From aa1527ccb572e8392358bd95ad55e67d4da1a3fa Mon Sep 17 00:00:00 2001 From: Joey Hafner Date: Mon, 28 Oct 2024 18:01:52 -0700 Subject: [PATCH] #19 Delete legacy docs, extract useful content into other docs, delete `homelab/docs/` --- README.md | 22 +- homelab/README.md | 53 ++ homelab/docs/CONTRIBUTING.md | 4 - homelab/docs/Configure a New Host.md | 68 --- homelab/docs/DNS Resolution.md | 27 - homelab/docs/Diagram.md | 34 -- homelab/docs/Email.md | 21 - homelab/docs/GITLAB.md | 33 -- homelab/docs/Git Sparse-Checkout.md | 18 - homelab/docs/Graceful Host Reboot.md | 71 --- homelab/docs/How to Restart Hosts Safely.md | 121 ----- homelab/docs/Install Docker.md | 17 - homelab/docs/Internet Neighborhood.md | 510 ------------------ homelab/docs/Physical Network Diagram.md | 40 -- homelab/docs/Power Consumption.md | 19 - homelab/docs/Public Iperf Servers.md | 17 - homelab/docs/Recovering From Power Outage.md | 11 - homelab/docs/Restart the Docker Daemon.md | 6 - homelab/docs/Secrets.md | 15 - homelab/docs/Security.md | 170 ------ homelab/docs/Set up the repository.md | 14 - homelab/docs/SpotDL.md | 29 - homelab/docs/Tour.md | 15 - ...rom Debian 10 (Buster) to 11 (Bullseye).md | 4 - ...m Debian 11 (Bullseye) to 12 (Bookworm).md | 8 - homelab/docs/attach/ping.log | 5 - homelab/docs/attach/scripts/remux.ps1 | 7 - homelab/docs/attach/scripts/slow-mo.ps1 | 19 - homelab/docs/attach/scripts/transcode.ps1 | 56 -- homelab/docs/iSCSI.md | 173 ------ .../docs/img/lg_webos_playing_video_files.png | Bin 66097 -> 0 bytes homelab/docs/img/lg_webos_video_codec.png | Bin 75066 -> 0 bytes ...g_webos_video_playback_supporting_file.png | Bin 38574 -> 0 bytes .../docs/img/pihole_domain_blocked_chrome.png | Bin 8938 -> 0 bytes .../img/pihole_domain_blocked_firefox.png | Bin 13585 -> 0 bytes .../README.md} | 2 +- homelab/local-hosts/fighter/README.md | 175 ++++++ .../{ => local-hosts}/silver-flame/README.md | 0 homelab/sellswords/protonmail/README.md | 22 + .../ffmpeg-tuning}/ffmpeg Notes.md | 0 .../ffmpeg-tuning/img}/1080p CRF 21.png | Bin .../ffmpeg-tuning/img}/1080p crf 27.png | Bin .../ffmpeg-tuning/img}/720p CRF 21.png | Bin .../ffmpeg-tuning/img}/720p CRF 27.png | Bin .../ffmpeg-tuning/img}/CRF 21.png | Bin .../ffmpeg-tuning/img}/CRF 27.png | Bin .../ffmpeg-tuning/img}/File Details.png | Bin .../ffmpeg-tuning/img}/original.png | Bin 48 files changed, 264 insertions(+), 1542 deletions(-) delete mode 100644 homelab/docs/CONTRIBUTING.md delete mode 100644 homelab/docs/Configure a New Host.md delete mode 100644 homelab/docs/DNS Resolution.md delete mode 100644 homelab/docs/Diagram.md delete mode 100644 homelab/docs/Email.md delete mode 100644 homelab/docs/GITLAB.md delete mode 100644 homelab/docs/Git Sparse-Checkout.md delete mode 100644 homelab/docs/Graceful Host Reboot.md delete mode 100644 homelab/docs/How to Restart Hosts Safely.md delete mode 100644 homelab/docs/Install Docker.md delete mode 100644 homelab/docs/Internet Neighborhood.md delete mode 100644 homelab/docs/Physical Network Diagram.md delete mode 100644 homelab/docs/Power Consumption.md delete mode 100644 homelab/docs/Public Iperf Servers.md delete mode 100644 homelab/docs/Recovering From Power Outage.md delete mode 100644 homelab/docs/Restart the Docker Daemon.md delete mode 100644 homelab/docs/Secrets.md delete mode 100644 homelab/docs/Security.md delete mode 100644 homelab/docs/Set up the repository.md delete mode 100644 homelab/docs/SpotDL.md delete mode 100644 homelab/docs/Tour.md delete mode 100644 homelab/docs/Upgrade from Debian 10 (Buster) to 11 (Bullseye).md delete mode 100644 homelab/docs/Upgrade from Debian 11 (Bullseye) to 12 (Bookworm).md delete mode 100644 homelab/docs/attach/ping.log delete mode 100644 homelab/docs/attach/scripts/remux.ps1 delete mode 100644 homelab/docs/attach/scripts/slow-mo.ps1 delete mode 100644 homelab/docs/attach/scripts/transcode.ps1 delete mode 100644 homelab/docs/iSCSI.md delete mode 100644 homelab/docs/img/lg_webos_playing_video_files.png delete mode 100644 homelab/docs/img/lg_webos_video_codec.png delete mode 100644 homelab/docs/img/lg_webos_video_playback_supporting_file.png delete mode 100644 homelab/docs/img/pihole_domain_blocked_chrome.png delete mode 100644 homelab/docs/img/pihole_domain_blocked_firefox.png rename homelab/{docs/Gathering Hardware Info.md => local-hosts/README.md} (95%) rename homelab/{ => local-hosts}/silver-flame/README.md (100%) create mode 100644 homelab/sellswords/protonmail/README.md rename {homelab/docs => projects/ffmpeg-tuning}/ffmpeg Notes.md (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/1080p CRF 21.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/1080p crf 27.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/720p CRF 21.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/720p CRF 27.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/CRF 21.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/CRF 27.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/File Details.png (100%) rename {homelab/docs/img/ffmpeg => projects/ffmpeg-tuning/img}/original.png (100%) diff --git a/README.md b/README.md index 209892f7..1460e70a 100644 --- a/README.md +++ b/README.md @@ -3,13 +3,17 @@ A monorepo for all my projects and dotfiles. Hosted on [my Gitea](https://gitea. ## Map of Contents -| Project | Summary | Path | -|:-------------------:|:-------:|:----:| -| homelab | Configuration and documentation for my homelab. | [`homelab/`](homelab/) | -| nix | Nix flake defining my PC & k3s cluster configurations | [`nix`](nix/) | -| Jafner.dev | Hugo static site configuration files for my [Jafner.dev](https://jafner.dev) blog. | [`blog/`](blog/) | -| razer-bat | Indicate Razer mouse battery level with the RGB LEDs on the dock. Less metal than it sounds. | [`projects/razer-bat/`](projects/razer-bat/) | -| 5etools-docker | Docker image to make self-hosting 5eTools a little bit better. | [`projects/5etools-docker/`](projects/5etools-docker/) | -| 5eHomebrew | 5eTools-compatible homebrew content by me. | [`projects/5ehomebrew/`](projects/5ehomebrew/) | -| archive | Old, abandoned, unmaintained projects. Fun to look back at. | [`archive/`](archive/) | +| Project | Summary | +|:----------------------:|:-------:| +| [dotfiles](/dotfiles/) | Configuration and documentation for my PCs. | +| [homelab](/homelab/) | Configuration and documentation for my homelab. | +| [projects](/projects/) | Self-contained projects in a variety of scripting and programming languages. | +| [sites](/sites/) | Static site files | +| [.gitea/workflows](/.gitea/workflows/) & [.github/workflows](/.github/workflows/) | GitHub Actions workflows running on [Gitea](https://gitea.jafner.tools/Jafner/Jafner.net/actions) and [GitHub](https://github.com/Jafner/Jafner.net/actions), respectively. | +| [.sops](/.sops/) | Scripts and documentation implementing [sops](https://github.com/getsops/sops) to securely store secrets in this repo. | +## LICENSE: MIT License +> See [LICENSE](/LICENSE) for details. + +## Contributing +Presently this project is a one-man operation with no external contributors. All contributions will be addressed in good faith on a best-effort basis. \ No newline at end of file diff --git a/homelab/README.md b/homelab/README.md index 3c0d0e0d..a0db1d41 100644 --- a/homelab/README.md +++ b/homelab/README.md @@ -15,3 +15,56 @@ This directory contains the files that compose my homelab. | silver-hand | Documentation and Terraform configuration for the `silver-hand` local Kubernetes cluster | [`silver-hand`](/homelab/silver-hand/) | | stacks | Maximally independent Docker compose files for various services | [`stacks`](/homelab/stacks/) | | wizard | Documentation, configuration, and scripts for the `wizard` VyOS host | [`wizard`](/homelab/wizard/) | + +## Configure a New Host + +### NixOS + +- Download the [NixOS ISO installer](https://nixos.org/download/#nixos-iso). +- Refer to the [NixOS Manual](https://nixos.org/manual/nixos/stable/) for further instructions. + +## Security +Below are described the general security principles followed throughout this project: + +- Never lean on security through obscurity. +- Minimize friction induced by security. Friction induces laziness, which inevitably circumvents the original security system. +- Understand that security practices cannot *eliminate* vulnerability of the system, only make it *too expensive* to attack. +- Tie less important secrets to more important secrets, but not vice-versa. + +Further, we have some tool-specific guidelines. + +### Securing SSH +When configuring the SSH server for a local host or VPS, or when provisioning a new SSH keypair. +- Generate one private key for each user-machine pair. +- Do not automate dissemination of pubkeys. Always install pubkeys manually. +- Disable password-based authentication. +- Disable root login. + +### Docker Compose +To write secrets into `docker-compose.yml` files securely, we use the following [`env_file`](https://docs.docker.com/reference/compose-file/services/#env_file) snippet: + +```yaml +env_file: + - path: ./.secrets + required: true +``` + +And we then write the required secrets in [dotenv format](https://www.dotenv.org/docs/security/env.html) in a file located at `./.secrets`. For example: + +```dotenv +API_KEY=zj1vtmUNGIfHJBfYsDINr8AVN5on1Hy0 +# ROOT_PASSWORD=changeme +ROOT_PASSWORD=0gavJVrsv89bmdDeJXAcI1eCvQ4Um8Hy +``` + +When these files are staged in git, our [.gitattributes](/.gitattributes) runs the `sops` filter against any file matching one of its described patterns. + +### Web Services +**If a service supports OAuth2**, we configure [Keycloak SSO]() for that service. +When feasible, we shift responsibility for authentication and authorization to Keycloak. This is dependent on each service implementing OAuth2/OpenIDConnect. + +**If a service does not support OAuth2**, but it does support authentication via the `X-Forwarded-User` header, we use [mesosphere/traefik-forward-auth](https://github.com/mesosphere/traefik-forward-auth) as a Traefik middleware. This middleare restricts access to the service regardless of whether the service understands the `X-Forwarded-User` header, which makes it useful for compatible multi-user applications *and* single-user applications. + +**If a service should not be internet-accessible**, we use Traefik's [`ipWhiteList`](https://doc.traefik.io/traefik/middlewares/http/ipwhitelist/) middleware to restrict access to LAN IPs only. + +**Else**, some services *absolutely require* separate authentication (e.g. Plex, N8n). In such cases, we create user credentials as we would for any internet service; using our password manager. diff --git a/homelab/docs/CONTRIBUTING.md b/homelab/docs/CONTRIBUTING.md deleted file mode 100644 index 5b2355f1..00000000 --- a/homelab/docs/CONTRIBUTING.md +++ /dev/null @@ -1,4 +0,0 @@ -# Contributing -Please open a new issue to clarify any questions. - -As this repository is tied to my personal lab, I will likely not be accepting pull requests for code in this repository. However, pull requests for documentation are appreciated. diff --git a/homelab/docs/Configure a New Host.md b/homelab/docs/Configure a New Host.md deleted file mode 100644 index 88a2270e..00000000 --- a/homelab/docs/Configure a New Host.md +++ /dev/null @@ -1,68 +0,0 @@ -# Configure a New Host - -## Prerequisites -- Fresh Debian 11+ installation on x86 hardware. -- SSH access to host. - -## Create Admin User - -1. Get su perms. Either via `sudo`, `su -`, or by logging in as the root user. -2. `adduser admin` to create the non-root admin user. -3. `usermod -aG sudo admin` to add the new user to the sudo group. -4. `sudo visudo` and append this line to the end of the file: `admin ALL=(ALL) NOPASSWD:ALL` to enable passwordless sudo. - -After these, you can `sudo su admin` to log into the new user account. - -https://www.cyberciti.biz/faq/add-new-user-account-with-admin-access-on-linux/ -https://www.cyberciti.biz/faq/linux-unix-running-sudo-command-without-a-password/ - - -## Set the Hostname -1. `sudo hostnamectl set-hostname ` to set the hostname. -2. `sudo nano /etc/hosts` and edit the old value for `127.0.1.1` to use the new hostname. - -## Configure Secure SSH - -1. `mkdir -p /home/admin/.ssh && echo "" >> /home/admin/.ssh/authorized_keys` Add pubkey to authorized_keys. Make sure to place the correct SSH pubkey in the command before copying. -2. `sudo apt install libpam-google-authenticator` to install the Google 2FA PAM. -3. `google-authenticator` to configure the 2FA module. Use the following responses when prompted: - -* Do you want authentication tokens to be time-based? `y` -* Do you want me to update your "/home/$USER/.google_authenticator" file? `y` -* Do you want to disallow multiple uses of the same authentication token? `y` -* Do you want to do so? `n` (refers to increasing time skew window) -* Do you want to enable rate-limiting? `y` We enter our TOTP secret key into our second authentication method and save our one-time backup recovery codes. - -4. `sudo nano /etc/pam.d/sshd` to edit the PAM configuration, and add this line to the top of the file `auth sufficient pam_google_authenticator.so nullok` - -5a. `sudo nano /etc/ssh/sshd_config` to open the SSH daemon config for editing. Make sure the following assertions exist: - -* `PubkeyAuthentication yes` -* `AuthenticationMethods publickey,keyboard-interactive` -* `PasswordAuthentication no` -* `ChallengeResponseAuthentication yes` -* `UsePAM yes` - -5b. `echo $'PubkeyAuthentication yes\nAuthenticationMethods publickey,keyboard-interactive\nPasswordAuthentication no\nChallengeResponseAuthentication yes\nUsePAM yes' | sudo tee /etc/ssh/sshd_config.d/ssh.conf` to perform the above as a one-liner. Requires a version of OpenSSH/Linux that supports sourcing sshd config from the `/etc/ssh/sshd_config.d/*.conf` path. - -6. `sudo systemctl restart sshd.service` to restart the SSH daemon. - -## Install Basic Packages - -1. `sudo apt install curl nano inxi git htop` - -### Install Docker -1. `curl -fsSL https://get.docker.com | sudo sh` This is the most convenient and least safe way to do this. If this script is ever compromised, we'd be fucked. -2. `sudo systemctl enable docker` to enable the Docker service. -3. `sudo usermod -aG docker $USER` to add the current user (should be non-root admin) to docker group. -4. `logout` to relog and apply the new permissions. - -## Clone the Homelab Repo - -1. Create a new Gitlab personal access token for the device at [Personal Access Tokens](https://gitlab.jafner.net/-/profile/personal_access_tokens). Should be named like `warlock` and have the following scopes: `read_api`, `read_user`, `read_repository`. -2. `mkdir ~/homelab ~/data && cd ~/homelab/ && git init && git config core.sparseCheckout true && git config pull.ff only` to init the repository with sparse checkout enabled. -3. `git remote add -f origin https://:@gitlab.jafner.net/Jafner/homelab.git` to add the repo with authentication via read-only personal access token. NOTE: Make sure to replace `` with the name of the personal access token, and replace `` with the key for the personal access token. -4. `echo "$HOSTNAME/" > .git/info/sparse-checkout` to configure sparse checkout for the host. -5. `git checkout main` to switch to the main branch with the latest files. - - diff --git a/homelab/docs/DNS Resolution.md b/homelab/docs/DNS Resolution.md deleted file mode 100644 index 3ab4398d..00000000 --- a/homelab/docs/DNS Resolution.md +++ /dev/null @@ -1,27 +0,0 @@ -```mermaid -graph TB; -Upstream["dns.google (8.8.8.8; 8.8.4.4)"] -Clients["Clients [192.168.1.0/24]"] -Router["VyOS Router [192.168.1.1]"] -PiHoles["PiHole [192.168.1.22,192.168.1.21]"] -BlackHole["Black Hole"] - -Clients --"First connect"--> Router -Router --"Sends DHCP with DNS=192.168.1.22,192.168.1.21"--> Clients -Clients --"Subsequent requests"--> PiHoles -Router ----> PiHoles -PiHoles --"Blacklisted domains"--> BlackHole -PiHoles --"Valid requests"--> Upstream -``` - -Clients connecting to the local network for the first time will receive as part of the DHCP negotiation ([code 6](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#Information)) the domain name servers' addresses. These addresses will correspond to the IP addresses of the PiHole servers (currently RasPis at `192.168.1.22` and `192.168.1.21`). -From that point, clients will send simultaneous DNS requests to both Piholes and use the first response received. This means the PiHoles will be able to track requests per-client. However, this splits tracking data between the two servers, so it may be difficult to visualize a complete picture. -A client can be manually configured to request DNS resolution from the router, which will forward requests to the PiHoles. -DNS requests to the PiHole will be checked against the [configured adlists](https://pihole.jafner.net/groups-adlists.php). If matched, the request will be blocked. If a user is attempting to access a website that is blocked, the request should quickly resolve to a Domain Not Found error. It will look like this: - - -![Chrome](/docs/img/pihole_domain_blocked_chrome.png) -![Firefox](/docs/img/pihole_domain_blocked_firefox.png) - -If the request does not match any adlists, it will be passed upstream to Google `8.8.8.8` (or backup `8.8.4.4`). -Presently, the PiHole does not cache any requests. diff --git a/homelab/docs/Diagram.md b/homelab/docs/Diagram.md deleted file mode 100644 index e89907d2..00000000 --- a/homelab/docs/Diagram.md +++ /dev/null @@ -1,34 +0,0 @@ -```mermaid -flowchart TD - barbarian - druid - fighter - monk - wizard - cloudflare - -cloudflare["Cloudflare DNS"] --DNS *.jafner.tools--> druid["Druid: High-uptime, low data services"] -cloudflare --DNS *.jafner.net----> wizard["Wizard: Routing with VyOS"] -wizard --Port forward :80,:443--> fighter["Fighter: Data-dependent services"] -barbarian["Barbarian: Primary NAS"] --Rsync backup--> monk["Monk: Backup NAS"] - -druid --Docker--> 5eTools["5eTools: D&D 5th Edition Wiki"] -druid --Docker--> Gitea["Gitea: This Git server!"] -druid --Docker--> Uptime-Kuma["Uptime-Kuma: Synthetic monitoring and alerting"] -druid --Docker--> Vaultwarden["Vaultwarden: Self-hosted Bitwarden server"] -druid --Docker--> Wireguard["Wireguard: Performant VPN"] - -fighter --Docker--> Autopirate["Autopirate: Stack of applications for downloading Linux ISOs"] <--SMB--> barbarian -fighter --Docker--> Calibre-web["Calibre-web: Ebook library frontend"] <--SMB--> barbarian -fighter --Docker--> Keycloak["Keycloak: SSO Provider"] -fighter --Docker--> Minecraft["Minecraft Servers"] <--iSCSI--> barbarian -fighter --Docker--> Grafana["Grafana, Prometheus, Uptime-Kuma"] -fighter --Docker--> Nextcloud["Nextcloud: Cloud drive and office suite"] <--iSCSI--> barbarian -fighter --Docker--> Plex["Plex: Media library frontend"] <--SMB--> barbarian -fighter --Docker--> Qbittorrent["Qbittorrent: Torrent client"] <--SMB--> barbarian -fighter --Docker--> Send["Send: Self-hosted Firefox Send"] <--iSCSI--> barbarian -fighter --Docker--> Stash["Stash: Linux ISO frontend"] <--SMB--> barbarian -fighter --Docker--> Unifi["Unifi controller"] -fighter --Docker--> Vandam["Manyfold: 3D Asset library manager"] <--SMB--> barbarian -fighter --Docker--> Wireguard2["Wireguard: Performant VPN"] -``` diff --git a/homelab/docs/Email.md b/homelab/docs/Email.md deleted file mode 100644 index f0a309ae..00000000 --- a/homelab/docs/Email.md +++ /dev/null @@ -1,21 +0,0 @@ -# Connect a service to the noreply@jafner.net service account -| Key | Value | Note | -|:---:|:-----:|:----:| -| From Address | noreply@jafner.net | -| From Name | No Reply | -| Protocol | SMTP | -| Mail Server | smtp.gmail.com | -| Mail Server Port | 465 | -| Security | SSL (Implicit TLS) | -| SMTP Authentication | Yes | -| Username | noreply@jafner.net | -| Password | *Create a unique Application Password (see below)* | - -## Create an Application Password -1. To get an Application Password, navigate to the [Google Account Console -> Security -](https://myaccount.google.com/u/2/security), then click "App passwords". -2. Under the "Select device" drop-down menu, select "Other (custom name)" and type the name of the service that will use the password. -3. Copy the yellow-highlighted App password. Use it for the desired service. - -## References -1. [Google Support - Check Gmail through other email platforms](https://support.google.com/mail/answer/7126229?hl=en#zippy=%2Cstep-check-that-imap-is-turned-on%2Cstep-change-smtp-other-settings-in-your-email-client) \ No newline at end of file diff --git a/homelab/docs/GITLAB.md b/homelab/docs/GITLAB.md deleted file mode 100644 index 3c1f6084..00000000 --- a/homelab/docs/GITLAB.md +++ /dev/null @@ -1,33 +0,0 @@ -# Goal -Spin up a Git server with a greater feature set than Gitea. -Specifically, I want: - - Integrated CI/CD. I would prefer a platform that comes with a 1st party CI/CD solution, rather than plugging in a 3rd party solution. - - Container/image registry. Building a locally-hosted registry for images enables better caching. - - Enterprise-competitive platform. Getting experience with a platform that competes with other enterprise SCM solutions is more valuable than something designed for a smaller scale. - -# Plan -1. Create the host mount points for the docker volumes: `mkdir -p ~/docker_data/gitlab/data ~/docker_data/gitlab/logs ~/docker_config/gitlab/config` -2. Import the default GitLab configuration from [the docs](https://docs.gitlab.com/ee/install/docker.html#install-gitlab-using-docker-compose). -3. Customize the compose file: - 1. `hostname: gitlab.jafner.net` - 2. change the `external_url` under the `GITLAB_OMNIBUS_CONFIG` env var to `https://gitlab.jafner.net` - 3. Add the `gitlab_rails['gitlab_shell_ssh_port'] = 2229` configuration line under `GITLAB_OMNIBUS_CONFIG` with a new SSH port - 4. Remove http and https port bindings. Move host SSH port binding to a higher port. - 5. Change the volume bindings to match my conventions (`DOCKER_DATA` instead of `GITLAB_HOME`) - 6. Change the docker compose version to `'3.3'` - 7. Add Traefik labels to enable TLS. -4. Run the file and test. -5. Troubleshoot issues. -6. GOTO 4. -7. Import Gitea repos -8. Move Gitea from `git.jafner.net` to `gitea.jafner.net` -9. Update Homer with new service locations - - -=== - -# References - -1. [GitLab Docker images](https://docs.gitlab.com/ee/install/docker.html) -2. [GitLab SaaS vs Self-hosted](https://about.gitlab.com/handbook/marketing/strategic-marketing/dot-com-vs-self-managed/) -3. [Digital Ocean: How to Setup GitLab on a Digital Ocean Droplet](https://www.digitalocean.com/community/tutorials/how-to-setup-gitlab-a-self-hosted-github) \ No newline at end of file diff --git a/homelab/docs/Git Sparse-Checkout.md b/homelab/docs/Git Sparse-Checkout.md deleted file mode 100644 index 1f7a3c5e..00000000 --- a/homelab/docs/Git Sparse-Checkout.md +++ /dev/null @@ -1,18 +0,0 @@ -# Git Sparse-Checkout -We don't want every device that needs *any* part of the Jafner.net monorepo to get *all* of the monorepo. So we use [`git-sparse-checkout`](https://git-scm.com/docs/git-sparse-checkout) to pull only one or more subpaths when we clone. - -Ensure that the device to be configured has an SSH pubkey with permission to pull/push to the repository. - -```bash -mkdir ~/Jafner.net -cd ~/Jafner.net -git config --global init.defaultBranch main -git init -git config core.sparseCheckout true -git config core.fileMode false -git config pull.ff only -git config init.defaultBranch main -echo "homelab/$HOSTNAME/" >> .git/info/sparse-checkout -git remote add -f origin ssh://git@gitea.jafner.tools:2225/Jafner/Jafner.net.git -git pull -``` \ No newline at end of file diff --git a/homelab/docs/Graceful Host Reboot.md b/homelab/docs/Graceful Host Reboot.md deleted file mode 100644 index 5ebffbf5..00000000 --- a/homelab/docs/Graceful Host Reboot.md +++ /dev/null @@ -1,71 +0,0 @@ -# NAS -The NAS is relied upon for many other hosts on the network, which need to be offlined before the NAS can be shut down. -1. Determine which service stacks rely on the NAS by running `grep -rnwli ~+ -e '/mnt/nas/media\|/mnt/torrenting\|/mnt/nas/calibre'` from the root of the `homelab` repo. -2. `docker-compose down` the stacks which rely on the NAS -3. `cat /etc/fstab` to get the list of mount points which rely on the NAS -4. For each NAS mount, run `sudo umount` for that share. -5. Offline the NAS. Press the physical power button on the NAS. -6. Perform necessary maintenance, then reboot the NAS. -7. After the NAS WebUI is available, SSH into the server and run `sudo mount -a` -8. Online the stacks affected by step 2. - -# Server -1. Stop all Docker containers with `docker stop $(docker ps -aq)`. -2. Reboot the host with `sudo reboot now`. -3. When the host has finished booting, re-mount the NAS SMB shares defined in `/etc/fstab` with `sudo mount -a` -4. Start all Docker containers with `docker start $(docker ps -aq)`. - -# Router -The router is relied upon by all clients on the network, so they all need to be offlined or prepared. -1. Offline the seedbox. -2. Offline the server. -3. Offline the NAS. -4. Run `shutdown`. - -# PiHole -The PiHole is relied upon for DNS resolution for all devices on the network which have not manually configured another DNS resolver. -1. Log into `router` via SSH and run the following: -``` -configure -delete service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.23 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 -commit; save; exit -``` -3. Switch back to the router and run the following: -``` -configure -delete service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.23 -commit; save; exit -``` -4. Done. - -# Full Lab -To offline the whole lab: - -```sh -ssh joey@joey-server docker stop $(docker ps -aq) -ssh joey@joey-server sudo shutdown now -ssh joey@joey-seedbox docker stop $(docker ps -aq) -ssh joey@joey-seedbox sudo shutdown now -ssh root@joey-nas shutdown now -ssh admin@192.168.1.1 configure; delete system name-server 192.168.1.22; set system name-server 1.1.1.1; commit; save; exit -ssh pi@pihole sudo shutdown now -``` - -Perform necessary maintenance, then power hosts back on in the following order: - -1. PiHole -2. NAS (ensure smb server is online) -3. Server -4. Seedbox - -After all hosts are back on the network: - -```sh -ssh admin@192.168.1.1 configure; delete system name-server 1.1.1.1; set system name-server 192.168.1.22; commit; save; exit -ssh joey@joey-server sudo mount -a -ssh joey@joey-server docker start $(docker ps -aq) -ssh joey@joey-seedbox sudo mount -a -ssh joey@joey-seedbox docker start $(docker ps -aq) -``` \ No newline at end of file diff --git a/homelab/docs/How to Restart Hosts Safely.md b/homelab/docs/How to Restart Hosts Safely.md deleted file mode 100644 index 3303f3e0..00000000 --- a/homelab/docs/How to Restart Hosts Safely.md +++ /dev/null @@ -1,121 +0,0 @@ -# Shutdown TL;DR - -1. Shut down the server: `docker stop $(docker ps -aq) && sudo shutdown now` -2. Shut down the NAS: `shutdown -p now` -3. Shut down the router: `sudo shutdown now`susu - -# About -"Rackdown" is AWS slang for turning a rack of hosts off and on again. In this case, the "rack" refers to practically all components of the DC. Server, NAS, disk shelf, switches, router, PiHole, modem, APs, and desktops. This doc will consolidate previous docs and provide an overall shutdown and reboot procedure. - -# Overview (Dependency Graph) -```mermaid -flowchart TD; - CLN["CenturyLink node"]<--Depends--ONT; - ONT<--Cat5e-->Modem[ISP Modem/Router]; - Modem<--Cat5e-->Router[Ubiquiti EdgeRouter 10X]; - Router<--Cat5e-->switch_homelab[NetGear 8-Port Switch for Homelab]; - switch_homelab<--Cat6-->desktop_joey[Joey's Desktop]; - switch_homelab<--Cat5-->desktop_bridget[Bridget's Desktop]; - switch_homelab<--Cat6-->NAS; - NAS<--SFP+ DAC-->Desktop; - NAS<--SFP+ DAC-->Server; - switch_homelab<--Cat6-->Server; - switch_homelab<--Cat6-->Seedbox; - switch_homelab<--Cat5e-->Pihole; - Router<--Cat5e-->switch_basementtv[TP-Link 5-Port Switch for Basement TV]; - switch_basementtv<--Cat6-->desktop_maddie[Maddie's Desktop]; - switch_basementtv<--Cat5e-->client_tv_downstairs[Downstairs TV]; - Router<--Cat6-->wap_basement[Ubiquiti Unifi U6-Lite]; - wap_basement<--Wifi6 2.4/5GHz-->clients_wireless_basement[Basement Wireless Clients]; - Router<--Cat6-->wap_upstairs[Ubiquiti Unifi UAP-AC-LR]; - wap_upstairs<--Wifi5 2.4/5GHz-->clients_wireless_upstairs[Upstairs Wireless Clients]; - Router<--Cat6-->desktop_mom[Mom's Desktop]; - Router<--Cat6-->desktop_dad[Dad's Desktop]; - Router<-->desktop_gus[Gus' Desktop]; -``` - -# Per-Node Reboot Instructions -For each of these, it is assumed that all dependent nodes have already been shut down as necessary. -## Rebooting the ONT -1. Unplug the 6-pin power plug. Wait 15 seconds. -2. Plug the power plug back in. Wait for the top three lights to be solid green. - -## Rebooting the modem (Zyxel C3000Z) -1. Unplug the barrel power plug. Wait 15 seconds. -2. Plug the power plug back in. Wait for the "Power" and "WAN/LAN" lights to be solid green (the WAN/LAN light might flicker, that's okay. ) - -## Rebooting the Router (Ubiquiti EdgeRouter 10X) -1. Uplug the barrel power plug. Wait 15 seconds. -2. Plug the power plug back in. Wait for the indicator LED to be solid white. - -## Server -### Shutdown -1. SSH into the router to reconfigure its DNS resolution. -2. Reconfigure the router's DNS resolution: - -``` -configure -delete system name-server 192.168.1.23 -set system name-server 1.1.1.1 -delete service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.23 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 -commit; save; exit -``` - -3. Shut down Minecraft servers: `cd ~/homelab/jafner-net/config/minecraft && for service in ./*.yml; do echo "===== SHUTTING DOWN $service =====" && docker-compose -f $service down; done` -4. Shut down remaining services: `for app in ~/homelab/jafner-net/config/*; do echo "===== SHUTTING DOWN $app =====" && cd $app && docker-compose down; done` -5. Shut down the host: `sudo shutdown now`. Wait 30 seconds. If the green power LED doesn't turn off, hold the power button until it does. - -### Boot -6. Press the power button on the front of the chassis to begin booting. Take note of any POST beeps during this time. Wait for the host to be accessible via SSH. -7. Check current running docker containers -8. Confirm all SMB shares are mounted with `mount -t cifs`. If not mounted, run `mount -a` for all shares. -9. Start most services: `for app in ~/homelab/jafner-net/config/*; do echo "===== STARTING $app =====" && cd $app && docker-compose up -d; done` -10. Start Minecraft servers: `cd ~/homelab/jafner-net/config/minecraft && for service in ./*.yml; do echo "===== STARTING $service =====" && docker-compose -f $service up -d; done` -11. Reconfigure the router's DNS resolution: - -``` -configure -delete system name-server 1.1.1.1 -set system name-server 192.168.1.23 -delete service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.23 -commit; save; exit -``` - -### Shut down NAS-dependent projects -Rather than shutting down on a per-container basis, we want to shut down an entire project if any of its containers depends on the NAS. -The [nas_down.sh](/server/scripts/nas_down.sh) script uses `docker-compose config` to determine whether a project is NAS-dependent and will shut down all NAS-dependent projects. This script is also weakly-idempotent (due to the nature of `docker-compose down`). - -### Start up NAS-dependent projects -Rather than starting up on a per-container basis, we want to start up an entire project if any of its containers depends on the NAS. -The [nas_up.sh](/server/scripts/nas_up.sh) script uses `docker-compose config` to determine whether a project is NAS-dependent and will start up all NAS-dependent projects. This script is also weakly-idempotent (due to the nature of `docker-compose up -d`). - -### List host-side mounts for loaded containers -Mostly useful during scripting, but potentially also for troubleshooting, this one-liner will print the host side of each volume mounted in a container. -`docker inspect --format '{{range .Mounts}}{{println .Source}}{{end}}' ` -You can run this for all containers with this loop: -`for container in $(docker ps -aq); do docker ps -aq --filter "id=$container" --format '{{.Names}}' && docker inspect --format '{{range .Mounts}}{{println .Source}}{{end}}' $container; done` -Note: this is meant to be human-readable, so it prints the container's name before the list of volume mounts. - -### Recreate all Docker containers one-liner -```bash -STACKS_RESTARTED=0 && for app in ~/homelab/jafner-net/config/*; do echo "===== RECREATING $app =====" && cd $app && docker-compose up -d --force-recreate && STACKS_RESTARTED=$(($STACKS_RESTARTED + 1)); done && cd ~/homelab/jafner-net/config/minecraft && for service in ./*.yml; do echo "===== RECREATING $service =====" && docker-compose -f $service up -d --force-recreate && STACKS_RESTARTED=$(($STACKS_RESTARTED + 1)); done && echo "===== DONE (restarted $STACKS_RESTARTED stacks) =====" -``` - -#### Recreate based on list of containers -```bash -STACKS_RESTARTED=0 && for app in calibre-web homer jdownloader2 librespeed monitoring navidrome qbittorrent send stashapp traefik; do echo "===== RECREATING $app =====" && cd ~/homelab/jafner-net/config/$app && docker-compose up -d && STACKS_RESTARTED=$(($STACKS_RESTARTED + 1)); done && echo "===== DONE (restarted $STACKS_RESTARTED stacks) =====" && cd ~ -``` - -## NAS -### Shutdown -1. Follow the instructions to [shut down NAS-dependent projects](#shut-down-nas-dependent-projects) on the server. -2. SSH into the NAS and run `shutdown -p now`. Wait 30 seconds. If the green power LED doesn't turn off, hold the power button until it does. -3. Unplug the power connections to the disk shelf. - -### Boot -4. Plug power and SAS into the disk shelf. Wait for all disks to boot. About 2-3 minutes. Wait about 30 extra seconds to be safe. -5. Plug power, ethernet, and SAS into the NAS. Power on the NAS and wait for the SSH server to become responsive. This can take more than 5 minutes. Note: The WebUI will not be accessible at `https://nas.jafner.net` until the server is also booted. It is accessible at `http://joey-nas/ui/sessions/signin`. -6. Follow the instructions to [start up NAS-dependent projects](#start-up-nas-dependent-projects) on the server. - diff --git a/homelab/docs/Install Docker.md b/homelab/docs/Install Docker.md deleted file mode 100644 index bc80c258..00000000 --- a/homelab/docs/Install Docker.md +++ /dev/null @@ -1,17 +0,0 @@ -Debian (and derivatives) -```bash -sudo apt update && sudo apt upgrade && \ -sudo apt install git docker docker-compose && \ -sudo systemctl enable docker && \ -sudo usermod -aG docker $USER && \ -logout -``` - -Arch (and derivatives) -```bash -sudo pacman -Syu && \ -sudo pacman -S git docker docker-compose && \ -sudo systemctl enable docker && \ -sudo usermod -aG docker $USER && \ -logout -``` \ No newline at end of file diff --git a/homelab/docs/Internet Neighborhood.md b/homelab/docs/Internet Neighborhood.md deleted file mode 100644 index 4e300b3f..00000000 --- a/homelab/docs/Internet Neighborhood.md +++ /dev/null @@ -1,510 +0,0 @@ -# Mapping My Internet Neighborhood - - -# Ping List -``` -www.google.com -apple.com -youtube.com -microsoft.com -play.google.com -linkedin.com -support.google.com -www.blogger.com -wordpress.org -en.wikipedia.org -cloudflare.com -docs.google.com -mozilla.org -youtu.be -maps.google.com -adobe.com -whatsapp.com -drive.google.com -plus.google.com -googleusercontent.com -accounts.google.com -bp.blogspot.com -sites.google.com -europa.eu -uol.com.br -es.wikipedia.org -facebook.com -vimeo.com -vk.com -github.com -amazon.com -istockphoto.com -t.me -line.me -search.google.com -enable-javascript.com -issuu.com -cnn.com -bbc.com -live.com -google.com.br -www.yahoo.com -dan.com -google.de -globo.com -slideshare.net -nih.gov -files.wordpress.com -who.int -forbes.com -gstatic.com -bbc.co.uk -google.co.jp -gravatar.com -wikimedia.org -developers.google.com -dropbox.com -nytimes.com -creativecommons.org -jimdofree.com -ok.ru -imdb.com -google.es -dailymotion.com -theguardian.com -fr.wikipedia.org -brandbucket.com -mail.ru -paypal.com -tools.google.com -buydomains.com -policies.google.com -pt.wikipedia.org -reuters.com -feedburner.com -www.weebly.com -youronlinechoices.com -news.google.com -medium.com -goo.gl -sedo.com -google.it -afternic.com -opera.com -www.gov.uk -booking.com -researchgate.net -myspace.com -ytimg.com -google.co.uk -fandom.com -thesun.co.uk -wsj.com -ru.wikipedia.org -wikia.com -time.com -domainmarket.com -hatena.ne.jp -list-manage.com -bit.ly -independent.co.uk -huffpost.com -google.fr -w3.org -mail.google.com -telegraph.co.uk -pinterest.com -it.wikipedia.org -dailymail.co.uk -indiatimes.com -cbsnews.com -draft.blogger.com -cdc.gov -wa.me -amazon.co.jp -bloomberg.com -webmd.com -amazon.es -networkadvertising.org -netvibes.com -amazon.de -shutterstock.com -office.com -wp.com -abril.com.br -telegram.me -cpanel.net -photos.google.com -aliexpress.com -aboutads.info -myaccount.google.com -twitter.com -marketingplatform.google -picasaweb.google.com -mirror.co.uk -tinyurl.com -google.ru -estadao.com.br -elpais.com -cnet.com -android.com -foxnews.com -amazon.co.uk -un.org -plesk.com -mediafire.com -archive.org -namecheap.com -forms.gle -get.google.com -google.pl -soundcloud.com -4shared.com -tiktok.com -fb.com -businessinsider.com -nasa.gov -imageshack.us -shopify.com -washingtonpost.com -hugedomains.com -news.yahoo.com -msn.com -ig.com.br -terra.com.br -t.co -de.wikipedia.org -huffingtonpost.com -pixabay.com -yandex.ru -storage.googleapis.com -wired.com -scribd.com -usatoday.com -nature.com -change.org -picasa.google.com -zdf.de -lefigaro.fr -usnews.com -themeforest.net -mega.nz -imageshack.com -fb.me -arxiv.org -lemonde.fr -deezer.com -netflix.com -lg.com -mit.edu -php.net -disqus.com -outlook.com -news.com.au -pbs.org -www.livejournal.com -unicef.org -sciencedirect.com -pinterest.de -express.co.uk -ja.wikipedia.org -pl.wikipedia.org -thenai.org -sciencemag.org -cointernet.com.co -ftc.gov -skype.com -vkontakte.ru -engadget.com -canada.ca -biglobe.ne.jp -hollywoodreporter.com -aol.com -disney.com -eventbrite.com -wikihow.com -stanford.edu -rambler.ru -clickbank.net -twitch.tv -offset.com -nbcnews.com -naver.com -dreamstime.com -academia.edu -abc.net.au -smh.com.au -walmart.com -ssl-images-amazon.com -bandcamp.com -surveymonkey.com -m.wikipedia.org -discord.gg -search.yahoo.com -amazon.fr -yelp.com -doubleclick.net -espn.com -oup.com -gmail.com -xing.com -ietf.org -abcnews.go.com -hp.com -newyorker.com -wiley.com -www.wix.com -thetimes.co.uk -ipv4.google.com -secureserver.net -gnu.org -alicdn.com -francetvinfo.fr -photos1.blogger.com -20minutos.es -nginx.com -ria.ru -ebay.com -zoom.us -cbc.ca -guardian.co.uk -berkeley.edu -spotify.com -techcrunch.com -buzzfeed.com -britannica.com -unesco.org -yahoo.co.jp -lexpress.fr -xbox.com -nginx.org -www.wikipedia.org -psychologytoday.com -npr.org -kickstarter.com -liveinternet.ru -discord.com -icann.org -translate.google.com -ziddu.com -sfgate.com -as.com -google.nl -nydailynews.com -ca.gov -insider.com -sputniknews.com -addthis.com -www.gov.br -akamaihd.net -plos.org -target.com -whitehouse.gov -theatlantic.com -apache.org -samsung.com -worldbank.org -goodreads.com -rakuten.co.jp -urbandictionary.com -akamaized.net -xinhuanet.com -bloglovin.com -pinterest.fr -adssettings.google.com -chicagotribune.com -books.google.com -photobucket.com -www.canalblog.com -id.wikipedia.org -leparisien.fr -nationalgeographic.com -vice.com -amzn.to -qq.com -tripadvisor.com -oracle.com -ikea.com -detik.com -ea.com -redbull.com -cambridge.org -spiegel.de -bing.com -springer.com -privacyshield.gov -ibm.com -sapo.pt -prezi.com -metro.co.uk -rtve.es -timeweb.ru -hubspot.com -ggpht.com -cornell.edu -cnil.fr -gofundme.com -rt.com -cpanel.com -windows.net -netlify.app -newsweek.com -cnbc.com -ft.com -alexa.com -dw.com -abc.es -economist.com -godaddy.com -rapidshare.com -pexels.com -gooyaabitemplates.com -zendesk.com -addtoany.com -code.google.com -sciencedaily.com -mashable.com -e-monsite.com -finance.yahoo.com -huawei.com -sendspace.com -freepik.com -elmundo.es -instagram.com -unsplash.com -doi.org -quora.com -gizmodo.com -weibo.com -linktr.ee -harvard.edu -latimes.com -steampowered.com -clarin.com -nypost.com -www.over-blog.com -googleblog.com -yadi.sk -ted.com -theverge.com -instructables.com -playstation.com -ouest-france.fr -google.co.in -about.com -bp2.blogger.com -ovh.com -lavanguardia.com -google.ca -groups.google.com -mayoclinic.org -nokia.com -imgur.com -twimg.com -qz.com -wn.com -cisco.com -dictionary.com -variety.com -groups.yahoo.com -etsy.com -noaa.gov -excite.co.jp -investopedia.com -reg.ru -welt.de -amazon.in -canva.com -corriere.it -mozilla.com -ebay.de -tes.com -airbnb.com -rottentomatoes.com -seesaa.net -adweek.com -dropboxusercontent.com -faz.net -business.google.com -steamcommunity.com -focus.de -newscientist.com -about.me -marriott.com -prnewswire.com -ieee.org -windowsphone.com -goal.com -kakao.com -softonic.com -mysql.com -venturebeat.com -si.edu -ucoz.ru -google.com.tw -blog.fc2.com -usgs.gov -orange.fr -coursera.org -jhu.edu -oecd.org -ameba.jp -amazon.ca -impress.co.jp -narod.ru -ebay.co.uk -salesforce.com -bund.de -java.com -m.me -lonelyplanet.com -telegram.org -fifa.com -weather.com -dynadot.com -naver.jp -webnode.page -over-blog-kiwi.com -tabelog.com -000webhost.com -marketwatch.com -g.co -theconversation.com -mailchimp.com -pnas.org -feedproxy.google.com -bustle.com -espn.go.com -messenger.com -zdnet.com -ubuntu.com -deloitte.com -mystrikingly.com -hbr.org -lenta.ru -google.com.au -goo.ne.jp -sagepub.com -billboard.com -parallels.com -usc.edu -thoughtco.com -thedailybeast.com -redhat.com -intel.com -scientificamerican.com -psu.edu -usda.gov -ads.google.com -cbslocal.com -mynavi.jp -gfycat.com -thefreedictionary.com -sina.com.cn -ctvnews.ca -wiktionary.org -giphy.com -howstuffworks.com -scholastic.com -com.com -``` -1. Determine which domains respond to a ping at all. It's possible that some of these randomly drop 4 pings, but that will be a small number. Do accomplish this, we'll ping each host 4 times and we send the output to ping.log. -`for domain in $(cat domains.txt); do ping -c 4 $domain >> ping.log 2>&1; done` - -This gives us [attach/ping.log](attach/ping.log) \ No newline at end of file diff --git a/homelab/docs/Physical Network Diagram.md b/homelab/docs/Physical Network Diagram.md deleted file mode 100644 index 01e0cdea..00000000 --- a/homelab/docs/Physical Network Diagram.md +++ /dev/null @@ -1,40 +0,0 @@ -# Full Network Diagram -```mermaid -flowchart TD; - Internet<--Symmetrical 1Gbit Fiber-->ONT; - ONT<--Cat5e-->Router; - Router<--Cat5e-->switch_homelab[NetGear 8-Port Switch for Homelab]; - switch_homelab<--Cat6-->desktop_joey[Joey's Desktop]; - switch_homelab<--Cat5-->desktop_bridget[Bridget's Desktop]; - switch_homelab<--Cat6-->NAS; - NAS<--SFP+ DAC-->Desktop; - NAS<--SFP+ DAC-->Server; - switch_homelab<--Cat6-->Server; - switch_homelab<--Cat6-->Seedbox; - switch_homelab<--Cat5e-->Pihole; - Router<--Cat5e-->switch_basementtv[TP-Link 5-Port Switch for Basement TV]; - switch_basementtv<--Cat6-->desktop_maddie[Maddie's Desktop]; - switch_basementtv<--Cat5e-->client_tv_downstairs[Downstairs TV]; - Router<--Cat6-->wap_basement[Ubiquiti Unifi U6-Lite]; - wap_basement<--Wifi6 2.4/5GHz-->clients_wireless_basement[Basement Wireless Clients]; - Router<--Cat6-->wap_upstairs[Ubiquiti Unifi UAP-AC-LR]; - wap_upstairs<--Wifi5 2.4/5GHz-->clients_wireless_upstairs[Upstairs Wireless Clients]; - Router<--Cat6-->desktop_mom[Mom's Desktop]; - Router<--Cat6-->desktop_dad[Dad's Desktop]; - Router<-->desktop_gus[Gus' Desktop]; -``` -# Router Interfaces -| Interface | Connected to | -|:---------:|:------------:| -| `eth0` | (Upstream) Zyxel C3000Z modem | -| `eth1` | Reserved for `192.168.2.1/24` | -| `eth2` | Homelab switch | -| `eth3` | Mom's office PC | -| `eth4` | Gus' PC | -| `eth5` | (Disconnected) Outlets behind upstairs couch | -| `eth6` | Maddie's office switch | -| `eth7` | Dad's office PC | -| `eth8` | (PoE, injected) Upstairs wireless AP | -| `eth9` | (PoE, native) Homelab wireless AP | -| `pppoe0` | PPPoE layer pysically on `eth0` | -| `switch0` | Internal router switch | \ No newline at end of file diff --git a/homelab/docs/Power Consumption.md b/homelab/docs/Power Consumption.md deleted file mode 100644 index 6899fcca..00000000 --- a/homelab/docs/Power Consumption.md +++ /dev/null @@ -1,19 +0,0 @@ -| Device | Max draw (W) | Cost/mo.* | -|:------:|:------------:|:--------:| -| **Networking** | **Total ~60W** | **$2.12** | -| ISP ONT | -| ISP Modem ([Zyxel c3000z](https://www.centurylink.com/content/dam/home/help/downloads/internet/c3000z-datasheet.pdf)) | [10.4W](https://www.centurylink.com/home/help/internet/modems-and-routers/modem-energy-efficiency.html) | $0.34 -| Router ([Ubiquiti Edgerouter 10X](https://dl.ubnt.com/datasheets/edgemax/EdgeRouter_DS.pdf)) | 8W (excl. PoE) | $0.26 | -| AP ([Ubiquiti UAP-AC-LR](https://dl.ubnt.com/datasheets/unifi/UniFi_AC_APs_DS.pdf)) | 6.5W | $0.21 | -| AP ([Ubiquiti U6-Lite](https://dl.ui.com/ds/u6-lite_ds.pdf)) | 12W | $0.39 | -| Network Switch (Estimate) | 7W | $0.23 per switch -| **Hosts** | **Total 310W idle / 520W load** | **$13.56** | -| PiHole | 3.8W | $0.12 | -| Server | 36W idle / 136W load | $1.18 / $1.99 / **$2.81** / $3.62 / $4.44 | -| Seedbox | 30W idle / 85W load | $0.98 / $1.43 / **$1.88** / $2.33 / $2.78 | -| NAS | 90W idle / 146W load | $2.94 / $3.40 / $3.85 / $4.31 / $4.77 | -| Disk shelf | ~45W empty / 150W current / ~213W full | $1.47 empty / $4.90 current / $6.96 full | -\* Devices with high variance calculated at intervals of 25% max load (0%, 25%, 50%, 75%, 100%) - -## Math -1. Assuming ([\$0.045351/kWh](https://www.mytpu.org/wp-content/uploads/All-Schedules-2020_Emergency-Rate-Delay.pdf) * (30 days per month * 24 hours per day)) / 1000W/kW = $`0.032653`/WM (dollars per watt month) \ No newline at end of file diff --git a/homelab/docs/Public Iperf Servers.md b/homelab/docs/Public Iperf Servers.md deleted file mode 100644 index 1113b5f2..00000000 --- a/homelab/docs/Public Iperf Servers.md +++ /dev/null @@ -1,17 +0,0 @@ -## From `iperf.fr` List -| Host | Port | Tested Bitrate | -|:----:|:----:|:--------------:| -| ping.online.net | 5200 | 175 Mbps | -| ping-90ms.online.net | 5200 | 173 Mbps | -| nl.iperf.014.fr | 10420 | 10.5 Mbps | -| speedtest.uztelecom.uz | 5200 | 45.9 Mbps | -| iperf.biznetnetworks.com | 5202 | 87.8 Mbps | - -More here: [iperf.fr](https://iperf.fr/iperf-servers.php) - -## From `masonr/yet-another-bench-script` List -| Host | Port | Tested Bitrate | -|:----:|:----:|:--------------:| -| la.speedtest.clouvider.net | 5200 | 626 Mbps | - -More here: [Reddit - Homelab](https://www.reddit.com/r/homelab/comments/slojqr/any_good_public_iperf_servers/hvtkd6e/) \ No newline at end of file diff --git a/homelab/docs/Recovering From Power Outage.md b/homelab/docs/Recovering From Power Outage.md deleted file mode 100644 index 59931545..00000000 --- a/homelab/docs/Recovering From Power Outage.md +++ /dev/null @@ -1,11 +0,0 @@ -## 1. Networking -1. Power cycle the ONT. Wait until the top three lights are green. -2. Power cycle the modem. Wait until the power, WAN, and Ethernet 1 lights are green. -3. Power cycle the router -Switches and APs should not need power cycling. Once the indicator LED is solid white, everything should be back online. - -## 2. Homelab -1. Power on the desktop or laptop. -2. Power on the NAS. The DS4243 will power itself on automatically. **Wait until the webui at [nas.jafner.net](http://nas.jafner.net) is responsive.** -3. Power on the Server. Once it is accessible, run a `sudo mount -a` to mount all network shares defined in `/etc/fstab`. Then run `docker start $(docker ps -aq)` to start all Docker containers. Note: Run `docker inspect -f '{{ .Mounts }}' $(docker ps -q)` to get a list of volumes for all running containers, useful for determining whether a container is reliant on a mounted directory. - diff --git a/homelab/docs/Restart the Docker Daemon.md b/homelab/docs/Restart the Docker Daemon.md deleted file mode 100644 index 0aea397a..00000000 --- a/homelab/docs/Restart the Docker Daemon.md +++ /dev/null @@ -1,6 +0,0 @@ -# Restart the Docker Daemon -Sometimes it may be necessary to restart the Docker daemon (for example to apply changes made in `/etc/docker/daemon.json`) and recreate all containers. Here's how: -1. Shut down and destroy all containers: `docker stop $(docker ps -aq) && docker rm $(docker ps -aq)`. -2. *Restart* (not reload) the Docker daemon: `sudo systemctl restart docker`. -3. Recreate all containers (to use the new default loki logging): `for app in ~/homelab/jafner-net/config/*; do cd $app && docker-compose up -d; done` -4. Manually boot Minecraft containers as appropriate: `cd ~/homelab/jafner-net/config/minecraft && for server in router vanilla bmcp; do docker-compose -f $server.yml up -d; done` \ No newline at end of file diff --git a/homelab/docs/Secrets.md b/homelab/docs/Secrets.md deleted file mode 100644 index 7bb6ad9c..00000000 --- a/homelab/docs/Secrets.md +++ /dev/null @@ -1,15 +0,0 @@ -# Secrets -Our repository contains as many configuration details as reasonable. But we must secure our secrets: passwords, API keys, encryption seeds, etc.. - -## Docker Env Vars -1. We store our Docker env vars in a file named after the service. For example `keycloak.env`. -2. We separate our secrets from non-secret env vars by placing them in a file with a similar name, but with `_secrets` appended to the service name. For example `keycloak_secrets.env`. These files exist only on the host for which they are necessary, and must be created manually on the host. -3. Our repository `.gitignore` excludes all files matching `*.secret`, and `*_secrets.env`. - -Note: This makes secrets very fragile. Accidental deletion or other data loss can destroy the secret permanently. - -## Generating Secrets -We use the password manager's generator to create secrets with the desired parameters, preferring the following parameters: - - 64 characters - - Capital letters, lowercase letters, numbers, and standard symbols (`^*@#!&$%`) -If necessary, we will reduce characterset by cutting out symbols before reducing string length. diff --git a/homelab/docs/Security.md b/homelab/docs/Security.md deleted file mode 100644 index a78a0680..00000000 --- a/homelab/docs/Security.md +++ /dev/null @@ -1,170 +0,0 @@ -# Security - -## Host OS Initial Setup -For general-purpose hosts, we start from an up-to-date Debian base image. For appliances and application-specific hosts, we prefer downstream of Debian for consistency. - -### General Purpose Packages -Assuming a Debian base image, we install the following basic packages: - -1. `curl` to facilitate web requests for debugging. -2. `nano` as preferred terminal text editor. -3. `inxi` to compile hardware info. -4. `git` to interact with homelab config repo. -5. `htop` to view primary host resources in real time. - -### Installing Docker -There are two modes of running Docker: root and rootless. -Docker was built to run as root, and running as root is much more convenient. However, any potential vulnerabilities in Docker risk privilege escalation. - -#### Installing Docker in Root mode (current, deprecated) -We use the convenient, insecure install script to install docker. -1. `curl -fsSL https://get.docker.com | sudo sh` to get and run the install script. -2. `sudo systemctl enable docker` to enable the Docker daemon service. -3. `sudo usermod -aG docker $USER` to add the current user (should be "admin") to the docker group. -4. `logout` to log out as the current user. Log back in to apply new perms. -5. `docker ps` should now return an empty table. - -https://docs.docker.com/engine/install/debian/ - -#### Installing Docker in Rootless mode (preferred) -This is the preferred process, as rootless mode mitigates many potential vulnerabilities in the Docker application and daemon. - -1. `sudo apt-get update && sudo apt-get install uidmap dbus-user-session fuse-overlayfs slirp4netns` to install the prerequisite packages to enable rootless mode. -2. Set up the Docker repository: - -```sh -sudo apt-get update -sudo apt-get install ca-certificates curl gnupg -sudo install -m 0755 -d /etc/apt/keyrings -curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg -sudo chmod a+r /etc/apt/keyrings/docker.gpg - -echo \ - "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ - $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ - sudo tee /etc/apt/sources.list.d/docker.list > /dev/null -sudo apt-get update -``` - -3. Install the Docker packages: - -```sh -sudo apt-get install \ - docker-ce \ - docker-ce-cli \ - containerd.io \ - docker-buildx-plugin \ - docker-compose-plugin \ - docker-ce-rootless-extras -``` - -4. Run the rootless setup script with `dockerd-rootless-setuptool.sh install` -5. `systemctl --user start docker` to start the rootless docker daemon. -6. `systemctl --user enable docker && sudo loginctl enable-linger $(whoami)` to configure the rootless docker daemon to run at startup. -7. `export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sock && docker context use rootless` to configure the client to connect to the socket. - -Theoretically, this should work according to the Docker docs. But when I attempted to follow these steps I got the following error when attempting to create a basic nginx container: - -``` -docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: unable to apply cgroup configuration: unable to start unit "docker-1c7f642e0716cf1a67c6a0c6ad4a1de3833eb82682ce62b219f423fa1014e227.scope" (properties [{Name:Description Value:"libcontainer container 1c7f642e0716cf1a67c6a0c6ad4a1de3833eb82682ce62b219f423fa1014e227"} {Name:Slice Value:"user.slice"} {Name:Delegate Value:true} {Name:PIDs Value:@au [39360]} {Name:MemoryAccounting Value:true} {Name:CPUAccounting Value:true} {Name:IOAccounting Value:true} {Name:TasksAccounting Value:true} {Name:DefaultDependencies Value:false}]): Permission denied: unknown. -``` - -https://docs.docker.com/engine/security/rootless/ - -## Linux User Management -We create a non-root user (usually called "admin") with a strong password and passwordless sudo. - -On Debian-based systems, we take the following steps: - -1. As root user, run `adduser admin` to create the non-root user called "admin". -2. As root user, run `usermod -aG sudo admin` to add the new "admin" user to the sudo group. -3. As root user, run `visudo` and append this line to the end of the file: `admin ALL=(ALL) NOPASSWD:ALL`. -4. Switch to the new user with `sudo su admin`. -5. As the new "admin" user, run `passwd` to create a new, strong password. Generate this password with the password manager and store it under the SSH Hosts folder. - -https://www.cyberciti.biz/faq/add-new-user-account-with-admin-access-on-linux/ -https://www.cyberciti.biz/faq/linux-unix-running-sudo-command-without-a-password/ -https://www.cyberciti.biz/faq/linux-set-change-password-how-to/ - - -## Securing SSH - -For all hosts we want to take the standard steps to secure SSH access. - -1. `mkdir /home/$USER/.ssh` to create the `~/.ssh` directory for the non-root user (usually "admin"). -2. Copy your SSH public key to the clipboard, then `echo "" >> /home/admin/.ssh/authorized_keys` to enable key-based SSH access to the user. -3. Install the authenticator libpam plugin package with `sudo apt install libpam-google-authenticator` -4. Run the authenticator setup with `google-authenticator` and use the following responses: - - Do you want authentication tokens to be time-based? `y` - - Do you want me to update your "/home/$USER/.google_authenticator" file? `y` - - Do you want to disallow multiple uses of the same authentication token? `y` - - Do you want to do so? `n` (refers to increasing time skew window) - - Do you want to enable rate-limiting? `y` We enter our TOTP secret key into our second authentication method and save our one-time backup recovery codes. -5. Edit the `/etc/pam.d/sshd` file as sudo, and add this line to the top of the file `auth sufficient pam_google_authenticator.so nullok`. -6. Edit the `/etc/ssh/sshd_config` file as sudo, and ensure the following assertions exist: - - `PubkeyAuthentication yes` to enable authentication via pubkeys in `~/.ssh/authorized_keys`. - - `AuthenticationMethods publickey,keyboard-interactive` to allow both pubkey and the interactive 2FA prompt. - - `PasswordAuthentication no` to disable password-based authentication. - - `ChallengeResponseAuthentication yes` to enable 2FA interactive challenge. - - `UsePAM yes` to use the 2FA authenticator libpam module. -7. Restart the SSH daemon with `sudo systemctl restart sshd.service`. - -Note: SSH root login will be disabled implicitly by requiring pubkey authentication and having no pubkeys listed in `/root/.ssh/authorized_keys`. - -https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-16-04 - -### Disabling 2FA -Some use cases (such as programmatic access) demand 2FA be disabled. -Some day we'll figure out how to allow specific keys to bypass the 2FA requirement. But until then, - -1. Edit the file `/etc/pam.d/sshd` and comment out the line `auth sufficient pam_google_authenticator.so nullok` -2. Edit the file `/etc/ssh/sshd_config` and find the `AuthenticationMethods` configuration. Replace the value `publickey,keyboard-interactive` with `publickey`. - -### SSH Key Management -The process for managing SSH keys should work as follows: - -1. SSH access to hosts should be controlled via keys listed in `~/.ssh/authorized_keys`. -2. One key should map to one user on one device. -3. When authorizing a key, review existing authorized keys and remove as appropriate. -4. Device keys should be stored under the "SSH Keys" folder in the password manager. The pubkey should be the "password" for easy copying, and the private component should be added as an attachment. - -## Patching and Updating -In the interest of proactively mitigating security risks, we try to keep packages up to date. We have two main concerns for patching: host packages, and docker images. Each of these have their own concerns and are handled separately. - -### Host Packages via Unattended Upgrades -Since Debiant 9, the `unattended-upgrades` and `apt-listchanges` are installed by default. - -1. Install the packages with `sudo apt-get install unattended-upgrades apt-listchanges`. -2. Create the default automatic upgrade config with `sudo dpkg-reconfigure -plow unattended-upgrades` - -By default, we will get automatic upgrades for the distro version default and security channels (e.g. `bullseye` and `bullseye-security`) with the `Debian` and `Debian-Security` labels. - -https://wiki.debian.org/UnattendedUpgrades - -### Debian Version Upgrade -When the time comes for a major version upgrade on a Debian system, we take the following steps as soon as realistic. - -1. Update the current system with `sudo apt-get update && sudo apt-get upgrade && sudo apt-get full-upgrade`. -2. Switch the update channel for APT sources. - 2a. Export the name of the new version codename to a variable with `NEW_VERSION_CODENAME=bookworm` (bookworm as an example). - 2b. `for file in /etc/apt/sources.list /etc/apt/sources.list.d/*; do sudo sed "s/$VERSION_CODENAME/$NEW_VERSION_CODENAME/g" $file; done`. -3. Clean out old packages and pull the new lists `sudo apt-get clean && sudo apt-get update` -4. Update to most recent versions of all packages for new channel with `sudo apt-get upgrade && sudo apt-get full-upgrade` -5. Clean out unnecessary packages with `sudo apt-get autoremove`. -6. Reboot the host to finalize changes with `sudo shutdown -r now`. - -Note: If migrating from Debian versions <12 to versions >=12, add the following repos (in addition to `main`) after step 2a: `contrib non-free non-free-firmware`. - -https://wiki.debian.org/DebianUpgrade - -### Docker Images -As of now, we have no automated process or tooling for updating Docker images. - -We usually update Docker images one stack at a time. For example, we'll update `calibre-web` on `fighter`: - -1. Navigate to the directory of the stack. `cd ~/homelab/fighter/config/calibre-web` -2. Check the images and tags to be pulled with `docker-compose config | grep image` -3. Pull the latest version of the image tagged in the compose file `docker-compose pull` -4. Restart the containers to use the new images with `docker-compose up -d --force-recreate` - -Note: We can update one image from a stack by specifying the name of the service. E.g. `docker-compose pull forwardauth` \ No newline at end of file diff --git a/homelab/docs/Set up the repository.md b/homelab/docs/Set up the repository.md deleted file mode 100644 index 8a91da95..00000000 --- a/homelab/docs/Set up the repository.md +++ /dev/null @@ -1,14 +0,0 @@ -# Setting Up the Repository -1. Create a new Gitlab [Personal Access Token](https://gitlab.jafner.net/-/profile/personal_access_tokens) named after the host on which it will be used. It should have the scopes `read_api`, `read_user`, `read_repository`, and, optionally, `write_repository` if the host will be pushing commits back to the origin. Development hosts should have the `write_repository` permission. Note the *token name* and *token key* for step 6. -2. `mkdir ~/homelab ~/data && cd ~/homelab` Create the `~/homelab` and `~/data` directories. This should be under the `admin` user's home directory, or equivalent. *It should not be owned by root.* -3. `git init` Initialize the git repo. It should be empty at this point. We must init the repo empty in order to configure sparse checkout. -4. `git config core.sparseCheckout true && git config core.fileMode false && git config pull.ff only && git config init.defaultBranch main` Configure the repo to use sparse checkout and ignore file mode changes. Also configure default branch and pull behavior. -5. (Optional) `echo "$HOSTNAME/" > .git/info/sparse-checkout` Configure the repo to checkout only the files relevant to the host (e.g. fighter). Development hosts should not use this. -6. `git remote add -f origin https://:@gitlab.jafner.net/Jafner/homelab.git` Add the origin with authentication via personal access token and fetch. Remember to replace the placeholder token name and token key with the values from step 1. -7. `git checkout main` Checkout the main branch to fetch the latest files. - -## Disabling Sparse Checkout -To disable sparse checkout, simply run `git sparse-checkout disable`. -With this, it can also be re-eneabled with `git sparse-checkout init`. -You can use these two commands to toggle sparse checkout. -Per: https://stackoverflow.com/questions/36190800/how-to-disable-sparse-checkout-after-enabled \ No newline at end of file diff --git a/homelab/docs/SpotDL.md b/homelab/docs/SpotDL.md deleted file mode 100644 index 1aa4eebb..00000000 --- a/homelab/docs/SpotDL.md +++ /dev/null @@ -1,29 +0,0 @@ -# Basic Usage -First, the program must be downloaded with `pip3` (requires Python 3.6.1 `sudo apt install python3` or higher *and* FFmpeg 4.2 `sudo apt install ffmpeg` or higher) via `pip3 install spotdl`. - -To download a track, album, or artist from Spotify, use: -`spotdl ` - -This is non-interactive and works programmatically. - -## Using Docker Container -If the host has Docker, but you don't want to install any Python packages, you can run single commands with the Docker container with `docker run --rm -it -v "$(pwd):/data" coritsky/spotdl `. - -# Music Library Integration -To make updating my library easier, each "Artist" folder has a file called `spot.txt` which contains only the Spotify URL for that artist. This makes it possible to run a loop similar to the following: - -```sh -cd /path/to/music/library/artists -for artist in */; do - cd "$(pwd)/$artist" && - # use spotdl if the host is already configured with spotdl, or you don't need the script to be portable - # use docker run for better portability (within my lab) at the expense of overhead - spotdl $(cat spot.txt) && - # docker run --rm -it -v "$(pwd):/data" coritsky/spotdl $(cat spot.txt) && - cd .. -done -``` - -# Links -[coritsky/spotdl on Dockerhub](https://hub.docker.com/r/coritsky/spotdl) -[Spotdl on GitHub](https://github.com/spotDL/spotify-downloader/) \ No newline at end of file diff --git a/homelab/docs/Tour.md b/homelab/docs/Tour.md deleted file mode 100644 index 4481a774..00000000 --- a/homelab/docs/Tour.md +++ /dev/null @@ -1,15 +0,0 @@ -# Homelab Tour -A tour of the services and configurations - -## Hosts -For this repo we use traditional server configuration patterns, rather than Kubernetes. - -## Services and Stacks - -### Networking - -### Volumes - -### Env Vars - -#### Secrets \ No newline at end of file diff --git a/homelab/docs/Upgrade from Debian 10 (Buster) to 11 (Bullseye).md b/homelab/docs/Upgrade from Debian 10 (Buster) to 11 (Bullseye).md deleted file mode 100644 index adda2cd2..00000000 --- a/homelab/docs/Upgrade from Debian 10 (Buster) to 11 (Bullseye).md +++ /dev/null @@ -1,4 +0,0 @@ -1. Edit the contents of `/etc/apt/sources.list` as sudo. Make it match the [default Debian 11 sources.list](https://wiki.debian.org/SourcesList#Example_sources.list), using the contrib, non-free additional components. -2. Run `sudo apt update && sudo apt upgrade` -3. Run `sudo apt full-upgrade` -4. Reboot. \ No newline at end of file diff --git a/homelab/docs/Upgrade from Debian 11 (Bullseye) to 12 (Bookworm).md b/homelab/docs/Upgrade from Debian 11 (Bullseye) to 12 (Bookworm).md deleted file mode 100644 index b0d06103..00000000 --- a/homelab/docs/Upgrade from Debian 11 (Bullseye) to 12 (Bookworm).md +++ /dev/null @@ -1,8 +0,0 @@ -1. Update existing packages. Run `sudo apt-get update && sudo apt-get upgrade` to fetch and install the latest versions of existing packages from the Debian 11 release channel. -2. Reboot the system. Follow the appropriate shutdown procedure for the host. -3. Edit the `sources.list` file to point to the new release channels. Run `sudo nano /etc/apt/sources.list`, then replace the release channel names for bullseye with those for bookworm. -4. Update and upgrade packages minimally. Run `sudo apt update && sudo apt upgrade --without-new-pkgs`. -5. Fully upgrade the system. Run `sudo apt full-upgrade`. -6. Validate the SSHD config file. Run `sudo sshd -t`. - -[CyberCiti.biz](https://www.cyberciti.biz/faq/update-upgrade-debian-11-to-debian-12-bookworm/) \ No newline at end of file diff --git a/homelab/docs/attach/ping.log b/homelab/docs/attach/ping.log deleted file mode 100644 index 663dad73..00000000 --- a/homelab/docs/attach/ping.log +++ /dev/null @@ -1,5 +0,0 @@ -PING com.com (54.219.18.140) 56(84) bytes of data. - ---- com.com ping statistics --- -4 packets transmitted, 0 received, 100% packet loss, time 3065ms - diff --git a/homelab/docs/attach/scripts/remux.ps1 b/homelab/docs/attach/scripts/remux.ps1 deleted file mode 100644 index cd64766b..00000000 --- a/homelab/docs/attach/scripts/remux.ps1 +++ /dev/null @@ -1,7 +0,0 @@ -foreach( $input in $args ) { - $output = ("$input").TrimEnd(".mkv .mp4") + ".mp4" - ffmpeg -i "$input" -c copy $output - if ($?) { - Remove-Item $input - } -} \ No newline at end of file diff --git a/homelab/docs/attach/scripts/slow-mo.ps1 b/homelab/docs/attach/scripts/slow-mo.ps1 deleted file mode 100644 index bdc32ee6..00000000 --- a/homelab/docs/attach/scripts/slow-mo.ps1 +++ /dev/null @@ -1,19 +0,0 @@ -foreach( $input in $args ) { - $extension = [System.IO.Path]::GetExtension("$input") - if ($extension -ne ".mp4") { - echo "Video must use mp4 container!" - pause - exit - } - Set-Location -Path ([System.IO.Path]::GetDirectoryName("$input")) - $output = [System.IO.Path]::GetDirectoryName("$input") + "\" + [System.IO.Path]::GetFileNameWithoutExtension("$input") + "-slow-mo" + [System.IO.Path]::GetExtension("$input") - echo $output - ffmpeg -i "$input" -map 0:v -c:v copy -bsf:v h264_mp4toannexb 'raw.h264' - if ($?) { - ffmpeg -fflags +genpts -r 60 -i raw.h264 -c:v copy -movflags faststart "$output" - } - Remove-Item raw.h264 - -} - -pause \ No newline at end of file diff --git a/homelab/docs/attach/scripts/transcode.ps1 b/homelab/docs/attach/scripts/transcode.ps1 deleted file mode 100644 index 1f45adac..00000000 --- a/homelab/docs/attach/scripts/transcode.ps1 +++ /dev/null @@ -1,56 +0,0 @@ -Write-Host @" -Select a supported transcode profile: - -1) CRF 21 (~19.9 Mb/s) -2) CRF 27 (~10.3 Mb/s) -3) 1080p CRF 21 (11.9 Mb/s) -4) 1080p CRF 27 (6.2 Mb/s) -5) 720p CRF 21 (6.3 Mb/s) -6) 720p CRF 27 (3.3 Mb/s) -"@ - -$profile = Read-Host -Prompt 'Select a profile [2]' - -Switch ($profile) { - "" { - $profile = "CRF_27" - $ffmpeg_arguments='-metadata comment="x264 CRF 27" -movflags +faststart -c:v libx264 -preset slower -crf 27'.Split(" ") - } - "1" { - $profile = "CRF_21" - $ffmpeg_arguments='-metadata comment="x264 CRF 21" -movflags +faststart -c:v libx264 -preset slower -crf 21'.Split(" ") - } - "2" { - $profile = "CRF_27" - $ffmpeg_arguments='-metadata comment="x264 CRF 27" -movflags +faststart -c:v libx264 -preset slower -crf 27'.Split(" ") - } - "3" { - $profile = "1080p_CRF_21" - $ffmpeg_arguments='-metadata comment="x264 1080p CRF 21" -movflags +faststart -vf scale=1920:1080 -c:v libx264 -preset slower -crf 21'.Split(" ") - } - "4" { - $profile = "1080p_CRF_27" - $ffmpeg_arguments='-metadata comment="x264 1080p CRF 27" -movflags +faststart -vf scale=1920:1080 -c:v libx264 -preset slower -crf 27'.Split(" ") - } - "5" { - $profile = "720p_CRF_21" - $ffmpeg_arguments='-metadata comment="x264 720p CRF 21" -movflags +faststart -vf scale=1280:720 -c:v libx264 -preset slower -crf 21'.Split(" ") - } - "6" { - $profile = "720p_CRF_27" - $ffmpeg_arguments='-metadata comment="x264 720p CRF 27" -movflags +faststart -vf scale=1280:720 -c:v libx264 -preset slower -crf 27'.Split(" ") - } - Default { - echo "Is it that hard to just enter a number?" - pause - exit - } - -} - -foreach( $input in $args ) { - $output = [System.IO.Path]::GetDirectoryName("$input") + "\" + [System.IO.Path]::GetFileNameWithoutExtension("$input") + "-$profile" + [System.IO.Path]::GetExtension("$input") - ffmpeg -i "$input" $ffmpeg_arguments "$output" -} - -pause \ No newline at end of file diff --git a/homelab/docs/iSCSI.md b/homelab/docs/iSCSI.md deleted file mode 100644 index 0f5735db..00000000 --- a/homelab/docs/iSCSI.md +++ /dev/null @@ -1,173 +0,0 @@ -# Quick Help - -- Fighter connecting to Barbarian: `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --login && sudo mount /dev/sdb1 /mnt/iscsi/barbarian` -- Fighter connecting to Paladin: `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.12:3260" --login && sudo mount /dev/sdb1 /mnt/iscsi/paladin` - -# NOTE: Adding or removing drives -> The drive letter of the iSCSI device will change (e.g. from `/dev/sde` to `/dev/sdb`) if drives are added or removed. This will cause the mount to fail. - -To resolve: -0. Make sure all Docker stacks relying on the iSCSI drive are shut down. -1. Update the `fstab` entry. Edit the `/etc/fstab` file as root, and update the drive letter. -2. Re-mount the drive. Run `sudo mount -a`. - -# Creating the Zvol and iSCSI share in TrueNAS Scale - -1. Navigate to the dataset to use. From the TrueNAS Scale dashboard, open the navigation side panel. Navigate to "Datasets". Select the pool to use (`Tank`). -2. Create the Zvol to use. In the top-left, click "Add Zvol" ([Why not a dataset?](https://www.truenas.com/community/threads/dataset-over-zvol-or-vice-versa.45526/)). Name: `fighter`, Size for this zvol: `8 TiB`. Leave all other settings default. -3. Navigate to the iSCSI share creator. Navigate to "Shares". Open the "Block (iSCSI) Shares Targets" panel. (Optionally, set the base name per [RFC 3721 1.1](https://datatracker.ietf.org/doc/html/rfc3721.html#section-1.1) (`iqn.2020-04.net.jafner`)). -4. Create the iSCSI share. Click the "Wizard" button in the top-right. - a. Create or Choose Block Device. Name: `fighter`, Device: `zvol/Tank/fighter`, Sharing Platform: `Modern OS`. - b. Portal. Portal: `Create New`, Discovery Authentication Method: `NONE`, Discovery Authentication Group: `NONE`, Add listen: `0.0.0.0`. - c. Initiator. Leave blank to allow all hostnames and IPs to initiate. Optionally enter a list IP address(es) or hostname(s) to restrict access to the device. - d. Confirm. Review and Save. -5. Enable iSCSI service at startup. Navigate to System Settings -> Services. If it's not already running, enable the iSCSI service and check the box to "Start Automatically". - -# Connecting to the iSCSI target - -1. Install the `open-iscsi` package. - - `sudo apt-get install open-iscsi` -2. Get the list of available shares. - - `sudo iscsiadm --mode discovery --type sendtargets --portal 192.168.1.10` - - The IP for `--portal` is the IP of the NAS hosting the iSCSI share. - - In my case, this command returns `192.168.1.10:3260,1 iqn.2020-03.net.jafner:fighter`. -3. Open the iSCSI session. - - `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --login` - - The name for `--targetname` is the iqn string including the share name. - - The address for `--portal` has both the IP and port used by the NAS hosting the iSCSI share. -4. Verify the session connected. - - `sudo iscsiadm --mode session --print=1` - - This should return the description of any active sessions. - -[Debian.org](https://wiki.debian.org/SAN/iSCSI/open-iscsi). - -# Initializing the iSCSI disk -1. Identify the device name of the new device with `sudo iscsiadm -m session -P 3 | grep "Attached scsi disk"`. In my case, `sdb`. [ServerFault](https://serverfault.com/questions/828401/how-can-i-determine-if-an-iscsi-device-is-a-mounted-linux-filesystem). -2. Partition and format the device. Run `sudo parted --script /dev/sdb "mklabel gpt" && sudo parted --script /dev/sdb "mkpart primary 0% 100%" && sudo mkfs.ext4 /dev/sdb1` [Server-world.info](https://www.server-world.info/en/note?os=Debian_11&p=iscsi&f=3). -3. Mount the new partition to a directory. Run `sudo mkdir /mnt/iscsi && sudo mount /dev/sdb1 /mnt/iscsi`. Where the path `/dev/sdb1` is the newly-created partition and the path `/mnt/iscsi` is the path to which you want it mounted. -4. Test the disk write speed of the new partition. Run `sudo dd if=/dev/zero of=/mnt/iscsi/temp.tmp bs=1M count=32768` to run a 32GB test write. [Cloudzy.com](https://cloudzy.com/blog/test-disk-speed-in-linux/). - -# Connecting and mounting the iSCSI share on boot - -1. Get the full path of the share's configuration. It should be like `/etc/iscsi/nodes///default`. In my case it was `/etc/iscsi/nodes/iqn.2020-03.net.jafner:fighter/192.168.1.10,3260,1/default`. [Debian.org](https://wiki.debian.org/SAN/iSCSI/open-iscsi). -2. Set the `node.startup` parameter to `automatic`. Run `sudo sed -i 's/node.startup = manual/node.startup = automatic/g' /etc/iscsi/nodes/iqn.2020-03.net.jafner:fighter/192.168.1.10,3260,1/default`. -3. Add the new mount to `/etc/fstab`. Run `sudo bash -c "echo '/dev/sdb1 /mnt/iscsi ext4 _netdev 0 0' >> /etc/fstab"`. [Adamsdesk.com](https://www.adamsdesk.com/posts/sudo-echo-permission-denied/), [StackExchange](https://unix.stackexchange.com/questions/195116/mount-iscsi-drive-at-boot-system-halts). - -# How to Gracefully Terminate iSCSI Session - -1. Ensure any Docker containers currently using the device are shut down. Run `for stack in /home/admin/homelab/fighter/config/*; do cd $stack && if $(docker-compose config | grep -q /mnt/iscsi); then echo "ISCSI-DEPENDENT: $stack"; fi ; done` to get the list of iSCSI-dependent stacks. Ensure all listed stacks are OK to shut down, then run `for stack in /home/admin/homelab/fighter/config/*; do cd $stack && if $(docker-compose config | grep -q /mnt/iscsi); then echo "SHUTTING DOWN $stack" && docker-compose down; fi ; done`. -2. Unmount the iSCSI device. Run `sudo umount /mnt/iscsi`. -3. Log out of the iSCSI session. Run `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --logout`. -4. Shut down the host. Run `sudo shutdown now`. - -# Systemd-ifying the process -Remove the iSCSI mount from `/etc/fstab`, but otherwise most of the steps above should be fine. (Don't forget to install and enable the `iscsid.service` systemd unit). - -### Script for connecting to (and disconnecting from) iSCSI session -This script is one command, but sometimes it's useful to contain it in a script. -[`connect-iscsi.sh`](../fighter/scripts/connect-iscsi.sh) -```sh -#!/bin/bash -iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260 --login -``` - -[`disconnect-iscsi.sh`](../fighter/scripts/disconnect-iscsi.sh) -```sh -#!/bin/bash -iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260, 1 -u -``` - -### Systemd Unit for connecting iSCSI session - -`/etc/systemd/system/connect-iscsi.service` with `root:root 644` permissions -```ini -[Unit] -Description=Connect iSCSI session -Requires=network-online.target -#After= -DefaultDependencies=no - -[Service] -User=root -Group=root -Type=oneshot -RemainAfterExit=true -ExecStart=iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260 --login -StandardOutput=journal - -[Install] -WantedBy=multi-user.target -``` - -### Systemd Unit for mounting the share - -`/etc/systemd/system/mnt-nas-iscsi.mount` with `root:root 644` permissions -Note that the file name *must* be `mnt-nas-iscsi` if its `Where=` parameter is `/mnt/nas/iscsi`. -[Docs](https://www.freedesktop.org/software/systemd/man/latest/systemd.mount.html) -```ini -[Unit] -Description="Mount iSCSI share /mnt/nas/iscsi" -After=connect-iscsi.service -DefaultDependencies=no - -[Mount] -What=/dev/disk/by-uuid/cf3a253c-e792-48b5-89a1-f91deb02b3be -Where=/mnt/nas/iscsi -Type=ext4 -StandardOutput=journal - -[Install] -WantedBy=multi-user.target -``` - -### Systemd Unit for automounting the share - -`/etc/systemd/system/mnt-nas-iscsi.automount` with `root:root 644` permissions -Note that the file name *must* be `mnt-nas-iscsi` if its `Where=` parameter is `/mnt/nas/iscsi`. -[Docs](https://www.freedesktop.org/software/systemd/man/latest/systemd.mount.html) -```ini -[Unit] -Description="Mount iSCSI share /mnt/nas/iscsi" -Requires=network-online.target -#After= - -[Automount] -Where=/mnt/nas/iscsi - -[Install] -WantedBy=multi-user.target -``` - -### Quick interactive one-liner to install these scripts -This will open each file for editing in nano under the path `/etc/systemd/system/` and apply the correct permissions to the file after it has been written. -```sh -for file in /etc/systemd/system/connect-iscsi.service /etc/systemd/system/mnt-nas-iscsi.mount /etc/systemd/system/mnt-nas-iscsi.automount; do sudo nano $file && sudo chown root:root $file && sudo chmod 644 $file && sudo systemctl enable $(basename $file); done && sudo systemctl daemon-reload -``` - -After this, it's probably a good idea to reboot from scratch. - -### Check statuses - -- `sudo systemctl status connect-iscsi.service` -- `sudo systemctl status mnt-nas-iscsi.mount` -- `sudo systemctl status mnt-nas-iscsi.automount` - -https://unix.stackexchange.com/questions/195116/mount-iscsi-drive-at-boot-system-halts -https://github.com/f1linux/iscsi-automount/blob/master/config-iscsi-storage.sh -https://github.com/f1linux/iscsi-automount/blob/master/config-iscsi-storage-mounts.sh - -# Disabling all iSCSI units for debugging -During an extended outage of barbarian, we learned that, as configured, fighter will not boot while its iSCSI target is inaccessible. To resolve, we disabled the following systemd units: - -``` -iscsi.service -mnt-nas-iscsi.automount -mnt-nas-iscsi.mount -connect-iscsi.service -barbarian-wait-online.service -iscsid.service -``` - -Oneliners below: -- Disable: `for unit in iscsi.service mnt-nas-iscsi.automount mnt-nas-iscsi.mount connect-iscsi.service barbarian-wait-online.service iscsid.service; do systemctl disable $unit; done` -- Enable: `for unit in iscsi.service mnt-nas-iscsi.automount mnt-nas-iscsi.mount connect-iscsi.service barbarian-wait-online.service iscsid.service; do systemctl enable $unit; done` \ No newline at end of file diff --git a/homelab/docs/img/lg_webos_playing_video_files.png b/homelab/docs/img/lg_webos_playing_video_files.png deleted file mode 100644 index 26e32d5ff329d8bed102a6e06116377fab83465c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 66097 zcmdq}WmKEt*FK0sso+xFODUyzf#MJxikISE+!EZi#fv*F5GW4CiaRM#2yVfH6ennL z0t6=Q?|t9@tTk(9&CEIH%lQCgW!=wn``*{S_O6t=xMIj0aHk z&nfm}^fxH_?`aqq&oGqaq_usr_dEO(-SdIK~y$WHdeJ3HYH7!rMSII z0ygtHe`;0JX^t0U;JUr}BvmraVr{FLn+rR8{V-kA zH2>7<8p6){-#vO>8}qUIQ1r*MlpDpIVe#4F6i>tud__YJdUR=%Bfc#%<~u5)krOal zrk-w1jm;EBEQ8JDvsv}%*}qR4ol@Ih{(cokj0v{<_gChjM?B8Ib|m8>FaNcY`+wG` z%Q5rmZ4U&sbR~5EMt&O;HF&nSd}4E(UVXLXbKq#^Kb!xr%fu&gmF~A1_g$B(mXIU5 zc`UbB%-`D>#;9^e=+Sj%b*H1|zXA7SvlRpKMc6-a_u(+-INv*Bc&N{(m@F z>2;os>0|06oIkB&*Rg>E?@vzeFG`Nxvl!w2o&RPZHdT}2ep^Jj5~a6tvh}w`-5z7F z8H&KnrsJ}Y=PDpzmGO@Kwj6TaF?V|osk^NGw|xEU)~wrCX&T7Xz=74YBia?DR~X~n z%l12vb5~n8Paj9_b=lQwd9Sq9f3_ka0i3-aVs_VS_6rJe?{o(o(Myzd1fQ+kssDWj z6T`#Q_mSC|rx^i;N8*2aFr7PY4qo#>xRC4-N zB|Edl8n5?bYcNz%%M^%*OI`RnuqRQSrw{ea(#`PlS!Q5>h1s|(>5iu|*e$vHy&`}Y z&etK{zg6xB&3@7@-{}S{YzI(u-dt*Y>J8I=)-=mv`E47td&nr0Ol8EVMgY}r7 z5tVV(<=i3O{w#}nGzD=`wH&|Ie|YXtqsj>Lj6j>d8K$hTB$D8Yk37YQ;p3$ktJ# z&vin0n;3dG^#0_)R^mrXN}r=g#CUtb(T*@VdPlb&(u8U?3thPyF^h!UN8Y^vT#r!R zq_9T)80NE@T;anVgvSgOGKG?*I6VQ!UkhTG^*@NpFzZ^d5YgM&gAbi~Vl+rRrYvXOqqdx8@ zo-2i<9$cVKDn~+VzWP0X{+^%Eua`yMvF$B_&8?*sj-DoI?JcG{YZ)M_-_03fMa2N7 z?r32A?c=%{?dm^dCy|7bHx-tjYVual@8^6E3}UG*;6`7@s3%QFbdVF=yP> zPsO31xMwwCmJ%rVev4;5cGCMPz6w-WuA&JGZIWvrJ#mdUJH6IBroCI6T_ec77d(&9 z=e^VDylqyz}au1z#-!fIpiRoU3kow&8nH%>?CFJOhhQ3m9joqlHGCxF!pN*+2 zvsRti7wQ}ug8S7yh*#xXx)-5m@~d=)lM!R@xD*op7;9G;f-VQV6Vyux44#Y?#${TI zl^$@gzZ3C9vCVWR8O>I;H+7xxrBt~T6t;A+C(M^+ucq*y@pc<0u@d!`QCP)nYdb*P z-YnRXV&+qZJKcN%a7cJ+citDBod{K%PARyLOQIc8Ef;zfRsx?sr@B*Uzwcq}{%cw_ zlUprrg*tCJj!z}e`8WAfgIVo3e`hM30%UQou>=KK~s%(iR z&0}Wa!)ew;I%Z}N5~mYW#V(xgz2+Y6P}Xw1pF_vB1YOG{1@F&mJmnfc1Im!+n;enE z``~E-cGpeH@9g;Bt_;UHI9j`a<7A9g<}o@|IK8E&Hevim{nTOD;jo~N5G&e~3|tYx zC5j6Rw<&ic$AUn??fA@nObo>LdY3OR53N`K9_lXX?DZ_?d+vZUBktoq?*NA7`&FV< zf}^YU1@d*Fz%DTdy;#Wod~VNq(_(iS8AbQpdP*C^B~{<(pHG^b^xGVt-@jGJN{og} zo5h_GmCZ?BOsk|Z#2Zz=W5CwDvvX<+9RdDc{@KK}IV9cb1}1YhQ7jQASHE84OEPuA zeWIP9HYQ7!F4(1_8kveVE56ji`oqUW;x~Ti0o~y)|G8*d^A5P&oZ;wOxo7QUkh}t| z_`c%h;4IOx`Z|{2{MNNde$jGCwm^%e{&`t?97>kmiG-!zVvY8F4VFCqkK-l<_lGhg z4(FdrEm|5N4P;M$2x>^O>5DIImyu6qeBQ$&!z*7!l=`u?wft(i2w{fKY@dH!If)@c zA9=T6;hl(fMxTrA;|b@MUygtS&lz${jGgVGVBom|8ZmH3<~^o7k_rlxWaefmABDtlAiP_nVTids;6x$}VC~BCB=Dk8R8cQl zY|Jtmbh2HmyIOmKH_h-0qDqF0;dz=oEYe6xXU}ZT7sl^#*ZFK(2aqQR82O7>?1w7p zHZOSY)|zNJ`Y`^K-$Pd-d9Lfs;*OA5!4DSx5~!Ir+3+INb#fhxtGiQkEc@fPWY>0 z)Uu_268NGA+PFR%#B?;>)cFXq#=jiq-Ept-#|+gX84tP92_}=gkXVU4x+gVDV7zk- zKCSw-5I?aP#Y$j_XxBL~wzSrvd=k6Ti|u}3y#CDaxxeeAXs)tpZenx@px7}`)-Y<$ zZ^n%w%aNgr{JG#-oIG81l5hgDGc6Z+s8Q26%^X|gW4QsnkxtFqjA}$ctbc643AFb2rhZGYHrQ%K&O(szKU%@NvZIl~my-8J zK1;U2FN2Qn?}CZ%zw_`O1|OSU^Iv@q{*!QAb9CkSQFj;~jH>PlKFyHSzw<}U-V5F> z2j4^g{Jra)J7YltcYPUwn}X+T$c^B;@;^77dq&=a>xnOVEIdWz0^qdYCUIKV^x)lB z>Dfv$PDvh<HFtl#3$cGb_S34Bro0nbXKF7uMSR~p+@&HW|fOK8$76|ck{U@ zm8-*hr;u{9;E;P1Rxn*ILp$lw{it*I-im|MxPRGO)>6V|;i)7$qy{G??~g$qn%uF} zT*8+d()rm~T)FqzzuRwddL^J9=#%e@m>&^2^q9IAJ%qGen*KAs)%ShXYze>{Ny!t9 zn%fBHF35G(N=z>Nma5k5?giSCId{_nj@-SUB22Y_b2Qqc_Gh>691VB3J&{oM?`DgE zTdv|XOqXQVDdyzvocB=!cb2Vablbkazd;wgwsQ9d<9CCzkHqp6Ds8YsBM?S={PieE z4|$|s5_;%-Gjc`0a$|zF2Gu`HZllf2H!gRL0REJ&hms3Cu<)9(`3^WNw~EWPMMSzD zc;`wgb0|}#ECuEiOP8+E;QSEx6)B_nJi0L~cqH*8WhtsClL zM48>=E~C&0r8;QTc73Gda?Se=1&PkRM+8UC2F}?2PMe*wMfG`i(nAnN5C+M+j(cLs zKLU)u#!!C}4xi)xeG@j5SRHKenCEsF0$o9N1Y<+~90gHejQehqw_m3V35oVS0;@kc zx>~zj9aw4o8SHf@x&ObOJVo0m@ZB@h+v1h*;Nv_5OVfHHkMH*e85zR)rSwh z*g%FhiLdh9_vNEw$_YYt9u)^7{TN}CBq1aC+m|20BmZsN{$sEuk8ZOU*VREV{!qSfbuic%X+Om6*B`1>B_atK1lY@Nr@Q zU(=RegPb7s$t5spTb~JS*-zzxxE3_zgbJtdXj4p=%GYPqea z7c?&o+XzT^K=XE5Zdp|4X;y+~2^^&D#@cBxDYzyHKCvM`SBtvEaH5MbPa^&Dx*;tgQ^1V}Q?%s?3 z{Gx(bVeKQl`PGVc6UkaSd9l*-%keh(>WJHjcEADaZs8t*=lPi(V@&&uqjF;&d--v! z{JkHTK#X_K))8w-m&TgQ^Ie+B1@F3HmSF9?e#+9vS zyAjqGvjHv5)*p|*g#k~)5;H=fl)6bl#Ef-Lsn^&5L1f;7qT;CqvuW%*W24wjjR-bf zA&hvxopOz}HxC8%C?`wWn9mC3I@U3;<0srd2fBt6$YjS)?G?a?=g@G9{E94Z6Lu#U zX4r+QBYoK1<-nLrnWDl;{Ch)nI@4I;?jA3eKKC8h*EKiHhfwY~Tr%)>%_g=+-i&Vj zif5IzZ=E^vt6{)n?^Re3V)rq&`nT_Sk?Y^es?-i((0L^cPHq*khS@p-8P>W_>!+>b z_XA%SD6egWaX!+{yQB)fvZ9|2lO!p@7l@c`;%$RpPX6&Y)oLjl~i)Hv^LOWEsj`ILBZ0`5>S984TBr>J|hFtgd zYm$I&*FDl%#>-)=Fke>-dAbMszsoiP1VyckQp6&aW33L7u$hPJSn{QWc?FJry)_Ph zad@WCkKU0v9=}h9BwqCz&x$CjQ&_I|1LQ~E(;a+hl%}%nPbbL?oV&g-GQfi0?9ew< zha?T1QFnLaDDx!V^ugQuqz;X_-PgN+k{EHoP40xGU`+TZMC-m@Q7576^H?%xanpxL zr8lmn#R!dK&W98&YZrgsC)FkJ<_CL)ND0TG7s16XVqzZW!74^omC(YFQYgPZ)FxDo z_}Sd>pN&M!CIP&M2XoeuhBd6Sz9pA$M zWsc{&yHQ~^hEwUpt}hu`^lnESU+$ryHDad)LqGQNN1m0ZN!$B{94WDv)mKI;tYL3? zSPVFId-wDxof{1n2rXmiCfV1K_*u`o-y2^Vyd|ZcZ8RHemE+W?0cAkCV7_>>o9y+Jt$;Zf=PvPn#(h&0seB|h| zuf=={>QheHee~;?1??l=pP=V__vFv=xYv51&(WF0g{`>Pt8ETxi?r&iDFf@@m!BaK zK{++NEe$ukae(5z#j@0G8_)bk4U5(k#P!2g@(#;~nW`B3tS?hzUz;fiq)+!w*mv#*1$9JbLhJUbkSrZkTyPgX}_T-tv>7-H~27wyoc8h0l7v=cVdR%6rK=Gx``sj4D z3ktaD`;hZqy5DkbLKF&rM^D6pGO)!)*a;4OYprxQHZ2$7>LFv9vT8gUPv5f?Q+ggd zElRzqOlU!6vyY(ZOW8ZE@|lrt?`&;V;49O-P z7qX_$=POB8QKMInCno7L)UkbAd`3+0q_A69Ch?3x59D}umKzGLkv;0X;A@EagJ;zFFzV+mp46wgPZ(y%v(?8z%I+&lXmHs2r7)7?`TfA$ zmY^!DiBd*OoCix+=Am=s74?q#6Y$}~6#+y(4E!wZa0zs?oR7~C$VKh-0#y$Qes>70 z7$;dbQY$Em27^>W^0J{FW%m-#sMAlQR;X4d#+=M6UTj!LjJh%hs?Ji^R$Rr9JiyK` z^5E(T@W|kce+_Y`W*|X4)UcsN$T%_Y*{`?;OTOs&>n5zznT#}!#Y!Bl_Smldc|N0g z4~BhCG}fHUlH(!8iCC8x$xXFH$06!@|0}pSW=aI4cvj>>3dh#L#Tso@V>u@!enYl` zBnp~?F6KjqYL=+_?i%5y@dFQDr75o?_4gwb!#~1pP#m8p4mLP;v*x90k{0eJ^lhQ~ z29D4c^@tSqkx;@eW-Gl~#X+^J@OkfVS2t2#>nN-2a48Bom7&VlScyzgwbs5k)WkM5 z7veIA=p+Se>PK5B>(ocswZ^gHV|+vCkI}LD!wYZFAW?fh=6b4_H+wrzrAw42>0j;qY6}OfL5U-!mN|-LCB-*Jb5dUwk{ziZO+wCF1=8~N`idoG zF?di53x>1uAR}mA&+?MJ2Woy{qC$O{l^w}-aRAeJ(+=!^2}v$Vh%2>Bnivze67u|A znqXsl4gy+C9Z6YQ*Tos`o6c&9%p+_;Ll-yb97AIS%Z%ukTE)41Q<1`S%ht#5!iIpWDN@7`!)!f(qI#syhS#T}7L?ZW2f z1&md;sSbDM?1-OR3&%{&!4WAK`o`&uOD+KTGhvZBV6sw8>nGo8@7Qm*iXlVcEOD>4 zZPFg-uliv#}(L>m2H= z7|}Z?jO%3Fme!U~x5zwVIZ21*st(Z4G&uWqgX^1}#ThB0RG;&(sJXEV82WlNk&C%L zGZ;qh1e_&*vLX{4-5{)H#p?xqw2Ws6|9Lk=HNwwX@GaKTDYj%OBPi5zf0pi6@V~VH z?zp4$xGBqmrn!%DgK9Z+V(mSjE79$i?Pe=s%zY3Xx3Djwgrx<3_~ZY%nPcH1MS(VL zE$#_Fu$#)DQLdg+t85k`1iDs?sW}nc|B{#yj-JZpa=0FSlc_||;#0bZ*s#s4ZXskSdXaFz5KQ^(qLIDdv2g&t0{=!lK*kgb7mww*!*H!W+S%JX*SvQKHW2;@I!dX$R*H*zx%~z7LgL{3 zcE}Iq4=WC?r{cJ@gocR|q5=2fJ;t(QML)*Rn?K74e?k+VPG$GH+QXbGPvt?Eh&&YO zSKYp?T^TM}YEJhj3%76Ba<_iJO)>rLux_Z?80k?+smGr#gL-Oe^vs7}=lwDbD2L&41W zQ{Li(u*kc>KSzw#T@03+gkGxsmeymu!$c81VBLuyN&U5$#lEnJ?9s*oAI1`$X7ALd z`LZL?dCbv~w}cWPSHp0%1P5@Y_uk61Jvl(|$DTd812u)%#e$t~$;uW%f@#}v;Qr;P zdbtbGiSNv+hN-~0j21VJk49b5Zdr9#7{{EbL}#k0MhS!}5AkB)pao6&`bDSq%@6@; zk@X|)BiBt1Tk-1UKN8|Vf;&%7_)hJ>>j(4GB2_0C!#F?EEynp@+6;xUh!kPezIG$H zN~UYXG1GuGXBlJy2Qdw^HUiGI=`OW5NCoHw(g%2mxtG4T66IS1l==x3h^=d~6Xbb{ zv`FOUC;4jLEUolCUJ!u-tamQ6SfPHXYcch-(`}#C33!mbJ2t0!;*^bMD5+6>+e!Aw z-(}7#cpb9~e4Alb=FA;=Foh?3Kcj`ayP&m~Yd*Czci1D6?n%{`eyw8fMbDAdhmjSZ zN}0d~w$xibpW9BkzB9MSLId2H_$5m+q94x^lF&fw>k&IYn$h$_b4Q``Bx^vzyL>UG zFmZ7Pv;XGl2>%D)e9(XNU-V$r{~hY^f1dll;um-5jFfm0UgHSiyH?UdZ?61ss~u(| zG*o%{4-g%922-Jj)+0-nj6Z=ud)`m^CT%Gajmun!?bW;mO;N;Q)8E{=N~nlbn_tX? zF%KljHa1WLU3ertIWFOcFXv(r6OGP!U=vETU>+eoHa|kKkUOj`SH!& zSdof(i0{-{LjJzW8lG$=+$YodI+J;5i>l>tqA~iGRD0g;~Q2SNdWjbfq(#FB9kCD+y9*|$jA0X z1E@0>eu2Y-o+0=H9}suowXDd7hQW-6o^robZ|^w8gXC?=e|*`i91ck_(L?x)Gyw0e zTlB-78H8MQ&oi?}#<9~HO#|bVM63hv{EA}+lu3qf3yTY97g)jH;0TN4(sTP{*^IV= zNJ^^fKSPR<;(|+p8!UI9~uN!uP(FZe!Ffey9)7 zbzrPL6Ug<`k)OZGxGh_r;UTTOul$g|5Y_OrR+d=x7`NVSo3~& ze^-dG?Q+Ml_IBnvQ@K0|;#=_tQNVs4_)YUkk%_&fuZZsKe8okqhEGvl#kJ^weRL35 zf58-i)fV6DEv>-GS@%jR;ak9UDw>2h^gjlFo>qtuxsrM$jGg*^MP!V z#YF={>8B(}<+0wp>m%_5<>lg=p;zw)IX#HALu@b;%XB`mwY?8SQ8P8kCp0)r!N?A@ z2D7$lwQ;rf@|!}B+lyjfqO4shx`(yOA`ddMbd8}rp1-#tt4z2K)?Y= zfBD;jJ?WYikjFQ6xjmlnjxQkR-HJ|Ab_Z~3YfQ*l5Mt8bga+2wRClicKb=gm94@8r zx!?^VZ`5Cjc)|#&n1+G)Ga7a$KiThjTEB@Cqlgw9hZ?{I8t59F_dI#eie{$^%+du- z`H#MM&fG}5o1NC^#JI$_^!AJzo4Sx#CE9r^4nG=5Uf? zM+(T9zk&4oXw7r)IO7@2w#1%%#wDP3i<(H*#*fAh{`-^fle!mtzyriYU%cPUK;cYY z2cb6IXwAz+_E3$E%stILDg$~P&;xH_+G4eahWi8HST)eytuCzter3%g>zo^!VCJ=I zBn%y~uCMbfGacj?guZiJQP`fd%sKUnZ*T*;r`TuPWM+2SGz5=@hZ{y}jKND1Xx?0Y zvZ2?%{sbT@z^J?UN#MS6^T_>H5!svy3f1VX)ddSYO++V!MRu z;C}FkCZ-*J3_rqFckiVUrQM9~4HtluR|!e^d_PP^T*hZ_Zn*Khu0j=B&Io0!FPyX( zFPCZsR?%>Xg82Ks6EeIo;Rc-6*1o>x*+^grT0q1S=b#0jha?h^=ff=jlYxnND`Ul5$^KaP+qVqq6TrRO(j|zMvRQEq{_K?3> zuQ+nV;ii;waVwtj9zs?&68W5Isu0lLd`uw3pTCya7}Z) z8h;}NOW}*H%7zX#kWpjm^&Cwh$KqVoW&CRP?2T4M9Tk(DYNj{vYZkjYC{~`>{Ht}8 zY{#4}cFj-g2hTcwruCN1+Sk?v&YP=i(PEA81e^m4LYI!qG9rBD+gkhA%l5Lb7Rv+> z)H&9NRBUcLDON@|k+}x~HLZ>IvYvlH?c(dRT&b=fU2TofP^MNm%pxUHI9)Befu84q z+>mN2$LhrFhDg!6$IQhiMaF5neJp_JoT0HhQ?;})QK8Rz7k<`jg_m0wOD%Ch&9olz z-oKDGjlHyi!L8ijKh~*`iK8F}%g+2(Nx2e1Q<`72FF&sJ*Wdarf2CMY4~3i(EUl(~ z76OJ&d&))*=`Fe$Sk~;CK%&>&LK4;gczinPXT2mbLmHvh_*|>r@4TtR*oP6K7JO!f zZZAaV=yUz%Hy4dfo`GD}Ow8C+Bl+ckV$a_P9XmPRFE{EXAo{U3XFoqCqGSZM@W zVnx0xKsCF+RybAe6CMV)b#%@Ze%a`o|F*Z)iHpvcZ77zligs!}&Nn0!kwmAmK_w+S~BvIVl4gACbHs{G`Wcl`{UaP`N zyP}G|JaT4iw?%@AWiy9q)WkQfdA|a2m+rL#>#KUhbv)a}FgNJMA|j+GEa~jB<`2b= zp8oT6y2fL^F(9)?_hO~{Vt3~d3!0bm8J>+a`y^1)ca<1z!p-}{Aah}pJM~#QJ z!1r)U1eyi<5!uc{vF>r%5D*|liJ7TEXdk1&cs{6zz`7H)W2>~hT|q(BE0}cGimX|k z&@&GWe8>$6*uSZdE`H{&^0C!3#c)Xp-`m459Qydz1+A&mc0F#Eabp~HgIK&ZO4wTh z?nP+iwJo&6`p#QI+wCexcXh75Bx7Z+Fa7o$pao%a#-lHNYACcZ?Ua31kwFh91p0S0 zidI@MUL0Bb1N;`Y>Z1c=&Hi?fK(OzJ?q+MQm^2W0IYMB10rUFaiV$raanA$<{Cz{C z2iVkn@8+;`%bKXzWu|lbjqaOEO>i;bcLCPrW5jhzpmB-xn_OMn{0M995JIcSnIY5crO)2#58sQ) zaYGf7d(io%ixoTnPQT=r($8e6d}AZq;?2Ujz9XsRm;0`YV3Q&jYz1D6HTK@L+rmS` z$1Y`;zLk|+?hzoM;O?YLayrGB&qcVnUlt;|_u zU&CMM!dE;-&42Z8o7#KU(#|{j^97nabi#|!`A_Ei`R~F1UnIW&Cx2`YRue_@fYkYj z0js&*7hLz@<|SAy&BZqlt+PBizTabDpK-Of4n07j^Bz&VS z6Y-h5uO`P0&QMs9x=CZUdh0^R!=A&3{*^X-i+O|qU!f)yzA4a9RZ5%PIvAa^2Et9z zGG~bdcSK=Zhj;>29b@Jt(M+W2W3=+d|MiB|Tpo%6Lll}*n8Gc(PAfNrZ=ie2MY0r2 zWcg))cs)G8Jj^%U9N@OZ>It;bSP&r|V4;wXdOi2S>(DLd$rt+GWC^SOHRj>RK`GvR zbn7quKG~afw*K@nP81X&6z|GUsjN>QlkUvlT!Yr3z1 zVxH#@v#2ZXNLv(vul?6<3Q#@$KLAVRJL%9qb?(9dwgE^UD(fqS#F3Fa_&QpFn7Y{1`BK zq$RMKcvwB+JM>o<&ZB2@Eh;N_XmXS3avz{6&a;7fzn5l3=osLG;49te?>}&E0`c;V zy|JUHDSkJt8JwzW26Le|Hei|@nSUqWESvQs9Yd4sK_?F{T97O#HjWb>JUxD4~xKf3~)l zHf{do*=K>S%?H@(qvMR==f587QDy=|0~)M(55Mu>E(C;oVt(N7ks{O?-)vm?W}_mA z%-nCTNkI5|@ET0BW9plT>81Yly1;mnUFfGizydnbc>}NSBzn;IMYFy`*I9s3Wlr%P zooacYk)@j;fFk6{gn3NO@%tl_!SHT&hx2VMNdeE1xgt}?dLEHDOVctU+dqtoVA0pt z=7H5-BkrxLPFZz2vUslbqvR)8hS(;e(oJaf_r$)6U-6Ha!pd7i8u!@S!CSO;P|E$# z8NcBD-qM@wM6Lk_HlbBYo0U&%M_BV}ve&|LkDtjBTMu1_{iR_8K-AWliQ%rtV?X;j z#?1V<3HhJ(=hyxa#w!x1If~&63#YpI$v#T46qzDpO8i)yrj{b;&Eq7q*vZl%ocPM0n?wLj1l^xnR2PG=OePXMN{ zb^@O2%N_V0XJ_BYOTFekoY<)w@7}e$= z+%bTq(kFGaW|zu&^_fa=-|ycCbbBcUf>B31bV6bj7fJ=vm@`TyY(weAuFo0>Z2ahf zCxU7ZGsXL)wuD;d;3|U}ckphU`m`)~Ccvf1gRa3=yF_4&8Cw;vu@uV z6cqT@h`dyIRmIf@$c^E8$SSPW*_Pl!^B`+4FyKWJKw~K5=5J~~OUE!xh}OsX)vzp1 z{5Wjwk%B@%>DOWgbh7{a^I+q|PN_*B`*WK*!D1m1C=hKK0LcvgHbHBY$jV-uGHbGp zSwVjM>=Mh3=CfD)nNV!7>m=a7F*!17@dJxGRDbEAu&-ChH#;$sJwLY@MG|E)y2~@w z#7J`$T>SXFq6aRaC1^*MMO-sxQ{oX)g7+-oWf8r^n5^pAm-NRQ1iG8HgP+=wEGx2T z!9b|7CujrqxP`DsOTediMeL+hewnqFQi#s7^%$aI`Mq{C9X7kQ4=afsMpqoAPXKrS6De-ENjHru^)3A;Y7 zn2$FP3vAhdm2u3jM2MGyx8)??bPw%rcju3;gEhF=`b5jDI_POP#&n7jn4gbK%L{lJ zLEnBx8`>E0!7m-HjrAZ#(;giAk#+ZYJ;@LaVW+^g>-C(kJER$k`-}8Hz7o_Ie3Q#g z`S6BP9qh8xZsC(9icHsb)wbje3CIXSknSg;CAo(#aR)qa2CT_@3=mwB1k%*|u>rHw zI4?0Te%L#N`DR0v+Puz%8miegsMQ~=Zj?|qcjJsIARG3`PrCH7@Ee1v=Rbr#%l##8 z^CRFrkEvk8^_-yGjE!zD384*bm}}6a>^ByEx_hotP^iZvN2}Jg-@dOiGgx&udPZQ^ zRI^++J9pRLT-G)vx07hPFYxJZ#KW}8HpZujQm;HSWM58{LIls@n2chFXrTh9=`)Gl zt)WkSz8o<%GeH;ONy%uPM2(bA9HqB+_9~z+i7s$i(=5XH#@G*9sX)3mfL3B(Qc1+Q#7-Cn(!2j}YW)cS{O^cOov$xr68rC5?>D8d0uP+cA9{WT> zS1J2-$fFz@v4UU9scOzON8gngVYW=ajY%9o2_w5V?QZI;xs8tA&h75fWEC)=fW=9;ayaplNkYyletYC|XHEaIY@5g7*1dzeam$yflo6jBO68m$@MLL)Z<& zL1^+Ce}PC{PmN^A#-3tSoMu<9*i!T9g=4zq{fu+RQ z8?TI*8P)eyesOHuV_H%EH(hQ*;LEry7MOsdPLRFPv6Xg@1*YWjUI_y%o#g>FU%-ub zkuujX&%@XjfbDtw2lwlWTqF1glyR!q_a}McPaP|&UW))gn6LD5Pxuq|g2W4dN_=iU zvtuTz*8fn!Sp=Nz^c6Vy?BUb$igjYy6=P9+1YA%{LT4R?Gv_bgf*n^X7Fgi)o~K(l zK>etnzb+`AN4HqM7+KPvHBGpka#JszqdER(L zp6?`GITjg=bO&e#e1Dm1Tqw>!mYP+h6glJU0W`>1^T5mn4-1s&^jpJE_!dSk>v7d=tJGw;!EX-K^#uET zfc@@=uQIIdL`i-@<2&HrHtosN>HjF-HLwov&nWKQd_xCgt@P(rcfns^?7KorUHP+p zFm_b*baYm99pN9L@`82t|~(4iZFcjJviRu;%^2kL7Wz9~l{!8oM! zGOk32>SCwv7+z1CqwDG~Zn*73`+eQJ5MpRsyc2M-G*OeCTYj2qy%TB(Lk)|oRrDZ(?6oOZ%M4V9=5E7?GD705nTZc(l#N8aCITK&o|VIz=C& ztLO&6%HQ@7y^!h56Zi(enWwF8am2*-t%%*?|B0S3d)WWUiLw9Rme~I9i*-BxWgMtq zdUHid4!lFQ%z8}9qotm*cU@~%ukHgte^t1VQ!j30=PXM?)or5!%cQ1{RMbVKFB#@F z`1b4fb6W^J7}Y{aWcm-Jwy#LgX+N~O*5`*LUnc%(t}@G8R*l#2u&6qG19i|iq1xW9^1f*Fx@2X|-6em^@h)&RzJL^-9ZXW z=Sf2zd$wv;Pd9z4R_nLl&mG*erLB`5` z;9rD|DNVt};yWlV*D@K%oFGG_Q;dWN_F1}D<+D(yfT zYcY`2bjD}X92TD3JM&bt{>oX6valUl9l)mW2V?%5e9c)JB+xRvn$YnEA06$_pt*5# zS2ujtp|#kJ1YOc>-WDY!8ENL~hW@1frsiOiFmd_`XtYMO#sT>&kIiWHb+b5br0JC3 z!sax+6jtP^uHF+KROTaU!iH(z*zM(u;dwKWHbTwtE9Pc}x?ognNV~|TiCcVr#$UOCuqJ`o z+)o1C_W{xc;{VYWv|BvaHvc%UprJo2`F_LXT6HOQK}-S6mLW1keHl-pzu)%!C`O?} z4q{;ZGCyI*Qjt;F8Z+LlBOlwB%B6 zfE`YK^a!VgdyWkR-%p9Kd;hGuK9`U7{YUZQ8_+R)dxrNucJIIBq)8KZo};Ls0m}^X z4vx`Qp7-s?A0pJy*}wECLu#+XA2d;vIkN9cwmqy5DtGAj(iSoZ(FGLspGIpQxhFq} zo@Py3d&PySKD6Uf0hj{^3Jk-6zXS%VtB&lRdsYIcE1T&PP0sh^qX%H&+UfcS?JUWs z)PmAsMWtEg4nj?h8?Q_W@jIHPRNUg{6$Ty41+^g8sm-SBmmgKex?IPQ^3VXbm6U&7 zhM;F3bc8);yeji`Woo)4AcP+*wH_%*humNywh*|sDLSxn_HPabAbGf_EBC9&+09~! zNig2>xae%VqF43UsE&3(8ibaP8trHantN4o-{F9e03*}=aDfT4fB-pbOZ2ZUgcDas4-c8}m= zA!3Wyo-pM2@(`W#22wnTarK-^Nwj8F7$bRv7hA5%>zf=rQ-MK@1nqr@fY5p7NWQGR+AtmWnE7AEJj6J4f*S-r6Zv3E10$sn{2eQSK-|+*0yY} z)g2}Eq6wmkHPz$ixZ1Q*A*((U3y)7Ir>RHFqtgWKI?tM^B@&2%Ha_ohQ-|t;*(LON z%w)FmS26;vcAVBFb`yzZ-io2K(g@2|)92mzq0b}8l1R3NGi{?}*$#bP_h?oGPZE-V zjdhTVa{BC$_d?y`F(k^aHGi|`jSxSkz@ao*&9&1_b*zjt3a#a_~( zr7q0c$H_80dnVusH1#~bW!rvPxT0|Vr7E1+v@aK{Ch7)6I{G@3=QJZ(W_iz6U+|Sl za4~;#_W+*)wmrG~8^uO6uXQ-*X}&XC0fVix1az0)z#1H|z`RcR*8a3qBQ>!hgH>W! z#$asfvuc|22j*Zr?ZMFg*nwp{nK2y$tl@Zz%~`hd8cP??2OVvVv#XYOBAznX^Ne85 zq1rZzHER~I2hm2<5(`cQnD;~b!++jaJOC|!%-+adJU8?4j}G6&7W-SvlbG>ocCi6t z<8Csyip0$OHG{`%j_L@Wd1c|hB7wJ${>NkgFDL&0wSSm_30_xtui8rQ5%JmA7VW%Y z(%#85m&xXT<&az80};6#c*+MKXDg8xL@hZ)S{G;sKfUx6UyNSAbw!Z6pe-ZTiXvLQN>Xz!=X{n=~QP?L?exc zy8*m^`>DTvu14NXYo9v0&}A#fFcpy4WVR>n)eX#obKRTg#gj%-VY$&Zv-YfYg#49P zp2cGFu3xRpRdra*vAr zt1)15b5i5`)$G|5`%hI6N&HqpxZU#ED4*4)S*#0hqnIbAi-3!;|7hzLDeCv`LzS{@ zYmd;H60AggX!B>&59|cBEm&fYEetO3U7P=mUIr0AYo->XgMvT?!Bzhx4Sr&EsU08- zx{=41b`#qS=4W8pSj<3GGr4B!qt&7#meA3fC;uuQR%H+!Xm9dB&NWO5l2PS?^}Ft!CeQ};5$6;`_;Ew z`)$?MO4s~D^$gv&`}RHO{N(g)ZA(9F9>kjR{zbz|S|B+j5qy0bjDHrj^tikJrebuo z8mXkCR&u}${#lUmAA5m!DdR_&iMW@d+A^&?o}xbjbKDfnOlZuCkXvx@C306Q>vTF~ z>o+MWVp0%3+#sL1G(~qSrnOG5yaNH$j-%U`kOHR7|IIMqAs!HJ@u$E*#GQRp^i@&W ze^J1S(9H;1){*+zL_;HugcAVEF@)q2v)|`3qFlZVMemxa9sCN8Ojdc7U21xbQI5kx zaPiKbY?2m^=bYrY_@r!BG_wQayb~-#`NbGM>zm+yCTlWXR3U^)ia_|QYM`ULF)LUx zMs!pcBJ*s(@zsCDvXyuFTPKj4{ZMn^TbUgC_H@?leId1k z_+s!wUsKL(0cPKdfuCKm)|wlC%{8h9;T(=pOi&HA3&Gw^o=8(i5eqDOm<$L=6YnjRBzNAS1gEWC<=UkHMkq&|owSa11_MEew zyAB5u&)`Y5gGb`w{WE)n$&;d=2*aXwB9~I0t}5|_OXbAS+|JF+&q`?%->Mqy2VSFt z>@hFxA+SY&oJ zlrC|J8TK9OmR#9Z{JhOUZQp*xFAZjgFCG8K57s7iTe-`p%lw_jO^d|8^jk+mDZ(!0 zSQ!muPiVI@leAK7FnsCeR^Bka%b(`{`77&v1Ah*xY+eq=gl(9ii4xwa|peaKbOfRbg2D4gA zcYxHO{SR_9uDn>;z@H><+IflC;R;M6&IFPBnW?8#H?njhWX~Q z&TEvS`H2vG%(FR{I=_4EkCmaPWtuF>{W_x zvKG#O0mc>n6KTd4p1UqX`|>K;)0+8KOI8K9sa*j19wg3yg#Ny=p;e)A0cp>3$*ET5 z_Skl^C_B|8V)URc3j5k6XoY*}=9~$fR_G*lVB&x2ddd6euyoY(y!P^+F>o5NX)=dS zN!|sf7TNYKUlVx4J+BG>#rtR3*B|k9f~yq)?%(=IZEmL`7;G^&zeoQRKrefARi96? z=yp z9!P|d0e8+R_`qm1j;W{2P4{(N6;4FKeyUlw1X%lSAG|xpr1M||kwULZvKauh_AYH) zK=KZ@bm70d9$S=pCc@xX^q$Vmrn_O;m9}_cA}>v4=q13+B09fuCf=Jl$ce6thjX+u z>=Qo9?-M-cLfX4mh5l>u@*O)rlscut}|zSAYOU-rA&K4?7PgS_ZgA?JBYH^n$+7=8p4y zvT`>CX3_npWYj$?p&MuS{Ix)}`-2vKLLIDx3R71(>7)Ztl+9u6zp~>q|+}`ep zJ4&5ez#V{HahFB$xR-at^0?2~woSP~NUsnk5Qq?`H7R?HYoQTXcqk0m`d$eh{y*T6 zC!!?Ce@E#@N%42k8@!=%8azonbJwVvXAh$KzpreP5NZk(@p9J9)4XiFuB6p(4^cffs8s;zn^D9D2@jAcGcrTbLStA zR5}V1vG<<(am$D>iVYU{ba#<9pQk1S?4J+6Ya|(Wav2Dv4PgPrTk(bLcD#u}L{z{4!#fAdUS}u0H(GOZnxQpzjcJ&|%{_ z9pGWvh7|DEf7>O~V%624ZQ$sP+gsv#h5Zj$8tzisgkUB}O~JnSvM8?n+{8yN66XvO zq48)NfyS2)Xjw@S@F7qOJ~x-32Of0y=bD5`!2rH?EsB+h%p;#HJoc5H@F%}5b;|Tp z3K*)032|@rUcOwIEO(ihrZ1PCP7(0*;IHWZa8>1iVOgH%;!&fucdysc(ONzFmEHfk zJ~NU+#A4~a?V7TYjfF=u3=QDk<~!81$R=~Ew|jIXOKj*1Zqr`zYUpw=Qls_05v~xM zcAAz-XR^|I4u7;+~^)$n)|>J=wm}!!YPolP)#(z*duQ2rWX5l-yoex~g zD4M_|+{yXyE&lT3Lc8-~NGJN;wMjcOlY1U9$jpYPb8GWZ zv1sCW>=q~Do+E11dug%lF2h7#=!(Nck6-0tf}|2ORufXULluzd;WWONVG`|BJ1R?& zROffht+h7p?gUKVLm96dv2mMlwQml|B-r{5<^zNJ@Uri+_DG0d6%>&>reY@u|LJum z-CsrDpl}%j(*;C2U^2}&6&SdE-rk5s>r>KQy0ybJKC2zY_4!2Tes<;QWh3(W8Pn63 z4g7oAByJcHQ#j8=L54Js&-i(piJ~=L@$CBxox9jxO3cF-r@5Vf)ZKBzM87%N)4;rG zLJN0S#A0MDuyq+G+_*!O3ir}pqm$EFSqK^eYv({yjpBgOe3@2flv)9*RAQ?nI{#` zt~Tr>CQd$m$3Y*Px*!{zh4C~gc8hyf`$nA7Nh@>X0Z5@qsm7=~Yu@1<7R(;%A*P`< z+N`@;!B5Y|9w-B>q#mewvq>q?PQ_@Q9q&~IQSm*! z@k!G$#Re27_$oyKfyx@5u>NRz3eDrsQr#uxrI&&#^ZgI%&e4@_~-71vH26@96zv7mqz%a)eIzO%C+iYnbqeVFYD4%~iN zGTEl5;LN;MSBvp#zK8p@ALMQq*lim(9CU#eQ?>erN7IW-3-!t8pfaS*hqWF?BanS? z1v0^+=HE?TprZJf2y!83pJV|n>nzoiciZv4Cy=x;HRkMHQvppqhac+%?YsF81tNX? z*g&1TJ8#2<6!pC(1WC+VScSS521NV2XdIf`VUG44EV2My+8`b zk6YJ_S8o$!WEN^Oi7-jCaQX#@I-o_cYK#zi`ri>r+bPKcK<-_=UhX1HhdEkL>C8Zh|X%^Rz>IIz|nK}?3J;TrBq4;_sR&; z$-i|!sy^aq{O+*mrBl!42ULf276uq(b3(!oX3k)!J|>CYoz<<8TiA}Qs{GUPhr)Qt zN!v#NqYReg7RH3VO-6;27J3=qF&hYv@tEhR?}qr7YeIdQC|G@lbs$}vA7o(#Lljef zZud3eYCyp}u9RUVEjbY82^X_y&hv$+YL&)>wvBM<`WU7|^j?VU?vY_=l0e8Sk${;q|3pr>Bc+*F>5B9?L*aV5QcTQpf|{%p2$Jm@@&u@^Of`f zx7l66aMGVeN|n_$!QbJ=X1)KASK*GX)_e%jF`L9O@t1+&awfm=nr}ju{c#7)(hHu2 z_6__n%hE|RtY2@CTHY8q40CK!%0v4q!7wlBrSKbu=iEsA?Uuasg7d<$ulouKt6n z)@=VkeVQRDDKd|Bz))4U3bLDVAX}jtoZ!{2hOBEg8g~#kAJY+k8zz4|a~rzN2?$y? z5}E0E3mXseCURPyVN8(<{+=L-A_n$(e?IU|n-)dh;2k5(D%UmI2EKFqLJG&sp9SjJh4e5OH8y z98*g)Ee4f5JJ3O%zPER547z-ehPv`u zytBnFPef;nv)=2O=14PX^j{e<%f)>Ip{li8@oiKZzbi3{Lhz__L42hQRYSZ$j{vE_ z<^4=!m{J-_+NU6>wJ*vKxnBw*wKbQ%YPAtH3 zlWY55MixI7R3c#-x6Xg>>O@g3_VibbqYuI+n-2>wzu$=)o?rbKvnC*R?vv&~bN71R>=3!@)!wZ`UnSC~eQ-%)|t!l)xi*4fvxdAoOSIfj3vDYg)d0PB6N?>8)gW;k#WHEc!OX0Q^p zHgjPp(A0;myALu6dLN7c7K}lIQLywngNPa=+jDMI+hn49o(7+iH9ty}NB_&?+Y}cN z*zTIh?)b9pX#YwJb+Kh-|HsVRXvvy)_d%ul??0pVzIIm_O)kcGHgi_{+Q{Qao~ob- z%s{fk#7{^yl8p5xLR|ggrOu<1&6(sj^Q;qLD4{RL)wJu)yMd1j2&4`A0E<&YWYC*` zxCn!3UR}!AMl~t$wi3Q(2(gA1)R^K}^s#RAOOsPDa0W`)#d)mDUFZcc9z7(b1^Hc0$xQg%(mP2-) zv#2Q^c#g=Z^1JM2j1j~MWDuT+0aJQQzNwN-tFAK81AzC=OSjm2pNVPUVcGFPs$Pqg zmn>eZHnY#M+;}YX;P8Z;L?JLM>a7}-`s{YPhNQOm%01SVvAuzOI*bto55~Fy#*Z= zjA^n79k!c}x*r8($|+1#A{xI!@bKpAhW7THxNj&7=E$XC7l{cDaU=;I%B9?jWU5j} z>gxiLPTOGWkBM7vIjH2$RrC28!P=@x*h2jEs{7C4msyU^Lt|VrIhRAwMG8ZSXyI3~ zOZ?I^Ou>;Myj8KDfkv}-E|)d9?ZQ81UqL87vmna?;L+5ZByaPMpO25)FTy-m9awf4 z0^GbE+K-fY>|JZ9P5j2*UFc=(1D=zbLNg5Vv<(j{^%dcfIM;(_Q96~nIq%beuUi+(V==^Zj zA|_QuWI6(+Z``y0`-^tg4~k! z{64`zSnfNQ#>>4=#! zII=bp?{C3ONv0?&Vg`EP5c`;#(A8m4H$NGg6)S?&xfi^}-u2ddxc$nU5V~#K)G!8% z8mgv`AsV50`tns~a=G?&cQN8|89&`q9NIS|eb!0M)XtdruqduP& z!#n$v*&Ndg!c`1;>bp+0be8vU2!3a|V!1L;F5fS#%B|4lJYE5jmF{gamnRXsdl7bY z?w)kpWQ79*H z?(HXx8`1X}TgRwo;Rbr6MwxBZsksWk@pENZ!3PC@)A+><`PlR>S&O^HFfmFyX#psn zl-3uH6$&rv!HZJoye5gNYs=7CssWBXmK2!x{1)QNT;d*@!^U1O=5xj|xIq~tl^>xm zFQz}te8muJDTF>A>(6g9W`^`hr_LgB1D-O%=8X7@WKscvj*UK`Z{khG7%0y8N{@CbC}Y_Hnjz-THVWHFU z#=JA)03vSuV+y*qus5?HCv5aLB5s1_cNqj4DWz@`&(6u@S8$OF3EqF5r_a`n7N=N| zzJNYTcFudlw=g6jlkh!CI19a%91COWdHzDB-5>RZ#&hC3S@FfC#WbM(ywqqs@`i?d z7fi=n`4r+nST9wn27kV8ck{Uavx$9MW{p6Ota|bI@9d`VH-=VQ(d#E}IeCsrE%^kp zs*lR*K5S`{lQujx_yDsiLRMQAG317$>WVR`o{+o0^7VbkZR<@wq#mROD|&Z^w&{c8 zRaWprQhJ<}JP{O$$!346Kw_V-Eqta4#^)X+ls^WRI-!?@3Vw+UxtZ(C;O@HVj(qnx zV#rT$+YV&WcWZHs&LEe3M2N9z^S56_ThTU>*ZZeY)5*@MxWyk5`Mm)-4R!(M-q7|# z)4J+CwXB6gR(snuu;NVOdwdc1ilLH%8krp6E-~Q@nyW~Kf`BQqA8ceIo|?@$!XrfO z1f#j06REnUj21ZbIfp6jlul1aXoo_>J(~2BF4}?<17uXWO!j+-;N~94)<5g(qhal-z3p{`NG>1syPcRXJ1B)_Um!Oq?*Qw-(igSP;oG_bjy!0=+eo!;tdC zvSGcu|I1&f7`fw$^mirMYTMT~8Iai-*C+_IOk&5$vlu{Fi{Z^{{CG_ySMk zjjjqdjX);4HX6H#bFnANf-cKgYQ8HBX5dU>BcIExpU#iMBcK6Pb;-cO58+YUI`4~y zXE*=tLH1_Y-3z;Eu9dmM1WVz)9VjakqZbFv3={cz6^PZN+&gh=4@MTJLS~z8JD~`Xiu^(l?mg6R-|%bPiZ)&ZJ%6|EYW*~*$_89CM$tUGNh-*SX z$N?=O{u2E^bc3%Nca3Ra$M#?Y)?20;1yiC}J31%?WLIc2nmquB1BThOT0hTRTripK zD{^X6SNc`^;wRW`drIKlUU?g?@XX)tI&r>KP-ABU_WT>lIxOth2I6IOw4@62k}{k9 zES}Ua2?nEisjZ)R!?D{az`@VTWX8*WixDR;fkJfp!&}c9}MEaeq3Nx@9_{TvnnkWDLdtB6kklIy4PsbI8=c96Sh^Iv(93AXj-a^X*r^ zMU)Cg1_13IlBs_Xu=A?l^8Kqju2sL$pRLkWt!%Q7{2!qmIEiw|4eJZNur;JeF3fmUtY+sOQc2sF_?qoj+!B+Vl%ywtC|;|NHwU-!$R0mEMRe?kJwZnM~hbuwD-j&E75 z2|R~?<&1bgY|2jCp)JmBlv+OWMWmfFEtc`Rk@$|${^9E#sw?OT%|BD|A;P{@b(nvc z{?UHlfbb|M$!$kzMd|i7p5juCQ=V!hA&cg6Z83KcEIacvhjH0$EOlv}x0lhR{D&^O= z4NFv|>vSkm>jLJ4GTHWLYU2l`i-M1e-xFK8S}(9YeRIH;eBP|W4%~V>DtUct;iIVy zu~jPx;)w5naKEO_q0b*2P;vMAIzsMCoDA$PQVeWzevlo~Fw(fyh03AQ+HPbgF|$0J zJ*`(ol_KX%C<|ZK6rN<9XP!QsEvb1{gl{#uR#(r6|51k1wxGsW@KURf@@*(9EB++d zl)w10^Ac8y49k`>y5ugulL~p#j@nIzv(jqaHnzV%w)nFlJx&GdI?j?8DY!e1hv`#s zJmXl1n8O<3{7(fhRRM8g%HFV4n4@q#xIb65C(PU7!}~nP?TUEgn^Ghdc1 zgXa9ruG3blMpc}E!zFgttc$cPn5Z%zq_0=c5^*zFXVVVD&GR&yyYRTQDAJV z0$d4H5()VnETQD&K)8kWr@7RwH-EnCN$r@0{%azCbhD;WKJ_ZrPmvaWWF(%>q-&8I zol|R|oyLokqbU$rblDOqr0 z5nECZccq*i1_ec9^rQ*o zZRgLvA839fqkDP3Gs8&9L3QF(5w7olzC*q&l6KFBd*XrJH-dIZX|&@TC4!u1W-Twi zZ+#b`Uq&fD6Zw$Fn|PR_b!!x=^IJ(V>Wwd4hlbrl$J$L<*1ZFi$RFM~Rg8+;i2Mft z$JegLefAcP{LFWcICI^i!s|< z6?#fZd*M!+yTt6=fcW8nA(;`W2;zr!bf2+mqs8nxYj12HmT}4Kah|!x_T_4qmd_-VSagTpVU*| z#9+`+Wv}h(vM5h`pn34DJK3tL9(MCpQH#v zPBo!CT#WVDxzk#c5wqdntM_HLycB*5uFGjN(E{NckD%)F`rUia;a$LbgvOEb5{%s4(8R^?jHBvMEFH5 z3AAmnzh-BbB^1AOLd@*L7S_<7>HWPUimS#%V8}s6M-#7qrBkVWR_cWLRH?*Tb#@7Y zTHTU5aB!}FW2ka-&UlmY!;go80>^g`-oxX6whzQT_!~GZ3w*I0=!+QR(}OKaI7%;S zJp~sAvZG>Xt-3aQ}YCxTg%nh=?7I-Y{czX$t49x}p%Q z8AfyTS8PV5&e{o57V*@Y1u0eHUyS@Q&BaVK68)M{TEy3nV9Bfvt**$}8j_9-bf2#P z7Hh_y_6ai^{h>O{(nyf3A6iEEH1U)vQ#Z(3PJ9SBU#PFuK!& zeTK~#LryWTL*kD@@!i3pT{YqXNhoYo;+U?XjZ!pEl=0A@HZw4yCK4a!mLonmDVn5k zXVzwxq>X65vbRl^xNQeL#|^1Sy+5gj)$iOm>G%y1zN78$_dC))vfqS1d8z5Lf;rsr zs&RmNP~<5N<1b5p0cbr?V>8<-{o#Au)pvo!*T409Rr?V&v@b}wve0@pEw!?0M_{Zr zGAj_d{-QP-l(LJ!L09;gUOwvXU-*f9pr_`9J*Lz;Fydi;bR*1Zc31rLZ;_%cX5v-* zmhR{ttC_#Km&_@$2|_-H^7A)ek$SeoPNVj*u4m6J6zvO9rye3U5G@i|y^9go-f3FK z?swai+!E0ewlNu>*R^wlau5KkG70z|3V{hL5pI1OGJvY`;Eg0y*`|gt>5jLS zN_(A=l4TaFTct<6zu6c)I{8w&EZav;^2!) zjw=4DxP0iy7GpkrcOjrBQE3UH``nXs3qM6@^Bn&nnxpWdF=c?SIBpsxxShi05O`^9Uzo){<|Vw z5x{SXf1{j!^<%d3+I(J*(52CagfA*xI7(ml*59!%dp!e;a*o$Ys1PZ3l?DsB6S|tt zIC_%-3LrIo~>|v zqlJRoC~W*pgr$~k;hwg(`Kg}{JbztGHHz#fC`fq&*{94GLQ}7e5=xf4z1P*AT!3`r zlvV|q&-AqdNsT$!<~p)8$F>wFRx3w?Erq%qhwV1*0Ji`Vj==merM&ev42bzg^*r|4 z{9%^QYSRFpZ2;BUvd9yYXO;HsRLwZvhsH=dof}u<@r5S3XQYfFrjs-qktY(4Zr-E_ z2AA7X{Sj}_MOdmRh55t%ZIVrA4Is!m{NAeUp=2tIi0S2EXfWek)|996aeBmkn_>Qb zA5FOg8W<~eQO@pvMTWh+#5g_uxt~Gcd;hJU2;C2A%G`SXVlxZnY-Cl-D_{C?P={ z*hBwXN`!s_{hw-!*V5zvNom3@f!$||p6QeyKlt(W14BwNthMe=6|hFlRUUcNw2fD6 z?SAN59RO;c3qKDv(4tnV4i8fi7rD*l9ox384-9PT zGDrvCFcV^Bj58)m_@O*6s^tiC1cx9{=2rZK6dJh?8MyC%^aKT13CkdLUm zmP7qg1x)>ISExi2_;PQ+ky3ICSFij&sR6A_MotwfrbMqp1IGNB&-^@aGt;&dV#gUV z#CH7O`RoBs`Y!i}q%czk{&LFZlVWjQ_5mFHW#S3OtB@fAGg@FKp8~a2lN3rOBIC8- z_i?^^f(sW~FGPhsh`WNs5_zD>;vzqnsl{Q6^;PT7B{e`rI9B=9VR0TsQY@3ns4-Ha zI_ul6khK&sKWfRd`LeuPXLWm6ois20^qb6aeCDUM&S?^!D3G9Kf)?(q)bhc`G0K>L zk(B)9^d-y>xmS20SUQxm=>Fk|hZVPw&vZdMkxd6y2cUX?X@(IAA9igYY!~$NU>V8! z$s^fe;^%~4&Nes`r72*pQFi-5x1vC8cO6iYLa>sEqauJciO~g{ zIh@y$C5}yh6-Xy_o^YJye(#{rN_=Vj1%ZsGOO0J;e*TLknYBOqRc%G?_#sF8zPuZ^#%k5?}sa51%4z*FI#zJ z*h&!>1N8C;XHra)l-R=OM7pT4kZ5BGZ=Yz@dTEf!}H>lBmKq=rsyCyhqLaO@aHw#oD>cu+<#v9O=@g=;6jVeAPEk>QlYY z^(FnCt48FUH(OR~1B7Ha1_f?luP~B=RYF1lA2!XqC8~{(bSVu(lgGby;n4ygO#sbS z&=lR+B6w{(aH3*3=W#HL&R2ho&s8A>su7w|#NUhz2rq5WaUun8>q)B-GlrBgN?MIE zgksWj*gfkKcY%F&5cH7X;ldRP#7%?adE_at^)Hv7Jf%}PnYz!(tw|J=3SxQZTqfT@p2AE&oI~$CiZ;jJ_mg%a_{Cxkf`#{%~phg7!3Shwf<|yeT2-I zv&r7}u(aPR1ki>-Q<5!IzMxjj?TgdDz56&-s#zG0Z4%AE6zOh{iDic?Jef3iQ%2_d z@!#d6b?XK`9C=W%X1>bV&tGfRb&I%gJMjJ-_Wc$`bA39KK zf?^&VlZdgGnE}&-eIa2|Jfl3za;)g^oUXyz{JYNPxm>30Jx0Zv zoJ&0STg%qm{we{hlU21O8;-N4y=)Vj<1$V1ry1)G2E7uBh|U^M6k#Kh1K7GEgS9^cGc<&SFZH}67&0_}VCbZUIt@gj-fNR!Zv@490h3fry4^CX>Z#cp$z9gNgB{U5T zpJk+sr=xt@!0W_GiKb~Y*uXt%=SS#L|NH&;0_(Y!Hf8H*vV3L^g1#Wu-3 z!>B&7xUYc8x5L)CYhsuF`0NG?a>Hf0#}8-oyRi;q&L_?ga`<^KepD~ua&K|-&AV*{R`eVX5vn)RIfvAf`Lacw4=mfc+PE( zvDAw#*(x_>FjpP5ML;Bi#gCgxyTaRT#PXqV54?C?>6&iNt~JwgFvKMsJ-C)`rmtIV z|C#S)mt9JuJvDlp*~6)A){R|zcl6>k*+aU_#Hv+t>oU9aIqiX%t_Vl`L%ny7Ll4*Y z60MoxenuO=%xwz5ITRUhc`rq17RPM>M+3Rn1oVi7_(e8m2CA7@oz{PP=QBR>6!TKk+noh)PQDy7{$NGg9+PK zUaP-$ZNqs8$c6IWYUzRiX0^^oQ#}gQ;s#yF$G^z%cb(%6OALMbbMo6u1K)91jU}K) zuV9(cE5cqe$zw#AdTz}yb$u;L?CRfw@a0zL{DqO8L4tTp#rC~LhIG^~Q1&3Sh!;$` zXC2Ou6I+O(c|lBgMqj1j<;Q}uBo5QJG@(`t zLw{+hwumsZ4CMGLp$b?0gkPlv)|lqgx1qf;^I}AVuPH(>3NR`n)O$+?g#_t6FiOE{ z$^EUoHb1Zp0>aHE2m9MVwSU2_IiCY@q-SrD(CSAXB^_e?xBD|P0;p&s&1YHyYRVtX z3r!dT9@uJ518b8iNNgVnGy?qUNaEfQNehoSPl1dUM3~M(kz^;2`w_ubb4pG?LYM(J zg!0?$&+T>ISrB%W&=ANtI@*qB6S`VGPqf4~JB~hnD_E!UrApfBFs!+Ajz8n7I-Q>v zB=XM+zP(|!&!DP&p2p;1s|9arpSK*=%-Vs7Z{7n|yHKwD>7g4*Y6#fdlRK*pw@)b# znaX$;`{o6LyHcM(oH(d_lOi_eX(7v4_Z#uEkLs>i8U|jH_ZK5PZ{QGSI`qxHae>94 zi#@$Nxd5vCzSaeSe|8gq)Kvq%iWAu`cA2y7=LJi0>QGl!q9AM$pD4}G#-$L6<_bW+ z^rF?v*1m3uum(M}4xNZn`Hns$AcHhd#Tk8}$u|^m?UAf1$cIS*e{t zQhHn=5vLnowW*-yH8}Rh!ihC5lS=f%&?)~V@VohraOZ@)3L>xtU2gqmKCYcdpca{ty+T?4QW zQ~o3@YpfV`-*`7T*VKjG_m~D)yX_%1Dq|1klW%1R>rw%aRJWB#d~Rfw#36Fdj_lm2 zZ6#6NUdROJpBBXo@3GpUa@uxz>pu5<{al}sko*AULfJH<-21dpqXeQzD*WTv*VC6oU`4|`Tz^F6) zjo9od|2{1j!%C_Yfy#b~e&@XA15<->d+-s3s<%qNQ^nvOYY>_G)4O?*|DgqFp~TD@ z+S##SV&s-Avw;k=8wi&nuKq-xIN;2{Y}N_>(r`*A&bxymK@ zQI9m7s0Aa^Xvy6wS}Be_X=&E+-O#^Eu3Y_kya-KOM6j}c-gt(nyile1Ja(-9l_-14 zXIgtb6LLF%YOK*G>(r$XmQdtg-Wv++d+*l;LQ}!`BgbS*IP6`p50#C{6)cjU+F~p^ z;5ITuKla(;)^Lb6tVed8W zTD$pM5YSW2WC9qooklIe*M34WO$w^5ID~VUV6f7$7!O@i+WLpMlY6QW{wSSPBV^k< zk0qp|Z`yg4o{{%R3Z>?_5ZUj^v`OVu)oZ@^0ZSCeDvh)IE3;{a`9AD&_|rFTUk5rn zG>x;_7$z2C9K=C?FtMs0rkUOIK|!jBV4&+a1zgLM5IY^KN-ogB;3hc?v?Q{GW*1e` z++!TfKXSS)wRJRHU-GEK)dzO;b5gq zo%@GNW#oIcwp}Z@)6IHd43^SWM+s38HR8C%S%yGoYEw#-{%o+AowSM zM@$c&qEXSuaB4;!H4*=dZ#BaGUxFPt4`TY%@mf{Bn6F>^syhXB535sq%qD&j2901w zO=pwdGeY<9`nRMdB%sIR7=GMNgcxNX|1Y@O|K%b6?^C`1`S}#Wmh7(Tzxcq1Y7zTb zpGK#vM$Yjg7UJHzLoYGO5HvKgUV_US;Y1eTuHWh%nfiySMn+KUAD&?zjB# zuH#}r975{rcPnx>-q|AXxZ8bovX$J~5yaqezw~m}6IC+3B+3DcpDb#4*I(2 z+=eVo?t_NxLBk@;nXm%bblQQvy=f6$y>V1g7k}h00o=`L02&y>*Baphc9u({DcZmX zkbD`W!eGTXViE*G1so$fBE#LRa{#0eD$nmp{e4}kv#_Ux{MV;FUGd?Tdq&ecdyzNx zE=0X=g&zldI+yU~$zl9DuL%H%E%ZnWJYGZpy)tUeb0Dk|`qmEx^6-u3j? zLkwK&**+DrqpO1g5}7{^m=b#2-xUbDcHfwkzH)-S+uWBZ;KEVizMk3tePq59#c zQYe7TUzw!H=k`p;WurZMonhDWUJqb&zn=GGM5t|u_WCdV>#{U8p%m2t0b)YSVZt@? z3DZwL|7J-qhu1d1Jfk_cuT!g^3vLn`M0WNDa*c^06>J9y_B!s)ixw=*90x(CPlU2T z`q?lQ!zGc=aE;{wmx!8<*2(6O1NjHht`k4rn^4{DRXZ=22iQ%%6zRdst}d`RrTRBy z|HY;R{a1vL&pGeO;ZHY6%e;fo;?ue~?~m3d+*Qj_vza-G>7p|lQMmkiv50giv*0~A zdi^hH9v7Q#<(hTVOMLd5zbDt|*C8V7w{Y&mPGAo*O!(1ukwJPz2G z2gBDKApCDuPw-h*izNYXM`pqdE7Ikph;$}i@832}e`D)X*H2_5;+uTg~qsd&%Q4Yt%FwH3N`-N#y$N)i(F zRuwPRC~!@eHoj*ui%*^a9&Gd4{Z7^fVq}1DaNuI&;Xjp)o)?yP-%mF+$OBNKOPTmz zybS6|PQ2euBa`=B{nxX(E~kt1Yfh4?ihTL`9Wt5MyH=0mev2Ei_rTMw`&iNHTACfv!3WrIS4y##Np zcvLrCpESd?sc*orMdIt%DM(HS=*r&Do^I^^1L*AOTwBR&fC~YLbX|+B%v9<@P-&T# z$T!vk@s8FWKP2-B2E(A8g=+i@dp}n|^l5BYPkXeqtr}rhZOGg zYwQ*9>5J;qt)8#z%XIAO&q>f{vJqsv1sJS7YGa}etU;E3(X>({-e$UF8x<-YmHP9R zPL!uab>bTiQ#By+*~j9TJ!qV2S~j zVKexrh(hXh~2-&`0+D862_TDKygiR z4enmN#fy7!3IvL4a0tcSJ$P^ko^aCN_r5c8U1!dG-^{trf9Eg4lP7t0wybsUweNc^ zXBgAzb5eJSkWnn|PH~h)qV+{tyoFgek&`qG6EK9X^U+(^0IV9^)J}&rA$q7ZT8BN2 z#)^Bu^O@L*YSleR5U*bI0R4x}5CpL1BjU#(AbHxHHnw<8<85g|g5{7?aP8 zt(&JSSB%7IXSR`<3(fO_2;oauID$6NFKg}xQb=+6KFtv@D!p5~ z;;mZt=^|%lnteuTWjkB^clD#@7!M4$1vOK3L6f*%WBL#?_Cs)shvSxZP8`UbareH% zDviigLMjx1yd|?=CWi731D9HSEPonPHu$@d=SVaX-T_T!4SQm-?$>foGp9MYqM8 z55O($3EbFMqt=V5XK}n*H{IVR(Zr#asR$DnBM;y zxBRihtDMbBueY ziHL8}=Sq0~gYuQ}?Ejea^}oas11J`oSo@IK3?KJD_Ysq#o{C1N@NsSCP|S1?Z(Nvm zt|0~Pf(t!mV$6fPe_37WF-L8x|DFN;7x-rX%V+;T(bX~}h5cJ<$+4Y_t9Xw>$Q6ZE z^=Ldw^YuB_JKAWF6&cR+L|5yFp9g?I^X19wi8k;P^SX$SzlThoU|%MkxDQPbm!)iu z^{#H2#2A;J%h5qkM(bObJ~b-&O5p5k^(J$|ZYVe3ExZ37CUN7cj%rfzIW3%&&Kz^P z`)cJ!?&b90x96%&mk@H_e~99tP3$zu$-t~8u^|a(mlHn1TItKXb`)f4A~#0+h4L%m zz0cdctgojVqL$dNVZ~?$qC0rmTAy;d&EF>O96YyQHtMQ@rOBuNmeshFh#gcxJZrFD z?F21)INo5cVXLIS+fO;gXpI9t(9G##%OnMTf>yEr{bA(V(V4X=P= zTLvrehqp_>`2(*`Rt>+JUGXFDn9)>{y1bj5MZ+=fvawehiH{~hi&8z%$^b9Fpg+Z%VefqUMZL$-50R=Q{ME64GPyk=)_0;$IJg`bD_ z2OGyDU~HOK>kcvWSX`X&;J*3iF^?L(PFn>^3`GKngq$c=g_+J*C8FDX5u!0*Cv1Gs z$VlEPGE&$R>T^A4tQQA)9WEv1PvMwI|2rZw1x?)TX+Q=>S9o->e}ul`?YHZLiP)a1 zbW>bjBIOlPEJ)s6Wwn(nMlzYPJAQNXCE7(xze{n|#{Ng;eX`?h2yYB@)Fol~Zjrev zYDRX~W?YwJJtHN%?`qXk)G!%q1$%j5kA@)Am$1X_e(gh{zPfv;eaq3%Ptrj$U)NF7 z8!X3@YZpeg>M8njiV8hJ2EDTlSk=5CjsC2)Z#npph!XAI1MINysy11-iIJ*d7>$Hi z7_;rPFH+cQG5hd75q_X!O*T173wg(BmD#)6>PXS(MD$=rxz9kia=QoiyYy+?^G+R< z2ygd?%A*!zuyVWeQwW-YQMJZJZ=t^f{tNm~iP&h$1Ofj0;f>|ujn9ab2bvpb0Fqt= z@+*YR0)!YT*^sY(x0Wd?qRpet#ixa==7aCANR>vD9fu~UtlIy;L7DA1kH3x;ocr&2 z6-J)OUt_g}o5lyK;}r{Ecco1k-gF;Hf4NQKvIn2?2XAagkB>ypI-dVx?77JIax9!iy_1@@SaI-gUtO}viImPQ^8*O`n zfR-1{;txhoBK|JxEottJ0Q|8Dz6;479o;6ZHJqX@GnebdqbvpT9W7?Ps-ZRM`hh08 zqD`GqQ-=$ET3L_Q<}pSj5)RWde0xNCUrA1I1<}U>nH;l&Qfd^hk?I{=E{g?j{t^b> zE6C?_Xr^!slT5ESD{h#x_Gm(Y2VUfJTtrnxJrAVwBr^4!(c3>At|VFh3%a&7=UL++ zja%Bw+PFBo3D|(d+3|bXtuSIkp&M){m0Z ziKirJwj{^eSTmH+gv#2Z++`9c8oY2}G#nub)vE6suUzf_Ft^ zWomiqz zJs-VFCEKS!nSB+OA$W6=m8nF&VN2289@ETdzF|jrQq@9?RxNc|qm44>LY@-w242+U z<4k9FOgF1=U$kc5YAI}&i@ydXlzv{nwJtmOOJgWSK0DpYkW*vcPM1Ip=Isr)2 zG_!lCFFggb1rI$^k>L*l5z#2V6EX|%S7q2uN8Z(J&xxy(Ke!UX7LzR7A|?zwvEO-^ zpt`iI&PT`V1DA=!)w@r)%;Bg}t0sj_JYPwk^l38c!9Y_|(d|?GPM&vR&H>#_(&d(k zqvez*y8kWfW!O_of&I>!e~pB&hH*}lp5~6*h%SUC<~Khs>}HR`9peQa)wFGT;|MrB zGV%=ZO?{j}do=r7Tg$T_&`l`a?MzN;G<3W7-1F{U_D+eq#`5A9oZp$MHI@7_BBIY+ z5fjqELFFKhZ{Tf2Pt5M{CWV_B?-zyBZOwXXxIVMh29R39s@rgj~myrE0W za-4-C%0Hb9C!E%#qu~I4pn4F%6@LTV8uYkTV(!Cx*%=K0hNeh$nc(_c4WSGtv*i~K zrN7pH#FQS>rF@>80;4OJJ803)B#?fa-cwvu4H160(MpKzN0#Xq&dc$&T_R5*>(MGt& z7jsgfSS3_$5Ug{m*mPaAaHAffXRh7;lv2Xav)24yK$pVbd?7aMnyhqnx(T(tF1k!^ zM&{!z24|`Z@+MCn%@=-|L04meaM3}8qR10v=HF4O--=6)q4V&Zho^sf12j6g)};D$ z#ot!o+8GHj;R|~syM2}|3%!h0ZN1(?-h3x_@`?i}@{g*x5CCycF$BDiLnx?Y=k{oe z0efNUSf$WZDbICzlhQ%QKRiaG8YA6{sK){S`KjQ@JDNjL(7`8i|}s;?tj8$4KZYjC11V~n#j~bQ81L8 zCzm^rQ|K@F#DZT=2q34#iPS#+6*tt^$r`lQ53f+aU`&5OQ1+8Ea`{Z3I+mV@2qg5c z02>wB|2qKvd4qfNZ&Z&6NdBQc?&|Gl^aiOmp?|`9ZP*?){|&icN;Hc7e;w6B=|2{} zR;*nRw^SW>F0*key;z3wj)y|$uGXA5VqA#Dv>sArk=dS4mKi=Dw7C|vA0?&4QTzCz zk;RIg*_DxF%#y3IG^JF8B>USf1){qPFyF(otiH#86E0j>tW*)nW4n;Q-nw@Pbk|w$b#mYai#{?W>)RvU3|B)xn^{K2gOht(G*A z4UU_2+yyw!f~o_z2|jQtdw?Hl)6|nu<2|U4PI|(FfpAR1ag4x@U$S2#VwCsQV72ge}OrxNgjH$Uk^KgQm>^N>WSq8!!pyJ$&`U?lWIUAwf$7`Dw z1Os?Y+Li0kl|~TQD6m*7TZ99#xhQ;bG%KhQm)xaQE=A-*e%hz~RdGkCThgF&@3<91 z{FG)SQy8z+X9cm=e8Owg?oXk<>P4WkF3QEF$JKY1d;Ci%DVz|^*sld?ID|iKTGckO z>M@bHN}B0^)Y5o5-Qakar^Qw+>Cj+1cx#I4`yuq?6-sg z<?@z40?3X6-_8|1yz*2p3Xy9J$(ykCxI_F+1sY=q_>l`jf6+U)ZlJ_65<8O~TE+ z;q);?AgOWVC)-WPA5N%TA$-l;w4H60?HFsKMh|(-mC43LP=fwSa``mE0N~w-w{~fTAYDc;hM+%5#EV?5gF2S&K zkF_mucKq1h2V=Dt#sgl6gm^&z%m$MCGq!a2p8?nExZk{`3m*+22zR6{lS+6r^~`#nupK*aa9Z-xUw_9u$5May(#E{+`ukRzo zJP}G|5ln(8yW##c2Hm}qh=J~%Cf9#Hfw2#1_MfjI%T5m#k1(a)U^gHvU@s9 ztpWe6hXbY4v1sq>67MCb9SqXZP4lx_LY|st-BxVWoL5Eg$y#=TNn85xsZhqF4S{V zQfm4EG6r99w+9Eia2q~yBpFRx9{y;%s9Jk#s^dvn2?)S)2w9%3=EDDhL|GYr{adp& z7wFDRgzt;x6eN0O?C*!=91wbHmn((cx6=cQ6hGc`24-QcN&GgpZ47gj3cP`b4MvdX&1j^z6Gl(Zm_WEzZ*VMJ>Qo6#5*T; z=B4QWSsm~k*1jiIMc!){2D*xOQLL~3^LD}jU<;(?BbxIinA{Jq<|=f*&~%kbCd65H z%;E02&lE_y^6fZka%;z!%;(}h0+t%+jwCmGT>KdS5D%J zvP%hJOgl~8?KTPAE%7lnQn)E#egR3DlGfs2nR;W>Rs5!tQIQrFq@6vzCCB#aRLdq_ z7Y^_%6>(GeJT~zl_p<-t*LdD*Dw>TI+;6Qqjqez_+vv3EmnKjRP5~U9tDo{2MV;im zd4g)RWkkzYtmVT#>Pv6O!iKYX?oT|NUt`Gqdz6DX2lAgZTLlLy)e6e?Ig5t9zL1R_ z9T=^I8ScwlI-!yd8Tj7Z_kRU>;;xRLali^F*CLY(6U!gvG(J*MdKQPhGyfZIu}%oeUFloIU|r8Plu=dd!q$AGNT>rkacdsdBY0xSoZn*=XoxQzvpB3H)r$wsv;<{&4r*Box`@uKm{R3|;nE`U-rCLKkbBEw_r6qE&=KMt6}4 z{+|ieukUvp*?hk#FrO0X z2^ESf+11MjstP|?aWXwKMcxWMQgB81)cs+pn%49JpsFNMzz9T)_q!nWXS(guj4O2pgnV$dw*c+K3MtcPa+Ev!W zjnwB9fG{2u)p-B%8O1uuSYfQJxPJrxOUTvC-_ZA=kE0L@@7J5h0)$x)ZdU{U0)zze z?5u;w54aGuuHIZrNgWl`tm(&&h9lE1QFCLI(jnBDDi$*_217B!xwX~=cN(xjaYwfl zojOL2rjObZU{!mrWCqzh-<-15Q(Q(LX><46fU=X1R@%pt%k<7oe;`zRE=_QelF`ha z)m!+Xt)qdGGZRwx$jD-uO}`j9VR6|ZXBik_#r_PGINO_9tj$VGI&8ehDkXgs3FvOa zZYT5i-qlY){#wH1F!Up{6!c0t*l-d7oNKRk9X=sc8~}UcJKXyUee!n_G9r}nv%t_R z6Pnq$(WH48VX36hFF;OgLySpl&4KgwUg#bFPy%BA#YV;I_%92(|EB@=#A{ryf8JP> zo#5V-cr!5YAOAfG*ZhZ>@IMH`|EHh--y|9QpUctz|EK@oHl@Nz1UB<{yp#|?eOL^z z4#jg-B2s3Kwi|BV)HxTK2lA^8nW@?haL!a8Ayi)dkSh+e`~8)~i-OQA3X-vF_Ky;V z;$huBPk4iecCo(B#R_|GDvtKttKO>|;%1Ye(3(s%Zqc*m`3%LsTa876hM64n+gkBf z0dii;ys41;^w>HtTYHw8-W!1{Bw>;qb{(HJkyt3PH-K7S->t@~QNP>oZj zWd`IHP%J2yZc9l7l>6^#1`-nIm^s3*UlNR}{yCaK{w5Ict83x4V2h~FVmSM0E`NB0 zA0|d&O_mXVSRxUP;77@kEL4vlS!tRKjL>KiEzfRdE170(1i6S+R6jXeE;pxzm?pY% zbTg;RBJL{8D{J|OoN@N$)mN|HNNwExOG?8)J#1o-2ARgp2m#vO*^9MxPn-JD4Y($MdL0c7|b)5yF`#%6e4N{e(mzgdeOSlT&DKbjo6gUIxbR*@%oNEK)`*k9spmwqg!}49@gac+(!RQ7UcWh3*{t^D|G0GlvF<=c2?m1eZL$+;gAReNUFLZ= zku+ku`$&|s(8 zJ7#X2k$qsAtAL3sy3h=t=e2)2XxjQ{83)uKZQm6s<967#RdVAHSGnB_+40`wJI{;~ zOPQEDW;mvnsapt+czjV+SUpqqFMu@TV?!shFz z=M?@lPziLq8Wx+gPp|&A^fqg--~&WQZZIFLbaA*i_)cXpJBBij1q%}6T~cW|sB%_S zhYjhgw}V@bdE0r7(OA%5G-sFuaO~-&@SubEcOsHw+z-dEyndc(&$viN$<5Rx>KjOZ zJ*0>&i^Ds?Un^EsX zb%HM#rDCDe8rOU(CnhPqi=qlEb&3~k{i8Svss^3XTyL{jFail|EcKF23npSu8)2#SO7>KA;=&%rfiBk0vjU6@3S!*CM@A4sh_;8e zWCUPVRKFLeMolN^@Z&+*tvSaXP(y+euZRY)_$%uzSo>}FW&K@;*PQRbpyWcH>YD`N zdeYsBxfS|R>1csRQI&Rb%EgntrHAJVXv}n(wZLJeUEs~!7k>;q%|1?zq3~q}0>_DN zx%;b)PS*F58upLj3yjFkx%o#{@9ZoeDJF-vpyKwBnNtJCJY~!OF;fyOopfi)vC1X! zn{`}IHKVG%rioFe4H=L6aqgJo<5TG^<8zc=FVxE+^1V}i#ZD1$*s?lFML=Udik;SN zhvw^NkKRUIpOSjc#nah0m%24kGt+I2S}RYeN~3VC=4L2Qz6$+H>AgW{5O{$g@7KLw z=wTbx0XYZ178xag4HR){E!q9@@Ij_9PcEYIq8e1Tu6w}xx1hsFsb1pq2XinlgWfCc zmYIgZNy4;#Q-9D`bnoA*0U2ysdMBm8!ORZmK=*b+4nUfzNKqmuC_h43x}~z@XnwE|-sx}GU3XY;ymb<~ zXV9n=fD=UGbwU{h^i&uNg0bxDUbIqf%X17-(AFH zzoZLReGw)sY7g0RDe;z=QYlfF+mn)vZ?oe-i6}GK3DZAi{>^9-s8vY+)73^e_tFiO z%`bPK5{%Q?J>GPRe5S1G&-d}?7)Ra&`cuojpzX+E`nbV^bt*EpwXEo?lPKM1}=GSbDd-J3?K=I|7Mk(=myu0#_`NU4NnQYj;JQ8KC#4=mQVE#c*gOiJ_%Gz~CC2}rkh zqHcFy!3D34{$yy&E^6;9_|xTyUQV)Ul%4Evdx=H((-PLhG^tCtG=C@7O34}Jxrr8@ zaXd{*hOSE}BU#lUpMicHJ3qGc!lWc++M_m|PSsOj&IADx8vdf{1lG#xMM z;7Z^>W4!)vBSompKgy@?!@ELt9K30G)pegXTP%2jmFmNGg}QC>cIRf~Q0!f%Lt9tB zs>-w>9P_!qvZ@Z}Il)I&0U3M_P$3%x1-F-^C2zmk_cw%J&s%|Hy`m$qw?xWmm;F1t zEafduv(0fF`SIt#qktMK39W9{95=c_wOu#M9v6dTb33m==Ybhy!{=hofQ(;^L_i|E z7~-w?4D{a%0`{r292{^oG;kp%v;}2X1GUqo{lV2up<6q%Yn8*{=F=$g)fr0f+ID$! zsn%D0Y}(X1expObeY&iWweV!h2b15IzO5ba{Mlxa#LtGHic>F_DrRJHoz-LOGf~x4 zSxT>=${U@GRXiWjCv?C0p*Yv+D2tIWZ|61dT^`01qy101p*KzSVML>+XCfLBKeeT{ zeA%qBOY^Y_3!Bl<&9~LwT1H<>5Xq|HzsF<)IuM#bB-=dU~3!$}51SAZ4B$|_uw7l+a->tyT;bWE*F+ETRhrlfeL=O5m*!?BVD%~C~cz*7?qE! z6DdK|YvPzGr)!{~J+)nc@_MQ7D>AziPYo@NpGc6rp+4_e;n+6>c-txw_bQRqr5_9o zn}IlK;wwJQ56`FwDQg$-hIH0{8Y`r9W!FEqJkbj#G(7tjn4l8$8isFAB{w&q7V%+b;(G%sShjo_7OK&rG-3&JcMRmIx z9T+!LTg+%XP)ByIj`QK7nJ6(R!kXDpN&Y@}!^yKa5G5Et*_f2aZIVSQfDChv zUQPy#@iZnw=^r`lcigC`Z(-15)v{3T>xYQ7EPJ+`41naaUYi1c30CL z>We~yR(C7cFi!5u`0vr9%r`BK>XujAnm?fwntD{ce-&$D9*X6}e_EIwY(%$t4@+ks z+SE=SjaHUY*ZCEhcSjb{r#K9r;#@MbG|3$v91un^RjMw^FcI0y;LeHQZwzy=|t*n?W7}${bFCAA*LZ0%! zONz2A9`ZXAx8~&SjV|9#-5Z$+SkE(Dt=4PGs}hx)a1tKsEY`i=U_nlIV(NyX&&8UuskWG5;XCsfLmK8^RA+hUk&Butc8lWm zF{W9b1nILvpdrrArkW^U7X}zcu#x5G$B-EWZ}4&m_FC%M2O}0_rlP+vYu-yS2OZfR zddKP8mHvM+fo7I%xu_$^-OPl_c0VRTNrF**>k&Wf@fSMM#Mn{K+R@gux}vB36?lT$ z4;aGzrz|JhIJx`OOkP{IvYEr|qqb*<4Fb@)S+`Lxrt({rtFiVLDler==dRPUt=6E2 zcJP(1li44nczclEGI^@9!+?P1(u-%Gg#?E3z8H1XeavIPDUjv%akJbCijn;hX&0xZ z?(pVC<%>1eqt_Sc7Ce|+dneqtE4KVh|(xm2_Kt%+_r!W#n6h` z2gKCJ!y86^mhwdo3*MgcCdWa_yg-WY3k{<-m_%h}SK0oIRhe8;!n#lC<)xlL@Gj2l zXt!3|@?_A@BPv{H8Wz+1AoBp`_C|q26UWHMVpEzGi(9|_B$^zu#01-jPouN+ut9?K zOZ6j1eY?MM9Tv3{_sD&%vj|6Q-|=)-fr?q>)G3x&K>4I1bmY$tvtXWSB3KBxkTt+n zj85RmDkjI9yH>%G-A^Y1iXoB`H#Dkmc8XX0eRyhMS2anKyFg?p zwX-j_I38QbsLw>Z0|gTQ7- z4=lbps*?eIm+#&skcG;Zaedn$k`0%TtJ5udlpD!f{!z!YP9%6`Yx$Sa+HcCGTkJLK zW|5wI#k<0K%7&OoPwlFP5MOc0Y!~rsCVyvN_~c=ZFCiTlbaT|!l)2bQfDO=4w_dCD z96v-=O~AOA;g8_lae!=cqK+@G_I?;BPO`41Hv5)UVrRdo4yE@@c3}`r*vZp!sEIDM z4fp)8-9uK<-Yn4OFL$J8sGOojQCQ)OzvCnEc+z`+<&kg`5;QHh#gST;{h^)+_WY^J z%m-w5Y55DkSY~-P4L3ApKky^#MBo_a7hn~lvPy-%a$?g#inC| z7jKyb9Jom8>C3ghz$Eoc4U7AAy85m!kDm${pAWT@D~V1$TrcD0%)V{bxRD9NvD2yo z>Lz9#tkDwED)#7)Pf9sg+t&kZXrc9;b$lOi_WB?$G2!iNmQG3QmDgTK%hh1dMn%;M zy3^L0Xm#+%^C*bso`8Fuaa~sM!nY_xHG3^$GEdiq3x@5xLR#~DIGCngS0vEV>y@{@ zq3DW>+Hvpxrw=u}1;(>}`o|6?W4Xw1&WEa|*U*@+ej~B(@OFGSBp|#SFo#JRkf$$y zL#wTPFIUZ7ETtzZr5q#CZK1o-NZJ(bS(*D@v(0RIk7QeNGI9n|VsvT+e(51AvTo56 za>)LX3Dqgo;qX%;cD7}TnRr*N9PLM}{y{0qGol}#vtP0L8ntM@GORzM0KY6kVr|4@ zk{|PMj2Z86Bh>MR)$^1^R4+6>{OY~Y?4|Jf`|N2W<&1?C zi;+mJ^*;~SA#T4|eb-+(GH|=9u@)h}Rx>Ogk#q6v`!N`5Jsk|NseO9dm2iAH5t^r2 zYaTd9SaDo{>xHaxiMJxvTP|?*eoz2DbF&tF*4szPBOfv1^4`>w66pgR*`bq-C^$Gl8X`e=_Ubv(;F_Cz}H5}1lw+r45 z^#LWy2kwypzb1iMKRt49GY+j5nq2qFcdC2=2m=P(==*5F+5IFlO%@rNGq{WJg~6=% zV@61XnmrD~b8u;CX+m=5lhYrjOBp69K>xLzNoG`8lm1w&EK_INGahgCFS_89d+NXC zY1^nJS3<>|4bvN2CTXkjX-)rDwDkozZl(T5y?M-k7j#e?6JbH!kHaAIZs*_c{kx1U z$-j%b|0g%)v%P^`jlrG-ASl0IksUuJsgdlv@lka0J9DD1=_lZ@Ks1jA<0qId!E$GD zcl`R#PlV)t&!0Q#5Wp2f5px4|o065Q5~f=Rt&4dvgkG1H4_|fLHD`TkW@AuIi$KeQ zauq0QXci(k9mpsUR>V#`-NmvuE1wN=e53Y61)aVYYkuQb{tCBjpUjXl%_>kxcpfRA zVlfr7YvmTMte7J>PcX^G%KNT5Lo{<0y+#Gs^|y(?%whn5z&JN%2T-$}E2E=O-XMo&B-J2F}B@3!(?0g~@j)R33H{|AL zr0M2SL!9qD?IZyQF5j86Tln4ee~_Gsq1uFsKKLF;7ClecRy9&2^OLPhb`uw?zk1*~ z$`>-kV5_1CjipCf@)u3r-Ht(bB-QFq(RzusnB!Jd-uO032MKThey6UVQz^9X#yE9v z`hPQr2aTa09U^FdIAcz#jONTL93L~UA21Q>J?ukXr%Mji)kjN(ZJ0I4j&Dk3)0*4- z$%A|7H+-kO1;3g>8|YQov(Ke3i?gxc#a=Z>Rr_eX{ylQ)0DZt$0dF5a^f>I82{y_G zJ+IVU56S){AoX@^x4ag_k=G>ek2s;*u4MefiSX#+DlPYb_* zJN7?Ce@%Hph3((`sVXtX6mMrvTd^QeREx;}8=HlnqLlk&#ZDEfH+(5d3H!Maig1tA zfOZYB9pa4FimD8TqHO@JSE>R4ZgmZXY8$4457p6P!z^V#q$Ry?g$pcQ=S|Hfw<0*@ zEfbjCMFwlpf0TOJrRAYd*!+?zNupJP#)NitJ@<)Qa=hkz5&Y zIu*KSG3vU-_Rm0^KgXOaGerx$bZ>2Y?)4VLe^lSggD{yAVeA|3sC!Dqq>ooTXc4~x zV-L`ymMNG=0l%Qduh}5i0tOyp+1!z5#Q;YGgX}e1mP}TyogX!*d=KI0++X?nPW-qSAJvKKZgwC`LSxzT(}!N@XLEdL!|$;EcgPLch3i z+U%)y4Iu)0JJIsEiF==E6B;wws6N+z?-L<(DwRI!IY?MpH;_QBVUx4dOlT+lX#%t? z$Ns@pFT0C!;>;0k{%4&{2F(aHEa33GviqiubesLrdrKLnhqKSA^r-| zw?48>?8B5Bh0`i^re5MI`e*}?iZc`LbN-sVC_hH&5u{eN=-@{M`{Qag3! z+pm43Yf6_hTfhpf_3UbG?`Ou;0YQ3j$zEMnlx4}i_8d7qA;0J7YrJLm&wjWG!OH+% z^}V7raSZN`zGoWnYNkb_SQCuT)Od(}!*AS{IRcEMnEy1S`(xPAd7sk-R=7x3u7gY%R7?Bee=sYJG?(8k)5D5;KI2Ip)v@Eqr=edI-8s;}%GKqwo>gcmkN? zqga}8_SH)|i+@^DuX6PB+idyw0O_f+{ma2mw49qEq~_uNC*glxQzNRGJb^g?B;cNW z_#KiRsR$2P-yuF5fG}|kkPOazT-vk^D=_#{5L%RO5={cwmPV5v3aDekd6h0AUt zWcTckZ&wrW!;DcKwL5;Yw>5)Ts=bedxGTQOZWe6~BNbqBI zw3ymm6kSV!;~X3e3!aiEgwD_ z%<})^{Zlri>B?UG^HL^ggy%1Wz+rg$-!63~{R1GLz5lO5g8!)T^q=4c=}prMZ;1=b zP%&j5X+YsC3%`q7zD9NORJhM>^f@~YjIC@|x>Bg`Valwm{d@-2!U~yNB(Iu}8i&Ex z?OsnmI7}37^1t^}5RH#T0MlZ99*KF%qMRg{XC**5%+4>y$;!S7$3c^TL5jdNMp~(j zQ8Cc@beF&W28z!7d`SY2C-YeCaEGGpR~&Ee0Wq2RcXQ3$Qlk^8Hir3?AYbv`TX5)$ zO?f7I(}AzDI5%H&U1-cA!do79P>tq!WJ100Um${RcI#PZ8-7;=Y>Yt*1aZ|E zsTk|?oi&D4jz;PNY%#!5%}Y-9Q(l?+hhGF7WbPIpFVxQ;%`9k70s~xZsJK8kEAC$Kn z<3rEj7@tt6W}bgn{TiN}yFYQ;mdy8yKzHuB4%}h?vt|AOKP-2G#@waWR1A=E&tq+} zu%fNHiOb_h zQJ#O>K7Oo~^8``g#CFHF+KHu;ljinpKycw5yU>XwAr=R>pV|V(MU1k*pyndmoY?xenMo17OH@)o9XGA zug+>K@^j;*356geWJWNen%F!A7)f(XlVN?x+qLxsUE`a_^Q3bU7`yOvn_vQxz9Rnw z-O-clfW`-Ay!Za6gfu~fw8MqyLP7~!S-f^5g4yXk5LS{9Us;haxL);aHhf+5<4wPp zPyE87bNTBsVDc~3nB=}>*&_@OO7|=#pmMDXNBc!~rDe79^wuOKa8+y0RP9c(OHO{? z8~4V?8V}NctTm{Gc)83JqT}0YO4_@6lHr-QNq-HzRJn5L#$ICXxIK3gD@*n3(=+TL zj$Akj+$6Z2#Xv=4_*K{w6>>kB)1)pHzrFd+`P9w>%^s^yw)x4C`cDH1!!w_6LviGUAm zMKSuV$q**q@H}jxuj%N|F4pG4(O9k&)J)(7dRzgQ`=1h4n%uyCvfmyzU?8CD-L%i4 zzP=Nm_-WR#EHWCtSqCJf)&o!Wf(IZIaOf4Pt0u!w-KG{QngV`jyT^q6th-tx`!?pG z7j5)fqb`WPVM+kg!OTm`x$(B+N6#XXyiTBqL+>s-&+_SD(MNChdoDZnq1(OcP@roj z$isMVAN9ZkRiSqw_XEk-7f;ZB--fKXM!#GvxyNDPLIqM<5kmeRzVJI(yEq{M&%+P& zt*3PXlS*<&k)DgQpNAlqb^9)z3u(OFlZrvf$LQt7eU$RcI4VZ3?e@oLDSESImF=Cr zZ*G~G_49V+O=m**Jk`q+@G?rfcqM9LddbB0(mFXAw;R!jeTRQ^KhB)3;WlVJw?+5RhcnW=*DdO3h~awoOv&_;Y^itrOA{tVxH8uN8%v9b^e0o9y?%BxbJo+?Bk#% zq?q2C>$P(j@%OuZ)dj7UW`d!ZtwyH?QadBl!|ILMpkJtZE}2W%R6mq~ZQpB2|4#Bc zU<$whAt<^sBR@7XZKc0cjVb@bE*OE-Hv90cx7g$RJLP_lu78JwLQnsOgmyZ*A=B;m z)}g$APNw-N@v((KN!wU{K_v}7z;5>_j$AEzcYT;3{QUNFnRo^7y%Y&==5dv)y=60O zyLjb$?YSKz_giJUBBr13_eH+_GBvEHOzLrUHvgE)=m1dk+iFbj`JWHXE~L)f>#cpFQ87fXz&}PD_Z;T~sLbZCIrxpq zJ4~>P9((-2{wl<`#o!X>{7QP(iWHlmVRUOygZ!J8u@RbAu@&h=@3U1|u6O9`mrZ_u zM!h9nO&8%{l1DEb2N#=rTnnv8y}fe#36nfKA&CNldZ87??=!?Mh67Ajo(oq45h=Ax z5HIzMI5%0vzC`Rb4CfAH9y{(8d^Y#hbx7yCq z&?O@lVfiHc6rlWIVKFXVb36*gw-{SllHM>q;;iIeXa8@o4vxuzJOKhnDHuT$f3 zkjGu(Xu@?O8&=U#K|OX>C!Qt5*WpA5^Is6Lf(8{KLA}oV>7w-a@B4`V4j)A!|G>x) zw%z~QP2v5JUAXt|=u;0WIIbc>SMA}sUI3QIK6;HmA=t?u)0oyA^)|fkIw#!@?y=&X zrHo)V+R@fTQ0Y{XTP=DNq~<>hq^o)uD(@*;Sgkxy?ML}qHklM?S~*m*e?*F1s%eh-Oq4EAq*^lc;>fF zo~{J-_fB7*qxPL)6eCw9moC1z?b~`olE!L9I$ETq`KI>Z=TObvv9`hd6r1BwOnvd zua4g%J|Cj*rM!Cm0+c+l^Fa$Z^&q4>ar;m-@Ema`O0S`i;!SthnqrOlQ}pG$ndWnE zxi1OKdZ$$ZFrQmG=R3tT;J`v>j!eq0$X`nDHZvUs?z_fwX=?DE8ep`Ev1w~ zq0r)9idzE|mqO9fqQ$May9aNfxVHog6e#X4#T|k>!Civ~mv`u$J9qAyx87Q_=H<_< zgp-7mU-tL2_x_!qg^|u$Y!@D9L#-6Nsj$jgK|ou!IR zhbTf*FO2!ji!io~{zNo-2Ms?EFw{ct<7ZL6i|4q~%Zofr7#G1cl(s;9F+*t=j+)9= z1B5G!Z}u~^8*gb;kknAaIZ%XCl*G4R%sSA5HQ$f{!}jKalLxE9E2@`BI z+9~0yWTeKA$gRq6BQV}sO7VpoFEaJy5Up94F_i*gM4nqpMS34{oYZaWJqNjPF#PBW z$y{eE&n7bFt#pwVJii7!JvcU5ez4$0i~tteX!8FqI=+1H`YqD6+xhl;mB66i|DhY>0-ecEi7SyOx#tEWZg z2Jc-#l$}8YB7RUkKh(`YafUop=yR-w8z>QC`?2;&35!*uB~^Rtsw&#yNBnPueD2JMq?>+^cj11;yr# z+1u4c?n4+?vY{Sg=Xf=c^__EAYsV@D;|CVW(iznaWU03NPe+BOh*>N-0j_=KCfO^f zW@9ww>~#BP?ZM|cKGjBN(xQX0Z8BGKgI?7$Qh1l6nE1A)1w-?}5;lg*6oEazQubk` zHQ}}gNzdH3qJ0aj{VKFXdz&7in&9p`G5#-80c?gq37@9zfz9INS&wYMhdEtAt8sZ` zaQq2em;gqn>vVvilUl2lvEULM5-GWzPQ5IHRH45+NIXibPGFPe16Q1 z=qVw7cQ2IHdcMUx{^-S~E}(2gBvy>-z&N42q8)1^e$VrqH?hME27`2hVZ2J9iUC*z z0mCRQaG@2JLm|$V&=1ONlEWLzMU!3nH+2-*6$?KxHfy`5*`4i;aW*^vvu;_nIyCa zkkJJwPlDx3UGkdeU5?FNIZ`gl-lFh&GvJ3+gWUv)nM1d;NtBl3?N>!StNTvN(207v zqmo7TwaizCLqVQ z<|zWe>nN!siMtY)8}_?w;USVmGfACfB|aNKi|_H$EOwLZlPc97#GZCcRYR{^-L;cb z>{H;$?42QgTA@3xE3y%Re;)U2^me<^9%0svX+*uP^FqZ>T1SC-isHYhXxo#shmF+t zHuE)_ND{jaif_~M#ziVBjy&MoD-@+f0WL2caU08;)xW?)_>l zCgEZyi8Rsuru8}oVRJXty{Ia%tVF}=j}eb3bosPh%OXaoeH6?ku!t$>joB1)#OfFw z3tOPp$xtEVosIj+exUtYGr+y(4w|m=h@Dnk7iE~OH6HSUU#~kK8}d|an5mwSp`9DI z*KrOWxFHs(K!1T3Mc3T}+z(MsKf=)2iDF|eLnXNwHN7yzf?k#??e39IG#kx_XmxD} z%wHD5rcuv-Sv1Tf1|enEK<@($O*}CDjA4HJvNJ?AwQ7F)1`IXBx3Bwhg^KWg2K!+3 z59!@e7H$C}Mq&D$aP?hek;@n1M@nLs$TB=os_?zbjmrnv?M}@hVy6$Ao$<8YPIRNj zg1A-{szVLMb~Yz|gK%VD5*FT+iBUz>fgO(z6~`|*fq&3 zQ!X5^t#vYiRY!4)pvZT2=@E|+QJ+S=VW(4&k=ScdRTt@Bs2+VI`e$3Xa1|p0mnmiJ zYgqB8Lw}V7s;i%@GQ!INg7?f;ARAjzwb;o)ZISHr^~&%=9$8nT=SQWBrBDCrZn2lz z|9b=XztdXYkiVik<(g+eO9oJU4Il?oU7cJXc$o+@TU>@T=>0+g%$UQba*h$9B(h(4 zH*N$`5P1s+9NyF=k-s4KW#Rt3BsNb+!CfQAJ?Qn))-sj=K8wO$Ld`qv8Zvpkjg=Ig zBCupRWtk*Gs_dt!CsDk_%?939|G1W~MQxWOq#C`U(Go`MQ{ywiYw&_!eG zE$Kze6~J`)drESdK40``@6{TTaqgbQJSMqb*?dNSBJA5s&Dobm5 zAzI3Pmw!jJ?}hMB#pMi#-vRp=(t{btSmK@K`teD0&wU1^g07$khQ~N@PNr=_X>d!6 z)~jY!Oh-%Y->$T1uJWqKJD}0!ZTs~kmP~E)it8@HFkj=#KZVDvjFf+>r2y7DRTo?J zBsF5@Vi|;~FQBSEz-@e3=*DB-kiWdHYM*cOPuV|a&(&Tz7ad7@5nzZfnXp2y2rg`B zuU3!T6_Wt%oNcS5IQT_dKo(toXnY@!cWDZ6q3#nFtO(bHvOFlr25VHN)ShI==?e<< zg59_nM8d2qg-sOalZHjsiOi}h!dV4eXMkx_GH2Y{Vy$|7o83yjbL`j%Ab~~uz~2r< zgvDzm!=ovst{!!Yf_5@^Qpk}N=A=vUL51_3>QIcCQ~JsVkc~LaV(EjT71R!_8%Ys= zL;PENBcJ{J4-MN@j};6+9LF3+ktL*oToeLSPlo5>9!Dl}&0MDOyRBznJKMqA=qQzS zGxn2eC1G7es33E=JIwr%z}14li3(S1X-K?%&=Y~&?9P1477xH;tOR>GTwx$^IXn9t z3z%I(n@ z8Zj3Q?KJPeyXv(#qqnf4i0pzvr=38!_8mX8(6q|NiI^sZ zyUZy=r#k9c)Qkq{U<~WzWieYu^qk6FyQz4gu;s4C4yR*S$JCXtckfZ{2Fbp9B{RMr zx_;l4Rf38Vuxq9lLuRQny=2pD)f=;Ya+j)^sR<^d&2NG@7oGY)pf5YV8fQ0b4OFy& z4Ex3g-_JedNc05OYu7MCGNWooVEcSQqGz;1uMY*J>)xA_x-$btHlF1o(M5=P1r`o! zw^B2kwECZ-d`1%&?RGH2%ECF|*d*!}ejOg^$1(U)QrfHk<9&25rA0 zx)k(;JLdQqY~TJ(9q&0Z8>}TAD_Y_sX1GP=8|PY+qNF&Nypq8(bi3PVOQ&!#n9aOY zO0dL&=^T4Bj@0$GNvLzmfDz#y)GP3;1z7w3=yb!4ELkh6M_#&UkVPE@m#!%#MntTM zro6j*gisYHCmTosIwmVRIYz%7J#7->OPwz39o1P5ZupW{;_ZnH>F3g?%YuaEKa!@t z(StWeX?Q1R*dG0Ja6k+CJ2>177G+Nq_6tE8We*&gVF;7$x4SS|Uh3 zir;5&iKr7@_AlplfsX{NFmqVLyu9`{N?6mX6p}0eJ+%DzTk{@b&yg}iBG{=m&?mck zUP;CV{j#eKeQZ2SD0LW0QKM&Q!;%tgf6VA}{j%%yqE zgSvv3k&BM<>f~+6Dgo*S1ca=|YP+~~)0behswL`~fwZnI7(e|HDnC#-kR_juE9Gdx zABLLoEU+*%C(wF8@v1DI<*s6yQ} zv86s)!a~xZg-abOk8nq1$(jDLmHD+gLNzdbV2WfRmfuiNqH+@BbSNN~IR+a%+8#;E z{D~{r{;;rYH~3Q@ui%sQ(pVch_HZ)U-`nNL&%E9%)=f{eo^y6q6*EMOrN(?ekdwjw zH!OcW_+gldsp*Bg;FUv|L&--Z*F9AUk7i3L!6U;KDLgjKK#IVmN4pqrj8L(F zhS!6gn)Dp9HRKrOr2A2N0G@blbN7r|(NE^V59(ppBeEF3cCx;iAO~8v6m%i+-XnJ7 zxp@f;Oa~@()@vooE4a-sRz-wjj{y#eyu*n1+>`WZoJ4nlqfj6 z73Q^JU!^5ulfu=-KjIR}AM~#AMF#IYr_0)DZ{bgpK3eP(MHY{^{1V!P&nPW(XK4Ca z=lrB|@v!|`tnsiw#6uNov0}m4#8f>)>Qw&eEJ(^;pdw9|ysYY&%k*O*mBxUiz;*|% zvFj28>PgybF^v8@d@I21iN)V{981Kq#7aH}8AIbbGg6HYhT!W`5pM`-aB$PA7Hr zGS^)$1uJ}o4kS`A)G{12If$XlonWeUH)c;|+cU}U%yOkWWGK`hZ1|h|VdsR0M|yba z117*AHDIxwrjYpArFd|~d>thn)_~&}!7AiaP`91|M&5?u8xK>EtVy%)2O5Tl7=%J| zapt*fLD|V-!1pOSh|*)kY4yjc<;>T35O+;w1g48-f!XMi=MhfFTDl5R1v?6_ts=xdi8YpGz0D)N`1TvBJAo5r2`>r~J^SPlhHpyeB*%J9t*3m{l|6?UoHLW_^3-|4EYvGDmN{%wzxXQQT?s2+` z+m0O&8$CQ7Qj;=$jg~*)2P=pkX3};!MF4ZxacEg=kpr#H^DenxH?OQj`-luHLU`81 zH_i`yZX|PexSOn;NF+qCEj+}kY+LE4CHn^JHMXDK7(R2!HIIl*FS@p_eU-fOZ8(OW zy~j_mLV}K%u%SVm_+eS7l8b#rCI=Z$Q-?4vZaT5FA{|xt))-~ra70WKhm&A#8OwTH zx#GUB;Yb|qo~o;kcg1jIZnpnLvV7!k(hXI<6f=BWj%i%bZ_>@OZ`wB0@XNQxiFv!lixBt%VI1Hz)hCZ7(Cfk^bfl&lz^K})PqH-Us zp1y$7n1q>w$A6HzE%9st-h-bf>dSbfl=>`-yx@DuC)5kP7eoz=CH1F+953)>g!lC8 zU?ukR7$LI9I)|Mr2Q!vU56cf^S%RcHp+ZxWF*CAp1_JvsYpEvEEP3@MpA&R#4*Su>3MAWwE zU1{Qn6|Ma@vq|5(nEqN0PZa;j zH&v6}+Zn+D1BX)7fcW>erT%;LM(h7#Z?Gu#4ecXAFw@O5@Mdn)ZGpnV+f`XEAKA0i$zGx%?De#+kaJy=E3$YaoqO&day5g+JME)$s`^653 z)fe}#)}4pRpu8vVQI2ngW?p0*BU4Z+`JEo?=u_!DE62VMvKdF8AYJ<%gK(D7y4lzH z+<}o{4y5i{3GLk`leITD00Ji(WXV6FvOI3kko?2u3}y|#WKm48DQkC=#AC&%5{;!B zW+I9M(e1w%5=1aV*ef9O7p;#U`U5y&4;#Nb96?sQI`$`l@917g5W{M#>9t^>ICv94u9o|D*)5>sN zV4`}sB}C^fGejVf-Ry$CXo4ct^XQBbKu*sI3B@vf<|gju8q+^EEyA9aco${%r%s}4 zgw`p@7Rl%^q-X}rOScvar}5~}^l-Z!sx{Kpwtb5Wr)EcaU2WznUlBH6ujBQSZNcbX z!dd351E;50@XIq063E|)btk>sIFG6L54SzQBEdrD`!TyTDSED(7{V30PfjabEELn@ z1-6_0SI0w)Zz-|hf$5NxMx1oaqqXHx=QbFWI-?V8kxaYq9C-^$UXg{@TeUY5;oc(x z)-*>?5HPzI`#A;Y0W+^hU&r`7xWoP?SGGZ3DW3_Rf z&&_i!`kr&FlKKxEb^tNO2NS7U`M&}w=NZyicbU-58yfq1m;M{5KKQ6o7fD{(8kKvQrMG^VKORfSqWneZSpes#TKq9!$-Qn< z(>s=cZ4P=Im5Eza*n+P7C8jIA{MrUu!2LA%_y0?tC(xBpP`hVwa?ZN;_Dgjej@KwI z@FQac)shl(U>o1*IG*{A_AcO`DmRcpi@#-T2Iq#ERI0eb(W^0hAGyK{D*;mb6y_AZ zmDVU=l*F|6RVTD(5({G@9_(YvC*e}fUx5IgU5>-IRLb%FC}pw3Y+-o$G0f%4CD(TD zLX(u|Fixa3(&B#ATHv^E1e_5puPFW_DZT4yf}~OEyENs?*#CJ}{h99Gj$J-)^T0fy zX55BZPZv9d3sd}MO+O>27e`iboSua2VA zOL-#d2+A8r9FQMKN)V!-EZhXVipL zKDww|BZ)cm?6SYrR~+reZGtW!_kP&8@WOIseam8uq%m)ocS5?hXPKI(txePqWWAO=8!GDnzCxjQL*t^2xzK?Rf+=%WuwqIJvba+_(j!^>O?k7t@A7_ zFlv4y4B1$_X(Q%`7(nVYXxSb0n%#yugCj%PBR&CfQh#X4jK?f3t!kEQ!D`LEdYIew z?+ef5_Y_)b_K(E3O!|1=^d=WQ0D|Z6nKNOX!|fDiFG_&%_)uq z371FTD6_9|bN{Q6ot~-<)Cg#&J1@vbi~~&*Uz?-79tZVg^~Sj9I#Ylrz=@yYKBF+b z)~Mt&3VkY_zg`;8H4f0342mL8;M$QK`JQkNcI5^u%q8NR9dXFGN|h+9&o3+Vsy-8u zN#mrOe39(ca`@b67i`STPyh#W+}m2Cf;)6mO8`ejuTalQr}{|osO$8O}GSg39|?@#r!{>$2R@?vWXc=JTG+%aUBr{!cdY3)6K zSDoSPxag@sUHUOWynpf_#@ctNp?kXdYPbvyju|6B6%8FCa;hbow@T<9t4%LwSm0UT zxX19wV<6ZB8g)0ORvvW^lx7Hn*l{Qf$wsRUNDMimuk^aaYDGRdBdt3YJ>rJ=l2feZ4B4RG z@#7_(Lf*yf$_efA`V8~k>YuxHF@-cO@f`YJiyX}Crka|H0F9q?DD{0`7F)O7G9@X+ zDNqXnI-b$yV+04l0Z9u-3Q{7pG<#Sd3v2uhU4p>hl7?`}*bl}bOb;rN>vK$& zKn>HTO-^9GjG;;(Z4SNWleYYrlxU1rM!@*=X{D2k6tuAFYVX{u#&(AbFq%_L>_UJ4 z930JiRDigyqF8g&#XR!J>1qZvN%Y&6Imn+C;>l%NCTAzN^!A&X5dpdq3hW<4Wb#~FMB0b(qc*QKx zTr5$4X`>Ze3Y`n}ZTov`t{>3Y8HTq5 z*IO$fEA-H8{15(vP5Z)UAk81r5RY^D7f=IKYm3@lnsBA0`HFzM&UN;qDo?=;w=3K0 zz4Ps}Ngrrx6F;HHo09t>r(L3ciOgfIVjMeZ<$9IWp4e3XE8*IcF}dc8H0P&hOZ^cJ zmE@1_0&-R~Dpx)si@ZBk1y2Oq7d!7}`!RS5#k@A|=Iw<&cztQN!4?51oO&euJtCgG zDW=wBO+f#5hoJcse+^?;7hb1!7hd#SMYQ=MW+cS797Cd(Pf2gyk}uOaJ|th~;HNXe z8}j~a6>~mSogCakDpwNg%-V3rR@Y(d05#G?9rN1j5nID_1B++UbDo8y(=QFW>+!nKDrIqqB6yQTdcX zfMKiAJz6=a2rul`F2D?5m1L=PiSd|_ef8#zr~1aZ({l1k38$&yf(gV{n`Z$aK!0*) zv1SXPk#2_bsgg{xeNy1PFY!MW&55^jAOUTw&+Bq+g^0pbsUG! z^Es{gNA@%q+Cb+&b-mPpcHbWA{;8Puyj*XK=mp;LicU8TaF;L^6WgJgU(y#VeX%Df z{{l7tKZB#_jDHKr7k8a}zMf&awqe&X9UK4AEs|;{zWhXjwAGLk<)&$-l2qWca z;zigLUbW1%9lDB+8fW&Xso=+Lk&IS>SWPw~37XT`NM{QrH$GAQRpCYBWUC&T&AX!y z*E~WG$zvn4)tjoHFR)gUFZgsdLHlm$R}sG)ulqUM+jJg&2{#=U7&xp4^tos^u*pQ6 zwARIHB<2s9?|L}*jf1zS1gSMlAAos13I_waV)-jV%uI^y_VP zFHoj@2c~RN{WC*=0@$|i9L`YsvnjCcz5)H*CDF+$SJ3;W>Bg5;mq(?#YJ5B1zxsE% z6q#q&K`+V+-!Gs_`kaDZFxi=3glbSW++x+9ew^#n6ppKJ1^xQ=rgC0m4O~5)gxJ&` zR5PP@y}1vQvV1_FMB_Y&8W3W9koURwYs6E96G5 zM`cS*8eE?JlJyqiDZRYYJnm0R$s&gcm+x%tz+ipo&QMQliSF8e__%-gyQw#(;+?Qi zwQxK~-&~N>GE#0h%56+>!_$>t+VNXoWXec+vG*E~e5~Em2|8y#?;Pl{@x@0^O2gD z+eB+*p>@A@a(O5NS)ilw#+1sHmz?-Eh`W^{dA*_riAotYPDj`f%-G zDz=B=lB{xDpulUy@gVSfn#qFt*IpDk1hp?_As4PS3f}7s0D`uMz6C)=6)NdPAOND| ze;PQcblzybv2h*MDOko~rA8&`{j-xXWlU4&O<@n8yN70fLQ`{i(>I#h5l_Qjo*IeeN`2hZ6Q$z^)VB8xpX$5LeW2mvb2B;9U6P`yKatg9 z+5Nt+sp6TH;rVK)8_%q)34sie}Ie0$wF3hm6=`a(Be5X5T6Xlr?P6zg! zNgS0$)RE!NK$>YyjO~8}e@+XLU5S4m`qACGBa)H_PHne0g<@d|GHi zeTC7KVFWnco|F$?$nYj?w(@B7w^PCFRIKe+E1C+a@~2Nx22@b*LU!3o#uhJyYsqt9 z!3Jnp@4X_f3B?PSDUIwmM}eTNOl_<3(teXo@`MOzD%K(-lgqoF`q2zEv89x|P{X?d z3t7TftFDE1sYhRz%4vr$^9==<-#Pm6)LGHH2%D()t+Vs*!h@0ZB#_+&S-Wjd$A`im z;OPtBsGa+o`4aoNhBnE~-##}yU^1WmPa%;$RsEWWHWHSq$`FgCH&|k;bl^N$<($;! za=}|dD^i1BH6Gq$Zx<>a5-}VBUXoUZZ714oTYov5NL%qhjwm*fjhXi`P$!ld#2p^d~ z$JQBw*E<_!vNpltE?~>VWqUVm&|K|HKh?KTr=y3#>`|FW9-Nx5F9B*A(x*` zd9f*4IBLT-*#udfy~x7+=c(7yArJDQ*9PRE{Y6Wi{};Vo3>}tHv$=Qz;{%EO=W9qQ zYP%=)L0`V;WYvmSJWUH{$1fDK+_99%x9hdlGjh^tj&>3YeL6BQ8PupRC0TMMvyGk* z53|@OD}43)xV3|}+^Y?|9ih4u{z(5PIcedmR~({zJ+`l?n^-OG<&N5?z40qkt+0JK^FmUKf*VYk}A_YLb2?SL||N3r0U;mR%|9{xS=Kq1I|CiPG b!#mU{;lrShvnEa`z)eO%PP|C$%h&${E?D4e diff --git a/homelab/docs/img/lg_webos_video_codec.png b/homelab/docs/img/lg_webos_video_codec.png deleted file mode 100644 index 87d54eab53e04caa15be9d17819eb842a6cf7372..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 75066 zcmcG#Wl&r}yEQsUAb1E691;@Tg1bW?xVr{-*FgdVwcl{qi;JVd7m}Zj(nE1Hp^5=pIRp zmJ6Q)q6%7iLBI9IQHv3?*fxaA`Et#dpz=M%>2E^T^dDjt`CI5cHqS4UOkSWz zP|rBHZFw?bet5lqZ3=ZAU4T<8P^0JHOIYHHYC;QnnN z>k55P!~ZrbACnvz$-j*RCGy`N`Tx_Uv;~z{{3kG>tGMh3(nyQ(bk0A_AlwVso#k*U zhh?c}$iLTqK*PchxDg5X!lBUie#)@P3tQCYSmUmHbwv%t_^%rdS*yKW*0GFCXR*9( z-?bq%5XOK0f!#;<^6x;ug$7dn8?rUg|L&5-rI(h|eV;>bd+!|KCnHWmBOnsQ@BtQ7 zmHcnwK`{c#`fJWFFp^fa!~G`O&!Q0A?mdD}>S_ngudadvzH}c2{2U56yAN_q|NF#_ zF87hBv!=82o6EPSK0^*I#M$>pp4HX9^rgbL*24_+-D7G2Ja2AA|4zbXvmSt_DZAE4}E(>4r7l zyDDG?A{@M}BpjjzXrH`q;=ON3)GlBdZ=(#bc&0TZ96UA$D89xv#NL(4(DZ?AjgCb@ zcc2>ejw^9vk6XbvFj^{j%d;JwzN8yX3yI_Mr;zHsafptI**Fi7Gf|mwVV0>+sJh0Q zZh-dTKm&-176rgfI9#1!?jA*(uoEGzs>R*T>ke{bzr8r~7l{w-4)^m6%QrO|SE`E* zci9h>_o=(CE3ji~^M!RoAy{ph6C^tgD7un$o%He@OB*+Db6+qau&>)|NxoZvL>`frA6`{mxl$JA<_z zHl(lYAVxXoe{g^gZgzHE?4D97H=tl9%TOZcgRv@M=#V?!=Z`5Bz z;&Wa@`i*7LTk6TKlsEu(tXUG$J^1U&oNT9H=SC=p!9blSlTtB+m!RQWj{FROkJPt( z19m(*hU#=v0$rrM-_L%eM#;LBep=j`b%|9NM=adlw7^H-JE4e34Wp$~NVC*(VTUV7v^eY8@SG19#uqHzG)SS?;5nsx zi5iw*s9_GetR2f4;Ll&I{cCV_I=okOqlV3Z&U+(DvE5pid!&VU?fcv8o|fcC@;?7Z z#^&R)xx=`CtQ!G48J{Ty1V))VjtrZ}GDPShq~=8Nx>NS1B+27uVO>Wo(>ytM_v@5x z)1Ga>5i)nuxod5h9dX)2RGlHM@%@|F!j&P!?3+S%Q=2;hFa4uB3hmbO`=1Zklog{U zR9X6sq$WD)FMXFv+5s=tSmNR*%gQR}3_YkjPWn7Wk@GX85}#bhib`HPrf3No{< zTN(~3if4n86N?{;I}Ua`k`L`00u0H4kbLcjJSAkg(de>OKkaK3vdSLf6H0Rq5KwM=8H;h#vrPmh=(ZFl%!z`fqYE7@=WOKDc)bh*49bQE9w; zJAb_5_`~g58WH%CP=f{M;G=KNHkw)XaDc~@^2vqIP08e0!(GQ=JVkwf$)I~1-)--hIN0D{P?Ag=pEJE{-qr(votFFpJ}U@)9L^HKf!_H7#_qc{ zm6SGbVkJ6+B3K)JF^aPHGWrcdWJK;!vK|pWYjwu;bv_eFblY6bU7$5z&TFt(bJI%Xe>kPL za~snvZ8tr+uHxsY{8PJ<1Kna`)CidNCzsa7DT4X{;ZbW`EAFoiRXS+QXQwEed@)#s zJo-6kZ~>ZryRZ}SGynEeCEEJ6IKTIygpX$IJ}(L2$m{hiR8H2&zKzEG{3~j|!ua4k z`=JKH^>v1pnFv4ou^ZlaO*RfiefCc}<585^dgbz^mb0qcX%7fT)4 zkC1>va62`R@$VHAvX(EH5;X`H7&`&MP&h+i8-C_$ykaXaSkK^~Y8$ zg@F5HzWWglg*_mSpQ=QnCrasVd?Ac(@2G2Q_8n6w414j&7oW9>v9272+17_AFJjVl zr;ZBhIbz->Hq<&tSzFFRW+Cj{xxto>3Y`w#>1L&xEdZlPd{+3Ap=_c?Ao& z!Zo~$cie!CQDlGjb5UhMSZ?7eItec8xP)cFX#Drmi$GQ3fM3IzYid3>`S85?12tl{ zcJCHx#{370EEmous>s!xKT~Sx<51uM2xWYFrYrTa5H@0^-jX-5V&q_-_j3gFfD9gXTCwQX;lzq1; z{gFkH13T{_6?E_{59n$qCES{Nyucl%H`uvO|2`RVb*1(AJpJKK#CGRd`qs*`Cyc?9 zN{(|;Ru=!ANOj%@ta`nWx|yxa zRz-SRvT>q4J^wC3xK##t<;T@Sy5rWZQ7a|1^8)*C$;G7YV`}x)ik^Yt=c&>oO~?33 zpwiLJ*2xj}zj4Q?iLL&)0(WMDIkK;jGVU$|`j-4UyLS4wmp#o!?S4IEi!l8<`d39y z@Zuj_5D^*$;IRt%ym&cBZRpHLCU`_|6esbk&u=Gqw{|s z3iH2aY=;dQSwj`-dH4e;WRnx4veQNE9s?F?T@qIHW3PFb!Br32zrP&(XEC3pr--us zN{oVTW!Bw$LF_tD&U9QYwt|PWXuSWGQ{m6)#)*2xO~3v_5vO~h`F|DmYGMD&Dq0+= zcVGA}cVIpajjhUeR~?G@*E|!^90GQM0z8#{En1IAj*og!vje5>VI3EwJx^crQqSPO zwzmS)laP{|;e}|2Z&m3|j4te{@y9)kA+zbJn2}wX)boV1q&6_vw zwNB!j`Wjrl={rlv8ZaUQC!+d0ZfHVj0thP^E>DmF(VGoCVNR#*XV>uii|J|}xPrR7 z=bSvqmg?qcs|2!?p0J!}g-%5GY7w#Au#reED$sK+d(SWTCnNacj1T}}?GG>tBb7yb z{7f^^ernyS>b&3D|04`|R}ujvw+6Wb`L0;o46eqs|u( zs85c{X-@M_*%!7_vWvh}pF0;ezt0&cYcb~h;M}vkzPf|BejROLxck!A_r!OYQPp2Z z{mb_S*P1(U`ui%Y=Z_w%ura@pG%k#~sL$Vm4(Xp3Ss|fhSEb#Ae(zPHsDg;w6~(*a*zavdN3e8i{ zyi{`=#NMW{t%i`On)+rUxuHs=_oR$wFOHAesy3J^duaV0rqxQqp1*^p9Ab67V%9B( zsU{|D#HO=EZ3}i&0PszBzq^!&3VSG;qP8qXs;H>MUOTovRuai2C+y0xXh$opI&GBh zIFGD7UnNeBE1>R8F+yLzLtN%;BI=@BZQ+b8z&ICWyUS<`k_6DvOGteYVyhtSJyX&1 zCl7TYQvzzx>4f*X0*o=C?YAh3*^~sGoxZrNogTQXOBkczT537v7ANjM1Ox~~Jv)g* zS8+{izs6YlJ5#knXQGCjwlZ{5LfCxY|5=a^0KAB zzZx@Vbb~fHIg>3?6RNWNa#;n@O2|vIt0@Pc(Mc@(?$;5q3u46gmNS)D45BnOrXa~N z_M;kCxVwC0lu`Ggm8w>WE|_B#yY|*nN&sa{O|@99x&tb^UrRcl4ALooBH!mr(ZU4$ zXx^cC&}>ECHi5Le30EeI<#|+iksvOYJAVsZ-P>HCL#+fE_ImfGU;vt`3>j&;9qy(NC2g zhCeb~fvFQwUcGxILXR||gP5R@G}o(v96^z9h(orbCrm1I(Xl^8#C#}(*^Q7RlGjAS z0{mQw-nv%yRjsK<*55d#02EyNFUvM1lXlTS{8m@l8=D$Qboq6LSW zGcx0={=w`10%s690v))WZ$oZjIk1%AJ=M>LxLEO__d)^BpsWbN(fZnb<;_GxkchXi zqgx1oX~cxO8*rDQo3 zP1P?8b&)ms&D!nx7pJ#7loZ{!fcoL7kUBOTfO0e`VE~bPRAyXcWaN8C|C$VW2)khb zBuGYzoG&h!5AP{UPvockoHJ$W+S^a0$oS6gdm8FG0X`zIs>QW`C2xMPkryJT{BW86 z5TLCet$MLmpjnWdSLdTGXU4iux7vx>#d?gv58;Wn!S>?Kh`{!TXr>FA?t zC10{gmpP!0jkF*tGSD;F2MSJDuOjMYmv+-sVUvygEdmC+WN*Wx49{@Tb56FywmM`H6UsVK`vF z=&sP^#B(SqhYYalk0k^hWT+5$QQz)|21NwODy#Ts-tQBbv#*nrckgH5ve%wzCA|Ix znU~^+u*YcYfhm@D#?q{3KI$~k%(R3Ww1>ND0gPY0GHODeDWJ~7HS<7wm240;!($Le z-5d>*M#v$WW2NgA2Vf8;Eyk}$N5>lPoEAT)lKW%Q`*Q(cu^%!5)O!8r2k{etLMgF2 zBC{U7uxQu(ae^VMzrNmIlQ9_zQeq$&kLoY`_E0%@K2|7`i#v}6D^5VCvsbEdQ95M`I7H08%Aid`*VRVH9%-qT_5Uu*G=8-fh{^f zjmgT;otL+8H6B9=4s&pGgb1#Bb>hSQ0~`~TyeUFoQk2Z1|8v1)|BNajk-3}XRE9`O3ARr`K|ctcFE20v@W`p@X!wy>*c<7!#Rt&NM?C?7a|RTH z&SB`v7szpZx5vcsmxxGv z`V(>6{j53H&s6l&c98xOm2~i0&9!qy-YBQ|`5L8{dF^GGMaq~u3*>@r?0BABpb zNPhe7d`f#!7FK=Lx@IRfuev_MR;gJv$8af66 zak#lNvNCS}_h41Lb*vSKI4%$*I`)qn~hlsnOxl)+LD9|sZ_uI zn8O%nup|2=!?W`qt)-DuYoTE(@i{$e#hK0B08}uwc&=;ZqqAYTX@-3)L1p>hcOkd> zj{Tq$8J_zx&*~hbGp9Jt_H{p!>uoyp{+qmfr=YU4mx#4iS>v)34cm#1D3^*@B0S4Q^ctOoHGW;yeT^FdjI@fPyR;!&%#hgjKuI)M_(L?9ep7w%#fP=ybA_MYIl7-Ixdwk)Q_}C!T!Cip; z1H12A)*A%*MsE)6?$!qq+$vO*sZ1ZyZ->3c+t_5whTGRn>4!+lF(eIGrL80cNY;Y3 zJAS_96(sH#qmC{hk+0U^2M1%RPdMC~h(aaAE;&WITNHLu4uKcLbZx)<)$O2N4i)5_ zp)2G9^C@4OY|4wd*Nhha`0?s>ViTxUYl&ItF38PQ(xc%^k>s6jIgGd$na^iOiF@nu zd=5k^Zi}4ktMq3(SZ%;QrYCAs?L#P+XveJ{txJ;Kl-+1`gj*V8JTc&tNx|Nk&;0kZUdIH z`jwDda3y)?d9OT&gVxjMZ?9~4!9JT1j# zPfs3!+jU>*IZ#347g{_zBOo9c;FDGk%`Xy3ZB~2uIpm@<&{!$bziymEXqiyZs@fO0 zr)yVQ;o(OU9CGu;Ut#uLbQEA^5ZDb#XA1>zjpZuJy_fNtm)%_atu- zFTX%o7Z$&tLG#@y+wwwqPd40q8Nz&!5}GZ6q{Lrw<2lQfG(83~F*;>l+l+7zy=4rx zoazEg#=vmI2i@+kq}Lwx6{HqOef<6Q*WH-Y&P8h&RU+;E1QOKadWuPTKl7J~C&)KX zvKw}3YG+3!{DS+S*&cn{oaI+A@}9BHg&frimb%@VssDS+H0Rqzq^?WC16vgPJSX)z zXU~OK=hKuPssg1rIit$O{QKYLUSWuZl#i46XqU@EgEeKH8nrZo{4{6giQd>tFHc?P zU-2e7%?r(D*)kq1o?N%tS&{@NIxiEr&er4^C@7VQE5+|42si>-9OF&pB<5_jy?C$E0wVde|8e`1IqvYFF z)u}=fH6s2RB!aK>nz*4zX6dHIw!vzn+4F&Q3MO0M1)SYPl}M%RW6Aw0p!cS=Tos?S?%co=SM{0W= z)|_)5s@X5U?F!R0RJ18WK5m>|g2RFCrOmLuy_$(Wx)39Q!Ym39L>4(lmj6w;Y=Fp3 z{bG{O{Q!kq!Q^7%%em~u<_7w0!DZ0xUaN40;a88MPr6Hsffb1@ltTN!qZQvSJ(J3{ zf`VS1+nFt(9pEqKGbdU{4oNEY)zS^UBi1 zukZ|o`eT0ENTB5Ot;FGpCXA~*nW>#A*st9u?N`1qtR=R{eMGn<`mEA^ALk46bVG-5^>yL%(jsx@$KTDWZGjfc+v&w}r7`|+56?M2F6)fbENnwQ3{WgA zK8SJh*FmLi`iPA`Bi5+s*~$FD&P$!Tj7Tohi1j z>R|co(kfH=>X%58xwk!4w0mi%6h}+{r3J8P@L^26G{e9q2AURzYiulU9mF+#C)!?Q zJ3sGt*TW)gs2~lS9yTdFFOY{m0Bk8Q#`MjU zKN$$X8y_d` zB}=+}DN*P)`uW>b1am?&q;H8T)B&_dW9t+~hpP$kd?iAvAC7DXR+{s|U9kN+<1pVH z)PLwfhSSuPV1o{Xu0fK93D$_dMPs|qvHFFO+DC*!xdqbgyIO2T2et1$3=a5~eUS1MeZ$C8*RI!X1Z3_B5=695*F)hzcZyG;(zGq4_ll7AWB-R~I5*{JS zNLT&5Q$%tddc^fI(Xtaw3mGw$>uY+*82a9Zt_Lak5L%F_qihpMb|ErW&;hb zemxuF=WUU9$g%PShON-aZt(dMxgY;&of@Xrt&-dxsR|j|m|A2yyXBIl=)C-qFMrjb zNZ9c{YomUBpr~nxLwHy!lMc+`+~q|fIGZv{*bZqmIIM~AIV|2ST7}vaJz_GNN}uA- z3Vga#?Ag>{^H0=s-EOP)W!(3M>1wnX;uznX>DP&UP}Y0P7`C}=-QAqoQ5Zi1ST zsz^ruoFV>&e?Y&X+LWgtQ320uaUBbVD4Z0_onfvn^q2RGYG7e&kvzyR{oQ0CT45KK zbPRnD@6|e971PCv0WWl~)nP=MX@nOZ*q{s(a__aC{%sPB7q->3g?qB(uq@A#ujV(B zjK2Q?N9+I=eoV=;+U=QSvS!M!-z7QZpK6GMzKPNN42EUPm!tp>n^bFb-#PYKUac_x z^z7#(f+3X$6J|<3(&gj#6>}L=#pAd?hBbumkYAFvP0r*+cYo!$iD7(QjT~cbFCQMJ z8$kV%cOc@Rp6^?^_*!EqT7i|u8eYv-;o`!i z!x!mt2ypUw)4H;sM1bQy96uS4=XaOjdhcymrjjI@%r)@E!;c^8bK8p9Na+SzQvklX zL#~O<^>K`FSyD!b``ll({Ey`s=)5R^?J4R zwfi?5mUliJca{OKeh#rW(}aA(n!tUIgMOz zi%vBAEXsSjPwF=(>fh3Q`fQoR`a_%1P_PE6x+W^nr|6IGW$wPRT&8;emyT zFR{KZi;Gv?&&!wjmll^TW`eMFG%)q;<@tRB7Rpe5rpTa|*}ywA_&cxVTB-^X(RQrij-JP<>$ z5BV^zyLfhVhQnGV(!u*tyWK2bx_bW&{?Mt)14QGI*SnQl3CW3hf{FbBnv1U!1*!@3 z&MghQFq1YQ${g`@d?z%P~0w!%}s49zr}?H;K3F9v`L z6DvEr{63esu)RECu8*_NRZ=U;&J`2BoqQ!YH6zpRSmT&Xk^|plPein-3c^$tpcQ}a z#U)kYJ92Sxk&*l{A6ZGsgt*07Y`bS`K%W`8#`PEa5{T@Xypf0_5RC&bW z(c6NyDckXtuRboXOw;xm@z-Wrm#2Jyioc_3ef9n#0UTl-GetS}#Esyx{TI^!4*6f6 zvHedJip8Zm6fokuZC(J^#Nh`){*oCk-J;*X_E(er@Z-2=bm@9OU7v_4w;0BBz3)?} z@vR72k{2h*UZzLfjXE#4$(%w&{J)W)-+Q( zR>nk;LCaa_r;+{}ho0;E!;w_9$E2rzBqcdk-l0UYEfZ8B-qf-eBYoZdHG#0xIdu8y z#Y}O;KmZO|SL3Py5eb|k*yt&i5W%ismdd3>e}VMZ zcDT>dr>CbD7j2AR$5@*888&jnbPqD9W1eqD>lZS*lNBo&$KPvd%(oV)JOsSmyZ}^V zqpDS|4H(xozKKOAlh)l;$6t!rVgX0|8(=PtXY?miME4!(>;qxJsinA9gSP6Q*azQb zJdxZZK5WM&tV#hGZA(87l9Zn>eJDpDWem(pAfTr?(bf}T*u*MkK8L;eYp_;yg;O)` zJeU%)GrT&Td$UUC@5!Bxz^;?g%m0g1LJPku(LYT-7gb*1pV1?2CM|^wbl&#STh#J0 z0#USP)lJ^7L{!3ejln(`Z&jz1o_5EDng5P~rMPzkKiNx=J#E-$zoVG(7jtu1@_}aXz&rFOXTuzX=CI zP;H`s%6M{;+bGOA`FpO zh;=tagi?FQq`-z2N0G@NW4%OmCIf#h^ESrqFS2y8^*0UIJt*D}oIIomPBjgW9F((k zoqb4h-V%B^0`eZ;jQAM^RcaJP<21uomfjzwYpg=FM+cw|21B`Xk+$CVv{q}b`OB8^ zuJ@5!B5%gRMW_#tWv9kT)1?{qF)MS593R3rCDv-UMD?RXai$ zUf-i-qk2h`DU4m)8qM%Rx9{T*ege2(*DTy95F8Kp-6M4avi@+C`mEp4y*a3~9~RBWk4@?JqC@}k+jDMu=Sd>&-w{8{=+L-QhU0HQm1a7VRx zzoVx|d)YVwD#i)0<|Ce#_MaeYi@1=n-iaya9h6A=EiSf05Fe6~LA)2-$MXONE zbkS|?rOF!x|2=wxvy80B8LQ(GUXrOV^1H6Ox|&>R4HS54ks*l=90(Dem0lN|hw0+Q%XmVMlt2Ho^Ai*V+7wSMI-hxi)1V&(7&uX5-%*sAu7e-|LRT z1A~rlQRb+5QG%3Clciqf&a4m8HmLAIxL?$4#y*c$=XQAM3;>7-#S#{B6m9Q@{K}H2 zTEUs-vAaZ@6%1I9S1no_OU<0ozLgZ&%O(+PQ!<}jZ353cYi&FeKv5YKWW_BesqjZ8 zF5saeChU`w>*l_A*-{1jT;H36?*L<8rN~tqbtmIm;kH^UAFIDlG;e8jfbk z@}i2Jb9f-@>Wg!a>~%GtO;46pf^#yx_TkEyz7DLyk(lIs`NJqC2e?Wg-C>YcAP`z3an{ophR+$vF);*JJsTPXojV=jR;;wux#+CRFC7e!* zloY)|EHi2;j0eoW3sr&zD6PJyPSt%kl~bCSP>2W9%Dpv&Nn8-6Q5c#RH8#RM8tSgW zS?^X_6iBNN(kFLTLN~d+@vm=DbIS&j?Xvb?RN<6JF1@pMi5e4UlHLVaqoN0wXxJ$u(i<-97F&2cME8mHBiyFS(Sc`}FT}3MQ zU$TUGkADg6`1R{Zn+M3~n$LH@7d*A-JmK8zj>63pX>qLI@GO>hP#@-cD?7*5Kk$*W z>W+7DJ-?x8%UO%T0`=vQ<=|jn%`ADiWNR2`&X{+iD|c0iN-hT>=JZAd?&Tgus!{GK zjp+x1p*JYm>2kJ`1Gy%wpJ!$85=+9S)k9H)U|J$U!v#euIQ`RVMb2!;hQ|rJr&)DD zQ`KWDzc0#GkdA;vfE!Bbsa>H_c8z;0TjivPoANi2;ek{NECrqjpVgeB`N7>f-()QH z9_!Uq5_UuV%j=WztRWkg1(m<2BY}x{Vrd*nj0@hF+TNs}s)Mi~bqBltw;VA=>=ow+ zDa}B~a=?2x!6l3Q-x7xPDAG{+(RXd{l`jC7bnb6dB0QTM_Dd?@ktIjt9JH&R{>{fG zxRDvR`EWw@IVmYOU`I-`?VQ^uoYxB4jLqAXa-W2XNAoiH|}Ng#~|!;_)%vK z7R>;RDbSB7AePSpyG@l9x)XSfLc5szOQwjFE60NLms%)-ofEuctQYhaA9-g(&rcCZ z#~qUGSI^Zu>qRV6vFimlWZf_FouX{Z9!lz8+J)C>E;h4hwX`$7`}%y1C*0Y0-@HIO zmPZpNv23bji-j7qi;J1<{R^^)`9^J{0Vu*eNFrxp8TDKfDT}^kx#!6CeTINq*T74_ z`XK&SA)g}`gkx^}TzIb17m7oty_N8Xgkp(WG1TYgqErWimNO+?d$v|7RI}MRn;`yI zps##07*^)_DR?H@4zvfZW1inGQsu{mUUz1DWQ*kUlzs@9eIW&xh0!ExSV2`(Hv0RJURd1@81ebCZ zW}*jWQdp&3Ns{6b*{`e`u-Df{iA+y2UKmOXU9nxr=-OzNKnmaq0GSKWKX}PeT=qp$UxAU3NGwC-_!k<0;{e$C6D_@s1~nkc7I`k9U;d1+HN3C! z0Z!fclMIe$WZ&W*Ju71?8z|bKIdILi7UUczCR&7@Mc)0#C#X)|dp5=Dnf6gB7=Ajj z4Z$ptB&?-!p3z;|iPqusM)%W=s(7i~e=g}-pyId-Peo@{zlSIY1wG?5ai4O5e4R7O zVut3V{flMSf@stla4S~lxv0~NKN}peb{F==nvWIH#MVBF`JLEdmzW>)JSa#J)yjW8=fTpK^VvMBNbDU< z{yAvQK(n#IcG#~{K898di}o60jb|Pd|9SPw_=G$5H!E<_>ntMmgGQx`-163J*!6M` zU+kP3Der;0jjh1o#ZfvnpgDL6ULg9Bew1Wr5par!FqE4(x{~xL*(;A;5C$rOl4s+r zXQzrmz1Ko8iKA!K<}-Y+2CGA=$FR^{?*Ckrzd7xLLo}}ZU{?(!ka&~fb8$yej}V^@ zm<=B9O8Mkb@tt10NNK=L1oUi5(b7drRzG9*06RYmZZcU8*fO10$ z;Bd_8nYve8TAKf!qI=Zu-}L9+x@#D&_R_*AAxvlLwWxhff=I^bs?iW}IZ`fYng58Q zJi6XhhnRP7jIDlB!W=ITWkXpsPxel(D!u7iefGJ>s*!*6GJOWpuu5zU(@E|XB zMfsf(&_q$7!AAva?YaOpF9xJRau&*ZkxSrD{30ZN%~fO&l*75I@1q-=tOdO35uUp? z=$t@W@y+Ivd?2Em%ttFdAnxOB2HS*Z1Vnkh==3B`ToWil&#rajs%F4qE&}cPQvn2H zUMUs)>Xo&$u|nH%K9O5P%!{^^y8%hA{L$KFFZ!ZWu|07e-8MnOG;BS2d3y_PaG1)D z_<(O((6i^~)&Ju8ztHTSO87A`sz6v{=Jb<>sI1UoZT(P%vEVr3F#= zlD!$Gn8sLiTeeg0q%*(DBqXn**Rh}FLEE^u6w}Jq*tcGqtd$20C8$A>`TX~v7p}ea zF+R+^8vsQ=0x>feyj|PFkbw7h+Np>*Z`{Fpqnz-nanvmjP7PYQEitHX5?yk+nRM|S zPIIklF2x+zG!>pM^5WTc|Gr+1b7A$e`>Lz=QG93L?`Yu zHr_PcaH|iE`C9hkG2-sZ-y@g~@l%MW8}%ZM{$}^5_bGI>`6ztOi=rQVlgRpp!D$aT zl(0{moP}mfnIT(t+q++@vSs3D!Cz+iu6UBX!vT*gX82AA=2|E!Ll%Dox$C1{yq&2= z*n#5gxW_ZYzXpi9f3B!eM}i)^{mp~qy|*en>OJp!-N!z5d)@QtgM=E6WS@l9zGt#t z-?-Tts>?yL-~CVoTUJ{iSMaXTP9s=paDe|@C!m7xn+Q`SYU)kN$j$yOe|$030jWM- z-#lKFHgt_c5XU%1h+E^pyjLG>{a2l+33)&PWD+EAdSgA^Hb{B$-3PM#+XW}e`CGT? zxV$7%ADdfS9Wns-ynhT4`i6K1>-@GTlZKLAfx@&(bh!#46)_8ptMg}ZZVtJBzlCzc z@V$W^m7G)ps!4Vmx0O*R8|+G9?u%{rDLe&T!@rG;7q2Hl5h~Uv=o_)VE=9Dp>#{y@ ziKC3)BF`{yebFiMnsAMTBPW{Pn%|TNQ^`rSP(BgSyOJtjCSqY$+($o1H@;#p$|!Pm zPx@<3;iP8_o-9|hMM@pxYM$y+$^(6)*1$){@_h(3U$6~}5MCLj*q;Ja0C0IksOx^O zp_Qb<(kx_>;s;9o&_3ULIxK^x)ZL4BuNVtP)rs*TjN&+Lm@YrTnJ5>Ck@nAuN+UuM ze`k3_s_h)Y_EYJH8^}E{U0BWpe=$YS9zoqJRrZVOy0gG*niqh^o>m;;*v3Sq{kcwv z?)U9%_EE-58A`=v9CN!_p`EtJBHbHH(?yU{sQosB-5UR<_C7k@r?|TY3K>VmrK!VpE^>t%|Pt5)H?=ElHNa(m*qdKFj_?N7#0B!Qh1%h?3*( zY9N=W@K!P@cf(Z9JO`pjF?7<15F=xP1zfdk^ve8bK}BkF=6e*jg0bm(ziQ_*>TMu5 z51}}{aj(SlHrnR2h4N-`NeV}T;SG_Hj^XF{@%6wWWtz$0kSv?8wHaKMj+ijQyusJ{ zCmhzcQR3TYI4S=<8W=2`W}cuLx=C`P?zab;2VvtD{rba@h9a^<%jesE2EOw7^*z$lDDyi95^{Wi9x9c z2P4jQEVwEraB>hFQc^TUsiyQ-!(LMKkEr5g`ET9O{|`F%zhC48V&D@f%y#_e%LHUJ z_zdcPFmZDF3PUq<%k^~wAZW&kItp6I!|M;=*|Jf(O|7UllS>w`qP|K=N z*nW5g`1)(byr5ZtuUA0o*-RoGTs8$KA|Hm}r}{3ba4m?eGtjl`CtUb5x^E^P?rMJX zF=q(m#BTBc`pEtUzHiOsbRNBM*XhKV_x}nPhTz3`>2eNTC&rf4Leoh z*8IJNNT7^!tuH^$d5#`>J=>N2?NeD8@zjf;N7vQZ_6$Skjjk4z51+XKq}yEl7(~_Y zYSmr|GLN$)y%uIIKfEz8{WfS1dq_?8q%7+?d#N5KOM`j4zl^lE_FJ9`>7ZHyX-Qe7tf@<8<2jdO7?)IxEyrqMr#J+|!= z+rel?UsOfS#}#Q+^&`=-V{c4)5uv5q>Jfu^p2GK>89xi@_U+_zErA5%px!g5L2gHI zZXko5&_;O~V+~5!`axg!&DQ*@mY}3xE4Dbs8vRr!NuX;%qa8 zc8kFf{4|=Z92I4W8%WV^5W&3D%}+L5pErA!{Bc<*3yOE)3sD#5+3b%XFYa=-a~1i; zG16RBK}oP=PE@@UW4K1$uOqR+?o9X`P%Oup*6I3dYnw5(tFeRJ%LSacKzy)5rmQHl#TZp- z;XOU~9nEe(w*K{#h}GC~S9D(jR3Ry$fSYNVZ2<#DY@^m0)~$ z|6P9Zt3==7$kQADvHU}5DNw@pqLy!oOu~RPfh9<*Gcgo$rrXQ zNRdX_u<@CYFr{U>DIE?v)fo-rWvD1G;U=&(wys=%rXfAp1-BSq^UWv^TxKyj#rvAF zE3vYRYAH%g{f9-+rx=A2!s>>}7jE12vEdM!g&+weA7#qx8x1Kz|MZvpfb%V@qL#e# z|ESU+%DHj=a3x%?hMq@U5mTO^c{LAB@LSJb!P!Vcr32C4E(F0p!Vfbu#Y8e&I%D=< zf0^3P6qk8Aeh>uiEv|G|G7X`gcR5XEk&EgL{pNo0PAw0YVf!G*E4H*d^*MNNkznjVyGm|V)^jLD)j@o+&MNX(HE@o<3$n48$d7GI zz8UkG&0s9?$kVgPnzT|KWr}NEk@UCw_jm=MK8_Xjg}TxkPdDmm;FIdjhBe~gx=f@T zM)su5YAfK6?_H=Sm#0x)bt8kr_ys7LC2vMUFdw^>5i8^c9!Nkjs?3M^w%|3KxcWe5 zZG@_gBfoH4a?w%pghs=#;KP0N2X{e;K=P^1!_*4zc%t?eS{~pvT%@;$H{nxsMm6-h z05bBCn&F^jSC*W|H~FsCoQk{?EHtl+<|;-1bUY#|)sE26Pwh7dY>zgR;y$`D6ti|( ztv8*gH?wJh8iuv?z2==6ZPmPh1l7gD6{mV{8HQK%?xtS3vP8+xec$ke2hGY=k zv6BccQ%7-c51oCP)~vW(1iSefXXI=ot-TU=sNU}9%KHKCzNe{*!p~~3WS$Mf;Vw$h zcy!XD^9gHSy9Ilup|Z2;qp@j0Zuh%XaV0-Q=Q$h6c$NsLVOnV& z2|SsCF0WM%k5*PeYD@3~9Rws0@7DFZ(6&vD)g&z)`o;O2gE~7b3Ol{GJ|Zh1NA8LA zEg&>ntLqw@IXg3vHwMYPKv?KU?OYjf=&G+Axuinu+06u`Wdp<8fqmx?iNVIkAo0Lg zjo=5FNXuhrq$>RQORT&n_&Pu2hJrPWp6)WgJM&50HhNt@>6M8>kjh`dN#qVspmUn` za|GqnoVMg9OV#I`^z;tw_9{$M;ct6bjcuvT_UwP*`+P~1I@Lcn&xAx`&Ni%-2<@B_ zH;I4j-Cr;a$)eGc816zK3-SdoxM#o>yt1aI`3Vx4k2T-cI8^rdz(?lov8GEMB-9FX z*1wD47AW>3f2}rrKe+o>-FIXxMbL93kKSf_^vuRtYk8^8OunH0NNwTsr$un#2iT1% z_(Dlo$FdX`m^E^VkjSOI>!1wNM`9<<^(XYWRsUL-Y2D=~|DFE4ivg7sx5|@CR;qGo z+jaPDsr`G-m+!tEU80O@_Qa4x?Z6ZgYTwwA$7U7!6>AtM1ALiaNEXt_u`$Z|0QW2yPgAVC(Ktzy6YUq|6x}A|$ zkXAyvyE_C1P)c%OfT3HY8Hr)2!F}N!``yRh_p_hl+3$zV2Zm#qtJZa`wa)YR|DS96 zlfXCL>Qh)13a}bts4PgMnOyWXWzNeN(tM$ET@?YzntDH8@s!~9bhVb2#*oDeSaWQt z&h!EbB&Zn&ft2E;As=(UPaJINa@?Kd!_zj0gr34|QnA^+q93{62OKiyziZHo!pD2< zKXtpvW>gfiQ1ZfM`)8{&FJhQq&o&R-ZW_RQwwN&! zu=-?!3cT$d^Hr;F?UI7i4wkAJs=)@c-X$_=x%e{q87%UVNngY7)hrPn&gYbeQe(WP zsG-4tWTx9w`@^mLYl>u5-RsaLj*3^_pPcrr#-f80+?x1a;M)pT>OS zRwa(kwchwAX$BRR0%o0BIL(nZow4x-@1Dsmt_QCt>PP^ieCSy%+S=PvB?slqGU$ zD-V_8d0j88H1ponN&)-^R$Fz89sUAevfYn$zHTg0(xocMT~@}izUtA%lp#Dowlnma zY|OXFm9GnLK1_~(=j`=5i3ZhbetZ}7qwjY9JL;dHTPKlLcVq%YnC#L3;zD&WhgTub z;oYfI@jaT^Y|(#fU#VefB!I<*?_P3Hu@1K{-Q~;a#ZZ&;?TG$0;AVBws8^F?#fs+| zmvMUqRypBD)P3@TTt6iLtso~I5m9-@lD6ER5sRJ?3Ymm4botUU4H7V=I`9#Zt#^!P z-EE8cV3tHR9Zz z`y`*ki^MV?_)ZO4s31J(#YJ7X1|@&F?N9h^&a#FJ9D+ALr3&pTZD}_>_6mrI+1Zm zTZmM9PHhR2lqBm^r~T|BaQmq{e6!--tHlM6J93N0y#eU6x%x?Hl#YN)yy++Rx4C%!MsY2E_Ns#7nv4s30@XDis zF1_567#Yi3fS^u5`J+aVT8Zxbu`U-K3n|-H~UWEysQ*jsEiZqQ#kF_>ufDmfsM@RnTBE3MqpXm68o|{Qn zIKJm)Xqk{wkx~2$aYR&jR?Ks-7ta)-&`rr<)S|`rk#=vqM)k{wU`L1%hYCyF%b%P( z?_P0au5o)8Nk={^M>QRA(B+yB+PmKSId`vFAbwzf3@Vp!ll@@c>&O1Vy6;ffNuMnl z{jmeQCz-sH?naJd=S4c}LO-3j8h>23zJ9im{v*xRW{EKxZO&xW?^|5E&{lm7d&`7% zP_ayuP=@8IH~DoajHDyIIki+Z%=6*Lo21k)MGQxLWZQ4fu%4aM6B2|4rt_@CeBKLL zNaCf}fu^KE9;WWPPkbork(Qm`dM}zU*6JjhVafDi?0MX-isjQHw&})RP-xHR7iE@2 zNppZTgHE08o7)#7Vg;yt#qlO$L#}hzI>9iTF&qn}>&ZRt8GO|O zzEVm;yb&AjBfFu*1jAz?`A3{WGR2RTuVFs`;&q#}9Rv*Cor|d6}$@SPD<+acETN<|Ub2 zaAz=qO962rd}*ASnt}%WnBu=fyu-i^Yi^-fplq< zPO9c5Sz%yr&pJ&6E@dgas_fB8dn(`iGRWQ{0|U2@jVJg=&72mI%5TWK$ROxlbGk$h zvB{zZ`fUQ}fp15#{Ku@@(A+F%@a?o3O~#n}*-nX*{D^P;DV$j_=DovR#bbo_ov7f^ zt^2?utHS>^Fh|(4^&o)6FEipXj04&Xr&4#kO9@kn5U2WBK%)QIel|#UkCu?EEND&2 z)4+Wa&jn)fUgF8r?a41X8a14+x0LnMmGl;h^(Q|8zNpz|92>a$W5==>^ce-sDJLo7 zCzqSsL(H5W72(+VR>AIjk>OIQAQ(Z}z24P@arx6`LWCZq#lcX}4&><`JNE|7 z$7xLsANFt(G5OPWk&>SflURsvO9-^0I&2#3U?HRL+6^k=b$_3T;Pn{nXKkl9=3ERf zzqRw>k=Gpv42ZlwrZRA6%j+$}p^;wPb26g*bOY>>fo!MF_^QrF&%xV-WcPAgGwrnc zQ*f%kRts0B=+2}B_n%%jqEd&wMl(%vmsG^P8jA*rF^d=k17DU36KI*Q|WRcByuo4Gb3YyZK9ZDbeN`~7M zF*IH_Kev^4#(@MDlwDx;bzxcO!5NGhw`nQT<@wg@oMZtDru`U7YXqV{kl8$JzP;`X z4e`Ez=GtC5gzy<|R6ljl(Qb|7{n%c;@XA(ruPKvkO|=)qXB7=~id;=N_sU}X&UO2i zyHnTE7X6r#KK|sf?67J@uR3mLd$#n`SQ5^aflqQs{nXeILIj%4j%2xq4LRH*p~ag$ zUq2cwnUn=ew$`Cl{oC4>d5(IV4QRYFm`+>J_pb$ML@!q*Wy-By3_Lts3=2COcY9s% zqy;J@ns3s9Qd*la{cByco@ci-*anO*9_7u>8hf)cQfR-+^Z zruZw*3@g7KNM8zk4ErQvJeyK&TE4d3zR zW8u_$Nhc;k$pY9WCy!TT%CD_$amE#-zq#)HNO-9KOLBQ@*}bcpMYk&qSkUt3mQ7_! zUsP99T&cAg2r(q|7%KXx-9OScWXoP0uW8JwvP8h{Y*PuNdf6rOm(JyFC}BQCr>64* zd6a>1hxbQS{)|++5+J3XNK=Teu;?Rbz`X5680%Oe>*8KEJ0C1`Dp;$4@?FghR*wLm zH|JCAt|2>lT-}_VwEe$)XtG7PKo|+oQ@3t|Cz!W`DA8C=Y;L=CXKk(w1 z4`{G~E7I3<_Tfa$>KAjl!)O2PMu)fh*NsC|ty3*CtkQSa3xM(_z@1q07AFk21~vSw z&9bI|RA=2a&$R>_{IMYPA3UZ@;Hn^yNYx+gPa_K~=#+WvxnXx8@^Yd+6U!_4j_Im~ z5BcRDnZDK(!y~45{TqUJXllG2?%=@SrN=!nV zi@5AnmVs)$xc)+7;b3?*&qlFyJP4Ajl?LC~L033ul`>C-& zUDmSFVvXT64msC_mW#Ot-2H-R&p%;*i1Kx|uy09Wpok{T=afTl3%`QdR{pY;NfDqH zO(Rj^XRFkamAg9T-zmAG_eTIPtx0H4$}7w4Dt*j4H1n;Hd;#27A-_1LE38^w?i?EX z#goPppZIm6!u5~K6+ToW>BwH(k6TkcAyaRFm3e57ga90dsZ$cx0}^TrL#zZtotDH^ ziPKC++_!}(I);)4q_k-VstsRE=+ip+gov4?m2|XMiHzRe%{|YL>+uB{GS18aTL$n~ zPlNth>9uC4(p@DP_kB-GY&;sCpiA2fcOogH>sR`Ab!Z$QcgUV4TkoKWwq_FcVPK_osbtV6hi}<|o?=NgxjQB1b@>K7tGLj6>^Csx|w%tMUp!_BduzhA?7q)?i0WHSa;B6*4 z@C>*gDG%cq*h?r!#fl*_Z^*7HHMM(hJo%^XQ@rsvjw)6T}MY@v%<`9vjKQ!${tTfM`Z;WV2YO1|AKxaQe4F(4U*GU zuNNHvkSohhM_hU2)dCB)TPliM#YImYWz_Q(WF~r-nvm*o97h3mg)apM0BTCCKndbk z{%cw_r4}#-J>DG`+TL_wMVquH2{8yKw8As1P!(msm z@-u_>HQ+9lL*S38g|P5BTOkwGAcwARxv6+w<;+$H*y|rs8O6vgORC&n75k z`B@zF$xpvr=1`PG`yz_WYzc2GlJf5YKdO;`lemz0A$}(f%fd|7PkTgH`&9(4{DGE& z4wdj36<>vcP3^tE33sS65&h{Ek-0yWC0 z_!=rZfkcq4{8s2_EgUe_+|XG5+n{mhOvW%gt{He-3s5q7O;0e8?#pz%L`*QIUrY`m z0MPhWphy_?UI5}E}1l!P1V8?!tz?Jl&-c@FzzcI zs2~?ui}glDloR z$!T_*;B`KU5_Q!r-3K}clLx(a@FF~A{V^pED$5t+A3DROA2@7;pe?L-#1A`<#k^KN zt;^PohwS_KF~lIw)3D;}hwBaW43Y&DEzH<$AD17IJ@V|#vK8&vq9XU|h%?B(H*OTG zFJA6D!1$V4P@+)a8xz;LdqjA)c9Pily4HCSq|c#D??``quE~fzUNP zyyJOk@-sX<29VZ(FldHubZzVrbnarijES~3hgxS^ZCg4o10N4>M^aP0nk_GbTzc;g zutu%|h!FUVw{tV_;ni!$^Q;?JuTO8YU%z@KB>wkA%9opptI7{-g+auSo zSNqVo&2EA4lE(Rtga(LMutmGa0B=S&O@*y~ZeYXQyV|SSgVzLCuQWIA0T+OWM|558 z>LnoX`PHfYfA}|X?kDh0muolc7wzqHKgxb*C1k+?Wp9Gf%+5O7yX7(nsyXCa_~vSO zxU$B*Se~rD; zZe0Z`X6Jhw-&v_Iy89Q)!2mYX(b{3?y z)qVOSp~2z|QZDka_1c}TeA71a;t{I&ufLz2IND^K4tyJ{Eiw5G1_$*g;-KE9imR*0 z@bnXd1m-_N4KPm~16)C9xXM&@=WCVB$>WJXV>R1c&zKgGFBI0w8jcW4Xv>kqWsLCV z@?;O3tDqfKVlZ2g{mD8cK zNsxG?gMOc=_2(-{Yh`(oCD0Jt-rarV+TEtFdsg4xdV*z~JZU*(K_K7>p%ufBY;_X+JU)5xsG=~*y4Fp0DI);v5Mo0IC(a}`KWnpBN7%0~ONWYeFp~NwSK+4!BI*p2u@2{j)T`I9 z4W?FN&-Z`f?{=wgfsf1XZF;+ztW8b|U9P-Kgnz%*-u^C~hT zwh~F5lyNs6WtI2valHSkpX}?c;y9(6Mxh)&Q*d%t_?fi^)ewifz}6+*40P-*mzIo` zy4;9RvIjBKjFo4>p=qyGU{Ra1{U8-JMR_T~mv3>t=oado^hXcFd7;`EK?@ znmptF)P$aGU*1!#>~xRCC2fAmH8+lVs0ewJ$s3))nhYXFMYdX{Uiy-I@WtTR5}TU- zm$Q|bNEY-9$ypDdAd)=FS(;G0H z`&v`SCc!R_E}_(+^x5KOpfm3236c_P@2;q*Za+|3>Z-#hMwR>4YWTI#Ru=b_#PW2VWy2bMgk%!O3{cCp*(Gr1P#|m9WFTc)B39H ziBPrvV=ou0D(4;fbcc~{iTs_IOOqR=7PPx7s6~;ylfIGlmM=f?`ag18z%sZ#mx zjlR8#Y3GroU{+8!#EzsJq>^lzbH;1y7;PHyiMktTQQmTX$B{?XQZ>P;rOsAQcLtNF zJSdc|r%6ngaI$&lgWcbBF2xEv&~*A$(No+lEQ5eywQJDJvnT88_!*2iu1=y=KcYV- z9s-^M3--@8yH0rga?9nXyuq=*5=bs2)~^Ts3hL*Z`2)ssB2R_I({GQ47Iwq{W6^-t z@~FqKlJstN_YZqA_k8N9Vny>br7kYr=9_jm98WlLUWnIuO5q@pq4Ul;pRBRK;8El9 zN#}+$cP9M1(&}T}%|YJ%I~U_x^W*+XdxF!IY5@d4#_WGW<~{%m%E>9#LNC)2{Y9nR#Xa-3R5 z%8r{d!r9df4HGTE$<)r*N_@0Yg|pF{{L2e~U0;8j2^xG3t@xluiI>fDU2ccVKLTC% z#aVu6DDk^N=XYjKbI?6_{R$%)*s4h1oM&#lWJX6bi1WaUtEKTiw}(Kg8i-j&P@hR9 zA{%BAYE75r{VcVy#-{E;Dtx;_RNv~Lyag;-Tr3;QA?S%rS2G#e4P~UeZ<2;3^iy+A zo=&|lm8{w;loK$0Kwj{DDdTxwLWym3I;P+!tY1-~GIm129Q-5QBwnVL&T}SSL-MtI z8*zR9>@L?A88StdRkeID8ogI&6I*Gchrsfew5L=XisDbs@OOswpmjzX1$&k^bfQ@weez@XumJ-Si>* zH&a@Ot$?}=5-)UPUV5l0g{s7nxlGna-#56CQ_gGmGn6&l4?7Jy)zTd#i5xH9j9>KT z4pvmnfEc@xhvW(IpTgheH!^=(%34h6L#1JM0-Ac*BrK=Bd@UcWdkzR+du0~${CSo~ z65BjKXUm7!5@3OyAZyUBxDIk>(@wy80EX(lc|QjdrC!%NGAhPchJX0Y6y3pG0URXOmY6?LS4mI zx;JHtnq{<+Smlwj!i5g@R^9rzk5*0iT*@8va}ujkxI>Zmdu&e+3nCURBz>FNyzncWBOBx(QzzMl@nxqqglJ!B}V>Wkn|bBeE`&a>bzFSu@f?tQ^X zR_>7sbjo9}V%W}jpTepxJPt+*MJ8G|>xU|py(Pnk5?sg6U%=nN7oDf;M1FP6Ml)9w zhp{8>q6r?4q7otoH|2cjjKUo4@_(n;6-HMrOvuE@?HIcc9tLoI**)S(x|%)IM^K52 z)M#|#dP`j*Q24U$?y}g6a`|M=8)5CN7a#)3KCUE{)W3cWaXC5p5Vtq6NMx1o(HX~o z&n0phaub%Jj;|z{aO~#CvUAf7n#{gi^ze08n;lm6eo`u$w!@);n^5}acf-u@LqUQ+2!=8^)pC*vPa2#tgK7^fZY=ju>^SP6ZJKLG8LjB6f8;X+l;iQ zb36V0dm@jlXkate6JuJ4eiQ9ewbpJr z3m3yf*p9wq>EvN;t?!J;*{Jx4Fwpra&PkZhWJNP|l*&60B|c3C6C#O1e@4h>IGMl1g@&upVEtF$LvS? z$}diT>kk7JJ8+-95+egQD)%1czT_WkE{Tez%Z1C5i@xTS*T7^3Pn$nAXi8CRNusrd zqO5KYmvWxk9M`hNl|Z?aj`P^cr#+w8<1VSh1Z;ma$!doa+q`|G}lP$0yIY({D-JhIH}ciI0H96*$d+PCtL^yYV# zl}UCk!#sdF&81XM)gqyOrn?7s>&UY^lbalE%%-ow#H0&9pS}R>alc~s;9}fyon*v7 zvyzk+=Fd~4gAOy}Ql(9+6X{%f7F#Dg(I=Is;a=&tmcv%VeQPU@CPY?Q3ecs;o5`9L z{N^Yjj4#c`C1EYA(1ttW^#;&s<27Io-^LUXN!&KELDwon?>+S!QB<#^w(%M&Iv#39 zR+jHOF9->3zY;FWeq&;#p8O2wq6zWkjO+H$+j@QP+IG38h3Lgmqbtihl$I$1`K~*q zV<~<8QaEvp_NTYhPcgPH+7RA%m!8|Sc{ay-hR!i*I2F>O*9L-TeHiiedS46z--v!t zdbT{%_}X68PgQI|{l&1Ig4-S%-0@gpn6$fGKBB`D8cgu4uncX}aeWPR(U6y65Qi4C zRH2lK!%Tfs#M%{pTh+zK?uwZ5XV%`&t8Z8(F^sB5VV!~WY$v3Wvch+&eb$`vrssL& zfx32WXxJdoCe***Rqg4w#82<_yPO|b+1#$%{Ol3*6x&L6dDz%?2xH9oR7!BsCNUsY zKijCqD|u9Q?B|d5@(Wz|TxqhTs>+_Mu=ei%UucFK$`!xv$m}!%92oSn|-QR|{ z2W}dkUoMqLdSBbm8_$v~hPwrMIfVZtgQ?4O5%BC$;tx=Y%YTh<2(XS!o8IzOO(}UJMK&L@sFYV7f#Vs2N=flEsnqB zLj8Y6G{la-c9ul+Ml;Sqza)Uh~F_zB4<_S)$76E5*>v^UYydn%{>AR1F)lq zj_Ut7;{Oob{J(LX`*+z<9-`toqbmDZ6a*|N!AEpaPdpo`+f+fBb&b_~>y4)(^pgi? zA|g5Na|dmPh)7$ZWL?k(b4&ByF_s?%C3JM2M<36g9Mc{#@>yTMT#z8b`sF6b9->h& z-IZJ)QU4PXBGeK=?f zf6Fst3|XInHr$+&M$qAPXdKEBgkvsRna~VJ8d>RI4RwVILYNlGOC6~&WA?Ii>f51j zG)3*1F}-eXrZIPLugB(pdPB>&W~OjO0ENStJA&y+tmRrV)a|WxnvXc&(KmW6?qd#= zhu*klbh2+Yrt1&oU~FJ@|)o=5T0|M zs_B!ZT*xi&%Pd|irqXjvt!r^vhi5^o2-XoT>eit^#)k3 zYgFaHZBndNT7S&uJKVIMpVi&!@LaU0K(|S$p<@M^7HJWwS7_`+{7CB*y=i(ydjqc8UXW_AS()!jm z5d0y}^a{B3BBF9>dd?7a2*&_&lhuAzkM9 zd(jgL2Fb}wNfSPuJP#DrRJ`Yk9AIE2&egg=!yPIJP)}QCjK-JdJA5i7iLn=A^hbFgZEz z)Au_lU+0-jjcRNy@oo6OqPFgcqiZ1SZ8KKdsf4<}E$R&VuD59g&UX>v$b^ynL>A zpMeE2KT=#)@_ElWgYHXKB!37NT~7%^0%s(c|8nUu>oq$Ib2xj2*=i;9cNarjhWw6d z>VxXkrP5Ti54>&ntFs!y?Ya2XxRi0zp_wC8ODpVC*lUMwm0nNU+2nyigKK5*v{!j` zW1uY`C#JS~20^*=X8qOSsGj8Xg+y}N$UHxVMr0IxvyXaPpEAR^0}96r$hES?mqW+Y z!!*Ob)`-%a%%=cL5amUTb22mmH-gT2qft|%9Za_zH>D68o1#LX;*7Qzb7|O*au>E% zujdQ|qoZJyrEFmtJyQ0QaYb3xZ>h0)-0AJB!Z?G^;uRB{RHR!8?wXOt#pT8cvar-8 z&->?}DkOyM@;iosk-L5D!E8oqCORYDJ;k8nH0aAIn1Z>knNboumoq&_Jgmc0eg;7)IntJ8uXkEUoeYKOvBGF$BQSSx+*hjM+ zR!)lO9wUG+jpG+A20!_o133oP^=jScI-~Gxm*UtmN`0Uan|^FpA+3jC^AxW-V0vh# zABmaea)cJ{GCg_pe7AsMhLTB#?+hA?5?s_*w%K{IizGK&M0+SmGJec+8V9}+>?vg@ zT`A3G1}TVZ!rOA$V(EYz#cBmo5iQ^Vs7e;yrHXl>T_4-MMCh?xToesyy%POz4+ zd}vnf`f{lZW{=AhJ}-M=J?}vH$bBtlMnN|vu6D3YDbYmkBzm&(Xu-q@s6$rLab#n= zX~3FY>Xu}LVs2^QMmD@vOKil!t+$hlio?9{W<_w##M!kO&=>?=TvK(^uF_$Bo8_>k zAkJs+_^|OCj|Xb((;E1flRhHKOP>@t)LGS+r%1c>#jKGY3Ou~F=e<(?mlt1miF%_q zJNJ5V5=`RT%eeZJ7JpW0()7`(A5w`FFS|iA>T>A=3euFXea1aRwU886bXItHV(huq zcRX+4NIO%Zx9~z$tIOJxX!~G!~YWmYq zn?vio^f&UVP;PX~U}VL}O7Q9o7vpS`ZWBNfk=-y?8k z+-)f1X8{HpA1mZ1N8eJ9O6qq`J2NWb&e2*&%0Yo`xcY&&;H{r zWm9}PoB6IR;XB0Nl%%Qb{ys$`ul{cjG=l)}n6fI-x~W(Ll5+r%OK#mhqa}C!XLfY^ zznvX1M7}VnrtGCk)zd6TpR2OBb10_vt25}j+0|xdy1dt$hB`c=!*+3~peXFf5YxINctA~TuS5Wi8i=%k;yxZmu|%P~EKqkRZyIqMmQ zSfnrcrQ>(1v0-7az2rk2#o_|H=&>+q8{+c7>I)0n#`EnW(ESK*+;e>pp1%$VLEzOW z;$~2l(nQ^tMO^s|Zd1m$Bhj(8NNKf9(x`UO z^PW{hgBv&5?UnzG+do=jUYR`V$DFogUZVE4A;`{3oXkA!q27GuK`Ts_Yf2o*oWDB5 z+BJfgEzY)=EJKSwp}x03IGfs6U5gJ?74ToMlz+JYtwjlhSzN6bMAR?cqJ}8nyb}I| z&lgRN6Tt1RiSu?mi4}I|FItF5@$ks67)<-nlX)1+lN#^%Xyu8!L+H*TpTj_}6*f;U z7}&n7^d9vOPfuyl1ccPcaI(!zInA9fZV7-=;cP2BD~nj^%Im?8DbJdvU`vn~Tk`{m zgo|)Rx@kD*$jOOQ+SOzNPzcZW+F~n&#| z@BExPm6Lt_oynE-(*TeP7wjDq_S)DxE0`TuEP;^7@hI*w#!K;wGN&~w(M@^wI!av8G`QUyh zXb0JIfMZLPMxtwM62vJ-%&PUZ<=p$zA}=*&okgAum0t9vX8)EqyasCjx}(4QthKL} z5YMIP4!cFBW66=StVEoSnx=qg;eH3|5AQu>xUtWI5-ki=*x$MCCBX)Xq~hljv73@r6JA@c_(Q#EczXNr>7e-IgdBvYoyO$*CX=Rm8@j1H{QlH zl5zNHYTb#+x{^0j-D@?oxC}D(;;%arK5R4TgU=0}7OaRLY2`4&Fo%7h%4-*IVgrXJXMM-sIH7yi96szdPe&;~^j~ z$BW)H+B~?}qHAoNOopMfUf_=KyqhrvSC+HwcGP3w3SfJshx2w(gmpbDr&{*-K?Q+T zuvYbqTbDMbSq;TVz8ZR|W~)MFVvNB|GHD^GxQM4vh}IkW@EV?2+KqeFm1(zZN|6%f zYpIMq9fUQSZLM(mKCL*GS?7{VHDniuy0dD_Ld~OoCU@IN93ZB52keL9S~6izeU)zN z+B-OIHk7b{RAYhelYUGDM89>;E4d?m4xG#9i9gj{nL0?@jg=M_osKm{Y^-p<0=?#D zeV{>xn_aP=Lv|Lb=h@8&WI;zij`L*IGbxLN2O!G@;E9S!UBGA|LiDa&$9SwX3kEW^ zJ1#5mKb3ee+im==8VCSy4Al*4ct|q9N#3YIhy%+q!k(XA!M5*sQl{ zQxA29-&B=mJ>2p^A$l9?Zj{NkJKk{k8{+>!xGufei*K_4P#kKLpw|5@=KZ9araw%HV?Rn5j}xU!}0D_V%}sqj;YW4ZqK!bTOQ43O6)_Xe-i`BKDwPNkTBi7zMjR*!ce3vv&}2avwle>Guo`m}(8VTsYhR zb@K91xNHDXrx{Da+5YjBisUY31{W}bL;@p7kL2DEj|*v<4N?D0D$nGfx0(aj8(nKP zzg_TLF!o3=3bV)rJzhNNRKU7lM%NSc41LNM+Qami_b9tczm1Ti-Ye5X1-rpO;k5Au0`eI!9tLw^~jXCPP$s4MpTm#v;gi)CE6vt-Q!VuP<`7~DSL>=;%D=Bw%! zrDf#fUEWyFcmCM+W@Lxs%$Ko`nfk6@#$7A&>vul#;Y2*5UI7zijAf>@|K*%lux0O& zIo2{$s^ZFO@bkBePK{Jbow9W_ME7h8sSb8 z{@l?Ij>b@(F*5J+{G`#1pd;JHvaeF<*HnPG2#5yGvncQ#yVMw@-(!oiR17#Ne0Zdi z?3Hh(`-v6T%Z~bJUd=L_n`XhkP412LdZK@3%1ZiC;<*R`p`I>4gk2th!s$t{@je(0 zW-n=bOMYG*K6@eSOGitV;+A2v8VmW{LfyRXMT|K%S8C_7LfK$cMZh`Ae85U5H^h%C zITwK%;LFzzd2mO};novJ!8S;yJ|!(-C5c$%FC9NC-Sdp4bIBD@Mo@ zK7A;9MR$->7T*pVLmIYYwXfph{BcTL^^V7VR?l3Qf1p41D~N*1?!V;)}x(nd4vhL5y=3DhFhky;&I76L-waSU zq}mm$&teOG@LFZ72cusM)mZ$MZql8yH(a@aJE6k$GLp`07Sikd^Mks+{{WroPq@xF zbWx$Yx_J|5Av*d|+Z{=e+Ott&8^&%_h*DwMpNIcEw)>8IsLuTu#{Y|NlziD@@0BuO zbG$NgcHFry>1xFILb{XXUzSd`|6Oj%tHj~oR?TSN%ZpR@S+f8CXcSBM-3BI$J@P_Z ztpeSF{*OZtQ0teu)p>iU?~TRlamOM6qmJH~eU}=w>*g7~GVcA)+>{t+sXIB}?4MhK z_8mD!;hfr|oHJz*F&3;#=yFRJw5Wl&&>tuGB<5C&yd#w-uSm|Qp8R(9>{RdGOgp;P znC}oUY924>iekUFFYeXzNCSE32#rgY-uTxsF60Ut$U=eMnQ2=9{cN^>Bc%l(P(V() zTLm+{N&xMil{3dG&KLQPGY|Cng5-~6RlVaDH>)dbEwQ;6xM}J{PY`X^_@Uy^6{7gy zyb4Ajw)fS3x0ffH+Ox(TGRP~o?+)6tK5?9b5b})nXV>y^iM5rn9lH-gK}uz|1+pWw z)(-Cs6J>*nN8A~`jkVS>Tj6zQ>C#2Y$-P^CI0qw6E|>J;ydmG&^C*VjRD#V$Q3phT z^|$PACXTJk*2lHzFC#YB>-CEboW@e3`82O&2P!{wgq5R0%Gb8CVjM`|Nb8FAt~6`A z%=a4U$3zAU-RiMM**AYaa?m2bv1AV{U0i?XIPgE{4jTVicR=g^XWaqh^B;8wFL=%{ zPiy2mpwpU(kqNy{GpN|?bkcXPXrI`gy(9x|7Ox*zLua8qO5%dZN(D!WH?hsGzF?%X z&UMa=?X|>M>x5xNwX?KQx?28+<4gT$ z>m(1rciPMbZ;scUyiDxDm%2hRZkS7b<}4*0I%ON-gaLr*#J(Ez@oggY}%tjnS0 zJPlRm&7~#8&`ndpyuZ5C4t$jSpx-8-IsP?iUeY3usJSPIN{~+YSXO+789EdnIenux>8w;Qt4uKma!PFkW_B4<2Ycpv^mJNpTYIr*ICtjz4BA>C-q- zRbkWhs3?&Wy7+4@4*-At&7XH361FCduGyz%Q36y-;`|=F1SPl8QC`jrhea`4xvQWT zXTo9`lQ4`v_6q7#e+W*z5>YPeq;oCMHu-lPZFM``%B$s*9tkS?dIoJ}R-BZRrV;OZ>f)x>D zCJ*s+PG3^BC;DH}zp+)Hn2w!`-Q5JlX^CS`D z?9FL*)uU%rEiC^F;$Iy558`hjpIB;5Q5^%yK+xbDmu$fEq6odkPli+E#^-~lti*+S zz{lw=ES>f{wy9opcUwb=k-LPMhHBC+HeS0z3sqOF%Sz1z;8<-p&Y9VdRTc08v;PAA zlBq`J##GIRE_dUaFApwx%ISOjSHBMJcJa07@muIBDfz!)uAS?#Q=(hhx_xMj|6M)S0JOWwgx+ zP~3Ly(xx|kH*W)j9|JJ>5%IO|s9p1DENW?}f)SD~?7ysUzO)ytAd?;3)443y99J_fp-Gxqe$wdt~Za1WfY_pb{+o znNPt8VY<{Z%Qh#&2hr_gTr}fc>v_Oewi&i?hB^v9IQu^lf1B~l=7X1md%x%7+=erz zXD-fj<98O+|LimZv&?TA+bl8fffV+irWID?D8XOvMcf-JY|Eh4!eMgmLqg~oTRuu=tDGHsXn>ns@aPBRg1Nius=kJ=J_v~@s4q7SILILmi%s*wGq6I2c_4ofCX;xJB_oykhhk2)TB>8+fZrS3Ca$F519@p<&07Jwo^Yf?>V6|Ms|bg402TE?#VjapEg@RE>1OD)Q#p< zidYbc9YeIJSf>;FV(@ z*HE9n^%YQk7};3rya|WTg}5^$lw4;Ovae>X;-BQ*DPdqu#Psf=o9i4i;xOETu%R?z z(-s@zD#x)(*lmgJV(dv7e;9qlY=w|1EW}>&L*pd>C*VG~NFJXat|J^p#k^F2IDBt% zUoV_CinmC=&lEA0Ai#MfYa=95^JfkJvrEjemd3gO5+P)94KIL2kd9vCDva-lo1WU{ zqFbd&$Lt-yZ6(Ls(fLdCZvt&~?b5Z1**WU-bhPofibFnT-D@=!&rG2_u@QsgAyUJ~ z3+Qwf(^7Y}{e%*`Xae#UJh3dXI~d4b+q6SJDjt?78D%W;D+pX{E+INmP+axP2d->!E6`0E zPpSJKS5&j}oR3R&x55qG!vo)%A1$tZ4k-b|Vc0fzXV>^jzz&dy6NkEr0oH>1McJxDJMRC$wBW$Zz|7OX&Z^6F z=g&=410*M4*b6M=>rH7FX)KlV#xZL7$Q_-|)N5#n*NmBR3=xBnYYq=&Wdg*KJ@FqB zf6eLu^p)Dhs9Tj39qBYRH|2`VCaZOAEnwgLf{h4Zy~Fj3xD4O?nVyy{fySOp(`fOU zG#tzW@z?3`+^{|}`P5cYTfXXJK?)RELutF>UoVbZ*(Z<_lbM zI;@+o#P*LOJ0&{PHfH_1nLb&417vm5QYC%IHC1<$P*b`;GN1kf*ylkw|Lf-o$F}Ti zzdOyjtsitZ<}^jmL$*X;nW1C+~=smjF zWV6yJ@d!qWUq?`8qWTU_`{-{_2>{rtom_k$YEWmw`( zlTg&Qa~Hf{!A2pz`Bi#8HF~o@{(;hyj#5gV=&fe?`G*@uutcKk7zj;Pg|}S2bSKY51UCeCq3tJHNny|AXp7(~=m=5l`U8hrSLN z5mhr@;tYii!JW5i886a5Y=~%6^}TAdXXrSeSTKw(uV4RI)y0zU)}*U|d*d-XTX-^q zWV@7CEp^_+IBk7Y#mCtNaI*Deuypj&e`GOQPp23jljG2g7pd6Rf63E5E3(7uB4s*YVffii)wnGp!!)mLw|+$$nE z*T8*j4Lij=Pd4jyZE=-gV5YkcTXXte_~M|dqT5n0qTO%gchx2Xx;^;GF_blYEdd-8 zRf=#mwzZk*vJsaU#fV*C@_o8*;yW(J0CeCpceQ_>RCd7+{nRroLmtBY_IHnDfk{`; zkItCAn#s?bZ6(WPA^2+YBB7y@k|6BsToou_JNR7Dbus~GP8tc$&_eGzYGM;(%@m%W zooIEbbfZInuM!6wPt86^6M-R_BHdrU5(?@ELbpjCFUpZc3EnTAS>5LodB0}>YZqXl zTVQGinEHJx!0i>|Go5ZW#~^`hcmxW)79kqmoqom1ZNVPaxH7}6_1M{{aK)+SZ5KO=Epx0oP<->je(yRe$e8u;ZZ6~@Gu$b0$4ktBPu;uE#bRuK0E=n`Jj;3VW z8UOHybXwgB+HVrefrL(pHk&isDxnd-uUoMDKbnuiPF<#aU!W;y*HG(w|?d-pB zF2oX`TC9v0W~cVF-||%K+=e$XxyK}&q2Y*D`&hY*3P-|<2}*2D)k=mr=sJK-6L;0Q zQI}Y*;>%aYxblbVCjdyi)W9Le8dO-beF|u@yIW6!owp#8=Oevn`Yao4jv55AT&nzK z&@jcNDhJp%JEQeGVy33Bbk^O~M!FVIpf|S<*7TS0REUWd!Z+*Z2*RwIxZ2w!J8(%~ zA=4pA{6j%Fg?fJV=7y;|$O9-o+A9Guc(7Y@Tcs_4TfITVQbhDQx;zJHY1!p=d1iov zr}-_z^DyCS&+VoUp>G0#l28Qr=NMp0AIznEd2ma0%6{5Wq8t#oFgyl;$7cn`Q<1V? zdT4*_0pMtu(kl1<`_Yl#K0w6^JRa1_gZ@(^z5m~`djI~fhP{#`1a z_PKzz*I$+)U=k2mB*xwSD|`9w=yHE}|36>-KeV?0TNM8fjqxmz|CVHXVY1hEUCzog zV_hH6Z!`eq`KJQ~o${`0Ykwyo+>D7?Hm^MG@~bgHwT{56HXM}J2H1iAp;IZ;3W_h^ zo82^;3#6F}&L^h3CzZ|4uFWW;J)GDbs?DbsMGnj@Py*{LXme$vh7`&PF|)cSJ@z}$ zLIwfH&h|HY*CMk#%tvNkeaAomC==Bf?AjX@Xg=$DVI!~xv=%^*#vsRih9+eX7Ejkd zqQF{R<0t;?yAYvze73ssqht%2zGGiKL`@Xkf7rpYi$K*`vlNJ1NZMXywH(Gk;E#{ikH6KT%3r4)cpABmP!LT;1(n4hVYA@TZf`l;7{vlQ}D)yr!u{t;fo ziI%NRIS9HO5#9S<3rD4S$w%(SFLnRcnnlq|83@seFKe}8B>>iuTDamS)U&rfQb`tw zx3c(Rh!DO|0_eB-jU3D{hoWQwM&wx|U~V6^WPmy-secw{ch)xW0%BY5^VJu-dWG=4 zxj!TAr9^(6|E|CREc`F*_ec$S&XV^J9-1YUt=Zc#P~87AXyjKES)pkLFfQmcm5%0V z9bNG&Mj~~3LlrXm9|4`+U*NcYy4XcE-s8xZ@X3D4Kp(e2svRDjuu%|?FDI1u*OeVd zs4bVguhH2z+Fv{LKjH<3f}bE_R2Pd0j%n8J6A8m)f|um_ljK%)RHqtHfpLm5asU7* z!=lU%44rBbS2+-6th$#ZkS_qO}mRxB}4CP0hmg2K06f`C}2NsjyW`+bUwFI^rj#) z{^%}i@>4{;qCs)IE(+)GF8)0aAnGPtsKJXEFQ=C5uASXS7Z@ywEDueK__2}D#AJ1y zS&@`Fxjao(EujiOV?Q0i5&tW6!C}@9JInh+cvPg{S38pNo8$ zGN1s@!wY{Ah(0M+j>{^WTWwEigxg-im-`C~82L?kd^Rhw;&(v%ltY#WM z_}WJC#%Q*(!!Y7&Ns@ygKN#{Vb!~e=P-sj8(z{vs}UDH(6 znRxzE&A#dFqUZwp3lu$W@Agl>o1Sk2K_&)YVx>i^Vkt($kjm_TP36F%mze zxp~#}kzINYG}@{TqO^9(dwg&s^O;UQ4M3@XfhW3C@GIy@l3qq}^2)UvY3rQLlF3_y zOHwP*Is=u4D69C^v`D|}-sd1rU~3OMlFopa&Ur7tC*^CMkH-uFl0u|c-2yE=?j_Xe z`ys~G{4L|jBOL(LtyiB^h#~n4o}si22=7gX>(?dEFCo&YXvZtVG3gmgP1HB|#1^qe_PJ)3=a<)yyj_Ny%fdxuCl4FvFC|d$0FuFXlY)QG zj0e1RM$8!66o}NaP0Y=-F%Bc-`-CY6*aIm(l9oAK?c|nt!@-4n z&8SCzWXY<#B7J$)05I=zhDgqsyncl{0sG`a>`K8{CmU0|N9(L1SI9=|FgE(~E;%0n zcFtJ;pppK*9(Be=2qMJcQ^u6C8*^KwxCx9wLEi+nx$<$2YCdVgh)Z!V*m@xyaro*d%HcNhH+pUCl@mJctq+WigTD zagoO*J}rjQ%uAAwq%@gen)D+}B!|OY_0t<H>^v1jxhX3XDrSF1z=2)R4G9o#_RbjWyfPnC`O^Qoh;^K3 zqh<}M)S)0Wgp^zE{-G6Z zl|c*BRHm*>(#7_auS7&*k$n74_E_ zi&bc>uDori0iM!*^HNCr@}|0d^~fM`tD)1|a905T=eE+3lks3k_MGdxjg*{MXCQq; z*W<|xJTGQ@6n8}sxqX_A)m>x&Pk40E``L@nBewElqDhob@|kPLTgB;`A^OTyp+E7Z zY$8@6bXyZuPBBhqW}+rC^Q^l27kEqHu^Lx+i1GPfL7nRHkWS`uhtfN(#4V37hkkFy z$F$KGTATO1zIDDem8lVWz_)#6mA0OXeT)3@Re?pw_fB-w9}Qtoc0J7G!hN$CF+)0~ zxrzEL6D^r{v2tqd>F)%yY_DGa*(a0&6b<+$5x4$X=`-S6^5#~vtmACwrGi=OSPe)D zOTI06$TGE7mIR&gnz)43c3vB-zCgHcG>v? zlLVWu9#72r#o)AT*a*DR|0jo)6*!)i_eG2tbg)Z$rzCLQki7FedwPMw@-s;kNurZ9 z@0LYf^`Sby?@brDA}Mlzn9Ta7 z)(c(Tgij%i6l-SX-7clB$HMcC4q8-2mnP*lcSXX_=pNBs^f5dZZcjRODIqkX?bxE( zM02~!kqS9pue}>HP{9Q05N|)>CW~1P09^`zt4WerzCmYF)@PBj(I(M37FsrgDcUMa zujE_7HRIHtevPNbnx+cbTqAiF+6!7mp5^`~Yx~dDPWNFKeHz65Ul`Q}5iN^#*F~6L zCqK2nj)M)AR&?2myJW0AKEcnK*lu8qQ~@FKla=0q2eT?+(^6E;=R(4KmM?USGdV(Q z3)jctF+5HM?MUZ$L5RPkgi#fMPHyF~5a~ytymCW*1CjRTe0$@Us5R{dioRQT@-_eN z+oj*UNRvKehPe6dNt9vv}NW0OtF_1WR54ZdH^>~hRJ)OCphe>ct z(>>9Vo-;l}(0KpCdbxg6>ezcmmOnj5FV_pYQcq$TKy6#HgtQL>{L31QwR(f&H=v(9 zGP++%sc+j*T#N^`=ncLSIO`(PE&w|=lBlxUfuOVeLKB%nt=%N)nPJg4D#1Oq)%!T8 z&*-ZY&54_t?=yUaDK!B<+zgj4SU2mlO8nEYnp#)>q4`IY?3U$WUlqPNxNUs8nN)^H-g7-4{ZcuV*43$3&(}$x9fc73r>>NRA`}U z1KFk~G|u!t|I4MsX4elCjr_4V_xjuasTvsp^!Y@uClasz?aNj*Wip2<+}R06aRk%A#z{^-@O7b?rhQG5wfV-;E#mcE3#zH$(X|CBgj@NiEux>qt&yd` z9n9%N1O=I08Wytv7Wq;AGx(p}G|O7q+y&8(+U{$|((l_tbN)gZq$m~}~FjHP|ON*J|AKFGY=1l`!*>(WUJrEmKCV?zDUU5&tHe5 zWX`Q;U^j4V8vR6u_mouf&;gPHq|ViD4pd{l`=fD!s!8rodETA{VqHRX8@0-kiWFrA zo$y}Q8psEF1K1{$YOW5aRn7>*EHmP!CG^Zx-?K>X^OtY=V4wAvr91pcbvW_ZJYyM- zZ|`K`n+`3$-TpUJZ8rd!H|BmK=TE?+pEvCXABTBf0@4ig?(rLHQfhXnHWzV7Dww?$ zm;GvY`LgE=GR5mGD-W+lOYCN}s(iv_0?Q+o>prikV+$w4{D&Y&#%`d7!`S2ev&K-s5lIoa<2anKy3}kM{`cS zzwXW@-BQEo3GpOdRW39lGDKBuIN6qaH$>gIo%Q0dP6wG3RIOZ~f zMx8w4ynlA)PMwP4;o;!=TG=4WPu@O>e84YkcgSR%;Dq{0D=d`wPf>5B7e4B^byx>9 zWy+@fMIVf?UL!MG)3wCHHA|bigd6oh@-aTpN_QVhH|87Rf3p7!r;J?IJZc$TmmN23 zE(^n64+k=~j>_XPqpbtHNf6zmg2LV6Ip4y=e2PODTw++l#x%$__?^{iQ4+sLgJ;hI z4;UY=VNa7+HgC4DsFZV5)%FKt-Yl!*g<4+epb&U(&Tt)SUQnaFi!W)_GQ~uk@<&QttpW&bLl{N~cWeB8icZ zRhcOi=`f=D3kyz}a;o>*W%)74q5V7)SGWl(3u=#XSQ1@AS7XA>b!n>|#$G6<8?ERh z+)9IRc4%4XPkz1fC;dmnOFf6%34HP^o6^~}S$;5~AO&I$)%BW)8MPGLwM zt(KFAd0R}Cx$YOW<{14fhnuD}EwNQRK}Tv)I;q@t_Mhixy9$tdT2ubV4gT&`wQG1UD&h z=v4|U+_xl9QFKTs3*3EMf7}H6akxAaR5|xXylrC;f5D60d;~)yn zw3V|9wGyu_R&_GiqDzh$>b}8GhG0F+lh!zHyipsGCKe`-aX8Vmgr%(#SUEl#ECexq zwzmwbDavcqsF#aKm@HcGw_2YMtm%ONWFYN$-}otf!pguW2`xE6I6U*m)eS(OF?e5! zToyoGRM2DOh`HvY_wu60y(pvC04N!FpE=^QOxV6*0ji7ig|i1o!edeWh~2w%fn@jpbhz) z0Pd_`DuH>p81D$F<_Y)2X-fH3Rxbd*6HCJ|lnL#>A?Wn`YEi2S`^ewftdyJp9y^dBz6z|FbX(h%eE%D;4zzCXf7EbV^p2W-Yt?yi zgp?JN389>jEu^S75nxIKZjpN#^?fa!s|rcPy@5^#AGy%2b2Um!kCZ;6T7ix412vUo zaK&n5_gZ4QvV2`xA2Tx;YFnB#F*gmN*_F=cDE(#zSoROk^eJjDp!~u_eazOJ#~H1o zou!Z;Bu$st$gV!JuSVrquNifF$TQODl@uFynN{@o4wz)L&lD{%WWSDmI$`7E~N%KOLat4yJeIoT+`vF8y$}7!0HyfXO_iS`d*aH0c59v0AHte#iL<5%OnMOof zxDRJQ^}iq9(|*p*NEM{zPJ|`vCII8p+ISQ{039+;NZwm(+uqyWcO=Y9i!N2C(qun_ zL74nzN1Q-~d@Vw}Q!-cSUC6gwpENPuY~#o;n_$K%g_UtR6~s4*F~##u4*PS$o6x__ zwX55lV?F;|6)^KuIxygI$)#ogj?n8><)|$-_V%-EZlkLS0?`$I8!lg~Y68Ore=JFF z<8MA>UFj*cf89b<+Kc?6p&WZ$46R##OnKumk2_I=#WN7|~iQYg=T78<4X=_Y6 zW+;H*m~uK~wLr{MZD}BSr+Y zNnGkg%@#WowXhj%MpG$xF>eJjjlNDQju=-#UF}lv#G%is=9jJfePi%Dx01ILcaScd zN95<1%&!u*{#>;lRw9jLwc{2(KS{E{^~sApoDjSCm11R9%nyRn{D?X*V&bmwVIeWfd|d?=9Mp8Tw$Fh7*v`E&OpeC&kxr*XWb_6!%#i z(NSL8AkZu!$HAPeKHA~4{}shM7#;Hj(1~@SH`*Fl2Z22)muadC1i!UqYVc+&%{fe` zxWY}P)q14HDTTp*tSnr1Kl|0asbc#!QYWc#_(w5mv0CiLljx2X$l9dW5oAM73M=Vu zi^5B?m3O}AP)iC6ZShV4#l|$!skl8Z=jf7(+9N}uA>wx4rW4G^dx4&^Q@3Lq$x*=>m89rTT4;(hIyd3R@)l&c zN4i=epr?*z$B&BV@nj9WCWRrm7|6tpc*Yv2KG_awioJ#(V;bZ(@@R9<1Y!I$g!NXBU;8HkDAj z&MKqDU`alP%JE)7K7mnp7(pO0XhJ_eY>Co60fbtmj*@^bA)$&pkJ$&J!`MLbcB2c{c`nh#5Gg$(4rrs?C1q5ht| zW-Qj)HG|$i7f-wss;CLkj~Yb2qg6cD-fjN5rJh^gzLKJ=@O@*fQH35Ym<-2S)L7Xm z74{4s-KJ^DsgqKSIUc9QMe&ouw?E7bU>kFUgVsE$t6fx>!Ot3&JT~ga?W~%fPE!mS z0IBHVQMLAHm<8X-jv=IK8M`Z?|Y80e}06VDDB%^WCkFtOD(w#BLk3ko{Lsedir0$;{Wa= z{}U9?^8fJ{UAv>*xAru^Wb6bXNbV>snltpmoWR?L)=yqo61zPU7q{HJ_<-5y>z>7{ z=k(h%a^nkbXD`aaIGSOa-<&9M#K<9VF*`E>%t%>1S>{DO+0$7Ga$-=sMZ`d`xFv|V zwk-P<_2Jh?B@S*^ayMJHX4g|Fp^hXO%r%RjC7}iyH#h22_Xm71(l?lHND{rD{fXVfB?I{0@7sFsH%j zN3G-PJPT6Mp_c1N=LdIPWgIWD|1N(9vQip+ZJ-rnD|*V-H7+u8Z~2;spNp2!#n7DZ zNGW@wW*Gtp8a^V-X7T@iVo1aY#8&iBngePhY->NMjyfDIje!eQ|2}1uW4R?-(cm_d zk+f@iN_EALxA(~1ME4%dcPCR!kAn%qzY^h!C2SF%$}5urkt^J~T0`txH9-ss`us

I>_wo zBT$^OmNVJXoKLX5d8FlRI3=(m&Z|io$ZF^*2mJF>!I8EndG1aJ#>=iWpKFp@iOyCK zQpawzaBg?UPhI$v7~!VX&?#N6pB0bi<0g|K(t({TCv^2$$6j+(#c~`DBn3z0XQp>3 zxkB*gd-6m$$b#g?o~qz)k0nVjHTD;H*0PKxxuR>i88Ka*rTVRXzwVuzn^?BZa?Cq# z!KXG=Px$G><$Afje5l!KTN07pfdVW)eJ{pEe=~5tfrVN;Jb*_ejic_14nlO5m^^(t zjCQ-;m3-lI3b;3Q5Er0hwg;YhY<0YRxwBMWBTCE5t`AG%A%lN*-9^5=nA9`8^2#(J zHPK#wB}c6$-d7X z|2nAj4w6vaeXZExcDjqutEquQw!-L>Y6dTFx>18&vu;^G^C1#N1?;B=5-aGPG`v7X z`1lAoYZbEOkxEj(7vA^XDvosP=&ymL@M$>P8k${&z`)kOQsKl|9gb>i#M=Vs$)dK& zxX%a(u%|6~ZR?v_jrgNv`JeX<(JDJ5{1oWfsLcJ-0_y67gv7mvv} zxjbFin8WyNm>X*CJM7_apK6zyK2+(h5!UXduZ0x`z3Ae!OH^-AN_=V_(OKDaaVWf7 zJ-?lHQ-zeW8++*}f2eNLt=>K$^KM+0>BE)41f>0RbyU-Bn)C}BPcUI(shX=b0ioNf z3IhAM+%5wguB4lgIrKyUICTt+uUCtY`w*^JjDf<@Nh(IP)U zM^=FYHcAMWKB>AQe!0P~_IndzKxkw@aq7|WeNfF@k?V%7dA)~g9*R|&2uj=Hy&;67 z9z=gelyKFNA2iRTRi2jaBJu&5`K_^>V2aSj3ik&PRKNXJEszqX)vp>0o<8w9a1(#H zxVQOWM8)XH$r4uOlUG|5plVb$q(?*~3y5=X+bmByfFXG8r92tb;Ev@E+AS zSIZkt72$~G`g=YH9OUQbN<`=6ht_fKC5{(b$(8V}@P_w{-^pTK^lO^2BiErBgHC8M zM3QrC=q>V{qp7lh7uQIPDrB$JGvf+$h2vXMDf;@E5A;+9IFE%Qq8*~nm->b9=t&{=})+Y2`JUJ9nq zWufO(G1Tc$*0-(bTiZ=Q7q{}0X%%XH0I6n4xSPA&x zTe(QR{gj(6#MDvojo=+d#YR(aw|Ta}r!=YD?Li-29_w;;aplA`dLJg1e}!=TWLpZ5 z^?!z8;Pi+S33S(|t&O`==gYe9T@HbBv@fqaN?oD9{@hE-Vc@jdZZ`^E1!`9G%3H$v z4^BhKmX<4RgYq$e#URAiW$s> z-Y2q{oC&6~U?WlmFY*Nkb%Dy@pysCCtt8*F66j03hfH9V=?oYm4th0-m6~YHA1S{e zhBJ>yNT>{X`Y=DBc(EzEzpubP=G?gX0Ehn6%H7&y7k+3h3y#&Vo#no2{QQyNoo`zmiVeg^cQ zjeK0eU!z@XjJ#mKCQAyKV&sutcCq&bhbI*ILdo&dPr~32djp18H&5O4Wi+0Mj&SiF zmEFg-7=rW%-Sr1l1?vPR2M4?y-4+lVHuS>=TwKw&CR|kTLgCg;(Uv8N;*oT|)eL=+4T}^f?@q0kEP)(|OH>ltB1`QJ$qEPVsS#VK{^glqM39Nr zepu9m@e-ba%;CfUp}F1kZF8zoW2?x1A0=YDhI7~Ni!K?Wtcf#B2mOh$7zu8eZn|G_ zwJbFJAo2wA8b|}Ph+QjoUyunwRxzaepwgl>(>YXQ&(%WK1|PlEZ(V0pnNkmQe+2m= z{c|eQ{v0s~p*ZEF^%J;n>I>KDOp!0lP9J5|ylIUH|FYU#`+CyHm(DgJhmFhGPYB1v zDZ4(c2ISIZm6Jz~ExzsjL1CC1{6Hw@>S1({Rre4n3s9IiuJNHOsBdY5?`ECDbK30=5SVp^mVXn5X0oVo2+ zz*cTuJnX3DPpa2SkN3wz?=cIw&m+Xk=o_NEn)CJQPt8!)0gAya$K|~K14vIVr0G&Y z<%&Izi*pX+cQFmbhWyJhJ;D|v_(nY)!NsYy)4k8sIe${pi4ah~!_`{kBl+VuLG}1 z4(P}&dfnwDJ(d5hJ4Dh~kfU2kJb&(`wh{-2GwqS&wHX%0a}rhCiX;u|`xU@aDx&h4 z5-^581K5aM2+Uu5{h-+2{9GV?feUCEwqYyeT$;=6ZC(5=28x6Q z%vyKr9!AGvvV6Jgskv~oip8Xv@Janoy}$;&F`p4m(zh?8Q6EI%;#PvyTRMnWO|Ks= zrw#r3l|^&r%$H|2eIG=9y8Qc1!`bzwbF+xnVx~F2tS9mTr@__u9*|$&lnBf z-gsxfD(&GUTwK%b zT*Uo7Ps7u?(C6tRQIZ@l67$q`;%*L)U%c}B?11G3sFbrL#IoNY<&^fGO))+hD6of- zEZ}RXH)lWbyPycmyL)FZeCfziBwuMd!@PUaUOdf70>p z_JT$9BS7MAw4 z?ibqeWoD1kTtE~a0v!3@3(o7Gb|mZc-{QYL)i07G4AA*1|9$2^Ndzoc-rXbTNY?)Y zwAr1>`c81KU!=~O77i6@Q#QGxgJDf^%x_+Y0EZa-pp~qz?iW3kv8(iE*bzL^D>ep2 zetHNMK#;h=tii4Ny~$~qXUcfNJJM>A^%Cxuk}yq4L|l*Vqg{Me)vc?tK6~{-1J(=h zQc(XX@=a`-h1EL(ErJw53Ua|?27KllPFbi9^LC^N&|tjijYkFgq#fo8@HE$xKJY7l zggt=*zqcscwLz$2*OF-K8d~4E1P-d`^cmT6&`ZF4A{>8^tRP3$R#xY|{pJ5^nb-@E zU)IpuWj@P}^bCaZfdMDs?D9-=p+ACe(PBw3<3jM{(QyP^&gWFxCDW_IX`!Ai2e%>_ zG2>RjMtdoe;UmCzbS@2mO82#W{Kx4shkKfl#ig2it5mI)Iz_v#-(%#GM}P31((|1h znowk}2M0Up(1_w%+mzfLi3$E@3rOGAzKAhSr}oMjFsG%(HPY)IE~FEjZk~+tE)U6% zKkN4wz13m0)8u{`f+YoVpd_Gs=Hpg#Yaha=#G^C=Xrn#;!Uu~JZp5aV6W3qlOTZy1 zbWukHZ0GEkpJp1m$o;NdE~mS|WSj&GK00M1ZO{bIerAJ!GnxaoGsedzylppNbS#AT z|4@7z-`-)tENGNZ?c-6%d09k)oVz1Fp4fyeK3J)aoZKg{Sj|+E#=UDYf(l6+Yynw6 zg$ekRMw_?+Djx^SW|UT4UYHhVt<@jQSly(F?!HbOn~N(Zlj5O~wxplsCr6F7`gC@E zGgqx@u#Lh1vQ-e^E1r?icq#zu#0TA|I2WLE4eoY$C!LwK&(Q$bVp~4$ zyD3Qtz)w%4D@e+x$B|5pCbv(|I2!s0u9r^jUs{5uslmY;O~A4EbH@~TVb5s6>jCcW zB{(PVkUkldLic1;JU0o}u}mxH!+HlmOAP=94dn}~(o>~4{uVf*cRbw0QY0qGhp0q+ z7uXwB)sZk~8bS$_C1S!}a#aA^$VlDv4hF6-CwP*crlQfaLGF@KbN$NdGD3osm(Joc zmFuZ*F6kwVRn|!-MoCTHFBL20ZIKX!A|1qkO=!$YZa&t%f$RghY(zgW6G`D!6V#9^=H6Pb7Mr57pBjAx>z2DckbcD#Mm#E@ zOXE&f>+XbCcAbCPx~ZF{=C7>yFCiIBL6(FaR{ao|J7s3T$#L)|?&BGfjV0>@=Lb~y zBhvfe%(5IeAWzJ;V^I>yYNVjGh!-aPv%*Y`d$jbKqt6ICp549`&QFrTst}=S;ptRX z=q`%Q(qFHnNsGKndP~kr$IguBgSf%vuhCk$ zh-WfU+iqlSZhw2BjaG>pDR3TExH=Ixk50R+tp>dQ8Bl8wfyF-agVr9aL+oR zlOvHiJXTdqGyoGj%5YwA@u~o9xn)>SSLS1_Rl>sABJu!4Q|kt6ySDR;Cw)J5IR$cc zMH?HeJmwSMi3~q3?IhW)7pQNp+B^)!Zmf$j@< zxkEHfp!DVW)Wg_nrT`6yf%@<)GdO}()@+|$CJ`z+kS$XymLMz87$^B34mG2XTO*dY zVTTjAkqo;nr1^TAm_%HSD$K={}?stkm_-!^Z@u%WsNQ*T_)Cu#9|LH;*vM~3+JBOYcKY` zg-Vrk3&S5@v(-P0&DFaHoE9geF*X^S1%Saj9do1?86GHGq3Iuv%Qb!URxgG95;<;w z`1b9th3XSChZTTY%F z(C`E<;?96`*G%Zh*J$!=qS9i3;{@4W$RUC5X%(CO9yth@QDdcF=24%;{U>K=LcZIG zl_|*{^HfsVKcBFi$cByk>BrfC|FqM||DWpD%O>~0R-1gGt285mbVbDXIs ze@oNy<>S&JA*`e2Yr*udWF-N`3e@>bRq&7(90o&@KI0I&MSyWsN{ZIJ;t=-4yH1Wi zW(ZKTF^OIjUGvd4X)39*N-OTD;NX5aTQtf*k~!El-;OR-9fv=1yo7x%6}o;jhIQq zo8MA#K#D-ZmV869E(3hzzWfrvM~diPVA_TaKp&haAarp3&{fIDb&_=B=5-g5EWb)O zCa%0bh^0Ju@-fb1h*jBE+(^4|jPj$E0X$ZZ^P=BsHK#+zw5InAXN>Q&rItypS;@~z zwp}d!K7{vb+qgu=)g0;l@Os(%i@j>Tp0OKH z^K<-e^=3~1+Y^9O4PQ+59VSu7i)}1q@5=6ELx}2TO@6_3BD%>0cF5HfhZ)n>mo=;q z!jCAP-Wi3FAhht?QPKfG=bWa{NFiR@aI6Urq*=cCW!+nQGd0 zc_W7~N5I<2xH^A1;Dh2~YLG#eQDgP9rO{bm7WR<{NmZATZCSQ(GuWrRle2-Jm+^jQEY85fZooZIU-+H4#HN0S*X+*wZBtzh!; zGzPX_+RMT~u3jmA!T9r$=Pl>a)$6k@dzX*;X5Hv{zcsD7QD(|4q)?zI`se82VoIlG zeb0oYgV^%KYcY>-H5TWo#7;xSJ1I5mm4Jr+-dfPaVRZ-V;9I@71$|HD>kXc`e0IoR zIXq$OA5|x8F>r|Cwlk@3xUt_gIj=*KiSd5NV&1A9nH`&0e-^W2;XNk z0fTlUs)e)%j8rse$9M+?6Jf-3Yq)NdqC*+^pPJl&-80^EpI+U*$GA+9vzx6uu`kjK zN}f%t4pbU@6)z*g7_Uw0O}n5ntK00v_ATMNBGf{h?wnG&+TVv-AH)EOFy916^_J4! zZ0K&q_s!XaAbfd^JsyR<%v1GcDghd&s^+vplii<_M7LWpOnvSOd*LP{N>Ik=b(Coy zq>cn7w1Co5$=siix%Sa!3??N9>VLISGKIk>UPK_jl9aJekOBlr5v3~2VwPKfYTM1t zMs-R%+ko|T+(ZP?yN^{)htv~Vu({QXUrf8X_sS|~Erw+9>tl*$%IS^#mI<8T`wkr% zr(pU3cA9ql(VG<0F%1+z-ugdp&KOSjh6hPfZgB~{iiWsWV0${5bJ!QR!srHMewOi#y5_Jh@LK$ zxiw*f?bM{cF##@Do^4!yJSx2}BE{5TaRkii0{#)bJ+#p=ZS8PNWO@6SHh_Kj^c1E- zw_SdS()`W<_Ua6*d-TeKL3W3tZ1=hC)=aXggkAH=iO3S7(Z43f(gqP>V5o=^l_WVn zWwvN~u%nXsl3OHmZ`@Rny>$j>PFe1^%4pK_HQF=Zr+mlAO0ystaTv0|Vx#ljP2>4LpCnW4_! zL(EeLPSruv3RwOFS+=a1wJuJ*s;?@}(;R670yS0c{9YcJE3$;@H%B;D2buGPT0?=) zBL@TNCrbUa^Y+*_$NHAhYU#UZX#Ao7zN}pI+7I82rk!Y3xBn|bQV#!Z@BG||Q0`Px zb;FHM>>6z7*T=sYh4nueMXo|gg}^vo@|7ekUU%!;4l7s%roZZH`oP?~=82n_N8FEq zG4o-{YvJV!{ReD5?&yoZ{$X5WfBXum9ACX7bphycG)|>33uK+mo^h)Y?`FDUKn=Si zccjCPaD~T8af5rH$PB3>y6nu0XCiIeptYzy#qumTe;=Zs-n%)zF5Ntk8YrXcCDF8RtF;uh^0mt!@ee!rY}+xGn%ktFdG_n*fcqPM>rWwl;EkjC0f zli~%|y|dqZ(c7BYN^6lbw$CM@BO+y(XL<62g#NOvja2`zt&)m>KE-Axg=5NR3vBt7x3(I^VLa2Qyk}^IU)XRG-viA#&RnHldvUDfB~p%QXL`H3V&8L( z?WWdVcFGr8?Vt*-dop_u@9cRVd^wYthj66%NtJXdmLMLLn>GH!UQy^^na@C%*v8+K zw{CLxqfe!w<21Izm@!NKWU8}gHiiF-2VHZ@G9H^f$%;Dziq6Fr0B`A4be%eF)*Zt{ zu14$*(s%v^eJTcCUyAfAE8#Bj&`=~)gZwfZip+j~I(yTgj|J7OlHRSapgRK?L7udM z=SrS!kyKsfE0O%^YY%~+EC?zBvcUnI3b7Z+swhrqij*)lR(^9(8GD9G#V$)lo;@1^ z?Dz-(KtSRS!`oHvSOBw&VE>yrbmyN9y&w1O z&kB4I4|F;JE6;<1BY{w$kWBzKdaDQ^86ys?6Q?IFcV(ooS9U#AAyP#vR#;ZFyA@_E z)cresQjiS&b;_m0rrjzBb|4z*9F9Z#(jc_RV6j}e_7r4!dna?dJBmjc_@tTQ`8tg= z8E#5KPxAjk+k1yKxo-QSAOb2PDj)&^DkuU1(whM+bm>jHO7Buaho~qhRhmdIp@rUi zRRN{<(1TKwP^5;IaNjuRT6eFz&%SH#^PIy!J`<;3dB3-e@hf9Yvxm}#gsUvR5z{KX zJ2N^v?H#_m4(iU4q^p9*{DNrG)s6lmJC3bgJAausVaLtUkDF`$5T|q42n4t1u6ye2 z>ni8;@2sSQp}$D+`sS-@UDR0C3Zts>P!ebl4l-*}X6uU7>x28a%F8~8On(iRKWVh| z)Ec0ANMt#|8&+}>AspM)+^}EK+|C|S)0#kVX??X$?%l%zHO%>(~Dkb=Sq+`4ggOuzycn-5varh4hu7RdxZl$GUsPHg|?Z7 zi}R(TUCHC%+sd?@z*m1BpdlnF629{0>vcgM04k#_`XC;sDQKw8)dKhXX$eUIP31|x z0!m-jI!6!crpApj%IA-N9^Zm5RVqsYd6vpi3qhO4R8C0>JmFPAa9_z!ToC=tJ&ob{ zzGr3Sbi-eGxHfwl?#tt=(A!!?IsSiYn+Ekoodry}%M6aWn&ci)L+wA-QCqR!y8}P# zSi2m#TCxC3Sf7+8XL_EasQuP>>o&L z77@!;uzLKbL;L`n{{_13`iqQ%?;1B@3PmkC&4d<%6OXp1&s0YjYvmbCRRB}J^S;?g zbX$EJ(Scnnz;j&Aga@a{UXUvIH86^==NkR z%5IYC>ditu97nsbW?IQrWKoxb{~d}^{XaFFD($bo{)PVVqXYJhb2mK8`Sw(amig)E z66ols%s-Ztl?b>&&+X<+nG30Q@U;c_B}C%O0@ch2xM5%5p}bzV&uS3Y&J`dXYRli4IL-#B0gY{_DvT zz(N!8`TzGb3I4S$3`l_qMEv>h>Qw%l?847)fGKGfo|*ghA%KO7c!P9>KTyAoH5|+- zDNz1l29P7hY>y(`z|g-M{H~byk7{M&|IK^+&vh?5?ch9yN7b(Dzo|j+b@n=P*R!z= zdUmUd7T?7-5K;IBSYc-p5RFOdcN{#i9X<^9QwI3@Ny~nDe(E2*+p`6qD=Bf%v5Z}) z7bxz(g3R_#-o+;&5hvClC#*(RA3+lNhu-NOIdWDT5WxLL4 zyu0nA%A|tn^fIpD2F>r38%sLRBnhC~-DO*&)X{bm8?g7piR~|5dV(+JF&qw)B4Gri z2pO)rBW=4e={5Gv&Uo33c5f_yFjWYLV@@+N27i(N_dyu9Kifr{CFt{?RiJ!}Xk*&8 z%de_pp9s{3l<)~RPhzE`?djt9Z0Z(#^`-O6+MpDMO!&ZGJn1L@#z!PN|kczGkE3^&7N?~d*H^Xby_S&?*u5dh%mmVDo;2xRd-i4 zqLk~EBEM;Y0j38YR}1^j7aszYY)6xJWh!Z@v<^}Uc@hVXe@K&RvP zT;U2nlL)@2%8HQ|FWd5qys#goLEiRGq9H<7y1wv~*15 zGU`Z+8q%veNrF>O*$kL`m(tE}M4Re`B*z6+I~;o|plw!~{s?PMF?IY?LsAD#cGEwH zdiMt9TRZgoSYCb_@hU9!v?5o+@3ZfLNJK;H#|NTQf`5l0MISL;xP2XNaWmi9aPRH{ z^oFZ}kvX!m%D-q$mQPVo1UvjwbI|z~I#_3gUmm9aRbfE>qo;PwDTQwL_g;LD;uzc6Z?BosYt^qfoSXmHbGCzGfmtmt;KKx0XrN3CyZC-+Di&bTF4zAeW z_`UI%-Y;8ra{lTZM%;bL&H%+Kd#hQ_>wradW7lLwl&7QX>jR%?4 zk`nr0FDn=h9vRLno-Sh&X1qlU`ki&kAzRjTQ^KLX$~t~>Cq`iyP~sLomwT4pz*<8$~h=vYU+)Z1Y1BjcfZQqXVGy%Ha8&?!2)NIB_htRFri%`O6> zNSZL6hK_6ET5E}0rynon8MJzDS@%sbt6&t4x&iM!Z&aDB`8d~b2HUs1QXghrIeIRA zDzb#TKFwsHD!JDe6qjqXDjyk-$!DbH6)$||1hL*7tH1yts6w4Z z`y-x(UDrS7Q-*S2O}sScjhh#W&-a@c*6?89KbyAXncTi>E@;TMhPvClN3nW=^g)C# zt8vn8PV?qY_ky8u+}I1C*QoEFb;$!WAVTp-KF547@}+C`(75OKy3a{~aphHj zS~lpWUjX|+D4h0=o~Mc1&`X`(T&r6Z=d7wUwv<{bgygI49}jIfY|{pwic9};BQ;81 zQIISXA01Gzpvz5}ONm?R<#d;PtgF%g-jIJe6;z*jUYNu1PMH~0Yps*_G1@F#Trp;k zxeiXZea1=I!I?ApdN>UFgM4~ff#)7|PZZZR(*Kn-!-4(d6@|{%W#QJT1#qAI!CKKF zjkTn!NT4Yv{S|X4FVgf~+D5`|4386)Pc!1(e&!OE2d(f5KWR%qTI!vwd6GElUgVQ` zdD^cn324+_?U=p+r57(+fPQOn{9;Q;oj>Y0c8CB_<#d>0?V7amb+5jO%7C{i+WP$w zUl@s%FaM>zNJFlejQcgO6r~!O^kIGw3JFb@_2Dl569y15d%CUzb?b?!&Q}usZY^WW znnGXw1`D5HnaDwTG^;TqsPNA3ajlA>0M!jj&Es3zBV(C67LyI`8c>PiLG&0B3YAa; zngEhhP!WyFG1XQ1dL+8tK3bRLg^w!A!OxxVyvc!y{vIEa>QSSj^eBDE#5Kkk9x)Mi z5fiFnJ`j=g+|nvM#bxN;-zLcLtfp5x*&q^K*7Q^{=c$=pwy6fklC}-`g>8fZLP>Wr z;xy13=Y}P^T^4&${7^zq;PaTA>7*9WpQS#lBzLQeU#A#o(^a40f_I$3X!~ooq!wXK zJB$Z&kWiwo@)WAS!3p$%6L(Srf`CPpVd{S}(*~elTGPJocZ&2)Nr_X+JCimRS^Y@L zFTbu;<<=(;IiqjF?TMR+FcYIDkN`jT(pFEp7osQbi!6ffB=YuAlMup0ZgQTv4E9V8 zrIV{Wr0y?Vvokvz*y|-BnVh?@6lf0PDcJ_FW53UKw;$*P|KB~1pnJP?3L(5MUH{Mm zoV5-A8u=%%F#nV3k&vvgfWRC4{97UJ|DoW+hv~1_j^Ex5eBkfz4;Ya6kOL3_Uoq3G zBIGynfjsYq^RbzI(#9vARJ?PJ{QV_k0N-z{ruzDIO_opl;^#cnU6^q-hGe7#J-YK=|qjjwSi|SxQ(- zpb2fC-3;r%3B5ul&MBi9S`q^NS?3eAzmDt{n1ZNFsVUs`BqB^Pth;8QMB&>45A z=Fa1(%AbSWXcseDY-izO8inZ}q54IlP+h5y z*keI}K>{i`vIq8f-^Hq8d3pEI?TrdD@jr#f_I<9U$d=V(l^Ih;=gEvPh;FNm$UnJq zv+|>c`yG0N2Gco)Gcg^}hXQ=6Y8@PFwn*K@k^FMQxTv6fe|GAsVyywHkO|`Fkkx*~ zd?(+pPP47DybxA|1RC7-J03Ay7?(^C@gq9EXILizf!Us+K6X@xr#?;O+(dHf=RZ1{ zRx^EVb)wQZHhMC@aHTY394zpmFYo0U!cI~r_Q&(yaN7bkpK`eP5|?Dn2dv(rCl{ef zo;|+TUwSld$g)X%p^W&=T9K>&46e@-#o;CMQL#WrZ3z}$1L5h1n%Txc|89EsOg9j@ za@$>y$R`$byY7nllb?a^gg%PI1dQEfreyqN?RB+q0mlO(l0b4=Qc_p_QKB(oWpn*~ zv0CK#n5u&*7cn0txfhGb6;~$e-T#zmdo`j>{B3K-e_kwC!+?=eo0FaqAc4DMH*n0u zTM-;(go#`qXlC7K62SZHKf#y##&S*$7YrL%hoJ@ zx#0!z%QUTq}itaar3GRwEu# zHXVisJyYsiRIlI;0FE0|4AE?D?*3J#RnGIt9ntj@-{QYfo2rHaq6vd#mbs^uZ?k7g ziOy_hcyBjvk8Q@OATXnxPJ3Z0c#;N2*Qx#w!?l2z^rhcN{pfZ0*;`AK(^-zo@cn80xGjxNVM4uYe6tNmRBqNutPp%H{6~p)P z7j;KPUm4zFKB79-QZI7POV_z|bx8R@WW;le+tw5z^c<%@yq+{>B(bRDE^<1hT)9_{ zUTVrm2BFQM8!#%cuO&0t zHm)BS?-_Y0D{MliQ80 zUVX6})EgTVBti7RgYKa4&dh$7LJr(q02Ngrx)2@mnVnMJZm3Z?GBN8t5E}$wGP|mE z#GLal-(^gbhy9l(h|i93hRM2v{E*F3pmR9c%XrbhiU`+?<2MN3D%5hb z3w!k$tPw3xH;oIy`fal0$7XP%hgnQjup!dzM7aBTw5qRydr#jx_q^>EI7Uio-uh91 z-aJ8YPy6;h6o_YH_2`{lCcf$8+~+PluD_mkAMws}Z=`Ekc?5WO&!6(&_y7#+c3L+b zuZ3OumLC;zv`oEb;_9h9Qc3u(JTdE*73h&Rfr!~VD(~aQYmeYO=UV(rF;j_j5L&O3 zAElI0C__Cn)c{`v?U3r0!-J9&66wC#J$8s^DmwEo z5&*&HhRI9Ql|Iibh<@P%v^v!SXqyX_~R+IdHV%6LKzJ#*L#2H z_{DSk*N&OCmTVGy>F$<(RxOC4X;JSwYfTxCE|Po!>L@nGCUmNNYj%9J-%_dY zycC1n(1eica(Z~m*`yP%k+NL7l{%a69}4|E}G;<`g;&fG8mCy9RW;cpWCFE6j> zl^_n3T0#b2z4^xRy;GrJ~_iy(lBuvYXb+R3z#205XZ3pj~Hp;s7kXNs1IEiHD-3+dMV9szM1}RkUNa~IZUs6R@5AjDDqpxQwWE}>O&u#q zQ%dQ?t<7&bRPUC7buRv~c@KBl)1|-zNwxY>7crcOWD-YJMt#9Pk*Yc!UcBeS_hK32 zmI`*a(T6!H9%otJkzDN4I2{7=xbTknaAm8td;n$9-BOIWj2fhi5s2^B{W6{JWbN8# z;P!{DwidqLq)XS^Aw_)#rq}iK&nIJ2Q5+z9KdaSrcAoPVCBw8-sp`+Z!GOjLc$e3y=PEd5f9{G zm9g{wc!yJTpvqTisT*}erjVY9G)lDUnwW}|W4sx?137)8Ko0i~4?P1(^OZ-J?gZ%% z;#U)AiS|S33QovN_ZwhdhPU?Hc#X@)czlZWw(=Yv+coT{T*7$`rhMRBgd0@~pSTyC7-(z-%J=LLtRZL`;ZZ0|LMVZIl94 z`CUN#IKK3j(GoKgTKAO?XnRB;o-AhyeK2Z_BFh}oNiTbUNajKrZPR$E60QaHA3xxM z2oPU?@IR2b+R5SGz5y(^4Cqae3q-8n9i7<2>Hj8sAZ({cgDb(RQ{7XF;Y~rRkNl_d zTP%LypKlm1moz7<@x!)BJ0+U4LKwdRmol=J5?v>O9E04no~8Bw^!`7&P`R9|jQHL9 z+(K_TPm2A&KGcxw2J|761Gc0j3ez6|BpC6 zPG4lDu7SX?8~|lcOx0Hp%~!-eu{%*oe6RyH~j)F}Jo27nw(?(cXH1i!w0 zGgr+uf`T_*n7Is}`skB3Hy1sP6iOgoM>%^o$MTD%LihY~r8ME#rboZ`7JXe-G1S#P zauc#XyY6BrKyr-~#HypfXt{FqKJyYsA7=9}V_=bml6u!3Z_jmsJsq|lM`-}uqqi*m zYmB2}2l**muw9?S=Ay1&YW>*FV5;oqd1z+Cp+8{Cu!LHoYRFpKodVT0CN&LYw6&_U z!s~7r$B23wVO@(o&ym=u!^qmZ$_YlFtVEgGW)_tD&KzQ<=yqPnfE>)hKl+cuZ+0Vy z+mnohO!uF@)H}et`mpPzTDvE>dZfXJ-G5F^Pd`j={{ z5;GGL2ofpl;yMIV{5@0bs1$f?0-1=!bX7~pl!+S;|N4_~+9OdCAu+U)MM!Q5z0<`u zNYR0(Me9oDO8Awh?e*ylsk()KF4Z)Ek`-vqgmGpSy^9s?h2`^EvvfauqSldx7r`6T z+$QE$%UtWaauR>i<1pAcDW0smk zm~U$FK9mV2T z6GRh61Pz5*&EWSl$j*=R*TBF%6BfK|=lc)C#{XGv=j$L99dN1g5zRdh*v@M&X{tdv}+B(2&&$Ayo)&1x&ri8rk!xi<#xkzhIRuXQc4cSG3%JG*FDIS(fb8D^^J!q@#m18iU97v?tqg=I{MWz zn6Iz#8=fYEiB{93-^WE9S!!!U2+7Mc=ZzV%IwRIn?Q;Aij5RoHg?5`#SA)G?_gm|r zk6y_Nl~7TY_?wAT{KO|m(gFg|?Kl9HaiDK7nB}O#{<7(=xZ3gR+lxc_65XxS%=9y`(%gi{mAx$OP=Jx- z;#3Zce#jbs>>a`RWZF+k-m#nAY_ZtsZqx2vsUl1{ye;Xw>b*_#^6Pta(&tLu9r@<~ zCO?!CC>VBJw{5n$)`F9AdL*4qv_t_SG}>hY2WJHjuJSUX8nyH8kSt7yUbLr6zjk5%&%QyrtkLyAAvI280o5;5xt~QzAr8 zUMz*Ofr=a?=&&95j{>K+u#R1O!7%o zvIX$;o$)u)zUHOng(sh~6T+3@x%Y`^n*1)PybcFtA_S1*x3wL3M$ZL)8iZYe&kkM% zs-s7fEp3h7o~j!_1_IlyvuDJY3t-1{0D)$dIBGt1=0n`1b=GY?_mkIAcF50U3i&45 zsjt3Y6QL4UC-ivxg3Z(hHbF?V@(ZmN4q4GD@SQohW)i;{R&7Y?ezXZ}TR?)carUjf zkKjz^_ejQP9%%>6E@^+J@UC}6=3pyucz-5M8TC?UWLF|(r-?ylsYx*v&Zd94S~NY{ zUMyMDj}k40n(OGf_Ez{q8DMi4PzUv2&!>M5XUA7+4TSo8p3{9oyJH1w`UOnA zO%<*66sMLm7)et-Wu)B@UGWfVOV7>d-?jmr2F5bC;X|gnx{TYu?vpk=lKnWJN{P(* z@#FJ`z)ZgIUQ^Y$lV%D~`rhBGG>Q_qIs1aHuLNV;i6|xAKEtWc9qu2T99l;VT3o@_ zVnmJs0BY?DY*gFm(3VJ(Gzl`BvGy+ao_9`UnqEyICm>&?2;?vRj1RC*O1nyzcbfjf zW|;89XvT|c@jFJhO0*=zA+=)8(m%U6Z2E*U$GYosiRZu2x_J@Vij!OTPW3N??!h|w z+eCcsx6rFafx?~PhQo;zK5>bRVd>FJ;m^KE53S5B%{ZwtC7sc?APbDDgY%e!Nw=_T zgt%h-O+K0q`M4*w*dc#?GGyZF)Khjd>OBlXetuH%QI+$HFdM<4tJkFw&cG7C8u$rr zH3M@t->I9a>x{Tm<#eTFQ$~Edz6aBSzmQ&Z?#m)CQUZF>BrkFzR7uHwyk3l=%^ z$LOl+Y1>@AuP@ui=1mO7TE?2%-kLMJk-i+8lj07G?Z9EZaj8l3hsS?bNWgl+8ml+jx9Rza9Bp+*yV&AK}NN4^a+s*8jLZ;JF)D_NZWV| zX5$s+J9oD%LWl&{TRXe-+WQI0pVlp9Za*O93TEHl$mf(jlET@Z46^MuFgo7|cJhbB zjQLw9l#RAhs+(gmY4tYYuism@>1OBb&>RVHslBEP_uXhKXKP)rSKl0WF9~pEp!(6L z&sL+wduNDQ!-hO4s)ykm_w}k98M^9CT<|@}2cf3ahZ1T6pZ9O_e~7)kTgQJj{P{_Q zh}f$OB|aEXs@6&aHnx#JKf#FGn}2t+6Z!y_z!w}~HdkR!O43?9q>0esj-qmRUs*eB z@NlH5PQa%eU1c-6<{#U$Wg!n^PODSM7bS7)2z&3p1EK%TyZxJo zIYU<_v1JQgpMm!U(sGOVH#H?1M`ztqWu1nPeA5zYdEUvBg?s8hf22|{(0Zs$+f*FT z$5T;5?*A(+_f^Z2*_u+p*CoM1xCcW+Z?({pdKW7r#QUV>{QJRwrtY2JkWp`#N~1Os zEo@PtZ5qU?+SxutaF}<^_W2yzSB%aeqnpzDoa3`UMxakflp@XSCAN=F;l3K=6r10D zyLn{1v8NDL@v3Zf=C<{;e1xtqTg~uOvR8UHHNNHC>4E4VH*Y}WoL7{)37V_}BLy_v zCd@XY46DX7%R4)G%Ay8BYO2ZL(;lVSCCu2qkXsTmEoB&EyYb_>+V+NwjdZ+UFT%dS z5C&D{QW}cB4HSMwb~p(~^DG|3neP(vZmK!*`3JhxOMj>54Ev2dhg?y6Ty~>vUbpi#>0Niv<kkPv|If4@e)dI~v}T zo>xiP=~Z*QZYkoaJ3q6Y5CeFa4e`W#oraG0m*OUl5^}nuSyKdYqw$Hz!O=mn zN`l+#QXPhQk^%9;-n$v@$K{M1dNsB>LN#~*#SLb>g1LPX_EcAn3>eA`r+BsYLH3ek zbyl6PC3-)vJX&kw67*ei-nVjf$pVC1zr0Q(W0Yj2aK?zKuiiH`%|r=;hWY8xAJo^h zO0q^7_87ea9qT=|gWRRWv+qhta(I)$kCU&A7P(hP3I8J9WsBXx$o+m|C|%Sy%u^Lx zKjoizfki>0x8+1`ekM8sg~+z{L2eQPMSR_|&YEL2^w8_&A>`X{I*;LRIXC&b`Mb4n zoR|_fTIF}-MT}hUP012{bVo*HpPVd&7{X9*+<({Z)mZoUByeokD5}sZv((*4!MB@s z@-xApU7mw4Hm!Jj%Tjk1dE0!Cm*hqA(iy88m)Mj{tV?``A|L5r^A8jGAQ50@lYN&u zA_)3WZ6dwK70$FnNUG4$&}3(VjI8p45ek>Rv{t2~F^G?Ba69E$HR~?FY`2v%`6DqU zkuK*YI%urEA8lLavGoTn(kTrxa$uKK+Fod>p-OQ|pV?7NCu41`zoUKaSX=CH; z2yCPQd)&)Scg4+%NQcR-?k#!G%tzs%5+ue~v18xfaMT?qv2R$CP!C)_zfgol`6d zz2YY#0nOvLIJm{z67Bx`sm)0#5ZkNv_jxxI50?vV}SCJ>(@fJ;!3c_pT6gJ~^vc-D9jWW|*&vN@`E8 zmfHC9M5$zlGy9>83uULbNgaZsf}Z4=H7G^PYyfmNF|UScZh32CU%WL@mEKXZ5O|Z~ z5seJcd$m3mB3iYcT}}q4&Q38jlxAP5m+9j!-h63m6iZcP)i+PvA(dfl!;0jw?44o76 zt9Wsya_3<|YI+fuBWA7U^`yTyv#J!-O4>+}-L?d!6jhh3kK;^)NiAKHBJC`(m}PM2tGsPm<`Pzwdr~Ak z`8$6?Z!@EHWAC`Ra=nI>q+0BhT&3#B*%oN#uR4bB+9_o_FWPs_+BnZH2|7J*zp@%D zWW_{VrWKqb?a-(?gYb(UcJ{}VL{Kj`H>xC}Y(B=fWT9QZhgrzlWi06UJ>eFou5X5Z zs~B1=zT;VPEyZK<98|BW=L%NUeCEC6B#O(z6`jp_wLC!mm;rK%d%?+kX%qVb=Uny? zIo;&SBIn?cYF-GzJEN+9uPDES{ye^=8hoXpETCa*9j}CvnS5G(ie%LSoGmm*6CW}- zk5e(eV@*NDUG6HhT{G^vq7s~EiTbXymWSUEef>$STrE2JK z$&Sl5yc#{(+wX^8f=H-ZDvam`He1a%Wb|sGi^YAiKEA}~6vdjWp;y-5 zJQ;YpVBqAh`uuy%C}PeF-?Wr4Yjw$bzBO19ZhD+&kj=+2mGk zkLusSB&SM7ip#3X3VeWz9SP5?V(m*+DV|F}JilC#o1O6eh{~RUtI&FP;z4XfubPU`p4V=lp5!^Sr1nPaG0 z{nu~>50lWR0tjn%Tx95(*}lqi`6c+2hjPscIj`-xCnD_xI<^XKp9Z0kvdDa0q7pJ@ zXCJC$(opz-D<|JRu=DA(q^QOjE~8_xClxz}B>$-7SBv&INAgpWJ5KqQ>+6UMO(rm8 z@miZ`MT=Y77z#GN+AI6EugSOCmTfU^!dJP#8fJS0d6E6Wl%+{*DEayg9n*wLVboCN z6R)`2K5OZSCWiOQw6?vLq0FgJ`!OF9k_PqVSxCrP{P~_cr^XYv+#D6Ds@XQ5^{g&J z7p>}cg{TiCid>x?l6XZtXiT-6_0MW2OqH>ckbqLl69B{v0&^l_dLWS)LR7VL?nv~? z_-2fNA`#QR`G_T3lk^YyP4Q~j7CZFnu4j*x6 zJF9H$L?U#IYA*4aSnpWiQ)Zc9GT8CSNZ`j%R7OvQnko7ewgizIW-H;LnnTaz*`u!r zwjg;&$Bu^Q%>C!jUWw<_mK2>SNL#f`4O6L!kf(${kLdNPIY~(k^Thu6%;IOokHzw# zdw1dncKMADG@VC^XyLPEPlr6~*mgTwh7b96eP=NE2|`~B)?UI9*jh^c!N@?g;F5#4 zY+a=Hvl{P}a7IU%Bx}KZYtDbL6p`9~SGnKBVq@w4WGLyE@m$!%mND_NCH&R}58w?j zg(cXS07S2h>5%~g)rBy#vG;i86CG1CPr1`@X!+Q(aj7Dj2JQ4?oTBDUNN6+#KgLKs z8KkJH<;i0O{uC2j(ZV5z@D zSJ72}%Nn0YSw<-50Q8Z*T( zdL)(U5p z94m*es2r{zbq>w-7yGiURkl{K?K0dhpuMxQFmArRud0gf4Fc%cn1fu_8?hSMHZA>z4GH+#rqdm%1HGN@+E4S_g*nzVE9y3f92lZD%Hi;h~S0^ zu*#MSuG;mF`@G2lI7sv*hpBfT{P54wY22e$L7gx1Bb-`e1YqsM=EFlsb(N)e+}7v) z%#sYM`R;r1n?8NLRhDotm*5PRILq4?qBi^+=XD%HGU?|Iki#V?Z!@FgE{3aq6*hcZ z4FTMU+b?t=_=e{7=&X+k!VNw)BIDK8?`JAJ+6oz$^77%#&vhVG*6B21%Vgz@t4G!a zI73MW)}Ef=cVYB*`UMjJQszMlVxJTdGRu@$h3q?qhoe*UzsqYbhH%uas|yp1+j?c< z1FcI=S=T*RK~F`;bsVYA;gdafHKek~>udNOg2W$!HDII5^T5Qy;+pVvsS?il86P41 z(VVrjm5}7pv_0Cm@m|RIIK9RU1ABxa?uRsE0sW-pIMReScE0^8aW0&FeRGoE*TBp( z4hkzyZ=vu035wrI*nV%$kMHIwej#dgtDDJlSBGbAXJ+1xlDtQ_qilo9`^&_{P zE{%WTi?(xlenQ{gh3$Ff_(i_=s?sVZe~k#h_vv5lOq|)yW)*Ao5f0k1xVuspwzq2K zqDJK=SMfapPbkEl`lelgL6;>=w!bG3Okwon04FMWhYF+utBoFr?`X#(?|&vJ*IZ7P zjWn)4*Ee#Ct|2ePH^CeCb&gl>=jB|*=oC{MoxUobr-yG&o$l(x<~~68y7SE?yc)x& zt9LXH#iTR7IQrFElx#0w{&AD8(nU+t9xHbA62AIN&Zp4%6l>KmSZ1%m1n%9TIHipW zsL#*33=Da%9J3Iwe*xTXdFaNaS*Lw0fjK+%K1OtfzADeM=HLb&H3z>*-N;B7t zMv>~h);xRaaXS{q_0SO$zmB`C^Y=ZgZXmeu%U(6hZyu~Q$hx@IcsuY=Z5Pl5ft}cf>TbQ*xRZ`Op;)9g-u8#lJb9mtD-{DF|@9P&zsO&xT!a|lbcuR0M_wwt! z7JIg^oM(9F+->XZaHbN=b9;7${b_f-^koqJQrd^bI=;4+f{R9+#H(JP&gr=$oxq3r zHtgxsKv1hNIBIV%*+Dk9VAl?%n*4p_DR-Wt+}DM`qE}8+|CBY7r{=DtzSOJe;$564 zW@3xKvDmovv?jzBVo=kJ&28&E40;CMi-hE+qZ$T1C+DBE)x7_XaNn}UhVl(Y5`MDN zxMyW)prs5`^i&DmE>17W0;^5(BdacKx5~*sB`u$T`+nRnnbUcQ&9d+MbE#+Jv9g=8 zW-TY}#nLQ=1O;XPrf8od`qC^81WdSy%%?C@2=TNw)5v~CQUDVo8$KbY)Wr>1Ih{m& zj#t;GYCeZ^;@zJUTx6g9`KEcuJ!-n}ondfDZ)K%WaM@Z`sV4m~MNW-~UZ68U=O%bV zqBz%dqQ~@hy1bqn6xiQDln^gQqBM11qcA6pFDN@jdQ1$VB;m=yXVE-F>p6JMA(aS) z;qtcU-XzZ~i5DBQ#dHNyW!sfGw_8zbafOzs6)jS8NWs`60 zkExRs^#V6%!&%O?Z>}9Bcm~mqb7+sqmPWx#Q}fqoNAb=YwwcIDocnZ0;Rbe^`6Oi& zs&{gEC$vT;#>o?cx|IGgLi|eOl*NhXihypv=*VV6LT%)!YG?R78A+*-u*je3)WUPm z9wLR;xnY|Nf->#;Jo7y_x)uWnoD;jvWIMHY;|Tym>LX|n1%8k84L!63(-Hb?I`yIh z`TXN`08l|6(HM#m)@@4t9x0dy20C)+j~pIlmT#(zEevDs<23?n);zpD)anlsWW>93 zMfNbsTSj)r)HZhO$$IKySFRfXkgKGyZ61JsJbQ8prE*lQ2Cz`2Oti_` z35e*~PdPW&X`i5{hNSRch2Ua>Cw;iOr~^+QskB}HF~43yAM`{r#gVZL1#4J8x!@4} zuaM~3AA28%kJnDOwMA5C{V1Rrh3+x*F0aN@6m!9MV^q_;88iAXS5B7X6 zk&hLYx51o(?lBv3uQT%3R}jf74|(@{myT~{z!1k-e_xUVz>5r}HaGm0Ly53)+=L#$ zgcBwBc%AO#Iifr(jUg>bN{4pWQ6^V1AQHoR(s5nE?FukV+X|LAd zzH6iUsB3{j_^{InJ(#?~!F!K>P>~1PvXu2?*KX_G5!nMo?pV(kdF_6WqDN_YDwai8 z*H&$Z(<{Z*^K(kr{O!0xM`g@|z8*#y^T*iES@Abhb z=Fy%tnySznB(F?}FsD`a<9~vj=!_-iI@dK7(rcQVOJCoYq-xl0aPhLXXscHI1LSP- zLWn>MHa>1YG-Y&7Vr|TTuZ#8qbk;|1zIdlPVct@e?W{cx&fmZ*#5{IWjI!r@}NQ+m#Z=+JmW?X*M6p1JV`69Cwb3Yf;J7i@p0 z-mTZVXnkRJK$G)oC91@6gP$oLi|3eH)=XR(9Za&Mp54oOwk$6)KH#!^j$lEa{9Ndr zUg_%T(Ho@Qq46HSX}6$t(;Z~B9)1elquUJ$S&^oHp_-y0<)=T8lwyG*qUqB)?s|0% zigGt&Nl@9)Tptm^q=+RVn4%wpY6_mBW7iGd4}GKOwNn(j0Jwq0uY^w?1C%uZv-N*26M~?x+`u?8(CLb+gGhhb&0tP=ZW`5&4peH z&3zOy!BNLhnu_Y>@CT6EeXesP7lXkEUrcT^D^9JwV1v>6R`@t?j^`KRk^hZue%ph% ztia&=Xloa=TZ7J=QYpmkDfPKtg9xSu)wOg!qhk&Hld4P%`h5ZlU>r>~ff;t(OV){e z$Ol^jGRnOL68SM@s zo7$c~U}9Ke68{3^k>Q0gmSz`S4>Rbr>ArHVhIr{*PtT);UJZ+xGZUWW{UPM`bay4z z`IE(J6xJV!|Dd-SMq?P6IN^p$^I8ZRi$J+JKGM>gTNHY!*c6q9)rL7lX`Kj;k%xR_ z)M60wDm=kkOmP;)bz?B=W0Soyaww`pjNBF#$6n#5nwH4fyDF)&qxEThQlVCqN5!vh z9e+{VuAG-LEQmn$X8F_kUIPI~`g@OZ?aXOh{^+_vftw!x>f`11?(e<>53M!)gu?R} z2S#{!Qrz$6X@p}5k58T`@n#SC_>0tf1tpo3l}V~y?y223K*ULxad|#(OBIQ!8BAyA z8x>l`Pm)KhtQGLV_88(!@$nrEfJO>e#1@-ROSS7*`T65Rt#bwvY%g4808m*)TCnto zW`(-GWey6vPEX;$4eub2wp_^ou^3zw)bDNoIt5)2fD$DEl*qgRQE_^J<3}71dEL(S zF46q`L2VzesF$AtqqxO)>*AFoLh}~&Vm|KIyDCJ(q{GXQm(Tg`?^Xh&R7Nd1;WCX- zscZkuNkrW1cI}6!_1vLq&1(sbA8+0ptF4GHvbGi6&x(&R0M`o%omZBK_;+xPFs(7cz44F!qEU3ZrWJn#s zH&WP4IBAouXMv;Yes14d$^rORcn7@olD9`e$_jk z!z^6loRY=X{s0uUEHQldV45b3KTF+K^HF_mHfu<;++xVs`5>MY0i#Cv1NEd&w+UJ3 z^5Gm0*$ru>{@k?@9oPW-gunA?F_pw?Ra9?v0=1+{UCH0*nT?6#Q{3nieter|_TH?m z^qSmVx#0T*n$l#K=4XWSW$d4+2<@nicR|5zOQvN^7w^~KEP8{*8){zjZAtMRzU-J5 z42;0brwt!K{qhScA_rdwLesM1C>UA1CP+iEv-Oy(TRnR5w|zwR6qy>EHWl=V6D<=g zZ1Dbv4ui$gtKK@jV1v!Yzl#Sz9}UQ*z9jDcmVp&_NY)k4w#4#a&=c#E5H$r;OlFPZ zCY#vLnHJqeD|TUm5Mq$QGNWTH}fy!fwFHho&&|xkP0TIj!8Qk$n^lOo%lU zB?Q8w%7&O>pTK%oKE_Puk2$ND7yGt1My7p_xNr~}OeCy4)CzKOr)%Qy0gk?F3U6yu z`#)P8`5n2BD&wxXO9u$g~h zNR4AOq?^AsGfzrfjllA{|E1%bf&AP{wk5mAP7$2z@X7W#ht0q-XWVENVlX%N=c6VBpmI(Nv+vYnVLU%7g=!R{>y3LvM2OQQ;DZ~9(?}oDTbNL>zKzX zhu?=U*wigENPF!5bTiqneZ*#_I7{ZK{ww2m$H%c<8YUWJ)C^*x?K6n6VjJfvI_AQtD|=dwdl3w-anZ&9??w)qEPextAoiIEcLP zfU9;7Ctd&x_-PJJuGN_8$KX1u!ePGAS>N7m1a7CWVZV^)qKxqd`clDux6_*fkA!~t zK8lDRfJ7cNvcqoH7d7>GgsD#n*9I)5uW^N|fbVRhzx!Fw-e)qTR`9HzFZ9ynffzk516wR%ZBe0^E6Q~i6H zm4BybzZWS~kXO#5Gci|D=J zD{Wqa#80l4*7zSEJ>xTX4m}FB4mRHtcy<)y;QVHHUz)ZW-|X=_?5w)4B;IjP+j#2j z#v>E_!V#-=A-S`g$=bD2$kJ8n6*Fr_>!vd7@4L<=6}fv>tII_mQ0HJ6s%PWO)$UYt z@mh&#?90gskx#UR?5kH@_rwTdtp|7)UTwS+&YskN-Y9-|=4Xr1kIwhLt47!|++ctV zMm%r%YUs468S`lts?^QVu6f~dwwN$B&y&+E_HCVPU`N)?lpQ>OnfdG$dsy@JUQfYa zjmA<5zf)Fq->6+|;=I0e7G9_Nyv_dmhc~##IX`6wE7D$bI?p<~Z7BSfmJ4tWoMLWa z-Ol=d0)_^8`8e@<5}(AH%fz=$BPV%D_93{<8);{6a250!|9+Y$;)&N05-2A5e9*BK z`5htq9oR;p?Ge<@aeW%xf8O__e*;3kBk%%@_jk(s*`Pqt(~cp(cgD6wv{`VQdiJxy zW6Za0A%S90ADMx9laJGo@nwEjlJOJMKM8&(0RY%d5~Q9!(9-q)33&Z~^xMVgN(YC3 z_{}b2^Q+GHSg*al{;8SbR9cbLrGizw)$Ag3nN)v|)YGq2*q7fe=z)5a z$(buYoXe<3D=GzMI+e8iTI%Wdto3kCnI7puVWSC2{{5_ZuKfIKX*etMw$3k=9hP1% zmumn2`llhOfOl1RAoXN&W`PiU`&WW@IzW>3xC?jG(!J_0020FJ+azssSh-A(^x$M2 zsbk6aq0i{J#@g9kyrr5(XQwgOR*_MU9;iCh?q1aO*R^q+WF1iwf8N{H5&QN$Kd;vs zR@Qqzveh{%CEPa2+s-lUW88bVdf!j-8{j+Uy$=7N-zvZ92dm-iG}TXaJ+9%SexrQs zao(2-Dez;b^!whokAwMqeHCQu+P0eTK5Ef%T3XiYfPVHJE0Npg=ly)xI0gVsQ@g)EN1eHldK~#T!C>bg!=o9)3#b9+63%a`{n`t^KI^?t&j`*5sa+`WzjC$s_L)>FIBs8%s`cDTX) zP9mml4*&3*Dzn3q9_VDkd+Ro`4|TV*>)yamovOLNo>z~18P7$DyH-T1YOIrF9Z@#= z`B1JlcmA4o)gVgL#TTj3-vB??{fVDm*X!X~;{sSS#RaXgLG5O1!EqYj&kZ>IgRTra z$68pB3jo0G6(1-b{#We_d#~?b^}p)Mda(xt`}2boqg*j|geYV-6Cu zjlR5Jdwq7;3aBFrT5Mz=>TTz{7q9EJ^9YjA$0#^6E(P5Un7K^0j&O~C-kNO>H>}y9 zzNy@A@rid>c7UU?-vA$bX1BVo7Cr;Rnt5yB{m_}nHf#2ADk;35BW9En_%b_e9c$0? zvf@O-L;wIB2~tmoHE{l40$%?Yef)jM)Js_PMmPJU=5VS{K_>y$Ov(mk8dLr1(QEn6 zsUjbIpHhEMz=@cB64Bb3#>29jq7+!=G^{G%;U9j}Y&ESbWc%xW&~$?Jl$Hb1w5-4; zo~OS{%P})NjkS%wyl(~4zR$V8w~>8lq@As_L2tUMmF{M$ro^4_rcNebN3c3R?`^Z^ zC0SXI{$n8Q7>=#Jx=~@rc-;GuzX8FXTMeh2*>IX~V5UA?*f@`S-@c$=L`?M_W6jW_ z<20lnt#P}-i-})mHLM3JTnzdx003Z@OL{Y7y;V*@f3CN7JBd( z!HF*h)7q-1(FG>LE4M}zYzQf|<6b7Ns7T;4aq9_t-%}Mae!aB{w!y_%lD17yk&KxB zPP7jp1ydSmXJ3&Rr-Efz5f1s+mt-AL#cYy%zA05t6C5K!#ca&w;|rho3-6epiT@4o zR_&~=IHrPTP#*;pOYx3}m|`}8m6_e2NmBK+(PJ!OF`J-1imH0L;p4QrkMUJcqsLD~ z@hU}+GXMZ~qr`z?L!3uKxc@>#3aoHNgpXqPB6J zyodFjf5&6?A)>No-R4;puk9AjaR1gW+`l0Y$N`LuI&N@6|IYzZNp6*0GkR6Anqy37GMw;&t$+wqswbNehaj1#x)@Ya>WC^}*=Eq)| zVluki(U)&9t{&Rm7ju$JLiS^X*QT+<+C{G)3O+J{gkr zCPn;w|I_;IyO}76?C(_z)^}T_8O$>K(&D$orh*y^L4Aw-zb< ztCWmVO>y~saQ3pp)r4dF-Aiey{^P$JDfm!H_CInkAG{H&YyEvRmCHD zN(egiypy`<#SRjFne2)}4ZK`+YyDSt&!(n<^wlzX)BmvZD5$MkV*5d(E8OQcxohfi zb(iFw&GSUl2gdsxZo}`&@~E4`z?oRc?Y=&-TpX&$q%j zzE=g_D@XKPm<7b33bOuGuC*V*e%mERbCR~7!t>YQsWlmqUT+*D-Ikd0w4bIGc7cnu ztAi~Zdeo4T=fqTG5TiYwoRSYoi~!s#ke5*sFmCmjpA%m4#{(7oEHeYorgP*mPWUB* zdGvg98DX-w6g*i0`o#d#Gmhs=JYalvGxGlZ$_)VQ@`T!WYS;{&e|Q0p^>A`%TNiG5 zH(w0?r>+?KNhf*VQ40slI(vsEAO%^IZ-_TNdbVp6ME+;($Pe9+d`g_(P{;yfbyYRe&K#JyhsXu_)Nb&0> zT?h|l2(nrVsm`YtvS zhL$mC($0DY8~D!oOJpSP6mL86wdQj}%C+NK8Wr+C-{VINVtwA)e+iuer+>KedRm3_=tAv%*0wt;^^+xQCR@%G+1$3Dl$!etjY6#JYUnCJA}f-wZw!zTR0Y z1vfs`wH;$R`)wHoi8j6QA@+FMG$VKn!0acG?ZyT>9V=j~--Ir!QR%7@ z+~(PtDCV9c8m#;zb}3AW&^%tkQM>9zrGemc$(0&1D)X#sttA^zD`;-)>FvEAjF1Tj z+{q)J20N*Vi&L^sle7MeHSiElO7?_4Sc=SrcLleI;vF@eFSqr2sW}bXl5Wq*5ft30 zUfOC&1*JQ=*$8|DHUm`DmsY=;s2xm|+7`SCOnXv?EU2UOlU!D~B=!?eBpdlprFqyi zqMgo8tO2WZryk3;&fF|!W+R}O7YJ2jQ>=j0Ig~#q-zpRwe<26I5i3rNmlubVp4oEcrX!;|nb_A(PK(!Xw1)zI_NZw~N z-6h#udB!m8G$GR22#tx87xOzERN_& z03P=8zUZ4Kf$^*#AJ}hJw7j(a#aoFNDFPA1y=1(CeyQB7^yM9|l2<%BsNCnJ^n1 z^(n>ke<_yS%bqa458XyByf4#p)yak$j}>XHq&Oz{v_O`Sl-MzEPc(wcMe8BX5ewDn=n zdf$_i6U=9Re53}y2|Hga+1)OTyUuFHh1CI8Hjb>@7=J^PLpV(jClJt~O0|&EbPk_b zn(kU?=8w|p#-z)yns02;sTf8Q!eL7nJr=u;-k{9mw(=$sr(cdLv9Qlkbx)rrf}aHd{@l85$M_hG~9hsYR5Ia64NB`kn}kr z>G*i*z3O^CJGWNv)zzP0&pzWE{iFmeuiCSi7yJg3;O2r56oPp#3okNT?>e|8p4B)h z(5`N27jbQugy-vqc`oGJa-O85OMp8TzR0~G^ZB+vmBxdVHFTbBTAND4u`%J}wiL1j za@AYQE^`xUVC?gs4Q|fYy8+>Wwhi|nbFW9o$Sf6zqqj_ET43Zzde(gipY}8Wq&PNe77eY9~$Wyo*&04eC(4?fcZ?QFyh*E zsHl_>>1l&vu_7eza%h+UP;cOqJ{`p*r$etga8EQH0ri!m#Oq(bRa5kCL+2oTvXu7)9#fZfIIkgl`K-PHH1cnF(Sb~-YpRVXd<)=vIT z#lG{vc!MWcQnST77FVlnl-;|fBnt9Mx#B7383mphCg2QbZ2;U?++5=eyjY>%3Z?OG-OA%Ze$SjW5=UTK`#h>Q8?OgC%a>nH7E=?wHlvgP*Tt-&DiLK*& zw*Ebgp!{-WTp|V(>DJ?Bq?KQA9*?H*Ko5$-V)iYGS{~e>2sB%tC@NwjfGCNh1FxoM zk&>HpcWXFZ@Fe$f%-z)O2UT0_@593VF`fg9J6^&syN{(lcT_JoU9WGj4B$a=>JjR~0F$U%P&ozaoCFccIoe90s*^F#ioZUnX*wG%naM$Bg z$L^ces^8)r=LZYM;NNLAy)ojdJ+km(KavY#7iK6)c&cc>Bn`TrN7t}5mgOq6nwH-= z7X`B&jz`tA;RIFq|3Izq(V7tGTCitf9~^ARaEoeHnN_h~%`J9fnLUx5I|g1y&s158 zUAWVisDe9*KNm|vMa`xAp>yB*vEu!9JgDov;{6T^Ffrtb`S#fLCbTB}uIbR#b+X!t z-gQml1FPh7*acHxp7nUv71#x;>ZE=30Cot6zF&2{K?%I=$z9{wzVLZ&;&?x`?yEd* z89v?u*1=Fs!(z?DAAO}pN)gBXxlc^^V|;#xQbq!4N8ulrGGfevBeWL7pB+8n^zClE6c8113uUBiJL-?)IR>%KD$lZA#aE1McH1F zB(Ebrp)u74(TkpoO*?MP6SfZI4*^C_SwUkfx}hI#rpP*M4fJ72rF2SgRQ$o)!mEjg z$jZ;sckGw9-U<4vw5Be+>{mv^>|j?=*XEOBiqEa?wdLkJiYKWjNuKaCsln~N?ZB-e z$X+*H!iJ=(s-me(t4=1=zcyIcAe-Ncg^C4?L{^O~ML=-xPfd^zliqK)SN`|es@~62 zI0DfzpnfIkcbf*CA3kq~JBSwg!V!4S`-ko_5tiwL3by7AItCAPDr-qZqQbUU04 z2m1}q3;Y|1QigsPn{Or%-L}kGgE5{@i(3zy52t_$L}C2w*GZ%Ezbg$tI!)j=66n^ zYs7cHtmhh%02~(szpiW3cUYgt)pwZ5r=ysD(@8p|x9enKKTV(K^s6y`?+?PSz|BC^ zmzydZOE6#ubHf&MD?zh&sjl0$#|JP(f6RZs@qqAM0ORWxW_RO4T!kMEI)EGX?C5-w z=6)a7`!4JMy725<@~bV}gh4=(+dR$g*J#0MF4{nlp+}B<82tUp0HirKZmy2SvU)`ttvTNB5J~T%1CZ6vB3C8!lhvn{jP<}-WRX@%)N=a z2pDYpvNEsFVxDL`H{Rd&71Bli6{Gthp@PY24gIfI+?=-Y|C6WxSN;D*ij`wO{cE4( z{}|!_|9wUETwsojty3Y?-fQ|Ha)q&eUwi$eEYN z7faDTRkeV4f(owsoGOz1-?Zvdj;$Qs{uo_>rm7$3u6cEik&!ZS4Fb=m8R~RV6iMs) zJKDKN0INck;xhGYlYwVeh5@NhF~EL&_RYYMj|n$-{io?()Krp{bwps{<%zt{km}tq z@2gxN*-s%^B7j%Dd#~I9>U^npRaKTMS0Yj5$`52O2r{aUf*0^p;*!kwt`yj}pmshg zHJiO%T-AB=>f@VGSWezod1^BrF|b8s?5Gve3|*8e6YMRiDlP>^C9QRWugpp@y9znE z!CjZMmi1{G#Rm`0HNNT3V>54aNBnV~ooqTu#OIP+XxbA3Y5W?{qhSX(Rb1q&SnqUQ zEiTYnaqOBgFlT=f-xVj(pSl&jGo_*_Z=&*~_bOh9No+xtq{su&6q_v=+AK?EFHFz; zF@NML12{7Kvv`PbQ?JQv2V~6 zo%p7aC^dg+-%=}l4)1`6be??a_+&Z;tZa(1iO5A+E@ z60Wrw32*ESxZz8vj3tN!$DPZhhz3E)q+19JI&$Ns3;AcJI>8XvV3{91EfWg@DBqd( z5|MiLF?08~{M7m{j#(K3o3$~u4@A@o+mjr)_x0$lSH~9&U51*g{p{SsAih*;oTZAF7xJ^R|Ku>1AaKy%9*8 z`#I)1PqTKGKJ@Mchq!Wy{NQb_tpCfIy!NLt3wpS>Ep{c7U3ZSBnbos5&$l3!>%Ca` zLTt0UokmH<*jQr~KOVX)BVBdZpeefJf`0R`env#ear^DnEjlXG|7mhyL^8HkTN z0yeeQQsyLZGNF!@ECh{gKlQqN7I%b8+LlkXiaJE=+&3bYU{TwbJfk?jz%7#o1iWtZ zS=zX!48d}h?09BNpGtXP1U5#{r1h2l1VDh5j*7m@PqpCrdw~&CM0)P|Axrma))7^> zM&nZe2EkR;7EE$V@WHXWn=D5-xpFo0@zfRLQxXDeQNHCf0K27_$2SCSN?yazSbmi<|^8E$&S zz}r7TVxI$JLlUG^V_mvFRk65t2@zG{3ac|mO^`7>@(8DqGo(~16^T1vmbw;>!wl81 zS#$TUfjcq!{?i|Q{o>;Ae*NilLfi%HaQE2T`C_AhQH!U9*Bw|gr)}mU$ENSL7N{)g z{M921Yc>k%#AaO)g_teC^d8Eh?F+%;!F@t|g8|GX0Lh0JFnTE+&!?4!Y&W^Dd;BJm z;LRt*3o-{ttV91A$2A^y^73Q{PR_>)npm6E`cdEJO~8I}^+X;*VC7vggHH#HtaZtD ze0%=5gKBg|YVLFLnrQWr+FVvTn*!c@JFR;U^2^tgRLv*Y0bP@y)%o=U?ppI0wCz2h zw3YGF5mP~eopG5rWrUB|a7CMaGw9dVRQ$4?&Gp=xiwFuf>K?t4&6-Pp+dPvfIiJJ;s+9J-hWYuqukaUxPi z57c-l*Csjgg7$-G$_ndqV|M`@OJ~*X?65tjb4%CAL=#iQzQTZ(Z=ZL;+xnl^A~33- zt4II4iIDA0@5kN$$7X-k^0>;8M|_BZ#|x^q0p)e!cyl)0}V;leyB zn~C?{@fu_nrcm{qb(em+h_#%u2iB6ox`oi>&lL#rYwaqj$D~CrYYATF=TBqadu7+M z$7QZD!Z@$RLO7RCStR|7gdE@T{=%CJ+Pm0a6>j@SaMy#A?y$B`tCj$Vf3mp=jr1kP zh?D2o4f11ou|XK~tE&PYB@alr6Iw~=maDzSnE&s8I=ttQQnqbx(bhwjZ>UxqB>sI^ z1rU{FUVCn^wr=P2*GYNVtIo4e6rMYyzVkN!_T)dGp<#~occi*t7gP=Ny`EA5yUbqn z(f3KmqgQ;p-wTSbL7GHZi0a^~0%M6pMBI~`QQOWC-B354tNU^_OOe|+EX@`>M zR|2ISJkR$BD*ojzIKz_{t$Zp-a+bHv=jr5a=XX8i6fkuPMEeR?N!Fo6=*j8rRO`P_ z*yB!5%0ixg5Q}Dlq$ zN?VY|Cj0vtSjlc+MHrd6nzC(}k`+GK4N%eLD+MkW7wm`|dpCB{hHcY2O zOz06}v~ax`Pa6?~@t#O?C6VAQuR&K(u5Dk`uXev&a`*+>K9RI&o+%w*Nh_@T9{}*pDmrk(Lj%=cmiiledjxnF z?xUP_twR!lQFj>09bf<8PB5MrYJ9f@p(Cd@4Y&E*W*fzt1z4zfc)a@GLtCk49-Msq zVi!gmZNI|EXvKP(z}VOVwlTN`xiVZMEvlq>s$^u=|LhIIn|5&}7$31)qeGT36%HHBLk?BwYG=btz`xQsdjIjy595 zz)C@gadBcL_ioKodx24R-&y~cjkZBBCOLl#m)s<6a}wPdM>LuH`h0WIFH@^kWzFGB z`)A$dAgvY2Kr|D7;u$a26teK|sW=}YrX&u(fM(nLQ3ahDUaDMPW2*K{H6;GlR$0>g}!B={(uFTN35z5Ra9YI}~8AO{Tq{ z3*=h+6J$-J2*zni2b6#D76NNWxv)%Y^GC?#HaLg?jHN4kO5R}q>9{L9s&i5$pZgB0 zVc0>fzhmcs^|tcGlNi?sTSEF*nWYpjnGLpc%)0*-tTq=UQ}NWwGc+~V)@kri)_8m$ zuuhMumJ3+vx#TXjjwQP+a2FzEm z!xHmsh~RxD$p22`+HN0e!5Hp~gBXuEH4RC^tOe`yhh4?-a#(ipxNS)dxP2;p16VRE z)G1aoj140{$nTDD8azGPdX+{_fnd;^N^PRK=5)KmZEBD40gfo84t>F82&Z~`SD?e< zqhH*|E{MF5@x+ucQdDz{?iS+w2*B%xU8-X01nT58KIqHWiykN*4RVS)fjMWN8%$e$ zep#(G(!d~pity_R7QcYgv{w^*jBueePZbs~A+&I{)IpR$hXEZbSVRU$!UCd^zQk-F zyA>GsW&dej&($are1SXN8>f318+SqZ-h%a3T*IYnvBfli7m^p^M8G&AmY!lnRa>uT z)s~!B(FAAW4C}}Fo5pKuRl;N@2?SO=Y?57|E-q8yKK3;mVxtsnVfPU6=fc(!a0J9qg4mTN^;uQaf%F%^KH}hVP5)XmKTu1oPttj2KgeutCQRRpW z+{I|h_Rt=9sd%&`$0&t*2VSVLJl^Qyj^@lA&NRyfU2wJ8fM^pB_9|_1PqHw)ZBA@a z2gvDiLBj1;PwTzGeo@^An|*lJV?2=cF;qxKl-BMKqU`T^X7&M76ebQE`tj5a;ok)F zC>;D@l4?n#uR{)^WE+@A^_B%P6nf_{PJtm;jKgBlki`A$$fa5rguTCYlO6CTUm2gf zsyQ!%swSFRCo#z;-6_8Rungl&U_<$CXWcEVxhRN3@|k!AvuBOSlyaO6O_Z34M!GDP z>y9S-q=gHsDke)MblFaG*J^4Ud2N`(q~^iyb89hAV~#whrcEskgILs=$>n}Ex5$tA zhpCDnFw>mx8<%K|+XbxXdK}*FP{{{{Ux}x7dct5fkG4tZcV4n$T0^T)#}fW8VGo8^yE^4`I~u)nw9uS#K^bLS__L9%w<`T7Geo# zZ$)(FDvd^dW-Ald48Ap9O}7hFaw1%p?_jr_%(MK#_XOx+qOsHZdlGZ@oDkx;z5}g! zK#ukXwITpR*8`W1UlQJE8*OPmfRJpDNle6@K>C!|QS}J+Qt5C?7VhF(#qveRhkr0J zDaP0#zLSr&io1eNjFAmB-mB(Gp(bSss$fnXXV=oX$3x`6v)s?$X)^)7Wx{y=o?^RHB?-BoEaSy^Tr04U!jhXkE?$>iO9hq{*cE8M zoL_sdEbj%CrrAg}^1V!ti)i;9vVefM->Ef4hxt=bZ8zr7&}=YYjnQ!Jjom)=2TAxz zhm%$NVww~orK2n=0>eGfQZS57FXy6+jo40y?iy|%?y)6Pz$k4mXVG|2lRglD>eWxY z_Is(L4JY5Zsx(rh)y;an7V0|f$vGx$vA4MHYc4GV78ud^`a5N-0kG-_nn7Mv2m=#m zFA0`s`YVIhKamWqQ+}7YyCNrL;~c;A!S4;!rJvpT+Oq zV%a@s6yyyN$`wCC3DUPNm)ZLXs*&JN+XJ1UwvWLLE)c&O3WuXQSE2>${EDl7fCMOy z5v6AE*Q`sl@|#un^iMOzwA`Tsi~=3q*bR5i^-N8_y0)`1vx2?ve74JdZvk*4Xz`|P zC+#_q>B&j$89*s@n)(`sJ=Kc zF+C%1+B4WiV5)sEBX3eZVy!$IjnB#&g_&u2Bn;d!4^PSa>Hfrp<|WN2RVh4o)>moG z^F72~`gUJ#X8u_Ln_cb2;FEB(3*ijtaIbO{|7h`Bj|yiMEp2A=n}U~ijF^u5I1X|A zi#5Ja#2~EbpFRi}3o=WDuZ%fP4yIh*NPdHLoAfs1{1^pa@et2eWbl3w#C)%oUR7JD zO;>E`ko7JU87j=#gIygHIit*_?6S*w9L`-?pyO}EE;wjhm6vXb(?8sYgiYthD4>GW z^SU_jSMzC(T^)?pD-;~J{_4_!8CKE@@w^fNanfj(P}eb%6z-j7If*aIiifDb?4kF7${s8Cdq3?W3I{^B=d^I%3^X zBbyA8V82w5$Lt@72ZyhS|38y(XGC`vMeoO%qcE#btv-9T8NKlJ^eTA-l7eMIIvG`p zz|P~8J-uVqH2JvkbMzZ#@yJ_wp`t+G4c@GbL7}#byuP^30h`7uLFCH3b75j>tq|f$ z^NYZ^hH9qT(l#*SS$+GIQG&7moD8UHT2sH6j}Owhr*)6|-NKOQTwo~WytGAFWvH(C z{g=0zyN%vKL#0%ep?>myaIU`7TQmrGzgTVKpj#`WhZAPqQ_|sV0ODj88hGtLt#`(C6g-&Zk%!^IFRQY7S7!5)1Z~)_jv$aAaX!93$N>3~R zCf33j5|)ycvMA~1p=@P9(p5_{tg2Tctoo>= z1-|p-IifQf!?fnN$iow7%aSI1m*&ROb+)$hUd7}+bBUzsdzuP@LM!{$q9TlQ6KTs? zzTa-^bFyW=dueo)#lIaZ{?v{E818LBKoXbus|vDmdFB56nh2kEBBJtop+Kda^7 zzV_u<6G!&vBo?G&l1CtGMhkbj490ugZG-?$V93wrosJS{^TMkRYm{myRd!>~P$<8S=7l6!|IDSZdqf zrQ4`q_QFr*<;xOQ&Ixj68m|qhajx3VbGj#$UbKh)aa=_yt!k{R8JiSiD*5cfGH5en zNGm<8@27g-G`1&rz8q& zvz|-Zoxfa0q@z_UEdi_B!6;Mm$lH(SEckIOA+E>FGrEJvL$6!}ROb|z47i5$*YVAchh;ifZm zbLX}>TJ*|d(9__BGWWBR)E{e|h++DKXM^V2m$#jyTG8k5)@Ig<}&(sv=r)rt|=3>!VJguct zs>?!AdWVpX7)cWQ&>E`&QQNT+ujm>>EgMj3`B!v#o8_p$Ug@{07!6y0G+$wPZ`I;6 zg%UY+dDTl|kQhm0x}K6lW)mwyE$uy6S%SkLw63=Le7egNIiJa6!})(c5QgFgB4$&tPQR9H#8xu<}!QF4Tw4# z(S)}O3?pziP^co4{Q_g*k|%hw&-13$-Ct|<-^H zn7Iwq-P!(JD*ONupG9XB@DKP8aiP8@=^f%U9|KuF#$Ss@B1%eqf$2GdkDnSGXue4N z${9WX4J_WV8fU&CKnPLI?mo6g^#|lL@qq7zatPq{w1VSB9KQkbAo}we5yk@RZK{3A z=ZF9Wh4on7R_HjI*+|UiHx@DHz%$O~%Y)3}6q|qyBCERmS<8I(LK*JZ*2=X47kb!5 zG;~0c5{K|0hegEprwLDe6{e9C08f1SSE?-2ZA2MTSAHI8n-}}lr#|dTMe^GycikPn zF*jp{Jsahkrf(Inm|1yfT!D?7wb2X1ZcZqhvVpc3NDc-E;!}qV2u!TVj6A3XD2svv zHR{)~a0E6hGP|wp0?ix5J7lD;ne^;j!wk{%AOF)fs8i^dX6bDa;zIh4Hd(i9HL^@0 zPr}yWeHJHwYU>ME!_V#oI02J^427w%+vOo1^^ssxs}cNHEC?g8odJDkbkG|dLOZ z(lxRYnUo4nhZ`_#7sw1qOAuRvnMh#nqR?1NNu7gfF@kAn|1PmsUwQUC{& zBo0GD%eV+L!MNbLAwx`mIReK3SF0*vC{~XHb~bj7`}ZWBoY|Q5=qZb47BlQt2I;Oz%bXbff};EPhm14ctxVRgycjkALX{Z*g7d zHnboUIVD(XwT}FDJB}rAiO^Y_DkFTbM!4n%H~TV}^XJ;cUAtOMu)&od?g?mft<%bo z2~bEo4_83h2DKSPSsLtuMt|p?6j@<|HWITHct`zbj^;5fM{5ZT+IJtwS98oZmYHl3 zej5)lg~5#89eHwZ{Hi!DQ6xU;``V}{3E$~Hisd5l@`XdN*DWlE`yx0x2LDFD+7@=G<_1WJPY5`4MX6i=%P>HkB$EjRqKw-2HG}12Mnw_ZOQY6pZL18_HR-Gx zy!jeFFh-$s#&)uM3+$R!twdwu9HC%lAstN=66YSeq)PaeGmb$+UnZwD6M8TPVdrAs zzw8idpSmY$bhKzlnGsg5of_8oik>kHG{ z#6ZhfB3Yv#j(Ous^tgZU;VNm^F70YsgqRk4<&R$*8qW2@&UMBtuhu)U-xYqq_u53_ zSin0lWf%8PFoyPNf1T)EisJ;SMy~+17lLmdf&n8ii~gSwRrxxP@E1?C%-_<0!95v)|LGK7MDL%{+N{6wFGjnzMvcP^)GAc zwl6X>>TqbB-F0s&G3rop>4C{lk2~D&Y8}=E(qr_@P&D|M4SeI2rU=c<4QAK{9p#L_ ztt)Cxll|u?gc{KcbQe{YomJHi^4KsJRHmb*8PvYr^iIYm<#x)yDzyw>%EcBPRYqdLe{)*o|M%gM|NcRk z|G}o!$3o=0AXapmzb&8U&;K;V#C)kBToEl(f3t}3XPC^}4Y!iH1)nY;?lJPu1$?g8 zWyHi$QYdRi@=DN3JW&0~FK`!c+U{+Z)@uDM%H+5yrjazmwHAOZVK%>7U9J%Srg9&4 zOM6~r2JEyUSv$gKUsYe}NXyv)v1QM626;1{v>OiD7e; zp%38DfGfJju8oWTy)HNfe}KZ^qXqbUUFoUSh)kccWo5{X0!}N|Sza)(GNA21_+H@R za6!DcU!@p1p^*4`u|a^b*fdgrAeOQ94%;L}fED*hQ_M!NYgCWCB{!lkvL;jC&&Yb{ z;Kpcj92XvusxPT)vLt~p=2=}_Nqw&ZXaXxvtOf(7O0z{^vCtjtmvlXK9%nDM_U~uodztxkelG{H9!M?~P ztjDngH%(-^zXDG!HGm41`$aD}Fbf_+Z4M#2KOvqM5$GwR_YMx{M5yM%jucP3j&1p= zUSJUj_?kj)-?1_41jxyYb@K^fZSeLbbg%`j5gQx-A;)c?FSY}g9(5>+oXkG2s9CZ6 z%%3MQQ_XuY6RLNFMRKz_79$O9q?udrHuO?(#s0ZT9!yPWR z=UPz!!a52H1cP&71`(;aEKkq{g+kz%M2}O`qOI|fx$5ZcE-h7O(jb^(K`*P>*dS<@ z2gT2Z=@GoyDdo+b=2Ie#Bw2v{CGXt_>J;Lkp|OiF4}g6D8a4|5O|okaY98Wsdm{~w z+Z)CWEH>U93nOsuCBbEA(FEBh zJfuzrezZmMw*_z?c>|9s7si~aLV;+E^n12zM;Jx7G%jNW?YW7k^$j@=;&oeC$lDa$ z86wSh+hw?I)baGhh10+zHD^%>*~}rAUI)7hFPuT}89OWgDF>EhVq92u94^m{p*&7r zDuvJ5E2Lx#GOKoSGqmO%-iiCO1CPC=e5#)n9l-4ZTOX_?QXk2hK7wuGey4zF!Ox(< z)V=R16)o!C5)sZ(qk9G% zK*&!c%Lu&n)%k0>kNNh(k8|u!c6_i6gB%`e7zABpZj{i;4CwL&TTCj zg^$Iu3L@|HsB6f}%{`1%h)Un#*A#C8*9R;?z`*g*DM{p6nc=V*Bm}BxOcwUs-`pA; z!c4`Vh>XmfwH*B=-;)6ubnci804|7TL%bfff4nxl2TCe+1S>0LXIx%X`e4|jS5)5J z4YDewUhLW&^EyqMe@SkLC08l?l1|$#*^3ZQ^!DoGg)9j)wlm*0?4Ec|T3O5G(5MzB z5^9pTzrRDJbj)$L1N$6j#0Qqq zP2Al|sx;f_y{iAHwm=~Wroa(7MI@C$BkoCtk}F-|pN6>3S7H7&75e+2icde1DTs*Z zh#pSStx?o8(`r9ATkdeiU4@KLWz?pJq(pC+3rG(~*M02O;jRJDEq3`I>i1OXh%NJS zSVe~wt0bDb>-Nk zDI!B$C_lJ-uHa6XLu@E>s&uy(<92%PjVo2aEpA5l;M=Z9k+Z#Er7H$O2E5YhR2BA} zz4B}Q7=-^cI#sUwSc7Q~$w;ns|3SJFl-8$DCDi9X?m=kJjz3rQ)5V=o=k?#DKzyTV zNW|SW@>#<|?(uf0_sPrTT>gdELYLAc;w+*bM`Z-7F5;hNhD8w}9B9{F*A;KTtc!pv9L6bVNjIp=dtTL%cuEEGl7aNG?@ zMkMVl-2ZhMf@*{3bMY)b)ArarH_Lfs4^kWpO=EG$uwPl{$5O7Eb2t$GxXJT)9L54X zvziVE4p(6FdoUHqsK0JFZ`yEl%gagW z@msbhS{1*_GMj(0_x(FczyD{5))l>qBqBzC?doI8Y$#8uoESw6#l(qUTQMAuC_Lm< zc@Z-B$juDPb(+nC!N34zpn$yHNLDP{jv2zk{&-ekxx@|K%=T9=`@lz)_7x4(T(Gk1 z;rn07ilhIRr&|Bd0vS5eFDvbNu9EIv^*Yv({sB=;wiH4;al>5X_8Tq{P%(s$=JCiT^frL z6^-*&oK1#!?q2G5_Em;jaPy0*QQm6Cxjm!!7- zz7J{>iYmQr*6!bm@-1Q`OUb-e_pp zU7!_n$$ER>3w1=-ZV8`X?VA(o-8frof0Y>8yN$o0DX~@Yp={JqO$0ioIYacB{+X9vnM-Q``Ydfn`aRX*R^ zRV(wboKo9cLvFUg+Qaxz(t3WL=jtIyRDeoL!#L~MIrhzftLW2LB(Ra9i!hVX%w9;# zq&K@|Il|p>b&4z@=ZrPBUvNCr3Rcw`?Cy2AM82`0| z;awn@kIg{0)ta+1{i~lTQ(2Zq&CzOJc8g1;kab&5hd#f*wWV3bHCoOKR}3M2ow26> zoL-2o-a`Ylg?d|}nfAhif_Ca48Ks1&_B<%&xzrjblH2B6U$j-ae}WZi@!7+GQ7}!K zagOKm|5fS&%u{kvM^jBNa3{d#KF8iVZ@urnsC>s9typ#UCor^V8(}RT!tOn$^#3*@ zm1-heboR?42R!0XHtQQuG^2Q^k? zG&n5aHiL3guL0JIyIBWE8n#jEXc;d@CJ(`x1(iUG7O;ScvGZNUK6G(ts%g9RNvEQ| zXQ}Z^lOseRw-y9AQe*Lh=X<+oJ$`yr40feee@#(`->eFezd+ z1zY_&)pfsbf$r&Q4_AXH$eT9YRB2(74KDy(B3;;Is^R`CXeQ(We@fd?e8&;vCZv zs`j1_JHggL7#Rcm2$E7Mf!G;t8#^w@3`-ehr1pnQzM$~Gw!Lux@Q#cnc+fUD(=26tr>45*9=+Jd*G~V&ma$s*-kr^ zDg$+rQQN;h_U!=kuf^ir;6tk}6QZw;hwtoup(#>*aTp&XGMX9vsOZDPAVh_m%V_AT z0=;<8s^|JD(88@8tC6ceb!>iAm8k{}b}+k1VE<=EWEYXi!TM2bJ>7|_Jp?F~|C2AI z8fl|>K%rR!@8{nmxHW;?{{gNm9f@ns@r{aYQh`S(CI3D1tOatsyW$^Pyw$o>K`DjNQfB#IyGze0ZH zqAua=5{3PKglvc|X5{t;%j~D_8py8d&{=U~VT}}Dw9EJ}N=?%A7g&fu;EqLZ6s!k+<<82mxIho;`Glt2=4=nf0)Lp1^-9pglmaJ$;0we+Hftf+9W3O>PHHke%Y91 zzS}!2yXNi20%du`U5x<-{X4> zaCg~PH_}RdzJ!q z)BWEx8DKi_ilMlZhyeX>ge0I@%Y@v6;AEAwoo`t|z+f*#k-Md5UQB)-Dzy0G*2R`u zvaG5Y^h#5TbNdOKl_+g~8kYO8b#Xk?#4o+tXr10yy!ufy>x$*#i!^M+ep;^&KUdeq zC0WhTtN?V%D)0K0+M%DAxxH#f2DxjbXUwOaIT9P3!?ZPh8tDg_AWhaTDyi78Uckx# z3#D0`x_&HP%Kjqd1z)rSv}jq&7ow zvLR#lf?8uXrMYB)clUGhyH8ch5ZexEr1;<#&6#0ujk}J5pgN`VB1e*gZV%Pf*hTtz zohv6g*SRmkAH&P&kj5eI_dQ)z5bfqII!gAFCI7RWT}1T7^;BYn5V2;@0!17SB2{Emdokgqp{_Gwf0}4-EDqLSyZ)F zALrhbtfQy!mBf*$cXzKyTrlNRY(hL>4^_nIGL) zIUi37BA``id1Vl(p2-R0c9A>a&JC)xa$KAlV4T5lp1F$bBLqV|hm3ZbvfHm4Dr98) zIJ+qWvq&9SndvPVMcWp(@)$P`MTIr{Q~Xp=DAEzAL7sztUTTYPo!?95ap2F^#Bsa> z(J3Eqb_zkKY`xg$es8D|3Gou6>NgW6`^`$j-)$10;|lVq%xfC=Eg_hr5mU90<1V1a zC$YV?QSH?`rxL6=`b+NUZ4BB3ZmZb38t%f~1L{?(@Yc)?x7x6%tO+xh6TImDAcH2S z>uHk?DxAX2b%68U+~Y?cw}yCl?bGk}!D@a=m#pOxI3bw3TXi_mld3q#jLpwa?v1~b zv{obiHnhV_)3;$gKj$iW_zs98%Em@ypp1ThqJ%JChI2P6+Qu1R%ai=!-9VRca{yco z*U12@^Q`?xREMVH#x|PIi_D;^U45fx{} z(A+M|B3^Kfx;l;2C3cAS{P9h~J8?(4v>}z-_zbkk++e6xA(R%-@@i^(IY#nbqeH$}5ksLKr_t`7rT= zSk5$Oa%PtQ-o~JcHvPRPz1VZwtA}mW8pYMKV9x_RkbBJzh7u*sM;;GEn~e4NyLCfCq-LTzd-u5imIfLbgfZo5Wm2(__C90u{z2^8dBu}jpm%o zPLBf4;XB_|PXC>0_y{HIwTQ6%x-T6AUPt;f4xyF=5eym|#fr<6G3I{*7{{>v`EF{u*#{c?m zc3l4T-Mm2oEXsPBLc{s~qA2Pt-Rw&Vw%jJZ8o2YOT3}3h(>e*HKRvE^`gsHZ^F3ws zPdmh>o`6gBGUiNH;JPwr`k`x}8E4d<6TITPVc2sMTy9ZG?$VYyDO9=7i#7GK%M}3t zzcNsQ6$hd(*1w4SzE+3LSAj|KfWj)C%-?`VXaB-s$lkyz4lYS~Wmf&i?I~W_k)`tGKzvPs%)G_K@PErlux>w`^K_;I z&{%0?yc=CBNr?mq(faFDc*a}AGQDvAM4+92tnljw3j+_e^?)TO%Dx@VcFr*wUgY9ntOHE*x zrxTny)s!Z{j@#MsA5t~Up(UYjDF)D`tRFWAW<^&&zQ!O?-;ounUKB1UK_5SjYy^|i zFxiN-^9HaZBgfGpKUX*An+zU zcp-po>i@~7qcYNgs%YeDCSA4ID!2($@{{A|fNy?Otij}Et{=__Ull3N`A;sQe|#+CABnE^g_;1+ zh-wKYFMFF4p`qO&5h4X~efXMH65s6(q*F-fgk~feeBw8en`)&a2h!Bu4z2E>L2zk1x~B!a?RAC zg`?e7^&Rj7Xc$6u{{9=ioz&wCmU=wQQvaG>hQlymb+|pAii!3}^7%I%R*QLL*cHFSHcn`1BcA;)gM1_As_zxmGhq*S{es`${Xd(0 zT;pon_rlE~*5rx+tFuPmw_)Ps#4%bXF}xUWfR&4CvB>_9(}%u)?}_VVe^B|}zBc`3 zDW^3dQ@P9p{Wsp&QRy2_TO@P}NJnWXjclM)=B+I8|LOH%@UR?@W|DJOksz)x=eLR5 z++i=x#c)$Qb_D%>WzKA9>-Wcbo&NgU2d9^B$nq_n%e4fTiL66|1Q=`Tg_Du4U5oq_ ztqz1YT)Ka&E>ASN$=#edqU~PIEdC*d7)V4;I@j@r3m<;M&6Uk^#SF_h=7gw5ovIfB zW*R5G=$4P;%2wNKIP|<>?J~^>MVLSNsXIqByC;TxYX#)!C$u|HSsh z@jhf!sW7Dt+qj%ZsDh zEhgKBXLHZn4RWPDsxtDg0^`XsA)P&FG9#v5!^VK&vA*{-vq}7*f;Y>?hZ9@A1L7gm zJi?PM2E^9cW6>8OBbXa@TXx?wx&p+P@rO9?p$49M$DWUE$-D7_6-m9$6F*w!dHNyB z6VAoNFKIp0j+G$+$E}+n)V~vMCn+E2@lr`dyk_=*GA5bej9McnVIh84L^l+d0_95% zh(%{PW$Ad0w2dGXk-aU5k?S)ISEVaT8yh8YXY9u2^XjydO0Zurm;*Aq^jAcSMS`0Z z>%4dIkNvC22M6eb)ZmBhp73XHPqi7BC~^j?#PVN~&hbFkW^_(cAUP-MJ>9Pac7@~d z*N&612W*HtYNn*S5mO8ow~TQ9eKX~_)O8sR1``K*@3Vz*L(D`R_Spg^MSC;WVv0kJ zDt5oTm^xr!Yi*Em-&Y2*5#aXoeJ|FU_LJYeHo{+)i*_kM?9>Itcq>|UX=(8*@2l|# zSqcl?ZjemXGPUMiw@?J>jkMM;IoO+&9LzG|8?-XV2`yHZHQW{xs(qBQE#WODtzT4# zuDNSn0_`bJCdFU=*<&kS*7}}Mc|~WEp}!YEa&tfQ#0ay zblJizsb-MR3kh|BL=^M0nGE~0c@&(X(blhafT!cU`1V#_kv|cUjkS?o6>(t{MNm{T z==O{4%J@b0!p0Sifdk&pLfDmd(J)8-OeG-vHcS{|&(9p#P8W$4Kcv!8-l9|JCKB{@ZIG_unMl|J@6XcNigU zeHb#?iYAUmVor{3d~(EcOGTWc?ZxU!M+>1wVY9`R!5?BzMeGmK5sYI>&iop!D}j3T z=H?x6ldaUaxrX*sxMEok`&=)(`d=&r+!VY&GyO?fk37ai=;86%exZ{~t4*#tTOiHM zh~JyCVvq6{?{maJKdtb8B94F?Jl_q;Gj}6w&^&a(>SHkh@6xiH8mqB%@6{mZX zkN#Bs4$=k|9kFa;icj6VEu0{h-m&T-Xi6S_`N}4TuL|yLjzpL#X-Z2)W&M+Eih&w9 z^Oj7pR_6r;Mg_QyVCOF55aD^Cl3}_-9XEYFJ|Y)4pq{L=!|G#ZT)XT?U*)!P-|R-t zi?SExZv>}wj~e@m+d|$T(!mv&^zV4=(c2X)XBT zL!G8dHgBAEtI9}rcEK@XLMRqRvK@1u@B~_C4@7Ce?s1H~>vn8Bnk*-Bf;1Fp2R{!a zvkOua^H_5yf4odn(EQ~0Byd-Ez1NC}Gg@9$q%T}m=X%BbE+f4DT)z6=#mZXwH#^y+ z#~|D3v2f*(#^VPVOB8xG>}0I>asd7m)Eu8!J@d*ggF#RRZgyn^-fkA7>gS+;iebB5*bOUZ+-7ehj9+RrhGZ)Qte3-@0|5fx) z^9jGF1#qMZsr4ZVoI^^t3*tWXw}GOt(w)N5bMV5Wk#_;b@FV}DW|Qbf+X}@0Y3!lY zUU@(N#Op&Gdq zOh5U`Mlhr*=YB(ZhqA&mSL{bWAx`J(CaOSNc(?k;tv+g+W0k!N!nKiIrI?xgRl!{v z{QGJlcCgYkc1fxw<*1801+rom<&6ZfA?E9&Z?m&{1Uy1(zmn?rWEEt? z4N+&LQB#w}%QZWdxYj3wOEE4=A{M6=#WapXa`7AULZo#pPtp)Tf6^Z^gZGqqCW%{F zh75a5g8K)sz{FIoyyxCA^PdTasxTNaDr{7e={_LJtATXE<<;@BY8BsZuPtcPR&?nq6kyCr^VBbtG=cps4>*)a>$A=S@Udr{)SS#tCMg)pu z{f2HLLTiL07za%(Tu5SaUD4GMhLaH1xo;%lNOC#g7XRq)8K)2fa>L2w z0Gt6q)vs`A<Iffqv%EVX?DE{qs$G9_9Kwzk5EVdGTF1-vWbR@sm6t$AgP-yBbQYB#%TVe*L|EoNMK}{QRYf_gPU*XNO*&nFb#k%pJ?G3@ zxDd;rOa{SPG}T_NV|!J(%N=XV2<8ZmsKP zW}5T#A4fE>0^N*N=X`QeM6t<%;i_fn;FAV ziRWn%h5RIx+Xi0ny@yNtWYt=I2nOb2$s*vjff~zIzwny*`}2JS+xngsZT`5AFwr;U zl+*kd@d%EkT?pBg-pb@idEV6>ESeO}gc{3&=AQ5rpC?d1xJ2hk9@pW~b0 zs~;{NCIPr|j^MGKht8Rw2cE0&V4O#4@)l|#^2OYXb9WUT-5 z-o+e7B^y5a#cB7O(_DmSC9u6E+J4daiZ8bcC)Ol6-dR`LX+IMABto^V(#k*cnQ-S+ z0apwQ51q&<<2KN^v2G8h$2<5CaZHVfz|@xGm2mT6fqJl4A!<3TSZ6G@t#=XDO3IV+ zNXB#F0^4i3csHm8Hq>qjKN>NY*X3;0itMLXNRraLzc-hvh9BeNJ)Pi`+j&XGg(x-> zVy`wswt3DIm3Jf>t2_!nyxr8BK4}}k$&ikN$@8)oo$$>#mP%xYOJjG?<$%(4y1=l2 zBHEAvMX5k`mele9hW5hS(b4FiEH$EuXk(DWinO)NobGmH8L7|-EA;NC$ z#jlE%)6#--`7cmP9Dnom7^cNDw}q$(mlionaZ6q($n|^k)Pv4aGFm6zM2-B=A)Uk< zn|o703Mqo!BIuEm#`$wuf6->xDH&h?v{lIwK2n+1_#UH%Ob#LM7dPi}4NOCWK>LE> z0?Ifjz<6FlRRblLNl5G?h)LyB0URe*G z5Q?&KFtPF^55$;H;cSsiZL)G|I2PvCqrhdT^M+m$al&<7uJ60|@aJrq>#qg1a?Ax_ ztBX&2=YIe!ws3F88^Q3gSZ)lIl_9JWzFp|pZV}GV60=K?>!2g1?UeNO>GNzz9|Z@q zpfv`?V9P=EN5r~a8cBNUfs}Dc=?^VHHB|E`Ydk(LH>t!kPgT~cqeLFQYxS^lBE`8pz{Qb6!B2=Vf| zAKtQoLrYCV-yD9x@>l;gJmn-eXE#JrFN>9khcu{q?yBB8U!Q5}EV|$_9U)pWepp7g z$As3F8_u_TZy5{H(+~%uN^s-fm*;n*=H(`n>!Vzu9GV|p`~JWQUpnv6-~;MfTIdjt zD*kmK=)f&6uTJr!@I6+LV;y|V>ZU9~Cb&#)hP5gQBsA>kKdVjsj4$RHBR#ThIrnxo zXXmNIawJV#)_oQievgCX&`Bi(Lo2-kExSynTlZ%5)NGgNL2AP$)F48y7nk_*=rOL_ zHF;J(?WX5g9yM?P?lppop>&lQY_$YnzAAtih~c6S(pBLG?I8=YUymk}7;-HfA;uoc zy^#)bihWk>No0Ta#YMM4u}2umCei@m%c@t!7!!8TUm$*2=3?t?Xd6vORnav|?4|`x z(zmr|LI}mAe&}P873Gm6x$KAQhDd!Ye9L3IqNT+RI~1Js%G!)N>-A-P-AFsk^7VrO zNBw()ai&4-<@8T$tYPA5Tz2k7m@k{27Fr4fFlGiTSS$ma#@?{gcSf9~aM#a=9HHN# z_FrZ1(=o2C9*y7gxj^@ zYg&?JJ)^2mPVtiJA=ArpMxa+xSP8cGNt)CgTHio(S9RsjkAYn$j$O59l~mh(@c2)8 zolfjiq8SU~LS51j+n(Gd@J=RaF53H~ucGPK15rKSU+f=XDQ;IDVHj57P&HMb zddYLm=6PFk#P$3Vx2jGgzD?Zd;aDwfWTri@OO<%{G9V(v1Q|;AA_8M)LiJ6*aN@)@ zygnFbn3(TQwqhfvPpB|AD{VzQOr6J?e;Z$<3?w$YF9=J7tC2PJAo;^m61SP9^~Gm5 z<+rT$XC^PzIJ1lF(_=f$U2x(f+45X!k`yyF_Iw_d=k$MCIfF}GQzO;EuaiEK)XVj>lCT@}#a@_9D>US3x{bX;c_ z8vlmS^Q1lwlk(DT)%u^hEKTOl^Nsm5cNgR5Nn{BU1@Ef9E&7dGSpqSv=^&qNt7C*JmPM7Obzy zi7DqPx6O?->kG#P!J{taW|N)d@kr&iBpo(8YEErO5WgLrH5QClUAC-wXtj4}=f3@A zcI$d4nH9B{e>v}%JHEXo%q&yJ`exx#krpJ)(r|oEy0~Y)q#II*( zIn%VtL!YU-T5xKV%THd<_{h>ButB0EJ5S{NLc+`CN+VniCs%trY8N)Rvw`HOiFS~+ zx1d;b2s2mfi`$C|-F@q7A;=7GWEJc+!^%UW*Iq?xs+!@n80xOe(fbC7RV3cr=G)U1 zulY1FY;EF6B!M*kgOzd{d0bgt=?N4erM+H#W3{JD7KE%+gLYXrprMG{L!r!Yqi=+? zK(KJs8g4s^>1~kW1dvCT&5QZHq_G<$2K6lEcUGB_r-&4{D}BlnZD)v4tQ9Cg`{FQ@ zU>NzIU_*ir7$M#;`3H3I^GG`^FR+i>zQJYvXV^LGq50@J<%9Bo&T-I@tCb3(Ap5YU zmDRG>?{(190AV+T+q3gE-YFusAVt7h-~G$Jr0a`69@X>FYqaO9!|1VRQnU`9h?NA* zn-2xPT5m(SVP8)2jx0xUbA9OMpv3rUE@_Wiz<48Pzct?>x-OfhZb#F4^UFAZ>2J)t z?OH_lPzN(Xt=+Ets0$m{qSy3Zu2tdXNVcu3>_3teG68|E=C|HUB*^>VJa6^XT{EF~PZq$?cD@r6O`~2UGD*kN||0$?fQ`6E9v3-v-Lz zvuSyAVA>mxWQ9l3R^cvKzr7vYtgNLRcZuopTOQ9;s;rxg2c z*@A;}#8VN@j^?Mob=#Sq3GNdZ0=boF2u1LeDqF4{FQy$ZX6Q6q2{n9E?S7ceT;RAp za~X;s1?fEl)P2@NVWE>BCDa2f#s1FDlA(|wKC+~=@KZVXYMp(s2ROYS{(tMI9v^F3 zyn=m>#lr@b(uQ??0|PggdiH6NqGkhKj!%}D)PVA&-|6QqqAS5hfp#AP73~j@P<-zp zYSjg?O{(>$3;Saub}L{zMRmG;00;$U%q7odZ{Q@58DGCi-xmICx}_g=uiUPG00yVK zhsmN{YEe6!7mpu$pA4!Z51KF-eY&90zixnqSD@6WlukutPRuR_8t1*=DGjh!PVsq> z2XX!z_7Uosei|RkNLKqu!`4Wbo6LLcT3(GPw}s%m5Ns><#lDDJsVRvvB+xPFkWW}P ztF7Y}N4L`_{uMv`!85@1x@dC`#yJK7gtXe_g3b4u(8?oOmc}_yOk8u?N`p*V zTBC2A3aJ1tP=`M!|52tYzf)Xg1!N-w-ofL9O9L`M^iGg#hj28S2yrAUgd zFHN#C{VpG5rIJWOy!k{gJ9yT}m)H7LsB!x|&9D&eMCPj?)zGfnjpm1DXTnM2s6z); z^8``y$jkWK=|WR6BKe!5!IED(7a7?hZweTcWi`a*T)drb_Pq14G9`_hT1vi8*~>qu zouDy`H)MvG<~i%suB#GqLRA_Hz`?g!3|hl3k-qbrv#r}IuY=#3M=6TdR&!D3je;AhQvmBDaHg&1h8!Mw_htp2r|?j#w(D0n4=B!^;( z-xB|j$ezPjnDxbs&^Pqr!XqqGZPs_Uh}G6L-(nb?>|!aHGY{M;_wh=153Ge5w&kTD zl=mitAFUBjYw#t%O_{}XAsqL)&O#99^k;u)*HlZFo+BZ<0rH`BF zR)-{cO9W=Gt28zFt=;^!6&tYAv|cxVb~$<@ZMY1)7nv9cJD;tb5tNo+oMP^wx7Caa z*Fjr_#vGF4X=m}D?^dbVnANq5`4F_$6wM#tTWK@)-F&#q>6_g~(&qbl@^`rjmWwHSq(U%b?Y_48m*jiXzK2Wq zJR?&hSU2!hhC4}u4o}qDhTtwGy*zUW$=SnAUqRa?z@WcVi18*okkZ`WfJ8wnfO@4u zGhJ{jGg!*#D?Yb=I#lpd#FIs}9D4L~=Ix2)3ntZ{$>sOe%-mtCeIIvbeKxEu9sKjZ zg78f=3*A*nPK-KymJOPuSHBs$gk6PPG3r6iD=n8TaJ|;*7j|?>uZ-bCU3zi~D*4eh z$DTBh_Vf)Ff&^DcCUr3MbHHBzTS%JLzJwHmVZy!PH z)K9!K$N(|y&^l>&k)*dk3E8hbfJq4quy|Mt3^nbix{WQG!qO%^br##RhW+g)!fYfe z8?*AUz&2e<397?3vAe$>y$q;b=5*WLn)Zng4#3twEo|5b6mqI^ds=8 z62h=?Q&w=uw+mMWU260x_X)DmuRcN5gu^!W*6Du-D;Xpnw!c@y@SJ1oPEEM!4RR@_ zHXEEAy3~b>r6D-xVh>5_8$w8wIP5?aLp^vnq5BYZsYBv+Q&2vcG8uB>oT{@CCnb*A zl+4ev*%+l=KYKx5{A3uiI>PtczMk*q%jdR7SA!cIkw>k+qPG&1p5#~p=Z}Y=hSzHZ zev_G#5xN*#hDqM<){;uErG;^@03;M`8m1`HPmYSPlNr>~)8ylOW$06XxBa{?5yTqQ zgq^rw52EqwcAEs7v0KFvG`wfmI)Zz8C{gzpk1rHOiNcmS z%r@bML!*5B5k~U->zq zSH!Uh$yaz}0B$@*1QI@9%c=aPBg&ja?7WaXF*5XEvRi<`N&qy~z!qUEhQIQDh*+1- z+*Z3ywHk!vh^VOeo6dPwi$6$u0CORr-g^X?qnON>2s@nRb*>J+_lAN_|DL_-O#^OKe&xPH-6Q^#a9NRaW*geF zqFpF(E1K%?I1qPmtn-1Bwa6;bL=kivb&m}(raf+fA>J-N@17~yaO-tJo;L`8dH7{_ zNApQqVQT43`g>U**D2l>kY9r&vt7PO0K~Y)(LcIn4=X_~^5fZl=1Sge{X_VMW+hy7 zsK1#@B!YfLJSh(x6S=v4cRk+CtEF{p^Bp-%KuL1Cmg{9PS%UZ0Y@ok#9bN4L1IkSo9xe~50ubD>Ru9Qf%hhFkG~0gG9r^wYfvsOd$KEj*_5WnY<>xB%BC*&hC{?x&bbeabgluMl}UFHrZkTpF~TD?a(V9Pi!69L+s%EK(72 zEC`qQePb7L&sv+7cLjy)ai*zH;1jdgg_{3o^EG;Wh*Jm&;(lA87}W2nRV>e#YgB;g zohxTyt(6a4d3!Owpa|xkn7;hb&ui^GSS6Yp9DVO!CV5PoxVk~%x8>&I z-*qqAEia;q_&|Q=ssx-}Iur{6%Icn5gO!>z)NYx6L0eJi?^Il>uS-5<#kx)CB5x~M=7*JU47A23WzNwrz=I{b zj+AdBzO%Avs(eeFKzUYJ(86!+Jr<9jf8~M!&$oYgsk?f#%fkKi=IPvOih^}#u(Lpm zMIbz14>z-9Ka-;;;kFz%bJl-@qNz_}Z)J$2cx2vZgI^jZ3UHu8>n=Q($DYdEoik^< zi4zZq4&3!|yI;D+o+lTlO*Q5P`lHy1S|y#+D9RAX;pE1 zp*v&xN7U|Eu}V%AtNVsPJ7jHr^MS{Ne9=1`NW~<1)3GM8`-o|k<&ho)y~Wm6U>9k7 zE_e!td_*~BW6&4_2+)-p#Vk!F*VE63DEYi@Q;&H8MCE}N)G~hR>+{Ug2r!aE3sbr)+WB^K81c(L%?Ok?nDJl4e;O5X41F+l(>`s-`G^Xvl05; zpjQ1_{eTgJhDM(ZIwSy=*0YIyJ%QAY$jv7w^Zl@#C{r$p8EXwT)}zo>uJtLz zS>or#RRjrPM?DQmOtD(9k9ognV!9nDUd4gpb%+;tV{0xrkYv?=C*v)KKDv5ceH~~P z55YNgR7&vqo8B0>xotsc&P5oECqt^TcVu<=z8iS3Z)jzKy%-eUPST-+6S%ANn-TXS z1M3j;d5kx13Neoys?sR^g1;xi;CzQkN#LZUV|!g?;h;W2&Itm}>}NmYN`&0Q>)2wC z0HJn@Pa@D7aoN{29q3keh;cvwan`W+d$9*nW9BJp}j8DF4 zs@onJKTV9=UX+jS+Ldm8k;SxOPM=ByZkE#L1>h7KJFHyZNvde0oO}G^qr798($*4U zdCRv6ZWCC1WB+pC&bXO;nBp)M6`iS)o%H$cL|x6oM>WfO?+(gKgrV^9)m zKS0OMr2hIi%V&jC;{Vxv7OR+xmj)KjRM1JL&x|g&3XG zDQtX)<`$K(k3oAh>Cv8O>I{LT3>ZOzn}?__{W7 zU-)(iatvlf4Q^bQ`d5ciA4@<6A12S_Pr?D1FVas(CkcsseglbGe@3h4W2LdmiLVtA zL-xs4(m3+_7xycCH1O1KfN|z2Fb6f;2Ad4Iiq8 zJx0*Bi=UlkW;u%EB~7#_ThvFtsLf0pKLu`{IUe{MyGa?-pT0||dA~HvIR)>_)ZY9n z^YrQ0R*rm9#w@AJ(-m!yB|{fw;ijh)FVU(|hZcAq_zdgM*&eH{wJHxS^7I3xM#xHkV;_5N6e3&oeK2Kjwn^rwpIZ(YYzFbY(kJ|#z7=*S-N^JH`^E^hFOZ-3JglT= zD3o{zgz~!t_zLZ(;VO-oc<2i4p>oUIr%z%VxNu<;YUZooEYzt;pz>%>x|#hyeu7Qh z%huv?H+|Om9n_0#@qCp(2R-%WDTlT_wi4 zz0{5?2B@TLqcy!>weO2`)lDOAHm-zFb|fqHqULx%gIg{`UZH0%=0Dn0g|EERc`$j~ z_TCp~^?Ud;0~UCQLkI_lFDCU_ScMVe1QWW-XMMnc3+&r&*T=}J#3$4HG>w*oetm%P z%kIk{dTboEXNbok{Lh))f7U~&k9dN$#~qOVdCWadRsPJMQ8$~bvltNQyx<-Kqm!Rl zmaybj^XouQ6%A}pHsEghTDN=Of|J_aV4a5zahM__ol9$PdHTCj#~2l9yPN&_x@DTWsZ6f=Ndi+U zcA^QuJsVE-+#`TO)_LHi>^E26mVj6~OS+cw8}%nZpcbG8!BswVkaU8D?9(JM6Gb!_ z#uJH!92?Zz;%QlFRi*7KQ~R`RP?JZukPLWOS|p_U#&vg!u~n{yo@gF7n?17zL`#XS z70^uoIBc{sdNtDYIhc<{emX2_)ukSSf2VWxv$@(xH^GOg$p=;Q%Ta&Z2y^>N?eW^~ z`Y=H5X0Kp@OOEAlW^`wM*9vmNryootd(3SX-pG`o(Yx(hWfFl%iVo477Lp|BE;up% z+*lAc9c)?+yA-gOjYS*Qaap{}NJ)J7>uh3lhPrG)ghAxhwLzsEiSspg6UCFps!9)? zwPK|pGU*9eRvUO*UtV6$5}ATrGL6+KeO@W2n)xs^Zl+D2dMe`jC&uI&6HJWDE?2f- zkIvE%Fa9*&B}la4DYPZj)ou+XIXJyBbt{T7{{2Zqjd|S@v1_z!A1->qG6)MZ2q=>H?) zE~Y9iZODVGD*j>fXPr~{UAT<%=D5#VN92cBAOLmu-Cd&W`=*kHo#Wf?ot7ZHNIxw-umJAEd*JQS*-waN#3uYbu%@G zzmU%;S!0y1PR;bxa-gZ$z}k(0>6w#ssR8>ZWI(CFL;jCX1S^!LkCyCktX0X8Uo+ zXZFlS?bi~Y2|O8I68Wl<5i0i7pxOlU4rhfPr)rl>VwaqFO_jH*wDSAzHwk>Y#sKu! zUtD5z`Ud_2?`tB5RicR8JjZw#_CieYx1<+^mSySbX&5D?EU+7e{Nn~_?&S?Ru4Bh( zvZQ?RJ=@~@i*C3?S2a{exQb6*Ru4Z4+yR;NT-hbI4`SS~GQF*jA4#Uq~N24u_J9plZaap7%!WjOU%K;Vc~iI{=r`yYWyQ%+^n15 zmK)FUj_j93<(>wS?O1v%eXI_ZI}hlINM$Bn$yeJ{gjF|21%5oj@cSKZwm9~>W;_>e z8`aok+houIb5xHa(zH8rt5$Z~yXZTNjbdUnt5W>Gzf0GUr5T6mTLiOA1vb_d5Q8Il*2oss?tFIowr{Yhr zEirFDbOp;zG)~l=NtY+q_r{w&+XE0g9UQdx&gEBVH{0e8O_*a{bnf`%)sa`{b=(Tg zuA{-C8*(aF+tR0Iry$Tb0))#4=F-YGQ&!vd1AZ=m^c^H9d`Vf_Lcqv`nq6wG(HRnq|&bY7NIqYMpgP5XT9hUUvE}S)f&Z2EhxZH$F zg9-**WctJQws9bW!{4}Z5?`2~EK!82bdS=^3M%}&(vi*=&5L=R_H9rO`T|tI?Kb?Q z(s6Ch$4p+Oo&_+dieL|gf*#YR@n4QFr9?zd_Y0I11`Qt?3A2E*%Oto4!NcYR6R=Xp zKn`1n!27x#M|h&>&4RERUC*dtn#0(GGd`4L1VQV9oWj!V8fmGU2c)N9Fdyu-vROg$ z%iI(Dr`Yg{IUW5UuOJoWL(b7NnUQv+?BQ!$l`S1V7hG?AmTfAe14~35XIhHxd3S1l z$1MX$9}nx(=L8zwVI`GJW0k$|;`#K&u%~>oa%x1$W@(Ho)rZ{T+;@XY2GM5Bh&FEK ziyM$hQLk?0ugMU&Oq5<8pCH-Q% zVC><3SW0?1C1)j@QLJ6DYjf=UYsa~4&pS;h?n;~pCiV7m9pRSzOAJ(*IrWjWeM|dt z_i0hkf$e*eSJTpW+L!$olga{ya`0vcQIGf9mx~1?)f^LO`4M^yS`p{}V<$5v&-R?BkRUuji1V|e7oeY4&elQtn`OPTlI0Nv)S-91cx8*tx@%hj&gn(yw;f z@1-wn@VprcS_YF;$ny<1cP)1VmR(xR>dd>s=VAmVT_u4Q-teGS@~cSd#=SBE18vf) z%?brr%O=5NjIISom~G3kW#}3&a}tu$gR7CdxoR6^P$db`FmvibbJf=^yW|l07jOpS z+lYdIm=bF52)HrM=pJl+vis`QtAZGWWQZsen241!0F~C+)K$wlLU}_?lw3)q6}N); z>04SEpp@zYv?06s<2x=&4xq=xlQWexJFr<9IHd4Vs~edueCxzFfX;50p{*Shy$Qr?KRS}v1e~u4FQGGUU+IRL?K1wNCqU{xo1z#W9urU4H)L=b*k(5dP zJ7k6q+iR`h)D2WUu2j*d@D$^ey>i}Dy+Q~*`%K^oay|d12dQ{BPLuy&{Rc=HSLt*K zrNBf%SizZ&aw_j;+Z`GG%dPY29kYO`SnweS1m<$ZP1Q?5a1!IbzptAaE?Gc%m|<^? zIfL|)4*FMROM@+G-T@#c2|}@ZRZvMC4b-e54zN4$lWL{jBf|RGk)K~RA}xagNnN=t zNL^q&TWIXob9;Herh=bqf~W&t@1`g|SeyE#+~kPi?l(!kDql}G=qfjQ44?PXyT6~y zzKexpTB4`Sm{#Fz?s-~!4qv|J4oSISzK})nhS?MVcw37YCVC&%?XaTG(-}N!!JhIx zPXK)h)zPr8yu!-??w#w$#edo@xLs!T{L{xx+sJu3Q;)7H=_=-&A{N)KX3xSquT20q zbM8r7it`08*0axfDN#rq=ocF4U25$D$!-9u%|hqt4bUag+~T?Tv3f4=xa<{~t}e1K z(5;b!=lom%s4uMEOuzU!1Mvv0cviSik9+ScYa9GuQuug`h1KtGqVX_Yj|z(1BAsG_ zl#|VnDVNCrmshqO+J!c#DaPyr>4s!_5ZO-8Zfr2wl=Wxy9L?Uc#5~hQ7Th3X z`Ph+6D|;P%bNHKJC6qaoC7>LbZ*Of2415LA{WUOLbrUGJ;A;vfjG*e}?d~@Le+_-7 zFGL&&lBxfIL>ibaVd7V_c^cDP`Zvd<6d2^Mt7-Cv(XD+vcm!`BDe`ojJJ?vH`s_?C z19$)hP%aub2+4=6yE0tS)~!bSXUfiWVnYYbde2l}DuUxs^DCh!JMC#p>I2vwEcdc5 z%Nc8U$oh*K;^3^xreGp0f7gOyJUgoA06fW=5$jL87i(O|Q!2|c9I z!edw9TBoN%44uJ`54{R8c5g%sEg)#Sr? zx5r$K_TG!AE!zVw}U44<^D`=zMmfFU-(}C!F4?z*AK7f>-BoS z=dB;)v}@=%=X`-ShQ%gXXG6&trBQ?`HSpnE^d4=uN^=$x-U%|jgQF#*S>Q;dd5^-q zdJf>=pV>K&OvQ4S*B*~z*6S$X`|9SsFMMHZd2yI$g=l^PviiX&tt<{z|IjJ)7QbUT z>(j48b>!_}qiL0Llfkvs9GM6Bz*gl&G&O`n1!#g@V;@rhwl_)*H^Hb*egv?4+*cor z_2WX~^nkg$vdN6bg;m4*LZsQgggc$T4$=wSCbgaiSe6&pHmK;k6;-AhV#igD!C12w zr*aG0JK&WkQX|k7;%~5!pY%CO&C!_#v5#`iEYLcvc77a7@j$I;DX! zj6%aL9d{>C#{IY6s&A}`DEGP47->>_T%h98GCI@2UPDRf0&3M3^2)bbS2F%_@A19I zeI$*YMu7>7FjHV!$DgzqqF85GtZR33oq7aAD12`2`G^VBTarkqYhgJx5nuOE-HqYF zu&N+tO4A*0iiBuxR)vl-M@B5?lgl}L;^@+_psgEX(tz)+`r+0%fj43YU5gb*R#d|U zzK-w0qLcTTT831!Lo26UQsF02VX*O-oKXJVTUOz-2hl6ZKpc`%8P-QgpK)t(%V_v2 zXzorls5L9iF=vjhFRG#6SqW<-lmmjafD5L#PZRf`pALH;<=u!lP9aTvyDA1zwe_kA z#B}$_wAQ1-ftRDAQ0T}0GXn%1w)r8Vq=fa9pk!>+R~|7GtNLmiy3A02%(Rba;<_y3)QL+3L%1Y}E}p*k@5)Dw*edxwJGo*>{I=Qe zUEbAX8S3&-_m%Lk)dm5zCoZnlI3#wx_YNpV0`o~Na_?t(tAmztiC(zQEi3)#8w%(C zfvz$(PjR2=PBwxZ(;&YlP|s+hhcGE@_yUV0pS!iIsq1rP!&A(TU7u*O$uM|c|BEY^ z>H(8Zr9RgzB&y)p3q3%Z2^8@iIwpGdif1ioGq$wiHSKYSHHG(srG5=jvXMMMOPc>| zoiM}SD8v*+`R50`s@qoyO{o}!j;B`4vI*{%n+i-zGF#}^tfHSi@W!VW8Vb|HJwI=n z?psW9Tq2z;9T+U#xRDp9m)LzCQvDBN>KghW{VeFz+^R8EA3{&Gleb#Bq8HiUzFXQG z1nM~zri^c_=gLpfrtEfYHvCM(M3rTaU@j2l`#H0u&*H$E*#@q+OTD=}-RdIMIwk-j z;rOZGr6~Rs*xytA)9$g+^jzOdW5A-gy&FHxgS44TH(XNqsc}J>ZA*7@iSh$6#*o-# zPz8?VQ@1wesqFB3^-GqR~mbQAdsYM|7`q4Hd4CCOBLrF=^#yJ$az zC0tvmp}p?)$e@`pxVd%}FiE%#AYPjBQ&40T>*nrIwyEX4uSj?h)oL9+@l)UVV_=$i zZS%Wv8yQ&2wJ!+Y$qFk!vZqh0EyGFk>N}2W2xQ`rD*x|(EvKjcWQw*5IUPTqHEIG% z<)-IFlq1y?+^Ve!y9axM*Pldmhx+$1;k^!uc`GtIK$g17s&KGu+Ms4 zQ^%=i-%7#NUzBSm{OF{7obIhs)s#zNzwK?I^J%bBWA*s$WecZga?z%}Ev=zPW;)a~ zSj{+9?A-G5Um??HMhM&9HN-y#e>_`B6wMMQfpgqdmNSvBu_eRzWiRv$XudoV;m&IAdRi7<=m4#UN3z)mEl6;gv1F> zY1;5kQ?sQfz2IZCww!VE@>(8ET1iO62KP7y{Ofb}5e5rp#Eu_Wc}7CP)aq?GDU)0&t zM;9oI<}79pC)$~^bZiNwft3VrAeoIj=uq z0PS1Am~pf)RGt@kOQ>{NFI&-O=;lz>;cQI?mA&XgV>H#i4o+V!5&I`;doD5=u}y)G z4|{eokK#P-BN5Gx+tDRHTVI*`QwHvvVZEB)aSC{IEeCgj2`}RXAHrtIH-?{_PWR!(W6DVds7Q@p}A5 zEko@mh>Qrq1@V)%JwA?5CRHHhbW~$Nm5S00(TWFFOJNLY=#9|L?!;jyOs9x9@(0!X2$H0cr;1mUcTL0T+Q60RT*j z*!JzcyM576YqxL!K)mbkCPWOW@C5))qHQi;yb!V#kd;; z5pwHi&wb$$;RR1lBKD42irQcj|9W>#a7yI%nU{|*V=RLnilV+*At&^Q^uNe_aTy8- zUmP4*3-L$s7W3tLtO^;ABruTy0RgCbU3`6vGYQY1FVET!05qNu5(d1xEGz=J@l51* zK!v2}LBKT?$>V@mSC!2H<{8$pfY>uH0YZSAC;$720~$gCb}iaOpUf2k9J%zL1czIc z&7nItoR)JOchUKWN2$w6p{w@L*r%Gh~U>A#2YpZWjD@((!w6QlfpOR-eN zF4n_;Ctim3mUU;a>Yd*?h(Bv3bgJijW=mD3VT?N7?3@~o@6gBTKis%q8ae~{t@p4I z;n3nrpX9gYfwa&Q4x`>b!|fl+#?YFp8K0{leghx2ZU=RVg}2w2Wxl0cm3=ev=z!mj zv8%zNmGI>b?*frK41j)e5qA!EA?g_{mVxk3E}F!mcP4@sV6nB-v-&%m&kQ%WS|&Tx zu`YgHs|W^Rqh%7VM$v~M{)5Qw8n3B><{F`+9HMS<@DQyvMTIaT?iEjCtQD52W(g@LiXNHl$xRHnw zti$|SKf_>ECczsL5Sn9TzCU*J&N>FBGo`x^JBTS9u>$4NcUsEiRy0o0U@2r4*Jw(= zsc+3@jVWib0YCkCrKU-McIR9v zYkXu!fHS%*1MjQFruKSiqRC!1k;_k|(jKJCxc%v5HpXId83~gYm>?&?6yj_vpE9fzq`%F+)f;H-@&g68xRt(y~6FHeDNK=XJz8hJpws%Yh3J z{G7?n+Q!fUYCCjom25Olg)L0is^%jOlRP;^Q!afZa*TgdwG!|$eE0%)R;nJ=%MR$D znmR1{gJ;2VrpjMEr(??hG(jb0KEV25W9zJv z?Z#HVTAtUs*@SpvqY`g+wqWLg=XqH{n`wZ1OaYg8ro&$W^}=k-TW4JHenb;&RV*2v z3&86zXfV4qqapnMRlML8@SqwR)i#auAzqQk=f%(qN;J$U6N84-nXM9&4VT%e4+-#< zohDyl#6-RlCNOf}26dVC*@jc_eXu5Xh0z|M2b1Vu11az@ zOStiRpCW$+9+&2^;W{=`J=2$h`LwUx3*B^@JgR>MvF~Ykq>%T+oK}1Y?`FLKE|4D# z4@dkg=8n$G$d!%jgb1he2ubJ=!<9=uj2EV#6)v8)?^b$`VO%JMr%oCZMVz)gGTnmu zG`aGxoK3k9OQp+ZT6oHKSX@=#k`q&?6c}5d%y)$&@!N@3;E%2Y`d9pp-U>To9XpWF zvOX416Ue|NWBem$`W3jpa-E4oCru-$*_LXZhhxQ>eko`ic~lN(?_2 zo-A7S%OyQfVL?-mHs+?>xoXta4-3vy-}z#kkjZ`tc#v~56%aR$h6b-aZ7X0%^aHD> zUOc$)M4I_wueb5pTqtwA9cubC1dxn-T<5c997IZBK-^z@$($5Ixd`HpY76!rTlqCY z3wfb+jyC2hoSw2tetf=)x8}%Ia5R2RU(WMeE!c%~yykSs(gmi&H#a0$SJrCidoa?R-Xfo3+Ul1O+_N{s*4< zWsY`pb8Tnfo7@h(%d>H@{TBgRFL>$tVhX2gAKS$|dXg}+Yd)$(?K%%fVuYkY{6FX@ z0%NoK5;W6r*A6QNk|E3FTrORa(&?ssxnGQ!=)*K$@ckFwkZ6zC?r65uD_8TYoU|X) zOa>s}EjaZ1pmdq})B}M}*XmO$)e(rePfOx|jG*8s)9Uoo6zsmmjovYmuf-xIOz-Q}|P?{#G~@q2--AToN|q zt(rJxycJra+3C}TKxxG&uadQEy)5bI=U7XcMmk>WL%q-@bdakJdDMXlh|c9Q}tz zrXhc8Xetc3;`Vh=S;+kj^SU2+hg{n)KfY+-4MvXzUDqi}2Ne7)AD=p(A(%9b0rD55 z>Y2`*#i5z0b!||$5piUMHrV=B`@`>P1k?<7Y;!WVrJh#`KSi}h`hz!q$kw;jzuh)$ z*mkIHfoKXun=x2GVnp(8+#kDe@jt`%e~oJYwJf|n8*M|%FNXtGi#UY&h{4# z^;b66DAxtXI;B#E)jB`4{ULc=^ylHr!k1MB{t~ip`#}-;k#>_hNBB#Kw-FzHn8y;C z$hRo^yrdkWh}25}=Mv4ma@72JPbf0H0<2+*g*)DE7$fh|&%}7!60F}kk<45-izr~r zf;f$_J&MQIkF-dLp*#e|ABbnZzDaJ1Og6@KXWK4K0OcQLLTnw;;rXjpPBb)hClyj0 zSYAcx?#y_$Q{afzlv?12P*OL}TN8}h>{IJdMbBZ5Xc;urjyETpe6*;G>ps*sUXt{6 zRk5OSI?Kxlqq#C0EkVyD9`M?!=$TY8H~Wwtr#Yh4M;DQhxvM`(5-rlIgTvd)VmFH{3c8gukYNb)mfAhX0MzPqhhT5# zn5?3M5!^$pCb-3XVX@9v&O#$yphgdmC_%F5*3y@3K(FEn#}`Pwtn0h@LlW6LGaW>4g$%qRe94O;9HvgAtRso_TGQOHKZbQbcOX zS9+a;Y4Zv&qlEC0%YvdUY^@PytFhYuXy+dvSrsoZvaZ09X zUMM~o@Wb_!(w+(OFihav3aK%cIkCEb`9c)@y zAfZ`3j}D`MCYn(**|5K5ETde47XkK-Kd!2l+US``hh9&H5Z!|;G6sICWQX1+*;E}Z zFeX1f{M+Cc1zFV(p&sitGY#O6I!h&ArQI?84mhTzIo5)zXO{>$*Z$KVsxIA?)Jkm} zA9WflZ?er?S*aYxI-`=F!aS}}RL`@ijdN1OcANRNxP%fDV9_+kwP?j9D(p05PQ$Mr z?3nP5bpS`HqEx^=w4g5SIHa-(k3` z0Uub9$*^s`Ri=Hl#CQM5Jri~%FPh*mEPbQ502DL7K=E5iU(}Y?E3LH<1B2S)3FdQy zFB>$!ddxJQ3wue)TX~-}`l$}(;dDhnp|hB$h<%OY-3F6|&#jVRln`k9I@B`f`z8sZ zxjNWXx?qvtwv~pF&mAP;wx|3&E>RYAiVF)_Z_Whd10FTMzu%e|f><{QJM^q>@7tUs zbU~EPqLg7~?|{sFT6-XI;?vK?7tpI}F)ub(iB_(QbN#4*;30`gkAhxo+sq_eGdhmEBa1bNbNoPXTiprtZ}W> zKt@tq?VFX5Fw~7XPs!tF(lyV%#JUQ1_L>WSI(ohp1fx)ea}3F zkJ3_Dq=w|D$k1k}0>5NDvUt@a$%DGg=FznU!8La&NbcT7C{J-2K9I*4rwRhs1m$&T z8?wRb&=iuX&0?0vlT3l9(5r;McF!+$by**$V7$QqO2K9^50F+8KJ!HKILcUt`nM;; zI>6W?=t4@I;A&`M45qoeTgTz|+q@2F3*E~7oyeU)Xim%X;16`0vH*XaNOsEZ;h-lj zCO^mGq}IM=ImD)L`re%iM_I=PB#K1Q1S|$^4uJ{ABJ;IhxKAoVo=JWq773=Qr~kAm zc`fpzMc_Segmag?weh3=3#(a2b6m3m)n;308rIGC6BbK3+Q_#M4c&F|sXZ4m4^Y5J zI_COJ=1UPO=b~Ur!7SA{cr|AZTct9W#jqtGvEZ^Lvu&s7*@G z9_eyEoV2^cHBi&|?K_j$L8s|FEtv42gN?)5K~roSM%ufAYfZTh#G09A%^csJPb<X zs5(~D5$17Boxb&gH!4!meGO~20w(LJx0pgH*pZgeF}0PRIf%+QCIfq(Q~O1(NKwis zpLnIxEV;$I);PHD-n5XaO%K04OSQB4n;x$VThs1<;tDv3dbQ4zLTb=(VsFW)obC|5 z#AFXr^PEk&Z6~%vub7LLq2HMu!YZjU8|;z-&YB90{ffve@y4z!;Ghn{L96Bcr^TIn zCw@w4dmSOo)giIsh7S@fKiEiPf=`wvzH#-O6MmsMf>p|EezTBgqe&T+bJB3UG_#?6 z^l2+%8VQBWO|i8qft%^x5?N_ zA^!Eu?0{=S@y239Q5^`Z^P@)7E#QKJpM1+TZ->}GV+7^0R})VDM@-swYc$xS4LqA2 zp|iGBB=@Ll29Xpz*|y<}NX3<7mN(br*!B&+RG}xI z=GN?5+mepkC{(|1=GB=N$AQC(Yp!i*i2enAG*w1#^0$fIg9NhkA)!T2Z5>iI<|dU% zWk69-aD{v_1)nWaq3PQ5Sl0Da<6d)0nWp2CF9{ncWiqJ;hC}h^P2XB3dCI#fw#K=Q z6>K;p)=!nCSlq)Ea>^GY+2=$*LSaP04w)b9xvp0Vd)jJz1%>eQq-5WZkS4F#H(Vc6 zlMWd#+@xOf&WD`)ZO?cn-~5#V=peXqHH&$wmK|EP8dG5f$;$9DB2T@fH1NH{s++^r zkw8MP4Q12=uX}@WxtA+x$1`z)#h=v_qQPPvv9UWpL@G2mx+`; zGUiNU!FhlYs~5;%-doMU*`XqIhHi1fIy^e`x|QVEov2Gz~n5ChK0RLhqRanRW@*dWQu zGC_=m=*OL^ZnxkO%F9o7Q2YYbF9hBEvxfmqP-j9aj}H(GH#;KVS!uz$*HX@ z7rGYrA`02M1?^Z{c!$N==nRpMW4Ss`%hr$A7urwN!nol{NEg#;VmHS6*!r=?^{qsx z8@I&HyD6*NsLeYeiv1NdObDBDROuWoP{PEPiPeDKLxoe>3u4$E!?)D2up?-1U*RPB zAsCctAM7J6w+#8vbW>Hv1GTD>t)~?|efMne){9@1u_8j%?r!W$U=F6I^?H5cOHG@d zC8>h#^WNVsmSpRh!4|GapWdj~JCp`xWn?8j4rznBki{*7&^q5Own=pOPJ=-?<&wu` zUSjrnu^$tgjnKmpT!RUy4Rz-Px$3!9xwhdJ#}~SP@#@^mLR&n|$7>p%%OouyOL;Js zb>HJDduUdkv;wuO#msLF)_jOUHnRW3h(fiKZML#PAhRda3KUtcwbMJ*2Bwn%eo&3M z(yt8A!=vw9Jn#{{8c0#<;;c zL+U(L4+1aGnF6*=VUUS2?+opi%CV<1`6IKQ!LrG22c;};Bs+|Z`8?<&ZB5)~@9%zP zcBP-4-l($_uS7{*l?h|fZPHR1kdQv3!2RnJD-<7jzwLb0C$n;6>Dpfhj4=EEM*}rN5;dB%Lv&R#S>!$ugA0ETp~%8 zR(aa)KJt*rz=QP@i#M+bd;Uph-tPA_mgd}k#TCg$-b0T*HhSq|(gTLa8QtNpZH-+Cg0MRy5e>tH-N_f^Av@yT`a_(_eG5L zYv1=Tg>D&sYYLO}-ICP-Ouzdy+=s&;6pcjx9m>_c)vVVZ+~|7gmcrX^`GjlNv>;xX zWZD>AS&@z=wVF0X*gs2D4{y#`RUc&d=oc%Ln)n%OgqeEjI`29sm#Xms?ZlLjm~gvc ziQ1r@2F!4B{cd~%h8CHrR;nd}?s$09Qr*l}4P|0WBMG8^c^ygE`$_8p5u1cPPS_jG z{|l(MViY);?r~&fi_$uc@BWxSCM*3_YssB^DMyY$+MvsRaT;U0sdi$TmD$bc-a6Pu zE*5APdzVu0>aOJv&vX2aAnJ*#V(v#gn@gSG8Ne28W{1|Y*g#oz8GK3M6IjJ|^I{zyySKtqG7Z5G##Vl0X_IFc5ydiQi#E>cX^KS+ zhP5%)4wI9!!x^WOff{;37k0VzbAyCU?Irzk0e-_HTdu#lGeVM!Or5Q+@+^$7iH}Dc z9P-tITqM5@I3IG7JRYi35F?zP=+<`U+1@W1FU1;oO`Hjve`gd_%#faWpj_E_o?6I| z9dXig+f@5hddC6fGOuYWB)-vT1j?<*6;UE>3CPMBs`(n?)vk;naH-n(*#|A_-}B-8 zr9mjglmB}9Z*|<0Megj-rDeDbUme)O6wGAO$L*>N)Gffn>P;m+pm=bDtpHkEaX9Gg zFc}&4+>bDOk|a`7T{D0Xl3A2Yjh@G02MU}2T+EoyZky}ICt}igMmBQpn3+O7xDO}@ zyneBJ^gCy9+;1y9S|C84{g4KDkhrv<+}Rwfni%L}>h@!A6VgDm)$*DKt**)-tJcae z#Kl2bdM)U?!&>NXX_v~%gX(_TKeMG8@~3aDrpz?ius=UOIl1oj@U!0{WJNkGXtPZ> zW?yznfMk4TrHie1s-E-fc5HtJFx6KO?yd**kWu^(Jmu`<)&kl#t9tid&}jf%FiFIw z<*Qe#1*R#dd?AyYLUwH?5SiG{C;ENM_wtHvr#Zyd;8xd~CbS1-dILn?FQxD%)h=Bx z$_3P~>ps89VrbcvLhmoyuEll;>ei;2S2Iw1ameOdF5}$Nak&jq^l(GXG({JflE1GY2*HBB!Ft8d1O2wO*L*1DVv?fKVfA9)jpLh8o42i-#EhUUO6rx z?#UjcfE=MS*O8)sNH;<55!@33UlmLap8@}2@h`w1cCSAHoD>XyzXj|S4F8`OxqGfV z@7mKWWKS?$qawFExF(gKh*oVbmX+;X(9%LN zrO%ywYx7g2)pTR`8+{3(2ikJk0D@FFx5FbPU#b`9;!2|Lyp4oyAsp}tKlSEgd(&O) zRxZ0ym+X{FXPaHFg?(eMao%VLuOgZwIQLyiJ()xR)6s|LU|9)qY)V`v_e`DwZ=Yv1 zQ_9|pAxcYRBd^D7h`@{TV%-|sNs6VuYkDwf>|SvlAb3`W8WMG(PpnMBqOyFp-<#Hv zUdR)9lXAtv$lq-B z@9T1XA!NvKb@_X0KxuCmw{D>t&P0*N!WxIib`{?N2<++oG@p!hUHVIHY;E~4R(~Y` zB`4VbGL;&DQzo?(&FTRtgkJzHQrZ^f?g*->=$^h_S)Q2e1I_~93J+R5=>Oo#8Sv~Q zNQ{j$xw5PgB|)d@6~@vGEam&ca7E|g=hrt+-wCLmwOVnBF`3kOvBGz*oYno9_l^$z zFlCNxL{y&W6i_0ot)s)Z^k?Vxq7(izR$iXxz{8Cm<(}U9d%m3m&jt<+MKBvdhv^OL zDa7P)O!x6|$7tu6``SIbvyMKP-FnPA8|yr^W2Y#JT-o3Y1oSPO2j>Z-EPNJ>HbFjB zbeBt6VMdc`nY*7$`)~9^!mYmbbj(V+Zn%zD|i)ZR7D~r^_82bcW`0wPKp3Nih@>4pV`mjR2`0L9QrONWF4f zxxPKbO1^!?Ph2;2CyVTyw~1Z2r1aAwX)s4Ca``;Ww;{s3XRy1%Yk52b5`++onUlqh zNF1QHBoL3oehfFbp4eKREKd6VGxBs-BgVg~5$eqTZBA>l$)gOk*x{_P&O>T}8yeN6 zdJxIe8h6I-X_dhiA~(gccSN*b4r!P?Qh(Wt`%3JfIhi1{nIUzM2^QIlOl~Qo510|M zc=64VOX{NYtu_?aXsh`#)-2LWrK zv`S|ufDSENd6C?yHuBlrV>8rlX* zEnfHmGHx3RTWih4!gYSF)EVPiG$tOeyWHbzccfGWx~9=7xe)6{B^etw&!W+`cXgAo z;qBgRGt|a<+T74yUX`PppBKZiih7d~s^`NB;i<+zovn>`VDssE{zy(z6(brxNZHMl z)aThWJRtj3n=@J;BU^3sU|milk-7-Jp&s!~{3X+5;{cLjxmqS%yNi>5BTTf`@y(0+8x#^x)g74QS3&ZSoA&&uN&W9Do2+cXy;L zMh%8%YPq?SoSt)G<&EV8&Z}^lCw!Sc^={Q_}NDZ4oNQWBAF|K_g`BK+%?k0sD!akj8xRw zA<9Y$fny;foX_F&7~Hu})#ABdK2`r>uI7SVkgYqs`+Cd4*=Dtz+=XVMRc>%Z= z;Ron}2_sc`Ey(^*)j&@m9`4=+n2P?tw*u?zV)WA&XI{s6fY`8DsgyP@QQPi=%h;88l_KUD+^}gdr)u?BiZQEWk z8mB_LMQReBhUH8E;1alsK6#I!l+|*v)rPIx-R}9YhV}e&N{@1vkEi%jE&pL#7lzEs zckdlqQ*yj8CwC^@(=Niaq zb{Dp~3Quv`#gB%AgEt(|p{MU+9S`-IUanrf;jddL`{ea4Fp{RLzomC+_?EabKihYC zM|T`=T1Cm?>UQ1%Zz~Lq1S4k#5N|LC8Mrcu!k9~CQ9ZA~wQsyn!~e(x&_`FR_FE5O zC<&#g#{rndEQ%Qao*t{AR+dZm)CR}$mpE@?R+}PkPkMnhKBA#~mbq7UuR?ejjvY@G zA$->uKeiRKAX_Rv;CggSfx~-tS(*_+>nL;K5mc_RAF`&OG5#(8)^nxpjCp-knl%2` zYSRc#iWhk2+=avHQ*WnHyTiX8A4O){WMwA0pt6i~n4J!&lM8bzj=`=Q^h(q{<-ghb zjNNC=_n79F(5IDaPN{;G2G5_D3Hzu^i2os0D_3u|8j*7AlM9fn}Pgidj!sN*`tH z$@r8RLv&lkkAxGP%BUAhJk%olV=X(-xv~`XY_Y?Al5rTGAIqEu(%}3BF>+@S-x}@@ z+C8d>q~kvaS#K|;k5s@`_D1FYPci8AnEU)&W^-Kj^l4c8(!4vPDE3hTvMA}1lkaqv z1=1A!^a#WB;z<1!+Kuawv5AjI6>T;?gM*jjqtBB^L`vfDCHqFBef-`qGeISuO0T%< zq9NSm@R*Zgvf9Myf zL|66pzBtDR2pa3|*gXuX$hS?r(fQ&C+BEBVO_nyh7HobFEE6h&?*Rc<&^??%l#Qyy zqWdij&$y*sds)f^p*(BtyXH$~WkzgCy+=~d=%5yvr^?#y?MaFQV5%_&MFCk0#Jfgx zyHCXGCUd5qbNkN2{D`*v2(=9>3QrsV+?qc&QPTe|qG&aMJGVQo+$M-H{K17{r zfxx};l;mdMfxR|IbHT{Ry(I}%pztjs;jT7I*r zYcecPwFo8~2tOIRj+|*c2@WPmPljUStN4^M?9k5T(#O<$QO4dtVFo^SdtoTcFTt3U~?ONB?Tj*hGcMsj(90LaIz zRgFeB^XAuL4V_rmmpZFsN@qZRKY&3L59|e_UPF$y!6gGVsA)`8ucZ1pus;@amS4Gl zNTXVmK{-)(4OH?LkQ~jmWW~yi#Qh<X(Zj8K^j_Wp!+y6r!h$+|K zeV`~U#g@)yg64xpHqyrv`4=~-sq<=m%?jY#XO%*5xZ0|cB#DvpJ+jYIvF#F+nKH9H`{M6XDR$au4xVO7nKc0{)SzP`-P z;F7ukD+U`kvLF%8xdYuUQM;J*aq4mG)*cmox9aIYw-I}6f3snL)t=x`xLLCd0-eaCaut(6lX zeF~q}jmo{V0#bty&U*kq`px_BnwQHN=~5KQ4V~g)Wd^SQV08uN;?p$oyD9r*!wH=6 zp*8ZNFUXJIF>?l;J_LEELmg4g1Z1PJ;pNPVm%TJ6G`wge+P!lDbhjGSTIIhwiQUc7 zMWOpS*DP=2tJ{j`F*o>UihFlgWw{?fCyLnZM`Tr5G?cIDkB?(MG*%S(7pP&OU?d91 z^8o2pKf~r{){tXm>j?q+5JR_-*^q#=cGlo$l8zJgy$^-N_W;z_mXK^K?H2M+@ckFKMW^G=6t}7OEfqqa$7?dER_b3f}T!mMu*jq z@VefXgC&ZppfKG6go0AVILtXOQ+D%E?1M|rB`>1~U*X}!ieL)23e-zclN%YE(G3sh z>yUjMd#3x1M>}6cg;H#cX=;_gE&qK74kco7~|b zHs!Ap7s>4u#utDJXwR2(e;%gv;u@CtB^EMVFnegvPzhcTFInQOsQ8x1#_{*e9lNzX zHrw7(kAM48TIu$PKJm?Bl8n*m4#OzSjULi@sL*yd;R;-}nc7sA_`CWrO zGg#kAPHMD|F;$!~*jCmw8K>Q}Z09)_zz3dW0zb<4nb#g8 z{%(*vlE#=an(qNNXiVy-tmiMt?Ev}!eT36BIpyVmh`UMBLP=1!YR7MuaRdPQWqozT z)fNw=SzUO9$SLqu@V2_KLdk1E8PSulI14@z&@Xpng7B{}yKsS`-WFJ2F8=+e?kfKM z^O&;GYr+tI(@){X``=mE?Rt^SkWWXHLO(i5b#o1La$nT*AG>H*)q?ypneNlwtva{r z7OvhD?Vujo#P@c$AIx89sG`{X!d5fqs^AuGIY^IC@Exoei$ltQ8lu=SC;h1Imxj)U za6Y`jK*o$0=93^ngRE)Z0r!9rF_!;I<&>xU;hn}e@epJ7>#=|zY);h8v9!gQ0$D0z z>_AOy0rWn>$-}HZPwvPkX>Z$AEIV~z99n^Y%vy?4hKHB`3{y2Ih8GJ`w zXfQ)KHqg?(o~6MF-}3QK8#b>sZ$6NiTL1Sy`Bby1Ue;23_%t@bm_`p^%^BV;Z~1(t zG2q$)KSO`BAK_@uo&+hmWpN7p z;>PA|T%Co^mHzsWId|B?%j`4XLWn&d;r_ZO%yT+0e*H?l!!m2#7LRVY4I0Mkyixym z7URF3#pTf+u;zP}!uY?cE>+JOMo}5h)Z6Ex$&DYGVOz03-Y;}tmC?D8gEfe;Lak%X znOo?YN!S+5UB=s8dy9P+uTPcgj)jYF9e8r`>Q{i4#oseVUq}+OXT&uI1HZod)@S7M z`MRk{(uoTi?}~?(noXf*n+%Cj^;@pleo6m`6rZ5WyUZK{sc!?TrX?SJ%_o*pTFi9i zM&X3?vuxQTY?V8<#cy9pZbgf@Ng?VUo8@mdbV$Bu5#)yqxHrC>4Dip;eB4_fGIdgC zjIUb4T_d7P^loKgHFmaK*k(Gdl4+?cQ4umPLyEVx$Gd7NK^9USK$E1PYj8o;Aag5+ zs>U@L$=!*?$_Dc(z`2Ga^y5OFgEvzi@{92^3f#pH1PKKN${SE~LcGY$(t7MzTEL0d z2uPUI%bed$&-Ps?!rhXRh`^Fw-i(2gUancTyfsS1LX5QxN|TSr30my`n;@N|s;M+Od&Xi^@&(`D2yYse z6Ej{pf66?Ske=0;^%xpQV=fT?VgDnf>RAh}ZLzA@!T6)$9X>EKSjkJ?4;3Ubsg#x}KI5oF(}} z*e5(dcmPJGkbgg3NVzzsSL|CdR^>YIYWXd+j?}&?-&b7ekdbp6Nv(ZP*rcSeWrq|C z?#c`K)e6h^JvWkTzvM~3;LkBSPn>*iR2e#&065Wk$5v{ooeeE@imqVUjM2f;W5{V+ zV%Ss@IM}vDwYjSyA;u#!llg$~s5(()>-LUX>aQp>|FsXiP)Arq)@r&IK5vXRveTJE z!mZFte4kILnH7#CQ*`7>@ctEfN7Q0H%NdkJh zP^66@bN1^H2bK$p&?_% zQAWl!{~`5i?)Z|oKOq-1A)A`fSyE0x-2|87kI&eL6hW-T?DQn$54_=z-f;UKS zi==$~QS}cp7wRKc*NGErvT`R5NyXc?g2^l@Fe?-K)H@M-&S ziUuqd5rie?>mMjHLRW2GjdE)GZBftP<4ixP!E;^r?H`moK#^Q41fE(6g-k*=2`7%m zq)!Hg^!v<*Tb=wX+Lnv7JA*%|&;Ee9A{g!`l8k&lwL%YxOYyTM9c(@7 z-R+w#)Pi^x=fUcHe|Nn{c86svFLf$MSu@JA+HWuI{oG?g)G1Ze5b!dKKV#UgIj)2)pqVzOZ9di=S_EqmGVSSFfH!3r@VMP6BnBy z+2lU=-fBJS^%!p>CxJnlqc<$kIxnYsv$OK-%yn$2`Z6NQ%L(lR&qB$;enf-y6nDA9 zgxMZ5gfHRcgW1V_E=g7dc+DGE>_RQE{T1Vxg^p|yFKwW-)k4urv{^rndj9lSm!t-z zKga7aKC{vk5wqo>K(X8*p)D1Bzk5cU-t&NJcJ@C#IJElzFI~F-QV{Zgagn$gQugk_ z6Pu;8^9C?%9hb+IxLaM)=u2%OE&%h?XWRCx$#0~8bH65CfNOY15gG3aNzK?R^rZ4p zGkAL=4w`#a(*6n!U`>?A^4Yj-s1H6ChOt#8+m>EYMlD z8Lfk)(AfA3;eu9@=sZ$KxjZDuV2A)W6?QC-DT+O`NSIGyUn})hIZ&jZI-O3ov*TUA z=9RCXHfmg;5P59n$nEeC=FrD9&1djF-J6vqWcI3 zgue7l&dB#c4ZkavPsAJ?*Ya{qd7&wMy#@X`BN^Qk*7pYW{V}b6r3IQuelzeE&0Gp) zH++D?RQe<2=;N2=sYSfvw2{hfmuVy5 z?Nc-E&HLdmx}7iM2@{GxH|9?Vh=_j-#<&u$jHJ*Lp*u#Did8!!SwlBeb8ri=lzhX8 zUEc)pnAK8)mL)Mw7N+DHMq%%!UFtFTcW{d=kUz}*kkA*;shuz+wYVE$qP3KP$ML^jFXA)6UOAMyp@zzgP_22TO=~l)Q@4ahnm(T5yV$ zt=syPgqcip6D4T*VpfXL>Ck1^v9z_@2!kd2y+WVwtMi{nVFWsWZc5JhWGjEj;OHG~ zZnRP_DGbg5o!k1l+prIGmVBOzof=pCX|CsgvM6}rDtUN~9uG71I0PW1 zQ|vHeAN^1)*!a%J;uve}UzBL_$U7eAA99(uDLuoGWCNV36rb{M(Lvb|e8ra!VG+$C zGrq0dpDq;1hrP{|uwxJ*q2d5__{+SAG=~O=Pge#@!7K zYX2qlz*^9i_Ro{)v&4RO&Ui6txkHAJ1%}n(jpw|pzQXnieOdJLLCz?U71qPz>18$2 z0X;FuCWMesM(fE4;$H$ZLx%K!2gKq3)DM1MN?F7(b;|Lk8Km=hs=itJ3Z+`EkV7Fn z3|H(mTR^8uE0hM9lFN1k0P_kzrYsUg${WM)5S1x^wgzv9{s+UMa-X0Jj=dvo-&(L7 zCU95u<4OBr_9lg!B>36fYqMc@azh|Rk5`fyb4~&IK?l0!kCtnkgv z2pA>|tpoc0bm9!2g))CV%mWzrIfK9o7vL0~rm}rwa_L0?%$=9&Qvi$;YIk#e?D3yN zIxsBrV;E9UzCB2?GWC@+Xs^_Fj<(TL6Wm-_tcq!S5H@EkG6$|Pf6}r~^<8Tu<>LE~ z=GVYgrOLOFB1+>-Hl)MZXBzpM3OANK!grr9a~q zGN;-yGT6_31v*B_V6ee|@H-nP!k|c}+qyclEp2k6qNtA0gy68GDiWNS@6;nmXrQI) zIuyU7OHci>1?-_~pzi@<7jB=Hmp5||zp4rf6T_@zY!nwzZuWxO5`G&0lCvQE8Y7ntBx)6p9p|S+|pXe z_MDPzYFW_L*c|o}m;;m`D9#=&y_hiB_Fc{v&?jEBFzu*Yx{*#dA96mnVxFKZcpcD0 zz?8nhu-tLMb0eg#^B+_9YlglB2yCOxdK-7aeh8jz2UIHE%V730t9?`HVX&8dj&{bJ ziXiqCDpPM3t@1V5<>VGZBj(UFjAQ^)imWV5NZ_n7x7gwJmakj!!c~g#&wmKhaDnY$!nIqg2eT7rxQCr z+^0BN11y6T6M(+F1a?y0{!yta+o)~KCLJ-@*W3JT@x}x|)E_w~pKiE4l{W_P*h;Zl zZ3;em6lddiqZ>FI`w{gn$o*p+I7bg2h)C$<#I{w!lN>$GK}E5mQY*OdH}?EHY*XN1 zgXI;uzLZ~rSNknfVBO#E%NzLT>MO{uojM1mBaddQ)F-@DJYU-4G150NDtA6{E=4ah zdwsIxDKQ26P}<)R05CRmOEqi%1ax;rX!M4Ia~zAk3%rxZ?lE@DV{daM&kgr!2ebd7 zwE$0Pyu{E?dcu{!c_y*~u-fqdGF-zT=A-VE#qv0;T-hanVjtIk``)`JJK`TcnA;{K zv-ygIQnDf;Z2_wnxZTq%vOQgXu>{Uish#z;?+>rm_;16Lmx zZA%eAVYGJ<4i2iq+fdr-d^Wi(D-20^_~5rvap7B)RAl@*&tPgOD!&L&X#OxX`)ck@ zdE0p6th79!&!q#fqk7d-LG)}w-O4I7#MMw2{=K@oT%bEIUxieO6-;dAYIus8vQ5Fk z z;pB*OrvP*}smD_*&5Na6#?MwX3Db4)+-cQ^3Y@Oiv4(DNhZ&|BH7mB)0Se;A?hV`ZR{YmNmQP#=Kn+iGhItlH1y=;RbJ&W*u)Mg1TIo$Em z@OHS`%PLZ$l{fsntUw{Bn=&cT^}(7s<^oONgckh@01+ZbVsrl$xSA;eNNg@kK6=i^ zKwvI|{|bhE;QId`aC>0W_U7o1b;CM8~SUv*>B%*PLyG?iE3X^}(Ve`u=i8ZKe# z&9~pb#^Im_C*O#>7fz|ksq)n?Z!F+#^1M1ni1wFU3jW43!Sx}?j+!98-fdkp7&&9s z^yovVa(zl*R^r54k2Q7L39)iEn;`ccT{<|qD*^i|i2X6M`(Z!zT}e01LPUXSubGXN z<_lSQ`R_LO7o!|68pxP;PY!i(Ln|`B>$%+!$n7NQ4aQiI+~={hLG6Kl9q{Z7QPohw zIWSuMtWH^p*4cQ4s8b?jg_(Lvx9Si|PGh0A4Hi823gG^~>Yn)FpW-{(} zPr3G6zJFhBeCHHMQDLlYV~w$&d-7_r5{3^04x;;9*M7T6kf?t5`zF~QVIdtl#cz*I z+G{TLLVeaA_iqsn%LK3v?_fR)X;5USEbm4dp^%`n(yasvoyFWb{M^DW;8G7J2>Ajy zGz7;&i?r@flP)&c`9PFBi?+Ajk6-E418u7NM-OamkW2O2bxI%*qt>i;_DbQ#-nq%p zrGCn%5m~?NHuV!50deYVN&+96vE2c^^#2lA4ZBO!?!0LjHUISBLC()EU74Mjkzd3FkI_`$3JrChjAW6O5a_7y%Qf zXD7xdq{rt@s#>69hRr=1Wk4lxCC94v-HwbV;7D%)#qMxt@r;2~)^1bGtF^5jx$$^2 z5~rq8HpMCDdUH%J}^I$jU5)3M#M0RR?2DDMJmG zukV+&ZrgYF2UTZ;89LrrNDk1NT_#yE;}+uI*Z~{=7RHz2hCgn{tIQgzC_7cozAZTcO!QkWC~&`~RMP-x7P2vOQ3l!5kl68!3`@y(U2nRvGl$ZrVH%2b=`;@1`ys zzeLkZdVkN)>(U9AnXK&}3=IQ%Rx%%&sV(9@^Pf|9>P*6zg=|_fEK_Lz^AjQRUIWsS zj<@cF4dkU%7UUjF{AxLRX%wJPUrC(cq;Av?DW1QqDra#l2=zVBI(iT|*PW7dUw6)& zi*8--*7eWHqPD5af2#?ec20`_eos-!u4(sqO=^$l9ZPwl#wMp6Se95P|A?yME_)jR zsU6IUv55FL?9&1MMxpyDVK(HoYmNEYMqTk6WB3R9kwN|G&N-yn&`zA}X2?Lz!h|yx zeW++lf-JIm_GwKu>L$~LVCwG0lg6FB)YIgaquZCUOvh|pqWKPLW&5IB=`Fx3@9os? z)ojmHWrVpp?iVOdL>?1%3?U12xwV~l>c~=E##mD zk~7)bydLV%5?wzJ4pymosHXA6>`N^>yEYqu!Tqav>bD_b{Q)cG%;g&yH_t}oo3O1@ zT2(%FB+5r1RG9=Q@r7kWHSnqC9~|!$B5KFTRtr*y_6foSDRihOLcuhH$&Flynp}~l zNQb7~_<71el0Y6nI_Bjo?=EPG?JHMk_GxbSaO&8EN6!S#m7aSAv2{HtHi{tS>^w`4 z#XjfB5q?gb#d*1>`bW+9e@uFy;Ij+|q3NXKR8Z*+>!hHow}deZDeRfuRF>LuPUX~Q zk6+g|r{?whmC){15yE9jc=P~uu-d(TtFL#UUL$1W{fn9(uPF*WZm-ymM%kS;M|%6q zdI?Gy|69W1Y0&&X6Bb(m=0xWrMx;dZ>kOYU?CZf0>qqa+z0&(i&efd25%yf`Gdr4~ zY1I`IM}JH(bk(t0dDXiLmsrcVp2Nzj9rl<%G9=G1lr5@s&^^#`s3q{LSRw0Y0Atv) zfsp8Yc9^Jcr^zoTU)rShDC1vRF^tG=r%tYBRY7eAathW|WV==yJ8?RK$fzQJeV%jT z8})N8w#7Vm7*nP`Ng)O$U_f`JUbg-*p9L!*zhDb-+}#OikvFqd784pJF=CDF$*C*i zx(?n_uuQ5bkYr>%=0Qngm9Vq)4LBBJVt_8l|}f$w7}szly!96Ah3D1neF)h zxEA#Kj&AS}?jYlqmt1?E=-f~8^=n@%v)}R#IiLy-emm6K2tmQGUnKl%ukuQUVOaYz zheIbBKnkw9&)+=45TugnsyO0y zDuD$-xT4MT=`s>MkF1n0yJ#)dW^?`7^Gs=A%&`;4ZPK`k4xcUko@?-ium@LQTq=9M z78U_Lz0F!BKi&j}uFr&C>s{6p|)kABjHEjw6}Z!25LS}%yVZw zl*4Mg>%7`R+56+>JAvqe5NnM$sQq&B?eRA)aq* zW9>Ay_167Y@01Fcw(_B^Mhmz#45pnOYit_kWZ=5AZa^eu`wM^YF9%Fba}*%N57)t6|c0%Kh6qm@eqyR+7H{G zY$l;|xjcN5v*zq@P35%YN)LEmc9Rj)y4GAwTA~*dvr4)-{t(K?$;@8bLSfMQU>&;r28jHKQC zzaEHx5B#dASneo<*9l~(faxlD9q`q|4@UPrT%MK$^be)vDaKT00N}4mZVRESex$&J z1&;-3__klIUo25;@mbvzi?VUv;K18k|EK@w5gJ(;=N~-C;uIxL%ts0WV: ``` + +## iSCSI +### Quick Help + +- Fighter connecting to Barbarian: `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --login && sudo mount /dev/sdb1 /mnt/iscsi/barbarian` +- Fighter connecting to Paladin: `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.12:3260" --login && sudo mount /dev/sdb1 /mnt/iscsi/paladin` + +### NOTE: Adding or removing drives +> The drive letter of the iSCSI device will change (e.g. from `/dev/sde` to `/dev/sdb`) if drives are added or removed. This will cause the mount to fail. + +To resolve: +0. Make sure all Docker stacks relying on the iSCSI drive are shut down. +1. Update the `fstab` entry. Edit the `/etc/fstab` file as root, and update the drive letter. +2. Re-mount the drive. Run `sudo mount -a`. + +### Creating the Zvol and iSCSI share in TrueNAS Scale + +1. Navigate to the dataset to use. From the TrueNAS Scale dashboard, open the navigation side panel. Navigate to "Datasets". Select the pool to use (`Tank`). +2. Create the Zvol to use. In the top-left, click "Add Zvol" ([Why not a dataset?](https://www.truenas.com/community/threads/dataset-over-zvol-or-vice-versa.45526/)). Name: `fighter`, Size for this zvol: `8 TiB`. Leave all other settings default. +3. Navigate to the iSCSI share creator. Navigate to "Shares". Open the "Block (iSCSI) Shares Targets" panel. (Optionally, set the base name per [RFC 3721 1.1](https://datatracker.ietf.org/doc/html/rfc3721.html#section-1.1) (`iqn.2020-04.net.jafner`)). +4. Create the iSCSI share. Click the "Wizard" button in the top-right. + a. Create or Choose Block Device. Name: `fighter`, Device: `zvol/Tank/fighter`, Sharing Platform: `Modern OS`. + b. Portal. Portal: `Create New`, Discovery Authentication Method: `NONE`, Discovery Authentication Group: `NONE`, Add listen: `0.0.0.0`. + c. Initiator. Leave blank to allow all hostnames and IPs to initiate. Optionally enter a list IP address(es) or hostname(s) to restrict access to the device. + d. Confirm. Review and Save. +5. Enable iSCSI service at startup. Navigate to System Settings -> Services. If it's not already running, enable the iSCSI service and check the box to "Start Automatically". + +### Connecting to the iSCSI target + +1. Install the `open-iscsi` package. + - `sudo apt-get install open-iscsi` +2. Get the list of available shares. + - `sudo iscsiadm --mode discovery --type sendtargets --portal 192.168.1.10` + - The IP for `--portal` is the IP of the NAS hosting the iSCSI share. + - In my case, this command returns `192.168.1.10:3260,1 iqn.2020-03.net.jafner:fighter`. +3. Open the iSCSI session. + - `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --login` + - The name for `--targetname` is the iqn string including the share name. + - The address for `--portal` has both the IP and port used by the NAS hosting the iSCSI share. +4. Verify the session connected. + - `sudo iscsiadm --mode session --print=1` + - This should return the description of any active sessions. + +[Debian.org](https://wiki.debian.org/SAN/iSCSI/open-iscsi). + +### Initializing the iSCSI disk +1. Identify the device name of the new device with `sudo iscsiadm -m session -P 3 | grep "Attached scsi disk"`. In my case, `sdb`. [ServerFault](https://serverfault.com/questions/828401/how-can-i-determine-if-an-iscsi-device-is-a-mounted-linux-filesystem). +2. Partition and format the device. Run `sudo parted --script /dev/sdb "mklabel gpt" && sudo parted --script /dev/sdb "mkpart primary 0% 100%" && sudo mkfs.ext4 /dev/sdb1` [Server-world.info](https://www.server-world.info/en/note?os=Debian_11&p=iscsi&f=3). +3. Mount the new partition to a directory. Run `sudo mkdir /mnt/iscsi && sudo mount /dev/sdb1 /mnt/iscsi`. Where the path `/dev/sdb1` is the newly-created partition and the path `/mnt/iscsi` is the path to which you want it mounted. +4. Test the disk write speed of the new partition. Run `sudo dd if=/dev/zero of=/mnt/iscsi/temp.tmp bs=1M count=32768` to run a 32GB test write. [Cloudzy.com](https://cloudzy.com/blog/test-disk-speed-in-linux/). + +### Connecting and mounting the iSCSI share on boot + +1. Get the full path of the share's configuration. It should be like `/etc/iscsi/nodes///default`. In my case it was `/etc/iscsi/nodes/iqn.2020-03.net.jafner:fighter/192.168.1.10,3260,1/default`. [Debian.org](https://wiki.debian.org/SAN/iSCSI/open-iscsi). +2. Set the `node.startup` parameter to `automatic`. Run `sudo sed -i 's/node.startup = manual/node.startup = automatic/g' /etc/iscsi/nodes/iqn.2020-03.net.jafner:fighter/192.168.1.10,3260,1/default`. +3. Add the new mount to `/etc/fstab`. Run `sudo bash -c "echo '/dev/sdb1 /mnt/iscsi ext4 _netdev 0 0' >> /etc/fstab"`. [Adamsdesk.com](https://www.adamsdesk.com/posts/sudo-echo-permission-denied/), [StackExchange](https://unix.stackexchange.com/questions/195116/mount-iscsi-drive-at-boot-system-halts). + +### How to Gracefully Terminate iSCSI Session + +1. Ensure any Docker containers currently using the device are shut down. Run `for stack in /home/admin/homelab/fighter/config/*; do cd $stack && if $(docker-compose config | grep -q /mnt/iscsi); then echo "ISCSI-DEPENDENT: $stack"; fi ; done` to get the list of iSCSI-dependent stacks. Ensure all listed stacks are OK to shut down, then run `for stack in /home/admin/homelab/fighter/config/*; do cd $stack && if $(docker-compose config | grep -q /mnt/iscsi); then echo "SHUTTING DOWN $stack" && docker-compose down; fi ; done`. +2. Unmount the iSCSI device. Run `sudo umount /mnt/iscsi`. +3. Log out of the iSCSI session. Run `sudo iscsiadm --mode node --targetname "iqn.2020-03.net.jafner:fighter" --portal "192.168.1.10:3260" --logout`. +4. Shut down the host. Run `sudo shutdown now`. + +### Systemd-ifying the process +Remove the iSCSI mount from `/etc/fstab`, but otherwise most of the steps above should be fine. (Don't forget to install and enable the `iscsid.service` systemd unit). + +#### Script for connecting to (and disconnecting from) iSCSI session +This script is one command, but sometimes it's useful to contain it in a script. +[`connect-iscsi.sh`](../fighter/scripts/connect-iscsi.sh) +```sh +#!/bin/bash +iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260 --login +``` + +[`disconnect-iscsi.sh`](../fighter/scripts/disconnect-iscsi.sh) +```sh +#!/bin/bash +iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260, 1 -u +``` + +#### Systemd Unit for connecting iSCSI session + +`/etc/systemd/system/connect-iscsi.service` with `root:root 644` permissions +```ini +[Unit] +Description=Connect iSCSI session +Requires=network-online.target +#After= +DefaultDependencies=no + +[Service] +User=root +Group=root +Type=oneshot +RemainAfterExit=true +ExecStart=iscsiadm --mode node --targetname iqn.2020-03.net.jafner:fighter --portal 192.168.1.10:3260 --login +StandardOutput=journal + +[Install] +WantedBy=multi-user.target +``` + +#### Systemd Unit for mounting the share + +`/etc/systemd/system/mnt-nas-iscsi.mount` with `root:root 644` permissions +Note that the file name *must* be `mnt-nas-iscsi` if its `Where=` parameter is `/mnt/nas/iscsi`. +[Docs](https://www.freedesktop.org/software/systemd/man/latest/systemd.mount.html) +```ini +[Unit] +Description="Mount iSCSI share /mnt/nas/iscsi" +After=connect-iscsi.service +DefaultDependencies=no + +[Mount] +What=/dev/disk/by-uuid/cf3a253c-e792-48b5-89a1-f91deb02b3be +Where=/mnt/nas/iscsi +Type=ext4 +StandardOutput=journal + +[Install] +WantedBy=multi-user.target +``` + +#### Systemd Unit for automounting the share + +`/etc/systemd/system/mnt-nas-iscsi.automount` with `root:root 644` permissions +Note that the file name *must* be `mnt-nas-iscsi` if its `Where=` parameter is `/mnt/nas/iscsi`. +[Docs](https://www.freedesktop.org/software/systemd/man/latest/systemd.mount.html) +```ini +[Unit] +Description="Mount iSCSI share /mnt/nas/iscsi" +Requires=network-online.target +#After= + +[Automount] +Where=/mnt/nas/iscsi + +[Install] +WantedBy=multi-user.target +``` + +#### Quick interactive one-liner to install these scripts +This will open each file for editing in nano under the path `/etc/systemd/system/` and apply the correct permissions to the file after it has been written. +```sh +for file in /etc/systemd/system/connect-iscsi.service /etc/systemd/system/mnt-nas-iscsi.mount /etc/systemd/system/mnt-nas-iscsi.automount; do sudo nano $file && sudo chown root:root $file && sudo chmod 644 $file && sudo systemctl enable $(basename $file); done && sudo systemctl daemon-reload +``` + +After this, it's probably a good idea to reboot from scratch. + +#### Check statuses + +- `sudo systemctl status connect-iscsi.service` +- `sudo systemctl status mnt-nas-iscsi.mount` +- `sudo systemctl status mnt-nas-iscsi.automount` + +https://unix.stackexchange.com/questions/195116/mount-iscsi-drive-at-boot-system-halts +https://github.com/f1linux/iscsi-automount/blob/master/config-iscsi-storage.sh +https://github.com/f1linux/iscsi-automount/blob/master/config-iscsi-storage-mounts.sh + +#### Disabling all iSCSI units for debugging +During an extended outage of barbarian, we learned that, as configured, fighter will not boot while its iSCSI target is inaccessible. To resolve, we disabled the following systemd units: + +``` +iscsi.service +mnt-nas-iscsi.automount +mnt-nas-iscsi.mount +connect-iscsi.service +barbarian-wait-online.service +iscsid.service +``` + +Oneliners below: +- Disable: `for unit in iscsi.service mnt-nas-iscsi.automount mnt-nas-iscsi.mount connect-iscsi.service barbarian-wait-online.service iscsid.service; do systemctl disable $unit; done` +- Enable: `for unit in iscsi.service mnt-nas-iscsi.automount mnt-nas-iscsi.mount connect-iscsi.service barbarian-wait-online.service iscsid.service; do systemctl enable $unit; done` \ No newline at end of file diff --git a/homelab/silver-flame/README.md b/homelab/local-hosts/silver-flame/README.md similarity index 100% rename from homelab/silver-flame/README.md rename to homelab/local-hosts/silver-flame/README.md diff --git a/homelab/sellswords/protonmail/README.md b/homelab/sellswords/protonmail/README.md new file mode 100644 index 00000000..4f87ef0e --- /dev/null +++ b/homelab/sellswords/protonmail/README.md @@ -0,0 +1,22 @@ +# Configure SMTP Submission via ProtonMail +| Key | Value | +|:---:|:-----:| +| From Address | noreply@jafner.net | +| From Name | No Reply | +| Protocol | SMTP | +| Mail Server | smtp.gmail.com | +| Mail Server Port | 465 | +| Security | SSL (Implicit TLS) | +| SMTP Authentication | Yes | +| Username | noreply@jafner.net | +| Password | *Create a unique Application Password (see below)* | + +> Note: As of now, ProtonMail's SMTP submission feature is restricted to [Proton for Business](https://proton.me/business/plans), [Visionary](https://proton.me/support/proton-plans#proton-visionary), and [Family](https://proton.me/support/proton-plans#proton-family) plans. Additionally, new accounts must submit a support ticket articulating their use-case and domains to add in order to get SMTP submission enabled for their account. + +## Create a Token +1. To get a token, navigate to the [ProtonMail Settings -> IMAP/SMTP](https://account.proton.me/u/0/mail/imap-smtp), then click "Generate token". +2. Set the "Token name" to the service that will be sending emails. +3. Set the "Email address" to "noreply@jafner.net". + +## References +1. [ProtonMail Support - How to set up SMTP to use business applications or devices with Proton Mail](https://proton.me/support/smtp-submission) \ No newline at end of file diff --git a/homelab/docs/ffmpeg Notes.md b/projects/ffmpeg-tuning/ffmpeg Notes.md similarity index 100% rename from homelab/docs/ffmpeg Notes.md rename to projects/ffmpeg-tuning/ffmpeg Notes.md diff --git a/homelab/docs/img/ffmpeg/1080p CRF 21.png b/projects/ffmpeg-tuning/img/1080p CRF 21.png similarity index 100% rename from homelab/docs/img/ffmpeg/1080p CRF 21.png rename to projects/ffmpeg-tuning/img/1080p CRF 21.png diff --git a/homelab/docs/img/ffmpeg/1080p crf 27.png b/projects/ffmpeg-tuning/img/1080p crf 27.png similarity index 100% rename from homelab/docs/img/ffmpeg/1080p crf 27.png rename to projects/ffmpeg-tuning/img/1080p crf 27.png diff --git a/homelab/docs/img/ffmpeg/720p CRF 21.png b/projects/ffmpeg-tuning/img/720p CRF 21.png similarity index 100% rename from homelab/docs/img/ffmpeg/720p CRF 21.png rename to projects/ffmpeg-tuning/img/720p CRF 21.png diff --git a/homelab/docs/img/ffmpeg/720p CRF 27.png b/projects/ffmpeg-tuning/img/720p CRF 27.png similarity index 100% rename from homelab/docs/img/ffmpeg/720p CRF 27.png rename to projects/ffmpeg-tuning/img/720p CRF 27.png diff --git a/homelab/docs/img/ffmpeg/CRF 21.png b/projects/ffmpeg-tuning/img/CRF 21.png similarity index 100% rename from homelab/docs/img/ffmpeg/CRF 21.png rename to projects/ffmpeg-tuning/img/CRF 21.png diff --git a/homelab/docs/img/ffmpeg/CRF 27.png b/projects/ffmpeg-tuning/img/CRF 27.png similarity index 100% rename from homelab/docs/img/ffmpeg/CRF 27.png rename to projects/ffmpeg-tuning/img/CRF 27.png diff --git a/homelab/docs/img/ffmpeg/File Details.png b/projects/ffmpeg-tuning/img/File Details.png similarity index 100% rename from homelab/docs/img/ffmpeg/File Details.png rename to projects/ffmpeg-tuning/img/File Details.png diff --git a/homelab/docs/img/ffmpeg/original.png b/projects/ffmpeg-tuning/img/original.png similarity index 100% rename from homelab/docs/img/ffmpeg/original.png rename to projects/ffmpeg-tuning/img/original.png