From 69590f4bb4f15e954e8b2774a7321dcd4a763133 Mon Sep 17 00:00:00 2001 From: Chris Toph Date: Fri, 13 Jun 2025 00:48:37 -0400 Subject: [PATCH] Removed dnsmasq from proxy in favor of AdguardHome --- .vscode/settings.json | 1191 ++++++++++++++-------------- hosts/x86/proxy/config/adguard.nix | 72 ++ hosts/x86/proxy/config/caddy.nix | 7 + hosts/x86/proxy/config/dnsmasq.nix | 72 -- secrets.nix | Bin 22591 -> 22620 bytes 5 files changed, 675 insertions(+), 667 deletions(-) create mode 100644 hosts/x86/proxy/config/adguard.nix delete mode 100644 hosts/x86/proxy/config/dnsmasq.nix diff --git a/.vscode/settings.json b/.vscode/settings.json index 3c5a082..6203e16 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,596 +1,597 @@ { - "editor.formatOnSave": true, - "editor.formatOnSaveMode": "file", - "explorer.fileNesting.patterns": { - ".gitignore": ".gitattributes, .envrc, readme", - "flake.nix": "flake.lock, shell.nix, secrets.nix" - }, - "files.exclude": { - ".git-crypt": true - }, - "terminal.integrated.defaultProfile.linux": "fish-fhs", - "terminal.integrated.profiles.linux": { - "fish-fhs": { - "args": [ - "--user", - "--pty", - "--quiet", - "--same-dir", - "--service-type=exec", - "fish" - ], - "path": "systemd-run" - } - } , "highlight.regex.regexes": [ - { - "languageIds": [ - "css", - "fish", - "go", - "java", - "javascript", - "jsonc", - "nix", - "postcss", - "rust", - "shellscript", - "svelte", - "typescript", - "yuck" - ], - "regexes": [ - { - "decorations": [ - { - "backgroundColor": "#4ebbff99", - "isWholeLine": true, - "overviewRulerColor": "#4ebbff" - } - ], - "regex": "(<|]" - }, - { - "decorations": [ - { - "color": "#ffa07a" - } - ], - "regex": "script" - } - ], - "regexFlag": "gm" - }, - { - "decorations": [ - { - "backgroundColor": "#ffa07a99", - "isWholeLine": true, - "overviewRulerColor": "#ffa07a" - } - ], - "regex": "(<|]" - }, - { - "decorations": [ - { - "color": "#7ad9ff" - } - ], - "regex": "style" - } - ], - "regexFlag": "gm" - }, - { - "regex": "(/\\*|<\\!--)(.|[\r\n])*?((\\*/|-->)|-->)", - "regexes": [ - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\B:D" - }, - { - "decorations": [ - { - "color": "#f00", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\!\\!\\!" - }, - { - "decorations": [ - { - "color": "#D8A657", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\^\\^" - }, - { - "decorations": [ - { - "color": "#E78A4E", - "fontWeight": "bold", - "index": 1 - }, - { - "color": "#D3869B", - "fontWeight": "bold", - "index": 2 - } - ], - "regex": "(<)(>)" - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#804600", - "color": "#d4be98", - "index": 1, - "overviewRulerColor": "#804600" - } - ], - "regex": "(.*TODO:)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#80460099", - "color": "#d4be98", - "index": 2, - "overviewRulerColor": "#80460099" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#fffacd", - "color": "#282828", - "index": 1, - "overviewRulerColor": "#fffacd" - } - ], - "regex": "(.*NOTE:)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#fffacd99", - "color": "#282828", - "index": 2, - "overviewRulerColor": "#fffacd99" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#6495ed", - "color": "#282828", - "index": 1, - "overviewRulerColor": "#6495ed" - } - ], - "regex": "(.*IDEA:)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#6495ed99", - "color": "#282828", - "index": 2, - "overviewRulerColor": "#6495ed99" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#66cc99", - "color": "#282828", - "index": 1, - "overviewRulerColor": "#66cc99" - } - ], - "regex": "(.*INFO:)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#66cc9999", - "color": "#282828", - "index": 2, - "overviewRulerColor": "#66cc9999" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#591d77", - "color": "#d4be98", - "index": 1, - "overviewRulerColor": "#591d77" - } - ], - "regex": "(.*(?:ABOUT|EXP|\\?+):)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#591d7799", - "color": "#d4be98", - "index": 2, - "overviewRulerColor": "#591d7799" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#a74165", - "color": "#d4be98", - "index": 1, - "overviewRulerColor": "#a74165" - } - ], - "regex": "(.*(?:FIXME|FIX|BUG|DEBUG|HACK|REMOVE):)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#a7416599", - "color": "#d4be98", - "index": 2, - "overviewRulerColor": "#a7416599" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#c36c5c", - "color": "#d4be98", - "index": 1, - "overviewRulerColor": "#c36c5c" - } - ], - "regex": "(.*(?:SKELETON|COMPONENT):)((.|\\r|\\n)*?(\\*/|-->)$)", - "regexes": [ - { - "decorations": [ - { - "index": 0 - }, - { - "backgroundColor": "#c36c5c99", - "color": "#d4be98", - "index": 2, - "overviewRulerColor": "#c36c5c99" - } - ], - "index": 2, - "regex": "([\\s]+)?( .*)" - } - ] - } - ], - "regexFlag": "gm", - "regexLimit": 25000 - }, - { - "regex": "(?<=\\s*)(//|#|;)(.|\r\n)*?$", - "regexes": [ - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\B:D" - }, - { - "decorations": [ - { - "fontWeight": "bold", - "index": 0 - }, - { - "color": "#D8A657", - "index": 1 - }, - { - "color": "#d4be98", - "index": 2 - }, - { - "color": "#d4be98", - "index": 4 - }, - { - "color": "#D8A657", - "index": 5 - } - ], - "regex": "(^/|#|;)(/|#|;)(.*)(/|#|;)(/|#|;$)" - }, - { - "decorations": [ - { - "color": "#f00", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\!\\!\\!" - }, - { - "decorations": [ - { - "color": "#D8A657", - "fontWeight": "bold", - "index": 0 - } - ], - "regex": "\\^\\^" - }, - { - "decorations": [ - { - "color": "#E78A4E", - "fontWeight": "bold", - "index": 1 - }, - { - "color": "#D3869B", - "fontWeight": "bold", - "index": 2 - } - ], - "regex": "(<)(>)" - }, - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#804600", - "index": 1, - "overviewRulerColor": "#804600" - }, - { - "backgroundColor": "#80460099", - "index": 2, - "overviewRulerColor": "#80460099" - } - ], - "regex": "(.*TODO:)(.*)" - }, - { - "decorations": [ - { - "color": "#282828", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#fffacd", - "index": 1, - "overviewRulerColor": "#fffacd" - }, - { - "backgroundColor": "#fffacd99", - "index": 2, - "overviewRulerColor": "#fffacd99" - } - ], - "regex": "(.*NOTE:)(.*)" - }, - { - "decorations": [ - { - "color": "#282828", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#6495ed", - "index": 1, - "overviewRulerColor": "#6495ed" - }, - { - "backgroundColor": "#6495ed99", - "index": 2, - "overviewRulerColor": "#6495ed99" - } - ], - "regex": "(.*IDEA:)(.*)" - }, - { - "decorations": [ - { - "color": "#282828", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#66cc99", - "index": 1, - "overviewRulerColor": "#66cc99" - }, - { - "backgroundColor": "#66cc9999", - "index": 2, - "overviewRulerColor": "#66cc9999" - } - ], - "regex": "(.*INFO:)(.*)" - }, - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#591d77", - "index": 1, - "overviewRulerColor": "#591d77" - }, - { - "backgroundColor": "#591d7799", - "index": 2, - "overviewRulerColor": "#591d7799" - } - ], - "regex": "(.*(?:ABOUT|EXP|\\?+):)(.*)" - }, - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#a74165", - "index": 1, - "overviewRulerColor": "#a74165" - }, - { - "backgroundColor": "#a7416599", - "index": 2, - "overviewRulerColor": "#a7416599" - } - ], - "regex": "(.*(?:FIXME|FIX|BUG|DEBUG|HACK|REMOVE):)(.*)" - }, - { - "decorations": [ - { - "color": "#d4be98", - "fontWeight": "bold", - "index": 0 - }, - { - "backgroundColor": "#c36c5c", - "index": 1, - "overviewRulerColor": "#c36c5c" - }, - { - "backgroundColor": "#c36c5c99", - "index": 2, - "overviewRulerColor": "#c36c5c99" - } - ], - "regex": "(.*(?:SKELETON|COMPONENT):)(.*)" - } - ], - "regexFlag": "gm", - "regexLimit": 25000 - } - ] - } - ], -} \ No newline at end of file + "editor.formatOnSave": true, + "editor.formatOnSaveMode": "file", + "explorer.fileNesting.patterns": { + ".gitignore": ".gitattributes, .envrc, readme", + "flake.nix": "flake.lock, shell.nix, secrets.nix" + }, + "files.exclude": { + ".git-crypt": true + }, + "terminal.integrated.defaultProfile.linux": "fish-fhs", + "terminal.integrated.profiles.linux": { + "fish-fhs": { + "args": [ + "--user", + "--pty", + "--quiet", + "--same-dir", + "--service-type=exec", + "fish" + ], + "path": "systemd-run" + } + }, + "highlight.regex.regexes": [ + { + "languageIds": [ + "css", + "fish", + "go", + "java", + "javascript", + "jsonc", + "nix", + "postcss", + "rust", + "shellscript", + "svelte", + "typescript", + "yuck" + ], + "regexes": [ + { + "decorations": [ + { + "backgroundColor": "#4ebbff99", + "isWholeLine": true, + "overviewRulerColor": "#4ebbff" + } + ], + "regex": "(<|]" + }, + { + "decorations": [ + { + "color": "#ffa07a" + } + ], + "regex": "script" + } + ], + "regexFlag": "gm" + }, + { + "decorations": [ + { + "backgroundColor": "#ffa07a99", + "isWholeLine": true, + "overviewRulerColor": "#ffa07a" + } + ], + "regex": "(<|]" + }, + { + "decorations": [ + { + "color": "#7ad9ff" + } + ], + "regex": "style" + } + ], + "regexFlag": "gm" + }, + { + "regex": "(/\\*|<\\!--)(.|[\r\n])*?((\\*/|-->)|-->)", + "regexes": [ + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\B:D" + }, + { + "decorations": [ + { + "color": "#f00", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\!\\!\\!" + }, + { + "decorations": [ + { + "color": "#D8A657", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\^\\^" + }, + { + "decorations": [ + { + "color": "#E78A4E", + "fontWeight": "bold", + "index": 1 + }, + { + "color": "#D3869B", + "fontWeight": "bold", + "index": 2 + } + ], + "regex": "(<)(>)" + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#804600", + "color": "#d4be98", + "index": 1, + "overviewRulerColor": "#804600" + } + ], + "regex": "(.*TODO:)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#80460099", + "color": "#d4be98", + "index": 2, + "overviewRulerColor": "#80460099" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#fffacd", + "color": "#282828", + "index": 1, + "overviewRulerColor": "#fffacd" + } + ], + "regex": "(.*NOTE:)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#fffacd99", + "color": "#282828", + "index": 2, + "overviewRulerColor": "#fffacd99" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#6495ed", + "color": "#282828", + "index": 1, + "overviewRulerColor": "#6495ed" + } + ], + "regex": "(.*IDEA:)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#6495ed99", + "color": "#282828", + "index": 2, + "overviewRulerColor": "#6495ed99" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#66cc99", + "color": "#282828", + "index": 1, + "overviewRulerColor": "#66cc99" + } + ], + "regex": "(.*INFO:)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#66cc9999", + "color": "#282828", + "index": 2, + "overviewRulerColor": "#66cc9999" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#591d77", + "color": "#d4be98", + "index": 1, + "overviewRulerColor": "#591d77" + } + ], + "regex": "(.*(?:ABOUT|EXP|\\?+):)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#591d7799", + "color": "#d4be98", + "index": 2, + "overviewRulerColor": "#591d7799" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#a74165", + "color": "#d4be98", + "index": 1, + "overviewRulerColor": "#a74165" + } + ], + "regex": "(.*(?:FIXME|FIX|BUG|DEBUG|HACK|REMOVE):)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#a7416599", + "color": "#d4be98", + "index": 2, + "overviewRulerColor": "#a7416599" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#c36c5c", + "color": "#d4be98", + "index": 1, + "overviewRulerColor": "#c36c5c" + } + ], + "regex": "(.*(?:SKELETON|COMPONENT):)((.|\\r|\\n)*?(\\*/|-->)$)", + "regexes": [ + { + "decorations": [ + { + "index": 0 + }, + { + "backgroundColor": "#c36c5c99", + "color": "#d4be98", + "index": 2, + "overviewRulerColor": "#c36c5c99" + } + ], + "index": 2, + "regex": "([\\s]+)?( .*)" + } + ] + } + ], + "regexFlag": "gm", + "regexLimit": 25000 + }, + { + "regex": "(?<=\\s*)(//|#|;)(.|\r\n)*?$", + "regexes": [ + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\B:D" + }, + { + "decorations": [ + { + "fontWeight": "bold", + "index": 0 + }, + { + "color": "#D8A657", + "index": 1 + }, + { + "color": "#d4be98", + "index": 2 + }, + { + "color": "#d4be98", + "index": 4 + }, + { + "color": "#D8A657", + "index": 5 + } + ], + "regex": "(^/|#|;)(/|#|;)(.*)(/|#|;)(/|#|;$)" + }, + { + "decorations": [ + { + "color": "#f00", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\!\\!\\!" + }, + { + "decorations": [ + { + "color": "#D8A657", + "fontWeight": "bold", + "index": 0 + } + ], + "regex": "\\^\\^" + }, + { + "decorations": [ + { + "color": "#E78A4E", + "fontWeight": "bold", + "index": 1 + }, + { + "color": "#D3869B", + "fontWeight": "bold", + "index": 2 + } + ], + "regex": "(<)(>)" + }, + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#804600", + "index": 1, + "overviewRulerColor": "#804600" + }, + { + "backgroundColor": "#80460099", + "index": 2, + "overviewRulerColor": "#80460099" + } + ], + "regex": "(.*TODO:)(.*)" + }, + { + "decorations": [ + { + "color": "#282828", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#fffacd", + "index": 1, + "overviewRulerColor": "#fffacd" + }, + { + "backgroundColor": "#fffacd99", + "index": 2, + "overviewRulerColor": "#fffacd99" + } + ], + "regex": "(.*NOTE:)(.*)" + }, + { + "decorations": [ + { + "color": "#282828", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#6495ed", + "index": 1, + "overviewRulerColor": "#6495ed" + }, + { + "backgroundColor": "#6495ed99", + "index": 2, + "overviewRulerColor": "#6495ed99" + } + ], + "regex": "(.*IDEA:)(.*)" + }, + { + "decorations": [ + { + "color": "#282828", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#66cc99", + "index": 1, + "overviewRulerColor": "#66cc99" + }, + { + "backgroundColor": "#66cc9999", + "index": 2, + "overviewRulerColor": "#66cc9999" + } + ], + "regex": "(.*INFO:)(.*)" + }, + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#591d77", + "index": 1, + "overviewRulerColor": "#591d77" + }, + { + "backgroundColor": "#591d7799", + "index": 2, + "overviewRulerColor": "#591d7799" + } + ], + "regex": "(.*(?:ABOUT|EXP|\\?+):)(.*)" + }, + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#a74165", + "index": 1, + "overviewRulerColor": "#a74165" + }, + { + "backgroundColor": "#a7416599", + "index": 2, + "overviewRulerColor": "#a7416599" + } + ], + "regex": "(.*(?:FIXME|FIX|BUG|DEBUG|HACK|REMOVE):)(.*)" + }, + { + "decorations": [ + { + "color": "#d4be98", + "fontWeight": "bold", + "index": 0 + }, + { + "backgroundColor": "#c36c5c", + "index": 1, + "overviewRulerColor": "#c36c5c" + }, + { + "backgroundColor": "#c36c5c99", + "index": 2, + "overviewRulerColor": "#c36c5c99" + } + ], + "regex": "(.*(?:SKELETON|COMPONENT):)(.*)" + } + ], + "regexFlag": "gm", + "regexLimit": 25000 + } + ] + } + ] +} diff --git a/hosts/x86/proxy/config/adguard.nix b/hosts/x86/proxy/config/adguard.nix new file mode 100644 index 0000000..6a67d17 --- /dev/null +++ b/hosts/x86/proxy/config/adguard.nix @@ -0,0 +1,72 @@ +{ pkgs, lib, ... }: +/* + TODO: Eventually, when my proxy/DNS/VPN mess is working like I want. + This should be switched to service.adguard not a container +*/ +{ + # Containers + virtualisation.oci-containers.containers."adguard-adguard" = { + image = "adguard/adguardhome:latest"; + volumes = [ + "/etc/adguard/confdir:/opt/adguardhome/conf:rw" + "/etc/adguard/workdir:/opt/adguardhome/work:rw" + "/var/lib/acme:/opt/adguardhome/work/acme:ro" + ]; + ports = [ + "53:53/tcp" + "53:53/udp" + "853:853/tcp" + "3000:3000/tcp" + ]; + log-driver = "journald"; + extraOptions = [ + "--network-alias=adguard" + "--network=adguard_default" + ]; + }; + systemd.services."docker-adguard-adguard" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; + }; + after = [ + "docker-network-adguard_default.service" + ]; + requires = [ + "docker-network-adguard_default.service" + ]; + partOf = [ + "docker-compose-adguard-root.target" + ]; + wantedBy = [ + "docker-compose-adguard-root.target" + ]; + }; + + # Networks + systemd.services."docker-network-adguard_default" = { + path = [ pkgs.docker ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStop = "docker network rm -f adguard_default"; + }; + script = '' + docker network inspect adguard_default || docker network create adguard_default + ''; + partOf = [ "docker-compose-adguard-root.target" ]; + wantedBy = [ "docker-compose-adguard-root.target" ]; + }; + + # Root service + # When started, this will automatically create all resources and start + # the containers. When stopped, this will teardown all resources. + systemd.targets."docker-compose-adguard-root" = { + unitConfig = { + Description = "Root target generated by compose2nix."; + }; + wantedBy = [ "multi-user.target" ]; + }; +} diff --git a/hosts/x86/proxy/config/caddy.nix b/hosts/x86/proxy/config/caddy.nix index 95ef0fe..87d47ea 100644 --- a/hosts/x86/proxy/config/caddy.nix +++ b/hosts/x86/proxy/config/caddy.nix @@ -2,6 +2,13 @@ services.caddy = { enable = true; virtualHosts = { + "adguard.ryot.foo" = { + useACMEHost = "ryot.foo"; + extraConfig = '' + reverse_proxy localhost:3000 + ''; + }; + "cloudflared.ryot.foo" = { useACMEHost = "ryot.foo"; extraConfig = '' diff --git a/hosts/x86/proxy/config/dnsmasq.nix b/hosts/x86/proxy/config/dnsmasq.nix deleted file mode 100644 index 3e98a8e..0000000 --- a/hosts/x86/proxy/config/dnsmasq.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - services.dnsmasq = { - enable = true; - settings = { - # Listen on eth0 for external clients and lo for local host - interface = [ - "eth0" - "lo" - ]; - - no-hosts = true; - no-resolv = true; - - server = [ - "104.40.3.1" # Query openWRT first - "1.1.1.1" # Redundancy - "1.0.0.1" - "8.8.8.8" - ]; - - # INFO: Why this setup for services? - # - OpenWRT forwards every *ryot.foo and *toph.cc query to this DNS server - # - dnsmasq hands out fixed IPs for those subdomains. - # - Each target host runs Caddy to serve its site. - # No Docker labels, no discovery magic—just reliable routing clearly documented with Nix. - # Its not automated but this is a homelab... ill survive - - address = [ - ## CLOUD ## - "/drive.ryot.foo/104.40.3.24" - - ## PROXY ## - "/cloudflared.ryot.foo/104.40.3.34" - "/ochre.ryot.foo/104.40.3.34" - "/pve.ryot.foo/104.40.3.34" - "/wrt.ryot.foo/104.40.3.34" - - ## KOMO ## - "/auth.ryot.foo/104.40.3.44" - "/frp.ryot.foo/104.40.3.44" - "/git.ryot.foo/104.40.3.44" - "/grafana.ryot.foo/104.40.3.44" - "/home.ryot.foo/104.40.3.44" - "/influx.ryot.foo/104.40.3.44" - "/komodo.ryot.foo/104.40.3.44" - "/mail.ryot.foo/104.40.3.44" - "/map.ryot.foo/104.40.3.44" - "/outline.ryot.foo/104.40.3.44" - "/plane.ryot.foo/104.40.3.44" - - "/blog.toph.cc/104.40.3.44" - - ## SOCK ## - "/upsnap.ryot.foo/104.40.3.54" - "/sock.ryot.foo/104.40.3.54" - ]; - - cache-size = 1000; - - # Log queries for debugging (optional)' - # log-queries = true; - }; - }; - - networking = { - # Open DNS port in firewall - firewall = { - allowedTCPPorts = [ 53 ]; - allowedUDPPorts = [ 53 ]; - }; - }; -} diff --git a/secrets.nix b/secrets.nix index 97e0f842638583d6bbda97ba17d3249b83013653..5ff1f9c6058c130572e37eb2a7bf2dcfebb73fbc 100644 GIT binary patch literal 22620 zcmV(jK=!`?M@dveQdv+`0K(Rkr1}&Tce5RlK=Ti%ACrYA{qzNdl043>Wds&#VccwV zlvRBROB$-s%rp-F5PZTh4~90~g{&g@?pP&v7_W4%};@Nad83c3pR+{{Ty0Yj89|!{u8dj)A+cwg# zmzB&ZU}DLBmCDC}g5}lhQsX&RjBIAo4;nuaE zHX_KvIPk&OQ=O6i;ToJQDOe{O4cUk6CxlAMxS&5Q5{8`-Ja&3F@1C*){10l|Pr-~|mJaGD0vB$wQHJlRkmk0IFaL~-!aNH|#>9UJi_y2Zq=g4j z*__LQ>R08+6^>$%TkS9k|CY`)sa#s7r!WW7`a_O6IUN|hzT@ep^2Vc9bmS5Hz15)2 zhegJPqQ2UPvpKiUoPzsuT#+#Lr1j~}^$n)gOeLI2`JBbb2a<{&ZZFLbGT?>4b85pn zdu*si->Q5Sygv(m-TRFaAg(b-DD9QlMn@hgG7MvWep9FVxKCKTffRb=nF^U!<+swO zQeb`^fr+j=`RF+vNw61-LkEADs`N*BMW{1`rtFwE#%Y(UcOu*qS_{Z!jfM-t@h;Ka zmbI2jsn&EiB{SZ{hE@*7p`+JrTg$=X3^zs^0ASchRgcCHN%loc?YMl<)BLO&aiImh z9%TE?h>2-i61M=cUM<;O;FqCr>d4^CJkxEN2Mn#1}?1wLonB;8uWPwS{D(zX^ zZ?6Shw4KV^9|`lw@!}e+Pw?AAY3?c6E}rT5LyGKZ$ktU~2%xG6xg6AW`rpP8%iMv| z`{1Z8E}0ri$rCFtoNA>^vGCy;wtMLHjotY)7+Q20VX%$sWzh!kMzAWN+a8e}WUH{V z{3!W~q_SWM=ngI91PeRV8&pGp!f4P!mNv%nzY0(XjP(OMzvXEyvSMJc4#n97q zhZd7po0LtbT`^>R2PgIOXe|MCp-i0dGL|fX)(#=Km+)s1)|W4hd*^Ct_o>nwv>T}< zd9>xApSh|A@WCn5EVur+xT1IALYm}%+B{fvI2NzlwMA+*mFnH+!kQKkSZ;ND7uKag zFNo*cu$~6r0^Q<3;zeQxg0IVj$(5gXQWkRT@&}sl=8E{WaKQM!4JU}3X(bwBF38}c zQLG|6iO%Y9^-(j{-Ti_g>+W3v=a~IA>-ll*wIgp1^**Xb3pgDikXm3G<7h8)33wj>;UHsLSpjf$8Dw2g2~jJYYZT?$ z6%b;5jAmB5HsB^>Z=kntJqAh_YG42q*c&_ar#ATBb%ZM_b=;R)-%mwp;)vrMK1d={ z5f>JLCmRlsx*o8Gtim`i z)$`p!j1m817}#*pZBWoX@Uiy$LFq6SyFB!{*`$zkf|>C_oYh2LxUyPV-N!_~b0?Nk~W+x>w04nt$ueRoL4a_``v$hBng=2Iw7=Bhd zv|mJ8W9rZ?W|bIr_}PRS(`K~3m#bb8?t}S2MesLV>g$ki{wz&?HH~!Do^9LcAh+EA z%6&@Q=QXty5AUG~CREI~al6u$1}yFgcz5uV0a{QyLpSmKKSbr|;t4_oRTx_-xo1lu zIy6ULN=T8S2sNCg<7oIory7xN7_TlPUiP~N{f0r5Edk`qI;{lqaa}x=Cw6geez76( zQXI@@B@%G2@|I2f2Vx2NcGAzx;i5l~!4mY6az7@6Qaw_4m`9p6@hJ`u{=r{QtCqwa&bMT`u@; zd_`JVKN}cppENBKmSSpne`fgCIA`$;bBx;}ADBIZxqnPpTx#>$#!Vt#{+Eg~wbU-Y zDFQB1#a`Ww#@sGo4|BYMwu z{X6)AN!2u{mgwA40QlYoWrl%0op9ud&f1rV@32!5plP%-eTnta#Z~(H##Nw9l#;W; zQqjPJi>a7;o_6J;U1Amp@9r!cX-CF0L@RM>L5lKgne_6`O@2Z2nXHPsmqOo0e%d>f z_FW##gJF=0bmVQ@A!zK7gX$3X==em1`<-i>6dvsV{dd=>wLF7p5B^r_)XqJcm0G(< z$MH?(WmBcZRx+`Vwf@agVRL7n#onj(?t&2LrVS^K-UR)fVw$;nnA9aAK^hc`QMT`0 z3YCqpKb+2cpx)S9o_HBPDYkCShj;+(hCpC9-(arKdo4^mP|y4wn_F}>!NZ;~IeFYtC^S$s8zsXl`&D7h&7ILv{ty-2`seeNXL(-`APdc=U zApgY>@hrEXX9JBd_EMz<;*~yxA6u{o0DVOEj|)E#C8WhLM(Wo}b24+9NiUO35Vn1O z4++Kt_u!%|D;raqBJ}!;?H*_u#v~NyXk>JwbD=%H$Ru!yuIN3uWEk9whcaWS$22ET zuM(kT4+SkGt1V!(QaG?lYeHBTIYKRzy|@DO_=3u86hOYDY^tm{0js~<=;)7k=KPIH zo5HnsV4aW}BYa^ig5ydh5lZIIK{E(BGdwR3fwH{5DeIUyI~5|bJqEwFWoZKT>rFgc z0z=||7OCINFP%utiH2t>X_E=96jqwRy8^Qfv7WRVVL(*lbl_y$sqc8ttohHWXK$ z%S_iFB-C}KOfH{x1^B}h$7VrtXFFT{TT$(oPAyu|$2pXuB1ywa>J5#ijs z7wT<#w9Gc=^Z+*@+Q&%TcA128YXAP9?#1pmn##$uh`lP=Ff;W=PtT>9wybE*Xz%Nv zAS?RhA<`2tTIq?59pJ4#4=Az9of2ow4Lv@WrRmur{i{r1Lw^5@H*LKjLFtA$oF(n- z8oE|krikb`++>y_&Lp%#Z9fcOEw>26<+79F{_m|knm|}`kL|UvT{mm`1I&_31qWYf zYSk*HQVpOpw@;SkO~%i{Gqensl;XDn3~vb&Av&e61p7v63{o(y1ID=Gap)cI3!E=C zU}{a{`Y0|?F05PvqI(mDKqjSL%-vbJ)U+$15R~<1=75nD-5f^QYS1sm79`2!Z^nIK z?gbcy&}(-edry^5u|j)P?-aNb5J{2ITgkno7#9XtAMj|een;4*`mjQk+wDMT&Dtaf z_Iv7vo3zoZ_nas}=zx#{>rohcC8Ne1{vK1>+5CgZz#Ap~5Adfwq}jF*Hy;1tV>zTp zrY?A~_rb3+-nF*j%~esLuwAcsL(iv8cy5BY-1BmZQR;Mz?o~kW6v#b`$dJW(2^n2;^} zc^>^)omdxL{FAqlqgaK4vNPBrmC63 zoDNGYx3JVQPfJ!dY-1pZ@rF1(R5&6OVmcEh%p#pjD88LAm{+pf5e%C;$BTVdMaAec zhJ#i`O5zo&M`ix52He|#y^ZZ(ID9f;KEvtiJ8ocmHb7@LH{+Nj|5NK#_-R+up6WH{ zI-F6qG=K|sgc>%wEh+W7&+=yf7ZiyhB2X`C%~!B%KS|=a_Y-G2VzqXcn_K4pQq(l@ zVu|fYAO}Sg7eX&TkuXn{NSY1|@fkw95xf+XGwtyB>-TeQMbTS>A{*2f7?y8!186Uv zUR*mVv0@jDXic;c*{v*9>Z44FAN*|h-LZoIDbk7L9fl0=Tk~9hQdRe0V0pS9Nv(9h z(?;Zt&IK3{F?jM1^jL&agR<=Uc_eu%m>v0Zr-8z?^l=p5sJIp@(}}F(2{k5HbF%+F z+@VQWI>L{^5oGlU%`;vXuLJHA|0=}koK@d89}Mc&(t_b(BVag*cyGu&7TxB(mwqOh z-isX3jE|w@%_`L9hD>r+&)WO{+)95z5;J%q6>HN<1$edrocxblLWh=D2kd8)g6+kmReFXdGVC@XTPCH-MKP z80un5Gj8lRS-OPUFi;|m~2whH^YXgGTa&7D@cLn*sOG8LJ8E&cUf^t zH@gpi4>2yn#<~8c@f2;Ja(z@d%FR(zm)vs23{2eoDvj3a#@4xk1oF|6roy!zI?|W} zFPAT~)1=YE4>b&(t7Sjsu-ooWsSXiOpml({CPQD>vPtx1C&k=aOQ$YJT3Yu@(YSRo8LtEng05l|W%j zTsb9)^WHbsRWSl^HHp^M`R!s!j-t`B&JTV-A&8*&Kp zj>Fe@vqOPNx}aE%%Bd9PnWBqLPV9mdkT?^5zaF52I9{QM*fr2RUD1$kz33aM`?JbZ zERoa=s~r-9tw>9uXq5eV?;SeI^aSnqOZ7om7{xz<`@ZOaZ4av_vdpOWLjJ7{07RDlRh=yLdK+e;7=RkQ2a}*d z7hnhJU@$GOgGY1FVtu;^tbg^3utZON6$#V%(+mSY5H_!t8IPVt8YZg6XnRY}j{@d^ z^l6lLv5BmnyMaq*X0#}79pJKOoGVE1i{yZt?TM|!4vLsYkDsR>QcU2^6nwVYsN1IKd zE;5GO#q}~$KcE^KfSb)U{Mk;F%e@!VnA@g!a=LM>bO=@kETN{YQ8T9GMxR`JXDJDq z_pzPk>7h#hVVX!p6RW017zHlkBXDu%Ji7V|fO$seav>4#r}z}p+BqAnHp^Q*Tb!)D zg-~mGH}04Pl>nSr1spDMOXLBXNVAWjL9;q1*@6P_Ka^4$->0bZUi6y2Y`Z9<5|j#VTX7ve<Q-DK^)2`J_I|R zbU@K*t|%D90IGiJen=Ya-`bgqe{^WV$dY6Mm}RrGXngp=T~?OYx%sQ3B~5<48m9hH z`$u8P-B~J}Js`NCNlHL`s?(PY$iT?uEcOC}(LZL3t=Zgx25LEyvWG^>&L=A=pQAuC z4>`^cjgPy^dmJDo46rOby_Nhgn!p%167wuI6?5Sg?5VfiBuR~$((+|DPs)dW7;dv5TBnnhF z5K#c1TK~{ke>eJvWy86OI(G8CtKzT9jwX;xRKDme6`oq|-c)`$7^3cok|~yyh|nKo z+i4jD z#ZYTqkZgg7g@dv5)X+JwlAEpk)R@uuwG^zGgfk1<|Gz@v#q4PM4=gb!-hY@~oK96t z2KVd=%{6crL;^A+Fu#34{MWKYGyu4ig7>U0@Gm)ZrlO18>3(PH-lMPPY&19_oV)*)Z;AFy^lNh@_Ff(COGH7~6cTa~0AbOW zg%q9~JwM4Q6z=Q%KQt({ObD+BmTA=~t@u^19(~&MN#@QbeLK$Fj47Y|$x~L;ml)11 zRJ8a~nVNMNuW1V#!j>?WO@{1O7%#9{&{cTP4{!Bv$)1H3o5k_e^@{Hq1Jvc0h8yGH2|hX}XSFrMc*Cc&5^itiS>!sWo^SPjQR0Xqa}VcnS@h4aL*hVd z*Ck3auyI2+VB9Ay7t?cmUKzB>%b?pbYfu;yUe@J-b(TCRo19!(*lDE-pqFO%M^7`p z`Mra3En}9MVvjTAH|ti%dUb%sCu%3H3CVJr0mw5z31l?EuP%MP}H152uT z&fFmnhcS&KOba$fmRfT!<7XqllcQGqCaMJ|7ouNz!?mwxSeI>_y0!p|v4~}azS^KlF&W^z{U|+uJvR{tKo!;eeJ)bRX8a>Oxf?pvuq`t=*dF(8 z+myE@qL80LhVkI(iamv%bOu;}vXTAwK^aVb*)c-HjEL9-j+qp=`gs&Ik=*b8YMncO zt*z6^WjrWbuTT{^%yro2qnE`fhS;LQ*`QJY?qKqG4DQESh z*{boH@Jvl3=(6OsKjARvgsdV|`pVPJ ziqRF=L6_554p~2rIG81~usbob70rEUCt(&0qAgMl6|C72n@HR^0zW=&0}DC>%Q7n+ zoBIiZ0QU&hD|&DB1_9^7i_44}(NEgtE?ys*)v|&XU1x~Dhy;am`H=FIQqomh970L? zN(_i}V);<1;ctB@Q+mYiS~8_Ik}+W2oN=i6W7VF{@s3z?8nYPO_>il+zyHYh!)YV* zYsi52Q4@8Zu=E%k??_5Ct3{lV2K)W~4^&vp!*9O*o&4wp1 zbmQ$4p{!_ta*%^Z?=quYd$v_D5+f*#1Ozsdx zkr&X>vQnr^L#Nq~xunOT+z?ZizAs4{Wc+}y{D0KB8nylh~pKxCqohZ=IWzGCI`G8j|(Rw3bzJw*-FiIJOl1uJb)YbFK{(XXGoeajKNfqV+e zy$N3t!Nc*kFk9H3)8ok~Zt3*zDaAaB=9k=k7 zTsRwm%;*foPbyJz~y zsDc3h|JSz@KY z-Pwdkhl6n1)!tIz@1$CN>9GS^6Q+Ey?1^H zFAmqR0QsS9va?7s(n>o-=tgYAh;=(4^xq{2(>(N-9_<`V?!vUtesGoQ;%Dq&p+LaUeOpU)Q5|~7z-L+`>h5` zlgtb=oOpm?URK)sEH2)(Dj3b|%|~YhZaT2*Q0?tozbx!dK0=`oNDdt98FZtSw%S(O zq8M9ZV)ok7#^lb#3$xOn`l8nTnvYOER{t%oM=7=E^%uE&JB`e}3d4e(MidQ?{&64h z1vBd1Gizis0991dUw# zF#NMZ4Tdd7U|fN736|=cT{my|B#Pxo&%@7(5p>=*6E@a^%CI+tB-NvkEYEuqaZolu z1BjmyQ!|li5@T<2Di|GGMTQVhLIxZ!g0D}Ht8`0gUoZ-}U~>wZ3hV^d-sb;A#7jOM z80Q_C*BIURoh7JTzUbcdQ=2|>2$$ymloouX7QNsus<4o-N)AI z%>Y$*G7mVvg+D^PY?fg*p34v^WDyWlTNX15xv`U<_&hd+ z7yC}{JOg_^de=a5E4z3D_Yf_!o?HRofsFMcRxK?mN*l?GGEqg;bKB-mxUX#t|)LI(iCyRfARModvd;=?YMV9tX)+Zmr~?sm3|i zIXt^@lm|e)2TAzqwCAFh>b)34)rl>^h1n0RQTvSJ*=MkMCXi!Qx%uvcV8;_@D6is@ zz{i^lAlPMxNaeH zpd+f+xvYh)RHO>yxi%kr(OHNO`jis11i;0ffRHg?SRXLJ)0X!fl{ z1*SNNU#R~2_~aSSp51oxs4Rqpa)PAN1m?fJNFIg>!!F>Yb!@`6J;xN-^Z`=fsY zHz0&Omx*D&Lif29p9&W~;x7stHq0IT+1{0O;9y!SvUWs{^ z*AJk8RLzSjOv})b08TmG%DPMIz@yi}rXo!{T$7wqMwAU|iW^Q_v5 zOh!oEb3%Qa->VswPEvbSw3#Ty3Hd%^lQ&ari|*R%4t(ZlqSajrD;`a!IjFdMpw5D? zCoO2FOoP8nM(Y=P)mqt&P$l3i<cWRP(aXIG{Rp)4F*L7G7COFQVjU1$%hTh2 zFQs9-b#nh?=yHe0mj%PNNm1Fxc?2;J|KxJ!D=fk{@!o!nd95}E7tb%eQzBEANCjpdHmY^wQAKYbuJxdZMis_&{fs3z zM?Y@kK3Jql7&LsrNMFbIwqVB&z`=*b&3wvZ%ilnJ-zzZg{W~jGuz^s){2BPtIas;{ z@|P&gd;?@{52U$GjiGce5m!gg=xOa!s&I~8`i!{sJEgqao6Lg^^4?L+iCnJZF081= z$8L*uP0XO7#rRczM&EfXYZz%_gzLlGZMv^wWrEemh-^Up3>S)9Wr{)6u zo=0h;dRv!sMmTN_5dRIJd-psI{H|H{zG&0vX4(vnA2>tBcfn(CDCvLxVXd8W5q>D1 zA$xhrDRekc<1P?zc(3ikK7!{KsXy~FzgL_C7{kFIAt_f57|WHh7iT{uZWyA?0(4lS zn+RV|BHO4J@#_oWsaqr0fw5|*Y6S9$9`}v(mbd3vd6;-?x1)+2_kTpyeCul~e%>0b zF6XGGaHCaWF)}rqfxxop$6~D{k$uI@xtMn^ASTwIdNUC$l*l0~6SKT1FC2< zIam{speE%^$$B%TNlbL{4Gjimw)sDD`--jbC%vUA4&8a6`Ftnm7e>@B3++8-G*1zI z=fAmY2WVPzah^wd^_XM2zsm+$Z55MR3fXMW00Zf;kL1jAx|1DXK^f31!u{}fRV9c} zvokbOyYiLM^zx|R5bJbTBF(f!smRv}wzU!LSiIW!tjZUr|BJXb`G--{mMWuM@1pYE z=tR9+gT_*)DEJsytcH|RbSppHXfL$DwJS8XZMY~MUYMb-#HI4(07{oDzFf_r29mFLt!DC2C9pDOX#LGlS$L0b~NSxs+#sEETl#y(olY_barz z%5LNi8^CGjbj4YQoxjL0*m=OJ{ozg1m0r}VG@8yhvCDg9OcMvn67|Oyb@GHFH$!wL z1wRm+nvlz|RDxRA$;fc%Z#}C{V))>x2w6|9wo+bAzV4PA-*4x3f436iJ2S9e6trHA z+>~A9^6J%-Skz;Mo_Mn7+b{^t#$U@e9WDP8TgKC-%WTKZpLh`KipBX`GO{xDwsS@u z?#wwhc4la-v767aR{LsaJx*LKcS9ZCQ> z>}I0O=5IFfkiRn;_t&F3VB&%uiD0+J4GQ$tOh_6N>^o!mD6I!gQ&T-n<@v89nVtJ+ z1(yOZ9bGlW*3SPVMgl#(4rX~M4l3p0$C2$n1!a-Pll->9gVImNu@pbNpkrS8p`hocW#iC?!Mq0P zXy1~c3{Q>X5E>kMct_oXIg?IN<9pcL&#KEtUyX>Lh*93r5?-tcqx%BC%fs5^^P~pz zBAn3S>n7?oWyZUQ^ZS3TlyOr&5@F+m*SI>rYPqzla1S@? z#o#_Z_LUq9ZqqzOV~JW&P2N$sca26b`Da}*qB;xl*xbc6UF1+|9|ozj6A9?3(rlWB z5rMtp4=N$AR2^VD#AHTC?x{g6J1N=Q6m3^=^}Q$F#);vuA19IfT&mIX6S{QI08H+M z?%;#X7wqG59)~3t@fzf$Ta+%G6))itudn$A*~--wnsPN#Rk#7%!YM_H2Xll*^5%FJ zy~?=Tw2R^H^tUz1fnTUdou#8u?4YQG@KmezU~eVFi4VSs1XCQ_VoitFMq^{b)!4;4 zQ<~UCvFI6AWpEehn(TZuKs6?2T@=5FJq`}GNegC0z@nokDls1QeT4JJI@phm)uHIcdN`Xgx|?LQi$8fQsZK-V}Qr?IhD6F{2-2VdNPr#JMYIG<5~q z*W*bdONxd&W?L3y7JTxr(n*`Lb-l^Sea(h&?nb>Gu$T8-&ygf8=#O@F__BV#E%*@b zB*W5tQgkmWd*~-BhBvwsKXVx#C=gt%Zb|$LJ@`ODM+Xmy8Wq4lg@Zt<2b`->9)d56 z`fcr3@e(Jh6?x)>!n;ljmz;~u_qRUo%0D4N;1+E93g@Y>AaC3?Wh(k14?t>Lc7n;G zC4f7+@w7K!9H$imJ}Q}q6+gtJxdG+@RfdAgKO{oEwi?!}G$$l*J>!qXmes4DT^(?vg!}B2L0|CVN~Q5d3viv0COHJn&FJ6?y)88J0=3T`J0JPM zFhZugV>s9y8&f2r3>}?x?6cT})ncwQZ~x6jfFqRyV8xYTTsHM#tx~+UDX3%X$tSK7 zvLcXfP;c#C5md~S)=Qn9D?-9ACL#s$Bf&3U(oG$~IpSVZhrdI$@^SbDe&Va+TweQd z8oBA&rV6(YmDThur-Oc+4YV%t9*)@q_Fh)^5tx9KWMnxJpO(IFbVDqnFDprb+^0}M z5hD(FC?S)WR#E}xgZh$_(0IE!t8(AgXEX)Ty6VF^d}|{zBNt?yXLll=9s$Jj+{x}S zSd5cXNFH~l&F@JIx+n3H`Odmn*R4bC1jZ)3af^y@Ikhu#mkQ1f?F^w(SLMfKnJ1`F zjHfU|5tY%FDt9KX6&`+0NWc&oOl6#}e9@q&-D)na!1p4(bV{5Inx{P&|teWV{SiWYUxVouE{B0h5% zvxzZ8aaDc7F0RV~st4OP{#4c)aiQkrl^_e`&^6WoBm$A;LfwptX1m+Qi2R zwbSyzO}BLQ?ARoqlh?jWy(m2bAhxqnGcF_290Z#Q7pt#QhNe=zAwkp z>2L!)8m01p^7Oainuc{syo?iU{)i9PkdFhN$|(G{iwZI|)l-L^dt5sB0}C zz;8ETje~=vZLx2MQl{gA)wW*S^tH~9 zv*#2#qCvWNjt+>IaQ(p5>v~*)3Hd3@hP0(K*M^;}-hS`b{@Fib;|m%v`5krgJlf8h z?_PxtdA8f7I&OM(BvR~lu|+&K=I58jFemR)j%<0aWv6}9G&4^s5n=s_Ehq$>nhY2Y z#F>9v`8}R@kEuS$Pkr0&Op&S2B)y36A-yaU@`)XN8M1$r*%x(Bcs z5r9L;@_)1+tvwkqfsBW9OH_^)A@SmAInQSeZVp}25csfQ-)xn7jy zxQ)cVao}p5KP|iSoZjY(=vkqs10c}++7Ct}w=IH_AfvyFslq`LuiRo^Oy}x~(d;22 z2V6$%j(>m@Cv__=9_%wBl3@M^Ggicf*2Td8$ea`+?#scxI-b`e zdlM~@vgLqV{yqTyf~$0NLWh@LL+VOAN!{X=O#qbp4OmSYA0In$i{loGR88M zve5l?yX|h?A^gGlsU7Cvf2DZQaW>yDCcD^UjgWMbQ%oI-os$q#EWgSWIna`xHkS>? z)>X;%2*-_#0}d1hc8TO-zb|azjxGUrxffua3G*^x?ra@A%&Y@ zHr_i2a0i^%c>J)I02)ue384Kzq^=?WPz$$Be&kfv6fV4v8H%wMWOKK5Q+fM&ol=T) zN}3r=>F!whd1)&1cer_n?8UZ}XW~#TOsUETbgjfUEOi$go)i{A{$USj4yT>^}&qSHT$bY3zTgq>Q+Z+VbO_D%Lc-i49kEF8ZaKuqgl|x(0FHhCM z_bIOJgmKAvX{BAMC*A5-kK~wSvlv}8bIRzTs$w7Fss?9H?~GdM$^Ot8bRj?aHS%&H zMf4(+M}~@{W}wBgI{Z?S-0G_`@;1w0n4bgK)%?^6`uL>7I| z98f$Bl?k|q-^TNS+t__p^_CNu{&IpaN(jQHpi9bbhCAAA`oOiI5rQbOEe-$NJ|dSs z!ya!6j6l;@aT7nZ2hQcl=X*T3Q+i)<^Vbnpq*x#6SqKe|s6$Pp0D#npaB(Ml$ThC6j!hh!q zyqK~%j#65eyRv&jrmuZEv#p$t#`gXSCrTQVhxrOc-D5I*-a={o5do`+RR^kNy(C=H z#-m6Gr8tjKD2CFpY$VkzvEl5QHajh6s&BYf@|^&$QHrJh(AbYnMmxT7FDIK7PI1wECj+3#pLDTdAhwa(gC$ctmMXvj4Ac- z>n!;20t&^U>+20dc~DB|OS-2F$Vx3`#;0MQw9*+y*YO|!D9dYu3dpfKb3(+2FW`&J z)RtgnM~TP6s+F&wu&|2z14?7tD@vhlh!ReaQc(BGEjmi?p|J_7jN{gKG3B*+gqmR% z!3LcB!$>~;%D(VX3p9H*V#@2bohOZUgcmZ8S7^a)W|*~jxg|=H%D>hONN$gKeq)Ep z(r@V5H4=i*m;S%;9u3=Lznf;jCfB&k-kyH#u6kkK{oYt$^2I0IK>mao(!pIB!pYc^ ztcE@pcR+f1)}zakXqAId0hl93-;_YyGGfB+fmEu1$w33JyT&<9>UClvpAxbsAZFJ; z#KyjaZl)EqTho~;=CdU4MaowF@>?$l!^9yhd>t|LMGKq+saqj%V*B4W<)A;56tTXG zYA>Qc^)-H0T^-M%>9c*eV1uo44QE794P2FQx18|TXjFcRcwLv$z}fB4oUhkC-(K*X zH(NdOlEL%k)wnsXzpg26!+RNg^g#NNUK*~buy6yuc`jwMF;0`r`5g-JHWm-Y9fWjp zL`h{I!6FS8loHLDz*~cjTatnXSbj0QR!$n^Y^n`cHU`SY&a)RA+s|k3XG3qib(JiI z!iIk6aORtlQ(-xh1~*Av>7$w&lbY~Jlj|f3lR)jt^9YN3@g6-<9;~E) zzsc3Y=d+DXQplZ>j6HN=rUiwWmeDaWku|qR7kSMQ+c^E`AU;I~;u02&6=Wiz(H9sM zZ(%~$^&XJKA9VS$buCnP0WpIG5E@b#nSrP@N?n{9NslWk zi9G5Clmw@H*|-)H4n9V-;K~~prN?xUXV@;1hK67VrX(*zau-zm+PRMW) z3uxM<4g8;~(!Wj%wWb|WKDgj>aG}9`Ri7Z5tj=jbN}kyt!}bMUMIOu23G5K*CGqg- z^TN8x3)cr%LRuC{xE36)$<9&{*9L+!x2_zys*jw27Q&7fq6S`Nlkqac4exVhgmU-b zf^?tV_IUaU0lSx1PL^JWc?a3i3G*h*`FVVYy{&Sg+=2-NJ*Yg02~75T9f+YrJ%$-o z0_i=F(M}bDXjIZvw(_}g9r(`$-v+MaT%bq*z$v9IE%?-!FdLZ zemz8-hESjNmQdN-C`2~9==auLyr6!c!W^|jB&E?FDU^9l3xKAn!6QBN4RTNdePRjE z!ne~WT4H=Q3ihBLMw!HHj^eJ1myH7sY`Hd&psc~ew6X{-pa*pyO4M>y)fFhP%`)PAS^kK;y$zoEzx+_J(qPU2IgJ)WF0Dw1(Q{Weg*v7jZ`%Pv zoE~ZF&g`2_tH_CfvQs@;KPLbI@sYfYHxbUs-lb_%-jp7UtLoZ* z#q|QZHLDy+)_x2IX08OmxBjqWc~WhlHtZCNIQEA8$2)OVx!(<#4s(Ml<$(AplL+7b zz39Bf&^Q;=p;H)oWRL${jM82?n#E#yE*Po#5b9sDE|z?qZZ<4^n8no>=t>Jf{Q0uI zMQ~?kWjZymZ}Vi^+6;-JI#kC~pNE&hG}h9q@_W$u>O}R^bRHVw%FVE+&$Xuj4;1$^ zrCR!Ee2L@0SL?vULRdR(IkPvLDWI$t4#@3^3p&}-u?l)k(s!m1TLp1?XLX>zplx={ zc{#uKaI-~#@It`I@6~@M{^`Tc$hiOTB5EX!)!4a$C#(?4o+Q17(R^Mo)#qG!(c7XX zeUeM}uCCP2Ogu9K?^Qd@C!n#wZuSJ*-e@_&BUe5RG8p4^w4u{{0)AvV9PZ@htmLZt zDMeG;;fkMU*}ILjlc;1(v%LO0jp8s7&a=YkxG(S7|C!bZbmit}P)HBXt>nfd;Uc(f z{GtASZz``hU#6Q0<_b(xd4{Hoy{4(JLiMZ@j)@zOqRrH5Lx+m9C-$>9CF42!)JWJ= zy`MixkiEJrTRpLNLgI{Ya#yCKg+2rmm!64K1RI!0I2m;toZc;H`_ii9=Yk#3=5qfe zptd2j($n$|(bcba!aBcl0-dRi%-kfks07*05YJIFg#&14gsD-LmXIX>nqS`}?TWM| zde3dV$|%{JI~}>EY3$$7g%o*OI@yQu zR|;CT5#&|3-5=`Pp>~P;eoVpGw0u7O*{Msz*?!gXv;eeV&Ly6=|H2RVv+T zFU$a4+-mw9_g`&A;d$&}&>eT_0f8VbHV@ccO_#A%bi;SI{UUHyCh;m9yD5#)ne%_Q zV5XuS$t6mPzSlsi=FSYt4d$~PMq|7eAu{hP3>u|LZIni(#f^4~avtu+x7-Z@D^)hI zo4*(F-!%yHy5qjk*K%1UcAOc;>>xWwZLP}R*j5c-^pmHfz;X4wP2#!yBr}m5SjSTJ z=vjk8iqs|(DI#oxB<*m+1$wnY%Jroa>;|@v{@=B1Q*@?%*mG}aGnuJ8n)m2(wG9QO z>HDD(0tIUNjt&5OPklnR)!s4>E&YG+8cOCfeWF^lI=-;eY5NW%FA){SQtO7^5GUuX z#U@SJE&8?<(#5KObJCf8jcctbYi)<^XIXd?IP0xx~F{`YN^cls`DAWaRvMKH-JHQNU-!Cu@yfm~OR|j^y2f$dKyAZdEw8>+e;rFm( zsZ)!UN7y&D)uA{i9h#1Z^SC4BVB8)Byc{^=VEj-v!PO5I|e zOQpEjA@`!2W#q_=i!X z`+aa#?L*lf2s2?!uc)5&GuTQ2=XCI;Zbnog`FY+-rZR(G57G0>(ATAh*ogb>o|c65 zjSr9(hx0#vJ!00fj9Q_M@(iNF^Ty$q@Y`y;yq)t9L?alN}ln?jzk?8fq)AR=2AS|7zwniS1T8uM7&(VrB!-+zwGI zS1LR0#3iWejXzZf#gmcSlX$LIhQi>$-%5VzMQj&FIf~zwj#+M02!zoFX}W;#BI8+0 zfURD*ND>vyx~jgSu7Yz})0T39L^*3vsP34J%~$per#z0y*Oiyc6*5>Sfm9)NIlPuj zte$nEng+@*C+p=C)Vv+iL%DEz9*RX=cR;!BQmr;D;G9>$iH(MwUN~D?O24J{$U7B- zpxP@QyzK#8C+;)f&^d#Sbtlj)&X3U#h2|v0OI<`cux$p)%Jvf88-5Z^F=wYjq#mUG zNe&9jsZyPO@unt7$yK22sZllOkW+Z*uqal!iu{RCxDmtRSJKm-f?Q^7gY@PCK;I|f za*{-F1e?ZTm+=z5aL=mlf#5dkqS2b2B1AiZXPrfE$2A8eAJWzQ#r?7l$>f#4F(sYY zyaqPQO|$J-&&7Wl9C74`nO}Urw2J7_-k1;n{1oAU0>Whcz0+QXZ3B&%F;+jd9xl~O zP4Q}o5tjT}SL9oAe;#?1&tYgE%Cw?Id~r6#=q{f5)@IBHJuJH zPGz>wSvQFKNXD~ZGtri5*7Azg$n{8HHOkUNb@{&C0HJB03Sb)Ydi4oR@#hLKIr3;? zz_Q3g+2zV8#u*-7CI0IyF+f1=!m3n%I4|*A4;%*S)`pKJVkt2}jX>Bnz$;I!%%h~A zm>$2Lfv`dH2lryuDZfpWZ6TdUEKq==uiqr^ zSaY?nBgZ+p*J)xsXKn3@#pD%PXvd3?QZmpPQ*V0KUIhR`*;zIiP%mM|B`=OH$A+txqr zNnQ zkz^kR>@9nV7Wb85M)4&B9^5a-3+mU}jWTrz@zl3S{nupu=ZI+uLVAtdSYo;y1e}+k zQHmAlh!)i{2t58EaC>u5@JJ&aJvUbZG@R&UHuP@&!l(RcC+fHh+iG(R_dMfmEJuLg z8F^*A?k!f%cd&djq{ievoemgQTa}3FU981D@c@Y#SCi1C`hUJApnesl@Splgu%I{$ zPx;|C>y_V%b4@wGO32-O7(E_UliPV!axu=|m9B!AUeG&qZl5uFwV{eK_B50-*MwAq z{y}{V&t|6D?T#rn3hu~A6AxcPT0#&J_Pp-mX=0h zkq(O4CdN`2qY%I7Y7vD7xM@vT#H}&2s!@0+u{ndnt4~Jc7D`+Ikz8Mt1?sZl#ncjR=QpbT&tLRKP zLkM-^oZ6xqz6}mHjarwP3cDZ7MRADNz=e9vz{$&BDaG*5#sjP_L9E z>lj~0P+I*DrWI1XNQOE;Vrw#s7mex8#^BRDrjEL-yahux*$FSb&0Ld?;i*u1BtGLw ztr=2!Vj0Enutek)fk06aBn9>7X~sIRx^m}I-)5BwSK0Fc_ZbuP}s)Lore;1 zi%(GV@U(A-?IFgHS?TwbC$m_@f}kBEN7&+YzbL5jDF{t`^_QF5LfVzTQ*s&D#U(;} zb{PqzDuN&G=!<5gOBz>&#GiT%hlo1%`bXreFy(lmJV`j0;duGv^j`kO*Q2}QLN*UR z(u6~pz~AXXVOjm#8T&)cnU1-2$<$eBzgh@`8ZW{$2$dTY8UP`aOOwG{p=D=7xd9?o ztw1O|+BIJ{ek&#zpHi{BEc9 zAkp#jI`I3WxL7u>c|nLaLvaUupG7kY*U1Frc57Oaix!laHj zwF|19KWG&$Gci#gx@yIaNzX5-L!ytr+n}9UFzQxqk@Ao`$c(8Kc1`q;u2JQGC&|jb z6l;Pzqq>d_L!sw_7o~I)<*(g(|GQMe^T(?MnL9ByT9+c?=Q8e_C~fUM@i0ILw|PGc zB%N&+X3X5}v{^wZW*ohBUK{<`Ysp|i zFCv~BR`n|yiEuFbD*$dpg4ex;VRH%DF+L3CJ|^}dFJD+aq7O2%j5O(If8vI;UN@^^s%5ptjW^~DQiT!-9VxnHLTQcz`>1qk2nHvd=K(z1 zP`%fPsNzf5aM95Hmgm^G;~rU#j!Vbg{uRyRVmZa2KO2yb5UXzdg*!}Qz$^> zfsbt7jtj5<1KZh(pdC{o`K99~Ia%q-^a9aen##wawv&^k(T*&GGQFyDY zA`Qbu?(S+R{VXDh!SrQG&mCIk9>L#b39ZXQoYwtS$g##LPYe_OQ>*>!Tl}HBRxRGm%%zu^=*;;ZS?9a*Wdk9+@;*lh zV;M5ti374?-gmWrL^}?+4J?US72rAZGK_z~%dc@KyAgdn{H@13+#E>V@NH%f4);yp z@}Ls1p&y*1_DY}IHuwO!R$f#aZ%q=XRIcY|v_gf<9xT9mc=~&UahxZb9`ZNC#!Y2% ziCWfJLmUoY5?A4qgS{wuhytVTN?WR?E9hb3BUVm0wNrdN4|SiU2?$-Sx$R$cP{Qh- zOUl$QD^5FrzCtzP#o=(Ou>(`D21@fq0ejQbm&(5@&Y&p=PL)a>GDtOZGL+IB@MOj% zn5cG)Ch()g=WHL1gFVtcMLiw%dfWc=NIU1TH4)dzMrAJ<)1E1PCnv9|9C7#gz zj!1?zQrezBv=e9>!-#~7V?YGQ&T4<<4dJ*!(6CNQ5;5AJQq4t=oewq!D}ro`UO`}* zRM*7UnZu0rSjvjRKbQH4QQ);F7?_Eam~hN-a4yfof!P^Q;i3CKscXT344hej)g44e z3gZtv1Q#0@7aZ!`9)Gjfe0q~|!>u@8BC)PgrTgYZS+YrXhYImdGQDfV3Zai5#_Okv z&R05hua?)0LKs%EwP)S|Q$*2d?|&O?HQ*MQ*EWJS+oOFg9ZvvNz|1FuXD>GS^+vgG z&CRh8<9NsQ#a9_Pf}$nf3|+v1ZNa!5@@?1cm%nmHfd~w-1|!YJ9QX#(KT4|(1Q9BC z6Qo?zQQE#;jh*;-#X8-BUXaW^K0|2*F0MX#912o9CZu(a7k0{o*vFYS@ZYr;VHJx*29qAj@49t#R zOLhCwE0=;d^gAGfg#=+9^{7LdOuO$-OoW$1Ay<|l+dM` zy;TZYrIpJ^H$)WK-^ryNRU4lwP%9NNxav94)Cq($OUdY%2mm|6+#0=bb{$6D4)&L{ z_>7=bpH*kRE@P$4eayx|aZ70dl@&{&`L)ABz{IkcorpB{qoxqPSq~2_28j~T z7AOivg^-mf2Wf<=c(&}AFqF8jcPc%4`sRLBwN5qc-AEZCrdZMv1_k$~C?vX$LDZ*a z%pgZElAsWou)h#Gwrts!>nJIbMSM4>`47p=5dGkFXo8|N6NwsS!mMKhCeXcB8)CN; zhhPd`IAS4Z#78D;`F6S~H%!JWiXi!(iuOki*LkqHDOi|WgL(ate7Fa=UmwBV!VtQLmQ z&ak&%vodax(@zZbJuRITgg!;kw{A8?d3*U{Bg3kVu$f$xWhGxDLI$*dIDO2W7A-AN zL05v*ka8UKHS_MGceWTE`IF>deePM$Ymtyv<5YI45%UwrQAz=$SjfjJVRM3NKw;G)WLH0P9TV(n%$F;rUjvSj=Oo!m?RYyKm|!_jy5ojFIgUWy9@HX$=l!!T zgfo&8qClr$0sQnlX%R9MOf|lR+<&KdI$f2fn?RV;a5M}73D-dd^Vgc*>F+u!1dHn$ zSHbCGZYIR)b@!e>v!&MqVFns$oJJ{SByTYP5-0ZS2#eCSYsbj2%n8Z+Nn`qy`iKr{ zrRe+Ek@TLFmpw(3OQKAonU`SkY`1JX`EA`ofvRhNNsyKnd-hM(-DD&J`+Y5xb^pyR zcCX+7VFqYo-eps5o=3WL-}2bU^lCBd@tqV=8eSB3B52B{aWb+%-*VS`X<9waCWfkX zYtu6Tef{OAWfs3G;Gzd0(ej|7B`G)p>I5)kGHq zlZMQd3>H{Q(E<{!Fmb&U;f&gM+ijNSI`~ntT>b!@fAqUob)Y1Ed=Nh7-E1~cGH~98 zGu8L!^a&8Gj9K2jQPrux+|v|q=7G!SIqP2ey53l*KJ-X`x97R+;_M!wGnnbX?6 z5LMNi*w32dKr(n)gZ`VvK5zg;j=!Dh;3|vdw8_d*p572CxaXMg_m?B!x><9G{A(rv z_^4%5ge#$D-S3UlUhZ-!K~w@c3q|3FX|uOL@*tegwqBP-LSPA#wF7JD!!C0$#ux!6hg%-W(>p22LjWrYJ-OSeso-wj3`+n+g;8P?2qU0loL zM|7~P@*)(N)`2)1)D_@}AVj|@eV#PAs!Xe1U}IG9GI9*EzQnXM%)12ubr0Yg9^PJwHtOejy+C@V;bIsC$stPMO#erjlI)X02M6n8Pog2(Iw>>^$vH-`&uu;~ zt?>Ig@8GAwrr<^JflmIW(iC`kA5#q8cx>b&3|pI+Xk!CRpmF8p_o6K3`~FK|w8dvu z0$~YvDNZb%Vn1s0V=EDUlI&2D4w7p>OAwlnK%d!pRi4f_*F}I?G-0Nlpv;V46;7bN z#ZJH*UsWqeOk_ZqanHT@AL|wdi~|vMT#0p?TnkY+I;EB=f`gu?B~e_3!8v0b=v0P2G%S z^TVA4fsBWMOT*;rYNE$7D7c8|NmD2EW6`Y;k+4psDDW%~(}WZE2ovWOSwf{;`XKvV z2ls}H(&7W!vF23JZE`pS(>Sk#s zHk!*i!9I3Q3xz^5!E?){v-y(rzTxvPrxbC0^d zs_XKI3{>++LRgmBef0H^V}9k$U2cmMN$9ZP8wV5iB7t2%4m$YMlD)yH_D4LnoEhdP&JPQE+}$UVkmNguS^JwJYQ%BMl7s+#gwH ziGVY~KQDI-WKC~Svk-QlbEaGgKd1ZuaCwy|hI!w8$N()b6#*O_0+BS|#WECVE`5m1 zWCK4UDbtJH_2VmJg8ZEVii-K4@j2A$z3L>hu(Q(^ffElE)xaZQ1&d2qkY+Gx@PLFx;4!c>H!q+Pd<4R0l${yI zlr(a{$zg<4f9Q*lTnb>ioEq6{j)|NF^xWROKSvj}7!_81990H?M-*Nr2l7zo!<}O# zD5Z@R>4(DCRR{Yg)k)Gy(<7M@!ZX0h%$K>U9kv_y0tvNGE2 z_P5@SwDyTPr&NR*2Xj$|isNHRX)0wfh4G}OwI|fd*o_c_F}vT* zOeKtS{`Cy>_TM?^x2Y&I32@a=C>ZCo$VdBkB*cXNuH|W3+x`xtRD!DCXe)!Cd=1Es z#&GSfAm=VB!v54wF2%mKRWfB<{rzyz>T4F~XB{z@8Sy&^I8xawYi%}`VZ2;qHbfMD zc^2*0hW_{f5RIRZ6o#?xfcS4gw7`JZIDu-`Q(9r@pHVvVE;>#stR~4hF|@D+a;;kA z;HB~y-_9J1&|0*o5Wu-2z{0`kW~&xYpmsqWQSX-sNB=Z)2G z=ooMu&Rfw4R$aVDLtgj{;{0(_S#TdqaNJoh~M@dveQdv+`08?lmkC#VF?_O(5;Tw`~?J`cC09;}{(+|PKZ!iKL+&+i? zJlzwSDy%k}bvkxFZ85knVkY?@-#O7)1nm_XwGk8SN)`hE)XZIb&6Kcw@4?Cuh?spP z6qup9KSf*m0D&5}(sY4|aL=uL1GFBA`lC8)BS4!mM|AR%okDK1=1#5N`VCL}vatbxi!4gOszzNS*c2teDs$xk6Xki-9DRWqW zbgX|x7D+X29z5j=cVmt666n1#DWp%v7S$wQ3ImChNz8A6vt?<<(vc+Am6nRhF6abf zvQ#JB&1G@%nUL$HY`r1yF-4c5#1_4PxsLI`CAEzhT1oMNA9>wW?L%xe<V3;S*Q4(t)v` z-)J07(LV#YdH6`Axb`nqE$zA?1^{^f8FP|s?PDDeO1KaH!lxE`1p(i5*}{_E;xx~a z*Ese^RH{1l#;!O9v+NzZjQZY1AMVYQ8;%v>)GT)Jdcj%6M$3|<5--HLnce(VMeL;j z{(;YJ=q4Uixkt(QlZanjL%^?Ev0lL%A*s;G%8!L8N@x#R!IvfcbA%OXy=kjIfAS$2sek6{>=jzXMGgw1Y+ec7hXq@iNnrYsY*{ z!l06o;G_0H(%DDB%=tU8I)JVSBMyAoCOfV(`tMIwa&MVa7)`c zh_MX$y}IS{cc|{BlWk*uQbSHdM|vk!wuzE!2Tq6dSpc*rpjX-T2)tfY=jg1~_%~_W zJkT@^dBWb>bQBv;uGo#!E%*0yz8MwK92;`;g?SB!ZhtSUQ& z+Vx-3gn=R}gn0q%JN)@f{P5`8v8uyS5H3hqES~`Chjnm5R->(rg80qEhEti&Nsz#EEz^*w6*2r6Z{l# zi^*<;s7nPi@rsqBVIqAu4`W>x(sVA(aS42iPc!1qg2D!HWLklAs`f-4QP;I{*7od6N`#Bl{M{R`IiR_ zf?NK=Vjad=zohorkL_)ZG&ewbOaC9M3EDKHWnN=)JhE$5>&#SI-xjZu+8f;o5y4ij zPIpgD6%s?K6)@=fSgp9KG3GaOm#y={4$)mfcB2%Kt^g`C4Fjjz#zEMxZ`CSz& zXA01$XEgqycoPo5$cR957Njt5B`Xi8(UQ$F1*O1$fl;6521LnyXTB}DYu$eey_+oc zWs}jJh=KC{yg;6DRaxYLxR#j!4txVK2Ra{Mz{oa?CGyR90HFt61t9%U!U43f-BCe-ngLH-liqG20P&Kxve zc!XR&Sq)+tkRm+2`aN|wPa{i6M$LrOM$Nv07UgWLqrJ%kxm0O*>x$BO4t^;Lidn>u zw(7Y6UMz9O0cAUI=i~jLr;$n`+!(i-h12~xcU&lzy5lUME>)#}WzS6sADInM$H9I$ zKrOUL|62nf;XSDt%gq4o+IT39H<^r$stquSP9kZ;!~#0uH60+mn&en#BDG-ydUeWm zB30@8yj;58jUbrHIQYNKo1WxCDF!ZhtW5{MWFP} zoWEy_cj_s1HDc-XgOGg*-5yy+O%pc=hO=V({KCp;b{sdrvI;#>`zbwY9Z~lStfS1w zS2u4c+;y9HhQf|r2h0^inx*(EkVy4eJM3{BD1i#)5|!4nl$a?zX-#C=nF_I!FGMNY z^={yXSroHN96Ddktx943cDxO}u`MOKV0tQ;*O4Tx^Eq1v6HlTDl_2tA}qS$!B zK-p~^cIURa_fg6aj^GpiTT-IEp-t19lXXO5xRZR$Sgl$E|8Za%3?X9Kkl)yme_#%y zP$PTY)_(a3D+BId=vq&C0MkBsY_ZnD<*2?_Ny6{fpr|N zk%R(9F2=tOr*go@S=x(@C;N}5l?kM@d|o1G7sZ$tKIe^m^r0m56Lx(rEQ(X%qFBiz z<2ybfX-pezL=Mb7QIYbZCR-O z!S{|2-w$Hj00dIt)kVnOodRk>hv7)V=vaTdN`E%KECzo3MKe0swns{e%p67cn7rA} z;ba{kI7T&#M*CrKcvmLLi0vMNmT>cBfGal_ST`-J@BgdyZckXCKN`FqX<4BmLoADf2Ow3)%)bbg81ESqn}i2ixqx513_|lqH^Oomsl_@@EV=4$aZ={L{%!3AlJm0(pl^>#p1?Q{lhxy zDOdU=Dr^BZaUDZtKuf4O&vHMtRKTF;53|Zo9!~ka2g?fpt^c?DSHJ__jt($*k&EAR zY_EM1!C?bM_!89WJk_ z5VSm(W*49TXf)t_(k_|0IHB67oyV?&FMSLaAM5S8HKLyh)I38h{P4$M*TCYL2_n#Z zK+w2)kM2ZZH5D>u{a0Uy>+Lw|eE{rw354@*bvL3~F%*dlu2SgQ5L?9kf`k;veK(t@ zbcAZ0FyXQOC=+TI{C=iQ<6bnUq!#L_;;05!v!a2$9)pM~RwBGu>1-RIXQ33rgdJI4 zC*6%AHHS7$VhlZq%(i;0til}`yBj?lxzfODT0i_Z!hmGGhX~+bKWglKSqx!5IxH_Y zMUaFXOa3!LO5vR2R6uqnaW5vcj1c=Bc)%a6w#afSV}`hnwIGV%?mgqqTx%B!R+urS z13y`ql?Ufb*LoyeQ^;a4z#`bv8;oZw@EMBG|6wQTjd+@lvoz>aJPI^%UyM!*iTFhv z9iQ@K@_h8bHh0Ge{}ekd$Ytj1%95hRLud0KlC++4i7DcK!?lIM=$Y3(O*|#ze-!s< zLZ33{xc|>@AJPrvDqu(HJS|5`7MoXLP&Z~OXN-S!O;|g`8p4Ml;;Sd}!(aMY)9gk9 zg3ovDj^VVRnBHo?d#>Q-H`Byk*g!9tSh4K!19I@V(A^@9et*p7cmgdhmUqV${!xpM z7<>$-0->inpOI*5NuQw71=g@hLW9b#%S)onH3RX83VvQ4cr1EE_MmbkZL+WmjDMjE zGd=Kc5bYU3h!^B;gxLyEczw5QEvQy(NPB29z8^(K7P#MEC?P*23mg6R1~KIrk*dm) zrX6XoF}@yQ0y487FoI@xMekY!x4=ik=n9zX`Xx~hrt{+>6kNOlk6&>8jxGjm$3q;v zu{X<+ua?b%pXGE(F+ew+xPZ0GPGL}VzYeQ!8sO-T>*Ln8k8ob8R3bQ6aY28_Y@ao5p#qginc(1`yF;OwcyXCoK*RxXtc*Rue= z{jkkdV%0mRJv`P6FUwK_m?Y(5=1$hdUOE;x1rYIjd}1unw8C!sB*ujrSL-v`r3S+( zAzuTTgdrtOa5>|T>2WT92$|rWiZ^qpJ4t0gA5jg5`$wz&gA=)N6@~nH|Hnckhj$?o zNC&L^5Q%tfAHG5K26v$2h+;SlzNFZ6SS2-1xq-}!oeH+DuY zd7MwZdOyDDKx8Kwq4*z)&{9wo-6P;iKlcyJh4M=-tty{7I?@HBsia00onG*JN(weZ zQJX&OR*EVBVq)w{;q~u3h6E9%QUG92x%m%#Ewjh6V5lxy?zD#b^CV(IG1(~UJeA_k zFPh~dHgu%p=iwyp^5jda^+9~<#2G+&HTJ@BD)jU11@pZdpdPI>0JW4xed z1{`o#UG16hpBm8wTFBKYstiUY;&^ja9ZWp!m7eJc0sR>Lwd6IFV6&aJqiBptnI>V8 z3x+lq%Pyiz`gt)}6QypMcC%&f>{4^pph_ z{!VT621pdkw>T8ZHl1Ejo%}W~)BR}b<^1e1n}q&t<&Q>fJ^M#usJSzkphKGmXFO`( z$MN|hO?_Nd$vS$LGU&5+a*GJu#R#vG*WQ0QO6RXWsmDJ(G?&+#p}gx|KGqogYky62 zvfLs0rrO&r%xY|%Q{SW|j^vTNx@oekBPMVNz(fBzzZR8PTI5GTrRGJl7JfihwaX9* z3#IdU9>+GDWn5vOlj!Ti?@iDG|KKJ}9T(}OkWsI7$O$zzt)qb&00MCESDx4KMdS_n znOG2%u=ec)z-KG3kNaxb7CS;Zwws*gg$)J$!+SVlk@Kz*^le89R!v!Y*65R2<7uiR z&;yNea;Bi}FcGjQFOpLC4!f1Ab{&h}cpy!lw8^v07)eWMh_SS=YEyuxZejz2oGlT_ zl|$z8owPqR>QD)&5S`n~+THrAjQqn%Rl6-;C6HWx0j%W-&VGXey)1h?;hxKfs4Sk5 zn}hB<5qbR+SxG13D4Cb;g&)TN3!D={;v&)f*ZCMWo;*?HoL(7m?0=F(H(PL8g477z z@JD#5Dueo6&8DewiuBlbfgFVi$izg<|ual-6skA1MmY}9{(PX3r@U7cglPxB2Y=ZEo zSzI=>=8N)YDP!Q*yU5_(iIt2@i=mIIBSD3T6H`=USEAb(CkWjXW1~MJS4N!rmn5t_ zcEH56Zx5+vB#E%#&$vlmRiUVf+o%MhgahFp7E?RINX;2>hnc!3W~wIBZs=<*XS0Hg z+NeGxIj+~9$FE{Ik7b>}HIzM{X_!V-VZV%ju9)&k*vXdwBf`pO$kK2)!axFEM5P^d zL>(u9JwLi(0uhrx&`MDtR}sZ3sBrrzgrUb0gGqgi?k|?rFnBbeefh#b>mu|JCXAGU zn@i--fT$(9fS=B%@7lqx^y?yUUruQ`b+l(k?b3`NE5mf>L!s7iO35z(brhS@Auv4x z7eO2MbJ^5J?*+sK-8~Nk^;cBn!*#Dbd^N|9XhZAB!KkL^XY)M$uoVyYQW?Nmkt>6RqyYt84&WQ-bEpS0!3O*c1uFfl&G4w)Z7D6|- zlRiM?1t0308_5NHY=jqA6Pn)P@o83}P@2o-R@(8}6DJ9Zdy|!)Z+;$8I~pZJ!V3n< znX@|Ol3-M6OgW?|F?^G9v`dis7**uup|!X!i2ppG!E{XggJfV&l>DJAwWHlJd6*M& z?p(xS3ArtO4>&hDfZ3Kqc0Ge1k;kP-a{ksLC%zwBUdDV_A1x+w{snsVE30Gv4a{?5 zFfaUWCj$MjDy}F?8_}8 zzWAwVoZR=}hpED8_^((&Qx6&#Hw^+^1Y*-qCS97jjDN{vM`ZLy#;Gib!uq``=@wv5 zCv9z|9FS)(Iu%IthSJl!#<)Xtv;eFqoIJTm@ZH0iG84&8DhTm4U3V-s`Q(a+9iD~w zx$mmF^HhJr+G+bk68am3C-V2KMDGrycTtn;Dz6o>m7_ot11)3Jz_?d`-!atk}ol__-1@$(naz-a;`2Cw@-!JM88kQ&@1-E=;Jb>F%MZtTB z{oFVspki_%8s1!5s-N_BN!Ehu3dw-NE_ah=$z9f8lE`U=12dUi7Wd&^p+HeCX3f4- zbGSq&7DzF?uaww#N$M8@ua-3Q`fa6Nj8+6)QJxE-Yw=fnG)hm5Y*WQg*_d0VPk$(c zSh5iE#wHSuOU7aGGzC$dFX2gSglFpJ`36Dfm#P<~4?@50*N?x54M&Eh*AvN*O^M$G z(E?vp>>I)in#~VMs=p<#jpF0Te2Cx9@rSf0cNgZyUDFrVx;R8Jx2tu?`B48aE*(e< zmPnpFp-w^0p0ctB>jTl|RyuQbB;=}ZF%`6su~#gK#P;D97w?m^vNQP8c7HOrc_q44 zF4;IDmo>JXpW6#y#Exd){sCgqMl13mde)InW3=&hGQ6xz0VFQwc78#jbIY=mToNZe zbPBrS}EAe9b@M6w{V9W5D~%OyFa@k=pFBo@hI zaIo53s>62{^>*=6(qQvuR~A4u^+vUprXFY3fj3F)-G$+pQ_DjzOti%wD90eSe)ORa zJoA{jmlUYlVKoF~{1q^{7Z{FrE&oDQ2L?x>WbY&3890W_Spf;?-rPVXO3mm_Kboy6f zrEkU(B$G)26ORP%ITj^2Lt?R~dj|VKF?5BcVDeS{)sq``&v)IHb=NLi9GUuNEm#DO z>Z*8E$D)r#9<-?3%6*gc(o!x|Ycof^9ic#3z)~u3VBWO0ElQnjxZ*b%yGSJy!)JtJ zi~VDpUppwVmE9@Yp0W6d$x|oG!>M;HT_{3PTjhCc>=|@!4Pu#tw!iyXoxU^GtOTG0 z&7IvG`;?U9-JX)*_>orq;15x;&9%^f{bDfo57NkeD|PM##h=Yvg@&q z1pjTO#qC9ecgpNG)39D%Dd$3FE@}B#e}16u=NiZ_C6Js6hqTte$&GiRhgvZ10`7j= zB}(nIq2S?4T|Ggwh=I2UH@zX#_tR?_T|Mi%Vz~|bG z7J_+Y0LRPZfHW8EgKf+}Zb+b+MIwzcZlG2uJd1MmVYQXVWV#1W6gZVZD`gEd=l0gz z;~y?fWviIvQ1%mqtlk?g-Jm8LkDs|HgZLrDPtjC&j)23aP-` z=ZvrEn(M)w>5Toct?R{}DgF0Dc+=!|?>f%xMcKhzLuhKKW2Shwlprh@>4w@e?O zEnd>$RN55V3kNj-itO@IF8B6_C8Nkl{;hrfm5E z%|;8?A9Taol&*6%e*6AZEXhH<8D16=L&;z%V4hsqP_7cL;Q7p zyntWMbKrU>_!N54D4Jm-;3|$Q3%`KN7pqem9xH3mJ6@FG% z?Nbu9MiNZdGHOur<<)0w&%DHW5OWll* zozJ0{abnWdaUG6ID9&yAWbms_@E=IT7~I`XIa6e9pM&`vTS4pD^G?>CY;i2F5ZaeK zIWS3?LKlwAnCgnNvOV4M)DJVsv8SfUnq*^y2);CjAVrf~_T1h8qD+$t{USh(Q+J&3 zd7`pwSX@Sv?8t>IpAWV|8^;mUmjG3bNCLcpbxj0Q-F zaW;~Or1P>67VO)z3WVXl^;L3hkDRTe_87(h2}oVLRaa#XP$*g!#kWQM#gV2mL2O(k zTn`6Hr|}%OlGE?c+D}G?{|xZDBaf_7%)CO@wD-fv_xFS`)G2w*YzYavYTR$5v=`Vb zTI8bcWe;DY4vK^5)JW)faLr2Ld9xS~q;1!Nj3^kK^3)^;z~XYHARV~DV!`EfKjzFz zo|Cn;7CSBOMO^!<^MoWV#$E)E-(V1)&u@0e<3Mr`;X&X_H72k|%S6`jMT?a@-f`M< z87M%zO`$)(aUf2vY%|{LG&v%ozzF0v;9^I}w4!Sqq4C707kPH<+V~gUhbW{MBc0IY z;CDVo23?0B`un!Q$!(HQ4GzQVt+Z5ejBHEd?)7a1fPzlzrIsR}Q*CS#-8hulp)LDL zmoy@m^Fm_pqj|oc!kZK!oBeGyuBJ*Q^=RELqD9Jee`e6`>~XPHl$WD9^RpGX+eoDb z#=qIzkc3@@YAFq~nDmhP3;Q`xK*MeF6{6}lrSggfcLFNOJ8`)(FJQR`#3sJzRe+Bi zp=&pu3(uiU&O@t{VuejXAU)i4F=a!TJ7Q+3qqHnZo&Wwzfl{0)>0CPG7r+&nuw1Q1 z{P96M({}@?X-r#&A@FEbp7zj=e`V!RGOBem@u+=8cQci;GC4xJ7)LZN?@=Ak`FhS@ zaCMdp)W?4xBi}zZ4PL^)4WIV1AXblO_8ZYX`c`rAMl?)k6tKnR1K^BP5}Z##Bjn4j zb9<&JPu1lRjq-xZG@~jonFiE07%4P81)wWrmcaZT<~}(N((qZ~ic|EkJ-AG{RF!*^ zhI3&Gi}G$nlg8{9nB^eofDOdLdSbojC;4{Ecx&wcEuGF27~n>x+=q}wDIHs4ol?tP zu*5GWoQZJLKnHARC#gX_sz4%`Ej?W7&y@!SLqI;Tmj34XVCYZ=!xhWTiDA4}(%EcY zKvG0UZnNDIt1MU+n-dK+bZ;wQn~%H4pQ$kW35#_{=v{FkzHLzVq#sfU{^A~Ma3*0 zU38iQ){gHfVrtEC<3Ys(Ly+%?9eskcey7?QL-iJ#E#?urH>gx2Es+R%le#Jg-WfzB7I7OP^_&Yx_IfQh` zp3bYRQuh|QqfX+LH29Fq<>69&`X7}25<7X!bM_slOF7ogvMY<85inh7+5S;l(truFSrW zIp3mbzXl23Emp-|SukV|KUo#)nWtoE`4t-6)VlBQb~DpCXgkBVS!@!TI5;mAzugh= zz0EnS8CTjSD`GSrxrqwLL3%)*=Pr=CAn4WJ)JOKSB7!)V^9M5stnLEUmGrPF2CKng z?(g>cQYaxpz=J-PvW*gf{raD7EwCgzsXhnRUiU@>@I$LWfxrvSuhK;{1nPI(?2H`wbq!a~&4*>y5WIXox6Bo4f8lznQOX zxYgMj!4>=;O%tZsk6W%Z6F!ORlo1fX$DU9lnQ{QoQW&**u*Dk!p9S0HkC-!p0k`;uZ0Ua}ch^o?y_eIi#~`dzPVQfr_$l{epCJ2mG;KiP z%^E5lknVU|Zj(XQve$%gM6+CO(J?A~89Z%l{m{s1j)c5EDVyy^9%6&M@eJ2Q{geOD z+~)0w9Ny1he$Nk>p?RiUk0yaau6Y43_~v?LCU+J#q5a!7qr~^!poAI;Q!yHw|DK^dY+19ke0-K=FFLO>Z?LTG<)Jwj$!2sMukjQIKj|1Y)tG-7HDBwy zKVn^whUWnvfU#Y6xk*^&J9_x1Yr;TN@6FllZ zcz$DYAFu0Z3h!xa%vus5dOuA|8A@DWcB*q%>T^);@`<-S`O>>tcq>`N>n@{+APF_BHc>)aojs3f-Gv;cPaeKG_Vml(hc9Uwvn~bq?R)oMt;-pnget7?K%GwCRlEL=hMw5 z?5lhsu2Etj(tIX0599Xzl-&TlU;yCZ&pXV>i!nWR-`wuWLbd?O&KRrDKSq!1E99X2 zktYOv_h>pqei?DE{O2|Q+mGe3Zs$J#zT4nb9Cha59e-E4vf^Ed5z`v*a?+W}!U zxHj;(+KM>R96WmdnAsK*vg#{2Q?I^v=dvF7fkk!mKN^n0z_A z^QhDkJ^YE8?5YI& zXDq0mrwX#?o!`hq%^bTWbY_XTi4u!heJV&4@%{bTIh>@w}%c7-J20 z;?3*%w|!I$o(^kM|7qrJTDZ!>AeqQE6y50xs)(d~wiX)MZ@_$nVicbXu>ttBGXAO` zj)g{;fp0G_L)aK*_-rm`8X<9C<6xJw565S!S}aG{sVMyhT;;hYNkO5_(KFg9(JTA% z3C-zj4AWwFY=|$*RsWc|ecYE>0Sk4kw{{O@_f&1lCl=cW9=6HZ!eLO-UXw#Y< zv0)W{m7h8BUb(S!M#~|bF`{;)Z&Idl7OEQS)~(GpwtF2WwC~W@&l`%$N#Q%olqAwa*Ps2L2bO=SP#+e!w%cx4z%`R%9o1|?7xTWavk6DV05omaENx=nA`G8W&8T_E z+V)33vSsN{!3HJ@EH^->5(&6^lr8gn;0#;|E{0D0LiDUmXd9WrT$NHHk`JpKMG`GW zWvSo}y3G#b%wY%Vs;;mBU=oK#fpr6zq3-YrYgFMI&&lJJbQh8+{D*KmlpK@Ry)ni` zGrj>8G?Mqh-NJ^jC#*Nn4PyYHGgS@u6|i2kMQ8WR^T`=k%E_BcP2Yrn6r;mPqv|4x zB+>(I?z{<*@vi65G?W7cXMS~fAlo|xE72h)%4d(CtqEp8d+zI60r7yZ~BHBM`xBL}ffr0C- zzIWTgr=!TaR`$mSf&Y2l=nYimC*f@{kaV;*@^ zKt#D|mGzp_{Z3D1wE3LLtSw@|O%}(E>8>r~sBMd4I6Ak)Xa8nD9p^6VSKp%Xon+OQZCq#OGtQccdkYjA3jiK&F04z4 zBzNwyP4H;;?T1^s3K9C%sN1br4fE~5@^x+Eb-W?ubjTMTn4yK=FboO+`*Lj=V}Uc7 z+!elqUF%9yRQQ_+4RRDb6{=X?&gNmu+eV-yV>O)cj+2maG?Lf`G|`K9*wx*QAZl*3 z0s#ZWdlFL-@>C!LZ5RN)L1T$~byLD1jckibCju@fFMN7Vo_IEy%g86r1AmDoBhV6t ze1^V;RRzr43u`8lFaH&IDhjabsffl+#egy#2boiP?gVp~KGrikZ11S}Me*t<)@`z1 zVN#)9BGN(6wPQm)5BC<%bV=Bm(`cOH-+q=_C_3b@bj7d|f*%%RMFes^5yD27>OtG2 zu?bTqY_(9q>m%W3I=9`puPZy3UtQaox;qt=p=+GEL4zO1!j0d$?upI#m=f63Q_V+*B7~N=MMp*{ zUs`oBebE9hyB2a>Mj>9C(p3q9V5P+5In+KroI&6?bY`wsL~luy!U&51Fj_rI>~<#w z@BLCQZ^S$FsNF8c7?vi2#=_1vBvWX2hl7z5!6Le?pXEAl$sX?ez(cQhXS8x z>lLyQ;xb@_8a_}dncv*RIGxkGRBBN^JOz7TC5+F|Ox)wa4btXNjTAX&P?J(o1ZYD}W0lg2>RFDVqLLm>d#OESQBD06S1ymaj*TXlU*iQ< zflT~or4*BJbKTJe9h>GrU2Ti;edjrI{ntmyNhc*dWkjFM@QR$ON6~a}%T3wervUte zn2iB#g%5^wt;NWuJZ+Wx2rDIcUbD2`gM2X&=yq@Bb)5zZHcRI{AJx%k$g)Ue)$8B)Vpy;gR+8Cd!~E}f_1kdmP>DOwsJJZtXJuRYl#q*T$y%YAS|)21y!W__tXY;!OG3u_5)HExuq z$O9URLB(~W^$zs&q?B&3?`_Z^_wU1fpM&^5&{@sskvDR~T1y-XaPe}wm}Jthq~2Zu z3RSvc$LKLDa8(o%ceXdDHFX?@ya|ND1be&}d@(@Yb

~a$9vsOuR~ijXnt=y(<2_-})c#B8WRpEB zlc`~wVBaWWO7&oP8)abRM)F?Idf%iJz3{D6#MW`~n*qLP%eE9dpQ-faVSO_p5n zyNpcT&!19(p$!SI+IGmziPG*c?=2dQD_FA-c~Gpfe>lcqme7ByNU$f^&~=wsX@Y@h zjtUe++Br_#369|?`)+Fr|u|uBtPRb z*gZ;_uT6lBoE1<}=7NugY2w3YoPa-^zx*~xBvBX=7+wfK1hWbYZ#^fxLKtuBNpc4N-rwNS!HiZS~bLm|kb}N$GhxU5?ye{N|zh?LRy1Nnvp5 zx#Nte%Mnl~cQzQ6Ms>my5pWh=qkDF0or*Ro#Pj*I9RaEf&c@JHI|HtE%FVr}xE|au z%q!{d)~eF)0=1^0!g_IE5y~5fSqFOn-nO;!3?|%Z@{i0Kh`R;uoSwsDF>uyQ=7yl9 zb0hU9lbwPd*v)P+#&2coNph}4X+Rifk44fFNqmT@Z=z6kfd$K&ex`P`UH5_x_K~04 z!2OJ+6%A95bv$af$&X?e9?PtS-)U5zH!1$;OidB9D68%$7nt2Nmh))RUukdbu3Jpw z=9)-uDYN1*OD_5o`Yzxfx7?$~S>>^^5CO9D3@S}@+o=A#VG{OgMXPX3^f{y%(;_-0 zAW!6jN@wJx7ZJh`8djwdIg>lBdAtlCC5hoWq4_IX;FUB-Cz2O#y9`~MJbMn^^HzIg zG!4s`HrgQUB8HM?=DzS$+-_XH6aFi6OO&QfW6v2mi5NWQVg$sf5<3_xl3;K1GuQp( zwM#tsFQ_Ub{6{l~9brN9=K}mG$W4irnRj3Ee74}U(-PJ&M zm}nZ)2n&R-4*R42!OB;%50>2g*;TDtoQ@taLZT8st5%{80ID_`1e>kki2~&3YQ-0# zL`aCO1&bzs14aQdyTBxMjX?)M1^hB{E}RfHxuA0d=l=Q2(e}Xq(G4jZx;%t#Q-p;7O?hdLtpQ@ zgAPuvqW6>hbF$UG8ZzWr4Yaw}4isD8lubf$HT_I9G9Vymzz=EDYk{k|i=Q#-rpJXTHmopvfov*qK?$yR8=om#VJ zpEgXYPG50R8hl2TktTU^-dv3QjCT!g{V?NESAlM>$1Tc+7R>pw^DEqa^-NduSMyE0 zB^uWUp6&j&VJ{F&qRa67*!@Q5(Qb=9+pdjI@z8C!Bi*%Q(Dk~KZ-rfd3I@c^30lI~ z%1qch?)`Lrd`WDj^6a$7TVqs53NVpvOdgP;&RVi+k2NRePveSv_+O+hBogFL>ZM=C z2%24_b@kZWhTCWeRt>y_B;(rk^Eqj;Ue&R5dY$Np*{M_+`6xm$&T!4gpQ}?t5OVxxXu=Ej0SuNJrzc9#luvI#oqrMY<~dz7 z-ARHkkqCZzf9gTQ%zVdkY@X8_h}4F${B%3RhThHVEKT;;Go2Snvp zErNq6A#C2;mgLe%$W?D=lCOJl&iBR==m$lz|(YZl6!Bn1;fJ zH0-7@J!*&e!it`9u9H+T$dRQx&90N^W{<15T3mAA41fMqgGbCbZ%980p$U_uChuz+ ziO}|XDi*)JBTx)ft!)^%KMU5(=7+fPQUGkY+eX~yvVWzFo8}bQx^Z%yV_g#n!gZ7j zA8(@d5qI=0L7E?hpXdH1Rxwe?iznv|BzcX$eUPH7wnJ_l7oUr>)n%|;F>5UME#;Sn zQ-eA~`XhQ!#aF7&0O~1vGCv|0lV7lmGhR&ECes_@eMIe_LX~=lkE4Ex*@2`bi-F2Q z$|N~(1z)J6o)j+Zrv6go3nRdkZT{56)=nR1H8m|=rJNV_mLmI$kghW*)=~6Wj~#2- z)pu3L?2yAA^aY%loX(<4lh#n9c(d~Oq!zb_)NXU@W@5+^^0s()xaRhK+Mx>O3NF!` zE%y+HEBP5|pUSQZPf>B)!BlZXbY$Jo`-1FO7`dQR>WaY%EmoDxF9Kbs%k1sD1KRB9k!Q+G3tV z$yK};uaV)OIK!6w9~-uynaUT!G&C++-5EfI!f4Y7yRqOPOQ5STdy-Y}g&#H6_!pc> zBGZYx4Dz-UHnSw|;+FGDA&TFJYCm<*rTZ_lc@u_0L+%4jGKJu|*g^v}T+`~LLl;hJ zEkUmnc&EuXn{ngYzvFWu)!imn)lAyl!Y{vem&EJw;uQP$A)Z4+K&Obj4EP{Log_Jv z13yQa05;>Hmbb>;YdCdy3|<(rcg38lVKIyEGWf(0->!$f7m<__Uqgt2#3?3Am9UV` zz?aa-kbGAs%p$UA-l7=xa5LL7Av+;kS!o)L+(HXYRXii*D@VVKq$X()BM=vI`T|UD zwQ!qp2S8(sVuHk)b-1tg$Is8%a{l~myll3Jd51>{f-J)$9XiZ+_Ne^5fLF2osYVL( zT(D5W*#b~lvV4ctwh==A-Wz#|DJz~~_~Ic;*DWXQn7j!U2PoXu-i?FgbHH;oY@{Ur zkY~myyj)6{4W7lDLXV8uUJS_W)Azzu%WObbxc=QbeTG8{;G;11qD`wTon$${WFdqT zi8uNG=P2@idE!nE{mtt)+6p;&ZYi#P_Y$gxu76Hnd}g?RY|9B%tA_ziGmDIH{DpBP z#&O#D+4ZXXRGm2g!RrQF*g8;1nyo~%J4&026+e0*TvLF?jC<)k;Q}74!i7aqm;*_fxhdijN$CH_*<#vUN@)ylwBC+4mi}I zE_p)>unCuoOMhjOtNvW5P?E5jF!+fK+H_nW2e>@?WWFV)C%+v?yGWD|`BxGkD*Oi> zwP({FDGCpnr@F8#_74M+k1g^$s=3WeGxn7&bC(M{`Torv^iR%)MO8#dyZDp;22-|iPN}3ndxyaJE zEj4j|*E`A1hcb4fx#dPxDbm7iMtZq!Q+qjuy4j|z0nGWcFc{_Ff&)_s)A7pAiSo4* zBNL50i#mc%5X!#n%3El5)$M;SY|WSPrfkePwGbxlsmYS3NWKs_xw?KwunxV9 zZrGh9;NZFL_X0}G_wxEMn4a~tPDu(Q#3_syy;Mt%^Nh7l-)mpdF%M=EiU3m_IAcYi zga>VVxRiP3jgOmWP5uFhk9=5|DSQKd3T=N8;9`talvUAI_@FN$j33;lc6wVX1Ju#c zUnmLvsu6v)ek6%e#@Ofa+DYlNkZ} z&V%x=`0jjojQf^&$x9l#e;g>c!%u=toXpVT-8&KnMAFPLQGiJx?^L!aCNP@ALi|?e zm2SPd=xY&swXosS&ueFSxpRDK8BYs?eAE@r+bG8gS`e*;_78!o2GF9bcF*AdV_50A zdT$+gkF`c|{NyBHT1=0Vk) zboykJl~{_)EUk&&^Ac6A~2@^54$FWfazt_{r$E^NBo9S62enlCI(Oh7sJL%7O1LU%={m>J46%Zb|%;+Y|;_{yB5 z1s8V-aAsqd0X&fEUzu-wAgTtqVhNjufjG9-!n}k-wd;4j2O1C&-~m#BO_^(?HWu>r~+k$z-H+&G4+$^l07gd@Kl<^A3C{L&=0QFxw4V162zR$|lfv zFWRWY5Les_P*&C+HgF`9n7;?rm*?Fy2kmAo?U`i(Oiot(Mo3mQdXHD3A2&*$H|lXC{L(lQ+Ugx+kqBug5So?%JomD_rGH zJIwc=rmuKqr7Nbp?rgXZdfT9V%AFVEujS>##w&jh$8PM!M6EYlvu~z7oNJtU7jrOm zRN@hFxcCS`fc=o|0X`VP=eR3+siH%J%TH&xTA&egqqP9YK)1pu&_&V~x8lrPnwa5y zBxN;rmR(Iy1hR0oT-|U7JP_gV%&&OUhM{ia6Y!J1PO+h>AC*bw9%q1F6)NITjVk6{ z3b2!lp*?^)T=@IhR$l?c?OKfOjP+P}nh84?g<-N?>U0}@kh5fU?Ts33p$$7vlCSP_ zJ$Qb>yJFu4gp}Kvkw9gBooYb4v|B!eQAqEMqAD{SYBWTV&q%>kA6G;0v?V22HsGnP z?M8-vzq!!H$K;P@q*wAsZ*M*7qt6p}Zn@!O8uEA!rsZbbFi}k`FjNUH3ut82?$f*r z4)V1*;{fszhH_umVQd0jp~kp4&xdBbDDO=2FsP>~{r2_~e7UGI!mE8)C%oYrS&!t7 z*m-tRJ5SD(G-Yq_pZFHLiVlLsr3Eb;?ij*+WY9k}S~5AQ*&im0LmG3=FNFYM{Rm)m zoX3c?N-Mx}FItfvN^Cb@n}}!9aQ{&AXsb}i$t{wk;y4}4BEUhUMLDu*{5=V4Km z*G*g{2YgQ~Z zZB|X5WSGL|HkYS{*NZW-wv7vjMJ@3q32G8TF*&!ebc_*$`5C)NIW@T2M@g zBYM!1q0t{SRxd4;u3$)QJSf7oIK1Gr(T^< z0IMs7TuQq21gXxc09;URTIp38>Of(_aFQO{nzyMOM;EUgOo;T-W6b|=gv$&&eRGQa zYdN`-Ux-lp=uLnv!s}-b@U8oJQ5StA-xOAd3%><1kD^S;?y`oD?&9mlf7fWULl0?R z?gHmkz$k13_#xG}a~PZ^y9Zd)y{QPiT2m)hU8pQ75b%Upo;bR@M_&yj_U zyq!7tvrnHRV-ECT?aX>=*HfFd_efMj&bu#HP8skbg=}yDGEvH)E}#iCkTdq7Vz$uFy(sux24epUI{I%dmOevuy9RZC3qq#z!+i-N$=r;`%4 z2Drv{H!4EXcCGKB@wZUM;S(URet8wBECY*|OMl1*7t}#|usw~wX&gDzwbx0BrEwzi zyUqkY#MK*)Ltcb8S=Wf+Q>#2g^wqis0*#5?;O9V z8OJj`o&hB;*b{YEFCLUkHF;LX9+a@;xi8s(j4Zh%ecG09Qo<@a3BM>BidoJ zugPSnkSK;E>y(mlK7P{5{YXP(+dz$h7=x9^?|BXW{XCh1MOup8jyj7;L z$gr+N-xH`vM%tsjW2HTewktU2KobhV9=^gDIu4yepIUf{=Wqm4aLoBhFa{C z&5ox4$p?q;9AQ8xa$q=A99n@;x8Q8PSR=+@J)1%|B122JLrb_!CoF<5|tr822NT z3-HFv^3B>5c@r4fbOiY{*!n4T#^tOU57G_=W7SN-ti{RP4#ZTodg%{OFNul2&o>JN zW6m9h8*3=(FFMNs)5o{ z4x&?2&LD!s`vYZ3s)!ki1DrQT7)G)NL!>wu<_wdU|FvJ}a|UTf z5{(js4Y6svDAfd0tNg z^o4ira~hg1WHT)NH*HUKZUm`QAzLmrDE?vJwFwWrbM-@W!{P>fWv+O> z^Ds^vS*skd;`$aWO|o&4!jSu5B?_2DO+gcq#TRB@g>wi}1thwIFELG4$56Bnb&&ct z+21hx%TWWgx=yvDII{%8i1S+oY6o>p zWnshNVNoJ~7v*a0xZSakYo^nRxA?Vv>}&KqfYeMPf$`Gjf61tVGZ(lu*M6vyZObFMV)#wEY2 zTr`?0omCt73eOa!AI@0a*a(XguUsD$16i!(KSRd4TEB@l0Eb2QC-89@KKX2u-%Rf) z&y1yFYva8T#LOJB-Q%<0L=U_+Zy!)T#vs*~typq0EP`!&Nyx)N(Xg4ZHAM~y?D6Hd=+*{Dj^Tr@Jcv(P)Q0A1Nt|`6)zE?#CFD6WOMJlk5l;lS2)j7i3+Iq0X)=Ty~n=_AB+`Gf9&ec zR~0uew_(0JnB1~qk3*hwf_X_yPDF<2Xh+5_M=2OAXh&7ntxqJSc4~&lBxeEn?zw45 z_qPAF9Wiv!OAc9dj!IkhPfp&`C63l0<|c?*&?W$aK>f4?DpKTG>G1Az%~_FwM4CP% z%+4T$bXb8h-a*)2x`!QtjkAP0J(yM@%I{IH61-V+Hd;62YnEGQpiNMn_E{f)mb+ai zA28Yp_pd1dBu9(8sEIrVa{}@8g>N)+!a&bvxuscPv># z7pXziEQrRkSTjVeW@!W=g($g9i)$yq zY$!qB@HmG=^|mEoJ;=5&J#cdqU3w>PYO%O_B8%#gBlYsV=5uOAkN$PYA*e&j^fx=- zf9kuEhmLK>d@z)0E7l&a4{z7cXu&z7(;H!;xkr_A@N>tYfreGq9NQ9#H2mKSPi@rO zv9MMUM;CIY&iKdVMVqI@_u(5xalUXkctu zPAD}jP#p>+3d?aqyTn-jwKTd*|Jb8Scw9ce9R@W}b@`g-AN9t8>tg&imd73+!lh@u zr35Pg{c-PjgE*UF)7NWH597u$kk4tt*=8VXDrG#8E-zl7T+E^B`Kz60ZYH!|rC*&;X0ln&L0xGZ_?dwkHPf zH&>mf6wveimPd@ybtepK4l3n(@3xH#2Ai+{PL4H4hE+tljg=WNN`M+-aF1pYnH1p{ zE!ebmDCa4|e3ZXeUdZ)JD!~u};?lzwMKeL^<1W916FGJ{psiCok1(9EaiO@t6#N`c zbrjssbK z6|NFtwAhy-lBCBgxna4Sqaxs5+6gKV0f_x;Y1eM>qZvi9*QTizV0uENq<*_BK3c3j z7OVYKYkBnDd13!YCYolK$zRXjz6OUqv;nmFcIPjM?1nVV!mOWPHKJ5f@eh1rN+zov z@9fk)3|*ed}q>uhDFheV~mqueF}JoUZBdA$<)TdF4#TU9p1-W%pn+55OlBwIUXZ?n;mFyd)+-=$MDG|k zx?0G4cvyVu_gV$7w(YL94(j;6XlLusQukSy@N*-oE+2n#xO&U?UW)DdGXO|{iAPwu zpZhRc0&LR_5@QcCUZ@Ufw;y6(DUv>z$`yBfSuXZ9N`-3s7{)&3NY`Vq`zwpl>diC; z=+cy_^6$c_P$5Tk6W_r(UGcI3X*Xyf^47qLYbBDMTTw^rBmj8qubEWI!nD`P!Pg@v zvT~~8$4C<^SnOw7_=e!0NN7*{9^3P@>8iGES)uQAd```7qv(I!2McMI4fZ-m<94> zX{fkRlStGZ%Fp-{hd+7}K`oMZ{)&NsFHhoW)kF>P@gk)A@wEh%-;~p$|NeI(jS~eK zMLX@jgs$=rcg#1P$iho`-NPb3vThO1U;}1$OOeilHR6bDJB=N-dkdtQpYiAhK#*BC z@zK0Y7(}PL98$`-Z50H>2Z=UIg0Tl#7SCQc;7`=Vj&p%3@`!o0K&x-VGg1(eaWM%l%W2fNL zq8Ta1-a+|xUk!bm{xPLtWY7(rkyr0?*v&Xq2o2l4!qHue?fz;s7mYbgQT1TWO(cWO z17wFD3?xT7Qga1vF`u{rh=cob=-bw`Po~y>wB4#~rZ2lDGQcCYWi07H=Sh@}-G(Jh z6cYim}%XDrExevX*?dp&Ke^&)cn)GP<3PMr0d)!>VB(9J(?n_CP3vYZMMW^vHyX~r?%NW*m-Rcjr_X1nbL)$Y(B&dLKz`b}{ zVHr#tco{1c34jt*fXs`qSK~6Q#YpcTYV96=jSdZP_B+LKhn@ovtR{#rrK_|6&ew~e z>t-12%?rnI>6Ko`sfamVQJ&e%RG^XFI2)*DXMO4i&x1e?fO{Ugm_!7IfXz{?u?I(C z@Cdj&sgoB9%h_kw4f0<_X-Qq7e(oUVy#k=3ou-}GM?;*G-M?JH6_=_7Y;{Gi zZ8lg$kqcNu0WA1Fp^aN|jMs+)DG_aGK*n9!Jblo}FqM0k+ z1p~Grz%YW9@pHD=X^$o1h_S+22NBPkyk}im8f0E>^f$u_W|y3eI{zs$v!O>~2M*Ii zw3Z|ubT|bQo?tBL!67X&%A$rks;-%-F<*MOo=2UCA$KOW=-FhRqrq0asF+F9)FGphs!$m-V6Vx!uN1A6}`(Z$E8k~Oe{uL8^` zX?rQ@Yu_#dJxhj+Oj#Y}b$fjtXa0ki+cPoo@&`#kFv%8sI#7-AZU8h{L`Ms`*NTr4 z$~FPmN~&508JJ65o!=4I-RX7j%8;D0Nc>{G03>v*LQPVw1~(qo{$>J)i<}k)Xk$Yr m$2FH{@Lf_2iYI_RWFyY8)c}F~G|FDD{9+_5ku;dqdIqwsLEQ`h