From c99cbbec5da5e476ea8577ac85e8ccded6d00423 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 5 Nov 2025 19:43:27 +0100 Subject: [PATCH 01/16] adding missing permissions --- roles/api/files/replace_metadata.json | 246 ++++++++++++++------------ 1 file changed, 134 insertions(+), 112 deletions(-) diff --git a/roles/api/files/replace_metadata.json b/roles/api/files/replace_metadata.json index ba5ec9848..079b8edde 100644 --- a/roles/api/files/replace_metadata.json +++ b/roles/api/files/replace_metadata.json @@ -10033,20 +10033,25 @@ "check": {}, "columns": [ "active", - "app_id_external", "common_service_possible", + "is_default", + "recert_active", + "app_id_external", "criticality", "dn", "group_dn", - "id", "import_source", - "is_default", - "last_recert_check", + "last_recertifier_dn", "name", - "recert_active", "recert_check_params", + "id", + "last_recertifier", + "owner_lifecycle_state_id", "recert_interval", - "tenant_id" + "tenant_id", + "last_recert_check", + "last_recertified", + "next_recert_date" ] }, "comment": "" @@ -10058,24 +10063,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10085,24 +10091,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10126,6 +10133,7 @@ "last_recertifier_dn", "name", "next_recert_date", + "owner_lifecycle_state_id", "recert_active", "recert_check_params", "recert_interval", @@ -10139,24 +10147,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10166,24 +10175,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10193,24 +10203,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": { "_and": [ @@ -10238,24 +10249,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10265,24 +10277,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": { "_or": [ @@ -10306,24 +10319,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": { "_or": [ @@ -10347,24 +10361,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {}, "allow_aggregations": true @@ -10375,24 +10390,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10402,24 +10418,25 @@ "permission": { "columns": [ "active", - "common_service_possible", - "is_default", - "recert_active", "app_id_external", + "common_service_possible", "criticality", "dn", "group_dn", + "id", "import_source", + "is_default", + "last_recert_check", + "last_recertified", + "last_recertifier", "last_recertifier_dn", "name", + "next_recert_date", + "owner_lifecycle_state_id", + "recert_active", "recert_check_params", - "id", - "last_recertifier", "recert_interval", - "tenant_id", - "last_recert_check", - "last_recertified", - "next_recert_date" + "tenant_id" ], "filter": {} } @@ -10431,20 +10448,25 @@ "permission": { "columns": [ "active", - "app_id_external", "common_service_possible", + "is_default", + "recert_active", + "app_id_external", "criticality", "dn", "group_dn", - "id", "import_source", - "is_default", - "last_recert_check", + "last_recertifier_dn", "name", - "recert_active", "recert_check_params", + "id", + "last_recertifier", + "owner_lifecycle_state_id", "recert_interval", - "tenant_id" + "tenant_id", + "last_recert_check", + "last_recertified", + "next_recert_date" ], "filter": {}, "check": null @@ -26183,4 +26205,4 @@ ] } } -} \ No newline at end of file +} From 9796718a624435cccf1bfd761e0fdddf35aabfef Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 5 Nov 2025 20:16:01 +0100 Subject: [PATCH 02/16] versioning --- documentation/revision-history-develop.md | 5 ++++- documentation/revision-history-main.md | 10 ++++++++++ inventory/group_vars/all.yml | 2 +- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/documentation/revision-history-develop.md b/documentation/revision-history-develop.md index e965c6c2f..bed3940c0 100644 --- a/documentation/revision-history-develop.md +++ b/documentation/revision-history-develop.md @@ -300,4 +300,7 @@ bugfix release: # 8.9.2 - 17.10.2025 DEVELOP - add ownerLifeCycleState -- add manageable ownerLifeCycleState menu \ No newline at end of file +- add manageable ownerLifeCycleState menu + +# 8.9.3 - 05.11.2025 DEVELOP +- hotfix missing permissions for app data import in certain constellations diff --git a/documentation/revision-history-main.md b/documentation/revision-history-main.md index 47790f5e8..6c7e43c48 100644 --- a/documentation/revision-history-main.md +++ b/documentation/revision-history-main.md @@ -552,3 +552,13 @@ hotfix release - fixing services-other ip proto import - improved quality control with stricter automated checks - various fixes in modelling module + +# 8.9.1 - 02.10.2025 MAIN +- owner-recertification + +# 8.9.2 - 17.10.2025 MAIN +- add ownerLifeCycleState +- add manageable ownerLifeCycleState menu + +# 8.9.3 - 05.11.2025 MAIN +- hotfix missing permissions for app data import in certain constellations diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 256db00cb..dc086539e 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,5 +1,5 @@ ### general settings -product_version: "8.9.2" +product_version: "8.9.3" ansible_user: "{{ lookup('env', 'USER') }}" ansible_become_method: sudo ansible_python_interpreter: /usr/bin/python3 From 24b4f4054173a016a9ecb9f0ecb0571107593e33 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Fri, 7 Nov 2025 16:11:46 +0100 Subject: [PATCH 03/16] fixes2 --- roles/database/files/sql/idempotent/fworch-rule-recert.sql | 7 +++++-- roles/lib/files/FWO.Recert/RecertHandler.cs | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/roles/database/files/sql/idempotent/fworch-rule-recert.sql b/roles/database/files/sql/idempotent/fworch-rule-recert.sql index 53e1b16c5..00f1f0294 100644 --- a/roles/database/files/sql/idempotent/fworch-rule-recert.sql +++ b/roles/database/files/sql/idempotent/fworch-rule-recert.sql @@ -188,6 +188,7 @@ BEGIN END; $$ LANGUAGE plpgsql; +-- select * from recert_get_one_owner_one_mgm(4,1) -- this function returns a table of future recert entries -- but does not write them into the recertification table @@ -226,7 +227,8 @@ BEGIN SELECT I.start_time::timestamp + make_interval (days => o.recert_interval) AS value UNION SELECT C.recert_date + make_interval (days => o.recert_interval) AS value - ) AS temp_table)) + ) AS temp_table)), + NULL::bigint AS owner_recert_id FROM view_rule_with_owner V LEFT JOIN rule R USING (rule_id) @@ -253,7 +255,8 @@ BEGIN SELECT I.start_time::timestamp + make_interval (days => o.recert_interval) AS value UNION SELECT C.recert_date + make_interval (days => o.recert_interval) AS value - ) AS temp_table)) + ) AS temp_table)), + NULL::bigint AS owner_recert_id FROM view_rule_with_owner V LEFT JOIN rule R USING (rule_id) diff --git a/roles/lib/files/FWO.Recert/RecertHandler.cs b/roles/lib/files/FWO.Recert/RecertHandler.cs index 025ad48c4..50c61acee 100644 --- a/roles/lib/files/FWO.Recert/RecertHandler.cs +++ b/roles/lib/files/FWO.Recert/RecertHandler.cs @@ -27,7 +27,7 @@ public async Task RecertifySingleRule(Rule rule, FwoOwner? owner, string? recertified = rule.Metadata.Recert, recertDate = DateTime.Now, comment = comment, - ownerRecertId = owner?.LastRecertId + ownerRecertId = owner?.LastRecertId == 0 ? null : owner?.LastRecertId }; bool recertOk = (await apiConnection.SendQueryAsync(RecertQueries.recertify, variables)).AffectedRows > 0; if (rule.Metadata.Recert) From d58e23364e99739b1433474b250b37a10f2a32d1 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Fri, 7 Nov 2025 19:04:04 +0100 Subject: [PATCH 04/16] do not pull if local docker image exists --- roles/api/tasks/hasura-install.yml | 216 ++++++++++++++--------------- 1 file changed, 107 insertions(+), 109 deletions(-) diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index b32a975a6..2dcf5804a 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -2,84 +2,84 @@ - name: Install packages for python pip3 n virtualenv package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - python3-pip - - python3-virtualenv - - python3-docker + - python3-pip + - python3-virtualenv + - python3-docker become: true - name: read dbadmin pwd from secrets file slurp: - src: "{{ dbadmin_password_file }}" + src: "{{ dbadmin_password_file }}" register: api_user_password become: true - name: decode dbadmin pwd set_fact: - api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" + api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" - name: read jwt public key from file as JWT secret slurp: - src: "{{ jwt_public_key_file }}" + src: "{{ jwt_public_key_file }}" register: api_hasura_jwt_secret_dict become: true - name: decode key set_fact: - api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" + api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" - name: make sure {{ fworch_secrets_dir }} exists file: - path: "{{ fworch_secrets_dir }}" - state: directory - mode: "0750" - owner: "{{ fworch_user }}" - group: "{{ postgres_group }}" + path: "{{ fworch_secrets_dir }}" + state: directory + mode: "0750" + owner: "{{ fworch_user }}" + group: "{{ postgres_group }}" become: true - name: set static hasura admin pwd for test purposes only set_fact: - api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" + api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" when: testkeys is defined and testkeys|bool - name: set random hasura admin password set_fact: - api_hasura_admin_secret: "{{ randomly_generated_pwd }}" + api_hasura_admin_secret: "{{ randomly_generated_pwd }}" when: testkeys is not defined or not testkeys|bool - name: write hasura admin password to secrets directory copy: - content: "{{ api_hasura_admin_secret }}\n" - dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" - mode: '0600' - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + content: "{{ api_hasura_admin_secret }}\n" + dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" + mode: "0600" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" become: true - name: check for existing hasura cli file stat: - path: "{{ api_hasura_cli_bin }}" + path: "{{ api_hasura_cli_bin }}" register: api_cli_check # only download new version of api cli, when not restoring from backup: - name: download {{ api_hasura_version }} hasura cli binary get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" - dest: "{{ api_hasura_cli_bin }}" - force: true - mode: "0755" - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" + dest: "{{ api_hasura_cli_bin }}" + force: true + mode: "0755" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" environment: "{{ proxy_env }}" become: true - when: not api_cli_check.stat.exists + when: not api_cli_check.stat.exists - name: initialize hasura cli directory command: "{{ api_hasura_cli_bin }} init {{ product_name }} --skip-update-check --endpoint http://{{ api_local_listening_ip_address }}:{{ api_port }} --admin-secret {{ api_hasura_admin_secret }}" - args: - chdir: "{{ api_home }}" + args: + chdir: "{{ api_home }}" become: true become_user: "{{ fworch_user }}" environment: "{{ proxy_env }}" @@ -87,58 +87,57 @@ - name: set hasura env variable set_fact: - hasura_env: - HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" - HASURA_GRAPHQL_ENABLE_CONSOLE: "true" - HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" - HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" - HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" - HASURA_GRAPHQL_SERVER_PORT: "8080" - HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" - HASURA_GRAPHQL_ENABLED_LOG_TYPES: '{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}' - HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" - HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" - HASURA_GRAPHQL_CORS_DOMAIN: "*" - HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" - HASURA_GRAPHQL_JWT_SECRET: ' - { - "type": "{{ api_hasura_jwt_alg|quote }}", - "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", - "claims_namespace_path": "$" - } - ' - HTTP_PROXY: "{{ http_proxy }}" - HTTPS_PROXY: "{{ https_proxy }}" - http_proxy: "{{ http_proxy }}" - https_proxy: "{{ https_proxy }}" - no_proxy: "{{ no_proxy }}" - NO_PROXY: "{{ no_proxy }}" + hasura_env: + HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" + HASURA_GRAPHQL_ENABLE_CONSOLE: "true" + HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" + HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" + HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" + HASURA_GRAPHQL_SERVER_PORT: "8080" + HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" + HASURA_GRAPHQL_ENABLED_LOG_TYPES: "{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}" + HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" + HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" + HASURA_GRAPHQL_CORS_DOMAIN: "*" + HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" + HASURA_GRAPHQL_JWT_SECRET: ' + { + "type": "{{ api_hasura_jwt_alg|quote }}", + "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", + "claims_namespace_path": "$" + } + ' + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + no_proxy: "{{ no_proxy }}" + NO_PROXY: "{{ no_proxy }}" - name: show hasura env for debugging debug: - var: - hasura_env + var: hasura_env when: debug_level > '1' - name: start hasura container docker_container: - name: "{{ api_container_name }}" - image: hasura/graphql-engine:{{ api_hasura_version }} - state: started - network_mode: host - networks_cli_compatible: true - log_driver: syslog - log_options: - syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" - syslog-facility: daemon - tag: "{{ api_container_name }}" - recreate: true - exposed_ports: - - "{{ api_port }}:{{ api_port }}" - env: - "{{ hasura_env }}" - container_default_behavior: no_defaults - user: "1001:1001" # hasura user and group id + name: "{{ api_container_name }}" + image: hasura/graphql-engine:{{ api_hasura_version }} + state: started + network_mode: host + networks_cli_compatible: true + log_driver: syslog + log_options: + syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" + syslog-facility: daemon + tag: "{{ api_container_name }}" + recreate: true + exposed_ports: + - "{{ api_port }}:{{ api_port }}" + env: "{{ hasura_env }}" + container_default_behavior: no_defaults + user: "1001:1001" # hasura user and group id + pull: no register: docker_return become: true become_user: "{{ fworch_user }}" @@ -146,65 +145,64 @@ - name: show docker result debug: - var: - docker_return + var: docker_return when: debug_level > '1' - name: Get info on container docker_container_info: - name: "{{ api_container_name }}" + name: "{{ api_container_name }}" register: result become: true become_user: "{{ fworch_user }}" - name: Print the status of the container in case of problems only - fail: - msg: "The container status is: {{ result }}" + fail: + msg: "The container status is: {{ result }}" when: result.exists and result.container['State']['Status'] == 'exited' - name: copy hasura systemd service script template: - src: "{{ api_service_name }}.service.j2" - dest: "/lib/systemd/system/{{ api_service_name }}.service" - backup: true - mode: "0644" - owner: "root" + src: "{{ api_service_name }}.service.j2" + dest: "/lib/systemd/system/{{ api_service_name }}.service" + backup: true + mode: "0644" + owner: "root" become: true - name: make hasura docker container run at host startup systemd: - name: "{{ api_service_name }}" - daemon_reload: true - enabled: true + name: "{{ api_service_name }}" + daemon_reload: true + enabled: true become: true -- name: wait for hasura port to become available +- name: wait for hasura port to become available wait_for: - port: "{{ api_port }}" - host: "{{ api_local_listening_ip_address }}" - connect_timeout: 1 - delay: 10 - timeout: 25 + port: "{{ api_port }}" + host: "{{ api_local_listening_ip_address }}" + connect_timeout: 1 + delay: 10 + timeout: 25 - name: check for existing api dir from restore stat: - path: "{{ api_home }}/{{ product_name }}" + path: "{{ api_home }}/{{ product_name }}" register: api_metadata_check - name: import API metadata via metadata API directly from local file - uri: - url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" - method: POST - return_content: true - body_format: json - headers: - Content-Type: application/json - x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" - x-hasura-role: "admin" - body: "{{ lookup('file','replace_metadata.json') | from_json }}" + uri: + url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" + method: POST + return_content: true + body_format: json + headers: + Content-Type: application/json + x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" + x-hasura-role: "admin" + body: "{{ lookup('file','replace_metadata.json') | from_json }}" when: not api_rollback_is_running | bool # do not install latest metadata in case of rollback environment: - http_proxy: "" - https_proxy: "" - # do not use http proxy for metadata import + http_proxy: "" + https_proxy: "" + # do not use http proxy for metadata import From ed94978946f919e8833e8a586fa73567e3903604 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Mon, 10 Nov 2025 15:57:36 +0100 Subject: [PATCH 05/16] sonar: fix duplicate lines --- .../sql/idempotent/fworch-rule-recert.sql | 208 +++++------------- 1 file changed, 52 insertions(+), 156 deletions(-) diff --git a/roles/database/files/sql/idempotent/fworch-rule-recert.sql b/roles/database/files/sql/idempotent/fworch-rule-recert.sql index 00f1f0294..c6dc84d2f 100644 --- a/roles/database/files/sql/idempotent/fworch-rule-recert.sql +++ b/roles/database/files/sql/idempotent/fworch-rule-recert.sql @@ -8,166 +8,62 @@ - --- fundamental function to check owner <--> rule mapping using the existing view --- "view_rule_with_owner" -CREATE OR REPLACE FUNCTION recert_owner_responsible_for_rule (i_owner_id INTEGER, i_rule_id BIGINT) RETURNS BOOLEAN AS $$ +-- This function returns a table of future recert entries +-- but does not write them into the recertification table +CREATE OR REPLACE FUNCTION recert_get_one_owner_one_mgm( + i_owner_id INTEGER, + i_mgm_id INTEGER +) +RETURNS SETOF recertification AS +$$ DECLARE - i_id BIGINT; + b_super_owner BOOLEAN := FALSE; BEGIN - -- check if this is the super owner: - SELECT INTO i_id id FROM owner WHERE id=i_owner_id AND is_default; - IF FOUND THEN -- this is the super owner - SELECT INTO i_id rule_id FROM view_rule_with_owner WHERE owner_id IS NULL AND rule_id=i_rule_id; - IF FOUND THEN - RAISE DEBUG '%', 'rule found for super owner ' || i_rule_id; - RETURN TRUE; - ELSE - RETURN FALSE; - END IF; - ELSE -- standard owner - SELECT INTO i_id rule_id FROM view_rule_with_owner WHERE owner_id=i_owner_id AND rule_id=i_rule_id; - IF FOUND THEN - RETURN TRUE; - ELSE - RETURN FALSE; - END IF; - END IF; + -- Check if this is the super owner + SELECT TRUE INTO b_super_owner FROM owner WHERE id = i_owner_id AND is_default; + + RETURN QUERY + SELECT DISTINCT + NULL::bigint AS id, + M.rule_metadata_id, + R.rule_id, + V.matches::VARCHAR AS ip_match, + CASE WHEN b_super_owner THEN NULL ELSE i_owner_id END AS owner_id, + NULL::VARCHAR AS user_dn, + FALSE::BOOLEAN AS recertified, + NULL::TIMESTAMP AS recert_date, + NULL::VARCHAR AS comment, + MAX(( + SELECT MAX(value)::TIMESTAMP + FROM ( + SELECT I.start_time::timestamp + make_interval(days => O.recert_interval) AS value + UNION + SELECT C.recert_date + make_interval(days => O.recert_interval) AS value + ) AS tmp + )) AS next_recert_date, + NULL::bigint AS owner_recert_id + FROM + view_rule_with_owner V + LEFT JOIN rule R USING (rule_id) + LEFT JOIN rule_metadata M ON (R.rule_uid = M.rule_uid AND R.dev_id = M.dev_id) + LEFT JOIN owner O ON ( + CASE WHEN b_super_owner THEN O.is_default ELSE V.owner_id = O.id END + ) + LEFT JOIN import_control I ON (R.rule_create = I.control_id) + LEFT JOIN recertification C ON (M.rule_metadata_id = C.rule_metadata_id) + WHERE + ( + (b_super_owner AND V.owner_id IS NULL) + OR + (NOT b_super_owner AND V.owner_id = i_owner_id) + ) + AND R.mgm_id = i_mgm_id + AND R.active + AND (recert_date IS NULL OR (recert_date IS NOT NULL AND recertified)) + GROUP BY M.rule_metadata_id, R.rule_id, V.matches; END; -$$ LANGUAGE plpgsql; - --- this function deletes existing (future) open recert entries and inserts the new ones into the recertificaiton table --- the new recert date will only replace an existing one, if it is closer (smaller) -CREATE OR REPLACE FUNCTION recert_refresh_one_owner_one_mgm - (i_owner_id INTEGER, i_mgm_id INTEGER, t_requested_next_recert_date TIMESTAMP) RETURNS VOID AS $$ -DECLARE - r_rule RECORD; - i_recert_entry_id BIGINT; - b_super_owner BOOLEAN := FALSE; - t_rule_created TIMESTAMP; - t_current_next_recert_date TIMESTAMP; - t_next_recert_date_by_interval TIMESTAMP; - t_rule_last_recertified TIMESTAMP; - t_next_recert_date TIMESTAMP; - i_recert_inverval INTEGER; - b_never_recertified BOOLEAN := FALSE; - b_no_current_next_recert_date BOOLEAN := FALSE; - b_super_owner_exists BOOLEAN := FALSE; - i_previous_import BIGINT; - i_current_import_id BIGINT; - i_super_owner_id INT; - i_current_owner_id_tmp INT; -BEGIN - IF i_owner_id IS NULL OR i_mgm_id IS NULL THEN - IF i_owner_id IS NULL THEN - RAISE WARNING 'found undefined owner_id in recert_refresh_one_owner_one_mgm'; - ELSE -- mgm_id NULL - RAISE WARNING 'found undefined mgm_id in recert_refresh_one_owner_one_mgm'; - END IF; - ELSE - -- get id of previous import: - SELECT INTO i_current_import_id control_id FROM import_control WHERE mgm_id=i_mgm_id AND stop_time IS NULL; - SELECT INTO i_previous_import * FROM get_previous_import_id_for_mgmt(i_mgm_id,i_current_import_id); - IF NOT FOUND OR i_previous_import IS NULL THEN - i_previous_import := -1; -- prevent match for previous import - END IF; - - SELECT INTO i_super_owner_id id FROM owner WHERE is_default; - IF FOUND THEN - b_super_owner_exists := TRUE; - END IF; - - SELECT INTO i_current_owner_id_tmp id FROM owner WHERE id=i_owner_id AND is_default; - IF FOUND THEN - b_super_owner := TRUE; - END IF; - - SELECT INTO i_recert_inverval recert_interval FROM owner WHERE id=i_owner_id; - - FOR r_rule IN - SELECT rule_uid, rule_id FROM rule WHERE mgm_id=i_mgm_id AND (active OR NOT active AND rule_last_seen=i_previous_import) - LOOP - - IF recert_owner_responsible_for_rule (i_owner_id, r_rule.rule_id) THEN - - -- collects dates - SELECT INTO t_current_next_recert_date next_recert_date FROM recertification - WHERE owner_id=i_owner_id AND rule_id=r_rule.rule_id AND recert_date IS NULL; - - IF NOT FOUND THEN - b_no_current_next_recert_date := TRUE; - END IF; - - SELECT INTO t_rule_last_recertified MAX(recert_date) - FROM recertification - WHERE rule_id=r_rule.rule_id AND NOT recert_date IS NULL; - - IF NOT FOUND OR t_rule_last_recertified IS NULL THEN -- no prior recertification, use initial rule import date - b_never_recertified := TRUE; - SELECT INTO t_rule_created rule_metadata.rule_created - FROM rule - LEFT JOIN rule_metadata ON (rule.rule_uid=rule_metadata.rule_uid AND rule.dev_id=rule_metadata.dev_id) - WHERE rule_id=r_rule.rule_id; - END IF; - - IF t_requested_next_recert_date IS NULL THEN - -- if the currenct next recert date is before the intended fixed input date, ignore it - IF b_never_recertified THEN - t_next_recert_date := t_rule_created + make_interval (days => i_recert_inverval); - ELSE - t_next_recert_date := t_rule_last_recertified + make_interval (days => i_recert_inverval); - END IF; - ELSE - t_next_recert_date := t_requested_next_recert_date; - END IF; - - -- do not set next recert date later than actually calculated date - IF NOT b_no_current_next_recert_date THEN - IF t_next_recert_date>t_current_next_recert_date THEN - t_next_recert_date := t_current_next_recert_date; - END IF; - END IF; - - -- delete old recert entry: - DELETE FROM recertification WHERE owner_id=i_owner_id AND rule_id=r_rule.rule_id AND recert_date IS NULL; - - -- add new recert entry: - IF b_super_owner THEN -- special case for super owner (convert NULL to ID) - INSERT INTO recertification (rule_metadata_id, next_recert_date, rule_id, ip_match, owner_id) - SELECT rule_metadata_id, - t_next_recert_date AS next_recert_date, - rule_id, - matches as ip_match, - i_owner_id AS owner_id - FROM view_rule_with_owner - LEFT JOIN rule USING (rule_id) - LEFT JOIN rule_metadata ON (rule.rule_uid=rule_metadata.rule_uid AND rule.dev_id=rule_metadata.dev_id) - WHERE view_rule_with_owner.rule_id=r_rule.rule_id AND view_rule_with_owner.owner_id IS NULL; - ELSE - INSERT INTO recertification (rule_metadata_id, next_recert_date, rule_id, ip_match, owner_id) - SELECT rule_metadata_id, - t_next_recert_date AS next_recert_date, - rule_id, - matches as ip_match, - i_owner_id AS owner_id - FROM view_rule_with_owner - LEFT JOIN rule USING (rule_id) - LEFT JOIN rule_metadata ON (rule.rule_uid=rule_metadata.rule_uid AND rule.dev_id=rule_metadata.dev_id) - WHERE view_rule_with_owner.rule_id=r_rule.rule_id AND view_rule_with_owner.owner_id=i_owner_id; - END IF; - ELSE - -- delete old outdated recert entry if owner is not responsible any more - DELETE FROM recertification WHERE owner_id=i_owner_id AND rule_id=r_rule.rule_id AND recert_date IS NULL; - END IF; - END LOOP; +$$ LANGUAGE plpgsql STABLE; - -- -- finally, when not super user - recalculate super user recert entries - since these might change with each owner change - -- IF NOT b_super_owner AND b_super_owner_exists THEN - -- PERFORM recert_refresh_one_owner_one_mgm (i_super_owner_id, i_mgm_id, t_requested_next_recert_date); - -- END IF; - END IF; -END; -$$ LANGUAGE plpgsql; -- function used during import of a single management config From 26764a0bbddf578aea61ff0a2c3aaee6cf9dc6f5 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Mon, 10 Nov 2025 17:06:52 +0100 Subject: [PATCH 06/16] fix query names --- .../recertification/getOpenRecerts.graphql | 17 ----------------- .../getOpenRecertsForOwners.graphql | 17 +++++++++++++++++ .../FWO.Api.Client/Queries/RecertQueries.cs | 4 ++-- roles/lib/files/FWO.Recert/RecertRefresh.cs | 8 ++++---- 4 files changed, 23 insertions(+), 23 deletions(-) delete mode 100644 roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecerts.graphql create mode 100644 roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecertsForOwners.graphql diff --git a/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecerts.graphql b/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecerts.graphql deleted file mode 100644 index 0c96596aa..000000000 --- a/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecerts.graphql +++ /dev/null @@ -1,17 +0,0 @@ -query getFutureRecertsForOwners($ownerId: Int!, $mgmId: Int!) { - recert_get_one_owner_one_mgm( - where: { recert_date: { _is_null: true } } - args: { i_mgm_id: $mgmId, i_owner_id: $ownerId } - ) { - id - rule_metadata_id - rule_id - ip_match - owner_id - user_dn - recertified - next_recert_date - recert_date - comment - } -} diff --git a/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecertsForOwners.graphql b/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecertsForOwners.graphql new file mode 100644 index 000000000..47357e44a --- /dev/null +++ b/roles/lib/files/FWO.Api.Client/APIcalls/recertification/getOpenRecertsForOwners.graphql @@ -0,0 +1,17 @@ +query getOpenRecertsForOwners($ownerId: Int!, $mgmId: Int!) { + recert_get_one_owner_one_mgm( + where: { recert_date: { _is_null: true } } + args: { i_mgm_id: $mgmId, i_owner_id: $ownerId } + ) { + id + rule_metadata_id + rule_id + ip_match + owner_id + user_dn + recertified + next_recert_date + recert_date + comment + } +} diff --git a/roles/lib/files/FWO.Api.Client/Queries/RecertQueries.cs b/roles/lib/files/FWO.Api.Client/Queries/RecertQueries.cs index 6788df836..87b85ebc6 100644 --- a/roles/lib/files/FWO.Api.Client/Queries/RecertQueries.cs +++ b/roles/lib/files/FWO.Api.Client/Queries/RecertQueries.cs @@ -12,7 +12,7 @@ public class RecertQueries : Queries public static readonly string recertifyOwner; public static readonly string recertifyRuleDirectly; public static readonly string getOpenRecertsForRule; - public static readonly string getOpenRecerts; + public static readonly string getOpenRecertsForOwners; public static readonly string clearOpenRecerts; public static readonly string addRecertEntries; public static readonly string refreshViewRuleWithOwner; @@ -36,7 +36,7 @@ static RecertQueries() recertifyOwner = File.ReadAllText(QueryPath + "recertification/recertifyOwner.graphql"); recertifyRuleDirectly = File.ReadAllText(QueryPath + "recertification/recertifyRuleDirectly.graphql"); getOpenRecertsForRule = File.ReadAllText(QueryPath + "recertification/getOpenRecertsForRule.graphql"); - getOpenRecerts = File.ReadAllText(QueryPath + "recertification/getOpenRecerts.graphql"); + getOpenRecertsForOwners = File.ReadAllText(QueryPath + "recertification/getOpenRecertsForOwners.graphql"); clearOpenRecerts = File.ReadAllText(QueryPath + "recertification/clearOpenRecerts.graphql"); addRecertEntries = File.ReadAllText(QueryPath + "recertification/addRecertEntries.graphql"); refreshViewRuleWithOwner = File.ReadAllText(QueryPath + "recertification/refreshViewRuleWithOwner.graphql"); diff --git a/roles/lib/files/FWO.Recert/RecertRefresh.cs b/roles/lib/files/FWO.Recert/RecertRefresh.cs index 969a3d3dd..795836d32 100644 --- a/roles/lib/files/FWO.Recert/RecertRefresh.cs +++ b/roles/lib/files/FWO.Recert/RecertRefresh.cs @@ -10,7 +10,7 @@ public static class RecertRefresh { public static async Task RecalcRecerts(ApiConnection apiConnection) { - Stopwatch watch = new (); + Stopwatch watch = new(); try { @@ -42,13 +42,13 @@ public static async Task RecalcRecerts(ApiConnection apiConnection) private static async Task RecalcRecertsOfOwner(FwoOwner owner, List managements, ApiConnection apiConnection) { - Stopwatch watch = new (); + Stopwatch watch = new(); watch.Start(); - + foreach (Management mgm in managements) { List currentRecerts = - await apiConnection.SendQueryAsync>(RecertQueries.getOpenRecerts, new { ownerId = owner.Id, mgmId = mgm.Id }); + await apiConnection.SendQueryAsync>(RecertQueries.getOpenRecertsForOwners, new { ownerId = owner.Id, mgmId = mgm.Id }); if (currentRecerts.Count > 0) { From 269b59c6366b1121aaa7c950ba559c96bcfbcb3b Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 12 Nov 2025 11:53:23 +0100 Subject: [PATCH 07/16] adding dns client lookup to test fix --- roles/lib/files/FWO.Basics/FWO.Basics.csproj | 1 + roles/lib/files/FWO.Basics/IpOperations.cs | 79 ++++++++++++++----- .../lib/files/FWO.Services/AppServerHelper.cs | 62 +++++++-------- 3 files changed, 91 insertions(+), 51 deletions(-) diff --git a/roles/lib/files/FWO.Basics/FWO.Basics.csproj b/roles/lib/files/FWO.Basics/FWO.Basics.csproj index 09961d5a3..71dc1bb33 100644 --- a/roles/lib/files/FWO.Basics/FWO.Basics.csproj +++ b/roles/lib/files/FWO.Basics/FWO.Basics.csproj @@ -7,6 +7,7 @@ + diff --git a/roles/lib/files/FWO.Basics/IpOperations.cs b/roles/lib/files/FWO.Basics/IpOperations.cs index 97747301b..ff6aa505a 100644 --- a/roles/lib/files/FWO.Basics/IpOperations.cs +++ b/roles/lib/files/FWO.Basics/IpOperations.cs @@ -2,18 +2,56 @@ using System.Net; using NetTools; using System; +using DnsClient; namespace FWO.Basics { public static class IpOperations { + + // reuse the client to avoid socket churn; disable client-side cache + private static readonly LookupClient ReverseLookupClient = new(new LookupClientOptions + { + UseCache = false, + ContinueOnDnsError = true, + ThrowDnsErrors = false + }); + + public static async Task> DnsReverseLookUpAllAsync( + IPAddress address, + CancellationToken cancellationToken = default) + { + // QueryReverseAsync issues a PTR query and returns all answers from the DNS server + IDnsQueryResponse response = await ReverseLookupClient.QueryReverseAsync(address, cancellationToken) + .ConfigureAwait(false); + + if (response.HasError || response.Answers.Count == 0) + { + return Array.Empty(); + } + + return response.Answers + .PtrRecords() + .Select(ptr => ptr.PtrDomainName.Value.TrimEnd('.')) // drop trailing dot + .Distinct(StringComparer.OrdinalIgnoreCase) + .ToArray(); + } + + public static async Task DnsReverseLookUpPreferredAsync(IPAddress address) + { + IReadOnlyList names = await DnsReverseLookUpAllAsync(address); + return names.FirstOrDefault(name => !name.StartsWith("lx", StringComparison.OrdinalIgnoreCase)) + ?? names.FirstOrDefault() + ?? string.Empty; + } + public static async Task DnsReverseLookUp(IPAddress address) { try { return (await Dns.GetHostEntryAsync(address)).HostName; } - catch(Exception) + catch (Exception) { return ""; } @@ -51,25 +89,25 @@ public static bool TryParseIPStringToRange(this string ipString, out (string Sta bool ipStartOK = IPAddress.TryParse(ipStart, out IPAddress? ipAdressStart); bool ipEndOK = IPAddress.TryParse(ipEnd, out IPAddress? ipAdressEnd); - if(ipAdressStart is null || ipAdressEnd is null) + if (ipAdressStart is null || ipAdressEnd is null) { return false; } - if(strictv4Parse && ipAdressStart?.AddressFamily == AddressFamily.InterNetwork && ipAdressEnd?.AddressFamily == AddressFamily.InterNetwork) + if (strictv4Parse && ipAdressStart?.AddressFamily == AddressFamily.InterNetwork && ipAdressEnd?.AddressFamily == AddressFamily.InterNetwork) { - if(!IsValidIPv4(ipStart) || !IsValidIPv4(ipEnd)) + if (!IsValidIPv4(ipStart) || !IsValidIPv4(ipEnd)) { return false; } } - if(!ipStartOK || !ipEndOK) + if (!ipStartOK || !ipEndOK) { return false; } - if(!IPAddress.TryParse(ipStart, out _) || !IPAddress.TryParse(ipEnd, out _)) + if (!IPAddress.TryParse(ipStart, out _) || !IPAddress.TryParse(ipEnd, out _)) { return false; } @@ -79,16 +117,16 @@ public static bool TryParseIPStringToRange(this string ipString, out (string Sta return true; } - catch(Exception) + catch (Exception) { return false; } } - public static bool TryParseIPString(this string ipString, out T? ipResult, bool strictv4Parse = false) + public static bool TryParseIPString(this string ipString, out T? ipResult, bool strictv4Parse = false) { ipResult = default; - + try { (string ipStart, string ipEnd) = SplitIpToRange(ipString); @@ -96,34 +134,35 @@ public static bool TryParseIPString(this string ipString, out T? ipResult, bo bool ipStartOK = IPAddress.TryParse(ipStart, out IPAddress? ipAdressStart); bool ipEndOK = IPAddress.TryParse(ipEnd, out IPAddress? ipAdressEnd); - if(ipAdressStart is null || ipAdressEnd is null) + if (ipAdressStart is null || ipAdressEnd is null) { return false; } - if(strictv4Parse && ipAdressStart?.AddressFamily == AddressFamily.InterNetwork && ipAdressEnd?.AddressFamily == AddressFamily.InterNetwork) + if (strictv4Parse && ipAdressStart?.AddressFamily == AddressFamily.InterNetwork && ipAdressEnd?.AddressFamily == AddressFamily.InterNetwork) { - if(!IsValidIPv4(ipStart) || !IsValidIPv4(ipEnd)) + if (!IsValidIPv4(ipStart) || !IsValidIPv4(ipEnd)) { return false; } } - if(!ipStartOK || !ipEndOK) + if (!ipStartOK || !ipEndOK) { return false; } - if(typeof(T) == typeof((string, string))) + if (typeof(T) == typeof((string, string))) { ipResult = (T)Convert.ChangeType((ipAdressStart!.ToString(), ipAdressEnd!.ToString()), typeof(T)); return true; } - else if(typeof(T) == typeof(IPAddressRange) && IPAddressRange.TryParse(ipString, out IPAddressRange ipRange)) + else if (typeof(T) == typeof(IPAddressRange) && IPAddressRange.TryParse(ipString, out IPAddressRange ipRange)) { ipResult = (T)Convert.ChangeType(ipRange, typeof(T)); return true; - }else if(typeof(T) == typeof((IPAddress, IPAddress))) + } + else if (typeof(T) == typeof((IPAddress, IPAddress))) { Tuple? ipTuple = new(ipAdressStart!, ipAdressEnd!); ipResult = (T)Convert.ChangeType(ipTuple, typeof(T)); @@ -132,7 +171,7 @@ public static bool TryParseIPString(this string ipString, out T? ipResult, bo return false; } - catch(Exception) + catch (Exception) { return false; } @@ -142,7 +181,7 @@ private static bool IsValidIPv4(string ipAddress) { byte[] addBytes = [.. ipAddress.Split('.').Where(_ => byte.Parse(_) <= 255 && byte.Parse(_) >= 0).Select(byte.Parse)]; - return addBytes.Length == 4; + return addBytes.Length == 4; } public static string GetObjectType(string ip1, string ip2) @@ -333,11 +372,11 @@ public static int CompareIpValues(IPAddress ip1, IPAddress ip2) /// public static int CompareIpFamilies(IPAddress ip1, IPAddress ip2) { - if (ip1.AddressFamily == AddressFamily.InterNetwork && ip2.AddressFamily == AddressFamily.InterNetworkV6 ) + if (ip1.AddressFamily == AddressFamily.InterNetwork && ip2.AddressFamily == AddressFamily.InterNetworkV6) { return -1; } - if (ip1.AddressFamily == AddressFamily.InterNetworkV6 && ip2.AddressFamily == AddressFamily.InterNetwork ) + if (ip1.AddressFamily == AddressFamily.InterNetworkV6 && ip2.AddressFamily == AddressFamily.InterNetwork) { return 1; } diff --git a/roles/lib/files/FWO.Services/AppServerHelper.cs b/roles/lib/files/FWO.Services/AppServerHelper.cs index 36a5cfb32..8b9de7c2e 100644 --- a/roles/lib/files/FWO.Services/AppServerHelper.cs +++ b/roles/lib/files/FWO.Services/AppServerHelper.cs @@ -13,14 +13,14 @@ namespace FWO.Services public static class AppServerHelper { public static async Task ConstructAppServerNameFromDns(ModellingAppServer appServer, ModellingNamingConvention namingConvention, - bool overwriteExistingNames=false, bool logUnresolvable=false) + bool overwriteExistingNames = false, bool logUnresolvable = false) { if ((string.IsNullOrEmpty(appServer.IpEnd) || appServer.IpEnd == appServer.Ip) && IPAddress.TryParse(appServer.Ip.StripOffNetmask(), out IPAddress? ip)) { - string dnsName = await IpOperations.DnsReverseLookUp(ip); - if(string.IsNullOrEmpty(dnsName)) + string dnsName = await IpOperations.DnsReverseLookUpPreferredAsync(ip); + if (string.IsNullOrEmpty(dnsName)) { - if(logUnresolvable) + if (logUnresolvable) { Log.WriteWarning("Import App Server Data", $"Found empty (unresolvable) IP {appServer.Ip}"); } @@ -38,13 +38,13 @@ public static async Task ConstructAppServerNameFromDns(ModellingAppServe return appServer.Name; } - public static string ConstructSanitizedAppServerName(ModellingAppServer appServer, ModellingNamingConvention namingConvention, bool overwriteExistingNames=false) + public static string ConstructSanitizedAppServerName(ModellingAppServer appServer, ModellingNamingConvention namingConvention, bool overwriteExistingNames = false) { bool shortened = false; return ConstructAppServerName(appServer, namingConvention, overwriteExistingNames).SanitizeJsonFieldMand(ref shortened); } - public static string ConstructAppServerName(ModellingAppServer appServer, ModellingNamingConvention namingConvention, bool overwriteExistingNames=false) + public static string ConstructAppServerName(ModellingAppServer appServer, ModellingNamingConvention namingConvention, bool overwriteExistingNames = false) { if (string.IsNullOrEmpty(appServer.Name) || overwriteExistingNames) { @@ -60,10 +60,10 @@ public static async Task AdjustAppServerNames(ApiConnection apiConnection, UserC List AppServers = await apiConnection.SendQueryAsync>(ModellingQueries.getAllAppServers); int correctedCounter = 0; int failCounter = 0; - foreach(var appServer in AppServers) + foreach (var appServer in AppServers) { string oldName = appServer.Name; - if((await ConstructAppServerNameFromDns(appServer, namingConvention, userConfig.OverwriteExistingNames)) != oldName) + if ((await ConstructAppServerNameFromDns(appServer, namingConvention, userConfig.OverwriteExistingNames)) != oldName) { appServer.ImportSource = GlobalConst.kAdjustAppServerNames; if (await UpdateName(apiConnection, userConfig, appServer, oldName)) @@ -86,7 +86,7 @@ public static async Task NoHigherPrioActive(ApiConnection apiConnection, M List ExistingAppServersSameIp = await GetExistingSameIp(apiConnection, incomingAppServer); return ExistingAppServersSameIp.FirstOrDefault(x => Prio(x.ImportSource) > Prio(incomingAppServer.ImportSource) && !x.IsDeleted) == null; } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Check App Server Prio", $" Check of {incomingAppServer.Name} from {incomingAppServer.ImportSource} to exception:", exception); } @@ -98,7 +98,7 @@ public static async Task ReactivateOtherSource(ApiConnection apiConnection, User try { List ExistingOtherAppServersSameIp = [.. (await GetExistingSameIp(apiConnection, deletedAppServer)).Where(x => x.Id != deletedAppServer.Id)]; - if(ExistingOtherAppServersSameIp != null && ExistingOtherAppServersSameIp.Count > 0) + if (ExistingOtherAppServersSameIp != null && ExistingOtherAppServersSameIp.Count > 0) { int maxPrio = ExistingOtherAppServersSameIp.Max(x => Prio(x.ImportSource)); List ExistingOtherAppServersMaxPrio = [.. ExistingOtherAppServersSameIp.Where(x => Prio(x.ImportSource) == maxPrio)]; @@ -112,13 +112,13 @@ public static async Task ReactivateOtherSource(ApiConnection apiConnection, User await apiConnection.SendQueryAsync(ModellingQueries.setAppServerDeletedState, Variables); await ModellingHandlerBase.LogChange(ModellingTypes.ChangeType.Reactivate, ModellingTypes.ModObjectType.AppServer, reactivatedAppServer.Id, $"Reactivated App Server: {reactivatedAppServer.Display()}", apiConnection, userConfig, reactivatedAppServer.AppId, DefaultInit.DoNothing, null, reactivatedAppServer.ImportSource); - if(userConfig.AutoReplaceAppServer) + if (userConfig.AutoReplaceAppServer) { await ReplaceAppServer(apiConnection, deletedAppServer.Id, reactivatedId); } } } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Reactivate App Server", $"Reactivation of other than {deletedAppServer.Name} from {deletedAppServer.ImportSource} leads to exception:", exception); } @@ -129,25 +129,25 @@ public static async Task DeactivateOtherSources(ApiConnection apiConnection, Use try { List ExistingActiveAppServersSameIp = [.. (await GetExistingSameIp(apiConnection, incomingAppServer)).Where(x => x.Id != incomingAppServer.Id && !x.IsDeleted)]; - if(ExistingActiveAppServersSameIp != null && ExistingActiveAppServersSameIp.Count > 0) + if (ExistingActiveAppServersSameIp != null && ExistingActiveAppServersSameIp.Count > 0) { - foreach(var activeAppServer in ExistingActiveAppServersSameIp) + foreach (var activeAppServer in ExistingActiveAppServersSameIp) { await DeactivateAppServer(apiConnection, userConfig, activeAppServer, incomingAppServer); } } } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Deactivate App Servers", $"Deactivation of {incomingAppServer.Name} from {incomingAppServer.ImportSource} leads to exception:", exception); } } - public static async Task<(long?, string?)> UpsertAppServer(ApiConnection apiConnection, UserConfig userConfig, ModellingAppServer incomingAppServer, bool nameCheck, bool manual=false, bool addMode=false) + public static async Task<(long?, string?)> UpsertAppServer(ApiConnection apiConnection, UserConfig userConfig, ModellingAppServer incomingAppServer, bool nameCheck, bool manual = false, bool addMode = false) { try { - if(nameCheck && await CheckNameExisting(apiConnection, incomingAppServer)) + if (nameCheck && await CheckNameExisting(apiConnection, incomingAppServer)) { return (null, incomingAppServer.Name); } @@ -155,7 +155,7 @@ public static async Task DeactivateOtherSources(ApiConnection apiConnection, Use List ExistingAppServersSameIp = await GetExistingSameIp(apiConnection, incomingAppServer); long? AppServerId = null; - if(ExistingAppServersSameIp == null || ExistingAppServersSameIp.Count == 0) + if (ExistingAppServersSameIp == null || ExistingAppServersSameIp.Count == 0) { AppServerId = manual && !addMode ? await UpdateAppServerInDb(apiConnection, userConfig, incomingAppServer) : await AddAppServerToDb(apiConnection, userConfig, incomingAppServer); @@ -171,7 +171,7 @@ public static async Task DeactivateOtherSources(ApiConnection apiConnection, Use if (manual) { ModellingAppServer? otherAppServerSameIp = ExistingAppServersSameIp.FirstOrDefault(x => x.Id != incomingAppServer.Id && !x.IsDeleted); - if(otherAppServerSameIp != null) + if (otherAppServerSameIp != null) { return (null, otherAppServerSameIp.Name); } @@ -179,7 +179,7 @@ public static async Task DeactivateOtherSources(ApiConnection apiConnection, Use return await OverwriteAppServer(apiConnection, userConfig, incomingAppServer, ExistingAppServersSameIp); } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Upsert App Server", $"Upsert of {incomingAppServer.Name} leads to exception:", exception); return (null, null); @@ -198,7 +198,7 @@ private static async Task> GetExistingSameIp(ApiConnect }; return await apiConnection.SendQueryAsync>(ModellingQueries.getAppServersByIp, Variables); } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Get Existing App Server", $"leads to exception:", exception); return []; @@ -222,9 +222,9 @@ private static async Task> GetExistingSameIp(ApiConnect AppServerId = await AddAppServerToDb(apiConnection, userConfig, incomingAppServer); } - foreach(var existAppServerOtherSource in existingAppServersSameIp.Where(x => x.ImportSource != incomingAppServer.ImportSource)) + foreach (var existAppServerOtherSource in existingAppServersSameIp.Where(x => x.ImportSource != incomingAppServer.ImportSource)) { - if(!existAppServerOtherSource.IsDeleted) + if (!existAppServerOtherSource.IsDeleted) { await DeactivateAppServer(apiConnection, userConfig, existAppServerOtherSource, incomingAppServer); } @@ -239,12 +239,12 @@ private static async Task DeactivateAppServer(ApiConnection apiConnection, UserC await apiConnection.SendQueryAsync(ModellingQueries.setAppServerDeletedState, new { id = appServerToDeactivate.Id, deleted = true }); await ModellingHandlerBase.LogChange(ModellingTypes.ChangeType.MarkDeleted, ModellingTypes.ModObjectType.AppServer, appServerToDeactivate.Id, $"Deactivated App Server: {appServerToDeactivate.Display()}", apiConnection, userConfig, appServerToDeactivate.AppId, DefaultInit.DoNothing, null, appServerToDeactivate.ImportSource); - if(userConfig.AutoReplaceAppServer) + if (userConfig.AutoReplaceAppServer) { await ReplaceAppServer(apiConnection, appServerToDeactivate.Id, newAppServer.Id); } } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Deactivate App Server", $"leads to exception:", exception); } @@ -257,7 +257,7 @@ private static async Task ReplaceAppServer(ApiConnection apiConnection, long old await apiConnection.SendQueryAsync(ModellingQueries.updateNwObjectInNwGroup, new { oldObjectId = oldAppServerId, newObjectId = newAppServerId }); await apiConnection.SendQueryAsync(ModellingQueries.updateNwObjectInConnection, new { oldObjectId = oldAppServerId, newObjectId = newAppServerId }); } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Replace App Server", $"Replacing {oldAppServerId} by {newAppServerId} leads to exception:", exception); } @@ -275,12 +275,12 @@ private static async Task CheckNameExisting(ApiConnection apiConnection, M List ExistingAppServersSameIp = await apiConnection.SendQueryAsync>(ModellingQueries.getAppServersByName, Variables); return ExistingAppServersSameIp != null && ExistingAppServersSameIp.Count > 0 && ExistingAppServersSameIp.FirstOrDefault(x => x.Id == incomingAppServer.Id && !x.IsDeleted) == null; } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Upsert App Server", $"leads to exception:", exception); return false; } - } + } private static string GetPrefix(ModellingAppServer appServer, ModellingNamingConvention namingConvention) { @@ -292,7 +292,7 @@ private static string GetPrefix(ModellingAppServer appServer, ModellingNamingCon _ => "" }; } - + private static async Task UpdateName(ApiConnection apiConnection, UserConfig userConfig, ModellingAppServer appServer, string oldName) { try @@ -308,7 +308,7 @@ await ModellingHandlerBase.LogChange(ModellingTypes.ChangeType.Update, Modelling Log.WriteDebug($"Correct App Server Name", $"Changed {oldName} to {appServer.Name}."); return true; } - catch(Exception exception) + catch (Exception exception) { Log.WriteError("Correct AppServer Name", $"Leads to exception:", exception); return false; @@ -334,7 +334,7 @@ private static int Prio(string importSource) customType = appServer.CustomType }; ReturnId[]? returnIds = (await apiConnection.SendQueryAsync(ModellingQueries.newAppServer, Variables)).ReturnIds; - if(returnIds != null && returnIds.Length > 0) + if (returnIds != null && returnIds.Length > 0) { appServer.Id = returnIds[0].NewIdLong; await ModellingHandlerBase.LogChange(ModellingTypes.ChangeType.Insert, ModellingTypes.ModObjectType.AppServer, appServer.Id, From 27bf26b04a04723cbac8c43f3257248ee49534a1 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 12 Nov 2025 13:13:29 +0100 Subject: [PATCH 08/16] fix play --- roles/api/tasks/hasura-install.yml | 214 ++++++++++++++--------------- 1 file changed, 105 insertions(+), 109 deletions(-) diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index b32a975a6..8c67975a8 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -2,84 +2,84 @@ - name: Install packages for python pip3 n virtualenv package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - python3-pip - - python3-virtualenv - - python3-docker + - python3-pip + - python3-virtualenv + - python3-docker become: true - name: read dbadmin pwd from secrets file slurp: - src: "{{ dbadmin_password_file }}" + src: "{{ dbadmin_password_file }}" register: api_user_password become: true - name: decode dbadmin pwd set_fact: - api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" + api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" - name: read jwt public key from file as JWT secret slurp: - src: "{{ jwt_public_key_file }}" + src: "{{ jwt_public_key_file }}" register: api_hasura_jwt_secret_dict become: true - name: decode key set_fact: - api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" + api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" - name: make sure {{ fworch_secrets_dir }} exists file: - path: "{{ fworch_secrets_dir }}" - state: directory - mode: "0750" - owner: "{{ fworch_user }}" - group: "{{ postgres_group }}" + path: "{{ fworch_secrets_dir }}" + state: directory + mode: "0750" + owner: "{{ fworch_user }}" + group: "{{ postgres_group }}" become: true - name: set static hasura admin pwd for test purposes only set_fact: - api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" + api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" when: testkeys is defined and testkeys|bool - name: set random hasura admin password set_fact: - api_hasura_admin_secret: "{{ randomly_generated_pwd }}" + api_hasura_admin_secret: "{{ randomly_generated_pwd }}" when: testkeys is not defined or not testkeys|bool - name: write hasura admin password to secrets directory copy: - content: "{{ api_hasura_admin_secret }}\n" - dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" - mode: '0600' - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + content: "{{ api_hasura_admin_secret }}\n" + dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" + mode: "0600" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" become: true - name: check for existing hasura cli file stat: - path: "{{ api_hasura_cli_bin }}" + path: "{{ api_hasura_cli_bin }}" register: api_cli_check # only download new version of api cli, when not restoring from backup: - name: download {{ api_hasura_version }} hasura cli binary get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" - dest: "{{ api_hasura_cli_bin }}" - force: true - mode: "0755" - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" + dest: "{{ api_hasura_cli_bin }}" + force: true + mode: "0755" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" environment: "{{ proxy_env }}" become: true - when: not api_cli_check.stat.exists + when: not api_cli_check.stat.exists - name: initialize hasura cli directory command: "{{ api_hasura_cli_bin }} init {{ product_name }} --skip-update-check --endpoint http://{{ api_local_listening_ip_address }}:{{ api_port }} --admin-secret {{ api_hasura_admin_secret }}" - args: - chdir: "{{ api_home }}" + args: + chdir: "{{ api_home }}" become: true become_user: "{{ fworch_user }}" environment: "{{ proxy_env }}" @@ -87,58 +87,55 @@ - name: set hasura env variable set_fact: - hasura_env: - HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" - HASURA_GRAPHQL_ENABLE_CONSOLE: "true" - HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" - HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" - HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" - HASURA_GRAPHQL_SERVER_PORT: "8080" - HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" - HASURA_GRAPHQL_ENABLED_LOG_TYPES: '{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}' - HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" - HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" - HASURA_GRAPHQL_CORS_DOMAIN: "*" - HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" - HASURA_GRAPHQL_JWT_SECRET: ' - { - "type": "{{ api_hasura_jwt_alg|quote }}", - "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", - "claims_namespace_path": "$" - } - ' - HTTP_PROXY: "{{ http_proxy }}" - HTTPS_PROXY: "{{ https_proxy }}" - http_proxy: "{{ http_proxy }}" - https_proxy: "{{ https_proxy }}" - no_proxy: "{{ no_proxy }}" - NO_PROXY: "{{ no_proxy }}" + hasura_env: + HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" + HASURA_GRAPHQL_ENABLE_CONSOLE: "true" + HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" + HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" + HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" + HASURA_GRAPHQL_SERVER_PORT: "8080" + HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" + HASURA_GRAPHQL_ENABLED_LOG_TYPES: "{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}" + HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" + HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" + HASURA_GRAPHQL_CORS_DOMAIN: "*" + HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" + HASURA_GRAPHQL_JWT_SECRET: ' + { + "type": "{{ api_hasura_jwt_alg|quote }}", + "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", + "claims_namespace_path": "$" + } + ' + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + no_proxy: "{{ no_proxy }}" + NO_PROXY: "{{ no_proxy }}" - name: show hasura env for debugging debug: - var: - hasura_env + var: hasura_env when: debug_level > '1' - name: start hasura container docker_container: - name: "{{ api_container_name }}" - image: hasura/graphql-engine:{{ api_hasura_version }} - state: started - network_mode: host - networks_cli_compatible: true - log_driver: syslog - log_options: - syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" - syslog-facility: daemon - tag: "{{ api_container_name }}" - recreate: true - exposed_ports: - - "{{ api_port }}:{{ api_port }}" - env: - "{{ hasura_env }}" - container_default_behavior: no_defaults - user: "1001:1001" # hasura user and group id + name: "{{ api_container_name }}" + image: hasura/graphql-engine:{{ api_hasura_version }} + state: started + network_mode: host + networks_cli_compatible: true + log_driver: syslog + log_options: + syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" + syslog-facility: daemon + tag: "{{ api_container_name }}" + recreate: true + env: "{{ hasura_env }}" + container_default_behavior: no_defaults + user: "1001:1001" # hasura user and group id + pull: no register: docker_return become: true become_user: "{{ fworch_user }}" @@ -146,65 +143,64 @@ - name: show docker result debug: - var: - docker_return + var: docker_return when: debug_level > '1' - name: Get info on container docker_container_info: - name: "{{ api_container_name }}" + name: "{{ api_container_name }}" register: result become: true become_user: "{{ fworch_user }}" - name: Print the status of the container in case of problems only - fail: - msg: "The container status is: {{ result }}" + fail: + msg: "The container status is: {{ result }}" when: result.exists and result.container['State']['Status'] == 'exited' - name: copy hasura systemd service script template: - src: "{{ api_service_name }}.service.j2" - dest: "/lib/systemd/system/{{ api_service_name }}.service" - backup: true - mode: "0644" - owner: "root" + src: "{{ api_service_name }}.service.j2" + dest: "/lib/systemd/system/{{ api_service_name }}.service" + backup: true + mode: "0644" + owner: "root" become: true - name: make hasura docker container run at host startup systemd: - name: "{{ api_service_name }}" - daemon_reload: true - enabled: true + name: "{{ api_service_name }}" + daemon_reload: true + enabled: true become: true -- name: wait for hasura port to become available +- name: wait for hasura port to become available wait_for: - port: "{{ api_port }}" - host: "{{ api_local_listening_ip_address }}" - connect_timeout: 1 - delay: 10 - timeout: 25 + port: "{{ api_port }}" + host: "{{ api_local_listening_ip_address }}" + connect_timeout: 1 + delay: 10 + timeout: 25 - name: check for existing api dir from restore stat: - path: "{{ api_home }}/{{ product_name }}" + path: "{{ api_home }}/{{ product_name }}" register: api_metadata_check - name: import API metadata via metadata API directly from local file - uri: - url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" - method: POST - return_content: true - body_format: json - headers: - Content-Type: application/json - x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" - x-hasura-role: "admin" - body: "{{ lookup('file','replace_metadata.json') | from_json }}" + uri: + url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" + method: POST + return_content: true + body_format: json + headers: + Content-Type: application/json + x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" + x-hasura-role: "admin" + body: "{{ lookup('file','replace_metadata.json') | from_json }}" when: not api_rollback_is_running | bool # do not install latest metadata in case of rollback environment: - http_proxy: "" - https_proxy: "" - # do not use http proxy for metadata import + http_proxy: "" + https_proxy: "" + # do not use http proxy for metadata import From 0b3a993f35250f2b233a4937f13136d2a7d09bb4 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 12 Nov 2025 14:41:56 +0100 Subject: [PATCH 09/16] variable arch --- roles/api/tasks/hasura-install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index 8c67975a8..91275d47d 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -66,7 +66,7 @@ # only download new version of api cli, when not restoring from backup: - name: download {{ api_hasura_version }} hasura cli binary get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" + url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-{{ linux-architecture}}" dest: "{{ api_hasura_cli_bin }}" force: true mode: "0755" From ea42161fa2a23b396111de1404189c6c01ac1cc2 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 12 Nov 2025 14:42:30 +0100 Subject: [PATCH 10/16] typo --- roles/api/tasks/hasura-install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index 91275d47d..cd2301ede 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -66,7 +66,7 @@ # only download new version of api cli, when not restoring from backup: - name: download {{ api_hasura_version }} hasura cli binary get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-{{ linux-architecture}}" + url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-{{ linux-architecture }}" dest: "{{ api_hasura_cli_bin }}" force: true mode: "0755" From 560a97a2af26a5e19342783a2de27f7198b83a3a Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Wed, 12 Nov 2025 17:52:46 +0100 Subject: [PATCH 11/16] add missing arch variable to inventory --- inventory/group_vars/all.yml | 1 + roles/api/tasks/hasura-install.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index dc086539e..41f19fad1 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -59,6 +59,7 @@ debian_testing_version: "12" # should actually be 13 but microsoft does not yet provide https://packages.microsoft.com/config/debian/13 debian_testing_release_name: trixie arch: x86_64 +linux_architecture: amd64 redhat_major_version: "8" redhat_arch: "{{ redhat_major_version }}-{{ arch }}" diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index cd2301ede..5bbf2f725 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -66,7 +66,7 @@ # only download new version of api cli, when not restoring from backup: - name: download {{ api_hasura_version }} hasura cli binary get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-{{ linux-architecture }}" + url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-{{ linux_architecture }}" dest: "{{ api_hasura_cli_bin }}" force: true mode: "0755" From c6d5bd3dbd67759ecd9a00251b0a1131acb100b7 Mon Sep 17 00:00:00 2001 From: Lennart Schmidt Date: Thu, 13 Nov 2025 11:30:53 +0100 Subject: [PATCH 12/16] refactor: Remove background of maintenance image --- roles/common/files/maintenance-info.html | 2 +- roles/common/files/men-at-work.jpg | Bin 70823 -> 0 bytes roles/common/files/men-at-work.png | Bin 0 -> 174303 bytes roles/common/tasks/maintenance-site.yml | 4 ++-- roles/common/templates/httpd-maintenance.conf | 4 ++-- 5 files changed, 5 insertions(+), 5 deletions(-) delete mode 100644 roles/common/files/men-at-work.jpg create mode 100644 roles/common/files/men-at-work.png diff --git a/roles/common/files/maintenance-info.html b/roles/common/files/maintenance-info.html index 4a8362790..f31b9ebf9 100644 --- a/roles/common/files/maintenance-info.html +++ b/roles/common/files/maintenance-info.html @@ -33,7 +33,7 @@

Firewall Orchestrator is under maintenance

Sorry for the inconvenience. Please try again in 10 minutes.

- Maintenance Image + Maintenance Image
diff --git a/roles/common/files/men-at-work.jpg b/roles/common/files/men-at-work.jpg deleted file mode 100644 index b3fa3799806876020fbfff488e3b57e3384dbaf7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 70823 zcmeFZ2UHZ@moM6g&A zQOOb&5CloD{l1z1_-5|BH+Nl~wdT$ot9l)&I-#mg*n9tedtc37eFBhy)j(}#0oHe>+6^=sFOvG8z6aB#8luyFub*RZeS;Np=} z;8RkwsX%NU!V2Fki4XuK?%F>|rlO@6^<-BvG&ZqIO-nDBn4F?f*7F+Y;1N?peAV}^ zqvJGqno{2_9^RnpQ&ilEX@Tiy%Xt6NJf;`_)B-*M=CUR^7UuugaIO=RV4A*;h4b?= zIi?2`Y$A7YA-0~BR5Un-(h>_9e*GcOfaO|!!C$Ovx5uE%Ai_}wlVVt)>p>Au2 zGC_#3Zd0_&KR3(=Ef+dc6R8)J`4lcxYjbHy(Mx#57=7U2`z9xuZVy7O2vL{@K8>6@ zc+KC0w(vE4YWA%uiR~T9uvXC0chkH1CkzsHZ_OzXtn@Mxz+wXz8A_S!TlNBRu3y+r zG&1NsxvNs2vI|9%su&8TIuZUT3n&?^FWmHLY~%%J=r!JQn1>H`)~)drlBsTSw18$( zu;z4#^7I(8J1MvbqxCqh0Cv1+vxy!(XH{khx@O`=>Txw3Q$N1;#@Ln?}=YvF|VRI##) zFhW8h_3jHbXDi{iYaChVLdONt9xm#_ItU*-r$2)^I|z}UGK{~FJC|m13ar&C@E|G4 z)^tiew)N#&RT+iuu=9GfYM0njEl%a1Sm@`&!bqyV4y|kQ3jL(Yftaj7Ulzr< zbPClJ)rOO!HLJ_Ng*{T`hM>I=11pYVrrv{*@F(%MTCYjBbb8o&XH<&I5~m!1;oaTy zmT@-pYrOG@Ud^os1cY~1wJO+Pktq}X@3eL9RE>5w++0qW7Iw1bJYuTOKUbCucJm(fb_l~`QPR_a_t>moa&kLFk2l6< zv4z}&E*>jL?Rd%?SD&~5`sFsbJ&2#Sdp-QSB=KLBeEV3}y>InmsqCLh{#D6eCI7Bu zGNg~PC-7tBv%gFJUCI9i%`-pij3eTs4LdUK)t`spL%i{xD}y-k{SiBZ;*&1A>Q0&S zAq@#85B1b-dDX&sZiiNSHNi$6&RqXcUrFlm629ee+Ol<+;>P}k9>(S5SVvx#L78LQ3=w18$h9Et0Qu>I!yE_ z>(1f-488y3iTBql#LRsw4dW>_``d~hQ%tY0NTsS(``k|Wm^$7Y zJ)_~p#CKL~Ic;i}Z))ANWf-T)YgiI@=Mn9|izmFc?Ake1f!&WG(`}ToU?4q&-ZAq4 zXlB!Yq0JG`?|<%IjxVq+0W@7V?21nK@$l9cjXX2yb-UIp=1e1!eWxKNPgje`(L{fGbAnKWa9F`% z+~1g*Go}{djY~LPVYSr;gUq`zv=_z7ucp<^c2d&D$pRfWQxl+3NI$-7vN+3nMo;zc z32#xu=$RckVGvhQQA*xd#~q~v_!e9)qJ~<)kFMq7H3NnmwvyDd>k~$;Adcdg8>|zX zmi*-s<=3Ik!Z(wD^OyJ!eP@iI@t-v^e(8_zyERCsr-Z2?Pq~?pFql`tM!A~&9aV}2 zNBX34ucKSJ)Rfww)`WvI4}7&a`SBLGs$wg3X4j_QWhUazdCfzOmFy?suDdO1JcrE< zK)LDy4pg;KKsh*Z3cuU(8%)nvTh#?v$+M>acGX<4=q)U&uUyKQ<`h}}IW4W!ZqZZI zG?^(Pu(LKg8eB~d{Ya;TpV#cU)%cl-W*+m?eu#Ev0t zm2^anj3BW0(}sguDI%bOa+5u%T1?DJu_HQsoX>Z%XUhU0oNYwXxPnKnkf1LvnP#^p z9)VfkQyCJ;=^SCyRn=-xKb`?ptBM*_iO>CF6;};{s}5sYxUqb#13(-NAUt4Vk18Yl z1Q2Bf@b~*9FhApe4CsFhc+NH<9r(BgfDHs(YmL%a+Pc>Ke|Y0gZu=r@;~2@XrY+4c=|y$CASb=l)U*-@?2Sr%moF%3m6;1*b*zz# zJJ6TPCGu&nwF)s%eugc{kDOj|j+3hr6=0n1=mN)cxUCUHN0*dBSNK69-hpkwq_K3LzN1y2M*Jkw#smarJTwDlZI$+=wD}3q0D;w`iLpI*;Er zTg}rFEhw$L%e-UI!`Mkt24m8j@K)B+S*nVFi(45GyO5sCgM)4idmx}HjsdvnJV!c9 zg19e1Tl!hlAijCzXc?1G#;t3<>MMB}eae*zedZ995la}t&kQUu2ue;Xwky`2nO3Ws zx9kfLu0`=}l=}x3qx7j>YF4bJDv7%bO83v*cIc8-&75*Gjm8Yq@N@$dL+mMdJ|*YrolZ3mgQ(P^K%ZU0fw^k2Bi!?P09*+= z@VV5?TFJ{)zA%0O_020$6PW=<3Bxb=DV&{CrFs6H}fh02b0-iP}61{BaZeO-t)04QXQ+Yc)Nt#OjcB&#;Z&W`W38 z{zL01F6_&~GR{8(Ui1>9l04V-POZeZ_k?_jCme-i#68my0R+|o+3-xq1 z=^~u*1nv#3>m;WTr&Y3x&#N^q%5_h=^F;5>VsCgM^ms>vip6C0HP&ybk2sMhs`shB za{Ru`WLn)v+6im~L-Op79`C&#XnZO)jHBKF<`rn3D@l92AO?z&jk_84q;{GB-yvY4 zvQo-|AOA};NY2xNcX;tpR8%EnX#T|`ix<6_>03=ACA0$eTDMGkGcD@kgYnmG>Hx49B(Fh4J@A+}I!^ig!xs%<#U)I`=6{n{yqe~CBgW4aArrwCcV9+Tn+e!Q&wO8Zj>7cr z+z|u&J|vb>DqWv6x+Giuuyp8$nY6;IU?5?-P%#nh1Ww%MwVrQJ90^opq?fv@T4xTq zU0xA~OxB-~GZ1JpYDpG_^2psv5{xoH{Y zTVn9MrPKV9>!z40a&!q@^rN%n<_AG}8ks6VQ@BQ)%B6m<>5+MMKw%cyOvfcQ(awan4d0}OU?jVr zCeJs%V+{{uEvR}8S`kh~)gQ|EGWvS`5RHPY zzZMk_p67@@*Xz1p$8DP~G9fBwE}}_ML$p&vGZL`!!}IKW@ZJ=GnrXCN%a5KToFUpN zS^;Zai@M;uUSr3Dmcdh^b7rXAaCTZ`y;%uQOvOWG-65VRn81rqVGXXZE>l&}CiujJ)j=e( z6;9rG7Ro(C1z)n^s4<=83Z7r8p^uZP{x)jfebpt&4P zL$f+xi<`VXHN2N9x1aE>KY_%SJ@aB{D)4yCjTrCexYJ2q9OG^Zt6rPSeD4W;K@-v_ z(DO=+s$1N@Ylbx*Zo7T0SNQ0OJzZc&9bCc2)bB1n%ylJ4V2^s{n0qGVGOUS7-ehN8 zaHFn|WNW#i8|$RxtrIPwe|_Uj>#Ey~)jp@sw$h4V+-&7Siz%iynw_?PU8hMe(uvc= z@ss279n&f6G=AKv=@F=y6_t^dHe@jH$3ZNEYIJx`vXxJj(6wNW2Q-b8^U(&K6_e%P zLlyH8lL}8ICh7LuB@MUo1zhtoTTkxk+pvV6s}cDg@uT#4Uc|=eM5CyX;UDxuRF-4= z!|qbRXFB&_)*Y^tL7^TQ^TNC&!QoW)n_M zB53$e!}>V>uMsi-gn*6BXkoaf<^ryQQNt!qe7Q{3pG{LVyRHKu z%i1wv=~qx|Y<)nEI&%s>HlSKpX4oON=M$<}aj6|{EIwqo*U{fUBof!cAGJ z$ehNbV(GiqgP4Sv_}bmG0htIyC22)YnTs)*CspiY<>Iybo@2N9G+a2Ea@L_vqzzn& zqI%jjH)AJT?Hp+p+WrSw{QtmJ{{m+*?2g}!&HQ44{}uU}=u3M_usXRFO!D-CJd<;P znlSoQWvw?g4ansI6JOrt_f{@&xtoUiuFeEbxepV*>E5x87v0Knzs6X(kTHPD%gR(Q zS>*-H?inM*$~A4vyh0qEZ_4n+#36-hpKm%&?dZe3Ya*3xkPp3=dCmuy8F{2fwwd8! zkx<-gB$*l}MoHcBa`+rge}R?H;@M-@B*>kF8BU2? zKRp}h)3+a+MVWs`ZQW|$_m0x35=IWY55+hy5-JtG#V~G8S3Zri;IH!SutUt!LL*c^ z*_oBk#PNMv9wqU#5FrB3n`L=&r9B(r6I8PTPI}wK#1`($v8?Z3<6H)`-l2`Ywh!2D z7_565qlJ1a4H`GOaU2bV8iIA_y{n&B64ChuPWXv7jAhPG*}2L#@}c+g-+jM)pgU^g z*NfYDo0=t8@ls4`3%R8Ec$(URD!pLaEMX>>T5ca9UGM9${;E7K3c_F=1wrz4H_xZX zxr%|1JPpNg%i0@7viYT{c4!`z`r0yw9+7&}b4HQ356IJA(5Sl@sW|z<iYBHt$}DeWmEhiko28t})92SK4NqC0B*>IS zq#17OG&sEJ*bS2ITw(lia6^dkjcgJ?f&9<>!F z?JDKj#)VI);H|*32rXIP(gMfa-W_Sb(x58w~YS*6j077`8_s=&Cq5S{pUgF-%fM;_iWxzMSt}Ml##-}kVHhn83w7Z3X*FxE+Pi8HBGd-~U*Cop zGpSbhj@%fHwAVw#k*uW`vvC;-n6JFMWEoqn{~;zMrcfs@scx+}7vJX1bZc>HIlahi z3dO4ig@$ki_Pi3Tbc*}v%x?D`14ewrAQ8dOOxI}No0+?Dp{fRWLH@}6C%E6Zrg}EK zXZ6YhIgiV=y>hFVXN@%nB70X5 zMHOhXdVK~$HylK)Z)9!9hC(cON+ze3>uH=TD6>xGD@ornUd!}ZS)_kM*vG4J;GGXsBZ;P2W$MWs;^ zOidl>o=-snVj-IRI8nB_k~29DR7G3evW__u?(?qCcK9_u=ox@r@pQzk;_vZRbEZRN zC4{_W-DKiia0%(_4|4;0D0C6iIYTn*K#FMt2&F;AC!6WaZaAOR*x_FM;oC3n1$=($ zx`q&7#VLK$0jip@fv%ftEJN#N?J|p^Wn^JXb`V)OZJEgj=mWV0Lvcuy79{FZZ~yVB z(*xDrH#>}$Wl*v&G+af1AoZ$ zZ7PgaP4nUENN4D}?8}8`=n}`6f~nJ9)IQkPPXb4{X-DARlSOvDI(|95>>5rNIR-Yb zPC4|SBt--5=QY|wu`FNBb&b>kp7)fKbSG)aRY_gW5=B&POfI|Ba{ZoOsvD@E$izqv|*2*JQ%TKy8T>2X39YY z?5T6BQ-Y4vKHyeuK%Hl%`b6~25ypuYfhfx5wG6u=qVrg}`Z--p?1I z(7wWh#W+IGii96+i&XphjdHSu{+e}~XE-!!J%>{`aT{esv}3w7LV3>wF38B958E?5 zi4tm&uPhE-5;D!}n0btVt=+0vxFR&i2pC~Q}eJSjTX z?(I~a2wzXl{mP)%WwCeunlylGo$|dZ4gv7QnL7$F4U|iYRt9N!9@|)pu+t^w(W6AE z4wL1{a>HyRO=dA^h{2cmly_$()(T2lTmQOe-+F0|NQlA}w1z*Y5KCP=OJ5L6l7CLs zQ^0-S=m%oU?e1<%NC82Gb7oEM{%IfGrKe#jA$)||(GxoLuJ6Jn5x1r+H{}Rw3GC_Y z(JW$q5+7wwPBzM$k>x4LO9Vpla#LgssHj+B)F0z8K}rNk%TF zol~jWxGTWCS>gQCV*NBZZD*NA-rN---u{w!?gNuaF-TVY6dTACIq#0%oK=C5>w69T z&qR3q3rvq$9{wyHa7HMtkC2*^Y*uibJ}RpyDtlsDGK9<8=V_Q>>=i&jX##cySb`^R zlaao50hV!3Z<~4XH6~fPc}wla#lCW}St8%K{iBKVI@IW-V$&Z<=--^1kiGw@t>013 zn}H`ES8`f@obkM&MHb4m0dbLHD-eeoDwnlV*sLCCNIqjV5o&d;udP-zOO#CwY2+E3 z5n#7>t?(^5exWX|)}P4XYS4~P+adJW8qkiD-ExEHRGgt?taPtV)m|kuaHgI8qFd?9 zwKz5O{{0qnvFFydrM_}Mt^g0FOKFKU$C|O>9FgG$t6=3r0Lh@$ zKIwGcrX+QWo|-!J&S-u>$Qh2jnZ)L%)vB06bv&iMi8~D*}DzmIBz{&Jl^mJZk%t!snOxh)GkvCrL9BHv?hxOdM z>3TeB2(W=l-846&PhyW-IZwcKwQPfNj$s7KJZL)ia&R3n_r9LOmn$(U;c=pEbD2rm zLxSFXM;OK)Dkzhh#_`kglbrncg7x2l>3$a_4e)1SOa-U#-~h-ulS^QznfHO)(Gapn z)5c(v4YI!%P^Db@Zi8PI9zDVXerJo&!W&Z+LZ$q82!>7#rVbmkNayw{urN{71Es8e zp^X)tK#sH$KMbLoI$TBNjvVN~=hKOyso`MNmO6G^@ziFj?0|IsZ3+YRfMQoEoj$|U z;&GNIaKBsJ4i)EVOwO(5j~s9UCKp~NUh{;m^j zbxXXW>r9ZW;;>1ocklJaYUNWyDnpSt+QPC%$e7lb7h0~FKgLPpVY`I+hCQO$Zv(Xn z%K~!J1wEcW8ywQ+Myl4S+Qr!>4cOYLNswEF$}(6b4Hy?4Qaf&EFZg`T%&jx<(K53v z58$fJy_|cSS;bWD+VM`N(6vJJ&dQKp8acnj>5iG-hHX#UMB5dBWQvoQ0}bU9$PIt| z3$Xl~M(nTi;g4$*pAQEcBEXduFGnkQiU)Lbw_1W{#d-u)-uryq>TY$+Ow~4VW!;gx z)mmIO@%e`4C-bNK?=Wn-yQ6FdE&S>rO3>EMp#_ZZEJvbc(bVz^z$+B!iJ>Xv zPsT|UczGtqNuMMK@+@__eA zUPuPC=?69qja(G+xMUnZsj!~MEe~~Oc#ivua3R!#;rab>0{Q_?UhZ)R3&Vuh)iSM9 zkK(=~;gKW^skANJFBL6r(&#ARk_xH5i9Iz@>p^_qe_7cArx%0CaH`ML>t_?^UGBNdPVK*+yp3^8(_||=zx;wWG zIxPu=!_TkJ(&ffcO#aj<7T>x1wx%SSRh6yX z*DZ^X<1S9(f!n0Rr09)&n!7Tz`g7d6s~eN)lX(gGwQ$P+q{|=Xh5tch6|W$uu-Sly z*!KoSi-Is0Z<}cEAkXe3|JOdBb_jzijOD#5aV zT2Oov)`}_{?JoZ5KF}Y|WtZ7n+SOG_)7(`kBqkZXfqbYK=Bujw=|cbDhY(d)=sZ2L z#7WV=0ohY6gJiz~5P|A&w%UR&?5PdCV+`KOhw6}gClb=RN0`${`RPkuU}bzM7Q-@UjYt+fRkeCr(Je$ zk!`0gEi3PsU$=#|3+&BmE_t-m68-#PiG9eErUw!aX3A3n@>z;Sc~S7Dr4={L7}5I* z7Au(*^2eJRyy>aLrVw%dc=N0@kGs&`;hSdhIgrl<1~Dv`ewI97w#4A^F}<6fDX~*v z*G(m)0XY0f!$EX*GEO~sNp0Zx^kE~DOi_71^ug0BKy33&QDwZ?q}B)I)@xdcpu|}N zt_Xeq_l&UA0l@*-qdq3}+<;E7?Rs|@XB{jfT-lkwsbbik7p&*v-!nwK+xv%HP5--V zu^|C)s&?=`_#-1Xw#CxjFBoNtE6*7UX=wIl%L@ z80o^KT^5r?Zy$mZh#}S-KV|E9b$=diqWb>F?P#AC(-w485W#oSW78ujp=fv?inkl zd~181(2}iKn>(CFEq31VPH4y2-kGj1QDs z=VLTH3EA1fh(dODb~HR1dUNrc)RRlHw{)fku87(P4L9V&bhL|gM_300wHCmhFZA6V zq>Y*GnpKi*X$%j;@mdc48@g@&W&6Qm{ex~xc$QYi!@SdX_uKg5MMPQ^!EQEL~uiFB!psCq+$ zVISCFNB|8O=1yZK4TciX(J55>%Mo$kRGZPw!v(=Kl9!y=B^$7K#@G2NG=x zIcPP#gqAkQ_E}#4SXsojiP#n^@sDWi+s|&u>Eh*<;pLnG#C8B=}cd2T+}wrQ0IbJRJ9KJLF9cUCplax+vjhdALOxw ze0jO0WqY4)eFgTjXBdJ66bD0H5XR6YOrO|H%}+Rca-ezQ`M|Lg5PB1bN5l=d10Ue` z^`%POgtyd5vLX$&jnEhm2x?GKYBD(CF@!d2VtCiHI-S|;`xb40fMv>4qaP1_`fj}P zx!iq}Mo$L^`=nEu<(O})xR+AM^K4aime$zG)4Up}jt~`ge;&#CEz2R(g;K{;FJ?Jc zPwzc@M&fE+g#0-$+F@7U-+RKihMPmh5y{v<326eNkk=0vnAa+BV zEyfo#odO)a8Fy!K0GpJuCsr#w43k#dZa^*bYt|^n0(kBOePnr3MroKYL zkJzSZ-T5bam0~=0hth3`Hj~AB+h-wd+S^JFkM8l$-A}jz(A?gV4&hz60*J8etnW$L zJR6+tePYjm1IIXFJ~KUA)ho+VmW)hQf?6oGuFWCQG`<3tofpRhUq9!73p35v52;qa zy7WGe+K^}a@>!Y(7Q`-0rqR>Y)ub(%3%b?bFmEqJjxkA&?u+pC)_C$~5AS9i)gDC` z3n4cLrp(R-p4L*RgR~g zkR$#?c`8Nz^O;^i`w%Wa%Z)l?=l36dth`^;?;BcCx#qQp3T^v^GVs(JiC~;b|LH*j ziwG*RpFHO)M~*v+hh=r5Ac#_Uwd68|(cCdl?2tkTa~(lNl?)vGuy5n0{b}zY+Gc6} z>-K>CNLhEB^-oLbbB>+-N(os{q-Ig^BoESHkX}pmO-mCC%+a<0CP$_Ig&u>uYV{iO71J$I(ePL? zQT{=W;yKfKl$CROQR4(9k4)k3^D6w$Qix?k4jPtj8?+L%&St9d1gme|9cj_8zjK`63 zSBgL=qw56`5$T*sI#LP50}2jTre@kPV?6TJ;ncS@-`Lwqh+bs6F&$6dVory_@)8C1O=_kKQTw3a3PtH-OL~DC=4#o)_E5Ey(uTHt zmd4L{$BCmgihf_(nrXH0e-74P(={CFB301pt|L4{(&g;OIR{A+(jGz+w;TwIk15_;qly1+?Pn-yWYcG<%{i|<8Sta7PTr%Ij ztf1^wQ!|A(BuBiRj`8hVBQ6Uc&(a-v0O<#+)cY5@*riX}nZ^ioSBF>iTmf{(JrO-S zzN5r@xpmu#76B#+`m2u~2sZWZyKka2RF_aOZ_Z zd9S8qawW>UHckSAD}^}XjVLTsS88+I8ss#p=+z>BkSE!^4?s=_0qenshes#Hgqct_>X1;eX_J_py&Ke^axe3EczZT236W!!NL4~td*Mu_f-+HD z+}w87iF-m#sL-a9PQL@Ynxnno?VI1HuK?3c`o}=GD}cVSa={(j(;2t>UW$6 zCR*;i=kFJL5&;YmK6;iYdK+Vyu3uDY!liYrnS2#Tk7^iC8q)ST(XYp>irm{ytYU%D z(QPUidyxxUhIj413|Tw`yI5`Pq%d6z%)x3+WM7 zg^)cuL+1=_5)EGE>WuIC+)>)CT)WRCsI2kl3sDgKFeswJkZKd5JG}Tbf|I$>V|YPq znU#6Cc87hR9VjX~s;2(QA*6mD%XSM;djv4CQ4lisu~|I~A1h#}Cv`6BC8vQd3pA?M zrdoNrwTd8H1;LFgK9|)WQ%?70-|Pl%v==?pmcPCG(Hk$Qr_$yh?*fx)5Hl60ftXGK z-ITcDsD4;Bp&QrpRLPevXnO%x$N|6scnF~xVv(!sV(;{&UQ-+kqdsFy7zZfwMMtzmjoD!1>avrwr@m%|yC%oQbulBCc zJ8kWLcDGy1lA%~rR#DCE&AB&o83;v!&TNpqhZAa&D%GO=)(B7iqM62Gq=Z#W_`N6P z8fNjU897DD2`8L|)R}!QHh&=A0CCAz5d}AlreshLgRgs{9)-tLE`Iy{?a`J_apSA-##+` zxo+(%5A^7FxDAGeh9QJK@#+=E#BXszaukUTtC$XtO{t=9nf7O4sfO0429&A4wZ0W2 z8Vy&_p@*u^B1VoEs-U7Lma%aZX1K zQcJk-M{z!mwCV6JSgT4*ctuS(cCtYhK2>yt%#T6-7<0xI2fSxz2PM<9#IQVheB7gH zi!E0v-Ne!GVwp=E;?lAzf~@YRQ2fHSJ7(*jZEY~PAfQOLK6TTAqnDJ~UMS9;i$<{c zcGoW70h61mi&4rEhNl1ca)!B<=!OZww=h*A5XZQlNspxpSOB~;IvJ5mBviZe-OQ?v zi<3M?Ymy&c;?kO~ApPw@;;3|AT5slw^nitrN|Qp7I~R42_?84u;&j7|IdLRSS(cMg z^1OXhsL+k2pzd2a?Y16&AFZ~YUH5nd)vf@}4gxdZ!brabRZEv=>E`T- ztOQ*SZ|oUY^=LH-+4Q1MBtlwmUo85W!djz_ESV%AEQ=j6nVVf74T5976cxI7nAN~8 zxGM&|*{k>%g)zkIyA1Dr*o$2_vfc)~t!L*Ssg_DYFW4oaI1cGXWKuql7F8a^zw0rC z%ug5AX4q`hhHodWZa`8Uwhk$m{e_4U8D*XsYDOTk}@ z(6u|i-&+kkidkQt`_jI`&EQ&`mZx}cK6;0e4>rW~Bt6+OCT3XO7tBe?qbR;>mY&jB z#LC1!i1McYHbHZbFWf@Q)w@3`%CWvtN4kgu#d(ZON^jZhD!E_j!@pKP`*PUD>qI25 zA~QMx>35+^4H7D6s7-sD>CjZRd~dL%jzH*SKMvUb2qc3r$G0hY*RG27S1}Rg?2AK zxwJ*;`{-`yqx9%zs>4#t;tL^AFRmdya}dr3^FrYvcf@m}*1g2(8m~mf`B|pwD21a( zKX_NZ@11=(JdA`CAddk~vsg>Z4%ipV*022MO}U2L#F5nb&NsTx=k(Tz ziZNENXDoX(wn7PVwffR@DO1Dx?ksQkgjrB-Egv2->JgbC9I!huvcL_icWbw!E3>Mz z?>T;9)R(SA%y|v6{Ozj1w$pWeVn;z_7p%X&TTMpX67X9^3!(u{ML7dbHWb zm~Hs&(Ytr7X6&qj@@x19@bo!XWfaVX+ZC%H(*$#A%@&Uftitiy2fw|pK7?k^ZIYHy zrzwTVTxFKr&MUzCM1J?x(U3_Q0no>$e2c)9!6Te2z!}qtJ|K1H|kSQijPrS5StyGq^{V0iFv)NK-m(=q_RY50BMvm^=6P< z;mX9z(f>+HJFTzgx5$3J5V|RzU*%YD8q?d=7($Jq2&{Qu>VM7>hkDmLuAE8NRjaFb zme$0~O~aPgq!1Yd-P4VZZ4iSB1wqLCBeFD2gXI|Bh+GN~KEKwGxDrKrD;0E^t-q>K zO^9Kk+2;2Lc*1}l*JJ( zJ~qx*pg!J3;So{yF?mdROpRUUM?U{qwBy&Uo}O%dEh`IDkr%$K5PNv?U8eOVh+R&D zTn)2t)iH8D)G=a<{=K|(XCY4%?(p-iRcvmG>hc?gpF&t-Dnu$jV8>N+~1iv?@z;ANS!I}rTm~V8Ky}r%n z82Isk0uYFRX>2s~QGMGB70;}8a!I4Tc{r2L0KYzL!P#`47U#P>bO8tevmqWPb%8{W zP}kM>Ss7g9OdBIqjMB!ld=)Y%f*4&Cdc;HT-MUUx~eJeSu??*4Qn+usP51$_h?Xymq-*MX! zW_A_6>C}}jvF_Y<;|aScY!j_NBm^lZTLoPKPN}e?O?IEr{c9Rwzl`478U6ZF^eG)$KmVv&JR$@XToO9g^mMud0-#{UXqZhTGIR=P<0t_-aLZ z<+5dzil{T~kBGD@=1>Ub)#+>x(T-tUyn>D*{w1S;6{!F&Y}{HKsH$P&%j-ux=qiho zix#31Of< z(GY%sed9szgWn?!DGX3zU4%{CMeOvB(PVtl!m#Mx#hX+QieefiOfR0 z1g&(UUIB{i7GGz;GQUCNTt3wtJ+G1feCkOVo|V`ZNEStzIjE|!o~Xs;xyM*1BE&Z> zXjKUO3f5@gNx&>4&Rr+ z%li=9JM747$rZ2MV?C!zqp@eb>CqMDsA^e&h>=5w;ZVg|ORAXbz4zqf)ZG&=c@KG3 zElzG0VOEL1BPS?)Q@qa&@XLWUkb}#!u#fIV=u5n~9N|wdG?^cpIaiu!BoB^n$Uk4j zMj8Q3u=_Ehgt02Atg^b-dm^b43WxF`3M=p0%UkTQjCVqHs@pUH!^{I}=m&}8bza^Y z$0bg+cJ~5e8Y*fi*A{Q9GZS=T95v91GEQ_+s(;H$8ON7jB{a`M{TWafuUkosBbMJQ zW&0AC(WHPUs#c4UKhcRNbTK6l7#AIuvh^w|Wjno+2A775C%==d^2CWU%V`ZoM~|Hk zSiMOapIzVy6eswO zmQ(V!ON3q=A{IQC6;C3H3hou%WQr`gDcAeZpi1u}7(AUcfOZPe@8N_+no)tl&*?EN zLdVSONxv^9G-jXw%~7NSk6%~jCD>dTq((ND^HNp~6jVoqx5Es4%tlwpHbvP*C7NOE zhLbJXgQ9g@*c*BIlNI+&(K8QCs0N`g!}pTZ<%AQWjqJ>8_$E0r!gNg$scGSYN*hI zgKxudZO@Bgb3+BHFD3axQHoB;!5rwg`|vN(ATgd^IO%0>3~?m}2-3vPat+NbiEdfd zD*#UThS?>394x8wX_WMI4_W<$%)Gd}Syj&?w-%Z8hw3j1_e}4;=^R?3%jl?0w=Kxl z6llu7&ck&>scIo;I1-)o%y;4uby)^aMGI~s0m={P-{?x_CR zkv}@)&WKp^yk6S!O~tBh+)B?|^iT=zzP|1l6}k<3tKjc;h0Nw-?G2tAmY9fDMj?E9 z36q$xJYvEu8~>_a90nPVyou9qB(y~oeOzLuDaFGAVj=v-Rm0~Ln0SCFW`|_@Owu72 zzbYHPgvTAav+Bu|6mu0^_B3IlJY_v|aF6PxoAR>Ghs}VDX0qnKA*pK3ls+AKW zCNdbqT_*)HKg5Q~iLq86&VPcepHFJMS+9LW$~7|iatckFe2Gepsd@Cn?`J@Pkcal3 z*{Tf^82`Ip!-NKIwY&6Mn;ZIy6eVkC43bUcMtG#SB-M{)!{{lZ+a9`}t&q)Bl9u%p z1uN#u2N=RS-i+EBCl8O*?%Pc&ZY!=B&*h%)`}@ksr)W99Ul&!Eu$hBD3DA;%`n6Tv z5mlAgoj9YWCMhof_AG;gr8MDAUjFlPVphf?G&M1qnVX5m;`>ovA2f$~^(`bMd$jeC zF*4w-weYU4>^RUZNo^PxlY^=)vd&hxlCTpb426~w>oj_s{6;4^fW}{r$^Rke3+(?= zv7hlYnGNAwx4kRb<+XR|MMk@Jf zT>tqyLFipjA%l@xMwUIa#xxTNT7R%>nwIalt2CsLC@md`J~4E~gb7eImvqY67RN$x?rrzrUJ};YUnTdPY?qO0HMa!_1OJVA1<)d`(+cgt%#{Y&GBUEzF<@N01|VfgI_DLI8%X zs>&>N^VAu_2uLA^9GTiT1HB0scS33|lfHLOG1SE>`R#g$e9K~{bi+nd2wz!|AjE|Q zE83>YKubCOrpo;$C*QS<8OV>gt>P+2LMkfeK**Sxxf zBpW>IH|t9(LlsyhjtP#aIi-gEICJ-z{6A!xe`GFeM|#v%MX<1lzZqEQm)S8hrDo*> zOd~n*l{96_hWn$N9(XS08&Ld3C)CF1ZjbQNJl_GlwO6dd1k4dG=+smE%X>MXBwQk{f+X=BCmMFTc5rX4S}WcyjdAg$34y ziE!PxdZ~-3F3ibID6%9EZXRnT2-Ra!N$V6jG(Xkd&fd1LOg+=NP>XUVYqT3x3Xp1J z)fr0|?GyP)+fZBkgzpEfv71_2G)J2mM48T?P*BamM-YniP+I7cO^CzVgt3V=gQ^}(*!#A5F^j#M0-<^mm6(6ql5AyGe zjNIoze5ha=t^|Wd`TWaG*`rcalK(D$2>8Kv7mA>rNiO6m>R@PsY+~i z_Sr}epFPh(PMlB=P5@}SZQzj`#*;I;2I2~;bX;_1XpBA#^2s7!LCUpk989;N=C%)? zn7^0ws*sG8YnSs2JzJ>YF2znT!=xmawB|MnUVd7wc$CEh@ar-O$vnv^3N$AX~17b4%tEp69y zH@*`0upygfN$S~d;9lY=jCT>UKdl;ZE;?Cl<(S^4%cke)FX{-$t-VKfL_dCB!{?x( z0)8A>gf=K!mb^8F*~`mA_^TB(fI4W(*$&jMucf&|JRRaTh_e-TPvQoK*tb(Gi|W>2 z7)erq>fP{^akw6M_XCOiy#X{7=_(R8sT{FHU3h}7aiA)EJ5|-7wRQ32k@ji^-jVwecaK>#8ns&+IyJ`r@6hm6;1zLLid2x5YfL& zNgrlLPeDq-%FKLo^5!lt%T8@II_e!7j)lS3d3bms5aPp&=qTE6atO02Li%t?fdZJ1 zH*F$=K2T5qB(N7F%?uj!sC{oRwFt^}fhbuJUC7Z*4I0Hgzy&Htyx}W#1LM;(bIzUP zbWyxg&rub3dr=}GDNhaAFRT}B343QLmckuXu;soXzA4}LeJ|=+pKPPnGwt~HD%`(P z$G>_!4GdpK89nC>(orMklea#`eW9M#(@)AA?s<{dMYgTPfw=MXIG}G1loB*DG7!Ia zHFr0Hk0sehq0@BLxj?B>gF3oZ%xAr4mBT3o zS9<$>XVCeAxm7GmS3l_aYS%s*wy<+$B!}9$64i}M!6ub@tnT=EMCwcGOLSey>X%yE zMETk~*3AeJKx$k$CWUTgTW6j2t_QIy=4r=C@8o<;8n<$9iV5BpaDp|hdEzsvK9aOF zb1xM$KV-NT0U__AnG`LmhOt6v5NL5YjZXYWl8dm<{%l9P#!1QadJ|dmgqJtAf&!Mw zt7EhHx7Fut1d;Q`wm+k5>e%4_1XlbrZ~>eX7Z=GyLS2V4b+?*m;`xw>wK=Fofe?3T zBU5*otwmFcxzqMYNgY9pq{+3R8cOPR7p1RU>MH$qlto4`68E0l2D;!E`OBL@E5F<> z!-0z>?9WIex&;UkJh+Ekz+j;-(1W-a*{=#x}>!P|8 zRe{#Anq;;Re2At6q)(bqqsvHWyVcziksbPjfQy>MmbX=o-wm%Fd~uN11nS;3E`w9? zEB7^~4V8^OaD|Oa+8Ml$!|_s?2o_>pFx_12NTzt+K&eI69Zjy7(abpu(d%^sgPJJ% zGDk-z6f-l^Y@XBiC*k_R@DUKsK51r@qgM)>Cx1)osXCyKnssZvM_st{e0mNA;gR9i zxfcQBV&VEXy{7+01$Oqp6B~&_eXHqqdbJ7Y(-xhr5vhe-!A2=#k&L5WK7v%;GDEt| z=Mve8n_8N#dSnJu$fQw0Kd!J+Z&QlRt<){MG=@eM+F4ChL6@W$nBC72dE89RI$rQs4MHZi7Pptt_LzUGU1&O)@MAn?PdRM~rhInwAW6eLWl= zNh1GoZ_YysIV-5}&C{`DWY;cpW=_9s52yvk-yPUIrwDo_YE}Bkc6Uz|m`aDNfEGAnHrYLToD}xSM*Ra`V zzopCx)GX>J$@B+WD;TM7HUe-%oJ{q_Hau+gH&N<(q*$`)$C=y?Li!DjHJG~YG&2Ko zPI;BUd7FoL)`>v8H6mE`wk@ej8!6SFa)Buj^rYdN(x|FkI4gr@)`*l1S|%drLhdUx zS?eZ=8nmA!wJs+HksbCeX^!}Ry^~~f7+Cr-WbcVrX)nrj zX{gEQaI?xF-PdO_IP2cX3*R3<&j{O)pyK-Lbp{T~^bs|e``SKKMjR2L# zY02nnihrD#?PsZVk8%}eYNpp{@GLh~AmUN%(O+%?%=#QBBQl!y4zL{FBeAw#A`Vxv z-CW00%o5c*>@d@^B$k;K-ZK86nL3*})O8Z?EbWi<+HZ2($9}ktJ$UIXf(Nq*D>9w9 zG+((DVyJxvKXyLI^5!4(ikRDuY8k=_D)s7=q(3|KtXW|weMsqXWVgUG2IcpWXyg&r zo0Snj&ko3t1s46AdXaz|`0we_gV5)je>Vl%@1IztEh-hQrg@VNY_^C(1vSuzRu9q~ zVP3A%#n%7d)CI7H*WT5(_Zm=sn=DRDh4BPQ)&`ukR)YzU5&0j_$sdy z{>!4G-pGhNZ`hvUc?SFGd_mX6^s=#Zv9S2%kh3!F>Y*-WO{_XenGbs=ZM{)j{>77) zov9tAgbDW2)O_xE&X0ZZMibE?jmPVvoTmJd1~v}l=CTWBd3H~64pe49jlYlM1yFfN zP__j?>aWSrb>D(VB-&-WE4)Z5aFotDjq`GOs4GINbXJS6Bo@fwD}rkd0~16tNCWdw zP13y^AKpV6*p^GC9^TUs_)f}_R`yGmXhJrfIdDw4_o47%TB!`@oNTbjpW0-FuN?BR zd~6wne%-5G2yd#AasZ???|UHdfYn= zV(mK$x3g&SAL>)ua;K<^OEz9gXD)XYM=U5>o4pu=g?Dv7U?3QcNqPN?#+_?>{C_K z*U(BY%hw!(vU8n6#3+FiQjgT zVx0j71>CU-pi=;2fT2$2A15{iU9LFu>Ql0tcSnmbo*D+-t%22+?ybn6q)F9X3(m#l z+#4L;t@VklErw>hC?d_%`t(V?2Waa7^{LK1%N_-Ho1WVv|WuO!akyQUa7qh%Z zm%>-J!fC<(g&Ko~C~~^IrRCJiLjwikASB2ZW_s>@+Sx3^rH(`8_YB{ z=u;^CQcQ3Pu_8YNHCIMr9zo_>jf_3=Q{JD?&C1IZI~zD}bygwSm5+Qz^*j#7h8!?< zbC)yB#7YlhLnBC4GY8O-jac3?r_t8S8w@vUZ`Mwdldd3bJVXjt+n@W`q>1Q=4VxGS-j$RkLaCEW#R2hdhT zOPQUfMEC&;Gu2dhAt(Vra|%B4)vi`@6;qLu)_uvEwaUwo76#qZM8@^v%MsMBszeEy zyKwf7Dr$k4H$GagU8G9SAGT(zY)U;i>jomDW zz8O1J84HCoGh1reG_V{kgabjL;ZJ1vr^Ah$7dLv_BBi$xcu~IevU9prpzr@9>j1{y zgY_dx*8!GMeant;;&8?Lq-0R?ie|PrGy8Pm2|?RqqgeY#kJKE$WP|tg*Te)zYLHeg~=0ut^Lju z+yC13l>bH*S2DK!+O8``;rh^VVKIs9AY?=uc^t*ZHAX4l^jOvO)$C$f!QNTNfabhL zgSSm^^hosCJd(sdv63I_-KPbM2YoPNj_HjC4#a)FWKEXu&onZ|E!rLke@ z=2%w0gr>DG2~-=2gseP?eHYnOW;dV&SuxT~ zzn^GqFWv1~48_lfFa8`Y6SV-a0el!hozt$&F4l94i;4TIioUxi9{(Y57P}Zh22rQ2!pmyp77hi3;Z2Fl}GL zZ6i!!isWZiA!9L%GtEUfI^|t1S8x#?KGd~X=VE*JmX#vtnn_b|uknmV2HzzXy{uVm z@C*eo`5{;0gJ%O94s$)HO4S%li}s*GYZ+Ny3U$I)LM)~hADJ8H4Pkq6Q~HJZ%wtT_a)}3&V)gkBk&^k}a~z_EPL7aHrIRA1g<0Z9_o+Zy+9;$H zaTo5qsHqhjPNq@N{}DF?Eu5?5OtE{f1XafNgyVU_{LV$kM~kHkLo!qxz3B@ zEBcPj#u_MLW6i8R!wt}&u))-aoty9fR$x^Osb4dkn`Pc*(~ENZO~fJMI8&bpzl{Zytm`MlJ_e_m>*MNi%RI$c>%f;f0@Ct|f>v=dVtjh8pmK)n{0hn@@SE2> z?tNEdzEt*_gx7uew-{>z%b9-zA(Tw@7ea}@AHm!nhG)5{V+>eZ!qck$yIDx;+C zTuU5=d_~D=U-EeSkLE?CM_%|luQEs~z+w&-Vb!njGXd_rvXu;OGv45b9TWlRnqLL% zX2Brs&zhgrZ4z_2XI*1!kvPnu;-?+v-$eeA@1`URf4Erx^Km-B2&<;=Dg`R5fwXi! zTZM-tuVX0FU2tS-Mvxr!Xf)BI7)R^dU_up(~>_nw<<@_-D_Xc;l`Pv$;DZ0AN?h>;1rvqMQL zH5aH}mKMc)*>T=Sj$s-4Dp>zY14MQGY?6x!#c(Z4W@2`OPiiQ=#PKW!LB7ltdKV3h zBMqqURN9=DQ&zkLWrxHvE~pS2H=F@)tCrg|kJ%*E!=RfqXy2i~*F3TtOc#1j z0d$iC`VSf;cqPUVpxDhgdxpc+CU00j=lzjKYuV9xMW1USor)hG;?mqXu#H3jF7=NR{eg=Oq_%~4~ z>GFN$>D7U<=cczAM^-U(BW(#2*y@3)5?-%EQz53b7yBt}s^*%7w|$OoKB9VbpY*SY zdk=spnMk8ZMkk5d?lbBU#SD-o6EU?dR`t1wMQG{JdeL5aGgn?)b=F#zvcRhXF!)?d zd#$z^KD4(ZB`^g_3LiQQw}SApL3uquNwabT^XSAO*th%X!_@sRFRADVvmxo&3QNyw zBe(z14CFn#f`y>)ul6MMz37c@#m>`?)3yb_I0ULKZSLxS(CWK?&}v|?0TA{j|89I5 zqYRr?Hw!jq{$ZVCU5BsK!(K4y^4r4azllU)zln;Sw(ktMRFB*B=DoI|uyS~j5NP>C z{JZ#(Qlx^_6_uCa)cPUPPZDjB{)QTd>hENDt$Z^|g$)3OZ(2B8@H0vAWn)L3I42F4 zAa*TBe{f$Ko;k(RtVWnTrf*>RMX5qowUDIc_v7*9|_Kmf7)E)Ne9c z@4fLHx0PsS@8}9Vv$Mjo4a37DH?kY!uZl?bA~V5LUcWPUxAHv#PCZWT?6pSCT=?O$ zW?lT<$@=>3k!1s5G2yFy^=Mp|V5z9NKm?ve9{8ZQ7hVT8{UJz!S4PA!OJe z6ci74gY5GhWdZbfR}Xew2eI^H@NU(Yo5zPQET4b2A>Dyc_A14ESC*8{!Ede9Kdvscuu(D#$ZI{e<`2=c^@i#t&$)v^Y~g%=7o-mWz_3(?~A04QG=~d@6TS5apA|^ z*DACf44*_d7vuzXjQlcs_x;MPUwcfsZIswVpc(fM=lcKU3+Kd}+C`98(!+>GEvgS7 zpp?$A8i1U(3ui7nX3D6VW|h@@xMTVjm#0t@%UEJ>UztCtx0_YSThlgKbiAgT9=`^s9IV%~DKiM~Z=uVK=xI_eds5#Q5i$&U$v?-VY42qh1ciN7ba z)wVU?oS=C4rS=Wz5&rwgZ=$LUGJ`eK-$bV_lcJA|&ecig>Dt;|@*W19Up(KQmO;xq z{ot`|Ie#!`+d85pxut6w-=8=^yB7L0@Oz2KZgh@%C6E!jwLKv<=Lf8|Mp)6D1S_UUdKnbQ__GQd?^MCTS4A;M4PHHc zBWhNHy@?hDZEUP8h6jlZ0Lm~2>UBeNJwzU}7!Q9SJI@D9Y;t5qn4=2!{|BMsA8CiY_UcO2 zpt4Gr=u7;!%ZJiJ#;d2y>GW7@R9loe;>}=4|BXX*_z}@w?H|-LsN(tu1m91HX&Fz= zp-b@eL0fJga!O%=hvz82a)e|9nQbJuZN{9J)^h_UBT41);@ownR6P1=&>s0`%ANDX z?=lDxMhrfOhoc`QBOD*&G=IAtLf+7&>z)Lp9Wj&vAO1vwf5g;3EY!e1slgLJ_; zT?A%VNB{?^SHMxf^&j5IEhbRgj&UDQ2WJA7E%&XbB>_E$&0s;H#xrLvdd2i^+w9@5 z8d6Y^9mU(5pID3n-Y7GK?6(adUl~aT?z?_a4hBD4Lq02jyTq1Kia&oERJoD!Wa#;; z2fjVpjMvL(KQu8G3~zy+-TzKLWJh@RC^nSn|iQbis1^YE^XX-FI={>J4h-rs=V8?&fpEK4q=IJ-RF- zSA7y~@P^+&%k9mr^s-^6{D&MpWeLaY;^r-*>!_jo)A43hV*%=tMbfe=0@6tg&pSUE z?-d?lWT%afv=;L}TF<4!K7+gmpwiepJ+>Qyb`e2?*TiXOfTwVQL^>2M+fT<^FPkYk zKX@III(XmZyo19?l%czXCo3stV=Mnq35m4DP14-+v7fy3Hvi>wIff?zE}OHEW*W)$ zCj*TBvS`S=5$xvzbiV7*pB<4JQPKbtdj86|nX)EB-MIz_ZHG*XM4ozTk^DF$H)qxgOg*+mIj(LXAtB5z z%)fW_LD${Va@qtYl#(}e%U|}f<|tA#FcLRAVEoe=Hf2~2(n1>CM*4%o{39Q^kp7)u z_8-v5-_sW$`@0ErRsAUe#kP7+J0f9GwR1wFDc;BlvfC)ZCdr$8FJ88n9OdeoM1|gB zaCVPj`IS2~R*kIt(KoogaS)pHYTvd(;!MW!#x3Q&kYlz(Gk1Ldg~o%W8ir3|d_yR5 z(DW^uYGYN#ydi*^n|hS_mFc=9Ps_a#$DQH5{QB{|b$H(|Ppn@pHu3!POB~Qy1|+)U zV*uW}#xMy_9#d;CZCkQH1(aRDM9ch{GAiRr2-rvybD2Ic>r!U|kI?kcHNAzTh-i>5 za@eW{ePa}LplJP|iNV|QiHxI7DXVPEn1KUX{d?sjMTM1!)<<39{HO^QHONa#_ovT; zN^^4F3>AX*l44uPUMXeI>feIfh;`bGpWWbXqS`av`<>l!ux(U<7+Dq3~)yqaQ8E=-h_9&3Y z>>4FuuktqZEVlboGbaac&N$g4aB~%t+XI+MlEi$1z=lI9dy^T|O=&>FL#ccb1^Z(c_ii+s?0xgUQ za8-e2-L=Ckv>hdjyDmkFjn`VJn+sUrXjXICQD|*nXk>XZQtRZG?La@uoj>#4OSXI5 zIr|dJ#~b+*dcM=L&&R`?hp5#Z)1PRR8;d1&+k+bdjMeH=PltHESw5d>5*UT4Sf(Kr zIId7I14c}xzDj{*-;-`Z)7mx>H>gO!}>c8F(#_N=LaOh zS4S@HDBL@UK$Ibr!~`3dWBM9FuJ^zX_D)+Xjpdde=f!w-5QzKr{NIuPPy3~SkzHZE z&d_U#!kGi6nVGW2(pEyc)p_!ZAr**6$@r8I6R?Js7SduM>{0yFMY`|&*A*(#5c0mq zwih)~&)lWau;^sC1RQn9u+(%En@OjI7m3?KS2rIRYjB+XY42wD54730Q0T0x)Z-C| zz<(^f8x^Xrq^<+8*2|i5POPiJFMWhpb#|=p;NY{*xY%XF=8Rvv5`>a#U;t=fVtdw? zFk+RYuGOe!&nhl6>sQ%`W=9#wRzVgl!cNVLzIUmb8!JE!HrvgBl6jOZ738V!P`4G8 ztgdQyP*N{7a{yp$dBY!Avfj8$8d-U%3()* zYqIg(;F{srI{cx?ZI zs{@(gZIe9yU*1*VwwRLCOWuj^bjrn$Wy~x*6=uef8@!4z_8V53*?b0KTuB5_7A4Qr z8nMD--4D_6C~cuIp13T5M(U#HqYoF{Ok&T(IV&A}Yaik3_)z;5j*o*A=aa3ozvRLu zqvJV0bbqZ^DD_kJGZ?EHCzE)=_!KP2Gopd6`=b%H&0TzNhgJ14pl$Qdp8&13ywgsx z@;8mf@Y7F)Z*!1o+0}YAVtl=lqP+MF%fvNm@$(ori^NxVR$p;&K6uaSx-fnAD2kf2j9`Hr3kKodt*4qF2&$@8#3V_nJIGE6M&mxtUuh2TcMx_h%$ zc?}>pfF1*!wn&|dZu{);ymT~)wJ>hWf6cNYRF--YF)iqoPF>zo!ho5~`E+HJ^b0X_ z8x-WTJ-QU~1(4C1>Ev911bY7}8>0KwKk=(bWf30nn`p%jSdb3>Cc4YHg!Z=4 z7ptLMl_TOSw=)gbK`#Ev?#)jE#y<{!Li+s3x_Uf!X@MN`y`vTjqL(PbqaC>Obu$y9 zlEPw)#AQPpz@WpjA%b*%8KC*5rG1}r$`g9L_R>nbQGksvrec%#ROsBZFl0<1?2WxIU?mXh@ed3A^_&m!qWi zr663K1Sheu+~MVNBON|ou2KtYB|XRcMjDQ#A&xRuO1_ln9nW*xEWjr4yybXH8 z-xM_IA@sbbz@#*VlDTp*qrKdo;QCDlUsjXOJd4C6no>ZiHO!FK}Yma72{3AxzNj*mIg)aQGXunf8V}eVKx!)t1_)B82Fqx zr>l8wV3V#n*Nmn&@*u{3#uWyIiu`(v61Pau${O^ax$>I&lToum;L1tw#BGWbeHJp9 zmaU{oon(!^_0;q)nLs{w6;ot@0s)3zrojsV5#2FppfBb1HZx`tWs){tm}%bKk{|V( zh^mHj4KRB}BtR>iNih!m2Dd^ChThmT<2XdKFz9o|2)uCT@NXjhC^4SOtagc`C4G9= zX@<=2eODL6{(zM)u1mM3%PvEqa2De~B4!}Q2z$|HHnpyT8hU{oOrEX<1PO-P-|pJK zmm$6NnDZmPsUn(kii5I0Jb>Ua2M*>Ec!TGOcE`mOpdK?n8-F z;xzp=-)Baow^K&ASJoy4{Fgs37k>of&nQ7@(Kky*%CLNY!(r45a61Fi`ZHisGvsqXpYkO%d0lLu z?Lto{+X`^J&NldO58RaYIPQ#~nW(8dKBHTO6E%me~ZAWKs@W z(EirX)Z%6aE?|D9vNjF8h>q{Q$4P@@k2oZLdKA3)TmZY;5&J@(^MwC(cT&*C za}&u=hG@B0wvmz1&!Su@DWYcWBEZc#?w~Z;i1b)M5&*C)p{Aw`|09yRa=KH+fUSMm zKK3E|6J%U`nR9&v zZGSrdEGi-*hOi$Qq_YaIB7WVJ4z1w{MSM(T8Z76EiIxJ_i`sX4cb`pKPE87$MB5iY zXC1Xjw4*SWeGf0gY!ZSN^WUL{hxC#{Gj@4RqF$hTQjib1ff0E2o<^%IK=dl5%%3Zw zw)A%+9vRYKU9K?3lx${D%gJeI7+HXRL8&+;lbLBS@2DN)>-FoPJbIQlPdT78P_dMI z`n~x$;vFSciQyO3H2h<#aQRpDG}1kl7+=$e213`|cD_ zA*tSNSC#8AT22UP=COAU?V}Qbo>788xRkJQrLzdAm#f;;*SrBVSH_i4L++7&<4S~C zAC;GHgQ|ExVy;bh5*yMpx2nNTkejuiLC#&9N};Zt=|b3Acls(h*@dmXPtADQ;pEv+ zJSjI&iiAV+6+~qeq2SmA>GE`A`!odq??L%$MmnomHO5g=y6>G+jB3AHuJDm@ADvHdoq8T*@dXH$O3T(ywIoqGV50Z z)pixo$qkp0(TCITiFU`vld(KwE-I`latX1}IrP<@s_T`#-TT=2tM*P3 zke^K1Y#(iJFvz$be9791ooAP%e6!`poOO3jn^hZWu^8^ZC8ueBPjy2*cD5{=Iixgr zXkB2`&L~l9>zCEQ!NdG_CyB&mlD?tNT_x_Jw5-dOn>bO4y%z%~kt)X>QGK7s^^nMy zuNhE2*QHm6Aw~ziBK37WNQ=>E1{jnjVYDR%t&yQ;Eh#p5=l?kV{28eK$GQpi{j5$+ z3OliCH&YR5rFCe{Wn^dx@!{IqrLL570k?HKxzv79U#Y}TY4D7g869tSp|i4k(-!uh zENq*%P2zP0O)&9y?DqYNG!+YKv-PsTcLp;w$Lcx+VYD zw4Y4gRQ*`^(e|6@?JWRs#X48$AyFL+mw&XZ#CE7$ezXu&tNUqAdj2&p&IX`){PSnO z;+mk0aA(}dUesCqjGeb&`-eHot4Dloc~w_T71ux{>fKM8^5pk^?FU?_H+K7N2#II@^H3t!Xy)IFuCxgw&9r>pkp>2XS2_2`s~lW z{IhL88MeCT5|{NZfpg7EqwFo%7~>g{%}iSbuD=qm`&Q$5x&R@xf>nauDhvoi!JUdV z2X{W79QwfP)BBa5_Kxk)uh!Bs#WReQM+%C}YMEBBEVXUT`U^6p9^Irwnfh70Yg;O6 zjBBkHk!Cbe(hnuOKb?=I6p5vCS|vXsm)s)BYg3A^$vLDTOcHipKnABj=w(8r?#?-*l6}mgxI(j8?ZTUFQl# ze_k)Filv~BfV0rD%6J*cEhK@#@lIqXINeBmr#ihO zkuUoR#;CbBiZ^j7+8mhL>8u4z#ZLE%}bW zhwM~oQzzR3@G|cta0w+{Z^QLDt6R&?Wl_^PV!)v{zm29WPd&-0GL8(jpAx}GAt0@^ zk^RAbzlmgJLv_64I`p=zmA<=|zO9wt%>VYDgU+`{p&%hVF#}jI^Cdrg+xJ#!RoYmw z-2Ox0b?KTW27G10>+XVSTD?)32U(A)ZqQP3Qs!9;&R{Bmb@e1IV{B6E6INaGXOC4T zAJ$~j>=>{xL?!D(@5yVJB=nd^zqToRu{-sc)YVJ8!TjTc7Y<*s z^PD9>@$(FC=+|7$Gz^(P>sqgtJBc{5q9feRu@knR#UjWTK^c#@$@k1&H!)Y8<4lV) z-(`=z@7tvhkomG%`01!I|D503=d>dcP_Aa|8}7xO&H~of_Wr+#My5xp)J(w61YBly zjgOyyP8 za0Y`C$n*eHh^~||JCJv?SH0IbI3sl%Ki+dh9guw*lYr>!0}5<%t*H%+a}aH$bcYWW zZyM%jRw`YO?>O^j;-M0+TTYryQYV~61*mUCX!X!Oq8JvrWv#U1d5kqJ=mP8|@{m6C z>-B)P{$Dzij}6r}gFBv1{It9!`gy7M#jnW@Tm=R@Kf#c6Ju~61w@Hw^>FJUldN>lH4BZWK2BGK%5xJF~Z+?Mp{pxbQ z5fOOnV$5m3bm+;Zr7*tX$cj~xmR)+H4cGBLoYOTxQGj)L_#ZSW5MtYir|7$-haOfb zh^w4Nj&WV`n-H&*D|;HtN0Z3BU6`RHz{`;VWUQ?wb53hv7FMY}H7#49UN2FJCYmG` zW{^&_Jz*rE`R<%(qw@TnpmPB0YTh@lgx1pdZE3mUhzcH3-sWAS4QP&6VrzP#z&-y! z3RW8!({9QduNu@D!a17<X@V~spVOy3A_-ECP!D*qoTxoj)O7 znLlETaa#OY4Ts)X{YKyFoMfqWgDR26ZkM8b`f3S*ZyulY-deg;GKCq}ljXY+@gptu zDjV;;_>?aFOw~=d_sQ9G8DNyr9(%_FYv?_z1Z9>?s{LH$gw}xDEO5f1^da=j5_?RgTsMlp@q$FnK@FrDhAo&3ty6Sxj)m|6r zA6kD`-G8UIu4=SLz3rLRL#_)H(1fO4*%=B*Y@xr_d}f9dAZt2cPt)j-exF z_4;WZpbmNV`S0dNJy}r;abt-Vkh+)DIx@j31XOhShfj}QGwy2+g)R(D7ahtx`U#h@ z`#uqRTG$8)IBirC^x~D9S;*=06mh;Zlnn9X>2shw2);IM5z^Lc=_T4=+WOM!$5hBr z*|J^?!4U}V1LvB$)lJ}Y-lg26NNdH!V#g9inuaDJe6@78s}zKH)}G$|BR1Mq=xfP0 zMLvGtp0BZ+p2%hwo=pm|m`tg;17E{4y-U-mi-D2zZWYU9N0dt4^O;*UjQM-J?Pj+D z=ZZI<9uEb#t&SYn>Y8Pis5IJ!M5~wv*cN1eb;j|>=W*zK6izquUB5+^bB`r2T(3ax zCCj3hfS$<5WDQJ>)P9WnWkAOLtW>{TuxXlU0RP@&G51)mKzQa{hRBiqFtzoH>L+={ zu>X5v@LyK~%q0J;VECW#gB+hBRVt;oRpU>O)>{{RiiU48BB{pkeNWG$Naq5j9KL*uHCAd(vv@b!EccZd5%lbpxfUk%uQ8UaCb>PP(qy=Uet(OCzJS1sl(c9FvjyAm($7or$Ntm?Yf z3TxqlIf!d`@@LwYTL;s|z^!s}zCYUz<3PoV*C)pScOsR$1#zx_7y6*{kxyVNpa{(C zwZy||O^imV8MBXl#`@il_)WZV*;Rr1mor%IdDFK)2!``@$0yi4DgfNys|R`aq2Sxa z69@7zZ*#iOlig4BzGcP-8V!*@G(zd!txT@_0EN#>jqEZ3Sx0kb(>>ZE6RLYLolF7c9Chp|z>l693K%EVyZA0fAhakx z_^#7?j?;uTh>oR~UFgDMg`lTtXi06!r&`X}tA&2(@|H+r9Mm@I@KL7jHf%lpwfrUa z-;`;#`3ml0_pBxbdoP#8G&q1`jTPfT+2B=knER^Lk6JE5!*3#)0+2%U=% z1%RCBtGVFpbZIY1%6>CJidIa7G+9+wkJ-8u@SSD&*^Sbof)?9dPo%fw+OqhdMsmEy z#@AAujUsFw+n)Dic#Ofc)U})+YfI9be4cIyFAUTy8}Uq$ zJQk{^S7^a3kO+&Gl0wkkQTSBV#!PFlWetifMKD47HQNEk zK8#oVp{=+7%SSd;`@n-S-O`Fmd!pg_^_PIwD{ogp2lWw#Z7|B7;W~4c03V`9S`p=x zk$Pn14z@?w+EG(_nV6UvPa7{fKb|v}4;E>rmt&&ql{TWL>vur%e6*&0ma~x#7$?7)F1>Dj<8sI3*7X! zd_SDzZTm6o`UX49*oOR|bG1wWbmZg#6&W7ktAAclDDeIdvR$gPOz1+tb|PF$qs0~D zgC}IlsV{3mPlQa?)zERn45vd&=8h#=GEVN@#NWXbo#5ST-za<%^v@~u_)BXY^AjSF5n>2__R5ahFIe{Gv$n~G2kt>h`8(q z4P_CcUu_%S0|<}r@Y&^1DPV)}5_dlr=wMH7m4wq&oxV=6I~^_a#8jFvgL|Od^sb@i z%ajD8C`U&Ed2LS2Ocf$NiA>8#KCjPDGA_@6ciEwIrO=yCNC-TwaQIbJtGso23RzwQ zgFxWfz?MZd^4IVpaYv*#LAS-41g0Or$waazT30oT%LNEA8I9$ee%a2gJ1{HPM&)=# z5k+z`f{D4Q3}ekuN3!X?8;K{z87ZAjoL3vA+S4iB>yBya0E)>w8?PM5>dch?8+&g7SLL?#je>{*3P?*!OLvzNi&}tm zgEWh70V(P3T8r)$kPr|>=~#4w(j6ixz3&5V-TOV?Ip4d_x!?Kjckeyxw|H1jKXZ;b z#(d_O|M4G3>KrJ?c#DLo~!doyJ67xW_l z^^ACx3@vJKHrEUeUEZC=Q07+BrBg1;2zW>+z_^ji$w8a$w#`W$aS$(f@-L(h{MW(W z8$xuYn^OKR-~lT!yHF1nyym#>`7|wp-U1e^`1`TiAV^K5RpX1$y3a~jUl0$bWFWYk z$-{){40%ojRIAk?ow-XnX>ShpFv`Z4f(@~>^B)heYo*<#-30lOqUS&&qs*3v9i>A; zXb93q)U`)+Fj|{T%OwmvxX^hsci-xX^0II%?TO}a*K=4sa4!+&Ko2)v>Ct-wlNmlls%k8E%oblKRPmL3Z~kc5bd zQ&$L`o;9`U7vZv&1KIDDYZxru~ zB!oS*oFiuDR4${^ju`dkdEik7q*fr}moiUi^kK;vwba1kNR?lN`MvTFmIp$19V8NX z;*Ow2UA|uE^J;#FnaHwnNrTP>q-Sz$?>O?RcFa#DJccFmD5TP+Ey`@jZkxpG4J(f# z&G`aPPNC96!BB>VBbwzj%$YRI4=|T7g;b}qqtoY4)wQQ!rtlvo8H3gw4m}(&tfhJu z)BVCME_B@UVfgXqxbcX96T+vUPezHJfeUI*bKYM91maCi z=S>bCJMmsVVY$8~LZZxiEpfq{htte*%K&0is6E$=<(3F3Yvma;RTbcnAakSw<^i7w zd}`_JI+WV)vGL0@4Njl1@a$*gokGT4xJ=?XYi@I!yY0J>uCSmNNQ+$EU5gwCr=pP# za_GoiFQ@X?i5VQaqrQYjYL>{c>Zn%4HFsdA&xqimo~g2FsLj=5qltUwg~OkR)8!u) z6&dp8pp*mX04b@n>1Al>#iZi^`e+#}tOvic=?OmF=UotSJZ&35p4MR(jfY20_2H_N za5g+hm<VIgX-G3 zbL`3*?{jr?2U_o19uu2VyTVS@akYirxoc9KXWe9@GXYjaVF zQ(mc$ohRA(3YhWQXnG@F>>nqEW51S>xbgNJ`L1rlqiD8dFfN{+22U4mIz7Td1 zG~3^E`*iI~H9G#tq(6xq-lo;xLb=B&iomq3g0LAUfccc99QA^kJ&!sXse+B>;Kn z6Y^1{J*TtbBu8~tArwfYtQCn) zIBjMNdqx`Ld;M77O05Njyq<`-U1Zl#z>tE}EMzHCxvEHc>8J5Fl{z^-Yi~~~2)+6K z5JLa~VLy&j3CrUE;Y|GFxJQ_zU!)TJ*}GL3A$^c`dEHp`{U8n7nZ6WE$Lk9Nm-a>w zxWAubNXXD~7iIl;9iTVMt)aPGdb@Gx#@#BEt7PRMbRoLHGqhkC5GR7%gVPzTb+y*oVz zxhJ5}_eA9-BJ$Nq6xPxHvb!Yroy;96Np=QS>t!1O*!i76Eg%rP+7|)AgZRE|te(Bv z%c?hgOfGae-&e8UJk_ob&^vFUx9XsvhOq8szt6=ictiRw82~Je)CoJRTw1UHhHyu> zG)f-g)(Tg%{=i*a0i(OHI_DJhE*srEy(bqUJLsA(2{Ef?Tiey|tQ?&W;8H1WOZH-v9}-E!?hIlU@< zAl3~@p9{L}gI->Lbk6}cyVnqO^B(pAaWTPtNDYo9$EkBeE2URFV;iUxB`JIsA~0jg zAy|iAyY_Z4ohZ*y+fd5X`AsC8I4Yq(YbxbQI}b?4n{*U=Mhh#J5G!B8l@M#KAIbZl z<@Q3j1-eOgcH`;$?^t)q{=MEx3|e>T%97K7qR!`!mo2mD%Q-t`^Ma-mBZAB}JWIF| zfZVG!fi#af1Z5_)1p$9MQjVL2MaW6r^Q3OA4>jIXLu!BNtBwTt^YVL%HKhtJKePp?rDPwF*s`$MM?akh0pdob~ zbui~JVNdmGSXH6x`g#=E#M@Jf?lKlxiwI^?$%6Xb(i9+~b*&|%Xi8ofi)06V5nmqG zzIf~Un@6cx<6AwG!aCZx^`T~dIriJ88fgNynM(WQ3)L32Rq>hfmBcw>Tbv+$B$^yY z;pUVuhHu8!M^5fOay32yWU8IihurQF{8v{r>#YFFAhOmgWCj?ESG7+c*wpnxAbB(> zPqCGOR1OmQwPiZVn|6J&p4=!J;(7$rw~wVH*hNnVHk?jnW2CYrsdFm_ zu#E~Z@U6h`Xxtvftws|QNhozK(KExr{s(;GP*auevIN(S zR$)v*KR>nN-k6Z6am=eac^Jdt- z=@01&APbW+tn>d3A;Lsfv;hm})6B{5vr+W?TdglY2xAQg>cGN5X}A2qg;I{IX&1Gg7!Y(b3Z*j>lush3g1m( zG1%NCD}#l|DlIbLd3$S^G8^(Wt`at7-5nWTXdP{|txah_zN>E2l(crNOC!XCZEt?x zn-gyqP6yrOfp`0CYz37P3XH>Z)k4m2Sa}JID9lYHlFDkfSre#3<0~UZYg&_xs1Uzs zng2u*6)Kynsbw_E&;-yHePP!DP%(a04~FVyLyTI!QE?k9YlXElg>&5TFXRv|OxaG5 zdZ|BKyhK)inbB~k=ekWGy6HSsEcrJ3?$| zlh*wlavzw|;#8<3b>JE!*%PGe?Vt;o*5xS}Rptp)wwM-uXjT#bdR*^Ki+jGgSnm!a z^Qdcbk#kd$ZQ564zR|t8AtA#>3{^)T@^~T*0?^XVSjMr>G;~H@X@dB)VDHn^MBH6e zT65)-&jiJupJ8FI=n87&6<~5i-O$%8==@!M(n`gLvHF~{b2Z(}vG?jeY;UpJdS3c+ z9Ip*b{y&}E;O0rB|4HOG;wkL`#KcdHSU4R{F>gA&{(^FGF^7b9+AwL@QYTz#RaO}w z)DvoxcrM~y+1x^A7|`yfP>K#ZP*#WM52Hv)hdvt~PbgD*9RA5lIcc+JOtVm)+Lh*! z=s3nG@d}phNJG4+V}No>a$NY9uzALUwG3&1&!W=VFt@(4`4N3YK2DwM*jS5DbD_?M z3$%T?>ZP$BrZM3ifB{ntD?_cU1xU*oMhX)L(W7|DWFxxm{oAuD>AKAStQ4uGPmaUQ~nBDHFqYw51k8NpZ5>@+C$`6UO-I zAOm|-32(GuHWJbw_r6{tUOr!3%-^%_e9{I4AYm*5bYJQgI#x2%i8PXF5fLF>0FvnL z5G~S)tk{D1Gi7Zj+;f9zEuX86ys}53ytK?TylFss2y9ZB?9o`fzzD8sGk?TgV8WK{ zLq%AAvWA+Lyakt0su}%q0{9KRsa>~mYR$BhUJ^84-JFXV$O5G;PN(paRsH_%g3w6o zDSYabya%i=3-M&80!*g}^!#h5;4(I4jvlFL^ zn9VOfFE`&yi@R#bX)ZS1_`n0S0n6)*v6&bG+zqnp(Frlb9<-|Km3#7B-g^#7tgalLexdLBk>nsm&dVG7^d35iDc@2wm)p}IUC;9WZ-bel2VC~XDBXYcn@Lob+}U3nV$5cW$Z;D zKWDPMnR>j%p7MZ^GRXY+p7pF*L3N zX%(j&s(jM0DXjweT5)-<;qtL~ox{1&HS%Ti^6k-7r^v$wtxE#Qj*wop%k4IW+P5Qt zjXor^DQ8t0;#GSegwpnJGzTf_q0K^~BpawS9-3-DqHQH8HkJEE1OJ7teKiBkd4cR> zS9n){E0xw{0L+FvPXMJ%prt^q9K1T_uZeR49ld(-z=6Fg_KrqUDd74KYs*Fjh|U9I zX;1+}48_A9M}1;h7uKO@j-~HV*JEuH6w;M&&`+K+VhYi&h2j-R zrols68$Is{rQ$jG3)(xcrj=l%sEaAffj`MZKgp_XfpM%TIn^4fwkWk?-Sei1LRz62 z2tvL$7~w@cEFF0u2gDX<(-FOdU3r_|NUR4b%dgmRptEAW1ML`n@D`cVZcngh@G?U0+VW_TdP>Ow8zO zPG?Z}l!gJognpipbb_~HZezN+{MGXHS@>9>H`ng#=xX6ZXL((UR?oAb@)sUeU+*Oe ze{$@sXZbOse`WLTe)U7$>d@Ner#_X3(j)d zGpBB_CIMH)63^!HS@si|gS&6;Tl&8)_@DRan(K$}_m5bSn2Ak#L7Q5As8r@9i-))VxlED>NV@;rK<;2d z-g?L*yrf4)hpT&xRs%Gjh+8*kq97q)CSw|)13Q0Rj9&10B1s)+lt`wG2UYaDUCK1d-TpjM@`I8X zAg!6ex?vGcMxUO9E%qG8XlYkZ+wq*2)4Ydc=iYBU-p!i>^M20O8%<-PU*J+NkL=&J zT{ZxN7lNVE~7fWr*f-l7iFi71_VgrK-ps8Xb(&lfb85u(}`o>CwgTZ5}hf=&k z{p(Sj>=^S5QRURNk{WL;kth$QlGu%h?xf=3J;-g^>Y1*EMfEDQRED!Z*yLv_CuBmi zw^%qGAlz@F>ah_`S>Z|O7%qM zN1$B$C1H4S59~Zb09SK;J>SfdFz$Q}zpQ;zMqjy1R@H=Dkb75ebP2_BAZY71$EjGvp)&1HeN7AA5sdB<*|I zZp^%5k8K=yYRBp|8-EnoVkaY*gtRo!yRh$s|Cb1VtL8AFg4B9ZJY&3Ntzc@KqF+n znVTFro$_ApuqJ;_C`@c5#-W$+@yPfM0mHjS%70AvMbpGs1_pKAGWfQ#u2_1oSKu@V zbp0lHl3W%M@xDVmzpbr(VUcLP6r(t&zNVu)bPoFr=OZ2JiRa@IY%S@6s&bZ;q4PIk z3f)99mSJL^U8Q+4RhT)QXl+0un@t>BrZ(mGdm=+8jR-M+)%XCijQuCh*fj4s2voMZ zQ<-h=nq5ul7(M6~ouEhpfhbcJ(#9*W48P^#v{Jrb&f3_xshX-I<2yg5KA5NyrrLII zU0o4~5VVNWGCPkYAEg2ut2A5v=9>@Svu0jpCc&0k0NUn(<=NRQj8hs7#=|i}Yw3(n zQa+)g>U5u)g`H+QNe^0dYh)-;sd)mj=_!GJ90(Rk2?-yS5QhSJkdohS%yY#j1_|Kah)iG^Qve-#V19kw<1qw!R0CEwF` z`M8$u;t=ZbkYR{Z430aK)$qxQ22)d;xEvRse>Hbr9@Gqe>p21j#9g#0lM_x?cz>MP zNW8tLzab#K5v2rwn=IdK%cU+GINV(I91i#S4Z-}o?^oRGTDU7u zrfu2b=%w#0RzB&)BBmrO4hKNrGBuXwPPQdl*% zqcVlII;D&;X_Td1yGCt$^^_gLsbdLY(@GS}v6^N!Uur@@Nb4DQcrZ+Fw{;lc!&RA7 zWZZ)%wV2=PC}HITGiz~iCcwuP2(5l6W%|AQ%II(_;f(3P36;n=k6_It#f#|9ThzftT~NbY@)56t~ZbMzLyK zO6sAn0oXb;-fspK#m<`!WJ}H*v7Zx^%_<%bhL|#bb$Fp-Q)+1LJuI6T&Kr}8?ivYg zBfU^avsqoxgS3_3qf%CluSt+{ZKXPjL4EQUqX!UB312#`Z6hYX74iP~Z}t!Wje8nt zP}5dp`OZCVES^FpIFVxA9n#gwY1rrW&jrW`0qc zc_-sFXCD~+&NrrOMb%6WQOe|*{HNahn7$S<@wZ3XrZsWT;?7Y*T!e%K?294^Di?eq^@3*uZ<)!Y?SMoi@ z0^0IxEyG=f{wn)V<@~2C;|qoTGO)@WnH)q^e=3F6Hln)Ox8q2IkFL-7 z<0F{AFKH-#kgCRxhb~*d*CV9?r%`Toac#h(Rt{yJf+ zTsb`0mTY}@54Y8hV;^@WvOZ23Kb{etfeLaeDL|<-ZPiGJSA_;s}>s#Fku&0Q! z%j`AYM(UgozsxMFr&=+sYuU(#L@(-BIV8d-;yVh-0oohSy%od5EB{`{XwZ^H)7-02 z{N}U%Gs`HL*~my8U;PXI1SueQmMY9-oP_~>jBC+LJ-Mtl_9XVKtILJyz6U3t>f%D* zqR}q$h7AF9uwh$|Jgraz2cx*axPY%yNZ}-dotLAswXPhuYH35rDsos>|A zZa(7HOPOa^>Qqm(yL_AZ)TkJb-KIXDrfsrb^A@9~xwgDSu7hc+KpaRtD_Cs#IC=-% zZ1!4k^Z4kRW_EjTt(BZfFl!hXRXElfATe_)^o<$WzJ8q&ZaFf9!!CRfk7VdD|GNs^ z(XL^b4%0w3P%P#!53`{X76ky@A*8Lt1z_x&`BRb(GGR5EuG(ga`cF^0IUZdk5^Be5$CjT_Y41Ba z*bPBTv3gDK)jQnBnmi|XFR>)+P(4|Vcvvf0OdXdpRIJ9FtF+T8OZN;6enhELw>7x? zC~3Oq^D&Vs=vLP6Pka6E+FDe%-R;jHQ>E`g3_`Y&PLm%F$y4lqAUQAJiEWH6Ss6w- z;NmNcf`F8u4~9;gXxgfker<3`DO`QP$Y|YUCztcg?>B_9p>K$XXz@*P97i$N(`2H! zn^wq_384N0g~bJ$Z(k)vn!nXe%Ug;%P=EAnR7M?jp~`^M-|l;{MC+gkYGaryTPo!) zx?*6%`FQOuEHCuvYpjM?O`)#YOm#(q&7 z!_tmJJPa0tM3R;3B;PFOl4n)!iE!?Qf8Zb-%i@E7S%S5;6Qj&A~)HFKGMV-o~9*BOcsZsw^^^xB^Bg zr!*9=%#4v9NSIiew#CJ})1@;oS}Q98vl$=>6O&ut{u(?Skl0^$4*}p5JG6k&_uz}6 zAsLuX0bW>Z|X~VYD){o#}!zw+pq4EeDv>MEj>F|Yo$-U8UC7Sn{ZuRU#icy~dHOoq94H-|w zP?K(lgIl?H=gY4T3IUFmJSf!XRqa|$mzgtJ^i?)A(ruT1Mxteo~xY@i4At)WX3P zizbT{`iEKqzc&1P#WfU^Hh)9NISR!@lYgqbDe!E|X?)unr$jvXtLeHj;zT9Fy#%7v zVOU-MFw9-dtS3p)M9Cu3H(XBIe#-r>rJ6%qG1@sU2%x%o&JPi9dd+8|R21j!CG+?T zvt+)NiaQcIUdB5N%m=3DADzta%rTBVQxE9D4%J|a+1zx%&Z~iUI~Y8UZ>+8iJMWOu zzNw&@$?FDYd zc0fN~J`iK*a*W$*reoI_L(bbnMMFql$_B8T{MV1*^L<{!CrXYR8TXv)o@=fPIj@Em zw`1v>N_lXg^Is_E@&)9D01tG>+(`N^MZ@e|!wkO&Q&#ado`MV;{d;0ztumK+ zMwW~~+KktsH64>%N^nzqrxfm$YTPX)U3qRG*2RpOUD$q+SvW@tmo{Ef`U^L6UIq`| z$kkDxm!#JR>X*`;%0msC&O!QV7ITfpFgGAGTgJVW3YxtJiUJ2`TiR*k4>=XbIi7@D z3!>Vzq>1h%m4zx;Rg;V(sIOAlHBaAT>4b6CZ(ubL-cDOHd>pET0zfgj+MrNaoY-ZF zpx$51$NLxQfe0CT^EnvMC382@>7pLfON8B_H70)m;WkP!B^WO)rs5`~p-TyYU!X*M z^ju${&{qvdfz4-*M?T`!rjI{q@Wf8%F1Ur<%pKx<7PjeBG%O+Opup0?{SaLQbCeot zI_o0|K)+*lC(N=pG`Tn*9SUl7eNO4naTMs09 zK&1rO$V?=(;UG%ORM3=6sNO>^1zPHMt~M~dzbhoNnsW%Nb|&in5i7dVmW*Y}Us&qo&&9d{OKNTmQ|n0uEu$i))VF%3N< zeWfxuf`{cEOPxSZ8(giYwMLUTB8VH$9b9NR(T%Fht)!6W5-ZLY8QZ&7~n7oEWOM)%hC&N*Me&#{Rv& zc<3iDUF!LPogAyHvb!gu6rId$ zvjl>%79v$28)CQS3t#f3^(Xo5NA`a4nKM!bS8fscfjF91o_nB#IyXoD*LyHJ4|4 z$3I07t;i2@zx~Zw*rIB@VB6Rn`3J;_&{ND}{`BT^@t$V0jH@i9b>Y0Z1fkMn$nGYB zi2tHj--+=+Va8GV$kdiYgRi;E6bMwNO$N{XA!&whR8J9-=GTYO1uP{Fu*HspM{ zSi<{}poHxyPnzk>G2Ye({B6W5pfMUUHkO!j52;ssAaikXE$g^VqU6(#1Vn&b^;z`- z%6b5fA?5h%$$lCIA69i_-4}{n-!j+k^mSb+FYN=fjvHXoD)4lP&vfXNnuz9?K2?ct z&gX*heMO&FMWPj-C*I{qY-_knh*5!`VFOB}vvq`fzp1=5PW+YgaEjGy`9PCMoHaPL zSFJo)S5kFA2&_+c+I~{;FxJWF8!+a)eKP`eMKrIlDggNZEZ18K*ub+;SyaUu8CL#r zPhC66q((S|kYJqftKtUPF#K3xt*PQVLGqE}_ANY3OgVH1HE+1Y07T2^o7!zm82u{jDOM_L%^Mx7DhU(U$KmX;v59#m zCdRotKr=`QXS9h+ItqNb;Ux zVmRXH4rZ~k=Wj`Xbto)oGl{9o!u-7 zOOB=Bd5bbq*uk9Q*$A;^X*XEDVRfjzx1LX0%aiKC19_ShH?!dp`DDLmah2io{5-TY znzj8jPVVV%&M*_Y=S?^cO&v!!7lyFp*-0oVhsd4IwYA&A!vT*LleRX%&1QA0Jxi-M znr=tR$ErB|s9E}Xw&V$cC3E{;^u~n)dyu(TCFw?78nmm{#|w-WR?A zU(Hph_<8a>_MWLn7d|m%xcVxj|IWVk!`H@D(feTVi@|M8y8-GyEbBl0i;r{#14va6 z2NIhoC-bjLiMP~~R`xr4Z3Y&Sxy(0a5Nd~TmvtoeM3R@Xr?*C)GaMat=jEIH%>?0jmIbL^HQ!QK#&nfYjSJ)3pOWpze*;Ox7(-Y)@uK&IWm2 zz6ML1q|W!wPAZ~nQd7_-FYV$e?B(V-fRS}f^^1K$8NCFME?CX);F*E5c4R$$#aNJA zI6rk7CoR5-q|ItVzMh3SN%?FR0xHgb%LDVj3H>X2`z&4daZ{AB4CL1ItHd5dvZ%-~ z_g-Qn(mbNi4pL?&`ShH^0Z3~ED2?ms3wQN!OX}7_brckrA}1|OA1Cfhb7Aq`Z!e~# z;+YbMaAV=EU?;f4KiX9KOwlzi+HgX#F^1}N#Dnh{A`m%B9YYtubjJT=?+DCj&L}NB!VcLT! zZeANKw}ML<(YjRNRFv1!8av~Hzorsa8P!HXonN#KPe>_G{#d~su7E*yRxsCJzO4@% zp3+0g-K)uPwFwRcj|mG6k#fryM?r%fY9Si?4CPtCY_t^dJ0!XwIaIC0Fn4bjq2_+= zJ~>gf5V%%5_>YB1n9fo_(zlh_)2$v-e%K0ae8(`fdv}lFeZ7Qjm~l=@E&C8U zUxOiF)c@5FHpG-5ZUo58ox>G{&aT|u#2DisPd>*}GifHZspJ-$yc<0umE_k^ho;zJygroIW<)$cMO}uXxO93DJ9gP)N8dP%ZonLF17=b1M zfOD>?Dv-KxEnH#4q@2QXV6p~?#sP+kw*WjNy1HZK<8ZF=2#M~f4T2CDz^u*ADMl&O$7j13RMjl3b z-`$13)vIG25uje?xaB~~F=_L;0!H7^w55-n3PBPJd|bs8_R^CYXU4IpL%?~P-8sDdHhH8G><{IAT-D z1y?!?jO0A!6qvZ6e|)P?dz9CGfQEZ#sXup85^^5+!HQi$<4&37TNNCpI=`WZ(=TP_ zE#S?8;c8rM2l}q?LkWHJ9FmW|{((tP#e1_-8!*v^2_XV8ah1&u7*E5))w!KQ^-og= z5)bVtVm}Tw=n5riGXvla6|j>eyTwIj&K{c8JA#mVH($wnz}x=In6E9FIHF;~!QH*&8$_O?=WD|bj2H5ttM_)N z6u+N{8J{FN%ynA)ec+F)ioZki1YbQqCZ}Wa$%7oI>}JZeRqSySpB*(X2fG}eKralc z_8mLVK$+Ykr-x}kGBq5f<_euF=@$lyp@+@JfA>*7Wa4aicm8~mU2+-tpD&pycPyfy z`5S`t$ZFx7NIcYF(USLQ$)_7*YhzC&dD}Cs>MFLdPw|5n9Y=H9sNGfv&@qxuj4XPw zPM-1`Us5T;GQHORw&dZ*;(zy1{tdO_iVM_=()ORr5PDOFEuakB^n08qxs!h?1a@=V zXS=QO>q1PbESm30RsJl6=b8LUW@ype1VHFUEm&FDHn13NxbO6{vQv9Suj`r^sB1&T z(9CwS*5$RIa_3F*zLq=hpX5I9Q|@+5*K%+Av)nU&%6(Srx;44Y?f)Tnp`UVZs=k){ z9w7H$B?KG;ze~y8{HK(Dm2mHOG12Z1{1Vfz5-#1y=|3g>KT3u`D;4}Nn)ZhX0Zn`H zUp4Iy3HpQg~Qv47r9fhIFFWp1MUS|$F$?fztaeklYWpb*AC4B_wA=a)V>FkOHuDEse*^;gk&uWfwujjsP~(d+;dFXers>VI3bS)kvDy3zFip=eEjH731Lbily> zDq1Hj^IBd1uCRr!`;)(WGxi%B?*8{$Ry4QB`Cz@m0-hvWuqw<3T?0!Qb-Un@y`#kF zvzXDNG0Q4B8J_rB7WZyJYsP-OV2|Mzh!~^Gq*&tG?bEcsg-} z4*p=)2Sn;_apD=}goJY#p;R+QQhOgl&pJ-Ky(p&a*XVV33awqdM@|*RyE8FKq9e&O zaufKqZ9qbsi%uYFQ1`iWCvPAa-nVHdl##eapmZWT)M-Q+iA|)r`S|k!nikFNQSneY zRzhf;N|+CBwMHlvk>pW?O|F0cb&p7frRCvu;Xor)cHoG>aVVhA%v? z`Tdpg%}@91dDu$ihJ}C0dlya1wONImS)ZIE29x$ z+U#caxn|7~usV*MVI%xJsPq^7{@0HIo)mm$HYV+xd^PWnZvj(n06XO|qS1FCmU<3= z0zCZr{S{&T3nTCck>z#p^?}=um$vIAXKf&@?=5oIi4ZBAzZHfEQ`tHVC-S)-;U9i*yC1u^`_FYoQ z!Pud{Qq9ihKrswcGuC97rzjrjMA!@f_`fqe(%8JtFece8uN=iwu*Bc z{pM(X!UlWy&(NuoxNSZaUcFaT_StxMi`zMgYxfEcjODsHH(#bfSfAZYtyd!Z{w}hQ z_=wkW#5ZF8vCXn++T#0H{Krn5ZL}BIOAx`L*#ra< zF5OFFeW+XI*0K`b0nkzdX97EgW+#E)f8`GVs_h~75`x_gJuq*SoQA6xCN);cA-4# ztDK1N&&IVQydlYOu%#dw^#}>A!IN3=$)~0U@`-?ch~`9AOR}AISqgfp3YrIHykwE>sHyVdCxZ(&Glb?0`{e!`>jMh zYA^=GHBc5{8yIoc1&HbBS}t3FBuB=93lx_5t%NIT0dmTCb1%t#pb|J1fFUmR1JknR zz~2F66S%MN^^w;yKDs^-knsqxOWVV5CFA#9532j#-Mf>HtBA zM3oy5#+8R0E`2?eV}2yo{>SedT^!f7l2I5JhhM8-eZ;o$9r z3#}{KlrJAY7k{;vq9$9UseJ*IqdrYL4Lu0+FVO1ndnEeIPNB z2 z;0Y#q@}n0EcfIL(!WA`ve(6_7biK;C1q{;_)9ExFYk zAp&g<=*gbpyZ`Z<;^#JI;U_@bL^Kco)gcY={_Z&VqbK^^mEc?T55jS8 z)S}GF2@C7jECel}1@@-X2yNtdEy-L;;5)xPhEC>=N@#a%bn6kQsU06PSw|)u0x>AI zKyvw2yWkIchK8o+N!@B5n<=G4b4y@tNbc+6T9w8jtY$6fr=CJHmm@tc-4er+s)P5amzOmg-f+Z2q+kO_@99oQk zIew9ZOaciF=u-xrV3@*j(21PA0b=7BGR@#}ciwM>-L@(tVAE>$;84+pP)mkpE`1lv z%+r#ByoC6E5IeCR2D4y>4YOg*EYM%BPuA34oBp3YC;=1lU?s5l)28cARZjD|%ed|y z46l2P>#q3EXZ<(?=#YP1=kK2M7U+0v2LU8H&-jHY9z##wlX_WBe=K;j>)&SwFdxXAKDSx{VTAfDD zxbeO-vnstZUxq1|Dr-80rGm5Pr;q5@Q1Q1JouJzkI!Mfsuu_#f&=L>IZT-X%ZNaDW z#~pE^#Enm53cph`g}pbnAM#8n z*$dCOVBgAA_1fjz-oS2Y&9Tn2`3r&;CRek~x^qOQwzHa-M_Xc3dO45-MPAij_2LYj6jR=H!^Xni?l3CodE_!^tUV zX66d-ZH%TPyHoLeODwZY!0WDK=J2Em#kvc1dBPKIIWY4FzOkaXw@#Cwq(RB=oXU#@ ztIz%dJt**c^H&gKo#V5ZwK@Tjw^P(EAw!3qpZJXyD5p7WIdm_BBrZ7X2FvGmH`H8xumPMWXV#W-ecn3Uxc{_>u~W+54+Mch=nA?16;n3$O{al3-|q~<>-_KLs{RO zQCKK`jQV5~8P{vZvt&4;p({}h<4u^h5(mAG?prjJ;>H^TdkyhiBvWkZR~p86?E8ghx1xqz|iY#x4Ca-8{}egAjsrT8D#r()~>U-zw+DYh2z=<_H=VxTD$H&TK^6EI-@fz+b#tD z+#^Bu7J8#Iq+l)IG5-(RM<&~_^`QBx9$@u429m;}1Um_Ewx6lJls>UvX(su6-GAyi zjZ=oT_0LF6p$w=7IGTe%7oxHi5QElW=FO<@yjWv_fm=B$OQk#+aFiY(z@cF70vSj2 zGC*wW-qZDM^1En4?|gJBp+F`-5zURqbv!X`(I+VY3EIVClFRqSTs>6@x&9A})y18- zmP(fe#xx*OK8I2XZ2=;XId^ngTbgydlb+KDODHsxX;y!%2##kphtdsuR8mq=z{w|M z%Rp(n$&Nj#LM6X#qP%Up2VkMGE$w?Z^Tk}=)sx)wgdM%`Cyp6ChP8{U5Vgxec$Vbj z9}|j2H0}G_XpO!D_maJ#fl0s4FIAVtQ2d8J#y`Kk{lyT$br#g{1E>QIZ z$2ewY`k=WKIhZR&0(mIUUK0BUWGvsqNbY^fc^BDKF=|IkH3{^)kTjUbQeH((uI!@^ z_y|YN=UuU?4%BaQ@kZqGkEfhgzOlu+dcDQ&Yp%b;V!AAu{FMIAEVdGwT#zf)5cRaW z*4C-nAbI$@ir+=<+-02NkuSMe8o>(LZwT9QK4pl;>)gH<1qPSVibq-GPs{GE0D0-Q zJ$%X$PnIr1V%RjBzbAOP_4=&fCMIcput7Yz3glz$0WzvjQU8XZiFio=$y;gns+;cY zBff~gCT0(i0AlhGc)3PAB>L#B!g|$Ncs58LCE68=gdF}Gg1gj2#M>(+87ghl2>0i)0q?V>I`yhQYY)q^z0ZL#FVilnRbD7IuEM&1V)xB*dEj7E%zj}vn z1o2(&tRz}sfVj_e*jS+x9hURhK6&h?Y>+;GLT?GB=m7xfd|4NED#RuNFd=E43d{Ev z47E+w)rUPf9}&|FQfI_@kk655BL`t4I}8jAy3U=8Mq1?h@F~xT{G*rv>aZ4BWvvh( zS2@xd!o*))yR*sGM_O>vVR%{f6)a8#n>s zduH36x|UHyLrX;3mzU$cURUJnx1@mM$qr6@$0xOYnV6qY5BM}r*)_LbB1i*=BhC6e zAey=N3^}mqHgxy94)gaDpDfht!(R?8BIy`fA^^`2FMPFS`T@w=eTYZ}9FGY+o|QH8 o6MXzE?Eh=&`|sv#zyI)Gg9=bRBhYocxud?JXWRhONB#es0Coip9smFU diff --git a/roles/common/files/men-at-work.png b/roles/common/files/men-at-work.png new file mode 100644 index 0000000000000000000000000000000000000000..4885360cba5e86239aa341604da447250f12cadf GIT binary patch literal 174303 zcmZs@1yq#X8$Ak$lFBfogyfJzhk$f9(p^J{bazOXbPGsHcZW1XgMdhblypn?9l-B* z@BiM*Vixnx42yHlQ+w~{c?o?lFYywU02K}n?xmEZs1h99vj8|a1X1J{uvg^Aw%@^i zz&j{O2*Z{AAliamaG7XGnaat*(ZQZ0!@&oCghPDz2<$-sd%%7*6XCyCo&{t+`|mk| z=);>i32cXOaDs4BqCzUJ@VhN2X~rgA=hx+4TP^wd-#_flq(nGP<2`=?0OTn8(o_{R zkkWn0grFnPQDNq=xJUFbh#p)QHD`D%rs~8MWBMx!BBC>X8XzBJ?%Hjc(sOES%P;zp zh#bP!rJ`_8;&ugglAk#C9I@NJ*=`dXO2x88kZ(uf@_j9vsa7nu|NWp9y0m1#6C*h^ zxMnY-RQRhyS68A!BI^Eq{q;fHVx8p-1PcqRX9qVzoFQFa+r#5K zgLd6eB;T3FT!o>?ULQpi7_8G^n>_XA#mETv-E#Un7ydfeqZOh#F?R-F=r2=d9+IYi zD}WE@dPcp3nDz;F%@*@1fOIwT=lFN$y=}31hD3nqlGSvR)6Rg6_i?Js{rUafV#>RN zX10D7OucHQLgNYZ34py2vKn0ivs0+>ZzjjRkls~bxJhE11c}$lx=YKBF2+~)?LvXI ziwygDQ|M|P>UMxKxiM#=iZxH_HY9?-0R@T0=&atsEk@BYPBLB9#)ADj75BTy^ z!wwnp705}5sJ`-r6k?GKzP%;D2f6pq{TN>pBemSlGU9eZmP&a&tx`CPx${Wj6*{`* z-9@j!UEj=yj9XHs#SuG&rR=7Jkwp5BGh$@e&D`)0OKJa1y5wgou0uug?ZH$A&RBw( z919{?@0@oxh2n?BGE1+QkOW*07w>NuNj}4A!)JMyxLIkO#`5TOmec;NVT{QyqZ*?o zo5l_@+&H+Pm{Lsdvg4@? z8yo3ji2U57>*=KX?m`Ex(Ysid4pZ%Jr{|hmJRFPQ(JYH~A#_Q(WSm6(MjF_};^3 zE{nJOEF*M6L_}Mdkl<&o}&t07XSuXukQPj6%o*e!cFS;|u{WmvPVDihVsR+~GozWB}pTmN#0qCMEKeH>NSt)s`P= z+JlDe<{8g!jl08e^nF%Bsmq{R7r+QzhiIDSvssG;Eo9Pv$3Cis$Qx8qTNWJE^I!$$ zVieM}lNRimnvcpw)zxfWSARYEeMTEMzIqIm*8g^AW^o_HwB{Q)?(|)r)@TtGUBXqM zDv|vdI!d`}7E)KC(vQLspsfKU>LWZ9s4K2@uT!+5U=-Ok#7B{!`@zgEA5I7Va!zY< zAmTQ{C0q(=i_4hB9mX;Qd zZKO%-#Q#?^O4qPm!ipG;TXRwr)3( zzZagT^G9xFMB&G8RkU+`HFnzw*S}e5>#{nD%JBT#f9k1)#3yu4V(hy*{Qr(LO?fyw z?A(0N3n{2QstKs9>8OVghu)RMi++V^M9H+ZkV~Lc8(WdaC>=_GfQhEVfGbq-G1YrL z<-=r%$e&UR4)7--M953@onbGHqwSUGDj*#LOG`p{?yLv~uZG9Q+@hikD0Z3e^lsS6 z%M>iMo88l{L0;(|q_nqjyynm2`)S@Uxg}7P3mBNh+(xl=e3=$)8I+4ABIxGum<#^z zAThuNMw4deZ#qa3ISfrtPir%^UaZ*ot!y;tMUIC%njE8dDoE*4Hn{RR#tsJLLJgFW zTX%Ce5XpKy?h^aroZfdHjBn&4|FU zVCUy=g>Uwf$Nz>ErTn{Rh<9jN^${io^nI)$OkgWza@kHm7Dp{{t)$hkP_c!;-59Y@ zJC6P3ml9uddyE9op$i8wn=ba~lagRdJSr*+o92sHQq)yXQ*zw$K)ZhF z=?XRTW?;a}bJ&N_hCX~=dxqR|K#pqDE`6cJZ^6)##E4d?jSBzg|6}!MX`i49B8aus zI)XkZw|ot*-V|~D^ZwIwzSD83W;C>zB|i2eX{N;JJIG9$&v7`8!wtSkW8I2j(desXEk?L?>R&=W2r>KZQ{{dtQIG3;j{xLz>_$HujS_Zk zxs$VTACHhd_eLDIhAL@Jve#j1VTUD+hD|N7jBBib74=7|?swUk!4OQ9xLO5^Z8?@H zY?o{E{@^KQipf^HRrOA;oQBVN0N<)tv+Ne8fY9biNgm~%FI+(eo(2X6OBt2Itx1(6 z-4z>SYr;F-I~b!Li}`E+XYn%SfQLpxGY4c&0OR#)ki!A`@*C>Rd9l!-1!N%{pylLd zak$WS8+Ax8nv@Q}|06UJaq4tRN4c0C*h-`KzVtoaq;$gH_z4?*l#cc5$pH;)%)klr z#xrQSx2lCiJ6$Am$}pn3QiSq;*^t!p9e+~GkOkKAJ>%OAnIy(r1QB)KWy2HsChC-w ziF>A_{-;F!pG|$AMZ*b8K;GjrcfTwXMgMv{48wa&Dce!D8S~Jp5J9Ee)_ff%O#iSE z8S)xqU9`zg(Qjwv`WN}LuBH2}+$@}W=%<^oPF0t&C@s=k5 z^xx_pENaRHA4=FXFS=pynm1tW(q+MEsyAiQWs|O-S)4V|;I(DXQf0YmiYP;|@L>tP zn+!Q-@$J(6RgzY#G;Ihgyl2Ev2GE2K%mmNH!oq^X)=>U@*|w>& zMw7&!Rja@5iW}Kzp>R-l3j{T$1g@M~3JjcK{64Fz_X>I2j#O9oxy)4pVK(WsLwXl=Jd~Jwa_tyG%^JTT{mUF;QBd~)8vdEa*q`yX|pBkQARe@M(qUtW` zj==Sq4}elKy`7*IF@ZUc3^||L<6{r@fEH|hS%`(?cxy#PWH`YR$z=n|@#gs?E=1&< zKyVr`a6Hi3$Xiv^Ht?3>q_+b5PT>A8)4e^z8jYSbc`D93m;Lzb0&r2<{(t$Uy_I4~ zpZz+rw5|FPOHN`%7d!xo?BZgJkUz8*wm5tyW@eknD~D=7LGDW6E*DJUe%FQRSM#i) z4LCIsZiiV1^VWm%yg$S6Cu7F~*8avNhUA04l2$~o(&xq=-6ejsVEY~Cj$_vUzRi14 z&rec?+rZYclzClaNSXl8s7eDG$+yjQy`|t|KIS@4b<8bt5!h&m!wxlfFaUOmL6@-X8JBscGWGI(Mt%zlu{ah3v{%-4gV3vG1u~=3zxUS?o-f zZlk=tOFm-1|+IV4v5@Z&bWLR0|SVM9s%XpnhAg;1zN^ITC_B$t-F7TXqrBHy7e z;8ap_)+@bUPU^PC57&C$5rXn_C8Xa{B3LTZ(2xysl80fEQKIbi+q@A0QUP(JG>fzY z0Y5@N&d|ja+-^#^On>390F*Z#UIL5cSPHm{I)Zd7*^l2CIIP8jWL^b!yF>SQ&uXhj z+VYRA*S&i(5BjlT0JX0V1>Q>7s{Wzt4`pd9%i`RUX^pr2|5(3DWE zbKPUF*d$;i+!*WgFql|IgNVYA`%R@ekBMrJZ&fXfy^X7tX@qt#69km4gU}$#7eHm& z7m9UkHG1o8jO9FJO%6{7qGAQ`YsK*_hKXNiIUria(8`gIg9}ciwp6Gy= zFq~ly36W7(SJyG7$6y6^tMTpCDfKdL(`PG`jDXl+@iBjv61Q#w`YUm1ad5hNqfm9! z{V?_3@PRuuZhf}ciV7%RhN>*93Y9!DPeFxVA5ikj8A;IJm8$^*k%JYwc7Dy6i=n+=yd$!6$l%)ppU%RQG`XaPR_4U30x; zABk0pT)VFLhqKe;u}9C)3KJAT7q37!-55$?`-H6HayPxXhk9FG0uev#Tkd^YtWFN6-s!j$E%K`0 z{__W7tJuG}PaJTU1HqbX-h$>f;)x$;k|F1;uCBI(q>`VK>v9Hlv3{2z5NOrN)b{3lq6-{R}nj7DdAsI~ljT zAI^s|1nz?mo8n|k=iIE)R`amG$shigq74*~8v<<=HZL2WsKB8k!Wc|1`9?)e{SNcp zt-6k#7zvUiMG$L92R?*~GByTZ2|YcwUGjCTb^KvR^1_)vNznNq&fi2eDn-%Ql^3e9 z+2UvNCK z_Cg)AaVOSWdNe55)C!<)$zDydU+|O|X2h}fnhJ%vOzeLEdP<^QZ zstIYnh+~_Q$=8& zVNNr7M3Z99G0=>awiwj#_4xL{$A@vp3yN14Vx*M z)OJg1(&7mi6D1@eBvjsOzNDa_KuWjkc`Z?)|9o?!f@zqiDetb9;z*fRm4R$fv(j>^ zb;HYfl(tvP*!ZXTc)KjzhsjRCT-o zWINFsKoj3CMx&507tQ?Z=%t~gRCmD&!$$MpgmRsMMhnAAI2p*saxlq$Wq@z?z1>ri zY7uI;Al!QycK7D-m^EbuA<Bi)F9O2kZ#m0dmeeY4M|yCz6qN~gGmmSSNIrp(qnOa$9B3?{C_vTG!C z`H50DIHl{d@C#)a%WLZ&YFxSmBJ1;voKp(?{znW21bUwlHAfNY+<1uJC zQVve+9;}>V>*AKv`sO=y)oJe~=S0@gS?65#r;(B8&kJ_Jvz?4Mh+WA=Zj`v} z6X9gJ7GVd9F01gp^kXz)sZe<%A$w-?ICx3gJ$MU)Wr6`toe93*Knlr z&b=$9<1aPZ7s&RB7TfZ`5OfTm1H`hc$upzAcNL{W@=8r9C7Qc-nUgM@hBy8bH3C-S zoU^XunAkCwYwM)u0LBE?5Tg5C@6#ci1$@#*J`ebs@hCkcuOSjZm~y9upo3bFKau!E zMDrnun!Ogs08XhhiAu|dL+95-Rt>lDG@h;^Cgx<}Az-zV#hBba>o8Qe04H0UR>#HU-dGN=o zPmIIW8*yIv;>PuI>?yO1l8yrWG0k5&lV0JHUcLIh z{%buBzxnUN0V?_XnYSW;@k>710s9MRy9xr9W%muqNB&a36K&lzCT} zHGTb~ZF~ZAXt!!v{jvUOkvhZIG4Wg>tP_XjS@L_4Yl_P3AhZ>+4XMGW^`2uD0T+u*DD0RBC z&^!K8YpWOPVJ$FcMFce25;%OJ^`CQnWrD{G7)eSdIe3Ucm~&C`Z;oYUWwAqSU+u^o zH0_j$&~UH>yx$UU_y%C%p$bW%Vzf#c0KIeF<9TqaimV7{R zA5Rl8g24@mS+{a;Cz=*T(DnAoWfx^<o}fN&SSa*Vhh`~()?!G{XrQx?3NmS9Z*g*0J#cz7t7E}|k1cp`=m$U-U2 zDbM~~6~qF~QRc-C8dhJu+YO-rzvU!A%n8VL=Zai)iY$R>{rGdH6U&K!hhjiwP7Bx*AK-B$DAbtktSl_GObF z?0w46@Ij&S-;`cf#x=%ZroQ7cJMdV%E>P)c4M6u+oR$Jh0Q{w(Mygy&DVBLjErWNk zHpxX_Yinyld~R|$zU-poxZFO^mCoqxKY{fNhKeD6LL9(BAAv0US4*@k6a1O0-e4~-w>ZG!&-9_S#m;68Yrm1HM>voJKX&g> z4!lexqpSrm-J6lM&0?5va(bq`pcNKw{qlSa72^30cUEG*<@~ozx$gHf(^u}vt?7C} z->H*7zCRB9XX>}`x3io7V`~R8f)EUU1KvTDmW_0muR5aFHN&wjuZ}{VH@ShGR+AI`UpSZuZ zwUxsQowb^)BmQnW{AJu0M>lq414-x`$?L9jRO`=K0f^;_%FzKVGw~4-5!$61RS^Dr zZ7F3_2CZLTMZeA)t?8wHd+!C$8Ai=(%wa-dhcI$o8EvKuVDo98tJJJ@%si%&`wTFOq7bU zTH0`3ZRTKzd;>!fru*%s(Fbl7PZ2@Rl(yJd=Mncu0{#=lp95vAW2?gY5jaylTA8KR zUT(8Z(rL(sYbYKo^Qx4zA{28?3URO`n5j_UVr7hK`RzHEiQMn#-(Ph%#GX|y^w<~8 zOK?r!|JN3AeFf_lWju>++kGnBzJjoDe-lb}HyfhAb3HrN${E0{6Hu{Zm;pheXkZR{ zhDod3r&Jg~?C|G>NB`Cb4MWQkYm^)~FFmoX4{keV77`~3e$z6B#Fkoc;lGS{PYQB& z)2e?|5lEQ;?LbL|(Q@J}L8jgI-Q+~*$6N@^;TpScgWA7Y@$hs*JDn@22oSszvCg(0 z6GmG5fk@`v`09bfH&?ZG|gwj6v>PDmCYDX#~Rj{``N_rYz1IPXPzs#@<{G|G!e*YB0g*{d#Lno*Ww8R!);E#mMufX(A|fKmSf$og z6Jx)hC{8;H?=$#%0RJ=m#l5F<6sjpC)gy9&K8Lko2VHij?Y6H@ccR2Tmk6c}2~Fh! zDC2)oP~@%5Q(BW_f1Bc@UZ)agh>@MSC|e-2eh*R1mROO1jLxxP(bR!Ta$@Vcy}Zs` zy?@11Q9U2@tOSUXTj$t!ly+7PfulE3itFoLWHUb5I!=## zp4ERWp+n{{PL?*2v`GC}yIf5Xkn8&L-=3q~GVft8iWQ_y`4_QVy- zt&SxEI+g;bP$6zk@9j7e402|P-Au3n@Kf45Rnz4Zff;>F-vJuC#KPo-!zq$#%A44R zx%I*4GGY*1Ij9IP)f8D6S5#LmQjd&0_gXv!U}0x&c6QxxSd}-+XXJYC&(lGTNVm7q ze8q`s+kCiAPDiACk>VCmlC25$f2NT<$$zor-+TWzsf`!8V@!dsSw(dM!^|E-HIAO5 z(kf9tx3s)|im~nHZ#27D`5Pq#JO4WTewT`huRfQlyN9jaY9a9qU9AY3 zQuMhz$Ks{EG+^Zu`O!0xwp6H;C%2qeNA~KL<}!*#CJ~L`GKwsslgJ;hn<9Tx5pU%>MJP13!N<0 zP7*h8q+nma-CMk~A_;a`3Zs!x5oOHWZpMWmbZL|6oaEa7JnEh6&;LpQ?5FwqUif{Y z5OMLe&>3$R_4WQ1qOodecXr}p(>QKMO$Vd*Sc+PnrxBQ-zKXTsX9I2)1u6xym2N8k z4{fJ?7?I=R;c0>a5*UxOA|i-=78rN)KkD}p@kZN?0A2r|Bt**kZRe+Uou#7Mm_Mci z^+Ru)RL_bJSELbS3J3$@ci^Z%m{QvRs%J0p;&$mT__Q(TwGP3$$7Q{*AjIe_0U9q< zwfK;wCUV}ter_`&DTu(6KCEGFIUjq=hwGCjTRQlHR=_uqIi?1+^2>N>X^8ML0~taF zH1|9U>5c2s_jsgB#%2a^w$!8c?NI$uKrTahY@>M(>;vWioZdxb^y%KZ3W=e?XzmLPnEUYC@{b`DdkSn>?z`{x#K0js8_r& z1qAZNXGN>l``Fu8J+mVL!to8}U&=f&1!ftPi?@HlErsq#w2BjcEEhx5TPQgfToX%)-V5?>Q{@`Ne~ zjhcX}248d3y_+dQD8Z3`!|F;AVO7{VRqybu@>z<4&p;JUNq`A!U3OhU4Rv8XnV~|V z(z>}ulMci1G693YLGy9s5SuUQ+z9&y4Gp|sg*A8t8IHH@;#$2ow z<^56UdXoqGgBJ%dqn)y1={Io?3JUtE@e;JVAYwMc7?tr@G`I|qFYr3y9caDCA7u!E zv`>hgu)wa?h;6bv?e&&6}+o%5d= zLaRTOa`=_3YN8lTMv(Rsr27~r4iU^N1k%B8s~@BCEy>@0+;iBN)?K{MN_V{axZHBw zM0ZjHDv>S>%eEiPM4Jhh8gsUjJLot)mj?$32;%dfq%Pi=UeDHA$mpoM5Whrx5_w?L zCbnqHyRCQp9uMXh99LzZg^j*Q?aq(~^kKpzvu+mTpf%|2a16dEqBsaK6#_6cl!B5{ z(Rxgze3(=GU|lnxNSwH}T|tm7iYv-G;=1_k1+9vnd@gTa&lm87%nI(;E1Ln7dSb<*f{!hT9wUiPc&;#z*C`V z2U9OCPFCN%ID9~4%->N+@lU#7049MwFW55v7&fpqtv5L*X)65MF&x5y9=N&INy9?3 zli4IKcQc{tWBp9z*lKE3TNrFurBjU}DjOu5(}#E9(QW_?*Dq4a`Auq_sguR&wilcH zLEUh^D9%lWfvBR*ZR)z@#Ww3vnjO@DVdg>$$?JF)0@@Y2U|4H<)Bl|NvqcGz9C)Qy z@&@?{;8dqSq{?gJrDK?^Z!ifoLw@0f;W&CtBV#*sd%oy1KPExa0^d=Opxz}P+b=mI z=cP{iN`zRbG4f22{Z15Dbn za|Ff05Jvm~lRS}R{;Dbwr&GBoazvup1E>1YWf+k~3 z3lt(W;Tw;`9EmSmJ?k_khBquUL?2!P4xm$GaxwTfhrk?;(m}0cwi;+Cy2!snC0S0?s_XCC*?x@ zSr8%ZQ2+;U2x?2gkYh}q3(;+sY~SrIqaT|0E2i(1Of}Rs3ZucH-cL5^(WSCO`<=4P zK_x?;G~i8q9`9jY33;wTN5xFJBlNX+NFoq_*pc0$b~!EGv;We0x@aPCMX4~^i;t+L z?3n#SNel24B~jOs$+P#}@5;!%T*t;2`7;|PG;qt0Je64+B|zW%!_FVC-;aksBMpa{ z>2q&F7Mp8^gYX9#9MEeB&r48jkg@%WoHiThPL!?y6BOU^yrxA1HUjud;r>{_YEMyO z`VX?$CZ@uchTmabld3caGN@*|GoahsQUT9jP9`5wz0b{mR5dW@3#-G=WRQHkqbOdL ztw7{WqX3Uy!EBxA4DOGudWQPDB!+2M;Q~1`%!G{g<`AbCi`OMh&8du%zGaAP7|~pt z*TxCABRY)d8dPyJKU!H!=AEzs|J*-9(86bKxUP8l_z~1J!@+dL_f+4|y*_!5YJNy} zLWkILgc`4t@3Kl$VtKQOa%_bQOBq9QSs6d8dR!OZLtpXV;nRPncxfm1+0bH@Pb3LW zIjJVL(%k2qbf5BYbGVXy%3|WG!Q}iG(F8}7sl}VcqCqVl!(*(yI-_gO)bs3@XOVIG z<_R>3KTwZS2e<}w{;U-DoQ|I;(TVs<>NMM}_N-YlebC*{sX|_L+V0+7UV5^@&O>Ko zQrAAC0;VHWr^8{~0g*n&_MI5v=-jqH!yxh*6+%iEAMWUe5dmNbFdP%=zbtHi#2zFX zn;{$kR+YQkx!9G|lX0U8=mA+18(R8nHg9lOHKY%| z-=57KaBmmn+{JmFkJgV-yA78He0pllB+DV5ynosVtig}s8-yeITE8h?G-xd=Kh1tX z>uiMLND@g{h+&il_&xD+Pl*lI4jK2C=IerIE*t0BP}tV#e*QyXX*&g{d`U6W?a3delqugsf`X< zIMjZ)*o}d3id496jPm*&VE6b3*DAUu3Q`3*-CzksD&bR)4~=#E-$$*+pbn7yanYxG zt?7dI5hGoPeR^|Y0&kg*;kl!|sC5U$Qa~sB;|{?17|^MVB5u5w^T9}p{?LjgezRuk zer8SWO?oDmA#X@T-cs~MW~&gF-ekv8QDeF3p+{@EtS(MZu1U3pwk}J|k>eNJcSYu+ z33_?IDTz2XQbq?T&qEckt<TnY1Rx1NwgD}|BnH33z7Zc`xAh`rL?fORtCr!r90c*>skWcYh9vs- zNz+2b9cSsGx-p4jK?oJ9rA2#f z(Vz<9%gLy`qj|TrqOQF+W~H_@6wpwMx)Oze>{KuFTXRENQcR^zNK;C4F(bV(kkbo& zHmg#KQY0$Ni5rmk5wB=ahL2H0v^ZPks`tZTxvod^cI3Wm>Pv z)+<^0I0~9ckl2pAqga+u($Ug<05Qj6l;EOsRyh|BA(^QBuW&g7Y=yYql~s@YgpGh} z$}hph<+$y!w#xyUnP89Qzis!s8|pofP+v&x&oa@}kY~R#;-kMAkRxYPc3%z{m)*=R zdQAec`4)8twF&MA-aACkvrFq_f1^_TQEV82dgNwoRH!m&*z&r%ULaA`oLu^wnng&K zeZNvcGmQ}w*^A-@UA3OhMA;7vvBMfH@u`9@S@ef<28hmjlQTv>^!W9JYxx369I|Os zX>dxS2Q{m(Ycaep$Hkq5WE?6jRM&h#mMV&VzdozL(W)~>GRtrEezNggC3K(_$+FDh zb4*`R6DDvta@Cc7(l-fck?f zXvUiE~38HV2-*Ea+2LtxX1>9RsbMC0Ha4c3Y0@l0h zy(y)6$}O)};~*LaGi{*6?%gCAzfadnI{vL6aY(kCcs zHAW&SVi&?n&!iDCFD_<9Hg4e=ghkdKPSH^*u!O@{5FENBBIvol9rcA_x4LijU8!Jb zQ%tB`cn+}?@%YtylfCf(SfZZbz;zG8Fy0MDT#ol=_u1Un36%Y#1 z)$%RB@jCnB1_Cx}N$y}p z9O|zGifNShQ)^U_zve)mIvuG#{(b){)$;_!VrL&+n0b7{kWNDYOGi9GRb`TmK}K>~ zgVSV81;I`OMOxx|?F}8hp%giDTorP85;odvA~UfZr_>%AG8)W+MjC$_DWlFha3Dn^ z%J-$NgGwW#bhR#)cww?383_KCf@dx`Y<6j$YopH2`XFE6cIz^2uJ^7^;*A?+hsRrQ z^3kk+Szt+!a>?&du(^nz`hjD?A)YX|nG7aUW@jN4j{(g`iM_jV)WJ3u7CWmPP=isi zWncZW*sF{)%2Bu~1n;Bqj9NN!TK|ybK81kKiDI$UpB0pX-y_k%%b}ec+>SSIDwg$AQ+hLV#oq#h_8x8>Pph;oZ3yI2>Tl+v+|QW6csz}+EAlsY-$4k>^fBg2uW8m02J~+w zh|&>z={dhz_qML&a^4-Ta{75O$ibhxCN_Cd#z_JFslwv})aYGIfj=dmL5t>-~m z&BHL`qkr<&s3aAeA*#=ahOmI^Pv#L^%EWTNS(g1g3K2Gui&(`SbSF!y$IlAD(sr2% zJ!tOJt2C1XG;OIQ1{8w^vBYRNg?*V-)W*O9L?@N4e{POP^oQ;`EIH@wekn?TC{dj< z|JxWd$|iUFzqukJ14P&MDC^l8+CUClM(dbjTS7iV*!?W|WS@cn0{+cq0pxu`TLCnT zaV6he_azJpN}v=1mxaTc--p7YEW6#9O}Ir3vo&&;+tCi}*_+nxwJ3 zO;x{?yuO6M=s}BwP(>Mr?aK6fxAIcnYwXlf^iXQ3N=S5xzQDde!Ny0H9=Ewl&fk}Z zT^NhA6BDQUB?8P`TwJID*^wVL@%fpbq@D|Zl#6n2A7&nbvBy;R1@Xjlq;CZck8yW< zYfBUAf18z`;eACA(B-Kk@eVT(=uh?qEDC_A#zrs)t|^pdPw9K6oD#Km+NZi`fTYm% z8X;TKVB~z@7s0tw(iik!K-ns|l}!yoe>l#h@M#Ini7fO>Bc^$X)gzSsd~;$rCN!RR zK>2Z8BoNi;K{>+y-?DL*6?b=Izd#A35hm?pjA)KN6`NGh*z*U1x!mtLH63s;3b`$4 zakZwr6UJ%O!qoaGtz6F=PTMxQuE*K*J|?)%up&zx2|s7W6fHm88bZz`Fgnt6X5_vM zh?_b;J7W|_cV?3@DOkA2`rX!WJN}sPk-)HqFw$=BX(+6d4r6ee%epfnJg~m)eanHD z&8bloU!4x4ucfj+{6g0=Z@C#Gz^7d4jz2tFq-6a!j;Sqs<@~V8kvO8iDk6gXwPWNK zbSsSKYN54S(d-c{0}Lv}X!_{tQ#8WzauC?JVkvk2)|{5QWqNEC4ZNIhazEE8zEMT2 zM_%mcCU3V+oo5&7bcz*P;)1>1bXoIqS6zkduy8yRw6iuzOap-%Ga?7Tpg5pV2Z}xN z?X9!aJ36?(I|#4jdBr^9K7pD-^j`^pmuSDY6Zl`00;FG1N^$)ZLN`3pj6g$`6FrYqDEo=7uL{;}|L2bkx+5j*^4d#sX_pdcgbC4~N> zQj*sIT@f$GH2a%@GQb=%>}ICR`>R%=SMsDEhb?hf3*NBMDm3p4q9JJzX*`@2%Nqp} zj3D8`gL$jC+U$t^X_HV9+&Svs?jRR9ro#+TYo4#K+Ft#tpn;rWOH%+nIm?$3Xc zg;CmaI;lNX@jGg;;LUapG*k@RMNMS4K++?E+^ec0y}~uY>!!!2!s=bU78Cb}Fia4! z5K65XMwTu9b&;b9hFI2f7Mig<+&$7H)7Z-x! zYa*=^d8aII30Nu0iTCdTe5(qL7+J(|7Q2k*K$s#HUP4-Yku2xJ_0t_$GJ!#ZfG6GQb>v`zZhz zby9`#*t2(3w3%aluY?sK1CAed%^iXE2qzW2O7 z+gl{(9$OeXe0w6*u$6@HPd%~y1Q_k||CfuCml2JLjZsk(l|LH@klVgy^cmD(T!C*z zV@Zy!h0U-tgpffMIK?@oTT%3!R%q+?|EyYF8%1fqyM8aQ+%S1Zfzj)p(v$nfro*+->Ek)Ol!*sZKeu?B#2dBf{sOmss>&`z{kps$~U=VnH7v^56B2!qm|Z z{e=aX20PQt=PgRy|FfR2;4R^iU~=e4$D{RRP}tv$o*r-)vXn-7cPe=Qja%ikoVMla zS4_l34U|8lO`r*?=F()tL@^Id2HDZ8p!PGI-^~Ki+`;u;Z-s)Ag8?X7{K|0#=3zM> zcue&VqOy(YF^RY^IqW8|jJ3!VbjDOA-hv!LmJsvX}uyaM`} z5AWrXLW4{v`t9gftv}{MxWs!Q%%WUJFBs-KHP}Z9wN;4LG?r&Yd+I73Q;GrnH6Ha#=@zR%> zf#nexkK)CsG~(CGxz+^nEu(*PKpW(wLNp^IZ@>^V8n(*M!I$1pgLjicDc2`g@%Zrt zS)X)ipxz562X%F-BAj(r`R0wmox4>Ra*n!bP3<||RN`^X9hy_SyhyNz%1k2gRfr@#~sH`zDK#k zpV7rf;B&=h1Yi($_~CW)B%2RvvFHneA;j?&Yfhp3nlCs6_LO-I9bRd11{x?61sMT` zs+e&xRgcbIRVC!XloVn4*g|UtPk7TyBp*?bA_gMVF7ci=^!-c^8uyN@NlA^zv~|O} zmqu_SNd=Ia{0~_+vI&P~7n6$gJ6vDis<6BQ-5DXGOEAiIv^TyPySH^2X%+qGo)W`46 zeC4mt&wYOC{Y@bR^qCa*G)B-FlYp>Q=lZO2OBw8cSSMms+*I=97a!zBjXBBQ%FX;Y zO3W7ZAe8^+IL3TzJ|Muq`H?Gma?sET=TW%{ZanNn!!Ws5f*^Us)|wUR8}o?@;w71kBee1FA7$5)FmBu`Fnp_DzUw<{NJt; z1TF5Hxs?mA8Xj>E6CC`Tvs0Uf*zTcac&|$+6dHbYb@f9S3hof*>WlL%0k3s-d6j&& zAl;9$PnCr*e8w4co@?{zeZ~C;FxTjiUz^J&E-n@N>3zJe9~ty@E8Ovgh=56gp;L4c=BchtttrzH8$|vst4@97TNN@PHu@Xi?b|XZp@^uIP6FmH zX|*^~@k&azKj;>6b_I=ycKG?=L!w9)W51ynN&*HmaORyo4oSVoKlrr zQP7pUW~V;Y$TbcO&Bg)ZTrcT+PS5^9O^whllHNjTpvzO~9V0g`ju>adE;wks-v7Qa z?%~#A<>{$In%!K!FY#Z?^Z#20Tk7`B)8U8+&ni$r`CuZ}?8n(|C=JF3pr`YMlf zS+W+ZhI1ck?4OQSB?@h-tBPoPt)PwTsJrfoL`^Pyu&;)<9}PM#Goo*azdd0(W~mNY z9@EFlA0;>ie3;Efm{wta^U5xY!}_Oapce@->^}h$s#%9Pt_9V z+8WiQ)%^Xjz`23*VLEt(e-84C4otddezD5A5aeXj=U$R5JRhsv5aDbIoAPHwuzQ2@ zxv5XENFS(!{bKfM#FY8?!8&eJLlO@=0#mj7H-lNO>a`)Zn74-to-0^{u9Er#&peps z?7(j^>$-#{%t27U34m;&@qAE|$6nRjwuAuk?|!Ee2o+m&bTOI1KAM3wzntk^hLW@R z4cJr3e_(_siOS@D#g>3rD`=4uH;ZrFYS2cEt)?fyrJhlpUp%=u8G8o$ybgM2dtdNBcdp}tz>Vk#lgJI4F19GX4e z@yx?7*yrmSXj8=@8j&8kgVoL-$m-&=%3A* z*44f_W3YMuQFg@nnHH}4m`V`7q-ePL3+eWWjk|bNOZ^2-P*ttk*ZGgHb!22%SY05Y zAPm|(v4X*YFnpV>oaeL#Cof4heFu8En_o&|>pnl%Be57q-puO!Z`Kx|BI(<42-kuwoRJGX>3nyTa9hoXzZr3Z8o-T+eu^F zR%0i3(thv#IrHy4n`iC4)(I#z!=lm-4=)b2PsQsl*fE-0UXVU-pcIzx@g;|f&+~5g zr}$i;q`wAO7;z^uk{*+{q93F2OKg}PYD#|^;HyshLAxoFqhn0tCubSVA7V|)A#N=4 z{mPMMd2}^!{icAed@Dl}>ZDl>4ypnyU=aEIL~~+e<0ElYsY3Zf1hqd!zM1^XBvlK* zezfM+#+ggo;7`%Vj=yN7dhNd2yy{iUs&HH%qR1|INumh%-VXQCwJzDK>c(?+eYu8_ zVQ%kyKy&%@c8I(ZynIC@B6S)`nH5E|6`+lDR9N!HQLUztFIc!ai1D2O8dVfyekn0} zHA#BDe)^$F+PYU_s7a}pH>hSCON}HdI^tqwVq>S7P=jdAst+Mj1IbQP@OJ~uca@nE~omC32C>5Lqj1{CZlXZ+OWU@WyY%TWnW%K&c4vy=vRXWIX&ZjH4$o7 zVSS=?n&9pN`c+fO=D^qxCf{4BOrL5RH527NURtNcZJKU`u;#Y8D*J(E4+%9LQC6G! zdK=G#_P0r*VPP^VXkaX|}!s@DR4@=LW?}4U|FK z|63Y1fdqmTOuGV)^uQYa>lQ4J-k@pExWRgD`SoMR+Ga2k_q7k!Sq~A2cbSpKLG=i! zur!C4D7$3o%1JIMv$+qEHrUjU7KH7Vx&g5E0o7e@2il z^u4uhu_#()^`kdbfkc(|%4AL0F9N(MXrBeoG@&ldADFk@(znd-W3Ptp$xvHR-b=>U z5GQDLJO2`~K zgz92k&3uYlK^|TpcSm!#Y<~%dzwth%2@~~q$sf}MK_DXY)D3|zWw~5eoF4S2xvv6F z+w~~_Rn4p}U9Y$-Cq|1F-9HQO#xFnoae$ocVX2hYXfJ?AWi+V_&SrWUhuR-fFr-lB zTzQ~y9AD8FbF4TmRJ|@;u0C3`koIMlv}D~f7Ept6enRSuCCcbGm8cQiB&Q+$<;1Sq zQiEDE*(Q>h-HI436g8AprJrBv(N@8()C#}$XJO~i+iAaP&;|^&v?1fLgVC#$=#Yd) zw?&;sLYO_>{mRu0aP11irSf1fOW z*!aHBM&v?rB#V-TbQ4j)Eb(cy8d_1QgrbR>k&HN9n$P0Iw^}H@%mzPJAc;@ zDb)Ph>+`%R%Phf+n~&YcJ<=3@g-%W)nI)!Nle70|FqgI|>hH+;JzyJ*1(NK(egwLDBR-viVDwUt9t1hlZd^-QM4yWV>yhueBz<&hWj?*!#=!3DAdO zgwD(X+2a(DKgSHX8{fxF`NpEjscHFz6%dT~;>{?~PeM%Z?p*GVpXGG~tds4r6aGx& z?BH5u({t;DLskqF5`weXu;Av>nvQv_^_X5Z?;%yhFHz&ZOAN$zML3eOOGz+`DnMaV zL~5D>jL)Y0=LW75W&13BrRtn-qF;MYDyqH$Z>0vbU=Ub?5DiYv5WZr}nG>b6;?Hxc zy5+9^Fjac@o8xKvJmXGw`c0KKLS9~fiv}JN(4s+~UjGvNx;g+^K}WsteB6CnM)Mug@)z~VDi4>pFI=PDX95eT{~TNzB?a=Mb&C+vh9qBiHIZB zpafHt#nvkthycvJob6KI9+Ajr8j0!+5C~mZm)TW%jQG@rbH%ClLeZ>@{=g1O+Ha1N zA0blv1v8oyHEtA^3!L%R4EjF>86(vYb8?k0uUQ+~kM)~L+J)0+KpLnF>-ZJr_kB)+ zlUJ5aWb){syWvb0`0~3Z6xGPdUx`6}KQ0EcG4^cT#Cba5V5!(+)p}D(v4%I6POg!@ zf?Jrsh-n}4-Vl6>7yS;R{oJXN3$Jv`{O>tL;`+>2(vD{&P zM6?5x5IHCQ;P!NP@7*SlFwq*SfGpUwcUu#MwI#C0^=3e`^T-pNC4S6UBSD;NZ~@6TW<0|Aph?zNg^g9& zvZ~}ql`m9E9grNqSKUL|Ay=vDqfL58Ya|hY1R?%Clt4>&af|m|78}3esw>)KccP*S zW7g_OF~hUjJeG zJDi3f2YDBL`qW;)?fBe(yYS0_3Rv9EtZR zR2pj(=tiUpPX^~AtuB^IH$NKo8-$exD~qa@;ea|J*zD~~-{9{cy>Je0^I^ncg##LS zg`87pYOE}}XKob^nYR)5(_vVCt`6KO(y>Tihwq$^5$AW9NYGgJkpKug1lw|k@B-#^ z5e6IW(omT@%Xewzoqycj4oX;t_)`Q(lI3WSSPV3JgP6QXqUDd1Wu9If#yLzW_%x`= zPOQjPyzbY2Ku9|OKMCU7C@^0w+9&lv0C&EDRM4*8dMRT>YF8`BF3;)5$`9Qd)tE9v zJni}odRPPE-Y?8e;sB0a-y$?|5leN=`Sr`U`{jp%LFr**Vu`wVawQ}*C#Yl<8^pQC zumNh}RXzV$$eOR=J{{6MV*BqmILB11`#e zz7{#Z2FN9EF(`Eo>ReC4^Q{01)vL&<)DFi-&b|2QyK2pPtLNlMl1GF7%21UDcoLWf@3vL5rEX29j1( zSRkGe@U5u#Qbcj>w&#q{n{wMpgma0eZ~2d;niwqQs|i-DnugHNL< zayC-Hras>-*gxfaK4Fy9SSxt*lFEmr=IfAo$(Tua)@*3@9v9k);gpC+V<(X>t$(-c z;ik~WSAzf{532wJoE^`C8B;y{^7s2rI!PHoA%ttEJwi{{s`@-wEhGR|+KVF_jX zSM?FzC(ufOQt6}LFT7w|H}O~dhgIX;!NS4iC+9AZ!m4ikqvrroD43r47Cc_8kI3Ty z!AtSW{{nkvgm$)3V?6o-WK}eyONRC7hXaY@SDW5BQvSi=VCV5r2D1k75Dz^;HdQfT zCTSr9f}DdC$>Bm-c&j8@O3dwLuyHh#1u%qgrccf|guh6Eq^ut!zbP2V^+_5f$Fh|* z=;r`n{SCwDn~A4KRiRo=*oJTpFbaI;!X}f)Gzp~qU-{UjWC&gc2Fjb>5L&l#*s?r_ z4V22FbaUh!=8-N7@hNlq8l7ux4s(GVRPa0eVR&T0*^&#BjvQVLz`?B7&6Ia#*@bcjK_Tm*~Hn&_!61zF5k*N#8vbX1^U7`}9g{kyY zo6p1f8oFnq>W;@51m?F@wg|PQD}#QgaW}DjQN=mYcku9{>D}}k%-na0&mvh{=PwR_ zdN`>_cA6rGIe4>11#9k;b7*5&)$C;@bW%#mf)#EzF-SH{Ver?OU!>g$UE;1(PTF&c zVebxhDl~^&Dcftjs6$?N4rw>Bjg*#}aek`KUc$K_d#<6_5_w)OXMtk7EU=$(H zfpX6td{iwwe^}!zv-N*~{U5@ZKou5-DR@Wm zzAS@sw2s#^8{IK`5KJr*@VF-TtCv;s*2y#y6)e2=v%CPwQ`rjlRB6k#5GYdX6~ix* zK@y+FK5IIt_wBJLLy{6{Ax$AD*W?)>O5Hjtwt)PQ^v`+V&DC|h%e_YJ>cE0(WjN;I=7 zC3HqnM_`FsbL~yx8-g z4&&{>rP2q)+nWg@pk=h=(Qx!L{xFtk4tlWTKMCdv+u46MA~qd`KwDW@e^6-!s!47{ zQhKRT+7m2u-|>Cl7n-7Y2U-&!eEd$C{~LIC zAx{bh|8GpUC<}%)&(E<_KLZhhuH|&MWD0*-#Z8thVd9b%StHx+rKl|+n^PqgI3@X& zYdo_3Fv`k)^s5CCl_^x5KD7~Yf^=cMrhs)^liY|^U0|0o+N`4&{(K!6UQjvT+d+;d zG$84LOGr7VazWzkJC!sVO~4!7n77Rav%Pdhxj2}P&oiY0MNoLFzD5=L2!?iXI6oM?ow(fkrV=22wzY1W*%OgTbjOwczFB<(3)yMc! z><^2((0T8XSc>NRrBH&x`_5%V#8yJ;iogc(t9(1JU&(rIx`1$zAYC9mG2vip^4~UJpoV3mlb=urWQoL;yfz>IcEhP_5 z;WUgSVM^@dR1>Bq5oaVC-IB6l=wFu~l(lo79j{Vj>pwnl3{3F|eYKoBnZ`-l22sW% z(xuVBc94%$O31*c+bwIys+|hS!F4{eIL#53EDj0Drq9NwF47DZW*Fu$U+tt+$?RUM zi@Mit_}GOS-Jfjj6~AE$hY@(tl@uN>EZ(fmEC=Oo(KPmBcy=2AVgZPwIr;* z&Wl^lb)k3s3GgiQN$2J+{Anfv4xZHdw3UaHaAKBbnU)|iygXxdm+|AZ_-wsC48nGV zRnJF4ubIM7Ba8qqw~P({RMRPBwQDXqJaslUxG)5_ue?U9Opmr)Y@C(hbv$3lew2;c zlx0-nNOdy$+H{H#I0m3O@nf!q=Qx{wv>IqNYl+78WCZw6>wFMbC|J($onGyWVa=5aF__|35R5kdx+FSf2^iBXDNfr-Me96J28WLensjuLPX1Tc zgm>65`Tx?Y9I$_dpM*J?u?Mya^-zDZaN2>WyCG2Jg9pe2mbA;~dJ3hgU`L|bLfEc? zfg!w079;M>wFfN?>t{rx0d{dsm-?b0gCZBWcs9T#|g*zltn!4S6EK3+pe({;b<#HIsK`RQ`CJVD~8w~G}=9+$) znrIPv_3ZGJH&7yaL5S%V{OOO63uwA45W7<(*JlvA-y1SXT}f%&tNfX)-Tr2FF7-7$ z=Cmlb*4>w5vM((#={xl>iz05!&kug*^ziU-vpx1&wV~(>5M3$3FC+SInFK}#2ui?2 zuJTO+>(G*ncaRa!r@NVHFa9v)>DvVV&Zl)iK<>Xj2@@I8*3 zB#4e&c7__gaSBRtrxY(zQE}Ini@7~Zeo|F!CJYuh>!ycKuof!_PB>*Q>();y>rnP5 zfXIa!J{;z(NPK>M;(2xD_25b!((rUo-K+V0$9g{4zglT0F^iu6&^$0Av0S%nk1vGi z4^_5`dz$*(JmDc@=l{BTfjfx%BaQ4=axq(T)C%yVpM5{ps<#=Rh(D;h6kskziKih1 zV6|$}`wjK=<;!h9ud_Ga-|mwTMcL6u#e+))P$V!BVZ_=9aw>DeaS{E&IFBXqpQ<8A zh!RuN(kK-wgPhdIh{01047`{^#1R!V=^;a0V`Hi+))*u(g@7U~CNqh@R(fBm`~l&_ z1eCu8EAp7yi&2aeQ3Asvn<^PZM@?uLAnw&9n6ps)gz1|e?ctox9C3*_EBZC_qYL}Q zXGQFA$I|S=Jx!L~YoQiDi6Wzl7+o~)xZ%b-lGH8U+FSy?VC zbB$@MAm;bpZlSQRJEz5#vE1Ujl!`~f!c`f+r~_Tkq4V0wcZRmB5I#06>B;iXN-67e zOvoarV@W(aJp46^lcWt)+T<*=P5e*a0X?+q&C9?g+vGU&?`Yl( z4s=R7m6ZgzMhjTpU$+~?^|OR0NZ~{bI_xtN0;QCWO(+SSBaxi<(ahflJ=oNDc@3(l z9_w$bH{`M8wLNhOfpk(&n$^snLxBi-uz*h6$58Ib5?a-2Ywu-jlGz{1ptLKpJHdbw z8T($)xbIZVK*sVqhm%0nAkh7ElZH1E5KSz$fFxhJ;28N!T&Uia$W+Gm^ZBM|*kyXJ z3i}Jf^T{<`_4zg!-E7)(Q;uV>|!p zC(+>mVI?{oi+AGxUH#nip@^S25qV)2bzWj>8c>~Lz^L$>Gy5+x^=A$v6<*I0Q_tQ$y`7Q>MGPqYKJ-)4}E^elxIgGsOcV7}Isjeeq*Ini>?z z&qy&m7LruZeN&5?7{cQ!E|WV@y^PqoDhlF&8Gej^iiO5Y3}RFSnRT2Wdph0uZDqqC zw>7A|T!qzq5@M?FSq6%qr_Z8QSwngxGH{s5F@zV@s8T+Kc4p0rL|_o%b3FAXY6RE1 zSRQ~);xTgk4;o?VaXbMmteikmZ;=q412sW3BTxIRo)m>vd>U8NxP4khc3EEedW{t> z+L-hrJE32C^4HOeMXOw5$d>Kfq?K)QXSoo4?FErI^4*RFo{UY1D7^DWlD-K%rxmM4 z+>vU*z8UB1l-5XApGP2h0;nbgifHy~lZFoI?-l+RKG#Jih%*zi&gLd=oH+oBdf_KW z_2;Dq8LEp+`rLA-B8k_OMcc$Kmi;>QzbmHNu$U5tu`*h)jtkQX*}lm;s><7*VpoA* zcil_`pJ{mVv_W!u34*Lj5z;XX7a5q6StXGqCZ^a8-OZQsU%+(K#$b#}#CXR8jSr|= zLV+szT`WirAlYSBSNcz7KjP%r`N zZeeV#oWlt};p4oU-he-|jdLI@G?{BtcaY5|{*WRA_7tXtfQ=v}`M^ytWCUr%f%HfkR^?`xppIC#VVn za)e-Wd%}cII}UdiQFE~>RP*Kf%1F`S^1=*)T1L9hI4est`V@V7+?cgE^LYfHFdO%2 zx{EF+Zd6DdA}hkE8(T_BMvET!t;8vQL>yS+z>h5Zf`k>+nDirI20)YN|B9d@Isz8; ziQC5*;$qvY7M1TO#uBYzxr9s=!l8F5KeViZ7!)Pz)Rixzx4si$l}wr%eU%=}3GRZO zzvTBsP?y9EMejA|c?P#F1|N8zSa>gH0$hj=%wEQsCc$)eCd~to*q>Nf_bp5zkW=4I^g=uxEn>z_hl?pMCp!*ysp2 zCKGTRg&VC*uWA+;VRUM|FD=SW-fwfWF=(3T$r+K$I=0`k%Q-s_!%oMQujs2S86M*h zKa+~-d7X=`4^wYFskfk#2%T0XB+3CmtV%b{?0mG3L5Qn=HAAweG&LvZ3EvS}WhCR}hyc<&$iVQj+yp zt@V`n^cpQ!4Ngf2N^XhnR2yB(EPSYJ;`^;7ftxv}gKf(l@Oy-OCc93|#QnF}YRD*g zsCj8MY=upadAKl#GiAnHkzfqqPTpg=-KKJBT>9=UsV$W8R!YyzeRO;Cmyoo9zL3iv z8rC*r3Kd#dFEH3u3p%dTFVcED#7Sl1^#%-~RA02WKd}RSv-ra|i@z;-^#bjwLJ8^v zZ5_u`Ef&7Y9(bPk@mfbJp=0hRg>TSGG>-%!R$BeiC_jU@uSygbsvVn+-*@Wo)n0QV z=4;)?kAKbP$iV>+9SHjngbP+ugZb0Ta-ia++q7spJtGp#okn+%HMt@}C-5(vzR8B! zPV)6xE$SCm4k{SoS}l+>0e&`(YQ~9&M7zi~w;XFU+7ZIpI-E(dOkb9Fcd97Bp4y7Fm9iJnSJrn4+#am(Fqqk(+| zt5yTsS)I4}%(}IpJ5k})a-G`fU7Qk8H9u|>JF2rg(&-fOf^yJqad`)NjKg|xe}4Wr z1x{7hQQ}yHy~it9C@taU9u+MXYo)ue3WtRqzu0n&9!@7lVaQq|$+N6a&RFH-3^K=h z{dYDxruXev)~Pv6goCP0=Ry)1inRnVaG<~RvRwjh&wx5)H#YBgHbKEOr-m;^$#UXX z8T$fl|2ZiV=$q^n0OUmXiySE4SB3{=+gw|G`o008%e0Ev^w;+!hhBD@(P#N_Br6V4DIL2pm%JL9eVfeii^LphX(+!Y;n01pdL)WYeKh&BSQMzZDT?WGwR6FjW#s3 zUy)NnB3G$3!v8#2g=XXUr7F$L<9c{76sJCq@$NdQKQq-BZ6V$m5ET>UHWDA z@3~!g!Q2PV9_21Q{(ci2GEj_1;QSVa;V0}fKT4D`+p4YK{Fm8C;y|k|=f2(jv7bm+ z$ZTrL)R-f~L6z-uS4lc%5j+z@cIp5Rx;mT#ij2CbfV9+Lsjw@g?<2-V_3pFVzcnLeqIEbN7jtF*W9Qyr2V3?ZYV~%D1HHc9`n=-G$HY;pXgA_RJXIg zE}01<0sSV0rPR1auFX#+MS3y8#wD!Xz&3g{+qlTeEE(;)(=6OM+V=n>6*#?)Vi^Dn zhI0>GZ(bbEv>Vq9h{)5*EoDw4*XcE>Q+5?s!gFCAv&LEPwP2K5@a`d|I-A zUvJ8Pjq3f)8|hc}tPsAnSE=Xufu}XHkZpKAgu*X{ws^VNDLRQ+SowL4BELVK@SR)b zCZ(dmttASbHkh;7y`h<8N)!=`;lWaIO^m%Hb*8sq*4`AQF+UZ=751YNa>OPG zqp8}5d6cAuY%_?NP~yc^7y?cu@9x$09oYe^;ze<`sDU868YK9RQfzcAHAVX=%F=G+ zXW=|fdIRGfC$w&ChO1a4rPDtOpo*l2euK*WNx}wgSvf+;_%-C$yE(?T!3`}VF)-Wd z@qBmc2hU4>%hM9%*u(}5+mF*C1Ibmwymqj!*nd4b7;%z`g@=_@rEkpYVGcMUpg+$p zsZ10_m8#*j91;m^tD$MAwxM9U90{>&eLAzLAH2J$H%f8!hr6Sq5=Ey|sGWr$s&LvJ zY5FEtLLT_I#Xov;7l(q%60aj#ZHIuxkKi$2_0+2d3D2UByo212qL4upA+ZSfE*Yf8 zov)3UY~u1Qk6=!lo7K^pCNcVQttg2G^V|DSw41H{^!i;&<6`qo_p~%j?T!4}0ZWJj zx`;3rF)vHpm*!roa>rKAMC!Wv>IHaJYp)&?GZ6#gGNzCH3c1G zZI7lDm>~u;={Cu-C{L^ip+(5nn;0U>fc?ZA2IB~qqnqT`yhb9ZwXsa2Ato)ym&5Xl zyQD>r106HWrv=Ms0ra1871dTxB)R_6#Euo|BHu3xD^J!R2H4K^1dRQFZy@}s>X*8*JAZaQ`Q&Rx3?RWWfCt z$t)fqRe*J89litiW7Wj%D_+e_H^=nUE;&~gGxpjVz#vDF*hgx2B-m^YP-`@?*fe*o zZm}@TErF)o99u%7fbn`A>7#b@HW3AxO&@OOetz=pGC#U+w=at%nOd&+Yl))VYP#0*9N72=j;)qn5HCn}%&tX4X&)_QSS72Uah}8z$)pp2`c#fpAV1?2f zj*(27Y+M&v>?e5cVQca9hN};CPCP|^i@W|csU8Qx<~x8csC4(>5SWs*!@58*Vc~Ju zvp|=7qua;4{y=zDCFC)t5(XM#)C2s)XCsHa6AaLhKM8VR3*x?Xxvg6;%@V=VCpsj@ z-!f14tq&Jgw5HDT7N-N6>>qp4QGP6x!AXTLoq~!>DY8{-PzWFEQI@(oU03AGUnQTP zuTyZe{z3?aHMcaIYS4gQ3%5)~yFsOq=GONf&5s@X?MR>=ls~U%pE7t$gyf^xO)XT3 zUjM5*cB>7OY)LTacSY0Cdh@mLb)C$TJ-|2Ygdyn2;To~w`m$-2&!h92tCOkP>;3H( zhkYa`Bx$#&eX!vF!S>#_OW(OS%`vmUM1bk757|KY*_IqkiR;R(ic=~~1ne|A~ zJ^{zg%0mx{oFuUi7!O8!^f!fyZ&?y|UhNO{&f_aO-=p~6f+HGdoay}lc~2e>YLtkQ z#6=a4SJyKa$w7dqUYmGURg}8|kp)K@kSYM&5AB251 zVDb*kHad~kksrgLHe+7rI?&i-V#r1)Q+!cWO!mv{ij33^pp^r+)o4l<8^Lx+@k)0` zjMEhD{e!!_?WR>2T(z`UiUyu+dIuQXj;}LoD<_m~DbD!m=`=+cf&jr+1qBRS-jjGH z$&O+#bGom}ceocW5U?{QYP%N8FOxyMj%E5I`v00STd>GLZz_LL!NHBcZnB91xeBCq z-2s(Oi0Re#M&|EVl{pDS&jbiz5Ogu7$>MGkc}Eo zE|q&Ui!~o1lIcT#1S=w5rgqm=ji%^*I~KG%`&#bhn%T{9Szp^@m|fk2l1pOYWGEC1 z+49EwwKrrH@27lN)gu$1KE~+5#HYbNND>Wp)_@kBtZ%REB;>3y#*RdG@fJs#8;Y_# z{b^y(cyzZ;cN;%|iF_{#c#+uif@_EP=s<-a^}@kFUL$O&tgQ47WeAsCdH874?{m$` zjXir5pn9^!YNmadr#LZgAHULiot50m2fy`JzKKiPXqvKU2`kQ~l?rkZ zQm*e$IJ-GuoZ*$9lBVRKOcr(AF8k3l;pDla6gA0I73QJVg2;B1Ub+6Y-NleN&$_1x zq2c!{f6G}eL6x3Acr>3eYP$EQ^R}nsQo6-K?ZYqiiJ>ms9 z6zv8po29C?^T+1Q#*5$F-+7{ipexl$%=p2On?5&Cml~YotgXR)fdMS0lxv!N&KX-I z2qokpu0TKwPu2U8>Cu>}9kk0pd4MRvGY^^(U^zeHcBkfRnQJxV!q)h!Y~X-A2hUt? zXjqZ9x(Q(c9O6_#OYHsl{aMs4B?L(rUV@r#z1m)DB6sA0Uv88E#?c11;f`|)mZwR1nnxApfA3jR-@l^n_X)W!@Czj|D! zZfL!KSUJ@e6*op;$Sp){zWb934Rn1AOIZe#rT1as{p+q~`LZ7%I3ZJLbCb#4yHbe* z1O=sJe9WsT>|LTgmeVXCXK!9guP+Yc3+RkgjCwq;3l{?zLO9WvDsfbBl2q~eMTSX3 z8gpc%MD%_GJZU(dYF)ld*)W6w8q%QSAPpo&&E5!3Wm@&Cz|=Ez=ZxNm!cNM@oDMsP zq9cbt->gU<%YgFG7p)h(#^<<1F*BP$A=+BksMi+!|BwwF2q3Z%^_lrS_-{Gu`x@9s zpC1x%+)a+(0o=_CqE~yivl^{V{DMs^&uflR=hBM^I&sX}@h9Ccme&?!WpQ+PbJ|Km=EW;97>8PpG8)m(If|0i+w)Z-4GR@6 z{kYDWvg^k;O#O@UK1eKxVx-!z_j3KnJw&~{q_Qd>a^9wLMV_IS9e|(|@5^O>(BJ>+ z^q>zgVs}1`{ez~kec(O+_z?z@592Am0=sWqipxfRSXHV5C?fWNEi4{QO^h0eNRa+8 zF`PWCPvF~WFCeB8d}f7S&? ztB*Gyw-;>Hi`+*awgjo?FGAU0qFj1qS$g<#15^a%iKuQtGzzq}Qsj=S!4nyoL8Go6kA|ujaN|DrJ4k;j} zP^7>TN+xkb6g?_&mSQ~Ol)BQ;Uz5!HMZtccsdq#;5$mTf1Oc@CyN>($zudF`C-7&GPn#Yw>27TWx&Zicg&e!os{3F1jws2fd ze5)1u@k;7YQpZicc%_E5#g2lgC~luKhb8tpOxFx?QiCt zC9hcUB$LaFsOFY<&Ymd4)E*VZ3n2pljMHI0yh)N8)r~=ThVzDHCu%HKrTr|2Ip}Yu z@(71xHyRG^-cotEqx@MCNXdn7GC5t|k7W;o0#_Gd6l^#dS?JH*8THF%7g zK?C|??1VfGL5ogv zlaEU9#`oUV&++f2m8uQ?ocSbV zJ6HL-TnTrQVWa@K{kTb=rR?C!y>a}zdOY|!^y|1@GyxC#!VdY(HC~xn(4;p*BA@Xo zfX-dtzwX|nk7-Yi9BGOAEwfIIV#fKidAt~zC8*n7=lV72N>pfK39Ds;V)c#vAIn|> z(aUh8jUs9-PW~g?*&$WugE)^?xJS7Fk28d^})Dp@#KH4{t! zJSro6>6jQ4Vd;E6B!qiw8|j;C6E)%(DH4giS<3?0gb5@zZT?FJ9}{$#($k`)LW>6E0AMxT-cRN{JVhwv9AvtJ_!b5(KVIQDL+FOOyRD+@qL0Wjc&0ZBksDSSxx=PwS%+5Du}<)C zqfW@y`bIC>lMEXg^s>_O194c<9vd-Y$s|H53CbcClDOTjoCLYK2*-OUODrozEbGaE zn1UBJ&?e0hY~(@CMDKWbZr1zsgm4Kqfi|HS4Nz$@J!VLSMb-!JEH_&kP7{$!eJ@!s zTO(Ndd^(WSwy49v-2IvhCM+?T*BPxnpr_5B5aAj;Y8F||I+FMM#;S468RUM4^t?A4 z_<%yOPBwB+9PjoE3@&h<;wTIRSlYUxCW1UZ^D_ z0E0x##ue-L$3kh?CHF~vBn_9!#K0Sf(#N7Ux zr9!i@@hb`0RfIZ~d~c2Pesb1al~j#hGLNjL+k&w3#iMGpz-(FgNJUwF>?9sa9iKn_xdzrOp9=miDE$R3Xg)-s zD<2wwAvFb=_=I!Y=#J>^pcel&qxs=613Msvn-$%X!#(2|pG^^cE~Zte`N0L#9pDb;n#ua6C2V2;gZCKle!a zYz*W|j00L_Aak>;io6)v&sZ^Kai>GUiFy-p@alvdIxIsfL>t3%(K(|?4~C)@5@c$o zP09pR=2TK)+n7*SGEeH6Y?^y?Iz7XT4~f=?U!sNu8Z@oGa|XCc;V|?zVehZ6{@F(F ze2{9G*zM2?aBCFHW_)W=fJFFrabm~%@a4eB&I6z?Q(=K%#!+tpc|U1Er*Qg~6~MK@ z6*kZj@^kYqkTFAg1fWF$XOMI;{P8fY9tM34?Z?igiBuSsuSPwKR`n|L12CVRix?Je z7fUR^mCn?0n*3nbtOqfeTNV_y7>gNWj0=GjUA+&+kx0%FS4M&Q)6fLzKU;1Y>;7eF z>G-JbHXA7rvN7cs0qVi_+k^PST>~Ud#o*B~zvRM<%Gkj$e(fM-d(os@DeI5N_%*jj zmWCAGfOM4eoDt4t(znF7ZR-)9fhw3h6g2q*GN5pM`>kT;)2w>hGFI%^O%BG0*9z2@ zc$3N->W3e@5&@CTn~sikE}*g5LBMz~Lu3yzlRw@+>pDC0g$A$*4)Zi@|3O2OfJ8|Cs^X6)ycJY5p?Xo{`B>Qxb+6`Qt)y!v(F z`lS$dY3Prxb0DQ(avBS3Wj?pJdUbvt!!--^m&&0m$6t$ZDkb__!ZH_bnmAzQp+fy0 zjAaXD@+5)>578upgVX_BHovl5c+L}8kZQ$ZPd zdW>?QVkHP2C!F({DzR9pEa5Oe18`npgj>!GZuJtFe)o37RGuz>m4mgNRf0~Mtd~to zij0s_rwiY@R3Hvd}1YCTb9wpFxnO~EJpSa(3vR4#Ic4d8IGK6NHR!y3RJzc+@k6O zQ`)xQ&RVY7xG7v_>3u!9iBi!NS~SQ_1|!iIcLk1kP^*F~C&Z!%$CAM-4zAVxuu!>6@wsCY! z0x1tNstohwMyg2l3;m{A>5T3HL9;m|=6+#T^0m)scymjCoE zPJ*1pHX4ix+v}v!^Tc38H7#o8kofsYy(hpeMfyJkY2qWRJ0M;z{Dr)K6J;F`W&0lC z#RtYTwx3y9*hb(O#aL*7_A(XO`{R(!>^6I^6QY`sU@TAQI_09$@r-6Hwy(ru<|lUB z=DQ1qF5AkJ${3F&)%3pQYwZfS%zoL<+GRK@7H6IS69VY73|T`bP@v%7HRM6oVJfC* zMX%%|y&GZZ*1N7;l@63IEeyKsdZ6euU-bM^!^rL12*D`f?pKIx$KPwTSn|IeXR+MS zi_&(!c5=S&qQBP+4Mj$&gJ(j#3!RHl79h2(F?z$@#7keTw^%SS#@{25-rQA-m4PN2 z`rpj;9SVde?!Vh6H#W$l!^n1DNket(MTZ-P!D5(2%3T0PngnYvsiZ~^7}Xw+l+xMw zx?Ss5MrKu^If>N5r2Q~636>ZoGAW?9zBam^=}qfqi{wd=Ek}r5A`qEwxlowqo3Xhp ztXk+Ib7@0P9|wz=aJ;(GW$bz)iVv6&op2jz+M0QjqVq2^F}rl6cusK}jZsgEDJ{BS z9zRx288T{!kpThFERwS>2G2Ik=rnR_wUV}tJ6-$Y*BjI%4g5aUI9esTa05sd74({C z@YP%>#_)ZD;9Pi~o5}qP&->N`heMQPA5pb1l;e(c{MEKU`yVdtO+*ibi3ISW{@NMG zr^~ndm&pP_Xm6lt#?Sq>4;3c`?7$__^)71PqJ{aZQJ7&sVDI-=8@p zaemcv8`0Y%2f$LU!x*vvbVgQ}b`|Ip!XmXCd0lbKk&99lEjUz_1cu7Di4}_! z(ox(oZ--Z=0h5GZ6E4jtg0sx)Ra4=p?8mT3km?X5&HOy16#rz10SuMhOfIk}8XL-zq-8(s+_0dp_x0Pc()DST zd~!UePc3;dVtL>Cz2%~Trmja^LPiB4T|>Eisb-iOe++*bUAai|Cq({!#FBwbrGb1c zA<~TJ=Vf%dBMP6hEaVJf^9f`q1~7%mb3iY& zzD@CtN>x;(mq->pFGHMHd*9y!+cdp? z!cF)A)E~p`y+BL<5rEVq2s<6tRx%fO-*_3@fR*>N1g#e z^QXWz+2N^thLS{K=qgpP4t4;n(~5%+m5hL9m1QdlG59lXwi1pW>MzIzpIuv-&R14b z`@}juEt#_bEHr2<#gEsW80}ZD8{#2@H|v$Lz>eq?gFx-2_sO@%g#zbBNk%Jh8?&Mp zZa!OgTwh}Ve2DStjXtY1^_{8tGiOl;JpC%2wbZ4w5lqL#cAdh#dt(w$nHk2xt9`;_ zi4h#ik(PUq^RY$BZ8;h7zKD{r?^3T6EeBP$%(_;3#^5f(UsB<2 zdU&92!wShU{9x?K^=HI5@OKg(8Lx)j?)TIU)r|ndEvL7lXgk{-S#mxRyf!uHn=<(l_vKAwhDf;Ee0_BE1^LRy}Ol--@aV^z62USYH zVeQGJs4x;xv}r9sXR4oGI^}H8k#NpHTGFDcB`*6jxuvRbSu9qx?vgk=;9D;M-!=_q zBEGkB)QvqFM$%7QaHL1w5B@)zt}(FAt?Aw-X&N^+Pi!ZRZL_g$8;xx>b{hM{cA7S} zZ8mK9J-PS&ex9HEIeTW$tXXRfHGU|9{2D-o<$2&6VCY)h( zaLxOrCG^U1xh&8LAL>T9bU08JNrjVmpI@osNgws7xqC_ctfb-Fhk!gmP&E za{o=L>pa68eSlV#x;gTRmbg%Dc~_)IJRV_RIoxV&}4 z(7vK_{R5n_b`eIN%WxdM3A#Zs|q=zfKT&$-S&`_wK-XG zffYASw1Y;hzbcDpkpL@~p`m>Z_@JnqyrqQ76403K$w@_{mi~d2mXV}a#W(3xZ8)B1 zcYBGlYg~xAkGE#~?N4tVv0p}92>7cCK>4iAd^lf=d^+oV{xc>a#mhR*Z;F&E(~=}C z_`fU--~)#{@AFx8HVAkV#R*}Y$P*@F_xH`2SR%k$6gdhL{-=nUl(9@ z`5bh-i_OxQwi?pMC>E4HLbRV8vS9c7MZW)g4=`UybbO*;umDIuuN@^k8A_g6n(TTr z=ySE#X22(PH2>KRJGKVJ0^*+|LRDR4)z;H6{k%p-ZMKk1{hwDKtumJ;tw$l}sCqx4 zk2!s4qNwv+TSrIxUaUXow&pa#9K&Rp-cV8rYSyUF{xS+6Sm=2c+?yEwZ7s8D~`_|%;V zFa^E9+E*%D1$tRW$(dIgTbOKiI6mmkE3N>&3jv&qDLvnk$ zlzaJACgPviWc2C-1mchwtr;hCThMEY*Y{G3v8_i(qGg*O0oF~4`-0F3Cu7N3icRY| zd>FL3z9pTG3k)l;q?KELD#vM#lxBDBr3+K3^wB6BvFM!?KEFQJyggFUY$4l6pnDA| z1?;|4L)3YJuJP+Lvco_40Vxr{2sU|+isehR^^%!Y>e=`7^z_|MKa@UVm>|WE6BbbT zhI&cR`k|J;ZOrQpF4~?Lo(xH>(;;oG_m@j;Ej2!MrXBhyYg&1g#D~4Un4?xl*|Z8Rwe^n1dtuoY9mk|&n$d#9z3i2#nk2dL9|Tk% z{m(UD*Ss$}SN@JyoqmF$J@#GKHc06B^KbFg11Abp$#5Nq>!$BrV)QqJ-cmgrh622e z=Y7sxSQMR@z)4EAe7RGDOqY9A!#J0)5m@vqh3URb#;)-phGnB8%8L0zMy>|(t7nF^F#lF~j$H$gdLXyWqVL_A%Q43}Hs zhS}=&s+H!DEwzj%x)mz!j`|*JeTzvm4>>7iVzGNZs@M1O3xl%- zF!GaoS6U8}1pbtiM0_+eiQ|YTgRqgZr2DPjJDt5GDf3Xga#25?uD!o@rAX4I28g`c z6ip2D$O8Z2s46hRF)>x;RS)g6eS(QTU8^T?YKEt6S(;iv#waPXiCIr&hnNEECKa-0w&Qi)m9TbNG~+>`jrZ zycXb{R5ruc3c5eMLwc>s)Z>fOgT7DoJh}+=Nh1z zsuX-bYERU;t{ap(3j}ru$a^baB+LX#J`XO(5m+Lmi^RMdoBu@|vk(8t1z`YYj&Z5p zC_Dj&sxD-y{ZZm9>ucxi-4>`Vj~_pFaN2y<qeJ#;8^C{?ERLB2&H-P5(6#>gew|Zg%f( zoEu=i1%xAMKMHGdX$gFvFg2rB=Fm#ZaC{-$wrg-d!BFUX43@Mujk&xYg zOeH2VlWB|jbwN^z#8RRNVM`AiZ-&-yfX?`zWSp-Hoe@tzsw;HzR$O&*mF5GdKFCz# zfR}aHBdIIdXp-GwN;OBAk*Q)1l9-{fu6ZErX53gT8}`yA=LmhL#fB0O)&%gSt z^8RWgp!6)xkZF`FQbh|sHvJkO*W>5o^Cb-3X8S2bbRk0>pNNdpADV~>J;0FgsJGJX zGNkT3#j|1i$y^4rL{XngwWg&#-1HA;JsEQksnehqbjuz6+%$+QdW$7(8(%6uNC96N zCLM=ItzIFLO5V1ychps#Tce&W)D=y5QAkahF^rk{$1T6HJOqyK*M}p6-{Tx$7W|HeFY3-Ssif0dhTRGbL!A2VYBFn` zbCzuNy|)dY+*x8N_86W{nJe1>-@+|n-@b1Lg8RUnlGbs8$S5)Vxp!WW8tUW!o_2gF z9TFX`g=Oz!pxL;FA#+5eH$X-LfFUCNPp~?JcUuFfElC6%ph2V+YIOGKBWI>W{rlAB zMZfJ!TsbRL;o4XmpNR(a6w(dta$A%cNsLI3e}a)o1(fJ zNj8(58vPyR5K@;-9Viyg^m~6RYzk@4*SA8FyCu0)?^b(-PBhz>%fX?h=?{u14{%mS z;-)kMaP1wgirm(}GY}J9%!rnpym1D5Zx@z%7AnEX;r0z&0(Bw+BOv@3Yt%8QKM;cC zrvY@aFMW*9eW5|0KF2z}B{IW(AYk~_)KdDtFhF<@gI~pWu|OE$1$-n`fYwLaQDiV8 z6?ke8r~uuFA&8tw2*M(WOpUPN;>1mo!c8vF2W=esx9@AoWcd=B)CxzV-hn*Lb7UZP z7MQ26PKvdn5Jn#CMbuN;h}6F&RAxjB#LLNLV6e=Ws>YPBC1@M|1B+mo;L1i$Ew-M@ z2_c8hA_q6Hm4^tU-xDIo>VsBvU^7qhmQ+#6H7R2&cZ|LrxTK{xn;6~aXhplu|sJj`FsI;A^SlpRpoTTRWXrh zQEEsOaTfeNtJJ&_gQ#8HuebZBLtneck<^eh%P_UL>9i|g!-8%2+!H+V0N#o1qoRTPye{`r>zFT9@(~k(d^~%*oO9ywZ-Ue@K43M;ar+tV+ z9fc{R3QbnZ(-5W(am2TT_%w=C7u@Q)Ghc#f+7-mZoLk0rtg7A1>ydM{CikQjlW00a z^=N|mn>L8y*nN^g^E~n7j39F%b5&%At`HQuj7hk9(bgSg1g#7OoKta6rXrrVp@f^Wa+CVX#qcc|R2Ayb>bOW`%P6IGAf>$10 zRV`FII-x8&G=RQtjbM>%Azsd%R*v^%ZiEQk$J)3|YWnNitaTEBn=a0ZJuAnfL8skC z!<_G}4G$47jj5=pg|0=)p(x(aRI_4wgg?reu_wmoiK1w~79|)&R~RB2`xs=)bJO}} zX=q85L|i%|U64E?OeQ6=GAPGfuemB-vBx!r`3JeLzPKf3*h%bZ9CD*p;BieK9LL*4 zbf$lmG^=J~N{0x~K$`Yrztad0xgT!l#v53ryg|G)YkqVtLZ?tWySVY<*P!d;`!COuc&Ubf*e{GCAGjTTghRla9|fV!u?wr z6F5y%K)19T^yw5HaOoVn6N0xAT?rMkKM0l>zOPvW0oO zg(?wb^^$qOm2+`Oap;AyDAnkPPJ@|3E;*-NE!nZcUN_poEyV7Yh&Z3lN3!{zkq#?}SC1YUj~O@XI7 zpB9fuskif*b;^*;Kh4A6V1C%=?Dj-lsc;}aGtZv8Hr~SNlld=wXLZ3G3LXAe=+5AL zm?Jh-6H!B<8}Z64K^>z&2s~AZ70FNwLPV^iu|IF1 zKYEv$7s(X+8Z^rDwFu7bUe|s3GrY+v*?BcRMu;e_^kf2Ag<({i@7j9NZLmv;E+_)} zV|xSM{1##ORkY*k-DRm=w+}$3aUE)vE~grmRRs0_8VM(FlGPH-mX<>ghb6Gpyg}m~ z`h19=BGfE&_6xl-UQtqo$|2y(hI+ACNO)v8xOu zmSW|yTqxG0?!TGcTw=b{)E%(N1|>a-S{|wRuixzdg|{8rNG4w}e;>sOb5Ihl%>N0#XZEDhE;-OU;QQO8Cpq;U*p5 z+qrjIe#LPwNvgR9E{YJ+Zqf1oZt>@UbHC+WKM(IX07=t@V2EfdV5% zOd45Ow+d`rrZMEsZa!^7yd+1Za(#L*W09~c2oGdxaw|HoV7%qNs-xO$4Pt*xscns7 zsC#P4Htyuw@8P*Eee_9o#@_Tm3P(TIBwm;T$Ziru9-9G(8vx^7y`d&fEJ@mq_Cw(N zTlB>jP&S@u%VtRT}eS*z4!NCGi{prv5Fu~**U=ei<@F?nmj)ee^2C_n<6}0}+W5?fyJmhkq zkXOCtOK~h(x@^HGL3W7U^)LUVWqx@F+F32`%e^&R+y36!h0j0PCB&GpcTbW zob`leqYa<8BBg_{+u2Qe(W}iqxGo$Ipqe>g_%6(9Hr>tJx*0TKxqb*y)Z`|Kpzc!s z3j@{_lT#{x9aQg$y?wEC$%=;}#u%}|NSh~%g#9a06}_Sp`G^fpFESlpH0TTx+lDUV zq7ow?_wxnP znsKKK>B4U*$!0l(CB&PK4*RPN$S2{&ci8m&&BJU`ghM0yDdo_hK0|+!4R3>K+U+ri z6a-@K4JqS35&W7iIaY64k-$yaQ&F?;=CJXN1yEK=4rlG zF|S&SB%Rn+tCOfl8%N;T(AdEh@(b#6O}g;1?Rfu%OhFmCj6XnHAn6fK=R-ww-BLBMV z%^9PO(|lyYAV5nWqc>S4n;8(P-3y-+%^!3*)fcR-6I??6j6oKVF5@`vB?4{>IfPsAZKd70 zMB5{$Ln{v1ziQh(xmk~MIFg>da{Dgses3z}v?-#BP)d`6r$$h%#oJCxUpFY*@~eoV z6UJ35ldDsY#8YWfwFjDl@3pWWZ2>xPks_Rd*$SIzBo{h*UuYr~bD(lGJ&I&Zv7J51 zixR^YnUz6GU%^qscoQCVmE(>EP*JcAiq3c#ogC{cb8LA*Nfyi}LnkDzEIz*y|-!DoL(4Ik0H8N##I30cku&2UK? zl(reO_?S*wt%1gj3iLSVzIS(-FP^vEdU<~t(X4msNgPm5uq~{>0+AqoBn5q|)p3e! zs-*m-VcKN0wOD&=t7G1PUNjMEIfg6%LtS!llj#Z<8$Ev~Qn#vUDQVRuXg^=l!D!|)R&1q$QMU*pa<;ancIr;vVWyS7i;CDz4P zB(eopAO5Orr<|tVay%`f&C?Jx{&U+(GKjb+jBZh4upQ@qpcPRNerx;51anXCA~~XY zt?9R0<%X5L_ha4*kplnE&VDjj<^hC#k-0#bUvJN!ZhP5x{j@ zyIlV_`UNOX+bCmI;l`+IADSNB01*{AnH!P0FbIf# z9@xasuo+S`f#>c`qB_wr!?TP;O0|LcC)4vU8T*DG3)SF(b91W29IzfA&ZwZ|PhsEF zkC~Fcm7C(PPZTAUu5@NsO0e;?MIckxI|%K&=%f!x;90pUwlFJpS>+J?O-)qY#0Ie+ zqc@fHI*Z@VNTpg~Hl2qXj4q2x4$^gCz6w|tzj$NBnR8ug6Vuv71&jwX5>zADTbOqYJ%t06?Y-B!pM0DT#mNwWj;iS+l(n zU+ACrXVF(Dux6mu%N&U`~({8_V^)D zr6p^%REU_#X>EX3eLn`r+)QQvb8_X3zPDb`yErnKj7_|MP(J${$~ zR1p^v|1aBEH>L;R`-v^tmjT`U9aE6NbF6!ZF-(x#KVNHf3TFCdX%#K$qUpX2LYqzp zLtjN8RogG*A$4t=)_^tj(wGSw24>k61(nItODSi3q?J5nnkBuzEKeh-%wmz@k^M7k z-O_h^ACL1#7GAnESBRa4ojarlMWBuC4e@T=_rYBiyg8By} zD+JXdGT0r_6n5aWhcNECYk&Mo!vgKW!Mm!4MKFk7yQxT~SedBd!CLXH>7Cyx z0&4I>6*N)xURK6{fK(bRttuG^XFtBVZDvWO!J?);5pixXuPUsmhNRTK<4ly6~@ zvCG2ZkmeMDc#Wl1F{DKk(igP-by#vDw>^d}92Q0&5_Hm3z5${P{U%*sG%~a#iXuCa zkDkLE18uLf z93gIsS44e4dI2D}_$Us-E%-GVxeY)(jA+2CQsElYi)2kO4K15(`!ERRF9z39q%cA1 zf{-M)_-!+Fi6wDHwuB(g^|;tfI5(b+Xz%wbm5SLQgUdsVu*m`aHN`>pNGke~G4AZZ zXNpOI6SBlQwG+AqOI9hi@+_{8R7gLj^`{vg;uwvgj%5=S%gAw6GN@p~BC~L_1Fy&6P&CYm>SHpMWL-K(6rsMeHzQ zw*MsXBNaCw29Gl|z8AqRfp6pG+#P5Z4)Yyh47+tYG?EDP&vUa(69uS(xK=kN8A~T8 zo7^`ZP`%Br4vEPa_+HLDUrwN0g!70;6&1Eaf7aYW*Y@hidi zTaefuC2k0?I5Zx1G~#o3Bx@#nchuW=&o#?0?bGv|c3tsTD5s0NBTltECrBLn1R;d- zs<0qS&2bX6zdoKwC}QuW#24d-6nS(nVb=ah0sdV&1t=r|qO^mfC(VClH=_RpVp6#| zI5{Z~)BwBK-d%y%K}O;EsfH8+@o?Xav9)mGxcH77YJL?wu{YR0^$axHww<%A*s_nM zUDC>-XovM?_E|&=pGY<<(7;7YwsyH*ObgAyP=AWgDcRpVltice-WNn4V=z@>(a9;X zDT=HJQD7CeI3pV>3l`l5?1nvcXx(M&gM?bWx*^rqq8SwPjs!AIgzP-MP z%zn{Tp+bkIq@Yl(u^y zgN~|gSCl|(aafXYSkeAkGBvCbjGz^ZwRz{Bc013y-+4|q7xr4@X~c1&78p94MWID? zCz~N;6Ni4BwKOzx-!JOcuiZ5|m3#N9g1Enz6hYyCflDoDSjP|85f!wXp-#RQK`w(B zkg5x|wbC}@w6EQL(5g_cP@>D}(sQg`fvWY;@hIFa3g^sgJmfKNO80MfkPKah;|CpXQ)RPlw& zD%XD@erZg+srkw8|D{J>P$n*XR|9C8(e-}ObusaM4b`pt8SsrU!e0WfLMInsQ>455 z(U1ffe`zTj7*t?5V!VuarY&;0uNgVV1e;RNC^E$Rg|zgQhUzEIKH*cQC`xDYwjSWlfktE=MEIMOi~dRYnYa05qY0e4|+qENKgo?i45Lr-wQ-9#cG| zwP;lu_tE0`qyCXr+ToA(Q(j@t=T30`k}v_Rm1ZS1sxS(fc%;eB)X^Q~iiG!^wi0=1 zdX4yT+TP%N*V(Emb9FjtEOeijLw*zW``dK1ZHJLaLOMsLECK`32pQPm&W4n6WXZvo$~>07=N&jTJC?xBU6g`x06thZxlK#!o67MEynaQu%Fh2yI7htm(Mfgeb#2$f4mL44N?FgJ&7;~m_ zr3c8avd3xdP;i2gw+}4AF7x%yvXwW5n0ij>YdqYs-rwp`CWz=+N~4RcKp`Ee-lY_U z^S+lsM5{u5>F^%b{awCK(1f15D01R2!=J@+{|Eq&0ZoF|jdi z@G}OnFR97X%8k4Ky*u9053!=Iw@-(PUOmMBoO;O@%XHgXMjM11?Q|GT4 zlE%|rxZLBCwf+`}C8L@K$vfd?2Q+Z`Nfohy?4 znB$i2J5BH5#_T%Fq)u1FoC5;2iz3ySZIBW&>$60yLA*g}IA^>BArQN`@y?BiD(>sYy90* z37XxR2&dLYf@zf42A3R%X@9-ZZ-8UXC5WBnqYOT`;9A$Y1S;AJchN9ok#R_gsT}%5 z--kp`n8DAiG8lAbmFhoe%O*A6;F z%NSsIg-p|tuuEyT=^vZOVZ?qtuWi4^vsEjBB^a3bW{2SsIjbm6D_L@>Gq#WsVbz(l zpK;@NX04C+`g-3j@ay(;*p_WXlCo-|7* zx<>N5R!6Krxi#`dRNP!k^bp0TqvfNQhwmPzLr*t2wyawyRkvCTT5=mzFA}I?XL0_N zukvTwm8llY9~yj@Q8#?iiN@;lv-4FctAz5s?1sZF=;z<t+tKf_>ZGA*g zms_@6Hh67a%WszdA!xWvA)}UMNt*O+fhk0Jqu#3l2g>#%s#btChw#e`;%9+pU@MMLd@vy^6^=HiqL~r@SYa~7t+sC}3T{&5cb6=((--TUPXXV32>zzt4L-Tr ziY_(|EQk$Tbh<=yId#Ll%g(^+UCL8yt$&HMa{h<;JIT4FoT``}lIsOo;sV4Y+_Q@SPU zbw%O*_mO&K9Zm3+ID%L24`@4Hh%`Zk)l?|;xngszpIuunb&A0M@rS<`$AZgmzz;zz zK^$I+fmJ}JR%7$&9>`|EkPa27bv;mfZ)%+0Kca}>P)ekTIdihNz+GJ&wV6Y-MxS2v zF+ylV{Tl&CyeZY#qMd2I8;aZNiM~(L84lS8am0Q`rDk!k8SM1oFtlrP_1>T5p_X$K zl3H*^u@dWX=SSKscKRH=>~6`xks!%{$9!;xWLWc{81WGIE5=q0W*lY0pYJz=R{45S z4~Q&;fPFrwIF5x{Tp86H7@KjK9>Dx!ZhkkY2);``131GF}1 z77r9MsZo3{joN^No$8{jQZZ;2qLNs0-2gDT=V6r^eU=P<<~YAUhM>+QD2Vl?p(?F1hk5MLUO@O>*wo)IeO+LCwZ7j zthP}-N3L}m(c$eQM9k)QK}63z4xX`+Yp17`mfieBXg<2_>%b;rLPCzA_A1Q=3av(k zg;SrVU#&pp%} z>N+$xRgFSki-oxUA@IWQ?cx=+_tP2OhSJ(RGQ(;v^{n^XxNB=16p0oxlxm+Ok|^vc zL4B9DyI63On0i*rLq~WpW&#AgRo}Lx5$f5E042c(L%P#An>Og>8f#(<#S8xn?~Mlk zhcN$Id;g~u6j=0hw1Am9+?wTit>MU7%V(>prdh*I0e*fv?PfbL0gu~aC?X!nsPtY8 z>6Wi9stktod@f2JX0Ds;Di9HvDn5DHTpV;;JiWba*n~GWBf?N0`NjnopERM(5>z=7 zQM1}pN43FDRgAOKt%+=x@m}~I`7iJ2zhbq&>UW#C<}gVOXqIwPmwPbIsxN*B!d$2y zaP>* zD^D5G)tDlKmTrLUYy!G&fTu`z_?avA2q-*~fLHd!gl$YR20^WfsAZ2k^EtvBFf%uv zm#KbU68>Zqu0(kYVQP@W{|8ZbIgrV^IM1XL9ok+^G2L#_Gz5${qN5Z-QfQIa6Aojc zq|$Bdv~6-Zt229mD%=@c69Kcl(EaNA^z&<%(cA0A8)1TI>$gaR$kVbTufYY`nz#gbjQ_)LCWHkvbtVh^`=zqA}UDy5dl% zHsXynr$^YC7+e9FFJl=qEXcM}TX%=&NVXb5VSIk@?!NcF+hg)_ zbt!#wG1*aMeVg@m_z6(t22teY!^&&kkGkXEKH6j= z^R997Izb$Jg1o0G&)d83`E#Y(FViz#rgFlnWs|5Z)}2SbZTZAe3jz_wOud%ml4C>{(y;hj3czfV_2@n;4!Dh00kUrT9U@9~$ZI^S{>J9_u|p5Kri3ApjMw?t*6_}W zPsa)AQ|U!`jf(7~Xl-MabqU3S{2*Kb@>0$7&l+rY*22nsQc}_cFDzY^RpFfz@7??E z$tFJ$x$c^}0!B0!O4*ADXI2fj9OklIkvh`|R)H};{q+17&`Z;q2WDq>)~3XAY_ zqkhfP`%ZnzN4}BUhX8JGKxZd8J`@j zF$4Jowi4aYf3m=HPTD`{<&>kW0F1#)FH9r;p8v7qO%oq#`vgTllT?5BN%T)6eISL{ z`RBLG&u7=UZ$6?3uIf%Zv#ywqlLxLgtFf!G_k0`NuT`Y}`WqD`EEqo}A1B_PC#Fuy z%E}G_%_Yq?c17xx$M&-*%&lhUtCGLKMIMpci6);7o+;?_>ijEQ@oZ4BXBpIryjGb?5O$ z3Qe&wSR>*id%nTHB1oOtxKP{HWJW*833-<1T~UvwnUh5#!j}dHL|vjK3+~3MREmUl zg$5KCG*-MWEM#Osb7K#jV1?0P)rQZG;a zpN7ad3oUuzI@-cj)}pQn6^+LQ_Z;gA`?j@x?w^FL3K=FYV|h7@1Vdp<^kWDOE>d-= z0o7s$B_-F%y$nv+I2UR<;*1-XqwLo7LNU$K4Q3yspERfU%nkdq85EZ5iZ*kCiQ;Oa zx@d3(bTU2kc}v)kTs!$6r{Zvp*=aEHD|43_)8wkahaU7+6S@*S`kM;R-V$9^6T`dm z$9Y51lDXUP-9WV@7P;klkd1{RksY)?b3bs92OgJ_dx~?H5=HU2iD>B&4b)1%4K)qN zku4|d|A!o(s)i(mJ|a+o8R5M3+aIJX9vQTgpvjGDyF=f}Zp^6!Fvo-! z3N-d(4Txer4F&_ewSi6Cdd4w!*pbkz4q&j1pS?e3y4^v1n(85 zs#dLc_<+$F8N@pi`mqWM5eiys18`_z3JqWn%%AJm3UE%?Do*!|lvMnJ8>F&V5TWli z_h8ljoQij5i6q^aLM0qwEQ#Ms*?7Kr976v4EplZBp&Q|*Slb0@F=on>U9vI%S_U<) z_{FrIkV0Kf%gn3uqcfFkd^ZSalkO+I{|Q&QZz_cex8Q3YB;%)m0BQT*Ncf`1TzOT2flhYAzsps2JLjpNTSNH&y#O+oYn*57r3hxV1{824)oK*?=wF{F z-grUb%1Ev?hX8rfqkikJ-^K7+TAnxkno3KE6>n2GnyOSNrr5d)S|LZRZRVK>!EeDV z2pyS^GXE5DruUSG#!yZvk=T8-~L|NjFulRU2mH zM$xFPDw?|Ie19&m=ZBKe`?T)EW2S@{CS-2z->HQEbbN;(sMqUmH(eJeKN=wA*488U zNFo6cRRY`5Z4`DL={w_xLULgvZYr~1PF1}rkyRABHooi%3jVlkWKt*0@KGgA-|$v$ z#Q`I`P96gkK80BpP~WSDCRc3*58cX7bfI0&?uE9`+6Mch#1+E2b&hzBPbL&lnf^T} zP&9GW4x($KN$q8?i#$$8N;z`q+H8&X(Z~D*8IwXaad{@^$Df4lc5 zGJTx&mcWe0(nPZ~IOX?V6$`S@K|f|?Y^1}#%Uxga%TAjWY7LG=IL;D%z0rMKoAB9Z z9eTN@b64ubx~HUIy|TxjXdCTOBM|16oN`+=V3nd}Rfk0Hqc}+6yGD?Sk;}tpQD-L+ zfuI7xO<}N~yYjeuTC37!Q)?6sH53V_r!|b%#_U+1=C~$5ZZ4ss`5WTsLo&r0!ww>Q z+jrgqR?#sOV6RcZ@&Q(Pxc2Azrz0*1T9g3OOHsXuw85uSm`YwKOoU=&a3K*(3mg=~ zDq!_Lh+Vtl!58`=XRvmf46}WIZ39BN$6c8~CV}SlWybn!dSO*g+8b`Xxm;ad7+nm4 zIWTv{sPLinN#WKyJ1ko2(QmOzA+#7lE`{1c&oAPZuvCM+s?Cnz&q9)JV!?*oap6Z3 zJM@^FCJ&gyHheDi8!frWtZnG-zrXF5b6=Knac=iP!g=>#{m3ks445JyAz%r z;{r&%_gwKPyV}U8cf$uN@v5?APZ-cB^Eu29I}LMK_{%FK0^s%mfh+_Qwj148cfSNU9jDuy*;m`o zXMlZtebR^9YJQ@#m9>fOO-2l372lE~h>4w?Z*wy=HEYS#S&_Q08;?fglZ;9wruIg{ z{nVyB7H*6}%+kT2J)ZH1!l00#n@R!8w$5>!w=cb#u`yO&VX$_tySM2-R9&H`|2Sj{1(#;Zed3ibV zO;C`SSTRgc*6wj;x`Zylfv1#R^TgDWVj<&-@CYqq_qQSgZIRX_Q6mC(BC=LJhh`{J zvG!?*LhB^O-nU{pL@}x51}(KzZOO8kK&LflB>36e1I(Qk8W3IrN~O<$BrR1Utpu}j zy@o1o#PbY8eIrDI!l9RHYW*BGbUn*Ug%n<}bY1AjHyaHw{m&0~KFAe>>*8+W}aXk0?cUIU0sEk*SkAqJ9bxOHXcz-LJgE@x1=NO}@UG z65IdOktv1NkZOq>2f`k`kFzCkM?Yzj6YWjK{w?`FU!N)pJ?5AoIC!EW=^iE19#ev6 zY>QW=`E-Y40VA`80+7~X?omrt6}I!CP$l_21&oR zgM!lkB6T_V17F-h2L&ehvZW6P4ju*yD)wW*yRXO;;JRE~e0C`MEpcfLDO9l_2utk7TxXFR(^3IgDSgcdWC%_bKaEI&Hm=tNohb;!fvz-gqz2D&-31Z~F;W*6}QetG}FR?I^Oi>m?yr5nwKOE(3)B<%q z$3YBj7eBE^OzQ5+U{rK=T(TBU@AzDRrrvNmse$49dYsTr2cN$!pPxwJP8Qz0u!WVSz# z1D=g?@%$VL5TiSzS(M^A&-uDL{0itNV}&~Up^P&J*AqI?e75;|vnhPGM!q>vURXXk zclb*sUI>_lH zWwiX-{pXC1~1V_QVtL~BE{Dk~)AR*-C zqlB;eJ)Jqimdl~$aPO*?NUZ<$0wa~HHT)@)6q~sYmtS^h0>R48Cr)=s`j#@S+zp>J zFR#xuY5JJdsF^l}BI}3pTAe8uQa(E-lVfv^ed?yl$DnYUcN<5FDq5lE%&*01AR8I> zX?om_qYJanx`w(K;aecavw77!zZw`vqskq=pdL;;xzD;@IJr-5{vPo-g_QecD03G$ z1U;5^JlHG8#WSXCLV<^uAqqU)D`#(Cv*xy9D=!o7NqbOAdaHLh@Le2|Uw-n@xoMR1 zhY_Z95~j*&pVmUK0xY>>9TnP#OTl@7dzCGcDNilah4R*RV&f;50t>8Cb3X$2kZO-u(y zQI(~-x5Jn|9;24m;J3krn$)n_f-G0MjvhY~eIfMcA@*>D4DLp6za8!a62W*l4j`OR7n#;W0sGodP-uZ-#XPKF{0WrG=%96Mx2` z9PZ66^xvEQFAM&y{CS8H^RD^Fm`M@ta?2MFMHC;rQWupyfBz=>?&8b%;wRFb2_a*a z>vR|F*@n+OSWH7lvtFPAO-Q5R>Y2M2s=i|Vq^_kt%b;hC`J$F+y%X6{ss00hUv!s@ zrof#%-<{+MXh#|@-q)EFUd=A7tz~y!bUmS`GJ6o{mR@1~LkS#1GUYiOO%rF4^a;u_l-cH0z1t?#>u5 ziX{90u;6cCIaPJRNM`q+$)fHkU2m=^dmPY*balp~y@UbNC~IB^5USYJFi{ncao-hO zQzjKzFs;f=&H(lllh=+!RLfUQ`M_23DkS?;)wpA(il!KbdhHskEbFsE@$DWC*lSQ0Th<2QBgktvVZ_FF&~PS!3;5c9)s)pRE9+0Jf%^@j|t~) zZidf$vfG`w#+e&Am`wF;bOvz>c=ioB9Ft4ux$5ZXtZbP0 z$MDO`0Y;{#r;WCH@nB>pOH@+29QwAtl9y9L0EKC#k}|)%Ago`^+DY`fzaU0mC$1Kz zcsdzaRza#Q5dgY?C3~~C4m#sLVNoKk4QY$O&F*G2K$|z&bZM++N^0X`1sKgX$2I6Y z^|Z9#m%EOL%Svx*$?T7@r8IyoYNAolm$%0jmIl8!2Hi7}T{s-Oj5}7~#*auN^h#5( z&P=$CCZ5+b`R>WC;$t!FNAqS%%bw40bEQFH1#7i5HPn zO-7_xVguCvhc{Uo>#e^s9qw)7*um7W<6|%BbBnt1hmb&`h7u6lPNciieX< zXn`UG;&Y?xK_PLUUUYMJBi3g1_y63?om6)m^VkX;M3A_CGmKxrVyM2`q;6k(_M8jr z7Fq!tV5Xk_cA0d&I``eXVC?TEYuHU2Zz*JL$^w1?Tl!EpJJhGFoYbC+-e|MUwgY4N z?alsPmKUW(s)Z(nS3I*AWA2zGJmpGs}et zykb&#&zU)MN`j{}vit7W=VMGKYaQ+<%F*$nnH+W*K$`Ib{EB~)`oo*hNJT|hQ3V91 z5y5t|#n9(1z-v|Y1+T>fuFLxC*RMks0vGACm)=7CWR*4vX4{nt2aW}- z3#^cjw)5CeWpIs>TU#5xEAC4$!aoC#lcH9`#42wNA*K_bi_CGtUD+jgs0})#nDu*F zgOaOY{=2l$cNr71I@pJE1I{i_m@&bp|12ZF2U%g_Bh7S*-DYvU$DvOkhLZ+Aqnbv8i&Ss=7@-sSZVg?)Z6Zr1=lS;s7;pi z6(uVp6TB0&ngAyf7RRKyX8D)!KSqSnFVoj&&w8!zw3<~&kL{Wk(M%uC{SZ*7l(vC8SuRA+<6@()Ca2Nwv&HwNCP2q>*6aXPIw@k6;nV> z)Z*^J{KMmDua=28+bicreZ=t=n1UrIp0I(1dvZfVPu{q31m?lwx~5q(%+CuVNJ7nL$x9r z+E`z#na2^E?|Rd@P3*fT@l?Qq=|#YNQT}%?V;~M*RK-NXT_l;xlIXU@s6+Pczl-s9GvM4LsSF4{I`bm~>L8yiL~ zB>4EwXi8A8bA_$Z!{qK9MeY+1DxJkwh1vU?R0bjXSvy*894BCt~2 zB#7ZRHV^C9y^AjV#ID*Y_1%qsnoA{>8S5I&{0H<0K@~lArQk*4qc)$eQ)gg6P0rjc0*hA z+|Sqi=8yYw97eB<_$2&y@#Wjx-G!w3oM7s~l_%G?tT<*O@x&pAdqPb2mT^T&!VZf( zVM0Q}##wpZUr>n7ZcwEQi7BG7=qe}@*x+?8Nno|&gPiF=?LF#q+KWU4%QHT+E0T{+ z^LhG_@;r!#hOf`$lWVR~#abj)5!tHr z#jbrbbk^T#*~F`8Rqj-&=GBHjs(1YpXTpD8fE8*i(GSScW~wV;a~5jRHG}pZ?reEn>mpa6?$s`vzAWC0tdwylI{%%J|2vypmXn zxL4aafhIYyf6P^SI{kRcOFxf+9R;Qzpbo+={+vKq{3+0I*pa4VzAuH^@lSg zj?KV!XT}XoRd~*fKkrh!6^5>@8d94vwyD*gA!eR({0YQsyrimS@{)tXVy@9CT@xKHD^) za~KEJ8JN{(r;PsB3cs0B#^%nGqW~w#77&I;6)3nkRnE5}oPE!?Jrblm`NmQ|OrN{{cpJT7>-++XCU}IfftXQ6uH3_fwD(5R~?6fIU*w@qI;ZrT?P{b?!Rk$23_?IgXIJu))hq-8aJtsbG}ovdx{uy5k5BCO|Jb4vUxM}e)<_-9;V^?`zc|K2%$g6abn z7JTJN+vSXGsx)1<*yg@pyfE$w>)8C_7rpAM4Tab9!b-|~#k4XqS1^?VdwB9lG2#>> zzoy1nOjq?`T*?F(Jf*aB7E8kUs|Q($^m)T42nC^#3FVW19{H|J=X&^yfMa;vwj;Vc zDVz;3;;}gfR*UDSj*}&$I?m87)s}!P2?`kL=`?FLIz$W%Ri-FcHIT990Sx6h3WeAe z82>qj0P@T(LQt4;t3Etl2)?*H{F4;i59c(`%nJMG@kok(Da>zmy48on_Y`*Udq{$J z>CvHDco_6GXG=-KmrO9?f-lpD(4~gcY@26yX^NOOuf^u)uD}iV>}?&4GXjklUVe*A zaaaF4*7Gr+f#MXTgp}}d;wa{=Q3RQ7fy}g}?MHBlZ0(Iy%;~XPYHQI&bA!nJ=n8`(cboti^ zxgI~p<%K|o;)OHh`*g}5;NHi2u?co+OQV`fZvA@#>Mwvjfd+3eE6B1A2<1jhmO1G7A3txqMlLa=pSC;h&^EINv&^$L|I zmRf*K+YZS*eqmB$uu^(D&M3R*O8k&G#s=2}@@_mx0%*f#XLx@%>AwaeMB`i7x7jY$ z|6JzW@J~zf6d5uh71Aa5gzI(iKSWNL++>ArZ!hUyP;3o5cTSz0-1PA0Z*pgu5Z<~F zHZ;ehQq#OzKIvsLw*MpJeR;gl(;;oJMDgYK?TYz5xy|ERh}M|j?f3iOz}K`b`f_C< zv%OF{)bgQy68e1C99-;}u@jHi2#vPJuoHIuJQP|wXx6A+>nvcM9&KZH4&|-#czK%1 zC~QjdtfW$QtSEx{Z$kQl)^gR^C5uPCYp{7zUVHzW5`{^zmW;J!Z$~2%^jr;V2*pPp z)$C~NQsPPJvvlwy55=u11vW=8y!n1xQBeT?Tw-ko1LBZqg1q+>LYI*d8NE$qx3ptK z_tjOW05qAVjIcuq#>_5|wlgD2_VIk3^<9AD-mqD4+1$a>olIdew^Y4a4>l_x0`s-l z2SQRnmPN3~ofx+*4EoG|6maVHyVxZ)zofpCzA`%{5ZS9yB6c+*zq3dPi(a3LFbPN9 zu8(otn<+m2RQ~{zK>d7%oxa(51Wa9n(jgu<^o)(zp^#nYmn5h*KliF%HRriRb~#A| zM*zWu+y3O_)T5_Ch2;^`WmrUf614v>Z75|^TwjHU!dH>oV(l%buU*O0Qc-}E1ZO~z zbRyQ<&4|7<8x7j*WC^`Bi9|fv(o1=C`vzI708+&d zWQE+A7L0Ju4O@0?n8c^uyXY^5m3jOfa1AGhW7lSbqIVzYoz#=O+zvt4*G~XJ)Ov^f z(idi)^*^49?$@t&cY->oU6X|W`f4tD>I4+j6{PKurP#ppkZobYVnoqVaz%dIXC}WgLVPY9EhY*qMPqd0ggsr?PGhIbj6w3s8=93%P*nW8x^{H>et_^P7#} zqWq_z!@Q@t+xl0{T(ivrqxa62+`T^ffVa!yn4dh9QM3vOF&DTIHKaH`DG98J_oB>< zG_($0;PX#&?2qQ$*Q=`@xa$#oqKnE-dowa@%EN%Fz4vH`+qG*iYh!HLSoJ9aPtJPy zt(ZHgpClD0ojUWT?c=VYYE1!ilJ;F;7Lh&` z3OhbBug_shEWQV=YFBdQOzmvf-`Mme9XgJh>+h{qPcHoQ=w{{P*9V`c_~Y}!EMBqM z4?(X;VlC*``%pyK&**@F5IjjlwNwt|4Z6nlc9`C&fzlBxq+5d|&y<}iLNNoLp}&p_ zS(AG;ey%(cO!MO57<_bhG)7+oI^GtMuj?v0ieqLkPro())o3#!yb128%4yMJMSeI;y!@WR@ym8y-JG$1<|v0 zqDexbF}>TuWaf{%->$pvi^|QN{RPbXhz~1PQ|UyiyFq7zs)FNey{FzZ3eeIR=`=tD zQ6P3OIJvipasmU82LZSntl{%nDT4@!@9}Y$n$_tP)NL=e%6yOVpEwx#%gO8kF2CHw z$70|spD^3kVv*at@#=(BcwI?h=q_C*KWZ)WUE1d7DdA=(P(~^_rnb!0-CG&C z<8j>OC?{DCdOlV3fki2fQOOxnOsT4tX60~-twh)y!iTPYA#MY`FF4F;ur*dbzQl>^ zrm(;sA}5t9coLTSR(6_s3aG;C)Dd1|!P>@$|Aq>;B|UZK@ob#(b}6tde;~MVno+?I zZ?k<%o2+jJ5`v}y7r#$Jyx2p$rT_fHqFBi_Xmj2+iYAz}z1(`pzGgud z`YsIx-e1$ZJz+&kllo@h(30(P#}~P{Yd00nCvaOCUB!?{KmJ=MpJcEmFnuc&Y1667 zE)QQtAS+I!Ff6R<{Pf<&VZV{HMxWdU@jJm~jJlalWFpNkz%&!S0ZMZS6+s3&BQMM& zauvc7acB8uS5M*znFe-Az+PGkxY)D=5#+}va`9r;3>;Y~670SUnY$mw?nJT0c{CJ z0Bvb-JF0!B2T4hIaBERlJV3%Ybpk8JOH`FyaYg4iV)F8}>n)gwSrwopS!Ex^TAJ{Xf?7WuXvO+Ts4Wmi6odnh^w zRMm*eXStAWk+Ub|SU9KCRf^EhI)=j(SyGU~$7VIcK)_IE9xX?V@9rz2XZ0@PnoU{c z3zxWjDOj?cWV0VaopdHz4ub5aTs5~;F0HlMW@i#b4Q^zP*zPqKo4X|4d>p{d6A*B16jdcFv2ta^FCLX?zadwxZ5K%|73QL_0(lY>3x>_)BUb>Hs|!f@_~w2&J?2l8f;3% zQkcj5QKQmmIuxa~Of$Ih_Bs}&2T%TM6*%fxcaS||FtyJN7dgDR$Y!cdu94wh6t62swZNxm8R99Q#)Hx^R!!KRVF=QqhP|+oHsO&$kM)LCNQ$8l#+Rr-&b11h(;r+ zRa40l5wb-3sWIydn=@@}toGPBJCx$c(6zvLQ=4u+DMdmo6Dl<@ucmR*wc?74p;*=aMiZ(6>8F` zX*UH-8q&Lp4|lJiEu}+F*BR~P>2_{&t9aT(61c7-j_(z)(psiCETWA2LU2r6);iBYrJR=3nm8W2C_!Z4bdR_~Z6~p{kx;yO zE}#k3X82XQ8L0X#M!kRbGuF0J)~S;{24`qYT&hoc$LMbe88rrA-6=gH;s|Fh#kqUl zi|IE*ern!|HXV+_SaCP>UitxpNg*B`sh{u##8*%HNmL3bK+0iR3mEr%dAcD%qZ5kX zGO6r|z4$Fz(X->og4e`*p;IwRQu>MtnfGMWV8Ishl|wRgfcAGo%HVN=ZGxo zJFg&uAYKA_b!HN?LKLt)&AT8}yiOP#q|6>UXM-2DSpvyE{osvL*kc%aOFVT`qtUFAAfAR5w=ZaE) z^A-BmFz{`vz?ZUyT0?w>z+fF!}9H8@s%Zc zf_Wg;l?q&yPi!T37x+JFYX7?@vbp23Bz4X8Zk9VHXtFk^Ro{RYez`0dz>aFHGFe_9 z)?q72uMQX4`3}}J&l`&DdUDfRm(fX>_w*!yBwyJ}^Hy+EXbDLnl%X3}6(o*$@EJ{; zbN}7H-Ph<@E_AQcK`W@Wp$dOGWNH>=dPIi3zi@Cauk@Za6CCH)%KQt6nW0RqNPNT+ z6&&kVcJF4#=E22+kQd{f9@<`Yv4##HCPOh>bJv6d3&79P$~ptJ0UJW=FrHRJ;q>6|zx z^pO{dQ^{J3>=nW1O~K{fV5ID+6QU81e1ldJHOmsP!t?NMB2%hGTRSbuP@JMe4v*c= z4w#`l*dJ|ZD__^YTIr@S5uV2MX&VM_%UclN!%UQ_s zirK(4OS}&EQ2e`!j1(dDt^5XO6#Q%I_H^XX!E{AmmGs7Wv~BtZyRZQjHSY@^Pj5BB zqG{~?l|Uvn8Wi?}!V{@R+z4FR4Bm<+t8s=N7zC<-Rk!|mW}Vtu0YI`FvJ+u1>!JU8 zeL0iEpoEdto_yE0fz+6RW#bvjGa%Q0`E=W==C`kQLh8tQW0YCVGPmE}igyB!!@t4z zSwlcBQ}tcC<^{>WbQlC!thvPuPb7q-MjoJS`e1S)up8+3cKq=k{F5OMa7o? z0n7lBly8SAisb=6B0>W~>W5+8_}Q>fIm_f9Z6ZA_BVaqtz6+Tr`;VSdG9EEdtoQJ3 zn!5N=QX~2^P5s{{c~&HJ1}J62=o#L2<{c&<7~v5aaVMXFrzfes zUCJ!}rAXkS-S92Ftg{@K@=Ta;HKULwbiIlQb?*%w)2+A2-zE{5MC8RMjY0&z6A^tQ z_rZJ_ga8EaCEQzhM3ZiN&qxvz>fWOMnuS>f5cYxuw}s*sy~F6JgT4Xn@Wm#vcpC#{ zQ|P(D_m&@8g}%dL=Y;;|NX%f)EErDa2yEWMglz!=;a?Xlb?X`Jl?W%D?rp*j z&g^>k(P@-AH!sW3`mHOX?^1dh${s|%61Qdj^BNvRM?RYb>x&S9!&M>PTA69 z=Al7dMp&sz*=r2xj3{vwp41i{N8Kj;$*za?d5U%-g-?r=L_{En6^M` zL3AyZ=8*haN=rrL{7+#W80PBy^Y_yJha5&Xf}aTI*Wju>bup z9JIzxinWz5zePP=3M|Wg+@ijQQ8;FgJ1^wjiE2vc-jU4=BY#oaSKzn85?f3ZzNSzZ z9g#GMLr0nVG!goh>FYx|y04V)Kk{+?hlhtF7(1w|lB8(ihQ;?oT`|LVj0q<5pqW;U z&2X7pm+985EyAR4zVrBF_JY5zpB^Q>a!vVYkMfdEyu3Za@Hq#>%w^w4lM^+XS<7)S zJ`PdO305K=KCg5fszu;F3_YAQE6HJ-UD^#}MUp{Ss49c3*)fxSeU*Ko#b?|_HsO#BN|B zl3kIKINp{N=hIZ4{Zk+>249B96;!=Hb_3`5y$WzyQ#=s62=^OY+MN#KCtg9qv5SW{XrXNWgR|aVVWw z#9t9N#CUfin@TPOrt{umcG}e+t>C097RV}O46$EqvPtFNlU8sx!haPYwRgt#4Nwt& zY09*TQ)ez)!7FS`G|Bzcu(i!+XK;9Zrf-B6*_`GjaQi2?*>;H)W~aHf6Hao# zT~6*RoV~Ys&+>PrDea*!USuD8Iz&-*vqAN{_Q4&m9qgDT2Qf3v%+cGxL5{LK1*wWV?6JFc1?BV0*r~P3P<*S*c?PP zSX3Ed?YE^WJOxOyNgdcwLb(i;R^&c`MLf2+g_~9-3$11-_w#crI~h@7l8GvLBGaqQ zCTxk_Qw%=-YKK7GH||noZG5u{8%>Q_JylWa6M|Z7?xMxA2a;VtZv^g4;B7F)M3jE2 z4y75RsN)zo&fJG>WAAo;pfCNioGvCjzl%lJpe)@5C%g=o-djGNw#;Y{RGqc-e99N% z6;4ou5J(IM3gf?qSy|2ziK2Ao8RX{H-~DpM^!$wU3pZpakrc48ooZmOq3aZSQH31; zr+pnHEJ<}tDU4nI(KCg~z&AJ7FMy<}ZPkab_B??4@|1j~3 zQt1B{!t;vzDe%EzIvOF+U_>TkD!1@I?J2x4K&)1%-kK|JkyFM~p<#poSmLuGgLd>Z z&Pu-)UsmIr7Yy!gZPx22(1eqK;RQ5wme;>A$(Y}tR=xS9;8VDtBV{Wb;(;lGH}bN> zRlpvC6PhL^r2}uV-+Ar{o#!(or-Z=KVwJp6_dblUm>2vg{80qS2qXqal@TY3X^Jk= z#}7n|8JR?k|3i2qqCbT_Vv-Ldcsv6d@<5CBs37x1E{!vap@kfa`>j}hrwzVIanP>T zD>9fhi#I$olJ$=OHhee#BXhpXef_lkkl^=+xW=f+U&?UzVPdzKa3Z*YY2}7)_eVxk z=H)zPs;;sBDU$!69J$;a6y(H1DyjTI+}t4BZo`(xqjjCjUL-N#_NnAL7ABXcZf`&J z&C;15uF>SpPwJQI+wS6=X(tFwG5T=ri_w?*bgAyCQ@s=dm2%c;Ea3{Rrvmjf*AEH{ zZ|*SawQHIGSQtILLBbckkrov!so#kEzn0NN!q8r2Zb;XsmE{%a(!z*~3;GR=VJ_gOYW4bAEa&=4R3mheacYK-pRyiDCUHg7a(8&IRl2p=pa zbros)W(W-3fa@DM4Uu+2xFI0i2szA)1^sYV&hhL3Xpu;$z+tj7956 zWc-|Q0yO~Q`91_LB=Sn(=2O{s-|hUAmj`{KP+)A0b@@HU(#P5#)MS!|UO&PTI(AX* z-Zd64-1+UC5Spfhb~EpA{8sWYFdVdaZ&4Tarf$cPv8af61?%h+*FH37Z8{$#iXG>LG z?}_%%opl%SQnO>-OD?IcYQE0(&-t)jFkLN8-W7~s)jqH56H_01AS$Z!m}Z;gw7o8O zA8N8T@>QWl4voIWqUmONcH7ERq*Go-e4(*onECD#oi+MFtqMMtUHkG4tc&zYhY?r1 zCbdHEr7NO^Q{FB9H&`=~0Qrc;;I%uN2>qFZjX}e8ct5kIB^x%V2A!OmrRp_{_nicU zKsn&CF@P-mBeoMP-y3~D30qxvnBsXK&7kRYxHfFho?B{t9tpwhRS?Mv0R?rYildM+ zM`d^BMbzRM2^YdEa>TSrWMhdV+pT7&_{}V(q*X~}Dq+_p2c!Ru{Pl%&kqnz`&KU&{ zr04&1C7*Y>Om^;=?Q=D>b>#`70>01sF2oF?bMQUT$zD(-jL*Xn3;z}Xs&am^jM%O9 zbY^8}Y_~Wg4C)kB_317=idBD(a3-$$5l}Zu?87}IkxBZ;@Et}7$R$S1kK@#Q()W@i zg8wNPuLeD;mwS{{kW_H$y>Ug9x}uHS(fF6iuTK-M_rGfJwz|_fZhjy>Cx%mAF~nh| zM^X`+!nOOeIzTcxwJrvm)CutfzxzrT#UTtK%L%ld)tD@IEtYqqNnXD*F#`K8)>#c- z%M#pv!+CmdHEJ3_h1b~p2@`Bg|G7p5e}8o}5}Wa%pIV?!>EuwIh)Ki0#mf1!K(<9) zCSeWB1ohcII0%jNz2YO%q`j_b6niUQYDI*s%R49SH zQ*P4uDl&ZrTD6`Mz@3OVu?M4&Ok3M+nXy#U<+8S?BJ-=UnTmM|p!EH;mq>g+g}zxD zqd{lL)J`Z*%#xITt4b(@VwWX*l1~FpceH>E&Q3bixNL`kuD+~x_Cn^_GY4Db*fGR; zGn%tqXkT|1KZ57(@i~pZs2>Y0oY*Xn$Y+RmZDSZD7J5K2jC>OZa(iCP_V_Ls2Qol9 zFPOiFz3wNY)ZoyX6_ell@^|;dM_z@wVMTY>!3duMSUf}~rl7ERC=%zb+Y^|n#}TYh z3XDPrSpED-a}yjt6v4_h^pq8hqDbs3Ea+qp1815oCW$*v`#$KkVuX`Z_a>m$e=W`l?J3X!RNcohvmp3xwvuT(W;N-4Io z*ky{=YN%f&lo5m6MrffPGXx8B{FHHjJa?*q23r5+UGj6^TDNn$TC-haebCH8Bh_d9 z+4dG|tq?_R#$Tsn3+*nQLckmG7oic1ej_D$I6_oOso58M0zqbb$j`_jYKXX}stqEJ z53%4EX-H-jVW}B^j-?PH=snCY=EW}Z%#xpMBYn;YsacOh4tu9MBm^ zzRb-QVtJNx)49tHH*`l=-P)%QBg18OioIIK@>^WX5<9}V)Rqv&NE;$K6-}NI$^d|D zf&Bqne3OIYsq96UAF&XK9rneD?=QvVEjPyMiKQgOYpoJbN04i9)3vUTxMq*r&K{uE zx4A6bcIEk98s}W+E5D=|$lmlT73E5Wq^IAzfuG#Ggyy@L^=o4oY!34~{LPsl6h|&2 zU2b`f!@f3;t$&~QZqh!!ulePhft{h)nu>(u;4IQ3>H2K6?H(*S>3JCz0QcWW>lH<- z{dW#Uas80``VA39h2W58P~4*AmQ$oobzfjk8(&Lfkj$JHDNzwBsGuF-cx39r5rC?2 z>h|CMoZrcH77lC1oHy5+7Q+1s#ve>;X@zSFln2NdAg-cL+$QNsOaJCJRsWJv;zub; z7{@ApQw;m@3)gN!b0~2#F}*U}7Hl3Anaf4WV4)&rGb9Ee{dpnBha}S5u;dS8NkXt# zNmy`-{cPtZ7t*~K|DjL7Vk^myW(GbQ*m~rfcI7R=7eoXM3(;~7IT%b#FAM311Ga^1 z1@1-^+8;bh7MzKW))F`PJf`+bRB45+U!HzKmwY6{Yd$W*@j`_fk= zOOFk|tNYub^MJ6slFw^jcg7+&%EnGYyzBS4Z^>4_| zLJ?TB*RkxHI-&DjE^0mejrLP1$+K=!eskl;RkT zRT6jZ_o%*_ahtOBWtjip3&5P|H|eEl#ytn5Vf=>-FPBoSx!hLmD93_NtF+p`7~0iTLj~j=hS?YG+UW^k5$kEKw#8 z=h%;iG(*(uelMBrPBBNYDN55TyOc5Rsqxh76I1Ss>B<+V6>kU%-`=}%j$VvO$RDXJ zq42zuclUvQ8-zLf9qsM5Pxn``K_$c%Y~Pa5OOiGoX0hz=BX*TPp5L!i2Y;)jKT#eD z{|l_}wc5~C1NX?V)Tj;P@lH*f+k|m0#yZ^QyGSHY-SjJ%1~{-nJhE9y^v1W=qW9ht z=IBB^B~NBEx9^tJ3M=Fxld*fLyH0 zJQO}xxvss(j3Y)28O`$ljM)b1Tcv`wa2aY6ZQ!{hXdS_@GBk){ zdCJ-}_fQ3fH3b72>w=&y<#7pLzhkjm>6?nsc5QTWSTsbgbeq6(R0cte#HQpQrWw?; zIG9VCz|!2E!_N~Znlu`5?bsqzZ;J5fWo195ZmXl7R9t`o&47DAJC|=8%-SNW?ekF1 z_dp_Kqj-4I(+F>xU_MJESeT^-4_ROPmjtFv{=Q289BK;5V}86q565T=VOAQQ1F6*v zj{WVC$eN*%_R=TAw~U6v4z+$TW3U6`w*@p}vq;sKq<#FY!id~Ro?_lo{&NnNZ0Ee-K@ObL9Rm?r!8@30N76)6rz(LMWoWLw_7;$7My$(~}=ki`-s)!&YCWfLR$P@_DNk! zr2L9TWURwFm~tpZx;j}7o}h%_I&IQtn~PWMTE5GL>w14~leJ~tkC!;-PW}G~D?8s| zc%aKST2mB2);R!V3e>cZXhs!$Sel%8nP>8A<5r2j62BOr>Q912J=4&oZhpp`C?Ze1 z%xJ_pr@ufVn5_Rhs^&~lSc{^4p^{YFGKDN`D?kuLS_iziSC$X|R}7pHQ*tp$gkH?8 zR@<&4!VBa+et9}EStSRM9g4Dk#zG}rhVvu8eb^Kztk{pm*^ zWl@yuP}5*&5Qty1U?NcjdB=Nk)pqAboVUt_-*nIfdXOnIsGCZ~@2e9myvnUR*w8rl zR;EhxuF@_x14_=`T3({Pzk=xsMP6kG?_J$2t%d$*Vx-|R0+|)XO(_94!@UEvL^nl$ zBXEChn$+QxN3z8$lPR&PCZ&J{#qjl+8b;>{)U_eSI%hlEVxkzx7%|x&1+o~}{;4OA zd1tLi`B3|P`yghp!ep`#Se(LtQT0>o7rWQnXCW?-0uTuh_?M4|b&xw8@IcOad`8g! z-J}sb33Elz;|Ai^=w(4hVN!(8%M8P)M!+d;CB$vFuU{A07j!rK3>~AroO8~lC80;A z4|2Iv`k0$|1>l~}9rl{K*FYut%7doBMk2yJEQPYw=r51RVvdN8U&~b|v@TB7$Lw`2 zw%_((hiaxm@^0AZc7>54a(;I|-j7kSy)9O# z%%CXFqnf(Jn;BJvG*x44vsK@;Yn|xbSipAP{EP(C>?aC&(w)aZlnK7CeeYMvAGm0%sujK)3ik<#8 z)2$%v-}zUViG-i6rFM@@64bnm8P7TZoo_FOb3* zHW!L~wKbWj{Jbz63zR<>EAQ@1Jp0s#MEnO;B91@wZS76Z%hUC%T@rWr*{+o!1wqy@ z$;=~gIO_Y*6@KFrlo%qMa@N_Xy--h& zKBIiE#!25I9P0EG94J6Hb}2wMqxp3vV`tN}37AM;Ev5URhCS=jSBQME+&#+?yNkzu z9+AeBhw*=ddS+_aT4rH^Nmc&WD|Tb?g}ezG3>Zh}eA&x=-s3@T<5&O8d0^eY9hZ3% z0=)%8?x&O7T>AbhV|STZ2FuxNo2Bn?(5VhKp?$X63z0G+T{z9dL=^p&4*kxn%AH0- zM6bDX`71@QrT0Dg-OnwHeEgt6)blqZprUv1D9#c=njYtBFOOa#0GiDkShTEeX}Son zxaV))k9~t(Kz@##?U8a$&m>V&3*rd3xbx2>_0o5xB5+7GXYa@z;ABWPNH1RlX`g-y zJ_hS3{HuHS(q?UG(RW&R?^p5|?E&$tA|7+1&!`KhN+0byAM{%D#9in8+ju*jL1jZr zwufr%`R4#9`6tAjdzN;W>XPP{mI{vvc~}vpZpRv$8J3&bOMt7nF%*BAFH0&v1z%g+ z`~YCTjo*vMzO4>1zx4grzMY~29p0F;;%QOV8G47#7nk+yc3>g(KMKG3>+<5|Iic;pm9+~!)RJxBapzL3L!#LC-T(-JSh zz)QGL)!d1g5=n*@*^`{1Ou^39t;WuvpHk`Ji9$rPqxwQ+)4l}<(a2CvW&FC0aZid@ zl>73y8-ZJ2>=StP&uc#o(E6 zsd={(RMXR=bQ3#YJ>>9LP)J@kG*~GU8XLGD;OkRkDlctZDGE>0rGvki1%h|6q zUe+EtLB7j+zh=ob-)sl%*P37J^a+k$kZ6iwwqjwJ8f45Hr#7-i<*-4R#ka}!%GJpB zK5o;w@)H59q%!L5i@agyL(C6)U0qQS5MU(wRkTbDX5#=fbW4|G4@PO0UDWfOVuQ}-)`dk(!@e+6A#>JGM2keHjdN2oT2u-*?vF9T<`T`xsrxADOb@vR6#L< zJ6&oZp@COC@Q{8-J-N$L?1=7PPer)Vbyha+iI&koFn1I+38~ptANLjIe69<1%mzCA zJ3B0j!_=O~;){RCOJu@aJ{3dZ2UjbwwCAmQ&j#_)ESpsj15k1pG{lF*8hisDCuJd^ z6h`FV%k$ybS2U3zZ}%6&p(t*j$eAy4;8YDJU3dQT>G3S<{m1W_oT$x zsC<#6wx$mA`mcTizy-pHGt6OO@bL1Q@V64R_KxN7G10J`pk?~ECPLbA>PIHxBb1El zA#9T3>3rNeR8~k0f9WTQ7OgF+w2aT7esr-4n)O6z>PIPG37|bFusH0x|w2{OUKij)9;T}Th*uk zt|?2~944Iq;VIyX?wE9QVjc^9XZ?&#>R?J(Fw&SThDf)GFwH-&c@(Zd+w5a8YK$Zc z?XoXDf*dvpt~HBJm~HKSYKYVpf#Q&L+@qZ7$Fm_8;wxBnZ63YK=pVM1+=}HzQPN!j zMT(%1SHkf4YxVVI6RR2#Ufv8oO)EyG)-L7G$`y=0>UX!+<*gx=ca)STOW!Azm?XC> zH}HFQK@2xPCE+HxM6;pG-WN(t$RnpOK16vbmHfF^ZVju1jb?^SBAljqxEvIVttQt* zZYw@;l7Kn2^+O@3y<}sIOe7*GnIb85&=`7gSvqPfD^e1qH=7g*Zk5V8bUX}o_s@CK z#k>)IzqmjRK-xu?K;H|H5@KBhk>xnv@;C|(S(eRdP+_sAqQi0vx_yo*&%FO1RpYSliGN z*+LB^bd$>2f(MUs89oPP?TqRwi*%GM3o;4{-|uW@BGq1PKdX}@STU>c<~zzCwJ#mY z)atCo#ALh@mc*hd>IdTQ1djOiC!$h|=pi5uXUK3ibG7wxgycEMhaxo8=oU4tRt!Zm z&hAD_^>`ZBNYbSuMo{Dh^24$udHD0M3y9H1EjMf4Io!|%bW)ZqPfh9b9%4Rf`5bJy zzSOaxpoo6$wlYFwz*-IsEk{g5j1J-tq4JmH+d3)>r2bR?w}+$O86)BeUW^mf1Pr-TK5x>@$nhA@>dF-qrtPx zR~RqT!QK~}tvcXDepCrfplg7!vNyfDT8qq}fIQsq3zJDXVA=nJPuPrwL6eu-%d0`Bav%0MeskllB8kqH@QLa(Kc zjr|E9<`$E+pWYFR$eq3OXz$qVWV-1RzFb~mPxGycmLep{j5@bMH6s1i&HbsN$(1NO zZX(5GXTFAL3Tm{Ia1IG%mYqoka^9%}!a4xGQQ&?4>LG_YaC* zjBMBeZi1WpmC>&~Z~Kf$>-NL=qBK52Rxk}KB~JXY{aPSM*gzpS1F+O&w|fz46MQvw z#Sl<|P?(|j7OOY$DV@eCQUltC`p2B7>Lk%hp@CA2WP>@F@RpDQj4@CiD>`S7oIoY* zY*GwrtJ7wIH)Au?&}{-Ld_g&@HvTb~IP6Sl7~eiQ-3fdIS%miCT*DzBZUW_R$^ISG z6|F~B6K0u)gCrtzvKXkI<)^6P7$;!t0Qant;!dl=4X}GYfy(p!SFPPNwpgjPE5}1! z(yf~l<6$b3h|oqR_*k&rKUelg;h?a4^5^HjbiSIjqRk^TDPq&+FA*B4zqu}u@qvJ* z`VxhZ+1J%wV|G%Y`m8N?u(odzMTbUUVF7-Nb6TY+uxdG~!JRRxL(l-RKU2XF)gx8V zXw6>5%GPxnCGbm92G$65u7kI6k;ftAjQ(_KC2$D!N90}OodhlxqYO${32YD6`TTWm zztY+Kr40|k^uIr%jX%(;|NMWmO~Ds=YsNM3$Ja6q9n=%ofYb))dDVU>Q}nWI0*@jm zfr=eSg+}iW(TpsFR~9ieW*<+4L2~`Hx~Cbp#nR9WE31Wvri)6)19Btv6AyADABd>8 zWw%-9x!CnjCc(6q9S>@qt(Ogh>=&iR$XJMP70xD{Jo(VXeD@yb5m+an2tB8bANKKD zeTym@ZeBc*p(aHwxrZV9dUX@Q^KK6^*G_MzihfKZ)<+|sZz=k`sJ@o?yik_l@8PA_ z#F|O~DvyzB{S%EIB3hJ#elZ9AviIj(I?l1k+c@t_`GB`D1xI%sgq_SN?OZ*%M;UIA zmOmhSN!D4yu2`h`}1Q$0q9R%HOLYUf6=@09{nuJz+?(U?|41RYA>-LLp%yLepO zBsKGK0NHkdCO1*n>M11YcD(~V(neLX1i|0+J7puf{+|Xp&^I-foLrNsV(k{_s%Vn!x9A9riIiJy^tI9ISVW|v6E39NJZ8brn_%Z@;K#jHN*GOZL=8|-@;j>1tgl=|)nGprNS0cj zEyTA}Id9k2UXJBIVk~S7Z3Y&CM^x+p#m1mea1JZNfymgp?QVzRY((@hhD*PGi(8tkU$g=urn1>%wsa)4h0~%< z@5=M=)hh95#ofm5C)utzNapS+s%A8h-7DCBYjqZ^W_LF(x%@W5IGGSz_n06<-VHCj zWJ7a-@oHFQdr1BPOi9jga&O}3j4r;<3bo95`FAAtKd%-5@X-Rl`(-+|1Im(M>|tKD z(g^NlUGbAu<5``&qogEKz!w^usX%FAh{0Lu7iTRN61v)K|D^|i*U_D1$u}=Vr-l2e z`N(+|9L(xpEV}}Rts_Xyi=Q*jJOyBge?mYlqa*Rm^|? zT8e;hOr&?8)1zb%Il2XiHv8$QthhsjB_N1Hp3{mXKfi32bKdBRjI0QG%&7?N^|Aa= z>DKZ7u&UPz4h`>x*hj|hzUi*}%@IlC4(VS*HuA*LcR7i+p@(li*WVBoU!p&D@Z6?* zgV|U?7g{$4^D`f}@VUOnVwZ;Ibc@4WXX(}%oSRYoI(k{qNT1i{)1xK7|F8rtEq|m$ zNn>f!pSWgTZODkn&Imot$ZZN--YF~!ZdtYo4|(}Su(99N8-g_oA8`GdX%TUhrFfLF zUd`O}mId@tXn4(qIAz^$2IfHjky@&C+IV$e3*Km*KRWBG zkYxrcii-8bKb#4i0rKp0zg{@{6AVOKLHlO!311BgdYvwshR^ff!Hm?}?g= z#a2?rGu#@z5nq0hN!^6!)#7SrLJ8S&*HnNtV#jnq$1i%6N3i&ipYPLNYxIPOqVQSb%VSD?>0is zveFqj3zykue7o4|IEtxJ^~tf9oQ#9z~nEfnCn_5_cxLr3OHLJ<;@ij0hO;(NRL zQ?Vbr75TmEL|q4cwe1H^iM6_fR2AkhNC_JG4r*!fNSFYz!^zbOdq6V&na0&~r965D zdZB*9J!*HTPK-&>=9AYRw~r0;0}4MIp|X+{giPdKA^n8Z9MetgeU*-dk=bQ(%Z&80 zrnvY=JcAt@SfO~KrHVT=cI=Jg28`do1X|c#PU9$k)AU%F354gU+F=6XX*6MQ;mNwF zsHn8HiB+IJhtwzYws1N{9{VoKhvHEcv&ZZCZ3ygO^W%JTCF}Qwg^i6(NR4vzHvw)$ z;7v%h-Hp_n)h&v4G$oA4JQ_rV8t%XMI`nut+Ma{mwp@eS!ARmBP%Ox(uNF22qau82 zuGNt_Z#-%|!*j<_`1@B&$S~||y#=al9-hM(Zk2phN5(sKL`s45w(VHBvL;>G#tcUU z@IFruc0ap_X7I4ulsT1B^rAJi=O*s&7uHt7goXX~m`5%a8*1>d3EWhA_*_T)s9fvu z@oDM4hOciOG9(I$SZdlH1@Q|O-FlK@Ls+U*%KQ3A_9VV`$O%{B(#pd?^;5T+|7pCr z@T4edvK+1UYpKSfdL}r9mMBhBYhY|=Hxc96MQwvdj_IohkBJBmJJ^r#Q8HPpa~ytk zbXlfyp#_sN9;32GakvBrxwz(Ne#QEO-CU4Nt5<&E+h-uw0?;pCd&o%^Wpv|yPH^bC z!{is8(%1{pD#;yH6f6^tA1_ zULa%jrP`xVPgLl?ZijmwPT}uy*cNho%+7pbCr#7hE@#}g zmpd(GoXG{zP=&ukO@4 zWSxzco-CE_oL1``F+lwwE}@;Z9cipD778-)P=9oYu*N~Ru+Z2#gsCE&*T&>_r5dL- zD}dA0_~Tw~O!D)$y#Odmx6Y@U{i!LlmIIZ`ArHLWCEfsI7E5z+6|9i zdaH#p{ERqM_x2R(o%{P1ybm&q8|J>S!nE%59WdVNvsR0AiI_STqo!*QyIcRKkM$mC z<*`}qJ23EL=SqxqocjvFA{%-HG`F~EBCP0r(SD{)gPSRjE2!VoVJ*(qYqb%x)t=Lk za;FUYG%OuY>$wSrudQBM*@EcjK7)N`w1R za{goj+Lgj&GYY4T9>=Km6i(WT;|>~*(%-gYayeWP7~C_X)%qr3mZKkbgE)0UT1dzl zv5ak%ta4A)C-A&^l{5teayv5b`;oai1WUwtzDbNr0^_5_ zuOY)JVqQ&U6Z<60VJ`fX47;D=Vmt?u{y3JQndEuh6~=mSJ=`O_8qFd57hF=-b_1d}!T~Rvm1C#UMdtQRVq8936kTbZViYAnc`t;tNUZWl5vg3p5&wDUHN_ z>&AlIC8|ej%iQD?#hDg=7YFe;f)}C~!9JJF=K{H$W$>`|ZfV$&1+M`-7$Vh~3ri9zG?k+Z$(C)aAanXlzneAha3 zI~?6hdZ2+9hkt~J%jir-5E1vs6Po1u{7O}?b(u~8%ONBg8FJ%*2Hy~bkpOz(rcM=r z?JOBM%W)XR@_(}7rcnJ?Xz4<4WT6{XhG9qQPpTM%k`fface}z(t>I_jo^ckxp?VH& z5U^NBikwg+qNM?VRS6XiFlqT!cQmbCah_2dPKD}O7sp8rxo(}+U5Z2b!c`9`sS5gWvIJaX{Xu<7q0Y6h2n=fF;M|@d zbC#ZjXDWysfq{e5cKOY*dWk5_+iKm`v_D*l6{F=SeY&xSQd5{_SqN_n^vbT5;ucr2 z5G9}mw-%Yute{UxxlE*qaOy}4=jD`wQ~Mg%2@epsZh@GwoXGQ(L18VT2}i$kH+pdS z`yq=!wsEA0J@es$`j=7Rlz(m0Ce_eYB|=HW5{%?zr1wfZFD&N0`IS!~qGPQe?goKy z#M3|PLz>VQ-p~dpKjcsJvhnIHd5BMgFs*uyK$jzE@Pa1j6$8;7HQsj`UkI)*2JdC{aan@|qVI z!Q%VzhnG&1b}xc@FTz4)=qI1fXV57tsV^pdd0nQt^olES2{gB|)pxA$`3Gl>RiD!B z;a`#LfpeEwtPbphI+f-m6xa(ZKe^M&Mk0B;9R3X@n7rn6y)P#2IaYHEc&)SV|9;ZR zWiIX&o+<4Bv`nO`B4eEI+juoQmW~sg;MXU^xa~J$ z(n=A{z+$?cMrxupYiXyUR`pZc^VPfJ`W+TH{8Eh;GDWwFxo6joK}*3*zf}@lz>^0+Vk2(pqHM>^3T{p#GS z!&KxeFPQ8*i1$#|yyf`In8A%Hjj6$If)s3%&f?KX%ORGy$c@v^s3F-!pJj1a1wkT} zBK86I>p61y`T+_IBT4O6a}|4db{))_bS=)Z!GXmcYvzR-{}?kbpM;m}o%sr!g}}&< zg#GUBI_;LMIlS}RH&Mn>gy2Z6LjFzRMj1@VYrK|NeMqsqsjD%vprr^lse-xmFg?pc^ z(>}5oTinN7y_Gtn5K@f$0ThQ3XXp^l*Sj8|w>Xsg$m?<4Ea!FYu(G3L6-7W1ZxpRL z=#Ovr&C_ho+fW%&*sY}Oo>kzv`F+Oe^YRMQl0$U5;v#HQAUyGt9kcL`RN^8UhgsG4 zORtaE#$al0xp;n2-2`Eydf!ltJDX4o5(%-HNBM$_3JiH`3`DKdEm)7*qUG%6y4m0i zHph~O#Z;-CuBD~!v2Q;#3(><#)Y0f8$FtL-*M*;n?^h*%iJZSQum4& zrCnLExx&CBxea|!jqX-HBo-U)nlyvMO;g(ovjedR9w(^-uGR5;kP)SXq`SLj1XG|k zp0nBG(_{0mw$BYK2=HR1|9W^^M=1R~yXD9fr4Zb(ej|LyN6N?1?N zNh{vO$QVm`YuVFb;-r2?H%Jq;b6!9F7)!n!q91Rm~T9JSpnd_gsur2z39A%{ukQqucC~4qV$qzKpbI-ylIYV-hde zZcfk^V?-=nkxu6dLMNs3i7Rb4Mero|>B{@nkT3m<`)H^w046K?qu*_G5ewZhOou4$ zyb@TdifzRtP76#Z4EAM|y@*x{mn!2py(+6porB`8{RdN=fJ;z|j$CT1sk4iCBkZ)- zQ`)L6ZUtU*2b`=F2PK(7%_7~QG|iA9wa?q^M?N{pFi|)#@4MW&u>Yp#s$hOsH#s=( zc-q*=zPe%;K)AFfRC?dSEOgfOmkd8*@-c#|(K03h+l(gs>Ubo`ILx@88yL8DqGM_# zo1#-L%X}*15W%<%;^$Iq!|{)p3a$-kunpH>ingQwOIWNra97UHWhs9OS+)Phx)-gl z&$^%6mzF%L+vtxe%zA2Xy6}xlxN~Mgc#_ES(rxO~^pdalj;FlCXJe!JaiP4@-98EK zmq9=s0+w#?ovFX52qiK+;lPi`1WK+cGb!jmWK@|qWOwtaggs&*CPd;pC2PADljUS` zEwA63Uazn39}PIqP16@++EovF=aFn4mmZgEZLDSolbN5HtcP!chq<~E;(W1aUS3>J zo=eqw%}&QEKvB#s#Y#jVfgH2}RhLj+Z_rUC$Aazp9Q(P}>%U=v1NhNWIs&I7-Jj*n z2#>`VuOYI8lI9~OipIW2xGfT2SqrFKGe znocwz$}ClF!Zi6yJD586uu$XO^g1I+h`%KP1sT<-iB)hZQiTi(0SbYM3SpYFt0grL z?~H(M{tH$tI3#4yM26iQP&P}GI!!K>&jSLW27tL5_#+{+RyYP)R0>I+*Egr?HJ*Xv z>TsBQ3=LOe2oCQi*;nx^VsBRu{FKKj@$fEwq{ULDY8c3&Atv`_UP%$Lp+ovNDp`41 zZ?-+b{VR^dw-Q2>hAA2b+&airUQorv$Uw3?Q^Y*U3~>5W0xLVZmYPh+x5mT77YN z)tt9g0KpPyom?OA6W)};wC>#>_cg!4@K%O~hZB6kD5H^gcd?cIBBT&<{GU$Se?CL5 zc3a1pINHl5vmi2=Fwe5gZEfT|PN>KkVdWR5Z~JzKYjtx$n$Q%L?`OLNn{Z@WH`OU` z{LL023p2#ohfZgA{zu-6Rj%2958i1!A}(B>4+aLN5Kie{N{?P_D6!9b6)($Re+*6m z4vs-?bK~a9L!_N)h+x`7`-N@W^$9&xYCY>RACxJ+-h5W;`!=qm1EwUNChqX;)rs?>`}Q&& z>Q95>;&<0pr`}#U?Et^-KGSG(3xH7;tfzIM<+IGPdrDQ~dRtkldPQm_ zkGhsLsyL`6X4paj3&|XeSFp0G0K%@}DOL;{mXsIztM;Vg`8FDFAv`)Xdg>B7w6C2$ z=MO5++}=BM1H*4vYKdSw`hd+bV1}s``O>QaqytkPa0EI4Cd`PBTA*#5^OyJA?|(OW zO&WRw1c~@kd0SM5EQ^2!_BkPJQw%3#tI{TaXSmc~j05G1LFJlh3wMi$KZrW~LuDX7 z0AWES9x!pRxfJOP+hlxxiO5fUIzkJFv@c+1?BE9>}(Ibz9Vdbbgak<_v+?O zf4Y2oCUs|QB*K}XTfEL8wPiuu6p>{c>{nbL@>L$BGC(mVGh)I2t~Uazlx9m9FqxVo1|)Xlvn9fQgxQNIOO*LG?)yla+JkKPyLo zE7uTbjo0q_UEBU)rsE`Jw;SEuKazY;G{^*on+Lr#{yK3% zre0(OmPgkR``BR3rYw_aH16YGt_w;B)YO|WCt3xg>v6;59C!06nDvCjSr~-bkH@b? z6oR>I?EA6H<;FRgmrTj2yM!{4vSgR2#XGNab>~;CAT}z<;flzXs2h+ztnselO+3K> zA!g<0(iCw?3K|H^^Rj1rSemy*PgLl81bH+H7nBjq*+p09t<-T=6Kuj}qORzpGf=1S-)fc;@4$UigSvM7cDRN0}{CfS)g)nbpj5L zR^F98|8Odkkf7ES!NJ^-zk-~h zsm5ZO=!^?jkn0G-if`NfZ2DWz0vx$%SkYi|^YKod#OESr?1un2MyHz6<6E1WApaHmv{JT% z1+gfLisJoq;O^R;kso_g5|sDLIeDPvTtJ`hZqv|hz})ku3|hY$x{!DZ3d?wRUpL$o z3ocGQ7bdS{IhSXQ6>ZkM8@UaX6f@h2resp123o(n?!xbK&WW>)fmbhXM1hkIXAL#2 zUKFXMOW`PdW%$E81cVjD-gA$o%mV^hWsozgGLAEnDS)-!ry+lBvO(ks3xjjd>-y!z zVN0(;^dJRDe=q4|CCHySKhWD?V9rktr#uEM4%O8j6`-Ma!dAK0fVNl2QmACj?hnFY zKV9`NTieT^YdMS4OmWu9aKOK?Wx^y;jV@Xy0Y%%074<(Qnr`;It*~Y2vymi_u<@1g zR-E|{hZD}Jh$Cd>(zrDZ-w=b!Mz|t3_rHO}IHCzrxm&+Q!W>bDUw?PQ0G}m`OPK2W z!jlCPG7XP}#eJVvj$F?>DS7>9Cv$rQvO_?Gw$;UwBrX$aO8ui%Ak?veWFJLtrGKf5 z3FRp)BpuUYfBI()k33BN@dAXuf$%^1g=L;bAit=~gmeW>p zs5Ihrzn9bDJYUMSxw&(C4~IM^FUzWn?`WC)j5cAUluo=;-A{;1b6FcfZ}&Lslv~kX zUb1oXv>IR|ADN{xA{K3}AdC=;N1eUT7wJ6*<~F3!ML#$L(SkN?ToobEz#Ebd9M)V8 znplZQY3r#-2%L#(Zw{8~==E0c^H$t9RH0I}7=&yF#{`J9~Sl}}2TyjeH{ zf^dR(*l=kz96w3y__!(I97Ut${^z<9Ut1{r1#i%hcvM<8f28##+n^!G-^6d+WDvl# zb2f^|EmH}iGVofOGn|$+3$vA@(an~5{GM9NZ`~_1!N`A;rt)rXY?e|FnfakM%X+xJ zaYydL6b5SlOVG&`qp=u87(e&>{OHzeF)Z-fuDjF>gCN5MnfVavF!B-Bat*KLLNA(f zu4Q6>18T@l<%Ysu#*%3Lq8PNo+{eK0#SVFkG2j{DzDj}yIy7p(k@)ddwveBZ6bQu? zw8uc>R>DxeIi*T}A22EYc%2E!hKWm>;;}SAXf&SymCa?M4m>)LM8hwy^dD_I@7Y=& zMsvxx23k8T<=!8WT`t!&(b-Kc)g4`n)5Og3QXn0iZ%vQ*(qst{b^p<2 z*{?bT7TZS%DhL*g`;8dyyMl|-*BAW$H5DP7!rW%1jHieDCFh#!cJC0oJF3|D2A6q3 zR@eNn{Azj>tw-5x8@ILj0j%ADC6@n?M9t zzl1p$5+1hC1|m}-Q`u#z5CQsk8-I#6Ve&zcj3?8}g7LTmAS!^!!03{}Zbs=@MAcWy>9ywzVpXlmawY-zi(XO0h>lOFZwR^4!(_^=O`@ zEtv9S##aUkMs5zkO}5OREF@zYU6MM-6|x4)99Tp7H4YI;YzA;(JENo~fY&gGmZ`Rj z&Zr&Z)X@4oGbgesN9JbF-G;-0zPslQ^gj*!t*^5*2e0Q!wbLU>UCH)i#sUR=u}P z)$_-kyKHJ3c^q-iNCb zpIo8bUgeTrw6>&zY_AcfukxU&>MO06-~v8PSvb?j*YlJg!Jv&q${Hv>>H;uCz0VB` z!-rIp5r%;&u;j8jxO&MG&>1Yhky6YUtm{0ciyosS6sR^<0>Q@pq=+_@O6QiiO&vSF zXn8o~mqkpgqX<=G@I+cP(uC!cD9ACR8WalO{yzWwwNs&_Mh~E7q8yTYM0c{O=MQvW zl-#E$C0lVkNE4Z=y)e7UoO3Js+=3D`4+tpjL%EB*c=hbRwofOJ)h-48(45(?9P>>> zj-RhvR_)%UxlXEsqWlf9)k&I6(hb+Yd?=1~ZFG6#BJqvC+l?U^iAHP`j)zxGrpre5*X{0zR9 z*p2oWdUsOk=W=UOIqU=GVGdfwVIel8&JSu9mJ$03|JTV~%lH`$pyJo;!QI26o6EqO z??e}{6soUJewjD;HIvUkh?=3{S=tKj+48zmQCmr!VT_os-Di1>U_1`P(a!tyHN)j1 zqR96nYE9`iw`D;!$}`OjcvP6s?9D7{s84-zl}7P9=sjkZlZWz6@fK$4R$9sJR_JI8 zScC;vg(nJ;vJX^t(Xl#!$?14R=&Y2!6hm?rd`xOQK@z6Zhx;|uUA_g8Lr=LLW2${% zJzpLkm&2^zJbzfmHo=r~6uBl5h|~m?JVHNUyYbgz3a%vIjmnQUe-{oHC=GD`1^wYE zHFm-=`G{)vPB)p|$Ja^~Z_)CzGCFzaR>Mdz`*)QQUF7jvM|$e}V6Da43l|gDwq^0+ zbO<==X%Q@@+O_H!;K%VoJQf}Wy~F%s3r6e!e4yp!oVus%Rk>O z1XrNE%$XZ&ziYuo`kA5U0sAm6L~3M#i``mf(IiX;2!k^c&FVynH_Yc-lEei7#J7QVg=NB;}{qR?o{fSc&NLX#mF0Th@e9qF)@eD@LeSr6XM=MYk z`d*w`4-A1Ii|{~=nsh*JDB6lySt{`I;kj688b7~A`*RVnBG!|nFEjgM@(-=;%7#%u>Q*Wdup`-cht(2iiaO%Jg zvX!8W?WY4G9K?c|Yh{f>r;?&e9|I{>L9UVMdzzKy@_v&<7yMHK9wUs$$lYH6b?Hx~ zV9`Hft*GIGd*F8C;%2hvDWXTS-*AWLWdnIvE<=de=KaZ+{kr{%^Q**g<@WBfPS`7@ zDFq4n34uiX`d3Q~f$#p)_o`3JUGbOpTXq;& z8(!vW+*g=j^%^z)J5Mv2QHJlq^1z390*CBGS3FLXSc2GbQUnZufvkUXWb~a)Eum9+ zczhJxb|)>3%@KV7Z+q+9_294Z^b&x(r_v5b3@1>luyLxU;whJ(C#VM!yVF0?tEUow zjg3q0@2@VlLDNCeD&<$d-CjSvv1Q86X^EW}8 z&9}aY4g6EFcU)pFLFS=jW7a<Ity%~Z6SBqNvf601PTS%Rn3u++Gm##ys6BL$ z$}F2>qy%bfOsKLqR=Vq~3|B@>F>_(PV~%sSeKdJa`^=aoyc|Zk6eNhMrqZBpwrYaO z;RcB5G;5ILE7g#<;3z)6Gea+B`q*q~Z|39zfj-Y3NVso4K!nslY3la*SoiUY`WSBo zj*q76MmaIT;{|y4%y*c389?rMUZ-Uy(kMPZb+GQCiXhua=(*iGcmKR!Y zS(Y0wxGDemY_p<(Pkzoe(b=QJPXIR34V|Jy*_9D`ezS%y>`3$d)U!|Z| z{YR45yaiVYiHbP5bpsCW_;0eqCyaU?Z_@&d2g&@49L?^EgkgW=JhUujF!j`Er3z_uJe! z5fm_p;sOACq_4iy>%+MXQzHw3<18?_*qvlzA9-mN0Q<7oRR0Rz#0fL$OZxB%cHUg~ zJM8@EvUdK6p;sMJ0s~TN!V+z`>+Etg|AxFrr%q-77!eESmfW(t=(c}r4bNYy4I&Y` z;B}52nDpDBPm081#^{JcbfVad1%d@#k^f%pkVwB*z6U}KTmd~%zqc1m#OE(-)!2AT zQK1G<+gk8SPn74`Y2+vk)dCb%(;;((r2z6a_Q!Yin|(h+F+u%74f8Y1FF-ag);reu z{aj|obpjS_n<8u@(qa{DN^=WtRJrFRK(k@n4>osWKH6oO{t|w^>Ee4`<7{5muy z{qy;O!>q0UfCs>M^`1#!-0mjM9^xP5N=`o2o``Goe%O&)xV9>dPCnj*3I1H^Rz5wt zY|7HpIyEr&ISg;oh)Al;x@H~nI*dqeA9*Gk*F4HH^kBzKh{#`zVC-&%V&WQknw_+f zhRI4gF}41qR17R8exwD!FCZz=a;26l)S%o8B2p;MO@`A2yq_79H$5)9{$!5-4J-^` zA=@nsFf_%uYXD`!iHuq9NX|0P00~Mm?q30s*M4u#pQp*-g+53omo`F*Z0>6mQ^8z@ zNN~J%J4?fEe&RwUP?H!xQc$m@OYiUWY#RH(L6!Um$Gs}t_#oHQ8$3C974b0Tv2lx6 z`wtkc2olS{luu+=r6W1?zbt_KT(bwx3=a+8JZ2g}zmOWwecB;V-*sR*u)+;hEH(QK zFmM%)gN$CXVv-+gxgNZuvb30ly%Y#*69%Dnav+oagyC(5$k8bjo>nzjK zDd=(YNb0(gKw_#KNmhaxVuQL$-#_jTU=C{JY08am7{|MiIt$+ukZ0J>j!{7v|SB~ zhl1sT?F|(J_`s0iXc;0+oa6&DliFCQ=7I{D{@9v{OTb5%O%6;e@afh+-al%!cPyO* zM9_t6>te)WRqTO~rr&1p?ipm$R;~?SWyFoyePA(=uRzh=*2~g^Y$l8Av4J8_z=8Ll zm2RN5C;}NJ9xHR%rd-}G=OnQd1|-uI?BYli{F+xi_mwAkcVpil zUteD2dT+j_`Cebv@A#@1pSN8Fa`j#bqCbKqEYPlaM_?C|{cohlxpa-;nDGF241GnP zrY}3D0cEyp{!javWIC-K-)2QY)$(WW?OSD?a=iE>j*YoC5u?xRsleSh)hz?}la?5U zB`i3Zpi<}VI|tf5ZF-jU78c7?~#)3Fg_VV?T@VSLd<^CP4HJa%fnJ2BvgGVio z{6E&NK?^hBZkJ;TSKLP?P zNjmNqb=KLXThtJdT%0a|2OJ7`8}o!lgZ>2d$uB6Z01Yes(c$6>{NEYnJPlBu0o~8- zUFSBoj^_m~O6h5{@@eeNWg9j1&;x{cZyj&W?*bbEHMhpYX^TIA2St#JQBM*wl84;C zK`g_$dyj?ooJO;l+%RYdn)kero4cbA;iA*9o)q8CQYaiQif!Bv0$tdzR>O?8_o%zG z35l^8Uo*Aa*ZU#kue&t#FsO=>hhrR=A{uJ55Ou)n>NulQ z*vzQtIPM~7P=jXMNyjPvT+HbTqNXdBQ1*|fF$G1|&Hse~PeX?1W?B=RUndljD$Cqt z_y92h{-B20<8xK>`BHwkcxG30i0zYl=1d8s1~`b>k5JhR8zD09>k92~}*< zg_SsCqv~N=SvgnDYws(x&`PnX$<|~2@zDLSug6R!`uU~uMlO0=2 z_`I_}U7Jj~C8VaS&wAL4V`awh*a2y`pkb!6P#(KH(#w79T81DUg_;J(cQ;~<4*GHzu zEA`TZ6Qf4BW!J|!pIV0toknTvNZG)&;CO~sa)kP;mmQ(XwdDd)O)yfq=zck=Frn$p z808%n%QjHP!Xi^n1<3^bF7;cy#-(z#SN~m-CD1rj?#11!+%I7OUjKB>N)|LKvjBTW zi5|d~fx@KrUnwgqFP##Ja^67YKz$FX?+!y?=rJyS}zy8lpuX z&szaVE22pJ#!nv(!+$e4dG7~@2|Omsm|&%j(l_$>obG&8doUnSoxAGj41LuxlPrkA z7Z&D34)a6IbBS<{bOAb$ZdaSfE8w426tRfAr$XtoFKn&O_8u_epU3`3moFFI+ML-H zcr-EozPT62_!~i?)u-u5QHM~Qw-(V4Gbt@vF_s-ePsXR4|Bw)iYi?wcNjZ`i{oyQ+ z=?I*Eyrbe0%4)(zC=HI3Hr4xUKK3iel#9;Vw)S@$w$&K zII+m3#S9I**6w2(uwJFr0lm8^f`zsUF`L(z;4FW~Ol{Fr43Ah8`FM4Lhlz60FCt?^Yyp07e96lNxjlop&+GK zNdrT0d@}9|BVVFmlP(;AS5sEGmTJ5tAG)zE^n@*IHHl%sivzjcI`WjxFzIWh(*^e8 z?|z9Bm3k^6W<(_?+4Tl3KkNf~C1O$X@`T8q&fBa@CuO3mXx7v7Mb;a*d`*&)diE^M&!HRl&2?!RGl?{4pbq(0zIhLuUW>T03GT zsv7hvb3!`9?Bz$G*3)5iC<=GDtvdyx+zW5`XzH)}vMGrtmF)lRxDks1XtiQcS1EOP za_2q44*0(FkS zwNT+Q?JDTd8*r-E$fI^2D}ycSmt;DG^s-pQ!4aS3*O8dC3jj+BJJ3tXJv;k!zs9q` z%d45}>Zp87JKk8yqEAQwxdpwx`42JDHfjLHz5q;o{#@kV*t?VWOP`)DAmzlK=wNm8 zquE1Y3c6Jal>PL)B!%4`xl8QFjQSy{%gSqsBLu$qI1orMENuo%IQ`wh1{#^)lCnje z)m!M_n}5MBgR>qb`i4S;4n*v!uwopk>YTRw=u7IQ2#x}=T%XMtv`kOJI6sC&jd2;| zML=fG%^#k*-is>Vhw0Kshb&J&``XH9St4?8owKU&n6MrKwyM!)Llwqig2lI?PW;n9twms+0U125;pQmneto zoelW6S~y7p?j5w^AQDNQf00_^D{nECMhnDEZ-3A2?acRW9r#ZbaX<)hcTNG~eJ(dE zs_Cf{{4(i423yaP9&{Y_r!gN8jskA%Ux#XdEI?$*%}b5nQt=IG<)9CS6Rn=%+aQFf z$^=}bkUCr!vlNF=8B8UhA=@{S8Uy?0Ks81d+~#M7*N*MNL?qO*W@2FS^=Ao@w^RV#+Nw67$2I zd+NOm7;8N zH4y<8M3Y07;wx4)WHt=&oiF)(PAOP{P%gZU9l`O$wsY%G9hU>FI!%RZu)=`Cf)WUX zf~a~q%MblTPn1wLP+n4}0Ko(XykjYWB(hF&{lQK^fmT-H*>8$1FekdAWTN1KF+NWB zmR0|Lm;;P-$V8HyQR;D?_kx&t75d!Gp4{INg|F{-YE;K*%CaSG%E-o$x<79-8OMCR z_}z2bTXs>SA2ksCSh_|$K@Tw&$u6ytHDu48$6+zrsErpCkw?o|r{dGobU{7SEj?g# zhd)$^V^Mezoek>1dcI)FY=uZFo_6=H{T5-E)#e*lwHBV#?C8|-KA4W+3Fh0=K9mAO z-KH&Mg!0bO|Ae0RgW^fTL31-nu%GzF1t@IlsP6%SkOLN!QD_5&{M=;xhPmV1wEdLM zg!~|+K#-tUQwyO!pJF~;5h71jurQzLq(JiX4MhfBB?9r$b}1e-R)rXb>TbyYfN5O* z_(jby6bDaHyRzd82^c>I^(#}htDVdGdkzG4gbTE8qSrxk;VrY9c75-`f)5Rex~^CK zU3BuaA#ww$c{4S+IFoWL6$45Lt8ZE8n52H5_i%e&T7abjV$9feW8thPbTfo&>(mWh zL_$6K6B?}%9ba6LurWmGm2v;{vf{^kIoK?y^=q2Gq)!&704dJvrpmdsHDk_YUbK4( zU3d9y)3Ad=c{ z2{RS0X$x$2DqX%A@tP};`YuT}!}ZKOMWvecBfb(MbP7D}+8FE);Jb>6_Ld9Yul20wzRvr+QfqnR z>&=PkQB7npPU6@oy*&8ApKylqG-&r|lL#vVGSGmy7$}w!Ve!vIzm9bTkoV9kc%s`j z0cr+hcCH{ziRWOKx-gOrm+521PaYKZ z8wUm!Iz8Ue3m1ON+&a!J%qWNEnAH$<(q$PXxDrp=Ssj*tY(D);ztPNx9cMJK&GLKG z>GT^#a2sFzaEXpE@nJg-=dWW4y_)|)5m@a*0{yRk2RQa;tec^x$rfBV&g`c+(k9Ue z1I?Cewu4K#S@HorSD!$kbx;}Z2G<}=(8Lm!A`N;#(@CH76-`-xAr{jK1VRF597p1a zTHMaGU%>708gQrI4aJpt6$ob3x8m)Q?)U;xHXej*^LbIzL1Qu(O8R3%AEfTQNY$?>RSjG^@YOvTZxy;nSLa+I4+byJcpJ;WyFTj`^#sZn%!;cSVU! zugbzQU}t-ezStC?BGiq^F+r#7wN>Kmdb@k@{ernbDp9ydi-=ychN$*4k=~*jUOi`x zmK-1T9$-wQFJ3N2ft3ZLG~TRz-Sz$H-~j^D`;n>;xC>VTF#`;ZKmND3`V$$ zv)YaNLpFW4NJ>Y>XN1X~XM0MQfaffKV5qV~(|g2niq z4<7TTcq`r7DhbS&fny zY^WLp4Mozl3i(zH_084y8kPi~kTKQJH zX3H}0=-_-T!yYpugYiJ8T*MO^fK3G`SZlEju9a=-HFVSSxf)P73->DGAeR(YQr0BGM(S1@A?q*HAScj7b2IkliIJl8f7 z<0pXIqf#m+tX;m8sdf0*0(6Q;>YrWX$G`D?t_@rXIzfQIux6puIv5mnc0?BB2)!3!Tc>9$A-fp-ji!7GRdd3_ zimf-97IdZ5>E{8x&#WCy5!y!KB%RM7CGWB55`~WkswS4KJO2jmM#sB-;usY2DU(*l z72FZULGT9;***cFNVETOOC1Tc5GHt#$R!C-fu}a`Y)=C$vEB8Otl>{+4hEl4wN9bd zKg6iNMQN4Ko3zw(*w!AO)ICqJi@@Wo4Vz=$MCmpFfmyb$x*mpp8+S{?!-QF7s_Y>ikCfn%a7{^{0F@S zHQu8slW%XkZ)M!xg*Z?FQOeL*nwUhlI)YDN`Cc9&&3t=rGhA|9S@J9T8U9gq*E~wn zgcn*_VbJwl`&ePVvmS<`#?!xot&Xmg(x7W@u57ne%k!k%n4omVKhadmr{&u=FvQ)?rEC22dTT4>84R_~#4gMrtEG#)MD|sV9-&3y zfT0kUpYUjh|LBnELCj@=a&aRDovW;`gL~eHR6Tk9cUYm?#Yhv>A7^z`@|AG%m;(i6 z&xXbT>ND4u@kzJnTNF)Tu<5|;*ZcM&!>^u#n`;{&Az;aGyb<7^1gW1;WBNF}K3d;X z_za+Bs@_614A<@Zd!y{Rr`le&Mh0er!CR<-FjIsly7_;>m+(69Ai=!E*E}i2lcnH= zSdbXiC8G)jN-e4&xyX(CxV6YJsev}%*w+7s)8AxZU;rgUs#)Fpnc_E3c0R9|`^;Qx z_%&L$tKP+ppstI?G~a$LO>~I>xHm=D`>6}%yt1R_J_S`chorLQ=B->SK75YfInxXV z%k4|EW?h^lHn=AjvfPMmgx%`?ltr)`WO&3?Bd_QhTQAnlJ8$AG z&2y%ZmM8mkm*)>5QCisR74Fr(7k2wb6HU}$*L|vY;k9IW`@weDGjL0-7rg-n?I6*F zBfz(|ztDi75C{GyWtv^#(g3Oj_{v(^`Dtx~+X9?BGDy4tOPc{gn#}}jCtvUnuMD)@ z6|q7_a>tU*@9Ah9&)wv+SbIrJ5Q;44k5_BwCY2E$LO9qr7R=)KgE0^#$!49uiH*!5 z$(`Z*J37Ix-{#^1D>svmm?!d>D&c2gKzKk9oHrEOzh8O7K8GG2UP?`AmX>d>>ddQY ztk|ovMqj$jr@Nx0Ci8ANJ|pRpxCR&4awJUtNzA)B@Q_)MrnkK8 z;izM*z&WqBH=l6pV~<+E@vMYBieCZs`8NAnmG@~cdBayvMRj#0W^O@XJ?{sUBeI5+ z6?UJMGn_V3B9S*^s6qcPTss;vG4pCI?5r#fbwz|~`ac<|nII&hiHtCWYd*J1s;oLE?bHxA)MiGvU>`!=Cq(o({uT=XDv;$~y~u$S~xA zUe|^NlD{dD_%e_IJwM)N1mpR-EZWtQXssp4G$pt-qfHQ|fKaR{y(V&mbEhLKIw4wS zMHQ#(CZj3}EsHmkp*zM;?c9)Fq8wA~A54IQ2dqF?)Lc~w03;kF>T^hA+RDbpnPB2M zZ7dwMzHrIOi1j7=jFO8|j+%eDrQK%N3RBxQls6c*IHw3IC>HzykrmKL5#?o9u`J2? zfuff@R<>DejYypGT!=h%`1bMA^WhD_QbB~J%8$x)w+1ajq*0^$#B)~7{)L?ype*_O z`wrLG$G01a*b8c=D^gguu~VLTPKh4Z8k)!4hOOttR&HXi!=I1=#;DO>+U2soQgVcI ze8UsI`Zw7qXp(D$EPYAe0U-~D7G-pGo{o4g+#?FWrRJR@Cl-)~I zIfI)j1)S=sH?OZgzG(90>{BI#VC{VrxwiyTYx}SF!Cu$>LT@nTd#c>qdX`8`KlElNN2hrV zBYFq=Q~VY7J%=xDV&Eh`VQ%cM;@OOxX6L>Xa zdG8ZuRBJvh+K{mhq6w=WOY8tR3V2vFYIzsUcpqYkwjK2NrX8K~7*!u655a3;K#Jyw zK)}1n+BQpUIkocnQ4yFEzr#$QDOg?oIST?=d(rM1ZHPsLu%r^?9)HKTODI#l67V6k z4k#K|4~e|$V_SGX#N+kmpfZ+Q&>d)4JQDfd%0J(q^T-z*c+|}y^5aRGPPiw zQvnsic>|n=Y2>Lt(K5d+Dp@Yp8eFU@JRvTJPrqVLdqm|16=O)29T{XM%QsFoa%%gH z2j>?fM7LUPnZ-szX;ZeHC4MZrV4bv!{r)0$tXenH;7FidKjsH?>*+RqqWzjN2uByz zT_+Muj#7e`{}V)+Giz=#4;)#ZA8&2_^N&DK28}Qc7b4#*?n1lXa9YwB<@W{^3qC61 z*vy4Tak2q2bji!sD8O09S|S9aY5&G!5KfmNbj&U*)e6eFwS3$#kp2gTJ%PPQ=&VEB z1Z~epgMX-)*DUshwvD$@O0o^>1kf`*Ycq zyIclQ97TG(ibHvZz$I(w+U`}BuN5)vx%D=goJyO+G_c+R$$yTQJT4?B?^@cCpXBvGLD7$Km*Lg1L0@GV3Km>8OWHr!8@cZ4`!7aHv12><9h_A4Y8_ZSOf#;PRQo{ zX*PgQ>ZeIIt4v2HjXn~kYU5Zq)(}i`oBU4wX=oFB(C{)4txj0bcr46zL2w4W6`E04 z=P*YFtYp1@-K_`I zih?8s665-UdD*S_n0?~J>XLpOY|#3kBif|ZMY(su0TT-Hdc)yJ3l_jG+kI%4`&%r= z*C*j`(x2(VRQu+vz{Oyj*J-V7)@*O&+La1OgYXX0h-K3w55?A?9&3Su-h2j-v{m_b zV9pD0l!UJ~pF7)SR_c7cHK(_7b7o=&%LDR*_SY7D09`1@_b}P)#VjlyovOFusfN|X zg1KK7B85K(3)FM3=wesB6ED6Mg9dtnaenL76^VTN9lzg}(pWPPFDO2W^FQ}pdCX`F;auwVD zi*C(heB~!A{#A=UY`tx4-3_?7^?omC4X#58>p#mgHZW{}!s$=fr8j~iLMrg@us}cw z^R8M=dL}YcMz+f?J8;c4G}T03LDc*lX_Sd&kdb9k9@N|(g|%%PJ%~8VQ;Y*Uk;oMO zGo6sGi~*^$EKqdjgMZzGa9X2ZP^f_k8UR7^xJz?UyF*@&(#9yzGB7)?p|!Q2p7;%$ zFp(6$qQF(QVv$0LcQQC2r~nQQiU2CiNt}6rl9>0gkUIRsw~K_}gr2+4V-@_E9aKem zk#b@P7W3DVazD3B+vBC8<1VZnKY6>{Me3dESUIXhD|yy}kSfmz(D zjOK}5tFpU5w9D>2wTwF1ab>+`Mqw_7(7uL1NsqKEyV$8&wl>&m;CIbH5q5Gk70h7Q z@(Qj9LY+K5sHqI&ghP~-35;B^TmAk;=wEJEpAV5-+4d`f@I{*YS4hX>KC}N5S;h=X z5r*Z4c|$ChA+?k!Wgz!wy0m5FTJmP^@rEyJ5#KLCeSWG*m&sH)6qz|IBuc#@keP~~ zq9ln_K8qIl)3j(2$v8*BAL=rQDcRE*6_6}UP(UzHm4uHPAjjs?e75FbNc*~1%3JJK zWc}XZr-03dNm=Ym4^;@E(l=J%QS7pw6foO=*w*~ohg6-Lw8cpnmz=7;U#N7hk`{^v zgFWcrnctU7xYl4AJ(>|?P9+BCU$ZNW0A*QGYf)4vxSF+jOQqqfP@6d|{Dc@Hqo?{b zjvE{BBWBElzL>}Dv~KJ5FXuUjc99Z(=zt|$s(}!xgN4PfoRhW1#_*diZ_?LHHpK7s zOHNxuF+&k-%EH5q-%DM)t^qLyWu4ZiL$4ZXfLdOwOyzco?P16M<>_p!cNYC@ zL+*-GqUQC6;ue5nCy3Fq_Qc?ODEAtg$0oDaA%W7id(4H%P0D>Yb0>J2G%T|<&5B7R zR)-|)9^Wbs>EGH({wO$hFiPf-q?rr?-y&o}JZ6|OhEh*4cwR;X-mmajVq`KT*D^f{ zSvu^5u?FZD3cF9K=EM3?D9r4qnwJZqWfF-^l@vZV(prX6c(Ra`dDC$p5hS1#E2#cZ z3{{aGW{iXO05aXNS9as!1|nl)rXoUUQW{U^Q72ezkG8==kBh{8xs-+6_l6=rsRc9c z!MNu|87KiovnD0IbXxO?#-}#xUyT_LaxKdn<=IXNf4yPdi3y8qg%FvX8rj_EbN{BO z@PmSf`ttsYWbhaSO+*ZH)M2rOi@)~AgWtXgDal2r!=*eKE$XWTIgNkdSJc^Coda-F zucNYX`}?$?{MN8nso+mP5P|(5@#S6?DQyq z``R=2?qd<$OdZ|8ybA&-ZTQ>!&>uf4`5kDo9PO`ZI*$;!+Z4q!5B!p)eqdJ%{qF)D zf|&t^O8bLC$pDB9?1;T>)~vA?D~;6SA**n^?cf4yW+F3Iy+Jx_f@2FQR9FtkXeCB9 zB;LRsbc#TK{%L!ncKNlm-l})Lhvj>s7X~C}I>GG>+53$rQYuv?x}U}lkEv?_vIwvR*ua|9P#4-F@{L}E9RrE)w=^^!tqdiNr(f;97p%=*eKj_7 z?6P-yRfD^LL+#7gTfWElo)4N&X_(4F?LRgDy~zBx-X69-AgmTpp%EVnj+y2RCCrCP zv=DH{uxMCNX&qjjRc`8(gcEUy0frDm)S?;e&axH0*|ptZ1%<+J`vq%&AoT-AKwufJ z7+|WbqzMREC{)qRdLP&n>da&Ix;-~o0fo0{BJbi4(VXK&sC6M|BuhSh=DMItTglUi zO05PMrZZtOHro%9@wn^wj=Ry@dM#f+*fhN6JghC(`kCzZbdMuG2v{_q#cR3PAj6g! zAIYvaRAU@FgJg5tT>*RXxY`?8tj4>lLdV5Gu)syByrQ0SMtm&I`yG&`=@+zcza#u5 z_Ip@`)l}SKK6z0sF(7QKyDRb|A}rRW3tV%6^0;i>#ZMVqY8~w9vlYy=U@%d};7fP- zY7y`W6(+Uk`i4|xsaU+?;ZR34VYM`97P0GuOHUEMxsV~|Ilt?U33BErX!iF3m)_ft zH$ORT9BnS>zdJsIXXx{SlnYPX-gRu&@=c2}Q>}-ST?9wpXS6CFn^@jVjQa$A^R-N1 z%FPHX3n^P*F>&+Kk*gcGQruUpJHt-#+GDJVQ}ul7fYaeaI#f?6t5>5dA7Hx7izay# z8LhcL!v}nq!SR?95BkSEQsoOi(q!eM3!_5;?o~*kf-_B-QsZUgo%3j#DMpUPenK;b0 z-qi%rQya-DA_$XUAbeq>gveAXcj*6HbnO{!%vb+$Rk^c-4=4l_})q*o1YDj3lI@Hm3XV z$Men(M8#1@j9}h#W6-sRw@2#q&W_Q;r{mns(k6Zj=3N+t(^|sk!yXeYTs49dqId6E z`)=uB9kZS-U;Q@H^a>-@Ct=R1; z0tv~FhkX{%N91!?Y0w?9^)~8M)l95Fi6NUi(aaJfNvv6qg`I@j4^&Oa-O6cno?~n& z+~^9?W_P z{y;M$kMfXcblEzb<G;n(2~U5 z$^x@7aV%+XA2?K8RT-d8651GC?yBSiwilYkXWW!8I5VOsM|@m!-I=hcU8(Vt1VVrD z%(ERKdXG9bx8R`wrzq4kIjZ7VuRJci>j$U@M8AKCLwN9y;MaJv`+PH~L2g#YOGQh{2K9|L^C9ZWK3hjHCpi6Ll;GiU(GSx$i!Ky zq=WbeV#6Z$D*Rh-MWOo1NweMr!GXK!X~j7MV2>vnC^0?y2f`3J)=6&l)y3H6l$7%H zZ`&)l68wga>CSo6>7x6ASaW;N9X=2$5K2xE(zotEA;iQNK$G%Vg(d!Q3&sHMK-O1V z?jtZ=ILU%+_Mq979hZ(IFVhfZVj^m}2xwF^os8{^8T@SeBKUxJ4=#_7$E^NQwblmo zUQ#;o(KU1&Y_|Tsh|h+8Q<))0<=|w{{AY9HYmmq#-vgha_r=Ed-Led9PW!%(MXnl( zI{1MK59EXhIYQifgk4}5{%2xLM|)($(41xMO_Rh#C7GPI8E&Q?!oNXpi7+2E!w<|U z&Qe8Pdq*!@A0TiPx=>Dz2qVS1xXh1qr8~=gl>^4LcK-g(BC<#xD|x`)qw$TM>L!Q=hTS#Lz=(C^xb2J zV8d;eraqSF){qvXu*Hi2p(s_Rsm;@HXfdQ(viVnuWTa&AcGZAZsk;P!uRNoMn2jeQk74|K}Xg3OV@*%uR<-M8r_9@>QxVss< z`fweLc{VF)68;+W`#$?LXBzIAC6@hO$ce$5I#@=Zjy8&pEzZC zVdT!#O4b%MqlTL>kHb1_IO{jIsK5j~Vx1DTrE8|iFVlGQIdK$GqN^^{q0xyK7JIm8 zZ1DvS;?f^#CXFMe)z3ks+d#>8+hf)yG5Frpm54n~m zj2pWQ0;FRq?os(~r$yk9y9r}Ke_rz9tib!p*xWdz^GYt$FIZS9;dT4@x)CEvZ-ku5wC-J!$kh^CS*)6wdv=(x8G1KGaC8BYd|Hl9+ zk(>UaQQVH8L3=v0_a_kPPo!!g$2)Dm0KM#mfcWyJN*ypsk{=@I=(uHbWSd~9HY_;I zDl>n4C|o$bh}qItNSntQ>4)0eltW!T?>ujQ?MBr;>pM$ZZ5TN&%Nu63OiO&wvU(w|1z+mghnDj#E)uJbHfWc)NK4rLATF&f9Xg<7kDcwY2@ zx1U?gGic=0W|||oNir(~Gv9QSvUfu1UaEJ-ml;iivNp%*xn0oK%I8JD7Xpb0gxi{GdxZd_v#l=IA;RqcA<&4{; z&k0LZ0$QCEdv>&rOkwwSq{-;JV3$&cUT`J~L9ri_nb0b}lc(j7F%4>pc>zSmfT zs!?#}+b@hi+zVgD>yS@-Aw0|Zz3ky{(xIGE@tLpSe#iQd*{<+h)Enqts*WQ!HNbTR zJ7&KG>tSD<7y@I(y2-rZJjEfD%S^DiE{&-a83F2yeikuXzEjXG z$Z8+{TWnUfe%nHButn8r`#huLIHg7VaH>_-w|7c^3g`bG#C)_mbj5mbCi0=E|It4@ zMI!?vS?vYAJB&t?YDfLvU>e9Ck;Sy*TMrJE!&xln<|BK?Wb$`aSaFt-qDYJ|k0RLM z1f$<-X~LCUiOlNPZp7l>bC>3<?>R%S59Bgbrf-!fr9ZCxgRf zj1`o>b_2=}aWR@t@N)IFz%MbK2Hlb^R&-^eSdd|2$BJf?>69~?GGm{Kv`%Pl7{UZw z-mc|kcu$O@ce$ZQFuLrJ7nTr2z9gsaY_k$w^q8^?LEA1YwDw);Uz8tHd%>4UMU{%d zKEb8riJvuNa`CKhzi65mJS?SzU#t7Q`@TQ^D{bjEFjSOnn0?|!Ie4=YDet1QBH6Rn zzrlY%3GAN+g|B(ZWy?n-bZ@MZR};;coT#rgXmk%Jq4HUIL%yQxDq<3Q&JWiwXX7(! zvjz|8-Up^P0U%(gg2$Zkaw^JxMc;>Ge^X7P@KyQjkOo<8GU~L(+cK`-=8>5r>Vyf+8eY3C zeb*#L+xS&@K?i2DzO}mBMM&rRPlareUU6>(5Y2!1D+lL#ZZ@g)J)A@WGE}E7=}5}a zj#dLD-H4lLHh%f#={QOu53NgnLM+jOP@fPB@@4JSB#3NUkrMb|!uul;_djyRFFJ!ebKn3}&hyz;@vFm>2H`*o=YMDiNmlFMDS^Xsczc73LYR@E6}f|8sT{pF^i<`ekSQH zN-miB1smrrlNdN z%-5npqX_vu`}rp!QWTVI%=3McO`W}|@>w@{n&ADk(N{z(5CX(iJO}}WxyZdk)3d;4 zB<(27>(4CMnKx6|AiY126<6F*Ie*Qq`Qv6h=oGO>Vfm}C3)_TCj$hh{^{*QtlC#*i z4h1>M_v2H%!R_pu-)j9(Lf*7yjJUm0g@}}v#wpjM0C5T-GTFw90n$lO_}8_h4{&oq zg?4rSSeub0bMyo-Oexb0)fm^Dt>S&mU{>fpgg28D6+cP z$P8GE+e(||rb%f~SO4`s_QD__W4!RW;TeQ2+QgzfuxbIdgfFN*`9QX-WAy^jabWK3 zrezL? zR)2$TQtA$jRVA=@GZ0=s@qXH(;16!FF@t>$S3b#55qD%28j)C3X8o_4>a;bFde^Sg z;vyWY{sDQrFb!kXWv*)+E^Z}hNZa0_xfU=5Z_fZ_oX0?lKKS~n`z zJPu5Wi>mgFe6RH9g?Qgnlk*N;mqXAwZB(Dyt>=r0$vc1bl#0au&wTIq)@vnjkrrq> z?!EP##11XFn)I*MlrOkEz{R%O*+4!|e94D9wQwbPj3;kb_9)tzR~!8{v8c!f#%Dx* z1!DRkoVjlA*<9P^0mTrDZs0c1DahBe?Fw(Lee~YO?^lP!wWjefDuZ>nl*8lA9WSXoTY~Pb&2F1^gpHv} z+lne!`eL_zQ>rKyfgS#@N!66c-5*!K?Q6t;^q{-W8hw@t_(3r>@ZsP=3O=#~0}Ca< zOP2A(j3V-ZP~kF=MwEC-Gw+dV|MX&`gi9s z&xSA#JP8bqrHUC1?IMJKDd9v^V$IHWRDWZSIE=+0D(kcZqRR@^#g)oFg6$mzS)xsq z9^oeHP2^yaiqR=@kbn_^_d*jrf_>mcNQZ#>G#Jg8Ou?XxhTU%!=TXTEN)MQ#Y|P(M z2j%F}^PcBR2|bdqrs{#zd5$g^b;(Tw0wga2Y0_MF?>;FH-CV;rRJ!Ov>dRK`XMRsI&#rW=wYV; z2#|{1gGDjbzbH>Xj02s=xk|>G-|8T_WGU=GJ&a}8v6$j3%)gG^zuJ0BwAKe@H}Jw* zSaCI6_^w1VIId>0$l?No$Xmivfcv^Oq^>Tk!{sM?c-NzGDgqm??f`ulm;^Es2&nfT z(gJvj-1;?@=TUG=Bdyu1dVb8BKO;V^Y=DfBF^?g*sH!*v;UmA;G!)mF;?YMl>w+%G;fCSeIbJQr5iKy6poDVo`0$>Sdel$-wVF~4-HnFj zJwCi4+iql07I z>On>TjVyTQ{_vvJ7n4PK!+eQRUqq~)AvP-t24HqD5U5zKLB6Y4NLXtP*+ek;L-vBiJJikjfaE7Ft|#!1%F3GJ%6z+B@BK&? z1~X12LY^LIbP1l|vcC4ON+8f#iFf!Ic)W(W?ym6kaXR%rkvfyE@PJU5&%1@k7*Nr*|UHIThtdi4<1#JD2@`7eK`h zulBEa%}>E>S7)7>kO?SMD_J82eLq3bCZ5$3?|sVMA!3J6(Vh%r$c!y75)Z3tdeLXs zUx%H>h$HJ1gViO`@r+<%(XqLn1cf4tE08M~jeqW@p!#e>n+q0U4Kk4>XC+rU{ZIa; zsbuJ6x2Ks(+C{Bs2&ot#rM-o}`6s92aFvM1Eqi@y%m0gV$XpvI{9O7zJo97Q6;h&@ z4UEqH8C+>i-K5XLb#-+M+|s8rP2AL?x(c;FR48idAPg4hh2xB5%#sz2q}Ap%L`i$~ zkIO7vYKvBQSe&MSY+{KV=HR|N);}Uzo4eXpJ=`0K>W$k3|ufI^zV_DJ@9V#WOIEQ0xHE&P+%+zNX|DXxYNmS&iBW?DLMRU7m$k zSk%Wg&uF$%US4R(lxi{*GAC3`X5{tKXmmlp(CgvajuuzP{T-6+m+c7zE>Hl?%B3T1 zlgeVvv~Bi4ozR29u#dqGo)_9%%K6fn1KG6>!M#+pWzUBJrR2^5s=02&(^42Ga&y+ zDfk|%?1%Uf$yzbXlD3r+qnprEO|vB$vjE_?W|r&+BCBEtWK*PHsy?+M7kdR_eW$SB z&NPdYy5cF5Uf7BFjyIJ=xz=bhk=Fg8;Gh;5>BRnh230r|b2R;HcEruhAC@p2b}lfE zAVm>PJK*A}@N}uvcC>ZTIBQQbk9zy^Z)G9b$1@?{`d!yD?tn(S%rAB;v^2gnCm^M$ z6iOwjXwz-Yc9O0V&Putp`?#W#kg?lEZu`;#;9L6ah6S@&1A4a70r@-yUU*bIJbqQj zM}*62JB~-1P?ow!uFYUFzgaE*ba;7MX%t3 zOvAVCMp~@bx5=IMm;8n zLgs!TwJedjwoWU zVP$UDg4>6k*wgM5A5s@fEq&}Nob%%2!ZA=Ld#;{_ofno4JTKY2;!A^P;Tc99Vrupi z<9P3vP42-vcVkk}iJ(sIBRr`i{CMeFbF9tBVa`=8^PGKEN#9K<4MY&(`N;cLtml)< zI|vTkw(0WDSDNcp;VkmAsUjWqJ?FW)Wu6B$HU9kNpr-Sj`;Au+Dd)x9l~|Zf1%f09 zGk)ebq~MakVZ4i^hD8fH>tyWg6IsjoaF&e?>NZOc+%6l<1e=?5Mahg3w5iw@&*~RT zRi<5D{Roq${rk151{3;OaV=80B)Y&%tNC=u?BPZZ?7gBEgI&-pc-k}nAk^dhO#Pf| zjwX>=YK7nFVUY9ssd`g-F(NIa_U(QWxYg zf=xGZF(#Moqr+Vz#_eNw2A;26sj9(kUU87U1PX~-LBxA0$@Hf&YK_r35*9*n9nJZr zw3VpfLL=8osx_^MAd4WRuIf{S@U=YD!`ZG}^z?lukgr1l(pB6*p+dnxd4MTmq$p#2 z*A2EeCuwG>j2Z+An(E$2TprW{7loOvIbW$CufB;ZrB_EOEmy0m2eH44T=)rJW3E+I zS1{jvi|u(IrYhqq8qc51eTca$P^8IIrE*M4HYpIgz?1k>uwDLcMb=C8&G%bM{Pin1 zcDC|KzR!K=8sR$-%1)n%bdxSMcU3sxKK2BlBCFW}Hf}r*@dDKVXOyan8<<_Hvj-

qF8IPuv?q$LnacKsRjd9Bs{ z;(HKb7$mQ?q2ac0O|_A-J}mSPQA;X*$Wzv;jW}y1T&yex@8j$H=4R{D!F%}wRUO&D ztY4ns?%@n5xsJMZIk`jb3CZp-XfMLK()+)*L-zh=qp}2PFjh9yA;6i{OGmm_>3U1r}OJ77=$%o%=qsU9Cjz zKGEGkC<|_(x~P6ArO;LQY25zCWML8KztbJF@+HEyv=+i26_`Iy6&D)8pQ5$6D42Ay zEkPz_m0eoe;0lUHU>I+6A2gLqVQKNCKQ8hf0S@;jAdjOWhqcoX;iAJs}o3wR6?`Om7oifK5z zs7nx>XdC!+a^SNOZSeZ%PS%P(!R@w}#p*;7nWVeymL=Z!8!6=w8F8iP4Y*=#R5w6u zrrX<{ZD*_$&q?U-fRk3q@K9OQH$&D`>6vVCDz}oOQR9N3?~TRdpR>-JH&0k7<`ykY zJ!#XR7GS1&pRNc9=O~A*la}G(2M>>0XP@)mf;Ed=qamSye!yN}C`&NEK{1ZQC8@|! z%DZBpKw+W3Swo>hr4Rnpou7gJM^(?Fhw3*MgQeRpTnX@79EvmP-BV35kpB!iMa2^@ zd?h3i7h4r2Kq!zQke2V{=I(+=RZmPo43Z;I2mr~+SNMSFzz?o|WJlKK+Ae=}RhVKA z66#jydE=N_ToOA{!|oQ502FKJea95PxDr%a!n*C+1gc%$%{KbKwECZnQF=Xj9s0rF zWI+MUJyqU9ecka#z<&RlE$?nDP63wIELboj%WyJ zrfq>m7Gnc6ULYo@5e1rvGD+p9&Bl&D|FEl5*B-%@C4|5cI{8jjuby~S8_9om{nLle z9PcR4tQT{!NTNQ@*OA+D%G}YJUA|}JlUUSsz@_f)*~N%cd(lD)_HfMRKbrub&p}QM z(rPx%%&VyJgXkm1zXdJ=On8zN8%2)2_HEi;3Y^ePIb%9M^aJX;t)t9SdTydHCqCrz zuM?#i>zQjxnFG@h43z4tnh&W^mM#sKk}ZR+N;-2d-QB8%JRQ1w6CgyU2Ty? z!kp_4!PWZRt5V@GWG)7RGDohrzJd}YsdCg)DmFM>AR zjwRjQ1`FA>jM7OpKfc}g*oOrwD;|JvVcy5?>QNr+G}g{OxM$F zh$bbCkRC?XXE|VqiXe6RL@J4f30$xAQJsj;zw=t4r#i=CIoXOPlawD%;tY>e@bTZu zE#IlTIJe30G|S!i*6jT^yHp|X{P>u^w4$T3Qkh#LWa1Z3Z?qy-&pK)H3DzG+fAzMU zt!RyRk&As_1@M%xwtock7RB~0bY*9F5Oo+cV-pkiV9C%6gW1kkHjq(CP?m|3Dh-EC zha${#+OG5LUbtGEkkrVL6F62iD~$Fm4Yf-QbO-vFX~R)|&lM=#V9Ma!vLnK6ph74I z73>5t1W~f|OSXmx>lNWpVy2w8jo-fxF<0+A9#n+>_${8FNTyjnHl-UCI*WTK^Nd9a zQw(2B!gX3V(4Wg0ROL*v6OBb3a6;-53vZHw&iAXa9r#)9re1XOH{_!Sv4F(Qlkeqa zu#aCpVItg6gyTd79wIIx^Fu+K==jELbGl6C8q#$1L6`jHek;BDw#buAI#aWCZTI5$ zO`=s%?kT5BhA9U*0Z;s?#Hn#IlAdmoBLQF3eqReA{>e2c`6ciacG`hu@WMiGO<6p< zl%G~Hq4u|p&{l6%3sM9s=9pZck?e)LpW*n{z1R48%dgpIYzv2sdpfU%*La{JqW{El){BQz zq|q9JA@OJSz|kavNpd3Ms{>koqEFX}uQKF+JoI{bz=}WKRhv=H&n~hI#mx3lxaH43 z#mdUcg2R-!-2|JcZu6FqZht>oYiOhsH|VGSjwYcGB@;#l0;qmK)eCdYV8)JT-D9E! z?{<$_tJTRN?trwvaA{Jpj6@uvyF0X;4}=bMhHJD%5h69bGw*K6U#kCmOvJRGgaqO>9> zCj%^2EV1FInKi+77oZi>nB?UAk!nLXMn15#P@m-E&#AKm~`hB#OMhJ0cAl->84lb|IL%C-A zPHo_BnwP0+ItUk`Y9XyNmhNFrUmX|xQdz(g9Lo^viSTDzUo7`wTKsV1oLl_yfn5g5 z$LxG=U%7(2`=h0Ae(%$af*iQ->k!I|nf7+t&pOuz94k_pHK7_qRH9E6x^3T%?=9@% zYW+b}^S|40u?;KI6GXVEd-Ap9X{nm8z(SQX(XgoXWeWec;lLJOH*;tPw~!QRYd>@) zLzLIU^NvYHh(;`q5|Ca<46`bjX?B=oQLV~S?@XvDz4a}NL;*#%ar;$WXt(Fr?VDqk zsvc;uLXBBMub`eKx6&iK39-9^{%^+7UY}3@EwbiMs8cDvy^yy$&RjA3j0pGYnDV5k5YvE866Eg#13lJD|}dz zq(RI7JzOn?{`UwkJfcY354BEl_-|%Y=5+LGNCg3O5O6=h#+T$dH%$?gSt~k22onVF z1x>ynd~}wwxJm7i^^oQq?v35qdzJV&?CoSYj;x{j@p^1-;mmWUa;W?Dv=&>8&@#Q8 zAJ!D!7Z6?Fvmfu<-FRntdwB(o9sQF-0p$F)#7pT`X5%f!W_)4iM~`I4>3q(kTwWZ2 zHaXC5t*N^fSeoO!pwF8NRnVM-x+aNq0Cc!k^1(yRk;_mY8@VF@WVZSqGeW)3NgADOZB4p;xe zmeD)AAJ$-2tcz2>j0d{|RbAi?c81ew6z9hz(R~(tO9kLxrTZ+HTJCsL$ovL;nAnQ! za$6h7IGFpm9sTk=+VP7-YpG4Y_NH5Ay6IyZWP*A9Y)ZXm`tuo}j=FN%{l#Ihq;T)J z&cVS`C47teLZ3DIli0hV*F^`zF5-KR3(1k zs1vPepKCm2V%O(j4 z3#|W(&uwBZQo644^_`e&1>F}N+PIg|y$7!kOCA~cafF>5zV=vwkt;7KdsK@ME%g`8 zn?26=-3za!N_{g817FuXNMBL?03V`#=Yz?s8@}GtFD~sM&9d#b?<2C+Tg1E_yJI5a zc-XQ&j>R=(8}7iMYVQbeFtziYa_jN3akBdzo9?Q6HIh;uY)!&OfnC$Ua~ANsnnNjB zhOdBfTy&b)VOirO-);X(Oayh5o`A~QAL|Xq$jnRs?4DW83QZ_ zC3h0Mt@5rWZQO=M6rs+=_3NjRzuq>zBxe^uIDq$idSd|;=htdSGOY{6WQ1q268kdU zKX;&u#oKy$Y0gVe|6VQ+$sBquMr^6-Ukeii+dv2w$u$V0zx!zr>$2eR7@dj^O6Ol5 zeqU;2I^kQ5^1-nh4Gcmei;29Yjz=eV{0U@Iw)#+C{BI>;7^$j{d~6 zwKD*E_toGzx|x|{%x>(`5=q))LJRwcSk8Cay-5VVg7kUTwceX&pxbjN-8J7CU6?K} zawpMkHwXya^7)+m34fq+*a9{KIZL$huOZ?MY|JH|&+|s&RRDj%&9gtnxcn^LbR8Vy znANMpIYTnf3GLTDv;Wy-%XFAO@MI6~F2_C4QH}%+sJKbgC`*o(o1;t1!g=VL!}}tT zZ~J`!&m>D@us9ESt8fGoKfzTNMjTJ=u0_+Sb4_ zoVwb8iqA|$+0tK}HXBtAe^|FxlB#rVJI2>qQbG66w)U+&2erahhiy6o_p5Ex_e6`3aC7g>wi~E{&dUww1tO?VZWs)p$7sVf95HjRBVh?oT z-^Y_wFB^*nVvJ8O;dFwqn%f3PT`p+-G|ZU0Sc_8cvE(H}a)I!9V1KnhcNk-Y=v;_S zS*fJJKV*xKVOAWdDM6rxm_M)$1hv%0lf1 z<^{LoDHwNK@O%y^mVz?Q-Q?$5(&m{}J*<{%&4jkY`NT+Q9r$=K&cnC3jqic?uZ4O4OI*MX;i3>0cAm> z_VYBjR~3yGGoUcjgG3=_T-t%_m#Si!MDMeGM2)f z+YC{WcPRr`np6f!>uR`}l||VS!B=#_*CaDa#RekLkBY-(zv%qnK9;H&4rj%_DR8Nh zq1Yp|PqZ8e@wdK-Y$|#+l-hC-n}`WXx_%NdTts*}8D{W~hlhS{)jSSM9T09Yxg;>M zyP8+sHj!RvYe9=NzGElEmXm485fBBaB{m`gF zNfG2-lCLA_YT(9^ywCo*En>GyiFc;Z)tt_%Ytde~{azMw3C1r#D@697C46a1iZ&5< zjcX$J&d`E4VMKr@2%fsM%FO~a?NFAvL)$CxPu^qL9^Hne}G-;4X|cz)r|yC~;~Cj0Zj;#6N(H+Ya_ z#W0J>BPe}3l*|BEmV+LrvglA*0FGdEWk}`nRhFmPk)|@!D=x`%ufvgsE6$+&DZUf! zKnPvWZfpG;?UzB&)vyt@&f)udATaf!{t>YO-2dY$ zldJE5(AEXY#VC~VKGcC8h|o{O!*w+*#J*d1ITox|h$l&V&tqrr!*^g!MUxAPg1+}8 zCwz_EJD!#^ce9JhqDdOLVmsWm7S3jaRyrkME{_x$h+Y!gJ;zWIabF^+Z8fh`UpZl{S+;VQ=X=EZna&DQ*F=GDkQSM#_# zDrg*PJmOE2*zl72Z$yGm>97WI_cvXb>Arm@1z<=gAn2f+n~MvxiL_M2wDUB#MJ&`FBYZpp#)y~=xAO0mmguzV%20V@ z4~Hh_!+Xn_Y&`QX7LY^8%K_io#q|4s-NN!WwA>S1RhSs$ukf%jI7QWf5fG{a@_-78*u z&ck{>C6hsaavJtNqhu#R~*pyi+576)o;J-zpU?HBmF~(q(P!?8gWySs!iVSyy?98W(T2HrBp5r~QzU znN!*6VHTJxWKGXHXlB(UIBx7yv!QRVSs`emO-m5b#O|S`b{jez-^gKCXOS&1lbHyJ z{9!$%!XA}DJ<0A4AkgY-qWS&TN{{WJSiABU{Zpt>O|snkq21ggW&VrP`}_Om3(mze zh$i(2M=2=3U7*F&sFJq$UjC_skbq~5aDI;U3%ftN3)bYVGy`I+FqTKAMz~sD&V708 zTkZx$U#%L+oD;_3;3R!Qa;E*0ZaF=WQJjXd>lc@@VlMxT{%S@uc5p@}cH*J}AIqMA znH8sJe*K3XGknJBaH(0pDI{yCnn!d?IB8>zd$#R?R)txL%Z-1 z7bo~c;WB{)tQ`#dlF}ktRTg0WP={B(SKitAh2z|$i!g0dV4WaOW9?G ztq7@nimmxN(X00jJg?2LkN2NW8`-7gFx()0YWgth+Go`VS&=Jc87}rRQ1#0b$-F>cvz!weBL%)3}If-PAi)*F$z~ay!@y3AxVe(CaTxAzmf|T9Mo0)`dE`~X8elwo&ni@-g+Z%$af-(b zr!YjRmb+=(1*4syLqV)ZA4A+iiAE>U+ zZH1+r!3Li{A%z}B*%JQ*IoV*6G~dN`UCDBfC}V6ae=Vf{>$#XZzg$C#&nNpHix4aD z)__}{t& z2yA8k{4?hF*s;C#$Mx(SR5P9|wLYR#bsI zT8uo-w`LNvFI7o@La2@-Gdxt`bS_o~CN2^y=Q9VIzlO$iZB&ism(`mn$!^m2Ox;H6 zvuRyM@%p1~7BA@T3O?rdMMMU|I5ADRl@I5Vit4*!zjOzlraltAvW#V1SP)Ae>Vde< zq)wLhN~+6)rohS{HG;pty=hUQXh4=@btoznKZ+ul;n;xLGVIxd3Ab-2 zun+_cVG35+ON15pIeIh`7De*``ECU}PQnGTh1(Q!1}e%6Aobq%s{h-Ff5^K(buizN zO!h+G`r(ZKeIY5bf(3P^ca7L>mfVhr9_h<$c>mgjgO@5yFa8V9&qZ0S*@w%HD-@GZ zzKuA6y@L=Dw_U;6;Nb4R0kHuKK~2Y3*CzV{?_k*u)c47?K0^xJ2UwZh&gRVS0)Kx| zM0Y})h7!(D2(aRL>j6fn91x>m;De=j{*X z*Q4>-`q>mHuJh=plQ5xA_qmTJAN)U#{KM8~mjhqGM@AOhhuGM`^03j0ap?fFV1W2b z7qfoo1ARwhQPPY05fb3P1tvdGTVO2`n-0QvOwnJ+##m9rUVRMw%KdVQAPq@Ow$j)& z-=1;0SuIBupL)F$xm*5ee}~I&?D6WPp5|B4$jY=S_f;<)8{F{_ z_S&%ptQ)4H?VA;=s*m_&o8P!)^6%|RZ*C{PkDIMxzO0gobhaZi)b{ipi9u92R%IOxd5(p?eAzTd!k=|5trOSz>{Yi>r20SOF@oT9iYMIgMpFw>`2){N@JX& z<$lwlod3tMq#$dx40HxtjdU(nJietGRi1WYi-fOEGZvl*JC?sk%;xJ08-1fjoSb-Z z-k2pTdFQVqedX>*b-2XHcMTa-x_X^{HJhTB78_RU!2#SXWJ*Tr05(S)*i5b#s*x}Q09gqef!(1TMcb;+az<0%>my?d`AV^DzuPNlz30L+Rmb9#zw;ZJ9~5lxp@scNu{XV2pXkaEHr14 z18G?y-8|68MYiiQi-x}EK_A9^$|!x6-Xv`)AACr6QwY3fiBD@prrL$4ah0HcUYmtk zH4l-#KjASU=3Nb%W4<99&aJ)8Zi3chs&w@fXv;|hv1!}|2DK>u_QZIh64 zqg=ibHzFrBqOl|l5E1u$fS4s7f`7XK!24~XToG!p=fT@Ovdw_hSO#^Eok#rn+%;el z$$GaUkmErlZz-i>uOE*+q)DG6r2c$R?WJIs?FDcOHE-Op8%GY}acr*qH-nhVYirz* zgwLgPPiethDmdq$l!39*VcKMX8`$G9?+Y}Wk{_hPznYKQv~Ou+gQyTTI?;z0(G59g zL3PVhHBH%|vTBM`0bTbSg<;W(-?ld;`<~$Jec`Iw*Do%)xgeF`_qQ2afx+7aKnYBe zT+G16K?=*4C%(YrF&J!19XOMG10$?*fvqc34h!ULJM$P%&mr?-B@@MM;LXo)5P^_8_Xu#)C|U z{D=t;!l?x{mZ)4HsCg?LcrwA=lBnbeOoLDoLc%Qnl2#+-p-TpCx?Su4ekMCubtsE( zs%oeXAr{YvMiP}V#}IY$eV^TiLBi`Y>v@@z%P<{*=ioXgrhd{o$x4QN5=WLS5}|;b zCMYfXCmDMXRPpc~kEk$(nJ0mVDvqap+iq9@;z|+t&fz;chTEK=0LqDA0I(6GZQJiPbm<&~l1l8O zL3_+2b^(42qvKf3j#&-eZ5&;D&tjK~{+r2*5;Prrmh&)`A^3#yMgK zkTBP2>q~vND#%TlvU)&Sn0FMBs7%8PPx<4`o^m6W-K02m45vdk9~?T%G@J40P!xB= zld z3}T{rkS2_rDDX7#fslZ~w^uTho;Ii|aF8qbIecTI;~@6>ERq*}7n59BQ{u*MSaSX5UMT=hO$Q|By%Xre&Xj!y$ zE9TSO`vOq1@m}nH^5J|>_(j;ziM1N7PL_&_3}C4yc2fy9Ua#=8R5b7qjOiqlE-qd| zoqFLHO{BdGy(S`_+N&1nAd4wxIIn?xUcp3;wM8XD?S?tQ5ZL~X!^!jm2F zw)VYRzlTaCM$fW|WN9V~4FQu#xeZBRz~A_YZsEXilvylo4}&(9KKo%dPvYZmJ*d8( zIAo|NADP_;TDPhS)#Nl6Oq8{mT@|#ULEpp`C2BH$%Z<9Q**Ob-=*#YF(=XI^`Dq&^ z5-QMydyzI*t5ob;SB-cjkdV_7%ZUTymeYu((E%DV#`LS4Vihqs;Z<(uD$rzl5W zVx!PfA<|HUA?`JLj{WIK-m65Tf?8uB=xwUVu)wu{SkX3FkxjyE+m3xkCT72sN`RE_a+Q(lza+dK+z>VPJ zU-zt7HWfyEG})EZd0jScY&!0?g)%E2TZp$XApM;CD9a=x{`GV7&gY}*b8D_~VReL} z9-bvItb4!8$%wzPBoL2mZO%V1^m#6XFox=OEKNyui@Q1m=KQf=2~`+6+u z-!xNYUFYH?pQ~p{Sl#k=gpDVCm#p-v<1}_ zg-kFgsZf`wng>+X<>d}EzBfULRsxIo%8Bu4Ia68l=hWeX7*Ls3pW{-#nuo98*e6qv zx71sK=cuarHR(B*LzgIt31C(2^c6GOVLwEavC~Mx0IKv^5M!Lb##X zEb&ffr~7m5D94hRNucKPCf6DY9fMfcNQm0_p#SO}q`Ln;q?4gaM^TSfd-$Gf2R&^7==_4d2V$v^cv|JIv^O`jx^0iZDOmSzJC=}Kui^KO zXk%H_ocJG~m;}4Sh+l(-ab9pXL9B4`?y9T0fD+G^15Q^}9A6lLdrBi}u#t(8@}mcV zo9@*VFE@6@!mLEsu6Lv}{XeC4y0!d&mXHA^)FVuuS_GqS4a>|;GSh}IFyEKOP}7rf z?oV-6b*MAOC?_o+K7I**oC;B(1PT}ojLB~Nl3ceM8=&z(%Rv#|(76bzB~s5UQH>${h9g25J1jDCFg&7I zGc9fJfbGa?;6tMQdRn_u9U1Yjx#%rXs={K9QC#b*(;7}X>6ld?z*SwnvrMIZI}(E( z$M^5vaw?u%7Rwfo+rg3E+|GF<%!N3b2%5y`5E3#uyip=w4Rc$bmh1~zk|WuqQ;FY5 z)RV{H79^(zV;dC{ms8jGYmU6Cc>mr0P&eS3MR+p3U&r;i4EO=JfDWDam&*<%MehKR zDuFwzZ{;d9gyGH6%Yl#}kaq_~7S3&YoXHWct2(LrYSeP;x|iz{4JVMpknyC=UiLG( z5#T6zd0zl>$wAx~AXkw!NTO+D@WwAG&2KuQ&Rp|)iA~_od^dxL{njRQ1~TVzE{@>c z_#FX8ke=VN@fF{7eAO$>#UDHu#E-N*545>`#+Yk9y# zTv?~?q7~}oWHY4m-)#{PrBS)W6n=Mqq)3q}L-5y@O$Rw;0owI`Wh*#3QQ3kPVaq(2 z%LSc~_~{je<`tH=W1Up_EQxBQu4Vpi-otD;j`4Drk1EgnJW2?de_*%&ciw83Csc*@ z6Efj1{Xz}|b8<9rdRMMQmIT_7Y=I`QSX!M0q1Z;+^9_a8gkzJ;{8y`dHS5O}OSi_tKtRkma07?6 zl$SBcZqS#HfiVh1x54%H$HlhDdA}&CT9pF0Zx6#k_@v33BVY^EL<6@!hSTe_vH-hs zb}*}AmaxQZ+9mK}4XguoxbYSIv!20uX=(k`<3k5#Ut(B~i01uzcd^|i46%7t z=uJQdbaQeG5jCXn%J}v&JWE;WL__HGnaWRRQA!(?;|M36V1BN;@ht)8ZsIgWfJEpl znrO5Bg#~@&R+G{k?UPW^5~>GYc4fE2R*P4m?@cl8qx}wE|_r3p8i2}3|%+Zq7A`zAx)?;v_wz6DU?i7I6>KCiJYVIG__vJKQ zPA3JrAnJLL9`jDW9m4g5_Sgz&T{H@(_fR1uGtZ@6*fu9WN7@mcwjx?grT{FK^;3po z_{!8L2F8I>n}e@r$!Hd=cU#wCoaZ!+bEVZFpB^jd!s?_FnWs;4L7|(< zv<^+&u|@*WsMnUOk?*#A!GtDUjJBpNhBXaKpA+c!3MXed_j^vSJS3>zog1+`#J_44 zseH24#3fcoI_*MMjWGDZ?6QlV|I0?*^%@O6Pm}CxyYaAdBKft7`;RnN@vtMDXqENIWVz_(5)Lz6K-k;2#`%q#o!s@uh~mN zz3X==t(}x<35=R`WJR7YZfbnLK@Db<6+rO`@9N8GwZ`~)f8Y&g(oGiNmDG`7 zEyWZ{3J^pLrYvQ}GnRHMrfiOzMqpnrhMacp8e;KV6fi3ytMUAus1O?0?0wC z%K2))HNARaR22h;lxNE$(16{jVI%Ipp>4GinL1pnNZu3hz9=BgbJf4jdZ_{io+29q z3Fq^lepH8WUG};BTJZxMX?}eP$cQU%!q(U!lU~J0#)3dsu27Z(E1c z`=xTA);3e%2Dd+GazngXJL)_CHtDRdAyqX;in~RVW23%8;<=v?VAHf|qNbR8OV92i zl;H5D{1xnTir><4)hOH(=tvW`h!ou;DsCLf=;L#(pSM^ri;T;(c7S&1cb-zSuDb*T?hjW*-^fZM^QYtyFssOn>L9_zz9eD$#vlsv1uGdpa2wsJby#g*vGsXvRgd za~Hl5vK|KI|9$r?+RG$EqPRInqDb7lBlj}*7SERG$YuT z5|QIAM#B=#z@D<{Zc?miJR_C?h_0$9kNioF15{1aDp8oJq!Bhqz>9@`)nPYYC4fdF z0gp*1Tl~^12&#o{doi3a;QA(X)CO?Fx{3Y`Q2Gu90_v?wi)cQzowws;JKWtx;QOL@ z606X<@u-3=*WtkHXu5BF!GGcDwVOs`c}~k_)$KV?bR}nYC6Pa88LuG~1JpzuR#SjC z^!MaUD<4SjM?Kt-TZ|ew|L|rZEa2JPV1nVK>(?W9s!XxAd}5;Y-i#r74o$mjqSmTjDn3K!mb#<@HY%B?NFJuFXTCgtEXC&qaIrStrm@~N=t|^ z!CZEu9xT54e>FJ-LdsH_g+NYOySD9bWI6^6Gp5~A0_Fld29a|et7*L{x+JSt_TWzJ zPn(977OL}~X3~@}E~X4@MZf%LfJ*n;iHB0*Sg~K2MvAallO=1)@DwvbtA7yE(}}Ao zSBGV99yfsZ34W{TvQAesDDns%AtpA@Poxfl79ie_GqS-F`UQoChi;CJV{n(T!Y3~M zR{)}fPNBvnL4YLhXRW{Ufx`^8K*%+vY|1JqUCke9bC1t75~`<>SK!IfRU#iiC(5^X z@%6&S;1!^%{-u1tYG>xB_MzBE3CbxH?kTjO7DP0{vrgrNRll>Yq?Jf|&gFv=30+tk zfA@*JJ;IP`?KWxURMOQ$DC|S{n}W{#M%8bhoXZ2}Z7W{oy(rdJ*iJwDZzfmMyjM-> zY!(1iP%BHQmbyFXV#Z<0xyIw!emWDf*2MX-UB`mmU;Hqq3JC^HFqlETSx!^DeZktmT(7p6<32;0y9zB<k&*b41y_t*5F+FOQ55Gv0*L| z0g>&J%=?DUhv!*f>z3d8?s$86w}u{1p?hpkAMICA?6iXx+Bnof<6^B%k5>+y#R(4< zsYrOTSk=6+krBlBLMeu2Q=YCI=!yJDP3mNt}Cg_)FkmCa;`LNdCjoLJX`RC+-5`vh){$R{H>Z4kPLp zqAzu1gMWIT&I~?zxNvW_n~R`DPBepPAh0V*ci;pJKwKvX9=KCwVIN7y4HZIu->pth zAc*zEyz{G^tWAV2NkPNXt?AOv6NQhfvwBfp6S8!oC8?glv$HEF6?pT`bvsHSs$<3J z>Xn)QSu$f=!!)*sfHA|U-9()<(02E>)hd8f9{%FHG~rmWw1)ll8YHW$5W801{3-G|v# z{fLG&)Ap=Pd7vFfoiO;DZT4S^vHC#lrG^YX zX{&WHEd|qA^uX(G8#xFs%>MMQ@E2=smBh*v>*Rs-Cf}+KJ)=ylqf}_g1LJ7soV5{Z zC5ekk>Qo(2YHL7T>QO6M|RY1skjJp~ld+(L{5bmXt;hgbr= zqven)16e@nb2uKbpeV%Xe*qd%f}T|f!)f=rzy!cH`cX_dPoEIk3`iGZ^LfWycukF(X3qk*zr(W-#U#R(Dt-^uFxP7~W@X{P4MacqvS z;f4&iv)T;yO{Ur@G~yRV%TR{W2)iW;`cyBRuaLX`(pG+B#0yl=ZJc_h8Lvd#FsAh}mI?s8XPhpD@^_TqHIO?E$5DR`|y5o|XhSAbO@mR^QC<^yiAlDy;VA^RmI~p{)kcF1By|6f8a4dm>8h3h~7TZ3M z`?Xc9f07=aE+j`PDv%Pb-yxWBPJ${$1*{m$?W`Q6!CuwYy2dh_W|bP;F63nf(Z-93pa?N zBu6(beC%rEL^~%2=FV5sewd+5zOi5(n2GpSLw(-!`2jq)5cI}EJ>Abas)R+zfZU8+G;{(eDi9j-Yv~`(=Ll+RZi3Gi&_@`INp66omjo~iv2C32<9F- z2ER9TH%EdJU~&9726k<{;S8gQC3rea|4g|3B+(n;-Te)1gGy96`&WxMY0#Yp2!OQ{ zO%1?RxQZyVnPd&44I^Fuf}*{ni!j0bHPq@O^k`JD30Q@DfL7Hur_CzQp^4Yv(_`#c zGSprqwoHJ~AMr6{Bqt+dq*fUcy5+|mqm1UQwP4E5(OW=(pSv#^A!a3)T9J}0tRP+w zw=#xNTIHt4+Ne5i%mamQIz#@Zf1fqwqU?e2M%kllr<(vf)4Ynb|l1k3DZ%0Kg#w0P(6iW!fpE&B>{K0IHt7~BHD}@19?$m7m)gX z1ya)kCoMp6%fXF8zW|oT?_^Bx2WAPRsM!n*48VW=#28B%H({oY)TS;kU#h8xsO++&^kVi%55rbeNG z%3@mk<=0EQ%`2}`wM&DaYaACk3^pl>jsD3^z(XsL*zQ5Q0B2l5_GEBO?kUHT5|b}t zMkm>rXYrd2W;K|xbr3wwxDkS@Lcl=!b&XU)RV3%ZkS84|7FXMuO0uwMTk7(iMziaX z8d8?TFSVa*!KB@mF+rg?bN*zKzWAbgY5o1jzQ}`g>GYTWuk5zrFQeWVLp(cMxs|Fb0gSiHF%>b!I%B@XPdB)rAT1~!cY z1*+9n%GjVi9~PMX7A^qfndA)V>PwR3)vYI0eAe;ikfWh#v7@3#w$?@7efLabQfqSJ z+8eOY`gzG`qpRAa|KKgY#jVPUO*~o5z?oN{hhXgqrKT49Q|TJ)SiB7$tFM7*3ajaN zbssgdJSHTM2WgnqNJqXSEp$s>vbd*XV^(KL3LRvN{*0fGdAK@pvZRap@GQ)h&iD## z*{U{8p>K%%-@V2qrl|d;^ni!E5QxeUs0LC$aA8`|?S}=V3^Wd9CV^vt77Ij&=|eDV z#Cszme(l~PzT(oIgm<3%39n55X!H{Uigr4n|3*vS=^dJZKcgn;)z5Lyjis#*CcVG6 z>XhiW%Dri3q1`uDe>JJ-AS_Wlr{)dQ%_Bb{o3M;}`_XZ&K=Zt{w%Sj%3+|*(u4sv~ zPFK}9k`f2FZn&s_V49bkTxUAd;H{!UANjEUemvN#fBZlkCVirp^d-S9#1ZsCOGHmAP7lW? zu6v;T!J1VM4T{1*Nl6K_deb&vQ%HL`CHorlpJuQ>z9ibA}l7}q! zmTJvzK!(|^!B-?G+j41j#6-h8MI;e2&HP{fmUhhdb|RQXT0exUu~PQ+n#elGBiD44 zr4W)NGgQ$1%+h0wNvzXiPAiJbmr^F6+!TwuS{rpJzg7v;6$P`qh1jeJ^3SY4<< z;Zh?Fsl+@}j&q2@et;Vc&o6pj^d2rDZNVX|%5n)ZAd$pn43 zD#{kkZ%m7f0XNT#Ukn`<#{8=nqJy_3e@ekxarL$@#MKC*Pzf13H0?Ms=r~BMD<@IQ z(Lfr`F1d<9L#Ygg1uzV|qH`88qVti48Kgz6FOFzSn{=rujYXd+y`D#qqqI?uH(UbN z&lJQ&l@1rttzoT`98oX3ebX^_^Gg+XxM6RkYYZyH`qb~AT%_V4gB`1I4B{nt06P)X zjBlk<^X8xH_oa9E0KG$P{^cfO@Iq^dp4nzYOcu6x;cL%BgqD{Q#8ZlNB~ zLgqkLorf#~KS=kDqYzo;cY{h50=`zouaFpf&%!Cc;l30f+x98B!|Gb;`nTmrt#8ZZ;ldNK9^jsz(0asw&{RaMNZ_R#VeU_Mb1X8q6es*SN7IJj;&=w3y}p4#ra4E*hGTBTEAiEB-ANRc^LJ z+4&tn7zj_Po|KziAIDECK1MK@M(e3lyQeK7NS;nt5n|hR{yDh<; zB&{`bkUJ|Nl^}L8VeQC{$7vn&BTUb@P}*jmjgr)g}OC5#ElA)c@_qsCYDZ#rs|Ppl^Zd1t~^J z1fBk>{U~QvQh~D;kuQr;*Ph81fT9sVy)Xjh%?(Pf82~^T#Pc9T#yXQY{$(#O(?Dj3 zG(C)7V(}=)hu^84U*T5y;_@y$Zq}1&0rg%Fr_3ylw`1SJ$$lQ>mk1e0yOZyh zB;)Q`{JE(^>E0NF7j*+Dck8>IR`_4N2#%(f-jg6oc3?fYW9Lr0-a9n}0&hS&UJRy2 ztfMFBzF{{0KNs#VKCA7SS?nIZqZH1C7ZHV+X=%wKrFS25+-);8sGTi_smN?!E&)z^ zPl>k60VHbG3(Arz8RRxTx*Fg6ez{6(O;1F!)(Zy?)NB3uQC9)P#u*B(Kv+vs{}NV| zEYgEq3{x%b^G$1z$SVw+P_{*Z#jj^&i5|5`8(l+-rp1ODPo)?mEwP0=WR}*d3$;&p z15y7vNK3>p5ar2731O*JfrWAi^yc+aB}+LjasM2tCM^Mz3&bCg0JSJ3i5v%YSrXEX zai;znvr6Hs5E%?fEv%~~Y;z=1q%fv8{@7PK><21j_I>bNtdpl*8mh?2hoyu#NTuut zn2E)gtvHw43vDUuR2z7M(Ee!chr8Iz4lipd+8f1ggLU5##GrX`2hqo0UtUDEKY^`1 z&Hspl%rq3WageuiFae2lJh~LNg|_6qpbyJYQyJ_eI0x`=4laQ{tPb})x@mq_-q?S| z0t)u-k>Fn-FRa0-1Hk%uoBqD_LZU{`n=N>84%zT=dA`!HX)}&HIy*O_?_Fy2yd?8~ zJnac9!{B!2`GNjVINIk>r!|(YGcz>9;#p8k+H>v0+k$Ta#uDO!OO$h{6A{JN zlF7vZAhu3=ai-nU@uhb5qM=8Q^bN`8BUNLy7a(a{*3+kg&&@x<8Rr*gDajC9-7N2T zGW4Suc#?&tC{LYJVCA}i0D6C`$Vtx4Y%5w49Wx+eCpM-FAMoZo<`6H7@rgQGIbJtF zuyBkGa8Bw9U+td3$E-+np*D)$y)*W_-BK)(zFH@Hm0ady4I||L%U6Jdmcfv2xYCwE zoQPdwLrjs5*skWIL!~K8Ql|f*=^Xze;o~)&ZQFKD++3U8X4|%HKbvj4Cfl}a(`MVX zduGr1oL=<@)XevHBtX zF8qmJ0is1qMFvGP3+T2^>j{WaQCWLT{V(2WRlb$irNgs@ny}M;LC|yjP+c@^g!KS* zc(n^v6nX%U9JMeJ06Q3qIGuMaMt&C1^F%;H6Ui81K=3h@cNb?F_8M4Y!TToxaOE=6 zpIK0W-kA*97)qeukzO;{v;GGmiVN5@b-f- zLp09<$XN-$8}h$(|K@tk_wKI=wh8&gmxD9E@DavYXWg8iJIm$R7onE_d!IX%z<#e0 z)^1}5R@>qa(v?4{GH*=HQ6w^KYt*RM+MLxxhDbZ*4A4XZvOl4kgA&;nMPdz$@UaC~ zwaN%@YW`bkamiOiM&|5d@5@nieCuQ0*hu~16+e&JOq0OXifKIbmAbkBT|8i)m2mj01FGwUqTA%KupF#CCpThxQ19Fqw6#E_n_F zo(pJ>EpcA_;bcdq4_VQG7m{fOpS=B{NVB9-bY{V3p*^G& zb~{441zG9up!8Js6=+@b88phkcIX^F`jOX(H>Cnb8{{&s^pywmg{K5sbaosU?>?7fUOQRC1FzwUVpWPIeuL|RUP^yb1-K6MY)I*7KBDW`tY!;9Wv_1+uVtH{PDQplz&<-ta35dzEzkq z{cXZzj=iNwCY~D2kF0ekgNQ_2fa8J-g&RhQBFYIRW1{?Yc0wg5*iYJJDRHb#xZ9B; zD;ElLt^*&G2isHp24(;R@74=K=COH=?9|V6@)_@PtU%vfA;`n}o{zOS0ND)!2eoFs zpno;de|Ihl96zv5Ane2U1v8!ea2FvrVdMG&T~rQ#zjpuHgMNa0fn%D%`oSfM{@7@i z+_|~A`+Sqs!ZApea|iCX{F^*`r#D~-3_IVo$sgIT5$M`|3EpUJIIB&W+S;3S z<#Xd9;Nl=eYQk3Qun-wEUUQmMoq902su6YUE#P~~R5(XprcLE7OJ3>N=^Em+|RuG6>KjF6(1kM~9-v zEGs6PopRn&aIrI9`)$HkBiTLfx_I5P=v5(C@Nk8iHMNeHG_kZ)~J>tf{c(G#yATq>Kk z$QKa`OUVP_CYuA;DR@8-Bfg%v_#zPq& zsJl-9Bp0nj=wbBuQ70R;I7vQ@D8W!#sgxIaxAqY1+xF*!wB;B7uFg zRMte)kCt40&GZd)2kp$lzI?CW@V-ZkhI}#Qh)XQpwp#HFdc~PGUIXipdSHePMxtzt zZX;OaIKTQ4oy21xr3dO$??b*qs^D%AuudQw!gY^x`&SRK z%mcTo0~YRNk+5=#e`*5fSYmfxJ|{}RQbdI+g%klf${uJkf@l-EcH&^pB_T~_9V&+m z)Iu^uIDh~ZJ=l3&f&k`0xG~7)dM*>x9-vM_q;DMS{eNTNrSNzSS-#%7d~ItaXrC*T)7%G{H0< z_q=!kBAB4TOTYOOrT z2)8hgxC@z&Z@3f_5+hxMduDO_QGpn-r8dCJL7wu1l{aJ;^mRrEjb9cZK>^fm=y(9kUD*v57-0QX-FqJf9^W1DZiTOX9h+d zg7OVrY5M+p5Pk8;=A=*b2tKb5VMWgL-o-nH^_KN@+#LCC7zkT}@CiPrg`ljh6v^1a z*wi>e+`q77ODt=z7bmLwHx@nq+iu2Cy&D9u+MF~+O`0gZeacHDU{C}Q|Jysi#>2BM zzqpJJ&bg;bOmbsLnKEiDYv=TR^%_)nzkO9gi5E32W+hQ^b*kM`611YV8EF?cSj0Rw zc4lN+iz?o%o?P*-c`ALCtBcgN8&7yA-TuF5qeer7e2B6W>L8)VhMCX#$XWr@2!W1? zX?g&fhUgRJu+}e~x23aQ!~r-ZxIq*aC#%$rf0+m}J@QBJX~ksHTi~rJ#NY4XUNP>X zDYi}zK64<2c!3QpAQ3QF*%rJDW}OVJNP2E+4xNQ=ndmmQy(LXDX8$9nqpfGJ8rDF_ za*-~(0sixN^QNnxbi~{DBJTLbMbLg}x5Ss=>e<$@YiTe)@ed7aFOWZT| zG>Zg`9~!G_!+xJ9rTYznJc?UUV3N$Ib}#f+X@6kn2-Vgi`Nd|;NFQE>_N>HU^&S?_V2kNBlm6e(fOTd2y{x64 zi&VR)X@IFeB}!__hN9}EiOWGj3rA(LP3zcH_2ucag>Qg?G1s1>aeic(%gEpFcBxAl z6*N)mj`kg@)`isfk$#7iquEXR#I9%EN0pwM|ikx zgpI4Q#KNz$Rh_`?<)j-hmiroa7vq^VNKRW)u!~cGEq;d$R zU9TC$OTvenbW__OrvpCFB|A$OJ-^&=e|=s~LYP9{J}xQp&(whu7)B_O^A~SL5Kgrf zN2dMIDgmzX{qO-Inwpw$ZYVo&r8OEs*=@xd?erBl8o^J{WwI3t-f>hdIXEvdBURvXGCOP zuLMggp1G&TM-X!RU;0lfn;vzB+-w9SisXsW2Ijq&176oNc^nOHbrAK5KDYM!Y+WKg z-=VNJUh8grETo^x<=*QqUi=f+XXgA`-QAB{t`xTjhZ$W|2|nI=Y<{ybKUGddFbrAr zat+u+ATV3mH*jq*)K@}ZtmS=4-qi$~#a{XEGIJ2FWBk_ z2jqu}qZjv>K}5s(r>5I>ZPPEs2^dJwExDESZta8m3;r~_Jt{X5;s?|0wI5V0`;Ip~ z8$}Kk724E)7Ny$EnRg(nvt@9~fCIcZhXA=bt9>0sW7Lp$9fi%J=EOF$E+? zpHCgn-9P*9aQj{*wD83mr10Z}e%KO?G3=&d&kZ>`iCgoXl_ZOC0IA}eL)*3j6JO-t zz>a(b=g&c{S;Vsh+80ln0^~9mPp7janUZ zR<8lX%Olpn4)mdWSmD>;nLI&$c}`^#&fnUzbo`1xSS`Qh6+$Pw)D#7PMo|zr$!9)F zS2-6>gl}1)&622NM|o=${w&5oO6c}|=w*AqTXVbZaxik4mC$9@GS{`O%Ezj6u`Aau z3kS+sCrXNHG55eO1H{Q7^aKoYxbY2wn0_1~ziu-3rw$I~z*oFA9p&##*WcsJLxVdM4 z8nvxuTIP9|{JJ5f1+;XiA{e7c=M>+3S4JAaliT#X`_$VBXlxjAIAdI&cG-ae^q4dt z4`7w&MJxX-NW;CkV6AV&(XVH;sL?+e01=Sxa!$17T7+Bl0yo|XTYL)iU+od9!I#Vs z$0Xlw9aI=WfAcZ$5Uda^Aw&=){f;3%rUAInVGel*0k!0y8p2F)|HS&yGKsmlI)mbtyrPz}%L8(#;^)F_36#%MS`dKoaK$EW_*bsOQ)O zPkm3B&_dd6k~XFbk25_*@NeP3n07m|GIjd}$^(zVUr8(+@RapjCO`Ndh6*i1dl~xR zlRIbq36`7>b|Uj~374F=R2@z1Op*}w-!4U*)Xu>4r>@A!Et0$V4j-IK`^;dnuSTWF5z5;5$>{?f^ zld+DZ`ICh@y-eQjys9>-skdRdW_~g#pzV5s5@dglL8=)@XNZM$1T}(bL7_0Zkd3uJ zkOqAv@$A_VSY9rZ?gZRI4)>3RL3kXCjylur`fG@sTVId=G6=r1{bwpQ6_VGGDg*Rz zJQyen*>}QA+a}d53>mgo|25-5cu(mX%#)UmK{bcPZKs|m#^5Q2u>qXI|u9m;$P`?~<( zCoFlkz(S)M<2TjBgA*?m+(8=N-PFtJUwOWjx9p-@brx29EAt& z3q`&_&J`dPVZ95^`mvtz-;ger@r#I`g6Xr>gOCcYkTZphkNH>yHyQhwW+i0%oN;)~ znMGKiqmtQo6Nt4;$%c(EwrOwXqMr~)GOZN*nLd92WIH)CoD4+aVnW*WM9XM6RRh5A zd6qo(^cErOA)7cach!OO75t&(cA(N0?~~9Wm%$c@>O0Kx6lo%(U7aFo@fl$`ciwTw z?f{~{Wle&QpFo)u&08cW;?)G*r#FMx_6U~?&; z8hCib-%Os*Xo+vCwqv%c<65IF+o6=OJ%7<8^NV-KI*hLU@7XG~A!Ay*m)(@`#?U(6 zvUf#Q4i!aL28J4J97UrW@T%HEo;h4}ahyq?cO3K^U0n$68Z9nb#q*c*81#8NgeaPg zrbYYySqqJ^TH#&e-r%2qMN+b)pD02Jq#tk>@cnaVND1?q9?aTJR3#rD(w!%G zh4SYw_uUS&Q|YXz5{}s6Q1rxM zCrc9bI!YV`NMHOzhL=9y&b&M%e(m=B8yFMKw7BHWwUNQav2%5q|G6@Wr>H$2@e}&0 zIe96g$?p5q`IO|~A(1bzG_5wRslt=Iej-G)8)FTlIhvlIx|b`-p+T=jDLM0AwkmZ_ zp22o12Hy9FR5fwg*F6DH6{iIk2U_z3{^?kij}p{*eRKfU8}TNv7iqc3~L$B4~p5<|d!_v+~FlHO)a=)jR1z zEqMs0l+*^?l?$buXC~j_QX=ysV_-#UbDrE>vPtSn)y6l*sUJGk^y6KFyvzKYwu>$z zlSUHYR{(Wy+!b0AQyInPs6MUhmS$ak`@Gc;tp`+u#-A-TEZ?l$)y!1>9&&oGR^D}Q zb?ts#LsG*st>WGMG?!5HH9KI#dJ+ON`J_pKP&#VB)N#|(k`Jyd4}!v4CJ>0_mQ_Cc zSM&yJ6Xy%gM{*Y zTEsEt70go1M|Uvc08-z}MsQC}we~px5#|ESxf2oH+*DYZ-T@NS$b_|YRv_gk-&lvi z90)#-W^e1(J&yvKD$YyX1&QJt|6*Wh1$iFHb6W`}2O`=*jKV1+P}%8cZ)FFWH=&G2 z^JqH$Pt}GkT(+xmi`8Xr3zijRCq~#S*($&Em~)`#)@81$rwYl=0lQRVOdF7S)-$a9 zqdyY`s_daQ-RpRP@R_NLCr^GvQ=dArWzXdlU~Yy5sHwvnn*G}*bJWjjOzn3or8~d9cbdN@DDP9~Xhpbp75}W#-WVE42U}p! zkBvVH1-|{i&gV%U3CEcdmXgwz`m7@2ERYbOs$qM_g78%sf3l&zsTb?R9dU@Kd3HwH1>S_M%>D*8Z6hL1;6IxMSGMw0l^JiFm&ncBnkr)T1@HLHm$16P zVy&jWwHsY7zWb!-Rg8Th4>kaLC^Jj(HT~^jirscG0VUoKqYt_QRKMRz;wZ+uM$IV$ zd|A-H4n7~|42x8cZDG39IY0TLeG0Ouo$EEL<2p2|+ip=KZET)%82KNhkF`C7X zg0&ye0OjQ7Hh-aLm?f_ubov=7_R285r^Y=8-dScgQEQqz@;k)-%Vxt&<sm4H)CEPK-J$oIsULv}r zYxi(=t|zm|ZkDCg2$&nN%O`v84}=m?yYsj~qbQi#ed*ecmYWIiryy|77(c1W2*2#zm|0S(|iU^AYTo5{Kqrb%Q5I z8j+4A$6m?zGCv$vpNRZTQFxCtO!HpM~=8slHyr--^(`!lX07icT;46F^P!MCQtN!$|$1U?HUMi6q$zjKF@Jk}jlyqgUHq$!a- zMT!UcAC?jK-GU{M|Io#^s6Z&MdTzV*TP$icqR&528rp3V3kIXuK(Fl!16-@?<1Uq> zb_YVXktlYJ0)4ldZ(lp0uvTJk+u?xTnl-|<3YIO3bWjuJ%o#v+xp(lnS=cDL=Vf&@ z1p8gk&N;+I2MM!SNgZNo((oo}S?I6(CZczMYx#`kue~ttnJIIfy{D!(_)}Yx(4H{u z3Ah=X3!*nXEf)|)1O(_Cf#A!qPT%mlG%5oXu}2-n=#>9DK8A4uSj@6i$tDcI*tfW^ zzOufucRww9#US0H7r3KHq!+Vdj>LQ~&1460-dC%{U{7n?fz@NH;|)z=VstPNLogw1 z6&njBUd4vCOSvUWGo+?=H-xqqyWG3UDoVF`qnVxk#WBQ5v!BHD8Nz zVl_0{(-~rP3?54j9HL!i0J2*rGT_48Bcm80BN@oB@MXg^e>Q*+A3qo*o|ESSLE$L9 zJl);HzYO$3O$GPbY9HZmRH*=cg2;2}kI;inFQ|RA2;F(isgbIuz!K2Ar9UliLw!+S zv;(wEtuW}UJYNVt8M|bnX>H5Axqp!A2;1Loe!1r+b$5-#+8@Li7?3YO_q!zmyq%<8 zRpv%lf}BI`=rU2?;z*s4sjw#;>~n5cN?zj2A3v7}x#RpnN$lfqb=IrhGRb>lORE*B zu@entKF2+$cof1D?5;=rLs;({{gY-nO(D)%wri3G9I9&HO!@}h2cjt~;AvxoT?11( zSc^PI#AH-r1si(a!{xpIK*p`?+0MrHOYy9@K3}!0>VB|14mpNdYt`ZrIcCAr zcnm2!nPpv8UUv9toCkqUk8-dIFuLHI-4S(MJHizL32W{u>GZU_mz%7i)qNpkD{$eT z^|q}UjQ24@rV_w7;N}LPQ>v!QF(kukz&L_+JLoSQT`ZLo|0at&$nFhp$dzeh5)5cx zJgG6mcn`6?g*wS4#+#e-S#5^6(kIWU;RezC9JA+_H9h?Ngfr{=84`>(0LRyvW`x;jG~N6rGm);?#?C=<`!?m&Kkg2R`)&-)caF{5s7lFF=6Aj5}$)(YV(&YTv^|}jDqMwqaTCr zshQhkKFVs)e`v9b;e&k@je#zHabM7(L#QE!wyx)Ni;cPa0tl~&tRimvXS1&E>^SIv zqxvi960KE^I_sWW{*oLR;~3ohJrXPBxL|Ot5aDvlyKkL>O=2bc6|_qzVTapOFk_kH zEU65pqVrnE%k1Z3hHL*G#vSX7S(?rm9usJ(spl+F!T3HaW=U#`88c23K7qGh1v!FN z)2o&C7fXX06Z)e4(dFWTxaq#&m4e;oiAaN;s9zEAhf#tMZqi|qdtBw0IWyDqL~zFD z0Bxklt-a@_9J<*kYyGbMKl`k07Lb*ly#>;Dpo`bvEZ3K#Kv^xj=zk>x>dE0Vero7P za3w2lesWP^+A`Vsx9xu(6y$OSv`NF2$)q;19R+C~{xYq>0u>WtsIoxuoF_}eK$ynD zA_uX$K=FR`!2TLk8F>Hqh{Ri0*}r7Gyg`^DFxGo9^Pl5Y*sJ~q8N5i8(8?iDlbM(a0QqS zYP$m~icqVHi{)G%@u)ix>88zU)2r^x6t=GC4=jln8C5b)Ex_k$?#kw5jKp^uG-G*w z+hd9WMIG+y*0)u+dK_(sYC1lKv5VSEcuRuf-HD>^e;Z1Q)HiWbR{Cqt^NQRw`d34$ zykg7}8Fm_1q1P#Z=_P_kTh!T;QG%~}ksGSx0O%ntpkRnEBt+h&j3Os!=Eddc|hX%ov!;5Q2>+O{^7ILT}CH}cuD z&e~x5u$w2+L^74~$_p{R|80DsaY|EP>G|9FpysMR$LY2NIYUMU2nl)EjUs?m`yN$+ z4js>aTuEnBEOswa%wAA5nz2tR+$$_I{T+iSBu1s!=Voku5J9wzWNLdj>0HVMKIEZiw1J?BNa0PBWr}Dsq$g?W>Y3 z-l29>rPsU)x2BB->IRJE=-P<>@V!RAcrlZ*iP4?T{E;6<0U1U?zImRIdfrE=1OFkp zyMT{g$mHTuC_9ezAnspc{5<|Tl-KLp!tK2}lmB|(@x4LjH~Zz=VKC;AzH9%c?{ijK zD7%;2>S|FKECD+v(YDf&eLf@rp6A!Q#}6${nN}?PUCZ+IeUnp4xU0GVp-zv+aaJIf-bMXqcuGNeRZSvGc!PKfA-y;`m zNEtTGA^fRF_^*DkNT-Cgg_8F|!;_Xa(7hp}iZ3WRhQQ2$t7Ug>7Wmy;3NJ$m={v-} zpNTL-S1le|Fv4KLvJ*nqv=p$Z?fO`0yIXe4*gxKdxmX0)SoTX%96VcAeo_+c=|9OL z!x!w2y{6RGw#Kn@3JiZ$E*Z2DP3Jh?b@>BLb~hFYfdkQ`99c^L-h_~IblfEsIr_LT zogZ?tT$S2DGkx|`4`I7!+(6St8E;JWAEkI^c;ZG{i7!EwPuA2-CQfA|`0QEdYix!@ zY#sfCJGU_ZXigz}qTi74`%VaMb9w3n4eR)k4TNWxCvKwuFV%#FD!zo!J=Ta;*s`-D z{7+92?_2QLlqGHL<=OK1iR*v*FoN?MF1zdg<^k2*K;&0DSr<8T*4G zZzwCpwM4+}@W+w$KZ=jx2i07TW4Uw8qZ{epwW zA>D5SF_X_vZwrt?St{=nlycD51t8DFjzcll2)-zqJ(-%<8VwbHwiB5InW%gJYo{wU=4AHy41$AZY+2)VVa?rVx9H}S03_S z1U{05-;&ADZb=x&W^3G={-RLdXuzOL=6;wa@L7zC?-w36D(^arz8oei{Yj+>idBRR zDLhUYW3phG44e+x${5!wiuXhHqmA<&d&Ab$ThJ)%ieE9{)P942;!XE4nHMusEMoO@ z$eJ5P`E#9JWBEiNcgYmpTVS!_xU%W7rG3+q;(>l=vAu9W7B8HEd!w@NE*)a4ccAMV z+{$Cn{BhBBc^=H%D#KXOQkiNnMN@*nT#GN$iC{pwMx`6Ao@G4JPKF%(A3w;Phl78n zWa6GO^_KlweVaHTvri~1@XJxDckcz7$TMaH)lO+#^+l{PB86^PrLKG**E(`$)=O67Kt{^Jsl`_F7%% zz^zHXc$YEobNUJ2GRGJc?0&I;5?Sn&!25n0Wc>&@FCYS$N6JoQODvymwnDRPyPmuL z9?L3H;l0IanP|ebxCJ3dYmP>61uBjn5y7VKQv_o^$!z`P8x#`u>Fe>^Vp-xYh~GCagF*bS zkwjZHVM>*4CraHk`n6>A&$f?Kx>szy?95Ac)0baEUtge_HS&{+CAw2kt3)CN5|9wG z*LeQgulSP!X&N7f(|9P8Jq`9d=xIZJ<5szpTlMJ90ZWv!XxXG)KT-gDz~m~6momhz z@Fg9t?(4hT@Ki$ZJmsce9qO))8G|k#4ewYGwy~|8h1Z7QzB(CzGRF%_2Tr07-|Frf zCrj1*@S?wpVBmubIuGf(95=gZ9bYMFlsPz*nlVh4kIj4>@V z=S`a7Xc6~KSrbnjSIBA%q=Pq?G1E1ya|3bsMSNqp$7Hx&VTHe zLf=Pv81X|p&6q%%PTOzdNCR-(xU_5Tp*#QaNR4ye6tDaen{#p|Qu1Fgs)a5pHFlmF zu&H=Q031?Qm%#V+Wq}QuLsC1~TO;$6BlbE5DKPgH-9YRlA!^s8?rrUWegh3HYurN& z?omC}rCBe%D;c#?lPW&Vd~Y!|v9FM~2?YO#?0;L%PRT@bHEU0|t@c}5x(Tl*q3$A& zexk-;lHWq$AQ1^5DYBfGdDB=814;xiNdA@wzL(E=&)6EcW@+4WV=+E;FAJ*<6WPRU z)L*b|z*t~uRx;^!(VqN#o*S~Y^A%$#p&;?EIHziE0_h-lk-&92~U_k=14Wp?|&k z!1cVcoIrH!?)e0TB!?Z6UT==4JxTTpT{${h$_w6;2(bH<9eZyagFYxJDJdo|Fj=A` zb3rw9`R4j80Wtd+y=Kj_xqHUpH@(E|0f&x;9rvMPe@T_czuoIFm+!dYX@Rc`+7QJR zA153oegRv1fGGNpD^p4B`n@qe-yxbeFom2 zviRHI$kXAML%n0dZ-15DAocHmzQec>h=v72Ck9)En+|yHFFFL#SksxiczI=DcY(8W zO;I7C*oL=gCVS{ONVLp1l@0p-KMR0%g;20&$|)yE&aNcY94k@UP2ZxWJ81%4j@r0~ z0>?`&ds*{8Y;bzo#bA0>d}97;jAkhKkYpEFr3QU??zi70jNN}BHRcY>1WFh@aYU>k zRmlenLf5VP^njL7^cf6cqIKHdeISai{Zg5Nab(gqT9_!j+h(qa@t1K(r}M@Ij6b6V7d})8@o$;GFLc=H_%8hUf`< z5F1<_AD-dAA(D0nVpAa;e#2~k*@`LtmI%@3b>`LXOLYrW0V7+Vh!+2}wjTO0Q7h?_ zgit=)t@74BmuxFFJ3anT!KQlL==5OeC0UMqy7Bz;FBb+^7Y1X;Gkt1sXU8Z7tpfTi z4eVacM~?N?(Pdigg+%aDqPHU49;@V8MrtGzxk1<_FB%9gnvl}?U}-YF&9A-!T~>+- zGor0#OC^J8p?zxZNw&Ydxtg&V&u2C917$4bCwAyizi&p&@#zwF4N8fDuCDaH736ZF z-YE96wIu`>@C<1a40+;=^I-`j&0OP3Wxrjhin%8+ZJbXOtA+Nz$9|2gc(6X#fua1l5pRnc zMcfE7#7_{ozO}`6Z5EEI1zR~Y29ldJ^b&VJjl7`yvJH09QG*)g4c6LdGX zpJ)5EmBC|d#)8hKWd243S%*It$5TnUN&5GWbZ+YNfze9(5G%sO=Ah;V)v;lDK8ec% z+rG`@aZ-J%zI(?Wo_*w3DtW;tIM$%vZZX4HHa6c#W`hCqt3!Rt)iwvdc7mpJ3oU)> z;ye@jED)s^HvVtB7%wO_=F|6B${KIQLZT9gTvgjKJ|N%rq z9mc{Ui>COD7*d)>W!qA6nYc)_r5R*f)9w4WJv~7vr$7)gn70`c4gk}PxB!bLU^Ff* z#g>B@d>}GY!cuYb1>!p+@Mm38Df6JzUjzsAY2_`TKB70mf!_|Y5#}>xt4(jvYyLX4W)_rXSfJD5tgiFhOsUHmKel~YiY8MY_ zfn&Z`e~4c;&mRlSX-fSEicv^lZG*<(cXl%?FnaEB8mcuK{W=_yCyJnYs*o`(#9c2+ zpmyv`+IplI7FWC$pPSCgcd5S9iQ7r4i|mTXceQZ>m;{86=#}_%UI@8JSq)q5@Q0}p zGy)qEV)9twkl4m4qu3gh*@Lc(RJrlIYxj_aF0|(;4CbR~ZVlKU$yXt`q2O!Zse#F5 zB7RM@Nm4v5&pjPSt*s49lM>LTNuYn67AZF}Yw^+^?lLr#VRO~R1`tlr(Vhz{;BEwue{x7IHctxeYTV|h*fNQh2+}Z5s zVBIzu39^!&Ypb%QBdIrAp}apk1JM4W`E0%QpyxT;>Sy*zhvCCcPEZ&v6EhWwOg)Y1 zm!p6DlO6A9>y3Z^WVpeKl43N~_^O#}ey!D-0?9NM)Pzk_pHj4#JCSlQU%!fGZt_#n zk;K6T{gw4<$u|aw3T*=dQR}I-s#dxEvbq$4%L%V6IouIMGoTa0457l>(u1A+>+z}j zZp}`w{|9{Aj?YE(yG4Ss@YBC>E;9*dbmgUl7Y#L$bkjX_l+r0i0(I6w5k?qJ^sz&G z_7;-trcUPAc$`ZGB3SZCkkS6x z?BU(7@cfx<9>PML!yN(M9uSlxPxrxA!BBpU&1^3c;F13bxPtL?T?xpz+3xa$1uo{N zT#T9Yx3nG2{kfcjsKd`@fn$w$c6TMj8~gJW>Kb$>ng0va2{!HqJfC4MdgWhOii*paf?*P36Cxfs&jF0pQf)O+aWoa%~E7 zn8CC$btSO`LDx7qI5>IC5Hx7v6Lwo@5pjm^bCv+o4| zY&o-c^n?Cx+{Xt?Q?)Aug)O1`VBY7-I`-}o3BaAw-|Ka1mYsV?!$R7R=i2?zk$f~K zvEzpdJbJ&VM+H$dDc#62zRznTv8DO%xcC8B8{o$EoIt=@SVAjO&&OEAgzhzKtC&?S zVpzLx=A5`P;lTSiOWn_nK8qfHPdX@QL~exr61YBd=zHcVcm)!Bd1j;0SNpb5PDh5B zp9&hZS7#eQ{gi7JyqK7yu+5CkqX#a3$Q^gOQGc%T07Ac|>>Z%&!vhENCiXRm{s4SG z_-~?PYm0b=b+F&mhztXc6p~&=^~EGe<^^PWDoNW@mZx^0E6hs;ejbqSR>=5-(j1#p zWSqXyj<}iX(mhRdVskcPIuuoXSeiFK|8^U?UScqk_dx$>7CcRJLwZSWY)3A8z_tR(QRru99v4b_pU$;*0}oIWbD`JV3d+DXlz)d9tcnnHqq zgBhjG3VqluX~9o3Tf-#=0SsoN!iQ1*SYsQ}Wjo6dxIcFGC%IZ3ZS;a_SP`2Atz-P% z7v4-b+{T?4Uhq=lxnQPNKD!NoAg4nsT4|w`vEI->rXZxt8Yl@}KI9F1=;p zYd|YSjUoCm0p0(qDo@euv*tq2N#R^Dj4;hRvZ~YVBe7)K>I{tWnL9_RUz?()KQGbXvQ)0U|-4A0tS>iD+M-isdVq0nt-SHayrYG4LU`174zU2meY)uW}w8mj302|P~cDWcjA_%XyW z&(8klM?>piQdmJW#)LragU{D1MC9t)## z5*JD*KwUg6Hx#qqYj>8g55I}4HJ0<@2D#1c)$ZVV=u$>?U9_{4EEg?YWV0bZ7inz> zzjM{`k(GZK!^d10{F`hk_4Y}%Qr;EhFy808kwP;zA~zu;=tgW@OLNLi1gRYvG`lHL zCiNln^=f(r$R;RjJgF@ zyp=0utZ4F#&vrE@3>&3xwH6b_;VPw_g@8XnBXd4KR}7qj=}Ufg$5aUp<1ceD+fEt< zG=>5sdI4~lEdgIX$<2i#!{|hQ;kYz0?BHxddSn+=322vK=c4+RkRb-PJ!l+%o*nJ+1pNR- zyUW;wI*yIx-+ix`_$MzG@NVyh{h)Th^Rvss(LN?MdrfxVSKBP!M?BF%EuTTOJGHEq9^)+28oDPhvQ5$ zQx-924*}7DU>=|kA4OMZKxOym&TY`u&#b>%wN!-Q>;i+RI1#YlLdd~Kp+5M(#U0qG z@*6OO>WhU;Cdx^`qE;jy9B@~uZ?%wqWC$d#)-t)P#va+B=52p(y03EKLsrrK1-2B1 z2A2%9U1Ld3CdX7knP&RBk!NPS5TYTw{+xv#Q8XE!I=PhRMj~B{Tlw!l^pAf9w)-T) z>mI>n`2Ez~w*f~mONyZxjMszq;!55vaOrHu0;cXBh(}bm^rJ`!{>Mmm_part=#>et zgS^n^H@(fmqGG#na9r+w9xu-v0MDDiK=Tw!7n9#h?STW!ad1CbmEX7_`?#3*Te^x( znX!boD2dmFqm03{maJQgYzF1$oU~~%g_NcC$kUZa#ngw_k4Hcqr3QYps-U%h)nD}< zf7RgJs-7ieD>(lmArU%x#J`Z=61w+75cAlCgnA8j=aL2uq5ncJ-MINa6u(R0d11j& z1mCKhMmcn1L&`Up=wX&m( z&F5N2;c2zF>0uNXl1i8vMpP=XsAFO(OQNvip^cV>r@&z`p$kcfiCd5fxx)YlL4S(= z@(m3)hr+R+WN`+J`R2l$gDG>1=%cGuj%i!wnm2{FfVT4(DtbD>ViB0uz}z20yLB!u zy(4gO&qy7+cpMK#;|mQt97n>19bY#3d@GA1YkK5I=fuFy|7w9)9`qh%d;rIv*9Uei zIPxUb4s!JNI{k1D5LX^KAMG!9Wk#oEcwGQQ3?X4R0!<2L4JAvgBI87Jb4=d4j~Kg~ zTAC+y?7YAWY#c%Z>(WM5JYj$L9{xgN31(9o^Vqekps{Q9mhSH2>&BE-AJxo~ZT-3p zTc4jE@9D`!1HaY+{Zo2#Q+2e?Rsb3%{7QOi(opCy zo6*5m^R1ZKDh9+uK{UF&7bSSjTqdIlfBy{(#_@ovJ>}*Ycc!w@T8@q#X)Mu(bvEBE zu_Nov*0meNQ(Bsrs6Wo{k)I1p(3yXD4GK02;-pte7v;1`R&@!UrDowzX}0Q8XJa;# zt>B>7tecHuB=g&!7TV+7{5S9y1046%iY2ZZAg7bdC7?VA9GV`idGKQa8<>R#;MrJ` zRAeI}FHc-tSnIYqw7m4b^dwf5w^_2B_b5+-8Sc$}{7K-yZumDK_t&0)D=h3uZhYIe zG$#Ws{8jzu&Sb^YQO|ic@q1Y>^-N0OlF81?(c0cgwMH$0dUN%ps{@=$`T=j%&R~E4 z^8M3bg{|5YbsYE=%4nPYRzzfd2+hU-V|}+v`0P-NP7hjopY7EPI-@6_%?m#JBhxR20v;vQ;iHlX&Isu2HVDq$Gc`c>RH4cO< z{>BS~3-7fSjSJ&=k2^?3EHFH6I4+UE#;jRUzfM8l=dcqr=ez-t8E9n^exIQF%^yNf zW;|$nn-?sp6iZsI|2|;%wI5IV@th*?K7-euE!?PY0M>prmq9xKL`DL$whAxoaIZP#Bb;&PM&u{?98$ZDpgDn&rxYp5TMZT;#(3caMl zAlbELS-7a}@nR$JP_Xh9XIYAInRKid^k(G~?}{MAVzJWNk@_#J7&-loAVZ}iGCbI- zp9E*Kh;)V;W*BbtaG9L8tW+s({jTpxx6gg^AL&;}J?<3;KdF|9nwdFuQVZYl=T8Ix zUZ@<2)v(Vcb$HcRVED|l)4izNs!J>hAS8f1%0rJHf z%D$I#IoBF<8`o}!Zj}HACyMBmJIhB^viU$#+cz~4k$wxO6UF`SYeaCyY;t;CYzq_L z{%cD=Kq4^za3Bvs5~Fmw?l{@3ZQHSd3x`Wg90`lWEf!831bcNAaDmyav6lBOqUW$t}3ZS(7>g{=Da=|R0^OrPb|Ehoe<;k;c< zc8sI}xJng$wUwf^u7+epM&rJe0S6!>zcpZP`g{bLdjrCCx^35lMWQcsNUIh9L(@67 z$JM@FJXX^*M&r9Nnu(2ujcs#cJDJ#Q8{4*R+qP}{nf#CAc{Lwk_TJZZu5+#RdoE~E z{zJqbpG{0>f=q{8T%YJcV!i^&n2DGy65dF$;KdjuHXL+W+wqjr!KsOH28Y(4CBc;- z?43h{HQCr2oIMKJ^5aRI?b}X$-NSEu$k=IPah= zdNEWDqcztQU#xED*bP_lVOpv1+Z5Kh2tv^Ji$8+mEe_*REjm5{qwTlaMK_p!5V&G? z=Bpe$E(^h|Mp0WmWFOi~M2?&AupgTsB5SVO0_97? zE#LO^aQl_H)cI$BvE%a{EHTbcpsZi#pqk^W0^3F1d%gBu=(U?C?qyZKr(X}=xCZLi zB*z}L+3AQr%(KE)>%6ZWXEZgs=hf@2f-o3(1cOC>-w!PiNWia(xr5_ zi!1)le+3m`ZqO0^YbAA@tGA_Q;ZM=~Ydyk~e`j>d(Ix0LDm>krK~k68Op{LEtS-o3 z)eH!*r~#vUsDe?z$W=3`u78TxMCyMeHivzEeIq|%%j{U;eRs(LTSyL(?o2wOJGw0fPsof?^V##sMDWWOqvqA~KepvGrE9eiE zNORJ&^k01Bk*9w+O7grwJ>AC-FZ}rOMtJP|G=U9=;FDx*yjt;@7T8pdbyTHx!jcYo z);eo%s@(3Tk@`LglWF%Irt|aQsVmcL2x3Wpa=>jxKp}(%SZ%7_b8d-^w-UOeM1M#R z-|(4S`Fd0g>`YjBc|p#cG;X)(yC@K+0$X=BFQ&&4_Hm$Zzr1zg-ooa7n(e!E zmM!L&UDDZ94@89oV~xm?=GDQ1xBii_5cbAPrXa^)Qv{0|%5GN*Q0`oY2%eUoEsvH< z5uWps4duA^zw7(`Tu`QWQ<-G7NFgj%8B2~breceQVuqB|1_sL6voJKmuPb3fAXRYA zmV9pq*&IJw2CphK6Ae%WHw5mubQ0&SQ4x2N42c~b<3UWI8RVO@xB|EpJA=Iso@?6QNBH#gBAqZ;kcaai{5e%|q~&im?hG~I$p zjI?6V%e8czp-O^4A}+Dwi~*bd8@&I(ltj5+-R|~=zP$+n1-2$H?)4`SkG*I=zyd}T zsO1Ll^UGY?M%U)mTxJ$tfGTil-*)Q~TuG>73*}o}$ZSIepMy==5e&=<^ zT!kS1;B`Tkf5`qEUM+_wqLvJP+LtJnJGY=<-EQbX*D)E$eH=QV2=^DBwlt^EYxh^& zO#Z_!*ne=tNAW-NVxv5QQR^Xn z4{$tBFD|6cT;aSp6DJ50HbJGuwsc6p?1V@w0u6D$jz4dk|8{li*CqRbkY%w8x2L)YdsF%u{xf4$$Vm%msbNvwU7E#U6a$oApA(ULB{imclB7gqT91JG zdAcn&Ybc1ELq)$YEzZB!^?y7Qju1LjlYs>|)jrbha6*#d-ro+S#|_>u4QIsfTf~Aj zAj+NzR7V)5=lC^2*$c8L7HnVu#;^#g2*+y<|MQQRPZv{Izi%+}5@1iugOIqydiQ9+ zkXN_ZY%_w79GmnpiT1Lcq@8?^dAybXpctiwI+#mQ7Y3=Has#1dVdLZdftYoiprDq) z@4VAz0yrD=e%1c#?NtoiFW0L2uM$&aYC*V-y5(0@Oa-V8E1G}mUWurFOUfJ9C8F(( z@MaBy_(td3KJIiO!-lkm#drr*{2BR@J~zK+jZU4atl(iJhr!mZ$FsB`CoWFJbnSaM61{_WAbj2G7;HLi zf8Mqgd#m(wh62pW=Y=C75~~$&FP(%&PSYC=9?b+ROwoy{k(XtbAjm`|=QXEd(^dXF zxIQrRIk|C4%0#GxTsxUAJSqZy&2eT`VpRK%j!=&qz~e4@>ioinMNt2A`5|}h}bl(3(%}oZn9B? zM>~@xJ0Xo0U!Eh{@rN}R-NAIOCp8Nfx3s~Df$vVDm6`O5S&;8<9OncD>Fc4-!ft$C z$gUlik}Rl)6(6q?AGM#1aIG2LvWv+Dhw0$!+N3FWadDQ?#1iv_O7o|haVC#*k@(lW zHl#D9O2(<(QWiG@a!xo!)JJnsZi~8qap>iaPmfnqk@YHoekKGSB9l&O%MJg3f6Fvw8C={dCw5Ng;%Ti(B6gJg%--p)6A!w$IxEH zM&22Tm}1O7T*{OXgTjm%Is(WgB_#&qI+V&ZhU?ADcebbSes*#PP}(BrjMXu(q8gPO z`|E$EvV}%8tnNs*9Uu|x$CVU`fwjMZ3*Q>|;x$ieGTtl;`6KWyo^1BBqr&Tu2UyP> zQip$1ZpM4`OH=w@x1qEP4K`|0fxdWY$z_gf-9&L>LKN@}f?x9*y|Oi_7`coK20M14to{KEBIGj>VVpYNf``(96Ef9gw3*=}N# zfaEwPG_0j6;7w=Tii)}KAMNhB<6u6-K(o4<8Vr>JZk}Opc|)*pjpOw2v$bDZHqoxE zxaw~D$6d>o_fvwmI_(G*}bXr2r4h2F6bW!qMg?23s zg4=ty#dr&N*Yht)o*mS1FE65qXFfW?Xb&LF#UH?1@KYv+fOpITxUm(p`k`tvw3_R0 z!A|6r#M)uTtA4$n%kFX$zd@d@aC4`k-n;sLI2wOl>bfbu@fW$1z# znd37DJ-w=b%;qQeMe_~)>v*B433gs~o@!V(>X25Vpi8&W5S?)sX$cGnI(9A;r^gh7 zfi^$X2`tn28@1G8?{8lGy(nnMlp@@a@RzjCIKE)(Eh1Brt9_$-nHARoxcOn8-KCVM zVzSG?Sqp@T7$_(Vvla~A^Pjf!saLZmr&A@-2}u#Bse*yRvfAa$kVnj1uGs!ncKM$F zv};8B?j`oFm(yz_599tJWZyfMs$=Y-F(%KU5i|%i5xs=ag4o2E{`M?uu@o4+q1%Kz zEhUM+k!7iUuX`b?9m3JktGbzB?OwUp(C8Hp5VJauX*V@P^K85QG5RF}IoRW{m!5Bw zmPiE4g9!ne=fTT`LX~hvK9gYB66?H?;;gO$R0aYQNLaVG-QJ3rCteRt_u_x=Z`NaB zdYOoF7@dw{p$4NSmQ*c7IXBq~=(MLqHdF1?+_hMUsml{N`1{UZ_@0a~bnx6#g3fNR zSd+r-!WyKFe#Dy>YfLF6>aro0x!8=_6T8;1s#H{qs!QZlA6!Te6Z$Ag*qy7yS2QNF z7&a3nFC$7}mSK;m>58-jAU)j9zw56g{t@?y{kM&djlsk}G!oOq^(%`Fy~>^^KG9Oi ze#p{YP6M{&<0<0aIw<~2M%}4u<#S$^(%_I`XBuG;KMCvKiRH~!puoAyjl9yniDY+HI4om1ob_vks z!46Y9_4WL0{o-}V4H|EqthmK$!O3_#1&*cZ$|0+a0c8CAIr*~ z#MYfC?(T+NC<7c--r{91z~*fPpRwm>zh^W$#FTkr_)|eBQ2v)_H=0fbIfgpgb8MVa z;!)N6gH7G~8MpCqMS(KC;BUBIw)XgozuH+;4M8UC#L81Z5bJe9PLmc}Kws{Bai4`} zt~V7z*ImT+X0=3#4P94!7L4#aHMt6dvchw}d-}`j!GEaPY+MK?j%2gmzR^=oU~#P( z?sI*^s$Eq}%f$Pud+Q;jvkZHu?Fby=;uAf{VJW&lAxIq(IMi^_RZv(TsDFuuyV|8% zSkM?+>G_Y~Xhw8nEn-Ot>pJV$WE!kD4+I>iPIJ0#{G@FaqhY6AuwYg02PXkomuLrD z0fq6^45491g77eOK&iB(15Yp&blF1ZCb@H$B;<*^7RRJ;&Z}aEBa??Gjp_apces4> zMCYMd46*RkU>Y08(#&7irP(W-*P9rp7J~vu-*T&(*akXZKvgG* za>NpdpGaH8EC}sH5uZJvNXF|I7zt@v?2B*RNa{+o_d*iM8Pk5jl1ah|dkshLTlkY# zj`~Fs7c=mmVeM)O12gxI)W}B7!2Mv7CQVF@9o{neKsZxOqC(GwBOx%xTaYH_>zOG< zZlF@cUg_V`C5AhCUe(*pqd*;F`ewSBsA_EBjK*x-83~d&FlY88Bpy2hV&;!>B9Ucs)!jiv?XH zFZ@-E36GHl5!kIa$l;d>mN}}GmeWb08l}13895D(Du$<|Y7FA2V{(Lwdpz4_XJt&H zSG5zs@nBM%1*asj{C@m+bqBw^3NLP^a%r}_|5AQymX&h2EdR1Je?Vo}2$)qv_OXTU zIYy=d(XNC~4gffQB2Rx10Jw6;zV`G~DiKp*Zyyz8Sf8Tnv;S_RBF>6#zP-N>Vkv)1 zY5+3cPI=Zt^7u{a{rEjUi(c?x#Nkj4J`zR#Q@=k{tLgK*0jP1+ImOVe2Pk zaESyv{~5rf;xDzhTuc$aEDo@RE$L(-){4Q%j#$~B^NeA-i;(y&%hZ%X^G;t)3^zH+ z`x@=(<@1<9Yk=q^bdGDe!WO{184T((SMz89uY5!8tRi}K8SWahxpP{GhxuT!f-GL? zgE$~U@{3qT$!~F~v-OxiavU{W9*ubu9~Xy;&wmMVfqFXc*9j~B-}rC?=o1Oow@w!j zwCLbEk)6JKj)Lb~k^3_nZ*ENZnn04@yoJzEWea~TjuBlwx}|RqDgm3IQ9nosnJ(Td zBEpH_xGU245HDlP>4n%f!-1$vN!?tIUd#PER@=k+rcZmBpmz5vXGL8Yk_`^rEB7N< zS;rwDzA8g4`NO#4_NNo(4SfyvT4Q!r)jVd}Ra`=ZB}Zhrms7UkRZ>T9?4?1y4P1cW z23vu7%RATNEpMRdAaze`R@8exD5}7nYQ|Yn5_|Su6~HUr6|Fnp(FM0;dNGxqpUg+` zs{w`mN4xM)axuF2RI%T<5O}h75Os_^xa|hpXk(^V(ZQ#*D9oDw=P8}ut~Si7PmnL% z3uqiwNUdHtP#*tM(QesgfbpC+D{{i5 zKozRLN}VXkf_H}o^Rsq z0pZI}h-bHb_^Cd9!%n*;E>YC!C~yl|Qq@+{ON-Y=6!Y5`|46ytO)CvH-}4LgMf$uUqmrN!^a?xQbNuPQ8e8ZW|^O-ZJ_fRSg>TssEa$ z1yNG3f96Q4IQz3h&>Ibxj>GZ0m(5L6pWrd9SR?v7xeZ(Q4z#p$KPPjpOQFiFcD-5`9ywskoIxPXm$bvpk zL(SR4xRd!Z|AkOX#1=0Yx-z8hkk8HXI)Ee_25;y$xsAXiFPY-D;YC%)%LjU6kZt z*}=ciW5K{3%koTIU0q$4{XMrjuICcF-*q{FkVqEOv4Cv zT;KTml6TsV!)xR)eS?KI_>BsO=YPHQSGOF|VI(H~Hg~2Dzw(!v(0>|cf%IXlBCCRz zs*I*;HG1_vFquE>zs42xo6+6IYV zF#u2PJ%fv#fYobvroa?z3!U*^A}|43U#k|0wQS+cvLjmZy7i*{MQ}cirX=m|z7-Xr z6TijZhr#*r=CHMrQNWui_?ZI)E=NM!mzxbZa+yxrfymf-Wlyu_>|Q0ao)JEdQGH_w zuUIpfn@aodIs0hYO7l<-v*RjXYF-ATJdfML*p6kW_fCERISokPz=!d-XZpIV=Qc)<#++6jVzq9I zkUHb)^&)APOgaatX{7lO1?!ec?hKOQr5nMOQP#82EoqxRk#+`a5Q29j#K@-3Rp#3zU^bE7Tjc?Je zwtn&d@_1pQ3GV{4gN!9LyU_9OJ}Wg${8hG2V3{J= zmUq^tDg59kLcRGfz=HGlOoM8Z*;K-suv%XGjt8&si$$xsb-&kfsW1uJ(h0~Y^*+@2 zmI>%R5Y+^V%6qzz`WD;v{mb;_P>4wZ*&|#ZSrySWBGF_C-!Chr3~hTkP^}Ksi!_FZo%u+r*nrG&XPbKc@+?QOV9XDG64USi!Mb7hY_ z#zIgTHh21jdgUpqBYH}|Yy|R^m^qavMy~wP^4uGdrlrxz@Cup$o;9tybn z*xCntG@>H>*yE=Dp71~ZvAuq>UiLkG_-){Sm;@B&&DX$)Z_j>wq%a7RLtdFY#2K-H zH9v+aL0J%nscfEL@c_Z;LED=68LAur5%XyXB7Mg>Pu9dn=u1^6pp)34`irM0fgEYO| zgSzr-D1#8Nx4_5aFyR?tPTonVUUy@yc;j_!L#yb;3-S1p|Fze9p73k5c@-IBrETHz zzteP)wZlbuF~UBhM!|u2oVG)egJVy>04T?^t=nC(d{X*XDO)q`GVweG#eA*)McAd> zv=Wl472(AoNsYfTo^lE9g_s|7F;eP+S3U-N5{u3}lSb=Nz~X~afqZzCCB?ey;a?}9 z1&>_*?92$#c>W-LKI*3Zi7zt{fBIh9 zMoc|zu%`p<_^d_PQ}=z$DSMP^qN&fv`&+Dp_YW8Y{@<2@{nR%&n-2LIpr2pAao-kX z+hTUjHOO42Q6Op8r=RfsS3nyUsjmLWB&QImp;ER|n0nG$M&c|ga|RXSS;K!6o^%|X zX!<>UcBc9C?K7*kWl+_q0rj7bSXF>{@dY-YV7>=D3AI1BVdIaLpbXG0@SH=y2k4Lqm?5ZG93<9e=u+JxpN-Exh2NW(l8=ms>rCv- zwS_1(nW;dXIjQJa4@uhhOYG>eVbL*(Bmw55a-hM!{wu%2xh^1r$%A)Ic;Ha1 zUoe}G3t{3QfqQJ%=;~;|kl`RDo56XB3IttfdVjc&Pl`#LeGXaCk?v~n!2+$9iz zS!k^%AxGbRQQ4RAcctHu@8+tS`@4{ZgC;dpj4!T(-K)q))kSF z;%(Td%vn3#bsp?#DLip9sE21Y%Xbt#;EVMoYTsVd=oqJPnedj=HYwRAZxN%(Zu{QW zmmXofC$F^iYBWjDkcPA>WBZ^%YK4JI;>>MHT({25rv3_>5I`u6E$#5n8EckA4b9o( z4yefw^Ai{28Q%oXCrO_jMbLf8I6>W;Ur1zDK??c8&YH6G_ou>A7bDBZxjVt@1W_2w ztey)UJK+$}gRqYReG47@@bP?iBDA&Yq0wR?^(~v4y+Y%DBfAH8%5zlyH*m&2R zgB8MbK?Ubop3Se_xudCv_SF^qNx^+y!-2y6CQ#6x@W*W=BjWVKuJ#`lcGnS)E42cd55B*2%Q90Tx!XVEDX~hu3Mb&yhonunM9%Vc)fQ9V z&kdSoj!5dShcCb+mz3S72ZXg9t)RH%d-VEvuaKWVkO`1J%}sKZm~AsM$i21PiI~2} zSdf}`3?J9B1C}fIBVUu0+;bIv9@H^lR45nE{GzDcrq&1KBgW6wODpgEQL_1yP)cTCzCpsxd&#$_?9W5c4ek0Nb(N73L>|-%&&xGh1%VeN{Bba=(eW zv2|zk>&4l()T=A|S6*jQ$l*8eb8HF5&ms1<)S;yFo0WAFKa@G$^5i%G!2`}AXd)Y8 z01QL#1;G72Ai8u}nd6W6cAbwL6^QNJJ#fa}@igW`jI9T8xx?`VaVi5g)OVgw_!8oG z43|M8g=G|j0oXRH4M^ukS?0}&)zGN_n9GgZ`=;mD7}&-H>-I4g@9EmIx6PZqgk(d! zAXr|`tk5w!5-A}5u!b@x+Cjb(GtaJGr~S2PpQ6}#W)i8yOrPs#y6{M{y=NzZUoT}v zMfUqLi?ni?#$*gBeGrC&n=p4Hu2OY3?$z$v`cZhJ*VLwFZ`w+pv}6eNPzdf_sK8hL z1I~_msc=*1Ft+F?0xv-!Th(#E)lf1FH>=TqF_qEz1%fO}tTrfUbSgw5-{AhlKJi?K zW}p3qP9?mOm#iV7@l!P)WKd_+Z$n~cyv%1e&$vCDM7DAq-bm&XFKUr+!yG1>PI%71 zX}=7tce~l|Jbj5Gq^%f#B}U)}@B;b(-9ItAG4*Bpp1`tuDK9uKg4ptRl~^Jjo`%7F z-V2#yC(IUZQtWoF+3CbjV52#4^KIbK6rQ8!?8*My&e_8mRSpK&a)UC^^Vvuz7qO7y zH~^#^j=nxcK?dl27E=Td+n&A23Z6I(n3wcPBl11#h^*f7=OoHMg&}0M`Z0X0g0{p0Eg{BZU(|5v;p`Cj9dZEGq|f zZT4_lPb7rBF~{b)q;(JIY5i|;W z@e{X|l(P80+HQ-4x%KGYS!w!L&co-1?JIzcy&r>JKHmGx8Hl507q*?F=E#J#<^bMy z`*T6kQGnp~e3|B%F@uM?Uc?(=BE^J@3~s)EJ&AkQi=nQR<#H|cY0zZGy3PB~1DRXm zr}MQIcBQ_N^#wWc7{G~*BS3e8K)ob8z0;?B>RSX zGM1Slm3rE&gy%Y#}S*$iZnwu(I#{_u#fo|Ygf3Uo8U z^jI~xIHgZKeiI)T=c&iyyb9kQdfM_INg+jzji%*s#k&0M*FNgl?@Dy(F?L^C{0FqW zp7wypar9g&k^*#_AngqXs&McvJ=Flb3OT@BlWebSw8VGs3n3t#D~b73;M4vS-J^mf zCPv)~vq%7_*q9m2J%q@eYqB+XZ;HMg6VXd$Z2vZ!C~MLXHmky5slIWrZ2qJ5?zC16!iPT;6438p92 zCou{ju7s?4aZLoRyUcOoQ0?8Xe719R0($5g_74`&dR9UH6?GR^0{GZ}W;;-LE-)V( z7wfGw)mSd8W{a*-SU2A4k{qK}Y&v*7h1y$W+SlWS=zqA|fQJt+6E6>NW)=e*;*w+7 z6X`K^aVTE@ILl9DLwLc6NxoZ9;Fg|T@~JeSdo_@udUi>+zBfJlcjo%fdAc75%wd8A zJb#_5t65+t5!tyws85sp&HnOCt`m9$DP>ep8N z+eoEa6DKddS)=`*@sN}`SuqQJPouZzJ6s>pD#VqkU-CrJU!cF2qY2|CVjz>Ok)WE? z{aSRn>ce4JFlx;HlfajU`P-4uCd3xfuFSjuy}D+`NE7?aUA1*X=2(3BJX>XP8V^x| zDbt2Zt*N|)@cVyo)FD|gYo`In3|RjxjVrL~Evt7mH&8&8qD^E-LtNRj-?P%XXE7=M zDLbkFQnhZJt?KK7@MX=Q;>gh`_Ux1zLoMWsba|$hHNi!)p-5jH_6G+Cr-X!r`~|TN!&CwS z13qsRe+4*P8g;74Lz4^)4As#WhI>AJ<1|f=139K%2KIi^jAp-wP2^}35I&<=#|B0K zG2%%CPzLhk0J+p0=BpD^K8L@)3&0rTzn}0o|K+zHU|o80{f%XGQ=kDbp$l)8Nb;I& zK0l1SXiOWq>)AcA7r`S-jeX$d{f#;~&O-rw0A2tUrwDELbroN`33YBz0=L9a9U=c& z;F4OJKU$q!G=UH2q1FSbJB17XCrkdf?Kgo84%dw|*X>Z!P#2!DjR%(%I|`eAxPi~z zcK{uzwD!lx(*Bj2Rlb)er7JG%;uP7~hLb0_faCCCEgW*6Wdlu^H$9M{U*JS*VQ5+C zBJ;#4lGjwj_v}~N797pLs9o#69@`@&%e9R}p$c5&o>elQ(%K z9*i7)Dyj2fE`;VoZ2!EDI)wR#?4&9>GPHH~Is%Ru#}U{%Bmxct9KcvgOKqEf1q1q3 z>PN0x=?yRdIt2gG0O~RV`*xXk6U##VoI6DPDKgD?A#5e;7?^Bue}PeQ)y77WCpY2? z?ZOPkQLGfaIah7XUs-jhQX`LyYoijL3lXOB1hUfj83R8lmR)W7Q)D;~|MQ0EQ!<^0 zu@nvsgdhcGl<39>?KaTH+5^#k@J2T-sgfrco{A#HxD)9GrS}hwfHS7w=D$R5*JiLkVK-Q0qC^P7>~4fpMSzVesK+5P zUR1`_Lk4`Dt+%c0c9P9THrf8%Z-mn)hY2ptQokQ| zP4N*`nKeqO|F_Bo+zuvTAtW20@--kK9Io*{lk1mI9;&e?nfa~h>?s9hwKo5L1frwYmg@Wt(X$3jKH=$GFQdgx2jZg6KqkbiNRf?2)a%5o zo7uR}q(sfYxCS67WgsXp;b(sf<(MVMAI7Il7s87*X54M)uT4=&0$5fX#(9+t&vI2P z`o)ZeoqoyH_?{9*&YmId(vP$sb~5jAOwNR>q^YQJL3?hsI9Z}&eCLFZ1=5k-#w!~9 z52d)z{KqasK*}FV1xNG!4yRf@FUZ#JMjzGj)sC&NHkIJOJ6!&%%UvP)1jIB%hZw36 z`_zkxqvPy(+rzr;H^bRv_6RSSwNOZ$=_B2ad$j;SOIauPtp#`I02;7=^V6ki8#Kiy zhX?OIALag6%mOb$`*_e70%6tdAZ?4t^U)9CsCDL9bNWBER9w9%XwUapmkWRx6Om{8 z%|)<>cL(93PY}6+#wjLm@VGc>Y_chy+VKK9wgpm^QGS|$^jedPj^UM)nEJLiQFSd$ z**__YUEuhx7Y~8H^Fc}wHWhCXBjG~WsV5QjnQi|rA!~SN8g4_-tT63e?p{fl_DX7H zaNhz?g-!SP=~-NurPh%>b3vaa=P!h)o7=C`rHz;4QJYMl1bjX)V7Fr7wI7PBIETbE ztn%nT@W(B!7s8+Z^S2vfhnC(%*geB}_OmqzL&S0(3n`G4QBhsmFF?N`e^qv2FDYER zs@hac3O}qOwr%rjXbUeNcHdYR&Sc|7hIL!uiOWz#yKx_)F}U%*_sjBK>}4~kz!<4* zzC@raW{y|md+a1r9T_D&(_v*QZ{%A z>#N#R+;p%t0n&QnY{h*$;zFL}w*Z5~-efztNM2_O%FNzRZO8dgaD_Z)z}}uaPk(Qm zS^s-?ZQi#}pW*03C$|pJJGvGDn;lN$K&b!n6BeCP>*)8rXriFp>*D4I?p4*a`01wY z*mvHp5@$C-Cos=LO&2uX51xWe;O&y5?C+nFn4NOYb0-e$0INnZtSg#76CE|kV1|)J z31sVr*z}bRE@R=X)+)bHv5|I3Ty9>xj$cGj)qaK2zX0##LadK|#H3jN2R0&7BMU>9 zDJE)fKbiXpF&UIl&~8=e64eG_eKSicf1#kDVERuAG4Zk48J0PZNv5&(ONhC6KU1~v z#~+nxbZW5SwtL}}cwFnHtMe?V>x&%}iG&ZcftM}=4Q~+}jeyNfvWvR7FloYZjkvPc zuszc&-E$2wG6#_xvUN`)T8%fj4rRFl%mWWj94&Hvx2)pEimItvymJ1 zOy^!_PBAy-e|R6#MFm;vp*7-riQTG@&u%XQF9IsLSD8Pq+HB9@cLE6a=dY%zg#*6| zN;iaITP*qc&458t^)IUqmYZ8^D&x{;oy_@~IA?;tY4-PF0sNG;_-YJuRwH_&<>+0+ z2`-L`KJMLSX1ajMAGRfYp+&^P-3p**Hr3A-wUpWYy5tqiSVmX<=n%A!u*@9XL%8(j zoUai~86LoP{$b-D^!x9V41w4Dy7A##~!v-@&(EGL3(qfTJMQje@0=!`MgKQXf zt=#y`zRgpZByxqs2{kY=>o8Q%!Z;aFSvf5c^s!l0Eoyp?REO2Y#>%_tpzDj51fvn) zLT}E(a`%53g@huI8vS%M!;3r_L(rOa6$WLm2Lus6OO6meq%x zN){=}nC`kMf6?$U#pY4es5SjPejoMT((%$V^T}$am(a{w)0!2}X$%k)gh~6Kp&7eF zlGTNRojwq+I7^K7eG2b-)a4(-xH;#)Bdi`mjH%GTH9Q1A9m{yE^j|GNO(XWlaiejs zq`w*=N}>cLDqgPNfpC|eM5k&BUVhI<8ncf3eAE*0iL11NCi5S`?3ywy0UX8DloBfO zw<%@9TsgN}U7gDQhu%OheJ!7k$M6mWv$CUh#X~7T2Q)_mlE;G9j})xCzXgE_`5%tZ zIU5=ohtE}vK9>w)$XUc~9Y@~%@W{5@K6X29FO7@sAdlZSF9S3K18au77QpX&a^Fz; znVt4Ve@;XZatq3D7S(-y_u@W5+nWR7>JdC{IZ%Km8m_?F6HhAWDuA(DYw)F0D`KPe z@PmxN2V2~Mb7_GT&6;amqT|UPe@PKrIVD zCEKjYv!9Rd23OmxuJvb%(9^#e1EVi*p(k7=UV5swdth`g{;a5nyStW^W7r?we;`LJ z{me4l#OLdkWaC)%0LZaTMecyZVq~5(Gg-}|n-Byv9g&&j%Uui#G~9TNY|AB+{;&vP zMz)2!Yl$hQGLbBkXqhI6{I0}k>Ny?}0)u zn8SuxvI`J+mvNQ%rZU`M@y1R&AckHK9{n-Rhwvux0d-3_`7>y001`O76QTH@4^!Lf zAHaaO#t0bG^ziBQl*0#dyfrldqe{MGv46wWqkH_-@v^vyPpbAt=(5Vl9E3-C9uZRf z+>%!6tgs=gaw@2JUQf$N|3{?{;kSdyoS030+cagFxSshXuLUXA79h*^yw=|$O6UrP zFXIALlH*5oF%xE0TMSl4tC?%h+^bTG{4)s*7-zmJ9kx5Omwh*ts z`tL*hsDN%WVUdFSPgmwj^bC30&TT+nm`XH7voVvNE@?Lt33pH`!uY7G;eRk81oG1~ zS*=Vfuvdv~auM&)bz#E4@U&z_&JZu0UWgOvfsLquMw2_)6Yu!v**olsncIlv*x1H! z_Nn~tYf)POG6(aQDVTx?{LApkgWlWv73(i%03;c$sua7f$(O+D)S)ZS&k%Gb)Zvj% zMu?fSl;Z&>AP^A5C5LA$1@V41)lv4wm!eX;FVr3@ZtKoaa`$98%$d6J%;DtuCwSq2 zd*ex_uwU+PVq>L0*j2Xs7FpHq1w;zSPQvI+BI_lXTD2lUv9TF!LT;gec=nRUu3@rtEf&xLu8;OCnMcw< zSo40_Z_!>;;4=*H5(PMBeGTe&`OwoK$tO;DQ1N--s7$dF9Skksh#?+DeL_1-cNv=5 zxbYMWn#w5egD`}~#l@{O9*GZp&ym#}kl?1dxIqS@4F8EKEl>0|&4|_lbM7OABu%}mcU0v;tUo#&Z)KGi%x2GO}poeE-2Bsj31bF?Yqu? z@(9PccjQcTb62t0kE9;MvAwvJXf#nU46ali_a&N;;HuQH@w_Ze@XZ?(jWr3nCz({W(&ZSADUr@g<+7d( zIn$CFF_?Piqx7XQ@(QO7iBRDhmR2^n6_2vX(8upx^kM)h zKj!JgVKL)y>R`EwABEx~PT^c=+hkvSh+m;4S!G!n-u)iiYg3+!mymlg(VQ_7;t|M(c4I9P&*!oP0O}^m@R2EcJ{(xEB zB8l{}IeY1`61O0V_=aoN|MfVL=f~Ip1~LncOKT77K>N<%z-IfM87Sf8t*znWVlczK zHok{0GRQ5KOe9)0UPFK+O~1bug5vfzn)dk(P*f}nNvHZPC)Yz9uCq{ zZ25GXo`xvXmC5<{1>D2Y8oxNY$GQ5@Yz0H77-*nYEI5Q!l)^|;-dhK0$EYQVD^Od>P=>+3s^Gjkw zN8tDOfSo%yww;egr;O>G6YR5IXIl7NXA5-imu=XR*t^Co7GsWG?zze=)Gw{p@K-$Z zn9-;SlC#aOP?kpbzl92Q%SAVSkT%dUClMu$CZdqyvyl;0Hth1 zZ>lxgXjJVt$ok6;6n)&+sg7J*JLnPQsFMtCmeEgTB+?jY*qC@AP>Vs4Kc#e8S-eW2 zr-)3ca;?}4Cl4R_MrlE>@t&eQ&{gY*E`k1deVwVHu-U~DWw-5wSj~zbhE8|v@aos-&(2W<3HCBaK5xVet6-2xiI5j*yU$qWBZ}UH-Diq z;#PVfzdYRuVHn6bb_MUrM^fX#)RPjXiVgT56dDhc8t6=nU9d55-fIFGniz|qg zzFCCt#PbVd(TyvE+OJwLo~7+5NUGTXA+89vELUZ~{w_a~obt>9^usxs$Bs2ufsr(O zb|ojab8vdvTmYCU#g8$lt=ZRyRs6W}`!8*Khpl!hl>>9rZ7d1@i+*c3NLvUBTrB;qQV*lQ6E z9^OAD#%v5VgsB6AmrIxTHy81L-o2|)tFnKQjYt)>TAme*8p8fN=^9TUI zz(!5Jo?sv%u%$azU?V9L5$}@$dd4BbKm%Z=E;Ss%k1gv#{ zdfFW2+J6-N0TjY-lg@4X^+tw>+vOa2U1I191!54N-}wLp=y%3Ys50s^ zh@duSpHGFOhlkk<7bo^tGI4AlYxuYJn*k5HpO-(^33Q)^RhN@lElxl69HF^FW+@Ig z`!UEzP$OpmzYehu`8VeQZ*cNAK(`(PCs;1-Fb+1zcit`P=`ZY;PMp5|7S7O!#V`3= ziL+D{?P0vklINw8R<)Mjs$tgln*A}ZFgAIADQ*+>5aG>XbDkq2Ca8DJoRj|_Ndw1F8So}WWn zy`BJZd`wK3F3d z@v=iNDrTeTS3x@TYPy^jIY$z54TsLX{baS2_kUd8Nwep^xh$GExn-sjB^;n?}Hfzc9pEVNf+an zQ5_?9S$+v;7m6t0{=Qee{GaKf?kB7dXmnO!Uo5UrxxvRL@xZ7AyB~4Kv;Eii7>&J2 zZ;*B1hF9Ah8~?BHvg>VH+E`a@L&BDS>IAiIF~N;Q;#P>X7ViSHl2@R9%>6=&nLsts z6)#4Qux@iLg+I27vozHP*lf92dl8%tK@fFQwdL@Rd8lJZQHip z*hXVEMq`_kclw<7f6ncYT6D(rZ#la{V zf7XS`vX>jz>Lx;P#TniGne$Y?mPTN~?qk(aRO^Yiib^#=JKctACfh;2 zBsCa#{FIY&X*Nbzm6DXNo^;TyHC5Zy$r%Y(qZ{LNRNSRSLvt=W!H-MKq<&==ukHa! zy~U+a4S1IP1_ZyegAnAVe<;v2R*>}l6B)(LzmXCMd9N+#_Ij#KavN3heI6txq7L;A z$;BLsALZ~EM$6nNrl^G7H0G)(u1E^MeIC z`(MCEdE7^zGpx;4YzXG&dkzsyqus8%X?Q66i|sAz9>Lou@3B=V##&qmJ{ZmIyW4lS znwe+*r}tF-MUYcR^(LsgB1N9}*5+SsLt^3|A)X+WyM@M%)>1CzZej+1=IuJ#dANT& z?z(5**^h1jXAb>7da6)8`jVTxdrtE!^2G7_=a*yvLzCGCHcn;4eh!HU6 z_o?o2o@I8{3DfzwP1eVMmod})ZwQSrkPRPvzDfZ1{MH=eFa@^Zb=3_ zDSi#@O7{2!(K-WIz1+=vC9TJ24P`Z5Zee2ex=>32)Un>jC9lr5&mD{$43DeXfr^fz zkzzws-RaDD08(gx<|4=qeH2Aph}a_6|41r4bX-o;_vNYg^Fub0&9l;c-tz%p#6aw0 zgcmdq{bmgsDIC`;w6gns<3Abtr+Wz|EA!RG@6W%TT(*Crv}_#QHA@HV)$CY!?8ugX zc^HJ{@y+YGWSq*z`=fS>1<5>(BUvM293fA-k$tEpZf0W z*I}CW5m0$$n2+!}cl}AJ)$df)bTIAruXr7(6THd$?SWxPKBB!}K%-Ko^K_%|UA|$7 zkf>BaU@rCCHWF}ZCin8_qvYzX>!Ca7?~K#72N5xGtB7zeblE5-0*}$HyuTam%4jo_ z?(>z_nFGzsk1Kja5OGXfXX}V{1fg@~pD`N3!^<+uBG0cQNKtySNztrAODXo`K26C# z#S)em6Rqk%BjSdemdTnPX>cV{yO{BAEbNbvmE*ZQMQ~oAMTO;0y0>R|3pCTOO7RQ^ zyV#38QR0(|xG56}1hYe!WboIEaQ5m=9p5Mp*ynh^#%wRYGk)NT&%QD;T(p&v>2#7n*gJ1YBicJrBu~M z?5K$0?W7=!05z2KWU8jd=|R@yE!vcbPT=R`7L;aeXV2Zcii=9`<=g406e}m%uaJ67 zBSXL{JV7)f4jOBi#;Dm1q+y~4=O6-X(s{k)GQ#R0Gr}YSFIC^cHx?O3R&L2vwn0)@ z_feECP8Qeb!9o3KmS5Iusm3Q#Pir%$mmlwyoyE&7wrS39TkA`ky}inslfW#vbYmS9LwEt z*`8nZR6bBLLaEs2DSG*-U2Es_h79I2bKk81B~qL|+Zldb&=XfwR8(d{7~?B_<{>_V zSpW^U(h;W^+=#A%>_u9ejB9v{7h}TR@xh0SNT*mzA0qB9S)z)@gv>9Vj@a92FkU&` zsIbA0a@$(*`_5Z~hA=H+qH`Lov~DC2rvQY2`De~CMM%o zT=sCg&bP}>Kcv0ptP2kTicDy3B78L#v=j$764?SNI0a?OGGs(6@S{0LxaYGZ{ zoShRENlV6_n$vN?0DUf){>Qd7_DdS-#^+CLD@AQ*W3OGw;B|*!J+uSk7m_)_-@>*z zf+tN2*VHGuFgEmbIN$M98CHEjy(|3XG$}+ec)`yOy^Q?w$JAP@akv_@XV9o)19Bj^ z2Sds#xk5?0?kC+lv4FRFxRrngx_nsehpJo$KiXxH&&64X-gb_8Uaj~f&r0cv^>*px z9Jg~X5pm0-ZwG^>+F3JEk%`>wHGH&=^BDK<2ZC3|uSTCsb-o9I4AI6-1>U&1Z-9QJov!Ec z?T)B+1crzWZBW-3nzO<=O!&oiC#5#Ogwm;fPPO-g58gHS5~NsFX(twFa`ZUkM&Tll zzYO11F3V%VcQ|EVh(C94I~~s!*zIau>*W6JA0Hn#`L!ZLqaBi2lZy#Xg_4UYvn+|~ zA29bs39pnB7V&~BfTNZl(UXZhVdDMWwUG%z32mf=&Zsb2Gac{G=mlDjxrb}(B3xK_ zG*KFO4-mI8Y>Bh|x+}IbtF)qEvMr`mI`cF$j?w{E0Nh4XPynMK?epG_@~J1QWa>%W zih(fzC68|0P=Q`vi6*XgUegX$ene|~xSV#d=&VC$TPY{GAugR%C)RMDEL0PhT4#B` z(CG()yR&YV9Y6Rh!k@f|SQ1ahxh@~&*Qu5tPCkzp41b7hqHpWwUVIi({*-10N;ZP5He{?yOUN39Fp)cepj#(eKaUL6k zss3j1>r_4+b7+fFb>hgFfWEC7P5axMJZ>I+T(zAeVQ)8#W!3P?x=j-uGA!;3Jn{o} z{@Xk48Hp##&B^hJ^}zLve}_cG4=%_t-ADO0Olh;heIWx8{$)sS8x#BDjopOGl?+8U z=;6SH`e*j)OwZj*{=sv2F^P68tH#7eFk-8GuWrI;RNs|fgo@4Z?>$?Ml#9#s#Yt(% zAnNr%)jeGann-dn{~v6W)Dmf#OZO{x$y06Dd~3iW7-18*8VVoz5iiWslmrK{O#=tK zA59)SgKLn(KwC_3)TA1OIM&~MrO&={b6mV4f5?KyIb&aL!wNa@B$J{?XK$`# zWpF=Dm$T@j5VggkvtnX%apl-%5cFxDh?A$@!Sf?}(|@~iR6JE0#x}u0u^L#Vmq^^Z zuXfO7Gi!m?{uj@q%MCn(j>|aVS(LaV{vZ{4R53m^T99dSTDhFU?HUK?X_T_bIULgE z_uN;8@LcJr-g))@FS%!uzDI)Y=MAGk=$Swm4^x=yRXW8ajp`=amq zXr5x*jHiPqgTM8su|aI!v@ zuwXbaO5F?(X|j(`G!gN3$LaU`6<0;R@+k_-ah5|AXRbNQ__ZHo1tM=^GDSy~Ie!@NtB~i-h+2-<#LlXYJhz-oJZJvCUtH-q zXHV~sw0LHFM#n1M$P?UuL~rD&J+-)iULc{93{FhQq9>+8J30ihUZxB552WV2pRb+k z=Z8k9-#JFPQltOU#OWjsFG|Y5U>@;KEp7YeXy1=;jqj}hJIC(ZlE-D^Yug%!xVY1% zcN{%VTYJ`wbY@<#!~L>l6b8THpw8&+k+YFSam$S;(EG9GBq5{lR`i;cm{nyCvf01n z9JwqJ5isXGRaOzoqI~>y?Q3pEm=i$0Bw{T=6rllmc?E<_7Y0ZkE2KF4rQWloj!wUM~|gx`_f=c64l$=1ge%3j_-TLgt^ z8(i^quwQ@GAvyJi(Rm@yW?=y3LgmA9Wpi-4_nV**iwYnJJK@9GXjT~|bXA*74>ES#-8ju4kxZC7i_nO2Z)+gFgg-RXNsVgXD6vR(jS-j(x@bCH zQsLC(l$qV2()PxE67b#H`~Q8$FV?|h(tx$+nC-;BA}V6Ez%wOJLuXXgqM5Lfn zgf!jQH>+EyKgIi2`)rU1V4{5}%#h0=LO8TXlS9;kRE&~mSQB^iG>KmrqpbYYkvw$F zHXDN$E6_nULAldQQssQgeX;&HV{Wm}w^&^jSdzv^<}wtVB8Z~>NK!tq=Xtef{Yf!9 zubuEvAJU)>!tWDK#8Y?TmGhSOfV-h1mG0B@H%j=AKF9&}@X($hH1xP3e2?%ciq!rL z>Rfk2UI%C+ltT7jy~%i=nHVrGgsvhwjC*jNN>r3glqSv@ekyyHkU6P|r3&F~ac?HS zqzJ%$lK4=;X{XJluxMkY$4N5ONn>}Fh>;lzE*+ENkw5SazuM3#L*^T}El@x={tN^@#ed0D_3S+G-l9jMck(8}d z35)ia*qwGmG=Y?m*yMvEVwUlFOkCiW?b_07?H8e%Vhb9lMw1g^@&mCHqznnc#Hg<; z*XBGutqLJ&y$4pI(;Ue5IToITQwfDkmSTVBJa#&g0y;hiBUOk}keh%YSP_w{Y}6sF ztgW)tuhvY#TOl6ov}|~@B~^amr@O1siAo)`ZDGv3RQh~}u5NO}I?!%t-(vnd`B>uC zpUnT>zyBW7njc&^22Bo^FQyze+jm=buj^e!u>h$;72C*Y+1t03A1+B27-(9Zlv9A71+fIxC{q zu9;X#eVczTMaKzJ5|#bQ38XR2YF2IGocd}hoRbZs!M90cypN~kB8M{*hnq^v_#{%< z-veX7h${1AtjN(+WIaw0FW$%IF~cl(tw_rIC(DF!Loi%vi#q63qeINgd1+K`Nz^Mr z>qfxWGdGs)P?GZDMsIe-SU3*}>1s<@m2%{{U=4PyPo5m=2d5ZzHRGayHWi(4T*%+l zgq{_`+C(A+3z1(B>W6;8{bgY~vyc5JA|1IQ73L#ZiZB zWN0WK&^9SwTvC&M2*odUJP$S=Su|o@V`xN4%$6f?hszoJLj>1Ahe38?09#Ctc47=9 zi8DiMWeZJ-mqAnv@)B1dUY;^(8gxY3vW9U8dD{m0h3ozP^&!KXk?dDwnL3OX7}SCU zNEccK%Qo0rA|uM=FhS6}*JxC|cm{bNe2e9zgP#jf$iwwA+>y_U`VYhsN}f zn@+JIk22_2p`c;cbkQhX4F0p|_?*g#0=S_W-tJwV%Mp$EYbxh3(>4`WD$h-K$#Iq3 zu+oD??7P8vePM@kkn{BiPe)tRs_%cn=)c2Vm4KA6gn{21XK##!lfWxXd|RXjXrXG9 z->1RInWHO1@ybGdN36LS8_(ZTj#7u*mVV#SozUNHproCzTGoz~m&b2iB1q*A?&qss zdlU^r()k|n3cuzChAtdl*p+?r=C5yK19=XmfuB{dxqt?}DN?`;29T1k?c;fFQis%w zMk!xcUdOO3E58?|g_b*Q!Ms6*h7C!TQ)X-Y&ex>JRIq7CY(gUjF2yNS3ct8KuDHUa zQYW$Vm#4$Y+3{hu+y^lbYzb2jVpco|jU~2cv8u@Ug)U@05@p+)oT13=UF%?tU}Tnc z_=t3AY(V(e-=UeC<^OxFK_B|?s3b||lI`j(#T=^7zUb|aK~Z(&7`Tg>3? zQ=!Oy@QDqDQ;gEx@0GH3ls!N^yVWX5t5GhR(UQ+oiGbsYo67kC?MnJlj^>{qhl|B+ zfZ#pGi6gPb=$!99na$k^q7(av6)oW?;T{-fjEOw3vn^w ze!F0xRM*7#!vXkOslYgyc!Wh^;d@$k0_ zrRjo32J_8ZG2o?`LS+ zk&W8xS4@|S9oy?u07FPbHw%9H|6&?*A7D{wiPn%x17lmm{jZAG_KhH!NyWX`hi^6YSm z%UXR9@QD0Ur(gJ8)>4wQ9+ZH}b1CruDAjt=N-IdW0?~8mj10zlXud0)UAm;8yj&MA z_vo^Ot*C=Qh4T6r4MmA32L&G!e+0AiNaL$F&e1Uelaz<0D%Iy^Z<;2a8e%`(sR_wQL0aTiEyw@& z3LJxh+sY&EpRy;T#ERlsJfje}MY7Ts<$WLnd?@OwQWJt%6>0Zol=(>EPYS0x_8qI0 zkNd;rdW%_ia;W6y(H7x?4;CrVqb0_fCdzUyC`@<0IkE$Gc`^@T7okZ9u^3mXDw_An zp~|QPfj4ni>e|{H5%XFe-(o0>5t@h5a)B7u3?iUB4S>zE>dG~(ns*a<__>fG^_NoS z?Xu&nR%Zw`cGnZdGTojK(Pw4JhMk_Q9~Cn?^eT`-=Zi37BHW*_Lz+!kpIuUQ$()r4 zs3~LbibSfVx;+6Y?P9p*mkIbrmnjE5N853(`8&rp?pqgEEXT35IqTv06`Y_<2!`O_o@AF zbSr&Yu)B6>l215BehMQ=pXj#5;BPFoxl&^x1>r{>i3T}`$w7`27Vi6iz|JkuJm!*o z|5$phCrA<-wpe`?>ZdOtxb zjGeum&ISg%e95n;JeA(Pt}Uj3>`+h)DC;-)YFz3#W>{hi<+1Uj45Y|3ePNz9f(jg< zSHa^d57ehY08a}#tPFgAs!Hx$+gCI0mo!5BK1P<THRYu7WmGdG~}l1`rpX*M(y zaddXD8kC*pyVd@y(i5gxMadAP&}g~wH>=E zvr?h#U{R;3{lLKUh~=N)^(YUC?;3CukMiL}(NecbSaPWZMo%QOma8RTrbd@@MclyAhD9Innx<9)< zY7{+|tSAO+rm!mk;j_lJz2URvuN>Ki2`EW^ei43OIEDTf7xei7oM}UXAmKNA|d5WgkAEDnu@A6Bwc&FM@JoY zbhY#WMl@Ubn=xS{NZVXr3K%JLflkhWOS{viAPt*~(8e6EO|_c~OBviB@g+^ZIRw)! z4C8B9Fn-GYt~h1-ns{j4j|rpbs4$iKpA5s$Pc_TJh~hIVsib{Hq90qUzw!TfFS>>D zPwpc;RTupBHOIpUm`a$B;BK5Du@nb{A)wQMn_-ks4RKN~WKksPWy-3UFQ~whEoH|i z!*eqy*+y)VCbVjij9L>}^Dq*v%ItV;Q>hW!hlh((sM|lMawUO#JYiARs7wqhhE`Bw zaXeUU*~`0Ya5UF>MhnPt+23wt54Zc^&)Y#WQnSlYeB0TN!!u`2WFx?9y3jXBJelC>g_gihM&Q^6=MezaYB-aq34nvx~lDV!5$I9K6zoP=c z^B6KlL~@K=Y;GP!v2v-R97V?*YjXDK23Ac#aqjPlNG((tEB#BoP5PL)5B%|3d4FGu zwSB=Xv-L>u00Bf!>3EB~DiRGM+R`7r+qC_k-uw@+Wq)x51lYEcl_#SJ z?bxeJmm0+F+&C58jTvBAGe{+o@Lnx-YKm1@dBUspHJmvHqxTnY4mJDk&bT4_-(rdQ zJ+aq`OxBY?tC-F&AooKPeGvn@JR`;0t^GVJMSYx0hjJkR_~q^GEqg7bmpxOPtE=lH zwmtf$C`V|{&_qe&q8ZJuDz_rCh+8m;C~3BoB#^i|s5jkJflbAvJt3umC&UmHY00Mf zw4g@Hok4^tzYDVe2)>;x;0VyA_uN&y_3)Fyn8KyJQo17}mowb+=vTX-0bP{y%ASn5 z1Gt@=+SRMMFTPIR;7@%31y(?Zn7Ey;)eju&Ehy;ssgIw&mJauRNqO7g+m9@XHRjx* za2;`{Ra-ReS6d7z5y{m%!^!(++Z7fxl8IWW>Ek2c#en+*EHCmJK^ou~kGKS~4tPs) zYIk=fe$p7_dj7p$2mgH4dOy5+pS-roAWqy?IY)Z};bJ6v&G`po+vE`al1a>81iB&g9PjBTB>0! z9y;m$qw(kCwna;dJ|~VpwSHOBhP-7gQiffa+;Kt!M-_v|iL-T5k1AnaPN<4u5*U_sF&DnV=%K~B_^y=+X> zs+GzXb$j3N?tD&9Pi%nw()QOH1FWp|R(kf{FHo1%_VNR7M((kxgViStOxS26odVuE zxet;e!D3qvwQeQjxVvNswm_i^IG+Ge#o%+3&S@8q0`r^kRL8y_s>nRvw0-`^jNs?{ zOB6tI`R&OJU*1O=6_Z8ns0o!ZP)_udZW#y`g%i?ixop zG8N4J=D~FNv3`ED_JSB-i(+05ZHJzv0pLR25cuX&GP*s(jgzWltBX|?RZrih7%QJ^ zU?QT(U312T9QeV2@)Pa0@c_%DBsGmIhNrQqnSMqwz(}i`=PmKo7D?v>O>_C&pBAlG z43FTr@}!GnqZgyK_TH_{;k&cY8>H>WbplPVuCVfc6XoS>qa0I$J4kZxVYqe^ys2t? z&7OprzMPv#v-$IQM^UxiN%qZ`3oxae1{cG+N$zf9EG816&ExXN(HBkr#gvRYq>P(9 z&iVTF7QQXoGlj0OmPw`cL^zlk2iAL3TudxBp6~k83p7mV;pX6YU{?D!<{i>*LU4ib z)ORJ@=3%gNBR7Nys<1_+e;UtX$$H-x5pN1VR@eZ7J)p}>APK_^FD#)j-fu($P=3sR zDrP0zetYFQMKXmoWK=4z3#jva7D;$v4N0jP5tL9OyL6}##$YX?h@}lzDtRO^nofmN zEQy~vMgwOa)(diu>jgzfbXf1i4ZI~BOoxF{;;@T)wq}RtRUoN2$;cr}lh;`P+2?v0 zor+wR^u>;4AJ>LoLfaioNormKA2-rOn+ngOoGS_(Z_7|`UP`3#ov{cL%(b4$%S(jC z8n2&>ugIfwjhF=Kfcy!(-O&zX3enPp3e9ga zCpYcl3<;E|IyVuwVlRon0Ktyuhc*<%kwCr{)cMZsk zQ94KQiz;G{Mow9Eej7ravkYGmf%67|n&x`|7i!MuK*a^lW5+I z7fbQYi2O-|Jr&-L{qlZRf)RKHS9xg~lmZVW>dwc33k?XDBf$`GJYQ|-4On^eTF%SO z$j}HN!WRY6A?Vkr<$k?Tt*s(X9B1#3#_=weJ0KD9l@AmY{h_E1HgK)1ukA8Dg{v%Z zsSgDn!zD`){pzK|HDV@mwRT_>B}D#}1Ntq@vw*&Qg!>N{A14RlY8|~kP=dk%|A-XY zu`;OcP_{>0`ZI&s)wp#z6+d-VuL`m<|8q>wnwMlazq89ee9Esaq0>U7$@ULo-E;dw zR)A%Qyvqa=kp4Wv)x$E)6JabOD7RU5BJvXTMWR8egv7*EC$42ye0~r@5CdT?dv#e1 zfX+Me6Jo#J`H#)pKd{9gHM~eKD`&WUyC9}0&otoTiJEU?pQ!_k1B>=&ogwMk7DQ!G z&Jph|^lE75?lb}9_YzW`AH5;Vd{3fmyAlUQC)yJyL=90D8Xl5 z4rr6l1394aIij8WAjn#xDGszkkRdSfjQBQV_^eyJOqdm7Z%*7j29o(d&~@JpDKZap z6(Z4n-3db0MG#IO_R)t_S0-`hI}mfBk{?kuYFa2}=~>)usesZfX1zi%rVFABe7EAzk7}mW+A;7+u17#eT!@m2+-|{|+j&f)}rU%aRcEm=SF@1gVaZW|`v|=5qjA zS++;CL;9OLQ0g~MqvXq*LkqpV=Dz&}(9?5H7-$+PQU0+1vw`AH3f}!IzSsWyM+?*; z#T>+zbtv=nK(@2@9?_QRKDL|Bx*fndNT|-wkDHo7+E`Xr!PhW3y723PZ~D)Qc=d$4 zmuEhx7i~%u5ct(ffCnB<>W!;wD4m?+9%~#Jg#$=k#b)u{6fzopBn7by9(P68cSuE< zvKO6Z_>V{-J?X9d8{i@h6f^4Ki0(yW0ys9l>y>yETUFF+`v|qew$@yqc#eeVTJeXi zvHbV%A@G4az(KutLK8uB3WNGUb@%{`E?kGe@{==nn-GNVB+^|yoh@*Sww&7_IutS4 zG*p0#C?1g=q^{lif}9{f8#gz%RJpun4CMI&?OJBraj11q0SM@AE3kjO8qf7O#QjZw z8t)*bN@I)1VJ!5U799;Q=Spc$#HOo5JfAhH0;dr*G56TmEd5Dy&^45l(o%_+MQ*Xr znmM!&i$wqG6U(1(C{5z^X>{w8)R%i^Zy7?nbz~f-2|@3dNMbK4eaK7#CXi2%+^+WU z;8D}7c5b0MBvV4{;k^O^2C0~__uWxPRe1If3b{V`E{fp0G*kEe!KRYq-a(^pusyL& z2VTCxydUOwkx|$KDG9M*4PpG06b05eRU-)r@90nu>TF1$3_J_?Qw9=lsf`01j8VDa zR%ktfg$(g}jymKXeRu?+yCF2z9oX5!H!qpbrN_k?o7odT1{I7-QKN^dMEQ{@`C8NB=D1R_GDZFG@vkH8?_0S@&9lg zYXR^I-_M?>RzCbsf6)*k+XC8WX7|Q;{6QCXS*qtbjHSXVVYW|@jhpgdVma0=h(UCP z;AOMG44M+|G7CJgZQKna3lhKuYsTwlSuTsXWybHY*SOQ6J>p#kqh6Dgm;heZxW08THI^GErs= zXa)k4`?cc61|%u*K2~o?jpbHg;05z#;>14A3nOOKmrS4sKd(D#u_&U<|0Y9LgdL7H z5sV$QYM!l+IIYD$Z3eE3+X_xZ{BFp6R`<) zs@oUb^}|=p-`gLdSHoLCd9SH*ZP#Z);n`NI@m$Y5|2{~CmlnIRx<-uD%Va0BAb6MR zjqLz*dA}Vn2|2&fp;#*I2_06LJ2~O|wJgi((ndnp?BrdFSZhzne-mEtbpHePtI+^3 zRFbn@55E=xiuOAjs3ci=Ef3@<)be$oQ-co0u!}kZM>z0)X=dB^gJ;)9IIo#o+BC<6 z?u{KlQ5qS8k4ct*~5dX4S_ zZ5TOSDh{V3T1jwM!W@Y2$=e2zmBSK z;`zljkc|w5`a1iDWZnFK7ZC@X5Y;^RS5vGGTDQ^zSZ_4#(MT{9 z5d+i6@r;=9{s+;7_U(}9V_h2yO1HdMAg5_UK+p$g8kc5#BIa+*x zWsDGDuhE!zGY+f3Fd?@i$L1Xh(qIexaS?Ci^8U zN|HY$n4=NHi?(pJv%XIHOJDtX&6t8dNJEbyLwf}Ty+k56}JuJ;D>#EHYo zsDLGnaTQhBCcf)Ifr-aQp02814h8dB5XpDxg8BRzOn4_mvCn@aeRHIpl$o2G_8;I; zP8$h2J$*5XAPy9|po(e{x(v8=R!FSm)%f{W&iFiGTTRQkKYsw#z_IGhg~x1IFvN$e zQe5C>ewmE2+q0Y7!*9Wk^(UiMt7Mm`?L$F>&H-lf_`n}Q=t+^%^aZy@9BSU$qG{zE zH%Td_FlmS0kjeyFK8?+uyhCPhT1o zx_)!GAQF*TM?#(?(*(!+Tj$M`sI^kx6Z%{VM#*8@S==7oecNZ(C&@O2=k4c0K6*j1V6V@gv6tR+se=yJM zG*^3y^8v%A{6)rUo1zU@bYXLlC7_P?eJ_?1-kCro=V|?_lTEd#^f;f5kZ~J*R653%@b_Klqit463*doSC9ZG2k%~!+w zrA3US2QJvz#MH(g)w~D7YFob*L2lz^rN@!=(b?;Bye$ey7_z(lvi9(HRdu&X=~oB( zg1dIr`tKL>yRZbnib5x6%1z}%V?qZI^gBM=myfMz&XtY3cg%lz0teq^k^0H^(wNqL z4*QGHgpQdO0u-LBweZpY)$)ljo4cGTUzFXhwsa2nRj5oU{M8rd2rPhfB39pR2#w&DHW+$N-H7BRt2uT%@1R($qnKDPB;L$^+Ej~8!XliOw(Gt3OE3hP^ya;{IxuTSRxaL+XtUdJWy3TAbY zXRY+yTwf#+`*4zd++QWv48#@6bV$w6E~u!%8HoqdWTOoz0vV6Sa`j}x&QfAQaKN)a zLDt0qR!7E6gPGaADD&yxWhG7?jes1#^pkGEo<+Jq+0S4q(9pHOp4E&d=$nAu(cbbJrNcQd6?)LeqEwZOE@0d1E}a@B!*jw;j`# zF#nCKP~!aOKHZ}`PEf_S_xX|)U9?5IqcNoHn_qYVI*ix*{- zS)xSqG}Vj6?0{G1mT=Ut^cOCd=LwB;20iclc5 z)?a;+msC>-P&B%J&H+8rLQN=M5BI?#1=&I2e=%EgMuF6ZbOa^8T0Y>$~X5tL;C&LxWPKHwFpc8 zkSOdzz4*k)pYprYll}FM@=G zggW_FDHn&Fcu(@s?!6iSnCIQxiyA_HPi2Uhsx|9h*C%p*o?r#?5Ydw;vFr)smjH^w zU`X{l7DQF=@kI#N!-G<5VPN5&WNP27BSX9;;%(Brnp92X{f}?Tt#dzrtr3vQAhS@jWtl#4w-@)SmbBOg@dwZwNKya0i9jg8H z5YOexLEY@|cIZ>;5maO0F8_fKiJJE@qtv{REMrk#BHeNy=Al#Trt3PvazD3wPs;eX z zaQjUiIKRYdsE2n286Dn|{l4I=@VHY16k{EKKEY!Nf@Bj-KbD)vEtfHaFtA3@zKTDI z`)bE2+O~GIZJoT2Gtl;t#V^3y3j*G(iNHU8_HrU;#Be*c-a8%JD6(*CXQ#6l(}LKr zwO9vvl?cc3-u1so(69CXD*rr-h|q-I-4{V-hV1)c2!q`HP-Ev~4azq&x6t$`c#vsW zSe0A>_C~&FK0c{9LC$*HS%^S-)SaS=tANg~F20z$mrKX?_mLc4w;sgb^C3g1mjh25 z3+^KPI@0SHxf*Fo{hWo#absNEgDGv)kR?*b6otNL(iUoBvW5$b zog;XIqCUOuFcIX4a$8=+1uV~`)&-%@6KbM>^p zzm?f%;I4HW9=1fHlhc8zyi6T@{ zS69~eW5>)iv>$Zguhi=w+VToKx8{E5h34~SgceX;I z9g_>f8T{gsUPf2%WPO1(@GULUiSHrQ&5rmiG;ibQzpl|I#-H_mc{#3cjRtYW@9}^b z_X)U2U!h(|Tp0JHEYya0@-)P-A`+$VZ!i-^Z!EezR@SE`s~rO|^hP(@gYmc9megW< z^f-t`enh^ODM5#wogtMy1A$0g9q$HRrN##l$`2KIab2s^N#yao8`c})|LpRMpO=-@ zF?xCkJVPk`IL#Oy#!Rn>0h0G5ZEycn(Q#l<#~DUsHwsp$$JEpF)z7d8*}xVibpU}8 zh88eEd!|E&EJa!Q~wV~P@rQ0Fl z+XLJ$hFnZ#I%`~7-mm4=3mvHHHodw}5uvw2O5q59jasv|$o>H!NXOsaJ5;`XKhitn zGq&gh57#QEo8U&i;7m`w}@Zc#7FgTr6j+S;k}iWf-}XpWcn`u zU0iQODjk`9DAW*LBUq9^xXNCQqaqCzv^wcAMV_3|hW!I5*w^cW>}zW=8cPU;4&CYH z2Yq4g!U|ff`VL@c?7pA(M<}`j_#%4G^tyqfyGL??|Ax7Zk{@(|JY`$Fw3vLdOo>pW z5e>=^jS6GvCET{jTS!dNZQZfQSCvyXOJ!%a%GN!3Z3)pMXl3<|N-fR1!#^i}ys$o0 z2)VH-HUE_|%o2d=VF~dk9F~o_*ZSZ4*DNloM_h#vXQ)K(mq6(b z`nU}>JKTwsRPqbl^l1={UGaU$0+tgD{VY&zez9Xms<*dHT^{ZXd*CV+vB7Nvf;Zkb z`emnpAUv(rd%|I%bdXhjYfmuq^VFu>_6Is&H&H+tuRIL~*0kWKcNMq$Yf&Qy%D0yu zJiJh$;4j~$F`+EjrI<)VuMGnhs0Btt;PipiWDNu9bb_-kNGk~iwXI|arbLpqF6}vg{~Ozi}Y?U732{P2&s9I zYi}a(PUZcn=knK?)VL*NBZmL0q0S6gBMM+sm$)B31S%UJyUAaoS?@j>B2;k>534-a| zlw~)ZIKX~cq}(K2K^1+B1X{HjIu>F{N~yU=HR0{}G4HHr<9822;=b-4OcNjyNjZ9K zAoXv2RRvZ|50Z@kYacItnD2E#eL1DAin%sF2b7en`hQyi`qHTCH8+AQQOKPkU$N>^ zO(=imfpEfClmN=+4esZX%pf5Emq6vbE;&1g1)IIOO2tJ1jek=%fL$(I-gNz~p z`DKck+hf7~zh_x);FKjwDn9CK|L8yp7nV>$G#IwhgW9(Ez(=wxu~aXZB;UKG*D{TU zWa0nQ-g&+?v36_R%?6BMq)8EJ2~xyDkzNE6AcBS#iXc^KAylPFQ%a}`xJ86erT1Q> z1Q3)eNDWOAii${!lmrOi8TY%-KIg;v6V7~k=G$B|b3NC3)_t%0H|B^`%|p_3Htul2 z6h7MU?oA&)=7Uc;A?B0c`3@#|4CJim|J{Ihqo?!WiyxzeO~wWu)DQEngaQnC+QZ1M%ala8m2CgBvhWw|9pW^XdVw(Q zUs8j`6eV}T?WKdHqAB=cWkt~!rq7}_bff7D13YY#FPE^_&U2;rY%tX$PnTRT3M5KJ zps&>N_AfOo{a{XPx)!Uck)8IBBQ@+fB4=vXw1ay5+0~M#8qN$0E&T9ggr%d%tP7u# zOUJD*A2~A#$NCL2C<`^g_#G*v0mUp-{Pq-CRsAfB(N?jj=lH_Y^Jl?Fri$U?`=WR* zRZ~p%x1f=2Hf^#^C-44yAna!qLHczmWgRI@PW0ylN9)#YJaqq?ZWUR{RYdU%J<3Yx) zujjd?kV+2U!VM+dec{(Ec19*^v7zy1p37dCsLoD6_MmpE>b0@~ddw{ux{c2d>)TS= z=4NdQVvhKzyC|M?gq_z(n41(S8p!190AR!uL#5?VToy~SBy-jBn0ZB%Whl(LD%lfy z!V+)ya>l5jb=zy zikX5)A>pt1PRlLrhX^;}e};y580lx5qx+b3w^W$WN-Wp4Frd=+rW$?sq6{oF?X4Yb z9E1AyzGus~X4Jy^LLj!w3lgQl&rS<+c#S=MP$JE?t%N=-vEz~Z>If|pA|W%f`5Ml0 zvC*&eZ;(*|bOmUL830-u5NM3ebpt$X zJ{m#}A5_+xtfM;7AR!)|p5`-F>`o9pntq0&_l2~w%KhJ`O$Z(702E{qlWeeV|8n~> z(oOC#`EM!{bf4x*M?}7V0q)BcFhk(0jfqUHc}5vN7fji8QA5_recE!~ zFGQ=Fr%pt{f81E`qiPYP+Wh^ERerZ;80o@n#-~Dy3@W_ZMH9O&vi;;>gXfvnA?NeD1#!x+jqsxv9Tl`~GGf?&Aw*0`=5|p@;x>>TcaeEP$#PBOm<9H#xT{{Pd ze67Day4_S10sjXJ>0sEu9bx?rp|opJ$l!X;j0mXrxn}B0XSskq|0hVR$}!kr%^pSDqCYOI9$NWPFc_4+Z9+TJ9HoIC-h@DVr44Imr|GGB!pZt`B|wk+J5>-X0O;7s)R zYV5uASbONB9Azu<7ZU<6;<4=gULEYl^Te^nOjUG1Eh^b-k3#TB|JPUyZ1dHkbT90h zTHx=^i?t24n^PXSyyc>RRXXuW(z0%gu?wDEsv%^tYf+*fFY1vPYp~!*^}iCLy59Ji zw<8jD$f&6iWkQEc+mtFq>C^M)&yUGK>ft(-c)aPaPUpF&Xr_teg};Jj6n>Ndoh1+= zG}e#jv@Y!5*Hlu5-5}4GWR+JdiCB1J$4J^*`V84*~kzGhpvoU6O9_X9UFc zam?#ajma&q9%j5u8BI!MgdCu*;r`N0z89eEGR6~a$;BtAFY!%jy|-r?SGLt2_l)1N z$~2!p%BfW&hh*A^4~?OOQV-8e?}5X>$%n{*{;77fa>XjXk#d^Kvhc!maaIQT0fy$oM zWyf)Awhc$eAf*H!4CMaQGr#in{D90J&IKQ@hqS=BgE-L{Qa)E4E4g5ttmaLVlH1Hd zWxVA?2XV{p4Qt)J2W?GN*C<=BHw`U#)kH|d{uz1E{e`=JEw zInAl?coyZ`yMxKMEjC0}Pk>5aX@s-SOs`Nk=V?d3fjPauaaCoQ?<}cV_R1g6i(b+O z$)%i@D))`nSZmnayyRC8$q8QsPGUcTzX%JC`VWXz8s0W?$%Jv9at4er`%3^nP`y2- zbHy4c*XQ~hGeOaFBf(!+m*Km{SBt!($+1WuHZB8#yc^v7+mxKgOG;!}xyvrLt z$9ro}Sz+#M%;mM?Q=1YWRD5mdX~2>0mf6z$@H#%3-&?C_GlY?ycXN^RKXJzGISDH! zV1_^jBH~7rt4yj=BR>&{f;#d%`Q~}u>dEmQ!r9rGrJGw#^OtkqkXK|VRxOAUndY?H zws>YE5i%kI=pue+a`;1?=!L8fJyyRM;h^AA-Uqm+LLSkn8*Nl#5EY<=+qNy-26)Ky zYk7BYc#{V#a-!0=NwWRuF1G@{h{N*5)%Q1tY)aQ4quRv|sJhEF*rX_33^aG}aqhfY z+FEM8^f#}{HDy2Rt-Wa<4f%F*O*t)bvB~3m*PmeZ?kW}f7L{2du;8FOtVpoj#V34g z!5_B@xKFun^u9T&>>jLc7U+B(nWk>xQ6G@Z9&Z1}M51JEWyjp+@mG7M0YM>M(u3vY z<=zEP{pyal_4OuwD?7J$c6LPQH5-^LFP{lHMUX!qMtnGUG4P6CZ9epr_gO5w*0vca z+EG{RJbZk7*q=}FU^j1oB9=b^oa+eyDDd`mZfVdKkOr>1#EO`%97}G=b=}655b_7n zh1HsF@aGp-p2=rU3||iO5c?>mlF<#*`toTpX}l$C_3$F_U7_;rpxC`3aL3*v7r*1a z_N{VHkNpakrtjk2lCb+BkGdrV6h4S|>2|DakbLHe?E;y|CSm$g*%CTCHXFo)Q{3c8 z%lpk;jk6-Jt;Pa+RfsiYAfR`19|Mph1tF(ydLQlo6z21Pb}Yt(h5bH&+Vg8BOg>6u z1%U|iEPrr-6j<)5>|9`d8W7dB2$+PDajB_ZKyu;z(@;PQ$uiUQ#OX4qbFz1T%y${q ziBZo8-tHHZ45iFCQz|vo?z_%tEO{N88eO=Jxf`UQ-cyi_ZJLfu8GB%x={#>jv|};q;#J+Vc6aBL>09zB_Z0M7$4)^<*w5_^@2Z(#a#|u?!+EU< z?#d-{QiJ)M`O05~`p}#d7cmm)78&)2v?bx(ynIZ6dC^_96f8r*!B8U`UD@-h3yEy@ zft8QCKatmVho`ruzS|a2g*~!IU%$(jWV3d8(ta)L(iio+X7&bR3^|?Wdl+SG9gHD{ zO$vQQIhA?7^oR;6wxsAcngWb<^mI`T6$p(BKrO0az^W0%Tf*XNgV0bNpMqoInf1fN zFYk=ZCR;MX?OCT#@^Ten%3=$a&avoG1e7<)QtIV|TkyOZ`1g~X3)@U+r2exIpin*c zj<4WakeuUWQOJ`B_P0?A$xOjGvc?K8iG4FY&4}N>PWxyC$XH`{uWg1@7l1PAtKC*j zH||GuDnY9UZ~+O3d;b4Dtnz!dypb==aDTi^2S!Rs?7aTJTnB$2t^OU&{{Opwof7}a hQuse#NWa#?uhZTue4p|3E_|neOIKT8s}g1x{$DY_3CaKf literal 0 HcmV?d00001 diff --git a/roles/common/tasks/maintenance-site.yml b/roles/common/tasks/maintenance-site.yml index b65f87e67..b72d84a8e 100644 --- a/roles/common/tasks/maintenance-site.yml +++ b/roles/common/tasks/maintenance-site.yml @@ -16,8 +16,8 @@ - name: copy maintenance web site image copy: - src: men-at-work.jpg - dest: "/var/www/html/men-at-work.jpg" + src: men-at-work.png + dest: "/var/www/html/men-at-work.png" mode: "0644" - name: enable apache2 required modules diff --git a/roles/common/templates/httpd-maintenance.conf b/roles/common/templates/httpd-maintenance.conf index 340abb986..3170c7fe0 100644 --- a/roles/common/templates/httpd-maintenance.conf +++ b/roles/common/templates/httpd-maintenance.conf @@ -7,7 +7,7 @@ RewriteEngine On RewriteCond %{HTTP_HOST} ^(.*)$ RewriteCond %{REQUEST_URI} !^/$ - RewriteCond %{REQUEST_URI} !^/men-at-work.jpg$ + RewriteCond %{REQUEST_URI} !^/men-at-work.png$ RewriteRule ^(.*)$ / [R=301,L] ErrorLog /var/log/{{ webserver_package_name }}/error.log @@ -33,7 +33,7 @@ RewriteEngine On RewriteCond %{HTTP_HOST} ^(.*)$ RewriteCond %{REQUEST_URI} !^/$ - RewriteCond %{REQUEST_URI} !^/men-at-work.jpg$ + RewriteCond %{REQUEST_URI} !^/men-at-work.png$ RewriteRule ^(.*)$ / [R=301,L] # --- Security Headers --- From 92ab4a0d597fa79f798fa90b2134200f8b8d9230 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Sat, 15 Nov 2025 09:17:02 +0100 Subject: [PATCH 13/16] cleanup --- .../config_changes/unused_enlarge_rule.py | 129 ------------------ .../config_changes/write_date_to_comment.py | 43 ------ .../importer}/config_changes/changeRule.py | 0 3 files changed, 172 deletions(-) delete mode 100644 roles/sample-data/files/config_changes/unused_enlarge_rule.py delete mode 100644 roles/sample-data/files/config_changes/write_date_to_comment.py rename roles/{sample-data/files => tests-integration/files/importer}/config_changes/changeRule.py (100%) diff --git a/roles/sample-data/files/config_changes/unused_enlarge_rule.py b/roles/sample-data/files/config_changes/unused_enlarge_rule.py deleted file mode 100644 index e60af3f23..000000000 --- a/roles/sample-data/files/config_changes/unused_enlarge_rule.py +++ /dev/null @@ -1,129 +0,0 @@ -# Created by alf -# Enlarges rule 60 by a random srcadress in fortigate.cfg - -import random -import string -import fnmatch -import os -import sys -import re - -# Define global variables that may be passed on the command line and their defaults if not -# example$ python3 enlarge_rule.py uid "path" - -input_index = sys.argv[1] if len(sys.argv) >= 2 else 0 -input_index = int(input_index) % 59 -config_path = sys.argv[2] if len(sys.argv) >= 3 else "/home/fworchsample/sample-configs/fortinet_demo/fortigate.cfg" -uid = -1 - -# First step: create functions that build a random ip address and uuid - - -def random_octet(): - return str(random.randrange(0, 255)) - - -def random_ip(): - return random_octet() + '.' + random_octet() + '.' + random_octet() + '.' + random_octet() - - -def random_uuid(): - s = ''.join(random.choices(string.ascii_lowercase + string.digits, k=32)) - return s[:8] + '-' + s[8:12] + '-' + s[12:16] + '-' + s[16:20] + '-' + s[20:] - - -# Second step: extract rule uid using the input_index - -with open(config_path, "r") as fin: - data = fin.readlines() - -rule_area_flag = False -rule_mapping_count = 0 - -for line in data: - if fnmatch.filter([line], 'config firewall policy\n'): - rule_area_flag = True - elif fnmatch.filter([line], ' edit *\n') and rule_area_flag: - uid = int(re.findall(r'\d+', line)[0]) - if rule_mapping_count == input_index: - break - else: - rule_mapping_count = rule_mapping_count + 1 - elif fnmatch.filter([line], 'end\n') and rule_area_flag: - break - - -# Third step: build new network object in "config firewall address" - -ip_address = random_ip() -uuid = random_uuid() -count = 1 -line_to_insert_at = -1 - -for line in data: - if fnmatch.filter([line], 'config firewall address\n'): - line_to_insert_at = count - break - else: - count = count + 1 - -if line_to_insert_at > -1: - data.insert(line_to_insert_at, '# start recognition comment for auto-delete function, ID={}\n'.format(uid)) - data.insert(line_to_insert_at + 1, ' edit "{}"\n'.format(ip_address)) - data.insert(line_to_insert_at + 2, ' set uuid {}\n'.format(uuid)) - data.insert(line_to_insert_at + 3, ' set subnet {} 255.255.255.255\n'.format(ip_address)) - data.insert(line_to_insert_at + 4, ' set comment "Automatically built for test purposes"\n') - data.insert(line_to_insert_at + 5, ' next\n') - data.insert(line_to_insert_at + 6, '# end recognition comment for auto-delete function, ID={}\n'.format(uid)) - -# Fourth step: add new object to source address of rule uid - -rule_area_flag = False -uid_flag = False -delete_unused_network_objects = False -replace_counter = 0 - -for line in data: - if fnmatch.filter([line], 'config firewall policy\n'): - rule_area_flag = True - if fnmatch.filter([line], ' edit {}\n'.format(uid)): - uid_flag = True - if fnmatch.filter([line], ' set srcaddr*') and rule_area_flag and uid_flag: - if fnmatch.filter([line], ' set srcaddr "all"\n'): - data[replace_counter] = ' set srcaddr "{}"\n'.format(ip_address) - else: - data[replace_counter] = line.rstrip() + ' "{}"\n'.format(ip_address) - if len(data[replace_counter]) > 95: - data[replace_counter] = ' set srcaddr "{}"\n'.format(ip_address) - delete_unused_network_objects = True - break - if fnmatch.filter([line], ' next\n'.format(uid)): - uid_flag = False - if fnmatch.filter([line], 'end\n'): - rule_area_flag = False - replace_counter = replace_counter + 1 - -# Last step: write everything back to the config file -# If delete_unused_network_objects is set delete all new objects except for the most recent - -with open(config_path + ".tmp", "w") as fout: - if delete_unused_network_objects: - delete_flag = False - object_count = 0 - for line in data: - last_comment_line_flag = False - if line == '# start recognition comment for auto-delete function, ID={}\n'.format(uid): - delete_flag = True - object_count = object_count + 1 - if line == '# end recognition comment for auto-delete function, ID={}\n'.format(uid): - delete_flag = False - last_comment_line_flag = True - if object_count < 2: - fout.write(line) - elif not (delete_flag or last_comment_line_flag): - fout.write(line) - else: - for line in data: - fout.write(line) - -os.rename(config_path + ".tmp", config_path) diff --git a/roles/sample-data/files/config_changes/write_date_to_comment.py b/roles/sample-data/files/config_changes/write_date_to_comment.py deleted file mode 100644 index db9e2087d..000000000 --- a/roles/sample-data/files/config_changes/write_date_to_comment.py +++ /dev/null @@ -1,43 +0,0 @@ -# Changes the comment in rule x to the current date in fortigate.cfg -# x = 52 by default, can be changed in ansible -# Created by alf - -import fnmatch -import datetime -import os -import sys - -# Define global variables that may be passed on the command line and their defaults if not -# example$ python3 write_date_to_comment.py uid "path" - -uid = sys.argv[1] if len(sys.argv) >= 2 else 52 -config_path = sys.argv[2] if len(sys.argv) >= 3 else "/home/fworchsample/sample-configs/fortinet_demo/fortigate.cfg" - -with open(config_path, "r") as fin: - data = fin.readlines() - -rule_area_flag = False -uid_flag = False -current_line = 0 -for line in data: - if fnmatch.filter([line], 'config firewall policy\n'): - rule_area_flag = True - if fnmatch.filter([line], ' edit {}\n'.format(uid)): - uid_flag = True - if fnmatch.filter([line], ' set comments*') and uid_flag and rule_area_flag: - data[current_line] = ' set comments "{}"\n'.format(datetime.datetime.now()) - break - if fnmatch.filter([line], ' next\n') and uid_flag and rule_area_flag: - data.insert(current_line, ' set comments "{}"\n'.format(datetime.datetime.now())) - break - if fnmatch.filter([line], ' next\n'): - uid_flag = False - if fnmatch.filter([line], 'end\n'): - rule_area_flag = False - current_line = current_line + 1 - -with open(config_path + "2.tmp", "w") as fout: - data = "".join(data) - fout.write(data) - -os.rename(config_path + '2.tmp', config_path) diff --git a/roles/sample-data/files/config_changes/changeRule.py b/roles/tests-integration/files/importer/config_changes/changeRule.py similarity index 100% rename from roles/sample-data/files/config_changes/changeRule.py rename to roles/tests-integration/files/importer/config_changes/changeRule.py From 182173c044849a48ef4a61217ff00d108afed9a6 Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Sat, 15 Nov 2025 09:48:18 +0100 Subject: [PATCH 14/16] tests --- .../files/importer/config_changes/changeRule.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/tests-integration/files/importer/config_changes/changeRule.py b/roles/tests-integration/files/importer/config_changes/changeRule.py index 5fe7fc7f4..4f94c0fb5 100644 --- a/roles/tests-integration/files/importer/config_changes/changeRule.py +++ b/roles/tests-integration/files/importer/config_changes/changeRule.py @@ -9,15 +9,15 @@ import logging -def randomOctet(): +def random_octet(): return str(random.randrange(0, 256)) -def randomIp(): - return randomOctet() + '.' + randomOctet() + '.' + randomOctet() + '.' + randomOctet() +def random_ip(): + return random_octet() + '.' + random_octet() + '.' + random_octet() + '.' + random_octet() -def randomUid(): +def random_uid(): s = ''.join(random.choices(string.ascii_lowercase + string.digits, k=32)) return s[:8] + '-' + s[8:12] + '-' + s[12:16] + '-' + s[16:20] + '-' + s[20:] @@ -76,8 +76,8 @@ def randomUid(): if actionChosen == 'changeSrcOrDst': if not deleteElement: - newUid = randomUid() - newIp = randomIp() + newUid = random_uid() + newIp = random_ip() # cannot add to any obj, so delete it first if anyObj in ruleSide: From 4cd1f6dc67e90791d0b8f920a4cd4782e5a073af Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Sun, 16 Nov 2025 20:08:24 +0100 Subject: [PATCH 15/16] download hasura cli via github api and its id --- roles/api/tasks/hasura-install.yml | 244 ++++++++++++++++------------- 1 file changed, 134 insertions(+), 110 deletions(-) diff --git a/roles/api/tasks/hasura-install.yml b/roles/api/tasks/hasura-install.yml index b32a975a6..6fb977df6 100644 --- a/roles/api/tasks/hasura-install.yml +++ b/roles/api/tasks/hasura-install.yml @@ -2,84 +2,111 @@ - name: Install packages for python pip3 n virtualenv package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - python3-pip - - python3-virtualenv - - python3-docker + - python3-pip + - python3-virtualenv + - python3-docker become: true - name: read dbadmin pwd from secrets file slurp: - src: "{{ dbadmin_password_file }}" + src: "{{ dbadmin_password_file }}" register: api_user_password become: true - name: decode dbadmin pwd set_fact: - api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" + api_user_password: "{{ api_user_password['content'] | b64decode | trim }}" - name: read jwt public key from file as JWT secret slurp: - src: "{{ jwt_public_key_file }}" + src: "{{ jwt_public_key_file }}" register: api_hasura_jwt_secret_dict become: true - name: decode key set_fact: - api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" + api_hasura_jwt_secret: "{{ api_hasura_jwt_secret_dict['content'] | b64decode }}" - name: make sure {{ fworch_secrets_dir }} exists file: - path: "{{ fworch_secrets_dir }}" - state: directory - mode: "0750" - owner: "{{ fworch_user }}" - group: "{{ postgres_group }}" + path: "{{ fworch_secrets_dir }}" + state: directory + mode: "0750" + owner: "{{ fworch_user }}" + group: "{{ postgres_group }}" become: true - name: set static hasura admin pwd for test purposes only set_fact: - api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" + api_hasura_admin_secret: "{{ api_hasura_admin_test_password }}" when: testkeys is defined and testkeys|bool - name: set random hasura admin password set_fact: - api_hasura_admin_secret: "{{ randomly_generated_pwd }}" + api_hasura_admin_secret: "{{ randomly_generated_pwd }}" when: testkeys is not defined or not testkeys|bool - name: write hasura admin password to secrets directory copy: - content: "{{ api_hasura_admin_secret }}\n" - dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" - mode: '0600' - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + content: "{{ api_hasura_admin_secret }}\n" + dest: "{{ fworch_secrets_dir }}/hasura_admin_pwd" + mode: "0600" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" become: true - name: check for existing hasura cli file stat: - path: "{{ api_hasura_cli_bin }}" + path: "{{ api_hasura_cli_bin }}" register: api_cli_check # only download new version of api cli, when not restoring from backup: -- name: download {{ api_hasura_version }} hasura cli binary +- name: Get Hasura release info from GitHub (authenticated) + uri: + url: "https://api.github.com/repos/hasura/graphql-engine/releases/tags/{{ api_hasura_version }}" + method: GET + headers: + Accept: "application/vnd.github+json" + return_content: true + register: hasura_release + environment: "{{ proxy_env }}" + when: not api_cli_check.stat.exists + +- name: Extract Hasura CLI asset id for {{ linux_architecture }} + set_fact: + hasura_cli_asset_id: >- + {{ + hasura_release.json.assets + | selectattr('name', 'equalto', 'cli-hasura-linux-' ~ linux_architecture) + | map(attribute='id') + | list + | first + }} + when: not api_cli_check.stat.exists + +- name: download {{ api_hasura_version }} hasura cli binary via authenticated GitHub access get_url: - url: "https://github.com/hasura/graphql-engine/releases/download/{{ api_hasura_version }}/cli-hasura-linux-amd64" - dest: "{{ api_hasura_cli_bin }}" - force: true - mode: "0755" - owner: "{{ fworch_user }}" - group: "{{ fworch_group }}" + url: "https://api.github.com/repos/hasura/graphql-engine/releases/assets/{{ hasura_cli_asset_id }}" + dest: "{{ api_hasura_cli_bin }}" + headers: + Accept: "application/octet-stream" + force: true + mode: "0755" + owner: "{{ fworch_user }}" + group: "{{ fworch_group }}" environment: "{{ proxy_env }}" become: true - when: not api_cli_check.stat.exists + when: + - not api_cli_check.stat.exists + - hasura_cli_asset_id is defined - name: initialize hasura cli directory command: "{{ api_hasura_cli_bin }} init {{ product_name }} --skip-update-check --endpoint http://{{ api_local_listening_ip_address }}:{{ api_port }} --admin-secret {{ api_hasura_admin_secret }}" - args: - chdir: "{{ api_home }}" + args: + chdir: "{{ api_home }}" become: true become_user: "{{ fworch_user }}" environment: "{{ proxy_env }}" @@ -87,58 +114,56 @@ - name: set hasura env variable set_fact: - hasura_env: - HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" - HASURA_GRAPHQL_ENABLE_CONSOLE: "true" - HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" - HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" - HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" - HASURA_GRAPHQL_SERVER_PORT: "8080" - HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" - HASURA_GRAPHQL_ENABLED_LOG_TYPES: '{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}' - HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" - HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" - HASURA_GRAPHQL_CORS_DOMAIN: "*" - HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" - HASURA_GRAPHQL_JWT_SECRET: ' - { - "type": "{{ api_hasura_jwt_alg|quote }}", - "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", - "claims_namespace_path": "$" - } - ' - HTTP_PROXY: "{{ http_proxy }}" - HTTPS_PROXY: "{{ https_proxy }}" - http_proxy: "{{ http_proxy }}" - https_proxy: "{{ https_proxy }}" - no_proxy: "{{ no_proxy }}" - NO_PROXY: "{{ no_proxy }}" + hasura_env: + HASURA_GRAPHQL_DATABASE_URL: "postgres://{{ api_user }}:{{ api_user_password }}@{{ fworch_db_host }}:{{ fworch_db_port }}/{{ fworch_db_name }}" + HASURA_GRAPHQL_ENABLE_CONSOLE: "true" + HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" + HASURA_GRAPHQL_ADMIN_SECRET: "{{ api_hasura_admin_secret }}" + HASURA_GRAPHQL_SERVER_HOST: "127.0.0.1" + HASURA_GRAPHQL_SERVER_PORT: "8080" + HASURA_GRAPHQL_LOG_LEVEL: "{{ api_log_level }}" + HASURA_GRAPHQL_ENABLED_LOG_TYPES: "{{ api_HASURA_GRAPHQL_ENABLED_LOG_TYPES }}" + HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: "/srv/console-assets" + HASURA_GRAPHQL_V1_BOOLEAN_NULL_COLLAPSE: "true" + HASURA_GRAPHQL_CORS_DOMAIN: "*" + HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS: "{{ api_HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS }}" + HASURA_GRAPHQL_JWT_SECRET: ' + { + "type": "{{ api_hasura_jwt_alg|quote }}", + "key": "{{ api_hasura_jwt_secret | regex_replace(''\n'', ''\\n'') }}", + "claims_namespace_path": "$" + } + ' + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + no_proxy: "{{ no_proxy }}" + NO_PROXY: "{{ no_proxy }}" - name: show hasura env for debugging debug: - var: - hasura_env + var: hasura_env when: debug_level > '1' - name: start hasura container docker_container: - name: "{{ api_container_name }}" - image: hasura/graphql-engine:{{ api_hasura_version }} - state: started - network_mode: host - networks_cli_compatible: true - log_driver: syslog - log_options: - syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" - syslog-facility: daemon - tag: "{{ api_container_name }}" - recreate: true - exposed_ports: - - "{{ api_port }}:{{ api_port }}" - env: - "{{ hasura_env }}" - container_default_behavior: no_defaults - user: "1001:1001" # hasura user and group id + name: "{{ api_container_name }}" + image: hasura/graphql-engine:{{ api_hasura_version }} + state: started + network_mode: host + networks_cli_compatible: true + log_driver: syslog + log_options: + syslog-address: "{{ syslog_proto }}://{{ syslog_host }}:{{ syslog_port }}" + syslog-facility: daemon + tag: "{{ api_container_name }}" + recreate: true + exposed_ports: + - "{{ api_port }}:{{ api_port }}" + env: "{{ hasura_env }}" + container_default_behavior: no_defaults + user: "1001:1001" # hasura user and group id register: docker_return become: true become_user: "{{ fworch_user }}" @@ -146,65 +171,64 @@ - name: show docker result debug: - var: - docker_return + var: docker_return when: debug_level > '1' - name: Get info on container docker_container_info: - name: "{{ api_container_name }}" + name: "{{ api_container_name }}" register: result become: true become_user: "{{ fworch_user }}" - name: Print the status of the container in case of problems only - fail: - msg: "The container status is: {{ result }}" + fail: + msg: "The container status is: {{ result }}" when: result.exists and result.container['State']['Status'] == 'exited' - name: copy hasura systemd service script template: - src: "{{ api_service_name }}.service.j2" - dest: "/lib/systemd/system/{{ api_service_name }}.service" - backup: true - mode: "0644" - owner: "root" + src: "{{ api_service_name }}.service.j2" + dest: "/lib/systemd/system/{{ api_service_name }}.service" + backup: true + mode: "0644" + owner: "root" become: true - name: make hasura docker container run at host startup systemd: - name: "{{ api_service_name }}" - daemon_reload: true - enabled: true + name: "{{ api_service_name }}" + daemon_reload: true + enabled: true become: true -- name: wait for hasura port to become available +- name: wait for hasura port to become available wait_for: - port: "{{ api_port }}" - host: "{{ api_local_listening_ip_address }}" - connect_timeout: 1 - delay: 10 - timeout: 25 + port: "{{ api_port }}" + host: "{{ api_local_listening_ip_address }}" + connect_timeout: 1 + delay: 10 + timeout: 25 - name: check for existing api dir from restore stat: - path: "{{ api_home }}/{{ product_name }}" + path: "{{ api_home }}/{{ product_name }}" register: api_metadata_check - name: import API metadata via metadata API directly from local file - uri: - url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" - method: POST - return_content: true - body_format: json - headers: - Content-Type: application/json - x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" - x-hasura-role: "admin" - body: "{{ lookup('file','replace_metadata.json') | from_json }}" + uri: + url: "http://{{ api_local_listening_ip_address }}:{{ api_port }}/v1/metadata" + method: POST + return_content: true + body_format: json + headers: + Content-Type: application/json + x-hasura-admin-secret: "{{ api_hasura_admin_secret }}" + x-hasura-role: "admin" + body: "{{ lookup('file','replace_metadata.json') | from_json }}" when: not api_rollback_is_running | bool # do not install latest metadata in case of rollback environment: - http_proxy: "" - https_proxy: "" - # do not use http proxy for metadata import + http_proxy: "" + https_proxy: "" + # do not use http proxy for metadata import From 89bc85b9121997f3300c5466fd06fe78e52f68dd Mon Sep 17 00:00:00 2001 From: Tim Purschke Date: Sun, 16 Nov 2025 20:20:10 +0100 Subject: [PATCH 16/16] upgrade to hasura 2.48.6 --- inventory/group_vars/apiserver.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/group_vars/apiserver.yml b/inventory/group_vars/apiserver.yml index 06e15f160..afff9277d 100644 --- a/inventory/group_vars/apiserver.yml +++ b/inventory/group_vars/apiserver.yml @@ -8,7 +8,7 @@ api_hasura_admin_test_password: "not4production" api_user_email: "{{ api_user }}@{{ api_network_listening_ip_address }}" api_home: "{{ fworch_home }}/api" api_hasura_cli_bin: "{{ fworch_home }}/api/bin/hasura" -api_hasura_version: "v2.48.5" +api_hasura_version: "v2.48.6" api_project_name: api api_no_metadata: false api_rollback_is_running: false