From 3523b82392e3dcc23fe42d7447907b3b1d635b23 Mon Sep 17 00:00:00 2001 From: Chris Toph Date: Thu, 29 May 2025 15:25:49 -0400 Subject: [PATCH] Configuration Cleanup - Removed inaccurate comments - Refactored browsers to independent nixes - Small code changes for clarity --- home/global/common/browsers/default.nix | 6 --- .../global/common/{browsers => }/chromium.nix | 0 home/global/common/xdg.nix | 2 +- home/global/common/{browsers => }/zen.nix | 0 home/hosts/cloud/default.nix | 21 +-------- home/hosts/gojo/default.nix | 4 +- home/hosts/haze/default.nix | 4 +- home/hosts/komodo/default.nix | 12 ----- home/hosts/lxc/default.nix | 21 +-------- home/hosts/proxy/default.nix | 21 +-------- home/hosts/rune/default.nix | 2 +- home/hosts/vm/config/dconf.nix | 41 ------------------ home/hosts/vm/config/default.nix | 11 ----- home/hosts/vm/config/monitors.xml | 2 - home/hosts/vm/default.nix | 8 +--- home/users/gio/config/theme/default.nix | 2 +- home/users/toph/config/theme/invincible.yaml | 4 +- hosts/global/common/acme/default.nix | 1 - hosts/global/common/adb.nix | 1 + hosts/global/common/audio.nix | 2 +- hosts/global/common/bluetooth.nix | 3 +- hosts/global/common/ddcutil.nix | 1 - hosts/global/common/docker.nix | 2 +- hosts/global/common/gaming.nix | 3 +- hosts/global/common/libvirt.nix | 2 - hosts/global/common/plymouth.nix | 1 + hosts/global/common/system/lxc.nix | 2 +- hosts/global/common/system/pool.nix | 9 ++-- hosts/global/common/vial.nix | 2 +- hosts/global/core/default.nix | 7 +-- hosts/global/core/networking.nix | 1 - hosts/global/core/ssh.nix | 1 - hosts/global/core/user.nix | 2 - hosts/nixos/cloud/config/caddy.nix | 1 + hosts/nixos/cloud/config/nfs.nix | 1 - hosts/nixos/cloud/default.nix | 5 ++- hosts/nixos/cloud/hardware.nix | 2 +- hosts/nixos/gojo/default.nix | 6 +-- hosts/nixos/gojo/hardware.fix | 9 ---- hosts/nixos/haze/default.nix | 6 +-- hosts/nixos/haze/hardware.nix | 6 --- hosts/nixos/komodo/default.nix | 2 + hosts/nixos/lxc/default.nix | 2 +- hosts/nixos/nix/default.nix | 2 + hosts/nixos/proxy/default.nix | 2 + hosts/nixos/rune/default.nix | 4 +- hosts/nixos/rune/hardware.nix | 6 --- hosts/nixos/vm/default.nix | 8 ++-- hosts/readme.md | 7 --- lib/default.nix | 2 +- modules/global/default.nix | 7 +-- modules/home/default.nix | 5 +-- modules/nixos/default.nix | 7 +-- overlays/default.nix | 7 +-- pkgs/fleet/package.nix | 31 ------------- secrets.nix | Bin 20499 -> 20503 bytes shell.nix | 14 +++--- 57 files changed, 70 insertions(+), 273 deletions(-) delete mode 100644 home/global/common/browsers/default.nix rename home/global/common/{browsers => }/chromium.nix (100%) rename home/global/common/{browsers => }/zen.nix (100%) delete mode 100644 home/hosts/vm/config/dconf.nix delete mode 100644 home/hosts/vm/config/default.nix delete mode 100644 home/hosts/vm/config/monitors.xml delete mode 100644 hosts/readme.md delete mode 100644 pkgs/fleet/package.nix diff --git a/home/global/common/browsers/default.nix b/home/global/common/browsers/default.nix deleted file mode 100644 index c4700b1..0000000 --- a/home/global/common/browsers/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - # ./chromium.nix - ./zen.nix - ]; -} diff --git a/home/global/common/browsers/chromium.nix b/home/global/common/chromium.nix similarity index 100% rename from home/global/common/browsers/chromium.nix rename to home/global/common/chromium.nix diff --git a/home/global/common/xdg.nix b/home/global/common/xdg.nix index 81de989..3cb3cd6 100644 --- a/home/global/common/xdg.nix +++ b/home/global/common/xdg.nix @@ -4,7 +4,7 @@ ... }: let - # FIXME(xdg): That should use config options and just reference whatever is configured as the default + # FIXME: Should use config options and just reference whatever is configured as the default files = [ "org.gnome.Nautilus.desktop" ]; browser = [ "zen.desktop" ]; editor = [ "code.desktop" ]; diff --git a/home/global/common/browsers/zen.nix b/home/global/common/zen.nix similarity index 100% rename from home/global/common/browsers/zen.nix rename to home/global/common/zen.nix diff --git a/home/hosts/cloud/default.nix b/home/hosts/cloud/default.nix index ac1a2c0..0225681 100644 --- a/home/hosts/cloud/default.nix +++ b/home/hosts/cloud/default.nix @@ -1,22 +1,3 @@ { - lib, - pkgs, - ... -}: -{ - # imports = lib.flatten [ - # ## Common Imports ## - # (map lib.custom.relativeToRoot [ - # "home/global/common/development" - # ]) - - # ## Cloud Specific ## - # ./config - # ]; - - ## Packages with no needed configs ## - # home.packages = builtins.attrValues { - # inherit (pkgs) - # ; - # }; + # No Special Home } diff --git a/home/hosts/gojo/default.nix b/home/hosts/gojo/default.nix index c4d2a28..fc41cac 100644 --- a/home/hosts/gojo/default.nix +++ b/home/hosts/gojo/default.nix @@ -8,14 +8,14 @@ imports = lib.flatten [ ## Common Imports ## (map lib.custom.relativeToRoot [ - "home/global/common/browsers" "home/global/common/gaming" "home/global/common/gnome" "home/global/common/vscode" "home/global/common/xdg.nix" + "home/global/common/zen.nix" ]) - ## VM Specific ## + ## Gojo Specific ## ./config ]; diff --git a/home/hosts/haze/default.nix b/home/hosts/haze/default.nix index 1e3f278..35c283f 100644 --- a/home/hosts/haze/default.nix +++ b/home/hosts/haze/default.nix @@ -7,14 +7,14 @@ imports = lib.flatten [ ## Common Imports ## (map lib.custom.relativeToRoot [ - "home/global/common/browsers" "home/global/common/gaming" "home/global/common/gnome" "home/global/common/vscode" "home/global/common/xdg.nix" + "home/global/common/zen.nix" ]) - ## VM Specific ## + ## Haze Specific ## ./config ]; diff --git a/home/hosts/komodo/default.nix b/home/hosts/komodo/default.nix index b7351f1..1f96f06 100644 --- a/home/hosts/komodo/default.nix +++ b/home/hosts/komodo/default.nix @@ -1,21 +1,9 @@ { - lib, - pkgs, config, ... }: { - # imports = lib.flatten [ - # ## Common Imports ## - # (map lib.custom.relativeToRoot [ - # "home/global/common/development" - # ]) - - # ## Komodo Specific ## - # ./config - # ]; - home.file = { Pool.source = config.lib.file.mkOutOfStoreSymlink "/pool"; DockerStorage.source = config.lib.file.mkOutOfStoreSymlink "/mnt/DockerStorage"; diff --git a/home/hosts/lxc/default.nix b/home/hosts/lxc/default.nix index f2efa6f..0225681 100644 --- a/home/hosts/lxc/default.nix +++ b/home/hosts/lxc/default.nix @@ -1,22 +1,3 @@ { - lib, - pkgs, - ... -}: -{ - # imports = lib.flatten [ - # ## Common Imports ## - # (map lib.custom.relativeToRoot [ - # "home/global/common/development" - # ]) - - # ## Proxy Specific ## - # ./config - # ]; - - ## Packages with no needed configs ## - # home.packages = builtins.attrValues { - # inherit (pkgs) - # ; - # }; + # No Special Home } diff --git a/home/hosts/proxy/default.nix b/home/hosts/proxy/default.nix index f2efa6f..0225681 100644 --- a/home/hosts/proxy/default.nix +++ b/home/hosts/proxy/default.nix @@ -1,22 +1,3 @@ { - lib, - pkgs, - ... -}: -{ - # imports = lib.flatten [ - # ## Common Imports ## - # (map lib.custom.relativeToRoot [ - # "home/global/common/development" - # ]) - - # ## Proxy Specific ## - # ./config - # ]; - - ## Packages with no needed configs ## - # home.packages = builtins.attrValues { - # inherit (pkgs) - # ; - # }; + # No Special Home } diff --git a/home/hosts/rune/default.nix b/home/hosts/rune/default.nix index 95a51e3..19e0ade 100644 --- a/home/hosts/rune/default.nix +++ b/home/hosts/rune/default.nix @@ -9,11 +9,11 @@ imports = lib.flatten [ ## Common Imports ## (map lib.custom.relativeToRoot [ - "home/global/common/browsers" "home/global/common/gaming" "home/global/common/gnome" "home/global/common/vscode" "home/global/common/xdg.nix" + "home/global/common/zen.nix" ]) ## Rune Specific ## diff --git a/home/hosts/vm/config/dconf.nix b/home/hosts/vm/config/dconf.nix deleted file mode 100644 index ff8e617..0000000 --- a/home/hosts/vm/config/dconf.nix +++ /dev/null @@ -1,41 +0,0 @@ -# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix -{ lib, ... }: - -with lib.hm.gvariant; - -{ - dconf.settings = { - "org/gnome/shell" = { - disable-user-extensions = false; - enabled-extensions = [ - "user-theme@gnome-shell-extensions.gcampax.github.com" - "dash-in-panel@fthx" - "AlphabeticalAppGrid@stuarthayhurst" - "color-picker@tuberry" - "monitor-brightness-volume@ailin.nemui" - "quicksettings-audio-devices-renamer@marcinjahn.com" - "Vitals@CoreCoding.com" - "appindicatorsupport@rgcjonas.gmail.com" - "paperwm@paperwm.github.com" - "just-perfection-desktop@just-perfection" - "pano@elhan.io" - "blur-my-shell@aunetx" - "quicksettings-audio-devices-hider@marcinjahn.com" - "undecorate@sun.wxg@gmail.com" - ]; - favorite-apps = [ - "com.mitchellh.ghostty.desktop" - "org.gnome.Nautilus.desktop" - "win11.desktop" - "zen.desktop" - "code.desktop" - "spotify.desktop" - "discord.desktop" - "org.telegram.desktop.desktop" - "steam.desktop" - "Ryujinx.desktop" - "Marvel Rivals.desktop" - ]; - last-selected-power-profile = "performance"; - }; -} diff --git a/home/hosts/vm/config/default.nix b/home/hosts/vm/config/default.nix deleted file mode 100644 index 31794a9..0000000 --- a/home/hosts/vm/config/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ lib, ... }: -{ - imports = lib.custom.scanPaths ./.; - - # home.file.".config/monitors_source" = { - # source = ./monitors.xml; - # onChange = '' - # cp $HOME/.config/monitors_source $HOME/.config/monitors.xml - # ''; - # }; -} diff --git a/home/hosts/vm/config/monitors.xml b/home/hosts/vm/config/monitors.xml deleted file mode 100644 index fa4090a..0000000 --- a/home/hosts/vm/config/monitors.xml +++ /dev/null @@ -1,2 +0,0 @@ - - diff --git a/home/hosts/vm/default.nix b/home/hosts/vm/default.nix index 4b35fbf..40dca8f 100644 --- a/home/hosts/vm/default.nix +++ b/home/hosts/vm/default.nix @@ -7,22 +7,16 @@ imports = lib.flatten [ ## Common Imports ## (map lib.custom.relativeToRoot [ - "home/global/common/browsers" "home/global/common/gnome" "home/global/common/vscode" "home/global/common/xdg.nix" + "home/global/common/zen.nix" ]) - - ## VM Specific ## - ./config ]; ## Packages with no needed configs ## home.packages = builtins.attrValues { inherit (pkgs) - ## Media ## - cider # Apple Music - ## Tools ## inspector ; diff --git a/home/users/gio/config/theme/default.nix b/home/users/gio/config/theme/default.nix index d7909bb..c918138 100644 --- a/home/users/gio/config/theme/default.nix +++ b/home/users/gio/config/theme/default.nix @@ -81,7 +81,7 @@ in # name = "Qogir"; package = ( pkgs.papirus-icon-theme.override { - color = "violet"; + color = "carmine"; } ); name = "Papirus"; diff --git a/home/users/toph/config/theme/invincible.yaml b/home/users/toph/config/theme/invincible.yaml index dc79375..a5f749f 100644 --- a/home/users/toph/config/theme/invincible.yaml +++ b/home/users/toph/config/theme/invincible.yaml @@ -14,10 +14,10 @@ palette: base07: "FAF7E6" base08: "EE2E00" # Red base09: "F7A94E" # Orange - base0A: "2B57B6" # Yellow + base0A: "FCEEA1" # Yellow base0B: "8DE364" # Green base0C: "59A3C0" # Cyan - base0D: "FCEEA1" # Blue + base0D: "2B57B6" # Blue base0E: "AC92BF" # Purple base0F: "EA5E79" # Magenta diff --git a/hosts/global/common/acme/default.nix b/hosts/global/common/acme/default.nix index 11c5a03..0406d1a 100644 --- a/hosts/global/common/acme/default.nix +++ b/hosts/global/common/acme/default.nix @@ -4,7 +4,6 @@ ... }: let - # Create a VERY simple environment file with absolutely minimal formatting cloudflareEnvFile = pkgs.writeText "cloudflare.env" '' CLOUDFLARE_DNS_API_TOKEN=${config.secretsSpec.api.cloudflare} ''; diff --git a/hosts/global/common/adb.nix b/hosts/global/common/adb.nix index a9b7e21..12dbb7d 100644 --- a/hosts/global/common/adb.nix +++ b/hosts/global/common/adb.nix @@ -1,5 +1,6 @@ { pkgs, config, ... }: { + ## Android Debug Bridge ## programs.adb.enable = true; users.users.${config.hostSpec.username}.extraGroups = [ "adbusers" ]; } diff --git a/hosts/global/common/audio.nix b/hosts/global/common/audio.nix index 14cedd3..3117817 100644 --- a/hosts/global/common/audio.nix +++ b/hosts/global/common/audio.nix @@ -7,11 +7,11 @@ hardware.pulseaudio = { package = pkgs.pulseaudioFull; }; + services.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; - alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; diff --git a/hosts/global/common/bluetooth.nix b/hosts/global/common/bluetooth.nix index abdd1aa..d96006b 100644 --- a/hosts/global/common/bluetooth.nix +++ b/hosts/global/common/bluetooth.nix @@ -11,10 +11,11 @@ ConnectionLatency = 10; ConnectionSupervisionTimeout = 100; }; + Policy = { AutoEnable = "true"; }; - # make Xbox Series X controller work + General = { Enable = "Source,Sink,Media,Socket"; FastConnectable = true; diff --git a/hosts/global/common/ddcutil.nix b/hosts/global/common/ddcutil.nix index 760df8b..785119d 100644 --- a/hosts/global/common/ddcutil.nix +++ b/hosts/global/common/ddcutil.nix @@ -6,7 +6,6 @@ ; }; - # Configurations for ddcutil hardware.i2c.enable = true; services.udev = { enable = true; diff --git a/hosts/global/common/docker.nix b/hosts/global/common/docker.nix index 2a10967..00a33a2 100644 --- a/hosts/global/common/docker.nix +++ b/hosts/global/common/docker.nix @@ -9,6 +9,6 @@ }; environment.systemPackages = with pkgs; [ - lazydocker + lazydocker # Simple TUI ]; } diff --git a/hosts/global/common/gaming.nix b/hosts/global/common/gaming.nix index 7c182fb..83cd278 100644 --- a/hosts/global/common/gaming.nix +++ b/hosts/global/common/gaming.nix @@ -18,6 +18,7 @@ package = pkgs.protontricks; }; + # PKGs needed for gamescope to work within steam package = pkgs.steam.override { extraPkgs = pkgs: @@ -70,5 +71,3 @@ }; }; } - -# gamescope --adaptive-sync --backend sdl --expose-wayland --force-grab-cursor --framerate-limit 120 --immediate-flips --output-height 2160 --output-width 3840 --prefer-output DP-1 --rt -- gamemoderun %command% diff --git a/hosts/global/common/libvirt.nix b/hosts/global/common/libvirt.nix index 80936b5..dc97eff 100644 --- a/hosts/global/common/libvirt.nix +++ b/hosts/global/common/libvirt.nix @@ -19,7 +19,6 @@ in qemu = { package = pkgs.stable.qemu_kvm; runAsRoot = true; - # HW TPM Emulation (need to check what systems I have already have hw TPM that could be used) swtpm.enable = true; ovmf = { enable = true; @@ -80,7 +79,6 @@ in }; }; - # Need to add [File (in the menu bar) -> Add connection] when start for the first time programs.virt-manager.enable = true; environment.systemPackages = with pkgs.stable; [ diff --git a/hosts/global/common/plymouth.nix b/hosts/global/common/plymouth.nix index ec16a8f..6ba8e9f 100644 --- a/hosts/global/common/plymouth.nix +++ b/hosts/global/common/plymouth.nix @@ -9,6 +9,7 @@ enable = true; theme = lib.mkForce "motion"; themePackages = [ + # TODO: Make customizable by user (pkgs.adi1090x-plymouth-themes.override { selected_themes = [ "motion" ]; }) ]; }; diff --git a/hosts/global/common/system/lxc.nix b/hosts/global/common/system/lxc.nix index 7489417..fe4b8d0 100644 --- a/hosts/global/common/system/lxc.nix +++ b/hosts/global/common/system/lxc.nix @@ -42,7 +42,7 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - # Supress systemd units that don't work because of LXC. + # Suppress systemd units that don't work because of LXC. # https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak systemd.suppressedSystemUnits = [ "dev-mqueue.mount" diff --git a/hosts/global/common/system/pool.nix b/hosts/global/common/system/pool.nix index 14ec170..a031f2c 100644 --- a/hosts/global/common/system/pool.nix +++ b/hosts/global/common/system/pool.nix @@ -19,7 +19,11 @@ in requires = [ "pool.mount" ]; wantedBy = [ "multi-user.target" ]; script = '' - ln -sf /pool/git ${homeDir}/git + if [ -e ${homeDir}/git ]; then + echo "Ignoring: ${homeDir}/git already exists" + else + ln -sf /pool/git ${homeDir}/git + fi ''; serviceConfig = { Type = "oneshot"; @@ -28,7 +32,7 @@ in }; }; - # File system configuration + # Mount the NFS share at /pool fileSystems = { "/pool" = { device = "cloud:/"; @@ -49,7 +53,6 @@ in boot.supportedFilesystems = [ "nfs" ]; # services.rpcbind.enable = true; - # Optional: Configure ID mapping if needed services.nfs.idmapd.settings = { General = { Domain = "local"; # Must match on server and client diff --git a/hosts/global/common/vial.nix b/hosts/global/common/vial.nix index 3b45b3b..ea0592d 100644 --- a/hosts/global/common/vial.nix +++ b/hosts/global/common/vial.nix @@ -1,6 +1,6 @@ { pkgs, ... }: { - # allows vial to identify the keyboard + # Allows vial to identify the keyboard services.udev.packages = with pkgs; [ via ]; diff --git a/hosts/global/core/default.nix b/hosts/global/core/default.nix index dfb4087..5dcdfcd 100644 --- a/hosts/global/core/default.nix +++ b/hosts/global/core/default.nix @@ -20,7 +20,7 @@ in ]) ]; - # System-wide packages, in case we log in as root + # System-wide packages, root accessible environment.systemPackages = with pkgs; [ curl git @@ -34,14 +34,12 @@ in yay # my yay teehee ]; - # Enable CUPS to print documents. + # Enable print to PDF. services.printing.enable = true; - # Force home-manager to use global packages home-manager.useGlobalPkgs = true; # If there is a conflict file that is backed up, use this extension home-manager.backupFileExtension = "homeManagerBackupFileExtension"; - # home-manager.useUserPackages = true; ## Overlays ## nixpkgs = { @@ -67,7 +65,6 @@ in }; ## SUDO and Terminal ## - # Database for aiding terminal-based programs environment.enableAllTerminfo = true; hardware.enableAllFirmware = true; diff --git a/hosts/global/core/networking.nix b/hosts/global/core/networking.nix index 7d791f6..f2d0db9 100644 --- a/hosts/global/core/networking.nix +++ b/hosts/global/core/networking.nix @@ -5,7 +5,6 @@ ... }: { - ## NETWORKING ## networking = { dhcpcd.enable = false; hostName = config.hostSpec.hostName; diff --git a/hosts/global/core/ssh.nix b/hosts/global/core/ssh.nix index 59211a6..0232f75 100644 --- a/hosts/global/core/ssh.nix +++ b/hosts/global/core/ssh.nix @@ -7,7 +7,6 @@ settings = { AllowUsers = null; # everyone - # Harden PasswordAuthentication = false; PermitRootLogin = "no"; KbdInteractiveAuthentication = false; diff --git a/hosts/global/core/user.nix b/hosts/global/core/user.nix index 6ca9f30..bd1d9b0 100644 --- a/hosts/global/core/user.nix +++ b/hosts/global/core/user.nix @@ -62,10 +62,8 @@ in } ]; - # No matter what environment we are in we want these tools for root, and the user(s) programs.git.enable = true; - # root's ssh key are mainly used for remote deployment, borg, and some other specific ops users.users.root = { shell = pkgs.bash; hashedPassword = lib.mkForce hostSpec.hashedPassword; diff --git a/hosts/nixos/cloud/config/caddy.nix b/hosts/nixos/cloud/config/caddy.nix index 4f62187..6794020 100644 --- a/hosts/nixos/cloud/config/caddy.nix +++ b/hosts/nixos/cloud/config/caddy.nix @@ -2,6 +2,7 @@ services.caddy = { enable = true; virtualHosts = { + ## Filerun ## "drive.ryot.foo" = { useACMEHost = "ryot.foo"; extraConfig = '' diff --git a/hosts/nixos/cloud/config/nfs.nix b/hosts/nixos/cloud/config/nfs.nix index 2b4bc8c..60fc5ca 100644 --- a/hosts/nixos/cloud/config/nfs.nix +++ b/hosts/nixos/cloud/config/nfs.nix @@ -1,6 +1,5 @@ { config, lib, ... }: { - # Install and configure NFS server services.nfs.server = { enable = true; diff --git a/hosts/nixos/cloud/default.nix b/hosts/nixos/cloud/default.nix index fdbebd2..0b59420 100644 --- a/hosts/nixos/cloud/default.nix +++ b/hosts/nixos/cloud/default.nix @@ -1,7 +1,9 @@ ############################################################### # # Cloud - LXC Container -# NixOS container, Ryzen 5 5600G (4th Cores), 4GB/4GB RAM/SWAP +# NixOS container, Ryzen 5 5600G (4 Cores), 4GB/4GB RAM/SWAP +# +# Storage, NFS, Filerun, and Backups # ############################################################### @@ -18,7 +20,6 @@ let in { imports = lib.flatten [ - ## Cloud Only ## ./config diff --git a/hosts/nixos/cloud/hardware.nix b/hosts/nixos/cloud/hardware.nix index 8df97f2..3febeb8 100644 --- a/hosts/nixos/cloud/hardware.nix +++ b/hosts/nixos/cloud/hardware.nix @@ -16,7 +16,7 @@ in # Less permission issues with pool programs.fuse.userAllowOther = true; - # File system co + # INFO: Cloud is the pool provider fileSystems = { "/pool" = { diff --git a/hosts/nixos/gojo/default.nix b/hosts/nixos/gojo/default.nix index 7443ebd..d989ee3 100644 --- a/hosts/nixos/gojo/default.nix +++ b/hosts/nixos/gojo/default.nix @@ -1,7 +1,7 @@ ############################################################### # -# Rune - Main Desktop -# NixOS running on Ryzen 9 7900X3D , Radeon RX 6950 XT, 32GB RAM +# Gojo - Giovanni's Desktop +# NixOS running on Ryzen ___, Radeon RX 6950 XT, 32GB RAM # ############################################################### @@ -18,7 +18,7 @@ let in { imports = lib.flatten [ - ## Rune Only ## + ## Gojo Only ## inputs.chaotic.nixosModules.default # ./config diff --git a/hosts/nixos/gojo/hardware.fix b/hosts/nixos/gojo/hardware.fix index 8a8f37c..8587456 100644 --- a/hosts/nixos/gojo/hardware.fix +++ b/hosts/nixos/gojo/hardware.fix @@ -1,7 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. - { pkgs, inputs, @@ -14,9 +10,6 @@ { imports = lib.flatten [ (modulesPath + "/installer/scan/not-detected.nix") - (map lib.custom.relativeToRoot [ - "hosts/global/common/system/pool.nix" - ]) ]; ## Boot ## @@ -58,7 +51,6 @@ programs.fuse.userAllowOther = true; # FIXME: Fix on first boot - # File system configurations # fileSystems = { # "/" = { # device = "/dev/disk/by-uuid/d38c182c-6f05-4bf3-8a45-5532c10fd342"; @@ -78,7 +70,6 @@ # FIXME: Fix on first boot # swapDevices = [ { device = "/dev/disk/by-uuid/6586847d-eba9-4317-9077-98ae9b2812c9"; } ]; - # Time and networking configurations time.hardwareClockInLocalTime = true; # Fixes windows dual-boot time issues # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/hosts/nixos/haze/default.nix b/hosts/nixos/haze/default.nix index 67da700..60c5729 100644 --- a/hosts/nixos/haze/default.nix +++ b/hosts/nixos/haze/default.nix @@ -1,7 +1,7 @@ ############################################################### # -# Rune - Main Desktop -# NixOS running on Ryzen 9 7900X3D , Radeon RX 6950 XT, 32GB RAM +# Haze - Cesar's Desktop +# NixOS running on Ryzen 7 ___ , Radeon RX 6950 XT, 32GB RAM # ############################################################### @@ -18,7 +18,7 @@ let in { imports = lib.flatten [ - ## Rune Only ## + ## Haze Only ## inputs.chaotic.nixosModules.default # ./config diff --git a/hosts/nixos/haze/hardware.nix b/hosts/nixos/haze/hardware.nix index 8a8f37c..9ef2cda 100644 --- a/hosts/nixos/haze/hardware.nix +++ b/hosts/nixos/haze/hardware.nix @@ -1,7 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. - { pkgs, inputs, @@ -58,7 +54,6 @@ programs.fuse.userAllowOther = true; # FIXME: Fix on first boot - # File system configurations # fileSystems = { # "/" = { # device = "/dev/disk/by-uuid/d38c182c-6f05-4bf3-8a45-5532c10fd342"; @@ -78,7 +73,6 @@ # FIXME: Fix on first boot # swapDevices = [ { device = "/dev/disk/by-uuid/6586847d-eba9-4317-9077-98ae9b2812c9"; } ]; - # Time and networking configurations time.hardwareClockInLocalTime = true; # Fixes windows dual-boot time issues # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/hosts/nixos/komodo/default.nix b/hosts/nixos/komodo/default.nix index 163ec6e..9a6bfc3 100644 --- a/hosts/nixos/komodo/default.nix +++ b/hosts/nixos/komodo/default.nix @@ -3,6 +3,8 @@ # Komodo - LXC Container # NixOS container, Ryzen 5 5600G (12 Cores), 30GB/2GB RAM/SWAP # +# Docker Environment, Managed by with Komodo +# ############################################################### { diff --git a/hosts/nixos/lxc/default.nix b/hosts/nixos/lxc/default.nix index eb78e10..0fc951c 100644 --- a/hosts/nixos/lxc/default.nix +++ b/hosts/nixos/lxc/default.nix @@ -3,7 +3,7 @@ # Barebones LXC Container for Proxmox # # This is a special host for LXC installations in Proxmox. -# Has the barebones configuration needed to then setup the wanted new host config +# Has the bare-bones configuration needed to then setup the wanted new host config # ############################################################### diff --git a/hosts/nixos/nix/default.nix b/hosts/nixos/nix/default.nix index ec57ebb..5c133d0 100644 --- a/hosts/nixos/nix/default.nix +++ b/hosts/nixos/nix/default.nix @@ -3,6 +3,8 @@ # Nix - LXC Container # NixOS container, Ryzen 5 5600G (10 Cores), 12GB/6GB RAM/SWAP # +# Remote Desktop access, with vscode-server, WIP +# ############################################################### # TODO: x2go server for remote access diff --git a/hosts/nixos/proxy/default.nix b/hosts/nixos/proxy/default.nix index 55ef30f..d0bfc73 100644 --- a/hosts/nixos/proxy/default.nix +++ b/hosts/nixos/proxy/default.nix @@ -3,6 +3,8 @@ # Proxy - LXC Container # NixOS container, Ryzen 5 5600G (3 Cores), 2GB/2GB RAM/SWAP # +# Cloudflare Tunnel Proxy, Zero Trust access +# ############################################################### { diff --git a/hosts/nixos/rune/default.nix b/hosts/nixos/rune/default.nix index fda5b58..1f20055 100644 --- a/hosts/nixos/rune/default.nix +++ b/hosts/nixos/rune/default.nix @@ -1,7 +1,7 @@ ############################################################### # -# Rune - Main Desktop -# NixOS running on Ryzen 9 7900X3D , Radeon RX 6950 XT, 32GB RAM +# Rune - Toph's Desktop +# NixOS running on Ryzen 9 7900X3D , Radeon RX 9070 XT, 32GB RAM # ############################################################### diff --git a/hosts/nixos/rune/hardware.nix b/hosts/nixos/rune/hardware.nix index 98bac08..1d55d0a 100644 --- a/hosts/nixos/rune/hardware.nix +++ b/hosts/nixos/rune/hardware.nix @@ -1,7 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. - { pkgs, inputs, @@ -57,7 +53,6 @@ # For less permission issues with SSHFS programs.fuse.userAllowOther = true; - # File system configurations fileSystems = { "/" = { device = "/dev/disk/by-uuid/d38c182c-6f05-4bf3-8a45-5532c10fd342"; @@ -76,7 +71,6 @@ swapDevices = [ { device = "/dev/disk/by-uuid/6586847d-eba9-4317-9077-98ae9b2812c9"; } ]; - # Time and networking configurations time.hardwareClockInLocalTime = true; # Fixes windows dual-boot time issues # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/hosts/nixos/vm/default.nix b/hosts/nixos/vm/default.nix index d1ab867..9caeeed 100644 --- a/hosts/nixos/vm/default.nix +++ b/hosts/nixos/vm/default.nix @@ -13,12 +13,11 @@ ... }: let - username = "cesar"; + username = "toph"; user = config.secretsSpec.users.${username}; in { imports = lib.flatten [ - ## Hardware ## ./hardware.nix @@ -27,9 +26,8 @@ in "hosts/global/core" ## Optional Configs ## - "hosts/global/common/audio.nix" # pipewire and cli controls "hosts/global/common/gnome.nix" # desktop - # "hosts/global/common/plymouth.nix" # fancy boot screen + "hosts/global/common/plymouth.nix" # fancy boot screen ## Misc Inputs ## ]) @@ -70,5 +68,5 @@ in ]; # https://wiki.nixos.org/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "24.11"; + system.stateVersion = "25.05"; } diff --git a/hosts/readme.md b/hosts/readme.md deleted file mode 100644 index a114f86..0000000 --- a/hosts/readme.md +++ /dev/null @@ -1,7 +0,0 @@ -# TODO: - -- Fix up how DEs are configured, its not modular at all rn, i need to be able to select the DE from hostSpec and it should be able to change config per user -- decouple /pool from places its not needed, or should be optional - - some users should not have access to pool or just cant access it cuz not local -- ssh keys are not setup per user - - should probably fix \ No newline at end of file diff --git a/lib/default.nix b/lib/default.nix index d33c0b0..c69dd40 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,9 +1,9 @@ -# FIXME(lib.custom): Add some stuff from hmajid2301/dotfiles/lib/module/default.nix, as simplifies option declaration { lib, ... }: { # use path relative to the root of the project relativeToRoot = lib.path.append ../.; + # Scans the given directory for NixOS modules and imports them. scanPaths = path: builtins.map (f: (path + "/${f}")) ( diff --git a/modules/global/default.nix b/modules/global/default.nix index 74fb25f..d53171a 100644 --- a/modules/global/default.nix +++ b/modules/global/default.nix @@ -1,9 +1,6 @@ -# Add your reusable NixOS modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). -# These are modules you would share with others, not your personal configurations. - +# Add your reusable NixOS or Home-Manger modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). +# These are modules you would share with others, not your specific configurations. { lib, ... }: { - # Imports all NixOS modules found in the current directory. - # `lib.custom.scanPaths ./.` scans the current directory (./) for NixOS modules and imports them. imports = lib.custom.scanPaths ./.; } diff --git a/modules/home/default.nix b/modules/home/default.nix index f8dbdfb..d9ab8c1 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -1,6 +1,5 @@ -# Add your reusable home-manager modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). -# These are modules you would share with others, not your personal configurations. - +# Add your reusable NixOS modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). +# These are modules you would share with others, not your specific configurations. { lib, ... }: { imports = lib.custom.scanPaths ./.; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 74fb25f..4d12d57 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,9 +1,6 @@ -# Add your reusable NixOS modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). -# These are modules you would share with others, not your personal configurations. - +# Add your reusable Home-Manager modules to this directory, on their own file (https://wiki.nixos.org/wiki/NixOS_modules). +# These are modules you would share with others, not your specific configurations. { lib, ... }: { - # Imports all NixOS modules found in the current directory. - # `lib.custom.scanPaths ./.` scans the current directory (./) for NixOS modules and imports them. imports = lib.custom.scanPaths ./.; } diff --git a/overlays/default.nix b/overlays/default.nix index 5de0728..482e7aa 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,9 +1,6 @@ -# -# This file defines overlays/custom modifications to upstream packages -# +# Defines overlays/custom modifications to upstream packages { inputs, ... }: - let # Adds my custom packages additions = @@ -11,7 +8,7 @@ let let packages = prev.lib.packagesFromDirectoryRecursive { callPackage = prev.lib.callPackageWith final; - directory = ../pkgs; # Changed from ../pkgs/common to ../pkgs + directory = ../pkgs; }; in packages; diff --git a/pkgs/fleet/package.nix b/pkgs/fleet/package.nix deleted file mode 100644 index d388efa..0000000 --- a/pkgs/fleet/package.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, lib, ... }: - -# TODO: not really working, might just remove - -let - pname = "fleet"; - version = "1.46.97"; - - src = pkgs.fetchurl { - url = "https://download-cdn.jetbrains.com/fleet/installers/linux_x64/Fleet-${version}.tar.gz"; - sha256 = "a7b66f9faff74f2b8b0143bc588a990304dd8efd3ea20fd8d2754cb064a993f3"; - }; - - appimageContents = pkgs.appimageTools.extractType2 { inherit pname version src; }; -in -pkgs.appimageTools.wrapType2 rec { - inherit pname version src; - - extraInstallCommands = '' - mv $out/bin/${pname} $out/bin/${pname} - install -m 444 -D ${appimageContents}/lib/${pname}.png $out/share/icons/hicolor/512x512/apps/${pname}.png - ''; - # install -m 444 -D ${appimageContents}/ubports-installer.desktop $out/share/applications/${pname}.desktop - # substituteInPlace $out/share/applications/${pname}.desktop \ - # --replace 'Exec=AppRun --no-sandbox %U' 'Exec=${pname} %U' - - meta = with lib; { - description = "Jetbrains Fleet"; - platforms = [ "x86_64-linux" ]; - }; -} diff --git a/secrets.nix b/secrets.nix index 3c8d14d06fc272ee99f0d75220c4d97c9e34db0f..07519bf8577ff2c055ffab480cc758479994ca48 100644 GIT binary patch literal 20503 zcmV(tKt_aJTb%Hu@=j311R-voL3}2&IUK~Q|+XUy8Mo~P6QDO{`*1s_*g!gdsi+asaJ_CbSWH9ZyCvO zrEhN=5%_Beeu8VZJfXsFI#VjNaBuPsjLLRH|KTv&!FGis{TIzynYp#ur>lEoiUQEa zDBR)~9$%7|olczSgezbewW}7AGO}Ts6bg;93!a((NB~<&zgM;77ctHzC6>;r^aipC za>3Zt3mzk-9*8%jK?kC`OwSm>MZK@KlyU1Yznhg@qa2mloO3fDI^xf*Z%XB7vABt% zh}$fs(`HdwxN)pAhtqxeO$CQ-25)RpIv^T=4nKh(GxFPYO~hEWI#f=@yZ z)zQALdZ%ob`{k|>sM3B;;j4@+8b*>@J8ARsQ4}H=>sCl3f2^Bk%wi}DCY`+NfOb8? z>BE}tHCdn1JIA3QMbSh&H6Z`jU`%g$-5OV4^{t_ET+?!xl;T?l9K(tV{%9&`@2+;< zSRktzJ+%W;1N_78j!P1$-+&!nvt<+6=agpI9kl9rP3q^WfikW4-#KWVmlR#IF=5S` z)PEj6Rs0TD&;K8c>dy;Lx9$XVKx#ZDP zQS}Z_UKg47CxT_EXl)O?8D67qsnp#SHddO-6YlIYpcL3BQu5CX#0N=>0B2q%wC~mi zjjZsBhiS;$0FfL^M>)P(lg;FcYKUVarJr|xk_{ehy*%G8UG0~=sUJb6+|OG%T3L{j z^^SNPdynl^c)&V_#doF`swI^bi&h&MMvkDVT~^Zyh%X7?N;4`g(O;CAPdP%l#0r)wcDFCriP_s*T7h2Dvci%U|xfw2cu`rY_vj{j_B+SgsE|bhpD$X zri}R2Cu&ILLY{ozSveT_jNgdm*UM76;-gc@H4u2fD|liq)obT6?U3u>Bx_7D0JC*J zb}sN9&?Ww|2!vsHm3QFi0(XBn_R94jH(RUVpCGCn| zb^wL-lUo)_tNWQ2`ehH4=3L#h=YN1dq=NoQ;N$9ONSa}3Mbqh}Nu}U|9EtD4!d5KE zt~9LCI;Uk$5KLH3^`G?{Pv3|X>qDta z3Ke-b%hmK0$=6!a9PPU054G37cTadnW}`tyP8xXMBP)$3ImYCnafdjo&YmJ=g$QN; z+Mu=OM7|+tknmcqWHt}Pb}&=efdR_8f_C%_euDW}hu$cV73|94ahz@?kc<#WF< zhqL~;ORaV>Jqb^UsnxbaFC~SA6f}H2nv53|otT=by@Yc>U@+idG#l5j4#{ThW|f^ z&N9Sb+}}vDLBc-4(L{z3+IpeHXE*mjRyOZCK=Rd`E$zN1J@-+Y`#xccj}u>7^(WQs z%NP^e>eogop;79?53fIEpqMsNkPO9~nRhe4+w(T+qi}ehm@`rS`hJX-yF7Wjg1fjo zK%w)0AlA$nF!v&8zUWHu2^YLQ$u7Lf_@VHUl3!+X36*c0?(Dy0KuQQ*2%XL#Tq5HF zdRC|Ighvkz*FI8X9Pbq;9*<`PWTKwg>|lU@&qa!j^#zlgqK0-Zl!ab`It=KYX!L$P z6b$1Ndai&)vmjVDeD6DO>%pr0Up`Psq^)Dcm}2c3b>X235;i7Bv3AFIxs8e<_z?Kn zNhAm>cp3+HpCp3pjYg`MvXK|Ht|06;v9@AqwW9kk>}AW6cXq!Bos83$lr7>GRx%G~ zXQ6i8(J}5q&aXfVK8V~35jKb0!*3SBczaSfSd1Ff?3&l2YUZQeNyMD9h7{YXhe zVTMYvJO95pa6dy4YLdt)_pVjIDUOSD_qS_Y8nBkA8@X})L+Hn9V96_*xvlXU2V5Yn z_;L!J;=*PWgbM4ghj|OR|2k`E&9zW8aHdSTEjsljBIxjn_%I-%cjsC|%ta4?8P^Fa zWsrgOuY^PM%Gadk{YhAclJG6I==5SMMoXBEgnWHZj@-N7`xwdss@;d+{j69g#Pi@p zT};LKOdDP7YY^O%27hse5Pg***a27dplW1|=CLEhnKPUpnJ)+$PZy7>u3a$q3Yv;QVd6FdV zdlNxbI?_qe#fLmc`W!_dn4M=o@$6c;he$qijx@O2^8D&PkX?NcdJxiyGI`QD+L>}e zv1^i+0?S&2!#@`opz`|H67?=bg^RDxb?-rX1(ig1xN_)@5AZPY zhwHvQdYpOcmd4OdK%LM~&uV1HABvd})N_=}#P%Ybi`^(7Je)P+ggEYofM zD#fwD5ADvuDOPa0I`*S=qeXVS*M?s+v!Xu*LA?tmiG?lwXsRz>`GP4^jKY^EKVOeX zDUf!xJ5?`JFLao3*d@@F;ZUa9_;wz$#a*Vz4iegI8ZR&RMHwN~Wl6SmTLvtCMNO{!oTE{HVwaSh7|Gn#~dV>i55Q3&(*oq zFb7|3=ckoWMS}#`;ogM}c9e;#asfVyq9Va#0ELRJ8oHnK%5 z;IO3OkiHvqO;kjnP${--y&21m7Tj)g*Q=4`H5hg zL^K^S3eAn(;wONe`nNf*+q9a}u#xk0D33S9kfoZ>A**-IrX*-3Y^Bmm9RRDBD{$#O z?{f@*HhW}lnXn0g{kql{RQej4fm!S8NjWJ^5XmYB(M7HJLPZT?t8D~|3*ylV?Q7kYFL(NkbGT?i3LS3UZ4)IH~dbL587OC zg04vyln=sD;EFY)&bujw-S_O2=gxje+np-)ce@uDSCF>gBLy#8KxCmphU+w?#-VvC zo8?QdB*_J?ru^b_rFQjH-%@}@wke+(_}YA)(!Zm44F|f9OEusg{Jil z$9s8jzRTzZ{9+Uvm5VsCie>MZ z09d4peS@2#B`BA<9G&|1uY{vHAiTyWe($WSVS21LT>kp!_X;yN?=FlyX~iaT7432q z=?ka#;!;aw!^n+nRI=G6e-UXI=uKbff?z+=TD2my+gy8jrL_UiexAJAnkdU9k>G)A z$&$4&>^>h#m+&sRu3 z4DffSC)NCr_z)1BVTL-mufeyG7Qi=Ma%Oh-_JFvh{52<$63)rO6rTjCqrJ{H5O=hcfzqZZYY}G*ux#&cYr1bk-P8c!7rMVLq3XwYTmd`-dpj z@!+zCq{>d=lDN1h<(NM*XTp8F;<(y&X8>X+Q^xVWDnmwhb&025f#`?HMUf$Cq(YV` z(`lTGE`H9LGVylJ!!*HpF~}d!JDez8a?fH6w|Co)bT|XL5hyg$Q(t2?35-DgQSULL z!?dgWO39{#Z5Kuc6;{yYgmSBMEs_P~SIC+c0x5JM)S=5BtS%3;I*0BKaVPDQ z8m>W^{VI#%T1C?b6VFDP2kQSJ?zK^iEM_BE01WJZ$Yr3$!Bfc2Crr?VvqBlUfkWClwU;iGwm%okSoYuOairg_T(SUPk&r!d9 zYdegW`E#!QH~L@@lf%MMtsHGuy?#&}+4{e8X{6R?2(oWP&6d@7!w-$utL3x0qYaw9 zkV0IaiAWd%K%5YTSSW{B#dy&Z)WC`&aB=8p%}}F6?(H`b;;0cw8b$$L)WbW+^;A0I zCf#CX^;bqu^XgKFr!Qds`@Bd zD506W&%=FAP<0Ve_MFy%G)K+}Wfv1`PDdQ+j^999cZ|L>RNYLOxuBzY{EY)W8L+=8 z9bw60B@Ec1D)xK232E=N)j0NT3MXl*M;)Z;eY3l8U(v&fFFkoy-Fs+#R(xOkZ@|oZ z3rh1)Tk&_8b3{S_%EQb(R%?Yzq9_@Q7x{@Z z-F|~nry1y-qkFlOhZY{0;?(sWUza%y0*V)`4OI{g+PWt2>uVMbH8Ia&y|)Iw9D+P+ zF`uJ$TJ%S~=(vP+s)3vxPk({fk}q%BdYC6$;IM1E9yPA)x|(`~Q#044Lbn5tK+UU+ z;hEr$61aBlx%0^hLF_Lr&||x+BG0OY&k+K9sZc7xlxbQnR(?pduV;7W%&Xx@pqPlU zEZ}G+GJ4GML+qgBF3wt1_Sft3r2|}spOMb1FXjfci z%dOgBqBFs-<(f2r2AA@r+_)(#OLeh4yola3Z?)g2nCk=THaR?J1(N#DMnD#AamQQq)_C%Hv#4mai&AqPSL3wN%wO(=9}&fyTir-X(BxxS4&>ClfT$CFf0VHEnV^j}K)AKFk@ADsxD@ z7S36!_rY3s--9bSXpCum(y(#lLPmL9so`qhKL13U*=zb+Az!|r^Z;Fz4e=Fe)xYnn zQj3nplGkuGOA9H#RR5H$QX565H;OQc22rEA9L>yN^@TO!Rvn?giaubTfl`KSOyM5d zyb&)bo9+Ne3>yWAUJfj%!IdNrM93YaS|%>I(N_>)mP2HZ21}t-*}}!X96*@tNwP=z zb^koz9foE_tML7|AqO>x^r!iGaU+Va?rwVkPcor6AEzETw!BPVTV4(0TfEj9J97+H z+%{m8%3R28Cw4ZvFoGF{tH*i)DM?UYFWxSOfS_eA-6(P_BY_D}@V>_?jm-iy?Jpjj zG)Ja06BcEfCjhkKB^Qxla!=GjIqv%{+Z-I6<|gugE6byk(=PJnL1@0l&mmvT^_rDR zNFym!Y6mw)A+>n56_ohx20{0jJM6vs5iSnD^0AIYmr<+<>+BsDxxQd;aJwLyF~c!tUiuOS5|reYUaTnd7*26my#J31eOwLjhGR9=~Ls22?*zn zy|o3Uoer?%Nxg-RJnwnEQcUZJu-yZZq3OZ9Nn`V7Av^Gecw3#{lUNyg9tXEXmUBe- z1bJlV9RMMrM%Qsq=sss6 zrp!VYQr*o+@{d-+qp7xOa+*6}vi>&FjC4l&DV#dfKDU%2L7dJlUcRTI4gfDIw?hEA zCN}vid6Uf}ib*x^G`P{H0Z*N}Gc@&N2K?jI@Qbw*w-K$t#MGHrfO9j~MiQvH&FD94 zdAk#m^Ta_}N;7?5(vhN~a-ZTAp@eti6kp0V_Q!WxZK)v0=98_Kve{O$2m)QOx2)Dz zicufqW*nb)M7z|BqrT*c#**gYi6vq2%n1&GaEUy+h_ z5#T9s=5mitkrrOhe=jxxD5*72>;=(oEpf;l#2WHm!KLCS{hmIBy5e1ec&7uWQ@gHd zp#K5}`ziq#LPqSPagJ|^rP16`rif{lCAn+hAF=jicbq3NFSmrZ>cr6!^eH#fzgb*^gK5_GD_n|E}*0CWK_ux;~vu%VF*jzH(ayjou|}r^eOzSVsM|F zS^iXZ<#Ib9KCeAk;tcELQeiTr{3PR`FhCLF(k0yyh6$85(Nn2|N_tATswc14F_7-Njj744lyI)nx=R9oQstfIDYIMSAp z#b;_u5Wk~59>XTB(w_$&>pGU($%k- z1}FA5Af2HNq?G(!LaETVEO7#uij$j_8-oMtRBeY>Q-aPcf`o0>9;{e*3$1gilk^__UVY=)dwZXu4R zTws8H!VfrcsxNF+INxM`?1u)CmBWHy&Hoo#bKRBWhXK7r#iq^+6j@HjaVsU-U?5VS zguVY@GkmaPUMnzGBNH?cyn(^Si3F$w&5^Um<)h*nugtBJFEEZEN0Qi&P>sum+WiLvj)E~SwK_h{9@BaT$Ms4tsJ1<+69!2X zirUygPOA2eN9y&p^rv`s|8HIKMqgXxAL z&nJAY+xi2KghY8zt&hF$X`GGGV5~o%RmI2vx+JZ_QuJv#Rm|6|c1&t$(K65^!uFkG zT`)?A_5cKIy^~FH!V%IWHz#+dv+GVg!lesC-;(v5^Sq%%iUtWC04Gc948N5Ji z*)KBRJ7OK`{jhMW9_=Y<8hMovs(ZsRlRXV_BKPA}u&|4{M?_vQy|V|x@-< zgr2~_jqU2OCx6Fj$K>rx5So>8p^~C3jN2q;m-ArsM;j!TMZ#dU7nw>2BPs_Asr_jx zj&BFLvZ#Y=&O;y9OHV?s9e7~*kTAqQZe{XEa%vsPFR8L3cJ7xa#`2c;Q zDrrMaJYA`BNTjh%1ySObz(5;HLPEJR9x3qqKa&NtSdZ{Gct}lR`3w<1j2=W6r3La| zVjMB7W2xC9TXb1*o zP9;3+B6h+DGQAactk>SGiUJLVVbm#&ij~D%L3~FPD^c#nzcraWk?UZ-OJhX;17@6F zcq!sM6mLBn{eZhqogG*kzcL!`*PHbX%Cw6NP4V1&$l>sw2CahTkqg<@{ssn-c_FkW zHAY+6EEC4ACcJ1ayiHTGMZ2omHGbU)*yL@hg$e?g1780LUD)v6*~LykG=|3+ zBya$((K@EcZ6DqEByC1rLlf(9lSl%8XJv~1K7&T!I`QfqNWe|!?(pTLb06X46CBGinLJ{9zJMmq7v((U3ouns>?Hd6J$><&(&(` zfg*J5SiLut)F2x7?1?@+(L)z2 zg%@iyrJhub3?`jPs(|_O>#gQ$QH!K)@Otbh z)u*1uhY>cIsv5`Ui{hy88DS0%kbt)!R-Frh7k#iRI{+56Aq&xA2xVHOXoBdnp8&DP# zC={WVJC$5ZKxX@7!;x)KtMk<$i%9;ab|p(9^;n78zofgR0I^Hu1GrQ!#WKx0r>|xiplQ290#?l zbUl=tqSlVqFKGIfeia8$NMVbpqjYr6Tu{Cm^Ff1?u#}BOXZgGtrq(7qk(qs_U$_{r zREdz+7?I=QDL)+#lz<5I5LWtGZ|nn9;k$SfuE8M64Kz=CbG_2 z7FR+EiTa(E;Az>JuAytnC^|704o%=~6&u0QW?oCu%-@Arml8yDiii;AP>hiGniDi) z_N|QDwH4$BI@$)fc@MS1B;!vWgAEuLk*X?;q**#$_+;R^ zLiL5b0v+8EadvQxsQSMAk!kdm#6(7!3t$oIK0Yt1C36byYMIRbA8Rx8dU%Thyt2f>L>i(&N*DwGuxfINyUzk!%M?Is z^V^8_^e)W!uX8lR!=2oYv3wh>sRhOCjypFKmf!3e0&3UR&eo43b! z;;IwtE#VL@4}eVvP5p>I(im=%(?-z`4)kD?qOhV8Y8o;MhF4J>JOdCTWf55xui`FC z2^Zc*FlYteMpWD0N&XG|2D6oKe3P6VQ5rh-1m%~1i%*HbR$r1u=LW53Zgy<1gZE>b zD9G2!lg`wEFjv7Sf0dMcU76pYlHDz>-2gCJ$;>0(Y~25z8l15R)w_TR8H=ppFEloP zXoFQ~8HomQu*&T-5)vV*^*dRzc`viULy+3e*8UI&;^|taE!2=ccNxy{XL&I4AU5U%-AfupB zi&`sDYux0e*_g7%2V}geRYf+Z;c8y&a9Jb4ZQrf-$YiYUVL@a;GEE;g{4wyNJqg1wx$Xk5Npe|*Ivc?m! zMKiL4%1{GMxbfZ`^U4uQ0KIZ~w;RbFdvsYn32!^(@;M|OFSOI>gd!n>17#Vo1zVsR zkOR}J^68w2^6&>G!r>^0u$eguoeoYC`f3vwoQ4&NPxi}?bH(8_0TRYg#J)fmI`5^T zGdCkA=$@)C6eA7%?r2ojGgfPm;| z*5Hj#gTm3*9x-Rw^7P~b@n&F-BFr;{%cClSQc2d&<+LAWtywIsTCf>ou8cyv#_5MaN?uH5u z=zGIq*pOx2^ccJFUFZoiD1WS&J9H#T+DkoP1Esra4Du>&N%BhmAEMKbIge+*aL6!)a2dAC40w&Pb3*<7=KhraZ2O+rx+$&MLa|LJ6YAid0 z2$j~6dpY=?;CodSRcFI4UE)e@vmH%S9XX{kPSSzvX0E#yC=*O$UsGzmF)6}3)}7bu zyyJPb=!)V~#4xa-0x6y`k_i9Vpn&*Te4uou#efQ=7RxqpOo3_o^SNwJGM){3Jw@TM z``ecO6IJ;hTEua#xi!p8n51KdKgRT&j!pH6WWUeIMzlIrZa7B9J;H3A$<(I+Y0GNn z`bXD3i#VH{=A~Wjjd>fPzzxL$hvxlc|3}y)t;#4(d^fCH@H(iE09=4eB&+Rn%y6>j z!fK=Z#pG;?&!WQSl-d<%jyVEOk?yk8H`N2Sa6wJx_ZOK(zbtom7t$U`nEOXPJ1LUt zl*YUjr$fXxuJ~1wifXad(u6!Nt}e@XhSf@1{1vkHtUg5x*p=n-;9fGfaj&!8Vf?BW z9X@S-fKzwR?kSBe*-6a4 z;s}uEpg{rTc=M0a13;V6xT<{~!pHIywNj+mv2zBAps1#@3D*U3>w*dwg-Q!IW3f~Q zD=Yq}l}iSANV`trgKfORzD=D&zkK>v>3zmCJE`w;%MUx^N~6dzvN1a9Mr$57;SF*6YJDkrpOq7o3Y9N%jR$VvTnlj zrW;nd?H%KzgaB}wX@c^zB=k7ejKC7M;+7WH`Ldw3-%s{bWB|eq(g;6V;+qvLyttMW z<|F!iKKqkz4Cf#fgeC`I##9wJ}Vs$B1NJb?0+{WpljHw z14Xz-ttAKtLuu?5Kgl}_5G{Jaz2MH9a&puRtC^#BP%@6*^o}Z?g`b^&<81jM2P$}r zjYS;#3L(iHF}x=s_`ZbI1``bEK?!JGd+balFysppRQ7waod>ymDc@>DkbeX zML9oWX?nKo0{))@!sJ+*b|&ub(}m*iAUYof!_K?$DGJ?UG5OD4({(#ee|D~j=?tYi zRd+E6Mi|%@L1;aUjZ&h%`2=)*D(z>Y;xbn-_R^x4oSV=yT6gd}MV*V%X(=U&cswr{ zXy8^v*O&e-$GZX|)QGH7BPjiSY{FyDsqXGWqHvru?=NQB%Dc6pbqoHbM(&a?%~uYmDb zlVaw|`zg_UE}*(z3Vj>HK17W!j6p{Wxz&|3GDn zTfEK1!)4&m^9YDN)gS3jS$|M|m`1l!QbSiLBk>LlJ+qWMVI)s7*2WD%=FI53a`qeB zx|JHc`d@80A$chyTo_-)t;c%pk+9M=+%2lP9tBP*cZ%~x@R`aqB<5OjzVUa8ck8Q7 zjX^h3$ppCYGGo<2P#mzuUXcPF7S6JaoY&R`VVq4JZMUGMYxJ!u@tR4V{kqR;%eK#? zw!HD{(VbpKJ=mc)BQ}g(kiwyNyVLk9#{qE06ni<6YT5OuOBBbk8_4nrN?-?vj_=SZ$l9$^zFlt7v9 zaj8`VIl|s$057g`A1xW9TFV|opm3_=Ywn+&k_y+xW$#zgXDe%D((1ZMk~qX;{-C<7 zDJ70-u#v=e+9ALjM&x-ctHov-{(v?55UYVru^wDGI#CSV?E?O*rDHdlF{ptzja+gr zIa1hV{po0wmGIMndeIx*gkied1v8WapHp*%GYk-3zIlLGd>T-*B|nLm;H!Po@wg@- zHz9QQ3QpRPj=84gHzPv3N=(=m()n?w;7Pz4moaGGx)y;+gW6N^?t$r{f17;8z$|#N*w%GH%}}gH|1J!)Jgj?%!_o-Bd(Q3ct9Hd z4w58Y{Hd{37w=oGelD6!PCnRndVSNDK7a+xfoAbhBmwIGDBKFDgQvq_XUF;k43M!F zWFGU%tWYHNCK_%ih?b$(zjtUwpX`>0f>)N#>Hd~i`tK#z;EqHJ%MPHK267}XeU{FgY~A*h3qtf^VP2C@ zvFHrnJX0r`N;zf?uzvD4r;7OxFN8H`a>%V!JWs>|W?=QE+E`@pre}^;)%Sakr0+CV zbdu-M@qpz&7_n5zj+p3g`?;ifZ#8VQdLVFVz_lDFL@N7H;{93EB+1Z2QUC-RMaTn} zH%IEQn-Z*YklTrCFyBzwHbeRe`ciwlE(~UzTb2iLH>V(<*~z~}tf3uRx8sFE>izhF z^w$?JVxsxfj9mym*{^pDTk(;zCc$9FL|K3@G~h({PYhQ-_QgRrd%vAGv>O zYr94NecXhk?#pUu2F`zk7(KE%kdSujnV4d9fyZ`1P1CW_OF0%XMNgL!2qa}xd1(Z22| zOivH>lVs_;y;c^wVJzi|UDQ6%x2)CJ`2Zw3#;KPD$%1y0F41J?w56E^-9x?JXpi}I z2iM^vrX9$0t-3A)jBUO{iL}to>Avu^6X$Goll3jknEnkuDz17mi@G&K&~`<>KEeLE zh#F1Lh@R!d{ID31gB3Q~8>Qc$@DI<!;K4%pW92)SO}kYoW( z-26mk-S=bX^*!5||8Y33Ea$(ejN0faw8N(k8<}0gPVXAu9#6|V;73pUCv1m%^~8In zuVWSA({fB3_id%9aXt`RzQo&zX?28e07JZnrbW;s-A9`lHTzO~UTAroaU`3jrQ%h} ziW|4+&n0$5m{8&3@zn;Sa-lCOgGArW=m~z7ZKaQl>urysDef+M^>=y(`q#$b!S^CDL&BrV<& zVrZm{PrjoNx5(Z`_Lq|v#gsJxzAVi%ggPN^{5z$GqgbKG6>6Gw_N3U41fxw_fC6j8 z{ht2BN29`$>@(^t4$2e=>87_fQ6r@Z%z%%R+gBSTf-fdFF9ek)B8G_aTGPYjcI|zO zCG4pq0tK*W6)Pja#;wSTu{Z}@xMl68+vC#b*v}1g0m<5{+ zeINLe0yHg(OS{!MKC5IV8`1zn-b1HCK}7%H_M#rxs0+VR@Qo^bT&dP8Gr|(dDzBIO zdSd}YG6o|)v@Y|~be|%p1?QkYCreX50O}C7?KL=%RG^%xQNqmx5?p3H(|oLcqgK*F z{)NZ1Qg(2s&@34#;6bSI)I9lX9JrV57Lz-g`L6jYz($S3!fiDpzy?LSqclTye&gJq z1-Hmp!ayp*RK1YxPdM$xzlnD0J0QZVD{!vN8pDQyp?@av(8~Z+XEsAZ>m6_}xi?+0 zKGPODK=g99AQ?QBP33*>Ow`_*SsP)?n738zVWSGefBgm}_)*B-T_^1xORF`wH^~@H zFXUkSWO$@F>arZ{X8Tj|%q_3vTN2gkQ0u;+MZ7ZL1eP3dMTABWz4FvwNL2D4T%YCp z6e_b*tWK-Ok;RP>qW#`TadgFdiM;0na5fMga5^*}WSUkAFL4yIeI^I&C8a|Uigg3@ zV~ZogWK@TY{r*P+-ls~bhTAfv>{SvNW$4GNr0+$gL8xJ=ZzX7II!eBrKRzcz60I@- zE(8?67Ti~l@@4ynz}2S8e<*DL%f%f7-qPC4I36yUwjr`5&M^Ot3(U6~LTaO< z>UW6LVW2uVy4kur)<1U6Sb((TQx5^M^D>wMA!e;QLR?w9AC6N#0ilelzV$GJvWt)S z0h+SSf+9_NP@KV~#@%5zwU9w0jLwTpQ%&7{nKCuD2lUdPWC!wwX=-7H+7aWi49#tb zEGARB^8)B*#e@kQyL;0E*_}AjCo3E_ZBEU`V9mcDRTIH46b;5pY*9kSmV#?x5FO{H zY#W~CK}yCirI?AzFN6ezOce9ot;~>!u01_bRsrwOvLXlORbmlKc2>=es|*z2j0W>J zm0$!2hJA-iWv*`2tBC@P=Cj%?$GS=cqgN4UL^U|i>KOq$KsTW%u>CSo<}VU2i7`1b z0jDG0BU`&kFVelfN>kj%B2vdIp!*pU2N_1C3s$@O z_EAEM8GoA&>7&qwvUTV6@}z=SS#T))mZ7$!aN@MlIyCc}O-F-9E0r~sA~yYh8eb0g zFrS*vo_ENY^tZWPl^4`@B5y=Thg|54V2r{t6P9h^iH(e5_DOvK1}22!7P}bc zS4&UN#BAPmz$ypwZ!wi`)*BWddTwO(r8?v?o}jnuA!Y9ne03Yx@8 zYFBMCMZ=YTbWla+)To{GZte$5WO$z9i`~?&0<`2!1(VC<_>M22Neti)3isDfDiUcR zU*Z8*w|f*OP~(9h9T$6w&oQ<_*q^Tapn+o-WiKigOuWMzM!_)dRy3?k zR-WK%0SL>kAoPlge}*nDnnR{MvCAp|@mG92as;xz-5ogu)B$$oix+(>_9^Ft>Ym!` z3Dw@f?XZONTaU;|g{n0o%IEZ*Lbpj1f7rA70G5;5Q%&s2r;{r~oZCuC9Ptr*un|Q~I{7Cf7R$K`dX*rh7b|{L0vTfM$5&-Ot z5UCj_SeOSB={JD;)pbA7@phMTJ%R!61-2jTa-i{k)uuub)RF@`TU_Sh@N{63BX=b8 z86ACZ@Kzt^tT}d#qVMPcFc_(nDW7E+p6Iutc48A4Y}O$3w#VE03LEelqON(|mT9U% zqWR&Z!mfUs-C04To~J<51EaSE?hd(JPz~3mk9E=j*zHWnVqD#Z6~{$Z!uTv34v9`7 zwR2&>VoAHk0iT4GsdW!@JXfsSt{he9L>k0Qcd{4VoP?ogQA$w|vHzOOtz$>9)yMyF zUzC`!ru`@j%AEhS8o(!Fb@t2GnY8$J?1X?rB`XbH-+R$m`Gu`E@H~_-mxNrCj{Jid zu_NAN%CJj%)3o;-fR!Nz+@It#;}XxIO=NTc+`4_Mfwq^Xi?!KAZi2aL1YGZ~=mO{x ztxXlU5EqQXHAqgP<=a2ZGJ-Z;!$VkNt+tr+&LtMGhi#1Iu7ESxh5FaplYHVa~apNI?$e31OJY8ESW=9{inZ>4CClOPRe?Z;G?$0=ya{*Oljz^ z7UiY7S1xw5O&SVakYNQ)^5UAVS>FWR0@aHAo7D;2BOQ~yW6OXDyPHzxVrcRA(%@AHRCN;UaK12eDpS zIRdF?Z+rp3h*!8d2uT7o$x--hS6@y5=p83a8F+=n4tT|^JjyEHM8)Rq)dL8<;yuN* z!kKoOAh0Cu1ZJn<@)On3TQP`_a1GRc*Qu9U2oU}o__kt5WA4Ck9a^+Su9`(h!PwnG zDVF^K#hunpJ5JY>3pbb@=nVxu=dSn(bx21vV165U#zw}%z)_hQk+wx!enuf^8JPXx z%QY(1P3>U`@}%Tb9nx*vadcZyxOVLi?W?T8&0^(W zbX5yB2zk#}Bac95+I}&RFC1L&GKCX+{Rdr`8JWE3qH1Bfi*Wj$Wx#fM&fzH%JrpWVPzU5?s2$$ETmLg2MD*D-&^cfdi&7gUs*s+nXHFDia9e?Y*$%%K5% zDFkm|Uuw*knmDIDXz=GrN_4?et9}ONG)33{SWzH@1lMfP0ANHS|K2BXvfCyY|G~Ih z*f)9QJpCw)YpWk<+u~2!%g@R!g=?YbtGTnQS_l|Zs+U|{+wB|bI=7bV$*nwV>zTlP z>2Vrdjahr22G5@I0N!cpWMzgca%G;1AilU z-c9tZ(LIl#fXD?N?H^&Sa7_jM+7A`z$XV0F3j6b0q85A58Ijf8`tCT%YO2JL6~|R= zp}e6BA3S)-K)2MB&|c2SQE{{2M@UKqT24?Z^QAQ5$T`&!)s*;@?HnrZY+t+}ZdUfk z8djvlej~S}a_FGoo}*A@>}3>!>YL~+1deKHDTpOq_udxSW2$S~m8P7j=8;-uFp8oGZ;)gV*KhHM1>6>~XPOKbX&SGO#v9Tj={X6FQz*Td zgU}6*5)I>7oTL^=G5ZaOvY~Am;PGwyBZA-a;iccq&a872oLZ{E)!n*1H|JXR67jT9 z!Z_#nVS6tmLy8=Ym)xI1v1?^1=iREt)IN<5Cc@W67xJZr2thT}*PYxPZ!g<{?7R}B zWTyV^w^#iOG@DEnDBQ>e;Q=oQfBZI^_~RhBFGLwDyprXtEBBciK|O!}U+cRa)vJdF z)LbH^iVDC}B<;S#R5p6f0J29H2*Wi#xlW z;x+OkOcv363&M1t*`X1w3rKM8QB4MpeVmZC^P-UW0KrdB*(?GU@!}3e$3$dz`|1o( zl$rA#z04thQ=1wQZ%VP24i14y!jYKOof#o7_Kw@XI{N9ku*-o2TwSBHc&0O?0OmgR z@%}k%D&Y^Ic{Zt2*t_Z0+uQ4jx);dm(~7(mnT`XUz_+7`9#O7z((J+NJ9}hmIa4qH zy`sBqGuO0&wF~%`ZORyN^;~&fbvADaoj+d3KmUX%O7tylYSAfnVw8l-2*A2QDi8Kg%XF0%Hej0u&a6vo1YUF9BDe+ zse)-rL~P}WPv%Gn`ph}yFusy~lD`_CFsW9bPCaikLIZwn`guzM_6kbqBF&c5^z+!+ zY7<~gdVX4pBXM*P!Ar>x|4sFfus}m!!6<~QSi|aXr?!MATh^_Y`iGK4`x$wHL4hDe zE<8^4qXX4Gx!1*M&^Ct^FPdYf-C}xij z&^zt&^%;=`cDj&dvZkwU9(i#ivGme}i4sEIU41k zg{3XfuKhQnOZk~3K(0AO`5NFZDjP+PXPzbbPqOw}I|qY4IDMoj0Rlb@V-)(wko#pL zY%FLWEUSGK`+%G-_zTS{vCPAD#pZOf!*h?ggm_!8=%-7iZ_|-34>yt+OdLfuvYjk? zwnGhSRI8=ZgiGgosi9TI*31O>c+w6icVdrp<>krc3_~ZRwm+^mrAO)tEQh!vY{PY; z)u&|uv2m`#sO4&d1q?X)173K!U!}ZY7gLx;JaKWp`+Q-jeMmz?S5x51EZdBzUJTUr zzf9emsq9|ynU@Wv(Onwj)`!_d&q$;{uB{KnyT}0q5c}_downIdUw>Bc;bWskNqylJ z`IpAk2C->$3>lXeharyZ-V*KG-8(S?dzzGxA6<<#We<3M3#`I|m+EJA@*D{6s>{mO zYTfIR5KV$g(KlF61I)bJHV6MTjv{YoCxWvA@1Tiie@8+NmFa&Ue~Wmq4e={5s!|-B zpmDOC&m=cVuGEMV6%ykSb!?G-4i4uPYy`rkxZ*Er-^oE+yRKwW^Z0c@@6A3~QMSL; zn`i^*`3dh=VM63}DFet2mhF4>RwTbvP3fg?A(#Yc|Ekk&Ql~aaP_OF`( z-MQW;r!sNs_c}{Oyi>@o@4rf76>? zf_PsK57OA2n6&pRPBMDv&T2_jGZCRTlP1y=&MWb@E7B#{cMvqw4UWEJD}+p)8h*io zRr$u$35N(qeDWC)_(u8}D{0vJfc2?u&p{ZAB-nDkB{vP+NEV;^Wk-N4fpBHAe{#|6 zd*9Cnr4N4NKo;lR1`5(QB_~az4pAx#l644d&0mUHr&pT8V=hj1K++m=oR7XO?avWEM>BQps7%un{>m%H0oWS3H5jn2-Y6&cC?8(5 zd7yg*W9D}gVs=4}kP0rP4crIu2G-v@E(jXhrTo?I4KbuX-{f-^q2PhFk0U zZu^`*N}N5tE+v9@AAJJADeu|+&%P%UBhJ;&%XRSo=_di7GAu4r_@ZmxlNX#JVF;scROV~Q z0u9$IS4H!woH>dLW z>a_c6B}8&+$wPAz*B(YZbqKy(u%5we)+7?mY1LDU8Iw(>!SmksEcbFn7Jn3EMA#5i zWXbgUH$+GRmq{J2Z;sF{UG$Bt-z9PBr&6FGfoI$+0Ko<2RP{gzZ2IB)Za5bvdDh>K z0f^*jlcfnaC0Gb}Y?T}d+F(=dt4d?v;zTg7)q>N{c#D~`Y@w(+tnR0-$5ec2zQt@q zkZV0E$#6zFi4QlUPtDghHvS>*+J77#&Sp%rrCG;xU#}R<`a2|9F-U;W@K%*$R%azt zqTT(#4D?c?;Zi*{O(RH0`i2Kr1zC^3{NDdaR1iz`Ihi{|P7wb%og?S%t41O2Di`n6 z>e5RUiiU_$oF`WqjlqY4d|fd#ZtZK9rTkW=nq?d^Dp|wK{5pENC@MTSXVwKeW?(u2`oXw<`*V- zIb*jc7cdvNfnq7xu23qr_{yc}_c{U0JF0?msrr(=??zT0zn&Ji?=bmKj^po2FlkhO>=A1~fj;C+c!v)A}O&PDPLXO$+#na8){t0oVr z1mR&jeLvkH0fOnd7=7xCj8uhSbxFFqlq~OkN{c-Jx>S; z4s7Or&0PGw;oN}Ji@x8>ER+ZvXx2;qoH}WAqX=KaO*%&4945->Uyyw!yYRmmQ21*K zjc8Y(sv8V7Gr`K}%71&*gYXK2eAJP_HRg^)=yCHe0huW9T->^b=t8s}6q~K8YuQoq z%MXBMJqL(MApDqec`M$s_Csq#FjkPq4CP7;X+weSiw+f_O~VJUjL&QRfNP?oMz?%c zj?6s`F{ZJxX5KAf4hWfAId>^M##`oa_rZy_Sfb(p?kcQ5*s1AIg(((4GdCOd)c>X~ zBei=aaId`=vu5ymPzQOQ{pvsAtNn->DdDLl;6ms$z!!kh30R)+Vp3w@~W^fuFS zKS4=iF72*aDwL$^+&D5H*pk? zC(%0i$$(}us|X)bsWoCcIPN*kxo&@f4FD8_fzbok_9!VfTHN0jQ3AC=p0@||(p>F$ zJ-{T16pYS`o$d$)aeXJ5X$W=u#`_+Lu;__~? zGx7zMT1^!f9lmZLioccQ$~@CmGid*fwzmpk$2Q&WVs!C&2Jj&qwKii`Lhpu9qXK*(g|B4ul~7mOAf2YjxMaW@SxR)l?Ec6AFmKV^{<;v9b(?E9_AVrKSiI(r&ku%>zX=oF0R0KgNwJeua>$J~il*;@bw8(=toYud@Y>8W%B zg=_G2R^dlR)cbeG;8ooY)a8D?_**k(l%h&pOs-1@&*9El>5kW+d+ogw5U<8;7?Asj z()+$QuNaP_f!I{8Gj>#^(bePq4Zh)2C_WFqty3N;vHot`fRYu3cS%V(q-lug zP#)0c9qfI!O>)gVAJD_)$T7tp3GRygm$XK@V*?h$w?1aHejcG(XA2^gXndZbjXtvV zgy#JRFqf!@O`f89b8pqi(;5fE)_W+w-`gsTV|a9!@Y@K-qNiSwR-S*-i@OOJpz3`h zp%X48P!xN$N#zE%B>;6Ea5Ow5U)>^Z9c`j{wtAj$6!%+OyAZuw{zkTq;O9US3umqJG>vCu7wwAXhCE7XgG z$duWCJv?M=rBwe{Sxce%#~Xe{ytzCxlvuO$a8Hky3RHD@Ui%E=M*E?h?HgqfJFDG% zBF1W9RomNF!ZehCK5M5qAs$;=V%G^k*Mj1gq1;yE&wD2Quax`faC=Dt`pkZp6zdNA zC_l>($zDGT1C!t&>$yOLd1Eh^t~?ST%Yde(oeZOBN_7alNY<&M80U^(x9q>|s|*27 zR{*Sqm@OXy2wYgRlxZIDp@J>d;i>8ju%hpA5r;@G#|CCSUQ)sIFn8A`mT zhRa$QI0PB<`T@)7|KnCWSAWkZ3kx0ZKP(N5-o1WYLMnkIoG6o1Y;|JM!H&ctbk@@l z(jev4uZ#gA`Hi<)=G<4!7T^y4SCkUyV}?Y7{obOcjkDW|u;4ZNYZSn*)A{&v=XdN# zuj4!Jg2T@=Gc#yo>QXDDB9`1^Y9mTIA-pNQ6; zw3`ckxdY9zWKH^)OOng)w7yi7rc+Z7x043XxV6{Qp*(%+8I*o`A18%u-ds5D`%Ag>L-05V8A3Z1LtQ?;>?vKS4-DcSkdIbWH*Kcc>=3Xi}L!{ziec^9< zVJR*f!d+b(Dm(f3A*BWut>9I_zPE;ox*@f3(}I+Fzx5YQOh$v(sM)ycxAGIQ=I$-3 zuhta&rxlzIcU#>?5;&dqOvR7e)5jgyHRC<_+F9M-GSk2FTZXz4Hl#@62bvWlsp6GC zcFc45uvbPSoF+(y-*IJp$;?P5hNTUBd3#d546Me_*R0_*>KRfbh71>n5{eBH%>%=} zfM@0bI3MT1h~mjEBWusi{o~%n zpr*)XCF34b73gV4m9N8(I|?Z=vF(C&vi%$Y@EI+lb90#3NsU3;#AbxVNvmA_3563- z!I~m1IY@SzGtb>>@y9rhgfd8A)}GA$uuWl-$G_L>4E}qwF3L= zsmrg;ZC2TA0A__SnmQhmuO-RD_T1OG zIUdG`9w&tSII(sI%@+KOLXZeH!?{+&!(zq^VDvwv=LT>shPcT}HpdyQ`m&^V*Oa8} zCO6HDl`*IgLcHU^9NOL*nylc01NbKK9zCa)O|ld#cL692aEWBVRAgNJ+^npK;^FK$ zCaf8B}3pmJ9RBt!P_lj!O5!z3v#U!oL#DsZCf&(dJSYzT{Ub$^u&dVmrk zAjr|bi_l;>2ac%+0ns!$6Hmg+?%MTMOOghdEg@f>^Pr%nGN~W=pDDp>#iEX7o7j#C zr4uIoOXCYpA)s9R>Iv?DmdsGsJ?PCE7faw^WBWpM0e{r0ptvVFD^%w|+miD9geem; zR)8LT_kn(lJb0#r^Syjcc-2F#954w(Y26NqQh4sEKsYEjN0Bj`gxi(Xg*g=!su1xk e)|(3=CUBXbKDdBe$987w56zL_36$Ez#uBx5E$F-e literal 20499 zcmV(jK=!`?M@dveQdv+`08ICMdwXMxg2pXy`4Cv?i<+4E+7FU$CbfiTGTmH^0DZBpA5BatJt{n|UvmfYK0)F*o zR_i6LVCROoJ`Y-Uk&^9bcx;?2F<(swwUo?~RRjZKn!t>n_4#*ixgK|al_(SI+kcvu z-)~Q@$j5K!PDA&eL~YR`kwu8ajF2ket$bqL3Ec^@DUu!`4!=UzEI`}&Sl5YD7}#h- zF(r22Gq=rw>hX2h!hu_|pkZ0ggUP67%u5yVg$y5%K6oBp|vh)Xe4@^4- zN(pd;P>n|Az`=Sz4Q{wMdiCcXm>ojIijEXu3T9&c1JLiN{r}=9_y~LnsY>uC+~rYM zPcPn_zbDB+1zoDF;0qTpCU@4dx3&py@YFLvb(@-pXlV&ExxDT%9YrHlp}>*{@$2dPgh3To+pd(pCv=47jZ8hSq5u{206z^ z4?`u110UwV-r3j>=a)3|v25e4#Q^MqDu%56YVN93AjUV@KpUi#OhZ-Tf_S9BM%d2h zFoe9Wlp8b|jGo5TmYeT?AgEQq76({i^5ho)P}eq3_V3xFKB~=IoS0!4Nl#ADu#nc4E*TiG2eU;*t`H_0Il3!)@c0c?ZW13rr7`-~wmpH-SA~^$|TWIvD-%}iOu1&N+7*ThiW%0ef zjJXp1o}{sWm$GG_%aN1p445u7qh2oUaU^0|@!^3uCH~C)@s_iu-y-4Zw~D4MjtaA$ zYH+#Xflj_@DR|iS(xi7&TP`MeB%#>i^O78AW3sz;Aay)nc|{s;PM`8^ANfN`%17aj z3p}f;By3t{10zY5KbJ(U=SgTtB22U$^Ypez?O=+wz2G8rHa-4T~Ni{`JTr zJwDk+4@-f!!H|G;26K3Bx=*~<%la`;L*fuuo*p&3vWe|947xH z!b)@@ljIWpc;WW27b|G_!_gnp?z}NEH5@s7w#gCCoxv?Cj5#!sVRtfPn@#T$1(OKk zM0OgBD!Xj6yL1vSHwAcPY|jW3Zr zET*8&LB)DGRV{csv)V5V4}T{?V)akqN6Iz9PF8KnU<4(YNVf-?MnQh$rM?9+XgR5b zkHDm9Y|freaIymTLyokCow_pItwiC+LN`X6<`^nESgb5GB5VPD(sudvk{jbNL#_4t z`R>2t6ysN?qD}&PK~h|9%k%0_p|b)CB5P>{`G^esUAzYbP3YwQISgF-0l6RO?1z5s zsE_nyLj&Becu-VzL@W+M-zMb8Hh4zv6Bq78k24LmFURL?i zn@YcBiKH$w2I-_ycsXVapAj-A`bo5ggjY02tB@UoiU%TIB5(xmCFs<$o93Y3IioQg zfD-;4HDHx^V#R_$e6Xx96;suJ5gIT5WYW+HsT}-jFJ}e&^GAGu_Y-gk)&>uK(>Qr@X z*go;>_5X+c19&l)mDq6sQKO<5i6-E^_G>7u%r#AwA$;$Xw~~H@1~5jIlA|_D%k^8F z)wHBXxZ~K#=j&X#&38i8{ox#h zdkv-rbmrX?3298U0d&qgxkQ(HT)1EpZEdKrJHgQVAT`6r#3*6T$UpO@LLdl87o7LE zW0X=MLceZg3kQK|;-dSOTZc&X@H%wI_-0=!;{+MqLWQt&uWKH-ldS$3hfrPjaAz{< zd95;SMLKl#fu9)|yLJ3%ZBx{vVBQYG=(v_{#ObTG$%&oebok>q=&nuxYm zViU>RYhUm$!!7q{v}of7<#T>oDIcNJPenaJ=^!;U2WHDpmN zeC&4UXPt4W$0O)A;FBo5C+T5r3w9^wRR>{4*tmel~?OvZ~{GyUjOQI@(_uqcTyKQlo@xT%q?;GtymIsZ2mggFGq2G*ohY zy!0kKrvrsjvT*i(^$kRFlXaF72yohYx(HG$3@h z0wZcMeD2NvKtKMw=kekj)*2Nw$ossqbPhPG`PIFLsn#BdjOwBvRF+v%HGvM2?4J=Y z@lwpSo>Y?kByiGSKcQN?BVnv$)N=S1LJf0*>fA&O^&%0O2O`^gwP^M)umI@kn2ie+ zN2&;nQsgc;TyMi$nXIeMrVJ&^fDc7k7lr{?B>SRdc*Xp1E7E@p%D~7`{c|i1PIGuV zj}ZSIcxn|fNd$rCtJFg9>LH^m1Ag11!z>w9ofl58k(V-SRsQ=#3md?=P9`P42$!+g z;z$8uCb~ElyQG%Bv7FLKL~`=pb4yd$#>^cf;*oUo$GPGdPpMCxe~g{7PVss4^}^V8 zk?5tDyzV6oQ-Yp>f~lyze5V60T(4$gw%LRnm$qDxx*=sd*sed35u8P51l^n_#nug% z>euxWY)`00Rm|aKuF@}Y5g)7nT4RjQU~Vj$5UGH6MYB3GZ#IMZ1PLbt%>iBwrKpC7Yj*yrw$ZBBChYLRj> zkyaPzP}BRg*!Ale#E7jnwP@MzxHMFX$xIn>q^IsedqvW@!Ix8e&;bA{ZNfyXJOJ)U z*tS#veXNM$E^HTj5R9X$mjB=PjyW3V+JgO zAPL0Y^z$40TlM@uR<-UNJe?t=(Zht`S&WdIq1`5miuixPsi#T5->T^@y2SU1_@Qo~ zCoDGx4S#>BmgLJx6D)8BBA&QLa&U}Z2-v$O@b#{!Z9)RHL?Mj!fYc}nJrd7Mc}hXZ zz5EV<^Au7M3LQwu9u=So4x=8TLYZR$kTrO0nv+bK+qXiJDI;%MsvuADVb!xBE^`^Z z+ALr{NU#xiuyE_scXv>*b;_g}(Ua0Q^v0p|%bgSX$$n{@s0gu%7;9KrC&9S&J~ioY z386}Fbk7^I%Ul#R3o=Qx_xhV{RjXbKnB3y_yMYj8ede#W;b!~&7+1~uI|1a3_=5^p zr>!^H?{My9b@vvfr#g6QZ2ye293pqwtUG4}+(4{|pClzvf!8I0P46myGw$WRlxJ*h zluGEe%qXr&8zx(u4hXy_HS4YrRp&f=|Dwo2HZR;=5D~Mo7a;|_`C@J-K-Tk(Su>u6nXL2uhJg~9YSwaQaar`o7xqJC=&uE?UD%d-B=qJrHBr;n&GE2|fj zlHU#h^Ny&z$)$I^JJjxiA+=}hSBrW8hwm4o7y+%EA&c*Qax@1W?`Yi=?SzLiM?eVp zLU9gW_tzlt4C)A~7}=OQMrzK)DWPEfRSUYDFrMa)G8OZ$5K28{b89J-!L;4d`SfvVbY2vqSGaYge|BUDeES>aqx)?PJL_?*{(ThfgLny+ z->KhdgVnhGGgx%QwA$)2z+aCU1)G+#)#dh51CVf_5Mp8)5NMrK(m1q#$V>i4Q3}hp z(cp8VB(uMVx;n$Rk#-i}e}xV5>yiQ5^Ad}kKKtxc`v;DCjxltrqj+*Ak*dW559jhg zXS45hFHqFv2dr)?{KPQW>0Xh04NQInKKleAsgYw0Kex`|RQ zNa?UA5Kse{=%JKS@|}$X{oV@9x~-U=Y%9WLOf(pCkt84avNOX6U4jUS$V^yx6Yym+ z$*s<{>w9;RW)m|*``0tYM1Bktw11~(Damb%b#%x5mRB55`yoj@>v$L`V885^{ZSpX zG@MHevYD}fRWMQopn*qaeq}#6;t!0rYq`xSOap4bOi9CYr9nCSPk!-SKU-A`@oy9_ zy~%J&CU);ORTl#nn8YF939T8pP0CZhuFjYAhKHqV-i>+(l&DWwM#aU->%BeRU8 zRasWQ>)HuMh#V3!4SWt-W*P@2-*>>WQh<^^Bb^UQ-N2(*rrkcEJo@lA@3Dm94a~838U{Kh>f<*%7$2r*S01PWg2DcG^~M0V&&xn(Y%M zu*bvRw(PW(VOj{IhbQ6?`#d*m5XlpW_YA*WSv>s-E1M8lg4qVwZ~Ii~yCgdd!E%pw zmVUJp)BLN2&DL<$rQnLqEyL}>haVjX6v%GP2vPQNIZ5nCr$m@>>!6 zF1Dzda=NnfnjYEFA4o{~eKid}yN2(YZ)(s64D$w}Y!7~p3;N@S=2zeH>L*n{xQSb${0$E#vO--10?r`Ms>sf|?&x`^4j?h!j4$q;2z zZ)n#`=O+m4mGB^m0_-LpY#i1{uj|I+a(4l|NOo=U$LgI=&iz@e3vU6oq*wpwot}=D z(KBS0Penw_Vo3qI!$7toDyFP|KI0E6-UAYX-umLhC9}@-NfdB~I~;Ld@d;XzkF0I< z&s#?y=$_^eEYu&xwy>A34XqV%^KY z5teCdO|!p5@y-HFHT}bR%-|?yvy;>~S?DU+2N9PHr-oV0dkE;cg#y=A|1F&?e(QTg zA1D-NFghHLn6}5!Zgt>2Z{^IVo=kY0+VM@*?weH&JL@IKsv(oB^Xut+1{HA@U?U0x zh-ZWQn3OJN&1U@unmXWh%?22n!X?;JO=SJPNu-UgLS$kM1GKXF){67-Fx3Zg%lK*B z(>lt4UKtt59KKz&1c-uRO0H!B6k zl$DL`s{)tFR;qwqaCvtE9!Z`B+Mrg#Q=#ds^CdlAw?^A#=$4ejkJg`Kw_14DF_uoY z0As-NKR$Qo94ZeGl}J32AmOG$2Xtr5Me^VH&TgL8W!)=av6ZIn>w{W+iH-gSc!e8L zkg-5fv!=?+8U4675)b{c9*+Jb>H5lVE`dC`um#8f$n*T~pwxNu%R~{vy!_JzNTXMTM%IYSjxUXz{@2_n5suc^ z8|{fC891wgWFZ6Y=H(tdjh#&#kw5<}`drzZ>Z04)LD>G~9xY{kc1$^P2LFtHg$J9E? z4vthHQ|0gs!3#h|gR9KA4E+8L@w$aWA7= z%Y^_>=8}t9F9y_1K3*#3&x>#H19#rlQC^o2Y`7uuHTTnRyaUemEFrxB1&plgF?7Nc z&H=$x?^OZUlwJRaVwtRx_-j@0C8EuLS6r+ zo|D*^FuTY3#R(D=34*-!c!J(6z%9YH+{OUM6sX%9_Z4tG=E+LvsG}q-oCVhY-V$ks zy}rp@2FbQPaP6+x-kucr5k_S*vg?ROE#a~3cgS*>jV1|Z-oh#zemqEirOec6Nitul zet-GqIb@74Rqk4QhO3$@q!Um$8Kzr6pK1AuOp^~Fo7t8u8orJ42s=pH?x)*j93xtz zXhadA?O4Bp-jh1oFo>}_yK7jzl$Kg~LB`@Ba!5e8$ApDf=8AsXsxd-huPukQ5*(|N zw^rKg!nx&1IPF=r(ZCNMk4Oc7f*vNDqPx3Z zSUZZnW0Mc!pQ5#N|1(T@d&-X+8SK{|gEGSEQc@aESt59Wc>Cgz_3q|#tO{Qy+gv#z ziJJ0>t+6b1jijVgvg;B$k)QeTwMnFL`!GELb;6Nx4E+N9B~3zxPRP)W@#{V(JKm4Q ziagAol2%Fz;9F!@VP;o#FLof-@44kDWE8vr|a?^Ed5mt06OsLzj{6qgFF0j zKIwidM+XxY7AJ?@|U5qqgttccBuvh4aL^8e3D3qfGq4)ImJr*iMns`_UCF*QNXgdcsI9}NY=&?cQdKQ{!Hnn z$4V+%*ea3Zpn$$~n@64ZAsEmgPbWY902A?0>=gy1hQ$MvL)V-uf^heB#VCu6)?)=y z*F|ld9K4#KJES91>5~rZ7la#y#E^GLfvrpL*i_y>8PuJWX=9~PY(UEe8&mQK24YT{R^ z6kKu7WEt+V!L?5YlbrasHVRHv|D{BhS$NLebW7ZvYd%qgD|?Xf*`@{@ z#n6D#kbAAtRX9Q>%`0S)?5 zfnkI%b3U;v^Tf1Oip(jtip(4YW{@kXSz-vUW*|N}-^I&&vSe&C)^BRz!i9U;r{chg zoMC2wy=S9m_xxatoVBintIuvbfWPD-DCJO*%WgsD*H0<_TB(V_6*n*O$>KJ8vfCb1 zMetC>M*&I#TDF3F?mN%Magq@>8wE%fe~x1~H1CFlK5}&PWF4Z3;S_P-5NJCGR){q4 zASZ~G4UH-O(#` z&%-H*iI0R!0dSY+YxZ8>r$CmEe8f+CCvYY7JRsqFs0J}X6bJwmqu}kvzMRSK)4B67N0>7fjl%m@R^K|rJqp&GP4V%3XcJ`qjEH5X}EiU7prn@PFK1fqh(0hiT znNZYmNc;DAQu-r}7lVyaKeZ#-F6y|#z|P0^ZwL5&A*PtH?Bo^<`KzC313oT0;p#T zDoZU`8RhtVoT@gAO200mwsS7VFVR?bOfX~{D`CxH1$pRb#`CHb`9Zs#R(QJN-4F9| zkZ2`Z=eZj`zd}xP5=6O{VCQw$*d@ad2~KCWJA{3ZznG%!QUNfB3jA}*1FRXwOWpyO z7LB6yu9joqH{-$7@u3Mn^7m4_{jk-q{~owZEEEOc#zbyc(ZFXWRms_F2VZRSj9OLf zGq^t5)PmT35wE837ZKuI;Nm}`j8v_HI*WAn^ z50HeD4AvZc-dmh*OJLLG;l0|7fG!#ql-IkKrCKwo+XG# zYN|FCXCxigU?wxqZDH ze5aI@Inu-Vf<@S*!21U+N7ViR;J6|rT_ulu*-`PN@ZHuXarG0tT?a~tRau^pPe2xa)~C%lw%UUq+$)BJOW_zzGpp%OOy`7q-k0zpz$o;$(H5u_ zfeUMI#Q(0IiCk>nbe2e50|rQp2h6FKBe1GvoK~8&WX^s7&CtqdXkAeojK`^wO{C0i zOAKZrp`*^yRvJ#neNo;OWe)@=&hop#3n?TRTO^oc%Nasn9g}+uCJJs?S#x28KU%&8 zc%h-5e{IF8U}O8LczS3mqT7({3GBd4ec-}X_mI~%X%CKVuOs6_cY4r z9pU|pA5%scUMYmm2Gh^@67Zl_@P)kcZzA`DZB9~xpaD0=``r{2HyhfLS*vJ0w}wCc ztguQSAc&!?J5!3Nms9K^O{gbyT0u2S8VBBZV~;*ipI1@UwQa(B*lVkCDf*s;${FR0 zcP|VbsiFK7SJo7O(NUfmwRwzL)#@P$=67+Q2bfRKS5gzpZZ?c{S}dx`xST2;ZF95S zNDXH*PBUt7UCgp$G>xH?zyGkWJi5t{#RI+|Whrqkv*5G@!mtx%gzm!b?snHb;>Tgi zH+&Sh{vxr^h)Sd<($vuzBE9BeHPvTKV9z*``O+g`wCr0+^WdG5VxWfgA;9JB80!C**3Dm8QDoDu?0 zAN;D1os-<-BB0uccLHa$9DA)QTm@QbJAWQ%+X4&J-tpPd?^v(w0Qbli3@yro9<#Q~ zyM=5BFd{0#whbtU`8U|r|BQ4yhahgtl^H`&4M20OxP84)&h!5K9sVONX-O$ulv>d- z@Rc?UZRx9CO;M$BgZ|FEG&Nc|C`xpn5owc}MJG4LsL zL2&8g+zz$C*|7};0q!aX``qKxZhWU>QCq;>bDwjEpiaib6PrC$Z2OTf)UGnHtm-xA zh`H=VQMsT?zgCWl4_};cIPS>Z;Y~*JKAX*VcK_7LN=j1#A9fayX8R!w&o-UIuN*~v z@Yzt60hvgt2J!p94x%;W0cXc@P$IXjUt;N3Fk8%duK=hxOx@y4q*~ZT@h%Xzie5CX zbN=UwpQWZv=?JB(WZSJs#mY^!J^(A0PDqb5c-24Gq1CKrNyfQ4M_T)OA!^1$o4_8% z#LU;~hyY+J$HSSoOx-uciv1Dz7oXW;bU{8pAE7bUcSi94#+cbZGF)nJzx_Em=6INh z4omll*WSU8yVLha)V8QO1%gU8Id(ZMpBFMEl{>Zhcq{jKcVd2bZDkKD1D|b=W|0dKJE~EK8evq z6N%WWVz%2zpcYETu={HRgU5Va&2Nrj~`f&Sq5*90pkc^*bP>HRJrL?Cu;^Rji= z7uIPESOvHw8D((2q*$KMA^$i1m+&^aPShjFN2cN_H3z+6`+T5F75uJ83$>bFl1ZlR zD-$GM4V5zC>_mX~S}OPFBC%zl2KU5tlPQB0H~#6ofBPZMR~>*7!Su;%r{=g1r?%S; znO`i$hvWhYK9H3x+thmCe9qAEVRR12gd(2@8b$onbjE(cD$i05XYp91LH5ch7WBxO9UX`84NRPMKF0L8NeFdrbY~45VaPxG zUytL};pFE*^WB0-ON4#=6ci<`h>;v4(J|5y%rg}5Xcm7?uxU%`ko=haB-im``1e;~W#RwEqz@*$Z` zAj+*zg590?Iu?=SWNmY9F=*~l#KN}fpyX5XGP-b;gX8SU?CE_mw)5A zoS~RHc?LEwZI3MxU+tospC+myDRTL^MDrAb=s=|R2XAqTiFrd!j!|Nup2A`H=#`Qf z_9Uzq5snpgwY}7t!*DyLdPF;M>DQ$Y66$@cJ=(0WSH2oEYwWjxhJik?*57h59O}Ot z>0W%e%?mnn8z}c~!=z`82!Y zm(HU%l`)tN7jQ8tF}9OVfgrhbu6n1x#={-5HT|Vs^7Y`PPiiIzWG<-k@i6zq> zBCMt04eVs#c*`pM4xyES;vxiqI0?l>MS^w4(+5mNPIkt=>t`SG?4#jK6i->A2FNII zpMbQLaLZzZD#*X0)K)}xWJKEo+D~|L%cLGX)#k~e_}*Mg1KtCft(@JW?4eHv#X@~o z-${}>ID(j7<$&mLe+hGy#fX{T6F}37C!&BnJGpq!u#ZMk8vU!%#{T2#qn6`W&W~8! zfR}j+0KZ_+j8K|exi=VeC`MaN&2EJb$iU4x`V~}$p+N}h&}s#Y$z>cfk2b~bp_N2L z%ukD4{%b+g*f5*t|2n5>M-C2KrkU?V=d>T1Y&wlFQ@D8w9&?0plW3qsOTQrg#l3}XK_2`X04sXA~P1o8ojAG62 z-OTh}(c4*B&O`R;Ad3??r}dObVjG?<_tvPzNCFQgaB^+J)(LFMJe!mTiB+(har0WB zS#`dUvxa@q_H@}I95*0Qx{}e`lC-=pE!a))TP9^2PfgR@Z?`8a4Yt}%Npq}7dGyWZsR0t4?ZHp6lR8q zul}McrdDW0eN3+tFO90tTeK(wVvRCP)x)6c$5~s@uP$drbduL~J;5}xR?>5;WiB~h zetW}%xq(zA-{Tm&aqN{D`;wQ=@cb0Lq@hr!$EM_$5!+NiZuExuIp&w?pD3&mAbm~u z`XWp;9gZf1DtlhUuso2Yx&3cp!WEwwPrF&TBr3$s{1rTZWWDn>gXA4ixh?7p#@TM# z5O&!m3NI{lY>uHYVV*4-z$fb|Jyxetjd|0o1Il@!QAkVqmxxebI|O;v{;?_(Rk?HJ zvWd>`YZH&+nA@kXqjWSB&|Bp)CCrHda^7wKwDg9LqGTjYIA=%G}_K zUyG(`8e@)lywekApnp^;F^)%+?>qki1LzWp{mOsZ1MKIAB<3IjsHNgF8doRQK8nKi z&<+IR`bbm9m;OB@TlATsRgK4Hor%4+pa~y2EE!9R!Guw!D~Hs0L3G3~V1lENT58Oh zkZjLF4SMo2*hJGU@)#`QE6$ppInJ@DCPinvL2+M_AhVYf7<7p#Z@I-!4PDKmHMY=@ zxY55k!q;&AFiY&3+l|xN&#{s&FVDPmcwr$OEX=RV3dgjhLw@KR16pKe9WC1D{z8$v z%_visQAS>0^sE3&loQDvuU%l&H|`V6A4C^QnlO{6ZJBu`$I=|IVdRQY(-dM2*+>Sz zI!yr!DMvIPjJ*x@>rdK$JSGGp>AP_q=R5}o%rzk3 zG!!qbE5|x=a3%ZPm#&Ik!dY_mjg0P7sRYFvAKm{PCf|cOVd(VU8(UiT?U;zqeH0z% zO($VP4#+Iy5d{7}ch^ma;5%CCBO)X0`6Dl>gs@K|QkOq9x3vG0R*%qaAjY09U||r@ zVU$)(QXRqq|Gl4JL{gR`J>YmH$WWi-52cw^HhDCrq%VdPLjV+Rhxr4h4P~VIl-wfM z{I|<$?xoq`oS=>`PCe_VvY1{n2P-?h3k|Hia_I4G?lSkde3wFkJ+&N-0!V)V5rZ*A zXl8Z%$4cmfJB>~f=#}_YY&g+52e=o<|Hsa{NZizFcz`M8g5RdR3U5{D$sbxc1nlcs z4oKoSLCn)jhK;F7zUpN!Fxx2gtnF250Vz7Y7UG~|izsyfNd)WIZw^iFUr67!+G5T~ zB{`!POQAbz{<}=OUOJf3ctC;rod)<-ut#-*9gL9N^cvOxgS8Z`c7@xlMPNs^@I4wV zqw8Hi=zRxxi$tFS(C@r+Y`%f7|0PIBwB6@cl{(MB6ubXC1`bc{7z-ljKL6J)aq7Li zFNLg$t4OO)yb@IY6}#f=TDa#o!7vn-m6268;y&LkuGZ7gj`T4fL_QvIGaJ#>>-ywo zC*ru0#_Wb{8?nxbXnZyC5+mYzIsZ&x<*`y8C?gLY^Ri18^!h|!FS7H4{`5EOC+1(K z&-uK~iKC~XGIE0yrxK|6%{vbT%G(uN?w$QE=*$Iz6V6P*8A`iK!KHVirA(RGU>xvS zg)(azX=x@(3G7}IUdK8Wv*Mz^x_gaIMt%uC&yAjW6?cwbBbk zo^e9^_0*eOhJZKxILX|8vDnW0{ysmT!NE2=vxG=uKvUn1`ZgaOR1lBm>QR)X1wnWd zsRoQwZTD5(^dNzIfZb;u0Y8Gc_c%=d} z@1c95SE(6)M@BVA>#LOLiANvj{5ZsZzoduy{NQL0QndS?f=*xeajG z-XnB-m|c=4e5V0UP_wVzbTTGwHkIe33_*d#CCo^)lGcL_lbNfFZ|LB?DZtuengzqJ zs(SsOp&ICe9S|4e{s@}&COds|dsYWS-OECLxbmBuXioUq z6wWBx?yb|#J?zhrS3nW4fOIhn$_yEZU6>Sv)WL@?{4XEd2K2l?j+K<2^NQOieEt_8 zskb2ocOaN?kvk@Q@B|50@ z)*Qot4ah5fBBVCMjizoIYv+G{7P}L@W>O}_pRzBOnOxgBQx~sPZlWR26ioTNHGQV)tk5Ut7K%H1|+WCZ`8{tO& z+Uzze{#?3_77k|n;Q?h4%A2y<)$>wRX0BHqm3?HFB`S}y7r$)u{X$~~hw;uZp>>EVvV+>SY?Ti+Wt~JsRN8KS^?Mcj*}b-}&h|Qf#_#{9UILoD4~jL|>Y= zBgQJ}oK-pRjV1Q*dZ9RmJ8sU4%ciH=fpVd5*Q*viw_^&}vix2cfjfx|O5N2W@zJLY5uTaYp^MaNw1q%jpis_3K(#tMDMWQ59K|ux5zsp>0 zF+}`!ZmK7%a6l#}fufOBmlOcA*+K8aNi*nFFq9?8biijxDzLvk7LtnsP`+K9tc5A! zld|&9jd+Kzi3ai%S*EDj)U7@ot`>MbN?VhIh4wTzLFh{Y^VKMma}D6ouEW9L*60J0=WwselUE- zedsf%+)+uZO4nZGRvOm|T&VV+9i>sNG@*;d#<9?P-h$rOjtvcGvZ!|)LoD``*ox+K z#GGP8h}R*G6hxTG)sB`;2JoqQI3(ngTbA*vRX4nx< znu`Mtay$@XG!$5#F%NejT0DCv&0hh{(`18#BjD|+@nguiFZe^US$BR!kfG>B+&c2k zr%u*ZFRk3k15C2LA3B`^RxJvO1o3&ZWETjXy&Alt&i z>?{Kpv9}P@FD+fcGjLwX{vD7(K$4UNxr%3xSPh&vKj=?9-F@xnnAg4%3I`kOUwi2y zD+R`*3{-p?4^UKFk|y(+6g|G0FKM*asNKjnAjA^I8Yo*gPRApqLrW4@QA!}J#k`#G zUfZ&Nd+}AVO^MTOl)0EgcyaFZnSxEICrEqc4>-=1_7@4>Na~d#g zJ#V$6@lKaEiXVSsI99ce+>N3qikH7w2v*m4|K&0aIl^Oi)2V6|#2I-bcsJL{ zBBjk&cV9ybwqIsPjR(Sau&yzYJ5?s~(rJafHl33XZh0!K2eElzKxzvYmx!_4BRw!h z`Z?%{>2My|Ko*qyWtjjDMfU(!OI8p5kd!I(lXw+yV~^KSze68}+TZ8BXeihIyjG?(kD}2Y!GXz~#kt=fIO&B;60*iXf!|b;$w>v0 z^yH{{fNAZRVPGh#>1a;K2d3r05~@{8A8Wci`SV1M?wgORMPnCQv4ZSniuG;-P2sZK zWj34aTw%VR-m#ARy{jieQ`6ZC{^|i&8mBr`riPoormCqj>lBfi?&_dowfr2ulD#IK)O~nhZl;H& zX?PTCL^T=QhAuDuiSA(29!qLz*8LWcJqP|3d;-E8x$qT*;Qfr^kM3#lS}_)2Gdn@G z2ZaPnX2DXYAEbU|Q+BmpR+P{41Y6Z{rSb81d zj)X5%)eA>i6oW~%h`O81t6|1+(hQK6a>wmChA0tG%gbFR>h|jMF~0Nyv5kLGz>x}_i%dP&Iryc08hHx28ybb&Qm9n7O1 zqVY?TOfTMDNj{~8V|^f2Gi#HzI&yK%>f4+y2TERs&0# zL+kf^lk^QX7Hkh8+TTwwOX5hUTPK2^HNbu~)bg|~Qg5)HMZk4>X@~^8siig-Hnmyj z-or{4@z<5v`?2|s=v6viI8SXC()2|EjZ%;^w09G=?^n*#Var^z6W%{)xH_}qMwN97 zZNmnZm=opsn+Oh3A4MHmh4^*=jEQpTfe1JoIe^2oA}SUAbW)_y!q0d-i~D{CyY)&j z$YP+tbR^)PS|w!4%~8e|DfP9rB#1+7mWJRm2(WS2ThDo$`71R#?H{j{Xtj8}1>S>O z_7}8L_ourVLh92yahU&~%T4Dk74WN2zspzR=G2%c&k7TiJX7l z_2@su(b3yA3>Ia=VzH2JQan9#S{09(XU6>=b;Afsmhw2OOebWaX1~SI>)#X!LtrmC zQl>^#D@&AX5P4tH`y*G&==4uT!4pvHKxmF+Z>eGm`qlVz@+g;k7$Ba&aRLcs>1`CaDVhQ$do(wNleX9-oGo z1kz7toGG1giyKy*Xn;;k>vf6&EtiTT{mXAj(;t2+&w_hVhJ%)WToDj$uZ zZZ9<+=qfX`4HabVY%hVKO=5w5l7@o6^lZ$y8nnQRYb(9Gn#dW&(n-m&)#&Dxi1{=; zZ{9L1`{@mycZxy4*>ao_fqT-VCcm^2VYRpXQpgX`q<6(tm;WOul*o$sGE+d4e*_C$ zrPRs~mV1Nh(=)_*miSH@x}^8QU>2?N*@0&M!rtxiVSkn6e8s?{O6I69 z*|fig+57G{s4y{L{kuUnfqB5EFquVu`?rW^&ft@zQ&-?<5wuAcN8Ep!H<{{Ui>g%g zk3!#kqV-Db(i$Zif`c)Zn?iUp|FqBq^yYNHHmv!ty@!^cTmozo$pmcU&-rXeD*pEKn!@p$ z^kV8#n?H`xGAe0OaH-75;8Nk?0SXZH?@_gD|?If7Y$_UR~?mHFJvT!%7H3WZX^WQtb)0CsiPF$>s~HuEGi z`6EiX@4y`?7a!@z=VhObzCu)r+;Bqq$ad{ma z^V2M=>I{R)en9PAgGl2+uPIY8JUw*`jT%UFNuLCcRv4#|?FH7WwKwXY!R z?U8FDT9M)RSE?gDAw-K6L_0MzP~xE6i69~O7(f9#!@(eQOGVK$?h=|BdbGMn2XbZb zu3(Q=ykx)9K3m~x%%DP!gU;e-@zTy2V0jWI8#`OHklum2hq|k%!je(uMlb_pfb#&e zE4zA=QIzH!z{k#^q1+)_E3A+_sygo15Ett7c9pI`ExLubY3Th9l1cx-t(}vX77&GNwqirgA)S%=U(pQB}OcW3WXF9 z%s!dogOi-o_Cf6!r*>vq{4ZoXUqSSbu*BV>8*25>U+{vuIhYpX%$ zAu->k@!w@yyZ)#t%Z%Xb3k7KM%Iyw%I-~x|Lb@&%si}{cQQiJ{qk-gVsi!MUa5$tk z6gvUFRu&R(mgLOfDqUuu&{3Z;FK>*1YFH?H{lU3$n0hA(twtjF32Orr)#ym;{}Gm z7fD?_PLjnkoapTw`;C&=Wn4(~&Yz2{Q-(}xDShcSL*H7Y`ake`37+Ea!+A;0};z#9&^FE2HN)J8NT0!8rZXB4LxvVj=C&VL_=BA=MFr- zuqElPrBLVcTZMm+o?pNA^AB%<2klT=Zo~U8qctG+xHBt@^o340 z$peyuNd8+WiS4mV8ea{Ddpc@$aa3Fspx*L2e3zuNQtd?P5U~z8Xb2trXzKor&1kTt z1dqbuaX@PKkX$1uIzrL5){i~6$2L*D0i*zbGwWesldZ|DxuO1 z%i(~@+oj_G3GPu73;ZJCR15^TLBfG1(8=zIDkUTi zE>+~5Fl@=NpVQ_j@+~d1ZUo%O-`wKw%S%SLh6=!q124Ci*p-zm=u$Ta;n0tCnH*gD z&pw%;q(4oJ4pi79cm+;RhyR%h8>%AGNCaDzo1)vh)C7J89k`qJ^+Qpu>4Xln$}k6^ zo(S2jHJCB@&mV>yG~~0K)FS_Y%!9aUGDpak2%Q!{Nd=Ivs4a;;?%VJF!4pS(t!cx! z-}(|SSgdG&&1EPwch8}klmg*BvLWdV5HRIsMd^1u8wK^dMpIXEmaj&jvbKv3Q?8RA zgZXJ3v&d{5usn0a-p!6Ymi=xYn_8pI+VaL}BTcVgS5^A+yN$STp$mJaAXL6xpsd&q zb0KkMZ?t4QZo24A++fG)oM9Lr{igX~9IR=3jMw!kYY=A4$$tH!w#OM4q9@2DRI=$e z3OnP^tQI=R;u|#VMExldXF5H(xZ#L`y<05fkEIu5QnsobQE1$nPQ^jf=QL_ra;{%P zSzw%Zg~}0xC5Zg2hHk-tX)l#bb3cWx84L}_6g=~!Xgw$%y^DK&=`sH}&`IsIc!ar| z<^aJRIw6>ty&Da=VdEcQ;5=%3=9=?hf0kkx+v>evj%F5v2w-{vebvD;hA7Bu`jbEN z!dwAQn{X9$YXcdC+K*rXeRNCn#8qEy(kaGIQxILi?|wUC&OwGLvKVa%;7e?lf$JjB zk*{z$-ie6LTOz4Zt0;m@`^jw9vD5Q%yIDzaq-n{_y;2e-f^Z7&Pdgd*>#dLizo^IA(ZOW>=q?9YfeZGEOPS225XSP9IKIPm)>n zO3L==onim?sTg5Evv0iJ%TtkLRPj+8_{#!mz=J{E3qj@URq{`!auf()qTy=*Z@8dT z(kzuc8vdn^+X=;chI`+tHV(NX^lgmBASuroU5>`=n_F?o(YYi`ep{LC#=uzl`F|+E z=8KLzu5YtDGYe_NM5pDBvAgG*$iRf2$db+HgG{08~>9n0u-B1uh#t8m%&fp>UMwx87R)+X6k;9;%Q zQ*n5SJ2fJnwRZArPWKecvXZE$jpw@7pHNr&cVZ_FQ}DPYXad`KKnX(pa`%7zK1vikLBCDqj9#X9Gv^mb}F-dY?K}Wgd3{I z#*uleJx$YWW0IG@D&h`z+sfa}g>;XYJy>s$VrK%UGZIGXYasgWM~ppNdEW|7gUJh8*lHt&T;svDcS4rv#>sba?5j}Auj#1uu}#?EiN#RQpL1f6T4?YNr9y75MC%>pfOvcnlkBVf(!L`xHcIJk;8pz z^YNfHEEH$Ik-OvXCXdLLQcWiqOQuXakh1aCI}py0;3?gvfi;1lPQF`PVxIkxRMtw`0IMsaVm8BY%zq1dJ39{)H=6F z+Rdy+U=BsIs-zrbn27S_fS;m%vRtgG(lP=>u^Cn`-QCE9^L2Up(m2~awnTPnP>v+N88yYwDnepAx_An7CBRz` zYuu1dBt?as)6~xjll~UPL?8ZdigtchF;gADPF;f|pw`KKitvfnB$gwFi~WO6!yVez z=SLi<(Zgn4Z3O`qIM}5Fc^F$zX2OMWvO;AqnCwufQI`*F&4)I$&#IBt=EgJ z5pwMlMGJgDK>tGsjUnlK`|nfs=0hwqP8zuuP5DBbu;}lfjX52CR;0kQ#Fk630wm~x zw!$khoMb#=db0%j_V$W#>Ae>?Io7xhVOc9Yxz`+|z|2?f`Gv{~&i%N!g(%w5-@aR& z5^wEP$%L)f6ZlLMcM&CYFjSq$+?_!LnSU%jgOzJLG`dKrhiWFFb(ZjM`RllP5d3?R z42}u5q{QosU2O3eFq@AHzbfffk=K}^&0flK)lKUVM{aJ@xk&%3i)#Vt=nK)6m-CW2 zz?S3S3b!k_m;MFs`pTjfVuLs?Y^#moH7O;tU@M!@WX91);?L?@%D8bU*N*;2)-mT zo7FzGJEaQnA_ulH;S3`n<}7o~ount$EF5LhzI%PS)y*y|l*uBUI2M3-dHZ}G&$_u% zh@*W_G6}@Z1n5*EDO?QwWHF9^EapND_>JeOGAtWwM0Beb%v;>Z9<8vf2d|US^BS46 azm{zDgi`(1_LMtr_y2{93*$V4j!vnh$neSl diff --git a/shell.nix b/shell.nix index 5b8b236..c164aca 100644 --- a/shell.nix +++ b/shell.nix @@ -14,11 +14,12 @@ ]; in import nixpkgs { inherit overlays; }, + inputs ? null, ... }: let - # Explicitly add the yay package to the shell in case overlay fucks up - yay = import ./pkgs/yay/package.nix { inherit pkgs lib; }; + # Import yay directly from its flake, incase overlay or config flake fucks up + yay = builtins.getFlake "git+https://git.ryot.foo/toph/yay.nix.git"; inherit (pkgs) lib; in { @@ -32,7 +33,7 @@ in home-manager nh - # Git for repo management + # Git and git-crypt git git-crypt gnupg @@ -45,7 +46,7 @@ in # Config tools dconf2nix - # Network tools (for recovery scenarios) + # Network tools curl wget @@ -55,7 +56,7 @@ in gzip zstd - # Text editors for emergency config edits + # Text editors micro nano @@ -67,9 +68,10 @@ in ; } ++ [ - yay + yay.packages.${pkgs.system}.default ]; + # Overwrite FLAKE to current path, for yay and nh FLAKE = toString ./.; shellHook = ''