From 8bd4ee9dd253d9bdd7905dceef5e636667f83681 Mon Sep 17 00:00:00 2001
From: Bastian de Byl <bastian@bdebyl.net>
Date: Thu, 5 Oct 2023 12:08:22 -0400
Subject: [PATCH] noticket - added skudak cloud (nextcloud)

---
 ansible/roles/podman/defaults/main.yml        |   2 +
 .../podman/tasks/configuration-nginx-http.yml |   2 +
 .../tasks/configuration-nginx-https.yml       |   2 +
 .../podman/tasks/container-cloud-skudak.yml   | 100 ++++++++++++++++++
 .../roles/podman/tasks/container-cloud.yml    |   4 +-
 ansible/roles/podman/tasks/main.yml           |   6 ++
 .../sites/cloud.skudakrennsport.com.conf.j2   |  16 +++
 .../cloud.skudakrennsport.com.https.conf.j2   |  42 ++++++++
 ansible/roles/ssl/tasks/certbot.yml           |   1 +
 ansible/vars/vault.yml                        | Bin 11198 -> 12105 bytes
 10 files changed, 173 insertions(+), 2 deletions(-)
 create mode 100644 ansible/roles/podman/tasks/container-cloud-skudak.yml
 create mode 100644 ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.conf.j2
 create mode 100644 ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2

diff --git a/ansible/roles/podman/defaults/main.yml b/ansible/roles/podman/defaults/main.yml
index b470bf9..8c68086 100644
--- a/ansible/roles/podman/defaults/main.yml
+++ b/ansible/roles/podman/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
 bookstack_path: "{{ podman_volumes }}/bookstack"
 cloud_path: "{{ podman_volumes }}/cloud"
+cloud_skudak_path: "{{ podman_volumes }}/skudakcloud"
 debyltech_path: "{{ podman_volumes }}/debyltech"
 drone_path: "{{ podman_volumes }}/drone"
 factorio_path: "{{ podman_volumes }}/factorio"
@@ -23,6 +24,7 @@ assistant_server_name: assistant.bdebyl.net
 bookstack_server_name: wiki.skudakrennsport.com
 ci_server_name: ci.bdebyl.net
 cloud_server_name: cloud.bdebyl.net
+cloud_skudak_server_name: cloud.skudakrennsport.com
 fulfillr_server_name: fulfillr.debyltech.com
 home_server_name: home.bdebyl.net
 logs_server_name: logs.bdebyl.net
diff --git a/ansible/roles/podman/tasks/configuration-nginx-http.yml b/ansible/roles/podman/tasks/configuration-nginx-http.yml
index 8900238..1e3a05d 100644
--- a/ansible/roles/podman/tasks/configuration-nginx-http.yml
+++ b/ansible/roles/podman/tasks/configuration-nginx-http.yml
@@ -65,6 +65,7 @@
     - "{{ bookstack_server_name }}.conf"
     - "{{ ci_server_name }}.http.conf"
     - "{{ cloud_server_name }}.conf"
+    - "{{ cloud_skudak_server_name }}.conf"
     - "{{ fulfillr_server_name }}.conf"
     - "{{ home_server_name }}.conf"
     - "{{ logs_server_name }}.conf"
@@ -88,6 +89,7 @@
     - "{{ bookstack_server_name }}.conf"
     - "{{ ci_server_name }}.http.conf"
     - "{{ cloud_server_name }}.conf"
+    - "{{ cloud_skudak_server_name }}.conf"
     - "{{ fulfillr_server_name }}.conf"
     - "{{ home_server_name }}.conf"
     - "{{ logs_server_name }}.conf"
diff --git a/ansible/roles/podman/tasks/configuration-nginx-https.yml b/ansible/roles/podman/tasks/configuration-nginx-https.yml
index 5b3824a..15241a9 100644
--- a/ansible/roles/podman/tasks/configuration-nginx-https.yml
+++ b/ansible/roles/podman/tasks/configuration-nginx-https.yml
@@ -37,6 +37,7 @@
     - "{{ bookstack_server_name }}.https.conf"
     - "{{ ci_server_name }}.https.conf"
     - "{{ cloud_server_name }}.https.conf"
+    - "{{ cloud_skudak_server_name }}.https.conf"
     - "{{ fulfillr_server_name }}.https.conf"
     - "{{ parts_server_name }}.https.conf"
     - "{{ photos_server_name }}.https.conf"
@@ -57,6 +58,7 @@
     - "{{ bookstack_server_name }}.https.conf"
     - "{{ ci_server_name }}.https.conf"
     - "{{ cloud_server_name }}.https.conf"
+    - "{{ cloud_skudak_server_name }}.https.conf"
     - "{{ fulfillr_server_name }}.https.conf"
     - "{{ parts_server_name }}.https.conf"
     - "{{ photos_server_name }}.https.conf"
diff --git a/ansible/roles/podman/tasks/container-cloud-skudak.yml b/ansible/roles/podman/tasks/container-cloud-skudak.yml
new file mode 100644
index 0000000..14be5bc
--- /dev/null
+++ b/ansible/roles/podman/tasks/container-cloud-skudak.yml
@@ -0,0 +1,100 @@
+---
+- name: create required skudak cloud volumes
+  become: true
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ podman_subuid.stdout }}"
+    group: "{{ podman_subuid.stdout }}"
+    mode: 0755
+  notify: restorecon podman
+  loop:
+    - "{{ cloud_skudak_path }}/apps"
+    - "{{ cloud_skudak_path }}/config"
+    - "{{ cloud_skudak_path }}/data"
+    - "{{ cloud_skudak_path }}/mysql"
+
+- name: unshare chown the skudak cloud volumes
+  become: true
+  become_user: "{{ podman_user }}"
+  changed_when: false
+  ansible.builtin.command: |
+    podman unshare chown -R 33:33 {{ cloud_skudak_path }}/apps {{ cloud_skudak_path }}/data {{ cloud_skudak_path}}/config
+
+- name: get user/group id from unshare
+  become: true
+  ansible.builtin.stat:
+    path: "{{ cloud_skudak_path }}/data"
+  register: cloud_skudak_owner
+
+- name: mount cloud cifs
+  become: true
+  ansible.posix.mount:
+    src: "{{ cloud_skudak_cifs_src }}"
+    path: "{{ cloud_skudak_path }}/data"
+    fstype: cifs
+    opts: "username=skucloud,password={{ cloud_skudak_cifs_pass }},uid={{ cloud_skudak_owner.stat.uid }},gid={{ cloud_skudak_owner.stat.uid }},file_mode=0770,dir_mode=0770"
+    state: mounted
+
+- name: flush handlers
+  ansible.builtin.meta: flush_handlers
+
+- import_tasks: podman/podman-check.yml
+  vars:
+    container_name: skudak-cloud-db
+    container_image: "{{ db_image }}"
+
+- name: create skudak-cloud-db container
+  become: true
+  become_user: "{{ podman_user }}"
+  containers.podman.podman_container:
+    name: skudak-cloud-db
+    image: "{{ db_image }}"
+    restart_policy: on-failure:3
+    log_driver: journald
+    network:
+      - shared
+    env:
+      MYSQL_ROOT_PASSWORD: "{{ cloud_skudak_db_root_pass }}"
+      MYSQL_DATABASE: skucloud
+      MYSQL_PASSWORD: "{{ cloud_skudak_db_pass }}"
+      MYSQL_USER: skucloud
+    volumes:
+      - "{{ cloud_skudak_path }}/mysql:/var/lib/mysql"
+
+- name: create systemd startup job for skudak-cloud-db
+  include_tasks: podman/systemd-generate.yml
+  vars:
+    container_name: skudak-cloud-db
+
+- import_tasks: podman/podman-check.yml
+  vars:
+    container_name: skudak-cloud
+    container_image: "{{ image }}"
+
+- name: create skudak cloud container
+  become: true
+  become_user: "{{ podman_user }}"
+  containers.podman.podman_container:
+    name: skudak-cloud
+    image: "{{ image }}"
+    restart_policy: on-failure:3
+    log_driver: journald
+    network:
+      - shared
+    env:
+      MYSQL_PASSWORD: "{{ cloud_skudak_db_pass }}"
+      MYSQL_DATABASE: skucloud
+      MYSQL_HOST: skudak-cloud-db
+      MYSQL_USER: skucloud
+    volumes:
+      - "{{ cloud_skudak_path }}/apps:/var/www/html/custom_apps"
+      - "{{ cloud_skudak_path }}/data:/var/www/html/data"
+      - "{{ cloud_skudak_path }}/config:/var/www/html/config"
+    ports:
+      - "8090:80"
+
+- name: create systemd startup job for cloud
+  include_tasks: podman/systemd-generate.yml
+  vars:
+    container_name: skudak-cloud
diff --git a/ansible/roles/podman/tasks/container-cloud.yml b/ansible/roles/podman/tasks/container-cloud.yml
index c393092..802fe53 100644
--- a/ansible/roles/podman/tasks/container-cloud.yml
+++ b/ansible/roles/podman/tasks/container-cloud.yml
@@ -19,7 +19,7 @@
   become_user: "{{ podman_user }}"
   changed_when: false
   ansible.builtin.command: |
-    podman unshare chown -R 33:33 {{ cloud_path }}/data {{ cloud_path}}/config
+    podman unshare chown -R 33:33 {{ cloud_path }}/apps {{ cloud_path }}/data {{ cloud_path}}/config
 
 - name: get user/group id from unshare
   become: true
@@ -33,7 +33,7 @@
     src: "{{ cloud_cifs_src }}"
     path: "{{ cloud_path }}/data"
     fstype: cifs
-    opts: "username=cloud,password={{ cloud_cifs_pass }},uid={{ cloud_owner.stat.uid }},gid={{ cloud_owner.stat.uid }}"
+    opts: "username=cloud,password={{ cloud_cifs_pass }},uid={{ cloud_owner.stat.uid }},gid={{ cloud_owner.stat.uid }},file_mode=0770,dir_mode=0770"
     state: mounted
 
 - name: flush handlers
diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml
index daa945b..f2faf89 100644
--- a/ansible/roles/podman/tasks/main.yml
+++ b/ansible/roles/podman/tasks/main.yml
@@ -49,6 +49,12 @@
     image: docker.io/library/nextcloud:24.0.5-apache
   tags: cloud
 
+- import_tasks: container-cloud-skudak.yml
+  vars:
+    db_image: docker.io/library/mariadb:10.5
+    image: docker.io/library/nextcloud:24.0.5-apache
+  tags: skucloud
+
 - import_tasks: container-fulfillr.yml
   vars:
     image: "{{ aws_ecr_endpoint }}/fulfillr:20231005.1415"
diff --git a/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.conf.j2 b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.conf.j2
new file mode 100644
index 0000000..0196336
--- /dev/null
+++ b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.conf.j2
@@ -0,0 +1,16 @@
+server {
+  modsecurity on;
+  modsecurity_rules_file /etc/nginx/modsec_includes.conf;
+
+  listen 80;
+  server_name {{ cloud_skudak_server_name }};
+
+  location '/.well-known/acme-challenge' {
+   default_type "text/plain";
+   root /srv/http/letsencrypt;
+  }
+
+  location / {
+   return 302 https://$host$request_uri;
+  }
+}
\ No newline at end of file
diff --git a/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2 b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2
new file mode 100644
index 0000000..3a4f65c
--- /dev/null
+++ b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2
@@ -0,0 +1,42 @@
+upstream skucloud {
+  server 127.0.0.1:8090;
+}
+
+server {
+  modsecurity on;
+  modsecurity_rules_file /etc/nginx/modsec_includes.conf;
+
+  resolver 127.0.0.1 127.0.0.53 9.9.9.9 valid=60s;
+
+  listen 443 ssl http2;
+  server_name {{ cloud_skudak_server_name }};
+  client_max_body_size 500M;
+
+  ssl_certificate         /etc/letsencrypt/live/{{ cloud_skudak_server_name }}/fullchain.pem;
+  ssl_certificate_key     /etc/letsencrypt/live/{{ cloud_skudak_server_name }}/privkey.pem;
+  ssl_trusted_certificate /etc/letsencrypt/live/{{ cloud_skudak_server_name }}/fullchain.pem;
+  ssl_dhparam             /etc/nginx/ssl/dhparam.pem;
+
+  ssl_ciphers               ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+  ssl_prefer_server_ciphers off;
+  ssl_protocols             TLSv1.2 TLSv1.3;
+  ssl_session_cache         shared:SSL:10m;
+  ssl_session_tickets       off;
+  ssl_session_timeout       1d;
+  ssl_stapling              on;
+  ssl_stapling_verify       on;
+
+  location / {
+    add_header Referrer-Policy           "same-origin"                                                                                                                                                                            always;
+    add_header Strict-Transport-Security "max-age=630720000; includeSubDomains"                                                                                                                                                   always;
+    add_header X-Content-Type-Options    "nosniff"                                                                                                                                                                                always;
+
+    proxy_set_header Host              $http_host;
+    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+    proxy_set_header Upgrade           $http_upgrade;
+
+    proxy_buffering    off;
+    proxy_http_version 1.1;
+    proxy_pass         http://skucloud;
+  }
+}
\ No newline at end of file
diff --git a/ansible/roles/ssl/tasks/certbot.yml b/ansible/roles/ssl/tasks/certbot.yml
index 78c5f95..608d1ef 100644
--- a/ansible/roles/ssl/tasks/certbot.yml
+++ b/ansible/roles/ssl/tasks/certbot.yml
@@ -11,6 +11,7 @@
     - "{{ bookstack_server_name }}"
     - "{{ ci_server_name }}"
     - "{{ cloud_server_name }}"
+    - "{{ cloud_skudak_server_name }}"
     - "{{ fulfillr_server_name }}"
     - "{{ parts_server_name }}"
     - "{{ photos_server_name }}"
diff --git a/ansible/vars/vault.yml b/ansible/vars/vault.yml
index 45d16289a45f77bc1f1ffda757063aea597ca81f..4c9763f1ec1439cbd85ab9030fec1c1e94cca2e7 100644
GIT binary patch
literal 12105
zcmV-PFSgJCM@dveQdv+`05@}M{0^GiB#O@4Z7VUWcM9!Cf98#=KqktXON|y6(U}4N
z*IBgnKQedOtOX(Y;GaR2IPF6d=26hCyV9Iic+(o)J%XoY5|~x~UzRk~@oj}Vk-P2d
z_fY>ys@1ij+2699m`KzSz^|4SZ|cV05jrw^Q~hklewHbx$Z{iqNeWl>I=5_IQs}j4
zkV#r9b=?^P*JO8EYWY8ekgIM1FmlYjR8{j;{Bs;qb()9C39R3gQl$G@e90nGjMMrE
z5-qTGSN&M@PiqMxhpuOTbLrj}Qltd}N%3d`9Dsu^Cn^=0lSCLFBjyqC2Aw`d;$Fdu
zzl+>(5}w{&KU$RAc3VHyYvX_xlv>SEO$oEE{{f1zF=1z)?Uko-kv2JA2NqbD4ANRN
zDUgMNfvOGpE6_GLGS|HB0fYhFExNX>49mu0LOG<|{o|{7Bn$zeTqlWC-BWc62#^mV
zo`j@c(iaLoYoH1qSc3{w*EAFy&Mi+`q&k4@N&5$L^`Sp<d|kcF|GS28OjKP`4z05&
z_&PwkYT3U#Qte5KOG+W|kt4%U=iWae^(hRl3FD*VE0*Kl)-*ar*ZPv(KLF-URm*zR
zJF)CFX}XZK-C;|rzq^e=gC`00EnKncoyOip<^JM*E+nG^VWB85CZID;0pptoB?5Jc
zNi{Ot36^XJChlWy*+YcPBxxajz{E3LAsFxxI+KMb?MrUMGI$(VeNz>8b1U%^-bbwA
z=x=G_OGAmr%(FhP$D6GW=I-u^kup&uG1@6-Jp1nu3;sakLJG4habm5{v9%_sMr;XJ
z#z2xETl!h$J^QR9TqW|r78sERDH2g(QTTS4d}BhdPLWR&L}dq6YyA9CR?pfa5!K%c
zasz<H?6zTrPYF!g&87UMfa-*A>)Y2Y0;-46jb0qKd=@DWlqXr&up#}!x|f{pjW;}G
z|C&^gW{bufaWNN&rQ(oNSgZI4Vfv7E@HW|Wce5o1Yp7E}<vt(d+kncnZ7+DwedXU<
zV=%sFAdP>a+(Lk>{P%zgbW2h%=;J<ip9wKLQW+@-?IVVUHF1sef7~)kC3$M%;NXTc
zIDL2a(c5MDs&i+ptw~svCh$dLJtO&2#RdS7799o7)b)K!nP%di3Gufb<uk}2El19L
z;a-FfuZ1=(`I}Mk+s`;NMY4hcU^qQ%x-8ilBHM$71U7-QLunokmrMq=4-;8R{loY(
z#yKSw7kZ;>_o!E=BlSS>j9fu<I#-9-lph*KltwqOc_Pof2yJ{AfL7i@^(T#(>;gx_
z3>Usyj*l_*LgAUnKQ<pPwFXuZzOfcv)FHfXY64?V>aU`oU@D_Y30KpS4L1Dn*aZLK
zV07xR_;;F+$aE>B8;8H7aQidS-Dj>xfp1~SNLEE~UIWO?feos}(nR1|&|`v&PRXZ6
z42uw;)0_PA_X#p52~;g~J@+VB@L5uNZud|i+RZg=x!I|@QL*yjYDe9Gq(b3W@2Rkk
z&krt9z4r_+l$)zDlQq0PZ6*tN6x~91R%wxAj{}X3E%;+vw@UCMRkW~?Ysv|NJ_F(~
zc5rkB`VR=h^UuA)u(HZ@G!b5?6D6onX!*{}r4z++w~QvYvIaEn<bHD%u+C{D;?u<N
zRQcn~A!C>WRASfw-JT;P?n7o%VoHv^l)r+iQ&Hj{tNfm#|Is*r5M)$=oQ?uQfYC7+
zE<~?BOGwzYNP;PHKD#F$!Zu6)B%;~PNz9t;#!YnV-n@CA3yY~)^edc`#hRgW{znUt
zWcjWsop;EL{*X#%GJUKn{jSxME|dP=R?0ZC`X*G5My1I3>83@TvnCODsT@x*SK#Mc
zh<9!-Ae1l~!t<$qi(3Nl8*=@i1w^_}vJd_C^Tej`YX$I0Q~+_Bl<xVlYNnDk{#h^k
zr2|SD6KAFTogy0Dz((BUbK>B`t%y6qH=(N_BF63|oq&02sYzuls-raNwZ)ag_Gm9R
zHLlCb%)p6>5?F-?Klu?rC!VhaHArmvT>|gQ_@BCcC}iaUtxdKyXp%5Os7jg)z8>ut
z`?P!(DbdKlfNO<KBo)X$fJQ406(qw1CEA8kb%)FPp#nhD_*?$@12t=B|CgrylU6Eg
zQl~9}JtM}9gwUSBC7>Jy``q)I{;O-c+Phw+I^YI9ei3{sY!8jEq8aZHY$~!`mS5ra
z2X6O<xXe<IKL!RGJ1Kr|C6ndsXlH=lR{_A`7x^BX1_u5&X&I5_+r86x@Zi9)Xst9-
zG}-#nGe%4rC4jal4Lr<kjb+J2Q;20>q6wjn+`_^;_z363R%+fWsgdNEPSi(h%&m{R
zs4};|I0)I**iMPt$*0=}lA;dR$5|hgrvb3j^;$hvV(S(J8YQjxO_tOs3I!!-Cn=n(
z4Re%+V_dtV58?D37rn2;ZA63GVT<%5l?{A9`!{>_{#6jlw<2&n=bLLv--g(7*IC!p
zEn9=R6R147)D6oynI9Q*Ol4z<?R+_MYh$UA5uVqU_k?0K{R%zxhA*{=#r=<&2h(y)
zM$a(O=bCX3Gd>RdOd(50oU6c^TwaBEd4D?cJ7Mv71!owu97R`!68cRyl~}5+RMoP#
zXwyJRvim(_Ay1-vB$HZ%*63KjkaWu<#$a4xCQ?Q3fJ#tshO#H%&yN1MO&X}GnfT4}
zfb(g@OXMlwNX6BRMW(xqd%IIMev+3-{(;rrq7bCq&Q)<v2R|9QF8I}HyYjCL&#n1+
zzS!&>C8C>f1G?S?W0Ts2Sn6XgXOl3{s`dwP!zyd1wf+Y&S8upw0v@_qob9Dn-{A9D
zR*ptUE0g#<KY-NAuNv)2BggmTZ5p`pm!vDM<2gZYY5Jk8Z%*bd+9YZ~=->EA!rfT^
z?jle!1(E?0UK=UP!5NP&iC>8m*s-&2ery($7_Y#fZ>RVI8*qb+)Wd6s0wdGmm$*T3
zByEe}4n?nZnUe;;whKGG4`*>Z21`l41g+mK9>Vz?yKEftg3DIH>DlsL45j({HC3sD
zyn_V9WN%TRg(M^Ih;>itl@XJrgV3>d73u-lyT#lj{{Cq{%5zivvOLX3pKvW3@XjL0
z@dVf1doT)csGR-{r=FYhzM=lZzk({_YD~%K1AfHd16qDh)4sA7&+#n2Y!X^pqmxKR
zy0(G*8C%Y6(v+YsPz*ZvZ+PFCJYSBLcJuK6MKhJDpF#O!Pjy!~Nvkq1J!Yl=PP8{6
zs%a5RWoVa(FFvW=F?Ls(c?66q+S@V3QfTfKX0M_9qBc8~=@#9l3j;GW@}=LV`PprU
z$WWywaa3D<b54S`s96W{9=Sta;<>NN)a(maew*r}nbZrSM0Sfk&47Pp#C;+lvkhpr
z9o-ZhobwAWQ62iweE@y5_~2<icMB|g<HY!i%#Ymv)7b9!fQ60Vdi|bqLy!x>2DS5s
z41`9rPF0MJ=Jc))UUnUf<Hi*;^YNMe+sI&OU_y9I2NG($2V~*SPnQjynBTlv2dmfd
z1|0SmktnD?;)i*woJJ<ZVTJ-IiB$qPdu1k^eB~JhLLmNAjide2_>5$+m~kY|YoNAf
zF|)}H`)0d=Uzi^(1o3`iD+giS+Yr?O8Z)BsfWLDUf`u>D*};tt#&Ftm!5NK-$JFM~
zz*JR1P}2jLK7*FqXy>Inkvsf?_(WoJKRsc!yk`Y(=#PvD`o82y!~JNTrFe1fE~ByV
z6m&#H?6d8a=Qv3VR$J%5iClJWh$W_A9#~+HU3<}ptA&Cx8y!+hu~WuVI<Vd)%a)ji
zieDAni&TTxNxOzdeZHc51?f`$d{x+1U*Y>cvM55SE&ezFVBXY{+20~wMYr=O(S1p)
z-Cny;cQBHpO~LPzm<UI0Y%)ySS<lwdAMh{ss(i_Db?Vn7t2<@5wy(oK@m?h34ffgo
zz@H;~nSNN#2LeL%4VIq91FR1bJ-&{V;9!J@fRL5tK{p!k_=Z?qqP7ts7h7vSzSiM=
zFq5(qkH)M|oM2YxDk%{>5($X?(bMd1f>-5KqFA#F(8hu=WZvChUr<%Rh;^lM;QlRA
zLmTZn!V#P&c54bnSVxsbyw9?P(v!ka!^Xpk^OIS7z~ee+JEUAeD+<nlyjn+Vc@D!H
z@)ie%KgpQAIAX^2pmjf+>ZmY+iUPG|OuFcZRkUO@{=kETC<$9&oP`An|F8GH&jeyk
z<&NW<YLB4Ag|aRG2_bW=_iyCQs}j0Pd7+>z9{HmhgH4}x<@cj9lIcEA+4L*p-xf0I
z#v8mu1mastCSdbP3}1H0PqF>O;f|O$giO$NDyzQC4);dmoA0w4g_^KB5hDPWglDK>
zvA8hz?UHjF8bg(zO-uuVM|JPyX6Q&<>jaC%b`sABA^}+%kQ=X!2}bginT-Jep|&oa
zb725I4m&3W0Fi)Omp)f9$ml3v7tVt@czgn25=x3ijE;3(D>y#eXP-^qpPRW$_7Qw~
zhE|KA$!Bogcvud*uEBRzusL(v2_O~kPW;XvQ(&!F;Z+cn7q@fgl8u~3bM>C90Nm<^
zWoU#{VCU2CyB4OVmxqw&vz_zs$$50m4dp(P2n8$~KHmdQEAlE3FUr=5o$&&V@H=3F
z&#KfZ@d1oLmpzU%k(w7xUJMD^M}(*xS%DOd9XXhF)Lc#n&I=>&jIvzR9|rdN%Plhu
z&^iTD6IdyYDBH$^0h(>xcEGHNfuZp<3fNvLXNvSc9gwc|R9MW*06b^~u&rtZdV3Z?
zCit8hYF<xCQ>HNZ<IT6pWQ<tlCNs<@;-NU<3zkMd3o#-{zlSiJ|79?1(`3t&NKy-b
zF6bQNGZv|Tq3DZ;>qEFL$hZR)+C&j;0J&LS2IbO?4ojy34AtCr{~esE##5p^IqAGA
z-!f>mSPD&;646ZWjEv@lca5VtvL#X^=3<;u*HJ8W>m#MPLP7~Gz1<JJN$?Y=m1bKE
z|F4bVO4C1A<UKOfz742vtaL+BVCUXeYm@kzphQS7%oB_x>Vc%`n7PUR=r=BVz=DIW
z6W5^w$e*yuf3lmgp>jZ3Mi9O~)1jvhH=Cs;EJm{S4cXTeGV_Vh8ZG<0Uz&k)#^Up3
zmK%k1D4nzW{@b*H*@RbAOc{iE%|qh6E73t&y%<u*J~>xlQB#sw1c%VnYDO(d@fTqR
zEh*k~=r1FL`)^fOU=@0HCsA<Zp4NAFj%I8Tgn`Ku;LZJPB}=5HlHmcPzOJgy^0V$L
zZuZ_ku;ww98A&Gby4E8J78R$+ZP#`UAj`F}uQX!M3w!c0{Sge9wSp3~3_9S$ZMEf?
z$OwY(WA{=BOuRh&Q*k~*i-nR>uB`L*XqB-o(K{G_jviGx?!H8;6U|zf#+}2hF*M7@
z8YoqwH-j|^W<S_jnPELm?UB*h1AO?_vpOe?_OLJ0M*7xWp%B@hA-q&#jozhb5nKh%
zc_{_eRSg{jqp&nAmbVU)wY64)p_}6wspwTZXk~vPoAcjU;>Pi<YTnxs2F<2_7&iF(
zPsmsG5e=j7-xSk2&1RfnvjY#VRCZs*(TlK+7vsb<3fmHLXx-1MTx+*8KkW7U!$?+&
zbdCgghS;9;$<iMHvaknj35`v3(HFl_7xSU?)yY?<m?4*7#=-}Y;o}Ru;jCgqxGuoj
zA=$5jRJm3)D(oeaZ$<>H(DbE;6yjazS^ok{T|ci6A3riqTDfJySfq#o-dE$(NA9>o
zPuBf6={l_>#2A<?n_Fw0Ik(8y$aC(D=17!L((zJu0QF;1_|p6)TL1PXP2DvBBta*t
z>abTKs~BP6MNfr+Th2b*Du$`<MWBR2bp<JKX)FW==6{s?g{*_accCt^tL<{}yW0T^
zR}jTb`>d8i2vN#Wx#RVE8}anm7nCWHB$1aB=L%kG+5=7WH1#1Zv;K8Ab0X=%IZ7vs
z1Q1akK&P9<j|MR(74%63a@L8hJ)g1~IJS5A5hA{vykKgHbQ%I*C-Fz@%?j5;shN0!
zlyZf+Zp!pY7qHe;c%=Z+Xff-<q+BeDnp(f-pXM_<4~ER88YLJJNE&Wcn>H+`g(?1!
z*y%ebQbx%Wr9ig66M!at5p?5vp5u=e&bmDMSAzp#H*EdRu%W{y2mhJ6d-a;#rC_eT
z^yF}N0r>aNGie_Zf<GY?j}g)16r~xY2g|0snuGfPp>|03+URm3Tw0{OM~q*A8|aBj
z43b&r9<g+($%Tb%yr`}r%~s(}aUZ4~P7SzP5n$S8=;{B>Q)f6rj<3N5L{X+BPLzxQ
z+~T^mq6Xv-#jNjqv#+DIxucELHyh}R-xPW=3*u%yubS;9Wo<0t*R+2{e@rtk9cvzD
z_@TvVfFuc&cB~iABW-+Ed$Xk~(3YQH&4=Fk_a?5SQD6F!v9pWqMa<KGj8-<yXDOg+
zXK3vZ7f~0p2iDr^ro}?(UV=r(o%0xjPcAW_%%2x4;(Cj1`=9a@r2ECyi*m7uYf%^_
zwFLeIypCPJ`AF5^&~exyV!!8+La`$JMIcgrtpuC+$WyH=Z>?@^ld-21NEqtv$zvez
z+D4Uy1zJ#Rn%5q$D~FN2%${csMy;d{AyMPIO<*af!fPaqHjS#aYUCe$VcUXigWT0b
zt~0RrAow_LP&$KAJ;DJT-pH7#9R_4gV#eunX6BC0oCy`PT46RY&k<#D#OXybSxc+<
z%_Ahq;_bk7RLE_g9g}p(e2)5(Ly(vu?gSUnE7N%Z>Vcy#tQfBFYFzMM01&T#C;@&1
zv-=Q6vX~wEGh;Q29uU)J#x{v<?l$>Lw&kh7V9X;7PVeOJF&l=hs_DhyEpHoj=eJ}S
zx=xkDP9IM4D^iNDFU#_ACsTXvV|1nxl<g`Mnb`V2n6BZMPTG!~k#nm*vNU{lI*A<J
zI_zdblbKNW$&chdGB1KT+8S{z;QE`9SrvY>MC&DgVt(sII{Kt_omv}v!oj1G4KO<G
z7=0gDfZRNh9XE`F{r0?be>#3uQmCVk6xUgwUyd@U9~o)+k2C;SNHCAl`zb!8ohMj^
zlLWA4VOIMhE!g)vE#DhOxZDn)Gq)(J)Zv@*&QNm41XNZ_Ekd7f6`A7ZI72+)!!)H4
zePp9hNdFn*U4ot&xN;Z^%{yqn+=6WRwN7*^{APWc>Gh42fSypMLF$h?$KqWm;X^8j
zL3EYGakINGxVHA^<q%DTZm{?=)1pCtw>2FiQ5+Ksve+J?81Nj*usF>7_}WVjX#yvN
zUGC_mH~EX5RUD%WcMX~*`i+>BmN?l&zO!wO9Bvq&uU|(&*WncZRTsZZ1`)tJ%3XO)
z_MtjEv^6KVxb%@;Ay>+tH*samK`J56p$mTBwh^uZ!5y1It?r~eXh~Sy(sJ^Lq~5~D
z>w^7>kJ0hTC*AL>FL3aW*UTH#!_&`M&M7;G)Ql(c2Hv`&C{{c;)Q4`|SP7`2UQhoA
z*ps0-{{<tC{{vuwl;ak4GHP^WW|*Sq?0u!p{jCy&&fqr8ah6}DMMUHXq?>Ap+GjcX
zht(udY~Sd^PrVI6W_H+(uJWbKVG9g%6JQS4*@SEOQ2U<?ss#&Z375t{YG^<$d3=8n
zYH;4Gh~3+n!zwB4HuQeZ0kr;%5$<pz`Zg=c6~b2X?V)WMoYSIZT&Ev4G@g)oID;<6
z5_Uf}P#crgZ)mvOXdbc2#UbA(#w0v<dcPciRJMWklcPw;OD8lqz5LQxBAH&x;xQ%E
z>R;+qr}LVZqW$1g8}o-4UN0v1j=ccUAtg>lSDM+z&2(?Oqa9EfP}#TBv-7Qjy4or@
zAwwWFfg-ZtZL=u#$y5i@_{bV0oMIBS8k5h5w&*;$lnKQ$S1_U`VJD4Gz0%A|IF>>;
z1F0(~zE8|AcJASl$gz6C`}3VxM<8>HxHb9PJ27^fgMBW)zK5`yu^Jt~Uq@B790#An
zQX5i<Ck~a>${*c|!n`zwQ(3h|CN;vOQ=d1rOrH8N!xo5<!P4YiY-vu}Y<xjc+c=IH
ztI4YETI>M5ARgSi5FM<+o153kyo0VWJrby}F5_`*gORI7b{8K0YTXxMa&o#v^;&@m
zBK5Ny9dt6EcQQ)V8kw~fh%-8};krWMU0%RP>UPwa<&h`saoSVTabjfGk175+6iZya
z-b>GYRI@=mLw&4smRj={ZZlQ{Jw5y*O4g=~-07lZJ5`u9F4s7ujpZ_|os?84y|HSQ
z(zL~+@E<}bcDdUiUH%yLY3wY21t2Lm2}#C++Q9wsGOLXTk%N}W_Mi?%?_*JY%-RLT
z<vhhf*|tVFF38b=*#W6Q@K-1AQZ&YGvmf8&blcQh3Y~4@3G|oh$}lF^?Q`ePmELRD
zD-dQ)BEG;r0+yLa7$vXJdWw}hha2)2G5gzD32hKL=&-WASX1UgQbM&zcPDtj#;qZ5
zG^g|4Nll2vfo0#S-7e&my4B)EcX-#Le4X%k=`sN*V~TqksIGrRW-e4MEG$WLj-4nB
z3h20M5queOL>M5ohmK&i8~9`aFsUs<c?lt;ZMw?h4gAQtoxMTqWBr|2?3ywU#@3H^
zNGxH;pScf?o9OXmk*(s9StG-Cs!>=Jzo`)rtJ&c5G+rTekla;0{WGSZsRRZq8?WsP
znY_yyi)2`j4tthc{v5!(!Yi8owQezReZ+nOqmXlQt~7Ny(lGsvg-i`{kC%!f>wQ|M
z+%ES29jA2yLeLtWUGp#GZJKUnZMkTQAI7r;CW|IU(rF5Hj-P2aG+eYNgWo!fG#QNA
zugtKS^E8!wcj#W7fV5*30NTJXESJ6?dS_KUfwX9-20aPzV4E=dH$<sr!6#eu96A$8
zu@;TPS}P$pkED|iv$v7TaEev5i6t-f6f=eVuT=#@EZpkpP}@5+a(wtXS(Kl;w*WV*
z&Ll%22B{M3h(MECvf#+h+70|~a6}7DY7yf1B5v`;iy$aEBBW6_n~)>a(GXy94tkxc
zH`bE(o#yNyGF{7Lc@*8;M<a^uxG#XnchQgi7`HshaI~oG7mhx7v~>esui2~1fxnf5
zB)?Z&CTGsH%aaH4&>@dgmBTKtP`M~IGa+I<INB-nVMXD4?n0?LY~-MBm!xc?^ZB*Z
zNFNL0_E;_^!N8EF^DG<ZItDb0&XH)ij!1+)9SxUL$q!Ka83of9auUI88i^YXze95J
zK(+^TIsMmW-`%jPwFMUlyk(aUw@r*ju+Nar);ar$tP!H;hW27tL)O5$usGBiZk_-S
zz;?NpO-?A0rp|7Li}59L0CdDUvp$@qNO%_MUW!cj?$ojWiiiP>ZZv~T1blBw92$Mi
zaV)o8yYca|HioYAI_<9<)7ltMwv6B-(-(kXsa{-GJP8irXfXSmjwv63S$my5!-rUh
z5|W`*NX_?OFW6HH%ogeTDXV|;TvEHb<r_3K^*$)l9py)WV2lg|NV&{fgrclHJ>ROg
zzb6HBtyVvU4vx&r-S|~vl2B;tR%6=4IMCihBm*#84lDM?*+dp;R*TZ0tba5AJz7{0
zxUi~K;6%$^%COJ-2phs=wvia%fti%1_!0k~DI%QOGl&7SW5{VU0-|KkY5RK_!<!n|
z;k_Aj$>?R=^Vs)=RXf*xU%F$4Z_YDvTspg%Ch5^l%4C*Ec8MT{J;m@Ih85U4tfKb}
zFd-N(VRLIHG@YP2mQ3J=Tf<sD(ldgu)ollH?J-Q+Xx!>0qHr_(qQtn(d}Qamkoh!{
zDgixWj|>QEKx_Z4{le;c8|wZuX>UuJtIl5WN5XcJPh?F><j16<c~%QGPZD+hz7QQS
zlsqn<<o1LI{&aG7iV<-|cExy`@EFit@Ja?P{s*jUN7!yLa58;VQL2X>CY!q?!g%nK
zW?J;%djF^+e-+<}w5Gfn4e|GIk~k(m#KCY`N*HEzeT{^M8sVlw-yr*J>=-ILj!bHM
z1G`?gLaTe@v2v`35_i}O{+Wh#gXqLIu8{MjwC+OlwKlu?`A$yA@7(a@CNlH(nL{p5
znw-{lpdXs0*@r5!zof@J8kU>}uyP929+#w@zGGSl0uzi^#;Mkl6vmfymfqB5x*y)Z
z{)|4Eox9MBB#0s|I~yWi$DQtU#Eti`B&@>7X_%3-$fN<()42y?U0|XGbl|8PBx9E*
z1vn)RF6<s#{fk8dh}#lw{5oudalx!&ulLW6&bw!}@#)FpE-MxGRPKCoUS|&pWms#X
z43o|D2AV%?$0Hw8{eb*Add1Y1JBl&5D4m7S@di1i;2b_<Wr~Kg{9<5CyJhg;$kD?h
z#}atH|0S~K=^oblIO#&h-Ji!Ea7P_|KyD;gDD7a`6@5k|=EN%4U~Pn5N6?V?)2$jj
z5Nv?VrZ_&D5p8BJg`LiD{;qIj=@r%H=4OTS5rH}-YMJolxJfqYw5fcRF0lLzrx!H)
z>R~8RHVW-gB9hQ|ms{fw3X-EWrXs$kqMMupyPCM1Xsp8}2Q&_+$epFY-e^rKhopWR
z^S;#cQq&Btz@Qd0Q?O9Qd2?W=zsqgsiVP}DYG*6Bp5e2={q5g4B^JJC;(H|<Z5nQ|
z-*xk7X|2-o2vTmm9H}&tpHhht8)%%q6D08Qhv<izoS`8~09V+ZQX$+E?eSq;f9KP)
z*fW-cuH8AkYd9p^`n;CsVJa#UQn2Ui$%VY>ii3Q{)?9Rs$}Z!Z13N4=mAhJJGuv}y
zq?BTDdc#L2x7f6`Ou7trXioTHxI!@zkcC4E=pM^sxnscAt)MRI%5p#v69YTC8%V09
zX_FQ5);ksmy68GvR==%jtWZ=zDkbpwtqsQvjU>yQbY5xRF{u)%4blB&()?d}bR}`|
zzkpFAX*&Kj!Iicl@d5qQ#sH$aei(Sif<PfoWXUo_4QO484p2UK+@{ef8c};S#kdVa
zy8_xU=yJnh@GlGj2s3%qOilrrSH*Gv(6S;)o~WlJx<Hnd%~KSSd-Hy1s1Cd~XrUlr
z@;t1q27c^RN`t;TiL0>geX7rKdr!|ipB4+DlMk>M?*fXU##c_HM7d_-e2p5QE^|zB
zQCnrt_ihRw^ipBWBH`;S)O?y{T@MiSR1`<h|4ti-niFT=;ZeP7vxMu|MMDC#==2ei
z8d3l2GKn6Cs^dK2Hk4fd8#C&JG{t}RkAsA0M?V*~(AmkcjHW4~;GS>XNO@!J)=ZiF
zgb0q4i--Iy@7e*xJVuq5KVCiM@{(XWvTc?6#Y)VRGK}g_UfRsXtjBsV9-jsl>2yWM
z71U=;KRy+vmGC2(a?VZM#beizVwGLWqF%iZKs(b(=0IUlv}*2g{wb@s(Ly<OR)5>F
z6OECAZ-vT}6$Z%i6y-Oh!xK^#I43teZ(3H?mG;t1_{3JwA*YxYKK~ekVNanD!EoQA
z8w+_6Xuv|h-+eHwi7o3^OPTl}i^;mOGq^C)K|S)q%#rojSuMeh$k<U0Q;G+%i^%v9
z;uX=NwUCmcvJ#>71&{B}`L|DiGV;f?8>9ics{Pc<>IayMo#GoQ$`?<}r#6n-nnZT<
z-Vs(ln@cWU4#PltW3Zn&itR2lAc(0;6*%zG;OqGj44oGoeXf>Y{J<mU5tA?iC#EKu
z{Ur^cc((%0NL6i;^ciF~ntw^QLwPzMBMvH#!pAI|Ik0gJN*t%KiJLhC$oTR12EwhI
zs|=BB=SvH(z8z)fmxJ#KL6y`h>ja-P`6G|Q#*J$eViK|+&qX0Jh#dKZ1#5IY9;Eiw
zgmD7%mD5${D(vNC#1mS>%$LlsDaiV-G<+@R>Ud0i*6pSv9(|2p9w|;yAfegEyc~vQ
z9(%Fq;&H{UHVNBtyP>S2Io!LvJhq`>LbWh~CPJxxN0^o?E{@WqdSViN;=EJfOSb@M
z6=!46E%G@MUpH?C(KVCdhJY|y{@xu{BJePzDnA#^LQ-!+I0{FE%w8xsc}+qLVkF0L
z*;X%ER7GN{H%)7;yC;!bu5i$DfJ^k_jayugF&1Fu?&K65{+|9l^USOl!<>v?ArVIX
z{_Z)xHE^K*U~kW@zi~+@B@pRa>zS7ygE6Rk@Rd(cTo;o<2;(NPWdMjuy~fQ@LpR8P
zC=nu2GIxQ3#fiTgJxsbpy9d@CJO>ZMglhUi2PrST==0KAhX|8L4B|g@y4apHu{uaK
zR|5(l092O4=hnCI&|ITW=DwlbtYS;4p$Zbq&Y^dkkQ%VM8S4dO5#`?>)&cJVT?wr+
zZIxCKMT3gigl|%DcEhr#^~0`v&Uq%*hMGBL<<Ox9VthsAk_rW!FdwR3O0eUQ%$()i
zD=8(O1xM2x63c|JH-4MlN^4ic<z0^ne9Cu1NoW;IEB8Lkv)AdM_oGj_QV5DTa&pd0
z=y2)~f}A={X~OIm7?CtQ!Ds(ShS_=_=i7efzux@k1iFo?Q>XO*WUpSIssOJuRC?Se
z>nM;h=RA|;AjlKaoEOMoCsiQMN7)1Ifm-HIVPM`?d6G*5Lg%U$VZ+3jS1;2fta&@@
zK>Sb*T4@g2V%%oNO_RrDLZ!F<1(?JKc}==yK1u2=Wna_-P=6CHEW7pPv_X-!;KR`E
zz0qJfy=Cg+-V^7pG++lZU!L5yZscWc+vIG;n=i6$^$4+jG`q8WDHy8*i}6NCD!K9>
z+UsQwFO)g@YDj(o*K}}9)v$rISMP?!HvifypD!J9SJ8!?@V3ZxPG>g{KQOJFC8)!}
zo4O;MHdA4}lcEHaEsTrgYgE4AVw%t=QCJ&;{crR_bB+y^krcPTkQ6<2;lHcX2q{cX
z+-LWJth7>Xn*`33{Pr7y_LRy(UT{$eIa%9E2-7W1V~z+u8f;!LiXX*~iMrc`BDYMF
z_vRG+Vv<);ql7@|sdvQ;RP92qv|{tpK_bX&y7fe`{Z<jkZNG(r8A{<|K?x@JLRf5@
z5+4KU?#wk4_i5L*Hh}vwR$Fyh)o-;6T|H4gN{m8BGbYwvEq!$Xjns=&$}eyXD}ZFH
z-FQf_zUx~+8e0`ZNkj3ovH1@d>-+q9xzd?4qMPuFBSed)879OI(RfJ`+CBEcNV@1g
z8C`5Zb`X^44%}0k{gFlgks1W$kQ>at8g|47!xQY?5%PRdfj5bC9pwBR+u(rd>uiA;
z@QpZpL6>H>qS$MpKC-<*s#g^QzFsc=jFIga0H0^HN%Y5G=F>xE>1I8FcWJIA*URNg
z<POm1ru-{PB3Fy^zLBYG<_uYjZ>at|6FTMY1*v!9?F|Iza<h^6*EUqekppp`zDfkU
zwDHSZ-ih9whL;BqSv^*u-MPg5jH%_RULsFDi%a+3DB1~?B$@+ixv|&p1aCHpgC~`>
z2z4R$gv-L2yrbZ#N0CBb=&gm|j3%v7EkW)e=#k6sL?CYe_0gDdSqR9^+5=&(dD<rg
z_`m`;McT!DAc@Sic6xe5^-PV~O)%!mqsRYT13={1@LVDJYCW++0c{`&YXxYVajI#w
z4+q&kQsA%JZiRSF(h!@N(I%)w{j(G8<uBKge_drNW-OlLQ$=3N4-DzO#HOTwC7X3Q
z*gFAu%2R8Qr=jbleGJK{UZsfR#hLaaN!zO<put;e;9TxqK7h@LDe&#qhA0sKf|<Z*
z<q%dUxE{tB#W~NllTg7_OY3U7wV`K?|Btp14EU^wjg3d$(B{9HuuI<>)Lb}^M%<$H
zk|gw_OP!U>Qyqa%Fy5%BPx-6in+*p?y*r&peItw`f@D9>#E*KxMfIr{k=cWoMefe6
z*Ufma2J_hCNpOMChq6Z@IWk3K>mB#3?k7eAS_tNud&_Zjs3ItFjQ~=qy+4*aF<91>
zm4>oQ(3&x~OE^i-M&V7w)R=eT6&paJgehSND-Mfrey6^2NU#Nk)=b$UdaJchE)zd;
z^ycCWg{A~XZ3<kUCZ%e6v)9<Lt9|-0+<A~n=2BHP6mpz;#H=|=(A2Lr7kCH83VC_Z
zT4$iq4Qh~#SJ45sh+MJq<jT-tk9f7ILHDi2pEDR^598b+B0db9?A`?5KJw!9GmhC~
z$P)1PFgOje4rVCR$w{ZbEq8r$nT~#^!q%%?^BW4kix?oq3tyu4RiL(%ON=?y{{K;M
zCgAUSHfb`B<mTp){9tW5p{!9iG^Y`y!WVJML^>N;WwpxT_gq<>J`VZ&!h&BC3}$zb
zc&x!Z<6CP8F*rIFec~LXvw}vi)pH<bu3=js92COf!DHI7-g4!U-UE~N=%iwD$FGyh
zu5#dE*j<Wh1tLiwEQH`8dWlP9{ZTLw0eR3SZ%=OyRVxQRCR;z^qh#x@-2^B^8%8Q7
zyS$tEgGYkbva8IpWy8V~>^HYJHB<ap`1|w=5t&XhZFIMD(h##8`Yj5I{XR0jrGSEh
zwX&e=BqYmp0md-w_M`TyRzajP9%PwAysD9o_F5n0_K6=Bvi<!nd8NxEZ+vFBAY#>Z
zvRSo8eQS>N^Iqg6-d(ND8L3uJt$#1fq^8Y1=`|HwD$0p;x({M-B~+QC;qNGfOn<>^
z+?reLii;^NRZYzJ=>Em6v%Quqf=!EF`^A%fsl2OKFAPHuT=Oo+B5TWjFU9gxE*ArH
z-ZU2}-G_x6eS|(e*Xbc1U-szX<YIF3DzKzIQ7)}B{eMq9rY*)yTy)G2u}D6uE=vC@
zO~cHn5)gia^Rhs&xF$X9DT7W8CC%_AB7r$f3J<!r7P9o!4@%pmLs`;vQGo@Vr$(7b
zk9y(9i?6tNbTcYTq*_R|nFXoIZlpZ?c4A9U+4Q_uP*ySIc4rlXr`P?~+o94(lv{uG
zil(I;n2Cpx8tiE=hc1`>*Sh?DsbgQl);FPjQWJ(;rRnJ9W(eGkd_`dmmmaD?LC(8B
zr*yqMUlbBz^enyH+}B9<ReU-1;a8>1b~^(+!8qtK$niSDg@~P?;%>icQ4|l5E`IbG
zh`JE>*NH-NIQ=ZJpy*F`%1y_hDZ}UA)gum3X)0V_o*M?!h~$+Bf!EiQB7c7A`{a7l
zw6$xFb5SFCF0Wsah;eg=UFc@M;1$oHEML8o$l*_?HQdUCc|BpEd;zBaM=;g7@Mi+K
zYzKWU1x6K{CML8ex^e8axI88_`r5AN5a=e@JHwaE!7O;MYRI0R(RA_1dL;LLis#)o
z^SiE3n4K7WJP3jY_@7?xoisw&!#Mp0)z4K0A|pnYSuRT7#m<6PPC0U5fwyHP>)6Ew
z7i2Uhn8j?Ph=|8>dVgOXa{kd<zhwu;@J-l)617gZFvM}D#5ftR>MfZT;}SkCw7o0p
zo3cyp>j%xQg`l3ptJcuZmK&`lCIi}gls-A3nw*KS^)RCKb3kgZmY!3!#FG#YAK!@G
zUc*hzQ;j75>`#%kT2^lIc5aO|U$qC{8Eu<YKbV9b^_wMKME6)W0EcYiMn?{Fcy}~$
zqs47(dSLzD#WW%+X|Jk>Yr1t#8suSy2nW8cL0632$n?BfsXZW4b~_m~QFOHBQv|_e
z1i|P(%i%MQx@@0{2~RB|%5{3>V9V*NwBs&EIJvtZ93FHt$cRLNpFjVbN5Nylv6ZWv
z!M@3du$GNs&FZ3$U{Gday!o{Xo>$2>=@g+Gaf$9UBQ=w{yq@Bxhl}GnEzcK~m=GCe
z`V+c8d!3UBZb0Cvomli9dT;FgIlW+4B~7~XOBGpX<+!@CL|oG8UM#AT5;ObA^{g{|
zb{M>36+OpERCJd{sFLIS=G`giz@)C|@9K$!w<myVo#@7g;^0V3n4jA1m@qccE$Kib
z3=Tiif8-bm-Fnzo1$M19-0;`yUmIB%%wqs7l3Rb3Ai%Rv0?&WLrCJ7eDgSL-Vpo1l
zt43)WE5tvcM>`8^3lPo+BoK%4XrWT8qybL8_s~^EB&a`s>Rj3t{K2j^#j&cqr#{1~
zO{=zYZ$xW@2dB4jlEL0w*BI~g0C9ItXz@x?6r&EGImx!H>_-u*-N4F}lTo~LW5DYM
zU?p-pMe;i5ezzm352wlsuL`mGIlh(s(|7Gf4)~>?tq9ItWjj!iSZG_MoSndi3^`%4
zWG~_Yj;`N1FISuPVudrsqdeqH^^RU>d@LZtQnjWjL!(d>OCYUAAfHJ3tZ@0wbBBrD

literal 11198
zcmV;vD?!u%M@dveQdv+`08dK1KD5BGA4iDlan4Vh`GbJB!7M4PFXIl8uIh|bO1s@J
z7G!=ju&<J2eovTiy}_xW$=U=JU&;~jP;Y&*ya?PQu13MP0{yDoET`Nluybhhp=|4{
zVocVwC>w3jJWe(a4Fn&7$u!w^+!LiS5yU@Dwie0M{g4{1K`k~kGOm|HbYuB7Iv_%k
z^gDQWoK#-=6n6uI%aD3G1DvJLIVC+8?g8<0NP$8D^o`9%)Z)O}T(lq>IW7J*0Oz42
zqh6n^mztmmxM)^IzSpiv!`ZyU$aGd@$U!C>#XtD`!;S{w8Rlj6@uKU{^V1kMfMus<
z4E}8jLroRp5{VG@2LDY`f@vMi)#Qj?t;`X0t<*u8qM<j*drCfdGc#Df?s1_Wf+;tI
zl9_IsuWpU5n{gax;=r7l>wFIk(UetA`u0JR-4!TW33VI#g0V$9tTG-Ef)E5Im_7$w
zn~q{yd*m^+P*#~tS>z7!6y(Mmj}_huWy4jp{>vx4e;T*YwM_Wu8FUz32qKIn0C&gm
z{nwJk)}FFo>_*aHj$ae0@RbxVbU;jF>mI^=G_X#LPSQ4RMPFNs*P-laL+v&<k72b=
zrHW`Q)`U=XEi$lRO0+{1)SS~{4bZOW5!i#j%>GXWf*F}A+41qq-G_F`Q6w(NC|Xv7
z4aiX^XeVW?jqOc+F7uwxVsE(D+7*2U>!XOylaNfJA$Nx!;{6k45v`m=yF6&EjOx_>
zOnCMST|DYYx+&H263wMLz5diQ?{jk4vw2dz4*bccX74OX&2+)PvM9eaL%h}0LiHf#
z1@sDyzU8Enx5Hz6FI8NbirdrHilgrjoujSUtTkutma?rf7%)GdLdif$u%)tjZu8wL
z(~5lnE(u6$Hn$I!lP#(tL^ba*kq#|Pa>xMXt6>HzI9rd%T`a4^j>_j6o-C~BWon&3
zco2^2RaI6G2~JTb^{YdGB@EuQ&9&{T!N5unDB7FSzxFo06%%(^Y7e~-B9LicyUo<B
z&d@T;fjpRw#suxS?`PWC*uMAyuD)wx$QWdDdT%Z^CH@7<{gPV;Es57)rsw!n%$G(f
zI#t?@G`TRwHR>$M4-{pNZ8&zdOM<S|%a|R~zDEOlLJ|uFMP8Q`lD=H5<x2EahxiDL
zcGRhQAPT<OOn$!M8MFZ9)kxrT?%N&}l1M21BAbBD8w^(UV~o%6Y61yC@Nhe+sp$_|
zTOpdG^q@M)Jwr&4;wPEL_BcDjL-?+Y{pAw&tXL8(koKiz*#<L4t(Z6SiS21&wNL|C
zqE`%`#DkWA4a?#P%LYzUziGPF^I+C3?-7xIu&8W79Sl<y>0UddZ!pxQgpzkK^YI)(
z_-+Oi6%>iDWj$r+gXJoWl+7xRF!*IPNJ0Ep>8#7f*43OnVEs8tWRp*|h#MUj$+Nl}
zgZ+j^CH~IWlAth(p`_16SEVg#(|q4R10$%VPJB-cInOcJWjly=e_oTd$oIOIMPtSA
zuY`hYXWWOs39&K<TkMhTjb4(m1UtyMnF%TWT~k)9uTAK$YX>O%FK)YbL90}Y5rT(o
zf8Q~zQL^xYK1Ghr>EtmeS<RYEQ~EIMmw0HU`Hdm!^m3y+bs&F~2*(W%@^Vom%o?%l
z*vS9K#G{s?Jcm!@HCJ2hmmU8cldX5BO14a{WO=(&gCI|7HR2maUlCm|lXU8FU8Xxi
z7R#jX?I15Xup7ZF57i#vjSL8hZ2avJ>haYI<xc+{YgfwW$I&^2)x~I%1S^A{IOM9l
zV(2{bStIM)B*=f#v!l>OLlPzI6P$^$29ex%-X(%48xub8{39ViPz@P#Nne*sT@^ob
z;%u{?pgdtNp+1c(2j$bMgt{(QP<W>_R+k3yKRbj!P&)oTobM4r%he`^iDoBU)eXGG
zF<qKZQ7J%M#yvo#T-g*YbpHP0UZgzt?vfZWj`5glY=qo>l%}xjv1V!_*K4iM5RcS{
ztxOP$$=@;P{PJAV<wvyBlcuFJJ!B^C@TExC(Z9wnS_Gs6;~4Tt^L8D@MtZ_hTUmEk
zd7~xy4^vITaWjH#-)Uon%aEMj*DW1cu)gLpx<39Vs<PLBp<Aq-(6=X0jv(!6FQ{LB
zsnWt(j}kKYRx5|JgD-9`lR=rHZa~ax<|kZrng^`>o8MrcH629LC4DL0Q^+t-#=xnN
zd)0p+r7|@-pzn-XBx)kPYJZ?^OB2isH#0|gA{1KT^Yk5-B8y^*Z1j;O1RTO;s=R~|
z;;62WUfMfV@{JG;%P;vI(d00<{->4EE&<Kqv(A*!JgP;Q#IGxK)|V8y7UF5S<RE?X
zsD3KbPxNXFa%n*50u}3BHys4t2eM=LbPoUqK%@z6j*vD!A*ySEk#pygfM_N9Y%;Jy
zQISpA)QWc07>1=<6<NeM**v`doXsQ9qlQ!f;ho{s3I_2p!Tg1bOXSh-dK?z1;1M*e
zoGm`th)#7tIb<MP2@46mNI+jEWTo!J+XRAi&SB+>3QP%!O1@%>TAGF=K>TytzWTl0
zVZZXJd}4t0j5L%aX=>A>ut-XazaSuSWkXnR;h2pfz8G_>@lf)3;ce>hRl^31(mv+v
zf$x|eiM=E^4C(yv+bNR3)%(_EX@}f)Xo--T53XM`r!(Lt9HP5{*>c|xCF1shSR|EX
z?@LK`0;yAV7EyK%W=?hNQC~=eP7{Ank62$|9S|(1*onbk7VpS}3Ss~20R!poX}tit
zLG?o!B!IhU)YU_ks6!FX3xgFV==u5viYpx7FTgOP!O#cnLV9+0+ffdyt5DC)ZS{M~
zH%&DZzLmTUcO5oebSO!!cs-@0RpkOj09$KTHKZDX|F?FF6uD1?^a4}@NGYAl*C9F2
zHvbwqk_IwR7bde&BoX9M?QU~<gyvthOB(}=!?5XJ9`B5TDY%hp8^5;CISPb@I_goZ
z!<BD;)z1E&fTfOz&!c<BT;~0A22#@ejN|Q@Gii-!=lvWyzgX(|nM(_orjc8Kd$#lE
zl>o{a(0SsAszAfhvkq713VD;^f^VS^=Fx}jH@*8DCPn|jTYcu3r-_ul8jG0UL5{F<
zzDhM4R>&6#5ZAATV+TblQ4^xKZ3_2cf^7sRf>k7F0yo%p2Km6lh@q0r9HDKGMRoh>
zO+lHfD`pWd<t)1*mS*{a)BRIdI-Ocy7nEN#^@Ils&Hw!ZD?W3FkSm=@cUt5Wm%McH
zNj32&w~QG1QkuS+#EQB}<1E0^t|0EfuD-=^u4o%Egun4{qeFnb{+&zwO+aQ_9mh*D
zJ?PSqi?CXGREA2r4_P)TS7b6V42Q@~H)W$_U920j8|NY)gQDYAC0;(U)^bta9F*Rw
z!}=o~eRR$AaSUE^G1At~e%sihP8z>|T3!`4k?jETnnM(&ar7}O3iybxaDIe2M6Q7m
z%e~WD6#nhCKG4Iz2sAghHLq*WDdWC<xV?`~u~YW+&di`y<~?*r3ivM4Ykur!_}J1I
zISLyM0#vmx74T-RC@XV2L>TW7JEe{DTpU@tipAjkg6|0kNCIBNV!5~G7lCB2%GQk%
z+T_1|4ZM4|D?flU;dLdBwcEZOH(NRbD}~yqozQS?Un4JLQ#<GS!ibkmBq040(zYtl
zF8n^eenqG(P)-dzDDNnbP?Zzu3{?mIwApcyB#+assCCul3T5;FQOef(0}daBp_n}d
z$<N?6K^CYdIZ*n(0GwW=AR*LC=yll<fzinS;oAm@=Y#g!8L<6v-?qYE1;Yd_5LkFl
zP?{iZXkV7u1E={YjXqi3CY_h>@5MRKrlI3E_iMSyXX6mlc6Qnw#*~lL0<|J8!&JC#
z>k1MU6Ex5U2Z=@lPOygol5wm_o8+Ld(d=R`J8c0ve_PzylJfmUQfCf|196WHo>xs`
zGRHXg_6+-NA?TU6xqIdHa}siM2`MRf=KBIm`9<Z8@pt$v<5g-X$=BWTQyc^Aq3enl
zn%Tm(LHo5Adnm1bm`Q2YZNWwFQ|TCk(oVT$K_)2!ES>(QLMyATG8t-hk)Cy9-|($^
z-!J8LnMb)wnva9)d*XfgZZ%M*5p#!!f0T1&Mnd%#7LMv`(Xy_^Pe<R!N!VCm$+WpU
zaLw|5!^4BXES-|D6)o0VIz2(?>(Q3>m9f%_Qb8Q&0C(6Q?REfz=UtpGo?6$5vpzA%
zn8lLh^~C526P1)u?Q1$szvv-)$UUUVS(=Yz$D4s8`HW-sX;|pTFLP~O1p`d$waC~d
ztx(VPAi!4>o4=Zj_@}Sjqo2=}xQ{)e_P>r+ahmK5SE&N&=1S~<Mt}bHJ3Q7>7(Ktz
z5Q3H254_P`MFg@l_@xI)J>YY%=AQgzuu}chG?bVKA3u*m(?K0c5S(^(E~|dCWtW_o
z{SXeYJD7piXuYlQwo@ZFnG#c~Aq4lYC&=PfQXSj3^1v@jp6I2m_%DWqW(kAGM7nLX
z(#Ciaa;8^LQw8z+8nxw^r$Mu#gTlUiqIUz%=AvttPN&HTfuNMxV9qwh3+le`Rg3WF
ztF$qVywQKFpM})%+uo!s9@Zh^+(O}aMEVf8nx14xTunD4u?x5A(Un@MyL_vPhJ=di
zZ<hLe;uMWkAjYsSjKOmLrcZl|%i-*Zj~_R($@=R5*7sqxgo&vQaR*vI`m;15E;t9u
zt@R}!P{54Ul_;oW12Xux?Qq)H|As=Tq&*JowHyGzZ(|T3kBwhxWrr*E2us@4n+@5+
zJOhxQq86ok0FbL;R(qu%HV)@-7j)}3B<CjEH1c(Yh0c&AmHThI8wOHwEw4-I?B01Z
z-eWvWxieE%AI-vPe+jsYcz6qqd?yib3hfHP{|57Ei6Th#RI64tzE6hD%1Z<~6aQV~
zJ=RNNGF$q{EQt1R=A3@6449cX_p&ODwT3m(;3C%rb)R2@Kw`H7^-C6dQ1}M%jvUX0
z`t&UCBm5E-DJ;VF9Axntmuc<SmOr27H2W;8vCl*KG8}iRt)V{|v5L)b1Cf;F{fXEA
zRZyNEDWU73lJIC+quJUV7dDG9F?i2bs!@%=Uz8mvVhM_(%A`)V?oGn2UN4ZyqLStt
z$ObmSNi*}Aii%@}ubX~le4vP{T{}J*<tJ00wa4g9eV|X1vH91J%&XwO4<KW+<lM+k
zo<;`iM<akJ7o_N>;u?p*>ww5_9Sek%@#eQ$WjbR9!1U>BE0SGk&|{gvwaWGO-6u4t
zLl3f6S`o%*cb*ckME?W7^z##`Dv=wjV2kIGy136%@&o`&Hy0p|heHAO%_Dl8+W)=d
z!y3}D$FDHVa5ACnc@!MpUW~~5$p$LI%FQU|1<8&X+2#TxR@g_?fiK1WLsZ?S`klLa
zqthT-{!#W7Gc%%|ra!ENgm9njT65L5(kdz;{dN>x@}1FXvG}D+|4qHj@#Iq}4A1$b
zLUN}78Fm1&F-d&%|D6&W=);R(twyFE2{76{`TfQ!I}dPwx(pv%1Gg^Hg2SxDwpbMH
zui~1MLGk3lh1a-v_(jdh4W4Iw7649r@*ORXh6Ip8`noBs4ez!x3jvgo%tc3lbI=C!
z%4mjKf;dpyBUaDNqP|~3ngwMdwQ_`m&=_fWTYQ3VPiJNi#c2{hTkSg-6OpR-!RAg8
z5Y#&DjVow!Pr+THXVL*^9>;ftNN7gsjQtj;u(+^IG!J0{O%<w+h$}=lM7@+^bsbiz
zOdy+VHE3N=9gUyxKLZ17Nmc9lC%u{y=bbqi<t6Jf+oV!nsP`MzGbfD5Xpf|;+h70z
ztI%(gg_`t$PC#R^q6;<d+wSiGIox5oJi}>Q+|0Da@K|*T9AXZHchsv{hikUQGnXnf
z0N+beqZNmO`2HX=cbfB3nRc5S)xtpsZJnn#%5hnRBTrKWukDouNL1~J@Iy8l5;IM-
zI?XNWvUT=8kE4(}E3_@w{y=Avt@ovZm?p}3Tt2_}#{z7D^L7hXu`m82l0>vG%apzj
z3#|}mj&GB#N~KdP@&bDK2Bt_4_>Ok9g5&HPS0KK;MOBR)e#pO0X4Og=$OOFH!$`re
z^^q}@jQwu=t~5ifG8f|d<m}OF|A$BxEz8{7=%a|=f<hrbik>t;?)5+q^3VOndYOdg
zjNHh@*@Hi@t^u>j9&-W=60GF*h;9KSvPK8Qz?#Jx)Y>hOLNaT;&1cjB@1m41I1T|7
zd2&nA2Jbrz^bxhtGC^b4v~`&ZctNV1zG`XHaNKGi5h+&#f9Nv13L_{|wTa&I9%b;e
z1tSPjCs1(CNeYRPSNlcVNR3h68j*}&2O;N%g-(Lh=u;?t3+#CsGEv)Im<SvB{?hoU
zy6j%nYu5~dLemC;-F9yrJBdi&GO|fYE5WdB4XEn4)S<yOtD_J+pXuVckFl4(n;Zy3
zty@A#b#9=}g-pX-lo3?X8FDP|OeM-&J#B_2@CVW3u<W>uRHR97Y0eoRD)W}d8EGxa
z3FA#eD(j3$DrLi0bmmz8t(j7v+hOL`w|BU&-l*YqE9?hLX7{j#L>(f3O#FK;J>@({
zxn+LAF5f+^5~2`}L91KK&#=ceJ&YUdzqmh@*6Dtq#>(jF>63krBg<%5Q;*m=rB~Lt
z#@i74+eNB!)_vNRIwfo_v+M<m{x&Jtl?hQd_Id~#ldaJd#{l~tj4Pa3$>81=(1Yta
zF~%ATXIz`D$6yhu7R`+~WgwPTh81>D$3?v68@fK2p#vY$DzroTSyJ5pMgMSEGBe`r
z?!>`~VOHv@y2c14_4B!qHQ)6&l^wOVN;v$THAe`czHg_hkMMy`=Qalb5-uog)9?3C
zHqApESe5igS<0O6k<fm}sI~c@*o)bJFR?X+7RBwE?wF7j`C7>h^+x`kx#7EYv-*(y
zal4M708&Z~*fowwd=o>TWIEDzC$~Xk=6IR4o%MZjL!PnAfkm%nKZ9&rim9eSV;=wa
zL4(JChx6i$$IvY3lHw4bcR+1I7enByRj6e1{9?13LDEe`55TxK49514jp-w`GpOu1
z2ndNJE<&@+$fp!p+D;vSIiXK;066r_XyugXE(~w#u%O%AGAwuM3W~|+KROJA>qL`O
zv4u?@B;9^l?L7(u(PpyI>;PTEK$q3_9c54b%a1AEKVQJD(d7bxcg$_bV=n(G^G|qX
zepkh8ln<xNEo@W<Ix6RRr<lMCN8WT@6pA?XQRyi^MK`0DTNy%erJnGNw()YoY>uv0
zq!Ja79#l{2C;$U@X%-*JEQ13OvZUH_0kx_Z!C*(1MmxhIr65n2)~eRRWXq5@#D_!h
z+N+{=u_>ZztQwU&te^|5{W@!f#i-J-g+S2?S<=0`yN%dGoLh+dlK3l;mpJ%jl93*q
z)x_g~Umh|Y+{i&LEgV~I9sJQPzrFFC;1%Nt=+D=LWC(V!o)RNJXa6GK$0UOkYLeD2
zri{^Q0ZZU57JB;lX;At!o*LhmP=ZH<)ekF}=W4nQtyu+2QZ{4!h0u-EvlDZ#s-dlv
zlzO=y!L0`_yVbZ=v6fIqkGCu!bJN+|ODg68OJLea80lrh5-tvd5R^C7X&XtEMUq4U
z8M`S$&l*^Y#7Pbj#KF(h;VP-tJiUE<wRJw*$~5V0yUs{p=FG=v`BMc9O!(%Cfs6-E
z4p?ItW=QOwwJ`N(=M|{ETsMK7_KAd+emNtS+{WH{Fp)GQ{w5U1zTX|EcVM31V$DBc
z>gis7!1zA|uA-i%K}>o0U(J_2CTvBDKc?t9lmh6WqJkfDo1&pVOO6%5CLwm`#WLX`
zZ(^WM?2~p*IWivW)px%mXSyoE9l6qD36=FEObDsr*(r8R>o}q`PlM?7QDY=>I_eBV
zaI~9qYmM<xfioP1S5v5nbD<<ew1P6PveW)JrTVfO4AyPrL(4CbcThhfJ;ht0obpVr
z2SG6j+*?qduUdk7C~VpFU`fAL`~x;l4d41hbzP`{y`-5RP5*wk=mI$=888Ky^0NFK
zt9poW!|VK&np7d7O|CHRHqNwCTBkt#`*~%9kZusChfP5|A;yYgi?yv5QOd@qONKcu
zeplXLH2|y8_SRhi`!}_wGp|Kb)quhall92W4fsSYjrOC@-|J^fITUI8RGPJfaRcs!
z2QD8=hW$~@hj{9y=cQnBz%SX+FE)cv=roUcy|xrqMT%O3KTyBb7e~q8Cy|#?LY#o^
zU}iipMI)vs>;#Jcis8<D+(;Q&NKfDrw$NyM1qZNBtH|pv1z~D(tzcU!^DJOAXG5wj
z*EO|3j6}P7Zs)K-5*9nU!V(osEny+{`k<7jTusP2Vm5XurtxJ1F6|v_qZl!CGSi!1
zgEZe*slA$N?<4&yPpj=Ax!7>tA}ggz=r^c&gO4xqJ_gs2x&PLJq&9^0W3~j1O=HHJ
z0Da{AzTO^z$WWWj5$NO)k&>F+^fddmhTWMyhvtV(Z=Lm6liAhJSyPes&z>iTwVz7p
z5xp)4s0F4*pw?=1!AcZb8qHDNv`|cs5P(?$m%62>`;IkqNWO(qa1PdakFc_48)L>2
z5!=Q6_YHRo8pwO43($yn@=Dugh!?hr2r5Y$`>qiwqWw4k=EC7&k@>tp8Ae)whx=ZY
zbN`1mCK=&DUM$QRXlC>my7ol3W{n|ymEi%%V$nx}NRcP4x+wR}9A%C)B4PKhIT`26
ztp)jIm>Dvla-saV{8_pOhOrhkvd#Zdh%cNUVDqo#xj}rKllC7<SXhRhBK0~um%ty9
zL7ftfw%|vPWaLBiLn2~A?y81GteW4tG$pMi(@U^P{m>DG>fK$sv?PRcVmW2jbpFR?
zFTmiC<ZdI7s?ow<6F+JmUx>F1tJS;L><UAeWx<W8GC~w2Rwk4z%Q8y_qP+_Lsrg6=
z#wB#{>_=yl7$5%;JJ%O+hFRgX1R7_cxSY7SK_gKPgA#*UxTc3<H#W6A7MXrA@{<P_
z>sGaykdrQz7|VGJ98qMNc)OME)5a#W#TJN(bH?K^F6}1v^w=F7ml80~V;96rk3zV+
zA)IR#_IFttr+l@nCTwvI$Q6X1VurK*Y+sN*rz4BA`bb(-gp=jrRQWt&zs`eBO{#tz
zO!xq(aJxO7(cr<@l&CCLu*I6#b8j!2llhom;c-YwH+lKJIX<v&?S29ExnvIi1{@4o
z>2crxR0F=wWEO*vETx>enkL;s;%_#%W8s02%+YoN-a={zvF>7pt{2ECeW=%-Z^;9^
z!@N~)uf>h3A5l1CF)I|Nkxb>nx5I{|n=Mm&SH_JhAC}A}QqK9|lP}pX^@m-%iV}Y0
zX%G?9#;o>~JM6%t*3ISi9Q6wdhib~O(`K;&u>b3T5X)e)B9YvP{R=_)XOQ^KWlEuf
z+)Mm<6jc)Gb>1HAN0I2E{znWC1xF48$EN|a+IW`*a;go#YwpT=1Qj;MUx01xqVMxI
zHw!}hR%ZOB+H05n49T72fNDxzyaTYBmA=|p3~Yo@gqNhL(pNk?NxDx_USX0HGbxxb
zP{jt{=2=*1LR7G>Z+h!%I_M?`*OyMx7ux@mtS6^WOH)QPnGH9`f-pwazVQkligNst
zHdis|&`phl{v9<hqK@2QUr8>E%jRrE2-ZIWH08Y&sQyQuHNfa*Tv|HJc9qYHE3-U#
zcI=7tXL-daYdVYiFKbtI?6AnaJ0A+87fM<oCSGX~k|Ugrn!wdBH7C7J7}%KOG0^*P
z&feYY$I>;lu6*a_tMLe7+R;i94JScWh-&~f@ugJpIE~agRltMXR5Elu;0mEsq4<#M
z&o(c@Enb2{k4q@%s>nb|sw+V~sOcGiW+Q~A)5pD=9(gnDcwxs(REJ&LRGM&Io9Og5
zC;yp*mw_@JOH=(S)9B$iH0=NJ|I5I7o<v7_vOZ0dy19!Te>>~neLJS`|E*<imNVBZ
zt3dy@Uyl9!XMuinsCr(_-9O`M<TA&whj13Yg|q-G7;EEl4?P88XC4smkih;XU55&s
zNOJiav->besffW7IJxx8EQpjLCUWo>qj&BW;DNX+62wC^Y2x}Mbb=`#V064x?*rDx
zN^Q5XvV00ioqdmC4owZ;|KrtDRcP7sOxGMnpBJsYvf)Tg^QENwalwrFqD+bw%6rKn
z)4%z@4SXjEcjf+$AAS%65tHRc5Cj6j|F%xa@m_&BZ%n_ktCZgzbm~)@G8`@fzOCu$
z;=KD96V}xqN=7eeo;4<H`V-|BYP3566L$mWco-EcMhWXtEK1g7wzHtBROY`v&SqO4
zae5;^fvq4&o^m;a@Xw}jqrdoL+VGeeD_j5l4WOpRH-j(v{&$vmk2GEJl6Eai!oX3%
zi3XjWNyxQ0F&8UqxLj1M+oCo_4ejg(Y3R05YtP*9jEu1fyFk%y${za4RTC%rINgX1
z)D2OJr?OJKzG51HT2%4Nc}dw`ey?G}LmDH`ci>$0VK-hZIVwps+q1f+&B(HNKvdaY
zuWkfTphOw#4RWclw(REm+xBA+dA48Y1xP08{v>ut<Y_}rfR)GV0u}<o?uAI0rwh%i
z^O&2jBvXhMTH?$IVg>vj>&$-@gVg^D6?{wR$huSI+CkDd!3VnyU7$)W8`(LFGZzuj
z{i@+ZGw1dA<e#<+&&3pEh*8eb(oQY80KUf*npp9Eiu1tE?N{Q<jC?cWg|aX*@eS5U
zUO};*ah~X9kyt-PD2E~DEdU%>xE~T$Fm@<cjHQ5*1B0>5%eZZsIPhfCB#lEK3so>g
zukKA+u@G3Iaf==LSI^;ZM6D2I|Hu%PLB<{_HH5BxsP|Tp$)J(QF4fzYJ+xnNlPY0G
z9^cQ}ud27vk^1wOMaBhNfM@P)gJ~R^=r#aVqf|m*{7R^ardHDef#-fkYYgnq44kkO
z*8p96F2CZo*y+Tbg67+6VRg}hwM6X_%cEM912`b+aI%3Tr}<VkX=Fzees;RM4IK+h
zY&PFL5NzJ+_;mReoHi(!=HQH=C%)mn?L}$@uR-DTQByb^{sL9K{xN{FtF|x(8s{Ro
zOyR_nUdEDw7a6|dasBG=`b`u%&E9zP6orcSlSexU;&A*Jz}VNkoW;$lKIl}V31RxB
z1~Sx|$29!6b`fwFH8L8Ak%ALIFfq~hU}cfo<3Zr8yboQSU&NJVBfvi4C)^s|14It3
zIy>!|kKzB)C>%+@H3+Q!jtySpCrZPFbMO!2H$vMh?96>RmvETNd44FSgT7WZIc7E6
zk_pHQosSdFMvfveC@WbS=LVhI=oCzZP;}dbOZCeeWi9Tg{q>(x)HdO%#%|6V2@LWY
z{%txUwaG7d6Y`NO-3leW91Q(DaT!kR^HS!DJ=><)erm4OUd?iENtnKmDx&+sE%ZFb
zHwU!1yF@zX%E6TfLinc~08tz_KYXMRr5ltxKf0OjxMWy=6kl79eU1V+w6n1m)n2Xz
z`QXDEwS-&^*4vr%L0kn)W}2mtrzw`z_R$y3eF%)^{e#2kU6bz!lPdVsdInXxvz-PC
zzH+z?p@cIUozh7p&)9+l2+fJ3qrQ&`cJ58Pv^6Cdub6n&+4cjNz0NleCbC|~s2h+$
z8~kK3t0&E{*;h=Cq7F**k8(gc*cvywoz5aJr~v?iA(mfYnUhfnl6J$|z&5QvT-TZ;
zK#>&7Zaata`%|{vubsJDc{nrA)HQ7wfMs!|vaOq4Ao=ISmi=~@bq`ce^slfA+L&!=
zG7GJ5jLGS(q}?|4hIEWSG8C^Hj}#D0*(=Jq<lqGLG6W9jT>r1gUeaL!p=({r-2Oh<
zCOMCOs|rVYW<I}H6we`wu{Sbi(~foUqZ^9WOV8USD(;Wqfdd)yaOE*Za^Bqf!v6sJ
zfE3O!>(lxf03Fk2F`#|PT_f2{aHRlM(>SQ~L1Z`zp!y8?rAF^L84jzjE=KG512vWY
zpbFwnLWh<kQZFr9c@Jiw5?U#>x6{+miKS=)MSPn$xrLrpPO@<Z=4wN5RFgft#t(i2
z8Et?x_piw=;uF?yH5@)b6gF=<<-BC7|BKO>qh|V@!A^cJMSk4%I|YHL?Y8KMQ{TUR
z`P7@5`V0CvPvKxXaX#nwFe<=Kn1&P=$`UtvaB%)+ltXA6IuLDitUg7?73&$Sgx+mZ
z|Nlp}B65m`ue)O2xAuwH9gMD66x_*=M_j6pK?m^FvrIx#TC+NboiT}36S*(Gm9)AQ
z*RK*Fc>?Q`<7W@Iwdk|O_Dp;D3V;*FV~yqT={tUH+yv@ec*dHhD|O1w2IFT4(NDLN
zo;-WWxuPgr@Zwu*WM4N4v3B3HoSi7L`Dp_bLGY=TfIK786rftHGt0_7vw`?XJV^5R
zS>R|`dj(qoyQV{!zrV_zyGv|{qdTz2*=j#AoW67Uj?p_?6KsyWeJ!dLHqUI!%#vLD
z@FaYc7se4X#`zY*=|A?7FR%ht-;`9AzY4F-1W7Gv7Wsg>nxA`_PU#^wT7(0T@G{9G
z@}P5^#5$3@%piY}_5vcv5Mu+*@v3-sfp-6K?PPidmp0qEboX~{)p(4n<~zVhWEKNw
ztw>vfC*7KpBiMY6)A@qM4OdBe#eQ_ATc^J9lSyx(>ryyN*37Q^!)rtLCc-ZtBE%XA
z#Hy=$5Sz@>X??SBlYWmw&n=Z2dgYe78`dN1LBW3oOl5g`gowPsJZ|C^Ro4K|0_XU4
z(GeSOG#E;11XKP*09Nd4d~F(pt+)#iAqYBSJGFz*(xZCwir!lTP!2)a(5@sYJygVy
zAQy_8AF1GleXZJ>@?GMBVUkNLHUJf*M{sr!Bd^MSL?!!q^_pJQBI*1tz97jNrc1xG
zN9FDS$;6~V^<qHb{UAAQzOh$|A~r8Um(`6NiB@G9saq+PrN7mXjVEQm?5Nv5K5v0)
zAPB6b`F*KA2;=qk@d>|1I!?1OeVa}eJ79+C+Il38upj>3hXb(CZAzGy8Xwe<&}%S&
z5C*UmGCCXn=>wGUJbcl<{}miC!vB5OVnKI|Dc*Alg>`9$a$DCVn{prtHZT#Krfw2*
zYO%BwPnmWTHm!z;n(Xnv<<eFQR!KNXYkffy2%*5tWh0uZ!T2i9)X8;BxIw}j#C^0W
z7-AGim}rwr5bS$1dX^Tv#w~Js-T?RDJ#}3?RlnU7z}qCt#sp|aV;pC`1F0@iisxcn
z#Q<!J(NeIh%tGc-re82#V$P4{Pe=go1iM*!g&~nPiAi~!@zFN8T9t@6DQ^eZR=X4-
zR=X;6ZlEwUkD8tOx``e{i8W+0j9wQYM>kVedIl!sUqP=PRgQ09-ZP-2FB9G=yH@lE
zoV(wpN6-W-NIy;%ZyB>n@Pq_8vfpk9CC0tQ7J#%2i^`T?mKm`GV5O2?;;ehZi%qZ<
z1#yEO+H+`ZWVyO`46pm7OEDq}x|HHP-A9f?6}kpKVQ$>cEBEm)JZ6Q}Bi-D(dast;
zi{6u#8h=Y`eeoUe#tTGk9kPwT5>pAcKCfM`gS_X`tX)bcmQE;8Kz|7f@abkieRq@c
zI;rxYhc!Q`8JmMlb83p}w<27#=&s?(P3Rid<;ET|6|Lc=4(J2FtuW9Wf_v6eTuvrd
zQdqGm9yIv0?+g>zDUh7W_1kAr57oiayt5{BM^TA&DoIzP5g9`Dpx16ztH*XX@$Hw<
z6xB;4!Rxq8|NeG(hxY5HxA4|}gz>!IH&VHrzp}egX@JA5ogF`OQ|zG&*)5?cpb)(i
z57F>H-STvnaRh`g^dA60{0}Ps2)iyTcCg|zHG?Prw$>{H-f;fC3uiNb;id-<nm$gD
zWw)KLmZbi!J}p7+$d2@$`^yc+V>>(?-`T%_9|xqUN}KWU$7u^NUtH2@{$;K!_6qpr
zZr6~Uns5o2gWQgsD_J+=CH5{2*;?rb_=`S}t3*K9qikn}6!YS9$gtOTpBHu73ue<r
znudaH2=9YJGA<*K1PQ})*~gSri~4{K%340(N^?9IJI|w9c6|)M$KjsXw7^>vx$gN_
z=|2cXyYeJmA9p;Bl>+E9#oSm@zFXnJK*V<FK?@ouNcT!h1V)~$dz7rA_H>5iv|V-|
z_&(SN%k_;su+0S-5zi%9sbUkCFBla)oB~w>*I$HxB<AKyJ6e33th~Lbgp*dw|B~iv
zNzWSIk9>SX)O{|FE|6hek}q9H#)nsjjO^QB&xFH+OYh9eFBGOZ3sLq_X2d~xeY1{x
zQ%)yW|9UL?dRW<8H>N?W^-}$G!gj=}IaiMI7%lRT@2*dCf$duHHAo8%RN{K*91j)*
z2%PehZHT<y<E@J<tJv+Oy%_@?70@jk*#dJMYHt?#jnmOzAY0OHWIt`CRv%=q@&Bdf
zqw|Yk=J89}9c(=0;MBWhafE|G2k<F6850AOZHMVbFwp8~gpFQz%1-B#?uuM9!GB2^
z@&nSpW9l)OXt$T^zKo!7YR@jZ6y=vG5zlrsM^|k-9LBGgrSfE%q!L-^PWVPNXMS6N
z!roOhLPZ0y77(hkP3F#cvs)HGMLNP@#XSxhX{%u*FYuW&^W?>gG(}oy<%L(g<Q__O
zrPR}cCJ4u6z9OhFo!1R!lMbV#xO5Q<X7Ro@8$&d(uu8%Z`d=~T1?85HVEF$33onHQ
zb)STxQ!pvm^qndSCdj~H(|miZD`!InY*)9pZlI~^<L%;VSx#bF`c{QUq?X4-<TrnP
zVU=tp-W*799uk#5HqTEHUOS$VLg$q>+8hitH!$9$zxuvFa@w5x?`w6}kgi$N_c@^a
z)&q&D=k*A59+m@AZ3HEhxiqHix(6uGG>ykfL_OXH#flG&B|)V~VQJh0a;R~tcL^`i
cF|>5IO~AFqiy!)0Jp0Eg-mf}Df=zaalO7Vw*#H0l