z)HnLxQ1O0^ zkh&pBnG@xM$3>sF?`~dR_gR$KF(Y}JwlKQfJFQJUgmTO31P}tShlYpEYrS%(W?K|9FD+E^EGO^8~jEnudadW*%16D&VwEB zcNBPpb8rM)Kfib_^U&W+VR#4TMEd>WkTMtqoKyO*{3v?PnVvppaKP`sKkIjZBB#h9 z4^-c>7G4l9nW0ef8sb^*iMrq5Y$=DU9ZAO|34H(===b{y(2vOk#3&*$lgz>8SfYq| zMR1!;G6t7J+5?f`)PS%jf+4_^CP;(KZuK49SxPP4vELL~I5W*T)cpMU22Rj#yO`&H zgkp**L!pNb-oLzf@#f_w^8X*69v#~8U$*%lHdS`ORW|AiYW|z-v1OM7%jWi9lV9Fq zmkf=#jVAXH3-B{*^2?J!6|*U_G78sTd6cK>*QFvHt{t*8Mc;8D(gNc=E&3ntNs!D? z$&E=X$km$dC21jVU`#U9-N7`#xQZ6#;qIG2uD-~rqlLcLDS=&f*|W?Xuck$5Q2Qp3 z3)<$=HBuddG{f#jo6eW65gEiDfB9MTVoxO7x`J%Fr!MhkFxpf4!ad-ld+ecJLt4y8 z60)nZnB#3}k)Ic)5sOd>dOnSZsU zMY%!Lva~QTT!JLkw4llDg0o^%w9ptXKP&2Jp^e8Eq(#-`&ystmrbUY33W!m&cUqTQ zkBSz2?|ewF%zV9>VhUs*^!1Te3d>(sRgUJDA=O5R~b#239a zX9iJyZ-#LTTJ%3g#Ba=nZITuoCm+BuQ{GRUEaqH6daA6076l8`$3=_G>NcGj4G6L- zS`=B4#m?3?N zRwBwMAL+ooDW` zB78n16pfQWIxEjf0v@1*Bo7b>=oE5Nmkgfap3!**-f`aT0aLUmKq*(igrZ`norg9f zB0@bLW6#}0^~I90M4Oq-7^>PDlNqa~HkWw@Zl;7H!Jo_dF`JPPjPB5!j#6&^=~Dx< zr%ySh3>;P4(%rHh}QBWYnqm(%qf&=-nc&ztB)AiSFog=Q_N^n;5RBE~w@J-xz8?`IWyEa0pCU5^zy5AG3Yp}w^1Hi8q@YQ2 zr6w>%%{s^{AaO$ZIv4iHw&H1NB0Fi6^&$IoxxsMIby=c*?c1+o-Ys zIzBot`hO3$_Fo$*JDEf-Y>XXREGkf-J>(P|_699iTT$-`>Ytf1>M z!ETIZC9F>885qgcJW8WGMloV+4rYl=Pz0#rzDD}nQ6Jn)rKdOW@pz14aWr9dzmLZN z7NIJwwa^?RVQtRf9RkpB4)=st+#U$<9ZKW8(IkojB#yj51k|Gi{dMa3xCbZ!SlY5D z3kci zjk^8+`0Uh{{|`^L`~ODDPNq6+assS1Hd~Y9V6Bna>WtL*X5%;&+HKDq%4a^n%94e-VK55k$A+3J_JXv zwrR|)Qnvpa*Jn$&QM>=2*!jQC4v)9-zcx~KQU+ry0erU-z+>3UIZm9pt>4Sj2?<)U z#xHOz?lI@@;^#4fY zM>%qCjX%C&;|~?P@B6X*P#xNueSqd>A9nD|g$8|{HXjWUY>egB;KML8mq8e7IV`o= z1IyIIh~c=k^Y}v*lmClvp|^(ck9F~%j!us4{0~RxTmEk|We2?f@#1+a?yr>hTXCX? zs!g{!pSG#Q4>jB%Ut3M7yL=)D(c0pnjx@skkNn>n$NFUxLkL`#j7Q``xHJaQ>JvpY z9^7h#wIgIb!qrnEL--monwt=1O)Q467bKLS`0v<9>q1yH0Umf8yU*pX_as1j!1(ba z4!KOxt3%jM$&sP3+SDBFCqxOtc8ZRbB5bGXXopl(IwBv6K9dZzS@+2KZ*y0EPm&zfZ^u&^vA+G+XUg1x}aWD(wM>u<%NoS zA5Mg}p|GHF9(v_UXS~f~u#|^f>2>zOTN3U&KH7is{>O{w zH4$5Mm5Kl)9NS?BfOLs8&j@TtYL7YHQE@35*oq@9Q!uAolo@qmUnWYBCFKIF8g(g` z01&5J{;P>no40@>5&}WyNlP}p!x$=Z9Ezk&`}~jet759767ZS;0tAfk{)GR^vNP3A z6KmOJh^ZI*N^HsQ1y(f#5%FmoV)G4aC1jn=v(8k|@Q-uxVCw&=2LtpR#SD+J2ic0e zKWptjP6q}1@6)4`t^R)_Wd~gIQ3uAbKf=p^$EWZYDA^09ib~5X^*y7Z65YNFss2a) zp+hIWydK=fYWF6)=J#SGc!FL%Ql?gR)tcBcqk~$cOy%fWw5<-zYLUXeIj3r+AZt!( zDd_S=8ivCdJRAc2#b}tONOhip3yrSk{l)MiUrGx{A}F8~K~#ceiiE505R6zr`(DgO zB21w8b%*Aoy4Z*|8JY!14KiYMN}RTxKeYt}_ze0V4Fj_X37g8v6eG&{EF1!uhN2Y7 z`qUn61Xf_B^!(#UL4Vv*kpEtOVJHq^a2YZbkKrm}0M*EUXJ==}w*S}3HvYqAikAQM zu!D5mmq-Sf7YdD%%7^*dYjzqi+gdoUU#o1x>vu88VW!1~!rE;zQu*68qnP4DRvpyY zri+jkdNyH=3FSwuxZrFxRwY|fU0R@mXxqA5nXqfxpZLDKze#!fEX8iI%f<9RZMx;k z@UzO%`uh}nQv)|=_gdHvR&;AhD65*11xeQImT{9;)vXdQ$h6r#uuCG@B^-iRA1*;e zq9hP9>^LSf@CN&SfF59sK#WwpE845-7LMSok|MU&V1aHq)IfF3HYzpUs>)forqL4J zl9>m6ZyN0Z%BP^$TWPl>%*(6iBD7@^8+rHgYfI^Mg1JmIA-~IT>^0g6)mN8SAm5$> zjM>xycxBz{f4sbMSk$a$w6d_Gpot}Q*ENLm)U4U#J3GI92hn-!f2A_ zr=<6maQyoY`Ty0`hgJK4)%yP* z+V{W5C#NS{`F|5d%m1&gJ}fHmuQev*;xhYMBSq%K?pIeITGC7NE^Yn38_L!uW^K~O z8WKw_W?C}&yU?HKy&B31Qh`}z64ym&b~8ok?kQ5WiH52P&WKJ1sOz~2VgN=F3VkGbAYmy6 zMkgogX8Uk(E?oOZ#cKuib=5T#azWaxSPq3&Y?PU_XwhfxjN^Xlq@ zWOOD`qB)Bla2ftf_EP9SuAg7LehEHY9vF%cdHwt(Mq~9+c#nMy`yQDca8RIo*lmBg zwQpT-ZSR@BV#)D;D~$PMmRkOAV8{PEJ|1lEe>PHfz;*NZPm3A*HDdVM#r|$#+1HG* zljmz)fST53d`<o&lAeXOtKGqUwV6$z+}~=f0<%h0DkM>9*vaB8Re4uPm64>j1kbn5$LV*&hrt0O zbtP%g-2#Z;Qif0H96^A?%jD&^3eJ-5$6SMjtN{ z7^nwo+NMu>4LX9Ifms|KX&(8rq9YAkbF|;2BmIw>UR9yLnup!2=*S%GUS8dw?19Ux z`?EF%9~B*;h*C_#i?NV%>gLw6Q%ki5pl)vWd4N&KF0b~$TM{-i8EDiId9~R06!<>F zGei=0jXVB=Ed=PZtz$61Jy+W^z)Tf*KW=+7^FKSq=yS`5W-c{K!w=STg+v;NVbe{_7@ z^!xlVHU!2oX1>R!qdwnWmBUXuzp}T7gZ|Ng<1pwSpQy+HxlL!7?gg&5a!bRPC=Q2vNL&qB7ZB;kBxXbK=Yau@FyfJ52&Rlh z7Pu=_`_F@KScY}Ue{YG8c;`0c|9>_(D*FEqPPg*kCdv-bqrDaXECFmQ{%ys-t@yVU z|F+`aBM|>utdUhnck2_;nyir(N?;8-auf5B^=fwEW!FgBA10dvk=lpVA+rZw6AuQZ zOQoVCLQ?2|Ol5>m{ZR2V?vB`Nq}{H?VGBti9}E$Fi3ml$j@}Rwzr=y+5eT*%IU(yb zmTTo@X38pp709uVOB8i3hN0$wzAtH2ztF2>2#yEewiLT9ix!vspKdEFYNJ~IKRiA; zweNpVP7cqv^8Y5v4p0GCml6Nl*#){vYAfglzv?g$%aEm+tvoKu2MO}%1m{?7P%@3RvR&8vji(z7Jn70RS>Kq zzKHs^rGay?j8elkC(WFjzKlPTez=!PyzRn}6xyoLU6csQCLtC|oRuR*_1>fi@sI^N zD#c1=*;;q0nmKjutPN&PlhaSSX*!Y1Wez67w=}@vojH^C!0lWI%9JXigd*GLa48a5 zIMry!D!*-;!^l~h@>dd_)a3sWo_+;&VzEDK=dUb+308F3E-zPF>0hI~?zKkc+QclW z2Dt*koVwZD`37fQD}rS@I@O=bdz?CgjqI@~Otk#1k7!)dZTBq^ZrHwDsC!%vVrh)x zTg3M<-*U!I^^*dBMhutc6+}An~JKAM9QPlt_Z9nV0$d%WV*bK8JIQsQg|$5P$%TMfH0W zGnHY8BM>6wBfs)Sy7o$BdH$+yG~IV5U$wL%*pyJ#j$jQo{VL?_*oD0DJwT@< z34Ffto<4>51pCN;`g9K@p$H!E^y$Tq*Y93`xOw^dA5Wix5P68wg%bR_acaMZrJUJj z36_hbp|~+j)t>eyp^Q_Igdhoh6sMdUuZVmAZ^?b_C4EDJm4&6)r9FVD9hX7{)PM;i z`zroNd0>hJ%PL#Sk2xtmrXt>_UDMl*_xhuj`9AF$ zhLFAQ^k&R)|D*DOZR-AKaC$tjTra;MN*#4UuG$R$2+a6?dqUO|JueCnz)Jv=NKxk~i(ab1pH z_26dcT_fhk2U1|S(ilBkoxl1VTh+9yLC;p6uPNJB1&)>I*|FvqRmkQe$!F4YF^O#& zOjc=I8>2_!TFXht%5}sTjEG;1xmLEfwT+2f$NZ&{~Hr4>sGp-jMU zJ*_KgP$i2OaoRKuQZ0hH6561gf~ulHt(9O7r&ZX$snTdIxK$MkY;Kh_Xp<`KtJ1*M zhqNO^B@JqA`Eoe5Oj=%5Dr~ee2*$afZ-R0wWA_D$0y3YWknMrzF$w=lZuh`n$*p}K zSiK)efv_PBzRtOz^&CrBYd4`mqkZA4u7xY&gV!xKFAG!?8Z_A#HctcI@ry;0I~G7S zqCtgnB*Uqtrrc0MM8tn5Q#!hvVxes6_uofgSDc$YNrN9KXoA}+XfP#|y+w?_EeEuq zLb-$%W|L;u4G5A3O>kQU4J5y)2>lv|caDj-5DiKQ;ApQv2Tg+}xUGT)F`^8{tkTDR zL6fW!D&$)f1h@zu;5;+Q(=^D{?CWZK;4QjG@g8^={seK5#MMdk8m zT3-Yh(ux2!t#7fGEap4_um-srP%UZD$59zhYc|m=v?nH!5D!K;`v2Lx-rcr!E56Tu z3L^b5CrGq7ZgMXKEWkx??|O$dEs_=&SP(?CMB7|t$`fTb+15AME9~X=Bp2cziPS%n zwBn?I*?w^Jhv&ziDC+Q#=NuM!BF9PX39;rtzJD9@ygqq9cvm3dslAaa7w#N*xB1V) z;ap1A;hSD`k z9mWF-{ebU$=mcKp-~?PL@P_Z<0~nj^9d_qH`3=l$C{LmzwQyk2bXN{2f@wH!8d_dN zKe&DVSbBKj0jgwcMG5WZ7n~*!?eVW+n$3giBW1`Pju6j+h&l8P^Kx}-W@h@@W}vM&m4Hk zGXGik|L*l&FafT#{*M#{5?26*Z~wW1@iBP&fN5sp2Wid0mzK>M6%PLYzyJP;H+okj zd_j+aS8n`BNc;%CvOSU|J%0uPBPiICgtnLM*-2o)+-R^S0ZpfknWJ|&&ELm7R#~?2ip8` z_cO^~7_}-B4lu#ln+-fX z8wVOVCmytj@`J%82#OVs!f}dic!3!XVH`g)AE=fEj6lp$l-(hU8y~m?K~<{@xNjSG z&I6D<3JVAmOQIt3S>d`ii<1eAJ^b)y4%1A&oMeq746mz|9}g}8o&pH|^6@kCsS`eV z%v(?i`;kk!31N)DdmKeE`U+D9fo_ruqv)z8Iw;-5yul^NndPp5(vy$P=9ouX-m*F+ zA_@fy50~G^{S^ze6BH+8MnRV3)gK-4LEz{J1O#OsUantzczM4f%M`D1jAkghUnXgG z&vt4ArGujORE2|FE;mlTBAQ93#E&cl)G$dwz@tIosS*`FXO$$vM;k?lfUFjioKb~o z(Uw-QOH5|>v;32OpXLgVIYbum2+!tE1Gn3UQVtip@Sgll$lBmHsf}Q^VN>MIwAa8X zrGwB3xGi_f-VLMTw+x*k_Rro8!!#lPNG9?)J0}0OLB^M$Ek1IAi0>i~+zmai453qc zwlP@0szYzvm9O#vx;TE=?$s%=`2zqnoIQDUZg$obbjY)MZ4IuS4K+4h)v;Gn%Uq#+ zGJL>x+ldqPU3U6;xy8T-G+Ce%`KLJBxi85FqtjER8nKz8Y|aV5%lslw{x9=il!BG( z`8|tAzPRbdNeJW0Ntz`ooT19OnxK)HAm-89A#DP~FRLZh&K2KxU)zUJp4Ahf0HCZU zs|ZfO$YcL1$4p}0US z>QpLcy@5nYMm0KEzx2Vu*+IkQC?ZroUBxu0_62Eq^@Uwtsf8OWeNfmcm2)*Co)5+s zMNg`J{Y5txhfl)%_&`#r%}7dU!aU%E^NSy=2UVMaU$GUG52-e{))`gn74x7*$`$p4 z^*F9~u#bAvlNg*0olg{jIxA6;v#NH8NaSs2U7ZP5J6-hA2I1 zSi7huj@$kI@B;lSAx4l}a|NmkE1&*e54GDN#0qSfkZ_fzh=jFtv*ut6c7I9I366qh ze(R!!KgDtK^%z{EWeh`f4EX(r-H@jc$0+)1GNJEqu5v#94KHvJAG#~eXG3;O0D_Ue z$gD!{5M{+OU4gP*2s8cQ&p^WYK=kb}|L zY3p~dLzER{7-o2l8eihRJ4T17I%K1?vW3Z$<&`bG;46t`i?(;CmhHjf#S_a)9W*~8 z)e}A9SUx2wV~q)=pdOU$lT;VvrL~W-57@_;ooxQ>`QVHLY5l_ZK;))v9?(mhlsXpq z;9MY5hg2VkVYG6N%FC4(O&)6L$felEZd0DFmjwznkgt~Ad7HN*b)GB(Wr$3I-0SLXj0r{lBz{C^ka6)0D9+#|r*8UfVO738g_ z;BL-=-L^Frw3NPLwr!f(q%cFXjhn=+HI?8Rg(-qra~!J5lt*Bwh24>L9E0m5jxm{i zUPdr0w*YrGEmd!+11NTKxF}%;c~A3}=n%vr#xeL%?D8&}j;Y>6i>7%C`0$y)HN*gI=L9h2av9?g=Gv$DdyOeh zh^|hLg*wfjgAe53z;96>iBwwkE-GsW#q*U%RJF1veYVmX$ z^}in1e*R#f|BdVMe_xOG>pwdwuYl{?kGamLXn6Jtor~_~qP98cWNubkbInUL&f1%0 zoeZ*e7OcV!Yj1&dvb{Rm*X)h0PG(k1?nX`A8QE2xEUI=2R$)lBH=#NiPy2YXM%L2r s+D9xFOKE+00030|C#9k0{|EY08UFg*8l(j literal 0 HcmV?d00001 diff --git a/library/ix-dev/community/zerotier/ci/basic-values.yaml b/library/ix-dev/community/zerotier/ci/basic-values.yaml new file mode 100644 index 0000000000..51a06e830b --- /dev/null +++ b/library/ix-dev/community/zerotier/ci/basic-values.yaml @@ -0,0 +1,9 @@ +# FIXME: Find a way to have test keys for CI testing +# We need an authToken(aka API key) network(s) and identityPublic/identitySecret +zerotierConfig: + authToken: some auth token + identitySecret: some identity secret + identityPublic: some identity public + networks: + - some net id + - some other net id diff --git a/library/ix-dev/community/zerotier/item.yaml b/library/ix-dev/community/zerotier/item.yaml new file mode 100644 index 0000000000..118492e7fa --- /dev/null +++ b/library/ix-dev/community/zerotier/item.yaml @@ -0,0 +1,4 @@ +icon_url: https://avatars.githubusercontent.com/u/4173285 +categories: + - vpn + - zerotier diff --git a/library/ix-dev/community/zerotier/metadata.yaml b/library/ix-dev/community/zerotier/metadata.yaml new file mode 100644 index 0000000000..02c9b594df --- /dev/null +++ b/library/ix-dev/community/zerotier/metadata.yaml @@ -0,0 +1,32 @@ +runAsContext: + - userName: root + groupName: root + gid: 0 + uid: 0 + description: Zerotier requires root privileges to start the Zerotier process +capabilities: + - name: NET_ADMIN + description: Zerotier requires NET_ADMIN to configure the VPN interface, modify routes, etc. + - name: NET_RAW + description: Zerotier requires NET_RAW to use raw sockets and proxying + - name: AUDIT_WRITE + description: Zerotier is able to write to audit log. + - name: CHOWN + description: Zerotier is able to chown files. + - name: DAC_OVERRIDE + description: Zerotier is able to bypass permission checks. + - name: FOWNER + description: Zerotier is able bypass permission checks for it's sub-processes. + - name: NET_BIND_SERVICE + description: Zerotier is able to bind to privileged ports. + - name: SETGID + description: Zerotier is able to set group ID for it's sub-processes. + - name: SETUID + description: Zerotier is able to set user ID for it's sub-processes. + - name: SETPCAP + description: Zerotier is able to set process capabilities. + - name: SYS_ADMIN + description: Zerotier is able to perform various system administration operations. +hostMounts: + - hostPath: /dev/tun + description: Required to access the TUN device diff --git a/library/ix-dev/community/zerotier/questions.yaml b/library/ix-dev/community/zerotier/questions.yaml new file mode 100644 index 0000000000..ede49247fb --- /dev/null +++ b/library/ix-dev/community/zerotier/questions.yaml @@ -0,0 +1,120 @@ +groups: + - name: Zerotier Configuration + description: Configure Zerotier + - name: Network Configuration + description: Configure Network for Zerotier + - name: Resources Configuration + description: Configure Resources for Zerotier + +questions: + - variable: zerotierConfig + label: "" + group: Zerotier Configuration + schema: + type: dict + attrs: + - variable: networks + label: Networks + description: The network(s) to join + schema: + type: list + empty: false + required: true + min: 1 + default: [] + items: + - variable: networkEntry + label: Network + schema: + type: string + required: true + - variable: authToken + label: Auth Token (API Key) + description: | + (Optional) The auth token for Zerotier.
+ Same as authtoken.secret. + schema: + type: string + default: "" + private: true + - variable: identitySecret + label: Identity Secret + description: | + (Optional) The identity secret for Zerotier.
+ Same as identity.secret. + schema: + type: string + default: "" + private: true + - variable: identityPublic + label: Identity Public + description: | + (Optional) The identity public for Zerotier.
+ Same as identity.public. + schema: + type: string + default: "" + private: true + + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Zerotier. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: zerotierNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: hostNetwork + label: Host Network + description: | + Bind to the host network. It's recommended to keep this disabled.
+ schema: + type: boolean + default: false + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Zerotier. + schema: + type: string + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Zerotier. + schema: + type: string + default: "8Gi" + required: true diff --git a/library/ix-dev/community/zerotier/templates/NOTES.txt b/library/ix-dev/community/zerotier/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/community/zerotier/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/community/zerotier/templates/_zerotier.tpl b/library/ix-dev/community/zerotier/templates/_zerotier.tpl new file mode 100644 index 0000000000..64cb602875 --- /dev/null +++ b/library/ix-dev/community/zerotier/templates/_zerotier.tpl @@ -0,0 +1,89 @@ +{{- define "zerotier.workload" -}} +workload: + zerotier: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.zerotierNetwork.hostNetwork }} + sysctls: + - name: net.ipv4.ip_forward + value: "1" + - name: net.ipv6.conf.all.forwarding + value: "1" + containers: + zerotier: + enabled: true + primary: true + imageSelector: image + args: + {{ if not .Values.zerotierConfig.networks }} + {{ fail "Zerotier - At least one network must be specified" }} + {{ end }} + {{ range .Values.zerotierConfig.networks }} + - {{ . }} + {{ end }} + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + capabilities: + add: + {{/* Most of those capabilities are normally added by default in conainers + But by default, in common, we drop all of them. So here we add some of them + as they are needed, because zerotier starts as root but drops privs for some + of the processes running by the zerotier binary */}} + - AUDIT_WRITE + - CHOWN + - DAC_OVERRIDE + - FOWNER + - NET_ADMIN + - NET_BIND_SERVICE + - NET_RAW + - SETGID + - SETPCAP + - SETUID + - SYS_ADMIN + env: + {{ with .Values.zerotierConfig.authToken }} + ZEROTIER_API_SECRET: {{ . }} + {{ end }} + {{ with .Values.zerotierConfig.identityPublic }} + ZEROTIER_IDENTITY_PUBLIC: {{ . }} + {{ end }} + {{ with .Values.zerotierConfig.identitySecret }} + ZEROTIER_IDENTITY_SECRET: {{ . }} + {{ end }} + {{ with .Values.zerotierConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: exec + command: /healthcheck.sh + readiness: + enabled: true + type: exec + command: /healthcheck.sh + startup: + enabled: true + type: exec + command: /healthcheck.sh + +{{/* Persistence */}} +persistence: + tun-dev: + enabled: true + type: device + hostPath: /dev/net/tun + targetSelector: + zerotier: + zerotier: + mountPath: /dev/net/tun +{{- end -}} diff --git a/library/ix-dev/community/zerotier/templates/common.yaml b/library/ix-dev/community/zerotier/templates/common.yaml new file mode 100644 index 0000000000..c3a8461171 --- /dev/null +++ b/library/ix-dev/community/zerotier/templates/common.yaml @@ -0,0 +1,6 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "zerotier.workload" $ | fromYaml) -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/community/zerotier/upgrade_info.json b/library/ix-dev/community/zerotier/upgrade_info.json new file mode 100644 index 0000000000..767388094a --- /dev/null +++ b/library/ix-dev/community/zerotier/upgrade_info.json @@ -0,0 +1 @@ +{"filename": "values.yaml", "keys": ["image"]} diff --git a/library/ix-dev/community/zerotier/upgrade_strategy b/library/ix-dev/community/zerotier/upgrade_strategy new file mode 100644 index 0000000000..e8e94b8314 --- /dev/null +++ b/library/ix-dev/community/zerotier/upgrade_strategy @@ -0,0 +1,30 @@ +#!/usr/bin/python3 +import json +import re +import sys + +from catalog_update.upgrade_strategy import semantic_versioning + +RE_STABLE_VERSION = re.compile(r'[0-9]+\.[0-9]+\.[0-9]+') + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)} + version = semantic_versioning(list(tags)) + if not version: + return {} + + return { + 'tags': {key: tags[version]}, + 'app_version': version, + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValueError('Invalid json specified') + + print(json.dumps(newer_mapping(versions_json))) diff --git a/library/ix-dev/community/zerotier/values.yaml b/library/ix-dev/community/zerotier/values.yaml new file mode 100644 index 0000000000..795f58cef9 --- /dev/null +++ b/library/ix-dev/community/zerotier/values.yaml @@ -0,0 +1,19 @@ +image: + repository: zerotier/zerotier + pullPolicy: IfNotPresent + tag: '1.10.6' + +resources: + limits: + cpu: 4000m + memory: 8Gi + +zerotierConfig: + authToken: '' + identityPublic: '' + identitySecret: '' + networks: [] + additionalEnvs: [] + +zerotierNetwork: + hostNetwork: false