From cf200d82d6787c147722a7667427db5a16546177 Mon Sep 17 00:00:00 2001 From: Bastian de Byl Date: Sat, 3 Jan 2026 17:20:18 -0500 Subject: [PATCH] chore: gitea-actions improvements, graylog/fluent-bit logging, zomboid mod MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Gitea actions: add handlers, improve deps and service template - Graylog: simplify container config, add Caddy reverse proxy - Add fluent-bit container for log forwarding - Add ClimbDownRope mod (Workshop ID: 3000725405) to zomboid 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- ansible/roles/gitea-actions/handlers/main.yml | 7 ++ ansible/roles/gitea-actions/tasks/deps.yml | 25 +++++- .../templates/act_runner.service.j2 | 5 +- .../gitea-actions/templates/config.yaml.j2 | 2 +- ansible/roles/podman/defaults/main.yml | 10 ++- ansible/roles/podman/handlers/main.yml | 8 ++ .../tasks/containers/base/fluent-bit.yml | 45 +++++++++++ .../tasks/containers/debyltech/graylog.yml | 72 ++++-------------- ansible/roles/podman/tasks/firewall.yml | 2 + ansible/roles/podman/tasks/main.yml | 6 ++ .../roles/podman/templates/caddy/Caddyfile.j2 | 43 +++++++++++ .../templates/fluent-bit/fluent-bit.conf.j2 | 32 ++++++++ ansible/vars/vault.yml | Bin 14697 -> 15864 bytes 13 files changed, 188 insertions(+), 69 deletions(-) create mode 100644 ansible/roles/podman/tasks/containers/base/fluent-bit.yml create mode 100644 ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 diff --git a/ansible/roles/gitea-actions/handlers/main.yml b/ansible/roles/gitea-actions/handlers/main.yml index 57fad82..477a51c 100644 --- a/ansible/roles/gitea-actions/handlers/main.yml +++ b/ansible/roles/gitea-actions/handlers/main.yml @@ -5,3 +5,10 @@ name: act_runner state: restarted daemon_reload: true + +- name: restart podman socket + become: true + ansible.builtin.systemd: + name: podman.socket + state: restarted + daemon_reload: true diff --git a/ansible/roles/gitea-actions/tasks/deps.yml b/ansible/roles/gitea-actions/tasks/deps.yml index d7731a6..533d544 100644 --- a/ansible/roles/gitea-actions/tasks/deps.yml +++ b/ansible/roles/gitea-actions/tasks/deps.yml @@ -8,12 +8,31 @@ state: present tags: gitea-actions -- name: enable podman socket for gitea-runner +- name: create podman socket override directory + become: true + ansible.builtin.file: + path: /etc/systemd/system/podman.socket.d + state: directory + mode: "0755" + tags: gitea-actions + +- name: configure podman socket for gitea-runner access + become: true + ansible.builtin.copy: + dest: /etc/systemd/system/podman.socket.d/override.conf + content: | + [Socket] + SocketMode=0660 + SocketGroup={{ gitea_runner_user }} + mode: "0644" + notify: restart podman socket + tags: gitea-actions + +- name: enable system podman socket become: true - become_user: "{{ gitea_runner_user }}" ansible.builtin.systemd: name: podman.socket + daemon_reload: true enabled: true state: started - scope: user tags: gitea-actions diff --git a/ansible/roles/gitea-actions/templates/act_runner.service.j2 b/ansible/roles/gitea-actions/templates/act_runner.service.j2 index 851c194..0930b9f 100644 --- a/ansible/roles/gitea-actions/templates/act_runner.service.j2 +++ b/ansible/roles/gitea-actions/templates/act_runner.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=Gitea Actions runner Documentation=https://gitea.com/gitea/act_runner -After=network.target +After=network.target podman.socket [Service] ExecStart={{ act_runner_bin }} daemon --config {{ act_runner_config_dir }}/config.yaml @@ -10,8 +10,7 @@ TimeoutSec=0 RestartSec=10 Restart=always User={{ gitea_runner_user }} -Environment="XDG_RUNTIME_DIR=/run/user/%(uid)" -Environment="DOCKER_HOST=unix:///run/user/%(uid)/podman/podman.sock" +Environment="DOCKER_HOST=unix:///run/podman/podman.sock" [Install] WantedBy=multi-user.target diff --git a/ansible/roles/gitea-actions/templates/config.yaml.j2 b/ansible/roles/gitea-actions/templates/config.yaml.j2 index 8581ee9..a9ee272 100644 --- a/ansible/roles/gitea-actions/templates/config.yaml.j2 +++ b/ansible/roles/gitea-actions/templates/config.yaml.j2 @@ -2,7 +2,7 @@ log: level: info runner: - file: .runner + file: {{ act_runner_work_dir }}/.runner capacity: 1 timeout: 3h insecure: false diff --git a/ansible/roles/podman/defaults/main.yml b/ansible/roles/podman/defaults/main.yml index 359f6eb..c66759a 100644 --- a/ansible/roles/podman/defaults/main.yml +++ b/ansible/roles/podman/defaults/main.yml @@ -37,11 +37,11 @@ zomboid_server_names: # Load order: Libraries first (damnlib, tsarslib), then dependent mods, then others zomboid_mods: workshop_items: >- - 3171167894;3402491515;3330403100;2409333430;3073430075;3379334330;3110913021;3366300557;3034636011;3409287192;3005903549;3161951724;3413704851;3413706334;3287727378;3226885926;2625625421;3418252689;3418253716;3152529790;2478247379;2942793445;2991201484;2913633066;2873290424;3428008364;3253385114;2846036306;2642541073;3435796523;3008795514;3447272250;3026723485;2900580391;2870394916;3292659291;2969343830;2566953935;2962175696;3196180339;3258343790;3346905070;3320947974;3478633453;2952802178;3001592312;3052360250;3490370700;2932547723;2805630347;3504401781;2772575623;3110911330;3088951320;3213391371;2932549988;3041122351;2971246021;3539691958;3315443103;2886832257;2886832936;2886833398;2811383142;2799152995;3248388837;3566868353;3570973322;2897390033;3592777775;3596903773;3601417745;3614034284;3577903007;3407042038;3405178154;3402493701;3402812859;3616536783;3431734923;3429790870;2850935956;3307376332;3397182976;3432928943;3610005735;3540297822;3426448380;3579640010;3389448389;3393821407;3044705007;2866258937;3490188370;3508537032;3451167732;3461263912;2903771337 + 3171167894;3402491515;3330403100;2409333430;3073430075;3379334330;3110913021;3366300557;3034636011;3409287192;3005903549;3161951724;3413704851;3413706334;3287727378;3226885926;2625625421;3418252689;3418253716;3152529790;2478247379;2942793445;2991201484;2913633066;2873290424;3428008364;3253385114;2846036306;2642541073;3435796523;3008795514;3447272250;3026723485;2900580391;2870394916;3292659291;2969343830;2566953935;2962175696;3196180339;3258343790;3346905070;3320947974;3478633453;2952802178;3001592312;3052360250;3490370700;2932547723;2805630347;3504401781;2772575623;3110911330;3088951320;3213391371;2932549988;3041122351;2971246021;3539691958;3315443103;2886832257;2886832936;2886833398;2811383142;2799152995;3248388837;3566868353;3570973322;2897390033;3592777775;3596903773;3601417745;3614034284;3577903007;3407042038;3405178154;3402493701;3402812859;3616536783;3431734923;3429790870;2850935956;3307376332;3397182976;3432928943;3610005735;3540297822;3426448380;3579640010;3389448389;3393821407;3044705007;2866258937;3490188370;3508537032;3451167732;3461263912;2903771337;3629835761;3000725405 # Build 42 requires backslash prefix for each mod ID # Load order: 1) damnlib 2) tsarslib 3) KI5 vehicles 4) Autotsar vehicles 5) Everything else mod_ids: >- - \damnlib;\tsarslib;\KI5trailers;\91range;\93fordF350;\82porsche911;\90bmwE30;\91fordLTD;\89dodgeCaravan;\84jeepXJ;\63beetle;\76chevyKseries;\85chevyCaprice;\85pontiacParisienne;\92jeepYJ;\92jeepYJJP18;\87buickRegal;\isoContainers;\85buickLeSabre;\85oldsmobileDelta88;\93chevySuburban;\93chevySuburbanExpanded;\67commando;\90pierceArrow;\69camaro;\70barracuda;\70dodge;\86chevyCUCV;\81deloreanDMC12;\81deloreanDMC12BTTF;\92nissanGTR;\92amgeneralM998;\88toyotaHilux;\91geoMetro;\66pontiacLeMans;\67gt500;\49powerWagon;\86fordE150;\86fordE150dnd;\86fordE150mm;\86fordE150pd;\86fordE150expanded;\89volvo200;\93fordElgin;\86oshkoshP19A;\92fordCVPI;\87chevySuburban;\68firebird;\77firebird;\82firebird;\82firebirdKITT;\04vwTouran;\90fordF350ambulance;\93mustangSSP;\87toyotaMR2;\73fordFalcon;\73fordFalconPS;\93townCar;\84merc;\91nissan240sx;\59meteor;\ECTO1;\87fordB700;\93fordTaurus;\75grandPrix;\89trooper;\63Type2Van;\99fordCVPI;\91fordRanger;\98stagea;\82jeepJ10;\82jeepJ10t;\88chevyS10;\89fordBronco;\83amgeneralM923;\78amgeneralM35A2;\78amgeneralM35A2extra;\78amgeneralM49A2C;\78amgeneralM50A3;\78amgeneralM62;\80manKat1;\65banshee;\89defender;\97bushmaster;\84cadillacDeVille;\84buickElectra;\84oldsmobile98;\85chevyStepVan;\85chevyStepVanexpanded;\autotsartrailers;\ATA_Jeep;\ATA_Jeep_x10;\ATA_Jeep_x2;\ATA_Jeep_x4;\ATA_Mustang;\ATA_Mustang_x2;\ATA_Mustang_x4;\ATA_Bus;\VanillaFoodsExpanded;\TombWardrobeALT;\TombWardrobeALTVanilla;\TombBodyCompat;\TombBodyCompatBootsExp;\TombBody;\TombBodyCustom;\TombBodyTex;\TombBodyTexDOLL;\TombBodyTexNUDE;\SM4BootsExpandedB42;\SM4BootsExpandedFlatshoes;\GanydeBielovzki's Frockin Splendor!;\RandomClothing;\EFTBP;\AliceGear;\TableSaw;\stanks_suicide;\STA_PryOpen;\AutoReload;\DBFaster50;\DBFaster60;\DBFaster70;\DBFaster80;\FixBlowTorchPropaneTank;\MiniHealthPanel;\P4HasBeenRead;\Project_Cook;\NeatUI_Framework;\ModernStatus;\CleanHotBar;\REORDER_THE_HOTBAR + \damnlib;\tsarslib;\KI5trailers;\91range;\93fordF350;\82porsche911;\90bmwE30;\91fordLTD;\89dodgeCaravan;\84jeepXJ;\63beetle;\76chevyKseries;\85chevyCaprice;\85pontiacParisienne;\92jeepYJ;\92jeepYJJP18;\87buickRegal;\isoContainers;\85buickLeSabre;\85oldsmobileDelta88;\93chevySuburban;\93chevySuburbanExpanded;\67commando;\90pierceArrow;\69camaro;\70barracuda;\70dodge;\86chevyCUCV;\81deloreanDMC12;\81deloreanDMC12BTTF;\92nissanGTR;\92amgeneralM998;\88toyotaHilux;\91geoMetro;\66pontiacLeMans;\67gt500;\49powerWagon;\86fordE150;\86fordE150dnd;\86fordE150mm;\86fordE150pd;\86fordE150expanded;\89volvo200;\93fordElgin;\86oshkoshP19A;\92fordCVPI;\87chevySuburban;\68firebird;\77firebird;\82firebird;\82firebirdKITT;\04vwTouran;\90fordF350ambulance;\93mustangSSP;\87toyotaMR2;\73fordFalcon;\73fordFalconPS;\93townCar;\84merc;\91nissan240sx;\59meteor;\ECTO1;\87fordB700;\93fordTaurus;\75grandPrix;\89trooper;\63Type2Van;\99fordCVPI;\91fordRanger;\98stagea;\82jeepJ10;\82jeepJ10t;\88chevyS10;\89fordBronco;\83amgeneralM923;\78amgeneralM35A2;\78amgeneralM35A2extra;\78amgeneralM49A2C;\78amgeneralM50A3;\78amgeneralM62;\80manKat1;\65banshee;\89defender;\97bushmaster;\84cadillacDeVille;\84buickElectra;\84oldsmobile98;\85chevyStepVan;\85chevyStepVanexpanded;\autotsartrailers;\ATA_Jeep;\ATA_Jeep_x10;\ATA_Jeep_x2;\ATA_Jeep_x4;\ATA_Mustang;\ATA_Mustang_x2;\ATA_Mustang_x4;\ATA_Bus;\VanillaFoodsExpanded;\TombWardrobeALT;\TombWardrobeALTVanilla;\TombBodyCompat;\TombBodyCompatBootsExp;\TombBody;\TombBodyCustom;\TombBodyTex;\TombBodyTexDOLL;\TombBodyTexNUDE;\SM4BootsExpandedB42;\SM4BootsExpandedFlatshoes;\GanydeBielovzki's Frockin Splendor!;\RandomClothing;\EFTBP;\AliceGear;\TableSaw;\stanks_suicide;\STA_PryOpen;\AutoReload;\DBFaster50;\DBFaster60;\DBFaster70;\DBFaster80;\FixBlowTorchPropaneTank;\MiniHealthPanel;\P4HasBeenRead;\Project_Cook;\NeatUI_Framework;\ModernStatus;\CleanHotBar;\REORDER_THE_HOTBAR;\Ladders42131;\ClimbDownRope pihole_path: "{{ podman_volumes }}/pihole" sshpass_cron_path: "{{ podman_volumes }}/sshpass_cron" caddy_path: "{{ podman_volumes }}/caddy" @@ -108,5 +108,7 @@ caddy_security_headers: # Graylog logging stack graylog_path: "{{ podman_volumes }}/graylog" logs_server_name: logs.debyl.io -# Update tag to specific SHA after CI builds (e.g., :abc1234) -gelf_proxy_image: git.debyl.io/debyltech/gelf-proxy:main +# gelf_auth_token: defined in vault - X-Gelf-Token header for Lambda GELF HTTP auth + +# Fluent Bit is deployed as a systemd service (not container) +# for direct journal access - see containers/base/fluent-bit.yml diff --git a/ansible/roles/podman/handlers/main.yml b/ansible/roles/podman/handlers/main.yml index fa095dd..6d45864 100644 --- a/ansible/roles/podman/handlers/main.yml +++ b/ansible/roles/podman/handlers/main.yml @@ -42,3 +42,11 @@ scope: user tags: - zomboid + +- name: restart fluent-bit + become: true + ansible.builtin.systemd: + name: fluent-bit + state: restarted + tags: + - fluent-bit diff --git a/ansible/roles/podman/tasks/containers/base/fluent-bit.yml b/ansible/roles/podman/tasks/containers/base/fluent-bit.yml new file mode 100644 index 0000000..8cf2a09 --- /dev/null +++ b/ansible/roles/podman/tasks/containers/base/fluent-bit.yml @@ -0,0 +1,45 @@ +--- +# Fluent Bit - Log forwarder from journald to Graylog GELF +# Deployed as systemd service (not container) for direct journal access + +# Clean up old container deployment if it exists +- name: stop and remove fluent-bit container if exists + become: true + become_user: "{{ podman_user }}" + containers.podman.podman_container: + name: fluent-bit + state: absent + ignore_errors: true + +- name: disable old fluent-bit container systemd service + become: true + become_user: "{{ podman_user }}" + ansible.builtin.systemd: + name: fluent-bit + enabled: false + state: stopped + scope: user + ignore_errors: true + +- name: install fluent-bit package + become: true + ansible.builtin.dnf: + name: fluent-bit + state: present + +- name: deploy fluent-bit configuration + become: true + ansible.builtin.template: + src: fluent-bit/fluent-bit.conf.j2 + dest: /etc/fluent-bit/fluent-bit.conf + owner: root + group: root + mode: '0644' + notify: restart fluent-bit + +- name: enable and start fluent-bit service + become: true + ansible.builtin.systemd: + name: fluent-bit + enabled: true + state: started diff --git a/ansible/roles/podman/tasks/containers/debyltech/graylog.yml b/ansible/roles/podman/tasks/containers/debyltech/graylog.yml index 79f53df..a149833 100644 --- a/ansible/roles/podman/tasks/containers/debyltech/graylog.yml +++ b/ansible/roles/podman/tasks/containers/debyltech/graylog.yml @@ -1,6 +1,6 @@ --- # Graylog Logging Stack -# Deploys MongoDB, OpenSearch, Graylog, and GELF decryption proxy +# Deploys MongoDB, OpenSearch, and Graylog # System prerequisite: OpenSearch requires increased virtual memory - name: set vm.max_map_count for OpenSearch @@ -72,12 +72,10 @@ tags: graylog # MongoDB container -- name: pull graylog-mongo image - become: true - become_user: "{{ podman_user }}" - containers.podman.podman_image: - name: docker.io/mongo:6 - state: present +- import_tasks: podman/podman-check.yml + vars: + container_name: graylog-mongo + container_image: docker.io/mongo:6 tags: graylog - name: create graylog-mongo container @@ -87,7 +85,6 @@ name: graylog-mongo image: docker.io/mongo:6 state: started - recreate: true restart_policy: on-failure:3 log_driver: journald volumes: @@ -103,12 +100,10 @@ tags: graylog # OpenSearch container -- name: pull graylog-opensearch image - become: true - become_user: "{{ podman_user }}" - containers.podman.podman_image: - name: docker.io/opensearchproject/opensearch:2 - state: present +- import_tasks: podman/podman-check.yml + vars: + container_name: graylog-opensearch + container_image: docker.io/opensearchproject/opensearch:2 tags: graylog - name: create graylog-opensearch container @@ -118,7 +113,6 @@ name: graylog-opensearch image: docker.io/opensearchproject/opensearch:2 state: started - recreate: true restart_policy: on-failure:3 log_driver: journald env: @@ -138,16 +132,14 @@ tags: graylog # Graylog container -- name: pull graylog image - become: true - become_user: "{{ podman_user }}" - containers.podman.podman_image: - name: docker.io/graylog/graylog:6.0 - state: present +- import_tasks: podman/podman-check.yml + vars: + container_name: graylog + container_image: docker.io/graylog/graylog:6.0 tags: graylog # Graylog uses host network to reach MongoDB/OpenSearch on 127.0.0.1 -# Binds to: 9000 (web UI), 12202 (GELF UDP from gelf-proxy) +# Binds to: 9000 (web UI), 12202 (GELF HTTP input proxied via Caddy) - name: create graylog container become: true become_user: "{{ podman_user }}" @@ -155,7 +147,6 @@ name: graylog image: docker.io/graylog/graylog:6.0 state: started - recreate: true restart_policy: on-failure:3 log_driver: journald network: host @@ -178,38 +169,3 @@ vars: container_name: graylog tags: graylog - -# GELF Decryption Proxy (container) -- import_tasks: gitea/podman-gitea-login.yml - tags: graylog - -- name: pull gelf-proxy image - become: true - become_user: "{{ podman_user }}" - containers.podman.podman_image: - name: "{{ gelf_proxy_image }}" - state: present - tags: graylog - -- name: create gelf-proxy container - become: true - become_user: "{{ podman_user }}" - containers.podman.podman_container: - name: gelf-proxy - image: "{{ gelf_proxy_image }}" - state: started - recreate: true - restart_policy: on-failure:3 - log_driver: journald - network: host - env: - GELF_KEY: "{{ gelf_encryption_key }}" - GELF_LISTEN: ":12201" - GELF_FORWARD: "127.0.0.1:12202" - tags: graylog - -- name: create systemd startup job for gelf-proxy - include_tasks: podman/systemd-generate.yml - vars: - container_name: gelf-proxy - tags: graylog diff --git a/ansible/roles/podman/tasks/firewall.yml b/ansible/roles/podman/tasks/firewall.yml index 1d7503f..973e670 100644 --- a/ansible/roles/podman/tasks/firewall.yml +++ b/ansible/roles/podman/tasks/firewall.yml @@ -69,5 +69,7 @@ - 1080/tcp - 1443/tcp - 7000/tcp + # gelf-proxy (removed - now using GELF HTTP via Caddy) + - 12201/udp notify: restart firewalld tags: firewall diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml index 530c336..f20e4d8 100644 --- a/ansible/roles/podman/tasks/main.yml +++ b/ansible/roles/podman/tasks/main.yml @@ -81,6 +81,12 @@ image: docker.io/louislam/uptime-kuma:1 tags: debyltech, uptime-kuma +- import_tasks: containers/debyltech/graylog.yml + tags: debyltech, graylog + +- import_tasks: containers/base/fluent-bit.yml + tags: fluent-bit, graylog + - import_tasks: containers/home/nosql.yml vars: image: docker.io/redis:7.2.1-alpine diff --git a/ansible/roles/podman/templates/caddy/Caddyfile.j2 b/ansible/roles/podman/templates/caddy/Caddyfile.j2 index 2040757..d096741 100644 --- a/ansible/roles/podman/templates/caddy/Caddyfile.j2 +++ b/ansible/roles/podman/templates/caddy/Caddyfile.j2 @@ -177,6 +177,49 @@ } } +# Graylog Logs - {{ logs_server_name }} +{{ logs_server_name }} { + # GELF HTTP endpoint - open for Lambda (auth via header) + # Must come BEFORE ip_restricted_site to allow external access + @gelf_authorized { + path /gelf + header X-Gelf-Token "{{ gelf_auth_token }}" + } + + handle @gelf_authorized { + reverse_proxy localhost:12202 + } + + # Reject unauthorized GELF requests + handle /gelf { + respond "Unauthorized" 401 + } + + # IP restriction for Graylog web UI (excludes /gelf which is handled above) + @local { + remote_ip {{ caddy_local_networks | join(' ') }} + } + + @denied { + not remote_ip {{ caddy_local_networks | join(' ') }} + not path /gelf + } + + handle @denied { + redir https://debyl.io{uri} 302 + } + + handle @local { + import common_headers + reverse_proxy localhost:9000 + } + + log { + output file /var/log/caddy/graylog.log + format json + } +} + # ============================================================================ # COMPLEX CONFIGURATIONS # ============================================================================ diff --git a/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 b/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 new file mode 100644 index 0000000..165458e --- /dev/null +++ b/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 @@ -0,0 +1,32 @@ +[SERVICE] + Flush 5 + Daemon Off + Log_Level info + Parsers_File parsers.conf + +# Read from systemd journal - filter for Podman container logs +# Container logs come from conmon process with CONTAINER_NAME field +[INPUT] + Name systemd + Tag journal.* + Systemd_Filter _COMM=conmon + Read_From_Tail On + Strip_Underscores On + +# Extract container name for better filtering in Graylog +[FILTER] + Name record_modifier + Match journal.* + Record host {{ ansible_hostname }} + Record source podman + +# Output to Graylog GELF UDP (local, port 12203) +# Graylog needs a GELF UDP input configured on this port +[OUTPUT] + Name gelf + Match journal.* + Host 127.0.0.1 + Port 12203 + Mode udp + Gelf_Short_Message_Key MESSAGE + Gelf_Host_Key host diff --git a/ansible/vars/vault.yml b/ansible/vars/vault.yml index e3a714c62a2017500f07b74abce683c5f98a8281..f52bd7cb9e3a83794a237b13f6e70ea0ca26e1e4 100644 GIT binary patch literal 15864 zcmVD7!dx&GA-l2J(`2O?bJU`pD9d~{~sIyH?x%b?5YEk<;f2NSZ-laI@H)c z=vNxS3xjB<{F6?lBajUZRNAMAx5{7~RG{fU^-yU6%AWN7NUs4b#S8;VJF}c|-cWha z^UMW?hL;9Z)gjVNHI1QZXB++0Q6vlQ$fHrD*5^Sg$xSPLEM2fgrQ;`~aJRiUx0*$T zgfDpfEP07leu5wn2>ST95sPTy0;Op4sR0osqYU)V_3Sw5!Icy*z(_!L8Q|_h{j$Hf zGQY_}C83Ft!P`_BFiUQ;AIO;S`=xQGqmPE{P#S5A;Q1dZ-Gw?}eO6WJV1b;;UU50x z&%?Sh)*}1N2M&WWQnap7uSmoYo+NQA(8Qu#--Y8A@m#2v;9Q%ha1A84S3{2;LBcCv zMactMT@%*X1W${=VZrQ#sP{}UN5Khpm^WktGPP}8T8k-ouIB$>oh&1glGtWmkLLKtKA`HakrT<;`MFMjDT3Zl#IE8R~|NlCZSHJ27Nt30RNVd0|lO}a2jOYYw zRG8M!iWsii4jc?~z`&GmRtUTI?I;&U95G*HDhW}$C9HM-r>{+U?0W}NXYS`bQLaa1 z?O2jYnom@uoOMc0Civ_)Mi9<+7CjZys`FA+uPsw?%yc3VJq`^#TBO%J6OV|kQs^k) zKelona7E>>Ik2gX@%!jqA1|avD50wymzws(KO%ffe~uXRH1c5DNWEQy^H_w%4H{b? zt6RDwa`0J*9wv<0p5qR>KX1*(xPR!~o~MDHPB85pkr!BOs}X1qs+*@)flHb^B5n&+ zjkg70Bu%z}J>~6zHy<*m2|)7NOv;I;b-*bsafD`zYi1Oqrpnl0l=yN& z-n*x8>SZ7||EXDi2BJR4q}`|yF~&`|J;(ogH)h6M5OE!Ppzw4a z%G?4vB)oA*gp&PlGHL(Y)mPym-)L*cu`$%;fAU=?d_o5M8u+iD(Q36al00qpH?Da| z!R5PPr0}miSg0|-B{WZDo)baadqi$p=9#(NI-spf>Us-ErdQc5&n}BQ2~heBsT1T@ z7T>cA;$i)oeDhsS+M?7~XW#G;FJ+$gJk~VY*~gnuQ=3rE3iTr2?XF7pyl>q~?D4s7 z=rHy8oZ3Wt{$MGE<)`L2HIV~_C+8;FjE($zn(PcmGh21OWAsgXmUYvyd3F2+hn}n7 zE2I?Il`PDLQKy>>GL-Vn8yqZ}gcOuGB|SyWg^Eh3fWrkvaieUm!Jj&)g&m{Yc{~h( z4LhU{>rAMZ8|QZHW*W29h;cgiiS$uGiUIA*>zWnepmImt-G)x z;rC8H9-qko2evoh`zn9XYXzVPOR{P74${PNPpsvyb_2U1; z)dHxee4*uhOd!(2coqjue!Mk!&iH}^Kb(;OL)45DjWCqCdYwdzQzyZqv-eXZOr^a$ z<1kQ<9Wq5*(Mp(2Zyr6GDqVUbT}y@;Y;D<8ka#+r@`i?$p%y6&_xgyq^Q~FpktL;m zR|njPS4Tly%}#IcIQ_7_H%h>%GT9bdFjDhL(0nEdz56cJq+)+2*S*2)d07kU`+<&4 z@g3al{}#DuaPG4bt{OB|b^uKr^i_mR<&V&hpiz^VXB{|12XB1C8XqoXb1FZ)Wi z14?>nxg3$fHvOiYDMb2Ht>vuH%kdnjY%cv6k5#hHG~j^PGzMs;_i@93Arr&FN0o&zq-*zyGZ*asN7KSGDY$g^RAcwe$f|(6YE^X;Y{#K z(Cq%PAWD@jlPr+o`3FZ8D*3X%3o77>wF}QeH<`Wz5dLAOCPFtIOvk?$%uO)0kRx9o0cCJ}!GqHN_Wa1M=Urq= zt#e7ez;HN|UkCej zv=rp6N!w@qLFDuT;DP^|nzuxDWoDwbBfNX>mCH5|K{7ESvwe|DazYwm`kbi}Y7TtL z+c`oBsq_Jj#En7`XnVP#Yij#1WKQLPXJ9dfbj49RI58*E%rQv90TeGsY3=n@TA1#_ z1g0co7*f~eJe`uEhOl%3$y7rmSHB^>F?AoiVBPwS3Jgl0K>FoKW*`yI-nLd_6NJ2! z!q;`T)M0)o{@bm5;#^3G7k~SU1ebPmXd1ZIZ26O}$h_p0KenKg{VG$!x{ z9xry3k3Otg(x20`>H-?E-QFX*kMRUn6G2PMavxGt+gGOtGDo24sYqd$E(@kT#OL5N zbF=oalU;H-X6pgqW2JT+G3RoV3!MG7!3i*CLLpT@W8~Cl<#oA)jp&nwCAN)9#|4&0 zQv#)x7_VM&2Zb9<5G%xl*uov@??bZzAi-s2GUAAaf^@uqvkabxiu4l#(J2 z0cR0pfmiT+EZ~j$NA=T!UvWO(&6aFBuA1wcG%nkcI#pV0m9~~ZpZ`f~okj2@xLswX z)Mw2d?7kOwYgeUt3u0+a2HBG+u|EfcYN4Zyo&6;#bEi{M+1uObs=s4q>eQUa3Ga=i z&q@Z{VqMHldYNv#Dh9Xi9NV3~GkDFUvmg8J;qeWaukYrHblYTZOd&{y$(*r}r~Q3l z`^LJ54lSB|ieJbMz5fX83|Q01rx;Kdl!qv(2qyWnG~E(PSjQxSC4^w_nE1W9N!dsk zrY3igA2&$>yUDyB=j9qf7PNVA#}ESWm?nLrqOr6-N5whyIlbB)j{LGK!>W4vvw}!~ zg$ed`L;mnI3Ly^J5Q2o;udH$g=HWO>wnw3q;*GYc`DB>gxIVDj>`~=Tx`YcrPqZM% z$2smpBL+Bd|5pz7Q%1WF_`@nT#3miX7Mv-?{HkIVvV_eyHvn^6?7u+j%gN}oYqe^- z6Uri=JMK^dys8kH!zMFMB)~}KOL>DT5$}I|;w(o8UKmYR-OWiFCp=(}3o=i6ZDN;w zZXP0&mGf(Rx_S`ya#7SU{|=Szhrb_}6Dk&sS|^Pt|L}7>j%5~om|f}OU+VIW8z=tE zxq@|P`Hw^AF|>Vj8tEd#*S3b1~*L*okE^DV?3_?<8|2aACk3ieN2)DNe&m{_av5Zw( zb|-DFNCBiM8FLIZUCNvDYyZ{oKNDmUdQ|4oqJY@a?I0x@Q$XKq6qgQb(VSr81>$j;uNKp((qa964}o=n)5%S3xPjphOkB-b zhsH3Jl{LKUCNCFq>nsjZ4|K7g(cbN4_XDxMl%4LxkQHVXR>1TaO3jh;%%jS#&KrQl z+r(Lcl0t2y0&nkNud^YN&m;!mXwq=?Hy#{$mX(nm8&5mJUMO?C0cK*5^01E@)fXfxCabHyD+AWvr()lK~y<6z( zXk0&F;t5eoFOGW{+3xE4Ti!h&I z9q9|))}fp7i!5we*16Nv1j|<7bY!*soxx2fSk4{is^LX8671(EU)2@9m(vV@l1Jzr zbsfQEi&(5(DzPpLdOxIQR(4Sw1TG|w;nBGkY`-K{)u%qM>X=Xxt~{)=*z^Zh!oueP z%JpP<1x0vU>~UNnHImsaE4o{I5VZt2mvTCyosRs9UZ2UxsAW~_D>g+-dy&V@2F;eg!>|Dt&5>Edexm25FL2)~3UCd;}taK@Q8PNiY0XHkzn1fw(IEJVq5K_}P82TK4RC%>DNmtR+NdZi~WegLm;4Al!vlKA& zUe(SO8oStElRmslesFQCgOQXNQ?AC?S7ZFF62I@>Qlk)V2R3{82m7Lbl*n?YP`Zig zv<=bN*CtV8VmgWdi|3)*G$jHo>1saMU%QRKuW}ZpzkZ#N>9`b$GM_{1d}!I1?FrSQ z_Ms?zJ7Nrpja$OzS=2B0T+&sOl1j19lhctgG-czXG*Eo;kGVNwvIG4>FgQ;DnPg+( zmpq0psEVrS!}-EwstUN=z~Vs&2NVMkMq~9X-bQaks`Oblkf~k_I}Am*Ds+avm#`2t{wJM2$*^Vkl6l=n)Nu}UB#=Y0)#jbDakxg+!<$I$muaaNMXSR zx`-b*jDb9s%cHM~j(e3w^3n;*#^+Js!L`tW@|B~H=Hp?FB?4$+El;r&7H9M_7Pdue znV}mZkHMTTDXgilxDKEQ-96SUj{Qpt8okTL+~6SOWJx0l4EUKOL42f0z-^KkxKiQ5 z<>;)NU&&BTy<83~IM{_4_o%kkn7oIwmHo>&VkK`X%yjkd>N@ejEEQQ2t-q7~)z6n& z2K*?^6c}<$yqE-%?J+uzYPLEQ$mi87fI4Rf?6&Dmj%lvr$zi1e=qW-hMwUbms=yS_ zQS5VmPHot6k%Nv1ILx7n774fMwi~#Qs)u!3b3~T3uKm*sltRWG0C2q0!fhAJg!^B0 zbevNsfT(v1b3Iy0j;3sSguR$>4*Ox9BxTfwI|~&J3MWvam#Zq%t6Q=Y9ts+o%s(zI zt8w(2bX!u=YzMOuLKsn6{;z3JwmGj5iIsgxoO}8~MFBQSsuKwEa$8B5&c)c5vn}MQ z$;oG?P+QCl4~o|lBjt+O!*K4XZ09&FemWB(;~Fa)z97$idQM<^dp@eT{PxYO%Erel z7QOGC)F-IVlaX(e_bgZ+eiT0}R3SG{bR6BrvKkx(t zD!j39Yw7NqA~azVi;a7T419VJ`SeNj{#l2Jx!fRnjb&UV7W0?0Jlzfo zG^oh5X(Pg)AI$RMZfX-g*kRjG5K8iLP0iZVeSX>0UYAe39xk}Ft*|l3Y+|hT;A`tu zV5oB++iWeG8dUvVZe6~{sd@d5eDB=U|152h;h;}=ozGx6`daDjKY2P2nREL5>2dWZ zUj#^?_0e)ibN6mPehHZd2>B+D(FzyX@8vyi`Jn~$05P54Hwl9WlzI^T#ddfV;BJ!o zuNU!;Z}j}$AfV0_AV^2O$-|iV0@teKGY`3oU>7IC(NET4*0*-TL8cu^fD2BZy<~k> zvUH-KU+s_L0m8z{YpX98rUi(sensF!K zreIh3Y=Z$x{Q6p zQziBii7NV}Hr1M*LaCf(2`@7>EDAVG>?apuH+O7S{QouCrPlVeSR)3h5_k z){DW>)`g}%0@4osB_Iz>r@xiRMJ&EEMnXkwdOzXd`?tu|%TovyC5+MwTbE7~XB50y z=%@%~Rl5NkpSdf1s>A(7TTBf0fmmihe!iZ#Q4$`#tn4BL#X4CU&2 zrcZea{pZn3MoQi|R1a?MA-B<=JAob$BM<+fW(f#?0}E`K;{59M>UNVyJh>gRV%?SP zmp#-JZ$0It7$7EH{0@X2LOtSaB~@5&3L@N+B?ntbeXAxYL!7+<%-%@6IDz7@af-iG zMlku&t;6@$HQwKgza)S$7eFR;wW%UK3|i1$m>cF*=y~uEipTGx8$8x=DI21S3)LC| zU+Ee%4>=$2L@XYoxnF*Ome-IQO}Z4vpf@7U%?~8we}6a)5hI3+77&t#GoOe)*u>ot z(p}pRy+QfS`tfRo){FL&jWcyPDvLCqiG|bacC%3=KS6#WLeyN4zvPp8j{jUfLMInD zUe^5Tmy$OLJW~6F!rHYdrYj1HPZt8>#MPV?wz|U_v#Wy&V*NM7Imn&YY=3eM?x zSAgncjP3{@3W!uz8ql_ul*WqY38zHlOR{E-cr~+WHP*;U-7w&$@Wg4!=`b6Ax=_(qM>H=-uvN5z-7zznPZn8F;1BeO;HBygQcF*9jY_OV?SF2y}hbGbI6> zs@vq`!(xPNxBOvk#LnKTap_tQM<-sKYpi;hKQ-AGf@S(P%TOXz_#!B@tp@|#=fJ*g z&$Ua|+i(MN_J7$2xkN*I8CtXLpuanR2$#qO-JiNw3vF3JKAA4OL0Ys!dtx`wAVYkh ze^)Re2waYTnN+O$Ng*v?rQ$Jl0f&uw!544?THkTqSy}^piP2-{K*m9MOo}a3I2@~ZKyeZA zy998N*5gK63lk{nIv_k_;Bfil#udRqMBqS38zK}w?Z6=DWvuXPiElr8Qi-Mu`|FB$ zsy+Y}W*T)Apj9@mj=F?*fnI64dIVDb8dkDj{vB7yL6c13lWA?8Cy+BDm4%fpeCdqblo`)KX3z% z2Zg@d7bpI5nC@T|N>ev#s}%)?Q5A|s9^H_e)#O|*>$}ebRE5?GSi4bid>T!beV&=_ z)0Z1IJjiLI@g&Z2U}AW%3*L?}yO($4X1#l#VU^MZ$Pw7Gpm9!a;0ZmRY}epYUWgNW zMfZ4tGzo+L{%Z^TIz}$1X)jarxd7rZ78+&;*;}jU_vb_+5AQlqw9`rhV|F%u9XP8@ zsIOJMw5u1$>GhZ(9-c$bir5ha=udp{_j&Iylt0I<+1Ems;i5Bt%vdZ_z;V21zwZBn z*|D_mv1&@}x&?BQYwEmIMCez9+5+b6QHcWS%JyAC|0ttF%c69douhB)%mVNN&VRpR zJ_3D_n=LfhP4Kg122!tlU?BUi4k!MNR4{|hE8_&=ifIrF9kMnywgf?~_*3>${<29= zBAo*1-t8N@V9ss0^$76c52_aEp7y!D&w4%Yoe}v+5r#7191S+}W1j>7I?h_C>@t{m!Dm~{C#fxD_slb#wv+&|az_gMwjPFkkx;)(9ym;?WQT z7fhvH<|*w*!nYBRGB9hwxe7XkSjw&vva_m8r3mR`^K$<(4oyWO#m?TU%ROgK;QOc^ zX0HR+6%!k$U>b=X7A`(tiZIAQg+39Ah5@a~SiJn(&rFNB`GZoH-t)l(262vcIhC2b zM+n{@!!kY3bT&e0dr-W737jE@pqDZ~hpP_EVZ_~c;uw+BW_NOmV5AyHtM_+G9-V3o zL|ip?8gTuAF`eoHag>hoT|tbRxC3F05;KK^V||d#WBu|N`<;pw={!!=v`IROX6KDy z`X^j#g$o#3WW(C!ce(c44beY?re!~zF2DdgcbN(&s&fVcaB)2I@9I?V^$f`o8p6Or zW1@f>{8*Z;hhLG&SZ;%%o)^jb41Zg>gMRXLhknq$%fb*V^tO;61<~X=lTIJW&&D_8 z6)kHTV_p$6zJnvT;wRQ;(6xk=%mbVkAdUb(TxU39S8PYa`ZZi$l|LV(x6KPUN^Y$k zrjSfpBxg9x14;$XXZL}g1~h7N8{%SuLT?Rhr%}cYFWSf7v^nHZQmcRi_mJ)NlvfT+ z)H@Hm>Dru9*JgU)UpAK<=9k_R;hPKZe#0^o#^Zm@4oR%iL&tA78(@|WEIO1gD$ANT zqy!NJY7m$m0-&C%m?5d)Il(INfV49?rOoa1N8|WHfzxr$o=bd0@!LE(2711>O0`wL?E`Iyy`ZF47LXL>@iQSjH=34(f%DpEL zy}Q(e1ks2_mhdSNML)1M0A;vklEGq%W%-JrQ8)bG%r1yfR-K20OazZJt2cq`0zB)$ z>tH$w(SIAMdL`4c4XSv0B@e?6B2{W@(dUhZD^hrdctQi|t~#i#y}k>3ID0ckvYzUFy%_j;nW zrsOSH9_mxY@A4EpthJVyVkG`L(=n$4M1C)^nbA5~X2I^Cb0fs`=~w@X#R}_r0Nv3B zGI}|Kv1x7i`}#dWld)@lUXyYcM1ZB*mm<|O%*~h*L2=SNR(SH2uI0H(4R9!n zj1yLM4NMLs@d7Q|ac*8Hm>+7dRcNtu39Q3-n;Tri=jc2Z9a$)LHR_x8V#RGKIQu|nfHrJFvN|gBmE=a;|Ek9o>fvYzMT}aK|o{{0WbVl zErxO4kq^AsiJ<}M)*D58x)JUn_%_U%(};~XIfane;@abcU!Jo$@ok?a7H8PbekxvV zJkuqm2N2fqFY9S*2yx%5;OK=SOIb^fBl=lOCiJIr!WT{I6}3c%YUkIXa1oQI@7O%H zbhVf?Q719?x-o6hO?7D}uHYBdc~30-hcGc$<7Vz2jk<@0Sa|k4phfb-&f@D zZpt4TQ@e8cFbyR@6)*jE?2ACzo~_NKi_m~TAF`eu=5cJac{GvP(%(pt-|Pd!Ef49l ztvbtIi{w)>lPP3bMIN#R0*=q_ zHO6bvKjv|Oa>psDb|}WH2a?-_O-9PG*c8-reZ&fR+vEI2c)Yn~@FG~0BJb2fyy{J=p8s{SS&S^I1Pw&ggv%^QYQ8i)Vyp(GcZd# z#vKXYYn+y`I{PjQ(cDQ^9vCX9ZL}8wnv;dLk*0>v0xBENbiTLdWyIIcuS0*8N)jX& zl=x+Y%K}Gtd6o%nDL<1t#OqZj!qp9E>rMF+M&~IE@NnHL(;gEkfCLieIj{8JMVrDI z_b&Q~mp4h|uuRS+``Rh$BKOo;Y+?>1i9|b7BK1FBre}L*#}^A3gN#xg8hI)hKuWBf zUhyJ)aGEqqeQiocEXU(XaN#sJ(mk)Af@(P+XLK+0@*E3y#ZgJFMCH5j7 zK)RW75HFtXGbxl%@HgnjXI0e9mEy1oma@anxKOjeEe*}4{~bshTySiuNhq9mB^jPl zocJLK{;FhBE7bkg0+`=dJlx-Gza-FVat|1Y@W!iNqcx@pP?As8s zRBxj|xNvK`XK`zhsWHUt7b`=~-_4V@<1ogt zF@EEDcYB$MT=};KzIuKL)=rad?8GVe7YlX(YU9vnW*s2G-Um_e;>1I`|K)UW!nFxJ zH3#u|;%};?5*7~^-Wqas5+XwP$;RaVJ#XXn52J^`6Jbjb;_Nh6*qfvSTPrNPlDz9C zc;T`$wP>|L9g6yWnFr>mSY#m&-xEH#U%TyeY~-FE@wL}-&rEsIWi6WAG2tj~d~+!h zd}~uY$8Q9h8KF^>94+$b*l4zGLQf+mZ=vCO&Q)o~7DmT_qq13q zUJ(MG#p0_n8f=Hwl3N;O${h(jxSoL~DaIy`2oh66HZ8uGpAxO}$F2KEPW*h;kbXh$ zIt(q)#*^@0Jxk%#ff|P)8k8BuR2w4P5VsId0>ZdT$RLRz= zgH#jp9`NsbwJPjzX{KxSr>cG3g01bU+w{FW$bAAzFBW?ddYpfa9cX)3!fJjRwBRl1 zs3ze(mEl8Wx9yMB9pM|Xmxq^%59ryN*>Hc(AF2Xm`p(7|pGD2CT!Z`b<7Wa3$+Pl4 zlsVvJQ{a-fNxo0+17fOm4BY@CL-3?~@yqvvXV0T*=_5CQlOov2wih7J8>(D;Yh`l8 ztFl@P8O2ZGQRsMEHsle}af8H&2&Ndlu08B+@fly(g=aLPp_gr|0832XM0PZF1p)f! zFdonUd^mng)IC@r>77jftAOuLyF~B2D7r1n5#5xe`ee> zTygQuxIK4fp5+;9gj)z}#`YsweCHed|H#_PFZJs>9|=U0|A#H1Uwr4rF^@QnrWcEx z681*0VXB)jY-JLHE;*buP0>6eH~i${j-0u8Xn4tQB&x%0YF@g*d4Vi=>DG^DP$c^S zI94QwUahgIS^A|17sPPUyXbpbAW~U%#+lOt6bZlIT(qDXOmlKGP$K!oU31fKHyl?E zKIjU^Nq2*}UB!Yzb!?*}>9K8yP85z5-LurQ)(<70@jx}?Z1mIbLrBf_iKvH_(n;B_ zXH+{c0qFWLE|={nr_f1>t4Og&i^{Bmc!rf2))-~sd9f@JkKyyx{_;Qcf$f0s)9W=o zLU`48JluPz+rMTcog>iQo}qXy3Z27iBa(9F?#YP6A?(fa^WsOsXX~@;=$^n)Xz<(#hkh$@*EF zg8E8rYHr8;5Y(gfSt&}GTbY#?oGNJG?gH4c(X3vjR$e;d5sWhyTp2D_(suxFuhac$ zB=?7W;=S2qx(PH|#S`WgYfoLr+>I;DcUSXTTxH<|a$@v~C(G*Q`LGYy39YEkNrs`- z=+e_c5HcJ9<)#4!9s4lRg-*)rP>~H~-bVF!F6=R5>!K4n@|1k#fz^o!*$32$^Jkiq zM9!{@aK#?1vcE|=s9WGYdAk8$664AMAkN1u$l7fKt4SMcX&!N3sCHlj=ca?~;yct9 z8=j!JintuEfn5JUs5EWI@&% zF6qcRdNIiq$r|pwebC|;#1DEd`gpY3503PSQadQ6J{JJ{hRx4Z$9T6;Hx|&SkjbFv^OO-rTnFFPBlX^z2`srvp@g z2{6hCJpLgZ#>h8%a2Qonhk%tyjCtyG;0V)K4&`>EkoaR0fdn7O0uuD)`iGnU^hkpz zP);~&Y;|6lKfcj_$&er~Mc|b1zV_kk^Tb^yF?JMOAI1vV zHHU=5iXE0NrP>Qu(iXuOyqw%*IFYC0%YD#^{d(HmoUHK?89Ej|?fpNYl#*YWeab6b zfW|flpig{oQrCHJyT92(mz#-9Zgo~0#u}8SwUK}biwx4M=b5+ z#?Kj~q_QQ}+YL^ai?^|B)#cM~2fZA>%Ah2h@Lm?>+IndkW0q`xkEKBWzg*V5G5)l` z`ivs7vlF@v&lwBao>68nCEw;|ieNuf?6}d^rtbpmxFqyL5ilEGfGYIW5O41jYQvgf z@jWJ3Tn19$ThR)1G6P~}Z5k4G)Kh5xdw!;(iYk2td1jlNY%BLYLH&lLb^LkP8i;F# z>~mdge49TZDm(R)!7DZrUArw6{3M(BMl8>hok}@t*4WsRNoK|;*o4>w`RTDMUP$XG zCPy|zC@G!HWXE@g zXGU-+bs{caz4EoDPe1ANHnR4JZ?zuRE`~%>aZ7x6# zXOHNkOcO ztL3255QLuw3oeY!ebJlA2pwGb5K%L8AH+3t#1dbdf{)v3v(=AUj>5IF6p%_XL27e@ z@=pyGn;1v=!Hh3d6$fE}MKP`9^Z>#!ffxBRCGZW(^iiu9cY8y-NB5J`-wuo}rOjj0 z6-qAFi9&d09z1XU63!P#rVogr6LLJyQ1arZ;^Cqf zAZT$JAY)!}Fq^PeUZeBgIEvY65Tr?6k_~?-;qC}Wv-suFUi&TvIN4Ln7Lbo=m!E46 zA-j-zdP5e*rJS=_n$r!)V5mh0ql3)*b;eTei55FG)cDQ8R7;+DEvHV&*=V$dq)%3k zIHsM8v~QbbV)axtFHYLf5RL4?(*OcY;vIu|hJ=>xejD>2j1&KJG7(fTZPPdU{$X|L ztIU6da$7dHhO(0!h$POV=58afB&~0M>s6#bLZ@IO!CTg^#iRwKUEKCx=lK2smo2d> z2UfJLq=3jd=-PKPdUaj0z71Ot4VspLvCe){Dhzd&#D(T9 z3Rqs>8D3o=m!#3HloVR6xc`WCy&}n|l#srrj)~!RVENOcK9*+-2Ld2=cJX}_X0;m! zy_*th1{w>ue<%%R{~>>^PJoGL^l7G$2H2PT9+B~rZq7p{ z*WTS7`@NFNB2}*+ynh9WE~BO2`LW5uCI_s?%oNW%jhKHuw^m#Iho0Ejq|Z?w@TcO8 z69L%cm%N{Jtd3f1(2i)sxq4&Ip$M zCmDA8hV#y!eIgjqR#Kp5uQa*{yLu;kxjUt*eFx7_^(W)nF`%AIs63R~*Z47of(V&c zi(mop`$xpYZB_-?_B0bWRvBL5TH8$F@mNR5=zZDpcTh=n11qYReJBvuC(+L8Ya41& z?EUzXGPHoP+Lh#wS7grb4grL?Hh)VsvX7i@E6zL~Mf7z(y2obVB}JB6y+J4mG2ZM2 z94~T)+deLG!q-rSG`;a1(ipU?F@KL^5k=TLOF>;^P3m-A)5IlA???=O?hXKMHb+~f zHQ=S&?Ws@N|7zh`uUohxuR~Vck&ERkjgz1}>Twoip4O;*GpLIY&oUG*MUy9R1E5#KQ7cyIIPDepZzN@pztk zt}h%S6Ws8_FIdgUEgI(J3+ML+9waWA#Z9TT2KGX;9 zD-ob%M@i%)f*`#pqNEdSCl?MJS;ATz@BeFTd9lo8Fgtc8sN(RZ#?W63fX|Sof%kF? zpG7}=k@bYp`nI1K?t3tk1=5!03#PUlEh4y~l-etIJtk4JGbs7TMO~*=L%O=CG3_-P zp+E_Z0K)BT&!`_4WQu+MZn*d*`;(Bj)0o&5+SqC%u2a|VcQtw+t~el+;Y27f7;ADt zh(WdqILBnndNgh3jJe?QluJqnU8YC^0UQ{{>fRq)f`HK__ks7{Q@4!F6{>g6P!Y-ze}CqzdrR81HqTB*LULb8Oil5A-T^!G-no}`=Vy_ zKeelriBfiG)47LZl3_~?utzp+m-$zV^ehR2i%5l2e25_*6*7F|a>FSxQFOui&)RIDAurazMTsEZ@y4db+MGEF(-R zDf*){(EpbDNwi!U_A8}6!P5Z1wxqlrS&TvlyrO{~1)9rHXKcN#*gs&(W36t^>OhLR zg>2MW*T#&x6kt#_+T~ai;(=mhu3abH4(_`#UzfQ@wP}LJ1=l9UDMD)D-Y~E9_u1=} zsomeNDsZ6feC&5-njN9Hs{&~bw-r-~qG+DwWxla%za~^9{z&C3mGAgl&ZQeR*vC0% zE2B?|;o&s0PeEs<0a+PuzI!I#QWTd)N#*9!;r$x`rgR6fl==)$J4q|Cj=U5;kFXJT z-&Ayhab#Vgynj2owKVU?r=HyJ<6^vmB#hNd?*EoCc+aYY*ddc)TwR|fTel~sgFdY{ zWFk|yC&g+W-BdOiG=PN`&C1zSKOf{w87TDO!Yv&^>eMStgO*(yJr;Fu+IJwm50ONvWox zOp{x(z{+?&>zQjUWe{^&I`dY*_cp)My^o;qT=0re3^!hxn|DPUBxy41vv6Ym<7|^Q!m)KFOe`dB z0y`YhGzx!qlxtV#j$C;Q!#n%ZcE^ZF!OfC=^I%PdAcc)hRpK} zz!m)#TMN*Hz@hqQSa)M2#i2LR7-j8p;#8{uY)1S>51BNlK+biDj1SDLH%pLPrWA4x z6$wXj)})mX%S&Q&=z3%sRcehn7q1D&Ma_@cF@CT!;kY<33k&}B^~sov%|a9wo8iVW z4^Rtw#32$No{%3gdg%Op7bS>snFM1VFsdg|NYy@jXMf|Y)(R;-8~&cZ?w9 zQ&Hz8LrW#q4|tX}fi`t&0PMao81i|o&TE@;G`mu+{N z2%p46uBa!rZ`|s6ilJmp8Bx3=@ek1?zXZhkY$sZ+`sJ|kFBQWu1tb0_VoRhaSQu;~ zc;SQ#NGAE=bRFD7#ZoVzL*=C1qG7MS9d@P{TwoK)tduuu8C}`0hLE~!ZZ3aVGF*j3 z1q}x!LN{NuyWNV;^`xfXQ2sLC{Uj3Db;o2$&bWZ`Qs~L@{4T3G`zjEtq$W`ak?{3~ zoA0uneN<C z1W0Xx10x4&li6CMBf$s;_)!(7P`G)uHKeG5kiacMtCuAMah{zvS1SodGl1%ap z;K2U@3DkIKUJ3Qa37taBf65+=0XxftrDyEvdfs@g0#AyL#)1A4f}k1Z!yjYzPYwW4 zqouiLz*N1H8Yt6+#rW)X1fcQNDJS&q_A3<^D&~M?cYFeX~gKo&+r?g!qWkta-S0CykRS z(t8hRl608t&9&1h(FQ>(oJZwwK1zchz-rBlLs@I0M0Y;SZIQdgv)zGB{wqpmc|14k z$x+jIi_9}diRi(|?x7O<0O+GL;07JfNrRE&gVN-U7`St*unO)9n~{zhxEjawzT|2I zPEyctc%V)>x9At35dNgLR*y5%(q@E`bg670e`h`Mzt*qM|F0cKWz>b#ZuE#-Y-w2M z2Ps#N3Cfj$+@?wWAvo~arD~m4p3uNZ#j|;Qc)06ZkQ?NRk_UB~qe$itZof$|59aT7 zx`DwH*D;D9zjxc-%HnrLK+5Q@f1(Z-!DY=LKroQE0|Fc;KGLggwZ@QRqP`Iuqarks zuK`TrMmDl1c3*`1MiT=7v%J_rg>epL)DobevwGE|vS2%<0T|({+(Ii-x6~S=;N(wn zfw#@0sCu58ckkx1aa<|gzY02Pn2)XB$a?MOuLPo{scmTg-F&U3F9Yn^pbgHIhpkPR zX!1F&pR_b7^grweW!0Xl_0>oBGcY1UKhB0_IXIw#I`e#oOdTA>xCO#dZl0M2MS-4y z=sekcvme~`iQoY_N~Kn|p$*e^WMkoUgYxbS?Exl9Wi#BZS2aV8o17+II^^rsG+FG= z(`NTfMX3}=W71wc_G&=-rw6G1&$^b}Ho(nyBdXtK?JMfKMV;BoKA zcx6~Dx>ZhAh?<-NxJ8Iy$w2zBde+|xEQ>dmW6sn5T(e7fi( z@tBUmlXS-0??%G;Ci0tGgtr$`uxTFfk|WDLaOPfMB3WFQ_G}=t6p-gxXZylLsE^%T z`78;X)zzV)CM-`R?}4dXe7W=cej7>-XHEd$>sS4_0u}~rbx0<$q*J1WOy*bteZpN2 zIC_;AY=BwX%(a7BD~lK&MKbExE^Bwj9gBd0A_)x{e9ys|Bka@*wN7~l2QbA1K7NvW zP;JC1j|Q%{t+pBjV0e^TCHd_y4u~#eJXq4JAkq!i4~C@WN;JU}qz@R*$ZS)s&m%Fv zCSyrd2pYQ!e-Wi~EyC*2<=AC@;*$@k!XiY3_n2e$*W_G>tT_WvI>{r$2v4Mtf$BlY z`uAjY!l}7Y@CVj3T)l~2!R>v76|FX9;Jw%`VTlAD&JV$WM#N$Aj+Mn8Fu2m=u zRn4puedD0j!)w2QErazEpls%LF*Nd-X84n#B{bB}*2}zGL8wY~H0`$>=Xxcc9_X(C zlohJ_Gpg@2!WLH!vj%A?Nul7@-+UWUs_(>~!fONN>Gzz*jl+1I1Fw?k4HdT6@+ATd zY5&P5gN8>DxQ#X}R2VEzy`M{7@)PtG8z4}XqR9vHyeh`BbB2|B2(F3=Fy*;xgHCHp zjIQxvP_P~!C8^m!slp4fgOIq*=fnR%51A!KuXtWa5VuM^&tOSyQ{;vn z1-DcORKT;<4icM=z-E0mCj>&>G|NT63pJLoC@Bg;vs3SqOLUCw=aVeX+r+9qohfP0 zM`mnJj^oWk?IOv9ZBUm(c@o-Lam^{lM8B3|62NOqjyNWPv`?%V<~43M5azf}Kb5;L zZtz4?R+tw}lg?JJmop|0lm(3W$T1P16YOY(Ln)46hLu{149 zn0jCi3%s>n1`3uLS&|SG#GyS5irP#3MO^ z@n(M7h+LVRmdfLXTzLFP8uE_TO62l@!!h9eG)RulHh28t)R1J4w=`vywtU1wT@k+h zFaY8Uk@0!TbO#i%!NodR;^JA?u=L{iy=>QJuCt#qDaNrCFz#ge-HfbF4zw8ya$!R{ z+upTqYz(bu7O(iWpOw-A-#Clkh*h<*+&QNv1!;7)lJ-id_bqnNe{V#Ru2WsW-jzlf zz6devAHwHtkx44GjztDB%!(7fh7p}@6AcLJ=}LsnL-!|`b4Oa$bc!31aaZumkN@H{ zR?3V~`e}cBL(+>7eO2i8TV&x3)SJ0tE%u0|T*I9r9`EPSSsLjVOEE+ijPWJ?w5Q(o zDQP3)6RK{GbGL-=5Sj+0zN3=_d?L*z(Q+Q^`vVlo?_)saaBuqr!wyUHZO>MjHQun< zL@99_$V5`Bw{TGe965{e>`)lTiY)W1Nj5P3i?VTdOhw4yQ}SQZRd~$}sSoS zRbYlb$WHmGq=xz+2PXknG3))FcDE|78va1?+Mp$T#ISt+LD~{9zIh z6%^DJj+RLdqNt>6Y5%vNO51zsN|0SuM)3C%{w9d4E_M2NJ7)mEhvN(p7shs>vid@AJ1;OZ{l{5fl9)^wtTafLoB6pHjAtClP2q!( zm_e_2GUN>%1}Br)AWyvCU3IbiM#xh|ou;3S0mm}O;pVS~Z4*>5`ZxHo62mK$hE3fr zEwk4x-emOj&JEJydv?}qEjaX!2j*swb}&>*E5XCikxxiZTYL!x54;-G=|g^7c<&)Y zX)-KsZTQz}5zb<#{oGc9T?Zmoi6H~=>Ihqe0z0ZZTx+IDSM3pG_MTt_Ik|fNC&!%s zXDkG!MJb0ipE$;$H|2!!NJlQq{iM3CWNzYTg*~#_q5_lo9YS3tIt_3G6~v!xWc0e1 z(=x!8s#NHYz-$7izXRc>Z8J(~+}ta=kY4(PxF-wmV{9yH;eIK`wsey7BrpCRMFxtPKXf@h7sTF0fBs6GumNg4MB`c z+O@4(wnhDi?fPWlHfycjb!&npuVP0Cw|Fq2JOTp`kF-s50kX? zU^^_Eu>4Fgwh~tuxfPzC1*O1ct-1XEUcw?e;;E66*-h{Qnbb+(o2F-RuK=+4wwbdH zpKvPgKwQVklj5`ColJz>>`!tiRXE0O_)6{wuRqyeB=3_P0JbrA=Csc)I`^u{6RE*jHl=vA&$+{o+!A_or{(G>rw> z`>3eq!hr*oi;iQbqq3+QG^beAO-OwmPd5Jv?sHcs=C{xJU$j zRS*r_0+PIIRZp}i9Z9L$VBgN>A%ceOy;~+D|4!#?F53KT(VCj~84N!0Q2l{S8!K;d z6Rmf3i#k||*rRRYPto!~Xa_-b)<^G0B`VKy-{_^YtMQ*B*ct2ZuSHDtQtGYkXXo3Z zL>%|icM9`p%=}%rkux0QyfVdw3&<|DUs*S<+kZCr8ag_ZuiBDLW>Nj|=LrILR_}Amz_T)3IrxTjmDvMV@SbcHJD=0q* zLY}M2(Fy4h_?u&38iLOp1Hnw+OBC!aUX;1p=>x{f{X`8;Rw)s4U82UrsV(w!(Pe z{<>pT;ucC!k43mcuT_3!edcspHNJR{V*XcHCnNSwv@hB6&OqSGE&04i6AyuT7f3oW z>_n+va6UyJMo55WX7t!z3%hDg)mJ{t@5+GAm6~|`UT&6yXA&hDYMIBKaI;ena#OHs zz#hU@VALd3Pwn!o$YQiomIM|Ds9Zxp}5jX{jx;cLIIs;AZP`@>6 zL;fJaI8gVkiv$OFy%pA25G-#26!;zvh)W?#4x`EwAYycY_K?DEd1R~Xnq`C7BDQ1M zHamijP$uTw;cZxT+XYdY^$K(_I3L$lQ!ByG@5t+59xCQFT^CpxD%^Hi_DJ3XtLYD7 z(OLXdZAq{>{Ui*}>YL%pQ?6`#*sSm|-tjKOS;PN~=D0nj%2Z6Z{winwk#vQz*Hl~` z7{h6~j@c;Rixe|~OhE6J%Y?33c$lf(G3^90Qg_~B>9p9_G&O%2GrvyxcrD_K0# zDvN-Fxy%z`*w6aiY#?l9qB91l%`5U>Xy#9LI;DOxg z3GZWjR;1XYlp!gOq4fzX{-tpB4~%W&d~2vh3N^hJ=+M3fOmq@l@g-F)IBju3B+nhc z6c6*YOEC})O24eLo9h*E-G?Sev6>IIu{QjXkX$#%D_o?K69620a9m|AMFEFf>+3&= zpGzgyw_!B;fNyX!zA%^(N5I`e?WW6@Af`G<=bi&mB-os56h2F$&tg`FrH;v^>8f~y zWtE>+6QGxAqNW0(Xi{htZhbCS5?mExiJ;su$=L@WV2iHUF7|_1kTrbD9)h#pcf2JE z3Z75sTy(W)wq+EwaA%e7fV?pT`VsftX&q~^3`IjGajGRLyB%pfW%z7f(9`M~*YU{# z3Y#=O&-)VC*6l@}L2|-Ez9zf3VmCS4;CxOx%=> zh;++LJTuLo@%5|DF30=Q`Id?C$;SWz@S%us;JqfPuV^dgk&qI$Gfp1h45g;S2_NfT z8H4MldH2z&Dp5@Z%hm$`uYaFdp z*0Xi;asG$S@Xdc|$3Zpo41O%i?C@*$oOCjI)QcwEgQD7~t(~%T{cCuNV`++e+ct1C z%|)HAkG#hwnl>(=6p${$75L(_>ja3un{an1^Jppclx-;mlfEmUC^0x&a+rP%z^If% zH8YV>td%m$YG`W8k;{s^(^F#GBHXerj6-P5^ypYXh=%kdY&E<>?{XVH1wIsGxVz-| zI@|2>P-Z~{gNU7q8<&}5vfik=q=_Hi*#b_3@04>~?rdUtr!&PFK$*q%%=_eF5jriz zsa?dwh#b%F@!_yr%QToVd;-)@6k{-oHsK?zz2{0p#xh$mhBw!b9Fqho*s@q@3RXOZ&(w4y{q)&Ya-sp7JBzs~-E^eC>bl$FBVna== zss}YnY(17;DV8n-b*Ps8_~r*%2Zk;&WX0_wL!6J;n~5ZyX+2^psZ5b&vnCSq{}ZXXXmE3}7BDQDNX*Z?FmGSN%#JVfgXaojpm zrKdZ141I@B7XcSWp(hH!Lt=vtjgxJs)uRlr-qNIAlzqlOEGY^+vIHT{r@km!;u$uj z!G8<;&W7^Vkl~{S4mnhfqSzKB!TC@FL>6ypICWoW%~B!{<*JW_ZT|Vp2vT-Hv-;jk zxf*}q8OJ>emD-MzV?%aPTfvznPJ6oIN^GMwifjB2hiOdzU2}d7dzKlUpxHz3un{ad zc111SrdN^$#gN`8PiDe4WZ>Z*a_Uy#B0%woqUQk$i@_S3WL^~Gm_<sM%CsJa2n^U*o~RGU_RaDH5RBx=55{mtz#6(kd`Uy>rKEG18aMNb z0AUT0TF`$*u+Y#dr7nH;h&5~r*?a|cj!Jm50VNGy?K5+?49p`-z~3gx0~@oN1}h6P zX$2L)9b@7VcaioodDF_LHOPTDC<&m(t^mqDshIuU!gRVW9o^$Art0Jj*doUFhU z-Ihy91)>N*C5zU=HnqyU&vJgMF(p7Sz1G7eXl6TI zO)=3b_1Tr0niPfx!h9m(FXQflLt#c<2J|C$4fS&I3A5BaXE>A2k19!bC%X-jU=$Z4 znh%wu?S$kj_=|IOK;TwIMb^Fgvxa{~9y|EUk7pN!+!_4n!-`Qm_+Hh4TlQzn_SKDB zG(tPg7nTRijcPch%m( zqnGV`Lw~Fq6TpCZObR7WVff4?_VS9#d%A+@lpJRwY8_$&CC@mtnV*hFj?P__Hb&gL zO%R|0*bAtdtd?MyO%kr08%*f;3yZ~OxO=2!#ku>aQuMSVS& zc&W+^28Ir~@rx*^XWNFa!d&*g<0gFsKjri1k=Xi~X~~&XvRBDc@bPlP)hNQEY)O{B zjcfhe50ecw3au264ZQm0l1-9@tU?qZrf)o7gS@J>y~|5L`A?buU`+=A7_!t}#=^QuM9ESus7p5PXc4Ir~gp8m21nQi_>UL{sOHVMS zIt|^Rd3}2P_&j3Ka+V)w-@<7JR*|avhF3q3OY}g$3$iDy6oS1Vhl*2Ajq6rXRuIfU zWXwf56Q!!rBiyyQ{GcXyPExgWeD&Nm)vOq8#Iz zKHkzIT(}rvM|BBB3{X-j@cqBu-sxzEv+Xuidi#)B!KsY!Ei_qCH><2(AB?{P;}r&N z`tA&qAR(A|lQ0IFv0}W`sRi>haX6m1J3#3?23sAWfPRd7IEE zHFBd939eFOAJouE?`qt}OJ2SATVm1~x2YE>fHmeZUFCj+1)Zslh>-8(9OGQonNxIW zXW91PWTq#?GDLMzjq7GRPP3ZUv}x%1nQop&V|F-IpiJBnDnYpkz4IHh`D(=I3atHc zPKR&DTEpUbAPpi0uyElV4|GgNMDR%2R$>frRS)P-RBVrw!u1KlHWO2cuJ6ixY%-Sg zMa1{Q7${|4t+HD$1$?mRvCfZs2r+QTE$cpaZ-2$^0omLc{-WmLo$~o7dr?-&Kj)na zz5D*HG(WI%nqca`ZdTr-K#zFCRun714-l^tECc#Fg{Hq`rSPhj!e2*$kB#m_oMs*0 zuuB<&4*@`f34Vd|i17pBsRXtV)U_%u6hx|;;TxHxq>G<8_h5ap>VPJFLQrXXtDnx_ z%NB|^0;lJxs_S_uKys^aj)!b>n)qGYmX{jo{*#F2@?AC=KgR%lHdwDOF-gBY{Eg9? z52m9J>(vsE5Gb$_0+h8B@PW%BB>^XF4LrfgsN!dBMX9q!hPW{7JmIEcDslto&UF2h zQspn%(fklUhQYt;8%qi$bN$|d=Q5_cuO}=n?f^S{^_f)Q9l*^IH-1cZEAGqJ45^{V z+A-J8aPV=79srJ;xxbi{qXi!gZv2`IYfmID<{)wP3B$o>0-O(1ZIv&iHi2!+?iZ2^ zS!kiLeoUUR-3kpQsY%;~bQ)dEdiQ<>zStOE{&}aWG#wg!TsQB5f9!CbRu-_#?8IM% zB9?t+>`9Fd%8S<8cFZG(CV8rd>gvAAD-~JqB*Ivaf+s1ld zpg!ULyA!&8c@f~D4$e#_L&Q-5x$Rw^_2D3Y*k{vNJWJ!p+fMO`N#u^Dt`&6$B$8sM z+K6DJcYwtvD$)$Tx;wn8*HpfraEUZZMcOM(JE0|0UQk@x6W7PMpKzOdKfh##Z26 zJd%qTJEYW~$lPab(N(a~nl$wrHVDXs?t2jv!ab(8ewBfeQa1i(qEZE&0ej#3!^>XT zvkV{gw$e1LrKkIVRL6WQ$Soob3013f4N$-a7u`8%kvHe9pqunTZ}4SwGVr_uB4Tbj zt`~K@=a~m$Lcu}u$~O9=?Fh|2AyxSuGY*IC`JaL*X^%Zi6Eb27PzG)nr7}wUD}<>$ z8RS(^&;t+yN~gx_cK0)U{KO4B2A<8EMV~lH;9+OlQL!r`zOxH(K$!ziE!Ce|pXc|3 z*Pp7y(r0$K=IGQt;p_Z6Supht=%`lED$++c$IT@|HpeJ|$OJ=XUCX`{a!%4kn8ACA zRL6H8Xp$Ih^*hBvsBgb}d6`u&h8N_62UXSY7E)x|(VnEq9XLItaMgRD9-UYBX0`{> zRj#(%$2^0G!+J0Qt`o3zE@PC4tGmea=p-f0DpYNm7ayhZ_LykkUQ>b@G%b5W*UFYt zEXW8p5VVFW5!PDssa1GXP3nd&{$*5r;9y?d|)yHn);D88#`2w0-!6oAVl zT~tSu(BMFAW`$pc`I|SSitN*!Qzk=;{oO(m)z z-{1V+CXidQle%4_$QzHdkU2bcE|*b-!#2#zF>VNDO+I58mh}+5#9y+_4j;{Q9Q$A( zr4l9p^yNYFnEePGSoX}G-C+zQRzWrc5v>957qfn^jjJmKNaQ!0eZV-Q_9)04e(ag`O4h$oXH-|i zOW+DHgRmGmsPHuya#fS*`n=Bq!@zCoSlwigv+WsIaxk}&=#7M~x<FX z!39HB5~Kl$bt4$=Jx&lR-zVW5IWS>ALd1Y;;ov_mg0#}@l37y@4gBXK^_z+xm4+_r zHJw2?2OBoP+4Bp4rsC{%sl&*Kaym^{eP0y7bfGaWNh$~O_0(CNiRN9LTY!OMfW>** zc@{7NfJ^*e&D|Z_8muOOf6Az$Z?eDR0}#iD%S2{IU}cNjRrKolyi*pb1Ha70`{0AR zVAy-a(Fn(^F#_MNS3h;VcY8+i6FhU*;U%>@!P3++YgGCyg|>yiBMf|IBYmi+3@=U1 zh|3yj;;i;LQ4^xes$_b#Ib5Fn47W`@8RI2Fs_!sG$l0rfpA?Et+<9Kqlq=66SFz;0 z)0S_F3)+1(`UVB#6S;xYURzZKrgM|rtBW-H)JTY7h-t5Bb%Fho2cqf%V=n0na?Z$-+~jTrTP z*TQASO}CRS6m8;1gM^XfgNiM8Wi$xJfkbp?N=8=$-w8=oi0fW_xCO!3l`@Moo7H8u%p{=OF<{O@(jB9zLfCn{!Cx1iXJbHGqdDC&_S-I$K9bHOz|) z1>b`3o17)EAYRLzo~vC!Z(?Eq7Rjd$T9MT7+bt;1J3L$-e#9T8w(PaB@~qUcnc_Ac zVB(5>J4-Wq>dJ~#f{}VkR@&b^@lDbx05yE;_~^#9b-h!`TLk$@tB$B2$+!nJs&>4{ z8*cc$5GMn4dnOa+47DJ9i;*72ir}Yi2AK5qVa=*si4VgErl-^}nLd*N7+af*(G}oe zlSjwqY0Lt359oziP{R$JNr_h)j5T9BZ^vOU)sKF)@_}Y$J^(VPRvN{>v5Ntp7+9wrZ_xp#FY#AX zWh!NH4=9Z-r9+0sEA*p4H$^-OI!Mt*yb6B}mQCVrkjJyznz^}o6m;a;@YM|M;TER% zJF%}7*IXIVh^Z!i0qLcq(4az}U3B2bs2VgOvljiR_Ffoljnc=ClsdZ36)Ux(fQtDB zy=W{lh^*W^exGXO1*aVC6D!Q5elF8yLmX#WR^G0gM3vmBEpwutK5%nu`;Dxv!^;LAB_3fWX5^f=b{{>HU9#r2==LT4c{pasXq8L+w5bP zkO@mQAk~L^17p;Tnx|VVCH|3@J4*2#uR1#Xr;Ka>2KGpk6%4FmZ3&&;Jqgx?x;sGV zc_1Ia7gGTTge;@2d(dV1AqC5#=&lH9v%LyZP8l0C!VP(wBP0w|G0>{Ln@2pa2W_{| z0wEkMEiGT#4A0MXgXh(-bnOCZTe~VYs8jjSk8*LQonYqFUxmO}o5+rFTwtUK)(D{3 z)uB;Cfbsgj1}3RTc!jps8aK6pFEozm;b{~vb92M5)H#9emSF6jvWHJXy?;lYtZwN| z5Tf9@Ud?u52S>g)InS>}!&l%ffKC zfGk5su=tr3G*w+6IfoibdBFI4-~EElOyuRy(V3RVq0Io);<=KFv0^6^0B0O?eR5=PN@N3pc7Ea z=*Sd~$u<1LgoDgCdOK)Yggb7hlD@{rc%rX6(m9julPT+0?%GL{f={r_rsn-6Tp(Ss zpvDaGhI7KqbuQXGXMxmB;KL$n;VhM>taDAMhmvR|sjQPOc3Eex5o;IB-uhzeUpZyx zL@uO=jv%0k>4H>G)ig7%J$C^MIx{(aPJE;hdE$GIBi;;&?kAVPU8B?JlHg;&MPn+> z#%@PeSi04DIgxF?OO;@ynx*wWqX-~-dtiv5UdE?(r_qMgx|`Z2i-OrHO>~<_Z`Q{n z;i1ELu=wu*SMmgN4nZZC3J_qw>t{zF`gfaOI}!J;QmRKDnbU;#0Q zE-#x17SD5tl78k$C@Cz!xtlhkZ5L&da(=Hon#WVkSWu%COwJ|0h~(_9T@o(n)ZW5Iwu8ud+De9VF$>7RwFty zQd%~EZmSPfFfzJWmit;pwG!qmMEh4{t}_H$fGlviykF+Jpgf2jH;7wf2DWzHA|1HY z>~1{);1jYsTqz2=jP{u;QJ`J^j)?h&7i2Zk#PD0g9IXlA2Rt)hnFl9ltZ+%Lo8=12 zb&!Clj*f1`y5q?)cE*Wbhr$+9ECi%o@Nd@0?TpwtIh34?A$$d3Gg&r8oYvPCDTzP1 zsLy6!Nez?wT$x2)V{=Z8{1ReZ(3xg%NIeucnS~~+qN%Sz30@oh-r6*h=js#UoEe#ucCZvt1Z8iZn0h zC6bK}8Gypt)pI+KKv|E;-1YNtt5)o%ZvcPF;S2SF&Jk7j__A-Y&%{LM_75oPF{xLZ z9lf950X1vxQdV zfVn|c)Z*`alY5~5ggz}@WhbbgLcpbD9G58$kh#U5L03D0lIhh*N7eKtyY$Q9AX9s&DYUoDe;Jh34u9jYqyPA5tZp)xU2Z3!2X+ z5f3g0``FzpQ9mb0b<`(d&G-@&0nbd#2&P{Y6DD(o4NGu*1nc zbHS67?_?gsOanFXro|;`?hA%5U%LF$De|^(ncwA0RV)ih7u3fl4zE6NoEADDyBGG_ z;8TT|>UGSiF>AuJ2Bwk+u4w0>G7FOtJ>((3hYrhpOIJlp2s3mamIT()x(Rtq@;Btbyy;kVez4+}o0g-IMTC8w;A<+< z@Upn_1PgU^eWJVh1|<;A)7!eCe)aGFvk?Kqz%l5SH@e&g=LDoN;avv~_76={6h%#h za(SSgSB>qN!ni0L$Nt~SOY4Wge~Oc_Ec0f(pbyv&v;kqm)Y~$_@7!!<5;4p|UfjT5 zBu2DOU!9Fu94YfzNn$8mBJ+i$G5RMx!O2&EAP8X{)RI1w!FKoeD-NGwKG}W{hCE{( zlm9^|v?6xb(Zvr;65eRvwMMenE_rwV;jd+j@iEn>JL#wJsH5%z6Ko>W zC}6}Fz5CeUoiS(>9*f-M>^;YE1mbg1Rtty~>_VrpHEY#2M{GU?r_CM6;+Wj*V$_DV za-!geNtzZdZv)jiAC|W&BSnaX!DMWNEm_M@g zKaf!xsX>#E@AlCJtfnOWJ4F8XTdbe(uz?M7`2J`{JhcvI?2YHpuG)^nd=^1uqWQlc zbXkuA#FHLsXCI2YCVHOAycywYVn@s5Y}`Z6q92f~D~`+830bA&_C+{uE?bdd^7F*1 z>|mgBLy%o-SM=Gr8ePu?x4U__K*I0fE1(Bx#7;j5VK^dv$7tp?u}#r%S?J;-<8E%x za8Cs2q_wp!4&fLTtq|5R{9_^`}Vz1lD9`9iBBwU=deA_bK@<~aEyt)Ve@=8bU zk+lPrF=+vR!cwPE_7TZLrj>}W zN7E$k)OMG~!9RgPax)vn^8t_w0h#>K#a%@L^7!R|3JLXHy&9rhX|V74&=CU&tACaw zg0nE1gA&#mu%$&u8x566%j%&fX5|kc2!(0%nkW9uMd8WYS2uM;LL2af+0ng)OLjuL z$8mTK-0Jgwd!t=$3i;`)F8+i+=`0ehr0gK32s_J#M3dsHjh%42RWzFnp;8ao5bLkA zXv`*qv(xc=vpn|z-Xy#yj-+AEN!gwKxS%spYNInyoCl6TVHnD2Dokaa5kRT}BhYMU zusZccA`iKjES8|*m9x?+j;DWn{eAqYSH&56QqJ3^EN0m0axC&D6}S=C#f8XrwDRo1 zG~B|svY(tCwJf7FY+Q4os~MRL$dwm`s~A@_8Z{o7e8sxH5ut>UkWZTYQPeZWb95*) zxrrM+&OYM|jJwe5dyW_GR;pJ%^`LzZgg8TQX9)Xf4plVuLWD0d%~1&y*mVkjFv+ zL$BABRf?1CrBZcMw}#rApJWK!lqPJ72JE2KyNYvz<1VIQ(Kw~49DDVlZ9Zx$3DB%n z-RIhC4NX3+0iDNn(UU3sW~mlDyR5@&C?cLx$;~-QhFe6iPe0f}OSz)y1ub_RM`xvwp4)F1s1_e?Saqsc^GV-DXTm|<|Tt#ElX+FkO9XOa~ z3eSGb9=TuBw0AdhMy-qmZC=y2IoLk&(8{9^P_KaHyb81qgitw-cn=sK zV#A5|e?9l@H8i7(z+Fk8sS%(Dm2SMGTU&?s*Scv6-xjcbBWK%VGt~}YbboOzA#3Jq ziB-ws^{N@oPEHH**uB^zTXfN2b`)!`qyqIMfAXOyWjxEDO?4%Hk>U#ZU3w;xje!mjmVP5u^j-u0t`1decfN-V6 zlokWT5jwkQF}96iKMTg;TQCUD7A0B_uf{AvRkp#OwZUX>1ofGHXp%HT%1SO$EqWQR zVX);~fBBoJs zXp3&#AZa#UwFVD-BtC)09yM8bUK7>5?WkMurn&4{zNyR~{5Io(hz$k@9Y+s8*GlS+ z!9duA2=zcqmjClS_NoWS|9!hCePm!VzzsQ=G!i076b>FXK(03;v+>B^-{ZIy#LMFy zkrG!Lm`|CGkL&v@0Hxnx{b!^cF-vB)S+b-FFWO9E@x{rB$UaB&hL-Ev%OsI8Q^{=va?i~s-ytt6H{VJZz?LZszfw{ob z6oz*VFOmrl`aLi5K5i}WU$yKvB{Al)h7>IZ$p^~1cK-E87-OX}hdcQ`n45N~x44Uf z=8hPHof%LwK%f0A{BbY=m4EhX>E7BI0ntcCXuT-fs!P@(7CcCI|~vxjs5 zKP<^Aq24WlW%S~shHlLf$UrH)R2#z}WJ<=k&>Iv6PBD2l^kUc_`ktSy{2}O^u2tOGyrm9w!J0^IXQkG{vZ$V~8Z^${&3Cu@>R)xZKhi`R%!$G5NA5 zz2zhgM%AJ?l^vmEgpqW2(j=zE3w6EtlDltzP=YHE!TfDGK)hFww;iK0OmVCti22%s zIiEKh7gUFSGICd>2=J8oXtbKxgqs&t)Ofz%0+3WxB1m9j=k8aM6WQ@niFYc|%0$-IZfXuV;PSl*9G8MTT0zYg;CsJ r=)I0FOW3l6?6sqWxe-2^jA$M4m