From 8686b40525c0083a46a01b9437c5605ea618d3f5 Mon Sep 17 00:00:00 2001 From: Bastian de Byl Date: Tue, 19 Sep 2023 18:55:38 -0400 Subject: [PATCH] added nosql (redis) container with pass, update fulfillr --- ansible/roles/podman/defaults/main.yml | 1 + .../roles/podman/tasks/container-nosql.yml | 44 ++++++++++++++++++ ansible/roles/podman/tasks/firewall.yml | 8 ++-- ansible/roles/podman/tasks/main.yml | 7 ++- ansible/vars/vault.yml | Bin 10745 -> 10939 bytes 5 files changed, 56 insertions(+), 4 deletions(-) create mode 100644 ansible/roles/podman/tasks/container-nosql.yml diff --git a/ansible/roles/podman/defaults/main.yml b/ansible/roles/podman/defaults/main.yml index 80a52c6..b470bf9 100644 --- a/ansible/roles/podman/defaults/main.yml +++ b/ansible/roles/podman/defaults/main.yml @@ -8,6 +8,7 @@ fulfillr_path: "{{ podman_volumes }}/fulfillr" graylog_path: "{{ podman_volumes }}/graylog" hass_path: "{{ podman_volumes }}/hass" nginx_path: "{{ podman_volumes }}/nginx" +nosql_path: "{{ podman_volumes }}/nosql" partkeepr_path: "{{ podman_volumes }}/partkeepr" photos_path: "{{ podman_volumes }}/photos" pihole_path: "{{ podman_volumes }}/pihole" diff --git a/ansible/roles/podman/tasks/container-nosql.yml b/ansible/roles/podman/tasks/container-nosql.yml new file mode 100644 index 0000000..d58bfef --- /dev/null +++ b/ansible/roles/podman/tasks/container-nosql.yml @@ -0,0 +1,44 @@ +--- +- name: create nosql host directory volumes + become: true + ansible.builtin.file: + path: "{{ item }}" + state: directory + owner: "{{ podman_user }}" + group: "{{ podman_user }}" + mode: 0755 + notify: restorecon podman + loop: + - "{{ nosql_path }}/conf" + - "{{ nosql_path }}/data" + +- name: flush handlers + ansible.builtin.meta: flush_handlers + +- import_tasks: podman/podman-check.yml + vars: + container_name: nosql + container_image: "{{ image }}" + +- name: create nosql container + become: true + become_user: "{{ podman_user }}" + containers.podman.podman_container: + name: nosql + image: "{{ image }}" + command: redis-server --requirepass {{ nosql_password }} + restart_policy: on-failure:3 + log_driver: journald + volumes: + - "{{ nosql_path }}/conf:/usr/local/etc/redis/" + - "{{ nosql_path }}/data:/var/lib/redis" + env: + TZ: America/New_York + REDIS_REPLICATION_MODE: master + ports: + - 6379:6379/tcp + +- name: create systemd startup job for nosql + include_tasks: podman/systemd-generate.yml + vars: + container_name: nosql diff --git a/ansible/roles/podman/tasks/firewall.yml b/ansible/roles/podman/tasks/firewall.yml index 51ece8b..e52ee82 100644 --- a/ansible/roles/podman/tasks/firewall.yml +++ b/ansible/roles/podman/tasks/firewall.yml @@ -16,9 +16,8 @@ # pihole (unused?) - 53/tcp - 53/udp - # pihole (iptables preroute) - - 1153/tcp - - 1153/udp + # nosql/redis + - 6379/tcp # ??? - 6875/tcp # Satisfactory @@ -39,6 +38,9 @@ immediate: true state: disabled loop: + - 1153/tcp + - 1153/udp + - 2000/udp - 2456/udp - 2457/udp - 9093/tcp diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml index 6858b86..f489176 100644 --- a/ansible/roles/podman/tasks/main.yml +++ b/ansible/roles/podman/tasks/main.yml @@ -51,7 +51,7 @@ - import_tasks: container-fulfillr.yml vars: - image: "{{ aws_ecr_endpoint }}/fulfillr:20230913.2009" + image: "{{ aws_ecr_endpoint }}/fulfillr:20230919.2233" tags: fulfillr - import_tasks: configuration-nginx.yml @@ -60,6 +60,11 @@ image: docker.io/owasp/modsecurity:nginx tags: nginx +- import_tasks: container-nosql.yml + vars: + image: docker.io/redis:7.2.1-alpine + tags: nosql + - import_tasks: container-sshpass-cron.yml vars: image: docker.io/bdebyl/sshpass-cron:1.0.11 diff --git a/ansible/vars/vault.yml b/ansible/vars/vault.yml index f426886dcc0c5fd9f62f197314386aeb89cae9f9..99e46d3a7ca5897564f0fc6e04b2acb25b963778 100644 GIT binary patch literal 10939 zcmV;sDn!))M@dveQdv+`0Cc81ZIz__MVn8`eT&XkB0;bPr_<-mNk+xEi41BJoMTgZ z^_xN+eBgr{Ao-#~L)a~~A8-OdvM&;FieisLxn_11aWJu%1Ay3`NzXu=g|>_OusEyM z0XNs>=~;iExz#~3o{;*x0naC@9?ucU!#kVruA) z4M4d>@OCaBx*ZUlJatz^kp)7*mQ)^5oz(dVSw80~6WjF;Eelb!mtgj1F}!0;-j5Vv z>;JabgHspN-8Dw(V4G;R%h&CDcP94|AGr=+|2${^7yU0x(MdHyyo!Kw7 z6)_R9dpT46!C7>ecReGzJm8#~?))#`7zIvvIG;R+NUy=j=pm&NBfnn`4`U`r<)3Ri zUThya;D-!9H*xDoJa&mJs9>QelE@kD`a%!z&ORrcEt-<}7soI*EZ2fY-W{>0*I>9Q zVbz5kKAJl5FeJxr@F^`XuJB7Fd}aG-1z9jlao}PDmL7*dY3s6pp9lDQ1_+k<9FTR{ zn~L`cH%3Tcl{S%M`rnT_M|zNUWZPUAhzmvw3Z$Jacy4pXE_&1q^T>3yu!nuk#foV+$Gz zl>HlqDV$APqU31DahQJM9|%1SgpLhQ=;B{`beue&8hqpKVc2p8dvWs;iVKjs(^!vo zI0~l?)nJzfQQkhY!c^7n4B>#WgqJ#FV3a3EoZ#o&mj%A6=el_S z97PE(u9$QqxZ#x#R?dq*YA{ z*9i%7qi=>8uIgf*T4$$xd*ZAoSZ!(Nfzd;h1Wj|2v$NwDgoHPI;Vhm zo;Q!0r{(2`@n=u+-Ex9(I;D&lrh1iR@b>r;nNvK}@@gKkTVlT7F;NF^hGLP?!EnC5 zqO&luOTZnS0eH)|Uy}t(6t{}(l#N@KDNpmvv3}N-K27e-?t3v0nG7koe29rYMm${5 zQxxG~&_)D442Z|Esq9h)h8W=kqX@I_rD_Kc(%6F{uZG ziRS0Oun5J@K0$_rbzta+WGA=``|<9+t^{_6_#}TvPB%xqqc8bFr4@vR2jB^QywVG* zR^CHE5J1h@2yr*7d813+9G_a>WA9AT7q2BZZS8-Nf%g+ z=imf8sp7K=o72QrnoV=~xW#1RRKAyO{Vb`3KiP>dum6q53WU&Ot|IWEE-pB_e+C>Xn?AgGi5(R&(z^{{6JXWssN-1rN99L0lmt|n zjxsUQ+w1Tpa3%iVcI2{ssur;Uk(j${6ndxK+kWAqz&9L-=3XDB;(TQR&JC(lZ-mpYAUd$l1hiY+ zge-nLec}F3V#RLAuH#j4cYcy1A5`thqczpF!CJ{UNB8ni}28W)c|JG26rBRrGJ zf$ViyCQ?jOr@Inc+B%%Jpu+YV5FD)0d;SDkdGSp9Q7Kk9A|9+L*Z;B&_fAsb5H2D% z6;ptY%pNNUsP~{WcuP)Tzv8>{B%`UHb+hH3WoNts2_)6<{K<3@TkG4S{xlFi`BVx= zzFXV9(u$6eoB`>=m<83>NG-+ajy9om1SV9^**35n90U3%J99mO=MCv zTV=XBX|6Q&>d@DhBp}BjUX2Pbq$NxY;z61Y%>kig8!y z!bXJUcsMF3LKxzK4&0>`HvF(;WTcsdx*EGco+L#wq^9zQ#{|&Eb`1Ri5|fk1lH`-9 zn!X0G_rwSq?3l5`j^GdMT%%LaBJm5HjGa1CYPe5V4Ww76bp)LV*)QhH;!wHr*1IP~ zB+6K5X!un+G0Fy}k$jLwC>j#=EO_~ZI=wU`?S<#_rG>s|@uq97mUw#G~8_|MTIblk1O13PY6CMZ5XO6P=ukE|CLn_LnsXE??%diEWQX?w7GPZ zV+>|toWFvPGUvV8Xe1ubioN(SG7++(Q}N?WlV6bp0x>6Mqq$lVGG?{3%1p4)s_fY%qCFFWXop_G12LtLO( zGf{jyJdm2DN*IWFLtfW$d3ig4R;A!}^`NmC#@xTT4B|6-RLvPN+~z|KL;ourdxphZ zCi&BRf3zD$Z2sLg!@IMFREWlbaX#(*{l`!T3BN3X39Qa&h+{F1+>fV#|NiF*3{ZlF zi^?_{Dmtv6d|O!g_@Zx2fn(saq=XbylVnD-{-x#pZ!=w`pJ~9nW5{^ovK~=lm!u+V zV)J6$d;3rLW64%w_`{oB)`gj4CezrdurJi?+%32`cB+=53w?H@=~f&IE>`^{+P0s?wG*Im*5Nm2nVG_K-os(~KPce@NB+|VT#Tpu50EH@u-s-nvzMnIafJN7H zIyG*O`bvc=!hufyvi9hJuQWFI(NXWlW^#Edx*8o^7$!k;>aeJOOh!EH;zg|K^U+_B zk|azGZlilVVgxW3A#V*Jk1Pepx2XW%6Dtb!ww3DKe2h*aj@(a>v+BOen_)gRn|9l! zFNpQ0`M&W6rFj^042GJG1zGW#;_nESH&>NkT%s!4GBZAqm zeB3s4Fa7;1LpCnZjDNI>KuPRNYZO|5eQciYy~;jPz0NIi-C;x-{%mW>X;r~a37P&V zVFeW1F4G*J<<$hwozSLN+`r)$R)gjeSOh%UFiM86o)rl?Uq@=e2?bT64xGSYp>Dwz zP7otUgNs%^W;3<1dq$4e9&H=>vC}CFaZH?L$32iWrvXS=B`i2`v+{CbB|cI;*n*hQ zr|K5oI;%_5C|k}q&p?&RL0T^DC<#O?COp#2*Hm$2)o3g7R@XNqIWfChH1GJ!8IUChbpdvD zAz)1w=4u2>$-J;XMmO`Bw@$@!g~#Rw7R2?z-c#w=mwgM$@O$l);2%MQAPtcQ@Eoj7 zc0L+k(2_GSZSJUTxdaC>ksB%h{LuCEpj|tmbE#vYxm}WJf8nYTB&{JcF<(nG)oTS@ z{(={X%F^Jg8*vJZ6Jd{(tSx8I>UdkB|yz8Tf zFvaqJiOHb_d?3#IAFU?Oohg?%%?WRj=@eJ?#!Me=A=zR#z#u+;r2uH&a5issQpBA-_y$lQ zU>(hT4`pL3*>&&jS3=AtR@!R~;A;D1WqCNM-WJoJ&F8%^WP`BKT$O20 zmWt7fYfo<29ImN%=_2N~JJmMD4@Xo#c9WUX?^y3XJf-JOh?ZpVio;{=E&{F038}K` z_$BBrEl-wmJbVr5QJB^8!T>OVGspMGJfMRhxDy`n80=x zutqDSVRbt)SkBB*Z~YM4(4k+lyIn&MiiaLDJ#E)MN&k!mn2QpX^?q+eaMUvYHgkHh zf>`+Or4XCG8|7+?Gu6gu>7(rK3htSlO|+}q-Yxy{BS80dSbsN@hhQpAj9{q@zWwbqX$asHR3)KaMzKNR-Jf(b>PwbugwQac%auL!pzE8`LH+TNxU)4 zF;7@8PyL)+;p-&&P?_Lf4}PV+)2SN0SB%(WU4A~*3b}@~_{pO^6qDQfd~90&bukyJ zLHF+};^}TtBaeWU6~i&f3*OO!oR2a3ZH)7gh}__72aPD*!b*fqMI3J3Zu>#l(u)ErT9-9vjR27?(ps}!+W`TkZeL@VE3gI=ZRV>d6U;{EDjJTofO)+}7mCZKRqOp!vQ#b{8Wv8Q$qXRa-ATf_dF zi2$->y_Jl2ENXTt`m6J)#x~AKSJ_TW)pODo!3$35=4cBmrbU|g`#Gn0%tRel1uFiu zj4r#LEFDf|wA~VWg?ELGJUYMAa_r;W&DC-SB~6#S1hn^q!jTG~&0Wr#(kHp^3Oar( z2-rGR0u~YB94btzV_>;tAv!T$Tz zW|@Z724fFq(12nZ=*&y9;0aRN|4yg-)=;c8F<(KE2;zh?31*Y-1oAKu2m}Wdul5lm z>>u!hzSJ1R$J5c~3L&-IR-mYGYpOd|PGDJwiX?B1PqeXThso)U=pA(g}ekSE6`%zd#i z6%lqiYZAeE`~O#hvg1u&!hy5te8*8b8vl_t-Je~1oO}HLgY;TVkG=wS5}~}lQ1ASw zsKu}BcUECJ3&l_cc1rt{*GPz#+5=|fXzU5;4pQ?D9cn*dwbmDk+czF>eH@4-;jovKdIe9oJru z+C35VMXD_MxZp5}Alw6i(v^aznhUlvuvhj|%1i_Tl+s2jB*wk}kYOX;B$q9^*5Yp3 z8PBDNlNA(YsZseXJX9w^MQ7}YAT3Jk9 zrbES>6OqPvJm#Q_+g;uNDZA1?Fn88%OBsmOhI)8z5zpqAv7}6G8$4ct8+l7c7L(Z# z8{!sgOD^A)Qr(I$S#x2k_-r{J0Zn*Ow9fpRHjlwePYR)3u-|obUH8~j`D23U-(&U} zYrmf}7HDfgFWi+-jBmvd!3v7l1f9{I!-h4-e$$vaW@?rw+|R zJ#~VFz{C@>x4$Td+VZ!Zlp2djJmEHQ8sabADSSR~60QUVPWmzqG;T!wx_hZijeFzljlz~m_-ji!9 z76*=E%s=9RYr5})x)Sp{mSLqp_o`yu`O)4S7CCE{bevpyi}K;J&M?*@8P9#YDxu+5 zRApO&)j-5tKm75~E1`oMCK$_k)f}%7;$2T?IwP@;68tljK{227)fXqjFS2q3^Ys?} zJ6c2G5m;%-BMZ+0vMzK#LwH?|ze+h6v{LZ>=DJ0~K}w{2xQ~m?MeCHb^kUSfLkF~- zxxJOxXx^N?4?G*#n62Ze^u%MHP7bCB4Bq74;gjWShGh~!vkA!cNL%p6`)fOOM707y zd|dbj?YdIyBp}S5929#Y+;uqVDV)GsG9fsGs0O~l;iGcVl(fsD$B$iwRg{>`76OmO z0D84{?2hY#VM#P78jfsc<%QFEk{}!Xmzpnbb#1IiW2W6B3f^RTr9>Q&L@~1&M&c4n zrP8P#1~gVYh@Pi6E`t`(;9WLRg=35n!lQ3&&ZtxfqA^1WY%nvyws#EJ1>O_D`-`iX z31)wqQL)CJ6KAmGnnsTfXYlHJZO<2dIvfqM9CAYak~NL@5Dsu$xd`V}62^F%wO)a@ z4lt#MEA^G?y149o_r)~k4~7QhhVMj=jx{edn7_4AstFeA5QdO`eOm^GK zAu_dORMh;Vv*BI7|s%?7*#x-^v&(}v%^n+=7<`MnbIx@pyv$-yl@-kd5Kt8VzSyV6GfexlZP9IQL z`kq59d}5WLxw8V8Usw0(E!McWrW?j$lxX_S1^>&H838~M(f<=0hK>w5$Uf<)FY4|S zDhkPQB?@C}*mzB^QV#H@ykyUM9dT9X5XH!tv+Goh)!eDM$Eb}ZiI_q5gTN=jP zo&QV0%b`+q`6lOO6TxdGXt;QzDr5feN?4xtT?3){lCUU}ya*R9FF(Ewfcrd-Bw_ij zCg6mWC7$i%QA-9vJ`>VoujuDS{PHM7;Z|@{Ugmrb-SKc%inP|H{Gxe@c!yZ)KaL91 z{s~Uk(iKjpdM|N>r1u(1B*-UiX#Ux4rUtu&lG`|(qCeii1)L{X{f%mhndPXO|Ks$8 zU$fl4?-THouT0X;S;hQ-U{Hh#%Nb5%lI)1pFqX^)c_j!oy>mpyso72g-Tf+Iwn7%j zq}s=fjE3yK+j}UI44j70GLyD}%6(YE1e+@CUm`69?&*aVyuxdfG2^{|mQ6b!U0K&U z4Rb1>Mhc55?E9|2Q;B1SfbL`tzM%3s+-Ap3n=6`Am3FJiaea&G11MT~4etXA;1Hl#)mwN^Sqj3u{boC9x$ z9NR=vj1LrH&Y@gDiKu4Kx%cu6Qnz+*)U*KG2%omA1tTX3GHuTM(Y;qo17&^ zQnMo8@{jY@IrN=ABLD z0vnYEC_@gX>lb^rqkpy630Z%)d(R zciKqKjW;6j9-ta$j<+~l^KZ7dFan((=cFOZW)B)8`Os833l*{##a1td3rj7If5h71 z7Xtyj57rKsk`Gf3U;uv^Cp4iBy!`2Ma11&h`O1KBK{N&T-+G_qS52G5$MVal{;l_0 zi$BD#-j{=vub|e%*OQb}l8F=s<&AMoY-zHA`C4YwYORC`oo$fo7*;9XC3tx@Pvf4jQH|AlzxvgiP4AJ?b*rpc2N-lx|L1NZ2U-+c846(1XQEXO8F(3OL1JR>y zo-T6)qtuDwf?%=CS!D~F_-sJ_Fx>6-375vX!3bMn+u!=C9CbgoUOZn$19PF_SuH8 zuax?s^fi=#h_6vYlhC`0uGj?aD-6e=k7}u&8EjT`gdA75YAVvg^81)VxEfqAM6Hx( zIb6&6Bp}gHCu~+-XW}9o#{cnYJ`_1gIL3dt)*q9Lv~L-2C@btrS?VusbFyE7ef_q( z`8opm-=o!J_pCqhyk9DdS(FdSXPQ^O(Z_tDRAQ8N(M|l=CbSifPDQ}&N%^9Mv?@s^ z?dKVf&WI0`%)N{F30i7~KdRyJFbH%CXltqfHy`2}D-3;-_9-okQ(>%WakOxUoBFt&@FMn@OT$MBkjfJ?b7oR>hxJtv;nE_aX z?Q`qI&oy*Dtdt4Kz?4P7s0iR0iJOr4$wi6gm&yR*?VT@z?=>~mn=y*qCGKfnwn&HI zCQ&98qu;K2s6pn&prc*Yp=M44KY3lBN*KVOW54LiG{%lvfg-q;w|XbNI-RM#m{)f_ zkzyUXh`2%9X4M@E-H8T;u9_HA2fhSNJHFvoZhNSCW->BhSJ)2waLI2%-nv55WZ%7L=<+7DGN!=ojkTM*I^&l`r08|mb2bf5Q)LNTGX13zx3u{8+n}L6t{*l zO`7w=x&4cs;v!MriDM-*eI2skrxS~wyyhe4e<{rdb7$c&7g>PvcL;Ua5OtB>^rU?V z453t>x5GvZgYB&Qx{slSPz<4*E_M52lQ5JtZDuCkZy-&Wiz%r$c8nOHqp{QwbU7}+ zeY0{}`f#ohA%Ga(Psjq8_^pJq8ccQsk`(X1rz%oteqH2CY}(2#^z5^FO9df$LGN`> zDG#(D9%0(!$~O9b5lIfo2(`gKG0auvk;`pn377R98eo_@AF@bO*B1sLQl8)?<}>Iq zLy20GO}Jb#9^-8>GC`QjuuMpp-uJFtkV=ZgvMP<_c?W87K4rnu>%>aR9hU2%BdeSE z*=)oU9zg<@R7pmHTJxCN5*j;ykl}7#TAP;e;95hfs+bS5c_ZPq>`oipq&3f+o?Xr? zrV)|unDgOfB4LW{f8O3!ADl{p%;=7Ax)}a6O_UJvSLB_lW76&&16759m&I zA(0V}xPs$^55z+!$M{rWgVTROovhy^0|iMjZVF1?^pcIK%UuZ8_X(fUlo+*iGpp=i z%3YXZu?hPN1!i`|$(nxwA}ZXl9kM^}mDB-KL6c3x0REy3+y6P>eoPCpd(G%5g^rVT{cuy*D;>_h~3~ zt|?K6hr{S+QRJ*q`~DVm^~amVQpI$Fch1H1=gkd|8Vw*AqZk@~=>}tL&M}?C8}b}b zxlk&u`?q7%&ne5yK-#70b%V7f#XP8FK`^N5G$-IlQ8l}b7OEazo6C#}!bWzUc%Oq# zkFdyIIfuFV+AzTYJ{iFv@WCzZA%b1%iv$3LvvF8m`qD=V2YoiL#c$a<-kPS$;d>P@ zX0B(KTzyE? zj58SvXh{9ZY{e)iIDQGo1A1lAJ1(c`!ua_*9H>yPTtvbsTriN+BIEXA(&A8P5z1nG z-%yTZ4Gg6mxYM)tK168j{7xaF3>Y5} z@DB{8a4ZP1a9um=-8QckJRuMz^`I8$od-F$U}*u1t-jud2VwA_IG>P-@1*U1&B)YH zVCL&=|2xj2Mt_cZfc-i=zG!iruXZ0?QOV=JB$pM@LaGNzsK5}5E^87Qg`U(90_#gF zR^z=;vzUy!De*gSO;Z+l+w%cT@66#Hmb?S49l#9jkD>6UR=pN{3z{?6RA zqQLj_6Vmordw+H-H?~IPIQukOw8aL*xz-1P(GM_@<#bqKe|1kvwMGNU9j~6m`1g$S zC%jqp#XCjg^cbz-R-I|Gw;qJjX1C9_}s@Sn5g_4KjuX3JE$G@ISKT~mu}AW7#!r$GG7jWxwnsC zSQYQZSSJELys9r&rq1H>u?482dz{}ee7EChc_F+{nc1@nNzZYVh|W=oXuPZ{N4lDE zTW~GeN0?k%x|&;sK8wS`n1g8j|rST)%D=&8GS0}_l=Ba$+r~)z#7)Hx`g18e_mG+M?ns3A&Ecsr9 zsBx#}lLu@RX=5_?M&t*TiVwwQ{W9EuTpit1vE#sFW1e9EZ$w*i9%7$uD3&F6k4BHV zG|dH! d8y#@ez_jGics`VihsP7nj1gao%4g-p3FViw9BBXm literal 10745 zcmV45WKH^Lrem)@TwHmf8Ig!v*yW?3VJKzL?`HlXEAYLtAUd zKi)UC3Y*y7xuneWHUJitUH3{4z3YEA*Hbh@RTtd}TB1;<+P0%!Q^Bw+S{A-Q!}f9r z4eQTk5u9O`mYpvX;+ufh16Y`*tZX`V`t=OhHi(Cv_un&@efhPmg$3{UK^R2& zKqL(xnJv0b>-T)2VIluBje!bfpBj+hb z#AZZ7ZyQB%cT$wNF7&aX9`%HYm}$s<*UPZj6MnM>+iUC2%THJ zxW0b|xka1){SfgoyiO~nOtv)yzTFm4-7r0wx-&9SNG;rH-e<+c=_B6eAN>(6?LWOj2tdhC#$%-Vw}w_f4a%+dJS#vBF+ZtX$tgS zrhHNBb=SqAC5P3HlgL*0T^~mdP@T6};5l0O2O9m`!&}u{(M>U?>^vR= zqBwo89bUHLUm{XR^mvtEkL80s(dXLH@4$7%jm))c&0QOHrfNUzOjI3_fJCObX(~u-#^p_dU%cBY z5oN`<+-2AS3(X0(n%R622+QtE%|BNGXA0dtsq$9OqWG1sw!pc$zoP) zbGxA4@*mSQKl|l>ht}a8&fbAZQHfDGa4CaFx4!6+0CinGwH*;L)kSEJ=$Y8&Pt(}L zx$es9<4Ol2`C~|}FJ=6!+S%Cdz_m*G&YfIY>q>3(f@4}~U}U)3`W!^BPBE~!0sbQq zWBop*L&%09SCd19yNtHj9tKx7CR0w^W z7evjtk(17N3X+d(9WkxgKYP^bTWdmg1N={{3Fjl3%pPpJhp3-@h9XUK!Z>7L1 zbu`gaMKieZ-WLGgDse}Z13}ER|Gq;TBVL+01p&PiEt+z}i?Gk@<%YTWJxJ}=8cc9P z`2&tWoyYX(Xqwl+=1HNP?4-Gcv8*ei#&kqeHIH}OLrmN;=BuPV;2)x_O*mEp;kiF@ zrf}%*Ulrf$(r!JNc((*iltp#bqgxynYi0Z)*gK(cIQA4o6FLGvqAbnpi&vwkVP12y zCyFGUMo7MEcqq9SjC5BE9KcLMem3y<)`F;)7fbtIk7`(FWNDv4^M>cI#7Rh#GYR`v z3#8pwrfNk=Y4Pngk*#vz{UZa-OrTUuy_aE(C^IA*-f-W;?z5(TxY0JI2lnnPKB9ifVrEnzw_@ z3Yh%WK$Jr)hKa!^0FK#?+KtkjT;DeuPJo-<{`}G9w^A%%A0@LnPp;x;+o;`7ENWcE z)Pg=R&v^xIY>H#c`vx(uV+=K{(wYK>`JN&4_=32YkAyy<1PV?-3KkbBJ@~xvC+^>^ ztYUrvczLRuDMy`jQLHfDd{k-4BpBH2+>q=l!0MvTU(t2>d8MfExzPu~GNg;!JzSZS zt6a#^R5Q{Xlk?ob4?msKjBIKyTfvHV8E|j^ZrKB})Xz(nP^-U(GWejd{l zY#%}p2UOU^SB#0@m0AKsoON2NWt>JOfSxm_hQ>zFr_QiW0!N|8;f-P(8|A-yv8+j1 zDy)n4HEV`oT6Rx`DbEILLG${)a;C30w0GG?nLySuNTbia$pP!y2po}>=(;pF-5Ln1%`#tWSsq-z`5Wz;6s$2SeA$ne zLX*X=#lsk&X(^Ue`TEY>5&Vg#jU06X%DQsEdU0gqDLm6IiGCu9o+_pTl?`Kr`C)fs z6f@t&%LLpi8PrAR(}C>NUZc5?I`yQ!Zpj4lkeM+I*tcu_bX^HIz{pKCZ9{Tg5Yt&t+F_3Xwnwa8EJyOLJT zp96{+av+*FnPu8lBW75%$1;o70STwZ1ZL#?(y%FXvg8x{k!46Ty?OsHvXJSOBs*(` zRo~2YR86Ey4lY$+`CV&7Sr*+0RP7EssSg*SE1|!I|I-^X(J}ds1Jjq3AR{H4YHm)^ z@h1*++*~PZl=z^ya{b>Xk3A)xmm?qs0pbraDE2R8IcEAE=e=HGL8$F9dHL%%{I_2(wx$7YNeJnX>jg- znd!X&v5~%Zp_7XGiqN$_6=#&Y?v}=DE;j_>5Auh189(3yn>_|{eqzOF%dA<7z%38e zwWGT7%x~Jov9Fy*Ssgel9Eo;0*(1{5!XuD2OQ_wzQwVTS9dTIQ~-?K6w90AqyFIS==938i<9^op}%`4&fGfD0|F*9w(H~wb8 zOap;FP1&529Ea4$Ow+BCq4Ms7=0{}&rhR+APeeABGFu8uhFetfg_*F9jJV6NO_cN5 z(?Pkav(rX8f^nROKWX3buhoxnaZO5&D~+kE_Q^PNxa$q(CC)cwg=+_lFPi57fr1i+ zqzO(-3`}Z58!OASX6$qPzq}r^kg)4i!FVaE%pkwj)?FZ!#jTI%dVZ>t{KC7P9-81Z>p9=TyGqf#vK4;19pmXV3m zxO-;brmEZVsU!MPy}k6&Jj~&1qCwRLiHS1~`XbL7H9VM+z!`NSC-kq_>jJbY6Q^N+ z?W<3`?zvKtS?i?qc}ejU@$im-peI<7Z_(<;bCD99d;LAA8P}F`+G<%=dK0rieBV9d zJ3eh$io(pSFOkavYD$iqka`$GA=(&a6G@blvM~F8mnv^4yCPzwt0d0DL`}DMR*nAW z<*qUOe9LEK+ns{Od#SqqEjb@xeIBXG&)0(`KP;wd@N_?=lm3WyP`D!=ReXNIVS{%Y5CI6IrfIQOy^9PY;$_!Ym;ROS z0?{pGNdS#8oU2kvA7bu$t20`A&}rZ0b7vnPg|99XoAw`xjb0Q9Z?hPvb=BpyT`IJvQbp7HbAh!d4>+(j^S(_oBke5=WMjGxWMb7w-P@eneaGNC#pG&Mp+CW4>{77fpW3X-CE*PM_a<=j1)U_A>Z^e z_Vj3?44h}{KVuR1vDckA`=HE3RV}{euIAKt@Cqf$++ljqF#e!Q>{B9Y;%JgmeZykg zVehqna<2PceL(#{$;53H&a?+!xo7ilCFnNPXdq>^wy;*$9+7a+l{ldEI;F~{> zzAfyN90O1}9Jt#hiT$N3G-ko#mid1g+FjLqngFJP99gg&#kBoyPS|1%m@K5~k;@k} zg>{y?9%SQv-5nH(zk@z>N`nt>EbV}H2DDOWqAwBLF~%3 zd>3iBor0>kfOqdLuxJDM{5=4#&A^^#1X5NDx~gmOUrb11m;vPb)7SF8&G}b7re+RA zcO4&ExzJ0Pbo-uVv;`q65PC$fZNaNvmYk&LHcogzfdcYe7xhc{^~#0r&b>-{edvIJ zwe3Sk&jsVf{O$T$8lqB}6;j+u_p~S;nO&47=SF!+-Bi?6?8}-i{Q(Jy4N5VpOAwYr zk2s7BIUtb|+0c+{#3;z=xYwroS)`QkY|6uhM$q%F`YS@mAT0y}Z!Y_CurX^*4Km22wEHOw!{7 zJJrTJsX@sKWfP{Qa&n@8vn(YLy`&+3Y}yq5g2ljsPB(fz zOCT73r4N2t#44zSY)P0TK+R!pU~d>}(SvFNdtYOK`+LyWiT(R`Pn}J|GjaW5?})5( zSH@Y~7u->!plroRY&}VOBLpC*5n^?#Q&DR>Wk9nUwl?1sb@zVVYk)^!E^8L>X?N{@ zWw4(vQ502D1WJ%&KSK1{>Rz?&5{4uV5B7@(KAzioZV-NszKaoMl8S7E1`K$EwUT8| z#300X)qWYAbS%uhpUbsoFT=Aq4e{Wv4Uo7cXovg0h*U}CHI;m)Td$2hsWDykbOF9r7X`81PNUXO*Ev5(j{J;I3-gySl3?yKr z>LYqnVu#5`{Syz`FTTQb&=WGrGNb?RN=<{OOAk2D#yrW1bsJ?^^g1x7r4i=v8Y{!< z*NPR`sI%4h+haqVbVqq*^OP{du2BkYXLW%OV2yvZd(=anLc4Pv|PAj=c5_xGp& z{K!esyW;H>ctNC9eE5f8gkKcpoJqHJ0)b?~{6(i0qjb!CoVvSXV%XR$e|6{(TVZlM zWu&o9aM%{h_%Iqymx_W|Lx3PldH*}kJ6K9NIWN{)0VH(lLNFmBpS1y7E(?O8yr1F$ zO}*TM<8C*KVh&6D&Ib0uGrZapK{q|`ip!|r%X5!c463Jzs*dG;y#mhX)+m7h0fp0G1}hs1o+Og0aO)!K zpeqY#S^gRt8o$I@0Me~A44~9`k8qa<*#r1Tm)!$2W&_sZ<*i*R{Gks{sQIfG%nwE# z{UoaV^~GvqOTU1sj5xq)D={`SHpS-L!cCh36&}_l9~pRbD_db^_ai<7S$?Ar_c$=H zgr_+gBzhMRuhvTiei6m>17l;iwzdTy(H5l5EMfjs@z%*-zc!=`u2b=5sDRmsBx%Hi zMlTpO*Q0(b`L(LK!&j#v`rZ!0+vK}Jr1)%kU6;wa*9R*HpwyCGu_Y31qJaVpgAV}% zfntwXfu*|(5n0YUjYGz&kw96SU+RK{!@BbQWw73UuJ=^(1=;DWLi(6lC8L%iOLc}2 z@$BsO9Y)`+5bbnXi%!LK`oR-&rKrB!x)FrBp8j!f1Sl)of1Se}*@9c!#QPrq?s!iS}$+TURys zLZq9R`KM#~*`*XY3UmJdBPc|fm~4%I5AzfNc@y9-0-3@}I{Qfae}j5Xu^zrrg4%GG zND!r_29>R_F@!4v8CwZe_d4yq61__^kzMyWTZ35^9>fpQ%4foc2JsUKsj{XD!j{Ep zV77WiUNq_t;dfNdfMC*rV(^Sg_#+$LwmBWhS`pe;ghvj8D(p5GyFEh0BoIy^dLdl* zi89hI&%)TNBW~cj7J>1(-sPx}0>VkZNK#+v*zqV^5Tsfm1?ZJ~KoRObqWuAzGvvMV zPu7pBAk3Pd5R40ujf8)mY%cylxVhJUG;+c}d5{iJNHE$uvicnJ{Q@|-i@+8`KwZ|} z&ZjZ`p@*+$tIjtV2P_$_AH}t|%4YScLLC0e14^M%>dYcNGwdeWZr^Qzw(Fl}0irh3U)30GfjMwzJv$j^b$;9O06^0FG> zYC+z9LvLr}P`WR10+i6zJy?f;O|MU3^u8ux#Jun+r7#$B)~7);*l``6BlvEBySUfw z2#(yktkX6cA{%XDy!%G2o_?ha?WAfo;Lq%N0(HF5u74fTN6nvcOvY)|{*0cK==B8OjZ<{d=C zu1BIU^4T*gk8J|Ou<9q)nK<6HK?pnd3Y~WVbFW4v@u;yy7+e{En-3LtlWnX1@f!>FEKW?rI)Rqi)g*opQj@ybTcavfwcWRH@>38K~uup1FI97#tF#~N% z3;<{ZA(8}PB=^1rE%AEjTz{y${2`F8o8UVYbOu7$Kk)|nys_p6mS;JNZwnhk;!vwh zPTKD5IcDHQ7+qFx-tq%I%Ai6HW?OdQe3kzBM=^eYd08nR`$vWFt1`~T2u?*YQC;S$ zqesIR;>?z!BXcKz?Gs%lQ<%z$kQ}B7c&FM)sf!A@F>j6a$%K^03IM$E+d?f2^d4Tk z4K{Bx2=DM8+Ln-Bvm@N4XvOy?>ga(x=_&Iw%W}@xY^N_HLPOzy+|pKq#vd@uVvfH| z{3_@87HvqT2Ag;C(6`8`h}g-qs+}iz_~=NRlRpWq=m2_Eqxm+945Vt7C^xIGx>LDG z4rzOUGp)l7*rvqxWAmcjN4y*Er1)`#(`Archs2zxE)+B%;dbnw_yYx2SY9d+w|I+ zAEWLHx3;b*!t3;!Tjr&E38(8-=!vYibMD`Pr}@O3QDM{r++02wJG{d98V!eqD-|ZZ z@t82{>|1-NxDU;Mwr@6Tompdo#E9WtxSCP@*d02=6g}=|SBKF&xgn6%V}D1t3<5Np zoF}3F<(`*r*U0{y4@9_K(UcG1_CNqpeI{{%2Yl=k%N-3ich=m0@{Q(UQ(sEDRYksz zG&N&J((xrW$KIEgiv`baF0ui2kEa>Kfqyl;f)n8TLEtz%?{~13KXl>7XI6B{9Y;#o zm<1Dy`TD#Fl+<~-%#M??E7j%Wy}`)v^AK8haK~|4bn%)O+O@2h)yZIf+}(~ z2`);DDH2<^OA)z}U{56uTBYi1xh~|P;YEoeDF+C6eC5*HKxu1w(zI#FP$fhFwzd(y z-^02fmP{|0X1zZ~cyv0ax_Of2W5@cTiI$#kW5TF#Fiz&1Nm4@uWom9tW<2IYrQ7m| z9}t#uZ<^+Gp16*|n}T#~$=SYklcX4aw9p)t>AX;oCHjmzw=;b<_3P!{9B20{do8rMk3u?DLr2_OIJ)k758y?^X5^VEHeomwm|Mj=1mMs_2BjFUI{MrfSi^G578 zEDH?KcNBfKBjS}r*ZAHo9a}jPR>H>w`GD()t)8HEOwH=uDUa(aQ~{E8QY9V6exEC4 z@n(liTz#r0j6z^oxYPPyL%6}WA2oNwad2wWOcVe4&6_dSFQZWm3)fNyu;^z-U6!ME zr(}-A?q1ho*EEju6^qTJpxO^jDVGDIky{T|$<=7pBre#6Nkmc=Vwj}jcgCjeU(2)M z%2OOITz5QPIaODmQ?X@pEm znh9sO#Li_ET4E!NX8c2ek{5L{Lk-b31d>#7g))Ac3`D;N)=wnu{}ggj5shN7aL|&g zpq}Wlb-%IzG#5I`|DE3@Vw2~xXO~j%Dr(FR;2(6orx^l0YF}g+R3&X7m`rbca4LgB zU#b=2zg3!Cp$=2s4TYS|Q9OO@Q_7&0)aslg9aC_I{ck6=@p;@m{=MFbP@@g{4%r91 ziHl`7cVY>#+D-ZF=>}i8{ISWz{gA8~4tEOx#xU`$UK=X=80MYaWzRhy#d&0lb#M}} zv2kr1<6lPCh`doICAnIFA_$e4hP=!6b(arUnV?2bI8mi{JK8$bs3pfV_b^JN=J?Ah zfR3Rg71GR*n7*a;Ewq&{N0<4%L!S>z%??N=j}S8SGrEwJE|ai-!6@RbN>0p4rAG8< ztneUVlTg;MGLIBf0IL}|D>qQ{5p0POk!tuq353`-%Sj3g)J~f`sf@zShM|rd zY4cI8h}Hi6dK#O$u|Do-U8&5kV~cIBU0+Gf1>YMX!TmNG$m)Odm}CE?9nu|(@9j-B z=I%(t;zvO0NxXI-w~hlU8b%etrp`oGN+%L>b2-t05ZB^p)Wn|b;T*R-6r>s+7Pz98v*7=wY!_S#ULdE zDt}bs=c$;Be=SoNcb}%urKQIOmYnCJpf1!g=R|33&K0Il^ye)<}%1_L&uFx3Nu z9g)Z}WGF_!qrma9Y7&rjz=EklLaia&($S*^8f^qkd|&6CzbnH=EwR1)WcX)W7NzX- zbis0M7{{&a8rp8raCbrHCZdau(8!Lcwe*GJw>iJ%qhr7i*9PYD zB8*|&q+^z~F}CV;k#Q%uqm`MbhcC!wGI%tRcu<+f@t%<{pTjqgUdeRl;A$+_=OD*P zP`O4eP+t{3-HKWXT110ekDdLdN8`+aK27O2myd!8tr6)9z*bJV_o#X!@Z$o4oO6(R z&1S5ONchIf)PxCsi7JvFmp8OYg(M%fZ+RzY@(-^M!*!(eD0M#jI;hpWGyoxx{+@fo z>o*6}+_=?5lE2r{jp7$50R3`()2c+%1s66Y$2;BynX3OXH#JJ$wq&)uBhnE(rjpUS zXPp&YKHABFoB=k$-W_C>gz*s2YZd?1!dd7&cPP*3T~HNLw%s3SA}T|IFrnzn8d1^F9u1M)xP~)5 zY~{V7ydBS9rl-T?1DIfVk-KyEKWeSC&q#YyY_2{J2j{|U^`;t@)w7`zCf!LeT!wEF zgitCA;f*J!XqcY0bpsAk6IZ&ztq%Vj)QGcXi)<4uEvn4y-2E@iMA;l3#Ljh3+Gm)3 z+#{J^>OJAGWExPZTVn&OeE-#A?%1pXqWfC)N`Vz4h2^Ig_(|BGFj-C-2_Kyp_AS@e z^cizxD{+SPozurW+FpeqYAo3cc4@FKFab5teo394X+7s!DpI>NlU5IatZ(D1#KCuu zc7~q$<5+VH(g{q*Q^W1~Lzx#DvG%?6az-WurZ$vf2Sg5PLA5UE@P z$AJ`;=xrbggSeF71a(+p=o7#F(uJHn1iYg<9DI*v?Hhu}xwCPQp@tm%!X)^E8SEm9 zzaN~edn6YaV^nE9?ECn@!uCaLx96F$V*_DOF?Y9A8}bbc zV`|jgPa26LW?Cyku#ZE}>XlpXm_`A34u&?xW59FJSqAb(e@o{^%rI+{7dypH1X6N$ z6L1`W9!9E1hh4hUG*c{-Ld434T_ujvHRnp?__3d`=~0Qx?!e3Du=Er%NqBe0ksX72 zX75Mc+$AP=pBtujVP)rJ3hOzsxfA0F(i5N@5{-rd{DGE{$mfYB}An7Rzi40ndzQ+YcqN zX}LVPO|2I#+c8*_DUT?~`*7RXRvJX3BR~9eYRtTBf4ub>2y?k@gVi)a?u+Qckm>_V zXz-W&*11yVZ+er)Yv5Z1)d)$YPM7u>kxLZKWI(nN^X0N{&QlZ1U50=jICRw>Z*W-wJ-qL9^V-t5ZYC{LzcnR1k! z?~f-K($I^rIOw5!m3dm$0H9D2V8MXD&*2@dR~?xU50}n48)R~L6zfWZ?I+j;HlF#P z^MnF31{Qfl-|H5jI(~JJS%`-nro?SqX-7Iu#8U!J0U6pQ6q}cnW8{YbUxHvJ4TazIogfIg??G090uI zVY)So&1qfF98pAG;Hn)KyQr&m6Tu}M4W=>^K!bH$peQ-3gMYf-(HAKSbcc*?6vTjf z=64pojv9d$wIP<7A|7=JO**pTVyzLx=0{Dea`O$GdB*i)jl@pJ99`QTb><}?``Gtx zR3QNA8b4VT={0EU#SllKs=P8qI&RseV0>_6Cy zW_m(BBECZ;P2oWVx2vS=h4v&9!W^i{JjAKgGA9R~a{)4)5`9 zVNvZLXxe<n#Sj%~BE7BpnA^3XNm;X)uvXp5IMo*dijqGw)i?;+U+>1TUjPrXQvp zpVutqNMSrIXu?5?9G;AX`c&XwP%$abFO9i8`PfTPT0=^p+xXEnx~#@Ha0Ch11;wX2 r11ZAYO77>GeV8pePGS+fM_>{j*-ir}!_B#O9qh*wO?QZh#Hod%8tu!q